2020-07-30 13:12:29 -06:00
|
|
|
/* generated file, do not edit */
|
|
|
|
|
|
2003-12-30 22:31:30 +00:00
|
|
|
static struct def_values def_data_lecture[] = {
|
|
|
|
|
{ "never", never },
|
|
|
|
|
{ "once", once },
|
|
|
|
|
{ "always", always },
|
|
|
|
|
{ NULL, 0 },
|
|
|
|
|
};
|
|
|
|
|
|
|
|
|
|
static struct def_values def_data_listpw[] = {
|
|
|
|
|
{ "never", never },
|
|
|
|
|
{ "any", any },
|
|
|
|
|
{ "all", all },
|
|
|
|
|
{ "always", always },
|
|
|
|
|
{ NULL, 0 },
|
|
|
|
|
};
|
|
|
|
|
|
|
|
|
|
static struct def_values def_data_verifypw[] = {
|
|
|
|
|
{ "never", never },
|
|
|
|
|
{ "all", all },
|
2004-11-28 21:05:38 +00:00
|
|
|
{ "any", any },
|
2003-12-30 22:31:30 +00:00
|
|
|
{ "always", always },
|
|
|
|
|
{ NULL, 0 },
|
|
|
|
|
};
|
|
|
|
|
|
2017-01-22 18:56:16 -08:00
|
|
|
static struct def_values def_data_fdexec[] = {
|
|
|
|
|
{ "never", never },
|
|
|
|
|
{ "digest_only", digest_only },
|
|
|
|
|
{ "always", always },
|
|
|
|
|
{ NULL, 0 },
|
|
|
|
|
};
|
|
|
|
|
|
2017-08-01 16:14:54 -06:00
|
|
|
static struct def_values def_data_timestamp_type[] = {
|
|
|
|
|
{ "global", global },
|
|
|
|
|
{ "ppid", ppid },
|
|
|
|
|
{ "tty", tty },
|
2017-12-20 16:19:54 -07:00
|
|
|
{ "kernel", kernel },
|
2017-08-01 16:14:54 -06:00
|
|
|
{ NULL, 0 },
|
|
|
|
|
};
|
|
|
|
|
|
2020-10-27 15:26:02 -06:00
|
|
|
static struct def_values def_data_log_format[] = {
|
|
|
|
|
{ "sudo", sudo },
|
|
|
|
|
{ "json", json },
|
2024-03-08 16:31:39 -07:00
|
|
|
{ "json_compact", json_compact },
|
2024-03-09 10:59:54 -07:00
|
|
|
{ "json_pretty", json_pretty },
|
2020-10-27 15:26:02 -06:00
|
|
|
{ NULL, 0 },
|
|
|
|
|
};
|
|
|
|
|
|
2022-05-24 13:39:28 -06:00
|
|
|
static struct def_values def_data_intercept_type[] = {
|
|
|
|
|
{ "dso", dso },
|
|
|
|
|
{ "trace", trace },
|
|
|
|
|
{ NULL, 0 },
|
|
|
|
|
};
|
|
|
|
|
|
2000-12-31 01:38:37 +00:00
|
|
|
struct sudo_defs_types sudo_defs_table[] = {
|
|
|
|
|
{
|
|
|
|
|
"syslog", T_LOGFAC|T_BOOL,
|
2011-05-17 12:52:20 -04:00
|
|
|
N_("Syslog facility if syslog is being used for logging: %s"),
|
2004-01-16 23:02:18 +00:00
|
|
|
NULL,
|
2000-12-31 01:38:37 +00:00
|
|
|
}, {
|
2016-11-30 16:26:10 -07:00
|
|
|
"syslog_goodpri", T_LOGPRI|T_BOOL,
|
2011-05-17 12:52:20 -04:00
|
|
|
N_("Syslog priority to use when user authenticates successfully: %s"),
|
2004-01-16 23:02:18 +00:00
|
|
|
NULL,
|
2000-12-31 01:38:37 +00:00
|
|
|
}, {
|
2016-11-30 16:26:10 -07:00
|
|
|
"syslog_badpri", T_LOGPRI|T_BOOL,
|
2011-05-17 12:52:20 -04:00
|
|
|
N_("Syslog priority to use when user authenticates unsuccessfully: %s"),
|
2004-01-16 23:02:18 +00:00
|
|
|
NULL,
|
2000-12-31 01:38:37 +00:00
|
|
|
}, {
|
|
|
|
|
"long_otp_prompt", T_FLAG,
|
2011-05-17 12:52:20 -04:00
|
|
|
N_("Put OTP prompt on its own line"),
|
2004-01-16 23:02:18 +00:00
|
|
|
NULL,
|
2000-12-31 01:38:37 +00:00
|
|
|
}, {
|
|
|
|
|
"ignore_dot", T_FLAG,
|
2011-05-17 12:52:20 -04:00
|
|
|
N_("Ignore '.' in $PATH"),
|
2004-01-16 23:02:18 +00:00
|
|
|
NULL,
|
2000-12-31 01:38:37 +00:00
|
|
|
}, {
|
|
|
|
|
"mail_always", T_FLAG,
|
2011-05-17 12:52:20 -04:00
|
|
|
N_("Always send mail when sudo is run"),
|
2004-01-16 23:02:18 +00:00
|
|
|
NULL,
|
2001-11-12 18:13:03 +00:00
|
|
|
}, {
|
|
|
|
|
"mail_badpass", T_FLAG,
|
2011-05-17 12:52:20 -04:00
|
|
|
N_("Send mail if user authentication fails"),
|
2004-01-16 23:02:18 +00:00
|
|
|
NULL,
|
2000-12-31 01:38:37 +00:00
|
|
|
}, {
|
|
|
|
|
"mail_no_user", T_FLAG,
|
2011-05-17 12:52:20 -04:00
|
|
|
N_("Send mail if the user is not in sudoers"),
|
2004-01-16 23:02:18 +00:00
|
|
|
NULL,
|
2000-12-31 01:38:37 +00:00
|
|
|
}, {
|
|
|
|
|
"mail_no_host", T_FLAG,
|
2011-05-17 12:52:20 -04:00
|
|
|
N_("Send mail if the user is not in sudoers for this host"),
|
2004-01-16 23:02:18 +00:00
|
|
|
NULL,
|
2000-12-31 01:38:37 +00:00
|
|
|
}, {
|
|
|
|
|
"mail_no_perms", T_FLAG,
|
2011-05-17 12:52:20 -04:00
|
|
|
N_("Send mail if the user is not allowed to run a command"),
|
2004-01-16 23:02:18 +00:00
|
|
|
NULL,
|
2015-02-15 20:30:11 -07:00
|
|
|
}, {
|
|
|
