Welcome to OGeek Q&A Community for programmer and developer-Open, Learning and Share
Welcome To Ask or Share your Answers For Others

Categories

0 votes
161 views
in Technique[技术] by (71.8m points)

linux - How "sudo" command works?

My understand is that sudo is executes a given command with root privileges, but I experienced that entering a command in Terminal with sudo caches the authorization. How does it actually works?

For e.g.

sudo fdisk -l
[sudo] password for xxxxx:

(once I authorize by entering a password, successive sudo commands are not prompting for passwords)

sudo fdisk -l

(not prompting for password)

sudo mount -t vfat /dev/sda1 /media/test

Whether sudo is really a wrapper for su (substitute/switch user)?

See Question&Answers more detail:os

与恶龙缠斗过久,自身亦成为恶龙;凝视深渊过久,深渊将回以凝视…
Welcome To Ask or Share your Answers For Others

1 Reply

0 votes
by (71.8m points)

man sudo would tell:

   Security policies may support credential caching to allow the user to
   run sudo again for a period of time without requiring authentication.
   The sudoers policy caches credentials for 15 minutes, unless overridden
   in sudoers(5).  By running sudo with the -v option, a user can update
   the cached credentials without running a command.

It also says:

   -k [command]
               When used alone, the -k (kill) option to sudo invalidates
               the user's cached credentials.  The next time sudo is run a
               password will be required.  This option does not require a
               password and was added to allow a user to revoke sudo
               permissions from a .logout file.  Not all security policies
               support credential caching.

               When used in conjunction with a command or an option that
               may require a password, the -k option will cause sudo to
               ignore the user's cached credentials.  As a result, sudo
               will prompt for a password (if one is required by the
               security policy) and will not update the user's cached
               credentials.

与恶龙缠斗过久,自身亦成为恶龙;凝视深渊过久,深渊将回以凝视…
OGeek|极客中国-欢迎来到极客的世界,一个免费开放的程序员编程交流平台!开放,进步,分享!让技术改变生活,让极客改变未来! Welcome to OGeek Q&A Community for programmer and developer-Open, Learning and Share
Click Here to Ask a Question

...