When invoked as s\bsu\bud\bdo\boe\bed\bdi\bit\bt, the -\b-e\be option (described below), is implied.
s\bsu\bud\bdo\bo determines who is an authorized user by consulting the file
- _\b/_\be_\bt_\bc_\b/_\bs_\bu_\bd_\bo_\be_\br_\bs. By giving s\bsu\bud\bdo\bo the -\b-v\bv flag, a user can update the time
- stamp without running a _\bc_\bo_\bm_\bm_\ba_\bn_\bd. The password prompt itself will also
- time out if the user's password is not entered within 5 minutes (unless
- overridden via _\bs_\bu_\bd_\bo_\be_\br_\bs).
+ _\b/_\be_\bt_\bc_\b/_\bs_\bu_\bd_\bo_\be_\br_\bs. By running s\bsu\bud\bdo\bo with the -\b-v\bv option, a user can update
+ the time stamp without running a _\bc_\bo_\bm_\bm_\ba_\bn_\bd. The password prompt itself
+ will also time out if the user's password is not entered within 5
+ minutes (unless overridden via _\bs_\bu_\bd_\bo_\be_\br_\bs).
If a user who is not listed in the _\bs_\bu_\bd_\bo_\be_\br_\bs file tries to run a command
via s\bsu\bud\bdo\bo, mail is sent to the proper authorities, as defined at
configure time or in the _\bs_\bu_\bd_\bo_\be_\br_\bs file (defaults to root). Note that
the mail will not be sent if an unauthorized user tries to run sudo
- with the -\b-l\bl or -\b-v\bv flags. This allows users to determine for themselves
- whether or not they are allowed to use s\bsu\bud\bdo\bo.
+ with the -\b-l\bl or -\b-v\bv option. This allows users to determine for
+ themselves whether or not they are allowed to use s\bsu\bud\bdo\bo.
If s\bsu\bud\bdo\bo is run by root and the SUDO_USER environment variable is set,
s\bsu\bud\bdo\bo will use this value to determine who the actual user is. This can
be used by a user to log commands through sudo even when a root shell
- has been invoked. It also allows the -\b-e\be flag to remain useful even
+ has been invoked. It also allows the -\b-e\be option to remain useful even
when being run via a sudo-run script or program. Note however, that
the sudoers lookup is still done for root, not the user specified by
SUDO_USER.
-1.7.0 October 24, 2008 1
+1.7.0 November 15, 2008 1
-1.7.0 October 24, 2008 2
+1.7.0 November 15, 2008 2
-1.7.0 October 24, 2008 3
+1.7.0 November 15, 2008 3
_\bs_\bu_\bd_\bo_\be_\br_\bs, the fully-qualified path to the command is
displayed along with any command line arguments. If
_\bc_\bo_\bm_\bm_\ba_\bn_\bd is specified but not allowed, s\bsu\bud\bdo\bo will exit with a
- return value of 1. If the -\b-l\bl flag is specified with an l\bl
+ status value of 1. If the -\b-l\bl option is specified with an l\bl
argument (i.e. -\b-l\bll\bl), or if -\b-l\bl is specified multiple times,
a longer list format is used.
-1.7.0 October 24, 2008 4
+1.7.0 November 15, 2008 4
minutes (or whatever the timeout is set to in _\bs_\bu_\bd_\bo_\be_\br_\bs) but
does not run a command.
- -- The -\b--\b- flag indicates that s\bsu\bud\bdo\bo should stop processing
+ -- The -\b--\b- option indicates that s\bsu\bud\bdo\bo should stop processing
command line arguments. It is most useful in conjunction
- with the -\b-s\bs flag.
+ with the -\b-s\bs option.
Environment variables to be set for the command may also be passed on
-1.7.0 October 24, 2008 5
+1.7.0 November 15, 2008 5
forbidden. See _\bs_\bu_\bd_\bo_\be_\br_\bs(4) for more information.
R\bRE\bET\bTU\bUR\bRN\bN V\bVA\bAL\bLU\bUE\bES\bS
- Upon successful execution of a program, the return value from s\bsu\bud\bdo\bo will
- simply be the return value of the program that was executed.
+ Upon successful execution of a program, the exit status from s\bsu\bud\bdo\bo will
+ simply be the exit status of the program that was executed.
