Annotation of embedaddon/sudo/plugins/sudoers/def_data.c, revision 1.1
1.1 ! misho 1: static struct def_values def_data_lecture[] = {
! 2: { "never", never },
! 3: { "once", once },
! 4: { "always", always },
! 5: { NULL, 0 },
! 6: };
! 7:
! 8: static struct def_values def_data_listpw[] = {
! 9: { "never", never },
! 10: { "any", any },
! 11: { "all", all },
! 12: { "always", always },
! 13: { NULL, 0 },
! 14: };
! 15:
! 16: static struct def_values def_data_verifypw[] = {
! 17: { "never", never },
! 18: { "all", all },
! 19: { "any", any },
! 20: { "always", always },
! 21: { NULL, 0 },
! 22: };
! 23:
! 24: struct sudo_defs_types sudo_defs_table[] = {
! 25: {
! 26: "syslog", T_LOGFAC|T_BOOL,
! 27: N_("Syslog facility if syslog is being used for logging: %s"),
! 28: NULL,
! 29: }, {
! 30: "syslog_goodpri", T_LOGPRI,
! 31: N_("Syslog priority to use when user authenticates successfully: %s"),
! 32: NULL,
! 33: }, {
! 34: "syslog_badpri", T_LOGPRI,
! 35: N_("Syslog priority to use when user authenticates unsuccessfully: %s"),
! 36: NULL,
! 37: }, {
! 38: "long_otp_prompt", T_FLAG,
! 39: N_("Put OTP prompt on its own line"),
! 40: NULL,
! 41: }, {
! 42: "ignore_dot", T_FLAG,
! 43: N_("Ignore '.' in $PATH"),
! 44: NULL,
! 45: }, {
! 46: "mail_always", T_FLAG,
! 47: N_("Always send mail when sudo is run"),
! 48: NULL,
! 49: }, {
! 50: "mail_badpass", T_FLAG,
! 51: N_("Send mail if user authentication fails"),
! 52: NULL,
! 53: }, {
! 54: "mail_no_user", T_FLAG,
! 55: N_("Send mail if the user is not in sudoers"),
! 56: NULL,
! 57: }, {
! 58: "mail_no_host", T_FLAG,
! 59: N_("Send mail if the user is not in sudoers for this host"),
! 60: NULL,
! 61: }, {
! 62: "mail_no_perms", T_FLAG,
! 63: N_("Send mail if the user is not allowed to run a command"),
! 64: NULL,
! 65: }, {
! 66: "tty_tickets", T_FLAG,
! 67: N_("Use a separate timestamp for each user/tty combo"),
! 68: NULL,
! 69: }, {
! 70: "lecture", T_TUPLE|T_BOOL,
! 71: N_("Lecture user the first time they run sudo"),
! 72: def_data_lecture,
! 73: }, {
! 74: "lecture_file", T_STR|T_PATH|T_BOOL,
! 75: N_("File containing the sudo lecture: %s"),
! 76: NULL,
! 77: }, {
! 78: "authenticate", T_FLAG,
! 79: N_("Require users to authenticate by default"),
! 80: NULL,
! 81: }, {
! 82: "root_sudo", T_FLAG,
! 83: N_("Root may run sudo"),
! 84: NULL,
! 85: }, {
! 86: "log_host", T_FLAG,
! 87: N_("Log the hostname in the (non-syslog) log file"),
! 88: NULL,
! 89: }, {
! 90: "log_year", T_FLAG,
! 91: N_("Log the year in the (non-syslog) log file"),
! 92: NULL,
! 93: }, {
! 94: "shell_noargs", T_FLAG,
! 95: N_("If sudo is invoked with no arguments, start a shell"),
! 96: NULL,
! 97: }, {
! 98: "set_home", T_FLAG,
! 99: N_("Set $HOME to the target user when starting a shell with -s"),
! 100: NULL,
! 101: }, {
! 102: "always_set_home", T_FLAG,
! 103: N_("Always set $HOME to the target user's home directory"),
! 104: NULL,
! 105: }, {
! 106: "path_info", T_FLAG,
! 107: N_("Allow some information gathering to give useful error messages"),
! 108: NULL,
! 109: }, {
! 110: "fqdn", T_FLAG,
! 111: N_("Require fully-qualified hostnames in the sudoers file"),
! 112: NULL,
! 113: }, {
! 114: "insults", T_FLAG,
! 115: N_("Insult the user when they enter an incorrect password"),
! 116: NULL,
! 117: }, {
! 118: "requiretty", T_FLAG,
! 119: N_("Only allow the user to run sudo if they have a tty"),
! 120: NULL,
! 121: }, {
! 122: "env_editor", T_FLAG,
