From: Todd C. Miller Date: Sun, 30 May 2010 14:57:14 +0000 (-0400) Subject: Update docs to match sudoers I/O logging changes X-Git-Tag: SUDO_1_8_0~554 X-Git-Url: https://granicus.if.org/sourcecode?a=commitdiff_plain;h=4230d8562f9f17d686e7b23560c1287c1935ee51;p=sudo Update docs to match sudoers I/O logging changes --- diff --git a/doc/sudoers.cat b/doc/sudoers.cat index 560704194..c90c0018d 100644 --- a/doc/sudoers.cat +++ b/doc/sudoers.cat @@ -61,7 +61,7 @@ DDEESSCCRRIIPPTTIIOONN -1.8.0a1 May 25, 2010 1 +1.8.0a2 May 30, 2010 1 @@ -127,7 +127,7 @@ SUDOERS(4) MAINTENANCE COMMANDS SUDOERS(4) -1.8.0a1 May 25, 2010 2 +1.8.0a2 May 30, 2010 2 @@ -193,7 +193,7 @@ SUDOERS(4) MAINTENANCE COMMANDS SUDOERS(4) -1.8.0a1 May 25, 2010 3 +1.8.0a2 May 30, 2010 3 @@ -259,7 +259,7 @@ SUDOERS(4) MAINTENANCE COMMANDS SUDOERS(4) -1.8.0a1 May 25, 2010 4 +1.8.0a2 May 30, 2010 4 @@ -280,7 +280,8 @@ SUDOERS(4) MAINTENANCE COMMANDS SUDOERS(4) Runas_Spec ::= '(' Runas_List? (':' Runas_List)? ')' Tag_Spec ::= ('NOPASSWD:' | 'PASSWD:' | 'NOEXEC:' | 'EXEC:' | - 'SETENV:' | 'NOSETENV:' | 'TRANSCRIPT:' | 'NOTRANSCRIPT:') + 'SETENV:' | 'NOSETENV:' | 'LOG_INPUT:' | 'NOLOG_INPUT:' | + 'LOG_OUTPUT:' | 'NOLOG_OUTPUT:') A uusseerr ssppeecciiffiiccaattiioonn determines which commands a user may run (and as what user) on specified hosts. By default, commands are run as rroooott, @@ -324,8 +325,7 @@ SUDOERS(4) MAINTENANCE COMMANDS SUDOERS(4) - -1.8.0a1 May 25, 2010 5 +1.8.0a2 May 30, 2010 5 @@ -350,10 +350,10 @@ SUDOERS(4) MAINTENANCE COMMANDS SUDOERS(4) TTaagg__SSppeecc A command may have zero or more tags associated with it. There are eight possible tag values, NOPASSWD, PASSWD, NOEXEC, EXEC, SETENV, - NOSETENV, TRANSCRIPT and NOTRANSCRIPT. Once a tag is set on a Cmnd, - subsequent Cmnds in the Cmnd_Spec_List, inherit the tag unless it is - overridden by the opposite tag (i.e.: PASSWD overrides NOPASSWD and - NOEXEC overrides EXEC). + NOSETENV, LOG_INPUT, NOLOG_INPUT, LOG_OUTPUT and NOLOG_OUTPUT. Once a + tag is set on a Cmnd, subsequent Cmnds in the Cmnd_Spec_List, inherit + the tag unless it is overridden by the opposite tag (i.e.: PASSWD + overrides NOPASSWD and NOEXEC overrides EXEC). _N_O_P_A_S_S_W_D _a_n_d _P_A_S_S_W_D @@ -391,7 +391,7 @@ SUDOERS(4) MAINTENANCE COMMANDS SUDOERS(4) -1.8.0a1 May 25, 2010 6 +1.8.0a2 May 30, 2010 6 @@ -418,10 +418,16 @@ SUDOERS(4) MAINTENANCE COMMANDS SUDOERS(4) If the command matched is AALLLL, the SETENV tag is implied for that command; this default may be overridden by use of the UNSETENV tag. - _T_R_A_N_S_C_R_I_P_T _a_n_d _N_O_T_R_A_N_S_C_R_I_P_T + _L_O_G___I_N_P_U_T _a_n_d _N_O_L_O_G___I_N_P_U_T - These tags override the value of the _t_r_a_n_s_c_r_i_p_t option on a per-command - basis. For more information, see the description of _t_r_a_n_s_c_r_i_p_t in the + These tags override the value of the _l_o_g___i_n_p_u_t option on a per-command + basis. For more information, see the description of _l_o_g___i_n_p_u_t in the + "SUDOERS OPTIONS" section below. + + _L_O_G___O_U_T_P_U_T _a_n_d _N_O_L_O_G___O_U_T_P_U_T + + These tags override the value of the _l_o_g___o_u_t_p_u_t option on a per-command + basis. For more information, see the description of _l_o_g___o_u_t_p_u_t in the "SUDOERS OPTIONS" section below. WWiillddccaarrddss @@ -449,22 +455,22 @@ SUDOERS(4) MAINTENANCE COMMANDS SUDOERS(4) Would match any file name beginning with a letter. - Note that a forward slash ('/') will nnoott be matched by wildcards used - in the path name. When matching the command line arguments, however, a - slash ddooeess get matched by wildcards. This is to make a path like: - /usr/bin/* +1.8.0a2 May 30, 2010 7 -1.8.0a1 May 25, 2010 7 +SUDOERS(4) MAINTENANCE COMMANDS SUDOERS(4) -SUDOERS(4) MAINTENANCE COMMANDS SUDOERS(4) + Note that a forward slash ('/') will nnoott be matched by wildcards used + in the path name. When matching the command line arguments, however, a + slash ddooeess get matched by wildcards. This is to make a path like: + /usr/bin/* match _/_u_s_r_/_b_i_n_/_w_h_o but not _/_u_s_r_/_b_i_n_/_X_1_1_/_x_t_e_r_m. @@ -514,16 +520,10 @@ SUDOERS(4) MAINTENANCE COMMANDS SUDOERS(4) sorted lexical order. That is, _/_e_t_c_/_s_u_d_o_e_r_s_._d_/_0_1___f_i_r_s_t will be parsed before _/_e_t_c_/_s_u_d_o_e_r_s_._d_/_1_0___s_e_c_o_n_d. Be aware that because the sorting is lexical, not numeric, _/_e_t_c_/_s_u_d_o_e_r_s_._d_/_1___w_h_o_o_p_s would be loaded aafftteerr - _/_e_t_c_/_s_u_d_o_e_r_s_._d_/_1_0___s_e_c_o_n_d. Using a consistent number of leading zeroes - in the file names can be used to avoid such problems. - - Note that unlike files included via #include, vviissuuddoo will not edit the - files in a #includedir directory unless one of them contains a syntax - error. It is still possible to run vviissuuddoo with the -f flag to edit the -1.8.0a1 May 25, 2010 8 +1.8.0a2 May 30, 2010 8 @@ -532,6 +532,12 @@ SUDOERS(4) MAINTENANCE COMMANDS SUDOERS(4) SUDOERS(4) MAINTENANCE COMMANDS SUDOERS(4) + _/_e_t_c_/_s_u_d_o_e_r_s_._d_/_1_0___s_e_c_o_n_d. Using a consistent number of leading zeroes + in the file names can be used to avoid such problems. + + Note that unlike files included via #include, vviissuuddoo will not edit the + files in a #includedir directory unless one of them contains a syntax + error. It is still possible to run vviissuuddoo with the -f flag to edit the files directly. OOtthheerr ssppeecciiaall cchhaarraacctteerrss aanndd rreesseerrvveedd wwoorrddss @@ -580,16 +586,10 @@ SSUUDDOOEERRSS OOPPTTIIOONNSS authenticate If set, users must authenticate themselves via a password (or other means of authentication) before they - may run commands. This default may be overridden via - the PASSWD and NOPASSWD tags. This flag is _o_n by - default. - - closefrom_override - If set, the user may use ssuuddoo's --CC option which -1.8.0a1 May 25, 2010 9 +1.8.0a2 May 30, 2010 9 @@ -598,14 +598,20 @@ SSUUDDOOEERRSS OOPPTTIIOONNSS SUDOERS(4) MAINTENANCE