Otherwise, s\bsu\bud\bdo\bo quits with an exit value of 1 if there is a
configuration/permission problem or if s\bsu\bud\bdo\bo cannot execute the given
-1.7.0 October 24, 2008 6
+1.7.0 November 15, 2008 6
-1.7.0 October 24, 2008 7
+1.7.0 November 15, 2008 7
-1.7.0 October 24, 2008 8
+1.7.0 November 15, 2008 8
-1.7.0 October 24, 2008 9
+1.7.0 November 15, 2008 9
.\" ========================================================================
.\"
.IX Title "SUDO @mansectsu@"
-.TH SUDO @mansectsu@ "October 24, 2008" "1.7.0" "MAINTENANCE COMMANDS"
+.TH SUDO @mansectsu@ "November 15, 2008" "1.7.0" "MAINTENANCE COMMANDS"
.\" For nroff, turn off justification. Always turn off hyphenation; it makes
.\" way too many mistakes in technical documents.
.if n .ad l
is implied.
.PP
\&\fBsudo\fR determines who is an authorized user by consulting the file
-\&\fI@sysconfdir@/sudoers\fR. By giving \fBsudo\fR the \fB\-v\fR flag, a user
-can update the time stamp without running a \fIcommand\fR. The password
-prompt itself will also time out if the user's password is not
-entered within \f(CW\*(C`@password_timeout@\*(C'\fR minutes (unless overridden via
-\&\fIsudoers\fR).
+\&\fI@sysconfdir@/sudoers\fR. By running \fBsudo\fR with the \fB\-v\fR option,
+a user can update the time stamp without running a \fIcommand\fR. The
+password prompt itself will also time out if the user's password
+is not entered within \f(CW\*(C`@password_timeout@\*(C'\fR minutes (unless overridden
+via \fIsudoers\fR).
.PP
If a user who is not listed in the \fIsudoers\fR file tries to run a
command via \fBsudo\fR, mail is sent to the proper authorities, as
defined at configure time or in the \fIsudoers\fR file (defaults to
\&\f(CW\*(C`@mailto@\*(C'\fR). Note that the mail will not be sent if an unauthorized
-user tries to run sudo with the \fB\-l\fR or \fB\-v\fR flags. This allows
+user tries to run sudo with the \fB\-l\fR or \fB\-v\fR option. This allows
users to determine for themselves whether or not they are allowed
to use \fBsudo\fR.
.PP
is set, \fBsudo\fR will use this value to determine who the actual
user is. This can be used by a user to log commands through sudo
even when a root shell has been invoked. It also allows the \fB\-e\fR
-flag to remain useful even when being run via a sudo-run script or
+option to remain useful even when being run via a sudo-run script or
program. Note however, that the sudoers lookup is still done for
root, not the user specified by \f(CW\*(C`SUDO_USER\*(C'\fR.
.PP
\&\fIcommand\fR is specified and is permitted by \fIsudoers\fR, the
fully-qualified path to the command is displayed along with any
command line arguments. If \fIcommand\fR is specified but not allowed,
-\&\fBsudo\fR will exit with a return value of 1. If the \fB\-l\fR flag is
+\&\fBsudo\fR will exit with a status value of 1. If the \fB\-l\fR option is
specified with an \fBl\fR argument (i.e. \fB\-ll\fR), or if \fB\-l\fR
is specified multiple times, a longer list format is used.
.IP "\-n" 12
(or whatever the timeout is set to in \fIsudoers\fR) but does not run
a command.
.IP "\-\-" 12
-The \fB\-\-\fR flag indicates that \fBsudo\fR should stop processing command
-line arguments. It is most useful in conjunction with the \fB\-s\fR flag.
+The \fB\-\-\fR option indicates that \fBsudo\fR should stop processing command
+line arguments. It is most useful in conjunction with the \fB\-s\fR option.
.PP
Environment variables to be set for the command may also be passed
on the command line in the form of \fB\s-1VAR\s0\fR=\fIvalue\fR, e.g.
that would overwise be forbidden. See \fIsudoers\fR\|(@mansectform@) for more information.
.SH "RETURN VALUES"
.IX Header "RETURN VALUES"
-Upon successful execution of a program, the return value from \fBsudo\fR
-will simply be the return value of the program that was executed.
