Diff for /embedaddon/sudo/doc/sudo.cat between versions 1.1.1.3 and 1.1.1.5

version 1.1.1.3, 2012/10/09 09:29:52 version 1.1.1.5, 2013/10/14 07:56:34
Line 5  NNAAMMEE Line 5  NNAAMMEE
   
 SSYYNNOOPPSSIISS  SSYYNNOOPPSSIISS
      ssuuddoo --hh | --KK | --kk | --VV       ssuuddoo --hh | --KK | --kk | --VV
     ssuuddoo --vv [--AAkknnSS] [--aa _a_u_t_h___t_y_p_e] [--gg _g_r_o_u_p _n_a_m_e | _#_g_i_d] [--pp _p_r_o_m_p_t]     ssuuddoo --vv [--AAkknnSS] [--aa _t_y_p_e] [--gg _g_r_o_u_p] [--hh _h_o_s_t] [--pp _p_r_o_m_p_t] [--uu _u_s_e_r]
          [--uu _u_s_e_r _n_a_m_e | _#_u_i_d]     ssuuddoo --ll [--AAkknnSS] [--aa _t_y_p_e] [--gg _g_r_o_u_p] [--hh _h_o_s_t] [--pp _p_r_o_m_p_t] [--UU _u_s_e_r]
     ssuuddoo --ll[_l] [--AAkknnSS] [--aa _a_u_t_h___t_y_p_e] [--gg _g_r_o_u_p _n_a_m_e | _#_g_i_d] [--pp _p_r_o_m_p_t]          [--uu _u_s_e_r] [_c_o_m_m_a_n_d]
          [--UU _u_s_e_r _n_a_m_e] [--uu _u_s_e_r _n_a_m_e | _#_u_i_d] [_c_o_m_m_a_n_d]     ssuuddoo [--AAbbEEHHnnPPSS] [--aa _t_y_p_e] [--CC _n_u_m] [--cc _c_l_a_s_s] [--gg _g_r_o_u_p] [--hh _h_o_s_t]
     ssuuddoo [--AAbbEEHHnnPPSS] [--aa _a_u_t_h___t_y_p_e] [--CC _f_d] [--cc _c_l_a_s_s | _-]          [--pp _p_r_o_m_p_t] [--rr _r_o_l_e] [--tt _t_y_p_e] [--uu _u_s_e_r] [VVAARR=_v_a_l_u_e] [--ii | --ss]
          [--gg _g_r_o_u_p _n_a_m_e | _#_g_i_d] [--pp _p_r_o_m_p_t] [--rr _r_o_l_e] [--tt _t_y_p_e]          [_c_o_m_m_a_n_d]
          [--uu _u_s_e_r _n_a_m_e | _#_u_i_d] [VVAARR=_v_a_l_u_e] --ii | --ss [_c_o_m_m_a_n_d]     ssuuddooeeddiitt [--AAkknnSS] [--aa _t_y_p_e] [--CC _n_u_m] [--cc _c_l_a_s_s] [--gg _g_r_o_u_p] [--hh _h_o_s_t]
     ssuuddooeeddiitt [--AAnnSS] [--aa _a_u_t_h___t_y_p_e] [--CC _f_d] [--cc _c_l_a_s_s | _-]              [--pp _p_r_o_m_p_t] [--uu _u_s_e_r] file ...
              [--gg _g_r_o_u_p _n_a_m_e | _#_g_i_d] [--pp _p_r_o_m_p_t] [--uu _u_s_e_r _n_a_m_e | _#_u_i_d] file 
              ... 
   
 DDEESSCCRRIIPPTTIIOONN  DDEESSCCRRIIPPTTIIOONN
      ssuuddoo allows a permitted user to execute a _c_o_m_m_a_n_d as the superuser or       ssuuddoo allows a permitted user to execute a _c_o_m_m_a_n_d as the superuser or
Line 24  DDEESSCCRRIIPPTTIIOONN Line 22  DDEESSCCRRIIPPTTIIOONN
      input/output logging.  Third parties can develop and distribute their own       input/output logging.  Third parties can develop and distribute their own
      policy and I/O logging plugins to work seamlessly with the ssuuddoo front       policy and I/O logging plugins to work seamlessly with the ssuuddoo front
      end.  The default security policy is _s_u_d_o_e_r_s, which is configured via the       end.  The default security policy is _s_u_d_o_e_r_s, which is configured via the
     file _/_e_t_c_/_s_u_d_o_e_r_s, or via LDAP.  See the _P_L_U_G_I_N_S section for more     file _/_e_t_c_/_s_u_d_o_e_r_s, or via LDAP.  See the _P_l_u_g_i_n_s section for more
      information.       information.
   
