Annotation of embedaddon/sudo/doc/visudo.cat, revision 1.1.1.4
1.1.1.3 misho 1: VISUDO(1m) System Manager's Manual VISUDO(1m)
1.1 misho 2:
3: NNAAMMEE
1.1.1.3 misho 4: vviissuuddoo - edit the sudoers file
1.1 misho 5:
6: SSYYNNOOPPSSIISS
1.1.1.3 misho 7: vviissuuddoo [--cchhqqssVV] [--ff _s_u_d_o_e_r_s]
1.1 misho 8:
9: DDEESSCCRRIIPPTTIIOONN
1.1.1.3 misho 10: vviissuuddoo edits the _s_u_d_o_e_r_s file in a safe fashion, analogous to vipw(1m).
11: vviissuuddoo locks the _s_u_d_o_e_r_s file against multiple simultaneous edits,
12: provides basic sanity checks, and checks for parse errors. If the
13: _s_u_d_o_e_r_s file is currently being edited you will receive a message to try
14: again later.
15:
16: There is a hard-coded list of one or more editors that vviissuuddoo will use
17: set at compile-time that may be overridden via the _e_d_i_t_o_r _s_u_d_o_e_r_s Default
18: variable. This list defaults to vi. Normally, vviissuuddoo does not honor the
19: VISUAL or EDITOR environment variables unless they contain an editor in
20: the aforementioned editors list. However, if vviissuuddoo is configured with
21: the --with-env-editor option or the _e_n_v___e_d_i_t_o_r Default variable is set in
22: _s_u_d_o_e_r_s, vviissuuddoo will use any the editor defines by VISUAL or EDITOR.
23: Note that this can be a security hole since it allows the user to execute
24: any program they wish simply by setting VISUAL or EDITOR.
25:
26: vviissuuddoo parses the _s_u_d_o_e_r_s file after the edit and will not save the
27: changes if there is a syntax error. Upon finding an error, vviissuuddoo will
28: print a message stating the line number(s) where the error occurred and
29: the user will receive the ``What now?'' prompt. At this point the user
30: may enter `e' to re-edit the _s_u_d_o_e_r_s file, `x' to exit without saving the
31: changes, or `Q' to quit and save changes. The `Q' option should be used
32: with extreme care because if vviissuuddoo believes there to be a parse error,
33: so will ssuuddoo and no one will be able to ssuuddoo again until the error is
34: fixed. If `e' is typed to edit the _s_u_d_o_e_r_s file after a parse error has
35: been detected, the cursor will be placed on the line where the error
36: occurred (if the editor supports this feature).
37:
38: The options are as follows:
39:
40: --cc Enable _c_h_e_c_k_-_o_n_l_y mode. The existing _s_u_d_o_e_r_s file will be
41: checked for syntax errors, owner and mode. A message will be
42: printed to the standard output describing the status of
43: _s_u_d_o_e_r_s unless the --qq option was specified. If the check
44: completes successfully, vviissuuddoo will exit with a value of 0.
45: If an error is encountered, vviissuuddoo will exit with a value of
46: 1.
47:
1.1.1.4 ! misho 48: --ff _s_u_d_o_e_r_s Specify an alternate _s_u_d_o_e_r_s file location. With this option
! 49: vviissuuddoo will edit (or check) the _s_u_d_o_e_r_s file of your choice,
! 50: instead of the default, _/_e_t_c_/_s_u_d_o_e_r_s. The lock file used is
! 51: the specified _s_u_d_o_e_r_s file with ``.tmp'' appended to it. In
! 52: _c_h_e_c_k_-_o_n_l_y mode only, the argument to --ff may be `-',
1.1.1.3 misho 53: indicating that _s_u_d_o_e_r_s will be read from the standard input.
54:
55: --hh The --hh (_h_e_l_p) option causes vviissuuddoo to print a short help
56: message to the standard output and exit.
57:
58: --qq Enable _q_u_i_e_t mode. In this mode details about syntax errors
59: are not printed. This option is only useful when combined
60: with the --cc option.
61:
62: --ss Enable _s_t_r_i_c_t checking of the _s_u_d_o_e_r_s file. If an alias is
63: used before it is defined, vviissuuddoo will consider this a parse
64: error. Note that it is not possible to differentiate between
65: an alias and a host name or user name that consists solely of
66: uppercase letters, digits, and the underscore (`_')
67: character.
1.1 misho 68:
1.1.1.3 misho 69: --VV The --VV (_v_e_r_s_i_o_n) option causes vviissuuddoo to print its version
70: number and exit.
