learning
/
linux-command
mirror of https://github.com/jaywcjlove/linux-command.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
linux-command/c/sudo.html

375 lines
91 KiB
HTML
Raw Blame History

This file contains ambiguous Unicode characters

This file contains Unicode characters that might be confused with other characters. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.

<!DOCTYPE html>
<html lang="zh-CN">
<head>
<meta charset="UTF-8">
<meta name="renderer" content="webkit">
<meta http-equiv="X-UA-Compatible" content="IE=edge, chrome=1">
<meta name="viewport" content="width=device-width, initial-scale=1, maximum-scale=1, user-scalable=no"/>
<meta name="description" content="sudo:以其他身份来执行命令 - 最专业的Linux命令大全内容包含Linux命令手册、详解、学习值得收藏的Linux命令速查手册。">
<meta name="keywords" content="Linux,Command,命令大全,Linux命令手册,sudo,以其他身份来执行命令">
<title>sudo 命令Linux sudo 命令详解:以其他身份来执行命令 - Linux 命令搜索引擎</title>
<link rel="shortcut icon" href="../img/favicon.ico">
<link rel="stylesheet" type="text/css" href="../css/index.css?v=1749035196942">
<script src="../js/dark-mode.min.js"></script>
<script type="module" src="../js/github-corners.js"></script>
</head>
<body>
<dark-mode permanent dark="Dark" light="Light" style="position: fixed;left: 10px;top: 8px; z-index: 999;"></dark-mode>
<github-corners target="__blank" z-index="999" position="fixed" href="https://github.com/jaywcjlove/linux-command"></github-corners>
<div class="header header_list">
<div class="header_inner">
<div class="logo">
<a href="/">
<svg width="183px" height="48px" viewBox="0 0 183 48" version="1.1" xmlns="http://www.w3.org/2000/svg" xmlns:xlink="http://www.w3.org/1999/xlink"> <!-- kenny wang <wowohoo@qq.com> https://github.com/jaywcjlove --> <title>logo</title> <desc>Linux Command Logo. https://github.com/jaywcjlove</desc><g stroke="none" stroke-width="1" fill="none" fill-rule="evenodd"> <g transform="translate(-576.000000, -261.000000)" fill="currentColor"> <g id="logo" transform="translate(576.000000, 261.000000)"> <path d="M20.4917792,0.000336524232 C20.1886146,-0.000100520225 19.8723998,0.0124863601 19.542641,0.0387964365 C11.2083649,0.710004944 13.4186692,9.51473754 13.2949769,12.4631618 C13.1427718,14.6193207 12.7056049,16.3185233 11.2226825,18.426428 C9.48047033,20.4982285 7.02763261,23.8514609 5.86566251,27.3420607 C5.3172635,28.9894735 5.05630425,30.6686289 5.29730805,32.2578406 C5.22181299,32.325447 5.14994103,32.3962788 5.08160039,32.469239 C4.57008792,33.0153217 4.19213625,33.6769851 3.77100458,34.1224689 C3.37755968,34.5149436 2.81698897,34.6642292 2.20097918,34.8852382 C1.58472464,35.1063477 0.908127379,35.4323261 0.497432332,36.2204265 C0.497432332,36.2204265 0.497432332,36.2207368 0.49712203,36.2207368 C0.496684986,36.222048 0.495373852,36.2233591 0.494936808,36.2246702 L0.494936808,36.2246702 C0.123151829,36.919077 0.233680372,37.718746 0.347224522,38.4596325 C0.460773043,39.2004972 0.575720105,39.9005856 0.423139144,40.3755699 C-0.0645762474,41.7086473 -0.126850712,42.6307542 0.216491414,43.2996202 C0.560563403,43.9698759 1.2680029,44.2657113 2.06756262,44.432706 C3.66668644,44.7666954 5.83232039,44.6837094 7.53908826,45.5883128 L7.68579097,45.3115063 L7.54060917,45.5891344 C9.36778716,46.5444437 11.2201913,46.8837519 12.698079,46.5461831 C13.7695766,46.3014513 14.6393781,45.6634363 15.0860725,44.6816946 C16.2420201,44.6760567 17.5104717,44.1864315 19.5423657,44.0745568 C20.9208039,43.9635213 22.6427241,44.564051 24.6233484,44.4540775 C24.6751207,44.6689591 24.750052,44.8756375 24.8526175,45.0720452 C24.8539287,45.0742305 24.8548028,45.0759786 24.8556769,45.0780328 C25.6234722,46.6133699 27.0500902,47.3156173 28.570428,47.1956355 C30.0927718,47.075492 31.711331,46.1778551 33.0196848,44.6208231 L32.7798304,44.4192582 L33.0215204,44.618616 C34.2685787,43.1065034 36.3384911,42.4794975 37.7110118,41.6516741 C38.3972721,41.2377581 38.9541192,40.7194802 38.9971462,39.966706 C39.0401514,39.2142991 38.5984218,38.3711223 37.5826868,37.2436088 L37.5823765,37.2432985 C37.5820662,37.2428614 37.5815024,37.2424244 37.5810654,37.2415503 C37.2473295,36.8644028 37.0881185,36.1654026 36.91702,35.4210285 C36.7460395,34.6771089 36.5551865,33.8746254 35.9444344,33.3545687 L35.9444344,33.3545687 C35.9431233,33.3532575 35.9418121,33.3523835 35.940938,33.3515094 L35.940938,33.3515094 C35.6978714,33.1397045 35.4452772,32.9959518 35.1909042,32.8993694 C36.0400422,30.3810493 35.7068789,27.8734149 34.8497254,25.6073831 C33.7977638,22.8263338 31.9611937,20.4030752 30.5585738,18.7453569 C28.9885703,16.7650385 27.4529665,14.8848863 27.4832187,12.1079627 C27.5299825,7.86977213 27.9494053,0.0101787654 20.4914689,0 L20.4917792,0.000336524232 Z M21.5014393,6.5296802 C21.9246338,6.5296802 22.2860696,6.65372652 22.6573476,6.92320377 C23.0345213,7.1969553 23.3062494,7.53965497 23.5252523,8.01821865 C23.7401952,8.48461502 23.843613,8.94086321 23.8537568,9.48229573 C23.8537568,9.49649968 23.8537568,9.50864951 23.8576902,9.52285346 C23.8616236,10.0784681 23.7664397,10.5509481 23.5555483,11.0335676 C23.4352081,11.3089536 23.2970146,11.540089 23.1316064,11.7401941 C23.0754506,11.7132285 23.0171357,11.6873118 22.9566488,11.6624396 L22.9566488,11.6624396 C22.5373789,11.4828667 22.2157491,11.3685884 21.9476879,11.2755722 C22.044856,11.158772 22.1257661,11.0202464 22.1969169,10.8470719 C22.3043949,10.5854877 22.3571155,10.3299784 22.367255,10.025813 C22.367255,10.0136631 22.3711884,10.00348 22.3711884,9.98931975 C22.3772633,9.69732161 22.3387597,9.44789596 22.2535753,9.19239103 C22.1643483,8.92472316 22.0507955,8.73208707 21.886541,8.57188842 C21.722291,8.41168541 21.5580366,8.33869024 21.361336,8.33260221 C21.3521143,8.33216517 21.3429364,8.33216517 21.3338459,8.33216517 C21.1488275,8.33260221 20.9881699,8.39616596 20.8219532,8.53532529 C20.6475593,8.6813331 20.5177834,8.86788115 20.4103054,9.12744186 C20.3028318,9.38699819 20.2501067,9.64452664 20.239976,9.95073309 C20.2377908,9.96288293 20.2377908,9.97306607 20.2377908,9.9852159 C20.2342945,10.1535261 20.2449584,10.307711 20.2709188,10.4574381 C19.8923378,10.2687966 19.535574,10.1401875 19.2007499,10.0604924 C19.181651,9.91570835 19.1706375,9.76629596 19.1670975,9.61007442 L19.1670975,9.56750629 C19.1610225,9.01391519 19.2522643,8.53941165 19.4651836,8.05679657 C19.6781029,7.57417712 19.9417194,7.2274173 20.3128051,6.94555422 C20.6838952,6.66369114 21.0488973,6.53391079 21.4808239,6.52985938 L21.5010154,6.52985938 L21.5014393,6.5296802 Z M15.7091362,6.98827969 C15.9898804,6.98871673 16.2410892,7.0827381 16.5009296,7.29023807 C16.7828014,7.51531597 16.9957164,7.80326271 17.1741616,8.20882685 C17.3526112,8.614391 17.4479175,9.01995077 17.4742757,9.49851445 L17.4742757,9.50244785 C17.4870374,9.70344023 17.485464,9.89263677 17.469643,10.0758677 C17.4141165,10.091645 17.3597045,10.1087334 17.3064069,10.1270762 C17.0036968,10.2312719 16.7369205,10.373272 16.5044085,10.5268101 C16.5271785,10.366205 16.5305437,10.2032486 16.5131057,10.0215605 C16.5109204,10.0114211 16.5109204,10.0032921 16.5109204,9.99319633 C16.4865771,9.75189098 16.435893,9.54911109 16.3507218,9.34429895 C16.2594713,9.131384 16.1580813,8.98132478 16.0242452,8.86573527 C15.9029566,8.76098882 15.7883592,8.71289208 15.6622806,8.71384046 C15.6492567,8.71384046 15.636058,8.71427751 15.6227281,8.71558864 C15.4807804,8.72773848 15.3631674,8.79669098 15.251638,8.93255936 C15.1401086,9.068419 15.0671091,9.23672919 15.0143884,9.4597792 C14.9616634,9.68284232 14.9474682,9.90184967 14.9697706,10.1532945 C14.9697706,10.1634339 14.9719558,10.1715629 14.9719558,10.1816586 C14.9962992,10.4249963 15.0449553,10.6277718 15.1321501,10.8325883 C15.2213771,11.0434797 15.3247905,11.1935346 15.4586266,11.3091153 C15.481047,11.3284764 15.5032139,11.3458708 15.525289,11.361399 C15.3860816,11.468536 15.3196072,11.5179308 15.2055298,11.6017559 C15.1323642,11.6554425 15.0452263,11.7193646 14.94395,11.7940162 C14.7230765,11.5871106 14.5507673,11.3270648 14.4001137,10.984671 C14.2216641,10.5791112 14.1263578,10.1735471 14.0979674,9.69498342 L14.0979674,9.69105002 C14.0716136,9.21249508 14.1182463,8.8008429 14.2500545,8.37500864 C14.3818627,7.94916563 14.5582845,7.6409444 14.813785,7.38745861 C15.06929,7.13399031 15.3268184,7.00623784 15.6370763,6.99001912 C15.6613322,6.98870799 15.6853347,6.98827095 15.709123,6.98827095 L15.7091362,6.98827969 Z M18.3434478,10.3083666 C18.9959552,10.3057443 19.7811624,10.5197693 20.731756,11.1309629 C21.3156605,11.5106715 21.7700031,11.5424053 22.8162176,11.9904939 L22.8175288,11.9909309 L22.8188399,11.991368 C23.322219,12.1979021 23.6176741,12.4671083 23.7620255,12.7505841 C23.906377,13.034073 23.9099039,13.3414857 23.7890786,13.6648724 C23.5474411,14.3116676 22.7761407,14.9923468 21.6937826,15.3303395 L21.6929085,15.3307766 L21.6920344,15.3312136 C21.1642857,15.5026793 20.7040867,15.8813302 20.1615484,16.1915706 C19.6190277,16.5017979 19.00512,16.7520102 18.1703739,16.7037212 C18.1703739,16.7037168 18.1703739,16.7037212 18.1703739,16.7037212 C17.4597396,16.6622893 17.0349499,16.4210539 16.650849,16.1123607 C16.2667437,15.8036631 15.9320245,15.4158517 15.4418966,15.1280491 L15.4405854,15.1271751 L15.4392743,15.126301 C14.6497885,14.6800742 14.2187709,14.163964 14.0834969,13.7165354 C13.9482185,13.2691068 14.075193,12.8871911 14.4668766,12.5936327 C14.9072645,12.2635986 15.2131825,12.0390976 15.4169632,11.8895453 C15.6194022,11.7409983 15.703625,11.685297 15.7680935,11.623394 C15.7684038,11.622957 15.7685305,11.622957 15.7689675,11.6225199 L15.7692735,11.6220829 C16.1001729,11.3088706 16.6276463,10.738226 17.4227569,10.4645313 C17.696421,10.3703264 18.001784,10.3095466 18.3435746,10.3081961 L18.3434478,10.3083666 Z M22.9062619,13.0069369 C22.6246829,13.0237631 22.3297828,13.1687002 21.9864013,13.3604054 C21.6430199,13.5521105 21.256878,13.7973406 20.8384079,14.0388338 C20.0014721,14.5218204 19.038047,14.9837283 18.0805918,14.9837283 C17.1216551,14.9837283 16.3555118,14.5408493 15.7808726,14.0854752 C15.4935509,13.8577838 15.2564149,13.6284404 15.0669561,13.4510265 C14.9722311,13.3623109 14.8900799,13.2867065 14.8134179,13.2276487 C14.7367734,13.1685909 14.6743853,13.1100357 14.5461303,13.1100357 L14.5400116,13.3795435 C14.5308337,13.4697233 14.5213935,13.4669437 14.5251084,13.4693999 C14.5310959,13.4733333 14.5608587,13.4835601 14.5955731,13.5103509 C14.6519344,13.5537495 14.7301609,13.6245375 14.8230067,13.7114832 C15.0086981,13.8853788 15.2554403,14.124464 15.5592255,14.3652012 C16.166796,14.8466668 17.0117515,15.3406363 18.0806093,15.3406363 C19.1509618,15.3406363 20.1636375,14.8403471 21.016875,14.3479598 C21.4434872,14.1017639 21.8309534,13.8560094 22.1604324,13.6720705 C22.4898897,13.4881185 22.7670895,13.3727781 22.9275766,13.3632068 L22.9062925,13.00695 L22.9062619,13.0069369 Z M23.8576858,14.2878093 C24.5685911,17.0901733 26.2220701,21.1378562 27.2848005,23.113201 C27.8496849,24.1612205 28.9735097,26.3878921 29.4590574,29.0706371 C29.7667148,29.0611969 30.1054855,29.1059065 30.4682673,29.1987042 