X-Git-Url: https://git.gag.com/?a=blobdiff_plain;f=visudo.cat;h=c99374f8f302d4148c6ed804cc8064d9ddb23c4c;hb=32be23f693e5f9d1b112d4f3b9a597eaeb176ee6;hp=4c821697c0dd95f25f9596ab260b4337930dd605;hpb=ca3ab12a66fc683cabf546fd405cfbf39ef9fb6f;p=debian%2Fsudo diff --git a/visudo.cat b/visudo.cat index 4c82169..c99374f 100644 --- a/visudo.cat +++ b/visudo.cat @@ -1,165 +1,165 @@ -visudo(1m) MAINTENANCE COMMANDS visudo(1m) +VISUDO(1m) MAINTENANCE COMMANDS VISUDO(1m) -NNNNAAAAMMMMEEEE +NNAAMMEE visudo - edit the sudoers file -SSSSYYYYNNNNOOOOPPPPSSSSIIIISSSS - vvvviiiissssuuuuddddoooo [ ----cccc ] [ ----ffff _s_u_d_o_e_r_s ] [ ----qqqq ] [ ----ssss ] [ ----VVVV ] +SSYYNNOOPPSSIISS + vviissuuddoo [--cc] [--qq] [--ss] [--VV] [--ff _s_u_d_o_e_r_s] -DDDDEEEESSSSCCCCRRRRIIIIPPPPTTTTIIIIOOOONNNN - vvvviiiissssuuuuddddoooo edits the _s_u_d_o_e_r_s file in a safe fashion, analogous - to _v_i_p_w(1m). vvvviiiissssuuuuddddoooo locks the _s_u_d_o_e_r_s file against multi­ - ple simultaneous edits, provides basic sanity checks, and - checks for parse errors. If the _s_u_d_o_e_r_s file is currently - being edited you will receive a message to try again - later. +DDEESSCCRRIIPPTTIIOONN + vviissuuddoo edits the _s_u_d_o_e_r_s file in a safe fashion, analogous to _v_i_p_w(1m). + vviissuuddoo locks the _s_u_d_o_e_r_s file against multiple simultaneous edits, + provides basic sanity checks, and checks for parse errors. If the + _s_u_d_o_e_r_s file is currently being edited you will receive a message to + try again later. - There is a hard-coded list of editors that vvvviiiissssuuuuddddoooo will use - set at compile-time that may be overridden via the _e_d_i_t_o_r - _s_u_d_o_e_r_s Default variable. This list defaults to the path - to _v_i(1) on your system, as determined by the _c_o_n_f_i_g_u_r_e - script. Normally, vvvviiiissssuuuuddddoooo does not honor the EDITOR or - VISUAL environment variables unless they contain an editor - in the aforementioned editors list. However, if vvvviiiissssuuuuddddoooo is - configured with the _-_-_w_i_t_h_-_e_n_v_e_d_i_t_o_r flag or the _e_n_v_e_d_i_t_o_r - Default variable is set in _s_u_d_o_e_r_s, vvvviiiissssuuuuddddoooo will use any - the editor defines by EDITOR or VISUAL. Note that this - can be a security hole since it allows the user to execute - any program they wish simply by setting EDITOR or VISUAL. + There is a hard-coded list of one or more editors that vviissuuddoo will use + set at compile-time that may be overridden via the _e_d_i_t_o_r _s_u_d_o_e_r_s + Default variable. This list defaults to "vi". Normally, vviissuuddoo does + not honor the VISUAL or EDITOR environment variables unless they + contain an editor in the aforementioned editors list. However, if + vviissuuddoo is configured with the _-_-_w_i_t_h_-_e_n_v_-_e_d_i_t_o_r option or the + _e_n_v___e_d_i_t_o_r Default variable is set in _s_u_d_o_e_r_s, vviissuuddoo will use any the + editor defines by VISUAL or EDITOR. Note that this can be a security + hole since it allows the user to execute any program they wish simply + by setting VISUAL or EDITOR. - vvvviiiissssuuuuddddoooo parses the _s_u_d_o_e_r_s file after the edit and will not - save the changes if there is a syntax error. Upon finding - an error, vvvviiiissssuuuuddddoooo will print a message stating the line - _n_u_m_b_e_r(s) where the error occurred and the user will - receive the "What now?" prompt. At this point the user - may enter "e" to re-edit the _s_u_d_o_e_r_s file, "x" to exit - without saving the changes, or "Q" to quit and save - changes. The "Q" option should be used with extreme care - because if vvvviiiissssuuuuddddoooo believes there to be a parse error, so - will ssssuuuuddddoooo and no one will be able to ssssuuuuddddoooo again until the - error is fixed. If "e" is typed to edit the _s_u_d_o_e_r_s file - after a parse error has been detected, the cursor will be - placed on the line where the error occurred (if the editor - supports this feature). + vviissuuddoo parses the _s_u_d_o_e_r_s file after the edit