|
version 1.1.1.1, 2012/10/09 09:29:52
|
version 1.1.1.2, 2013/07/22 10:46:12
|
|
Line 1
|
Line 1
|
| .\" |
.\" |
| .\" Copyright (c) 1994-1996, 1998-2005, 2007-2012 | .\" Copyright (c) 1994-1996, 1998-2005, 2007-2013 |
| .\" Todd C. Miller <Todd.Miller@courtesan.com> |
.\" Todd C. Miller <Todd.Miller@courtesan.com> |
| .\" |
.\" |
| .\" Permission to use, copy, modify, and distribute this software for any |
.\" Permission to use, copy, modify, and distribute this software for any |
|
Line 19
|
Line 19
|
| .\" Agency (DARPA) and Air Force Research Laboratory, Air Force |
.\" Agency (DARPA) and Air Force Research Laboratory, Air Force |
| .\" Materiel Command, USAF, under agreement number F39502-99-1-0512. |
.\" Materiel Command, USAF, under agreement number F39502-99-1-0512. |
| .\" |
.\" |
| .Dd July 10, 2012 | .Dd March 13, 2013 |
| .Dt SUDO @mansectsu@ |
.Dt SUDO @mansectsu@ |
| .Os Sudo @PACKAGE_VERSION@ |
.Os Sudo @PACKAGE_VERSION@ |
| .Sh NAME |
.Sh NAME |
|
Line 139 which is configured via the file
|
Line 139 which is configured via the file
|
| .Pa @sysconfdir@/sudoers , |
.Pa @sysconfdir@/sudoers , |
| or via LDAP. |
or via LDAP. |
| See the |
See the |
| .Sx PLUGINS | .Sx Plugins |
| section for more information. |
section for more information. |
| .Pp |
.Pp |
| The security policy determines what privileges, if any, a user has |
The security policy determines what privileges, if any, a user has |
|
Line 202 If the
|
Line 202 If the
|
| environment variable is set, it specifies the path to the helper |
environment variable is set, it specifies the path to the helper |
| program. |
program. |
| Otherwise, if |
Otherwise, if |
| .Pa @sysconfdir@/sudo.conf | .Xr sudo.conf @mansectform@ |
| contains a line specifying the askpass program, that value will be |
contains a line specifying the askpass program, that value will be |
| used. |
used. |
| For example: |
For example: |
|
Line 687 for more information.
|
Line 687 for more information.
|
| When |
When |
| .Nm sudo |
.Nm sudo |
| executes a command, the security policy specifies the execution |
executes a command, the security policy specifies the execution |
| envionment for the command. | environment for the command. |
| Typically, the real and effective uid and gid are set to |
Typically, the real and effective uid and gid are set to |
| match those of the target user, as specified in the password database, |
match those of the target user, as specified in the password database, |
| and the group vector is initialized based on the group database |
and the group vector is initialized based on the group database |
|
Line 725 When
|
Line 725 When
|
| .Nm sudo |
.Nm sudo |
| runs a command, it calls |
runs a command, it calls |
| .Xr fork 2 , |
.Xr fork 2 , |
| sets up the execution environment as described above, and calls the | sets up the execution environment as described above, and calls the |
| .Xr execve |
.Xr execve |
| system call in the child process. |
system call in the child process. |
| The main |
The main |
| .Nm sudo |
.Nm sudo |
| process waits until the command has completed, then passes the |
process waits until the command has completed, then passes the |
| command's exit status to the security policy's close method and exits. | command's exit status to the security policy's close function and exits. |
| If an I/O logging plugin is configured, a new pseudo-terminal | If an I/O logging plugin is configured or if the security policy |
| | explicitly requests it, a new pseudo-terminal |
| .Pq Dq pty |
.Pq Dq pty |
| is created and a second |
is created and a second |
| .Nm sudo |
.Nm sudo |
|
Line 743 and resume the command.
|
Line 744 and resume the command.
