mir/sudo
2
0
Fork 0
mirror of https://github.com/sudo-project/sudo.git synced 2025-08-22 01:49:11 +00:00
Code Issues Releases Wiki Activity

regen

Browse Source
This commit is contained in:
Todd C. Miller 2004-05-17 22:33:01 +00:00
parent 034ae50b87
commit 1a998e47d0
6 changed files with 175 additions and 175 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

36
sudo.cat
View File

@ -61,7 +61,7 @@ DDEESSCCRRIIPPTTIIOONN
1.6.8 February 13, 2004 1
1.6.8 May 17, 2004 1
@ -78,7 +78,7 @@ OOPPTTIIOONNSS
-H The --HH (_H_O_M_E) option sets the HOME environment vari­
able to the homedir of the target user (root by
default) as specified in _p_a_s_s_w_d(4). By default, ssuuddoo
default) as specified in passwd(4). By default, ssuuddoo
does not modify HOME.
-K The --KK (sure _k_i_l_l) option to ssuuddoo removes the user's
@ -127,7 +127,7 @@ OOPPTTIIOONNSS
1.6.8 February 13, 2004 2
1.6.8 May 17, 2004 2
@ -176,7 +176,7 @@ SUDO(1m) MAINTENANCE COMMANDS SUDO(1m)
-h The --hh (_h_e_l_p) option causes ssuuddoo to print a usage mes­
sage and exit.
-i The -i (_s_i_m_u_l_a_t_e _i_n_i_t_i_a_l _l_o_g_i_n) option runs the shell
-i The --ii (_s_i_m_u_l_a_t_e _i_n_i_t_i_a_l _l_o_g_i_n) option runs the shell
specified in the passwd(4) entry of the user that the
command is being run as. The command name argument
given to the shell begins with a - to tell the shell
@ -193,7 +193,7 @@ SUDO(1m) MAINTENANCE COMMANDS SUDO(1m)
1.6.8 February 13, 2004 3
1.6.8 May 17, 2004 3
@ -229,12 +229,12 @@ SUDO(1m) MAINTENANCE COMMANDS SUDO(1m)
fully qualified or the _f_q_d_n sudoers option is
set)
%% two consecutive % characters are collasped
%% two consecutive % characters are collapsed
into a single % character
-s The --ss (_s_h_e_l_l) option runs the shell specified by the
_S_H_E_L_L environment variable if it is set or the shell
as specified in _p_a_s_s_w_d(4).
as specified in passwd(4).
-u The --uu (_u_s_e_r) option causes ssuuddoo to run the specified
command as a user other than _r_o_o_t. To specify a _u_i_d
@ -259,7 +259,7 @@ RREETTUURRNN VVAALLUUEESS
1.6.8 February 13, 2004 4
1.6.8 May 17, 2004 4
@ -325,7 +325,7 @@ SSEECCUURRIITTYY NNOOTTEESS
1.6.8 February 13, 2004 5
1.6.8 May 17, 2004 5
@ -361,7 +361,7 @@ SUDO(1m) MAINTENANCE COMMANDS SUDO(1m)
user an effective root shell.
EEXXAAMMPPLLEESS
Note: the following examples assume suitable _s_u_d_o_e_r_s(4)
Note: the following examples assume suitable sudoers(4)
entries.
To get a file listing of an unreadable directory:
@ -369,7 +369,7 @@ EEXXAAMMPPLLEESS
% sudo ls /usr/local/protected
To list the home directory of user yazza on a machine
where the filesystem holding ~yazza is not exported as
where the file system holding ~yazza is not exported as
root:
% sudo -u yazza ls ~yazza
@ -391,7 +391,7 @@ EEXXAAMMPPLLEESS
1.6.8 February 13, 2004 6
1.6.8 May 17, 2004 6
@ -430,8 +430,8 @@ EENNVVIIRROONNMMEENNTT
is specified)
VISUAL Default editor to use in -e (sudoedit) mode
=head1 FILES
FFIILLEESS
/etc/sudoers List of who can run what
/var/run/sudo Directory containing timestamps
@ -457,7 +457,7 @@ DDIISSCCLLAAIIMMEERR
1.6.8 February 13, 2004 7
1.6.8 May 17, 2004 7
@ -476,7 +476,7 @@ CCAAVVEEAATTSS
user to run commands via shell escapes, thus avoiding
ssuuddoo's checks. However, on most systems it is possible to
prevent shell escapes with ssuuddoo's _n_o_e_x_e_c functionality.
See the _s_u_d_o_e_r_s(4) manual for details.
See the sudoers(4) manual for details.
If users have sudo ALL there is nothing to prevent them
from creating their own program that gives them a root
@ -489,8 +489,8 @@ CCAAVVEEAATTSS
setuid shell scripts are generally safe).
SSEEEE AALLSSOO
_g_r_e_p(1), _s_u(1), _s_t_a_t(2), _l_o_g_i_n___c_a_p(3), _s_u_d_o_e_r_s(4),
_p_a_s_s_w_d(5), _v_i_s_u_d_o(1m)
_g_r_e_p(1), _s_u(1), _s_t_a_t(2), _l_o_g_i_n___c_a_p(3), sudoers(4),
passwd(4), visudo(1m)
@ -523,6 +523,6 @@ SSEEEE AALLSSOO
1.6.8 February 13, 2004 8
1.6.8 May 17, 2004 8

27
sudo.man.in
View File

@ -18,7 +18,7 @@
.\" Materiel Command, USAF, under agreement number F39502-99-1-0512.
.\"
.\" $Sudo$
.\" Automatically generated by Pod::Man v1.37, Pod::Parser v1.13
.\" Automatically generated by Pod::Man v1.37, Pod::Parser v1.14
.\"
.\" Standard preamble:
.\" ========================================================================
@ -149,7 +149,7 @@
.\" ========================================================================
.\"
.IX Title "SUDO @mansectsu@"
.TH SUDO @mansectsu@ "February 13, 2004" "1.6.8" "MAINTENANCE COMMANDS"
.TH SUDO @mansectsu@ "May 17, 2004" "1.6.8" "MAINTENANCE COMMANDS"
.SH "NAME"
sudo, sudoedit \- execute a command as another user
.SH "SYNOPSIS"
@ -213,7 +213,7 @@ or via the \fIsudoers\fR file.
