mir/sudo
2
0
Fork 0
mirror of https://github.com/sudo-project/sudo.git synced 2025-08-22 01:49:11 +00:00
Code Issues Releases Wiki Activity

More minor costmetic fixes.

Browse Source
This commit is contained in:
Todd C. Miller 2012-07-18 09:16:09 -04:00
parent f31f58a967
commit c5b374fac6
15 changed files with 292 additions and 279 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

56
doc/sudo_plugin.cat
View File

@ -22,9 +22,9 @@ DDEESSCCRRIIPPTTIIOONN
The plugin API is defined by the sudo_plugin.h header file.
TThhee ssuuddoo..ccoonnff FFiillee
The _/_e_t_c_/_s_u_d_o_._c_o_n_f file contains plugin configuration directives.
Currently, the only supported keyword is the Plugin directive, which
causes a plugin plugin to be loaded.
The _/_e_t_c_/_s_u_d_o_._c_o_n_f file contains plugin configuration directives. The
primary keyword is the Plugin directive, which causes a plugin to be
loaded.
A Plugin line consists of the Plugin keyword, followed by the
_s_y_m_b_o_l___n_a_m_e and the _p_a_t_h to the shared object containing the plugin.
@ -149,8 +149,8 @@ DDEESSCCRRIIPPTTIIOONN
flags are passed to the plugin as they appear in
_/_e_t_c_/_s_u_d_o_._c_o_n_f. The syntax used by ssuuddoo and the _s_u_d_o_e_r_s
plugin is _s_u_b_s_y_s_t_e_m@_p_r_i_o_r_i_t_y but the plugin is free to use
a different format so long as it does not include a command
,.
a different format so long as it does not include a comma
(,).
For reference, the priorities supported by the ssuuddoo front
end and _s_u_d_o_e_r_s are: _c_r_i_t, _e_r_r, _w_a_r_n, _n_o_t_i_c_e, _d_i_a_g, _i_n_f_o,
@ -171,31 +171,31 @@ DDEESSCCRRIIPPTTIIOONN
runas_user=string
The user name or uid to to run the command as, if specified
via the -u flag.
via the --uu flag.
runas_group=string
The group name or gid to to run the command as, if
specified via the -g flag.
specified via the --gg flag.
prompt=string
The prompt to use when requesting a password, if specified
via the -p flag.
via the --pp flag.
set_home=bool
Set to true if the user specified the -H flag. If true,
Set to true if the user specified the --HH flag. If true,
set the HOME environment variable to the target user's home
directory.
preserve_environment=bool
Set to true if the user specified the -E flag, indicating
Set to true if the user specified the --EE flag, indicating
that the user wishes to preserve the environment.
run_shell=bool
Set to true if the user specified the -s flag, indicating
Set to true if the user specified the --ss flag, indicating
that the user wishes to run a shell.
login_shell=bool
Set to true if the user specified the -i flag, indicating
Set to true if the user specified the --ii flag, indicating
that the user wishes to run a login shell.
implied_shell=bool
@ -208,35 +208,35 @@ DDEESSCCRRIIPPTTIIOONN
print a usage message and exit.
preserve_groups=bool
Set to true if the user specified the -P flag, indicating
Set to true if the user specified the --PP flag, indicating
that the user wishes to preserve the group vector instead
of setting it based on the runas user.
ignore_ticket=bool
Set to true if the user specified the -k flag along with a
Set to true if the user specified the --kk flag along with a
command, indicating that the user wishes to ignore any
cached authentication credentials.
noninteractive=bool
Set to true if the user specified the -n flag, indicating
Set to true if the user specified the --nn flag, indicating
that ssuuddoo should operate in non-interactive mode. The
plugin may reject a command run in non-interactive mode if
user interaction is required.
login_class=string
BSD login class to use when setting resource limits and
nice value, if specified by the -c flag.
nice value, if specified by the --cc flag.
selinux_role=string
SELinux role to use when executing the command, if
specified by the -r flag.
specified by the --rr flag.
selinux_type=string
SELinux type to use when executing the command, if
specified by the -t flag.
specified by the --tt flag.
bsdauth_type=string
Authentication type, if specified by the -a flag, to use on
Authentication type, if specified by the --aa flag, to use on
systems where BSD authentication is supported.
network_addrs=list
@ -252,14 +252,14 @@ DDEESSCCRRIIPPTTIIOONN
"sudoedit".
sudoedit=bool
Set to true when the -e flag is is specified or if invoked
Set to true when the --ee flag is is specified or if invoked
as ssuuddooeeddiitt. The plugin shall substitute an editor into
_a_r_g_v in the _c_h_e_c_k___p_o_l_i_c_y function or return -2 with a usage
error if the plugin does not support _s_u_d_o_e_d_i_t. For more
information, see the _c_h_e_c_k___p_o_l_i_c_y section.
closefrom=number
If specified, the user has requested via the -C flag that
If specified, the user has requested via the --CC flag that
ssuuddoo close all files descriptors with a value of _n_u_m_b_e_r or
higher. The plugin may optionally pass this, or another
value, back in the _c_o_m_m_a_n_d___i_n_f_o list.
@ -384,7 +384,7 @@ DDEESSCCRRIIPPTTIIOONN
int (*show_version)(int verbose);
The show_version function is called by ssuuddoo when the user specifies
the -V option. The plugin may display its version information to
the --VV option. The plugin may display its version information to
the user via the conversation or plugin_printf function using
SUDO_CONV_INFO_MSG. If the user requests detailed version
information, the verbose flag will be set.
@ -631,7 +631,7 @@ DDEESSCCRRIIPPTTIIOONN
validate
int (*validate)(void);
The validate function is called when ssuuddoo is run with the -v flag.
The validate function is called when ssuuddoo is run with the --vv flag.
For policy plugins such as _s_u_d_o_e_r_s that cache authentication
credentials, this function will validate and cache the credentials.
@ -646,8 +646,8 @@ DDEESSCCRRIIPPTTIIOONN
invalidate
void (*invalidate)(int remove);
The invalidate function is called when ssuuddoo is called with the -k
or -K flag. For policy plugins such as _s_u_d_o_e_r_s that cache
The invalidate function is called when ssuuddoo is called with the --kk
or --KK flag. For policy plugins such as _s_u_d_o_e_r_s that cache
authentication credentials, this function will invalidate the
credentials. If the _r_e_m_o_v_e flag is set, the plugin may remove the
credentials instead of simply invalidating them.
@ -918,7 +918,7 @@ DDEESSCCRRIIPPTTIIOONN
int (*show_version)(int verbose);
The show_version function is called by ssuuddoo when the user specifies
the -V option. The plugin may display its version information to
the --VV option. The plugin may display its version information to
the user via the conversation or plugin_printf function using
SUDO_CONV_INFO_MSG. If the user requests detailed version
information, the verbose flag will be set.
@ -1203,7 +1203,7 @@ DDEESSCCRRIIPPTTIIOONN
user reply is needed and supports standard _p_r_i_n_t_f_(_) escape sequences.
Unlike, SUDO_CONV_INFO_MSG and SUDO_CONV_ERROR_MSG, messages sent with
the <SUDO_CONV_DEBUG_MSG> _m_s_g___t_y_p_e are not directly user-visible.
the SUDO_CONV_DEBUG_MSG _m_s_g___t_y_p_e are not directly user-visible.
Instead, they are logged to the file specified in the Debug statement
(if any) in the _/_e_t_c_/_s_u_d_o_._c_o_n_f file. This allows a plugin to log
debugging information and is intended to be used in conjunction with
@ -1355,4 +1355,4 @@ DDIISSCCLLAAIIMMEERR
1.8.6 June 29, 2012 SUDO_PLUGIN(1m)
1.8.6 July 17, 2012 SUDO_PLUGIN(1m)

