isa/sudo
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
2,869 Commits 1 Branch 0 Tags
2aec2bd724dc30f151ed0ebe9df507d5ff9c46d0
Commit Graph

67 Commits

Author SHA1 Message Date
Todd C. Miller
4a48a0f679 typos; jmc@openbsd.org 2003-01-23 08:03:51 +00:00
Todd C. Miller
a8153f4d5d Add support for Defaults>RunasUser 2003-01-17 23:09:45 +00:00
Todd C. Miller
3bfbd4b1e3 document new prompt escapes 2002-12-14 19:21:27 +00:00
Todd C. Miller
cd4ec1d2bf document timestampowner 2002-05-05 00:57:47 +00:00
Todd C. Miller
017366ce4a Add caveat about stay_setuid flag 2002-01-13 18:36:44 +00:00
Todd C. Miller
412819b40a Mention that no double quotes are needed when adding/deleting/assigning 
a single value to a list.
 2001-12-30 19:26:22 +00:00
Todd C. Miller
9a33007630 o Typo, Runas_User_List should be Runas_List 
o a User_List can not contain a uid
 o mention that the Defaults section should come after Alias
   definitions but before the user specifications
 2001-12-17 23:33:47 +00:00
Todd C. Miller
16912179e5 Fix listpw and verifypw sections, they were not being formatted properly. 2001-12-15 16:51:11 +00:00
Todd C. Miller
d24eac7fd2 fix typos 2001-12-15 16:38:21 +00:00
Todd C. Miller
761b119e2e Add new sudoers option "preserve_groups". Previously sudo would not 
call initgroups() if the target user was root.  Now it always calls
initgroups() unless the -P command line option or the "preserve_groups"
sudoers option is set.  Idea from TJ Saunders.
 2001-12-15 00:24:27 +00:00
Todd C. Miller
2e677e1023 Remove "secure_path" Defaults option since it cannot work with the 
existing parser.
 2001-12-14 06:40:03 +00:00
Todd C. Miller
bcdcc32a7f Remove an extra "User_List" in the User_Spec definition 
From ybertrand AT snoopymail.com
 2001-12-12 21:21:49 +00:00
Todd C. Miller
3d1344a717 Remove gratuitous '=' in EBNF grammar; era AT iki.fi 2001-12-12 20:40:12 +00:00
Todd C. Miller
b1687838f5 Document new list Defaults type and convert env_keep and env_delete 
to lists.
Document new env_check option.
 2001-12-12 20:34:26 +00:00
Todd C. Miller
78d67cfb53 Document new behavior of negative values of timestamp_timeout 
Fix a typo
 2001-11-13 00:32:11 +00:00
Todd C. Miller
de9d655ea6 Add mail_badpass option 
Also modify mail_always behavior to also send mail when the password is wrong
 2001-11-12 18:13:03 +00:00
Todd C. Miller
c4c0f0046e document env_delete 2001-11-12 04:52:23 +00:00
Todd C. Miller
ace935f8aa "upper case" -> "uppercase" 2001-09-18 01:48:48 +00:00
Todd C. Miller
51dd80bd78 fix typos and grammar; pjanzen@foatdi.harvard.edu 2001-09-18 01:32:35 +00:00
Todd C. Miller
12a9783318 Missing word (specify); krapht@secureops.com 2001-08-28 14:26:38 +00:00
Todd C. Miller
993409b90f s/eg./e.g./ 2001-04-13 01:43:40 +00:00
Todd C. Miller
9318379d83 PATH is also preserved when env_reset is in effect 2000-12-30 03:45:31 +00:00
Todd C. Miller
998631b73a New Defaults options: 
o stay_setuid - sudo will remain setuid if system has saved uids or setreuid(2)
 o env_reset - reset the environment to a sane default
 o env_keep - preserve environment variables that would otherwise be cleared

No longer use getenv/putenv/setenv functions--do environment munging by hand.
Potentially dangerous environment variables can be cleared only if they
contain '/' pr '%' characters to protect buggy programs.
Moved environment routines into env.c (new file)
 2000-12-30 03:29:47 +00:00
Todd C. Miller
e7ee4f9885 Fix typo; from sato@complex.eng.hokudai.ac.jp 2000-10-19 14:09:07 +00:00
Todd C. Miller
2365c52b21 Mention negating umask 2000-10-12 13:49:45 +00:00
Todd C. Miller
ed7827decc Add always_set_home variable 2000-09-07 01:35:39 +00:00
Todd C. Miller
fafefc1df9 Substitute values from configure into man pages. 2000-08-13 21:09:22 +00:00
Todd C. Miller
30daa83259 Use B<-Z> not C<-Z> for command line flags in all places. This is more 
consistent and works around a bug in Pod::Man.
 2000-04-22 18:15:15 +00:00
Todd C. Miller
2d50daad2b Fix an occurence of 'semicolon' that should be 'colon' 2000-04-22 17:59:26 +00:00
Todd C. Miller
d4be49c5fc Put back real man sections, we will do the substitution later. 2000-04-07 14:26:23 +00:00
Todd C. Miller
6dd2d9592e Visudo now checks for the existence of an editor and gives a sensible 
error if it does not exist.

