Annotation of embedaddon/sudo/doc/visudo.cat, revision 1.1.1.5
1.1.1.3 misho 1: VISUDO(1m) System Manager's Manual VISUDO(1m)
1.1 misho 2:
3: NNAAMMEE
1.1.1.3 misho 4: vviissuuddoo - edit the sudoers file
1.1 misho 5:
6: SSYYNNOOPPSSIISS
1.1.1.3 misho 7: vviissuuddoo [--cchhqqssVV] [--ff _s_u_d_o_e_r_s]
1.1 misho 8:
9: DDEESSCCRRIIPPTTIIOONN
1.1.1.3 misho 10: vviissuuddoo edits the _s_u_d_o_e_r_s file in a safe fashion, analogous to vipw(1m).
11: vviissuuddoo locks the _s_u_d_o_e_r_s file against multiple simultaneous edits,
12: provides basic sanity checks, and checks for parse errors. If the
13: _s_u_d_o_e_r_s file is currently being edited you will receive a message to try
14: again later.
15:
16: There is a hard-coded list of one or more editors that vviissuuddoo will use
17: set at compile-time that may be overridden via the _e_d_i_t_o_r _s_u_d_o_e_r_s Default
18: variable. This list defaults to vi. Normally, vviissuuddoo does not honor the
19: VISUAL or EDITOR environment variables unless they contain an editor in
20: the aforementioned editors list. However, if vviissuuddoo is configured with
21: the --with-env-editor option or the _e_n_v___e_d_i_t_o_r Default variable is set in
22: _s_u_d_o_e_r_s, vviissuuddoo will use any the editor defines by VISUAL or EDITOR.
23: Note that this can be a security hole since it allows the user to execute
24: any program they wish simply by setting VISUAL or EDITOR.
25:
26: vviissuuddoo parses the _s_u_d_o_e_r_s file after the edit and will not save the
27: changes if there is a syntax error. Upon finding an error, vviissuuddoo will
28: print a message stating the line number(s) where the error occurred and
29: the user will receive the ``What now?'' prompt. At this point the user
30: may enter `e' to re-edit the _s_u_d_o_e_r_s file, `x' to exit without saving the
31: changes, or `Q' to quit and save changes. The `Q' option should be used
32: with extreme care because if vviissuuddoo believes there to be a parse error,
33: so will ssuuddoo and no one will be able to ssuuddoo again until the error is
34: fixed. If `e' is typed to edit the _s_u_d_o_e_r_s file after a parse error has
35: been detected, the cursor will be placed on the line where the error
36: occurred (if the editor supports this feature).
37:
38: The options are as follows:
39:
1.1.1.5 ! misho 40: --cc, ----cchheecckk
! 41: Enable _c_h_e_c_k_-_o_n_l_y mode. The existing _s_u_d_o_e_r_s file will be
1.1.1.3 misho 42: checked for syntax errors, owner and mode. A message will be
43: printed to the standard output describing the status of
44: _s_u_d_o_e_r_s unless the --qq option was specified. If the check
45: completes successfully, vviissuuddoo will exit with a value of 0.
46: If an error is encountered, vviissuuddoo will exit with a value of
47: 1.
48:
1.1.1.5 ! misho 49: --ff _s_u_d_o_e_r_s, ----ffiillee=_s_u_d_o_e_r_s
! 50: Specify an alternate _s_u_d_o_e_r_s file location. With this
! 51: option, vviissuuddoo will edit (or check) the _s_u_d_o_e_r_s file of your
! 52: choice, instead of the default, _/_e_t_c_/_s_u_d_o_e_r_s. The lock file
! 53: used is the specified _s_u_d_o_e_r_s file with ``.tmp'' appended to
! 54: it. In _c_h_e_c_k_-_o_n_l_y mode only, the argument to --ff may be `-',
1.1.1.3 misho 55: indicating that _s_u_d_o_e_r_s will be read from the standard input.
56:
1.1.1.5 ! misho 57: --hh, ----hheellpp Display a short help message to the standard output and exit.
1.1.1.3 misho 58:
1.1.1.5 ! misho 59: --qq, ----qquuiieett
! 60: Enable _q_u_i_e_t mode. In this mode details about syntax errors
1.1.1.3 misho 61: are not printed. This option is only useful when combined
62: with the --cc option.
63:
1.1.1.5 ! misho 64: --ss, ----ssttrriicctt
! 65: Enable _s_t_r_i_c_t checking of the _s_u_d_o_e_r_s file. If an alias is
1.1.1.3 misho 66: used before it is defined, vviissuuddoo will consider this a parse
67: error. Note that it is not possible to differentiate between
68: an alias and a host name or user name that consists solely of
69: uppercase letters, digits, and the underscore (`_')
70: character.
