in addition to the existing start_tls support.
Sudo 1.6.9p10 released.
+
+637) Fixed a compilation problem on SCO related to how they
+ store the high resolution timestamps in struct stat.
+
+638) Avoid checking the passwd file group multiple times
+ in the LDAP query when the user's passwd group is also
+ listed in the supplemental group vector.
+
+639) The URI specifier can now be used in ldap.conf even when
+ the LDAP SDK doesn't support ldap_initialize().
+
+640) New %p prompt escape that expands to the user whose password
+ is being prompted, as specified by the rootpw, targetpw and
+ runaspw sudoers flags. Based on a diff from Patrick Schoenfeld.
#
# @configure_input@
#
-# $Sudo: Makefile.in,v 1.246.2.21 2007/12/17 19:18:14 millert Exp $
+# $Sudo: Makefile.in,v 1.246.2.22 2008/01/05 23:31:51 millert Exp $
#
#### Start of system configuration section. ####
LIBOBJS = @LIBOBJS@ @ALLOCA@
-VERSION = 1.6.9p10
+VERSION = 1.6.9p11
DISTFILES = $(SRCS) $(HDRS) BUGS CHANGES HISTORY INSTALL INSTALL.configure \
LICENSE Makefile.in PORTING README README.LDAP \
Make sure you sudoers_base matches exactly with the location you specified
when you imported the sudoers. Below is an example /etc/ldap.conf
- # Either specify a URI or host and port.
- # If neither is specified sudo will default to localhost port 389.
+ # Either specify one or more URIs or one or more host:port pairs.
+ # If neither is specified sudo will default to localhost, port 389.
+ #
#host ldapserver
+ #host ldapserver1 ldapserver2:390
+ #
+ # Default port if host is specified without one, defaults to 389.
#port 389
#
- # URI will override host & port settings but only works with LDAP
- # SDK's that support ldap_initialize() such as OpenLDAP.
+ # URI will override the host and port settings.
uri ldap://ldapserver
#uri ldaps://secureldapserver
+ #uri ldaps://secureldapserver ldap://ldapserver
#
# must be set or sudo will ignore LDAP
sudoers_base ou=SUDOers,dc=example,dc=com
#include "sudo.h"
#ifndef lint
-__unused static const char rcsid[] = "$Sudo: check.c,v 1.223.2.9 2007/07/06 19:52:13 millert Exp $";
+__unused static const char rcsid[] = "$Sudo: check.c,v 1.223.2.10 2008/01/05 23:59:42 millert Exp $";
#endif /* lint */
/* Status codes for timestamp_status() */
len += strlen(user_host) - 2;
subst = 1;
break;
+ case 'p':
+ p++;
+ if (def_rootpw)
+ len += 2;
+ else if (def_targetpw || def_runaspw)
+ len += strlen(*user_runas) - 2;
+ else
+ len += strlen(user_name) - 2;
+ subst = 1;
+ break;
case 'u':
p++;
len += strlen(user_name) - 2;
goto oflow;
np += n;
continue;
+ case 'p':
+ p++;
+ if (def_rootpw)
+ n = strlcpy(np, "root", np - endp);
+ else if (def_targetpw || def_runaspw)
+ n = strlcpy(np, *user_runas, np - endp);
+ else
+ n = strlcpy(np, user_name, np - endp);
+ if (n >= np - endp)
+ goto oflow;
+ np += n;
+ continue;
case 'u':
p++;
n = strlcpy(np, user_name, np - endp);
/* Define to 1 if your struct stat has an st_mtim member */
#undef HAVE_ST_MTIM
+/* Define to 1 if your struct stat uses an st__tim union */
+#undef HAVE_ST__TIM
+
/* Define to 1 if your struct stat has an st_mtimespec member */
#undef HAVE_ST_MTIMESPEC
* so the last 3 digits of tv_nsec are not significant.
*/
#ifdef HAVE_ST_MTIM
-# define mtim_getsec(_x) ((_x).st_mtim.tv_sec)
-# define mtim_getnsec(_x) (((_x).st_mtim.tv_nsec / 1000) * 1000)
+# ifdef HAVE_ST__TIM
+# define mtim_getsec(_x) ((_x).st_mtim.st__tim.tv_sec)
+# define mtim_getnsec(_x) (((_x).st_mtim.st__tim.tv_nsec / 1000) * 1000)
+# else
+# define mtim_getsec(_x) ((_x).st_mtim.tv_sec)
+# define mtim_getnsec(_x) (((_x).st_mtim.tv_nsec / 1000) * 1000)
+# endif
#else
# ifdef HAVE_ST_MTIMESPEC
# define mtim_getsec(_x) ((_x).st_mtimespec.tv_sec)
#define HAVE_ST_MTIM 1
_ACEOF
+ { echo "$as_me:$LINENO: checking for struct stat.st_mtim.st__tim" >&5
+echo $ECHO_N "checking for struct stat.st_mtim.st__tim... $ECHO_C" >&6; }
+if test "${ac_cv_member_struct_stat_st_mtim_st__tim+set}" = set; then
+ echo $ECHO_N "(cached) $ECHO_C" >&6
+else
+ cat >conftest.$ac_ext <<_ACEOF
+/* confdefs.h. */
+_ACEOF
+cat confdefs.h >>conftest.$ac_ext
+cat >>conftest.$ac_ext <<_ACEOF
+/* end confdefs.h. */
+$ac_includes_default
+int
+main ()
+{
+static struct stat ac_aggr;
+if (ac_aggr.st_mtim.st__tim)
+return 0;
+ ;
+ return 0;
+}
+_ACEOF
+rm -f conftest.$ac_objext
+if { (ac_try="$ac_compile"
+case "(($ac_try" in
+ *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;;
+ *) ac_try_echo=$ac_try;;
+esac
+eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5
+ (eval "$ac_compile") 2>conftest.er1
+ ac_status=$?
