451 files changed, 132685 insertions, 0 deletions

diff --git a/plugins/group_file/Makefile.in b/plugins/group_file/Makefile.in
new file mode 100644
index 0000000..b148fa9
--- /dev/null
+++ b/plugins/group_file/Makefile.in
@@ -0,0 +1,212 @@
+#
+# Copyright (c) 2010-2018 Todd C. Miller <Todd.Miller@sudo.ws>
+#
+# Permission to use, copy, modify, and distribute this software for any
+# purpose with or without fee is hereby granted, provided that the above
+# copyright notice and this permission notice appear in all copies.
+#
+# THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
+# WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
+# MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
+# ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
+# WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
+# ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
+# OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
+#
+# @configure_input@
+#
+
+#### Start of system configuration section. ####
+
+srcdir = @srcdir@
+devdir = @devdir@
+top_builddir = @top_builddir@
+top_srcdir = @top_srcdir@
+incdir = $(top_srcdir)/include
+cross_compiling = @CROSS_COMPILING@
+
+# Compiler & tools to use
+CC = @CC@
+LIBTOOL = @LIBTOOL@
+SED = @SED@
+AWK = @AWK@
+
+# Our install program supports extra flags...
+INSTALL = $(SHELL) $(top_srcdir)/install-sh -c
+INSTALL_OWNER = -o $(install_uid) -g $(install_gid)
+INSTALL_BACKUP = @INSTALL_BACKUP@
+
+# Libraries
+LT_LIBS = $(top_builddir)/lib/util/libsudo_util.la
+LIBS = $(LT_LIBS)
+
+# C preprocessor flags
+CPPFLAGS = -I$(incdir) -I$(top_builddir) -I$(top_srcdir) @CPPFLAGS@
+
+# Usually -O and/or -g
+CFLAGS = @CFLAGS@
+
+# Flags to pass to the link stage
+LDFLAGS = @LDFLAGS@
+LT_LDFLAGS = @LT_LDFLAGS@ @LT_LDEXPORTS@
+
+# Flags to pass to libtool
+LTFLAGS = --tag=disable-static
+
+# Address sanitizer flags
+ASAN_CFLAGS = @ASAN_CFLAGS@
+ASAN_LDFLAGS = @ASAN_LDFLAGS@
+
+# PIE flags
+PIE_CFLAGS = @PIE_CFLAGS@
+PIE_LDFLAGS = @PIE_LDFLAGS@
+
+# Stack smashing protection flags
+SSP_CFLAGS = @SSP_CFLAGS@
+SSP_LDFLAGS = @SSP_LDFLAGS@
+
+# cppcheck options, usually set in the top-level Makefile
+CPPCHECK_OPTS = -q --force --enable=warning,performance,portability --suppress=constStatement --error-exitcode=1 --inline-suppr -Dva_copy=va_copy -U__cplusplus -UQUAD_MAX -UQUAD_MIN -UUQUAD_MAX -U_POSIX_HOST_NAME_MAX -U_POSIX_PATH_MAX -U__NBBY -DNSIG=64
+
+# splint options, usually set in the top-level Makefile
+SPLINT_OPTS = -D__restrict= -checks
+
+# PVS-studio options
+PVS_CFG = $(top_srcdir)/PVS-Studio.cfg
+PVS_IGNORE = 'V707,V011,V002,V536'
+PVS_LOG_OPTS = -a 'GA:1,2' -e -t errorfile -d $(PVS_IGNORE)
+
+# Where to install things...
+prefix = @prefix@
+exec_prefix = @exec_prefix@
+bindir = @bindir@
+sbindir = @sbindir@
+sysconfdir = @sysconfdir@
+libexecdir = @libexecdir@
+datarootdir = @datarootdir@
+localstatedir = @localstatedir@
+plugindir = @PLUGINDIR@
+
+# File mode and map file to use for shared libraries/objects
+shlib_enable = @SHLIB_ENABLE@
+shlib_mode = @SHLIB_MODE@
+shlib_exp = $(srcdir)/group_file.exp
+shlib_map = group_file.map
+shlib_opt = group_file.opt
+
+# User and group ids the installed files should be "owned" by
+install_uid = 0
+install_gid = 0
+
+#### End of system configuration section. ####
+
+SHELL = @SHELL@
+
+OBJS =	group_file.lo getgrent.lo
+
+IOBJS = $(OBJS:.lo=.i)
+
+POBJS = $(IOBJS:.i=.plog)
+
+LIBOBJDIR = $(top_builddir)/@ac_config_libobj_dir@/
+
+VERSION = @PACKAGE_VERSION@
+
+all: group_file.la
+
+Makefile: $(srcdir)/Makefile.in
+	cd $(top_builddir) && ./config.status --file plugins/group_file/Makefile
+
+.SUFFIXES: .c .h .i .lo .plog
+
+.c.lo:
+	$(LIBTOOL) $(LTFLAGS) --mode=compile $(CC) -c $(CPPFLAGS) $(CFLAGS) $(ASAN_CFLAGS) $(PIE_CFLAGS) $(SSP_CFLAGS) $<
+
+.c.i:
+	$(CC) -E -o $@ $(CPPFLAGS) $<
+
+.i.plog:
+	ifile=$<; rm -f $@; pvs-studio --cfg $(PVS_CFG) --sourcetree-root $(top_srcdir) --skip-cl-exe yes --source-file $${ifile%i}c --i-file $< --output-file $@
+
+$(shlib_map): $(shlib_exp)
+	@$(AWK) 'BEGIN { print "{\n\tglobal:" } { print "\t\t"$$0";" } END { print "\tlocal:\n\t\t*;\n};" }' $(shlib_exp) > $@
+
+$(shlib_opt): $(shlib_exp)
+	@$(SED) 's/^/+e /' $(shlib_exp) > $@
+
+group_file.la: $(OBJS) $(LT_LIBS) @LT_LDDEP@
+	$(LIBTOOL) $(LTFLAGS) --mode=link $(CC) $(LDFLAGS) $(ASAN_LDFLAGS) $(SSP_LDFLAGS) $(LT_LDFLAGS) -o $@ $(OBJS) $(LIBS) -module -avoid-version -rpath $(plugindir) -shrext .so
+
+pre-install:
+
+install: install-plugin
+
+install-dirs:
+	$(SHELL) $(top_srcdir)/mkinstalldirs $(DESTDIR)$(plugindir)
+
+install-binaries:
+
+install-includes:
+
+install-doc:
+
+install-plugin: install-dirs group_file.la
+	if [ X"$(shlib_enable)" = X"yes" ]; then \
+	    INSTALL_BACKUP='$(INSTALL_BACKUP)' $(LIBTOOL) $(LTFLAGS) --mode=install $(INSTALL) $(INSTALL_OWNER) -m $(shlib_mode) group_file.la $(DESTDIR)$(plugindir); \
+	fi
+
+uninstall:
+	-$(LIBTOOL) $(LTFLAGS) --mode=uninstall rm -f $(DESTDIR)$(plugindir)/group_file.la
+	-test -z "$(INSTALL_BACKUP)" || \
+	    rm -f $(DESTDIR)$(plugindir)/group_file.so$(INSTALL_BACKUP)
+
+splint:
+	splint $(SPLINT_OPTS) -I$(incdir) -I$(top_builddir) -I$(top_srcdir) $(srcdir)/*.c
+
+cppcheck:
+	cppcheck $(CPPCHECK_OPTS) -I$(incdir) -I$(top_builddir) -I$(top_srcdir) $(srcdir)/*.c
+
+pvs-log-files: $(POBJS)
+
+pvs-studio: $(POBJS)
+	plog-converter $(PVS_LOG_OPTS) $(POBJS)
+
+check:
+
+clean:
+	-$(LIBTOOL) $(LTFLAGS) --mode=clean rm -f *.lo *.o *.la *.a *.i *.plog \
+	    stamp-* core *.core core.*
+
+mostlyclean: clean
+
+distclean: clean
+	-rm -rf Makefile .libs $(shlib_map) $(shlib_opt)
+
+clobber: distclean
+
+realclean: distclean
+	rm -f TAGS tags
+
+cleandir: realclean
+
+# Autogenerated dependencies, do not modify
+getgrent.lo: $(srcdir)/getgrent.c $(incdir)/compat/stdbool.h \
+             $(incdir)/sudo_compat.h $(incdir)/sudo_util.h \
+             $(top_builddir)/config.h
+	$(LIBTOOL) $(LTFLAGS) --mode=compile $(CC) -c $(CPPFLAGS) $(CFLAGS) $(ASAN_CFLAGS) $(PIE_CFLAGS) $(SSP_CFLAGS) $(srcdir)/getgrent.c
+getgrent.i: $(srcdir)/getgrent.c $(incdir)/compat/stdbool.h \
+             $(incdir)/sudo_compat.h $(incdir)/sudo_util.h \
+             $(top_builddir)/config.h
+	$(CC) -E -o $@ $(CPPFLAGS) $<
+getgrent.plog: getgrent.i
+	rm -f $@; pvs-studio --cfg $(PVS_CFG) --sourcetree-root $(top_srcdir) --skip-cl-exe yes --source-file $(srcdir)/getgrent.c --i-file $< --output-file $@
+group_file.lo: $(srcdir)/group_file.c $(incdir)/compat/stdbool.h \
+               $(incdir)/sudo_compat.h $(incdir)/sudo_plugin.h \
+               $(top_builddir)/config.h
+	$(LIBTOOL) $(LTFLAGS) --mode=compile $(CC) -c $(CPPFLAGS) $(CFLAGS) $(ASAN_CFLAGS) $(PIE_CFLAGS) $(SSP_CFLAGS) $(srcdir)/group_file.c
+group_file.i: $(srcdir)/group_file.c $(incdir)/compat/stdbool.h \
+               $(incdir)/sudo_compat.h $(incdir)/sudo_plugin.h \
+               $(top_builddir)/config.h
+	$(CC) -E -o $@ $(CPPFLAGS) $<
+group_file.plog: group_file.i
+	rm -f $@; pvs-studio --cfg $(PVS_CFG) --sourcetree-root $(top_srcdir) --skip-cl-exe yes --source-file $(srcdir)/group_file.c --i-file $< --output-file $@
diff --git a/plugins/group_file/getgrent.c b/plugins/group_file/getgrent.c
new file mode 100644
index 0000000..bcfd17f
--- /dev/null
+++ b/plugins/group_file/getgrent.c
@@ -0,0 +1,183 @@
+/*
+ * Copyright (c) 2005,2008,2010-2015 Todd C. Miller <Todd.Miller@sudo.ws>
+ *
+ * Permission to use, copy, modify, and distribute this software for any
+ * purpose with or without fee is hereby granted, provided that the above
+ * copyright notice and this permission notice appear in all copies.
+ *
+ * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
+ * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
+ * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
+ * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
+ * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
+ * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
+ * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
+ */
+
+/*
+ * This is an open source non-commercial project. Dear PVS-Studio, please check it.
+ * PVS-Studio Static Code Analyzer for C, C++ and C#: http://www.viva64.com
+ */
+
+/*
+ * Trivial replacements for the libc getgr{uid,nam}() routines.
+ */
+
+#include <config.h>
+
+#include <sys/types.h>
+#include <stdio.h>
+#include <stdlib.h>
+#ifdef HAVE_STRING_H
+# include <string.h>
+#endif /* HAVE_STRING_H */
+#ifdef HAVE_STRINGS_H
+# include <strings.h>
+#endif /* HAVE_STRINGS_H */
+#include <fcntl.h>
+#include <limits.h>
+#include <pwd.h>
+#include <grp.h>
+
+#include "sudo_compat.h"
+#include "sudo_util.h"
+
+#undef GRMEM_MAX
+#define GRMEM_MAX 200
+
+static FILE *grf;
+static const char *grfile = "/etc/group";
+static int gr_stayopen;
+
+void mysetgrfile(const char *);
+void mysetgrent(void);
+void myendgrent(void);
+struct group *mygetgrent(void);
+struct group *mygetgrnam(const char *);
+struct group *mygetgrgid(gid_t);
+
+void
+mysetgrfile(const char *file)
+{
+    grfile = file;
+    if (grf != NULL)
+	myendgrent();
+}
+
+void
+mysetgrent(void)
+{
+    if (grf == NULL) {
+	grf = fopen(grfile, "r");
+	if (grf != NULL)
+	    (void)fcntl(fileno(grf), F_SETFD, FD_CLOEXEC);
+    } else {
+	rewind(grf);
+    }
+    gr_stayopen = 1;
+}
+
+void
+myendgrent(void)
+{
+    if (grf != NULL) {
+	fclose(grf);
+	grf = NULL;
+    }
+    gr_stayopen = 0;
+}
+
+struct group *
+mygetgrent(void)
+{
+    static struct group gr;
+    static char grbuf[LINE_MAX], *gr_mem[GRMEM_MAX+1];
+    size_t len;
+    id_t id;
+    char *cp, *colon;
+    const char *errstr;
+    int n;
+
+next_entry:
+    if ((colon = fgets(grbuf, sizeof(grbuf), grf)) == NULL)
+	return NULL;
+
+    memset(&gr, 0, sizeof(gr));
+    if ((colon = strchr(cp = colon, ':')) == NULL)
+	goto next_entry;
+    *colon++ = '\0';
+    gr.gr_name = cp;
+    if ((colon = strchr(cp = colon, ':')) == NULL)
+	goto next_entry;
+    *colon++ = '\0';
+    gr.gr_passwd = cp;
+    if ((colon = strchr(cp = colon, ':')) == NULL)
+	goto next_entry;
+    *colon++ = '\0';
+    id = sudo_strtoid(cp, NULL, NULL, &errstr);
+    if (errstr != NULL)
+	goto next_entry;
+    gr.gr_gid = (gid_t)id;
+    len = strlen(colon);
+    if (len > 0 && colon[len - 1] == '\n')
+	colon[len - 1] = '\0';
+    if (*colon != '\0') {
+	char *last;
+
+	gr.gr_mem = gr_mem;
+	cp = strtok_r(colon, ",", &last);
+	for (n = 0; cp != NULL && n < GRMEM_MAX; n++) {
+	    gr.gr_mem[n] = cp;
+	    cp = strtok_r(NULL, ",", &last);
+	}
+	gr.gr_mem[n++] = NULL;
+    } else
+	gr.gr_mem = NULL;
+    return &gr;
+}
+
+struct group *
+mygetgrnam(const char *name)
+{
+    struct group *gr;
+
+    if (grf == NULL) {
+	if ((grf = fopen(grfile, "r")) == NULL)
+	    return NULL;
+	(void)fcntl(fileno(grf), F_SETFD, FD_CLOEXEC);
+    } else {
+	rewind(grf);
+    }
+    while ((gr = mygetgrent()) != NULL) {
+	if (strcmp(gr->gr_name, name) == 0)
+	    break;
+    }
+    if (!gr_stayopen) {
+	fclose(grf);
+	grf = NULL;
+    }
+    return gr;
+}
+
+struct group *
+mygetgrgid(gid_t gid)
+{
+    struct group *gr;
+
+    if (grf == NULL) {
+	if ((grf = fopen(grfile, "r")) == NULL)
+	    return NULL;
+	(void)fcntl(fileno(grf), F_SETFD, FD_CLOEXEC);
+    } else {
+	rewind(grf);
+    }
+    while ((gr = mygetgrent()) != NULL) {
+	if (gr->gr_gid == gid)
+	    break;
+    }
+    if (!gr_stayopen) {
+	fclose(grf);
+	grf = NULL;
+    }
+    return gr;
+}
diff --git a/plugins/group_file/group_file.c b/plugins/group_file/group_file.c
new file mode 100644
index 0000000..f7621b3
--- /dev/null
+++ b/plugins/group_file/group_file.c
@@ -0,0 +1,132 @@
+/*
+ * Copyright (c) 2010-2014 Todd C. Miller <Todd.Miller@sudo.ws>
+ *
+ * Permission to use, copy, modify, and distribute this software for any
+ * purpose with or without fee is hereby granted, provided that the above
+ * copyright notice and this permission notice appear in all copies.
+ *
+ * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
+ * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
+ * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
+ * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
+ * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
+ * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
+ * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
+ */
+
+/*
+ * This is an open source non-commercial project. Dear PVS-Studio, please check it.
+ * PVS-Studio Static Code Analyzer for C, C++ and C#: http://www.viva64.com
+ */
+
+#include <config.h>
+
+#include <sys/types.h>
+#include <sys/stat.h>
+
+#include <stdio.h>
+#include <stdlib.h>
+#ifdef HAVE_STDBOOL_H
+# include <stdbool.h>
+#else
+# include "compat/stdbool.h"
+#endif /* HAVE_STDBOOL_H */
+#ifdef HAVE_STRING_H
+# include <string.h>
+#endif /* HAVE_STRING_H */
+#ifdef HAVE_STRINGS_H
+# include <strings.h>
+#endif /* HAVE_STRINGS_H */
+#include <unistd.h>
+#include <ctype.h>
+#include <errno.h>
+#include <fcntl.h>
+#include <limits.h>
+#include <grp.h>
+#include <pwd.h>
+
+#include "sudo_plugin.h"
+#include "sudo_compat.h"
+
+/*
+ * Sample sudoers group plugin that uses an extra group file with the
+ * same format as /etc/group.
+ */
+
+static sudo_printf_t sudo_log;
+
+extern void mysetgrfile(const char *);
+extern void mysetgrent(void);
+extern void myendgrent(void);
+extern struct group *mygetgrnam(const char *);
+
+static int
+sample_init(int version, sudo_printf_t sudo_printf, char *const argv[])
+{
+    struct stat sb;
+
+    sudo_log = sudo_printf;
+
+    if (SUDO_API_VERSION_GET_MAJOR(version) != GROUP_API_VERSION_MAJOR) {
+	sudo_log(SUDO_CONV_ERROR_MSG,
+	    "group_file: incompatible major version %d, expected %d\n",
+	    SUDO_API_VERSION_GET_MAJOR(version),
+	    GROUP_API_VERSION_MAJOR);
+	return -1;
+    }
+
+    /* Sanity check the specified group file. */
+    if (argv == NULL || argv[0] == NULL) {
+	sudo_log(SUDO_CONV_ERROR_MSG,
+	    "group_file: path to group file not specified\n");
+	return -1;
+    }
+    if (stat(argv[0], &sb) != 0) {
+	sudo_log(SUDO_CONV_ERROR_MSG,
+	    "group_file: %s: %s\n", argv[0], strerror(errno));
+	return -1;
+    }
+    if ((sb.st_mode & (S_IWGRP|S_IWOTH)) != 0) {
+	sudo_log(SUDO_CONV_ERROR_MSG,
+	    "%s must be only be writable by owner\n", argv[0]);
+	return -1;
+    }
+
+    mysetgrfile(argv[0]);
+    mysetgrent();
+
+    return true;
+}
+
+static void
+sample_cleanup(void)
+{
+    myendgrent();
+}
+
+/*
+ * Returns true if "user" is a member of "group", else false.
+ */
+static int
+sample_query(const char *user, const char *group, const struct passwd *pwd)
+{
+    struct group *grp;
+    char **member;
+
+    grp = mygetgrnam(group);
+    if (grp != NULL && grp->gr_mem != NULL) {
+	for (member = grp->gr_mem; *member != NULL; member++) {
+	    if (strcasecmp(user, *member) == 0)
+		return true;
+	}
+    }
+
+    return false;
+}
+
+__dso_public struct sudoers_group_plugin group_plugin = {
+    GROUP_API_VERSION,
+    sample_init,
+    sample_cleanup,
+    sample_query
+};
diff --git a/plugins/group_file/group_file.exp b/plugins/group_file/group_file.exp
new file mode 100644
index 0000000..a859d6c
--- /dev/null
+++ b/plugins/group_file/group_file.exp
@@ -0,0 +1 @@
+group_plugin
diff --git a/plugins/group_file/plugin_test.c b/plugins/group_file/plugin_test.c
new file mode 100644
index 0000000..129264a
--- /dev/null
+++ b/plugins/group_file/plugin_test.c
@@ -0,0 +1,217 @@
+/*
+ * Copyright (c) 2010-2013 Todd C. Miller <Todd.Miller@sudo.ws>
+ *
+ * Permission to use, copy, modify, and distribute this software for any
+ * purpose with or without fee is hereby granted, provided that the above
+ * copyright notice and this permission notice appear in all copies.
+ *
+ * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
+ * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
+ * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
+ * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
+ * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
+ * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
+ * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
+ */
+
+/*
+ * This is an open source non-commercial project. Dear PVS-Studio, please check it.
+ * PVS-Studio Static Code Analyzer for C, C++ and C#: http://www.viva64.com
+ */
+
+#include <sys/types.h>
+
+#include <stdio.h>
+#include <stdlib.h>
+#include <stdarg.h>
+#include <string.h>
+#include <unistd.h>
+#include <ctype.h>
+#include <dlfcn.h>
+#include <errno.h>
+#include <limits.h>
+#include <pwd.h>
+
+#include "sudo_plugin.h"
+
+__dso_public int main(int argc, char *argv[]);
+
+/*
+ * Simple driver to test sudoer group plugins.
+ * usage: plugin_test [-p "plugin.so plugin_args ..."] user:group ...
+ */
+
+static void *group_handle;
+static struct sudoers_group_plugin *group_plugin;
+
+static int
+plugin_printf(int msg_type, const char *fmt, ...)
+{
+    va_list ap;
+    FILE *fp;
+	    
+    switch (msg_type) {
+    case SUDO_CONV_INFO_MSG:
+	fp = stdout;
+	break;
+    case SUDO_CONV_ERROR_MSG:
+	fp = stderr;
+	break;
+    default:
+	errno = EINVAL;
+	return -1;
+    }
+
+    va_start(ap, fmt);
+    vfprintf(fp, fmt, ap);
+    va_end(ap);
+
+    return 0;
+}
+
+/*
+ * Load the specified plugin and run its init function.
+ * Returns -1 if unable to open the plugin, else it returns
+ * the value from the plugin's init function.
+ */
+static int
+group_plugin_load(char *plugin_info)
+{
+    char *args, path[PATH_MAX], savedch;
+    char **argv = NULL;
+    int rc;
+
+    /*
+     * Fill in .so path and split out args (if any).
+     */
+    if ((args = strpbrk(plugin_info, " \t")) != NULL) {
+	savedch = *args;
+	*args = '\0';
+    }
+    strncpy(path, plugin_info, sizeof(path) - 1);
+    path[sizeof(path) - 1] = '\0';
+    if (args != NULL)
+	*args++ = savedch;
+
+    /* Open plugin and map in symbol. */
+    group_handle = dlopen(path, RTLD_LAZY);
+    if (!group_handle) {
+	fprintf(stderr, "unable to dlopen %s: %s\n", path, dlerror());
+	return -1;
+    }
+    group_plugin = dlsym(group_handle, "group_plugin");
+    if (group_plugin == NULL) {
+	fprintf(stderr, "unable to find symbol \"group_plugin\" in %s\n", path);
+	return -1;
+    }
+
+    if (SUDO_API_VERSION_GET_MAJOR(group_plugin->version) != GROUP_API_VERSION_MAJOR) {
+	fprintf(stderr,
+	    "%s: incompatible group plugin major version %d, expected %d\n",
+	    path, SUDO_API_VERSION_GET_MAJOR(group_plugin->version),
+	    GROUP_API_VERSION_MAJOR);
+	return -1;
+    }
+
+    /*
+     * Split args into a vector if specified.
+     */
+    if (args != NULL) {
+	int ac = 0, wasblank = 1;
+	char *cp;
+
+        for (cp = args; *cp != '\0'; cp++) {
+            if (isblank((unsigned char)*cp)) {
+                wasblank = 1;
+            } else if (wasblank) {
+                wasblank = 0;
+                ac++;
+            }
+        }
+	if (ac != 0) 	{
+	    char *last;
+
+	    argv = malloc(ac * sizeof(char *));
+	    if (argv == NULL) {
+		perror(NULL);
+		return -1;
+	    }
+	    ac = 0;
+	    for ((cp = strtok_r(args, " \t", &last)); cp != NULL; (cp = strtok_r(NULL, " \t", &last)))
+		argv[ac++] = cp;
+	}
+    }
+
+    rc = (group_plugin->init)(GROUP_API_VERSION, plugin_printf, argv);
+
+    free(argv);
+
+    return rc;
+}
+
+static void
+group_plugin_unload(void)
+{
+    (group_plugin->cleanup)();
+    dlclose(group_handle);
+    group_handle = NULL;
+}
+
+static int
+group_plugin_query(const char *user, const char *group,
+    const struct passwd *pwd)
+{
+    return (group_plugin->query)(user, group, pwd);
+}
+
+static void
+usage(void)
+{
+    fprintf(stderr,
+	"usage: plugin_test [-p \"plugin.so plugin_args ...\"] user:group ...\n");
+    exit(1);
+}
+
+int
+main(int argc, char *argv[])
+{
+    int ch, i, found;
+    char *plugin = "group_file.so";
+    char *user, *group;
+    struct passwd *pwd;
+
+    while ((ch = getopt(argc, argv, "p:")) != -1) {
+	switch (ch) {
+	case 'p':
+	    plugin = optarg;
+	    break;
+	default:
+	    usage();
+	}
+    }
+    argc -= optind;
+    argv += optind;
+
+    if (argc < 1)
+	usage();
+
+    if (group_plugin_load(plugin) != 1) {
+	fprintf(stderr, "unable to load plugin: %s\n", plugin);
+	exit(1);
+    }
+
+    for (i = 0; argv[i] != NULL; i++) {
+	user = argv[i];
+	group = strchr(argv[i], ':');
+	if (group == NULL)
+	    continue;
+	*group++ = '\0';
+	pwd = getpwnam(user);
+	found = group_plugin_query(user, group, pwd);
+	printf("user %s %s in group %s\n", user, found ? "is" : "NOT ", group);
+    }
+    group_plugin_unload();
+
+    exit(0);
+}
+
diff --git a/plugins/sample/Makefile.in b/plugins/sample/Makefile.in
new file mode 100644
index 0000000..34a66b1
--- /dev/null
+++ b/plugins/sample/Makefile.in
@@ -0,0 +1,199 @@
+#
+# Copyright (c) 2011-2018 Todd C. Miller <Todd.Miller@sudo.ws>
+#
+# Permission to use, copy, modify, and distribute this software for any
+# purpose with or without fee is hereby granted, provided that the above
+# copyright notice and this permission notice appear in all copies.
+#
+# THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
+# WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
+# MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
+# ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
+# WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
+# ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
+# OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
+#
+# @configure_input@
+#
+
+#### Start of system configuration section. ####
+
+srcdir = @srcdir@
+devdir = @devdir@
+top_builddir = @top_builddir@
+top_srcdir = @top_srcdir@
+incdir = $(top_srcdir)/include
+cross_compiling = @CROSS_COMPILING@
+
+# Compiler & tools to use
+CC = @CC@
+LIBTOOL = @LIBTOOL@
+SED = @SED@
+AWK = @AWK@
+
+# Our install program supports extra flags...
+INSTALL = $(SHELL) $(top_srcdir)/install-sh -c
+INSTALL_OWNER = -o $(install_uid) -g $(install_gid)
+INSTALL_BACKUP = @INSTALL_BACKUP@
+
+# Libraries
+LIBS = $(top_builddir)/lib/util/libsudo_util.la
+
+# C preprocessor flags
+CPPFLAGS = -I$(incdir) -I$(top_builddir) -I$(top_srcdir) @CPPFLAGS@
+
+# Usually -O and/or -g
+CFLAGS = @CFLAGS@
+
+# Flags to pass to the link stage
+LDFLAGS = @LDFLAGS@
+LT_LDFLAGS = @LT_LDFLAGS@ @LT_LDEXPORTS@
+
+# Flags to pass to libtool
+LTFLAGS = --tag=disable-static
+
+# Address sanitizer flags
+ASAN_CFLAGS = @ASAN_CFLAGS@
+ASAN_LDFLAGS = @ASAN_LDFLAGS@
+
+# PIE flags
+PIE_CFLAGS = @PIE_CFLAGS@
+PIE_LDFLAGS = @PIE_LDFLAGS@
+
+# Stack smashing protection flags
+SSP_CFLAGS = @SSP_CFLAGS@
+SSP_LDFLAGS = @SSP_LDFLAGS@
+
+# cppcheck options, usually set in the top-level Makefile
+CPPCHECK_OPTS = -q --force --enable=warning,performance,portability --suppress=constStatement --error-exitcode=1 --inline-suppr -Dva_copy=va_copy -U__cplusplus -UQUAD_MAX -UQUAD_MIN -UUQUAD_MAX -U_POSIX_HOST_NAME_MAX -U_POSIX_PATH_MAX -U__NBBY -DNSIG=64
+
+# splint options, usually set in the top-level Makefile
+SPLINT_OPTS = -D__restrict= -checks
+
+# PVS-studio options
+PVS_CFG = $(top_srcdir)/PVS-Studio.cfg
+PVS_IGNORE = 'V707,V011,V002,V536'
+PVS_LOG_OPTS = -a 'GA:1,2' -e -t errorfile -d $(PVS_IGNORE)
+
+# Where to install things...
+prefix = @prefix@
+exec_prefix = @exec_prefix@
+bindir = @bindir@
+sbindir = @sbindir@
+sysconfdir = @sysconfdir@
+libexecdir = @libexecdir@
+datarootdir = @datarootdir@
+localstatedir = @localstatedir@
+plugindir = @PLUGINDIR@
+
+# File mode and map file to use for shared libraries/objects
+shlib_enable = @SHLIB_ENABLE@
+shlib_mode = @SHLIB_MODE@
+shlib_exp = $(srcdir)/sample_plugin.exp
+shlib_map = sample_plugin.map
+shlib_opt = sample_plugin.opt
+
+# User and group ids the installed files should be "owned" by
+install_uid = 0
+install_gid = 0
+
+#### End of system configuration section. ####
+
+SHELL = @SHELL@
+
+OBJS =	sample_plugin.lo
+
+LIBOBJDIR = $(top_builddir)/@ac_config_libobj_dir@/
+
+VERSION = @PACKAGE_VERSION@
+
+all: sample_plugin.la
+
+Makefile: $(srcdir)/Makefile.in
+	cd $(top_builddir) && ./config.status --file plugins/sample/Makefile
+
+.SUFFIXES: .c .h .i .lo .plog
+
+.c.lo:
+	$(LIBTOOL) $(LTFLAGS) --mode=compile $(CC) -c $(CPPFLAGS) $(CFLAGS) $(ASAN_CFLAGS) $(PIE_CFLAGS) $(SSP_CFLAGS) $<
+
+.c.i:
+	$(CC) -E -o $@ $(CPPFLAGS) $<
+
+.i.plog:
+	ifile=$<; rm -f $@; pvs-studio --cfg $(PVS_CFG) --sourcetree-root $(top_srcdir) --skip-cl-exe yes --source-file $${ifile%i}c --i-file $< --output-file $@
+
+$(shlib_map): $(shlib_exp)
+	@$(AWK) 'BEGIN { print "{\n\tglobal:" } { print "\t\t"$$0";" } END { print "\tlocal:\n\t\t*;\n};" }' $(shlib_exp) > $@
+
+$(shlib_opt): $(shlib_exp)
+	@$(SED) 's/^/+e /' $(shlib_exp) > $@
+
+sample_plugin.la: $(OBJS) @LT_LDDEP@
+	$(LIBTOOL) $(LTFLAGS) --mode=link $(CC) $(LDFLAGS) $(ASAN_LDFLAGS) $(SSP_LDFLAGS) $(LT_LDFLAGS) -o $@ $(OBJS) $(LIBS) -module -avoid-version -rpath $(plugindir) -shrext .so
+
+pre-install:
+
+install: install-plugin
+
+install-dirs:
+	$(SHELL) $(top_srcdir)/mkinstalldirs $(DESTDIR)$(plugindir)
+
+install-binaries:
+
+install-includes:
+
+install-doc:
+
+install-plugin: install-dirs sample_plugin.la
+	if [ X"$(shlib_enable)" = X"yes" ]; then \
+	    INSTALL_BACKUP='$(INSTALL_BACKUP)' $(LIBTOOL) $(LTFLAGS) --mode=install $(INSTALL) $(INSTALL_OWNER) -m $(shlib_mode) sample_plugin.la $(DESTDIR)$(plugindir); \
+	fi
+
+uninstall:
+	-$(LIBTOOL) $(LTFLAGS) --mode=uninstall rm -f $(DESTDIR)$(plugindir)/sample_plugin.la
+	-test -z "$(INSTALL_BACKUP)" || \
+	    rm -f $(DESTDIR)$(plugindir)/sample_plugin.so$(INSTALL_BACKUP)
+
+splint:
+	splint $(SPLINT_OPTS) -I$(incdir) -I$(top_builddir) -I$(top_srcdir) $(srcdir)/*.c
+
+cppcheck:
+	cppcheck $(CPPCHECK_OPTS) -I$(incdir) -I$(top_builddir) -I$(top_srcdir) $(srcdir)/*.c
+
+pvs-log-files: $(POBJS)
+
+pvs-studio: $(POBJS)
+	plog-converter $(PVS_LOG_OPTS) $(POBJS)
+
+check:
+
+clean:
+	-$(LIBTOOL) $(LTFLAGS) --mode=clean rm -f *.lo *.o *.la *.a *.i *.plog \
+	    stamp-* core *.core core.*
+
+mostlyclean: clean
+
+distclean: clean
+	-rm -rf Makefile .libs $(shlib_map) $(shlib_opt)
+
+clobber: distclean
+
+realclean: distclean
+	rm -f TAGS tags
+
+cleandir: realclean
+
+# Autogenerated dependencies, do not modify
+sample_plugin.lo: $(srcdir)/sample_plugin.c $(incdir)/compat/stdbool.h \
+                  $(incdir)/sudo_compat.h $(incdir)/sudo_plugin.h \
+                  $(incdir)/sudo_util.h $(top_builddir)/config.h \
+                  $(top_builddir)/pathnames.h
+	$(LIBTOOL) $(LTFLAGS) --mode=compile $(CC) -c $(CPPFLAGS) $(CFLAGS) $(ASAN_CFLAGS) $(PIE_CFLAGS) $(SSP_CFLAGS) $(srcdir)/sample_plugin.c
+sample_plugin.i: $(srcdir)/sample_plugin.c $(incdir)/compat/stdbool.h \
+                  $(incdir)/sudo_compat.h $(incdir)/sudo_plugin.h \
+                  $(incdir)/sudo_util.h $(top_builddir)/config.h \
+                  $(top_builddir)/pathnames.h
+	$(CC) -E -o $@ $(CPPFLAGS) $<
+sample_plugin.plog: sample_plugin.i
+	rm -f $@; pvs-studio --cfg $(PVS_CFG) --sourcetree-root $(top_srcdir) --skip-cl-exe yes --source-file $(srcdir)/sample_plugin.c --i-file $< --output-file $@
diff --git a/plugins/sample/README b/plugins/sample/README
new file mode 100644
index 0000000..45c2b78
--- /dev/null
+++ b/plugins/sample/README
@@ -0,0 +1,23 @@
+This is a sample sudo policy plugin.  See the sudo_plugin manual for
+information on writing your own plugin.
+
+The sample policy plugin is not built or installed by default.  To
+build and install the plugin, change to the plugins/sample directory
+and run "make".  It can be installed by running "make install" as
+the superuser from the same directory.
+
+To actually use the sample plugin, you'll need to modify the
+/etc/sudo.conf file.  Caution: you should not make changes to
+/etc/sudo.conf without also having a root shell open repair things
+in case of an error.  To enable the plugin, first comment out any
+existing policy Plugin line in /etc/sudo.conf, for example:
+
+    Plugin sudoers_policy sudoers.so
+
+Then add a line for the sample plugin:
+
+    Plugin sample_policy sample_plugin.so
+
+You may need to create /etc/sudo.conf if it does not already exist.
+
+Note that you may only have a single policy plugin defined.
diff --git a/plugins/sample/sample_plugin.c b/plugins/sample/sample_plugin.c
new file mode 100644
index 0000000..7baaa31
--- /dev/null
+++ b/plugins/sample/sample_plugin.c
@@ -0,0 +1,500 @@
+/*
+ * Copyright (c) 2010-2016 Todd C. Miller <Todd.Miller@sudo.ws>
+ *
+ * Permission to use, copy, modify, and distribute this software for any
+ * purpose with or without fee is hereby granted, provided that the above
+ * copyright notice and this permission notice appear in all copies.
+ *
+ * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
+ * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
+ * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
+ * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
+ * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
+ * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
+ * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
+ */
+
+/*
+ * This is an open source non-commercial project. Dear PVS-Studio, please check it.
+ * PVS-Studio Static Code Analyzer for C, C++ and C#: http://www.viva64.com
+ */
+
+#include <config.h>
+
+#include <sys/types.h>
+#include <sys/stat.h>
+#include <sys/wait.h>
+
+#include <stdio.h>
+#include <stdlib.h>
+#ifdef HAVE_STDBOOL_H
+# include <stdbool.h>
+#else
+# include "compat/stdbool.h"
+#endif /* HAVE_STDBOOL_H */
+#ifdef HAVE_STRING_H
+# include <string.h>
+#endif /* HAVE_STRING_H */
+#ifdef HAVE_STRINGS_H
+# include <strings.h>
+#endif /* HAVE_STRINGS_H */
+#include <unistd.h>
+#include <ctype.h>
+#include <fcntl.h>
+#include <limits.h>
+#include <grp.h>
+#include <pwd.h>
+#include <stdarg.h>
+
+#include <pathnames.h>
+#include "sudo_compat.h"
+#include "sudo_plugin.h"
+#include "sudo_util.h"
+
+/*
+ * Sample plugin module that allows any user who knows the password
+ * ("test") to run any command as root.  Since there is no credential
+ * caching the validate and invalidate functions are NULL.
+ */
+
+#ifdef __TANDEM
+# define ROOT_UID       65535
+#else
+# define ROOT_UID       0
+#endif
+
+static struct plugin_state {
+    char **envp;
+    char * const *settings;
+    char * const *user_info;
+} plugin_state;
+static sudo_conv_t sudo_conv;
+static sudo_printf_t sudo_log;
+static FILE *input, *output;
+static uid_t runas_uid = ROOT_UID;
+static gid_t runas_gid = -1;
+static int use_sudoedit = false;
+
+/*
+ * Plugin policy open function.
+ */
+static int
+policy_open(unsigned int version, sudo_conv_t conversation,
+    sudo_printf_t sudo_printf, char * const settings[],
+    char * const user_info[], char * const user_env[], char * const args[])
+{
+    char * const *ui;
+    struct passwd *pw;
+    const char *runas_user = NULL;
+    struct group *gr;
+    const char *runas_group = NULL;
+
+    if (!sudo_conv)
+	sudo_conv = conversation;
+    if (!sudo_log)
+	sudo_log = sudo_printf;
+
+    if (SUDO_API_VERSION_GET_MAJOR(version) != SUDO_API_VERSION_MAJOR) {
+	sudo_log(SUDO_CONV_ERROR_MSG,
+	    "the sample plugin requires API version %d.x\n",
+	    SUDO_API_VERSION_MAJOR);
+	return -1;
+    }
+
+    /* Only allow commands to be run as root. */
+    for (ui = settings; *ui != NULL; ui++) {
+	if (strncmp(*ui, "runas_user=", sizeof("runas_user=") - 1) == 0) {
+	    runas_user = *ui + sizeof("runas_user=") - 1;
+	}
+	if (strncmp(*ui, "runas_group=", sizeof("runas_group=") - 1) == 0) {
+	    runas_group = *ui + sizeof("runas_group=") - 1;
+	}
+	if (strncmp(*ui, "progname=", sizeof("progname=") - 1) == 0) {
+	    initprogname(*ui + sizeof("progname=") - 1);
+	}
+	/* Check to see if sudo was called as sudoedit or with -e flag. */
+	if (strncmp(*ui, "sudoedit=", sizeof("sudoedit=") - 1) == 0) {
+	    if (strcasecmp(*ui + sizeof("sudoedit=") - 1, "true") == 0)
+		use_sudoedit = true;
+	}
+	/* This plugin doesn't support running sudo with no arguments. */
+	if (strncmp(*ui, "implied_shell=", sizeof("implied_shell=") - 1) == 0) {
+	    if (strcasecmp(*ui + sizeof("implied_shell=") - 1, "true") == 0)
+		return -2; /* usage error */
+	}
+    }
+    if (runas_user != NULL) {
+	if ((pw = getpwnam(runas_user)) == NULL) {
+	    sudo_log(SUDO_CONV_ERROR_MSG, "unknown user %s\n", runas_user);
+	    return 0;
+	}
+	runas_uid = pw->pw_uid;
+    }
+    if (runas_group != NULL) {
+	if ((gr = getgrnam(runas_group)) == NULL) {
+	    sudo_log(SUDO_CONV_ERROR_MSG, "unknown group %s\n", runas_group);
+	    return 0;
+	}
+	runas_gid = gr->gr_gid;
+    }
+
+    /* Plugin state. */
+    plugin_state.envp = (char **)user_env;
+    plugin_state.settings = settings;
+    plugin_state.user_info = user_info;
+
+    return 1;
+}
+
+static char *
+find_in_path(char *command, char **envp)
+{
+    struct stat sb;
+    char *path, *path0, **ep, *cp;
+    char pathbuf[PATH_MAX], *qualified = NULL;
+
+    if (strchr(command, '/') != NULL)
+	return command;
+
+    path = _PATH_DEFPATH;
+    for (ep = plugin_state.envp; *ep != NULL; ep++) {
+	if (strncmp(*ep, "PATH=", 5) == 0) {
+	    path = *ep + 5;
+	    break;
+	}
+    }
+    path = path0 = strdup(path);
+    do {
+	if ((cp = strchr(path, ':')))
+	    *cp = '\0';
+	snprintf(pathbuf, sizeof(pathbuf), "%s/%s", *path ? path : ".",
+	    command);
+	if (stat(pathbuf, &sb) == 0) {
+	    if (S_ISREG(sb.st_mode) && (sb.st_mode & 0000111)) {
+		qualified = pathbuf;
+		break;
+	    }
+	}
+	path = cp + 1;
+    } while (cp != NULL);
+    free(path0);
+    return qualified ? strdup(qualified) : NULL;
+}
+
+static int
+check_passwd(void)
+{
+    struct sudo_conv_message msg;
+    struct sudo_conv_reply repl;
+
+    /* Prompt user for password via conversation function. */
+    memset(&msg, 0, sizeof(msg));
+    msg.msg_type = SUDO_CONV_PROMPT_ECHO_OFF;
+    msg.msg = "Password: ";
+    memset(&repl, 0, sizeof(repl));
+    sudo_conv(1, &msg, &repl, NULL);
+    if (repl.reply == NULL) {
+	sudo_log(SUDO_CONV_ERROR_MSG, "missing password\n");
+	return false;
+    }
+    if (strcmp(repl.reply, "test") != 0) {
+	sudo_log(SUDO_CONV_ERROR_MSG, "incorrect password\n");
+	return false;
+    }
+    return true;
+}
+
+static char **
+build_command_info(const char *command)
+{
+    static char **command_info;
+    int i = 0;
+
+    /* Setup command info. */
+    command_info = calloc(32, sizeof(char *));
+    if (command_info == NULL)
+	return NULL;
+    if ((command_info[i++] = sudo_new_key_val("command", command)) == NULL ||
+	asprintf(&command_info[i++], "runas_euid=%ld", (long)runas_uid) == -1 ||
+	asprintf(&command_info[i++], "runas_uid=%ld", (long)runas_uid) == -1) {
+	return NULL;
+    }
+    if (runas_gid != (gid_t)-1) {
+	if (asprintf(&command_info[i++], "runas_gid=%ld", (long)runas_gid) == -1 ||
+	    asprintf(&command_info[i++], "runas_egid=%ld", (long)runas_gid) == -1) {
+	    return NULL;
+	}
+    }
+    if (use_sudoedit) {
+	command_info[i] = strdup("sudoedit=true");
+	if (command_info[i++] == NULL)
+		return NULL;
+    }
+#ifdef USE_TIMEOUT
+    command_info[i++] = "timeout=30";
+#endif
+    return command_info;
+}
+
+static char *
+find_editor(int nfiles, char * const files[], char **argv_out[])
+{
+    char *cp, *last, **ep, **nargv, *editor, *editor_path;
+    int ac, i, nargc, wasblank;
+
+    /* Lookup EDITOR in user's environment. */
+    editor = _PATH_VI;
+    for (ep = plugin_state.envp; *ep != NULL; ep++) {
+	if (strncmp(*ep, "EDITOR=", 7) == 0) {
+	    editor = *ep + 7;
+	    break;
+	}
+    }
+    editor = strdup(editor);
+    if (editor == NULL) {
+	sudo_log(SUDO_CONV_ERROR_MSG, "unable to allocate memory\n");
+	return NULL;
+    }
+
+    /*
+     * Split editor into an argument vector; editor is reused (do not free).
+     * The EDITOR environment variables may contain command
+     * line args so look for those and alloc space for them too.
+     */
+    nargc = 1;
+    for (wasblank = 0, cp = editor; *cp != '\0'; cp++) {
+	if (isblank((unsigned char) *cp))
+	    wasblank = 1;
+	else if (wasblank) {
+	    wasblank = 0;
+	    nargc++;
+	}
+    }
+    /* If we can't find the editor in the user's PATH, give up. */
+    cp = strtok_r(editor, " \t", &last);
+    if (cp == NULL ||
+	(editor_path = find_in_path(editor, plugin_state.envp)) == NULL) {
+	free(editor);
+	return NULL;
+    }
+    if (editor_path != editor)
+	free(editor);
+    nargv = malloc((nargc + 1 + nfiles + 1) * sizeof(char *));
+    if (nargv == NULL) {
+	sudo_log(SUDO_CONV_ERROR_MSG, "unable to allocate memory\n");
+	free(editor_path);
+	return NULL;
+    }
+    for (ac = 0; cp != NULL && ac < nargc; ac++) {
+	nargv[ac] = cp;
+	cp = strtok_r(NULL, " \t", &last);
+    }
+    nargv[ac++] = "--";
+    for (i = 0; i < nfiles; )
+	nargv[ac++] = files[i++];
+    nargv[ac] = NULL;
+
+    *argv_out = nargv;
+    return editor_path;
+}
+
+/*
+ * Plugin policy check function.
+ * Simple example that prompts for a password, hard-coded to "test".
+ */
+static int 
+policy_check(int argc, char * const argv[],
+    char *env_add[], char **command_info_out[],
+    char **argv_out[], char **user_env_out[])
+{
+    char *command;
+
+    if (!argc || argv[0] == NULL) {
+	sudo_log(SUDO_CONV_ERROR_MSG, "no command specified\n");
+	return false;
+    }
+
+    if (!check_passwd())
+	return false;
+
+    command = find_in_path(argv[0], plugin_state.envp);
+    if (command == NULL) {
+	sudo_log(SUDO_CONV_ERROR_MSG, "%s: command not found\n", argv[0]);
+	return false;
+    }
+
+    /* If "sudo vi" is run, auto-convert to sudoedit.  */
+    if (strcmp(command, _PATH_VI) == 0)
+	use_sudoedit = true;
+
+    if (use_sudoedit) {
+	/* Rebuild argv using editor */
+	free(command);
+	command = find_editor(argc - 1, argv + 1, argv_out);
+	if (command == NULL) {
+	    sudo_log(SUDO_CONV_ERROR_MSG, "unable to find valid editor\n");
+	    return -1;
+	}
+	use_sudoedit = true;
+    } else {
+	/* No changes needd to argv */
+	*argv_out = (char **)argv;
+    }
+
+    /* No changes to envp */
+    *user_env_out = plugin_state.envp;
+
+    /* Setup command info. */
+    *command_info_out = build_command_info(command);
+    free(command);
+    if (*command_info_out == NULL) {
+	sudo_log(SUDO_CONV_ERROR_MSG, "out of memory\n");
+	return -1;
+    }
+
+    return true;
+}
+
+static int
+policy_list(int argc, char * const argv[], int verbose, const char *list_user)
+{
+    /*
+     * List user's capabilities.
+     */
+    sudo_log(SUDO_CONV_INFO_MSG, "Validated users may run any command\n");
+    return true;
+}
+
+static int
+policy_version(int verbose)
+{
+    sudo_log(SUDO_CONV_INFO_MSG, "Sample policy plugin version %s\n", PACKAGE_VERSION);
+    return true;
+}
+
+static void
+policy_close(int exit_status, int error)
+{
+    /*
+     * The policy might log the command exit status here.
+     * In this example, we just print a message.
+     */
+    if (error) {
+	sudo_log(SUDO_CONV_ERROR_MSG, "Command error: %s\n", strerror(error));
+    } else {
+        if (WIFEXITED(exit_status)) {
+	    sudo_log(SUDO_CONV_INFO_MSG, "Command exited with status %d\n",
+		WEXITSTATUS(exit_status));
+        } else if (WIFSIGNALED(exit_status)) {
+	    sudo_log(SUDO_CONV_INFO_MSG, "Command killed by signal %d\n",
+		WTERMSIG(exit_status));
+	}
+    }
+}
+
+static int
+io_open(unsigned int version, sudo_conv_t conversation,
+    sudo_printf_t sudo_printf, char * const settings[],
+    char * const user_info[], char * const command_info[],
+    int argc, char * const argv[], char * const user_env[], char * const args[])
+{
+    int fd;
+    char path[PATH_MAX];
+
+    if (!sudo_conv)
+	sudo_conv = conversation;
+    if (!sudo_log)
+	sudo_log = sudo_printf;
+
+    /* Open input and output files. */
+    snprintf(path, sizeof(path), "/var/tmp/sample-%u.output",
+	(unsigned int)getpid());
+    fd = open(path, O_WRONLY|O_CREAT|O_EXCL, 0644);
+    if (fd == -1)
+	return false;
+    output = fdopen(fd, "w");
+
+    snprintf(path, sizeof(path), "/var/tmp/sample-%u.input",
+	(unsigned int)getpid());
+    fd = open(path, O_WRONLY|O_CREAT|O_EXCL, 0644);
+    if (fd == -1)
+	return false;
+    input = fdopen(fd, "w");
+
+    return true;
+}
+
+static void
+io_close(int exit_status, int error)
+{
+    fclose(input);
+    fclose(output);
+}
+
+static int
+io_version(int verbose)
+{
+    sudo_log(SUDO_CONV_INFO_MSG, "Sample I/O plugin version %s\n",
+	PACKAGE_VERSION);
+    return true;
+}
+
+static int
+io_log_input(const char *buf, unsigned int len)
+{
+    ignore_result(fwrite(buf, len, 1, input));
+    return true;
+}
+
+static int
+io_log_output(const char *buf, unsigned int len)
+{
+    const char *cp, *ep;
+    bool ret = true;
+
+    ignore_result(fwrite(buf, len, 1, output));
+    /*
+     * If we find the string "honk!" in the buffer, reject it.
+     * In practice we'd want to be able to detect the word
+     * broken across two buffers.
+     */
+    for (cp = buf, ep = buf + len; cp < ep; cp++) {
+	if (cp + 5 < ep && memcmp(cp, "honk!", 5) == 0) {
+	    ret = false;
+	    break;
+	}
+    }
+    return ret;
+}
+
+__dso_public struct policy_plugin sample_policy = {
+    SUDO_POLICY_PLUGIN,
+    SUDO_API_VERSION,
+    policy_open,
+    policy_close,
+    policy_version,
+    policy_check,
+    policy_list,
+    NULL, /* validate */
+    NULL, /* invalidate */
+    NULL, /* init_session */
+    NULL, /* register_hooks */
+    NULL /* deregister_hooks */
+};
+
+/*
+ * Note: This plugin does not differentiate between tty and pipe I/O.
+ *       It all gets logged to the same file.
+ */
+__dso_public struct io_plugin sample_io = {
+    SUDO_IO_PLUGIN,
+    SUDO_API_VERSION,
+    io_open,
+    io_close,
+    io_version,
+    io_log_input,	/* tty input */
+    io_log_output,	/* tty output */
+    io_log_input,	/* command stdin if not tty */
+    io_log_output,	/* command stdout if not tty */
+    io_log_output	/* command stderr if not tty */
+};
diff --git a/plugins/sample/sample_plugin.exp b/plugins/sample/sample_plugin.exp
new file mode 100644
index 0000000..9f85094
--- /dev/null
+++ b/plugins/sample/sample_plugin.exp
@@ -0,0 +1,2 @@
+sample_policy
+sample_io
diff --git a/plugins/sudoers/Makefile.in b/plugins/sudoers/Makefile.in
new file mode 100644
index 0000000..e3f6bb5
--- /dev/null
+++ b/plugins/sudoers/Makefile.in
@@ -0,0 +1,2559 @@
+#
+# Copyright (c) 1996, 1998-2005, 2007-2018
+#       Todd C. Miller <Todd.Miller@sudo.ws>
+#
+# Permission to use, copy, modify, and distribute this software for any
+# purpose with or without fee is hereby granted, provided that the above
+# copyright notice and this permission notice appear in all copies.
+#
+# THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
+# WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
+# MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
+# ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
+# WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
+# ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
+# OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
+#
+# Sponsored in part by the Defense Advanced Research Projects
+# Agency (DARPA) and Air Force Research Laboratory, Air Force
+# Materiel Command, USAF, under agreement number F39502-99-1-0512.
+#
+# @configure_input@
+#
+
+#### Start of system configuration section. ####
+
+srcdir = @srcdir@
+devdir = @devdir@
+authdir = $(srcdir)/auth
+top_builddir = @top_builddir@
+top_srcdir = @top_srcdir@
+incdir = $(top_srcdir)/include
+docdir = @docdir@
+libdir = @libdir@
+rundir = @rundir@
+vardir = @vardir@
+cross_compiling = @CROSS_COMPILING@
+
+# Compiler & tools to use
+CC = @CC@
+LIBTOOL = @LIBTOOL@
+FLEX = @FLEX@
+YACC = @YACC@
+SED = @SED@
+AWK = @AWK@
+PERL = perl
+
+# Our install program supports extra flags...
+INSTALL = $(SHELL) $(top_srcdir)/install-sh -c
+INSTALL_OWNER = -o $(install_uid) -g $(install_gid)
+INSTALL_BACKUP = @INSTALL_BACKUP@
+
+# Libraries
+LT_LIBS = $(top_builddir)/lib/util/libsudo_util.la
+LIBS = $(LT_LIBS)
+NET_LIBS = @NET_LIBS@
+SUDOERS_LIBS = @SUDOERS_LIBS@ @AFS_LIBS@ @GETGROUPS_LIB@ $(LIBS) $(NET_LIBS) @ZLIB@
+REPLAY_LIBS = @REPLAY_LIBS@ @ZLIB@
+VISUDO_LIBS = $(NET_LIBS)
+CVTSUDOERS_LIBS = $(NET_LIBS)
+TESTSUDOERS_LIBS = $(NET_LIBS)
+
+# C preprocessor defines
+CPPDEFS = -DLIBDIR=\"$(libdir)\" -DLOCALEDIR=\"$(localedir)\" \
+	  -D_PATH_SUDOERS=\"$(sudoersdir)/sudoers\" \
+	  -D_PATH_CVTSUDOERS_CONF=\"$(sysconfdir)/cvtsudoers.conf\" \
+	  -DSUDOERS_UID=$(sudoers_uid) -DSUDOERS_GID=$(sudoers_gid) \
+	  -DSUDOERS_MODE=$(sudoers_mode)
+
+# C preprocessor flags
+CPPFLAGS = -I$(incdir) -I$(top_builddir) -I$(devdir) -I$(srcdir) \
+	   -I$(top_srcdir) $(CPPDEFS) @CPPFLAGS@
+
+# Usually -O and/or -g
+CFLAGS = @CFLAGS@
+
+# Flags to pass to the link stage
+LDFLAGS = @LDFLAGS@
+LT_LDFLAGS = @SUDOERS_LDFLAGS@ @LT_LDFLAGS@ @LT_LDEXPORTS@
+
+# Flags to pass to libtool
+LTFLAGS =
+
+# Address sanitizer flags
+ASAN_CFLAGS = @ASAN_CFLAGS@
+ASAN_LDFLAGS = @ASAN_LDFLAGS@
+
+# PIE flags
+PIE_CFLAGS = @PIE_CFLAGS@
+PIE_LDFLAGS = @PIE_LDFLAGS@
+
+# Stack smashing protection flags
+SSP_CFLAGS = @SSP_CFLAGS@
+SSP_LDFLAGS = @SSP_LDFLAGS@
+
+# cppcheck options, usually set in the top-level Makefile
+CPPCHECK_OPTS = -q --force --enable=warning,performance,portability --suppress=constStatement --error-exitcode=1 --inline-suppr -Dva_copy=va_copy -U__cplusplus -UQUAD_MAX -UQUAD_MIN -UUQUAD_MAX -U_POSIX_HOST_NAME_MAX -U_POSIX_PATH_MAX -U__NBBY -DNSIG=64
+
+# splint options, usually set in the top-level Makefile
+SPLINT_OPTS = -D__restrict= -checks
+
+# PVS-studio options
+PVS_CFG = $(top_srcdir)/PVS-Studio.cfg
+PVS_IGNORE = 'V707,V011,V002,V536'
+PVS_LOG_OPTS = -a 'GA:1,2' -e -t errorfile -d $(PVS_IGNORE)
+
+# Where to install things...
