Adding upstream version 1.8.27.upstream/1.8.27upstream

Signed-off-by: Daniel Baumann <daniel.baumann@progress-linux.org>

1 files changed, 226 insertions, 0 deletions

diff --git a/doc/visudo.cat b/doc/visudo.cat
new file mode 100644
index 0000000..ac5eca3
--- /dev/null
+++ b/doc/visudo.cat
@@ -0,0 +1,226 @@
+VISUDO(1m)                   System Manager's Manual                  VISUDO(1m)
+
+NNAAMMEE
+     vviissuuddoo - edit the sudoers file
+
+SSYYNNOOPPSSIISS
+     vviissuuddoo [--cchhqqssVV] [[--ff] _s_u_d_o_e_r_s]
+
+DDEESSCCRRIIPPTTIIOONN
+     vviissuuddoo edits the _s_u_d_o_e_r_s file in a safe fashion, analogous to vipw(1m).
+     vviissuuddoo locks the _s_u_d_o_e_r_s file against multiple simultaneous edits,
+     provides basic sanity checks, and checks for parse errors.  If the
+     _s_u_d_o_e_r_s file is currently being edited you will receive a message to try
+     again later.
+
+     vviissuuddoo parses the _s_u_d_o_e_r_s file after editing and will not save the
+     changes if there is a syntax error.  Upon finding an error, vviissuuddoo will
+     print a message stating the line number(s) where the error occurred and
+     the user will receive the "What now?" prompt.  At this point the user may
+     enter `e' to re-edit the _s_u_d_o_e_r_s file, `x' to exit without saving the
+     changes, or `Q' to quit and save changes.  The `Q' option should be used
+     with extreme caution because if vviissuuddoo believes there to be a parse
+     error, so will ssuuddoo and no one will be able to run ssuuddoo again until the
+     error is fixed.  If `e' is typed to edit the _s_u_d_o_e_r_s file after a parse
+     error has been detected, the cursor will be placed on the line where the
+     error occurred (if the editor supports this feature).
+
+     There are two _s_u_d_o_e_r_s settings that determine which editor vviissuuddoo will
+     run.
+
+     editor    A colon (`:') separated list of editors allowed to be used with
+               vviissuuddoo.  vviissuuddoo will choose the editor that matches the user's
+               SUDO_EDITOR, VISUAL or EDITOR environment variable if possible,
+               or the first editor in the list that exists and is executable.
+               Note that the SUDO_EDITOR, VISUAL and EDITOR environment
+               variables are not preserved by default when the _e_n_v___r_e_s_e_t
+               _s_u_d_o_e_r_s option is enabled.  The default editor path is _v_i which
+               can be set at compile time via the --with-editor configure
+               option.
+
+     env_editor
+               If set, vviissuuddoo will use the value of the SUDO_EDITOR, VISUAL or
+               EDITOR environment variables before falling back on the default
+               editor list.  Note that this may create a security hole as it
+               allows the user to run any arbitrary command as root without
+               logging.  A safer alternative is to place a colon-separated
+               list of editors in the _e_d_i_t_o_r variable.  vviissuuddoo will then only
+               use SUDO_EDITOR, VISUAL or EDITOR if they match a value
+               specified in _e_d_i_t_o_r.  If the _e_n_v___r_e_s_e_t flag is enabled, the
+               SUDO_EDITOR, VISUAL and/or EDITOR environment variables must be
+               present in the _e_n_v___k_e_e_p list for the _e_n_v___e_d_i_t_o_r flag to
+               function when vviissuuddoo is invoked via ssuuddoo.  The default value is
+               _o_f_f, which can be set at compile time via the --with-env-editor
+               configure option.
+
+     The options are as follows:
+
+     --cc, ----cchheecckk
+                 Enable _c_h_e_c_k_-_o_n_l_y mode.  The existing _s_u_d_o_e_r_s file (and any
+                 other files it includes) will be checked for syntax errors.
