Return to def_data.c CVS log | Up to [ELWIX - Embedded LightWeight unIX -] / embedaddon / sudo / plugins / sudoers |
1.1 ! misho 1: static struct def_values def_data_lecture[] = { ! 2: { "never", never }, ! 3: { "once", once }, ! 4: { "always", always }, ! 5: { NULL, 0 }, ! 6: }; ! 7: ! 8: static struct def_values def_data_listpw[] = { ! 9: { "never", never }, ! 10: { "any", any }, ! 11: { "all", all }, ! 12: { "always", always }, ! 13: { NULL, 0 }, ! 14: }; ! 15: ! 16: static struct def_values def_data_verifypw[] = { ! 17: { "never", never }, ! 18: { "all", all }, ! 19: { "any", any }, ! 20: { "always", always }, ! 21: { NULL, 0 }, ! 22: }; ! 23: ! 24: struct sudo_defs_types sudo_defs_table[] = { ! 25: { ! 26: "syslog", T_LOGFAC|T_BOOL, ! 27: N_("Syslog facility if syslog is being used for logging: %s"), ! 28: NULL, ! 29: }, { ! 30: "syslog_goodpri", T_LOGPRI, ! 31: N_("Syslog priority to use when user authenticates successfully: %s"), ! 32: NULL, ! 33: }, { ! 34: "syslog_badpri", T_LOGPRI, ! 35: N_("Syslog priority to use when user authenticates unsuccessfully: %s"), ! 36: NULL, ! 37: }, { ! 38: "long_otp_prompt", T_FLAG, ! 39: N_("Put OTP prompt on its own line"), ! 40: NULL, ! 41: }, { ! 42: "ignore_dot", T_FLAG, ! 43: N_("Ignore '.' in $PATH"), ! 44: NULL, ! 45: }, { ! 46: "mail_always", T_FLAG, ! 47: N_("Always send mail when sudo is run"), ! 48: NULL, ! 49: }, { ! 50: "mail_badpass", T_FLAG, ! 51: N_("Send mail if user authentication fails"), ! 52: NULL, ! 53: }, { ! 54: "mail_no_user", T_FLAG, ! 55: N_("Send mail if the user is not in sudoers"), ! 56: NULL, ! 57: }, { ! 58: "mail_no_host", T_FLAG, ! 59: N_("Send mail if the user is not in sudoers for this host"), ! 60: NULL, ! 61: }, { ! 62: "mail_no_perms", T_FLAG, ! 63: N_("Send mail if the user is not allowed to run a command"), ! 64: NULL, ! 65: }, { ! 66: "tty_tickets", T_FLAG, ! 67: N_("Use a separate timestamp for each user/tty combo"), ! 68: NULL, ! 69: }, { ! 70: "lecture", T_TUPLE|T_BOOL, ! 71: N_("Lecture user the first time they run sudo"), ! 72: def_data_lecture, ! 73: }, { ! 74: "lecture_file", T_STR|T_PATH|T_BOOL, ! 75: N_("File containing the sudo lecture: %s"), ! 76: NULL, ! 77: }, { ! 78: "authenticate", T_FLAG, ! 79: N_("Require users to authenticate by default"), ! 80: NULL, ! 81: }, { ! 82: "root_sudo", T_FLAG, ! 83: N_("Root may run sudo"), ! 84: NULL, ! 85: }, { ! 86: "log_host", T_FLAG, ! 87: N_("Log the hostname in the (non-syslog) log file"), ! 88: NULL, ! 89: }, { ! 90: "log_year", T_FLAG, ! 91: N_("Log the year in the (non-syslog) log file"), ! 92: NULL, ! 93: }, { ! 94: "shell_noargs", T_FLAG, ! 95: N_("If sudo is invoked with no arguments, start a shell"), ! 96: NULL, ! 97: }, { ! 98: "set_home", T_FLAG, ! 99: N_("Set $HOME to the target user when starting a shell with -s"), ! 100: NULL, ! 101: }, { ! 102: "always_set_home", T_FLAG, ! 103: N_("Always set $HOME to the target user's home directory"), ! 104: NULL, ! 105: }, { ! 106: "path_info", T_FLAG, ! 107: N_("Allow some information gathering to give useful error messages"), ! 108: NULL, ! 109: }, { ! 110: "fqdn", T_FLAG, ! 111: N_("Require fully-qualified hostnames in the sudoers file"), ! 112: NULL, ! 113: }, { ! 114: "insults", T_FLAG, ! 115: N_("Insult the user when they enter an incorrect password"), ! 116: NULL, ! 117: }, { ! 118: "requiretty", T_FLAG, ! 119: N_("Only allow the user to run sudo if they have a tty"), ! 