# description (or NULL)
# array of struct def_values if TYPE == T_TUPLE
#
+# NOTE: for tuples that can be used in a boolean context the first
+# value corresponds to boolean FALSE and the second to TRUE.
+#
syslog
T_LOGFAC|T_BOOL
stay_setuid
T_FLAG
"Only set the effective uid to the target user, not the real uid"
-env_reset
- T_FLAG
- "Reset the environment to a default set of variables"
preserve_groups
T_FLAG
"Don't initialize the group vector to that of the target user"
T_UINT|T_BOOL
"Length at which to wrap log file lines (0 for no wrap): %d"
timestamp_timeout
- T_INT|T_BOOL
- "Authentication timestamp timeout: %d minutes"
+ T_FLOAT|T_BOOL
+ "Authentication timestamp timeout: %.1f minutes"
passwd_timeout
- T_UINT|T_BOOL
- "Password prompt timeout: %d minutes"
+ T_FLOAT|T_BOOL
+ "Password prompt timeout: %.1f minutes"
passwd_tries
T_UINT
"Number of tries to enter a password: %d"
mailto
T_STR|T_BOOL
"Address to send mail to: %s"
+mailfrom
+ T_STR|T_BOOL
+ "Address to send mail from: %s"
mailsub
T_STR
"Subject line for mail messages: %s"
passprompt
T_STR
"Default password prompt: %s"
+passprompt_override
+ T_FLAG
+ "If set, passprompt will override system prompt in all cases."
runas_default
T_STR
"Default user to run commands as: %s"
- *set_runaspw
+secure_path
+ T_STR|T_BOOL
+ "Value to override user's $PATH with: %s"
editor
T_STR|T_PATH
"Path to the editor for use by visudo: %s"
noexec_file
T_STR|T_PATH
"File containing dummy exec functions: %s"
+ignore_local_sudoers
+ T_FLAG
+ "If LDAP directory is up, do we ignore local sudoers file"
+closefrom
+ T_INT
+ "File descriptors >= %d will be closed before executing a command"
+closefrom_override
+ T_FLAG
+ "If set, users may override the value of `closefrom' with the -C option"
+setenv
+ T_FLAG
+ "Allow users to set arbitrary environment variables"
+env_reset
+ T_FLAG
+ "Reset the environment to a default set of variables"
env_check
T_LIST|T_BOOL
"Environment variables to check for sanity:"
env_keep
T_LIST|T_BOOL
"Environment variables to preserve:"
-ignore_local_sudoers
+role
+ T_STR
+ "SELinux role to use in the new security context: %s"
+type
+ T_STR
+ "SELinux type to use in the new security context: %s"
+askpass
+ T_STR|T_PATH|T_BOOL
+ "Path to the askpass helper program: %s"
+env_file
+ T_STR|T_PATH|T_BOOL
+ "Path to the sudo-specific environment file: %s"
+sudoers_locale
+ T_STR
+ "Locale to use while parsing sudoers: %s"
+visiblepw
T_FLAG
- "If LDAP directory is up, do we ignore local sudoers file"
+ "Allow sudo to prompt for a password even if it would be visisble"
+pwfeedback
+ T_FLAG
+ "Provide visual feedback at the password prompt when there is user input"
+fast_glob
+ T_FLAG
+ "Use faster globbing that is less accurate but does not access the filesystem"
+umask_override
+ T_FLAG
+ "The umask specified in sudoers will override the user's, even if it is more permissive"
+log_input
+ T_FLAG
+ "Log user's input for the command being run"
+log_output
+ T_FLAG
+ "Log the output of the command being run"
+compress_io
+ T_FLAG
+ "Compress I/O logs using zlib"
+use_pty
+ T_FLAG
+ "Always run commands in a pseudo-tty"
projects / debian / sudo / blobdiff