+ grep -v '^ *+' conftest.er1 >conftest.err
+ rm -f conftest.er1
+ cat conftest.err >&5
+ echo "$as_me:$LINENO: \$? = $ac_status" >&5
+ (exit $ac_status); } && {
+ test -z "$ac_c_werror_flag" ||
+ test ! -s conftest.err
+ } && test -s conftest.$ac_objext; then
+ ac_cv_member_struct_stat_st_mtim_st__tim=yes
+else
+ echo "$as_me: failed program was:" >&5
+sed 's/^/| /' conftest.$ac_ext >&5
+
+ cat >conftest.$ac_ext <<_ACEOF
+/* confdefs.h. */
+_ACEOF
+cat confdefs.h >>conftest.$ac_ext
+cat >>conftest.$ac_ext <<_ACEOF
+/* end confdefs.h. */
+$ac_includes_default
+int
+main ()
+{
+static struct stat ac_aggr;
+if (sizeof ac_aggr.st_mtim.st__tim)
+return 0;
+ ;
+ return 0;
+}
+_ACEOF
+rm -f conftest.$ac_objext
+if { (ac_try="$ac_compile"
+case "(($ac_try" in
+ *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;;
+ *) ac_try_echo=$ac_try;;
+esac
+eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5
+ (eval "$ac_compile") 2>conftest.er1
+ ac_status=$?
+ grep -v '^ *+' conftest.er1 >conftest.err
+ rm -f conftest.er1
+ cat conftest.err >&5
+ echo "$as_me:$LINENO: \$? = $ac_status" >&5
+ (exit $ac_status); } && {
+ test -z "$ac_c_werror_flag" ||
+ test ! -s conftest.err
+ } && test -s conftest.$ac_objext; then
+ ac_cv_member_struct_stat_st_mtim_st__tim=yes
+else
+ echo "$as_me: failed program was:" >&5
+sed 's/^/| /' conftest.$ac_ext >&5
+
+ ac_cv_member_struct_stat_st_mtim_st__tim=no
+fi
+
+rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext
+fi
+
+rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext
+fi
+{ echo "$as_me:$LINENO: result: $ac_cv_member_struct_stat_st_mtim_st__tim" >&5
+echo "${ECHO_T}$ac_cv_member_struct_stat_st_mtim_st__tim" >&6; }
+if test $ac_cv_member_struct_stat_st_mtim_st__tim = yes; then
+ cat >>confdefs.h <<\_ACEOF
+#define HAVE_ST__TIM 1
+_ACEOF
+
+fi
+
else
{ echo "$as_me:$LINENO: checking for struct stat.st_mtimespec" >&5
echo $ECHO_N "checking for struct stat.st_mtimespec... $ECHO_C" >&6; }
+
+
dnl
dnl Process this file with GNU autoconf to produce a configure script.
-dnl $Sudo: configure.in,v 1.413.2.34 2007/12/19 19:29:29 millert Exp $
+dnl $Sudo: configure.in,v 1.413.2.36 2008/01/03 16:05:42 millert Exp $
dnl
dnl Copyright (c) 1994-1996,1998-2007 Todd C. Miller <Todd.Miller@courtesan.com>
dnl
])
AC_CHECK_FUNCS(snprintf vsnprintf asprintf vasprintf, , [NEED_SNPRINTF=1])
if test X"$ac_cv_type_struct_timespec" != X"no"; then
- AC_CHECK_MEMBER([struct stat.st_mtim], AC_DEFINE(HAVE_ST_MTIM), [AC_CHECK_MEMBER([struct stat.st_mtimespec], AC_DEFINE([HAVE_ST_MTIMESPEC]))])
+ AC_CHECK_MEMBER([struct stat.st_mtim], [AC_DEFINE(HAVE_ST_MTIM)]
+ [AC_CHECK_MEMBER([struct stat.st_mtim.st__tim], AC_DEFINE(HAVE_ST__TIM))],
+ [AC_CHECK_MEMBER([struct stat.st_mtimespec], AC_DEFINE([HAVE_ST_MTIMESPEC]))])
AC_MSG_CHECKING([for two-parameter timespecsub])
AC_COMPILE_IFELSE([AC_LANG_PROGRAM([[#include <sys/types.h>
#include <sys/time.h>]], [[struct timespec ts1, ts2;
AH_TEMPLATE(HAVE_SIGACTION_T, [Define to 1 if <signal.h> has the sigaction_t typedef.])
AH_TEMPLATE(HAVE_SKEY, [Define to 1 if you use S/Key.])
AH_TEMPLATE(HAVE_SKEYACCESS, [Define to 1 if your S/Key library has skeyaccess().])
+AH_TEMPLATE(HAVE_ST__TIM, [Define to 1 if your struct stat uses an st__tim union])
AH_TEMPLATE(HAVE_ST_MTIM, [Define to 1 if your struct stat has an st_mtim member])
AH_TEMPLATE(HAVE_ST_MTIMESPEC, [Define to 1 if your struct stat has an st_mtimespec member])
AH_TEMPLATE(HAVE_TERMIOS_H, [Define to 1 if you have the <termios.h> header file and the `tcgetattr' function.])
* so the last 3 digits of tv_nsec are not significant.