+                 If the path to the _s_u_d_o_e_r_s file was not specified, vviissuuddoo
+                 will also check the file owner and mode.  A message will be
+                 printed to the standard output describing the status of
+                 _s_u_d_o_e_r_s unless the --qq option was specified.  If the check
+                 completes successfully, vviissuuddoo will exit with a value of 0.
+                 If an error is encountered, vviissuuddoo will exit with a value of
+                 1.
+
+     --ff _s_u_d_o_e_r_s, ----ffiillee=_s_u_d_o_e_r_s
+                 Specify an alternate _s_u_d_o_e_r_s file location, see below.  As of
+                 version 1.8.27, the _s_u_d_o_e_r_s path can be specified without
+                 using the --ff option.
+
+     --hh, ----hheellpp  Display a short help message to the standard output and exit.
+
+     --qq, ----qquuiieett
+                 Enable _q_u_i_e_t mode.  In this mode details about syntax errors
+                 are not printed.  This option is only useful when combined
+                 with the --cc option.
+
+     --ss, ----ssttrriicctt
+                 Enable _s_t_r_i_c_t checking of the _s_u_d_o_e_r_s file.  If an alias is
+                 referenced but not actually defined or if there is a cycle in
+                 an alias, vviissuuddoo will consider this a parse error.  Note that
+                 it is not possible to differentiate between an alias and a
+                 host name or user name that consists solely of uppercase
+                 letters, digits, and the underscore (`_') character.
+
+     --VV, ----vveerrssiioonn
+                 Print the vviissuuddoo and _s_u_d_o_e_r_s grammar versions and exit.
+
+     A _s_u_d_o_e_r_s file may be specified instead of the default, _/_e_t_c_/_s_u_d_o_e_r_s.
+     The lock file used is the specified _s_u_d_o_e_r_s file with ".tmp" appended to
+     it.  In _c_h_e_c_k_-_o_n_l_y mode only, `-' may be used to indicate that _s_u_d_o_e_r_s
+     will be read from the standard input.  Because the policy is evaluated in
+     its entirety, it is not sufficient to check an individual _s_u_d_o_e_r_s include
+     file for syntax errors.
+
+   DDeebbuuggggiinngg aanndd ssuuddooeerrss pplluuggiinn aarrgguummeennttss
+     vviissuuddoo versions 1.8.4 and higher support a flexible debugging framework
+     that is configured via Debug lines in the sudo.conf(4) file.
+
+     Starting with ssuuddoo 1.8.12, vviissuuddoo will also parse the arguments to the
+     _s_u_d_o_e_r_s plugin to override the default _s_u_d_o_e_r_s path name, UID, GID and
+     file mode.  These arguments, if present, should be listed after the path
+     to the plugin (i.e., after _s_u_d_o_e_r_s_._s_o).  Multiple arguments may be
+     specified, separated by white space.  For example:
+
+           Plugin sudoers_policy sudoers.so sudoers_mode=0400
+
+     The following arguments are supported:
+
+     sudoers_file=pathname
+               The _s_u_d_o_e_r_s___f_i_l_e argument can be used to override the default
+               path to the _s_u_d_o_e_r_s file.
+
+     sudoers_uid=uid
+               The _s_u_d_o_e_r_s___u_i_d argument can be used to override the default
+               owner of the sudoers file.  It should be specified as a numeric
+               user ID.
+
+     sudoers_gid=gid
+               The _s_u_d_o_e_r_s___g_i_d argument can be used to override the default
+               group of the sudoers file.  It must be specified as a numeric
+               group ID (not a group name).
+
+     sudoers_mode=mode
+               The _s_u_d_o_e_r_s___m_o_d_e argument can be used to override the default
+               file mode for the sudoers file.  It should be specified as an
+               octal value.
+
+     For more information on configuring sudo.conf(4), please refer to its
+     manual.
