Annotation of src/usr.bin/sudo/def_data.in, Revision 1.9
1.1 millert 1: #
2: # Format:
3: #
4: # var_name
5: # TYPE
6: # description (or NULL)
1.3 millert 7: # array of struct def_values if TYPE == T_TUPLE
1.1 millert 8: #
1.9 ! millert 9: # NOTE: for tuples that can be used in a boolean context the first
! 10: # value corresponds to boolean FALSE and the second to TRUE.
! 11: #
1.1 millert 12:
13: syslog
14: T_LOGFAC|T_BOOL
15: "Syslog facility if syslog is being used for logging: %s"
16: syslog_goodpri
17: T_LOGPRI
18: "Syslog priority to use when user authenticates successfully: %s"
19: syslog_badpri
20: T_LOGPRI
21: "Syslog priority to use when user authenticates unsuccessfully: %s"
22: long_otp_prompt
23: T_FLAG
24: "Put OTP prompt on its own line"
25: ignore_dot
26: T_FLAG
27: "Ignore '.' in $PATH"
28: mail_always
29: T_FLAG
30: "Always send mail when sudo is run"
31: mail_badpass
32: T_FLAG
33: "Send mail if user authentication fails"
34: mail_no_user
35: T_FLAG
36: "Send mail if the user is not in sudoers"
37: mail_no_host
38: T_FLAG
39: "Send mail if the user is not in sudoers for this host"
40: mail_no_perms
41: T_FLAG
42: "Send mail if the user is not allowed to run a command"
43: tty_tickets
44: T_FLAG
45: "Use a separate timestamp for each user/tty combo"
46: lecture
1.3 millert 47: T_TUPLE|T_BOOL
1.1 millert 48: "Lecture user the first time they run sudo"
1.3 millert 49: never once always
50: lecture_file
51: T_STR|T_PATH|T_BOOL
52: "File containing the sudo lecture: %s"
1.1 millert 53: authenticate
54: T_FLAG
55: "Require users to authenticate by default"
56: root_sudo
57: T_FLAG
58: "Root may run sudo"
59: log_host
60: T_FLAG
61: "Log the hostname in the (non-syslog) log file"
62: log_year
63: T_FLAG
64: "Log the year in the (non-syslog) log file"
65: shell_noargs
66: T_FLAG
67: "If sudo is invoked with no arguments, start a shell"
68: set_home
69: T_FLAG
70: "Set $HOME to the target user when starting a shell with -s"
71: always_set_home
72: T_FLAG
73: "Always set $HOME to the target user's home directory"
74: path_info
75: T_FLAG
76: "Allow some information gathering to give useful error messages"
77: fqdn
78: T_FLAG
79: "Require fully-qualified hostnames in the sudoers file"
80: insults
81: T_FLAG
82: "Insult the user when they enter an incorrect password"
83: requiretty
84: T_FLAG
85: "Only allow the user to run sudo if they have a tty"
86: env_editor
87: T_FLAG
88: "Visudo will honor the EDITOR environment variable"
89: rootpw
90: T_FLAG
91: "Prompt for root's password, not the users's"
92: runaspw
93: T_FLAG
94: "Prompt for the runas_default user's password, not the users's"
95: targetpw
96: T_FLAG
97: "Prompt for the target user's password, not the users's"
98: use_loginclass
99: T_FLAG
100: "Apply defaults in the target user's login class if there is one"
101: set_logname
102: T_FLAG
103: "Set the LOGNAME and USER environment variables"
104: stay_setuid
105: T_FLAG
106: "Only set the effective uid to the target user, not the real uid"
107: preserve_groups
108: T_FLAG
109: "Don't initialize the group vector to that of the target user"
110: loglinelen
111: T_UINT|T_BOOL
112: "Length at which to wrap log file lines (0 for no wrap): %d"
113: timestamp_timeout
114: T_INT|T_BOOL
115: "Authentication timestamp timeout: %d minutes"