50
doc/sudo_plugin.man.in
View File

@ -139,7 +139,7 @@
.\" ========================================================================
.\"
.IX Title "SUDO_PLUGIN @mansectsu@"
.TH SUDO_PLUGIN @mansectsu@ "June 29, 2012" "1.8.6" "MAINTENANCE COMMANDS"
.TH SUDO_PLUGIN @mansectsu@ "July 17, 2012" "1.8.6" "MAINTENANCE COMMANDS"
.\" For nroff, turn off justification. Always turn off hyphenation; it makes
.\" way too many mistakes in technical documents.
.if n .ad l
@ -165,8 +165,8 @@ The plugin \s-1API\s0 is defined by the \f(CW\*(C`sudo_plugin.h\*(C'\fR header f
.SS "The sudo.conf File"
.IX Subsection "The sudo.conf File"
The \fI@sysconfdir@/sudo.conf\fR file contains plugin configuration directives.
Currently, the only supported keyword is the \f(CW\*(C`Plugin\*(C'\fR directive,
which causes a plugin plugin to be loaded.
The primary keyword is the \f(CW\*(C`Plugin\*(C'\fR directive, which causes a plugin
to be loaded.
.PP
A \f(CW\*(C`Plugin\*(C'\fR line consists of the \f(CW\*(C`Plugin\*(C'\fR keyword, followed by the
\&\fIsymbol_name\fR and the \fIpath\fR to the shared object containing the
@ -300,7 +300,7 @@ A comma-separated list of debug flags that correspond to \fBsudo\fR's
flags are passed to the plugin as they appear in \fI@sysconfdir@/sudo.conf\fR.
The syntax used by \fBsudo\fR and the \fIsudoers\fR plugin is
\&\fIsubsystem\fR@\fIpriority\fR but the plugin is free to use a different
format so long as it does not include a command \f(CW\*(C`,\*(C'\fR.
format so long as it does not include a comma (\f(CW\*(C`,\*(C'\fR).
.Sp
For reference, the priorities supported by the \fBsudo\fR front end and
\&\fIsudoers\fR are: \fIcrit\fR, \fIerr\fR, \fIwarn\fR, \fInotice\fR, \fIdiag\fR,
@ -320,30 +320,30 @@ This setting has been deprecated in favor of \fIdebug_flags\fR.
.IP "runas_user=string" 4
.IX Item "runas_user=string"
The user name or uid to to run the command as, if specified via the
\&\f(CW\*(C`\-u\*(C'\fR flag.
\&\fB\-u\fR flag.
.IP "runas_group=string" 4
.IX Item "runas_group=string"
The group name or gid to to run the command as, if specified via
the \f(CW\*(C`\-g\*(C'\fR flag.
the \fB\-g\fR flag.
.IP "prompt=string" 4
.IX Item "prompt=string"
The prompt to use when requesting a password, if specified via
the \f(CW\*(C`\-p\*(C'\fR flag.
the \fB\-p\fR flag.
.IP "set_home=bool" 4
.IX Item "set_home=bool"
Set to true if the user specified the \f(CW\*(C`\-H\*(C'\fR flag. If true, set the
Set to true if the user specified the \fB\-H\fR flag. If true, set the
\&\f(CW\*(C`HOME\*(C'\fR environment variable to the target user's home directory.
.IP "preserve_environment=bool" 4
.IX Item "preserve_environment=bool"
Set to true if the user specified the \f(CW\*(C`\-E\*(C'\fR flag, indicating that
Set to true if the user specified the \fB\-E\fR flag, indicating that
the user wishes to preserve the environment.
.IP "run_shell=bool" 4
.IX Item "run_shell=bool"
Set to true if the user specified the \f(CW\*(C`\-s\*(C'\fR flag, indicating that
Set to true if the user specified the \fB\-s\fR flag, indicating that
the user wishes to run a shell.
.IP "login_shell=bool" 4
.IX Item "login_shell=bool"
Set to true if the user specified the \f(CW\*(C`\-i\*(C'\fR flag, indicating that
Set to true if the user specified the \fB\-i\fR flag, indicating that
the user wishes to run a login shell.
.IP "implied_shell=bool" 4
.IX Item "implied_shell=bool"
@ -356,35 +356,35 @@ function, which will cause \fBsudo\fR to print a usage message and
exit.
.IP "preserve_groups=bool" 4
.IX Item "preserve_groups=bool"
Set to true if the user specified the \f(CW\*(C`\-P\*(C'\fR flag, indicating that
Set to true if the user specified the \fB\-P\fR flag, indicating that
the user wishes to preserve the group vector instead of setting it
based on the runas user.
.IP "ignore_ticket=bool" 4
.IX Item "ignore_ticket=bool"
Set to true if the user specified the \f(CW\*(C`\-k\*(C'\fR flag along with a
Set to true if the user specified the \fB\-k\fR flag along with a
command, indicating that the user wishes to ignore any cached
authentication credentials.
.IP "noninteractive=bool" 4
.IX Item "noninteractive=bool"
Set to true if the user specified the \f(CW\*(C`\-n\*(C'\fR flag, indicating that
Set to true if the user specified the \fB\-n\fR flag, indicating that
\&\fBsudo\fR should operate in non-interactive mode. The plugin may
reject a command run in non-interactive mode if user interaction
is required.
.IP "login_class=string" 4
.IX Item "login_class=string"
\&\s-1BSD\s0 login class to use when setting resource limits and nice value,
if specified by the \f(CW\*(C`\-c\*(C'\fR flag.
if specified by the \fB\-c\fR flag.
.IP "selinux_role=string" 4
.IX Item "selinux_role=string"
SELinux role to use when executing the command, if specified by
the \f(CW\*(C`\-r\*(C'\fR flag.
the \fB\-r\fR flag.
.IP "selinux_type=string" 4
.IX Item "selinux_type=string"
SELinux type to use when executing the command, if specified by
the \f(CW\*(C`\-t\*(C'\fR flag.
the \fB\-t\fR flag.
.IP "bsdauth_type=string" 4
.IX Item "bsdauth_type=string"
Authentication type, if specified by the \f(CW\*(C`\-a\*(C'\fR flag, to use on
Authentication type, if specified by the \fB\-a\fR flag, to use on
systems where \s-1BSD\s0 authentication is supported.
.IP "network_addrs=list" 4
.IX Item "network_addrs=list"
@ -398,14 +398,14 @@ it is an IPv6 address, else it is IPv4.
The command name that sudo was run as, typically \*(L"sudo\*(R" or \*(L"sudoedit\*(R".
.IP "sudoedit=bool" 4
.IX Item "sudoedit=bool"
Set to true when the \f(CW\*(C`\-e\*(C'\fR flag is is specified or if invoked as
Set to true when the \fB\-e\fR flag is is specified or if invoked as
\&\fBsudoedit\fR. The plugin shall substitute an editor into \fIargv\fR
in the \fIcheck_policy\fR function or return \f(CW\*(C`\-2\*(C'\fR with a usage error
if the plugin does not support \fIsudoedit\fR. For more information,
see the \fIcheck_policy\fR section.
.IP "closefrom=number" 4
.IX Item "closefrom=number"
If specified, the user has requested via the \f(CW\*(C`\-C\*(C'\fR flag that \fBsudo\fR
If specified, the user has requested via the \fB\-C\fR flag that \fBsudo\fR
close all files descriptors with a value of \fInumber\fR or higher.
The plugin may optionally pass this, or another value, back in the
\&\fIcommand_info\fR list.
@ -545,7 +545,7 @@ function. If the command was successfully executed, the value of
.Ve
.Sp
The \f(CW\*(C`show_version\*(C'\fR function is called by \fBsudo\fR when the user specifies
the \f(CW\*(C`\-V\*(C'\fR option. The plugin may display its version information
the \fB\-V\fR option. The plugin may display its version information
to the user via the conversation or plugin_printf function using
\&\f(CW\*(C`SUDO_CONV_INFO_MSG\*(C'\fR. If the user requests detailed version
information, the verbose flag will be set.
@ -799,7 +799,7 @@ displayed along with any command line arguments.
.Ve
.Sp
The \f(CW\*(C`validate\*(C'\fR function is called when \fBsudo\fR is run with the
\&\f(CW\*(C`\-v\*(C'\fR flag. For policy plugins such as \fIsudoers\fR that cache
\&\fB\-v\fR flag. For policy plugins such as \fIsudoers\fR that cache
authentication credentials, this function will validate and cache
the credentials.
.Sp
@ -817,7 +817,7 @@ error information to the user.
.Ve
.Sp
The \f(CW\*(C`invalidate\*(C'\fR function is called when \fBsudo\fR is called with
the \f(CW\*(C`\-k\*(C'\fR or \f(CW\*(C`\-K\*(C'\fR flag. For policy plugins such as \fIsudoers\fR that
the \fB\-k\fR or \fB\-K\fR flag. For policy plugins such as \fIsudoers\fR that
cache authentication credentials, this function will invalidate the
credentials. If the \fIremove\fR flag is set, the plugin may remove
the credentials instead of simply invalidating them.
@ -1110,7 +1110,7 @@ successfully executed, the value of \f(CW\*(C`error\*(C'\fR is 0.
.Ve
.Sp
The \f(CW\*(C`show_version\*(C'\fR function is called by \fBsudo\fR when the user specifies
the \f(CW\*(C`\-V\*(C'\fR option. The plugin may display its version information
the \fB\-V\fR option. The plugin may display its version information
to the user via the conversation or plugin_printf function using
\&\f(CW\*(C`SUDO_CONV_INFO_MSG\*(C'\fR. If the user requests detailed version
information, the verbose flag will be set.
@ -1467,7 +1467,7 @@ function if no user reply is needed and supports standard \fIprintf()\fR
escape sequences.
.PP
Unlike, \f(CW\*(C`SUDO_CONV_INFO_MSG\*(C'\fR and \f(CW\*(C`SUDO_CONV_ERROR_MSG\*(C'\fR, messages
sent with the <\s-1SUDO_CONV_DEBUG_MSG\s0> \fImsg_type\fR are not directly
sent with the \f(CW\*(C`SUDO_CONV_DEBUG_MSG\*(C'\fR \fImsg_type\fR are not directly
user-visible. Instead, they are logged to the file specified in
the \f(CW\*(C`Debug\*(C'\fR statement (if any) in the \fI@sysconfdir@/sudo.conf\fR
file. This allows a plugin to log debugging information and is

