From: Todd C. Miller Date: Fri, 19 Jul 2013 15:42:25 +0000 (-0600) Subject: Long option support for visudo and sudoreplay. X-Git-Tag: SUDO_1_8_8^2~103 X-Git-Url: https://granicus.if.org/sourcecode?a=commitdiff_plain;h=39575aecf2e0be82827d1c4071ae8e6d31df84b7;p=sudo Long option support for visudo and sudoreplay. --- diff --git a/doc/sudo.man.in b/doc/sudo.man.in index e45396494..c31874d18 100644 --- a/doc/sudo.man.in +++ b/doc/sudo.man.in @@ -31,7 +31,7 @@ .SH "SYNOPSIS" .HP 5n \fBsudo\fR -\fB\-h\fR\ |\ \fB\-K\fR\ |\ \fB\-k\fR\ |\ \fB\-V\fR +\fB\-h\fR | \fB\-K\fR | \fB\-k\fR | \fB\-V\fR .PD 0 .HP 5n \fBsudo\fR @@ -170,19 +170,21 @@ sudo.conf(@mansectform@) contains a line specifying the askpass program, that value will be used. For example: +.RS .nf .sp -.RS 16n +.RS 4n # Path to askpass helper program Path askpass /usr/X11R6/bin/ssh-askpass .RE .fi -.RS 12n .sp If no askpass program is available, \fBsudo\fR will exit with an error. +.PP .RE +.PD 0 .TP 12n \fB\-a\fR, \fB\--auth-type\fR \fIauth_type\fR The @@ -194,10 +196,11 @@ as allowed by \fI/etc/login.conf\fR. The system administrator may specify a list of sudo-specific authentication methods by adding an -\(lqauth-sudo\(rq +``auth-sudo'' entry in \fI/etc/login.conf\fR. This option is only available on systems that support BSD authentication. +.PD .TP 12n \fB\-b\fR, \fB\--background\fR The @@ -244,7 +247,7 @@ The argument can be either a class name as defined in \fI/etc/login.conf\fR, or a single -\(oq\-\(cq +`\-' character. Specifying a \fIclass\fR @@ -279,7 +282,7 @@ In lieu of a command, the string "sudoedit" is used when consulting the security policy. If the user is authorized by the policy, the following steps are taken: -.RS 13n +.RS .TP 5n 1. Temporary copies are made of the files to be edited with the owner @@ -309,9 +312,7 @@ option is used. 3. If they have been modified, the temporary files are copied back to their original location and the temporary versions are removed. -.RE -.RS 12n -.sp +.PP If the specified file does not exist, it will be created. Note that unlike most commands run by \fIsudo\fR, @@ -321,7 +322,9 @@ If, for some reason, is unable to update a file with its edited version, the user will receive a warning and the edited copy will remain in a temporary file. +.PP .RE +.PD 0 .TP 12n \fB\-g\fR, \fB\--group\fR \fIgroup\fR Normally, @@ -341,15 +344,16 @@ To specify a numeric group ID instead of a group name, use \fI#gid\fR. When running commands as a gid, many shells require that the -\(oq#\(cq +`#' be escaped with a backslash -(\(oq\e\(cq). +(`\e'). If no \fB\-u\fR option is specified, the command will be run as the invoking user (not root). In either case, the primary group will be set to \fIgroup\fR. +.PD .TP 12n \fB\-H\fR, \fB\--set-home\fR The @@ -502,13 +506,11 @@ The option allows you to override the default password prompt and use a custom one. The following percent -(\(oq%\(cq) +(`%') escapes are supported by the \fIsudoers\fR policy: -.PP -.RS 12n -.PD 0 +.RS .TP 4n \fR%H\fR expanded to the host name including the domain name (on if the @@ -516,7 +518,6 @@ machine's host name is fully qualified or the \fIfqdn\fR option is set in sudoers(@mansectform@)) -.PD .TP 4n \fR%h\fR expanded to the local host name without the domain name @@ -542,9 +543,9 @@ expanded to the invoking user's login name .TP 4n \fR%%\fR two consecutive -\(oq%\(cq +`%' characters are collapsed into a single -\(oq%\(cq +`%' character .PP The prompt specified by the @@ -554,7 +555,9 @@ support PAM unless the \fIpassprompt_override\fR flag is disabled in \fIsudoers\fR. +.PP .RE +.PD 0 .TP 12n \fB\-r\fR, \fB\--role\fR \fIrole\fR The @@ -562,6 +565,7 @@ The option causes the new SELinux security context to have the role specified by \fIrole\fR. +.PD .TP 12n \fB\-S\fR, \fB\--stdin\fR The @@ -619,9 +623,9 @@ To specify a numeric user ID instead of a user name, use \fI#uid\fR. When running commands as a uid, many shells require that the -\(oq#\(cq +`#' be escaped with a backslash -(\(oq\e\(cq). +(`\e'). Some security policies may restrict uids to those listed in the password database. The @@ -749,7 +753,7 @@ process waits until the command has completed, then passes the command's exit status to the security policy's close function and exits. If an I/O logging plugin is configured or if the security policy explicitly requests it, a new pseudo-terminal -(\(lqpty\(rq) +(``pty'') is created and a second \fBsudo\fR process is used to relay job control signals between the user's @@ -757,7 +761,7 @@ existing pty and the new pty the command is being run in. This extra process makes it possible to, for example, suspend and resume the command. Without it, the command would be in what POSIX terms an -\(lqorphaned process group\(rq +``orphaned process group'' and it would not receive any job control signals. As a special case, if the policy plugin does not define a close function and no pty is required, @@ -884,7 +888,7 @@ This should not happen under normal circumstances. The most common reason for stat(2) to return -\(lqpermission denied\(rq +``permission denied'' is if you are running an automounter and one of the directories in your \fRPATH\fR @@ -938,7 +942,7 @@ re-enabled for the command that is run). To aid in debugging \fBsudo\fR crashes, you may wish to re-enable core dumps by setting -\(lqdisable_coredump\(rq +``disable_coredump'' to false in the sudo.conf(@mansectform@) file as follows: @@ -1190,7 +1194,7 @@ search the archives. .SH "DISCLAIMER" \fBsudo\fR is provided -\(lqAS IS\(rq +``AS IS'' and any express or implied warranties, including, but not limited to, the implied warranties of merchantability and fitness for a particular purpose are disclaimed. diff --git a/doc/sudoreplay.cat b/doc/sudoreplay.cat index a2549205f..68c811ab2 100644 --- a/doc/sudoreplay.cat +++ b/doc/sudoreplay.cat @@ -35,19 +35,21 @@ DDEESSCCRRIIPPTTIIOONN The options are as follows: - --dd _d_i_r_e_c_t_o_r_y Use _d_i_r_e_c_t_o_r_y to for the session logs instead of the + --dd, ----ddiirreeccttoorryy _d_i_r_e_c_t_o_r_y + Use _d_i_r_e_c_t_o_r_y to for the session logs instead of the default, _/_v_a_r_/_l_o_g_/_s_u_d_o_-_i_o. - --ff _f_i_l_t_e_r By default, ssuuddoorreeppllaayy will play back the command's + --ff, ----ffiilltteerr _f_i_l_t_e_r + By default, ssuuddoorreeppllaayy will play back the command's standard output, standard error and tty output. The --ff option can be used to select which of these to output. The _f_i_l_t_e_r argument is a comma-separated list, consisting of one or more of following: _s_t_d_o_u_t, _s_t_d_e_r_r, and _t_t_y_o_u_t. - --hh The --hh (_h_e_l_p) option causes ssuuddoorreeppllaayy to print a short + --hh, ----hheellpp The --hh (_h_e_l_p) option causes ssuuddoorreeppllaayy to print a short help message to the standard output and exit. - --ll [_s_e_a_r_c_h _e_x_p_r_e_s_s_i_o_n] + --ll, ----lliisstt [_s_e_a_r_c_h _e_x_p_r_e_s_s_i_o_n] Enable ``list mode''. In this mode, ssuuddoorreeppllaayy will list available sessions in a format similar to the ssuuddoo log file format, sorted by file name (or sequence number). If a @@ -108,7 +110,8 @@ DDEESSCCRRIIPPTTIIOONN optional, adjacent predicates have an implied _a_n_d unless separated by an _o_r. - --mm _m_a_x___w_a_i_t Specify an upper bound on how long to wait between key + --mm, ----mmaaxx--wwaaiitt _m_a_x___w_a_i_t + Specify an upper bound on how long to wait between key presses or output data. By default, ssuuddoorreeppllaayy will accurately reproduce the delays between key presses or program output. However, this can be tedious when the @@ -117,7 +120,7 @@ DDEESSCCRRIIPPTTIIOONN _m_a_x___w_a_i_t seconds. The value may be specified as a floating point number, e.g. _2_._5. - --ss _s_p_e_e_d___f_a_c_t_o_r + --ss, ----ssppeeeedd _s_p_e_e_d___f_a_c_t_o_r This option causes ssuuddoorreeppllaayy to adjust the number of seconds it will wait between key presses or program output. This can be used to slow down or speed up the display. For @@ -125,7 +128,8 @@ DDEESSCCRRIIPPTTIIOONN fast whereas a _s_p_e_e_d___f_a_c_t_o_r of _._5 would make the output twice as slow. - --VV The --VV (_v_e_r_s_i_o_n) option causes ssuuddoorreeppllaayy to print its + --VV, ----vveerrssiioonn + The --VV (_v_e_r_s_i_o_n) option causes ssuuddoorreeppllaayy to print its version number and exit. DDaattee aanndd ttiimmee ffoorrmmaatt @@ -253,4 +257,4 @@ DDIISSCCLLAAIIMMEERR file distributed with ssuuddoo or http://www.sudo.ws/sudo/license.html for complete details. -Sudo 1.8.7 February 5, 2013 Sudo 1.8.7 +Sudo 1.8.8 July 7, 2013 Sudo 1.8.8 diff --git a/doc/sudoreplay.man.in b/doc/sudoreplay.man.in index 09139ed8f..bb81d8933 100644 --- a/doc/sudoreplay.man.in +++ b/doc/sudoreplay.man.in @@ -1,7 +1,7 @@ .\" DO NOT EDIT THIS FILE, IT IS NOT THE MASTER! .\" IT IS GENERATED AUTOMATICALLY FROM sudoreplay.mdoc.in .\" -.\" Copyright (c) 2009-2012 Todd C. Miller +.\" Copyright (c) 2009-2013 Todd C. Miller .\" .\" Permission to use, copy, modify, and distribute this software for any .\" purpose with or without fee is hereby granted, provided that the above @@ -16,7 +16,7 @@ .\" OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. .\" ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. .\" -.TH "SUDOREPLAY" "@mansectsu@" "February 5, 2013" "Sudo @PACKAGE_VERSION@" "System Manager's Manual" +.TH "SUDOREPLAY" "@mansectsu@" "July 7, 2013" "Sudo @PACKAGE_VERSION@" "System Manager's Manual" .nh .if n .ad l .SH "NAME" @@ -93,14 +93,13 @@ Double the playback speed. .PP The options are as follows: .TP 14n -\fB\-d\fR \fIdirectory\fR -.br +\fB\-d\fR, \fB\--directory\fR \fIdirectory\fR Use \fIdirectory\fR to for the session logs instead of the default, \fI@iolog_dir@\fR. .TP 14n -\fB\-f\fR \fIfilter\fR +\fB\-f\fR, \fB\--filter\fR \fIfilter\fR By default, \fBsudoreplay\fR will play back the command's