1 static struct def_values def_data_lecture[] = {
8 static struct def_values def_data_listpw[] = {
16 static struct def_values def_data_verifypw[] = {
24 struct sudo_defs_types sudo_defs_table[] = {
26 "syslog", T_LOGFAC|T_BOOL,
27 N_("Syslog facility if syslog is being used for logging: %s"),
30 "syslog_goodpri", T_LOGPRI,
31 N_("Syslog priority to use when user authenticates successfully: %s"),
34 "syslog_badpri", T_LOGPRI,
35 N_("Syslog priority to use when user authenticates unsuccessfully: %s"),
38 "long_otp_prompt", T_FLAG,
39 N_("Put OTP prompt on its own line"),
43 N_("Ignore '.' in $PATH"),
46 "mail_always", T_FLAG,
47 N_("Always send mail when sudo is run"),
50 "mail_badpass", T_FLAG,
51 N_("Send mail if user authentication fails"),
54 "mail_no_user", T_FLAG,
55 N_("Send mail if the user is not in sudoers"),
58 "mail_no_host", T_FLAG,
59 N_("Send mail if the user is not in sudoers for this host"),
62 "mail_no_perms", T_FLAG,
63 N_("Send mail if the user is not allowed to run a command"),
66 "tty_tickets", T_FLAG,
67 N_("Use a separate timestamp for each user/tty combo"),
70 "lecture", T_TUPLE|T_BOOL,
71 N_("Lecture user the first time they run sudo"),
74 "lecture_file", T_STR|T_PATH|T_BOOL,
75 N_("File containing the sudo lecture: %s"),
78 "authenticate", T_FLAG,
79 N_("Require users to authenticate by default"),
83 N_("Root may run sudo"),
87 N_("Log the hostname in the (non-syslog) log file"),
91 N_("Log the year in the (non-syslog) log file"),
94 "shell_noargs", T_FLAG,
95 N_("If sudo is invoked with no arguments, start a shell"),
99 N_("Set $HOME to the target user when starting a shell with -s"),
102 "always_set_home", T_FLAG,
103 N_("Always set $HOME to the target user's home directory"),
107 N_("Allow some information gathering to give useful error messages"),
111 N_("Require fully-qualified hostnames in the sudoers file"),
115 N_("Insult the user when they enter an incorrect password"),
118 "requiretty", T_FLAG,
119 N_("Only allow the user to run sudo if they have a tty"),
122 "env_editor", T_FLAG,
123 N_("Visudo will honor the EDITOR environment variable"),
127 N_("Prompt for root's password, not the users's"),
131 N_("Prompt for the runas_default user's password, not the users's"),
135 N_("Prompt for the target user's password, not the users's"),
138 "use_loginclass", T_FLAG,
139 N_("Apply defaults in the target user's login class if there is one"),
142 "set_logname", T_FLAG,
143 N_("Set the LOGNAME and USER environment variables"),
146 "stay_setuid", T_FLAG,
147 N_("Only set the effective uid to the target user, not the real uid"),
150 "preserve_groups", T_FLAG,
151 N_("Don't initialize the group vector to that of the target user"),
154 "loglinelen", T_UINT|T_BOOL,
155 N_("Length at which to wrap log file lines (0 for no wrap): %d"),
158 "timestamp_timeout", T_FLOAT|T_BOOL,
159 N_("Authentication timestamp timeout: %.1f minutes"),
162 "passwd_timeout", T_FLOAT|T_BOOL,
163 N_("Password prompt timeout: %.1f minutes"),
166 "passwd_tries", T_UINT,
167 N_("Number of tries to enter a password: %d"),
170 "umask", T_MODE|T_BOOL,
171 N_("Umask to use or 0777 to use user's: 0%o"),
174 "logfile", T_STR|T_BOOL|T_PATH,
175 N_("Path to log file: %s"),
178 "mailerpath", T_STR|T_BOOL|T_PATH,
179 N_("Path to mail program: %s"),
182 "mailerflags", T_STR|T_BOOL,