+
+EENNVVIIRROONNMMEENNTT
+     The following environment variables may be consulted depending on the
+     value of the _e_d_i_t_o_r and _e_n_v___e_d_i_t_o_r _s_u_d_o_e_r_s settings:
+
+     SUDO_EDITOR      Invoked by vviissuuddoo as the editor to use
+
+     VISUAL           Used by vviissuuddoo if SUDO_EDITOR is not set
+
+     EDITOR           Used by vviissuuddoo if neither SUDO_EDITOR nor VISUAL is set
+
+FFIILLEESS
+     _/_e_t_c_/_s_u_d_o_._c_o_n_f            Sudo front end configuration
+
+     _/_e_t_c_/_s_u_d_o_e_r_s              List of who can run what
+
+     _/_e_t_c_/_s_u_d_o_e_r_s_._t_m_p          Lock file for visudo
+
+DDIIAAGGNNOOSSTTIICCSS
+     In addition to reporting _s_u_d_o_e_r_s parse errors, vviissuuddoo may produce the
+     following messages:
+
+     sudoers file busy, try again later.
+           Someone else is currently editing the _s_u_d_o_e_r_s file.
+
+     /etc/sudoers.tmp: Permission denied
+           You didn't run vviissuuddoo as root.
+
+     you do not exist in the passwd database
+           Your user ID does not appear in the system passwd database.
+
+     Warning: {User,Runas,Host,Cmnd}_Alias referenced but not defined
+           Either you are trying to use an undeclared
+           {User,Runas,Host,Cmnd}_Alias or you have a user or host name listed
+           that consists solely of uppercase letters, digits, and the
+           underscore (`_') character.  In the latter case, you can ignore the
+           warnings (ssuuddoo will not complain).  The message is prefixed with
+           the path name of the _s_u_d_o_e_r_s file and the line number where the
+           undefined alias was used.  In --ss (strict) mode these are errors,
+           not warnings.
+
+     Warning: unused {User,Runas,Host,Cmnd}_Alias
+           The specified {User,Runas,Host,Cmnd}_Alias was defined but never
+           used.  The message is prefixed with the path name of the _s_u_d_o_e_r_s
+           file and the line number where the unused alias was defined.  You
+           may wish to comment out or remove the unused alias.
+
+     Warning: cycle in {User,Runas,Host,Cmnd}_Alias
+           The specified {User,Runas,Host,Cmnd}_Alias includes a reference to
+           itself, either directly or through an alias it includes.  The
+           message is prefixed with the path name of the _s_u_d_o_e_r_s file and the
+           line number where the cycle was detected.  This is only a warning
+           unless vviissuuddoo is run in --ss (strict) mode as ssuuddoo will ignore cycles
+           when parsing the _s_u_d_o_e_r_s file.
+
+     unknown defaults entry "name"
+           The _s_u_d_o_e_r_s file contains a Defaults setting not recognized by
+           vviissuuddoo.
+
+SSEEEE AALLSSOO
+     vi(1), sudo.conf(4), sudoers(4), sudo(1m), vipw(1m)
+
+AAUUTTHHOORRSS
+     Many people have worked on ssuuddoo over the years; this version consists of
+     code written primarily by:
+
+           Todd C. Miller
+
+     See the CONTRIBUTORS file in the ssuuddoo distribution
+     (https://www.sudo.ws/contributors.html) for an exhaustive list of people
+     who have contributed to ssuuddoo.
+
+CCAAVVEEAATTSS
+     There is no easy way to prevent a user from gaining a root shell if the
+     editor used by vviissuuddoo allows shell escapes.
+
+BBUUGGSS
+     If you feel you have found a bug in vviissuuddoo, please submit a bug report at
+     https://bugzilla.sudo.ws/
+
+SSUUPPPPOORRTT
+     Limited free support is available via the sudo-users mailing list, see
+     https://www.sudo.ws/mailman/listinfo/sudo-users to subscribe or search
+     the archives.
+
+DDIISSCCLLAAIIMMEERR
+     vviissuuddoo is provided "AS IS" and any express or implied warranties,
+     including, but not limited to, the implied warranties of merchantability
+     and fitness for a particular purpose are disclaimed.  See the LICENSE
+     file distributed with ssuuddoo or https://www.sudo.ws/license.html for
+     complete details.
+
+Sudo 1.8.26                    December 24, 2018                   Sudo 1.8.26