+Upon successful execution of a program, the exit status from \fBsudo\fR
+will simply be the exit status of the program that was executed.
.PP
Otherwise, \fBsudo\fR quits with an exit value of 1 if there is a
configuration/permission problem or if \fBsudo\fR cannot execute the
-1.7.0 November 6, 2008 1
+1.7.0 November 15, 2008 1
-1.7.0 November 6, 2008 2
+1.7.0 November 15, 2008 2
(or match the wildcards if there are any). Note that the following
characters must be escaped with a '\' if they are used in command
arguments: ',', ':', '=', '\'. The special command "sudoedit" is used
- to permit a user to run s\bsu\bud\bdo\bo with the -\b-e\be flag (or as s\bsu\bud\bdo\boe\bed\bdi\bit\bt). It may
- take command line arguments just as a normal command does.
+ to permit a user to run s\bsu\bud\bdo\bo with the -\b-e\be option (or as s\bsu\bud\bdo\boe\bed\bdi\bit\bt). It
+ may take command line arguments just as a normal command does.
-1.7.0 November 6, 2008 3
+1.7.0 November 15, 2008 3
-1.7.0 November 6, 2008 4
+1.7.0 November 15, 2008 4
run as. A fully-specified Runas_Spec consists of two Runas_Lists (as
defined above) separated by a colon (':') and enclosed in a set of
parentheses. The first Runas_List indicates which users the command
- may be run as via s\bsu\bud\bdo\bo's -\b-u\bu flag. The second defines a list of groups
- that can be specified via s\bsu\bud\bdo\bo's -\b-g\bg flag. If both Runas_Lists are
- specified, the command may be run with any combination of users and
+ may be run as via s\bsu\bud\bdo\bo's -\b-u\bu option. The second defines a list of
+ groups that can be specified via s\bsu\bud\bdo\bo's -\b-g\bg option. If both Runas_Lists
+ are specified, the command may be run with any combination of users and
groups listed in their respective Runas_Lists. If only the first is
specified, the command may be run as any user in the list but no -\b-g\bg
- flag may be specified. If the first Runas_List is empty but the second
- is specified, the command may be run as the invoking user with the
- group set to any listed in the Runas_List. If no Runas_Spec is
+ option may be specified. If the first Runas_List is empty but the
+ second is specified, the command may be run as the invoking user with
+ the group set to any listed in the Runas_List. If no Runas_Spec is
specified the command may be run as r\bro\boo\bot\bt and no group may be specified.
A Runas_Spec sets the default for the commands that follow it. What
-1.7.0 November 6, 2008 5
+1.7.0 November 15, 2008 5
-1.7.0 November 6, 2008 6
+1.7.0 November 15, 2008 6
-1.7.0 November 6, 2008 7
+1.7.0 November 15, 2008 7
-1.7.0 November 6, 2008 8
+1.7.0 November 15, 2008 8
always_set_home If set, s\bsu\bud\bdo\bo will set the HOME environment variable to
the home directory of the target user (which is root
unless the -\b-u\bu option is used). This effectively means
- that the -\b-H\bH flag is always implied. This flag is _\bo_\bf_\bf
+ that the -\b-H\bH option is always implied. This flag is _\bo_\bf_\bf
by default.
authenticate If set, users must authenticate themselves via a
-1.7.0 November 6, 2008 9
+1.7.0 November 15, 2008 9
-1.7.0 November 6, 2008 10
+1.7.0 November 15, 2008 10
-1.7.0 November 6, 2008 11
+1.7.0 November 15, 2008 11
SUDOERS(4) MAINTENANCE COMMANDS SUDOERS(4)
- set_home If set and s\bsu\bud\bdo\bo is invoked with the -\b-s\bs flag the HOME
+ set_home If set and s\bsu\bud\bdo\bo is invoked with the -\b-s\bs option the HOME
environment variable will be set to the home directory
of the target user (which is root unless the -\b-u\bu option
- is used). This effectively makes the -\b-s\bs flag imply -\b-H\bH.
- This flag is _\bo_\bf_\bf by default.