standard output, standard error and tty output. @@ -115,14 +114,14 @@ argument is a comma-separated list, consisting of one or more of following: and \fIttyout\fR. .TP 14n -\fB\-h\fR +\fB\-h\fR, \fB\--help\fR The \fB\-h\fR (\fIhelp\fR) option causes \fBsudoreplay\fR to print a short help message to the standard output and exit. .TP 14n -\fB\-l\fR [\fIsearch expression\fR] +\fB\-l\fR, \fB\--list\fR [\fIsearch expression\fR] Enable ``list mode''. In this mode, @@ -218,7 +217,7 @@ unless separated by an .RE .PD 0 .TP 14n -\fB\-m\fR \fImax_wait\fR +\fB\-m\fR, \fB\--max-wait\fR \fImax_wait\fR Specify an upper bound on how long to wait between key presses or output data. By default, \fBsudoreplay\fR @@ -235,7 +234,7 @@ The value may be specified as a floating point number, e.g.\& \fI2.5\fR. .PD .TP 14n -\fB\-s\fR \fIspeed_factor\fR +\fB\-s\fR, \fB\--speed\fR \fIspeed_factor\fR This option causes \fBsudoreplay\fR to adjust the number of seconds it will wait between key presses or @@ -251,7 +250,7 @@ of \fI.5\fR would make the output twice as slow. .TP 14n -\fB\-V\fR +\fB\-V\fR, \fB\--version\fR The \fB\-V\fR (\fIversion\fR) option causes diff --git a/doc/sudoreplay.mdoc.in b/doc/sudoreplay.mdoc.in index 610122d43..38b6ff0ed 100644 --- a/doc/sudoreplay.mdoc.in +++ b/doc/sudoreplay.mdoc.in @@ -1,5 +1,5 @@ .\" -.\" Copyright (c) 2009-2012 Todd C. Miller +.\" Copyright (c) 2009-2013 Todd C. Miller .\" .\" Permission to use, copy, modify, and distribute this software for any .\" purpose with or without fee is hereby granted, provided that the above @@ -14,7 +14,7 @@ .\" OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. .\" ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. .\" -.Dd February 5, 2013 +.Dd July 7, 2013 .Dt SUDOREPLAY @mansectsu@ .Os Sudo @PACKAGE_VERSION@ .Sh NAME @@ -99,12 +99,12 @@ Double the playback speed. .Pp The options are as follows: .Bl -tag -width 12n -.It Fl d Ar directory +.It Fl d , -directory Ar directory Use .Ar directory to for the session logs instead of the default, .Pa @iolog_dir@ . -.It Fl f Ar filter +.It Fl f , -filter Ar filter By default, .Nm sudoreplay will play back the command's standard output, standard error and tty output. @@ -118,13 +118,13 @@ argument is a comma-separated list, consisting of one or more of following: .Em stderr , and .Em ttyout . -.It Fl h +.It Fl h , -help The .Fl h No ( Em help Ns No ) option causes .Nm sudoreplay to print a short help message to the standard output and exit. -.It Fl l Op Ar search expression +.It Fl l , -list Op Ar search expression Enable .Dq list mode . In this mode, @@ -209,7 +209,7 @@ operator is optional, adjacent predicates have an implied .Em and unless separated by an .Em or . -.It Fl m Ar max_wait +.It Fl m , -max-wait Ar max_wait Specify an upper bound on how long to wait between key presses or output data. By default, .Nm sudoreplay @@ -224,7 +224,7 @@ will limit these pauses to at most seconds. The value may be specified as a floating point number, e.g.