421 lines
10 KiB
Groff
421 lines
10 KiB
Groff
.\" DO NOT EDIT THIS FILE, IT IS NOT THE MASTER!
|
|
.\" IT IS GENERATED AUTOMATICALLY FROM visudo.mdoc.in
|
|
.\"
|
|
.\" Copyright (c) 1996,1998-2005, 2007-2015
|
|
.\" Todd C. Miller <Todd.Miller@courtesan.com>
|
|
.\"
|
|
.\" Permission to use, copy, modify, and distribute this software for any
|
|
.\" purpose with or without fee is hereby granted, provided that the above
|
|
.\" copyright notice and this permission notice appear in all copies.
|
|
.\"
|
|
.\" THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
|
|
.\" WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
|
|
.\" MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
|
|
.\" ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
|
|
.\" WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
|
|
.\" ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
|
|
.\" OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
|
|
.\" ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
|
|
.\"
|
|
.\" Sponsored in part by the Defense Advanced Research Projects
|
|
.\" Agency (DARPA) and Air Force Research Laboratory, Air Force
|
|
.\" Materiel Command, USAF, under agreement number F39502-99-1-0512.
|
|
.\"
|
|
.TH "VISUDO" "8" "December 4, 2014" "Sudo @PACKAGE_VERSION@" "System Manager's Manual"
|
|
.nh
|
|
.if n .ad l
|
|
.SH "NAME"
|
|
\fBvisudo\fR
|
|
\- edit the sudoers file
|
|
.SH "SYNOPSIS"
|
|
.HP 7n
|
|
\fBvisudo\fR
|
|
[\fB\-chqsV\fR]
|
|
[\fB\-f\fR\ \fIsudoers\fR]
|
|
[\fB\-x\fR\ \fIoutput_file\fR]
|
|
.SH "DESCRIPTION"
|
|
\fBvisudo\fR
|
|
edits the
|
|
\fIsudoers\fR
|
|
file in a safe fashion, analogous to
|
|
vipw(@mansectsu@).
|
|
\fBvisudo\fR
|
|
locks the
|
|
\fIsudoers\fR
|
|
file against multiple simultaneous edits, provides basic sanity checks,
|
|
and checks for parse errors.
|
|
If the
|
|
\fIsudoers\fR
|
|
file is currently being edited you will receive a message to try again later.
|
|
.PP
|
|
There is a hard-coded list of one or more editors that
|
|
\fBvisudo\fR
|
|
will use set at compile-time that may be overridden via the
|
|
\fIeditor\fR
|
|
\fIsudoers\fR
|
|
\fRDefault\fR
|
|
variable.
|
|
This list defaults to
|
|
\fR@editor@\fR.
|
|
Normally,
|
|
\fBvisudo\fR
|
|
does not honor the
|
|
\fRVISUAL\fR
|
|
or
|
|
\fREDITOR\fR
|
|
environment variables unless they contain an editor in the aforementioned
|
|
editors list.
|
|
However, if
|
|
\fBvisudo\fR
|
|
is configured with the
|
|
\fR--with-env-editor\fR
|
|
option or the
|
|
\fIenv_editor\fR
|
|
\fRDefault\fR
|
|
variable is set in
|
|
\fIsudoers\fR,
|
|
\fBvisudo\fR
|
|
will use any the editor defines by
|
|
\fRVISUAL\fR
|
|
or
|
|
\fREDITOR\fR.
|
|
Note that this can be a security hole since it allows the user to
|
|
execute any program they wish simply by setting
|
|
\fRVISUAL\fR
|
|
or
|
|
\fREDITOR\fR.
|
|
.PP
|
|
\fBvisudo\fR
|
|
parses the
|
|
\fIsudoers\fR
|
|
file after the edit and will
|
|
not save the changes if there is a syntax error.
|
|
Upon finding an error,
|
|
\fBvisudo\fR
|
|
will print a message stating the line number(s)
|
|
where the error occurred and the user will receive the
|
|
\(LqWhat now?\(Rq
|
|
prompt.
