|
version 1.1.1.5, 2013/10/14 07:56:34
|
version 1.1.1.6, 2014/06/15 16:12:54
|
|
Line 87 D�DE�ES�SC�CR�RI�IP�PT�TI�IO�ON�N
|
Line 87 D�DE�ES�SC�CR�RI�IP�PT�TI�IO�ON�N
|
| the _�s_�u_�d_�o_�e_�r_�s lookup is still done for root, not the user specified by |
the _�s_�u_�d_�o_�e_�r_�s lookup is still done for root, not the user specified by |
| SUDO_USER. |
SUDO_USER. |
| |
|
| _�s_�u_�d_�o_�e_�r_�s uses time stamp files for credential caching. Once a user has | _�s_�u_�d_�o_�e_�r_�s uses per-user time stamp files for credential caching. Once a |
| been authenticated, the time stamp is updated and the user may then use | user has been authenticated, a record is written containing the uid that |
| sudo without a password for a short period of time (5 minutes unless | was used to authenticate, the terminal session ID, and a time stamp |
| overridden by the _�t_�i_�m_�e_�o_�u_�t option). By default, _�s_�u_�d_�o_�e_�r_�s uses a tty-based | (using a monotonic clock if one is available). The user may then use |
| time stamp which means that there is a separate time stamp for each of a | s�su�ud�do�o without a password for a short period of time (5 minutes unless |
| user's login sessions. The _�t_�t_�y_�__�t_�i_�c_�k_�e_�t_�s option can be disabled to force | overridden by the _�t_�i_�m_�e_�o_�u_�t option). By default, _�s_�u_�d_�o_�e_�r_�s uses a separate |
| the use of a single time stamp for all of a user's sessions. | record for each tty, which means that a user's login sessions are |
| | authenticated separately. The _�t_�t_�y_�__�t_�i_�c_�k_�e_�t_�s option can be disabled to |
| | force the use of a single time stamp for all of a user's sessions. |
| |
|
| _�s_�u_�d_�o_�e_�r_�s can log both successful and unsuccessful attempts (as well as |
_�s_�u_�d_�o_�e_�r_�s can log both successful and unsuccessful attempts (as well as |
| errors) to syslog(3), a log file, or both. By default, _�s_�u_�d_�o_�e_�r_�s will log |
errors) to syslog(3), a log file, or both. By default, _�s_�u_�d_�o_�e_�r_�s will log |
|
Line 815 S�SU�UD�DO�OE�ER�RS�S O�OP�PT�TI�IO�ON�NS�S
|
Line 817 S�SU�UD�DO�OE�ER�RS�S O�OP�PT�TI�IO�ON�NS�S
|
| This flag is _�o_�n by default when s�su�ud�do�o is compiled with |
This flag is _�o_�n by default when s�su�ud�do�o is compiled with |
| z�zl�li�ib�b support. |
z�zl�li�ib�b support. |
| |
|
| |
use_netgroups If set, netgroups (prefixed with `+'), may be used in |
| |
place of a user or host. For LDAP-based sudoers, |
| |
netgroup support requires an expensive substring match |
| |
on the server. If netgroups are not needed, this |
| |
option can be disabled to reduce the load on the LDAP |
| |
server. This flag is _�o_�n by default. |
| |
|
| exec_background By default, s�su�ud�do�o runs a command as the foreground |
exec_background By default, s�su�ud�do�o runs a command as the foreground |
| process as long as s�su�ud�do�o itself is running in the |
process as long as s�su�ud�do�o itself is running in the |
| foreground. When the _�e_�x_�e_�c_�__�b_�a_�c_�k_�g_�r_�o_�u_�n_�d flag is enabled |
foreground. When the _�e_�x_�e_�c_�__�b_�a_�c_�k_�g_�r_�o_�u_�n_�d flag is enabled |