|
|
"mail_all_cmnds", T_FLAG,
|
|
|
|
|
N_("Send mail if the user tries to run a command"),
|
|
|
|
|
NULL,
|
2000-12-31 01:38:37 +00:00
|
|
|
}, {
|
|
|
|
|
"tty_tickets", T_FLAG,
|
2011-05-17 12:52:20 -04:00
|
|
|
N_("Use a separate timestamp for each user/tty combo"),
|
2004-01-16 23:02:18 +00:00
|
|
|
NULL,
|
2000-12-31 01:38:37 +00:00
|
|
|
}, {
|
2003-12-30 22:31:30 +00:00
|
|
|
"lecture", T_TUPLE|T_BOOL,
|
2011-05-17 12:52:20 -04:00
|
|
|
N_("Lecture user the first time they run sudo"),
|
2003-12-30 22:31:30 +00:00
|
|
|
def_data_lecture,
|
2004-01-05 01:12:22 +00:00
|
|
|
}, {
|
|
|
|
|
"lecture_file", T_STR|T_PATH|T_BOOL,
|
2011-05-17 12:52:20 -04:00
|
|
|
N_("File containing the sudo lecture: %s"),
|
2004-01-16 23:02:18 +00:00
|
|
|
NULL,
|
2000-12-31 01:38:37 +00:00
|
|
|
}, {
|
|
|
|
|
"authenticate", T_FLAG,
|
2011-05-17 12:52:20 -04:00
|
|
|
N_("Require users to authenticate by default"),
|
2004-01-16 23:02:18 +00:00
|
|
|
NULL,
|
2000-12-31 01:38:37 +00:00
|
|
|
}, {
|
|
|
|
|
"root_sudo", T_FLAG,
|
2011-05-17 12:52:20 -04:00
|
|
|
N_("Root may run sudo"),
|
2004-01-16 23:02:18 +00:00
|
|
|
NULL,
|
2000-12-31 01:38:37 +00:00
|
|
|
}, {
|
|
|
|
|
"log_host", T_FLAG,
|
2011-05-17 12:52:20 -04:00
|
|
|
N_("Log the hostname in the (non-syslog) log file"),
|
2004-01-16 23:02:18 +00:00
|
|
|
NULL,
|
2000-12-31 01:38:37 +00:00
|
|
|
}, {
|
|
|
|
|
"log_year", T_FLAG,
|
2011-05-17 12:52:20 -04:00
|
|
|
N_("Log the year in the (non-syslog) log file"),
|
2004-01-16 23:02:18 +00:00
|
|
|
NULL,
|
2000-12-31 01:38:37 +00:00
|
|
|
}, {
|
|
|
|
|
"shell_noargs", T_FLAG,
|
2011-05-17 12:52:20 -04:00
|
|
|
N_("If sudo is invoked with no arguments, start a shell"),
|
2004-01-16 23:02:18 +00:00
|
|
|
NULL,
|
2000-12-31 01:38:37 +00:00
|
|
|
}, {
|
|
|
|
|
"set_home", T_FLAG,
|
2011-05-17 12:52:20 -04:00
|
|
|
N_("Set $HOME to the target user when starting a shell with -s"),
|
2004-01-16 23:02:18 +00:00
|
|
|
NULL,
|
2000-12-31 01:38:37 +00:00
|
|
|
}, {
|
|
|
|
|
"always_set_home", T_FLAG,
|
2011-05-17 12:52:20 -04:00
|
|
|
N_("Always set $HOME to the target user's home directory"),
|
2004-01-16 23:02:18 +00:00
|
|
|
NULL,
|
2000-12-31 01:38:37 +00:00
|
|
|
}, {
|
|
|
|
|
"path_info", T_FLAG,
|
2011-05-17 12:52:20 -04:00
|
|
|
N_("Allow some information gathering to give useful error messages"),
|
2004-01-16 23:02:18 +00:00
|
|
|
NULL,
|
2000-12-31 01:38:37 +00:00
|
|
|
}, {
|
|
|
|
|
"fqdn", T_FLAG,
|
2011-05-17 12:52:20 -04:00
|
|
|
N_("Require fully-qualified hostnames in the sudoers file"),
|
2004-01-16 23:02:18 +00:00
|
|
|
NULL,
|
2000-12-31 01:38:37 +00:00
|
|
|
}, {
|
|
|
|
|
"insults", T_FLAG,
|
2011-05-17 12:52:20 -04:00
|
|
|
N_("Insult the user when they enter an incorrect password"),
|
2004-01-16 23:02:18 +00:00
|
|
|
NULL,
|
2000-12-31 01:38:37 +00:00
|
|
|
}, {
|
|
|
|
|
"requiretty", T_FLAG,
|
2011-05-17 12:52:20 -04:00
|
|
|
N_("Only allow the user to run sudo if they have a tty"),
|
2004-01-16 23:02:18 +00:00
|
|
|
NULL,
|
2000-12-31 01:38:37 +00:00
|
|
|
}, {
|
|
|
|
|
"env_editor", T_FLAG,
|
2011-05-17 12:52:20 -04:00
|
|
|
N_("Visudo will honor the EDITOR environment variable"),
|
2004-01-16 23:02:18 +00:00
|
|
|
NULL,
|
2000-12-31 01:38:37 +00:00
|
|
|
}, {
|
|
|
|
|
"rootpw", T_FLAG,
|
2023-11-28 01:55:57 -05:00
|
|
|
N_("Prompt for root's password, not the user's"),
|
2004-01-16 23:02:18 +00:00
|
|
|
NULL,
|
2000-12-31 01:38:37 +00:00
|
|
|
}, {
|
|
|
|
|
"runaspw", T_FLAG,
|
2023-11-28 01:55:57 -05:00
|
|
|
N_("Prompt for the runas_default user's password, not the user's"),
|
2004-01-16 23:02:18 +00:00
|
|
|
NULL,
|
2000-12-31 01:38:37 +00:00
|
|
|
}, {
|
|
|
|
|
"targetpw", T_FLAG,
|
2023-11-28 01:55:57 -05:00
|
|
|
N_("Prompt for the target user's password, not the user's"),
|
2004-01-16 23:02:18 +00:00
|
|
|
NULL,
|
2000-12-31 01:38:37 +00:00
|
|
|
}, {
|
|
|
|
|
"use_loginclass", T_FLAG,
|
2011-05-17 12:52:20 -04:00
|
|
|
N_("Apply defaults in the target user's login class if there is one"),
|
2004-01-16 23:02:18 +00:00
|
|
|
NULL,
|
2000-12-31 01:38:37 +00:00