*/
#ifdef HAVE_ST_MTIM
-# define mtim_getsec(_x) ((_x).st_mtim.tv_sec)
-# define mtim_getnsec(_x) (((_x).st_mtim.tv_nsec / 1000) * 1000)
+# ifdef HAVE_ST__TIM
+# define mtim_getsec(_x) ((_x).st_mtim.st__tim.tv_sec)
+# define mtim_getnsec(_x) (((_x).st_mtim.st__tim.tv_nsec / 1000) * 1000)
+# else
+# define mtim_getsec(_x) ((_x).st_mtim.tv_sec)
+# define mtim_getnsec(_x) (((_x).st_mtim.tv_nsec / 1000) * 1000)
+# endif
#else
# ifdef HAVE_ST_MTIMESPEC
# define mtim_getsec(_x) ((_x).st_mtimespec.tv_sec)
/*
- * Copyright (c) 2003-2005 Todd C. Miller <Todd.Miller@courtesan.com>
+ * Copyright (c) 2003-2008 Todd C. Miller <Todd.Miller@courtesan.com>
*
* This code is derived from software contributed by Aaron Spangler.
*
# include <unistd.h>
#endif /* HAVE_UNISTD_H */
#include <ctype.h>
+#include <limits.h>
#include <pwd.h>
#include <grp.h>
#include <netinet/in.h>
#include "parse.h"
#ifndef lint
-__unused static const char rcsid[] = "$Sudo: ldap.c,v 1.11.2.28 2007/12/19 19:29:32 millert Exp $";
+__unused static const char rcsid[] = "$Sudo: ldap.c,v 1.11.2.32 2008/01/05 23:27:10 millert Exp $";
#endif /* lint */
#ifndef LINE_MAX
static void sudo_ldap_close __P((LDAP *));
static LDAP *sudo_ldap_open __P((void));
+#ifndef HAVE_LDAP_INITIALIZE
+/*
+ * For each uri, convert to host:port pairs. For ldaps:// enable SSL
+ * Accepts: uris of the form ldap:/// or ldap://hostname:portnum/
+ * where the trailing slash is optional.
+ */
+static int
+sudo_ldap_parse_uri(uri_list)
+ const char *uri_list;
+{
+ char *buf, *uri, *host, *cp, *port;
+ char hostbuf[LINE_MAX];
+ int nldap = 0, nldaps = 0;
+ int rc = -1;
+
+ buf = estrdup(uri_list);
+ hostbuf[0] = '\0';
+ for ((uri = strtok(buf, " \t")); uri != NULL; (uri = strtok(NULL, " \t"))) {
+ if (strncasecmp(uri, "ldap://", 7) == 0) {
+ nldap++;
+ host = uri + 7;
+ } else if (strncasecmp(uri, "ldaps://", 8) == 0) {
+ nldaps++;
+ host = uri + 8;
+ } else {
+ warnx("unsupported LDAP uri type: %s", uri);
+ goto done;
+ }
+
+ /* trim optional trailing slash */
+ if ((cp = strrchr(host, '/')) != NULL && cp[1] == '\0') {
+ *cp = '\0';
+ }
+
+ if (hostbuf[0] != '\0') {
+ if (strlcat(hostbuf, " ", sizeof(hostbuf)) >= sizeof(hostbuf))
+ goto toobig;
+ }
+
+ if (*host == '\0')
+ host = "localhost"; /* no host specified, use localhost */
+
+ if (strlcat(hostbuf, host, sizeof(hostbuf)) >= sizeof(hostbuf))
+ goto toobig;
+
+ /* If using SSL and no port specified, add port 636 */
+ if (nldaps) {
+ if ((port = strrchr(host, ':')) == NULL || !isdigit(port[1]))
+ if (strlcat(hostbuf, ":636", sizeof(hostbuf)) >= sizeof(hostbuf))
+ goto toobig;
+ }
+ }
+ if (hostbuf[0] == '\0') {
+ warnx("invalid uri: %s", uri_list);
+ goto done;
+ }
+
+ if (nldaps != 0) {
+ if (nldap != 0) {
+ warnx("cannot mix ldap and ldaps URIs");
+ goto done;
+ }
+ if (ldap_conf.ssl_mode == SUDO_LDAP_STARTTLS) {
+ warnx("cannot mix ldaps and starttls");
+ goto done;
+ }
+ ldap_conf.ssl_mode = SUDO_LDAP_SSL;
+ }
+
+ free(ldap_conf.host);
+ ldap_conf.host = estrdup(hostbuf);
+ rc = 0;
+
+done:
+ efree(buf);
+ return(rc);
+
+toobig:
+ errx(1, "sudo_ldap_parse_uri: out of space building hostbuf");
+}
+#endif /* HAVE_LDAP_INITIALIZE */
+
+static int
+sudo_ldap_init(ldp, host, port)
+ LDAP **ldp;
+ const char *host;
+ int port;
+{
+ LDAP *ld = NULL;
+ int rc = LDAP_CONNECT_ERROR;
+
+#ifdef HAVE_LDAPSSL_INIT
+ if (ldap_conf.ssl_mode == SUDO_LDAP_SSL) {
+ DPRINTF(("ldapssl_clientauth_init(%s, %s)",
+ ldap_conf.tls_certfile ? ldap_conf.tls_certfile : "NULL",
+ ldap_conf.tls_keyfile ? ldap_conf.tls_keyfile : "NULL"), 2);
+ rc = ldapssl_clientauth_init(ldap_conf.tls_certfile, NULL,
+ ldap_conf.tls_keyfile != NULL, ldap_conf.tls_keyfile, NULL);
+ if (rc != LDAP_SUCCESS) {
+ warnx("unable to initialize SSL cert and key db: %s",
+ ldapssl_err2string(rc));
+ goto done;
+ }
+
+ DPRINTF(("ldapssl_init(%s, %d, 1)", host, port), 2);
+ if ((ld = ldapssl_init(host, port, 1)) == NULL)
+ goto done;
+ } else
+#endif
+ {
+ DPRINTF(("ldap_init(%s, %d)", host, port), 2);
+ if ((ld = ldap_init(host, port)) == NULL)
+ goto done;
+ }
+ rc = LDAP_SUCCESS;
+
+done:
+ *ldp = ld;
+ return(rc);
+}
+
/*
* Walk through search results and return TRUE if we have a matching
* netgroup, else FALSE.