\& .Em 2.5 . -.It Fl s Ar speed_factor +.It Fl s , -speed Ar speed_factor This option causes .Nm sudoreplay to adjust the number of seconds it will wait between key presses or @@ -239,7 +239,7 @@ would make the output twice as fast whereas a of .Em .5 would make the output twice as slow. -.It Fl V +.It Fl V , -version The .Fl V No ( Em version Ns No ) option causes diff --git a/doc/visudo.cat b/doc/visudo.cat index 883d9cdaf..c4acbc953 100644 --- a/doc/visudo.cat +++ b/doc/visudo.cat @@ -37,7 +37,8 @@ DDEESSCCRRIIPPTTIIOONN The options are as follows: - --cc Enable _c_h_e_c_k_-_o_n_l_y mode. The existing _s_u_d_o_e_r_s file will be + --cc, ----cchheecckk + Enable _c_h_e_c_k_-_o_n_l_y mode. The existing _s_u_d_o_e_r_s file will be checked for syntax errors, owner and mode. A message will be printed to the standard output describing the status of _s_u_d_o_e_r_s unless the --qq option was specified. If the check @@ -45,28 +46,32 @@ DDEESSCCRRIIPPTTIIOONN If an error is encountered, vviissuuddoo will exit with a value of 1. - --ff _s_u_d_o_e_r_s Specify an alternate _s_u_d_o_e_r_s file location. With this option + --ff, ----ffiillee _s_u_d_o_e_r_s + Specify an alternate _s_u_d_o_e_r_s file location. With this option vviissuuddoo will edit (or check) the _s_u_d_o_e_r_s file of your choice, instead of the default, _/_e_t_c_/_s_u_d_o_e_r_s. The lock file used is the specified _s_u_d_o_e_r_s file with ``.tmp'' appended to it. In _c_h_e_c_k_-_o_n_l_y mode only, the argument to --ff may be `-', indicating that _s_u_d_o_e_r_s will be read from the standard input. - --hh The --hh (_h_e_l_p) option causes vviissuuddoo to print a short help + --hh, ----hheellpp The --hh (_h_e_l_p) option causes vviissuuddoo to print a short help message to the standard output and exit. - --qq Enable _q_u_i_e_t mode. In this mode details about syntax errors + --qq, ----qquuiieett + Enable _q_u_i_e_t mode. In this mode details about syntax errors are not printed. This option is only useful when combined with the --cc option. - --ss Enable _s_t_r_i_c_t checking of the _s_u_d_o_e_r_s file. If an alias is + --ss, ----ssttrriicctt + Enable _s_t_r_i_c_t checking of the _s_u_d_o_e_r_s file. If an alias is used before it is defined, vviissuuddoo will consider this a parse error. Note that it is not possible to differentiate between an alias and a host name or user name that consists solely of uppercase letters, digits, and the underscore (`_') character. - --VV The --VV (_v_e_r_s_i_o_n) option causes vviissuuddoo to print its version + --VV, ----vveerrssiioonn + The --VV (_v_e_r_s_i_o_n) option causes vviissuuddoo to print its version number and exit. EENNVVIIRROONNMMEENNTT @@ -144,4 +149,4 @@ DDIISSCCLLAAIIMMEERR file distributed with ssuuddoo or http://www.sudo.ws/sudo/license.html for complete details. -Sudo 1.8.7 June 12, 2013 Sudo 1.8.7 +Sudo 1.8.8 July 17, 2013 Sudo 1.8.8 diff --git a/doc/visudo.man.in b/doc/visudo.man.in index e2146e458..3266866eb 100644 --- a/doc/visudo.man.in +++ b/doc/visudo.man.in @@ -1,7 +1,7 @@ .\" DO NOT EDIT THIS FILE, IT IS NOT THE MASTER! .\" IT IS GENERATED AUTOMATICALLY FROM visudo.mdoc.in .\" -.\" Copyright (c) 1996,1998-2005, 2007-2012 +.\" Copyright (c) 1996,1998-2005, 2007-2013 .\" Todd C. Miller .\" .\" Permission to use, copy, modify, and distribute this software for any @@ -21,7 +21,7 @@ .\" Agency (DARPA) and Air Force Research Laboratory, Air Force .\" Materiel Command, USAF, under agreement number F39502-99-1-0512. .