|
|
|
}, {
|
|
|
|
|
"set_logname", T_FLAG,
|
2011-05-17 12:52:20 -04:00
|
|
|
N_("Set the LOGNAME and USER environment variables"),
|
2004-01-16 23:02:18 +00:00
|
|
|
NULL,
|
2000-12-31 01:38:37 +00:00
|
|
|
}, {
|
|
|
|
|
"stay_setuid", T_FLAG,
|
2011-05-17 12:52:20 -04:00
|
|
|
N_("Only set the effective uid to the target user, not the real uid"),
|
2004-01-16 23:02:18 +00:00
|
|
|
NULL,
|
2001-12-15 00:24:27 +00:00
|
|
|
}, {
|
|
|
|
|
"preserve_groups", T_FLAG,
|
2011-05-17 12:52:20 -04:00
|
|
|
N_("Don't initialize the group vector to that of the target user"),
|
2004-01-16 23:02:18 +00:00
|
|
|
NULL,
|
2000-12-31 01:38:37 +00:00
|
|
|
}, {
|
2001-11-02 20:57:02 +00:00
|
|
|
"loglinelen", T_UINT|T_BOOL,
|
2013-12-11 14:43:04 -07:00
|
|
|
N_("Length at which to wrap log file lines (0 for no wrap): %u"),
|
2004-01-16 23:02:18 +00:00
|
|
|
NULL,
|
2000-12-31 01:38:37 +00:00
|
|
|
}, {
|
2018-01-22 12:18:48 -07:00
|
|
|
"timestamp_timeout", T_TIMESPEC|T_BOOL,
|
2011-05-17 12:52:20 -04:00
|
|
|
N_("Authentication timestamp timeout: %.1f minutes"),
|
2004-01-16 23:02:18 +00:00
|
|
|
NULL,
|
2000-12-31 01:38:37 +00:00
|
|
|
}, {
|
2018-01-22 12:18:48 -07:00
|
|
|
"passwd_timeout", T_TIMESPEC|T_BOOL,
|
2011-05-17 12:52:20 -04:00
|
|
|
N_("Password prompt timeout: %.1f minutes"),
|
2004-01-16 23:02:18 +00:00
|
|
|
NULL,
|
2000-12-31 01:38:37 +00:00
|
|
|
}, {
|
2001-11-02 20:57:02 +00:00
|
|
|
"passwd_tries", T_UINT,
|
2013-12-11 14:43:04 -07:00
|
|
|
N_("Number of tries to enter a password: %u"),
|
2004-01-16 23:02:18 +00:00
|
|
|
NULL,
|
2000-12-31 01:38:37 +00:00
|
|
|
}, {
|
|
|
|
|
"umask", T_MODE|T_BOOL,
|
2011-05-17 12:52:20 -04:00
|
|
|
N_("Umask to use or 0777 to use user's: 0%o"),
|
2004-01-16 23:02:18 +00:00
|
|
|
NULL,
|
2000-12-31 01:38:37 +00:00
|
|
|
}, {
|
|
|
|
|
"logfile", T_STR|T_BOOL|T_PATH,
|
2011-05-17 12:52:20 -04:00
|
|
|
N_("Path to log file: %s"),
|
2004-01-16 23:02:18 +00:00
|
|
|
NULL,
|
2000-12-31 01:38:37 +00:00
|
|
|
}, {
|
|
|
|
|
"mailerpath", T_STR|T_BOOL|T_PATH,
|
2011-05-17 12:52:20 -04:00
|
|
|
N_("Path to mail program: %s"),
|
2004-01-16 23:02:18 +00:00
|
|
|
NULL,
|
2000-12-31 01:38:37 +00:00
|
|
|
}, {
|
|
|
|
|
"mailerflags", T_STR|T_BOOL,
|
2011-05-17 12:52:20 -04:00
|
|
|
N_("Flags for mail program: %s"),
|
2004-01-16 23:02:18 +00:00
|
|
|
NULL,
|
2000-12-31 01:38:37 +00:00
|
|
|
}, {
|
|
|
|
|
"mailto", T_STR|T_BOOL,
|
2011-05-17 12:52:20 -04:00
|
|
|
N_("Address to send mail to: %s"),
|
2004-01-16 23:02:18 +00:00
|
|
|
NULL,
|
2008-03-05 21:52:19 +00:00
|
|
|
}, {
|
|
|
|
|
"mailfrom", T_STR|T_BOOL,
|
2011-05-17 12:52:20 -04:00
|
|
|
N_("Address to send mail from: %s"),
|
2008-03-05 21:52:19 +00:00
|
|
|
NULL,
|
2000-12-31 01:38:37 +00:00
|
|
|
}, {
|
|
|
|
|
"mailsub", T_STR,
|
2011-05-17 12:52:20 -04:00
|
|
|
N_("Subject line for mail messages: %s"),
|
2004-01-16 23:02:18 +00:00
|
|
|
NULL,
|
2000-12-31 01:38:37 +00:00
|
|
|
}, {
|
|
|
|
|
"badpass_message", T_STR,
|
2011-05-17 12:52:20 -04:00
|
|
|
N_("Incorrect password message: %s"),
|
2004-01-16 23:02:18 +00:00
|
|
|
NULL,
|
2014-01-30 15:50:40 -07:00
|
|
|
}, {
|
|
|
|
|
"lecture_status_dir", T_STR|T_PATH,
|
|
|
|
|
N_("Path to lecture status dir: %s"),
|
|
|
|
|
NULL,
|
2000-12-31 01:38:37 +00:00
|
|
|
}, {
|
|
|
|
|
"timestampdir", T_STR|T_PATH,
|
2011-05-17 12:52:20 -04:00
|
|
|
N_("Path to authentication timestamp dir: %s"),
|
2004-01-16 23:02:18 +00:00
|
|
|
NULL,
|
2002-05-03 22:47:29 +00:00
|
|
|
}, {
|
|
|
|
|
"timestampowner", T_STR,
|
2011-05-17 12:52:20 -04:00
|
|
|
N_("Owner of the authentication timestamp dir: %s"),
|
2004-01-16 23:02:18 +00:00
|
|
|
NULL,
|
2000-12-31 01:38:37 +00:00
|
|
|
}, {
|
|
|
|
|
"exempt_group", T_STR|T_BOOL,
|
2011-05-17 12:52:20 -04:00
|
|
|
N_("Users in this group are exempt from password and PATH requirements: %s"),
|
2004-01-16 23:02:18 +00:00
|
|
|
NULL,
|
2000-12-31 01:38:37 +00:00
|
|
|
}, {
|
|
|
|
|
"passprompt", T_STR,
|
2011-05-17 12:52:20 -04:00
|
|
|
N_("Default password prompt: %s"),
|
2004-01-16 23:02:18 +00:00
|
|
|
NULL,
|
