diff --git a/docs/cvtsudoers.man.in b/docs/cvtsudoers.man.in index c99dea514..a9a9e6ef0 100644 --- a/docs/cvtsudoers.man.in +++ b/docs/cvtsudoers.man.in @@ -2,7 +2,7 @@ .\" .\" SPDX-License-Identifier: ISC .\" -.\" Copyright (c) 2018, 2021 Todd C. Miller +.\" Copyright (c) 2018, 2021-2022 Todd C. Miller .\" .\" Permission to use, copy, modify, and distribute this software for any .\" purpose with or without fee is hereby granted, provided that the above @@ -16,7 +16,7 @@ .\" ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF .\" OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. .\" -.TH "CVTSUDOERS" "1" "December 16, 2021" "Sudo @PACKAGE_VERSION@" "General Commands Manual" +.TH "CVTSUDOERS" "1" "January 19, 2022" "Sudo @PACKAGE_VERSION@" "General Commands Manual" .nh .if n .ad l .SH "NAME" @@ -99,7 +99,7 @@ All Defaults entries. .TP 10n global Global Defaults entries that are applied regardless of -user, runas, host or command. +user, runas, host, or command. .TP 10n user Per-user Defaults entries. @@ -172,12 +172,12 @@ Conversion to LDIF has the following limitations: .PD 0 .TP 3n \fB\(bu\fR -Command, host, runas and user-specific Defaults lines cannot be +Command, host, runas, and user-specific Defaults lines cannot be translated as they don't have an equivalent in the sudoers LDAP schema. .PD .TP 3n \fB\(bu\fR -Command, host, runas and user aliases are not supported by the +Command, host, runas, and user aliases are not supported by the sudoers LDAP schema so they are expanded during the conversion. .PD 0 .PP @@ -272,10 +272,10 @@ or .sp A matching \fIsudoers\fR -rule may also include users, groups and hosts that are not part of the +rule may also include users, groups, and hosts that are not part of the \fIfilter\fR. -This can happen when a rule includes multiple users, groups or hosts. -To prune out any non-matching user, group or host from the rules, the +This can happen when a rule includes multiple users, groups, or hosts. +To prune out any non-matching user, group, or host from the rules, the \fB\-p\fR option may be used. .sp @@ -338,7 +338,7 @@ When the \fB\-m\fR option is also specified, \fBcvtsudoers\fR -will prune out non-matching users, groups and hosts from +will prune out non-matching users, groups, and hosts from matching entries. .TP 12n \fB\-P\fR \fIpadding\fR, \fB\--padding\fR=\fIpadding\fR @@ -428,7 +428,7 @@ each conflict. If a host name is specified with the input file, \fBcvtsudoers\fR will change the global Defaults settings in that file to be host-specific. -A warning is emitted for command, user or runas-specific Defaults settings +A warning is emitted for command, user, or runas-specific Defaults settings which cannot be made host-specific. .TP 3n \fB\(bu\fR diff --git a/docs/cvtsudoers.mdoc.in b/docs/cvtsudoers.mdoc.in index e72317724..95fcaaa4d 100644 --- a/docs/cvtsudoers.mdoc.in +++ b/docs/cvtsudoers.mdoc.in @@ -1,7 +1,7 @@ .\" .\" SPDX-License-Identifier: ISC .\" -.\" Copyright (c) 2018, 2021 Todd C. Miller +.\" Copyright (c) 2018, 2021-2022 Todd C. Miller .\" .\" Permission to use, copy, modify, and distribute this software for any .\" purpose with or without fee is hereby granted, provided that the above @@ -15,7 +15,7 @@ .\" ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF .\" OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. .\" -.Dd December 16, 2021 +.Dd January 19, 2022 .Dt CVTSUDOERS 1 .Os Sudo @PACKAGE_VERSION@ .Sh NAME @@ -90,7 +90,7 @@ The supported types are: All Defaults entries. .It global Global Defaults entries that are applied regardless of -user, runas, host or command. +user, runas, host, or command. .It user Per-user Defaults entries. .It runas @@ -148,10 +148,10 @@ server for use with Conversion to LDIF has the following limitations: .Bl -bullet -width 1n .It -Command, host, runas and user-specific Defaults lines cannot be +Command, host, runas, and user-specific Defaults lines cannot be translated as they don't have an equivalent in the sudoers LDAP schema. .It -Command, host, runas and user aliases are not supported by the +Command, host, runas, and user aliases are not supported by the sudoers LDAP schema so they are expanded during the conversion. .El .It sudoers @@ -225,10 +225,10 @@ or .Pp A matching .Em sudoers -rule may also include users, groups and hosts that are not part of the +rule may also include users, groups, and hosts that are not part of the .Ar filter . -This can happen when a rule includes multiple users, groups or hosts. -To prune out any non-matching user, group or host from the rules, the +This can happen when a rule includes multiple users, groups, or hosts. +To prune out any non-matching user, group, or host from the rules, the .Fl p option may be used. .Pp @@ -286,7 +286,7 @@ When the .Fl m option is also specified, .Nm -will prune out non-matching users, groups and hosts from +will prune out non-matching users, groups, and hosts from matching entries. .It Fl P Ar padding , Fl -padding Ns = Ns Ar padding When generating LDIF output, construct the initial sudoOrder value by @@ -372,7 +372,7 @@ each conflict. If a host name is specified with the input file, .Nm will change the global Defaults settings in that file to be host-specific. -A warning is emitted for command, user or runas-specific Defaults settings +A warning is emitted for command, user, or runas-specific Defaults settings which cannot be made host-specific. .It Per-user rules are merged and duplicates are removed. diff --git a/docs/sudo.conf.man.in b/docs/sudo.conf.man.in index 16a08b11f..82033e58d 100644 --- a/docs/sudo.conf.man.in +++ b/docs/sudo.conf.man.in @@ -2,7 +2,7 @@ .\" .\" SPDX-License-Identifier: ISC .\" -.\" Copyright (c) 2010-2021 Todd C. Miller +.\" Copyright (c) 2010-2022 Todd C. Miller .\" .\" Permission to use, copy, modify, and distribute this software for any .\" purpose with or without fee is hereby granted, provided that the above @@ -17,7 +17,7 @@ .\" OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. .\" .nr SL @SEMAN@ -.TH "SUDO.CONF" "@mansectform@" "September 17, 2021" "Sudo @PACKAGE_VERSION@" "File Formats Manual" +.TH "SUDO.CONF" "@mansectform@" "January 19, 2022" "Sudo @PACKAGE_VERSION@" "File Formats Manual" .nh .if n .ad l .SH "NAME" @@ -29,15 +29,15 @@ The file is used to configure the \fBsudo\fR front-end. -It specifies the security policy and I/O logging plugins, debug flags -as well as plugin-agnostic path names and settings. +It is used to configure sudo plugins, plugin-agnostic path names, +debug flags, and other settings. .PP The \fBsudo.conf\fR file supports the following directives, described in detail below. .TP 10n Plugin -an approval, audit, I/O logging or security policy plugin +an approval, audit, I/O logging, or security policy plugin .TP 10n Path a plugin-agnostic path @@ -186,7 +186,7 @@ file is present, or if it contains no lines, the \fBsudoers\fR plugin will be used as the default security policy, for I/O logging -(if enabled by the policy) and for auditing. +(if enabled by the policy), and for auditing. This is equivalent to the following: .nf .sp @@ -493,7 +493,7 @@ Currently, \fBsudo\fR supports efficient group queries on AIX, BSD, -HP-UX, Linux, macOS and Solaris. +HP-UX, Linux, macOS, and Solaris. This is the default behavior on macOS in \fBsudo\fR 1.9.6 and higher. @@ -572,13 +572,13 @@ A \fRDebug\fR line consists of the \fRDebug\fR -keyword, followed by the name of the program, plugin or shared object to debug, -the debug file name and a comma-separated list of debug flags. +keyword, followed by the name of the program, plugin, or shared object +to debug, the debug file name, and a comma-separated list of debug flags. The debug flag syntax used by \fBsudo\fR, the \fBsudoers\fR -plugin and its associated programs and shared objects is +plugin along with its associated programs and shared objects is \fIsubsystem\fR@\fIpriority\fR but a third-party plugin is free to use a different format so long as it does not include a comma @@ -637,7 +637,7 @@ entry as the front-end and could not be configured separately. .PP The following priorities are supported, in order of decreasing severity: -\fIcrit\fR, \fIerr\fR, \fIwarn\fR, \fInotice\fR, \fIdiag\fR, \fIinfo\fR, \fItrace\fR +\fIcrit\fR, \fIerr\fR, \fIwarn\fR, \fInotice\fR, \fIdiag\fR, \fIinfo\fR, \fItrace\fR, and \fIdebug\fR. Each priority, when specified, also includes all priorities higher @@ -667,7 +667,7 @@ sudo[123] <- get_user_groups @ src/sudo.c:429 := groups=10,0,5 .PP When the function is entered, indicated by a right arrow \(oq->\(cq, -the program, process ID, function, source file and line number +the program, process ID, function, source file, and line number are logged. When the function returns, indicated by a left arrow \(oq<-\(cq, @@ -863,10 +863,10 @@ front-end configuration # Debug program /path/to/debug_log subsystem@priority[,subsyste@priority] # # Sudo and related programs support logging debug information to a file. -# The program is typically sudo, sudoers.so, sudoreplay or visudo. +# The program is typically sudo, sudoers.so, sudoreplay, or visudo. # # Subsystems vary based on the program; "all" matches all subsystems. -# Priority may be crit, err, warn, notice, diag, info, trace or debug. +# Priority may be crit, err, warn, notice, diag, info, trace, or debug. # Multiple subsystem@priority may be specified, separated by a comma. # #Debug sudo /var/log/sudo_debug all@debug diff --git a/docs/sudo.conf.mdoc.in b/docs/sudo.conf.mdoc.in index f6ae6e6f0..d5dd74016 100644 --- a/docs/sudo.conf.mdoc.in +++ b/docs/sudo.conf.mdoc.in @@ -1,7 +1,7 @@ .\" .\" SPDX-License-Identifier: ISC .\" -.\" Copyright (c) 2010-2021 Todd C. Miller +.\" Copyright (c) 2010-2022 Todd C. Miller .\" .\" Permission to use, copy, modify, and distribute this software for any .\" purpose with or without fee is hereby granted, provided that the above @@ -16,7 +16,7 @@ .\" OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. .