isa/sudo
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

filename -> file name like the rest of the docs

Browse Source
This commit is contained in:
Todd C. Miller
2009-12-19 21:33:25 +00:00
parent 73dccdf93d
commit 00c89f0145
3 changed files with 15 additions and 15 deletions
Download Patch File Download Diff File Expand all files Collapse all files

12
INSTALL
View File

@@ -180,22 +180,22 @@ Special features/options:
containing the LDAP include and lib directories. Please see containing the LDAP include and lib directories. Please see
README.LDAP for more information. README.LDAP for more information.
--with-ldap-conf-file=filename --with-ldap-conf-file=PATH
Path to LDAP configuration file. If specified, sudo reads Path to LDAP configuration file. If specified, sudo reads
this file instead of /etc/ldap.conf to locate the LDAP server. this file instead of /etc/ldap.conf to locate the LDAP server.
--with-ldap-secret-file=filename --with-ldap-secret-file=PATH
Path to LDAP secret password file. If specified, sudo uses Path to LDAP secret password file. If specified, sudo uses
this file instead of /etc/ldap.secret to read the secret password this file instead of /etc/ldap.secret to read the secret password
when rootbinddn is specified in the ldap config file. when rootbinddn is specified in the ldap config file.
--with-nsswitch[=filename] --with-nsswitch[=PATH]
Path to nsswitch.conf or "no" to disable nsswitch support. Path to nsswitch.conf or "no" to disable nsswitch support.
If specified, sudo uses this file instead of /etc/nsswitch.conf. If specified, sudo uses this file instead of /etc/nsswitch.conf.
If nsswitch is disabled but LDAP is enabled, sudo will check If nsswitch is disabled but LDAP is enabled, sudo will check
LDAP first, then the sudoers file. LDAP first, then the sudoers file.
--with-netsvc[=filename] --with-netsvc[=PATH]
Path to netsvc.conf or "no" to disable netsvc.conf support. Path to netsvc.conf or "no" to disable netsvc.conf support.
If specified, sudo uses this file instead of /etc/netsvc.conf If specified, sudo uses this file instead of /etc/netsvc.conf
on AIX systems. on AIX systems.
@@ -258,7 +258,7 @@ Special features/options:
another program (think shell escapes). Please see the another program (think shell escapes). Please see the
"PREVENTING SHELL ESCAPES" section in the sudoers man page "PREVENTING SHELL ESCAPES" section in the sudoers man page
for details. If specified, PATH should be a fully qualified for details. If specified, PATH should be a fully qualified
pathname, e.g. /usr/local/libexec/sudo_noexec.so. If PATH path name, e.g. /usr/local/libexec/sudo_noexec.so. If PATH
is "no", noexec support will not be compiled in. The default is "no", noexec support will not be compiled in. The default
is to compile noexec support if libtool supports building is to compile noexec support if libtool supports building
shared objects on your OS. shared objects on your OS.
@@ -529,7 +529,7 @@ The following options are also configurable at runtime:
--with-editor=PATH --with-editor=PATH
Specify the default editor path for use by visudo. This may be a Specify the default editor path for use by visudo. This may be a
single pathname or a colon-separated list of editors. In the latter single path name or a colon-separated list of editors. In the latter
case, visudo will choose the editor that matches the user's VISUAL case, visudo will choose the editor that matches the user's VISUAL
or EDITOR environment variables or the first editor in the list that or EDITOR environment variables or the first editor in the list that
exists. The default is the path to vi on your system. exists. The default is the path to vi on your system.

4
README.LDAP
View File

@@ -151,8 +151,8 @@ Configure your /etc/ldap.conf and /etc/nsswitch.conf
==================================================== ====================================================
The /etc/ldap.conf file is meant to be shared between sudo, pam_ldap, nss_ldap The /etc/ldap.conf file is meant to be shared between sudo, pam_ldap, nss_ldap
and other ldap applications and modules. IBM Secureway unfortunately uses and other ldap applications and modules. IBM Secureway unfortunately uses
the same filename but has a different syntax. If you need to rename where the same file name but has a different syntax. If you need to change where
this file is stored, re-run configure with the --with-ldap-conf-file=filename this file is stored, re-run configure with the --with-ldap-conf-file=PATH
option. option.
See the "Configuring ldap.conf" section in the sudoers.ldap manual See the "Configuring ldap.conf" section in the sudoers.ldap manual

14
sudoers.pod
View File

@@ -195,9 +195,9 @@ wildcards to be useful.
Cmnd_List ::= Cmnd | Cmnd_List ::= Cmnd |
Cmnd ',' Cmnd_List Cmnd ',' Cmnd_List
commandname ::= filename | commandname ::= file name |
filename args | file name args |
filename '""' file name '""'
Cmnd ::= '!'* commandname | Cmnd ::= '!'* commandname |
'!'* directory | '!'* directory |
@@ -205,9 +205,9 @@ wildcards to be useful.
'!'* Cmnd_Alias '!'* Cmnd_Alias
A C<Cmnd_List> is a list of one or more commandnames, directories, and other A C<Cmnd_List> is a list of one or more commandnames, directories, and other
aliases. A commandname is a fully qualified filename which may include aliases. A commandname is a fully qualified file name which may include
shell-style wildcards (see the L<Wildcards> section below). A simple shell-style wildcards (see the L<Wildcards> section below). A simple
filename allows the user to run the command with any arguments he/she file name allows the user to run the command with any arguments he/she
wishes. However, you may also specify command line arguments (including wishes. However, you may also specify command line arguments (including
wildcards). Alternately, you can specify C<""> to indicate that the command wildcards). Alternately, you can specify C<""> to indicate that the command
may only be run B<without> command line arguments. A directory is a may only be run B<without> command line arguments. A directory is a
@@ -448,7 +448,7 @@ escaped. For example:
/bin/ls [[\:alpha\:]]* /bin/ls [[\:alpha\:]]*
Would match any filename beginning with a letter. Would match any file name beginning with a letter.
Note that a forward slash ('/') will B<not> be matched by Note that a forward slash ('/') will B<not> be matched by
wildcards used in the pathname. When matching the command wildcards used in the pathname. When matching the command
@@ -499,7 +499,7 @@ F</etc/sudoers> will be processed. Files that are included may
themselves include other files. A hard limit of 128 nested include themselves include other files. A hard limit of 128 nested include
files is enforced to prevent include file loops. files is enforced to prevent include file loops.
The filename may include the C<%h> escape, signifying the short form The file name may include the C<%h> escape, signifying the short form
of the hostname. I.e., if the machine's hostname is "xerxes", then of the hostname. I.e., if the machine's hostname is "xerxes", then
C<#include /etc/sudoers.%h> C<#include /etc/sudoers.%h>