C31.7377591,25.907589 29.3917525,22.3626165 28.3189832,21.375368 C27.8858722,20.9551061 27.8650557,20.7668098 28.0797669,20.7757081 C29.2436775,21.8049915 30.7716374,23.8752142 31.3275492,26.211938 C31.581035,27.2774436 31.6350799,28.3975886 31.3630809,29.5030663 C31.4961478,29.5583437 31.6312951,29.6184504 31.7682604,29.683286 C33.806037,30.6755779 34.5596721,31.5384567 34.1973186,32.716121 C34.0779748,32.7117506 33.960576,32.7126247 33.8460659,32.7152469 C33.8354021,32.7155572 33.8247819,32.715684 33.814118,32.716121 C34.1092104,31.7826203 33.4554837,31.0941179 31.7135031,30.305952 C29.9067264,29.5110511 28.4669839,29.5901387 28.2236507,31.2022427 C28.2080919,31.2867016 28.1955487,31.3727644 28.1860212,31.460029 C28.05104,31.506902 27.9153158,31.5667509 27.7792552,31.6412014 C26.9308557,32.1054213 26.4677896,32.9477371 26.2102393,33.9808403 C25.9529032,35.0131131 25.8791213,36.2610673 25.8081016,37.6639101 L25.8081016,37.6647842 C25.7647031,38.3701826 25.4746935,39.3242507 25.1805582,40.3347805 C22.2207839,42.446033 18.1128938,43.3607409 14.6251435,40.9805006 C14.3887768,40.6065916 14.1176344,40.2361221 13.8385378,39.8707355 C13.6603154,39.6373843 13.4772332,39.4054841 13.2952172,39.1768225 C13.6532528,39.1768225 13.9575843,39.1184771 14.2035442,39.0069433 C14.5094142,38.8682516 14.724322,38.6454901 14.8306462,38.3594969 C15.0432858,37.7875325 14.8297721,36.9806654 14.1489836,36.0592664 C13.4682956,35.137933 12.3154554,34.0981212 10.6214273,33.0592009 C10.6214273,33.0592009 10.621117,33.0592009 10.621117,33.0588906 C9.37658486,32.2846183 8.68057408,31.3355981 8.3547924,30.3051959 C8.02898013,29.2747018 8.07466439,28.1604089 8.32577265,27.0602631 C8.80774091,24.9485692 10.0461107,22.8947793 10.8362565,21.605909 C11.0489879,21.4493815 10.9122629,21.8964561 10.0363515,23.5230089 C9.25134103,25.0101357 7.78376323,28.4420972 9.79314068,31.1210705 C9.84684033,29.2145776 10.3021401,27.2701931 11.0664741,25.45145 C12.1797968,22.9278068 14.5084483,18.5514927 14.6933968,15.0635108 C14.7887555,15.1327561 15.1164383,15.3538525 15.2624505,15.4368866 C15.2627608,15.4373237 15.2628875,15.4373237 15.2633246,15.4373237 C15.6905181,15.6888908 16.0113611,16.0566244 16.426903,16.3905832 C16.8432709,16.7252019 17.3634237,17.0142238 18.149269,17.0600129 L18.149269,17.0600129 C19.066516,17.113092 19.7655905,16.8289912 20.3383504,16.5014745 C20.9102449,16.1744603 21.3671137,15.8125482 21.7999582,15.6712779 C21.8003952,15.6708409 21.8012693,15.6708409 21.8017063,15.6708409 C22.7163355,15.3848215 23.44356,14.8785842 23.857393,14.2881327 L23.8576858,14.2878093 Z M29.6669682,30.3312962 C30.0374289,30.329548 30.4861993,30.4530917 30.9774372,30.6728508 C32.2995623,31.2832227 32.713238,31.8063999 32.3522873,32.5749338 C32.0481219,33.1548918 30.7462669,34.0775407 29.8540319,33.8342075 C28.9435503,33.5989814 28.4994564,32.2869871 28.6474877,31.2953987 C28.7267763,30.6220356 29.1076387,30.3339097 29.6669682,30.3312962 L29.6669682,30.3312962 Z M28.1710786,32.1433306 C28.2458176,33.3559191 28.8457529,34.5926195 29.9067526,34.8602742 C31.0678224,35.1661922 32.7418469,34.16998 33.4486352,33.3574182 C33.5895689,33.3517803 33.7273516,33.3448313 33.8611658,33.3416409 C34.4811527,33.3266503 35.001157,33.3620509 35.5324588,33.8267253 L35.534207,33.8284735 L35.5359552,33.8302216 C35.9442465,34.1761336 36.1383204,34.8298385 36.3066481,35.5621545 C36.4749627,36.294475 36.6095636,37.0920505 37.11435,37.6602345 L37.115224,37.6611086 L37.1156611,37.6619827 C38.0861227,38.7388952 38.3980544,39.4668146 38.3715083,39.931406 C38.344936,40.3960279 38.008556,40.7409347 37.3873891,41.1155867 C36.1455928,41.864576 33.9453056,42.5158727 32.5399192,44.2181871 C31.3196037,45.6704378 29.8315635,46.4680352 28.5210638,46.5714617 C27.2105642,46.6748883 26.0799127,46.1309646 25.4133237,44.793071 L25.4115756,44.7900117 L25.4098274,44.7869524 C24.9962959,44.0002986 25.1685614,42.758852 25.5169207,41.4493706 C25.8652845,40.1398937 26.3657922,38.7953264 26.4327911,37.7024923 L26.4327911,37.7007442 L26.4327911,37.698996 C26.5036666,36.2987755 26.5820418,35.0759688 26.8172504,34.1324728 C27.0524633,33.1889769 27.4228236,32.5499829 28.0790545,32.1909116 C28.109604,32.1742165 28.139948,32.1584392 28.1701128,32.1435097 L28.1710786,32.1433306 Z M6.86074718,32.2348346 C6.95869322,32.2351449 7.06234705,32.2434006 7.17277507,32.2601394 C7.91559769,32.3726653 8.5633675,32.8920358 9.18746261,33.7385341 C9.8115621,34.5850455 10.3922762,35.7405823 10.9892352,37.0223812 L10.9901093,37.0241294 L10.9905463,37.0258776 C11.4702594,38.0271115 12.4825418,39.128044 13.3403902,40.2511564 C14.1982341,41.3742689 14.8621527,42.5016163 14.7756966,43.3644732 L14.7753863,43.3684066 L14.775076,43.37234 C14.6632363,44.843978 13.8330966,45.6451198 12.5587449,45.9361914 C11.2847734,46.2271625 9.55771794,45.9379396 7.83269472,45.035587 L7.83094655,45.035587 C5.9224477,44.0247687 3.65205856,44.1251622 2.19566909,43.8209924 C1.46727769,43.6688572 0.99200058,43.44013 0.773862951,43.0151698 C0.55571221,42.5902315 0.550839164,41.8488511 1.01440785,40.5847437 L1.01659307,40.5791059 L1.01834125,40.573468 C1.24759292,39.8663213 1.07793226,39.0925822 0.96663015,38.3663367 C0.855328038,37.6400911 0.800894151,36.9795116 1.04888192,36.5190765 L1.05019305,36.5168913 L1.05150418,36.514706 C1.36900824,35.9026821 1.83472718,35.683902 2.41273159,35.4765375 C2.990736,35.2691556 3.67612223,35.1062953 4.21734934,34.5638925 L4.21997161,34.5612703 L4.22259387,34.558648 C4.72293985,34.0308163 5.09877623,33.3691834 5.53863963,32.8995879 C5.90977341,32.5033678 6.28118253,32.2407652 6.84099715,32.2368755 L6.86053303,32.2368755 L6.86074718,32.2348346 Z"></path> <path d="M58.5014648,40 L58.5014648,6.7578125 L65.4194336,6.7578125 L65.4194336,35.2832031 L80.4008789,35.2832031 L80.4008789,40 L58.5014648,40 L58.5014648,40 L58.5014648,40 Z M86.2524414,40 L86.2524414,15.3378906 L92.9008789,15.3378906 L92.9008789,40 L86.2524414,40 L86.2524414,40 L86.2524414,40 Z M86.2524414,11.1826172 L86.2524414,5.63476562 L92.9008789,5.63476562 L92.9008789,11.1826172 L86.2524414,11.1826172 L86.2524414,11.1826172 L86.2524414,11.1826172 Z M100.211426,40 L100.211426,15.3378906 L106.859863,15.3378906 L106.859863,19.9873047 C109.031098,16.513329 111.8312,14.7763672 115.260254,14.7763672 C117.461437,14.7763672 119.198399,15.4726493 120.471191,16.8652344 C121.743984,18.2578195 122.380371,20.1594932 122.380371,22.5703125 L122.380371,40 L115.731934,40 L115.731934,24.2099609 C115.731934,21.4098167 114.803557,20.0097656 112.946777,20.0097656 C110.835439,20.0097656 108.806488,21.4996596 106.859863,24.4794922 L106.859863,40 L100.211426,40 L100.211426,40 L100.211426,40 Z M145.672363,40 L145.672363,35.3505859 C143.516102,38.8245616 140.716,40.5615234 137.271973,40.5615234 C135.07079,40.5615234 133.333828,39.8652413 132.061035,38.4726562 C130.788242,37.0800712 130.151855,35.1783975 130.151855,32.7675781 L130.151855,15.3378906 L136.800293,15.3378906 L136.800293,31.1279297 C136.800293,33.9280739 137.736156,35.328125 139.60791,35.328125 C141.704275,35.328125 143.725739,33.838231 145.672363,30.8583984 L145.672363,15.3378906 L152.320801,15.3378906 L152.320801,40 L145.672363,40 L145.672363,40 L145.672363,40 Z M158.003418,40 L166.471191,27.6240234 L158.362793,15.3378906 L165.932129,15.3378906 L171.23291,23.1542969 L176.309082,15.3378906 L181.699707,15.3378906 L173.973145,27.4443359 L182.26123,40 L174.691895,40 L169.166504,31.8466797 L163.506348,40 L158.003418,40 L158.003418,40 L158.003418,40 Z"></path> </g> </g> </g> </svg>
</a>
</div>
<div class="search">
<ul class="search-list" id="result">
<!-- <li><a href="#"><strong>find</strong> - 指定目录下查找文件。</a></li> -->
</ul>
<input type="text" class="query" id="query" autocomplete="off" autofocus="autofocus" placeholder="Linux 命令搜索"/>
<div class="enter-input">
<input type="hidden" id="current_path" value="/c/sudo.html">
<button id="search_btn">搜索</button>
</div>
</div>
</div>
</div>
<script type="text/javascript" src="../js/copy-to-clipboard.js"></script>
<div class="markdown-body">
<span class="edit_btn">
<a target="_blank" href="https://github.com/jaywcjlove/linux-command/edit/master/command/sudo.md">纠正错误</a>
<span class="split"></span>
<a target="_blank" href="https://github.com/jaywcjlove/linux-command/edit/master/command/sudo.md">添加实例</a>
</span>
<dark-mode style="position: fixed; top: 8px; left: 10px; z-index: 999;;display: none;" dark="Dark" light="Light"></dark-mode><script>const t=document;const e="_dark_mode_theme_";const s="permanent";const o="colorschemechange";const i="permanentcolorscheme";const h="light";const r="dark";const n=(t,e,s=e)=>{Object.defineProperty(t,s,{enumerable:true,get(){const t=this.getAttribute(e);return t===null?"":t},set(t){this.setAttribute(e,t)}})};const c=(t,e,s=e)=>{Object.defineProperty(t,s,{enumerable:true,get(){return this.hasAttribute(e)},set(t){if(t){this.setAttribute(e,"")}else{this.removeAttribute(e)}}})};class a extends HTMLElement{static get observedAttributes(){return["mode",h,r,s]}LOCAL_NANE=e;constructor(){super();this.t()}connectedCallback(){n(this,"mode");n(this,r);n(this,h);c(this,s);const a=localStorage.getItem(e);if(a&&[h,r].includes(a)){this.mode=a;this.permanent=true}if(this.permanent&&!a){localStorage.setItem(e,this.mode)}const l=[h,r].includes(a);if(this.permanent&&a){this.o()}else{if(window.matchMedia&&window.matchMedia("(prefers-color-scheme: dark)").matches){this.mode=r;this.o()}if(window.matchMedia&&window.matchMedia("(prefers-color-scheme: light)").matches){this.mode=h;this.o()}}if(!this.permanent&&!l){window.matchMedia("(prefers-color-scheme: light)").onchange=t=>{this.mode=t.matches?h:r;this.o()};window.matchMedia("(prefers-color-scheme: dark)").onchange=t=>{this.mode=t.matches?r:h;this.o()}}const d=new MutationObserver(((s,h)=>{this.mode=t.documentElement.dataset.colorMode;if(this.permanent&&l){localStorage.setItem(e,this.mode);this.i(i,{permanent:this.permanent})}this.h();this.i(o,{colorScheme:this.mode})}));d.observe(t.documentElement,{attributes:true});this.i(o,{colorScheme:this.mode});this.h()}attributeChangedCallback(t,s,o){if(t==="mode"&&s!==o&&[h,r].includes(o)){const t=localStorage.getItem(e);if(this.mode===t){this.mode=o;this.h();this.o()}else if(this.mode&&this.mode!==t){this.h();this.o()}}else if((t===h||t===r)&&s!==o){this.h()}if(t==="permanent"&&typeof this.permanent==="boolean"){this.permanent?localStorage.setItem(e,this.mode):localStorage.removeItem(e)}}o(){t.documentElement.setAttribute("data-color-mode",this.mode)}h(){this.icon.textContent=this.mode===h?"🌒":"🌞";this.text.textContent=this.mode===h?this.getAttribute(r):this.getAttribute(h)}t(){var s=this.attachShadow({mode:"open"});this.label=t.createElement("span");this.label.setAttribute("class","wrapper");this.label.onclick=()=>{this.mode=this.mode===h?r:h;if(this.permanent){localStorage.setItem(e,this.mode)}this.o();this.h()};s.appendChild(this.label);this.icon=t.createElement("span");this.label.appendChild(this.icon);this.text=t.createElement("span");this.label.appendChild(this.text);const o=`