+prefix = @prefix@
+exec_prefix = @exec_prefix@
+bindir = @bindir@
+sbindir = @sbindir@
+sysconfdir = @sysconfdir@
+libexecdir = @libexecdir@
+datarootdir = @datarootdir@
+localedir = @localedir@
+localstatedir = @localstatedir@
+
+# File mode and map file to use for shared libraries/objects
+shlib_enable = @SHLIB_ENABLE@
+shlib_mode = @SHLIB_MODE@
+shlib_exp = $(srcdir)/sudoers.exp
+shlib_map = sudoers.map
+shlib_opt = sudoers.opt
+
+# Directory in which to install the sudoers plugin
+plugindir = @PLUGINDIR@
+
+# Directory in which to install the sudoers file
+sudoersdir = $(sysconfdir)
+
+# User and group ids the installed files should be "owned" by
+install_uid = 0
+install_gid = 0
+
+# User, group, and mode the sudoers file should be "owned" by (configure)
+sudoers_uid = @SUDOERS_UID@
+sudoers_gid = @SUDOERS_GID@
+sudoers_mode = @SUDOERS_MODE@
+
+# Set to non-empty for development mode
+DEVEL = @DEVEL@
+
+#### End of system configuration section. ####
+
+SHELL = @SHELL@
+
+PROGS = sudoers.la visudo sudoreplay cvtsudoers testsudoers
+
+TEST_PROGS = check_addr check_base64 check_digest check_env_pattern check_fill \
+	     check_gentime check_hexchar check_iolog_path check_iolog_plugin \
+	     check_iolog_util check_wrap check_starttime @SUDOERS_TEST_PROGS@
+
+AUTH_OBJS = sudo_auth.lo @AUTH_OBJS@
+
+LIBPARSESUDOERS_OBJS = alias.lo audit.lo base64.lo defaults.lo digestname.lo \
+		       filedigest.lo gentime.lo gmtoff.lo gram.lo hexchar.lo \
+		       match.lo match_addr.lo pwutil.lo pwutil_impl.lo \
+		       rcstr.lo redblack.lo sudoers_debug.lo timeout.lo \
+		       timestr.lo toke.lo toke_util.lo
+
+LIBPARSESUDOERS_IOBJS = $(LIBPARSESUDOERS_OBJS:.lo=.i) passwd.i
+
+SUDOERS_OBJS = $(AUTH_OBJS) boottime.lo check.lo editor.lo env.lo \
+	       env_pattern.lo file.lo find_path.lo fmtsudoers.lo gc.lo \
+	       goodpath.lo group_plugin.lo interfaces.lo iolog.lo \
+	       iolog_path.lo locale.lo logging.lo logwrap.lo mkdir_parents.lo \
+	       parse.lo policy.lo prompt.lo set_perms.lo starttime.lo \
+	       sudo_nss.lo sudoers.lo timestamp.lo @SUDOERS_OBJS@
+
+SUDOERS_IOBJS = $(SUDOERS_OBJS:.lo=.i)
+
+VISUDO_OBJS = editor.lo find_path.lo goodpath.lo locale.lo stubs.o \
+	      sudo_printf.o visudo.o
+
+VISUDO_IOBJS = sudo_printf.i visudo.i
+
+CVTSUDOERS_OBJS = cvtsudoers.o cvtsudoers_json.o cvtsudoers_ldif.o \
+		  cvtsudoers_pwutil.o fmtsudoers.lo locale.lo parse_ldif.o \
+		  strlist.o stubs.o sudo_printf.o ldap_util.lo
+
+CVTSUDOERS_IOBJS = cvtsudoers.i cvtsudoers_json.i cvtsudoers_ldif.i \
+		   cvtsudoers_pwutil.i strlist.i
+
+REPLAY_OBJS = getdate.o sudoreplay.o iolog_util.o
+
+REPLAY_IOBJS = $(REPLAY_OBJS:.o=.i)
+
+TEST_OBJS = fmtsudoers.lo group_plugin.lo interfaces.lo ldap_util.lo \
+	    locale.lo net_ifs.o parse_ldif.o strlist.o sudo_printf.o \
+	    testsudoers.o tsgetgrpw.o
+
+IOBJS = $(LIBPARSESUDOERS_IOBJS) $(SUDOERS_IOBJS) $(VISUDO_IOBJS) \
+	$(CVTSUDOERS_IOBJS) $(REPLAY_IOBJS)
+
+POBJS = $(IOBJS:.i=.plog)
+
+TSDUMP_OBJS = tsdump.o sudoers_debug.lo locale.lo
+
+CHECK_ADDR_OBJS = check_addr.o interfaces.lo match_addr.lo sudoers_debug.lo \
+		  sudo_printf.o
+
+CHECK_BASE64_OBJS = check_base64.o base64.lo sudoers_debug.lo
+
+CHECK_DIGEST_OBJS = check_digest.o filedigest.lo digestname.lo sudoers_debug.lo
+
+CHECK_ENV_MATCH_OBJS = check_env_pattern.o env_pattern.lo sudoers_debug.lo
+
+CHECK_FILL_OBJS = check_fill.o hexchar.lo toke_util.lo sudoers_debug.lo
+
+CHECK_GENTIME_OBJS = check_gentime.o gentime.lo gmtoff.lo sudoers_debug.lo
+
+CHECK_HEXCHAR_OBJS = check_hexchar.o hexchar.lo sudoers_debug.lo
+
+CHECK_IOLOG_PATH_OBJS = check_iolog_path.o iolog_path.lo locale.lo \
+			pwutil.lo pwutil_impl.lo redblack.lo sudoers_debug.lo
+
+CHECK_IOLOG_PLUGIN_OBJS = check_iolog_plugin.o iolog.lo iolog_path.lo \
+			  iolog_util.o locale.lo mkdir_parents.lo pwutil.lo \
+			  pwutil_impl.lo redblack.lo sudoers_debug.lo
+
+CHECK_IOLOG_UTIL_OBJS = check_iolog_util.o iolog_util.o locale.lo \
+			sudoers_debug.lo
+
+CHECK_SYMBOLS_OBJS = check_symbols.o
+
+CHECK_STARTTIME_OBJS = check_starttime.o starttime.lo sudoers_debug.lo
+
+CHECK_WRAP_OBJS = check_wrap.o logwrap.lo sudoers_debug.lo
+
+VERSION = @PACKAGE_VERSION@
+PACKAGE_TARNAME = @PACKAGE_TARNAME@
+
+all: $(PROGS)
+
+.SUFFIXES: .c .h .i .l .lo .o .plog .y
+
+.c.o:
+	$(CC) -c $(CPPFLAGS) $(CFLAGS) $(ASAN_CFLAGS) $(PIE_CFLAGS) $(SSP_CFLAGS) $<
+
+.c.lo:
+	$(LIBTOOL) $(LTFLAGS) --mode=compile $(CC) -c $(CPPFLAGS) $(CFLAGS) $(ASAN_CFLAGS) $(PIE_CFLAGS) $(SSP_CFLAGS) $<
+
+.c.i:
+	$(CC) -E -o $@ $(CPPFLAGS) $<
+
+.i.plog:
+	ifile=$<; rm -f $@; pvs-studio --cfg $(PVS_CFG) --sourcetree-root $(top_srcdir) --skip-cl-exe yes --source-file $${ifile%i}c --i-file $< --output-file $@
+
+$(shlib_map): $(shlib_exp)
+	@$(AWK) 'BEGIN { print "{\n\tglobal:" } { print "\t\t"$$0";" } END { print "\tlocal:\n\t\t*;\n};" }' $(shlib_exp) > $@
+
+$(shlib_opt): $(shlib_exp)
+	@$(SED) 's/^/+e /' $(shlib_exp) > $@
+
+# Prevent default rules from building .c files from .l and .y files
+.l.c:
+	@true
+
+.y.c:
+	@true
+
+Makefile: $(srcdir)/Makefile.in
+	cd $(top_builddir) && ./config.status --file plugins/sudoers/Makefile
+
+libparsesudoers.la: $(LIBPARSESUDOERS_OBJS)
+	$(LIBTOOL) $(LTFLAGS) --mode=link $(CC) -o $@ $(LIBPARSESUDOERS_OBJS) -no-install
+
+sudoers.la: $(SUDOERS_OBJS) $(LT_LIBS) libparsesudoers.la @LT_LDDEP@
+	case "$(LT_LDFLAGS)" in \
+	*-no-install*) \
+	    $(LIBTOOL) $(LTFLAGS) @LT_STATIC@ --mode=link $(CC) $(LDFLAGS) $(LT_LDFLAGS) -o $@ $(SUDOERS_OBJS) libparsesudoers.la $(SUDOERS_LIBS) -module;; \
+	*) \
+	    $(LIBTOOL) $(LTFLAGS) @LT_STATIC@ --mode=link $(CC) $(LDFLAGS) $(ASAN_LDFLAGS) $(SSP_LDFLAGS) $(LT_LDFLAGS) -o $@ $(SUDOERS_OBJS) libparsesudoers.la $(SUDOERS_LIBS) -module -avoid-version -rpath $(plugindir) -shrext .so;; \
+	esac
+
+visudo: libparsesudoers.la $(VISUDO_OBJS) $(LT_LIBS)
+	$(LIBTOOL) $(LTFLAGS) --mode=link $(CC) -o $@ $(VISUDO_OBJS) $(LDFLAGS) $(ASAN_LDFLAGS) $(PIE_LDFLAGS) $(SSP_LDFLAGS) libparsesudoers.la $(LIBS) $(VISUDO_LIBS)
+
+cvtsudoers: libparsesudoers.la $(CVTSUDOERS_OBJS) $(LT_LIBS)
+	$(LIBTOOL) $(LTFLAGS) --mode=link $(CC) -o $@ $(CVTSUDOERS_OBJS) $(LDFLAGS) $(ASAN_LDFLAGS) $(PIE_LDFLAGS) $(SSP_LDFLAGS) libparsesudoers.la $(LIBS) $(CVTSUDOERS_LIBS)
+
+sudoreplay: timestr.lo $(REPLAY_OBJS) $(LT_LIBS)
+	$(LIBTOOL) $(LTFLAGS) --mode=link $(CC) -o $@ $(REPLAY_OBJS) $(LDFLAGS) $(ASAN_LDFLAGS) $(PIE_LDFLAGS) $(SSP_LDFLAGS) timestr.lo $(LIBS) $(REPLAY_LIBS)
+
+testsudoers: libparsesudoers.la $(TEST_OBJS) $(LT_LIBS)
+	$(LIBTOOL) $(LTFLAGS) --mode=link $(CC) -o $@ $(TEST_OBJS) $(LDFLAGS) $(ASAN_LDFLAGS) $(PIE_LDFLAGS) $(SSP_LDFLAGS) libparsesudoers.la $(LIBS) $(TESTSUDOERS_LIBS)
+
+tsdump: $(TSDUMP_OBJS) $(LT_LIBS)
+	$(LIBTOOL) $(LTFLAGS) --mode=link $(CC) -o $@ $(TSDUMP_OBJS) $(LDFLAGS) $(ASAN_LDFLAGS) $(PIE_LDFLAGS) $(SSP_LDFLAGS) $(LIBS)
+
+check_addr: $(CHECK_ADDR_OBJS) $(LT_LIBS)
+	$(LIBTOOL) $(LTFLAGS) --mode=link $(CC) -o $@ $(CHECK_ADDR_OBJS) $(LDFLAGS) $(ASAN_LDFLAGS) $(PIE_LDFLAGS) $(SSP_LDFLAGS) $(LIBS) $(NET_LIBS)
+
+check_base64: $(CHECK_BASE64_OBJS) $(LT_LIBS)
+	$(LIBTOOL) $(LTFLAGS) --mode=link $(CC) -o $@ $(CHECK_BASE64_OBJS) $(LDFLAGS) $(ASAN_LDFLAGS) $(PIE_LDFLAGS) $(SSP_LDFLAGS) $(LIBS)
+
+check_digest: $(CHECK_DIGEST_OBJS) $(LT_LIBS)
+	$(LIBTOOL) $(LTFLAGS) --mode=link $(CC) -o $@ $(CHECK_DIGEST_OBJS) $(LDFLAGS) $(ASAN_LDFLAGS) $(PIE_LDFLAGS) $(SSP_LDFLAGS) $(LIBS)
+
+check_env_pattern: $(CHECK_ENV_MATCH_OBJS) $(LT_LIBS)
+	$(LIBTOOL) $(LTFLAGS) --mode=link $(CC) -o $@ $(CHECK_ENV_MATCH_OBJS) $(LDFLAGS) $(ASAN_LDFLAGS) $(PIE_LDFLAGS) $(SSP_LDFLAGS) $(LIBS)
+
+check_fill: $(CHECK_FILL_OBJS) $(LT_LIBS)
+	$(LIBTOOL) $(LTFLAGS) --mode=link $(CC) -o $@ $(CHECK_FILL_OBJS) $(LDFLAGS) $(ASAN_LDFLAGS) $(PIE_LDFLAGS) $(SSP_LDFLAGS) $(LIBS)
+
+check_gentime: $(CHECK_GENTIME_OBJS) $(LT_LIBS)
+	$(LIBTOOL) $(LTFLAGS) --mode=link $(CC) -o $@ $(CHECK_GENTIME_OBJS) $(LDFLAGS) $(ASAN_LDFLAGS) $(PIE_LDFLAGS) $(SSP_LDFLAGS) $(LIBS)
+
+check_hexchar: $(CHECK_HEXCHAR_OBJS) $(LT_LIBS)
+	$(LIBTOOL) $(LTFLAGS) --mode=link $(CC) -o $@ $(CHECK_HEXCHAR_OBJS) $(LDFLAGS) $(ASAN_LDFLAGS) $(PIE_LDFLAGS) $(SSP_LDFLAGS) $(LIBS)
+
+check_iolog_path: $(CHECK_IOLOG_PATH_OBJS) $(LT_LIBS)
+	$(LIBTOOL) $(LTFLAGS) --mode=link $(CC) -o $@ $(CHECK_IOLOG_PATH_OBJS) $(LDFLAGS) $(ASAN_LDFLAGS) $(PIE_LDFLAGS) $(SSP_LDFLAGS) $(LIBS)
+
+check_iolog_plugin: $(CHECK_IOLOG_PLUGIN_OBJS) $(LT_LIBS)
+	$(LIBTOOL) $(LTFLAGS) --mode=link $(CC) -o $@ $(CHECK_IOLOG_PLUGIN_OBJS) $(LDFLAGS) $(ASAN_LDFLAGS) $(PIE_LDFLAGS) $(SSP_LDFLAGS) $(LIBS) @ZLIB@
+
+check_iolog_util: $(CHECK_IOLOG_UTIL_OBJS) $(LT_LIBS)
+	$(LIBTOOL) $(LTFLAGS) --mode=link $(CC) -o $@ $(CHECK_IOLOG_UTIL_OBJS) $(LDFLAGS) $(ASAN_LDFLAGS) $(PIE_LDFLAGS) $(SSP_LDFLAGS) $(LIBS) @ZLIB@
+
+check_starttime: $(CHECK_STARTTIME_OBJS) $(LT_LIBS)
+	$(LIBTOOL) $(LTFLAGS) --mode=link $(CC) -o $@ $(CHECK_STARTTIME_OBJS) $(LDFLAGS) $(ASAN_LDFLAGS) $(PIE_LDFLAGS) $(SSP_LDFLAGS) $(LIBS)
+
+# We need to link check_symbols with -lpthread on HP-UX since LDAP uses threads
+check_symbols: $(CHECK_SYMBOLS_OBJS) $(LT_LIBS)
+	$(LIBTOOL) $(LTFLAGS) --mode=link $(CC) -o $@ $(CHECK_SYMBOLS_OBJS) $(CHECK_SYMBOLS_LDFLAGS) $(LDFLAGS) $(ASAN_LDFLAGS) $(PIE_LDFLAGS) $(SSP_LDFLAGS) $(LIBS) @SUDO_LIBS@
+
+check_wrap: $(CHECK_WRAP_OBJS) $(LT_LIBS)
+	$(LIBTOOL) $(LTFLAGS) --mode=link $(CC) -o $@ $(CHECK_WRAP_OBJS) $(LDFLAGS) $(ASAN_LDFLAGS) $(PIE_LDFLAGS) $(SSP_LDFLAGS) $(LIBS)
+
+GENERATED = gram.h gram.c toke.c def_data.c def_data.h getdate.c
+
+prologue:
+	echo "/*" > $@
+	echo " * This is an open source non-commercial project. Dear PVS-Studio, please check it." >> $@
+	echo " * PVS-Studio Static Code Analyzer for C, C++ and C#: http://www.viva64.com" >> $@
+	echo " */" >> $@
+	echo "" >> $@
+	echo "#include <config.h>" >> $@
+
+$(devdir)/gram.c $(devdir)/gram.h: $(srcdir)/gram.y prologue
+	@if [ -n "$(DEVEL)" ]; then \
+	    if test "$(srcdir)" = "."; then \
+		gram_y="gram.y"; \
+	    else \
+		gram_y="$(srcdir)/gram.y"; \
+	    fi; \
+	    cmd='$(YACC) -d -p sudoers '"$$gram_y"'; cp prologue $(devdir)/gram.c; $(SED) "s/^\\(#line .*\\) \"y\\.tab\\.c\"/\1 \"gram.c\"/" y.tab.c >> $(devdir)/gram.c; rm -f y.tab.c; mv -f y.tab.h $(devdir)/gram.h'; \
+	    echo "$$cmd"; eval $$cmd; \
+	fi
+
+$(devdir)/toke.c: $(srcdir)/toke.l prologue
+	@if [ -n "$(DEVEL)" ]; then \
+	    if test "$(srcdir)" = "."; then \
+		toke_l="toke.l"; \
+	    else \
+		toke_l="$(srcdir)/toke.l"; \
+	    fi; \
+	    cmd='$(FLEX) '"$$toke_l"'; cp prologue $(devdir)/toke.c; $(SED) "s/^\\(#line .*\\) \"lex\\.sudoers\\.c\"/\1 \"toke.c\"/" lex.sudoers.c >> $(devdir)/toke.c; rm -f lex.sudoers.c'; \
+	    echo "$$cmd"; eval $$cmd; \
+	fi
+
+$(devdir)/getdate.c: $(srcdir)/getdate.y prologue
+	@if [ -n "$(DEVEL)" ]; then \
+	    echo "expect 10 shift/reduce conflicts"; \
+	    if test "$(srcdir)" = "."; then \
+		getdate_y="getdate.y"; \
+	    else \
+		getdate_y="$(srcdir)/getdate.y"; \
+	    fi; \
+	    cmd='$(YACC) '"$$getdate_y"'; cp prologue $(devdir)/getdate.c; $(SED) "s/^\\(#line .*\\) \"y\\.tab\\.c\"/\1 \"getdate.c\"/" y.tab.c >> $(devdir)/getdate.c; rm -f y.tab.c'; \
+	    echo "$$cmd"; eval $$cmd; \
+	fi
+
+$(devdir)/def_data.c $(devdir)/def_data.h: $(srcdir)/def_data.in
+	@if [ -n "$(DEVEL)" ]; then \
+	    cmd='$(PERL) $(srcdir)/mkdefaults -o $(devdir)/def_data $(srcdir)/def_data.in'; \
+	    echo "$$cmd"; eval $$cmd; \
+	fi
+
+sudoers: $(srcdir)/sudoers.in
+	cd $(top_builddir) && $(SHELL) config.status --file=plugins/sudoers/$@
+
+pre-install:
+	@if test X"$(cross_compiling)" != X"yes" -a -r $(DESTDIR)$(sudoersdir)/sudoers; then \
+	    echo "Checking existing sudoers file for syntax errors."; \
+	    ./visudo -c -f $(DESTDIR)$(sudoersdir)/sudoers; \
+	fi
+
+install: install-plugin install-binaries install-sudoers install-doc
+
+install-dirs:
+	$(SHELL) $(top_srcdir)/mkinstalldirs $(DESTDIR)$(plugindir) \
+	    $(DESTDIR)$(sbindir) $(DESTDIR)$(bindir) \
+	    $(DESTDIR)$(sudoersdir) $(DESTDIR)$(docdir) \
+	    `echo $(DESTDIR)$(rundir)|$(SED) 's,/[^/]*$$,,'` \
+	    `echo $(DESTDIR)$(vardir)|$(SED) 's,/[^/]*$$,,'`
+	$(INSTALL) -d $(INSTALL_OWNER) -m 0711 $(DESTDIR)$(rundir)
+	$(INSTALL) -d $(INSTALL_OWNER) -m 0711 $(DESTDIR)$(vardir)
+	$(INSTALL) -d $(INSTALL_OWNER) -m 0700 $(DESTDIR)$(vardir)/lectured
+
+install-binaries: cvtsudoers sudoreplay visudo install-dirs
+	INSTALL_BACKUP='$(INSTALL_BACKUP)' $(LIBTOOL) $(LTFLAGS) --mode=install $(INSTALL) $(INSTALL_OWNER) -m 0755 cvtsudoers $(DESTDIR)$(bindir)/cvtsudoers
+	INSTALL_BACKUP='$(INSTALL_BACKUP)' $(LIBTOOL) $(LTFLAGS) --mode=install $(INSTALL) $(INSTALL_OWNER) -m 0755 sudoreplay $(DESTDIR)$(bindir)/sudoreplay
+	INSTALL_BACKUP='$(INSTALL_BACKUP)' $(LIBTOOL) $(LTFLAGS) --mode=install $(INSTALL) $(INSTALL_OWNER) -m 0755 visudo $(DESTDIR)$(sbindir)/visudo
+
+install-includes:
+
+install-doc:
+
+install-plugin: sudoers.la install-dirs
+	case "$(LT_LDFLAGS)" in \
+	*-no-install*) ;; \
+	*)  if [ X"$(shlib_enable)" = X"yes" ]; then \
+		INSTALL_BACKUP='$(INSTALL_BACKUP)' $(LIBTOOL) $(LTFLAGS) --mode=install $(INSTALL) $(INSTALL_OWNER) -m $(shlib_mode) sudoers.la $(DESTDIR)$(plugindir); \
+	    fi;; \
+	esac
+
+install-sudoers: install-dirs
+	$(INSTALL) -d $(INSTALL_OWNER) -m 0750 $(DESTDIR)$(sudoersdir)/sudoers.d
+	$(INSTALL) $(INSTALL_OWNER) -m $(sudoers_mode) sudoers $(DESTDIR)$(sudoersdir)/sudoers.dist
+	test -r $(DESTDIR)$(sudoersdir)/sudoers || \
+	    cp -p $(DESTDIR)$(sudoersdir)/sudoers.dist $(DESTDIR)$(sudoersdir)/sudoers
+
+uninstall:
+	-$(LIBTOOL) $(LTFLAGS) --mode=uninstall rm -f $(DESTDIR)$(plugindir)/sudoers.la
+	-rm -f	$(DESTDIR)$(bindir)/cvtsudoers \
+		$(DESTDIR)$(bindir)/sudoreplay
+		$(DESTDIR)$(sbindir)/visudo
+	-test -z "$(INSTALL_BACKUP)" || \
+		$(DESTDIR)$(bindir)/cvtsudoers$(INSTALL_BACKUP) \
+		$(DESTDIR)$(bindir)/sudoreplay$(INSTALL_BACKUP) \
+		$(DESTDIR)$(sbindir)/visudo$(INSTALL_BACKUP) \
+		$(DESTDIR)$(plugindir)/sudoers.so$(INSTALL_BACKUP)
+	-cmp $(DESTDIR)$(sudoersdir)/sudoers $(DESTDIR)$(sudoersdir)/sudoers.dist >/dev/null && \
+	    rm -f $(DESTDIR)$(sudoersdir)/sudoers
+	-rm -f $(DESTDIR)$(sudoersdir)/sudoers.dist
+
+splint:
+	splint $(SPLINT_OPTS) -I$(incdir) -I$(top_builddir) -I$(devdir) -I$(srcdir) -I$(top_srcdir) $(srcdir)/*.c $(srcdir)/auth/*.c
+
+cppcheck:
+	cppcheck $(CPPCHECK_OPTS) -I$(incdir) -I$(top_builddir) -I$(devdir) -I$(srcdir) -I$(top_srcdir) $(srcdir)/*.c $(srcdir)/auth/*.c
+
+pvs-log-files: $(POBJS)
+
+pvs-studio: $(POBJS)
+	plog-converter $(PVS_LOG_OPTS) $(POBJS)
+
+check: $(TEST_PROGS) visudo testsudoers cvtsudoers
+	@if test X"$(cross_compiling)" != X"yes"; then \
+	    LC_ALL=C; export LC_ALL; \
+	    unset LANG || LANG=; \
+	    rval=0; \
+	    mkdir -p regress/parser; \
+	    ./check_addr $(srcdir)/regress/parser/check_addr.in || rval=`expr $$rval + $$?`; \
+	    ./check_base64 || rval=`expr $$rval + $$?`; \
+	    if test -f check_digest; then \
+		./check_digest > regress/parser/check_digest.out; \
+		diff regress/parser/check_digest.out $(srcdir)/regress/parser/check_digest.out.ok || rval=`expr $$rval + $$?`; \
+	    fi; \
+	    ./check_env_pattern $(srcdir)/regress/env_match/data || rval=`expr $$rval + $$?`; \
+	    ./check_fill || rval=`expr $$rval + $$?`; \
+	    ./check_gentime || rval=`expr $$rval + $$?`; \
+	    ./check_hexchar || rval=`expr $$rval + $$?`; \
+	    ./check_iolog_path $(srcdir)/regress/iolog_path/data || rval=`expr $$rval + $$?`; \
+	    ./check_iolog_plugin $(srcdir)/regress/iolog_plugin/iolog || rval=`expr $$rval + $$?`; \
+	    ./check_iolog_util || rval=`expr $$rval + $$?`; \
+	    ./check_starttime || rval=`expr $$rval + $$?`; \
+	    if test -f check_symbols; then \
+		./check_symbols .libs/sudoers.so $(shlib_exp) || rval=`expr $$rval + $$?`; \
+	    fi; \
+	    mkdir -p regress/logging; \
+	    ./check_wrap $(srcdir)/regress/logging/check_wrap.in > regress/logging/check_wrap.out; \
+	    diff regress/logging/check_wrap.out $(srcdir)/regress/logging/check_wrap.out.ok || rval=`expr $$rval + $$?`; \
+	    passed=0; failed=0; total=0; \
+	    mkdir -p regress/sudoers; \
+	    dir=sudoers; \
+	    for t in $(srcdir)/regress/$$dir/*.in; do \
+		base=`basename $$t .in`; \
+		out="regress/sudoers/$${base}.out"; \
+		toke="regress/sudoers/$${base}.toke"; \
+		json="regress/sudoers/$${base}.json"; \
+		ldif="regress/sudoers/$${base}.ldif"; \
+		sudo="regress/sudoers/$${base}.sudo"; \
+		ldif2sudo="regress/sudoers/$${base}.ldif2sudo"; \
+		if test -s $$json.ok; then \
+		    ASAN_OPTIONS=; \
+		else \
+		    ASAN_OPTIONS=detect_leaks=0; \
+		fi; \
+		ASAN_OPTIONS=$$ASAN_OPTIONS \
+		    ./testsudoers -dt <$$t >$$out 2>$$toke || true; \
+		if cmp $$out $(srcdir)/$$out.ok >/dev/null; then \
+		    passed=`expr $$passed + 1`; \
+		    echo "$$dir/$$base (parse): OK"; \
+		else \
+		    failed=`expr $$failed + 1`; \
+		    echo "$$dir/$$base (parse): FAIL"; \
+		    diff $$out $(srcdir)/$$out.ok || true; \
+		fi; \
+		total=`expr $$total + 1`; \
+		if cmp $$toke $(srcdir)/$$toke.ok >/dev/null; then \
+		    passed=`expr $$passed + 1`; \
+		    echo "$$dir/$$base (toke): OK"; \
+		else \
+		    failed=`expr $$failed + 1`; \
+		    echo "$$dir/$$base (toke): FAIL"; \
+		    diff $$toke $(srcdir)/$$toke.ok || true; \
+		fi; \
+		total=`expr $$total + 1`; \
+		./cvtsudoers -c "" -f json $$t >$$json 2>/dev/null || true; \
+		total=`expr $$total + 1`; \
+		if cmp $$json $(srcdir)/$$json.ok >/dev/null; then \
+		    passed=`expr $$passed + 1`; \
+		    echo "$$dir/$$base (json): OK"; \
+		else \
+		    failed=`expr $$failed + 1`; \
+		    echo "$$dir/$$base (json): FAIL"; \
+		    diff $$json $(srcdir)/$$json.ok || true; \
+		fi; \
+		SUDOERS_BASE="ou=SUDOers,dc=sudo,dc=ws" \
+		    ./cvtsudoers -c "" -f ldif < $$t >$$ldif 2>/dev/null || true; \
+		total=`expr $$total + 1`; \
+		if cmp $$ldif $(srcdir)/$$ldif.ok >/dev/null; then \
+		    passed=`expr $$passed + 1`; \
+		    echo "$$dir/$$base (ldif): OK"; \
+		else \
+		    failed=`expr $$failed + 1`; \
+		    echo "$$dir/$$base: (ldif) FAIL"; \
+		    diff $$ldif $(srcdir)/$$ldif.ok || true; \
+		fi; \
+		./cvtsudoers -c "" -f sudoers $$t >$$sudo 2>/dev/null || true; \
+		total=`expr $$total + 1`; \
+		if ./visudo -qcf $$sudo; then \
+		    passed=`expr $$passed + 1`; \
+		    echo "$$dir/$$base (reparse): OK"; \
+		else \
+		    failed=`expr $$failed + 1`; \
+		    echo "$$dir/$$base: (reparse) FAIL"; \
+		    ./visudo -cf $$sudo || true; \
+		fi; \
+		if test -s $(srcdir)/$$ldif.ok; then \
+		    ./cvtsudoers -c "" -i ldif -f sudoers $(srcdir)/$$ldif.ok >$$ldif2sudo || true; \
+		    total=`expr $$total + 1`; \
+		    if cmp $$ldif2sudo $(srcdir)/$$ldif2sudo.ok >/dev/null; then \
+			passed=`expr $$passed + 1`; \
+			echo "$$dir/$$base (ldif2sudo): OK"; \
+		    else \
+			failed=`expr $$failed + 1`; \
+			echo "$$dir/$$base: (ldif2sudo) FAIL"; \
+			diff $$ldif $(srcdir)/$$ldif.ok || true; \
+		    fi; \
+		fi; \
+	    done; \
+	    echo "$$dir: $$passed/$$total tests passed; $$failed/$$total tests failed"; \
+	    if test $$failed -ne 0; then \
+		rval=`expr $$rval + $$failed`; \
+	    fi; \
+	    for dir in testsudoers visudo cvtsudoers; do \
+		mkdir -p regress/$$dir; \
+		passed=0; failed=0; total=0; \
+		for t in $(srcdir)/regress/$$dir/*.sh; do \
+		    base=`basename $$t .sh`; \
+		    out="regress/$$dir/$${base}.out"; \
+		    err="regress/$$dir/$${base}.err"; \
+		    TESTDIR=$(srcdir)/regress/$$dir \
+			$(SHELL) $$t >$$out 2>$$err; \
+		    if cmp $$out $(srcdir)/$$out.ok >/dev/null; then \
+			passed=`expr $$passed + 1`; \
+			echo "$$dir/$$base: OK"; \
+		    else \
+			failed=`expr $$failed + 1`; \
+			echo "$$dir/$$base: FAIL"; \
+			diff $$out $(srcdir)/$$out.ok || true; \
+		    fi; \
+		    total=`expr $$total + 1`; \
+		    if test -s $(srcdir)/$$err.ok; then \
+			if cmp $$err $(srcdir)/$$err.ok >/dev/null; then \
+			    passed=`expr $$passed + 1`; \
+			    echo "$$dir/$$base (stderr): OK"; \
+			else \
+			    failed=`expr $$failed + 1`; \
+			    echo "$$dir/$$base (stderr): FAIL"; \
+			    diff $$err $(srcdir)/$$err.ok || true; \
+			fi; \
+			total=`expr $$total + 1`; \
+		    elif test -s $$err; then \
+			failed=`expr $$failed + 1`; \
+			echo "$$dir/$$base (stderr): FAIL"; \
+			cat $$err 1>&2; \
+		    fi; \
+		done; \
+		echo "$$dir: $$passed/$$total tests passed; $$failed/$$total tests failed"; \
+		if test $$failed -ne 0; then \
+		    rval=`expr $$rval + $$failed`; \
+		fi; \
+	    done; \
+	    exit $$rval; \
+	fi
+
+clean:
+	-$(LIBTOOL) $(LTFLAGS) --mode=clean rm -f $(PROGS) $(TEST_PROGS) \
+	    *.lo *.o *.la *.a *.i *.plog stamp-* core *.core core.* \
+	    prologue regress/*/*.out regress/*/*.toke regress/*/*.err \
+	    regress/*/*.json regress/*/*.ldif regress/*/*.sudo
+
+mostlyclean: clean
+
+distclean: clean
+	-rm -rf Makefile sudoers sudoers.lo .libs $(shlib_map) $(shlib_opt)
+	@if [ -n "$(DEVEL)" -a "$(devdir)" != "$(srcdir)" ]; then \
+	    cmd='rm -rf $(GENERATED)'; \
+	    echo "$$cmd"; eval $$cmd; \
+	fi
+
+clobber: distclean
+
+realclean: distclean
+	rm -f TAGS tags
+
+cleandir: realclean
+
+# Autogenerated dependencies, do not modify
+afs.lo: $(authdir)/afs.c $(devdir)/def_data.h $(incdir)/compat/stdbool.h \
+        $(incdir)/sudo_compat.h $(incdir)/sudo_conf.h $(incdir)/sudo_debug.h \
+        $(incdir)/sudo_fatal.h $(incdir)/sudo_gettext.h \
+        $(incdir)/sudo_plugin.h $(incdir)/sudo_queue.h $(incdir)/sudo_util.h \
+        $(srcdir)/defaults.h $(srcdir)/logging.h $(srcdir)/parse.h \
+        $(srcdir)/sudo_nss.h $(srcdir)/sudoers.h $(srcdir)/sudoers_debug.h \
+        $(top_builddir)/config.h $(top_builddir)/pathnames.h
+	$(LIBTOOL) $(LTFLAGS) --mode=compile $(CC) -c $(CPPFLAGS) $(CFLAGS) $(ASAN_CFLAGS) $(PIE_CFLAGS) $(SSP_CFLAGS) $(authdir)/afs.c
+afs.i: $(authdir)/afs.c $(devdir)/def_data.h $(incdir)/compat/stdbool.h \
+        $(incdir)/sudo_compat.h $(incdir)/sudo_conf.h $(incdir)/sudo_debug.h \
+        $(incdir)/sudo_fatal.h $(incdir)/sudo_gettext.h \
+        $(incdir)/sudo_plugin.h $(incdir)/sudo_queue.h $(incdir)/sudo_util.h \
+        $(srcdir)/defaults.h $(srcdir)/logging.h $(srcdir)/parse.h \
+        $(srcdir)/sudo_nss.h $(srcdir)/sudoers.h $(srcdir)/sudoers_debug.h \
+        $(top_builddir)/config.h $(top_builddir)/pathnames.h
+	$(CC) -E -o $@ $(CPPFLAGS) $<
+afs.plog: afs.i
+	rm -f $@; pvs-studio --cfg $(PVS_CFG) --sourcetree-root $(top_srcdir) --skip-cl-exe yes --source-file $(authdir)/afs.c --i-file $< --output-file $@
+aix_auth.lo: $(authdir)/aix_auth.c $(devdir)/def_data.h \
+             $(incdir)/compat/stdbool.h $(incdir)/sudo_compat.h \
+             $(incdir)/sudo_conf.h $(incdir)/sudo_debug.h \
+             $(incdir)/sudo_fatal.h $(incdir)/sudo_gettext.h \
+             $(incdir)/sudo_plugin.h $(incdir)/sudo_queue.h \
+             $(incdir)/sudo_util.h $(srcdir)/defaults.h $(srcdir)/logging.h \
+             $(srcdir)/parse.h $(srcdir)/sudo_nss.h $(srcdir)/sudoers.h \
+             $(srcdir)/sudoers_debug.h $(top_builddir)/config.h \
+             $(top_builddir)/pathnames.h
+	$(LIBTOOL) $(LTFLAGS) --mode=compile $(CC) -c $(CPPFLAGS) $(CFLAGS) $(ASAN_CFLAGS) $(PIE_CFLAGS) $(SSP_CFLAGS) $(authdir)/aix_auth.c
+aix_auth.i: $(authdir)/aix_auth.c $(devdir)/def_data.h \
+             $(incdir)/compat/stdbool.h $(incdir)/sudo_compat.h \
+             $(incdir)/sudo_conf.h $(incdir)/sudo_debug.h \
+             $(incdir)/sudo_fatal.h $(incdir)/sudo_gettext.h \
+             $(incdir)/sudo_plugin.h $(incdir)/sudo_queue.h \
+             $(incdir)/sudo_util.h $(srcdir)/defaults.h $(srcdir)/logging.h \
+             $(srcdir)/parse.h $(srcdir)/sudo_nss.h $(srcdir)/sudoers.h \
+             $(srcdir)/sudoers_debug.h $(top_builddir)/config.h \
+             $(top_builddir)/pathnames.h
+	$(CC) -E -o $@ $(CPPFLAGS) $<
+aix_auth.plog: aix_auth.i
+	rm -f $@; pvs-studio --cfg $(PVS_CFG) --sourcetree-root $(top_srcdir) --skip-cl-exe yes --source-file $(authdir)/aix_auth.c --i-file $< --output-file $@
+alias.lo: $(srcdir)/alias.c $(devdir)/def_data.h $(devdir)/gram.h \
+          $(incdir)/compat/stdbool.h $(incdir)/sudo_compat.h \
+          $(incdir)/sudo_conf.h $(incdir)/sudo_debug.h $(incdir)/sudo_fatal.h \
+          $(incdir)/sudo_gettext.h $(incdir)/sudo_plugin.h \
+          $(incdir)/sudo_queue.h $(incdir)/sudo_util.h $(srcdir)/defaults.h \
+          $(srcdir)/logging.h $(srcdir)/parse.h $(srcdir)/redblack.h \
+          $(srcdir)/sudo_nss.h $(srcdir)/sudoers.h $(srcdir)/sudoers_debug.h \
+          $(top_builddir)/config.h $(top_builddir)/pathnames.h
+	$(LIBTOOL) $(LTFLAGS) --mode=compile $(CC) -c $(CPPFLAGS) $(CFLAGS) $(ASAN_CFLAGS) $(PIE_CFLAGS) $(SSP_CFLAGS) $(srcdir)/alias.c
+alias.i: $(srcdir)/alias.c $(devdir)/def_data.h $(devdir)/gram.h \
+          $(incdir)/compat/stdbool.h $(incdir)/sudo_compat.h \
+          $(incdir)/sudo_conf.h $(incdir)/sudo_debug.h $(incdir)/sudo_fatal.h \
+          $(incdir)/sudo_gettext.h $(incdir)/sudo_plugin.h \
+          $(incdir)/sudo_queue.h $(incdir)/sudo_util.h $(srcdir)/defaults.h \
+          $(srcdir)/logging.h $(srcdir)/parse.h $(srcdir)/redblack.h \
+          $(srcdir)/sudo_nss.h $(srcdir)/sudoers.h $(srcdir)/sudoers_debug.h \
+          $(top_builddir)/config.h $(top_builddir)/pathnames.h
+	$(CC) -E -o $@ $(CPPFLAGS) $<
+alias.plog: alias.i
+	rm -f $@; pvs-studio --cfg $(PVS_CFG) --sourcetree-root $(top_srcdir) --skip-cl-exe yes --source-file $(srcdir)/alias.c --i-file $< --output-file $@
+audit.lo: $(srcdir)/audit.c $(devdir)/def_data.h $(incdir)/compat/stdbool.h \
+          $(incdir)/sudo_compat.h $(incdir)/sudo_conf.h $(incdir)/sudo_debug.h \
+          $(incdir)/sudo_fatal.h $(incdir)/sudo_gettext.h \
+          $(incdir)/sudo_plugin.h $(incdir)/sudo_queue.h $(incdir)/sudo_util.h \
+          $(srcdir)/bsm_audit.h $(srcdir)/defaults.h $(srcdir)/linux_audit.h \
+          $(srcdir)/logging.h $(srcdir)/parse.h $(srcdir)/solaris_audit.h \
+          $(srcdir)/sudo_nss.h $(srcdir)/sudoers.h $(srcdir)/sudoers_debug.h \
+          $(top_builddir)/config.h $(top_builddir)/pathnames.h
+	$(LIBTOOL) $(LTFLAGS) --mode=compile $(CC) -c $(CPPFLAGS) $(CFLAGS) $(ASAN_CFLAGS) $(PIE_CFLAGS) $(SSP_CFLAGS) $(srcdir)/audit.c
+audit.i: $(srcdir)/audit.c $(devdir)/def_data.h $(incdir)/compat/stdbool.h \
+          $(incdir)/sudo_compat.h $(incdir)/sudo_conf.h $(incdir)/sudo_debug.h \
+          $(incdir)/sudo_fatal.h $(incdir)/sudo_gettext.h \
+          $(incdir)/sudo_plugin.h $(incdir)/sudo_queue.h $(incdir)/sudo_util.h \
+          $(srcdir)/bsm_audit.h $(srcdir)/defaults.h $(srcdir)/linux_audit.h \
+          $(srcdir)/logging.h $(srcdir)/parse.h $(srcdir)/solaris_audit.h \
+          $(srcdir)/sudo_nss.h $(srcdir)/sudoers.h $(srcdir)/sudoers_debug.h \
+          $(top_builddir)/config.h $(top_builddir)/pathnames.h
+	$(CC) -E -o $@ $(CPPFLAGS) $<
+audit.plog: audit.i
+	rm -f $@; pvs-studio --cfg $(PVS_CFG) --sourcetree-root $(top_srcdir) --skip-cl-exe yes --source-file $(srcdir)/audit.c --i-file $< --output-file $@
+base64.lo: $(srcdir)/base64.c $(devdir)/def_data.h $(incdir)/compat/stdbool.h \
+           $(incdir)/sudo_compat.h $(incdir)/sudo_conf.h \
+           $(incdir)/sudo_debug.h $(incdir)/sudo_fatal.h \
+           $(incdir)/sudo_gettext.h $(incdir)/sudo_plugin.h \
+           $(incdir)/sudo_queue.h $(incdir)/sudo_util.h $(srcdir)/defaults.h \
+           $(srcdir)/logging.h $(srcdir)/parse.h $(srcdir)/sudo_nss.h \
+           $(srcdir)/sudoers.h $(srcdir)/sudoers_debug.h \
+           $(top_builddir)/config.h $(top_builddir)/pathnames.h
+	$(LIBTOOL) $(LTFLAGS) --mode=compile $(CC) -c $(CPPFLAGS) $(CFLAGS) $(ASAN_CFLAGS) $(PIE_CFLAGS) $(SSP_CFLAGS) $(srcdir)/base64.c
+base64.i: $(srcdir)/base64.c $(devdir)/def_data.h $(incdir)/compat/stdbool.h \
+           $(incdir)/sudo_compat.h $(incdir)/sudo_conf.h \
+           $(incdir)/sudo_debug.h $(incdir)/sudo_fatal.h \
+           $(incdir)/sudo_gettext.h $(incdir)/sudo_plugin.h \
+           $(incdir)/sudo_queue.h $(incdir)/sudo_util.h $(srcdir)/defaults.h \
+           $(srcdir)/logging.h $(srcdir)/parse.h $(srcdir)/sudo_nss.h \
+           $(srcdir)/sudoers.h $(srcdir)/sudoers_debug.h \
+           $(top_builddir)/config.h $(top_builddir)/pathnames.h
+	$(CC) -E -o $@ $(CPPFLAGS) $<
+base64.plog: base64.i
+	rm -f $@; pvs-studio --cfg $(PVS_CFG) --sourcetree-root $(top_srcdir) --skip-cl-exe yes --source-file $(srcdir)/base64.c --i-file $< --output-file $@
+boottime.lo: $(srcdir)/boottime.c $(devdir)/def_data.h \
+             $(incdir)/compat/stdbool.h $(incdir)/sudo_compat.h \
+             $(incdir)/sudo_conf.h $(incdir)/sudo_debug.h \
+             $(incdir)/sudo_fatal.h $(incdir)/sudo_gettext.h \
+             $(incdir)/sudo_plugin.h $(incdir)/sudo_queue.h \
+             $(incdir)/sudo_util.h $(srcdir)/defaults.h $(srcdir)/logging.h \
+             $(srcdir)/parse.h $(srcdir)/sudo_nss.h $(srcdir)/sudoers.h \
+             $(srcdir)/sudoers_debug.h $(top_builddir)/config.h \
+             $(top_builddir)/pathnames.h
+	$(LIBTOOL) $(LTFLAGS) --mode=compile $(CC) -c $(CPPFLAGS) $(CFLAGS) $(ASAN_CFLAGS) $(PIE_CFLAGS) $(SSP_CFLAGS) $(srcdir)/boottime.c
+boottime.i: $(srcdir)/boottime.c $(devdir)/def_data.h \
+             $(incdir)/compat/stdbool.h $(incdir)/sudo_compat.h \
+             $(incdir)/sudo_conf.h $(incdir)/sudo_debug.h \
+             $(incdir)/sudo_fatal.h $(incdir)/sudo_gettext.h \
+             $(incdir)/sudo_plugin.h $(incdir)/sudo_queue.h \
+             $(incdir)/sudo_util.h $(srcdir)/defaults.h $(srcdir)/logging.h \
+             $(srcdir)/parse.h $(srcdir)/sudo_nss.h $(srcdir)/sudoers.h \
+             $(srcdir)/sudoers_debug.h $(top_builddir)/config.h \
+             $(top_builddir)/pathnames.h
+	$(CC) -E -o $@ $(CPPFLAGS) $<
+boottime.plog: boottime.i
+	rm -f $@; pvs-studio --cfg $(PVS_CFG) --sourcetree-root $(top_srcdir) --skip-cl-exe yes --source-file $(srcdir)/boottime.c --i-file $< --output-file $@
+bsdauth.lo: $(authdir)/bsdauth.c $(devdir)/def_data.h \
+            $(incdir)/compat/stdbool.h $(incdir)/sudo_compat.h \
+            $(incdir)/sudo_conf.h $(incdir)/sudo_debug.h \
+            $(incdir)/sudo_fatal.h $(incdir)/sudo_gettext.h \
+            $(incdir)/sudo_plugin.h $(incdir)/sudo_queue.h \
+            $(incdir)/sudo_util.h $(srcdir)/defaults.h $(srcdir)/logging.h \
+            $(srcdir)/parse.h $(srcdir)/sudo_nss.h $(srcdir)/sudoers.h \
+            $(srcdir)/sudoers_debug.h $(top_builddir)/config.h \
+            $(top_builddir)/pathnames.h
+	$(LIBTOOL) $(LTFLAGS) --mode=compile $(CC) -c $(CPPFLAGS) $(CFLAGS) $(ASAN_CFLAGS) $(PIE_CFLAGS) $(SSP_CFLAGS) $(authdir)/bsdauth.c
+bsdauth.i: $(authdir)/bsdauth.c $(devdir)/def_data.h \
+            $(incdir)/compat/stdbool.h $(incdir)/sudo_compat.h \
+            $(incdir)/sudo_conf.h $(incdir)/sudo_debug.h \
+            $(incdir)/sudo_fatal.h $(incdir)/sudo_gettext.h \
+            $(incdir)/sudo_plugin.h $(incdir)/sudo_queue.h \
+            $(incdir)/sudo_util.h $(srcdir)/defaults.h $(srcdir)/logging.h \
+            $(srcdir)/parse.h $(srcdir)/sudo_nss.h $(srcdir)/sudoers.h \
+            $(srcdir)/sudoers_debug.h $(top_builddir)/config.h \
+            $(top_builddir)/pathnames.h
+	$(CC) -E -o $@ $(CPPFLAGS) $<
+bsdauth.plog: bsdauth.i
+	rm -f $@; pvs-studio --cfg $(PVS_CFG) --sourcetree-root $(top_srcdir) --skip-cl-exe yes --source-file $(authdir)/bsdauth.c --i-file $< --output-file $@
+bsm_audit.lo: $(srcdir)/bsm_audit.c $(devdir)/def_data.h \
+              $(incdir)/compat/stdbool.h $(incdir)/sudo_compat.h \
+              $(incdir)/sudo_conf.h $(incdir)/sudo_debug.h \
+              $(incdir)/sudo_fatal.h $(incdir)/sudo_gettext.h \
+              $(incdir)/sudo_plugin.h $(incdir)/sudo_queue.h \
+              $(incdir)/sudo_util.h $(srcdir)/bsm_audit.h $(srcdir)/defaults.h \
+              $(srcdir)/logging.h $(srcdir)/parse.h $(srcdir)/sudo_nss.h \
+              $(srcdir)/sudoers.h $(srcdir)/sudoers_debug.h \
+              $(top_builddir)/config.h $(top_builddir)/pathnames.h
+	$(LIBTOOL) $(LTFLAGS) --mode=compile $(CC) -c $(CPPFLAGS) $(CFLAGS) $(ASAN_CFLAGS) $(PIE_CFLAGS) $(SSP_CFLAGS) $(srcdir)/bsm_audit.c
+bsm_audit.i: $(srcdir)/bsm_audit.c $(devdir)/def_data.h \
+              $(incdir)/compat/stdbool.h $(incdir)/sudo_compat.h \
+              $(incdir)/sudo_conf.h $(incdir)/sudo_debug.h \
+              $(incdir)/sudo_fatal.h $(incdir)/sudo_gettext.h \
+              $(incdir)/sudo_plugin.h $(incdir)/sudo_queue.h \
+              $(incdir)/sudo_util.h $(srcdir)/bsm_audit.h $(srcdir)/defaults.h \
+              $(srcdir)/logging.h $(srcdir)/parse.h $(srcdir)/sudo_nss.h \
+              $(srcdir)/sudoers.h $(srcdir)/sudoers_debug.h \
+              $(top_builddir)/config.h $(top_builddir)/pathnames.h
+	$(CC) -E -o $@ $(CPPFLAGS) $<
+bsm_audit.plog: bsm_audit.i
+	rm -f $@; pvs-studio --cfg $(PVS_CFG) --sourcetree-root $(top_srcdir) --skip-cl-exe yes --source-file $(srcdir)/bsm_audit.c --i-file $< --output-file $@
+check.lo: $(srcdir)/check.c $(devdir)/def_data.h $(incdir)/compat/stdbool.h \
+          $(incdir)/sudo_compat.h $(incdir)/sudo_conf.h $(incdir)/sudo_debug.h \
+          $(incdir)/sudo_fatal.h $(incdir)/sudo_gettext.h \
+          $(incdir)/sudo_plugin.h $(incdir)/sudo_queue.h $(incdir)/sudo_util.h \
+          $(srcdir)/check.h $(srcdir)/defaults.h $(srcdir)/logging.h \
+          $(srcdir)/parse.h $(srcdir)/sudo_nss.h $(srcdir)/sudoers.h \
+          $(srcdir)/sudoers_debug.h $(top_builddir)/config.h \
+          $(top_builddir)/pathnames.h
+	$(LIBTOOL) $(LTFLAGS) --mode=compile $(CC) -c $(CPPFLAGS) $(CFLAGS) $(ASAN_CFLAGS) $(PIE_CFLAGS) $(SSP_CFLAGS) $(srcdir)/check.c
+check.i: $(srcdir)/check.c $(devdir)/def_data.h $(incdir)/compat/stdbool.h \
+          $(incdir)/sudo_compat.h $(incdir)/sudo_conf.h $(incdir)/sudo_debug.h \
+          $(incdir)/sudo_fatal.h $(incdir)/sudo_gettext.h \
+          $(incdir)/sudo_plugin.h $(incdir)/sudo_queue.h $(incdir)/sudo_util.h \
+          $(srcdir)/check.h $(srcdir)/defaults.h $(srcdir)/logging.h \
+          $(srcdir)/parse.h $(srcdir)/sudo_nss.h $(srcdir)/sudoers.h \
+          $(srcdir)/sudoers_debug.h $(top_builddir)/config.h \
+          $(top_builddir)/pathnames.h
+	$(CC) -E -o $@ $(CPPFLAGS) $<
+check.plog: check.i
+	rm -f $@; pvs-studio --cfg $(PVS_CFG) --sourcetree-root $(top_srcdir) --skip-cl-exe yes --source-file $(srcdir)/check.c --i-file $< --output-file $@
+check_addr.o: $(srcdir)/regress/parser/check_addr.c $(devdir)/def_data.h \
+              $(incdir)/compat/stdbool.h $(incdir)/sudo_compat.h \
+              $(incdir)/sudo_conf.h $(incdir)/sudo_debug.h \
+              $(incdir)/sudo_fatal.h $(incdir)/sudo_gettext.h \
+              $(incdir)/sudo_plugin.h $(incdir)/sudo_queue.h \
+              $(incdir)/sudo_util.h $(srcdir)/defaults.h \
+              $(srcdir)/interfaces.h $(srcdir)/logging.h $(srcdir)/parse.h \
+              $(srcdir)/sudo_nss.h $(srcdir)/sudoers.h \
+              $(srcdir)/sudoers_debug.h $(top_builddir)/config.h \
+              $(top_builddir)/pathnames.h
+	$(CC) -c $(CPPFLAGS) $(CFLAGS) $(ASAN_CFLAGS) $(PIE_CFLAGS) $(SSP_CFLAGS) $(srcdir)/regress/parser/check_addr.c
+check_addr.i: $(srcdir)/regress/parser/check_addr.c $(devdir)/def_data.h \
+              $(incdir)/compat/stdbool.h $(incdir)/sudo_compat.h \
+              $(incdir)/sudo_conf.h $(incdir)/sudo_debug.h \
+              $(incdir)/sudo_fatal.h $(incdir)/sudo_gettext.h \
+              $(incdir)/sudo_plugin.h $(incdir)/sudo_queue.h \
+              $(incdir)/sudo_util.h $(srcdir)/defaults.h \
+              $(srcdir)/interfaces.h $(srcdir)/logging.h $(srcdir)/parse.h \
+              $(srcdir)/sudo_nss.h $(srcdir)/sudoers.h \
+              $(srcdir)/sudoers_debug.h $(top_builddir)/config.h \
+              $(top_builddir)/pathnames.h
+	$(CC) -E -o $@ $(CPPFLAGS) $<
+check_addr.plog: check_addr.i
+	rm -f $@; pvs-studio --cfg $(PVS_CFG) --sourcetree-root $(top_srcdir) --skip-cl-exe yes --source-file $(srcdir)/regress/parser/check_addr.c --i-file $< --output-file $@
+check_base64.o: $(srcdir)/regress/parser/check_base64.c \
+                $(incdir)/compat/stdbool.h $(incdir)/sudo_compat.h \
+                $(incdir)/sudo_util.h $(top_builddir)/config.h
+	$(CC) -c $(CPPFLAGS) $(CFLAGS) $(ASAN_CFLAGS) $(PIE_CFLAGS) $(SSP_CFLAGS) $(srcdir)/regress/parser/check_base64.c
+check_base64.i: $(srcdir)/regress/parser/check_base64.c \
+                $(incdir)/compat/stdbool.h $(incdir)/sudo_compat.h \
+                $(incdir)/sudo_util.h $(top_builddir)/config.h
+	$(CC) -E -o $@ $(CPPFLAGS) $<
+check_base64.plog: check_base64.i
+	rm -f $@; pvs-studio --cfg $(PVS_CFG) --sourcetree-root $(top_srcdir) --skip-cl-exe yes --source-file $(srcdir)/regress/parser/check_base64.c --i-file $< --output-file $@
+check_digest.o: $(srcdir)/regress/parser/check_digest.c \
+                $(incdir)/compat/stdbool.h $(incdir)/sudo_compat.h \
+                $(incdir)/sudo_digest.h $(incdir)/sudo_fatal.h \
+                $(incdir)/sudo_queue.h $(incdir)/sudo_util.h $(srcdir)/parse.h \
+                $(top_builddir)/config.h
+	$(CC) -c $(CPPFLAGS) $(CFLAGS) $(ASAN_CFLAGS) $(PIE_CFLAGS) $(SSP_CFLAGS) $(srcdir)/regress/parser/check_digest.c
+check_digest.i: $(srcdir)/regress/parser/check_digest.c \
+                $(incdir)/compat/stdbool.h $(incdir)/sudo_compat.h \
+                $(incdir)/sudo_digest.h $(incdir)/sudo_fatal.h \
+                $(incdir)/sudo_queue.h $(incdir)/sudo_util.h $(srcdir)/parse.h \
+                $(top_builddir)/config.h
+	$(CC) -E -o $@ $(CPPFLAGS) $<
+check_digest.plog: check_digest.i
+	rm -f $@; pvs-studio --cfg $(PVS_CFG) --sourcetree-root $(top_srcdir) --skip-cl-exe yes --source-file $(srcdir)/regress/parser/check_digest.c --i-file $< --output-file $@
+check_env_pattern.o: $(srcdir)/regress/env_match/check_env_pattern.c \
+                     $(devdir)/def_data.h $(incdir)/compat/stdbool.h \
+                     $(incdir)/sudo_compat.h $(incdir)/sudo_conf.h \
+                     $(incdir)/sudo_debug.h $(incdir)/sudo_fatal.h \
+                     $(incdir)/sudo_gettext.h $(incdir)/sudo_plugin.h \
+                     $(incdir)/sudo_queue.h $(incdir)/sudo_util.h \
+                     $(srcdir)/defaults.h $(srcdir)/logging.h \
+                     $(srcdir)/parse.h $(srcdir)/sudo_nss.h \
+                     $(srcdir)/sudoers.h $(srcdir)/sudoers_debug.h \
+                     $(top_builddir)/config.h $(top_builddir)/pathnames.h
+	$(CC) -c $(CPPFLAGS) $(CFLAGS) $(ASAN_CFLAGS) $(PIE_CFLAGS) $(SSP_CFLAGS) $(srcdir)/regress/env_match/check_env_pattern.c
+check_env_pattern.i: $(srcdir)/regress/env_match/check_env_pattern.c \
+                     $(devdir)/def_data.h $(incdir)/compat/stdbool.h \
+                     $(incdir)/sudo_compat.h $(incdir)/sudo_conf.h \
+                     $(incdir)/sudo_debug.h $(incdir)/sudo_fatal.h \
+                     $(incdir)/sudo_gettext.h $(incdir)/sudo_plugin.h \
+                     $(incdir)/sudo_queue.h $(incdir)/sudo_util.h \
+                     $(srcdir)/defaults.h $(srcdir)/logging.h \
+                     $(srcdir)/parse.h $(srcdir)/sudo_nss.h \
+                     $(srcdir)/sudoers.h $(srcdir)/sudoers_debug.h \
+                     $(top_builddir)/config.h $(top_builddir)/pathnames.h
+	$(CC) -E -o $@ $(CPPFLAGS) $<
+check_env_pattern.plog: check_env_pattern.i
+	rm -f $@; pvs-studio --cfg $(PVS_CFG) --sourcetree-root $(top_srcdir) --skip-cl-exe yes --source-file $(srcdir)/regress/env_match/check_env_pattern.c --i-file $< --output-file $@
+check_fill.o: $(srcdir)/regress/parser/check_fill.c $(devdir)/gram.h \
+              $(incdir)/compat/stdbool.h $(incdir)/sudo_compat.h \
+              $(incdir)/sudo_plugin.h $(incdir)/sudo_queue.h \
+              $(incdir)/sudo_util.h $(srcdir)/parse.h $(srcdir)/toke.h \