2007-12-02 17:13:48 +00:00
|
|
|
}, {
|
|
|
|
|
"passprompt_override", T_FLAG,
|
2011-05-17 12:52:20 -04:00
|
|
|
N_("If set, passprompt will override system prompt in all cases."),
|
2007-12-02 17:13:48 +00:00
|
|
|
NULL,
|
2000-12-31 01:38:37 +00:00
|
|
|
}, {
|
|
|
|
|
"runas_default", T_STR,
|
2011-05-17 12:52:20 -04:00
|
|
|
N_("Default user to run commands as: %s"),
|
2004-01-16 23:02:18 +00:00
|
|
|
NULL,
|
2004-11-12 16:19:19 +00:00
|
|
|
}, {
|
|
|
|
|
"secure_path", T_STR|T_BOOL,
|
2011-05-17 12:52:20 -04:00
|
|
|
N_("Value to override user's $PATH with: %s"),
|
2004-11-12 16:19:19 +00:00
|
|
|
NULL,
|
2000-12-31 01:38:37 +00:00
|
|
|
}, {
|
|
|
|
|
"editor", T_STR|T_PATH,
|
2011-05-17 12:52:20 -04:00
|
|
|
N_("Path to the editor for use by visudo: %s"),
|
2004-01-16 23:02:18 +00:00
|
|
|
NULL,
|
2000-12-31 01:38:37 +00:00
|
|
|
}, {
|
2003-12-30 22:31:30 +00:00
|
|
|
"listpw", T_TUPLE|T_BOOL,
|
2011-05-17 12:52:20 -04:00
|
|
|
N_("When to require a password for 'list' pseudocommand: %s"),
|
2003-12-30 22:31:30 +00:00
|
|
|
def_data_listpw,
|
2000-12-31 01:38:37 +00:00
|
|
|
}, {
|
2003-12-30 22:31:30 +00:00
|
|
|
"verifypw", T_TUPLE|T_BOOL,
|
2011-05-17 12:52:20 -04:00
|
|
|
N_("When to require a password for 'verify' pseudocommand: %s"),
|
2003-12-30 22:31:30 +00:00
|
|
|
def_data_verifypw,
|
2004-01-05 02:48:09 +00:00
|
|
|
}, {
|
|
|
|
|
"noexec", T_FLAG,
|
2020-10-30 10:15:30 -06:00
|
|
|
N_("Preload the sudo_noexec library which replaces the exec functions"),
|
2004-01-16 23:02:18 +00:00
|
|
|
NULL,
|
2004-12-16 18:33:49 +00:00
|
|
|
}, {
|
|
|
|
|
"ignore_local_sudoers", T_FLAG,
|
2011-05-17 12:52:20 -04:00
|
|
|
N_("If LDAP directory is up, do we ignore local sudoers file"),
|
2004-12-16 18:33:49 +00:00
|
|
|
NULL,
|
|
|
|
|
}, {
|
|
|
|
|
"closefrom", T_INT,
|
2011-05-17 12:52:20 -04:00
|
|
|
N_("File descriptors >= %d will be closed before executing a command"),
|
2004-12-16 18:33:49 +00:00
|
|
|
NULL,
|
|
|
|
|
}, {
|
|
|
|
|
"closefrom_override", T_FLAG,
|
2020-06-24 05:40:18 -06:00
|
|
|
N_("If set, users may override the value of \"closefrom\" with the -C option"),
|
2004-12-16 18:33:49 +00:00
|
|
|
NULL,
|
2007-09-15 20:07:50 +00:00
|
|
|
}, {
|
|
|
|
|
"setenv", T_FLAG,
|
2011-05-17 12:52:20 -04:00
|
|
|
N_("Allow users to set arbitrary environment variables"),
|
2007-09-15 20:07:50 +00:00
|
|
|
NULL,
|
|
|
|
|
}, {
|
|
|
|
|
"env_reset", T_FLAG,
|
2011-05-17 12:52:20 -04:00
|
|
|
N_("Reset the environment to a default set of variables"),
|
2007-09-15 20:07:50 +00:00
|
|
|
NULL,
|
2004-01-05 21:10:19 +00:00
|
|
|
}, {
|
|
|
|
|
"env_check", T_LIST|T_BOOL,
|
2020-10-30 10:15:30 -06:00
|
|
|
N_("Environment variables to check for safety:"),
|
2004-01-16 23:02:18 +00:00
|
|
|
NULL,
|
2004-01-05 21:10:19 +00:00
|
|
|
}, {
|
|
|
|
|
"env_delete", T_LIST|T_BOOL,
|
2011-05-17 12:52:20 -04:00
|
|
|
N_("Environment variables to remove:"),
|
2004-01-16 23:02:18 +00:00
|
|
|
NULL,
|
2004-01-05 21:10:19 +00:00
|
|
|
}, {
|
|
|
|
|
"env_keep", T_LIST|T_BOOL,
|
2011-05-17 12:52:20 -04:00
|
|
|
N_("Environment variables to preserve:"),
|
2004-01-16 23:02:18 +00:00
|
|
|
NULL,
|
2008-02-09 14:30:06 +00:00
|
|
|
}, {
|
|
|
|
|
"role", T_STR,
|
2011-05-17 12:52:20 -04:00
|
|
|
N_("SELinux role to use in the new security context: %s"),
|
2008-02-09 14:30:06 +00:00
|
|
|
NULL,
|
|
|
|
|
}, {
|
|
|
|
|
"type", T_STR,
|
2011-05-17 12:52:20 -04:00
|
|
|
N_("SELinux type to use in the new security context: %s"),
|
2008-03-02 14:31:57 +00:00
|
|
|
NULL,
|
2008-05-03 00:53:21 +00:00
|
|
|
}, {
|
|
|
|
|
"env_file", T_STR|T_PATH|T_BOOL,
|
2011-05-17 12:52:20 -04:00
|
|
|
N_("Path to the sudo-specific environment file: %s"),
|
2008-05-03 00:53:21 +00:00
|
|
|
NULL,
|
2017-03-22 13:39:25 -06:00
|
|
|
}, {
|
|
|
|
|
"restricted_env_file", T_STR|T_PATH|T_BOOL,
|
|
|
|
|
N_("Path to the restricted sudo-specific environment file: %s"),
|
|
|
|
|
NULL,
|
2008-09-14 00:45:24 +00:00
|
|
|
}, {
|
|
|
|
|
"sudoers_locale", T_STR,
|
2011-05-17 12:52:20 -04:00
|
|
|
N_("Locale to use while parsing sudoers: %s"),
