version 1.2, 2000/01/24 04:22:53 |
version 1.3, 2000/03/27 03:44:38 |
|
|
''' $RCSfile$$Revision$$Date$ |
''' $RCSfile$$Revision$$Date$ |
''' |
''' |
''' $Log$ |
''' $Log$ |
''' Revision 1.2 2000/01/24 04:22:53 millert |
''' Revision 1.3 2000/03/27 03:44:38 millert |
''' sudo 1.6.2 |
''' sudo 1.6.3; see http://www.courtesan.com/sudo/current.html for a list |
|
''' of changes. |
''' |
''' |
''' Revision 1.43 2000/01/17 17:28:41 millert |
''' Revision 1.3 2000/03/27 03:26:23 millert |
''' Crank version to 1.6.2 |
''' Use 8 and 5 in the man page bodies as well. |
''' |
''' |
''' |
''' |
.de Sh |
.de Sh |
|
|
.nr % 0 |
.nr % 0 |
.rr F |
.rr F |
.\} |
.\} |
.TH sudo 8 "1.6.2" "4/Dec/1999" "MAINTENANCE COMMANDS" |
.TH sudo 8 "1.6.3" "26/Mar/2000" "MAINTENANCE COMMANDS" |
.UC |
.UC |
.if n .hy 0 |
.if n .hy 0 |
.if n .na |
.if n .na |
|
|
.SH "NAME" |
.SH "NAME" |
sudo \- execute a command as another user |
sudo \- execute a command as another user |
.SH "SYNOPSIS" |
.SH "SYNOPSIS" |
\fBsudo\fR \fB\-V\fR | \fB\-h\fR | \fB\-l\fR | \fB\-L\fR | \fB\-v\fR | \fB\-k\fR | \fB\-K\fR | \fB\-s\fR | \fB\-H\fR | |
\fBsudo\fR \fB\-V\fR | \fB\-h\fR | \fB\-l\fR | \fB\-L\fR | \fB\-v\fR | \fB\-k\fR | \fB\-K\fR | \fB\-s\fR | |
[ \fB\-b\fR ] | [ \fB\-p\fR prompt ] [ \fB\-u\fR username/#uid] \fIcommand\fR |
[ \fB\-H\fR ] [\fB\-S\fR ] [ \fB\-b\fR ] | [ \fB\-p\fR prompt ] |
|
[ \fB\-u\fR username/#uid ] \fIcommand\fR |
.SH "DESCRIPTION" |
.SH "DESCRIPTION" |
\fBsudo\fR allows a permitted user to execute a \fIcommand\fR as the |
\fBsudo\fR allows a permitted user to execute a \fIcommand\fR as the |
superuser or another user, as specified in the sudoers file. The |
superuser or another user, as specified in the sudoers file. The |
|
|
login name. Similarly, \f(CW%h\fR will be replaced with the local |
login name. Similarly, \f(CW%h\fR will be replaced with the local |
hostname. |
hostname. |
.Ip "-u" 4 |
.Ip "-u" 4 |
The \f(CW-u\fR (\fIuser\fR) option causes sudo to run the specified command |
The \f(CW-u\fR (\fIuser\fR) option causes \fBsudo\fR to run the specified command |
as a user other than \fIroot\fR. To specify a \fIuid\fR instead of a |
as a user other than \fIroot\fR. To specify a \fIuid\fR instead of a |
\fIusername\fR, use \*(L"#uid\*(R". |
\fIusername\fR, use \*(L"#uid\*(R". |
.Ip "-s" 4 |
.Ip "-s" 4 |
|
|
The \f(CW-H\fR (\fI\s-1HOME\s0\fR) option sets the \fI\s-1HOME\s0\fR environment variable |
The \f(CW-H\fR (\fI\s-1HOME\s0\fR) option sets the \fI\s-1HOME\s0\fR environment variable |
to the homedir of the target user (root by default) as specified |
to the homedir of the target user (root by default) as specified |
in \fIpasswd\fR\|(5). By default, \fBsudo\fR does not modify \fI\s-1HOME\s0\fR. |
in \fIpasswd\fR\|(5). By default, \fBsudo\fR does not modify \fI\s-1HOME\s0\fR. |
|
.Ip "-S" 4 |
|
The \f(CW-S\fR (\fIstdin\fR) option causes \fBsudo\fR to read the password from |
|
standard input instead of the terminal device. |
.Ip "--" 4 |
.Ip "--" 4 |
The \f(CW--\fR flag indicates that \fBsudo\fR should stop processing command |
The \f(CW--\fR flag indicates that \fBsudo\fR should stop processing command |
line arguments. It is most useful in conjunction with the \f(CW-s\fR flag. |
line arguments. It is most useful in conjunction with the \f(CW-s\fR flag. |
|
|
behavior or link \fBsudo\fR statically. |
behavior or link \fBsudo\fR statically. |
.PP |
.PP |
\fBsudo\fR will check the ownership of its timestamp directory |
\fBsudo\fR will check the ownership of its timestamp directory |
(\fI/var/run/sudo\fR or \fI/tmp/.odus\fR by default) and ignore the |
(\fI/var/run/sudo\fR by default) and ignore the directory's contents if |
directory's contents if it is not owned by root and only writable |
it is not owned by root and only writable by root. On systems that |
by root. On systems that allow non-root users to give away files |
allow non-root users to give away files via \fIchown\fR\|(2), if the timestamp |
via \fIchown\fR\|(2), if the timestamp directory is located in a directory |
