From: Todd C. Miller <Todd.Miller@courtesan.com>
Date: Wed, 13 Oct 1999 04:18:41 +0000 (+0000)
Subject: Remove -r realm option
X-Git-Tag: SUDO_1_6_0~32
X-Git-Url: https://granicus.if.org/sourcecode?a=commitdiff_plain;h=ea90bc54b46275d4382fa165a7c0a3ea620af62c;p=sudo

Remove -r realm option
---

diff --git a/sudo.cat b/sudo.cat
index 639a88cf8..6a71a9054 100644
--- a/sudo.cat
+++ b/sudo.cat
@@ -9,7 +9,7 @@ NNNNAAAAMMMMEEEE
 
 SSSSYYYYNNNNOOOOPPPPSSSSIIIISSSS
        ssssuuuuddddoooo ----VVVV | ----hhhh | ----llll | ----LLLL | ----vvvv | ----kkkk | ----KKKK | ----ssss | ----HHHH | [ ----bbbb ] |
-       [ ----rrrr realm ] | [ ----pppp prompt ] [ ----uuuu username/#uid] _c_o_m_m_a_n_d
+       [ ----pppp prompt ] [ ----uuuu username/#uid] _c_o_m_m_a_n_d
 
 DDDDEEEESSSSCCCCRRRRIIIIPPPPTTTTIIIIOOOONNNN
        ssssuuuuddddoooo allows a permitted user to execute a _c_o_m_m_a_n_d as the
@@ -61,7 +61,7 @@ OOOOPPPPTTTTIIIIOOOONNNNSSSS
 
 
 
-11/Oct/1999                    1.6                              1
+12/Oct/1999                    1.6                              1
 
 
 
@@ -91,12 +91,6 @@ SUDO(8)                MAINTENANCE COMMANDS               SUDO(8)
            -b option you cannot use shell job control to
            manipulate the command.
 
-       -r  The -r (_r_e_a_l_m) option is only available if ssssuuuuddddoooo was
-           configured with KKKKeeeerrrrbbbbeeeerrrroooossss version 5 support.  It allows
-           the user to specify a KKKKeeeerrrrbbbbeeeerrrroooossss realm other than the
-           system default to use when authenticating the user via
-           KKKKeeeerrrrbbbbeeeerrrroooossss.
-
        -p  The -p (_p_r_o_m_p_t) option allows you to override the
            default password prompt and use a custom one.  If the
            password prompt contains the %u escape, %u will be
@@ -124,10 +118,16 @@ RRRREEEETTTTUUUURRRRNNNN VVVVAAAALLLLUUUUEEEES
        ssssuuuuddddoooo quits with an exit value of 1 if there is a
        configuration/permission problem or if ssssuuuuddddoooo cannot execute
        the given command.  In the latter case the error string is
+       printed to stderr.  If ssssuuuuddddoooo cannot _s_t_a_t(2) one or more
+       entries in the user's PATH an error is printed on stderr.
+       (If the directory does not exist or if it is not really a
+       directory, the entry is ignored and no error is printed.)
+       This should not happen under normal circumstances.  The
+       most common reason for _s_t_a_t(2) to return "permission
 
 
 
-11/Oct/1999                    1.6                              2
+12/Oct/1999                    1.6                              2
 
 
 
@@ -136,12 +136,6 @@ RRRREEEETTTTUUUURRRRNNNN VVVVAAAALLLLUUUUEEEES
 SUDO(8)                MAINTENANCE COMMANDS               SUDO(8)
 
 
-       printed to stderr.  If ssssuuuuddddoooo cannot _s_t_a_t(2) one or more
-       entries in the user's PATH an error is printed on stderr.
-       (If the directory does not exist or if it is not really a
-       directory, the entry is ignored and no error is printed.)
-       This should not happen under normal circumstances.  The
-       most common reason for _s_t_a_t(2) to return "permission
        denied" is if you are running an automounter and one of
        the directories in your PATH is on a machine that is
        currently unreachable.
@@ -190,10 +184,16 @@ SSSSEEEECCCCUUUURRRRIIIITTTTYYYY NNNNOOOOTTTTE
        (root) and permissions (0700) in the system startup files.
 
        ssssuuuuddddoooo will not honor timestamps set far in the future.
+       Timestamps with a date greater than current_time + 2 *
+       TIMEOUT will be ignored and sudo will log and complain.
+       This is done to keep a user from creating his/her own
+       timestamp with a bogus date on system that allow users to
+       give away files.
 
