Annotation of embedaddon/sudo/doc/visudo.cat, revision 1.1
1.1 ! misho 1: VISUDO(1m) MAINTENANCE COMMANDS VISUDO(1m)
! 2:
! 3:
! 4:
! 5: NNAAMMEE
! 6: visudo - edit the sudoers file
! 7:
! 8: SSYYNNOOPPSSIISS
! 9: vviissuuddoo [--cchhqqssVV] [--ff _s_u_d_o_e_r_s]
! 10:
! 11: DDEESSCCRRIIPPTTIIOONN
! 12: vviissuuddoo edits the _s_u_d_o_e_r_s file in a safe fashion, analogous to _v_i_p_w(1m).
! 13: vviissuuddoo locks the _s_u_d_o_e_r_s file against multiple simultaneous edits,
! 14: provides basic sanity checks, and checks for parse errors. If the
! 15: _s_u_d_o_e_r_s file is currently being edited you will receive a message to
! 16: try again later.
! 17:
! 18: There is a hard-coded list of one or more editors that vviissuuddoo will use
! 19: set at compile-time that may be overridden via the _e_d_i_t_o_r _s_u_d_o_e_r_s
! 20: Default variable. This list defaults to "vi". Normally, vviissuuddoo does
! 21: not honor the VISUAL or EDITOR environment variables unless they
! 22: contain an editor in the aforementioned editors list. However, if
! 23: vviissuuddoo is configured with the _-_-_w_i_t_h_-_e_n_v_-_e_d_i_t_o_r option or the
! 24: _e_n_v___e_d_i_t_o_r Default variable is set in _s_u_d_o_e_r_s, vviissuuddoo will use any the
! 25: editor defines by VISUAL or EDITOR. Note that this can be a security
! 26: hole since it allows the user to execute any program they wish simply
! 27: by setting VISUAL or EDITOR.
! 28:
! 29: vviissuuddoo parses the _s_u_d_o_e_r_s file after the edit and will not save the
! 30: changes if there is a syntax error. Upon finding an error, vviissuuddoo will
! 31: print a message stating the line number(s) where the error occurred and
! 32: the user will receive the "What now?" prompt. At this point the user
! 33: may enter "e" to re-edit the _s_u_d_o_e_r_s file, "x" to exit without saving
! 34: the changes, or "Q" to quit and save changes. The "Q" option should be
! 35: used with extreme care because if vviissuuddoo believes there to be a parse
! 36: error, so will ssuuddoo and no one will be able to ssuuddoo again until the
! 37: error is fixed. If "e" is typed to edit the _s_u_d_o_e_r_s file after a
! 38: parse error has been detected, the cursor will be placed on the line
! 39: where the error occurred (if the editor supports this feature).
! 40:
! 41: OOPPTTIIOONNSS
! 42: vviissuuddoo accepts the following command line options:
! 43:
! 44: -c Enable cchheecckk--oonnllyy mode. The existing _s_u_d_o_e_r_s file will be
! 45: checked for syntax and a message will be printed to the
! 46: standard output detailing the status of _s_u_d_o_e_r_s. If the
! 47: syntax check completes successfully, vviissuuddoo will exit with
! 48: a value of 0. If a syntax error is encountered, vviissuuddoo
! 49: will exit with a value of 1.
! 50:
! 51: -f _s_u_d_o_e_r_s Specify and alternate _s_u_d_o_e_r_s file location. With this
! 52: option vviissuuddoo will edit (or check) the _s_u_d_o_e_r_s file of your
! 53: choice, instead of the default, _/_e_t_c_/_s_u_d_o_e_r_s. The lock
! 54: file used is the specified _s_u_d_o_e_r_s file with ".tmp"
! 55: appended to it. In cchheecckk--oonnllyy mode only, the argument to
! 56: --ff may be "-", indicating that _s_u_d_o_e_r_s will be read from
! 57: the standard input.
! 58:
! 59: -h The --hh (_h_e_l_p) option causes vviissuuddoo to print a short help
! 60: message to the standard output and exit.
! 61:
! 62: -q Enable qquuiieett mode. In this mode details about syntax
! 63: errors are not printed. This option is only useful when
! 64: combined with the --cc option.