      The security policy determines what privileges, if any, a user has to run       The security policy determines what privileges, if any, a user has to run
Line 48  DDEESSCCRRIIPPTTIIOONN Line 46  DDEESSCCRRIIPPTTIIOONN
   
      The options are as follows:       The options are as follows:
   
     --AA          Normally, if ssuuddoo requires a password, it will read it from     --AA, ----aasskkppaassss
                  Normally, if ssuuddoo requires a password, it will read it from
                  the user's terminal.  If the --AA (_a_s_k_p_a_s_s) option is                   the user's terminal.  If the --AA (_a_s_k_p_a_s_s) option is
                  specified, a (possibly graphical) helper program is executed                   specified, a (possibly graphical) helper program is executed
                  to read the user's password and output the password to the                   to read the user's password and output the password to the
                  standard output.  If the SUDO_ASKPASS environment variable is                   standard output.  If the SUDO_ASKPASS environment variable is
                  set, it specifies the path to the helper program.  Otherwise,                   set, it specifies the path to the helper program.  Otherwise,
                 if _/_e_t_c_/_s_u_d_o_._c_o_n_f contains a line specifying the askpass                 if sudo.conf(4) contains a line specifying the askpass
                  program, that value will be used.  For example:                   program, that value will be used.  For example:
   
                      # Path to askpass helper program                       # Path to askpass helper program
Line 63  DDEESSCCRRIIPPTTIIOONN Line 62  DDEESSCCRRIIPPTTIIOONN
                  If no askpass program is available, ssuuddoo will exit with an                   If no askpass program is available, ssuuddoo will exit with an
                  error.                   error.
   
     --aa _t_y_p_e     The --aa (_a_u_t_h_e_n_t_i_c_a_t_i_o_n _t_y_p_e) option causes ssuuddoo to use the     --aa _t_y_p_e, ----aauutthh--ttyyppee=_t_y_p_e
                 specified authentication type when validating the user, as                 Use the specified BSD authentication _t_y_p_e when validating the
                 allowed by _/_e_t_c_/_l_o_g_i_n_._c_o_n_f.  The system administrator may                 user, if allowed by _/_e_t_c_/_l_o_g_i_n_._c_o_n_f.  The system
                 specify a list of sudo-specific authentication methods by                 administrator may specify a list of sudo-specific
                 adding an ``auth-sudo'' entry in _/_e_t_c_/_l_o_g_i_n_._c_o_n_f.  This                 authentication methods by adding an ``auth-sudo'' entry in
                 option is only available on systems that support BSD                 _/_e_t_c_/_l_o_g_i_n_._c_o_n_f.  This option is only available on systems
                 authentication.                 that support BSD authentication.
   
     --bb          The --bb (_b_a_c_k_g_r_o_u_n_d) option tells ssuuddoo to run the given     --bb, ----bbaacckkggrroouunndd
                 command in the background.  Note that if you use the --bb                 Run the given command in the background.  Note that it is not
                 option you cannot use shell job control to manipulate the                 possible to use shell job control to manipulate background
                 process.  Most interactive commands will fail to work                 processes started by ssuuddoo.  Most interactive commands will
                 properly in background mode.                 fail to work properly in background mode.
   
     --CC _f_d       Normally, ssuuddoo will close all open file descriptors other     --CC _n_u_m, ----cclloossee--ffrroomm=_n_u_m
                 than standard input, standard output and standard error.  The                 Close all file descriptors greater than or equal to _n_u_m
                 --CC (_c_l_o_s_e _f_r_o_m) option allows the user to specify a starting                 before executing a command.  Values less than three are not
                 point above the standard error (file descriptor three).                 permitted.  By default, ssuuddoo will close all open file
                 Values less than three are not permitted.  The security                 descriptors other than standard input, standard output and
                 policy may restrict the user's ability to use the --CC option.                 standard error when executing a command.  The security policy
                 The _s_u_d_o_e_r_s policy only permits use of the --CC option when the                 may restrict the user's ability to use this option.  The
                  _s_u_d_o_e_r_s policy only permits use of the --CC option when the
                  administrator has enabled the _c_l_o_s_e_f_r_o_m___o_v_e_r_r_i_d_e option.                   administrator has enabled the _c_l_o_s_e_f_r_o_m___o_v_e_r_r_i_d_e option.
   
     --cc _c_l_a_s_s    The --cc (_c_l_a_s_s) option causes ssuuddoo to run the specified     --cc _c_l_a_s_s, ----llooggiinn--ccllaassss=_c_l_a_s_s
                 command with resources limited by the specified login class.                 Run the command with resource limits and scheduling priority
                 The _c_l_a_s_s argument can be either a class name as defined in                 of the specified login _c_l_a_s_s.  The _c_l_a_s_s argument can be
                 _/_e_t_c_/_l_o_g_i_n_._c_o_n_f, or a single `-' character.  Specifying a                 either a class name as defined in _/_e_t_c_/_l_o_g_i_n_._c_o_n_f, or a
                 _c_l_a_s_s of - indicates that the command should be run                 single `-' character.  If _c_l_a_s_s is -, the default login class
                 restricted by the default login capabilities for the user the                 of the target user will be used.  Otherwise, the command must
                 command is run as.  If the _c_l_a_s_s argument specifies an                 be run as root, or ssuuddoo must be run from a shell that is
                 existing user class, the command must be run as root, or the                 already root.  If the command is being run as a login shell,
                 ssuuddoo command must be run from a shell that is already root.                 additional _/_e_t_c_/_l_o_g_i_n_._c_o_n_f settings, such as the umask and
                 This option is only available on systems with BSD login                 environment variables, will be applied if present.  This
                 classes.                 option is only available on systems with BSD login classes.
   