 
 
-11/Oct/1999                    1.6                              3
+
+12/Oct/1999                    1.6                              3
 
 
 
@@ -202,12 +202,6 @@ SSSSEEEECCCCUUUURRRRIIIITTTTYYYY NNNNOOOOTTTTE
 SUDO(8)                MAINTENANCE COMMANDS               SUDO(8)
 
 
-       Timestamps with a date greater than current_time + 2 *
-       TIMEOUT will be ignored and sudo will log and complain.
-       This is done to keep a user from creating his/her own
-       timestamp with a bogus date on system that allow users to
-       give away files.
-
 EEEEXXXXAAAAMMMMPPPPLLLLEEEESSSS
        Note: the following examples assume suitable _s_u_d_o_e_r_s(5)
        entries.
@@ -255,24 +249,24 @@ EEEENNNNVVVVIIIIRRRROOOONNNNMMMMEEEENNNNTTTT
         SUDO_PS1               If set, PS1 will be set to its value
 
 
+FFFFIIIILLLLEEEESSSS
+        /etc/sudoers           List of who can run what
+        /var/run/sudo          Directory containing timestamps
 
+       ssssuuuuddddoooo utilizes the following environment variables:
 
 
 
-11/Oct/1999                    1.6                              4
 
 
+12/Oct/1999                    1.6                              4
 
 
 
-SUDO(8)                MAINTENANCE COMMANDS               SUDO(8)
 
 
-FFFFIIIILLLLEEEESSSS
-        /etc/sudoers           List of who can run what
-        /var/run/sudo          Directory containing timestamps
+SUDO(8)                MAINTENANCE COMMANDS               SUDO(8)
 
-       ssssuuuuddddoooo utilizes the following environment variables:
 
         PATH                   Set to a sane value if SECURE_PATH is set
         SHELL                  Used to determine shell to run with -s option
@@ -322,10 +316,16 @@ CCCCAAAAVVVVEEEEAAAATTTTSSSS
        shell if that user has access to commands allowing shell
        escapes.
 
+       If users have sudo ALL there is nothing to prevent them
+       from creating their own program that gives them a root
+       shell regardless of any '!'  elements in the user
+       specification.
+
+       Running shell scripts via ssssuuuuddddoooo can expose the same kernel
 
 
 
-11/Oct/1999                    1.6                              5
+12/Oct/1999                    1.6                              5
 
 
 
@@ -334,12 +334,6 @@ CCCCAAAAVVVVEEEEAAAATTTTSSSS
 SUDO(8)                MAINTENANCE COMMANDS               SUDO(8)
 
 
-       If users have sudo ALL there is nothing to prevent them
-       from creating their own program that gives them a root
-       shell regardless of any '!'  elements in the user
-       specification.
-
-       Running shell scripts via ssssuuuuddddoooo can expose the same kernel
        bugs that make setuid shell scripts unsafe on some
        operating systems (if your OS supports the /dev/fd/
        directory, setuid shell scripts are generally safe).
@@ -391,6 +385,12 @@ SSSSEEEEEEEE AAAALLLLSSSSOOOO
 
 
 
-11/Oct/1999                    1.6                              6
+
+
+
+
+
+
+12/Oct/1999                    1.6                              6
 
 
diff --git a/sudo.html b/sudo.html
index cd9001e0f..9dd320cf8 100644
--- a/sudo.html
+++ b/sudo.html
@@ -39,7 +39,7 @@ sudo - execute a command as another user
 <HR>
 <H1><A NAME="SYNOPSIS">SYNOPSIS</A></H1>
 <P>
-<STRONG>sudo</STRONG>  <STRONG>-V</STRONG> | <STRONG>-h</STRONG> | <STRONG>-l</STRONG> | <STRONG>-L</STRONG> | <STRONG>-v</STRONG> | <STRONG>-k</STRONG> | <STRONG>-K</STRONG> | <STRONG>-s</STRONG> | <STRONG>-H</STRONG> | [ <STRONG>-b</STRONG> ] | [ <STRONG>-r</STRONG> realm ] | [ <STRONG>-p</STRONG> prompt ] [ <STRONG>-u</STRONG> username/#uid] <EM>command</EM>
+<STRONG>sudo</STRONG>  <STRONG>-V</STRONG> | <STRONG>-h</STRONG> | <STRONG>-l</STRONG> | <STRONG>-L</STRONG> | <STRONG>-v</STRONG> | <STRONG>-k</STRONG> | <STRONG>-K</STRONG> | <STRONG>-s</STRONG> | <STRONG>-H</STRONG> | [ <STRONG>-b</STRONG> ] | [ <STRONG>-p</STRONG> prompt ] [ <STRONG>-u</STRONG> username/#uid] <EM>command</EM>
 
 
 
@@ -117,11 +117,6 @@ password.
 The <CODE>-b</CODE> (<EM>background</EM>) option tells <STRONG>sudo</STRONG> to run the given command in the background. Note that if you use the <CODE>-b</CODE>
 option you cannot use shell job control to manipulate the command.
 
