+++ /dev/null
-.rn '' }`
-''' $RCSfile$$Revision$$Date$
-'''
-''' $Log$
-''' Revision 1.45 2000/02/27 03:56:40 millert
-''' document -S flag
-'''
-'''
-.de Sh
-.br
-.if t .Sp
-.ne 5
-.PP
-\fB\\$1\fR
-.PP
-..
-.de Sp
-.if t .sp .5v
-.if n .sp
-..
-.de Ip
-.br
-.ie \\n(.$>=3 .ne \\$3
-.el .ne 3
-.IP "\\$1" \\$2
-..
-.de Vb
-.ft CW
-.nf
-.ne \\$1
-..
-.de Ve
-.ft R
-
-.fi
-..
-'''
-'''
-''' Set up \*(-- to give an unbreakable dash;
-''' string Tr holds user defined translation string.
-''' Bell System Logo is used as a dummy character.
-'''
-.tr \(*W-|\(bv\*(Tr
-.ie n \{\
-.ds -- \(*W-
-.ds PI pi
-.if (\n(.H=4u)&(1m=24u) .ds -- \(*W\h'-12u'\(*W\h'-12u'-\" diablo 10 pitch
-.if (\n(.H=4u)&(1m=20u) .ds -- \(*W\h'-12u'\(*W\h'-8u'-\" diablo 12 pitch
-.ds L" ""
-.ds R" ""
-''' \*(M", \*(S", \*(N" and \*(T" are the equivalent of
-''' \*(L" and \*(R", except that they are used on ".xx" lines,
-''' such as .IP and .SH, which do another additional levels of
-''' double-quote interpretation
-.ds M" """
-.ds S" """
-.ds N" """""
-.ds T" """""
-.ds L' '
-.ds R' '
-.ds M' '
-.ds S' '
-.ds N' '
-.ds T' '
-'br\}
-.el\{\
-.ds -- \(em\|
-.tr \*(Tr
-.ds L" ``
-.ds R" ''
-.ds M" ``
-.ds S" ''
-.ds N" ``
-.ds T" ''
-.ds L' `
-.ds R' '
-.ds M' `
-.ds S' '
-.ds N' `
-.ds T' '
-.ds PI \(*p
-'br\}
-.\" If the F register is turned on, we'll generate
-.\" index entries out stderr for the following things:
-.\" TH Title
-.\" SH Header
-.\" Sh Subsection
-.\" Ip Item
-.\" X<> Xref (embedded
-.\" Of course, you have to process the output yourself
-.\" in some meaninful fashion.
-.if \nF \{
-.de IX
-.tm Index:\\$1\t\\n%\t"\\$2"
-..
-.nr % 0
-.rr F
-.\}
-.TH sudo 8 "1.6.3" "26/Feb/2000" "MAINTENANCE COMMANDS"
-.UC
-.if n .hy 0
-.if n .na
-.ds C+ C\v'-.1v'\h'-1p'\s-2+\h'-1p'+\s0\v'.1v'\h'-1p'
-.de CQ \" put $1 in typewriter font
-.ft CW
-'if n "\c
-'if t \\&\\$1\c
-'if n \\&\\$1\c
-'if n \&"
-\\&\\$2 \\$3 \\$4 \\$5 \\$6 \\$7
-'.ft R
-..
-.\" @(#)ms.acc 1.5 88/02/08 SMI; from UCB 4.2
-. \" AM - accent mark definitions
-.bd B 3
-. \" fudge factors for nroff and troff
-.if n \{\
-. ds #H 0
-. ds #V .8m
-. ds #F .3m
-. ds #[ \f1
-. ds #] \fP
-.\}
-.if t \{\
-. ds #H ((1u-(\\\\n(.fu%2u))*.13m)
-. ds #V .6m
-. ds #F 0
-. ds #[ \&
-. ds #] \&
-.\}
-. \" simple accents for nroff and troff
-.if n \{\
-. ds ' \&
-. ds ` \&
-. ds ^ \&
-. ds , \&
-. ds ~ ~
-. ds ? ?
-. ds ! !
-. ds /
-. ds q
-.\}
-.if t \{\
-. ds ' \\k:\h'-(\\n(.wu*8/10-\*(#H)'\'\h"|\\n:u"
-. ds ` \\k:\h'-(\\n(.wu*8/10-\*(#H)'\`\h'|\\n:u'
-. ds ^ \\k:\h'-(\\n(.wu*10/11-\*(#H)'^\h'|\\n:u'
-. ds , \\k:\h'-(\\n(.wu*8/10)',\h'|\\n:u'
-. ds ~ \\k:\h'-(\\n(.wu-\*(#H-.1m)'~\h'|\\n:u'
-. ds ? \s-2c\h'-\w'c'u*7/10'\u\h'\*(#H'\zi\d\s+2\h'\w'c'u*8/10'
-. ds ! \s-2\(or\s+2\h'-\w'\(or'u'\v'-.8m'.\v'.8m'
-. ds / \\k:\h'-(\\n(.wu*8/10-\*(#H)'\z\(sl\h'|\\n:u'
-. ds q o\h'-\w'o'u*8/10'\s-4\v'.4m'\z\(*i\v'-.4m'\s+4\h'\w'o'u*8/10'
-.\}
-. \" troff and (daisy-wheel) nroff accents
-.ds : \\k:\h'-(\\n(.wu*8/10-\*(#H+.1m+\*(#F)'\v'-\*(#V'\z.\h'.2m+\*(#F'.\h'|\\n:u'\v'\*(#V'
-.ds 8 \h'\*(#H'\(*b\h'-\*(#H'
-.ds v \\k:\h'-(\\n(.wu*9/10-\*(#H)'\v'-\*(#V'\*(#[\s-4v\s0\v'\*(#V'\h'|\\n:u'\*(#]
-.ds _ \\k:\h'-(\\n(.wu*9/10-\*(#H+(\*(#F*2/3))'\v'-.4m'\z\(hy\v'.4m'\h'|\\n:u'
-.ds . \\k:\h'-(\\n(.wu*8/10)'\v'\*(#V*4/10'\z.\v'-\*(#V*4/10'\h'|\\n:u'
-.ds 3 \*(#[\v'.2m'\s-2\&3\s0\v'-.2m'\*(#]
-.ds o \\k:\h'-(\\n(.wu+\w'\(de'u-\*(#H)/2u'\v'-.3n'\*(#[\z\(de\v'.3n'\h'|\\n:u'\*(#]
-.ds d- \h'\*(#H'\(pd\h'-\w'~'u'\v'-.25m'\f2\(hy\fP\v'.25m'\h'-\*(#H'
-.ds D- D\\k:\h'-\w'D'u'\v'-.11m'\z\(hy\v'.11m'\h'|\\n:u'
-.ds th \*(#[\v'.3m'\s+1I\s-1\v'-.3m'\h'-(\w'I'u*2/3)'\s-1o\s+1\*(#]
-.ds Th \*(#[\s+2I\s-2\h'-\w'I'u*3/5'\v'-.3m'o\v'.3m'\*(#]
-.ds ae a\h'-(\w'a'u*4/10)'e
-.ds Ae A\h'-(\w'A'u*4/10)'E
-.ds oe o\h'-(\w'o'u*4/10)'e
-.ds Oe O\h'-(\w'O'u*4/10)'E
-. \" corrections for vroff
-.if v .ds ~ \\k:\h'-(\\n(.wu*9/10-\*(#H)'\s-2\u~\d\s+2\h'|\\n:u'
-.if v .ds ^ \\k:\h'-(\\n(.wu*10/11-\*(#H)'\v'-.4m'^\v'.4m'\h'|\\n:u'
-. \" for low resolution devices (crt and lpr)
-.if \n(.H>23 .if \n(.V>19 \
-\{\
-. ds : e
-. ds 8 ss
-. ds v \h'-1'\o'\(aa\(ga'
-. ds _ \h'-1'^
-. ds . \h'-1'.
-. ds 3 3
-. ds o a
-. ds d- d\h'-1'\(ga
-. ds D- D\h'-1'\(hy
-. ds th \o'bp'
-. ds Th \o'LP'
-. ds ae ae
-. ds Ae AE
-. ds oe oe
-. ds Oe OE
-.\}
-.rm #[ #] #H #V #F C
-.SH "NAME"
-sudo \- execute a command as another user
-.SH "SYNOPSIS"
-\fBsudo\fR \fB\-V\fR | \fB\-h\fR | \fB\-l\fR | \fB\-L\fR | \fB\-v\fR | \fB\-k\fR | \fB\-K\fR | \fB\-s\fR |
-[ \fB\-H\fR ] [\fB\-S\fR ] [ \fB\-b\fR ] | [ \fB\-p\fR prompt ]
-[ \fB\-u\fR username/#uid ] \fIcommand\fR
-.SH "DESCRIPTION"
-\fBsudo\fR allows a permitted user to execute a \fIcommand\fR as the
-superuser or another user, as specified in the sudoers file. The
-real and effective uid and gid are set to match those of the target
-user as specified in the passwd file (the group vector is also
-initialized when the target user is not root). By default, \fBsudo\fR
-requires that users authenticate themselves with a password
-(NOTE: this is the user's password, not the root password). Once
-a user has been authenticated, a timestamp is updated and the
-user may then use sudo without a password for a short period of time
-(five minutes by default).
-.PP
-\fBsudo\fR determines who is an authorized user by consulting the
-file \fI/etc/sudoers\fR. By giving \fBsudo\fR the \f(CW-v\fR flag a user
-can update the time stamp without running a \fIcommand.\fR
-The password prompt itself will also time out if the user's password is
-not entered with N minutes (again, this is defined at configure
-time and defaults to 5 minutes).
-.PP
-If a user that is not listed in the \fIsudoers\fR file tries to run
-a command via \fBsudo\fR, mail is sent to the proper authorities,
-as defined at configure time (defaults to root). Note that the
-mail will not be sent if an unauthorized user tries to run sudo
-with the \f(CW-l\fR or \f(CW-v\fR flags. This allows users to determine
-for themselves whether or not they are allowed to use \fBsudo\fR.
-.PP
-\fBsudo\fR can log both successful an unsuccessful attempts (as well
-as errors) to \fIsyslog\fR\|(3), a log file, or both. By default \fBsudo\fR
-will log via \fIsyslog\fR\|(3) but this is changeable at configure time.
-.SH "OPTIONS"
-\fBsudo\fR accepts the following command line options:
-.Ip "-V" 4
-The \f(CW-V\fR (\fIversion\fR) option causes \fBsudo\fR to print the
-version number and exit.
-.Ip "-l" 4
-The \f(CW-l\fR (\fIlist\fR) option will list out the allowed (and
-forbidden) commands for the user on the current host.
