我正在尝试让 Capistrano 处理我的小组项目。由于部门限制,我们必须以自己的身份登录,然后 sudo su 进入共享项目用户。我们 sudo su - projectuser 进入的项目用户具有访问项目目录所需的权限。我很难弄清楚如何使用 Capistrano 进行这项工作。任何帮助将不胜感激。
最佳答案
man sudo
-u user The -u (user) option causes sudo to run the specified command as a user other than root. To specify a uid instead of a user name, use #uid. When running commands as a
uid, many shells require that the '#' be escaped with a backslash ('\'). Note that if the targetpw Defaults option is set (see sudoers(5)) it is not possible to run
commands with a uid not listed in the password database.
-i [command]
The -i (simulate initial login) option runs the shell specified in the passwd(5) entry of the target user as a login shell. This means that login-specific resource
files such as .profile or .login will be read by the shell. If a command is specified, it is passed to the shell for execution. Otherwise, an interactive shell is
executed. sudo attempts to change to that user's home directory before running the shell. It also initializes the environment, leaving DISPLAY and TERM unchanged,
setting HOME, MAIL, SHELL, USER, LOGNAME, and PATH, as well as the contents of /etc/environment on Linux and AIX systems. All other environment variables are removed.
Sudo 已经支持以特定用户而不是 root 身份运行命令。所以不是运行 sudo mkdir some_folder , 你可以简单地运行 sudo -u your_user mkdir some_folder , 它只会以该用户身份执行所有命令。
另外,-i flag 将指示 sudo 启动一个新的 shell 并运行命令。新的 shell 将像登录 shell 一样被初始化(它将切换到用户的主目录,重新初始化 HOME 和其他变量等)。它最接近运行 sudo su - your_user .
让 Capistrano 使用 sudo -u <your-user> -i而不仅仅是 sudo ,在你的deploy.rb中设置如下配置:
set :use_sudo, true
set :sudo, "sudo -u <your-user> -i"
Capistrano 现在将使用给定的用户执行所有 sudo 命令,并使用全新的登录 shell。
关于ruby-on-rails - 如果你需要 sudo su 到另一个用户,你可以使用 capistrano 吗?,我们在Stack Overflow上找到一个类似的问题: https://stackoverflow.com/questions/16490687/