120: NULL, ! 121: }, { ! 122: "env_editor", T_FLAG, ! 123: N_("Visudo will honor the EDITOR environment variable"), ! 124: NULL, ! 125: }, { ! 126: "rootpw", T_FLAG, ! 127: N_("Prompt for root's password, not the users's"), ! 128: NULL, ! 129: }, { ! 130: "runaspw", T_FLAG, ! 131: N_("Prompt for the runas_default user's password, not the users's"), ! 132: NULL, ! 133: }, { ! 134: "targetpw", T_FLAG, ! 135: N_("Prompt for the target user's password, not the users's"), ! 136: NULL, ! 137: }, { ! 138: "use_loginclass", T_FLAG, ! 139: N_("Apply defaults in the target user's login class if there is one"), ! 140: NULL, ! 141: }, { ! 142: "set_logname", T_FLAG, ! 143: N_("Set the LOGNAME and USER environment variables"), ! 144: NULL, ! 145: }, { ! 146: "stay_setuid", T_FLAG, ! 147: N_("Only set the effective uid to the target user, not the real uid"), ! 148: NULL, ! 149: }, { ! 150: "preserve_groups", T_FLAG, ! 151: N_("Don't initialize the group vector to that of the target user"), ! 152: NULL, ! 153: }, { ! 154: "loglinelen", T_UINT|T_BOOL, ! 155: N_("Length at which to wrap log file lines (0 for no wrap): %d"), ! 156: NULL, ! 157: }, { ! 158: "timestamp_timeout", T_FLOAT|T_BOOL, ! 159: N_("Authentication timestamp timeout: %.1f minutes"), ! 160: NULL, ! 161: }, { ! 162: "passwd_timeout", T_FLOAT|T_BOOL, ! 163: N_("Password prompt timeout: %.1f minutes"), ! 164: NULL, ! 165: }, { ! 166: "passwd_tries", T_UINT, ! 167: N_("Number of tries to enter a password: %d"), ! 168: NULL, ! 169: }, { ! 170: "umask", T_MODE|T_BOOL, ! 171: N_("Umask to use or 0777 to use user's: 0%o"), ! 172: NULL, ! 173: }, { ! 174: "logfile", T_STR|T_BOOL|T_PATH, ! 175: N_("Path to log file: %s"), ! 176: NULL, ! 177: }, { ! 178: "mailerpath", T_STR|T_BOOL|T_PATH, ! 179: N_("Path to mail program: %s"), ! 180: NULL, ! 181: }, { ! 182: "mailerflags", T_STR|T_BOOL, ! 183: N_("Flags for mail program: %s"), ! 184: NULL, ! 185: }, { ! 186: "mailto", T_STR|T_BOOL, ! 187: N_("Address to send mail to: %s"), ! 188: NULL, ! 189: }, { ! 190: "mailfrom", T_STR|T_BOOL, ! 191: N_("Address to send mail from: %s"), ! 192: NULL, ! 193: }, { ! 194: "mailsub", T_STR, ! 195: N_("Subject line for mail messages: %s"), ! 196: NULL, ! 197: }, { ! 198: "badpass_message", T_STR, ! 199: N_("Incorrect password message: %s"), ! 200: NULL, ! 201: }, { ! 202: "timestampdir", T_STR|T_PATH, ! 203: N_("Path to authentication timestamp dir: %s"), ! 204: NULL, ! 205: }, { ! 206: "timestampowner", T_STR, ! 207: N_("Owner of the authentication timestamp dir: %s"), ! 208: NULL, ! 209: }, { ! 210: "exempt_group", T_STR|T_BOOL, ! 211: N_("Users in this group are exempt from password and PATH requirements: %s"), ! 212: NULL, ! 213: }, { ! 214: "passprompt", T_STR, ! 215: N_("Default password prompt: %s"), ! 216: NULL, ! 217: }, { ! 218: "passprompt_override", T_FLAG, ! 219: N_("If set, passprompt will override system prompt in all cases."), ! 220: NULL, ! 221: }, { ! 222: "runas_default", T_STR, ! 223: N_("Default user to run commands as: %s"), ! 224: NULL, ! 225: }, { ! 226: "secure_path", T_STR|T_BOOL, ! 227: N_("Value to override user's $PATH with: %s"), ! 228: NULL, ! 229: }, { ! 230: "editor", T_STR|T_PATH, ! 231: N_("Path to the editor for use by visudo: %s"), ! 232: NULL, ! 233: }, { ! 234: "listpw", T_TUPLE|T_BOOL, ! 235: N_("When to require a password for 'list' pseudocommand: %s"), ! 236: def_data_listpw, ! 237: }, { ! 