Runas_Alias, Host_Alias and Cmnd_Alias.
Alias ::= 'User_Alias' = User_Alias (':' User_Alias)* |
- 'Runas_Alias' (':' Runas_Alias)* |
- 'Host_Alias' (':' Host_Alias)* |
- 'Cmnd_Alias' (':' Cmnd_Alias)*
+ 'Runas_Alias' = Runas_Alias (':' Runas_Alias)* |
+ 'Host_Alias' = Host_Alias (':' Host_Alias)* |
+ 'Cmnd_Alias' = Cmnd_Alias (':' Cmnd_Alias)*
User_Alias ::= NAME '=' User_List
-4/Dec/1999 1.6.1 1
+16/Jan/2000 1.6.1 1
-4/Dec/1999 1.6.1 2
+16/Jan/2000 1.6.1 2
-4/Dec/1999 1.6.1 3
+16/Jan/2000 1.6.1 3
-4/Dec/1999 1.6.1 4
+16/Jan/2000 1.6.1 4
-4/Dec/1999 1.6.1 5
+16/Jan/2000 1.6.1 5
secure_path Value to override user's $PATH with
+ verifypw This option controls when a password will be
+ required when a user runs sudo with the -\b-\b-\b-v\bv\bv\bv.
+ It has the following possible values:
+
+ all All the user's sudoers entries for the
+ current host must have the C<NOPASSWD>
+ flag set to avoid entering a password.
+
+ any At least one of the user's sudoers entries
+ for the current host must have the
+ C<NOPASSWD> flag set to avoid entering a
+ password.
+
+ never The user need never enter a password to use
+ the B<-v> flag.
+
+ always The user must always enter a password to use
+ the B<-v> flag.
+
+ The default value is `all'.
+
+ listpw This option controls when a password will be
+ required when a user runs sudo with the -\b-\b-\b-l\bl\bl\bl.
+ It has the following possible values:
+
+ all All the user's sudoers entries for the
+ current host must have the C<NOPASSWD>
+ flag set to avoid entering a password.
+
+ any At least one of the user's sudoers entries
+ for the current host must have the
+ C<NOPASSWD> flag set to avoid entering a
+ password.
+
+
+
+
+
+16/Jan/2000 1.6.1 6
+
+
+
+
+
+sudoers(5) FILE FORMATS sudoers(5)
+
+
+ never The user need never enter a password to use
+ the B<-l> flag.
+
+ always The user must always enter a password to use
+ the B<-l> flag.
+
+ The default value is `any'.
+
When logging via _\bs_\by_\bs_\bl_\bo_\bg(3), sudo accepts the following
values for the syslog facility (the value of the s\bs\bs\bsy\by\by\bys\bs\bs\bsl\bl\bl\blo\bo\bo\bog\bg\bg\bg
Parameter): a\ba\ba\bau\bu\bu\but\bt\bt\bth\bh\bh\bhp\bp\bp\bpr\br\br\bri\bi\bi\biv\bv\bv\bv (if your OS supports it), a\ba\ba\bau\bu\bu\but\bt\bt\bth\bh\bh\bh,
U\bU\bU\bUs\bs\bs\bse\be\be\ber\br\br\br S\bS\bS\bSp\bp\bp\bpe\be\be\bec\bc\bc\bci\bi\bi\bif\bf\bf\bfi\bi\bi\bic\bc\bc\bca\ba\ba\bat\bt\bt\bti\bi\bi\bio\bo\bo\bon\bn\bn\bn
- Runas_Spec ::= '(' Runas_List ')'
-
- Cmnd_Spec ::= Runas_Spec? ('NOPASSWD:' | 'PASSWD:')? Cmnd
+ User_Spec ::= User_list Host_List '=' User_List Cmnd_Spec_List \
+ (':' User_Spec)*
Cmnd_Spec_List ::= Cmnd_Spec |
Cmnd_Spec ',' Cmnd_Spec_List
- User_Spec ::= User_list Cmnd_Spec_List (':' User_Spec)*
+ Cmnd_Spec ::= Runas_Spec? ('NOPASSWD:' | 'PASSWD:')? Cmnd
+
+ Runas_Spec ::= '(' Runas_List ')'
A u\bu\bu\bus\bs\bs\bse\be\be\ber\br\br\br s\bs\bs\bsp\bp\bp\bpe\be\be\bec\bc\bc\bci\bi\bi\bif\bf\bf\bfi\bi\bi\bic\bc\bc\bca\ba\ba\bat\bt\bt\bti\bi\bi\bio\bo\bo\bon\bn\bn\bn determines which commands a user may
run (and as what user) on specified hosts. By default,
commands that follow it. What this means is that for the
entry:
+ dgb boulder = (operator) /bin/ls, /bin/kill, /usr/bin/who
+ The user d\bd\bd\bdg\bg\bg\bgb\bb\bb\bb may run _\b/_\bb_\bi_\bn_\b/_\bl_\bs, _\b/_\bb_\bi_\bn_\b/_\bk_\bi_\bl_\bl, and _\b/_\bu_\bs_\br_\b/_\bb_\bi_\bn_\b/_\bl_\bp_\br_\bm
+ -- but only as o\bo\bo\bop\bp\bp\bpe\be\be\ber\br\br\bra\ba\ba\bat\bt\bt\bto\bo\bo\bor\br\br\br. Eg.