     --EE          The --EE (_p_r_e_s_e_r_v_e _e_n_v_i_r_o_n_m_e_n_t) option indicates to the     --EE, ----pprreesseerrvvee--eennvv
                 security policy that the user wishes to preserve their                 Indicates to the security policy that the user wishes to
                 existing environment variables.  The security policy may                 preserve their existing environment variables.  The security
                 return an error if the --EE option is specified and the user                 policy may return an error if the user does not have
                 does not have permission to preserve the environment.                 permission to preserve the environment.
   
     --ee          The --ee (_e_d_i_t) option indicates that, instead of running a     --ee, ----eeddiitt  Edit one or more files instead of running a command.  In lieu
                 command, the user wishes to edit one or more files.  In lieu                 of a path name, the string "sudoedit" is used when consulting
                 of a command, the string "sudoedit" is used when consulting 
                  the security policy.  If the user is authorized by the                   the security policy.  If the user is authorized by the
                  policy, the following steps are taken:                   policy, the following steps are taken:
   
Line 131  DDEESSCCRRIIPPTTIIOONN Line 130  DDEESSCCRRIIPPTTIIOONN
                  version, the user will receive a warning and the edited copy                   version, the user will receive a warning and the edited copy
                  will remain in a temporary file.                   will remain in a temporary file.
   
     --gg _g_r_o_u_p    Normally, ssuuddoo runs a command with the primary group set to     --gg _g_r_o_u_p, ----ggrroouupp=_g_r_o_u_p
                 the one specified by the password database for the user the                 Run the command with the primary group set to _g_r_o_u_p instead
                 command is being run as (by default, root).  The --gg (_g_r_o_u_p)                 of the primary group specified by the target user's password
                 option causes ssuuddoo to run the command with the primary group                 database entry.  The _g_r_o_u_p may be either a group name or a
                 set to _g_r_o_u_p instead.  To specify a _g_i_d instead of a _g_r_o_u_p                 numeric group ID (GID) prefixed with the `#' character (e.g.
                 _n_a_m_e, use _#_g_i_d.  When running commands as a _g_i_d, many shells                 #0 for GID 0).  When running a command as a GID, many shells
                  require that the `#' be escaped with a backslash (`\').  If                   require that the `#' be escaped with a backslash (`\').  If
                  no --uu option is specified, the command will be run as the                   no --uu option is specified, the command will be run as the
                 invoking user (not root).  In either case, the primary group                 invoking user.  In either case, the primary group will be set
                 will be set to _g_r_o_u_p.                 to _g_r_o_u_p.
   
     --HH          The --HH (_H_O_M_E) option requests that the security policy set     --HH, ----sseett--hhoommee
                 the HOME environment variable to the home directory of the                 Request that the security policy set the HOME environment
                 target user (root by default) as specified by the password                 variable to the home directory specified by the target user's
                 database.  Depending on the policy, this may be the default                 password database entry.  Depending on the policy, this may
                 behavior.                 be the default behavior.
   
     --hh          The --hh (_h_e_l_p) option causes ssuuddoo to print a short help     --hh, ----hheellpp  Display a short help message to the standard output and exit.
                 message to the standard output and exit. 
   
     --ii [_c_o_m_m_a_n_d]     --hh _h_o_s_t, ----hhoosstt=_h_o_s_t
                 The --ii (_s_i_m_u_l_a_t_e _i_n_i_t_i_a_l _l_o_g_i_n) option runs the shell                 Run the command on the specified _h_o_s_t if the security policy
                 specified by the password database entry of the target user                 plugin supports remote commands.  Note that the _s_u_d_o_e_r_s
                 as a login shell.  This means that login-specific resource                 plugin does not currently support running remote commands.
                 files such as _._p_r_o_f_i_l_e or _._l_o_g_i_n will be read by the shell.                 This may also be used in conjunction with the --ll option to
                 If a command is specified, it is passed to the shell for                 list a user's privileges for the remote host.
                 execution via the shell's --cc option.  If no command is 
                 specified, an interactive shell is executed.  ssuuddoo attempts 
                 to change to that user's home directory before running the 
                 shell.  The security policy shall initialize the environment 
                 to a minimal set of variables, similar to what is present 
                 when a user logs in.  The _C_o_m_m_a_n_d _E_n_v_i_r_o_n_m_e_n_t section in the 
                 sudoers(4) manual documents how the --ii option affects the 
                 environment in which a command is run when the _s_u_d_o_e_r_s policy 
                 is in use. 
   
     --KK          The --KK (sure _k_i_l_l) option is like --kk except that it removes     --ii, ----llooggiinn
                 the user's cached credentials entirely and may not be used in                 Run the shell specified by the target user's password
                  database entry as a login shell.  This means that login-
                  specific resource files such as _._p_r_o_f_i_l_e or _._l_o_g_i_n will be
                  read by the shell.  If a command is specified, it is passed
                  to the shell for execution via the shell's --cc option.  If no
                  command is specified, an interactive shell is executed.  ssuuddoo
                  attempts to change to that user's home directory before
                  running the shell.  The command is run with an environment
                  similar to the one a user would receive at log in.  The
                  _C_o_m_m_a_n_d _E_n_v_i_r_o_n_m_e_n_t section in the sudoers(4) manual
                  documents how the --ii option affects the environment in which
                  a command is run when the _s_u_d_o_e_r_s policy is in use.
 
