isa/sudo
1
0
Fork 0
Code Issues Pull Requests Actions 1 Packages Projects Releases Wiki Activity

regen

Browse Source
This commit is contained in:
Todd C. Miller
2004-06-07 00:12:23 +00:00
parent 62732558c3
commit 34288539a9
1 changed files with 100 additions and 100 deletions
Download Patch File Download Diff File Expand all files Collapse all files

200
sudoers.cat
View File

@@ -1,7 +1,7 @@
SUDOERS(5) MAINTENANCE COMMANDS SUDOERS(5)
SUDOERS(4) MAINTENANCE COMMANDS SUDOERS(4)
NNAAMMEE
@@ -61,13 +61,13 @@ DDEESSCCRRIIPPTTIIOONN
1.6.8 May 27, 2004 1
1.6.8 June 6, 2004 1
SUDOERS(5) MAINTENANCE COMMANDS SUDOERS(5)
SUDOERS(4) MAINTENANCE COMMANDS SUDOERS(4)
Host_Alias ::= NAME '=' Host_List
@@ -127,13 +127,13 @@ SUDOERS(5) MAINTENANCE COMMANDS SUDOERS(5)
1.6.8 May 27, 2004 2
1.6.8 June 6, 2004 2
SUDOERS(5) MAINTENANCE COMMANDS SUDOERS(5)
SUDOERS(4) MAINTENANCE COMMANDS SUDOERS(4)
Host_List ::= Host |
@@ -193,13 +193,13 @@ SUDOERS(5) MAINTENANCE COMMANDS SUDOERS(5)
1.6.8 May 27, 2004 3
1.6.8 June 6, 2004 3
SUDOERS(5) MAINTENANCE COMMANDS SUDOERS(5)
SUDOERS(4) MAINTENANCE COMMANDS SUDOERS(4)
arguments: ',', ':', '=', '\'. The special command
@@ -246,8 +246,9 @@ SUDOERS(5) MAINTENANCE COMMANDS SUDOERS(5)
to remove an element that does not exist in a list.
Note that since the _s_u_d_o_e_r_s file is parsed in order the
best place to put the Defaults section is after the Host,
User, and Cmnd aliases but before the user specifications.
best place to put the Defaults section is after the
Host_Alias, User_Alias, and Cmnd_Alias specifications but
before any Runas_Alias or user specifications.
FFllaaggss:
@@ -255,19 +256,19 @@ SUDOERS(5) MAINTENANCE COMMANDS SUDOERS(5)
When validating with a One Time Password
scheme (SS//KKeeyy or OOPPIIEE), a two-line prompt is
used to make it easier to cut and paste the
1.6.8 June 6, 2004 4
SUDOERS(4) MAINTENANCE COMMANDS SUDOERS(4)
challenge to a local window. It's not as
1.6.8 May 27, 2004 4
SUDOERS(5) MAINTENANCE COMMANDS SUDOERS(5)
pretty as the default but some people find it
more convenient. This flag is _o_f_f by default.
@@ -324,14 +325,13 @@ SUDOERS(5) MAINTENANCE COMMANDS SUDOERS(5)
1.6.8 May 27, 2004 5
1.6.8 June 6, 2004 5
SUDOERS(5) MAINTENANCE COMMANDS SUDOERS(5)
SUDOERS(4) MAINTENANCE COMMANDS SUDOERS(4)
root_sudo If set, root is allowed to run ssuuddoo too. Dis<69>
@@ -391,13 +391,13 @@ SUDOERS(5) MAINTENANCE COMMANDS SUDOERS(5)
1.6.8 May 27, 2004 6
1.6.8 June 6, 2004 6
SUDOERS(5) MAINTENANCE COMMANDS SUDOERS(5)
SUDOERS(4) MAINTENANCE COMMANDS SUDOERS(4)
preserve_groups
@@ -457,13 +457,13 @@ SUDOERS(5) MAINTENANCE COMMANDS SUDOERS(5)
1.6.8 May 27, 2004 7
1.6.8 June 6, 2004 7
SUDOERS(5) MAINTENANCE COMMANDS SUDOERS(5)
SUDOERS(4) MAINTENANCE COMMANDS SUDOERS(4)
This flag is _o_f_f by default.