\" .nr SL @SEMAN@ -.Dd September 17, 2021 +.Dd January 19, 2022 .Dt SUDO.CONF @mansectform@ .Os Sudo @PACKAGE_VERSION@ .Sh NAME @@ -28,15 +28,15 @@ The file is used to configure the .Nm sudo front-end. -It specifies the security policy and I/O logging plugins, debug flags -as well as plugin-agnostic path names and settings. +It is used to configure sudo plugins, plugin-agnostic path names, +debug flags, and other settings. .Pp The .Nm file supports the following directives, described in detail below. .Bl -tag -width 8n .It Plugin -an approval, audit, I/O logging or security policy plugin +an approval, audit, I/O logging, or security policy plugin .It Path a plugin-agnostic path .It Set @@ -171,7 +171,7 @@ file is present, or if it contains no lines, the .Nm sudoers plugin will be used as the default security policy, for I/O logging -(if enabled by the policy) and for auditing. +(if enabled by the policy), and for auditing. This is equivalent to the following: .Bd -literal -offset indent Plugin sudoers_policy sudoers.so @@ -453,7 +453,7 @@ Currently, .Nm sudo supports efficient group queries on AIX, .Bx , -HP-UX, Linux, macOS and Solaris. +HP-UX, Linux, macOS, and Solaris. This is the default behavior on macOS in .Nm sudo 1.9.6 and higher. @@ -522,13 +522,13 @@ A .Li Debug line consists of the .Li Debug -keyword, followed by the name of the program, plugin or shared object to debug, -the debug file name and a comma-separated list of debug flags. +keyword, followed by the name of the program, plugin, or shared object +to debug, the debug file name, and a comma-separated list of debug flags. The debug flag syntax used by .Nm sudo , the .Nm sudoers -plugin and its associated programs and shared objects is +plugin along with its associated programs and shared objects is .Em subsystem Ns @ Ns Em priority but a third-party plugin is free to use a different format so long as it does not include a comma @@ -581,7 +581,7 @@ entry as the front-end and could not be configured separately. .Pp The following priorities are supported, in order of decreasing severity: -.Em crit , err , warn , notice , diag , info , trace +.Em crit , err , warn , notice , diag , info , trace , and .Em debug . Each priority, when specified, also includes all priorities higher @@ -608,7 +608,7 @@ sudo[123] <- get_user_groups @ src/sudo.c:429 := groups=10,0,5 .Pp When the function is entered, indicated by a right arrow .Ql -> , -the program, process ID, function, source file and line number +the program, process ID, function, source file, and line number are logged. When the function returns, indicated by a left arrow .Ql <- , @@ -792,10 +792,10 @@ front-end configuration # Debug program /path/to/debug_log subsystem@priority[,subsyste@priority] # # Sudo and related programs support logging debug information to a file. -# The program is typically sudo, sudoers.so, sudoreplay or visudo. +# The program is typically sudo, sudoers.so, sudoreplay, or visudo. # # Subsystems vary based on the program; "all" matches all subsystems. -# Priority may be crit, err, warn, notice, diag, info, trace or debug. +# Priority may be crit, err, warn, notice, diag, info, trace, or debug. # Multiple subsystem@priority may be specified, separated by a comma. # #Debug sudo /var/log/sudo_debug all@debug diff --git a/docs/sudo.man.in b/docs/sudo.man.in index b815f8fae..250588687 100644 --- a/docs/sudo.man.in +++ b/docs/sudo.man.in @@ -2,7 +2,7 @@ .\" .\" SPDX-License-Identifier: ISC .\" -.\" Copyright (c) 1994-1996, 1998-2005, 2007-2021 +.\" Copyright (c) 1994-1996, 1998-2005, 2007-2022 .\" Todd C. Miller .\" .\" Permission to use, copy, modify, and distribute this software for any @@ -25,7 +25,7 @@ .nr BA @BAMAN@ .nr LC @LCMAN@ .nr PS @PSMAN@ -.TH "SUDO" "@mansectsu@" "December 11, 2021" "Sudo @PACKAGE_VERSION@" "System Manager's Manual" +.TH "SUDO" "@mansectsu@" "January 19, 2022" "Sudo @PACKAGE_VERSION@" "System Manager's Manual" .nh .if n .ad l .SH "NAME" @@ -108,10 +108,10 @@ user-ID is used to determine the user name with which to query the security policy. .PP \fBsudo\fR -supports a plugin architecture for security policies and input/output -logging. -Third parties can develop and distribute their own policy and I/O -logging plugins to work seamlessly with the +supports a plugin architecture for security policies, auditing, +and input/output logging. +Third parties can develop and distribute their own plugins to work +seamlessly with the \fBsudo\fR front-end. The default security policy is @@ -178,7 +178,8 @@ the \fB\-e\fR option (described below), is implied. .PP -Security policies may log successful and failed attempts to use +Security policies and audit plugins may log successful and failed attempts +to run \fBsudo\fR. If an I/O plugin is configured, the running command's input and output may be logged as well. @@ -255,7 +256,7 @@ Values less than three are not permitted. By default, \fBsudo\fR will close all open file descriptors other than standard input, -standard output and standard error when executing a command. +standard output, and standard error when executing a command. The security policy may restrict the user's ability to use this option. The \fIsudoers\fR @@ -444,7 +445,7 @@ Run the shell specified by the target user's password database entry as a login shell. This means that login-specific resource files such as \fI.profile\fR, -\fI.bash_profile\fR +\fI.bash_profile\fR, or \fI.login\fR will be read by the shell. @@ -484,7 +485,7 @@ When used without a command, invalidates the user's cached credentials. In other words, the next time \fBsudo\fR is run a password will be required. -This option does not require a password and was added to allow a +This option does not require a password, and was added to allow a user to revoke \fBsudo\fR permissions from a @@ -551,7 +552,7 @@ policy: .PD 0 .TP 4n \fR%H\fR -expanded to the host name including the domain name (on if the +expanded to the host name including the domain name (only if the machine's host name is fully qualified or the \fIfqdn\fR option is set in @@ -693,13 +694,12 @@ Other security policies may not support this. \fB\-V\fR, \fB\--version\fR Print the \fBsudo\fR -version string as well as the version string of the security -policy plugin and any I/O plugins. -If the invoking user is already root the +version string as well as the version string of any configured plugins. +If the invoking user is already root, the \fB\-V\fR option will display the arguments passed to configure when \fBsudo\fR -was built and plugins may display more verbose information such as +was built; plugins may display additional information such as default options. .TP 12n \fB\-v\fR, \fB\--validate\fR @@ -867,7 +867,8 @@ first. The \fIsudoers\fR policy plugin will only define a close function when I/O logging -is enabled, a pty is required, or the +is enabled, a pty is required, an SELinux role is specified, the +command has an associated timeout, or the \fIpam_session\fR or \fIpam_setcred\fR @@ -948,7 +949,7 @@ family of functions instead of If no I/O logging plugins are loaded and the policy plugin has not defined a \fBclose\fR() -function, set a command timeout or required that the command be +function, set a command timeout, or required that the command be run in a new pty, \fBsudo\fR may execute the command directly instead of running it as a child process. @@ -970,7 +971,7 @@ lines, \fBsudo\fR will use sudoers(@mansectform@) -for the policy, auditing and I/O logging plugins. +for the policy, auditing, and I/O logging plugins. See the sudo.conf(@mansectform@) manual for details of the @@ -1001,7 +1002,7 @@ option, the exit value will only be 0 if the command is permitted by the security policy, otherwise it will be 1. .PP If there is an authentication failure, a configuration/permission -problem or if the given command cannot be executed, +problem, or if the given command cannot be executed, \fBsudo\fR exits with a value of 1. In the latter case, the error string is printed to the standard error. @@ -1114,7 +1115,7 @@ is set. \fRMAIL\fR Set to the mail spool of the target user when the \fB\-i\fR -option is specified or when +option is specified, or when \fIenv_reset\fR is enabled in \fIsudoers\fR @@ -1155,7 +1156,7 @@ Set to the login name of the target user when the option is specified, when the \fIset_logname\fR option is enabled in -\fIsudoers\fR +\fIsudoers\fR, or when the \fIenv_reset\fR option is enabled in diff --git a/docs/sudo.mdoc.in b/docs/sudo.mdoc.in index 5597b735f..dd7ba5fcd 100644 --- a/docs/sudo.mdoc.in +++ b/docs/sudo.mdoc.in @@ -1,7 +1,7 @@ .\" .\" SPDX-License-Identifier: ISC .\" -.\" Copyright (c) 1994-1996, 1998-2005, 2007-2021 +.\" Copyright (c) 1994-1996, 1998-2005, 2007-2022 .\" Todd C. Miller .\" .\" Permission to use, copy, modify, and distribute this software for any @@ -24,7 +24,7 @@ .nr BA @BAMAN@ .nr LC @LCMAN@ .nr PS @PSMAN@ -.Dd December 11, 2021 +.Dd January 19, 2022 .Dt SUDO @mansectsu@ .Os Sudo @PACKAGE_VERSION@ .Sh NAME @@ -112,10 +112,10 @@ user-ID is used to determine the user name with which to query the security policy. .Pp .Nm -supports a plugin architecture for security policies and input/output -logging. -Third parties can develop and distribute their own policy and I/O -logging plugins to work seamlessly with the +supports a plugin architecture for security policies, auditing, +and input/output logging. +Third parties can develop and distribute their own plugins to work +seamlessly with the .Nm front-end. The default security policy is @@ -182,7 +182,8 @@ the .Fl e option (described below), is implied. .Pp -Security policies may log successful and failed attempts to use +Security policies and audit plugins may log successful and failed attempts +to run .Nm . If an I/O plugin is configured, the running command's input and output may be logged as well. @@ -250,7 +251,7 @@ Values less than three are not permitted. By default, .Nm will close all open file descriptors other than standard input, -standard output and standard error when executing a command. +standard output, and standard error when executing a command. The security policy may restrict the user's ability to use this option. The .Em sudoers @@ -421,7 +422,7 @@ Run the shell specified by the target user's password database entry as a login shell. This means that login-specific resource files such as .Pa .profile , -.Pa .bash_profile +.Pa .bash_profile , or .Pa .login will be read by the shell. @@ -459,7 +460,7 @@ When used without a command, invalidates the user's cached credentials. In other words, the next time .Nm is run a password will be required. -This option does not require a password and was added to allow a +This option does not require a password, and was added to