! 65:
! 66: -s Enable ssttrriicctt checking of the _s_u_d_o_e_r_s file. If an alias is
! 67: used before it is defined, vviissuuddoo will consider this a
! 68: parse error. Note that it is not possible to differentiate
! 69: between an alias and a host name or user name that consists
! 70: solely of uppercase letters, digits, and the underscore
! 71: ('_') character.
! 72:
! 73: -V The --VV (version) option causes vviissuuddoo to print its version
! 74: number and exit.
! 75:
! 76: EENNVVIIRROONNMMEENNTT
! 77: The following environment variables may be consulted depending on the
! 78: value of the _e_d_i_t_o_r and _e_n_v___e_d_i_t_o_r _s_u_d_o_e_r_s variables:
! 79:
! 80: VISUAL Invoked by visudo as the editor to use
! 81:
! 82: EDITOR Used by visudo if VISUAL is not set
! 83:
! 84: FFIILLEESS
! 85: _/_e_t_c_/_s_u_d_o_e_r_s List of who can run what
! 86:
! 87: _/_e_t_c_/_s_u_d_o_e_r_s_._t_m_p Lock file for visudo
! 88:
! 89: DDIIAAGGNNOOSSTTIICCSS
! 90: sudoers file busy, try again later.
! 91: Someone else is currently editing the _s_u_d_o_e_r_s file.
! 92:
! 93: /etc/sudoers.tmp: Permission denied
! 94: You didn't run vviissuuddoo as root.
! 95:
! 96: Can't find you in the passwd database
! 97: Your userid does not appear in the system passwd file.
! 98:
! 99: Warning: {User,Runas,Host,Cmnd}_Alias referenced but not defined
! 100: Either you are trying to use an undeclare
! 101: {User,Runas,Host,Cmnd}_Alias or you have a user or host name listed
! 102: that consists solely of uppercase letters, digits, and the
! 103: underscore ('_') character. In the latter case, you can ignore the
! 104: warnings (ssuuddoo will not complain). In --ss (strict) mode these are
! 105: errors, not warnings.
! 106:
! 107: Warning: unused {User,Runas,Host,Cmnd}_Alias
! 108: The specified {User,Runas,Host,Cmnd}_Alias was defined but never
! 109: used. You may wish to comment out or remove the unused alias. In
! 110: --ss (strict) mode this is an error, not a warning.
! 111:
! 112: Warning: cycle in {User,Runas,Host,Cmnd}_Alias
! 113: The specified {User,Runas,Host,Cmnd}_Alias includes a reference to
! 114: itself, either directly or through an alias it includes. This is
! 115: only a warning by default as ssuuddoo will ignore cycles when parsing
! 116: the _s_u_d_o_e_r_s file.
! 117:
! 118: SSEEEE AALLSSOO
! 119: _v_i(1), _s_u_d_o_e_r_s(4), _s_u_d_o(1m), _v_i_p_w(1m)
! 120:
! 121: AAUUTTHHOORR
! 122: Many people have worked on _s_u_d_o over the years; this version of vviissuuddoo
! 123: was written by:
! 124:
! 125: Todd Miller
! 126:
! 127: See the HISTORY file in the sudo distribution or visit
! 128: http://www.sudo.ws/sudo/history.html for more details.
! 129:
! 130: CCAAVVEEAATTSS
! 131: There is no easy way to prevent a user from gaining a root shell if the
! 132: editor used by vviissuuddoo allows shell escapes.
! 133:
! 134: BBUUGGSS
! 135: If you feel you have found a bug in vviissuuddoo, please submit a bug report
! 136: at http://www.sudo.ws/sudo/bugs/
! 137:
! 138: SSUUPPPPOORRTT
! 139: Limited free support is available via the sudo-users mailing list, see
! 140: http://www.sudo.ws/mailman/listinfo/sudo-users to subscribe or search
! 141: the archives.
! 142:
! 143: DDIISSCCLLAAIIMMEERR
! 144: vviissuuddoo is provided ``AS IS'' and any express or implied warranties,
! 145: including, but not limited to, the implied warranties of
! 146: merchantability and fitness for a particular purpose are disclaimed.
! 147: See the LICENSE file distributed with ssuuddoo or
! 148: http://www.sudo.ws/sudo/license.html for complete details.
! 149:
! 150:
! 151:
! 152: 1.8.3 September 16, 2011 VISUDO(1m)
FreeBSD-CVSweb <freebsd-cvsweb@FreeBSD.org>