From: Todd C. Miller Date: Fri, 8 Feb 2013 19:44:22 +0000 (-0500) Subject: Sort elements of the settings, user_info and command_info lists. X-Git-Tag: SUDO_1_8_7~1^2~237 X-Git-Url: https://granicus.if.org/sourcecode?a=commitdiff_plain;h=987d62ec556867fe1b8105ed8f699f638c2aab80;p=sudo Sort elements of the settings, user_info and command_info lists. --- diff --git a/doc/sudo_plugin.cat b/doc/sudo_plugin.cat index 097e48ba6..c00f69646 100644 --- a/doc/sudo_plugin.cat +++ b/doc/sudo_plugin.cat @@ -101,6 +101,16 @@ DDEESSCCRRIIPPTTIIOONN equal sign (`=') since the _n_a_m_e field will never include one itself but the _v_a_l_u_e might. + bsdauth_type=string + Authentication type, if specified by the --aa flag, to + use on systems where BSD authentication is supported. + + closefrom=number + If specified, the user has requested via the --CC flag + that ssuuddoo close all files descriptors with a value of + _n_u_m_b_e_r or higher. The plugin may optionally pass this, + or another value, back in the _c_o_m_m_a_n_d___i_n_f_o list. + debug_flags=string A comma-separated list of debug flags that correspond to ssuuddoo's Debug entry in sudo.conf(4), if there is one. @@ -116,65 +126,72 @@ DDEESSCCRRIIPPTTIIOONN This setting has been deprecated in favor of _d_e_b_u_g___f_l_a_g_s. - runas_user=string - The user name or uid to to run the command as, if - specified via the --uu flag. + ignore_ticket=bool + Set to true if the user specified the --kk flag along + with a command, indicating that the user wishes to + ignore any cached authentication credentials. + _i_m_p_l_i_e_d___s_h_e_l_l to true. This allows ssuuddoo with no + arguments to be used similarly to su(1). If the plugin + does not to support this usage, it may return a value + of -2 from the cchheecckk__ppoolliiccyy() function, which will + cause ssuuddoo to print a usage message and exit. - runas_group=string - The group name or gid to to run the command as, if - specified via the --gg flag. + implied_shell=bool + If the user does not specify a program on the command + line, ssuuddoo will pass the plugin the path to the user's + shell and set - prompt=string - The prompt to use when requesting a password, if - specified via the --pp flag. + login_class=string + BSD login class to use when setting resource limits and + nice value, if specified by the --cc flag. - set_home=bool - Set to true if the user specified the --HH flag. If - true, set the HOME environment variable to the target - user's home directory. + login_shell=bool + Set to true if the user specified the --ii flag, + indicating that the user wishes to run a login shell. + + network_addrs=list + A space-separated list of IP network addresses and + netmasks in the form ``addr/netmask'', e.g. + ``192.168.1.2/255.255.255.0''. The address and netmask + pairs may be either IPv4 or IPv6, depending on what the + operating system supports. If the address contains a + colon (`:'), it is an IPv6 address, else it is IPv4. + + noninteractive=bool + Set to true if the user specified the --nn flag, + indicating that ssuuddoo should operate in non-interactive + mode. The plugin may reject a command run in non- + interactive mode if user interaction is required. preserve_environment=bool Set to true if the user specified the --EE flag, indicating that the user wishes to preserve the environment. - run_shell=bool - Set to true if the user specified the --ss flag, - indicating that the user wishes to run a shell. - - login_shell=bool - Set to true if the user specified the --ii flag, - indicating that the user wishes to run a login shell. - - implied_shell=bool - If the user does not specify a program on the command - line, ssuuddoo will pass the plugin the path to the user's - shell and set _i_m_p_l_i_e_d___s_h_e_l_l to true. This allows ssuuddoo - with no arguments to be used similarly to su(1). If - the plugin does not to support this usage, it may - return a value of -2 from the cchheecckk__ppoolliiccyy() function, - which will cause ssuuddoo to print a usage message and - exit. - preserve_groups=bool Set to true if the user specified the --PP flag, indicating that the user wishes to preserve the group vector instead of setting it based on the runas user. - ignore_ticket=bool - Set to true if the user specified the --kk flag along - with a command, indicating that the user wishes to - ignore any cached authentication credentials. + progname=string + The command name that sudo was run as, typically + ``sudo'' or ``sudoedit''. - noninteractive=bool - Set to true if the user specified the --nn flag, - indicating that ssuuddoo should operate in non-interactive - mode. The plugin may reject a command run in non- - interactive mode if user interaction is required. + prompt=string + The prompt to use when requesting a password, if + specified via the --pp flag. - login_class=string - BSD login class to use when setting resource limits and - nice value, if specified by the --cc flag. + run_shell=bool + Set to true if the user specified the --ss flag, + indicating that the user wishes to run a shell. + + runas_group=string + The group name or gid to to run the command as, if + specified via the --gg flag. + + runas_user=string + The user name or uid to to run the command as, if + specified via the --uu flag. selinux_role=string SELinux role to use when executing the command, if @@ -184,21 +201,10 @@ DDEESSCCRRIIPPTTIIOONN SELinux type to use when executing the command, if specified by the --tt flag. - bsdauth_type=string - Authentication type, if specified by the --aa flag, to - use on systems where BSD authentication is supported. - - network_addrs=list - A space-separated list of IP network addresses and - netmasks in the form ``addr/netmask'', e.g. - ``192.168.1.2/255.255.255.0''. The address and netmask - pairs may be either IPv4 or IPv6, depending on what the - operating system supports. If the address contains a - colon (`:'), it is an IPv6 address, else it is IPv4. - - progname=string - The command name that sudo was run as, typically - ``sudo'' or ``sudoedit''. + set_home=bool + Set to true if the user specified the --HH flag. If + true, set the HOME environment variable to the target + user's home directory. sudoedit=bool Set to true when the --ee flag is is specified or if @@ -208,12 +214,6 @@ DDEESSCCRRIIPPTTIIOONN support _s_u_d_o_e_d_i_t. For more information, see the _c_h_e_c_k___p_o_l_i_c_y section. - closefrom=number - If specified, the user has requested via the --CC flag - that ssuuddoo close all files descriptors with a value of - _n_u_m_b_e_r or higher. The plugin may optionally pass this, - or another value, back in the _c_o_m_m_a_n_d___i_n_f_o list. - Additional settings may be added in the future so the plugin should silently ignore settings that it does not recognize. @@ -226,10 +226,59 @@ DDEESSCCRRIIPPTTIIOONN equal sign (`=') since the _n_a_m_e field will never include one itself but the _v_a_l_u_e might. + cols=int + The number of columns the user's terminal supports. If + there is no terminal device available, a default value + of 80 is used. + + cwd=string + The user's current working directory. + + egid=gid_t + The effective group ID of the user invoking ssuuddoo. + + euid=uid_t + The effective user ID of the user invoking ssuuddoo. + + gid=gid_t + The real group ID of the user invoking ssuuddoo. + + groups=list + The user's supplementary group list formatted as a + string of comma-separated group IDs. + + host=string + The local machine's hostname as returned by the + gethostname(2) system call. + + lines=int + The number of lines the user's terminal