isa/sudo
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Document -D level command line flag which maps to the debug_level setting.

Browse Source
This commit is contained in:
Todd C. Miller
2010-02-24 07:48:53 -05:00
parent 9eb3e63c56
commit 07bf968c4d
8 changed files with 96 additions and 46 deletions
Download Patch File Download Diff File Expand all files Collapse all files

66
doc/sudo.cat
View File

@@ -8,19 +8,19 @@ NNAAMMEE
sudo, sudoedit - execute a command as another user sudo, sudoedit - execute a command as another user
SSYYNNOOPPSSIISS SSYYNNOOPPSSIISS
ssuuddoo --hh | --KK | --kk | --LL | --VV ssuuddoo [--DD _l_e_v_e_l] --hh | --KK | --kk | --LL | --VV
ssuuddoo --vv [--AAkknnSS] [--aa _a_u_t_h___t_y_p_e] [--gg _g_r_o_u_p _n_a_m_e|_#_g_i_d] [--pp _p_r_o_m_p_t] ssuuddoo --vv [--AAkknnSS] [--aa _a_u_t_h___t_y_p_e] [--DD _l_e_v_e_l] [--gg _g_r_o_u_p _n_a_m_e|_#_g_i_d]
[--uu _u_s_e_r_n_a_m_e|_#_u_i_d] [--pp _p_r_o_m_p_t] [--uu _u_s_e_r_n_a_m_e|_#_u_i_d]
ssuuddoo --ll[[ll]] [--AAkknnSS] [--aa _a_u_t_h___t_y_p_e] [--gg _g_r_o_u_p _n_a_m_e|_#_g_i_d] [--pp _p_r_o_m_p_t] ssuuddoo --ll[[ll]] [--AAkknnSS] [--aa _a_u_t_h___t_y_p_e] [--DD _l_e_v_e_l] [--gg _g_r_o_u_p _n_a_m_e|_#_g_i_d]
[--UU _u_s_e_r _n_a_m_e] [--uu _u_s_e_r _n_a_m_e|_#_u_i_d] [_c_o_m_m_a_n_d] [--pp _p_r_o_m_p_t] [--UU _u_s_e_r _n_a_m_e] [--uu _u_s_e_r _n_a_m_e|_#_u_i_d] [_c_o_m_m_a_n_d]
ssuuddoo [--AAbbEEHHnnPPSS] [--aa _a_u_t_h___t_y_p_e] [--CC _f_d] [--cc _c_l_a_s_s|_-] ssuuddoo [--AAbbEEHHnnPPSS] [--aa _a_u_t_h___t_y_p_e] [--CC _f_d] [--DD _l_e_v_e_l] [--cc _c_l_a_s_s|_-]
[--gg _g_r_o_u_p _n_a_m_e|_#_g_i_d] [--pp _p_r_o_m_p_t] [--uu _u_s_e_r _n_a_m_e|_#_u_i_d] [VVAARR=_v_a_l_u_e] [--gg _g_r_o_u_p _n_a_m_e|_#_g_i_d] [--pp _p_r_o_m_p_t] [--uu _u_s_e_r _n_a_m_e|_#_u_i_d] [VVAARR=_v_a_l_u_e]
[--ii | --ss] [_c_o_m_m_a_n_d] [--ii | --ss] [_c_o_m_m_a_n_d]
ssuuddooeeddiitt [--AAnnSS] [--aa _a_u_t_h___t_y_p_e] [--CC _f_d] [--cc _c_l_a_s_s|_-] ssuuddooeeddiitt [--AAnnSS] [--aa _a_u_t_h___t_y_p_e] [--CC _f_d] [--cc _c_l_a_s_s|_-] [--DD _l_e_v_e_l]
[--gg _g_r_o_u_p _n_a_m_e|_#_g_i_d] [--pp _p_r_o_m_p_t] [--uu _u_s_e_r _n_a_m_e|_#_u_i_d] file ... [--gg _g_r_o_u_p _n_a_m_e|_#_g_i_d] [--pp _p_r_o_m_p_t] [--uu _u_s_e_r _n_a_m_e|_#_u_i_d] file ...
DDEESSCCRRIIPPTTIIOONN DDEESSCCRRIIPPTTIIOONN
@@ -61,7 +61,7 @@ DDEESSCCRRIIPPTTIIOONN
1.7.3b2 December 19, 2009 1 1.8.0a1 February 24, 2010 1
@@ -122,12 +122,12 @@ OOPPTTIIOONNSS
is already root. This option is only available on systems is already root. This option is only available on systems
with BSD login classes. with BSD login classes.
-E The --EE (_p_r_e_s_e_r_v_e _e_n_v_i_r_o_n_m_e_n_t) option will override the -D _l_e_v_e_l Enable debugging of ssuuddoo plugins and ssuuddoo itself. The
_e_n_v___r_e_s_e_t option in _s_u_d_o_e_r_s(4)). It is only available when _l_e_v_e_l may be a value from 1 through 9.
1.7.3b2 December 19, 2009 2 1.8.0a1 February 24, 2010 2
@@ -136,6 +136,8 @@ OOPPTTIIOONNSS
SUDO(1m) MAINTENANCE COMMANDS SUDO(1m) SUDO(1m) MAINTENANCE COMMANDS SUDO(1m)
-E The --EE (_p_r_e_s_e_r_v_e _e_n_v_i_r_o_n_m_e_n_t) option will override the
_e_n_v___r_e_s_e_t option in _s_u_d_o_e_r_s(4)). It is only available when
either the matching command has the SETENV tag or the either the matching command has the SETENV tag or the