-4/Dec/1999 1.6.1 6
+ sudo -u operator /bin/ls.
+ It is also possible to override a Runas_Spec later on in
+ an entry. If we modify the entry like so:
+16/Jan/2000 1.6.1 7
-sudoers(5) FILE FORMATS sudoers(5)
- dgb boulder = (operator) /bin/ls, /bin/kill, /usr/bin/who
- The user d\bd\bd\bdg\bg\bg\bgb\bb\bb\bb may run _\b/_\bb_\bi_\bn_\b/_\bl_\bs, _\b/_\bb_\bi_\bn_\b/_\bk_\bi_\bl_\bl, and _\b/_\bu_\bs_\br_\b/_\bb_\bi_\bn_\b/_\bl_\bp_\br_\bm
- -- but only as o\bo\bo\bop\bp\bp\bpe\be\be\ber\br\br\bra\ba\ba\bat\bt\bt\bto\bo\bo\bor\br\br\br. Eg.
- sudo -u operator /bin/ls.
+sudoers(5) FILE FORMATS sudoers(5)
- It is also possible to override a Runas_Spec later on in
- an entry. If we modify the entry like so:
dgb boulder = (operator) /bin/ls, (root) /bin/kill, /usr/bin/lprm
ray rushmore = NOPASSWD: /bin/kill, PASSWD: /bin/ls, /usr/bin/lprm
+ Note however, that the PASSWD tag has no effect on users
+ who are in the group specified by the exempt_group option.
+
+ By default, if the NOPASSWD tag is applied to any of the
+ entries for a user on the current host, he or she will be
+ able to run sudo -l without a password. Additionally, a
+ user may only run sudo -v without a password if the
+ NOPASSWD tag is present for all a user's entries that
+ pertain to the current host. This behavior may be
+ overridden via the verifypw and listpw options.
W\bW\bW\bWi\bi\bi\bil\bl\bl\bld\bd\bd\bdc\bc\bc\bca\ba\ba\bar\br\br\brd\bd\bd\bds\bs\bs\bs (\b(\b(\b(a\ba\ba\bak\bk\bk\bka\ba\ba\ba m\bm\bm\bme\be\be\bet\bt\bt\bta\ba\ba\ba c\bc\bc\bch\bh\bh\bha\ba\ba\bar\br\br\bra\ba\ba\bac\bc\bc\bct\bt\bt\bte\be\be\ber\br\br\brs\bs\bs\bs)\b)\b)\b):\b:\b:\b:
-4/Dec/1999 1.6.1 7
+16/Jan/2000 1.6.1 8
-4/Dec/1999 1.6.1 8
+16/Jan/2000 1.6.1 9
-4/Dec/1999 1.6.1 9
+16/Jan/2000 1.6.1 10
-4/Dec/1999 1.6.1 10
+16/Jan/2000 1.6.1 11
-4/Dec/1999 1.6.1 11
+16/Jan/2000 1.6.1 12
-4/Dec/1999 1.6.1 12
+16/Jan/2000 1.6.1 13
-4/Dec/1999 1.6.1 13
+16/Jan/2000 1.6.1 14
''' $RCSfile$$Revision$$Date$
'''
''' $Log$
-''' Revision 1.18 1999/12/05 02:18:47 millert
-''' crank version to 1.6
+''' Revision 1.19 2000/01/17 03:57:26 millert
+''' o Fix some typos/omissions
+''' o Add section on verifypw and listpw
+''' o Define how NOPASSWD interacts with the -v and -l flags
'''
'''
.de Sh
.nr % 0
.rr F
.\}
-.TH sudoers 5 "1.6.1" "4/Dec/1999" "FILE FORMATS"
+.TH sudoers 5 "1.6.1" "16/Jan/2000" "FILE FORMATS"
.UC
.if n .hy 0
.if n .na
.PP
.Vb 4
\& Alias ::= 'User_Alias' = User_Alias (':' User_Alias)* |
-\& 'Runas_Alias' (':' Runas_Alias)* |
-\& 'Host_Alias' (':' Host_Alias)* |
-\& 'Cmnd_Alias' (':' Cmnd_Alias)*
+\& 'Runas_Alias' = Runas_Alias (':' Runas_Alias)* |
+\& 'Host_Alias' = Host_Alias (':' Host_Alias)* |
