2020-02-12-sudo提权实现没有权限用户拷贝

[root@m01 ~]# visudo

oldgirl ALL= NOPASSWD: /usr/bin/rsync 末尾添加
配置suduer：nfs，backup，web

echo "oldgirl ALL=   NOPASSWD: /usr/bin/rsync " >>/etc/sudoers
visudo -c

把要操作的考到当前目录

[root@m01 ~]# su - oldgirl  #<==要在用户下，否则需要密码
[oldgirl@m01 ~]$ cp /etc/hosts .
[oldgirl@m01 ~]$ scp -P52113 hosts [email protected]:~
hosts                                                                                                                                                                                                                        100%  331     0.3KB/s   00:00    
[oldgirl@m01 ~]$

[oldgirl@nfs01 ~]$ ll
total 4
-rw-r--r-- 1 oldgirl oldgirl 331 Feb 12 23:01 hosts
[oldgirl@nfs01 ~]$

远程sudo
ssh -p52113 -t [email protected] sudo rsync ~/hosts /etc/hosts

[root@m01 ~]# su -
[root@m01 ~]# su - oldgirl
[oldgirl@m01 ~]$ scp hosts [email protected]:~             
hosts                                                                                                                                                                                                                        100%  358     0.4KB/s   00:00    
[oldgirl@m01 ~]$ ssh [email protected] sudo rsync ~/hosts /etc/hosts             
[oldgirl@m01 ~]$

[root@web01 /]# cat /etc/hosts
127.0.0.1   localhost localhost.localdomain localhost4 localhost4.localdomain4
::1         localhost localhost.localdomain localhost6 localhost6.localdomain6
172.16.1.5       lb01
172.16.1.6       lb02
172.16.1.7       web02
172.16.1.8       web01
172.16.1.51      db01 db01.etiantian.org
172.16.1.31      nfs01
172.16.1.41      backup
172.16.1.61      m01
[root@web01 /]# cat /home/oldgril/hosts
cat: /home/oldgril/hosts: No such file or directory
[root@web01 /]# cat /home/oldgirl/hosts 
127.0.0.1   localhost localhost.localdomain localhost4 localhost4.localdomain4
::1         localhost localhost.localdomain localhost6 localhost6.localdomain6
172.16.1.5 lb01
172.16.1.6 lb02
172.16.1.7 web02
172.16.1.8 web01
172.16.1.51 db01 db01.etiantian.org
172.16.1.31 nfs01
172.16.1.41 backup
172.16.1.61 m01
172.16.1.31 nfs01
#############20200212#####
[root@web01 /]# cat /etc/hosts          
127.0.0.1   localhost localhost.localdomain localhost4 localhost4.localdomain4
::1         localhost localhost.localdomain localhost6 localhost6.localdomain6
172.16.1.5 lb01
172.16.1.6 lb02
172.16.1.7 web02
172.16.1.8 web01
172.16.1.51 db01 db01.etiantian.org
172.16.1.31 nfs01
172.16.1.41 backup
172.16.1.61 m01
172.16.1.31 nfs01
#############20200212#####
[root@web01 /]#

2020-02-12-sudo提权实现没有权限用户拷贝

你可能感兴趣的:(2020-02-12-sudo提权实现没有权限用户拷贝)