.IX Item "-H"
The \fB\-H\fR (\fI\s-1HOME\s0\fR) option sets the \f(CW\*(C`HOME\*(C'\fR environment variable
to the homedir of the target user (root by default) as specified
in \fIpasswd\fR\|(@mansectform@). By default, \fBsudo\fR does not modify \f(CW\*(C`HOME\*(C'\fR.
in passwd(@mansectform@). By default, \fBsudo\fR does not modify \f(CW\*(C`HOME\*(C'\fR.
.IP "\-K" 4
.IX Item "-K"
The \fB\-K\fR (sure \fIkill\fR) option to \fBsudo\fR removes the user's timestamp
@ -300,7 +300,7 @@ temporary file.
The \fB\-h\fR (\fIhelp\fR) option causes \fBsudo\fR to print a usage message and exit.
.IP "\-i" 4
.IX Item "-i"
The \f(CW\*(C`\-i\*(C'\fR (\fIsimulate initial login\fR) option runs the shell specified
The \fB\-i\fR (\fIsimulate initial login\fR) option runs the shell specified
in the passwd(@mansectform@) entry of the user that the command is
being run as. The command name argument given to the shell begins
with a \f(CW\*(C`\-\*(C'\fR to tell the shell to run as a login shell. \fBsudo\fR
@ -351,7 +351,7 @@ sudoers option is set)
.ie n .IP "\*(C`%%\*(C'" 8
.el .IP "\f(CW\*(C`%%\*(C'\fR" 8
.IX Item "%%"
two consecutive \f(CW\*(C`%\*(C'\fR characters are collasped into a single \f(CW\*(C`%\*(C'\fR character
two consecutive \f(CW\*(C`%\*(C'\fR characters are collapsed into a single \f(CW\*(C`%\*(C'\fR character
.RE
.RS 4
.RE
@ -359,7 +359,7 @@ two consecutive \f(CW\*(C`%\*(C'\fR characters are collasped into a single \f(CW
.IX Item "-s"
The \fB\-s\fR (\fIshell\fR) option runs the shell specified by the \fI\s-1SHELL\s0\fR
environment variable if it is set or the shell as specified
in \fIpasswd\fR\|(@mansectform@).
in passwd(@mansectform@).
.IP "\-u" 4
.IX Item "-u"
The \fB\-u\fR (\fIuser\fR) option causes \fBsudo\fR to run the specified command
@ -455,7 +455,7 @@ via \fBsudo\fR to verify that the command does not inadvertently give
the user an effective root shell.
.SH "EXAMPLES"
.IX Header "EXAMPLES"
Note: the following examples assume suitable \fIsudoers\fR\|(@mansectform@) entries.
Note: the following examples assume suitable sudoers(@mansectform@) entries.
.PP
To get a file listing of an unreadable directory:
.PP
@ -464,7 +464,7 @@ To get a file listing of an unreadable directory:
.Ve
.PP
To list the home directory of user yazza on a machine where the
filesystem holding ~yazza is not exported as root:
file system holding ~yazza is not exported as root:
.PP
.Vb 1
\& % sudo -u yazza ls ~yazza
@ -541,11 +541,11 @@ to make the \f(CW\*(C`cd\*(C'\fR and file redirection work.
\& is specified)
.Ve
.PP
.Vb 2
.Vb 1
\& VISUAL Default editor to use in -e (sudoedit) mode
\&=head1 FILES
.Ve
.PP
.SH "FILES"
.IX Header "FILES"
.Vb 2
\& @sysconfdir@/sudoers List of who can run what
\& @timedir@ Directory containing timestamps
@ -580,7 +580,7 @@ if that user is allowed to run arbitrary commands via \fBsudo\fR.
Also, many programs (such as editors) allow the user to run commands
via shell escapes, thus avoiding \fBsudo\fR's checks. However, on
most systems it is possible to prevent shell escapes with \fBsudo\fR's
\&\fInoexec\fR functionality. See the \fIsudoers\fR\|(@mansectform@) manual for details.
\&\fInoexec\fR functionality. See the sudoers(@mansectform@) manual for details.
.PP
If users have sudo \f(CW\*(C`ALL\*(C'\fR there is nothing to prevent them from creating
their own program that gives them a root shell regardless of any '!'
@ -592,4 +592,5 @@ that make setuid shell scripts unsafe on some operating systems
are generally safe).
.SH "SEE ALSO"
.IX Header "SEE ALSO"
\&\fIgrep\fR\|(1), \fIsu\fR\|(1), \fIstat\fR\|(2), \fIlogin_cap\fR\|(3), \fIsudoers\fR\|(@mansectform@), \fIpasswd\fR\|(5), \fIvisudo\fR\|(@mansectsu@)
\&\fIgrep\fR\|(1), \fIsu\fR\|(1), \fIstat\fR\|(2), \fIlogin_cap\fR\|(3), sudoers(@mansectform@),
passwd(@mansectform@), visudo(@mansectsu@)

202
sudoers.cat
View File

@ -61,7 +61,7 @@ DDEESSCCRRIIPPTTIIOONN
1.6.8 May 16, 2004 1
1.6.8 May 17, 2004 1
@ -127,7 +127,7 @@ SUDOERS(4) MAINTENANCE COMMANDS SUDOERS(4)
1.6.8 May 16, 2004 2
1.6.8 May 17, 2004 2
@ -154,7 +154,7 @@ SUDOERS(4) MAINTENANCE COMMANDS SUDOERS(4)
netmask may be specified either in dotted quad notation
(e.g. 255.255.255.0) or CIDR notation (number of bits,
e.g. 24). A hostname may include shell-style wildcards
(see `Wildcards' section below), but unless the hostname
(see the Wildcards section below), but unless the hostname
command on your machine returns the fully qualified host­
name, you'll need to use the _f_q_d_n option for wildcards to
be useful.