-.Ip "-L" 4
-The \f(CW-L\fR (\fIlist\fR defaults) option will list out the parameters
-that may be set in a \fIDefaults\fR line along with a short description
-for each. This option is useful in conjunction with \fIgrep\fR\|(1).
-.Ip "-h" 4
-The \f(CW-h\fR (\fIhelp\fR) option causes \fBsudo\fR to print a usage message and exit.
-.Ip "-v" 4
-If given the \f(CW-v\fR (\fIvalidate\fR) option, \fBsudo\fR will update the
-user's timestamp, prompting for the user's password if necessary.
-This extends the \fBsudo\fR timeout to for another N minutes
-(where N is defined at installation time and defaults to 5
-minutes) but does not run a command.
-.Ip "-k" 4
-The \f(CW-k\fR (\fIkill\fR) option to \fBsudo\fR invalidates the user's timestamp
-by setting the time on it to the epoch. The next time \fBsudo\fR is
-run a password will be required. This option does not require a password
-and was added to allow a user to revoke \fBsudo\fR permissions from a .logout
-file.
-.Ip "-K" 4
-The \f(CW-K\fR (sure \fIkill\fR) option to \fBsudo\fR removes the user's timestamp
-entirely. This option does not require a password.
-.Ip "-b" 4
-The \f(CW-b\fR (\fIbackground\fR) option tells \fBsudo\fR to run the given
-command in the background. Note that if you use the \f(CW-b\fR
-option you cannot use shell job control to manipulate the command.
-.Ip "-p" 4
-The \f(CW-p\fR (\fIprompt\fR) option allows you to override the default
-password prompt and use a custom one. If the password prompt
-contains the \f(CW%u\fR escape, \f(CW%u\fR will be replaced with the user's
-login name. Similarly, \f(CW%h\fR will be replaced with the local
-hostname.
-.Ip "-u" 4
-The \f(CW-u\fR (\fIuser\fR) option causes sudo to run the specified command
-as a user other than \fIroot\fR. To specify a \fIuid\fR instead of a
-\fIusername\fR, use \*(L"#uid\*(R".
-.Ip "-s" 4
-The \f(CW-s\fR (\fIshell\fR) option runs the shell specified by the \fI\s-1SHELL\s0\fR
-environment variable if it is set or the shell as specified
-in \fIpasswd\fR\|(5).
-.Ip "-H" 4
-The \f(CW-H\fR (\fI\s-1HOME\s0\fR) option sets the \fI\s-1HOME\s0\fR environment variable
-to the homedir of the target user (root by default) as specified
-in \fIpasswd\fR\|(5). By default, \fBsudo\fR does not modify \fI\s-1HOME\s0\fR.
-.Ip "-S" 4
-The \f(CW-S\fR (\fIstdin\fR) option causes \fBsudo\fR to read the password from
-standard input instead of the terminal device.
-.Ip "--" 4
-The \f(CW--\fR flag indicates that \fBsudo\fR should stop processing command
-line arguments. It is most useful in conjunction with the \f(CW-s\fR flag.
-.SH "RETURN VALUES"
-\fBsudo\fR quits with an exit value of 1 if there is a
-configuration/permission problem or if \fBsudo\fR cannot execute the
-given command. In the latter case the error string is printed to
-stderr. If \fBsudo\fR cannot \fIstat\fR\|(2) one or more entries in the user's
-\f(CWPATH\fR an error is printed on stderr. (If the directory does not
-exist or if it is not really a directory, the entry is ignored and
-no error is printed.) This should not happen under normal
-circumstances. The most common reason for \fIstat\fR\|(2) to return
-\*(L"permission denied\*(R" is if you are running an automounter and one
-of the directories in your \f(CWPATH\fR is on a machine that is currently
-unreachable.
-.SH "SECURITY NOTES"
-\fBsudo\fR tries to be safe when executing external commands. Variables
-that control how dynamic loading and binding is done can be used
-to subvert the program that \fBsudo\fR runs. To combat this the
-\f(CWLD_*\fR, \f(CW_RLD_*\fR, \f(CWSHLIB_PATH\fR (HP\-UX only), and \f(CWLIBPATH\fR (AIX
-only) environment variables are removed from the environment passed
-on to all commands executed. \fBsudo\fR will also remove the \f(CWIFS\fR,
-\f(CWENV\fR, \f(CWBASH_ENV\fR, \f(CWKRB_CONF\fR, \f(CWKRB5_CONFIG\fR, \f(CWLOCALDOMAIN\fR,
-\f(CWRES_OPTIONS\fR and \f(CWHOSTALIASES\fR variables as they too can pose a
-threat.
-.PP
-To prevent command spoofing, \fBsudo\fR checks "." and "" (both denoting
-current directory) last when searching for a command in the user's
-PATH (if one or both are in the PATH). Note, however, that the
-actual \f(CWPATH\fR environment variable is \fInot\fR modified and is passed
-unchanged to the program that \fBsudo\fR executes.
-.PP
-For security reasons, if your OS supports shared libraries and does
-not disable user-defined library search paths for setuid programs
-(most do), you should either use a linker option that disables this
-behavior or link \fBsudo\fR statically.
-.PP
-\fBsudo\fR will check the ownership of its timestamp directory
-(\fI/var/run/sudo\fR or \fI/tmp/.odus\fR by default) and ignore the
-directory's contents if it is not owned by root and only writable
-by root. On systems that allow non-root users to give away files
-via \fIchown\fR\|(2), if the timestamp directory is located in a directory
-writable by anyone (ie: \fI/tmp\fR), it is possible for a user to
-create the timestamp directory before \fBsudo\fR is run. However,
-because \fBsudo\fR checks the ownership and mode of the directory and
-its contents, the only damage that can be done is to \*(L"hide\*(R" files
-by putting them in the timestamp dir. This is unlikely to happen
-since once the timestamp dir is owned by root and inaccessible by
-any other user the user placing files there would be unable to get
-them back out. To get around this issue you can use a directory
-that is not world-writable for the timestamps (\fI/var/adm/sudo\fR for
-instance) or create /tmp/.odus with the appropriate owner (root)
-and permissions (0700) in the system startup files.
-.PP
-\fBsudo\fR will not honor timestamps set far in the future.
-Timestamps with a date greater than current_time + 2 * \f(CWTIMEOUT\fR
-will be ignored and sudo will log and complain. This is done to
-keep a user from creating his/her own timestamp with a bogus
-date on system that allow users to give away files.
-.SH "EXAMPLES"
-Note: the following examples assume suitable \fIsudoers\fR\|(5) entries.
-.PP
-To get a file listing of an unreadable directory:
-.PP
-.Vb 1
-\& % sudo ls /usr/local/protected
-.Ve
-To list the home directory of user yazza on a machine where the
-filesystem holding ~yazza is not exported as root:
-.PP
-.Vb 1
-\& % sudo -u yazza ls ~yazza
-.Ve
-To edit the \fIindex.html\fR file as user www:
-.PP
-.Vb 1
-\& % sudo -u www vi ~www/htdocs/index.html
-.Ve
-To shutdown a machine:
-.PP
-.Vb 1
-\& % sudo shutdown -r +15 "quick reboot"
-.Ve
-To make a usage listing of the directories in the /home
-partition. Note that this runs the commands in a sub-shell
-to make the \f(CWcd\fR and file redirection work.
-.PP
-.Vb 1
-\& % sudo sh -c "cd /home ; du -s * | sort -rn > USAGE"
-.Ve
-.SH "ENVIRONMENT"
-\fBsudo\fR utilizes the following environment variables:
-.PP
-.Vb 13
-\& PATH Set to a sane value if SECURE_PATH is set
-\& SHELL Used to determine shell to run with -s option
-\& USER Set to the target user (root unless the -u option
-\& is specified)
-\& HOME In -s or -H mode (or if sudo was configured with
-\& the --enable-shell-sets-home option), set to
-\& homedir of the target user.
-\& SUDO_PROMPT Used as the default password prompt
-\& SUDO_COMMAND Set to the command run by sudo
-\& SUDO_USER Set to the login of the user who invoked sudo
-\& SUDO_UID Set to the uid of the user who invoked sudo
-\& SUDO_GID Set to the gid of the user who invoked sudo
-\& SUDO_PS1 If set, PS1 will be set to its value
-.Ve
-.SH "FILES"
-.PP
-.Vb 2
-\& /etc/sudoers List of who can run what
-\& /var/run/sudo Directory containing timestamps
-.Ve
-\fBsudo\fR utilizes the following environment variables:
-.PP
-.Vb 13
-\& PATH Set to a sane value if SECURE_PATH is set
-\& SHELL Used to determine shell to run with -s option
-\& USER Set to the target user (root unless the -u option
-\& is specified)
-\& HOME In -s or -H mode (or if sudo was configured with
-\& the --enable-shell-sets-home option), set to
-\& homedir of the target user.
-\& SUDO_PROMPT Used as the default password prompt
-\& SUDO_COMMAND Set to the command run by sudo
-\& SUDO_USER Set to the login of the user who invoked sudo
-\& SUDO_UID Set to the uid of the user who invoked sudo
-\& SUDO_GID Set to the gid of the user who invoked sudo
-\& SUDO_PS1 If set, PS1 will be set to its value
-.Ve
-.SH "FILES"
-.PP
-.Vb 3
-\& /etc/sudoers List of who can run what
-\& /var/run/sudo Directory containing timestamps
-\& /tmp/.odus Same as above if no /var/run exists
-.Ve
-.SH "AUTHORS"
-Many people have worked on \fBsudo\fR over the years, this
-version consists of code written primarily by:
-.PP
-.Vb 2
-\& Todd Miller
-\& Chris Jepeway
-.Ve
-See the HISTORY file in the \fBsudo\fR distribution for a short history
-of \fBsudo\fR.
-.SH "BUGS"
-If you feel you have found a bug in sudo, please submit a bug report
-at http://www.courtesan.com/sudo/bugs/
-.SH "DISCLAIMER"
-\fBSudo\fR is provided ``AS IS'\*(R' and any express or implied warranties,
-including, but not limited to, the implied warranties of merchantability
-and fitness for a particular purpose are disclaimed.
-See the LICENSE file distributed with \fBsudo\fR for complete details.
-.SH "CAVEATS"
-There is no easy way to prevent a user from gaining a root shell if
-that user has access to commands allowing shell escapes.
-.PP
-If users have sudo \f(CWALL\fR there is nothing to prevent them from creating
-their own program that gives them a root shell regardless of any \*(L'!\*(R'
-elements in the user specification.
-.PP
-Running shell scripts via \fBsudo\fR can expose the same kernel bugs
-that make setuid shell scripts unsafe on some operating systems
-(if your OS supports the /dev/fd/ directory, setuid shell scripts
-are generally safe).