+ is used). This effectively makes the -\b-s\bs option imply
+ -\b-H\bH. This flag is _\bo_\bf_\bf by default.
set_logname Normally, s\bsu\bud\bdo\bo will set the LOGNAME, USER and USERNAME
environment variables to the name of the target user
- (usually root unless the -\b-u\bu flag is given). However,
+ (usually root unless the -\b-u\bu option is given). However,
since some programs (including the RCS revision control
system) use LOGNAME to determine the real identity of
the user, it may be desirable to change this behavior.
_\bo_\bf_\bf by default.
shell_noargs If set and s\bsu\bud\bdo\bo is invoked with no arguments it acts as
- if the -\b-s\bs flag had been given. That is, it runs a
+ if the -\b-s\bs option had been given. That is, it runs a
shell as root (the shell is determined by the SHELL
environment variable if it is set, falling back on the
shell listed in the invoking user's /etc/passwd entry
This flag is _\bo_\bf_\bf by default.
targetpw If set, s\bsu\bud\bdo\bo will prompt for the password of the user
- specified by the -\b-u\bu flag (defaults to root) instead of
- the password of the invoking user. Note that this
+ specified by the -\b-u\bu option (defaults to root) instead
+ of the password of the invoking user. Note that this
precludes the use of a uid not listed in the passwd
- database as an argument to the -\b-u\bu flag. This flag is
+ database as an argument to the -\b-u\bu option. This flag is
_\bo_\bf_\bf by default.
tty_tickets If set, users must authenticate on a per-tty basis.
-1.7.0 November 6, 2008 12
+1.7.0 November 15, 2008 12
-1.7.0 November 6, 2008 13
+1.7.0 November 15, 2008 13
-1.7.0 November 6, 2008 14
+1.7.0 November 15, 2008 14
SUDOERS(4) MAINTENANCE COMMANDS SUDOERS(4)
- runas_default The default user to run commands as if the -\b-u\bu flag is
+ runas_default The default user to run commands as if the -\b-u\bu option is
not specified on the command line. This defaults to
root. Note that if _\br_\bu_\bn_\ba_\bs_\b__\bd_\be_\bf_\ba_\bu_\bl_\bt is set it m\bmu\bus\bst\bt occur
before any Runas_Alias specifications.
-1.7.0 November 6, 2008 15
+1.7.0 November 15, 2008 15
file exists. By default, s\bsu\bud\bdo\bo uses a built-in lecture.
listpw This option controls when a password will be required when
- a user runs s\bsu\bud\bdo\bo with the -\b-l\bl flag. It has the following
+ a user runs s\bsu\bud\bdo\bo with the -\b-l\bl option. It has the following
possible values:
all All the user's _\bs_\bu_\bd_\bo_\be_\br_\bs entries for the current host
password.
always The user must always enter a password to use the -\b-l\bl
- flag.
+ option.
any At least one of the user's _\bs_\bu_\bd_\bo_\be_\br_\bs entries for the
current host must have the NOPASSWD flag set to
avoid entering a password.
never The user need never enter a password to use the -\b-l\bl
- flag.
+ option.
If no value is specified, a value of _\ba_\bn_\by is implied.
Negating the option results in a value of _\bn_\be_\bv_\be_\br being used.
-1.7.0 November 6, 2008 16
+1.7.0 November 15, 2008 16
to disable syslog logging). Defaults to local2.
verifypw This option controls when a password will be required when
- a user runs s\bsu\bud\bdo\bo with the -\b-v\bv flag. It has the following
+ a user runs s\bsu\bud\bdo\bo with the -\b-v\bv option. It has the following
possible values:
all All the user's _\bs_\bu_\bd_\bo_\be_\br_\bs entries for the current host
password.
always The user must always enter a password to use the -\b-v\bv
- flag.
+ option.
any At least one of the user's _\bs_\bu_\bd_\bo_\be_\br_\bs entries for the
current host must have the NOPASSWD flag set to
avoid entering a password.
never The user need never enter a password to use the -\b-v\bv
- flag.
+ option.
If no value is specified, a value of _\ba_\bl_\bl is implied.
Negating the option results in a value of _\bn_\be_\bv_\be_\br being used.