@ -174,26 +174,26 @@ SUDOERS(4) MAINTENANCE COMMANDS SUDOERS(4)
A Cmnd_List is a list of one or more commandnames, direc­
tories, and other aliases. A commandname is a fully qual­
ified filename which may include shell-style wildcards
(see `Wildcards' section below). A simple filename allows
the user to run the command with any arguments he/she
wishes. However, you may also specify command line argu­
ments (including wildcards). Alternately, you can specify
"" to indicate that the command may only be run wwiitthhoouutt
command line arguments. A directory is a fully qualified
pathname ending in a '/'. When you specify a directory in
a Cmnd_List, the user will be able to run any file within
that directory (but not in any subdirectories therein).
(see the Wildcards section below). A simple filename
allows the user to run the command with any arguments
he/she wishes. However, you may also specify command line
arguments (including wildcards). Alternately, you can
specify "" to indicate that the command may only be run
wwiitthhoouutt command line arguments. A directory is a fully
qualified pathname ending in a '/'. When you specify a
directory in a Cmnd_List, the user will be able to run any
file within that directory (but not in any subdirectories
therein).
If a Cmnd has associated command line arguments, then the
arguments in the Cmnd must match exactly those given by
the user on the command line (or match the wildcards if
there are any). Note that the following characters must
be escaped with a '\' if they are used in command argu­
ments: ',', ':', '=', '\'. The special command "sudoedit"
be escaped with a '\' if they are used in command
1.6.8 May 16, 2004 3
1.6.8 May 17, 2004 3
@ -202,9 +202,10 @@ SUDOERS(4) MAINTENANCE COMMANDS SUDOERS(4)
SUDOERS(4) MAINTENANCE COMMANDS SUDOERS(4)
is used to permit a user to run ssuuddoo with the --ee flag (or
as ssuuddooeeddiitt). It may take command line arguments just as
a normal command does.
arguments: ',', ':', '=', '\'. The special command
"sudoedit" is used to permit a user to run ssuuddoo with the
--ee flag (or as ssuuddooeeddiitt). It may take command line argu­
ments just as a normal command does.
DDeeffaauullttss
@ -255,11 +256,10 @@ SUDOERS(4) MAINTENANCE COMMANDS SUDOERS(4)
scheme (SS//KKeeyy or OOPPIIEE), a two-line prompt is
used to make it easier to cut and paste the
challenge to a local window. It's not as
pretty as the default but some people find it
1.6.8 May 16, 2004 4
1.6.8 May 17, 2004 4
@ -268,6 +268,7 @@ SUDOERS(4) MAINTENANCE COMMANDS SUDOERS(4)
SUDOERS(4) MAINTENANCE COMMANDS SUDOERS(4)
pretty as the default but some people find it
more convenient. This flag is _o_f_f by default.
ignore_dot If set, ssuuddoo will ignore '.' or '' (current
@ -321,11 +322,10 @@ SUDOERS(4) MAINTENANCE COMMANDS SUDOERS(4)
may be overridden via the PASSWD and NOPASSWD
tags. This flag is _o_n by default.
root_sudo If set, root is allowed to run ssuuddoo too.
1.6.8 May 16, 2004 5
1.6.8 May 17, 2004 5
@ -334,7 +334,8 @@ SUDOERS(4) MAINTENANCE COMMANDS SUDOERS(4)
SUDOERS(4) MAINTENANCE COMMANDS SUDOERS(4)
Disabling this prevents users from "chaining"
root_sudo If set, root is allowed to run ssuuddoo too. Dis­
abling this prevents users from "chaining"
ssuuddoo commands to get a root shell by doing
something like "sudo sudo /bin/sh". Note,
however, that turning off _r_o_o_t___s_u_d_o will also
@ -386,12 +387,11 @@ SUDOERS(4) MAINTENANCE COMMANDS SUDOERS(4)
that they are not allowed to run it, which can
be confusing. This flag is _o_f_f by default.
preserve_groups
By default ssuuddoo will initialize the group
1.6.8 May 16, 2004 6
1.6.8 May 17, 2004 6
@ -400,12 +400,14 @@ SUDOERS(4) MAINTENANCE COMMANDS SUDOERS(4)
SUDOERS(4) MAINTENANCE COMMANDS SUDOERS(4)
vector to the list of groups the target user
is in. When _p_r_e_s_e_r_v_e___g_r_o_u_p_s is set, the
user's existing group vector is left unal­
tered. The real and effective group IDs, how­
ever, are still set to match the target user.
This flag is _o_f_f by default.
preserve_groups
By default ssuuddoo will initialize the group vec­
tor to the list of groups the target user is
in. When _p_r_e_s_e_r_v_e___g_r_o_u_p_s is set, the user's
existing group vector is left unaltered. The
real and effective group IDs, however, are
still set to match the target user. This flag
is _o_f_f by default.
fqdn Set this flag if you want to put fully quali­
fied hostnames in the _s_u_d_o_e_r_s file. I.e.,
@ -452,12 +454,10 @@ SUDOERS(4) MAINTENANCE COMMANDS SUDOERS(4)
rootpw If set, ssuuddoo will prompt for the root password
instead of the password of the invoking user.
This flag is _o_f_f by default.