! 123: N_("Visudo will honor the EDITOR environment variable"),
! 124: NULL,
! 125: }, {
! 126: "rootpw", T_FLAG,
! 127: N_("Prompt for root's password, not the users's"),
! 128: NULL,
! 129: }, {
! 130: "runaspw", T_FLAG,
! 131: N_("Prompt for the runas_default user's password, not the users's"),
! 132: NULL,
! 133: }, {
! 134: "targetpw", T_FLAG,
! 135: N_("Prompt for the target user's password, not the users's"),
! 136: NULL,
! 137: }, {
! 138: "use_loginclass", T_FLAG,
! 139: N_("Apply defaults in the target user's login class if there is one"),
! 140: NULL,
! 141: }, {
! 142: "set_logname", T_FLAG,
! 143: N_("Set the LOGNAME and USER environment variables"),
! 144: NULL,
! 145: }, {
! 146: "stay_setuid", T_FLAG,
! 147: N_("Only set the effective uid to the target user, not the real uid"),
! 148: NULL,
! 149: }, {
! 150: "preserve_groups", T_FLAG,
! 151: N_("Don't initialize the group vector to that of the target user"),
! 152: NULL,
! 153: }, {
! 154: "loglinelen", T_UINT|T_BOOL,
! 155: N_("Length at which to wrap log file lines (0 for no wrap): %d"),
! 156: NULL,
! 157: }, {
! 158: "timestamp_timeout", T_FLOAT|T_BOOL,
! 159: N_("Authentication timestamp timeout: %.1f minutes"),
! 160: NULL,
! 161: }, {
! 162: "passwd_timeout", T_FLOAT|T_BOOL,
! 163: N_("Password prompt timeout: %.1f minutes"),
! 164: NULL,
! 165: }, {
! 166: "passwd_tries", T_UINT,
! 167: N_("Number of tries to enter a password: %d"),
! 168: NULL,
! 169: }, {
! 170: "umask", T_MODE|T_BOOL,
! 171: N_("Umask to use or 0777 to use user's: 0%o"),
! 172: NULL,
! 173: }, {
! 174: "logfile", T_STR|T_BOOL|T_PATH,
! 175: N_("Path to log file: %s"),
! 176: NULL,
! 177: }, {
! 178: "mailerpath", T_STR|T_BOOL|T_PATH,
! 179: N_("Path to mail program: %s"),
! 180: NULL,
! 181: }, {
! 182: "mailerflags", T_STR|T_BOOL,
! 183: N_("Flags for mail program: %s"),
! 184: NULL,
! 185: }, {
! 186: "mailto", T_STR|T_BOOL,
! 187: N_("Address to send mail to: %s"),
! 188: NULL,
! 189: }, {
! 190: "mailfrom", T_STR|T_BOOL,
! 191: N_("Address to send mail from: %s"),
! 192: NULL,
! 193: }, {
! 194: "mailsub", T_STR,
! 195: N_("Subject line for mail messages: %s"),
! 196: NULL,
! 197: }, {
! 198: "badpass_message", T_STR,
! 199: N_("Incorrect password message: %s"),
! 200: NULL,
! 201: }, {
! 202: "timestampdir", T_STR|T_PATH,
! 203: N_("Path to authentication timestamp dir: %s"),
! 204: NULL,
! 205: }, {
! 206: "timestampowner", T_STR,
! 207: N_("Owner of the authentication timestamp dir: %s"),
! 208: NULL,
! 209: }, {
! 210: "exempt_group", T_STR|T_BOOL,
! 211: N_("Users in this group are exempt from password and PATH requirements: %s"),
! 212: NULL,
! 213: }, {
! 214: "passprompt", T_STR,
! 215: N_("Default password prompt: %s"),
! 216: NULL,
! 217: }, {
! 218: "passprompt_override", T_FLAG,
! 219: N_("If set, passprompt will override system prompt in all cases."),
! 220: NULL,
! 221: }, {
! 222: "runas_default", T_STR,
! 223: N_("Default user to run commands as: %s"),
! 224: NULL,
! 225: }, {
! 226: "secure_path", T_STR|T_BOOL,
! 227: N_("Value to override user's $PATH with: %s"),
! 228: NULL,
! 229: }, {
! 230: "editor", T_STR|T_PATH,
! 231: N_("Path to the editor for use by visudo: %s"),
! 232: NULL,
! 233: }, {
! 234: "listpw", T_TUPLE|T_BOOL,
! 235: N_("When to require a password for 'list' pseudocommand: %s"),
! 236: def_data_listpw,
! 237: }, {
! 238: "verifypw", T_TUPLE|T_BOOL,
