From: Todd C. Miller <Todd.Miller@courtesan.com>
Date: Thu, 26 Oct 2000 17:03:55 +0000 (+0000)
Subject: regen
X-Git-Tag: SUDO_1_6_4~247
X-Git-Url: https://granicus.if.org/sourcecode?a=commitdiff_plain;h=dea1ce4d3e1ef590b2db6bd6086cde98d3ae0d85;p=sudo

regen
---

diff --git a/sudo.cat b/sudo.cat
index 05d67aa09..d96e32854 100644
--- a/sudo.cat
+++ b/sudo.cat
@@ -9,8 +9,8 @@ NNNNAAAAMMMMEEEE
 
 SSSSYYYYNNNNOOOOPPPPSSSSIIIISSSS
        ssssuuuuddddoooo ----VVVV | ----hhhh | ----llll | ----LLLL | ----vvvv | ----kkkk | ----KKKK | ----ssss | [ ----HHHH ] [----SSSS ]
-       [ ----bbbb ] | [ ----pppp _p_r_o_m_p_t ] [ ----cccc _c_l_a_s_s|_- ] [ ----uuuu _u_s_e_r_n_a_m_e|_#_u_i_d ]
-       _c_o_m_m_a_n_d
+       [ ----bbbb ] | [ ----pppp _p_r_o_m_p_t ] [ ----cccc _c_l_a_s_s|_- ] [ ----aaaa _a_u_t_h___t_y_p_e ] [
+       ----uuuu _u_s_e_r_n_a_m_e|_#_u_i_d ] _c_o_m_m_a_n_d
 
 DDDDEEEESSSSCCCCRRRRIIIIPPPPTTTTIIIIOOOONNNN
        ssssuuuuddddoooo allows a permitted user to execute a _c_o_m_m_a_n_d as the
@@ -61,7 +61,7 @@ OOOOPPPPTTTTIIIIOOOONNNNSSSS
 
 
 
-August 13, 2000               1.6.4                             1
+October 26, 2000              1.6.4                             1
 
 
 
@@ -75,9 +75,9 @@ sudo(1m)               MAINTENANCE COMMANDS              sudo(1m)
 
        -v  If given the ----vvvv (_v_a_l_i_d_a_t_e) option, ssssuuuuddddoooo will update
            the user's timestamp, prompting for the user's pass­
-           word if necessary.  This extends the ssssuuuuddddoooo timeout to
-           for another `5' minutes (or whatever the timeout is
-           set to in _s_u_d_o_e_r_s) but does not run a command.
+           word if necessary.  This extends the ssssuuuuddddoooo timeout for
+           another `5' minutes (or whatever the timeout is set to
+           in _s_u_d_o_e_r_s) but does not run a command.
 
        -k  The ----kkkk (_k_i_l_l) option to ssssuuuuddddoooo invalidates the user's
            timestamp by setting the time on it to the epoch.  The
@@ -115,26 +115,34 @@ sudo(1m)               MAINTENANCE COMMANDS              sudo(1m)
            classes where ssssuuuuddddoooo has been configured with the
            --with-logincap option.
 
-       -u  The ----uuuu (_u_s_e_r) option causes ssssuuuuddddoooo to run the specified
-           command as a user other than _r_o_o_t.  To specify a _u_i_d
-           instead of a _u_s_e_r_n_a_m_e, use _#_u_i_d.
+       -a  The ----aaaa (_a_u_t_h_e_n_t_i_c_a_t_i_o_n _t_y_p_e) option causes ssssuuuuddddoooo to use
+           the specified authentication type when validating the
+           user, as allowed by /etc/login.conf.  The system
+           administrator may specify a list of sudo-specific
+           authentication methods by adding an "auth-sudo" entry
+           in /etc/login.conf.  This option is only available on
+           systems that support BSD authentication where ssssuuuuddddoooo has
+           been configured with the --with-bsdauth option.
 
-       -s  The ----ssss (_s_h_e_l_l) option runs the shell specified by the
-           _S_H_E_L_L environment variable if it is set or the shell
-           as specified in _p_a_s_s_w_d(4).
 
 
 
+October 26, 2000              1.6.4                             2
 
 
-August 13, 2000               1.6.4                             2
 
 
 
+sudo(1m)               MAINTENANCE COMMANDS              sudo(1m)
 
 
-sudo(1m)               MAINTENANCE COMMANDS              sudo(1m)
+       -u  The ----uuuu (_u_s_e_r) option causes ssssuuuuddddoooo to run the specified
+           command as a user other than _r_o_o_t.  To specify a _u_i_d
+           instead of a _u_s_e_r_n_a_m_e, use _#_u_i_d.
 
+       -s  The ----ssss (_s_h_e_l_l) option runs the shell specified by the
+           _S_H_E_L_L environment variable if it is set or the shell
+           as specified in _p_a_s_s_w_d(4).
 
