Provided by: manpages-ja_0.5.0.0.20110915-1_all bug

SUDOERS

       sudo Default_Entry Defaults

       :

       always_set_home sudo  HOME  (-u  root ) sudo -H  off

       authenticate     () PASSWD  NOPASSWD  on

       closefrom_override
                        sudo  -C -C sudo  off

       env_editor      visudo  EDITOR  VISUAL  root env_editor sudoers  editor
                       visudo  EDITOR  VISUAL  editor  off

       env_reset       sudo LOGNAME, SHELL, USER, USERNAME  SUDO_* sudo
                       env_keep  env_check  env_keep env_check root  sudo  -V
                       sudoers secure_path  PATH  on

       fqdn            sudoers myhost myhost.mydomain.edu  () fqdn  sudo  DNS
                       DNS sudo () DNS  (CNAME ) DNS (hostname ) fqdn  off

       ignore_dot       PATH  '.'  '' () sudo PATH  off

       ignore_local_sudoers
                       LDAP /etc/sudoers  sudoers LDAP  /etc/sudoers
                       /etc/sudoers  LDAP  sudo  sudoOption  cn=defaults  off

       insults          sudo  off

       log_host         (syslog ) sudo  off

       log_year         (syslog ) sudo  off

       long_otp_prompt S/Key  OPIE  One Time Password (OTP)  off

       mail_always      sudo mailto  off

       mail_badpass    sudo mailto off

       mail_no_host    sudo  sudoers mailto off

       mail_no_perms   sudo  sudo  sudoers mailto off

       mail_no_user    sudo  sudoers mailto  on

       noexec          sudo EXEC NOEXEC NOEXEC  EXEC  off

       path_info        sudo  PATH  PATH  sudo  on

       passprompt_override
                       passprompt PAM  "Password:" passprompt_override
                       passprompt  off

       preserve_groups sudo  preserve_groups sudo  ID  ID  off

       pwfeedback       Unix sudo  Return ( Enter)  off  sudo pwfeedback sudo
                       off

       requiretty      sudo  tty sudo cron(8)  cgi-bin  off

       root_sudo       root  sudo  "sudo sudo /bin/sh"  sudo root_sudo  off
                       root  sudoedit root_sudo  on

       rootpw          sudo root  off

       runaspw         sudo sudoers  runas_default  ( root )  off

       set_home        sudo  -s  HOME (-u  root )  -s -H  off

       set_logname      sudo  LOGNAME, USER, USERNAME  (-u  root)  ( RCS )
                       LOGNAME set_logname  '!'   env_reset env_keep
                       set_logname on

       setenv           env_reset env_check, env_delete, env_keep  off

       shell_noargs    sudo sudo  -s root  (  SHELL sudo  /etc/passwd ) off

       fast_glob        sudo glob(3)  (glob) glob(3)  () fast_glob sudo
                       fnmatch(3) fast_glob ./ls  ../bin/ls  off

       stay_setuid      sudo  UID  UID  ( root) sudo  UID  UID sudo setuid
                       setuid  setreuid()  setresuid()  off

       targetpw        sudo -u  ( root) -u passwd  uid  off

       tty_tickets      tty sudo  ( /var/run/sudo) sudo  tty  off

       umask_override  sudo  umask  sudoers umask  umask  umask sudoers sudo
                       umask_override  sudo  umask  umask  sudoers  umask  off

       visiblepw        sudo visiblepw sudo rsh(1)  tty "rsh somehost sudo ls"
                       off

       :

       closefrom       sudo ( 0-2 ) closefrom 0-2  3

       passwd_tries    sudo  3

       :

       loglinelen      sudo syslog  80  (  0  '!' )

       passwd_timeout  sudo  5  0

       timestamp_timeout
                       sudo  5  0 0  sudo -v  sudo -k

       umask            umask  umask '!' 0777  0777 umask  umask  umask  umask
                       sudo umask  umask umask 0022 PAM  PAM umask  sudoers

       :

       badpass_message  insults Sorry, try again.

       editor          visudo  (':') visudo  EDITOR  vi

       mailsub         mailto  %h *** SECURITY information for %h ***

       noexec_file      execv(), execve(), fexecve()  () LD_PRELOAD  noexec
                       /usr/local/libexec/sudo_noexec.so

       passprompt      -p  SUDO_PROMPT  (`%')

                       %H   ( fqdn )

                       %h

                       %p   (sudoers rootpw, targetpw, runaspw )

                       %U   ( root)

