isa/sudo
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Document per-command Defaults.

Browse Source
This commit is contained in:
Todd C. Miller
2004-11-19 22:09:10 +00:00
parent fe869025c4
commit 9c954d803f
4 changed files with 168 additions and 150 deletions
Download Patch File Download Diff File Expand all files Collapse all files

20
sample.sudoers
View File

@@ -7,6 +7,16 @@
#
# $Sudo$
##
# Override built-in defaults
##
Defaults syslog=auth
Defaults>root !set_logname
Defaults:FULLTIMERS !lecture
Defaults:millert !authenticate
Defaults@SERVERS log_year, logfile=/var/log/sudo.log
Defaults!PAGERS noexec
##
# User alias specification
##
@@ -48,15 +58,7 @@ Cmnd_Alias SHELLS = /sbin/sh, /usr/bin/sh, /usr/bin/csh, /usr/bin/ksh, \
Cmnd_Alias SU = /usr/bin/su
Cmnd_Alias VIPW = /usr/sbin/vipw, /usr/bin/passwd, /usr/bin/chsh, \
/usr/bin/chfn
##
# Override built-in defaults
##
Defaults syslog=auth
Defaults>root !set_logname
Defaults:FULLTIMERS !lecture
Defaults:millert !authenticate
Defaults@SERVERS log_year, logfile=/var/log/sudo.log
Cmnd_Alias PAGERS = /usr/bin/more, /usr/bin/pg, /usr/bin/less
##
# User specification

266
sudoers.cat
View File

@@ -61,7 +61,7 @@ DDEESSCCRRIIPPTTIIOONN
1.6.9 November 12, 2004 1
1.6.9 November 19, 2004 1
@@ -127,7 +127,7 @@ SUDOERS(4) MAINTENANCE COMMANDS SUDOERS(4)
1.6.9 November 12, 2004 2
1.6.9 November 19, 2004 2
@@ -193,7 +193,7 @@ SUDOERS(4) MAINTENANCE COMMANDS SUDOERS(4)
1.6.9 November 12, 2004 3
1.6.9 November 19, 2004 3
@@ -221,12 +221,16 @@ SUDOERS(4) MAINTENANCE COMMANDS SUDOERS(4)
Certain configuration options may be changed from their
default values at runtime via one or more Default_Entry
lines. These may affect all users on any host, all users
on a specific host, a specific user, or commands being run
as a specific user.
on a specific host, a specific user, a specific command,
or commands being run as a specific user. Note that per-
command entries may not include command line arguments.
If you need to specify arguments, define a Cmnd_Alias and
reference that instead.
Default_Type ::= 'Defaults' |
'Defaults' '@' Host |
'Defaults' ':' User |
'Defaults' '!' Cmnd |
'Defaults' '>' RunasUser
Default_Entry ::= Default_Type Parameter_List
@@ -252,14 +256,10 @@ SUDOERS(4) MAINTENANCE COMMANDS SUDOERS(4)
respectively. It is not an error to use the -= operator
to remove an element that does not exist in a list.
FFllaaggss:
long_otp_prompt
When validating with a One Time Password
1.6.9 November 12, 2004 4
1.6.9 November 19, 2004 4
@@ -268,6 +268,10 @@ SUDOERS(4) MAINTENANCE COMMANDS SUDOERS(4)
SUDOERS(4) MAINTENANCE COMMANDS SUDOERS(4)
FFllaaggss:
long_otp_prompt
When validating with a One Time Password
scheme (SS//KKeeyy or OOPPIIEE), a two-line prompt is
used to make it easier to cut and paste the
challenge to a local window. It's not as
@@ -276,7 +280,7 @@ SUDOERS(4) MAINTENANCE COMMANDS SUDOERS(4)
ignore_dot If set, ssuuddoo will ignore '.' or '' (current
dir) in the PATH environment variable; the
PATH itself is not modified. This flag is _o_n
PATH itself is not modified. This flag is _o_f_f
by default.
mail_always Send mail to the _m_a_i_l_t_o user every time a
@@ -318,14 +322,10 @@ SUDOERS(4) MAINTENANCE COMMANDS SUDOERS(4)
If set, users must authenticate themselves via
a password (or other means of authentication)
before they may run commands. This default
may be overridden via the PASSWD and NOPASSWD
tags. This flag is _o_n by default.
root_sudo If set, root is allowed to run ssuuddoo too.
