regen

sudo.cat

@@ -61,7 +61,7 @@ DDEESSCCRRIIPPTTIIOONN
 
 
 
-1.6.8                   February 13, 2004                       1
+1.6.8                      May 17, 2004                         1
 
 
 
@@ -78,7 +78,7 @@ OOPPTTIIOONNSS
 
        -H  The --HH (_H_O_M_E) option sets the HOME environment vari­
            able to the homedir of the target user (root by
-           default) as specified in _p_a_s_s_w_d(4).  By default, ssuuddoo
+           default) as specified in passwd(4).  By default, ssuuddoo
            does not modify HOME.
 
        -K  The --KK (sure _k_i_l_l) option to ssuuddoo removes the user's
@@ -127,7 +127,7 @@ OOPPTTIIOONNSS
 
 
 
-1.6.8                   February 13, 2004                       2
+1.6.8                      May 17, 2004                         2
 
 
 
@@ -176,7 +176,7 @@ SUDO(1m)               MAINTENANCE COMMANDS              SUDO(1m)
        -h  The --hh (_h_e_l_p) option causes ssuuddoo to print a usage mes­
            sage and exit.
 
-       -i  The -i (_s_i_m_u_l_a_t_e _i_n_i_t_i_a_l _l_o_g_i_n) option runs the shell
+       -i  The --ii (_s_i_m_u_l_a_t_e _i_n_i_t_i_a_l _l_o_g_i_n) option runs the shell
            specified in the passwd(4) entry of the user that the
            command is being run as.  The command name argument
            given to the shell begins with a - to tell the shell
@@ -193,7 +193,7 @@ SUDO(1m)               MAINTENANCE COMMANDS              SUDO(1m)
 
 
 
-1.6.8                   February 13, 2004                       3
+1.6.8                      May 17, 2004                         3
 
 
 
@@ -229,12 +229,12 @@ SUDO(1m)               MAINTENANCE COMMANDS              SUDO(1m)
                    fully qualified or the _f_q_d_n sudoers option is
                    set)
 
-           %%      two consecutive % characters are collasped
+           %%      two consecutive % characters are collapsed
                    into a single % character
 
        -s  The --ss (_s_h_e_l_l) option runs the shell specified by the
            _S_H_E_L_L environment variable if it is set or the shell
-           as specified in _p_a_s_s_w_d(4).
+           as specified in passwd(4).
 
        -u  The --uu (_u_s_e_r) option causes ssuuddoo to run the specified
            command as a user other than _r_o_o_t.  To specify a _u_i_d
@@ -259,7 +259,7 @@ RREETTUURRNN VVAALLUUEESS
 
 
 
-1.6.8                   February 13, 2004                       4
+1.6.8                      May 17, 2004                         4
 
 
 
@@ -325,7 +325,7 @@ SSEECCUURRIITTYY NNOOTTEESS
 
 
 
-1.6.8                   February 13, 2004                       5
+1.6.8                      May 17, 2004                         5
 
 
 
@@ -361,7 +361,7 @@ SUDO(1m)               MAINTENANCE COMMANDS              SUDO(1m)
        user an effective root shell.
 
 EEXXAAMMPPLLEESS
-       Note: the following examples assume suitable _s_u_d_o_e_r_s(4)
+       Note: the following examples assume suitable sudoers(4)
        entries.
 
        To get a file listing of an unreadable directory:
@@ -391,7 +391,7 @@ EEXXAAMMPPLLEESS
 
 
 
-1.6.8                   February 13, 2004                       6
+1.6.8                      May 17, 2004                         6
 
 
 
@@ -430,8 +430,8 @@ EENNVVIIRROONNMMEENNTT
                                is specified)
 
         VISUAL                 Default editor to use in -e (sudoedit) mode
-       =head1 FILES
 
+FFIILLEESS
         /etc/sudoers           List of who can run what
         /var/run/sudo              Directory containing timestamps
 
@@ -457,7 +457,7 @@ DDIISSCCLLAAIIMMEERR
 
 
 
-1.6.8                   February 13, 2004                       7
+1.6.8                      May 17, 2004                         7
 
 
 
@@ -476,7 +476,7 @@ CCAAVVEEAATTSS
        user to run commands via shell escapes, thus avoiding
        ssuuddoo's checks.  However, on most systems it is possible to
        prevent shell escapes with ssuuddoo's _n_o_e_x_e_c functionality.
-       See the _s_u_d_o_e_r_s(4) manual for details.
+       See the sudoers(4) manual for details.
 
        If users have sudo ALL there is nothing to prevent them
        from creating their own program that gives them a root
@@ -489,8 +489,8 @@ CCAAVVEEAATTSS
        setuid shell scripts are generally safe).
 
 SSEEEE AALLSSOO
-       _g_r_e_p(1), _s_u(1), _s_t_a_t(2), _l_o_g_i_n___c_a_p(3), _s_u_d_o_e_r_s(4),
+       _g_r_e_p(1), _s_u(1), _s_t_a_t(2), _l_o_g_i_n___c_a_p(3), sudoers(4),
-       _p_a_s_s_w_d(5), _v_i_s_u_d_o(1m)
+       passwd(4), visudo(1m)
 
 
 
@@ -523,6 +523,6 @@ SSEEEE AALLSSOO
 
 
 
-1.6.8                   February 13, 2004                       8
+1.6.8                      May 17, 2004                         8
 
 

