o\bo scheduling priority (aka nice value)
- P\bPr\bro\boc\bce\bes\bss\bs M\bMo\bod\bde\bel\bl
+ P\bPr\bro\boc\bce\bes\bss\bs m\bmo\bod\bde\bel\bl
When s\bsu\bud\bdo\bo runs a command, it calls fork(2), sets up the execution
environment as described above, and calls the execve system call in the
child process. The main s\bsu\bud\bdo\bo process waits until the command has
would be in what POSIX terms an ``orphaned process group'' and it would
not receive any job control signals.
- S\bSi\big\bgn\bna\bal\bl H\bHa\ban\bnd\bdl\bli\bin\bng\bg
+ S\bSi\big\bgn\bna\bal\bl h\bha\ban\bnd\bdl\bli\bin\bng\bg
Because the command is run as a child of the s\bsu\bud\bdo\bo process, s\bsu\bud\bdo\bo will
relay signals it receives to the command. Unless the command is being
run in a new pty, the SIGHUP, SIGINT and SIGQUIT signals are not relayed
.TP 4n
\fBo\fR
scheduling priority (aka nice value)
-.SS "Process Model"
+.SS "Process model"
When
\fBsudo\fR
runs a command, it calls
Without it, the command would be in what POSIX terms an
``orphaned process group''
and it would not receive any job control signals.
-.SS "Signal Handling"
+.SS "Signal handling"
Because the command is run as a child of the
\fBsudo\fR
process,
.It
scheduling priority (aka nice value)
.El
-.Ss Process Model
+.Ss Process model
When
.Nm sudo
runs a command, it calls
Without it, the command would be in what POSIX terms an
.Dq orphaned process group
and it would not receive any job control signals.
-.Ss Signal Handling
+.Ss Signal handling
Because the command is run as a child of the
.Nm sudo
process,
The plugin API is defined by the sudo_plugin.h header file.
- T\bTh\bhe\be s\bsu\bud\bdo\bo.\b.c\bco\bon\bnf\bf F\bFi\bil\ble\be
+ T\bTh\bhe\be s\bsu\bud\bdo\bo.\b.c\bco\bon\bnf\bf f\bfi\bil\ble\be
The _\b/_\be_\bt_\bc_\b/_\bs_\bu_\bd_\bo_\b._\bc_\bo_\bn_\bf file contains plugin configuration directives. The
primary keyword is the Plugin directive, which causes a plugin to be
loaded.
Plugin sudoers_policy sudoers.so
Plugin sudoers_io sudoers.so
- P\bPo\bol\bli\bic\bcy\by P\bPl\blu\bug\bgi\bin\bn A\bAP\bPI\bI
+ P\bPo\bol\bli\bic\bcy\by p\bpl\blu\bug\bgi\bin\bn A\bAP\bPI\bI
A policy plugin must declare and populate a policy_plugin struct in the
global scope. This structure contains pointers to the functions that
implement the s\bsu\bud\bdo\bo policy checks. The name of the symbol should be
the hook type is not supported and -1 if the major version in
struct hook does not match the front end's major hook API version.
- See the _\bH_\bo_\bo_\bk _\bF_\bu_\bn_\bc_\bt_\bi_\bo_\bn _\bA_\bP_\bI section below for more information about
+ See the _\bH_\bo_\bo_\bk _\bf_\bu_\bn_\bc_\bt_\bi_\bo_\bn _\bA_\bP_\bI section below for more information about
hooks.
NOTE: the r\bre\beg\bgi\bis\bst\bte\ber\br_\b_h\bho\boo\bok\bks\bs() function is only available starting with
the plugin tries to deregister a hook that the front end does not
support, deregister_hook will return an error.
- See the _\bH_\bo_\bo_\bk _\bF_\bu_\bn_\bc_\bt_\bi_\bo_\bn _\bA_\bP_\bI section below for more information about
+ See the _\bH_\bo_\bo_\bk _\bf_\bu_\bn_\bc_\bt_\bi_\bo_\bn _\bA_\bP_\bI section below for more information about
hooks.
