Annotation of embedaddon/sudo/doc/visudo.cat, revision 1.1.1.3
1.1.1.3 ! misho 1: VISUDO(1m) System Manager's Manual VISUDO(1m)
1.1 misho 2:
3: NNAAMMEE
1.1.1.3 ! misho 4: vviissuuddoo - edit the sudoers file
1.1 misho 5:
6: SSYYNNOOPPSSIISS
1.1.1.3 ! misho 7: vviissuuddoo [--cchhqqssVV] [--ff _s_u_d_o_e_r_s]
1.1 misho 8:
9: DDEESSCCRRIIPPTTIIOONN
1.1.1.3 ! misho 10: vviissuuddoo edits the _s_u_d_o_e_r_s file in a safe fashion, analogous to vipw(1m).
! 11: vviissuuddoo locks the _s_u_d_o_e_r_s file against multiple simultaneous edits,
! 12: provides basic sanity checks, and checks for parse errors. If the
! 13: _s_u_d_o_e_r_s file is currently being edited you will receive a message to try
! 14: again later.
! 15:
! 16: There is a hard-coded list of one or more editors that vviissuuddoo will use
! 17: set at compile-time that may be overridden via the _e_d_i_t_o_r _s_u_d_o_e_r_s Default
! 18: variable. This list defaults to vi. Normally, vviissuuddoo does not honor the
! 19: VISUAL or EDITOR environment variables unless they contain an editor in
! 20: the aforementioned editors list. However, if vviissuuddoo is configured with
! 21: the --with-env-editor option or the _e_n_v___e_d_i_t_o_r Default variable is set in
! 22: _s_u_d_o_e_r_s, vviissuuddoo will use any the editor defines by VISUAL or EDITOR.
! 23: Note that this can be a security hole since it allows the user to execute
! 24: any program they wish simply by setting VISUAL or EDITOR.
! 25:
! 26: vviissuuddoo parses the _s_u_d_o_e_r_s file after the edit and will not save the
! 27: changes if there is a syntax error. Upon finding an error, vviissuuddoo will
! 28: print a message stating the line number(s) where the error occurred and
! 29: the user will receive the ``What now?'' prompt. At this point the user
! 30: may enter `e' to re-edit the _s_u_d_o_e_r_s file, `x' to exit without saving the
! 31: changes, or `Q' to quit and save changes. The `Q' option should be used
! 32: with extreme care because if vviissuuddoo believes there to be a parse error,
! 33: so will ssuuddoo and no one will be able to ssuuddoo again until the error is
! 34: fixed. If `e' is typed to edit the _s_u_d_o_e_r_s file after a parse error has
! 35: been detected, the cursor will be placed on the line where the error
! 36: occurred (if the editor supports this feature).
! 37:
! 38: The options are as follows:
! 39:
! 40: --cc Enable _c_h_e_c_k_-_o_n_l_y mode. The existing _s_u_d_o_e_r_s file will be
! 41: checked for syntax errors, owner and mode. A message will be
! 42: printed to the standard output describing the status of
! 43: _s_u_d_o_e_r_s unless the --qq option was specified. If the check
! 44: completes successfully, vviissuuddoo will exit with a value of 0.
! 45: If an error is encountered, vviissuuddoo will exit with a value of
! 46: 1.
! 47:
! 48: --ff _s_u_d_o_e_r_s Specify and alternate _s_u_d_o_e_r_s file location. With this
! 49: option vviissuuddoo will edit (or check) the _s_u_d_o_e_r_s file of your
! 50: choice, instead of the default, _/_e_t_c_/_s_u_d_o_e_r_s. The lock file
! 51: used is the specified _s_u_d_o_e_r_s file with ``.tmp'' appended to
! 52: it. In _c_h_e_c_k_-_o_n_l_y mode only, the argument to --ff may be `-',
! 53: indicating that _s_u_d_o_e_r_s will be read from the standard input.
! 54:
! 55: --hh The --hh (_h_e_l_p) option causes vviissuuddoo to print a short help
! 56: message to the standard output and exit.
! 57:
! 58: --qq Enable _q_u_i_e_t mode. In this mode details about syntax errors
! 59: are not printed. This option is only useful when combined
! 60: with the --cc option.
! 61:
! 62: --ss Enable _s_t_r_i_c_t checking of the _s_u_d_o_e_r_s file. If an alias is
! 63: used before it is defined, vviissuuddoo will consider this a parse
! 64: error. Note that it is not possible to differentiate between
! 65: an alias and a host name or user name that consists solely of
! 66: uppercase letters, digits, and the underscore (`_')
! 67: character.
1.1 misho 68:
1.1.1.3 ! misho 69: --VV The --VV (_v_e_r_s_i_o_n) option causes vviissuuddoo to print its version
! 70: number and exit.
