From 5f06b19a6e601e07cc38c1dfb060a0310112d34d Mon Sep 17 00:00:00 2001 From: "Todd C. Miller" Date: Wed, 24 Nov 2004 21:31:51 +0000 Subject: [PATCH] Add -U option to use in conjunction with -l instead of -u. Add support for "sudo -l command" to test a specific command. --- parse.c | 38 +++++++++- sudo.c | 49 +++++++++---- sudo.cat | 204 ++++++++++++++++++++++++++-------------------------- sudo.h | 36 +++++----- sudo.man.in | 27 ++++--- sudo.pod | 24 +++++-- 6 files changed, 230 insertions(+), 148 deletions(-) diff --git a/parse.c b/parse.c index 2e055e4f7..c0ff6334e 100644 --- a/parse.c +++ b/parse.c @@ -135,7 +135,7 @@ sudoers_lookup(pwflag) } } } - if (matched == TRUE) { + if (matched == TRUE || user_uid == 0) { /* User has an entry for this host. */ CLR(validated, VALIDATE_NOT_OK); SET(validated, VALIDATE_OK); @@ -238,6 +238,42 @@ display_privs(pw) } } +/* + * Check user_cmnd against sudoers and print the matching entry if the + * command is allowed. + */ +int +display_cmnd(pw) + struct passwd *pw; +{ + struct cmndspec *cs; + struct member *match, *runas; + struct privilege *priv; + struct userspec *us; + + for (match = NULL, us = userspecs; us != NULL; us = us->next) { + if (user_matches(pw, us->user) != TRUE || + host_matches(us->privileges->hostlist) != TRUE) + continue; + + for (priv = us->privileges; priv != NULL; priv = priv->next) { + runas = NULL; + for (cs = priv->cmndlist; cs != NULL; cs = cs->next) { + if (cs->runaslist != NULL) + runas = cs->runaslist; + if (runas_matches(runas) == TRUE && + cmnd_matches(cs->cmnd) != UNSPEC) + match = cs->cmnd; + } + } + } + if (match == NULL || match->negated) + return(1); + printf("%s%s%s\n", safe_cmnd, user_args ? " " : "", + user_args ? user_args : ""); + return(0); +} + /* * Print the contents of a struct member to stdout */ diff --git a/sudo.c b/sudo.c index 53e0c3cf0..c878324c8 100644 --- a/sudo.c +++ b/sudo.c @@ -239,6 +239,9 @@ main(argc, argv, envp) user_cmnd = "list"; pwflag = I_LISTPW; break; + case MODE_CHECK: + pwflag = I_LISTPW; + break; } /* Must have a command to run... */ @@ -361,6 +364,8 @@ main(argc, argv, envp) log_auth(validated, 1); if (sudo_mode == MODE_VALIDATE) exit(0); + else if (sudo_mode == MODE_CHECK) + exit(display_cmnd(list_pw ? list_pw : sudo_user.pw)); else if (sudo_mode == MODE_LIST) { display_privs(list_pw ? list_pw : sudo_user.pw); #ifdef HAVE_LDAP @@ -548,7 +553,7 @@ init_vars(sudo_mode) /* It is now safe to use log_error() and set_perms() */ #ifdef HAVE_GETGROUPS - if ((user_ngroups = getgroups(0, NULL)) > 0) { + if (list_pw == NULL && (user_ngroups = getgroups(0, NULL)) > 0) { user_groups = emalloc2(user_ngroups, sizeof(gid_t)); if (getgroups(user_ngroups, user_groups) < 0) log_error(USE_ERRNO|MSG_ONLY, "can't get group vector"); @@ -618,8 +623,8 @@ set_cmnd(sudo_mode) /* Resolve the path and return. */ rval = FOUND; user_stat = emalloc(sizeof(struct stat)); - if (sudo_mode & (MODE_RUN | MODE_EDIT)) { - if (ISSET(sudo_mode, MODE_RUN)) { + if (sudo_mode & (MODE_RUN | MODE_EDIT | MODE_CHECK)) { + if (ISSET(sudo_mode, MODE_RUN | MODE_CHECK)) { set_perms(PERM_RUNAS); rval = find_path(NewArgv[0], &user_cmnd, user_stat, user_path); set_perms(PERM_ROOT); @@ -817,6 +822,15 @@ parse_args(argc, argv) case 'S': SET(tgetpass_flags, TGP_STDIN); break; + case 'U': + /* Must have an associated list user. */ + if (NewArgv[1] == NULL) + usage(1); + if ((list_pw = sudo_getpwnam(NewArgv[1])) == NULL) + errorx(1, "unknown user %s", NewArgv[1]); + NewArgc--; + NewArgv++; + break; case '-': NewArgc--; NewArgv++; @@ -833,19 +847,23 @@ parse_args(argc, argv) NewArgc--; NewArgv++; } + if (NewArgc > 0 && rval == MODE_LIST) + rval = MODE_CHECK; - if (user_runas != NULL) { - if (rval == MODE_LIST) { - if ((list_pw = sudo_getpwnam(*user_runas)) == NULL) - errorx(1, "unknown user %s", *user_runas); - user_runas = NULL; - } else if (!ISSET(rval, (MODE_EDIT|MODE_RUN))) { - warningx("the `-u' and '-%c' options may not be used together", excl); - usage(1); - } + if (user_runas != NULL && !ISSET(rval, (MODE_EDIT|MODE_RUN|MODE_CHECK))) { + if (excl != '\0') + warningx("the `-u' and '-%c' options may not be used together", + excl); + usage(1); + } + if (list_pw != NULL && rval != MODE_LIST && rval != MODE_CHECK) { + if (excl != '\0') + warningx("the `-U' and '-%c' options may not be used together", + excl); + usage(1); } if ((NewArgc == 0 && (rval & MODE_EDIT)) || - (NewArgc > 0 && !(rval & (MODE_RUN | MODE_EDIT)))) + (NewArgc > 0 && !(rval & (MODE_RUN | MODE_EDIT | MODE_CHECK)))) usage(1); return(rval); @@ -1126,7 +1144,10 @@ usage(exit_val) continue; *p = " file [...]"; } else { - fprintf(stderr, "usage: %s -K | -L | -V | -h | -k | -l | -v\n", + fprintf(stderr, "usage: %s -K | -L | -V | -h | -k | -v\n", + getprogname()); + fprintf(stderr, + "usage: %s [-U username] [-u username|#uid] -l [command]\n", getprogname()); } diff --git a/sudo.cat b/sudo.cat index 02d9d5b00..f9b56baf1 100644 --- a/sudo.cat +++ b/sudo.cat @@ -8,7 +8,9 @@ NNAAMMEE sudo, sudoedit - execute a command as another user SSYYNNOOPPSSIISS - ssuuddoo --KK | --LL | --VV | --hh | --kk | --ll | --vv + ssuuddoo --KK | --LL | --VV | --hh | --kk | --vv + + ssuuddoo [--UU _u_s_e_r_n_a_m_e] [--uu _u_s_e_r_n_a_m_e|_#_u_i_d] --ll [_c_o_m_m_a_n_d] ssuuddoo [--HHPPSSbb] [--aa _a_u_t_h___t_y_p_e] [--cc _c_l_a_s_s|_-] [--pp _p_r_o_m_p_t] [--uu _u_s_e_r_n_a_m_e|_#_u_i_d] {--ee file [...] | --ii | --ss | _c_o_m_m_a_n_d} @@ -56,12 +58,10 @@ DDEESSCCRRIIPPTTIIOONN mands through sudo even when a root shell has been invoked. It also allows the --ee flag to remain useful even when being run via a sudo-run script or program. Note - however, that the sudoers lookup is still done for root, - not the user specified by SUDO_USER. -1.6.9 November 11, 2004 1 +1.6.9 November 24, 2004 1 @@ -70,6 +70,9 @@ DDEESSCCRRIIPPTTIIOONN SUDO(1m) MAINTENANCE COMMANDS SUDO(1m) + however, that the sudoers lookup is still done for root, + not the user specified by SUDO_USER. + ssuuddoo can log both successful and unsuccessful attempts (as well as errors) to _s_y_s_l_o_g(3), a log file, or both. By default ssuuddoo will log via _s_y_s_l_o_g(3) but this is changeable @@ -104,6 +107,11 @@ OOPPTTIIOONNSS from the standard input instead of the terminal device. + -U The --UU (_o_t_h_e_r _u_s_e_r) option is used in conjunction with + the --ll option to specify the user whose privileges + should be listed. Only root or a user with ssuuddoo ALL + on the current host may use this option. + -V The --VV (_v_e_r_s_i_o_n) option causes ssuuddoo to print the ver­ sion number and exit. If the invoking user is already root the --VV option will print out a list of the @@ -116,25 +124,25 @@ OOPPTTIIOONNSS administrator may specify a list of sudo-specific authentication methods by adding an "auth-sudo" entry in /etc/login.conf. This option is only available on - systems that support BSD authentication where ssuuddoo has - been configured with the --with-bsdauth option. - -b The --bb (_b_a_c_k_g_r_o_u_n_d) option tells ssuuddoo to run the given - command in the background. Note that if you use the - --bb option you cannot use shell job control to manipu­ - late the process. +1.6.9 November 24, 2004 2 -1.6.9 November 11, 2004 2 +SUDO(1m) MAINTENANCE COMMANDS SUDO(1m) -SUDO(1m) MAINTENANCE COMMANDS