sudo.man.in

@@ -18,7 +18,7 @@
 .\" Materiel Command, USAF, under agreement number F39502-99-1-0512.
 .\" 
 .\" $Sudo$
-.\" Automatically generated by Pod::Man v1.37, Pod::Parser v1.13
+.\" Automatically generated by Pod::Man v1.37, Pod::Parser v1.14
 .\"
 .\" Standard preamble:
 .\" ========================================================================
@@ -149,7 +149,7 @@
 .\" ========================================================================
 .\"
 .IX Title "SUDO @mansectsu@"
-.TH SUDO @mansectsu@ "February 13, 2004" "1.6.8" "MAINTENANCE COMMANDS"
+.TH SUDO @mansectsu@ "May 17, 2004" "1.6.8" "MAINTENANCE COMMANDS"
 .SH "NAME"
 sudo, sudoedit \- execute a command as another user
 .SH "SYNOPSIS"
@@ -213,7 +213,7 @@ or via the \fIsudoers\fR file.
 .IX Item "-H"
 The \fB\-H\fR (\fI\s-1HOME\s0\fR) option sets the \f(CW\*(C`HOME\*(C'\fR environment variable
 to the homedir of the target user (root by default) as specified
-in \fIpasswd\fR\|(@mansectform@).  By default, \fBsudo\fR does not modify \f(CW\*(C`HOME\*(C'\fR.
+in passwd(@mansectform@).  By default, \fBsudo\fR does not modify \f(CW\*(C`HOME\*(C'\fR.
 .IP "\-K" 4
 .IX Item "-K"
 The \fB\-K\fR (sure \fIkill\fR) option to \fBsudo\fR removes the user's timestamp
@@ -300,7 +300,7 @@ temporary file.
 The \fB\-h\fR (\fIhelp\fR) option causes \fBsudo\fR to print a usage message and exit.
 .IP "\-i" 4
 .IX Item "-i"
-The \f(CW\*(C`\-i\*(C'\fR (\fIsimulate initial login\fR) option runs the shell specified
+The \fB\-i\fR (\fIsimulate initial login\fR) option runs the shell specified
 in the passwd(@mansectform@) entry of the user that the command is
 being run as.  The command name argument given to the shell begins
 with a \f(CW\*(C`\-\*(C'\fR to tell the shell to run as a login shell.  \fBsudo\fR
@@ -351,7 +351,7 @@ sudoers option is set)
 .ie n .IP "\*(C`%%\*(C'" 8
 .el .IP "\f(CW\*(C`%%\*(C'\fR" 8
 .IX Item "%%"
-two consecutive \f(CW\*(C`%\*(C'\fR characters are collasped into a single \f(CW\*(C`%\*(C'\fR character
+two consecutive \f(CW\*(C`%\*(C'\fR characters are collapsed into a single \f(CW\*(C`%\*(C'\fR character
 .RE
 .RS 4
 .RE
@@ -359,7 +359,7 @@ two consecutive \f(CW\*(C`%\*(C'\fR characters are collasped into a single \f(CW
 .IX Item "-s"
 The \fB\-s\fR (\fIshell\fR) option runs the shell specified by the \fI\s-1SHELL\s0\fR
 environment variable if it is set or the shell as specified
-in \fIpasswd\fR\|(@mansectform@).
+in passwd(@mansectform@).
 .IP "\-u" 4
 .IX Item "-u"
 The \fB\-u\fR (\fIuser\fR) option causes \fBsudo\fR to run the specified command
@@ -455,7 +455,7 @@ via \fBsudo\fR to verify that the command does not inadvertently give
 the user an effective root shell.
 .SH "EXAMPLES"
 .IX Header "EXAMPLES"
-Note: the following examples assume suitable \fIsudoers\fR\|(@mansectform@) entries.
+Note: the following examples assume suitable sudoers(@mansectform@) entries.
 .PP
 To get a file listing of an unreadable directory:
 .PP
@@ -541,11 +541,11 @@ to make the \f(CW\*(C`cd\*(C'\fR and file redirection work.
 \&                        is specified)
 .Ve
 .PP
-.Vb 2
+.Vb 1
 \& VISUAL                 Default editor to use in -e (sudoedit) mode
-\&=head1 FILES
 .Ve
-.PP
+.SH "FILES"
+.IX Header "FILES"
 .Vb 2
 \& @sysconfdir@/sudoers           List of who can run what
 \& @timedir@              Directory containing timestamps
@@ -580,7 +580,7 @@ if that user is allowed to run arbitrary commands via \fBsudo\fR.
 Also, many programs (such as editors) allow the user to run commands
 via shell escapes, thus avoiding \fBsudo\fR's checks.  However, on
 most systems it is possible to prevent shell escapes with \fBsudo\fR's
-\&\fInoexec\fR functionality.  See the \fIsudoers\fR\|(@mansectform@) manual for details.
+\&\fInoexec\fR functionality.  See the sudoers(@mansectform@) manual for details.
 .PP
 If users have sudo \f(CW\*(C`ALL\*(C'\fR there is nothing to prevent them from creating
 their own program that gives them a root shell regardless of any '!'
@@ -592,4 +592,5 @@ that make setuid shell scripts unsafe on some operating systems
 are generally safe).
 .SH "SEE ALSO"
 .IX Header "SEE ALSO"
-\&\fIgrep\fR\|(1), \fIsu\fR\|(1), \fIstat\fR\|(2), \fIlogin_cap\fR\|(3), \fIsudoers\fR\|(@mansectform@), \fIpasswd\fR\|(5), \fIvisudo\fR\|(@mansectsu@)
+\&\fIgrep\fR\|(1), \fIsu\fR\|(1), \fIstat\fR\|(2), \fIlogin_cap\fR\|(3), sudoers(@mansectform@),
+passwd(@mansectform@), visudo(@mansectsu@)

sudoers.cat

@@ -61,7 +61,7 @@ DDEESSCCRRIIPPTTIIOONN
 
 
 
-1.6.8                      May 16, 2004                         1
+1.6.8                      May 17, 2004                         1
 
 
 
@@ -127,7 +127,7 @@ SUDOERS(4)             MAINTENANCE COMMANDS            SUDOERS(4)
 
 
 
-1.6.8                      May 16, 2004                         2
+1.6.8                      May 17, 2004                         2
 
 
 
@@ -154,7 +154,7 @@ SUDOERS(4)             MAINTENANCE COMMANDS            SUDOERS(4)
        netmask may be specified either in dotted quad notation
        (e.g.  255.255.255.0) or CIDR notation (number of bits,
        e.g. 24).  A hostname may include shell-style wildcards
-       (see `Wildcards' section below), but unless the hostname
+       (see the Wildcards section below), but unless the hostname
        command on your machine returns the fully qualified host­
        name, you'll need to use the _f_q_d_n option for wildcards to
        be useful.
@@ -174,26 +174,26 @@ SUDOERS(4)             MAINTENANCE COMMANDS            SUDOERS(4)
        A Cmnd_List is a list of one or more commandnames, direc­
        tories, and other aliases.  A commandname is a fully qual­
        ified filename which may include shell-style wildcards
-       (see `Wildcards' section below).  A simple filename allows
+       (see the Wildcards section below).  A simple filename
-       the user to run the command with any arguments he/she
+       allows the user to run the command with any arguments
-       wishes.  However, you may also specify command line argu­
+       he/she wishes.  However, you may also specify command line
-       ments (including wildcards).  Alternately, you can specify
+       arguments (including wildcards).  Alternately, you can
-       "" to indicate that the command may only be run wwiitthhoouutt
+       specify "" to indicate that the command may only be run
-       command line arguments.  A directory is a fully qualified
+       wwiitthhoouutt command line arguments.  A directory is a fully
-       pathname ending in a '/'.  When you specify a directory in
+       qualified pathname ending in a '/'.  When you specify a
-       a Cmnd_List, the user will be able to run any file within
+       directory in a Cmnd_List, the user will be able to run any
-       that directory (but not in any subdirectories therein).
+       file within that directory (but not in any subdirectories
+       therein).
 