      --KK, ----rreemmoovvee--ttiimmeessttaammpp
                  Similar to the --kk option, except that it removes the user's
                  cached credentials entirely and may not be used in
                  conjunction with a command or other option.  This option does                   conjunction with a command or other option.  This option does
                  not require a password.  Not all security policies support                   not require a password.  Not all security policies support
                  credential caching.                   credential caching.
   
     --kk [_c_o_m_m_a_n_d]     --kk, ----rreesseett--ttiimmeessttaammpp
                 When used alone, the --kk (_k_i_l_l) option to ssuuddoo invalidates the                 When used without a command, invalidates the user's cached
                 user's cached credentials.  The next time ssuuddoo is run a                 credentials.  In other words, the next time ssuuddoo is run a
                  password will be required.  This option does not require a                   password will be required.  This option does not require a
                  password and was added to allow a user to revoke ssuuddoo                   password and was added to allow a user to revoke ssuuddoo
                 permissions from a _._l_o_g_o_u_t file.  Not all security policies                 permissions from a _._l_o_g_o_u_t file.
                 support credential caching. 
   
                  When used in conjunction with a command or an option that may                   When used in conjunction with a command or an option that may
                 require a password, the --kk option will cause ssuuddoo to ignore                 require a password, this option will cause ssuuddoo to ignore the
                 the user's cached credentials.  As a result, ssuuddoo will prompt                 user's cached credentials.  As a result, ssuuddoo will prompt for
                 for a password (if one is required by the security policy)                 a password (if one is required by the security policy) and
                 and will not update the user's cached credentials.                 will not update the user's cached credentials.
   
     --ll[ll] [_c_o_m_m_a_n_d]                 Not all security policies support credential caching.
                 If no _c_o_m_m_a_n_d is specified, the --ll (_l_i_s_t) option will list
                 the allowed (and forbidden) commands for the invoking user     --ll, ----lliisstt  If no _c_o_m_m_a_n_d is specified, list the allowed (and forbidden)
                 (or the user specified by the --UU option) on the current host.                 commands for the invoking user (or the user specified by the
                  --UU option) on the current host.  A longer list format is used
                  if this option is specified multiple times and the security
                  policy supports a verbose output format.
 
                  If a _c_o_m_m_a_n_d is specified and is permitted by the security                   If a _c_o_m_m_a_n_d is specified and is permitted by the security
                  policy, the fully-qualified path to the command is displayed                   policy, the fully-qualified path to the command is displayed
                  along with any command line arguments.  If _c_o_m_m_a_n_d is                   along with any command line arguments.  If _c_o_m_m_a_n_d is
                  specified but not allowed, ssuuddoo will exit with a status value                   specified but not allowed, ssuuddoo will exit with a status value
                 of 1.  If the --ll option is specified with an _l argument (i.e.                 of 1.
                 --llll), or if --ll is specified multiple times, a longer list 
                 format is used. 
   
     --nn          The --nn (_n_o_n_-_i_n_t_e_r_a_c_t_i_v_e) option prevents ssuuddoo from prompting     --nn, ----nnoonn--iinntteerraaccttiivvee
                 the user for a password.  If a password is required for the                 Avoid prompting the user for input of any kind.  If a
                 command to run, ssuuddoo will display an error message and exit.                 password is required for the command to run, ssuuddoo will
                  display an error message and exit.
   
     --PP          The --PP (_p_r_e_s_e_r_v_e _g_r_o_u_p _v_e_c_t_o_r) option causes ssuuddoo to preserve     --PP, ----pprreesseerrvvee--ggrroouuppss
                 the invoking user's group vector unaltered.  By default, the                 Preserve the invoking user's group vector unaltered.  By
                 _s_u_d_o_e_r_s policy will initialize the group vector to the list                 default, the _s_u_d_o_e_r_s policy will initialize the group vector
                 of groups the target user is in.  The real and effective                 to the list of groups the target user is a member of.  The
                 group IDs, however, are still set to match the target user.                 real and effective group IDs, however, are still set to match
                  the target user.
   
     --pp _p_r_o_m_p_t   The --pp (_p_r_o_m_p_t) option allows you to override the default     --pp _p_r_o_m_p_t, ----pprroommpptt=_p_r_o_m_p_t
                 password prompt and use a custom one.  The following percent                 Use a custom password prompt with optional escape sequences.
                 (`%') escapes are supported by the _s_u_d_o_e_r_s policy:                 The following percent (`%') escape sequences are supported by
                  the _s_u_d_o_e_r_s policy:
   
                  %H  expanded to the host name including the domain name (on                   %H  expanded to the host name including the domain name (on
                      if the machine's host name is fully qualified or the _f_q_d_n                       if the machine's host name is fully qualified or the _f_q_d_n
Line 232  DDEESSCCRRIIPPTTIIOONN Line 240  DDEESSCCRRIIPPTTIIOONN
                  %%  two consecutive `%' characters are collapsed into a                   %%  two consecutive `%' characters are collapsed into a
                      single `%' character                       single `%' character
   
                 The prompt specified by the --pp option will override the                 The custom prompt will override the system password prompt on
                 system password prompt on systems that support PAM unless the                 systems that support PAM unless the _p_a_s_s_p_r_o_m_p_t___o_v_e_r_r_i_d_e flag
                 _p_a_s_s_p_r_o_m_p_t___o_v_e_r_r_i_d_e flag is disabled in _s_u_d_o_e_r_s.                 is disabled in _s_u_d_o_e_r_s.
   