SUDO(1m) + systems that support BSD authentication where ssuuddoo has + been configured with the --with-bsdauth option. + -b The --bb (_b_a_c_k_g_r_o_u_n_d) option tells ssuuddoo to run the given + command in the background. Note that if you use the + --bb option you cannot use shell job control to manipu­ + late the process. -c The --cc (_c_l_a_s_s) option causes ssuuddoo to run the specified command with resources limited by the specified login @@ -182,18 +190,10 @@ SUDO(1m) MAINTENANCE COMMANDS SUDO(1m) sage and exit. -i The --ii (_s_i_m_u_l_a_t_e _i_n_i_t_i_a_l _l_o_g_i_n) option runs the shell - specified in the passwd(4) entry of the user that the - command is being run as. The command name argument - given to the shell begins with a `-' to tell the shell - to run as a login shell. ssuuddoo attempts to change to - that user's home directory before running the shell. - It also initializes the environment, leaving _T_E_R_M - unchanged, setting _H_O_M_E, _S_H_E_L_L, _U_S_E_R, _L_O_G_N_A_M_E, and - _P_A_T_H, and unsetting all other environment variables. -1.6.9 November 11, 2004 3 +1.6.9 November 24, 2004 3 @@ -202,6 +202,15 @@ SUDO(1m) MAINTENANCE COMMANDS SUDO(1m) SUDO(1m) MAINTENANCE COMMANDS SUDO(1m) + specified in the passwd(4) entry of the user that the + command is being run as. The command name argument + given to the shell begins with a `-' to tell the shell + to run as a login shell. ssuuddoo attempts to change to + that user's home directory before running the shell. + It also initializes the environment, leaving _T_E_R_M + unchanged, setting _H_O_M_E, _S_H_E_L_L, _U_S_E_R, _L_O_G_N_A_M_E, and + _P_A_T_H, and unsetting all other environment variables. + -k The --kk (_k_i_l_l) option to ssuuddoo invalidates the user's timestamp by setting the time on it to the epoch. The next time ssuuddoo is run a password will be required. @@ -209,11 +218,15 @@ SUDO(1m) MAINTENANCE COMMANDS SUDO(1m) to allow a user to revoke ssuuddoo permissions from a .logout file. - -l The --ll (_l_i_s_t) option will list out the allowed (and - forbidden) commands for the user on the current host. - If the --uu flag is specified and the invoking user has - ssuuddoo ALL on the current host, the information listed - will be for the user specified by the --uu flag. + -l [_c_o_m_m_a_n_d] + If no _c_o_m_m_a_n_d is specified, the --ll (_l_i_s_t) option will + list the allowed (and forbidden) commands for the + invoking user (or the user specified by the --UU option) + on the current host. If a _c_o_m_m_a_n_d is specified and is + permitted by _s_u_d_o_e_r_s, the fully-qualified path to the + command is displayed along with any command line argu­ + ments. If _c_o_m_m_a_n_d is not allowed, ssuuddoo will exit with + a return value of 1. -p The --pp (_p_r_o_m_p_t) option allows you to override the default password prompt and use a custom one. The @@ -243,30 +256,30 @@ SUDO(1m) MAINTENANCE COMMANDS SUDO(1m) command as a user other than _r_o_o_t. To specify a _u_i_d instead of a _u_s_e_r_n_a_m_e, use _#_u_i_d. Note that if the _t_a_r_g_e_t_p_w Defaults option is set (see sudoers(4)) it is - not possible to run commands with a uid not listed in - the password database. - -v If given the --vv (_v_a_l_i_d_a_t_e) option, ssuuddoo will update - the user's timestamp, prompting for the user's pass­ - word if necessary. This extends the ssuuddoo timeout for - another 5 minutes (or whatever the timeout is set to - in _s_u_d_o_e_r_s) but does not run a command. - -- The ---- flag indicates that ssuuddoo should stop processing - command line arguments. It is most useful in conjunc­ - tion with the --ss flag. +1.6.9 