"stay_setuid", T_FLAG,
"Only set the effective uid to the target user, not the real uid",
NULL,
- }, {
- "env_reset", T_FLAG,
- "Reset the environment to a default set of variables",
- NULL,
}, {
"preserve_groups", T_FLAG,
"Don't initialize the group vector to that of the target user",
"Length at which to wrap log file lines (0 for no wrap): %d",
NULL,
}, {
- "timestamp_timeout", T_INT|T_BOOL,
- "Authentication timestamp timeout: %d minutes",
+ "timestamp_timeout", T_FLOAT|T_BOOL,
+ "Authentication timestamp timeout: %.1f minutes",
NULL,
}, {
- "passwd_timeout", T_UINT|T_BOOL,
- "Password prompt timeout: %d minutes",
+ "passwd_timeout", T_FLOAT|T_BOOL,
+ "Password prompt timeout: %.1f minutes",
NULL,
}, {
"passwd_tries", T_UINT,
"mailto", T_STR|T_BOOL,
"Address to send mail to: %s",
NULL,
+ }, {
+ "mailfrom", T_STR|T_BOOL,
+ "Address to send mail from: %s",
+ NULL,
}, {
"mailsub", T_STR,
"Subject line for mail messages: %s",
"passprompt", T_STR,
"Default password prompt: %s",
NULL,
+ }, {
+ "passprompt_override", T_FLAG,
+ "If set, passprompt will override system prompt in all cases.",
+ NULL,
}, {
"runas_default", T_STR,
"Default user to run commands as: %s",
NULL,
- set_runaspw,
+ }, {
+ "secure_path", T_STR|T_BOOL,
+ "Value to override user's $PATH with: %s",
+ NULL,
}, {
"editor", T_STR|T_PATH,
"Path to the editor for use by visudo: %s",
"noexec_file", T_STR|T_PATH,
"File containing dummy exec functions: %s",
NULL,
+ }, {
+ "ignore_local_sudoers", T_FLAG,
+ "If LDAP directory is up, do we ignore local sudoers file",
+ NULL,
+ }, {
+ "closefrom", T_INT,
+ "File descriptors >= %d will be closed before executing a command",
+ NULL,
+ }, {
+ "closefrom_override", T_FLAG,
+ "If set, users may override the value of `closefrom' with the -C option",
+ NULL,
+ }, {
+ "setenv", T_FLAG,
+ "Allow users to set arbitrary environment variables",
+ NULL,
+ }, {
+ "env_reset", T_FLAG,
+ "Reset the environment to a default set of variables",
+ NULL,
}, {
"env_check", T_LIST|T_BOOL,
"Environment variables to check for sanity:",
"Environment variables to preserve:",
NULL,
}, {
- "ignore_local_sudoers", T_FLAG,
- "If LDAP directory is up, do we ignore local sudoers file",
+ "role", T_STR,
+ "SELinux role to use in the new security context: %s",
+ NULL,
+ }, {
+ "type", T_STR,
+ "SELinux type to use in the new security context: %s",
+ NULL,
+ }, {
+ "askpass", T_STR|T_PATH|T_BOOL,
+ "Path to the askpass helper program: %s",
+ NULL,
+ }, {
+ "env_file", T_STR|T_PATH|T_BOOL,
+ "Path to the sudo-specific environment file: %s",
+ NULL,
+ }, {
+ "sudoers_locale", T_STR,
+ "Locale to use while parsing sudoers: %s",
+ NULL,
+ }, {
+ "visiblepw", T_FLAG,
+ "Allow sudo to prompt for a password even if it would be visisble",
+ NULL,
+ }, {
+ "pwfeedback", T_FLAG,
+ "Provide visual feedback at the password prompt when there is user input",
+ NULL,
+ }, {
+ "fast_glob", T_FLAG,
+ "Use faster globbing that is less accurate but does not access the filesystem",
+ NULL,
+ }, {
+ "umask_override", T_FLAG,
+ "The umask specified in sudoers will override the user's, even if it is more permissive",
+ NULL,
+ }, {
+ "log_input", T_FLAG,
+ "Log user's input for the command being run",
+ NULL,
+ }, {
+ "log_output", T_FLAG,
+ "Log the output of the command being run",
+ NULL,
+ }, {
+ "compress_io", T_FLAG,
+ "Compress I/O logs using zlib",
+ NULL,
+ }, {
+ "use_pty", T_FLAG,
+ "Always run commands in a pseudo-tty",
NULL,
}, {
NULL, 0, NULL