2 .\" Copyright (c) 1996,1998-2005, 2007-2012
3 .\" Todd C. Miller <Todd.Miller@courtesan.com>
5 .\" Permission to use, copy, modify, and distribute this software for any
6 .\" purpose with or without fee is hereby granted, provided that the above
7 .\" copyright notice and this permission notice appear in all copies.
9 .\" THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
10 .\" WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
11 .\" MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
12 .\" ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
13 .\" WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
14 .\" ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
15 .\" OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
16 .\" ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
18 .\" Sponsored in part by the Defense Advanced Research Projects
19 .\" Agency (DARPA) and Air Force Research Laboratory, Air Force
20 .\" Materiel Command, USAF, under agreement number F39502-99-1-0512.
23 .Dt VISUDO @mansectsu@
24 .Os Sudo @PACKAGE_VERSION@
27 .Nd edit the sudoers file
38 file in a safe fashion, analogous to
39 .Xr vipw @mansectsu@ .
43 file against multiple simultaneous edits, provides basic sanity checks,
44 and checks for parse errors.
47 file is currently being edited you will receive a message to try again later.
49 There is a hard-coded list of one or more editors that
51 will use set at compile-time that may be overridden via the
64 environment variables unless they contain an editor in the aforementioned
68 is configured with the
76 will use any the editor defines by
80 Note that this can be a security hole since it allows the user to
81 execute any program they wish simply by setting
89 file after the edit and will
90 not save the changes if there is a syntax error.
91 Upon finding an error,
93 will print a message stating the line number(s)
94 where the error occurred and the user will receive the
97 At this point the user may enter
103 to exit without saving the changes, or
105 to quit and save changes.
108 option should be used with extreme care because if
110 believes there to be a parse error, so will
115 again until the error is fixed.
120 file after a parse error has been detected, the cursor will be placed on
121 the line where the error occurred (if the editor supports this feature).
123 The options are as follows:
132 checked for syntax errors, owner and mode.
133 A message will be printed to the standard output describing the status of
137 option was specified.
138 If the check completes successfully,
140 will exit with a value of 0.
141 If an error is encountered,
143 will exit with a value of 1.
145 Specify and alternate
150 will edit (or check) the
153 instead of the default,
154 .Pa @sysconfdir@/sudoers .
155 The lock file used is the specified
162 mode only, the argument to
168 will be read from the standard input.
171 .Fl h No ( Em help Ns No )
174 to print a short help message
175 to the standard output and exit.
180 In this mode details about syntax errors are not printed.
181 This option is only useful when combined with
191 If an alias is used before it is defined,
193 will consider this a parse error.
194 Note that it is not possible to differentiate between an
195 alias and a host name or user name that consists solely of uppercase
196 letters, digits, and the underscore
201 .Fl V ( Em version Ns No )
204 to print its version number
208 The following environment variables may be consulted depending on
229 .It Pa @sysconfdir@/sudoers
230 List of who can run what
231 .It Pa @sysconfdir@/sudoers.tmp
236 .It Li sudoers file busy, try again later.
237 Someone else is currently editing the
240 .It Li @sysconfdir@/sudoers.tmp: Permission denied
244 .It Li Can't find you in the passwd database
245 Your user ID does not appear in the system passwd file.
246 .It Li Warning: {User,Runas,Host,Cmnd}_Alias referenced but not defined
247 Either you are trying to use an undeclared {User,Runas,Host,Cmnd}_Alias
248 or you have a user or host name listed that consists solely of
249 uppercase letters, digits, and the underscore
252 In the latter case, you can ignore the warnings
259 (strict) mode these are errors, not warnings.
260 .It Li Warning: unused {User,Runas,Host,Cmnd}_Alias
261 The specified {User,Runas,Host,Cmnd}_Alias was defined but never
263 You may wish to comment out or remove the unused alias.
266 (strict) mode this is an error, not a warning.
267 .It Li Warning: cycle in {User,Runas,Host,Cmnd}_Alias
268 The specified {User,Runas,Host,Cmnd}_Alias includes a reference to
269 itself, either directly or through an alias it includes.
270 This is only a warning by default as
272 will ignore cycles when parsing
279 .Xr sudoers @mansectform@ ,
280 .Xr sudo @mansectsu@ ,
283 Many people have worked on
285 over the years; this version consists of code written primarily by:
286 .Bd -ragged -offset indent
290 See the CONTRIBUTORS file in the
292 distribution (http://www.sudo.ws/sudo/contributors.html) for an
293 exhaustive list of people who have contributed to
296 There is no easy way to prevent a user from gaining a root shell if
299 allows shell escapes.
301 If you feel you have found a bug in
303 please submit a bug report at http://www.sudo.ws/sudo/bugs/
305 Limited free support is available via the sudo-users mailing list,
306 see http://www.sudo.ws/mailman/listinfo/sudo-users to subscribe or
312 and any express or implied warranties, including, but not limited
313 to, the implied warranties of merchantability and fitness for a
314 particular purpose are disclaimed.
315 See the LICENSE file distributed with
317 or http://www.sudo.ws/sudo/license.html for complete details.