[data-color-mode*='dark'], [data-color-mode*='dark'] body {
color-scheme: dark;
--color-theme-bg: #0d1117;
--color-theme-text: #c9d1d9;
background-color: var(--color-theme-bg);
color: var(--color-theme-text);
}
[data-color-mode*='light'], [data-color-mode*='light'] body {
color-scheme: light;
--color-theme-bg: #fff;
--color-theme-text: #24292f;
background-color: var(--color-theme-bg);
color: var(--color-theme-text);
}`;const i="_dark_mode_style_";const n=t.getElementById(i);if(!n){var c=t.createElement("style");c.id=i;c.textContent=o;t.head.appendChild(c)}var a=t.createElement("style");a.textContent=`
.wrapper { cursor: pointer; user-select: none; position: relative; }
.wrapper > span + span { margin-left: .4rem; }
`;s.appendChild(a)}i(t,e){this.dispatchEvent(new CustomEvent(t,{bubbles:true,composed:true,detail:e}))}}customElements.define("dark-mode",a);</script><script>const __TEMPLATE__ = document.createElement('template');
__TEMPLATE__.innerHTML = `
<style>
markdown-style h1:hover a.anchor .octicon-link:before,
markdown-style h2:hover a.anchor .octicon-link:before,
markdown-style h3:hover a.anchor .octicon-link:before,
markdown-style h4:hover a.anchor .octicon-link:before,
markdown-style h5:hover a.anchor .octicon-link:before,
markdown-style h6:hover a.anchor .octicon-link:before {
width: 16px;
height: 16px;
content: ' ';
display: inline-block;
background-color: currentColor;
-webkit-mask-image: url("data:image/svg+xml,<svg xmlns='http://www.w3.org/2000/svg' viewBox='0 0 16 16' version='1.1' aria-hidden='true'><path fill-rule='evenodd' d='M7.775 3.275a.75.75 0 001.06 1.06l1.25-1.25a2 2 0 112.83 2.83l-2.5 2.5a2 2 0 01-2.83 0 .75.75 0 00-1.06 1.06 3.5 3.5 0 004.95 0l2.5-2.5a3.5 3.5 0 00-4.95-4.95l-1.25 1.25zm-4.69 9.64a2 2 0 010-2.83l2.5-2.5a2 2 0 012.83 0 .75.75 0 001.06-1.06 3.5 3.5 0 00-4.95 0l-2.5 2.5a3.5 3.5 0 004.95 4.95l1.25-1.25a.75.75 0 00-1.06-1.06l-1.25 1.25a2 2 0 01-2.83 0z'></path></svg>");
mask-image: url("data:image/svg+xml,<svg xmlns='http://www.w3.org/2000/svg' viewBox='0 0 16 16' version='1.1' aria-hidden='true'><path fill-rule='evenodd' d='M7.775 3.275a.75.75 0 001.06 1.06l1.25-1.25a2 2 0 112.83 2.83l-2.5 2.5a2 2 0 01-2.83 0 .75.75 0 00-1.06 1.06 3.5 3.5 0 004.95 0l2.5-2.5a3.5 3.5 0 00-4.95-4.95l-1.25 1.25zm-4.69 9.64a2 2 0 010-2.83l2.5-2.5a2 2 0 012.83 0 .75.75 0 001.06-1.06 3.5 3.5 0 00-4.95 0l-2.5 2.5a3.5 3.5 0 004.95 4.95l1.25-1.25a.75.75 0 00-1.06-1.06l-1.25 1.25a2 2 0 01-2.83 0z'></path></svg>");
}
[data-color-mode*='light'], [data-color-mode*='light'] body, markdown-style[theme*='light'] { --color-prettylights-syntax-comment: #6e7781; --color-prettylights-syntax-constant: #0550ae; --color-prettylights-syntax-entity: #8250df; --color-prettylights-syntax-storage-modifier-import: #24292f; --color-prettylights-syntax-entity-tag: #116329; --color-prettylights-syntax-keyword: #cf222e; --color-prettylights-syntax-string: #0a3069; --color-prettylights-syntax-variable: #953800; --color-prettylights-syntax-brackethighlighter-unmatched: #82071e; --color-prettylights-syntax-invalid-illegal-text: #f6f8fa; --color-prettylights-syntax-invalid-illegal-bg: #82071e; --color-prettylights-syntax-carriage-return-text: #f6f8fa; --color-prettylights-syntax-carriage-return-bg: #cf222e; --color-prettylights-syntax-string-regexp: #116329; --color-prettylights-syntax-markup-list: #3b2300; --color-prettylights-syntax-markup-heading: #0550ae; --color-prettylights-syntax-markup-italic: #24292f; --color-prettylights-syntax-markup-bold: #24292f; --color-prettylights-syntax-markup-deleted-text: #82071e; --color-prettylights-syntax-markup-deleted-bg: #FFEBE9; --color-prettylights-syntax-markup-inserted-text: #116329; --color-prettylights-syntax-markup-inserted-bg: #dafbe1; --color-prettylights-syntax-markup-changed-text: #953800; --color-prettylights-syntax-markup-changed-bg: #ffd8b5; --color-prettylights-syntax-markup-ignored-text: #eaeef2; --color-prettylights-syntax-markup-ignored-bg: #0550ae; --color-prettylights-syntax-meta-diff-range: #8250df; --color-prettylights-syntax-brackethighlighter-angle: #57606a; --color-prettylights-syntax-sublimelinter-gutter-mark: #8c959f; --color-prettylights-syntax-constant-other-reference-link: #0a3069; --color-fg-default: #24292f; --color-fg-muted: #57606a; --color-fg-subtle: #6e7781; --color-canvas-default: #ffffff; --color-canvas-subtle: #f6f8fa; --color-border-default: #d0d7de; --color-border-muted: hsla(210,18%,87%,1); --color-neutral-muted: rgba(175,184,193,0.2); --color-accent-fg: #0969da; --color-accent-emphasis: #0969da; --color-attention-subtle: #fff8c5; --color-danger-fg: #cf222e; } [data-color-mode*='dark'], [data-color-mode*='dark'] body, markdown-style[theme*='dark'] { --color-prettylights-syntax-comment: #8b949e; --color-prettylights-syntax-constant: #79c0ff; --color-prettylights-syntax-entity: #d2a8ff; --color-prettylights-syntax-storage-modifier-import: #c9d1d9; --color-prettylights-syntax-entity-tag: #7ee787; --color-prettylights-syntax-keyword: #ff7b72; --color-prettylights-syntax-string: #a5d6ff; --color-prettylights-syntax-variable: #ffa657; --color-prettylights-syntax-brackethighlighter-unmatched: #f85149; --color-prettylights-syntax-invalid-illegal-text: #f0f6fc; --color-prettylights-syntax-invalid-illegal-bg: #8e1519; --color-prettylights-syntax-carriage-return-text: #f0f6fc; --color-prettylights-syntax-carriage-return-bg: #b62324; --color-prettylights-syntax-string-regexp: #7ee787; --color-prettylights-syntax-markup-list: #f2cc60; --color-prettylights-syntax-markup-heading: #1f6feb; --color-prettylights-syntax-markup-italic: #c9d1d9; --color-prettylights-syntax-markup-bold: #c9d1d9; --color-prettylights-syntax-markup-deleted-text: #ffdcd7; --color-prettylights-syntax-markup-deleted-bg: #67060c; --color-prettylights-syntax-markup-inserted-text: #aff5b4; --color-prettylights-syntax-markup-inserted-bg: #033a16; --color-prettylights-syntax-markup-changed-text: #ffdfb6; --color-prettylights-syntax-markup-changed-bg: #5a1e02; --color-prettylights-syntax-markup-ignored-text: #c9d1d9; --color-prettylights-syntax-markup-ignored-bg: #1158c7; --color-prettylights-syntax-meta-diff-range: #d2a8ff; --color-prettylights-syntax-brackethighlighter-angle: #8b949e; --color-prettylights-syntax-sublimelinter-gutter-mark: #484f58; --color-prettylights-syntax-constant-other-reference-link: #a5d6ff; --color-fg-default: #c9d1d9; --color-fg-muted: #8b949e; --color-fg-subtle: #484f58; --color-canvas-default: #0d1117; --color-canvas-subtle: #161b22; --color-border-default: #30363d; --color-border-muted: #21262d; --color-neutral-muted: rgba(110,118,129,0.4); --color-accent-fg: #58a6ff; --color-accent-emphasis: #1f6feb; --color-attention-subtle: rgba(187,128,9,0.15); --color-danger-fg: #f85149; } markdown-style { display: block; -webkit-text-size-adjust: 100%; font-family: -apple-system,BlinkMacSystemFont,"Segoe UI",Helvetica,Arial,sans-serif,"Apple Color Emoji","Segoe UI Emoji"; font-size: 16px; line-height: 1.5; word-wrap: break-word; color: var(--color-fg-default); background-color: var(--color-canvas-default); } markdown-style details, markdown-style figcaption, markdown-style figure { display: block; } markdown-style summary { display: list-item; } markdown-style [hidden] { display: none !important; } markdown-style a { background-color: transparent; color: var(--color-accent-fg); text-decoration: none; } markdown-style a:active, markdown-style a:hover { outline-width: 0; } markdown-style abbr[title] { border-bottom: none; text-decoration: underline dotted; } markdown-style b, markdown-style strong { font-weight: 600; } markdown-style dfn { font-style: italic; } markdown-style h1 { margin: .67em 0; font-weight: 600; padding-bottom: .3em; font-size: 2em; border-bottom: 1px solid var(--color-border-muted); } markdown-style mark { background-color: var(--color-attention-subtle); color: var(--color-text-primary); } markdown-style small { font-size: 90%; } markdown-style sub, markdown-style sup { font-size: 75%; line-height: 0; position: relative; vertical-align: baseline; } markdown-style sub { bottom: -0.25em; } markdown-style sup { top: -0.5em; } markdown-style img { border-style: none; max-width: 100%; box-sizing: content-box; background-color: var(--color-canvas-default); } markdown-style code, markdown-style kbd, markdown-style pre, markdown-style samp { font-family: monospace,monospace; font-size: 1em; } markdown-style figure { margin: 1em 40px; } markdown-style hr { box-sizing: content-box; overflow: hidden; background: transparent; border-bottom: 1px solid var(--color-border-muted); height: .25em; padding: 0; margin: 24px 0; background-color: var(--color-border-default); border: 0; } markdown-style input { font: inherit; margin: 0; overflow: visible; font-family: inherit; font-size: inherit; line-height: inherit; } markdown-style [type=button], markdown-style [type=reset], markdown-style [type=submit] { -webkit-appearance: button; } markdown-style [type=button]::-moz-focus-inner, markdown-style [type=reset]::-moz-focus-inner, markdown-style [type=submit]::-moz-focus-inner { border-style: none; padding: 0; } markdown-style [type=button]:-moz-focusring, markdown-style [type=reset]:-moz-focusring, markdown-style [type=submit]:-moz-focusring { outline: 1px dotted ButtonText; } markdown-style [type=checkbox], markdown-style [type=radio] { box-sizing: border-box; padding: 0; } markdown-style [type=number]::-webkit-inner-spin-button, markdown-style [type=number]::-webkit-outer-spin-button { height: auto; } markdown-style [type=search] { -webkit-appearance: textfield; outline-offset: -2px; } markdown-style [type=search]::-webkit-search-cancel-button, markdown-style [type=search]::-webkit-search-decoration { -webkit-appearance: none; } markdown-style ::-webkit-input-placeholder { color: inherit; opacity: .54; } markdown-style ::-webkit-file-upload-button { -webkit-appearance: button; font: inherit; } markdown-style a:hover { text-decoration: underline; } markdown-style hr::before { display: table; content: ""; } markdown-style hr::after { display: table; clear: both; content: ""; } markdown-style table { border-spacing: 0; border-collapse: collapse; display: block; width: max-content; max-width: 100%; overflow: auto; } markdown-style td, markdown-style th { padding: 0; } markdown-style details summary { cursor: pointer; } markdown-style details:not([open])>*:not(summary) { display: none !important; } markdown-style kbd { display: inline-block; padding: 3px 5px; font: 11px ui-monospace,SFMono-Regular,SF Mono,Menlo,Consolas,Liberation Mono,monospace; line-height: 10px; color: var(--color-fg-default); vertical-align: middle; background-color: var(--color-canvas-subtle); border: solid 1px var(--color-neutral-muted); border-bottom-color: var(--color-neutral-muted); border-radius: 6px; box-shadow: inset 0 -1px 0 var(--color-neutral-muted); } markdown-style