NOTE: the d\bde\ber\bre\beg\bgi\bis\bst\bte\ber\br_\b_h\bho\boo\bok\bks\bs() function is only available starting
*(vp) = (*(vp) & 0xffff0000) | (n); \
} while(0)
- I\bI/\b/O\bO P\bPl\blu\bug\bgi\bin\bn A\bAP\bPI\bI
+ I\bI/\b/O\bO p\bpl\blu\bug\bgi\bin\bn A\bAP\bPI\bI
struct io_plugin {
#define SUDO_IO_PLUGIN 2
unsigned int type; /* always SUDO_IO_PLUGIN */
equal sign (`=') since the _\bn_\ba_\bm_\be field will never include one
itself but the _\bv_\ba_\bl_\bu_\be might.
- See the _\bP_\bo_\bl_\bi_\bc_\by _\bP_\bl_\bu_\bg_\bi_\bn _\bA_\bP_\bI section for a list of all possible
+ See the _\bP_\bo_\bl_\bi_\bc_\by _\bp_\bl_\bu_\bg_\bi_\bn _\bA_\bP_\bI section for a list of all possible
settings.
user_info
equal sign (`=') since the _\bn_\ba_\bm_\be field will never include one
itself but the _\bv_\ba_\bl_\bu_\be might.
- See the _\bP_\bo_\bl_\bi_\bc_\by _\bP_\bl_\bu_\bg_\bi_\bn _\bA_\bP_\bI section for a list of all possible
+ See the _\bP_\bo_\bl_\bi_\bc_\by _\bp_\bl_\bu_\bg_\bi_\bn _\bA_\bP_\bI section for a list of all possible
strings.
argc The number of elements in _\ba_\br_\bg_\bv, not counting the final NULL
len The length of _\bb_\bu_\bf in bytes.
register_hooks
- See the _\bP_\bo_\bl_\bi_\bc_\by _\bP_\bl_\bu_\bg_\bi_\bn _\bA_\bP_\bI section for a description of
+ See the _\bP_\bo_\bl_\bi_\bc_\by _\bp_\bl_\bu_\bg_\bi_\bn _\bA_\bP_\bI section for a description of
register_hooks.
deregister_hooks
- See the _\bP_\bo_\bl_\bi_\bc_\by _\bP_\bl_\bu_\bg_\bi_\bn _\bA_\bP_\bI section for a description of
+ See the _\bP_\bo_\bl_\bi_\bc_\by _\bp_\bl_\bu_\bg_\bi_\bn _\bA_\bP_\bI section for a description of
deregister_hooks.
_\bI_\b/_\bO _\bP_\bl_\bu_\bg_\bi_\bn _\bV_\be_\br_\bs_\bi_\bo_\bn _\bM_\ba_\bc_\br_\bo_\bs
- Same as for the _\bP_\bo_\bl_\bi_\bc_\by _\bP_\bl_\bu_\bg_\bi_\bn _\bA_\bP_\bI.
+ Same as for the _\bP_\bo_\bl_\bi_\bc_\by _\bp_\bl_\bu_\bg_\bi_\bn _\bA_\bP_\bI.
- H\bHo\boo\bok\bk F\bFu\bun\bnc\bct\bti\bio\bon\bn A\bAP\bPI\bI
+ H\bHo\boo\bok\bk f\bfu\bun\bnc\bct\bti\bio\bon\bn A\bAP\bPI\bI
Beginning with plugin API version 1.2, it is possible to install hooks
for certain functions called by the s\bsu\bud\bdo\bo front end.
See the sample plugin for an example of the c\bco\bon\bnv\bve\ber\brs\bsa\bat\bti\bio\bon\bn() function
usage.
