+++ /dev/null
-#
-# Format:
-#
-# var_name
-# TYPE
-# description (or NULL)
-# array of struct def_values if TYPE == T_TUPLE
-#
-# NOTE: for tuples that can be used in a boolean context the first
-# value corresponds to boolean FALSE and the second to TRUE.
-#
-
-syslog
- T_LOGFAC|T_BOOL
- "Syslog facility if syslog is being used for logging: %s"
-syslog_goodpri
- T_LOGPRI
- "Syslog priority to use when user authenticates successfully: %s"
-syslog_badpri
- T_LOGPRI
- "Syslog priority to use when user authenticates unsuccessfully: %s"
-long_otp_prompt
- T_FLAG
- "Put OTP prompt on its own line"
-ignore_dot
- T_FLAG
- "Ignore '.' in $PATH"
-mail_always
- T_FLAG
- "Always send mail when sudo is run"
-mail_badpass
- T_FLAG
- "Send mail if user authentication fails"
-mail_no_user
- T_FLAG
- "Send mail if the user is not in sudoers"
-mail_no_host
- T_FLAG
- "Send mail if the user is not in sudoers for this host"
-mail_no_perms
- T_FLAG
- "Send mail if the user is not allowed to run a command"
-tty_tickets
- T_FLAG
- "Use a separate timestamp for each user/tty combo"
-lecture
- T_TUPLE|T_BOOL
- "Lecture user the first time they run sudo"
- never once always
-lecture_file
- T_STR|T_PATH|T_BOOL
- "File containing the sudo lecture: %s"
-authenticate
- T_FLAG
- "Require users to authenticate by default"
-root_sudo
- T_FLAG
- "Root may run sudo"
-log_host
- T_FLAG
- "Log the hostname in the (non-syslog) log file"
-log_year
- T_FLAG
- "Log the year in the (non-syslog) log file"
-shell_noargs
- T_FLAG
- "If sudo is invoked with no arguments, start a shell"
-set_home
- T_FLAG
- "Set $HOME to the target user when starting a shell with -s"
-always_set_home
- T_FLAG
- "Always set $HOME to the target user's home directory"
-path_info
- T_FLAG
- "Allow some information gathering to give useful error messages"
-fqdn
- T_FLAG
- "Require fully-qualified hostnames in the sudoers file"
-insults
- T_FLAG
- "Insult the user when they enter an incorrect password"
-requiretty
- T_FLAG
- "Only allow the user to run sudo if they have a tty"
-env_editor
- T_FLAG
- "Visudo will honor the EDITOR environment variable"
-rootpw
- T_FLAG
- "Prompt for root's password, not the users's"
-runaspw
- T_FLAG
- "Prompt for the runas_default user's password, not the users's"
-targetpw
- T_FLAG
- "Prompt for the target user's password, not the users's"
-use_loginclass
- T_FLAG
- "Apply defaults in the target user's login class if there is one"
-set_logname
- T_FLAG
- "Set the LOGNAME and USER environment variables"
-stay_setuid
- T_FLAG
- "Only set the effective uid to the target user, not the real uid"
-preserve_groups
- T_FLAG
- "Don't initialize the group vector to that of the target user"
-loglinelen
- T_UINT|T_BOOL
- "Length at which to wrap log file lines (0 for no wrap): %d"
-timestamp_timeout
- T_FLOAT|T_BOOL
- "Authentication timestamp timeout: %.1f minutes"
-passwd_timeout
- T_FLOAT|T_BOOL
- "Password prompt timeout: %.1f minutes"
-passwd_tries
- T_UINT
- "Number of tries to enter a password: %d"
-umask
- T_MODE|T_BOOL
- "Umask to use or 0777 to use user's: 0%o"
-logfile
- T_STR|T_BOOL|T_PATH
- "Path to log file: %s"
-mailerpath
- T_STR|T_BOOL|T_PATH
- "Path to mail program: %s"
-mailerflags
- T_STR|T_BOOL
- "Flags for mail program: %s"
-mailto
- T_STR|T_BOOL
- "Address to send mail to: %s"
-mailfrom
- T_STR|T_BOOL
- "Address to send mail from: %s"
-mailsub
- T_STR
- "Subject line for mail messages: %s"
-badpass_message
- T_STR
- "Incorrect password message: %s"
-timestampdir
- T_STR|T_PATH
- "Path to authentication timestamp dir: %s"
-timestampowner
- T_STR
- "Owner of the authentication timestamp dir: %s"
-exempt_group
- T_STR|T_BOOL
- "Users in this group are exempt from password and PATH requirements: %s"
-passprompt
- T_STR
- "Default password prompt: %s"
-passprompt_override
- T_FLAG
- "If set, passprompt will override system prompt in all cases."
-runas_default
- T_STR
- "Default user to run commands as: %s"
-secure_path
- T_STR|T_BOOL
- "Value to override user's $PATH with: %s"
-editor
- T_STR|T_PATH
- "Path to the editor for use by visudo: %s"
-listpw
- T_TUPLE|T_BOOL
- "When to require a password for 'list' pseudocommand: %s"
- never any all always
-verifypw
- T_TUPLE|T_BOOL
- "When to require a password for 'verify' pseudocommand: %s"
- never all any always
-noexec
- T_FLAG
- "Preload the dummy exec functions contained in 'noexec_file'"
-noexec_file
- T_STR|T_PATH
- "File containing dummy exec functions: %s"
-ignore_local_sudoers
- T_FLAG
- "If LDAP directory is up, do we ignore local sudoers file"
-closefrom
- T_INT
- "File descriptors >= %d will be closed before executing a command"
-closefrom_override
- T_FLAG
- "If set, users may override the value of `closefrom' with the -C option"
-setenv
- T_FLAG
- "Allow users to set arbitrary environment variables"
-env_reset
- T_FLAG
- "Reset the environment to a default set of variables"
-env_check
- T_LIST|T_BOOL
- "Environment variables to check for sanity:"
-env_delete
- T_LIST|T_BOOL
- "Environment variables to remove:"
-env_keep
- T_LIST|T_BOOL
- "Environment variables to preserve:"
-role
- T_STR
- "SELinux role to use in the new security context: %s"
-type
- T_STR
- "SELinux type to use in the new security context: %s"
-askpass
- T_STR|T_PATH|T_BOOL
- "Path to the askpass helper program: %s"
-env_file
- T_STR|T_PATH|T_BOOL
- "Path to the sudo-specific environment file: %s"
-sudoers_locale
- T_STR
- "Locale to use while parsing sudoers: %s"
-visiblepw
- T_FLAG
- "Allow sudo to prompt for a password even if it would be visisble"
-pwfeedback
- T_FLAG
- "Provide visual feedback at the password prompt when there is user input"
-fast_glob
- T_FLAG
- "Use faster globbing that is less accurate but does not access the filesystem"
-umask_override
- T_FLAG
- "The umask specified in sudoers will override the user's, even if it is more permissive"
-log_input
- T_FLAG
- "Log user's input for the command being run"
-log_output
- T_FLAG
- "Log the output of the command being run"
-compress_io
- T_FLAG
- "Compress I/O logs using zlib"
-use_pty
- T_FLAG
- "Always run commands in a pseudo-tty"