1.6.8 May 16, 2004 7
1.6.8 May 17, 2004 7
@ -466,6 +466,8 @@ SUDOERS(4) MAINTENANCE COMMANDS SUDOERS(4)
SUDOERS(4) MAINTENANCE COMMANDS SUDOERS(4)
This flag is _o_f_f by default.
runaspw If set, ssuuddoo will prompt for the password of
the user defined by the _r_u_n_a_s___d_e_f_a_u_l_t option
(defaults to root) instead of the password of
@ -518,12 +520,10 @@ SUDOERS(4) MAINTENANCE COMMANDS SUDOERS(4)
use_loginclass
If set, ssuuddoo will apply the defaults specified
for the target user's login class if one
exists. Only available if ssuuddoo is configured
with the --with-logincap option. This flag is
1.6.8 May 16, 2004 8
1.6.8 May 17, 2004 8
@ -532,13 +532,15 @@ SUDOERS(4) MAINTENANCE COMMANDS SUDOERS(4)
SUDOERS(4) MAINTENANCE COMMANDS SUDOERS(4)
exists. Only available if ssuuddoo is configured
with the --with-logincap option. This flag is
_o_f_f by default.
noexec If set, all commands run via sudo will behave
as if the NOEXEC tag has been set, unless
overridden by a EXEC tag. See the description
of _N_O_E_X_E_C _a_n_d _E_X_E_C below as well as the PPRREE­­
VVEENNTTIINNGG SSHHEELLLL EESSCCAAPPEESS section at the end of
of _N_O_E_X_E_C _a_n_d _E_X_E_C below as well as the "PRE­
VENTING SHELL ESCAPES" section at the end of
this manual. This flag is _o_f_f by default.
IInntteeggeerrss:
@ -583,13 +585,11 @@ SUDOERS(4) MAINTENANCE COMMANDS SUDOERS(4)
the machine. Default is *** SECURITY informa­
tion for %h ***.
badpass_message
Message that is displayed if a user enters an
incorrect password. The default is Sorry, try
1.6.8 May 16, 2004 9
1.6.8 May 17, 2004 9
@ -598,6 +598,9 @@ SUDOERS(4) MAINTENANCE COMMANDS SUDOERS(4)
SUDOERS(4) MAINTENANCE COMMANDS SUDOERS(4)
badpass_message
Message that is displayed if a user enters an
incorrect password. The default is Sorry, try
again. unless insults are enabled.
timestampdir
@ -649,13 +652,10 @@ SUDOERS(4) MAINTENANCE COMMANDS SUDOERS(4)
editor A colon (':') separated list of editors
allowed to be used with vviissuuddoo. vviissuuddoo will
choose the editor that matches the user's USER
environment variable if possible, or the first
editor in the list that exists and is
1.6.8 May 16, 2004 10
1.6.8 May 17, 2004 10
@ -664,7 +664,10 @@ SUDOERS(4) MAINTENANCE COMMANDS SUDOERS(4)
SUDOERS(4) MAINTENANCE COMMANDS SUDOERS(4)
executable. The default is the path to vi on
choose the editor that matches the user's USER
environment variable if possible, or the first
editor in the list that exists and is exe­
cutable. The default is the path to vi on
your system.
noexec_file Path to a shared library containing dummy ver­
@ -715,13 +718,10 @@ SUDOERS(4) MAINTENANCE COMMANDS SUDOERS(4)
quotes (") to protect against sudo interpret­
ing the @ sign. Defaults to root.
exempt_group
Users in this group are exempt from password
and PATH requirements. This is not set by
1.6.8 May 16, 2004 11
1.6.8 May 17, 2004 11
@ -730,6 +730,9 @@ SUDOERS(4) MAINTENANCE COMMANDS SUDOERS(4)
SUDOERS(4) MAINTENANCE COMMANDS SUDOERS(4)
exempt_group
Users in this group are exempt from password
and PATH requirements. This is not set by
default.
verifypw This option controls when a password will be
@ -781,13 +784,10 @@ SUDOERS(4) MAINTENANCE COMMANDS SUDOERS(4)
contains % or / characters. This can be used
to guard against printf-style format vulnera­
bilities in poorly-written programs. The
argument may be a double-quoted, space-sepa­
rated list or a single value without dou­
ble-quotes. The list can be replaced, added
1.6.8 May 16, 2004 12
1.6.8 May 17, 2004 12
@ -796,6 +796,9 @@ SUDOERS(4) MAINTENANCE COMMANDS SUDOERS(4)
SUDOERS(4) MAINTENANCE COMMANDS SUDOERS(4)
argument may be a double-quoted, space-sepa­
rated list or a single value without dou­
ble-quotes. The list can be replaced, added
to, deleted from, or disabled by using the =,
+=, -=, and ! operators respectively. The
default list of environment variables to check
@ -847,13 +850,10 @@ SUDOERS(4) MAINTENANCE COMMANDS SUDOERS(4)
Runas_Spec ::= '(' Runas_List ')'
Tag_Spec ::= ('NOPASSWD:' | 'PASSWD:' | 'NOEXEC:' | 'EXEC:')
A uusseerr ssppeecciiffiiccaattiioonn determines which commands a user may
1.6.8 May 16, 2004 13
1.6.8 May 17, 2004 13
@ -862,6 +862,9 @@ SUDOERS(4) MAINTENANCE COMMANDS SUDOERS(4)
SUDOERS(4) MAINTENANCE COMMANDS SUDOERS(4)
Tag_Spec ::= ('NOPASSWD:' | 'PASSWD:' | 'NOEXEC:' | 'EXEC:')
A uusseerr ssppeecciiffiiccaattiioonn determines which commands a user may
run (and as what user) on specified hosts. By default,
commands are run as rroooott, but this can be changed on a
per-command basis.
@ -882,7 +885,7 @@ SUDOERS(4) MAINTENANCE COMMANDS SUDOERS(4)
The user ddggbb may run _/_b_i_n_/_l_s, _/_b_i_n_/_k_i_l_l, and _/_u_s_r_/_b_i_n_/_l_p_r_m
-- but only as ooppeerraattoorr. E.g.,
sudo -u operator /bin/ls.
$ sudo -u operator /bin/ls.