h1, markdown-style h2, markdown-style h3, markdown-style h4, markdown-style h5, markdown-style h6 { margin-top: 24px; margin-bottom: 16px; font-weight: 600; line-height: 1.25; } markdown-style h2 { font-weight: 600; padding-bottom: .3em; font-size: 1.5em; border-bottom: 1px solid var(--color-border-muted); } markdown-style h3 { font-weight: 600; font-size: 1.25em; } markdown-style h4 { font-weight: 600; font-size: 1em; } markdown-style h5 { font-weight: 600; font-size: .875em; } markdown-style h6 { font-weight: 600; font-size: .85em; color: var(--color-fg-muted); } markdown-style p { margin-top: 0; margin-bottom: 10px; } markdown-style blockquote { margin: 0; padding: 0 1em; color: var(--color-fg-muted); border-left: .25em solid var(--color-border-default); } markdown-style ul, markdown-style ol { margin-top: 0; margin-bottom: 0; padding-left: 2em; } markdown-style ol ol, markdown-style ul ol { list-style-type: lower-roman; } markdown-style ul ul ol, markdown-style ul ol ol, markdown-style ol ul ol, markdown-style ol ol ol { list-style-type: lower-alpha; } markdown-style dd { margin-left: 0; } markdown-style tt, markdown-style code { font-family: ui-monospace,SFMono-Regular,SF Mono,Menlo,Consolas,Liberation Mono,monospace; font-size: 12px; } markdown-style pre { margin-top: 0; margin-bottom: 0; font-family: ui-monospace,SFMono-Regular,SF Mono,Menlo,Consolas,Liberation Mono,monospace; font-size: 12px; word-wrap: normal; } markdown-style .octicon { display: inline-block; overflow: visible !important; vertical-align: text-bottom; fill: currentColor; } markdown-style ::placeholder { color: var(--color-fg-subtle); opacity: 1; } markdown-style input::-webkit-outer-spin-button, markdown-style input::-webkit-inner-spin-button { margin: 0; -webkit-appearance: none; appearance: none; }
markdown-style .token.comment, markdown-style .token.prolog, markdown-style .token.doctype, markdown-style .token.cdata { color: var(--color-prettylights-syntax-comment); } markdown-style .token.namespace { opacity: 0.7; } markdown-style .token.tag, markdown-style .token.selector, markdown-style .token.constant, markdown-style .token.symbol, markdown-style .token.deleted { color: var(--color-prettylights-syntax-entity-tag); } markdown-style .token.maybe-class-name { color: var(--color-prettylights-syntax-variable); } markdown-style .token.property-access, markdown-style .token.operator, markdown-style .token.boolean, markdown-style .token.number, markdown-style .token.selector markdown-style .token.class, markdown-style .token.attr-name, markdown-style .token.string, markdown-style .token.char, markdown-style .token.builtin { color: var(--color-prettylights-syntax-constant); } markdown-style .token.deleted { color: var(--color-prettylights-syntax-markup-deleted-text); } markdown-style .token.property { color: var(--color-prettylights-syntax-constant); } markdown-style .token.punctuation { color: var(--color-prettylights-syntax-markup-bold); } markdown-style .token.function { color: var(--color-prettylights-syntax-entity); } markdown-style .code-line .token.deleted { background-color: var(--color-prettylights-syntax-markup-deleted-bg); } markdown-style .token.inserted { color: var(--color-prettylights-syntax-markup-inserted-text); } markdown-style .code-line .token.inserted { background-color: var(--color-prettylights-syntax-markup-inserted-bg); } markdown-style .token.variable { color: var(--color-prettylights-syntax-constant); } markdown-style .token.entity, markdown-style .token.url, .language-css markdown-style .token.string, .style markdown-style .token.string { color: var(--color-prettylights-syntax-string); } markdown-style .token.color, markdown-style .token.atrule, markdown-style .token.attr-value, markdown-style .token.function, markdown-style .token.class-name { color: var(--color-prettylights-syntax-string); } markdown-style .token.rule, markdown-style .token.regex, markdown-style .token.important, markdown-style .token.keyword { color: var(--color-prettylights-syntax-keyword); } markdown-style .token.coord { color: var(--color-prettylights-syntax-meta-diff-range); } markdown-style .token.important, markdown-style .token.bold { font-weight: bold; } markdown-style .token.italic { font-style: italic; } markdown-style .token.entity { cursor: help; }
markdown-style [data-catalyst] { display: block; } markdown-style g-emoji { font-family: "Apple Color Emoji","Segoe UI Emoji","Segoe UI Symbol"; font-size: 1em; font-style: normal !important; font-weight: 400; line-height: 1; vertical-align: -0.075em; } markdown-style g-emoji img { width: 1em; height: 1em; } markdown-style::before { display: table; content: ""; } markdown-style::after { display: table; clear: both; content: ""; } markdown-style>*:first-child { margin-top: 0 !important; } markdown-style>*:last-child { margin-bottom: 0 !important; } markdown-style a:not([href]) { color: inherit; text-decoration: none; } markdown-style .absent { color: var(--color-danger-fg); } markdown-style a.anchor { float: left; padding-right: 4px; margin-left: -20px; line-height: 1; } markdown-style a.anchor:focus { outline: none; } markdown-style p, markdown-style blockquote, markdown-style ul, markdown-style ol, markdown-style dl, markdown-style table, markdown-style pre, markdown-style details { margin-top: 0; margin-bottom: 16px; } markdown-style blockquote>:first-child { margin-top: 0; } markdown-style blockquote>:last-child { margin-bottom: 0; } markdown-style sup>a::before { content: "["; } markdown-style sup>a::after { content: "]"; }
markdown-style .octicon-video { border: 1px solid #d0d7de !important; border-radius: 6px !important; display: block; } markdown-style .octicon-video summary { border-bottom: 1px solid #d0d7de !important; padding: 8px 16px !important; cursor: pointer; } markdown-style .octicon-video > video { display: block !important; max-width: 100% !important; padding: 2px; box-sizing: border-box; border-bottom-right-radius: 6px !important; border-bottom-left-radius: 6px !important; } markdown-style details.octicon-video:not([open])>*:not(summary) { display: none !important; } markdown-style details.octicon-video:not([open]) > summary { border-bottom: 0 !important; } markdown-style h1 .octicon-link, markdown-style h2 .octicon-link, markdown-style h3 .octicon-link, markdown-style h4 .octicon-link, markdown-style h5 .octicon-link, markdown-style h6 .octicon-link { color: var(--color-fg-default); vertical-align: middle; visibility: hidden; } markdown-style h1:hover .anchor, markdown-style h2:hover .anchor, markdown-style h3:hover .anchor, markdown-style h4:hover .anchor, markdown-style h5:hover .anchor, markdown-style h6:hover .anchor { text-decoration: none; } markdown-style h1:hover .anchor .octicon-link, markdown-style h2:hover .anchor .octicon-link, markdown-style h3:hover .anchor .octicon-link, markdown-style h4:hover .anchor .octicon-link, markdown-style h5:hover .anchor .octicon-link, markdown-style h6:hover .anchor .octicon-link { visibility: visible; } markdown-style h1 tt, markdown-style h1 code, markdown-style h2 tt, markdown-style h2 code, markdown-style h3 tt, markdown-style h3 code, markdown-style h4 tt, markdown-style h4 code, markdown-style h5 tt, markdown-style h5 code, markdown-style h6 tt, markdown-style h6 code { padding: 0 .2em; font-size: inherit; } markdown-style ul.no-list, markdown-style ol.no-list { padding: 0; list-style-type: none; } markdown-style ol[type="1"] { list-style-type: decimal; } markdown-style ol[type=a] { list-style-type: lower-alpha; } markdown-style ol[type=i] { list-style-type: lower-roman; } markdown-style div>ol:not([type]) { list-style-type: decimal; } markdown-style ul ul, markdown-style ul ol, markdown-style ol ol, markdown-style ol ul { margin-top: 0; margin-bottom: 0; } markdown-style li>p { margin-top: 16px; } markdown-style li+li { margin-top: .25em; } markdown-style dl { padding: 0; } markdown-style dl dt { padding: 0; margin-top: 16px; font-size: 1em; font-style: italic; font-weight: 600; } markdown-style dl dd { padding: 0 16px; margin-bottom: 16px; } markdown-style table th { font-weight: 600; } markdown-style table th, markdown-style table td { padding: 6px 13px; border: 1px solid var(--color-border-default); } markdown-style table tr { background-color: var(--color-canvas-default); border-top: 1px solid var(--color-border-muted); } markdown-style table tr:nth-child(2n) { background-color: var(--color-canvas-subtle); } markdown-style table img { background-color: transparent; vertical-align: middle; } markdown-style img[align=right] { padding-left: 20px; } markdown-style img[align=left] { padding-right: 20px; } markdown-style .emoji { max-width: none; vertical-align: text-top; background-color: transparent; } markdown-style span.frame { display: block; overflow: hidden; } markdown-style span.frame>span { display: block; float: left; width: auto; padding: 7px; margin: 13px 0 0; overflow: hidden; border: 1px solid var(--color-border-default); } markdown-style span.frame span img { display: block; float: left; } markdown-style span.frame span span { display: block; padding: 5px 0 0; clear: both; color: var(--color-fg-default); } markdown-style span.align-center { display: block; overflow: hidden; clear: both; } markdown-style span.align-center>span { display: block; margin: 13px auto 0; overflow: hidden; text-align: center; } markdown-style span.align-center span img { margin: 0 auto; text-align: center; } markdown-style span.align-right { display: block; overflow: hidden; clear: both; } markdown-style span.align-right>span { display: block; margin: 13px 0 0; overflow: hidden; text-align: right; } markdown-style span.align-right span img { margin: 0; text-align: right; } markdown-style span.float-left { display: block; float: left; margin-right: 13px; overflow: hidden; } markdown-style span.float-left span { margin: 13px 0 0; } markdown-style span.float-right { display: block; float: right; margin-left: 13px; overflow: hidden; } markdown-style span.float-right>span { display: block; margin: 13px auto 0; overflow: hidden; text-align: right; } markdown-style code, markdown-style tt { padding: .2em .4em; margin: 0; font-size: 85%; background-color: var(--color-neutral-muted); border-radius: 6px; } markdown-style code br, markdown-style tt br { display: none; } markdown-style del code { text-decoration: inherit; } markdown-style pre code { font-size: 100%; } markdown-style pre>code { padding: 0; margin: 0; word-break: normal; white-space: pre; background: transparent; border: 0; } markdown-style pre { position: relative; font-size: 85%; line-height: 1.45; background-color: var(--color-canvas-subtle); border-radius: 6px; } markdown-style pre code, markdown-style pre tt { display: inline; max-width: auto; padding: 0; margin: 0; overflow: visible; line-height: inherit; word-wrap: normal; background-color: transparent; border: 0; } markdown-style pre > code { padding: 