supports. If + there is no terminal device available, a default value + of 24 is used. + + pgid=int + The ID of the process group that the running ssuuddoo + process is a member of. Only available starting with + API version 1.2 + pid=int The process ID of the running ssuuddoo process. Only available starting with API version 1.2 + plugin_options + Any (non-comment) strings immediately after the plugin + path are passed as arguments to the plugin. These + arguments are split on a white space boundary and are + passed to the plugin in the form of a NULL-terminated + array of strings. If no arguments were specified, + _p_l_u_g_i_n___o_p_t_i_o_n_s will be the NULL pointer. + + NOTE: the _p_l_u_g_i_n___o_p_t_i_o_n_s parameter is only available + starting with API version 1.2. A plugin mmuusstt check the + API version specified by the ssuuddoo front end before + using _p_l_u_g_i_n___o_p_t_i_o_n_s. Failure to do so may result in a + crash. + ppid=int The parent process ID of the running ssuuddoo process. Only available starting with API version 1.2 @@ -239,57 +288,22 @@ DDEESSCCRRIIPPTTIIOONN is not part of a POSIX job control session. Only available starting with API version 1.2 - pgid=int - The ID of the process group that the running ssuuddoo - process belongs to. Only available starting with API - version 1.2 - tcpgid=int The ID of the foreground process group associated with the terminal device associated with the ssuuddoo process or -1 if there is no terminal present. Only available starting with API version 1.2 - user=string - The name of the user invoking ssuuddoo. - - euid=uid_t - The effective user ID of the user invoking ssuuddoo. - - uid=uid_t - The real user ID of the user invoking ssuuddoo. - - egid=gid_t - The effective group ID of the user invoking ssuuddoo. - - gid=gid_t - The real group ID of the user invoking ssuuddoo. - - groups=list - The user's supplementary group list formatted as a - string of comma-separated group IDs. - - cwd=string - The user's current working directory. - tty=string The path to the user's terminal device. If the user has no terminal device associated with the session, the value will be empty, as in ``tty=''. - host=string - The local machine's hostname as returned by the - gethostname(2) system call. - - lines=int - The number of lines the user's terminal supports. If - there is no terminal device available, a default value - of 24 is used. + uid=uid_t + The real user ID of the user invoking ssuuddoo. - cols=int - The number of columns the user's terminal supports. If - there is no terminal device available, a default value - of 80 is used. + user=string + The name of the user invoking ssuuddoo. user_env The user's environment in the form of a NULL-terminated @@ -299,19 +313,6 @@ DDEESSCCRRIIPPTTIIOONN equal sign (`=') since the _n_a_m_e field will never include one itself but the _v_a_l_u_e might. - plugin_options - Any (non-comment) strings immediately after the plugin path - are treated as arguments to the plugin. These arguments are - split on a white space boundary and are passed to the plugin - in the form of a NULL-terminated array of strings. If no - arguments were specified, _p_l_u_g_i_n___o_p_t_i_o_n_s will be the NULL - pointer. - - NOTE: the _p_l_u_g_i_n___o_p_t_i_o_n_s parameter is only available starting - with API version 1.2. A plugin mmuusstt check the API version - specified by the ssuuddoo front end before using _p_l_u_g_i_n___o_p_t_i_o_n_s. - Failure to do so may result in a crash. - close void (*close)(int exit_status, int error); @@ -402,79 +403,62 @@ DDEESSCCRRIIPPTTIIOONN must be terminated with a NULL pointer. The following values are recognized by ssuuddoo: - command=string - Fully qualified path to the command to be executed. - - runas_uid=uid - User ID to run the command as. - - runas_euid=uid - Effective user ID to run the command as. If not - specified, the value of _r_u_n_a_s___u_i_d is used. - - runas_gid=gid - Group ID to run the command as. - - runas_egid=gid - Effective group ID to run the command as. If not - specified, the value of _r_u_n_a_s___g_i_d is used. - - runas_groups=list - The supplementary group vector to use for the command - in the form of a comma-separated list of group IDs. If - _p_r_e_s_e_r_v_e___g_r_o_u_p_s is set, this option is ignored. + chroot=string + The root directory to use when running the command. - login_class=string - BSD login class to use when setting resource limits and - nice value (optional). This option is only set on - systems that support login classes. + closefrom=number + If specified, ssuuddoo will close all files descriptors + with a value of _n_u_m_b_e_r or higher. - preserve_groups=bool - If set, ssuuddoo will preserve the user's group vector - instead of initializing the group vector based on - runas_user. + command=string + Fully qualified path to the command to be executed. cwd=string The current working directory to change to when executing the command. - noexec=bool - If set, prevent the command from executing other - programs. - - chroot=string - The root directory to use when running the command. - - nice=int - Nice value (priority) to use when executing the - command. The nice value, if specified, overrides the - priority associated with the _l_o_g_i_n___c_l_a_s_s on BSD - systems. - - umask=octal - The file creation mask to use when executing the - command. - - selinux_role=string - SELinux role to use when executing the command. - - selinux_type=string - SELinux type to use when executing the command. - - timeout=int - Command timeout. If non-zero then when the timeout - expires the command will be killed. + exec_background=bool + By default, ssuuddoo runs a command as the foreground + process as long as ssuuddoo itself is running in the + foreground. When _e_x_e_c___b_a_c_k_g_r_o_u_n_d is enabled and the + command is being run in a pty (due to I/O logging or + the _u_s_e___p_t_y setting), the command will be run as a + background process. Attempts to read from the + controlling terminal (or to change terminal settings) + will result in the command being suspended with the + SIGTTIN signal (or SIGTTOU in the case of terminal + settings). If this happens when ssuuddoo is a foreground + process, the command will be granted the controlling + terminal and resumed in the foreground with no user + intervention required. The advantage of initially + running the command in the background is that ssuuddoo need + not read from the terminal unless the command + explicitly requests it. Otherwise, any terminal input + must be passed to the command, whether it has required + it or not (the kernel buffers terminals so it is not + possible to tell whether the command really wants the + input). This is different from historic _s_u_d_o behavior + or when the command is not being run in a pty. - sudoedit=bool - Set to true when in _s_u_d_o_e_d_i_t mode. The plugin may - enable _s_u_d_o_e_d_i_t mode even if ssuuddoo was not invoked as - ssuuddooeeddiitt. This allows the plugin to perform command - substitution and transparently enable _s_u_d_o_e_d_i_t when the - user attempts to run an editor. + For this to work seamlessly, the operating system must + support the automatic restarting of system calls. + Unfortunately, not all operating systems do this by + default, and even those that do may have bugs. For + example, Mac OS X fails to restart the ttccggeettaattttrr() and + ttccsseettaattttrr() system calls (this is a bug in Mac OS X). + Furthermore, because this behavior depends on the + command stopping with the SIGTTIN or SIGTTOU signals, + programs that catch these