COMMANDS SUDOERS(4) + may run commands. This default may be overridden via + the PASSWD and NOPASSWD tags. This flag is _o_n by + default. + + closefrom_override + If set, the user may use ssuuddoo's --CC option which overrides the default starting point at which ssuuddoo begins closing open file descriptors. This flag is _o_f_f by default. - compress_transcript - If set, and the _t_r_a_n_s_c_r_i_p_t flag is also set, ssuuddoo will - compress the transcript logs using zzlliibb. This flag is - _o_n by default when ssuuddoo is compiled with zzlliibb support. + compress_io If set, and ssuuddoo is configured to log a command's input + or output, the I/O logs will be compressed using zzlliibb. + This flag is _o_n by default when ssuuddoo is compiled with + zzlliibb support. env_editor If set, vviissuuddoo will use the value of the EDITOR or VISUAL environment variables before falling back on the @@ -646,16 +652,10 @@ SUDOERS(4) MAINTENANCE COMMANDS SUDOERS(4) flag is _o_f_f by default. fqdn Set this flag if you want to put fully qualified host - names in the _s_u_d_o_e_r_s file. I.e., instead of myhost you - would use myhost.mydomain.edu. You may still use the - short form if you wish (and even mix the two). Beware - that turning on _f_q_d_n requires ssuuddoo to make DNS lookups - which may make ssuuddoo unusable if DNS stops working (for - example if the machine is not plugged into the -1.8.0a1 May 25, 2010 10 +1.8.0a2 May 30, 2010 10 @@ -664,6 +664,12 @@ SUDOERS(4) MAINTENANCE COMMANDS SUDOERS(4) SUDOERS(4) MAINTENANCE COMMANDS SUDOERS(4) + names in the _s_u_d_o_e_r_s file. I.e., instead of myhost you + would use myhost.mydomain.edu. You may still use the + short form if you wish (and even mix the two). Beware + that turning on _f_q_d_n requires ssuuddoo to make DNS lookups + which may make ssuuddoo unusable if DNS stops working (for + example if the machine is not plugged into the network). Also note that you must use the host's official name as DNS knows it. That is, you may not use a host alias (CNAME entry) due to performance @@ -713,15 +719,9 @@ SUDOERS(4) MAINTENANCE COMMANDS SUDOERS(4) does not enter the correct password. This flag is _o_f_f by default. - mail_no_host If set, mail will be sent to the _m_a_i_l_t_o user if the - invoking user exists in the _s_u_d_o_e_r_s file, but is not - allowed to run commands on the current host. This flag - is _o_f_f by default. - - -1.8.0a1 May 25, 2010 11 +1.8.0a2 May 30, 2010 11 @@ -730,6 +730,11 @@ SUDOERS(4) MAINTENANCE COMMANDS SUDOERS(4) SUDOERS(4) MAINTENANCE COMMANDS SUDOERS(4) + mail_no_host If set, mail will be sent to the _m_a_i_l_t_o user if the + invoking user exists in the _s_u_d_o_e_r_s file, but is not + allowed to run commands on the current host. This flag + is _o_f_f by default. + mail_no_perms If set, mail will be sent to the _m_a_i_l_t_o user if the invoking user is allowed to use ssuuddoo but the command they are trying is not listed in their _s_u_d_o_e_r_s file @@ -780,14 +785,9 @@ SUDOERS(4) MAINTENANCE COMMANDS SUDOERS(4) able to determine the length of the password being entered. This flag is _o_f_f by default. - requiretty If set, ssuuddoo will only run when the user is logged in - to a real tty. When this flag is set, ssuuddoo can only be - run from a login session and not via other means such - as _c_r_o_n(1m) or cgi-bin scripts. This flag is _o_f_f by - -1.8.0a1 May 25, 2010 12 +1.8.0a2 May 30, 2010 12 @@ -796,6 +796,10 @@ SUDOERS(4) MAINTENANCE COMMANDS SUDOERS(4) SUDOERS(4) MAINTENANCE COMMANDS SUDOERS(4) + requiretty If set, ssuuddoo will only run when the user is logged in + to a real tty. When this flag is set, ssuuddoo can only be + run from a login session and not via other means such + as _c_r_o_n(1m) or cgi-bin scripts. This flag is _o_f_f by default. root_sudo If set, root is allowed to run ssuuddoo too. Disabling @@ -846,14 +850,10 @@ SUDOERS(4) MAINTENANCE COMMANDS SUDOERS(4) shell as root (the shell is determined by the SHELL environment variable if it is set, falling back on the shell listed in the invoking user's /etc/passwd entry - if not). This flag is _o_f_f by default. - stay_setuid Normally, when ssuuddoo executes a command the real and - effective UIDs are set to the target user (root by - -1.8.0a1 May 25, 2010 13 +1.8.0a2 May 30, 2010 13 @@ -862,6 +862,10 @@ SUDOERS(4) MAINTENANCE COMMANDS SUDOERS(4) SUDOERS(4) MAINTENANCE COMMANDS SUDOERS(4) + if not). This flag is _o_f_f by default. + + stay_setuid Normally, when ssuuddoo executes a command the real and + effective UIDs are set to the target user (root by default). This option changes that behavior such that the real UID is left as the invoking user's UID. In other words, this makes ssuuddoo act as a setuid wrapper. @@ -879,25 +883,31 @@ SUDOERS(4) MAINTENANCE COMMANDS SUDOERS(4) not listed in the passwd database as an argument to the --uu option. This flag is _o_f_f by default. - transcript If set, ssuuddoo will log a transcript of the command being - run, similar to the _s_c_r_i_p_t(1) command. In this mode - ssuuddoo will allocate a new _p_s_e_u_d_o _t_t_y and log all input - and output for the command (except when echo is turned - off as when a password is entered). Transcripts are - logged to the _/_v_a_r_/_l_o_g_/_s_u_d_o_-_s_e_s_s_i_o_n directory with a - unique transcript ID that is included in the normal - ssuuddoo log line, prefixed with _T_S_I_D_=. - - Transcripts may be viewed with the _s_u_d_o_r_e_p_l_a_y(1m) + log_input If set, ssuuddoo will run the command in a _p_s_e_u_d_o _t_t_y and + log all user input. If the standard input is not + connected to the user's tty, due to I/O redirection or + because the command is part of a pipeline, that input + is also captured and stored in a separate log file. + + Input is logged to the _/_v_a_r_/_l_o_g_/_s_u_d_o_-_i_o directory using + a unique session ID that is included in the normal ssuuddoo + log line, prefixed