-.SH "SEE ALSO"
-\fIsudoers\fR\|(5), \fIvisudo\fR\|(8), \fIsu\fR\|(1).
-
-.rn }` ''
-.IX Title "sudo 8"
-.IX Name "sudo - execute a command as another user"
-
-.IX Header "NAME"
-
-.IX Header "SYNOPSIS"
-
-.IX Header "DESCRIPTION"
-
-.IX Header "OPTIONS"
-
-.IX Item "-V"
-
-.IX Item "-l"
-
-.IX Item "-L"
-
-.IX Item "-h"
-
-.IX Item "-v"
-
-.IX Item "-k"
-
-.IX Item "-K"
-
-.IX Item "-b"
-
-.IX Item "-p"
-
-.IX Item "-u"
-
-.IX Item "-s"
-
-.IX Item "-H"
-
-.IX Item "-S"
-
-.IX Item "--"
-
-.IX Header "RETURN VALUES"
-
-.IX Header "SECURITY NOTES"
-
-.IX Header "EXAMPLES"
-
-.IX Header "ENVIRONMENT"
-
-.IX Header "FILES"
-
-.IX Header "FILES"
-
-.IX Header "AUTHORS"
-
-.IX Header "BUGS"
-
-.IX Header "DISCLAIMER"
-
-.IX Header "CAVEATS"
-
-.IX Header "SEE ALSO"
-
+++ /dev/null
-.rn '' }`
-''' $RCSfile$$Revision$$Date$
-'''
-''' $Log$
-''' Revision 1.27 2000/02/18 17:56:27 millert
-''' Add rootpw, runaspw, and targetpw options.
-'''
-'''
-.de Sh
-.br
-.if t .Sp
-.ne 5
-.PP
-\fB\\$1\fR
-.PP
-..
-.de Sp
-.if t .sp .5v
-.if n .sp
-..
-.de Ip
-.br
-.ie \\n(.$>=3 .ne \\$3
-.el .ne 3
-.IP "\\$1" \\$2
-..
-.de Vb
-.ft CW
-.nf
-.ne \\$1
-..
-.de Ve
-.ft R
-
-.fi
-..
-'''
-'''
-''' Set up \*(-- to give an unbreakable dash;
-''' string Tr holds user defined translation string.
-''' Bell System Logo is used as a dummy character.
-'''
-.tr \(*W-|\(bv\*(Tr
-.ie n \{\
-.ds -- \(*W-
-.ds PI pi
-.if (\n(.H=4u)&(1m=24u) .ds -- \(*W\h'-12u'\(*W\h'-12u'-\" diablo 10 pitch
-.if (\n(.H=4u)&(1m=20u) .ds -- \(*W\h'-12u'\(*W\h'-8u'-\" diablo 12 pitch
-.ds L" ""
-.ds R" ""
-''' \*(M", \*(S", \*(N" and \*(T" are the equivalent of
-''' \*(L" and \*(R", except that they are used on ".xx" lines,
-''' such as .IP and .SH, which do another additional levels of
-''' double-quote interpretation
-.ds M" """
-.ds S" """
-.ds N" """""
-.ds T" """""
-.ds L' '
-.ds R' '
-.ds M' '
-.ds S' '
-.ds N' '
-.ds T' '
-'br\}
-.el\{\
-.ds -- \(em\|
-.tr \*(Tr
-.ds L" ``
-.ds R" ''
-.ds M" ``
-.ds S" ''
-.ds N" ``
-.ds T" ''
-.ds L' `
-.ds R' '
-.ds M' `
-.ds S' '
-.ds N' `
-.ds T' '
-.ds PI \(*p
-'br\}
-.\" If the F register is turned on, we'll generate
-.\" index entries out stderr for the following things:
-.\" TH Title
-.\" SH Header
-.\" Sh Subsection
-.\" Ip Item
-.\" X<> Xref (embedded
-.\" Of course, you have to process the output yourself
-.\" in some meaninful fashion.
-.if \nF \{
-.de IX
-.tm Index:\\$1\t\\n%\t"\\$2"
-..
-.nr % 0
-.rr F
-.\}
-.TH sudoers 5 "1.6.3" "18/Feb/2000" "FILE FORMATS"
-.UC
-.if n .hy 0
-.if n .na
-.ds C+ C\v'-.1v'\h'-1p'\s-2+\h'-1p'+\s0\v'.1v'\h'-1p'
-.de CQ \" put $1 in typewriter font
-.ft CW
-'if n "\c
-'if t \\&\\$1\c
-'if n \\&\\$1\c
-'if n \&"
-\\&\\$2 \\$3 \\$4 \\$5 \\$6 \\$7
-'.ft R
-..
-.\" @(#)ms.acc 1.5 88/02/08 SMI; from UCB 4.2
-. \" AM - accent mark definitions
-.bd B 3
-. \" fudge factors for nroff and troff
-.if n \{\
-. ds #H 0
-. ds #V .8m
-. ds #F .3m
-. ds #[ \f1
-. ds #] \fP
-.\}
-.if t \{\
-. ds #H ((1u-(\\\\n(.fu%2u))*.13m)
-. ds #V .6m
-. ds #F 0
-. ds #[ \&
-. ds #] \&
-.\}
-. \" simple accents for nroff and troff
-.if n \{\
-. ds ' \&
-. ds ` \&
-. ds ^ \&
-. ds , \&
-. ds ~ ~
-. ds ? ?
-. ds ! !
-. ds /
-. ds q
-.\}
-.if t \{\
-. ds ' \\k:\h'-(\\n(.wu*8/10-\*(#H)'\'\h"|\\n:u"
-. ds ` \\k:\h'-(\\n(.wu*8/10-\*(#H)'\`\h'|\\n:u'
-. ds ^ \\k:\h'-(\\n(.wu*10/11-\*(#H)'^\h'|\\n:u'
-. ds , \\k:\h'-(\\n(.wu*8/10)',\h'|\\n:u'
-. ds ~ \\k:\h'-(\\n(.wu-\*(#H-.1m)'~\h'|\\n:u'
-. ds ? \s-2c\h'-\w'c'u*7/10'\u\h'\*(#H'\zi\d\s+2\h'\w'c'u*8/10'
-. ds ! \s-2\(or\s+2\h'-\w'\(or'u'\v'-.8m'.\v'.8m'
-. ds / \\k:\h'-(\\n(.wu*8/10-\*(#H)'\z\(sl\h'|\\n:u'
-. ds q o\h'-\w'o'u*8/10'\s-4\v'.4m'\z\(*i\v'-.4m'\s+4\h'\w'o'u*8/10'
-.\}
-. \" troff and (daisy-wheel) nroff accents
-.ds : \\k:\h'-(\\n(.wu*8/10-\*(#H+.1m+\*(#F)'\v'-\*(#V'\z.\h'.2m+\*(#F'.\h'|\\n:u'\v'\*(#V'
-.ds 8 \h'\*(#H'\(*b\h'-\*(#H'
-.ds v \\k:\h'-(\\n(.wu*9/10-\*(#H)'\v'-\*(#V'\*(#[\s-4v\s0\v'\*(#V'\h'|\\n:u'\*(#]
-.ds _ \\k:\h'-(\\n(.wu*9/10-\*(#H+(\*(#F*2/3))'\v'-.4m'\z\(hy\v'.4m'\h'|\\n:u'
-.ds . \\k:\h'-(\\n(.wu*8/10)'\v'\*(#V*4/10'\z.\v'-\*(#V*4/10'\h'|\\n:u'
-.ds 3 \*(#[\v'.2m'\s-2\&3\s0\v'-.2m'\*(#]
-.ds o \\k:\h'-(\\n(.wu+\w'\(de'u-\*(#H)/2u'\v'-.3n'\*(#[\z\(de\v'.3n'\h'|\\n:u'\*(#]
-.ds d- \h'\*(#H'\(pd\h'-\w'~'u'\v'-.25m'\f2\(hy\fP\v'.25m'\h'-\*(#H'
-.ds D- D\\k:\h'-\w'D'u'\v'-.11m'\z\(hy\v'.11m'\h'|\\n:u'
-.ds th \*(#[\v'.3m'\s+1I\s-1\v'-.3m'\h'-(\w'I'u*2/3)'\s-1o\s+1\*(#]
-.ds Th \*(#[\s+2I\s-2\h'-\w'I'u*3/5'\v'-.3m'o\v'.3m'\*(#]
-.ds ae a\h'-(\w'a'u*4/10)'e
-.ds Ae A\h'-(\w'A'u*4/10)'E
-.ds oe o\h'-(\w'o'u*4/10)'e
-.ds Oe O\h'-(\w'O'u*4/10)'E
-. \" corrections for vroff
-.if v .ds ~ \\k:\h'-(\\n(.wu*9/10-\*(#H)'\s-2\u~\d\s+2\h'|\\n:u'
-.if v .ds ^ \\k:\h'-(\\n(.wu*10/11-\*(#H)'\v'-.4m'^\v'.4m'\h'|\\n:u'
-. \" for low resolution devices (crt and lpr)
-.if \n(.H>23 .if \n(.V>19 \
-\{\
-. ds : e
-. ds 8 ss
-. ds v \h'-1'\o'\(aa\(ga'
-. ds _ \h'-1'^
-. ds . \h'-1'.
-. ds 3 3
-. ds o a
-. ds d- d\h'-1'\(ga
-. ds D- D\h'-1'\(hy
-. ds th \o'bp'
-. ds Th \o'LP'
-. ds ae ae
-. ds Ae AE
-. ds oe oe
-. ds Oe OE
-.\}
-.rm #[ #] #H #V #F C
-.SH "NAME"
-sudoers \- list of which users may execute what
-.SH "DESCRIPTION"
-The \fIsudoers\fR file is composed two types of entries:
-aliases (basically variables) and user specifications
-(which specify who may run what). The grammar of \fIsudoers\fR
-will be described below in Extended Backus-Naur Form (EBNF).
-Don't despair if you don't know what EBNF is, it is fairly
-simple and the definitions below are annotated.
-.Sh "Quick guide to \s-1EBNF\s0"
-\s-1EBNF\s0 is a concise and exact way of describing the grammar of a language.
-Each \s-1EBNF\s0 definition is made up of \fIproduction rules\fR. Eg.
-.PP
-.Vb 1
-\& symbol ::= definition | alternate1 | alternate2 ...
-.Ve
-Each \fIproduction rule\fR references others and thus makes up a
-grammar for the language. \s-1EBNF\s0 also contains the following
-operators, which many readers will recognize from regular
-expressions. Do not, however, confuse them with \*(L"wildcard\*(R"
-characters, which have different meanings.