signals and suspend + themselves with a different signal (usually SIGTOP) + will not be automatically foregrounded. Some versions + of the linux su(1) command behave this way. Because of + this, a plugin should not set _e_x_e_c___b_a_c_k_g_r_o_u_n_d unless it + is explicitly enabled by the administrator and there + should be a way to enabled or disable it on a per- + command basis. - closefrom=number - If specified, ssuuddoo will close all files descriptors - with a value of _n_u_m_b_e_r or higher. + This setting has no effect unless I/O logging is + enabled or _u_s_e___p_t_y is enabled. iolog_compress=bool Set to true if the I/O logging plugins, if any, should @@ -520,11 +504,50 @@ DDEESSCCRRIIPPTTIIOONN hint to the I/O logging plugin which may choose to ignore it. - use_pty=bool - Allocate a pseudo-tty to run the command in, regardless - of whether or not I/O logging is in use. By default, - ssuuddoo will only run the command in a pty when an I/O log - plugin is loaded. + login_class=string + BSD login class to use when setting resource limits and + nice value (optional). This option is only set on + systems that support login classes. + + nice=int + Nice value (priority) to use when executing the + command. The nice value, if specified, overrides the + priority associated with the _l_o_g_i_n___c_l_a_s_s on BSD + systems. + + noexec=bool + If set, prevent the command from executing other + programs. + + preserve_groups=bool + If set, ssuuddoo will preserve the user's group vector + instead of initializing the group vector based on + runas_user. + + runas_egid=gid + Effective group ID to run the command as. If not + specified, the value of _r_u_n_a_s___g_i_d is used. + + runas_euid=uid + Effective user ID to run the command as. If not + specified, the value of _r_u_n_a_s___u_i_d is used. + + runas_gid=gid + Group ID to run the command as. + + runas_groups=list + The supplementary group vector to use for the command + in the form of a comma-separated list of group IDs. If + _p_r_e_s_e_r_v_e___g_r_o_u_p_s is set, this option is ignored. + + runas_uid=uid + User ID to run the command as. + + selinux_role=string + SELinux role to use when executing the command. + + selinux_type=string + SELinux type to use when executing the command. set_utmp=bool Create a utmp (or utmpx) entry when a pseudo-tty is @@ -532,6 +555,27 @@ DDEESSCCRRIIPPTTIIOONN the user's existing utmp entry (if any), with the tty, time, type and pid fields updated. + sudoedit=bool + Set to true when in _s_u_d_o_e_d_i_t mode. The plugin may + enable _s_u_d_o_e_d_i_t mode even if ssuuddoo was not invoked as + ssuuddooeeddiitt. This allows the plugin to perform command + substitution and transparently enable _s_u_d_o_e_d_i_t when the + user attempts to run an editor. + + timeout=int + Command timeout. If non-zero then when the timeout + expires the command will be killed. + + umask=octal + The file creation mask to use when executing the + command. + + use_pty=bool + Allocate a pseudo-tty to run the command in, regardless + of whether or not I/O logging is in use. By default, + ssuuddoo will only run the command in a pty when an I/O log + plugin is loaded. + utmp_user=string User name to use when constructing a new utmp (or utmpx) entry when _s_e_t___u_t_m_p is enabled. This option can @@ -540,49 +584,6 @@ DDEESSCCRRIIPPTTIIOONN If not set, ssuuddoo will base the new entry on the invoking user's existing entry. - exec_background=bool - By default, ssuuddoo runs a command as the foreground - process as long as ssuuddoo itself is running in the - foreground. When _e_x_e_c___b_a_c_k_g_r_o_u_n_d is enabled and the - command is being run in a pty (due to I/O logging or - the _u_s_e___p_t_y setting), the command will be run as a - background process. Attempts to read from the - controlling terminal (or to change terminal settings) - will result in the command being suspended with the - SIGTTIN signal (or SIGTTOU in the case of terminal - settings). If this happens when ssuuddoo is a foreground - process, the command will be granted the controlling - terminal and resumed in the foreground with no user - intervention required. The advantage of initially - running the command in the background is that ssuuddoo need - not read from the terminal unless the command - explicitly requests it. Otherwise, any terminal input - must be passed to the command, whether it has required - it or not (the kernel buffers terminals so it is not - possible to tell whether the command really wants the - input). This is different from historic _s_u_d_o behavior - or when the command is not being run in a pty. - - For this to work seamlessly, the operating system must - support the automatic restarting of system calls. - Unfortunately, not all operating systems do this by - default, and even those that do may have bugs. For - example, Mac OS X fails to restart the ttccggeettaattttrr() and - ttccsseettaattttrr() system calls (this is a bug in Mac OS X). - Furthermore, because this behavior depends on the - command stopping with the SIGTTIN or SIGTTOU signals, - programs that catch these signals and suspend - themselves with a different signal (usually SIGTOP) - will not be automatically foregrounded. Some versions - of the linux su(1) command behave this way. Because of - this, a plugin should not set _e_x_e_c___b_a_c_k_g_r_o_u_n_d unless it - is explicitly enabled by the administrator and there - should be a way to enabled or disable it on a per- - command basis. - - This setting has no effect unless I/O logging is - enabled or _u_s_e___p_t_y is enabled. - Unsupported values will be ignored. argv_out @@ -1384,4 +1385,4 @@ DDIISSCCLLAAIIMMEERR file distributed with ssuuddoo or http://www.sudo.ws/sudo/license.html for complete details. -Sudo 1.8.7 February 5, 2013 Sudo 1.8.7 +Sudo 1.8.7 February 7, 2013 Sudo 1.8.7 diff --git a/doc/sudo_plugin.man.in b/doc/sudo_plugin.man.in index 075956db0..3fe04f916 100644 --- a/doc/sudo_plugin.man.in +++ b/doc/sudo_plugin.man.in @@ -16,7 +16,7 @@ .\" OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. .\" ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. .\" -.TH "SUDO_PLUGIN" "5" "February 5, 2013" "Sudo @PACKAGE_VERSION@" "OpenBSD Programmer's Manual" +.TH "SUDO_PLUGIN" "5" "February 7, 2013" "Sudo @PACKAGE_VERSION@" "OpenBSD Programmer's Manual" .nh .if n .ad l .SH "NAME" @@ -180,6 +180,24 @@ itself but the might. .RS .TP 6n +bsdauth_type=string +Authentication type, if specified by the +\fB\-a\fR +flag, to use on +systems where BSD authentication is supported. +.TP 6n +closefrom=number +If specified, the user has requested via the +\fB\-C\fR +flag that +\fBsudo\fR +close all files descriptors with a value of +\fInumber\fR +or higher. +The plugin may optionally pass this, or another value, back in the +\fIcommand_info\fR +list. +.TP 6n debug_flags=string A comma-separated list of debug flags that correspond to \fBsudo\fR's @@ -207,53 +225,12 @@ debug_level=number This setting has been deprecated in favor of \fIdebug_flags\fR. .TP 6n -runas_user=string -The user name or uid to to run the command as, if specified via the -\fB\-u\fR -flag. -.TP 6n -runas_group=string -The group name or gid to to run the command as, if specified via -the -\fB\-g\fR -flag. -.TP 6n -prompt=string -The prompt to use when requesting a password, if specified via -the -\fB\-p\fR -flag. -.TP 6n -set_home=bool -Set to true if the user specified the -\fB\-H\fR -flag. -If true, set the -\fRHOME\fR -environment variable to the target user's home directory. -.TP 6n -preserve_environment=bool -Set to true if the user specified