堆栈内存溢出
  简体   繁体   English

sudo -i:为什么给出了root shell?

[英]sudo -i: why does this give a root shell?

 原文  2017-03-23 13:22:03       linux/ shell/ sudo

问题描述

Running sudo -i I end up with a root shell on my Linux box. 运行sudo -i我最终在Linux机器上有了一个root shell。

But reading up on the -i option it says: 但是,阅读-i选项时,它会显示: 

 -i, --login
                 Run the shell specified by the target user's password database entry as a login shell.  This means that
                 login-specific resource files such as .profile or .login will be read by the shell.  If a command is
                 specified, it is passed to the shell for execution via the shell's -c option.  If no command is speci‐
                 fied, an interactive shell is executed.  sudo attempts to change to that user's home directory before
                 running the shell.  The command is run with an environment similar to the one a user would receive at
                 log in.  The Command Environment section in the sudoers(5) manual documents how the -i option affects
                 the environment in which a command is run when the sudoers policy is in use.

I'm not clear. 我不清楚。

Why is the target user root? 为什么target user root?

And how is this different from sudo su ? sudo su什么不同?

1 个解决方案

解决方案1
 0 已采纳  2017-03-23 13:37:51

Because 'root' is the default user. 因为“ root”是默认用户。 Emphasis is from me. 重点来自我。

-u user, --user=user -u用户,--user =用户

Run the command as a user other than the default target user ( usually root ). 以默认目标用户( 通常为root )以外的用户身份运行命令。 The user may be either a user name or a numeric user ID (UID) prefixed with the '#' character (eg #0 for UID 0). 用户可以是用户名,也可以是带有'#'字符的数字用户ID(UID)(例如,UID 0为#0)。 When running commands as a UID, many shells require that the '#' be escaped with a backslash ('\\'). 当将命令作为UID运行时,许多外壳程序要求使用反斜杠('\\')对'#'进行转义。 Some security policies may restrict UIDs to those listed in the password database. 某些安全策略可能会将UID限制为密码数据库中列出的UID。 The sudoers policy allows UIDs that are not in the password database as long as the targetpw option is not set. sudoers策略允许未设置密码库中的UID,只要未设置targetpw选项。 Other security policies may not support this. 其他安全策略可能不支持此功能。

sudo su is effectively executing the su command as the user specified (or root by default). sudo su以用户指定的身份(默认为root)有效地执行su命令。

The su command is used to become another user during a login session. su命令用于在登录会话期间成为另一个用户。 Invoked without a username, su defaults to becoming the superuser. 在没有用户名的情况下调用su会默认成为超级用户。

As you are running su as 'root' (due to the use of sudo ), you aren't then asked to prove your identity with a password - many systems do not permit 'root' to login with a password, by placing a ! 当您以``root''身份运行su (由于使用sudo )时,系统并不会要求您使用密码来证明您的身份-许多系统不允许'root'通过输入!来使用密码登录! in field 2 of /etc/shadow . /etc/shadow字段2中。

"!" “!” – the account is password locked, user will be unable to log-in via password authentication but other methods (eg ssh key) may be still allowed –该帐户已被密码锁定,用户将无法通过密码身份验证登录,但仍然可以使用其他方法(例如ssh密钥)

Additionally, even if root does have password access, then on a system with multiple administrators, or a shared development system, then sharing a password is not ideal. 此外,即使root 确实具有密码访问权限,但在具有多个管理员的系统或共享开发系统上,共享密码也不是理想的选择。

暂无
暂无

声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.

相关问题 为什么在使用echo / sudo时shell重定向失败? - Why does shell redirection fail when using echo/sudo? sudo使用什么shell - What shell does sudo use 为什么我不能在shell脚本中使用'sudo su'? 如何自动使用sudo运行shell脚本 - Why can't I use 'sudo su' within a shell script? How to make a shell script run with sudo automatically 为什么我可以在终端上运行 java,但不能在 shell 脚本上运行,即使 shell 脚本正在使用 sudo 运行? - Why can I run java on the terminal, but not on a shell script, even when the shell script is being runned using sudo? 为什么 bash 脚本中的函数以 root 身份(使用 sudo)抛出语法错误,而作为标准用户它可以工作? - Why does a function in bash script throw syntax error as root (using sudo) while as standard user it works? 为什么指定我的shell会更改root的EUID? - Why does specifying my shell change the EUID of root? 为什么我执行'sudo chmod -x /'后为什么可以恢复root挂载点的权限? - Why could I recover the permission of root mount point after I execute 'sudo chmod -x /' 从PHP运行Shell命令-具有root权限或sudo - Running shell commands from PHP - With root permissions or sudo 为什么gammu需要sudo才能工作? - Why does gammu require sudo to work? $(shell pwd)给出了什么价值? - What value does $(shell pwd) give?
相关标签
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM