isa/sudo
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Sudo now stashes tty ctime for tty_tickets on Solaris too.

Browse Source
This commit is contained in:
Todd C. Miller
2010-06-03 08:32:53 -04:00
parent fd1765b562
commit 59e2925374
3 changed files with 30 additions and 30 deletions
Download Patch File Download Diff File Expand all files Collapse all files

34
doc/sudo.cat
View File

@@ -61,7 +61,7 @@ DDEESSCCRRIIPPTTIIOONN
1.8.0a2 May 28, 2010 1
1.8.0a2 June 3, 2010 1
@@ -127,7 +127,7 @@ OOPPTTIIOONNSS
1.8.0a2 May 28, 2010 2
1.8.0a2 June 3, 2010 2
@@ -193,7 +193,7 @@ SUDO(1m) MAINTENANCE COMMANDS SUDO(1m)
1.8.0a2 May 28, 2010 3
1.8.0a2 June 3, 2010 3
@@ -259,7 +259,7 @@ SUDO(1m) MAINTENANCE COMMANDS SUDO(1m)
1.8.0a2 May 28, 2010 4
1.8.0a2 June 3, 2010 4
@@ -325,7 +325,7 @@ SUDO(1m) MAINTENANCE COMMANDS SUDO(1m)
1.8.0a2 May 28, 2010 5
1.8.0a2 June 3, 2010 5
@@ -391,7 +391,7 @@ SSEECCUURRIITTYY NNOOTTEESS
1.8.0a2 May 28, 2010 6
1.8.0a2 June 3, 2010 6
@@ -447,17 +447,17 @@ SUDO(1m) MAINTENANCE COMMANDS SUDO(1m)
modification time is within 5 minutes (or whatever the timeout is set
to in _s_u_d_o_e_r_s). When the _t_t_y___t_i_c_k_e_t_s option is enabled in _s_u_d_o_e_r_s, the
time stamp has per-tty granularity but still may outlive the user's
session. On Linux systems where the devpts filesystem is used, as well
as other systems that utilize a devfs filesystem that monotonically
increase the inode number of devices as they are created (such as Mac
OS X), ssuuddoo is able to determine when a tty-based time stamp file is
stale and will ignore it. Administrators should not rely on this
feature as it is not universally available.
session. On Linux systems where the devpts filesystem is used, Solaris
systems with the devices filesystem, as well as other systems that
utilize a devfs filesystem that monotonically increase the inode number
of devices as they are created (such as Mac OS X), ssuuddoo is able to
determine when a tty-based time stamp file is stale and will ignore it.
Administrators should not rely on this feature as it is not universally
available.
1.8.0a2 May 28, 2010 7
1.8.0a2 June 3, 2010 7
@@ -523,7 +523,7 @@ FFIILLEESS
1.8.0a2 May 28, 2010 8
1.8.0a2 June 3, 2010 8
@@ -589,7 +589,7 @@ CCAAVVEEAATTSS
1.8.0a2 May 28, 2010 9
1.8.0a2 June 3, 2010 9
@@ -655,6 +655,6 @@ DDIISSCCLLAAIIMMEERR
1.8.0a2 May 28, 2010 10
1.8.0a2 June 3, 2010 10

14
doc/sudo.man.in
View File

@@ -148,7 +148,7 @@
.\" ========================================================================
.\"
.IX Title "SUDO @mansectsu@"
.TH SUDO @mansectsu@ "May 28, 2010" "1.8.0a2" "MAINTENANCE COMMANDS"
.TH SUDO @mansectsu@ "June 3, 2010" "1.8.0a2" "MAINTENANCE COMMANDS"
.\" For nroff, turn off justification. Always turn off hyphenation; it makes
.\" way too many mistakes in technical documents.
.if n .ad l
@@ -590,12 +590,12 @@ stamp file's modification time is within \f(CW\*(C`@timeout@\*(C'\fR minutes (or
whatever the timeout is set to in \fIsudoers\fR). When the \fItty_tickets\fR
option is enabled in \fIsudoers\fR, the time stamp has per-tty granularity
but still may outlive the user's session. On Linux systems where
the devpts filesystem is used, as well as other systems that utilize
a devfs filesystem that monotonically increase the inode number of
devices as they are created (such as Mac \s-1OS\s0 X), \fBsudo\fR is able to
determine when a tty-based time stamp file is stale and will ignore
it. Administrators should not rely on this feature as it is not
universally available.
the devpts filesystem is used, Solaris systems with the devices
filesystem, as well as other systems that utilize a devfs filesystem
that monotonically increase the inode number of devices as they are
created (such as Mac \s-1OS\s0 X), \fBsudo\fR is able to determine when a
tty-based time stamp file is stale and will ignore it. Administrators
should not rely on this feature as it is not universally available.
.PP
Please note that \fBsudo\fR will normally only log the command it
explicitly runs. If a user runs a command such as \f(CW\*(C`sudo su\*(C'\fR or

12
doc/sudo.pod
View File

@@ -493,12 +493,12 @@ stamp file's modification time is within C<@timeout@> minutes (or
whatever the timeout is set to in I<sudoers>). When the I<tty_tickets>
option is enabled in I<sudoers>, the time stamp has per-tty granularity
but still may outlive the user's session. On Linux systems where
the devpts filesystem is used, as well as other systems that utilize
a devfs filesystem that monotonically increase the inode number of
devices as they are created (such as Mac OS X), B<sudo> is able to
determine when a tty-based time stamp file is stale and will ignore
it. Administrators should not rely on this feature as it is not
universally available.
the devpts filesystem is used, Solaris systems with the devices
filesystem, as well as other systems that utilize a devfs filesystem
that monotonically increase the inode number of devices as they are
created (such as Mac OS X), B<sudo> is able to determine when a
tty-based time stamp file is stale and will ignore it. Administrators
should not rely on this feature as it is not universally available.
Please note that B<sudo> will normally only log the command it
explicitly runs. If a user runs a command such as C<sudo su> or