@@ -523,13 +523,13 @@ SUDOERS(5) MAINTENANCE COMMANDS SUDOERS(5)
1.6.8 May 27, 2004 8
1.6.8 June 6, 2004 8
SUDOERS(5) MAINTENANCE COMMANDS SUDOERS(5)
SUDOERS(4) MAINTENANCE COMMANDS SUDOERS(4)
exists. Only available if ssuuddoo is configured
@@ -589,13 +589,13 @@ SUDOERS(5) MAINTENANCE COMMANDS SUDOERS(5)
1.6.8 May 27, 2004 9
1.6.8 June 6, 2004 9
SUDOERS(5) MAINTENANCE COMMANDS SUDOERS(5)
SUDOERS(4) MAINTENANCE COMMANDS SUDOERS(4)
badpass_message
@@ -640,7 +640,9 @@ SUDOERS(5) MAINTENANCE COMMANDS SUDOERS(5)
runas_default
The default user to run commands as if the --uu
flag is not specified on the command line.
This defaults to root.
This defaults to root. Note that if
_r_u_n_a_s___d_e_f_a_u_l_t is set it mmuusstt occur before any
Runas_Alias specifications.
syslog_goodpri
Syslog priority to use when user authenticates
@@ -650,20 +652,20 @@ SUDOERS(5) MAINTENANCE COMMANDS SUDOERS(5)
Syslog priority to use when user authenticates
unsuccessfully. Defaults to alert.
1.6.8 June 6, 2004 10
SUDOERS(4) MAINTENANCE COMMANDS SUDOERS(4)
editor A colon (':') separated list of editors
allowed to be used with vviissuuddoo. vviissuuddoo will
1.6.8 May 27, 2004 10
SUDOERS(5) MAINTENANCE COMMANDS SUDOERS(5)
choose the editor that matches the user's USER
environment variable if possible, or the first
editor in the list that exists and is exe<78>
@@ -715,21 +717,21 @@ SUDOERS(5) MAINTENANCE COMMANDS SUDOERS(5)
mailto Address to send warning and error mail to.
The address should be enclosed in double
quotes (") to protect against sudo interpret<65>
ing the @ sign. Defaults to root.
quotes (") to protect against sudo
1.6.8 May 27, 2004 11
1.6.8 June 6, 2004 11
SUDOERS(5) MAINTENANCE COMMANDS SUDOERS(5)
SUDOERS(4) MAINTENANCE COMMANDS SUDOERS(4)
interpreting the @ sign. Defaults to root.
