-7/Apr/99 1.6 1
+22/Jun/1999 1.6 1
When a _\br_\bu_\bn_\ba_\bs_\b-_\bl_\bi_\bs_\bt is specified for an _\ba_\bc_\bc_\be_\bs_\bs_\b__\bg_\br_\bo_\bu_\bp, it
affects all commands in the _\ba_\bc_\bc_\be_\bs_\bs_\b__\bg_\br_\bo_\bu_\bp. For example,
given:
+
oper bigserver = (root, sysadm) /usr/bin/kill, /bin/rm
+
User oper will be able to run /usr/bin/kill and /bin/rm as
r\br\br\bro\bo\bo\boo\bo\bo\bot\bt\bt\bt or s\bs\bs\bsy\by\by\bys\bs\bs\bsa\ba\ba\bad\bd\bd\bdm\bm\bm\bm on the machine, bigserver. The _\br_\bu_\bn_\ba_\bs_\b-_\bl_\bi_\bs_\bt
is "sticky" across entries in the comma-separated
_\ba_\bc_\bc_\be_\bs_\bs_\b__\bg_\br_\bo_\bu_\bp. You can override the _\br_\bu_\bn_\ba_\bs_\b-_\bl_\bi_\bs_\bt with
another one, at which point the new _\br_\bu_\bn_\ba_\bs_\b-_\bl_\bi_\bs_\bt becomes the
default for that _\ba_\bc_\bc_\be_\bs_\bs_\b__\bg_\br_\bo_\bu_\bp. For example, given:
- oper bigserver = (root, sysadm) /usr/bin/kill, (root)
- /bin/rm, \ /bin/rmdir User oper can still run
- /usr/bin/kill as r\br\br\bro\bo\bo\boo\bo\bo\bot\bt\bt\bt or s\bs\bs\bsy\by\by\bys\bs\bs\bsa\ba\ba\bad\bd\bd\bdm\bm\bm\bm but can only run /bin/rm
- and /bin/rmdir as r\br\br\bro\bo\bo\boo\bo\bo\bot\bt\bt\bt.
+
+ oper bigserver = (root, sysadm) /usr/bin/kill, (root) /bin/rm, \
+ /bin/rmdir
+
+ User oper can still run /usr/bin/kill as r\br\br\bro\bo\bo\boo\bo\bo\bot\bt\bt\bt or s\bs\bs\bsy\by\by\bys\bs\bs\bsa\ba\ba\bad\bd\bd\bdm\bm\bm\bm
+ but can only run /bin/rm and /bin/rmdir as r\br\br\bro\bo\bo\boo\bo\bo\bot\bt\bt\bt.
Similarly, the N\bN\bN\bNO\bO\bO\bOP\bP\bP\bPA\bA\bA\bAS\bS\bS\bSS\bS\bS\bSW\bW\bW\bWD\bD\bD\bD modifier is also persistent across
an _\ba_\bc_\bc_\be_\bs_\bs_\b__\bg_\br_\bo_\bu_\bp. For example given:
- oper bigserver = NOPASSWD: /usr/bin/kill, /bin/rm,
- /bin/rmdir User oper will be able to run /usr/bin/kill,
- /bin/rm, and /bin/rmdir as r\br\br\bro\bo\bo\boo\bo\bo\bot\bt\bt\bt without a password. If we
- change that to:
- oper bigserver = NOPASSWD: /usr/bin/kill, PASSWD:
- /bin/rm, /bin/rmdir User oper can still run /usr/bin/kill
- without a password but must give a password to run /bin/rm
+
+ oper bigserver = NOPASSWD: /usr/bin/kill, /bin/rm, /bin/rmdir
+
-7/Apr/99 1.6 2
+22/Jun/1999 1.6 2
sudoers(5) FILE FORMATS sudoers(5)
- and /bin/rmdir.