|
Line 910 S�SU�UD�DO�OE�ER�RS�S O�OP�PT�TI�IO�ON�NS�S
|
Line 919 S�SU�UD�DO�OE�ER�RS�S O�OP�PT�TI�IO�ON�NS�S
|
| If the system is configured to use the _�/_�e_�t_�c_�/_�h_�o_�s_�t_�s file |
If the system is configured to use the _�/_�e_�t_�c_�/_�h_�o_�s_�t_�s file |
| in preference to DNS, the ``canonical'' host name may |
in preference to DNS, the ``canonical'' host name may |
| not be fully-qualified. The order that sources are |
not be fully-qualified. The order that sources are |
| queried for hosts name resolution is usually specified | queried for host name resolution is usually specified |
| in the _�/_�e_�t_�c_�/_�n_�s_�s_�w_�i_�t_�c_�h_�._�c_�o_�n_�f, _�/_�e_�t_�c_�/_�n_�e_�t_�s_�v_�c_�._�c_�o_�n_�f, |
in the _�/_�e_�t_�c_�/_�n_�s_�s_�w_�i_�t_�c_�h_�._�c_�o_�n_�f, _�/_�e_�t_�c_�/_�n_�e_�t_�s_�v_�c_�._�c_�o_�n_�f, |
| _�/_�e_�t_�c_�/_�h_�o_�s_�t_�._�c_�o_�n_�f, or, in some cases, _�/_�e_�t_�c_�/_�r_�e_�s_�o_�l_�v_�._�c_�o_�n_�f |
_�/_�e_�t_�c_�/_�h_�o_�s_�t_�._�c_�o_�n_�f, or, in some cases, _�/_�e_�t_�c_�/_�r_�e_�s_�o_�l_�v_�._�c_�o_�n_�f |
| file. In the _�/_�e_�t_�c_�/_�h_�o_�s_�t_�s file, the first host name of |
file. In the _�/_�e_�t_�c_�/_�h_�o_�s_�t_�s file, the first host name of |
|
Line 1120 S�SU�UD�DO�OE�ER�RS�S O�OP�PT�TI�IO�ON�NS�S
|
Line 1129 S�SU�UD�DO�OE�ER�RS�S O�OP�PT�TI�IO�ON�NS�S
|
| This flag is _�o_�n by default. |
This flag is _�o_�n by default. |
| |
|
| rootpw If set, s�su�ud�do�o will prompt for the root password instead |
rootpw If set, s�su�ud�do�o will prompt for the root password instead |
| of the password of the invoking user. This flag is _�o_�f_�f | of the password of the invoking user when running a |
| by default. | command or editing a file. This flag is _�o_�f_�f by |
| | default. |
| |
|
| runaspw If set, s�su�ud�do�o will prompt for the password of the user |
runaspw If set, s�su�ud�do�o will prompt for the password of the user |
| defined by the _�r_�u_�n_�a_�s_�__�d_�e_�f_�a_�u_�l_�t option (defaults to root) |
defined by the _�r_�u_�n_�a_�s_�__�d_�e_�f_�a_�u_�l_�t option (defaults to root) |
| instead of the password of the invoking user. This | instead of the password of the invoking user when |
| flag is _�o_�f_�f by default. | running a command or editing a file. This flag is _�o_�f_�f |
| | by default. |
| |
|
| set_home If enabled and s�su�ud�do�o is invoked with the -�-s�s option the |
set_home If enabled and s�su�ud�do�o is invoked with the -�-s�s option the |
| HOME environment variable will be set to the home |
HOME environment variable will be set to the home |
|
Line 1185 S�SU�UD�DO�OE�ER�RS�S O�OP�PT�TI�IO�ON�NS�S
|
Line 1196 S�SU�UD�DO�OE�ER�RS�S O�OP�PT�TI�IO�ON�NS�S
|
| |
|
| targetpw If set, s�su�ud�do�o will prompt for the password of the user |
targetpw If set, s�su�ud�do�o will prompt for the password of the user |
| specified by the -�-u�u option (defaults to root) instead |
specified by the -�-u�u option (defaults to root) instead |
| of the password of the invoking user. In addition, the | of the password of the invoking user when running a |