allow a user to revoke .Nm permissions from a @@ -519,7 +520,7 @@ escape sequences are supported by the policy: .Bl -tag -width 2n .It Li %H -expanded to the host name including the domain name (on if the +expanded to the host name including the domain name (only if the machine's host name is fully qualified or the .Em fqdn option is set in @@ -646,13 +647,12 @@ Other security policies may not support this. .It Fl V , -version Print the .Nm -version string as well as the version string of the security -policy plugin and any I/O plugins. -If the invoking user is already root the +version string as well as the version string of any configured plugins. +If the invoking user is already root, the .Fl V option will display the arguments passed to configure when .Nm -was built and plugins may display more verbose information such as +was built; plugins may display additional information such as default options. .It Fl v , -validate Update the user's cached credentials, authenticating the user @@ -808,7 +808,8 @@ first. The .Em sudoers policy plugin will only define a close function when I/O logging -is enabled, a pty is required, or the +is enabled, a pty is required, an SELinux role is specified, the +command has an associated timeout, or the .Em pam_session or .Em pam_setcred @@ -889,7 +890,7 @@ family of functions instead of If no I/O logging plugins are loaded and the policy plugin has not defined a .Fn close -function, set a command timeout or required that the command be +function, set a command timeout, or required that the command be run in a new pty, .Nm may execute the command directly instead of running it as a child process. @@ -911,7 +912,7 @@ lines, .Nm will use .Xr sudoers @mansectform@ -for the policy, auditing and I/O logging plugins. +for the policy, auditing, and I/O logging plugins. See the .Xr sudo.conf @mansectform@ manual for details of the @@ -942,7 +943,7 @@ option, the exit value will only be 0 if the command is permitted by the security policy, otherwise it will be 1. .Pp If there is an authentication failure, a configuration/permission -problem or if the given command cannot be executed, +problem, or if the given command cannot be executed, .Nm exits with a value of 1. In the latter case, the error string is printed to the standard error. @@ -1051,7 +1052,7 @@ is set. .It Ev MAIL Set to the mail spool of the target user when the .Fl i -option is specified or when +option is specified, or when .Em env_reset is enabled in .Em sudoers @@ -1090,7 +1091,7 @@ Set to the login name of the target user when the option is specified, when the .Em set_logname option is enabled in -.Em sudoers +.Em sudoers , or when the .Em env_reset option is enabled in diff --git a/docs/sudo_logsrv.proto.man.in b/docs/sudo_logsrv.proto.man.in index dcd50d923..dbaa42dfe 100644 --- a/docs/sudo_logsrv.proto.man.in +++ b/docs/sudo_logsrv.proto.man.in @@ -2,7 +2,7 @@ .\" .\" SPDX-License-Identifier: ISC .\" -.\" Copyright (c) 2019-2020 Todd C. Miller +.\" Copyright (c) 2019-2022 Todd C. Miller .\" .\" Permission to use, copy, modify, and distribute this software for any .\" purpose with or without fee is hereby granted, provided that the above @@ -16,7 +16,7 @@ .\" ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF .\" OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. .\" -.TH "SUDO_LOGSRV.PROTO" "@mansectform@" "August 3, 2021" "Sudo @PACKAGE_VERSION@" "File Formats Manual" +.TH "SUDO_LOGSRV.PROTO" "@mansectform@" "January 19, 2022" "Sudo @PACKAGE_VERSION@" "File Formats Manual" .nh .if n .ad l .SH "NAME" @@ -124,7 +124,7 @@ An is used to represent information about the invoking user as well as the execution environment the command runs in the form of key-value pairs. The key is always a string but the value may be a 64-bit integer, -a string, an array of strings or an array of 64-bit integers. +a string, an array of strings, or an array of 64-bit integers. The event log data is composed of \fIInfoMessage\fR entries. @@ -361,7 +361,7 @@ message IoBuffer { An \fIIoBuffer\fR is used to represent data from terminal input, terminal -output, standard input, standard output or standard error. +output, standard input, standard output, or standard error. It contains the following members: .TP 8n delay @@ -373,7 +373,7 @@ should be calculated using a monotonic clock where possible. .TP 8n data The binary I/O log data from terminal input, terminal output, -standard input, standard output or standard error. +standard input, standard output, or standard error. .SS "ChangeWindowSize winsize_event" .nf .RS 0n diff --git a/docs/sudo_logsrv.proto.mdoc.in b/docs/sudo_logsrv.proto.mdoc.in index 7801b1e70..eabacbf7a 100644 --- a/docs/sudo_logsrv.proto.mdoc.in +++ b/docs/sudo_logsrv.proto.mdoc.in @@ -1,7 +1,7 @@ .\" .\" SPDX-License-Identifier: ISC .\" -.\" Copyright (c) 2019-2020 Todd C. Miller +.\" Copyright (c) 2019-2022 Todd C. Miller .\" .\" Permission to use, copy, modify, and distribute this software for any .\" purpose with or without fee is hereby granted, provided that the above @@ -15,7 +15,7 @@ .\" ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF .\" OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. .\" -.Dd August 3, 2021 +.Dd January 19, 2022 .Dt SUDO_LOGSRV.PROTO @mansectform@ .Os Sudo @PACKAGE_VERSION@ .Sh NAME @@ -116,7 +116,7 @@ An is used to represent information about the invoking user as well as the execution environment the command runs in the form of key-value pairs. The key is always a string but the value may be a 64-bit integer, -a string, an array of strings or an array of 64-bit integers. +a string, an array of strings, or an array of 64-bit integers. The event log data is composed of .Em InfoMessage entries. @@ -334,7 +334,7 @@ message IoBuffer { An .Em IoBuffer is used to represent data from terminal input, terminal -output, standard input, standard output or standard error. +output, standard input, standard output, or standard error. It contains the following members: .Bl -tag -width Ds .It delay @@ -345,7 +345,7 @@ The should be calculated using a monotonic clock where possible. .It data The binary I/O log data from terminal input, terminal output, -standard input, standard output or standard error. +standard input, standard output, or standard error. .El .Ss ChangeWindowSize winsize_event .Bd -literal diff --git a/docs/sudo_logsrvd.conf.man.in b/docs/sudo_logsrvd.conf.man.in index 592e99866..5e44c15fd 100644 --- a/docs/sudo_logsrvd.conf.man.in +++ b/docs/sudo_logsrvd.conf.man.in @@ -2,7 +2,7 @@ .\" .\" SPDX-License-Identifier: ISC .\" -.\" Copyright (c) 2019-2021 Todd C. Miller +.\" Copyright (c) 2019-2022 Todd C. Miller .\" .\" Permission to use, copy, modify, and distribute this software for any .\" purpose with or without fee is hereby granted, provided that the above @@ -16,7 +16,7 @@ .\" ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF .\" OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. .\" -.TH "SUDO_LOGSRVD.CONF" "@mansectform@" "October 16, 2021" "Sudo @PACKAGE_VERSION@" "File Formats Manual" +.TH "SUDO_LOGSRVD.CONF" "@mansectform@" "January 19, 2022" "Sudo @PACKAGE_VERSION@" "File Formats Manual" .nh .if n .ad l .SH "NAME" @@ -31,7 +31,7 @@ log server. It uses an INI-style format made up of sections in square brackets and \(lqkey = value\(rq pairs specific to each section below the section name. -Depending on the key, values may be integers, booleans or strings. +Depending on the key, values may be integers, booleans, or strings. Section and key names are not case sensitive, but values are. .PP The pound sign @@ -571,7 +571,7 @@ are set, I/O log files and directories are created with group-ID 0. .TP 10n iolog_mode = mode The file mode to use when creating I/O log files. -Mode bits for read and write permissions for owner, group or other +Mode bits for read and write permissions for owner, group, or other are honored, everything else is ignored. The file permissions will always include the owner read and write bits, even if they are not present in the specified mode. @@ -612,7 +612,7 @@ The section configures how (and if) security policy events are logged. .TP 6n log_type = string -Where to log accept, reject and alert events reported by the policy. +Where to log accept, reject, and alert events reported by the policy. Supported values are \fIsyslog\fR, \fIlogfile\fR, @@ -718,7 +718,7 @@ creates log messages up to 960 bytes which corresponds to the historic BSD syslog implementation which used a 1024 byte buffer -to store the message, date, hostname and program name. +to store the message, date, hostname, and program name. .sp To prevent syslog messages from being truncated, \fBsudo_logsrvd\fR @@ -956,7 +956,7 @@ Sudo log server configuration file #maxseq = 2176782336 [eventlog] -# Where to log accept, reject, exit and alert events. +# Where to log accept, reject, exit, and alert events. # Accepted values are syslog, logfile, or none. # Defaults to syslog #log_type = syslog diff --git a/docs/sudo_logsrvd.conf.mdoc.in b/docs/sudo_logsrvd.conf.mdoc.in index 1d43a34ad..539bc14c7 100644 --- a/docs/sudo_logsrvd.conf.mdoc.in +++ b/docs/sudo_logsrvd.conf.mdoc.in @@ -1,7 +1,7 @@ .\" .\" SPDX-License-Identifier: ISC .\" -.\" Copyright (c) 2019-2021 Todd C. Miller +.\" Copyright (c) 2019-2022 Todd C. Miller .\" .\" Permission to use, copy, modify, and distribute this software for any .\" purpose with or without fee is hereby granted, provided that the above @@ -15,7 +15,7 @@ .\" ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF .\" OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. .