and will not save the + changes if there is a syntax error. Upon finding an error, vviissuuddoo will + print a message stating the line number(s) where the error occurred and + the user will receive the "What now?" prompt. At this point the user + may enter "e" to re-edit the _s_u_d_o_e_r_s file, "x" to exit without saving + the changes, or "Q" to quit and save changes. The "Q" option should be + used with extreme care because if vviissuuddoo believes there to be a parse + error, so will ssuuddoo and no one will be able to ssuuddoo again until the + error is fixed. If "e" is typed to edit the _s_u_d_o_e_r_s file after a + parse error has been detected, the cursor will be placed on the line + where the error occurred (if the editor supports this feature). -OOOOPPPPTTTTIIIIOOOONNNNSSSS - vvvviiiissssuuuuddddoooo accepts the following command line options: +OOPPTTIIOONNSS + vviissuuddoo accepts the following command line options: - -c Enable cccchhhheeeecccckkkk----oooonnnnllllyyyy mode. The existing _s_u_d_o_e_r_s file - will be checked for syntax and a message will be - printed to the standard output detailing the status of - _s_u_d_o_e_r_s. If the syntax check completes successfully, - vvvviiiissssuuuuddddoooo will exit with a value of 0. If a syntax error - is encountered, vvvviiiissssuuuuddddoooo will exit with a value of 1. + -c Enable cchheecckk--oonnllyy mode. The existing _s_u_d_o_e_r_s file will be + checked for syntax and a message will be printed to the + standard output detailing the status of _s_u_d_o_e_r_s. If the + syntax check completes successfully, vviissuuddoo will exit with + a value of 0. If a syntax error is encountered, vviissuuddoo + will exit with a value of 1. - -f Specify and alternate _s_u_d_o_e_r_s file location. With - this option vvvviiiissssuuuuddddoooo will edit (or check) the _s_u_d_o_e_r_s + -f _s_u_d_o_e_r_s Specify and alternate _s_u_d_o_e_r_s file location. With this + option vviissuuddoo will edit (or check) the _s_u_d_o_e_r_s file of your + choice, instead of the default, _/_e_t_c_/_s_u_d_o_e_r_s. The lock + file used is the specified _s_u_d_o_e_r_s file with ".tmp" + appended to it. + -q Enable qquuiieett mode. In this mode details about syntax + errors are not printed. This option is only useful when -April 25, 2002 1.6.6 1 +1.7.4 July 14, 2010 1 -visudo(1m) MAINTENANCE COMMANDS visudo(1m) +VISUDO(1m) MAINTENANCE COMMANDS VISUDO(1m) - file of your choice, instead of the default, - @sysconfdir@/sudoers. The lock file used is the spec­ - ified _s_u_d_o_e_r_s file with ".tmp" appended to it. - -q Enable qqqquuuuiiiieeeetttt mode. In this mode details about syntax - errors are not printed. This option is only useful - when combined with the ----cccc flag. + combined with the --cc option. - -s Enable ssssttttrrrriiiicccctttt checking of the _s_u_d_o_e_r_s file. If an - alias is used before it is defined, vvvviiiissssuuuuddddoooo will con­ - sider this a parse error. Note that it is not possi­ - ble to differentiate between an alias and a hostname - or username that consists solely of uppercase letters, - digits, and the underscore ('_') character. + -s Enable ssttrriicctt checking of the _s_u_d_o_e_r_s file. If an alias is + used before it is defined, vviissuuddoo will consider this a + parse error. Note that it is not possible to differentiate + between an alias and a host name or user name that consists + solely of uppercase letters, digits, and the underscore + ('_') character. - -V The ----VVVV (version) option causes vvvviiiissssuuuuddddoooo to print its - version number and exit. + -V The --VV (version) option causes vviissuuddoo to print its version + number and exit. -EEEERRRRRRRROOOORRRRSSSS +EENNVVIIRROONNMMEENNTT + The following environment variables may be consulted depending on the + value of the _e_d_i_t_o_r and _e_n_v___e_d_i_t_o_r _s_u_d_o_e_r_s variables: + + VISUAL Invoked by visudo as the editor to use + + EDITOR Used by visudo if VISUAL is not set + +FFIILLEESS + _/_e_t_c_/_s_u_d_o_e_r_s List of who can run