_s_e_t_e_n_v option is set in _s_u_d_o_e_r_s(4). _s_e_t_e_n_v option is set in _s_u_d_o_e_r_s(4).
@@ -188,12 +190,10 @@ SUDO(1m) MAINTENANCE COMMANDS SUDO(1m)
The --ii (_s_i_m_u_l_a_t_e _i_n_i_t_i_a_l _l_o_g_i_n) option runs the shell The --ii (_s_i_m_u_l_a_t_e _i_n_i_t_i_a_l _l_o_g_i_n) option runs the shell
specified in the _p_a_s_s_w_d(4) entry of the target user as a specified in the _p_a_s_s_w_d(4) entry of the target user as a
login shell. This means that login-specific resource files login shell. This means that login-specific resource files
such as .profile or .login will be read by the shell. If a
command is specified, it is passed to the shell for
1.7.3b2 December 19, 2009 3 1.8.0a1 February 24, 2010 3
@@ -202,6 +202,8 @@ SUDO(1m) MAINTENANCE COMMANDS SUDO(1m)
SUDO(1m) MAINTENANCE COMMANDS SUDO(1m) SUDO(1m) MAINTENANCE COMMANDS SUDO(1m)
such as .profile or .login will be read by the shell. If a
command is specified, it is passed to the shell for
execution. Otherwise, an interactive shell is executed. execution. Otherwise, an interactive shell is executed.
ssuuddoo attempts to change to that user's home directory ssuuddoo attempts to change to that user's home directory
before running the shell. It also initializes the before running the shell. It also initializes the
@@ -254,12 +256,10 @@ SUDO(1m) MAINTENANCE COMMANDS SUDO(1m)
preserve the invoking user's group vector unaltered. By preserve the invoking user's group vector unaltered. By
default, ssuuddoo will initialize the group vector to the list default, ssuuddoo will initialize the group vector to the list
of groups the target user is in. The real and effective of groups the target user is in. The real and effective
group IDs, however, are still set to match the target user.
1.8.0a1 February 24, 2010 4
1.7.3b2 December 19, 2009 4
@@ -268,6 +268,8 @@ SUDO(1m) MAINTENANCE COMMANDS SUDO(1m)
SUDO(1m) MAINTENANCE COMMANDS SUDO(1m) SUDO(1m) MAINTENANCE COMMANDS SUDO(1m)
group IDs, however, are still set to match the target user.
-p _p_r_o_m_p_t The --pp (_p_r_o_m_p_t) option allows you to override the default -p _p_r_o_m_p_t The --pp (_p_r_o_m_p_t) option allows you to override the default
password prompt and use a custom one. The following password prompt and use a custom one. The following
percent (`%') escapes are supported: percent (`%') escapes are supported:
@@ -320,12 +322,10 @@ SUDO(1m) MAINTENANCE COMMANDS SUDO(1m)
-V The --VV (_v_e_r_s_i_o_n) option causes ssuuddoo to print the version -V The --VV (_v_e_r_s_i_o_n) option causes ssuuddoo to print the version
number and exit. If the invoking user is already root the number and exit. If the invoking user is already root the
--VV option will print out a list of the defaults ssuuddoo was
compiled with as well as the machine's local network
1.7.3b2 December 19, 2009 5 1.8.0a1 February 24, 2010 5
@@ -334,6 +334,8 @@ SUDO(1m) MAINTENANCE COMMANDS SUDO(1m)
SUDO(1m) MAINTENANCE COMMANDS SUDO(1m) SUDO(1m) MAINTENANCE COMMANDS SUDO(1m)
--VV option will print out a list of the defaults ssuuddoo was
compiled with as well as the machine's local network
addresses. addresses.
-v If given the --vv (_v_a_l_i_d_a_t_e) option, ssuuddoo will update the -v If given the --vv (_v_a_l_i_d_a_t_e) option, ssuuddoo will update the
@@ -387,11 +389,9 @@ SSEECCUURRIITTYY NNOOTTEESS