|
|
At this point the user may enter
|
|
\(oqe\(cq
|
|
to re-edit the
|
|
\fIsudoers\fR
|
|
file,
|
|
\(oqx\(cq
|
|
to exit without saving the changes, or
|
|
\(oqQ\(cq
|
|
to quit and save changes.
|
|
The
|
|
\(oqQ\(cq
|
|
option should be used with extreme care because if
|
|
\fBvisudo\fR
|
|
believes there to be a parse error, so will
|
|
\fBsudo\fR
|
|
and no one
|
|
will be able to run
|
|
\fBsudo\fR
|
|
again until the error is fixed.
|
|
If
|
|
\(oqe\(cq
|
|
is typed to edit the
|
|
\fIsudoers\fR
|
|
file after a parse error has been detected, the cursor will be placed on
|
|
the line where the error occurred (if the editor supports this feature).
|
|
.PP
|
|
The options are as follows:
|
|
.TP 12n
|
|
\fB\-c\fR, \fB\--check\fR
|
|
Enable
|
|
\fIcheck-only\fR
|
|
mode.
|
|
The existing
|
|
\fIsudoers\fR
|
|
file will be
|
|
checked for syntax errors, owner and mode.
|
|
A message will be printed to the standard output describing the status of
|
|
\fIsudoers\fR
|
|
unless the
|
|
\fB\-q\fR
|
|
option was specified.
|
|
If the check completes successfully,
|
|
\fBvisudo\fR
|
|
will exit with a value of 0.
|
|
If an error is encountered,
|
|
\fBvisudo\fR
|
|
will exit with a value of 1.
|
|
.TP 12n
|
|
\fB\-f\fR \fIsudoers\fR, \fB\--file\fR=\fIsudoers\fR
|
|
Specify an alternate
|
|
\fIsudoers\fR
|
|
file location.
|
|
With this option,
|
|
\fBvisudo\fR
|
|
will edit (or check) the
|
|
\fIsudoers\fR
|
|
file of your choice,
|
|
instead of the default,
|
|
\fI@sysconfdir@/sudoers\fR.
|
|
The lock file used is the specified
|
|
\fIsudoers\fR
|
|
file with
|
|
\(Lq\.tmp\(Rq
|
|
appended to it.
|
|
In
|
|
\fIcheck-only\fR
|
|
mode only, the argument to
|
|
\fB\-f\fR
|
|
may be
|
|
\(oq-\(cq,
|
|
indicating that
|
|
\fIsudoers\fR
|
|
will be read from the standard input.
|
|
.TP 12n
|
|
\fB\-h\fR, \fB\--help\fR
|
|
Display a short help message to the standard output and exit.
|
|
.TP 12n
|
|
\fB\-q\fR, \fB\--quiet\fR
|
|
Enable
|
|
\fIquiet\fR
|
|
mode.
|
|
In this mode details about syntax errors are not printed.
|
|
This option is only useful when combined with
|
|
the
|
|
\fB\-c\fR
|
|
option.
|
|
.TP 12n
|
|
\fB\-s\fR, \fB\--strict\fR
|
|
Enable
|
|
\fIstrict\fR
|
|
checking of the
|
|
\fIsudoers\fR
|
|
file.
|
|
If an alias is used before it is defined,
|
|
\fBvisudo\fR
|
|
will consider this a parse error.
|
|
Note that it is not possible to differentiate between an
|
|
alias and a host name or user name that consists solely of uppercase
|
|
letters, digits, and the underscore
|
|
(\(oq_\(cq)
|
|
character.
|
|
.TP 12n
|
|
\fB\-V\fR, \fB\--version\fR
|
|
Print the
|
|
\fBvisudo\fR
|
|
and
|
|
\fIsudoers\fR
|
|
grammar versions and exit.
|
|
.TP 12n
|
|
\fB\-x\fR \fIoutput_file\fR, \fB\--export\fR=\fIoutput_file\fR
|
|
Export a
|
|
\fIsudoers\fR
|
|
in JSON format and write it to
|
|
\fIoutput_file\fR.
