.\" Agency (DARPA) and Air Force Research Laboratory, Air Force
.\" Materiel Command, USAF, under agreement number F39502-99-1-0512.
.\"
-.\" $Sudo: visudo.man.in,v 1.20.2.13 2007/11/02 19:15:16 millert Exp $
+.\" $Sudo: visudo.man.in,v 1.20.2.20 2008/03/23 19:43:51 millert Exp $
.\" Automatically generated by Pod::Man v1.37, Pod::Parser v1.32
.\"
.\" Standard preamble:
.\" ========================================================================
.\"
.IX Title "VISUDO @mansectsu@"
-.TH VISUDO @mansectsu@ "November 2, 2007" "1.6.9p8" "MAINTENANCE COMMANDS"
+.TH VISUDO @mansectsu@ "March 23, 2008" "1.6.9p15" "MAINTENANCE COMMANDS"
.SH "NAME"
visudo \- edit the sudoers file
.SH "SYNOPSIS"
.PP
There is a hard-coded list of editors that \fBvisudo\fR will use set
at compile-time that may be overridden via the \fIeditor\fR \fIsudoers\fR
-\&\f(CW\*(C`Default\*(C'\fR variable. This list defaults to the path to \fIvi\fR\|(1) on
-your system, as determined by the \fIconfigure\fR script. Normally,
-\&\fBvisudo\fR does not honor the \f(CW\*(C`VISUAL\*(C'\fR or \f(CW\*(C`EDITOR\*(C'\fR environment
+\&\f(CW\*(C`Default\*(C'\fR variable.
+On Debian systems, this list defaults to /usr/bin/editor, which is meant to
+be a system-wide default editor chosen through the alternatives system.
+Normally, \&\fBvisudo\fR does not honor the \f(CW\*(C`VISUAL\*(C'\fR or
+\f(CW\*(C`EDITOR\*(C'\fR environment
variables unless they contain an editor in the aforementioned editors
list. However, if \fBvisudo\fR is configured with the \fI\-\-with\-enveditor\fR
flag or the \fIenv_editor\fR \f(CW\*(C`Default\*(C'\fR variable is set in \fIsudoers\fR,
\&\fBvisudo\fR will use any the editor defines by \f(CW\*(C`VISUAL\*(C'\fR or \f(CW\*(C`EDITOR\*(C'\fR.
Note that this can be a security hole since it allows the user to
execute any program they wish simply by setting \f(CW\*(C`VISUAL\*(C'\fR or \f(CW\*(C`EDITOR\*(C'\fR.
+Despite this potential risk, sudo on Debian is compiled with the
+\fI\-\-with\-enveditor\fR flag.
.PP
\&\fBvisudo\fR parses the \fIsudoers\fR file after the edit and will
not save the changes if there is a syntax error. Upon finding
Used by visudo if \s-1VISUAL\s0 is not set
.SH "FILES"
.IX Header "FILES"
-.ie n .IP "\fI@sysconfdir@/sudoers\fR\*(C` \*(C'List of who can run what" 4
-.el .IP "\fI@sysconfdir@/sudoers\fR\f(CW\*(C` \*(C'\fRList of who can run what" 4
-.IX Item "@sysconfdir@/sudoers List of who can run what"
-.PD 0
-.ie n .IP "\fI@sysconfdir@/sudoers.tmp\fR\*(C` \*(C'Lock file for visudo" 4
-.el .IP "\fI@sysconfdir@/sudoers.tmp\fR\f(CW\*(C` \*(C'\fRLock file for visudo" 4
-.IX Item "@sysconfdir@/sudoers.tmp Lock file for visudo"
-.PD
+.IP "\fI@sysconfdir@/sudoers\fR" 24
+.IX Item "@sysconfdir@/sudoers"
+List of who can run what
+.IP "\fI@sysconfdir@/sudoers.tmp\fR" 24
+.IX Item "@sysconfdir@/sudoers.tmp"
+Lock file for visudo
.SH "DIAGNOSTICS"
.IX Header "DIAGNOSTICS"
.IP "sudoers file busy, try again later." 4