\" -.Dd October 16, 2021 +.Dd January 19, 2022 .Dt SUDO_LOGSRVD.CONF @mansectform@ .Os Sudo @PACKAGE_VERSION@ .Sh NAME @@ -30,7 +30,7 @@ log server. It uses an INI-style format made up of sections in square brackets and .Dq key = value pairs specific to each section below the section name. -Depending on the key, values may be integers, booleans or strings. +Depending on the key, values may be integers, booleans, or strings. Section and key names are not case sensitive, but values are. .Pp The pound sign @@ -505,7 +505,7 @@ nor are set, I/O log files and directories are created with group-ID 0. .It iolog_mode = mode The file mode to use when creating I/O log files. -Mode bits for read and write permissions for owner, group or other +Mode bits for read and write permissions for owner, group, or other are honored, everything else is ignored. The file permissions will always include the owner read and write bits, even if they are not present in the specified mode. @@ -545,7 +545,7 @@ The section configures how (and if) security policy events are logged. .Bl -tag -width 4n .It log_type = string -Where to log accept, reject and alert events reported by the policy. +Where to log accept, reject, and alert events reported by the policy. Supported values are .Em syslog , .Em logfile , @@ -646,7 +646,7 @@ creates log messages up to 960 bytes which corresponds to the historic .Bx syslog implementation which used a 1024 byte buffer -to store the message, date, hostname and program name. +to store the message, date, hostname, and program name. .Pp To prevent syslog messages from being truncated, .Nm sudo_logsrvd @@ -884,7 +884,7 @@ Sudo log server configuration file #maxseq = 2176782336 [eventlog] -# Where to log accept, reject, exit and alert events. +# Where to log accept, reject, exit, and alert events. # Accepted values are syslog, logfile, or none. # Defaults to syslog #log_type = syslog diff --git a/docs/sudo_plugin.man.in b/docs/sudo_plugin.man.in index 4bb208987..45514103b 100644 --- a/docs/sudo_plugin.man.in +++ b/docs/sudo_plugin.man.in @@ -2,7 +2,7 @@ .\" .\" SPDX-License-Identifier: ISC .\" -.\" Copyright (c) 2009-2021 Todd C. Miller +.\" Copyright (c) 2009-2022 Todd C. Miller .\" .\" Permission to use, copy, modify, and distribute this software for any .\" purpose with or without fee is hereby granted, provided that the above @@ -16,7 +16,7 @@ .\" ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF .\" OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. .\" -.TH "SUDO_PLUGIN" "5" "November 8, 2021" "Sudo @PACKAGE_VERSION@" "File Formats Manual" +.TH "SUDO_PLUGIN" "5" "January 19, 2022" "Sudo @PACKAGE_VERSION@" "File Formats Manual" .nh .if n .ad l .SH "NAME" @@ -33,11 +33,10 @@ systems that support them) or compiled statically into the binary itself. By default, the \fBsudoers\fR -policy plugin and an associated I/O logging plugin are used. +plugin provides audit, security policy and I/O logging capabilities. Via the plugin API, \fBsudo\fR -can be configured to use alternate policy and/or I/O logging plugins -provided by third parties. +can be configured to use alternate plugins provided by third parties. The plugins to be used are specified in the sudo.conf(@mansectform@) file. @@ -286,8 +285,7 @@ from the \fBcheck_policy\fR() function, which will cause \fBsudo\fR -to print a usage message and -exit. +to print a usage message and exit. .TP 6n implied_shell=bool If the user does not specify a program on the command line, @@ -1404,7 +1402,7 @@ SELinux type to use when executing the command. set_utmp=bool Create a utmp (or utmpx) entry when a pseudo-terminal is allocated. By default, the new entry will be a copy of the user's existing utmp -entry (if any), with the tty, time, type and pid fields updated. +entry (if any), with the tty, time, type, and pid fields updated. .TP 6n sudoedit=bool Set to true when in @@ -1546,7 +1544,7 @@ int (*list)(int argc, char * const argv[], int verbose, .RS 6n .sp List available privileges for the invoking user. -Returns 1 on success, 0 on failure and \-1 on error. +Returns 1 on success, 0 on failure, and \-1 on error. On error, the plugin may optionally call the \fBconversation\fR() or @@ -1651,7 +1649,7 @@ function should be \fRNULL\fR if the plugin does not support credential caching. .sp -Returns 1 on success, 0 on failure and \-1 on error. +Returns 1 on success, 0 on failure, and \-1 on error. On error, the plugin may optionally call the \fBconversation\fR() or @@ -1794,7 +1792,7 @@ front-end before using \fIuser_env_out\fR. Failure to do so may result in a crash. .sp -Returns 1 on success, 0 on failure and \-1 on error. +Returns 1 on success, 0 on failure, and \-1 on error. On error, the plugin may optionally call the \fBconversation\fR() or @@ -1835,7 +1833,7 @@ The \fBregister_hook\fR() function should be used to register any supported hooks the plugin needs. -It returns 0 on success, 1 if the hook type is not supported and \-1 +It returns 0 on success, 1 if the hook type is not supported, and \-1 if the major version in \fRstruct hook\fR does not match the front-end's major hook API version. @@ -2038,7 +2036,7 @@ When an I/O plugin is loaded, runs the command in a pseudo-terminal. This makes it possible to log the input and output from the user's session. -If any of the standard input, standard output or standard error do not +If any of the standard input, standard output, or standard error do not correspond to a tty, \fBsudo\fR will open a pipe to capture @@ -2051,10 +2049,10 @@ The log_ttyout function receives output from the pseudo-terminal that is suitable for replaying the user's session at a later time. The \fBlog_stdin\fR(), -\fBlog_stdout\fR() +\fBlog_stdout\fR(), and \fBlog_stderr\fR() -functions are only called if the standard input, standard output +functions are only called if the standard input, standard output, or standard error respectively correspond to something other than a tty. .PP @@ -2439,7 +2437,7 @@ the user but before it is passed to the running command. This allows the plugin to reject data if it chooses to (for instance if the input contains banned content). Returns 1 if the data should be passed to the command, 0 if the data -is rejected (which will terminate the running command) or \-1 if an +is rejected (which will terminate the running command), or \-1 if an error occurred. .sp The function arguments are as follows: @@ -2499,7 +2497,7 @@ the command but before it is written to the user's terminal. This allows the plugin to reject data if it chooses to (for instance if the output contains banned content). Returns 1 if the data should be passed to the user, 0 if the data is rejected -(which will terminate the running command) or \-1 if an error occurred. +(which will terminate the running command), or \-1 if an error occurred. .sp The function arguments are as follows: .TP 6n @@ -2559,8 +2557,9 @@ It is called whenever data can be read from the standard input but before it is passed to the running command. This allows the plugin to reject data if it chooses to (for instance if the input contains banned content). -Returns 1 if the data should be passed to the command, 0 if the data is -rejected (which will terminate the running command) or \-1 if an error occurred. +Returns 1 if the data should be passed to the command, 0 if the +data is rejected (which will terminate the running command), or \-1 +if an error occurred. .sp The function arguments are as follows: .TP 6n @@ -2620,8 +2619,9 @@ It is called whenever data can be read from the command but before it is written to the standard output. This allows the plugin to reject data if it chooses to (for instance if the output contains banned content). -Returns 1 if the data should be passed to the user, 0 if the data is -rejected (which will terminate the running command) or \-1 if an error occurred. +Returns 1 if the data should be passed to the user, 0 if the data +is rejected (which will terminate the running command), or \-1 if +an error occurred. .sp The function arguments are as follows: .TP 6n @@ -2681,8 +2681,9 @@ It is called whenever data can be read from the command but before it is written to the standard error. This allows the plugin to reject data if it chooses to (for instance if the output contains banned content). -Returns 1 if the data should be passed to the user, 0 if the data is -rejected (which will terminate the running command) or \-1 if an error occurred. +Returns 1 if the data should be passed to the user, 0 if the data +is rejected (which will terminate the running command), or \-1 if +an error occurred. .sp The function arguments are as follows: .TP 6n @@ -3009,7 +3010,7 @@ The function may also be used to display additional error message to the user. The \fBconversation\fR() -function returns 0 on success and \-1 on failure. +function returns 0 on success, and \-1 on failure. .TP 6n plugin_printf A pointer to a @@ -3227,7 +3228,7 @@ front-end. plugin_type The type of plugin that accepted the command, currently either \fRSUDO_POLICY_PLUGIN\fR, -\fRSUDO_POLICY_APPROVAL\fR +\fRSUDO_POLICY_APPROVAL\fR, or \fRSUDO_FRONT_END\fR. The @@ -3346,7 +3347,7 @@ The name of the plugin that rejected the command. plugin_type The type of plugin that rejected the command, currently either \fRSUDO_POLICY_PLUGIN\fR, -\fRSUDO_APPROVAL_PLUGIN\fR +\fRSUDO_APPROVAL_PLUGIN\fR, or \fRSUDO_IO_PLUGIN\fR. .sp @@ -4787,12 +4788,12 @@ or try to write the message to the user's terminal. If the terminal is unavailable, the standard error or standard output will be used, depending upon whether -The user's terminal is always used when possible for input, -this flag is only used for output. \fRSUDO_CONV_ERROR_MSG\fR or \fRSUDO_CONV_INFO_MSG\fR was used. +The user's terminal is always used when possible for input, +this flag is only used for output. .PP The \fItimeout\fR @@ -4891,7 +4892,7 @@ This can be used to query a group source other than the standard Unix group database. Two sample group plugins are bundled with \fBsudo\fR, -\fIgroup_file\fR +\fIgroup_file\fR, and \fIsystem_group\fR, are detailed in @@ -4902,7 +4903,7 @@ A group plugin must declare and populate a \fRsudoers_group_plugin\fR struct in the global scope. This structure contains pointers to the functions that implement plugin -initialization, cleanup and group lookup. +initialization, cleanup, and group lookup. .nf .sp .RS 0n diff --git a/docs/sudo_plugin.mdoc.in b/docs/sudo_plugin.mdoc.in index e753ffee7..0c540f476 100644 --- a/docs/sudo_plugin.mdoc.in +++ b/docs/sudo_plugin.mdoc.in @@ -1,7 +1,7 @@ .\" .\" SPDX-License-Identifier: ISC .\" -.\" Copyright (c) 2009-2021 Todd C. Miller +.\" Copyright (c) 2009-2022 Todd C. Miller .\" .\" Permission to use, copy, modify, and distribute this software for any .\" purpose with or without fee is hereby granted, provided that the above @@ -15,7 +15,7 @@ .\" ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF .\" OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. .