Annotation of embedaddon/sudo/doc/visudo.cat, revision 1.1.1.3

1.1.1.3 ! misho       1: VISUDO(1m)                   System Manager's Manual                  VISUDO(1m)
1.1       misho       2: 
                      3: NNAAMMEE
1.1.1.3 ! misho       4:      vviissuuddoo - edit the sudoers file
1.1       misho       5: 
                      6: SSYYNNOOPPSSIISS
1.1.1.3 ! misho       7:      vviissuuddoo [--cchhqqssVV] [--ff _s_u_d_o_e_r_s]
1.1       misho       8: 
                      9: DDEESSCCRRIIPPTTIIOONN
1.1.1.3 ! misho      10:      vviissuuddoo edits the _s_u_d_o_e_r_s file in a safe fashion, analogous to vipw(1m).
        !            11:      vviissuuddoo locks the _s_u_d_o_e_r_s file against multiple simultaneous edits,
        !            12:      provides basic sanity checks, and checks for parse errors.  If the
        !            13:      _s_u_d_o_e_r_s file is currently being edited you will receive a message to try
        !            14:      again later.
        !            15: 
        !            16:      There is a hard-coded list of one or more editors that vviissuuddoo will use
        !            17:      set at compile-time that may be overridden via the _e_d_i_t_o_r _s_u_d_o_e_r_s Default
        !            18:      variable.  This list defaults to vi.  Normally, vviissuuddoo does not honor the
        !            19:      VISUAL or EDITOR environment variables unless they contain an editor in
        !            20:      the aforementioned editors list.  However, if vviissuuddoo is configured with
        !            21:      the --with-env-editor option or the _e_n_v___e_d_i_t_o_r Default variable is set in
        !            22:      _s_u_d_o_e_r_s, vviissuuddoo will use any the editor defines by VISUAL or EDITOR.
        !            23:      Note that this can be a security hole since it allows the user to execute
        !            24:      any program they wish simply by setting VISUAL or EDITOR.
        !            25: 
        !            26:      vviissuuddoo parses the _s_u_d_o_e_r_s file after the edit and will not save the
        !            27:      changes if there is a syntax error.  Upon finding an error, vviissuuddoo will
        !            28:      print a message stating the line number(s) where the error occurred and
        !            29:      the user will receive the ``What now?''  prompt.  At this point the user
        !            30:      may enter `e' to re-edit the _s_u_d_o_e_r_s file, `x' to exit without saving the
        !            31:      changes, or `Q' to quit and save changes.  The `Q' option should be used
        !            32:      with extreme care because if vviissuuddoo believes there to be a parse error,
        !            33:      so will ssuuddoo and no one will be able to ssuuddoo again until the error is
        !            34:      fixed.  If `e' is typed to edit the _s_u_d_o_e_r_s file after a parse error has
        !            35:      been detected, the cursor will be placed on the line where the error
        !            36:      occurred (if the editor supports this feature).
        !            37: 
        !            38:      The options are as follows:
        !            39: 
        !            40:      --cc          Enable _c_h_e_c_k_-_o_n_l_y mode.  The existing _s_u_d_o_e_r_s file will be
        !            41:                  checked for syntax errors, owner and mode.  A message will be
        !            42:                  printed to the standard output describing the status of
        !            43:                  _s_u_d_o_e_r_s unless the --qq option was specified.  If the check
        !            44:                  completes successfully, vviissuuddoo will exit with a value of 0.
        !            45:                  If an error is encountered, vviissuuddoo will exit with a value of
        !            46:                  1.
        !            47: 
        !            48:      --ff _s_u_d_o_e_r_s  Specify and alternate _s_u_d_o_e_r_s file location.  With this
        !            49:                  option vviissuuddoo will edit (or check) the _s_u_d_o_e_r_s file of your
        !            50:                  choice, instead of the default, _/_e_t_c_/_s_u_d_o_e_r_s.  The lock file
        !            51:                  used is the specified _s_u_d_o_e_r_s file with ``.tmp'' appended to
        !            52:                  it.  In _c_h_e_c_k_-_o_n_l_y mode only, the argument to --ff may be `-',
        !            53:                  indicating that _s_u_d_o_e_r_s will be read from the standard input.
        !            54: 
        !            55:      --hh          The --hh (_h_e_l_p) option causes vviissuuddoo to print a short help
        !            56:                  message to the standard output and exit.
        !            57: 
        !            58:      --qq          Enable _q_u_i_e_t mode.  In this mode details about syntax errors
        !            59:                  are not printed.  This option is only useful when combined
        !            60:                  with the --cc option.
        !            61: 
        !            62:      --ss          Enable _s_t_r_i_c_t checking of the _s_u_d_o_e_r_s file.  If an alias is
        !            63:                  used before it is defined, vviissuuddoo will consider this a parse
        !            64:                  error.  Note that it is not possible to differentiate between
        !            65:                  an alias and a host name or user name that consists solely of
        !            66:                  uppercase letters, digits, and the underscore (`_')
        !            67:                  character.
1.1       misho      68: 
1.1.1.3 ! misho      69:      --VV          The --VV (_v_e_r_s_i_o_n) option causes vviissuuddoo to print its version
        !            70:                  number and exit.
1.1       misho      71: 
                     72: EENNVVIIRROONNMMEENNTT
1.1.1.3 ! misho      73:      The following environment variables may be consulted depending on the
        !            74:      value of the _e_d_i_t_o_r and _e_n_v___e_d_i_t_o_r _s_u_d_o_e_r_s settings:
1.1       misho      75: 
1.1.1.3 ! misho      76:      VISUAL           Invoked by vviissuuddoo as the editor to use
1.1       misho      77: 
1.1.1.3 ! misho      78:      EDITOR           Used by vviissuuddoo if VISUAL is not set
1.1       misho      79: 
                     80: FFIILLEESS
1.1.1.3 ! misho      81:      _/_e_t_c_/_s_u_d_o_e_r_s              List of who can run what
1.1       misho      82: 
1.1.1.3 ! misho      83:      _/_e_t_c_/_s_u_d_o_e_r_s_._t_m_p          Lock file for visudo
1.1       misho      84: 
                     85: DDIIAAGGNNOOSSTTIICCSS
1.1.1.3 ! misho      86:      sudoers file busy, try again later.
1.1       misho      87:            Someone else is currently editing the _s_u_d_o_e_r_s file.
                     88: 
1.1.1.3 ! misho      89:      /etc/sudoers.tmp: Permission denied
1.1       misho      90:            You didn't run vviissuuddoo as root.
                     91: 
1.1.1.3 ! misho      92:      Can't find you in the passwd database
        !            93:            Your user ID does not appear in the system passwd file.
1.1       misho      94: 
1.1.1.3 ! misho      95:      Warning: {User,Runas,Host,Cmnd}_Alias referenced but not defined
        !            96:            Either you are trying to use an undeclared
1.1       misho      97:            {User,Runas,Host,Cmnd}_Alias or you have a user or host name listed
                     98:            that consists solely of uppercase letters, digits, and the
1.1.1.3 ! misho      99:            underscore (`_') character.  In the latter case, you can ignore the
1.1       misho     100:            warnings (ssuuddoo will not complain).  In --ss (strict) mode these are
                    101:            errors, not warnings.
                    102: 
1.1.1.3 ! misho     103:      Warning: unused {User,Runas,Host,Cmnd}_Alias
1.1       misho     104:            The specified {User,Runas,Host,Cmnd}_Alias was defined but never
                    105:            used.  You may wish to comment out or remove the unused alias.  In
                    106:            --ss (strict) mode this is an error, not a warning.
                    107: 
1.1.1.3 ! misho     108:      Warning: cycle in {User,Runas,Host,Cmnd}_Alias
1.1       misho     109:            The specified {User,Runas,Host,Cmnd}_Alias includes a reference to
                    110:            itself, either directly or through an alias it includes.  This is
                    111:            only a warning by default as ssuuddoo will ignore cycles when parsing
                    112:            the _s_u_d_o_e_r_s file.
                    113: 
                    114: SSEEEE AALLSSOO
1.1.1.3 ! misho     115:      vi(1), sudoers(4), sudo(1m), vipw(1m)
1.1       misho     116: 
1.1.1.3 ! misho     117: AAUUTTHHOORRSS
        !           118:      Many people have worked on ssuuddoo over the years; this version consists of
        !           119:      code written primarily by:
1.1       misho     120: 
1.1.1.3 ! misho     121:            Todd C. Miller
1.1       misho     122: 
1.1.1.3 ! misho     123:      See the CONTRIBUTORS file in the ssuuddoo distribution
        !           124:      (http://www.sudo.ws/sudo/contributors.html) for an exhaustive list of
        !           125:      people who have contributed to ssuuddoo.
1.1       misho     126: 
                    127: CCAAVVEEAATTSS
1.1.1.3 ! misho     128:      There is no easy way to prevent a user from gaining a root shell if the
        !           129:      editor used by vviissuuddoo allows shell escapes.
1.1       misho     130: 
                    131: BBUUGGSS
1.1.1.3 ! misho     132:      If you feel you have found a bug in vviissuuddoo, please submit a bug report at
        !           133:      http://www.sudo.ws/sudo/bugs/
1.1       misho     134: 
                    135: SSUUPPPPOORRTT
1.1.1.3 ! misho     136:      Limited free support is available via the sudo-users mailing list, see
        !           137:      http://www.sudo.ws/mailman/listinfo/sudo-users to subscribe or search the
        !           138:      archives.
1.1       misho     139: 
                    140: DDIISSCCLLAAIIMMEERR
1.1.1.3 ! misho     141:      vviissuuddoo is provided ``AS IS'' and any express or implied warranties,
        !           142:      including, but not limited to, the implied warranties of merchantability
        !           143:      and fitness for a particular purpose are disclaimed.  See the LICENSE
        !           144:      file distributed with ssuuddoo or http://www.sudo.ws/sudo/license.html for
        !           145:      complete details.
1.1       misho     146: 
1.1.1.3 ! misho     147: Sudo 1.8.6                       July 12, 2012                      Sudo 1.8.6

FreeBSD-CVSweb <freebsd-cvsweb@FreeBSD.org>