Linux/Ubuntu
sudo -k -K
구차니
2022. 4. 25. 18:55
sudo의 사용가능 시간을 리셋하는 옵션
| -K' The -K (sure kill) option is like -k except that it removes the user's cached credentials entirely and may not be used in conjunction with a command or other option. This option does not require a password. Not all security policies support credential caching. -k [command] When used alone, the -k (kill) option to sudo invalidates the user's cached credentials. The next time sudo is run a password will be required. This option does not require a password and was added to allow a user to revoke sudo permissions from a .logout file. Not all security policies support credential caching. When used in conjunction with a command or an option that may require a password, the -k option will cause sudo to ignore the user's cached credentials. As a result, sudo will prompt for a password (if one is required by the security policy) and will not update the user's cached credentials. |
[링크 : https://linux.die.net/man/8/sudo]
[링크 : https://askubuntu.com/questions/14948/how-to-cancel-the-currently-applied-remaining-sudo-time-out]
+ 22.05.03
아래 경로 가니 파일이 존재하는데 -k 로는 파일이 사라지지 않고 -K로는 파일이 사라진다.
| /run/sudo/ts/<username> |
[링크 : https://www.linux.org/threads/cache-timestamp-file.25274/]
sudo 도움말을 보면 -K는 파일을 삭제하고, -k는 타임스탬프 파일을 무효화 한다는데 내용이 변화되는것 같진 않고..
| -K, --remove-timestamp remove timestamp file completely -k, --reset-timestamp invalidate timestamp file |
| struct timestamp_entry { unsigned short version; /* version number / unsigned short size; / entry size / unsigned short type; / TS_GLOBAL, TS_TTY, TS_PPID / unsigned short flags; / TS_DISABLED, TS_ANYUID / uid_t auth_uid; / uid to authenticate as / pid_t sid; / session ID associated with tty/ppid / struct timespec start_time; / session/ppid start time / struct timespec ts; / time stamp (CLOCK_MONOTONIC) / union { dev_t ttydev; / tty device number / pid_t ppid; / parent pid */ } u; }; |
[링크 : https://www.sudo.ws/docs/man/1.8.25/sudoers_timestamp.man/]
먼가 딱 하나.. 0에서 1로 바뀌었네