74
doc/sudo_plugin.pod
View File

@ -39,8 +39,8 @@ The plugin API is defined by the C<sudo_plugin.h> header file.
=head2 The sudo.conf File
The F<@sysconfdir@/sudo.conf> file contains plugin configuration directives.
Currently, the only supported keyword is the C<Plugin> directive,
which causes a plugin plugin to be loaded.
The primary keyword is the C<Plugin> directive, which causes a plugin
to be loaded.
A C<Plugin> line consists of the C<Plugin> keyword, followed by the
I<symbol_name> and the I<path> to the shared object containing the
@ -86,7 +86,7 @@ be specified in F<@sysconfdir@/sudo.conf> along with a path to the plugin
so that B<sudo> can load it.
struct policy_plugin {
#define SUDO_POLICY_PLUGIN 1
#define SUDO_POLICY_PLUGIN 1
unsigned int type; /* always SUDO_POLICY_PLUGIN */
unsigned int version; /* always SUDO_API_VERSION */
int (*open)(unsigned int version, sudo_conv_t conversation,
@ -104,9 +104,9 @@ so that B<sudo> can load it.
void (*invalidate)(int remove);
int (*init_session)(struct passwd *pwd, char **user_env[]);
void (*register_hooks)(int version,
int (*register_hook)(struct sudo_hook *hook));
int (*register_hook)(struct sudo_hook *hook));
void (*deregister_hooks)(int version,
int (*deregister_hook)(struct sudo_hook *hook));
int (*deregister_hook)(struct sudo_hook *hook));
};
The policy_plugin struct has the following fields:
@ -181,7 +181,7 @@ C<Debug> entry in F<@sysconfdir@/sudo.conf>, if there is one. The
flags are passed to the plugin as they appear in F<@sysconfdir@/sudo.conf>.
The syntax used by B<sudo> and the I<sudoers> plugin is
I<subsystem>@I<priority> but the plugin is free to use a different
format so long as it does not include a command C<,>.
format so long as it does not include a comma (C<,>).
For reference, the priorities supported by the B<sudo> front end and
I<sudoers> are: I<crit>, I<err>, I<warn>, I<notice>, I<diag>,
@ -203,36 +203,36 @@ This setting has been deprecated in favor of I<debug_flags>.
=item runas_user=string
The user name or uid to to run the command as, if specified via the
C<-u> flag.
B<-u> flag.
=item runas_group=string
The group name or gid to to run the command as, if specified via
the C<-g> flag.
the B<-g> flag.
=item prompt=string
The prompt to use when requesting a password, if specified via
the C<-p> flag.
the B<-p> flag.
=item set_home=bool
Set to true if the user specified the C<-H> flag. If true, set the
Set to true if the user specified the B<-H> flag. If true, set the
C<HOME> environment variable to the target user's home directory.
=item preserve_environment=bool
Set to true if the user specified the C<-E> flag, indicating that
Set to true if the user specified the B<-E> flag, indicating that
the user wishes to preserve the environment.
=item run_shell=bool
Set to true if the user specified the C<-s> flag, indicating that
Set to true if the user specified the B<-s> flag, indicating that
the user wishes to run a shell.
=item login_shell=bool
Set to true if the user specified the C<-i> flag, indicating that
Set to true if the user specified the B<-i> flag, indicating that
the user wishes to run a login shell.
=item implied_shell=bool
@ -247,19 +247,19 @@ exit.
=item preserve_groups=bool
Set to true if the user specified the C<-P> flag, indicating that
Set to true if the user specified the B<-P> flag, indicating that
the user wishes to preserve the group vector instead of setting it
based on the runas user.
=item ignore_ticket=bool
Set to true if the user specified the C<-k> flag along with a
Set to true if the user specified the B<-k> flag along with a
command, indicating that the user wishes to ignore any cached
authentication credentials.
=item noninteractive=bool
Set to true if the user specified the C<-n> flag, indicating that
Set to true if the user specified the B<-n> flag, indicating that
B<sudo> should operate in non-interactive mode. The plugin may
reject a command run in non-interactive mode if user interaction
is required.
@ -267,21 +267,21 @@ is required.
=item login_class=string
BSD login class to use when setting resource limits and nice value,
if specified by the C<-c> flag.
if specified by the B<-c> flag.
=item selinux_role=string
SELinux role to use when executing the command, if specified by
the C<-r> flag.
the B<-r> flag.
=item selinux_type=string
SELinux type to use when executing the command, if specified by
the C<-t> flag.
the B<-t> flag.
=item bsdauth_type=string
Authentication type, if specified by the C<-a> flag, to use on
Authentication type, if specified by the B<-a> flag, to use on
systems where BSD authentication is supported.
=item network_addrs=list
@ -298,7 +298,7 @@ The command name that sudo was run as, typically "sudo" or "sudoedit".
=item sudoedit=bool
Set to true when the C<-e> flag is is specified or if invoked as
Set to true when the B<-e> flag is is specified or if invoked as
B<sudoedit>. The plugin shall substitute an editor into I<argv>
in the I<check_policy> function or return C<-2> with a usage error
if the plugin does not support I<sudoedit>. For more information,
@ -306,7 +306,7 @@ see the I<check_policy> section.
=item closefrom=number
If specified, the user has requested via the C<-C> flag that B<sudo>
If specified, the user has requested via the B<-C> flag that B<sudo>
close all files descriptors with a value of I<number> or higher.
The plugin may optionally pass this, or another value, back in the
I<command_info> list.
@ -463,7 +463,7 @@ C<error> is 0.
int (*show_version)(int verbose);
The C<show_version> function is called by B<sudo> when the user specifies
the C<-V> option. The plugin may display its version information
the B<-V> option. The plugin may display its version information
to the user via the conversation or plugin_printf function using
C<SUDO_CONV_INFO_MSG>. If the user requests detailed version
information, the verbose flag will be set.
@ -752,7 +752,7 @@ displayed along with any command line arguments.
int (*validate)(void);
The C<validate> function is called when B<sudo> is run with the
C<-v> flag. For policy plugins such as I<sudoers> that cache
B<-v> flag. For policy plugins such as I<sudoers> that cache
authentication credentials, this function will validate and cache
the credentials.
@ -769,7 +769,7 @@ error information to the user.
void (*invalidate)(int remove);
The C<invalidate> function is called when B<sudo> is called with
the C<-k> or C<-K> flag. For policy plugins such as I<sudoers> that
the B<-k> or B<-K> flag. For policy plugins such as I<sudoers> that
cache authentication credentials, this function will invalidate the
credentials. If the I<remove> flag is set, the plugin may remove
the credentials instead of simply invalidating them.
@ -867,7 +867,7 @@ version 1.2 or higher, C<deregister_hooks> will not be called.
#define SUDO_API_VERSION_MINOR 2
#define SUDO_API_MKVERSION(x, y) ((x << 16) | y)
#define SUDO_API_VERSION SUDO_API_MKVERSION(SUDO_API_VERSION_MAJOR,\
SUDO_API_VERSION_MINOR)
SUDO_API_VERSION_MINOR)
/* Getters and setters for API version */
#define SUDO_API_VERSION_GET_MAJOR(v) ((v) >> 16)
@ -882,7 +882,7 @@ version 1.2 or higher, C<deregister_hooks> will not be called.
=head2 I/O Plugin API
struct io_plugin {
#define SUDO_IO_PLUGIN 2
#define SUDO_IO_PLUGIN 2
unsigned int type; /* always SUDO_IO_PLUGIN */
unsigned int version; /* always SUDO_API_VERSION */
int (*open)(unsigned int version, sudo_conv_t conversation
@ -897,9 +897,9 @@ version 1.2 or higher, C<deregister_hooks> will not be called.
int (*log_stdout)(const char *buf, unsigned int len);
int (*log_stderr)(const char *buf, unsigned int len);
void (*register_hooks)(int version,
int (*register_hook)(struct sudo_hook *hook));
int (*register_hook)(struct sudo_hook *hook));
void (*deregister_hooks)(int version,
int (*deregister_hook)(struct sudo_hook *hook));
int (*deregister_hook)(struct sudo_hook *hook));
};
When an I/O plugin is loaded, B<sudo> runs the command in a pseudo-tty.
@ -1069,7 +1069,7 @@ successfully executed, the value of C<error> is 0.
int (*show_version)(int verbose);
The C<show_version> function is called by B<sudo> when the user specifies
the C<-V> option. The plugin may display its version information
the B<-V> option. The plugin may display its version information
to the user via the conversation or plugin_printf function using
C<SUDO_CONV_INFO_MSG>. If the user requests detailed version
information, the verbose flag will be set.
@ -1365,7 +1365,7 @@ nested calls. E.g.
#define SUDO_HOOK_VERSION_MINOR 0
#define SUDO_HOOK_MKVERSION(x, y) ((x << 16) | y)
#define SUDO_HOOK_VERSION SUDO_HOOK_MKVERSION(SUDO_HOOK_VERSION_MAJOR,\
SUDO_HOOK_VERSION_MINOR)
SUDO_HOOK_VERSION_MINOR)
/* Getters and setters for hook API version */
#define SUDO_HOOK_VERSION_GET_MAJOR(v) ((v) >> 16)
@ -1392,10 +1392,10 @@ convenient for simple messages where no use input is required.
struct sudo_conv_message {
#define SUDO_CONV_PROMPT_ECHO_OFF 0x0001 /* do not echo user input */
#define SUDO_CONV_PROMPT_ECHO_ON 0x0002 /* echo user input */
#define SUDO_CONV_ERROR_MSG 0x0003 /* error message */
#define SUDO_CONV_INFO_MSG 0x0004 /* informational message */
#define SUDO_CONV_PROMPT_MASK 0x0005 /* mask user input */
#define SUDO_CONV_DEBUG_MSG 0x0006 /* debugging message */
#define SUDO_CONV_ERROR_MSG 0x0003 /* error message */
#define SUDO_CONV_INFO_MSG 0x0004 /* informational message */
#define SUDO_CONV_PROMPT_MASK 0x0005 /* mask user input */
#define SUDO_CONV_DEBUG_MSG 0x0006 /* debugging message */
#define SUDO_CONV_PROMPT_ECHO_OK 0x1000 /* flag: allow echo if no tty */
int msg_type;
int timeout;
@ -1407,7 +1407,7 @@ convenient for simple messages where no use input is required.
};
typedef int (*sudo_conv_t)(int num_msgs,
const struct sudo_conv_message msgs[],
const struct sudo_conv_message msgs[],
struct sudo_conv_reply replies[]);
typedef int (*sudo_printf_t)(int msg_type, const char *fmt, ...);
@ -1430,7 +1430,7 @@ function if no user reply is needed and supports standard printf()
escape sequences.
Unlike, C<SUDO_CONV_INFO_MSG> and C<SUDO_CONV_ERROR_MSG>, messages
sent with the <SUDO_CONV_DEBUG_MSG> I<msg_type> are not directly
sent with the C<SUDO_CONV_DEBUG_MSG> I<msg_type> are not directly
user-visible. Instead, they are logged to the file specified in
the C<Debug> statement (if any) in the F<@sysconfdir@/sudo.conf>
file. This allows a plugin to log debugging information and is