        If a Cmnd has associated command line arguments, then the
        arguments in the Cmnd must match exactly those given by
        the user on the command line (or match the wildcards if
        there are any).  Note that the following characters must
-       be escaped with a '\' if they are used in command argu­
+       be escaped with a '\' if they are used in command
-       ments: ',', ':', '=', '\'.  The special command "sudoedit"
 
 
 
-1.6.8                      May 16, 2004                         3
+1.6.8                      May 17, 2004                         3
 
 
 
@@ -202,9 +202,10 @@ SUDOERS(4)             MAINTENANCE COMMANDS            SUDOERS(4)
 SUDOERS(4)             MAINTENANCE COMMANDS            SUDOERS(4)
 
 
-       is used to permit a user to run ssuuddoo with the --ee flag (or
+       arguments: ',', ':', '=', '\'.  The special command
-       as ssuuddooeeddiitt).  It may take command line arguments just as
+       "sudoedit" is used to permit a user to run ssuuddoo with the
-       a normal command does.
+       --ee flag (or as ssuuddooeeddiitt).  It may take command line argu­
+       ments just as a normal command does.
 
        DDeeffaauullttss
 
@@ -255,11 +256,10 @@ SUDOERS(4)             MAINTENANCE COMMANDS            SUDOERS(4)
                    scheme (SS//KKeeyy or OOPPIIEE), a two-line prompt is
                    used to make it easier to cut and paste the
                    challenge to a local window.  It's not as
-                   pretty as the default but some people find it
 
 
 
-1.6.8                      May 16, 2004                         4
+1.6.8                      May 17, 2004                         4
 
 
 
@@ -268,6 +268,7 @@ SUDOERS(4)             MAINTENANCE COMMANDS            SUDOERS(4)
 SUDOERS(4)             MAINTENANCE COMMANDS            SUDOERS(4)
 
 
+                   pretty as the default but some people find it
                    more convenient.  This flag is _o_f_f by default.
 
        ignore_dot  If set, ssuuddoo will ignore '.' or '' (current
@@ -321,11 +322,10 @@ SUDOERS(4)             MAINTENANCE COMMANDS            SUDOERS(4)
                    may be overridden via the PASSWD and NOPASSWD
                    tags.  This flag is _o_n by default.
 
-       root_sudo   If set, root is allowed to run ssuuddoo too.
 
 
 
-1.6.8                      May 16, 2004                         5
+1.6.8                      May 17, 2004                         5
 
 
 
@@ -334,7 +334,8 @@ SUDOERS(4)             MAINTENANCE COMMANDS            SUDOERS(4)
 SUDOERS(4)             MAINTENANCE COMMANDS            SUDOERS(4)
 
 
-                   Disabling this prevents users from "chaining"
+       root_sudo   If set, root is allowed to run ssuuddoo too.  Dis­
+                   abling this prevents users from "chaining"
                    ssuuddoo commands to get a root shell by doing
                    something like "sudo sudo /bin/sh".  Note,
                    however, that turning off _r_o_o_t___s_u_d_o will also
@@ -386,12 +387,11 @@ SUDOERS(4)             MAINTENANCE COMMANDS            SUDOERS(4)
                    that they are not allowed to run it, which can
                    be confusing.  This flag is _o_f_f by default.
 
-       preserve_groups
-                   By default ssuuddoo will initialize the group
 
 
 
-1.6.8                      May 16, 2004                         6
+
+1.6.8                      May 17, 2004                         6
 
 
 
@@ -400,12 +400,14 @@ SUDOERS(4)             MAINTENANCE COMMANDS            SUDOERS(4)
 SUDOERS(4)             MAINTENANCE COMMANDS            SUDOERS(4)
 
 
-                   vector to the list of groups the target user
+       preserve_groups
-                   is in.  When _p_r_e_s_e_r_v_e___g_r_o_u_p_s is set, the
+                   By default ssuuddoo will initialize the group vec­
-                   user's existing group vector is left unal­
+                   tor to the list of groups the target user is
-                   tered.  The real and effective group IDs, how­
+                   in.  When _p_r_e_s_e_r_v_e___g_r_o_u_p_s is set, the user's
-                   ever, are still set to match the target user.
+                   existing group vector is left unaltered.  The
-                   This flag is _o_f_f by default.
+                   real and effective group IDs, however, are
+                   still set to match the target user.  This flag
+                   is _o_f_f by default.
 
        fqdn        Set this flag if you want to put fully quali­
                    fied hostnames in the _s_u_d_o_e_r_s file.  I.e.,
@@ -452,12 +454,10 @@ SUDOERS(4)             MAINTENANCE COMMANDS            SUDOERS(4)
 
        rootpw      If set, ssuuddoo will prompt for the root password
                    instead of the password of the invoking user.
-                   This flag is _o_f_f by default.
 
 
 
-
+1.6.8                      May 17, 2004                         7
-1.6.8                      May 16, 2004                         7
 
 
 
@@ -466,6 +466,8 @@ SUDOERS(4)             MAINTENANCE COMMANDS            SUDOERS(4)
 SUDOERS(4)             MAINTENANCE COMMANDS            SUDOERS(4)
 
 
+                   This flag is _o_f_f by default.
+
        runaspw     If set, ssuuddoo will prompt for the password of
                    the user defined by the _r_u_n_a_s___d_e_f_a_u_l_t option
                    (defaults to root) instead of the password of
@@ -518,12 +520,10 @@ SUDOERS(4)             MAINTENANCE COMMANDS            SUDOERS(4)
        use_loginclass
                    If set, ssuuddoo will apply the defaults specified
                    for the target user's login class if one
-                   exists.  Only available if ssuuddoo is configured
-                   with the --with-logincap option.  This flag is
 
 
 
-1.6.8                      May 16, 2004                         8
+1.6.8                      May 17, 2004                         8
 
 
 
@@ -532,13 +532,15 @@ SUDOERS(4)             MAINTENANCE COMMANDS            SUDOERS(4)
 SUDOERS(4)             MAINTENANCE COMMANDS            SUDOERS(4)
 
 
+                   exists.  Only available if ssuuddoo is configured
+                   with the --with-logincap option.  This flag is
                    _o_f_f by default.
 
        noexec      If set, all commands run via sudo will behave
                    as if the NOEXEC tag has been set, unless
                    overridden by a EXEC tag.  See the description
-                   of _N_O_E_X_E_C _a_n_d _E_X_E_C below as well as the PPRREE­­
+                   of _N_O_E_X_E_C _a_n_d _E_X_E_C below as well as the "PRE­
-                   VVEENNTTIINNGG SSHHEELLLL EESSCCAAPPEESS section at the end of
+                   VENTING SHELL ESCAPES" section at the end of
                    this manual.  This flag is _o_f_f by default.
 