the -\fB\-E\fR -flag, indicating that -the user wishes to preserve the environment. -.TP 6n -run_shell=bool -Set to true if the user specified the -\fB\-s\fR -flag, indicating that -the user wishes to run a shell. -.TP 6n -login_shell=bool +ignore_ticket=bool Set to true if the user specified the -\fB\-i\fR -flag, indicating that -the user wishes to run a login shell. -.TP 6n -implied_shell=bool -If the user does not specify a program on the command line, -\fBsudo\fR -will pass the plugin the path to the user's shell and set +\fB\-k\fR +flag along with a +command, indicating that the user wishes to ignore any cached +authentication credentials. \fIimplied_shell\fR to true. This allows @@ -269,19 +246,34 @@ function, which will cause to print a usage message and exit. .TP 6n -preserve_groups=bool +implied_shell=bool +If the user does not specify a program on the command line, +\fBsudo\fR +will pass the plugin the path to the user's shell and set +.TP 6n +login_class=string +BSD login class to use when setting resource limits and nice value, +if specified by the +\fB\-c\fR +flag. +.TP 6n +login_shell=bool Set to true if the user specified the -\fB\-P\fR +\fB\-i\fR flag, indicating that -the user wishes to preserve the group vector instead of setting it -based on the runas user. +the user wishes to run a login shell. .TP 6n -ignore_ticket=bool -Set to true if the user specified the -\fB\-k\fR -flag along with a -command, indicating that the user wishes to ignore any cached -authentication credentials. +network_addrs=list +A space-separated list of IP network addresses and netmasks in the +form +``addr/netmask'', +e.g.\& +``192.168.1.2/255.255.255.0''. +The address and netmask pairs may be either IPv4 or IPv6, depending on +what the operating system supports. +If the address contains a colon +(`:\&'), +it is an IPv6 address, else it is IPv4. .TP 6n noninteractive=bool Set to true if the user specified the @@ -292,10 +284,46 @@ should operate in non-interactive mode. The plugin may reject a command run in non-interactive mode if user interaction is required. .TP 6n -login_class=string -BSD login class to use when setting resource limits and nice value, -if specified by the -\fB\-c\fR +preserve_environment=bool +Set to true if the user specified the +\fB\-E\fR +flag, indicating that +the user wishes to preserve the environment. +.TP 6n +preserve_groups=bool +Set to true if the user specified the +\fB\-P\fR +flag, indicating that +the user wishes to preserve the group vector instead of setting it +based on the runas user. +.TP 6n +progname=string +The command name that sudo was run as, typically +``sudo'' +or +``sudoedit''. +.TP 6n +prompt=string +The prompt to use when requesting a password, if specified via +the +\fB\-p\fR +flag. +.TP 6n +run_shell=bool +Set to true if the user specified the +\fB\-s\fR +flag, indicating that +the user wishes to run a shell. +.TP 6n +runas_group=string +The group name or gid to to run the command as, if specified via +the +\fB\-g\fR +flag. +.TP 6n +runas_user=string +The user name or uid to to run the command as, if specified via the +\fB\-u\fR flag. .TP 6n selinux_role=string @@ -310,29 +338,13 @@ the \fB\-t\fR flag. .TP 6n -bsdauth_type=string -Authentication type, if specified by the -\fB\-a\fR -flag, to use on -systems where BSD authentication is supported. -.TP 6n -network_addrs=list -A space-separated list of IP network addresses and netmasks in the -form -``addr/netmask'', -e.g.\& -``192.168.1.2/255.255.255.0''. -The address and netmask pairs may be either IPv4 or IPv6, depending on -what the operating system supports. -If the address contains a colon -(`:\&'), -it is an IPv6 address, else it is IPv4. -.TP 6n -progname=string -The command name that sudo was run as, typically -``sudo'' -or -``sudoedit''. +set_home=bool +Set to true if the user specified the +\fB\-H\fR +flag. +If true, set the +\fRHOME\fR +environment variable to the target user's home directory. .TP 6n sudoedit=bool Set to true when the @@ -349,18 +361,6 @@ if the plugin does not support For more information, see the \fIcheck_policy\fR section. -.TP 6n -closefrom=number -If specified, the user has requested via the -\fB\-C\fR -flag that -\fBsudo\fR -close all files descriptors with a value of -\fInumber\fR -or higher. -The plugin may optionally pass this, or another value, back in the -\fIcommand_info\fR -list. .PP Additional settings may be added in the future so the plugin should silently ignore settings that it does not recognize. @@ -391,58 +391,21 @@ might. .RS .PD .TP 6n -pid=int -The process ID of the running -\fBsudo\fR -process. -Only available starting with API version 1.2 -.TP 6n -ppid=int -The parent process ID of the running -\fBsudo\fR -process. -Only available starting with API version 1.2 -.TP 6n -sid=int -The session ID of the running -\fBsudo\fR -process or 0 if -\fBsudo\fR -is -not part of a POSIX job control session. -Only available starting with API version 1.2 -.TP 6n -pgid=int -The ID of the process group that the running -\fBsudo\fR -process belongs -to. -Only available starting with API version 1.2 +cols=int +The number of columns the user's terminal supports. +If there is no terminal device available, a default value of 80 is used. .TP 6n -tcpgid=int -The ID of the foreground process group associated with the terminal -device associated with the -\fBsudo\fR -process or \-1 if there is no -terminal present. -Only available starting with API version 1.2 +cwd=string +The user's current working directory. .TP 6n -user=string -The name of the user invoking +egid=gid_t +The effective group ID of the user invoking \fBsudo\fR. .TP 6n euid=uid_t The effective user ID of the user invoking \fBsudo\fR. .TP 6n -uid=uid_t -The real user ID of the user invoking -\fBsudo\fR. -.TP 6n -egid=gid_t -The effective group ID of the user invoking -\fBsudo\fR. -.TP 6n gid=gid_t The real group ID of the user invoking \fBsudo\fR. @@ -451,15 +414,6 @@ groups=list The user's supplementary group list formatted as a string of comma-separated group IDs. .TP 6n -cwd=string -The user's current working directory. -.TP 6n -tty=string -The path to the user's terminal device. -If the user has no terminal device associated with the session, -the value will be empty, as in -``\fRtty=\fR''. -.TP 6n host=string The local machine's hostname as returned by the gethostname(2) @@ -470,36 +424,21 @@ The number of lines the user's terminal supports. If there is no terminal device available, a default value of 24 is used. .TP 6n -cols=int -The number of columns the user's terminal supports. -If there is no terminal device available, a default value of 80 is used. -.PP -.RE -.PD 0 +pgid=int +The ID of the process group that the running +\fBsudo\fR +process is a member of. +Only available starting with API version 1.2 .TP 6n -user_env -The user's environment in the form of a -\fRNULL\fR-terminated vector of -``name=value'' -strings. -.sp -When parsing -\fIuser_env\fR, -the plugin should split on the -\fBfirst\fR -equal sign -(`=') -since the -\fIname\fR -field will never include one -itself but the -\fIvalue\fR -might. -.PD +pid=int +The process ID of the running +\fBsudo\fR +process. +Only available starting with API version 1.2 .TP 6n plugin_options Any (non-comment) strings immediately after the plugin path are -treated as arguments to the plugin. +passed as arguments to the plugin. These arguments are split on a white space boundary and are passed to the plugin in the form of a \fRNULL\fR-terminated @@ -523,6 +462,65 @@ by the front end before using \fIplugin_options\fR. Failure to do