Annotation of embedaddon/sudo/doc/visudo.cat, revision 1.1.1.5

1.1.1.3   misho       1: VISUDO(1m)                   System Manager's Manual                  VISUDO(1m)
1.1       misho       2: 
                      3: NNAAMMEE
1.1.1.3   misho       4:      vviissuuddoo - edit the sudoers file
1.1       misho       5: 
                      6: SSYYNNOOPPSSIISS
1.1.1.3   misho       7:      vviissuuddoo [--cchhqqssVV] [--ff _s_u_d_o_e_r_s]
1.1       misho       8: 
                      9: DDEESSCCRRIIPPTTIIOONN
1.1.1.3   misho      10:      vviissuuddoo edits the _s_u_d_o_e_r_s file in a safe fashion, analogous to vipw(1m).
                     11:      vviissuuddoo locks the _s_u_d_o_e_r_s file against multiple simultaneous edits,
                     12:      provides basic sanity checks, and checks for parse errors.  If the
                     13:      _s_u_d_o_e_r_s file is currently being edited you will receive a message to try
                     14:      again later.
                     15: 
                     16:      There is a hard-coded list of one or more editors that vviissuuddoo will use
                     17:      set at compile-time that may be overridden via the _e_d_i_t_o_r _s_u_d_o_e_r_s Default
                     18:      variable.  This list defaults to vi.  Normally, vviissuuddoo does not honor the
                     19:      VISUAL or EDITOR environment variables unless they contain an editor in
                     20:      the aforementioned editors list.  However, if vviissuuddoo is configured with
                     21:      the --with-env-editor option or the _e_n_v___e_d_i_t_o_r Default variable is set in
                     22:      _s_u_d_o_e_r_s, vviissuuddoo will use any the editor defines by VISUAL or EDITOR.
                     23:      Note that this can be a security hole since it allows the user to execute
                     24:      any program they wish simply by setting VISUAL or EDITOR.
                     25: 
                     26:      vviissuuddoo parses the _s_u_d_o_e_r_s file after the edit and will not save the
                     27:      changes if there is a syntax error.  Upon finding an error, vviissuuddoo will
                     28:      print a message stating the line number(s) where the error occurred and
                     29:      the user will receive the ``What now?''  prompt.  At this point the user
                     30:      may enter `e' to re-edit the _s_u_d_o_e_r_s file, `x' to exit without saving the
                     31:      changes, or `Q' to quit and save changes.  The `Q' option should be used
                     32:      with extreme care because if vviissuuddoo believes there to be a parse error,
                     33:      so will ssuuddoo and no one will be able to ssuuddoo again until the error is
                     34:      fixed.  If `e' is typed to edit the _s_u_d_o_e_r_s file after a parse error has
                     35:      been detected, the cursor will be placed on the line where the error
                     36:      occurred (if the editor supports this feature).
                     37: 
                     38:      The options are as follows:
                     39: 
1.1.1.5 ! misho      40:      --cc, ----cchheecckk
        !            41:                  Enable _c_h_e_c_k_-_o_n_l_y mode.  The existing _s_u_d_o_e_r_s file will be
1.1.1.3   misho      42:                  checked for syntax errors, owner and mode.  A message will be
                     43:                  printed to the standard output describing the status of
                     44:                  _s_u_d_o_e_r_s unless the --qq option was specified.  If the check
                     45:                  completes successfully, vviissuuddoo will exit with a value of 0.
                     46:                  If an error is encountered, vviissuuddoo will exit with a value of
                     47:                  1.
                     48: 
1.1.1.5 ! misho      49:      --ff _s_u_d_o_e_r_s, ----ffiillee=_s_u_d_o_e_r_s
        !            50:                  Specify an alternate _s_u_d_o_e_r_s file location.  With this
        !            51:                  option, vviissuuddoo will edit (or check) the _s_u_d_o_e_r_s file of your
        !            52:                  choice, instead of the default, _/_e_t_c_/_s_u_d_o_e_r_s.  The lock file
        !            53:                  used is the specified _s_u_d_o_e_r_s file with ``.tmp'' appended to
        !            54:                  it.  In _c_h_e_c_k_-_o_n_l_y mode only, the argument to --ff may be `-',
1.1.1.3   misho      55:                  indicating that _s_u_d_o_e_r_s will be read from the standard input.
                     56: 
1.1.1.5 ! misho      57:      --hh, ----hheellpp  Display a short help message to the standard output and exit.
1.1.1.3   misho      58: 
1.1.1.5 ! misho      59:      --qq, ----qquuiieett
        !            60:                  Enable _q_u_i_e_t mode.  In this mode details about syntax errors
1.1.1.3   misho      61:                  are not printed.  This option is only useful when combined
                     62:                  with the --cc option.
                     63: 
1.1.1.5 ! misho      64:      --ss, ----ssttrriicctt
        !            65:                  Enable _s_t_r_i_c_t checking of the _s_u_d_o_e_r_s file.  If an alias is
1.1.1.3   misho      66:                  used before it is defined, vviissuuddoo will consider this a parse
                     67:                  error.  Note that it is not possible to differentiate between
                     68:                  an alias and a host name or user name that consists solely of
                     69:                  uppercase letters, digits, and the underscore (`_')
                     70:                  character.