75
doc/sudoers.cat
View File

@ -43,10 +43,11 @@ DDEESSCCRRIIPPTTIIOONN
_s_u_d_o_e_r_s uses time stamp files for credential caching. Once a user has
been authenticated, a time stamp is updated and the user may then use
sudo without a password for a short period of time (5 minutes unless
overridden by the _t_i_m_e_o_u_t option. By default, _s_u_d_o_e_r_s uses a tty-based
time stamp which means that there is a separate time stamp for each of
a user's login sessions. The _t_t_y___t_i_c_k_e_t_s option can be disabled to
force the use of a single time stamp for all of a user's sessions.
overridden by the _t_i_m_e_o_u_t option). By default, _s_u_d_o_e_r_s uses a tty-
based time stamp which means that there is a separate time stamp for
each of a user's login sessions. The _t_t_y___t_i_c_k_e_t_s option can be
disabled to force the use of a single time stamp for all of a user's
sessions.
_s_u_d_o_e_r_s can log both successful and unsuccessful attempts (as well as
errors) to _s_y_s_l_o_g(3), a log file, or both. By default, _s_u_d_o_e_r_s will
@ -440,11 +441,11 @@ SSUUDDOOEERRSS FFIILLEE FFOORRMMAATT
however, will supercede the values in _s_u_d_o_e_r_s.
TTaagg__SSppeecc
A command may have zero or more tags associated with it. There are
eight possible tag values, NOPASSWD, PASSWD, NOEXEC, EXEC, SETENV,
NOSETENV, LOG_INPUT, NOLOG_INPUT, LOG_OUTPUT and NOLOG_OUTPUT. Once a
tag is set on a Cmnd, subsequent Cmnds in the Cmnd_Spec_List, inherit
the tag unless it is overridden by the opposite tag (i.e.: PASSWD
A command may have zero or more tags associated with it. There are ten
possible tag values, NOPASSWD, PASSWD, NOEXEC, EXEC, SETENV, NOSETENV,
LOG_INPUT, NOLOG_INPUT, LOG_OUTPUT and NOLOG_OUTPUT. Once a tag is set
on a Cmnd, subsequent Cmnds in the Cmnd_Spec_List, inherit the tag
unless it is overridden by the opposite tag (in other words, PASSWD
overrides NOPASSWD and NOEXEC overrides EXEC).
_N_O_P_A_S_S_W_D _a_n_d _P_A_S_S_W_D
@ -527,7 +528,7 @@ SSUUDDOOEERRSS FFIILLEE FFOORRMMAATT
[!...] Matches any character nnoott in the specified range.
\x For any character "x", evaluates to "x". This is used to
escape special characters such as: "*", "?", "[", and "}".
escape special characters such as: "*", "?", "[", and "]".
POSIX character classes may also be used if your system's _g_l_o_b(3) and
_f_n_m_a_t_c_h(3) functions support them. However, because the ':' character
@ -573,7 +574,7 @@ SSUUDDOOEERRSS FFIILLEE FFOORRMMAATT
file loops.
If the path to the include file is not fully-qualified (does not begin
with a _/), it must be located in the same directory as the sudoers file
with a /), it must be located in the same directory as the sudoers file
it was included from. For example, if _/_e_t_c_/_s_u_d_o_e_r_s contains the line:
#include sudoers.local
@ -581,7 +582,8 @@ SSUUDDOOEERRSS FFIILLEE FFOORRMMAATT
the file that will be included is _/_e_t_c_/_s_u_d_o_e_r_s_._l_o_c_a_l.
The file name may also include the %h escape, signifying the short form
of the host name. I.e., if the machine's host name is "xerxes", then
of the host name. In other words, if the machine's host name is
"xerxes", then
#include /etc/sudoers.%h
@ -604,7 +606,7 @@ SSUUDDOOEERRSS FFIILLEE FFOORRMMAATT
Note that unlike files included via #include, vviissuuddoo will not edit the
files in a #includedir directory unless one of them contains a syntax
error. It is still possible to run vviissuuddoo with the -f flag to edit the
error. It is still possible to run vviissuuddoo with the --ff flag to edit the
files directly.
OOtthheerr ssppeecciiaall cchhaarraacctteerrss aanndd rreesseerrvveedd wwoorrddss
@ -690,7 +692,7 @@ SSUUDDOOEERRSS OOPPTTIIOONNSS
followed by any variables present in the file specified
by the _e_n_v___f_i_l_e option (if any). The default contents
of the env_keep and env_check lists are displayed when
ssuuddoo is run by root with the _-_V option. If the
ssuuddoo is run by root with the --VV option. If the
_s_e_c_u_r_e___p_a_t_h option is set, its value will be used for
the PATH environment variable. This flag is _o_n by
default.
@ -714,22 +716,22 @@ SSUUDDOOEERRSS OOPPTTIIOONNSS
flag is _o_f_f by default.
fqdn Set this flag if you want to put fully qualified host
names in the _s_u_d_o_e_r_s file. I.e., instead of myhost you
would use myhost.mydomain.edu. You may still use the
short form if you wish (and even mix the two). Beware
that turning on _f_q_d_n requires ssuuddoo to make DNS lookups
which may make ssuuddoo unusable if DNS stops working (for
example if the machine is not plugged into the
network). Also note that you must use the host's
official name as DNS knows it. That is, you may not
use a host alias (CNAME entry) due to performance
issues and the fact that there is no way to get all
aliases from DNS. If your machine's host name (as
returned by the hostname command) is already fully
names in the _s_u_d_o_e_r_s file. In other words, instead of
myhost you would use myhost.mydomain.edu. You may
still use the short form if you wish (and even mix the
two). Beware that turning on _f_q_d_n requires ssuuddoo to
make DNS lookups which may make ssuuddoo unusable if DNS
stops working (for example if the machine is not
plugged into the network). Also note that you must use
the host's official name as DNS knows it. That is, you
may not use a host alias (CNAME entry) due to
performance issues and the fact that there is no way to
get all aliases from DNS. If your machine's host name
(as returned by the hostname command) is already fully
qualified you shouldn't need to set _f_q_d_n. This flag is
_o_f_f by default.
ignore_dot If set, ssuuddoo will ignore '.' or '' (current dir) in the
ignore_dot If set, ssuuddoo will ignore "." or "" (current dir) in the
PATH environment variable; the PATH itself is not
modified. This flag is _o_f_f by default.
@ -761,7 +763,7 @@ SSUUDDOOEERRSS OOPPTTIIOONNSS
Input is logged to the directory specified by the
_i_o_l_o_g___d_i_r option (_/_v_a_r_/_l_o_g_/_s_u_d_o_-_i_o by default) using a
unique session ID that is included in the normal ssuuddoo
log line, prefixed with _T_S_I_D_=. The _i_o_l_o_g___f_i_l_e option
log line, prefixed with "TSID=". The _i_o_l_o_g___f_i_l_e option
may be used to control the format of the session ID.
Note that user input may contain sensitive information
@ -781,7 +783,7 @@ SSUUDDOOEERRSS OOPPTTIIOONNSS
Output is logged to the directory specified by the
_i_o_l_o_g___d_i_r option (_/_v_a_r_/_l_o_g_/_s_u_d_o_-_i_o by default) using a
unique session ID that is included in the normal ssuuddoo
log line, prefixed with _T_S_I_D_=. The _i_o_l_o_g___f_i_l_e option
log line, prefixed with "TSID=". The _i_o_l_o_g___f_i_l_e option
may be used to control the format of the session ID.
Output logs may be viewed with the _s_u_d_o_r_e_p_l_a_y(1m)
@ -987,8 +989,9 @@ SSUUDDOOEERRSS OOPPTTIIOONNSS
on the terminal. If the _v_i_s_i_b_l_e_p_w flag is set, ssuuddoo
will prompt for a password even when it would be
visible on the screen. This makes it possible to run
things like "rsh somehost sudo ls" since _r_s_h(1) does
not allocate a tty. This flag is _o_f_f by default.
things like "ssh somehost sudo ls" since by default,
_s_s_h(1) does not allocate a tty when running a command.
This flag is _o_f_f by default.
IInntteeggeerrss:
@ -1326,7 +1329,7 @@ SSUUDDOOEERRSS OOPPTTIIOONNSS
env_check will be preserved in the environment if they
pass the aforementioned check. The default list of
environment variables to check is displayed when ssuuddoo
is run by root with the _-_V option.
is run by root with the --VV option.
env_delete Environment variables to be removed from the user's
environment when the _e_n_v___r_e_s_e_t option is not in effect.
@ -1335,7 +1338,7 @@ SSUUDDOOEERRSS OOPPTTIIOONNSS
can be replaced, added to, deleted from, or disabled by
using the =, +=, -=, and ! operators respectively. The
default list of environment variables to remove is
displayed when ssuuddoo is run by root with the _-_V option.
displayed when ssuuddoo is run by root with the --VV option.
Note that many operating systems will remove
potentially dangerous variables from the environment of
any setuid process (such as ssuuddoo).
@ -1349,7 +1352,7 @@ SSUUDDOOEERRSS OOPPTTIIOONNSS
added to, deleted from, or disabled by using the =, +=,
-=, and ! operators respectively. The default list of
variables to keep is displayed when ssuuddoo is run by root
with the _-_V option.
with the --VV option.
SSUUDDOO..CCOONNFF
The _/_e_t_c_/_s_u_d_o_._c_o_n_f file determines which plugins the ssuuddoo front end
@ -1682,7 +1685,7 @@ SSEECCUURRIITTYY NNOOTTEESS
For example, given the following _s_u_d_o_e_r_s entry:
john ALL = /usr/bin/passwd [a-zA-Z0-9]*, /usr/bin/chsh [a-zA-Z0-9]*,
john ALL = /usr/bin/passwd [a-zA-Z0-9]*, /usr/bin/chsh [a-zA-Z0-9]*,\
/usr/bin/chfn [a-zA-Z0-9]*, !/usr/bin/* root
User jjoohhnn can still run /usr/bin/passwd root if _f_a_s_t___g_l_o_b is enabled by
@ -1817,4 +1820,4 @@ DDIISSCCLLAAIIMMEERR
1.8.6 July 10, 2012 SUDOERS(4)
1.8.6 July 18, 2012 SUDOERS(4)

5
doc/sudoers.ldap.cat
View File

@ -519,7 +519,8 @@ DDEESSCCRRIIPPTTIIOONN
sudoers: files
Note that _/_e_t_c_/_n_s_s_w_i_t_c_h_._c_o_n_f is supported even when the underlying
operating system does not use an nsswitch.conf file.
operating system does not use an nsswitch.conf file, except on AIX (see
below).
CCoonnffiigguurriinngg nneettssvvcc..ccoonnff
On AIX systems, the _/_e_t_c_/_n_e_t_s_v_c_._c_o_n_f file is consulted instead of
@ -770,4 +771,4 @@ DDIISSCCLLAAIIMMEERR
1.8.6 June 29, 2012 SUDOERS.LDAP(4)
1.8.6 July 17, 2012 SUDOERS.LDAP(4)

4
doc/sudoers.ldap.man.in
View File

@ -140,7 +140,7 @@
.\" ========================================================================
.\"
.IX Title "SUDOERS.LDAP @mansectform@"
.TH SUDOERS.LDAP @mansectform@ "June 29, 2012" "1.8.6" "MAINTENANCE COMMANDS"
.TH SUDOERS.LDAP @mansectform@ "July 17, 2012" "1.8.6" "MAINTENANCE COMMANDS"
.\" For nroff, turn off justification. Always turn off hyphenation; it makes
.\" way too many mistakes in technical documents.
.if n .ad l
@ -676,7 +676,7 @@ sudoers line, the following default is assumed:
.Ve
.PP
Note that \fI@nsswitch_conf@\fR is supported even when the underlying
operating system does not use an nsswitch.conf file.
operating system does not use an nsswitch.conf file, except on \s-1AIX\s0 (see below).
.SS "Configuring netsvc.conf"
.IX Subsection "Configuring netsvc.conf"
On \s-1AIX\s0 systems, the \fI@netsvc_conf@\fR file is consulted instead of

2
doc/sudoers.ldap.pod
View File

@ -601,7 +601,7 @@ sudoers line, the following default is assumed:
sudoers: files
Note that F<@nsswitch_conf@> is supported even when the underlying
operating system does not use an nsswitch.conf file.
operating system does not use an nsswitch.conf file, except on AIX (see below).
=head2 Configuring netsvc.conf