|
|
If
|
|
\fIoutput_file\fR
|
|
is
|
|
\(oq-\(cq,
|
|
the exported
|
|
\fIsudoers\fR
|
|
policy will be written to the standard output.
|
|
By default,
|
|
\fI@sysconfdir@/sudoers\fR
|
|
(and any files it includes) will be exported.
|
|
The
|
|
\fB\-f\fR
|
|
option can be used to specify a different
|
|
\fIsudoers\fR
|
|
file to export.
|
|
The exported format is intended to be easier for third-party
|
|
applications to parse than the traditional
|
|
\fIsudoers\fR
|
|
format.
|
|
The various values have explicit types which removes much of the
|
|
ambiguity of the
|
|
\fIsudoers\fR
|
|
format.
|
|
.SS "Debugging and sudoers plugin arguments"
|
|
\fBvisudo\fR
|
|
versions 1.8.4 and higher support a flexible debugging framework
|
|
that is configured via
|
|
\fRDebug\fR
|
|
lines in the
|
|
sudo.conf(@mansectform@)
|
|
file.
|
|
.PP
|
|
Starting with
|
|
\fBsudo\fR
|
|
1.8.12,
|
|
\fBvisudo\fR
|
|
will also parse the arguments to the
|
|
\fIsudoers\fR
|
|
plugin to override the default
|
|
\fIsudoers\fR
|
|
path name, UID, GID and file mode.
|
|
These arguments, if present, should be listed after the path to the plugin
|
|
(i.e.\& after
|
|
\fIsudoers.so\fR).
|
|
Multiple arguments may be specified, separated by white space.
|
|
For example:
|
|
.nf
|
|
.sp
|
|
.RS 6n
|
|
Plugin sudoers_policy sudoers.so sudoers_mode=0400
|
|
.RE
|
|
.fi
|
|
.PP
|
|
The following arguments are supported:
|
|
.TP 10n
|
|
sudoers_file=pathname
|
|
The
|
|
\fIsudoers_file\fR
|
|
argument can be used to override the default path to the
|
|
\fIsudoers\fR
|
|
file.
|
|
.TP 10n
|
|
sudoers_uid=uid
|
|
The
|
|
\fIsudoers_uid\fR
|
|
argument can be used to override the default owner of the sudoers file.
|
|
It should be specified as a numeric user ID.
|
|
.TP 10n
|
|
sudoers_gid=gid
|
|
The
|
|
\fIsudoers_gid\fR
|
|
argument can be used to override the default group of the sudoers file.
|
|
It must be specified as a numeric group ID (not a group name).
|
|
.TP 10n
|
|
sudoers_mode=mode
|
|
The
|
|
\fIsudoers_mode\fR
|
|
argument can be used to override the default file mode for the sudoers file.
|
|
It should be specified as an octal value.
|
|
.PP
|
|
For more information on configuring
|
|
sudo.conf(@mansectform@),
|
|
please refer to its manual.
|
|
.SH "ENVIRONMENT"
|
|
The following environment variables may be consulted depending on
|
|
the value of the
|
|
\fIeditor\fR
|
|
and
|
|
\fIenv_editor\fR
|
|
\fIsudoers\fR
|
|
settings:
|
|
.TP 17n
|
|
\fRVISUAL\fR
|
|
Invoked by
|
|
\fBvisudo\fR
|
|
as the editor to use
|
|
.TP 17n
|
|
\fREDITOR\fR
|
|
Used by
|
|
\fBvisudo\fR
|
|
if
|
|
\fRVISUAL\fR
|
|
is not set
|
|
.SH "FILES"
|
|
.TP 26n
|
|
\fI@sysconfdir@/sudo.conf\fR
|
|
Sudo front end configuration
|
|
.TP 26n
|
|
\fI@sysconfdir@/sudoers\fR
|
|
List of who can run what
|
|
.TP 26n
|
|
\fI@sysconfdir@/sudoers.tmp\fR
|
|
Lock file for visudo
|
|
.SH "DIAGNOSTICS"
|
|
.TP 6n
|
|
\fRsudoers file busy, try again later.\fR
|
|
Someone else is currently editing the
|
|
\fIsudoers\fR
|
|
file.
