Chinaunix

标题: 关于sudoer中来源主机限制问题？ [打印本页]

作者: blueswxs 时间: 2010-05-04 14:06
标题: 关于sudoer中来源主机限制问题？
先来一段手册

      jack          CSNETS = ALL

   The user jack may run any command on the machines in the
   CSNETS alias (the networks 128.138.243.0, 128.138.204.0, and
   128.138.242.0).  Of those networks, only 128.138.204.0 has an
   explicit netmask (in CIDR notation) indicating it is a class
   C network.  For the other networks in CSNETS, the local
   machine’s netmask will be used during matching.

CSNETS 定义主机别名。

根据这个例子，我写了一个：

Host_Alias    HHH = 10.10.10.158/255.255.255.255
uuu    HHH=(root)    NOPASSWD:ALL

可是当我在10.10.10.158的服务往ppp.uplooking.com建立ssh连接以后，执行如下命令。确失效：

[uuu@ppp ~]$ sudo /sbin/fdisk -l
Password:
uuu is not allowed to run sudo on ppp.  This incident will be reported.
[uuu@ppp ~]$ hostname
ppp.uplooking.com

欢迎光临 Chinaunix (http://bbs.chinaunix.net/)