|
2008-09-14 00:45:24 +00:00
|
|
|
NULL,
|
2008-11-07 02:06:48 +00:00
|
|
|
}, {
|
|
|
|
|
"visiblepw", T_FLAG,
|
2011-12-18 14:20:56 -05:00
|
|
|
N_("Allow sudo to prompt for a password even if it would be visible"),
|
2008-11-07 02:06:48 +00:00
|
|
|
NULL,
|
2009-02-08 00:50:48 +00:00
|
|
|
}, {
|
2009-02-15 20:53:49 +00:00
|
|
|
"pwfeedback", T_FLAG,
|
2011-05-17 12:52:20 -04:00
|
|
|
N_("Provide visual feedback at the password prompt when there is user input"),
|
2009-02-08 00:50:48 +00:00
|
|
|
NULL,
|
2009-02-10 13:09:14 +00:00
|
|
|
}, {
|
2009-02-10 19:04:02 +00:00
|
|
|
"fast_glob", T_FLAG,
|
2011-05-17 12:52:20 -04:00
|
|
|
N_("Use faster globbing that is less accurate but does not access the filesystem"),
|
2009-02-10 13:09:14 +00:00
|
|
|
NULL,
|
2009-02-21 22:03:47 +00:00
|
|
|
}, {
|
|
|
|
|
"umask_override", T_FLAG,
|
2011-05-17 12:52:20 -04:00
|
|
|
N_("The umask specified in sudoers will override the user's, even if it is more permissive"),
|
2009-02-21 22:03:47 +00:00
|
|
|
NULL,
|
2009-08-06 00:04:14 +00:00
|
|
|
}, {
|
2010-05-30 10:31:38 -04:00
|
|
|
"log_input", T_FLAG,
|
2011-05-17 12:52:20 -04:00
|
|
|
N_("Log user's input for the command being run"),
|
2009-08-06 00:04:14 +00:00
|
|
|
NULL,
|
2022-09-20 14:35:12 -06:00
|
|
|
}, {
|
|
|
|
|
"log_stdin", T_FLAG,
|
|
|
|
|
N_("Log the command's standard input if not connected to a terminal"),
|
|
|
|
|
NULL,
|
|
|
|
|
}, {
|
|
|
|
|
"log_ttyin", T_FLAG,
|
|
|
|
|
N_("Log the user's terminal input for the command being run"),
|
|
|
|
|
NULL,
|
2009-12-14 01:49:50 +00:00
|
|
|
}, {
|
2010-05-30 10:31:38 -04:00
|
|
|
"log_output", T_FLAG,
|
2011-05-17 12:52:20 -04:00
|
|
|
N_("Log the output of the command being run"),
|
2010-05-30 10:31:38 -04:00
|
|
|
NULL,
|
2022-09-20 14:35:12 -06:00
|
|
|
}, {
|
|
|
|
|
"log_stdout", T_FLAG,
|
|
|
|
|
N_("Log the command's standard output if not connected to a terminal"),
|
|
|
|
|
NULL,
|
|
|
|
|
}, {
|
|
|
|
|
"log_stderr", T_FLAG,
|
|
|
|
|
N_("Log the command's standard error if not connected to a terminal"),
|
|
|
|
|
NULL,
|
|
|
|
|
}, {
|
|
|
|
|
"log_ttyout", T_FLAG,
|
|
|
|
|
N_("Log the terminal output of the command being run"),
|
|
|
|
|
NULL,
|
2010-05-30 10:31:38 -04:00
|
|
|
}, {
|
|
|
|
|
"compress_io", T_FLAG,
|
2011-05-17 12:52:20 -04:00
|
|
|
N_("Compress I/O logs using zlib"),
|
2009-12-14 01:49:50 +00:00
|
|
|
NULL,
|
2010-06-08 11:25:33 -04:00
|
|
|
}, {
|
|
|
|
|
"use_pty", T_FLAG,
|
2011-05-17 12:52:20 -04:00
|
|
|
N_("Always run commands in a pseudo-tty"),
|
2010-06-08 11:25:33 -04:00
|
|
|
NULL,
|
2010-07-02 11:11:25 -04:00
|
|
|
}, {
|
|
|
|
|
"group_plugin", T_STR,
|
2011-12-20 08:38:47 -05:00
|
|
|
N_("Plugin for non-Unix group support: %s"),
|
2010-07-02 11:11:25 -04:00
|
|
|
NULL,
|
2010-12-10 14:14:35 -05:00
|
|
|
}, {
|
|
|
|
|
"iolog_dir", T_STR|T_PATH,
|
2011-12-20 08:38:47 -05:00
|
|
|
N_("Directory in which to store input/output logs: %s"),
|
2010-12-10 14:14:35 -05:00
|
|
|
NULL,
|
2010-12-27 12:18:32 -05:00
|
|
|
}, {
|
|
|
|
|
"iolog_file", T_STR,
|
2011-12-20 08:38:47 -05:00
|
|
|
N_("File in which to store the input/output log: %s"),
|
2010-12-27 12:18:32 -05:00
|
|
|
NULL,
|
2011-03-15 15:53:49 -04:00
|
|
|
}, {
|
|
|
|
|
"set_utmp", T_FLAG,
|
2011-05-17 12:52:20 -04:00
|
|
|
N_("Add an entry to the utmp/utmpx file when allocating a pty"),
|
2011-03-15 15:53:49 -04:00
|
|
|
NULL,
|
|
|
|
|
}, {
|
|
|
|
|
"utmp_runas", T_FLAG,
|
2011-05-17 12:52:20 -04:00
|
|
|
N_("Set the user in utmp to the runas user, not the invoking user"),
|
2011-03-15 15:53:49 -04:00
|
|
|
NULL,
|
2012-07-26 13:49:21 -04:00
|
|
|
}, {
|
|
|
|
|
"privs", T_STR,
|
2017-07-20 13:58:54 -06:00
|
|
|
N_("Set of permitted privileges: %s"),
|
2012-07-26 13:49:21 -04:00
|
|
|
NULL,
|
|
|
|
|
}, {
|
|
|
|
|
"limitprivs", T_STR,
|
2017-07-20 13:58:54 -06:00
|
|
|
N_("Set of limit privileges: %s"),
|
2012-07-26 13:49:21 -04:00
|
|
|
NULL,
|
2013-01-11 14:34:09 -05:00
|
|
|
}, {
|
|
|
|
|
"exec_background", T_FLAG,
|
|
|
|
|
N_("Run commands on a pty in the background"),