        IInntteeggeerrss:
@@ -583,13 +585,11 @@ SUDOERS(4)             MAINTENANCE COMMANDS            SUDOERS(4)
                    the machine.  Default is *** SECURITY informa­
                    tion for %h ***.
 
-       badpass_message
-                   Message that is displayed if a user enters an
-                   incorrect password.  The default is Sorry, try
 
 
 
-1.6.8                      May 16, 2004                         9
+
+1.6.8                      May 17, 2004                         9
 
 
 
@@ -598,6 +598,9 @@ SUDOERS(4)             MAINTENANCE COMMANDS            SUDOERS(4)
 SUDOERS(4)             MAINTENANCE COMMANDS            SUDOERS(4)
 
 
+       badpass_message
+                   Message that is displayed if a user enters an
+                   incorrect password.  The default is Sorry, try
                    again. unless insults are enabled.
 
        timestampdir
@@ -649,13 +652,10 @@ SUDOERS(4)             MAINTENANCE COMMANDS            SUDOERS(4)
 
        editor      A colon (':') separated list of editors
                    allowed to be used with vviissuuddoo.  vviissuuddoo will
-                   choose the editor that matches the user's USER
-                   environment variable if possible, or the first
-                   editor in the list that exists and is
 
 
 
-1.6.8                      May 16, 2004                        10
+1.6.8                      May 17, 2004                        10
 
 
 
@@ -664,7 +664,10 @@ SUDOERS(4)             MAINTENANCE COMMANDS            SUDOERS(4)
 SUDOERS(4)             MAINTENANCE COMMANDS            SUDOERS(4)
 
 
-                   executable.  The default is the path to vi on
+                   choose the editor that matches the user's USER
+                   environment variable if possible, or the first
+                   editor in the list that exists and is exe­
+                   cutable.  The default is the path to vi on
                    your system.
 
        noexec_file Path to a shared library containing dummy ver­
@@ -715,13 +718,10 @@ SUDOERS(4)             MAINTENANCE COMMANDS            SUDOERS(4)
                    quotes (") to protect against sudo interpret­
                    ing the @ sign.  Defaults to root.
 
-       exempt_group
-                   Users in this group are exempt from password
-                   and PATH requirements.  This is not set by
 
 
 
-1.6.8                      May 16, 2004                        11
+1.6.8                      May 17, 2004                        11
 
 
 
@@ -730,6 +730,9 @@ SUDOERS(4)             MAINTENANCE COMMANDS            SUDOERS(4)
 SUDOERS(4)             MAINTENANCE COMMANDS            SUDOERS(4)
 
 
+       exempt_group
+                   Users in this group are exempt from password
+                   and PATH requirements.  This is not set by
                    default.
 
        verifypw    This option controls when a password will be
@@ -781,13 +784,10 @@ SUDOERS(4)             MAINTENANCE COMMANDS            SUDOERS(4)
                    contains % or / characters.  This can be used
                    to guard against printf-style format vulnera­
                    bilities in poorly-written programs.  The
-                   argument may be a double-quoted, space-sepa­
-                   rated list or a single value without dou­
-                   ble-quotes.  The list can be replaced, added
 
 
 
-1.6.8                      May 16, 2004                        12
+1.6.8                      May 17, 2004                        12
 
 
 
@@ -796,6 +796,9 @@ SUDOERS(4)             MAINTENANCE COMMANDS            SUDOERS(4)
 SUDOERS(4)             MAINTENANCE COMMANDS            SUDOERS(4)
 
 
+                   argument may be a double-quoted, space-sepa­
+                   rated list or a single value without dou­
+                   ble-quotes.  The list can be replaced, added
                    to, deleted from, or disabled by using the =,
                    +=, -=, and ! operators respectively.  The
                    default list of environment variables to check
@@ -847,13 +850,10 @@ SUDOERS(4)             MAINTENANCE COMMANDS            SUDOERS(4)
 
         Runas_Spec ::= '(' Runas_List ')'
 
-        Tag_Spec ::= ('NOPASSWD:' | 'PASSWD:' | 'NOEXEC:' | 'EXEC:')
-
-       A uusseerr ssppeecciiffiiccaattiioonn determines which commands a user may
 
 
 
-1.6.8                      May 16, 2004                        13
+1.6.8                      May 17, 2004                        13
 
 
 
@@ -862,6 +862,9 @@ SUDOERS(4)             MAINTENANCE COMMANDS            SUDOERS(4)
 SUDOERS(4)             MAINTENANCE COMMANDS            SUDOERS(4)
 
 
+        Tag_Spec ::= ('NOPASSWD:' | 'PASSWD:' | 'NOEXEC:' | 'EXEC:')
+
+       A uusseerr ssppeecciiffiiccaattiioonn determines which commands a user may
        run (and as what user) on specified hosts.  By default,
        commands are run as rroooott, but this can be changed on a
        per-command basis.
@@ -882,7 +885,7 @@ SUDOERS(4)             MAINTENANCE COMMANDS            SUDOERS(4)
        The user ddggbb may run _/_b_i_n_/_l_s, _/_b_i_n_/_k_i_l_l, and _/_u_s_r_/_b_i_n_/_l_p_r_m
        -- but only as ooppeerraattoorr.  E.g.,
 
-           sudo -u operator /bin/ls.
+        $ sudo -u operator /bin/ls.
 