It is also possible to override a Runas_Spec later on in
an entry. If we modify the entry like so:
@ -913,13 +916,10 @@ SUDOERS(4) MAINTENANCE COMMANDS SUDOERS(4)
ray rushmore = NOPASSWD: /bin/kill, /bin/ls, /usr/bin/lprm
would allow the user rraayy to run _/_b_i_n_/_k_i_l_l, _/_b_i_n_/_l_s, and
_/_u_s_r_/_b_i_n_/_l_p_r_m as root on the machine rushmore as rroooott
without authenticating himself. If we only want rraayy to be
able to run _/_b_i_n_/_k_i_l_l without a password the entry would
1.6.8 May 16, 2004 14
1.6.8 May 17, 2004 14
@ -928,6 +928,9 @@ SUDOERS(4) MAINTENANCE COMMANDS SUDOERS(4)
SUDOERS(4) MAINTENANCE COMMANDS SUDOERS(4)
_/_u_s_r_/_b_i_n_/_l_p_r_m as root on the machine rushmore as rroooott
without authenticating himself. If we only want rraayy to be
able to run _/_b_i_n_/_k_i_l_l without a password the entry would
be:
ray rushmore = NOPASSWD: /bin/kill, PASSWD: /bin/ls, /usr/bin/lprm
@ -955,16 +958,17 @@ SUDOERS(4) MAINTENANCE COMMANDS SUDOERS(4)
aaron shanty = NOEXEC: /usr/bin/more, /usr/bin/vi
See the PPRREEVVEENNTTIINNGG SSHHEELLLL EESSCCAAPPEESS section below for more
See the "PREVENTING SHELL ESCAPES" section below for more
details on how _n_o_e_x_e_c works and whether or not it will
work on your system.
WWiillddccaarrddss ((aakkaa mmeettaa cchhaarraacctteerrss))::
WWiillddccaarrddss
ssuuddoo allows shell-style _w_i_l_d_c_a_r_d_s to be used in pathnames
as well as command line arguments in the _s_u_d_o_e_r_s file.
Wildcard matching is done via the PPOOSSIIXX fnmatch(3) rou­
tine. Note that these are _n_o_t regular expressions.
ssuuddoo allows shell-style _w_i_l_d_c_a_r_d_s (aka meta or glob char­
acters) to be used in pathnames as well as command line
arguments in the _s_u_d_o_e_r_s file. Wildcard matching is done
via the PPOOSSIIXX _f_n_m_a_t_c_h(3) routine. Note that these are _n_o_t
regular expressions.
* Matches any set of zero or more characters.
@ -978,14 +982,10 @@ SUDOERS(4) MAINTENANCE COMMANDS SUDOERS(4)
used to escape special characters such as: "*",
"?", "[", and "}".
Note that a forward slash ('/') will nnoott be matched by
wildcards used in the pathname. When matching the command
line arguments, however, a slash ddooeess get matched by wild­
cards. This is to make a path like:
1.6.8 May 16, 2004 15
1.6.8 May 17, 2004 15
@ -994,11 +994,16 @@ SUDOERS(4) MAINTENANCE COMMANDS SUDOERS(4)
SUDOERS(4) MAINTENANCE COMMANDS SUDOERS(4)
Note that a forward slash ('/') will nnoott be matched by
wildcards used in the pathname. When matching the command
line arguments, however, a slash ddooeess get matched by wild­
cards. This is to make a path like:
/usr/bin/*
match _/_u_s_r_/_b_i_n_/_w_h_o but not _/_u_s_r_/_b_i_n_/_X_1_1_/_x_t_e_r_m.
EExxcceeppttiioonnss ttoo wwiillddccaarrdd rruulleess::
EExxcceeppttiioonnss ttoo wwiillddccaarrdd rruulleess
The following exceptions apply to the above rules:
@ -1006,7 +1011,7 @@ SUDOERS(4) MAINTENANCE COMMANDS SUDOERS(4)
argument in the _s_u_d_o_e_r_s entry it means that com­
mand is not allowed to be run with aannyy arguments.
OOtthheerr ssppeecciiaall cchhaarraacctteerrss aanndd rreesseerrvveedd wwoorrddss::
OOtthheerr ssppeecciiaall cchhaarraacctteerrss aanndd rreesseerrvveedd wwoorrddss
The pound sign ('#') is used to indicate a comment (unless
it occurs in the context of a user name and is followed by
@ -1043,15 +1048,10 @@ SUDOERS(4) MAINTENANCE COMMANDS SUDOERS(4)
EEXXAAMMPPLLEESS
Below are example _s_u_d_o_e_r_s entries. Admittedly, some of
these are a bit contrived. First, we define our _a_l_i_a_s_e_s:
1.6.8 May 16, 2004 16
1.6.8 May 17, 2004 16
@ -1060,6 +1060,8 @@ EEXXAAMMPPLLEESS
SUDOERS(4) MAINTENANCE COMMANDS SUDOERS(4)
these are a bit contrived. First, we define our _a_l_i_a_s_e_s:
# User alias specification
User_Alias FULLTIMERS = millert, mikef, dowdy
User_Alias PARTTIMERS = bostley, jwfox, crawl
@ -1085,8 +1087,8 @@ SUDOERS(4) MAINTENANCE COMMANDS SUDOERS(4)
Cmnd_Alias KILL = /usr/bin/kill
Cmnd_Alias PRINTING = /usr/sbin/lpc, /usr/bin/lprm
Cmnd_Alias SHUTDOWN = /usr/sbin/shutdown
Cmnd_Alias HALT = /usr/sbin/halt, /usr/sbin/fasthalt
Cmnd_Alias REBOOT = /usr/sbin/reboot, /usr/sbin/fastboot
Cmnd_Alias HALT = /usr/sbin/halt
Cmnd_Alias REBOOT = /usr/sbin/reboot
Cmnd_Alias SHELLS = /usr/bin/sh, /usr/bin/csh, /usr/bin/ksh, \
/usr/local/bin/tcsh, /usr/bin/rsh, \
/usr/local/bin/zsh
@ -1115,9 +1117,7 @@ SUDOERS(4) MAINTENANCE COMMANDS SUDOERS(4)
1.6.8 May 16, 2004 17
1.6.8 May 17, 2004 17
@ -1157,8 +1157,8 @@ SUDOERS(4) MAINTENANCE COMMANDS SUDOERS(4)
The user lliissaa may run any command on any host in the
_C_U_N_E_T_S alias (the class B network 128.138.0.0).