blacklist all potentially dangerous environment variables, use of the blacklist all potentially dangerous environment variables, use of the
default _e_n_v___r_e_s_e_t behavior is encouraged. default _e_n_v___r_e_s_e_t behavior is encouraged.
In all cases, environment variables with a value beginning with () are
1.8.0a1 February 24, 2010 6
1.7.3b2 December 19, 2009 6
@@ -400,6 +400,7 @@ SSEECCUURRIITTYY NNOOTTEESS
SUDO(1m) MAINTENANCE COMMANDS SUDO(1m) SUDO(1m) MAINTENANCE COMMANDS SUDO(1m)
In all cases, environment variables with a value beginning with () are
removed as they could be interpreted as bbaasshh functions. The list of removed as they could be interpreted as bbaasshh functions. The list of
environment variables that ssuuddoo allows or denies is contained in the environment variables that ssuuddoo allows or denies is contained in the
output of sudo -V when run as root. output of sudo -V when run as root.
@@ -453,11 +454,10 @@ SUDO(1m) MAINTENANCE COMMANDS SUDO(1m)
EENNVVIIRROONNMMEENNTT EENNVVIIRROONNMMEENNTT
ssuuddoo utilizes the following environment variables: ssuuddoo utilizes the following environment variables:
EDITOR Default editor to use in --ee (sudoedit) mode if neither
1.7.3b2 December 19, 2009 7 1.8.0a1 February 24, 2010 7
@@ -466,6 +466,7 @@ EENNVVIIRROONNMMEENNTT
SUDO(1m) MAINTENANCE COMMANDS SUDO(1m) SUDO(1m) MAINTENANCE COMMANDS SUDO(1m)
EDITOR Default editor to use in --ee (sudoedit) mode if neither
SUDO_EDITOR nor VISUAL is set SUDO_EDITOR nor VISUAL is set
HOME In --ss or --HH mode (or if sudo was configured with the HOME In --ss or --HH mode (or if sudo was configured with the
@@ -522,8 +523,7 @@ EEXXAAMMPPLLEESS
1.8.0a1 February 24, 2010 8
1.7.3b2 December 19, 2009 8
@@ -557,8 +557,7 @@ SUDO(1m) MAINTENANCE COMMANDS SUDO(1m)
$ sudo sh -c "cd /home ; du -s * | sort -rn > USAGE" $ sudo sh -c "cd /home ; du -s * | sort -rn > USAGE"
SSEEEE AALLSSOO SSEEEE AALLSSOO
_g_r_e_p(1), _s_u(1), _s_t_a_t(2), _l_o_g_i_n___c_a_p(3), _p_a_s_s_w_d(4), _s_u_d_o_e_r_s(5), _g_r_e_p(1), _s_u(1), _s_t_a_t(2), _l_o_g_i_n___c_a_p(3), _p_a_s_s_w_d(4), _s_u_d_o_e_r_s(4), _v_i_s_u_d_o(1m)
_v_i_s_u_d_o(1m)
AAUUTTHHOORRSS AAUUTTHHOORRSS
Many people have worked on ssuuddoo over the years; this version consists Many people have worked on ssuuddoo over the years; this version consists
@@ -586,10 +585,11 @@ CCAAVVEEAATTSS
If users have sudo ALL there is nothing to prevent them from creating If users have sudo ALL there is nothing to prevent them from creating
their own program that gives them a root shell regardless of any '!' their own program that gives them a root shell regardless of any '!'
elements in the user specification.
1.7.3b2 December 19, 2009 9 1.8.0a1 February 24, 2010 9
@@ -598,8 +598,6 @@ CCAAVVEEAATTSS
SUDO(1m) MAINTENANCE COMMANDS SUDO(1m) SUDO(1m) MAINTENANCE COMMANDS SUDO(1m)
elements in the user specification.
Running shell scripts via ssuuddoo can expose the same kernel bugs that Running shell scripts via ssuuddoo can expose the same kernel bugs that
make setuid shell scripts unsafe on some operating systems (if your OS make setuid shell scripts unsafe on some operating systems (if your OS
has a /dev/fd/ directory, setuid shell scripts are generally safe). has a /dev/fd/ directory, setuid shell scripts are generally safe).
@@ -655,6 +653,8 @@ DDIISSCCLLAAIIMMEERR
1.7.3b2 December 19, 2009 10
1.8.0a1 February 24, 2010 10