        It is also possible to override a Runas_Spec later on in
        an entry.  If we modify the entry like so:
@@ -913,13 +916,10 @@ SUDOERS(4)             MAINTENANCE COMMANDS            SUDOERS(4)
         ray    rushmore = NOPASSWD: /bin/kill, /bin/ls, /usr/bin/lprm
 
        would allow the user rraayy to run _/_b_i_n_/_k_i_l_l, _/_b_i_n_/_l_s, and
-       _/_u_s_r_/_b_i_n_/_l_p_r_m as root on the machine rushmore as rroooott
-       without authenticating himself.  If we only want rraayy to be
-       able to run _/_b_i_n_/_k_i_l_l without a password the entry would
 
 
 
-1.6.8                      May 16, 2004                        14
+1.6.8                      May 17, 2004                        14
 
 
 
@@ -928,6 +928,9 @@ SUDOERS(4)             MAINTENANCE COMMANDS            SUDOERS(4)
 SUDOERS(4)             MAINTENANCE COMMANDS            SUDOERS(4)
 
 
+       _/_u_s_r_/_b_i_n_/_l_p_r_m as root on the machine rushmore as rroooott
+       without authenticating himself.  If we only want rraayy to be
+       able to run _/_b_i_n_/_k_i_l_l without a password the entry would
        be:
 
         ray    rushmore = NOPASSWD: /bin/kill, PASSWD: /bin/ls, /usr/bin/lprm
@@ -955,16 +958,17 @@ SUDOERS(4)             MAINTENANCE COMMANDS            SUDOERS(4)
 
         aaron  shanty = NOEXEC: /usr/bin/more, /usr/bin/vi
 
-       See the PPRREEVVEENNTTIINNGG SSHHEELLLL EESSCCAAPPEESS section below for more
+       See the "PREVENTING SHELL ESCAPES" section below for more
        details on how _n_o_e_x_e_c works and whether or not it will
        work on your system.
 
-       WWiillddccaarrddss ((aakkaa mmeettaa cchhaarraacctteerrss))::
+       WWiillddccaarrddss
 
-       ssuuddoo allows shell-style _w_i_l_d_c_a_r_d_s to be used in pathnames
+       ssuuddoo allows shell-style _w_i_l_d_c_a_r_d_s (aka meta or glob char­
-       as well as command line arguments in the _s_u_d_o_e_r_s file.
+       acters) to be used in pathnames as well as command line
-       Wildcard matching is done via the PPOOSSIIXX fnmatch(3) rou­
+       arguments in the _s_u_d_o_e_r_s file.  Wildcard matching is done
-       tine.  Note that these are _n_o_t regular expressions.
+       via the PPOOSSIIXX _f_n_m_a_t_c_h(3) routine.  Note that these are _n_o_t
+       regular expressions.
 
        *       Matches any set of zero or more characters.
 
@@ -978,14 +982,10 @@ SUDOERS(4)             MAINTENANCE COMMANDS            SUDOERS(4)
                used to escape special characters such as: "*",
                "?", "[", and "}".
 
-       Note that a forward slash ('/') will nnoott be matched by
-       wildcards used in the pathname.  When matching the command
-       line arguments, however, a slash ddooeess get matched by wild­
-       cards.  This is to make a path like:
 
 
 
-1.6.8                      May 16, 2004                        15
+1.6.8                      May 17, 2004                        15
 
 
 
@@ -994,11 +994,16 @@ SUDOERS(4)             MAINTENANCE COMMANDS            SUDOERS(4)
 SUDOERS(4)             MAINTENANCE COMMANDS            SUDOERS(4)
 
 
+       Note that a forward slash ('/') will nnoott be matched by
+       wildcards used in the pathname.  When matching the command
+       line arguments, however, a slash ddooeess get matched by wild­
+       cards.  This is to make a path like:
+
            /usr/bin/*
 
        match _/_u_s_r_/_b_i_n_/_w_h_o but not _/_u_s_r_/_b_i_n_/_X_1_1_/_x_t_e_r_m.
 
-       EExxcceeppttiioonnss ttoo wwiillddccaarrdd rruulleess::
+       EExxcceeppttiioonnss ttoo wwiillddccaarrdd rruulleess
 
        The following exceptions apply to the above rules:
 
@@ -1006,7 +1011,7 @@ SUDOERS(4)             MAINTENANCE COMMANDS            SUDOERS(4)
                argument in the _s_u_d_o_e_r_s entry it means that com­
                mand is not allowed to be run with aannyy arguments.
 
-       OOtthheerr ssppeecciiaall cchhaarraacctteerrss aanndd rreesseerrvveedd wwoorrddss::
+       OOtthheerr ssppeecciiaall cchhaarraacctteerrss aanndd rreesseerrvveedd wwoorrddss
 
        The pound sign ('#') is used to indicate a comment (unless
        it occurs in the context of a user name and is followed by
@@ -1043,15 +1048,10 @@ SUDOERS(4)             MAINTENANCE COMMANDS            SUDOERS(4)
 
 EEXXAAMMPPLLEESS
        Below are example _s_u_d_o_e_r_s entries.  Admittedly, some of
-       these are a bit contrived.  First, we define our _a_l_i_a_s_e_s:
 
 
 
-
+1.6.8                      May 17, 2004                        16
-
-
-
-1.6.8                      May 16, 2004                        16
 
 
 
@@ -1060,6 +1060,8 @@ EEXXAAMMPPLLEESS
 SUDOERS(4)             MAINTENANCE COMMANDS            SUDOERS(4)
 
 
+       these are a bit contrived.  First, we define our _a_l_i_a_s_e_s:
+
         # User alias specification
         User_Alias     FULLTIMERS = millert, mikef, dowdy
         User_Alias     PARTTIMERS = bostley, jwfox, crawl
@@ -1085,8 +1087,8 @@ SUDOERS(4)             MAINTENANCE COMMANDS            SUDOERS(4)
         Cmnd_Alias     KILL = /usr/bin/kill
         Cmnd_Alias     PRINTING = /usr/sbin/lpc, /usr/bin/lprm
         Cmnd_Alias     SHUTDOWN = /usr/sbin/shutdown
-        Cmnd_Alias     HALT = /usr/sbin/halt, /usr/sbin/fasthalt
+        Cmnd_Alias     HALT = /usr/sbin/halt
-        Cmnd_Alias     REBOOT = /usr/sbin/reboot, /usr/sbin/fastboot
+        Cmnd_Alias     REBOOT = /usr/sbin/reboot
         Cmnd_Alias     SHELLS = /usr/bin/sh, /usr/bin/csh, /usr/bin/ksh, \
                                 /usr/local/bin/tcsh, /usr/bin/rsh, \
                                 /usr/local/bin/zsh
@@ -1115,9 +1117,7 @@ SUDOERS(4)             MAINTENANCE COMMANDS            SUDOERS(4)
 
 
 
-
+1.6.8                      May 17, 2004                        17
-
-1.6.8                      May 16, 2004                        17
 
 
 
@@ -1157,8 +1157,8 @@ SUDOERS(4)             MAINTENANCE COMMANDS            SUDOERS(4)
        The user lliissaa may run any command on any host in the
        _C_U_N_E_T_S alias (the class B network 128.138.0.0).
 