238: "verifypw", T_TUPLE|T_BOOL, ! 239: N_("When to require a password for 'verify' pseudocommand: %s"), ! 240: def_data_verifypw, ! 241: }, { ! 242: "noexec", T_FLAG, ! 243: N_("Preload the dummy exec functions contained in 'noexec_file'"), ! 244: NULL, ! 245: }, { ! 246: "noexec_file", T_STR|T_PATH, ! 247: N_("File containing dummy exec functions: %s"), ! 248: NULL, ! 249: }, { ! 250: "ignore_local_sudoers", T_FLAG, ! 251: N_("If LDAP directory is up, do we ignore local sudoers file"), ! 252: NULL, ! 253: }, { ! 254: "closefrom", T_INT, ! 255: N_("File descriptors >= %d will be closed before executing a command"), ! 256: NULL, ! 257: }, { ! 258: "closefrom_override", T_FLAG, ! 259: N_("If set, users may override the value of `closefrom' with the -C option"), ! 260: NULL, ! 261: }, { ! 262: "setenv", T_FLAG, ! 263: N_("Allow users to set arbitrary environment variables"), ! 264: NULL, ! 265: }, { ! 266: "env_reset", T_FLAG, ! 267: N_("Reset the environment to a default set of variables"), ! 268: NULL, ! 269: }, { ! 270: "env_check", T_LIST|T_BOOL, ! 271: N_("Environment variables to check for sanity:"), ! 272: NULL, ! 273: }, { ! 274: "env_delete", T_LIST|T_BOOL, ! 275: N_("Environment variables to remove:"), ! 276: NULL, ! 277: }, { ! 278: "env_keep", T_LIST|T_BOOL, ! 279: N_("Environment variables to preserve:"), ! 280: NULL, ! 281: }, { ! 282: "role", T_STR, ! 283: N_("SELinux role to use in the new security context: %s"), ! 284: NULL, ! 285: }, { ! 286: "type", T_STR, ! 287: N_("SELinux type to use in the new security context: %s"), ! 288: NULL, ! 289: }, { ! 290: "env_file", T_STR|T_PATH|T_BOOL, ! 291: N_("Path to the sudo-specific environment file: %s"), ! 292: NULL, ! 293: }, { ! 294: "sudoers_locale", T_STR, ! 295: N_("Locale to use while parsing sudoers: %s"), ! 296: NULL, ! 297: }, { ! 298: "visiblepw", T_FLAG, ! 299: N_("Allow sudo to prompt for a password even if it would be visisble"), ! 300: NULL, ! 301: }, { ! 302: "pwfeedback", T_FLAG, ! 303: N_("Provide visual feedback at the password prompt when there is user input"), ! 304: NULL, ! 305: }, { ! 306: "fast_glob", T_FLAG, ! 307: N_("Use faster globbing that is less accurate but does not access the filesystem"), ! 308: NULL, ! 309: }, { ! 310: "umask_override", T_FLAG, ! 311: N_("The umask specified in sudoers will override the user's, even if it is more permissive"), ! 312: NULL, ! 313: }, { ! 314: "log_input", T_FLAG, ! 315: N_("Log user's input for the command being run"), ! 316: NULL, ! 317: }, { ! 318: "log_output", T_FLAG, ! 319: N_("Log the output of the command being run"), ! 320: NULL, ! 321: }, { ! 322: "compress_io", T_FLAG, ! 323: N_("Compress I/O logs using zlib"), ! 324: NULL, ! 325: }, { ! 326: "use_pty", T_FLAG, ! 327: N_("Always run commands in a pseudo-tty"), ! 328: NULL, ! 329: }, { ! 330: "group_plugin", T_STR, ! 331: N_("Plugin for non-Unix group support"), ! 332: NULL, ! 333: }, { ! 334: "iolog_dir", T_STR|T_PATH, ! 335: N_("Directory in which to store input/output logs"), ! 336: NULL, ! 337: }, { ! 338: "iolog_file", T_STR, ! 339: N_("File in which to store the input/output log"), ! 340: NULL, ! 341: }, { ! 342: "set_utmp", T_FLAG, ! 343: N_("Add an entry to the utmp/utmpx file when allocating a pty"), ! 344: NULL, ! 345: }, { ! 346: "utmp_runas", T_FLAG, ! 347: N_("Set the user in utmp to the runas user, not the invoking user"), ! 348: NULL, ! 349: }, { ! 350: NULL, 0, NULL ! 351: } ! 352: };