1.1 misho 71:
72: EENNVVIIRROONNMMEENNTT
1.1.1.3 ! misho 73: The following environment variables may be consulted depending on the
! 74: value of the _e_d_i_t_o_r and _e_n_v___e_d_i_t_o_r _s_u_d_o_e_r_s settings:
1.1 misho 75:
1.1.1.3 ! misho 76: VISUAL Invoked by vviissuuddoo as the editor to use
1.1 misho 77:
1.1.1.3 ! misho 78: EDITOR Used by vviissuuddoo if VISUAL is not set
1.1 misho 79:
80: FFIILLEESS
1.1.1.3 ! misho 81: _/_e_t_c_/_s_u_d_o_e_r_s List of who can run what
1.1 misho 82:
1.1.1.3 ! misho 83: _/_e_t_c_/_s_u_d_o_e_r_s_._t_m_p Lock file for visudo
1.1 misho 84:
85: DDIIAAGGNNOOSSTTIICCSS
1.1.1.3 ! misho 86: sudoers file busy, try again later.
1.1 misho 87: Someone else is currently editing the _s_u_d_o_e_r_s file.
88:
1.1.1.3 ! misho 89: /etc/sudoers.tmp: Permission denied
1.1 misho 90: You didn't run vviissuuddoo as root.
91:
1.1.1.3 ! misho 92: Can't find you in the passwd database
! 93: Your user ID does not appear in the system passwd file.
1.1 misho 94:
1.1.1.3 ! misho 95: Warning: {User,Runas,Host,Cmnd}_Alias referenced but not defined
! 96: Either you are trying to use an undeclared
1.1 misho 97: {User,Runas,Host,Cmnd}_Alias or you have a user or host name listed
98: that consists solely of uppercase letters, digits, and the
1.1.1.3 ! misho 99: underscore (`_') character. In the latter case, you can ignore the
1.1 misho 100: warnings (ssuuddoo will not complain). In --ss (strict) mode these are
101: errors, not warnings.
102:
1.1.1.3 ! misho 103: Warning: unused {User,Runas,Host,Cmnd}_Alias
1.1 misho 104: The specified {User,Runas,Host,Cmnd}_Alias was defined but never
105: used. You may wish to comment out or remove the unused alias. In
106: --ss (strict) mode this is an error, not a warning.
107:
1.1.1.3 ! misho 108: Warning: cycle in {User,Runas,Host,Cmnd}_Alias
1.1 misho 109: The specified {User,Runas,Host,Cmnd}_Alias includes a reference to
110: itself, either directly or through an alias it includes. This is
111: only a warning by default as ssuuddoo will ignore cycles when parsing
112: the _s_u_d_o_e_r_s file.
113:
114: SSEEEE AALLSSOO
1.1.1.3 ! misho 115: vi(1), sudoers(4), sudo(1m), vipw(1m)
1.1 misho 116:
1.1.1.3 ! misho 117: AAUUTTHHOORRSS
! 118: Many people have worked on ssuuddoo over the years; this version consists of
! 119: code written primarily by:
1.1 misho 120:
1.1.1.3 ! misho 121: Todd C. Miller
1.1 misho 122:
1.1.1.3 ! misho 123: See the CONTRIBUTORS file in the ssuuddoo distribution
! 124: (http://www.sudo.ws/sudo/contributors.html) for an exhaustive list of
! 125: people who have contributed to ssuuddoo.
1.1 misho 126:
127: CCAAVVEEAATTSS
1.1.1.3 ! misho 128: There is no easy way to prevent a user from gaining a root shell if the
! 129: editor used by vviissuuddoo allows shell escapes.
1.1 misho 130:
131: BBUUGGSS
1.1.1.3 ! misho 132: If you feel you have found a bug in vviissuuddoo, please submit a bug report at
! 133: http://www.sudo.ws/sudo/bugs/
1.1 misho 134:
135: SSUUPPPPOORRTT
1.1.1.3 ! misho 136: Limited free support is available via the sudo-users mailing list, see
! 137: http://www.sudo.ws/mailman/listinfo/sudo-users to subscribe or search the
! 138: archives.
1.1 misho 139:
140: DDIISSCCLLAAIIMMEERR
1.1.1.3 ! misho 141: vviissuuddoo is provided ``AS IS'' and any express or implied warranties,
! 142: including, but not limited to, the implied warranties of merchantability
! 143: and fitness for a particular purpose are disclaimed. See the LICENSE
! 144: file distributed with ssuuddoo or http://www.sudo.ws/sudo/license.html for
! 145: complete details.
1.1 misho 146:
1.1.1.3 ! misho 147: Sudo 1.8.6 July 12, 2012 Sudo 1.8.6
FreeBSD-CVSweb <freebsd-cvsweb@FreeBSD.org>