39
doc/sudoers.man.in
View File

@ -148,7 +148,7 @@
.\" ========================================================================
.\"
.IX Title "SUDOERS @mansectform@"
.TH SUDOERS @mansectform@ "July 10, 2012" "1.8.6" "MAINTENANCE COMMANDS"
.TH SUDOERS @mansectform@ "July 18, 2012" "1.8.6" "MAINTENANCE COMMANDS"
.\" For nroff, turn off justification. Always turn off hyphenation; it makes
.\" way too many mistakes in technical documents.
.if n .ad l
@ -195,7 +195,7 @@ lookup is still done for root, not the user specified by \f(CW\*(C`SUDO_USER\*(C
\&\fIsudoers\fR uses time stamp files for credential caching. Once a
user has been authenticated, a time stamp is updated and the user
may then use sudo without a password for a short period of time
(\f(CW\*(C`@timeout@\*(C'\fR minutes unless overridden by the \fItimeout\fR option.
(\f(CW\*(C`@timeout@\*(C'\fR minutes unless overridden by the \fItimeout\fR option).
By default, \fIsudoers\fR uses a tty-based time stamp which means that
there is a separate time stamp for each of a user's login sessions.
The \fItty_tickets\fR option can be disabled to force the use of a
@ -650,11 +650,11 @@ however, will supercede the values in \fIsudoers\fR.
.SS "Tag_Spec"
.IX Subsection "Tag_Spec"
A command may have zero or more tags associated with it. There are
eight possible tag values, \f(CW\*(C`NOPASSWD\*(C'\fR, \f(CW\*(C`PASSWD\*(C'\fR, \f(CW\*(C`NOEXEC\*(C'\fR,
ten possible tag values, \f(CW\*(C`NOPASSWD\*(C'\fR, \f(CW\*(C`PASSWD\*(C'\fR, \f(CW\*(C`NOEXEC\*(C'\fR,
\&\f(CW\*(C`EXEC\*(C'\fR, \f(CW\*(C`SETENV\*(C'\fR, \f(CW\*(C`NOSETENV\*(C'\fR, \f(CW\*(C`LOG_INPUT\*(C'\fR, \f(CW\*(C`NOLOG_INPUT\*(C'\fR,
\&\f(CW\*(C`LOG_OUTPUT\*(C'\fR and \f(CW\*(C`NOLOG_OUTPUT\*(C'\fR. Once a tag is set on a \f(CW\*(C`Cmnd\*(C'\fR,
subsequent \f(CW\*(C`Cmnd\*(C'\fRs in the \f(CW\*(C`Cmnd_Spec_List\*(C'\fR, inherit the tag unless
it is overridden by the opposite tag (i.e.: \f(CW\*(C`PASSWD\*(C'\fR overrides
it is overridden by the opposite tag (in other words, \f(CW\*(C`PASSWD\*(C'\fR overrides
\&\f(CW\*(C`NOPASSWD\*(C'\fR and \f(CW\*(C`NOEXEC\*(C'\fR overrides \f(CW\*(C`EXEC\*(C'\fR).
.PP
\fI\s-1NOPASSWD\s0 and \s-1PASSWD\s0\fR
@ -760,7 +760,7 @@ Matches any character \fBnot\fR in the specified range.
.el .IP "\f(CW\*(C`\ex\*(C'\fR" 8
.IX Item "x"
For any character \*(L"x\*(R", evaluates to \*(L"x\*(R". This is used to
escape special characters such as: \*(L"*\*(R", \*(L"?\*(R", \*(L"[\*(R", and \*(L"}\*(R".
escape special characters such as: \*(L"*\*(R", \*(L"?\*(R", \*(L"[\*(R", and \*(L"]\*(R".
.PP
\&\s-1POSIX\s0 character classes may also be used if your system's \fIglob\fR\|(3)
and \fIfnmatch\fR\|(3) functions support them. However, because the
@ -817,7 +817,7 @@ themselves include other files. A hard limit of 128 nested include
files is enforced to prevent include file loops.
.PP
If the path to the include file is not fully-qualified (does not
begin with a \fI/\fR), it must be located in the same directory as the
begin with a \f(CW\*(C`/\*(C'\fR), it must be located in the same directory as the
sudoers file it was included from. For example, if \fI/etc/sudoers\fR
contains the line:
.Sp
@ -828,7 +828,7 @@ contains the line:
the file that will be included is \fI/etc/sudoers.local\fR.
.PP
The file name may also include the \f(CW%h\fR escape, signifying the short form
of the host name. I.e., if the machine's host name is \*(L"xerxes\*(R", then
of the host name. In other words, if the machine's host name is \*(L"xerxes\*(R", then
.PP
\&\f(CW\*(C`#include /etc/sudoers.%h\*(C'\fR
.PP
@ -854,7 +854,7 @@ problems.
Note that unlike files included via \f(CW\*(C`#include\*(C'\fR, \fBvisudo\fR will not
edit the files in a \f(CW\*(C`#includedir\*(C'\fR directory unless one of them
contains a syntax error. It is still possible to run \fBvisudo\fR
with the \f(CW\*(C`\-f\*(C'\fR flag to edit the files directly.
with the \fB\-f\fR flag to edit the files directly.
.SS "Other special characters and reserved words"
.IX Subsection "Other special characters and reserved words"
The pound sign ('#') is used to indicate a comment (unless it is
@ -939,7 +939,7 @@ variables in the caller's environment that match the \f(CW\*(C`env_keep\*(C'\fR
and \f(CW\*(C`env_check\*(C'\fR lists are then added, followed by any variables
present in the file specified by the \fIenv_file\fR option (if any).
The default contents of the \f(CW\*(C`env_keep\*(C'\fR and \f(CW\*(C`env_check\*(C'\fR lists are
displayed when \fBsudo\fR is run by root with the \fI\-V\fR option. If
displayed when \fBsudo\fR is run by root with the \fB\-V\fR option. If
the \fIsecure_path\fR option is set, its value will be used for the
\&\f(CW\*(C`PATH\*(C'\fR environment variable. This flag is \fI@env_reset@\fR by
default.
@ -962,7 +962,8 @@ This flag is \fIoff\fR by default.
.IP "fqdn" 16
.IX Item "fqdn"
Set this flag if you want to put fully qualified host names in the
\&\fIsudoers\fR file. I.e., instead of myhost you would use myhost.mydomain.edu.
\&\fIsudoers\fR file.
In other words, instead of myhost you would use myhost.mydomain.edu.
You may still use the short form if you wish (and even mix the two).
Beware that turning on \fIfqdn\fR requires \fBsudo\fR to make \s-1DNS\s0 lookups
which may make \fBsudo\fR unusable if \s-1DNS\s0 stops working (for example
@ -975,7 +976,7 @@ command) is already fully qualified you shouldn't need to set
\&\fIfqdn\fR. This flag is \fI@fqdn@\fR by default.
.IP "ignore_dot" 16
.IX Item "ignore_dot"
If set, \fBsudo\fR will ignore '.' or '' (current dir) in the \f(CW\*(C`PATH\*(C'\fR
If set, \fBsudo\fR will ignore \*(L".\*(R" or "" (current dir) in the \f(CW\*(C`PATH\*(C'\fR
environment variable; the \f(CW\*(C`PATH\*(C'\fR itself is not modified. This
flag is \fI@ignore_dot@\fR by default.
.IP "ignore_local_sudoers" 16
@ -1006,7 +1007,7 @@ input is also captured and stored in a separate log file.
.Sp
Input is logged to the directory specified by the \fIiolog_dir\fR
option (\fI@iolog_dir@\fR by default) using a unique session \s-1ID\s0 that
is included in the normal \fBsudo\fR log line, prefixed with \fITSID=\fR.
is included in the normal \fBsudo\fR log line, prefixed with "\f(CW\*(C`TSID=\*(C'\fR".
The \fIiolog_file\fR option may be used to control the format of the
session \s-1ID\s0.
.Sp
@ -1025,7 +1026,7 @@ log files.
.Sp
Output is logged to the directory specified by the \fIiolog_dir\fR
option (\fI@iolog_dir@\fR by default) using a unique session \s-1ID\s0 that
is included in the normal \fBsudo\fR log line, prefixed with \fITSID=\fR.
is included in the normal \fBsudo\fR log line, prefixed with "\f(CW\*(C`TSID=\*(C'\fR".
The \fIiolog_file\fR option may be used to control the format of the
session \s-1ID\s0.
.Sp
@ -1234,8 +1235,8 @@ By default, \fBsudo\fR will refuse to run if the user must enter a
password but it is not possible to disable echo on the terminal.
If the \fIvisiblepw\fR flag is set, \fBsudo\fR will prompt for a password
even when it would be visible on the screen. This makes it possible
to run things like \f(CW"rsh somehost sudo ls"\fR since \fIrsh\fR\|(1) does
not allocate a tty. This flag is \fIoff\fR by default.
to run things like \f(CW"ssh somehost sudo ls"\fR since by default, \fIssh\fR\|(1) does
not allocate a tty when running a command. This flag is \fIoff\fR by default.
.PP
\&\fBIntegers\fR:
.IP "closefrom" 16
@ -1619,7 +1620,7 @@ of whether the \f(CW\*(C`env_reset\*(C'\fR option is enabled or disabled, variab
specified by \f(CW\*(C`env_check\*(C'\fR will be preserved in the environment if
they pass the aforementioned check. The default list of environment
variables to check is displayed when \fBsudo\fR is run by root with
the \fI\-V\fR option.
the \fB\-V\fR option.
.IP "env_delete" 16
.IX Item "env_delete"
Environment variables to be removed from the user's environment
@ -1628,7 +1629,7 @@ be a double-quoted, space-separated list or a single value without
double-quotes. The list can be replaced, added to, deleted from,
or disabled by using the \f(CW\*(C`=\*(C'\fR, \f(CW\*(C`+=\*(C'\fR, \f(CW\*(C`\-=\*(C'\fR, and \f(CW\*(C`!\*(C'\fR operators
respectively. The default list of environment variables to remove
is displayed when \fBsudo\fR is run by root with the \fI\-V\fR option.
is displayed when \fBsudo\fR is run by root with the \fB\-V\fR option.
Note that many operating systems will remove potentially dangerous
variables from the environment of any setuid process (such as
\&\fBsudo\fR).
@ -1641,7 +1642,7 @@ The argument may be a double-quoted, space-separated list or a
single value without double-quotes. The list can be replaced, added
to, deleted from, or disabled by using the \f(CW\*(C`=\*(C'\fR, \f(CW\*(C`+=\*(C'\fR, \f(CW\*(C`\-=\*(C'\fR, and
\&\f(CW\*(C`!\*(C'\fR operators respectively. The default list of variables to keep
is displayed when \fBsudo\fR is run by root with the \fI\-V\fR option.
is displayed when \fBsudo\fR is run by root with the \fB\-V\fR option.
.SH "SUDO.CONF"
.IX Header "SUDO.CONF"
The \fI@sysconfdir@/sudo.conf\fR file determines which plugins the
@ -2054,7 +2055,7 @@ privileges.
For example, given the following \fIsudoers\fR entry:
.PP
.Vb 2
\& john ALL = /usr/bin/passwd [a\-zA\-Z0\-9]*, /usr/bin/chsh [a\-zA\-Z0\-9]*,
\& john ALL = /usr/bin/passwd [a\-zA\-Z0\-9]*, /usr/bin/chsh [a\-zA\-Z0\-9]*,\e
\& /usr/bin/chfn [a\-zA\-Z0\-9]*, !/usr/bin/* root
.Ve
.PP