14
doc/sudo.man.in
View File

@@ -1,4 +1,4 @@
.\" Copyright (c) 1994-1996, 1998-2005, 2007-2009 .\" Copyright (c) 1994-1996, 1998-2005, 2007-2010
.\" Todd C. Miller <Todd.Miller@courtesan.com> .\" Todd C. Miller <Todd.Miller@courtesan.com>
.\" .\"
.\" Permission to use, copy, modify, and distribute this software for any .\" Permission to use, copy, modify, and distribute this software for any
@@ -144,7 +144,7 @@
.\" ======================================================================== .\" ========================================================================
.\" .\"
.IX Title "SUDO @mansectsu@" .IX Title "SUDO @mansectsu@"
.TH SUDO @mansectsu@ "December 19, 2009" "1.7.3b2" "MAINTENANCE COMMANDS" .TH SUDO @mansectsu@ "February 24, 2010" "1.8.0a1" "MAINTENANCE COMMANDS"
.\" For nroff, turn off justification. Always turn off hyphenation; it makes .\" For nroff, turn off justification. Always turn off hyphenation; it makes
.\" way too many mistakes in technical documents. .\" way too many mistakes in technical documents.
.if n .ad l .if n .ad l
@@ -153,21 +153,24 @@
sudo, sudoedit \- execute a command as another user sudo, sudoedit \- execute a command as another user
.SH "SYNOPSIS" .SH "SYNOPSIS"
.IX Header "SYNOPSIS" .IX Header "SYNOPSIS"
\&\fBsudo\fR \fB\-h\fR | \fB\-K\fR | \fB\-k\fR | \fB\-L\fR | \fB\-V\fR \&\fBsudo\fR [\fB\-D\fR\ \fIlevel\fR] \fB\-h\fR | \fB\-K\fR | \fB\-k\fR | \fB\-L\fR | \fB\-V\fR
.PP .PP
\&\fBsudo\fR \fB\-v\fR [\fB\-AknS\fR] \&\fBsudo\fR \fB\-v\fR [\fB\-AknS\fR]
@BAMAN@[\fB\-a\fR\ \fIauth_type\fR] @BAMAN@[\fB\-a\fR\ \fIauth_type\fR]
[\fB\-D\fR\ \fIlevel\fR]
[\fB\-g\fR\ \fIgroup\ name\fR|\fI#gid\fR] [\fB\-p\fR\ \fIprompt\fR] [\fB\-g\fR\ \fIgroup\ name\fR|\fI#gid\fR] [\fB\-p\fR\ \fIprompt\fR]
[\fB\-u\fR\ \fIusername\fR|\fI#uid\fR] [\fB\-u\fR\ \fIusername\fR|\fI#uid\fR]
.PP .PP
\&\fBsudo\fR \fB\-l[l]\fR [\fB\-AknS\fR] \&\fBsudo\fR \fB\-l[l]\fR [\fB\-AknS\fR]
@BAMAN@[\fB\-a\fR\ \fIauth_type\fR] @BAMAN@[\fB\-a\fR\ \fIauth_type\fR]
[\fB\-D\fR\ \fIlevel\fR]
[\fB\-g\fR\ \fIgroup\ name\fR|\fI#gid\fR] [\fB\-p\fR\ \fIprompt\fR] [\fB\-g\fR\ \fIgroup\ name\fR|\fI#gid\fR] [\fB\-p\fR\ \fIprompt\fR]