|
| Without it, the command would be in what POSIX terms an |
Without it, the command would be in what POSIX terms an |
| .Dq orphaned process group |
.Dq orphaned process group |
| and it would not receive any job control signals. |
and it would not receive any job control signals. |
| |
As a special case, if the policy plugin does not define a close |
| |
function and no pty is required, |
| |
.Nm sudo |
| |
will execute the command directly instead of calling |
| |
.Xr fork 2 |
| |
first. |
| .Ss Signal handling |
.Ss Signal handling |
| Because the command is run as a child of the |
Because the command is run as a child of the |
| .Nm sudo |
.Nm sudo |
|
Line 780 On some systems, the
|
Line 787 On some systems, the
|
| command sends |
command sends |
| .Dv SIGTERM |
.Dv SIGTERM |
| to all non-system processes other than itself before rebooting |
to all non-system processes other than itself before rebooting |
| the systyem. | the system. |
| This prevents |
This prevents |
| .Nm sudo |
.Nm sudo |
| from relaying the |
from relaying the |
|
Line 807 are run using the
|
Line 814 are run using the
|
| family of functions instead of |
family of functions instead of |
| .Fn system |
.Fn system |
| (which interposes a shell between the command and the calling process). |
(which interposes a shell between the command and the calling process). |
| .Sh PLUGINS | .Pp |
| | If no I/O logging plugins are loaded and the policy plugin has not |
| | defined a |
| | .Fn close |
| | function, set a command timeout or required that the command be |
| | run in a new pty, |
| | .Nm sudo |
| | may execute the command directly instead of running it as a child process. |
| | .Ss Plugins |
| Plugins are dynamically loaded based on the contents of the |
Plugins are dynamically loaded based on the contents of the |
| .Pa @sysconfdir@/sudo.conf | .Xr sudo.conf @mansectform@ |
| file. |
file. |
| If no |
If no |
| .Pa @sysconfdir@/sudo.conf | .Xr sudo.conf @mansectform@ |
| file is present, or it contains no |
file is present, or it contains no |
| .Li Plugin |
.Li Plugin |
| lines, |
lines, |
| .Nm sudo |
.Nm sudo |
| will use the traditional |
will use the traditional |
| .Em sudoers |
.Em sudoers |
| security policy and I/O logging, which corresponds to the following | security policy and I/O logging. |
| | See the |
| | .Xr sudo.conf @mansectform@ |
| | manual for details of the |
| .Pa @sysconfdir@/sudo.conf |
.Pa @sysconfdir@/sudo.conf |
| file. | file and the |
| .Bd -literal | |
| # | |
| # Default @sysconfdir@/sudo.conf file | |
| # | |
| # Format: | |
| # Plugin plugin_name plugin_path plugin_options ... | |
| # Path askpass /path/to/askpass | |
| # Path noexec /path/to/sudo_noexec.so | |
| # Debug sudo /var/log/sudo_debug all@warn | |
| # Set disable_coredump true | |
| # | |
| # The plugin_path is relative to @prefix@/libexec unless | |
| # fully qualified. | |
| # The plugin_name corresponds to a global symbol in the plugin | |
| # that contains the plugin interface structure. | |
| # The plugin_options are optional. | |
| # | |
| Plugin policy_plugin sudoers.so | |
| Plugin io_plugin sudoers.so | |
| .Ed | |
| .Pp | |
| A | |
| .Li Plugin | |
| line consists of the | |
| .Li Plugin | |
| keyword, followed by the | |
| .Em symbol_name | |
| and the | |
| .Em path | |
| to the shared object containing the plugin. | |
| The | |
| .Em symbol_name | |
| is the name of the | |