so may result in a crash. +.TP 6n +ppid=int +The parent process ID of the running +\fBsudo\fR +process. +Only available starting with API version 1.2 +.TP 6n +sid=int +The session ID of the running +\fBsudo\fR +process or 0 if +\fBsudo\fR +is not part of a POSIX job control session. +Only available starting with API version 1.2 +.TP 6n +tcpgid=int +The ID of the foreground process group associated with the terminal +device associated with the +\fBsudo\fR +process or \-1 if there is no +terminal present. +Only available starting with API version 1.2 +.TP 6n +tty=string +The path to the user's terminal device. +If the user has no terminal device associated with the session, +the value will be empty, as in +``\fRtty=\fR''. +.TP 6n +uid=uid_t +The real user ID of the user invoking +\fBsudo\fR. +.TP 6n +user=string +The name of the user invoking +\fBsudo\fR. +.PP +.RE +.PD 0 +.TP 6n +user_env +The user's environment in the form of a +\fRNULL\fR-terminated vector of +``name=value'' +strings. +.sp +When parsing +\fIuser_env\fR, +the plugin should split on the +\fBfirst\fR +equal sign +(`=') +since the +\fIname\fR +field will never include one +itself but the +\fIvalue\fR +might. +.PD .PP .RE .PD 0 @@ -743,89 +741,9 @@ The following values are recognized by \fBsudo\fR: .RS .TP 6n -command=string -Fully qualified path to the command to be executed. -.TP 6n -runas_uid=uid -User ID to run the command as. -.TP 6n -runas_euid=uid -Effective user ID to run the command as. -If not specified, the value of -\fIrunas_uid\fR -is used. -.TP 6n -runas_gid=gid -Group ID to run the command as. -.TP 6n -runas_egid=gid -Effective group ID to run the command as. -If not specified, the value of -\fIrunas_gid\fR -is used. -.TP 6n -runas_groups=list -The supplementary group vector to use for the command in the form -of a comma-separated list of group IDs. -If -\fIpreserve_groups\fR -is set, this option is ignored. -.TP 6n -login_class=string -BSD login class to use when setting resource limits and nice value -(optional). -This option is only set on systems that support login classes. -.TP 6n -preserve_groups=bool -If set, -\fBsudo\fR -will preserve the user's group vector instead of -initializing the group vector based on -\fRrunas_user\fR. -.TP 6n -cwd=string -The current working directory to change to when executing the command. -.TP 6n -noexec=bool -If set, prevent the command from executing other programs. -.TP 6n chroot=string The root directory to use when running the command. .TP 6n -nice=int -Nice value (priority) to use when executing the command. -The nice value, if specified, overrides the priority associated with the -\fIlogin_class\fR -on BSD systems. -.TP 6n -umask=octal -The file creation mask to use when executing the command. -.TP 6n -selinux_role=string -SELinux role to use when executing the command. -.TP 6n -selinux_type=string -SELinux type to use when executing the command. -.TP 6n -timeout=int -Command timeout. -If non-zero then when the timeout expires the command will be killed. -.TP 6n -sudoedit=bool -Set to true when in -\fIsudoedit\fR -mode. -The plugin may enable -\fIsudoedit\fR -mode even if -\fBsudo\fR -was not invoked as -\fBsudoedit\fR. -This allows the plugin to perform command substitution and transparently -enable -\fIsudoedit\fR -when the user attempts to run an editor. -.TP 6n closefrom=number If specified, \fBsudo\fR @@ -834,68 +752,11 @@ of \fInumber\fR or higher. .TP 6n -iolog_compress=bool -Set to true if the I/O logging plugins, if any, should compress the -log data. -This is a hint to the I/O logging plugin which may choose to ignore it. -.TP 6n -iolog_path=string -Fully qualified path to the file or directory in which I/O log is -to be stored. -This is a hint to the I/O logging plugin which may choose to ignore it. -If no I/O logging plugin is loaded, this setting has no effect. -.TP 6n -iolog_stdin=bool -Set to true if the I/O logging plugins, if any, should log the -standard input if it is not connected to a terminal device. -This is a hint to the I/O logging plugin which may choose to ignore it. -.TP 6n -iolog_stdout=bool -Set to true if the I/O logging plugins, if any, should log the -standard output if it is not connected to a terminal device. -This is a hint to the I/O logging plugin which may choose to ignore it. -.TP 6n -iolog_stderr=bool -Set to true if the I/O logging plugins, if any, should log the -standard error if it is not connected to a terminal device. -This is a hint to the I/O logging plugin which may choose to ignore it. -.TP 6n -iolog_ttyin=bool -Set to true if the I/O logging plugins, if any, should log all -terminal input. -This only includes input typed by the user and not from a pipe or -redirected from a file. -This is a hint to the I/O logging plugin which may choose to ignore it. -.TP 6n -iolog_ttyout=bool -Set to true if the I/O logging plugins, if any, should log all -terminal output. -This only includes output to the screen, not output to a pipe or file. -This is a hint to the I/O logging plugin which may choose to ignore it. -.TP 6n -use_pty=bool -Allocate a pseudo-tty to run the command in, regardless of whether -or not I/O logging is in use. -By default, -\fBsudo\fR -will only run -the command in a pty when an I/O log plugin is loaded. -.TP 6n -set_utmp=bool -Create a utmp (or utmpx) entry when a pseudo-tty is allocated. -By default, the new entry will be a copy of the user's existing utmp -entry (if any), with the tty, time, type and pid fields updated. +command=string +Fully qualified path to the command to be executed. .TP 6n -utmp_user=string -User name to use when constructing a new utmp (or utmpx) entry when -\fIset_utmp\fR -is enabled. -This option can be used to set the user field in the utmp entry to -the user the command runs as rather than the invoking user. -If not set, -\fBsudo\fR -will base the new entry on -the invoking user's existing entry. +cwd=string +The current working directory to change to when executing the command. .TP 6n exec_background=bool By default, @@ -957,6 +818,143 @@ be a way to enabled or disable it on a per-command basis. This setting has no effect unless I/O logging is enabled or \fIuse_pty\fR is enabled. +.TP 6n +iolog_compress=bool +Set to true if the I/O logging plugins, if any, should compress the +log data. +This is a hint to the I/O logging plugin which may choose to ignore it. +.TP 6n +iolog_path=string +Fully qualified path to the file or directory in which I/O log is +to be stored. +This is a hint to the I/O logging plugin which may choose to ignore it. +If no I/O logging plugin is loaded, this setting has no effect. +.TP 6n +iolog_stdin=bool +Set to true if the I/O logging plugins, if any, should log the +standard input if it is not connected to a terminal device. +This is a hint to the I/O logging plugin which may choose to ignore it. +.TP 6n +iolog_stdout=bool +Set to true if the I/O logging plugins, if any, should log the +standard output if it is not connected to a terminal device. +This is a hint to the I/O logging plugin which may choose to ignore it. +.TP 6n +iolog_stderr=bool +Set to true if the I/O logging plugins, if any, should log the +standard error if it is not connected to a terminal device. +This is a hint to the I/O logging plugin which may choose to ignore it. +.TP 6n +iolog_ttyin=bool +Set to true if the I/O logging plugins, if any, should log all +terminal input. +This only includes input typed by the user and not from a pipe or +redirected from a file. +This is a hint to the I/O logging plugin which may choose to ignore it. +.TP 6n +iolog_ttyout=bool +Set to true if the I/O logging plugins, if any, should log all +terminal output. +This only includes output to the screen, not output to a pipe or file. +This is a hint to the I/O logging plugin which may choose to ignore it. +.TP 6n +login_class=string +BSD login class to use when setting resource limits and nice value +(optional). +This option is only set on systems that support login classes. +.TP 6n +nice=int +Nice value (priority) to use when executing the command. +The nice value, if specified, overrides the priority associated with the +\fIlogin_class\fR +on BSD systems. +.TP 6n +noexec=bool +If set, prevent the command from executing other programs. +.TP 6n +preserve_groups=bool +If set, +\fBsudo\fR +will preserve the user's group vector instead of +initializing the group vector based on +\fRrunas_user\fR. +.TP 6n +runas_egid=gid +Effective group ID to run the command as. +If not specified, the value of +\fIrunas_gid\fR +is used. +.TP 6n +runas_euid=uid +Effective user ID to run the command as. +If not specified, the value of +\fIrunas_uid\fR +is used. +.TP 6n +runas_gid=gid +Group ID to run the command as. +.TP 6n +runas_groups=list +The supplementary group vector to use for the command in the form +of a comma-separated list of group IDs. +If +\fIpreserve_groups\fR +is set, this option is ignored. +.TP 6n +runas_uid=uid +User ID to run the command as. +.TP 6n +selinux_role=string +SELinux role to use when executing the command. +.TP 6n +selinux_type=string +SELinux type to use when executing the command. +.TP 6n +set_utmp=bool +Create a utmp (or utmpx) entry when a pseudo-tty is allocated. +By default, the new entry will be a copy of the user's existing utmp +entry (if any), with the tty, time, type and pid fields updated. +.TP 6n +sudoedit=bool +Set to true when in +\fIsudoedit\fR +mode. +The plugin may enable +\fIsudoedit\fR +mode even if +\fBsudo\fR +was not invoked as +\fBsudoedit\fR. +This allows the plugin to perform command substitution and transparently +enable +\fIsudoedit\fR +when the user attempts to run an editor. +.TP 6n +timeout=int +Command timeout. +If non-zero then when the timeout expires the command will be killed. +.TP 6n +umask=octal +The file creation mask to use when executing the command. +.TP 6n +use_pty=bool +Allocate a pseudo-tty to run the command in, regardless of whether +or not I/O logging is in use. +By default, +\fBsudo\fR +will only run +the command in a pty when an I/O log plugin is loaded. +.TP 6n +utmp_user=string +User name to use when constructing a new utmp (or utmpx) entry when +\fIset_utmp\fR +is enabled. +This option can be used to set the user field in the utmp entry to +the user the command runs as rather than the invoking user. +If not set, +\fBsudo\fR +will base the new entry on +the invoking user's existing entry. .PP Unsupported values will be ignored. .PP diff --git a/doc/sudo_plugin.mdoc.in b/doc/sudo_plugin.mdoc.in index 103b07021..55cb0907b 100644 --- a/doc/sudo_plugin.mdoc.in +++ b/doc/sudo_plugin.mdoc.in @@ -14,7 +14,7 @@ .\" OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. .\" ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. .\" -.Dd February 5, 2013 +.Dd February 7, 2013 .Dt SUDO_PLUGIN @mansectform@ .Os Sudo @PACKAGE_VERSION@ .Sh NAME @@ -166,6 +166,22 @@ itself but the .Em value might. .Bl -tag -width 4n +.It bsdauth_type=string +Authentication type, if specified by the +.Fl a +flag, to use on +systems where BSD authentication is supported. +.It closefrom=number +If specified, the user has requested via the +.Fl C +flag that +.Nm sudo +close all files descriptors with a value of +.Em number +or higher. +The plugin may optionally pass this, or another value, back in the +.Em command_info +list. .It debug_flags=string A comma-separated list of debug flags that correspond to .Nm sudo Ns No 's @@ -191,46 +207,12 @@ and the plugin. .It debug_level=number This setting has been deprecated in favor of .Em debug_flags . -.It runas_user=string -The user name or uid to to run the command as, if specified via the -.Fl u -flag. -.It runas_group=string -The group name or gid to to run the command as, if specified via -the -.Fl g -flag. -.It prompt=string -The prompt to use when requesting a password, if specified via -the -.Fl p -flag. -.It set_home=bool -Set to true if the user specified the -.Fl H -flag. -If true, set the -.Li HOME -environment variable to the target user's home directory. -.It preserve_environment=bool -Set to true if the user specified the -.Fl E -flag, indicating that -the user wishes to preserve the environment. -.It run_shell=bool -Set to true if the user specified the -.Fl s -flag, indicating that -the user wishes to run a shell. -.It login_shell=bool +.It ignore_ticket=bool Set to true if the user specified the -.Fl i -flag, indicating that -the user wishes to run a login shell. -.It implied_shell=bool -If the user does not specify a program on the command line, -.Nm sudo -will pass the plugin the path to the user's shell and set +.Fl k +flag along with a +command, indicating that the user wishes to ignore any cached +authentication credentials. .Em implied_shell to true. This allows @@ -245,46 +227,20 @@ function, which will cause .Nm sudo to print a usage message and exit. -.It preserve_groups=bool -Set to true if the user specified the -.Fl P -flag, indicating that -the user wishes to preserve the group vector instead of setting it -based on the runas user. -.It ignore_ticket=bool -Set to true if the user specified the -.Fl k -flag along with a -command, indicating that the user wishes to ignore any cached -authentication credentials. -.It noninteractive=bool -Set to true if the user specified the -.Fl n -flag, indicating that +.It implied_shell=bool +If the user does not specify a program on the command line, .Nm sudo -should operate in non-interactive mode. -The plugin may reject a command run in non-interactive mode if user -interaction is required. +will pass the plugin the path to the user's shell and set .It login_class=string BSD login class to use when setting resource limits and nice value, if specified by the .Fl c flag. -.It selinux_role=string -SELinux role to use when executing the command, if specified by -the -.Fl r -flag. -.It selinux_type=string -SELinux type to use when executing the command, if specified by -the -.Fl t -flag. -.It bsdauth_type=string -Authentication type, if specified by the -.Fl a -flag, to use on -systems where BSD authentication is supported. +.It login_shell=bool +Set to true if the user specified the +.Fl i +flag, indicating that +the user wishes to run a login shell. .It network_addrs=list A space-separated list of IP network addresses and netmasks in the form @@ -296,11 +252,66 @@ what the operating system supports. If the address contains a colon .Pq Ql :\& , it is an IPv6 address, else it is IPv4. +.It noninteractive=bool +Set to true if the user specified the +.Fl n +flag, indicating that +.Nm sudo +should operate in non-interactive mode. +The plugin may reject a command run in non-interactive mode if user +interaction is required. +.It preserve_environment=bool +Set to true if the user specified the +.Fl E +flag, indicating that +the user wishes to preserve the environment. +.It preserve_groups=bool +Set to true if the user specified the +.Fl P +flag, indicating that +the user wishes to preserve the group vector instead of setting it +based on the runas user. .It progname=string The command name that sudo was run as, typically .Dq sudo or .Dq sudoedit . +.It prompt=string +The prompt to use when requesting a password, if