-        operator       ALL = DUMPS, KILL, PRINTING, SHUTDOWN, HALT, REBOOT,\
+        operator       ALL = DUMPS, KILL, SHUTDOWN, HALT, REBOOT, PRINTING,\
-                       /usr/oper/bin/
+                       sudoedit /etc/printcap, /usr/oper/bin/
 
        The ooppeerraattoorr user may run commands limited to simple main­
        tenance.  Here, those are commands related to backups,
@@ -1183,7 +1183,7 @@ SUDOERS(4)             MAINTENANCE COMMANDS            SUDOERS(4)
 
 
 
-1.6.8                      May 16, 2004                        18
+1.6.8                      May 17, 2004                        18
 
 
 
@@ -1249,7 +1249,7 @@ SUDOERS(4)             MAINTENANCE COMMANDS            SUDOERS(4)
 
 
 
-1.6.8                      May 16, 2004                        19
+1.6.8                      May 17, 2004                        19
 
 
 
@@ -1301,7 +1301,7 @@ PPRREEVVEENNTTIINNGG SSHHEELLLL EESSCCAAPPEESS
        To tell whether or not ssuuddoo supports _n_o_e_x_e_c, you can run
        the following as root:
 
-           # sudo -V | grep "dummy exec"
+           \# sudo -V | grep "dummy exec"
 
        If the resulting output contains a line that begins with:
 
@@ -1315,7 +1315,7 @@ PPRREEVVEENNTTIINNGG SSHHEELLLL EESSCCAAPPEESS
 
 
 
-1.6.8                      May 16, 2004                        20
+1.6.8                      May 17, 2004                        20
 
 
 
@@ -1340,11 +1340,10 @@ SUDOERS(4)             MAINTENANCE COMMANDS            SUDOERS(4)
 
        Note that disabling shell escapes is not a panacea.  Pro­
        grams running as root are still capable of many poten­
-       tially hazardous operations (such as chaning or overwrit­
+       tially hazardous operations (such as changing or overwrit­
        ing files) that could lead to unintended privilege escala­
        tion.  In the specific case of an editor, a safer approach
-       is to give the user permission to run the ssuuddooeeddiitt pro­
+       is to give the user permission to run ssuuddooeeddiitt.
-       gram.
 
 CCAAVVEEAATTSS
        The _s_u_d_o_e_r_s file should aallwwaayyss be edited by the vviissuuddoo
@@ -1365,7 +1364,7 @@ FFIILLEESS
         /etc/netgroup          List of network groups
 
 SSEEEE AALLSSOO
-       _r_s_h(1), _s_u(1), _f_n_m_a_t_c_h(3), _s_u_d_o(1m), _v_i_s_u_d_o(8)
+       _r_s_h(1), _s_u(1), _f_n_m_a_t_c_h(3), sudo(1m), visudo(1m)
 
 
 
@@ -1381,6 +1380,7 @@ SSEEEE AALLSSOO
 
 
 
-1.6.8                      May 16, 2004                        21
+
+1.6.8                      May 17, 2004                        21
 
 