16px; overflow: auto; display: block; } markdown-style .csv-data td, markdown-style .csv-data th { padding: 5px; overflow: hidden; font-size: 12px; line-height: 1; text-align: left; white-space: nowrap; } markdown-style .csv-data .blob-num { padding: 10px 8px 9px; text-align: right; background: var(--color-canvas-default); border: 0; } markdown-style .csv-data tr { border-top: 0; } markdown-style .csv-data th { font-weight: 600; background: var(--color-canvas-subtle); border-top: 0; } markdown-style .footnotes { font-size: 12px; color: var(--color-fg-muted); border-top: 1px solid var(--color-border-default); } markdown-style .footnotes ol { padding-left: 16px; } markdown-style .footnotes li { position: relative; } markdown-style .footnotes li:target::before { position: absolute; top: -8px; right: -8px; bottom: -8px; left: -24px; pointer-events: none; content: ""; border: 2px solid var(--color-accent-emphasis); border-radius: 6px; } markdown-style .footnotes li:target { color: var(--color-fg-default); } markdown-style .footnotes .data-footnote-backref g-emoji { font-family: monospace; } markdown-style .task-list-item { list-style-type: none; } markdown-style .task-list-item label { font-weight: 400; } markdown-style .task-list-item.enabled label { cursor: pointer; } markdown-style .task-list-item+.task-list-item { margin-top: 3px; } markdown-style .task-list-item .handle { display: none; } markdown-style .task-list-item-checkbox, markdown-style input[type="checkbox"] { margin: 0 .2em .25em -1.6em; vertical-align: middle; } markdown-style .contains-task-list:dir(rtl) .task-list-item-checkbox, markdown-style .contains-task-list:dir(rtl) input[type="checkbox"] { margin: 0 -1.6em .25em .2em; } markdown-style ::-webkit-calendar-picker-indicator { filter: invert(50%); }
</style>
<slot></slot>
`;
class MarkdownStyle extends HTMLElement {
constructor() {
super();
this.shadow = this.attachShadow({ mode: 'open' });
this.shadow.appendChild(__TEMPLATE__.content.cloneNode(true));
const style = Array.prototype.slice
.call(this.shadow.children)
.find((item) => item.tagName === 'STYLE');
if (style) {
const id = '__MARKDOWN_STYLE__';
const findStyle = document.getElementById(id);
if (!findStyle) {
style.id = id;
document.head.append(style);
}
}
}
get theme() {
const value = this.getAttribute('theme');
return value === null ? '' : value;
}
set theme(name) {
this.setAttribute('theme', name);
}
connectedCallback() {
if (!this.theme) {
const { colorMode } = document.documentElement.dataset;
this.theme = colorMode;
const observer = new MutationObserver((mutationsList, observer) => {
this.theme = document.documentElement.dataset.colorMode;
});
observer.observe(document.documentElement, { attributes: true });
window.matchMedia('(prefers-color-scheme: light)').onchange = (event) => {
this.theme = event.matches ? 'light' : 'dark';
};
window.matchMedia('(prefers-color-scheme: dark)').onchange = (event) => {
this.theme = event.matches ? 'dark' : 'light';
};
}
}
}
customElements.define('markdown-style', MarkdownStyle);</script><markdown-style style="max-width: 960px; margin: 0 auto 60px auto; padding: 8px;" class="markdown-style">
<h1 id="sudo"><a class="anchor" aria-hidden="true" tabindex="-1" href="#sudo"><span class="octicon octicon-link"></span></a>sudo</h1>
<p>以其他身份来执行命令</p>
<h2 id="补充说明"><a class="anchor" aria-hidden="true" tabindex="-1" href="#补充说明"><span class="octicon octicon-link"></span></a>补充说明</h2>
<p><strong>sudo命令</strong> 用来以其他身份来执行命令预设的身份为root。在<code>/etc/sudoers</code>中设置了可执行sudo指令的用户。若其未经授权的用户企图使用sudo则会发出警告的邮件给管理员。用户使用sudo时必须先输入密码之后有5分钟的有效期限超过期限则必须重新输入密码。</p>
<h3 id="语法"><a class="anchor" aria-hidden="true" tabindex="-1" href="#语法"><span class="octicon octicon-link"></span></a>语法</h3>
<pre class="language-shell"><code class="language-shell code-highlight"><span class="code-line line-number" line="1">sudo<span class="token punctuation">(</span>选项<span class="token punctuation">)</span><span class="token punctuation">(</span>参数<span class="token punctuation">)</span>
</span></code><div onclick="copied(this)" data-code="sudo(选项)(参数)
" class="copied"><svg class="octicon-copy" aria-hidden="true" viewBox="0 0 16 16" fill="currentColor" height="12" width="12"><path fill-rule="evenodd" d="M0 6.75C0 5.784.784 5 1.75 5h1.5a.75.75 0 010 1.5h-1.5a.25.25 0 00-.25.25v7.5c0 .138.112.25.25.25h7.5a.25.25 0 00.25-.25v-1.5a.75.75 0 011.5 0v1.5A1.75 1.75 0 019.25 16h-7.5A1.75 1.75 0 010 14.25v-7.5z"></path><path fill-rule="evenodd" d="M5 1.75C5 .784 5.784 0 6.75 0h7.5C15.216 0 16 .784 16 1.75v7.5A1.75 1.75 0 0114.25 11h-7.5A1.75 1.75 0 015 9.25v-7.5zm1.75-.25a.25.25 0 00-.25.25v7.5c0 .138.112.25.25.25h7.5a.25.25 0 00.25-.25v-7.5a.25.25 0 00-.25-.25h-7.5z"></path></svg><svg class="octicon-check" aria-hidden="true" viewBox="0 0 16 16" fill="currentColor" height="12" width="12"><path fill-rule="evenodd" d="M13.78 4.22a.75.75 0 010 1.06l-7.25 7.25a.75.75 0 01-1.06 0L2.22 9.28a.75.75 0 011.06-1.06L6 10.94l6.72-6.72a.75.75 0 011.06 0z"></path></svg></div></pre>
<h3 id="选项"><a class="anchor" aria-hidden="true" tabindex="-1" href="#选项"><span class="octicon octicon-link"></span></a>选项</h3>
<pre class="language-shell"><code class="language-shell code-highlight"><span class="code-line line-number" line="1">-b在后台执行指令
</span><span class="code-line line-number" line="2">-E继承当前环境变量
</span><span class="code-line line-number" line="3">-h显示帮助
</span><span class="code-line line-number" line="4">-H<span class="token environment constant">HOME</span>环境变量设为新身份的<span class="token environment constant">HOME</span>环境变量;
</span><span class="code-line line-number" line="5">-k结束密码的有效期限也就是下次再执行sudo时便需要输入密码
</span><span class="code-line line-number" line="6">-l列出目前用户可执行与无法执行的指令
</span><span class="code-line line-number" line="7">-p改变询问密码的提示符号
</span><span class="code-line line-number" line="8">-s<span class="token operator">&#x3C;</span>shell<span class="token operator">></span>执行指定的shell
</span><span class="code-line line-number" line="9">-u<span class="token operator">&#x3C;</span>用户<span class="token operator">></span>以指定的用户作为新的身份。若不加上此参数则预设以root作为新的身份
</span><span class="code-line line-number" line="10">-v延长密码有效期限5分钟
</span><span class="code-line line-number" line="11"><span class="token parameter variable">-V</span> :显示版本信息。
</span></code><div onclick="copied(this)" data-code="-b在后台执行指令
-E继承当前环境变量
-h显示帮助
-H将HOME环境变量设为新身份的HOME环境变量
-k结束密码的有效期限也就是下次再执行sudo时便需要输入密码
-l列出目前用户可执行与无法执行的指令
-p改变询问密码的提示符号
-s<shell>执行指定的shell
-u<用户>以指定的用户作为新的身份。若不加上此参数则预设以root作为新的身份
-v延长密码有效期限5分钟
-V :显示版本信息。
" class="copied"><svg class="octicon-copy" aria-hidden="true" viewBox="0 0 16 16" fill="currentColor" height="12" width="12"><path fill-rule="evenodd" d="M0 6.75C0 5.784.784 5 1.75 5h1.5a.75.75 0 010 1.5h-1.5a.25.25 0 00-.25.25v7.5c0 .138.112.25.25.25h7.5a.25.25 0 00.25-.25v-1.5a.75.75 0 011.5 0v1.5A1.75 1.75 0 019.25 16h-7.5A1.75 1.75 0 010 14.25v-7.5z"></path><path fill-rule="evenodd" d="M5 1.75C5 .784 5.784 0 6.75 0h7.5C15.216 0 16 .784 16 1.75v7.5A1.75 1.75 0 0114.25 11h-7.5A1.75 1.75 0 015 9.25v-7.5zm1.75-.25a.25.25 0 00-.25.25v7.5c0 .138.112.25.25.25h7.5a.25.25 0 00.25-.25v-7.5a.25.25 0 00-.25-.25h-7.5z"></path></svg><svg class="octicon-check" aria-hidden="true" viewBox="0 0 16 16" fill="currentColor" height="12" width="12"><path fill-rule="evenodd" d="M13.78 4.22a.75.75 0 010 1.06l-7.25 7.25a.75.75 0 01-1.06 0L2.22 9.28a.75.75 0 011.06-1.06L6 10.94l6.72-6.72a.75.75 0 011.06 0z"></path></svg></div></pre>
<h3 id="参数"><a class="anchor" aria-hidden="true" tabindex="-1" href="#参数"><span class="octicon octicon-link"></span></a>参数</h3>
<p>指令:需要运行的指令和对应的参数。</p>
<h3 id="实例"><a class="anchor" aria-hidden="true" tabindex="-1" href="#实例"><span class="octicon octicon-link"></span></a>实例</h3>
<pre class="language-shell"><code class="language-shell code-highlight"><span class="code-line line-number" line="1">$ <span class="token function">sudo</span> <span class="token function">su</span> -
</span><span class="code-line line-number" line="2"><span class="token comment"># env | grep -E '(HOME|SHELL|USER|LOGNAME|^PATH|PWD|TEST_ETC|TEST_ZSH|TEST_PRO|TEST_BASH|TEST_HOME|SUDO)'</span>
</span></code><div onclick="copied(this)" data-code="$ sudo su -
# env | grep -E &#x27;(HOME|SHELL|USER|LOGNAME|^PATH|PWD|TEST_ETC|TEST_ZSH|TEST_PRO|TEST_BASH|TEST_HOME|SUDO)&#x27;
" class="copied"><svg class="octicon-copy" aria-hidden="true" viewBox="0 0 16 16" fill="currentColor" height="12" width="12"><path fill-rule="evenodd" d="M0 6.75C0 5.784.784 5 1.75 5h1.5a.75.75 0 010 1.5h-1.5a.25.25 0 00-.25.25v7.5c0 .138.112.25.25.25h7.5a.25.25 0 00.25-.25v-1.5a.75.75 0 011.5 0v1.5A1.75 1.75 0 019.25 16h-7.5A1.75 1.75 0 010 14.25v-7.5z"></path><path fill-rule="evenodd" d="M5 1.75C5 .784 5.784 0 6.75 0h7.5C15.216 0 16 .784 16 1.75v7.5A1.75 1.75 0 0114.25 11h-7.5A1.75 1.75 0 015 9.25v-7.5zm1.75-.25a.25.25 0 00-.25.25v7.5c0 .138.112.25.25.25h7.5a.25.25 0 00.25-.25v-7.5a.25.25 0 00-.25-.25h-7.5z"></path></svg><svg class="octicon-check" aria-hidden="true" viewBox="0 0 16 16" fill="currentColor" height="12" width="12"><path fill-rule="evenodd" d="M13.78 4.22a.75.75 0 010 1.06l-7.25 7.25a.75.75 0 01-1.06 0L2.22 9.28a.75.75 0 011.06-1.06L6 10.94l6.72-6.72a.75.75 0 011.06 0z"></path></svg></div></pre>
<p>这个命令相当于使用root超级用户重新登录一次shell只不过密码是使用的当前用户的密码。而且重要是该命令会 <strong>重新加载/etc/profile文件以及/etc/bashrc文件等系统配置文件并且还会重新加载root用户的$SHELL环境变量所对应的配置文件</strong> 比如root超级用户的$SHELL是/bin/bash则会加载/root/.bashrc等配置。如果是/bin/zsh则会加载/root/.zshrc等配置执行后是完全的root环境。</p>
<pre class="language-shell"><code class="language-shell code-highlight"><span class="code-line line-number" line="1">$ <span class="token function">sudo</span> <span class="token parameter variable">-i</span>
</span><span class="code-line line-number" line="2"><span class="token comment"># env | grep -E '(HOME|SHELL|USER|LOGNAME|^PATH|PWD|TEST_ETC|TEST_ZSH|TEST_PRO|TEST_BASH|TEST_HOME|SUDO)'</span>
</span></code><div onclick="copied(this)" data-code="$ sudo -i
# env | grep -E &#x27;(HOME|SHELL|USER|LOGNAME|^PATH|PWD|TEST_ETC|TEST_ZSH|TEST_PRO|TEST_BASH|TEST_HOME|SUDO)&#x27;
" class="copied"><svg class="octicon-copy" aria-hidden="true" viewBox="0 0 16 16" fill="currentColor" height="12" width="12"><path fill-rule="evenodd" d="M0 6.75C0 5.784.784 5 1.75 5h1.5a.75.75 0 010 1.5h-1.5a.25.25 0 00-.25.25v7.5c0 .138.112.25.25.25h7.5a.25.25 0 00.25-.25v-1.5a.75.75 0 011.5 0v1.5A1.75 1.75 0 019.25 16h-7.5A1.75 1.75 0 010 14.25v-7.5z"></path><path fill-rule="evenodd" d="M5 1.75C5 .784 5.784 0 6.75 0h7.5C15.216 0 16 .784 16 1.75v7.5A1.75 1.75 0 0114.25 11h-7.5A1.75 1.75 0 015 9.25v-7.5zm1.75-.25a.25.25 0 00-.25.25v7.5c0 .138.112.25.25.25h7.5a.25.25 0 00.25-.25v-7.5a.25.25 0 00-.25-.25h-7.5z"></path></svg><svg class="octicon-check" aria-hidden="true" viewBox="0 0 16 16" fill="currentColor" height="12" width="12"><path fill-rule="evenodd" d="M13.78 4.22a.75.75 0 010 1.06l-7.25 7.25a.75.75 0 01-1.06 0L2.22 9.28a.75.75 0 011.06-1.06L6 10.94l6.72-6.72a.75.75 0 011.06 0z"></path></svg></div></pre>