     --rr _r_o_l_e     The --rr (_r_o_l_e) option causes the new (SELinux) security     --rr _r_o_l_e, ----rroollee=_r_o_l_e
                 context to have the role specified by _r_o_l_e.                 Run the command with an SELinux security context that
                  includes the specified _r_o_l_e.
   
     --SS          The --SS (_s_t_d_i_n) option causes ssuuddoo to read the password from     --SS, ----ssttddiinn
                 the standard input instead of the terminal device.  The                 Write the prompt to the standard error and read the password
                 password must be followed by a newline character.                 from the standard input instead of using the terminal device.
                  The password must be followed by a newline character.
   
     --ss [_c_o_m_m_a_n_d]     --ss, ----sshheellll
                 The --ss (_s_h_e_l_l) option runs the shell specified by the SHELL                 Run the shell specified by the SHELL environment variable if
                 environment variable if it is set or the shell as specified                 it is set or the shell specified by the invoking user's
                 in the password database.  If a command is specified, it is                 password database entry.  If a command is specified, it is
                  passed to the shell for execution via the shell's --cc option.                   passed to the shell for execution via the shell's --cc option.
                  If no command is specified, an interactive shell is executed.                   If no command is specified, an interactive shell is executed.
   
     --tt _t_y_p_e     The --tt (_t_y_p_e) option causes the new (SELinux) security     --tt _t_y_p_e, ----ttyyppee=_t_y_p_e
                 context to have the type specified by _t_y_p_e.  If no type is                 Run the command with an SELinux security context that
                 specified, the default type is derived from the specified                 includes the specified _t_y_p_e.  If no _t_y_p_e is specified, the
                 role.                 default type is derived from the role.
   
     --UU _u_s_e_r     The --UU (_o_t_h_e_r _u_s_e_r) option is used in conjunction with the --ll     --UU _u_s_e_r, ----ootthheerr--uusseerr=_u_s_e_r
                 option to specify the user whose privileges should be listed.                 Used in conjunction with the --ll option to list the privileges
                 The security policy may restrict listing other users'                 for _u_s_e_r instead of for the invoking user.  The security
                 privileges.  The _s_u_d_o_e_r_s policy only allows root or a user                 policy may restrict listing other users' privileges.  The
                 with the ALL privilege on the current host to use this                 _s_u_d_o_e_r_s policy only allows root or a user with the ALL
                 option.                 privilege on the current host to use this option.
   
     --uu _u_s_e_r     The --uu (_u_s_e_r) option causes ssuuddoo to run the specified command     --uu _u_s_e_r, ----uusseerr=_u_s_e_r
                 as a user other than _r_o_o_t.  To specify a _u_i_d instead of a                 Run the command as a user other than the default target user
                 _u_s_e_r _n_a_m_e, _#_u_i_d.  When running commands as a _u_i_d, many shells                 (usually _r_o_o_t _)_. The _u_s_e_r may be either a user name or a
                 require that the `#' be escaped with a backslash (`\').                 numeric user ID (UID) prefixed with the `#' character (e.g.
                 Security policies may restrict _u_i_ds to those listed in the                 #0 for UID 0).  When running commands as a UID, many shells
                 password database.  The _s_u_d_o_e_r_s policy allows _u_i_ds that are                 require that the `#' be escaped with a backslash (`\').  Some
                  security policies may restrict UIDs to those listed in the
                  password database.  The _s_u_d_o_e_r_s policy allows UIDs that are
                  not in the password database as long as the _t_a_r_g_e_t_p_w option                   not in the password database as long as the _t_a_r_g_e_t_p_w option
                  is not set.  Other security policies may not support this.                   is not set.  Other security policies may not support this.
   
     --VV          The --VV (_v_e_r_s_i_o_n) option causes ssuuddoo to print its version     --VV, ----vveerrssiioonn
                 string and the version string of the security policy plugin                 Print the ssuuddoo version string as well as the version string
                 and any I/O plugins.  If the invoking user is already root                 of the security policy plugin and any I/O plugins.  If the
                 the --VV option will display the arguments passed to configure                 invoking user is already root the --VV option will display the
                 when ssuuddoo was built and plugins may display more verbose                 arguments passed to configure when ssuuddoo was built and plugins
                 information such as default options.                 may display more verbose information such as default options.
   
     --vv          When given the --vv (_v_a_l_i_d_a_t_e) option, ssuuddoo will update the     --vv, ----vvaalliiddaattee
                 user's cached credentials, authenticating the user's password                 Update the user's cached credentials, authenticating the user
                  if necessary.  For the _s_u_d_o_e_r_s plugin, this extends the ssuuddoo                   if necessary.  For the _s_u_d_o_e_r_s plugin, this extends the ssuuddoo
                 timeout for another 5 minutes (or whatever the timeout is set                 timeout for another 5 minutes by default, but does not run a
                 to by the security policy) but does not run a command.  Not                 command.  Not all security policies support cached
                 all security policies support cached credentials.                 credentials.
   
