From f31f58a9674553275d41767a708dd7b286386759 Mon Sep 17 00:00:00 2001 From: "Todd C. Miller" Date: Thu, 12 Jul 2012 15:16:04 -0400 Subject: [PATCH] Minor cosmetic fixes. --- doc/sudo.cat | 58 ++++++++++++++++++++++++------------------------- doc/sudo.man.in | 54 ++++++++++++++++++++++----------------------- doc/sudo.pod | 52 ++++++++++++++++++++++---------------------- 3 files changed, 82 insertions(+), 82 deletions(-) diff --git a/doc/sudo.cat b/doc/sudo.cat index c137a4b61..60cd02a9b 100644 --- a/doc/sudo.cat +++ b/doc/sudo.cat @@ -215,7 +215,7 @@ OOPPTTIIOONNSS -n The --nn (_n_o_n_-_i_n_t_e_r_a_c_t_i_v_e) option prevents ssuuddoo from prompting the user for a password. If a password is required for the command to run, ssuuddoo will display an error - messages and exit. + message and exit. -P The --PP (_p_r_e_s_e_r_v_e _g_r_o_u_p _v_e_c_t_o_r) option causes ssuuddoo to preserve the invoking user's group vector unaltered. By @@ -239,7 +239,7 @@ OOPPTTIIOONNSS _r_u_n_a_s_p_w flags in _s_u_d_o_e_r_s(4)) %U expanded to the login name of the user the command will - be run as (defaults to root unless the -u option is + be run as (defaults to root unless the --uu option is also specified) %u expanded to the invoking user's login name @@ -292,15 +292,15 @@ OOPPTTIIOONNSS string and the version string of the security policy plugin and any I/O plugins. If the invoking user is already root the --VV option will display the arguments passed to - configure when _s_u_d_o was built and plugins may display more + configure when ssuuddoo was built and plugins may display more verbose information such as default options. -v When given the --vv (_v_a_l_i_d_a_t_e) option, ssuuddoo will update the user's cached credentials, authenticating the user's password if necessary. For the _s_u_d_o_e_r_s plugin, this extends the ssuuddoo timeout for another 5 minutes (or whatever - the timeout is set to in _s_u_d_o_e_r_s) but does not run a - command. Not all security policies support cached + the timeout is set to by the security policy) but does not + run a command. Not all security policies support cached credentials. -- The ---- option indicates that ssuuddoo should stop processing @@ -388,8 +388,8 @@ DDEEBBUUGG FFLLAAGGSS program to debug (ssuuddoo, vviissuuddoo, ssuuddoorreeppllaayy), the debug file name and a comma-separated list of debug flags. The debug flag syntax used by ssuuddoo and the _s_u_d_o_e_r_s plugin is _s_u_b_s_y_s_t_e_m@_p_r_i_o_r_i_t_y but the plugin is - free to use a different format so long as it does not include a command - ,. + free to use a different format so long as it does not include a comma + (`,'). For instance: @@ -437,7 +437,7 @@ DDEEBBUUGG FFLLAAGGSS _u_t_m_p utmp handling -RREETTUURRNN VVAALLUUEESS +EEXXIITT VVAALLUUEE Upon successful execution of a program, the exit status from ssuuddoo will simply be the exit status of the program that was executed. @@ -492,44 +492,44 @@ EENNVVIIRROONNMMEENNTT has control over the content of the command's environment. EDITOR Default editor to use in --ee (sudoedit) mode if neither - SUDO_EDITOR nor VISUAL is set + SUDO_EDITOR nor VISUAL is set. MAIL In --ii mode or when _e_n_v___r_e_s_e_t is enabled in _s_u_d_o_e_r_s, set - to the mail spool of the target user + to the mail spool of the target user. HOME Set to the home directory of the target user if --ii or --HH are specified, _e_n_v___r_e_s_e_t or _a_l_w_a_y_s___s_e_t___h_o_m_e are set in _s_u_d_o_e_r_s, or when the --ss option is specified and - _s_e_t___h_o_m_e is set in _s_u_d_o_e_r_s + _s_e_t___h_o_m_e is set in _s_u_d_o_e_r_s. PATH May be overridden by the security policy. - SHELL Used to determine shell to run with -s option + SHELL Used to determine shell to run with --ss