1.6.9 November 12, 2004 5
1.6.9 November 19, 2004 5
@@ -334,7 +334,11 @@ SUDOERS(4) MAINTENANCE COMMANDS SUDOERS(4)
SUDOERS(4) MAINTENANCE COMMANDS SUDOERS(4)
Disabling this prevents users from "chaining"
may be overridden via the PASSWD and NOPASSWD
tags. This flag is _o_n by default.
root_sudo If set, root is allowed to run ssuuddoo too. Dis<69>
abling this prevents users from "chaining"
ssuuddoo commands to get a root shell by doing
something like "sudo sudo /bin/sh". Note,
however, that turning off _r_o_o_t___s_u_d_o will also
@@ -384,14 +388,10 @@ SUDOERS(4) MAINTENANCE COMMANDS SUDOERS(4)
tage is that if the executable is simply not
in the user's PATH, ssuuddoo will tell the user
that they are not allowed to run it, which can
be confusing. This flag is _o_f_f by default.
preserve_groups
By default ssuuddoo will initialize the group
1.6.9 November 12, 2004 6
1.6.9 November 19, 2004 6
@@ -400,12 +400,16 @@ SUDOERS(4) MAINTENANCE COMMANDS SUDOERS(4)
SUDOERS(4) MAINTENANCE COMMANDS SUDOERS(4)
vector to the list of groups the target user
is in. When _p_r_e_s_e_r_v_e___g_r_o_u_p_s is set, the
user's existing group vector is left unal<61>
tered. The real and effective group IDs, how<EFBFBD>
ever, are still set to match the target user.
This flag is _o_f_f by default.
be confusing. This flag is _o_f_f by default.
preserve_groups
By default ssuuddoo will initialize the group vec<EFBFBD>
tor to the list of groups the target user is
in. When _p_r_e_s_e_r_v_e___g_r_o_u_p_s is set, the user's
existing group vector is left unaltered. The
real and effective group IDs, however, are
still set to match the target user. This flag
is _o_f_f by default.
fqdn Set this flag if you want to put fully quali<6C>
fied hostnames in the _s_u_d_o_e_r_s file. I.e.,
@@ -426,7 +430,7 @@ SUDOERS(4) MAINTENANCE COMMANDS SUDOERS(4)
set _f_q_d_n. This flag is _o_f_f by default.
insults If set, ssuuddoo will insult users when they enter
an incorrect password. This flag is _o_n by
an incorrect password. This flag is _o_f_f by
default.
requiretty If set, ssuuddoo will only run when the user is
@@ -447,17 +451,13 @@ SUDOERS(4) MAINTENANCE COMMANDS SUDOERS(4)
is to place a colon-separated list of editors
in the editor variable. vviissuuddoo will then only
use the EDITOR or VISUAL if they match a value
specified in editor. This flag is on by
specified in editor. This flag is off by
default.
rootpw If set, ssuuddoo will prompt for the root password
instead of the password of the invoking user.
This flag is _o_f_f by default.
1.6.9 November 12, 2004 7
1.6.9 November 19, 2004 7
@@ -466,6 +466,10 @@ SUDOERS(4) MAINTENANCE COMMANDS SUDOERS(4)
SUDOERS(4) MAINTENANCE COMMANDS SUDOERS(4)
rootpw If set, ssuuddoo will prompt for the root password
instead of the password of the invoking user.
This flag is _o_f_f by default.
runaspw If set, ssuuddoo will prompt for the password of
the user defined by the _r_u_n_a_s___d_e_f_a_u_l_t option
(defaults to root) instead of the password of
@@ -516,14 +520,10 @@ SUDOERS(4) MAINTENANCE COMMANDS SUDOERS(4)
use_loginclass
If set, ssuuddoo will apply the defaults specified
for the target user's login class if one
exists. Only available if ssuuddoo is configured
with the --with-logincap option. This flag is
_o_f_f by default.