|
|
|
|
|
NULL,
|
2013-08-06 11:01:36 -06:00
|
|
|
}, {
|
|
|
|
|
"pam_service", T_STR,
|
2017-07-20 13:58:54 -06:00
|
|
|
N_("PAM service name to use: %s"),
|
2013-08-06 11:01:36 -06:00
|
|
|
NULL,
|
|
|
|
|
}, {
|
|
|
|
|
"pam_login_service", T_STR,
|
2017-07-20 13:58:54 -06:00
|
|
|
N_("PAM service name to use for login shells: %s"),
|
2013-08-06 11:01:36 -06:00
|
|
|
NULL,
|
2022-01-08 11:35:03 -07:00
|
|
|
}, {
|
|
|
|
|
"pam_askpass_service", T_STR,
|
|
|
|
|
N_("PAM service name to use when sudo is run with the -A option: %s"),
|
|
|
|
|
NULL,
|
2013-08-06 14:44:21 -06:00
|
|
|
}, {
|
|
|
|
|
"pam_setcred", T_FLAG,
|
|
|
|
|
N_("Attempt to establish PAM credentials for the target user"),
|
|
|
|
|
NULL,
|
2013-02-24 06:15:37 -05:00
|
|
|
}, {
|
|
|
|
|
"pam_session", T_FLAG,
|
|
|
|
|
N_("Create a new PAM session for the command to run in"),
|
|
|
|
|
NULL,
|
2019-04-29 19:44:13 -06:00
|
|
|
}, {
|
|
|
|
|
"pam_acct_mgmt", T_FLAG,
|
|
|
|
|
N_("Perform PAM account validation management"),
|
|
|
|
|
NULL,
|
2024-04-17 19:30:11 -06:00
|
|
|
}, {
|
|
|
|
|
"pam_silent", T_FLAG,
|
|
|
|
|
N_("Do not allow PAM authentication modules to generate output"),
|
|
|
|
|
NULL,
|
2013-02-18 15:06:23 -05:00
|
|
|
}, {
|
2019-10-24 20:04:31 -06:00
|
|
|
"maxseq", T_STR,
|
|
|
|
|
N_("Maximum I/O log sequence number: %s"),
|
2013-02-18 15:06:23 -05:00
|
|
|
NULL,
|
2014-02-07 14:58:48 -07:00
|
|
|
}, {
|
|
|
|
|
"use_netgroups", T_FLAG,
|
|
|
|
|
N_("Enable sudoers netgroup support"),
|
|
|
|
|
NULL,
|
2015-10-23 14:04:35 -06:00
|
|
|
}, {
|
|
|
|
|
"sudoedit_checkdir", T_FLAG,
|
2016-01-11 15:09:08 -07:00
|
|
|
N_("Check parent directories for writability when editing files with sudoedit"),
|
2015-10-23 14:04:35 -06:00
|
|
|
NULL,
|
2015-08-06 13:20:01 -06:00
|
|
|
}, {
|
|
|
|
|
"sudoedit_follow", T_FLAG,
|
|
|
|
|
N_("Follow symbolic links when editing files with sudoedit"),
|
|
|
|
|
NULL,
|
2015-10-24 05:43:07 -06:00
|
|
|
}, {
|
|
|
|
|
"always_query_group_plugin", T_FLAG,
|
|
|
|
|
N_("Query the group plugin for unknown system groups"),
|
|
|
|
|
NULL,
|
2016-01-12 14:59:44 -07:00
|
|
|
}, {
|
|
|
|
|
"netgroup_tuple", T_FLAG,
|
|
|
|
|
N_("Match netgroups based on the entire tuple: user, host and domain"),
|
|
|
|
|
NULL,
|
2016-08-17 07:22:51 -06:00
|
|
|
}, {
|
|
|
|
|
"ignore_audit_errors", T_FLAG,
|
|
|
|
|
N_("Allow commands to be run even if sudo cannot write to the audit log"),
|
|
|
|
|
NULL,
|
|
|
|
|
}, {
|
|
|
|
|
"ignore_iolog_errors", T_FLAG,
|
|
|
|
|
N_("Allow commands to be run even if sudo cannot write to the I/O log"),
|
|
|
|
|
NULL,
|
|
|
|
|
}, {
|
|
|
|
|
"ignore_logfile_errors", T_FLAG,
|
|
|
|
|
N_("Allow commands to be run even if sudo cannot write to the log file"),
|
|
|
|
|
NULL,
|
2016-08-30 13:42:42 -06:00
|
|
|
}, {
|
|
|
|
|
"match_group_by_gid", T_FLAG,
|
|
|
|
|
N_("Resolve groups in sudoers and match on the group ID, not the name"),
|
|
|
|
|
NULL,
|
2016-10-18 15:51:47 -06:00
|
|
|
}, {
|
|
|
|
|
"syslog_maxlen", T_UINT,
|
2017-02-10 15:08:44 -07:00
|
|
|
N_("Log entries larger than this value will be split into multiple syslog messages: %u"),
|
2016-10-18 15:51:47 -06:00
|
|
|
NULL,
|
2016-10-29 12:45:55 -06:00
|
|
|
}, {
|
|
|
|
|
"iolog_user", T_STR|T_BOOL,
|
|
|
|
|
N_("User that will own the I/O log files: %s"),
|
|
|
|
|
NULL,
|
|
|
|
|
}, {
|
|
|
|
|
"iolog_group", T_STR|T_BOOL,
|
|
|
|
|
N_("Group that will own the I/O log files: %s"),
|
|
|
|
|
NULL,
|
|
|
|
|
}, {
|
|
|
|
|
"iolog_mode", T_MODE,
|
|
|
|
|
N_("File mode to use for the I/O log files: 0%o"),
|
|
|
|
|
NULL,
|
2017-01-22 18:56:16 -08:00
|
|
|
}, {
|
|
|
|
|
"fdexec", T_TUPLE|T_BOOL,
|
|
|
|
|
N_("Execute commands by file descriptor instead of by path: %s"),
|
|
|
|
|
def_data_fdexec,
|
2017-02-06 05:41:57 -07:00
|
|
|
}, {
|
|
|
|
|
"ignore_unknown_defaults", T_FLAG,
|
|
|
|
|
N_("Ignore unknown Defaults entries in sudoers instead of producing a warning"),
|
|
|
|
|
NULL,
|
2017-02-14 15:56:34 -07:00
|
|
|
}, {
|
|
|
|
|
"command_timeout", T_TIMEOUT|T_BOOL,
|
|
|
|
|