                       %u  sudo

                       %%   %  %

                       Password:

       runas_default    -u  root runas_default Runas_Alias

       syslog_badpri    syslog  (priority)  alert

       syslog_goodpri   syslog  (priority)  notice

       sudoers_locale  sudoers sudoers  "C"

       timestampdir    sudo  /var/run/sudo

       timestampowner    root

       :

       askpass     askpass sudo () askpass askpass  SUDO_ASKPASS

       env_file    env_file  VARIABLE=value  export VARIABLE=value env_keep
                   env_check sudo

       exempt_group
                    secure_path PATH

       lecture     sudo

                   always

                   never

                   once     sudo

                   once  '!'   never  once

       lecture_file
                    sudo lecture_file sudo

       listpw      sudo  -l

                   all     sudoers NOPASSWD

                   always   -l

                   any     sudoers NOPASSWD

                   never    -l

                    any '!'   never  any

       logfile     sudo  (syslog )  on  '!'  off sudo syslog

       mailerflags  -t

       mailerpath   configure  sendmail

       mailfrom     sudo  @  (") sudo

       mailto      sudo @  (")  root

       secure_path sudo sudo  PATH root  exempt_group  secure_path

       syslog      syslog  syslog  (syslog '!' )  local2

       verifypw    sudo  -v

                   all     sudoers NOPASSWD

                   always   -v

                   any     sudoers NOPASSWD

                   never    -v

                    all '!'   never  all

       :

       env_check        %  /  printf =, +=, -=, !  env_check env_reset root
                       sudo  -V

       env_delete      env_reset =, +=, -=, !  root  sudo  -V  setuid  (sudo )

       env_keep        env_reset sudo =, +=, -=, !  root  sudo  -V

       syslog(3) sudo  syslog  (facility: syslog ) authpriv (OS ) auth,
       daemon, user, local0, local1, local2, local3, local4, local5, local6,
       local7syslog  (priority) alert, crit, debug, emerg, err, info, notice,
       warning

       /etc/sudoers

       /etc/group

       /etc/netgroup

        sudoers

        # User alias
        User_Alias     FULLTIMERS = millert, mikef, dowdy
        User_Alias     PARTTIMERS = bostley, jwfox, crawl
        User_Alias     WEBMASTERS = will, wendy, wim

        # Runas alias
        Runas_Alias    OP = root, operator
        Runas_Alias    DB = oracle, sybase
        Runas_Alias    ADMINGRP = adm, oper

        # Host alias
        Host_Alias     SPARC = bigtime, eclipse, moet, anchor :\
                       SGI = grolsch, dandelion, black :\
                       ALPHA = widget, thalamus, foobar :\
                       HPPA = boa, nag, python
        Host_Alias     CUNETS = 128.138.0.0/255.255.0.0
        Host_Alias     CSNETS = 128.138.243.0, 128.138.204.0/24, 128.138.242.0
        Host_Alias     SERVERS = master, mail, www, ns
        Host_Alias     CDROM = orion, perseus, hercules

        # Cmnd alias
        Cmnd_Alias     DUMPS = /usr/bin/mt, /usr/sbin/dump, /usr/sbin/rdump,\
                               /usr/sbin/restore, /usr/sbin/rrestore
        Cmnd_Alias     KILL = /usr/bin/kill
        Cmnd_Alias     PRINTING = /usr/sbin/lpc, /usr/bin/lprm
        Cmnd_Alias     SHUTDOWN = /usr/sbin/shutdown
        Cmnd_Alias     HALT = /usr/sbin/halt
        Cmnd_Alias     REBOOT = /usr/sbin/reboot
        Cmnd_Alias     SHELLS = /usr/bin/sh, /usr/bin/csh, /usr/bin/ksh, \
                                /usr/local/bin/tcsh, /usr/bin/rsh, \
                                /usr/local/bin/zsh
        Cmnd_Alias     SU = /usr/bin/su
        Cmnd_Alias     PAGERS = /usr/bin/more, /usr/bin/pg, /usr/bin/less

        sudo  syslog(3)  auth sudo  millert  root  LOGNAME, USER, USERNAME
       SERVERS  Host_Alias  PAGERS  Cmnd_Alias  (/usr/bin/more, /usr/bin/pg,
       /usr/bin/less)

        # built-in defaults
        Defaults               syslog=auth
        Defaults>root          !set_logname
        Defaults:FULLTIMERS    !lecture
        Defaults:millert       !authenticate
        Defaults@SERVERS       log_year, logfile=/var/log/sudo.log
        Defaults!PAGERS        noexec

        root           ALL = (ALL) ALL
        %wheel         ALL = (ALL) ALL

       root  wheel

        FULLTIMERS     ALL = NOPASSWD: ALL

        (millert, mikef, dowdy)