      ----          The ---- option indicates that ssuuddoo should stop processing       ----          The ---- option indicates that ssuuddoo should stop processing
                  command line arguments.                   command line arguments.
Line 291  DDEESSCCRRIIPPTTIIOONN Line 303  DDEESSCCRRIIPPTTIIOONN
      Environment variables to be set for the command may also be passed on the       Environment variables to be set for the command may also be passed on the
      command line in the form of VVAARR=_v_a_l_u_e, e.g.       command line in the form of VVAARR=_v_a_l_u_e, e.g.
      LLDD__LLIIBBRRAARRYY__PPAATTHH=_/_u_s_r_/_l_o_c_a_l_/_p_k_g_/_l_i_b.  Variables passed on the command line       LLDD__LLIIBBRRAARRYY__PPAATTHH=_/_u_s_r_/_l_o_c_a_l_/_p_k_g_/_l_i_b.  Variables passed on the command line
     are subject to the same restrictions as normal environment variables with     are subject to restrictions imposed by the security policy plugin.  The
     one important exception.  If the _s_e_t_e_n_v option is set in _s_u_d_o_e_r_s, the     _s_u_d_o_e_r_s policy subjects variables passed on the command line to the same
     command to be run has the SETENV tag set or the command matched is ALL,     restrictions as normal environment variables with one important
     the user may set variables that would otherwise be forbidden.  See     exception.  If the _s_e_t_e_n_v option is set in _s_u_d_o_e_r_s, the command to be run
     sudoers(4) for more information.     has the SETENV tag set or the command matched is ALL, the user may set
      variables that would otherwise be forbidden.  See sudoers(4) for more
      information.
   
 CCOOMMMMAANNDD EEXXEECCUUTTIIOONN  CCOOMMMMAANNDD EEXXEECCUUTTIIOONN
      When ssuuddoo executes a command, the security policy specifies the execution       When ssuuddoo executes a command, the security policy specifies the execution
     envionment for the command.  Typically, the real and effective uid and     environment for the command.  Typically, the real and effective user and
     gid are set to match those of the target user, as specified in the     group and IDs are set to match those of the target user, as specified in
     password database, and the group vector is initialized based on the group     the password database, and the group vector is initialized based on the
     database (unless the --PP option was specified).     group database (unless the --PP option was specified).
   
      The following parameters may be specified by security policy:       The following parameters may be specified by security policy:
   
Line 333  CCOOMMMMAANNDD EEXXEECCUUTTIIOONN Line 347  CCOOMMMMAANNDD EEXXEECCUUTTIIOONN
      environment as described above, and calls the execve system call in the       environment as described above, and calls the execve system call in the
      child process.  The main ssuuddoo process waits until the command has       child process.  The main ssuuddoo process waits until the command has
      completed, then passes the command's exit status to the security policy's       completed, then passes the command's exit status to the security policy's
     close method and exits.  If an I/O logging plugin is configured, a new     close function and exits.  If an I/O logging plugin is configured or if
     pseudo-terminal (``pty'') is created and a second ssuuddoo process is used to     the security policy explicitly requests it, a new  pseudo-terminal
     relay job control signals between the user's existing pty and the new pty     (``pty'') is created and a second ssuuddoo process is used to relay job
     the command is being run in.  This extra process makes it possible to,     control signals between the user's existing pty and the new pty the
     for example, suspend and resume the command.  Without it, the command     command is being run in.  This extra process makes it possible to, for
     would be in what POSIX terms an ``orphaned process group'' and it would     example, suspend and resume the command.  Without it, the command would
     not receive any job control signals.     be in what POSIX terms an ``orphaned process group'' and it would not
      receive any job control signals.  As a special case, if the policy plugin
      does not define a close function and no pty is required, ssuuddoo will
      execute the command directly instead of calling fork(2) first.  The
      _s_u_d_o_e_r_s policy plugin will only define a close function when I/O logging
      is enabled, a pty is required, or the _p_a_m___s_e_s_s_i_o_n or _p_a_m___s_e_t_c_r_e_d options
      are enabled.  Note that _p_a_m___s_e_s_s_i_o_n and _p_a_m___s_e_t_c_r_e_d are enabled by
      default on systems using PAM.
   
    SSiiggnnaall hhaannddlliinngg     SSiiggnnaall hhaannddlliinngg
     Because the command is run as a child of the ssuuddoo process, ssuuddoo will     When the command is run as a child of the ssuuddoo process, ssuuddoo will relay
     relay signals it receives to the command.  Unless the command is being     signals it receives to the command.  Unless the command is being run in a
     run in a new pty, the SIGHUP, SIGINT and SIGQUIT signals are not relayed     new pty, the SIGHUP, SIGINT and SIGQUIT signals are not relayed unless
     unless they are sent by a user process, not the kernel.  Otherwise, the     they are sent by a user process, not the kernel.  Otherwise, the command
     command would receive SIGINT twice every time the user entered control-C.     would receive SIGINT twice every time the user entered control-C.  Some
     Some signals, such as SIGSTOP and SIGKILL, cannot be caught and thus will     signals, such as SIGSTOP and SIGKILL, cannot be caught and thus will not
     not be relayed to the command.  As a general rule, SIGTSTP should be used     be relayed to the command.  As a general rule, SIGTSTP should be used
      instead of SIGSTOP when you wish to suspend a command being run by ssuuddoo.       instead of SIGSTOP when you wish to suspend a command being run by ssuuddoo.
   