+              $(top_builddir)/config.h
+	$(CC) -c $(CPPFLAGS) $(CFLAGS) $(ASAN_CFLAGS) $(PIE_CFLAGS) $(SSP_CFLAGS) $(srcdir)/regress/parser/check_fill.c
+check_fill.i: $(srcdir)/regress/parser/check_fill.c $(devdir)/gram.h \
+              $(incdir)/compat/stdbool.h $(incdir)/sudo_compat.h \
+              $(incdir)/sudo_plugin.h $(incdir)/sudo_queue.h \
+              $(incdir)/sudo_util.h $(srcdir)/parse.h $(srcdir)/toke.h \
+              $(top_builddir)/config.h
+	$(CC) -E -o $@ $(CPPFLAGS) $<
+check_fill.plog: check_fill.i
+	rm -f $@; pvs-studio --cfg $(PVS_CFG) --sourcetree-root $(top_srcdir) --skip-cl-exe yes --source-file $(srcdir)/regress/parser/check_fill.c --i-file $< --output-file $@
+check_gentime.o: $(srcdir)/regress/parser/check_gentime.c \
+                 $(incdir)/compat/stdbool.h $(incdir)/sudo_compat.h \
+                 $(incdir)/sudo_debug.h $(incdir)/sudo_queue.h \
+                 $(incdir)/sudo_util.h $(srcdir)/parse.h \
+                 $(srcdir)/sudoers_debug.h $(top_builddir)/config.h
+	$(CC) -c $(CPPFLAGS) $(CFLAGS) $(ASAN_CFLAGS) $(PIE_CFLAGS) $(SSP_CFLAGS) $(srcdir)/regress/parser/check_gentime.c
+check_gentime.i: $(srcdir)/regress/parser/check_gentime.c \
+                 $(incdir)/compat/stdbool.h $(incdir)/sudo_compat.h \
+                 $(incdir)/sudo_debug.h $(incdir)/sudo_queue.h \
+                 $(incdir)/sudo_util.h $(srcdir)/parse.h \
+                 $(srcdir)/sudoers_debug.h $(top_builddir)/config.h
+	$(CC) -E -o $@ $(CPPFLAGS) $<
+check_gentime.plog: check_gentime.i
+	rm -f $@; pvs-studio --cfg $(PVS_CFG) --sourcetree-root $(top_srcdir) --skip-cl-exe yes --source-file $(srcdir)/regress/parser/check_gentime.c --i-file $< --output-file $@
+check_hexchar.o: $(srcdir)/regress/parser/check_hexchar.c \
+                 $(incdir)/compat/stdbool.h $(incdir)/sudo_compat.h \
+                 $(incdir)/sudo_util.h $(top_builddir)/config.h
+	$(CC) -c $(CPPFLAGS) $(CFLAGS) $(ASAN_CFLAGS) $(PIE_CFLAGS) $(SSP_CFLAGS) $(srcdir)/regress/parser/check_hexchar.c
+check_hexchar.i: $(srcdir)/regress/parser/check_hexchar.c \
+                 $(incdir)/compat/stdbool.h $(incdir)/sudo_compat.h \
+                 $(incdir)/sudo_util.h $(top_builddir)/config.h
+	$(CC) -E -o $@ $(CPPFLAGS) $<
+check_hexchar.plog: check_hexchar.i
+	rm -f $@; pvs-studio --cfg $(PVS_CFG) --sourcetree-root $(top_srcdir) --skip-cl-exe yes --source-file $(srcdir)/regress/parser/check_hexchar.c --i-file $< --output-file $@
+check_iolog_path.o: $(srcdir)/regress/iolog_path/check_iolog_path.c \
+                    $(devdir)/def_data.c $(devdir)/def_data.h \
+                    $(incdir)/compat/stdbool.h $(incdir)/sudo_compat.h \
+                    $(incdir)/sudo_conf.h $(incdir)/sudo_debug.h \
+                    $(incdir)/sudo_fatal.h $(incdir)/sudo_gettext.h \
+                    $(incdir)/sudo_plugin.h $(incdir)/sudo_queue.h \
+                    $(incdir)/sudo_util.h $(srcdir)/defaults.h \
+                    $(srcdir)/logging.h $(srcdir)/parse.h $(srcdir)/sudo_nss.h \
+                    $(srcdir)/sudoers.h $(srcdir)/sudoers_debug.h \
+                    $(top_builddir)/config.h $(top_builddir)/pathnames.h
+	$(CC) -c $(CPPFLAGS) $(CFLAGS) $(ASAN_CFLAGS) $(PIE_CFLAGS) $(SSP_CFLAGS) $(srcdir)/regress/iolog_path/check_iolog_path.c
+check_iolog_path.i: $(srcdir)/regress/iolog_path/check_iolog_path.c \
+                    $(devdir)/def_data.c $(devdir)/def_data.h \
+                    $(incdir)/compat/stdbool.h $(incdir)/sudo_compat.h \
+                    $(incdir)/sudo_conf.h $(incdir)/sudo_debug.h \
+                    $(incdir)/sudo_fatal.h $(incdir)/sudo_gettext.h \
+                    $(incdir)/sudo_plugin.h $(incdir)/sudo_queue.h \
+                    $(incdir)/sudo_util.h $(srcdir)/defaults.h \
+                    $(srcdir)/logging.h $(srcdir)/parse.h $(srcdir)/sudo_nss.h \
+                    $(srcdir)/sudoers.h $(srcdir)/sudoers_debug.h \
+                    $(top_builddir)/config.h $(top_builddir)/pathnames.h
+	$(CC) -E -o $@ $(CPPFLAGS) $<
+check_iolog_path.plog: check_iolog_path.i
+	rm -f $@; pvs-studio --cfg $(PVS_CFG) --sourcetree-root $(top_srcdir) --skip-cl-exe yes --source-file $(srcdir)/regress/iolog_path/check_iolog_path.c --i-file $< --output-file $@
+check_iolog_plugin.o: $(srcdir)/regress/iolog_plugin/check_iolog_plugin.c \
+                      $(devdir)/def_data.c $(devdir)/def_data.h \
+                      $(incdir)/compat/stdbool.h $(incdir)/sudo_compat.h \
+                      $(incdir)/sudo_conf.h $(incdir)/sudo_debug.h \
+                      $(incdir)/sudo_fatal.h $(incdir)/sudo_gettext.h \
+                      $(incdir)/sudo_plugin.h $(incdir)/sudo_queue.h \
+                      $(incdir)/sudo_util.h $(srcdir)/defaults.h \
+                      $(srcdir)/iolog.h $(srcdir)/logging.h $(srcdir)/parse.h \
+                      $(srcdir)/sudo_nss.h $(srcdir)/sudoers.h \
+                      $(srcdir)/sudoers_debug.h $(top_builddir)/config.h \
+                      $(top_builddir)/pathnames.h
+	$(CC) -c $(CPPFLAGS) $(CFLAGS) $(ASAN_CFLAGS) $(PIE_CFLAGS) $(SSP_CFLAGS) $(srcdir)/regress/iolog_plugin/check_iolog_plugin.c
+check_iolog_plugin.i: $(srcdir)/regress/iolog_plugin/check_iolog_plugin.c \
+                      $(devdir)/def_data.c $(devdir)/def_data.h \
+                      $(incdir)/compat/stdbool.h $(incdir)/sudo_compat.h \
+                      $(incdir)/sudo_conf.h $(incdir)/sudo_debug.h \
+                      $(incdir)/sudo_fatal.h $(incdir)/sudo_gettext.h \
+                      $(incdir)/sudo_plugin.h $(incdir)/sudo_queue.h \
+                      $(incdir)/sudo_util.h $(srcdir)/defaults.h \
+                      $(srcdir)/iolog.h $(srcdir)/logging.h $(srcdir)/parse.h \
+                      $(srcdir)/sudo_nss.h $(srcdir)/sudoers.h \
+                      $(srcdir)/sudoers_debug.h $(top_builddir)/config.h \
+                      $(top_builddir)/pathnames.h
+	$(CC) -E -o $@ $(CPPFLAGS) $<
+check_iolog_plugin.plog: check_iolog_plugin.i
+	rm -f $@; pvs-studio --cfg $(PVS_CFG) --sourcetree-root $(top_srcdir) --skip-cl-exe yes --source-file $(srcdir)/regress/iolog_plugin/check_iolog_plugin.c --i-file $< --output-file $@
+check_iolog_util.o: $(srcdir)/regress/iolog_util/check_iolog_util.c \
+                    $(incdir)/compat/stdbool.h $(incdir)/sudo_compat.h \
+                    $(incdir)/sudo_fatal.h $(incdir)/sudo_util.h \
+                    $(srcdir)/iolog.h $(top_builddir)/config.h
+	$(CC) -c $(CPPFLAGS) $(CFLAGS) $(ASAN_CFLAGS) $(PIE_CFLAGS) $(SSP_CFLAGS) $(srcdir)/regress/iolog_util/check_iolog_util.c
+check_iolog_util.i: $(srcdir)/regress/iolog_util/check_iolog_util.c \
+                    $(incdir)/compat/stdbool.h $(incdir)/sudo_compat.h \
+                    $(incdir)/sudo_fatal.h $(incdir)/sudo_util.h \
+                    $(srcdir)/iolog.h $(top_builddir)/config.h
+	$(CC) -E -o $@ $(CPPFLAGS) $<
+check_iolog_util.plog: check_iolog_util.i
+	rm -f $@; pvs-studio --cfg $(PVS_CFG) --sourcetree-root $(top_srcdir) --skip-cl-exe yes --source-file $(srcdir)/regress/iolog_util/check_iolog_util.c --i-file $< --output-file $@
+check_starttime.o: $(srcdir)/regress/starttime/check_starttime.c \
+                   $(incdir)/compat/stdbool.h $(incdir)/sudo_compat.h \
+                   $(incdir)/sudo_fatal.h $(incdir)/sudo_util.h \
+                   $(srcdir)/check.h $(top_builddir)/config.h
+	$(CC) -c $(CPPFLAGS) $(CFLAGS) $(ASAN_CFLAGS) $(PIE_CFLAGS) $(SSP_CFLAGS) $(srcdir)/regress/starttime/check_starttime.c
+check_starttime.i: $(srcdir)/regress/starttime/check_starttime.c \
+                   $(incdir)/compat/stdbool.h $(incdir)/sudo_compat.h \
+                   $(incdir)/sudo_fatal.h $(incdir)/sudo_util.h \
+                   $(srcdir)/check.h $(top_builddir)/config.h
+	$(CC) -E -o $@ $(CPPFLAGS) $<
+check_starttime.plog: check_starttime.i
+	rm -f $@; pvs-studio --cfg $(PVS_CFG) --sourcetree-root $(top_srcdir) --skip-cl-exe yes --source-file $(srcdir)/regress/starttime/check_starttime.c --i-file $< --output-file $@
+check_symbols.o: $(srcdir)/regress/check_symbols/check_symbols.c \
+                 $(incdir)/compat/stdbool.h $(incdir)/sudo_compat.h \
+                 $(incdir)/sudo_dso.h $(incdir)/sudo_fatal.h \
+                 $(incdir)/sudo_util.h $(top_builddir)/config.h
+	$(CC) -c $(CPPFLAGS) $(CFLAGS) $(ASAN_CFLAGS) $(PIE_CFLAGS) $(SSP_CFLAGS) $(srcdir)/regress/check_symbols/check_symbols.c
+check_symbols.i: $(srcdir)/regress/check_symbols/check_symbols.c \
+                 $(incdir)/compat/stdbool.h $(incdir)/sudo_compat.h \
+                 $(incdir)/sudo_dso.h $(incdir)/sudo_fatal.h \
+                 $(incdir)/sudo_util.h $(top_builddir)/config.h
+	$(CC) -E -o $@ $(CPPFLAGS) $<
+check_symbols.plog: check_symbols.i
+	rm -f $@; pvs-studio --cfg $(PVS_CFG) --sourcetree-root $(top_srcdir) --skip-cl-exe yes --source-file $(srcdir)/regress/check_symbols/check_symbols.c --i-file $< --output-file $@
+check_wrap.o: $(srcdir)/regress/logging/check_wrap.c \
+              $(incdir)/compat/stdbool.h $(incdir)/sudo_compat.h \
+              $(incdir)/sudo_fatal.h $(incdir)/sudo_plugin.h \
+              $(incdir)/sudo_util.h $(top_builddir)/config.h
+	$(CC) -c $(CPPFLAGS) $(CFLAGS) $(ASAN_CFLAGS) $(PIE_CFLAGS) $(SSP_CFLAGS) $(srcdir)/regress/logging/check_wrap.c
+check_wrap.i: $(srcdir)/regress/logging/check_wrap.c \
+              $(incdir)/compat/stdbool.h $(incdir)/sudo_compat.h \
+              $(incdir)/sudo_fatal.h $(incdir)/sudo_plugin.h \
+              $(incdir)/sudo_util.h $(top_builddir)/config.h
+	$(CC) -E -o $@ $(CPPFLAGS) $<
+check_wrap.plog: check_wrap.i
+	rm -f $@; pvs-studio --cfg $(PVS_CFG) --sourcetree-root $(top_srcdir) --skip-cl-exe yes --source-file $(srcdir)/regress/logging/check_wrap.c --i-file $< --output-file $@
+cvtsudoers.o: $(srcdir)/cvtsudoers.c $(devdir)/def_data.h $(devdir)/gram.h \
+              $(incdir)/compat/getopt.h $(incdir)/compat/stdbool.h \
+              $(incdir)/sudo_compat.h $(incdir)/sudo_conf.h \
+              $(incdir)/sudo_debug.h $(incdir)/sudo_fatal.h \
+              $(incdir)/sudo_gettext.h $(incdir)/sudo_lbuf.h \
+              $(incdir)/sudo_plugin.h $(incdir)/sudo_queue.h \
+              $(incdir)/sudo_util.h $(srcdir)/cvtsudoers.h \
+              $(srcdir)/defaults.h $(srcdir)/logging.h $(srcdir)/parse.h \
+              $(srcdir)/redblack.h $(srcdir)/strlist.h $(srcdir)/sudo_nss.h \
+              $(srcdir)/sudoers.h $(srcdir)/sudoers_debug.h \
+              $(srcdir)/sudoers_version.h $(top_builddir)/config.h \
+              $(top_builddir)/pathnames.h
+	$(CC) -c $(CPPFLAGS) $(CFLAGS) $(ASAN_CFLAGS) $(PIE_CFLAGS) $(SSP_CFLAGS) $(srcdir)/cvtsudoers.c
+cvtsudoers.i: $(srcdir)/cvtsudoers.c $(devdir)/def_data.h $(devdir)/gram.h \
+              $(incdir)/compat/getopt.h $(incdir)/compat/stdbool.h \
+              $(incdir)/sudo_compat.h $(incdir)/sudo_conf.h \
+              $(incdir)/sudo_debug.h $(incdir)/sudo_fatal.h \
+              $(incdir)/sudo_gettext.h $(incdir)/sudo_lbuf.h \
+              $(incdir)/sudo_plugin.h $(incdir)/sudo_queue.h \
+              $(incdir)/sudo_util.h $(srcdir)/cvtsudoers.h \
+              $(srcdir)/defaults.h $(srcdir)/logging.h $(srcdir)/parse.h \
+              $(srcdir)/redblack.h $(srcdir)/strlist.h $(srcdir)/sudo_nss.h \
+              $(srcdir)/sudoers.h $(srcdir)/sudoers_debug.h \
+              $(srcdir)/sudoers_version.h $(top_builddir)/config.h \
+              $(top_builddir)/pathnames.h
+	$(CC) -E -o $@ $(CPPFLAGS) $<
+cvtsudoers.plog: cvtsudoers.i
+	rm -f $@; pvs-studio --cfg $(PVS_CFG) --sourcetree-root $(top_srcdir) --skip-cl-exe yes --source-file $(srcdir)/cvtsudoers.c --i-file $< --output-file $@
+cvtsudoers_json.o: $(srcdir)/cvtsudoers_json.c $(devdir)/def_data.h \
+                   $(devdir)/gram.h $(incdir)/compat/stdbool.h \
+                   $(incdir)/sudo_compat.h $(incdir)/sudo_conf.h \
+                   $(incdir)/sudo_debug.h $(incdir)/sudo_fatal.h \
+                   $(incdir)/sudo_gettext.h $(incdir)/sudo_plugin.h \
+                   $(incdir)/sudo_queue.h $(incdir)/sudo_util.h \
+                   $(srcdir)/cvtsudoers.h $(srcdir)/defaults.h \
+                   $(srcdir)/logging.h $(srcdir)/parse.h $(srcdir)/strlist.h \
+                   $(srcdir)/sudo_nss.h $(srcdir)/sudoers.h \
+                   $(srcdir)/sudoers_debug.h $(top_builddir)/config.h \
+                   $(top_builddir)/pathnames.h
+	$(CC) -c $(CPPFLAGS) $(CFLAGS) $(ASAN_CFLAGS) $(PIE_CFLAGS) $(SSP_CFLAGS) $(srcdir)/cvtsudoers_json.c
+cvtsudoers_json.i: $(srcdir)/cvtsudoers_json.c $(devdir)/def_data.h \
+                   $(devdir)/gram.h $(incdir)/compat/stdbool.h \
+                   $(incdir)/sudo_compat.h $(incdir)/sudo_conf.h \
+                   $(incdir)/sudo_debug.h $(incdir)/sudo_fatal.h \
+                   $(incdir)/sudo_gettext.h $(incdir)/sudo_plugin.h \
+                   $(incdir)/sudo_queue.h $(incdir)/sudo_util.h \
+                   $(srcdir)/cvtsudoers.h $(srcdir)/defaults.h \
+                   $(srcdir)/logging.h $(srcdir)/parse.h $(srcdir)/strlist.h \
+                   $(srcdir)/sudo_nss.h $(srcdir)/sudoers.h \
+                   $(srcdir)/sudoers_debug.h $(top_builddir)/config.h \
+                   $(top_builddir)/pathnames.h
+	$(CC) -E -o $@ $(CPPFLAGS) $<
+cvtsudoers_json.plog: cvtsudoers_json.i
+	rm -f $@; pvs-studio --cfg $(PVS_CFG) --sourcetree-root $(top_srcdir) --skip-cl-exe yes --source-file $(srcdir)/cvtsudoers_json.c --i-file $< --output-file $@
+cvtsudoers_ldif.o: $(srcdir)/cvtsudoers_ldif.c $(devdir)/def_data.h \
+                   $(devdir)/gram.h $(incdir)/compat/stdbool.h \
+                   $(incdir)/sudo_compat.h $(incdir)/sudo_conf.h \
+                   $(incdir)/sudo_debug.h $(incdir)/sudo_fatal.h \
+                   $(incdir)/sudo_gettext.h $(incdir)/sudo_lbuf.h \
+                   $(incdir)/sudo_plugin.h $(incdir)/sudo_queue.h \
+                   $(incdir)/sudo_util.h $(srcdir)/cvtsudoers.h \
+                   $(srcdir)/defaults.h $(srcdir)/logging.h $(srcdir)/parse.h \
+                   $(srcdir)/redblack.h $(srcdir)/strlist.h \
+                   $(srcdir)/sudo_ldap.h $(srcdir)/sudo_nss.h \
+                   $(srcdir)/sudoers.h $(srcdir)/sudoers_debug.h \
+                   $(top_builddir)/config.h $(top_builddir)/pathnames.h
+	$(CC) -c $(CPPFLAGS) $(CFLAGS) $(ASAN_CFLAGS) $(PIE_CFLAGS) $(SSP_CFLAGS) $(srcdir)/cvtsudoers_ldif.c
+cvtsudoers_ldif.i: $(srcdir)/cvtsudoers_ldif.c $(devdir)/def_data.h \
+                   $(devdir)/gram.h $(incdir)/compat/stdbool.h \
+                   $(incdir)/sudo_compat.h $(incdir)/sudo_conf.h \
+                   $(incdir)/sudo_debug.h $(incdir)/sudo_fatal.h \
+                   $(incdir)/sudo_gettext.h $(incdir)/sudo_lbuf.h \
+                   $(incdir)/sudo_plugin.h $(incdir)/sudo_queue.h \
+                   $(incdir)/sudo_util.h $(srcdir)/cvtsudoers.h \
+                   $(srcdir)/defaults.h $(srcdir)/logging.h $(srcdir)/parse.h \
+                   $(srcdir)/redblack.h $(srcdir)/strlist.h \
+                   $(srcdir)/sudo_ldap.h $(srcdir)/sudo_nss.h \
+                   $(srcdir)/sudoers.h $(srcdir)/sudoers_debug.h \
+                   $(top_builddir)/config.h $(top_builddir)/pathnames.h
+	$(CC) -E -o $@ $(CPPFLAGS) $<
+cvtsudoers_ldif.plog: cvtsudoers_ldif.i
+	rm -f $@; pvs-studio --cfg $(PVS_CFG) --sourcetree-root $(top_srcdir) --skip-cl-exe yes --source-file $(srcdir)/cvtsudoers_ldif.c --i-file $< --output-file $@
+cvtsudoers_pwutil.o: $(srcdir)/cvtsudoers_pwutil.c $(devdir)/def_data.h \
+                     $(incdir)/compat/stdbool.h $(incdir)/sudo_compat.h \
+                     $(incdir)/sudo_conf.h $(incdir)/sudo_debug.h \
+                     $(incdir)/sudo_fatal.h $(incdir)/sudo_gettext.h \
+                     $(incdir)/sudo_plugin.h $(incdir)/sudo_queue.h \
+                     $(incdir)/sudo_util.h $(srcdir)/cvtsudoers.h \
+                     $(srcdir)/defaults.h $(srcdir)/logging.h \
+                     $(srcdir)/parse.h $(srcdir)/pwutil.h $(srcdir)/strlist.h \
+                     $(srcdir)/sudo_nss.h $(srcdir)/sudoers.h \
+                     $(srcdir)/sudoers_debug.h $(top_builddir)/config.h \
+                     $(top_builddir)/pathnames.h
+	$(CC) -c $(CPPFLAGS) $(CFLAGS) $(ASAN_CFLAGS) $(PIE_CFLAGS) $(SSP_CFLAGS) $(srcdir)/cvtsudoers_pwutil.c
+cvtsudoers_pwutil.i: $(srcdir)/cvtsudoers_pwutil.c $(devdir)/def_data.h \
+                     $(incdir)/compat/stdbool.h $(incdir)/sudo_compat.h \
+                     $(incdir)/sudo_conf.h $(incdir)/sudo_debug.h \
+                     $(incdir)/sudo_fatal.h $(incdir)/sudo_gettext.h \
+                     $(incdir)/sudo_plugin.h $(incdir)/sudo_queue.h \
+                     $(incdir)/sudo_util.h $(srcdir)/cvtsudoers.h \
+                     $(srcdir)/defaults.h $(srcdir)/logging.h \
+                     $(srcdir)/parse.h $(srcdir)/pwutil.h $(srcdir)/strlist.h \
+                     $(srcdir)/sudo_nss.h $(srcdir)/sudoers.h \
+                     $(srcdir)/sudoers_debug.h $(top_builddir)/config.h \
+                     $(top_builddir)/pathnames.h
+	$(CC) -E -o $@ $(CPPFLAGS) $<
+cvtsudoers_pwutil.plog: cvtsudoers_pwutil.i
+	rm -f $@; pvs-studio --cfg $(PVS_CFG) --sourcetree-root $(top_srcdir) --skip-cl-exe yes --source-file $(srcdir)/cvtsudoers_pwutil.c --i-file $< --output-file $@
+dce.lo: $(authdir)/dce.c $(devdir)/def_data.h $(incdir)/compat/stdbool.h \
+        $(incdir)/sudo_compat.h $(incdir)/sudo_conf.h $(incdir)/sudo_debug.h \
+        $(incdir)/sudo_fatal.h $(incdir)/sudo_gettext.h \
+        $(incdir)/sudo_plugin.h $(incdir)/sudo_queue.h $(incdir)/sudo_util.h \
+        $(srcdir)/defaults.h $(srcdir)/logging.h $(srcdir)/parse.h \
+        $(srcdir)/sudo_nss.h $(srcdir)/sudoers.h $(srcdir)/sudoers_debug.h \
+        $(top_builddir)/config.h $(top_builddir)/pathnames.h
+	$(LIBTOOL) $(LTFLAGS) --mode=compile $(CC) -c $(CPPFLAGS) $(CFLAGS) $(ASAN_CFLAGS) $(PIE_CFLAGS) $(SSP_CFLAGS) $(authdir)/dce.c
+dce.i: $(authdir)/dce.c $(devdir)/def_data.h $(incdir)/compat/stdbool.h \
+        $(incdir)/sudo_compat.h $(incdir)/sudo_conf.h $(incdir)/sudo_debug.h \
+        $(incdir)/sudo_fatal.h $(incdir)/sudo_gettext.h \
+        $(incdir)/sudo_plugin.h $(incdir)/sudo_queue.h $(incdir)/sudo_util.h \
+        $(srcdir)/defaults.h $(srcdir)/logging.h $(srcdir)/parse.h \
+        $(srcdir)/sudo_nss.h $(srcdir)/sudoers.h $(srcdir)/sudoers_debug.h \
+        $(top_builddir)/config.h $(top_builddir)/pathnames.h
+	$(CC) -E -o $@ $(CPPFLAGS) $<
+dce.plog: dce.i
+	rm -f $@; pvs-studio --cfg $(PVS_CFG) --sourcetree-root $(top_srcdir) --skip-cl-exe yes --source-file $(authdir)/dce.c --i-file $< --output-file $@
+defaults.lo: $(srcdir)/defaults.c $(devdir)/def_data.c $(devdir)/def_data.h \
+             $(devdir)/gram.h $(incdir)/compat/stdbool.h \
+             $(incdir)/sudo_compat.h $(incdir)/sudo_conf.h \
+             $(incdir)/sudo_debug.h $(incdir)/sudo_fatal.h \
+             $(incdir)/sudo_gettext.h $(incdir)/sudo_plugin.h \
+             $(incdir)/sudo_queue.h $(incdir)/sudo_util.h $(srcdir)/defaults.h \
+             $(srcdir)/logging.h $(srcdir)/parse.h $(srcdir)/sudo_nss.h \
+             $(srcdir)/sudoers.h $(srcdir)/sudoers_debug.h \
+             $(top_builddir)/config.h $(top_builddir)/pathnames.h
+	$(LIBTOOL) $(LTFLAGS) --mode=compile $(CC) -c $(CPPFLAGS) $(CFLAGS) $(ASAN_CFLAGS) $(PIE_CFLAGS) $(SSP_CFLAGS) $(srcdir)/defaults.c
+defaults.i: $(srcdir)/defaults.c $(devdir)/def_data.c $(devdir)/def_data.h \
+             $(devdir)/gram.h $(incdir)/compat/stdbool.h \
+             $(incdir)/sudo_compat.h $(incdir)/sudo_conf.h \
+             $(incdir)/sudo_debug.h $(incdir)/sudo_fatal.h \
+             $(incdir)/sudo_gettext.h $(incdir)/sudo_plugin.h \
+             $(incdir)/sudo_queue.h $(incdir)/sudo_util.h $(srcdir)/defaults.h \
+             $(srcdir)/logging.h $(srcdir)/parse.h $(srcdir)/sudo_nss.h \
+             $(srcdir)/sudoers.h $(srcdir)/sudoers_debug.h \
+             $(top_builddir)/config.h $(top_builddir)/pathnames.h
+	$(CC) -E -o $@ $(CPPFLAGS) $<
+defaults.plog: defaults.i
+	rm -f $@; pvs-studio --cfg $(PVS_CFG) --sourcetree-root $(top_srcdir) --skip-cl-exe yes --source-file $(srcdir)/defaults.c --i-file $< --output-file $@
+digestname.lo: $(srcdir)/digestname.c $(incdir)/compat/stdbool.h \
+               $(incdir)/sudo_compat.h $(incdir)/sudo_debug.h \
+               $(incdir)/sudo_digest.h $(incdir)/sudo_queue.h \
+               $(srcdir)/parse.h $(srcdir)/sudoers_debug.h \
+               $(top_builddir)/config.h
+	$(LIBTOOL) $(LTFLAGS) --mode=compile $(CC) -c $(CPPFLAGS) $(CFLAGS) $(ASAN_CFLAGS) $(PIE_CFLAGS) $(SSP_CFLAGS) $(srcdir)/digestname.c
+digestname.i: $(srcdir)/digestname.c $(incdir)/compat/stdbool.h \
+               $(incdir)/sudo_compat.h $(incdir)/sudo_debug.h \
+               $(incdir)/sudo_digest.h $(incdir)/sudo_queue.h \
+               $(srcdir)/parse.h $(srcdir)/sudoers_debug.h \
+               $(top_builddir)/config.h
+	$(CC) -E -o $@ $(CPPFLAGS) $<
+digestname.plog: digestname.i
+	rm -f $@; pvs-studio --cfg $(PVS_CFG) --sourcetree-root $(top_srcdir) --skip-cl-exe yes --source-file $(srcdir)/digestname.c --i-file $< --output-file $@
+editor.lo: $(srcdir)/editor.c $(devdir)/def_data.h $(incdir)/compat/stdbool.h \
+           $(incdir)/sudo_compat.h $(incdir)/sudo_conf.h \
+           $(incdir)/sudo_debug.h $(incdir)/sudo_fatal.h \
+           $(incdir)/sudo_gettext.h $(incdir)/sudo_plugin.h \
+           $(incdir)/sudo_queue.h $(incdir)/sudo_util.h $(srcdir)/defaults.h \
+           $(srcdir)/logging.h $(srcdir)/parse.h $(srcdir)/sudo_nss.h \
+           $(srcdir)/sudoers.h $(srcdir)/sudoers_debug.h \
+           $(top_builddir)/config.h $(top_builddir)/pathnames.h
+	$(LIBTOOL) $(LTFLAGS) --mode=compile $(CC) -c $(CPPFLAGS) $(CFLAGS) $(ASAN_CFLAGS) $(PIE_CFLAGS) $(SSP_CFLAGS) $(srcdir)/editor.c
+editor.i: $(srcdir)/editor.c $(devdir)/def_data.h $(incdir)/compat/stdbool.h \
+           $(incdir)/sudo_compat.h $(incdir)/sudo_conf.h \
+           $(incdir)/sudo_debug.h $(incdir)/sudo_fatal.h \
+           $(incdir)/sudo_gettext.h $(incdir)/sudo_plugin.h \
+           $(incdir)/sudo_queue.h $(incdir)/sudo_util.h $(srcdir)/defaults.h \
+           $(srcdir)/logging.h $(srcdir)/parse.h $(srcdir)/sudo_nss.h \
+           $(srcdir)/sudoers.h $(srcdir)/sudoers_debug.h \
+           $(top_builddir)/config.h $(top_builddir)/pathnames.h
+	$(CC) -E -o $@ $(CPPFLAGS) $<
+editor.plog: editor.i
+	rm -f $@; pvs-studio --cfg $(PVS_CFG) --sourcetree-root $(top_srcdir) --skip-cl-exe yes --source-file $(srcdir)/editor.c --i-file $< --output-file $@
+env.lo: $(srcdir)/env.c $(devdir)/def_data.h $(incdir)/compat/stdbool.h \
+        $(incdir)/sudo_compat.h $(incdir)/sudo_conf.h $(incdir)/sudo_debug.h \
+        $(incdir)/sudo_fatal.h $(incdir)/sudo_gettext.h \
+        $(incdir)/sudo_plugin.h $(incdir)/sudo_queue.h $(incdir)/sudo_util.h \
+        $(srcdir)/defaults.h $(srcdir)/logging.h $(srcdir)/parse.h \
+        $(srcdir)/sudo_nss.h $(srcdir)/sudoers.h $(srcdir)/sudoers_debug.h \
+        $(top_builddir)/config.h $(top_builddir)/pathnames.h
+	$(LIBTOOL) $(LTFLAGS) --mode=compile $(CC) -c $(CPPFLAGS) $(CFLAGS) $(ASAN_CFLAGS) $(PIE_CFLAGS) $(SSP_CFLAGS) $(srcdir)/env.c
+env.i: $(srcdir)/env.c $(devdir)/def_data.h $(incdir)/compat/stdbool.h \
+        $(incdir)/sudo_compat.h $(incdir)/sudo_conf.h $(incdir)/sudo_debug.h \
+        $(incdir)/sudo_fatal.h $(incdir)/sudo_gettext.h \
+        $(incdir)/sudo_plugin.h $(incdir)/sudo_queue.h $(incdir)/sudo_util.h \
+        $(srcdir)/defaults.h $(srcdir)/logging.h $(srcdir)/parse.h \
+        $(srcdir)/sudo_nss.h $(srcdir)/sudoers.h $(srcdir)/sudoers_debug.h \
+        $(top_builddir)/config.h $(top_builddir)/pathnames.h
+	$(CC) -E -o $@ $(CPPFLAGS) $<
+env.plog: env.i
+	rm -f $@; pvs-studio --cfg $(PVS_CFG) --sourcetree-root $(top_srcdir) --skip-cl-exe yes --source-file $(srcdir)/env.c --i-file $< --output-file $@
+env_pattern.lo: $(srcdir)/env_pattern.c $(devdir)/def_data.h \
+                $(incdir)/compat/stdbool.h $(incdir)/sudo_compat.h \
+                $(incdir)/sudo_conf.h $(incdir)/sudo_debug.h \
+                $(incdir)/sudo_fatal.h $(incdir)/sudo_gettext.h \
+                $(incdir)/sudo_plugin.h $(incdir)/sudo_queue.h \
+                $(incdir)/sudo_util.h $(srcdir)/defaults.h $(srcdir)/logging.h \
+                $(srcdir)/parse.h $(srcdir)/sudo_nss.h $(srcdir)/sudoers.h \
+                $(srcdir)/sudoers_debug.h $(top_builddir)/config.h \
+                $(top_builddir)/pathnames.h
+	$(LIBTOOL) $(LTFLAGS) --mode=compile $(CC) -c $(CPPFLAGS) $(CFLAGS) $(ASAN_CFLAGS) $(PIE_CFLAGS) $(SSP_CFLAGS) $(srcdir)/env_pattern.c
+env_pattern.i: $(srcdir)/env_pattern.c $(devdir)/def_data.h \
+                $(incdir)/compat/stdbool.h $(incdir)/sudo_compat.h \
+                $(incdir)/sudo_conf.h $(incdir)/sudo_debug.h \
+                $(incdir)/sudo_fatal.h $(incdir)/sudo_gettext.h \
+                $(incdir)/sudo_plugin.h $(incdir)/sudo_queue.h \
+                $(incdir)/sudo_util.h $(srcdir)/defaults.h $(srcdir)/logging.h \
+                $(srcdir)/parse.h $(srcdir)/sudo_nss.h $(srcdir)/sudoers.h \
+                $(srcdir)/sudoers_debug.h $(top_builddir)/config.h \
+                $(top_builddir)/pathnames.h
+	$(CC) -E -o $@ $(CPPFLAGS) $<
+env_pattern.plog: env_pattern.i
+	rm -f $@; pvs-studio --cfg $(PVS_CFG) --sourcetree-root $(top_srcdir) --skip-cl-exe yes --source-file $(srcdir)/env_pattern.c --i-file $< --output-file $@
+file.lo: $(srcdir)/file.c $(devdir)/def_data.h $(devdir)/gram.h \
+         $(incdir)/compat/stdbool.h $(incdir)/sudo_compat.h \
+         $(incdir)/sudo_conf.h $(incdir)/sudo_debug.h $(incdir)/sudo_fatal.h \
+         $(incdir)/sudo_gettext.h $(incdir)/sudo_lbuf.h \
+         $(incdir)/sudo_plugin.h $(incdir)/sudo_queue.h $(incdir)/sudo_util.h \
+         $(srcdir)/defaults.h $(srcdir)/logging.h $(srcdir)/parse.h \
+         $(srcdir)/sudo_nss.h $(srcdir)/sudoers.h $(srcdir)/sudoers_debug.h \
+         $(top_builddir)/config.h $(top_builddir)/pathnames.h
+	$(LIBTOOL) $(LTFLAGS) --mode=compile $(CC) -c $(CPPFLAGS) $(CFLAGS) $(ASAN_CFLAGS) $(PIE_CFLAGS) $(SSP_CFLAGS) $(srcdir)/file.c
+file.i: $(srcdir)/file.c $(devdir)/def_data.h $(devdir)/gram.h \
+         $(incdir)/compat/stdbool.h $(incdir)/sudo_compat.h \
+         $(incdir)/sudo_conf.h $(incdir)/sudo_debug.h $(incdir)/sudo_fatal.h \
+         $(incdir)/sudo_gettext.h $(incdir)/sudo_lbuf.h \
+         $(incdir)/sudo_plugin.h $(incdir)/sudo_queue.h $(incdir)/sudo_util.h \
+         $(srcdir)/defaults.h $(srcdir)/logging.h $(srcdir)/parse.h \
+         $(srcdir)/sudo_nss.h $(srcdir)/sudoers.h $(srcdir)/sudoers_debug.h \
+         $(top_builddir)/config.h $(top_builddir)/pathnames.h
+	$(CC) -E -o $@ $(CPPFLAGS) $<
+file.plog: file.i
+	rm -f $@; pvs-studio --cfg $(PVS_CFG) --sourcetree-root $(top_srcdir) --skip-cl-exe yes --source-file $(srcdir)/file.c --i-file $< --output-file $@
+filedigest.lo: $(srcdir)/filedigest.c $(devdir)/def_data.h \
+               $(incdir)/compat/stdbool.h $(incdir)/sudo_compat.h \
+               $(incdir)/sudo_conf.h $(incdir)/sudo_debug.h \
+               $(incdir)/sudo_digest.h $(incdir)/sudo_fatal.h \
+               $(incdir)/sudo_gettext.h $(incdir)/sudo_plugin.h \
+               $(incdir)/sudo_queue.h $(incdir)/sudo_util.h \
+               $(srcdir)/defaults.h $(srcdir)/logging.h $(srcdir)/parse.h \
+               $(srcdir)/sudo_nss.h $(srcdir)/sudoers.h \
+               $(srcdir)/sudoers_debug.h $(top_builddir)/config.h \
+               $(top_builddir)/pathnames.h
+	$(LIBTOOL) $(LTFLAGS) --mode=compile $(CC) -c $(CPPFLAGS) $(CFLAGS) $(ASAN_CFLAGS) $(PIE_CFLAGS) $(SSP_CFLAGS) $(srcdir)/filedigest.c
+filedigest.i: $(srcdir)/filedigest.c $(devdir)/def_data.h \
+               $(incdir)/compat/stdbool.h $(incdir)/sudo_compat.h \
+               $(incdir)/sudo_conf.h $(incdir)/sudo_debug.h \
+               $(incdir)/sudo_digest.h $(incdir)/sudo_fatal.h \
+               $(incdir)/sudo_gettext.h $(incdir)/sudo_plugin.h \
+               $(incdir)/sudo_queue.h $(incdir)/sudo_util.h \
+               $(srcdir)/defaults.h $(srcdir)/logging.h $(srcdir)/parse.h \
+               $(srcdir)/sudo_nss.h $(srcdir)/sudoers.h \
+               $(srcdir)/sudoers_debug.h $(top_builddir)/config.h \
+               $(top_builddir)/pathnames.h
+	$(CC) -E -o $@ $(CPPFLAGS) $<
+filedigest.plog: filedigest.i
+	rm -f $@; pvs-studio --cfg $(PVS_CFG) --sourcetree-root $(top_srcdir) --skip-cl-exe yes --source-file $(srcdir)/filedigest.c --i-file $< --output-file $@
+find_path.lo: $(srcdir)/find_path.c $(devdir)/def_data.h \
+              $(incdir)/compat/stdbool.h $(incdir)/sudo_compat.h \
+              $(incdir)/sudo_conf.h $(incdir)/sudo_debug.h \
+              $(incdir)/sudo_fatal.h $(incdir)/sudo_gettext.h \
+              $(incdir)/sudo_plugin.h $(incdir)/sudo_queue.h \
+              $(incdir)/sudo_util.h $(srcdir)/defaults.h $(srcdir)/logging.h \
+              $(srcdir)/parse.h $(srcdir)/sudo_nss.h $(srcdir)/sudoers.h \
+              $(srcdir)/sudoers_debug.h $(top_builddir)/config.h \
+              $(top_builddir)/pathnames.h
+	$(LIBTOOL) $(LTFLAGS) --mode=compile $(CC) -c $(CPPFLAGS) $(CFLAGS) $(ASAN_CFLAGS) $(PIE_CFLAGS) $(SSP_CFLAGS) $(srcdir)/find_path.c
+find_path.i: $(srcdir)/find_path.c $(devdir)/def_data.h \
+              $(incdir)/compat/stdbool.h $(incdir)/sudo_compat.h \
+              $(incdir)/sudo_conf.h $(incdir)/sudo_debug.h \
+              $(incdir)/sudo_fatal.h $(incdir)/sudo_gettext.h \
+              $(incdir)/sudo_plugin.h $(incdir)/sudo_queue.h \
+              $(incdir)/sudo_util.h $(srcdir)/defaults.h $(srcdir)/logging.h \
+              $(srcdir)/parse.h $(srcdir)/sudo_nss.h $(srcdir)/sudoers.h \
+              $(srcdir)/sudoers_debug.h $(top_builddir)/config.h \
+              $(top_builddir)/pathnames.h
+	$(CC) -E -o $@ $(CPPFLAGS) $<
+find_path.plog: find_path.i
+	rm -f $@; pvs-studio --cfg $(PVS_CFG) --sourcetree-root $(top_srcdir) --skip-cl-exe yes --source-file $(srcdir)/find_path.c --i-file $< --output-file $@
+fmtsudoers.lo: $(srcdir)/fmtsudoers.c $(devdir)/def_data.h $(devdir)/gram.h \
+               $(incdir)/compat/stdbool.h $(incdir)/sudo_compat.h \
+               $(incdir)/sudo_conf.h $(incdir)/sudo_debug.h \
+               $(incdir)/sudo_fatal.h $(incdir)/sudo_gettext.h \
+               $(incdir)/sudo_lbuf.h $(incdir)/sudo_plugin.h \
+               $(incdir)/sudo_queue.h $(incdir)/sudo_util.h \
+               $(srcdir)/defaults.h $(srcdir)/logging.h $(srcdir)/parse.h \
+               $(srcdir)/sudo_nss.h $(srcdir)/sudoers.h \
+               $(srcdir)/sudoers_debug.h $(top_builddir)/config.h \
+               $(top_builddir)/pathnames.h
+	$(LIBTOOL) $(LTFLAGS) --mode=compile $(CC) -c $(CPPFLAGS) $(CFLAGS) $(ASAN_CFLAGS) $(PIE_CFLAGS) $(SSP_CFLAGS) $(srcdir)/fmtsudoers.c
+fmtsudoers.i: $(srcdir)/fmtsudoers.c $(devdir)/def_data.h $(devdir)/gram.h \
+               $(incdir)/compat/stdbool.h $(incdir)/sudo_compat.h \
+               $(incdir)/sudo_conf.h $(incdir)/sudo_debug.h \
+               $(incdir)/sudo_fatal.h $(incdir)/sudo_gettext.h \
+               $(incdir)/sudo_lbuf.h $(incdir)/sudo_plugin.h \
+               $(incdir)/sudo_queue.h $(incdir)/sudo_util.h \
+               $(srcdir)/defaults.h $(srcdir)/logging.h $(srcdir)/parse.h \
+               $(srcdir)/sudo_nss.h $(srcdir)/sudoers.h \
+               $(srcdir)/sudoers_debug.h $(top_builddir)/config.h \
+               $(top_builddir)/pathnames.h
+	$(CC) -E -o $@ $(CPPFLAGS) $<
+fmtsudoers.plog: fmtsudoers.i
+	rm -f $@; pvs-studio --cfg $(PVS_CFG) --sourcetree-root $(top_srcdir) --skip-cl-exe yes --source-file $(srcdir)/fmtsudoers.c --i-file $< --output-file $@
+fwtk.lo: $(authdir)/fwtk.c $(devdir)/def_data.h $(incdir)/compat/stdbool.h \
+         $(incdir)/sudo_compat.h $(incdir)/sudo_conf.h $(incdir)/sudo_debug.h \
+         $(incdir)/sudo_fatal.h $(incdir)/sudo_gettext.h \
+         $(incdir)/sudo_plugin.h $(incdir)/sudo_queue.h $(incdir)/sudo_util.h \
+         $(srcdir)/defaults.h $(srcdir)/logging.h $(srcdir)/parse.h \
+         $(srcdir)/sudo_nss.h $(srcdir)/sudoers.h $(srcdir)/sudoers_debug.h \
+         $(top_builddir)/config.h $(top_builddir)/pathnames.h
+	$(LIBTOOL) $(LTFLAGS) --mode=compile $(CC) -c $(CPPFLAGS) $(CFLAGS) $(ASAN_CFLAGS) $(PIE_CFLAGS) $(SSP_CFLAGS) $(authdir)/fwtk.c
+fwtk.i: $(authdir)/fwtk.c $(devdir)/def_data.h $(incdir)/compat/stdbool.h \
+         $(incdir)/sudo_compat.h $(incdir)/sudo_conf.h $(incdir)/sudo_debug.h \
+         $(incdir)/sudo_fatal.h $(incdir)/sudo_gettext.h \
+         $(incdir)/sudo_plugin.h $(incdir)/sudo_queue.h $(incdir)/sudo_util.h \
+         $(srcdir)/defaults.h $(srcdir)/logging.h $(srcdir)/parse.h \
+         $(srcdir)/sudo_nss.h $(srcdir)/sudoers.h $(srcdir)/sudoers_debug.h \
+         $(top_builddir)/config.h $(top_builddir)/pathnames.h
+	$(CC) -E -o $@ $(CPPFLAGS) $<
+fwtk.plog: fwtk.i
+	rm -f $@; pvs-studio --cfg $(PVS_CFG) --sourcetree-root $(top_srcdir) --skip-cl-exe yes --source-file $(authdir)/fwtk.c --i-file $< --output-file $@
+gc.lo: $(srcdir)/gc.c $(devdir)/def_data.h $(incdir)/compat/stdbool.h \
+       $(incdir)/sudo_compat.h $(incdir)/sudo_conf.h $(incdir)/sudo_debug.h \
+       $(incdir)/sudo_fatal.h $(incdir)/sudo_gettext.h $(incdir)/sudo_plugin.h \
+       $(incdir)/sudo_queue.h $(incdir)/sudo_util.h $(srcdir)/defaults.h \
+       $(srcdir)/logging.h $(srcdir)/parse.h $(srcdir)/sudo_nss.h \
+       $(srcdir)/sudoers.h $(srcdir)/sudoers_debug.h $(top_builddir)/config.h \
+       $(top_builddir)/pathnames.h
+	$(LIBTOOL) $(LTFLAGS) --mode=compile $(CC) -c $(CPPFLAGS) $(CFLAGS) $(ASAN_CFLAGS) $(PIE_CFLAGS) $(SSP_CFLAGS) $(srcdir)/gc.c
+gc.i: $(srcdir)/gc.c $(devdir)/def_data.h $(incdir)/compat/stdbool.h \
+       $(incdir)/sudo_compat.h $(incdir)/sudo_conf.h $(incdir)/sudo_debug.h \
+       $(incdir)/sudo_fatal.h $(incdir)/sudo_gettext.h $(incdir)/sudo_plugin.h \
+       $(incdir)/sudo_queue.h $(incdir)/sudo_util.h $(srcdir)/defaults.h \
+       $(srcdir)/logging.h $(srcdir)/parse.h $(srcdir)/sudo_nss.h \
+       $(srcdir)/sudoers.h $(srcdir)/sudoers_debug.h $(top_builddir)/config.h \
+       $(top_builddir)/pathnames.h
+	$(CC) -E -o $@ $(CPPFLAGS) $<
+gc.plog: gc.i
+	rm -f $@; pvs-studio --cfg $(PVS_CFG) --sourcetree-root $(top_srcdir) --skip-cl-exe yes --source-file $(srcdir)/gc.c --i-file $< --output-file $@
+gentime.lo: $(srcdir)/gentime.c $(incdir)/compat/stdbool.h \
+            $(incdir)/sudo_compat.h $(incdir)/sudo_debug.h \
+            $(incdir)/sudo_queue.h $(srcdir)/parse.h $(srcdir)/sudoers_debug.h \
+            $(top_builddir)/config.h
+	$(LIBTOOL) $(LTFLAGS) --mode=compile $(CC) -c $(CPPFLAGS) $(CFLAGS) $(ASAN_CFLAGS) $(PIE_CFLAGS) $(SSP_CFLAGS) $(srcdir)/gentime.c
+gentime.i: $(srcdir)/gentime.c $(incdir)/compat/stdbool.h \
+            $(incdir)/sudo_compat.h $(incdir)/sudo_debug.h \
+            $(incdir)/sudo_queue.h $(srcdir)/parse.h $(srcdir)/sudoers_debug.h \
+            $(top_builddir)/config.h
+	$(CC) -E -o $@ $(CPPFLAGS) $<
+gentime.plog: gentime.i
+	rm -f $@; pvs-studio --cfg $(PVS_CFG) --sourcetree-root $(top_srcdir) --skip-cl-exe yes --source-file $(srcdir)/gentime.c --i-file $< --output-file $@
+getdate.o: $(devdir)/getdate.c $(incdir)/sudo_compat.h $(top_builddir)/config.h
+	$(CC) -c $(CPPFLAGS) $(CFLAGS) $(ASAN_CFLAGS) $(PIE_CFLAGS) $(SSP_CFLAGS) $(devdir)/getdate.c
+getdate.i: $(devdir)/getdate.c $(incdir)/sudo_compat.h $(top_builddir)/config.h
+	$(CC) -E -o $@ $(CPPFLAGS) $<
+getdate.plog: getdate.i
+	rm -f $@; pvs-studio --cfg $(PVS_CFG) --sourcetree-root $(top_srcdir) --skip-cl-exe yes --source-file $(devdir)/getdate.c --i-file $< --output-file $@
+getspwuid.lo: $(srcdir)/getspwuid.c $(devdir)/def_data.h \
+              $(incdir)/compat/stdbool.h $(incdir)/sudo_compat.h \
+              $(incdir)/sudo_conf.h $(incdir)/sudo_debug.h \
+              $(incdir)/sudo_fatal.h $(incdir)/sudo_gettext.h \
+              $(incdir)/sudo_plugin.h $(incdir)/sudo_queue.h \
+              $(incdir)/sudo_util.h $(srcdir)/defaults.h $(srcdir)/logging.h \
+              $(srcdir)/parse.h $(srcdir)/sudo_nss.h $(srcdir)/sudoers.h \
+              $(srcdir)/sudoers_debug.h $(top_builddir)/config.h \
+              $(top_builddir)/pathnames.h
+	$(LIBTOOL) $(LTFLAGS) --mode=compile $(CC) -c $(CPPFLAGS) $(CFLAGS) $(ASAN_CFLAGS) $(PIE_CFLAGS) $(SSP_CFLAGS) $(srcdir)/getspwuid.c
+getspwuid.i: $(srcdir)/getspwuid.c $(devdir)/def_data.h \
+              $(incdir)/compat/stdbool.h $(incdir)/sudo_compat.h \
+              $(incdir)/sudo_conf.h $(incdir)/sudo_debug.h \
+              $(incdir)/sudo_fatal.h $(incdir)/sudo_gettext.h \
+              $(incdir)/sudo_plugin.h $(incdir)/sudo_queue.h \
+              $(incdir)/sudo_util.h $(srcdir)/defaults.h $(srcdir)/logging.h \
+              $(srcdir)/parse.h $(srcdir)/sudo_nss.h $(srcdir)/sudoers.h \
+              $(srcdir)/sudoers_debug.h $(top_builddir)/config.h \
+              $(top_builddir)/pathnames.h
+	$(CC) -E -o $@ $(CPPFLAGS) $<
+getspwuid.plog: getspwuid.i
+	rm -f $@; pvs-studio --cfg $(PVS_CFG) --sourcetree-root $(top_srcdir) --skip-cl-exe yes --source-file $(srcdir)/getspwuid.c --i-file $< --output-file $@
+gmtoff.lo: $(srcdir)/gmtoff.c $(incdir)/compat/stdbool.h \
+           $(incdir)/sudo_compat.h $(incdir)/sudo_debug.h \
+           $(incdir)/sudo_queue.h $(srcdir)/parse.h $(srcdir)/sudoers_debug.h \
+           $(top_builddir)/config.h
+	$(LIBTOOL) $(LTFLAGS) --mode=compile $(CC) -c $(CPPFLAGS) $(CFLAGS) $(ASAN_CFLAGS) $(PIE_CFLAGS) $(SSP_CFLAGS) $(srcdir)/gmtoff.c
+gmtoff.i: $(srcdir)/gmtoff.c $(incdir)/compat/stdbool.h \
+           $(incdir)/sudo_compat.h $(incdir)/sudo_debug.h \
+           $(incdir)/sudo_queue.h $(srcdir)/parse.h $(srcdir)/sudoers_debug.h \
+           $(top_builddir)/config.h
+	$(CC) -E -o $@ $(CPPFLAGS) $<
+gmtoff.plog: gmtoff.i
+	rm -f $@; pvs-studio --cfg $(PVS_CFG) --sourcetree-root $(top_srcdir) --skip-cl-exe yes --source-file $(srcdir)/gmtoff.c --i-file $< --output-file $@
+goodpath.lo: $(srcdir)/goodpath.c $(devdir)/def_data.h \
+             $(incdir)/compat/stdbool.h $(incdir)/sudo_compat.h \
+             $(incdir)/sudo_conf.h $(incdir)/sudo_debug.h \
+             $(incdir)/sudo_fatal.h $(incdir)/sudo_gettext.h \
+             $(incdir)/sudo_plugin.h $(incdir)/sudo_queue.h \
+             $(incdir)/sudo_util.h $(srcdir)/defaults.h $(srcdir)/logging.h \
+             $(srcdir)/parse.h $(srcdir)/sudo_nss.h $(srcdir)/sudoers.h \
+             $(srcdir)/sudoers_debug.h $(top_builddir)/config.h \
+             $(top_builddir)/pathnames.h
+	$(LIBTOOL) $(LTFLAGS) --mode=compile $(CC) -c $(CPPFLAGS) $(CFLAGS) $(ASAN_CFLAGS) $(PIE_CFLAGS) $(SSP_CFLAGS) $(srcdir)/goodpath.c
+goodpath.i: $(srcdir)/goodpath.c $(devdir)/def_data.h \
+             $(incdir)/compat/stdbool.h $(incdir)/sudo_compat.h \
+             $(incdir)/sudo_conf.h $(incdir)/sudo_debug.h \
+             $(incdir)/sudo_fatal.h $(incdir)/sudo_gettext.h \
+             $(incdir)/sudo_plugin.h $(incdir)/sudo_queue.h \
+             $(incdir)/sudo_util.h $(srcdir)/defaults.h $(srcdir)/logging.h \
+             $(srcdir)/parse.h $(srcdir)/sudo_nss.h $(srcdir)/sudoers.h \
+             $(srcdir)/sudoers_debug.h $(top_builddir)/config.h \
+             $(top_builddir)/pathnames.h
+	$(CC) -E -o $@ $(CPPFLAGS) $<
+goodpath.plog: goodpath.i
+	rm -f $@; pvs-studio --cfg $(PVS_CFG) --sourcetree-root $(top_srcdir) --skip-cl-exe yes --source-file $(srcdir)/goodpath.c --i-file $< --output-file $@
+gram.lo: $(devdir)/gram.c $(devdir)/def_data.h $(incdir)/compat/stdbool.h \
+         $(incdir)/sudo_compat.h $(incdir)/sudo_conf.h $(incdir)/sudo_debug.h \
+         $(incdir)/sudo_digest.h $(incdir)/sudo_fatal.h \
+         $(incdir)/sudo_gettext.h $(incdir)/sudo_plugin.h \
+         $(incdir)/sudo_queue.h $(incdir)/sudo_util.h $(srcdir)/defaults.h \
+         $(srcdir)/logging.h $(srcdir)/parse.h $(srcdir)/sudo_nss.h \
+         $(srcdir)/sudoers.h $(srcdir)/sudoers_debug.h $(srcdir)/toke.h \
+         $(top_builddir)/config.h $(top_builddir)/pathnames.h
+	$(LIBTOOL) $(LTFLAGS) --mode=compile $(CC) -c $(CPPFLAGS) $(CFLAGS) $(ASAN_CFLAGS) $(PIE_CFLAGS) $(SSP_CFLAGS) $(devdir)/gram.c
+gram.i: $(devdir)/gram.c $(devdir)/def_data.h $(incdir)/compat/stdbool.h \
+         $(incdir)/sudo_compat.h $(incdir)/sudo_conf.h $(incdir)/sudo_debug.h \
+         $(incdir)/sudo_digest.h $(incdir)/sudo_fatal.h \
+         $(incdir)/sudo_gettext.h $(incdir)/sudo_plugin.h \
+         $(incdir)/sudo_queue.h $(incdir)/sudo_util.h $(srcdir)/defaults.h \
+         $(srcdir)/logging.h $(srcdir)/parse.h $(srcdir)/sudo_nss.h \
+         $(srcdir)/sudoers.h $(srcdir)/sudoers_debug.h $(srcdir)/toke.h \
+         $(top_builddir)/config.h $(top_builddir)/pathnames.h
+	$(CC) -E -o $@ $(CPPFLAGS) $<
+gram.plog: gram.i
+	rm -f $@; pvs-studio --cfg $(PVS_CFG) --sourcetree-root $(top_srcdir) --skip-cl-exe yes --source-file $(devdir)/gram.c --i-file $< --output-file $@
+group_plugin.lo: $(srcdir)/group_plugin.c $(devdir)/def_data.h \
+                 $(incdir)/compat/stdbool.h $(incdir)/sudo_compat.h \
+                 $(incdir)/sudo_conf.h $(incdir)/sudo_debug.h \
+                 $(incdir)/sudo_dso.h $(incdir)/sudo_fatal.h \
+                 $(incdir)/sudo_gettext.h $(incdir)/sudo_plugin.h \
+                 $(incdir)/sudo_queue.h $(incdir)/sudo_util.h \
+                 $(srcdir)/defaults.h $(srcdir)/logging.h $(srcdir)/parse.h \
+                 $(srcdir)/sudo_nss.h $(srcdir)/sudoers.h \
+                 $(srcdir)/sudoers_debug.h $(top_builddir)/config.h \
+                 $(top_builddir)/pathnames.h
+	$(LIBTOOL) $(LTFLAGS) --mode=compile $(CC) -c $(CPPFLAGS) $(CFLAGS) $(ASAN_CFLAGS) $(PIE_CFLAGS) $(SSP_CFLAGS) $(srcdir)/group_plugin.c
+group_plugin.i: $(srcdir)/group_plugin.c $(devdir)/def_data.h \
+                 $(incdir)/compat/stdbool.h $(incdir)/sudo_compat.h \
+                 $(incdir)/sudo_conf.h $(incdir)/sudo_debug.h \
+                 $(incdir)/sudo_dso.h $(incdir)/sudo_fatal.h \
+                 $(incdir)/sudo_gettext.h $(incdir)/sudo_plugin.h \
+                 $(incdir)/sudo_queue.h $(incdir)/sudo_util.h \
+                 $(srcdir)/defaults.h $(srcdir)/logging.h $(srcdir)/parse.h \
+                 $(srcdir)/sudo_nss.h $(srcdir)/sudoers.h \
+                 $(srcdir)/sudoers_debug.h $(top_builddir)/config.h \
+                 $(top_builddir)/pathnames.h
+	$(CC) -E -o $@ $(CPPFLAGS) $<
+group_plugin.plog: group_plugin.i
+	rm -f $@; pvs-studio --cfg $(PVS_CFG) --sourcetree-root $(top_srcdir) --skip-cl-exe yes --source-file $(srcdir)/group_plugin.c --i-file $< --output-file $@
+hexchar.lo: $(srcdir)/hexchar.c $(devdir)/def_data.h \
+            $(incdir)/compat/stdbool.h $(incdir)/sudo_compat.h \
+            $(incdir)/sudo_conf.h $(incdir)/sudo_debug.h \
+            $(incdir)/sudo_fatal.h $(incdir)/sudo_gettext.h \
+            $(incdir)/sudo_plugin.h $(incdir)/sudo_queue.h \
+            $(incdir)/sudo_util.h $(srcdir)/defaults.h $(srcdir)/logging.h \
+            $(srcdir)/parse.h $(srcdir)/sudo_nss.h $(srcdir)/sudoers.h \
+            $(srcdir)/sudoers_debug.h $(top_builddir)/config.h \
+            $(top_builddir)/pathnames.h
+	$(LIBTOOL) $(LTFLAGS) --mode=compile $(CC) -c $(CPPFLAGS) $(CFLAGS) $(ASAN_CFLAGS) $(PIE_CFLAGS) $(SSP_CFLAGS) $(srcdir)/hexchar.c
+hexchar.i: $(srcdir)/hexchar.c $(devdir)/def_data.h \
+            $(incdir)/compat/stdbool.h $(incdir)/sudo_compat.h \
+            $(incdir)/sudo_conf.h $(incdir)/sudo_debug.h \
+            $(incdir)/sudo_fatal.h $(incdir)/sudo_gettext.h \
+            $(incdir)/sudo_plugin.h $(incdir)/sudo_queue.h \
+            $(incdir)/sudo_util.h $(srcdir)/defaults.h $(srcdir)/logging.h \
+            $(srcdir)/parse.h $(srcdir)/sudo_nss.h $(srcdir)/sudoers.h \
+            $(srcdir)/sudoers_debug.h $(top_builddir)/config.h \
+            $(top_builddir)/pathnames.h
+	$(CC) -E -o $@ $(CPPFLAGS) $<
+hexchar.plog: hexchar.i
+	rm -f $@; pvs-studio --cfg $(PVS_CFG) --sourcetree-root $(top_srcdir) --skip-cl-exe yes --source-file $(srcdir)/hexchar.c --i-file $< --output-file $@
+interfaces.lo: $(srcdir)/interfaces.c $(devdir)/def_data.h \
+               $(incdir)/compat/stdbool.h $(incdir)/sudo_compat.h \
+               $(incdir)/sudo_conf.h $(incdir)/sudo_debug.h \
+               $(incdir)/sudo_fatal.h $(incdir)/sudo_gettext.h \
+               $(incdir)/sudo_plugin.h $(incdir)/sudo_queue.h \
+               $(incdir)/sudo_util.h $(srcdir)/defaults.h \
+               $(srcdir)/interfaces.h $(srcdir)/logging.h $(srcdir)/parse.h \
+               $(srcdir)/sudo_nss.h $(srcdir)/sudoers.h \
+               $(srcdir)/sudoers_debug.h $(top_builddir)/config.h \
+               $(top_builddir)/pathnames.h
+	$(LIBTOOL) $(LTFLAGS) --mode=compile $(CC) -c $(CPPFLAGS) $(CFLAGS) $(ASAN_CFLAGS) $(PIE_CFLAGS) $(SSP_CFLAGS) $(srcdir)/interfaces.c
+interfaces.i: $(srcdir)/interfaces.c $(devdir)/def_data.h \
+               $(incdir)/compat/stdbool.h $(incdir)/sudo_compat.h \
+               $(incdir)/sudo_conf.h $(incdir)/sudo_debug.h \
+               $(incdir)/sudo_fatal.h $(incdir)/sudo_gettext.h \
+               $(incdir)/sudo_plugin.h $(incdir)/sudo_queue.h \
+               $(incdir)/sudo_util.h $(srcdir)/defaults.h \
+               $(srcdir)/interfaces.h $(srcdir)/logging.h $(srcdir)/parse.h \
+               $(srcdir)/sudo_nss.h $(srcdir)/sudoers.h \
+               $(srcdir)/sudoers_debug.h $(top_builddir)/config.h \
+               $(top_builddir)/pathnames.h
+	$(CC) -E -o $@ $(CPPFLAGS) $<
+interfaces.plog: interfaces.i
+	rm -f $@; pvs-studio --cfg $(PVS_CFG) --sourcetree-root $(top_srcdir) --skip-cl-exe yes --source-file $(srcdir)/interfaces.c --i-file $< --output-file $@
+iolog.lo: $(srcdir)/iolog.c $(devdir)/def_data.h $(incdir)/compat/stdbool.h \
+          $(incdir)/sudo_compat.h $(incdir)/sudo_conf.h $(incdir)/sudo_debug.h \
+          $(incdir)/sudo_fatal.h $(incdir)/sudo_gettext.h \
+          $(incdir)/sudo_plugin.h $(incdir)/sudo_queue.h $(incdir)/sudo_util.h \
+          $(srcdir)/defaults.h $(srcdir)/iolog.h $(srcdir)/iolog_files.h \
+          $(srcdir)/logging.h $(srcdir)/parse.h $(srcdir)/sudo_nss.h \
+          $(srcdir)/sudoers.h $(srcdir)/sudoers_debug.h \
+          $(top_builddir)/config.h $(top_builddir)/pathnames.h
+	$(LIBTOOL) $(LTFLAGS) --mode=compile $(CC) -c $(CPPFLAGS) $(CFLAGS) $(ASAN_CFLAGS) $(PIE_CFLAGS) $(SSP_CFLAGS) $(srcdir)/iolog.c
+iolog.i: $(srcdir)/iolog.c $(devdir)/def_data.h $(incdir)/compat/stdbool.h \
+          $(incdir)/sudo_compat.h $(incdir)/sudo_conf.h $(incdir)/sudo_debug.h \
+          $(incdir)/sudo_fatal.h $(incdir)/sudo_gettext.h \
+          $(incdir)/sudo_plugin.h $(incdir)/sudo_queue.h $(incdir)/sudo_util.h \
+          $(srcdir)/defaults.h $(srcdir)/iolog.h $(srcdir)/iolog_files.h \
+          $(srcdir)/logging.h $(srcdir)/parse.h $(srcdir)/sudo_nss.h \
+          $(srcdir)/sudoers.h $(srcdir)/sudoers_debug.h \
+          $(top_builddir)/config.h $(top_builddir)/pathnames.h
+	$(CC) -E -o $@ $(CPPFLAGS) $<
+iolog.plog: iolog.i
+	rm -f $@; pvs-studio --cfg $(PVS_CFG) --sourcetree-root $(top_srcdir) --skip-cl-exe yes --source-file $(srcdir)/iolog.c --i-file $< --output-file $@
+iolog_path.lo: $(srcdir)/iolog_path.c $(devdir)/def_data.h \
+               $(incdir)/compat/stdbool.h $(incdir)/sudo_compat.h \
+               $(incdir)/sudo_conf.h $(incdir)/sudo_debug.h \
+               $(incdir)/sudo_fatal.h $(incdir)/sudo_gettext.h \
+               $(incdir)/sudo_plugin.h $(incdir)/sudo_queue.h \
+               $(incdir)/sudo_util.h $(srcdir)/defaults.h $(srcdir)/logging.h \
+               $(srcdir)/parse.h $(srcdir)/sudo_nss.h $(srcdir)/sudoers.h \
+               $(srcdir)/sudoers_debug.h $(top_builddir)/config.h \
+               $(top_builddir)/pathnames.h
+	$(LIBTOOL) $(LTFLAGS) --mode=compile $(CC) -c $(CPPFLAGS) $(CFLAGS) $(ASAN_CFLAGS) $(PIE_CFLAGS) $(SSP_CFLAGS) $(srcdir)/iolog_path.c
+iolog_path.i: $(srcdir)/iolog_path.c $(devdir)/def_data.h \
+               $(incdir)/compat/stdbool.h $(incdir)/sudo_compat.h \
+               $(incdir)/sudo_conf.h $(incdir)/sudo_debug.h \
+               $(incdir)/sudo_fatal.h $(incdir)/sudo_gettext.h \
+               $(incdir)/sudo_plugin.h $(incdir)/sudo_queue.h \
+               $(incdir)/sudo_util.h $(srcdir)/defaults.h $(srcdir)/logging.h \
+               $(srcdir)/parse.h $(srcdir)/sudo_nss.h $(srcdir)/sudoers.h \
+               $(srcdir)/sudoers_debug.h $(top_builddir)/config.h \
+               $(top_builddir)/pathnames.h
+	$(CC) -E -o $@ $(CPPFLAGS) $<
+iolog_path.plog: iolog_path.i
+	rm -f $@; pvs-studio --cfg $(PVS_CFG) --sourcetree-root $(top_srcdir) --skip-cl-exe yes --source-file $(srcdir)/iolog_path.c --i-file $< --output-file $@
+iolog_util.o: $(srcdir)/iolog_util.c $(incdir)/compat/stdbool.h \
+              $(incdir)/sudo_compat.h $(incdir)/sudo_debug.h \
+              $(incdir)/sudo_fatal.h $(incdir)/sudo_gettext.h \
+              $(incdir)/sudo_queue.h $(incdir)/sudo_util.h $(srcdir)/iolog.h \
+              $(top_builddir)/config.h
+	$(CC) -c $(CPPFLAGS) $(CFLAGS) $(ASAN_CFLAGS) $(PIE_CFLAGS) $(SSP_CFLAGS) $(srcdir)/iolog_util.c
+iolog_util.i: $(srcdir)/iolog_util.c $(incdir)/compat/stdbool.h \
+              $(incdir)/sudo_compat.h $(incdir)/sudo_debug.h \
+              $(incdir)/sudo_fatal.h $(incdir)/sudo_gettext.h \
+              $(incdir)/sudo_queue.h $(incdir)/sudo_util.h $(srcdir)/iolog.h \
+              $(top_builddir)/config.h
+	$(CC) -E -o $@ $(CPPFLAGS) $<
+iolog_util.plog: iolog_util.i
+	rm -f $@; pvs-studio --cfg $(PVS_CFG) --sourcetree-root $(top_srcdir) --skip-cl-exe yes --source-file $(srcdir)/iolog_util.c --i-file $< --output-file $@
+kerb5.lo: $(authdir)/kerb5.c $(devdir)/def_data.h $(incdir)/compat/stdbool.h \
+          $(incdir)/sudo_compat.h $(incdir)/sudo_conf.h $(incdir)/sudo_debug.h \
+          $(incdir)/sudo_fatal.h $(incdir)/sudo_gettext.h \
+          $(incdir)/sudo_plugin.h $(incdir)/sudo_queue.h $(incdir)/sudo_util.h \
+          $(srcdir)/defaults.h $(srcdir)/logging.h $(srcdir)/parse.h \
+          $(srcdir)/sudo_nss.h $(srcdir)/sudoers.h $(srcdir)/sudoers_debug.h \
+          $(top_builddir)/config.h $(top_builddir)/pathnames.h
+	$(LIBTOOL) $(LTFLAGS) --mode=compile $(CC) -c $(CPPFLAGS) $(CFLAGS) $(ASAN_CFLAGS) $(PIE_CFLAGS) $(SSP_CFLAGS) $(authdir)/kerb5.c
+kerb5.i: $(authdir)/kerb5.c $(devdir)/def_data.h $(incdir)/compat/stdbool.h \
+          $(incdir)/sudo_compat.h $(incdir)/sudo_conf.h $(incdir)/sudo_debug.h \
+          $(incdir)/sudo_fatal.h $(incdir)/sudo_gettext.h \
+          $(incdir)/sudo_plugin.h $(incdir)/sudo_queue.h $(incdir)/sudo_util.h \
+          $(srcdir)/defaults.h $(srcdir)/logging.h $(srcdir)/parse.h \
+          $(srcdir)/sudo_nss.h $(srcdir)/sudoers.h $(srcdir)/sudoers_debug.h \
+          $(top_builddir)/config.h $(top_builddir)/pathnames.h
+	$(CC) -E -o $@ $(CPPFLAGS) $<
+kerb5.plog: kerb5.i
+	rm -f $@; pvs-studio --cfg $(PVS_CFG) --sourcetree-root $(top_srcdir) --skip-cl-exe yes --source-file $(authdir)/kerb5.c --i-file $< --output-file $@
+ldap.lo: $(srcdir)/ldap.c $(devdir)/def_data.h $(devdir)/gram.h \
+         $(incdir)/compat/stdbool.h $(incdir)/sudo_compat.h \
+         $(incdir)/sudo_conf.h $(incdir)/sudo_debug.h $(incdir)/sudo_dso.h \
+         $(incdir)/sudo_fatal.h $(incdir)/sudo_gettext.h $(incdir)/sudo_lbuf.h \
+         $(incdir)/sudo_plugin.h $(incdir)/sudo_queue.h $(incdir)/sudo_util.h \
+         $(srcdir)/defaults.h $(srcdir)/logging.h $(srcdir)/parse.h \
+         $(srcdir)/sudo_ldap.h $(srcdir)/sudo_ldap_conf.h $(srcdir)/sudo_nss.h \
+         $(srcdir)/sudoers.h $(srcdir)/sudoers_debug.h \
+         $(top_builddir)/config.h $(top_builddir)/pathnames.h
+	$(LIBTOOL) $(LTFLAGS) --mode=compile $(CC) -c $(CPPFLAGS) $(CFLAGS) $(ASAN_CFLAGS) $(PIE_CFLAGS) $(SSP_CFLAGS) $(srcdir)/ldap.c
+ldap.i: $(srcdir)/ldap.c $(devdir)/def_data.h $(devdir)/gram.h \
+         $(incdir)/compat/stdbool.h $(incdir)/sudo_compat.h \
+         $(incdir)/sudo_conf.h $(incdir)/sudo_debug.h $(incdir)/sudo_dso.h \
+         $(incdir)/sudo_fatal.h $(incdir)/sudo_gettext.h $(incdir)/sudo_lbuf.h \
+         $(incdir)/sudo_plugin.h $(incdir)/sudo_queue.h $(incdir)/sudo_util.h \
+         $(srcdir)/defaults.h $(srcdir)/logging.h $(srcdir)/parse.h \
+         $(srcdir)/sudo_ldap.h $(srcdir)/sudo_ldap_conf.h $(srcdir)/sudo_nss.h \
+         $(srcdir)/sudoers.h $(srcdir)/sudoers_debug.h \
+         $(top_builddir)/config.h $(top_builddir)/pathnames.h
+	$(CC) -E -o $@ $(CPPFLAGS) $<
+ldap.plog: ldap.i
+	rm -f $@; pvs-studio --cfg $(PVS_CFG) --sourcetree-root $(top_srcdir) --skip-cl-exe yes --source-file $(srcdir)/ldap.c --i-file $< --output-file $@
+ldap_conf.lo: $(srcdir)/ldap_conf.c $(devdir)/def_data.h \
+              $(incdir)/compat/stdbool.h $(incdir)/sudo_compat.h \
+              $(incdir)/sudo_conf.h $(incdir)/sudo_debug.h \
+              $(incdir)/sudo_fatal.h $(incdir)/sudo_gettext.h \
+              $(incdir)/sudo_lbuf.h $(incdir)/sudo_plugin.h \
+              $(incdir)/sudo_queue.h $(incdir)/sudo_util.h \
+              $(srcdir)/defaults.h $(srcdir)/logging.h $(srcdir)/parse.h \
+              $(srcdir)/sudo_ldap.h $(srcdir)/sudo_ldap_conf.h \
+              $(srcdir)/sudo_nss.h $(srcdir)/sudoers.h \
+              $(srcdir)/sudoers_debug.h $(top_builddir)/config.h \
+              $(top_builddir)/pathnames.h
+	$(LIBTOOL) $(LTFLAGS) --mode=compile $(CC) -c $(CPPFLAGS) $(CFLAGS) $(ASAN_CFLAGS) $(PIE_CFLAGS) $(SSP_CFLAGS) $(srcdir)/ldap_conf.c
+ldap_conf.i: $(srcdir)/ldap_conf.c $(devdir)/def_data.h \
+              $(incdir)/compat/stdbool.h $(incdir)/sudo_compat.h \
+              $(incdir)/sudo_conf.h $(incdir)/sudo_debug.h \
+              $(incdir)/sudo_fatal.h $(incdir)/sudo_gettext.h \
+              $(incdir)/sudo_lbuf.h $(incdir)/sudo_plugin.h \
+              $(incdir)/sudo_queue.h $(incdir)/sudo_util.h \
+              $(srcdir)/defaults.h $(srcdir)/logging.h $(srcdir)/parse.h \
+              $(srcdir)/sudo_ldap.h $(srcdir)/sudo_ldap_conf.h \
+              $(srcdir)/sudo_nss.h $(srcdir)/sudoers.h \
+              $(srcdir)/sudoers_debug.h $(top_builddir)/config.h \
+              $(top_builddir)/pathnames.h
+	$(CC) -E -o $@ $(CPPFLAGS) $<
+ldap_conf.plog: ldap_conf.i
+	rm -f $@; pvs-studio --cfg $(PVS_CFG) --sourcetree-root $(top_srcdir) --skip-cl-exe yes --source-file $(srcdir)/ldap_conf.c --i-file $< --output-file $@
+ldap_util.lo: $(srcdir)/ldap_util.c $(devdir)/def_data.h $(devdir)/gram.h \
+              $(incdir)/compat/stdbool.h $(incdir)/sudo_compat.h \
+              $(incdir)/sudo_conf.h $(incdir)/sudo_debug.h \
+              $(incdir)/sudo_digest.h $(incdir)/sudo_fatal.h \
+              $(incdir)/sudo_gettext.h $(incdir)/sudo_lbuf.h \
+              $(incdir)/sudo_plugin.h $(incdir)/sudo_queue.h \
+              $(incdir)/sudo_util.h $(srcdir)/defaults.h \
+              $(srcdir)/interfaces.h $(srcdir)/logging.h $(srcdir)/parse.h \
+              $(srcdir)/sudo_ldap.h $(srcdir)/sudo_nss.h $(srcdir)/sudoers.h \
+              $(srcdir)/sudoers_debug.h $(top_builddir)/config.h \
+              $(top_builddir)/pathnames.h
+	$(LIBTOOL) $(LTFLAGS) --mode=compile $(CC) -c $(CPPFLAGS) $(CFLAGS) $(ASAN_CFLAGS) $(PIE_CFLAGS) $(SSP_CFLAGS) $(srcdir)/ldap_util.c
+ldap_util.i: $(srcdir)/ldap_util.c $(devdir)/def_data.h $(devdir)/gram.h \
+              $(incdir)/compat/stdbool.h $(incdir)/sudo_compat.h \
+              $(incdir)/sudo_conf.h $(incdir)/sudo_debug.h \
+              $(incdir)/sudo_digest.h $(incdir)/sudo_fatal.h \
+              $(incdir)/sudo_gettext.h $(incdir)/sudo_lbuf.h \
+              $(incdir)/sudo_plugin.h $(incdir)/sudo_queue.h \
+              $(incdir)/sudo_util.h $(srcdir)/defaults.h \
+              $(srcdir)/interfaces.h $(srcdir)/logging.h $(srcdir)/parse.h \
+              $(srcdir)/sudo_ldap.h $(srcdir)/sudo_nss.h $(srcdir)/sudoers.h \
+              $(srcdir)/sudoers_debug.h $(top_builddir)/config.h \
+              $(top_builddir)/pathnames.h
+	$(CC) -E -o $@ $(CPPFLAGS) $<
+ldap_util.plog: ldap_util.i
+	rm -f $@; pvs-studio --cfg $(PVS_CFG) --sourcetree-root $(top_srcdir) --skip-cl-exe yes --source-file $(srcdir)/ldap_util.c --i-file $< --output-file $@
+linux_audit.lo: $(srcdir)/linux_audit.c $(devdir)/def_data.h \
+                $(incdir)/compat/stdbool.h $(incdir)/sudo_compat.h \
+                $(incdir)/sudo_conf.h $(incdir)/sudo_debug.h \
+                $(incdir)/sudo_fatal.h $(incdir)/sudo_gettext.h \
+                $(incdir)/sudo_plugin.h $(incdir)/sudo_queue.h \
+                $(incdir)/sudo_util.h $(srcdir)/defaults.h \
+                $(srcdir)/linux_audit.h $(srcdir)/logging.h $(srcdir)/parse.h \
+                $(srcdir)/sudo_nss.h $(srcdir)/sudoers.h \
+                $(srcdir)/sudoers_debug.h $(top_builddir)/config.h \
+                $(top_builddir)/pathnames.h
+	$(LIBTOOL) $(LTFLAGS) --mode=compile $(CC) -c $(CPPFLAGS) $(CFLAGS) $(ASAN_CFLAGS) $(PIE_CFLAGS) $(SSP_CFLAGS) $(srcdir)/linux_audit.c
+linux_audit.i: $(srcdir)/linux_audit.c $(devdir)/def_data.h \
+                $(incdir)/compat/stdbool.h $(incdir)/sudo_compat.h \
+                $(incdir)/sudo_conf.h $(incdir)/sudo_debug.h \
+                $(incdir)/sudo_fatal.h $(incdir)/sudo_gettext.h \
+                $(incdir)/sudo_plugin.h $(incdir)/sudo_queue.h \
+                $(incdir)/sudo_util.h $(srcdir)/defaults.h \
+                $(srcdir)/linux_audit.h $(srcdir)/logging.h $(srcdir)/parse.h \
+                $(srcdir)/sudo_nss.h $(srcdir)/sudoers.h \
+                $(srcdir)/sudoers_debug.h $(top_builddir)/config.h \
+                $(top_builddir)/pathnames.h
+	$(CC) -E -o $@ $(CPPFLAGS) $<
+linux_audit.plog: linux_audit.i
+	rm -f $@; pvs-studio --cfg $(PVS_CFG) --sourcetree-root $(top_srcdir) --skip-cl-exe yes --source-file $(srcdir)/linux_audit.c --i-file $< --output-file $@
+locale.lo: $(srcdir)/locale.c $(devdir)/def_data.h $(incdir)/compat/stdbool.h \
+           $(incdir)/sudo_compat.h $(incdir)/sudo_debug.h \
+           $(incdir)/sudo_fatal.h $(incdir)/sudo_gettext.h \
+           $(incdir)/sudo_queue.h $(srcdir)/defaults.h $(srcdir)/logging.h \
+           $(srcdir)/sudoers_debug.h $(top_builddir)/config.h
+	$(LIBTOOL) $(LTFLAGS) --mode=compile $(CC) -c $(CPPFLAGS) $(CFLAGS) $(ASAN_CFLAGS) $(PIE_CFLAGS) $(SSP_CFLAGS) $(srcdir)/locale.c
+locale.i: $(srcdir)/locale.c $(devdir)/def_data.h $(incdir)/compat/stdbool.h \
+           $(incdir)/sudo_compat.h $(incdir)/sudo_debug.h \
+           $(incdir)/sudo_fatal.h $(incdir)/sudo_gettext.h \
+           $(incdir)/sudo_queue.h $(srcdir)/defaults.h $(srcdir)/logging.h \
+           $(srcdir)/sudoers_debug.h $(top_builddir)/config.h
+	$(CC) -E -o $@ $(CPPFLAGS) $<
+locale.plog: locale.i
+	rm -f $@; pvs-studio --cfg $(PVS_CFG) --sourcetree-root $(top_srcdir) --skip-cl-exe yes --source-file $(srcdir)/locale.c --i-file $< --output-file $@
+logging.lo: $(srcdir)/logging.c $(devdir)/def_data.h \
+            $(incdir)/compat/getaddrinfo.h $(incdir)/compat/stdbool.h \
+            $(incdir)/sudo_compat.h $(incdir)/sudo_conf.h \
+            $(incdir)/sudo_debug.h $(incdir)/sudo_fatal.h \
+            $(incdir)/sudo_gettext.h $(incdir)/sudo_plugin.h \
+            $(incdir)/sudo_queue.h $(incdir)/sudo_util.h $(srcdir)/defaults.h \
+            $(srcdir)/logging.h $(srcdir)/parse.h $(srcdir)/sudo_nss.h \
+            $(srcdir)/sudoers.h $(srcdir)/sudoers_debug.h \
+            $(top_builddir)/config.h $(top_builddir)/pathnames.h
+	$(LIBTOOL) $(LTFLAGS) --mode=compile $(CC) -c $(CPPFLAGS) $(CFLAGS) $(ASAN_CFLAGS) $(PIE_CFLAGS) $(SSP_CFLAGS) $(srcdir)/logging.c
+logging.i: $(srcdir)/logging.c $(devdir)/def_data.h \
+            $(incdir)/compat/getaddrinfo.h $(incdir)/compat/stdbool.h \
+            $(incdir)/sudo_compat.h $(incdir)/sudo_conf.h \
+            $(incdir)/sudo_debug.h $(incdir)/sudo_fatal.h \
+            $(incdir)/sudo_gettext.h $(incdir)/sudo_plugin.h \
+            $(incdir)/sudo_queue.h $(incdir)/sudo_util.h $(srcdir)/defaults.h \
+            $(srcdir)/logging.h $(srcdir)/parse.h $(srcdir)/sudo_nss.h \
+            $(srcdir)/sudoers.h $(srcdir)/sudoers_debug.h \
+            $(top_builddir)/config.h $(top_builddir)/pathnames.h
+	$(CC) -E -o $@ $(CPPFLAGS) $<
+logging.plog: logging.i
+	rm -f $@; pvs-studio --cfg $(PVS_CFG) --sourcetree-root $(top_srcdir) --skip-cl-exe yes --source-file $(srcdir)/logging.c --i-file $< --output-file $@
+logwrap.lo: $(srcdir)/logwrap.c $(devdir)/def_data.h \
+            $(incdir)/compat/stdbool.h $(incdir)/sudo_compat.h \
+            $(incdir)/sudo_conf.h $(incdir)/sudo_debug.h \
+            $(incdir)/sudo_fatal.h $(incdir)/sudo_gettext.h \
+            $(incdir)/sudo_plugin.h $(incdir)/sudo_queue.h \
+            $(incdir)/sudo_util.h $(srcdir)/defaults.h $(srcdir)/logging.h \
+            $(srcdir)/parse.h $(srcdir)/sudo_nss.h $(srcdir)/sudoers.h \
+            $(srcdir)/sudoers_debug.h $(top_builddir)/config.h \
+            $(top_builddir)/pathnames.h
+	$(LIBTOOL) $(LTFLAGS) --mode=compile $(CC) -c $(CPPFLAGS) $(CFLAGS) $(ASAN_CFLAGS) $(PIE_CFLAGS) $(SSP_CFLAGS) $(srcdir)/logwrap.c
+logwrap.i: $(srcdir)/logwrap.c $(devdir)/def_data.h \
+            $(incdir)/compat/stdbool.h $(incdir)/sudo_compat.h \
+            $(incdir)/sudo_conf.h $(incdir)/sudo_debug.h \
+            $(incdir)/sudo_fatal.h $(incdir)/sudo_gettext.h \
+            $(incdir)/sudo_plugin.h $(incdir)/sudo_queue.h \
+            $(incdir)/sudo_util.h $(srcdir)/defaults.h $(srcdir)/logging.h \
+            $(srcdir)/parse.h $(srcdir)/sudo_nss.h $(srcdir)/sudoers.h \
+            $(srcdir)/sudoers_debug.h $(top_builddir)/config.h \
+            $(top_builddir)/pathnames.h
+	$(CC) -E -o $@ $(CPPFLAGS) $<
+logwrap.plog: logwrap.i
+	rm -f $@; pvs-studio --cfg $(PVS_CFG) --sourcetree-root $(top_srcdir) --skip-cl-exe yes --source-file $(srcdir)/logwrap.c --i-file $< --output-file $@
+match.lo: $(srcdir)/match.c $(devdir)/def_data.h $(devdir)/gram.h \
+          $(incdir)/compat/fnmatch.h $(incdir)/compat/glob.h \
+          $(incdir)/compat/stdbool.h $(incdir)/sudo_compat.h \
+          $(incdir)/sudo_conf.h $(incdir)/sudo_debug.h $(incdir)/sudo_fatal.h \
+          $(incdir)/sudo_gettext.h $(incdir)/sudo_plugin.h \
+          $(incdir)/sudo_queue.h $(incdir)/sudo_util.h $(srcdir)/defaults.h \
+          $(srcdir)/logging.h $(srcdir)/parse.h $(srcdir)/sudo_nss.h \
+          $(srcdir)/sudoers.h $(srcdir)/sudoers_debug.h \
+          $(top_builddir)/config.h $(top_builddir)/pathnames.h
+	$(LIBTOOL) $(LTFLAGS) --mode=compile $(CC) -c $(CPPFLAGS) $(CFLAGS) $(ASAN_CFLAGS) $(PIE_CFLAGS) $(SSP_CFLAGS) $(srcdir)/match.c
+match.i: $(srcdir)/match.c $(devdir)/def_data.h $(devdir)/gram.h \
+          $(incdir)/compat/fnmatch.h $(incdir)/compat/glob.h \
+          $(incdir)/compat/stdbool.h $(incdir)/sudo_compat.h \
+          $(incdir)/sudo_conf.h $(incdir)/sudo_debug.h $(incdir)/sudo_fatal.h \
+          $(incdir)/sudo_gettext.h $(incdir)/sudo_plugin.h \
+          $(incdir)/sudo_queue.h $(incdir)/sudo_util.h $(srcdir)/defaults.h \
+          $(srcdir)/logging.h $(srcdir)/parse.h $(srcdir)/sudo_nss.h \
+          $(srcdir)/sudoers.h $(srcdir)/sudoers_debug.h \
+          $(top_builddir)/config.h $(top_builddir)/pathnames.h
+	$(CC) -E -o $@ $(CPPFLAGS) $<
+match.plog: match.i
+	rm -f $@; pvs-studio --cfg $(PVS_CFG) --sourcetree-root $(top_srcdir) --skip-cl-exe yes --source-file $(srcdir)/match.c --i-file $< --output-file $@
+match_addr.lo: $(srcdir)/match_addr.c $(devdir)/def_data.h \
+               $(incdir)/compat/stdbool.h $(incdir)/sudo_compat.h \
+               $(incdir)/sudo_conf.h $(incdir)/sudo_debug.h \
+               $(incdir)/sudo_fatal.h $(incdir)/sudo_gettext.h \
+               $(incdir)/sudo_plugin.h $(incdir)/sudo_queue.h \
+               $(incdir)/sudo_util.h $(srcdir)/defaults.h \
+               $(srcdir)/interfaces.h $(srcdir)/logging.h $(srcdir)/parse.h \
+               $(srcdir)/sudo_nss.h $(srcdir)/sudoers.h \
+               $(srcdir)/sudoers_debug.h $(top_builddir)/config.h \
+               $(top_builddir)/pathnames.h
+	$(LIBTOOL) $(LTFLAGS) --mode=compile $(CC) -c $(CPPFLAGS) $(CFLAGS) $(ASAN_CFLAGS) $(PIE_CFLAGS) $(SSP_CFLAGS) $(srcdir)/match_addr.c
+match_addr.i: $(srcdir)/match_addr.c $(devdir)/def_data.h \
+               $(incdir)/compat/stdbool.h $(incdir)/sudo_compat.h \
+               $(incdir)/sudo_conf.h $(incdir)/sudo_debug.h \
+               $(incdir)/sudo_fatal.h $(incdir)/sudo_gettext.h \
+               $(incdir)/sudo_plugin.h $(incdir)/sudo_queue.h \
+               $(incdir)/sudo_util.h $(srcdir)/defaults.h \
+               $(srcdir)/interfaces.h $(srcdir)/logging.h $(srcdir)/parse.h \
+               $(srcdir)/sudo_nss.h $(srcdir)/sudoers.h \
+               $(srcdir)/sudoers_debug.h $(top_builddir)/config.h \
+               $(top_builddir)/pathnames.h
+	$(CC) -E -o $@ $(CPPFLAGS) $<
+match_addr.plog: match_addr.i
+	rm -f $@; pvs-studio --cfg $(PVS_CFG) --sourcetree-root $(top_srcdir) --skip-cl-exe yes --source-file $(srcdir)/match_addr.c --i-file $< --output-file $@
+mkdir_parents.lo: $(srcdir)/mkdir_parents.c $(devdir)/def_data.h \
+                  $(incdir)/compat/stdbool.h $(incdir)/sudo_compat.h \
+                  $(incdir)/sudo_conf.h $(incdir)/sudo_debug.h \
+                  $(incdir)/sudo_fatal.h $(incdir)/sudo_gettext.h \
+                  $(incdir)/sudo_plugin.h $(incdir)/sudo_queue.h \
+                  $(incdir)/sudo_util.h $(srcdir)/defaults.h \
+                  $(srcdir)/logging.h $(srcdir)/parse.h $(srcdir)/sudo_nss.h \
+                  $(srcdir)/sudoers.h $(srcdir)/sudoers_debug.h \
+                  $(top_builddir)/config.h $(top_builddir)/pathnames.h
+	$(LIBTOOL) $(LTFLAGS) --mode=compile $(CC) -c $(CPPFLAGS) $(CFLAGS) $(ASAN_CFLAGS) $(PIE_CFLAGS) $(SSP_CFLAGS) $(srcdir)/mkdir_parents.c
+mkdir_parents.i: $(srcdir)/mkdir_parents.c $(devdir)/def_data.h \
+                  $(incdir)/compat/stdbool.h $(incdir)/sudo_compat.h \
+                  $(incdir)/sudo_conf.h $(incdir)/sudo_debug.h \
+                  $(incdir)/sudo_fatal.h $(incdir)/sudo_gettext.h \
+                  $(incdir)/sudo_plugin.h $(incdir)/sudo_queue.h \
+                  $(incdir)/sudo_util.h $(srcdir)/defaults.h \
+                  $(srcdir)/logging.h $(srcdir)/parse.h $(srcdir)/sudo_nss.h \
+                  $(srcdir)/sudoers.h $(srcdir)/sudoers_debug.h \
+                  $(top_builddir)/config.h $(top_builddir)/pathnames.h
+	$(CC) -E -o $@ $(CPPFLAGS) $<
+mkdir_parents.plog: mkdir_parents.i
+	rm -f $@; pvs-studio --cfg $(PVS_CFG) --sourcetree-root $(top_srcdir) --skip-cl-exe yes --source-file $(srcdir)/mkdir_parents.c --i-file $< --output-file $@
+net_ifs.o: $(top_srcdir)/src/net_ifs.c $(incdir)/compat/stdbool.h \
+           $(incdir)/sudo_compat.h $(incdir)/sudo_conf.h \
+           $(incdir)/sudo_debug.h $(incdir)/sudo_fatal.h \
+           $(incdir)/sudo_gettext.h $(incdir)/sudo_queue.h \
+           $(top_builddir)/config.h
+	$(CC) -c $(CPPFLAGS) $(CFLAGS) $(ASAN_CFLAGS) $(PIE_CFLAGS) $(SSP_CFLAGS) $(top_srcdir)/src/net_ifs.c
+net_ifs.i: $(top_srcdir)/src/net_ifs.c $(incdir)/compat/stdbool.h \
+           $(incdir)/sudo_compat.h $(incdir)/sudo_conf.h \
+           $(incdir)/sudo_debug.h $(incdir)/sudo_fatal.h \
+           $(incdir)/sudo_gettext.h $(incdir)/sudo_queue.h \
+           $(top_builddir)/config.h
+	$(CC) -E -o $@ $(CPPFLAGS) $<
+net_ifs.plog: net_ifs.i
+	rm -f $@; pvs-studio --cfg $(PVS_CFG) --sourcetree-root $(top_srcdir) --skip-cl-exe yes --source-file $(top_srcdir)/src/net_ifs.c --i-file $< --output-file $@
+pam.lo: $(authdir)/pam.c $(devdir)/def_data.h $(incdir)/compat/stdbool.h \
+        $(incdir)/sudo_compat.h $(incdir)/sudo_conf.h $(incdir)/sudo_debug.h \
+        $(incdir)/sudo_fatal.h $(incdir)/sudo_gettext.h \
+        $(incdir)/sudo_plugin.h $(incdir)/sudo_queue.h $(incdir)/sudo_util.h \
+        $(srcdir)/defaults.h $(srcdir)/logging.h $(srcdir)/parse.h \
+        $(srcdir)/sudo_nss.h $(srcdir)/sudoers.h $(srcdir)/sudoers_debug.h \
+        $(top_builddir)/config.h $(top_builddir)/pathnames.h
+	$(LIBTOOL) $(LTFLAGS) --mode=compile $(CC) -c $(CPPFLAGS) $(CFLAGS) $(ASAN_CFLAGS) $(PIE_CFLAGS) $(SSP_CFLAGS) $(authdir)/pam.c
+pam.i: $(authdir)/pam.c $(devdir)/def_data.h $(incdir)/compat/stdbool.h \
+        $(incdir)/sudo_compat.h $(incdir)/sudo_conf.h $(incdir)/sudo_debug.h \
+        $(incdir)/sudo_fatal.h $(incdir)/sudo_gettext.h \
+        $(incdir)/sudo_plugin.h $(incdir)/sudo_queue.h $(incdir)/sudo_util.h \
+        $(srcdir)/defaults.h $(srcdir)/logging.h $(srcdir)/parse.h \
+        $(srcdir)/sudo_nss.h $(srcdir)/sudoers.h $(srcdir)/sudoers_debug.h \
+        $(top_builddir)/config.h $(top_builddir)/pathnames.h
+	$(CC) -E -o $@ $(CPPFLAGS) $<
+pam.plog: pam.i
+	rm -f $@; pvs-studio --cfg $(PVS_CFG) --sourcetree-root $(top_srcdir) --skip-cl-exe yes --source-file $(authdir)/pam.c --i-file $< --output-file $@
+parse.lo: $(srcdir)/parse.c $(devdir)/def_data.h $(devdir)/gram.h \
+          $(incdir)/compat/stdbool.h $(incdir)/sudo_compat.h \
+          $(incdir)/sudo_conf.h $(incdir)/sudo_debug.h $(incdir)/sudo_fatal.h \
+          $(incdir)/sudo_gettext.h $(incdir)/sudo_lbuf.h \
+          $(incdir)/sudo_plugin.h $(incdir)/sudo_queue.h $(incdir)/sudo_util.h \
+          $(srcdir)/defaults.h $(srcdir)/logging.h $(srcdir)/parse.h \
+          $(srcdir)/sudo_nss.h $(srcdir)/sudoers.h $(srcdir)/sudoers_debug.h \
+          $(top_builddir)/config.h $(top_builddir)/pathnames.h
+	$(LIBTOOL) $(LTFLAGS) --mode=compile $(CC) -c $(CPPFLAGS) $(CFLAGS) $(ASAN_CFLAGS) $(PIE_CFLAGS) $(SSP_CFLAGS) $(srcdir)/parse.c
+parse.i: $(srcdir)/parse.c $(devdir)/def_data.h $(devdir)/gram.h \
+          $(incdir)/compat/stdbool.h $(incdir)/sudo_compat.h \
+          $(incdir)/sudo_conf.h $(incdir)/sudo_debug.h $(incdir)/sudo_fatal.h \
+          $(incdir)/sudo_gettext.h $(incdir)/sudo_lbuf.h \
+          $(incdir)/sudo_plugin.h $(incdir)/sudo_queue.h $(incdir)/sudo_util.h \
+          $(srcdir)/defaults.h $(srcdir)/logging.h $(srcdir)/parse.h \
+          $(srcdir)/sudo_nss.h $(srcdir)/sudoers.h $(srcdir)/sudoers_debug.h \
+          $(top_builddir)/config.h $(top_builddir)/pathnames.h
+	$(CC) -E -o $@ $(CPPFLAGS) $<
+parse.plog: parse.i
+	rm -f $@; pvs-studio --cfg $(PVS_CFG) --sourcetree-root $(top_srcdir) --skip-cl-exe yes --source-file $(srcdir)/parse.c --i-file $< --output-file $@
+parse_ldif.o: $(srcdir)/parse_ldif.c $(devdir)/def_data.h $(devdir)/gram.h \
+              $(incdir)/compat/stdbool.h $(incdir)/sudo_compat.h \
+              $(incdir)/sudo_conf.h $(incdir)/sudo_debug.h \
+              $(incdir)/sudo_fatal.h $(incdir)/sudo_gettext.h \
+              $(incdir)/sudo_plugin.h $(incdir)/sudo_queue.h \
+              $(incdir)/sudo_util.h $(srcdir)/defaults.h $(srcdir)/logging.h \
+              $(srcdir)/parse.h $(srcdir)/redblack.h $(srcdir)/strlist.h \
+              $(srcdir)/sudo_ldap.h $(srcdir)/sudo_nss.h $(srcdir)/sudoers.h \
+              $(srcdir)/sudoers_debug.h $(top_builddir)/config.h \
+              $(top_builddir)/pathnames.h
+	$(CC) -c $(CPPFLAGS) $(CFLAGS) $(ASAN_CFLAGS) $(PIE_CFLAGS) $(SSP_CFLAGS) $(srcdir)/parse_ldif.c
+parse_ldif.i: $(srcdir)/parse_ldif.c $(devdir)/def_data.h $(devdir)/gram.h \
+              $(incdir)/compat/stdbool.h $(incdir)/sudo_compat.h \
+              $(incdir)/sudo_conf.h $(incdir)/sudo_debug.h \
+              $(incdir)/sudo_fatal.h $(incdir)/sudo_gettext.h \
+              $(incdir)/sudo_plugin.h $(incdir)/sudo_queue.h \
+              $(incdir)/sudo_util.h $(srcdir)/defaults.h $(srcdir)/logging.h \
+              $(srcdir)/parse.h $(srcdir)/redblack.h $(srcdir)/strlist.h \
+              $(srcdir)/sudo_ldap.h $(srcdir)/sudo_nss.h $(srcdir)/sudoers.h \
+              $(srcdir)/sudoers_debug.h $(top_builddir)/config.h \
+              $(top_builddir)/pathnames.h
+	$(CC) -E -o $@ $(CPPFLAGS) $<
+parse_ldif.plog: parse_ldif.i
+	rm -f $@; pvs-studio --cfg $(PVS_CFG) --sourcetree-root $(top_srcdir) --skip-cl-exe yes --source-file $(srcdir)/parse_ldif.c --i-file $< --output-file $@
+passwd.lo: $(authdir)/passwd.c $(devdir)/def_data.h $(incdir)/compat/stdbool.h \
+           $(incdir)/sudo_compat.h $(incdir)/sudo_conf.h \
+           $(incdir)/sudo_debug.h $(incdir)/sudo_fatal.h \
+           $(incdir)/sudo_gettext.h $(incdir)/sudo_plugin.h \
+           $(incdir)/sudo_queue.h $(incdir)/sudo_util.h $(srcdir)/defaults.h \
+           $(srcdir)/logging.h $(srcdir)/parse.h $(srcdir)/sudo_nss.h \
+           $(srcdir)/sudoers.h $(srcdir)/sudoers_debug.h \
+           $(top_builddir)/config.h $(top_builddir)/pathnames.h
+	$(LIBTOOL) $(LTFLAGS) --mode=compile $(CC) -c $(CPPFLAGS) $(CFLAGS) $(ASAN_CFLAGS) $(PIE_CFLAGS) $(SSP_CFLAGS) $(authdir)/passwd.c
+passwd.i: $(authdir)/passwd.c $(devdir)/def_data.h $(incdir)/compat/stdbool.h \
+           $(incdir)/sudo_compat.h $(incdir)/sudo_conf.h \
+           $(incdir)/sudo_debug.h $(incdir)/sudo_fatal.h \
+           $(incdir)/sudo_gettext.h $(incdir)/sudo_plugin.h \
+           $(incdir)/sudo_queue.h $(incdir)/sudo_util.h $(srcdir)/defaults.h \
+           $(srcdir)/logging.h $(srcdir)/parse.h $(srcdir)/sudo_nss.h \
+           $(srcdir)/sudoers.h $(srcdir)/sudoers_debug.h \
+           $(top_builddir)/config.h $(top_builddir)/pathnames.h
+	$(CC) -E -o $@ $(CPPFLAGS) $<
+passwd.plog: passwd.i
+	rm -f $@; pvs-studio --cfg $(PVS_CFG) --sourcetree-root $(top_srcdir) --skip-cl-exe yes --source-file $(authdir)/passwd.c --i-file $< --output-file $@
+policy.lo: $(srcdir)/policy.c $(devdir)/def_data.h $(incdir)/compat/stdbool.h \
+           $(incdir)/sudo_compat.h $(incdir)/sudo_conf.h \
+           $(incdir)/sudo_debug.h $(incdir)/sudo_fatal.h \
+           $(incdir)/sudo_gettext.h $(incdir)/sudo_plugin.h \
+           $(incdir)/sudo_queue.h $(incdir)/sudo_util.h $(srcdir)/defaults.h \
+           $(srcdir)/interfaces.h $(srcdir)/logging.h $(srcdir)/parse.h \
+           $(srcdir)/sudo_nss.h $(srcdir)/sudoers.h $(srcdir)/sudoers_debug.h \
+           $(srcdir)/sudoers_version.h $(top_builddir)/config.h \
+           $(top_builddir)/pathnames.h
+	$(LIBTOOL) $(LTFLAGS) --mode=compile $(CC) -c $(CPPFLAGS) $(CFLAGS) $(ASAN_CFLAGS) $(PIE_CFLAGS) $(SSP_CFLAGS) $(srcdir)/policy.c
+policy.i: $(srcdir)/policy.c $(devdir)/def_data.h $(incdir)/compat/stdbool.h \
+           $(incdir)/sudo_compat.h $(incdir)/sudo_conf.h \
+           $(incdir)/sudo_debug.h $(incdir)/sudo_fatal.h \
+           $(incdir)/sudo_gettext.h $(incdir)/sudo_plugin.h \
+           $(incdir)/sudo_queue.h $(incdir)/sudo_util.h $(srcdir)/defaults.h \
+           $(srcdir)/interfaces.h $(srcdir)/logging.h $(srcdir)/parse.h \
+           $(srcdir)/sudo_nss.h $(srcdir)/sudoers.h $(srcdir)/sudoers_debug.h \
+           $(srcdir)/sudoers_version.h $(top_builddir)/config.h \
+           $(top_builddir)/pathnames.h
+	$(CC) -E -o $@ $(CPPFLAGS) $<
+policy.plog: policy.i
+	rm -f $@; pvs-studio --cfg $(PVS_CFG) --sourcetree-root $(top_srcdir) --skip-cl-exe yes --source-file $(srcdir)/policy.c --i-file $< --output-file $@
+prompt.lo: $(srcdir)/prompt.c $(devdir)/def_data.h $(incdir)/compat/stdbool.h \
+           $(incdir)/sudo_compat.h $(incdir)/sudo_conf.h \
+           $(incdir)/sudo_debug.h $(incdir)/sudo_fatal.h \
+           $(incdir)/sudo_gettext.h $(incdir)/sudo_plugin.h \
+           $(incdir)/sudo_queue.h $(incdir)/sudo_util.h $(srcdir)/defaults.h \
+           $(srcdir)/logging.h $(srcdir)/parse.h $(srcdir)/sudo_nss.h \
+           $(srcdir)/sudoers.h $(srcdir)/sudoers_debug.h \
+           $(top_builddir)/config.h $(top_builddir)/pathnames.h
+	$(LIBTOOL) $(LTFLAGS) --mode=compile $(CC) -c $(CPPFLAGS) $(CFLAGS) $(ASAN_CFLAGS) $(PIE_CFLAGS) $(SSP_CFLAGS) $(srcdir)/prompt.c
+prompt.i: $(srcdir)/prompt.c $(devdir)/def_data.h $(incdir)/compat/stdbool.h \
+           $(incdir)/sudo_compat.h $(incdir)/sudo_conf.h \
+           $(incdir)/sudo_debug.h $(incdir)/sudo_fatal.h \
+           $(incdir)/sudo_gettext.h $(incdir)/sudo_plugin.h \
+           $(incdir)/sudo_queue.h $(incdir)/sudo_util.h $(srcdir)/defaults.h \
+           $(srcdir)/logging.h $(srcdir)/parse.h $(srcdir)/sudo_nss.h \
+           $(srcdir)/sudoers.h $(srcdir)/sudoers_debug.h \
+           $(top_builddir)/config.h $(top_builddir)/pathnames.h
+	$(CC) -E -o $@ $(CPPFLAGS) $<
+prompt.plog: prompt.i
+	rm -f $@; pvs-studio --cfg $(PVS_CFG) --sourcetree-root $(top_srcdir) --skip-cl-exe yes --source-file $(srcdir)/prompt.c --i-file $< --output-file $@
+pwutil.lo: $(srcdir)/pwutil.c $(devdir)/def_data.h $(incdir)/compat/stdbool.h \
+           $(incdir)/sudo_compat.h $(incdir)/sudo_conf.h \
+           $(incdir)/sudo_debug.h $(incdir)/sudo_fatal.h \
+           $(incdir)/sudo_gettext.h $(incdir)/sudo_plugin.h \
+           $(incdir)/sudo_queue.h $(incdir)/sudo_util.h $(srcdir)/defaults.h \
+           $(srcdir)/logging.h $(srcdir)/parse.h $(srcdir)/pwutil.h \
+           $(srcdir)/redblack.h $(srcdir)/sudo_nss.h $(srcdir)/sudoers.h \
+           $(srcdir)/sudoers_debug.h $(top_builddir)/config.h \
+           $(top_builddir)/pathnames.h
+	$(LIBTOOL) $(LTFLAGS) --mode=compile $(CC) -c $(CPPFLAGS) $(CFLAGS) $(ASAN_CFLAGS) $(PIE_CFLAGS) $(SSP_CFLAGS) $(srcdir)/pwutil.c
+pwutil.i: $(srcdir)/pwutil.c $(devdir)/def_data.h $(incdir)/compat/stdbool.h \
+           $(incdir)/sudo_compat.h $(incdir)/sudo_conf.h \
+           $(incdir)/sudo_debug.h $(incdir)/sudo_fatal.h \
+           $(incdir)/sudo_gettext.h $(incdir)/sudo_plugin.h \
+           $(incdir)/sudo_queue.h $(incdir)/sudo_util.h $(srcdir)/defaults.h \
+           $(srcdir)/logging.h $(srcdir)/parse.h $(srcdir)/pwutil.h \
+           $(srcdir)/redblack.h $(srcdir)/sudo_nss.h $(srcdir)/sudoers.h \
+           $(srcdir)/sudoers_debug.h $(top_builddir)/config.h \
+           $(top_builddir)/pathnames.h
+	$(CC) -E -o $@ $(CPPFLAGS) $<
+pwutil.plog: pwutil.i
+	rm -f $@; pvs-studio --cfg $(PVS_CFG) --sourcetree-root $(top_srcdir) --skip-cl-exe yes --source-file $(srcdir)/pwutil.c --i-file $< --output-file $@
+pwutil_impl.lo: $(srcdir)/pwutil_impl.c $(devdir)/def_data.h \
+                $(incdir)/compat/stdbool.h $(incdir)/sudo_compat.h \
+                $(incdir)/sudo_conf.h $(incdir)/sudo_debug.h \
+                $(incdir)/sudo_fatal.h $(incdir)/sudo_gettext.h \
+                $(incdir)/sudo_plugin.h $(incdir)/sudo_queue.h \
+                $(incdir)/sudo_util.h $(srcdir)/defaults.h $(srcdir)/logging.h \
+                $(srcdir)/parse.h $(srcdir)/pwutil.h $(srcdir)/sudo_nss.h \
+                $(srcdir)/sudoers.h $(srcdir)/sudoers_debug.h \
+                $(top_builddir)/config.h $(top_builddir)/pathnames.h
+	$(LIBTOOL) $(LTFLAGS) --mode=compile $(CC) -c $(CPPFLAGS) $(CFLAGS) $(ASAN_CFLAGS) $(PIE_CFLAGS) $(SSP_CFLAGS) $(srcdir)/pwutil_impl.c
+pwutil_impl.i: $(srcdir)/pwutil_impl.c $(devdir)/def_data.h \
+                $(incdir)/compat/stdbool.h $(incdir)/sudo_compat.h \
+                $(incdir)/sudo_conf.h $(incdir)/sudo_debug.h \
+                $(incdir)/sudo_fatal.h $(incdir)/sudo_gettext.h \
+                $(incdir)/sudo_plugin.h $(incdir)/sudo_queue.h \
+                $(incdir)/sudo_util.h $(srcdir)/defaults.h $(srcdir)/logging.h \
+                $(srcdir)/parse.h $(srcdir)/pwutil.h $(srcdir)/sudo_nss.h \
+                $(srcdir)/sudoers.h $(srcdir)/sudoers_debug.h \
+                $(top_builddir)/config.h $(top_builddir)/pathnames.h
+	$(CC) -E -o $@ $(CPPFLAGS) $<
+pwutil_impl.plog: pwutil_impl.i
+	rm -f $@; pvs-studio --cfg $(PVS_CFG) --sourcetree-root $(top_srcdir) --skip-cl-exe yes --source-file $(srcdir)/pwutil_impl.c --i-file $< --output-file $@
+rcstr.lo: $(srcdir)/rcstr.c $(devdir)/def_data.h $(incdir)/compat/stdbool.h \
+          $(incdir)/sudo_compat.h $(incdir)/sudo_conf.h $(incdir)/sudo_debug.h \
+          $(incdir)/sudo_fatal.h $(incdir)/sudo_gettext.h \
+          $(incdir)/sudo_plugin.h $(incdir)/sudo_queue.h $(incdir)/sudo_util.h \
+          $(srcdir)/defaults.h $(srcdir)/logging.h $(srcdir)/parse.h \
+          $(srcdir)/sudo_nss.h $(srcdir)/sudoers.h $(srcdir)/sudoers_debug.h \
+          $(top_builddir)/config.h $(top_builddir)/pathnames.h
+	$(LIBTOOL) $(LTFLAGS) --mode=compile $(CC) -c $(CPPFLAGS) $(CFLAGS) $(ASAN_CFLAGS) $(PIE_CFLAGS) $(SSP_CFLAGS) $(srcdir)/rcstr.c
+rcstr.i: $(srcdir)/rcstr.c $(devdir)/def_data.h $(incdir)/compat/stdbool.h \
+          $(incdir)/sudo_compat.h $(incdir)/sudo_conf.h $(incdir)/sudo_debug.h \
+          $(incdir)/sudo_fatal.h $(incdir)/sudo_gettext.h \
+          $(incdir)/sudo_plugin.h $(incdir)/sudo_queue.h $(incdir)/sudo_util.h \
+          $(srcdir)/defaults.h $(srcdir)/logging.h $(srcdir)/parse.h \
+          $(srcdir)/sudo_nss.h $(srcdir)/sudoers.h $(srcdir)/sudoers_debug.h \
+          $(top_builddir)/config.h $(top_builddir)/pathnames.h
+	$(CC) -E -o $@ $(CPPFLAGS) $<
+rcstr.plog: rcstr.i
+	rm -f $@; pvs-studio --cfg $(PVS_CFG) --sourcetree-root $(top_srcdir) --skip-cl-exe yes --source-file $(srcdir)/rcstr.c --i-file $< --output-file $@
+redblack.lo: $(srcdir)/redblack.c $(devdir)/def_data.h \
+             $(incdir)/compat/stdbool.h $(incdir)/sudo_compat.h \
+             $(incdir)/sudo_conf.h $(incdir)/sudo_debug.h \
+             $(incdir)/sudo_fatal.h $(incdir)/sudo_gettext.h \
+             $(incdir)/sudo_plugin.h $(incdir)/sudo_queue.h \
+             $(incdir)/sudo_util.h $(srcdir)/defaults.h $(srcdir)/logging.h \
+             $(srcdir)/parse.h $(srcdir)/redblack.h $(srcdir)/sudo_nss.h \
+             $(srcdir)/sudoers.h $(srcdir)/sudoers_debug.h \
+             $(top_builddir)/config.h $(top_builddir)/pathnames.h
+	$(LIBTOOL) $(LTFLAGS) --mode=compile $(CC) -c $(CPPFLAGS) $(CFLAGS) $(ASAN_CFLAGS) $(PIE_CFLAGS) $(SSP_CFLAGS) $(srcdir)/redblack.c
+redblack.i: $(srcdir)/redblack.c $(devdir)/def_data.h \
+             $(incdir)/compat/stdbool.h $(incdir)/sudo_compat.h \
+             $(incdir)/sudo_conf.h $(incdir)/sudo_debug.h \
+             $(incdir)/sudo_fatal.h $(incdir)/sudo_gettext.h \
+             $(incdir)/sudo_plugin.h $(incdir)/sudo_queue.h \
+             $(incdir)/sudo_util.h $(srcdir)/defaults.h $(srcdir)/logging.h \
+             $(srcdir)/parse.h $(srcdir)/redblack.h $(srcdir)/sudo_nss.h \
+             $(srcdir)/sudoers.h $(srcdir)/sudoers_debug.h \
+             $(top_builddir)/config.h $(top_builddir)/pathnames.h
+	$(CC) -E -o $@ $(CPPFLAGS) $<
+redblack.plog: redblack.i
+	rm -f $@; pvs-studio --cfg $(PVS_CFG) --sourcetree-root $(top_srcdir) --skip-cl-exe yes --source-file $(srcdir)/redblack.c --i-file $< --output-file $@
+rfc1938.lo: $(authdir)/rfc1938.c $(devdir)/def_data.h \
+            $(incdir)/compat/stdbool.h $(incdir)/sudo_compat.h \
+            $(incdir)/sudo_conf.h $(incdir)/sudo_debug.h \
+            $(incdir)/sudo_fatal.h $(incdir)/sudo_gettext.h \
+            $(incdir)/sudo_plugin.h $(incdir)/sudo_queue.h \
+            $(incdir)/sudo_util.h $(srcdir)/defaults.h $(srcdir)/logging.h \
+            $(srcdir)/parse.h $(srcdir)/sudo_nss.h $(srcdir)/sudoers.h \
+            $(srcdir)/sudoers_debug.h $(top_builddir)/config.h \
+            $(top_builddir)/pathnames.h
+	$(LIBTOOL) $(LTFLAGS) --mode=compile $(CC) -c $(CPPFLAGS) $(CFLAGS) $(ASAN_CFLAGS) $(PIE_CFLAGS) $(SSP_CFLAGS) $(authdir)/rfc1938.c
+rfc1938.i: $(authdir)/rfc1938.c $(devdir)/def_data.h \
+            $(incdir)/compat/stdbool.h $(incdir)/sudo_compat.h \
+            $(incdir)/sudo_conf.h $(incdir)/sudo_debug.h \
+            $(incdir)/sudo_fatal.h $(incdir)/sudo_gettext.h \
+            $(incdir)/sudo_plugin.h $(incdir)/sudo_queue.h \
+            $(incdir)/sudo_util.h $(srcdir)/defaults.h $(srcdir)/logging.h \
+            $(srcdir)/parse.h $(srcdir)/sudo_nss.h $(srcdir)/sudoers.h \
+            $(srcdir)/sudoers_debug.h $(top_builddir)/config.h \
+            $(top_builddir)/pathnames.h
+	$(CC) -E -o $@ $(CPPFLAGS) $<
+rfc1938.plog: rfc1938.i
+	rm -f $@; pvs-studio --cfg $(PVS_CFG) --sourcetree-root $(top_srcdir) --skip-cl-exe yes --source-file $(authdir)/rfc1938.c --i-file $< --output-file $@
+secureware.lo: $(authdir)/secureware.c $(devdir)/def_data.h \
+               $(incdir)/compat/stdbool.h $(incdir)/sudo_compat.h \
+               $(incdir)/sudo_conf.h $(incdir)/sudo_debug.h \
+               $(incdir)/sudo_fatal.h $(incdir)/sudo_gettext.h \
+               $(incdir)/sudo_plugin.h $(incdir)/sudo_queue.h \
+               $(incdir)/sudo_util.h $(srcdir)/defaults.h $(srcdir)/logging.h \
+               $(srcdir)/parse.h $(srcdir)/sudo_nss.h $(srcdir)/sudoers.h \
+               $(srcdir)/sudoers_debug.h $(top_builddir)/config.h \
+               $(top_builddir)/pathnames.h
+	$(LIBTOOL) $(LTFLAGS) --mode=compile $(CC) -c $(CPPFLAGS) $(CFLAGS) $(ASAN_CFLAGS) $(PIE_CFLAGS) $(SSP_CFLAGS) $(authdir)/secureware.c
+secureware.i: $(authdir)/secureware.c $(devdir)/def_data.h \
+               $(incdir)/compat/stdbool.h $(incdir)/sudo_compat.h \
+               $(incdir)/sudo_conf.h $(incdir)/sudo_debug.h \
+               $(incdir)/sudo_fatal.h $(incdir)/sudo_gettext.h \
+               $(incdir)/sudo_plugin.h $(incdir)/sudo_queue.h \
+               $(incdir)/sudo_util.h $(srcdir)/defaults.h $(srcdir)/logging.h \
+               $(srcdir)/parse.h $(srcdir)/sudo_nss.h $(srcdir)/sudoers.h \
+               $(srcdir)/sudoers_debug.h $(top_builddir)/config.h \
+               $(top_builddir)/pathnames.h
+	$(CC) -E -o $@ $(CPPFLAGS) $<
+secureware.plog: secureware.i
+	rm -f $@; pvs-studio --cfg $(PVS_CFG) --sourcetree-root $(top_srcdir) --skip-cl-exe yes --source-file $(authdir)/secureware.c --i-file $< --output-file $@
+securid5.lo: $(authdir)/securid5.c $(devdir)/def_data.h \
+             $(incdir)/compat/stdbool.h $(incdir)/sudo_compat.h \
+             $(incdir)/sudo_conf.h $(incdir)/sudo_debug.h \
+             $(incdir)/sudo_fatal.h $(incdir)/sudo_gettext.h \
+             $(incdir)/sudo_plugin.h $(incdir)/sudo_queue.h \
+             $(incdir)/sudo_util.h $(srcdir)/defaults.h $(srcdir)/logging.h \
+             $(srcdir)/parse.h $(srcdir)/sudo_nss.h $(srcdir)/sudoers.h \
+             $(srcdir)/sudoers_debug.h $(top_builddir)/config.h \
+             $(top_builddir)/pathnames.h
+	$(LIBTOOL) $(LTFLAGS) --mode=compile $(CC) -c $(CPPFLAGS) $(CFLAGS) $(ASAN_CFLAGS) $(PIE_CFLAGS) $(SSP_CFLAGS) $(authdir)/securid5.c
+securid5.i: $(authdir)/securid5.c $(devdir)/def_data.h \
+             $(incdir)/compat/stdbool.h $(incdir)/sudo_compat.h \
+             $(incdir)/sudo_conf.h $(incdir)/sudo_debug.h \
+             $(incdir)/sudo_fatal.h $(incdir)/sudo_gettext.h \
+             $(incdir)/sudo_plugin.h $(incdir)/sudo_queue.h \
+             $(incdir)/sudo_util.h $(srcdir)/defaults.h $(srcdir)/logging.h \
+             $(srcdir)/parse.h $(srcdir)/sudo_nss.h $(srcdir)/sudoers.h \
+             $(srcdir)/sudoers_debug.h $(top_builddir)/config.h \
+             $(top_builddir)/pathnames.h
+	$(CC) -E -o $@ $(CPPFLAGS) $<
+securid5.plog: securid5.i
+	rm -f $@; pvs-studio --cfg $(PVS_CFG) --sourcetree-root $(top_srcdir) --skip-cl-exe yes --source-file $(authdir)/securid5.c --i-file $< --output-file $@
+set_perms.lo: $(srcdir)/set_perms.c $(devdir)/def_data.h \
+              $(incdir)/compat/stdbool.h $(incdir)/sudo_compat.h \
+              $(incdir)/sudo_conf.h $(incdir)/sudo_debug.h \
+              $(incdir)/sudo_fatal.h $(incdir)/sudo_gettext.h \
+              $(incdir)/sudo_plugin.h $(incdir)/sudo_queue.h \
+              $(incdir)/sudo_util.h $(srcdir)/defaults.h $(srcdir)/logging.h \
+              $(srcdir)/parse.h $(srcdir)/sudo_nss.h $(srcdir)/sudoers.h \
+              $(srcdir)/sudoers_debug.h $(top_builddir)/config.h \
+              $(top_builddir)/pathnames.h
+	$(LIBTOOL) $(LTFLAGS) --mode=compile $(CC) -c $(CPPFLAGS) $(CFLAGS) $(ASAN_CFLAGS) $(PIE_CFLAGS) $(SSP_CFLAGS) $(srcdir)/set_perms.c
+set_perms.i: $(srcdir)/set_perms.c $(devdir)/def_data.h \
+              $(incdir)/compat/stdbool.h $(incdir)/sudo_compat.h \
+              $(incdir)/sudo_conf.h $(incdir)/sudo_debug.h \
+              $(incdir)/sudo_fatal.h $(incdir)/sudo_gettext.h \
+              $(incdir)/sudo_plugin.h $(incdir)/sudo_queue.h \
+              $(incdir)/sudo_util.h $(srcdir)/defaults.h $(srcdir)/logging.h \
+              $(srcdir)/parse.h $(srcdir)/sudo_nss.h $(srcdir)/sudoers.h \
+              $(srcdir)/sudoers_debug.h $(top_builddir)/config.h \
+              $(top_builddir)/pathnames.h
+	$(CC) -E -o $@ $(CPPFLAGS) $<
+set_perms.plog: set_perms.i
+	rm -f $@; pvs-studio --cfg $(PVS_CFG) --sourcetree-root $(top_srcdir) --skip-cl-exe yes --source-file $(srcdir)/set_perms.c --i-file $< --output-file $@
+sia.lo: $(authdir)/sia.c $(devdir)/def_data.h $(incdir)/compat/stdbool.h \
+        $(incdir)/sudo_compat.h $(incdir)/sudo_conf.h $(incdir)/sudo_debug.h \
+        $(incdir)/sudo_fatal.h $(incdir)/sudo_gettext.h \
+        $(incdir)/sudo_plugin.h $(incdir)/sudo_queue.h $(incdir)/sudo_util.h \
+        $(srcdir)/defaults.h $(srcdir)/logging.h $(srcdir)/parse.h \
+        $(srcdir)/sudo_nss.h $(srcdir)/sudoers.h $(srcdir)/sudoers_debug.h \
+        $(top_builddir)/config.h $(top_builddir)/pathnames.h
+	$(LIBTOOL) $(LTFLAGS) --mode=compile $(CC) -c $(CPPFLAGS) $(CFLAGS) $(ASAN_CFLAGS) $(PIE_CFLAGS) $(SSP_CFLAGS) $(authdir)/sia.c
+sia.i: $(authdir)/sia.c $(devdir)/def_data.h $(incdir)/compat/stdbool.h \
+        $(incdir)/sudo_compat.h $(incdir)/sudo_conf.h $(incdir)/sudo_debug.h \
+        $(incdir)/sudo_fatal.h $(incdir)/sudo_gettext.h \
+        $(incdir)/sudo_plugin.h $(incdir)/sudo_queue.h $(incdir)/sudo_util.h \
+        $(srcdir)/defaults.h $(srcdir)/logging.h $(srcdir)/parse.h \
+        $(srcdir)/sudo_nss.h $(srcdir)/sudoers.h $(srcdir)/sudoers_debug.h \
+        $(top_builddir)/config.h $(top_builddir)/pathnames.h
+	$(CC) -E -o $@ $(CPPFLAGS) $<
+sia.plog: sia.i
+	rm -f $@; pvs-studio --cfg $(PVS_CFG) --sourcetree-root $(top_srcdir) --skip-cl-exe yes --source-file $(authdir)/sia.c --i-file $< --output-file $@
+solaris_audit.lo: $(srcdir)/solaris_audit.c $(devdir)/def_data.h \
+                  $(incdir)/compat/stdbool.h $(incdir)/sudo_compat.h \
+                  $(incdir)/sudo_conf.h $(incdir)/sudo_debug.h \
+                  $(incdir)/sudo_fatal.h $(incdir)/sudo_gettext.h \
+                  $(incdir)/sudo_plugin.h $(incdir)/sudo_queue.h \
+                  $(incdir)/sudo_util.h $(srcdir)/defaults.h \
+                  $(srcdir)/logging.h $(srcdir)/parse.h \
+                  $(srcdir)/solaris_audit.h $(srcdir)/sudo_nss.h \
+                  $(srcdir)/sudoers.h $(srcdir)/sudoers_debug.h \
+                  $(top_builddir)/config.h $(top_builddir)/pathnames.h
+	$(LIBTOOL) $(LTFLAGS) --mode=compile $(CC) -c $(CPPFLAGS) $(CFLAGS) $(ASAN_CFLAGS) $(PIE_CFLAGS) $(SSP_CFLAGS) $(srcdir)/solaris_audit.c
+solaris_audit.i: $(srcdir)/solaris_audit.c $(devdir)/def_data.h \
+                  $(incdir)/compat/stdbool.h $(incdir)/sudo_compat.h \
+                  $(incdir)/sudo_conf.h $(incdir)/sudo_debug.h \
+                  $(incdir)/sudo_fatal.h $(incdir)/sudo_gettext.h \
+                  $(incdir)/sudo_plugin.h $(incdir)/sudo_queue.h \
+                  $(incdir)/sudo_util.h $(srcdir)/defaults.h \
+                  $(srcdir)/logging.h $(srcdir)/parse.h \
+                  $(srcdir)/solaris_audit.h $(srcdir)/sudo_nss.h \
+                  $(srcdir)/sudoers.h $(srcdir)/sudoers_debug.h \
+                  $(top_builddir)/config.h $(top_builddir)/pathnames.h
+	$(CC) -E -o $@ $(CPPFLAGS) $<
+solaris_audit.plog: solaris_audit.i
+	rm -f $@; pvs-studio --cfg $(PVS_CFG) --sourcetree-root $(top_srcdir) --skip-cl-exe yes --source-file $(srcdir)/solaris_audit.c --i-file $< --output-file $@
+sssd.lo: $(srcdir)/sssd.c $(devdir)/def_data.h $(devdir)/gram.h \
+         $(incdir)/compat/stdbool.h $(incdir)/sudo_compat.h \
+         $(incdir)/sudo_conf.h $(incdir)/sudo_debug.h $(incdir)/sudo_dso.h \
+         $(incdir)/sudo_fatal.h $(incdir)/sudo_gettext.h $(incdir)/sudo_lbuf.h \
+         $(incdir)/sudo_plugin.h $(incdir)/sudo_queue.h $(incdir)/sudo_util.h \
+         $(srcdir)/defaults.h $(srcdir)/logging.h $(srcdir)/parse.h \
+         $(srcdir)/sudo_ldap.h $(srcdir)/sudo_nss.h $(srcdir)/sudoers.h \
+         $(srcdir)/sudoers_debug.h $(top_builddir)/config.h \
+         $(top_builddir)/pathnames.h
+	$(LIBTOOL) $(LTFLAGS) --mode=compile $(CC) -c $(CPPFLAGS) $(CFLAGS) $(ASAN_CFLAGS) $(PIE_CFLAGS) $(SSP_CFLAGS) $(srcdir)/sssd.c
+sssd.i: $(srcdir)/sssd.c $(devdir)/def_data.h $(devdir)/gram.h \
+         $(incdir)/compat/stdbool.h $(incdir)/sudo_compat.h \
+         $(incdir)/sudo_conf.h $(incdir)/sudo_debug.h $(incdir)/sudo_dso.h \
+         $(incdir)/sudo_fatal.h $(incdir)/sudo_gettext.h $(incdir)/sudo_lbuf.h \
+         $(incdir)/sudo_plugin.h $(incdir)/sudo_queue.h $(incdir)/sudo_util.h \
+         $(srcdir)/defaults.h $(srcdir)/logging.h $(srcdir)/parse.h \
+         $(srcdir)/sudo_ldap.h $(srcdir)/sudo_nss.h $(srcdir)/sudoers.h \
+         $(srcdir)/sudoers_debug.h $(top_builddir)/config.h \
+         $(top_builddir)/pathnames.h
+	$(CC) -E -o $@ $(CPPFLAGS) $<
+sssd.plog: sssd.i
+	rm -f $@; pvs-studio --cfg $(PVS_CFG) --sourcetree-root $(top_srcdir) --skip-cl-exe yes --source-file $(srcdir)/sssd.c --i-file $< --output-file $@
+starttime.lo: $(srcdir)/starttime.c $(devdir)/def_data.h \
+              $(incdir)/compat/stdbool.h $(incdir)/sudo_compat.h \
+              $(incdir)/sudo_conf.h $(incdir)/sudo_debug.h \
+              $(incdir)/sudo_fatal.h $(incdir)/sudo_gettext.h \
+              $(incdir)/sudo_plugin.h $(incdir)/sudo_queue.h \
+              $(incdir)/sudo_util.h $(srcdir)/check.h $(srcdir)/defaults.h \
+              $(srcdir)/logging.h $(srcdir)/parse.h $(srcdir)/sudo_nss.h \
+              $(srcdir)/sudoers.h $(srcdir)/sudoers_debug.h \
+              $(top_builddir)/config.h $(top_builddir)/pathnames.h
+	$(LIBTOOL) $(LTFLAGS) --mode=compile $(CC) -c $(CPPFLAGS) $(CFLAGS) $(ASAN_CFLAGS) $(PIE_CFLAGS) $(SSP_CFLAGS) $(srcdir)/starttime.c
+starttime.i: $(srcdir)/starttime.c $(devdir)/def_data.h \
+              $(incdir)/compat/stdbool.h $(incdir)/sudo_compat.h \
+              $(incdir)/sudo_conf.h $(incdir)/sudo_debug.h \
+              $(incdir)/sudo_fatal.h $(incdir)/sudo_gettext.h \
+              $(incdir)/sudo_plugin.h $(incdir)/sudo_queue.h \
+              $(incdir)/sudo_util.h $(srcdir)/check.h $(srcdir)/defaults.h \
+              $(srcdir)/logging.h $(srcdir)/parse.h $(srcdir)/sudo_nss.h \
+              $(srcdir)/sudoers.h $(srcdir)/sudoers_debug.h \
+              $(top_builddir)/config.h $(top_builddir)/pathnames.h
+	$(CC) -E -o $@ $(CPPFLAGS) $<
+starttime.plog: starttime.i
+	rm -f $@; pvs-studio --cfg $(PVS_CFG) --sourcetree-root $(top_srcdir) --skip-cl-exe yes --source-file $(srcdir)/starttime.c --i-file $< --output-file $@
+strlist.o: $(srcdir)/strlist.c $(incdir)/compat/stdbool.h \
+           $(incdir)/sudo_compat.h $(incdir)/sudo_debug.h \
+           $(incdir)/sudo_queue.h $(incdir)/sudo_util.h $(srcdir)/strlist.h \
+           $(srcdir)/sudoers_debug.h $(top_builddir)/config.h
+	$(CC) -c $(CPPFLAGS) $(CFLAGS) $(ASAN_CFLAGS) $(PIE_CFLAGS) $(SSP_CFLAGS) $(srcdir)/strlist.c
+strlist.i: $(srcdir)/strlist.c $(incdir)/compat/stdbool.h \
+           $(incdir)/sudo_compat.h $(incdir)/sudo_debug.h \
+           $(incdir)/sudo_queue.h $(incdir)/sudo_util.h $(srcdir)/strlist.h \
+           $(srcdir)/sudoers_debug.h $(top_builddir)/config.h
+	$(CC) -E -o $@ $(CPPFLAGS) $<
+strlist.plog: strlist.i
+	rm -f $@; pvs-studio --cfg $(PVS_CFG) --sourcetree-root $(top_srcdir) --skip-cl-exe yes --source-file $(srcdir)/strlist.c --i-file $< --output-file $@
+stubs.o: $(srcdir)/stubs.c $(devdir)/def_data.h $(incdir)/compat/stdbool.h \
+         $(incdir)/sudo_compat.h $(incdir)/sudo_conf.h $(incdir)/sudo_debug.h \
+         $(incdir)/sudo_fatal.h $(incdir)/sudo_gettext.h \
+         $(incdir)/sudo_plugin.h $(incdir)/sudo_queue.h $(incdir)/sudo_util.h \
+         $(srcdir)/defaults.h $(srcdir)/interfaces.h $(srcdir)/logging.h \
+         $(srcdir)/parse.h $(srcdir)/sudo_nss.h $(srcdir)/sudoers.h \
+         $(srcdir)/sudoers_debug.h $(top_builddir)/config.h \
+         $(top_builddir)/pathnames.h
+	$(CC) -c $(CPPFLAGS) $(CFLAGS) $(ASAN_CFLAGS) $(PIE_CFLAGS) $(SSP_CFLAGS) $(srcdir)/stubs.c
+stubs.i: $(srcdir)/stubs.c $(devdir)/def_data.h $(incdir)/compat/stdbool.h \
+         $(incdir)/sudo_compat.h $(incdir)/sudo_conf.h $(incdir)/sudo_debug.h \
+         $(incdir)/sudo_fatal.h $(incdir)/sudo_gettext.h \
+         $(incdir)/sudo_plugin.h $(incdir)/sudo_queue.h $(incdir)/sudo_util.h \
+         $(srcdir)/defaults.h $(srcdir)/interfaces.h $(srcdir)/logging.h \
+         $(srcdir)/parse.h $(srcdir)/sudo_nss.h $(srcdir)/sudoers.h \
+         $(srcdir)/sudoers_debug.h $(top_builddir)/config.h \
+         $(top_builddir)/pathnames.h
+	$(CC) -E -o $@ $(CPPFLAGS) $<
+stubs.plog: stubs.i
+	rm -f $@; pvs-studio --cfg $(PVS_CFG) --sourcetree-root $(top_srcdir) --skip-cl-exe yes --source-file $(srcdir)/stubs.c --i-file $< --output-file $@
+sudo_auth.lo: $(authdir)/sudo_auth.c $(devdir)/def_data.h \
+              $(incdir)/compat/stdbool.h $(incdir)/sudo_compat.h \
+              $(incdir)/sudo_conf.h $(incdir)/sudo_debug.h \
+              $(incdir)/sudo_fatal.h $(incdir)/sudo_gettext.h \
+              $(incdir)/sudo_plugin.h $(incdir)/sudo_queue.h \
+              $(incdir)/sudo_rand.h $(incdir)/sudo_util.h $(srcdir)/defaults.h \
+              $(srcdir)/ins_2001.h $(srcdir)/ins_classic.h \
+              $(srcdir)/ins_csops.h $(srcdir)/ins_goons.h \
+              $(srcdir)/ins_python.h $(srcdir)/insults.h $(srcdir)/logging.h \
+              $(srcdir)/parse.h $(srcdir)/sudo_nss.h $(srcdir)/sudoers.h \
+              $(srcdir)/sudoers_debug.h $(top_builddir)/config.h \
+              $(top_builddir)/pathnames.h
+	$(LIBTOOL) $(LTFLAGS) --mode=compile $(CC) -c $(CPPFLAGS) $(CFLAGS) $(ASAN_CFLAGS) $(PIE_CFLAGS) $(SSP_CFLAGS) $(authdir)/sudo_auth.c
+sudo_auth.i: $(authdir)/sudo_auth.c $(devdir)/def_data.h \
+              $(incdir)/compat/stdbool.h $(incdir)/sudo_compat.h \
+              $(incdir)/sudo_conf.h $(incdir)/sudo_debug.h \
+              $(incdir)/sudo_fatal.h $(incdir)/sudo_gettext.h \
+              $(incdir)/sudo_plugin.h $(incdir)/sudo_queue.h \
+              $(incdir)/sudo_rand.h $(incdir)/sudo_util.h $(srcdir)/defaults.h \
+              $(srcdir)/ins_2001.h $(srcdir)/ins_classic.h \
+              $(srcdir)/ins_csops.h $(srcdir)/ins_goons.h \
+              $(srcdir)/ins_python.h $(srcdir)/insults.h $(srcdir)/logging.h \
+              $(srcdir)/parse.h $(srcdir)/sudo_nss.h $(srcdir)/sudoers.h \
+              $(srcdir)/sudoers_debug.h $(top_builddir)/config.h \
+              $(top_builddir)/pathnames.h
+	$(CC) -E -o $@ $(CPPFLAGS) $<
+sudo_auth.plog: sudo_auth.i
+	rm -f $@; pvs-studio --cfg $(PVS_CFG) --sourcetree-root $(top_srcdir) --skip-cl-exe yes --source-file $(authdir)/sudo_auth.c --i-file $< --output-file $@
+sudo_nss.lo: $(srcdir)/sudo_nss.c $(devdir)/def_data.h \
+             $(incdir)/compat/stdbool.h $(incdir)/sudo_compat.h \
+             $(incdir)/sudo_conf.h $(incdir)/sudo_debug.h \
+             $(incdir)/sudo_fatal.h $(incdir)/sudo_gettext.h \
+             $(incdir)/sudo_lbuf.h $(incdir)/sudo_plugin.h \
+             $(incdir)/sudo_queue.h $(incdir)/sudo_util.h $(srcdir)/defaults.h \
+             $(srcdir)/logging.h $(srcdir)/parse.h $(srcdir)/sudo_nss.h \
+             $(srcdir)/sudoers.h $(srcdir)/sudoers_debug.h \
+             $(top_builddir)/config.h $(top_builddir)/pathnames.h
+	$(LIBTOOL) $(LTFLAGS) --mode=compile $(CC) -c $(CPPFLAGS) $(CFLAGS) $(ASAN_CFLAGS) $(PIE_CFLAGS) $(SSP_CFLAGS) $(srcdir)/sudo_nss.c
+sudo_nss.i: $(srcdir)/sudo_nss.c $(devdir)/def_data.h \
+             $(incdir)/compat/stdbool.h $(incdir)/sudo_compat.h \
+             $(incdir)/sudo_conf.h $(incdir)/sudo_debug.h \
+             $(incdir)/sudo_fatal.h $(incdir)/sudo_gettext.h \
+             $(incdir)/sudo_lbuf.h $(incdir)/sudo_plugin.h \
+             $(incdir)/sudo_queue.h $(incdir)/sudo_util.h $(srcdir)/defaults.h \
+             $(srcdir)/logging.h $(srcdir)/parse.h $(srcdir)/sudo_nss.h \
+             $(srcdir)/sudoers.h $(srcdir)/sudoers_debug.h \
+             $(top_builddir)/config.h $(top_builddir)/pathnames.h
+	$(CC) -E -o $@ $(CPPFLAGS) $<
+sudo_nss.plog: sudo_nss.i
+	rm -f $@; pvs-studio --cfg $(PVS_CFG) --sourcetree-root $(top_srcdir) --skip-cl-exe yes --source-file $(srcdir)/sudo_nss.c --i-file $< --output-file $@
+sudo_printf.o: $(srcdir)/sudo_printf.c $(incdir)/compat/stdbool.h \
+               $(incdir)/sudo_compat.h $(incdir)/sudo_debug.h \
+               $(incdir)/sudo_plugin.h $(incdir)/sudo_queue.h \
+               $(top_builddir)/config.h
+	$(CC) -c $(CPPFLAGS) $(CFLAGS) $(ASAN_CFLAGS) $(PIE_CFLAGS) $(SSP_CFLAGS) $(srcdir)/sudo_printf.c
+sudo_printf.i: $(srcdir)/sudo_printf.c $(incdir)/compat/stdbool.h \
+               $(incdir)/sudo_compat.h $(incdir)/sudo_debug.h \
+               $(incdir)/sudo_plugin.h $(incdir)/sudo_queue.h \
+               $(top_builddir)/config.h
+	$(CC) -E -o $@ $(CPPFLAGS) $<
+sudo_printf.plog: sudo_printf.i
+	rm -f $@; pvs-studio --cfg $(PVS_CFG) --sourcetree-root $(top_srcdir) --skip-cl-exe yes --source-file $(srcdir)/sudo_printf.c --i-file $< --output-file $@
+sudoers.lo: $(srcdir)/sudoers.c $(devdir)/def_data.h \
+            $(incdir)/compat/getaddrinfo.h $(incdir)/compat/stdbool.h \
+            $(incdir)/sudo_compat.h $(incdir)/sudo_conf.h \
+            $(incdir)/sudo_debug.h $(incdir)/sudo_fatal.h \
+            $(incdir)/sudo_gettext.h $(incdir)/sudo_plugin.h \
+            $(incdir)/sudo_queue.h $(incdir)/sudo_util.h \
+            $(srcdir)/auth/sudo_auth.h $(srcdir)/defaults.h \
+            $(srcdir)/logging.h $(srcdir)/parse.h $(srcdir)/sudo_nss.h \
+            $(srcdir)/sudoers.h $(srcdir)/sudoers_debug.h \
+            $(top_builddir)/config.h $(top_builddir)/pathnames.h
+	$(LIBTOOL) $(LTFLAGS) --mode=compile $(CC) -c $(CPPFLAGS) $(CFLAGS) $(ASAN_CFLAGS) $(PIE_CFLAGS) $(SSP_CFLAGS) $(srcdir)/sudoers.c
+sudoers.i: $(srcdir)/sudoers.c $(devdir)/def_data.h \
+            $(incdir)/compat/getaddrinfo.h $(incdir)/compat/stdbool.h \
+            $(incdir)/sudo_compat.h $(incdir)/sudo_conf.h \
+            $(incdir)/sudo_debug.h $(incdir)/sudo_fatal.h \
+            $(incdir)/sudo_gettext.h $(incdir)/sudo_plugin.h \
+            $(incdir)/sudo_queue.h $(incdir)/sudo_util.h \
+            $(srcdir)/auth/sudo_auth.h $(srcdir)/defaults.h \
+            $(srcdir)/logging.h $(srcdir)/parse.h $(srcdir)/sudo_nss.h \
+            $(srcdir)/sudoers.h $(srcdir)/sudoers_debug.h \
+            $(top_builddir)/config.h $(top_builddir)/pathnames.h
+	$(CC) -E -o $@ $(CPPFLAGS) $<
+sudoers.plog: sudoers.i
+	rm -f $@; pvs-studio --cfg $(PVS_CFG) --sourcetree-root $(top_srcdir) --skip-cl-exe yes --source-file $(srcdir)/sudoers.c --i-file $< --output-file $@
+sudoers_debug.lo: $(srcdir)/sudoers_debug.c $(devdir)/def_data.h \
+                  $(incdir)/compat/stdbool.h $(incdir)/sudo_compat.h \
+                  $(incdir)/sudo_conf.h $(incdir)/sudo_debug.h \
+                  $(incdir)/sudo_fatal.h $(incdir)/sudo_gettext.h \
+                  $(incdir)/sudo_plugin.h $(incdir)/sudo_queue.h \
+                  $(incdir)/sudo_util.h $(srcdir)/defaults.h \
+                  $(srcdir)/logging.h $(srcdir)/parse.h $(srcdir)/sudo_nss.h \
+                  $(srcdir)/sudoers.h $(srcdir)/sudoers_debug.h \
+                  $(top_builddir)/config.h $(top_builddir)/pathnames.h
+	$(LIBTOOL) $(LTFLAGS) --mode=compile $(CC) -c $(CPPFLAGS) $(CFLAGS) $(ASAN_CFLAGS) $(PIE_CFLAGS) $(SSP_CFLAGS) $(srcdir)/sudoers_debug.c
+sudoers_debug.i: $(srcdir)/sudoers_debug.c $(devdir)/def_data.h \
+                  $(incdir)/compat/stdbool.h $(incdir)/sudo_compat.h \
+                  $(incdir)/sudo_conf.h $(incdir)/sudo_debug.h \
+                  $(incdir)/sudo_fatal.h $(incdir)/sudo_gettext.h \
+                  $(incdir)/sudo_plugin.h $(incdir)/sudo_queue.h \
+                  $(incdir)/sudo_util.h $(srcdir)/defaults.h \
+                  $(srcdir)/logging.h $(srcdir)/parse.h $(srcdir)/sudo_nss.h \
+                  $(srcdir)/sudoers.h $(srcdir)/sudoers_debug.h \
+                  $(top_builddir)/config.h $(top_builddir)/pathnames.h
+	$(CC) -E -o $@ $(CPPFLAGS) $<
+sudoers_debug.plog: sudoers_debug.i
+	rm -f $@; pvs-studio --cfg $(PVS_CFG) --sourcetree-root $(top_srcdir) --skip-cl-exe yes --source-file $(srcdir)/sudoers_debug.c --i-file $< --output-file $@
+sudoreplay.o: $(srcdir)/sudoreplay.c $(incdir)/compat/getopt.h \
+              $(incdir)/compat/stdbool.h $(incdir)/sudo_compat.h \
+              $(incdir)/sudo_conf.h $(incdir)/sudo_debug.h \
+              $(incdir)/sudo_event.h $(incdir)/sudo_fatal.h \
+              $(incdir)/sudo_gettext.h $(incdir)/sudo_plugin.h \
+              $(incdir)/sudo_queue.h $(incdir)/sudo_util.h $(srcdir)/iolog.h \
+              $(srcdir)/iolog_files.h $(srcdir)/logging.h \
+              $(top_builddir)/config.h $(top_builddir)/pathnames.h
+	$(CC) -c $(CPPFLAGS) $(CFLAGS) $(ASAN_CFLAGS) $(PIE_CFLAGS) $(SSP_CFLAGS) $(srcdir)/sudoreplay.c
+sudoreplay.i: $(srcdir)/sudoreplay.c $(incdir)/compat/getopt.h \
+              $(incdir)/compat/stdbool.h $(incdir)/sudo_compat.h \
+              $(incdir)/sudo_conf.h $(incdir)/sudo_debug.h \
+              $(incdir)/sudo_event.h $(incdir)/sudo_fatal.h \
+              $(incdir)/sudo_gettext.h $(incdir)/sudo_plugin.h \
+              $(incdir)/sudo_queue.h $(incdir)/sudo_util.h $(srcdir)/iolog.h \
+              $(srcdir)/iolog_files.h $(srcdir)/logging.h \
+              $(top_builddir)/config.h $(top_builddir)/pathnames.h
+	$(CC) -E -o $@ $(CPPFLAGS) $<
+sudoreplay.plog: sudoreplay.i
+	rm -f $@; pvs-studio --cfg $(PVS_CFG) --sourcetree-root $(top_srcdir) --skip-cl-exe yes --source-file $(srcdir)/sudoreplay.c --i-file $< --output-file $@
+testsudoers.o: $(srcdir)/testsudoers.c $(devdir)/def_data.h $(devdir)/gram.h \
+               $(incdir)/compat/stdbool.h $(incdir)/sudo_compat.h \
+               $(incdir)/sudo_conf.h $(incdir)/sudo_debug.h \
+               $(incdir)/sudo_fatal.h $(incdir)/sudo_gettext.h \
+               $(incdir)/sudo_lbuf.h $(incdir)/sudo_plugin.h \
+               $(incdir)/sudo_queue.h $(incdir)/sudo_util.h \
+               $(srcdir)/defaults.h $(srcdir)/interfaces.h $(srcdir)/logging.h \
+               $(srcdir)/parse.h $(srcdir)/sudo_nss.h $(srcdir)/sudoers.h \
+               $(srcdir)/sudoers_debug.h $(srcdir)/tsgetgrpw.h \
+               $(top_builddir)/config.h $(top_builddir)/pathnames.h
+	$(CC) -c $(CPPFLAGS) $(CFLAGS) $(ASAN_CFLAGS) $(PIE_CFLAGS) $(SSP_CFLAGS) $(srcdir)/testsudoers.c
+testsudoers.i: $(srcdir)/testsudoers.c $(devdir)/def_data.h $(devdir)/gram.h \
+               $(incdir)/compat/stdbool.h $(incdir)/sudo_compat.h \
+               $(incdir)/sudo_conf.h $(incdir)/sudo_debug.h \
+               $(incdir)/sudo_fatal.h $(incdir)/sudo_gettext.h \
+               $(incdir)/sudo_lbuf.h $(incdir)/sudo_plugin.h \
+               $(incdir)/sudo_queue.h $(incdir)/sudo_util.h \
+               $(srcdir)/defaults.h $(srcdir)/interfaces.h $(srcdir)/logging.h \
+               $(srcdir)/parse.h $(srcdir)/sudo_nss.h $(srcdir)/sudoers.h \
+               $(srcdir)/sudoers_debug.h $(srcdir)/tsgetgrpw.h \
+               $(top_builddir)/config.h $(top_builddir)/pathnames.h
+	$(CC) -E -o $@ $(CPPFLAGS) $<
+testsudoers.plog: testsudoers.i
+	rm -f $@; pvs-studio --cfg $(PVS_CFG) --sourcetree-root $(top_srcdir) --skip-cl-exe yes --source-file $(srcdir)/testsudoers.c --i-file $< --output-file $@
+timeout.lo: $(srcdir)/timeout.c $(incdir)/compat/stdbool.h \
+            $(incdir)/sudo_compat.h $(incdir)/sudo_debug.h \
+            $(incdir)/sudo_queue.h $(srcdir)/parse.h $(srcdir)/sudoers_debug.h \
+            $(top_builddir)/config.h
+	$(LIBTOOL) $(LTFLAGS) --mode=compile $(CC) -c $(CPPFLAGS) $(CFLAGS) $(ASAN_CFLAGS) $(PIE_CFLAGS) $(SSP_CFLAGS) $(srcdir)/timeout.c
+timeout.i: $(srcdir)/timeout.c $(incdir)/compat/stdbool.h \
+            $(incdir)/sudo_compat.h $(incdir)/sudo_debug.h \
+            $(incdir)/sudo_queue.h $(srcdir)/parse.h $(srcdir)/sudoers_debug.h \
+            $(top_builddir)/config.h
+	$(CC) -E -o $@ $(CPPFLAGS) $<
+timeout.plog: timeout.i
+	rm -f $@; pvs-studio --cfg $(PVS_CFG) --sourcetree-root $(top_srcdir) --skip-cl-exe yes --source-file $(srcdir)/timeout.c --i-file $< --output-file $@
+timestamp.lo: $(srcdir)/timestamp.c $(devdir)/def_data.h \
+              $(incdir)/compat/stdbool.h $(incdir)/sudo_compat.h \
+              $(incdir)/sudo_conf.h $(incdir)/sudo_debug.h \
+              $(incdir)/sudo_fatal.h $(incdir)/sudo_gettext.h \
+              $(incdir)/sudo_plugin.h $(incdir)/sudo_queue.h \
+              $(incdir)/sudo_util.h $(srcdir)/check.h $(srcdir)/defaults.h \
+              $(srcdir)/logging.h $(srcdir)/parse.h $(srcdir)/sudo_nss.h \
+              $(srcdir)/sudoers.h $(srcdir)/sudoers_debug.h \
+              $(top_builddir)/config.h $(top_builddir)/pathnames.h
+	$(LIBTOOL) $(LTFLAGS) --mode=compile $(CC) -c $(CPPFLAGS) $(CFLAGS) $(ASAN_CFLAGS) $(PIE_CFLAGS) $(SSP_CFLAGS) $(srcdir)/timestamp.c
+timestamp.i: $(srcdir)/timestamp.c $(devdir)/def_data.h \
+              $(incdir)/compat/stdbool.h $(incdir)/sudo_compat.h \
+              $(incdir)/sudo_conf.h $(incdir)/sudo_debug.h \
+              $(incdir)/sudo_fatal.h $(incdir)/sudo_gettext.h \
+              $(incdir)/sudo_plugin.h $(incdir)/sudo_queue.h \
+              $(incdir)/sudo_util.h $(srcdir)/check.h $(srcdir)/defaults.h \
+              $(srcdir)/logging.h $(srcdir)/parse.h $(srcdir)/sudo_nss.h \
+              $(srcdir)/sudoers.h $(srcdir)/sudoers_debug.h \
+              $(top_builddir)/config.h $(top_builddir)/pathnames.h
+	$(CC) -E -o $@ $(CPPFLAGS) $<
+timestamp.plog: timestamp.i
+	rm -f $@; pvs-studio --cfg $(PVS_CFG) --sourcetree-root $(top_srcdir) --skip-cl-exe yes --source-file $(srcdir)/timestamp.c --i-file $< --output-file $@
+timestr.lo: $(srcdir)/timestr.c $(incdir)/compat/stdbool.h \
+            $(incdir)/sudo_compat.h $(incdir)/sudo_debug.h \
+            $(incdir)/sudo_queue.h $(srcdir)/parse.h $(top_builddir)/config.h
+	$(LIBTOOL) $(LTFLAGS) --mode=compile $(CC) -c $(CPPFLAGS) $(CFLAGS) $(ASAN_CFLAGS) $(PIE_CFLAGS) $(SSP_CFLAGS) $(srcdir)/timestr.c
+timestr.i: $(srcdir)/timestr.c $(incdir)/compat/stdbool.h \
+            $(incdir)/sudo_compat.h $(incdir)/sudo_debug.h \
+            $(incdir)/sudo_queue.h $(srcdir)/parse.h $(top_builddir)/config.h
+	$(CC) -E -o $@ $(CPPFLAGS) $<
+timestr.plog: timestr.i
+	rm -f $@; pvs-studio --cfg $(PVS_CFG) --sourcetree-root $(top_srcdir) --skip-cl-exe yes --source-file $(srcdir)/timestr.c --i-file $< --output-file $@
+toke.lo: $(devdir)/toke.c $(devdir)/def_data.h $(devdir)/gram.h \
+         $(incdir)/compat/stdbool.h $(incdir)/sudo_compat.h \
+         $(incdir)/sudo_conf.h $(incdir)/sudo_debug.h $(incdir)/sudo_digest.h \
+         $(incdir)/sudo_fatal.h $(incdir)/sudo_gettext.h $(incdir)/sudo_lbuf.h \
+         $(incdir)/sudo_plugin.h $(incdir)/sudo_queue.h $(incdir)/sudo_util.h \
+         $(srcdir)/defaults.h $(srcdir)/logging.h $(srcdir)/parse.h \
+         $(srcdir)/sudo_nss.h $(srcdir)/sudoers.h $(srcdir)/sudoers_debug.h \
+         $(srcdir)/toke.h $(top_builddir)/config.h $(top_builddir)/pathnames.h
+	$(LIBTOOL) $(LTFLAGS) --mode=compile $(CC) -c $(CPPFLAGS) $(CFLAGS) $(ASAN_CFLAGS) $(PIE_CFLAGS) $(SSP_CFLAGS) $(devdir)/toke.c
+toke.i: $(devdir)/toke.c $(devdir)/def_data.h $(devdir)/gram.h \
+         $(incdir)/compat/stdbool.h $(incdir)/sudo_compat.h \
+         $(incdir)/sudo_conf.h $(incdir)/sudo_debug.h $(incdir)/sudo_digest.h \
+         $(incdir)/sudo_fatal.h $(incdir)/sudo_gettext.h $(incdir)/sudo_lbuf.h \
+         $(incdir)/sudo_plugin.h $(incdir)/sudo_queue.h $(incdir)/sudo_util.h \
+         $(srcdir)/defaults.h $(srcdir)/logging.h $(srcdir)/parse.h \
+         $(srcdir)/sudo_nss.h $(srcdir)/sudoers.h $(srcdir)/sudoers_debug.h \
+         $(srcdir)/toke.h $(top_builddir)/config.h $(top_builddir)/pathnames.h
+	$(CC) -E -o $@ $(CPPFLAGS) $<
+toke.plog: toke.i
+	rm -f $@; pvs-studio --cfg $(PVS_CFG) --sourcetree-root $(top_srcdir) --skip-cl-exe yes --source-file $(devdir)/toke.c --i-file $< --output-file $@
+toke_util.lo: $(srcdir)/toke_util.c $(devdir)/def_data.h $(devdir)/gram.h \
+              $(incdir)/compat/stdbool.h $(incdir)/sudo_compat.h \
+              $(incdir)/sudo_conf.h $(incdir)/sudo_debug.h \
+              $(incdir)/sudo_fatal.h $(incdir)/sudo_gettext.h \
+              $(incdir)/sudo_plugin.h $(incdir)/sudo_queue.h \
+              $(incdir)/sudo_util.h $(srcdir)/defaults.h $(srcdir)/logging.h \
+              $(srcdir)/parse.h $(srcdir)/sudo_nss.h $(srcdir)/sudoers.h \
+              $(srcdir)/sudoers_debug.h $(srcdir)/toke.h \
+              $(top_builddir)/config.h $(top_builddir)/pathnames.h
+	$(LIBTOOL) $(LTFLAGS) --mode=compile $(CC) -c $(CPPFLAGS) $(CFLAGS) $(ASAN_CFLAGS) $(PIE_CFLAGS) $(SSP_CFLAGS) $(srcdir)/toke_util.c
+toke_util.i: $(srcdir)/toke_util.c $(devdir)/def_data.h $(devdir)/gram.h \
+              $(incdir)/compat/stdbool.h $(incdir)/sudo_compat.h \
+              $(incdir)/sudo_conf.h $(incdir)/sudo_debug.h \
+              $(incdir)/sudo_fatal.h $(incdir)/sudo_gettext.h \
+              $(incdir)/sudo_plugin.h $(incdir)/sudo_queue.h \
+              $(incdir)/sudo_util.h $(srcdir)/defaults.h $(srcdir)/logging.h \
+              $(srcdir)/parse.h $(srcdir)/sudo_nss.h $(srcdir)/sudoers.h \
+              $(srcdir)/sudoers_debug.h $(srcdir)/toke.h \
+              $(top_builddir)/config.h $(top_builddir)/pathnames.h
+	$(CC) -E -o $@ $(CPPFLAGS) $<
+toke_util.plog: toke_util.i
+	rm -f $@; pvs-studio --cfg $(PVS_CFG) --sourcetree-root $(top_srcdir) --skip-cl-exe yes --source-file $(srcdir)/toke_util.c --i-file $< --output-file $@
+tsdump.o: $(srcdir)/tsdump.c $(devdir)/def_data.h $(incdir)/compat/stdbool.h \
+          $(incdir)/sudo_compat.h $(incdir)/sudo_conf.h $(incdir)/sudo_debug.h \
+          $(incdir)/sudo_fatal.h $(incdir)/sudo_gettext.h \
+          $(incdir)/sudo_plugin.h $(incdir)/sudo_queue.h $(incdir)/sudo_util.h \
+          $(srcdir)/check.h $(srcdir)/defaults.h $(srcdir)/logging.h \
+          $(srcdir)/parse.h $(srcdir)/sudo_nss.h $(srcdir)/sudoers.h \
+          $(srcdir)/sudoers_debug.h $(top_builddir)/config.h \
+          $(top_builddir)/pathnames.h
+	$(CC) -c $(CPPFLAGS) $(CFLAGS) $(ASAN_CFLAGS) $(PIE_CFLAGS) $(SSP_CFLAGS) $(srcdir)/tsdump.c
+tsdump.i: $(srcdir)/tsdump.c $(devdir)/def_data.h $(incdir)/compat/stdbool.h \
+          $(incdir)/sudo_compat.h $(incdir)/sudo_conf.h $(incdir)/sudo_debug.h \
+          $(incdir)/sudo_fatal.h $(incdir)/sudo_gettext.h \
+          $(incdir)/sudo_plugin.h $(incdir)/sudo_queue.h $(incdir)/sudo_util.h \
+          $(srcdir)/check.h $(srcdir)/defaults.h $(srcdir)/logging.h \
+          $(srcdir)/parse.h $(srcdir)/sudo_nss.h $(srcdir)/sudoers.h \
+          $(srcdir)/sudoers_debug.h $(top_builddir)/config.h \
+          $(top_builddir)/pathnames.h
+	$(CC) -E -o $@ $(CPPFLAGS) $<
+tsdump.plog: tsdump.i
+	rm -f $@; pvs-studio --cfg $(PVS_CFG) --sourcetree-root $(top_srcdir) --skip-cl-exe yes --source-file $(srcdir)/tsdump.c --i-file $< --output-file $@
+tsgetgrpw.o: $(srcdir)/tsgetgrpw.c $(devdir)/def_data.h \
+             $(incdir)/compat/stdbool.h $(incdir)/sudo_compat.h \
+             $(incdir)/sudo_conf.h $(incdir)/sudo_debug.h \
+             $(incdir)/sudo_fatal.h $(incdir)/sudo_gettext.h \
+             $(incdir)/sudo_plugin.h $(incdir)/sudo_queue.h \
+             $(incdir)/sudo_util.h $(srcdir)/defaults.h $(srcdir)/logging.h \
+             $(srcdir)/parse.h $(srcdir)/sudo_nss.h $(srcdir)/sudoers.h \
+             $(srcdir)/sudoers_debug.h $(srcdir)/tsgetgrpw.h \
+             $(top_builddir)/config.h $(top_builddir)/pathnames.h
+	$(CC) -c $(CPPFLAGS) $(CFLAGS) $(ASAN_CFLAGS) $(PIE_CFLAGS) $(SSP_CFLAGS) $(srcdir)/tsgetgrpw.c
+tsgetgrpw.i: $(srcdir)/tsgetgrpw.c $(devdir)/def_data.h \
+             $(incdir)/compat/stdbool.h $(incdir)/sudo_compat.h \
+             $(incdir)/sudo_conf.h $(incdir)/sudo_debug.h \
+             $(incdir)/sudo_fatal.h $(incdir)/sudo_gettext.h \
+             $(incdir)/sudo_plugin.h $(incdir)/sudo_queue.h \
+             $(incdir)/sudo_util.h $(srcdir)/defaults.h $(srcdir)/logging.h \
+             $(srcdir)/parse.h $(srcdir)/sudo_nss.h $(srcdir)/sudoers.h \
+             $(srcdir)/sudoers_debug.h $(srcdir)/tsgetgrpw.h \
+             $(top_builddir)/config.h $(top_builddir)/pathnames.h
+	$(CC) -E -o $@ $(CPPFLAGS) $<
+tsgetgrpw.plog: tsgetgrpw.i
+	rm -f $@; pvs-studio --cfg $(PVS_CFG) --sourcetree-root $(top_srcdir) --skip-cl-exe yes --source-file $(srcdir)/tsgetgrpw.c --i-file $< --output-file $@
+visudo.o: $(srcdir)/visudo.c $(devdir)/def_data.h $(devdir)/gram.h \
+          $(incdir)/compat/getopt.h $(incdir)/compat/stdbool.h \
+          $(incdir)/sudo_compat.h $(incdir)/sudo_conf.h $(incdir)/sudo_debug.h \
+          $(incdir)/sudo_fatal.h $(incdir)/sudo_gettext.h \
+          $(incdir)/sudo_plugin.h $(incdir)/sudo_queue.h $(incdir)/sudo_util.h \
+          $(srcdir)/defaults.h $(srcdir)/interfaces.h $(srcdir)/logging.h \
+          $(srcdir)/parse.h $(srcdir)/redblack.h $(srcdir)/sudo_nss.h \
+          $(srcdir)/sudoers.h $(srcdir)/sudoers_debug.h \
+          $(srcdir)/sudoers_version.h $(top_builddir)/config.h \
+          $(top_builddir)/pathnames.h
+	$(CC) -c $(CPPFLAGS) $(CFLAGS) $(ASAN_CFLAGS) $(PIE_CFLAGS) $(SSP_CFLAGS) $(srcdir)/visudo.c
+visudo.i: $(srcdir)/visudo.c $(devdir)/def_data.h $(devdir)/gram.h \
+          $(incdir)/compat/getopt.h $(incdir)/compat/stdbool.h \
+          $(incdir)/sudo_compat.h $(incdir)/sudo_conf.h $(incdir)/sudo_debug.h \
+          $(incdir)/sudo_fatal.h $(incdir)/sudo_gettext.h \
+          $(incdir)/sudo_plugin.h $(incdir)/sudo_queue.h $(incdir)/sudo_util.h \
+          $(srcdir)/defaults.h $(srcdir)/interfaces.h $(srcdir)/logging.h \
+          $(srcdir)/parse.h $(srcdir)/redblack.h $(srcdir)/sudo_nss.h \
+          $(srcdir)/sudoers.h $(srcdir)/sudoers_debug.h \
+          $(srcdir)/sudoers_version.h $(top_builddir)/config.h \
+          $(top_builddir)/pathnames.h
+	$(CC) -E -o $@ $(CPPFLAGS) $<
+visudo.plog: visudo.i
+	rm -f $@; pvs-studio --cfg $(PVS_CFG) --sourcetree-root $(top_srcdir) --skip-cl-exe yes --source-file $(srcdir)/visudo.c --i-file $< --output-file $@
diff --git a/plugins/sudoers/alias.c b/plugins/sudoers/alias.c
new file mode 100644
index 0000000..a5b4573
--- /dev/null
+++ b/plugins/sudoers/alias.c
@@ -0,0 +1,381 @@
+/*
+ * Copyright (c) 2004-2005, 2007-2018
+ *	Todd C. Miller <Todd.Miller@sudo.ws>
+ *
+ * Permission to use, copy, modify, and distribute this software for any
+ * purpose with or without fee is hereby granted, provided that the above
+ * copyright notice and this permission notice appear in all copies.
+ *
+ * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
+ * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
+ * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
+ * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
+ * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
+ * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
+ * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
+ */
+
+/*
+ * This is an open source non-commercial project. Dear PVS-Studio, please check it.
+ * PVS-Studio Static Code Analyzer for C, C++ and C#: http://www.viva64.com
+ */
+
+/*
+ * This is an open source non-commercial project. Dear PVS-Studio, please check it.
+ * PVS-Studio Static Code Analyzer for C, C++ and C#: http://www.viva64.com
+ */
+
+#include <config.h>
+
+#include <sys/types.h>
+#include <stdio.h>
+#include <stdlib.h>
+#ifdef HAVE_STRING_H
+# include <string.h>
+#endif /* HAVE_STRING_H */
+#ifdef HAVE_STRINGS_H
+# include <strings.h>
+#endif /* HAVE_STRING_H */
+#include <unistd.h>
+#include <errno.h>
+
+#include "sudoers.h"
+#include "redblack.h"
+#include <gram.h>
+
+/*
+ * Comparison function for the red-black tree.
+ * Aliases are sorted by name with the type used as a tie-breaker.
+ */
+static int
+alias_compare(const void *v1, const void *v2)
+{
+    const struct alias *a1 = (const struct alias *)v1;
+    const struct alias *a2 = (const struct alias *)v2;
+    int res;
+    debug_decl(alias_compare, SUDOERS_DEBUG_ALIAS)
+
+    if (a1 == NULL)
+	res = -1;
+    else if (a2 == NULL)
+	res = 1;
+    else if ((res = strcmp(a1->name, a2->name)) == 0)
+	res = a1->type - a2->type;
+    debug_return_int(res);
+}
+
+/*
+ * Search the tree for an alias with the specified name and type.
+ * Returns a pointer to the alias structure or NULL if not found.
+ * Caller is responsible for calling alias_put() on the returned
+ * alias to mark it as unused.
+ */
+struct alias *
+alias_get(struct sudoers_parse_tree *parse_tree, const char *name, int type)
+{
+    struct alias key;
+    struct rbnode *node;
+    struct alias *a = NULL;
+    debug_decl(alias_get, SUDOERS_DEBUG_ALIAS)
+
+    if (parse_tree->aliases == NULL)
+	debug_return_ptr(NULL);
+
+    key.name = (char *)name;
+    key.type = type;
+    if ((node = rbfind(parse_tree->aliases, &key)) != NULL) {
+	/*
+	 * Check whether this alias is already in use.
+	 * If so, we've detected a loop.  If not, set the flag,
+	 * which the caller should clear with a call to alias_put().
+	 */
+	a = node->data;
+	if (a->used) {
+	    errno = ELOOP;
+	    debug_return_ptr(NULL);
+	}
+	a->used = true;
+    } else {
+	errno = ENOENT;
+    }
+    debug_return_ptr(a);
+}
+
+/*
+ * Clear the "used" flag in an alias once the caller is done with it.
+ */
+void
+alias_put(struct alias *a)
+{
+    debug_decl(alias_put, SUDOERS_DEBUG_ALIAS)
+    a->used = false;
+    debug_return;
+}
+
+/*
+ * Add an alias to the aliases redblack tree.
+ * Note that "file" must be a reference-counted string.
+ * Returns NULL on success and an error string on failure.
+ */
+const char *
+alias_add(struct sudoers_parse_tree *parse_tree, char *name, int type,
+    char *file, int lineno, struct member *members)
+{
+    static char errbuf[512];
+    struct alias *a;
+    debug_decl(alias_add, SUDOERS_DEBUG_ALIAS)
+
+    if (parse_tree->aliases == NULL) {
+	if ((parse_tree->aliases = alloc_aliases()) == NULL) {
+	    strlcpy(errbuf, N_("unable to allocate memory"), sizeof(errbuf));
+	    debug_return_str(errbuf);
+	}
+    }
+
+    a = calloc(1, sizeof(*a));
+    if (a == NULL) {
+	strlcpy(errbuf, N_("unable to allocate memory"), sizeof(errbuf));
+	debug_return_str(errbuf);
+    }
+    a->name = name;
+    a->type = type;
+    /* a->used = false; */
+    a->file = rcstr_addref(file);
+    a->lineno = lineno;
+    HLTQ_TO_TAILQ(&a->members, members, entries);
+    switch (rbinsert(parse_tree->aliases, a, NULL)) {
+    case 1:
+	snprintf(errbuf, sizeof(errbuf), N_("Alias \"%s\" already defined"),
+	    name);
+	alias_free(a);
+	debug_return_str(errbuf);
+    case -1:
+	strlcpy(errbuf, N_("unable to allocate memory"), sizeof(errbuf));
+	alias_free(a);
+	debug_return_str(errbuf);
+    }
+    debug_return_str(NULL);
+}
+
+/*
+ * Closure to adapt 2-arg rbapply() to 3-arg alias_apply().
+ */
+struct alias_apply_closure {
+    struct sudoers_parse_tree *parse_tree;
+    int (*func)(struct sudoers_parse_tree *, struct alias *, void *);
+    void *cookie;
+};
+
+/* Adapt rbapply() to alias_apply() calling convention. */
+static int
+alias_apply_func(void *v1, void *v2)
+{
+    struct alias *a = v1;
+    struct alias_apply_closure *closure = v2;
+
+    return closure->func(closure->parse_tree, a, closure->cookie);
+}
+
+/*
+ * Apply a function to each alias entry and pass in a cookie.
+ */
+void
+alias_apply(struct sudoers_parse_tree *parse_tree,
+    int (*func)(struct sudoers_parse_tree *, struct alias *, void *),
+    void *cookie)
+{
+    struct alias_apply_closure closure;
+    debug_decl(alias_apply, SUDOERS_DEBUG_ALIAS)
+
+    if (parse_tree->aliases != NULL) {
+	closure.parse_tree = parse_tree;
+	closure.func = func;
+	closure.cookie = cookie;
+	rbapply(parse_tree->aliases, alias_apply_func, &closure, inorder);
+    }
+
+    debug_return;
+}
+
+/*
+ * Returns true if there are no aliases in the parse_tree, else false.
+ */
+bool
+no_aliases(struct sudoers_parse_tree *parse_tree)
+{
+    debug_decl(no_aliases, SUDOERS_DEBUG_ALIAS)
+    debug_return_bool(parse_tree->aliases == NULL ||
+	rbisempty(parse_tree->aliases));
+}
+
+/*
+ * Free memory used by an alias struct and its members.
+ */
+void
+alias_free(void *v)
+{
+    struct alias *a = (struct alias *)v;
+    debug_decl(alias_free, SUDOERS_DEBUG_ALIAS)
+
+    if (a != NULL) {
+	free(a->name);
+	rcstr_delref(a->file);
+	free_members(&a->members);
+	free(a);
+    }
+
+    debug_return;
+}
+
+/*
+ * Find the named alias, remove it from the tree and return it.
+ */
+struct alias *
+alias_remove(struct sudoers_parse_tree *parse_tree, char *name, int type)
+{
+    struct rbnode *node;
+    struct alias key;
+    debug_decl(alias_remove, SUDOERS_DEBUG_ALIAS)
+
+    if (parse_tree->aliases != NULL) {
+	key.name = name;
+	key.type = type;
+	if ((node = rbfind(parse_tree->aliases, &key)) != NULL)
+	    debug_return_ptr(rbdelete(parse_tree->aliases, node));
+    }
+    errno = ENOENT;
+    debug_return_ptr(NULL);
+}
+
+struct rbtree *
+alloc_aliases(void)
+{
+    debug_decl(alloc_aliases, SUDOERS_DEBUG_ALIAS)
+
+    debug_return_ptr(rbcreate(alias_compare));
+}
+
+void
+free_aliases(struct rbtree *aliases)
+{
+    debug_decl(free_aliases, SUDOERS_DEBUG_ALIAS)
+
+    if (aliases != NULL)
+	rbdestroy(aliases, alias_free);
+}
+
+const char *
+alias_type_to_string(int alias_type)
+{
+    return alias_type == HOSTALIAS ? "Host_Alias" :
+	alias_type == CMNDALIAS ? "Cmnd_Alias" :
+	alias_type == USERALIAS ? "User_Alias" :
+	alias_type == RUNASALIAS ? "Runas_Alias" :
+	"Invalid_Alias";
+}
+
+/*
+ * Remove the alias of the specified type as well as any other aliases
+ * referenced by that alias.  Stores removed aliases in a freelist.
+ */
+static bool
+alias_remove_recursive(struct sudoers_parse_tree *parse_tree, char *name,
+    int type, struct rbtree *freelist)
+{
+    struct member *m;
+    struct alias *a;
+    bool ret = true;
+    debug_decl(alias_remove_recursive, SUDOERS_DEBUG_ALIAS)
+
+    if ((a = alias_remove(parse_tree, name, type)) != NULL) {
+	TAILQ_FOREACH(m, &a->members, entries) {
+	    if (m->type == ALIAS) {
+		if (!alias_remove_recursive(parse_tree, m->name, type, freelist))
+		    ret = false;
+	    }
+	}
+	if (rbinsert(freelist, a, NULL) != 0)
+	    ret = false;
+    }
+    debug_return_bool(ret);
+}
+
+static int
+alias_find_used_members(struct sudoers_parse_tree *parse_tree,
+    struct member_list *members, int atype, struct rbtree *used_aliases)
+{
+    struct member *m;
+    int errors = 0;
+    debug_decl(alias_find_used_members, SUDOERS_DEBUG_ALIAS)
+
+    if (members != NULL) {
+	TAILQ_FOREACH(m, members, entries) {
+	    if (m->type != ALIAS)
+		continue;
+	    if (!alias_remove_recursive(parse_tree, m->name, atype, used_aliases))
+		errors++;
+	}
+    }
+
+    debug_return_int(errors);
+}
+
+/*
+ * Move all aliases referenced by userspecs to used_aliases.
+ */
+bool
+alias_find_used(struct sudoers_parse_tree *parse_tree, struct rbtree *used_aliases)
+{
+    struct privilege *priv;
+    struct userspec *us;
+    struct cmndspec *cs;
+    struct defaults *d;
+    struct member *m;
+    int errors = 0;
+    debug_decl(alias_find_used, SUDOERS_DEBUG_ALIAS)
+
+    /* Move referenced aliases to used_aliases. */
+    TAILQ_FOREACH(us, &parse_tree->userspecs, entries) {
+	errors += alias_find_used_members(parse_tree, &us->users,
+	    USERALIAS, used_aliases);
+	TAILQ_FOREACH(priv, &us->privileges, entries) {
+	    errors += alias_find_used_members(parse_tree, &priv->hostlist,
+		HOSTALIAS, used_aliases);
+	    TAILQ_FOREACH(cs, &priv->cmndlist, entries) {
+		errors += alias_find_used_members(parse_tree, cs->runasuserlist,
+		    RUNASALIAS, used_aliases);
+		errors += alias_find_used_members(parse_tree, cs->runasgrouplist,
+		    RUNASALIAS, used_aliases);
+		if ((m = cs->cmnd)->type == ALIAS) {
+		    if (!alias_remove_recursive(parse_tree, m->name, CMNDALIAS,
+			used_aliases))
+			errors++;
+		}
+	    }
+	}
+    }
+    TAILQ_FOREACH(d, &parse_tree->defaults, entries) {
+	switch (d->type) {
+	    case DEFAULTS_HOST:
+		errors += alias_find_used_members(parse_tree, d->binding,
+		    HOSTALIAS, used_aliases);
+		break;
+	    case DEFAULTS_USER:
+		errors += alias_find_used_members(parse_tree, d->binding,
+		    USERALIAS, used_aliases);
+		break;
+	    case DEFAULTS_RUNAS:
+		errors += alias_find_used_members(parse_tree, d->binding,
+		    RUNASALIAS, used_aliases);
+		break;
+	    case DEFAULTS_CMND:
+		errors += alias_find_used_members(parse_tree, d->binding,
+		    CMNDALIAS, used_aliases);
+		break;
+	    default:
+		break;
+	}
+    }
+
+    debug_return_int(errors ? false : true);
+}
diff --git a/plugins/sudoers/audit.c b/plugins/sudoers/audit.c
new file mode 100644
index 0000000..1b802c3
--- /dev/null
+++ b/plugins/sudoers/audit.c
@@ -0,0 +1,102 @@
+/*
+ * Copyright (c) 2009-2015 Todd C. Miller <Todd.Miller@sudo.ws>
+ *
+ * Permission to use, copy, modify, and distribute this software for any
+ * purpose with or without fee is hereby granted, provided that the above
+ * copyright notice and this permission notice appear in all copies.
+ *
+ * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
+ * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
+ * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
+ * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
+ * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
+ * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
+ * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
+ */
+
+/*
+ * This is an open source non-commercial project. Dear PVS-Studio, please check it.
+ * PVS-Studio Static Code Analyzer for C, C++ and C#: http://www.viva64.com
+ */
+
+#include <config.h>
+
+#include <sys/types.h>
+#include <stdio.h>
+#include <stdlib.h>
+
+#include "sudoers.h"
+
+#ifdef HAVE_BSM_AUDIT
+# include "bsm_audit.h"
+#endif
+#ifdef HAVE_LINUX_AUDIT
+# include "linux_audit.h"
+#endif
+#ifdef HAVE_SOLARIS_AUDIT
+# include "solaris_audit.h"
+#endif
+
+int
+audit_success(int argc, char *argv[])
+{
+    int rc = 0;
+    debug_decl(audit_success, SUDOERS_DEBUG_AUDIT)
+
+    if (argv != NULL) {
+#ifdef HAVE_BSM_AUDIT
+	if (bsm_audit_success(argv) == -1)
+	    rc = -1;
+#endif
+#ifdef HAVE_LINUX_AUDIT
+	if (linux_audit_command(argv, 1) == -1)
+	    rc = -1;
+#endif
+#ifdef HAVE_SOLARIS_AUDIT
+	if (solaris_audit_success(argc, argv) == -1)
+	    rc = -1;
+#endif
+    }
+
+    debug_return_int(rc);
+}
+
+int
+audit_failure(int argc, char *argv[], char const *const fmt, ...)
+{
+    int rc = 0;
+    debug_decl(audit_success, SUDOERS_DEBUG_AUDIT)
+
+#if defined(HAVE_BSM_AUDIT) || defined(HAVE_LINUX_AUDIT)
+    if (argv != NULL) {
+	va_list ap;
+	int oldlocale;
+
+	/* Audit error messages should be in the sudoers locale. */
+	sudoers_setlocale(SUDOERS_LOCALE_SUDOERS, &oldlocale);
+
+#ifdef HAVE_BSM_AUDIT
+	va_start(ap, fmt);
+	if (bsm_audit_failure(argv, _(fmt), ap) == -1)
+	    rc = -1;
+	va_end(ap);
+#endif
+#ifdef HAVE_LINUX_AUDIT
+	va_start(ap, fmt);
+	if (linux_audit_command(argv, 0) == -1)
+	    rc = -1;
+	va_end(ap);
+#endif
+#ifdef HAVE_SOLARIS_AUDIT
+	va_start(ap, fmt);
+	if (solaris_audit_failure(argc, argv, _(fmt), ap) == -1)
+	    rc = -1;
+	va_end(ap);
+#endif
+
+	sudoers_setlocale(oldlocale, NULL);
+    }
+#endif /* HAVE_BSM_AUDIT || HAVE_LINUX_AUDIT */
+
+    debug_return_int(rc);
+}
diff --git a/plugins/sudoers/auth/API b/plugins/sudoers/auth/API
new file mode 100644
index 0000000..901cc88
--- /dev/null
+++ b/plugins/sudoers/auth/API
@@ -0,0 +1,135 @@
+NOTE: the Sudo auth API is subject to change
+
+Purpose: to provide a simple API for authentication methods that
+         encapsulates things nicely without turning into a maze
+	 of #ifdef's
+
+The sudo_auth struct looks like this:
+
+typedef struct sudo_auth {
+    int flags;                  /* various flags, see below */
+    int status;                 /* status from verify routine */
+    char *name;			/* name of the method in string form */
+    void *data;                 /* method-specific data pointer */
+
+    int (*init)(struct passwd *pw, sudo_auth *auth);
+    int (*setup)(struct passwd *pw, char **prompt, sudo_auth *auth);
+    int (*verify)(struct passwd *pw, char *p, sudo_auth *auth, struct sudo_conv_callback *callback);
+    int (*approval)(struct passwd *pw, sudo_auth *auth);
+    int (*cleanup)(struct passwd *pw, sudo_auth *auth);
+    int (*begin_session)(struct passwd *pw, char **user_env[], struct sudo_auth *auth);
+    int (*end_session)(struct passwd *pw, struct sudo_auth *auth);
+} sudo_auth;
+
+The variables in the struct are as follows:
+    flags	Bitwise binary flags, see below.
+
+    status	Contains the return value from the last run of
+		the "verify" function.  Starts out as AUTH_FAILURE.
+
+    name	The name of the authentication method as a C string.
+
+    data	A pointer to method-specific data.  This is passed to
+		all the functions of an auth method and is usually
+		initialized in the "init" or "setup" routines.
+
+Possible values of sudo_auth.flags:
+    FLAG_DISABLED	Set if an "init" or "setup" function fails.
+
+    FLAG_STANDALONE	If set, this indicates that the method must
+			be the only auth method configured, and that
+			it will prompt for the password itself.
+
+    FLAG_ONEANDONLY	If set, this indicates that the method is the
+			only one in use.  Can be used by auth functions
+			to determine whether to return a fatal or nonfatal
+			error.
+
+The member functions can return the following values:
+    AUTH_SUCCESS	Function succeeded.  For a ``verify'' function
+			this means the user correctly authenticated.
+
+    AUTH_FAILURE	Function failed.  If this is an ``init'' or
+			``setup'' routine, the auth method will be
+			marked as !configured.
+
+    AUTH_FATAL		A fatal error occurred.  The routine should have
+			written an error message to stderr and optionally
+			sent mail to the administrator.
+			When verify_user() gets AUTH_FATAL from an auth
+			function it does an exit(1).
+
+The functions in the struct are as follows:
+
+    int init(struct passwd *pw, sudo_auth *auth)
+        Function to do any one-time initialization for the auth
+        method.  All of the "init" functions are run before anything
+        else.
+
+    int setup(struct passwd *pw, char **prompt, sudo_auth *auth)
+        Function to do method-specific setup.  All the "setup"
+        routines are run before any of the "verify" routines.  A
+        pointer to the prompt string may be used to add method-specific
+        info to the prompt.
+
+    int verify(struct passwd *pw, char *p, sudo_auth *auth, struct sudo_conv_callback *callback)
+        Function to do user verification for this auth method.  For
+        standalone auth methods ``p'' is the prompt string.  For
+        normal auth methods, ``p'' is the password the user entered.
+	The callback should be passed to auth_getpass() to allow sudoers
+	to unlock the ticket file when sudo is suspended.
+        Note that standalone auth methods are responsible for
+        rerading the password themselves.
+
+    int approval(struct passwd *pw, struct sudo_auth *auth)
+	Function to perform account management and approval *after*
+	the user has authenticated successfully.  This function may
+	check for expired accounts, perform time of day restrictions, etc.
+	For PAM, this calls pam_acct_mgmt().  For BSD auth, it calls
+	auth_approval().
+
+    int cleanup(struct passwd *pw, sudo_auth *auth)
+        Function to do per-auth method cleanup.  This is only run
+        at the end of the authentication process, after the user
+        has completely failed or succeeded to authenticate.
+	The ``auth->status'' variable contains the result of the
+	last authentication attempt which may be interesting.
+
+    int begin_session(struct passwd *pw, char **user_env[], struct sudo_auth *auth)
+	Function to begin a user session.  This is used for session handling
+	in PAM and SIA.
+
+    int end_session(struct passwd *pw, struct sudo_auth *auth)
+	Function to end a user session.  This is used for session handling
+	in PAM and SIA.
+
+A note about standalone methods.  Some authentication methods can't
+coexist with any others.  This may be because they encapsulate other
+methods (pam, sia) or because they have a special way of interacting
+with the user (securid).
+
+Adding a new authentication method:
+
+Each method should live in its own file.  Add prototypes for the functions
+in sudo_auth.h.
+
+Add the method to the ``auth_switch'' in sudo_auth.c.  Note that
+standalone methods must go first.  If ``fooauth'' is a normal auth
+method, its entry would look like:
+
+#ifdef HAVE_FOOAUTH
+AUTH_ENTRY("foo", 0, foo_init, foo_setup, foo_verify,
+    foo_cleanup, foo_begin_session, foo_end_session)
+#endif
+
+If this is a standalone method, it would be:
+
+#ifdef HAVE_FOOAUTH
+AUTH_ENTRY("foo", FLAG_STANDALONE, foo_init, foo_setup, foo_verify,
+    foo_cleanup, foo_begin_session, foo_end_session)
+#endif
+
+If the method needs to run as the user, not root, add FLAG_USER to
+the second argument in the  AUTH_ENTRY line.  If you don't have an
+init/setup/cleanup/begin/end routine, just use a NULL for that
+field.
diff --git a/plugins/sudoers/auth/afs.c b/plugins/sudoers/auth/afs.c
new file mode 100644
index 0000000..fa40e05
--- /dev/null
+++ b/plugins/sudoers/auth/afs.c
@@ -0,0 +1,83 @@
+/*
+ * Copyright (c) 1999, 2001-2005, 2007, 2010-2012, 2014-2015
+ *	Todd C. Miller <Todd.Miller@sudo.ws>
+ *
+ * Permission to use, copy, modify, and distribute this software for any
+ * purpose with or without fee is hereby granted, provided that the above
+ * copyright notice and this permission notice appear in all copies.
+ *
+ * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
+ * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
+ * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
+ * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
+ * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
+ * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
+ * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
+ *
+ * Sponsored in part by the Defense Advanced Research Projects
+ * Agency (DARPA) and Air Force Research Laboratory, Air Force
+ * Materiel Command, USAF, under agreement number F39502-99-1-0512.
+ */
+
+/*
+ * This is an open source non-commercial project. Dear PVS-Studio, please check it.
+ * PVS-Studio Static Code Analyzer for C, C++ and C#: http://www.viva64.com
+ */
+
+#include <config.h>
+
+#ifdef HAVE_AFS
+
+#include <sys/types.h>
+#include <stdio.h>
+#include <stdlib.h>
+#ifdef HAVE_STRING_H
+# include <string.h>
+#endif /* HAVE_STRING_H */
+#ifdef HAVE_STRINGS_H
+# include <strings.h>
+#endif /* HAVE_STRING_H */
+#include <unistd.h>
+#include <pwd.h>
+
+#include <afs/stds.h>
+#include <afs/kautils.h>
+
+#include "sudoers.h"
+#include "sudo_auth.h"
+
+int
+sudo_afs_verify(struct passwd *pw, char *pass, sudo_auth *auth, struct sudo_conv_callback *callback)
+{
+    struct ktc_encryptionKey afs_key;
+    struct ktc_token afs_token;
+    debug_decl(sudo_afs_verify, SUDOERS_DEBUG_AUTH)
+
+    /* Try to just check the password */
+    ka_StringToKey(pass, NULL, &afs_key);
+    if (ka_GetAdminToken(pw->pw_name,		/* name */
+			 NULL,			/* instance */
+			 NULL,			/* realm */
+			 &afs_key,		/* key (contains password) */
+			 0,			/* lifetime */
+			 &afs_token,		/* token */
+			 0) == 0)		/* new */
+	debug_return_int(AUTH_SUCCESS);
+
+    /* Fall back on old method XXX - needed? */
+    setpag();
+    if (ka_UserAuthenticateGeneral(KA_USERAUTH_VERSION+KA_USERAUTH_DOSETPAG,
+				   pw->pw_name,	/* name */
+				   NULL,	/* instance */
+				   NULL,	/* realm */
+				   pass,	/* password */
+				   0,		/* lifetime */
+				   NULL,	/* expiration ptr (unused) */
+				   0,		/* spare */
+				   NULL) == 0)	/* reason */
+	debug_return_int(AUTH_SUCCESS);
+
+    debug_return_int(AUTH_FAILURE);
+}
+
+#endif HAVE_AFS
diff --git a/plugins/sudoers/auth/aix_auth.c b/plugins/sudoers/auth/aix_auth.c
new file mode 100644
index 0000000..b4dc052
--- /dev/null
+++ b/plugins/sudoers/auth/aix_auth.c
@@ -0,0 +1,193 @@
+/*
+ * Copyright (c) 1999-2005, 2007-2018 Todd C. Miller <Todd.Miller@sudo.ws>
+ *
+ * Permission to use, copy, modify, and distribute this software for any
+ * purpose with or without fee is hereby granted, provided that the above
+ * copyright notice and this permission notice appear in all copies.
+ *
+ * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
+ * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
+ * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
+ * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
+ * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
+ * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
+ * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
+ *
+ * Sponsored in part by the Defense Advanced Research Projects
+ * Agency (DARPA) and Air Force Research Laboratory, Air Force
+ * Materiel Command, USAF, under agreement number F39502-99-1-0512.
+ */
+
+/*
+ * This is an open source non-commercial project. Dear PVS-Studio, please check it.
+ * PVS-Studio Static Code Analyzer for C, C++ and C#: http://www.viva64.com
+ */
+
+#include <config.h>
+
+#ifdef HAVE_AIXAUTH
+
+#include <sys/types.h>
+#include <stdio.h>
+#include <stdlib.h>
+#ifdef HAVE_STRING_H
+# include <string.h>
+#endif /* HAVE_STRING_H */
+#ifdef HAVE_STRINGS_H
+# include <strings.h>
+#endif /* HAVE_STRING_H */
+#include <unistd.h>
+#include <ctype.h>
+#include <pwd.h>
+#include <usersec.h>
+
+#include "sudoers.h"
+#include "sudo_auth.h"
+
+/*
+ * For a description of the AIX authentication API, see
+ * http://publib16.boulder.ibm.com/doc_link/en_US/a_doc_lib/libs/basetrf1/authenticate.htm
+ */
+
+#ifdef HAVE_PAM
+# define AIX_AUTH_UNKNOWN	0
+# define AIX_AUTH_STD		1
+# define AIX_AUTH_PAM		2
+
+static int
+sudo_aix_authtype(void)
+{
+    size_t linesize = 0;
+    ssize_t len;
+    char *cp, *line = NULL;
+    bool in_stanza = false;
+    int authtype = AIX_AUTH_UNKNOWN;
+    FILE *fp;
+    debug_decl(sudo_aix_authtype, SUDOERS_DEBUG_AUTH)
+
+    if ((fp = fopen("/etc/security/login.cfg", "r")) != NULL) {
+	while (authtype == AIX_AUTH_UNKNOWN && (len = getline(&line, &linesize, fp)) != -1) {
+	    /* First remove comments. */
+	    if ((cp = strchr(line, '#')) != NULL) {
+		*cp = '\0';
+		len = (ssize_t)(cp - line);
+	    }
+
+	    /* Next remove trailing newlines and whitespace. */
+	    while (len > 0 && isspace((unsigned char)line[len - 1]))
+		line[--len] = '\0';
+
+	    /* Skip blank lines. */
+	    if (len == 0)
+		continue;
+
+	    /* Match start of the usw stanza. */
+	    if (!in_stanza) {
+		if (strncmp(line, "usw:", 4) == 0)
+		    in_stanza = true;
+		continue;
+	    }
+
+	    /* Check for end of the usw stanza. */
+	    if (!isblank((unsigned char)line[0])) {
+		in_stanza = false;
+		break;
+	    }
+
+	    /* Skip leading blanks. */
+	    cp = line;
+	    do {
+		cp++;
+	    } while (isblank((unsigned char)*cp));
+
+	    /* Match "auth_type = (PAM_AUTH|STD_AUTH)". */
+	    if (strncmp(cp, "auth_type", 9) != 0)
+		continue;
+	    cp += 9;
+	    while (isblank((unsigned char)*cp))
+		cp++;
+	    if (*cp++ != '=')
+		continue;
+	    while (isblank((unsigned char)*cp))
+		cp++;
+	    if (strcmp(cp, "PAM_AUTH") == 0)
+		authtype = AIX_AUTH_PAM;
+	    else if (strcmp(cp, "STD_AUTH") == 0)
+		authtype = AIX_AUTH_STD;
+	}
+	free(line);
+        fclose(fp);
+    }
+
+    debug_return_int(authtype);
+}
+#endif /* HAVE_PAM */
+
+int
+sudo_aix_init(struct passwd *pw, sudo_auth *auth)
+{
+    debug_decl(sudo_aix_init, SUDOERS_DEBUG_AUTH)
+
+#ifdef HAVE_PAM
+    /* Check auth_type in /etc/security/login.cfg. */
+    if (sudo_aix_authtype() == AIX_AUTH_PAM) {
+	if (sudo_pam_init_quiet(pw, auth) == AUTH_SUCCESS) {
+	    /* Fail AIX authentication so we can use PAM instead. */
+	    debug_return_int(AUTH_FAILURE);
+	}
+    }
+#endif
+    debug_return_int(AUTH_SUCCESS);
+}
+
+int
+sudo_aix_verify(struct passwd *pw, char *prompt, sudo_auth *auth, struct sudo_conv_callback *callback)
+{
+    char *pass, *message = NULL;
+    int result = 1, reenter = 0;
+    int ret = AUTH_SUCCESS;
+    debug_decl(sudo_aix_verify, SUDOERS_DEBUG_AUTH)
+
+    do {
+	pass = auth_getpass(prompt, SUDO_CONV_PROMPT_ECHO_OFF, callback);
+	if (pass == NULL)
+	    break;
+	free(message);
+	message = NULL;
+	result = authenticate(pw->pw_name, pass, &reenter, &message);
+	memset_s(pass, SUDO_CONV_REPL_MAX, 0, strlen(pass));
+	free(pass);
+	prompt = message;
+    } while (reenter);
+
+    if (result != 0) {
+	/* Display error message, if any. */
+	if (message != NULL) {
+	    struct sudo_conv_message msg;
+	    struct sudo_conv_reply repl;
+
+	    memset(&msg, 0, sizeof(msg));
+	    msg.msg_type = SUDO_CONV_ERROR_MSG;
+	    msg.msg = message;
+	    memset(&repl, 0, sizeof(repl));
+	    sudo_conv(1, &msg, &repl, NULL);
+	}
+	ret = pass ? AUTH_FAILURE : AUTH_INTR;
+    }
+    free(message);
+    debug_return_int(ret);
+}
+
+int
+sudo_aix_cleanup(struct passwd *pw, sudo_auth *auth)
+{
+    debug_decl(sudo_aix_cleanup, SUDOERS_DEBUG_AUTH)
+
+    /* Unset AUTHSTATE as it may not be correct for the runas user. */
+    if (sudo_unsetenv("AUTHSTATE") == -1)
+	debug_return_int(AUTH_FAILURE);
+
+    debug_return_int(AUTH_SUCCESS);
+}
+
+#endif /* HAVE_AIXAUTH */
diff --git a/plugins/sudoers/auth/bsdauth.c b/plugins/sudoers/auth/bsdauth.c
new file mode 100644
index 0000000..7357214
--- /dev/null
+++ b/plugins/sudoers/auth/bsdauth.c
@@ -0,0 +1,205 @@
+/*
+ * Copyright (c) 2000-2005, 2007-2008, 2010-2015
+ *	Todd C. Miller <Todd.Miller@sudo.ws>
+ *
+ * Permission to use, copy, modify, and distribute this software for any
+ * purpose with or without fee is hereby granted, provided that the above
+ * copyright notice and this permission notice appear in all copies.
+ *
+ * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
+ * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
+ * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
+ * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
+ * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
+ * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
+ * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
+ *
+ * Sponsored in part by the Defense Advanced Research Projects
+ * Agency (DARPA) and Air Force Research Laboratory, Air Force
+ * Materiel Command, USAF, under agreement number F39502-99-1-0512.
+ */
+
+/*
+ * This is an open source non-commercial project. Dear PVS-Studio, please check it.
+ * PVS-Studio Static Code Analyzer for C, C++ and C#: http://www.viva64.com
+ */
+
+#include <config.h>
+
+#ifdef HAVE_BSD_AUTH_H
+
+#include <sys/types.h>
+#include <stdio.h>
+#include <stdlib.h>
+#ifdef HAVE_STRING_H
+# include <string.h>
+#endif /* HAVE_STRING_H */
+#ifdef HAVE_STRINGS_H
+# include <strings.h>
+#endif /* HAVE_STRING_H */
+#include <unistd.h>
+#include <ctype.h>
+#include <pwd.h>
+#include <signal.h>
+
+#include <login_cap.h>
+#include <bsd_auth.h>
+
+#include "sudoers.h"
+#include "sudo_auth.h"
+
+# ifndef LOGIN_DEFROOTCLASS
+#  define LOGIN_DEFROOTCLASS	"daemon"
+# endif
+
+struct bsdauth_state {
+    auth_session_t *as;
+    login_cap_t *lc;
+};
+
+int
+bsdauth_init(struct passwd *pw, sudo_auth *auth)
+{
+    static struct bsdauth_state state;
+    debug_decl(bsdauth_init, SUDOERS_DEBUG_AUTH)
+
+    /* Get login class based on auth user, which may not be invoking user. */
+    if (pw->pw_class && *pw->pw_class)
+	state.lc = login_getclass(pw->pw_class);
+    else
+	state.lc = login_getclass(pw->pw_uid ? LOGIN_DEFCLASS : LOGIN_DEFROOTCLASS);
+    if (state.lc == NULL) {
+	log_warning(0,
+	    N_("unable to get login class for user %s"), pw->pw_name);
+	debug_return_int(AUTH_FATAL);
+    }
+
+    if ((state.as = auth_open()) == NULL) {
+	log_warning(0, N_("unable to begin bsd authentication"));
+	login_close(state.lc);
+	debug_return_int(AUTH_FATAL);
+    }
+
+    /* XXX - maybe sanity check the auth style earlier? */
+    login_style = login_getstyle(state.lc, login_style, "auth-sudo");
+    if (login_style == NULL) {
+	log_warningx(0, N_("invalid authentication type"));
+	auth_close(state.as);
+	login_close(state.lc);
+	debug_return_int(AUTH_FATAL);
+    }
+
+     if (auth_setitem(state.as, AUTHV_STYLE, login_style) < 0 ||
+	auth_setitem(state.as, AUTHV_NAME, pw->pw_name) < 0 ||
+	auth_setitem(state.as, AUTHV_CLASS, login_class) < 0) {
+	log_warningx(0, N_("unable to initialize BSD authentication"));
+	auth_close(state.as);
+	login_close(state.lc);
+	debug_return_int(AUTH_FATAL);
+    }
+
+    auth->data = (void *) &state;
+    debug_return_int(AUTH_SUCCESS);
+}
+
+int
+bsdauth_verify(struct passwd *pw, char *prompt, sudo_auth *auth, struct sudo_conv_callback *callback)
+{
+    char *pass;
+    char *s;
+    size_t len;
+    int authok = 0;
+    struct sigaction sa, osa;
+    auth_session_t *as = ((struct bsdauth_state *) auth->data)->as;
+    debug_decl(bsdauth_verify, SUDOERS_DEBUG_AUTH)
+
+    /* save old signal handler */
+    sigemptyset(&sa.sa_mask);
+    sa.sa_flags = SA_RESTART;
+    sa.sa_handler = SIG_DFL;
+    (void) sigaction(SIGCHLD, &sa, &osa);
+
+    /*
+     * If there is a challenge then print that instead of the normal
+     * prompt.  If the user just hits return we prompt again with echo
+     * turned on, which is useful for challenge/response things like
+     * S/Key.
+     */
+    if ((s = auth_challenge(as)) == NULL) {
+	pass = auth_getpass(prompt, SUDO_CONV_PROMPT_ECHO_OFF, callback);
+    } else {
+	pass = auth_getpass(s, SUDO_CONV_PROMPT_ECHO_OFF, callback);
+	if (pass && *pass == '\0') {
+	    if ((prompt = strrchr(s, '\n')))
+		prompt++;
+	    else
+		prompt = s;
+
+	    /*
+	     * Append '[echo on]' to the last line of the challenge and
+	     * reprompt with echo turned on.
+	     */
+	    len = strlen(prompt) - 1;
+	    while (isspace(prompt[len]) || prompt[len] == ':')
+		prompt[len--] = '\0';
+	    if (asprintf(&s, "%s [echo on]: ", prompt) == -1) {
+		log_warningx(0, N_("unable to allocate memory"));
+		debug_return_int(AUTH_FATAL);
+	    }
+	    free(pass);
+	    pass = auth_getpass(s, SUDO_CONV_PROMPT_ECHO_ON, callback);
+	    free(s);
+	}
+    }
+
+    if (pass) {
+	authok = auth_userresponse(as, pass, 1);
+	memset_s(pass, SUDO_CONV_REPL_MAX, 0, strlen(pass));
+	free(pass);
+    }
+
+    /* restore old signal handler */
+    (void) sigaction(SIGCHLD, &osa, NULL);
+
+    if (authok)
+	debug_return_int(AUTH_SUCCESS);
+
+    if (!pass)
+	debug_return_int(AUTH_INTR);
+
+    if ((s = auth_getvalue(as, "errormsg")) != NULL)
+	log_warningx(0, "%s", s);
+    debug_return_int(AUTH_FAILURE);
+}
+
+int
+bsdauth_approval(struct passwd *pw, sudo_auth *auth, bool exempt)
+{
+    struct bsdauth_state *state = auth->data;
+    debug_decl(bsdauth_approval, SUDOERS_DEBUG_AUTH)
+
+    if (auth_approval(state->as, state->lc, pw->pw_name, "auth-sudo") == 0) {
+	if (auth_getstate(state->as) & AUTH_EXPIRED)
+	    log_warningx(0, "%s", N_("your account has expired"));
+	else
+	    log_warningx(0, "%s", N_("approval failed"));
+	debug_return_int(AUTH_FAILURE);
+    }
+    debug_return_int(AUTH_SUCCESS);
+}
+
+int
+bsdauth_cleanup(struct passwd *pw, sudo_auth *auth)
+{
+    struct bsdauth_state *state = auth->data;
+    debug_decl(bsdauth_cleanup, SUDOERS_DEBUG_AUTH)
+
+    if (state != NULL) {
+	auth_close(state->as);
+	login_close(state->lc);
+    }
+
+    debug_return_int(AUTH_SUCCESS);
+}
+
+#endif /* HAVE_BSD_AUTH_H */
diff --git a/plugins/sudoers/auth/dce.c b/plugins/sudoers/auth/dce.c
new file mode 100644
index 0000000..0afe8c6
--- /dev/null
+++ b/plugins/sudoers/auth/dce.c
@@ -0,0 +1,196 @@
+/*
+ * Copyright (c) 1996, 1998-2005, 2010-2012, 2014-2015
+ *	Todd C. Miller <Todd.Miller@sudo.ws>
+ *
+ * Permission to use, copy, modify, and distribute this software for any
+ * purpose with or without fee is hereby granted, provided that the above
+ * copyright notice and this permission notice appear in all copies.
+ *
+ * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
+ * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
+ * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
+ * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
+ * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
+ * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
+ * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
+ *
+ * Sponsored in part by the Defense Advanced Research Projects
+ * Agency (DARPA) and Air Force Research Laboratory, Air Force
+ * Materiel Command, USAF, under agreement number F39502-99-1-0512.
+ */
+
+/*
+ * This is an open source non-commercial project. Dear PVS-Studio, please check it.
+ * PVS-Studio Static Code Analyzer for C, C++ and C#: http://www.viva64.com
+ */
+/*
+ *  The code below basically comes from the examples supplied on
+ *  the OSF DCE 1.0.3 manpages for the sec_login routines, with
+ *  enough additional polishing to make the routine work with the
+ *  rest of sudo.
+ *
+ *  This code is known to work on HP 700 and 800 series systems
+ *  running HP-UX 9.X and 10.X, with either HP's version 1.2.1 of DCE.
+ *  (aka, OSF DCE 1.0.3) or with HP's version 1.4 of DCE (aka, OSF
+ *  DCE 1.1).
+ */
+
+#include <config.h>
+
+#ifdef HAVE_DCE
+
+#include <sys/types.h>
+#include <stdio.h>
+#include <stdlib.h>
+#ifdef HAVE_STRING_H
+# include <string.h>
+#endif /* HAVE_STRING_H */
+#ifdef HAVE_STRINGS_H
+# include <strings.h>
+#endif /* HAVE_STRING_H */
+#include <unistd.h>
+#include <pwd.h>
+
+#include <dce/rpc.h>
+#include <dce/sec_login.h>
+#include <dce/dce_error.h> /* required to call dce_error_inq_text routine */
+
+#include "sudoers.h"
+#include "sudo_auth.h"
+
+static int check_dce_status(error_status_t, char *);
+
+int
+sudo_dce_verify(struct passwd *pw, char *plain_pw, sudo_auth *auth, struct sudo_conv_callback *callback)
+{
+    struct passwd		temp_pw;
+    sec_passwd_rec_t		password_rec;
+    sec_login_handle_t		login_context;
+    boolean32			reset_passwd;
+    sec_login_auth_src_t	auth_src;
+    error_status_t		status;
+    debug_decl(sudo_dce_verify, SUDOERS_DEBUG_AUTH)
+
+    /*
+     * Create the local context of the DCE principal necessary
+     * to perform authenticated network operations.  The network
+     * identity set up by this operation cannot be used until it
+     * is validated via sec_login_validate_identity().
+     */
+    if (sec_login_setup_identity((unsigned_char_p_t) pw->pw_name,
+	sec_login_no_flags, &login_context, &status)) {
+
+	if (check_dce_status(status, "sec_login_setup_identity(1):"))
+	    debug_return_int(AUTH_FAILURE);
+
+	password_rec.key.key_type = sec_passwd_plain;
+	password_rec.key.tagged_union.plain = (idl_char *) plain_pw;
+	password_rec.pepper = NULL;
+	password_rec.version_number = sec_passwd_c_version_none;
+
+	/* Validate the login context with the password */
+	if (sec_login_validate_identity(login_context, &password_rec,
+	    &reset_passwd, &auth_src, &status)) {
+
+	    if (check_dce_status(status, "sec_login_validate_identity(1):"))
+		debug_return_int(AUTH_FAILURE);
+
+	    /*
+	     * Certify that the DCE Security Server used to set
+	     * up and validate a login context is legitimate.  Makes
+	     * sure that we didn't get spoofed by another DCE server.
+	     */
+	    if (!sec_login_certify_identity(login_context, &status)) {
+		sudo_printf(SUDO_CONV_ERROR_MSG,
+		    "Whoa! Bogus authentication server!\n");
+		(void) check_dce_status(status,"sec_login_certify_identity(1):");
+		debug_return_int(AUTH_FAILURE);
+	    }
+	    if (check_dce_status(status, "sec_login_certify_identity(2):"))
+		debug_return_int(AUTH_FAILURE);
+
+	    /*
+	     * Sets the network credentials to those specified
+	     * by the now validated login context.
+	     */
+	    sec_login_set_context(login_context, &status);
+	    if (check_dce_status(status, "sec_login_set_context:"))
+		debug_return_int(AUTH_FAILURE);
+
+	    /*
+	     * Oops, your credentials were no good. Possibly
+	     * caused by clock times out of adjustment between
+	     * DCE client and DCE security server...
+	     */
+	    if (auth_src != sec_login_auth_src_network) {
+		    sudo_printf(SUDO_CONV_ERROR_MSG,
+			"You have no network credentials.\n");
+		    debug_return_int(AUTH_FAILURE);
+	    }
+	    /* Check if the password has aged and is thus no good */
+	    if (reset_passwd) {
+		    sudo_printf(SUDO_CONV_ERROR_MSG,
+			"Your DCE password needs resetting.\n");
+		    debug_return_int(AUTH_FAILURE);
+	    }
+
+	    /*
+	     * We should be a valid user by this point.  Pull the
+	     * user's password structure from the DCE security
+	     * server just to make sure.  If we get it with no
+	     * problems, then we really are legitimate...
+	     */
+	    sec_login_get_pwent(login_context, (sec_login_passwd_t) &temp_pw,
+		&status);
+	    if (check_dce_status(status, "sec_login_get_pwent:"))
+		debug_return_int(AUTH_FAILURE);
+
+	    /*
+	     * If we get to here, then the pwent above properly fetched
+	     * the password structure from the DCE registry, so the user
+	     * must be valid.  We don't really care what the user's
+	     * registry password is, just that the user could be
+	     * validated.  In fact, if we tried to compare the local
+	     * password to the DCE entry at this point, the operation
+	     * would fail if the hidden password feature is turned on,
+	     * because the password field would contain an asterisk.
+	     * Also go ahead and destroy the user's DCE login context
+	     * before we leave here (and don't bother checking the
+	     * status), in order to clean up credentials files in
+	     * /opt/dcelocal/var/security/creds.  By doing this, we are
+	     * assuming that the user will not need DCE authentication
+	     * later in the program, only local authentication.  If this
+	     * is not true, then the login_context will have to be
+	     * returned to the calling program, and the context purged
+	     * somewhere later in the program.
+	     */
+	    sec_login_purge_context(&login_context, &status);
+	    debug_return_int(AUTH_SUCCESS);
+	} else {
+	    if(check_dce_status(status, "sec_login_validate_identity(2):"))
+		debug_return_int(AUTH_FAILURE);
+	    sec_login_purge_context(&login_context, &status);
+	    if(check_dce_status(status, "sec_login_purge_context:"))
+		debug_return_int(AUTH_FAILURE);
+	}
+    }
+    (void) check_dce_status(status, "sec_login_setup_identity(2):");
+    debug_return_int(AUTH_FAILURE);
+}
+
+/* Returns 0 for DCE "ok" status, 1 otherwise */
+static int
+check_dce_status(error_status_t input_status, char *comment)
+{
+    int error_stat;
+    unsigned char error_string[dce_c_error_string_len];
+    debug_decl(check_dce_status, SUDOERS_DEBUG_AUTH)
+
+    if (input_status == rpc_s_ok)
+	debug_return_int(0);
+    dce_error_inq_text(input_status, error_string, &error_stat);
+    sudo_printf(SUDO_CONV_ERROR_MSG, "%s %s\n", comment, error_string);
+    debug_return_int(1);
+}
+
+#endif /* HAVE_DCE */
diff --git a/plugins/sudoers/auth/fwtk.c b/plugins/sudoers/auth/fwtk.c
new file mode 100644
index 0000000..36f7cd8
--- /dev/null
+++ b/plugins/sudoers/auth/fwtk.c
@@ -0,0 +1,154 @@
+/*
+ * Copyright (c) 1999-2005, 2008, 2010-2015
+ *	Todd C. Miller <Todd.Miller@sudo.ws>
+ *
+ * Permission to use, copy, modify, and distribute this software for any
+ * purpose with or without fee is hereby granted, provided that the above
+ * copyright notice and this permission notice appear in all copies.
+ *
+ * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
+ * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
+ * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
+ * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
+ * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
+ * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
+ * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
+ *
+ * Sponsored in part by the Defense Advanced Research Projects
+ * Agency (DARPA) and Air Force Research Laboratory, Air Force
+ * Materiel Command, USAF, under agreement number F39502-99-1-0512.
+ */
+
+/*
+ * This is an open source non-commercial project. Dear PVS-Studio, please check it.
+ * PVS-Studio Static Code Analyzer for C, C++ and C#: http://www.viva64.com
+ */
+
+#include <config.h>
+
+#ifdef HAVE_FWTK
+
+#include <sys/types.h>
+#include <stdio.h>
+#include <stdlib.h>
+#ifdef HAVE_STRING_H
+# include <string.h>
+#endif /* HAVE_STRING_H */
+#ifdef HAVE_STRINGS_H
+# include <strings.h>
+#endif /* HAVE_STRING_H */
+#include <unistd.h>
+#include <pwd.h>
+
+#include <auth.h>
+#include <firewall.h>
+
+#include "sudoers.h"
+#include "sudo_auth.h"
+
+int
+sudo_fwtk_init(struct passwd *pw, sudo_auth *auth)
+{
+    static Cfg *confp;			/* Configuration entry struct */
+    char resp[128];			/* Response from the server */
+    debug_decl(sudo_fwtk_init, SUDOERS_DEBUG_AUTH)
+
+    if ((confp = cfg_read("sudo")) == (Cfg *)-1) {
+	sudo_warnx(U_("unable to read fwtk config"));
+	debug_return_int(AUTH_FATAL);
+    }
+
+    if (auth_open(confp)) {
+	sudo_warnx(U_("unable to connect to authentication server"));
+	debug_return_int(AUTH_FATAL);
+    }
+
+    /* Get welcome message from auth server */
+    if (auth_recv(resp, sizeof(resp))) {
+	sudo_warnx(U_("lost connection to authentication server"));
+	debug_return_int(AUTH_FATAL);
+    }
+    if (strncmp(resp, "Authsrv ready", 13) != 0) {
+	sudo_warnx(U_("authentication server error:\n%s"), resp);
+	debug_return_int(AUTH_FATAL);
+    }
+
+    debug_return_int(AUTH_SUCCESS);
+}
+
+int
+sudo_fwtk_verify(struct passwd *pw, char *prompt, sudo_auth *auth, struct sudo_conv_callback *callback)
+{
+    char *pass;				/* Password from the user */
+    char buf[SUDO_CONV_REPL_MAX + 12];	/* General prupose buffer */
+    char resp[128];			/* Response from the server */
+    int error;
+    debug_decl(sudo_fwtk_verify, SUDOERS_DEBUG_AUTH)
+
+    /* Send username to authentication server. */
+    (void) snprintf(buf, sizeof(buf), "authorize %s 'sudo'", pw->pw_name);
+restart:
+    if (auth_send(buf) || auth_recv(resp, sizeof(resp))) {
+	sudo_warnx(U_("lost connection to authentication server"));
+	debug_return_int(AUTH_FATAL);
+    }
+
+    /* Get the password/response from the user. */
+    if (strncmp(resp, "challenge ", 10) == 0) {
+	(void) snprintf(buf, sizeof(buf), "%s\nResponse: ", &resp[10]);
+	pass = auth_getpass(buf, SUDO_CONV_PROMPT_ECHO_OFF, callback);
+	if (pass && *pass == '\0') {
+	    free(pass);
+	    pass = auth_getpass("Response [echo on]: ",
+		SUDO_CONV_PROMPT_ECHO_ON, callback);
+	}
+    } else if (strncmp(resp, "chalnecho ", 10) == 0) {
+	pass = auth_getpass(&resp[10], SUDO_CONV_PROMPT_ECHO_OFF, callback);
+    } else if (strncmp(resp, "password", 8) == 0) {
+	pass = auth_getpass(prompt, SUDO_CONV_PROMPT_ECHO_OFF, callback);
+    } else if (strncmp(resp, "display ", 8) == 0) {
+	sudo_printf(SUDO_CONV_INFO_MSG, "%s\n", &resp[8]);
+	strlcpy(buf, "response dummy", sizeof(buf));
+	goto restart;
+    } else {
+	sudo_warnx("%s", resp);
+	debug_return_int(AUTH_FATAL);
+    }
+    if (!pass) {			/* ^C or error */
+	debug_return_int(AUTH_INTR);
+    }
+
+    /* Send the user's response to the server */
+    (void) snprintf(buf, sizeof(buf), "response '%s'", pass);
+    if (auth_send(buf) || auth_recv(resp, sizeof(resp))) {
+	sudo_warnx(U_("lost connection to authentication server"));
+	error = AUTH_FATAL;
+	goto done;
+    }
+
+    if (strncmp(resp, "ok", 2) == 0) {
+	error = AUTH_SUCCESS;
+	goto done;
+    }
+
+    /* Main loop prints "Permission Denied" or insult. */
+    if (strcmp(resp, "Permission Denied.") != 0)
+	sudo_warnx("%s", resp);
+    error = AUTH_FAILURE;
+done:
+    memset_s(buf, sizeof(buf), 0, sizeof(buf));
+    memset_s(pass, SUDO_PASS_MAX, 0, strlen(pass));
+    free(pass);
+    debug_return_int(error);
+}
+
+int
+sudo_fwtk_cleanup(struct passwd *pw, sudo_auth *auth)
+{
+    debug_decl(sudo_fwtk_cleanup, SUDOERS_DEBUG_AUTH)
+
+    auth_close();
+    debug_return_int(AUTH_SUCCESS);
+}
+
+#endif /* HAVE_FWTK */
diff --git a/plugins/sudoers/auth/kerb5.c b/plugins/sudoers/auth/kerb5.c
new file mode 100644
index 0000000..247981c
--- /dev/null
+++ b/plugins/sudoers/auth/kerb5.c
@@ -0,0 +1,335 @@
+/*
+ * Copyright (c) 1999-2005, 2007-2008, 2010-2015
+ *	Todd C. Miller <Todd.Miller@sudo.ws>
+ *
+ * Permission to use, copy, modify, and distribute this software for any
+ * purpose with or without fee is hereby granted, provided that the above
+ * copyright notice and this permission notice appear in all copies.
+ *
+ * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
+ * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
+ * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
+ * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
+ * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
+ * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
+ * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
+ *
+ * Sponsored in part by the Defense Advanced Research Projects
+ * Agency (DARPA) and Air Force Research Laboratory, Air Force
+ * Materiel Command, USAF, under agreement number F39502-99-1-0512.
+ */
+
+/*
+ * This is an open source non-commercial project. Dear PVS-Studio, please check it.