183 N_("Flags for mail program: %s"),
186 "mailto", T_STR|T_BOOL,
187 N_("Address to send mail to: %s"),
190 "mailfrom", T_STR|T_BOOL,
191 N_("Address to send mail from: %s"),
195 N_("Subject line for mail messages: %s"),
198 "badpass_message", T_STR,
199 N_("Incorrect password message: %s"),
202 "timestampdir", T_STR|T_PATH,
203 N_("Path to authentication timestamp dir: %s"),
206 "timestampowner", T_STR,
207 N_("Owner of the authentication timestamp dir: %s"),
210 "exempt_group", T_STR|T_BOOL,
211 N_("Users in this group are exempt from password and PATH requirements: %s"),
215 N_("Default password prompt: %s"),
218 "passprompt_override", T_FLAG,
219 N_("If set, passprompt will override system prompt in all cases."),
222 "runas_default", T_STR,
223 N_("Default user to run commands as: %s"),
226 "secure_path", T_STR|T_BOOL,
227 N_("Value to override user's $PATH with: %s"),
230 "editor", T_STR|T_PATH,
231 N_("Path to the editor for use by visudo: %s"),
234 "listpw", T_TUPLE|T_BOOL,
235 N_("When to require a password for 'list' pseudocommand: %s"),
238 "verifypw", T_TUPLE|T_BOOL,
239 N_("When to require a password for 'verify' pseudocommand: %s"),
243 N_("Preload the dummy exec functions contained in 'noexec_file'"),
246 "noexec_file", T_STR|T_PATH,
247 N_("File containing dummy exec functions: %s"),
250 "ignore_local_sudoers", T_FLAG,
251 N_("If LDAP directory is up, do we ignore local sudoers file"),
255 N_("File descriptors >= %d will be closed before executing a command"),
258 "closefrom_override", T_FLAG,
259 N_("If set, users may override the value of `closefrom' with the -C option"),
263 N_("Allow users to set arbitrary environment variables"),
267 N_("Reset the environment to a default set of variables"),
270 "env_check", T_LIST|T_BOOL,
271 N_("Environment variables to check for sanity:"),
274 "env_delete", T_LIST|T_BOOL,
275 N_("Environment variables to remove:"),
278 "env_keep", T_LIST|T_BOOL,
279 N_("Environment variables to preserve:"),
283 N_("SELinux role to use in the new security context: %s"),
287 N_("SELinux type to use in the new security context: %s"),
290 "env_file", T_STR|T_PATH|T_BOOL,
291 N_("Path to the sudo-specific environment file: %s"),
294 "sudoers_locale", T_STR,
295 N_("Locale to use while parsing sudoers: %s"),
299 N_("Allow sudo to prompt for a password even if it would be visisble"),
302 "pwfeedback", T_FLAG,
303 N_("Provide visual feedback at the password prompt when there is user input"),
307 N_("Use faster globbing that is less accurate but does not access the filesystem"),
310 "umask_override", T_FLAG,
311 N_("The umask specified in sudoers will override the user's, even if it is more permissive"),
315 N_("Log user's input for the command being run"),
318 "log_output", T_FLAG,
319 N_("Log the output of the command being run"),
322 "compress_io", T_FLAG,
323 N_("Compress I/O logs using zlib"),
327 N_("Always run commands in a pseudo-tty"),
330 "group_plugin", T_STR,
331 N_("Plugin for non-Unix group support"),
334 "iolog_dir", T_STR|T_PATH,
335 N_("Directory in which to store input/output logs"),
339 N_("File in which to store the input/output log"),
343 N_("Add an entry to the utmp/utmpx file when allocating a pty"),
346 "utmp_runas", T_FLAG,
347 N_("Set the user in utmp to the runas user, not the invoking user"),