57
doc/sudoers.pod
View File

@ -65,7 +65,7 @@ lookup is still done for root, not the user specified by C<SUDO_USER>.
I<sudoers> uses time stamp files for credential caching. Once a
user has been authenticated, a time stamp is updated and the user
may then use sudo without a password for a short period of time
(C<@timeout@> minutes unless overridden by the I<timeout> option.
(C<@timeout@> minutes unless overridden by the I<timeout> option).
By default, I<sudoers> uses a tty-based time stamp which means that
there is a separate time stamp for each of a user's login sessions.
The I<tty_tickets> option can be disabled to force the use of a
@ -380,7 +380,7 @@ Parameters may be B<flags>, B<integer> values, B<strings>, or B<lists>.
Flags are implicitly boolean and can be turned off via the '!'
operator. Some integer, string and list parameters may also be
used in a boolean context to disable them. Values may be enclosed
in double quotes (C<">) when they contain multiple words. Special
in double quotes (C<"">) when they contain multiple words. Special
characters may be escaped with a backslash (C<\>).
Lists have two additional assignment operators, C<+=> and C<-=>.
@ -458,7 +458,7 @@ but F</bin/kill> and F</usr/bin/lprm> as B<root>.
We can extend this to allow B<dgb> to run C</bin/ls> with either
the user or group set to B<operator>:
dgb boulder = (operator : operator) /bin/ls, (root) /bin/kill, \
dgb boulder = (operator : operator) /bin/ls, (root) /bin/kill,\
/usr/bin/lprm
Note that while the group portion of the C<Runas_Spec> permits the
@ -474,7 +474,7 @@ entry. The following would all be permitted by the sudoers entry above:
In the following example, user B<tcm> may run commands that access
a modem device file with the dialer group.
tcm boulder = (:dialer) /usr/bin/tip, /usr/bin/cu, \
tcm boulder = (:dialer) /usr/bin/tip, /usr/bin/cu,\
/usr/local/bin/minicom
Note that in this example only the group will be set, the command
@ -502,11 +502,11 @@ however, will supercede the values in I<sudoers>.
=head2 Tag_Spec
A command may have zero or more tags associated with it. There are
eight possible tag values, C<NOPASSWD>, C<PASSWD>, C<NOEXEC>,
ten possible tag values, C<NOPASSWD>, C<PASSWD>, C<NOEXEC>,
C<EXEC>, C<SETENV>, C<NOSETENV>, C<LOG_INPUT>, C<NOLOG_INPUT>,
C<LOG_OUTPUT> and C<NOLOG_OUTPUT>. Once a tag is set on a C<Cmnd>,
subsequent C<Cmnd>s in the C<Cmnd_Spec_List>, inherit the tag unless
it is overridden by the opposite tag (i.e.: C<PASSWD> overrides
it is overridden by the opposite tag (in other words, C<PASSWD> overrides
C<NOPASSWD> and C<NOEXEC> overrides C<EXEC>).
=head3 NOPASSWD and PASSWD
@ -604,7 +604,7 @@ Matches any character B<not> in the specified range.
=item C<\x>
For any character "x", evaluates to "x". This is used to
escape special characters such as: "*", "?", "[", and "}".
escape special characters such as: "*", "?", "[", and "]".
=back
@ -667,7 +667,7 @@ themselves include other files. A hard limit of 128 nested include
files is enforced to prevent include file loops.
If the path to the include file is not fully-qualified (does not
begin with a F</>), it must be located in the same directory as the
begin with a C</>), it must be located in the same directory as the
sudoers file it was included from. For example, if F</etc/sudoers>
contains the line:
@ -680,7 +680,7 @@ C<#include sudoers.local>
the file that will be included is F</etc/sudoers.local>.
The file name may also include the C<%h> escape, signifying the short form
of the host name. I.e., if the machine's host name is "xerxes", then
of the host name. In other words, if the machine's host name is "xerxes", then
C<#include /etc/sudoers.%h>
@ -706,7 +706,7 @@ problems.
Note that unlike files included via C<#include>, B<visudo> will not
edit the files in a C<#includedir> directory unless one of them
contains a syntax error. It is still possible to run B<visudo>
with the C<-f> flag to edit the files directly.
with the B<-f> flag to edit the files directly.
=head2 Other special characters and reserved words
@ -801,7 +801,7 @@ variables in the caller's environment that match the C<env_keep>
and C<env_check> lists are then added, followed by any variables
present in the file specified by the I<env_file> option (if any).
The default contents of the C<env_keep> and C<env_check> lists are
displayed when B<sudo> is run by root with the I<-V> option. If
displayed when B<sudo> is run by root with the B<-V> option. If
the I<secure_path> option is set, its value will be used for the
C<PATH> environment variable. This flag is I<@env_reset@> by
default.
@ -826,7 +826,8 @@ This flag is I<off> by default.
=item fqdn
Set this flag if you want to put fully qualified host names in the
I<sudoers> file. I.e., instead of myhost you would use myhost.mydomain.edu.
I<sudoers> file.
In other words, instead of myhost you would use myhost.mydomain.edu.
You may still use the short form if you wish (and even mix the two).
Beware that turning on I<fqdn> requires B<sudo> to make DNS lookups
which may make B<sudo> unusable if DNS stops working (for example
@ -840,7 +841,7 @@ I<fqdn>. This flag is I<@fqdn@> by default.
=item ignore_dot
If set, B<sudo> will ignore '.' or '' (current dir) in the C<PATH>
If set, B<sudo> will ignore "." or "" (current dir) in the C<PATH>
environment variable; the C<PATH> itself is not modified. This
flag is I<@ignore_dot@> by default.
@ -875,7 +876,7 @@ input is also captured and stored in a separate log file.
Input is logged to the directory specified by the I<iolog_dir>
option (F<@iolog_dir@> by default) using a unique session ID that
is included in the normal B<sudo> log line, prefixed with I<TSID=>.
is included in the normal B<sudo> log line, prefixed with "C<TSID=>".
The I<iolog_file> option may be used to control the format of the
session ID.
@ -895,7 +896,7 @@ log files.
Output is logged to the directory specified by the I<iolog_dir>
option (F<@iolog_dir@> by default) using a unique session ID that
is included in the normal B<sudo> log line, prefixed with I<TSID=>.
is included in the normal B<sudo> log line, prefixed with "C<TSID=>".
The I<iolog_file> option may be used to control the format of the
session ID.
@ -1131,8 +1132,8 @@ By default, B<sudo> will refuse to run if the user must enter a
password but it is not possible to disable echo on the terminal.
If the I<visiblepw> flag is set, B<sudo> will prompt for a password
even when it would be visible on the screen. This makes it possible
to run things like C<"rsh somehost sudo ls"> since L<rsh(1)> does
not allocate a tty. This flag is I<off> by default.
to run things like C<"ssh somehost sudo ls"> since by default, L<ssh(1)> does
not allocate a tty when running a command. This flag is I<off> by default.
=back
@ -1282,7 +1283,7 @@ of digits and letters, similar to the mktemp() function.
Subject of the mail sent to the I<mailto> user. The escape C<%h>
will expand to the host name of the machine.
Default is C<@mailsub@>.
Default is "C<@mailsub@>".
=item noexec_file
@ -1327,7 +1328,7 @@ two consecutive C<%> characters are collapsed into a single C<%> character
=back
The default value is C<@passprompt@>.
The default value is "C<@passprompt@>".
=item role
@ -1410,7 +1411,7 @@ path, either fully-qualified or relative to the F<@prefix@/libexec>
directory, followed by any configuration arguments the plugin
requires. These arguments (if any) will be passed to the plugin's
initialization function. If arguments are present, the string must
be enclosed in double quotes (C<">).
be enclosed in double quotes (C<"">).
For example, given F</etc/sudo-group>, a group file in Unix group
format, the sample group plugin can be used:
@ -1499,14 +1500,14 @@ Defaults to the path to sendmail found at configure time.
=item mailfrom
Address to use for the "from" address when sending warning and error
mail. The address should be enclosed in double quotes (C<">) to
mail. The address should be enclosed in double quotes (C<"">) to
protect against B<sudo> interpreting the C<@> sign. Defaults to
the name of the user running B<sudo>.
=item mailto
Address to send warning and error mail to. The address should
be enclosed in double quotes (C<">) to protect against B<sudo>
be enclosed in double quotes (C<"">) to protect against B<sudo>
interpreting the C<@> sign. Defaults to C<@mailto@>.
=item secure_path
@ -1577,7 +1578,7 @@ of whether the C<env_reset> option is enabled or disabled, variables
specified by C<env_check> will be preserved in the environment if
they pass the aforementioned check. The default list of environment
variables to check is displayed when B<sudo> is run by root with
the I<-V> option.
the B<-V> option.
=item env_delete
@ -1587,7 +1588,7 @@ be a double-quoted, space-separated list or a single value without
double-quotes. The list can be replaced, added to, deleted from,
or disabled by using the C<=>, C<+=>, C<-=>, and C<!> operators
respectively. The default list of environment variables to remove
is displayed when B<sudo> is run by root with the I<-V> option.
is displayed when B<sudo> is run by root with the B<-V> option.
Note that many operating systems will remove potentially dangerous
variables from the environment of any setuid process (such as
B<sudo>).
@ -1601,7 +1602,7 @@ The argument may be a double-quoted, space-separated list or a
single value without double-quotes. The list can be replaced, added
to, deleted from, or disabled by using the C<=>, C<+=>, C<-=>, and
C<!> operators respectively. The default list of variables to keep
is displayed when B<sudo> is run by root with the I<-V> option.
is displayed when B<sudo> is run by root with the B<-V> option.
=back
@ -1830,8 +1831,8 @@ variables to pass and then define our I<aliases>:
Cmnd_Alias SHUTDOWN = /usr/sbin/shutdown
Cmnd_Alias HALT = /usr/sbin/halt
Cmnd_Alias REBOOT = /usr/sbin/reboot
Cmnd_Alias SHELLS = /usr/bin/sh, /usr/bin/csh, /usr/bin/ksh, \
/usr/local/bin/tcsh, /usr/bin/rsh, \
Cmnd_Alias SHELLS = /usr/bin/sh, /usr/bin/csh, /usr/bin/ksh,\
/usr/local/bin/tcsh, /usr/bin/rsh,\
/usr/local/bin/zsh
Cmnd_Alias SU = /usr/bin/su
Cmnd_Alias PAGERS = /usr/bin/more, /usr/bin/pg, /usr/bin/less
@ -2009,7 +2010,7 @@ privileges.
For example, given the following I<sudoers> entry:
john ALL = /usr/bin/passwd [a-zA-Z0-9]*, /usr/bin/chsh [a-zA-Z0-9]*,
john ALL = /usr/bin/passwd [a-zA-Z0-9]*, /usr/bin/chsh [a-zA-Z0-9]*,\
/usr/bin/chfn [a-zA-Z0-9]*, !/usr/bin/* root
User B<john> can still run C</usr/bin/passwd root> if I<fast_glob> is

41
doc/sudoreplay.cat
View File

@ -6,8 +6,8 @@ NNAAMMEE
sudoreplay - replay sudo session logs
SSYYNNOOPPSSIISS
ssuuddoorreeppllaayy [--hh] [--dd _d_i_r_e_c_t_o_r_y] [--ff _f_i_l_t_e_r] [--mm _m_a_x___w_a_i_t] [--ss
_s_p_e_e_d___f_a_c_t_o_r] ID
ssuuddoorreeppllaayy [--hh] [--dd _d_i_r_e_c_t_o_r_y] [--ff _f_i_l_t_e_r] [--mm _m_a_x___w_a_i_t]
[--ss _s_p_e_e_d___f_a_c_t_o_r] ID
ssuuddoorreeppllaayy [--hh] [--dd _d_i_r_e_c_t_o_r_y] -l [search expression]
@ -61,13 +61,13 @@ OOPPTTIIOONNSS
the IDs that are displayed. An expression is composed of
the following predicates:
command _c_o_m_m_a_n_d _p_a_t_t_e_r_n
command _p_a_t_t_e_r_n
Evaluates to true if the command run matches
_c_o_m_m_a_n_d _p_a_t_t_e_r_n. On systems with POSIX regular
expression support, the pattern may be an extended
regular expression. On systems without POSIX
regular expression support, a simple substring
match is performed instead.
_p_a_t_t_e_r_n. On systems with POSIX regular expression
support, the pattern may be an extended regular
expression. On systems without POSIX regular
expression support, a simple substring match is
performed instead.
cwd _d_i_r_e_c_t_o_r_y
Evaluates to true if the command was run with the
@ -94,8 +94,9 @@ OOPPTTIIOONNSS
prior to _d_a_t_e. See "Date and time format" for a
description of supported date and time formats.
tty _t_t_y Evaluates to true if the command was run on the
specified terminal device. The _t_t_y should be
tty _t_t_y _n_a_m_e
Evaluates to true if the command was run on the
specified terminal device. The _t_t_y _n_a_m_e should be
specified without the _/_d_e_v_/ prefix, e.g. _t_t_y_0_1
instead of _/_d_e_v_/_t_t_y_0_1.
@ -114,20 +115,20 @@ OOPPTTIIOONNSS
_a_n_d unless separated by an _o_r.
-m _m_a_x___w_a_i_t Specify an upper bound on how long to wait between key
presses or output data. By default, ssuuddoo__rreeppllaayy will
presses or output data. By default, ssuuddoorreeppllaayy will
accurately reproduce the delays between key presses or
program output. However, this can be tedious when the
session includes long pauses. When the _-_m option is
specified, ssuuddoorreeppllaayy will limit these pauses to at most
_m_a_x___w_a_i_t seconds. The value may be specified as a floating
point number, .e.g. _2_._5.
point number, e.g. _2_._5.
-s _s_p_e_e_d___f_a_c_t_o_r
This option causes ssuuddoorreeppllaayy to adjust the number of
seconds it will wait between key presses or program output.
This can be used to slow down or speed up the display. For
example, a _s_p_e_e_d___f_a_c_t_o_r of _2 would make the output twice as
fast whereas a _s_p_e_e_d___f_a_c_t_o_r of <.5> would make the output
fast whereas a _s_p_e_e_d___f_a_c_t_o_r of _._5 would make the output
twice as slow.
-V The --VV (version) option causes ssuuddoorreeppllaayy to print its
@ -155,7 +156,7 @@ OOPPTTIIOONNSS
optional. If no date is specified, the current day is assumed; if no
time is specified, the first second of the specified date is used. The
less significant parts of both time and date may also be omitted, in
which case zero is assumed. For example, the following are all valid:
which case zero is assumed.
The following are all valid time and date specifications:
@ -223,24 +224,24 @@ FFIILLEESS
EEXXAAMMPPLLEESS
List sessions run by user _m_i_l_l_e_r_t:
sudoreplay -l user millert
# sudoreplay -l user millert
List sessions run by user _b_o_b with a command containing the string vi:
sudoreplay -l user bob command vi
# sudoreplay -l user bob command vi
List sessions run by user _j_e_f_f that match a regular expression:
sudoreplay -l user jeff command '/bin/[a-z]*sh'
# sudoreplay -l user jeff command '/bin/[a-z]*sh'
List sessions run by jeff or bob on the console:
sudoreplay -l ( user jeff or user bob ) tty console
# sudoreplay -l ( user jeff or user bob ) tty console
SSEEEE AALLSSOO
_s_u_d_o(1m), _s_c_r_i_p_t(1)
AAUUTTHHOORR
AAUUTTHHOORRSS
Todd C. Miller
BBUUGGSS
@ -261,4 +262,4 @@ DDIISSCCLLAAIIMMEERR
1.8.6 June 29, 2012 SUDOREPLAY(1m)
1.8.6 July 17, 2012 SUDOREPLAY(1m)

