zoukankan      html  css  js  c++  java
  • sudo使用

    一、免密执行sudo

    1、创建账号

    [root@bogon local]# passwd mysql
    Changing password for user mysql.
    New password:
    BAD PASSWORD: The password is shorter than 8 characters
    Retype new password:

    2、修改/etc/sudoers

    命令行输入 visudo回车即可进入/etc/sudoers下,或者vi /etc/sudoers  找到

    ## Allow root to run any commands anywhere
    root ALL=(ALL) ALL 

    root ALL=(ALL) NOPASSWD:ALL 

    在这个下面添加如下,

    xxx ALL=(ALL) ALL

    sed -i '92a mysql ALL=(ALL) NOPASSWD:ALL ' /etc/sudoers 

    3、把Defaults !visiblepw 改成 Defaults visiblepw

    否则会出现 sudo: no tty present and no askpass program specified

    grep -n "Defaults" /etc/sudoers

    sed -i '55 s/!//g' /etc/sudoers 2>&1 >/dev/null

    然后保存退出,再次切换到普通用户下,执行sudo命令就不用输入密码,

    shell脚本创建用户并添加sudo

    [root@oracledb ~]# cat user_add.sh
    #!/bin/bash
    name=jenkins
    useradd $name
    sed -i '92a $name ALL=(ALL) NOPASSWD:ALL ' /etc/sudoers;grep -n "Defaults" /etc/sudoers;sed -i '55 s/!//g' /etc/sudoers 

    ./user_add.sh 2>&1 >/dev/null

    普通命令切换用户并执行命令

    [root@bogon ~]# su mysql -c "sudo ls"

    anaconda-ks.cfg a.py a.sh c.sh c.txt d.sh lnmp.py password.txt soft user_add.sh

    二、非免密执行sudo

    1、创建账号

    [root@bogon local]# passwd oracle
    Changing password for user oracle
    New password: 
    BAD PASSWORD: The password is shorter than 8 characters
    Retype new password:

    2、修改/etc/sudoers

    命令行输入 visudo回车即可进入/etc/sudoers下,或者vi /etc/sudoers  找到

    ## Allow root to run any commands anywhere 
    root ALL=(ALL) ALL 

    root ALL=(ALL) NOPASSWD:ALL 

    在这个下面添加如下,

    xxx ALL=(ALL) ALL

    sed -i '92a mysql ALL=(ALL) NOPASSWD:ALL ' /etc/sudoers 

    下面的脚本是针对普通用户使用sudo需要输入密码写自动登录脚本

    expect脚本自动切换su并且执行ls命令

    [root@oracledb ~]# cat login.sh
    #!/usr/bin/expect
    set timeout 5
    spawn su oracle -c "sudo ls"
    expect "password for oracle:"
    send "123 "
    interact

    [root@oracledb ~]# ./login.sh
    spawn su oracle -c sudo ls
    [sudo] password for oracle:
    2.txt a.sh deplomet.yaml login.sh orcale.txt pdksh-5.2.14-37.el5.x86_64.rpm python3
    3.txt c.sh d.sh orcale output.sh pip_output.sh Python-3.6.5.tgz
    anaconda-ks.cfg cut_new.sh d.txt orcale_output.sh output.txt pip_output.txt user.txt
    a.py cut.sh lnmp.sh orcale.sh –p pip.sh

    三、连续执行sudo命令使用,

    sudo systemctl stop firewalld && sudo systemctl start firewalld && sudo firewall-cmd --get-active-zones

    报错:

    [root@oracledb ~]# su oracle -c "ls"
    ls: cannot open directory .: Permission denied

    解决:
    sed = /etc/sudoers | sed -i '92a oracle ALL=(ALL) NOPASSWD:ALL'


    报错:
    sudo: no tty present and no askpass program specified

    解决:

    http://blog.51cto.com/nosmoking/1595241

    1. 注释Defaults requiretty
    Defaults requiretty修改为 #Defaults requiretty, 表示不需要控制终端,没有就不用注释
    否则会出现sudo: sorry, you must have a tty to run sudo

    2. 增加行 Defaults visiblepw
    否则会出现 sudo: no tty present and no askpass program specified

    grep -n "Defaults" /etc/sudoers && sed -i '55 s/!//g' /etc/sudoers

  • 相关阅读:
    target runtime apache v6.0 not defined解决
    java.lang.AbstractMethodError: javax.servlet.jsp.JspFactory.getJspApplicationContext(Ljavax/servlet/ServletContext;)Ljavax/servlet/jsp/JspApplicationContext;
    The valid characters are defined in RFC 7230 and RFC 3986问题
    invalid END header解决方法
    You have more than one version of ‘org.apache.commons.logging.Log’ visible, which is not allowed问题解决
    Invalid character found in the request target. The valid characters are defined in RFC 7230 and RFC 3986
    在eclipse中import java web项目时遇到的一些问题并将该项目通过tomcat发布
    java byte转string 涉及到字节流中有中文
    spring+mybatis框架搭建时遇到Mapped Statements collection does not contain value for...的错误
    试试看读一下Zepto源码
  • 原文地址:https://www.cnblogs.com/effortsing/p/9999500.html
Copyright © 2011-2022 走看看