specified via +the +.Fl p +flag. +.It run_shell=bool +Set to true if the user specified the +.Fl s +flag, indicating that +the user wishes to run a shell. +.It runas_group=string +The group name or gid to to run the command as, if specified via +the +.Fl g +flag. +.It runas_user=string +The user name or uid to to run the command as, if specified via the +.Fl u +flag. +.It selinux_role=string +SELinux role to use when executing the command, if specified by +the +.Fl r +flag. +.It selinux_type=string +SELinux type to use when executing the command, if specified by +the +.Fl t +flag. +.It set_home=bool +Set to true if the user specified the +.Fl H +flag. +If true, set the +.Li HOME +environment variable to the target user's home directory. .It sudoedit=bool Set to true when the .Fl e @@ -316,17 +327,6 @@ if the plugin does not support For more information, see the .Em check_policy section. -.It closefrom=number -If specified, the user has requested via the -.Fl C -flag that -.Nm sudo -close all files descriptors with a value of -.Em number -or higher. -The plugin may optionally pass this, or another value, back in the -.Em command_info -list. .El .Pp Additional settings may be added in the future so the plugin should @@ -352,62 +352,23 @@ itself but the .Em value might. .Bl -tag -width 4n -.It pid=int -The process ID of the running -.Nm sudo -process. -Only available starting with API version 1.2 -.It ppid=int -The parent process ID of the running -.Nm sudo -process. -Only available starting with API version 1.2 -.It sid=int -The session ID of the running -.Nm sudo -process or 0 if -.Nm sudo -is -not part of a POSIX job control session. -Only available starting with API version 1.2 -.It pgid=int -The ID of the process group that the running -.Nm sudo -process belongs -to. -Only available starting with API version 1.2 -.It tcpgid=int -The ID of the foreground process group associated with the terminal -device associated with the -.Nm sudo -process or \-1 if there is no -terminal present. -Only available starting with API version 1.2 -.It user=string -The name of the user invoking +.It cols=int +The number of columns the user's terminal supports. +If there is no terminal device available, a default value of 80 is used. +.It cwd=string +The user's current working directory. +.It egid=gid_t +The effective group ID of the user invoking .Nm sudo . .It euid=uid_t The effective user ID of the user invoking .Nm sudo . -.It uid=uid_t -The real user ID of the user invoking -.Nm sudo . -.It egid=gid_t -The effective group ID of the user invoking -.Nm sudo . .It gid=gid_t The real group ID of the user invoking .Nm sudo . .It groups=list The user's supplementary group list formatted as a string of comma-separated group IDs. -.It cwd=string -The user's current working directory. -.It tty=string -The path to the user's terminal device. -If the user has no terminal device associated with the session, -the value will be empty, as in -.Dq Li tty= . .It host=string The local machine's hostname as returned by the .Xr gethostname 2 @@ -416,31 +377,19 @@ system call. The number of lines the user's terminal supports. If there is no terminal device available, a default value of 24 is used. -.It cols=int -The number of columns the user's terminal supports. -If there is no terminal device available, a default value of 80 is used. -.El -.It user_env -The user's environment in the form of a -.Dv NULL Ns No -terminated vector of -.Dq name=value -strings. -.Pp -When parsing -.Em user_env , -the plugin should split on the -.Sy first -equal sign -.Pq Ql = -since the -.Em name -field will never include one -itself but the -.Em value -might. +.It pgid=int +The ID of the process group that the running +.Nm sudo +process is a member of. +Only available starting with API version 1.2 +.It pid=int +The process ID of the running +.Nm sudo +process. +Only available starting with API version 1.2 .It plugin_options Any (non-comment) strings immediately after the plugin path are -treated as arguments to the plugin. +passed as arguments to the plugin. These arguments are split on a white space boundary and are passed to the plugin in the form of a .Dv NULL Ns No -terminated @@ -464,6 +413,55 @@ by the front end before using .Em plugin_options . Failure to do so may result in a crash. +.It ppid=int +The parent process ID of the running +.Nm sudo +process. +Only available starting with API version 1.2 +.It sid=int +The session ID of the running +.Nm sudo +process or 0 if +.Nm sudo +is not part of a POSIX job control session. +Only available starting with API version 1.2 +.It tcpgid=int +The ID of the foreground process group associated with the terminal +device associated with the +.Nm sudo +process or \-1 if there is no +terminal present. +Only available starting with API version 1.2 +.It tty=string +The path to the user's terminal device. +If the user has no terminal device associated with the session, +the value will be empty, as in +.Dq Li tty= . +.It uid=uid_t +The real user ID of the user invoking +.Nm sudo . +.It user=string +The name of the user invoking +.Nm sudo . +.El +.It user_env +The user's environment in the form of a +.Dv NULL Ns No -terminated vector of +.Dq name=value +strings. +.Pp +When parsing +.Em user_env , +the plugin should split on the +.Sy first +equal sign +.Pq Ql = +since the +.Em name +field will never include one +itself but the +.Em value +might. .El .It close .Bd -literal -compact @@ -655,72 +653,8 @@ pointer. The following values are recognized by .Nm sudo : .Bl -tag -width 4n -.It command=string -Fully qualified path to the command to be executed. -.It runas_uid=uid -User ID to run the command as. -.It runas_euid=uid -Effective user ID to run the command as. -If not specified, the value of -.Em runas_uid -is used. -.It runas_gid=gid -Group ID to run the command as. -.It runas_egid=gid -Effective group ID to run the command as. -If not specified, the value of -.Em runas_gid -is used. -.It runas_groups=list -The supplementary group vector to use for the command in the form -of a comma-separated list of group IDs. -If -.Em preserve_groups -is set, this option is ignored. -.It login_class=string -BSD login class to use when setting resource limits and nice value -(optional). -This option is only set on systems that support login classes. -.It preserve_groups=bool -If set, -.Nm sudo -will preserve the user's group vector instead of -initializing the group vector based on -.Li runas_user . -.It cwd=string -The current working directory to change to when executing the command. -.It noexec=bool -If set, prevent the command from executing other programs. .It chroot=string The root directory to use when running the command. -.It nice=int -Nice value (priority) to use when executing the command. -The nice value, if specified, overrides the priority associated with the -.Em login_class -on BSD systems. -.It umask=octal -The file creation mask to use when executing the command. -.It selinux_role=string -SELinux role to use when executing the command. -.It selinux_type=string -SELinux type to use when executing the command. -.It timeout=int -Command timeout. -If non-zero then when the timeout expires the command will be killed. -.It sudoedit=bool -Set to true when in -.Em sudoedit -mode. -The plugin may enable -.Em sudoedit -mode even if -.Nm sudo -was not invoked as -.Nm sudoedit . -This allows the plugin to perform command substitution and transparently -enable -.Em sudoedit -when the user attempts to run an editor. .It closefrom=number If specified, .Nm sudo @@ -728,59 +662,10 @@ will close all files