1.1 misho 71:
72: EENNVVIIRROONNMMEENNTT
1.1.1.3 misho 73: The following environment variables may be consulted depending on the
74: value of the _e_d_i_t_o_r and _e_n_v___e_d_i_t_o_r _s_u_d_o_e_r_s settings:
1.1 misho 75:
1.1.1.3 misho 76: VISUAL Invoked by vviissuuddoo as the editor to use
1.1 misho 77:
1.1.1.3 misho 78: EDITOR Used by vviissuuddoo if VISUAL is not set
1.1 misho 79:
80: FFIILLEESS
1.1.1.3 misho 81: _/_e_t_c_/_s_u_d_o_e_r_s List of who can run what
1.1 misho 82:
1.1.1.3 misho 83: _/_e_t_c_/_s_u_d_o_e_r_s_._t_m_p Lock file for visudo
1.1 misho 84:
85: DDIIAAGGNNOOSSTTIICCSS
1.1.1.3 misho 86: sudoers file busy, try again later.
1.1 misho 87: Someone else is currently editing the _s_u_d_o_e_r_s file.
88:
1.1.1.3 misho 89: /etc/sudoers.tmp: Permission denied
1.1 misho 90: You didn't run vviissuuddoo as root.
91:
1.1.1.3 misho 92: Can't find you in the passwd database
93: Your user ID does not appear in the system passwd file.
1.1 misho 94:
1.1.1.3 misho 95: Warning: {User,Runas,Host,Cmnd}_Alias referenced but not defined
96: Either you are trying to use an undeclared
1.1 misho 97: {User,Runas,Host,Cmnd}_Alias or you have a user or host name listed
98: that consists solely of uppercase letters, digits, and the
1.1.1.3 misho 99: underscore (`_') character. In the latter case, you can ignore the
1.1 misho 100: warnings (ssuuddoo will not complain). In --ss (strict) mode these are
101: errors, not warnings.
102:
1.1.1.3 misho 103: Warning: unused {User,Runas,Host,Cmnd}_Alias
1.1 misho 104: The specified {User,Runas,Host,Cmnd}_Alias was defined but never
105: used. You may wish to comment out or remove the unused alias. In
106: --ss (strict) mode this is an error, not a warning.
107:
1.1.1.3 misho 108: Warning: cycle in {User,Runas,Host,Cmnd}_Alias
1.1 misho 109: The specified {User,Runas,Host,Cmnd}_Alias includes a reference to
110: itself, either directly or through an alias it includes. This is
111: only a warning by default as ssuuddoo will ignore cycles when parsing
112: the _s_u_d_o_e_r_s file.
113:
114: SSEEEE AALLSSOO
1.1.1.3 misho 115: vi(1), sudoers(4), sudo(1m), vipw(1m)
1.1 misho 116:
1.1.1.3 misho 117: AAUUTTHHOORRSS
118: Many people have worked on ssuuddoo over the years; this version consists of
119: code written primarily by:
1.1 misho 120:
1.1.1.3 misho 121: Todd C. Miller
1.1 misho 122:
1.1.1.3 misho 123: See the CONTRIBUTORS file in the ssuuddoo distribution
124: (http://www.sudo.ws/sudo/contributors.html) for an exhaustive list of
125: people who have contributed to ssuuddoo.
1.1 misho 126:
127: CCAAVVEEAATTSS
1.1.1.3 misho 128: There is no easy way to prevent a user from gaining a root shell if the
129: editor used by vviissuuddoo allows shell escapes.
1.1 misho 130:
131: BBUUGGSS
1.1.1.3 misho 132: If you feel you have found a bug in vviissuuddoo, please submit a bug report at
133: http://www.sudo.ws/sudo/bugs/
1.1 misho 134:
135: SSUUPPPPOORRTT
1.1.1.3 misho 136: Limited free support is available via the sudo-users mailing list, see
137: http://www.sudo.ws/mailman/listinfo/sudo-users to subscribe or search the
138: archives.
1.1 misho 139:
140: DDIISSCCLLAAIIMMEERR
1.1.1.3 misho 141: vviissuuddoo is provided ``AS IS'' and any express or implied warranties,
142: including, but not limited to, the implied warranties of merchantability
143: and fitness for a particular purpose are disclaimed. See the LICENSE
144: file distributed with ssuuddoo or http://www.sudo.ws/sudo/license.html for
145: complete details.
1.1 misho 146:
1.1.1.4 ! misho 147: Sudo 1.8.7 June 12, 2013 Sudo 1.8.7
FreeBSD-CVSweb <freebsd-cvsweb@FreeBSD.org>