version 1.1.1.3, 2012/10/09 09:29:52
|
version 1.1.1.4, 2013/07/22 10:46:12
|
Line 1
|
Line 1
|
.\" DO NOT EDIT THIS FILE, IT IS NOT THE MASTER! |
.\" DO NOT EDIT THIS FILE, IT IS NOT THE MASTER! |
.\" IT IS GENERATED AUTOMATICALLY FROM sudo.mdoc.in |
.\" IT IS GENERATED AUTOMATICALLY FROM sudo.mdoc.in |
.\" |
.\" |
.\" Copyright (c) 1994-1996, 1998-2005, 2007-2012 | .\" Copyright (c) 1994-1996, 1998-2005, 2007-2013 |
.\" Todd C. Miller <Todd.Miller@courtesan.com> |
.\" Todd C. Miller <Todd.Miller@courtesan.com> |
.\" |
.\" |
.\" Permission to use, copy, modify, and distribute this software for any |
.\" Permission to use, copy, modify, and distribute this software for any |
Line 21
|
Line 21
|
.\" Agency (DARPA) and Air Force Research Laboratory, Air Force |
.\" Agency (DARPA) and Air Force Research Laboratory, Air Force |
.\" Materiel Command, USAF, under agreement number F39502-99-1-0512. |
.\" Materiel Command, USAF, under agreement number F39502-99-1-0512. |
.\" |
.\" |
.TH "SUDO" "@mansectsu@" "July 10, 2012" "Sudo @PACKAGE_VERSION@" "System Manager's Manual" | .TH "SUDO" "@mansectsu@" "March 13, 2013" "Sudo @PACKAGE_VERSION@" "System Manager's Manual" |
.nh |
.nh |
.if n .ad l |
.if n .ad l |
.SH "NAME" |
.SH "NAME" |
Line 99 which is configured via the file
|
Line 99 which is configured via the file
|
\fI@sysconfdir@/sudoers\fR, |
\fI@sysconfdir@/sudoers\fR, |
or via LDAP. |
or via LDAP. |
See the |
See the |
\fIPLUGINS\fR | \fIPlugins\fR |
section for more information. |
section for more information. |
.PP |
.PP |
The security policy determines what privileges, if any, a user has |
The security policy determines what privileges, if any, a user has |
Line 162 If the
|
Line 162 If the
|
environment variable is set, it specifies the path to the helper |
environment variable is set, it specifies the path to the helper |
program. |
program. |
Otherwise, if |
Otherwise, if |
\fI@sysconfdir@/sudo.conf\fR | sudo.conf(@mansectform@) |
contains a line specifying the askpass program, that value will be |
contains a line specifying the askpass program, that value will be |
used. |
used. |
For example: |
For example: |
Line 694 for more information.
|
Line 694 for more information.
|
When |
When |
\fBsudo\fR |
\fBsudo\fR |
executes a command, the security policy specifies the execution |
executes a command, the security policy specifies the execution |
envionment for the command. | environment for the command. |
Typically, the real and effective uid and gid are set to |
Typically, the real and effective uid and gid are set to |
match those of the target user, as specified in the password database, |
match those of the target user, as specified in the password database, |
and the group vector is initialized based on the group database |
and the group vector is initialized based on the group database |
Line 747 system call in the child process.
|
Line 747 system call in the child process.
|
The main |
The main |
\fBsudo\fR |
\fBsudo\fR |
process waits until the command has completed, then passes the |
process waits until the command has completed, then passes the |
command's exit status to the security policy's close method and exits. | command's exit status to the security policy's close function and exits. |
If an I/O logging plugin is configured, a new pseudo-terminal | If an I/O logging plugin is configured or if the security policy |
| explicitly requests it, a new pseudo-terminal |
(``pty'') |
(``pty'') |
is created and a second |
is created and a second |
\fBsudo\fR |
\fBsudo\fR |
Line 759 and resume the command.
|
Line 760 and resume the command.
