1: #
2: # Format:
3: #
4: # var_name
5: # TYPE
6: # description (or NULL)
7: # array of struct def_values if TYPE == T_TUPLE
8: #
9: # NOTE: for tuples that can be used in a boolean context the first
10: # value corresponds to boolean FALSE and the second to TRUE.
11: #
12:
13: syslog
14: T_LOGFAC|T_BOOL
15: "Syslog facility if syslog is being used for logging: %s"
16: syslog_goodpri
17: T_LOGPRI
18: "Syslog priority to use when user authenticates successfully: %s"
19: syslog_badpri
20: T_LOGPRI
21: "Syslog priority to use when user authenticates unsuccessfully: %s"
22: long_otp_prompt
23: T_FLAG
24: "Put OTP prompt on its own line"
25: ignore_dot
26: T_FLAG
27: "Ignore '.' in $PATH"
28: mail_always
29: T_FLAG
30: "Always send mail when sudo is run"
31: mail_badpass
32: T_FLAG
33: "Send mail if user authentication fails"
34: mail_no_user
35: T_FLAG
36: "Send mail if the user is not in sudoers"
37: mail_no_host
38: T_FLAG
39: "Send mail if the user is not in sudoers for this host"
40: mail_no_perms
41: T_FLAG
42: "Send mail if the user is not allowed to run a command"
43: tty_tickets
44: T_FLAG
45: "Use a separate timestamp for each user/tty combo"
46: lecture
47: T_TUPLE|T_BOOL
48: "Lecture user the first time they run sudo"
49: never once always
50: lecture_file
51: T_STR|T_PATH|T_BOOL
52: "File containing the sudo lecture: %s"
53: authenticate
54: T_FLAG
55: "Require users to authenticate by default"
56: root_sudo
57: T_FLAG
58: "Root may run sudo"
59: log_host
60: T_FLAG
61: "Log the hostname in the (non-syslog) log file"
62: log_year
63: T_FLAG
64: "Log the year in the (non-syslog) log file"
65: shell_noargs
66: T_FLAG
67: "If sudo is invoked with no arguments, start a shell"
68: set_home
69: T_FLAG
70: "Set $HOME to the target user when starting a shell with -s"
71: always_set_home
72: T_FLAG
73: "Always set $HOME to the target user's home directory"
74: path_info
75: T_FLAG
76: "Allow some information gathering to give useful error messages"
77: fqdn
78: T_FLAG
79: "Require fully-qualified hostnames in the sudoers file"
80: insults
81: T_FLAG
82: "Insult the user when they enter an incorrect password"
83: requiretty
84: T_FLAG
85: "Only allow the user to run sudo if they have a tty"
86: env_editor
87: T_FLAG
88: "Visudo will honor the EDITOR environment variable"
89: rootpw
90: T_FLAG
91: "Prompt for root's password, not the users's"
92: runaspw
93: T_FLAG
94: "Prompt for the runas_default user's password, not the users's"
95: targetpw
96: T_FLAG
97: "Prompt for the target user's password, not the users's"
98: use_loginclass
99: T_FLAG
100: "Apply defaults in the target user's login class if there is one"
101: set_logname
102: T_FLAG
103: "Set the LOGNAME and USER environment variables"
104: stay_setuid
105: T_FLAG
106: "Only set the effective uid to the target user, not the real uid"
107: preserve_groups
108: T_FLAG
109: "Don't initialize the group vector to that of the target user"
110: loglinelen
111: T_UINT|T_BOOL
112: "Length at which to wrap log file lines (0 for no wrap): %d"
113: timestamp_timeout
114: T_FLOAT|T_BOOL
115: "Authentication timestamp timeout: %.1f minutes"
116: passwd_timeout
117: T_FLOAT|T_BOOL
118: "Password prompt timeout: %.1f minutes"
119: passwd_tries
120: T_UINT
121: "Number of tries to enter a password: %d"
122: umask
123: T_MODE|T_BOOL
124: "Umask to use or 0777 to use user's: 0%o"
125: logfile
126: T_STR|T_BOOL|T_PATH
127: "Path to log file: %s"
128: mailerpath
129: T_STR|T_BOOL|T_PATH
130: "Path to mail program: %s"
131: mailerflags
132: T_STR|T_BOOL
133: "Flags for mail program: %s"
134: mailto
135: T_STR|T_BOOL
136: "Address to send mail to: %s"
137: mailfrom
138: T_STR|T_BOOL
139: "Address to send mail from: %s"
140: mailsub
141: T_STR
142: "Subject line for mail messages: %s"
143: badpass_message
144: T_STR
145: "Incorrect password message: %s"
146: timestampdir
147: T_STR|T_PATH
148: "Path to authentication timestamp dir: %s"
149: timestampowner
150: T_STR
151: "Owner of the authentication timestamp dir: %s"
152: exempt_group
153: T_STR|T_BOOL
154: "Users in this group are exempt from password and PATH requirements: %s"
155: passprompt
156: T_STR
157: "Default password prompt: %s"
158: passprompt_override
159: T_FLAG
160: "If set, passprompt will override system prompt in all cases."