with _T_S_I_D_=. + + log_output If set, ssuuddoo will run the command in a _p_s_e_u_d_o _t_t_y and + log all output that is sent to the screen, similar to + the _s_c_r_i_p_t(1) command. If the standard output or + standard error is not connected to the user's tty, due + to I/O redirection or because the command is part of a + pipeline, that output is also captured and stored in + separate log files. + + Output is logged to the _/_v_a_r_/_l_o_g_/_s_u_d_o_-_i_o directory + using a unique session ID that is included in the + normal ssuuddoo log line, prefixed with _T_S_I_D_=. + + Output logs may be viewed with the _s_u_d_o_r_e_p_l_a_y(1m) utility, which can also be used to list or search the - available transcripts. - - A side effect of this mode is that it will not be - possible to suspend the command being run (because it - is running in a different tty with its own job - control). If a shell is being run, commands executed - by that shell will have normal job control but the - shell itself may not be suspended. + available logs. tty_tickets If set, users must authenticate on a per-tty basis. Normally, ssuuddoo uses a directory in the ticket dir with @@ -906,20 +916,10 @@ SUDOERS(4) MAINTENANCE COMMANDS SUDOERS(4) user is logged in on in that directory. This flag is _o_f_f by default. - umask_override If set, ssuuddoo will set the umask as specified by _s_u_d_o_e_r_s - without modification. This makes it possible to - specify a more permissive umask in _s_u_d_o_e_r_s than the - user's own umask and matches historical behavior. If - _u_m_a_s_k___o_v_e_r_r_i_d_e is not set, ssuuddoo will set the umask to - be the union of the user's umask and what is specified - in _s_u_d_o_e_r_s. This flag is _o_f_f by default. - - use_loginclass If set, ssuuddoo will apply the defaults specified for the - target user's login class if one exists. Only -1.8.0a1 May 25, 2010 14 +1.8.0a2 May 30, 2010 14 @@ -928,6 +928,16 @@ SUDOERS(4) MAINTENANCE COMMANDS SUDOERS(4) SUDOERS(4) MAINTENANCE COMMANDS SUDOERS(4) + umask_override If set, ssuuddoo will set the umask as specified by _s_u_d_o_e_r_s + without modification. This makes it possible to + specify a more permissive umask in _s_u_d_o_e_r_s than the + user's own umask and matches historical behavior. If + _u_m_a_s_k___o_v_e_r_r_i_d_e is not set, ssuuddoo will set the umask to + be the union of the user's umask and what is specified + in _s_u_d_o_e_r_s. This flag is _o_f_f by default. + + use_loginclass If set, ssuuddoo will apply the defaults specified for the + target user's login class if one exists. Only available if ssuuddoo is configured with the --with-logincap option. This flag is _o_f_f by default. @@ -972,20 +982,10 @@ SUDOERS(4) MAINTENANCE COMMANDS SUDOERS(4) fractional component if minute granularity is insufficient, for example 2.5. The default is 5. Set this to 0 to always prompt for a password. If set to a - value less than 0 the user's timestamp will never - expire. This can be used to allow users to create or - delete their own timestamps via sudo -v and sudo -k - respectively. - umask Umask to use when running the command. Negate this - option or set it to 0777 to preserve the user's umask. - The actual umask that is used will be the union of the - user's umask and 0022. This guarantees that ssuuddoo never - lowers the umask when running a command. Note on - -1.8.0a1 May 25, 2010 15 +1.8.0a2 May 30, 2010 15 @@ -994,6 +994,16 @@ SUDOERS(4) MAINTENANCE COMMANDS SUDOERS(4) SUDOERS(4) MAINTENANCE COMMANDS SUDOERS(4) + value less than 0 the user's timestamp will never + expire. This can be used to allow users to create or + delete their own timestamps via sudo -v and sudo -k + respectively. + + umask Umask to use when running the command. Negate this + option or set it to 0777 to preserve the user's umask. + The actual umask that is used will be the union of the + user's umask and 0022. This guarantees that ssuuddoo never + lowers the umask when running a command. Note on systems that use PAM, the default PAM configuration may specify its own umask which will override the value set in _s_u_d_o_e_r_s. @@ -1038,27 +1048,27 @@ SUDOERS(4) MAINTENANCE COMMANDS SUDOERS(4) for (respects the _r_o_o_t_p_w, _t_a_r_g_e_t_p_w and _r_u_n_a_s_p_w flags in _s_u_d_o_e_r_s) - %U expanded to the login name of the user the command - will be run as (defaults to root) - %u expanded to the invoking user's login name - %% two consecutive % characters are collapsed into a - single % character - The default value is Password:. +1.8.0a2 May 30, 2010 16 -1.8.0a1 May 25, 2010 16 +SUDOERS(4) MAINTENANCE COMMANDS SUDOERS(4) + %U expanded to the login name of the user the command + will be run as (defaults to root) + %u expanded to the invoking user's login name -SUDOERS(4) MAINTENANCE COMMANDS SUDOERS(4) + %% two consecutive % characters are collapsed into a + single % character + The default value is Password:. runas_default The default user to run commands as if the --uu option is not specified on the command line. This defaults to @@ -1105,26 +1115,26 @@ SUDOERS(4) MAINTENANCE COMMANDS SUDOERS(4) Users in this group are exempt from password and PATH requirements. This is not set by default. - lecture This option controls when a short lecture will be printed - along with the password prompt. It has the following - possible values: - always Always lecture the user. - never Never lecture the user. +1.8.0a2 May 30, 2010 17 - once Only lecture the user the first time they run ssuuddoo. -1.8.0a1 May 25, 2010 17 +SUDOERS(4) MAINTENANCE COMMANDS SUDOERS(4) + lecture This option controls when a short lecture will be printed + along with the password prompt. It has the following + possible values: + always Always lecture the user. -SUDOERS(4) MAINTENANCE COMMANDS SUDOERS(4) + never Never lecture the user. + once Only lecture the user the first time they run ssuuddoo. If no value is specified, a value of _o_n_c_e is implied. Negating the option results in a value of _n_e_v_e_r being used. @@ -1171,19 +1181,9 @@ SUDOERS(4) MAINTENANCE COMMANDS SUDOERS(4) quotes (") to protect against ssuuddoo interpreting the @ sign. Defaults to the name of the user running ssuuddoo. - mailto Address to send warning and error mail to. The address - should be enclosed in double quotes (") to protect against - ssuuddoo interpreting the @ sign. Defaults to root. - - secure_path Path used for every command run from ssuuddoo. If you don't - trust the people running ssuuddoo to have a sane PATH - environment variable you may want to use this. Another use - is if you want to have the "root path" be separate from the - "user path." Users in the group specified by the - -1.8.0a1 May 25, 2010 18 +1.8.0a2 May 30, 2010 18 @@ -1192,6 +1192,15 @@ SUDOERS(4) MAINTENANCE COMMANDS SUDOERS(4) SUDOERS(4) MAINTENANCE COMMANDS SUDOERS(4) + mailto Address to send warning and error mail to. The address + should be enclosed in double quotes (") to protect against + ssuuddoo interpreting the @ sign. Defaults to root. + + secure_path Path used for every command run from ssuuddoo. If you don't + trust the people running ssuuddoo to have a sane PATH + environment variable you may want to use this. Another use + is if you want to have the "root path" be separate from the + "user path." Users in the group specified by the _e_x_e_m_p_t___g_r_o_u_p option are not affected by _s_e_c_u_r_e___p_a_t_h. This option is not set by default. @@ -1237,19 +1246,10 @@ SUDOERS(4) MAINTENANCE COMMANDS SUDOERS(4) environment variables to check is displayed when ssuuddoo is run by root with the _-_V option. - env_delete Environment variables to be removed from the user's - environment when the _e_n_v___r_e_s_e_t option is not in effect. - The argument may be a double-quoted, space-separated - list or a single value without double-quotes. The list - can be replaced, added to, deleted from, or disabled by - using the =, +=, -=, and ! operators respectively. The - default list of environment variables to remove is - displayed when ssuuddoo is run by root with the _-_V option. - Note that many operating systems will remove -1.8.0a1 May 25, 2010 19 +1.8.0a2 May 30, 2010 19 @@ -1258,6 +1258,15 @@ SUDOERS(4) MAINTENANCE COMMANDS SUDOERS(4) SUDOERS(4) MAINTENANCE COMMANDS SUDOERS(4) + env_delete Environment variables to be removed from the user's + environment when the _e_n_v___r_e_s_e_t option is not in effect. + The argument may be a double-quoted, space-separated + list or a single value without double-quotes. The list + can be replaced, added to, deleted from, or disabled by + using the =, +=, -=, and ! operators respectively. The + default list of environment variables to remove is + displayed when ssuuddoo is run by root with the _-_V option. + Note that many operating systems will remove potentially dangerous variables from the environment of any setuid process (such as ssuuddoo). @@ -1286,7 +1295,7 @@ FFIILLEESS _/_e_t_c_/_n_e_t_g_r_o_u_p List of network groups - _/_v_a_r_/_l_o_g_/_s_u_d_o_-_s_e_s_s_i_o_n Transcript logs + _/_v_a_r_/_l_o_g_/_s_u_d_o_-_i_o I/O log files EEXXAAMMPPLLEESS Below are example _s_u_d_o_e_r_s entries. Admittedly, some of these are a bit @@ -1303,19 +1312,10 @@ EEXXAAMMPPLLEESS Runas_Alias ADMINGRP = adm, oper # Host alias specification - Host_Alias SPARC = bigtime, eclipse, moet, anchor :\ - SGI = grolsch, dandelion, black :\ - ALPHA = widget, thalamus, foobar :\ - HPPA = boa, nag, python - Host_Alias CUNETS = 128.138.0.0/255.255.0.0 - Host_Alias CSNETS = 128.138.243.0, 128.138.204.0/24, 128.138.242.0 - Host_Alias SERVERS = master, mail, www, ns - Host_Alias CDROM = orion, perseus, hercules - -1.8.0a1 May 25, 2010 20 +1.8.0a2 May 30, 2010 20 @@ -1324,6 +1324,15 @@ EEXXAAMMPPLLEESS SUDOERS(4) MAINTENANCE COMMANDS SUDOERS(4) + Host_Alias SPARC = bigtime, eclipse, moet, anchor :\ + SGI = grolsch, dandelion, black :\ + ALPHA = widget, thalamus, foobar :\ + HPPA = boa, nag, python + Host_Alias CUNETS = 128.138.0.0/255.255.0.0 + Host_Alias CSNETS = 128.138.243.0, 128.138.204.0/24, 128.138.242.0 + Host_Alias SERVERS = master, mail, www, ns + Host_Alias CDROM = orion, perseus, hercules + # Cmnd alias specification Cmnd_Alias DUMPS = /usr/bin/mt, /usr/sbin/dump, /usr/sbin/rdump,\ /usr/sbin/restore, /usr/sbin/rrestore @@ -1369,26 +1378,27 @@ SUDOERS(4) MAINTENANCE COMMANDS SUDOERS(4) FULLTIMERS ALL = NOPASSWD: ALL Full time sysadmins (mmiilllleerrtt, mmiikkeeff, and ddoowwddyy) may run any command on - any host without authenticating themselves. - PARTTIMERS ALL = ALL - Part time sysadmins (bboossttlleeyy, jjwwffooxx, and ccrraawwll) may run any command on - any host but they must authenticate themselves first (since the entry - lacks the NOPASSWD tag). - jack CSNETS = ALL +1.8.0a2 May 30, 2010 21 -1.8.0a1 May 25, 2010 21 +SUDOERS(4) MAINTENANCE COMMANDS SUDOERS(4) + any host without authenticating themselves. -SUDOERS(4) MAINTENANCE COMMANDS SUDOERS(4) + PARTTIMERS ALL = ALL + + Part time sysadmins (bboossttlleeyy, jjwwffooxx, and ccrraawwll) may run any command on + any host but they must authenticate themselves first (since the entry + lacks the NOPASSWD tag). + jack CSNETS = ALL The user jjaacckk may run any command on the machines in the _C_S_N_E_T_S alias (the networks 128.138.243.0, 128.138.204.0, and 128.138.242.0). Of @@ -1434,27 +1444,28 @@ SUDOERS(4) MAINTENANCE COMMANDS SUDOERS(4) The user jjiimm may run any command on machines in the _b_i_g_l_a_b netgroup. ssuuddoo knows that "biglab" is a netgroup due to the '+' prefix. - +secretaries ALL = PRINTING, /usr/bin/adduser, /usr/bin/rmuser - Users in the sseeccrreettaarriieess netgroup need to help manage the printers as - well as add and remove users, so they are allowed to run those commands - on all machines. - fred ALL = (DB) NOPASSWD: ALL - The user ffrreedd can run commands as any user in the _D_B Runas_Alias - (oorraaccllee or ssyybbaassee) without giving a password. +1.8.0a2 May 30, 2010 22 -1.8.0a1 May 25, 2010 22 +SUDOERS(4) MAINTENANCE COMMANDS SUDOERS(4) + +secretaries ALL = PRINTING, /usr/bin/adduser, /usr/bin/rmuser -SUDOERS(4) MAINTENANCE COMMANDS SUDOERS(4) + Users in the sseeccrreettaarriieess netgroup need to help manage the printers as + well as add and remove users, so they are allowed to run those commands + on all machines. + + fred ALL = (DB) NOPASSWD: ALL + The user ffrreedd can run commands as any user in the _D_B Runas_Alias + (oorraaccllee or ssyybbaassee) without giving a password. john ALPHA = /usr/bin/su [!