1.6.9 November 12, 2004 8
1.6.9 November 19, 2004 8
@@ -532,6 +532,11 @@ SUDOERS(4) MAINTENANCE COMMANDS SUDOERS(4)
SUDOERS(4) MAINTENANCE COMMANDS SUDOERS(4)
for the target user's login class if one
exists. Only available if ssuuddoo is configured
with the --with-logincap option. This flag is
_o_f_f by default.
noexec If set, all commands run via ssuuddoo will behave
as if the NOEXEC tag has been set, unless
overridden by a EXEC tag. See the description
@@ -581,15 +586,10 @@ SUDOERS(4) MAINTENANCE COMMANDS SUDOERS(4)
log. The default is 80 (use 0 or negate the
option to disable word wrap).
timestamp_timeout
Number of minutes that can elapse before ssuuddoo
will ask for a passwd again. The default is
5. Set this to 0 to always prompt for a pass<73>
word. If set to a value less than 0 the
1.6.9 November 12, 2004 9
1.6.9 November 19, 2004 9
@@ -598,6 +598,11 @@ SUDOERS(4) MAINTENANCE COMMANDS SUDOERS(4)
SUDOERS(4) MAINTENANCE COMMANDS SUDOERS(4)
timestamp_timeout
Number of minutes that can elapse before ssuuddoo
will ask for a passwd again. The default is
5. Set this to 0 to always prompt for a pass<73>
word. If set to a value less than 0 the
user's timestamp will never expire. This can
be used to allow users to create or delete
their own timestamps via sudo -v and sudo -k
@@ -648,14 +653,9 @@ SUDOERS(4) MAINTENANCE COMMANDS SUDOERS(4)
%h expanded to the local hostname without
the domain name
%H expanded to the local hostname includ<75>
ing the domain name (on if the
machine's hostname is fully qualified
or the _f_q_d_n option is set)
1.6.9 November 12, 2004 10
1.6.9 November 19, 2004 10
@@ -664,6 +664,11 @@ SUDOERS(4) MAINTENANCE COMMANDS SUDOERS(4)
SUDOERS(4) MAINTENANCE COMMANDS SUDOERS(4)
%H expanded to the local hostname includ<75>
ing the domain name (on if the
machine's hostname is fully qualified
or the _f_q_d_n option is set)
%% two consecutive % characters are col<6F>
laped into a single % character
@@ -713,15 +718,10 @@ SUDOERS(4) MAINTENANCE COMMANDS SUDOERS(4)
always Always lecture the user.
The default value is _o_n_c_e.
lecture_file
Path to a file containing an alternate ssuuddoo
lecture that will be used in place of the
1.6.9 November 12, 2004 11
1.6.9 November 19, 2004 11
@@ -730,6 +730,11 @@ SUDOERS(4) MAINTENANCE COMMANDS SUDOERS(4)
SUDOERS(4) MAINTENANCE COMMANDS SUDOERS(4)
The default value is _o_n_c_e.
lecture_file
Path to a file containing an alternate ssuuddoo
lecture that will be used in place of the
standard lecture if the named file exists.
logfile Path to the ssuuddoo log file (not the syslog log
@@ -738,7 +743,7 @@ SUDOERS(4) MAINTENANCE COMMANDS SUDOERS(4)
syslog Syslog facility if syslog is being used for
logging (negate to disable syslog logging).
Defaults to authpriv.
Defaults to local2.
mailerpath Path to mail program used to send warning
mail. Defaults to the path to sendmail found
@@ -779,15 +784,10 @@ SUDOERS(4) MAINTENANCE COMMANDS SUDOERS(4)
the NOPASSWD flag set to avoid enter<65>
ing a password.
never The user need never enter a password
to use the --vv flag.
always The user must always enter a password
to use the --vv flag.
1.6.9 November 12, 2004 12
1.6.9 November 19, 2004 12
@@ -796,6 +796,12 @@ SUDOERS(4) MAINTENANCE COMMANDS SUDOERS(4)
SUDOERS(4) MAINTENANCE COMMANDS SUDOERS(4)
never The user need never enter a password
to use the --vv flag.
always The user must always enter a password
to use the --vv flag.
