sudo/INSTALL

INSTALL NOTES

1) Read the Makefile and sudo.h to enable/disable the options you may
   or may now want.

2) Type make and see if your OS is on the list.  If it is just do
   "make ostype" where ostype one of the ones listed (ie "make sunos").

   If your os is not listed, you can try "make generic" and see if it
   works.  You may have to add your own OS entry to the config directory.
   Take a look at the entries in config/ for an idea of how to do so.
   The way things work is that Makefile creates Makefile.real by cat'ing
   config/os-type (architecture dependent portion) and Makefile.common
   (architecture independent portion).  It should be fairly straight-
   forward.  See the file PORTING for hints.

3) Do a make install (as root) to install sudo.  If you get an error
   about setuid(0) failing, something went wrong with the install and
   the permissions on sudo are wrong.  Sudo needs to run setuid root.
   If you get this message, chances are it's not running setuid root.

   You can also install various pieces the package via install-binaries,
   install-man, install-sudoers.

4) Customize /etc/sudoers for your site.  Read the man page and take a
   look at sample.sudoers to see how to do this.

5) You're done.

A few notes:

a) To use syslog with the ultrix version you *may* need to grab
   and install pub/DEC/jtkohl-syslog-complete.tar.Z available from
   gatekeeper.dec.com via anonymous ftp.  All our decs have this installed
   so I'm not really sure if it's necessary or not.  Regardless, it's
   a nice port of the 4.3 syslogd that backwards compatible with the
   ultrix version.  Highly recommended.

b) visudo will *NOT* use the editor referred to by the EDITOR or
   VISUAL environmental variables unless you define ENV_EDITOR in
   Makefile.ind.  I like the feature, but it can be a security hole
   if you don't know about it.  If you have EDITOR set to something
   secure (ie: no shells or external commands) in the Makefile or
   sudo.h you don't want to define ENV_EDITOR.  Note that vi (the default
   editor) is anything *but* secure in this respect (and no, setting the
   editor to a wrapper that sets the SHELL envar to /bin/true does *not*
   make vi secure--you can change your shell from within vi).  If you
   leave the default of vi, you really don't stand to lose anything by
   defining ENV_EDITOR.

c) If you have a sense of humor you may want to define USE_INSULTS to
   get the insults from the "old" sudo when you enter an incorrect
   password.  Beware, this feature causes some people to want to throw
   their machine across the room and dash it to tiny pieces.
   Sci fi fans may want to define HAL as well (see insults.h).

d) When creating a config file for a new os type, you should use the loader
   options that cause sudo to be statically linked.  That way, you're
   immune from a user with limited sudo changing libc in such a way as
   to get a root shell.  Some shared library implementations don't
   let you do this if the executable is setuid (solaris 2.x for example).
   In those cases it's unnecessary to link statically.

Please send changes, bugs, security holes, and gripes to:
    sudo-bugs@cs.colorado.edu
Initial revision 1993-11-27 23:48:09 +00:00			`INSTALL NOTES`

rewrote most of this 1993-12-07 06:33:16 +00:00			`1) Read the Makefile and sudo.h to enable/disable the options you may`
			`or may now want.`

			`2) Type make and see if your OS is on the list. If it is just do`
			`"make ostype" where ostype one of the ones listed (ie "make sunos").`

			`If your os is not listed, you can try "make generic" and see if it`
updated for new config scheme 1994-01-31 06:50:45 +00:00			`works. You may have to add your own OS entry to the config directory.`
			`Take a look at the entries in config/ for an idea of how to do so.`
			`The way things work is that Makefile creates Makefile.real by cat'ing`
minor update 1994-02-06 00:30:26 +00:00			`config/os-type (architecture dependent portion) and Makefile.common`
updated for new config scheme 1994-01-31 06:50:45 +00:00			`(architecture independent portion). It should be fairly straight-`
minor update 1994-02-06 00:30:26 +00:00			`forward. See the file PORTING for hints.`
updated for new config scheme 1994-01-31 06:50:45 +00:00
			`3) Do a make install (as root) to install sudo. If you get an error`
			`about setuid(0) failing, something went wrong with the install and`
rewrote most of this 1993-12-07 06:33:16 +00:00			`the permissions on sudo are wrong. Sudo needs to run setuid root.`
			`If you get this message, chances are it's not running setuid root.`

			`You can also install various pieces the package via install-binaries,`
			`install-man, install-sudoers.`

added sample.sudoers note 1994-02-10 18:50:34 +00:00			`4) Customize /etc/sudoers for your site. Read the man page and take a`
			`look at sample.sudoers to see how to do this.`

			`5) You're done.`
rewrote most of this 1993-12-07 06:33:16 +00:00
			`A few notes:`

			`a) To use syslog with the ultrix version you may need to grab`
			`and install pub/DEC/jtkohl-syslog-complete.tar.Z available from`
			`gatekeeper.dec.com via anonymous ftp. All our decs have this installed`
updated for new config scheme 1994-01-31 06:50:45 +00:00			`so I'm not really sure if it's necessary or not. Regardless, it's`
rewrote most of this 1993-12-07 06:33:16 +00:00			`a nice port of the 4.3 syslogd that backwards compatible with the`
			`ultrix version. Highly recommended.`

updated for new config scheme 1994-01-31 06:50:45 +00:00			`b) visudo will NOT use the editor referred to by the EDITOR or`
			`VISUAL environmental variables unless you define ENV_EDITOR in`
			`Makefile.ind. I like the feature, but it can be a security hole`
			`if you don't know about it. If you have EDITOR set to something`
rewrote most of this 1993-12-07 06:33:16 +00:00			`secure (ie: no shells or external commands) in the Makefile or`
updated for new config scheme 1994-01-31 06:50:45 +00:00			`sudo.h you don't want to define ENV_EDITOR. Note that vi (the default`
			`editor) is anything but secure in this respect (and no, setting the`
			`editor to a wrapper that sets the SHELL envar to /bin/true does not`
			`make vi secure--you can change your shell from within vi). If you`
			`leave the default of vi, you really don't stand to lose anything by`
			`defining ENV_EDITOR.`

			`c) If you have a sense of humor you may want to define USE_INSULTS to`
rewrote most of this 1993-12-07 06:33:16 +00:00			`get the insults from the "old" sudo when you enter an incorrect`
			`password. Beware, this feature causes some people to want to throw`
			`their machine across the room and dash it to tiny pieces.`
mentioned HAL 1994-02-09 03:55:12 +00:00			`Sci fi fans may want to define HAL as well (see insults.h).`
added dec syslog note 1993-11-28 00:46:01 +00:00
updated for new config scheme 1994-01-31 06:50:45 +00:00			`d) When creating a config file for a new os type, you should use the loader`
			`options that cause sudo to be statically linked. That way, you're`
			`immune from a user with limited sudo changing libc in such a way as`
			`to get a root shell. Some shared library implementations don't`
			`let you do this if the executable is setuid (solaris 2.x for example).`
			`In those cases it's unnecessary to link statically.`

Initial revision 1993-11-27 23:48:09 +00:00			`Please send changes, bugs, security holes, and gripes to:`
			`sudo-bugs@cs.colorado.edu`