Annotation of embedaddon/sudo/plugins/sudoers/def_data.in, revision 1.1.1.6
1.1 misho 1: #
2: # Format:
3: #
4: # var_name
5: # TYPE
6: # description (or NULL)
7: # array of struct def_values if TYPE == T_TUPLE
8: #
9: # NOTE: for tuples that can be used in a boolean context the first
10: # value corresponds to boolean FALSE and the second to TRUE.
11: #
12:
13: syslog
14: T_LOGFAC|T_BOOL
15: "Syslog facility if syslog is being used for logging: %s"
16: syslog_goodpri
17: T_LOGPRI
18: "Syslog priority to use when user authenticates successfully: %s"
19: syslog_badpri
20: T_LOGPRI
21: "Syslog priority to use when user authenticates unsuccessfully: %s"
22: long_otp_prompt
23: T_FLAG
24: "Put OTP prompt on its own line"
25: ignore_dot
26: T_FLAG
27: "Ignore '.' in $PATH"
28: mail_always
29: T_FLAG
30: "Always send mail when sudo is run"
31: mail_badpass
32: T_FLAG
33: "Send mail if user authentication fails"
34: mail_no_user
35: T_FLAG
36: "Send mail if the user is not in sudoers"
37: mail_no_host
38: T_FLAG
39: "Send mail if the user is not in sudoers for this host"
40: mail_no_perms
41: T_FLAG
42: "Send mail if the user is not allowed to run a command"
43: tty_tickets
44: T_FLAG
45: "Use a separate timestamp for each user/tty combo"
46: lecture
47: T_TUPLE|T_BOOL
48: "Lecture user the first time they run sudo"
49: never once always
50: lecture_file
51: T_STR|T_PATH|T_BOOL
52: "File containing the sudo lecture: %s"
53: authenticate
54: T_FLAG
55: "Require users to authenticate by default"
56: root_sudo
57: T_FLAG
58: "Root may run sudo"
59: log_host
60: T_FLAG
61: "Log the hostname in the (non-syslog) log file"
62: log_year
63: T_FLAG
64: "Log the year in the (non-syslog) log file"
65: shell_noargs
66: T_FLAG
67: "If sudo is invoked with no arguments, start a shell"
68: set_home
69: T_FLAG
70: "Set $HOME to the target user when starting a shell with -s"
71: always_set_home
72: T_FLAG
73: "Always set $HOME to the target user's home directory"
74: path_info
75: T_FLAG
76: "Allow some information gathering to give useful error messages"
77: fqdn
78: T_FLAG
79: "Require fully-qualified hostnames in the sudoers file"
80: insults
81: T_FLAG
82: "Insult the user when they enter an incorrect password"
83: requiretty
84: T_FLAG
85: "Only allow the user to run sudo if they have a tty"
86: env_editor
87: T_FLAG
88: "Visudo will honor the EDITOR environment variable"
89: rootpw
90: T_FLAG
91: "Prompt for root's password, not the users's"
92: runaspw
93: T_FLAG
94: "Prompt for the runas_default user's password, not the users's"
95: targetpw
96: T_FLAG
97: "Prompt for the target user's password, not the users's"
98: use_loginclass
99: T_FLAG
100: "Apply defaults in the target user's login class if there is one"
101: set_logname
102: T_FLAG
103: "Set the LOGNAME and USER environment variables"
104: stay_setuid
105: T_FLAG
106: "Only set the effective uid to the target user, not the real uid"
107: preserve_groups
108: T_FLAG
109: "Don't initialize the group vector to that of the target user"
110: loglinelen
111: T_UINT|T_BOOL
1.1.1.6 ! misho 112: "Length at which to wrap log file lines (0 for no wrap): %u"
1.1 misho 113: timestamp_timeout
114: T_FLOAT|T_BOOL
115: "Authentication timestamp timeout: %.1f minutes"
116: passwd_timeout
117: T_FLOAT|T_BOOL
118: "Password prompt timeout: %.1f minutes"
119: passwd_tries
120: T_UINT
1.1.1.6 ! misho 121: "Number of tries to enter a password: %u"
1.1 misho 122: umask
123: T_MODE|T_BOOL
124: "Umask to use or 0777 to use user's: 0%o"
125: logfile
126: T_STR|T_BOOL|T_PATH
127: "Path to log file: %s"
128: mailerpath
129: T_STR|T_BOOL|T_PATH
130: "Path to mail program: %s"
131: mailerflags
132: T_STR|T_BOOL
133: "Flags for mail program: %s"
134: mailto
135: T_STR|T_BOOL
136: "Address to send mail to: %s"
137: mailfrom
138: T_STR|T_BOOL
139: "Address to send mail from: %s"
140: mailsub
141: T_STR
142: "Subject line for mail messages: %s"
143: badpass_message
144: T_STR
145: "Incorrect password message: %s"
1.1.1.6 ! misho 146: lecture_status_dir
! 147: T_STR|T_PATH
! 148: "Path to lecture status dir: %s"
1.1 misho 149: timestampdir
150: T_STR|T_PATH
151: "Path to authentication timestamp dir: %s"
152: timestampowner
153: T_STR
154: "Owner of the authentication timestamp dir: %s"
155: exempt_group
156: T_STR|T_BOOL
157: "Users in this group are exempt from password and PATH requirements: %s"
158: passprompt
159: T_STR
160: "Default password prompt: %s"
161: passprompt_override
162: T_FLAG
163: "If set, passprompt will override system prompt in all cases."
