- 论坛徽章:
- 18
|
回复 1# cexoyq
/usr/bin/sudo needs to be owned by root and have 4755 permissions.
A bunch of other files also need SUID. Here's a quick script I built based on what my box has (in /bin, /sbin, /usr/bin and /usr/sbin).
Code:
#!/bin/bash
cd /usr/bin
chown root:root *
chown daemon:daemon at
chown root:tty bsd-write wall
chown root:shadow chage expiry
chown root:crontab crontab
chown root:mail dotlock.mailutils
chown root:lpadmin lppasswd
chown root:mlocate mlocate
chmod 4755 arping chfn chsh gpasswd lppasswd mtr newgrp passwd pulseaudio sudo sudoedit traceroute6.iputils
chmod 6755 at X
chmod 2755 bsd-write chage crontab dotlock.mailutils expiry mlocate screen ssh-agent wall xterm
cd /usr/sbin
chown root:root *
chown root:dip pppd
chown libuuid:libuuid uuidd
chmod 4754 pppd
chmod 6755 uuidd
cd /bin
chown root:root *
chown root:fuse fusermount
chmod 4754 fusermount
chmod 4755 mount ping ping6 su umount
cd /sbin
chown root:root *
chown root:shadow unix_chkpwd
chmod 2755 unix_chkpwd |
|