-1.7.0 November 6, 2008 17
+1.7.0 November 15, 2008 17
-1.7.0 November 6, 2008 18
+1.7.0 November 15, 2008 18
-1.7.0 November 6, 2008 19
+1.7.0 November 15, 2008 19
john ALPHA = /usr/bin/su [!-]*, !/usr/bin/su *root*
On the _\bA_\bL_\bP_\bH_\bA machines, user j\bjo\boh\bhn\bn may su to anyone except root but he is
- not allowed to give _\bs_\bu(1) any flags.
+ not allowed to specify any options to the _\bs_\bu(1) command.
jen ALL, !SERVERS = ALL
-1.7.0 November 6, 2008 20
+1.7.0 November 15, 2008 20
-1.7.0 November 6, 2008 21
+1.7.0 November 15, 2008 21
-1.7.0 November 6, 2008 22
+1.7.0 November 15, 2008 22
-1.7.0 November 6, 2008 23
+1.7.0 November 15, 2008 23
.\" ========================================================================
.\"
.IX Title "SUDOERS @mansectform@"
-.TH SUDOERS @mansectform@ "November 6, 2008" "1.7.0" "MAINTENANCE COMMANDS"
+.TH SUDOERS @mansectform@ "November 15, 2008" "1.7.0" "MAINTENANCE COMMANDS"
.\" For nroff, turn off justification. Always turn off hyphenation; it makes
.\" way too many mistakes in technical documents.
.if n .ad l
(or match the wildcards if there are any). Note that the following
characters must be escaped with a '\e' if they are used in command
arguments: ',', ':', '=', '\e'. The special command \f(CW"sudoedit"\fR
-is used to permit a user to run \fBsudo\fR with the \fB\-e\fR flag (or
+is used to permit a user to run \fBsudo\fR with the \fB\-e\fR option (or
as \fBsudoedit\fR). It may take command line arguments just as
a normal command does.
.Sh "Defaults"
may be run as. A fully-specified \f(CW\*(C`Runas_Spec\*(C'\fR consists of two
\&\f(CW\*(C`Runas_List\*(C'\fRs (as defined above) separated by a colon (':') and
enclosed in a set of parentheses. The first \f(CW\*(C`Runas_List\*(C'\fR indicates
-which users the command may be run as via \fBsudo\fR's \fB\-u\fR flag.
+which users the command may be run as via \fBsudo\fR's \fB\-u\fR option.
The second defines a list of groups that can be specified via
-\&\fBsudo\fR's \fB\-g\fR flag. If both \f(CW\*(C`Runas_List\*(C'\fRs are specified, the
+\&\fBsudo\fR's \fB\-g\fR option. If both \f(CW\*(C`Runas_List\*(C'\fRs are specified, the
command may be run with any combination of users and groups listed
in their respective \f(CW\*(C`Runas_List\*(C'\fRs. If only the first is specified,
-the command may be run as any user in the list but no \fB\-g\fR flag
+the command may be run as any user in the list but no \fB\-g\fR option
may be specified. If the first \f(CW\*(C`Runas_List\*(C'\fR is empty but the
second is specified, the command may be run as the invoking user
with the group set to any listed in the \f(CW\*(C`Runas_List\*(C'\fR. If no
.IX Item "always_set_home"
If set, \fBsudo\fR will set the \f(CW\*(C`HOME\*(C'\fR environment variable to the home
directory of the target user (which is root unless the \fB\-u\fR option is used).
-This effectively means that the \fB\-H\fR flag is always implied.
+This effectively means that the \fB\-H\fR option is always implied.
This flag is \fIoff\fR by default.
.IP "authenticate" 16
.IX Item "authenticate"
password of the invoking user. This flag is \fIoff\fR by default.
.IP "set_home" 16
.IX Item "set_home"
-If set and \fBsudo\fR is invoked with the \fB\-s\fR flag the \f(CW\*(C`HOME\*(C'\fR
+If set and \fBsudo\fR is invoked with the \fB\-s\fR option the \f(CW\*(C`HOME\*(C'\fR
environment variable will be set to the home directory of the target
user (which is root unless the \fB\-u\fR option is used). This effectively
-makes the \fB\-s\fR flag imply \fB\-H\fR. This flag is \fIoff\fR by default.
+makes the \fB\-s\fR option imply \fB\-H\fR. This flag is \fIoff\fR by default.
