1 The version of sudo that ships with Debian by default resets the
2 environment, as described by the "env_reset" flag in the sudoers file.
4 This implies that all environment variables are removed, except for
5 LOGNAME, PATH, SHELL, TERM, DISPLAY, XAUTHORITY, XAUTHORIZATION, XAPPLRESDIR,
6 XFILESEARCHPATH, XUSERFILESEARCHPATH, LANG, LANGUAGE, LC_*, and USER.
8 In case you want sudo to preserve more environment variables, you must
9 specify the env_keep variable in the sudoers file. You should edit the
10 sudoers file using the visudo tool.
13 Preserve the default variables plus the EDITOR variable:
15 Defaults env_keep+="EDITOR"
17 Preserve the default variables plus all variables starting with LC_:
19 Defaults env_keep+="LC_*"
23 If you're using the sudo-ldap package, note that it is now configured to
24 look for /etc/sudo-ldap.conf. Depending on your system configuration, it
25 probably makes sense for this to be a symlink to /etc/ldap.conf, or perhaps
26 to /etc/libnss-ldap.conf or /etc/pam_ldap.conf. By default, no symlink or
27 file is provided, you'll need to decide what to do and create a suitable
28 file before sudo-ldap will work.
32 As of version 1.7, sudo-ldap now requires the LDAP source to be specified
33 in /etc/nsswitch.conf with a line like:
39 See the file OPTIONS in this directory for more information on the sudo
40 build options used in building the Debian package.
44 If you're having trouble grasping the fundamental idea of what sudo is all
45 about, here's a succinct and humorous take on it...
47 http://www.xkcd.com/c149.html