[\fB\-U\fR\ \fIuser\ name\fR] [\fB\-u\fR\ \fIuser\ name\fR|\fI#uid\fR] [\fIcommand\fR] [\fB\-U\fR\ \fIuser\ name\fR] [\fB\-u\fR\ \fIuser\ name\fR|\fI#uid\fR] [\fIcommand\fR]
.PP .PP
\&\fBsudo\fR [\fB\-AbEHnPS\fR] \&\fBsudo\fR [\fB\-AbEHnPS\fR]
@BAMAN@[\fB\-a\fR\ \fIauth_type\fR] @BAMAN@[\fB\-a\fR\ \fIauth_type\fR]
[\fB\-C\fR\ \fIfd\fR] [\fB\-C\fR\ \fIfd\fR]
[\fB\-D\fR\ \fIlevel\fR]
@LCMAN@[\fB\-c\fR\ \fIclass\fR|\fI\-\fR] @LCMAN@[\fB\-c\fR\ \fIclass\fR|\fI\-\fR]
[\fB\-g\fR\ \fIgroup\ name\fR|\fI#gid\fR] [\fB\-p\fR\ \fIprompt\fR] [\fB\-g\fR\ \fIgroup\ name\fR|\fI#gid\fR] [\fB\-p\fR\ \fIprompt\fR]
@SEMAN@[\fB\-r\fR\ \fIrole\fR] [\fB\-t\fR\ \fItype\fR] @SEMAN@[\fB\-r\fR\ \fIrole\fR] [\fB\-t\fR\ \fItype\fR]
@@ -178,6 +181,7 @@ sudo, sudoedit \- execute a command as another user
@BAMAN@[\fB\-a\fR\ \fIauth_type\fR] @BAMAN@[\fB\-a\fR\ \fIauth_type\fR]
[\fB\-C\fR\ \fIfd\fR] [\fB\-C\fR\ \fIfd\fR]
@LCMAN@[\fB\-c\fR\ \fIclass\fR|\fI\-\fR] @LCMAN@[\fB\-c\fR\ \fIclass\fR|\fI\-\fR]
[\fB\-D\fR\ \fIlevel\fR]
[\fB\-g\fR\ \fIgroup\ name\fR|\fI#gid\fR] [\fB\-p\fR\ \fIprompt\fR] [\fB\-g\fR\ \fIgroup\ name\fR|\fI#gid\fR] [\fB\-p\fR\ \fIprompt\fR]
[\fB\-u\fR\ \fIuser\ name\fR|\fI#uid\fR] file ... [\fB\-u\fR\ \fIuser\ name\fR|\fI#uid\fR] file ...
.SH "DESCRIPTION" .SH "DESCRIPTION"
@@ -271,6 +275,10 @@ administrator has enabled the \fIclosefrom_override\fR option in
@LCMAN@argument specifies an existing user class, the command must be run @LCMAN@argument specifies an existing user class, the command must be run
@LCMAN@as root, or the \fBsudo\fR command must be run from a shell that is already @LCMAN@as root, or the \fBsudo\fR command must be run from a shell that is already
@LCMAN@root. This option is only available on systems with \s-1BSD\s0 login classes. @LCMAN@root. This option is only available on systems with \s-1BSD\s0 login classes.
.IP "\-D \fIlevel\fR" 12
.IX Item "-D level"
Enable debugging of \fBsudo\fR plugins and \fBsudo\fR itself. The \fIlevel\fR
may be a value from 1 through 9.
.IP "\-E" 12 .IP "\-E" 12
.IX Item "-E" .IX Item "-E"
The \fB\-E\fR (\fIpreserve\fR \fIenvironment\fR) option will override the The \fB\-E\fR (\fIpreserve\fR \fIenvironment\fR) option will override the