\" -.Dd November 8, 2021 +.Dd January 19, 2022 .Dt SUDO_PLUGIN @mansectform@ .Os Sudo @PACKAGE_VERSION@ .Sh NAME @@ -32,11 +32,10 @@ systems that support them) or compiled statically into the binary itself. By default, the .Nm sudoers -policy plugin and an associated I/O logging plugin are used. +plugin provides audit, security policy and I/O logging capabilities. Via the plugin API, .Nm sudo -can be configured to use alternate policy and/or I/O logging plugins -provided by third parties. +can be configured to use alternate plugins provided by third parties. The plugins to be used are specified in the .Xr sudo.conf @mansectform@ file. @@ -265,8 +264,7 @@ from the .Fn check_policy function, which will cause .Nm sudo -to print a usage message and -exit. +to print a usage message and exit. .It implied_shell=bool If the user does not specify a program on the command line, .Nm sudo @@ -1256,7 +1254,7 @@ SELinux type to use when executing the command. .It set_utmp=bool Create a utmp (or utmpx) entry when a pseudo-terminal is allocated. By default, the new entry will be a copy of the user's existing utmp -entry (if any), with the tty, time, type and pid fields updated. +entry (if any), with the tty, time, type, and pid fields updated. .It sudoedit=bool Set to true when in .Em sudoedit @@ -1380,7 +1378,7 @@ int (*list)(int argc, char * const argv[], int verbose, .Ed .Pp List available privileges for the invoking user. -Returns 1 on success, 0 on failure and \-1 on error. +Returns 1 on success, 0 on failure, and \-1 on error. On error, the plugin may optionally call the .Fn conversation or @@ -1474,7 +1472,7 @@ function should be .Dv NULL if the plugin does not support credential caching. .Pp -Returns 1 on success, 0 on failure and \-1 on error. +Returns 1 on success, 0 on failure, and \-1 on error. On error, the plugin may optionally call the .Fn conversation or @@ -1605,7 +1603,7 @@ front-end before using .Em user_env_out . Failure to do so may result in a crash. .Pp -Returns 1 on success, 0 on failure and \-1 on error. +Returns 1 on success, 0 on failure, and \-1 on error. On error, the plugin may optionally call the .Fn conversation or @@ -1641,7 +1639,7 @@ The .Fn register_hook function should be used to register any supported hooks the plugin needs. -It returns 0 on success, 1 if the hook type is not supported and \-1 +It returns 0 on success, 1 if the hook type is not supported, and \-1 if the major version in .Li struct hook does not match the front-end's major hook API version. @@ -1828,7 +1826,7 @@ When an I/O plugin is loaded, runs the command in a pseudo-terminal. This makes it possible to log the input and output from the user's session. -If any of the standard input, standard output or standard error do not +If any of the standard input, standard output, or standard error do not correspond to a tty, .Nm sudo will open a pipe to capture @@ -1841,10 +1839,10 @@ The log_ttyout function receives output from the pseudo-terminal that is suitable for replaying the user's session at a later time. The .Fn log_stdin , -.Fn log_stdout +.Fn log_stdout , and .Fn log_stderr -functions are only called if the standard input, standard output +functions are only called if the standard input, standard output, or standard error respectively correspond to something other than a tty. .Pp @@ -2192,7 +2190,7 @@ the user but before it is passed to the running command. This allows the plugin to reject data if it chooses to (for instance if the input contains banned content). Returns 1 if the data should be passed to the command, 0 if the data -is rejected (which will terminate the running command) or \-1 if an +is rejected (which will terminate the running command), or \-1 if an error occurred. .Pp The function arguments are as follows: @@ -2243,7 +2241,7 @@ the command but before it is written to the user's terminal. This allows the plugin to reject data if it chooses to (for instance if the output contains banned content). Returns 1 if the data should be passed to the user, 0 if the data is rejected -(which will terminate the running command) or \-1 if an error occurred. +(which will terminate the running command), or \-1 if an error occurred. .Pp The function arguments are as follows: .Bl -tag -width 4n @@ -2294,8 +2292,9 @@ It is called whenever data can be read from the standard input but before it is passed to the running command. This allows the plugin to reject data if it chooses to (for instance if the input contains banned content). -Returns 1 if the data should be passed to the command, 0 if the data is -rejected (which will terminate the running command) or \-1 if an error occurred. +Returns 1 if the data should be passed to the command, 0 if the +data is rejected (which will terminate the running command), or \-1 +if an error occurred. .Pp The function arguments are as follows: .Bl -tag -width 4n @@ -2346,8 +2345,9 @@ It is called whenever data can be read from the command but before it is written to the standard output. This allows the plugin to reject data if it chooses to (for instance if the output contains banned content). -Returns 1 if the data should be passed to the user, 0 if the data is -rejected (which will terminate the running command) or \-1 if an error occurred. +Returns 1 if the data should be passed to the user, 0 if the data +is rejected (which will terminate the running command), or \-1 if +an error occurred. .Pp The function arguments are as follows: .Bl -tag -width 4n @@ -2398,8 +2398,9 @@ It is called whenever data can be read from the command but before it is written to the standard error. This allows the plugin to reject data if it chooses to (for instance if the output contains banned content). -Returns 1 if the data should be passed to the user, 0 if the data is -rejected (which will terminate the running command) or \-1 if an error occurred. +Returns 1 if the data should be passed to the user, 0 if the data +is rejected (which will terminate the running command), or \-1 if +an error occurred. .Pp The function arguments are as follows: .Bl -tag -width 4n @@ -2691,7 +2692,7 @@ The function may also be used to display additional error message to the user. The .Fn conversation -function returns 0 on success and \-1 on failure. +function returns 0 on success, and \-1 on failure. .It plugin_printf A pointer to a .Fn printf Ns -style @@ -2884,7 +2885,7 @@ front-end. .It plugin_type The type of plugin that accepted the command, currently either .Dv SUDO_POLICY_PLUGIN , -.Dv SUDO_POLICY_APPROVAL +.Dv SUDO_POLICY_APPROVAL , or .Dv SUDO_FRONT_END . The @@ -2991,7 +2992,7 @@ The name of the plugin that rejected the command. .It plugin_type The type of plugin that rejected the command, currently either .Dv SUDO_POLICY_PLUGIN , -.Dv SUDO_APPROVAL_PLUGIN +.Dv SUDO_APPROVAL_PLUGIN , or .Dv SUDO_IO_PLUGIN . .Pp @@ -4237,12 +4238,12 @@ or try to write the message to the user's terminal. If the terminal is unavailable, the standard error or standard output will be used, depending upon whether -The user's terminal is always used when possible for input, -this flag is only used for output. .Dv SUDO_CONV_ERROR_MSG or .Dv SUDO_CONV_INFO_MSG was used. +The user's terminal is always used when possible for input, +this flag is only used for output. .El .Pp The @@ -4333,7 +4334,7 @@ This can be used to query a group source other than the standard Unix group database. Two sample group plugins are bundled with .Nm sudo , -.Em group_file +.Em group_file , and .Em system_group , are detailed in @@ -4344,7 +4345,7 @@ A group plugin must declare and populate a .Li sudoers_group_plugin struct in the global scope. This structure contains pointers to the functions that implement plugin -initialization, cleanup and group lookup. +initialization, cleanup, and group lookup. .Bd -literal struct sudoers_group_plugin { unsigned int version; diff --git a/docs/sudo_plugin_python.man.in b/docs/sudo_plugin_python.man.in index 91cc35e84..1b6e7c9f5 100644 --- a/docs/sudo_plugin_python.man.in +++ b/docs/sudo_plugin_python.man.in @@ -3,6 +3,7 @@ .\" SPDX-License-Identifier: ISC .\" .\" Copyright (c) 2019-2021 Robert Manner +.\" Copyright (c) 2019-2022 Todd C. Miller .\" .\" Permission to use, copy, modify, and distribute this software for any .\" purpose with or without fee is hereby granted, provided that the above @@ -16,7 +17,7 @@ .\" ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF .\" OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. .\" -.TH "SUDO_PLUGIN_PYTHON" "5" "September 17, 2021" "Sudo @PACKAGE_VERSION@" "File Formats Manual" +.TH "SUDO_PLUGIN_PYTHON" "5" "January 19, 2022" "Sudo @PACKAGE_VERSION@" "File Formats Manual" .nh .if n .ad l .SH "NAME" @@ -97,7 +98,7 @@ The actual methods required depent on the type of the plugin, but most return an \(lqint\(rq result code, as documented in -sudo_plugin(@mansctsu@), +sudo_plugin(@mansectsu@), that indicates whether or not the method was successful. The Python sudo module defines the following constants to improve readability: .RS 4n @@ -327,7 +328,7 @@ strings. .sp To accept a command, at the very minimum the plugin must set in the \fIcommand\fR, -\fIrunas_uid\fR +\fIrunas_uid\fR, and \fIrunas_gid\fR keys. @@ -709,7 +710,7 @@ log_stderr(self, buf: str) -> int .RS 6n .sp Receive the user input or output of the terminal device and -application standard input / output / error. +application standard input, standard output, or standard error. See the matching calls in sudo_plugin(@mansectform@). .sp @@ -1022,7 +1023,7 @@ front-end. plugin_type The type of plugin that accepted the command, currently either \fRsudo.PLUGIN_TYPE.POLICY\fR, -\fRsudo.PLUGIN_TYPE.APPROVAL\fR +\fRsudo.PLUGIN_TYPE.APPROVAL\fR, or \fRsudo.PLUGIN_TYPE.SUDO\fR. The @@ -1082,7 +1083,7 @@ The name of the plugin that rejected the command. plugin_type The type of plugin that rejected the command, currently either \fRsudo.PLUGIN_TYPE.POLICY\fR, -\fRsudo.PLUGIN_TYPE.APPROVAL\fR +\fRsudo.PLUGIN_TYPE.APPROVAL\fR, or \fRsudo.PLUGIN_TYPE.IO\fR. .sp diff --git a/docs/sudo_plugin_python.mdoc.in b/docs/sudo_plugin_python.mdoc.in index 2b4ef808a..888ec4265 100644 --- a/docs/sudo_plugin_python.mdoc.in +++ b/docs/sudo_plugin_python.mdoc.in @@ -2,6 +2,7 @@ .\" SPDX-License-Identifier: ISC .\" .\" Copyright (c) 2019-2021 Robert Manner +.\" Copyright (c) 2019-2022 Todd C. Miller .\" .\" Permission to use, copy, modify, and distribute this software for any .\" purpose with or without fee is hereby granted, provided that the above @@ -15,7 +16,7 @@ .\" ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF .\" OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. .\" -.Dd September 17, 2021 +.Dd January 19, 2022 .Dt SUDO_PLUGIN_PYTHON @mansectform@ .Os Sudo @PACKAGE_VERSION@ .Sh NAME @@ -86,7 +87,7 @@ The actual methods required depent on the type of the plugin, but most return an .Dq int result code, as documented in -.Xr sudo_plugin @mansctsu@ , +.Xr sudo_plugin @mansectsu@ , that indicates whether or not the method was successful. The Python sudo module defines the following constants to improve readability: .Bl -column "sudo.RC.USAGE_ERROR" "XXX" -offset 4n @@ -280,7 +281,7 @@ strings. .Pp To accept a command, at the very minimum the plugin must set in the .Em command , -.Em runas_uid +.Em runas_uid , and .Em runas_gid keys. @@ -581,7 +582,7 @@ log_stderr(self, buf: str) -> int .Ed .Pp Receive the user input or output of the terminal device and -application standard input / output / error. +application standard input, standard output, or standard error. See the matching calls in .Xr sudo_plugin @mansectform@ . .Pp @@ -817,7 +818,7 @@ front-end. .It plugin_type The type of plugin that accepted the command, currently either .Dv sudo.PLUGIN_TYPE.POLICY , -.Dv sudo.PLUGIN_TYPE.APPROVAL +.Dv sudo.PLUGIN_TYPE.APPROVAL , or .Dv sudo.PLUGIN_TYPE.SUDO . The @@ -866,7 +867,7 @@ The name of the plugin that rejected the command. .It plugin_type The type of plugin that rejected the command, currently either .Dv sudo.PLUGIN_TYPE.POLICY , -.Dv sudo.PLUGIN_TYPE.APPROVAL +.Dv sudo.PLUGIN_TYPE.APPROVAL , or .Dv sudo.PLUGIN_TYPE.IO . .Pp diff --git a/docs/sudoers.ldap.man.in b/docs/sudoers.ldap.man.in index d9ea5584e..fac02433f 100644 --- a/docs/sudoers.ldap.man.in +++ b/docs/sudoers.ldap.man.in @@ -194,7 +194,7 @@ only be allowed if the digest matches. This may be useful in situations where the user invoking \fBsudo\fR has write access to the command or its parent directory. -The following digest formats are supported: sha224, sha256, sha384 and sha512. +The following digest formats are supported: sha224, sha256, sha384, and sha512. The digest name must be followed by a colon (\(oq:\&\(cq) and then the actual digest, in either hex or base64 format. @@ -369,7 +369,7 @@ A \fRsudoRole\fR must contain at least one \fRsudoUser\fR, -\fRsudoHost\fR +\fRsudoHost\fR, and \fRsudoCommand\fR. .PP @@ -425,7 +425,7 @@ Match all \fRnisNetgroup\fR records with a \fRnisNetgroupTriple\fR -containing the user, host and NIS domain. +containing the user, host, and NIS domain. The query will match \fRnisNetgroupTriple\fR entries with either the short or long form of the host name or @@ -461,7 +461,7 @@ For the most part, there is little need for \fBsudo\fR-specific Aliases. Unix groups, non-Unix groups (via the -\fIgroup_plugin\fR) +\fIgroup_plugin\fR), or user netgroups can be used in place of User_Aliases and Runas_Aliases. Host netgroups can be used in place of Host_Aliases. Since groups and netgroups can also be stored in LDAP there is no real need for @@ -535,7 +535,7 @@ that contains multiple commands. Multiple users and/or groups may be assigned to the \fRsudoRole\fR. .PP -Also, host, user, runas and command-based +Also, host, user, runas, and command-based \fRDefaults\fR entries are not supported. However, a @@ -941,9 +941,9 @@ If the \fBSSL\fR parameter is set to \fRon\fR, -\fRtrue\fR -\fRor\fR -\fRyes\fR, +\fRtrue\fR, +or +\fRyes\fR TLS (SSL) encryption is always used when communicating with the LDAP server. Typically, this involves connecting to the server on port 636 (ldaps). .TP 6n diff --git a/docs/sudoers.ldap.mdoc.in b/docs/sudoers.ldap.mdoc.in index a83f9b81c..4ce75bbea 100644 --- a/docs/sudoers.ldap.mdoc.in +++ b/docs/sudoers.ldap.mdoc.in @@ -186,7 +186,7 @@ only be allowed if the digest matches. This may be useful in situations where the user invoking .Nm sudo has write access to the command or its parent directory. -The following digest formats are supported: sha224, sha256, sha384 and sha512. +The following digest formats are supported: sha224, sha256, sha384, and sha512. The digest name must be followed by a colon .Pq Ql :\& and then the actual digest, in either hex or base64 format. @@ -351,7 +351,7 @@ A .Li sudoRole must contain at least one .Li sudoUser , -.Li sudoHost +.Li sudoHost , and .Li sudoCommand . .Pp @@ -404,7 +404,7 @@ Match all .Li nisNetgroup records with a .Li nisNetgroupTriple -containing the user, host and NIS domain. +containing the user, host, and NIS domain. The query will match .Li nisNetgroupTriple entries with either the short or long form of the host name or @@ -440,7 +440,7 @@ For the most part, there is little need for .Nm sudo Ns -specific Aliases. Unix groups, non-Unix groups (via the -.Em group_plugin ) +.Em group_plugin ) , or user netgroups can be used in place of User_Aliases and Runas_Aliases. Host netgroups can be used in place of Host_Aliases. Since groups and netgroups can also be stored in LDAP there is no real need for @@ -511,7 +511,7 @@ that contains multiple commands. Multiple users and/or groups may be assigned to the .Li sudoRole . .Pp -Also, host, user, runas and command-based +Also, host, user, runas, and command-based .Li Defaults entries are not supported. However, a @@ -879,9 +879,9 @@ If the .Sy SSL parameter is set to .Li on , -.Li true -.Li or -.Li yes , +.Li true , +or +.Li yes TLS (SSL) encryption is always used when communicating with the LDAP server. Typically, this involves connecting to the server on port 636 (ldaps). .It Sy SSL Ar start_tls diff --git a/docs/sudoers.man.in b/docs/sudoers.man.in index 51c626d47..16a25f3c8 100644 --- a/docs/sudoers.man.in +++ b/docs/sudoers.man.in @@ -25,7 +25,7 @@ .nr BA @BAMAN@ .nr LC @LCMAN@ .nr PS @PSMAN@ -.TH "SUDOERS" "@mansectform@" "January 8, 2022" "Sudo @PACKAGE_VERSION@" "File Formats Manual" +.TH "SUDOERS" "@mansectform@" "January 18, 2022" "Sudo @PACKAGE_VERSION@" "File Formats Manual" .nh .if n .ad l .SH "NAME" @@ -43,7 +43,7 @@ policy plugin. The policy is driven by the \fI@sysconfdir@/sudoers\fR -file or, optionally in LDAP. +file or, optionally, in LDAP. The policy format is described in detail in the \fISUDOERS FILE FORMAT\fR section. @@ -56,14 +56,14 @@ sudoers.ldap(@mansectform@). \fBsudo\fR consults the sudo.conf(@mansectform@) -file to determine which policy and I/O logging plugins to load. +file to determine which plugins to load. If no sudo.conf(@mansectform@) file is present, or if it contains no \fRPlugin\fR lines, \fBsudoers\fR -will be used for policy decisions and I/O logging. +will be used for auditing, policy decisions and I/O logging. To explicitly configure sudo.conf(@mansectform@) to use the @@ -300,7 +300,7 @@ for a description of the log file format. \fBsudoers\fR is also capable of running a command in a pseudo-terminal and logging all input and/or output. -The standard input, standard output and standard error can be logged +The standard input, standard output, and standard error can be logged even when not associated with a terminal. I/O logging is not on by default but can be enabled using the @@ -372,7 +372,7 @@ Additional variables, such as and \fRTERM\fR, are preserved from the invoking user's environment if permitted by the -\fIenv_check\fR +\fIenv_check\fR, or \fIenv_keep\fR options. @@ -846,7 +846,7 @@ non-Unix group names and IDs (prefixed with \(oq%:\(cq and \(oq%:#\(cq -respectively) and +respectively), and \fRUser_Alias\fRes. Each list item may be prefixed with zero or more \(oq\&!\(cq @@ -957,7 +957,7 @@ A \fRHost_List\fR is made up of one or more host names, IP addresses, network numbers, netgroups (prefixed with -\(oq+\(cq) +\(oq+\(cq), and other aliases. Again, the value of an item may be negated with the \(oq\&!\(cq @@ -1100,7 +1100,7 @@ Starting with version 1.9.0, the \fBALL\fR reserved word can be used in conjunction with a \fRDigest_List\fR. -The following digest formats are supported: sha224, sha256, sha384 and sha512. +The following digest formats are supported: sha224, sha256, sha384, and sha512. The string may be specified in either hex or base64 format (base64 is more compact). There are several utilities capable of generating SHA-2 digests in hex @@ -1217,7 +1217,7 @@ operator to remove an element that does not exist in a list. .PP Defaults entries are parsed in the following order: generic, host, -user and runas Defaults first, then command defaults. +user, and runas Defaults first, then command defaults. If there are multiple Defaults settings of the same type, the last matching setting is used. The following Defaults settings are parsed before all others since @@ -1586,13 +1586,13 @@ A command may have a timeout associated with it. If the timeout expires before the command has exited, the command will be terminated. The timeout may be specified in combinations of days, hours, -minutes and seconds with a single-letter case-insensitive suffix +minutes, and seconds with a single-letter case-insensitive suffix that indicates the unit of time. -For example, a timeout of 7 days, 8 hours, 30 minutes and +For example, a timeout of 7 days, 8 hours, 30 minutes, and 10 seconds would be written as \fR7d8h30m10s\fR. If a number is specified without a unit, seconds are assumed. -Any of the days, minutes, hours or seconds may be omitted. +Any of the days, minutes, hours, or seconds may be omitted. The order must be from largest to smallest unit and a unit may not be specified more than once. .PP @@ -1818,7 +1818,7 @@ section below. .sp By default, \fBsudo\fR -requires that a user authenticate him or herself +requires that a user authenticate before running a command. This behavior can be modified via the \fRNOPASSWD\fR @@ -1933,7 +1933,7 @@ and logged just like they would be if run through \fBsudo\fR directly. This is useful in conjunction with commands that allow shell escapes -such as editors, shells and paginators. +such as editors, shells, and paginators. .sp In the following example, user \fBchuck\fR @@ -1959,7 +1959,7 @@ works and whether or not it will work on your system. allows shell-style \fIwildcards\fR (aka meta or glob characters) -to be used in host names, path names and command line arguments in the +to be used in host names, path names, and command line arguments in the \fIsudoers\fR file. Wildcard matching is done via the @@ -2745,7 +2745,7 @@ This