| time stamp file name will include the target user's | command or editing a file. Note that this flag |
| name. Note that this flag precludes the use of a uid | precludes the use of a uid not listed in the passwd |
| not listed in the passwd database as an argument to the | database as an argument to the -�-u�u option. This flag is |
| -�-u�u option. This flag is _�o_�f_�f by default. | _�o_�f_�f by default. |
| |
|
| tty_tickets If set, users must authenticate on a per-tty basis. |
tty_tickets If set, users must authenticate on a per-tty basis. |
| With this flag enabled, s�su�ud�do�o will use a file named for | With this flag enabled, s�su�ud�do�o will use a separate record |
| the tty the user is logged in on in the user's time | in the time stamp file for each tty. If disabled, a |
| stamp directory. If disabled, the time stamp of the | single record is used for all login sessions. This |
| directory is used instead. This flag is _�o_�n by default. | flag is _�o_�n by default. |
| |
|
| umask_override If set, s�su�ud�do�o will set the umask as specified by _�s_�u_�d_�o_�e_�r_�s |
umask_override If set, s�su�ud�do�o will set the umask as specified by _�s_�u_�d_�o_�e_�r_�s |
| without modification. This makes it possible to |
without modification. This makes it possible to |
|
Line 1357 S�SU�UD�DO�OE�ER�RS�S O�OP�PT�TI�IO�ON�NS�S
|
Line 1368 S�SU�UD�DO�OE�ER�RS�S O�OP�PT�TI�IO�ON�NS�S
|
| will be truncated and overwritten unless _�i_�o_�l_�o_�g_�__�f_�i_�l_�e |
will be truncated and overwritten unless _�i_�o_�l_�o_�g_�__�f_�i_�l_�e |
| ends in six or more Xs. |
ends in six or more Xs. |
| |
|
| |
lecture_status_dir |
| |
The directory in which s�su�ud�do�o stores per-user lecture |
| |
status files. Once a user has received the lecture, a |
| |
zero-length file is created in this directory so that |
| |
s�su�ud�do�o will not lecture the user again. This directory |
| |
should _�n_�o_�t be cleared when the system reboots. The |
| |
default is _�/_�v_�a_�r_�/_�a_�d_�m_�/_�s_�u_�d_�o_�/_�l_�e_�c_�t_�u_�r_�e_�d. |
| |
|
| limitprivs The default Solaris limit privileges to use when |
limitprivs The default Solaris limit privileges to use when |
| constructing a new privilege set for a command. This |
constructing a new privilege set for a command. This |
| bounds all privileges of the executing process. The |
bounds all privileges of the executing process. The |
|
Line 1381 S�SU�UD�DO�OE�ER�RS�S O�OP�PT�TI�IO�ON�NS�S
|
Line 1400 S�SU�UD�DO�OE�ER�RS�S O�OP�PT�TI�IO�ON�NS�S
|
| Once the local sequence number reaches the value of |
Once the local sequence number reaches the value of |
| _�m_�a_�x_�s_�e_�q, it will ``roll over'' to zero, after which |
_�m_�a_�x_�s_�e_�q, it will ``roll over'' to zero, after which |
| s�su�ud�do�oe�er�rs�s will truncate and re-use any existing I/O log |
s�su�ud�do�oe�er�rs�s will truncate and re-use any existing I/O log |
| pathnames. | path names. |
| |
|
| This setting is only supported by version 1.8.7 or |
This setting is only supported by version 1.8.7 or |
| higher. |
higher. |
|
Line 1472 S�SU�UD�DO�OE�ER�RS�S O�OP�PT�TI�IO�ON�NS�S