+ * PVS-Studio Static Code Analyzer for C, C++ and C#: http://www.viva64.com
+ */
+
+#include <config.h>
+
+#ifdef HAVE_KERB5
+
+#include <sys/types.h>
+#include <stdio.h>
+#include <stdlib.h>
+#ifdef HAVE_STRING_H
+# include <string.h>
+#endif /* HAVE_STRING_H */
+#ifdef HAVE_STRINGS_H
+# include <strings.h>
+#endif /* HAVE_STRING_H */
+#include <unistd.h>
+#include <pwd.h>
+#include <krb5.h>
+#ifdef HAVE_HEIMDAL
+#include <com_err.h>
+#endif
+
+#include "sudoers.h"
+#include "sudo_auth.h"
+
+#ifdef HAVE_HEIMDAL
+# define extract_name(c, p)		krb5_principal_get_comp_string(c, p, 1)
+# define krb5_free_data_contents(c, d)	krb5_data_free(d)
+#else
+# define extract_name(c, p)		(krb5_princ_component(c, p, 1)->data)
+#endif
+
+#ifndef HAVE_KRB5_VERIFY_USER
+static int verify_krb_v5_tgt(krb5_context, krb5_creds *, char *);
+#endif
+static struct _sudo_krb5_data {
+    krb5_context	sudo_context;
+    krb5_principal	princ;
+    krb5_ccache		ccache;
+} sudo_krb5_data = { NULL, NULL, NULL };
+typedef struct _sudo_krb5_data *sudo_krb5_datap;
+
+#ifdef SUDO_KRB5_INSTANCE
+static const char *sudo_krb5_instance = SUDO_KRB5_INSTANCE;
+#else
+static const char *sudo_krb5_instance = NULL;
+#endif
+
+#ifndef HAVE_KRB5_GET_INIT_CREDS_OPT_ALLOC
+static krb5_error_code
+krb5_get_init_creds_opt_alloc(krb5_context context,
+    krb5_get_init_creds_opt **opts)
+{
+    *opts = malloc(sizeof(krb5_get_init_creds_opt));
+    if (*opts == NULL)
+	return KRB5_CC_NOMEM;
+    krb5_get_init_creds_opt_init(*opts);
+    return 0;
+}
+
+static void
+krb5_get_init_creds_opt_free(krb5_get_init_creds_opt *opts)
+{
+    free(opts);
+}
+#endif
+
+int
+sudo_krb5_setup(struct passwd *pw, char **promptp, sudo_auth *auth)
+{
+    static char	*krb5_prompt;
+    debug_decl(sudo_krb5_init, SUDOERS_DEBUG_AUTH)
+
+    if (krb5_prompt == NULL) {
+	krb5_context	sudo_context;
+	krb5_principal	princ;
+	char		*pname;
+	krb5_error_code	error;
+
+	sudo_context = ((sudo_krb5_datap) auth->data)->sudo_context;
+	princ = ((sudo_krb5_datap) auth->data)->princ;
+
+	/*
+	 * Really, we need to tell the caller not to prompt for password. The
+	 * API does not currently provide this unless the auth is standalone.
+	 */
+	if ((error = krb5_unparse_name(sudo_context, princ, &pname))) {
+	    log_warningx(0,
+		N_("%s: unable to convert principal to string ('%s'): %s"),
+		auth->name, pw->pw_name, error_message(error));
+	    debug_return_int(AUTH_FAILURE);
+	}
+
+	/* Only rewrite prompt if user didn't specify their own. */
+	/*if (!strcmp(prompt, PASSPROMPT)) { */
+	    if (asprintf(&krb5_prompt, "Password for %s: ", pname) == -1) {
+		log_warningx(0, N_("unable to allocate memory"));
+		free(pname);
+		debug_return_int(AUTH_FATAL);
+	    }
+	/*}*/
+	free(pname);
+    }
+    *promptp = krb5_prompt;
+
+    debug_return_int(AUTH_SUCCESS);
+}
+
+int
+sudo_krb5_init(struct passwd *pw, sudo_auth *auth)
+{
+    krb5_context	sudo_context;
+    krb5_error_code 	error;
+    char		cache_name[64], *pname = pw->pw_name;
+    debug_decl(sudo_krb5_init, SUDOERS_DEBUG_AUTH)
+
+    auth->data = (void *) &sudo_krb5_data; /* Stash all our data here */
+
+    if (sudo_krb5_instance != NULL) {
+	int len = asprintf(&pname, "%s%s%s", pw->pw_name,
+	    sudo_krb5_instance[0] != '/' ? "/" : "", sudo_krb5_instance);
+	if (len == -1) {
+	    log_warningx(0, N_("unable to allocate memory"));
+	    debug_return_int(AUTH_FATAL);
+	}
+    }
+
+#ifdef HAVE_KRB5_INIT_SECURE_CONTEXT
+    error = krb5_init_secure_context(&(sudo_krb5_data.sudo_context));
+#else
+    error = krb5_init_context(&(sudo_krb5_data.sudo_context));
+#endif
+    if (error)
+	goto done;
+    sudo_context = sudo_krb5_data.sudo_context;
+
+    error = krb5_parse_name(sudo_context, pname, &(sudo_krb5_data.princ));
+    if (error) {
+	log_warningx(0, N_("%s: unable to parse '%s': %s"), auth->name, pname,
+	    error_message(error));
+	goto done;
+    }
+
+    (void) snprintf(cache_name, sizeof(cache_name), "MEMORY:sudocc_%ld",
+		    (long) getpid());
+    if ((error = krb5_cc_resolve(sudo_context, cache_name,
+	&(sudo_krb5_data.ccache)))) {
+	log_warningx(0, N_("%s: unable to resolve credential cache: %s"),
+	    auth->name, error_message(error));
+	goto done;
+    }
+
+done:
+    if (sudo_krb5_instance != NULL)
+	free(pname);
+    debug_return_int(error ? AUTH_FAILURE : AUTH_SUCCESS);
+}
+
+#ifdef HAVE_KRB5_VERIFY_USER
+int
+sudo_krb5_verify(struct passwd *pw, char *pass, sudo_auth *auth, struct sudo_conv_callback *callback)
+{
+    krb5_context	sudo_context;
+    krb5_principal	princ;
+    krb5_ccache		ccache;
+    krb5_error_code	error;
+    debug_decl(sudo_krb5_verify, SUDOERS_DEBUG_AUTH)
+
+    sudo_context = ((sudo_krb5_datap) auth->data)->sudo_context;
+    princ = ((sudo_krb5_datap) auth->data)->princ;
+    ccache = ((sudo_krb5_datap) auth->data)->ccache;
+
+    error = krb5_verify_user(sudo_context, princ, ccache, pass, 1, NULL);
+    debug_return_int(error ? AUTH_FAILURE : AUTH_SUCCESS);
+}
+#else
+int
+sudo_krb5_verify(struct passwd *pw, char *pass, sudo_auth *auth, struct sudo_conv_callback *callback)
+{
+    krb5_context	sudo_context;
+    krb5_principal	princ;
+    krb5_creds		credbuf, *creds = NULL;
+    krb5_ccache		ccache;
+    krb5_error_code	error;
+    krb5_get_init_creds_opt *opts = NULL;
+    debug_decl(sudo_krb5_verify, SUDOERS_DEBUG_AUTH)
+
+    sudo_context = ((sudo_krb5_datap) auth->data)->sudo_context;
+    princ = ((sudo_krb5_datap) auth->data)->princ;
+    ccache = ((sudo_krb5_datap) auth->data)->ccache;
+
+    /* Set default flags based on the local config file. */
+    error = krb5_get_init_creds_opt_alloc(sudo_context, &opts);
+    if (error) {
+	log_warningx(0, N_("%s: unable to allocate options: %s"), auth->name,
+	    error_message(error));
+	goto done;
+    }
+#ifdef HAVE_HEIMDAL
+    krb5_get_init_creds_opt_set_default_flags(sudo_context, NULL,
+	krb5_principal_get_realm(sudo_context, princ), opts);
+#endif
+
+    /* Note that we always obtain a new TGT to verify the user */
+    if ((error = krb5_get_init_creds_password(sudo_context, &credbuf, princ,
+					     pass, krb5_prompter_posix,
+					     NULL, 0, NULL, opts))) {
+	/* Don't print error if just a bad password */
+	if (error != KRB5KRB_AP_ERR_BAD_INTEGRITY) {
+	    log_warningx(0, N_("%s: unable to get credentials: %s"),
+		auth->name, error_message(error));
+	}
+	goto done;
+    }
+    creds = &credbuf;
+
+    /* Verify the TGT to prevent spoof attacks. */
+    if ((error = verify_krb_v5_tgt(sudo_context, creds, auth->name)))
+	goto done;
+
+    /* Store credential in cache. */
+    if ((error = krb5_cc_initialize(sudo_context, ccache, princ))) {
+	log_warningx(0, N_("%s: unable to initialize credential cache: %s"),
+	    auth->name, error_message(error));
+    } else if ((error = krb5_cc_store_cred(sudo_context, ccache, creds))) {
+	log_warningx(0, N_("%s: unable to store credential in cache: %s"),
+	    auth->name, error_message(error));
+    }
+
+done:
+    if (opts) {
+#ifdef HAVE_KRB5_GET_INIT_CREDS_OPT_FREE_TWO_ARGS
+	krb5_get_init_creds_opt_free(sudo_context, opts);
+#else
+	krb5_get_init_creds_opt_free(opts);
+#endif
+    }
+    if (creds)
+	krb5_free_cred_contents(sudo_context, creds);
+    debug_return_int(error ? AUTH_FAILURE : AUTH_SUCCESS);
+}
+#endif
+
+int
+sudo_krb5_cleanup(struct passwd *pw, sudo_auth *auth)
+{
+    krb5_context	sudo_context;
+    krb5_principal	princ;
+    krb5_ccache		ccache;
+    debug_decl(sudo_krb5_cleanup, SUDOERS_DEBUG_AUTH)
+
+    sudo_context = ((sudo_krb5_datap) auth->data)->sudo_context;
+    princ = ((sudo_krb5_datap) auth->data)->princ;
+    ccache = ((sudo_krb5_datap) auth->data)->ccache;
+
+    if (sudo_context) {
+	if (ccache)
+	    krb5_cc_destroy(sudo_context, ccache);
+	if (princ)
+	    krb5_free_principal(sudo_context, princ);
+	krb5_free_context(sudo_context);
+    }
+
+    debug_return_int(AUTH_SUCCESS);
+}
+
+#ifndef HAVE_KRB5_VERIFY_USER
+/*
+ * Verify the Kerberos ticket-granting ticket just retrieved for the
+ * user.  If the Kerberos server doesn't respond, assume the user is
+ * trying to fake us out (since we DID just get a TGT from what is
+ * supposedly our KDC).
+ *
+ * Returns 0 for successful authentication, non-zero for failure.
+ */
+static int
+verify_krb_v5_tgt(krb5_context sudo_context, krb5_creds *cred, char *auth_name)
+{
+    krb5_error_code	error;
+    krb5_principal	server;
+    krb5_verify_init_creds_opt vopt;
+    debug_decl(verify_krb_v5_tgt, SUDOERS_DEBUG_AUTH)
+
+    /*
+     * Get the server principal for the local host.
+     * (Use defaults of "host" and canonicalized local name.)
+     */
+    if ((error = krb5_sname_to_principal(sudo_context, NULL, NULL,
+					KRB5_NT_SRV_HST, &server))) {
+	log_warningx(0, N_("%s: unable to get host principal: %s"), auth_name,
+	    error_message(error));
+	debug_return_int(-1);
+    }
+
+    /* Initialize verify opts and set secure mode */
+    krb5_verify_init_creds_opt_init(&vopt);
+    krb5_verify_init_creds_opt_set_ap_req_nofail(&vopt, 1);
+
+    /* verify the Kerberos ticket-granting ticket we just retrieved */
+    error = krb5_verify_init_creds(sudo_context, cred, server, NULL,
+				   NULL, &vopt);
+    krb5_free_principal(sudo_context, server);
+    if (error) {
+	log_warningx(0, N_("%s: Cannot verify TGT! Possible attack!: %s"),
+	    auth_name, error_message(error));
+    }
+    debug_return_int(error);
+}
+#endif
+
+#endif /* HAVE_KERB5 */
diff --git a/plugins/sudoers/auth/pam.c b/plugins/sudoers/auth/pam.c
new file mode 100644
index 0000000..129e4fe
--- /dev/null
+++ b/plugins/sudoers/auth/pam.c
@@ -0,0 +1,616 @@
+/*
+ * Copyright (c) 1999-2005, 2007-2018 Todd C. Miller <Todd.Miller@sudo.ws>
+ *
+ * Permission to use, copy, modify, and distribute this software for any
+ * purpose with or without fee is hereby granted, provided that the above
+ * copyright notice and this permission notice appear in all copies.
+ *
+ * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
+ * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
+ * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
+ * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
+ * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
+ * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
+ * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
+ *
+ * Sponsored in part by the Defense Advanced Research Projects
+ * Agency (DARPA) and Air Force Research Laboratory, Air Force
+ * Materiel Command, USAF, under agreement number F39502-99-1-0512.
+ */
+
+/*
+ * This is an open source non-commercial project. Dear PVS-Studio, please check it.
+ * PVS-Studio Static Code Analyzer for C, C++ and C#: http://www.viva64.com
+ */
+
+#include <config.h>
+
+#ifdef HAVE_PAM
+
+#include <sys/types.h>
+#include <stdio.h>
+#include <stdlib.h>
+#ifdef HAVE_STRING_H
+# include <string.h>
+#endif /* HAVE_STRING_H */
+#ifdef HAVE_STRINGS_H
+# include <strings.h>
+#endif /* HAVE_STRINGS_H */
+#include <unistd.h>
+#include <pwd.h>
+#include <errno.h>
+
+#ifdef HAVE_PAM_PAM_APPL_H
+# include <pam/pam_appl.h>
+#else
+# include <security/pam_appl.h>
+#endif
+
+#ifdef HAVE_LIBINTL_H
+# if defined(__LINUX_PAM__)
+#  define PAM_TEXT_DOMAIN	"Linux-PAM"
+# elif defined(__sun__)
+#  define PAM_TEXT_DOMAIN	"SUNW_OST_SYSOSPAM"
+# endif
+#endif
+
+/* We don't want to translate the strings in the calls to dgt(). */
+#ifdef PAM_TEXT_DOMAIN
+# define dgt(d, t)	dgettext(d, t)
+#endif
+
+#include "sudoers.h"
+#include "sudo_auth.h"
+
+/* Only OpenPAM and Linux PAM use const qualifiers. */
+#ifdef PAM_SUN_CODEBASE
+# define PAM_CONST
+#else
+# define PAM_CONST	const
+#endif
+
+/* Ambiguity in spec: is it an array of pointers or a pointer to an array? */
+#ifdef PAM_SUN_CODEBASE
+# define PAM_MSG_GET(msg, n) (*(msg) + (n))
+#else
+# define PAM_MSG_GET(msg, n) ((msg)[(n)])
+#endif
+
+#ifndef PAM_DATA_SILENT
+#define PAM_DATA_SILENT	0
+#endif
+
+static int converse(int, PAM_CONST struct pam_message **,
+		    struct pam_response **, void *);
+static struct sudo_conv_callback *conv_callback;
+static struct pam_conv pam_conv = { converse, &conv_callback };
+static char *def_prompt = PASSPROMPT;
+static bool getpass_error;
+static pam_handle_t *pamh;
+
+static int
+sudo_pam_init2(struct passwd *pw, sudo_auth *auth, bool quiet)
+{
+    static int pam_status = PAM_SUCCESS;
+    int rc;
+    debug_decl(sudo_pam_init, SUDOERS_DEBUG_AUTH)
+
+    /* Stash pointer to last pam status. */
+    auth->data = &pam_status;
+
+#ifdef _AIX
+    if (pamh != NULL) {
+	/* Already initialized (may happen with AIX). */
+	debug_return_int(AUTH_SUCCESS);
+    }
+#endif /* _AIX */
+
+    /* Initial PAM setup */
+    pam_status = pam_start(ISSET(sudo_mode, MODE_LOGIN_SHELL) ?
+	def_pam_login_service : def_pam_service, pw->pw_name, &pam_conv, &pamh);
+    if (pam_status != PAM_SUCCESS) {
+	if (!quiet)
+	    log_warning(0, N_("unable to initialize PAM"));
+	debug_return_int(AUTH_FATAL);
+    }
+
+    /*
+     * Set PAM_RUSER to the invoking user (the "from" user).
+     * We set PAM_RHOST to avoid a bug in Solaris 7 and below.
+     */
+    rc = pam_set_item(pamh, PAM_RUSER, user_name);
+    if (rc != PAM_SUCCESS) {
+	const char *errstr = pam_strerror(pamh, rc);
+	sudo_debug_printf(SUDO_DEBUG_ERROR|SUDO_DEBUG_LINENO,
+	    "pam_set_item(pamh, PAM_RUSER, %s): %s", user_name,
+	    errstr ? errstr : "unknown error");
+    }
+#ifdef __sun__
+    rc = pam_set_item(pamh, PAM_RHOST, user_host);
+    if (rc != PAM_SUCCESS) {
+	const char *errstr = pam_strerror(pamh, rc);
+	sudo_debug_printf(SUDO_DEBUG_ERROR|SUDO_DEBUG_LINENO,
+	    "pam_set_item(pamh, PAM_RHOST, %s): %s", user_host,
+	    errstr ? errstr : "unknown error");
+    }
+#endif
+
+    /*
+     * Some versions of pam_lastlog have a bug that
+     * will cause a crash if PAM_TTY is not set so if
+     * there is no tty, set PAM_TTY to the empty string.
+     */
+    rc = pam_set_item(pamh, PAM_TTY, user_ttypath ? user_ttypath : "");
+    if (rc != PAM_SUCCESS) {
+	const char *errstr = pam_strerror(pamh, rc);
+	sudo_debug_printf(SUDO_DEBUG_ERROR|SUDO_DEBUG_LINENO,
+	    "pam_set_item(pamh, PAM_TTY, %s): %s",
+	    user_ttypath ? user_ttypath : "", errstr ? errstr : "unknown error");
+    }
+
+    /*
+     * If PAM session and setcred support is disabled we don't
+     * need to keep a sudo process around to close the session.
+     */
+    if (!def_pam_session && !def_pam_setcred)
+	auth->end_session = NULL;
+
+    debug_return_int(AUTH_SUCCESS);
+}
+
+int
+sudo_pam_init(struct passwd *pw, sudo_auth *auth)
+{
+    return sudo_pam_init2(pw, auth, false);
+}
+
+#ifdef _AIX
+int
+sudo_pam_init_quiet(struct passwd *pw, sudo_auth *auth)
+{
+    return sudo_pam_init2(pw, auth, true);
+}
+#endif /* _AIX */
+
+int
+sudo_pam_verify(struct passwd *pw, char *prompt, sudo_auth *auth, struct sudo_conv_callback *callback)
+{
+    const char *s;
+    int *pam_status = (int *) auth->data;
+    debug_decl(sudo_pam_verify, SUDOERS_DEBUG_AUTH)
+
+    def_prompt = prompt;	/* for converse */
+    getpass_error = false;	/* set by converse if user presses ^C */
+    conv_callback = callback;	/* passed to conversation function */
+
+    /* PAM_SILENT prevents the authentication service from generating output. */
+    *pam_status = pam_authenticate(pamh, PAM_SILENT);
+    if (getpass_error) {
+	/* error or ^C from tgetpass() */
+	debug_return_int(AUTH_INTR);
+    }
+    switch (*pam_status) {
+	case PAM_SUCCESS:
+	    debug_return_int(AUTH_SUCCESS);
+	case PAM_AUTH_ERR:
+	case PAM_AUTHINFO_UNAVAIL:
+	case PAM_MAXTRIES:
+	case PAM_PERM_DENIED:
+	    sudo_debug_printf(SUDO_DEBUG_WARN|SUDO_DEBUG_LINENO,
+		"pam_authenticate: %d", *pam_status);
+	    debug_return_int(AUTH_FAILURE);
+	default:
+	    if ((s = pam_strerror(pamh, *pam_status)) != NULL)
+		log_warningx(0, N_("PAM authentication error: %s"), s);
+	    debug_return_int(AUTH_FATAL);
+    }
+}
+
+int
+sudo_pam_approval(struct passwd *pw, sudo_auth *auth, bool exempt)
+{
+    const char *s;
+    int rc, status = AUTH_SUCCESS;
+    int *pam_status = (int *) auth->data;
+    debug_decl(sudo_pam_approval, SUDOERS_DEBUG_AUTH)
+
+    rc = pam_acct_mgmt(pamh, PAM_SILENT);
+    switch (rc) {
+	case PAM_SUCCESS:
+	    break;
+	case PAM_AUTH_ERR:
+	    log_warningx(0, N_("account validation failure, "
+		"is your account locked?"));
+	    status = AUTH_FATAL;
+	    break;
+	case PAM_NEW_AUTHTOK_REQD:
+	    /* Ignore if user is exempt from password restrictions. */
+	    if (exempt) {
+		rc = *pam_status;
+		break;
+	    }
+	    /* New password required, try to change it. */
+	    log_warningx(0, N_("Account or password is "
+		"expired, reset your password and try again"));
+	    rc = pam_chauthtok(pamh, PAM_CHANGE_EXPIRED_AUTHTOK);
+	    if (rc == PAM_SUCCESS)
+		break;
+	    if ((s = pam_strerror(pamh, rc)) == NULL)
+		s = "unknown error";
+	    log_warningx(0,
+		N_("unable to change expired password: %s"), s);
+	    status = AUTH_FAILURE;
+	    break;
+	case PAM_AUTHTOK_EXPIRED:
+	    /* Ignore if user is exempt from password restrictions. */
+	    if (exempt) {
+		rc = *pam_status;
+		break;
+	    }
+	    /* Password expired, cannot be updated by user. */
+	    log_warningx(0,
+		N_("Password expired, contact your system administrator"));
+	    status = AUTH_FATAL;
+	    break;
+	case PAM_ACCT_EXPIRED:
+	    log_warningx(0,
+		N_("Account expired or PAM config lacks an \"account\" "
+		"section for sudo, contact your system administrator"));
+	    status = AUTH_FATAL;
+	    break;
+	case PAM_AUTHINFO_UNAVAIL:
+	case PAM_MAXTRIES:
+	case PAM_PERM_DENIED:
+	    s = pam_strerror(pamh, rc);
+	    log_warningx(0, N_("PAM account management error: %s"),
+		s ? s : "unknown error");
+	    status = AUTH_FAILURE;
+	    break;
+	default:
+	    s = pam_strerror(pamh, rc);
+	    log_warningx(0, N_("PAM account management error: %s"),
+		s ? s : "unknown error");
+	    status = AUTH_FATAL;
+	    break;
+    }
+    *pam_status = rc;
+    debug_return_int(status);
+}
+
+int
+sudo_pam_cleanup(struct passwd *pw, sudo_auth *auth)
+{
+    int *pam_status = (int *) auth->data;
+    debug_decl(sudo_pam_cleanup, SUDOERS_DEBUG_AUTH)
+
+    /* If successful, we can't close the session until sudo_pam_end_session() */
+    if (*pam_status != PAM_SUCCESS || auth->end_session == NULL) {
+	*pam_status = pam_end(pamh, *pam_status | PAM_DATA_SILENT);
+	pamh = NULL;
+    }
+    debug_return_int(*pam_status == PAM_SUCCESS ? AUTH_SUCCESS : AUTH_FAILURE);
+}
+
+int
+sudo_pam_begin_session(struct passwd *pw, char **user_envp[], sudo_auth *auth)
+{
+    int rc, status = AUTH_SUCCESS;
+    int *pam_status = (int *) auth->data;
+    const char *errstr;
+    debug_decl(sudo_pam_begin_session, SUDOERS_DEBUG_AUTH)
+
+    /*
+     * If there is no valid user we cannot open a PAM session.
+     * This is not an error as sudo can run commands with arbitrary
+     * uids, it just means we are done from a session management standpoint.
+     */
+    if (pw == NULL) {
+	if (pamh != NULL) {
+	    rc = pam_end(pamh, PAM_SUCCESS | PAM_DATA_SILENT);
+	    if (rc != PAM_SUCCESS) {
+		errstr = pam_strerror(pamh, rc);
+		sudo_debug_printf(SUDO_DEBUG_ERROR|SUDO_DEBUG_LINENO,
+		    "pam_end: %s", errstr ? errstr : "unknown error");
+	    }
+	    pamh = NULL;
+	}
+	goto done;
+    }
+
+    /*
+     * Update PAM_USER to reference the user we are running the command
+     * as, as opposed to the user we authenticated as.
+     */
+    rc = pam_set_item(pamh, PAM_USER, pw->pw_name);
+    if (rc != PAM_SUCCESS) {
+	errstr = pam_strerror(pamh, rc);
+	sudo_debug_printf(SUDO_DEBUG_ERROR|SUDO_DEBUG_LINENO,
+	    "pam_set_item(pamh, PAM_USER, %s): %s", pw->pw_name,
+	    errstr ? errstr : "unknown error");
+    }
+
+    /*
+     * Reinitialize credentials when changing the user.
+     * We don't worry about a failure from pam_setcred() since with
+     * stacked PAM auth modules a failure from one module may override
+     * PAM_SUCCESS from another.  For example, given a non-local user,
+     * pam_unix will fail but pam_ldap or pam_sss may succeed, but if
+     * pam_unix is first in the stack, pam_setcred() will fail.
+     */
+    if (def_pam_setcred) {
+	rc = pam_setcred(pamh, PAM_REINITIALIZE_CRED);
+	if (rc != PAM_SUCCESS) {
+	    errstr = pam_strerror(pamh, rc);
+	    sudo_debug_printf(SUDO_DEBUG_ERROR|SUDO_DEBUG_LINENO,
+		"pam_setcred: %s", errstr ? errstr : "unknown error");
+	}
+    }
+
+    if (def_pam_session) {
+	/*
+	 * We use PAM_SILENT to prevent pam_lastlog from printing last login
+	 * information except when explicitly running a shell.
+	 */
+	const bool silent = !ISSET(sudo_mode, MODE_SHELL|MODE_LOGIN_SHELL);
+	rc = pam_open_session(pamh, silent ? PAM_SILENT : 0);
+	switch (rc) {
+	case PAM_SUCCESS:
+	    break;
+	case PAM_SESSION_ERR:
+	    /* Treat PAM_SESSION_ERR as a non-fatal error. */
+	    errstr = pam_strerror(pamh, rc);
+	    sudo_debug_printf(SUDO_DEBUG_ERROR|SUDO_DEBUG_LINENO,
+		"pam_open_session: %s", errstr ? errstr : "unknown error");
+	    /* Avoid closing session that was not opened. */
+	    def_pam_session = false;
+	    break;
+	default:
+	    /* Unexpected session failure, treat as fatal error. */
+	    *pam_status = rc;
+	    errstr = pam_strerror(pamh, *pam_status);
+	    log_warningx(0, N_("%s: %s"), "pam_open_session",
+		errstr ? errstr : "unknown error");
+	    rc = pam_end(pamh, *pam_status | PAM_DATA_SILENT);
+	    if (rc != PAM_SUCCESS) {
+		errstr = pam_strerror(pamh, rc);
+		sudo_debug_printf(SUDO_DEBUG_ERROR|SUDO_DEBUG_LINENO,
+		    "pam_end: %s", errstr ? errstr : "unknown error");
+	    }
+	    pamh = NULL;
+	    status = AUTH_FATAL;
+	    goto done;
+	}
+    }
+
+#ifdef HAVE_PAM_GETENVLIST
+    /*
+     * Update environment based on what is stored in pamh.
+     * If no authentication is done we will only have environment
+     * variables if pam_env is called via session.
+     */
+    if (user_envp != NULL) {
+	char **pam_envp = pam_getenvlist(pamh);
+	if (pam_envp != NULL) {
+	    /* Merge pam env with user env. */
+	    if (!env_init(*user_envp) || !env_merge(pam_envp))
+		status = AUTH_FATAL;
+	    *user_envp = env_get();
+	    (void)env_init(NULL);
+	    free(pam_envp);
+	    /* XXX - we leak any duplicates that were in pam_envp */
+	}
+    }
+#endif /* HAVE_PAM_GETENVLIST */
+
+done:
+    debug_return_int(status);
+}
+
+int
+sudo_pam_end_session(struct passwd *pw, sudo_auth *auth)
+{
+    int rc, status = AUTH_SUCCESS;
+    debug_decl(sudo_pam_end_session, SUDOERS_DEBUG_AUTH)
+
+    if (pamh != NULL) {
+	/*
+	 * Update PAM_USER to reference the user we are running the command
+	 * as, as opposed to the user we authenticated as.
+	 * XXX - still needed now that session init is in parent?
+	 */
+	rc = pam_set_item(pamh, PAM_USER, pw->pw_name);
+	if (rc != PAM_SUCCESS) {
+	    const char *errstr = pam_strerror(pamh, rc);
+	    sudo_debug_printf(SUDO_DEBUG_ERROR|SUDO_DEBUG_LINENO,
+		"pam_set_item(pamh, PAM_USER, %s): %s", pw->pw_name,
+		errstr ? errstr : "unknown error");
+	}
+	if (def_pam_session) {
+	    rc = pam_close_session(pamh, PAM_SILENT);
+	    if (rc != PAM_SUCCESS) {
+		const char *errstr = pam_strerror(pamh, rc);
+		sudo_debug_printf(SUDO_DEBUG_ERROR|SUDO_DEBUG_LINENO,
+		    "pam_close_session: %s", errstr ? errstr : "unknown error");
+	    }
+	}
+	if (def_pam_setcred) {
+	    rc = pam_setcred(pamh, PAM_DELETE_CRED | PAM_SILENT);
+	    if (rc != PAM_SUCCESS) {
+		const char *errstr = pam_strerror(pamh, rc);
+		sudo_debug_printf(SUDO_DEBUG_ERROR|SUDO_DEBUG_LINENO,
+		    "pam_setcred: %s", errstr ? errstr : "unknown error");
+	    }
+	}
+	rc = pam_end(pamh, PAM_SUCCESS | PAM_DATA_SILENT);
+	if (rc != PAM_SUCCESS) {
+	    const char *errstr = pam_strerror(pamh, rc);
+	    sudo_debug_printf(SUDO_DEBUG_ERROR|SUDO_DEBUG_LINENO,
+		"pam_end: %s", errstr ? errstr : "unknown error");
+	    status = AUTH_FATAL;
+	}
+	pamh = NULL;
+    }
+
+    debug_return_int(status);
+}
+
+#define PROMPT_IS_PASSWORD(_p) \
+    (strncmp((_p), "Password:", 9) == 0 && \
+	((_p)[9] == '\0' || ((_p)[9] == ' ' && (_p)[10] == '\0')))
+
+#ifdef PAM_TEXT_DOMAIN
+# define PAM_PROMPT_IS_PASSWORD(_p) \
+    (strcmp((_p), dgt(PAM_TEXT_DOMAIN, "Password:")) == 0 || \
+	strcmp((_p), dgt(PAM_TEXT_DOMAIN, "Password: ")) == 0 || \
+	PROMPT_IS_PASSWORD(_p))
+#else
+# define PAM_PROMPT_IS_PASSWORD(_p)	PROMPT_IS_PASSWORD(_p)
+#endif /* PAM_TEXT_DOMAIN */
+
+/*
+ * We use the PAM prompt in preference to sudo's as long
+ * as passprompt_override is not set and:
+ *  a) the (translated) sudo prompt matches /^Password: ?/
+ * or:
+ *  b) the PAM prompt itself *doesn't* match /^Password: ?/
+ *     or /^username's Password: ?/
+ *
+ * The intent is to use the PAM prompt for things like
+ * challenge-response, otherwise use sudo's prompt.
+ * There may also be cases where a localized translation
+ * of "Password: " exists for PAM but not for sudo.
+ */
+static bool
+use_pam_prompt(const char *pam_prompt)
+{
+    size_t user_len;
+    debug_decl(use_pam_prompt, SUDOERS_DEBUG_AUTH)
+
+    /* Always use sudo prompt if passprompt_override is set. */
+    if (def_passprompt_override)
+	debug_return_bool(false);
+
+    /* If sudo prompt matches "^Password: ?$", use PAM prompt. */
+    if (PROMPT_IS_PASSWORD(def_prompt))
+	debug_return_bool(true);
+
+    /* If PAM prompt matches "^Password: ?$", use sudo prompt. */
+    if (PAM_PROMPT_IS_PASSWORD(pam_prompt))
+	debug_return_bool(false);
+
+    /*
+     * Some PAM modules use "^username's Password: ?$" instead of
+     * "^Password: ?" so check for that too.
+     */
+    user_len = strlen(user_name);
+    if (strncmp(pam_prompt, user_name, user_len) == 0) {
+	const char *cp = pam_prompt + user_len;
+	if (strncmp(cp, "'s Password:", 12) == 0 &&
+	    (cp[12] == '\0' || (cp[12] == ' ' && cp[13] == '\0')))
+	    debug_return_bool(false);
+    }
+
+    /* Otherwise, use the PAM prompt. */
+    debug_return_bool(true);
+}
+
+/*
+ * ``Conversation function'' for PAM <-> human interaction.
+ */
+static int
+converse(int num_msg, PAM_CONST struct pam_message **msg,
+    struct pam_response **reply_out, void *vcallback)
+{
+    struct sudo_conv_callback *callback = NULL;
+    struct pam_response *reply;
+    const char *prompt;
+    char *pass;
+    int n, type;
+    int ret = PAM_SUCCESS;
+    debug_decl(converse, SUDOERS_DEBUG_AUTH)
+
+    if (num_msg <= 0 || num_msg > PAM_MAX_NUM_MSG) {
+	sudo_debug_printf(SUDO_DEBUG_ERROR|SUDO_DEBUG_LINENO,
+	    "invalid number of PAM messages: %d", num_msg);
+	debug_return_int(PAM_CONV_ERR);
+    }
+    sudo_debug_printf(SUDO_DEBUG_DEBUG|SUDO_DEBUG_LINENO,
+	"number of PAM messages: %d", num_msg);
+
+    if ((reply = calloc(num_msg, sizeof(struct pam_response))) == NULL) {
+	sudo_warnx(U_("%s: %s"), __func__, U_("unable to allocate memory"));
+	debug_return_int(PAM_BUF_ERR);
+    }
+    *reply_out = reply;
+
+    if (vcallback != NULL)
+	callback = *((struct sudo_conv_callback **)vcallback);
+
+    for (n = 0; n < num_msg; n++) {
+	PAM_CONST struct pam_message *pm = PAM_MSG_GET(msg, n);
+
+	type = SUDO_CONV_PROMPT_ECHO_OFF;
+	switch (pm->msg_style) {
+	    case PAM_PROMPT_ECHO_ON:
+		type = SUDO_CONV_PROMPT_ECHO_ON;
+		/* FALLTHROUGH */
+	    case PAM_PROMPT_ECHO_OFF:
+		/* Error out if the last password read was interrupted. */
+		if (getpass_error)
+		    goto done;
+
+		/* Choose either the sudo prompt or the PAM one. */
+		prompt = use_pam_prompt(pm->msg) ? pm->msg : def_prompt;
+
+		/* Read the password unless interrupted. */
+		pass = auth_getpass(prompt, type, callback);
+		if (pass == NULL) {
+		    /* Error (or ^C) reading password, don't try again. */
+		    getpass_error = true;
+		    ret = PAM_CONV_ERR;
+		    goto done;
+		}
+		if (strlen(pass) >= PAM_MAX_RESP_SIZE) {
+		    sudo_debug_printf(SUDO_DEBUG_ERROR|SUDO_DEBUG_LINENO,
+			"password longer than %d", PAM_MAX_RESP_SIZE);
+		    ret = PAM_CONV_ERR;
+		    memset_s(pass, SUDO_CONV_REPL_MAX, 0, strlen(pass));
+		    goto done;
+		}
+		reply[n].resp = pass;	/* auth_getpass() malloc's a copy */
+		break;
+	    case PAM_TEXT_INFO:
+		if (pm->msg != NULL)
+		    sudo_printf(SUDO_CONV_INFO_MSG, "%s\n", pm->msg);
+		break;
+	    case PAM_ERROR_MSG:
+		if (pm->msg != NULL)
+		    sudo_printf(SUDO_CONV_ERROR_MSG, "%s\n", pm->msg);
+		break;
+	    default:
+		sudo_debug_printf(SUDO_DEBUG_ERROR|SUDO_DEBUG_LINENO,
+		    "unsupported message style: %d", pm->msg_style);
+		ret = PAM_CONV_ERR;
+		goto done;
+	}
+    }
+
+done:
+    if (ret != PAM_SUCCESS) {
+	/* Zero and free allocated memory and return an error. */
+	for (n = 0; n < num_msg; n++) {
+	    struct pam_response *pr = &reply[n];
+
+	    if (pr->resp != NULL) {
+		memset_s(pr->resp, SUDO_CONV_REPL_MAX, 0, strlen(pr->resp));
+		free(pr->resp);
+		pr->resp = NULL;
+	    }
+	}
+	free(reply);
+	*reply_out = NULL;
+    }
+    debug_return_int(ret);
+}
+
+#endif /* HAVE_PAM */
diff --git a/plugins/sudoers/auth/passwd.c b/plugins/sudoers/auth/passwd.c
new file mode 100644
index 0000000..e7093ab
--- /dev/null
+++ b/plugins/sudoers/auth/passwd.c
@@ -0,0 +1,113 @@
+/*
+ * Copyright (c) 1999-2005, 2010-2015 Todd C. Miller <Todd.Miller@sudo.ws>
+ *
+ * Permission to use, copy, modify, and distribute this software for any
+ * purpose with or without fee is hereby granted, provided that the above
+ * copyright notice and this permission notice appear in all copies.
+ *
+ * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
+ * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
+ * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
+ * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
+ * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
+ * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
+ * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
+ *
+ * Sponsored in part by the Defense Advanced Research Projects
+ * Agency (DARPA) and Air Force Research Laboratory, Air Force
+ * Materiel Command, USAF, under agreement number F39502-99-1-0512.
+ */
+
+/*
+ * This is an open source non-commercial project. Dear PVS-Studio, please check it.
+ * PVS-Studio Static Code Analyzer for C, C++ and C#: http://www.viva64.com
+ */
+
+#include <config.h>
+
+#include <sys/types.h>
+#include <stdio.h>
+#include <stdlib.h>
+#ifdef HAVE_STRING_H
+# include <string.h>
+#endif /* HAVE_STRING_H */
+#ifdef HAVE_STRINGS_H
+# include <strings.h>
+#endif /* HAVE_STRINGS_H */
+#include <unistd.h>
+#include <pwd.h>
+
+#include "sudoers.h"
+#include "sudo_auth.h"
+
+#define DESLEN			13
+#define HAS_AGEINFO(p, l)	(l == 18 && p[DESLEN] == ',')
+
+int
+sudo_passwd_init(struct passwd *pw, sudo_auth *auth)
+{
+    debug_decl(sudo_passwd_init, SUDOERS_DEBUG_AUTH)
+
+#ifdef HAVE_SKEYACCESS
+    if (skeyaccess(pw, user_tty, NULL, NULL) == 0)
+	debug_return_int(AUTH_FAILURE);
+#endif
+    sudo_setspent();
+    auth->data = sudo_getepw(pw);
+    sudo_endspent();
+    debug_return_int(auth->data ? AUTH_SUCCESS : AUTH_FATAL);
+}
+
+int
+sudo_passwd_verify(struct passwd *pw, char *pass, sudo_auth *auth, struct sudo_conv_callback *callback)
+{
+    char sav, *epass;
+    char *pw_epasswd = auth->data;
+    size_t pw_len;
+    int matched = 0;
+    debug_decl(sudo_passwd_verify, SUDOERS_DEBUG_AUTH)
+
+    /* An empty plain-text password must match an empty encrypted password. */
+    if (pass[0] == '\0')
+	debug_return_int(pw_epasswd[0] ? AUTH_FAILURE : AUTH_SUCCESS);
+
+    /*
+     * Truncate to 8 chars if standard DES since not all crypt()'s do this.
+     * If this turns out not to be safe we will have to use OS #ifdef's (sigh).
+     */
+    sav = pass[8];
+    pw_len = strlen(pw_epasswd);
+    if (pw_len == DESLEN || HAS_AGEINFO(pw_epasswd, pw_len))
+	pass[8] = '\0';
+
+    /*
+     * Normal UN*X password check.
+     * HP-UX may add aging info (separated by a ',') at the end so
+     * only compare the first DESLEN characters in that case.
+     */
+    epass = (char *) crypt(pass, pw_epasswd);
+    pass[8] = sav;
+    if (epass != NULL) {
+	if (HAS_AGEINFO(pw_epasswd, pw_len) && strlen(epass) == DESLEN)
+	    matched = !strncmp(pw_epasswd, epass, DESLEN);
+	else
+	    matched = !strcmp(pw_epasswd, epass);
+    }
+
+    debug_return_int(matched ? AUTH_SUCCESS : AUTH_FAILURE);
+}
+
+int
+sudo_passwd_cleanup(pw, auth)
+    struct passwd *pw;
+    sudo_auth *auth;
+{
+    char *pw_epasswd = auth->data;
+    debug_decl(sudo_passwd_cleanup, SUDOERS_DEBUG_AUTH)
+
+    if (pw_epasswd != NULL) {
+	memset_s(pw_epasswd, SUDO_CONV_REPL_MAX, 0, strlen(pw_epasswd));
+	free(pw_epasswd);
+    }
+    debug_return_int(AUTH_SUCCESS);
+}
diff --git a/plugins/sudoers/auth/rfc1938.c b/plugins/sudoers/auth/rfc1938.c
new file mode 100644
index 0000000..2a5a55b
--- /dev/null
+++ b/plugins/sudoers/auth/rfc1938.c
@@ -0,0 +1,142 @@
+/*
+ * Copyright (c) 1994-1996, 1998-2005, 2010-2012, 2014-2015
+ *	Todd C. Miller <Todd.Miller@sudo.ws>
+ *
+ * Permission to use, copy, modify, and distribute this software for any
+ * purpose with or without fee is hereby granted, provided that the above
+ * copyright notice and this permission notice appear in all copies.
+ *
+ * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
+ * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
+ * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
+ * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
+ * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
+ * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
+ * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
+ *
+ * Sponsored in part by the Defense Advanced Research Projects
+ * Agency (DARPA) and Air Force Research Laboratory, Air Force
+ * Materiel Command, USAF, under agreement number F39502-99-1-0512.
+ */
+
+/*
+ * This is an open source non-commercial project. Dear PVS-Studio, please check it.
+ * PVS-Studio Static Code Analyzer for C, C++ and C#: http://www.viva64.com
+ */
+
+#include <config.h>
+
+#if defined(HAVE_SKEY) || defined(HAVE_OPIE)
+
+#include <sys/types.h>
+#include <stdio.h>
+#include <stdlib.h>
+#ifdef HAVE_STRING_H
+# include <string.h>
+#endif /* HAVE_STRING_H */
+#ifdef HAVE_STRINGS_H
+# include <strings.h>
+#endif /* HAVE_STRINGS_H */
+#include <unistd.h>
+#include <pwd.h>
+
+#if defined(HAVE_SKEY)
+# include <skey.h>
+# define RFC1938				skey
+#  ifdef HAVE_RFC1938_SKEYCHALLENGE
+#   define rfc1938challenge(a,b,c,d)	skeychallenge((a),(b),(c),(d))
+#  else
+#   define rfc1938challenge(a,b,c,d)	skeychallenge((a),(b),(c))
+#  endif
+# define rfc1938verify(a,b)		skeyverify((a),(b))
+#elif defined(HAVE_OPIE)
+# include <opie.h>
+# define RFC1938			opie
+# define rfc1938challenge(a,b,c,d)	opiechallenge((a),(b),(c))
+# define rfc1938verify(a,b)		opieverify((a),(b))
+#endif
+
+#include "sudoers.h"
+#include "sudo_auth.h"
+
+int
+sudo_rfc1938_setup(struct passwd *pw, char **promptp, sudo_auth *auth)
+{
+    char challenge[256];
+    size_t challenge_len;
+    static char *orig_prompt = NULL, *new_prompt = NULL;
+    static size_t op_len, np_size;
+    static struct RFC1938 rfc1938;
+    debug_decl(sudo_rfc1938_setup, SUDOERS_DEBUG_AUTH)
+
+    /* Stash a pointer to the rfc1938 struct if we have not initialized */
+    if (!auth->data)
+	auth->data = &rfc1938;
+
+    /* Save the original prompt */
+    if (orig_prompt == NULL) {
+	orig_prompt = *promptp;
+	op_len = strlen(orig_prompt);
+
+	/* Ignore trailing colon (we will add our own) */
+	if (orig_prompt[op_len - 1] == ':')
+	    op_len--;
+	else if (op_len >= 2 && orig_prompt[op_len - 1] == ' '
+	    && orig_prompt[op_len - 2] == ':')
+	    op_len -= 2;
+    }
+
+#ifdef HAVE_SKEY
+    /* Close old stream */
+    if (rfc1938.keyfile)
+	(void) fclose(rfc1938.keyfile);
+#endif
+
+    /*
+     * Look up the user and get the rfc1938 challenge.
+     * If the user is not in the OTP db, only post a fatal error if
+     * we are running alone (since they may just use a normal passwd).
+     */
+    if (rfc1938challenge(&rfc1938, pw->pw_name, challenge, sizeof(challenge))) {
+	if (IS_ONEANDONLY(auth)) {
+	    sudo_warnx(U_("you do not exist in the %s database"), auth->name);
+	    debug_return_int(AUTH_FATAL);
+	} else {
+	    debug_return_int(AUTH_FAILURE);
+	}
+    }
+
+    /* Get space for new prompt with embedded challenge */
+    challenge_len = strlen(challenge);
+    if (np_size < op_len + challenge_len + 7) {
+	char *p = realloc(new_prompt, op_len + challenge_len + 7);
+	if (p == NULL) {
+	    sudo_warnx(U_("%s: %s"), __func__, U_("unable to allocate memory"));
+	    debug_return_int(AUTH_FATAL);
+	}
+	np_size = op_len + challenge_len + 7;
+	new_prompt = p;
+    }
+
+    if (def_long_otp_prompt)
+	(void) snprintf(new_prompt, np_size, "%s\n%s", challenge, orig_prompt);
+    else
+	(void) snprintf(new_prompt, np_size, "%.*s [ %s ]:", (int)op_len,
+	    orig_prompt, challenge);
+
+    *promptp = new_prompt;
+    debug_return_int(AUTH_SUCCESS);
+}
+
+int
+sudo_rfc1938_verify(struct passwd *pw, char *pass, sudo_auth *auth, struct sudo_conv_callback *callback)
+{
+    debug_decl(sudo_rfc1938_verify, SUDOERS_DEBUG_AUTH)
+
+    if (rfc1938verify((struct RFC1938 *) auth->data, pass) == 0)
+	debug_return_int(AUTH_SUCCESS);
+    else
+	debug_return_int(AUTH_FAILURE);
+}
+
+#endif /* HAVE_SKEY || HAVE_OPIE */
diff --git a/plugins/sudoers/auth/secureware.c b/plugins/sudoers/auth/secureware.c
new file mode 100644
index 0000000..dc60002
--- /dev/null
+++ b/plugins/sudoers/auth/secureware.c
@@ -0,0 +1,116 @@
+/*
+ * Copyright (c) 1998-2005, 2010-2015 Todd C. Miller <Todd.Miller@sudo.ws>
+ *
+ * Permission to use, copy, modify, and distribute this software for any
+ * purpose with or without fee is hereby granted, provided that the above
+ * copyright notice and this permission notice appear in all copies.
+ *
+ * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
+ * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
+ * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
+ * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
+ * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
+ * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
+ * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
+ *
+ * Sponsored in part by the Defense Advanced Research Projects
+ * Agency (DARPA) and Air Force Research Laboratory, Air Force
+ * Materiel Command, USAF, under agreement number F39502-99-1-0512.
+ */
+
+/*
+ * This is an open source non-commercial project. Dear PVS-Studio, please check it.
+ * PVS-Studio Static Code Analyzer for C, C++ and C#: http://www.viva64.com
+ */
+
+#include <config.h>
+
+#ifdef HAVE_GETPRPWNAM
+
+#include <sys/types.h>
+#include <stdio.h>
+#include <stdlib.h>
+#ifdef HAVE_STRING_H
+# include <string.h>
+#endif /* HAVE_STRING_H */
+#ifdef HAVE_STRINGS_H
+# include <strings.h>
+#endif /* HAVE_STRINGS_H */
+#include <unistd.h>
+#include <pwd.h>
+#ifdef __hpux
+#  undef MAXINT
+#  include <hpsecurity.h>
+#else
+#  include <sys/security.h>
+#endif /* __hpux */
+#include <prot.h>
+
+#include "sudoers.h"
+#include "sudo_auth.h"
+
+#ifdef __alpha
+extern int crypt_type;
+#endif
+
+int
+sudo_secureware_init(struct passwd *pw, sudo_auth *auth)
+{
+    debug_decl(sudo_secureware_init, SUDOERS_DEBUG_AUTH)
+
+#ifdef __alpha
+    if (crypt_type == INT_MAX)
+	debug_return_int(AUTH_FAILURE);			/* no shadow */
+#endif
+
+    sudo_setspent();
+    auth->data = sudo_getepw(pw);
+    sudo_endspent();
+    debug_return_int(auth->data ? AUTH_SUCCESS : AUTH_FATAL);
+}
+
+int
+sudo_secureware_verify(struct passwd *pw, char *pass, sudo_auth *auth, struct sudo_conv_callback *callback)
+{
+    char *pw_epasswd = auth->data;
+    char *epass = NULL;
+    debug_decl(sudo_secureware_verify, SUDOERS_DEBUG_AUTH)
+
+    /* An empty plain-text password must match an empty encrypted password. */
+    if (pass[0] == '\0')
+	debug_return_int(pw_epasswd[0] ? AUTH_FAILURE : AUTH_SUCCESS);
+
+#if defined(__alpha)
+# ifdef HAVE_DISPCRYPT
+	epass = dispcrypt(pass, pw_epasswd, crypt_type);
+# else
+	if (crypt_type == AUTH_CRYPT_BIGCRYPT)
+	    epass = bigcrypt(pass, pw_epasswd);
+	else if (crypt_type == AUTH_CRYPT_CRYPT16)
+	    epass = crypt(pass, pw_epasswd);
+# endif /* HAVE_DISPCRYPT */
+#elif defined(HAVE_BIGCRYPT)
+    epass = bigcrypt(pass, pw_epasswd);
+#endif /* __alpha */
+
+    if (epass != NULL && strcmp(pw_epasswd, epass) == 0)
+	debug_return_int(AUTH_SUCCESS);
+    debug_return_int(AUTH_FAILURE);
+}
+
+int
+sudo_secureware_cleanup(pw, auth)
+    struct passwd *pw;
+    sudo_auth *auth;
+{
+    char *pw_epasswd = auth->data;
+    debug_decl(sudo_secureware_cleanup, SUDOERS_DEBUG_AUTH)
+
+    if (pw_epasswd != NULL) {
+	memset_s(pw_epasswd, SUDO_CONV_REPL_MAX, 0, strlen(pw_epasswd));
+	free(pw_epasswd);
+    }
+    debug_return_int(AUTH_SUCCESS);
+}
+
+#endif /* HAVE_GETPRPWNAM */
diff --git a/plugins/sudoers/auth/securid5.c b/plugins/sudoers/auth/securid5.c
new file mode 100644
index 0000000..ca75c56
--- /dev/null
+++ b/plugins/sudoers/auth/securid5.c
@@ -0,0 +1,232 @@
+/*
+ * Copyright (c) 1999-2005, 2007, 2010-2012, 2014-2016
+ *	Todd C. Miller <Todd.Miller@sudo.ws>
+ * Copyright (c) 2002 Michael Stroucken <michael@stroucken.org>
+ *
+ * Permission to use, copy, modify, and distribute this software for any
+ * purpose with or without fee is hereby granted, provided that the above
+ * copyright notice and this permission notice appear in all copies.
+ *
+ * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
+ * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
+ * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
+ * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
+ * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
+ * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
+ * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
+ *
+ * Sponsored in part by the Defense Advanced Research Projects
+ * Agency (DARPA) and Air Force Research Laboratory, Air Force
+ * Materiel Command, USAF, under agreement number F39502-99-1-0512.
+ */
+
+/*
+ * This is an open source non-commercial project. Dear PVS-Studio, please check it.
+ * PVS-Studio Static Code Analyzer for C, C++ and C#: http://www.viva64.com
+ */
+
+#include <config.h>
+
+#ifdef HAVE_SECURID
+
+#include <sys/types.h>
+#include <stdio.h>
+#include <stdlib.h>
+#ifdef HAVE_STRING_H
+# include <string.h>
+#endif /* HAVE_STRING_H */
+#ifdef HAVE_STRINGS_H
+# include <strings.h>
+#endif /* HAVE_STRINGS_H */
+#include <unistd.h>
+#include <pwd.h>
+
+/* Needed for SecurID v5.0 Authentication on UNIX */
+#define UNIX 1
+#include <acexport.h>
+#include <sdacmvls.h>
+
+#include "sudoers.h"
+#include "sudo_auth.h"
+
+/*
+ * securid_init - Initialises communications with ACE server
+ * Arguments in:
+ *     pw - UNUSED
+ *     auth - sudo authentication structure
+ *
+ * Results out:
+ *     auth - auth->data contains pointer to new SecurID handle
+ *     return code - Fatal if initialization unsuccessful, otherwise
+ *                   success.
+ */
+int
+sudo_securid_init(struct passwd *pw, sudo_auth *auth)
+{
+    static SDI_HANDLE sd_dat;			/* SecurID handle */
+    debug_decl(sudo_securid_init, SUDOERS_DEBUG_AUTH)
+
+    auth->data = (void *) &sd_dat;		/* For method-specific data */
+
+    /* Start communications */
+    if (AceInitialize() != SD_FALSE)
+	debug_return_int(AUTH_SUCCESS);
+
+    sudo_warnx(U_("failed to initialise the ACE API library"));
+    debug_return_int(AUTH_FATAL);
+}
+
+/*
+ * securid_setup - Initialises a SecurID transaction and locks out other
+ *     ACE servers
+ *
+ * Arguments in:
+ *     pw - struct passwd for username
+ *     promptp - UNUSED
+ *     auth - sudo authentication structure for SecurID handle
+ *
+ * Results out:
+ *     return code - Success if transaction started correctly, fatal
+ *                   otherwise
+ */
+int
+sudo_securid_setup(struct passwd *pw, char **promptp, sudo_auth *auth)
+{
+    SDI_HANDLE *sd = (SDI_HANDLE *) auth->data;
+    int retval;
+    debug_decl(sudo_securid_setup, SUDOERS_DEBUG_AUTH)
+
+    /* Re-initialize SecurID every time. */
+    if (SD_Init(sd) != ACM_OK) {
+	sudo_warnx(U_("unable to contact the SecurID server"));
+	debug_return_int(AUTH_FATAL);
+    }
+
+    /* Lock new PIN code */
+    retval = SD_Lock(*sd, pw->pw_name);
+
+    switch (retval) {
+	case ACM_OK:
+		sudo_warnx(U_("User ID locked for SecurID Authentication"));
+		debug_return_int(AUTH_SUCCESS);
+
+        case ACE_UNDEFINED_USERNAME:
+		sudo_warnx(U_("invalid username length for SecurID"));
+		debug_return_int(AUTH_FATAL);
+
+	case ACE_ERR_INVALID_HANDLE:
+		sudo_warnx(U_("invalid Authentication Handle for SecurID"));
+		debug_return_int(AUTH_FATAL);
+
+	case ACM_ACCESS_DENIED:
+		sudo_warnx(U_("SecurID communication failed"));
+		debug_return_int(AUTH_FATAL);
+
+	default:
+		sudo_warnx(U_("unknown SecurID error"));
+		debug_return_int(AUTH_FATAL);
+	}
+}
+
+/*
+ * securid_verify - Authenticates user and handles ACE responses
+ *
+ * Arguments in:
+ *     pw - struct passwd for username
+ *     pass - UNUSED
+ *     auth - sudo authentication structure for SecurID handle
+ *
+ * Results out:
+ *     return code - Success on successful authentication, failure on
+ *                   incorrect authentication, fatal on errors
+ */
+int
+sudo_securid_verify(struct passwd *pw, char *pass, sudo_auth *auth, struct sudo_conv_callback *callback)
+{
+    SDI_HANDLE *sd = (SDI_HANDLE *) auth->data;
+    int ret;
+    debug_decl(sudo_securid_verify, SUDOERS_DEBUG_AUTH)
+
+    pass = auth_getpass("Enter your PASSCODE: ", SUDO_CONV_PROMPT_ECHO_OFF,
+	callback);
+
+    /* Have ACE verify password */
+    switch (SD_Check(*sd, pass, pw->pw_name)) {
+	case ACM_OK:
+		ret = AUTH_SUCESS;
+		break;
+
+	case ACE_UNDEFINED_PASSCODE:
+		sudo_warnx(U_("invalid passcode length for SecurID"));
+		ret = AUTH_FATAL;
+		break;
+
+	case ACE_UNDEFINED_USERNAME:
+		sudo_warnx(U_("invalid username length for SecurID"));
+		ret = AUTH_FATAL;
+		break;
+
+	case ACE_ERR_INVALID_HANDLE:
+		sudo_warnx(U_("invalid Authentication Handle for SecurID"));
+		ret = AUTH_FATAL;
+		break;
+
+	case ACM_ACCESS_DENIED:
+		ret = AUTH_FAILURE;
+		break;
+
+	case ACM_NEXT_CODE_REQUIRED:
+                /* Sometimes (when current token close to expire?)