The default value is `all'.
listpw This option controls when a password will be
@@ -844,16 +850,10 @@ SUDOERS(4) MAINTENANCE COMMANDS SUDOERS(4)
respectively. The default list of environment
variables to remove is printed when ssuuddoo is
run by root with the _-_V option. Note that
many operating systems will remove potentially
dangerous variables from the environment of
any setuid process (such as ssuuddoo).
env_keep Environment variables to be preserved in the
user's environment when the _e_n_v___r_e_s_e_t option
1.6.9 November 12, 2004 13
1.6.9 November 19, 2004 13
@@ -862,6 +862,12 @@ SUDOERS(4) MAINTENANCE COMMANDS SUDOERS(4)
SUDOERS(4) MAINTENANCE COMMANDS SUDOERS(4)
many operating systems will remove potentially
dangerous variables from the environment of
any setuid process (such as ssuuddoo).
env_keep Environment variables to be preserved in the
user's environment when the _e_n_v___r_e_s_e_t option
is in effect. This allows fine-grained con<6F>
trol over the environment ssuuddoo-spawned pro<72>
cesses will receive. The argument may be a
@@ -911,15 +917,9 @@ SUDOERS(4) MAINTENANCE COMMANDS SUDOERS(4)
commands that follow it. What this means is that for the
entry:
dgb boulder = (operator) /bin/ls, /bin/kill, /usr/bin/lprm
The user ddggbb may run _/_b_i_n_/_l_s, _/_b_i_n_/_k_i_l_l, and _/_u_s_r_/_b_i_n_/_l_p_r_m
-- but only as ooppeerraattoorr. E.g.,
1.6.9 November 12, 2004 14
1.6.9 November 19, 2004 14
@@ -928,6 +928,11 @@ SUDOERS(4) MAINTENANCE COMMANDS SUDOERS(4)
SUDOERS(4) MAINTENANCE COMMANDS SUDOERS(4)
dgb boulder = (operator) /bin/ls, /bin/kill, /usr/bin/lprm
The user ddggbb may run _/_b_i_n_/_l_s, _/_b_i_n_/_k_i_l_l, and _/_u_s_r_/_b_i_n_/_l_p_r_m
-- but only as ooppeerraattoorr. E.g.,
$ sudo -u operator /bin/ls.
It is also possible to override a Runas_Spec later on in
@@ -978,14 +983,9 @@ SUDOERS(4) MAINTENANCE COMMANDS SUDOERS(4)
tain to the current host. This behavior may be overridden
via the verifypw and listpw options.
_N_O_E_X_E_C _a_n_d _E_X_E_C
If ssuuddoo has been compiled with _n_o_e_x_e_c support and the
underlying operating system supports it, the NOEXEC tag
1.6.9 November 12, 2004 15
1.6.9 November 19, 2004 15
@@ -994,6 +994,10 @@ SUDOERS(4) MAINTENANCE COMMANDS SUDOERS(4)
SUDOERS(4) MAINTENANCE COMMANDS SUDOERS(4)
_N_O_E_X_E_C _a_n_d _E_X_E_C
If ssuuddoo has been compiled with _n_o_e_x_e_c support and the
underlying operating system supports it, the NOEXEC tag
can be used to prevent a dynamically-linked executable
from running further commands itself.
@@ -1045,13 +1049,9 @@ SUDOERS(4) MAINTENANCE COMMANDS SUDOERS(4)
used to escape special characters such as: "*",
"?", "[", and "}".
Note that a forward slash ('/') will nnoott be matched by
wildcards used in the pathname. When matching the command
line arguments, however, a slash ddooeess get matched by
1.6.9 November 12, 2004 16
1.6.9 November 19, 2004 16
@@ -1060,7 +1060,10 @@ SUDOERS(4) MAINTENANCE COMMANDS SUDOERS(4)
SUDOERS(4) MAINTENANCE COMMANDS SUDOERS(4)
wildcards. This is to make a path like:
Note that a forward slash ('/') will nnoott be matched by
wildcards used in the pathname. When matching the command
line arguments, however, a slash ddooeess get matched by wild<6C>
cards. This is to make a path like:
/usr/bin/*
@@ -1111,13 +1114,10 @@ SUDOERS(4) MAINTENANCE COMMANDS SUDOERS(4)
or Host_Alias. You should not try to define your own
_a_l_i_a_s called AALLLL as the built-in alias will be used in
preference to your own. Please note that using AALLLL can be
dangerous since in a command context, it allows the user
to run aannyy command on the system.
1.6.9 November 12, 2004 17
1.6.9 November 19, 2004 17
@@ -1126,6 +1126,9 @@ SUDOERS(4) MAINTENANCE COMMANDS SUDOERS(4)
SUDOERS(4) MAINTENANCE COMMANDS SUDOERS(4)
dangerous since in a command context, it allows the user
to run aannyy command on the system.