November 24, 2004 4 -1.6.9 November 11, 2004 4 +SUDO(1m) MAINTENANCE COMMANDS SUDO(1m) + not possible to run commands with a uid not listed in + the password database. -SUDO(1m) MAINTENANCE COMMANDS SUDO(1m) + -v If given the --vv (_v_a_l_i_d_a_t_e) option, ssuuddoo will update + the user's timestamp, prompting for the user's pass­ + word if necessary. This extends the ssuuddoo timeout for + another 5 minutes (or whatever the timeout is set to + in _s_u_d_o_e_r_s) but does not run a command. + -- The ---- flag indicates that ssuuddoo should stop processing + command line arguments. It is most useful in conjunc­ + tion with the --ss flag. RREETTUURRNN VVAALLUUEESS Upon successful execution of a program, the return value @@ -309,6 +322,18 @@ SSEECCUURRIITTYY NNOOTTEESS as root. To prevent command spoofing, ssuuddoo checks "." and "" (both + + + +1.6.9 November 24, 2004 5 + + + + + +SUDO(1m) MAINTENANCE COMMANDS SUDO(1m) + + denoting current directory) last when searching for a com­ mand in the user's PATH (if one or both are in the PATH). Note, however, that the actual PATH environment variable @@ -322,18 +347,6 @@ SSEECCUURRIITTYY NNOOTTEESS cally. ssuuddoo will check the ownership of its timestamp directory - - - -1.6.9 November 11, 2004 5 - - - - - -SUDO(1m) MAINTENANCE COMMANDS SUDO(1m) - - (_/_v_a_r_/_r_u_n_/_s_u_d_o by default) and ignore the directory's con­ tents if it is not owned by root and only writable by root. On systems that allow non-root users to give away @@ -374,31 +387,32 @@ SUDO(1m) MAINTENANCE COMMANDS SUDO(1m) EENNVVIIRROONNMMEENNTT ssuuddoo utilizes the following environment variables: - EDITOR Default editor to use in -e (sudoedit) mode if - VISUAL is not set - HOME In -s or -H mode (or if sudo was configured with - the --enable-shell-sets-home option), set to - homedir of the target user - PATH Set to a sane value if sudo was configured with - the --with-secure-path option - SHELL Used to determine shell to run with -s option - SUDO_PROMPT Used as the default password prompt +1.6.9 November 24, 2004 6 -1.6.9 November 11, 2004 6 +SUDO(1m) MAINTENANCE COMMANDS SUDO(1m) + EDITOR Default editor to use in -e (sudoedit) mode if + VISUAL is not set + + HOME In -s or -H mode (or if sudo was configured with + the --enable-shell-sets-home option), set to + homedir of the target user + PATH Set to a sane value if sudo was configured with + the --with-secure-path option -SUDO(1m) MAINTENANCE COMMANDS SUDO(1m) + SHELL Used to determine shell to run with -s option + SUDO_PROMPT Used as the default password prompt SUDO_COMMAND Set to the command run by sudo @@ -441,6 +455,17 @@ EEXXAAMMPPLLEESS $ sudo shutdown -r +15 "quick reboot" + + +1.6.9 November 24, 2004 7 + + + + + +SUDO(1m) MAINTENANCE COMMANDS SUDO(1m) + + To make a usage listing of the directories in the /home partition. Note that this runs the commands in a sub- shell to make the cd and file redirection work. @@ -455,17 +480,6 @@ AAUUTTHHOORRSS Many people have worked on ssuuddoo over the years; this ver­ sion consists of code written primarily by: - - -1.6.9 November 11, 2004 7 - - - - - -SUDO(1m) MAINTENANCE COMMANDS SUDO(1m) - - Todd Miller Chris Jepeway @@ -505,25 +519,11 @@ BBUUGGSS If you feel you have found a bug in ssuuddoo, please submit a bug report at http://www.sudo.ws/sudo/bugs/ -SSUUPPPPOORRTT - Commercial support is available for ssuuddoo, see - http://www.sudo.ws/sudo/support.html for details. - - Limited free support is available via the sudo-users mail­ - ing list, see http://www.sudo.ws/mail­ - man/listinfo/sudo-users to subscribe or search the - archives. -DDIISSCCLLAAIIMMEERR - SSuuddoo