flag is only effective on systems for which \fBsudoers\fR supports audit logging, including FreeBSD, -Linux, macOS and Solaris. +Linux, macOS, and Solaris. This flag is \fIon\fR by default. @@ -3186,7 +3186,7 @@ This setting is only supported by version 1.9.8 or higher. .TP 18n netgroup_tuple If set, netgroup lookups will be performed using the full netgroup -tuple: host name, user name and domain (if one is set). +tuple: host name, user name, and domain (if one is set). Historically, \fBsudo\fR only matched the user name and domain for netgroups used in a @@ -3549,12 +3549,12 @@ A pseudo-terminal is allocated by \fBsudo\fR when it is running in a terminal and one or more of the \fIlog_input\fR, -\fIlog_output\fR +\fIlog_output\fR, or \fIuse_pty\fR flags is enabled. By default, the new entry will be a copy of the user's existing utmp -entry (if any), with the tty, time, type and pid fields updated. +entry (if any), with the tty, time, type, and pid fields updated. This flag is \fIon\fR by default. @@ -3823,7 +3823,7 @@ closefrom Before it executes a command, \fBsudo\fR will close all open file descriptors other than standard input, -standard output and standard error (ie: file descriptors 0-2). +standard output, and standard error (file descriptors 0-2). The \fIclosefrom\fR option can be used to specify a different file descriptor at which @@ -3896,7 +3896,7 @@ creates log messages up to 980 bytes which corresponds to the historic BSD syslog implementation which used a 1024 byte buffer -to store the message, date, hostname and program name. +to store the message, date, hostname, and program name. To prevent syslog messages from being truncated, \fBsudoers\fR will split up log messages that are larger than @@ -4178,7 +4178,7 @@ This setting is only supported by version 1.8.19 or higher. .TP 18n iolog_mode The file mode to use when creating I/O log files. -Mode bits for read and write permissions for owner, group or other +Mode bits for read and write permissions for owner, group, or other are honored, everything else is ignored. The file permissions will always include the owner read and write bits, even if they are not present in the specified mode. @@ -4935,7 +4935,7 @@ It is only possible to use \fIrunchroot\fR as a command-specific Defaults setting if the command exists with the same path both inside and outside the chroot jail. -This restriction does not apply to generic, host or user-based +This restriction does not apply to generic, host, or user-based Defaults settings or to a \fICmnd_Spec\fR that includes a @@ -6304,7 +6304,7 @@ The user may run any command on any machine except for those in the \fISERVERS\fR \fRHost_Alias\fR -(primary, mail, www and ns). +(primary, mail, www, and ns). .nf .sp .RS 0n @@ -6460,7 +6460,7 @@ allow shell escapes, which lets a user bypass \fBsudo\fR's access control and logging. Common programs that permit shell escapes include shells (obviously), -editors, paginators, mail and terminal programs. +editors, paginators, mail, and terminal programs. .PP There are four basic approaches to this problem: .TP 10n @@ -6850,7 +6850,7 @@ The priorities used by \fBsudoers\fR, in order of decreasing severity, are: -\fIcrit\fR, \fIerr\fR, \fIwarn\fR, \fInotice\fR, \fIdiag\fR, \fIinfo\fR, \fItrace\fR +\fIcrit\fR, \fIerr\fR, \fIwarn\fR, \fInotice\fR, \fIdiag\fR, \fIinfo\fR, \fItrace\fR, and \fIdebug\fR. Each priority, when specified, also includes all priorities higher @@ -6898,7 +6898,7 @@ LDAP-based sudoers logging support .TP 10n \fImatch\fR -matching of users, groups, hosts and netgroups in the +matching of users, groups, hosts, and netgroups in the \fIsudoers\fR file .TP 10n diff --git a/docs/sudoers.mdoc.in b/docs/sudoers.mdoc.in index 91cc1cf8f..9d42888c0 100644 --- a/docs/sudoers.mdoc.in +++ b/docs/sudoers.mdoc.in @@ -24,7 +24,7 @@ .nr BA @BAMAN@ .nr LC @LCMAN@ .nr PS @PSMAN@ -.Dd January 8, 2022 +.Dd January 18, 2022 .Dt SUDOERS @mansectform@ .Os Sudo @PACKAGE_VERSION@ .Sh NAME @@ -42,7 +42,7 @@ policy plugin. The policy is driven by the .Pa @sysconfdir@/sudoers -file or, optionally in LDAP. +file or, optionally, in LDAP. The policy format is described in detail in the .Sx SUDOERS FILE FORMAT section. @@ -55,14 +55,14 @@ in LDAP, please see .Nm sudo consults the .Xr sudo.conf @mansectform@ -file to determine which policy and I/O logging plugins to load. +file to determine which plugins to load. If no .Xr sudo.conf @mansectform@ file is present, or if it contains no .Li Plugin lines, .Nm -will be used for policy decisions and I/O logging. +will be used for auditing, policy decisions and I/O logging. To explicitly configure .Xr sudo.conf @mansectform@ to use the @@ -289,7 +289,7 @@ for a description of the log file format. .Nm is also capable of running a command in a pseudo-terminal and logging all input and/or output. -The standard input, standard output and standard error can be logged +The standard input, standard output, and standard error can be logged even when not associated with a terminal. I/O logging is not on by default but can be enabled using the @@ -361,7 +361,7 @@ Additional variables, such as and .Ev TERM , are preserved from the invoking user's environment if permitted by the -.Em env_check +.Em env_check , or .Em env_keep options. @@ -815,7 +815,7 @@ non-Unix group names and IDs (prefixed with .Ql %: and .Ql %:# -respectively) and +respectively), and .Li User_Alias Ns es. Each list item may be prefixed with zero or more .Ql \&! @@ -919,7 +919,7 @@ A .Li Host_List is made up of one or more host names, IP addresses, network numbers, netgroups (prefixed with -.Ql + ) +.Ql + ) , and other aliases. Again, the value of an item may be negated with the .Ql \&! @@ -1059,7 +1059,7 @@ Starting with version 1.9.0, the .Sy ALL reserved word can be used in conjunction with a .Li Digest_List . -The following digest formats are supported: sha224, sha256, sha384 and sha512. +The following digest formats are supported: sha224, sha256, sha384, and sha512. The string may be specified in either hex or base64 format (base64 is more compact). There are several utilities capable of generating SHA-2 digests in hex @@ -1167,7 +1167,7 @@ operator to remove an element that does not exist in a list. .Pp Defaults entries are parsed in the following order: generic, host, -user and runas Defaults first, then command defaults. +user, and runas Defaults first, then command defaults. If there are multiple Defaults settings of the same type, the last matching setting is used. The following Defaults settings are parsed before all others since @@ -1502,13 +1502,13 @@ A command may have a timeout associated with it. If the timeout expires before the command has exited, the command will be terminated. The timeout may be specified in combinations of days, hours, -minutes and seconds with a single-letter case-insensitive suffix +minutes, and seconds with a single-letter case-insensitive suffix that indicates the unit of time. -For example, a timeout of 7 days, 8 hours, 30 minutes and +For example, a timeout of 7 days, 8 hours, 30 minutes, and 10 seconds would be written as .Li 7d8h30m10s . If a number is specified without a unit, seconds are assumed. -Any of the days, minutes, hours or seconds may be omitted. +Any of the days, minutes, hours, or seconds may be omitted. The order must be from largest to smallest unit and a unit may not be specified more than once. .Pp @@ -1724,7 +1724,7 @@ section below. .sp By default, .Nm sudo -requires that a user authenticate him or herself +requires that a user authenticate before running a command. This behavior can be modified via the .Li NOPASSWD @@ -1829,7 +1829,7 @@ and logged just like they would be if run through .Nm sudo directly. This is useful in conjunction with commands that allow shell escapes -such as editors, shells and paginators. +such as editors, shells, and paginators. .Pp In the following example, user .Sy chuck @@ -1851,7 +1851,7 @@ works and whether or not it will work on your system. allows shell-style .Em wildcards (aka meta or glob characters) -to be used in host names, path names and command line arguments in the +to be used in host names, path names, and command line arguments in the .Em sudoers file. Wildcard matching is done via the @@ -2589,7 +2589,7 @@ This flag is only effective on systems for which .Nm supports audit logging, including .Fx , -Linux, macOS and Solaris. +Linux, macOS, and Solaris. This flag is .Em on by default. @@ -3001,7 +3001,7 @@ by default. This setting is only supported by version 1.9.8 or higher. .It netgroup_tuple If set, netgroup lookups will be performed using the full netgroup -tuple: host name, user name and domain (if one is set). +tuple: host name, user name, and domain (if one is set). Historically, .Nm sudo only matched the user name and domain for netgroups used in a @@ -3343,12 +3343,12 @@ A pseudo-terminal is allocated by .Nm sudo when it is running in a terminal and one or more of the .Em log_input , -.Em log_output +.Em log_output , or .Em use_pty flags is enabled. By default, the new entry will be a copy of the user's existing utmp -entry (if any), with the tty, time, type and pid fields updated. +entry (if any), with the tty, time, type, and pid fields updated. This flag is .Em on by default. @@ -3602,7 +3602,7 @@ by default. Before it executes a command, .Nm sudo will close all open file descriptors other than standard input, -standard output and standard error (ie: file descriptors 0-2). +standard output, and standard error (file descriptors 0-2). The .Em closefrom option can be used to specify a different file descriptor at which @@ -3670,7 +3670,7 @@ creates log messages up to 980 bytes which corresponds to the historic .Bx syslog implementation which used a 1024 byte buffer -to store the message, date, hostname and program name. +to store the message, date, hostname, and program name. To prevent syslog messages from being truncated, .Nm will split up log messages that are larger than @@ -3933,7 +3933,7 @@ are set, I/O log files and directories are created with group-ID 0. This setting is only supported by version 1.8.19 or higher. .It iolog_mode The file mode to use when creating I/O log files. -Mode bits for read and write permissions for owner, group or other +Mode bits for read and write permissions for owner, group, or other are honored, everything else