N_("Time in seconds after which the command will be terminated: %u"),
|
|
|
|
|
NULL,
|
2017-02-16 09:58:18 -07:00
|
|
|
}, {
|
|
|
|
|
"user_command_timeouts", T_FLAG,
|
|
|
|
|
N_("Allow the user to specify a timeout on the command line"),
|
|
|
|
|
NULL,
|
2017-03-20 10:25:58 -06:00
|
|
|
}, {
|
|
|
|
|
"iolog_flush", T_FLAG,
|
|
|
|
|
N_("Flush I/O log data to disk immediately instead of buffering it"),
|
|
|
|
|
NULL,
|
2017-07-20 16:33:12 -06:00
|
|
|
}, {
|
|
|
|
|
"syslog_pid", T_FLAG,
|
|
|
|
|
N_("Include the process ID when logging via syslog"),
|
|
|
|
|
NULL,
|
2017-08-01 16:14:54 -06:00
|
|
|
}, {
|
|
|
|
|
"timestamp_type", T_TUPLE,
|
|
|
|
|
N_("Type of authentication timestamp record: %s"),
|
|
|
|
|
def_data_timestamp_type,
|
2017-12-11 12:43:58 -07:00
|
|
|
}, {
|
|
|
|
|
"authfail_message", T_STR,
|
|
|
|
|
N_("Authentication failure message: %s"),
|
|
|
|
|
NULL,
|
2018-03-05 10:42:02 -07:00
|
|
|
}, {
|
|
|
|
|
"case_insensitive_user", T_FLAG,
|
|
|
|
|
N_("Ignore case when matching user names"),
|
|
|
|
|
NULL,
|
|
|
|
|
}, {
|
|
|
|
|
"case_insensitive_group", T_FLAG,
|
|
|
|
|
N_("Ignore case when matching group names"),
|
|
|
|
|
NULL,
|
2019-10-17 13:43:04 -06:00
|
|
|
}, {
|
|
|
|
|
"log_allowed", T_FLAG,
|
|
|
|
|
N_("Log when a command is allowed by sudoers"),
|
|
|
|
|
NULL,
|
|
|
|
|
}, {
|
|
|
|
|
"log_denied", T_FLAG,
|
|
|
|
|
N_("Log when a command is denied by sudoers"),
|
|
|
|
|
NULL,
|
2019-11-15 13:41:51 -07:00
|
|
|
}, {
|
2019-11-18 09:39:03 -07:00
|
|
|
"log_servers", T_LIST|T_BOOL,
|
2019-11-15 13:41:51 -07:00
|
|
|
N_("Sudo log server(s) to connect to with optional port"),
|
|
|
|
|
NULL,
|
|
|
|
|
}, {
|
|
|
|
|
"log_server_timeout", T_TIMEOUT|T_BOOL,
|
|
|
|
|
N_("Sudo log server timeout in seconds: %u"),
|
|
|
|
|
NULL,
|
2020-01-21 15:18:27 +01:00
|
|
|
}, {
|
|
|
|
|
"log_server_keepalive", T_FLAG,
|
|
|
|
|
N_("Enable SO_KEEPALIVE socket option on the socket connected to the logserver"),
|
|
|
|
|
NULL,
|
2019-11-28 11:16:54 +01:00
|
|
|
}, {
|
|
|
|
|
"log_server_cabundle", T_STR|T_BOOL|T_PATH,
|
|
|
|
|
N_("Path to the audit server's CA bundle file: %s"),
|
|
|
|
|
NULL,
|
|
|
|
|
}, {
|
|
|
|
|
"log_server_peer_cert", T_STR|T_BOOL|T_PATH,
|
|
|
|
|
N_("Path to the sudoers certificate file: %s"),
|
|
|
|
|
NULL,
|
|
|
|
|
}, {
|
|
|
|
|
"log_server_peer_key", T_STR|T_BOOL|T_PATH,
|
|
|
|
|
N_("Path to the sudoers private key file: %s"),
|
|
|
|
|
NULL,
|
2020-05-04 11:28:54 -06:00
|
|
|
}, {
|
|
|
|
|
"log_server_verify", T_FLAG,
|
|
|
|
|
N_("Verify that the log server's certificate is valid"),
|
|
|
|
|
NULL,
|
2019-12-09 17:14:06 -07:00
|
|
|
}, {
|
|
|
|
|
"runas_allow_unknown_id", T_FLAG,
|
|
|
|
|
N_("Allow the use of unknown runas user and/or group ID"),
|
|
|
|
|
NULL,
|
2019-12-09 19:29:45 -07:00
|
|
|
}, {
|
|
|
|
|
"runas_check_shell", T_FLAG,
|
|
|
|
|
N_("Only permit running commands as a user with a valid shell"),
|
|
|
|
|
NULL,
|
2020-03-01 13:37:00 -07:00
|
|
|
}, {
|
|
|
|
|
"pam_ruser", T_FLAG,
|
|
|
|
|
N_("Set the pam remote user to the user running sudo"),
|
|
|
|
|
NULL,
|
|
|
|
|
}, {
|
|
|
|
|
"pam_rhost", T_FLAG,
|
|
|
|
|
N_("Set the pam remote host to the local host name"),
|
|
|
|
|
NULL,
|
2020-09-01 06:26:00 -06:00
|
|
|
}, {
|
2020-09-01 14:10:02 -06:00
|
|
|
"runcwd", T_STR|T_BOOL|T_CHPATH,
|
2020-09-01 06:26:00 -06:00
|
|
|
N_("Working directory to change to before executing the command: %s"),
|
|
|
|
|
NULL,
|
|
|
|
|
}, {
|
2020-09-01 14:10:02 -06:00
|
|
|
"runchroot", T_STR|T_BOOL|T_CHPATH,
|
2020-09-01 06:26:00 -06:00
|
|
|
N_("Root directory to change to before executing the command: %s"),
|
|
|
|
|
NULL,
|
2020-10-27 15:26:02 -06:00
|
|
|
}, {
|
|
|
|
|
"log_format", T_TUPLE,
|
|
|
|
|
N_("The format of logs to produce: %s"),
|
|
|
|
|
def_data_log_format,
|
2021-01-08 19:29:17 -07:00
|
|
|
}, {
|
|
|
|
|
"selinux", T_FLAG,
|
|
|
|
|
N_("Enable SELinux RBAC support"),
|
|
|
|
|
NULL,
|
2021-02-16 13:20:02 -07:00
|
|
|
}, {
|
|
|
|
|
"admin_flag", T_STR|T_BOOL|T_CHPATH,
|
|
|
|
|