-]*, !/usr/bin/su *root* @@ -1499,28 +1510,28 @@ SUDOERS(4) MAINTENANCE COMMANDS SUDOERS(4) SSEECCUURRIITTYY NNOOTTEESS It is generally not effective to "subtract" commands from ALL using the '!' operator. A user can trivially circumvent this by copying the - desired command to a different name and then executing that. For - example: - bill ALL = ALL, !SU, !SHELLS - Doesn't really prevent bbiillll from running the commands listed in _S_U or - _S_H_E_L_L_S since he can simply copy those commands to a different name, or - use a shell escape from an editor or other program. Therefore, these - kind of restrictions should be considered advisory at best (and - reinforced by policy). +1.8.0a2 May 30, 2010 23 -1.8.0a1 May 25, 2010 23 +SUDOERS(4) MAINTENANCE COMMANDS SUDOERS(4) + desired command to a different name and then executing that. For + example: -SUDOERS(4) MAINTENANCE COMMANDS SUDOERS(4) + bill ALL = ALL, !SU, !SHELLS + Doesn't really prevent bbiillll from running the commands listed in _S_U or + _S_H_E_L_L_S since he can simply copy those commands to a different name, or + use a shell escape from an editor or other program. Therefore, these + kind of restrictions should be considered advisory at best (and + reinforced by policy). Furthermore, if the _f_a_s_t___g_l_o_b option is in use, it is not possible to reliably negate commands where the path name includes globbing (aka @@ -1565,29 +1576,29 @@ PPRREEVVEENNTTIINNGG SSHHEELLLL EESSCCAAPPEESS emulation are not affected. To tell whether or not ssuuddoo supports _n_o_e_x_e_c, you can run the - following as root: - sudo -V | grep "dummy exec" - If the resulting output contains a line that begins with: - File containing dummy exec functions: +1.8.0a2 May 30, 2010 24 - then ssuuddoo may be able to replace the exec family of functions - in the standard library with its own that simply return an - error. Unfortunately, there is no foolproof way to know -1.8.0a1 May 25, 2010 24 +SUDOERS(4) MAINTENANCE COMMANDS SUDOERS(4) + following as root: + sudo -V | grep "dummy exec" -SUDOERS(4) MAINTENANCE COMMANDS SUDOERS(4) + If the resulting output contains a line that begins with: + File containing dummy exec functions: + then ssuuddoo may be able to replace the exec family of functions + in the standard library with its own that simply return an + error. Unfortunately, there is no foolproof way to know whether or not _n_o_e_x_e_c will work at compile-time. _n_o_e_x_e_c should work on SunOS, Solaris, *BSD, Linux, IRIX, Tru64 UNIX, MacOS X, and HP-UX 11.x. It is known nnoott to work on AIX and @@ -1631,29 +1642,29 @@ CCAAVVEEAATTSS BBUUGGSS If you feel you have found a bug in ssuuddoo, please submit a bug report at - http://www.sudo.ws/sudo/bugs/ -SSUUPPPPOORRTT - Limited free support is available via the sudo-users mailing list, see - http://www.sudo.ws/mailman/listinfo/sudo-users to subscribe or search - the archives. -DDIISSCCLLAAIIMMEERR - ssuuddoo is provided ``AS IS'' and any express or implied warranties, - including, but not limited to, the implied warranties of - merchantability and fitness for a particular purpose are disclaimed. +1.8.0a2 May 30, 2010 25 -1.8.0a1 May 25, 2010 25 +SUDOERS(4) MAINTENANCE COMMANDS SUDOERS(4) -SUDOERS(4) MAINTENANCE COMMANDS SUDOERS(4) + http://www.sudo.ws/sudo/bugs/ +SSUUPPPPOORRTT + Limited free support is available via the sudo-users mailing list, see + http://www.sudo.ws/mailman/listinfo/sudo-users to subscribe or search + the archives. +DDIISSCCLLAAIIMMEERR + ssuuddoo is provided ``AS IS'' and any express or implied warranties, + including, but not limited to, the implied warranties of + merchantability and fitness for a particular purpose are disclaimed. See the LICENSE file distributed with ssuuddoo or http://www.sudo.ws/sudo/license.html for complete details. @@ -1700,17 +1711,6 @@ SUDOERS(4) MAINTENANCE COMMANDS SUDOERS(4) - - - - - - - - - - - -1.8.0a1 May 25, 2010 26 +1.8.0a2 May 30, 2010 26 diff --git a/doc/sudoers.man.in b/doc/sudoers.man.in index 579960917..1a1cbce70 100644 --- a/doc/sudoers.man.in +++ b/doc/sudoers.man.in @@ -148,7 +148,7 @@ .\" ======================================================================== .\" .IX Title "SUDOERS @mansectform@" -.TH SUDOERS @mansectform@ "May 25, 2010" "1.8.0a1" "MAINTENANCE COMMANDS" +.TH SUDOERS @mansectform@ "May 30, 2010" "1.8.0a2" "MAINTENANCE COMMANDS" .\" For nroff, turn off justification. Always turn off hyphenation; it makes .