is ignored. The file permissions will always include the owner read and write bits, even if they are not present in the specified mode. @@ -4606,7 +4606,7 @@ It is only possible to use .Em runchroot as a command-specific Defaults setting if the command exists with the same path both inside and outside the chroot jail. -This restriction does not apply to generic, host or user-based +This restriction does not apply to generic, host, or user-based Defaults settings or to a .Em Cmnd_Spec that includes a @@ -5831,7 +5831,7 @@ The user may run any command on any machine except for those in the .Em SERVERS .Li Host_Alias -(primary, mail, www and ns). +(primary, mail, www, and ns). .Bd -literal jill SERVERS = /usr/bin/, !SU, !SHELLS .Ed @@ -5966,7 +5966,7 @@ allow shell escapes, which lets a user bypass .Nm sudo Ns 's access control and logging. Common programs that permit shell escapes include shells (obviously), -editors, paginators, mail and terminal programs. +editors, paginators, mail, and terminal programs. .Pp There are four basic approaches to this problem: .Bl -tag -width 8n @@ -6339,7 +6339,7 @@ The priorities used by .Nm , in order of decreasing severity, are: -.Em crit , err , warn , notice , diag , info , trace +.Em crit , err , warn , notice , diag , info , trace , and .Em debug . Each priority, when specified, also includes all priorities higher @@ -6379,7 +6379,7 @@ LDAP-based sudoers .It Em logging logging support .It Em match -matching of users, groups, hosts and netgroups in the +matching of users, groups, hosts, and netgroups in the .Em sudoers file .It Em netif diff --git a/docs/sudoreplay.man.in b/docs/sudoreplay.man.in index 746eb3d47..121cda44f 100644 --- a/docs/sudoreplay.man.in +++ b/docs/sudoreplay.man.in @@ -2,7 +2,7 @@ .\" .\" SPDX-License-Identifier: ISC .\" -.\" Copyright (c) 2009-2021 Todd C. Miller +.\" Copyright (c) 2009-2022 Todd C. Miller .\" .\" Permission to use, copy, modify, and distribute this software for any .\" purpose with or without fee is hereby granted, provided that the above @@ -16,7 +16,7 @@ .\" ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF .\" OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. .\" -.TH "SUDOREPLAY" "@mansectsu@" "August 13, 2021" "Sudo @PACKAGE_VERSION@" "System Manager's Manual" +.TH "SUDOREPLAY" "@mansectsu@" "January 19, 2022" "Sudo @PACKAGE_VERSION@" "System Manager's Manual" .nh .if n .ad l .SH "NAME" @@ -89,7 +89,7 @@ list mode. In list mode, \fBsudoreplay\fR can be used to find the ID of a session based on a number of criteria -such as the user, tty or command run. +such as the user, tty, or command run. .PP In replay mode, if the standard input and output are connected to a terminal and the @@ -131,7 +131,7 @@ instead of the default, Select which I/O type(s) to display. By default, \fBsudoreplay\fR -will display the command's standard output, standard error and tty output. +will display the command's standard output, standard error, and tty output. The \fIfilter\fR argument is a comma-separated list, consisting of one or more of following: @@ -241,7 +241,7 @@ Predicates may be abbreviated to the shortest unique string. .sp Predicates may be combined using \fIand\fR, -\fIor\fR +\fIor\fR, and \fI\&!\fR operators as well as diff --git a/docs/sudoreplay.mdoc.in b/docs/sudoreplay.mdoc.in index ec6d24b65..4941d568e 100644 --- a/docs/sudoreplay.mdoc.in +++ b/docs/sudoreplay.mdoc.in @@ -1,7 +1,7 @@ .\" .\" SPDX-License-Identifier: ISC .\" -.\" Copyright (c) 2009-2021 Todd C. Miller +.\" Copyright (c) 2009-2022 Todd C. Miller .\" .\" Permission to use, copy, modify, and distribute this software for any .\" purpose with or without fee is hereby granted, provided that the above @@ -15,7 +15,7 @@ .\" ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF .\" OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. .\" -.Dd August 13, 2021 +.Dd January 19, 2022 .Dt SUDOREPLAY @mansectsu@ .Os Sudo @PACKAGE_VERSION@ .Sh NAME @@ -87,7 +87,7 @@ list mode. In list mode, .Nm can be used to find the ID of a session based on a number of criteria -such as the user, tty or command run. +such as the user, tty, or command run. .Pp In replay mode, if the standard input and output are connected to a terminal and the @@ -126,7 +126,7 @@ instead of the default, Select which I/O type(s) to display. By default, .Nm -will display the command's standard output, standard error and tty output. +will display the command's standard output, standard error, and tty output. The .Ar filter argument is a comma-separated list, consisting of one or more of following: @@ -222,7 +222,7 @@ Predicates may be abbreviated to the shortest unique string. .Pp Predicates may be combined using .Em and , -.Em or +.Em or , and .Em \&! operators as well as diff --git a/docs/visudo.man.in b/docs/visudo.man.in index 3e884b92b..13b1c1b02 100644 --- a/docs/visudo.man.in +++ b/docs/visudo.man.in @@ -2,7 +2,7 @@ .\" .\" SPDX-License-Identifier: ISC .\" -.\" Copyright (c) 1996,1998-2005, 2007-2021 +.\" Copyright (c) 1996,1998-2005, 2007-2022 .\" Todd C. Miller .\" .\" Permission to use, copy, modify, and distribute this software for any @@ -21,7 +21,7 @@ .\" Agency (DARPA) and Air Force Research Laboratory, Air Force .\" Materiel Command, USAF, under agreement number F39502-99-1-0512. .\" -.TH "VISUDO" "@mansectsu@" "November 6, 2021" "Sudo @PACKAGE_VERSION@" "System Manager's Manual" +.TH "VISUDO" "@mansectsu@" "January 19, 2022" "Sudo @PACKAGE_VERSION@" "System Manager's Manual" .nh .if n .ad l .SH "NAME" @@ -71,10 +71,7 @@ The option should be used with extreme caution because if \fBvisudo\fR believes there to be a syntax error, so will -\fBsudo\fR -and no one will be able to run -\fBsudo\fR -again until the error is fixed. +\fBsudo\fR. If \(oqe\(cq is typed to edit the @@ -96,7 +93,7 @@ separated list of editors allowed to be used with \fBvisudo\fR will choose the editor that matches the user's \fRSUDO_EDITOR\fR, -\fRVISUAL\fR +\fRVISUAL\fR, or \fREDITOR\fR environment variable if possible, or the first editor in the @@ -105,7 +102,7 @@ Note that \fBsudo\fR does not preserve the \fRSUDO_EDITOR\fR, -\fRVISUAL\fR +\fRVISUAL\fR, or \fREDITOR\fR environment variables unless they are present in the @@ -126,7 +123,7 @@ If set, \fBvisudo\fR will use the value of the \fRSUDO_EDITOR\fR, -\fRVISUAL\fR +\fRVISUAL\fR, or \fREDITOR\fR environment variables before falling back on the default editor list. @@ -143,7 +140,7 @@ variable. \fBvisudo\fR will then only use \fRSUDO_EDITOR\fR, -\fRVISUAL\fR +\fRVISUAL\fR, or \fREDITOR\fR if they match a value specified in @@ -152,7 +149,7 @@ If the \fIenv_reset\fR flag is enabled, the \fRSUDO_EDITOR\fR, -\fRVISUAL\fR +\fRVISUAL\fR, and/or \fREDITOR\fR environment variables must be present in the @@ -307,7 +304,7 @@ will also parse the arguments to the \fIsudoers\fR plugin to override the default \fIsudoers\fR -path name, UID, GID and file mode. +path name, UID, GID, and file mode. These arguments, if present, should be listed after the path to the plugin (i.e., after \fIsudoers.so\fR). diff --git a/docs/visudo.mdoc.in b/docs/visudo.mdoc.in index 1453edff1..09c994956 100644 --- a/docs/visudo.mdoc.in +++ b/docs/visudo.mdoc.in @@ -1,7 +1,7 @@ .\" .\" SPDX-License-Identifier: ISC .\" -.\" Copyright (c) 1996,1998-2005, 2007-2021 +.\" Copyright (c) 1996,1998-2005, 2007-2022 .\" Todd C. Miller .\" .\" Permission to use, copy, modify, and distribute this software for any @@ -20,7 +20,7 @@ .\" Agency (DARPA) and Air Force Research Laboratory, Air Force .\" Materiel Command, USAF, under agreement number F39502-99-1-0512. .\" -.Dd November 6, 2021 +.Dd January 19, 2022 .Dt VISUDO @mansectsu@ .Os Sudo @PACKAGE_VERSION@ .Sh NAME @@ -69,10 +69,7 @@ The option should be used with extreme caution because if .Nm believes there to be a syntax error, so will -.Nm sudo -and no one will be able to run -.Nm sudo -again until the error is fixed. +.Nm sudo . If .Ql e is typed to edit the @@ -94,7 +91,7 @@ separated list of editors allowed to be used with .Nm will choose the editor that matches the user's .Ev SUDO_EDITOR , -.Ev VISUAL +.Ev VISUAL , or .Ev EDITOR environment variable if possible, or the first editor in the @@ -103,7 +100,7 @@ Note that .Nm sudo does not preserve the .Ev SUDO_EDITOR , -.Ev VISUAL +.Ev VISUAL , or .Ev EDITOR environment variables unless they are present in the @@ -123,7 +120,7 @@ If set, .Nm will use the value of the .Ev SUDO_EDITOR , -.Ev VISUAL +.Ev VISUAL , or .Ev EDITOR environment variables before falling back on the default editor list. @@ -140,7 +137,7 @@ variable. .Nm will then only use .Ev SUDO_EDITOR , -.Ev VISUAL +.Ev VISUAL , or .Ev EDITOR if they match a value specified in @@ -149,7 +146,7 @@ If the .Em env_reset flag is enabled, the .Ev SUDO_EDITOR , -.Ev VISUAL +.Ev VISUAL , and/or .Ev EDITOR environment variables must be present in the @@ -299,7 +296,7 @@ will also parse the arguments to the .Em sudoers plugin to override the default .Em sudoers -path name, UID, GID and file mode. +path name, UID, GID, and file mode. These arguments, if present, should be listed after the path to the plugin (i.e., after .Pa sudoers.so ) . diff --git a/examples/sudo.conf.in b/examples/sudo.conf.in index 6535d3a92..41586bd87 100644 --- a/examples/sudo.conf.in +++ b/examples/sudo.conf.in @@ -129,10 +129,10 @@ # Debug program /path/to/debug_log subsystem@priority[,subsyste@priority] # # Sudo and related programs support logging debug information to a file. -# The program is typically sudo, sudoers.so, sudoreplay or visudo. +# The program is typically sudo, sudoers.so, sudoreplay, or visudo. # # Subsystems vary based on the program; "all" matches all subsystems. -# Priority may be crit, err, warn, notice, diag, info, trace or debug. +# Priority may be crit, err, warn, notice, diag, info, trace, or debug. # Multiple subsystem@priority may be specified, separated by a comma. # #Debug sudo /var/log/sudo_debug all@debug diff --git a/examples/sudo_logsrvd.conf b/examples/sudo_logsrvd.conf index 4aa1e568b..32dbd821b 100644 --- a/examples/sudo_logsrvd.conf +++ b/examples/sudo_logsrvd.conf @@ -187,7 +187,7 @@ #maxseq = 2176782336 [eventlog] -# Where to log accept, reject, exit and alert events. +# Where to log accept, reject, exit, and alert events. # Accepted values are syslog, logfile, or none. # Defaults to syslog #log_type = syslog