| .Li struct policy_plugin | |
| or | |
| .Li struct io_plugin | |
| in the plugin shared object. | |
| The | |
| .Em path | |
| may be fully qualified or relative. | |
| If not fully qualified it is relative to the | |
| .Pa @prefix@/libexec | |
| directory. | |
| Any additional parameters after the | |
| .Em path | |
| are passed as arguments to the plugin's | |
| .Em open | |
| function. | |
| Lines that don't begin with | |
| .Li Plugin , | |
| .Li Path , | |
| .Li Debug , | |
| or | |
| .Li Set | |
| are silently ignored. | |
| .Pp | |
| For more information, see the | |
| .Xr sudo_plugin @mansectsu@ |
.Xr sudo_plugin @mansectsu@ |
| manual. | manual for more information about the |
| .Sh PATHS | |
| A | |
| .Li Path | |
| line consists of the | |
| .Li Path | |
| keyword, followed by the name of the path to set and its value. | |
| E.g. | |
| .Bd -literal -offset indent | |
| Path noexec @noexec_file@ | |
| Path askpass /usr/X11R6/bin/ssh-askpass | |
| .Ed | |
| .Pp | |
| The following plugin-agnostic paths may be set in the | |
| .Pa @sysconfdir@/sudo.conf | |
| file: | |
| .Bl -tag -width 8n | |
| .It askpass | |
| The fully qualified path to a helper program used to read the user's | |
| password when no terminal is available. | |
| This may be the case when | |
| .Nm sudo |
.Nm sudo |
| is executed from a graphical (as opposed to text-based) application. | plugin architecture. |
| The program specified by | |
| .Em askpass | |
| should display the argument passed to it as the prompt and write | |
| the user's password to the standard output. | |
| The value of | |
| .Em askpass | |
| may be overridden by the | |
| .Ev SUDO_ASKPASS | |
| environment variable. | |
| .It noexec | |
| The fully-qualified path to a shared library containing dummy | |
| versions of the | |
| .Fn execv , | |
| .Fn execve | |
| and | |
| .Fn fexecve | |
| library functions that just return an error. | |
| This is used to implement the | |
| .Em noexec | |
| functionality on systems that support | |
| .Ev LD_PRELOAD | |
| or its equivalent. | |
| Defaults to | |
| .Pa @noexec_file@ . | |
| .El | |
| .Sh DEBUG FLAGS | |
| .Nm sudo | |
| versions 1.8.4 and higher support a flexible debugging framework | |
| that can help track down what | |
| .Nm sudo | |
| is doing internally if there is a problem. | |
| .Pp | |
| A | |
| .Li Debug | |
| line consists of the | |
| .Li Debug | |
| keyword, followed by the name of the program to debug | |
| .Pq Nm sudo , Nm visudo , Nm sudoreplay , | |
| the debug file name and a comma-separated list of debug flags. | |
| The debug flag syntax used by | |
| .Nm sudo | |
| and the | |
| .Em sudoers | |
| plugin is | |
| .Em subsystem Ns No @ Ns Em priority | |
| but the plugin is free to use a different format so long as it does | |
| not include a comma | |
| .Pq Ql \&, . | |
| .Pp | |
| For instance: | |
| .Bd -literal -offset indent | |
| Debug sudo /var/log/sudo_debug all@warn,plugin@info | |
| .Ed | |
| .Pp | |
| would log all debugging statements at the | |
| .Em warn | |
| level and higher in addition to those at the | |
| .Em info | |
| level for the plugin subsystem. | |
| .Pp | |
| Currently, only one | |
| .Li Debug | |
| entry per program is supported. | |
| The | |
| .Nm sudo | |
| .Li Debug | |
| entry is shared by the | |
| .Nm sudo | |
| front end, | |
| .Nm sudoedit | |
| and the plugins. | |
| A future release may add support for per-plugin | |