\" way too many mistakes in technical documents. .if n .ad l @@ -417,7 +417,8 @@ See \*(L"\s-1SUDOERS\s0 \s-1OPTIONS\s0\*(R" for a list of supported Defaults par \& \} \& Tag_Spec ::= (\*(AqNOPASSWD:\*(Aq | \*(AqPASSWD:\*(Aq | \*(AqNOEXEC:\*(Aq | \*(AqEXEC:\*(Aq | -\& \*(AqSETENV:\*(Aq | \*(AqNOSETENV:\*(Aq | \*(AqTRANSCRIPT:\*(Aq | \*(AqNOTRANSCRIPT:\*(Aq) +\& \*(AqSETENV:\*(Aq | \*(AqNOSETENV:\*(Aq | \*(AqLOG_INPUT:\*(Aq | \*(AqNOLOG_INPUT:\*(Aq | +\& \*(AqLOG_OUTPUT:\*(Aq | \*(AqNOLOG_OUTPUT:\*(Aq) .Ve .PP A \fBuser specification\fR determines which commands a user may run @@ -497,11 +498,11 @@ however, will supercede the values in \fIsudoers\fR. .IX Subsection "Tag_Spec" A command may have zero or more tags associated with it. There are eight possible tag values, \f(CW\*(C`NOPASSWD\*(C'\fR, \f(CW\*(C`PASSWD\*(C'\fR, \f(CW\*(C`NOEXEC\*(C'\fR, -\&\f(CW\*(C`EXEC\*(C'\fR, \f(CW\*(C`SETENV\*(C'\fR, \f(CW\*(C`NOSETENV\*(C'\fR, \f(CW\*(C`TRANSCRIPT\*(C'\fR and \f(CW\*(C`NOTRANSCRIPT\*(C'\fR. -Once a tag is set on a \f(CW\*(C`Cmnd\*(C'\fR, subsequent \f(CW\*(C`Cmnd\*(C'\fRs in the -\&\f(CW\*(C`Cmnd_Spec_List\*(C'\fR, inherit the tag unless it is overridden by the -opposite tag (i.e.: \f(CW\*(C`PASSWD\*(C'\fR overrides \f(CW\*(C`NOPASSWD\*(C'\fR and \f(CW\*(C`NOEXEC\*(C'\fR -overrides \f(CW\*(C`EXEC\*(C'\fR). +\&\f(CW\*(C`EXEC\*(C'\fR, \f(CW\*(C`SETENV\*(C'\fR, \f(CW\*(C`NOSETENV\*(C'\fR, \f(CW\*(C`LOG_INPUT\*(C'\fR, \f(CW\*(C`NOLOG_INPUT\*(C'\fR, +\&\f(CW\*(C`LOG_OUTPUT\*(C'\fR and \f(CW\*(C`NOLOG_OUTPUT\*(C'\fR. Once a tag is set on a \f(CW\*(C`Cmnd\*(C'\fR, +subsequent \f(CW\*(C`Cmnd\*(C'\fRs in the \f(CW\*(C`Cmnd_Spec_List\*(C'\fR, inherit the tag unless +it is overridden by the opposite tag (i.e.: \f(CW\*(C`PASSWD\*(C'\fR overrides +\&\f(CW\*(C`NOPASSWD\*(C'\fR and \f(CW\*(C`NOEXEC\*(C'\fR overrides \f(CW\*(C`EXEC\*(C'\fR). .PP \fI\s-1NOPASSWD\s0 and \s-1PASSWD\s0\fR .IX Subsection "NOPASSWD and PASSWD" @@ -565,12 +566,19 @@ variables in this manner. If the command matched is \fB\s-1ALL\s0\fR, the \&\f(CW\*(C`SETENV\*(C'\fR tag is implied for that command; this default may be overridden by use of the \f(CW\*(C`UNSETENV\*(C'\fR tag. .PP -\fI\s-1TRANSCRIPT\s0 and \s-1NOTRANSCRIPT\s0\fR -.IX Subsection "TRANSCRIPT and NOTRANSCRIPT" +\fI\s-1LOG_INPUT\s0 and \s-1NOLOG_INPUT\s0\fR +.IX Subsection "LOG_INPUT and NOLOG_INPUT" .PP -These tags override the value of the \fItranscript\fR option on a +These tags override the value of the \fIlog_input\fR option on a per-command basis. For more information, see the description of -\&\fItranscript\fR in the \*(L"\s-1SUDOERS\s0 \s-1OPTIONS\s0\*(R" section below. +\&\fIlog_input\fR in the \*(L"\s-1SUDOERS\s0 \s-1OPTIONS\s0\*(R" section below. +.PP +\fI\s-1LOG_OUTPUT\s0 and \s-1NOLOG_OUTPUT\s0\fR +.IX Subsection "LOG_OUTPUT and NOLOG_OUTPUT" +.PP +These tags override the value of the \fIlog_output\fR option on a +per-command basis. For more information, see the description of +\&\fIlog_output\fR in the \*(L"\s-1SUDOERS\s0 \s-1OPTIONS\s0\*(R" section below. .SS "Wildcards" .IX Subsection "Wildcards" \&\fBsudo\fR allows shell-style \fIwildcards\fR (aka meta or glob characters) @@ -738,11 +746,11 @@ This flag is \fIon\fR by default. If set, the user may use \fBsudo\fR's \fB\-C\fR option which overrides the default starting point at which \fBsudo\fR begins closing open file descriptors. This flag is \fIoff\fR by default. -.IP "compress_transcript" 16 -.IX Item "compress_transcript" -If set, and the \fItranscript\fR flag is also set, \fBsudo\fR will compress -the transcript logs using \fBzlib\fR. This flag is \fIon\fR by default -when \fBsudo\fR is compiled with \fBzlib\fR support. +.IP "compress_io" 16 +.IX Item "compress_io" +If set, and \fBsudo\fR is configured to log a command's input or output, +the I/O logs will be compressed using \fBzlib\fR. This flag is \fIon\fR +by default when \fBsudo\fR is compiled with \fBzlib\fR support. .IP "env_editor" 16 .IX Item "env_editor" If set, \fBvisudo\fR will use the value of the \s-1EDITOR\s0 or \s-1VISUAL\s0 @@ -964,24 +972,32 @@ of the invoking user. In addition, the timestamp file name will include the target user's name. Note that this flag precludes the use of a uid not listed in the passwd database as an argument to the \fB\-u\fR option. This flag is \fIoff\fR by default. -.IP "transcript" 16 -.IX Item "transcript" -If set, \fBsudo\fR will log a transcript of the command being run, -similar to the \fIscript\fR\|(1) command. In this mode \fBsudo\fR will allocate -a new \fIpseudo tty\fR and log all input and output for the command (except -when echo is turned off as when a password is entered). Transcripts -are logged to the \fI/var/log/sudo\-session\fR directory with a unique -transcript \s-1ID\s0 that is included in the normal \fBsudo\fR log line, -prefixed with \fITSID=\fR. +.IP "log_input" 16 +.IX Item "log_input" +If set, \fBsudo\fR will run the command in a \fIpseudo tty\fR and log all +user input. +If the standard input is not connected to the user's tty, due to +I/O redirection or because the command is part of a pipeline, that +input is also captured and stored in a separate log file. +.Sp +Input is logged to the \fI/var/log/sudo\-io\fR directory using a unique +session \s-1ID\s0 that is included in the normal \fBsudo\fR log line, prefixed +with \fITSID=\fR. +.IP "log_output" 16 +.IX Item "log_output" +If set, \fBsudo\fR will run the command in a \fIpseudo tty\fR and log all +output that is sent to the screen, similar to the \fIscript\fR\|(1) command. +If the standard output or standard error is not connected to the +user's tty, due to I/O redirection or because the command is part +of a pipeline, that output is also captured and stored in separate +log files. .Sp -Transcripts may be viewed with the \fIsudoreplay\fR\|(@mansectsu@) utility, which -can also be used to list or search the available transcripts. +Output is logged to the +\&\fI/var/log/sudo\-io\fR directory using a unique session \s-1ID\s0 that is +included in the normal \fBsudo\fR log line, prefixed with \fITSID=\fR. .Sp -A side effect of this mode is that it will not be possible to suspend -the command being run (because it is running in a different tty -with its own job control). If a shell is being run, commands -executed by that shell will have normal job control but the shell -itself may not be suspended. +Output logs may be viewed with the \fIsudoreplay\fR\|(@mansectsu@) utility, which +can also be used to list or search the available logs. .IP "tty_tickets" 16 .IX Item "tty_tickets" If set, users must authenticate on a per-tty basis. Normally, @@ -1359,9 +1375,9 @@ Local groups file .IP "\fI/etc/netgroup\fR" 24 .IX Item "/etc/netgroup" List of network groups -.IP "\fI/var/log/sudo\-session\fR" 