是否可以为每个用户配置Linux功能? [英] Is it possible to configure Linux capabilities per user?
本文介绍了是否可以为每个用户配置Linux功能?的处理方法,对大家解决问题具有一定的参考价值,需要的朋友们下面随着小编来一起学习吧!
问题描述
Linux内核中似乎支持细粒度功能向进程授予特权以执行某些操作,例如打开原始套接字或提高线程优先级而未授予进程根特权.
There appears to be support for fine-grained capabilities in Linux kernel, which allows granting privileges to a process to do things like, for example, opening raw sockets or raising thread priority without granting the process root privileges.
但是我想知道是否有一种方法可以授予每用户功能.也就是说,允许非根和非suid进程获取那些功能.
However what I'd like to know if there is a way to grant per-user capabilities. That is, allow non-root and non-suid processes to acquire those capabilities.
推荐答案
有limits.conf,可以通过它限制用户或组的某些资源.
There's limits.conf, it is possible to restrict some resources for a user or a group through it.
这篇关于是否可以为每个用户配置Linux功能?的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
查看全文