/* Append supplementary groups */
for (i = 0; i < user_ngroups; i++) {
+ if (user_groups[i] == user_gid)
+ continue;
if ((grp = getgrgid(user_groups[i])) != NULL) {
ncat(&b, &sz, "(sudoUser=%");
ncat(&b, &sz, grp -> gr_name);
if (ldap_conf.debug > 1) {
fprintf(stderr, "LDAP Config Summary\n");
fprintf(stderr, "===================\n");
-#ifdef HAVE_LDAP_INITIALIZE
if (ldap_conf.uri) {
fprintf(stderr, "uri %s\n", ldap_conf.uri);
- } else
-#endif
- {
+ } else {
fprintf(stderr, "host %s\n", ldap_conf.host ?
ldap_conf.host : "(NONE)");
fprintf(stderr, "port %d\n", ldap_conf.port);
ldap_conf.ssl_mode = SUDO_LDAP_SSL;
}
+#ifndef HAVE_LDAP_INITIALIZE
+ /* Convert uri list to host list if no ldap_initialize(). */
+ if (ldap_conf.uri) {
+ if (sudo_ldap_parse_uri(ldap_conf.uri) != 0)
+ return(FALSE);
+ free(ldap_conf.uri);
+ ldap_conf.uri = NULL;
+ ldap_conf.port = LDAP_PORT;
+ }
+#endif
+
/* Use port 389 for plaintext LDAP and port 636 for SSL LDAP */
- if (ldap_conf.port < 0)
+ if (!ldap_conf.uri && ldap_conf.port < 0)
ldap_conf.port =
ldap_conf.ssl_mode == SUDO_LDAP_SSL ? LDAPS_PORT : LDAP_PORT;
ldap_err2string(rc));
return(-1);
}
-
+ DPRINTF(("ldap_set_option(LDAP_OPT_X_TLS, LDAP_OPT_X_TLS_HARD)\n"), 1);
}
#endif
return(0);
if (!sudo_ldap_read_config())
return(NULL);
-#ifdef HAVE_LDAPSSL_INIT
- if (ldap_conf.ssl_mode == SUDO_LDAP_SSL) {
- DPRINTF(("ldapssl_clientauth_init(%s, %s)",
- ldap_conf.tls_certfile ? ldap_conf.tls_certfile : "NULL",
- ldap_conf.tls_keyfile ? ldap_conf.tls_keyfile : "NULL"), 2);
- rc = ldapssl_clientauth_init(ldap_conf.tls_certfile, NULL,
- ldap_conf.tls_keyfile != NULL, ldap_conf.tls_keyfile, NULL);
- if (rc != LDAP_SUCCESS) {
- warnx("unable to initialize SSL cert and key db: %s",
- ldapssl_err2string(rc));
- return(NULL);
- }
- }
-#endif /* HAVE_LDAPSSL_INIT */
-
/* Connect to LDAP server */
#ifdef HAVE_LDAP_INITIALIZE
- if (ldap_conf.uri) {
+ if (ldap_conf.uri != NULL) {
DPRINTF(("ldap_initialize(ld, %s)", ldap_conf.uri), 2);
rc = ldap_initialize(&ld, ldap_conf.uri);
- if (rc != LDAP_SUCCESS) {
- warnx("unable to initialize LDAP: %s", ldap_err2string(rc));
- return(NULL);
- }
} else
#endif /* HAVE_LDAP_INITIALIZE */
- {
-#ifdef HAVE_LDAPSSL_INIT
- DPRINTF(("ldapssl_init(%s, %d, %d)", ldap_conf.host, ldap_conf.port,
- ldap_conf.ssl_mode == SUDO_LDAP_SSL), 2);
- ld = ldapssl_init(ldap_conf.host, ldap_conf.port,
- ldap_conf.ssl_mode == SUDO_LDAP_SSL);
-#else
- DPRINTF(("ldap_init(%s, %d)", ldap_conf.host, ldap_conf.port), 2);
- ld = ldap_init(ldap_conf.host, ldap_conf.port);
-#endif /* HAVE_LDAPSSL_INIT */
- if (ld == NULL) {
- warn("unable to initialize LDAP");
- return(NULL);
- }
+ rc = sudo_ldap_init(&ld, ldap_conf.host, ldap_conf.port);
+ if (rc != LDAP_SUCCESS) {
+ warnx("unable to initialize LDAP: %s", ldap_err2string(rc));
+ return(NULL);
}
/* Set LDAP options */
-1.6.9p10 December 17, 2007 1
+1.6.9p11 January 5, 2008 1
-1.6.9p10 December 17, 2007 2
+1.6.9p11 January 5, 2008 2
-1.6.9p10 December 17, 2007 3
+1.6.9p11 January 5, 2008 3
%h expanded to the local hostname without the domain
name
+ %p expanded to the user whose password is being asked
+ for (respects the _\br_\bo_\bo_\bt_\bp_\bw, _\bt_\ba_\br_\bg_\be_\bt_\bp_\bw and _\br_\bu_\bn_\ba_\bs_\bp_\bw
+ flags in _\bs_\bu_\bd_\bo_\be_\br_\bs)
+
%U expanded to the login name of the user the command
will be run as (defaults to root)
defaults s\bsu\bud\bdo\bo was compiled with as well as the
machine's local network addresses.
