Annotation of embedaddon/sudo/doc/visudo.man.in, revision 1.1.1.6
1.1.1.3 misho 1: .\" DO NOT EDIT THIS FILE, IT IS NOT THE MASTER!
2: .\" IT IS GENERATED AUTOMATICALLY FROM visudo.mdoc.in
3: .\"
1.1.1.6 ! misho 4: .\" Copyright (c) 1996,1998-2005, 2007-2014
1.1.1.3 misho 5: .\" Todd C. Miller <Todd.Miller@courtesan.com>
6: .\"
1.1 misho 7: .\" Permission to use, copy, modify, and distribute this software for any
8: .\" purpose with or without fee is hereby granted, provided that the above
9: .\" copyright notice and this permission notice appear in all copies.
1.1.1.3 misho 10: .\"
1.1 misho 11: .\" THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
12: .\" WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
13: .\" MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
14: .\" ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
15: .\" WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
16: .\" ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
17: .\" OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
18: .\" ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
1.1.1.3 misho 19: .\"
1.1 misho 20: .\" Sponsored in part by the Defense Advanced Research Projects
21: .\" Agency (DARPA) and Air Force Research Laboratory, Air Force
22: .\" Materiel Command, USAF, under agreement number F39502-99-1-0512.
23: .\"
1.1.1.6 ! misho 24: .TH "VISUDO" "@mansectsu@" "February 15, 2014" "Sudo @PACKAGE_VERSION@" "System Manager's Manual"
1.1 misho 25: .nh
1.1.1.3 misho 26: .if n .ad l
1.1 misho 27: .SH "NAME"
1.1.1.3 misho 28: \fBvisudo\fR
29: \- edit the sudoers file
1.1 misho 30: .SH "SYNOPSIS"
1.1.1.3 misho 31: .HP 7n
32: \fBvisudo\fR
33: [\fB\-chqsV\fR]
34: [\fB\-f\fR\ \fIsudoers\fR]
1.1.1.6 ! misho 35: [\fB\-x\fR\ \fIfile\fR]
1.1 misho 36: .SH "DESCRIPTION"
1.1.1.3 misho 37: \fBvisudo\fR
38: edits the
39: \fIsudoers\fR
40: file in a safe fashion, analogous to
41: vipw(@mansectsu@).
42: \fBvisudo\fR
43: locks the
44: \fIsudoers\fR
45: file against multiple simultaneous edits, provides basic sanity checks,
46: and checks for parse errors.
47: If the
48: \fIsudoers\fR
49: file is currently being edited you will receive a message to try again later.
1.1 misho 50: .PP
1.1.1.3 misho 51: There is a hard-coded list of one or more editors that
52: \fBvisudo\fR
53: will use set at compile-time that may be overridden via the
54: \fIeditor\fR
55: \fIsudoers\fR
56: \fRDefault\fR
57: variable.
58: This list defaults to
59: \fR@editor@\fR.
60: Normally,
61: \fBvisudo\fR
62: does not honor the
63: \fRVISUAL\fR
64: or
65: \fREDITOR\fR
66: environment variables unless they contain an editor in the aforementioned
67: editors list.
68: However, if
69: \fBvisudo\fR
70: is configured with the
71: \fR--with-env-editor\fR
72: option or the
73: \fIenv_editor\fR
74: \fRDefault\fR
75: variable is set in
76: \fIsudoers\fR,
77: \fBvisudo\fR
78: will use any the editor defines by
79: \fRVISUAL\fR
80: or
81: \fREDITOR\fR.
1.1 misho 82: Note that this can be a security hole since it allows the user to
1.1.1.3 misho 83: execute any program they wish simply by setting
84: \fRVISUAL\fR
85: or
86: \fREDITOR\fR.
1.1 misho 87: .PP
1.1.1.3 misho 88: \fBvisudo\fR
89: parses the
90: \fIsudoers\fR
91: file after the edit and will
92: not save the changes if there is a syntax error.
93: Upon finding an error,
94: \fBvisudo\fR
95: will print a message stating the line number(s)
1.1 misho 96: where the error occurred and the user will receive the
1.1.1.6 ! misho 97: \(lqWhat now?\(rq
1.1.1.3 misho 98: prompt.
99: At this point the user may enter
1.1.1.6 ! misho 100: \(oqe\(cq
1.1.1.3 misho 101: to re-edit the
102: \fIsudoers\fR
103: file,
1.1.1.6 ! misho 104: \(oqx\(cq
1.1.1.3 misho 105: to exit without saving the changes, or
1.1.1.6 ! misho 106: \(oqQ\(cq
1.1.1.3 misho 107: to quit and save changes.
108: The
1.1.1.6 ! misho 109: \(oqQ\(cq
1.1.1.3 misho 110: option should be used with extreme care because if
111: \fBvisudo\fR
112: believes there to be a parse error, so will
113: \fBsudo\fR
114: and no one
115: will be able to
116: \fBsudo\fR
117: again until the error is fixed.