|
|
.TP 6n
|
|
\fR@sysconfdir@/sudoers.tmp: Permission denied\fR
|
|
You didn't run
|
|
\fBvisudo\fR
|
|
as root.
|
|
.TP 6n
|
|
\fRCan't find you in the passwd database\fR
|
|
Your user ID does not appear in the system passwd file.
|
|
.TP 6n
|
|
\fRWarning: {User,Runas,Host,Cmnd}_Alias referenced but not defined\fR
|
|
Either you are trying to use an undeclared {User,Runas,Host,Cmnd}_Alias
|
|
or you have a user or host name listed that consists solely of
|
|
uppercase letters, digits, and the underscore
|
|
(\(oq_\(cq)
|
|
character.
|
|
In the latter case, you can ignore the warnings
|
|
(\fBsudo\fR
|
|
will not complain)
|
|
\&.
|
|
In
|
|
\fB\-s\fR
|
|
(strict) mode these are errors, not warnings.
|
|
.TP 6n
|
|
\fRWarning: unused {User,Runas,Host,Cmnd}_Alias\fR
|
|
The specified {User,Runas,Host,Cmnd}_Alias was defined but never
|
|
used.
|
|
You may wish to comment out or remove the unused alias.
|
|
.TP 6n
|
|
\fRWarning: cycle in {User,Runas,Host,Cmnd}_Alias\fR
|
|
The specified {User,Runas,Host,Cmnd}_Alias includes a reference to
|
|
itself, either directly or through an alias it includes.
|
|
This is only a warning by default as
|
|
\fBsudo\fR
|
|
will ignore cycles when parsing
|
|
the
|
|
\fIsudoers\fR
|
|
file.
|
|
.TP 6n
|
|
\fRvisudo: @sysconfdir@/sudoers: input and output files must be different\fR
|
|
The
|
|
\fB\-x\fR
|
|
flag was used and the specified
|
|
\fIoutput_file\fR
|
|
has the same path name as the
|
|
\fIsudoers\fR
|
|
file to export.
|
|
.SH "SEE ALSO"
|
|
vi(1),
|
|
sudo.conf(@mansectform@),
|
|
sudoers(@mansectform@),
|
|
sudo(@mansectsu@),
|
|
vipw(@mansectsu@)
|
|
.SH "AUTHORS"
|
|
Many people have worked on
|
|
\fBsudo\fR
|
|
over the years; this version consists of code written primarily by:
|
|
.sp
|
|
.RS 6n
|
|
Todd C. Miller
|
|
.RE
|
|
.PP
|
|
See the CONTRIBUTORS file in the
|
|
\fBsudo\fR
|
|
distribution (http://www.sudo.ws/contributors.html) for an
|
|
exhaustive list of people who have contributed to
|
|
\fBsudo\fR.
|
|
.SH "CAVEATS"
|
|
There is no easy way to prevent a user from gaining a root shell if
|
|
the editor used by
|
|
\fBvisudo\fR
|
|
allows shell escapes.
|
|
.SH "BUGS"
|
|
If you feel you have found a bug in
|
|
\fBvisudo\fR,
|
|
please submit a bug report at http://bugzilla.sudo.ws/
|
|
.SH "SUPPORT"
|
|
Limited free support is available via the sudo-users mailing list,
|
|
see http://www.sudo.ws/mailman/listinfo/sudo-users to subscribe or
|
|
search the archives.
|
|
.SH "DISCLAIMER"
|
|
\fBvisudo\fR
|
|
is provided
|
|
\(LqAS IS\(Rq
|
|
and any express or implied warranties, including, but not limited
|
|
to, the implied warranties of merchantability and fitness for a
|
|
particular purpose are disclaimed.
|
|
See the LICENSE file distributed with
|
|
\fBsudo\fR
|
|
or http://www.sudo.ws/license.html for complete details.
|