-.Ip "\f(CW?\fR" 8
-Means that the preceding symbol (or group of symbols) is optional.
-That is, it may appear once or not at all.
-.Ip "\f(CW*\fR" 8
-Means that the preceding symbol (or group of symbols) may appear
-zero or more times.
-.Ip "\f(CW+\fR" 8
-Means that the preceding symbol (or group of symbols) may appear
-one or more times.
-.PP
-Parentheses may be used to group symbols together. For clarity,
-we will use single quotes ('') to designate what is a verbatim character
-string (as opposed to a symbol name).
-.Sh "Aliases"
-There are four kinds of aliases: the \f(CWUser_Alias\fR, \f(CWRunas_Alias\fR,
-\f(CWHost_Alias\fR and \f(CWCmnd_Alias\fR.
-.PP
-.Vb 4
-\& Alias ::= 'User_Alias' = User_Alias (':' User_Alias)* |
-\& 'Runas_Alias' = Runas_Alias (':' Runas_Alias)* |
-\& 'Host_Alias' = Host_Alias (':' Host_Alias)* |
-\& 'Cmnd_Alias' = Cmnd_Alias (':' Cmnd_Alias)*
-.Ve
-.Vb 1
-\& User_Alias ::= NAME '=' User_List
-.Ve
-.Vb 1
-\& Runas_Alias ::= NAME '=' Runas_User_List
-.Ve
-.Vb 1
-\& Host_Alias ::= NAME '=' Host_List
-.Ve
-.Vb 1
-\& Cmnd_Alias ::= NAME '=' Cmnd_List
-.Ve
-.Vb 1
-\& NAME ::= [A-Z]([A-Z][0-9]_)*
-.Ve
-Each \fIalias\fR definition is of the form
-.PP
-.Vb 1
-\& Alias_Type NAME = item1, item2, ...
-.Ve
-where \fIAlias_Type\fR is one of \f(CWUser_Alias\fR, \f(CWRunas_Alias\fR, \f(CWHost_Alias\fR,
-or \f(CWCmnd_Alias\fR. A \f(CWNAME\fR is a string of upper case letters, numbers,
-and the underscore characters ('_'). A \f(CWNAME\fR \fBmust\fR start with an
-upper case letter. It is possible to put several alias definitions
-of the same type on a single line, joined by a semicolon (':'). Eg.
-.PP
-.Vb 1
-\& Alias_Type NAME = item1, item2, item3 : NAME = item4, item5
-.Ve
-The definitions of what constitutes a valid \fIalias\fR member follow.
-.PP
-.Vb 2
-\& User_List ::= User |
-\& User ',' User_List
-.Ve
-.Vb 5
-\& User ::= '!'* username |
-\& '!'* '#'uid |
-\& '!'* '%'group |
-\& '!'* '+'netgroup |
-\& '!'* User_Alias
-.Ve
-A \f(CWUser_List\fR is made up of one or more usernames, uids
-(prefixed with \*(L'#'), System groups (prefixed with \*(L'%'),
-netgroups (prefixed with \*(L'+') and other aliases. Each list
-item may be prefixed with one or more \*(L'!\*(R' operators. An odd number
-of \*(L'!\*(R' operators negates the value of the item; an even number
-just cancel each other out.
-.PP
-.Vb 2
-\& Runas_List ::= Runas_User |
-\& Runas_User ',' Runas_List
-.Ve
-.Vb 5
-\& Runas_User ::= '!'* username |
-\& '!'* '#'uid |
-\& '!'* '%'group |
-\& '!'* +netgroup |
-\& '!'* Runas_Alias
-.Ve
-Likewise, a \f(CWRunas_List\fR has the same possible elements
-as a \f(CWUser_List\fR, except that it can include a \f(CWRunas_Alias\fR,
-instead of a \f(CWUser_Alias\fR.
-.PP
-.Vb 2
-\& Host_List ::= Host |
-\& Host ',' Host_List
-.Ve
-.Vb 5
-\& Host ::= '!'* hostname |
-\& '!'* ip_addr |
-\& '!'* network(/netmask)? |
-\& '!'* '+'netgroup |
-\& '!'* Host_Alias
-.Ve
-A \f(CWHost_List\fR is made up of one or more hostnames, \s-1IP\s0 addresses,
-network numbers, netgroups (prefixed with \*(L'+') and other aliases.
-Again, the value of an item may be negated with the \*(L'!\*(R' operator.
-If you do not specify a netmask with a network number, the netmask
-of the host's ethernet \fIinterface\fR\|(s) will be used when matching.
-The netmask may be specified either in dotted quad notation (eg.
-255.255.255.0) or \s-1CIDR\s0 notation (number of bits, eg. 24).
-.PP
-.Vb 2
-\& Cmnd_List ::= Cmnd |
-\& Cmnd ',' Cmnd_List
-.Ve
-.Vb 3
-\& commandname ::= filename |
-\& filename args |
-\& filename '""'
-.Ve
-.Vb 3
-\& Cmnd ::= '!'* commandname |
-\& '!'* directory |
-\& '!'* Cmnd_Alias
-.Ve
-A \f(CWCmnd_List\fR is a list of one or more commandnames, directories, and other
-aliases. A commandname is a fully-qualified filename which may include
-shell-style wildcards (see `Wildcards\*(R' section below). A simple
-filename allows the user to run the command with any arguments he/she
-wishes. However, you may also command line arguments (including wildcards).
-Alternately, you can specify \f(CW""\fR to indicate that the command
-may only be run \fBwithout\fR command line arguments. A directory is a
-fully qualified pathname ending in a \*(L'/\*(R'. When you specify a directory
-in a \f(CWCmnd_List\fR, the user will be able to run any file within that directory
-(but not in any subdirectories therein).
-.PP
-If a \f(CWCmnd\fR has associated command line arguments, then the arguments
-in the \f(CWCmnd\fR must match exactly those given by the user on the command line
-(or match the wildcards if there are any). Note that the following
-characters must be escaped with a \*(L'\e\*(R' if they are used in command
-arguments: \*(L',\*(R', \*(L':\*(R', \*(L'=\*(R', \*(L'\e\*(R'.
-.Sh "Defaults"
-Certain configuration options may be changed from their default
-values at runtime via one or more \f(CWDefault_Entry\fR lines. These
-may affect all users on any host, all users on a specific host,
-or just a specific user. When multiple entries match, they are
-applied in order. Where there are conflicting values, the last
-value on a matching line takes effect.
-.PP
-.Vb 3
-\& Default_Type ::= 'Defaults' ||
-\& 'Defaults' ':' User ||
-\& 'Defaults' '@' Host
-.Ve
-.Vb 1
-\& Default_Entry ::= Default_Type Parameter_List
-.Ve
-.Vb 2
-\& Parameter ::= Parameter '=' Value ||
-\& '!'* Parameter ||
-.Ve
-Parameters may be \fBflags\fR, \fBinteger\fR values, or \fBstrings\fR. Flags
-are implicitly boolean and can be turned off via the \*(L'!\*(R' operator.
-Some integer and string parameters may also be used in a boolean
-context to disable them. Values may be enclosed in double quotes
-(\f(CW"\fR) when they contain multiple words. Special characters may
-be escaped with a backslash (\f(CW\e\fR).
-.PP
-\fBFlags\fR:
-.Ip "long_otp_prompt" 12
-When validating with a One Time Password scheme (\fBS/Key\fR or \fB\s-1OPIE\s0\fR),
-a two-line prompt is used to make it easier to cut and paste the
-challenge to a local window. It's not as pretty as the default but
-some people find it more convenient. This flag is off by default.
-.Ip "ignore_dot" 12
-If set, \fBsudo\fR will ignore \*(L'.\*(R' or \*(L'\*(R' (current dir) in \f(CW$PATH\fR;
-the \f(CW$PATH\fR itself is not modified. This flag is off by default.
-.Ip "mail_always" 12
-Send mail to the \fImailto\fR user every time a users runs sudo.
-This flag is off by default.
-.Ip "mail_no_user" 12
-If set, mail will be sent to the \fImailto\fR user if the invoking
-user is not in the \fIsudoers\fR file. This flag is on by default.
-.Ip "mail_no_host" 12
-If set, mail will be sent to the \fImailto\fR user if the invoking
-user exists in the \fIsudoers\fR file, but is not allowed to run
-commands on the current host. This flag is off by default.
-.Ip "mail_no_perms" 12
-If set, mail will be sent to the \fImailto\fR user if the invoking
-user allowed to use sudo but the command they are trying is not
-listed in their \fIsudoers\fR file entry. This flag is off by default.
-.Ip "tty_tickets" 12
-If set, users must authenticate on a per-tty basis. Normally,
-\fBsudo\fR uses a directory in the ticket dir with the same name as
-the user running it. With this flag enabled, \fBsudo\fR will use a
-file named for the tty the user is logged in on in that directory.
-This flag is off by default.
-.Ip "lecture" 12
-If set, a user will receive a short lecture the first time he/she
-runs \fBsudo\fR. This flag is on by default.
-.Ip "authenticate" 12
-If set, users must authenticate themselves via a password (or other
-means of authentication) before they may run commands. This default
-may be overridden via the \f(CWPASSWD\fR and \f(CWNOPASSWD\fR tags.
-This flag is on by default.
-.Ip "root_sudo" 12
-If set, root is allowed to run sudo too. Disabling this prevents users
-from \*(L"chaining\*(R" sudo commands to get a root shell by doing something
-like \f(CW"sudo sudo /bin/sh"\fR.
-This flag is on by default.
-.Ip "log_host" 12
-If set, the hostname will be logged in the (non-syslog) \fBsudo\fR log file.
-This flag is off by default.
-.Ip "log_year" 12
-If set, the four-digit year will be logged in the (non-syslog) \fBsudo\fR log file.
-This flag is off by default.
-.Ip "shell_noargs" 12
-If set and \fBsudo\fR is invoked with no arguments it acts as if the
-\f(CW-s\fR flag had been given. That is, it runs a shell as root (the
-shell is determined by the \f(CWSHELL\fR environment variable if it is
-set, falling back on the shell listed in the invoking user's
-/etc/passwd entry if not). This flag is off by default.
-.Ip "set_home" 12
-If set and \fBsudo\fR is invoked with the \f(CW-s\fR flag the \f(CWHOME\fR
-environment variable will be set to the home directory of the target
-user (which is root unless the \f(CW-u\fR option is used). This effectively
-makes the \f(CW-s\fR flag imply \f(CW-H\fR. This flag is off by default.
-.Ip "path_info" 12
-Normally, \fBsudo\fR will tell the user when a command could not be
-found in their \f(CW$PATH\fR. Some sites may wish to disable this as
-it could be used to gather information on the location of executables
-that the normal user does not have access to. The disadvantage is
-that if the executable is simply not in the user's \f(CW$PATH\fR, \fBsudo\fR
-will tell the user that they are not allowed to run it, which can
-be confusing. This flag is off by default.
