-1.8.0a1 May 13, 2010 1
+1.8.0a1 May 14, 2010 1
-1.8.0a1 May 13, 2010 2
+1.8.0a1 May 14, 2010 2
-1.8.0a1 May 13, 2010 3
+1.8.0a1 May 14, 2010 3
-1.8.0a1 May 13, 2010 4
+1.8.0a1 May 14, 2010 4
-1.8.0a1 May 13, 2010 5
+1.8.0a1 May 14, 2010 5
-1.8.0a1 May 13, 2010 6
+1.8.0a1 May 14, 2010 6
-1.8.0a1 May 13, 2010 7
+1.8.0a1 May 14, 2010 7
-1.8.0a1 May 13, 2010 8
+1.8.0a1 May 14, 2010 8
char **argv_out[], char **user_env_out[]);
The _\bc_\bh_\be_\bc_\bk_\b__\bs_\bu_\bd_\bo_\be_\bd_\bi_\bt function is called instead of _\bc_\bh_\be_\bc_\bk_\b__\bp_\bo_\bl_\bi_\bc_\by when
- s\bsu\bud\bdo\bo is invoked as s\bsu\bud\bdo\boe\bed\bdi\bit\bt or with the -e flag. s\bsu\bud\bdo\boe\bed\bdi\bit\bt is a
- mechanism for editing one or more files where the user's editor is
- run with the user's credentials instead of elevated privileges.
- s\bsu\bud\bdo\bo does this by creating user-writable temporary copies of the
- files to be edited and then overwriting the originals with the
- temporary copies after editing is complete.
+ s\bsu\bud\bdo\bo is invoked as s\bsu\bud\bdo\boe\bed\bdi\bit\bt or when the -e flag is specified.
+ s\bsu\bud\bdo\boe\bed\bdi\bit\bt is a mechanism for editing one or more files where an
+ editor is run with the user's credentials instead of with elevated
+ privileges. s\bsu\bud\bdo\bo achieves this by creating user-writable temporary
+ copies of the files to be edited and then overwriting the originals
+ with the temporary copies after editing is complete.
The plugin should choose the editor to be used, potentially from a
- variable in the user's environment, and include it in _\ba_\br_\bg_\bv_\b__\bo_\bu_\bt.
- The files to be edited should be copied from _\ba_\br_\bg_\bv into _\ba_\br_\bg_\bv_\b__\bo_\bu_\bt,
- separated from the editor and its arguments by a "--" element. The
- "--" will be removed by s\bsu\bud\bdo\bo before the editor is executed.
+ variable in the user's environment, such as EDITOR, and include it
+ in _\ba_\br_\bg_\bv_\b__\bo_\bu_\bt. The files to be edited should be copied from _\ba_\br_\bg_\bv
+ into _\ba_\br_\bg_\bv_\b__\bo_\bu_\bt, separated from the editor and its arguments by a
+ "--" element. The "--" will be removed by s\bsu\bud\bdo\bo before the editor
+ is executed.
Returns 1 if the command is allowed, 0 if not allowed, -1 for a
general error, or -2 for a usage error. In the latter case, s\bsu\bud\bdo\bo
function with SUDO_CONF_ERROR_MSG to present additional error
information to the user.
- The function arguments are the same as for _\bc_\bh_\be_\bc_\bk_\b__\bp_\bo_\bl_\bi_\bc_\by.
-
- _\bC_\bo_\bn_\bv_\be_\br_\bs_\ba_\bt_\bi_\bo_\bn _\bA_\bP_\bI
+ The function arguments are the same as for _\bc_\bh_\be_\bc_\bk_\b__\bp_\bo_\bl_\bi_\bc_\by, except
+ that _\ba_\br_\bg_\bv_\b[_\b0_\b] will always be the string "sudoedit".
-1.8.0a1 May 13, 2010 9
+1.8.0a1 May 14, 2010 9
SUDO_PLUGIN(1m) MAINTENANCE COMMANDS SUDO_PLUGIN(1m)
+ _\bC_\bo_\bn_\bv_\be_\br_\bs_\ba_\bt_\bi_\bo_\bn _\bA_\bP_\bI
+
If the plugin needs to interact with the user, it may do so via the
conversation function. A plugin should not attempt to read directly
from the standard input or the user's tty (neither of which are
-
-
-1.8.0a1 May 13, 2010 10
+1.8.0a1 May 14, 2010 10
-1.8.0a1 May 13, 2010 11
+1.8.0a1 May 14, 2010 11
-1.8.0a1 May 13, 2010 12
+1.8.0a1 May 14, 2010 12
-1.8.0a1 May 13, 2010 13
+1.8.0a1 May 14, 2010 13
-1.8.0a1 May 13, 2010 14
+1.8.0a1 May 14, 2010 14
-1.8.0a1 May 13, 2010 15
+1.8.0a1 May 14, 2010 15
.\" ========================================================================
.\"
.IX Title "SUDO_PLUGIN @mansectsu@"
-.TH SUDO_PLUGIN @mansectsu@ "May 13, 2010" "1.8.0a1" "MAINTENANCE COMMANDS"
+.TH SUDO_PLUGIN @mansectsu@ "May 14, 2010" "1.8.0a1" "MAINTENANCE COMMANDS"
.\" For nroff, turn off justification. Always turn off hyphenation; it makes
.\" way too many mistakes in technical documents.