|
Without it, the command would be in what POSIX terms an |
Without it, the command would be in what POSIX terms an |
``orphaned process group'' |
``orphaned process group'' |
and it would not receive any job control signals. |
and it would not receive any job control signals. |
|
As a special case, if the policy plugin does not define a close |
|
function and no pty is required, |
|
\fBsudo\fR |
|
will execute the command directly instead of calling |
|
fork(2) |
|
first. |
.SS "Signal handling" |
.SS "Signal handling" |
Because the command is run as a child of the |
Because the command is run as a child of the |
\fBsudo\fR |
\fBsudo\fR |
Line 796 reboot(@mansectsu@)
|
Line 803 reboot(@mansectsu@)
|
command sends |
command sends |
\fRSIGTERM\fR |
\fRSIGTERM\fR |
to all non-system processes other than itself before rebooting |
to all non-system processes other than itself before rebooting |
the systyem. | the system. |
This prevents |
This prevents |
\fBsudo\fR |
\fBsudo\fR |
from relaying the |
from relaying the |
Line 823 are run using the
|
Line 830 are run using the
|
family of functions instead of |
family of functions instead of |
\fBsystem\fR() |
\fBsystem\fR() |
(which interposes a shell between the command and the calling process). |
(which interposes a shell between the command and the calling process). |
.SH "PLUGINS" | .PP |
| If no I/O logging plugins are loaded and the policy plugin has not |
| defined a |
| \fBclose\fR() |
| function, set a command timeout or required that the command be |
| run in a new pty, |
| \fBsudo\fR |
| may execute the command directly instead of running it as a child process. |
| .SS "Plugins" |
Plugins are dynamically loaded based on the contents of the |
Plugins are dynamically loaded based on the contents of the |
\fI@sysconfdir@/sudo.conf\fR | sudo.conf(@mansectform@) |
file. |
file. |
If no |
If no |
\fI@sysconfdir@/sudo.conf\fR | sudo.conf(@mansectform@) |
file is present, or it contains no |
file is present, or it contains no |
\fRPlugin\fR |
\fRPlugin\fR |
lines, |
lines, |
\fBsudo\fR |
\fBsudo\fR |
will use the traditional |
will use the traditional |
\fIsudoers\fR |
\fIsudoers\fR |
security policy and I/O logging, which corresponds to the following | security policy and I/O logging. |
| See the |
| sudo.conf(@mansectform@) |
| manual for details of the |
\fI@sysconfdir@/sudo.conf\fR |
\fI@sysconfdir@/sudo.conf\fR |
file. | file and the |
.nf | |
.sp | |
.RS 0n | |
# | |
# Default @sysconfdir@/sudo.conf file | |
# | |
# Format: | |
# Plugin plugin_name plugin_path plugin_options ... | |
# Path askpass /path/to/askpass | |
# Path noexec /path/to/sudo_noexec.so | |
# Debug sudo /var/log/sudo_debug all@warn | |
# Set disable_coredump true | |
# | |
# The plugin_path is relative to @prefix@/libexec unless | |
# fully qualified. | |
# The plugin_name corresponds to a global symbol in the plugin | |
# that contains the plugin interface structure. | |
# The plugin_options are optional. | |
# | |
Plugin policy_plugin sudoers.so | |
Plugin io_plugin sudoers.so | |
.RE | |
.fi | |
.PP | |
A | |
\fRPlugin\fR | |
line consists of the | |
\fRPlugin\fR | |
keyword, followed by the | |
\fIsymbol_name\fR | |
and the | |
\fIpath\fR | |
to the shared object containing the plugin. | |
The | |
\fIsymbol_name\fR | |
is the name of the | |
\fRstruct policy_plugin\fR | |
or | |
\fRstruct io_plugin\fR | |
in the plugin shared object. | |
The | |
\fIpath\fR | |
may be fully qualified or relative. | |
If not fully qualified it is relative to the | |
\fI@prefix@/libexec\fR | |
directory. | |
Any additional parameters after the | |
\fIpath\fR | |
are passed as arguments to the plugin's | |
\fIopen\fR | |
function. | |
Lines that don't begin with | |
\fRPlugin\fR, | |
\fRPath\fR, | |
\fRDebug\fR, | |
or | |
\fRSet\fR | |
are silently ignored. | |
.PP | |
For more information, see the | |
sudo_plugin(@mansectsu@) |
sudo_plugin(@mansectsu@) |
manual. | manual for more information about the |
.SH "PATHS" | |
A | |
\fRPath\fR | |
line consists of the | |
\fRPath\fR | |
keyword, followed by the name of the path to set and its value. | |
E.g. | |
.nf | |
.sp | |
.RS 6n | |
Path noexec @noexec_file@ | |
Path askpass /usr/X11R6/bin/ssh-askpass | |
.RE | |
.fi | |
.PP | |
The following plugin-agnostic paths may be set in the | |
\fI@sysconfdir@/sudo.conf\fR | |
file: | |
.TP 10n | |
askpass | |
The fully qualified path to a helper program used to read the user's | |
password when no terminal is available. | |
This may be the case when | |
\fBsudo\fR |
\fBsudo\fR |
is executed from a graphical (as opposed to text-based) application. | plugin architecture. |
The program specified by | |
\fIaskpass\fR | |
should display the argument passed to it as the prompt and write | |
the user's password to the standard output. | |
The value of | |