161: runas_default
162: T_STR
163: "Default user to run commands as: %s"
164: secure_path
165: T_STR|T_BOOL
166: "Value to override user's $PATH with: %s"
167: editor
168: T_STR|T_PATH
169: "Path to the editor for use by visudo: %s"
170: listpw
171: T_TUPLE|T_BOOL
172: "When to require a password for 'list' pseudocommand: %s"
173: never any all always
174: verifypw
175: T_TUPLE|T_BOOL
176: "When to require a password for 'verify' pseudocommand: %s"
177: never all any always
178: noexec
179: T_FLAG
180: "Preload the dummy exec functions contained in the sudo_noexec library"
181: ignore_local_sudoers
182: T_FLAG
183: "If LDAP directory is up, do we ignore local sudoers file"
184: closefrom
185: T_INT
186: "File descriptors >= %d will be closed before executing a command"
187: closefrom_override
188: T_FLAG
189: "If set, users may override the value of `closefrom' with the -C option"
190: setenv
191: T_FLAG
192: "Allow users to set arbitrary environment variables"
193: env_reset
194: T_FLAG
195: "Reset the environment to a default set of variables"
196: env_check
197: T_LIST|T_BOOL
198: "Environment variables to check for sanity:"
199: env_delete
200: T_LIST|T_BOOL
201: "Environment variables to remove:"
202: env_keep
203: T_LIST|T_BOOL
204: "Environment variables to preserve:"
205: role
206: T_STR
207: "SELinux role to use in the new security context: %s"
208: type
209: T_STR
210: "SELinux type to use in the new security context: %s"
211: env_file
212: T_STR|T_PATH|T_BOOL
213: "Path to the sudo-specific environment file: %s"
214: sudoers_locale
215: T_STR
216: "Locale to use while parsing sudoers: %s"
217: visiblepw
218: T_FLAG
219: "Allow sudo to prompt for a password even if it would be visible"
220: pwfeedback
221: T_FLAG
222: "Provide visual feedback at the password prompt when there is user input"
223: fast_glob
224: T_FLAG
225: "Use faster globbing that is less accurate but does not access the filesystem"
226: umask_override
227: T_FLAG
228: "The umask specified in sudoers will override the user's, even if it is more permissive"
229: log_input
230: T_FLAG
231: "Log user's input for the command being run"
232: log_output
233: T_FLAG
234: "Log the output of the command being run"
235: compress_io
236: T_FLAG
237: "Compress I/O logs using zlib"
238: use_pty
239: T_FLAG
240: "Always run commands in a pseudo-tty"
241: group_plugin
242: T_STR
243: "Plugin for non-Unix group support: %s"
244: iolog_dir
245: T_STR|T_PATH
246: "Directory in which to store input/output logs: %s"
247: iolog_file
248: T_STR
249: "File in which to store the input/output log: %s"
250: set_utmp
251: T_FLAG
252: "Add an entry to the utmp/utmpx file when allocating a pty"
253: utmp_runas
254: T_FLAG
255: "Set the user in utmp to the runas user, not the invoking user"
256: privs
257: T_STR
258: "Set of permitted privileges"
259: limitprivs
260: T_STR
261: "Set of limit privileges"
262: exec_background
263: T_FLAG
264: "Run commands on a pty in the background"
265: pam_service
266: T_STR
267: "PAM service name to use"
268: pam_login_service
269: T_STR
270: "PAM service name to use for login shells"
271: pam_setcred
272: T_FLAG
273: "Attempt to establish PAM credentials for the target user"
274: pam_session
275: T_FLAG
276: "Create a new PAM session for the command to run in"
277: maxseq
278: T_UINT
279: "Maximum I/O log sequence number"
FreeBSD-CVSweb <freebsd-cvsweb@FreeBSD.org>
![[BACK]](/icons/cvsweb/back.gif){kind=icon}
Return to def_data.in CVS log ![[TXT]](/icons/cvsweb/text.gif){kind=icon}
![[DIR]](/icons/cvsweb/dir.gif){kind=icon}
Up to [ELWIX - Embedded LightWeight unIX -] / embedaddon / sudo / plugins / sudoers