13
doc/sudo.pod
View File

@@ -1,4 +1,4 @@
Copyright (c) 1994-1996, 1998-2005, 2007-2009 Copyright (c) 1994-1996, 1998-2005, 2007-2010
Todd C. Miller <Todd.Miller@courtesan.com> Todd C. Miller <Todd.Miller@courtesan.com>
Permission to use, copy, modify, and distribute this software for any Permission to use, copy, modify, and distribute this software for any
@@ -26,21 +26,24 @@ sudo, sudoedit - execute a command as another user
=head1 SYNOPSIS =head1 SYNOPSIS
B<sudo> B<-h> | B<-K> | B<-k> | B<-L> | B<-V> B<sudo> S<[B<-D> I<level>]> B<-h> | B<-K> | B<-k> | B<-L> | B<-V>
B<sudo> B<-v> [B<-AknS>] B<sudo> B<-v> [B<-AknS>]
S<[B<-a> I<auth_type>]> S<[B<-a> I<auth_type>]>
S<[B<-D> I<level>]>
S<[B<-g> I<group name>|I<#gid>]> S<[B<-p> I<prompt>]> S<[B<-g> I<group name>|I<#gid>]> S<[B<-p> I<prompt>]>
S<[B<-u> I<username>|I<#uid>]> S<[B<-u> I<username>|I<#uid>]>
B<sudo> B<-l[l]> [B<-AknS>] B<sudo> B<-l[l]> [B<-AknS>]
S<[B<-a> I<auth_type>]> S<[B<-a> I<auth_type>]>
S<[B<-D> I<level>]>
S<[B<-g> I<group name>|I<#gid>]> S<[B<-p> I<prompt>]> S<[B<-g> I<group name>|I<#gid>]> S<[B<-p> I<prompt>]>
S<[B<-U> I<user name>]> S<[B<-u> I<user name>|I<#uid>]> [I<command>] S<[B<-U> I<user name>]> S<[B<-u> I<user name>|I<#uid>]> [I<command>]
B<sudo> [B<-AbEHnPS>] B<sudo> [B<-AbEHnPS>]
S<[B<-a> I<auth_type>]> S<[B<-a> I<auth_type>]>
S<[B<-C> I<fd>]> S<[B<-C> I<fd>]>
S<[B<-D> I<level>]>
S<[B<-c> I<class>|I<->]> S<[B<-c> I<class>|I<->]>
S<[B<-g> I<group name>|I<#gid>]> S<[B<-p> I<prompt>]> S<[B<-g> I<group name>|I<#gid>]> S<[B<-p> I<prompt>]>
S<[B<-r> I<role>]> S<[B<-t> I<type>]> S<[B<-r> I<role>]> S<[B<-t> I<type>]>
@@ -51,6 +54,7 @@ B<sudoedit> [B<-AnS>]
S<[B<-a> I<auth_type>]> S<[B<-a> I<auth_type>]>
S<[B<-C> I<fd>]> S<[B<-C> I<fd>]>
S<[B<-c> I<class>|I<->]> S<[B<-c> I<class>|I<->]>
S<[B<-D> I<level>]>
S<[B<-g> I<group name>|I<#gid>]> S<[B<-p> I<prompt>]> S<[B<-g> I<group name>|I<#gid>]> S<[B<-p> I<prompt>]>
S<[B<-u> I<user name>|I<#uid>]> file ... S<[B<-u> I<user name>|I<#uid>]> file ...
@@ -154,6 +158,11 @@ argument specifies an existing user class, the command must be run
as root, or the B<sudo> command must be run from a shell that is already as root, or the B<sudo> command must be run from a shell that is already
root. This option is only available on systems with BSD login classes. root. This option is only available on systems with BSD login classes.
=item -D I<level>
Enable debugging of B<sudo> plugins and B<sudo> itself. The I<level>
may be a value from 1 through 9.
=item -E =item -E
The B<-E> (I<preserve> I<environment>) option will override the The B<-E> (I<preserve> I<environment>) option will override the