+ User oper will be able to run /usr/bin/kill, /bin/rm, and
+ /bin/rmdir as r\br\br\bro\bo\bo\boo\bo\bo\bot\bt\bt\bt without a password. If we change that
+ to:
+
+ oper bigserver = NOPASSWD: /usr/bin/kill, PASSWD: /bin/rm, /bin/rmdir
+
+ User oper can still run /usr/bin/kill without a password
+ but must give a password to run /bin/rm and /bin/rmdir.
w\bw\bw\bwi\bi\bi\bil\bl\bl\bld\bd\bd\bdc\bc\bc\bca\ba\ba\bar\br\br\brd\bd\bd\bds\bs\bs\bs (\b(\b(\b(a\ba\ba\bak\bk\bk\bka\ba\ba\ba m\bm\bm\bme\be\be\bet\bt\bt\bta\ba\ba\ba c\bc\bc\bch\bh\bh\bha\ba\ba\bar\br\br\bra\ba\ba\bac\bc\bc\bct\bt\bt\bte\be\be\ber\br\br\brs\bs\bs\bs)\b)\b)\b):\b:\b:\b:
{Host,User,Cmnd}_Alias. D\bD\bD\bDO\bO\bO\bO N\bN\bN\bNO\bO\bO\bOT\bT\bT\bT define an alias of _\bA_\bL_\bL, it
will N\bN\bN\bNO\bO\bO\bOT\bT\bT\bT be used. Note that _\bA_\bL_\bL implies the entire
universe of hosts/users/commands. You can subtract
- elements from the universe by using the syntax:
- user host=ALL,!ALIAS1,!/sbin/halt...
- Commands may have optional command line arguments. If
- they do, then the arguments in the _\bs_\bu_\bd_\bo_\be_\br_\bs file must
- exactly match those on the command line. It is also
- possible to have a command's arguments span multiple lines
-
-7/Apr/99 1.6 3
+22/Jun/1999 1.6 3
sudoers(5) FILE FORMATS sudoers(5)
+ elements from the universe by using the syntax:
+
+ user host=ALL,!ALIAS1,!/sbin/halt...
+
+ Commands may have optional command line arguments. If
+ they do, then the arguments in the _\bs_\bu_\bd_\bo_\be_\br_\bs file must
+ exactly match those on the command line. It is also
+ possible to have a command's arguments span multiple lines
as long as the line continuance character "\" is used.
The following characters must be escaped with a "\" if
used in command arguments: ",", ":", "=", "\".
steve CSNETS=(operator) /usr/op_commands/
- H\bH\bH\bHo\bo\bo\bos\bs\bs\bst\bt\bt\bt A\bA\bA\bAl\bl\bl\bli\bi\bi\bia\ba\ba\bas\bs\bs\bs s\bs\bs\bsp\bp\bp\bpe\be\be\bec\bc\bc\bci\bi\bi\bif\bf\bf\bfi\bi\bi\bic\bc\bc\bca\ba\ba\bat\bt\bt\bti\bi\bi\bio\bo\bo\bon\bn\bn\bns\bs\bs\bs:\b:\b:\b:
- The are four _\bh_\bo_\bs_\bt _\ba_\bl_\bi_\ba_\bs_\be_\bs. The first actually contains
- two _\ba_\bl_\bi_\ba_\bs_\be_\bs. It sets HUB to be houdini and REMOTE to the
- three machines merlin, kodiakthorn and spirit. Similarly,
- SERVERS is set to the machines houdini, merlin,
- kodiakthorn and spirit. The CSNETS alias will match any
- host on the 128.138.243.0, 128.138.204.0, or
- 128.138.205.192 nets. The CUNETS alias will match any
- host on the 128.138.0.0 (class B) network. Note that
- these are n\bn\bn\bne\be\be\bet\bt\bt\btw\bw\bw\bwo\bo\bo\bor\br\br\brk\bk\bk\bk addresses, not ip addresses. Unless an
-7/Apr/99 1.6 4
+
+
+22/Jun/1999 1.6 4
sudoers(5) FILE FORMATS sudoers(5)
+ H\bH\bH\bHo\bo\bo\bos\bs\bs\bst\bt\bt\bt A\bA\bA\bAl\bl\bl\bli\bi\bi\bia\ba\ba\bas\bs\bs\bs s\bs\bs\bsp\bp\bp\bpe\be\be\bec\bc\bc\bci\bi\bi\bif\bf\bf\bfi\bi\bi\bic\bc\bc\bca\ba\ba\bat\bt\bt\bti\bi\bi\bio\bo\bo\bon\bn\bn\bns\bs\bs\bs:\b:\b:\b:
+
+ The are four _\bh_\bo_\bs_\bt _\ba_\bl_\bi_\ba_\bs_\be_\bs. The first actually contains
+ two _\ba_\bl_\bi_\ba_\bs_\be_\bs. It sets HUB to be houdini and REMOTE to the
+ three machines merlin, kodiakthorn and spirit. Similarly,
+ SERVERS is set to the machines houdini, merlin,
+ kodiakthorn and spirit. The CSNETS alias will match any
+ host on the 128.138.243.0, 128.138.204.0, or
+ 128.138.205.192 nets. The CUNETS alias will match any
+ host on the 128.138.0.0 (class B) network. Note that
+ these are n\bn\bn\bne\be\be\bet\bt\bt\btw\bw\bw\bwo\bo\bo\bor\br\br\brk\bk\bk\bk addresses, not ip addresses. Unless an
explicit netmask is given, the local _\bn_\be_\bt_\bm_\ba_\bs_\bk is used to
determine whether or not the current host belongs to a
network.