operator ALL = DUMPS, KILL, PRINTING, SHUTDOWN, HALT, REBOOT,\
/usr/oper/bin/
operator ALL = DUMPS, KILL, SHUTDOWN, HALT, REBOOT, PRINTING,\
sudoedit /etc/printcap, /usr/oper/bin/
The ooppeerraattoorr user may run commands limited to simple main­
tenance. Here, those are commands related to backups,
@ -1183,7 +1183,7 @@ SUDOERS(4) MAINTENANCE COMMANDS SUDOERS(4)
1.6.8 May 16, 2004 18
1.6.8 May 17, 2004 18
@ -1249,7 +1249,7 @@ SUDOERS(4) MAINTENANCE COMMANDS SUDOERS(4)
1.6.8 May 16, 2004 19
1.6.8 May 17, 2004 19
@ -1301,7 +1301,7 @@ PPRREEVVEENNTTIINNGG SSHHEELLLL EESSCCAAPPEESS
To tell whether or not ssuuddoo supports _n_o_e_x_e_c, you can run
the following as root:
# sudo -V | grep "dummy exec"
\# sudo -V | grep "dummy exec"
If the resulting output contains a line that begins with:
@ -1315,7 +1315,7 @@ PPRREEVVEENNTTIINNGG SSHHEELLLL EESSCCAAPPEESS
1.6.8 May 16, 2004 20
1.6.8 May 17, 2004 20
@ -1340,11 +1340,10 @@ SUDOERS(4) MAINTENANCE COMMANDS SUDOERS(4)
Note that disabling shell escapes is not a panacea. Pro­
grams running as root are still capable of many poten­
tially hazardous operations (such as chaning or overwrit­
tially hazardous operations (such as changing or overwrit­
ing files) that could lead to unintended privilege escala­
tion. In the specific case of an editor, a safer approach
is to give the user permission to run the ssuuddooeeddiitt pro­
gram.
is to give the user permission to run ssuuddooeeddiitt.
CCAAVVEEAATTSS
The _s_u_d_o_e_r_s file should aallwwaayyss be edited by the vviissuuddoo
@ -1365,7 +1364,7 @@ FFIILLEESS
/etc/netgroup List of network groups
SSEEEE AALLSSOO
_r_s_h(1), _s_u(1), _f_n_m_a_t_c_h(3), _s_u_d_o(1m), _v_i_s_u_d_o(8)
_r_s_h(1), _s_u(1), _f_n_m_a_t_c_h(3), sudo(1m), visudo(1m)
@ -1381,6 +1380,7 @@ SSEEEE AALLSSOO
1.6.8 May 16, 2004 21
1.6.8 May 17, 2004 21

63
sudoers.man.in
View File

@ -149,7 +149,7 @@
.\" ========================================================================
.\"
.IX Title "SUDOERS @mansectform@"
.TH SUDOERS @mansectform@ "May 16, 2004" "1.6.8" "MAINTENANCE COMMANDS"
.TH SUDOERS @mansectform@ "May 17, 2004" "1.6.8" "MAINTENANCE COMMANDS"
.SH "NAME"
sudoers \- list of which users may execute what
.SH "DESCRIPTION"
@ -302,7 +302,7 @@ If you do not specify a netmask with a network number, the netmask
of the host's ethernet interface(s) will be used when matching.
The netmask may be specified either in dotted quad notation (e.g.
255.255.255.0) or \s-1CIDR\s0 notation (number of bits, e.g. 24). A hostname
may include shell-style wildcards (see `Wildcards' section below),
may include shell-style wildcards (see the Wildcards section below),
but unless the \f(CW\*(C`hostname\*(C'\fR command on your machine returns the fully
qualified hostname, you'll need to use the \fIfqdn\fR option for wildcards
to be useful.
@ -327,7 +327,7 @@ to be useful.
.PP
A \f(CW\*(C`Cmnd_List\*(C'\fR is a list of one or more commandnames, directories, and other
aliases. A commandname is a fully qualified filename which may include
shell-style wildcards (see `Wildcards' section below). A simple
shell-style wildcards (see the Wildcards section below). A simple
filename allows the user to run the command with any arguments he/she
wishes. However, you may also specify command line arguments (including
wildcards). Alternately, you can specify \f(CW""\fR to indicate that the command
@ -587,8 +587,7 @@ the \-\-with\-logincap option. This flag is \fIoff\fR by default.
.IX Item "noexec"
If set, all commands run via sudo will behave as if the \f(CW\*(C`NOEXEC\*(C'\fR
tag has been set, unless overridden by a \f(CW\*(C`EXEC\*(C'\fR tag. See the
description of \fI\s-1NOEXEC\s0 and \s-1EXEC\s0\fR below as well as the \fB\s-1PREVENTING\s0 \s-1SHELL\s0
\&\s-1ESCAPES\s0\fR section at the end of this manual. This flag is \fIoff\fR by default.
description of \fI\s-1NOEXEC\s0 and \s-1EXEC\s0\fR below as well as the \*(L"\s-1PREVENTING\s0 \s-1SHELL\s0 \s-1ESCAPES\s0\*(R" section at the end of this manual. This flag is \fIoff\fR by default.
.PP
\&\fBIntegers\fR:
.IP "passwd_tries" 12
@ -828,12 +827,13 @@ single value without double\-quotes. The list can be replaced, added
to, deleted from, or disabled by using the \f(CW\*(C`=\*(C'\fR, \f(CW\*(C`+=\*(C'\fR, \f(CW\*(C`\-=\*(C'\fR, and
\&\f(CW\*(C`!\*(C'\fR operators respectively. This list has no default members.