\" -.TH "VISUDO" "@mansectsu@" "June 12, 2013" "Sudo @PACKAGE_VERSION@" "System Manager's Manual" +.TH "VISUDO" "@mansectsu@" "July 17, 2013" "Sudo @PACKAGE_VERSION@" "System Manager's Manual" .nh .if n .ad l .SH "NAME" @@ -93,19 +93,19 @@ Upon finding an error, \fBvisudo\fR will print a message stating the line number(s) where the error occurred and the user will receive the -\(lqWhat now?\(rq +``What now?'' prompt. At this point the user may enter -\(oqe\(cq +`e' to re-edit the \fIsudoers\fR file, -\(oqx\(cq +`x' to exit without saving the changes, or -\(oqQ\(cq +`Q' to quit and save changes. The -\(oqQ\(cq +`Q' option should be used with extreme care because if \fBvisudo\fR believes there to be a parse error, so will @@ -115,7 +115,7 @@ will be able to \fBsudo\fR again until the error is fixed. If -\(oqe\(cq +`e' is typed to edit the \fIsudoers\fR file after a parse error has been detected, the cursor will be placed on @@ -123,7 +123,7 @@ the line where the error occurred (if the editor supports this feature). .PP The options are as follows: .TP 12n -\fB\-c\fR +\fB\-c\fR, \fB\--check\fR Enable \fIcheck-only\fR mode. @@ -143,8 +143,7 @@ If an error is encountered, \fBvisudo\fR will exit with a value of 1. .TP 12n -\fB\-f\fR \fIsudoers\fR -.br +\fB\-f\fR, \fB\--file\fR \fIsudoers\fR Specify an alternate \fIsudoers\fR file location. @@ -158,19 +157,19 @@ instead of the default, The lock file used is the specified \fIsudoers\fR file with -\(lq\.tmp\(rq +``\.tmp'' appended to it. In \fIcheck-only\fR mode only, the argument to \fB\-f\fR may be -\(oq-\(cq, +`-', indicating that \fIsudoers\fR will be read from the standard input. .TP 12n -\fB\-h\fR +\fB\-h\fR, \fB\--help\fR The \fB\-h\fR (\fIhelp\fR) option causes @@ -178,7 +177,7 @@ option causes to print a short help message to the standard output and exit. .TP 12n -\fB\-q\fR +\fB\-q\fR, \fB\--quiet\fR Enable \fIquiet\fR mode. @@ -188,7 +187,7 @@ the \fB\-c\fR option. .TP 12n -\fB\-s\fR +\fB\-s\fR, \fB\--strict\fR Enable \fIstrict\fR checking of the @@ -200,10 +199,10 @@ will consider this a parse error. Note that it is not possible to differentiate between an alias and a host name or user name that consists solely of uppercase letters, digits, and the underscore -(\(oq_\(cq) +(`_') character. .TP 12n -\fB\-V\fR +\fB\-V\fR, \fB\--version\fR The \fB\-V\fR (\fIversion\fR) option causes @@ -256,7 +255,7 @@ Your user ID does not appear in the system passwd file. Either you are trying to use an undeclared {User,Runas,Host,Cmnd}_Alias or you have a user or host name listed that consists solely of uppercase letters, digits, and the underscore -(\(oq_\(cq) +(`_') character. In the latter case, you can ignore the warnings (\fBsudo\fR @@ -318,7 +317,7 @@ search the archives. .SH "DISCLAIMER" \fBvisudo\fR is provided -\(lqAS IS\(rq +``AS IS'' and any express or implied warranties, including, but not limited to, the implied warranties of merchantability and fitness for a particular purpose are disclaimed. diff --git a/doc/visudo.mdoc.in b/doc/visudo.mdoc.in index 208feadf8..11605abef 100644 --- a/doc/visudo.mdoc.in +++ b/doc/visudo.mdoc.in @@ -1,5 +1,5 @@ .\" -.\" Copyright (c) 1996,1998-2005, 2007-2012 +.\" Copyright (c) 1996,1998-2005, 2007-2013 .\" Todd C. Miller .\" .\" Permission to use, copy, modify, and distribute this software for any @@ -19,7 +19,7 @@ .