directory is located in a directory writable by anyone (eg: \fI/tmp\fR), |
writable by anyone (ie: \fI/tmp\fR), it is possible for a user to |
it is possible for a user to create the timestamp directory before |
create the timestamp directory before \fBsudo\fR is run. However, |
\fBsudo\fR is run. However, because \fBsudo\fR checks the ownership and |
because \fBsudo\fR checks the ownership and mode of the directory and |
mode of the directory and its contents, the only damage that can |
its contents, the only damage that can be done is to \*(L"hide\*(R" files |
be done is to \*(L"hide\*(R" files by putting them in the timestamp dir. |
by putting them in the timestamp dir. This is unlikely to happen |
This is unlikely to happen since once the timestamp dir is owned |
since once the timestamp dir is owned by root and inaccessible by |
by root and inaccessible by any other user the user placing files |
any other user the user placing files there would be unable to get |
there would be unable to get them back out. To get around this |
them back out. To get around this issue you can use a directory |
issue you can use a directory that is not world-writable for the |
that is not world-writable for the timestamps (\fI/var/adm/sudo\fR for |
timestamps (\fI/var/adm/sudo\fR for instance) or create \fI/var/run/sudo\fR |
instance) or create /tmp/.odus with the appropriate owner (root) |
with the appropriate owner (root) and permissions (0700) in the |
and permissions (0700) in the system startup files. |
system startup files. |
.PP |
.PP |
\fBsudo\fR will not honor timestamps set far in the future. |
\fBsudo\fR will not honor timestamps set far in the future. |
Timestamps with a date greater than current_time + 2 * \f(CWTIMEOUT\fR |
Timestamps with a date greater than current_time + 2 * \f(CWTIMEOUT\fR |
|
|
.PP |
.PP |
.Vb 2 |
.Vb 2 |
\& /etc/sudoers List of who can run what |
\& /etc/sudoers List of who can run what |
\& /var/run/sudo Directory containing timestamps |
\& /var/run/sudo Directory containing timestamps |
.Ve |
.Ve |
\fBsudo\fR utilizes the following environment variables: |
|
.PP |
|
.Vb 13 |
|
\& PATH Set to a sane value if SECURE_PATH is set |
|
\& SHELL Used to determine shell to run with -s option |
|
\& USER Set to the target user (root unless the -u option |
|
\& is specified) |
|
\& HOME In -s or -H mode (or if sudo was configured with |
|
\& the --enable-shell-sets-home option), set to |
|
\& homedir of the target user. |
|
\& SUDO_PROMPT Used as the default password prompt |
|
\& SUDO_COMMAND Set to the command run by sudo |
|
\& SUDO_USER Set to the login of the user who invoked sudo |
|
\& SUDO_UID Set to the uid of the user who invoked sudo |
|
\& SUDO_GID Set to the gid of the user who invoked sudo |
|
\& SUDO_PS1 If set, PS1 will be set to its value |
|
.Ve |
|
.SH "FILES" |
|
.PP |
|
.Vb 3 |
|
\& /etc/sudoers List of who can run what |
|
\& /var/run/sudo Directory containing timestamps |
|
\& /tmp/.odus Same as above if no /var/run exists |
|
.Ve |
|
.SH "AUTHORS" |
.SH "AUTHORS" |
Many people have worked on \fBsudo\fR over the years, this |
Many people have worked on \fBsudo\fR over the years, this |
version consists of code written primarily by: |
version consists of code written primarily by: |
|
|
(if your OS supports the /dev/fd/ directory, setuid shell scripts |
(if your OS supports the /dev/fd/ directory, setuid shell scripts |
are generally safe). |
are generally safe). |
.SH "SEE ALSO" |
.SH "SEE ALSO" |
\fIsudoers\fR\|(5), \fIvisudo\fR\|(8), \fIsu\fR\|(1). |
\\fIsudoers\fR\|(5), \fIvisudo\fR\|(8), \fIsu\fR\|(1). |
|
|
.rn }` '' |
.rn }` '' |
.IX Title "sudo 8" |
.IX Title "sudo 8" |
|
|
|
|
.IX Item "-H" |
.IX Item "-H" |
|
|
|
.IX Item "-S" |
|
|
.IX Item "--" |
.IX Item "--" |
|
|
.IX Header "RETURN VALUES" |
.IX Header "RETURN VALUES" |
|
|
.IX Header "EXAMPLES" |
.IX Header "EXAMPLES" |
|
|
.IX Header "ENVIRONMENT" |
.IX Header "ENVIRONMENT" |
|
|
.IX Header "FILES" |
|
|
|
.IX Header "FILES" |
.IX Header "FILES" |
|
|