118: If
1.1.1.6 ! misho 119: \(oqe\(cq
1.1.1.3 misho 120: is typed to edit the
121: \fIsudoers\fR
122: file after a parse error has been detected, the cursor will be placed on
123: the line where the error occurred (if the editor supports this feature).
124: .PP
125: The options are as follows:
126: .TP 12n
1.1.1.5 misho 127: \fB\-c\fR, \fB\--check\fR
1.1.1.3 misho 128: Enable
129: \fIcheck-only\fR
130: mode.
131: The existing
132: \fIsudoers\fR
133: file will be
134: checked for syntax errors, owner and mode.
135: A message will be printed to the standard output describing the status of
136: \fIsudoers\fR
137: unless the
138: \fB\-q\fR
139: option was specified.
140: If the check completes successfully,
141: \fBvisudo\fR
142: will exit with a value of 0.
143: If an error is encountered,
144: \fBvisudo\fR
145: will exit with a value of 1.
146: .TP 12n
1.1.1.5 misho 147: \fB\-f\fR \fIsudoers\fR, \fB\--file\fR=\fIsudoers\fR
1.1.1.4 misho 148: Specify an alternate
1.1.1.3 misho 149: \fIsudoers\fR
150: file location.
1.1.1.5 misho 151: With this option,
1.1.1.3 misho 152: \fBvisudo\fR
153: will edit (or check) the
154: \fIsudoers\fR
155: file of your choice,
156: instead of the default,
157: \fI@sysconfdir@/sudoers\fR.
158: The lock file used is the specified
159: \fIsudoers\fR
160: file with
1.1.1.6 ! misho 161: \(lq\.tmp\(rq
1.1.1.3 misho 162: appended to it.
163: In
164: \fIcheck-only\fR
165: mode only, the argument to
166: \fB\-f\fR
167: may be
1.1.1.6 ! misho 168: \(oq-\(cq,
1.1.1.3 misho 169: indicating that
170: \fIsudoers\fR
171: will be read from the standard input.
172: .TP 12n
1.1.1.5 misho 173: \fB\-h\fR, \fB\--help\fR
174: Display a short help message to the standard output and exit.
1.1.1.3 misho 175: .TP 12n
1.1.1.5 misho 176: \fB\-q\fR, \fB\--quiet\fR
1.1.1.3 misho 177: Enable
178: \fIquiet\fR
179: mode.
180: In this mode details about syntax errors are not printed.
181: This option is only useful when combined with
182: the
183: \fB\-c\fR
184: option.
185: .TP 12n
1.1.1.5 misho 186: \fB\-s\fR, \fB\--strict\fR
1.1.1.3 misho 187: Enable
188: \fIstrict\fR
189: checking of the
190: \fIsudoers\fR
191: file.
192: If an alias is used before it is defined,
193: \fBvisudo\fR
194: will consider this a parse error.
195: Note that it is not possible to differentiate between an
1.1 misho 196: alias and a host name or user name that consists solely of uppercase
1.1.1.3 misho 197: letters, digits, and the underscore
1.1.1.6 ! misho 198: (\(oq_\(cq)
1.1.1.3 misho 199: character.
200: .TP 12n
1.1.1.5 misho 201: \fB\-V\fR, \fB\--version\fR
202: Print the
1.1.1.3 misho 203: \fBvisudo\fR
1.1.1.5 misho 204: and
205: \fIsudoers\fR
206: grammar versions and exit.
1.1.1.6 ! misho 207: .TP 12n
! 208: \fB\-x\fR \fIfile\fR, \fB\--export\fR=\fIfile\fR
! 209: Export
! 210: \fIsudoers\fR
! 211: in JSON format and write it to
! 212: \fIfile\fR.
! 213: If
! 214: \fIfile\fR
! 215: is
! 216: \(oq-\(cq,
! 217: the exported
! 218: \fIsudoers\fR
! 219: policy will be written to the standard output.
! 220: The exported format is intended to be easier for third-party
! 221: applications to parse than the traditional
! 222: \fIsudoers\fR
! 223: format.
! 224: The various values have explicit types which removes much of the
! 225: ambiguity of the
! 226: \fIsudoers\fR
! 227: format.
1.1 misho 228: .SH "ENVIRONMENT"
229: The following environment variables may be consulted depending on
1.1.1.3 misho 230: the value of the
231: \fIeditor\fR
232: and
233: \fIenv_editor\fR
234: \fIsudoers\fR
235: settings:
236: .TP 17n
237: \fRVISUAL\fR
238: Invoked by
239: \fBvisudo\fR
240: as the editor to use
241: .TP 17n
242: \fREDITOR\fR
243: Used by
244: \fBvisudo\fR
245: if
246: \fRVISUAL\fR
247: is not set
1.1 misho 248: .SH "FILES"
1.1.1.3 misho 249: .TP 26n
250: \fI@sysconfdir@/sudoers\fR
1.1 misho 251: List of who can run what
1.1.1.3 misho 252: .TP 26n
253: \fI@sysconfdir@/sudoers.tmp\fR
1.1 misho 254: Lock file for visudo
255: .SH "DIAGNOSTICS"
1.1.1.3 misho 256: .TP 6n
257: \fRsudoers file busy, try again later.\fR
258: Someone else is currently editing the
259: \fIsudoers\fR
260: file.
261: .TP 6n
262: \fR@sysconfdir@/sudoers.tmp: Permission denied\fR
263: You didn't run
264: \fBvisudo\fR
265: as root.
266: .TP 6n
267: \fRCan't find you in the passwd database\fR
268: Your user ID does not appear in the system passwd file.
269: .TP 6n
270: \fRWarning: {User,Runas,Host,Cmnd}_Alias referenced but not defined\fR
271: Either you are trying to use an undeclared {User,Runas,Host,Cmnd}_Alias
1.1 misho 272: or you have a user or host name listed that consists solely of
1.1.1.3 misho 273: uppercase letters, digits, and the underscore
1.1.1.6 ! misho 274: (\(oq_\(cq)
1.1.1.3 misho 275: character.
276: In the latter case, you can ignore the warnings
277: (\fBsudo\fR
278: will not complain)
279: \&.
280: In
281: \fB\-s\fR
282: (strict) mode these are errors, not warnings.
283: .TP 6n
284: \fRWarning: unused {User,Runas,Host,Cmnd}_Alias\fR
1.1 misho 285: The specified {User,Runas,Host,Cmnd}_Alias was defined but never
1.1.1.3 misho 286: used.
287: You may wish to comment out or remove the unused alias.
288: In
289: \fB\-s\fR
290: (strict) mode this is an error, not a warning.
291: .TP 6n
292: \fRWarning: cycle in {User,Runas,Host,Cmnd}_Alias\fR
1.1 misho 293: The specified {User,Runas,Host,Cmnd}_Alias includes a reference to
1.1.1.3 misho 294: itself, either directly or through an alias it includes.
295: This is only a warning by default as
296: \fBsudo\fR
297: will ignore cycles when parsing
298: the
299: \fIsudoers\fR
300: file.
1.1 misho 301: .SH "SEE ALSO"
1.1.1.3 misho 302: vi(1),
303: sudoers(@mansectform@),
304: sudo(@mansectsu@),
305: vipw(@mansectsu@)
306: .SH "AUTHORS"
307: Many people have worked on
308: \fBsudo\fR
309: over the years; this version consists of code written primarily by:
310: .sp
311: .RS 6n
312: Todd C. Miller
313: .RE
1.1 misho 314: .PP
1.1.1.3 misho 315: See the CONTRIBUTORS file in the
316: \fBsudo\fR
317: distribution (http://www.sudo.ws/sudo/contributors.html) for an
318: exhaustive list of people who have contributed to
319: \fBsudo\fR.
1.1 misho 320: .SH "CAVEATS"
1.1.1.3 misho 321: There is no easy way to prevent a user from gaining a root shell if
322: the editor used by
323: \fBvisudo\fR
324: allows shell escapes.
1.1 misho 325: .SH "BUGS"
1.1.1.3 misho 326: If you feel you have found a bug in
327: \fBvisudo\fR,
328: please submit a bug report at http://www.sudo.ws/sudo/bugs/
1.1 misho 329: .SH "SUPPORT"
330: Limited free support is available via the sudo-users mailing list,
1.1.1.3 misho 331: see http://www.sudo.ws/mailman/listinfo/sudo-users to subscribe or
1.1 misho 332: search the archives.
333: .SH "DISCLAIMER"
1.1.1.3 misho 334: \fBvisudo\fR
335: is provided
1.1.1.6 ! misho 336: \(lqAS IS\(rq
1.1.1.3 misho 337: and any express or implied warranties, including, but not limited
338: to, the implied warranties of merchantability and fitness for a
339: particular purpose are disclaimed.
340: See the LICENSE file distributed with
341: \fBsudo\fR
342: or http://www.sudo.ws/sudo/license.html for complete details.
FreeBSD-CVSweb <freebsd-cvsweb@FreeBSD.org>
![[BACK]](/icons/cvsweb/back.gif){kind=icon}
Return to visudo.man.in CVS log ![[TXT]](/icons/cvsweb/text.gif){kind=icon}
![[DIR]](/icons/cvsweb/dir.gif){kind=icon}
Up to [ELWIX - Embedded LightWeight unIX -] / embedaddon / sudo / doc