24 -.IX Item "/var/log/sudo-session" -Transcript logs +.IP "\fI/var/log/sudo\-io\fR" 24 +.IX Item "/var/log/sudo-io" +I/O log files .SH "EXAMPLES" .IX Header "EXAMPLES" Below are example \fIsudoers\fR entries. Admittedly, some of diff --git a/doc/sudoers.pod b/doc/sudoers.pod index 560ac428a..aadca50dd 100644 --- a/doc/sudoers.pod +++ b/doc/sudoers.pod @@ -282,7 +282,8 @@ See L<"SUDOERS OPTIONS"> for a list of supported Defaults parameters. SELinux_Spec ::= ('ROLE=role' | 'TYPE=type') Tag_Spec ::= ('NOPASSWD:' | 'PASSWD:' | 'NOEXEC:' | 'EXEC:' | - 'SETENV:' | 'NOSETENV:' | 'TRANSCRIPT:' | 'NOTRANSCRIPT:') + 'SETENV:' | 'NOSETENV:' | 'LOG_INPUT:' | 'NOLOG_INPUT:' | + 'LOG_OUTPUT:' | 'NOLOG_OUTPUT:') A B determines which commands a user may run (and as what user) on specified hosts. By default, commands are @@ -352,11 +353,11 @@ however, will supercede the values in I. A command may have zero or more tags associated with it. There are eight possible tag values, C, C, C, -C, C, C, C and C. -Once a tag is set on a C, subsequent Cs in the -C, inherit the tag unless it is overridden by the -opposite tag (i.e.: C overrides C and C -overrides C). +C, C, C, C, C, +C and C. Once a tag is set on a C, +subsequent Cs in the C, inherit the tag unless +it is overridden by the opposite tag (i.e.: C overrides +C and C overrides C). =head3 NOPASSWD and PASSWD @@ -411,11 +412,17 @@ variables in this manner. If the command matched is B, the C tag is implied for that command; this default may be overridden by use of the C tag. -=head3 TRANSCRIPT and NOTRANSCRIPT +=head3 LOG_INPUT and NOLOG_INPUT -These tags override the value of the I option on a +These tags override the value of the I option on a per-command basis. For more information, see the description of -I in the L<"SUDOERS OPTIONS"> section below. +I in the L<"SUDOERS OPTIONS"> section below. + +=head3 LOG_OUTPUT and NOLOG_OUTPUT + +These tags override the value of the I option on a +per-command basis. For more information, see the description of +I in the L<"SUDOERS OPTIONS"> section below. =head2 Wildcards @@ -600,11 +607,11 @@ If set, the user may use B's B<-C> option which overrides the default starting point at which B begins closing open file descriptors. This flag is I by default. -=item compress_transcript +=item compress_io -If set, and the I flag is also set, B will compress -the transcript logs using B. This flag is I by default -when B is compiled with B support. +If set, and B is configured to log a command's input or output, +the I/O logs will be compressed using B. This flag is I +by default when B is compiled with B support. =item env_editor @@ -857,24 +864,33 @@ include the target user's name. Note that this flag precludes the use of a uid not listed in the passwd database as an argument to the B<-u> option. This flag is I by default. -=item transcript +=item log_input + +If set, B will run the command in a I and log all +user input. +If the standard input is not connected to the user's tty, due to +I/O redirection or because the command is part of a pipeline, that +input is also captured and stored in a separate log file. + +Input is logged to the F directory using a unique +session ID that is included in the normal B log line, prefixed +with I. + +=item log_output -If set, B will log a transcript of the command being run, -similar to the script(1) command. In this mode B will allocate -a new I and log all input and output for the command (except -when echo is turned off as when a password is entered). Transcripts -are logged to the F directory with a unique -transcript ID that is included in the normal B log line, -prefixed with I. +If set, B will run the command in a I and log all +output that is sent to the screen, similar to the script(1) command. +If the standard output or standard error is not connected to the +user's tty, due to I/O redirection or because the command is part +of a pipeline, that output is also captured and stored in separate +log files. -Transcripts may be viewed with the L utility, which -can also be used to list or search the available transcripts. +Output is logged to the +F directory using a unique session ID that is +included in the normal B log line, prefixed with I. -A side effect of this mode is that it will not be possible to suspend -the command being run (because it is running in a different tty -with its own job control). If a shell is being run, commands -executed by that shell will have normal job control but the shell -itself may not be suspended. +Output logs may be viewed with the L utility, which +can also be used to list or search the available logs. =item tty_tickets @@ -1324,9 +1340,9 @@ Local groups file List of network groups -=item F +=item F -Transcript logs +I/O log files =back diff --git a/doc/sudoreplay.cat b/doc/sudoreplay.cat index 055e39b6e..65b0a5c5e 100644 --- a/doc/sudoreplay.cat +++ b/doc/sudoreplay.cat @@ -38,7 +38,7 @@ OOPPTTIIOONNSS -d _d_i_r_e_c_t_o_r_y Use _d_i_r_e_c_t_o_r_y to for the session logs instead of the - default, _/_v_a_r_/_l_o_g_/_s_u_d_o_-_s_e_s_s_i_o_n_s. + default, _/_v_a_r_/_l_o_g_/_s_u_d_o_-_i_o. -l Enable "list mode". In this mode, ssuuddoorreeppllaayy will list available session IDs. If a _s_e_a_r_c_h _e_x_p_r_e_s_s_i_o_n is @@ -61,7 +61,7 @@ OOPPTTIIOONNSS -1.8.0a1 May 25, 2010 1 +1.8.0a2 May 30, 2010 1 @@ -127,7 +127,7 @@ SUDOREPLAY(1m) MAINTENANCE COMMANDS SUDOREPLAY(1m) -1.8.0a1 May 25, 2010 2 +1.8.0a2 May 30, 2010 2 @@ -193,7 +193,7 @@ SUDOREPLAY(1m) MAINTENANCE COMMANDS SUDOREPLAY(1m) -1.8.0a1 May 25, 2010 3 +1.8.0a2 May 30, 2010 3 @@ -214,17 +214,32 @@ SUDOREPLAY(1m) MAINTENANCE COMMANDS SUDOREPLAY(1m) 10:01 am, September 17, 2009. FFIILLEESS - _/_v_a_r_/_l_o_g_/_s_u_d_o_-_s_e_s_s_i_o_n The default session directory. + _/_v_a_r_/_l_o_g_/_s_u_d_o_-_i_o The default I/O log directory. - _/_v_a_r_/_l_o_g_/_s_u_d_o_-_s_e_s_s_i_o_n_/_0_0_/_0_0_/_0_1 + _/_v_a_r_/_l_o_g_/_s_u_d_o_-_i_o_/_0_0_/_0_0_/_0_1_/_l_o_g Example session log info. - _/_v_a_r_/_l_o_g_/_s_u_d_o_-_s_e_s_s_i_o_n_/_0_0_/_0_0_/_0_1_._s_c_r - Example session transcript file. + _/_v_a_r_/_l_o_g_/_s_u_d_o_-_i_o_/_0_0_/_0_0_/_0_1_/_s_t_d_i_n + Example session standard input log. - _/_v_a_r_/_l_o_g_/_s_u_d_o_-_s_e_s_s_i_o_n_/_0_0_/_0_0_/_0_1_._t_i_m + _/_v_a_r_/_l_o_g_/_s_u_d_o_-_i_o_/_0_0_/_0_0_/_0_1_/_s_t_d_o_u_t + Example session standard output log. + + _/_v_a_r_/_l_o_g_/_s_u_d_o_-_i_o_/_0_0_/_0_0_/_0_1_/_s_t_d_e_r_r + Example session standard error log. + + _/_v_a_r_/_l_o_g_/_s_u_d_o_-_i_o_/_0_0_/_0_0_/_0_1_/_t_t_y_i_n + Example session tty input file. + + _/_v_a_r_/_l_o_g_/_s_u_d_o_-_i_o_/_0_0_/_0_0_/_0_1_/_t_t_y_o_u_t + Example session tty output file. + + _/_v_a_r_/_l_o_g_/_s_u_d_o_-_i_o_/_0_0_/_0_0_/_0_1_/_t_i_m_i_n_g Example session timing file. + Note that the _s_t_d_i_n, _s_t_d_o_u_t and _s_t_d_e_r_r files will be empty unless ssuuddoo + was used as part of a pipeline for a particular command. + EEXXAAMMPPLLEESS List sessions run by user _m_i_l_l_e_r_t: @@ -242,6 +257,17 @@ EEXXAAMMPPLLEESS sudoreplay -l ( user jeff or user bob ) tty console + + +1.8.0a2 May 30, 2010 4 + + + + + +SUDOREPLAY(1m) MAINTENANCE COMMANDS SUDOREPLAY(1m) + + SSEEEE AALLSSOO _s_u_d_o(1m), _s_c_r_i_p_t(1) @@ -257,17 +283,6 @@ SSUUPPPPOORRTT http://www.sudo.ws/mailman/listinfo/sudo-users to subscribe or search the archives. - - -1.8.0a1 May 25, 2010 4 - - - - - -SUDOREPLAY(1m) MAINTENANCE COMMANDS SUDOREPLAY(1m) - - DDIISSCCLLAAIIMMEERR ssuuddoorreeppllaayy is provided ``AS IS'' and any express or implied warranties, including, but not limited to, the implied warranties of @@ -310,21 +325,6 @@ DDIISSCCLLAAIIMMEERR - - - - - - - - - - - - - - - -1.8.0a1 May 25, 2010 5 +1.8.0a2 May 30, 2010 5 diff --git a/doc/sudoreplay.man.in b/doc/sudoreplay.man.in index 2c60af2a3..65a72f5bd 100644 --- a/doc/sudoreplay.man.in +++ b/doc/sudoreplay.man.in @@ -1,4 +1,4 @@ -.\" Copyright (c) 2009 Todd C. Miller +.\" Copyright (c) 2009-2010 Todd C. Miller .\" .\" Permission to use, copy, modify, and distribute this software for any .\" purpose with or without fee is hereby granted, provided that the above @@ -139,7 +139,7 @@ .\" ======================================================================== .\" .IX Title "SUDOREPLAY @mansectsu@" -.TH SUDOREPLAY @mansectsu@ "May 25, 2010" "1.8.0a1" "MAINTENANCE COMMANDS" +.TH SUDOREPLAY @mansectsu@ "May 30, 2010" "1.8.0a2" "MAINTENANCE COMMANDS" .\" For nroff, turn off justification. Always turn off hyphenation; it makes .\" way too many mistakes in technical documents. .if n .ad l @@ -179,7 +179,7 @@ Double the playback speed. .IP "\-d \fIdirectory\fR" 12 .IX Item "-d directory" Use \fIdirectory\fR to for the session logs instead of the default, -\&\fI/var/log/sudo\-sessions\fR. +\&\fI/var/log/sudo\-io\fR. .IP "\-l" 12 .IX Item "-l" Enable \*(L"list mode\*(R". In this mode, \fBsudoreplay\fR will list available @@ -320,18 +320,34 @@ The current time but 14 days ago. 10:01 am, September 17, 2009. .SH "FILES" .IX Header "FILES" -.IP "\fI/var/log/sudo\-session\fR" 24 -.IX Item "/var/log/sudo-session" -The default session directory. -.IP "\fI/var/log/sudo\-session/00/00/01\fR" 24 -.IX Item "/var/log/sudo-session/00/00/01" +.IP "\fI/var/log/sudo\-io\fR" 24 +.IX Item "/var/log/sudo-io" +The default I/O log directory. +.IP "\fI/var/log/sudo\-io/00/00/01/log\fR" 24 +.IX Item "/var/log/sudo-io/00/00/01/log" Example session log info. -.IP "\fI/var/log/sudo\-session/00/00/01.scr\fR" 24 -.IX Item "/var/log/sudo-session/00/00/01.scr" -Example session transcript file. -.IP "\fI/var/log/sudo\-session/00/00/01.tim\fR" 24 -.IX Item "/var/log/sudo-session/00/00/01.tim" +.IP "\fI/var/log/sudo\-io/00/00/01/stdin\fR" 24 +.IX Item "/var/log/sudo-io/00/00/01/stdin" +Example session standard input log. +.IP "\fI/var/log/sudo\-io/00/00/01/stdout\fR" 24 +.IX Item "/var/log/sudo-io/00/00/01/stdout" +Example session standard output log. +.IP "\fI/var/log/sudo\-io/00/00/01/stderr\fR" 24 +.IX Item "/var/log/sudo-io/00/00/01/stderr" +Example session standard error log. +.IP "\fI/var/log/sudo\-io/00/00/01/ttyin\fR" 24 +.IX Item "/var/log/sudo-io/00/00/01/ttyin" +Example session tty input file. +.IP "\fI/var/log/sudo\-io/00/00/01/ttyout\fR" 24 +.IX Item "/var/log/sudo-io/00/00/01/ttyout" +Example session tty output file. +.IP "\fI/var/log/sudo\-io/00/00/01/timing\fR" 24 +.IX Item "/var/log/sudo-io/00/00/01/timing" Example session timing file. +.PP +Note that the \fIstdin\fR, \fIstdout\fR and \fIstderr\fR files will be empty +unless \fBsudo\fR was used as part of a pipeline for a particular +command. .SH "EXAMPLES" .IX Header "EXAMPLES" List sessions run by user \fImillert\fR: diff --git a/doc/sudoreplay.pod b/doc/sudoreplay.pod index cf2f29c2c..568de5ce1 100644 --- a/doc/sudoreplay.pod +++ b/doc/sudoreplay.pod @@ -1,4 +1,4 @@ -Copyright (c) 2009 Todd C. Miller +Copyright (c) 2009-2010 Todd C. Miller Permission to use, copy, modify, and distribute this software for any purpose with or without fee is hereby granted, provided that the above @@ -66,7 +66,7 @@ B accepts the following command line options: =item -d I Use I to for the session logs instead of the default, -F. +F. =item -l @@ -249,24 +249,44 @@ The current time but 14 days ago. =over 24 -=item F +=item F -The default session directory. +The default I/O log directory. -=item F +=item F Example session log info. -=item F +=item F -Example session transcript file. +Example session standard input log. -=item F +=item F + +Example session standard output log. + +=item F + +Example session standard error log. + +=item F + +Example session tty input file. + +=item F + +Example session tty output file. + +=item F Example session timing file. =back +Note that the I, I and I files will be empty +unless B was used as part of a pipeline for a particular +command. + =head1 EXAMPLES List sessions run by user I: