|
Tytuł: [How To]Komenda "sudo" w openSUSE Wiadomość wysłana przez: sir_lucjan Listopad 15, 2010, 17:12:45 Domyślnie w openSUSE działa polecenie "su", co dla dawnych userów Minta potrafi być męczące. Ale w bardzo prosty sposób możemy to zmienić.
Edytujemy odpowiedni plik: Kod: su wpisujemy nasze hasło Kod: nano /etc/sudoers Naszym oczom ukaże się coś takiego: Kod: # sudoers file. # # This file MUST be edited with the 'visudo' command as root. # Failure to use 'visudo' may result in syntax or file permission errors # that prevent sudo from running. # # See the sudoers man page for the details on how to write a sudoers file. # # Host alias specification # User alias specification # Cmnd alias specification # Defaults specification # Prevent environment variables from influencing programs in an # unexpected or harmful way (CVE-2005-2959, CVE-2005-4158, CVE-2006-0151) Defaults always_set_home Defaults env_reset # Change env_reset to !env_reset in previous line to keep all environment variables # Following list will no longer be necessary after this change Defaults env_keep = "LANG LC_ADDRESS LC_CTYPE LC_COLLATE LC_IDENTIFICATION LC_MEASUREMENT LC_MESSAGES LC_MONETARY LC_NAME LC_NUMERIC LC_PAPER LC_TELEPHONE LC_TIME LC_ALL LANGUAGE LINGUAS XDG_SESSION_COOKIE" # Comment out the preceding line and uncomment the following one if you need # to use special input methods. This may allow users to compromise the root # account if they are allowed to run commands without authentication. #Defaults env_keep = "LANG LC_ADDRESS LC_CTYPE LC_COLLATE LC_IDENTIFICATION LC_MEASUREMENT LC_MESSAGES LC_MONETARY LC_NAME LC_NUMERIC LC_PAPER LC_TELEPHONE LC_TIME LC_ALL LANGUAGE LINGUAS XDG_SESSION_COOKIE XMODIFIERS GTK_IM_MODULE QT_IM_MODULE QT_IM_SWITCHER" # In the default (unconfigured) configuration, sudo asks for the root password. # This allows use of an ordinary user account for administration of a freshly # installed system. When configuring sudo, delete the two # following lines: Defaults targetpw # ask for the password of the target user i.e. root ALL ALL=(ALL) ALL # WARNING! Only use this together with 'Defaults targetpw'! # Runas alias specification # User privilege specification root ALL=(ALL) ALL # Uncomment to allow people in group wheel to run all commands # %wheel ALL=(ALL) ALL # Same thing without a password # %wheel ALL=(ALL) NOPASSWD: ALL # Samples # %users ALL=/sbin/mount /cdrom,/sbin/umount /cdrom # %users localhost=/sbin/shutdown -h now Dodajemy odpowiednią linijkę na samym końcu: Kod: nasza_nazwa_użytkownika ALL=(ALL) ALL Czyli powinniśmy otrzymać coś takiego: Kod: # sudoers file. # # This file MUST be edited with the 'visudo' command as root. # Failure to use 'visudo' may result in syntax or file permission errors # that prevent sudo from running. # # See the sudoers man page for the details on how to write a sudoers file. # # Host alias specification # User alias specification # Cmnd alias specification # Defaults specification # Prevent environment variables from influencing programs in an # unexpected or harmful way (CVE-2005-2959, CVE-2005-4158, CVE-2006-0151) Defaults always_set_home Defaults env_reset # Change env_reset to !env_reset in previous line to keep all environment variables # Following list will no longer be necessary after this change Defaults env_keep = "LANG LC_ADDRESS LC_CTYPE LC_COLLATE LC_IDENTIFICATION LC_MEASUREMENT LC_MESSAGES LC_MONETARY LC_NAME LC_NUMERIC LC_PAPER LC_TELEPHONE LC_TIME LC_ALL LANGUAGE LINGUAS XDG_SESSION_COOKIE" # Comment out the preceding line and uncomment the following one if you need # to use special input methods. This may allow users to compromise the root # account if they are allowed to run commands without authentication. #Defaults env_keep = "LANG LC_ADDRESS LC_CTYPE LC_COLLATE LC_IDENTIFICATION LC_MEASUREMENT LC_MESSAGES LC_MONETARY LC_NAME LC_NUMERIC LC_PAPER LC_TELEPHONE LC_TIME LC_ALL LANGUAGE LINGUAS XDG_SESSION_COOKIE XMODIFIERS GTK_IM_MODULE QT_IM_MODULE QT_IM_SWITCHER" # In the default (unconfigured) configuration, sudo asks for the root password. # This allows use of an ordinary user account for administration of a freshly # installed system. When configuring sudo, delete the two # following lines: Defaults targetpw # ask for the password of the target user i.e. root ALL ALL=(ALL) ALL # WARNING! Only use this together with 'Defaults targetpw'! # Runas alias specification # User privilege specification root ALL=(ALL) ALL # Uncomment to allow people in group wheel to run all commands # %wheel ALL=(ALL) ALL # Same thing without a password # %wheel ALL=(ALL) NOPASSWD: ALL # Samples # %users ALL=/sbin/mount /cdrom,/sbin/umount /cdrom # %users localhost=/sbin/shutdown -h now nasza_nazwa_użytkownika ALL=(ALL) ALL Zapisujemy zmiany i robimy test: Kod: lucjan@lucjan-desktop:~> sudo zypper update We trust you have received the usual lecture from the local System Administrator. It usually boils down to these three things: #1) Respect the privacy of others. #2) Think before you type. #3) With great power comes great responsibility. root's password: Wczytywanie danych repozytorium... Odczytywanie zainstalowanych pakietów... Brak zadań. lucjan@lucjan-desktop:~> Jeśli otrzymamy coś takiego, to wykonaliśmy dobrze nasze zadanie. |