+\& 'Cmnd_Alias' = Cmnd_Alias (':' Cmnd_Alias)*
.Ve
.Vb 1
\& User_Alias ::= NAME '=' User_List
Users in this group are exempt from password and \s-1PATH\s0 requirements
.Ip "secure_path" 12
Value to override user's \f(CW$PATH\fR with
+.Ip "verifypw" 12
+This option controls when a password will be required when a
+user runs sudo with the \fB\-v\fR. It has the following possible values:
+.Sp
+.Vb 3
+\& all All the user's sudoers entries for the
+\& current host must have the C<NOPASSWD>
+\& flag set to avoid entering a password.
+.Ve
+.Vb 4
+\& any At least one of the user's sudoers entries
+\& for the current host must have the
+\& C<NOPASSWD> flag set to avoid entering a
+\& password.
+.Ve
+.Vb 2
+\& never The user need never enter a password to use
+\& the B<-v> flag.
+.Ve
+.Vb 2
+\& always The user must always enter a password to use
+\& the B<-v> flag.
+.Ve
+The default value is `all\*(R'.
+.Ip "listpw" 12
+This option controls when a password will be required when a
+user runs sudo with the \fB\-l\fR. It has the following possible values:
+.Sp
+.Vb 3
+\& all All the user's sudoers entries for the
+\& current host must have the C<NOPASSWD>
+\& flag set to avoid entering a password.
+.Ve
+.Vb 4
+\& any At least one of the user's sudoers entries
+\& for the current host must have the
+\& C<NOPASSWD> flag set to avoid entering a
+\& password.
+.Ve
+.Vb 2
+\& never The user need never enter a password to use
+\& the B<-l> flag.
+.Ve
+.Vb 2
+\& always The user must always enter a password to use
+\& the B<-l> flag.
+.Ve
+The default value is `any\*(R'.
.PP
When logging via \fIsyslog\fR\|(3), sudo accepts the following values for the syslog
facility (the value of the \fBsyslog\fR Parameter): \fBauthpriv\fR (if your \s-1OS\s0
\fBerr\fR, \fBinfo\fR, \fBnotice\fR, and \fBwarning\fR.
.Sh "User Specification"
.PP
-.Vb 1
-\& Runas_Spec ::= '(' Runas_List ')'
-.Ve
-.Vb 1
-\& Cmnd_Spec ::= Runas_Spec? ('NOPASSWD:' | 'PASSWD:')? Cmnd
+.Vb 2
+\& User_Spec ::= User_list Host_List '=' User_List Cmnd_Spec_List \e
+\& (':' User_Spec)*
.Ve
.Vb 2
\& Cmnd_Spec_List ::= Cmnd_Spec |
\& Cmnd_Spec ',' Cmnd_Spec_List
.Ve
.Vb 1
-\& User_Spec ::= User_list Cmnd_Spec_List (':' User_Spec)*
+\& Cmnd_Spec ::= Runas_Spec? ('NOPASSWD:' | 'PASSWD:')? Cmnd
+.Ve
+.Vb 1
+\& Runas_Spec ::= '(' Runas_List ')'
.Ve
A \fBuser specification\fR determines which commands a user may run
(and as what user) on specified hosts. By default, commands are
.Vb 1
\& ray rushmore = NOPASSWD: /bin/kill, PASSWD: /bin/ls, /usr/bin/lprm
.Ve
+Note however, that the \f(CWPASSWD\fR tag has no effect on users who are
+in the group specified by the exempt_group option.