<p>这个命令基本与 <code>sudo su -</code> 相同执行后也是root超级用户的环境只不过是多了一些当前用户的信息。</p>
<pre class="language-shell"><code class="language-shell code-highlight"><span class="code-line line-number" line="1">$ <span class="token function">sudo</span> <span class="token parameter variable">-s</span>
</span><span class="code-line line-number" line="2"><span class="token comment"># env|grep -E '(HOME|SHELL|USER|LOGNAME|^PATH|PWD|TEST_ETC|TEST_ZSH|TEST_PRO|TEST_BASH|TEST_HOME|SUDO)' --color</span>
</span></code><div onclick="copied(this)" data-code="$ sudo -s
# env|grep -E &#x27;(HOME|SHELL|USER|LOGNAME|^PATH|PWD|TEST_ETC|TEST_ZSH|TEST_PRO|TEST_BASH|TEST_HOME|SUDO)&#x27; --color
" class="copied"><svg class="octicon-copy" aria-hidden="true" viewBox="0 0 16 16" fill="currentColor" height="12" width="12"><path fill-rule="evenodd" d="M0 6.75C0 5.784.784 5 1.75 5h1.5a.75.75 0 010 1.5h-1.5a.25.25 0 00-.25.25v7.5c0 .138.112.25.25.25h7.5a.25.25 0 00.25-.25v-1.5a.75.75 0 011.5 0v1.5A1.75 1.75 0 019.25 16h-7.5A1.75 1.75 0 010 14.25v-7.5z"></path><path fill-rule="evenodd" d="M5 1.75C5 .784 5.784 0 6.75 0h7.5C15.216 0 16 .784 16 1.75v7.5A1.75 1.75 0 0114.25 11h-7.5A1.75 1.75 0 015 9.25v-7.5zm1.75-.25a.25.25 0 00-.25.25v7.5c0 .138.112.25.25.25h7.5a.25.25 0 00.25-.25v-7.5a.25.25 0 00-.25-.25h-7.5z"></path></svg><svg class="octicon-check" aria-hidden="true" viewBox="0 0 16 16" fill="currentColor" height="12" width="12"><path fill-rule="evenodd" d="M13.78 4.22a.75.75 0 010 1.06l-7.25 7.25a.75.75 0 01-1.06 0L2.22 9.28a.75.75 0 011.06-1.06L6 10.94l6.72-6.72a.75.75 0 011.06 0z"></path></svg></div></pre>
<p>这个命令相当于 <strong>以当前用户的$SHELL开启了一个root超级用户的no-login的shell不会加载/etc/profile等系统配置</strong> 。所以/etc/profile文件中定义的TEST_ETC环境变量就看不到了但是会<strong>加载root用户对应的配置文件</strong>比如root用户的$SHELL是/bin/zsh那么会加载/root/.zshrc配置文件执行完后不会切换当前用户的目录。</p>
<p>配置sudo必须通过编辑<code>/etc/sudoers</code>文件而且只有超级用户才可以修改它还必须使用visudo编辑。之所以使用visudo有两个原因一是它能够防止两个用户同时修改它二是它也能进行有限的语法检查。所以即使只有你一个超级用户你也最好用visudo来检查一下语法。</p>
<p>visudo默认的是在vi里打开配置文件用vi来修改文件。我们可以在编译时修改这个默认项。visudo不会擅自保存带有语法错误的配置文件它会提示你出现的问题并询问该如何处理就像</p>
<pre class="language-shell"><code class="language-shell code-highlight"><span class="code-line line-number" line="1"><span class="token operator">>></span><span class="token operator">></span> sudoers file: syntax error, line <span class="token number">22</span> <span class="token operator">&#x3C;&#x3C;</span>
</span></code><div onclick="copied(this)" data-code=">>> sudoers file: syntax error, line 22 <<
" class="copied"><svg class="octicon-copy" aria-hidden="true" viewBox="0 0 16 16" fill="currentColor" height="12" width="12"><path fill-rule="evenodd" d="M0 6.75C0 5.784.784 5 1.75 5h1.5a.75.75 0 010 1.5h-1.5a.25.25 0 00-.25.25v7.5c0 .138.112.25.25.25h7.5a.25.25 0 00.25-.25v-1.5a.75.75 0 011.5 0v1.5A1.75 1.75 0 019.25 16h-7.5A1.75 1.75 0 010 14.25v-7.5z"></path><path fill-rule="evenodd" d="M5 1.75C5 .784 5.784 0 6.75 0h7.5C15.216 0 16 .784 16 1.75v7.5A1.75 1.75 0 0114.25 11h-7.5A1.75 1.75 0 015 9.25v-7.5zm1.75-.25a.25.25 0 00-.25.25v7.5c0 .138.112.25.25.25h7.5a.25.25 0 00.25-.25v-7.5a.25.25 0 00-.25-.25h-7.5z"></path></svg><svg class="octicon-check" aria-hidden="true" viewBox="0 0 16 16" fill="currentColor" height="12" width="12"><path fill-rule="evenodd" d="M13.78 4.22a.75.75 0 010 1.06l-7.25 7.25a.75.75 0 01-1.06 0L2.22 9.28a.75.75 0 011.06-1.06L6 10.94l6.72-6.72a.75.75 0 011.06 0z"></path></svg></div></pre>
<p>此时我们有三种选择键入“e”是重新编辑键入“x”是不保存退出键入“Q”是退出并保存。如果真选择Q那么sudo将不会再运行直到错误被纠正。</p>
<p>现在我们一起来看一下神秘的配置文件学一下如何编写它。让我们从一个简单的例子开始让用户Foobar可以通过sudo执行所有root可执行的命令。以root身份用visudo打开配置文件可以看到类似下面几行</p>
<pre class="language-shell"><code class="language-shell code-highlight"><span class="code-line line-number" line="1"><span class="token comment"># Runas alias specification</span>
</span><span class="code-line line-number" line="2"><span class="token comment"># User privilege specificationroot ALL=(ALL)ALL</span>
</span></code><div onclick="copied(this)" data-code="# Runas alias specification
# User privilege specificationroot ALL=(ALL)ALL
" class="copied"><svg class="octicon-copy" aria-hidden="true" viewBox="0 0 16 16" fill="currentColor" height="12" width="12"><path fill-rule="evenodd" d="M0 6.75C0 5.784.784 5 1.75 5h1.5a.75.75 0 010 1.5h-1.5a.25.25 0 00-.25.25v7.5c0 .138.112.25.25.25h7.5a.25.25 0 00.25-.25v-1.5a.75.75 0 011.5 0v1.5A1.75 1.75 0 019.25 16h-7.5A1.75 1.75 0 010 14.25v-7.5z"></path><path fill-rule="evenodd" d="M5 1.75C5 .784 5.784 0 6.75 0h7.5C15.216 0 16 .784 16 1.75v7.5A1.75 1.75 0 0114.25 11h-7.5A1.75 1.75 0 015 9.25v-7.5zm1.75-.25a.25.25 0 00-.25.25v7.5c0 .138.112.25.25.25h7.5a.25.25 0 00.25-.25v-7.5a.25.25 0 00-.25-.25h-7.5z"></path></svg><svg class="octicon-check" aria-hidden="true" viewBox="0 0 16 16" fill="currentColor" height="12" width="12"><path fill-rule="evenodd" d="M13.78 4.22a.75.75 0 010 1.06l-7.25 7.25a.75.75 0 01-1.06 0L2.22 9.28a.75.75 0 011.06-1.06L6 10.94l6.72-6.72a.75.75 0 011.06 0z"></path></svg></div></pre>
<p>我们一看就明白个差不多了root有所有权限只要仿照现有root的例子就行我们在下面加一行最好用tab作为空白</p>
<pre class="language-shell"><code class="language-shell code-highlight"><span class="code-line line-number" line="1">foobar <span class="token assign-left variable">ALL</span><span class="token operator">=</span><span class="token punctuation">(</span>ALL<span class="token punctuation">)</span> ALL
</span></code><div onclick="copied(this)" data-code="foobar ALL=(ALL) ALL
" class="copied"><svg class="octicon-copy" aria-hidden="true" viewBox="0 0 16 16" fill="currentColor" height="12" width="12"><path fill-rule="evenodd" d="M0 6.75C0 5.784.784 5 1.75 5h1.5a.75.75 0 010 1.5h-1.5a.25.25 0 00-.25.25v7.5c0 .138.112.25.25.25h7.5a.25.25 0 00.25-.25v-1.5a.75.75 0 011.5 0v1.5A1.75 1.75 0 019.25 16h-7.5A1.75 1.75 0 010 14.25v-7.5z"></path><path fill-rule="evenodd" d="M5 1.75C5 .784 5.784 0 6.75 0h7.5C15.216 0 16 .784 16 1.75v7.5A1.75 1.75 0 0114.25 11h-7.5A1.75 1.75 0 015 9.25v-7.5zm1.75-.25a.25.25 0 00-.25.25v7.5c0 .138.112.25.25.25h7.5a.25.25 0 00.25-.25v-7.5a.25.25 0 00-.25-.25h-7.5z"></path></svg><svg class="octicon-check" aria-hidden="true" viewBox="0 0 16 16" fill="currentColor" height="12" width="12"><path fill-rule="evenodd" d="M13.78 4.22a.75.75 0 010 1.06l-7.25 7.25a.75.75 0 01-1.06 0L2.22 9.28a.75.75 0 011.06-1.06L6 10.94l6.72-6.72a.75.75 0 011.06 0z"></path></svg></div></pre>
<p>保存退出后切换到foobar用户我们用它的身份执行命令</p>
<pre class="language-shell"><code class="language-shell code-highlight"><span class="code-line line-number" line="1"><span class="token punctuation">[</span>foobar@localhost ~<span class="token punctuation">]</span>$ <span class="token function">ls</span> /root
</span><span class="code-line line-number" line="2">ls: /root: 权限不够
</span><span class="code-line line-number" line="3">
</span><span class="code-line line-number" line="4"><span class="token punctuation">[</span>foobar@localhost ~<span class="token punctuation">]</span>$ <span class="token function">sudo</span> <span class="token function">ls</span> /root
</span><span class="code-line line-number" line="5">PassWord:
</span><span class="code-line line-number" line="6">anaconda-ks.cfg Desktop install.log install.log.syslog
</span></code><div onclick="copied(this)" data-code="[foobar@localhost ~]$ ls /root
ls: /root: 权限不够
[foobar@localhost ~]$ sudo ls /root
PassWord:
anaconda-ks.cfg Desktop install.log install.log.syslog
" class="copied"><svg class="octicon-copy" aria-hidden="true" viewBox="0 0 16 16" fill="currentColor" height="12" width="12"><path fill-rule="evenodd" d="M0 6.75C0 5.784.784 5 1.75 5h1.5a.75.75 0 010 1.5h-1.5a.25.25 0 00-.25.25v7.5c0 .138.112.25.25.25h7.5a.25.25 0 00.25-.25v-1.5a.75.75 0 011.5 0v1.5A1.75 1.75 0 019.25 16h-7.5A1.75 1.75 0 010 14.25v-7.5z"></path><path fill-rule="evenodd" d="M5 1.75C5 .784 5.784 0 6.75 0h7.5C15.216 0 16 .784 16 1.75v7.5A1.75 1.75 0 0114.25 11h-7.5A1.75 1.75 0 015 9.25v-7.5zm1.75-.25a.25.25 0 00-.25.25v7.5c0 .138.112.25.25.25h7.5a.25.25 0 00.25-.25v-7.5a.25.25 0 00-.25-.25h-7.5z"></path></svg><svg class="octicon-check" aria-hidden="true" viewBox="0 0 16 16" fill="currentColor" height="12" width="12"><path fill-rule="evenodd" d="M13.78 4.22a.75.75 0 010 1.06l-7.25 7.25a.75.75 0 01-1.06 0L2.22 9.28a.75.75 0 011.06-1.06L6 10.94l6.72-6.72a.75.75 0 011.06 0z"></path></svg></div></pre>
<p>好了我们限制一下foobar的权利不让他为所欲为。比如我们只想让他像root那样使用ls和ifconfig把那一行改为</p>
<pre class="language-shell"><code class="language-shell code-highlight"><span class="code-line line-number" line="1">foobar <span class="token assign-left variable">localhost</span><span class="token operator">=</span> /sbin/ifconfig, /bin/ls
</span></code><div onclick="copied(this)" data-code="foobar localhost= /sbin/ifconfig, /bin/ls
" class="copied"><svg class="octicon-copy" aria-hidden="true" viewBox="0 0 16 16" fill="currentColor" height="12" width="12"><path fill-rule="evenodd" d="M0 6.75C0 5.784.784 5 1.75 5h1.5a.75.75 0 010 1.5h-1.5a.25.25 0 00-.25.25v7.5c0 .138.112.25.25.25h7.5a.25.25 0 00.25-.25v-1.5a.75.75 0 011.5 0v1.5A1.75 1.75 0 019.25 16h-7.5A1.75 1.75 0 010 14.25v-7.5z"></path><path fill-rule="evenodd" d="M5 1.75C5 .784 5.784 0 6.75 0h7.5C15.216 0 16 .784 16 1.75v7.5A1.75 1.75 0 0114.25 11h-7.5A1.75 1.75 0 015 9.25v-7.5zm1.75-.25a.25.25 0 00-.25.25v7.5c0 .138.112.25.25.25h7.5a.25.25 0 00.25-.25v-7.5a.25.25 0 00-.25-.25h-7.5z"></path></svg><svg class="octicon-check" aria-hidden="true" viewBox="0 0 16 16" fill="currentColor" height="12" width="12"><path fill-rule="evenodd" d="M13.78 4.22a.75.75 0 010 1.06l-7.25 7.25a.75.75 0 01-1.06 0L2.22 9.28a.75.75 0 011.06-1.06L6 10.94l6.72-6.72a.75.75 0 011.06 0z"></path></svg></div></pre>
<p>再来执行命令:</p>
<pre class="language-shell"><code class="language-shell code-highlight"><span class="code-line line-number" line="1"><span class="token punctuation">[</span>foobar@localhost ~<span class="token punctuation">]</span>$ <span class="token function">sudo</span> <span class="token function">head</span> <span class="token parameter variable">-5</span> /etc/shadow
</span><span class="code-line line-number" line="2">Password:
</span><span class="code-line line-number" line="3">Sorry, user foobar is not allowed to execute <span class="token string">'/usr/bin/head -5 /etc/shadow'</span> as root on localhost.localdomain.
</span><span class="code-line line-number" line="4">
</span><span class="code-line line-number" line="5"><span class="token punctuation">[</span>foobar@localhost ~<span class="token punctuation">]</span>$ <span class="token function">sudo</span> /sbin/ifconfigeth0 Linkencap:Ethernet HWaddr 00:14:85:EC:E9:9B<span class="token punctuation">..</span>.
</span></code><div onclick="copied(this)" data-code="[foobar@localhost ~]$ sudo head -5 /etc/shadow
Password:
Sorry, user foobar is not allowed to execute &#x27;/usr/bin/head -5 /etc/shadow&#x27; as root on localhost.localdomain.
[foobar@localhost ~]$ sudo /sbin/ifconfigeth0 Linkencap:Ethernet HWaddr 00:14:85:EC:E9:9B...
