171 lines
4.6 KiB
Groff
171 lines
4.6 KiB
Groff
.\" DO NOT EDIT THIS FILE, IT IS NOT THE MASTER!
|
|
.\" IT IS GENERATED AUTOMATICALLY FROM cvtsudoers.mdoc.in
|
|
.\"
|
|
.\" Copyright (c) 2018 Todd C. Miller <Todd.Miller@sudo.ws>
|
|
.\"
|
|
.\" Permission to use, copy, modify, and distribute this software for any
|
|
.\" purpose with or without fee is hereby granted, provided that the above
|
|
.\" copyright notice and this permission notice appear in all copies.
|
|
.\"
|
|
.\" THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
|
|
.\" WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
|
|
.\" MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
|
|
.\" ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
|
|
.\" WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
|
|
.\" ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
|
|
.\" OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
|
|
.\" ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
|
|
.\"
|
|
.TH "CVTSUDOERS" "8" "February 2, 2018" "Sudo @PACKAGE_VERSION@" "System Manager's Manual"
|
|
.nh
|
|
.if n .ad l
|
|
.SH "NAME"
|
|
\fBcvtsudoers\fR
|
|
\- convert between sudoers file formats
|
|
.SH "SYNOPSIS"
|
|
.HP 11n
|
|
\fBcvtsudoers\fR
|
|
[\fB\-hV\fR]
|
|
[\fB\-b\fR\ \fIdn\fR]
|
|
[\fB\-f\fR\ \fIformat\fR]
|
|
[\fB\-o\fR\ \fIoutput_file\fR]
|
|
[\fIsudoers_file\fR]
|
|
.SH "DESCRIPTION"
|
|
\fBcvtsudoers\fR
|
|
can be used to convert a policy file in
|
|
\fIsudoers\fR
|
|
format to other formats.
|
|
The default output format is LDIF.
|
|
It is only possible to convert a
|
|
\fIsudoers\fR
|
|
file that is syntactically correct.
|
|
.PP
|
|
If no
|
|
\fIsudoers_file\fR
|
|
is specified, or if it is
|
|
\(oq-\(cq,
|
|
the policy is read from the standard input.
|
|
By default, the result is written to the standard output.
|
|
.PP
|
|
The options are as follows:
|
|
.TP 12n
|
|
\fB\-b\fR \fIdn\fR, \fB\--base\fR=\fIdn\fR
|
|
The base DN (distinguished name) that will be used when performing
|
|
LDAP queries.
|
|
Typically this is of the form
|
|
\fRou=SUDOers,dc=example,dc=com\fR
|
|
for the domain
|
|
\fRexample.com\fR.
|
|
If this option is not specified, the value of the
|
|
\fRSUDOERS_BASE\fR
|
|
environment variable will be used instead.
|
|
Only necessary when converting to LDIF format.
|
|
.TP 12n
|
|
\fB\-f\fR \fIoutput_format\fR, \fB\--format\fR=\fIoutput_format\fR
|
|
Specify the output format.
|
|
The following formats are supported:
|
|
.PP
|
|
.RS 12n
|
|
.PD 0
|
|
.TP 10n
|
|
JSON
|
|
JSON (JavaScript Object Notation) files are usually easier for
|
|
third-party applications to consume than the traditional
|
|
\fIsudoers\fR
|
|
format.
|
|
The various values have explicit types which removes much of the
|
|
ambiguity of the
|
|
\fIsudoers\fR
|
|
format.
|
|
.PD
|
|
.TP 10n
|
|
LDIF
|
|
LDIF (LDAP Data Interchange Format) files can be imported into an LDAP
|
|
server for use with
|
|
sudoers.ldap(@mansectform@).
|
|
.sp
|
|
Conversion to LDIF has the following limitations:
|
|
.PP
|
|
.RS 10n
|
|
.PD 0
|
|
.TP 6n
|
|
\fB\(bu\fR
|
|
Command, host, runas and user-specific Defaults lines cannot be
|
|
translated as they don't have an equivalent in the sudoers LDAP schema.
|
|
.PD
|
|
.TP 6n
|
|
\fB\(bu\fR
|
|
Command, host, runas and user aliases are not supported by the
|
|
sudoers LDAP schema so they are expanded during the conversion.
|
|
.PD 0
|
|
.PP
|
|
.RE
|
|
.PD
|
|
.TP 10n
|
|
sudoers
|
|
Traditional sudoers format.
|
|
A new sudoers file will be reconstructed from the parsed input file.
|
|
Comments are not preserved and data from any include files will be
|
|
output inline.
|
|
.PD 0
|
|
.PP
|
|
.RE
|
|
.PD
|
|
.TP 12n
|
|
\fB\-h\fR, \fB\--help\fR
|
|
Display a short help message to the standard output and exit.
|
|
.TP 12n
|
|
\fB\-o\fR \fIoutput_file\fR, \fB\--output\fR=\fIoutput_file\fR
|
|
Write the converted output to
|
|
\fIoutput_file\fR.
|
|
If no
|
|
\fIoutput_file\fR
|
|
is specified, or if it is
|
|
\(oq-\(cq,
|
|
the converted
|
|
\fIsudoers\fR
|
|
policy will be written to the standard output.
|
|
.TP 12n
|
|
\fB\-V\fR, \fB\--version\fR
|
|
Print the
|
|
\fBcvtsudoers\fR
|
|
and
|
|
\fIsudoers\fR
|
|
grammar versions and exit.
|
|
.SH "SEE ALSO"
|
|
sudoers(@mansectform@),
|
|
sudoers.ldap(@mansectform@),
|
|
sudo(@mansectsu@)
|
|
.SH "AUTHORS"
|
|
Many people have worked on
|
|
\fBsudo\fR
|
|
over the years; this version consists of code written primarily by:
|
|
.sp
|
|
.RS 6n
|
|
Todd C. Miller
|
|
.RE
|
|
.PP
|
|
See the CONTRIBUTORS file in the
|
|
\fBsudo\fR
|
|
distribution (https://www.sudo.ws/contributors.html) for an
|
|
exhaustive list of people who have contributed to
|
|
\fBsudo\fR.
|
|
.SH "BUGS"
|
|
If you feel you have found a bug in
|
|
\fBcvtsudoers\fR,
|
|
please submit a bug report at https://bugzilla.sudo.ws/
|
|
.SH "SUPPORT"
|
|
Limited free support is available via the sudo-users mailing list,
|
|
see https://www.sudo.ws/mailman/listinfo/sudo-users to subscribe or
|
|
search the archives.
|
|
.SH "DISCLAIMER"
|
|
\fBcvtsudoers\fR
|
|
is provided
|
|
\(LqAS IS\(Rq
|
|
and any express or implied warranties, including, but not limited
|
|
to, the implied warranties of merchantability and fitness for a
|
|
particular purpose are disclaimed.
|
|
See the LICENSE file distributed with
|
|
\fBsudo\fR
|
|
or https://www.sudo.ws/license.html for complete details.
|