An exclamation point ('!') can be used as a logical _n_o_t
operator both in an _a_l_i_a_s and in front of a Cmnd. This
allows one to exclude certain values. Note, however, that
@@ -1180,10 +1183,7 @@ EEXXAAMMPPLLEESS
1.6.9 November 12, 2004 18
1.6.9 November 19, 2004 18
@@ -1204,6 +1204,7 @@ SUDOERS(4) MAINTENANCE COMMANDS SUDOERS(4)
/usr/local/bin/tcsh, /usr/bin/rsh, \
/usr/local/bin/zsh
Cmnd_Alias SU = /usr/bin/su
Cmnd_Alias PAGERS = /usr/bin/more, /usr/bin/pg, /usr/bin/less
Here we override some of the compiled in default values.
We want ssuuddoo to log via _s_y_s_l_o_g(3) using the _a_u_t_h facility
@@ -1214,7 +1215,9 @@ SUDOERS(4) MAINTENANCE COMMANDS SUDOERS(4)
Additionally, on the machines in the _S_E_R_V_E_R_S Host_Alias,
we keep an additional local log file and make sure we log
the year in each log line since the log entries will be
kept around for several years.
kept around for several years. Lastly, we disable shell
escapes for the commands in the PAGERS Cmnd_Alias
(/usr/bin/more, /usr/bin/pg and /usr/bin/less).
# Override built-in defaults
Defaults syslog=auth
@@ -1222,6 +1225,7 @@ SUDOERS(4) MAINTENANCE COMMANDS SUDOERS(4)
Defaults:FULLTIMERS !lecture
Defaults:millert !authenticate
Defaults@SERVERS log_year, logfile=/var/log/sudo.log
Defaults!PAGERS noexec
The _U_s_e_r _s_p_e_c_i_f_i_c_a_t_i_o_n is the part that actually deter<65>
mines who may run what.
@@ -1243,13 +1247,9 @@ SUDOERS(4) MAINTENANCE COMMANDS SUDOERS(4)
any command on any host but they must authenticate them<65>
selves first (since the entry lacks the NOPASSWD tag).
jack CSNETS = ALL
The user jjaacckk may run any command on the machines in the
1.6.9 November 12, 2004 19
1.6.9 November 19, 2004 19
@@ -1258,6 +1258,9 @@ SUDOERS(4) MAINTENANCE COMMANDS SUDOERS(4)
SUDOERS(4) MAINTENANCE COMMANDS SUDOERS(4)
jack CSNETS = ALL
The user jjaacckk may run any command on the machines in the
_C_S_N_E_T_S alias (the networks 128.138.243.0, 128.138.204.0,
and 128.138.242.0). Of those networks, only 128.138.204.0
has an explicit netmask (in CIDR notation) indicating it
@@ -1309,13 +1312,10 @@ SUDOERS(4) MAINTENANCE COMMANDS SUDOERS(4)
fred ALL = (DB) NOPASSWD: ALL
The user ffrreedd can run commands as any user in the _D_B
Runas_Alias (oorraaccllee or ssyybbaassee) without giving a password.
john ALPHA = /usr/bin/su [!-]*, !/usr/bin/su *root*
1.6.9 November 12, 2004 20
1.6.9 November 19, 2004 20
@@ -1324,6 +1324,10 @@ SUDOERS(4) MAINTENANCE COMMANDS SUDOERS(4)
SUDOERS(4) MAINTENANCE COMMANDS SUDOERS(4)
Runas_Alias (oorraaccllee or ssyybbaassee) without giving a password.
john ALPHA = /usr/bin/su [!-]*, !/usr/bin/su *root*
On the _A_L_P_H_A machines, user jjoohhnn may su to anyone except
root but he is not allowed to give _s_u(1) any flags.