.PP
When logging via \fIsyslog\fR\|(3), \fBsudo\fR accepts the following values for the syslog
facility (the value of the \fBsyslog\fR Parameter): \fBauthpriv\fR (if your \s-1OS\s0
supports it), \fBauth\fR, \fBdaemon\fR, \fBuser\fR, \fBlocal0\fR, \fBlocal1\fR, \fBlocal2\fR,
\&\fBlocal3\fR, \fBlocal4\fR, \fBlocal5\fR, \fBlocal6\fR, and \fBlocal7\fR. The following
syslog priorities are supported: \fBalert\fR, \fBcrit\fR, \fBdebug\fR, \fBemerg\fR,
\&\fBerr\fR, \fBinfo\fR, \fBnotice\fR, and \fBwarning\fR.
When logging via \fIsyslog\fR\|(3), \fBsudo\fR accepts the following values
for the syslog facility (the value of the \fBsyslog\fR Parameter):
\&\fBauthpriv\fR (if your \s-1OS\s0 supports it), \fBauth\fR, \fBdaemon\fR, \fBuser\fR,
\&\fBlocal0\fR, \fBlocal1\fR, \fBlocal2\fR, \fBlocal3\fR, \fBlocal4\fR, \fBlocal5\fR,
\&\fBlocal6\fR, and \fBlocal7\fR. The following syslog priorities are
supported: \fBalert\fR, \fBcrit\fR, \fBdebug\fR, \fBemerg\fR, \fBerr\fR, \fBinfo\fR,
\&\fBnotice\fR, and \fBwarning\fR.
.Sh "User Specification"
.IX Subsection "User Specification"
.Vb 2
@ -879,7 +879,7 @@ The user \fBdgb\fR may run \fI/bin/ls\fR, \fI/bin/kill\fR, and
\&\fI/usr/bin/lprm\fR \*(-- but only as \fBoperator\fR. E.g.,
.PP
.Vb 1
\& sudo -u operator /bin/ls.
\& $ sudo -u operator /bin/ls.
.Ve
.PP
It is also possible to override a \f(CW\*(C`Runas_Spec\*(C'\fR later on in an
@ -947,14 +947,14 @@ and \fI/usr/bin/vi\fR but shell escapes will be disabled.
\& aaron shanty = NOEXEC: /usr/bin/more, /usr/bin/vi
.Ve
.PP
See the \fB\s-1PREVENTING\s0 \s-1SHELL\s0 \s-1ESCAPES\s0\fR section below for more details
See the \*(L"\s-1PREVENTING\s0 \s-1SHELL\s0 \s-1ESCAPES\s0\*(R" section below for more details
on how \fInoexec\fR works and whether or not it will work on your system.
.Sh "Wildcards (aka meta characters):"
.IX Subsection "Wildcards (aka meta characters):"
\&\fBsudo\fR allows shell-style \fIwildcards\fR to be used in pathnames
as well as command line arguments in the \fIsudoers\fR file. Wildcard
matching is done via the \fB\s-1POSIX\s0\fR \f(CWfnmatch(3)\fR routine. Note that
these are \fInot\fR regular expressions.
.Sh "Wildcards"
.IX Subsection "Wildcards"
\&\fBsudo\fR allows shell-style \fIwildcards\fR (aka meta or glob characters)
to be used in pathnames as well as command line arguments in the
\&\fIsudoers\fR file. Wildcard matching is done via the \fB\s-1POSIX\s0\fR
\&\fIfnmatch\fR\|(3) routine. Note that these are \fInot\fR regular expressions.
.ie n .IP "\*(C`*\*(C'" 8
.el .IP "\f(CW\*(C`*\*(C'\fR" 8
.IX Item "*"
@ -987,8 +987,8 @@ wildcards. This is to make a path like:
.Ve
.PP
match \fI/usr/bin/who\fR but not \fI/usr/bin/X11/xterm\fR.
.Sh "Exceptions to wildcard rules:"
.IX Subsection "Exceptions to wildcard rules:"
.Sh "Exceptions to wildcard rules"
.IX Subsection "Exceptions to wildcard rules"
The following exceptions apply to the above rules:
.ie n .IP """""" 8
.el .IP "\f(CW``''\fR" 8
@ -996,8 +996,8 @@ The following exceptions apply to the above rules:
If the empty string \f(CW""\fR is the only command line argument in the
\&\fIsudoers\fR entry it means that command is not allowed to be run
with \fBany\fR arguments.
.Sh "Other special characters and reserved words:"
.IX Subsection "Other special characters and reserved words:"
.Sh "Other special characters and reserved words"
.IX Subsection "Other special characters and reserved words"
The pound sign ('#') is used to indicate a comment (unless it
occurs in the context of a user name and is followed by one or
more digits, in which case it is treated as a uid). Both the
@ -1065,8 +1065,8 @@ these are a bit contrived. First, we define our \fIaliases\fR:
\& Cmnd_Alias KILL = /usr/bin/kill
\& Cmnd_Alias PRINTING = /usr/sbin/lpc, /usr/bin/lprm
\& Cmnd_Alias SHUTDOWN = /usr/sbin/shutdown
\& Cmnd_Alias HALT = /usr/sbin/halt, /usr/sbin/fasthalt
\& Cmnd_Alias REBOOT = /usr/sbin/reboot, /usr/sbin/fastboot
\& Cmnd_Alias HALT = /usr/sbin/halt
\& Cmnd_Alias REBOOT = /usr/sbin/reboot
\& Cmnd_Alias SHELLS = /usr/bin/sh, /usr/bin/csh, /usr/bin/ksh, \e
\& /usr/local/bin/tcsh, /usr/bin/rsh, \e
\& /usr/local/bin/zsh
@ -1137,8 +1137,8 @@ The user \fBlisa\fR may run any command on any host in the \fI\s-1CUNETS\s0\fR a
(the class B network \f(CW128.138.0.0\fR).