-.Ip "fqdn" 12
-Set this flag if you want to put fully qualified hostnames in the
-\fIsudoers\fR file. Ie: instead of myhost you would use myhost.mydomain.edu.
-You may still use the short form if you wish (and even mix the two).
-Beware that turning on \fIfqdn\fR requires sudo to make \s-1DNS\s0 lookups
-which may make \fBsudo\fR unusable if \s-1DNS\s0 stops working (for example
-if the machine is not plugged into the network). Also note that
-you must use the host's official name as \s-1DNS\s0 knows it. That is,
-you may not use a host alias (\f(CWCNAME\fR entry) due to performance
-issues and the fact that there is no way to get all aliases from
-\s-1DNS\s0. If your machine's hostname (as returned by the \f(CWhostname\fR
-command) is already fully qualified you shouldn't need to set
-\fIfqfn\fR. This flag is off by default.
-.Ip "insults" 12
-If set, sudo will insult users when they enter an incorrect
-password. This flag is off by default.
-.Ip "requiretty" 12
-If set, sudo will only run when the user is logged in to a real
-tty. This will disallow things like \f(CW"rsh somehost sudo ls"\fR since
-\fIrsh\fR\|(1) does not allocate a tty. Because it is not possible to turn
-of echo when there is no tty present, some sites may with to set
-this flag to prevent a user from entering a visible password. This
-flag is off by default.
-.Ip "env_editor" 12
-If set, visudo will use the value of the \s-1EDITOR\s0 or \s-1VISUAL\s0 environment
-falling back on the default editor. Note that this may create a
-security hole as most editors allow a user to get a shell (which
-would be a root shell and not be logged).
-.Ip "rootpw" 12
-If set, sudo will prompt for the root password instead of the password
-of the invoking user.
-.Ip "runaspw" 12
-If set, sudo will prompt for the password of the user defined by the
-\fIrunas_default\fR option (defaults to root) instead of the password
-of the invoking user.
-.Ip "targetpw" 12
-If set, sudo will prompt for the password of the user specified by
-the \f(CW-u\fR flag (defaults to root) instead of the password of the
-invoking user.
-.PP
-\fBIntegers\fR:
-.Ip "passwd_tries" 12
-The number of tries a user gets to enter his/her password before
-sudo logs the failure and exits. The default is 3.
-.PP
-\fBIntegers that can be used in a boolean context\fR:
-.Ip "loglinelen" 12
-Number of characters per line for the file log. This value is used
-to decide when to wrap lines for nicer log files. This has no
-effect on the syslog log file, only the file log. The default is
-80 (use 0 or negate to disable word wrap).
-.Ip "timestamp_timeout" 12
-Number of minutes that can elapse before \fBsudo\fR will ask for a passwd
-again. The default is 5, set this to 0 to always prompt for a password.
-.Ip "passwd_timeout" 12
-Number of minutes before the sudo password prompt times out.
-The default is 5, set this to 0 for no password timeout.
-.Ip "umask" 12
-Umask to use when running the root command. Set this to 0777 to
-not override the user's umask. The default is 0022.
-.PP
-\fBStrings\fR:
-.Ip "mailsub" 12
-Subject of the mail sent to the \fImailto\fR user. The escape \f(CW%h\fR
-will expand to the hostname of the machine.
-Default is \*(L"*** \s-1SECURITY\s0 information for \f(CW%h\fR ***\*(R".
-.Ip "badpass_message" 12
-Message that is displayed if a user enters an incorrect password.
-The default is \*(L"Sorry, try again.\*(R" unless insults are enabled.
-.Ip "timestampdir" 12
-The directory in which \fBsudo\fR stores its timestamp files.
-The default is either \f(CW/var/run/sudo\fR or \f(CW/tmp/sudo\fR.
-.Ip "passprompt" 12
-The default prompt to use when asking for a password; can be overridden
-via the \f(CW-p\fR option or the \f(CWSUDO_PROMPT\fR environment variable. Supports
-two escapes: \*(L"%u\*(R" expands to the user's login name and \*(L"%h\*(R" expands
-to the local hostname. The default value is \*(L"Password:\*(R".
-.Ip "runas_default" 12
-The default user to run commands as if the \f(CW-u\fR flag is not specified
-on the command line. This defaults to \*(L"root\*(R".
-.Ip "syslog_goodpri" 12
-Syslog priority to use when user authenticates successfully.
-Defaults to \*(L"notice\*(R".
-.Ip "syslog_badpri" 12
-Syslog priority to use when user authenticates unsuccessfully.
-Defaults to \*(L"alert\*(R".
-.Ip "editor" 12
-Path to the editor to be used by visudo. The default is the path
-to vi on your system.
-.PP
-\fBStrings that can be used in a boolean context\fR:
-.Ip "syslog" 12
-Syslog facility if syslog is being used for logging (negate to
-disable syslog logging). Defaults to \*(L"local2\*(R".
-.Ip "mailerpath" 12
-Path to mail program used to send warning mail.
-Defaults to the path to sendmail found at configure time.
-.Ip "mailerflags" 12
-Flags to use when invoking mailer. Defaults to \f(CW-t\fR.
-.Ip "mailto" 12
-Address to send warning and erorr mail to. Defaults to \*(L"root\*(R".
-.Ip "exempt_group" 12
-Users in this group are exempt from password and \s-1PATH\s0 requirements.
-This is not set by default.
-.Ip "secure_path" 12
-Path used for every command run from \fBsudo\fR. If you don't trust the
-people running sudo to have a sane \f(CWPATH\fR environment variable you may
-want to use this. Another use is if you want to have the \*(L"root path\*(R"
-be separate from the \*(L"user path.\*(R" This is not set by default.
-.Ip "verifypw" 12
-This option controls when a password will be required when a
-user runs sudo with the \fB\-v\fR. It has the following possible values:
-.Sp
-.Vb 3
-\& all All the user's I<sudoers> entries for the
-\& current host must have the C<NOPASSWD>
-\& flag set to avoid entering a password.
-.Ve
-.Vb 4
-\& any At least one of the user's I<sudoers> entries
-\& for the current host must have the
-\& C<NOPASSWD> flag set to avoid entering a
-\& password.
-.Ve
-.Vb 2
-\& never The user need never enter a password to use
-\& the B<-v> flag.
-.Ve
-.Vb 2
-\& always The user must always enter a password to use
-\& the B<-v> flag.
-.Ve
-The default value is `all\*(R'.
-.Ip "listpw" 12
-This option controls when a password will be required when a
-user runs sudo with the \fB\-l\fR. It has the following possible values:
-.Sp
-.Vb 3
-\& all All the user's I<sudoers> entries for the
-\& current host must have the C<NOPASSWD>
-\& flag set to avoid entering a password.
-.Ve
-.Vb 4
-\& any At least one of the user's I<sudoers> entries
-\& for the current host must have the
-\& C<NOPASSWD> flag set to avoid entering a
-\& password.
-.Ve
-.Vb 2
-\& never The user need never enter a password to use
-\& the B<-l> flag.
-.Ve
-.Vb 2
-\& always The user must always enter a password to use
-\& the B<-l> flag.
-.Ve
-The default value is `any\*(R'.
-.PP
-When logging via \fIsyslog\fR\|(3), sudo accepts the following values for the syslog
-facility (the value of the \fBsyslog\fR Parameter): \fBauthpriv\fR (if your \s-1OS\s0
-supports it), \fBauth\fR, \fBdaemon\fR, \fBuser\fR, \fBlocal0\fR, \fBlocal1\fR, \fBlocal2\fR,
-\fBlocal3\fR, \fBlocal4\fR, \fBlocal5\fR, \fBlocal6\fR, and \fBlocal7\fR. The following
-syslog priorities are supported: \fBalert\fR, \fBcrit\fR, \fBdebug\fR, \fBemerg\fR,
-\fBerr\fR, \fBinfo\fR, \fBnotice\fR, and \fBwarning\fR.
-.Sh "User Specification"
-.PP
-.Vb 2
-\& User_Spec ::= User_list Host_List '=' User_List Cmnd_Spec_List \e
-\& (':' User_Spec)*
-.Ve
-.Vb 2
-\& Cmnd_Spec_List ::= Cmnd_Spec |
-\& Cmnd_Spec ',' Cmnd_Spec_List
-.Ve
-.Vb 1
-\& Cmnd_Spec ::= Runas_Spec? ('NOPASSWD:' | 'PASSWD:')? Cmnd
-.Ve
-.Vb 1
-\& Runas_Spec ::= '(' Runas_List ')'
-.Ve
-A \fBuser specification\fR determines which commands a user may run
-(and as what user) on specified hosts. By default, commands are
-run as \fBroot\fR but this can be changed on a per-command basis.
-.PP
-Let's break that down into its constituent parts:
-.Sh "Runas_Spec"
-A \f(CWRunas_Spec\fR is simply a \f(CWRunas_List\fR (as defined above)
-enclosed in a set of parentheses. If you do not specify a
-\f(CWRunas_Spec\fR in the user specification, a default \f(CWRunas_Spec\fR
-of \fBroot\fR will be used. A \f(CWRunas_Spec\fR sets the default for
-commands that follow it. What this means is that for the entry:
-.PP
-.Vb 1
-\& dgb boulder = (operator) /bin/ls, /bin/kill, /usr/bin/who
-.Ve
-The user \fBdgb\fR may run \fI/bin/ls\fR, \fI/bin/kill\fR, and
-\fI/usr/bin/lprm\fR -- but only as \fBoperator\fR. Eg.
-.PP
-.Vb 1
-\& sudo -u operator /bin/ls.
-.Ve
-It is also possible to override a \f(CWRunas_Spec\fR later on in an
-entry. If we modify the entry like so:
-.PP
-.Vb 1
-\& dgb boulder = (operator) /bin/ls, (root) /bin/kill, /usr/bin/lprm
-.Ve
-Then user \fBdgb\fR is now allowed to run \fI/bin/ls\fR as \fBoperator\fR,
-but \fI/bin/kill\fR and \fI/usr/bin/lprm\fR as \fBroot\fR.
-.Sh "\s-1NOPASSWD\s0 and \s-1PASSWD\s0"
-By default, \fBsudo\fR requires that a user authenticate him or herself
-before running a command. This behavior can be modified via the
-\f(CWNOPASSWD\fR tag. Like a \f(CWRunas_Spec\fR, the \f(CWNOPASSWD\fR tag sets
-a default for the commands that follow it in the \f(CWCmnd_Spec_List\fR.
-Conversely, the \f(CWPASSWD\fR tag can be used to reverse things.