        -H  The ----HHHH (_H_O_M_E) option sets the `HOME' environment vari­
            able to the homedir of the target user (root by
@@ -182,18 +190,10 @@ SSSSEEEECCCCUUUURRRRIIIITTTTYYYY NNNNOOOOTTTTE
        denoting current directory) last when searching for a com­
        mand in the user's PATH (if one or both are in the PATH).
        Note, however, that the actual `PATH' environment variable
-       is _n_o_t modified and is passed unchanged to the program
-       that ssssuuuuddddoooo executes.
-
-       For security reasons, if your OS supports shared libraries
-       and does not disable user-defined library search paths for
-       setuid programs (most do), you should either use a linker
-       option that disables this behavior or link ssssuuuuddddoooo stati­
-       cally.
 
 
 
-August 13, 2000               1.6.4                             3
+October 26, 2000              1.6.4                             3
 
 
 
@@ -202,6 +202,15 @@ August 13, 2000               1.6.4                             3
 sudo(1m)               MAINTENANCE COMMANDS              sudo(1m)
 
 
+       is _n_o_t modified and is passed unchanged to the program
+       that ssssuuuuddddoooo executes.
+
+       For security reasons, if your OS supports shared libraries
+       and does not disable user-defined library search paths for
+       setuid programs (most do), you should either use a linker
+       option that disables this behavior or link ssssuuuuddddoooo stati­
+       cally.
+
        ssssuuuuddddoooo will check the ownership of its timestamp directory
        (_/_v_a_r_/_r_u_n_/_s_u_d_o by default) and ignore the directory's con­
        tents if it is not owned by root and only writable by
@@ -225,7 +234,7 @@ sudo(1m)               MAINTENANCE COMMANDS              sudo(1m)
        Timestamps with a date greater than current_time + 2 *
        `TIMEOUT' will be ignored and sudo will log and complain.
        This is done to keep a user from creating his/her own
-       timestamp with a bogus date on system that allow users to
+       timestamp with a bogus date on systems that allow users to
        give away files.
 
 EEEEXXXXAAAAMMMMPPPPLLLLEEEESSSS
@@ -248,24 +257,24 @@ EEEEXXXXAAAAMMMMPPPPLLLLEEEESSSS
 
        To shutdown a machine:
 
-        % sudo shutdown -r +15 "quick reboot"
 
-       To make a usage listing of the directories in the /home
-       partition.  Note that this runs the commands in a sub-
-       shell to make the `cd' and file redirection work.
 
-        % sudo sh -c "cd /home ; du -s * | sort -rn > USAGE"
+October 26, 2000              1.6.4                             4
 
 
 
 
-August 13, 2000               1.6.4                             4
 
+sudo(1m)               MAINTENANCE COMMANDS              sudo(1m)
 
 
+        % sudo shutdown -r +15 "quick reboot"
 
+       To make a usage listing of the directories in the /home
+       partition.  Note that this runs the commands in a sub-
+       shell to make the `cd' and file redirection work.
 
-sudo(1m)               MAINTENANCE COMMANDS              sudo(1m)
+        % sudo sh -c "cd /home ; du -s * | sort -rn > USAGE"
 
 
 EEEENNNNVVVVIIIIRRRROOOONNNNMMMMEEEENNNNTTTT
@@ -292,13 +301,14 @@ FFFFIIIILLLLEEEESSSS
 
 
 AAAAUUUUTTTTHHHHOOOORRRRSSSS
-       Many people have worked on ssssuuuuddddoooo over the years, this ver­
+       Many people have worked on ssssuuuuddddoooo over the years; this ver­
        sion consists of code written primarily by:
 
                Todd Miller
                Chris Jepeway
 
-       See the HISTORY file in the ssssuuuuddddoooo distribution for a short
+       See the HISTORY file in the ssssuuuuddddoooo distribution or visit
+       http://www.courtesan.com/sudo/history.html for a short
        history of ssssuuuuddddoooo.
 
 BBBBUUUUGGGGSSSS
@@ -312,27 +322,27 @@ DDDDIIIISSSSCCCCLLLLAAAAIIIIMMMMEEEERRRR
        purpose are disclaimed.  See the LICENSE file distributed
        with ssssuuuuddddoooo for complete details.
 
-CCCCAAAAVVVVEEEEAAAATTTTSSSS
-       There is no easy way to prevent a user from gaining a root
-       shell if that user has access to commands allowing shell
-       escapes.
 
-       If users have sudo `ALL' there is nothing to prevent them
-       from creating their own program that gives them a root
-       shell regardless of any '!'  elements in the user specifi­
-       cation.
 
 
+October 26, 2000              1.6.4                             5
 
 
-August 13, 2000               1.6.4                             5
 
 
 
+sudo(1m)               MAINTENANCE COMMANDS              sudo(1m)
 
 
-sudo(1m)               MAINTENANCE COMMANDS              sudo(1m)
+CCCCAAAAVVVVEEEEAAAATTTTSSSS
+       There is no easy way to prevent a user from gaining a root
+       shell if that user has access to commands allowing shell
+       escapes.
 
+       If users have sudo `ALL' there is nothing to prevent them
+       from creating their own program that gives them a root
+       shell regardless of any '!'  elements in the user specifi­
+       cation.
 
