sudo.8

A* sudo sudo/* B* adduser script adduser C* rmuser script rmuser E* tout tout/*

.TH SUDO 8
.SH NAME
sudo \- execute a command as the superuser

visudo \- edit the sudoers file

.SH SYNOPSIS
.B sudo 
.I command

.SH DESCRIPTION
.I Sudo
allows a permitted user to execute a 
.I command 
as the superuser.
.I Sudo 
determines who is an authorized user by consulting the file
.I /etc/sudoers.
Sudo will prompt for a user's password to initiate a validation period
of N minutes (where N is defined at installation time and defaults 
to 5 minutes).

The
.I sudoers
file is composed of an optional host alias section, an optional command
alias section and the user specification section. All command or host
aliases need to start with their respective keywords (Host_Alias/Cmnd_Alias).
Note that only the first occurrance of a user name will be significant in
the user specification section.

.nf
user specification format: 
  user access_group [: access_group] ...

    access_group ::= host_type = [op]cmnd_type [,[op]cmnd_type] ... 
       host_type ::= a lower-case host name OR a host alias.
       cmnd_type ::= an command OR a command alias.
              op ::= the logical '!' NOT operator.

host alias section format:
  Host_Alias HOSTALIAS = host-list

      Host_Alias ::= a keyword.
       HOSTALIAS ::= an upper-case alias name.
       host-list ::= a comma separated list of hosts.

command alias section format:
  Cmnd_Alias CMNDALIAS = cmnd-list

      Cmnd_Alias ::= a keyword.
       CMNDALIAS ::= an upper-case alias name.
       cmnd-list ::= a comma separated list commands.

Text after a pound sign '#' is considered a comment.
Long lines can be newline escaped with the backslash '\\' character.
The reserved alias 'ALL' can be used for both {Host,Cmnd}_Alias'.
    DO NOT define an alias of 'ALL', it will NOT be used.
    Note that 'ALL' implies the entire universe of hosts/commands.
    You can subtract elements from the universe by using the syntax:
       user  host=ALL,!ALIAS1,!/etc/halt...
.fi

Examples

    # Host alias specification
    Host_Alias  HUB=houdini.rootgroup.com:\\
                REMOTE=merlin,kodiakthorn,spirit
    Host_Alias  MACHINES=kalkan,alpo,milkbones
    Host_Alias  SERVERS=houdini,merlin,kodiakthorn,spirit

    # Command alias specification
    Cmnd_Alias  LPCS=/usr/etc/lpc,/usr/ucb/lprm
    Cmnd_Alias  SHELLS=/bin/sh,/bin/csh,/bin/tcsh
    Cmnd_Alias  MISC=/bin/rm,/bin/cat:\\
                SHUTDOWN=/etc/halt,/etc/shutdown

    # User specification
    britt       REMOTE=SHUTDOWN:ALL=LPCS
    robh        ALL=ALL,!SHELLS
    nieusma     SERVERS=SHUTDOWN,/etc/reboot:\\
                HUB=ALL,!SHELLS
    jill        houdini.rootgroup.com=/etc/shutdown,MISC
    markm       HUB=ALL,!MISC,!/etc/shutdown,!/etc/halt
    billp       ALL=/usr/local/bin/top:MACHINES=SHELLS
    davehieb    merlin=ALL:SERVERS=/etc/halt:\\
                kodiakthorn=ALL

The above
.I sudoers
file specification is composed of 4 host alias specifications, 4
command alias specifications and 7 user specifications.  Britt is
permitted to execute /etc/halt, /etc/shutdown, /usr/etc/lpc and
/usr/ucb/lprm on the REMOTE machines (merlin, kodiakthorn, and
spirit).  Robh is permitted to execute any command except for the group
of SHELL commands on any machine.  Jill is permitted to execute
/etc/shutdown, /bin/rm, and /bin/cat on houdini.  Davehieb can execute
any command on machines merlin and kodiakthorn and can halt the
SERVERS.

The
.I sudoers
file SHOULD be edited by the 
.I visudo 
command which locks the file and does gramatical checking. This provides
a mechanism for the prevention of stupid syntax errors.

Sudo was designed to log via the 4.3 BSD syslogging facility but
can log to a file instead if so desired.

If an unauthorized user executes sudo, mail will be sent from the user to 
the local authorities (defined at installation time).

All preferences are defined at installation time and are derived from
the sudo.h include file and the Makefile.

.SH FUTURE ENHANCEMENTS
.nf
Allow nesting of host and command aliases.
Allow the host specifier in the sudoers file
    to use universe notation (user ALL,!SERVERS, ... = commands).
Allow user aliases in the sudoers file (like host/command aliases).
Have visudo do more extensive checking on the sudoers file.
.fi

.SH FILES
.nf
/etc/sudoers                 file of authorized users.
/etc/stmp                    lock file for visudo.
/usr/local/bin/sudo          the executable itself.
/usr/local/etc/visudo        utility for modifying the sudoers file.
.fi

.SH AUTHORS
.nf
Jeff Nieusma                 <nieusma@rootgroup.com>
David Hieb                   <davehieb@rootgroup.com>
.fi

.SH DISCLAIMER
This program is distributed in the hope that it will be useful, but
WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
General Public License for more details.

You should have received a copy of the GNU General Public License along
with this program; if not, write to the Free Software Foundation, Inc.,
675 Mass Ave, Cambridge, MA 02139, USA.

.SH CAVEATS
There is no easy way to prevent a user from gaining a root shell if 
that user has access to commands that are shell scripts or that 
allow shell escapes.

.SH SEE ALSO
su(1)