- -v If given the -\b-v\bv (_\bv_\ba_\bl_\bi_\bd_\ba_\bt_\be) option, s\bsu\bud\bdo\bo will update
- the user's timestamp, prompting for the user's pass
- word if necessary. This extends the s\bsu\bud\bdo\bo timeout for
-
-1.6.9p10 December 17, 2007 4
+1.6.9p11 January 5, 2008 4
SUDO(1m) MAINTENANCE COMMANDS SUDO(1m)
+ -v If given the -\b-v\bv (_\bv_\ba_\bl_\bi_\bd_\ba_\bt_\be) option, s\bsu\bud\bdo\bo will update
+ the user's timestamp, prompting for the user's pass
+ word if necessary. This extends the s\bsu\bud\bdo\bo timeout for
another 5 minutes (or whatever the timeout is set to
in _\bs_\bu_\bd_\bo_\be_\br_\bs) but does not run a command.
If, however, the _\be_\bn_\bv_\b__\br_\be_\bs_\be_\bt option is disabled in _\bs_\bu_\bd_\bo_\be_\br_\bs,
any variables not explicitly denied by the _\be_\bn_\bv_\b__\bc_\bh_\be_\bc_\bk and
- _\be_\bn_\bv_\b__\bd_\be_\bl_\be_\bt_\be options are inherited from the invoking pro
- cess. In this case, _\be_\bn_\bv_\b__\bc_\bh_\be_\bc_\bk and _\be_\bn_\bv_\b__\bd_\be_\bl_\be_\bt_\be behave like
- a blacklist. Since it is not possible to blacklist all
- potentially dangerous environment variables, use of the
+ _\be_\bn_\bv_\b__\bd_\be_\bl_\be_\bt_\be options are inherited from the invoking
-1.6.9p10 December 17, 2007 5
+1.6.9p11 January 5, 2008 5
SUDO(1m) MAINTENANCE COMMANDS SUDO(1m)
- default _\be_\bn_\bv_\b__\br_\be_\bs_\be_\bt behavior is encouraged.
+ process. In this case, _\be_\bn_\bv_\b__\bc_\bh_\be_\bc_\bk and _\be_\bn_\bv_\b__\bd_\be_\bl_\be_\bt_\be behave
+ like a blacklist. Since it is not possible to blacklist
+ all potentially dangerous environment variables, use of
+ the default _\be_\bn_\bv_\b__\br_\be_\bs_\be_\bt behavior is encouraged.
In all cases, environment variables with a value beginning
with () are removed as they could be interpreted as b\bba\bas\bsh\bh
timestamp with a bogus date on systems that allow users to
give away files.
- Please note that s\bsu\bud\bdo\bo will normally only log the command
- it explicitly runs. If a user runs a command such as sudo
- su or sudo sh, subsequent commands run from that shell
-1.6.9p10 December 17, 2007 6
+1.6.9p11 January 5, 2008 6
SUDO(1m) MAINTENANCE COMMANDS SUDO(1m)
+ Please note that s\bsu\bud\bdo\bo will normally only log the command
+ it explicitly runs. If a user runs a command such as sudo
+ su or sudo sh, subsequent commands run from that shell
will _\bn_\bo_\bt be logged, nor will s\bsu\bud\bdo\bo's access control affect
them. The same is true for commands that offer shell
escapes (including most editors). Because of this, care
_\b/_\be_\bt_\bc_\b/_\bs_\bu_\bd_\bo_\be_\br_\bs List of who can run what
_\b/_\bv_\ba_\br_\b/_\br_\bu_\bn_\b/_\bs_\bu_\bd_\bo Directory containing timestamps
-E\bEX\bXA\bAM\bMP\bPL\bLE\bES\bS
- Note: the following examples assume suitable _\bs_\bu_\bd_\bo_\be_\br_\bs(4)
- entries.
-1.6.9p10 December 17, 2007 7
+1.6.9p11 January 5, 2008 7
SUDO(1m) MAINTENANCE COMMANDS SUDO(1m)
+E\bEX\bXA\bAM\bMP\bPL\bLE\bES\bS
+ Note: the following examples assume suitable _\bs_\bu_\bd_\bo_\be_\br_\bs(4)
+ entries.
+
To get a file listing of an unreadable directory:
$ sudo ls /usr/local/protected
It is not meaningful to run the cd command directly via
sudo, e.g.,
- $ sudo cd /usr/local/protected
-
- since when the command exits the parent process (your
-
-1.6.9p10 December 17, 2007 8
+1.6.9p11 January 5, 2008 8
SUDO(1m) MAINTENANCE COMMANDS SUDO(1m)
+ $ sudo cd /usr/local/protected
+
+ since when the command exits the parent process (your
shell) will still be the same. Please see the EXAMPLES
section for more information.
-
-
-
-1.6.9p10 December 17, 2007 9
+1.6.9p11 January 5, 2008 9
.\" Agency (DARPA) and Air Force Research Laboratory, Air Force
.\" Materiel Command, USAF, under agreement number F39502-99-1-0512.
