# Cmnd alias specification
##
Cmnd_Alias DUMPS = /usr/sbin/dump, /usr/sbin/rdump, /usr/sbin/restore, \
- /usr/sbin/rrestore, /bin/mt
-Cmnd_Alias KILL = /bin/kill
+ /usr/sbin/rrestore, /usr/bin/mt
+Cmnd_Alias KILL = /usr/bin/kill
Cmnd_Alias PRINTING = /usr/sbin/lpc, /usr/bin/lprm
Cmnd_Alias SHUTDOWN = /usr/sbin/shutdown
Cmnd_Alias HALT = /usr/sbin/halt
sudoedit /etc/printcap, /usr/oper/bin/
# joe may su only to operator
-joe ALL = /bin/su operator
+joe ALL = /usr/bin/su operator
# pete may change passwords for anyone but root on the hp snakes
pete HPPA = /usr/bin/passwd [A-Za-z]*, !/usr/bin/passwd root
# users in the secretaries netgroup need to help manage the printers
# as well as add and remove users
-+secretaries ALL = PRINTING, /usr/sbin/adduser, /usr/bin/rmuser
++secretaries ALL = PRINTING, /usr/bin/adduser, /usr/bin/rmuser
# fred can run commands as oracle or sybase without a password
fred ALL = (DB) NOPASSWD: ALL
# on the alphas, john may su to anyone but root and flags are not allowed
-john ALPHA = /bin/su [!-]*, !/bin/su *root*
+john ALPHA = /usr/bin/su [!-]*, !/usr/bin/su *root*
# jen can run anything on all machines except the ones
# in the "SERVERS" Host_Alias
To prevent command spoofing, \fBsudo\fR checks \*(L".\*(R" and "" (both denoting
current directory) last when searching for a command in the user's
\&\s-1PATH\s0 (if one or both are in the \s-1PATH\s0). Note, however, that the
-\&\f(CW\*(C`PATH\*(C'\fR environment variable is further modified in Debian because of
-the use of the \fI\s-1SECURE_PATH\s0\fR build option.
+actual \f(CW\*(C`PATH\*(C'\fR environment variable is \fInot\fR modified and is passed
+unchanged to the program that \fBsudo\fR executes.
.PP
\&\fBsudo\fR will check the ownership of its timestamp directory
(\fI@timedir@\fR by default) and ignore the directory's contents if
\&\fIgrep\fR\|(1), \fIsu\fR\|(1), \fIstat\fR\|(2),
@LCMAN@\&\fIlogin_cap\fR\|(3),
\&\fIpasswd\fR\|(@mansectform@), \fIsudoers\fR\|(5), \fIvisudo\fR\|(@mansectsu@)
-.PP
-The file /usr/share/doc/sudo/OPTIONS describes the options used for building
-the Debian version of sudo, some of which change default behaviors documented
-elsewhere in this document.
.SH "AUTHORS"
.IX Header "AUTHORS"
Many people have worked on \fBsudo\fR over the years; this
.IP "passprompt_override" 16
.IX Item "passprompt_override"
The password prompt specified by \fIpassprompt\fR will normally only
-be used if the password prompt provided by systems such as \s-1PAM\s0 matches
+be used if the passwod prompt provided by systems such as \s-1PAM\s0 matches
the string \*(L"Password:\*(R". If \fIpassprompt_override\fR is set, \fIpassprompt\fR
will always be used. This flag is \fIoff\fR by default.
.IP "preserve_groups" 16
.el .IP "\f(CW%u\fR" 4
.IX Item "%u"
expanded to the invoking user's login name
-.ie n .IP "%p" 4
-.el .IP "\f(CW%p\fR" 4
-.IX Item "%p"
-expanded to the user whose password is asked for (respects the presence of the
-rootpw, targetpw or runaspw options in the configuration)
-
.ie n .IP "\*(C`%%\*(C'" 4
.el .IP "\f(CW\*(C`%%\*(C'\fR" 4
.IX Item "%%"
projects / debian / sudo / commitdiff