.PP
.Vb 2
\& operator ALL = DUMPS, KILL, PRINTING, SHUTDOWN, HALT, REBOOT,\e
\& /usr/oper/bin/
\& operator ALL = DUMPS, KILL, SHUTDOWN, HALT, REBOOT, PRINTING,\e
\& sudoedit /etc/printcap, /usr/oper/bin/
.Ve
.PP
The \fBoperator\fR user may run commands limited to simple maintenance.
@ -1280,7 +1280,7 @@ To tell whether or not \fBsudo\fR supports \fInoexec\fR, you can run
the following as root:
.PP
.Vb 1
\& # sudo -V | grep "dummy exec"
\& \e# sudo -V | grep "dummy exec"
.Ve
.PP
If the resulting output contains a line that begins with:
@ -1307,10 +1307,9 @@ just try it out and see if it works.
.PP
Note that disabling shell escapes is not a panacea. Programs running
as root are still capable of many potentially hazardous operations
(such as chaning or overwriting files) that could lead to unintended
(such as changing or overwriting files) that could lead to unintended
privilege escalation. In the specific case of an editor, a safer
approach is to give the user permission to run the \fBsudoedit\fR
program.
approach is to give the user permission to run \fBsudoedit\fR.
.SH "CAVEATS"
.IX Header "CAVEATS"
The \fIsudoers\fR file should \fBalways\fR be edited by the \fBvisudo\fR
@ -1332,4 +1331,4 @@ as returned by the \f(CW\*(C`hostname\*(C'\fR command or use the \fIfqdn\fR opti
.Ve
.SH "SEE ALSO"
.IX Header "SEE ALSO"
\&\fIrsh\fR\|(1), \fIsu\fR\|(1), \fIfnmatch\fR\|(3), \fIsudo\fR\|(@mansectsu@), \fIvisudo\fR\|(8)
\&\fIrsh\fR\|(1), \fIsu\fR\|(1), \fIfnmatch\fR\|(3), sudo(@mansectsu@), visudo(@mansectsu@)

12
visudo.cat
View File

@ -12,7 +12,7 @@ SSYYNNOOPPSSIISS
DDEESSCCRRIIPPTTIIOONN
vviissuuddoo edits the _s_u_d_o_e_r_s file in a safe fashion, analogous
to _v_i_p_w(1m). vviissuuddoo locks the _s_u_d_o_e_r_s file against multi­
to vipw(1m). vviissuuddoo locks the _s_u_d_o_e_r_s file against multi­
ple simultaneous edits, provides basic sanity checks, and
checks for parse errors. If the _s_u_d_o_e_r_s file is currently
being edited you will receive a message to try again
@ -61,7 +61,7 @@ OOPPTTIIOONNSS
1.6.8 February 13, 2004 1
1.6.8 May 17, 2004 1
@ -122,12 +122,12 @@ AAUUTTHHOORR
Many people have worked on _s_u_d_o over the years; this ver­
sion of vviissuuddoo was written by:
Todd Miller <Todd.Miller@courtesan.com>
Todd Miller
1.6.8 February 13, 2004 2
1.6.8 May 17, 2004 2
@ -155,7 +155,7 @@ CCAAVVEEAATTSS
shell if the editor used by vviissuuddoo allows shell escapes.
SSEEEE AALLSSOO
_v_i(1), _s_u_d_o_e_r_s(4), _s_u_d_o(1m), _v_i_p_w(8)
_v_i(1), sudoers(4), sudo(1m), vipw(1m)
@ -193,6 +193,6 @@ SSEEEE AALLSSOO
1.6.8 February 13, 2004 3
1.6.8 May 17, 2004 3

10
visudo.man.in
View File

@ -18,7 +18,7 @@
.\" Materiel Command, USAF, under agreement number F39502-99-1-0512.
.\"
.\" $Sudo$
.\" Automatically generated by Pod::Man v1.37, Pod::Parser v1.13
.\" Automatically generated by Pod::Man v1.37, Pod::Parser v1.14
.\"
.\" Standard preamble:
.\" ========================================================================
@ -149,7 +149,7 @@
.\" ========================================================================
.\"
.IX Title "VISUDO @mansectsu@"
.TH VISUDO @mansectsu@ "February 13, 2004" "1.6.8" "MAINTENANCE COMMANDS"
.TH VISUDO @mansectsu@ "May 17, 2004" "1.6.8" "MAINTENANCE COMMANDS"
.SH "NAME"
visudo \- edit the sudoers file
.SH "SYNOPSIS"
@ -158,7 +158,7 @@ visudo \- edit the sudoers file
.SH "DESCRIPTION"
.IX Header "DESCRIPTION"
\&\fBvisudo\fR edits the \fIsudoers\fR file in a safe fashion, analogous to
\&\fIvipw\fR\|(@mansectsu@). \fBvisudo\fR locks the \fIsudoers\fR file against multiple
vipw(@mansectsu@). \fBvisudo\fR locks the \fIsudoers\fR file against multiple
simultaneous edits, provides basic sanity checks, and checks
for parse errors. If the \fIsudoers\fR file is currently being
edited you will receive a message to try again later.
@ -261,7 +261,7 @@ Many people have worked on \fIsudo\fR over the years; this version of
\&\fBvisudo\fR was written by:
.PP
.Vb 1
\& Todd Miller <Todd.Miller@courtesan.com>
\& Todd Miller
.Ve
.PP
See the \s-1HISTORY\s0 file in the sudo distribution or visit
@ -282,4 +282,4 @@ There is no easy way to prevent a user from gaining a root shell if
the editor used by \fBvisudo\fR allows shell escapes.
.SH "SEE ALSO"
.IX Header "SEE ALSO"
\&\fIvi\fR\|(1), \fIsudoers\fR\|(@mansectform@), \fIsudo\fR\|(@mansectsu@), \fIvipw\fR\|(8)
\&\fIvi\fR\|(1), sudoers(@mansectform@), sudo(@mansectsu@), vipw(@mansectsu@)