-<DT><STRONG><A NAME="item__r">-r</A></STRONG><DD>
-<P>
-The <CODE>-r</CODE> (<EM>realm</EM>) option is only available if <STRONG>sudo</STRONG> was configured with <STRONG>Kerberos</STRONG> version 5 support. It allows the user to specify a
-<STRONG>Kerberos</STRONG> realm other than the system default to use when authenticating the user via <STRONG>Kerberos</STRONG>.
-
 <DT><STRONG><A NAME="item__p">-p</A></STRONG><DD>
 <P>
 The <CODE>-p</CODE> (<EM>prompt</EM>) option allows you to override the default password prompt and use a
diff --git a/sudo.man b/sudo.man
index d6ca9bd12..617085c0c 100644
--- a/sudo.man
+++ b/sudo.man
@@ -2,8 +2,8 @@
 ''' $RCSfile$$Revision$$Date$
 '''
 ''' $Log$
-''' Revision 1.37  1999/10/12 00:05:39  millert
-''' document -L flag
+''' Revision 1.38  1999/10/13 04:18:40  millert
+''' Remove -r realm option
 '''
 '''
 .de Sh
@@ -96,7 +96,7 @@
 .nr % 0
 .rr F
 .\}
-.TH SUDO 8 "1.6" "11/Oct/1999" "MAINTENANCE COMMANDS"
+.TH SUDO 8 "1.6" "12/Oct/1999" "MAINTENANCE COMMANDS"
 .UC
 .if n .hy 0
 .if n .na
@@ -194,7 +194,7 @@
 sudo \- execute a command as another user
 .SH "SYNOPSIS"
 \fBsudo\fR \fB\-V\fR | \fB\-h\fR | \fB\-l\fR | \fB\-L\fR | \fB\-v\fR | \fB\-k\fR | \fB\-K\fR | \fB\-s\fR | \fB\-H\fR |
-[ \fB\-b\fR ] | [ \fB\-r\fR realm ] | [ \fB\-p\fR prompt ] [ \fB\-u\fR username/#uid] \fIcommand\fR
+[ \fB\-b\fR ] | [ \fB\-p\fR prompt ] [ \fB\-u\fR username/#uid] \fIcommand\fR
 .SH "DESCRIPTION"
 \fBsudo\fR allows a permitted user to execute a \fIcommand\fR as the
 superuser or another user, as specified in the sudoers file.  The
@@ -252,11 +252,6 @@ entirely.  This option does not require a password.
 The \f(CW-b\fR (\fIbackground\fR) option tells \fBsudo\fR to run the given
 command in the background.  Note that if you use the \f(CW-b\fR
 option you cannot use shell job control to manipulate the command.
-.Ip "-r" 4
-The \f(CW-r\fR (\fIrealm\fR) option is only available if \fBsudo\fR was configured
-with \fBKerberos\fR version 5 support.  It allows the user to specify a
-\fBKerberos\fR realm other than the system default to use when authenticating
-the user via \fBKerberos\fR.
 .Ip "-p" 4
 The \f(CW-p\fR (\fIprompt\fR) option allows you to override the default
 password prompt and use a custom one.  If the password prompt
@@ -475,8 +470,6 @@ are generally safe).
 
 .IX Item "-b"
 
-.IX Item "-r"
-
 .IX Item "-p"
 
 .IX Item "-u"
diff --git a/sudo.pod b/sudo.pod
index c0f4708e1..97afb5187 100644
--- a/sudo.pod
+++ b/sudo.pod
@@ -42,7 +42,7 @@ sudo - execute a command as another user
 =head1 SYNOPSIS
 
 B<sudo> B<-V> | B<-h> | B<-l> | B<-L> | B<-v> | B<-k> | B<-K> | B<-s> | B<-H> |
-[ B<-b> ] | [ B<-r> realm ] | [ B<-p> prompt ] [ B<-u> username/#uid] I<command>
+[ B<-b> ] | [ B<-p> prompt ] [ B<-u> username/#uid] I<command>
 
 =head1 DESCRIPTION
 
@@ -123,13 +123,6 @@ The C<-b> (I<background>) option tells B<sudo> to run the given
 command in the background.  Note that if you use the C<-b>
 option you cannot use shell job control to manipulate the command.
 
-=item -r
-
-The C<-r> (I<realm>) option is only available if B<sudo> was configured
-with B<Kerberos> version 5 support.  It allows the user to specify a
-B<Kerberos> realm other than the system default to use when authenticating
-the user via B<Kerberos>.
-
 =item -p
 
 The C<-p> (I<prompt>) option allows you to override the default