|
Line 1491 S�SU�UD�DO�OE�ER�RS�S O�OP�PT�TI�IO�ON�NS�S
|
| to ``C''. |
to ``C''. |
| |
|
| timestampdir The directory in which s�su�ud�do�o stores its time stamp |
timestampdir The directory in which s�su�ud�do�o stores its time stamp |
| files. The default is _�/_�v_�a_�r_�/_�a_�d_�m_�/_�s_�u_�d_�o. | files. This directory should be cleared when the |
| | system reboots. The default is _�/_�v_�a_�r_�/_�r_�u_�n_�/_�s_�u_�d_�o_�/_�t_�s. |
| |
|
| timestampowner The owner of the time stamp directory and the time | timestampowner The owner of the lecture status directory, time stamp |
| stamps stored therein. The default is root. | directory and all files stored therein. The default is |
| | root. |
| |
|
| type The default SELinux type to use when constructing a new |
type The default SELinux type to use when constructing a new |
| security context to run the command. The default type |
security context to run the command. The default type |
|
Line 1810 L�LO�OG�G F�FO�OR�RM�MA�AT�T
|
Line 1831 L�LO�OG�G F�FO�OR�RM�MA�AT�T
|
| `N' is the group ID that owns the _�s_�u_�d_�o_�e_�r_�s file) to the s�su�ud�do�oe�er�rs�s Plugin |
`N' is the group ID that owns the _�s_�u_�d_�o_�e_�r_�s file) to the s�su�ud�do�oe�er�rs�s Plugin |
| line in the sudo.conf(4) file. |
line in the sudo.conf(4) file. |
| |
|
| unable to open /var/adm/sudo/username/ttyname | unable to open /var/run/sudo/ts/username |
| _�s_�u_�d_�o_�e_�r_�s was unable to read or create the user's time stamp file. | _�s_�u_�d_�o_�e_�r_�s was unable to read or create the user's time stamp file. This |
| | can happen when _�t_�i_�m_�e_�s_�t_�a_�m_�p_�o_�w_�n_�e_�r is set to a user other than root and |
| | the mode on _�/_�v_�a_�r_�/_�r_�u_�n_�/_�s_�u_�d_�o is not searchable by group or other. The |
| | default mode for _�/_�v_�a_�r_�/_�r_�u_�n_�/_�s_�u_�d_�o is 0711. |
| |
|
| unable to write to /var/adm/sudo/username/ttyname | unable to write to /var/run/sudo/ts/username |
| _�s_�u_�d_�o_�e_�r_�s was unable to write to the user's time stamp file. |
_�s_�u_�d_�o_�e_�r_�s was unable to write to the user's time stamp file. |
| |
|
| unable to mkdir to /var/adm/sudo/username | /var/run/sudo/ts is owned by uid X, should be Y |
| _�s_�u_�d_�o_�e_�r_�s was unable to create the user's time stamp directory. | The time stamp directory is owned by a user other than _�t_�i_�m_�e_�s_�t_�a_�m_�p_�o_�w_�n_�e_�r. |
| | This can occur when the value of _�t_�i_�m_�e_�s_�t_�a_�m_�p_�o_�w_�n_�e_�r has been changed. |
| | _�s_�u_�d_�o_�e_�r_�s will ignore the time stamp directory until the owner is |
| | corrected. |
| |
|
| |
/var/run/sudo/ts is group writable |
| |
The time stamp directory is group-writable; it should be writable only |
| |
by _�t_�i_�m_�e_�s_�t_�a_�m_�p_�o_�w_�n_�e_�r. The default mode for the time stamp directory is |
| |
0700. _�s_�u_�d_�o_�e_�r_�s will ignore the time stamp directory until the mode is |
| |
corrected. |
| |
|
| N�No�ot�te�es�s o�on�n l�lo�og�gg�gi�in�ng�g v�vi�ia�a s�sy�ys�sl�lo�og�g |
N�No�ot�te�es�s o�on�n l�lo�og�gg�gi�in�ng�g v�vi�ia�a s�sy�ys�sl�lo�og�g |