! 239: N_("When to require a password for 'verify' pseudocommand: %s"),
! 240: def_data_verifypw,
! 241: }, {
! 242: "noexec", T_FLAG,
! 243: N_("Preload the dummy exec functions contained in 'noexec_file'"),
! 244: NULL,
! 245: }, {
! 246: "noexec_file", T_STR|T_PATH,
! 247: N_("File containing dummy exec functions: %s"),
! 248: NULL,
! 249: }, {
! 250: "ignore_local_sudoers", T_FLAG,
! 251: N_("If LDAP directory is up, do we ignore local sudoers file"),
! 252: NULL,
! 253: }, {
! 254: "closefrom", T_INT,
! 255: N_("File descriptors >= %d will be closed before executing a command"),
! 256: NULL,
! 257: }, {
! 258: "closefrom_override", T_FLAG,
! 259: N_("If set, users may override the value of `closefrom' with the -C option"),
! 260: NULL,
! 261: }, {
! 262: "setenv", T_FLAG,
! 263: N_("Allow users to set arbitrary environment variables"),
! 264: NULL,
! 265: }, {
! 266: "env_reset", T_FLAG,
! 267: N_("Reset the environment to a default set of variables"),
! 268: NULL,
! 269: }, {
! 270: "env_check", T_LIST|T_BOOL,
! 271: N_("Environment variables to check for sanity:"),
! 272: NULL,
! 273: }, {
! 274: "env_delete", T_LIST|T_BOOL,
! 275: N_("Environment variables to remove:"),
! 276: NULL,
! 277: }, {
! 278: "env_keep", T_LIST|T_BOOL,
! 279: N_("Environment variables to preserve:"),
! 280: NULL,
! 281: }, {
! 282: "role", T_STR,
! 283: N_("SELinux role to use in the new security context: %s"),
! 284: NULL,
! 285: }, {
! 286: "type", T_STR,
! 287: N_("SELinux type to use in the new security context: %s"),
! 288: NULL,
! 289: }, {
! 290: "env_file", T_STR|T_PATH|T_BOOL,
! 291: N_("Path to the sudo-specific environment file: %s"),
! 292: NULL,
! 293: }, {
! 294: "sudoers_locale", T_STR,
! 295: N_("Locale to use while parsing sudoers: %s"),
! 296: NULL,
! 297: }, {
! 298: "visiblepw", T_FLAG,
! 299: N_("Allow sudo to prompt for a password even if it would be visisble"),
! 300: NULL,
! 301: }, {
! 302: "pwfeedback", T_FLAG,
! 303: N_("Provide visual feedback at the password prompt when there is user input"),
! 304: NULL,
! 305: }, {
! 306: "fast_glob", T_FLAG,
! 307: N_("Use faster globbing that is less accurate but does not access the filesystem"),
! 308: NULL,
! 309: }, {
! 310: "umask_override", T_FLAG,
! 311: N_("The umask specified in sudoers will override the user's, even if it is more permissive"),
! 312: NULL,
! 313: }, {
! 314: "log_input", T_FLAG,
! 315: N_("Log user's input for the command being run"),
! 316: NULL,
! 317: }, {
! 318: "log_output", T_FLAG,
! 319: N_("Log the output of the command being run"),
! 320: NULL,
! 321: }, {
! 322: "compress_io", T_FLAG,
! 323: N_("Compress I/O logs using zlib"),
! 324: NULL,
! 325: }, {
! 326: "use_pty", T_FLAG,
! 327: N_("Always run commands in a pseudo-tty"),
! 328: NULL,
! 329: }, {
! 330: "group_plugin", T_STR,
! 331: N_("Plugin for non-Unix group support"),
! 332: NULL,
! 333: }, {
! 334: "iolog_dir", T_STR|T_PATH,
! 335: N_("Directory in which to store input/output logs"),
! 336: NULL,
! 337: }, {
! 338: "iolog_file", T_STR,
! 339: N_("File in which to store the input/output log"),
! 340: NULL,
! 341: }, {
! 342: "set_utmp", T_FLAG,
! 343: N_("Add an entry to the utmp/utmpx file when allocating a pty"),
! 344: NULL,
! 345: }, {
! 346: "utmp_runas", T_FLAG,
! 347: N_("Set the user in utmp to the runas user, not the invoking user"),
! 348: NULL,
! 349: }, {
! 350: NULL, 0, NULL
! 351: }
! 352: };
FreeBSD-CVSweb <freebsd-cvsweb@FreeBSD.org>