Rework source layout in preparation for modular sudo.

plugins/sudoers/def_data.in

@@ -0,0 +1,240 @@
+#
+# Format:
+#
+# var_name
+#	TYPE
+#	description (or NULL)
+#	array of struct def_values if TYPE == T_TUPLE
+#
+# NOTE: for tuples that can be used in a boolean context the first
+#	value corresponds to boolean FALSE and the second to TRUE.
+#
+
+syslog
+	T_LOGFAC|T_BOOL
+	"Syslog facility if syslog is being used for logging: %s"
+syslog_goodpri
+	T_LOGPRI
+	"Syslog priority to use when user authenticates successfully: %s"
+syslog_badpri
+	T_LOGPRI
+	"Syslog priority to use when user authenticates unsuccessfully: %s"
+long_otp_prompt
+	T_FLAG
+	"Put OTP prompt on its own line"
+ignore_dot
+	T_FLAG
+	"Ignore '.' in $PATH"
+mail_always
+	T_FLAG
+	"Always send mail when sudo is run"
+mail_badpass
+	T_FLAG
+	"Send mail if user authentication fails"
+mail_no_user
+	T_FLAG
+	"Send mail if the user is not in sudoers"
+mail_no_host
+	T_FLAG
+	"Send mail if the user is not in sudoers for this host"
+mail_no_perms
+	T_FLAG
+	"Send mail if the user is not allowed to run a command"
+tty_tickets
+	T_FLAG
+	"Use a separate timestamp for each user/tty combo"
+lecture
+	T_TUPLE|T_BOOL
+	"Lecture user the first time they run sudo"
+	never once always
+lecture_file
+	T_STR|T_PATH|T_BOOL
+	"File containing the sudo lecture: %s"
+authenticate
+	T_FLAG
+	"Require users to authenticate by default"
+root_sudo
+	T_FLAG
+	"Root may run sudo"
+log_host
+	T_FLAG
+	"Log the hostname in the (non-syslog) log file"
+log_year
+	T_FLAG
+	"Log the year in the (non-syslog) log file"
+shell_noargs
+	T_FLAG
+	"If sudo is invoked with no arguments, start a shell"
+set_home
+	T_FLAG
+	"Set $HOME to the target user when starting a shell with -s"
+always_set_home
+	T_FLAG
+	"Always set $HOME to the target user's home directory"
+path_info
+	T_FLAG
+	"Allow some information gathering to give useful error messages"
+fqdn
+	T_FLAG
+	"Require fully-qualified hostnames in the sudoers file"
+insults
+	T_FLAG
+	"Insult the user when they enter an incorrect password"
+requiretty
+	T_FLAG
+	"Only allow the user to run sudo if they have a tty"
+env_editor
+	T_FLAG
+	"Visudo will honor the EDITOR environment variable"
+rootpw
+	T_FLAG
+	"Prompt for root's password, not the users's"
+runaspw
+	T_FLAG
+	"Prompt for the runas_default user's password, not the users's"
+targetpw
+	T_FLAG
+	"Prompt for the target user's password, not the users's"
+use_loginclass
+	T_FLAG
+	"Apply defaults in the target user's login class if there is one"
+set_logname
+	T_FLAG
+	"Set the LOGNAME and USER environment variables"
+stay_setuid
+	T_FLAG
+	"Only set the effective uid to the target user, not the real uid"
+preserve_groups
+	T_FLAG
+	"Don't initialize the group vector to that of the target user"
+loglinelen
+	T_UINT|T_BOOL
+	"Length at which to wrap log file lines (0 for no wrap): %d"
+timestamp_timeout
+	T_FLOAT|T_BOOL
+	"Authentication timestamp timeout: %.1f minutes"
+passwd_timeout
+	T_FLOAT|T_BOOL
+	"Password prompt timeout: %.1f minutes"
+passwd_tries
+	T_UINT
+	"Number of tries to enter a password: %d"
+umask
+	T_MODE|T_BOOL
+	"Umask to use or 0777 to use user's: 0%o"
+logfile
+	T_STR|T_BOOL|T_PATH
+	"Path to log file: %s"
+mailerpath
+	T_STR|T_BOOL|T_PATH
+	"Path to mail program: %s"
+mailerflags
+	T_STR|T_BOOL
+	"Flags for mail program: %s"
+mailto
+	T_STR|T_BOOL
+	"Address to send mail to: %s"
+mailfrom
+	T_STR|T_BOOL
+	"Address to send mail from: %s"
+mailsub
+	T_STR
+	"Subject line for mail messages: %s"
+badpass_message
+	T_STR
+	"Incorrect password message: %s"
+timestampdir
+	T_STR|T_PATH
+	"Path to authentication timestamp dir: %s"
+timestampowner
+	T_STR
+	"Owner of the authentication timestamp dir: %s"
+exempt_group
+	T_STR|T_BOOL
+	"Users in this group are exempt from password and PATH requirements: %s"
+passprompt
+	T_STR
+	"Default password prompt: %s"
+passprompt_override
+	T_FLAG
+	"If set, passprompt will override system prompt in all cases."
+runas_default
+	T_STR
+	"Default user to run commands as: %s"
+secure_path
+	T_STR|T_BOOL
+	"Value to override user's $PATH with: %s"
+editor
+	T_STR|T_PATH
+	"Path to the editor for use by visudo: %s"
+listpw
+	T_TUPLE|T_BOOL
+	"When to require a password for 'list' pseudocommand: %s"
+	never any all always
+verifypw
+	T_TUPLE|T_BOOL
+	"When to require a password for 'verify' pseudocommand: %s"
+	never all any always
+noexec
+	T_FLAG
+	"Preload the dummy exec functions contained in 'noexec_file'"
+noexec_file
+	T_STR|T_PATH
+	"File containing dummy exec functions: %s"
+ignore_local_sudoers
+	T_FLAG
+	"If LDAP directory is up, do we ignore local sudoers file"
+closefrom
+	T_INT
+	"File descriptors >= %d will be closed before executing a command"
+closefrom_override
+	T_FLAG
+	"If set, users may override the value of `closefrom' with the -C option"
+setenv
+	T_FLAG
+	"Allow users to set arbitrary environment variables"
+env_reset
+	T_FLAG
+	"Reset the environment to a default set of variables"
+env_check
+	T_LIST|T_BOOL
+	"Environment variables to check for sanity:"
+env_delete
+	T_LIST|T_BOOL
+	"Environment variables to remove:"
+env_keep
+	T_LIST|T_BOOL
+	"Environment variables to preserve:"
+role
+	T_STR
+	"SELinux role to use in the new security context: %s"
+type
+	T_STR
+	"SELinux type to use in the new security context: %s"
+askpass
+	T_STR|T_PATH|T_BOOL
+	"Path to the askpass helper program: %s"
+env_file
+	T_STR|T_PATH|T_BOOL
+	"Path to the sudo-specific environment file: %s"
+sudoers_locale
+	T_STR
+	"Locale to use while parsing sudoers: %s"
+visiblepw
+	T_FLAG
+	"Allow sudo to prompt for a password even if it would be visisble"
+pwfeedback
+	T_FLAG
+	"Provide visual feedback at the password prompt when there is user input"
+fast_glob
+	T_FLAG
+	"Use faster globbing that is less accurate but does not access the filesystem"
+umask_override
+	T_FLAG
+	"The umask specified in sudoers will override the user's, even if it is more permissive"
+transcript
+	T_FLAG
+	"Log a transcript of the command being run"
+compress_transcript
+	T_FLAG
+	"Compress session transcripts with zlib"