      As a special case, ssuuddoo will not relay signals that were sent by the       As a special case, ssuuddoo will not relay signals that were sent by the
      command it is running.  This prevents the command from accidentally       command it is running.  This prevents the command from accidentally
      killing itself.  On some systems, the reboot(1m) command sends SIGTERM to       killing itself.  On some systems, the reboot(1m) command sends SIGTERM to
     all non-system processes other than itself before rebooting the systyem.     all non-system processes other than itself before rebooting the system.
      This prevents ssuuddoo from relaying the SIGTERM signal it received back to       This prevents ssuuddoo from relaying the SIGTERM signal it received back to
      reboot(1m), which might then exit before the system was actually rebooted,       reboot(1m), which might then exit before the system was actually rebooted,
      leaving it in a half-dead state similar to single user mode.  Note,       leaving it in a half-dead state similar to single user mode.  Note,
Line 365  CCOOMMMMAANNDD EEXXEECCUUTTIIOONN Line 386  CCOOMMMMAANNDD EEXXEECCUUTTIIOONN
      run using the eexxeecc() family of functions instead of ssyysstteemm() (which       run using the eexxeecc() family of functions instead of ssyysstteemm() (which
      interposes a shell between the command and the calling process).       interposes a shell between the command and the calling process).
   
PPLLUUGGIINNSS     If no I/O logging plugins are loaded and the policy plugin has not
     Plugins are dynamically loaded based on the contents of the     defined a cclloossee() function, set a command timeout or required that the
     _/_e_t_c_/_s_u_d_o_._c_o_n_f file.  If no _/_e_t_c_/_s_u_d_o_._c_o_n_f file is present, or it     command be run in a new pty, ssuuddoo may execute the command directly
     contains no Plugin lines, ssuuddoo will use the traditional _s_u_d_o_e_r_s security     instead of running it as a child process.
     policy and I/O logging, which corresponds to the following _/_e_t_c_/_s_u_d_o_._c_o_n_f 
     file. 
   
     #   PPlluuggiinnss
     # Default /etc/sudo.conf file     Plugins are dynamically loaded based on the contents of the sudo.conf(4)
     #     file.  If no sudo.conf(4) file is present, or it contains no Plugin
     # Format:     lines, ssuuddoo will use the traditional _s_u_d_o_e_r_s security policy and I/O
     #   Plugin plugin_name plugin_path plugin_options ...     logging.  See the sudo.conf(4) manual for details of the _/_e_t_c_/_s_u_d_o_._c_o_n_f
     #   Path askpass /path/to/askpass     file and the sudo_plugin(1m) manual for more information about the ssuuddoo
     #   Path noexec /path/to/sudo_noexec.so     plugin architecture.
     #   Debug sudo /var/log/sudo_debug all@warn 
     #   Set disable_coredump true 
     # 
     # The plugin_path is relative to /usr/local/libexec unless 
     #   fully qualified. 
     # The plugin_name corresponds to a global symbol in the plugin 
     #   that contains the plugin interface structure. 
     # The plugin_options are optional. 
     # 
     Plugin policy_plugin sudoers.so 
     Plugin io_plugin sudoers.so 
   
      A Plugin line consists of the Plugin keyword, followed by the _s_y_m_b_o_l___n_a_m_e  
      and the _p_a_t_h to the shared object containing the plugin.  The _s_y_m_b_o_l___n_a_m_e  
      is the name of the struct policy_plugin or struct io_plugin in the plugin  
      shared object.  The _p_a_t_h may be fully qualified or relative.  If not  
      fully qualified it is relative to the _/_u_s_r_/_l_o_c_a_l_/_l_i_b_e_x_e_c directory.  Any  
      additional parameters after the _p_a_t_h are passed as arguments to the  
      plugin's _o_p_e_n function.  Lines that don't begin with Plugin, Path, Debug,  
      or Set are silently ignored.  
   
      For more information, see the sudo_plugin(1m) manual.  
   
 PPAATTHHSS  
      A Path line consists of the Path keyword, followed by the name of the  
      path to set and its value.  E.g.  
   
            Path noexec /usr/local/libexec/sudo_noexec.so  
            Path askpass /usr/X11R6/bin/ssh-askpass  
   
      The following plugin-agnostic paths may be set in the _/_e_t_c_/_s_u_d_o_._c_o_n_f  
      file:  
   
      askpass   The fully qualified path to a helper program used to read the  
                user's password when no terminal is available.  This may be the  
                case when ssuuddoo is executed from a graphical (as opposed to  
                text-based) application.  The program specified by _a_s_k_p_a_s_s  
                should display the argument passed to it as the prompt and  
                write the user's password to the standard output.  The value of  
                _a_s_k_p_a_s_s may be overridden by the SUDO_ASKPASS environment  
                variable.  
   
      noexec    The fully-qualified path to a shared library containing dummy  
                versions of the eexxeeccvv(), eexxeeccvvee() and ffeexxeeccvvee() library  
                functions that just return an error.  This is used to implement  
                the _n_o_e_x_e_c functionality on systems that support LD_PRELOAD or  
                its equivalent.  Defaults to _/_u_s_r_/_l_o_c_a_l_/_l_i_b_e_x_e_c_/_s_u_d_o___n_o_e_x_e_c_._s_o.  
   
 DDEEBBUUGG FFLLAAGGSS  
      ssuuddoo versions 1.8.4 and higher support a flexible debugging framework  
      that can help track down what ssuuddoo is doing internally if there is a  
      problem.  
   