" class="copied"><svg class="octicon-copy" aria-hidden="true" viewBox="0 0 16 16" fill="currentColor" height="12" width="12"><path fill-rule="evenodd" d="M0 6.75C0 5.784.784 5 1.75 5h1.5a.75.75 0 010 1.5h-1.5a.25.25 0 00-.25.25v7.5c0 .138.112.25.25.25h7.5a.25.25 0 00.25-.25v-1.5a.75.75 0 011.5 0v1.5A1.75 1.75 0 019.25 16h-7.5A1.75 1.75 0 010 14.25v-7.5z"></path><path fill-rule="evenodd" d="M5 1.75C5 .784 5.784 0 6.75 0h7.5C15.216 0 16 .784 16 1.75v7.5A1.75 1.75 0 0114.25 11h-7.5A1.75 1.75 0 015 9.25v-7.5zm1.75-.25a.25.25 0 00-.25.25v7.5c0 .138.112.25.25.25h7.5a.25.25 0 00.25-.25v-7.5a.25.25 0 00-.25-.25h-7.5z"></path></svg><svg class="octicon-check" aria-hidden="true" viewBox="0 0 16 16" fill="currentColor" height="12" width="12"><path fill-rule="evenodd" d="M13.78 4.22a.75.75 0 010 1.06l-7.25 7.25a.75.75 0 01-1.06 0L2.22 9.28a.75.75 0 011.06-1.06L6 10.94l6.72-6.72a.75.75 0 011.06 0z"></path></svg></div></pre>
<p>现在让我们来看一下那三个ALL到底是什么意思。第一个ALL是指网络中的主机我们后面把它改成了主机名它指明foobar可以在此主机上执行后面的命令。第二个括号里的ALL是指目标用户也就是以谁的身份去执行命令。最后一个ALL当然就是指命令名了。例如我们想让foobar用户在linux主机上以jimmy或rene的身份执行kill命令这样编写配置文件</p>
<pre class="language-shell"><code class="language-shell code-highlight"><span class="code-line line-number" line="1">foobar <span class="token assign-left variable">linux</span><span class="token operator">=</span><span class="token punctuation">(</span>jimmy,rene<span class="token punctuation">)</span> /bin/kill
</span></code><div onclick="copied(this)" data-code="foobar linux=(jimmy,rene) /bin/kill
" class="copied"><svg class="octicon-copy" aria-hidden="true" viewBox="0 0 16 16" fill="currentColor" height="12" width="12"><path fill-rule="evenodd" d="M0 6.75C0 5.784.784 5 1.75 5h1.5a.75.75 0 010 1.5h-1.5a.25.25 0 00-.25.25v7.5c0 .138.112.25.25.25h7.5a.25.25 0 00.25-.25v-1.5a.75.75 0 011.5 0v1.5A1.75 1.75 0 019.25 16h-7.5A1.75 1.75 0 010 14.25v-7.5z"></path><path fill-rule="evenodd" d="M5 1.75C5 .784 5.784 0 6.75 0h7.5C15.216 0 16 .784 16 1.75v7.5A1.75 1.75 0 0114.25 11h-7.5A1.75 1.75 0 015 9.25v-7.5zm1.75-.25a.25.25 0 00-.25.25v7.5c0 .138.112.25.25.25h7.5a.25.25 0 00.25-.25v-7.5a.25.25 0 00-.25-.25h-7.5z"></path></svg><svg class="octicon-check" aria-hidden="true" viewBox="0 0 16 16" fill="currentColor" height="12" width="12"><path fill-rule="evenodd" d="M13.78 4.22a.75.75 0 010 1.06l-7.25 7.25a.75.75 0 01-1.06 0L2.22 9.28a.75.75 0 011.06-1.06L6 10.94l6.72-6.72a.75.75 0 011.06 0z"></path></svg></div></pre>
<p>但这还有个问题foobar到底以jimmy还是rene的身份执行这时我们应该想到了<code>sudo -u</code>了,它正是用在这种时候。 foobar可以使用<code>sudo -u jimmy kill PID</code>或者<code>sudo -u rene kill PID</code>,但这样挺麻烦,其实我们可以不必每次加<code>-u</code>把rene或jimmy设为默认的目标用户即可。再在上面加一行</p>
<pre class="language-shell"><code class="language-shell code-highlight"><span class="code-line line-number" line="1">Defaults:foobar <span class="token assign-left variable">runas_default</span><span class="token operator">=</span>rene
</span></code><div onclick="copied(this)" data-code="Defaults:foobar runas_default=rene
" class="copied"><svg class="octicon-copy" aria-hidden="true" viewBox="0 0 16 16" fill="currentColor" height="12" width="12"><path fill-rule="evenodd" d="M0 6.75C0 5.784.784 5 1.75 5h1.5a.75.75 0 010 1.5h-1.5a.25.25 0 00-.25.25v7.5c0 .138.112.25.25.25h7.5a.25.25 0 00.25-.25v-1.5a.75.75 0 011.5 0v1.5A1.75 1.75 0 019.25 16h-7.5A1.75 1.75 0 010 14.25v-7.5z"></path><path fill-rule="evenodd" d="M5 1.75C5 .784 5.784 0 6.75 0h7.5C15.216 0 16 .784 16 1.75v7.5A1.75 1.75 0 0114.25 11h-7.5A1.75 1.75 0 015 9.25v-7.5zm1.75-.25a.25.25 0 00-.25.25v7.5c0 .138.112.25.25.25h7.5a.25.25 0 00.25-.25v-7.5a.25.25 0 00-.25-.25h-7.5z"></path></svg><svg class="octicon-check" aria-hidden="true" viewBox="0 0 16 16" fill="currentColor" height="12" width="12"><path fill-rule="evenodd" d="M13.78 4.22a.75.75 0 010 1.06l-7.25 7.25a.75.75 0 01-1.06 0L2.22 9.28a.75.75 0 011.06-1.06L6 10.94l6.72-6.72a.75.75 0 011.06 0z"></path></svg></div></pre>
<p>Defaults后面如果有冒号是对后面用户的默认如果没有则是对所有用户的默认。就像配置文件中自带的一行</p>
<pre class="language-shell"><code class="language-shell code-highlight"><span class="code-line line-number" line="1">Defaults env_reset
</span></code><div onclick="copied(this)" data-code="Defaults env_reset
" class="copied"><svg class="octicon-copy" aria-hidden="true" viewBox="0 0 16 16" fill="currentColor" height="12" width="12"><path fill-rule="evenodd" d="M0 6.75C0 5.784.784 5 1.75 5h1.5a.75.75 0 010 1.5h-1.5a.25.25 0 00-.25.25v7.5c0 .138.112.25.25.25h7.5a.25.25 0 00.25-.25v-1.5a.75.75 0 011.5 0v1.5A1.75 1.75 0 019.25 16h-7.5A1.75 1.75 0 010 14.25v-7.5z"></path><path fill-rule="evenodd" d="M5 1.75C5 .784 5.784 0 6.75 0h7.5C15.216 0 16 .784 16 1.75v7.5A1.75 1.75 0 0114.25 11h-7.5A1.75 1.75 0 015 9.25v-7.5zm1.75-.25a.25.25 0 00-.25.25v7.5c0 .138.112.25.25.25h7.5a.25.25 0 00.25-.25v-7.5a.25.25 0 00-.25-.25h-7.5z"></path></svg><svg class="octicon-check" aria-hidden="true" viewBox="0 0 16 16" fill="currentColor" height="12" width="12"><path fill-rule="evenodd" d="M13.78 4.22a.75.75 0 010 1.06l-7.25 7.25a.75.75 0 01-1.06 0L2.22 9.28a.75.75 0 011.06-1.06L6 10.94l6.72-6.72a.75.75 0 011.06 0z"></path></svg></div></pre>
<p>另一个问题是很多时候我们本来就登录了每次使用sudo还要输入密码就显得烦琐了。我们可不可以不再输入密码呢当然可以我们这样修改配置文件</p>
<pre class="language-shell"><code class="language-shell code-highlight"><span class="code-line line-number" line="1">foobar <span class="token assign-left variable">localhost</span><span class="token operator">=</span>NOPASSWD: /bin/cat, /bin/ls
</span></code><div onclick="copied(this)" data-code="foobar localhost=NOPASSWD: /bin/cat, /bin/ls
" class="copied"><svg class="octicon-copy" aria-hidden="true" viewBox="0 0 16 16" fill="currentColor" height="12" width="12"><path fill-rule="evenodd" d="M0 6.75C0 5.784.784 5 1.75 5h1.5a.75.75 0 010 1.5h-1.5a.25.25 0 00-.25.25v7.5c0 .138.112.25.25.25h7.5a.25.25 0 00.25-.25v-1.5a.75.75 0 011.5 0v1.5A1.75 1.75 0 019.25 16h-7.5A1.75 1.75 0 010 14.25v-7.5z"></path><path fill-rule="evenodd" d="M5 1.75C5 .784 5.784 0 6.75 0h7.5C15.216 0 16 .784 16 1.75v7.5A1.75 1.75 0 0114.25 11h-7.5A1.75 1.75 0 015 9.25v-7.5zm1.75-.25a.25.25 0 00-.25.25v7.5c0 .138.112.25.25.25h7.5a.25.25 0 00.25-.25v-7.5a.25.25 0 00-.25-.25h-7.5z"></path></svg><svg class="octicon-check" aria-hidden="true" viewBox="0 0 16 16" fill="currentColor" height="12" width="12"><path fill-rule="evenodd" d="M13.78 4.22a.75.75 0 010 1.06l-7.25 7.25a.75.75 0 01-1.06 0L2.22 9.28a.75.75 0 011.06-1.06L6 10.94l6.72-6.72a.75.75 0 011.06 0z"></path></svg></div></pre>
<p>再来sudo一下</p>
<pre class="language-shell"><code class="language-shell code-highlight"><span class="code-line line-number" line="1"><span class="token punctuation">[</span>foobar@localhost ~<span class="token punctuation">]</span>$ <span class="token function">sudo</span> <span class="token function">ls</span> /rootanaconda-ks.cfg Desktop install.log
</span><span class="code-line line-number" line="2">install.log.syslog
</span></code><div onclick="copied(this)" data-code="[foobar@localhost ~]$ sudo ls /rootanaconda-ks.cfg Desktop install.log
install.log.syslog
" class="copied"><svg class="octicon-copy" aria-hidden="true" viewBox="0 0 16 16" fill="currentColor" height="12" width="12"><path fill-rule="evenodd" d="M0 6.75C0 5.784.784 5 1.75 5h1.5a.75.75 0 010 1.5h-1.5a.25.25 0 00-.25.25v7.5c0 .138.112.25.25.25h7.5a.25.25 0 00.25-.25v-1.5a.75.75 0 011.5 0v1.5A1.75 1.75 0 019.25 16h-7.5A1.75 1.75 0 010 14.25v-7.5z"></path><path fill-rule="evenodd" d="M5 1.75C5 .784 5.784 0 6.75 0h7.5C15.216 0 16 .784 16 1.75v7.5A1.75 1.75 0 0114.25 11h-7.5A1.75 1.75 0 015 9.25v-7.5zm1.75-.25a.25.25 0 00-.25.25v7.5c0 .138.112.25.25.25h7.5a.25.25 0 00.25-.25v-7.5a.25.25 0 00-.25-.25h-7.5z"></path></svg><svg class="octicon-check" aria-hidden="true" viewBox="0 0 16 16" fill="currentColor" height="12" width="12"><path fill-rule="evenodd" d="M13.78 4.22a.75.75 0 010 1.06l-7.25 7.25a.75.75 0 01-1.06 0L2.22 9.28a.75.75 0 011.06-1.06L6 10.94l6.72-6.72a.75.75 0 011.06 0z"></path></svg></div></pre>
<p>当然你也可以说“某些命令用户foobar不可以运行”通过使用!操作符,但这不是一个好主意。因为,用!操作符来从ALL中“剔出”一些命令一般是没什么效果的一个用户完全可以把那个命令拷贝到别的地方换一个名字后再来运行。</p>
<p><strong>日志与安全</strong></p>
<p>sudo为安全考虑得很周到不仅可以记录日志还能在有必要时向系统管理员报告。但是sudo的日志功能不是自动的必须由管理员开启。这样来做</p>
<pre class="language-shell"><code class="language-shell code-highlight"><span class="code-line line-number" line="1"><span class="token function">touch</span> /var/log/sudo
</span><span class="code-line line-number" line="2"><span class="token function">vi</span> /etc/syslog.conf
</span></code><div onclick="copied(this)" data-code="touch /var/log/sudo
vi /etc/syslog.conf
" class="copied"><svg class="octicon-copy" aria-hidden="true" viewBox="0 0 16 16" fill="currentColor" height="12" width="12"><path fill-rule="evenodd" d="M0 6.75C0 5.784.784 5 1.75 5h1.5a.75.75 0 010 1.5h-1.5a.25.25 0 00-.25.25v7.5c0 .138.112.25.25.25h7.5a.25.25 0 00.25-.25v-1.5a.75.75 0 011.5 0v1.5A1.75 1.75 0 019.25 16h-7.5A1.75 1.75 0 010 14.25v-7.5z"></path><path fill-rule="evenodd" d="M5 1.75C5 .784 5.784 0 6.75 0h7.5C15.216 0 16 .784 16 1.75v7.5A1.75 1.75 0 0114.25 11h-7.5A1.75 1.75 0 015 9.25v-7.5zm1.75-.25a.25.25 0 00-.25.25v7.5c0 .138.112.25.25.25h7.5a.25.25 0 00.25-.25v-7.5a.25.25 0 00-.25-.25h-7.5z"></path></svg><svg class="octicon-check" aria-hidden="true" viewBox="0 0 16 16" fill="currentColor" height="12" width="12"><path fill-rule="evenodd" d="M13.78 4.22a.75.75 0 010 1.06l-7.25 7.25a.75.75 0 01-1.06 0L2.22 9.28a.75.75 0 011.06-1.06L6 10.94l6.72-6.72a.75.75 0 011.06 0z"></path></svg></div></pre>
<p>在syslog.conf最后面加一行必须用tab分割开并保存</p>
<pre class="language-shell"><code class="language-shell code-highlight"><span class="code-line line-number" line="1">local2.debug /var/log/sudo
</span></code><div onclick="copied(this)" data-code="local2.debug /var/log/sudo
" class="copied"><svg class="octicon-copy" aria-hidden="true" viewBox="0 0 16 16" fill="currentColor" height="12" width="12"><path fill-rule="evenodd" d="M0 6.75C0 5.784.784 5 1.75 5h1.5a.75.75 0 010 1.5h-1.5a.25.25 0 00-.25.25v7.5c0 .138.112.25.25.25h7.5a.25.25 0 00.25-.25v-1.5a.75.75 0 011.5 0v1.5A1.75 1.75 0 019.25 16h-7.5A1.75 1.75 0 010 14.25v-7.5z"></path><path fill-rule="evenodd" d="M5 1.75C5 .784 5.784 0 6.75 0h7.5C15.216 0 16 .784 16 1.75v7.5A1.75 1.75 0 0114.25 11h-7.5A1.75 1.75 0 015 9.25v-7.5zm1.75-.25a.25.25 0 00-.25.25v7.5c0 .138.112.25.25.25h7.5a.25.25 0 00.25-.25v-7.5a.25.25 0 00-.25-.25h-7.5z"></path></svg><svg class="octicon-check" aria-hidden="true" viewBox="0 0 16 16" fill="currentColor" height="12" width="12"><path fill-rule="evenodd" d="M13.78 4.22a.75.75 0 010 1.06l-7.25 7.25a.75.75 0 01-1.06 0L2.22 9.28a.75.75 0 011.06-1.06L6 10.94l6.72-6.72a.75.75 0 011.06 0z"></path></svg></div></pre>
<p>重启日志守候进程,</p>
<pre class="language-shell"><code class="language-shell code-highlight"><span class="code-line line-number" line="1"><span class="token function">ps</span> aux <span class="token function">grep</span> syslogd
</span></code><div onclick="copied(this)" data-code="ps aux grep syslogd
" class="copied"><svg class="octicon-copy" aria-hidden="true" viewBox="0 0 16 16" fill="currentColor" height="12" width="12"><path fill-rule="evenodd" d="M0 6.75C0 5.784.784 5 1.75 5h1.5a.75.75 0 010 1.5h-1.5a.25.25 0 00-.25.25v7.5c0 .138.112.25.25.25h7.5a.25.25 0 00.25-.25v-1.5a.75.75 0 011.5 0v1.5A1.75 1.75 0 019.25 16h-7.5A1.75 1.75 0 010 14.25v-7.5z"></path><path fill-rule="evenodd" d="M5 1.75C5 .784 5.784 0 6.75 0h7.5C15.216 0 16 .784 16 1.75v7.5A1.75 1.75 0 0114.25 11h-7.5A1.75 1.75 0 015 9.25v-7.5zm1.75-.25a.25.25 0 00-.25.25v7.5c0 .138.112.25.25.25h7.5a.25.25 0 00.25-.25v-7.5a.25.25 0 00-.25-.25h-7.5z"></path></svg><svg class="octicon-check" aria-hidden="true" viewBox="0 0 16 16" fill="currentColor" height="12" width="12"><path fill-rule="evenodd" d="M13.78 4.22a.75.75 0 010 1.06l-7.25 7.25a.75.75 0 01-1.06 0L2.22 9.28a.75.75 0 011.06-1.06L6 10.94l6.72-6.72a.75.75 0 011.06 0z"></path></svg></div></pre>
