dou4624
2011-12-11 17:00
浏览 64

在etc / sudoers中授予的权限仅持续10分钟

I have a PHP script which contains a shell_execute() and the command it executes normally requires sudo. I've edited the sudoers with visudo to contain the following:

www-data ALL = NOPASSWD: /var/root/node/npm/node_modules/less/
%users ALL = NOPASSWD: /var/root/node/npm/node_modules/less/

I suspect either should work, but I went with the belt-and-suspenders approach to be sure.

I'm editing etc/sudoers with vim, so after adding these lines, I do :x and everything works. My PHP script does what it's supposed to... for about 10-15 minutes. Then the script stops working. Specifically, the shell_exec() stops working.

If I do sudo visudo again, my new lines are still there. But only when I save it again does the script start working again.

Can anyone tell me why this might be happening? I have two guesses that aren't very good:

  1. There is some sort of grace period that starts when I sudo visudo and this is what's allowing my script to work (but only until it expires).
  2. The new data in etc/sudoers is staying in sudoers.tmp (the "Lock file")... Neither of these add up to me.

图片转代码服务由CSDN问答提供 功能建议

我有一个PHP脚本,其中包含 shell_execute()及其正常执行的命令 需要sudo。 我用visudo编辑了sudoers以包含以下内容:

  www-data ALL = NOPASSWD:/ var / root / node / npm / node_modules / less / 
% 用户ALL = NOPASSWD:/ var / root / node / npm / node_modules / less / 
   
 
 

我怀疑要么应该工作,但我带着带 - 和 - 悬挂的方法是肯定的。

我正在用vim编辑etc / sudoers,所以在添加这些行之后,我做:x,一切正常。 我的PHP脚本做了它应该...大约10-15分钟。 然后脚本停止工作。 具体来说, shell_exec()停止工作。

如果我再次执行 sudo visudo ,我的新行仍然存在。 但是只有当我再次保存它时,脚本才会重新开始工作。

有人能告诉我为什么会这样吗? 我有两个不太好的猜测:

  1. 当我 sudo visudo 时会出现某种宽限期,这是 是什么允许我的脚本工作(但只有在它到期之前)。
  2. etc / sudoers中的新数据保留在sudoers.tmp(“锁定文件”)... 这些中的任何一个 加起来。
  • 写回答
  • 关注问题
  • 收藏
  • 邀请回答

2条回答 默认 最新

  • dourao1877 2011-12-11 17:48
    已采纳

    According to a comment in the PHP docs, this will work.

    system('echo "PASS" | sudo -u root -S COMMAND');
    

    I have not tested it.

    打赏 评论
  • duandao7704 2011-12-11 17:03

    I think this might help you:

    Increase sudo time before you need to type password again

    Happy sudoing :D

    打赏 评论

相关推荐 更多相似问题