Shell 脚本 - Sudo 权限随着时间的推移而丢失 [英] Shell script - Sudo-permissions lost over time

问题描述

我制作了一个简单的 bash 脚本，需要在整个脚本中保持超级用户权限.不幸的是，但可以理解的是，当 sleep 发生时，脚本会失去其 sudo 提升的权限.不适合我:

I've made a simple bash script that need to keep it's super-user privileges throughout the script. Unfortunately, but understandable the script looses its sudo-eleveted permissions when the sleep occurs. Not good for me:

sudo echo "I am sudo!" # Asks for passwords
sleep(60)
sudo echo "I am sudo!" # Need to enter password again.

我想用一个保持 sudo 活动的 while 循环替换 sleep，但我很确定有更好的选项可以使 sudo 权限保持整个脚本?

I thought about replacing the sleep with a while-loop that keeps the sudo alive, but I am pretty sure that there's better options available to make the sudo-permissions stay throughout the script?

谢谢

推荐答案

sudo 的灵活性被广泛低估.这会导致非常糟糕的做法(例如 sudo su - 炮弹手术方法).

The flexibility of sudo is widely under-estimated. This leads to very poor practices (like the sudo su - canon-ball surgery method).

更好的方法是在不使用密码的情况下明确允许您要允许的命令:

phill = NOPASSWD: /bin/ls, /usr/bin/lprm

<小时>

您可以选择为特定主机中的特定用户执行此操作，这些用户以特定管理员用户身份运行.您甚至可以阻止用户将 shell 转义作为参数传递.您可以让 sudo 阻止启动的程序动态执行进一步的应用程序等.您需要阅读 sudoers 的手册页(和请务必阅读编辑此特殊文件的步骤！).

这里有一些东西，(从这里):

Here is a small taste of things, (from here):

User_Alias     OPERATORS = joe, mike, jude
Runas_Alias    OP = root, operator
Host_Alias     OFNET = 10.1.2.0/255.255.255.0
Cmnd_Alias     PRINTING = /usr/sbin/lpc, /usr/bin/lprm

OPERATORS ALL=ALL
#The users in the OPERATORS group can run any command from any terminal.

linus ALL=(OP) ALL
# The user linus can run any command from any terminal as any user in the OP group (root or operator).

user2 OFNET=(ALL) ALL
# user user2 may run any command from any machine in the OFNET network, as any user.

user3 ALL= PRINTING
# user user3 may run lpc and lprm from any machine.

go2linux ALL=(ALL) ALL
# user go2linux may run any command from any machine acting as any user. (like Ubuntu)

 If you want not to be asked for a password use this form
go2linux ALL=(ALL) ALL NO PASSWD: ALL

这篇关于Shell 脚本 - Sudo 权限随着时间的推移而丢失的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！