-SUDOERS(5) FILE FORMATS SUDOERS(5)
+sudoers(5) FILE FORMATS sudoers(5)
N\bN\bN\bNA\bA\bA\bAM\bM\bM\bME\bE\bE\bE
-11/Oct/1999 1.6 1
+8/Nov/1999 1.6 1
-SUDOERS(5) FILE FORMATS SUDOERS(5)
+sudoers(5) FILE FORMATS sudoers(5)
Host_Alias ::= NAME '=' Host_List
-11/Oct/1999 1.6 2
+8/Nov/1999 1.6 2
-SUDOERS(5) FILE FORMATS SUDOERS(5)
+sudoers(5) FILE FORMATS sudoers(5)
Host ::= '!'* hostname |
the user on the command line (or match the wildcards if
there are any). Note that the following characters must
be escaped with a '\' if they are used in command
- arguments: ',', ':', '=', '\\'.
+ arguments: ',', ':', '=', '\'.
D\bD\bD\bDe\be\be\bef\bf\bf\bfa\ba\ba\bau\bu\bu\bul\bl\bl\blt\bt\bt\bts\bs\bs\bs
-11/Oct/1999 1.6 3
+8/Nov/1999 1.6 3
-SUDOERS(5) FILE FORMATS SUDOERS(5)
+sudoers(5) FILE FORMATS sudoers(5)
there are conflicting values, the last value on a matching
-11/Oct/1999 1.6 4
+8/Nov/1999 1.6 4
-SUDOERS(5) FILE FORMATS SUDOERS(5)
+sudoers(5) FILE FORMATS sudoers(5)
shell_noargs
-11/Oct/1999 1.6 5
+8/Nov/1999 1.6 5
-SUDOERS(5) FILE FORMATS SUDOERS(5)
+sudoers(5) FILE FORMATS sudoers(5)
successfully
-11/Oct/1999 1.6 6
+8/Nov/1999 1.6 6
-SUDOERS(5) FILE FORMATS SUDOERS(5)
+sudoers(5) FILE FORMATS sudoers(5)
Runas_Spec in the user specification, a default Runas_Spec
-11/Oct/1999 1.6 7
+8/Nov/1999 1.6 7
-SUDOERS(5) FILE FORMATS SUDOERS(5)
+sudoers(5) FILE FORMATS sudoers(5)
[!...] Matches any character n\bn\bn\bno\bo\bo\bot\bt\bt\bt in the specified range.
allow a user to run "all but a few" commands rarely works
as intended (see SECURITY NOTES below).
- Long lines can be continued with a backslash ('\\') as the
+ Long lines can be continued with a backslash ('\') as the
last character on the line.
Whitespace between elements in a list as well as specicial
syntactic characters in a _\bU_\bs_\be_\br _\bS_\bp_\be_\bc_\bi_\bf_\bi_\bc_\ba_\bt_\bi_\bo_\bn ('=', ':',
'(', ')') is optional.
+ The following characters must be escaped with a backslash
+8/Nov/1999 1.6 8
-11/Oct/1999 1.6 8
+sudoers(5) FILE FORMATS sudoers(5)
-SUDOERS(5) FILE FORMATS SUDOERS(5)
+ ('\') when used as part of a word (eg. a username or
+ hostname): '@', '!', '=', ':', ',', '(', ')', '\'.
E\bE\bE\bEX\bX\bX\bXA\bA\bA\bAM\bM\bM\bMP\bP\bP\bPL\bL\bL\bLE\bE\bE\bES\bS\bS\bS
Below are example _\bs_\bu_\bd_\bo_\be_\br_\bs entries. Admittedly, some of
Defaults:millert !authenticate
Defaults@SERVERS log_year, logfile=/var/log/sudo.log
- The _\bU_\bs_\be_\br _\bs_\bp_\be_\bc_\bi_\bf_\bi_\bc_\ba_\bt_\bi_\bo_\bn is the part that actually
- determines who may run what.
+8/Nov/1999 1.6 9
-11/Oct/1999 1.6 9
+sudoers(5) FILE FORMATS sudoers(5)
-SUDOERS(5) FILE FORMATS SUDOERS(5)
+ The _\bU_\bs_\be_\br _\bs_\bp_\be_\bc_\bi_\bf_\bi_\bc_\ba_\bt_\bi_\bo_\bn is the part that actually
+ determines who may run what.
root ALL = (ALL) ALL
%wheel ALL = (ALL) ALL
assumes _\bp_\ba_\bs_\bs_\bw_\bd(1) does not take multiple usernames on the
command line.
- bob SPARC = (OP) ALL : SGI = (OP) ALL
- The user b\bb\bb\bbo\bo\bo\bob\bb\bb\bb may run anything on the _\bS_\bP_\bA_\bR_\bC and _\bS_\bG_\bI
+8/Nov/1999 1.6 10
-11/Oct/1999 1.6 10
+sudoers(5) FILE FORMATS sudoers(5)
-SUDOERS(5) FILE FORMATS SUDOERS(5)
+ bob SPARC = (OP) ALL : SGI = (OP) ALL
+ The user b\bb\bb\bbo\bo\bo\bob\bb\bb\bb may run anything on the _\bS_\bP_\bA_\bR_\bC and _\bS_\bG_\bI
machines as any user listed in the _\bO_\bP Runas_Alias (r\br\br\bro\bo\bo\boo\bo\bo\bot\bt\bt\bt
and o\bo\bo\bop\bp\bp\bpe\be\be\ber\br\br\bra\ba\ba\bat\bt\bt\bto\bo\bo\bor\br\br\br).