option. SUDO_ASKPASS Specifies the path to a helper program used to read the - password if no terminal is available or if the -A + password if no terminal is available or if the --AA option is specified. - SUDO_COMMAND Set to the command run by sudo + SUDO_COMMAND Set to the command run by sudo. - SUDO_EDITOR Default editor to use in --ee (sudoedit) mode + SUDO_EDITOR Default editor to use in --ee (sudoedit) mode. - SUDO_GID Set to the group ID of the user who invoked sudo + SUDO_GID Set to the group ID of the user who invoked sudo. - SUDO_PROMPT Used as the default password prompt + SUDO_PROMPT Used as the default password prompt. SUDO_PS1 If set, PS1 will be set to its value for the program - being run + being run. - SUDO_UID Set to the user ID of the user who invoked sudo + SUDO_UID Set to the user ID of the user who invoked sudo. - SUDO_USER Set to the login of the user who invoked sudo + SUDO_USER Set to the login name of the user who invoked sudo. USER Set to the target user (root unless the --uu option is - specified) + specified). VISUAL Default editor to use in --ee (sudoedit) mode if - SUDO_EDITOR is not set + SUDO_EDITOR is not set. FFIILLEESS _/_e_t_c_/_s_u_d_o_._c_o_n_f ssuuddoo front end configuration @@ -573,6 +573,10 @@ SSEEEE AALLSSOO _g_r_e_p(1), _s_u(1), _s_t_a_t(2), _l_o_g_i_n___c_a_p(3), _p_a_s_s_w_d(4), _s_u_d_o_e_r_s(4), _s_u_d_o___p_l_u_g_i_n(1m), _s_u_d_o_r_e_p_l_a_y(1m), _v_i_s_u_d_o(1m) +HHIISSTTOORRYY + See the HISTORY file in the ssuuddoo distribution + (http://www.sudo.ws/sudo/history.html) for a brief history of sudo. + AAUUTTHHOORRSS Many people have worked on ssuuddoo over the years; this version consists of code written primarily by: @@ -580,12 +584,8 @@ AAUUTTHHOORRSS Todd C. Miller See the CONTRIBUTORS file in the ssuuddoo distribution - (http://www.sudo.ws/sudo/contributors.html) for a list of people who - have contributed to ssuuddoo. - -HHIISSTTOORRYY - See the HISTORY file in the ssuuddoo distribution - (http://www.sudo.ws/sudo/history.html) for a brief history of sudo. + (http://www.sudo.ws/sudo/contributors.html) for an exhaustive list of + people who have contributed to ssuuddoo. CCAAVVEEAATTSS There is no easy way to prevent a user from gaining a root shell if @@ -624,4 +624,4 @@ DDIISSCCLLAAIIMMEERR -1.8.6 June 29, 2012 SUDO(1m) +1.8.6 July 12, 2012 SUDO(1m) diff --git a/doc/sudo.man.in b/doc/sudo.man.in index e5c61c1da..bde062c22 100644 --- a/doc/sudo.man.in +++ b/doc/sudo.man.in @@ -149,7 +149,7 @@ .\" ======================================================================== .\" .IX Title "SUDO @mansectsu@" -.TH SUDO @mansectsu@ "June 29, 2012" "1.8.6" "MAINTENANCE COMMANDS" +.TH SUDO @mansectsu@ "July 12, 2012" "1.8.6" "MAINTENANCE COMMANDS" .\" For nroff, turn off justification. Always turn off hyphenation; it makes .\" way too many mistakes in technical documents. .if n .ad l @@ -393,7 +393,7 @@ specified multiple times, a longer list format is used. .IX Item "-n" The \fB\-n\fR (\fInon-interactive\fR) option prevents \fBsudo\fR from prompting the user for a password. If a password is required for the command -to run, \fBsudo\fR will display an error messages and exit. +to run, \fBsudo\fR will display an error message and exit. .IP "\-P" 12 .IX Item "-P" The \fB\-P\fR (\fIpreserve\fR \fIgroup vector\fR) option causes \fBsudo\fR to @@ -427,7 +427,7 @@ expanded to the name of the user whose password is being requested .el .IP "\f(CW%U\fR" 4 .IX Item "%U" expanded to the login name of the user the command will be run as -(defaults to root unless the \f(CW\*(C`\-u\*(C'\fR option is also specified) +(defaults to root unless the \fB\-u\fR option is also specified) .ie n .IP "%u" 4 .el .IP "\f(CW%u\fR" 4 .IX Item "%u" @@ -490,7 +490,7 @@ not set. Other security policies may not support this. The \fB\-V\fR (\fIversion\fR) option causes \fBsudo\fR to print its version string and the version string of the security policy plugin and any I/O plugins. If the invoking user is already root the \fB\-V\fR option -will display the arguments passed to configure when \fIsudo\fR was +will display the arguments passed to configure when \fBsudo\fR was built and plugins may display more verbose information such as default options. .IP "\-v" 12 @@ -499,7 +499,7 @@ When given the \fB\-v\fR (\fIvalidate\fR) option, \fBsudo\fR will update the user's cached credentials, authenticating the user's password if necessary. For the \fIsudoers\fR plugin, this extends the \fBsudo\fR timeout for another \f(CW\*(C`@timeout@\*(C'\fR minutes (or whatever the timeout -is set to in \fIsudoers\fR) but does not run a command. Not all +is set to by the security policy) but does not run a command. Not all security policies support cached credentials. .IP "\-\-" 12 The \fB\-\-\fR option indicates that \fBsudo\fR should stop processing command @@ -592,7 +592,7 @@ name of the program to debug (\fBsudo\fR, \fBvisudo\fR, \fBsudoreplay\fR), the debug file name and a comma-separated list of debug flags. The debug flag syntax used by \fBsudo\fR and the \fIsudoers\fR plugin is \&\fIsubsystem\fR@\fIpriority\fR but the plugin is free to use a different -format so long as it does not include a command \f(CW\*(C`,\*(C'\fR. +format so long as it does not include a comma (`\f(CW\*(C`,\*(C'\fR'). .PP For instance: .PP @@ -655,8 +655,8 @@ utility functions .IP "\fIutmp\fR" 10 .IX Item "utmp" utmp handling -.SH "RETURN VALUES" -.IX Header "RETURN VALUES" +.SH "EXIT VALUE" +.IX Header "EXIT VALUE" Upon successful execution of a program, the exit status from \fBsudo\fR will simply be the exit status of the program that was executed. .PP @@ -716,19 +716,19 @@ policy has control over the content of the command's environment. .el .IP "\f(CW\*(C`EDITOR\*(C'\fR" 16 .IX Item "EDITOR" Default editor to use in \fB\-e\fR (sudoedit) mode if neither \f(CW\*(C`SUDO_EDITOR\*(C'\fR -nor \f(CW\*(C`VISUAL\*(C'\fR is set +nor \f(CW\*(C`VISUAL\*(C'\fR is set. .ie n .IP "\*(C`MAIL\*(C'" 16 .el .IP "\f(CW\*(C`MAIL\*(C'\fR" 16 .IX Item "MAIL" In \fB\-i\fR mode or when \fIenv_reset\fR is enabled in \fIsudoers\fR, set -to the mail spool of the target user +to the mail spool of the target user. .ie n .IP "\*(C`HOME\*(C'" 16 .el .IP "\f(CW\*(C`HOME\*(C'\fR" 16 .IX Item "HOME" Set to the home directory of the target user if \fB\-i\fR or \fB\-H\fR are specified, \fIenv_reset\fR or \fIalways_set_home\fR are set in \fIsudoers\fR, or when the \fB\-s\fR option is specified and \fIset_home\fR is set in -\&\fIsudoers\fR +\&\fIsudoers\fR. .ie n .IP "\*(C`PATH\*(C'" 16 .el .IP "\f(CW\*(C`PATH\*(C'\fR" 16 .IX Item "PATH" @@ -736,49 +736,49 @@ May be overridden by the security policy. .ie n .IP "\*(C`SHELL\*(C'" 16 .el .IP "\f(CW\*(C`SHELL\*(C'\fR" 16 .IX Item "SHELL" -Used to determine shell to run with \f(CW\*(C`\-s\*(C'\fR option +Used to determine shell to run with \fB\-s\fR option. .ie n .IP "\*(C`SUDO_ASKPASS\*(C'" 16 .el .IP "\f(CW\*(C`SUDO_ASKPASS\*(C'\fR" 16 .IX Item "SUDO_ASKPASS" Specifies the path to a helper program used to read the password -if no terminal is available or if the \f(CW\*(C`\-A\*(C'\fR option is specified. +if no terminal is available or if the \fB\-A\fR option is specified. .ie n .IP "\*(C`SUDO_COMMAND\*(C'" 16 .el .IP "\f(CW\*(C`SUDO_COMMAND\*(C'\fR" 16 .IX Item "SUDO_COMMAND" -Set to the command run by sudo +Set to the command run by sudo. .ie n .IP "\*(C`SUDO_EDITOR\*(C'" 16 .el .IP "\f(CW\*(C`SUDO_EDITOR\*(C'\fR" 16 .IX Item "SUDO_EDITOR" -Default editor to use in \fB\-e\fR (sudoedit) mode +Default editor to use in \fB\-e\fR (sudoedit) mode. .ie n .IP "\*(C`SUDO_GID\*(C'" 16 .el .IP "\f(CW\*(C`SUDO_GID\*(C'\fR" 16 .IX Item "SUDO_GID" -Set to the group \s-1ID\s0 of the user who invoked sudo +Set to the group \s-1ID\s0 of the user who invoked sudo. .ie n .IP "\*(C`SUDO_PROMPT\*(C'" 16 .el .IP "\f(CW\*(C`SUDO_PROMPT\*(C'\fR" 16 .IX Item "SUDO_PROMPT" -Used as the default password prompt +Used as the default password prompt. .ie n .IP "\*(C`SUDO_PS1\*(C'" 16 .el .IP "\f(CW\*(C`SUDO_PS1\*(C'\fR" 16 .IX Item "SUDO_PS1" -If set, \f(CW\*(C`PS1\*(C'\fR will be set to its value for the program being run +If set, \f(CW\*(C`PS1\*(C'\fR will be set to its value for the program being run. .ie n .IP "\*(C`SUDO_UID\*(C'" 16 .el .IP "\f(CW\*(C`SUDO_UID\*(C'\fR" 16 .IX Item "SUDO_UID" -Set to the user \s-1ID\s0 of the user who invoked sudo +Set to the user \s-1ID\s0 of the user who invoked sudo. .ie n .IP "\*(C`SUDO_USER\*(C'" 16 .el .IP "\f(CW\*(C`SUDO_USER\*(C'\fR" 16 .IX Item "SUDO_USER" -Set to the login of the user who invoked sudo +Set to the login name of the user who invoked sudo. .ie n .IP "\*(C`USER\*(C'" 16 .el .IP "\f(CW\*(C`USER\*(C'\fR" 16 .IX Item "USER" -Set to the target user (root unless the \fB\-u\fR option is specified) +Set to the target user (root unless the \fB\-u\fR option is specified). .ie n .IP "\*(C`VISUAL\*(C'" 16 .el .IP "\f(CW\*(C`VISUAL\*(C'\fR" 16 .IX Item "VISUAL" Default editor to use in \fB\-e\fR (sudoedit) mode if \f(CW\*(C`SUDO_EDITOR\*(C'\fR -is not set +is not set. .SH "FILES" .IX Header "FILES" .ie n .IP "\fI@sysconfdir@/sudo.conf\fR" 24 @@ -838,6 +838,10 @@ to make the \f(CW\*(C`cd\*(C'\fR and file redirection work. \&\fIgrep\fR\|(1), \fIsu\fR\|(1), \fIstat\fR\|(2), .if \n(LC \&\fIlogin_cap\fR\|(3), \&\fIpasswd\fR\|(@mansectform@), \fIsudoers\fR\|(@mansectform@), \fIsudo_plugin\fR\|(@mansectsu@), \fIsudoreplay\fR\|(@mansectsu@), \fIvisudo\fR\|(@mansectsu@) +.SH "HISTORY" +.IX Header "HISTORY" +See the \s-1HISTORY\s0 file in the \fBsudo\fR distribution +(http://www.sudo.ws/sudo/history.html) for a brief history of sudo. .SH "AUTHORS" .IX Header "AUTHORS" Many people have worked on \fBsudo\fR over the years; this @@ -848,12 +852,8 @@ version consists of code written primarily by: .Ve .PP See the \s-1CONTRIBUTORS\s0 file in the \fBsudo\fR distribution -(http://www.sudo.ws/sudo/contributors.html) for a list of people +(http://www.sudo.ws/sudo/contributors.html) for an exhaustive list of people who have contributed to \fBsudo\fR. -.SH "HISTORY" -.IX Header "HISTORY" -See the \s-1HISTORY\s0 file in the \fBsudo\fR distribution -(http://www.sudo.ws/sudo/history.html) for a brief history of sudo. .SH "CAVEATS" .IX Header "CAVEATS" There is no easy way to prevent a user from gaining a root shell diff --git a/doc/sudo.pod b/doc/sudo.pod index b9f7578b7..6c3a0712f 100644 --- a/doc/sudo.pod +++ b/doc/sudo.pod @@ -278,7 +278,7 @@ specified multiple times, a longer list format is used. The B<-n> (I) option prevents B from prompting the user for a password. If a password is required for the command -to run, B will display an error messages and exit. +to run, B will display an error message and exit. =item -P @@ -315,7 +315,7 @@ L) =item C<%U> expanded to the login name of the user the command will be run as -(defaults to root unless the C<-u> option is also specified) +(defaults to root unless the B<-u> option is also specified) =item C<%u> @@ -380,7 +380,7 @@ not set. Other security policies may not support this. The B<-V> (I) option causes B to print its version string and the version string of the security policy plugin and any I/O plugins. If the invoking user is already root the B<-V> option -will display the arguments