@@ -1373,15 +1377,11 @@ SSEECCUURRIITTYY NNOOTTEESS
bill ALL = ALL, !SU, !SHELLS
Doesn't really prevent bbiillll from running the commands
listed in _S_U or _S_H_E_L_L_S since he can simply copy those com<6F>
mands to a different name, or use a shell escape from an
editor or other program. Therefore, these kind of
restrictions should be considered advisory at best (and
reinforced by policy).
listed in _S_U or _S_H_E_L_L_S since he can simply copy those
1.6.9 November 12, 2004 21
1.6.9 November 19, 2004 21
@@ -1390,6 +1390,11 @@ SSEECCUURRIITTYY NNOOTTEESS
SUDOERS(4) MAINTENANCE COMMANDS SUDOERS(4)
commands to a different name, or use a shell escape from
an editor or other program. Therefore, these kind of
restrictions should be considered advisory at best (and
reinforced by policy).
PPRREEVVEENNTTIINNGG SSHHEELLLL EESSCCAAPPEESS
Once ssuuddoo executes a program, that program is free to do
whatever it pleases, including run other programs. This
@@ -1439,15 +1444,10 @@ PPRREEVVEENNTTIINNGG SSHHEELLLL EESSCCAAPPEESS
_n_o_e_x_e_c will work at compile-time. _N_o_e_x_e_c should
work on SunOS, Solaris, *BSD, Linux, IRIX, Tru64
UNIX, MacOS X, and HP-UX 11.x. It is known nnoott
to work on AIX and UnixWare. _N_o_e_x_e_c is expected
to work on most operating systems that support
the LD_PRELOAD environment variable. Check your
operating system's manual pages for the dynamic
linker (usually ld.so, ld.so.1, dyld, dld.sl,
1.6.9 November 12, 2004 22
1.6.9 November 19, 2004 22
@@ -1456,6 +1456,11 @@ PPRREEVVEENNTTIINNGG SSHHEELLLL EESSCCAAPPEESS
SUDOERS(4) MAINTENANCE COMMANDS SUDOERS(4)
to work on AIX and UnixWare. _N_o_e_x_e_c is expected
to work on most operating systems that support
the LD_PRELOAD environment variable. Check your
operating system's manual pages for the dynamic
linker (usually ld.so, ld.so.1, dyld, dld.sl,
rld, or loader) to see if LD_PRELOAD is sup<75>
ported.
@@ -1505,15 +1510,10 @@ SUDOERS(4) MAINTENANCE COMMANDS SUDOERS(4)
tially hazardous operations (such as changing or overwrit<69>
ing files) that could lead to unintended privilege escala<6C>
tion. In the specific case of an editor, a safer approach
is to give the user permission to run ssuuddooeeddiitt.
SSEEEE AALLSSOO
_r_s_h(1), _s_u(1), _f_n_m_a_t_c_h(3), sudo(1m), visudo(1m)
1.6.9 November 12, 2004 23
1.6.9 November 19, 2004 23
@@ -1522,6 +1522,11 @@ SSEEEE AALLSSOO
SUDOERS(4) MAINTENANCE COMMANDS SUDOERS(4)
is to give the user permission to run ssuuddooeeddiitt.
SSEEEE AALLSSOO
_r_s_h(1), _s_u(1), _f_n_m_a_t_c_h(3), sudo(1m), visudo(1m)
CCAAVVEEAATTSS
The _s_u_d_o_e_r_s file should aallwwaayyss be edited by the vviissuuddoo
command which locks the file and does grammatical check<63>
@@ -1574,11 +1579,6 @@ DDIISSCCLLAAIIMMEERR
1.6.9 November 12, 2004 24
1.6.9 November 19, 2004 24

20
sudoers.man.in
View File

@@ -149,7 +149,7 @@
.\" ========================================================================
.\"
.IX Title "SUDOERS @mansectform@"
.TH SUDOERS @mansectform@ "November 12, 2004" "1.6.9" "MAINTENANCE COMMANDS"
.TH SUDOERS @mansectform@ "November 19, 2004" "1.6.9" "MAINTENANCE COMMANDS"
.SH "NAME"
sudoers \- list of which users may execute what
.SH "DESCRIPTION"
@@ -354,12 +354,16 @@ a normal command does.
Certain configuration options may be changed from their default
values at runtime via one or more \f(CW\*(C`Default_Entry\*(C'\fR lines. These
may affect all users on any host, all users on a specific host, a
specific user, or commands being run as a specific user.
specific user, a specific command, or commands being run as a specific user.
Note that per-command entries may not include command line arguments.
If you need to specify arguments, define a \f(CW\*(C`Cmnd_Alias\*(C'\fR and reference
that instead.