81
doc/sudoreplay.man.in
View File

@ -139,7 +139,7 @@
.\" ========================================================================
.\"
.IX Title "SUDOREPLAY @mansectsu@"
.TH SUDOREPLAY @mansectsu@ "June 29, 2012" "1.8.6" "MAINTENANCE COMMANDS"
.TH SUDOREPLAY @mansectsu@ "July 17, 2012" "1.8.6" "MAINTENANCE COMMANDS"
.\" For nroff, turn off justification. Always turn off hyphenation; it makes
.\" way too many mistakes in technical documents.
.if n .ad l
@ -148,9 +148,9 @@
sudoreplay \- replay sudo session logs
.SH "SYNOPSIS"
.IX Header "SYNOPSIS"
\&\fBsudoreplay\fR [\fB\-h\fR] [\fB\-d\fR \fIdirectory\fR] [\fB\-f\fR \fIfilter\fR] [\fB\-m\fR \fImax_wait\fR] [\fB\-s\fR \fIspeed_factor\fR] \s-1ID\s0
\&\fBsudoreplay\fR [\fB\-h\fR] [\fB\-d\fR\ \fIdirectory\fR] [\fB\-f\fR\ \fIfilter\fR] [\fB\-m\fR\ \fImax_wait\fR] [\fB\-s\fR\ \fIspeed_factor\fR] \s-1ID\s0
.PP
\&\fBsudoreplay\fR [\fB\-h\fR] [\fB\-d\fR \fIdirectory\fR] \-l [search expression]
\&\fBsudoreplay\fR [\fB\-h\fR] [\fB\-d\fR\ \fIdirectory\fR] \-l [search\ expression]
.SH "DESCRIPTION"
.IX Header "DESCRIPTION"
\&\fBsudoreplay\fR plays back or lists the output logs created by \fBsudo\fR.
@ -183,7 +183,7 @@ Double the playback speed.
.IP "\-d \fIdirectory\fR" 12
.IX Item "-d directory"
Use \fIdirectory\fR to for the session logs instead of the default,
\&\fI/var/log/sudo\-io\fR.
\&\fI@iolog_dir@\fR.
.IP "\-f \fIfilter\fR" 12
.IX Item "-f filter"
By default, \fBsudoreplay\fR will play back the command's standard
@ -203,9 +203,9 @@ by file name (or sequence number). If a \fIsearch expression\fR is
specified, it will be used to restrict the IDs that are displayed.
An expression is composed of the following predicates:
.RS 12
.IP "command \fIcommand pattern\fR" 8
.IX Item "command command pattern"
Evaluates to true if the command run matches \fIcommand pattern\fR.
.IP "command \fIpattern\fR" 8
.IX Item "command pattern"
Evaluates to true if the command run matches \fIpattern\fR.
On systems with \s-1POSIX\s0 regular expression support, the pattern may
be an extended regular expression. On systems without \s-1POSIX\s0 regular
expression support, a simple substring match is performed instead.
@ -232,10 +232,10 @@ Note that \fBsudo\fR runs commands as user \fIroot\fR by default.
Evaluates to true if the command was run on or prior to \fIdate\fR.
See \*(L"Date and time format\*(R" for a description of supported
date and time formats.
.IP "tty \fItty\fR" 8
.IX Item "tty tty"
.IP "tty \fItty name\fR" 8
.IX Item "tty tty name"
Evaluates to true if the command was run on the specified terminal
device. The \fItty\fR should be specified without the \fI/dev/\fR prefix,
device. The \fItty name\fR should be specified without the \fI/dev/\fR prefix,
e.g. \fItty01\fR instead of \fI/dev/tty01\fR.
.IP "user \fIuser name\fR" 8
.IX Item "user user name"
@ -255,19 +255,19 @@ by an \fIor\fR.
.IP "\-m \fImax_wait\fR" 12
.IX Item "-m max_wait"
Specify an upper bound on how long to wait between key presses or
output data. By default, \fBsudo_replay\fR will accurately reproduce
output data. By default, \fBsudoreplay\fR will accurately reproduce
the delays between key presses or program output. However, this
can be tedious when the session includes long pauses. When the
\&\fI\-m\fR option is specified, \fBsudoreplay\fR will limit these pauses
to at most \fImax_wait\fR seconds. The value may be specified as a
floating point number, .e.g. \fI2.5\fR.
floating point number, e.g. \fI2.5\fR.
.IP "\-s \fIspeed_factor\fR" 12
.IX Item "-s speed_factor"
This option causes \fBsudoreplay\fR to adjust the number of seconds
it will wait between key presses or program output. This can be
used to slow down or speed up the display. For example, a
\&\fIspeed_factor\fR of \fI2\fR would make the output twice as fast whereas
a \fIspeed_factor\fR of <.5> would make the output twice as slow.
a \fIspeed_factor\fR of \fI.5\fR would make the output twice as slow.
.IP "\-V" 12
.IX Item "-V"
The \fB\-V\fR (version) option causes \fBsudoreplay\fR to print its version number
@ -294,8 +294,7 @@ Either time or date may be omitted, the am/pm and timezone are
optional. If no date is specified, the current day is assumed; if
no time is specified, the first second of the specified date is
used. The less significant parts of both time and date may also
be omitted, in which case zero is assumed. For example, the following
are all valid:
be omitted, in which case zero is assumed.
.PP
The following are all valid time and date specifications:
.IP "now" 8
@ -336,29 +335,37 @@ The current time but 14 days ago.
10:01 am, September 17, 2009.
.SH "FILES"
.IX Header "FILES"
.IP "\fI/var/log/sudo\-io\fR" 24
.IX Item "/var/log/sudo-io"
.ie n .IP "\fI@iolog_dir@\fR" 24
.el .IP "\fI@iolog_dir@\fR" 24
.IX Item "@iolog_dir@"
The default I/O log directory.
.IP "\fI/var/log/sudo\-io/00/00/01/log\fR" 24
.IX Item "/var/log/sudo-io/00/00/01/log"
.ie n .IP "\fI@iolog_dir@/00/00/01/log\fR" 24
.el .IP "\fI@iolog_dir@/00/00/01/log\fR" 24
.IX Item "@iolog_dir@/00/00/01/log"
Example session log info.
.IP "\fI/var/log/sudo\-io/00/00/01/stdin\fR" 24
.IX Item "/var/log/sudo-io/00/00/01/stdin"
.ie n .IP "\fI@iolog_dir@/00/00/01/stdin\fR" 24
.el .IP "\fI@iolog_dir@/00/00/01/stdin\fR" 24
.IX Item "@iolog_dir@/00/00/01/stdin"
Example session standard input log.
.IP "\fI/var/log/sudo\-io/00/00/01/stdout\fR" 24
.IX Item "/var/log/sudo-io/00/00/01/stdout"
.ie n .IP "\fI@iolog_dir@/00/00/01/stdout\fR" 24
.el .IP "\fI@iolog_dir@/00/00/01/stdout\fR" 24
.IX Item "@iolog_dir@/00/00/01/stdout"
Example session standard output log.
.IP "\fI/var/log/sudo\-io/00/00/01/stderr\fR" 24
.IX Item "/var/log/sudo-io/00/00/01/stderr"
.ie n .IP "\fI@iolog_dir@/00/00/01/stderr\fR" 24
.el .IP "\fI@iolog_dir@/00/00/01/stderr\fR" 24
.IX Item "@iolog_dir@/00/00/01/stderr"
Example session standard error log.
.IP "\fI/var/log/sudo\-io/00/00/01/ttyin\fR" 24
.IX Item "/var/log/sudo-io/00/00/01/ttyin"
.ie n .IP "\fI@iolog_dir@/00/00/01/ttyin\fR" 24
.el .IP "\fI@iolog_dir@/00/00/01/ttyin\fR" 24
.IX Item "@iolog_dir@/00/00/01/ttyin"
Example session tty input file.
.IP "\fI/var/log/sudo\-io/00/00/01/ttyout\fR" 24
.IX Item "/var/log/sudo-io/00/00/01/ttyout"
.ie n .IP "\fI@iolog_dir@/00/00/01/ttyout\fR" 24
.el .IP "\fI@iolog_dir@/00/00/01/ttyout\fR" 24
.IX Item "@iolog_dir@/00/00/01/ttyout"
Example session tty output file.
.IP "\fI/var/log/sudo\-io/00/00/01/timing\fR" 24
.IX Item "/var/log/sudo-io/00/00/01/timing"
.ie n .IP "\fI@iolog_dir@/00/00/01/timing\fR" 24
.el .IP "\fI@iolog_dir@/00/00/01/timing\fR" 24
.IX Item "@iolog_dir@/00/00/01/timing"
Example session timing file.
.PP
Note that the \fIstdin\fR, \fIstdout\fR and \fIstderr\fR files will be empty
@ -369,31 +376,31 @@ command.
List sessions run by user \fImillert\fR:
.PP
.Vb 1
\& sudoreplay \-l user millert
\& # sudoreplay \-l user millert
.Ve
.PP
List sessions run by user \fIbob\fR with a command containing the string vi:
.PP
.Vb 1
\& sudoreplay \-l user bob command vi
\& # sudoreplay \-l user bob command vi
.Ve
.PP
List sessions run by user \fIjeff\fR that match a regular expression:
.PP
.Vb 1
\& sudoreplay \-l user jeff command \*(Aq/bin/[a\-z]*sh\*(Aq
\& # sudoreplay \-l user jeff command \*(Aq/bin/[a\-z]*sh\*(Aq
.Ve
.PP
List sessions run by jeff or bob on the console:
.PP
.Vb 1
\& sudoreplay \-l ( user jeff or user bob ) tty console
\& # sudoreplay \-l ( user jeff or user bob ) tty console
.Ve
.SH "SEE ALSO"
.IX Header "SEE ALSO"
\&\fIsudo\fR\|(@mansectsu@), \fIscript\fR\|(1)
.SH "AUTHOR"
.IX Header "AUTHOR"
.SH "AUTHORS"
.IX Header "AUTHORS"
Todd C. Miller
.SH "BUGS"
.IX Header "BUGS"

