|
发表于 2009-4-28 00:02:33
|
显示全部楼层
原版的:- # sudoers file.
- #
- # This file MUST be edited with the 'visudo' command as root.
- # Failure to use 'visudo' may result in syntax or file permission errors
- # that prevent sudo from running.
- #
- # See the sudoers man page for the details on how to write a sudoers file.
- #
- # Host alias specification
- # User alias specification
- # Cmnd alias specification
- # Defaults specification
- # Prevent environment variables from influencing programs in an
- # unexpected or harmful way (CVE-2005-2959, CVE-2005-4158, CVE-2006-0151)
- Defaults always_set_home
- Defaults env_reset
- # Change env_reset to !env_reset in previous line to keep all environment variables
- # Following list will no longer be necessary after this change
- Defaults env_keep = "LANG LC_ADDRESS LC_CTYPE LC_COLLATE LC_IDENTIFICATION LC_MEASUREMENT LC_MESSAGES LC_MONETARY LC_NAME LC_NUMERIC LC_PAPER LC_TELEPHONE LC_TIME LC_ALL LANGUAGE LINGUAS XDG_SESSION_COOKIE"
- # Comment out the preceding line and uncomment the following one if you need
- # to use special input methods. This may allow users to compromise the root
- # account if they are allowed to run commands without authentication.
- #Defaults env_keep = "LANG LC_ADDRESS LC_CTYPE LC_COLLATE LC_IDENTIFICATION LC_MEASUREMENT LC_MESSAGES LC_MONETARY LC_NAME LC_NUMERIC LC_PAPER LC_TELEPHONE LC_TIME LC_ALL LANGUAGE LINGUAS XDG_SESSION_COOKIE XMODIFIERS GTK_IM_MODULE QT_IM_MODULE QT_IM_SWITCHER"
- # In the default (unconfigured) configuration, sudo asks for the root password.
- # This allows use of an ordinary user account for administration of a freshly
- # installed system. When configuring sudo, delete the two
- # following lines:
- Defaults targetpw # ask for the password of the target user i.e. root
- ALL ALL=(ALL) ALL # WARNING! Only use this together with 'Defaults targetpw'!
- # Runas alias specification
- # User privilege specification
- root ALL=(ALL) ALL
- # Uncomment to allow people in group wheel to run all commands
- %wheel ALL=(ALL) ALL
- # Same thing without a password
- %wheel ALL=(ALL) NOPASSWD: ALL
- # Samples
- # %users ALL=/sbin/mount /cdrom,/sbin/umount /cdrom
- # %users localhost=/sbin/shutdown -h now
- beyes@linux-beyes:~> uname -a
- Linux linux-beyes 2.6.27.21-0.1-pae #1 SMP 2009-03-31 14:50:44 +0200 i686 i686 i386 GNU/Linux
- beyes@linux-beyes:~> rpm -q gcc
- gcc-4.3-34.168
- beyes@linux-beyes:~> cat /etc/sudoers.bak
- cat: /etc/sudoers.bak: 权限不够
- beyes@linux-beyes:~> sudo cat /etc/sudoers.bak
- # sudoers file.
- #
- # This file MUST be edited with the 'visudo' command as root.
- # Failure to use 'visudo' may result in syntax or file permission errors
- # that prevent sudo from running.
- #
- # See the sudoers man page for the details on how to write a sudoers file.
- #
- # Host alias specification
- # User alias specification
- # Cmnd alias specification
- # Defaults specification
- # Prevent environment variables from influencing programs in an
- # unexpected or harmful way (CVE-2005-2959, CVE-2005-4158, CVE-2006-0151)
- Defaults always_set_home
- Defaults env_reset
- # Change env_reset to !env_reset in previous line to keep all environment variables
- # Following list will no longer be necessary after this change
- Defaults env_keep = "LANG LC_ADDRESS LC_CTYPE LC_COLLATE LC_IDENTIFICATION LC_MEASUREMENT LC_MESSAGES LC_MONETARY LC_NAME LC_NUMERIC LC_PAPER LC_TELEPHONE LC_TIME LC_ALL LANGUAGE LINGUAS XDG_SESSION_COOKIE"
- # Comment out the preceding line and uncomment the following one if you need
- # to use special input methods. This may allow users to compromise the root
- # account if they are allowed to run commands without authentication.
- #Defaults env_keep = "LANG LC_ADDRESS LC_CTYPE LC_COLLATE LC_IDENTIFICATION LC_MEASUREMENT LC_MESSAGES LC_MONETARY LC_NAME LC_NUMERIC LC_PAPER LC_TELEPHONE LC_TIME LC_ALL LANGUAGE LINGUAS XDG_SESSION_COOKIE XMODIFIERS GTK_IM_MODULE QT_IM_MODULE QT_IM_SWITCHER"
- # In the default (unconfigured) configuration, sudo asks for the root password.
- # This allows use of an ordinary user account for administration of a freshly
- # installed system. When configuring sudo, delete the two
- # following lines:
- Defaults targetpw # ask for the password of the target user i.e. root
- ALL ALL=(ALL) ALL # WARNING! Only use this together with 'Defaults targetpw'!
- # Runas alias specification
- # User privilege specification
- root ALL=(ALL) ALL
- # Uncomment to allow people in group wheel to run all commands
- # %wheel ALL=(ALL) ALL
- # Same thing without a password
- # %wheel ALL=(ALL) NOPASSWD: ALL
- # Samples
- # %users ALL=/sbin/mount /cdrom,/sbin/umount /cdrom
- # %users localhost=/sbin/shutdown -h now
复制代码 |
|