root on the machines on CUNETS (which is
explicitly listed as a class B network).
- nieusma The user nieusma may run commands in the
- SHUTDOWN alias as well as _\b/_\bs_\bb_\bi_\bn_\b/_\br_\be_\bb_\bo_\bo_\bt on
- the SERVER machines and any command except
- those in the SHELLS alias on the HUB
- machines.
-
- jill The user jill may run /sbin/shutdown -h
- now or /sbin/shutdown -r now as well as
- the commands in the MISC alias on houdini.
- markm The user markm may run any command on the
- HUB machines except _\b/_\bs_\bb_\bi_\bn_\b/_\bs_\bh_\bu_\bt_\bd_\bo_\bw_\bn,
-7/Apr/99 1.6 5
+22/Jun/1999 1.6 5
sudoers(5) FILE FORMATS sudoers(5)
+ nieusma The user nieusma may run commands in the
+ SHUTDOWN alias as well as _\b/_\bs_\bb_\bi_\bn_\b/_\br_\be_\bb_\bo_\bo_\bt on
+ the SERVER machines and any command except
+ those in the SHELLS alias on the HUB
+ machines.
+
+ jill The user jill may run /sbin/shutdown -h
+ now or /sbin/shutdown -r now as well as
+ the commands in the MISC alias on houdini.
+
+ markm The user markm may run any command on the
+ HUB machines except _\b/_\bs_\bb_\bi_\bn_\b/_\bs_\bh_\bu_\bt_\bd_\bo_\bw_\bn,
_\b/_\bs_\bb_\bi_\bn_\b/_\bh_\ba_\bl_\bt, and commands listed in the
MISC alias.
-
-
-
-
-
-
-
-
-
-
-
-
-7/Apr/99 1.6 6
+22/Jun/1999 1.6 6
-7/Apr/99 1.6 7
+22/Jun/1999 1.6 7
''' $RCSfile$$Revision$$Date$
'''
''' $Log$
-''' Revision 1.9 1999/04/07 23:18:51 millert
-''' You can now specifiy a host list instead of just a host or alias.
-''' Ie: user = host1,host2,ALIAS,!host3 my_command
-''' now works.
+''' Revision 1.10 1999/06/22 10:38:38 millert
+''' typos
'''
'''
.de Sh
.nr % 0
.rr F
.\}
-.TH sudoers 5 "1.6" "7/Apr/99" "FILE FORMATS"
+.TH sudoers 5 "1.6" "22/Jun/1999" "FILE FORMATS"
.UC
.if n .hy 0
.if n .na
.Sh "persistence of modifiers"
When a \fIrunas-list\fR is specified for an \fIaccess_group\fR, it
affects all commands in the \fIaccess_group\fR. For example, given:
- oper bigserver = (root, sysadm) /usr/bin/kill, /bin/rm
+.PP
+.Vb 1
+\& oper bigserver = (root, sysadm) /usr/bin/kill, /bin/rm
+.Ve
User \f(CWoper\fR will be able to run \f(CW/usr/bin/kill\fR and \f(CW/bin/rm\fR
as \fBroot\fR or \fBsysadm\fR on the machine, \f(CWbigserver\fR. The
\fIrunas-list\fR is \*(L"sticky\*(R" across entries in the comma-separated
\fIaccess_group\fR. You can override the \fIrunas-list\fR with another
one, at which point the new \fIrunas-list\fR becomes the default for
that \fIaccess_group\fR. For example, given:
- oper bigserver = (root, sysadm) /usr/bin/kill, (root) /bin/rm, \e
- /bin/rmdir
+.PP
+.Vb 2
+\& oper bigserver = (root, sysadm) /usr/bin/kill, (root) /bin/rm, \e
+\& /bin/rmdir
+.Ve
User \f(CWoper\fR can still run \f(CW/usr/bin/kill\fR as \fBroot\fR or \fBsysadm\fR but
can only run \f(CW/bin/rm\fR and \f(CW/bin/rmdir\fR as \fBroot\fR.