- S\bSu\bud\bdo\boe\ber\brs\bs G\bGr\bro\bou\bup\bp P\bPl\blu\bug\bgi\bin\bn A\bAP\bPI\bI
+ S\bSu\bud\bdo\boe\ber\brs\bs g\bgr\bro\bou\bup\bp p\bpl\blu\bug\bgi\bin\bn A\bAP\bPI\bI
The _\bs_\bu_\bd_\bo_\be_\br_\bs module supports a plugin interface to allow non-Unix group
lookups. This can be used to query a group source other than the
standard Unix group database. A sample group plugin is bundled with s\bsu\bud\bdo\bo
The plugin API is defined by the
\fRsudo_plugin.h\fR
header file.
-.SS "The sudo.conf File"
+.SS "The sudo.conf file"
The
\fI@sysconfdir@/sudo.conf\fR
file contains plugin configuration directives.
Plugin sudoers_io sudoers.so
.RE
.fi
-.SS "Policy Plugin API"
+.SS "Policy plugin API"
A policy plugin must declare and populate a
\fRpolicy_plugin\fR
struct in the global scope.
does not match the front end's major hook API version.
.sp
See the
-\fIHook Function API\fR
+\fIHook function API\fR
section below for more information
about hooks.
.sp
will return an error.
.sp
See the
-\fIHook Function API\fR
+\fIHook function API\fR
section below for more information
about hooks.
.sp
} while(0)
.RE
.fi
-.SS "I/O Plugin API"
+.SS "I/O plugin API"
.nf
.RS 0n
struct io_plugin {
might.
.sp
See the
-\fIPolicy Plugin API\fR
+\fIPolicy plugin API\fR
section for a list of all possible settings.
.TP 6n
user_info
might.
.sp
See the
-\fIPolicy Plugin API\fR
+\fIPolicy plugin API\fR
section for a list of all possible strings.
.TP 6n
argc
.TP 6n
register_hooks
See the
-\fIPolicy Plugin API\fR
+\fIPolicy plugin API\fR
section for a description of
\fRregister_hooks\fR.
.PD
.TP 6n
deregister_hooks
See the
-\fIPolicy Plugin API\fR
+\fIPolicy plugin API\fR
section for a description of
\fRderegister_hooks.\fR
.PP
\fII/O Plugin Version Macros\fR
.PP
Same as for the
-\fIPolicy Plugin API\fR.
-.SS "Hook Function API"
+\fIPolicy plugin API\fR.
+.SS "Hook function API"
Beginning with plugin API version 1.2, it is possible to install
hooks for certain functions called by the
\fBsudo\fR
See the sample plugin for an example of the
\fBconversation\fR()
function usage.
-.SS "Sudoers Group Plugin API"
+.SS "Sudoers group plugin API"
The
\fIsudoers\fR
module supports a plugin interface to allow non-Unix
The plugin API is defined by the
.Li sudo_plugin.h
header file.
-.Ss The sudo.conf File
+.Ss The sudo.conf file
The
.Pa @sysconfdir@/sudo.conf
file contains plugin configuration directives.
Plugin sudoers_policy sudoers.so
Plugin sudoers_io sudoers.so
.Ed
-.Ss Policy Plugin API
+.Ss Policy plugin API
A policy plugin must declare and populate a
.Li policy_plugin
struct in the global scope.
does not match the front end's major hook API version.
.Pp
See the
-.Sx Hook Function API
+.Sx Hook function API
section below for more information
about hooks.
.Pp
will return an error.
.Pp
See the
-.Sx Hook Function API
+.Sx Hook function API
section below for more information
about hooks.
.Pp
*(vp) = (*(vp) & 0xffff0000) | (n); \e
} while(0)
.Ed
-.Ss I/O Plugin API
+.Ss I/O plugin API
.Bd -literal
struct io_plugin {
#define SUDO_IO_PLUGIN 2
might.
.Pp
See the
-.Sx Policy Plugin API
+.Sx Policy plugin API
section for a list of all possible settings.