The path to the editor for visudo is now a colon-separated list of
allowable editors.  If the user has $EDITOR set and it matches
one of the allowed editors that editor will be used.  If not,
the first editor in the list that actually exists is used.
 2000-04-01 21:23:28 +00:00
Todd C. Miller
6c94d8d231 Use @mansectsu@ and @mansectform@ in the man page bodies as well. 2000-03-27 03:26:24 +00:00
Todd C. Miller
5ce1fa96f2 Add support for wildcards in the hostname. 2000-03-23 04:09:53 +00:00
Todd C. Miller
4c8b4fad56 Document set_logname option and enbolden refs to sudo and visudo. 2000-03-23 03:20:57 +00:00
Todd C. Miller
d168a21cee Add FreeBSD login.conf support (untested on BSD/OS) based on a patch from 
Michael D. Marchionna.
configure now does substitution on the man pages, allowing us to
fix up the paths and set the section correctly.  Based on an idea
from Michael D. Marchionna.
 2000-03-23 00:35:59 +00:00
Todd C. Miller
09b23e7b41 Add rootpw, runaspw, and targetpw options. 2000-02-18 17:56:28 +00:00
Todd C. Miller
44c5092fab enveditor -> env_editor 2000-02-18 17:11:43 +00:00
Todd C. Miller
020125336c Add 'editor' and 'enveditor' sudoers defaults and make visudo honor them. 
This means that visudo will now parse the sudoers file *before* it is
edited so a bogus sudoers file will cause a warning to go to stderr.
Also, visudo checks the variables once--it does not check them after
each editor run since that could be confusing.
 2000-02-16 00:03:44 +00:00
Todd C. Miller
192d338322 Expanded docs on sudoers 'defaults' options based on INSTALL file info. 2000-01-26 21:21:28 +00:00
Todd C. Miller
592bae1d7c Add netgroup caveat 2000-01-24 03:57:49 +00:00
Todd C. Miller
e4f3853d70 "a a" -> "a"; Aaron Campbell <aaron@cs.dal.ca> 2000-01-18 22:00:40 +00:00
Todd C. Miller
9e0bae9fc6 update copyright year on changed files 2000-01-17 23:46:26 +00:00
Todd C. Miller
ccb808da31 Add 'shell_noargs' runtime option back in. We have to defer checking 
until after the sudoers file has been parsed but since there are now
other options that operate that way this one can too.  Based on a patch
from bguillory@email.com.
 2000-01-17 17:25:10 +00:00
Todd C. Miller
a597c4ad55 o Fix some typos/omissions 
o Add section on verifypw and listpw
o Define how NOPASSWD interacts with the -v and -l flags
 2000-01-17 03:57:26 +00:00
Todd C. Miller
449f67f776 o Kill shell_noargs option, it cannot work since the command needs to 
be set before sudoers is parsed.
o Fix the "set_home" sudoers option (only worked at compile time).
o Fix "fqdn" sudoers option.  We now set host/shost via set_fqdn which
  gets called when the "fqdn" option is set in sudoers.
o Move the openlog() to store_syslogfac() so this gets overridden
  correctly from the sudoers file.
 1999-12-02 20:31:25 +00:00
Todd C. Miller
42f7c6f3f4 Add warning about using ALL in a command context. 1999-11-16 05:23:41 +00:00
Todd C. Miller
afe809a31c Mention what characters need to be escaped in names. 1999-11-09 00:00:29 +00:00
Todd C. Miller
d0026e7d88 change ital to bold 1999-10-20 15:23:42 +00:00
Todd C. Miller
8a33fc598e Docuement "Defaults" lines in /etc/sudoers. Still needs some fleshing 
out but this is a start.
 1999-10-11 15:55:11 +00:00
Todd C. Miller
7a84959b41 new sudoers(8) man page 1999-08-26 09:00:59 +00:00