.PP
.Vb 4
.Vb 5
\& Default_Type ::= 'Defaults' |
\& 'Defaults' '@' Host |
\& 'Defaults' ':' User |
\& 'Defaults' '!' Cmnd |
\& 'Defaults' '>' RunasUser
.Ve
.PP
@@ -1131,7 +1135,7 @@ these are a bit contrived. First, we define our \fIaliases\fR:
\& Host_Alias CDROM = orion, perseus, hercules
.Ve
.PP
.Vb 12
.Vb 13
\& # Cmnd alias specification
\& Cmnd_Alias DUMPS = /usr/bin/mt, /usr/sbin/dump, /usr/sbin/rdump,\e
\& /usr/sbin/restore, /usr/sbin/rrestore
@@ -1144,6 +1148,7 @@ these are a bit contrived. First, we define our \fIaliases\fR:
\& /usr/local/bin/tcsh, /usr/bin/rsh, \e
\& /usr/local/bin/zsh
\& Cmnd_Alias SU = /usr/bin/su
\& Cmnd_Alias PAGERS = /usr/bin/more, /usr/bin/pg, /usr/bin/less
.Ve
.PP
Here we override some of the compiled in default values. We want
@@ -1154,15 +1159,18 @@ want to reset the \f(CW\*(C`LOGNAME\*(C'\fR or \f(CW\*(C`USER\*(C'\fR environmen
running commands as root. Additionally, on the machines in the
\&\fI\s-1SERVERS\s0\fR \f(CW\*(C`Host_Alias\*(C'\fR, we keep an additional local log file and
make sure we log the year in each log line since the log entries
will be kept around for several years.
will be kept around for several years. Lastly, we disable shell
escapes for the commands in the \s-1PAGERS\s0 \f(CW\*(C`Cmnd_Alias\*(C'\fR (/usr/bin/more,
/usr/bin/pg and /usr/bin/less).
.PP
.Vb 6
.Vb 7
\& # Override built-in defaults
\& Defaults syslog=auth
\& Defaults>root !set_logname
\& Defaults:FULLTIMERS !lecture
\& Defaults:millert !authenticate
\& Defaults@SERVERS log_year, logfile=/var/log/sudo.log
\& Defaults!PAGERS noexec
.Ve
.PP
The \fIUser specification\fR is the part that actually determines who may

12
sudoers.pod
View File

@@ -198,11 +198,15 @@ a normal command does.
Certain configuration options may be changed from their default
values at runtime via one or more C<Default_Entry> lines. These
may affect all users on any host, all users on a specific host, a
specific user, or commands being run as a specific user.
specific user, a specific command, or commands being run as a specific user.
Note that per-command entries may not include command line arguments.
If you need to specify arguments, define a C<Cmnd_Alias> and reference
that instead.
Default_Type ::= 'Defaults' |
'Defaults' '@' Host |
'Defaults' ':' User |
'Defaults' '!' Cmnd |
'Defaults' '>' RunasUser
Default_Entry ::= Default_Type Parameter_List
@@ -1054,6 +1058,7 @@ these are a bit contrived. First, we define our I<aliases>:
/usr/local/bin/tcsh, /usr/bin/rsh, \
/usr/local/bin/zsh
Cmnd_Alias SU = /usr/bin/su
Cmnd_Alias PAGERS = /usr/bin/more, /usr/bin/pg, /usr/bin/less
Here we override some of the compiled in default values. We want
B<sudo> to log via L<syslog(3)> using the I<auth> facility in all
@@ -1063,7 +1068,9 @@ want to reset the C<LOGNAME> or C<USER> environment variables when
running commands as root. Additionally, on the machines in the
I<SERVERS> C<Host_Alias>, we keep an additional local log file and
make sure we log the year in each log line since the log entries
will be kept around for several years.
will be kept around for several years. Lastly, we disable shell
escapes for the commands in the PAGERS C<Cmnd_Alias> (/usr/bin/more,
/usr/bin/pg and /usr/bin/less).
# Override built-in defaults
Defaults syslog=auth
@@ -1071,6 +1078,7 @@ will be kept around for several years.
Defaults:FULLTIMERS !lecture
Defaults:millert !authenticate
Defaults@SERVERS log_year, logfile=/var/log/sudo.log
Defaults!PAGERS noexec
The I<User specification> is the part that actually determines who may
run what.