apt-get방금 소유자와 그룹이 "로거"인 일부 소프트웨어를 설치했습니다 . 을 사용하여 소프트웨어를 설치했는데 sudo소유자와 그룹이 "루트"가 아닌 이유는 무엇입니까? 나는 약 1년 전에 pi사용자의 이름을 새 이름으로 바꿨다고 확신합니다 logger. 이것이 원인이 아닐까요? 그렇다면 왜 그렇습니까?
michael@rp3:~ $ ls -l /usr | grep local
drwxrwsr-x 12 root staff 4096 Dec 23 16:49 local
michael@rp3:~ $ ls -l /usr/local
total 32
drwxrwsr-x 2 root staff 4096 Dec 23 16:47 bin
drwxrwsr-x 2 root staff 4096 Apr 10 2017 etc
drwxrwsr-x 2 root staff 4096 Apr 10 2017 games
drwxrwsr-x 2 root staff 4096 Apr 10 2017 include
drwxrwsr-x 4 root staff 4096 Jun 4 2017 lib
lrwxrwxrwx 1 root staff 9 Apr 10 2017 man -> share/man
drwxrwsr-x 2 root staff 4096 Apr 10 2017 sbin
drwxrwsr-x 7 root staff 4096 Dec 23 15:20 share
drwxrwsr-x 2 root staff 4096 Apr 10 2017 src
michael@rp3:~ $ sudo apt-get install test-client
Reading package lists... Done
Building dependency tree
Reading state information... Done
The following additional packages will be installed:
test-utils
The following NEW packages will be installed:
test-client test-utils
0 upgraded, 2 newly installed, 0 to remove and 0 not upgraded.
Need to get 0 B/1,575 kB of archives.
After this operation, 0 B of additional disk space will be used.
Do you want to continue? [Y/n] y
WARNING: The following packages cannot be authenticated!
test-utils test-client
Install these packages without verification? [y/N] y
Selecting previously unselected package test-utils.
(Reading database ... 41030 files and directories currently installed.)
Preparing to unpack .../test-utils_0.1.1-jessie_armhf.deb ...
Unpacking test-utils (0.1.1-jessie) ...
Selecting previously unselected package test-client.
Preparing to unpack .../test-client_0.1.2-jessie_armhf.deb ...
Unpacking test-client (0.1.2-jessie) ...
Setting up test-utils (0.1.1-jessie) ...
Setting up test-client (0.1.2-jessie) ...
michael@rp3:~ $ ls -l /usr/local
total 40
drwxrwxr-x 6 logger logger 4096 Dec 23 16:49 test-client
drwxrwxr-x 3 logger logger 4096 Dec 23 16:49 test-utils
drwxrwsr-x 2 root staff 4096 Dec 23 16:49 bin
drwxrwsr-x 2 root staff 4096 Apr 10 2017 etc
drwxrwsr-x 2 root staff 4096 Apr 10 2017 games
drwxrwsr-x 2 root staff 4096 Apr 10 2017 include
drwxrwsr-x 4 root staff 4096 Jun 4 2017 lib
lrwxrwxrwx 1 root staff 9 Apr 10 2017 man -> share/man
drwxrwsr-x 2 root staff 4096 Apr 10 2017 sbin
drwxrwsr-x 7 root staff 4096 Dec 23 15:20 share
drwxrwsr-x 2 root staff 4096 Apr 10 2017 src
michael@rp3:~ $ cat /etc/passwd | grep 'apt\|logger\|root\|michael'
root:x:0:0:root:/root:/bin/bash
michael:x:1001:1001:,,,:/home/michael:/bin/bash
_apt:x:109:65534::/nonexistent:/bin/false
logger:x:1000:1000:,,,:/home/logger:/bin/bash
michael@rp3:~ $ cat /etc/group | grep 'apt\|logger\|root\|michael'
root:x:0:
michael:x:1001:
wireshark:x:114:michael
logger:x:1000:
michael@rp3:~ $ sudo cat /etc/sudoers
#
# This file MUST be edited with the 'visudo' command as root.
#
# Please consider adding local content in /etc/sudoers.d/ instead of
# directly modifying this file.
#
# See the man page for details on how to write a sudoers file.
#
Defaults env_reset
Defaults mail_badpass
Defaults secure_path="/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin"
# Host alias specification
# User alias specification
# Cmnd alias specification
# User privilege specification
root ALL=(ALL:ALL) ALL
michael ALL=(ALL:ALL) ALL
anton ALL=(ALL:ALL) ALL
# Allow members of group sudo to execute any command
%sudo ALL=(ALL:ALL) ALL
# See sudoers(5) for more information on "#include" directives:
#includedir /etc/sudoers.d
michael@rp3:~ $ ls -l /etc/sudoers.d
total 8
-r--r----- 1 root root 27 Oct 18 2016 010_pi-nopasswd
-r--r----- 1 root root 958 Jan 11 2016 README
michael@rp3:~ $ sudo cat /etc/sudoers.d/*
pi ALL=(ALL) NOPASSWD: ALL
#
# As of Debian version 1.7.2p1-1, the default /etc/sudoers file created on
# installation of the package now includes the directive:
#
# #includedir /etc/sudoers.d
#
# This will cause sudo to read and parse any files in the /etc/sudoers.d
# directory that do not end in '~' or contain a '.' character.
#
# Note that there must be at least one file in the sudoers.d directory (this
# one will do), and all files in this directory should be mode 0440.
#
# Note also, that because sudoers contents can vary widely, no attempt is
# made to add this directive to existing sudoers files on upgrade. Feel free
# to add the above directive to the end of your /etc/sudoers file to enable
# this functionality for existing installations if you wish!
#
# Finally, please note that using the visudo command is the recommended way
# to update sudoers content, since it protects against many failure modes.
# See the man page for visudo for more information.
#
michael@rp3:~ $
답변1
데비안 패키지는 postinst 스크립트에서 파일 권한과 소유권을 설정할 수 있습니다.
답변2
apt-get또는 dpkg패키지의 다양한 파일을 소유한 것으로 기록된 사용자를 사용하여 패키지 콘텐츠를 설치합니다. 일반적으로 이지만 root:root무엇이든 될 수 있습니다. 일반적으로 root:games게임 패키지, 웹 서버 관련 패키지 등 root:www-data의 일부 디렉터리에서 볼 수 있습니다. (소유권과 권한은 관리자 스크립트로 설정할 수도 있지만 일반적으로 필수는 아닙니다.)
소유권에 너무 많은 주의를 기울이지 않고(사용하지 않고) Raspberry Pi 스타일 시스템에서 수동으로 패키지를 생성하는 경우 숫자로 식별되는 파일이 포함된 패키지 fakeroot로 끝날 가능성이 있습니다 . pi:pi귀하의 시스템에서 이는 결국 에 속하게 됩니다 logger:logger.
를 사용하여 패키지에 포함된 소유권 정보를 볼 수 있습니다 dpkg-deb -c.