what + + _/_e_t_c_/_s_u_d_o_e_r_s_._t_m_p Lock file for visudo + +DDIIAAGGNNOOSSTTIICCSS sudoers file busy, try again later. Someone else is currently editing the _s_u_d_o_e_r_s file. /etc/sudoers.tmp: Permission denied - You didn't run vvvviiiissssuuuuddddoooo as root. + You didn't run vviissuuddoo as root. Can't find you in the passwd database Your userid does not appear in the system passwd file. - Warning: undeclared Alias referenced near ... - Either you are using a {User,Runas,Host,Cmnd}_Alias - before defining it or you have a user or hostname - listed that consists solely of uppercase letters, dig­ - its, and the underscore ('_') character. If the lat­ - ter, you can ignore the warnings (ssssuuuuddddoooo will not com­ - plain). In ----ssss (strict) mode these are errors, not - warnings. - -EEEENNNNVVVVIIIIRRRROOOONNNNMMMMEEEENNNNTTTT - The following environment variables are used only if - vvvviiiissssuuuuddddoooo was configured with the _-_-_w_i_t_h_-_e_n_v_-_e_d_i_t_o_r option: + Warning: {User,Runas,Host,Cmnd}_Alias referenced but not defined + Either you are trying to use an undeclare + {User,Runas,Host,Cmnd}_Alias or you have a user or host name listed + that consists solely of uppercase letters, digits, and the + underscore ('_') character. In the latter case, you can ignore the + warnings (ssuuddoo will not complain). In --ss (strict) mode these are + errors, not warnings. - EDITOR Invoked by visudo as the editor to use - VISUAL Used Invoked visudo if EDITOR is not set + Warning: unused {User,Runas,Host,Cmnd}_Alias + The specified {User,Runas,Host,Cmnd}_Alias was defined but never + used. You may wish to comment out or remove the unused alias. In + --ss (strict) mode this is an error, not a warning. +SSEEEE AALLSSOO + _v_i(1), _s_u_d_o_e_r_s(4), _s_u_d_o(1m), _v_i_p_w(8) -FFFFIIIILLLLEEEESSSS - /etc/sudoers List of who can run what - /etc/sudoers.tmp Lock file for visudo +AAUUTTHHOORR + Many people have worked on _s_u_d_o over the years; this version of vviissuuddoo + was written by: -AAAAUUUUTTTTHHHHOOOORRRR - Many people have worked on _s_u_d_o over the years; this ver­ - sion of vvvviiiissssuuuuddddoooo was written by: +1.7.4 July 14, 2010 2 -April 25, 2002 1.6.6 2 +VISUDO(1m) MAINTENANCE COMMANDS VISUDO(1m) - -visudo(1m) MAINTENANCE COMMANDS visudo(1m) - - - Todd Miller + Todd Miller See the HISTORY file in the sudo distribution or visit http://www.sudo.ws/sudo/history.html for more details. -BBBBUUUUGGGGSSSS - If you feel you have found a bug in sudo, please submit a - bug report at http://www.sudo.ws/sudo/bugs/ - -DDDDIIIISSSSCCCCLLLLAAAAIIIIMMMMEEEERRRR - VVVViiiissssuuuuddddoooo is provided ``AS IS'' and any express or implied - warranties, including, but not limited to, the implied - warranties of merchantability and fitness for a particular - purpose are disclaimed. See the LICENSE file distributed - with ssssuuuuddddoooo for complete details. - -CCCCAAAAVVVVEEEEAAAATTTTSSSS - There is no easy way to prevent a user from gaining a root - shell if the editor used by vvvviiiissssuuuuddddoooo allows shell escapes. +CCAAVVEEAATTSS + There is no easy way to prevent a user from gaining a root shell if the + editor used by vviissuuddoo allows shell escapes. -SSSSEEEEEEEE AAAALLLLSSSSOOOO - _v_i(1), _s_u_d_o(1m), _v_i_p_w(8). +BBUUGGSS + If you feel you have found a bug in vviissuuddoo, please submit a bug report + at http://www.sudo.ws/sudo/bugs/ +SSUUPPPPOORRTT + Limited free support is available via the sudo-users mailing list, see + http://www.sudo.ws/mailman/listinfo/sudo-users to subscribe or search + the archives. +DDIISSCCLLAAIIMMEERR + vviissuuddoo is provided ``AS IS'' and any express or implied warranties, + including, but not limited to, the implied warranties of + merchantability and fitness for a particular purpose are disclaimed. + See the LICENSE file distributed with ssuuddoo or + http://www.sudo.ws/sudo/license.html for complete details. @@ -193,6 +193,6 @@ SSSSEEEEEEEE AAAALLLLSSSSOOOO -April 25, 2002 1.6.6 3 +1.7.4 July 14, 2010 3