.IP "set_logname" 16
.IX Item "set_logname"
Normally, \fBsudo\fR will set the \f(CW\*(C`LOGNAME\*(C'\fR, \f(CW\*(C`USER\*(C'\fR and \f(CW\*(C`USERNAME\*(C'\fR
environment variables to the name of the target user (usually root
-unless the \fB\-u\fR flag is given). However, since some programs
+unless the \fB\-u\fR option is given). However, since some programs
(including the \s-1RCS\s0 revision control system) use \f(CW\*(C`LOGNAME\*(C'\fR to
determine the real identity of the user, it may be desirable to
change this behavior. This can be done by negating the set_logname
.IP "shell_noargs" 16
.IX Item "shell_noargs"
If set and \fBsudo\fR is invoked with no arguments it acts as if the
-\&\fB\-s\fR flag had been given. That is, it runs a shell as root (the
+\&\fB\-s\fR option had been given. That is, it runs a shell as root (the
shell is determined by the \f(CW\*(C`SHELL\*(C'\fR environment variable if it is
set, falling back on the shell listed in the invoking user's
/etc/passwd entry if not). This flag is \fIoff\fR by default.
.IP "targetpw" 16
.IX Item "targetpw"
If set, \fBsudo\fR will prompt for the password of the user specified by
-the \fB\-u\fR flag (defaults to \f(CW\*(C`root\*(C'\fR) instead of the password of the
+the \fB\-u\fR option (defaults to \f(CW\*(C`root\*(C'\fR) instead of the password of the
invoking user. Note that this precludes the use of a uid not listed
-in the passwd database as an argument to the \fB\-u\fR flag.
+in the passwd database as an argument to the \fB\-u\fR option.
This flag is \fIoff\fR by default.
.IP "tty_tickets" 16
.IX Item "tty_tickets"
@SEMAN@This option is only available whe \fBsudo\fR is built with SELinux support.
.IP "runas_default" 16
.IX Item "runas_default"
-The default user to run commands as if the \fB\-u\fR flag is not specified
+The default user to run commands as if the \fB\-u\fR option is not specified
on the command line. This defaults to \f(CW\*(C`@runas_default@\*(C'\fR.
Note that if \fIrunas_default\fR is set it \fBmust\fR occur before
any \f(CW\*(C`Runas_Alias\*(C'\fR specifications.
.IP "listpw" 12
.IX Item "listpw"
This option controls when a password will be required when a
-user runs \fBsudo\fR with the \fB\-l\fR flag. It has the following possible values:
+user runs \fBsudo\fR with the \fB\-l\fR option. It has the following possible values:
.RS 12
.IP "all" 8
.IX Item "all"
the \f(CW\*(C`NOPASSWD\*(C'\fR flag set to avoid entering a password.
.IP "always" 8
.IX Item "always"
-The user must always enter a password to use the \fB\-l\fR flag.
+The user must always enter a password to use the \fB\-l\fR option.
.IP "any" 8
.IX Item "any"
At least one of the user's \fIsudoers\fR entries for the current host
must have the \f(CW\*(C`NOPASSWD\*(C'\fR flag set to avoid entering a password.
.IP "never" 8
.IX Item "never"
-The user need never enter a password to use the \fB\-l\fR flag.
+The user need never enter a password to use the \fB\-l\fR option.
.RE
.RS 12
.Sp
.IP "verifypw" 12
.IX Item "verifypw"
This option controls when a password will be required when a user runs
-\&\fBsudo\fR with the \fB\-v\fR flag. It has the following possible values:
+\&\fBsudo\fR with the \fB\-v\fR option. It has the following possible values:
.RS 12
.IP "all" 8
.IX Item "all"
the \f(CW\*(C`NOPASSWD\*(C'\fR flag set to avoid entering a password.
.IP "always" 8
.IX Item "always"
-The user must always enter a password to use the \fB\-v\fR flag.
+The user must always enter a password to use the \fB\-v\fR option.
.IP "any" 8
.IX Item "any"
At least one of the user's \fIsudoers\fR entries for the current host
must have the \f(CW\*(C`NOPASSWD\*(C'\fR flag set to avoid entering a password.
.IP "never" 8
.IX Item "never"
-The user need never enter a password to use the \fB\-v\fR flag.
+The user need never enter a password to use the \fB\-v\fR option.