15
doc/sudo_plugin.man.in
View File

@@ -1,3 +1,18 @@
.\" Copyright (c) 2009-2010 Todd C. Miller <Todd.Miller@courtesan.com>
.\"
.\" Permission to use, copy, modify, and distribute this software for any
.\" purpose with or without fee is hereby granted, provided that the above
.\" copyright notice and this permission notice appear in all copies.
.\"
.\" THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
.\" WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
.\" MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
.\" ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
.\" WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
.\" ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
.\" OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
.\" ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
.\"
.\" Automatically generated by Pod::Man 2.22 (Pod::Simple 3.07) .\" Automatically generated by Pod::Man 2.22 (Pod::Simple 3.07)
.\" .\"
.\" Standard preamble: .\" Standard preamble:

15
doc/sudo_plugin.pod
View File

@@ -1,3 +1,18 @@
Copyright (c) 2009-2010 Todd C. Miller <Todd.Miller@courtesan.com>
Permission to use, copy, modify, and distribute this software for any
purpose with or without fee is hereby granted, provided that the above
copyright notice and this permission notice appear in all copies.
THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
=pod =pod
=head1 Sudo Plugin API =head1 Sudo Plugin API

4
src/Makefile.in
View File

@@ -131,7 +131,7 @@ list.o: $(srcdir)/list.c $(SUDODEP)
$(CC) -c $(CPPFLAGS) $(CFLAGS) $(DEFS) $(OPTIONS) $(srcdir)/list.c $(CC) -c $(CPPFLAGS) $(CFLAGS) $(DEFS) $(OPTIONS) $(srcdir)/list.c
load_plugins.o: $(srcdir)/load_plugins.c $(SUDODEP) load_plugins.o: $(srcdir)/load_plugins.c $(SUDODEP)
$(CC) -c $(CPPFLAGS) $(CFLAGS) $(DEFS) $(OPTIONS) $(srcdir)/load_plugins.c $(CC) -c $(CPPFLAGS) $(CFLAGS) $(DEFS) $(OPTIONS) $(srcdir)/load_plugins.c
parse_args.o: $(srcdir)/parse_args.c $(SUDODEP) parse_args.o: $(srcdir)/parse_args.c sudo_usage.h $(SUDODEP)
$(CC) -c $(CPPFLAGS) $(CFLAGS) $(DEFS) $(OPTIONS) $(srcdir)/parse_args.c $(CC) -c $(CPPFLAGS) $(CFLAGS) $(DEFS) $(OPTIONS) $(srcdir)/parse_args.c
pty.o: $(srcdir)/pty.c $(SUDODEP) pty.o: $(srcdir)/pty.c $(SUDODEP)
$(CC) -c $(CPPFLAGS) $(CFLAGS) $(DEFS) $(OPTIONS) $(srcdir)/pty.c $(CC) -c $(CPPFLAGS) $(CFLAGS) $(DEFS) $(OPTIONS) $(srcdir)/pty.c
@@ -139,7 +139,7 @@ script.o: $(srcdir)/script.c $(SUDODEP)
$(CC) -c $(CPPFLAGS) $(CFLAGS) $(DEFS) $(OPTIONS) $(srcdir)/script.c $(CC) -c $(CPPFLAGS) $(CFLAGS) $(DEFS) $(OPTIONS) $(srcdir)/script.c
selinux.o: $(srcdir)/selinux.c $(SUDODEP) selinux.o: $(srcdir)/selinux.c $(SUDODEP)
$(CC) -c $(CPPFLAGS) $(CFLAGS) $(DEFS) $(OPTIONS) $(srcdir)/selinux.c $(CC) -c $(CPPFLAGS) $(CFLAGS) $(DEFS) $(OPTIONS) $(srcdir)/selinux.c
sudo.o: $(srcdir)/sudo.c $(SUDODEP) sudo_usage.h sudo.o: $(srcdir)/sudo.c $(SUDODEP)
$(CC) -c $(CPPFLAGS) $(CFLAGS) $(DEFS) $(OPTIONS) $(srcdir)/sudo.c $(CC) -c $(CPPFLAGS) $(CFLAGS) $(DEFS) $(OPTIONS) $(srcdir)/sudo.c
sudo_edit.o: $(srcdir)/sudo_edit.c $(SUDODEP) sudo_edit.o: $(srcdir)/sudo_edit.c $(SUDODEP)
$(CC) -c $(CPPFLAGS) $(CFLAGS) $(DEFS) $(OPTIONS) $(srcdir)/sudo_edit.c $(CC) -c $(CPPFLAGS) $(CFLAGS) $(DEFS) $(OPTIONS) $(srcdir)/sudo_edit.c

