isa/sudo
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Add some missing markup

Browse Source 
Update copyright
This commit is contained in:
Todd C. Miller
2007-08-13 16:23:14 +00:00
parent f90beb2b2b
commit 0a96fe4076
3 changed files with 17 additions and 18 deletions
Download Patch File Download Diff File Expand all files Collapse all files

26
sudo.pod
View File

@@ -60,8 +60,8 @@ When invoked as B<sudoedit>, the B<-e> option (described below),
is implied. is implied.
B<sudo> determines who is an authorized user by consulting the file B<sudo> determines who is an authorized user by consulting the file
F<@sysconfdir@/sudoers>. By giving B<sudo> the B<-v> flag a user F<@sysconfdir@/sudoers>. By giving B<sudo> the B<-v> flag, a user
can update the time stamp without running a I<command.> The password can update the time stamp without running a I<command>. The password
prompt itself will also time out if the user's password is not prompt itself will also time out if the user's password is not
entered within C<@password_timeout@> minutes (unless overridden via entered within C<@password_timeout@> minutes (unless overridden via
I<sudoers>). I<sudoers>).
@@ -97,11 +97,10 @@ B<sudo> accepts the following command line options:
The B<-a> (I<authentication type>) option causes B<sudo> to use the The B<-a> (I<authentication type>) option causes B<sudo> to use the
specified authentication type when validating the user, as allowed specified authentication type when validating the user, as allowed
by /etc/login.conf. The system administrator may specify a list by F</etc/login.conf>. The system administrator may specify a list
of sudo-specific authentication methods by adding an "auth-sudo" of sudo-specific authentication methods by adding an "auth-sudo"
entry in /etc/login.conf. This option is only available on systems entry in F</etc/login.conf>. This option is only available on systems
that support BSD authentication where B<sudo> has been configured that support BSD authentication.
with the --with-bsdauth option.
=item -b =item -b
@@ -123,18 +122,17 @@ L<sudoers(5)>.
The B<-c> (I<class>) option causes B<sudo> to run the specified command The B<-c> (I<class>) option causes B<sudo> to run the specified command
with resources limited by the specified login class. The I<class> with resources limited by the specified login class. The I<class>
argument can be either a class name as defined in /etc/login.conf, argument can be either a class name as defined in F</etc/login.conf>,
or a single '-' character. Specifying a I<class> of C<-> indicates or a single '-' character. Specifying a I<class> of C<-> indicates
that the command should be run restricted by the default login that the command should be run restricted by the default login
capabilities for the user the command is run as. If the I<class> capabilities for the user the command is run as. If the I<class>
argument specifies an existing user class, the command must be run argument specifies an existing user class, the command must be run
as root, or the B<sudo> command must be run from a shell that is already as root, or the B<sudo> command must be run from a shell that is already
root. This option is only available on systems with BSD login classes root. This option is only available on systems with BSD login classes.
where B<sudo> has been configured with the --with-logincap option.
=item -E =item -E
The B<-E> (I<preserve environment>) option will override the The B<-E> (I<preserve> I<environment>) option will override the
I<env_reset> option in L<sudoers(5)>). It is only I<env_reset> option in L<sudoers(5)>). It is only
available when either the matching command has the C<SETENV> tag available when either the matching command has the C<SETENV> tag
or the I<setenv> option is set in L<sudoers(5)>. or the I<setenv> option is set in L<sudoers(5)>.
@@ -215,7 +213,7 @@ file.
The B<-L> (I<list> defaults) option will list out the parameters The B<-L> (I<list> defaults) option will list out the parameters
that may be set in a I<Defaults> line along with a short description that may be set in a I<Defaults> line along with a short description
for each. This option is useful in conjunction with grep(1). for each. This option is useful in conjunction with L<grep(1)>.
=item -l [I<command>] =item -l [I<command>]
@@ -229,7 +227,7 @@ exit with a return value of 1.
=item -P =item -P
The B<-P> (I<preserve group vector>) option causes B<sudo> to The B<-P> (I<preserve> I<group vector>) option causes B<sudo> to
preserve the invoking user's group vector unaltered. By default, preserve the invoking user's group vector unaltered. By default,
B<sudo> will initialize the group vector to the list of groups the B<sudo> will initialize the group vector to the list of groups the
target user is in. The real and effective group IDs, however, are target user is in. The real and effective group IDs, however, are
@@ -313,7 +311,7 @@ a command.
=item -- =item --
The C<--> flag indicates that B<sudo> should stop processing command The B<--> flag indicates that B<sudo> should stop processing command
line arguments. It is most useful in conjunction with the B<-s> flag. line arguments. It is most useful in conjunction with the B<-s> flag.
=back =back
@@ -433,7 +431,7 @@ In B<-s> or B<-H> mode (or if sudo was configured with the
=item C<PATH> =item C<PATH>
Set to a sane value if sudo was configured with the --with-secure-path option Set to a sane value if the I<secure_path> sudoers option is set.
=item C<SHELL> =item C<SHELL>

7
sudoers.pod
View File

@@ -1,5 +1,6 @@
=cut =cut
Copyright (c) 1994-1996,1998-2005 Todd C. Miller <Todd.Miller@courtesan.com> Copyright (c) 1994-1996, 1998-2005, 2007
Todd C. Miller <Todd.Miller@courtesan.com>
Permission to use, copy, modify, and distribute this software for any Permission to use, copy, modify, and distribute this software for any
purpose with or without fee is hereby granted, provided that the above purpose with or without fee is hereby granted, provided that the above
@@ -1137,7 +1138,7 @@ machines in the I<SERVERS> C<Host_Alias>, we keep an additional
local log file and make sure we log the year in each log line since local log file and make sure we log the year in each log line since
the log entries will be kept around for several years. Lastly, we the log entries will be kept around for several years. Lastly, we
disable shell escapes for the commands in the PAGERS C<Cmnd_Alias> disable shell escapes for the commands in the PAGERS C<Cmnd_Alias>
(/usr/bin/more, /usr/bin/pg and /usr/bin/less). (F</usr/bin/more>, F</usr/bin/pg> and F</usr/bin/less>).
# Override built-in defaults # Override built-in defaults
Defaults syslog=auth Defaults syslog=auth
@@ -1233,7 +1234,7 @@ in the I<SERVERS> C<Host_Alias> (master, mail, www and ns).
jill SERVERS = /usr/bin/, !SU, !SHELLS jill SERVERS = /usr/bin/, !SU, !SHELLS
For any machine in the I<SERVERS> C<Host_Alias>, B<jill> may run For any machine in the I<SERVERS> C<Host_Alias>, B<jill> may run
any commands in the directory /usr/bin/ except for those commands any commands in the directory F</usr/bin/> except for those commands
belonging to the I<SU> and I<SHELLS> C<Cmnd_Aliases>. belonging to the I<SU> and I<SHELLS> C<Cmnd_Aliases>.
steve CSNETS = (operator) /usr/local/op_commands/ steve CSNETS = (operator) /usr/local/op_commands/

2
visudo.pod
View File

@@ -1,5 +1,5 @@
=cut =cut
Copyright (c) 1996,1998-2004 Todd C. Miller <Todd.Miller@courtesan.com> Copyright (c) 1996,1998-2005, 2007 Todd C. Miller <Todd.Miller@courtesan.com>
Permission to use, copy, modify, and distribute this software for any Permission to use, copy, modify, and distribute this software for any
purpose with or without fee is hereby granted, provided that the above purpose with or without fee is hereby granted, provided that the above