- rootpw If set, s\bsu\bud\bdo\bo will prompt for the root password
- instead of the password of the invoking user.
- This flag is _\bo_\bf_\bf by default.
-
- runaspw If set, s\bsu\bud\bdo\bo will prompt for the password of
- the user defined by the _\br_\bu_\bn_\ba_\bs_\b__\bd_\be_\bf_\ba_\bu_\bl_\bt option
- (defaults to root) instead of the password of
- the invoking user. This flag is _\bo_\bf_\bf by
- default.
-
- targetpw If set, s\bsu\bud\bdo\bo will prompt for the password of
- the user specified by the -\b-u\bu flag (defaults to
- root) instead of the password of the invoking
- user. Note that this precludes the use of a
- uid not listed in the passwd database as an
- argument to the -\b-u\bu flag. This flag is _\bo_\bf_\bf by
- default.
-
- set_logname Normally, s\bsu\bud\bdo\bo will set the LOGNAME and USER
- environment variables to the name of the tar
- get user (usually root unless the -\b-u\bu flag is
- given). However, since some programs (includ
- ing the RCS revision control system) use LOG
- NAME to determine the real identity of the
- user, it may be desirable to change this
- behavior. This can be done by negating the
- set_logname option.
-
- stay_setuid Normally, when s\bsu\bud\bdo\bo executes a command the
- real and effective UIDs are set to the target
- user (root by default). This option changes
- that behavior such that the real UID is left
- as the invoking user's UID. In other words,
- this makes s\bsu\bud\bdo\bo act as a setuid wrapper. This
- can be useful on systems that disable some
- potentially dangerous functionality when a
- program is run setuid. Note, however, that
- this means that sudo will run with the real
- uid of the invoking user which may allow that
- user to kill s\bsu\bud\bdo\bo before it can log a failure,
- depending on how your OS defines the interac
- tion between signals and setuid processes.
-
- env_reset If set, s\bsu\bud\bdo\bo will reset the environment to
- only contain the following variables: HOME,
- LOGNAME, PATH, SHELL, TERM, and USER (in addi
- tion to the SUDO_* variables). Of these, only
- TERM is copied unaltered from the old environ
- ment. The other variables are set to default
- values (possibly modified by the value of the
- _\bs_\be_\bt_\b__\bl_\bo_\bg_\bn_\ba_\bm_\be option). If s\bsu\bud\bdo\bo was compiled
- with the SECURE_PATH option, its value will be
- used for the PATH environment variable. Other
- variables may be preserved with the _\be_\bn_\bv_\b__\bk_\be_\be_\bp
-
-
-
-1.6.8p9 June, 20 2005 8