From: Todd C. Miller Date: Mon, 17 May 2004 21:55:52 +0000 (+0000) Subject: Use @mansectform@ and @mansectsu@ everywhere X-Git-Tag: SUDO_1_6_8~133 X-Git-Url: https://granicus.if.org/sourcecode?a=commitdiff_plain;h=d5e0c4d8252532011bfca9d6dd252cf5bbccb070;p=sudo Use @mansectform@ and @mansectsu@ everywhere Make man page references links with L<> --- diff --git a/sudo.pod b/sudo.pod index 6a2915683..b76d03812 100644 --- a/sudo.pod +++ b/sudo.pod @@ -91,7 +91,7 @@ B accepts the following command line options: The B<-H> (I) option sets the C environment variable to the homedir of the target user (root by default) as specified -in passwd(5). By default, B does not modify C. +in passwd(@mansectform@). By default, B does not modify C. =item -K @@ -195,8 +195,8 @@ The B<-h> (I) option causes B to print a usage message and exit. =item -i -The C<-i> (I) option runs the shell specified -in the passwd(@mansectform@) entry of the user that the command is +The B<-i> (I) option runs the shell specified +in the L entry of the user that the command is being run as. The command name argument given to the shell begins with a C<-> to tell the shell to run as a login shell. B attempts to change to that user's home directory before running the @@ -258,7 +258,7 @@ two consecutive C<%> characters are collasped into a single C<%> character The B<-s> (I) option runs the shell specified by the I environment variable if it is set or the shell as specified -in passwd(5). +in L. =item -u @@ -289,11 +289,11 @@ will simply be the return value of the program that was executed. Otherwise, B quits with an exit value of 1 if there is a configuration/permission problem or if B cannot execute the given command. In the latter case the error string is printed to -stderr. If B cannot stat(2) one or more entries in the user's +stderr. If B cannot L one or more entries in the user's C an error is printed on stderr. (If the directory does not exist or if it is not really a directory, the entry is ignored and no error is printed.) This should not happen under normal -circumstances. The most common reason for stat(2) to return +circumstances. The most common reason for L to return "permission denied" is if you are running an automounter and one of the directories in your C is on a machine that is currently unreachable. @@ -332,7 +332,7 @@ behavior or link B statically. B will check the ownership of its timestamp directory (F<@timedir@> by default) and ignore the directory's contents if it is not owned by root and only writable by root. On systems that -allow non-root users to give away files via chown(2), if the timestamp +allow non-root users to give away files via L, if the timestamp directory is located in a directory writable by anyone (e.g.: F), it is possible for a user to create the timestamp directory before B is run. However, because B checks the ownership and @@ -363,7 +363,7 @@ the user an effective root shell. =head1 EXAMPLES -Note: the following examples assume suitable sudoers(5) entries. +Note: the following examples assume suitable L entries. To get a file listing of an unreadable directory: @@ -419,6 +419,7 @@ B utilizes the following environment variables: is specified) VISUAL Default editor to use in -e (sudoedit) mode + =head1 FILES @sysconfdir@/sudoers List of who can run what @@ -455,7 +456,7 @@ if that user is allowed to run arbitrary commands via B. Also, many programs (such as editors) allow the user to run commands via shell escapes, thus avoiding B's checks. However, on most systems it is possible to prevent shell escapes with B's -I functionality. See the sudoers(5) manual for details. +I functionality. See the L manual for details. If users have sudo C there is nothing to prevent them from creating their own program that gives them a root shell regardless of any '!' @@ -468,4 +469,5 @@ are generally safe). =head1 SEE ALSO -grep(1), su(1), stat(2), login_cap(3), sudoers(5), passwd(5), visudo(8) +L, L, L, L, L, +L, L diff --git a/sudoers.pod b/sudoers.pod index 046b2c1f4..86ca0a8af 100644 --- a/sudoers.pod +++ b/sudoers.pod @@ -378,7 +378,7 @@ password. This flag is I<@insults@> by default. If set, B will only run when the user is logged in to a real tty. This will disallow things like C<"rsh somehost sudo ls"> since -rsh(1) does not allocate a tty. Because it is not possible to turn +L does not allocate a tty. Because it is not possible to turn off echo when there is no tty present, some sites may with to set this flag to prevent a user from entering a visible password. This flag is I by default. @@ -756,12 +756,13 @@ C operators respectively. This list has no default members. =back -When logging via syslog(3), B accepts the following values for the syslog -facility (the value of the B Parameter): B (if your OS -supports it), B, B, B, B, B, B, -B, B, B, B, and B. The following -syslog priorities are supported: B, B, B, B, -B, B, B, and B. +When logging via L, B accepts the following values +for the syslog facility (the value of the B Parameter): +B (if your OS supports it), B, B, B, +B, B, B, B, B, B, +B, and B. The following syslog priorities are +supported: B, B, B, B, B, B, +B, and B. =head2 User Specification @@ -861,7 +862,7 @@ on how I works and whether or not it will work on your system. B allows shell-style I to be used in pathnames as well as command line arguments in the I file. Wildcard -matching is done via the B C routine. Note that +matching is done via the B L routine. Note that these are I regular expressions. =over 8 @@ -983,7 +984,7 @@ these are a bit contrived. First, we define our I: Cmnd_Alias SU = /usr/bin/su Here we override some of the compiled in default values. We want -B to log via syslog(3) using the I facility in all +B to log via L using the I facility in all cases. We don't want to subject the full time staff to the B lecture, user B need not give a password, and we don't want to set the C or C environment variables when @@ -1043,12 +1044,12 @@ directory F. joe ALL = /usr/bin/su operator -The user B may only su(1) to operator. +The user B may only L to operator. pete HPPA = /usr/bin/passwd [A-z]*, !/usr/bin/passwd root The user B is allowed to change anyone's password except for -root on the I machines. Note that this assumes passwd(1) +root on the I machines. Note that this assumes L does not take multiple usernames on the command line. bob SPARC = (OP) ALL : SGI = (OP) ALL @@ -1075,7 +1076,7 @@ The user B can run commands as any user in the I C john ALPHA = /usr/bin/su [!-]*, !/usr/bin/su *root* On the I machines, user B may su to anyone except root -but he is not allowed to give su(1) any flags. +but he is not allowed to give L any flags. jen ALL, !SERVERS = ALL @@ -1102,7 +1103,7 @@ kill hung processes. On the host www, any user in the I C (will, wendy, and wim), may run any command as user www (which owns the -web pages) or simply su(1) to www. +web pages) or simply L to www. ALL CDROM = NOPASSWD: /sbin/umount /CDROM,\ /sbin/mount -o nosuid\,nodev /dev/cd0a /CDROM @@ -1198,4 +1199,4 @@ I. =head1 SEE ALSO -rsh(1), su(1), fnmatch(3), sudo(8), visudo(8) +L, L, L, L, L diff --git a/visudo.pod b/visudo.pod index 8e2ed4b50..8265f78ee 100644 --- a/visudo.pod +++ b/visudo.pod @@ -32,14 +32,14 @@ B [ B<-c> ] [ B<-f> I ] [ B<-q> ] [ B<-s> ] [ B<-V> ] =head1 DESCRIPTION B edits the I file in a safe fashion, analogous to -vipw(8). B locks the I file against multiple +L. B locks the I file against multiple simultaneous edits, provides basic sanity checks, and checks for parse errors. If the I file is currently being edited you will receive a message to try again later. There is a hard-coded list of editors that B will use set at compile-time that may be overridden via the I I -C variable. This list defaults to the path to vi(1) on +C variable. This list defaults to the path to L on your system, as determined by the I script. Normally, B does not honor the C or C environment variables unless they contain an editor in the aforementioned editors @@ -175,4 +175,4 @@ the editor used by B allows shell escapes. =head1 SEE ALSO -vi(1), sudoers(5), sudo(8), vipw(8) +L, L, L, L