\fIaskpass\fR | |
may be overridden by the | |
\fRSUDO_ASKPASS\fR | |
environment variable. | |
.TP 10n | |
noexec | |
The fully-qualified path to a shared library containing dummy | |
versions of the | |
\fBexecv\fR(), | |
\fBexecve\fR() | |
and | |
\fBfexecve\fR() | |
library functions that just return an error. | |
This is used to implement the | |
\fInoexec\fR | |
functionality on systems that support | |
\fRLD_PRELOAD\fR | |
or its equivalent. | |
Defaults to | |
\fI@noexec_file@\fR. | |
.SH "DEBUG FLAGS" | |
\fBsudo\fR | |
versions 1.8.4 and higher support a flexible debugging framework | |
that can help track down what | |
\fBsudo\fR | |
is doing internally if there is a problem. | |
.PP | |
A | |
\fRDebug\fR | |
line consists of the | |
\fRDebug\fR | |
keyword, followed by the name of the program to debug | |
(\fBsudo\fR, \fBvisudo\fR, \fBsudoreplay\fR), | |
the debug file name and a comma-separated list of debug flags. | |
The debug flag syntax used by | |
\fBsudo\fR | |
and the | |
\fIsudoers\fR | |
plugin is | |
\fIsubsystem\fR@\fIpriority\fR | |
but the plugin is free to use a different format so long as it does | |
not include a comma | |
(`\&,'). | |
.PP | |
For instance: | |
.nf | |
.sp | |
.RS 6n | |
Debug sudo /var/log/sudo_debug all@warn,plugin@info | |
.RE | |
.fi | |
.PP | |
would log all debugging statements at the | |
\fIwarn\fR | |
level and higher in addition to those at the | |
\fIinfo\fR | |
level for the plugin subsystem. | |
.PP | |
Currently, only one | |
\fRDebug\fR | |
entry per program is supported. | |
The | |
\fBsudo\fR | |
\fRDebug\fR | |
entry is shared by the | |
\fBsudo\fR | |
front end, | |
\fBsudoedit\fR | |
and the plugins. | |
A future release may add support for per-plugin | |
\fRDebug\fR | |
lines and/or support for multiple debugging files for a single | |
program. | |
.PP | |
The priorities used by the | |
\fBsudo\fR | |
front end, in order of decreasing severity, are: | |
\fIcrit\fR, \fIerr\fR, \fIwarn\fR, \fInotice\fR, \fIdiag\fR, \fIinfo\fR, \fItrace\fR | |
and | |
\fIdebug\fR. | |
Each priority, when specified, also includes all priorities higher | |
than it. | |
For example, a priority of | |
\fInotice\fR | |
would include debug messages logged at | |
\fInotice\fR | |
and higher. | |
.PP | |
The following subsystems are used by the | |
\fBsudo\fR | |
front-end: | |
.TP 12n | |
\fIall\fR | |
matches every subsystem | |
.TP 12n | |
\fIargs\fR | |
command line argument processing | |
.TP 12n | |
\fIconv\fR | |
user conversation | |
.TP 12n | |
\fIedit\fR | |
sudoedit | |
.TP 12n | |
\fIexec\fR | |
command execution | |
.TP 12n | |
\fImain\fR | |
\fBsudo\fR | |
main function | |
.TP 12n | |
\fInetif\fR | |
network interface handling | |
.TP 12n | |
\fIpcomm\fR | |
communication with the plugin | |
.TP 12n | |
\fIplugin\fR | |
plugin configuration | |
.TP 12n | |
\fIpty\fR | |
pseudo-tty related code | |
.TP 12n | |
\fIselinux\fR | |
SELinux-specific handling | |
.TP 12n | |
\fIutil\fR | |
utility functions | |
.TP 12n | |
\fIutmp\fR | |
utmp handling | |
.SH "EXIT VALUE" |
.SH "EXIT VALUE" |
Upon successful execution of a program, the exit status from |
Upon successful execution of a program, the exit status from |
\fIsudo\fR |
\fIsudo\fR |
Line 1142 To aid in debugging
|
Line 941 To aid in debugging
|
crashes, you may wish to re-enable core dumps by setting |
crashes, you may wish to re-enable core dumps by setting |
``disable_coredump'' |
``disable_coredump'' |
to false in the |
to false in the |
\fI@sysconfdir@/sudo.conf\fR | sudo.conf(@mansectform@) |
file as follows: |
file as follows: |
.nf |
.nf |
.sp |
.sp |
Line 1151 Set disable_coredump false
|
Line 950 Set disable_coredump false
|
.RE |
.RE |
.fi |
.fi |
.PP |
.PP |
Note that by default, most operating systems disable core dumps | See the |
from setuid programs, which includes | sudo.conf(@mansectform@) |
\fBsudo\fR. | manual for more information. |
To actually get a | |
\fBsudo\fR | |
core file you may need to enable core dumps for setuid processes. | |
On BSD and Linux systems this is accomplished via the sysctl command, | |
on Solaris the coreadm command can be used. | |
.SH "ENVIRONMENT" |
.SH "ENVIRONMENT" |
\fBsudo\fR |
\fBsudo\fR |
utilizes the following environment variables. |
utilizes the following environment variables. |
Line 1323 $ sudo sh -c "cd /home ; du -s * | sort -rn > USAGE"
|
Line 1117 $ sudo sh -c "cd /home ; du -s * | sort -rn > USAGE"
|
.RE |
.RE |
.fi |
.fi |
.SH "SEE ALSO" |
.SH "SEE ALSO" |
grep(1), |
|
su(1), |
su(1), |
stat(2), |
stat(2), |
login_cap(3), |
login_cap(3), |
passwd(@mansectform@), |
passwd(@mansectform@), |
|
sudo.conf(@mansectform@), |
sudoers(@mansectform@), |
sudoers(@mansectform@), |
sudo_plugin(@mansectsu@), |
sudo_plugin(@mansectsu@), |
sudoreplay(@mansectsu@), |
sudoreplay(@mansectsu@), |