.\"
-.\" $Sudo: sudo.man.in,v 1.29.2.17 2007/12/17 22:11:10 millert Exp $
+.\" $Sudo: sudo.man.in,v 1.29.2.19 2008/01/05 23:59:42 millert Exp $
.\" Automatically generated by Pod::Man v1.37, Pod::Parser v1.32
.\"
.\" Standard preamble:
.\" ========================================================================
.\"
.IX Title "SUDO @mansectsu@"
-.TH SUDO @mansectsu@ "December 17, 2007" "1.6.9p10" "MAINTENANCE COMMANDS"
+.TH SUDO @mansectsu@ "January 5, 2008" "1.6.9p11" "MAINTENANCE COMMANDS"
.SH "NAME"
sudo, sudoedit \- execute a command as another user
.SH "SYNOPSIS"
.el .IP "\f(CW%h\fR" 4
.IX Item "%h"
expanded to the local hostname without the domain name
+.ie n .IP "%p" 4
+.el .IP "\f(CW%p\fR" 4
+.IX Item "%p"
+expanded to the user whose password is being asked for (respects the
+\&\fIrootpw\fR, \fItargetpw\fR and \fIrunaspw\fR flags in \fIsudoers\fR)
.ie n .IP "%U" 4
.el .IP "\f(CW%U\fR" 4
.IX Item "%U"
Agency (DARPA) and Air Force Research Laboratory, Air Force
Materiel Command, USAF, under agreement number F39502-99-1-0512.
-$Sudo: sudo.pod,v 1.70.2.19 2007/11/21 19:26:10 millert Exp $
+$Sudo: sudo.pod,v 1.70.2.20 2008/01/05 23:59:42 millert Exp $
=pod
=head1 NAME
expanded to the local hostname without the domain name
+=item C<%p>
+
+expanded to the user whose password is being asked for (respects the
+I<rootpw>, I<targetpw> and I<runaspw> flags in I<sudoers>)
+
=item C<%U>
expanded to the login name of the user the command will
-1.6.9p10 December 17, 2007 1
+1.6.9p11 January 5, 2008 1
-1.6.9p10 December 17, 2007 2
+1.6.9p11 January 5, 2008 2
-1.6.9p10 December 17, 2007 3
+1.6.9p11 January 5, 2008 3
-1.6.9p10 December 17, 2007 4
+1.6.9p11 January 5, 2008 4
-1.6.9p10 December 17, 2007 5
+1.6.9p11 January 5, 2008 5
-1.6.9p10 December 17, 2007 6
+1.6.9p11 January 5, 2008 6
-1.6.9p10 December 17, 2007 7
+1.6.9p11 January 5, 2008 7
-1.6.9p10 December 17, 2007 8
+1.6.9p11 January 5, 2008 8
-1.6.9p10 December 17, 2007 9
+1.6.9p11 January 5, 2008 9
-1.6.9p10 December 17, 2007 10
+1.6.9p11 January 5, 2008 10
-1.6.9p10 December 17, 2007 11
+1.6.9p11 January 5, 2008 11
-1.6.9p10 December 17, 2007 12
+1.6.9p11 January 5, 2008 12
-1.6.9p10 December 17, 2007 13
+1.6.9p11 January 5, 2008 13
-1.6.9p10 December 17, 2007 14
+1.6.9p11 January 5, 2008 14
%h expanded to the local hostname without
the domain name
+ %p expanded to the user whose password is
+ being asked for (respects the _\br_\bo_\bo_\bt_\bp_\bw,
+ _\bt_\ba_\br_\bg_\be_\bt_\bp_\bw and _\br_\bu_\bn_\ba_\bs_\bp_\bw flags in _\bs_\bu_\bd_\bo_\be_\br_\bs)
+
%U expanded to the login name of the user
the command will be run as (defaults
to root)
be printed along with the password prompt. It
has the following possible values:
- always Always lecture the user.
- never Never lecture the user.
+1.6.9p11 January 5, 2008 15
-1.6.9p10 December 17, 2007 15
+SUDOERS(4) MAINTENANCE COMMANDS SUDOERS(4)
-SUDOERS(4) MAINTENANCE COMMANDS SUDOERS(4)
+ always Always lecture the user.
+ never Never lecture the user.
once Only lecture the user the first time
they run s\bsu\bud\bdo\bo.
mail. Defaults to the path to sendmail found
at configure time.
- mailto Address to send warning and error mail to.
- The address should be enclosed in double
- quotes (") to protect against s\bsu\bud\bdo\bo interpret
- ing the @ sign. Defaults to root.
-1.6.9p10 December 17, 2007 16
+1.6.9p11 January 5, 2008 16
SUDOERS(4) MAINTENANCE COMMANDS SUDOERS(4)
+ mailto Address to send warning and error mail to.
+ The address should be enclosed in double
+ quotes (") to protect against s\bsu\bud\bdo\bo interpret
+ ing the @ sign. Defaults to root.
+
syslog Syslog facility if syslog is being used for
logging (negate to disable syslog logging).
Defaults to local2.
check is displayed when s\bsu\bud\bdo\bo is run by
root with the _\b-_\bV option.
- env_delete Environment variables to be removed from
- the user's environment. The argument may
- be a double-quoted, space-separated list
- or a single value without double-quotes.