| By default, _�s_�u_�d_�o_�e_�r_�s logs messages via syslog(3). The _�d_�a_�t_�e, _�h_�o_�s_�t_�n_�a_�m_�e, and |
By default, _�s_�u_�d_�o_�e_�r_�s logs messages via syslog(3). The _�d_�a_�t_�e, _�h_�o_�s_�t_�n_�a_�m_�e, and |
| _�p_�r_�o_�g_�n_�a_�m_�e fields are added by the syslog daemon, not _�s_�u_�d_�o_�e_�r_�s itself. As |
_�p_�r_�o_�g_�n_�a_�m_�e fields are added by the syslog daemon, not _�s_�u_�d_�o_�e_�r_�s itself. As |
|
Line 1859 F�FI�IL�LE�ES�S
|
Line 1892 F�FI�IL�LE�ES�S
|
| |
|
| _�/_�v_�a_�r_�/_�l_�o_�g_�/_�s_�u_�d_�o_�-_�i_�o I/O log files |
_�/_�v_�a_�r_�/_�l_�o_�g_�/_�s_�u_�d_�o_�-_�i_�o I/O log files |
| |
|
| _�/_�v_�a_�r_�/_�a_�d_�m_�/_�s_�u_�d_�o Directory containing time stamps for the | _�/_�v_�a_�r_�/_�r_�u_�n_�/_�s_�u_�d_�o_�/_�t_�s Directory containing time stamps for the |
| _�s_�u_�d_�o_�e_�r_�s security policy |
_�s_�u_�d_�o_�e_�r_�s security policy |
| |
|
| |
_�/_�v_�a_�r_�/_�a_�d_�m_�/_�s_�u_�d_�o_�/_�l_�e_�c_�t_�u_�r_�e_�d Directory containing lecture status files for |
| |
the _�s_�u_�d_�o_�e_�r_�s security policy |
| |
|
| _�/_�e_�t_�c_�/_�e_�n_�v_�i_�r_�o_�n_�m_�e_�n_�t Initial environment for -�-i�i mode on AIX and |
_�/_�e_�t_�c_�/_�e_�n_�v_�i_�r_�o_�n_�m_�e_�n_�t Initial environment for -�-i�i mode on AIX and |
| Linux systems |
Linux systems |
| |
|
|
Line 2145 S�SE�EC�CU�UR�RI�IT�TY�Y N�NO�OT�TE�ES�S
|
Line 2181 S�SE�EC�CU�UR�RI�IT�TY�Y N�NO�OT�TE�ES�S
|
| as root are still capable of many potentially hazardous operations (such |
as root are still capable of many potentially hazardous operations (such |
| as changing or overwriting files) that could lead to unintended privilege |
as changing or overwriting files) that could lead to unintended privilege |
| escalation. In the specific case of an editor, a safer approach is to |
escalation. In the specific case of an editor, a safer approach is to |
| give the user permission to run s�su�ud�do�oe�ed�di�it�t. | give the user permission to run s�su�ud�do�oe�ed�di�it�t (see below). |
| |
|
| |
S�Se�ec�cu�ur�re�e e�ed�di�it�ti�in�ng�g |
| |
The _�s_�u_�d_�o_�e_�r_�s plugin includes s�su�ud�do�oe�ed�di�it�t support which allows users to |
| |
securely edit files with the editor of their choice. As s�su�ud�do�oe�ed�di�it�t is a |
| |
built-in command, it must be specified in _�s_�u_�d_�o_�e_�r_�s without a leading path. |
| |
However, it may take command line arguments just as a normal command |
| |
does. For example, to allow user operator to edit the ``message of the |
| |
day'' file: |
| |
|
| |
operator sudoedit /etc/motd |
| |
|
| |
The operator user then runs s�su�ud�do�oe�ed�di�it�t as follows: |
| |
|
| |
$ sudoedit /etc/motd |
| |
|
| |
The editor will run as the operator user, not root, on a temporary copy |
| |
of _�/_�e_�t_�c_�/_�m_�o_�t_�d. After the file has been edited, _�/_�e_�t_�c_�/_�m_�o_�t_�d will be updated |
| |
with the contents of the temporary copy. |
| |
|
| T�Ti�im�me�e s�st�ta�am�mp�p f�fi�il�le�e c�ch�he�ec�ck�ks�s |
T�Ti�im�me�e s�st�ta�am�mp�p f�fi�il�le�e c�ch�he�ec�ck�ks�s |
| _�s_�u_�d_�o_�e_�r_�s will check the ownership of its time stamp directory |
_�s_�u_�d_�o_�e_�r_�s will check the ownership of its time stamp directory |
| (_�/_�v_�a_�r_�/_�a_�d_�m_�/_�s_�u_�d_�o by default) and ignore the directory's contents if it is | (_�/_�v_�a_�r_�/_�r_�u_�n_�/_�s_�u_�d_�o_�/_�t_�s by default) and ignore the directory's contents if it |
| not owned by root or if it is writable by a user other than root. On | is not owned by root or if it is writable by a user other than root. |
| systems that allow non-root users to give away files via chown(2), if the | Older versions of s�su�ud�do�o stored time stamp files in _�/_�t_�m_�p; this is no longer |
| time stamp directory is located in a world-writable directory (e.g., | recommended as it may be possible for a user to create the time stamp |
| _�/_�t_�m_�p), it is possible for a user to create the time stamp directory | themselves on systems that allow unprivileged users to change the |
| before s�su�ud�do�o is run. However, because _�s_�u_�d_�o_�e_�r_�s checks the ownership and | ownership of files they create. |
| mode of the directory and its contents, the only damage that can be done | |
| is to ``hide'' files by putting them in the time stamp dir. This is | |
| unlikely to happen since once the time stamp dir is owned by root and | |
| inaccessible by any other user, the user placing files there would be | |
| unable to get them back out. | |
| |
|
| |
While the time stamp directory _�s_�h_�o_�u_�l_�d be cleared at reboot time, not all |
| |
systems contain a _�/_�v_�a_�r_�/_�r_�u_�n directory. To avoid potential problems, |
| |
_�s_�u_�d_�o_�e_�r_�s will ignore time stamp files that date from before the machine |
| |
booted on systems where the boot time is available. |
| |
|
| |
Some systems with graphical desktop environments allow unprivileged users |
| |
to change the system clock. Since _�s_�u_�d_�o_�e_�r_�s relies on the system clock for |
| |
time stamp validation, it may be possible on such systems for a user to |
| |
run s�su�ud�do�o for longer than _�t_�i_�m_�e_�s_�t_�a_�m_�p_�__�t_�i_�m_�e_�o_�u_�t by setting the clock back. To |
| |
combat this, _�s_�u_�d_�o_�e_�r_�s uses a monotonic clock (which never moves backwards) |
| |
for its time stamps if the system supports it. |
| |
|
| _�s_�u_�d_�o_�e_�r_�s will not honor time stamps set far in the future. Time stamps |
_�s_�u_�d_�o_�e_�r_�s will not honor time stamps set far in the future. Time stamps |
| with a date greater than current_time + 2 * TIMEOUT will be ignored and |
with a date greater than current_time + 2 * TIMEOUT will be ignored and |
| sudo will log and complain. This is done to keep a user from creating | _�s_�u_�d_�o_�e_�r_�s will log and complain. |
| his/her own time stamp with a bogus date on systems that allow users to | |
| give away files if the time stamp directory is located in a world- | |
| writable directory. | |
| |
|
| On systems where the boot time is available, _�s_�u_�d_�o_�e_�r_�s will ignore time |
|
| stamps that date from before the machine booted. |
|
| |
|
| Since time stamp files live in the file system, they can outlive a user's |