.if n .ad l
.Ve
.Sp
The \fIcheck_sudoedit\fR function is called instead of \fIcheck_policy\fR
-when \fBsudo\fR is invoked as \fBsudoedit\fR or with the \f(CW\*(C`\-e\*(C'\fR flag.
-\&\fBsudoedit\fR is a mechanism for editing one or more files where the
-user's editor is run with the user's credentials instead of elevated
-privileges. \fBsudo\fR does this by creating user-writable temporary
-copies of the files to be edited and then overwriting the originals
-with the temporary copies after editing is complete.
+when \fBsudo\fR is invoked as \fBsudoedit\fR or when the \f(CW\*(C`\-e\*(C'\fR flag is
+specified. \fBsudoedit\fR is a mechanism for editing one or more files
+where an editor is run with the user's credentials instead of with
+elevated privileges. \fBsudo\fR achieves this by creating user-writable
+temporary copies of the files to be edited and then overwriting the
+originals with the temporary copies after editing is complete.
.Sp
The plugin should choose the editor to be used, potentially from a
-variable in the user's environment, and include it in \fIargv_out\fR.
-The files to be edited should be copied from \fIargv\fR into \fIargv_out\fR,
-separated from the editor and its arguments by a \f(CW"\-\-"\fR element.
-The \f(CW"\-\-"\fR will be removed by \fBsudo\fR before the editor is executed.
+variable in the user's environment, such as \f(CW\*(C`EDITOR\*(C'\fR, and include
+it in \fIargv_out\fR. The files to be edited should be copied from
+\&\fIargv\fR into \fIargv_out\fR, separated from the editor and its arguments
+by a \f(CW"\-\-"\fR element. The \f(CW"\-\-"\fR will be removed by \fBsudo\fR before
+the editor is executed.
.Sp
Returns 1 if the command is allowed, 0 if not allowed, \-1 for a
general error, or \-2 for a usage error. In the latter case, \fBsudo\fR
function with \f(CW\*(C`SUDO_CONF_ERROR_MSG\*(C'\fR to present additional error
information to the user.
.Sp
-The function arguments are the same as for \fIcheck_policy\fR.
+The function arguments are the same as for \fIcheck_policy\fR, except
+that \fIargv[0]\fR will always be the string \*(L"sudoedit\*(R".
.PP
\fIConversation \s-1API\s0\fR
.IX Subsection "Conversation API"
char **argv_out[], char **user_env_out[]);
The I<check_sudoedit> function is called instead of I<check_policy>
-when B<sudo> is invoked as B<sudoedit> or with the C<-e> flag.
-B<sudoedit> is a mechanism for editing one or more files where the
-user's editor is run with the user's credentials instead of elevated
-privileges. B<sudo> does this by creating user-writable temporary
-copies of the files to be edited and then overwriting the originals
-with the temporary copies after editing is complete.
+when B<sudo> is invoked as B<sudoedit> or when the C<-e> flag is
+specified. B<sudoedit> is a mechanism for editing one or more files
+where an editor is run with the user's credentials instead of with
+elevated privileges. B<sudo> achieves this by creating user-writable
+temporary copies of the files to be edited and then overwriting the
+originals with the temporary copies after editing is complete.
The plugin should choose the editor to be used, potentially from a
-variable in the user's environment, and include it in I<argv_out>.
-The files to be edited should be copied from I<argv> into I<argv_out>,
-separated from the editor and its arguments by a C<"--"> element.
-The C<"--"> will be removed by B<sudo> before the editor is executed.
+variable in the user's environment, such as C<EDITOR>, and include
+it in I<argv_out>. The files to be edited should be copied from
+I<argv> into I<argv_out>, separated from the editor and its arguments
+by a C<"--"> element. The C<"--"> will be removed by B<sudo> before
+the editor is executed.
Returns 1 if the command is allowed, 0 if not allowed, -1 for a
general error, or -2 for a usage error. In the latter case, B<sudo>
function with C<SUDO_CONF_ERROR_MSG> to present additional error
information to the user.
-The function arguments are the same as for I<check_policy>.
+The function arguments are the same as for I<check_policy>, except
+that I<argv[0]> will always be the string "sudoedit".
=back
projects / sudo / commitdiff