        PARTTIMERS     ALL = ALL

        ((bostley, jwfox, crawl)  ( NOPASSWD )

        jack           CSNETS = ALL

        jack CSNETS  ( 128.138.243.0, 128.138.204.0, 128.138.242.0 )
       128.138.204.0  class C  (CIDR ) netmask CSNETS  netmask

        lisa           CUNETS = ALL

        lisa  CUNETS  ( 128.138.0.0  class B )

        operator       ALL = DUMPS, KILL, SHUTDOWN, HALT, REBOOT, PRINTING,\
                       sudoedit /etc/printcap, /usr/oper/bin/

        operator  kill /usr/oper/bin/

        joe            ALL = /usr/bin/su operator

        joe  su(1)  operator

        %opers         ALL = (: ADMINGRP) /usr/sbin/

       opers /usr/sbin/ Runas_Alias ADMINGRP  (adm  oper ) (: sudo-1.7.2p1
       /etc/sudoers  Runas_Alias ADMINGRP adm  oper )

        pete           HPPA = /usr/bin/passwd [A-Za-z]*, !/usr/bin/passwd root

        pete  HPPA  root passwd(1)

        bob            SPARC = (OP) ALL : SGI = (OP) ALL

        bob  SPARC  SGI  Runas_Alias OP  (root  operator )

        jim            +biglab = ALL

        jim  biglab sudo "biglab"  '+'

        +secretaries   ALL = PRINTING, /usr/bin/adduser, /usr/bin/rmuser

       secretaries

        fred           ALL = (DB) NOPASSWD: ALL

        fred  Runas_Alias DB  (oracle  sybase )

        john           ALPHA = /usr/bin/su [!-]*, !/usr/bin/su *root*

        john  ALPHA  su(1)  root su

        jen            ALL, !SERVERS = ALL

        jen  Host_Alias SERVERS  (master, mail, www, ns)

        jill           SERVERS = /usr/bin/, !SU, !SHELLS

       jill  Host_Alias SERVERS  /usr/bin/ SU  SHELLS Cmnd_Aliases

        steve          CSNETS = (operator) /usr/local/op_commands/

        steve  /usr/local/op_commands/ operator

        matt           valkyrie = KILL

       matt  valkyrie  kill

        WEBMASTERS     www = (www) ALL, (root) /usr/bin/su www

        www  User_Alias WEBMASTERS  (will, wendy, wim ) www (web )  su(1)  www

        ALL            CDROM = NOPASSWD: /sbin/umount /CDROM,\
                       /sbin/mount -o nosuid\,nodev /dev/cd0a /CDROM

        Host_Alias  CDROM  (orion, perseus, hercules) CD-ROM

       []:     sudo  /etc/sudoers AAA  aaa  AAA  /etc/sudoers  BBB  aaa sudo
               /bin/ls  aaa  AAA  telnet  ssh  BBB sudo  ls  BBB  /etc/sudoers
               BBB  aaa  sudo  /bin/ls  BBB sudo  BBB  sudo BBB  sudo  BBB
               /etc/sudoers

                 sudoers  sudoers  (sudo )LDAP

        '!'  ALL

           bill        ALL = ALL, !SU, !SHELLS

       SU  SHELLS  bill bill  ( )

       sudo  sudo ()

                  sudo sudoedit

       noexec     ( LD_PRELOAD) sudo  noexec sudo  OS

                 sudo  noexec root

                     sudo -V | grep "dummy exec"

                     File containing dummy exec functions:

                  sudo  exec noexec noexec  SunOS, Solaris, *BSD, Linux, IRIX,
                 Tru64 UNIX, MacOS X, HP-UX 11.x AIX  UnixWare LD_PRELOAD  OS
                 noexec  ( ld.so, ld.so.1, dyld, dld.sl, rld, loader )
                 LD_PRELOAD

                  noexec NOEXEC

                  aaron  shanty = NOEXEC: /usr/bin/more, /usr/bin/vi

                  aaron noexec /usr/bin/more  /usr/bin/vi  ()  noexec noexec

         ( )  sudoedit

       rsh(1), su(1), fnmatch(3), glob(3), sudo(8), visudo(8)

       sudoers  visudo visudo sudoers sudo sudoers

        () netgroup  ( ) hostname sudoers  fqdn

       sudo
       http://www.sudo.ws/sudo/bugs/

        sudo-users  URL
       http://www.sudo.ws/mailman/listinfo/sudo-users

       sudo sudo  LICENSE  Web
       http://www.sudo.ws/sudo/license.html