-For example:
-.PP
-.Vb 1
-\& ray rushmore = NOPASSWD: /bin/kill, /bin/ls, /usr/bin/lprm
-.Ve
-would allow the user \fBray\fR to run \fI/bin/kill\fR, \fI/bin/ls\fR, and
-\fI/usr/bin/lprm\fR as root on the machine rushmore as \fBroot\fR without
-authenticating himself. If we only want \fBray\fR to be able to
-run \fI/bin/kill\fR without a password the entry would be:
-.PP
-.Vb 1
-\& ray rushmore = NOPASSWD: /bin/kill, PASSWD: /bin/ls, /usr/bin/lprm
-.Ve
-Note however, that the \f(CWPASSWD\fR tag has no effect on users who are
-in the group specified by the exempt_group option.
-.PP
-By default, if the \f(CWNOPASSWD\fR tag is applied to any of the entries
-for a user on the current host, he or she will be able to run
-\f(CWsudo -l\fR without a password. Additionally, a user may only run
-\f(CWsudo -v\fR without a password if the \f(CWNOPASSWD\fR tag is present
-for all a user's entries that pertain to the current host.
-This behavior may be overridden via the verifypw and listpw options.
-.Sh "Wildcards (aka meta characters):"
-\fBsudo\fR allows shell-style \fIwildcards\fR to be used in pathnames
-as well as command line arguments in the \fIsudoers\fR file. Wildcard
-matching is done via the \fB\s-1POSIX\s0\fR \f(CWfnmatch(3)\fR routine. Note that
-these are \fInot\fR regular expressions.
-.Ip "\f(CW*\fR" 8
-Matches any set of zero or more characters.
-.Ip "\f(CW?\fR" 8
-Matches any single character.
-.Ip "\f(CW[...]\fR" 8
-Matches any character in the specified range.
-.Ip "\f(CW[!...]\fR" 8
-Matches any character \fBnot\fR in the specified range.
-.Ip "\f(CW\ex\fR" 8
-For any character \*(L"x\*(R", evaluates to \*(L"x\*(R". This is used to
-escape special characters such as: \*(L"*\*(R", \*(L"?\*(R", \*(L"[\*(R", and \*(L"}\*(R".
-.PP
-Note that a forward slash ('/') will \fBnot\fR be matched by
-wildcards used in the pathname. When matching the command
-line arguments, however, as slash \fBdoes\fR get matched by
-wildcards. This is to make a path like:
-.PP
-.Vb 1
-\& /usr/bin/*
-.Ve
-match \f(CW/usr/bin/who\fR but not \f(CW/usr/bin/X11/xterm\fR.
-.Sh "Exceptions to wildcard rules:"
-The following exceptions apply to the above rules:
-.Ip \f(CW""\fR 8
-If the empty string \f(CW""\fR is the only command line argument in the
-\fIsudoers\fR entry it means that command is not allowed to be run
-with \fBany\fR arguments.
-.Sh "Other special characters and reserved words:"
-The pound sign ('#') is used to indicate a comment (unless it
-occurs in the context of a user name and is followed by one or
-more digits, in which case it is treated as a uid). Both the
-comment character and any text after it, up to the end of the line,
-are ignored.
-.PP
-The reserved word \fB\s-1ALL\s0\fR is a built in \fIalias\fR that always causes
-a match to succeed. It can be used wherever one might otherwise
-use a \f(CWCmnd_Alias\fR, \f(CWUser_Alias\fR, \f(CWRunas_Alias\fR, or \f(CWHost_Alias\fR.
-You should not try to define your own \fIalias\fR called \fB\s-1ALL\s0\fR as the
-built in alias will be used in preference to your own. Please note
-that using \fB\s-1ALL\s0\fR can be dangerous since in a command context, it
-allows the user to run \fBany\fR command on the system.
-.PP
-An exclamation point (\*(R'!') can be used as a logical \fInot\fR operator
-both in an \fIalias\fR and in front of a \f(CWCmnd\fR. This allows one to
-exclude certain values. Note, however, that using a \f(CW!\fR in
-conjunction with the built in \f(CWALL\fR alias to allow a user to
-run \*(L"all but a few\*(R" commands rarely works as intended (see \s-1SECURITY\s0
-\s-1NOTES\s0 below).
-.PP
-Long lines can be continued with a backslash (\*(R'\e') as the last
-character on the line.
-.PP
-Whitespace between elements in a list as well as specicial syntactic
-characters in a \fIUser Specification\fR ('=\*(R', \*(L':\*(R', \*(L'(\*(R', \*(L')') is optional.
-.PP
-The following characters must be escaped with a backslash (\*(R'\e') when
-used as part of a word (eg. a username or hostname):
-\&'@\*(R', \*(L'!\*(R', \*(L'=\*(R', \*(L':\*(R', \*(L',\*(R', \*(L'(\*(R', \*(L')\*(R', \*(L'\e\*(R'.
-.SH "EXAMPLES"
-Below are example \fIsudoers\fR entries. Admittedly, some of
-these are a bit contrived. First, we define our \fIaliases\fR:
-.PP
-.Vb 4
-\& # User alias specification
-\& User_Alias FULLTIMERS = millert, mikef, dowdy
-\& User_Alias PARTTIMERS = bostley, jwfox, crawl
-\& User_Alias WEBMASTERS = will, wendy, wim
-.Ve
-.Vb 3
-\& # Runas alias specification
-\& Runas_Alias OP = root, operator
-\& Runas_Alias DB = oracle, sybase
-.Ve
-.Vb 9
-\& # Host alias specification
-\& Host_Alias SPARC = bigtime, eclipse, moet, anchor :\e
-\& SGI = grolsch, dandelion, black :\e
-\& ALPHA = widget, thalamus, foobar :\e
-\& HPPA = boa, nag, python
-\& Host_Alias CUNETS = 128.138.0.0/255.255.0.0
-\& Host_Alias CSNETS = 128.138.243.0, 128.138.204.0/24, 128.138.242.0
-\& Host_Alias SERVERS = master, mail, www, ns
-\& Host_Alias CDROM = orion, perseus, hercules
-.Ve
-.Vb 12
-\& # Cmnd alias specification
-\& Cmnd_Alias DUMPS = /usr/bin/mt, /usr/sbin/dump, /usr/sbin/rdump,\e
-\& /usr/sbin/restore, /usr/sbin/rrestore
-\& Cmnd_Alias KILL = /usr/bin/kill
-\& Cmnd_Alias PRINTING = /usr/sbin/lpc, /usr/bin/lprm
-\& Cmnd_Alias SHUTDOWN = /usr/sbin/shutdown
-\& Cmnd_Alias HALT = /usr/sbin/halt, /usr/sbin/fasthalt
-\& Cmnd_Alias REBOOT = /usr/sbin/reboot, /usr/sbin/fastboot
-\& Cmnd_Alias SHELLS = /usr/bin/sh, /usr/bin/csh, /usr/bin/ksh, \e
-\& /usr/local/bin/tcsh, /usr/bin/rsh, \e
-\& /usr/local/bin/zsh
-\& Cmnd_Alias SU = /usr/bin/su
-.Ve
-Here we override some of the compiled in default values. We want
-sudo to log via \fIsyslog\fR\|(3) using the \fIauth\fR facility in all cases.
-We don't want to subject the full time staff to the \fBsudo\fR lecture,
-and user \fBmillert\fR need not give a password. In addition, on the
-machines in the \fISERVERS\fR \f(CWHost_Alias\fR, we keep an additional
-local log file and make sure we log the year in each log line since
-the log entries will be kept around for several years.
-.PP
-.Vb 5
-\& # Override builtin defaults
-\& Defaults syslog=auth
-\& Defaults:FULLTIMERS !lecture
-\& Defaults:millert !authenticate
-\& Defaults@SERVERS log_year, logfile=/var/log/sudo.log
-.Ve
-The \fIUser specification\fR is the part that actually determines who may
-run what.
-.PP
-.Vb 2
-\& root ALL = (ALL) ALL
-\& %wheel ALL = (ALL) ALL
-.Ve
-We let \fBroot\fR and any user in group \fBwheel\fR run any command on any
-host as any user.
-.PP
-.Vb 1
-\& FULLTIMERS ALL = NOPASSWD: ALL
-.Ve
-Full time sysadmins (\fBmillert\fR, \fBmikef\fR, and \fBdowdy\fR) may run any
-command on any host without authenticating themselves.
-.PP
-.Vb 1
-\& PARTTIMERS ALL = ALL
-.Ve
-Part time sysadmins (\fBbostley\fR, \fBjwfox\fR, and \fBcrawl\fR) may run any
-command on any host but they must authenticate themselves first
-(since the entry lacks the \f(CWNOPASSWD\fR tag).
-.PP
-.Vb 1
-\& jack CSNETS = ALL
-.Ve
-The user \fBjack\fR may run any command on the machines in the \fICSNETS\fR alias
-(the networks \f(CW128.138.243.0\fR, \f(CW128.138.204.0\fR, and \f(CW128.138.242.0\fR).
-Of those networks, only <128.138.204.0> has an explicit netmask (in
-CIDR notation) indicating it is a class C network. For the other
-networks in \fICSNETS\fR, the local machine's netmask will be used
-during matching.
-.PP
-.Vb 1
-\& lisa CUNETS = ALL
-.Ve
-The user \fBlisa\fR may run any command on any host in the \fICUNETS\fR alias
-(the class B network \f(CW128.138.0.0\fR).
-.PP
-.Vb 2
-\& operator ALL = DUMPS, KILL, PRINTING, SHUTDOWN, HALT, REBOOT,\e
-\& /usr/oper/bin/
-.Ve
-The \fBoperator\fR user may run commands limited to simple maintenance.
-Here, those are commands related to backups, killing processes, the
-printing system, shutting down the system, and any commands in the
-directory \fI/usr/oper/bin/\fR.
-.PP
-.Vb 1
-\& joe ALL = /usr/bin/su operator
-.Ve
-The user \fBjoe\fR may only \fIsu\fR\|(1) to operator.
-.PP
-.Vb 1
-\& pete HPPA = /usr/bin/passwd [A-z]*, !/usr/bin/passwd root
-.Ve
-The user \fBpete\fR is allowed to change anyone's password except for
-root on the \fIHPPA\fR machines. Note that this assumes \fIpasswd\fR\|(1)
-does not take multiple usernames on the command line.
-.PP
-.Vb 1
-\& bob SPARC = (OP) ALL : SGI = (OP) ALL
-.Ve
-The user \fBbob\fR may run anything on the \fISPARC\fR and \fISGI\fR machines
-as any user listed in the \fIOP\fR \f(CWRunas_Alias\fR (\fBroot\fR and \fBoperator\fR).