exempt_group
Users in this group are exempt from password
and PATH requirements. This is not set by
@@ -782,20 +784,20 @@ SUDOERS(5) MAINTENANCE COMMANDS SUDOERS(5)
env_check Environment variables to be removed from the
user's environment if the variable's value
contains % or / characters. This can be used
1.6.8 June 6, 2004 12
SUDOERS(4) MAINTENANCE COMMANDS SUDOERS(4)
to guard against printf-style format vulnera<72>
bilities in poorly-written programs. The
1.6.8 May 27, 2004 12
SUDOERS(5) MAINTENANCE COMMANDS SUDOERS(5)
argument may be a double-quoted, space-sepa<70>
rated list or a single value without dou<6F>
ble-quotes. The list can be replaced, added
@@ -848,20 +850,20 @@ SUDOERS(5) MAINTENANCE COMMANDS SUDOERS(5)
Cmnd_Spec ::= Runas_Spec? Tag_Spec* Cmnd
1.6.8 June 6, 2004 13
SUDOERS(4) MAINTENANCE COMMANDS SUDOERS(4)
Runas_Spec ::= '(' Runas_List ')'
1.6.8 May 27, 2004 13
SUDOERS(5) MAINTENANCE COMMANDS SUDOERS(5)
Tag_Spec ::= ('NOPASSWD:' | 'PASSWD:' | 'NOEXEC:' | 'EXEC:')
A uusseerr ssppeecciiffiiccaattiioonn determines which commands a user may
@@ -915,19 +917,18 @@ SUDOERS(5) MAINTENANCE COMMANDS SUDOERS(5)
ray rushmore = NOPASSWD: /bin/kill, /bin/ls, /usr/bin/lprm
1.6.8 June 6, 2004 14
SUDOERS(4) MAINTENANCE COMMANDS SUDOERS(4)
would allow the user rraayy to run _/_b_i_n_/_k_i_l_l, _/_b_i_n_/_l_s, and
1.6.8 May 27, 2004 14
SUDOERS(5) MAINTENANCE COMMANDS SUDOERS(5)
_/_u_s_r_/_b_i_n_/_l_p_r_m as root on the machine rushmore as rroooott
without authenticating himself. If we only want rraayy to be
able to run _/_b_i_n_/_k_i_l_l without a password the entry would
@@ -984,14 +985,13 @@ SUDOERS(5) MAINTENANCE COMMANDS SUDOERS(5)
1.6.8 May 27, 2004 15
1.6.8 June 6, 2004 15
SUDOERS(5) MAINTENANCE COMMANDS SUDOERS(5)
SUDOERS(4) MAINTENANCE COMMANDS SUDOERS(4)
Note that a forward slash ('/') will nnoott be matched by
@@ -1051,13 +1051,13 @@ EEXXAAMMPPLLEESS
1.6.8 May 27, 2004 16
1.6.8 June 6, 2004 16
SUDOERS(5) MAINTENANCE COMMANDS SUDOERS(5)
SUDOERS(4) MAINTENANCE COMMANDS SUDOERS(4)
these are a bit contrived. First, we define our _a_l_i_a_s_e_s:
@@ -1117,13 +1117,13 @@ SUDOERS(5) MAINTENANCE COMMANDS SUDOERS(5)
1.6.8 May 27, 2004 17
1.6.8 June 6, 2004 17
SUDOERS(5) MAINTENANCE COMMANDS SUDOERS(5)
SUDOERS(4) MAINTENANCE COMMANDS SUDOERS(4)
root ALL = (ALL) ALL
@@ -1183,13 +1183,13 @@ SUDOERS(5) MAINTENANCE COMMANDS SUDOERS(5)
1.6.8 May 27, 2004 18
1.6.8 June 6, 2004 18
SUDOERS(5) MAINTENANCE COMMANDS SUDOERS(5)
SUDOERS(4) MAINTENANCE COMMANDS SUDOERS(4)
and ooppeerraattoorr).
@@ -1249,13 +1249,13 @@ SUDOERS(5) MAINTENANCE COMMANDS SUDOERS(5)
1.6.8 May 27, 2004 19
1.6.8 June 6, 2004 19
SUDOERS(5) MAINTENANCE COMMANDS SUDOERS(5)
SUDOERS(4) MAINTENANCE COMMANDS SUDOERS(4)
Any user may mount or unmount a CD-ROM on the machines in
@@ -1315,13 +1315,13 @@ PPRREEVVEENNTTIINNGG SSHHEELLLL EESSCCAAPPEESS
1.6.8 May 27, 2004 20
1.6.8 June 6, 2004 20
SUDOERS(5) MAINTENANCE COMMANDS SUDOERS(5)
SUDOERS(4) MAINTENANCE COMMANDS SUDOERS(4)
Tru64 UNIX, MacOS X, and HP-UX 11.x. It is known nnoott to
@@ -1381,6 +1381,6 @@ SSEEEE AALLSSOO
1.6.8 May 27, 2004 21
1.6.8 June 6, 2004 21