- The list can be replaced, added to,
-1.6.9p10 December 17, 2007 17
+1.6.9p11 January 5, 2008 17
SUDOERS(4) MAINTENANCE COMMANDS SUDOERS(4)
+ env_delete Environment variables to be removed from
+ the user's environment. The argument may
+ be a double-quoted, space-separated list
+ or a single value without double-quotes.
+ The list can be replaced, added to,
deleted from, or disabled by using the =,
+=, -=, and ! operators respectively. The
default list of environment variables to
Below are example _\bs_\bu_\bd_\bo_\be_\br_\bs entries. Admittedly, some of
these are a bit contrived. First, we define our _\ba_\bl_\bi_\ba_\bs_\be_\bs:
- # User alias specification
- User_Alias FULLTIMERS = millert, mikef, dowdy
- User_Alias PARTTIMERS = bostley, jwfox, crawl
- User_Alias WEBMASTERS = will, wendy, wim
-
-1.6.9p10 December 17, 2007 18
+1.6.9p11 January 5, 2008 18
SUDOERS(4) MAINTENANCE COMMANDS SUDOERS(4)
+ # User alias specification
+ User_Alias FULLTIMERS = millert, mikef, dowdy
+ User_Alias PARTTIMERS = bostley, jwfox, crawl
+ User_Alias WEBMASTERS = will, wendy, wim
+
# Runas alias specification
Runas_Alias OP = root, operator
Runas_Alias DB = oracle, sybase
Defaults@SERVERS log_year, logfile=/var/log/sudo.log
Defaults!PAGERS noexec
- The _\bU_\bs_\be_\br _\bs_\bp_\be_\bc_\bi_\bf_\bi_\bc_\ba_\bt_\bi_\bo_\bn is the part that actually deter
- mines who may run what.
-
- root ALL = (ALL) ALL
- %wheel ALL = (ALL) ALL
-1.6.9p10 December 17, 2007 19
+1.6.9p11 January 5, 2008 19
SUDOERS(4) MAINTENANCE COMMANDS SUDOERS(4)
+ The _\bU_\bs_\be_\br _\bs_\bp_\be_\bc_\bi_\bf_\bi_\bc_\ba_\bt_\bi_\bo_\bn is the part that actually deter
+ mines who may run what.
+
+ root ALL = (ALL) ALL
+ %wheel ALL = (ALL) ALL
+
We let r\bro\boo\bot\bt and any user in group w\bwh\bhe\bee\bel\bl run any command on
any host as any user.
bob SPARC = (OP) ALL : SGI = (OP) ALL
- The user b\bbo\bob\bb may run anything on the _\bS_\bP_\bA_\bR_\bC and _\bS_\bG_\bI
- machines as any user listed in the _\bO_\bP Runas_Alias (r\bro\boo\bot\bt
- and o\bop\bpe\ber\bra\bat\bto\bor\br).
- jim +biglab = ALL
+1.6.9p11 January 5, 2008 20
-1.6.9p10 December 17, 2007 20
+SUDOERS(4) MAINTENANCE COMMANDS SUDOERS(4)
-SUDOERS(4) MAINTENANCE COMMANDS SUDOERS(4)
+ The user b\bbo\bob\bb may run anything on the _\bS_\bP_\bA_\bR_\bC and _\bS_\bG_\bI
+ machines as any user listed in the _\bO_\bP Runas_Alias (r\bro\boo\bot\bt
+ and o\bop\bpe\ber\bra\bat\bto\bor\br).
+ jim +biglab = ALL
The user j\bji\bim\bm may run any command on machines in the _\bb_\bi_\bg_\bl_\ba_\bb
netgroup. s\bsu\bud\bdo\bo knows that "biglab" is a netgroup due to
(will, wendy, and wim), may run any command as user www
(which owns the web pages) or simply _\bs_\bu(1) to www.
- ALL CDROM = NOPASSWD: /sbin/umount /CDROM,\
- /sbin/mount -o nosuid\,nodev /dev/cd0a /CDROM
-
- Any user may mount or unmount a CD-ROM on the machines in
- the CDROM Host_Alias (orion, perseus, hercules) without
- entering a password. This is a bit tedious for users to
-1.6.9p10 December 17, 2007 21
+1.6.9p11 January 5, 2008 21
SUDOERS(4) MAINTENANCE COMMANDS SUDOERS(4)
+ ALL CDROM = NOPASSWD: /sbin/umount /CDROM,\
+ /sbin/mount -o nosuid\,nodev /dev/cd0a /CDROM
+
+ Any user may mount or unmount a CD-ROM on the machines in
+ the CDROM Host_Alias (orion, perseus, hercules) without
+ entering a password. This is a bit tedious for users to
type, so it is a prime candidate for encapsulating in a
shell script.
that this applies only to native dynamically-
linked executables. Statically-linked executa
bles and foreign executables running under
- binary emulation are not affected.
- To tell whether or not s\bsu\bud\bdo\bo supports _\bn_\bo_\be_\bx_\be_\bc, you
- can run the following as root:
- sudo -V | grep "dummy exec"
+1.6.9p11 January 5, 2008 22
-1.6.9p10 December 17, 2007 22
+SUDOERS(4) MAINTENANCE COMMANDS SUDOERS(4)
-SUDOERS(4) MAINTENANCE COMMANDS SUDOERS(4)
+ binary emulation are not affected.