5
src/parse_args.c
View File

@@ -188,8 +188,11 @@ parse_args(int argc, char **argv, int *nargc, char ***nargv, char ***settingsp,
break; break;
#endif #endif
case 'D': case 'D':
if ((debug_level = atoi(optarg)) < 1 || debug_level > 9) {
warningx("the argument to -D must be between 1 and 9 inclusive");
usage(1);
}
sudo_settings.D.value = optarg; sudo_settings.D.value = optarg;
debug_level = atoi(optarg);
break; break;
case 'E': case 'E':
sudo_settings.c.value = "true"; sudo_settings.c.value = "true";

10
src/sudo_usage.h.in
View File

@@ -23,10 +23,10 @@
* Usage strings for sudo. These are here because we * Usage strings for sudo. These are here because we
* need to be able to substitute values from configure. * need to be able to substitute values from configure.
*/ */
#define SUDO_USAGE1 " -h | -K | -k | -L | -V" #define SUDO_USAGE1 " [-D level] -h | -K | -k | -L | -V"
#define SUDO_USAGE2 " -v [-AknS] @BSDAUTH_USAGE@[-g groupname|#gid] [-p prompt] [-u user name|#uid]" #define SUDO_USAGE2 " -v [-AknS] @BSDAUTH_USAGE@[-D level] [-g groupname|#gid] [-p prompt] [-u user name|#uid]"
#define SUDO_USAGE3 " -l[l] [-AknS] @BSDAUTH_USAGE@[-g groupname|#gid] [-p prompt] [-U user name] [-u user name|#uid] [-g groupname|#gid] [command]" #define SUDO_USAGE3 " -l[l] [-AknS] @BSDAUTH_USAGE@[-D level] [-g groupname|#gid] [-p prompt] [-U user name] [-u user name|#uid] [-g groupname|#gid] [command]"
#define SUDO_USAGE4 " [-AbEHknPS] @BSDAUTH_USAGE@@SELINUX_USAGE@[-C fd] @LOGINCAP_USAGE@[-g groupname|#gid] [-p prompt] [-u user name|#uid] [-g groupname|#gid] [VAR=value] [-i|-s] [<command>]" #define SUDO_USAGE4 " [-AbEHknPS] @BSDAUTH_USAGE@@SELINUX_USAGE@[-C fd] [-D level] @LOGINCAP_USAGE@[-g groupname|#gid] [-p prompt] [-u user name|#uid] [-g groupname|#gid] [VAR=value] [-i|-s] [<command>]"
#define SUDO_USAGE5 " -e [-AknS] @BSDAUTH_USAGE@@SELINUX_USAGE@[-C fd] @LOGINCAP_USAGE@[-g groupname|#gid] [-p prompt] [-u user name|#uid] file ..." #define SUDO_USAGE5 " -e [-AknS] @BSDAUTH_USAGE@@SELINUX_USAGE@[-C fd] [-D level] @LOGINCAP_USAGE@[-g groupname|#gid] [-p prompt] [-u user name|#uid] file ..."
#endif /* _SUDO_USAGE_H */ #endif /* _SUDO_USAGE_H */