From 5245392ea5d7453a1162012e53a59827634564de Mon Sep 17 00:00:00 2001 From: "Todd C. Miller" Date: Tue, 25 Jul 1995 01:15:15 +0000 Subject: [PATCH] pulled out stuff on the sudoers file format into a separate man page --- sudo.man | 134 ++++--------------------------------------------------- 1 file changed, 9 insertions(+), 125 deletions(-) diff --git a/sudo.man b/sudo.man index a635ff28c..dac8db0ca 100644 --- a/sudo.man +++ b/sudo.man @@ -39,129 +39,13 @@ The password prompt itself will also time out if the password is not entered with N minutes (again, this is defined at installation time and defaults to 5 minutes). .sp -The -.I sudoers -file is composed of an optional host alias section, an optional command -alias section and the user specification section. All command or host -aliases need to start with their respective keywords -(Host_Alias/User_Alias/Cmnd_Alias). -If there are multiple occurrences of a user, the union of the entries -will be used. -.nf - -user specification format: - user access_group [: access_group] ... - - access_group ::= host_type = [op]cmnd_type [,[op]cmnd_type] ... - host_type ::= a lower\-case host name OR a host alias. - cmnd_type ::= an command OR a command alias. - op ::= the logical '!' NOT operator. - -host alias section format: - Host_Alias HOSTALIAS = host\-list - - Host_Alias ::= a keyword. - HOSTALIAS ::= an upper\-case alias name. - host\-list ::= a comma separated list of hosts/addresses/networks. - -user alias section format: - User_Alias USERALIAS = user\-list - - User_Alias ::= a keyword. - USERALIAS ::= an upper\-case alias name. - user\-list ::= a comma separated list of users. - -command alias section format: - Cmnd_Alias CMNDALIAS = cmnd\-list - - Cmnd_Alias ::= a keyword. - CMNDALIAS ::= an upper\-case alias name. - cmnd\-list ::= a comma separated list commands. - -Text after a pound sign '#' is considered a comment. -Long lines can be newline escaped with the backslash '\\' character. -The reserved alias 'ALL' can be used for both {Host,User,Cmnd}_Alias'. - - DO NOT define an alias of 'ALL', it will NOT be used. - Note that 'ALL' implies the entire universe of hosts/users/commands. - You can subtract elements from the universe by using the syntax: - user host=ALL,!ALIAS1,!/etc/halt... - Note that the '!' notation only works in a user's command list. You - may not use it to subtract elements in a User_Alias, Host_Alias, or - Cmnd_Alias. -.fi -.SH EXAMPLES -.nf - # Host alias specification - Host_Alias HUB=houdini:\\ - REMOTE=merlin,kodiakthorn,spirit - Host_Alias SERVERS=houdini,merlin,kodiakthorn,spirit - Host_Alias CSNETS=128.138.243.0,128.138.204.0,\\ - 128.138.205.192 - - # User alias specification - User_Alias FULLTIME=millert,dowdy,mikef - User_Alias PARTTIME=juola,mccreary,tor - - # Command alias specification - Cmnd_Alias LPCS=/usr/etc/lpc,/usr/ucb/lprm - Cmnd_Alias SHELLS=/bin/sh,/bin/csh,/bin/tcsh,/bin/ksh - Cmnd_Alias SU=/bin/su - Cmnd_Alias MISC=/bin/rm,/bin/cat:\\ - SHUTDOWN=/etc/halt,/etc/shutdown - - # User specification - FULLTIME ALL=ALL - PARTTIME ALL=ALL,!SHELLS,!SU - britt REMOTE=SHUTDOWN:ALL=LPCS - nieusma SERVERS=SHUTDOWN,/etc/reboot:\\ - HUB=ALL,!SHELLS - jill houdini=/etc/shutdown,MISC - markm HUB=ALL,!MISC,!/etc/shutdown,!/etc/halt - davehieb merlin=ALL:SERVERS=/etc/halt:\\ - kodiakthorn=ALL - steve CSNETS=/usr/su_commands/ -.fi +If an unauthorized user executes sudo, mail will be sent from the user to +the local authorities (defined at installation time). .sp -The above -.I sudoers -file specification is composed of 4 host alias specifications, 2 user alias -specifications, 4 command alias specifications and 8 user specifications. Full -time staff (those in the FULLTIME alias) are allowed to execute any command on -any host. Part time staff (those in the PARTTIME alias) are allowed to execute -any command except for the group of SHELL and SU commands on any machine. -Britt is permitted to execute /etc/halt, /etc/shutdown, /usr/etc/lpc and -/usr/ucb/lprm on the REMOTE machines (merlin, kodiakthorn, and spirit). -Nieusma is allowed to run /etc/halt, /etc/shutdown, and /etc/halt on all -machines and all commands except for the group of SHELL commands on the HUB -machines. Jill is permitted to execute /etc/shutdown, /bin/rm, and /bin/cat -on houdini. Davehieb can execute any command on machines merlin and kodiakthorn -and can halt the SERVERS. Steve can run any command located in the directory -/usr/su_commands on all machines on the subnets listed in CSNETS (note that -the 128.138.192 net has a netmask of 255.255.255.192 which is why its -network number is 128.138.192.192. -.B sudo -will do a logical and of a machine's ip address(es) with its netmask to decide -whether that machine is on a given network). - -The -.I sudoers -file should -.B always -be edited by the -.B visudo -command which locks the file and does grammatical checking. It is -imperative that the -.I sudoers -be free of syntax errors since sudo will not run with a syntactically -incorrect sudoers file. .B sudo was designed to log via the 4.3 BSD syslog(3) facility but can log to a file instead if so desired (or to both syslog and a file). .sp -If an unauthorized user executes sudo, mail will be sent from the user to -the local authorities (defined at installation time). -.sp All preferences are defined at installation time and are derived from the options.h and pathnames.h include files as well as as well as the Makefile. @@ -228,12 +112,10 @@ one of the directories in your PATH is on a machine that is currently unreachable. .SH SECURITY NOTES .B sudo -tries to be safe when executing external commands. To this end -LD_*, SHLIB_PATH (HP\-UX only), LIBPATH (AIX only), and _RLD_* (Digital UNIX -only) environmental variables are removed from the environment passed on to -all commands executed. -.B sudo -also sets the IFS environmental variable to its default value (" \\t\\n"). +tries to be safe when executing external commands. To this end the +IFS, LD_*, SHLIB_PATH (HP\-UX only), LIBPATH (AIX only), and _RLD_* +(Digital UNIX only) environmental variables are removed from the +environment passed on to all commands executed. .sp To prevent command spoofing, .B sudo @@ -283,6 +165,7 @@ current_time + 2 * TIMEOUT. .fi .SH ENVIRONMENT VARIABLES .nf +PATH Set to a sane value if SECURE_PATH is set SUDO_COMMAND Set to the command run by sudo SUDO_USER Set to the login of the user who invoked sudo SUDO_UID Set to the uid of the user who invoked sudo @@ -305,7 +188,6 @@ See the HISTORY file in the sudo distribution for more details. Please send all bugs, comments, and changes to sudo\-bugs@cs.colorado.edu. .SH BUGS The \-l (list) option should expand Command Aliases. -a password. .SH DISCLAIMER This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of @@ -320,4 +202,6 @@ There is no easy way to prevent a user from gaining a root shell if that user has access to commands that are shell scripts or that allow shell escapes. .SH SEE ALSO +.BR sudoers (5), +.BR visudo (8), .BR su (1) -- 2.40.0