+
+ To tell whether or not s\bsu\bud\bdo\bo supports _\bn_\bo_\be_\bx_\be_\bc, you
+ can run the following as root:
+ sudo -V | grep "dummy exec"
If the resulting output contains a line that
begins with:
C\bCA\bAV\bVE\bEA\bAT\bTS\bS
The _\bs_\bu_\bd_\bo_\be_\br_\bs file should a\bal\blw\bwa\bay\bys\bs be edited by the v\bvi\bis\bsu\bud\bdo\bo
- command which locks the file and does grammatical check
- ing. It is imperative that _\bs_\bu_\bd_\bo_\be_\br_\bs be free of syntax
- errors since s\bsu\bud\bdo\bo will not run with a syntactically incor
- rect _\bs_\bu_\bd_\bo_\be_\br_\bs file.
-
- When using netgroups of machines (as opposed to users), if
- you store fully qualified hostnames in the netgroup (as is
- usually the case), you either need to have the machine's
+ command which locks the file and does grammatical
-1.6.9p10 December 17, 2007 23
+1.6.9p11 January 5, 2008 23
SUDOERS(4) MAINTENANCE COMMANDS SUDOERS(4)
+ checking. It is imperative that _\bs_\bu_\bd_\bo_\be_\br_\bs be free of syntax
+ errors since s\bsu\bud\bdo\bo will not run with a syntactically incor
+ rect _\bs_\bu_\bd_\bo_\be_\br_\bs file.
+
+ When using netgroups of machines (as opposed to users), if
+ you store fully qualified hostnames in the netgroup (as is
+ usually the case), you either need to have the machine's
hostname be fully qualified as returned by the hostname
command or use the _\bf_\bq_\bd_\bn option in _\bs_\bu_\bd_\bo_\be_\br_\bs.
-
-
-
-
-
-
-
-1.6.9p10 December 17, 2007 24
+1.6.9p11 January 5, 2008 24
.\" Agency (DARPA) and Air Force Research Laboratory, Air Force
.\" Materiel Command, USAF, under agreement number F39502-99-1-0512.
.\"
-.\" $Sudo: sudoers.man.in,v 1.45.2.19 2007/12/17 22:11:10 millert Exp $
+.\" $Sudo: sudoers.man.in,v 1.45.2.21 2008/01/05 23:59:42 millert Exp $
.\" Automatically generated by Pod::Man v1.37, Pod::Parser v1.32
.\"
.\" Standard preamble:
.\" ========================================================================
.\"
.IX Title "SUDOERS @mansectform@"
-.TH SUDOERS @mansectform@ "December 17, 2007" "1.6.9p10" "MAINTENANCE COMMANDS"
+.TH SUDOERS @mansectform@ "January 5, 2008" "1.6.9p11" "MAINTENANCE COMMANDS"
.SH "NAME"
sudoers \- list of which users may execute what
.SH "DESCRIPTION"
.el .IP "\f(CW%h\fR" 4
.IX Item "%h"
expanded to the local hostname without the domain name
+.ie n .IP "%p" 4
+.el .IP "\f(CW%p\fR" 4
+.IX Item "%p"
+expanded to the user whose password is being asked for (respects the
+\&\fIrootpw\fR, \fItargetpw\fR and \fIrunaspw\fR flags in \fIsudoers\fR)
.ie n .IP "%U" 4
.el .IP "\f(CW%U\fR" 4
.IX Item "%U"
Agency (DARPA) and Air Force Research Laboratory, Air Force
Materiel Command, USAF, under agreement number F39502-99-1-0512.
-$Sudo: sudoers.pod,v 1.95.2.22 2007/12/02 17:13:52 millert Exp $
+$Sudo: sudoers.pod,v 1.95.2.23 2008/01/05 23:59:42 millert Exp $
=pod
=head1 NAME
expanded to the local hostname without the domain name
+=item C<%p>
+
+expanded to the user whose password is being asked for (respects the
+I<rootpw>, I<targetpw> and I<runaspw> flags in I<sudoers>)
+
=item C<%U>
expanded to the login name of the user the command will
* Agency (DARPA) and Air Force Research Laboratory, Air Force
* Materiel Command, USAF, under agreement number F39502-99-1-0512.
*
- * $Sudo: version.h,v 1.66.2.13 2007/12/17 19:18:14 millert Exp $
+ * $Sudo: version.h,v 1.66.2.14 2008/01/05 23:31:52 millert Exp $
*/
#ifndef _SUDO_VERSION_H
#define _SUDO_VERSION_H
-static const char version[] = "1.6.9p10";
+static const char version[] = "1.6.9p11";
#endif /* _SUDO_VERSION_H */
-1.6.9p10 December 17, 2007 1
+1.6.9p11 January 5, 2008 1
-1.6.9p10 December 17, 2007 2
+1.6.9p11 January 5, 2008 2
-1.6.9p10 December 17, 2007 3
+1.6.9p11 January 5, 2008 3
.\" Agency (DARPA) and Air Force Research Laboratory, Air Force
.\" Materiel Command, USAF, under agreement number F39502-99-1-0512.
.\"
-.\" $Sudo: visudo.man.in,v 1.20.2.14 2007/12/17 22:11:10 millert Exp $
+.\" $Sudo: visudo.man.in,v 1.20.2.16 2008/01/05 23:59:42 millert Exp $
.\" Automatically generated by Pod::Man v1.37, Pod::Parser v1.32
.\"
.\" Standard preamble:
.\" ========================================================================
.\"
.IX Title "VISUDO @mansectsu@"
-.TH VISUDO @mansectsu@ "December 17, 2007" "1.6.9p10" "MAINTENANCE COMMANDS"
+.TH VISUDO @mansectsu@ "January 5, 2008" "1.6.9p11" "MAINTENANCE COMMANDS"
.SH "NAME"
visudo \- edit the sudoers file
.SH "SYNOPSIS"