\" Agency (DARPA) and Air Force Research Laboratory, Air Force .\" Materiel Command, USAF, under agreement number F39502-99-1-0512. .\" -.Dd June 12, 2013 +.Dd July 17, 2013 .Dt VISUDO @mansectsu@ .Os Sudo @PACKAGE_VERSION@ .Sh NAME @@ -122,7 +122,7 @@ the line where the error occurred (if the editor supports this feature). .Pp The options are as follows: .Bl -tag -width Fl -.It Fl c +.It Fl c , -check Enable .Em check-only mode. @@ -141,7 +141,7 @@ will exit with a value of 0. If an error is encountered, .Nm visudo will exit with a value of 1. -.It Fl f Ar sudoers +.It Fl f , -file Ar sudoers Specify an alternate .Em sudoers file location. @@ -166,14 +166,14 @@ may be indicating that .Em sudoers will be read from the standard input. -.It Fl h +.It Fl h , -help The .Fl h No ( Em help Ns No ) option causes .Nm visudo to print a short help message to the standard output and exit. -.It Fl q +.It Fl q , -quiet Enable .Em quiet mode. @@ -182,7 +182,7 @@ This option is only useful when combined with the .Fl c option. -.It Fl s +.It Fl s , -strict Enable .Em strict checking of the @@ -196,7 +196,7 @@ alias and a host name or user name that consists solely of uppercase letters, digits, and the underscore .Pq Ql _ character. -.It Fl V +.It Fl V , -version The .Fl V ( Em version Ns No ) option causes diff --git a/plugins/sudoers/sudoreplay.c b/plugins/sudoers/sudoreplay.c index 8cd9488bd..14d5ed413 100644 --- a/plugins/sudoers/sudoreplay.c +++ b/plugins/sudoers/sudoreplay.c @@ -87,6 +87,11 @@ #else # include "compat/stdbool.h" #endif /* HAVE_STDBOOL_H */ +#ifdef HAVE_GETOPT_LONG +# include +# else +# include "compat/getopt.h" +#endif /* HAVE_GETOPT_LONG */ #include @@ -116,10 +121,6 @@ unsigned int replay_filter = (1 << IOFD_STDOUT) | (1 << IOFD_STDERR) | (1 << IOFD_TTYOUT); -/* For getopt(3) */ -extern char *optarg; -extern int optind; - union io_fd { FILE *f; #ifdef HAVE_ZLIB_H @@ -147,7 +148,7 @@ struct log_info { * Handle expressions like: * ( user millert or user root ) and tty console and command /bin/sh */ -struct search_node { +static struct search_node { struct search_node *next; #define ST_EXPR 1 #define ST_TTY 2 @@ -194,6 +195,18 @@ static const char *io_fnames[IOFD_MAX] = { "/timing" }; +static const char short_opts[] = "d:f:hlm:s:V"; +static struct option long_opts[] = { + { "directory", required_argument, NULL, 'd' }, + { "filter", required_argument, NULL, 'f' }, + { "help", no_argument, NULL, 'h' }, + { "list", no_argument, NULL, 'l' }, + { "max-wait", required_argument, NULL, 'm' }, + { "speed", required_argument, NULL, 's' }, + { "version", no_argument, NULL, 'V' }, + { NULL, no_argument, NULL, '\0' }, +}; + extern time_t get_date(char *); extern char *get_timestr(time_t, int); extern int term_raw(int, int); @@ -273,8 +286,8 @@ main(int argc, char *argv[]) /* Read sudo.conf. */ sudo_conf_read(NULL); - while ((ch = getopt(argc, argv, "d:f:hlm:s:V")) != -1) { - switch(ch) { + while ((ch = getopt_long(argc, argv, short_opts, long_opts, NULL)) != -1) { + switch (ch) { case 'd': session_dir = optarg; break; @@ -1194,13 +1207,13 @@ help(void) (void) printf(_("%s - replay sudo session logs\n\n"), getprogname()); usage(0); (void) puts(_("\nOptions:\n" - " -d directory specify directory for session logs\n" - " -f filter