On the host www, any user in the _\bW_\bE_\bB_\bM_\bA_\bS_\bT_\bE_\bR_\bS User_Alias
(will, wendy, and wim), may run any command as user www
- (which owns the web pages) or simply _\bs_\bu(1) to www.
-
+8/Nov/1999 1.6 11
-11/Oct/1999 1.6 11
+sudoers(5) FILE FORMATS sudoers(5)
-SUDOERS(5) FILE FORMATS SUDOERS(5)
+ (which owns the web pages) or simply _\bs_\bu(1) to www.
ALL CDROM = NOPASSWD: /sbin/umount /CDROM,\
/sbin/mount -o nosuid\,nodev /dev/cd0a /CDROM
-
-
-11/Oct/1999 1.6 12
+8/Nov/1999 1.6 12
-SUDOERS(5) FILE FORMATS SUDOERS(5)
+sudoers(5) FILE FORMATS sudoers(5)
-11/Oct/1999 1.6 13
+8/Nov/1999 1.6 13
If a <CODE>Cmnd</CODE> has associated command line arguments, then the arguments in the <CODE>Cmnd</CODE> must match exactly those given by the user on the command line (or match
the wildcards if there are any). Note that the following characters must be
escaped with a '\' if they are used in command arguments: ',', ':', '=',
-'\\'.
+'\'.
<P>
<HR>
intended (see SECURITY NOTES below).
<P>
-Long lines can be continued with a backslash ('\\') as the last character
-on the line.
+Long lines can be continued with a backslash ('\') as the last character on
+the line.
<P>
Whitespace between elements in a list as well as specicial syntactic
characters in a <EM>User Specification</EM> ('=', ':', '(', ')') is optional.
+<P>
+The following characters must be escaped with a backslash ('\') when used
+as part of a word (eg. a username or hostname): '@', '!', '=', ':', ',',
+'(', ')', '\'.
+
<P>
<HR>
<H1><A NAME="EXAMPLES">EXAMPLES</A></H1>
''' $RCSfile$$Revision$$Date$
'''
''' $Log$
-''' Revision 1.13 1999/10/20 15:23:42 millert
-''' change ital to bold
+''' Revision 1.14 1999/11/09 00:00:29 millert
+''' Mention what characters need to be escaped in names.
'''
'''
.de Sh
.nr % 0
.rr F
.\}
-.TH SUDOERS 5 "1.6" "11/Oct/1999" "FILE FORMATS"
+.TH sudoers 5 "1.6" "8/Nov/1999" "FILE FORMATS"
.UC
.if n .hy 0
.if n .na
in the \f(CWCmnd\fR must match exactly those given by the user on the command line
(or match the wildcards if there are any). Note that the following
characters must be escaped with a \*(L'\e\*(R' if they are used in command
-arguments: \*(L',\*(R', \*(L':\*(R', \*(L'=\*(R', \*(L'\e\e\*(R'.
+arguments: \*(L',\*(R', \*(L':\*(R', \*(L'=\*(R', \*(L'\e\*(R'.
.Sh "Defaults"
Certain configuration options may be changed from their default
values at runtime via one or more \f(CWDefault_Entry\fR lines. These
run \*(L"all but a few\*(R" commands rarely works as intended (see \s-1SECURITY\s0
\s-1NOTES\s0 below).
.PP
-Long lines can be continued with a backslash (\*(R'\e\e') as the last
+Long lines can be continued with a backslash (\*(R'\e') as the last
character on the line.
.PP
Whitespace between elements in a list as well as specicial syntactic
characters in a \fIUser Specification\fR ('=\*(R', \*(L':\*(R', \*(L'(\*(R', \*(L')') is optional.
+.PP
+The following characters must be escaped with a backslash (\*(R'\e') when
+used as part of a word (eg. a username or hostname):
+\&'@\*(R', \*(L'!\*(R', \*(L'=\*(R', \*(L':\*(R', \*(L',\*(R', \*(L'(\*(R', \*(L')\*(R', \*(L'\e\*(R'.
.SH "EXAMPLES"
Below are example \fIsudoers\fR entries. Admittedly, some of
these are a bit contrived. First, we define our \fIaliases\fR:
\fIsudo\fR\|(8), \fIvisudo\fR\|(8), \fIsu\fR\|(1), \fIfnmatch\fR\|(3).
.rn }` ''
-.IX Title "SUDOERS 5"
+.IX Title "sudoers 5"
.IX Name "sudoers - list of which users may execute what"
.IX Header "NAME"
in the C<Cmnd> must match exactly those given by the user on the command line
(or match the wildcards if there are any). Note that the following
characters must be escaped with a '\' if they are used in command
-arguments: ',', ':', '=', '\\'.
+arguments: ',', ':', '=', '\'.
=head2 Defaults
run "all but a few" commands rarely works as intended (see SECURITY
NOTES below).
-Long lines can be continued with a backslash ('\\') as the last
+Long lines can be continued with a backslash ('\') as the last
character on the line.
Whitespace between elements in a list as well as specicial syntactic
characters in a I<User Specification> ('=', ':', '(', ')') is optional.
+The following characters must be escaped with a backslash ('\') when
+used as part of a word (eg. a username or hostname):
+'@', '!', '=', ':', ',', '(', ')', '\'.
+
=head1 EXAMPLES
Below are example I<sudoers> entries. Admittedly, some of
projects / sudo / commitdiff