与sudo有问题。 由于用户forge
我想能够运行sudo service php5-fpm reload
而不必input密码。 我已经尝试了下面的所有变种。
forge ALL=NOPASSWD: /usr/bin/service php5-fpm reload forge ALL=NOPASSWD: /usr/bin/service forge ALL=(ALL:ALL) NOPASSWD: /usr/bin/service forge ALL=(ALL:ALL) NOPASSWD: /usr/bin/service php5-fpm reload
但它不断提示我input密码。 尝试login进出。
# tail /var/log/auth.log Sep 16 09:28:19 apps sudo: pam_unix(sudo:auth): conversation failed Sep 16 09:28:19 apps sudo: pam_unix(sudo:auth): auth could not identify password for [forge]
这是整个文件。
# # This file MUST be edited with the 'visudo' command as root. # # Please consider adding local content in /etc/sudoers.d/ instead of # directly modifying this file. # # See the man page for details on how to write a sudoers file. # Defaults env_reset Defaults mail_badpass Defaults secure_path="/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin" # Host alias specification # User alias specification # Cmnd alias specification Cmnd_Alias SERVICES = /sbin/service, /sbin/chkconfig # User privilege specification root ALL=(ALL:ALL) ALL #forge ALL=NOPASSWD: /usr/bin/service # Members of the admin group may gain root privileges %admin ALL=(ALL) ALL # Allow members of group sudo to execute any command %sudo ALL=(ALL:ALL) ALL # See sudoers(5) for more information on "#include" directives: #includedir /etc/sudoers.d
使用Ubuntu 14.04.1 LTS
$ which service /usr/sbin/service
问题:
$ sudo service [sudo] password for forge:
这是什么工作。
visudo命令:
# Cmnd alias specification Cmnd_Alias SERVICES = /sbin/service, /sbin/chkconfig/, /usr/bin/service, /usr/sbin/service
/etc/sudoers.d/forge
:
forge ALL = (ALL) NOPASSWD: SERVICES
试图将forge
文件的内容转移到visudo
,但没有奏效。
尝试以下方法
/etc/sudoers
:
# grep -B1 'Cmnd_Alias SERVICES' /etc/sudoers ## Services Cmnd_Alias SERVICES = /sbin/service, /sbin/chkconfig #
/etc/sudoers.d/forge
:
# cat /etc/sudoers.d/forge forge ALL = (ALL) NOPASSWD: SERVICES #
testing
[forge@localhost ~]$ sudo service Usage: service < option > | --status-all | [ service_name [ command | --full-restart ] ] [forge@localhost ~]$
调整正确的path到您的service
如果需要,这可能会有所不同,取决于您的分布,find正确的path运行以下:
$ which service /sbin/service $
你给错误的PATH
二进制。 which
输出显示它是/usr/sbin/service
,但是你在sudoers
条目中一直指定/usr/bin/service
。
尝试
forge ALL=(ALL) NOPASSWD: /usr/sbin/service