N_("Path to the file that is created the first time sudo is run: %s"),
|
|
|
|
|
NULL,
|
2021-08-09 15:50:25 -06:00
|
|
|
}, {
|
|
|
|
|
"intercept", T_FLAG,
|
|
|
|
|
N_("Intercept further commands and apply sudoers restrictions to them"),
|
|
|
|
|
NULL,
|
|
|
|
|
}, {
|
2021-08-26 16:36:41 -06:00
|
|
|
"log_subcmds", T_FLAG,
|
|
|
|
|
N_("Log sub-commands run by the original command"),
|
2021-08-09 15:50:25 -06:00
|
|
|
NULL,
|
2021-07-09 11:08:44 -06:00
|
|
|
}, {
|
|
|
|
|
"log_exit_status", T_FLAG,
|
|
|
|
|
N_("Log the exit status of commands"),
|
|
|
|
|
NULL,
|
2021-08-09 15:50:26 -06:00
|
|
|
}, {
|
|
|
|
|
"intercept_authenticate", T_FLAG,
|
|
|
|
|
N_("Subsequent commands in an intercepted session must be authenticated"),
|
|
|
|
|
NULL,
|
2021-08-18 15:43:26 -06:00
|
|
|
}, {
|
|
|
|
|
"intercept_allow_setid", T_FLAG,
|
|
|
|
|
N_("Allow an intercepted command to run set setuid or setgid programs"),
|
|
|
|
|
NULL,
|
2021-11-08 17:46:19 -07:00
|
|
|
}, {
|
|
|
|
|
"rlimit_as", T_RLIMIT|T_BOOL,
|
|
|
|
|
N_("The maximum size to which the process's address space may grow (in bytes): %s"),
|
|
|
|
|
NULL,
|
|
|
|
|
}, {
|
|
|
|
|
"rlimit_core", T_RLIMIT|T_BOOL,
|
|
|
|
|
N_("The largest size core dump file that may be created (in bytes): %s"),
|
|
|
|
|
NULL,
|
|
|
|
|
}, {
|
|
|
|
|
"rlimit_cpu", T_RLIMIT|T_BOOL,
|
|
|
|
|
N_("The maximum amount of CPU time that the process may use (in seconds): %s"),
|
|
|
|
|
NULL,
|
|
|
|
|
}, {
|
|
|
|
|
"rlimit_data", T_RLIMIT|T_BOOL,
|
|
|
|
|
N_("The maximum size of the data segment for the process (in bytes): %s"),
|
|
|
|
|
NULL,
|
|
|
|
|
}, {
|
|
|
|
|
"rlimit_fsize", T_RLIMIT|T_BOOL,
|
|
|
|
|
N_("The largest size file that the process may create (in bytes): %s"),
|
|
|
|
|
NULL,
|
|
|
|
|
}, {
|
|
|
|
|
"rlimit_locks", T_RLIMIT|T_BOOL,
|
|
|
|
|
N_("The maximum number of locks that the process may establish: %s"),
|
|
|
|
|
NULL,
|
|
|
|
|
}, {
|
|
|
|
|
"rlimit_memlock", T_RLIMIT|T_BOOL,
|
|
|
|
|
N_("The maximum size that the process may lock in memory (in bytes): %s"),
|
|
|
|
|
NULL,
|
|
|
|
|
}, {
|
|
|
|
|
"rlimit_nofile", T_RLIMIT|T_BOOL,
|
|
|
|
|
N_("The maximum number of files that the process may have open: %s"),
|
|
|
|
|
NULL,
|
|
|
|
|
}, {
|
|
|
|
|
"rlimit_nproc", T_RLIMIT|T_BOOL,
|
|
|
|
|
N_("The maximum number of processes that the user may run simultaneously: %s"),
|
|
|
|
|
NULL,
|
|
|
|
|
}, {
|
|
|
|
|
"rlimit_rss", T_RLIMIT|T_BOOL,
|
|
|
|
|
N_("The maximum size to which the process's resident set size may grow (in bytes): %s"),
|
|
|
|
|
NULL,
|
|
|
|
|
}, {
|
|
|
|
|
"rlimit_stack", T_RLIMIT|T_BOOL,
|
|
|
|
|
N_("The maximum size to which the process's stack may grow (in bytes): %s"),
|
|
|
|
|
NULL,
|
2022-02-01 20:08:26 -07:00
|
|
|
}, {
|
|
|
|
|
"noninteractive_auth", T_FLAG,
|
|
|
|
|
N_("Attempt authentication even when in non-interactive mode"),
|
|
|
|
|
NULL,
|
2022-01-28 08:52:41 -07:00
|
|
|
}, {
|
|
|
|
|
"log_passwords", T_FLAG,
|
|
|
|
|
N_("Store plaintext passwords in I/O log input"),
|
|
|
|
|
NULL,
|
|
|
|
|
}, {
|
2022-01-28 08:52:41 -07:00
|
|
|
"passprompt_regex", T_LIST|T_SPACE|T_BOOL,
|
2022-01-28 08:52:41 -07:00
|
|
|
N_("List of regular expressions to use when matching a password prompt"),
|
|
|
|
|
NULL,
|
2022-05-24 13:39:28 -06:00
|
|
|
}, {
|
|
|
|
|
"intercept_type", T_TUPLE,
|
|
|
|
|
N_("The mechanism used by the intercept and log_subcmds options: %s"),
|
|
|
|
|
def_data_intercept_type,
|
2022-07-29 15:22:27 -06:00
|
|
|
}, {
|
|
|
|
|
"intercept_verify", T_FLAG,
|
2022-10-10 09:12:47 -06:00
|
|
|
N_("Attempt to verify the command and arguments after execution"),
|
2022-07-29 15:22:27 -06:00
|
|
|
NULL,
|
2022-05-23 13:16:10 -06:00
|
|
|
}, {
|
|
|
|
|
"apparmor_profile", T_STR,
|
|
|
|
|
N_("AppArmor profile to use in the new security context: %s"),
|
|
|
|
|
NULL,
|
2023-11-20 23:29:04 +00:00
|
|
|
}, {
|
|
|
|
|
"cmddenial_message", T_STR,
|
|
|
|
|
N_("Command denial message: %s"),
|
|
|
|
|
NULL,
|
2000-12-31 01:38:37 +00:00
|
|
|
}, {
|
|
|
|
|
NULL, 0, NULL
|
|
|
|
|
}
|
|
|
|
|
};
|