164: runas_default
165: T_STR
166: "Default user to run commands as: %s"
167: secure_path
168: T_STR|T_BOOL
169: "Value to override user's $PATH with: %s"
170: editor
171: T_STR|T_PATH
172: "Path to the editor for use by visudo: %s"
173: listpw
174: T_TUPLE|T_BOOL
175: "When to require a password for 'list' pseudocommand: %s"
176: never any all always
177: verifypw
178: T_TUPLE|T_BOOL
179: "When to require a password for 'verify' pseudocommand: %s"
180: never all any always
181: noexec
182: T_FLAG
1.1.1.2 misho 183: "Preload the dummy exec functions contained in the sudo_noexec library"
1.1 misho 184: ignore_local_sudoers
185: T_FLAG
186: "If LDAP directory is up, do we ignore local sudoers file"
187: closefrom
188: T_INT
189: "File descriptors >= %d will be closed before executing a command"
190: closefrom_override
191: T_FLAG
192: "If set, users may override the value of `closefrom' with the -C option"
193: setenv
194: T_FLAG
195: "Allow users to set arbitrary environment variables"
196: env_reset
197: T_FLAG
198: "Reset the environment to a default set of variables"
199: env_check
200: T_LIST|T_BOOL
201: "Environment variables to check for sanity:"
202: env_delete
203: T_LIST|T_BOOL
204: "Environment variables to remove:"
205: env_keep
206: T_LIST|T_BOOL
207: "Environment variables to preserve:"
208: role
209: T_STR
210: "SELinux role to use in the new security context: %s"
211: type
212: T_STR
213: "SELinux type to use in the new security context: %s"
214: env_file
215: T_STR|T_PATH|T_BOOL
216: "Path to the sudo-specific environment file: %s"
217: sudoers_locale
218: T_STR
219: "Locale to use while parsing sudoers: %s"
220: visiblepw
221: T_FLAG
1.1.1.2 misho 222: "Allow sudo to prompt for a password even if it would be visible"
1.1 misho 223: pwfeedback
224: T_FLAG
225: "Provide visual feedback at the password prompt when there is user input"
226: fast_glob
227: T_FLAG
228: "Use faster globbing that is less accurate but does not access the filesystem"
229: umask_override
230: T_FLAG
231: "The umask specified in sudoers will override the user's, even if it is more permissive"
232: log_input
233: T_FLAG
234: "Log user's input for the command being run"
235: log_output
236: T_FLAG
237: "Log the output of the command being run"
238: compress_io
239: T_FLAG
240: "Compress I/O logs using zlib"
241: use_pty
242: T_FLAG
243: "Always run commands in a pseudo-tty"
244: group_plugin
245: T_STR
1.1.1.2 misho 246: "Plugin for non-Unix group support: %s"
1.1 misho 247: iolog_dir
248: T_STR|T_PATH
1.1.1.2 misho 249: "Directory in which to store input/output logs: %s"
1.1 misho 250: iolog_file
251: T_STR
1.1.1.2 misho 252: "File in which to store the input/output log: %s"
1.1 misho 253: set_utmp
254: T_FLAG
255: "Add an entry to the utmp/utmpx file when allocating a pty"
256: utmp_runas
257: T_FLAG
258: "Set the user in utmp to the runas user, not the invoking user"
1.1.1.3 misho 259: privs
260: T_STR
261: "Set of permitted privileges"
262: limitprivs
263: T_STR
264: "Set of limit privileges"
1.1.1.4 misho 265: exec_background
266: T_FLAG
267: "Run commands on a pty in the background"
1.1.1.5 misho 268: pam_service
269: T_STR
270: "PAM service name to use"
271: pam_login_service
272: T_STR
273: "PAM service name to use for login shells"
274: pam_setcred
275: T_FLAG
276: "Attempt to establish PAM credentials for the target user"
1.1.1.4 misho 277: pam_session
278: T_FLAG
279: "Create a new PAM session for the command to run in"
280: maxseq
281: T_UINT
1.1.1.6 ! misho 282: "Maximum I/O log sequence number: %u"
! 283: use_netgroups
! 284: T_FLAG
! 285: "Enable sudoers netgroup support"
FreeBSD-CVSweb <freebsd-cvsweb@FreeBSD.org>