• 103768

    文章

  • 803

    评论

  • 12

    友链

  • 最近新加了换肤功能,大家多来逛逛吧~~~~
  • 喜欢这个网站的朋友可以加一下QQ群,我们一起交流技术。

debian下普通用户操作systemd服务

撸了今年阿里、腾讯和美团的面试,我有一个重要发现.......>>

问题描述:
使用普通账号test通过systemctl启动系统服务提示需要输入root密码:

解决方案:
根据上面提示得知权限由polkit进行管理,对应的是org.freedesktop.systemd1.policy这个配置文件下的manae-units动作

进入/usr/share/polkit-1/actions/org.freedesktop.systemd1.policy,

将对应manae-units的defaults中的授权全部改为yes,然后执行systemctl restart polkit重启polkit

<defaults>
        <allow_any>yes</allow_any>
        <allow_inactive>yes</allow_inactive>
        <allow_active>yes</allow_active>
</defaults>


下图为权限可选的配置参数 

defaults

This element is used to specify implicit authorizations for clients. Elements that can be used inside defaults include:

allow_any

Implicit authorizations that apply to any client. Optional.

allow_inactive

Implicit authorizations that apply to clients in inactive sessions on local consoles. Optional.

allow_active

Implicit authorizations that apply to clients in active sessions on local consoles. Optional.

Each of the allow_any, allow_inactive and allow_active elements can contain the following values:

no

Not authorized.

yes

Authorized.

auth_self

Authentication by the owner of the session that the client originates from is required. Note that this is not restrictive enough for most uses on multi-user systems; auth_admin* is generally recommended.

auth_admin

Authentication by an administrative user is required.

auth_self_keep

Like auth_self but the authorization is kept for a brief period (e.g. five minutes). The warning about auth_self above applies likewise.

auth_admin_keep

Like auth_admin but the authorization is kept for a brief period (e.g. five minutes).


695856371Web网页设计师②群 | 喜欢本站的朋友可以收藏本站,或者加入我们大家一起来交流技术!

0条评论

Loading...


自定义皮肤 主体内容背景
打开支付宝扫码付款购买视频教程
遇到问题联系客服QQ:419400980
注册梁钟霖个人博客