sudoers.man.in

@@ -149,7 +149,7 @@
 .\" ========================================================================
 .\"
 .IX Title "SUDOERS @mansectform@"
-.TH SUDOERS @mansectform@ "May 16, 2004" "1.6.8" "MAINTENANCE COMMANDS"
+.TH SUDOERS @mansectform@ "May 17, 2004" "1.6.8" "MAINTENANCE COMMANDS"
 .SH "NAME"
 sudoers \- list of which users may execute what
 .SH "DESCRIPTION"
@@ -302,7 +302,7 @@ If you do not specify a netmask with a network number, the netmask
 of the host's ethernet interface(s) will be used when matching.
 The netmask may be specified either in dotted quad notation (e.g.
 255.255.255.0) or \s-1CIDR\s0 notation (number of bits, e.g. 24).  A hostname
-may include shell-style wildcards (see `Wildcards' section below),
+may include shell-style wildcards (see the Wildcards section below),
 but unless the \f(CW\*(C`hostname\*(C'\fR command on your machine returns the fully
 qualified hostname, you'll need to use the \fIfqdn\fR option for wildcards
 to be useful.
@@ -327,7 +327,7 @@ to be useful.
 .PP
 A \f(CW\*(C`Cmnd_List\*(C'\fR is a list of one or more commandnames, directories, and other
 aliases.  A commandname is a fully qualified filename which may include
-shell-style wildcards (see `Wildcards' section below).  A simple
+shell-style wildcards (see the Wildcards section below).  A simple
 filename allows the user to run the command with any arguments he/she
 wishes.  However, you may also specify command line arguments (including
 wildcards).  Alternately, you can specify \f(CW""\fR to indicate that the command
@@ -587,8 +587,7 @@ the \-\-with\-logincap option.  This flag is \fIoff\fR by default.
 .IX Item "noexec"
 If set, all commands run via sudo will behave as if the \f(CW\*(C`NOEXEC\*(C'\fR
 tag has been set, unless overridden by a \f(CW\*(C`EXEC\*(C'\fR tag.  See the
-description of \fI\s-1NOEXEC\s0 and \s-1EXEC\s0\fR below as well as the \fB\s-1PREVENTING\s0 \s-1SHELL\s0
+description of \fI\s-1NOEXEC\s0 and \s-1EXEC\s0\fR below as well as the \*(L"\s-1PREVENTING\s0 \s-1SHELL\s0 \s-1ESCAPES\s0\*(R" section at the end of this manual.  This flag is \fIoff\fR by default.
-\&\s-1ESCAPES\s0\fR section at the end of this manual.  This flag is \fIoff\fR by default.
 .PP
 \&\fBIntegers\fR:
 .IP "passwd_tries" 12
@@ -828,12 +827,13 @@ single value without double\-quotes.  The list can be replaced, added
 to, deleted from, or disabled by using the \f(CW\*(C`=\*(C'\fR, \f(CW\*(C`+=\*(C'\fR, \f(CW\*(C`\-=\*(C'\fR, and
 \&\f(CW\*(C`!\*(C'\fR operators respectively.  This list has no default members.
 .PP
-When logging via \fIsyslog\fR\|(3), \fBsudo\fR accepts the following values for the syslog
+When logging via \fIsyslog\fR\|(3), \fBsudo\fR accepts the following values
-facility (the value of the \fBsyslog\fR Parameter): \fBauthpriv\fR (if your \s-1OS\s0
+for the syslog facility (the value of the \fBsyslog\fR Parameter):
-supports it), \fBauth\fR, \fBdaemon\fR, \fBuser\fR, \fBlocal0\fR, \fBlocal1\fR, \fBlocal2\fR,
+\&\fBauthpriv\fR (if your \s-1OS\s0 supports it), \fBauth\fR, \fBdaemon\fR, \fBuser\fR,
-\&\fBlocal3\fR, \fBlocal4\fR, \fBlocal5\fR, \fBlocal6\fR, and \fBlocal7\fR.  The following
+\&\fBlocal0\fR, \fBlocal1\fR, \fBlocal2\fR, \fBlocal3\fR, \fBlocal4\fR, \fBlocal5\fR,
-syslog priorities are supported: \fBalert\fR, \fBcrit\fR, \fBdebug\fR, \fBemerg\fR,
+\&\fBlocal6\fR, and \fBlocal7\fR.  The following syslog priorities are
-\&\fBerr\fR, \fBinfo\fR, \fBnotice\fR, and \fBwarning\fR.
+supported: \fBalert\fR, \fBcrit\fR, \fBdebug\fR, \fBemerg\fR, \fBerr\fR, \fBinfo\fR,
+\&\fBnotice\fR, and \fBwarning\fR.
 .Sh "User Specification"
 .IX Subsection "User Specification"
 .Vb 2
@@ -879,7 +879,7 @@ The user \fBdgb\fR may run \fI/bin/ls\fR, \fI/bin/kill\fR, and
 \&\fI/usr/bin/lprm\fR \*(-- but only as \fBoperator\fR.  E.g.,
 .PP
 .Vb 1
-\&    sudo -u operator /bin/ls.
+\& $ sudo -u operator /bin/ls.
 .Ve
 .PP
 It is also possible to override a \f(CW\*(C`Runas_Spec\*(C'\fR later on in an
@@ -947,14 +947,14 @@ and \fI/usr/bin/vi\fR but shell escapes will be disabled.
 \& aaron  shanty = NOEXEC: /usr/bin/more, /usr/bin/vi
 .Ve
 .PP
-See the \fB\s-1PREVENTING\s0 \s-1SHELL\s0 \s-1ESCAPES\s0\fR section below for more details
+See the \*(L"\s-1PREVENTING\s0 \s-1SHELL\s0 \s-1ESCAPES\s0\*(R" section below for more details
 on how \fInoexec\fR works and whether or not it will work on your system.
-.Sh "Wildcards (aka meta characters):"
+.Sh "Wildcards"
-.IX Subsection "Wildcards (aka meta characters):"
+.IX Subsection "Wildcards"
-\&\fBsudo\fR allows shell-style \fIwildcards\fR to be used in pathnames
+\&\fBsudo\fR allows shell-style \fIwildcards\fR (aka meta or glob characters)
-as well as command line arguments in the \fIsudoers\fR file.  Wildcard
+to be used in pathnames as well as command line arguments in the
-matching is done via the \fB\s-1POSIX\s0\fR \f(CWfnmatch(3)\fR routine.  Note that
+\&\fIsudoers\fR file.  Wildcard matching is done via the \fB\s-1POSIX\s0\fR
-these are \fInot\fR regular expressions.
+\&\fIfnmatch\fR\|(3) routine.  Note that these are \fInot\fR regular expressions.
 .ie n .IP "\*(C`*\*(C'" 8
 .el .IP "\f(CW\*(C`*\*(C'\fR" 8
 .IX Item "*"
@@ -987,8 +987,8 @@ wildcards.  This is to make a path like:
 .Ve
 .PP
 match \fI/usr/bin/who\fR but not \fI/usr/bin/X11/xterm\fR.
-.Sh "Exceptions to wildcard rules:"
+.Sh "Exceptions to wildcard rules"
-.IX Subsection "Exceptions to wildcard rules:"
+.IX Subsection "Exceptions to wildcard rules"
 The following exceptions apply to the above rules:
 .ie n .IP """""" 8
 .el .IP "\f(CW``''\fR" 8
@@ -996,8 +996,8 @@ The following exceptions apply to the above rules:
 If the empty string \f(CW""\fR is the only command line argument in the
 \&\fIsudoers\fR entry it means that command is not allowed to be run
 with \fBany\fR arguments.
-.Sh "Other special characters and reserved words:"
+.Sh "Other special characters and reserved words"
-.IX Subsection "Other special characters and reserved words:"
+.IX Subsection "Other special characters and reserved words"
 The pound sign ('#') is used to indicate a comment (unless it
 occurs in the context of a user name and is followed by one or
 more digits, in which case it is treated as a uid).  Both the
@@ -1065,8 +1065,8 @@ these are a bit contrived.  First, we define our \fIaliases\fR:
 \& Cmnd_Alias     KILL = /usr/bin/kill
 \& Cmnd_Alias     PRINTING = /usr/sbin/lpc, /usr/bin/lprm
 \& Cmnd_Alias     SHUTDOWN = /usr/sbin/shutdown
-\& Cmnd_Alias     HALT = /usr/sbin/halt, /usr/sbin/fasthalt
+\& Cmnd_Alias     HALT = /usr/sbin/halt
-\& Cmnd_Alias     REBOOT = /usr/sbin/reboot, /usr/sbin/fastboot
+\& Cmnd_Alias     REBOOT = /usr/sbin/reboot
 \& Cmnd_Alias     SHELLS = /usr/bin/sh, /usr/bin/csh, /usr/bin/ksh, \e
 \&                         /usr/local/bin/tcsh, /usr/bin/rsh, \e
 \&                         /usr/local/bin/zsh
@@ -1137,8 +1137,8 @@ The user \fBlisa\fR may run any command on any host in the \fI\s-1CUNETS\s0\fR a
 (the class B network \f(CW128.138.0.0\fR).
 .PP
 .Vb 2
-\& operator       ALL = DUMPS, KILL, PRINTING, SHUTDOWN, HALT, REBOOT,\e
+\& operator       ALL = DUMPS, KILL, SHUTDOWN, HALT, REBOOT, PRINTING,\e
-\&                /usr/oper/bin/
+\&                sudoedit /etc/printcap, /usr/oper/bin/
 .Ve
 .PP
 The \fBoperator\fR user may run commands limited to simple maintenance.
@@ -1280,7 +1280,7 @@ To tell whether or not \fBsudo\fR supports \fInoexec\fR, you can run
 the following as root:
 .PP
 .Vb 1
-\&    # sudo -V | grep "dummy exec"
+\&    \e# sudo -V | grep "dummy exec"
 .Ve
 .PP
 If the resulting output contains a line that begins with:
@@ -1307,10 +1307,9 @@ just try it out and see if it works.
 .PP
 Note that disabling shell escapes is not a panacea.  Programs running
 as root are still capable of many potentially hazardous operations
-(such as chaning or overwriting files) that could lead to unintended
+(such as changing or overwriting files) that could lead to unintended
 privilege escalation.  In the specific case of an editor, a safer
-approach is to give the user permission to run the \fBsudoedit\fR
+approach is to give the user permission to run \fBsudoedit\fR.
-program.
 .SH "CAVEATS"
 .IX Header "CAVEATS"
 The \fIsudoers\fR file should \fBalways\fR be edited by the \fBvisudo\fR
@@ -1332,4 +1331,4 @@ as returned by the \f(CW\*(C`hostname\*(C'\fR command or use the \fIfqdn\fR opti
 .Ve
 .SH "SEE ALSO"
 .IX Header "SEE ALSO"
-\&\fIrsh\fR\|(1), \fIsu\fR\|(1), \fIfnmatch\fR\|(3), \fIsudo\fR\|(@mansectsu@), \fIvisudo\fR\|(8)
+\&\fIrsh\fR\|(1), \fIsu\fR\|(1), \fIfnmatch\fR\|(3), sudo(@mansectsu@), visudo(@mansectsu@)