-.PP
-.Vb 1
-\& jim +biglab = ALL
-.Ve
-The user \fBjim\fR may run any command on machines in the \fIbiglab\fR netgroup.
-\fBSudo\fR knows that \*(L"biglab\*(R" is a netgroup due to the \*(L'+\*(R' prefix.
-.PP
-.Vb 1
-\& +secretaries ALL = PRINTING, /usr/bin/adduser, /usr/bin/rmuser
-.Ve
-Users in the \fBsecretaries\fR netgroup need to help manage the printers
-as well as add and remove users, so they are allowed to run those
-commands on all machines.
-.PP
-.Vb 1
-\& fred ALL = (DB) NOPASSWD: ALL
-.Ve
-The user \fBfred\fR can run commands as any user in the \fIDB\fR \f(CWRunas_Alias\fR
-(\fBoracle\fR or \fBsybase\fR) without giving a password.
-.PP
-.Vb 1
-\& john ALPHA = /usr/bin/su [!-]*, !/usr/bin/su *root*
-.Ve
-On the \fIALPHA\fR machines, user \fBjohn\fR may su to anyone except root
-but he is not allowed to give \fIsu\fR\|(1) any flags.
-.PP
-.Vb 1
-\& jen ALL, !SERVERS = ALL
-.Ve
-The user \fBjen\fR may run any command on any machine except for those
-in the \fISERVERS\fR \f(CWHost_Alias\fR (master, mail, www and ns).
-.PP
-.Vb 1
-\& jill SERVERS = /usr/bin/, !SU, !SHELLS
-.Ve
-For any machine in the \fISERVERS\fR \f(CWHost_Alias\fR, \fBjill\fR may run
-any commands in the directory /usr/bin/ except for those commands
-belonging to the \fISU\fR and \fISHELLS\fR \f(CWCmnd_Aliases\fR.
-.PP
-.Vb 1
-\& steve CSNETS = (operator) /usr/local/op_commands/
-.Ve
-The user \fBsteve\fR may run any command in the directory /usr/local/op_commands/
-but only as user operator.
-.PP
-.Vb 1
-\& matt valkyrie = KILL
-.Ve
-On his personal workstation, valkyrie, \fBmatt\fR needs to be able to
-kill hung processes.
-.PP
-.Vb 1
-\& WEBMASTERS www = (www) ALL, (root) /usr/bin/su www
-.Ve
-On the host www, any user in the \fIWEBMASTERS\fR \f(CWUser_Alias\fR (will,
-wendy, and wim), may run any command as user www (which owns the
-web pages) or simply \fIsu\fR\|(1) to www.
-.PP
-.Vb 2
-\& ALL CDROM = NOPASSWD: /sbin/umount /CDROM,\e
-\& /sbin/mount -o nosuid\e,nodev /dev/cd0a /CDROM
-.Ve
-Any user may mount or unmount a CD\-ROM on the machines in the CDROM
-\f(CWHost_Alias\fR (orion, perseus, hercules) without entering a password.
-This is a bit tedious for users to type, so it is a prime candiate
-for encapsulating in a shell script.
-.SH "SECURITY NOTES"
-It is generally not effective to \*(L"subtract\*(R" commands from \f(CWALL\fR
-using the \*(L'!\*(R' operator. A user can trivially circumvent this
-by copying the desired command to a different name and then
-executing that. For example:
-.PP
-.Vb 1
-\& bill ALL = ALL, !SU, !SHELLS
-.Ve
-Doesn't really prevent \fBbill\fR from running the commands listed in
-\fISU\fR or \fISHELLS\fR since he can simply copy those commands to a
-different name, or use a shell escape from an editor or other
-program. Therefore, these kind of restrictions should be considered
-advisory at best (and reinforced by policy).
-.SH "CAVEATS"
-The \fIsudoers\fR file should \fBalways\fR be edited by the \fBvisudo\fR
-command which locks the file and does grammatical checking. It is
-imperative that \fIsudoers\fR be free of syntax errors since \fBsudo\fR
-will not run with a syntactically incorrect \fIsudoers\fR file.
-.PP
-When using netgroups of machines (as opposed to users), if you
-store fully-qualified hostnames in the netgroup (as is usually the
-case), you either need to have the machine's hostname be fully-qualified
-as returned by the \f(CWhostname\fR command or use the \fIfqdn\fR option in
-\fIsudoers\fR.
-.SH "FILES"
-.PP
-.Vb 3
-\& /etc/sudoers List of who can run what
-\& /etc/group Local groups file
-\& /etc/netgroup List of network groups
-.Ve
-.SH "SEE ALSO"
-\fIsudo\fR\|(8), \fIvisudo\fR\|(8), \fIsu\fR\|(1), \fIfnmatch\fR\|(3).
-
-.rn }` ''
-.IX Title "sudoers 5"
-.IX Name "sudoers - list of which users may execute what"
-
-.IX Header "NAME"
-
-.IX Header "DESCRIPTION"
-
-.IX Subsection "Quick guide to \s-1EBNF\s0"
-
-.IX Item "\f(CW?\fR"
-
-.IX Item "\f(CW*\fR"
-
-.IX Item "\f(CW+\fR"
-
-.IX Subsection "Aliases"
-
-.IX Subsection "Defaults"
-
-.IX Item "long_otp_prompt"
-
-.IX Item "ignore_dot"
-
-.IX Item "mail_always"
-
-.IX Item "mail_no_user"
-
-.IX Item "mail_no_host"
-
-.IX Item "mail_no_perms"
-
-.IX Item "tty_tickets"
-
-.IX Item "lecture"
-
-.IX Item "authenticate"
-
-.IX Item "root_sudo"
-
-.IX Item "log_host"
-
-.IX Item "log_year"
-
-.IX Item "shell_noargs"
-
-.IX Item "set_home"
-
-.IX Item "path_info"
-
-.IX Item "fqdn"
-
-.IX Item "insults"
-
-.IX Item "requiretty"
-
-.IX Item "env_editor"
-
-.IX Item "rootpw"
-
-.IX Item "runaspw"
-
-.IX Item "targetpw"
-
-.IX Item "passwd_tries"
-
-.IX Item "loglinelen"
-
-.IX Item "timestamp_timeout"
-
-.IX Item "passwd_timeout"
-
-.IX Item "umask"
-
-.IX Item "mailsub"
-
-.IX Item "badpass_message"
-
-.IX Item "timestampdir"
-
-.IX Item "passprompt"
-
-.IX Item "runas_default"
-
-.IX Item "syslog_goodpri"
-
-.IX Item "syslog_badpri"
-
-.IX Item "editor"
-
-.IX Item "syslog"
-
-.IX Item "mailerpath"
-
-.IX Item "mailerflags"
-
-.IX Item "mailto"
-
-.IX Item "exempt_group"
-
-.IX Item "secure_path"
-
-.IX Item "verifypw"
-
-.IX Item "listpw"
-
-.IX Subsection "User Specification"
-
-.IX Subsection "Runas_Spec"
-
-.IX Subsection "\s-1NOPASSWD\s0 and \s-1PASSWD\s0"
-
-.IX Subsection "Wildcards (aka meta characters):"
-
-.IX Item "\f(CW*\fR"
-
-.IX Item "\f(CW?\fR"
-
-.IX Item "\f(CW[...]\fR"
-
-.IX Item "\f(CW[!...]\fR"
-
-.IX Item "\f(CW\ex\fR"
-
-.IX Subsection "Exceptions to wildcard rules:"
-
-.IX Item \f(CW""\fR
-
-.IX Subsection "Other special characters and reserved words:"
-
-.IX Header "EXAMPLES"
-
-.IX Header "SECURITY NOTES"
-
-.IX Header "CAVEATS"
-
-.IX Header "FILES"
-
-.IX Header "SEE ALSO"
-
+++ /dev/null
-.rn '' }`
-''' $RCSfile$$Revision$$Date$
-'''
-''' $Log$
-''' Revision 1.16 2000/02/16 00:07:28 millert
-''' crank versino to 1.6.3
-'''
-'''
-.de Sh
-.br
-.if t .Sp
-.ne 5
-.PP
-\fB\\$1\fR
-.PP
-..
-.de Sp
-.if t .sp .5v
-.if n .sp
-..
-.de Ip
-.br
-.ie \\n(.$>=3 .ne \\$3
-.el .ne 3
-.IP "\\$1" \\$2
-..
-.de Vb
-.ft CW
-.nf
-.ne \\$1
-..
-.de Ve
-.ft R
-
-.fi
-..
-'''
-'''
-''' Set up \*(-- to give an unbreakable dash;
-''' string Tr holds user defined translation string.
-''' Bell System Logo is used as a dummy character.
-'''
-.tr \(*W-|\(bv\*(Tr
-.ie n \{\
-.ds -- \(*W-
-.ds PI pi
-.if (\n(.H=4u)&(1m=24u) .ds -- \(*W\h'-12u'\(*W\h'-12u'-\" diablo 10 pitch
-.if (\n(.H=4u)&(1m=20u) .ds -- \(*W\h'-12u'\(*W\h'-8u'-\" diablo 12 pitch
-.ds L" ""
-.ds R" ""
-''' \*(M", \*(S", \*(N" and \*(T" are the equivalent of
-''' \*(L" and \*(R", except that they are used on ".xx" lines,
-''' such as .IP and .SH, which do another additional levels of
-''' double-quote interpretation
-.ds M" """
-.ds S" """
-.ds N" """""
-.ds T" """""
-.ds L' '
-.ds R' '
-.ds M' '
-.ds S' '
-.ds N' '
-.ds T' '
-'br\}
-.el\{\
-.ds -- \(em\|
-.tr \*(Tr
-.ds L" ``
-.ds R" ''
-.ds M" ``
-.ds S" ''
-.ds N" ``
-.ds T" ''
-.ds L' `
-.ds R' '
-.ds M' `
-.ds S' '
-.ds N' `
-.ds T' '
-.ds PI \(*p
-'br\}
-.\" If the F register is turned on, we'll generate
-.\" index entries out stderr for the following things:
-.\" TH Title
-.\" SH Header
-.\" Sh Subsection
-.\" Ip Item
-.\" X<> Xref (embedded
-.\" Of course, you have to process the output yourself
-.\" in some meaninful fashion.
-.if \nF \{
-.de IX
-.tm Index:\\$1\t\\n%\t"\\$2"
-..
-.nr % 0
-.rr F
-.\}
-.TH visudo 8 "1.6.3" "15/Feb/2000" "MAINTENANCE COMMANDS"
-.UC
-.if n .hy 0
-.if n .na
-.ds C+ C\v'-.1v'\h'-1p'\s-2+\h'-1p'+\s0\v'.1v'\h'-1p'
-.de CQ \" put $1 in typewriter font
-.ft CW
-'if n "\c
-'if t \\&\\$1\c
-'if n \\&\\$1\c
-'if n \&"
-\\&\\$2 \\$3 \\$4 \\$5 \\$6 \\$7
-'.ft R
-..