116: passwd_timeout
117: T_UINT|T_BOOL
118: "Password prompt timeout: %d minutes"
119: passwd_tries
120: T_UINT
121: "Number of tries to enter a password: %d"
122: umask
123: T_MODE|T_BOOL
124: "Umask to use or 0777 to use user's: 0%o"
125: logfile
126: T_STR|T_BOOL|T_PATH
127: "Path to log file: %s"
128: mailerpath
129: T_STR|T_BOOL|T_PATH
130: "Path to mail program: %s"
131: mailerflags
132: T_STR|T_BOOL
133: "Flags for mail program: %s"
134: mailto
135: T_STR|T_BOOL
136: "Address to send mail to: %s"
1.9 ! millert 137: mailfrom
! 138: T_STR|T_BOOL
! 139: "Address to send mail from: %s"
1.1 millert 140: mailsub
141: T_STR
142: "Subject line for mail messages: %s"
143: badpass_message
144: T_STR
145: "Incorrect password message: %s"
146: timestampdir
147: T_STR|T_PATH
148: "Path to authentication timestamp dir: %s"
1.2 millert 149: timestampowner
150: T_STR
151: "Owner of the authentication timestamp dir: %s"
1.1 millert 152: exempt_group
153: T_STR|T_BOOL
154: "Users in this group are exempt from password and PATH requirements: %s"
155: passprompt
156: T_STR
157: "Default password prompt: %s"
1.7 millert 158: passprompt_override
159: T_FLAG
160: "If set, passprompt will override system prompt in all cases."
1.1 millert 161: runas_default
162: T_STR
163: "Default user to run commands as: %s"
1.9 ! millert 164: secure_path
! 165: T_STR|T_BOOL
! 166: "Value to override user's $PATH with: %s"
1.1 millert 167: editor
168: T_STR|T_PATH
169: "Path to the editor for use by visudo: %s"
1.3 millert 170: listpw
171: T_TUPLE|T_BOOL
172: "When to require a password for 'list' pseudocommand: %s"
173: never any all always
174: verifypw
175: T_TUPLE|T_BOOL
176: "When to require a password for 'verify' pseudocommand: %s"
1.4 millert 177: never all any always
1.3 millert 178: noexec
179: T_FLAG
180: "Preload the dummy exec functions contained in 'noexec_file'"
181: noexec_file
182: T_STR|T_PATH
183: "File containing dummy exec functions: %s"
1.6 millert 184: ignore_local_sudoers
185: T_FLAG
186: "If LDAP directory is up, do we ignore local sudoers file"
1.9 ! millert 187: closefrom
! 188: T_INT
! 189: "File descriptors >= %d will be closed before executing a command"
! 190: closefrom_override
! 191: T_FLAG
! 192: "If set, users may override the value of `closefrom' with the -C option"
1.6 millert 193: setenv
194: T_FLAG
195: "Allow users to set arbitrary environment variables"
196: env_reset
197: T_FLAG
198: "Reset the environment to a default set of variables"
1.1 millert 199: env_check
200: T_LIST|T_BOOL
201: "Environment variables to check for sanity:"
202: env_delete
203: T_LIST|T_BOOL
204: "Environment variables to remove:"
205: env_keep
206: T_LIST|T_BOOL
207: "Environment variables to preserve:"
1.8 millert 208: role
209: T_STR
210: "SELinux role to use in the new security context: %s"
211: type
212: T_STR
213: "SELinux type to use in the new security context: %s"
1.9 ! millert 214: askpass
! 215: T_STR|T_PATH|T_BOOL
! 216: "Path to the askpass helper program: %s"
! 217: env_file
! 218: T_STR|T_PATH|T_BOOL
! 219: "Path to the sudo-specific environment file: %s"
! 220: sudoers_locale
! 221: T_STR
! 222: "Locale to use while parsing sudoers: %s"
! 223: visiblepw
! 224: T_FLAG
! 225: "Allow sudo to prompt for a password even if it would be visisble"