        Running shell scripts via ssssuuuuddddoooo can expose the same kernel
        bugs that make setuid shell scripts unsafe on some operat­
@@ -381,16 +391,6 @@ SSSSEEEEEEEE AAAALLLLSSSSOOOO
 
 
 
-
-
-
-
-
-
-
-
-
-
-August 13, 2000               1.6.4                             6
+October 26, 2000              1.6.4                             6
 
 
diff --git a/sudo.man.in b/sudo.man.in
index fce1793ca..dfbf614d3 100644
--- a/sudo.man.in
+++ b/sudo.man.in
@@ -1,5 +1,5 @@
 .\" Automatically generated by Pod::Man version 1.04
-.\" Sun Aug 13 14:54:25 2000
+.\" Thu Oct 26 11:02:49 2000
 .\"
 .\" Standard preamble:
 .\" ======================================================================
@@ -138,7 +138,7 @@
 .\" ======================================================================
 .\"
 .IX Title "sudo @mansectsu@"
-.TH sudo @mansectsu@ "1.6.4" "August 13, 2000" "MAINTENANCE COMMANDS"
+.TH sudo @mansectsu@ "1.6.4" "October 26, 2000" "MAINTENANCE COMMANDS"
 .UC
 .SH "NAME"
 sudo \- execute a command as another user
@@ -146,6 +146,7 @@ sudo \- execute a command as another user
 .IX Header "SYNOPSIS"
 \&\fBsudo\fR \fB\-V\fR | \fB\-h\fR | \fB\-l\fR | \fB\-L\fR | \fB\-v\fR | \fB\-k\fR | \fB\-K\fR | \fB\-s\fR |
 [ \fB\-H\fR ] [\fB\-S\fR ] [ \fB\-b\fR ] | [ \fB\-p\fR \fIprompt\fR ] [ \fB\-c\fR \fIclass\fR|\fI-\fR ]
+[ \fB\-a\fR \fIauth_type\fR ]
 [ \fB\-u\fR \fIusername\fR|\fI#uid\fR ] \fIcommand\fR
 .SH "DESCRIPTION"
 .IX Header "DESCRIPTION"
@@ -202,7 +203,7 @@ The \fB\-h\fR (\fIhelp\fR) option causes \fBsudo\fR to print a usage message and
 .IX Item "-v"
 If given the \fB\-v\fR (\fIvalidate\fR) option, \fBsudo\fR will update the
 user's timestamp, prompting for the user's password if necessary.
-This extends the \fBsudo\fR timeout to for another \f(CW\*(C`@timeout@\*(C'\fR minutes
+This extends the \fBsudo\fR timeout for another \f(CW\*(C`@timeout@\*(C'\fR minutes
 (or whatever the timeout is set to in \fIsudoers\fR) but does not run
 a command.
 .Ip "\-k" 4
@@ -240,6 +241,15 @@ argument specifies an existing user class, the command must be run
 as root, or the \fBsudo\fR command must be run from a shell that is already
 root.  This option is only available on systems with \s-1BSD\s0 login classes
 where \fBsudo\fR has been configured with the \-\-with-logincap option.
+.Ip "\-a" 4
+.IX Item "-a"
+The \fB\-a\fR (\fIauthentication type\fR) option causes \fBsudo\fR to use the
+specified authentication type when validating the user, as allowed
+by /etc/login.conf.  The system administrator may specify a list
+of sudo-specific authentication methods by adding an \*(L"auth-sudo\*(R"
+entry in /etc/login.conf.  This option is only available on systems
+that support \s-1BSD\s0 authentication where \fBsudo\fR has been configured
+with the \-\-with-bsdauth option.
 .Ip "\-u" 4
 .IX Item "-u"
 The \fB\-u\fR (\fIuser\fR) option causes \fBsudo\fR to run the specified command
@@ -322,7 +332,7 @@ system startup files.
 Timestamps with a date greater than current_time + 2 * \f(CW\*(C`TIMEOUT\*(C'\fR
 will be ignored and sudo will log and complain.  This is done to
 keep a user from creating his/her own timestamp with a bogus
-date on system that allow users to give away files.
+date on systems that allow users to give away files.
 .SH "EXAMPLES"
 .IX Header "EXAMPLES"
 Note: the following examples assume suitable \fIsudoers\fR\|(@mansectform@) entries.
@@ -382,14 +392,15 @@ to make the \f(CW\*(C`cd\*(C'\fR and file redirection work.
 .Ve
 .SH "AUTHORS"
 .IX Header "AUTHORS"
-Many people have worked on \fBsudo\fR over the years, this
+Many people have worked on \fBsudo\fR over the years; this
 version consists of code written primarily by:
 .PP
 .Vb 2
 \&        Todd Miller
 \&        Chris Jepeway
 .Ve
-See the \s-1HISTORY\s0 file in the \fBsudo\fR distribution for a short history
+See the \s-1HISTORY\s0 file in the \fBsudo\fR distribution or visit
+http://www.courtesan.com/sudo/history.html for a short history
 of \fBsudo\fR.
 .SH "BUGS"
 .IX Header "BUGS"