.PP
Similarly, the \fB\s-1NOPASSWD\s0\fR modifier is also persistent across an
\fIaccess_group\fR. For example given:
- oper bigserver = \s-1NOPASSWD\s0: /usr/bin/kill, /bin/rm, /bin/rmdir
+.PP
+.Vb 1
+\& oper bigserver = NOPASSWD: /usr/bin/kill, /bin/rm, /bin/rmdir
+.Ve
User \f(CWoper\fR will be able to run \f(CW/usr/bin/kill\fR, \f(CW/bin/rm\fR, and
\f(CW/bin/rmdir\fR as \fBroot\fR without a password. If we change that to:
- oper bigserver = \s-1NOPASSWD\s0: /usr/bin/kill, \s-1PASSWD\s0: /bin/rm, /bin/rmdir
+.PP
+.Vb 1
+\& oper bigserver = NOPASSWD: /usr/bin/kill, PASSWD: /bin/rm, /bin/rmdir
+.Ve
User \f(CWoper\fR can still run \f(CW/usr/bin/kill\fR without a password but
must give a password to run \f(CW/bin/rm\fR and \f(CW/bin/rmdir\fR.
.Sh "wildcards (aka meta characters):"
\fB\s-1DO\s0 \s-1NOT\s0\fR define an alias of \fI\s-1ALL\s0\fR, it will \fB\s-1NOT\s0\fR be used.
Note that \fI\s-1ALL\s0\fR implies the entire universe of hosts/users/commands.
You can subtract elements from the universe by using the syntax:
- user host=\s-1ALL\s0,!\s-1ALIAS1\s0,!/sbin/halt...
.PP
+.Vb 1
+\& user host=ALL,!ALIAS1,!/sbin/halt...
+.Ve
Commands may have optional command line arguments. If they do,
then the arguments in the \fIsudoers\fR file must exactly match those
on the command line. It is also possible to have a command's
When a I<runas-list> is specified for an I<access_group>, it
affects all commands in the I<access_group>. For example, given:
+
oper bigserver = (root, sysadm) /usr/bin/kill, /bin/rm
+
User C<oper> will be able to run C</usr/bin/kill> and C</bin/rm>
as B<root> or B<sysadm> on the machine, C<bigserver>. The
I<runas-list> is "sticky" across entries in the comma-separated
I<access_group>. You can override the I<runas-list> with another
one, at which point the new I<runas-list> becomes the default for
that I<access_group>. For example, given:
+
oper bigserver = (root, sysadm) /usr/bin/kill, (root) /bin/rm, \
/bin/rmdir
+
User C<oper> can still run C</usr/bin/kill> as B<root> or B<sysadm> but
can only run C</bin/rm> and C</bin/rmdir> as B<root>.
Similarly, the B<NOPASSWD> modifier is also persistent across an
I<access_group>. For example given:
+
oper bigserver = NOPASSWD: /usr/bin/kill, /bin/rm, /bin/rmdir
+
User C<oper> will be able to run C</usr/bin/kill>, C</bin/rm>, and
C</bin/rmdir> as B<root> without a password. If we change that to:
+
oper bigserver = NOPASSWD: /usr/bin/kill, PASSWD: /bin/rm, /bin/rmdir
+
User C<oper> can still run C</usr/bin/kill> without a password but
must give a password to run C</bin/rm> and C</bin/rmdir>.
B<DO NOT> define an alias of I<ALL>, it will B<NOT> be used.
Note that I<ALL> implies the entire universe of hosts/users/commands.
You can subtract elements from the universe by using the syntax:
+
user host=ALL,!ALIAS1,!/sbin/halt...
Commands may have optional command line arguments. If they do,