descriptors with a value of .Em number or higher. -.It iolog_compress=bool -Set to true if the I/O logging plugins, if any, should compress the -log data. -This is a hint to the I/O logging plugin which may choose to ignore it. -.It iolog_path=string -Fully qualified path to the file or directory in which I/O log is -to be stored. -This is a hint to the I/O logging plugin which may choose to ignore it. -If no I/O logging plugin is loaded, this setting has no effect. -.It iolog_stdin=bool -Set to true if the I/O logging plugins, if any, should log the -standard input if it is not connected to a terminal device. -This is a hint to the I/O logging plugin which may choose to ignore it. -.It iolog_stdout=bool -Set to true if the I/O logging plugins, if any, should log the -standard output if it is not connected to a terminal device. -This is a hint to the I/O logging plugin which may choose to ignore it. -.It iolog_stderr=bool -Set to true if the I/O logging plugins, if any, should log the -standard error if it is not connected to a terminal device. -This is a hint to the I/O logging plugin which may choose to ignore it. -.It iolog_ttyin=bool -Set to true if the I/O logging plugins, if any, should log all -terminal input. -This only includes input typed by the user and not from a pipe or -redirected from a file. -This is a hint to the I/O logging plugin which may choose to ignore it. -.It iolog_ttyout=bool -Set to true if the I/O logging plugins, if any, should log all -terminal output. -This only includes output to the screen, not output to a pipe or file. -This is a hint to the I/O logging plugin which may choose to ignore it. -.It use_pty=bool -Allocate a pseudo-tty to run the command in, regardless of whether -or not I/O logging is in use. -By default, -.Nm sudo -will only run -the command in a pty when an I/O log plugin is loaded. -.It set_utmp=bool -Create a utmp (or utmpx) entry when a pseudo-tty is allocated. -By default, the new entry will be a copy of the user's existing utmp -entry (if any), with the tty, time, type and pid fields updated. -.It utmp_user=string -User name to use when constructing a new utmp (or utmpx) entry when -.Em set_utmp -is enabled. -This option can be used to set the user field in the utmp entry to -the user the command runs as rather than the invoking user. -If not set, -.Nm sudo -will base the new entry on -the invoking user's existing entry. +.It command=string +Fully qualified path to the command to be executed. +.It cwd=string +The current working directory to change to when executing the command. .It exec_background=bool By default, .Nm sudo @@ -801,7 +686,7 @@ signal (or in the case of terminal settings). If this happens when .Nm sudo -is a foreground process, the command will be granted the controlling terminal +is a foreground process, the command will be granted the controlling terminal and resumed in the foreground with no user intervention required. The advantage of initially running the command in the background is that .Nm sudo @@ -824,7 +709,7 @@ and system calls (this is a bug in Mac OS X). Furthermore, because this behavior depends on the command stopping with the .Dv SIGTTIN -or +or .Dv SIGTTOU signals, programs that catch these signals and suspend themselves with a different signal (usually @@ -841,6 +726,119 @@ be a way to enabled or disable it on a per-command basis. This setting has no effect unless I/O logging is enabled or .Em use_pty is enabled. +.It iolog_compress=bool +Set to true if the I/O logging plugins, if any, should compress the +log data. +This is a hint to the I/O logging plugin which may choose to ignore it. +.It iolog_path=string +Fully qualified path to the file or directory in which I/O log is +to be stored. +This is a hint to the I/O logging plugin which may choose to ignore it. +If no I/O logging plugin is loaded, this setting has no effect. +.It iolog_stdin=bool +Set to true if the I/O logging plugins, if any, should log the +standard input if it is not connected to a terminal device. +This is a hint to the I/O logging plugin which may choose to ignore it. +.It iolog_stdout=bool +Set to true if the I/O logging plugins, if any, should log the +standard output if it is not connected to a terminal device. +This is a hint to the I/O logging plugin which may choose to ignore it. +.It iolog_stderr=bool +Set to true if the I/O logging plugins, if any, should log the +standard error if it is not connected to a terminal device. +This is a hint to the I/O logging plugin which may choose to ignore it. +.It iolog_ttyin=bool +Set to true if the I/O logging plugins, if any, should log all +terminal input. +This only includes input typed by the user and not from a pipe or +redirected from a file. +This is a hint to the I/O logging plugin which may choose to ignore it. +.It iolog_ttyout=bool +Set to true if the I/O logging plugins, if any, should log all +terminal output. +This only includes output to the screen, not output to a pipe or file. +This is a hint to the I/O logging plugin which may choose to ignore it. +.It login_class=string +BSD login class to use when setting resource limits and nice value +(optional). +This option is only set on systems that support login classes. +.It nice=int +Nice value (priority) to use when executing the command. +The nice value, if specified, overrides the priority associated with the +.Em login_class +on BSD systems. +.It noexec=bool +If set, prevent the command from executing other programs. +.It preserve_groups=bool +If set, +.Nm sudo +will preserve the user's group vector instead of +initializing the group vector based on +.Li runas_user . +.It runas_egid=gid +Effective group ID to run the command as. +If not specified, the value of +.Em runas_gid +is used. +.It runas_euid=uid +Effective user ID to run the command as. +If not specified, the value of +.Em runas_uid +is used. +.It runas_gid=gid +Group ID to run the command as. +.It runas_groups=list +The supplementary group vector to use for the command in the form +of a comma-separated list of group IDs. +If +.Em preserve_groups +is set, this option is ignored. +.It runas_uid=uid +User ID to run the command as. +.It selinux_role=string +SELinux role to use when executing the command. +.It selinux_type=string +SELinux type to use when executing the command. +.It set_utmp=bool +Create a utmp (or utmpx) entry when a pseudo-tty is allocated. +By default, the new entry will be a copy of the user's existing utmp +entry (if any), with the tty, time, type and pid fields updated. +.It sudoedit=bool +Set to true when in +.Em sudoedit +mode. +The plugin may enable +.Em sudoedit +mode even if +.Nm sudo +was not invoked as +.Nm sudoedit . +This allows the plugin to perform command substitution and transparently +enable +.Em sudoedit +when the user attempts to run an editor. +.It timeout=int +Command timeout. +If non-zero then when the timeout expires the command will be killed. +.It umask=octal +The file creation mask to use when executing the command. +.It use_pty=bool +Allocate a pseudo-tty to run the command in, regardless of whether +or not I/O logging is in use. +By default, +.Nm sudo +will only run +the command in a pty when an I/O log plugin is loaded. +.It utmp_user=string +User name to use when constructing a new utmp (or utmpx) entry when +.Em set_utmp +is enabled. +This option can be used to set the user field in the utmp entry to +the user the command runs as rather than the invoking user. +If not set, +.Nm sudo +will base the new entry on +the invoking user's existing entry. .El .Pp Unsupported values will be ignored.