1.1 misho 71:
1.1.1.5 ! misho 72: --VV, ----vveerrssiioonn
! 73: Print the vviissuuddoo and _s_u_d_o_e_r_s grammar versions and exit.
1.1 misho 74:
75: EENNVVIIRROONNMMEENNTT
1.1.1.3 misho 76: The following environment variables may be consulted depending on the
77: value of the _e_d_i_t_o_r and _e_n_v___e_d_i_t_o_r _s_u_d_o_e_r_s settings:
1.1 misho 78:
1.1.1.3 misho 79: VISUAL Invoked by vviissuuddoo as the editor to use
1.1 misho 80:
1.1.1.3 misho 81: EDITOR Used by vviissuuddoo if VISUAL is not set
1.1 misho 82:
83: FFIILLEESS
1.1.1.3 misho 84: _/_e_t_c_/_s_u_d_o_e_r_s List of who can run what
1.1 misho 85:
1.1.1.3 misho 86: _/_e_t_c_/_s_u_d_o_e_r_s_._t_m_p Lock file for visudo
1.1 misho 87:
88: DDIIAAGGNNOOSSTTIICCSS
1.1.1.3 misho 89: sudoers file busy, try again later.
1.1 misho 90: Someone else is currently editing the _s_u_d_o_e_r_s file.
91:
1.1.1.3 misho 92: /etc/sudoers.tmp: Permission denied
1.1 misho 93: You didn't run vviissuuddoo as root.
94:
1.1.1.3 misho 95: Can't find you in the passwd database
96: Your user ID does not appear in the system passwd file.
1.1 misho 97:
1.1.1.3 misho 98: Warning: {User,Runas,Host,Cmnd}_Alias referenced but not defined
99: Either you are trying to use an undeclared
1.1 misho 100: {User,Runas,Host,Cmnd}_Alias or you have a user or host name listed
101: that consists solely of uppercase letters, digits, and the
1.1.1.3 misho 102: underscore (`_') character. In the latter case, you can ignore the
1.1 misho 103: warnings (ssuuddoo will not complain). In --ss (strict) mode these are
104: errors, not warnings.
105:
1.1.1.3 misho 106: Warning: unused {User,Runas,Host,Cmnd}_Alias
1.1 misho 107: The specified {User,Runas,Host,Cmnd}_Alias was defined but never
108: used. You may wish to comment out or remove the unused alias. In
109: --ss (strict) mode this is an error, not a warning.
110:
1.1.1.3 misho 111: Warning: cycle in {User,Runas,Host,Cmnd}_Alias
1.1 misho 112: The specified {User,Runas,Host,Cmnd}_Alias includes a reference to
113: itself, either directly or through an alias it includes. This is
114: only a warning by default as ssuuddoo will ignore cycles when parsing
115: the _s_u_d_o_e_r_s file.
116:
117: SSEEEE AALLSSOO
1.1.1.3 misho 118: vi(1), sudoers(4), sudo(1m), vipw(1m)
1.1 misho 119:
1.1.1.3 misho 120: AAUUTTHHOORRSS
121: Many people have worked on ssuuddoo over the years; this version consists of
122: code written primarily by:
1.1 misho 123:
1.1.1.3 misho 124: Todd C. Miller
1.1 misho 125:
1.1.1.3 misho 126: See the CONTRIBUTORS file in the ssuuddoo distribution
127: (http://www.sudo.ws/sudo/contributors.html) for an exhaustive list of
128: people who have contributed to ssuuddoo.
1.1 misho 129:
130: CCAAVVEEAATTSS
1.1.1.3 misho 131: There is no easy way to prevent a user from gaining a root shell if the
132: editor used by vviissuuddoo allows shell escapes.
1.1 misho 133:
134: BBUUGGSS
1.1.1.3 misho 135: If you feel you have found a bug in vviissuuddoo, please submit a bug report at
136: http://www.sudo.ws/sudo/bugs/
1.1 misho 137:
138: SSUUPPPPOORRTT
1.1.1.3 misho 139: Limited free support is available via the sudo-users mailing list, see
140: http://www.sudo.ws/mailman/listinfo/sudo-users to subscribe or search the
141: archives.
1.1 misho 142:
143: DDIISSCCLLAAIIMMEERR
1.1.1.3 misho 144: vviissuuddoo is provided ``AS IS'' and any express or implied warranties,
145: including, but not limited to, the implied warranties of merchantability
146: and fitness for a particular purpose are disclaimed. See the LICENSE
147: file distributed with ssuuddoo or http://www.sudo.ws/sudo/license.html for
148: complete details.
1.1 misho 149:
1.1.1.5 ! misho 150: Sudo 1.8.8 August 14, 2013 Sudo 1.8.8
FreeBSD-CVSweb <freebsd-cvsweb@FreeBSD.org>