| .Li Debug | |
| lines and/or support for multiple debugging files for a single | |
| program. | |
| .Pp | |
| The priorities used by the | |
| .Nm sudo | |
| front end, in order of decreasing severity, are: | |
| .Em crit , err , warn , notice , diag , info , trace | |
| and | |
| .Em debug . | |
| Each priority, when specified, also includes all priorities higher | |
| than it. | |
| For example, a priority of | |
| .Em notice | |
| would include debug messages logged at | |
| .Em notice | |
| and higher. | |
| .Pp | |
| The following subsystems are used by the | |
| .Nm sudo | |
| front-end: | |
| .Bl -tag -width Fl | |
| .It Em all | |
| matches every subsystem | |
| .It Em args | |
| command line argument processing | |
| .It Em conv | |
| user conversation | |
| .It Em edit | |
| sudoedit | |
| .It Em exec | |
| command execution | |
| .It Em main | |
| .Nm sudo | |
| main function | |
| .It Em netif | |
| network interface handling | |
| .It Em pcomm | |
| communication with the plugin | |
| .It Em plugin | |
| plugin configuration | |
| .It Em pty | |
| pseudo-tty related code | |
| .It Em selinux | |
| SELinux-specific handling | |
| .It Em util | |
| utility functions | |
| .It Em utmp | |
| utmp handling | |
| .El | |
| .Sh EXIT VALUE |
.Sh EXIT VALUE |
| Upon successful execution of a program, the exit status from |
Upon successful execution of a program, the exit status from |
| .Em sudo |
.Em sudo |
|
Line 1106 To aid in debugging
|
Line 925 To aid in debugging
|
| crashes, you may wish to re-enable core dumps by setting |
crashes, you may wish to re-enable core dumps by setting |
| .Dq disable_coredump |
.Dq disable_coredump |
| to false in the |
to false in the |
| .Pa @sysconfdir@/sudo.conf | .Xr sudo.conf @mansectform@ |
| file as follows: |
file as follows: |
| .Bd -literal -offset indent |
.Bd -literal -offset indent |
| Set disable_coredump false |
Set disable_coredump false |
| .Ed |
.Ed |
| .Pp |
.Pp |
| Note that by default, most operating systems disable core dumps | See the |
| from setuid programs, which includes | .Xr sudo.conf @mansectform@ |
| .Nm sudo . | manual for more information. |
| To actually get a | |
| .Nm sudo | |
| core file you may need to enable core dumps for setuid processes. | |
| On BSD and Linux systems this is accomplished via the sysctl command, | |
| on Solaris the coreadm command can be used. | |
| .Sh ENVIRONMENT |
.Sh ENVIRONMENT |
| .Nm sudo |
.Nm sudo |
| utilizes the following environment variables. |
utilizes the following environment variables. |
|
Line 1251 and file redirection work.
|
Line 1065 and file redirection work.
|
| $ sudo sh -c "cd /home ; du -s * | sort -rn > USAGE" |
$ sudo sh -c "cd /home ; du -s * | sort -rn > USAGE" |
| .Ed |
.Ed |
| .Sh SEE ALSO |
.Sh SEE ALSO |
| .Xr grep 1 , |
|
| .Xr su 1 , |
.Xr su 1 , |
| .Xr stat 2 , |
.Xr stat 2 , |
| .Xr login_cap 3 , |
.Xr login_cap 3 , |
| .Xr passwd @mansectform@ , |
.Xr passwd @mansectform@ , |
| |
.Xr sudo.conf @mansectform@ , |
| .Xr sudoers @mansectform@ , |
.Xr sudoers @mansectform@ , |
| .Xr sudo_plugin @mansectsu@ , |
.Xr sudo_plugin @mansectsu@ , |
| .Xr sudoreplay @mansectsu@ , |
.Xr sudoreplay @mansectsu@ , |
![[BACK]](/icons/cvsweb/back.gif){kind=icon}
Return to sudo.mdoc.in CVS log ![[TXT]](/icons/cvsweb/text.gif){kind=icon}
![[DIR]](/icons/cvsweb/dir.gif){kind=icon}
Up to [ELWIX - Embedded LightWeight unIX -] / embedaddon / sudo / doc