.It user_info
A vector of information about the user running the command in the form of
might.
.Pp
See the
-.Sx Policy Plugin API
+.Sx Policy plugin API
section for a list of all possible strings.
.It argc
The number of elements in
.El
.It register_hooks
See the
-.Sx Policy Plugin API
+.Sx Policy plugin API
section for a description of
.Li register_hooks .
.It deregister_hooks
See the
-.Sx Policy Plugin API
+.Sx Policy plugin API
section for a description of
.Li deregister_hooks.
.El
.Em I/O Plugin Version Macros
.Pp
Same as for the
-.Sx Policy Plugin API .
-.Ss Hook Function API
+.Sx Policy plugin API .
+.Ss Hook function API
Beginning with plugin API version 1.2, it is possible to install
hooks for certain functions called by the
.Nm sudo
See the sample plugin for an example of the
.Fn conversation
function usage.
-.Ss Sudoers Group Plugin API
+.Ss Sudoers group plugin API
The
.Em sudoers
module supports a plugin interface to allow non-Unix
the _\bS_\bU_\bD_\bO_\bE_\bR_\bS _\bF_\bI_\bL_\bE _\bF_\bO_\bR_\bM_\bA_\bT section. For information on storing _\bs_\bu_\bd_\bo_\be_\br_\bs
policy information in LDAP, please see sudoers.ldap(4).
- A\bAu\but\bth\bhe\ben\bnt\bti\bic\bca\bat\bti\bio\bon\bn a\ban\bnd\bd L\bLo\bog\bgg\bgi\bin\bng\bg
+ A\bAu\but\bth\bhe\ben\bnt\bti\bic\bca\bat\bti\bio\bon\bn a\ban\bnd\bd l\blo\bog\bgg\bgi\bin\bng\bg
The _\bs_\bu_\bd_\bo_\be_\br_\bs security policy requires that most users authenticate
themselves before they can use s\bsu\bud\bdo\bo. A password is not required if the
invoking user is root, if the target user is the same as the invoking
_\bl_\bo_\bg_\b__\bo_\bu_\bt_\bp_\bu_\bt Defaults flags as well as the LOG_INPUT and LOG_OUTPUT command
tags.
- C\bCo\bom\bmm\bma\ban\bnd\bd E\bEn\bnv\bvi\bir\bro\bon\bnm\bme\ben\bnt\bt
+ C\bCo\bom\bmm\bma\ban\bnd\bd e\ben\bnv\bvi\bir\bro\bon\bnm\bme\ben\bnt\bt
Since environment variables can influence program behavior, _\bs_\bu_\bd_\bo_\be_\br_\bs
provides a means to restrict which variables from the user's environment
are inherited by the command to be run. There are two distinct ways
See _\bS_\bU_\bD_\bO_\bE_\bR_\bS _\bO_\bP_\bT_\bI_\bO_\bN_\bS for a list of supported Defaults parameters.
- U\bUs\bse\ber\br S\bSp\bpe\bec\bci\bif\bfi\bic\bca\bat\bti\bio\bon\bn
+ U\bUs\bse\ber\br s\bsp\bpe\bec\bci\bif\bfi\bic\bca\bat\bti\bio\bon\bn
User_Spec ::= User_List Host_List '=' Cmnd_Spec_List \
(':' Host_List '=' Cmnd_Spec_List)*
aaron shanty = NOEXEC: /usr/bin/more, /usr/bin/vi
- See the _\bP_\br_\be_\bv_\be_\bn_\bt_\bi_\bn_\bg _\bS_\bh_\be_\bl_\bl _\bE_\bs_\bc_\ba_\bp_\be_\bs section below for more details on how
+ See the _\bP_\br_\be_\bv_\be_\bn_\bt_\bi_\bn_\bg _\bs_\bh_\be_\bl_\bl _\be_\bs_\bc_\ba_\bp_\be_\bs section below for more details on how
NOEXEC works and whether or not it will work on your system.