-.\" @(#)ms.acc 1.5 88/02/08 SMI; from UCB 4.2
-. \" AM - accent mark definitions
-.bd B 3
-. \" fudge factors for nroff and troff
-.if n \{\
-. ds #H 0
-. ds #V .8m
-. ds #F .3m
-. ds #[ \f1
-. ds #] \fP
-.\}
-.if t \{\
-. ds #H ((1u-(\\\\n(.fu%2u))*.13m)
-. ds #V .6m
-. ds #F 0
-. ds #[ \&
-. ds #] \&
-.\}
-. \" simple accents for nroff and troff
-.if n \{\
-. ds ' \&
-. ds ` \&
-. ds ^ \&
-. ds , \&
-. ds ~ ~
-. ds ? ?
-. ds ! !
-. ds /
-. ds q
-.\}
-.if t \{\
-. ds ' \\k:\h'-(\\n(.wu*8/10-\*(#H)'\'\h"|\\n:u"
-. ds ` \\k:\h'-(\\n(.wu*8/10-\*(#H)'\`\h'|\\n:u'
-. ds ^ \\k:\h'-(\\n(.wu*10/11-\*(#H)'^\h'|\\n:u'
-. ds , \\k:\h'-(\\n(.wu*8/10)',\h'|\\n:u'
-. ds ~ \\k:\h'-(\\n(.wu-\*(#H-.1m)'~\h'|\\n:u'
-. ds ? \s-2c\h'-\w'c'u*7/10'\u\h'\*(#H'\zi\d\s+2\h'\w'c'u*8/10'
-. ds ! \s-2\(or\s+2\h'-\w'\(or'u'\v'-.8m'.\v'.8m'
-. ds / \\k:\h'-(\\n(.wu*8/10-\*(#H)'\z\(sl\h'|\\n:u'
-. ds q o\h'-\w'o'u*8/10'\s-4\v'.4m'\z\(*i\v'-.4m'\s+4\h'\w'o'u*8/10'
-.\}
-. \" troff and (daisy-wheel) nroff accents
-.ds : \\k:\h'-(\\n(.wu*8/10-\*(#H+.1m+\*(#F)'\v'-\*(#V'\z.\h'.2m+\*(#F'.\h'|\\n:u'\v'\*(#V'
-.ds 8 \h'\*(#H'\(*b\h'-\*(#H'
-.ds v \\k:\h'-(\\n(.wu*9/10-\*(#H)'\v'-\*(#V'\*(#[\s-4v\s0\v'\*(#V'\h'|\\n:u'\*(#]
-.ds _ \\k:\h'-(\\n(.wu*9/10-\*(#H+(\*(#F*2/3))'\v'-.4m'\z\(hy\v'.4m'\h'|\\n:u'
-.ds . \\k:\h'-(\\n(.wu*8/10)'\v'\*(#V*4/10'\z.\v'-\*(#V*4/10'\h'|\\n:u'
-.ds 3 \*(#[\v'.2m'\s-2\&3\s0\v'-.2m'\*(#]
-.ds o \\k:\h'-(\\n(.wu+\w'\(de'u-\*(#H)/2u'\v'-.3n'\*(#[\z\(de\v'.3n'\h'|\\n:u'\*(#]
-.ds d- \h'\*(#H'\(pd\h'-\w'~'u'\v'-.25m'\f2\(hy\fP\v'.25m'\h'-\*(#H'
-.ds D- D\\k:\h'-\w'D'u'\v'-.11m'\z\(hy\v'.11m'\h'|\\n:u'
-.ds th \*(#[\v'.3m'\s+1I\s-1\v'-.3m'\h'-(\w'I'u*2/3)'\s-1o\s+1\*(#]
-.ds Th \*(#[\s+2I\s-2\h'-\w'I'u*3/5'\v'-.3m'o\v'.3m'\*(#]
-.ds ae a\h'-(\w'a'u*4/10)'e
-.ds Ae A\h'-(\w'A'u*4/10)'E
-.ds oe o\h'-(\w'o'u*4/10)'e
-.ds Oe O\h'-(\w'O'u*4/10)'E
-. \" corrections for vroff
-.if v .ds ~ \\k:\h'-(\\n(.wu*9/10-\*(#H)'\s-2\u~\d\s+2\h'|\\n:u'
-.if v .ds ^ \\k:\h'-(\\n(.wu*10/11-\*(#H)'\v'-.4m'^\v'.4m'\h'|\\n:u'
-. \" for low resolution devices (crt and lpr)
-.if \n(.H>23 .if \n(.V>19 \
-\{\
-. ds : e
-. ds 8 ss
-. ds v \h'-1'\o'\(aa\(ga'
-. ds _ \h'-1'^
-. ds . \h'-1'.
-. ds 3 3
-. ds o a
-. ds d- d\h'-1'\(ga
-. ds D- D\h'-1'\(hy
-. ds th \o'bp'
-. ds Th \o'LP'
-. ds ae ae
-. ds Ae AE
-. ds oe oe
-. ds Oe OE
-.\}
-.rm #[ #] #H #V #F C
-.SH "NAME"
-visudo \- edit the sudoers file
-.SH "SYNOPSIS"
-\fBvisudo\fR [ \fB\-s\fR ] [ \fB\-V\fR ]
-.SH "DESCRIPTION"
-\fBvisudo\fR edits the \fIsudoers\fR file in a safe fashion, analogous to
-\fIvipw\fR\|(8). \fBvisudo\fR locks the \fIsudoers\fR file against multiple
-simultaneous edits, provides basic sanity checks, and checks
-for parse errors. If the \fIsudoers\fR file is currently being
-edited you will receive a message to try again later. In the
-default configuration, the \fIvi\fR\|(1) editor is used, but there is
-a compile time option to allow use of whatever editor the
-environment variables \f(CWEDITOR\fR or \f(CWVISUAL\fR are set to.
-.PP
-\fBvisudo\fR parses the \fIsudoers\fR file after the edit and will
-not save the changes if there is a syntax error. Upon finding
-an error, a message will be printed stating the line \fInumber\fR\|(s)
-that the error occurred on and the user will receive the
-\*(L"What now?\*(R" prompt. At this point the user may enter \*(L"e\*(R"
-to re-edit the \fIsudoers\fR file, enter \*(L"x\*(R" to exit without
-saving the changes, or \*(L"Q\*(R" to quit and save changes. The
-\*(L"Q\*(R" option should be used with extreme care because if \fBvisudo\fR
-believes there to be a parse error, so will \fBsudo\fR and no one
-will be able to execute \fBsudo\fR again until the error is fixed.
-Any other command at this prompt will print a short help message.
-When editing the \fIsudoers\fR file after a parse error has been
-detected the cursor will be placed on the line where the error
-occurred (if the editor supports this feature).
-.SH "OPTIONS"
-\fBvisudo\fR accepts the following command line option:
-.Ip "-s" 4
-Enable \fBstrict\fR checking of the \fIsudoers\fR file. If an alias is
-used before it is defined, \fBvisudo\fR will consider this a parse
-error. Note that it is not possible to differentiate between an
-alias and a hostname or username that consists solely of upper case
-letters, digits, and the underscore ('_') character.
-.Ip "-V" 4
-The \f(CW-V\fR (version) option causes \fBvisudo\fR to print the version number
-and exit.
-.SH "ERRORS"
-.Ip "sudoers file busy, try again later." 4
-Someone else is currently editing the \fIsudoers\fR file.
-.Ip "/etc/sudoers.tmp: Permission denied" 4
-You didn't run \fBvisudo\fR as root.
-.Ip "Can't find you in the passwd database" 4
-Your userid does not appear in the system passwd file.
-.Ip "Warning: undeclared Alias referenced near ..." 4
-Either you are using a {User,Runas,Host,Cmnd}_Alias before
-defining it or you have a user or hostname listed that
-consists solely of upper case letters, digits, and the
-underscore ('_') character. If the latter, you can ignore
-the warnings (\fBsudo\fR will not complain). In \fB\-s\fR (strict)
-mode these are errors not warnings.
-.SH "ENVIRONMENT"
-The following environment variables are used only if \fBvisudo\fR
-was configured with the \fI--with-env-editor\fR option:
-.PP
-.Vb 2
-\& EDITOR Used by visudo as the editor to use
-\& VISUAL Used by visudo if EDITOR is not set
-.Ve
-.SH "FILES"
-.PP
-.Vb 2
-\& /etc/sudoers List of who can run what
-\& /etc/sudoers.tmp Lock file for visudo
-.Ve
-.SH "AUTHOR"
-Many people have worked on \fIsudo\fR over the years, this version of
-\fBvisudo\fR was written by:
-.PP
-.Vb 1
-\& Todd Miller <Todd.Miller@courtesan.com>
-.Ve
-See the HISTORY file in the sudo distribution for more details.
-.SH "BUGS"
-If you feel you have found a bug in sudo, please submit a bug report
-at http://www.courtesan.com/sudo/bugs/
-.SH "DISCLAIMER"
-\fBVisudo\fR is provided ``AS IS'\*(R' and any express or implied warranties,
-including, but not limited to, the implied warranties of merchantability
-and fitness for a particular purpose are disclaimed.
-See the LICENSE file distributed with \fBsudo\fR for complete details.
-.SH "CAVEATS"
-There is no easy way to prevent a user from gaining a root shell if
-the editor used by \fBvisudo\fR allows shell escapes.
-.SH "SEE ALSO"
-\fIsudo\fR\|(8), \fIvipw\fR\|(8).
-
-.rn }` ''
-.IX Title "visudo 8"
-.IX Name "visudo - edit the sudoers file"
-
-.IX Header "NAME"
-
-.IX Header "SYNOPSIS"
-
-.IX Header "DESCRIPTION"
-
-.IX Header "OPTIONS"
-
-.IX Item "-s"
-
-.IX Item "-V"
-
-.IX Header "ERRORS"
-
-.IX Item "sudoers file busy, try again later."
-
-.IX Item "/etc/sudoers.tmp: Permission denied"
-
-.IX Item "Can't find you in the passwd database"
-
-.IX Item "Warning: undeclared Alias referenced near ..."
-
-.IX Header "ENVIRONMENT"
-
-.IX Header "FILES"
-
-.IX Header "AUTHOR"
-
-.IX Header "BUGS"
-
-.IX Header "DISCLAIMER"
-
-.IX Header "CAVEATS"
-
-.IX Header "SEE ALSO"
-
projects / sudo / commitdiff