我的理解是sudo是使用root特权执行给定命令的,但是我体验到在终端中使用sudo输入命令会缓存授权。它实际上是如何工作的?
例如
sudo fdisk -l
[sudo] password for xxxxx:
(一旦我通过输入密码授权,连续的sudo命令不会提示输入密码)
sudo fdisk -l
(不提示输入密码)
sudo mount -t vfat /dev/sda1 /media/test
无论须藤,实际上是包装苏(替代/切换用户)?
man sudo
会告诉:
Security policies may support credential caching to allow the user to
run sudo again for a period of time without requiring authentication.
The sudoers policy caches credentials for 15 minutes, unless overridden
in sudoers(5). By running sudo with the -v option, a user can update
the cached credentials without running a command.
它还说:
-k [command]
When used alone, the -k (kill) option to sudo invalidates
the user's cached credentials. The next time sudo is run a
password will be required. This option does not require a
password and was added to allow a user to revoke sudo
permissions from a .logout file. Not all security policies
support credential caching.
When used in conjunction with a command or an option that
may require a password, the -k option will cause sudo to
ignore the user's cached credentials. As a result, sudo
will prompt for a password (if one is required by the
security policy) and will not update the user's cached
credentials.
本文收集自互联网,转载请注明来源。
如有侵权,请联系 [email protected] 删除。
我来说两句