1.1       misho      71: 
1.1.1.5 ! misho      72:      --VV, ----vveerrssiioonn
        !            73:                  Print the vviissuuddoo and _s_u_d_o_e_r_s grammar versions and exit.
1.1       misho      74: 
                     75: EENNVVIIRROONNMMEENNTT
1.1.1.3   misho      76:      The following environment variables may be consulted depending on the
                     77:      value of the _e_d_i_t_o_r and _e_n_v___e_d_i_t_o_r _s_u_d_o_e_r_s settings:
1.1       misho      78: 
1.1.1.3   misho      79:      VISUAL           Invoked by vviissuuddoo as the editor to use
1.1       misho      80: 
1.1.1.3   misho      81:      EDITOR           Used by vviissuuddoo if VISUAL is not set
1.1       misho      82: 
                     83: FFIILLEESS
1.1.1.3   misho      84:      _/_e_t_c_/_s_u_d_o_e_r_s              List of who can run what
1.1       misho      85: 
1.1.1.3   misho      86:      _/_e_t_c_/_s_u_d_o_e_r_s_._t_m_p          Lock file for visudo
1.1       misho      87: 
                     88: DDIIAAGGNNOOSSTTIICCSS
1.1.1.3   misho      89:      sudoers file busy, try again later.
1.1       misho      90:            Someone else is currently editing the _s_u_d_o_e_r_s file.
                     91: 
1.1.1.3   misho      92:      /etc/sudoers.tmp: Permission denied
1.1       misho      93:            You didn't run vviissuuddoo as root.
                     94: 
1.1.1.3   misho      95:      Can't find you in the passwd database
                     96:            Your user ID does not appear in the system passwd file.
1.1       misho      97: 
1.1.1.3   misho      98:      Warning: {User,Runas,Host,Cmnd}_Alias referenced but not defined
                     99:            Either you are trying to use an undeclared
1.1       misho     100:            {User,Runas,Host,Cmnd}_Alias or you have a user or host name listed
                    101:            that consists solely of uppercase letters, digits, and the
1.1.1.3   misho     102:            underscore (`_') character.  In the latter case, you can ignore the
1.1       misho     103:            warnings (ssuuddoo will not complain).  In --ss (strict) mode these are
                    104:            errors, not warnings.
                    105: 
1.1.1.3   misho     106:      Warning: unused {User,Runas,Host,Cmnd}_Alias
1.1       misho     107:            The specified {User,Runas,Host,Cmnd}_Alias was defined but never
                    108:            used.  You may wish to comment out or remove the unused alias.  In
                    109:            --ss (strict) mode this is an error, not a warning.
                    110: 
1.1.1.3   misho     111:      Warning: cycle in {User,Runas,Host,Cmnd}_Alias
1.1       misho     112:            The specified {User,Runas,Host,Cmnd}_Alias includes a reference to
                    113:            itself, either directly or through an alias it includes.  This is
                    114:            only a warning by default as ssuuddoo will ignore cycles when parsing
                    115:            the _s_u_d_o_e_r_s file.
                    116: 
                    117: SSEEEE AALLSSOO
1.1.1.3   misho     118:      vi(1), sudoers(4), sudo(1m), vipw(1m)
1.1       misho     119: 
1.1.1.3   misho     120: AAUUTTHHOORRSS
                    121:      Many people have worked on ssuuddoo over the years; this version consists of
                    122:      code written primarily by:
1.1       misho     123: 
1.1.1.3   misho     124:            Todd C. Miller
1.1       misho     125: 
1.1.1.3   misho     126:      See the CONTRIBUTORS file in the ssuuddoo distribution
                    127:      (http://www.sudo.ws/sudo/contributors.html) for an exhaustive list of
                    128:      people who have contributed to ssuuddoo.
1.1       misho     129: 
                    130: CCAAVVEEAATTSS
1.1.1.3   misho     131:      There is no easy way to prevent a user from gaining a root shell if the
                    132:      editor used by vviissuuddoo allows shell escapes.
1.1       misho     133: 
                    134: BBUUGGSS
1.1.1.3   misho     135:      If you feel you have found a bug in vviissuuddoo, please submit a bug report at
                    136:      http://www.sudo.ws/sudo/bugs/
1.1       misho     137: 
                    138: SSUUPPPPOORRTT
1.1.1.3   misho     139:      Limited free support is available via the sudo-users mailing list, see
                    140:      http://www.sudo.ws/mailman/listinfo/sudo-users to subscribe or search the
                    141:      archives.
1.1       misho     142: 
                    143: DDIISSCCLLAAIIMMEERR
1.1.1.3   misho     144:      vviissuuddoo is provided ``AS IS'' and any express or implied warranties,
                    145:      including, but not limited to, the implied warranties of merchantability
                    146:      and fitness for a particular purpose are disclaimed.  See the LICENSE
                    147:      file distributed with ssuuddoo or http://www.sudo.ws/sudo/license.html for
                    148:      complete details.
1.1       misho     149: 
1.1.1.5 ! misho     150: Sudo 1.8.8                      August 14, 2013                     Sudo 1.8.8

FreeBSD-CVSweb <freebsd-cvsweb@FreeBSD.org>