.RE
.RS 12
.Sp
.Ve
.PP
On the \fI\s-1ALPHA\s0\fR machines, user \fBjohn\fR may su to anyone except root
-but he is not allowed to give \fIsu\fR\|(1) any flags.
+but he is not allowed to specify any options to the \fIsu\fR\|(1) command.
.PP
.Vb 1
\& jen ALL, !SERVERS = ALL
determined by the _\bc_\bo_\bn_\bf_\bi_\bg_\bu_\br_\be script. Normally, v\bvi\bis\bsu\bud\bdo\bo does not honor
the VISUAL or EDITOR environment variables unless they contain an
editor in the aforementioned editors list. However, if v\bvi\bis\bsu\bud\bdo\bo is
- configured with the _\b-_\b-_\bw_\bi_\bt_\bh_\b-_\be_\bn_\bv_\be_\bd_\bi_\bt_\bo_\br flag or the _\be_\bn_\bv_\b__\be_\bd_\bi_\bt_\bo_\br Default
+ configured with the _\b-_\b-_\bw_\bi_\bt_\bh_\b-_\be_\bn_\bv_\be_\bd_\bi_\bt_\bo_\br option or the _\be_\bn_\bv_\b__\be_\bd_\bi_\bt_\bo_\br Default
variable is set in _\bs_\bu_\bd_\bo_\be_\br_\bs, v\bvi\bis\bsu\bud\bdo\bo will use any the editor defines by
VISUAL or EDITOR. Note that this can be a security hole since it
allows the user to execute any program they wish simply by setting
-1.7.0 October 24, 2008 1
+1.7.0 November 15, 2008 1
errors are not printed. This option is only useful when
- combined with the -\b-c\bc flag.
+ combined with the -\b-c\bc option.
-s Enable s\bst\btr\bri\bic\bct\bt checking of the _\bs_\bu_\bd_\bo_\be_\br_\bs file. If an alias is
used before it is defined, v\bvi\bis\bsu\bud\bdo\bo will consider this a
-1.7.0 October 24, 2008 2
+1.7.0 November 15, 2008 2
-1.7.0 October 24, 2008 3
+1.7.0 November 15, 2008 3
.\" Copyright (c) 1996,1998-2005, 2007-2008
-.\" Todd C. Miller <Todd.Miller@courtesan.com>
+.\" Todd C. Miller <Todd.Miller@courtesan.com>
.\"
.\" Permission to use, copy, modify, and distribute this software for any
.\" purpose with or without fee is hereby granted, provided that the above
.\" ========================================================================
.\"
.IX Title "VISUDO @mansectsu@"
-.TH VISUDO @mansectsu@ "October 24, 2008" "1.7.0" "MAINTENANCE COMMANDS"
+.TH VISUDO @mansectsu@ "November 15, 2008" "1.7.0" "MAINTENANCE COMMANDS"
.\" For nroff, turn off justification. Always turn off hyphenation; it makes
.\" way too many mistakes in technical documents.
.if n .ad l
\&\fBvisudo\fR does not honor the \f(CW\*(C`VISUAL\*(C'\fR or \f(CW\*(C`EDITOR\*(C'\fR environment
variables unless they contain an editor in the aforementioned editors
list. However, if \fBvisudo\fR is configured with the \fI\-\-with\-enveditor\fR
-flag or the \fIenv_editor\fR \f(CW\*(C`Default\*(C'\fR variable is set in \fIsudoers\fR,
+option or the \fIenv_editor\fR \f(CW\*(C`Default\*(C'\fR variable is set in \fIsudoers\fR,
\&\fBvisudo\fR will use any the editor defines by \f(CW\*(C`VISUAL\*(C'\fR or \f(CW\*(C`EDITOR\*(C'\fR.
Note that this can be a security hole since it allows the user to
execute any program they wish simply by setting \f(CW\*(C`VISUAL\*(C'\fR or \f(CW\*(C`EDITOR\*(C'\fR.
.IX Item "-q"
Enable \fBquiet\fR mode. In this mode details about syntax errors
are not printed. This option is only useful when combined with
-the \fB\-c\fR flag.
+the \fB\-c\fR option.
.IP "\-s" 12
.IX Item "-s"
Enable \fBstrict\fR checking of the \fIsudoers\fR file. If an alias is
projects / sudo / commitdiff