+.PP
+By default, if the \f(CWNOPASSWD\fR tag is applied to any of the entries
+for a user on the current host, he or she will be able to run
+\f(CWsudo -l\fR without a password. Additionally, a user may only run
+\f(CWsudo -v\fR without a password if the \f(CWNOPASSWD\fR tag is present
+for all a user's entries that pertain to the current host.
+This behavior may be overridden via the verifypw and listpw options.
.Sh "Wildcards (aka meta characters):"
\fBsudo\fR allows shell-style \fIwildcards\fR to be used in pathnames
as well as command line arguments in the \fIsudoers\fR file. Wildcard
.IX Item "secure_path"
+.IX Item "verifypw"
+
+.IX Item "listpw"
+
.IX Subsection "User Specification"
.IX Subsection "Runas_Spec"
.IX Subsection "Exceptions to wildcard rules:"
-.IX Item \f(CW""\fR
+.IX Item "\f(CW""\fR"
.IX Subsection "Other special characters and reserved words:"
C<Host_Alias> and C<Cmnd_Alias>.
Alias ::= 'User_Alias' = User_Alias (':' User_Alias)* |
- 'Runas_Alias' (':' Runas_Alias)* |
- 'Host_Alias' (':' Host_Alias)* |
- 'Cmnd_Alias' (':' Cmnd_Alias)*
+ 'Runas_Alias' = Runas_Alias (':' Runas_Alias)* |
+ 'Host_Alias' = Host_Alias (':' Host_Alias)* |
+ 'Cmnd_Alias' = Cmnd_Alias (':' Cmnd_Alias)*
User_Alias ::= NAME '=' User_List
Value to override user's $PATH with
+=item verifypw
+
+This option controls when a password will be required when a
+user runs sudo with the B<-v>. It has the following possible values:
+
+ all All the user's sudoers entries for the
+ current host must have the C<NOPASSWD>
+ flag set to avoid entering a password.
+
+ any At least one of the user's sudoers entries
+ for the current host must have the
+ C<NOPASSWD> flag set to avoid entering a
+ password.
+
+ never The user need never enter a password to use
+ the B<-v> flag.
+
+ always The user must always enter a password to use
+ the B<-v> flag.
+
+The default value is `all'.
+
+=item listpw
+
+This option controls when a password will be required when a
+user runs sudo with the B<-l>. It has the following possible values:
+
+ all All the user's sudoers entries for the
+ current host must have the C<NOPASSWD>
+ flag set to avoid entering a password.
+
+ any At least one of the user's sudoers entries
+ for the current host must have the
+ C<NOPASSWD> flag set to avoid entering a
+ password.
+
+ never The user need never enter a password to use
+ the B<-l> flag.
+
+ always The user must always enter a password to use
+ the B<-l> flag.
+
+The default value is `any'.
+
=back 12
When logging via syslog(3), sudo accepts the following values for the syslog
=head2 User Specification
- Runas_Spec ::= '(' Runas_List ')'
-
- Cmnd_Spec ::= Runas_Spec? ('NOPASSWD:' | 'PASSWD:')? Cmnd
+ User_Spec ::= User_list Host_List '=' User_List Cmnd_Spec_List \
+ (':' User_Spec)*
Cmnd_Spec_List ::= Cmnd_Spec |
Cmnd_Spec ',' Cmnd_Spec_List
- User_Spec ::= User_list Cmnd_Spec_List (':' User_Spec)*
+ Cmnd_Spec ::= Runas_Spec? ('NOPASSWD:' | 'PASSWD:')? Cmnd
+
+ Runas_Spec ::= '(' Runas_List ')'
A B<user specification> determines which commands a user may run
(and as what user) on specified hosts. By default, commands are
ray rushmore = NOPASSWD: /bin/kill, PASSWD: /bin/ls, /usr/bin/lprm
+Note however, that the C<PASSWD> tag has no effect on users who are
+in the group specified by the exempt_group option.
+
+By default, if the C<NOPASSWD> tag is applied to any of the entries
+for a user on the current host, he or she will be able to run
+C<sudo -l> without a password. Additionally, a user may only run
+C<sudo -v> without a password if the C<NOPASSWD> tag is present
+for all a user's entries that pertain to the current host.
+This behavior may be overridden via the verifypw and listpw options.
+
=head2 Wildcards (aka meta characters):
B<sudo> allows shell-style I<wildcards> to be used in pathnames
projects / sudo / commitdiff