<p>把得到的syslogd进程的PID输出的第二列是PID填入下面</p>
<pre class="language-shell"><code class="language-shell code-highlight"><span class="code-line line-number" line="1"><span class="token function">kill</span> HUP PID
</span></code><div onclick="copied(this)" data-code="kill HUP PID
" class="copied"><svg class="octicon-copy" aria-hidden="true" viewBox="0 0 16 16" fill="currentColor" height="12" width="12"><path fill-rule="evenodd" d="M0 6.75C0 5.784.784 5 1.75 5h1.5a.75.75 0 010 1.5h-1.5a.25.25 0 00-.25.25v7.5c0 .138.112.25.25.25h7.5a.25.25 0 00.25-.25v-1.5a.75.75 0 011.5 0v1.5A1.75 1.75 0 019.25 16h-7.5A1.75 1.75 0 010 14.25v-7.5z"></path><path fill-rule="evenodd" d="M5 1.75C5 .784 5.784 0 6.75 0h7.5C15.216 0 16 .784 16 1.75v7.5A1.75 1.75 0 0114.25 11h-7.5A1.75 1.75 0 015 9.25v-7.5zm1.75-.25a.25.25 0 00-.25.25v7.5c0 .138.112.25.25.25h7.5a.25.25 0 00.25-.25v-7.5a.25.25 0 00-.25-.25h-7.5z"></path></svg><svg class="octicon-check" aria-hidden="true" viewBox="0 0 16 16" fill="currentColor" height="12" width="12"><path fill-rule="evenodd" d="M13.78 4.22a.75.75 0 010 1.06l-7.25 7.25a.75.75 0 01-1.06 0L2.22 9.28a.75.75 0 011.06-1.06L6 10.94l6.72-6.72a.75.75 0 011.06 0z"></path></svg></div></pre>
<p>这样sudo就可以写日志了</p>
<pre class="language-shell"><code class="language-shell code-highlight"><span class="code-line line-number" line="1"><span class="token punctuation">[</span>foobar@localhost ~<span class="token punctuation">]</span>$ <span class="token function">sudo</span> <span class="token function">ls</span> /rootanaconda-ks.cfg
</span><span class="code-line line-number" line="2">Desktop install.log
</span><span class="code-line line-number" line="3">install.log.syslog
</span><span class="code-line line-number" line="4"><span class="token variable">$cat</span> /var/log/sudoJul <span class="token number">28</span> <span class="token number">22</span>:52:54 localhost sudo: foobar <span class="token builtin class-name">:</span>
</span><span class="code-line line-number" line="5"><span class="token assign-left variable">TTY</span><span class="token operator">=</span>pts/1 <span class="token punctuation">;</span> <span class="token assign-left variable">pwd</span><span class="token operator">=</span>/home/foobar <span class="token punctuation">;</span> <span class="token assign-left variable"><span class="token environment constant">USER</span></span><span class="token operator">=</span>root <span class="token punctuation">;</span> <span class="token assign-left variable">command</span><span class="token operator">=</span>/bin/ls /root
</span></code><div onclick="copied(this)" data-code="[foobar@localhost ~]$ sudo ls /rootanaconda-ks.cfg
Desktop install.log
install.log.syslog
$cat /var/log/sudoJul 28 22:52:54 localhost sudo: foobar :
TTY=pts/1 ; pwd=/home/foobar ; USER=root ; command=/bin/ls /root
" class="copied"><svg class="octicon-copy" aria-hidden="true" viewBox="0 0 16 16" fill="currentColor" height="12" width="12"><path fill-rule="evenodd" d="M0 6.75C0 5.784.784 5 1.75 5h1.5a.75.75 0 010 1.5h-1.5a.25.25 0 00-.25.25v7.5c0 .138.112.25.25.25h7.5a.25.25 0 00.25-.25v-1.5a.75.75 0 011.5 0v1.5A1.75 1.75 0 019.25 16h-7.5A1.75 1.75 0 010 14.25v-7.5z"></path><path fill-rule="evenodd" d="M5 1.75C5 .784 5.784 0 6.75 0h7.5C15.216 0 16 .784 16 1.75v7.5A1.75 1.75 0 0114.25 11h-7.5A1.75 1.75 0 015 9.25v-7.5zm1.75-.25a.25.25 0 00-.25.25v7.5c0 .138.112.25.25.25h7.5a.25.25 0 00.25-.25v-7.5a.25.25 0 00-.25-.25h-7.5z"></path></svg><svg class="octicon-check" aria-hidden="true" viewBox="0 0 16 16" fill="currentColor" height="12" width="12"><path fill-rule="evenodd" d="M13.78 4.22a.75.75 0 010 1.06l-7.25 7.25a.75.75 0 01-1.06 0L2.22 9.28a.75.75 0 011.06-1.06L6 10.94l6.72-6.72a.75.75 0 011.06 0z"></path></svg></div></pre>
<p>不过有一个小小的“缺陷”sudo记录日志并不是很忠实</p>
<pre class="language-shell"><code class="language-shell code-highlight"><span class="code-line line-number" line="1"><span class="token punctuation">[</span>foobar@localhost ~<span class="token punctuation">]</span>$ <span class="token function">sudo</span> <span class="token function">cat</span> /etc/shadow <span class="token operator">></span> /dev/null
</span><span class="code-line line-number" line="2"><span class="token function">cat</span> /var/log/sudo<span class="token punctuation">..</span>.Jul <span class="token number">28</span> <span class="token number">23</span>:10:24 localhost sudo: foobar <span class="token builtin class-name">:</span> <span class="token assign-left variable">TTY</span><span class="token operator">=</span>pts/1 <span class="token punctuation">;</span>
</span><span class="code-line line-number" line="3"><span class="token assign-left variable"><span class="token environment constant">PWD</span></span><span class="token operator">=</span>/home/foobar <span class="token punctuation">;</span> <span class="token assign-left variable"><span class="token environment constant">USER</span></span><span class="token operator">=</span>root <span class="token punctuation">;</span> <span class="token assign-left variable">COMMAND</span><span class="token operator">=</span>/bin/cat /etc/shadow
</span></code><div onclick="copied(this)" data-code="[foobar@localhost ~]$ sudo cat /etc/shadow > /dev/null
cat /var/log/sudo...Jul 28 23:10:24 localhost sudo: foobar : TTY=pts/1 ;
PWD=/home/foobar ; USER=root ; COMMAND=/bin/cat /etc/shadow
" class="copied"><svg class="octicon-copy" aria-hidden="true" viewBox="0 0 16 16" fill="currentColor" height="12" width="12"><path fill-rule="evenodd" d="M0 6.75C0 5.784.784 5 1.75 5h1.5a.75.75 0 010 1.5h-1.5a.25.25 0 00-.25.25v7.5c0 .138.112.25.25.25h7.5a.25.25 0 00.25-.25v-1.5a.75.75 0 011.5 0v1.5A1.75 1.75 0 019.25 16h-7.5A1.75 1.75 0 010 14.25v-7.5z"></path><path fill-rule="evenodd" d="M5 1.75C5 .784 5.784 0 6.75 0h7.5C15.216 0 16 .784 16 1.75v7.5A1.75 1.75 0 0114.25 11h-7.5A1.75 1.75 0 015 9.25v-7.5zm1.75-.25a.25.25 0 00-.25.25v7.5c0 .138.112.25.25.25h7.5a.25.25 0 00.25-.25v-7.5a.25.25 0 00-.25-.25h-7.5z"></path></svg><svg class="octicon-check" aria-hidden="true" viewBox="0 0 16 16" fill="currentColor" height="12" width="12"><path fill-rule="evenodd" d="M13.78 4.22a.75.75 0 010 1.06l-7.25 7.25a.75.75 0 01-1.06 0L2.22 9.28a.75.75 0 011.06-1.06L6 10.94l6.72-6.72a.75.75 0 011.06 0z"></path></svg></div></pre>
<p>重定向没有被记录在案为什么因为在命令运行之前shell把重定向的工作做完了sudo根本就没看到重定向。这也有个好处下面的手段不会得逞</p>
<pre class="language-shell"><code class="language-shell code-highlight"><span class="code-line line-number" line="1"><span class="token punctuation">[</span>foobar@localhost ~<span class="token punctuation">]</span>$ <span class="token function">sudo</span> <span class="token function">ls</span> /root <span class="token operator">></span> /etc/shadowbash: /etc/shadow: 权限不够
</span></code><div onclick="copied(this)" data-code="[foobar@localhost ~]$ sudo ls /root > /etc/shadowbash: /etc/shadow: 权限不够
" class="copied"><svg class="octicon-copy" aria-hidden="true" viewBox="0 0 16 16" fill="currentColor" height="12" width="12"><path fill-rule="evenodd" d="M0 6.75C0 5.784.784 5 1.75 5h1.5a.75.75 0 010 1.5h-1.5a.25.25 0 00-.25.25v7.5c0 .138.112.25.25.25h7.5a.25.25 0 00.25-.25v-1.5a.75.75 0 011.5 0v1.5A1.75 1.75 0 019.25 16h-7.5A1.75 1.75 0 010 14.25v-7.5z"></path><path fill-rule="evenodd" d="M5 1.75C5 .784 5.784 0 6.75 0h7.5C15.216 0 16 .784 16 1.75v7.5A1.75 1.75 0 0114.25 11h-7.5A1.75 1.75 0 015 9.25v-7.5zm1.75-.25a.25.25 0 00-.25.25v7.5c0 .138.112.25.25.25h7.5a.25.25 0 00.25-.25v-7.5a.25.25 0 00-.25-.25h-7.5z"></path></svg><svg class="octicon-check" aria-hidden="true" viewBox="0 0 16 16" fill="currentColor" height="12" width="12"><path fill-rule="evenodd" d="M13.78 4.22a.75.75 0 010 1.06l-7.25 7.25a.75.75 0 01-1.06 0L2.22 9.28a.75.75 0 011.06-1.06L6 10.94l6.72-6.72a.75.75 0 011.06 0z"></path></svg></div></pre>
<p>sudo 有自己的方式来保护安全。以root的身份执行<code>sudo-V</code>查看一下sudo的设置。因为考虑到安全问题一部分环境变量并没有传递给sudo后面的命令或者被检查后再传递的比如PATHHOMESHELL等。当然你也可以通过sudoers来配置这些环境变量。</p>
<style>markdown-style pre .copied {
display: flex;
position: absolute;
cursor: pointer;
color: #a5afbb;
top: 6px;
right: 6px;
border-radius: 5px;
background: #82828226;
padding: 6px;
font-size: 12px;
transition: all .3s;
}
markdown-style pre .copied:not(.active) {
visibility: hidden;
}
markdown-style pre:hover .copied {
visibility: visible;
}
markdown-style pre:hover .copied:hover {
background: #4caf50;
color: #fff;
}
markdown-style pre:hover .copied:active,
markdown-style pre .copied.active {
background: #2e9b33;
color: #fff;
}
markdown-style pre .copied .octicon-copy {
display: block;
}
markdown-style pre .copied .octicon-check {
display: none;
}
markdown-style pre .active .octicon-copy {
display: none;
}
markdown-style pre .active .octicon-check {
display: block;
}</style><script>/*! @uiw/copy-to-clipboard v1.0.12 | MIT (c) 2021 Kenny Wang | https://github.com/uiwjs/copy-to-clipboard.git */
!function(e,t){"object"==typeof exports&&"undefined"!=typeof module?module.exports=t():"function"==typeof define&&define.amd?define(t):(e="undefined"!=typeof globalThis?globalThis:e||self).copyTextToClipboard=t()}(this,(function(){"use strict";return function(e,t){const o=document.createElement("textarea");o.value=e,o.setAttribute("readonly",""),o.style={position:"absolute",left:"-9999px"},document.body.appendChild(o);const n=document.getSelection().rangeCount>0&&document.getSelection().getRangeAt(0);o.select();let c=!1;try{c=!!document.execCommand("copy")}catch(e){c=!1}document.body.removeChild(o),n&&document.getSelection&&(document.getSelection().removeAllRanges(),document.getSelection().addRange(n)),t&&t(c)}}));
function copied(target, str) {
target.classList.add('active');
copyTextToClipboard(target.dataset.code, function() {
setTimeout(() => {
target.classList.remove('active');
}, 2000);
});
}</script></markdown-style>
</div>
<!-- Linux命令行搜索引擎https://jaywcjlove.github.io/linux-command/ -->
<div class="footer ">
<a target="_blank" href="https://github.com/jaywcjlove/linux-command/new/master/command">添加命令</a> |
<a href="../hot.html">命令列表</a> |
<a href="https://github.com/jaywcjlove/oscnews" target="_blank">Chrome 插件</a> |
<a href="https://github.com/jaywcjlove/linux-command/releases" target="_blank">Alfred</a> |
<a href="https://jaywcjlove.github.io/linux-command/linux-command.docset.zip" target="_blank">Dash</a> |
<a href="https://github.com/roachsinai/krunner-linuxcommands" target="_blank">Krunner</a> |
<a href="http://jaywcjlove.gitee.io/linux-command/" target="_blank">开源中国Web版</a>
<br />
<a href="https://jaywcjlove.github.io/#/sponsor" target="_blank">打赏捐赠</a> |
<a href="https://github.com/jaywcjlove/linux-command" target="_blank">Github</a> |
<a href="https://jaywcjlove.github.io/linux-command/" target="_blank">短地址https://git.io/linux</a>
<br />
收藏本站请使用 Ctrl+D 或者Command+d
<br /> 共搜集到
<span id="commands_info">
611
</span> 个Linux命令超过 <a href="../contributors.html">50+</a> 贡献者
</div>
<script type="text/javascript" src="../js/dt.js?v=1749035196942"></script>
<script type="text/javascript" src="../js/index.js?v=1749035196942"></script>
</body>
</html>
Reference in New Issue View Git Blame Copy Permalink