      A Debug line consists of the Debug keyword, followed by the name of the  
      program to debug (ssuuddoo, vviissuuddoo, ssuuddoorreeppllaayy), the debug file name and a  
      comma-separated list of debug flags.  The debug flag syntax used by ssuuddoo  
      and the _s_u_d_o_e_r_s plugin is _s_u_b_s_y_s_t_e_m@_p_r_i_o_r_i_t_y but the plugin is free to  
      use a different format so long as it does not include a comma (`,').  
   
      For instance:  
   
            Debug sudo /var/log/sudo_debug all@warn,plugin@info  
   
      would log all debugging statements at the _w_a_r_n level and higher in  
      addition to those at the _i_n_f_o level for the plugin subsystem.  
   
      Currently, only one Debug entry per program is supported.  The ssuuddoo Debug  
      entry is shared by the ssuuddoo front end, ssuuddooeeddiitt and the plugins.  A  
      future release may add support for per-plugin Debug lines and/or support  
      for multiple debugging files for a single program.  
   
      The priorities used by the ssuuddoo front end, in order of decreasing  
      severity, are: _c_r_i_t, _e_r_r, _w_a_r_n, _n_o_t_i_c_e, _d_i_a_g, _i_n_f_o, _t_r_a_c_e and _d_e_b_u_g.  
      Each priority, when specified, also includes all priorities higher than  
      it.  For example, a priority of _n_o_t_i_c_e would include debug messages  
      logged at _n_o_t_i_c_e and higher.  
   
      The following subsystems are used by the ssuuddoo front-end:  
   
      _a_l_l         matches every subsystem  
   
      _a_r_g_s        command line argument processing  
   
      _c_o_n_v        user conversation  
   
      _e_d_i_t        sudoedit  
   
      _e_x_e_c        command execution  
   
      _m_a_i_n        ssuuddoo main function  
   
      _n_e_t_i_f       network interface handling  
   
      _p_c_o_m_m       communication with the plugin  
   
      _p_l_u_g_i_n      plugin configuration  
   
      _p_t_y         pseudo-tty related code  
   
      _s_e_l_i_n_u_x     SELinux-specific handling  
   
      _u_t_i_l        utility functions  
   
      _u_t_m_p        utmp handling  
   
 EEXXIITT VVAALLUUEE  EEXXIITT VVAALLUUEE
      Upon successful execution of a program, the exit status from _s_u_d_o will       Upon successful execution of a program, the exit status from _s_u_d_o will
      simply be the exit status of the program that was executed.       simply be the exit status of the program that was executed.
Line 524  SSEECCUURRIITTYY NNOOTTEESS Line 439  SSEECCUURRIITTYY NNOOTTEESS
      disables core dumps by default while it is executing (they are re-enabled       disables core dumps by default while it is executing (they are re-enabled
      for the command that is run).  To aid in debugging ssuuddoo crashes, you may       for the command that is run).  To aid in debugging ssuuddoo crashes, you may
      wish to re-enable core dumps by setting ``disable_coredump'' to false in       wish to re-enable core dumps by setting ``disable_coredump'' to false in
     the _/_e_t_c_/_s_u_d_o_._c_o_n_f file as follows:     the sudo.conf(4) file as follows:
   
            Set disable_coredump false             Set disable_coredump false
   
     Note that by default, most operating systems disable core dumps from     See the sudo.conf(4) manual for more information.
     setuid programs, which includes ssuuddoo.  To actually get a ssuuddoo core file 
     you may need to enable core dumps for setuid processes.  On BSD and Linux 
     systems this is accomplished via the sysctl command, on Solaris the 
     coreadm command can be used. 
   
 EENNVVIIRROONNMMEENNTT  EENNVVIIRROONNMMEENNTT
      ssuuddoo utilizes the following environment variables.  The security policy       ssuuddoo utilizes the following environment variables.  The security policy
Line 617  EEXXAAMMPPLLEESS Line 528  EEXXAAMMPPLLEESS
            $ sudo sh -c "cd /home ; du -s * | sort -rn > USAGE"             $ sudo sh -c "cd /home ; du -s * | sort -rn > USAGE"
   
 SSEEEE AALLSSOO  SSEEEE AALLSSOO
     grep(1), su(1), stat(2), login_cap(3), passwd(4), sudoers(4),     su(1), stat(2), login_cap(3), passwd(4), sudo.conf(4), sudoers(4),
      sudo_plugin(1m), sudoreplay(1m), visudo(1m)       sudo_plugin(1m), sudoreplay(1m), visudo(1m)
   
 HHIISSTTOORRYY  HHIISSTTOORRYY
Line 668  DDIISSCCLLAAIIMMEERR Line 579  DDIISSCCLLAAIIMMEERR
      file distributed with ssuuddoo or http://www.sudo.ws/sudo/license.html for       file distributed with ssuuddoo or http://www.sudo.ws/sudo/license.html for
      complete details.       complete details.
   
Sudo 1.8.6                       July 10, 2012                      Sudo 1.8.6Sudo 1.8.8                      August 14, 2013                     Sudo 1.8.8

Removed from v.1.1.1.3  
changed lines
  Added in v.1.1.1.5


FreeBSD-CVSweb <freebsd-cvsweb@FreeBSD.org>