specify which I/O type to display\n" - " -h display help message and exit\n" - " -l [expression] list available session IDs that match expression\n" - " -m max_wait max number of seconds to wait between events\n" - " -s speed_factor speed up or slow down output\n" - " -V display version information and exit")); + " -d, --directory directory specify directory for session logs\n" + " -f, --filter filter specify which I/O type to display\n" + " -h, --help display help message and exit\n" + " -l, --list [expression] list available session IDs that match expression\n" + " -m, --max-wait max_wait max number of seconds to wait between events\n" + " -s, --speed speed_factor speed up or slow down output\n" + " -V, --version display version information and exit")); exit(0); } diff --git a/plugins/sudoers/visudo.c b/plugins/sudoers/visudo.c index 1fb793219..7756a565a 100644 --- a/plugins/sudoers/visudo.c +++ b/plugins/sudoers/visudo.c @@ -70,6 +70,11 @@ #if TIME_WITH_SYS_TIME # include #endif +#ifdef HAVE_GETOPT_LONG +# include +# else +# include "compat/getopt.h" +#endif /* HAVE_GETOPT_LONG */ #include "sudoers.h" #include "parse.h" @@ -120,9 +125,6 @@ extern FILE *sudoersin; extern char *sudoers, *errorfile; extern int errorlineno; extern bool parse_error; -/* For getopt(3) */ -extern char *optarg; -extern int optind; /* * Globals @@ -132,6 +134,16 @@ struct passwd *list_pw; static struct sudoersfile_list sudoerslist; static struct rbtree *alias_freelist; static bool checkonly; +static const char short_opts[] = "cf:hqsV"; +static struct option long_opts[] = { + { "check", no_argument, NULL, 'c' }, + { "file", required_argument, NULL, 'f' }, + { "help", no_argument, NULL, 'h' }, + { "quiet", no_argument, NULL, 'q' }, + { "strict", no_argument, NULL, 's' }, + { "version", no_argument, NULL, 'V' }, + { NULL, no_argument, NULL, '\0' }, +}; __dso_public int main(int argc, char *argv[]); @@ -173,11 +185,13 @@ main(int argc, char *argv[]) */ checkonly = oldperms = quiet = strict = false; sudoers_path = _PATH_SUDOERS; - while ((ch = getopt(argc, argv, "Vcf:sq")) != -1) { + while ((ch = getopt_long(argc, argv, short_opts, long_opts, NULL)) != -1) { switch (ch) { case 'V': - (void) printf(_("%s version %s\n"), getprogname(), PACKAGE_VERSION); - (void) printf(_("%s grammar version %d\n"), getprogname(), SUDOERS_GRAMMAR_VERSION); + (void) printf(_("%s version %s\n"), getprogname(), + PACKAGE_VERSION); + (void) printf(_("%s grammar version %d\n"), getprogname(), + SUDOERS_GRAMMAR_VERSION); goto done; case 'c': checkonly = true; /* check mode */ @@ -1294,11 +1308,11 @@ help(void) (void) printf(_("%s - safely edit the sudoers file\n\n"), getprogname()); usage(0); (void) puts(_("\nOptions:\n" - " -c check-only mode\n" - " -f sudoers specify sudoers file location\n" - " -h display help message and exit\n" - " -q less verbose (quiet) syntax error messages\n" - " -s strict syntax checking\n" - " -V display version information and exit")); + " -c, --check check-only mode\n" + " -f, --file sudoers specify sudoers file location\n" + " -h, --help display help message and exit\n" + " -q, --quiet less verbose (quiet) syntax error messages\n" + " -s, --strict strict syntax checking\n" + " -V, --version display version information and exit")); exit(0); }