Since time stamp files live in the file system, they can outlive a user's |
| login session. As a result, a user may be able to login, run a command |
login session. As a result, a user may be able to login, run a command |
| with s�su�ud�do�o after authenticating, logout, login again, and run s�su�ud�do�o without |
with s�su�ud�do�o after authenticating, logout, login again, and run s�su�ud�do�o without |
| authenticating so long as the time stamp file's modification time is | authenticating so long as the record's time stamp is within 5 minutes (or |
| within 5 minutes (or whatever the timeout is set to in _�s_�u_�d_�o_�e_�r_�s). When | whatever value the timeout is set to in _�s_�u_�d_�o_�e_�r_�s). When the _�t_�t_�y_�__�t_�i_�c_�k_�e_�t_�s |
| the _�t_�t_�y_�__�t_�i_�c_�k_�e_�t_�s option is enabled, the time stamp has per-tty granularity | option is enabled, the time stamp record includes the device number of |
| but still may outlive the user's session. On Linux systems where the | the terminal the user authenticated with. This provides per-tty |
| devpts filesystem is used, Solaris systems with the devices filesystem, | granularity but time stamp records still may outlive the user's session. |
| as well as other systems that utilize a devfs filesystem that | The time stamp record also includes the session ID of the process that |
| monotonically increase the inode number of devices as they are created | last authenticated. This prevents processes in different terminal |
| (such as Mac OS X), _�s_�u_�d_�o_�e_�r_�s is able to determine when a tty-based time | sessions from using the same time stamp record. It also helps reduce the |
| stamp file is stale and will ignore it. Administrators should not rely | chance that a user will be able to run s�su�ud�do�o without entering a password |
| on this feature as it is not universally available. | when logging out and back in again on the same terminal. |
| |
|
| D�DE�EB�BU�UG�GG�GI�IN�NG�G |
D�DE�EB�BU�UG�GG�GI�IN�NG�G |
| Versions 1.8.4 and higher of the s�su�ud�do�oe�er�rs�s plugin support a flexible |
Versions 1.8.4 and higher of the s�su�ud�do�oe�er�rs�s plugin support a flexible |
|
Line 2234 D�DE�EB�BU�UG�GG�GI�IN�NG�G
|
Line 2289 D�DE�EB�BU�UG�GG�GI�IN�NG�G
|
| |
|
| _�r_�b_�t_�r_�e_�e redblack tree internals |
_�r_�b_�t_�r_�e_�e redblack tree internals |
| |
|
| |
_�s_�s_�s_�d SSSD-based sudoers |
| |
|
| _�u_�t_�i_�l utility functions |
_�u_�t_�i_�l utility functions |
| For example: |
For example: |
| |
|
|
Line 2272 D�DI�IS�SC�CL�LA�AI�IM�ME�ER�R
|
Line 2329 D�DI�IS�SC�CL�LA�AI�IM�ME�ER�R
|
| file distributed with s�su�ud�do�o or http://www.sudo.ws/sudo/license.html for |
file distributed with s�su�ud�do�o or http://www.sudo.ws/sudo/license.html for |
| complete details. |
complete details. |
| |
|
| Sudo 1.8.8 August 31, 2013 Sudo 1.8.8 | Sudo 1.8.10 February 15, 2014 Sudo 1.8.10 |
![[BACK]](/icons/cvsweb/back.gif){kind=icon}
Return to sudoers.cat CVS log ![[TXT]](/icons/cvsweb/text.gif){kind=icon}
![[DIR]](/icons/cvsweb/dir.gif){kind=icon}
Up to [ELWIX - Embedded LightWeight unIX -] / embedaddon / sudo / doc