visudo.cat

@@ -12,7 +12,7 @@ SSYYNNOOPPSSIISS
 
 DDEESSCCRRIIPPTTIIOONN
        vviissuuddoo edits the _s_u_d_o_e_r_s file in a safe fashion, analogous
-       to _v_i_p_w(1m).  vviissuuddoo locks the _s_u_d_o_e_r_s file against multi­
+       to vipw(1m).  vviissuuddoo locks the _s_u_d_o_e_r_s file against multi­
        ple simultaneous edits, provides basic sanity checks, and
        checks for parse errors.  If the _s_u_d_o_e_r_s file is currently
        being edited you will receive a message to try again
@@ -61,7 +61,7 @@ OOPPTTIIOONNSS
 
 
 
-1.6.8                   February 13, 2004                       1
+1.6.8                      May 17, 2004                         1
 
 
 
@@ -122,12 +122,12 @@ AAUUTTHHOORR
        Many people have worked on _s_u_d_o over the years; this ver­
        sion of vviissuuddoo was written by:
 
-        Todd Miller            <Todd.Miller@courtesan.com>
+        Todd Miller
 
 
 
 
-1.6.8                   February 13, 2004                       2
+1.6.8                      May 17, 2004                         2
 
 
 
@@ -155,7 +155,7 @@ CCAAVVEEAATTSS
        shell if the editor used by vviissuuddoo allows shell escapes.
 
 SSEEEE AALLSSOO
-       _v_i(1), _s_u_d_o_e_r_s(4), _s_u_d_o(1m), _v_i_p_w(8)
+       _v_i(1), sudoers(4), sudo(1m), vipw(1m)
 
 
 
@@ -193,6 +193,6 @@ SSEEEE AALLSSOO
 
 
 
-1.6.8                   February 13, 2004                       3
+1.6.8                      May 17, 2004                         3
 
 

visudo.man.in

@@ -18,7 +18,7 @@
 .\" Materiel Command, USAF, under agreement number F39502-99-1-0512.
 .\" 
 .\" $Sudo$
-.\" Automatically generated by Pod::Man v1.37, Pod::Parser v1.13
+.\" Automatically generated by Pod::Man v1.37, Pod::Parser v1.14
 .\"
 .\" Standard preamble:
 .\" ========================================================================
@@ -149,7 +149,7 @@
 .\" ========================================================================
 .\"
 .IX Title "VISUDO @mansectsu@"
-.TH VISUDO @mansectsu@ "February 13, 2004" "1.6.8" "MAINTENANCE COMMANDS"
+.TH VISUDO @mansectsu@ "May 17, 2004" "1.6.8" "MAINTENANCE COMMANDS"
 .SH "NAME"
 visudo \- edit the sudoers file
 .SH "SYNOPSIS"
@@ -158,7 +158,7 @@ visudo \- edit the sudoers file
 .SH "DESCRIPTION"
 .IX Header "DESCRIPTION"
 \&\fBvisudo\fR edits the \fIsudoers\fR file in a safe fashion, analogous to
-\&\fIvipw\fR\|(@mansectsu@).  \fBvisudo\fR locks the \fIsudoers\fR file against multiple
+vipw(@mansectsu@).  \fBvisudo\fR locks the \fIsudoers\fR file against multiple
 simultaneous edits, provides basic sanity checks, and checks
 for parse errors.  If the \fIsudoers\fR file is currently being
 edited you will receive a message to try again later.
@@ -261,7 +261,7 @@ Many people have worked on \fIsudo\fR over the years; this version of
 \&\fBvisudo\fR was written by:
 .PP
 .Vb 1
-\& Todd Miller            <Todd.Miller@courtesan.com>
+\& Todd Miller
 .Ve
 .PP
 See the \s-1HISTORY\s0 file in the sudo distribution or visit
@@ -282,4 +282,4 @@ There is no easy way to prevent a user from gaining a root shell if
 the editor used by \fBvisudo\fR allows shell escapes.
 .SH "SEE ALSO"
 .IX Header "SEE ALSO"
-\&\fIvi\fR\|(1), \fIsudoers\fR\|(@mansectform@), \fIsudo\fR\|(@mansectsu@), \fIvipw\fR\|(8)
+\&\fIvi\fR\|(1), sudoers(@mansectform@), sudo(@mansectsu@), vipw(@mansectsu@)