passed to configure when I was +will display the arguments passed to configure when B was built and plugins may display more verbose information such as default options. @@ -390,7 +390,7 @@ When given the B<-v> (I) option, B will update the user's cached credentials, authenticating the user's password if necessary. For the I plugin, this extends the B timeout for another C<@timeout@> minutes (or whatever the timeout -is set to in I) but does not run a command. Not all +is set to by the security policy) but does not run a command. Not all security policies support cached credentials. =item -- @@ -492,7 +492,7 @@ name of the program to debug (B, B, B), the debug file name and a comma-separated list of debug flags. The debug flag syntax used by B and the I plugin is I@I but the plugin is free to use a different -format so long as it does not include a command C<,>. +format so long as it does not include a comma (`C<,>'). For instance: @@ -571,7 +571,7 @@ utmp handling =back -=head1 RETURN VALUES +=head1 EXIT VALUE Upon successful execution of a program, the exit status from B will simply be the exit status of the program that was executed. @@ -634,19 +634,19 @@ policy has control over the content of the command's environment. =item C Default editor to use in B<-e> (sudoedit) mode if neither C -nor C is set +nor C is set. =item C In B<-i> mode or when I is enabled in I, set -to the mail spool of the target user +to the mail spool of the target user. =item C Set to the home directory of the target user if B<-i> or B<-H> are specified, I or I are set in I, or when the B<-s> option is specified and I is set in -I +I. =item C @@ -654,49 +654,49 @@ May be overridden by the security policy. =item C -Used to determine shell to run with C<-s> option +Used to determine shell to run with B<-s> option. =item C Specifies the path to a helper program used to read the password -if no terminal is available or if the C<-A> option is specified. +if no terminal is available or if the B<-A> option is specified. =item C -Set to the command run by sudo +Set to the command run by sudo. =item C -Default editor to use in B<-e> (sudoedit) mode +Default editor to use in B<-e> (sudoedit) mode. =item C -Set to the group ID of the user who invoked sudo +Set to the group ID of the user who invoked sudo. =item C -Used as the default password prompt +Used as the default password prompt. =item C -If set, C will be set to its value for the program being run +If set, C will be set to its value for the program being run. =item C -Set to the user ID of the user who invoked sudo +Set to the user ID of the user who invoked sudo. =item C -Set to the login of the user who invoked sudo +Set to the login name of the user who invoked sudo. =item C -Set to the target user (root unless the B<-u> option is specified) +Set to the target user (root unless the B<-u> option is specified). =item C Default editor to use in B<-e> (sudoedit) mode if C -is not set +is not set. =back @@ -751,6 +751,11 @@ L, L, L, L, L, L, L, L, L +=head1 HISTORY + +See the HISTORY file in the B distribution +(http://www.sudo.ws/sudo/history.html) for a brief history of sudo. + =head1 AUTHORS Many people have worked on B over the years; this @@ -759,14 +764,9 @@ version consists of code written primarily by: Todd C. Miller See the CONTRIBUTORS file in the B distribution -(http://www.sudo.ws/sudo/contributors.html) for a list of people +(http://www.sudo.ws/sudo/contributors.html) for an exhaustive list of people who have contributed to B. -=head1 HISTORY - -See the HISTORY file in the B distribution -(http://www.sudo.ws/sudo/history.html) for a brief history of sudo. - =head1 CAVEATS There is no easy way to prevent a user from gaining a root shell -- 2.40.0