_\bS_\bE_\bT_\bE_\bN_\bV _\ba_\bn_\bd _\bN_\bO_\bS_\bE_\bT_\bE_\bN_\bV
noexec If set, all commands run via s\bsu\bud\bdo\bo will behave as if the
NOEXEC tag has been set, unless overridden by a EXEC
tag. See the description of _\bN_\bO_\bE_\bX_\bE_\bC _\ba_\bn_\bd _\bE_\bX_\bE_\bC below as
- well as the _\bP_\br_\be_\bv_\be_\bn_\bt_\bi_\bn_\bg _\bS_\bh_\be_\bl_\bl _\bE_\bs_\bc_\ba_\bp_\be_\bs section at the end
+ well as the _\bP_\br_\be_\bv_\be_\bn_\bt_\bi_\bn_\bg _\bs_\bh_\be_\bl_\bl _\be_\bs_\bc_\ba_\bp_\be_\bs section at the end
of this manual. This flag is _\bo_\bf_\bf by default.
path_info Normally, s\bsu\bud\bdo\bo will tell the user when a command could
Plugin policy_plugin sudoers.so
Plugin io_plugin sudoers.so
- P\bPl\blu\bug\bgi\bin\bn O\bOp\bpt\bti\bio\bon\bns\bs
+ P\bPl\blu\bug\bgi\bin\bn o\bop\bpt\bti\bio\bon\bns\bs
Starting with s\bsu\bud\bdo\bo 1.8.5, it is possible to pass options to the _\bs_\bu_\bd_\bo_\be_\br_\bs
plugin. Options may be listed after the path to the plugin (i.e. after
_\bs_\bu_\bd_\bo_\be_\br_\bs_\b._\bs_\bo); multiple options should be space-separated. For example:
file mode for the sudoers file. It should be specified as an
octal value.
- D\bDe\beb\bbu\bug\bg F\bFl\bla\bag\bgs\bs
+ D\bDe\beb\bbu\bug\bg f\bfl\bla\bag\bgs\bs
Versions 1.8.4 and higher of the _\bs_\bu_\bd_\bo_\be_\br_\bs plugin supports a debugging
framework that can help track down what the plugin is doing internally if
there is a problem. This can be configured in the _\b/_\be_\bt_\bc_\b/_\bs_\bu_\bd_\bo_\b._\bc_\bo_\bn_\bf file as
User j\bjo\boh\bhn\bn can still run /usr/bin/passwd root if _\bf_\ba_\bs_\bt_\b__\bg_\bl_\bo_\bb is enabled by
changing to _\b/_\bu_\bs_\br_\b/_\bb_\bi_\bn and running ./passwd root instead.
- P\bPr\bre\bev\bve\ben\bnt\bti\bin\bng\bg S\bSh\bhe\bel\bll\bl E\bEs\bsc\bca\bap\bpe\bes\bs
+ P\bPr\bre\bev\bve\ben\bnt\bti\bin\bng\bg s\bsh\bhe\bel\bll\bl e\bes\bsc\bca\bap\bpe\bes\bs
Once s\bsu\bud\bdo\bo executes a program, that program is free to do whatever it
pleases, including run other programs. This can be a security issue
since it is not uncommon for a program to allow shell escapes, which lets
sudoHost: ALL
sudoHost: !web01
- S\bSu\bud\bdo\boe\ber\brs\bs S\bSc\bch\bhe\bem\bma\ba
+ S\bSu\bud\bdo\boe\ber\brs\bs s\bsc\bch\bhe\bem\bma\ba
In order to use s\bsu\bud\bdo\bo's LDAP support, the s\bsu\bud\bdo\bo schema must be installed on
your LDAP server. In addition, be sure to index the sudoUser attribute.
sudoHost: !web01
.RE
.fi
-.SS "Sudoers Schema"
+.SS "Sudoers schema"
In order to use
\fBsudo\fR's
LDAP support, the
sudoHost: ALL
sudoHost: !web01
.Ed
-.Ss Sudoers Schema
+.Ss Sudoers schema
In order to use
.Nm sudo Ns No 's
LDAP support, the
policy information
in LDAP, please see
sudoers.ldap(@mansectform@).
