added SKEY_ONLY

diff --git a/OPTIONS b/OPTIONS
index b688b7f2fab850b5371d69beffa7766138c55e20..78e05b5fef0c578bb8022be066c5c77ee3e515a4 100644 (file)
--- a/OPTIONS
+++ b/OPTIONS
@@ -183,6 +183,13 @@ FAST_MATCH
     this off, but it will make things take a little longer.
     This is on by default.
 
+SKEY_ONLY
+    When validating the user, only allow an s/key passkey.  Do not
+    compare against the passwd file or use any other authentication
+    scheme.  This is only useful if you want to force people to
+    use s/key.
+    This feature is off by default.
+
 SUDOERS_OWNER
     Who should own the sudoers file.  This must be a username, *not* a uid.
     This is useful if you want to make the sudoers file NFS-mounted

diff --git a/options.h b/options.h
index 4bbcd1f3c592bab9de82d7cfd92c276f8c7d4d4b..703abad9ee87c2a3318694b324458fa1bb6a3357 100644 (file)
--- a/options.h
+++ b/options.h
@@ -60,6 +60,7 @@
 /*#define USE_EXECV            /* use execv() instead of execvp() */
 /*#define SHELL_IF_NO_ARGS     /* if sudo is given no arguments run a shell */
 /*#define USE_TTY_TICKETS      /* have a different ticket file for each tty */
+/*#define SKEY_ONLY            /* validate user via s/key only */
 #define FAST_MATCH             /* command check fails if basenames not same */
 #ifndef SUDOERS_OWNER
 #define SUDOERS_OWNER "root"   /* sudoers file owner (usually root) */