isa/sudo
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Document "sudo -ll command" output.

Browse Source
This commit is contained in:
Todd C. Miller
2023-08-09 10:57:16 -06:00
parent 60eef27e6d
commit 6842dd1bfd
2 changed files with 33 additions and 8 deletions
Download Patch File Download Diff File Expand all files Collapse all files

21
docs/sudo.man.in
View File

@@ -25,7 +25,7 @@
.nr BA @BAMAN@ .nr BA @BAMAN@
.nr LC @LCMAN@ .nr LC @LCMAN@
.nr PS @PSMAN@ .nr PS @PSMAN@
.TH "SUDO" "@mansectsu@" "June 18, 2023" "Sudo @PACKAGE_VERSION@" "System Manager's Manual" .TH "SUDO" "@mansectsu@" "August 9, 2023" "Sudo @PACKAGE_VERSION@" "System Manager's Manual"
.nh .nh
.if n .ad l .if n .ad l
.SH "NAME" .SH "NAME"
@@ -582,11 +582,21 @@ and the security policy supports a verbose output format.
.sp .sp
If a If a
\fIcommand\fR \fIcommand\fR
is specified and is permitted by the security policy, the fully-qualified is specified and is permitted by the security policy for the invoking
path to the user (or the,
\fIuser\fR
specified by the
\fB\-U\fR
option) on the current host,
the fully-qualified path to the
\fIcommand\fR \fIcommand\fR
is displayed along with any is displayed along with any
\fIarg\fRs. \fIarg\fRs.
If
\fB\-l\fR
is specified more than once (and the security policy supports it),
the matching rule is displayed in a verbose format along with the
\fIcommand\fR.
If a If a
\fIcommand\fR \fIcommand\fR
is specified but not allowed by the policy, is specified but not allowed by the policy,
@@ -601,9 +611,12 @@ Unlike the
flag, existing cached credentials are used if they are valid. flag, existing cached credentials are used if they are valid.
To detect when the user's cached credentials are valid (or when no To detect when the user's cached credentials are valid (or when no
authentication is required), the following can be used: authentication is required), the following can be used:
.RS 14n .nf
.sp
.RS 12n
sudo -Nnv sudo -Nnv
.RE .RE
.fi
.RS 8n .RS 8n
.sp .sp
Not all security policies support credential caching. Not all security policies support credential caching.

20
docs/sudo.mdoc.in
View File

@@ -24,7 +24,7 @@
.nr BA @BAMAN@ .nr BA @BAMAN@
.nr LC @LCMAN@ .nr LC @LCMAN@
.nr PS @PSMAN@ .nr PS @PSMAN@
.Dd June 18, 2023 .Dd August 9, 2023
.Dt SUDO @mansectsu@ .Dt SUDO @mansectsu@
.Os Sudo @PACKAGE_VERSION@ .Os Sudo @PACKAGE_VERSION@
.Sh NAME .Sh NAME
@@ -560,11 +560,21 @@ and the security policy supports a verbose output format.
.Pp .Pp
If a If a
.Ar command .Ar command
is specified and is permitted by the security policy, the fully-qualified is specified and is permitted by the security policy for the invoking
path to the user (or the,
.Ar user
specified by the
.Fl U
option) on the current host,
the fully-qualified path to the
.Ar command .Ar command
is displayed along with any is displayed along with any
.Ar arg Ns s. .Ar arg Ns s.
If
.Fl l
is specified more than once (and the security policy supports it),
the matching rule is displayed in a verbose format along with the
.Ar command .
If a If a
.Ar command .Ar command
is specified but not allowed by the policy, is specified but not allowed by the policy,
@@ -578,7 +588,9 @@ Unlike the
flag, existing cached credentials are used if they are valid. flag, existing cached credentials are used if they are valid.
To detect when the user's cached credentials are valid (or when no To detect when the user's cached credentials are valid (or when no
authentication is required), the following can be used: authentication is required), the following can be used:
.Dl sudo -Nnv .Bd -literal -offset 4n
sudo -Nnv
.Ed
.Pp .Pp
Not all security policies support credential caching. Not all security policies support credential caching.
.It Fl n , -non-interactive .It Fl n , -non-interactive