-.SS "Authentication and Logging"
+.SS "Authentication and logging"
The
\fIsudoers\fR
security policy requires that most users authenticate
and
\fRLOG_OUTPUT\fR
command tags.
-.SS "Command Environment"
+.SS "Command environment"
Since environment variables can influence program behavior,
\fIsudoers\fR
provides a means to restrict which variables from the user's
See
\fISUDOERS OPTIONS\fR
for a list of supported Defaults parameters.
-.SS "User Specification"
+.SS "User specification"
.nf
.RS 0n
User_Spec ::= User_List Host_List '=' Cmnd_Spec_List \e
.fi
.PP
See the
-\fIPreventing Shell Escapes\fR
+\fIPreventing shell escapes\fR
section below for more details on how
\fRNOEXEC\fR
works and whether or not it will work on your system.
See the description of
\fINOEXEC and EXEC\fR
below as well as the
-\fIPreventing Shell Escapes\fR
+\fIPreventing shell escapes\fR
section at the end of this manual.
This flag is
\fIoff\fR
Plugin io_plugin sudoers.so
.RE
.fi
-.SS "Plugin Options"
+.SS "Plugin options"
Starting with
\fBsudo\fR
1.8.5, it is possible to pass options to the
\fIsudoers_mode\fR
option can be used to override the default file mode for the sudoers file.
It should be specified as an octal value.
-.SS "Debug Flags"
+.SS "Debug flags"
Versions 1.8.4 and higher of the
\fIsudoers\fR
plugin supports a debugging framework that can help track down what the
and running
\fR./passwd root\fR
instead.
-.SS "Preventing Shell Escapes"
+.SS "Preventing shell escapes"
Once
\fBsudo\fR
executes a program, that program is free to do whatever
policy information
in LDAP, please see
.Xr sudoers.ldap @mansectform@ .
-.Ss Authentication and Logging
+.Ss Authentication and logging
The
.Em sudoers
security policy requires that most users authenticate
and
.Li LOG_OUTPUT
command tags.
-.Ss Command Environment
+.Ss Command environment
Since environment variables can influence program behavior,
.Em sudoers
provides a means to restrict which variables from the user's
See
.Sx SUDOERS OPTIONS
for a list of supported Defaults parameters.
-.Ss User Specification
+.Ss User specification
.Bd -literal
User_Spec ::= User_List Host_List '=' Cmnd_Spec_List \e
(':' Host_List '=' Cmnd_Spec_List)*
.Ed
.Pp
See the
-.Sx Preventing Shell Escapes
+.Sx Preventing shell escapes
section below for more details on how
.Li NOEXEC
works and whether or not it will work on your system.
See the description of
.Em NOEXEC and EXEC
below as well as the
-.Sx Preventing Shell Escapes
+.Sx Preventing shell escapes
section at the end of this manual.
This flag is
.Em off
Plugin policy_plugin sudoers.so
Plugin io_plugin sudoers.so
.Ed
-.Ss Plugin Options
+.Ss Plugin options
Starting with
.Nm sudo
1.8.5, it is possible to pass options to the
option can be used to override the default file mode for the sudoers file.
It should be specified as an octal value.
.El
-.Ss Debug Flags
+.Ss Debug flags
Versions 1.8.4 and higher of the
.Em sudoers
plugin supports a debugging framework that can help track down what the
and running
.Li ./passwd root
instead.
-.Ss Preventing Shell Escapes
+.Ss Preventing shell escapes
Once
.Nm sudo
executes a program, that program is free to do whatever
projects / sudo / commitdiff