49
doc/sudoreplay.pod
View File

@ -21,9 +21,9 @@ sudoreplay - replay sudo session logs
=head1 SYNOPSIS
B<sudoreplay> [B<-h>] [B<-d> I<directory>] [B<-f> I<filter>] [B<-m> I<max_wait>] [B<-s> I<speed_factor>] ID
B<sudoreplay> [B<-h>] S<[B<-d> I<directory>]> S<[B<-f> I<filter>]> S<[B<-m> I<max_wait>]> S<[B<-s> I<speed_factor>]> ID
B<sudoreplay> [B<-h>] [B<-d> I<directory>] -l [search expression]
B<sudoreplay> [B<-h>] S<[B<-d> I<directory>]> -l S<[search expression]>
=head1 DESCRIPTION
@ -70,7 +70,7 @@ B<sudoreplay> accepts the following command line options:
=item -d I<directory>
Use I<directory> to for the session logs instead of the default,
F</var/log/sudo-io>.
F<@iolog_dir@>.
=item -f I<filter>
@ -95,9 +95,9 @@ An expression is composed of the following predicates:
=over 8
=item command I<command pattern>
=item command I<pattern>
Evaluates to true if the command run matches I<command pattern>.
Evaluates to true if the command run matches I<pattern>.
On systems with POSIX regular expression support, the pattern may
be an extended regular expression. On systems without POSIX regular
expression support, a simple substring match is performed instead.
@ -130,10 +130,10 @@ Evaluates to true if the command was run on or prior to I<date>.
See L<"Date and time format"> for a description of supported
date and time formats.
=item tty I<tty>
=item tty I<tty name>
Evaluates to true if the command was run on the specified terminal
device. The I<tty> should be specified without the F</dev/> prefix,
device. The I<tty name> should be specified without the F</dev/> prefix,
e.g. F<tty01> instead of F</dev/tty01>.
=item user I<user name>
@ -154,12 +154,12 @@ by an I<or>.
=item -m I<max_wait>
Specify an upper bound on how long to wait between key presses or
output data. By default, B<sudo_replay> will accurately reproduce
output data. By default, B<sudoreplay> will accurately reproduce
the delays between key presses or program output. However, this
can be tedious when the session includes long pauses. When the
I<-m> option is specified, B<sudoreplay> will limit these pauses
to at most I<max_wait> seconds. The value may be specified as a
floating point number, .e.g. I<2.5>.
floating point number, e.g. I<2.5>.
=item -s I<speed_factor>
@ -167,7 +167,7 @@ This option causes B<sudoreplay> to adjust the number of seconds
it will wait between key presses or program output. This can be
used to slow down or speed up the display. For example, a
I<speed_factor> of I<2> would make the output twice as fast whereas
a I<speed_factor> of <.5> would make the output twice as slow.
a I<speed_factor> of I<.5> would make the output twice as slow.
=item -V
@ -206,8 +206,7 @@ Either time or date may be omitted, the am/pm and timezone are
optional. If no date is specified, the current day is assumed; if
no time is specified, the first second of the specified date is
used. The less significant parts of both time and date may also
be omitted, in which case zero is assumed. For example, the following
are all valid:
be omitted, in which case zero is assumed.
The following are all valid time and date specifications:
@ -267,35 +266,35 @@ The current time but 14 days ago.
=over 24
=item F</var/log/sudo-io>
=item F<@iolog_dir@>
The default I/O log directory.
=item F</var/log/sudo-io/00/00/01/log>
=item F<@iolog_dir@/00/00/01/log>
Example session log info.
=item F</var/log/sudo-io/00/00/01/stdin>
=item F<@iolog_dir@/00/00/01/stdin>
Example session standard input log.
=item F</var/log/sudo-io/00/00/01/stdout>
=item F<@iolog_dir@/00/00/01/stdout>
Example session standard output log.
=item F</var/log/sudo-io/00/00/01/stderr>
=item F<@iolog_dir@/00/00/01/stderr>
Example session standard error log.
=item F</var/log/sudo-io/00/00/01/ttyin>
=item F<@iolog_dir@/00/00/01/ttyin>
Example session tty input file.
=item F</var/log/sudo-io/00/00/01/ttyout>
=item F<@iolog_dir@/00/00/01/ttyout>
Example session tty output file.
=item F</var/log/sudo-io/00/00/01/timing>
=item F<@iolog_dir@/00/00/01/timing>
Example session timing file.
@ -309,25 +308,25 @@ command.
List sessions run by user I<millert>:
sudoreplay -l user millert
# sudoreplay -l user millert
List sessions run by user I<bob> with a command containing the string vi:
sudoreplay -l user bob command vi
# sudoreplay -l user bob command vi
List sessions run by user I<jeff> that match a regular expression:
sudoreplay -l user jeff command '/bin/[a-z]*sh'
# sudoreplay -l user jeff command '/bin/[a-z]*sh'
List sessions run by jeff or bob on the console:
sudoreplay -l ( user jeff or user bob ) tty console
# sudoreplay -l ( user jeff or user bob ) tty console
=head1 SEE ALSO
L<sudo(8)>, L<script(1)>
=head1 AUTHOR
=head1 AUTHORS
Todd C. Miller

14
doc/visudo.cat
View File

@ -95,10 +95,10 @@ DDIIAAGGNNOOSSTTIICCSS
You didn't run vviissuuddoo as root.
Can't find you in the passwd database
Your userid does not appear in the system passwd file.
Your user ID does not appear in the system passwd file.
Warning: {User,Runas,Host,Cmnd}_Alias referenced but not defined
Either you are trying to use an undeclare
Either you are trying to use an undeclared
{User,Runas,Host,Cmnd}_Alias or you have a user or host name listed
that consists solely of uppercase letters, digits, and the
underscore ('_') character. In the latter case, you can ignore the
@ -119,15 +119,15 @@ DDIIAAGGNNOOSSTTIICCSS
SSEEEE AALLSSOO
_v_i(1), _s_u_d_o_e_r_s(4), _s_u_d_o(1m), _v_i_p_w(1m)
AAUUTTHHOORR
AAUUTTHHOORRSS
Many people have worked on ssuuddoo over the years; this version of vviissuuddoo
was written by:
Todd Miller
Todd C. Miller
See the CONTRIBUTORS file in the ssuuddoo distribution
(http://www.sudo.ws/sudo/contributors.html) for a list of people who
have contributed to ssuuddoo.
(http://www.sudo.ws/sudo/contributors.html) for an exhaustive list of
people who have contributed to ssuuddoo.
CCAAVVEEAATTSS
There is no easy way to prevent a user from gaining a root shell if the
@ -151,4 +151,4 @@ DDIISSCCLLAAIIMMEERR
1.8.6 June 29, 2012 VISUDO(1m)
1.8.6 July 13, 2012 VISUDO(1m)

14
doc/visudo.man.in
View File

@ -144,7 +144,7 @@
.\" ========================================================================
.\"
.IX Title "VISUDO @mansectsu@"
.TH VISUDO @mansectsu@ "June 29, 2012" "1.8.6" "MAINTENANCE COMMANDS"
.TH VISUDO @mansectsu@ "July 13, 2012" "1.8.6" "MAINTENANCE COMMANDS"
.\" For nroff, turn off justification. Always turn off hyphenation; it makes
.\" way too many mistakes in technical documents.
.if n .ad l
@ -258,10 +258,10 @@ Someone else is currently editing the \fIsudoers\fR file.
You didn't run \fBvisudo\fR as root.
.IP "Can't find you in the passwd database" 4
.IX Item "Can't find you in the passwd database"
Your userid does not appear in the system passwd file.
Your user \s-1ID\s0 does not appear in the system passwd file.
.IP "Warning: {User,Runas,Host,Cmnd}_Alias referenced but not defined" 4
.IX Item "Warning: {User,Runas,Host,Cmnd}_Alias referenced but not defined"
Either you are trying to use an undeclare {User,Runas,Host,Cmnd}_Alias
Either you are trying to use an undeclared {User,Runas,Host,Cmnd}_Alias
or you have a user or host name listed that consists solely of
uppercase letters, digits, and the underscore ('_') character. In
the latter case, you can ignore the warnings (\fBsudo\fR will not
@ -280,17 +280,17 @@ the \fIsudoers\fR file.
.SH "SEE ALSO"
.IX Header "SEE ALSO"
\&\fIvi\fR\|(1), \fIsudoers\fR\|(@mansectform@), \fIsudo\fR\|(@mansectsu@), \fIvipw\fR\|(@mansectsu@)
.SH "AUTHOR"
.IX Header "AUTHOR"
.SH "AUTHORS"
.IX Header "AUTHORS"
Many people have worked on \fBsudo\fR over the years; this version of
\&\fBvisudo\fR was written by:
.PP
.Vb 1
\& Todd Miller
\& Todd C. Miller
.Ve
.PP
See the \s-1CONTRIBUTORS\s0 file in the \fBsudo\fR distribution
(http://www.sudo.ws/sudo/contributors.html) for a list of people
(http://www.sudo.ws/sudo/contributors.html) for an exhaustive list of people
who have contributed to \fBsudo\fR.
.SH "CAVEATS"
.IX Header "CAVEATS"

10
doc/visudo.pod
View File

@ -156,11 +156,11 @@ You didn't run B<visudo> as root.
=item Can't find you in the passwd database
Your userid does not appear in the system passwd file.
Your user ID does not appear in the system passwd file.
=item Warning: {User,Runas,Host,Cmnd}_Alias referenced but not defined
Either you are trying to use an undeclare {User,Runas,Host,Cmnd}_Alias
Either you are trying to use an undeclared {User,Runas,Host,Cmnd}_Alias
or you have a user or host name listed that consists solely of
uppercase letters, digits, and the underscore ('_') character. In
the latter case, you can ignore the warnings (B<sudo> will not
@ -185,15 +185,15 @@ the I<sudoers> file.
L<vi(1)>, L<sudoers(5)>, L<sudo(8)>, L<vipw(8)>
=head1 AUTHOR
=head1 AUTHORS
Many people have worked on B<sudo> over the years; this version of
B<visudo> was written by:
Todd Miller
Todd C. Miller
See the CONTRIBUTORS file in the B<sudo> distribution
(http://www.sudo.ws/sudo/contributors.html) for a list of people
(http://www.sudo.ws/sudo/contributors.html) for an exhaustive list of people
who have contributed to B<sudo>.
=head1 CAVEATS