“ sudo”命令如何工作？

阿伦普拉萨德·拉杰库玛（Arunprasad Rajkumar）

我的理解是sudo是使用root特权执行给定命令的，但是我体验到在终端中使用sudo输入命令会缓存授权。它实际上是如何工作的？

例如

sudo fdisk -l
[sudo] password for xxxxx:

（一旦我通过输入密码授权，连续的sudo命令不会提示输入密码）

sudo fdisk -l

（不提示输入密码）

sudo mount -t vfat /dev/sda1 /media/test

无论须藤，实际上是包装苏（替代/切换用户）？

恶魔

man sudo 会告诉：

   Security policies may support credential caching to allow the user to
   run sudo again for a period of time without requiring authentication.
   The sudoers policy caches credentials for 15 minutes, unless overridden
   in sudoers(5).  By running sudo with the -v option, a user can update
   the cached credentials without running a command.

它还说：

   -k [command]
               When used alone, the -k (kill) option to sudo invalidates
               the user's cached credentials.  The next time sudo is run a
               password will be required.  This option does not require a
               password and was added to allow a user to revoke sudo
               permissions from a .logout file.  Not all security policies
               support credential caching.

               When used in conjunction with a command or an option that
               may require a password, the -k option will cause sudo to
               ignore the user's cached credentials.  As a result, sudo
               will prompt for a password (if one is required by the
               security policy) and will not update the user's cached
               credentials.

本文收集自互联网，转载请注明来源。

如有侵权，请联系 [email protected] 删除。