is provided ``AS IS'' and any express or implied war­ - ranties, including, but not limited to, the implied war­ - ranties of merchantability and fitness for a particular - purpose are disclaimed. See the LICENSE file distributed - with ssuuddoo or http://www.sudo.ws/sudo/license.html for -1.6.9 November 11, 2004 8 +1.6.9 November 24, 2004 8 @@ -532,22 +532,22 @@ DDIISSCCLLAAIIMMEERR SUDO(1m) MAINTENANCE COMMANDS SUDO(1m) - complete details. - - - - - - - - - - - - - +SSUUPPPPOORRTT + Commercial support is available for ssuuddoo, see + http://www.sudo.ws/sudo/support.html for details. + Limited free support is available via the sudo-users mail­ + ing list, see http://www.sudo.ws/mail­ + man/listinfo/sudo-users to subscribe or search the + archives. +DDIISSCCLLAAIIMMEERR + SSuuddoo is provided ``AS IS'' and any express or implied war­ + ranties, including, but not limited to, the implied war­ + ranties of merchantability and fitness for a particular + purpose are disclaimed. See the LICENSE file distributed + with ssuuddoo or http://www.sudo.ws/sudo/license.html for com­ + plete details. @@ -589,6 +589,6 @@ SUDO(1m) MAINTENANCE COMMANDS SUDO(1m) -1.6.9 November 11, 2004 9 +1.6.9 November 24, 2004 9 diff --git a/sudo.h b/sudo.h index 6014f2439..4e2ed4395 100644 --- a/sudo.h +++ b/sudo.h @@ -83,23 +83,24 @@ struct sudo_user { #define NOT_FOUND_DOT -1 /* - * Various modes sudo can be in (based on arguments) in octal + * Various modes sudo can be in (based on arguments) in hex */ -#define MODE_RUN 000001 -#define MODE_VALIDATE 000002 -#define MODE_INVALIDATE 000004 -#define MODE_KILL 000010 -#define MODE_VERSION 000020 -#define MODE_HELP 000040 -#define MODE_LIST 000100 -#define MODE_LISTDEFS 000200 -#define MODE_BACKGROUND 000400 -#define MODE_SHELL 001000 -#define MODE_LOGIN_SHELL 002000 -#define MODE_IMPLIED_SHELL 004000 -#define MODE_RESET_HOME 010000 -#define MODE_PRESERVE_GROUPS 020000 -#define MODE_EDIT 040000 +#define MODE_RUN 0x0001 +#define MODE_EDIT 0x0002 +#define MODE_VALIDATE 0x0004 +#define MODE_INVALIDATE 0x0008 +#define MODE_KILL 0x0010 +#define MODE_VERSION 0x0020 +#define MODE_HELP 0x0040 +#define MODE_LIST 0x0080 +#define MODE_CHECK 0x0100 +#define MODE_LISTDEFS 0x0200 +#define MODE_BACKGROUND 0x0400 +#define MODE_SHELL 0x0800 +#define MODE_LOGIN_SHELL 0x1000 +#define MODE_IMPLIED_SHELL 0x2000 +#define MODE_RESET_HOME 0x4000 +#define MODE_PRESERVE_GROUPS 0x8000 /* * Used with set_perms() @@ -238,7 +239,8 @@ int pam_prep_user __P((struct passwd *)); void zero_bytes __P((volatile VOID *, size_t)); int gettime __P((struct timespec *)); FILE *open_sudoers __P((const char *, int *)); -void display_privs __P((struct passwd *)); +void display_privs __P((struct passwd *)); +int display_cmnd __P((struct passwd *)); void sudo_setpwent __P((void)); void sudo_endpwent __P((void)); void sudo_setgrent __P((void)); diff --git a/sudo.man.in b/sudo.man.in index a8b0f5a85..cf56018f3 100644 --- a/sudo.man.in +++ b/sudo.man.in @@ -149,12 +149,14 @@ .\" ======================================================================== .\" .IX Title "SUDO @mansectsu@" -.TH SUDO @mansectsu@ "November 11, 2004" "1.6.9" "MAINTENANCE COMMANDS" +.TH SUDO @mansectsu@ "November 24, 2004" "1.6.9" "MAINTENANCE COMMANDS" .SH "NAME" sudo, sudoedit \- execute a command as another user .SH "SYNOPSIS" .IX Header "SYNOPSIS" -\&\fBsudo\fR \fB\-K\fR | \fB\-L\fR | \fB\-V\fR | \fB\-h\fR | \fB\-k\fR | \fB\-l\fR | \fB\-v\fR +\&\fBsudo\fR \fB\-K\fR | \fB\-L\fR | \fB\-V\fR | \fB\-h\fR | \fB\-k\fR | \fB\-v\fR +.PP +\&\fBsudo\fR [\fB\-U\fR\ \fIusername\fR] [\fB\-u\fR\ \fIusername\fR|\fI#uid\fR] \fB\-l\fR [\fIcommand\fR] .PP \&\fBsudo\fR [\fB\-HPSb\fR] [\fB\-a\fR\ \fIauth_type\fR] [\fB\-c\fR\ \fIclass\fR|\fI\-\fR] [\fB\-p\fR\ \fIprompt\fR] [\fB\-u\fR\ \fIusername\fR|\fI#uid\fR] @@ -239,6 +241,12 @@ still set to match the target user. .IX Item "-S" The \fB\-S\fR (\fIstdin\fR) option causes \fBsudo\fR to read the password from the standard input instead of the terminal device. +.IP "\-U" 4 +.IX Item "-U" +The \fB\-U\fR (\fIother user\fR) option is used in conjunction with the \fB\-l\fR +option to specify the user whose privileges should be listed. Only +root or a user with \fBsudo\fR \f(CW\*(C`ALL\*(C'\fR on the current host may use this +option. .IP "\-V" 4 .IX Item "-V" The \fB\-V\fR (\fIversion\fR) option causes \fBsudo\fR to print the version @@ -320,12 +328,15 @@ by setting the time on it to the epoch. The next time \fBsudo\fR is run a password will be required. This option does not require a password and was added to allow a user to revoke \fBsudo\fR permissions from a .logout file. -.IP "\-l" 4 -.IX Item "-l" -The \fB\-l\fR (\fIlist\fR) option will list out the allowed (and forbidden) -commands for the user on the current host. If the \fB\-u\fR flag is -specified and the invoking user has \fBsudo\fR \f(CW\*(C`ALL\*(C'\fR on the current host, -the information listed will be for the user specified by the \fB\-u\fR flag. +.IP "\-l [\fIcommand\fR]" 4 +.IX Item "-l [command]" +If no \fIcommand\fR is specified, the \fB\-l\fR (\fIlist\fR) option will list +the allowed (and forbidden) commands for the invoking user (or the +user specified by the \fB\-U\fR option) on the current host. If a +\&\fIcommand\fR is specified and is permitted by \fIsudoers\fR, the +fully-qualified path to the command is displayed along with any +command line arguments. If \fIcommand\fR is not allowed, \fBsudo\fR will +exit with a return value of 1. .IP "\-p" 4 .IX Item "-p" The \fB\-p\fR (\fIprompt\fR) option allows you to override the default diff --git a/sudo.pod b/sudo.pod index 080c2a94c..576dcc4de 100644 --- a/sudo.pod +++ b/sudo.pod @@ -27,7 +27,9 @@ sudo, sudoedit - execute a command as another user =head1 SYNOPSIS -B B<-K> | B<-L> | B<-V> | B<-h> | B<-k> | B<-l> | B<-v> +B B<-K> | B<-L> | B<-V> | B<-h> | B<-k> | B<-v> + +B S<[B<-U> I]> S<[B<-u> I|I<#uid>]> B<-l> [I] B [B<-HPSb>] S<[B<-a> I]> S<[B<-c> I|I<->]> S<[B<-p> I]> S<[B<-u> I|I<#uid>]> @@ -122,6 +124,13 @@ still set to match the target user. The B<-S> (I) option causes B to read the password from the standard input instead of the terminal device. +=item -U + +The B<-U> (I) option is used in conjunction with the B<-l> +option to specify the user whose privileges should be listed. Only +root or a user with B C on the current host may use this +option. + =item -V The B<-V> (I) option causes B to print the version @@ -217,12 +226,15 @@ run a password will be required. This option does not require a password and was added to allow a user to revoke B permissions from a .logout file. -=item -l +=item -l [I] -The B<-l> (I) option will list out the allowed (and forbidden) -commands for the user on the current host. If the B<-u> flag is -specified and the invoking user has B C on the current host, -the information listed will be for the user specified by the B<-u> flag. +If no I is specified, the B<-l> (I) option will list +the allowed (and forbidden) commands for the invoking user (or the +user specified by the B<-U> option) on the current host. If a +I is specified and is permitted by I, the +fully-qualified path to the command is displayed along with any +command line arguments. If I is not allowed, B will +exit with a return value of 1. =item -p -- 2.40.0