+                   ACE challenges for the next token displayed
+                   (entered without the PIN) */
+		if (pass != NULL) {
+		    memset_s(pass, SUDO_PASS_MAX, 0, strlen(pass));
+		    free(pass);
+		}
+        	pass = auth_getpass("\
+!!! ATTENTION !!!\n\
+Wait for the token code to change, \n\
+then enter the new token code.\n", \
+		SUDO_CONV_PROMPT_ECHO_OFF, callback);
+
+		if (SD_Next(*sd, pass) == ACM_OK) {
+			ret = AUTH_SUCCESS;
+			break;
+		}
+
+		ret = AUTH_FAILURE;
+		break;
+
+	case ACM_NEW_PIN_REQUIRED:
+                /*
+		 * This user's SecurID has not been activated yet,
+                 * or the pin has been reset
+		 */
+		/* XXX - Is setting up a new PIN within sudo's scope? */
+		SD_Pin(*sd, "");
+		sudo_printf(SUDO_CONV_ERROR_MSG, 
+		    "Your SecurID access has not yet been set up.\n");
+		sudo_printf(SUDO_CONV_ERROR_MSG, 
+		    "Please set up a PIN before you try to authenticate.\n");
+		ret = AUTH_FATAL;
+		break;
+
+	default:
+		sudo_warnx(U_("unknown SecurID error"));
+		ret = AUTH_FATAL;
+		break;
+    }
+
+    /* Free resources */
+    SD_Close(*sd);
+
+    if (pass != NULL) {
+	memset_s(pass, SUDO_PASS_MAX, 0, strlen(pass));
+	free(pass);
+    }
+
+    /* Return stored state to calling process */
+    debug_return_int(ret);
+}
+
+#endif /* HAVE_SECURID */
diff --git a/plugins/sudoers/auth/sia.c b/plugins/sudoers/auth/sia.c
new file mode 100644
index 0000000..8e74de8
--- /dev/null
+++ b/plugins/sudoers/auth/sia.c
@@ -0,0 +1,156 @@
+/*
+ * Copyright (c) 1999-2005, 2007, 2010-2015
+ *	Todd C. Miller <Todd.Miller@sudo.ws>
+ *
+ * Permission to use, copy, modify, and distribute this software for any
+ * purpose with or without fee is hereby granted, provided that the above
+ * copyright notice and this permission notice appear in all copies.
+ *
+ * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
+ * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
+ * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
+ * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
+ * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
+ * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
+ * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
+ *
+ * Sponsored in part by the Defense Advanced Research Projects
+ * Agency (DARPA) and Air Force Research Laboratory, Air Force
+ * Materiel Command, USAF, under agreement number F39502-99-1-0512.
+ */
+
+/*
+ * This is an open source non-commercial project. Dear PVS-Studio, please check it.
+ * PVS-Studio Static Code Analyzer for C, C++ and C#: http://www.viva64.com
+ */
+
+#include <config.h>
+
+#ifdef HAVE_SIA_SES_INIT
+
+#include <sys/types.h>
+#include <stdio.h>
+#include <stdlib.h>
+#ifdef HAVE_STRING_H
+# include <string.h>
+#endif /* HAVE_STRING_H */
+#ifdef HAVE_STRINGS_H
+# include <strings.h>
+#endif /* HAVE_STRINGS_H */
+#include <unistd.h>
+#include <pwd.h>
+#include <signal.h>
+#include <siad.h>
+
+#include "sudoers.h"
+#include "sudo_auth.h"
+
+static char **sudo_argv;
+static int sudo_argc;
+
+int
+sudo_sia_setup(struct passwd *pw, char **promptp, sudo_auth *auth)
+{
+    SIAENTITY *siah;
+    int i;
+    debug_decl(sudo_sia_setup, SUDOERS_DEBUG_AUTH)
+
+    /* Rebuild argv for sia_ses_init() */
+    sudo_argc = NewArgc + 1;
+    sudo_argv = reallocarray(NULL, sudo_argc + 1, sizeof(char *));
+    if (sudo_argv == NULL) {
+	log_warningx(0, N_("unable to allocate memory"));
+	debug_return_int(AUTH_FATAL);
+    }
+    sudo_argv[0] = "sudo";
+    for (i = 0; i < NewArgc; i++)
+	sudo_argv[i + 1] = NewArgv[i];
+    sudo_argv[sudo_argc] = NULL;
+
+    /* We don't let SIA prompt the user for input. */
+    if (sia_ses_init(&siah, sudo_argc, sudo_argv, NULL, pw->pw_name, user_ttypath, 0, NULL) != SIASUCCESS) {
+	log_warning(0, N_("unable to initialize SIA session"));
+	debug_return_int(AUTH_FATAL);
+    }
+
+    auth->data = siah;
+    debug_return_int(AUTH_SUCCESS);
+}
+
+int
+sudo_sia_verify(struct passwd *pw, char *prompt, sudo_auth *auth,
+    struct sudo_conv_callback *callback)
+{
+    SIAENTITY *siah = auth->data;
+    char *pass;
+    int rc;
+    debug_decl(sudo_sia_verify, SUDOERS_DEBUG_AUTH)
+
+    /* Get password, return AUTH_INTR if we got ^C */
+    pass = auth_getpass(prompt, SUDO_CONV_PROMPT_ECHO_OFF, callback);
+    if (pass == NULL)
+	debug_return_int(AUTH_INTR);
+
+    /* Check password and zero out plaintext copy. */
+    rc = sia_ses_authent(NULL, pass, siah);
+    memset_s(pass, SUDO_CONV_REPL_MAX, 0, strlen(pass));
+    free(pass);
+
+    if (rc == SIASUCCESS)
+	debug_return_int(AUTH_SUCCESS);
+    if (ISSET(rc, SIASTOP))
+	debug_return_int(AUTH_FATAL);
+    debug_return_int(AUTH_FAILURE);
+}
+
+int
+sudo_sia_cleanup(struct passwd *pw, sudo_auth *auth)
+{
+    SIAENTITY *siah = auth->data;
+    debug_decl(sudo_sia_cleanup, SUDOERS_DEBUG_AUTH)
+
+    (void) sia_ses_release(&siah);
+    auth->data = NULL;
+    free(sudo_argv);
+    debug_return_int(AUTH_SUCCESS);
+}
+
+int
+sudo_sia_begin_session(struct passwd *pw, char **user_envp[], sudo_auth *auth)
+{
+    SIAENTITY *siah;
+    int status = AUTH_FATAL;
+    debug_decl(sudo_sia_begin_session, SUDOERS_DEBUG_AUTH)
+
+    /* Re-init sia for the target user's session. */
+    if (sia_ses_init(&siah, NewArgc, NewArgv, NULL, pw->pw_name, user_ttypath, 0, NULL) != SIASUCCESS) {
+	log_warning(0, N_("unable to initialize SIA session"));
+	goto done;
+    }
+
+    if (sia_make_entity_pwd(pw, siah) != SIASUCCESS) {
+	sudo_warn("sia_make_entity_pwd");
+	goto done;
+    }
+
+    status = AUTH_FAILURE;		/* no more fatal errors. */
+
+    siah->authtype = SIA_A_NONE;
+    if (sia_ses_estab(sia_collect_trm, siah) != SIASUCCESS) {
+	sudo_warn("sia_ses_estab");
+	goto done;
+    }
+
+    if (sia_ses_launch(sia_collect_trm, siah) != SIASUCCESS) {
+	sudo_warn("sia_ses_launch");
+	goto done;
+    }
+
+    status = AUTH_SUCCESS;
+
+done:
+    (void) sia_ses_release(&siah);
+    debug_return_int(status);
+}
+
+#endif /* HAVE_SIA_SES_INIT */
diff --git a/plugins/sudoers/auth/sudo_auth.c b/plugins/sudoers/auth/sudo_auth.c
new file mode 100644
index 0000000..be70f93
--- /dev/null
+++ b/plugins/sudoers/auth/sudo_auth.c
@@ -0,0 +1,483 @@
+/*
+ * Copyright (c) 1999-2005, 2008-2018 Todd C. Miller <Todd.Miller@sudo.ws>
+ *
+ * Permission to use, copy, modify, and distribute this software for any
+ * purpose with or without fee is hereby granted, provided that the above
+ * copyright notice and this permission notice appear in all copies.
+ *
+ * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
+ * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
+ * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
+ * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
+ * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
+ * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
+ * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
+ *
+ * Sponsored in part by the Defense Advanced Research Projects
+ * Agency (DARPA) and Air Force Research Laboratory, Air Force
+ * Materiel Command, USAF, under agreement number F39502-99-1-0512.
+ */
+
+/*
+ * This is an open source non-commercial project. Dear PVS-Studio, please check it.
+ * PVS-Studio Static Code Analyzer for C, C++ and C#: http://www.viva64.com
+ */
+
+#include <config.h>
+
+#include <sys/types.h>
+#include <stdio.h>
+#include <stdlib.h>
+#if defined(HAVE_STDINT_H)
+# include <stdint.h>
+#elif defined(HAVE_INTTYPES_H)
+# include <inttypes.h>
+#endif
+#ifdef HAVE_STRING_H
+# include <string.h>
+#endif /* HAVE_STRING_H */
+#ifdef HAVE_STRINGS_H
+# include <strings.h>
+#endif /* HAVE_STRINGS_H */
+#include <unistd.h>
+#include <pwd.h>
+#include <time.h>
+#include <signal.h>
+
+#include "sudoers.h"
+#include "sudo_auth.h"
+#include "insults.h"
+
+static sudo_auth auth_switch[] = {
+/* Standalone entries first */
+#ifdef HAVE_AIXAUTH
+    AUTH_ENTRY("aixauth", FLAG_STANDALONE, sudo_aix_init, NULL, sudo_aix_verify, NULL, sudo_aix_cleanup, NULL, NULL)
+#endif
+#ifdef HAVE_PAM
+    AUTH_ENTRY("pam", FLAG_STANDALONE, sudo_pam_init, NULL, sudo_pam_verify, sudo_pam_approval, sudo_pam_cleanup, sudo_pam_begin_session, sudo_pam_end_session)
+#endif
+#ifdef HAVE_SECURID
+    AUTH_ENTRY("SecurId", FLAG_STANDALONE, sudo_securid_init, sudo_securid_setup, sudo_securid_verify, NULL, NULL, NULL, NULL)
+#endif
+#ifdef HAVE_SIA_SES_INIT
+    AUTH_ENTRY("sia", FLAG_STANDALONE, NULL, sudo_sia_setup, sudo_sia_verify, NULL, sudo_sia_cleanup, sudo_sia_begin_session, NULL)
+#endif
+#ifdef HAVE_FWTK
+    AUTH_ENTRY("fwtk", FLAG_STANDALONE, sudo_fwtk_init, NULL, sudo_fwtk_verify, NULL, sudo_fwtk_cleanup, NULL, NULL)
+#endif
+#ifdef HAVE_BSD_AUTH_H
+    AUTH_ENTRY("bsdauth", FLAG_STANDALONE, bsdauth_init, NULL, bsdauth_verify, bsdauth_approval, bsdauth_cleanup, NULL, NULL)
+#endif
+
+/* Non-standalone entries */
+#ifndef WITHOUT_PASSWD
+    AUTH_ENTRY("passwd", 0, sudo_passwd_init, NULL, sudo_passwd_verify, NULL, sudo_passwd_cleanup, NULL, NULL)
+#endif
+#if defined(HAVE_GETPRPWNAM) && !defined(WITHOUT_PASSWD)
+    AUTH_ENTRY("secureware", 0, sudo_secureware_init, NULL, sudo_secureware_verify, NULL, sudo_secureware_cleanup, NULL, NULL)
+#endif
+#ifdef HAVE_AFS
+    AUTH_ENTRY("afs", 0, NULL, NULL, sudo_afs_verify, NULL, NULL, NULL, NULL)
+#endif
+#ifdef HAVE_DCE
+    AUTH_ENTRY("dce", 0, NULL, NULL, sudo_dce_verify, NULL, NULL, NULL, NULL)
+#endif
+#ifdef HAVE_KERB5
+    AUTH_ENTRY("kerb5", 0, sudo_krb5_init, sudo_krb5_setup, sudo_krb5_verify, NULL, sudo_krb5_cleanup, NULL, NULL)
+#endif
+#ifdef HAVE_SKEY
+    AUTH_ENTRY("S/Key", 0, NULL, sudo_rfc1938_setup, sudo_rfc1938_verify, NULL, NULL, NULL, NULL)
+#endif
+#ifdef HAVE_OPIE
+    AUTH_ENTRY("OPIE", 0, NULL, sudo_rfc1938_setup, sudo_rfc1938_verify, NULL, NULL, NULL, NULL)
+#endif
+    AUTH_ENTRY(NULL, 0, NULL, NULL, NULL, NULL, NULL, NULL, NULL)
+};
+
+static bool standalone;
+
+/*
+ * Initialize sudoers authentication method(s).
+ * Returns 0 on success and -1 on error.
+ */
+int
+sudo_auth_init(struct passwd *pw)
+{
+    sudo_auth *auth;
+    int status = AUTH_SUCCESS;
+    debug_decl(sudo_auth_init, SUDOERS_DEBUG_AUTH)
+
+    if (auth_switch[0].name == NULL)
+	debug_return_int(0);
+
+    /* Initialize auth methods and unconfigure the method if necessary. */
+    for (auth = auth_switch; auth->name; auth++) {
+	if (auth->init && !IS_DISABLED(auth)) {
+	    /* Disable if it failed to init unless there was a fatal error. */
+	    status = (auth->init)(pw, auth);
+	    if (status == AUTH_FAILURE)
+		SET(auth->flags, FLAG_DISABLED);
+	    else if (status == AUTH_FATAL)
+		break;		/* assume error msg already printed */
+	}
+    }
+
+    /*
+     * Make sure we haven't mixed standalone and shared auth methods.
+     * If there are multiple standalone methods, only use the first one.
+     */
+    if ((standalone = IS_STANDALONE(&auth_switch[0]))) {
+	bool found = false;
+	for (auth = auth_switch; auth->name; auth++) {
+	    if (IS_DISABLED(auth))
+		continue;
+	    if (!IS_STANDALONE(auth)) {
+		audit_failure(NewArgc, NewArgv,
+		    N_("invalid authentication methods"));
+		log_warningx(SLOG_SEND_MAIL,
+		    N_("Invalid authentication methods compiled into sudo!  "
+		    "You may not mix standalone and non-standalone authentication."));
+		debug_return_int(-1);
+	    }
+	    if (!found) {
+		/* Found first standalone method. */
+		found = true;
+		continue;
+	    }
+	    /* Disable other standalone methods. */
+	    SET(auth->flags, FLAG_DISABLED);
+	}
+    }
+
+    /* Set FLAG_ONEANDONLY if there is only one auth method. */
+    for (auth = auth_switch; auth->name; auth++) {
+	/* Find first enabled auth method. */
+	if (!IS_DISABLED(auth)) {
+	    sudo_auth *first = auth;
+	    /* Check for others. */
+	    for (; auth->name; auth++) {
+		if (!IS_DISABLED(auth))
+		    break;
+	    }
+	    if (auth->name == NULL)
+		SET(first->flags, FLAG_ONEANDONLY);
+	    break;
+	}
+    }
+
+    debug_return_int(status == AUTH_FATAL ? -1 : 0);
+}
+
+/*
+ * Cleanup all authentication approval methods.
+ * Returns true on success, false on failure and -1 on error.
+ */
+int
+sudo_auth_approval(struct passwd *pw, int validated, bool exempt)
+{
+    sudo_auth *auth;
+    debug_decl(sudo_auth_approval, SUDOERS_DEBUG_AUTH)
+
+    /* Call approval routines. */
+    for (auth = auth_switch; auth->name; auth++) {
+	if (auth->approval && !IS_DISABLED(auth)) {
+	    int status = (auth->approval)(pw, auth, exempt);
+	    if (status != AUTH_SUCCESS) {
+		/* Assume error msg already printed. */
+		log_auth_failure(validated, 0);
+		debug_return_int(status == AUTH_FAILURE ? false : -1);
+	    }
+	}
+    }
+    debug_return_int(true);
+}
+
+/*
+ * Cleanup all authentication methods.
+ * Returns 0 on success and -1 on error.
+ */
+int
+sudo_auth_cleanup(struct passwd *pw)
+{
+    sudo_auth *auth;
+    debug_decl(sudo_auth_cleanup, SUDOERS_DEBUG_AUTH)
+
+    /* Call cleanup routines. */
+    for (auth = auth_switch; auth->name; auth++) {
+	if (auth->cleanup && !IS_DISABLED(auth)) {
+	    int status = (auth->cleanup)(pw, auth);
+	    if (status == AUTH_FATAL) {
+		/* Assume error msg already printed. */
+		debug_return_int(-1);
+	    }
+	}
+    }
+    debug_return_int(0);
+}
+
+static void
+pass_warn(void)
+{
+    const char *warning = def_badpass_message;
+    debug_decl(pass_warn, SUDOERS_DEBUG_AUTH)
+
+#ifdef INSULT
+    if (def_insults)
+	warning = INSULT;
+#endif
+    sudo_printf(SUDO_CONV_ERROR_MSG, "%s\n", warning);
+
+    debug_return;
+}
+
+static bool
+user_interrupted(void)
+{
+    sigset_t mask;
+
+    return (sigpending(&mask) == 0 &&
+	(sigismember(&mask, SIGINT) || sigismember(&mask, SIGQUIT)));
+}
+
+/*
+ * Verify the specified user.
+ * Returns true if verified, false if not or -1 on error.
+ */
+int
+verify_user(struct passwd *pw, char *prompt, int validated,
+    struct sudo_conv_callback *callback)
+{
+    unsigned int ntries;
+    int ret, status, success = AUTH_FAILURE;
+    sudo_auth *auth;
+    sigset_t mask, omask;
+    struct sigaction sa, saved_sigtstp;
+    debug_decl(verify_user, SUDOERS_DEBUG_AUTH)
+
+    /* Make sure we have at least one auth method. */
+    if (auth_switch[0].name == NULL) {
+	audit_failure(NewArgc, NewArgv, N_("no authentication methods"));
+    	log_warningx(SLOG_SEND_MAIL,
+	    N_("There are no authentication methods compiled into sudo!  "
+	    "If you want to turn off authentication, use the "
+	    "--disable-authentication configure option."));
+	debug_return_int(-1);
+    }
+
+    /* Enable suspend during password entry. */
+    sigemptyset(&sa.sa_mask);
+    sa.sa_flags = SA_RESTART;
+    sa.sa_handler = SIG_DFL;
+    (void) sigaction(SIGTSTP, &sa, &saved_sigtstp);
+
+    /*
+     * We treat authentication as a critical section and block
+     * keyboard-generated signals such as SIGINT and SIGQUIT
+     * which might otherwise interrupt a sleep(3).
+     * They are temporarily unblocked by auth_getpass().
+     */
+    sigemptyset(&mask);
+    sigaddset(&mask, SIGINT);
+    sigaddset(&mask, SIGQUIT);
+    (void) sigprocmask(SIG_BLOCK, &mask, &omask);
+
+    for (ntries = 0; ntries < def_passwd_tries; ntries++) {
+	int num_methods = 0;
+	char *pass = NULL;
+
+	/* If user attempted to interrupt password verify, quit now. */
+	if (user_interrupted())
+	    goto done;
+
+	if (ntries != 0)
+	    pass_warn();
+
+	/* Do any per-method setup and unconfigure the method if needed */
+	for (auth = auth_switch; auth->name; auth++) {
+	    if (IS_DISABLED(auth))
+		continue;
+	    num_methods++;
+	    if (auth->setup != NULL) {
+		status = (auth->setup)(pw, &prompt, auth);
+		if (status == AUTH_FAILURE)
+		    SET(auth->flags, FLAG_DISABLED);
+		else if (status == AUTH_FATAL || user_interrupted())
+		    goto done;		/* assume error msg already printed */
+	    }
+	}
+	if (num_methods == 0) {
+	    audit_failure(NewArgc, NewArgv, N_("no authentication methods"));
+	    log_warningx(SLOG_SEND_MAIL,
+		N_("Unable to initialize authentication methods."));
+	    debug_return_int(-1);
+	}
+
+	/* Get the password unless the auth function will do it for us */
+	if (!standalone) {
+	    pass = auth_getpass(prompt, SUDO_CONV_PROMPT_ECHO_OFF, callback);
+	    if (pass == NULL)
+		break;
+	}
+
+	/* Call authentication functions. */
+	for (auth = auth_switch; auth->name; auth++) {
+	    if (IS_DISABLED(auth))
+		continue;
+
+	    success = auth->status =
+		(auth->verify)(pw, standalone ? prompt : pass, auth, callback);
+	    if (success != AUTH_FAILURE)
+		break;
+	}
+	if (pass != NULL) {
+	    memset_s(pass, SUDO_CONV_REPL_MAX, 0, strlen(pass));
+	    free(pass);
+	}
+
+	if (success != AUTH_FAILURE)
+	    goto done;
+    }
+
+done:
+    /* Restore signal handlers and signal mask. */
+    (void) sigaction(SIGTSTP, &saved_sigtstp, NULL);
+    (void) sigprocmask(SIG_SETMASK, &omask, NULL);
+
+    switch (success) {
+	case AUTH_SUCCESS:
+	    ret = true;
+	    break;
+	case AUTH_INTR:
+	case AUTH_FAILURE:
+	    if (ntries != 0)
+		validated |= FLAG_BAD_PASSWORD;
+	    log_auth_failure(validated, ntries);
+	    ret = false;
+	    break;
+	case AUTH_FATAL:
+	default:
+	    log_auth_failure(validated, 0);
+	    ret = -1;
+	    break;
+    }
+
+    debug_return_int(ret);
+}
+
+/*
+ * Call authentication method begin session hooks.
+ * Returns 1 on success and -1 on error.
+ */
+int
+sudo_auth_begin_session(struct passwd *pw, char **user_env[])
+{
+    sudo_auth *auth;
+    debug_decl(sudo_auth_begin_session, SUDOERS_DEBUG_AUTH)
+
+    for (auth = auth_switch; auth->name; auth++) {
+	if (auth->begin_session && !IS_DISABLED(auth)) {
+	    int status = (auth->begin_session)(pw, user_env, auth);
+	    if (status != AUTH_SUCCESS) {
+		/* Assume error msg already printed. */
+		debug_return_int(-1);
+	    }
+	}
+    }
+    debug_return_int(1);
+}
+
+bool
+sudo_auth_needs_end_session(void)
+{
+    sudo_auth *auth;
+    bool needed = false;
+    debug_decl(sudo_auth_needs_end_session, SUDOERS_DEBUG_AUTH)
+
+    for (auth = auth_switch; auth->name; auth++) {
+	if (auth->end_session && !IS_DISABLED(auth)) {
+	    needed = true;
+	    break;
+	}
+    }
+    debug_return_bool(needed);
+}
+
+/*
+ * Call authentication method end session hooks.
+ * Returns 1 on success and -1 on error.
+ */
+int
+sudo_auth_end_session(struct passwd *pw)
+{
+    sudo_auth *auth;
+    int status;
+    debug_decl(sudo_auth_end_session, SUDOERS_DEBUG_AUTH)
+
+    for (auth = auth_switch; auth->name; auth++) {
+	if (auth->end_session && !IS_DISABLED(auth)) {
+	    status = (auth->end_session)(pw, auth);
+	    if (status == AUTH_FATAL) {
+		/* Assume error msg already printed. */
+		debug_return_int(-1);
+	    }
+	}
+    }
+    debug_return_int(1);
+}
+
+/*
+ * Prompts the user for a password using the conversation function.
+ * Returns the plaintext password or NULL.
+ * The user is responsible for freeing the returned value.
+ */
+char *
+auth_getpass(const char *prompt, int type, struct sudo_conv_callback *callback)
+{
+    struct sudo_conv_message msg;
+    struct sudo_conv_reply repl;
+    sigset_t mask, omask;
+    debug_decl(auth_getpass, SUDOERS_DEBUG_AUTH)
+
+    /* Mask user input if pwfeedback set and echo is off. */
+    if (type == SUDO_CONV_PROMPT_ECHO_OFF && def_pwfeedback)
+	type = SUDO_CONV_PROMPT_MASK;
+
+    /* If visiblepw set, do not error out if there is no tty. */
+    if (def_visiblepw)
+	type |= SUDO_CONV_PROMPT_ECHO_OK;
+
+    /* Unblock SIGINT and SIGQUIT during password entry. */
+    /* XXX - do in tgetpass() itself instead? */
+    sigemptyset(&mask);
+    sigaddset(&mask, SIGINT);
+    sigaddset(&mask, SIGQUIT);
+    (void) sigprocmask(SIG_UNBLOCK, &mask, &omask);
+
+    /* Call conversation function. */
+    memset(&msg, 0, sizeof(msg));
+    msg.msg_type = type;
+    msg.timeout = def_passwd_timeout.tv_sec;
+    msg.msg = prompt;
+    memset(&repl, 0, sizeof(repl));
+    sudo_conv(1, &msg, &repl, callback);
+    /* XXX - check for ENOTTY? */
+
+    /* Restore previous signal mask. */
+    (void) sigprocmask(SIG_SETMASK, &omask, NULL);
+
+    debug_return_str_masked(repl.reply);
+}
+
+void
+dump_auth_methods(void)
+{
+    sudo_auth *auth;
+    debug_decl(dump_auth_methods, SUDOERS_DEBUG_AUTH)
+
+    sudo_printf(SUDO_CONV_INFO_MSG, _("Authentication methods:"));
+    for (auth = auth_switch; auth->name; auth++)
+	sudo_printf(SUDO_CONV_INFO_MSG, " '%s'", auth->name);
+    sudo_printf(SUDO_CONV_INFO_MSG, "\n");
+
+    debug_return;
+}
diff --git a/plugins/sudoers/auth/sudo_auth.h b/plugins/sudoers/auth/sudo_auth.h
new file mode 100644
index 0000000..9ae69cd
--- /dev/null
+++ b/plugins/sudoers/auth/sudo_auth.h
@@ -0,0 +1,102 @@
+/*
+ * Copyright (c) 1999-2005, 2007-2016, 2018 Todd C. Miller <Todd.Miller@sudo.ws>
+ *
+ * Permission to use, copy, modify, and distribute this software for any
+ * purpose with or without fee is hereby granted, provided that the above
+ * copyright notice and this permission notice appear in all copies.
+ *
+ * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
+ * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
+ * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
+ * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
+ * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
+ * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
+ * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
+ */
+
+#ifndef SUDO_AUTH_H
+#define SUDO_AUTH_H
+
+/* Auth function return values.  */
+#define AUTH_SUCCESS	0
+#define AUTH_FAILURE	1
+#define AUTH_INTR	2
+#define AUTH_FATAL	3
+
+typedef struct sudo_auth {
+    int flags;			/* various flags, see below */
+    int status;			/* status from verify routine */
+    char *name;			/* name of the method as a string */
+    void *data;			/* method-specific data pointer */
+    int (*init)(struct passwd *pw, struct sudo_auth *auth);
+    int (*setup)(struct passwd *pw, char **prompt, struct sudo_auth *auth);
+    int (*verify)(struct passwd *pw, char *p, struct sudo_auth *auth, struct sudo_conv_callback *callback);
+    int (*approval)(struct passwd *pw, struct sudo_auth *auth, bool exempt);
+    int (*cleanup)(struct passwd *pw, struct sudo_auth *auth);
+    int (*begin_session)(struct passwd *pw, char **user_env[], struct sudo_auth *auth);
+    int (*end_session)(struct passwd *pw, struct sudo_auth *auth);
+} sudo_auth;
+
+/* Values for sudo_auth.flags.  */
+#define FLAG_DISABLED	0x02	/* method disabled */
+#define FLAG_STANDALONE	0x04	/* standalone auth method */
+#define FLAG_ONEANDONLY	0x08	/* one and only auth method */
+
+/* Shortcuts for using the flags above. */
+#define IS_DISABLED(x)		((x)->flags & FLAG_DISABLED)
+#define IS_STANDALONE(x)	((x)->flags & FLAG_STANDALONE)
+#define IS_ONEANDONLY(x)	((x)->flags & FLAG_ONEANDONLY)
+
+/* Like tgetpass() but uses conversation function */
+char *auth_getpass(const char *prompt, int type, struct sudo_conv_callback *callback);
+
+/* Pointer to conversation function to use with auth_getpass(). */
+extern sudo_conv_t sudo_conv;
+
+/* Prototypes for standalone methods */
+int bsdauth_init(struct passwd *pw, sudo_auth *auth);
+int bsdauth_verify(struct passwd *pw, char *prompt, sudo_auth *auth, struct sudo_conv_callback *callback);
+int bsdauth_approval(struct passwd *pw, sudo_auth *auth, bool exempt);
+int bsdauth_cleanup(struct passwd *pw, sudo_auth *auth);
+int sudo_aix_init(struct passwd *pw, sudo_auth *auth);
+int sudo_aix_verify(struct passwd *pw, char *pass, sudo_auth *auth, struct sudo_conv_callback *callback);
+int sudo_aix_cleanup(struct passwd *pw, sudo_auth *auth);
+int sudo_fwtk_init(struct passwd *pw, sudo_auth *auth);
+int sudo_fwtk_verify(struct passwd *pw, char *prompt, sudo_auth *auth, struct sudo_conv_callback *callback);
+int sudo_fwtk_cleanup(struct passwd *pw, sudo_auth *auth);
+int sudo_pam_init(struct passwd *pw, sudo_auth *auth);
+int sudo_pam_init_quiet(struct passwd *pw, sudo_auth *auth);
+int sudo_pam_verify(struct passwd *pw, char *prompt, sudo_auth *auth, struct sudo_conv_callback *callback);
+int sudo_pam_approval(struct passwd *pw, sudo_auth *auth, bool exempt);
+int sudo_pam_cleanup(struct passwd *pw, sudo_auth *auth);
+int sudo_pam_begin_session(struct passwd *pw, char **user_env[], sudo_auth *auth);
+int sudo_pam_end_session(struct passwd *pw, sudo_auth *auth);
+int sudo_securid_init(struct passwd *pw, sudo_auth *auth);
+int sudo_securid_setup(struct passwd *pw, char **prompt, sudo_auth *auth);
+int sudo_securid_verify(struct passwd *pw, char *pass, sudo_auth *auth, struct sudo_conv_callback *callback);
+int sudo_sia_setup(struct passwd *pw, char **prompt, sudo_auth *auth);
+int sudo_sia_verify(struct passwd *pw, char *prompt, sudo_auth *auth, struct sudo_conv_callback *callback);
+int sudo_sia_cleanup(struct passwd *pw, sudo_auth *auth);
+int sudo_sia_begin_session(struct passwd *pw, char **user_env[], sudo_auth *auth);
+
+/* Prototypes for normal methods */
+int sudo_afs_verify(struct passwd *pw, char *pass, sudo_auth *auth, struct sudo_conv_callback *callback);
+int sudo_dce_verify(struct passwd *pw, char *pass, sudo_auth *auth, struct sudo_conv_callback *callback);
+int sudo_krb5_init(struct passwd *pw, sudo_auth *auth);
+int sudo_krb5_setup(struct passwd *pw, char **prompt, sudo_auth *auth);
+int sudo_krb5_verify(struct passwd *pw, char *pass, sudo_auth *auth, struct sudo_conv_callback *callback);
+int sudo_krb5_cleanup(struct passwd *pw, sudo_auth *auth);
+int sudo_passwd_init(struct passwd *pw, sudo_auth *auth);
+int sudo_passwd_verify(struct passwd *pw, char *pass, sudo_auth *auth, struct sudo_conv_callback *callback);
+int sudo_passwd_cleanup(struct passwd *pw, sudo_auth *auth);
+int sudo_rfc1938_setup(struct passwd *pw, char **prompt, sudo_auth *auth);
+int sudo_rfc1938_verify(struct passwd *pw, char *pass, sudo_auth *auth, struct sudo_conv_callback *callback);
+int sudo_secureware_init(struct passwd *pw, sudo_auth *auth);
+int sudo_secureware_verify(struct passwd *pw, char *pass, sudo_auth *auth, struct sudo_conv_callback *callback);
+int sudo_secureware_cleanup(struct passwd *pw, sudo_auth *auth);
+
+/* Fields: name, flags, init, setup, verify, approval, cleanup, begin_sess, end_sess */
+#define AUTH_ENTRY(n, f, i, s, v, a, c, b, e) \
+	{ (f), AUTH_FAILURE, (n), NULL, (i), (s), (v), (a), (c) , (b), (e) },
+
+#endif /* SUDO_AUTH_H */
diff --git a/plugins/sudoers/base64.c b/plugins/sudoers/base64.c
new file mode 100644
index 0000000..af170e3
--- /dev/null
+++ b/plugins/sudoers/base64.c
@@ -0,0 +1,129 @@
+/*
+ * Copyright (c) 2013-2018 Todd C. Miller <Todd.Miller@sudo.ws>
+ *
+ * Permission to use, copy, modify, and distribute this software for any
+ * purpose with or without fee is hereby granted, provided that the above
+ * copyright notice and this permission notice appear in all copies.
+ *
+ * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
+ * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
+ * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
+ * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
+ * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
+ * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
+ * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
+ */
+
+/*
+ * This is an open source non-commercial project. Dear PVS-Studio, please check it.
+ * PVS-Studio Static Code Analyzer for C, C++ and C#: http://www.viva64.com
+ */
+
+#include <config.h>
+
+#include <sys/types.h>
+#include <stdio.h>
+#include <stdlib.h>
+#ifdef HAVE_STRING_H
+# include <string.h>
+#endif /* HAVE_STRING_H */
+#ifdef HAVE_STRINGS_H
+# include <strings.h>
+#endif /* HAVE_STRINGS_H */
+
+#include "sudoers.h"
+
+/*
+ * Derived from code with the following declaration:
+ *	PUBLIC DOMAIN - Jon Mayo - November 13, 2003 
+ */
+
+static const unsigned char base64dec_tab[256]= {
+    255,255,255,255,255,255,255,255,255,255,255,255,255,255,255,255,
+    255,255,255,255,255,255,255,255,255,255,255,255,255,255,255,255,
+    255,255,255,255,255,255,255,255,255,255,255, 62,255,255,255, 63,
+     52, 53, 54, 55, 56, 57, 58, 59, 60, 61,255,255,255,  0,255,255,
+    255,  0,  1,  2,  3,  4,  5,  6,  7,  8,  9, 10, 11, 12, 13, 14,
+     15, 16, 17, 18, 19, 20, 21, 22, 23, 24, 25,255,255,255,255,255,
+    255, 26, 27, 28, 29, 30, 31, 32, 33, 34, 35, 36, 37, 38, 39, 40,
+     41, 42, 43, 44, 45, 46, 47, 48, 49, 50, 51,255,255,255,255,255,
+    255,255,255,255,255,255,255,255,255,255,255,255,255,255,255,255,
+    255,255,255,255,255,255,255,255,255,255,255,255,255,255,255,255,
+    255,255,255,255,255,255,255,255,255,255,255,255,255,255,255,255,
+    255,255,255,255,255,255,255,255,255,255,255,255,255,255,255,255,
+    255,255,255,255,255,255,255,255,255,255,255,255,255,255,255,255,
+    255,255,255,255,255,255,255,255,255,255,255,255,255,255,255,255,
+    255,255,255,255,255,255,255,255,255,255,255,255,255,255,255,255,
+    255,255,255,255,255,255,255,255,255,255,255,255,255,255,255,255,
+};
+
+/*
+ * Decode a NUL-terminated string in base64 format and store the
+ * result in dst.
+ */
+size_t
+base64_decode(const char *in, unsigned char *out, size_t out_size)
+{
+    unsigned char *out_end = out + out_size;
+    const unsigned char *out0 = out;
+    unsigned int rem, v;
+    debug_decl(base64_decode, SUDOERS_DEBUG_MATCH)
+
+    for (v = 0, rem = 0; *in != '\0' && *in != '='; in++) {
+	unsigned char ch = base64dec_tab[(unsigned char)*in];
+	if (ch == 255)
+	    debug_return_size_t((size_t)-1);
+	v = (v << 6) | ch;
+	rem += 6;
+	if (rem >= 8) {
+	    rem -= 8;
+	    if (out >= out_end)
+		debug_return_size_t((size_t)-1);
+	    *out++ = (v >> rem) & 0xff;
+	}
+    }
+    if (rem >= 8) {
+	    if (out >= out_end)
+		debug_return_size_t((size_t)-1);
+	    *out++ = (v >> rem) & 0xff;
+    }
+    debug_return_size_t((size_t)(out - out0));
+}
+
+static const unsigned char base64enc_tab[64] =
+    "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/";
+
+size_t
+base64_encode(const unsigned char *in, size_t in_len, char *out, size_t out_len)
+{
+    size_t ii, io;
+    unsigned int rem, v;
+    debug_decl(base64_encode, SUDOERS_DEBUG_MATCH)
+
+    for (io = 0, ii = 0, v = 0, rem = 0; ii < in_len; ii++) {
+	unsigned char ch = in[ii];
+	v = (v << 8) | ch;
+	rem += 8;
+	while (rem >= 6) {
+	    rem -= 6;
+	    if (io >= out_len)
+		debug_return_size_t((size_t)-1); /* truncation is failure */
+	    out[io++] = base64enc_tab[(v >> rem) & 63];
+	}
+    }
+    if (rem != 0) {
+	v <<= (6 - rem);
+	if (io >= out_len)
+	    debug_return_size_t((size_t)-1); /* truncation is failure */
+	out[io++] = base64enc_tab[v&63];
+    }
+    while (io & 3) {
+	if (io >= out_len)
+	    debug_return_size_t((size_t)-1); /* truncation is failure */
+	out[io++] = '=';
+    }
+    if (io >= out_len)
+	debug_return_size_t((size_t)-1); /* no room for NUL terminator */
+    out[io] = '\0';
+    debug_return_size_t(io);
+}
diff --git a/plugins/sudoers/boottime.c b/plugins/sudoers/boottime.c
new file mode 100644
index 0000000..ff409ae
--- /dev/null
+++ b/plugins/sudoers/boottime.c
@@ -0,0 +1,175 @@
+/*
+ * Copyright (c) 2009-2015, 2018 Todd C. Miller <Todd.Miller@sudo.ws>
+ *
+ * Permission to use, copy, modify, and distribute this software for any
+ * purpose with or without fee is hereby granted, provided that the above
+ * copyright notice and this permission notice appear in all copies.
+ *
+ * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
+ * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
+ * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
+ * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
+ * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
+ * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
+ * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
+ */
+
+/*
+ * This is an open source non-commercial project. Dear PVS-Studio, please check it.
+ * PVS-Studio Static Code Analyzer for C, C++ and C#: http://www.viva64.com
+ */
+
+#include <config.h>
+
+#include <sys/types.h>
+#include <sys/time.h>
+
+#include <stdio.h>
+#include <stdlib.h>
+#ifdef HAVE_STDBOOL_H
+# include <stdbool.h>
+#else
+# include "compat/stdbool.h"
+#endif /* HAVE_STDBOOL_H */
+#ifdef HAVE_STRING_H
+# include <string.h>
+#endif /* HAVE_STRING_H */
+#ifdef HAVE_STRINGS_H
+# include <strings.h>
+#endif /* HAVE_STRINGS_H */
+#include <errno.h>
+#include <limits.h>
+#include <time.h>
+#ifndef __linux__
+# if defined(HAVE_SYSCTL) && defined(KERN_BOOTTIME)
+#  include <sys/sysctl.h>
+# elif defined(HAVE_GETUTXID)
+#  include <utmpx.h>
+# elif defined(HAVE_GETUTID)
+#  include <utmp.h>
+# endif
+#endif /* !__linux__ */
+
+#include "sudoers.h"
+
+/*
+ * Fill in a struct timespec with the time the system booted.
+ * Returns 1 on success and 0 on failure.
+ */
+
+#if defined(__linux__)
+bool
+get_boottime(struct timespec *ts)
+{
+    char *line = NULL;
+    size_t linesize = 0;
+    bool found = false;
+    long long llval;
+    ssize_t len;
+    FILE *fp;
+    debug_decl(get_boottime, SUDOERS_DEBUG_UTIL)
+
+    /* read btime from /proc/stat */
+    fp = fopen("/proc/stat", "r");
+    if (fp != NULL) {
+	while ((len = getline(&line, &linesize, fp)) != -1) {
+	    if (strncmp(line, "btime ", 6) == 0) {
+		if (line[len - 1] == '\n')
+		    line[len - 1] = '\0';
+		llval = strtonum(line + 6, 1, LLONG_MAX, NULL);
+		if (llval > 0) {
+		    ts->tv_sec = (time_t)llval;
+		    ts->tv_nsec = 0;
+		    found = true;
+		    sudo_debug_printf(SUDO_DEBUG_DEBUG|SUDO_DEBUG_LINENO,
+			"found btime in /proc/stat: %lld", llval);
+		    break;
+		} else {
+		    sudo_debug_printf(SUDO_DEBUG_ERROR|SUDO_DEBUG_LINENO,
+			"invalid btime in /proc/stat: %s", line);
+		}
+	    }
+	}
+	fclose(fp);
+	free(line);
+    }
+
+    debug_return_bool(found);
+}
+
+#elif defined(HAVE_SYSCTL) && defined(KERN_BOOTTIME)
+
+bool
+get_boottime(struct timespec *ts)
+{
+    size_t size;
+    int mib[2];
+    struct timeval tv;
+    debug_decl(get_boottime, SUDOERS_DEBUG_UTIL)
+
+    mib[0] = CTL_KERN;
+    mib[1] = KERN_BOOTTIME;
+    size = sizeof(tv);
+    if (sysctl(mib, 2, &tv, &size, NULL, 0) != -1) {
+	sudo_debug_printf(SUDO_DEBUG_DEBUG|SUDO_DEBUG_LINENO,
+	    "KERN_BOOTTIME: %lld, %ld", (long long)tv.tv_sec, (long)tv.tv_usec);
+	TIMEVAL_TO_TIMESPEC(&tv, ts);
+	debug_return_bool(true);
+    }
+
+    sudo_debug_printf(SUDO_DEBUG_DEBUG|SUDO_DEBUG_LINENO,
+	"KERN_BOOTTIME: %s", strerror(errno));
+    debug_return_bool(false);
+}
+
+#elif defined(HAVE_GETUTXID)
+
+bool
+get_boottime(struct timespec *ts)
+{
+    struct utmpx *ut, key;
+    debug_decl(get_boottime, SUDOERS_DEBUG_UTIL)
+
+    memset(&key, 0, sizeof(key));
+    key.ut_type = BOOT_TIME;
+    setutxent();
+    if ((ut = getutxid(&key)) != NULL) {
+	sudo_debug_printf(SUDO_DEBUG_DEBUG|SUDO_DEBUG_LINENO,
+	    "BOOT_TIME: %lld, %ld", (long long)ut->ut_tv.tv_sec,
+	    (long)ut->ut_tv.tv_usec);
+	TIMEVAL_TO_TIMESPEC(&ut->ut_tv, ts);
+    }
+    endutxent();
+    debug_return_bool(ut != NULL);
+}
+
+#elif defined(HAVE_GETUTID)
+
+bool
+get_boottime(struct timespec *ts)
+{
+    struct utmp *ut, key;
+    debug_decl(get_boottime, SUDOERS_DEBUG_UTIL)
+
+    memset(&key, 0, sizeof(key));
+    key.ut_type = BOOT_TIME;
+    setutent();
+    if ((ut = getutid(&key)) != NULL) {
+	sudo_debug_printf(SUDO_DEBUG_DEBUG|SUDO_DEBUG_LINENO,
+	    "BOOT_TIME: %lld", (long long)ut->ut_time);
+	ts->tv_sec = ut->ut_time;
+	ts->tv_nsec = 0;
+    }
+    endutent();
+    debug_return_bool(ut != NULL);
+}
+
+#else
+
+bool
+get_boottime(struct timespec *ts)
+{
+    debug_decl(get_boottime, SUDOERS_DEBUG_UTIL)
+    debug_return_bool(false);
+}
+#endif
diff --git a/plugins/sudoers/bsm_audit.c b/plugins/sudoers/bsm_audit.c
new file mode 100644
index 0000000..c0a8de4
--- /dev/null
+++ b/plugins/sudoers/bsm_audit.c
@@ -0,0 +1,285 @@
+/*
+ * Copyright (c) 2009-2015 Todd C. Miller <Todd.Miller@sudo.ws>
+ * Copyright (c) 2009 Christian S.J. Peron
+ *
+ * Permission to use, copy, modify, and distribute this software for any
+ * purpose with or without fee is hereby granted, provided that the above
+ * copyright notice and this permission notice appear in all copies.
+ *
+ * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
+ * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
+ * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
+ * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
+ * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
+ * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
+ * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
+ */
+
+/*
+ * This is an open source non-commercial project. Dear PVS-Studio, please check it.
+ * PVS-Studio Static Code Analyzer for C, C++ and C#: http://www.viva64.com
+ */
+
+#include <config.h>
+
+#ifdef HAVE_BSM_AUDIT
+
+#include <sys/types.h>
+
+#include <bsm/audit.h>
+#include <bsm/libbsm.h>
+#include <bsm/audit_uevents.h>
+
+#include <stdio.h>
+#include <string.h>
+#include <stdarg.h>
+#include <pwd.h>
+#include <errno.h>
+#include <unistd.h>
+
+#include "sudoers.h"
+#include "bsm_audit.h"
+
+/*
+ * Solaris auditon() returns EINVAL if BSM audit not configured.
+ * OpenBSM returns ENOSYS for unimplemented options.
+ */
+#ifdef __sun
+# define AUDIT_NOT_CONFIGURED	EINVAL
+#else
+# define AUDIT_NOT_CONFIGURED	ENOSYS
+#endif
+
+#ifdef __FreeBSD__
+# define BSM_AUDIT_COMPAT
+#endif
+
+static au_event_t sudo_audit_event = AUE_sudo;
+
+static int
+audit_sudo_selected(int sorf)
+{
+	auditinfo_addr_t ainfo_addr;
+	struct au_mask *mask;
+	int rc;
+	debug_decl(audit_sudo_selected, SUDOERS_DEBUG_AUDIT)
+
+	if (getaudit_addr(&ainfo_addr, sizeof(ainfo_addr)) < 0) {
+#ifdef BSM_AUDIT_COMPAT
+		if (errno == ENOSYS) {
+			auditinfo_t ainfo;
+
+			/* Fall back to older BSM API. */
+			if (getaudit(&ainfo) < 0) {
+				sudo_warn("getaudit");
+				debug_return_int(-1);
+			}
+			mask = &ainfo.ai_mask;
+		} else
+#endif /* BSM_AUDIT_COMPAT */
+		{
+			sudo_warn("getaudit_addr");
+			debug_return_int(-1);
+		}
+        } else {
+		mask = &ainfo_addr.ai_mask;
+	}
+	rc = au_preselect(sudo_audit_event, mask, sorf, AU_PRS_REREAD);
+	if (rc == -1) {
+#if defined(__APPLE__) && defined(AUE_DARWIN_sudo)
+	    /*
+	     * Mac OS X 10.10 au_preselect() only accepts AUE_DARWIN_sudo.
+	     */
+	    sudo_audit_event = AUE_DARWIN_sudo;
+	    rc = au_preselect(sudo_audit_event, mask, sorf, AU_PRS_REREAD);
+	    if (rc == -1)
+#endif
+
+		sudo_warn("au_preselect");
+	}
+        debug_return_int(rc);
+}
+
+/*
+ * Returns 0 on success or -1 on error.
+ */
+int
+bsm_audit_success(char *exec_args[])
+{
+	auditinfo_addr_t ainfo_addr;
+	token_t *tok;
+	au_id_t auid;
+	long au_cond;
+	int aufd, selected;
+	pid_t pid;
+	debug_decl(bsm_audit_success, SUDOERS_DEBUG_AUDIT)
+
+	/*
+	 * If we are not auditing, don't cut an audit record; just return.
+	 */
+	if (auditon(A_GETCOND, (caddr_t)&au_cond, sizeof(long)) < 0) {
+		if (errno == AUDIT_NOT_CONFIGURED)
+			debug_return_int(0);
+		sudo_warn(U_("Could not determine audit condition"));
+		debug_return_int(-1);
+	}
+	if (au_cond == AUC_NOAUDIT)
+		debug_return_int(0);
+	/*
+	 * Check to see if the preselection masks are interested in seeing
+	 * this event.
+	 */
+	selected = audit_sudo_selected(AU_PRS_SUCCESS);
+	if (selected != 1)
+		debug_return_int(!selected ? 0 : -1);
+	if (getauid(&auid) < 0) {
+		sudo_warn("getauid");
+		debug_return_int(-1);
+	}
+	if ((aufd = au_open()) == -1) {
+		sudo_warn("au_open");
+		debug_return_int(-1);
+	}
+	pid = getpid();
+	if (getaudit_addr(&ainfo_addr, sizeof(ainfo_addr)) == 0) {
+		tok = au_to_subject_ex(auid, geteuid(), getegid(), getuid(),
+		    getuid(), pid, pid, &ainfo_addr.ai_termid);
+#ifdef BSM_AUDIT_COMPAT
+	} else if (errno == ENOSYS) {
+		auditinfo_t ainfo;
+
+		/*
+		 * NB: We should probably watch out for ERANGE here.
+		 */
+		if (getaudit(&ainfo) < 0) {
+			sudo_warn("getaudit");
+			debug_return_int(-1);
+		}
+		tok = au_to_subject(auid, geteuid(), getegid(), getuid(),
+		    getuid(), pid, pid, &ainfo.ai_termid);
+#endif /* BSM_AUDIT_COMPAT */
+	} else {
+		sudo_warn("getaudit_addr");
+		debug_return_int(-1);
+	}
+	if (tok == NULL) {
+		sudo_warn("au_to_subject");
+		debug_return_int(-1);
+	}
+	au_write(aufd, tok);
+	tok = au_to_exec_args(exec_args);
+	if (tok == NULL) {
+		sudo_warn("au_to_exec_args");
+		debug_return_int(-1);
+	}
+	au_write(aufd, tok);
+	tok = au_to_return32(0, 0);
+	if (tok == NULL) {
+		sudo_warn("au_to_return32");
+		debug_return_int(-1);
+	}
+	au_write(aufd, tok);
+#ifdef HAVE_AU_CLOSE_SOLARIS11
+	if (au_close(aufd, 1, sudo_audit_event, 0) == -1)
+#else
+	if (au_close(aufd, 1, sudo_audit_event) == -1)
+#endif
+	{
+		sudo_warn(U_("unable to commit audit record"));
+		debug_return_int(-1);
+	}
+	debug_return_int(0);
+}
+
+/*
+ * Returns 0 on success or -1 on error.
+ */
+int
+bsm_audit_failure(char *exec_args[], char const *const fmt, va_list ap)
+{
+	auditinfo_addr_t ainfo_addr;
+	char text[256];
+	token_t *tok;
+	long au_cond;
+	au_id_t auid;
+	pid_t pid;
+	int aufd;
+	debug_decl(bsm_audit_success, SUDOERS_DEBUG_AUDIT)
+
+	/*
+	 * If we are not auditing, don't cut an audit record; just return.
+	 */
+	if (auditon(A_GETCOND, (caddr_t)&au_cond, sizeof(long)) < 0) {
+		if (errno == AUDIT_NOT_CONFIGURED)
+			debug_return_int(0);
+		sudo_warn(U_("Could not determine audit condition"));
+		debug_return_int(-1);
+	}
+	if (au_cond == AUC_NOAUDIT)
+		debug_return_int(0);
+	if (!audit_sudo_selected(AU_PRS_FAILURE))
+		debug_return_int(0);
+	if (getauid(&auid) < 0) {
+		sudo_warn("getauid");
+		debug_return_int(-1);
+	}
+	if ((aufd = au_open()) == -1) {
+		sudo_warn("au_open");
+		debug_return_int(-1);
+	}
+	pid = getpid();
+	if (getaudit_addr(&ainfo_addr, sizeof(ainfo_addr)) == 0) { 
+		tok = au_to_subject_ex(auid, geteuid(), getegid(), getuid(),
+		    getuid(), pid, pid, &ainfo_addr.ai_termid);
+#ifdef BSM_AUDIT_COMPAT
+	} else if (errno == ENOSYS) {
+		auditinfo_t ainfo;
+
+		if (getaudit(&ainfo) < 0) {
+			sudo_warn("getaudit");
+			debug_return_int(-1);
+		}
+		tok = au_to_subject(auid, geteuid(), getegid(), getuid(),
+		    getuid(), pid, pid, &ainfo.ai_termid);
+#endif /* BSM_AUDIT_COMPAT */
+	} else {
+		sudo_warn("getaudit_addr");
+		debug_return_int(-1);
+	}
+	if (tok == NULL) {
+		sudo_warn("au_to_subject");
+		debug_return_int(-1);
+	}
+	au_write(aufd, tok);
+	tok = au_to_exec_args(exec_args);
+	if (tok == NULL) {
+		sudo_warn("au_to_exec_args");
+		debug_return_int(-1);
+	}
+	au_write(aufd, tok);
+	(void) vsnprintf(text, sizeof(text), fmt, ap);
+	tok = au_to_text(text);
+	if (tok == NULL) {
+		sudo_warn("au_to_text");
+		debug_return_int(-1);
+	}
+	au_write(aufd, tok);
+	tok = au_to_return32(EPERM, 1);
+	if (tok == NULL) {
+		sudo_warn("au_to_return32");
+		debug_return_int(-1);
+	}
+	au_write(aufd, tok);
+#ifdef HAVE_AU_CLOSE_SOLARIS11
+	if (au_close(aufd, 1, sudo_audit_event, PAD_FAILURE) == -1)
+#else
+	if (au_close(aufd, 1, sudo_audit_event) == -1)
+#endif
+	{
+		sudo_warn(U_("unable to commit audit record"));
+		debug_return_int(-1);
+	}
+	debug_return_int(0);
+}
+
+#endif /* HAVE_BSM_AUDIT */
diff --git a/plugins/sudoers/bsm_audit.h b/plugins/sudoers/bsm_audit.h
new file mode 100644
index 0000000..21d6185
--- /dev/null
+++ b/plugins/sudoers/bsm_audit.h
@@ -0,0 +1,24 @@
+/*
+ * Copyright (c) 2009-2010, 2013-2014 Todd C. Miller <Todd.Miller@sudo.ws>
+ * Copyright (c) 2009 Christian S.J. Peron
+ *
+ * Permission to use, copy, modify, and distribute this software for any
+ * purpose with or without fee is hereby granted, provided that the above
+ * copyright notice and this permission notice appear in all copies.
+ *
+ * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
+ * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
+ * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
+ * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
+ * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
+ * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
+ * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
+ */
+
+#ifndef SUDOERS_BSM_AUDIT_H
+#define	SUDOERS_BSM_AUDIT_H
+
+int	bsm_audit_success(char *argv[]);
+int	bsm_audit_failure(char *argv[], char const * const, va_list);
+
+#endif /* SUDOERS_BSM_AUDIT_H */
diff --git a/plugins/sudoers/check.c b/plugins/sudoers/check.c
new file mode 100644
index 0000000..92f859c
--- /dev/null
+++ b/plugins/sudoers/check.c
@@ -0,0 +1,333 @@
+/*
+ * Copyright (c) 1993-1996,1998-2005, 2007-2018
+ *	Todd C. Miller <Todd.Miller@sudo.ws>
+ *
+ * Permission to use, copy, modify, and distribute this software for any
+ * purpose with or without fee is hereby granted, provided that the above
+ * copyright notice and this permission notice appear in all copies.
+ *
+ * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
+ * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
+ * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
+ * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
+ * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
+ * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
+ * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
+ *
+ * Sponsored in part by the Defense Advanced Research Projects
+ * Agency (DARPA) and Air Force Research Laboratory, Air Force
+ * Materiel Command, USAF, under agreement number F39502-99-1-0512.
+ */
+
+/*
+ * This is an open source non-commercial project. Dear PVS-Studio, please check it.
+ * PVS-Studio Static Code Analyzer for C, C++ and C#: http://www.viva64.com
+ */
+
+#include <config.h>
+
+#include <sys/types.h>
+#include <stdio.h>
+#include <stdlib.h>
+#ifdef HAVE_STRING_H
+# include <string.h>
+#endif /* HAVE_STRING_H */
+#ifdef HAVE_STRINGS_H
+# include <strings.h>
+#endif /* HAVE_STRINGS_H */
+#include <unistd.h>
+#include <time.h>
+#include <errno.h>
+#include <fcntl.h>
+#include <pwd.h>
+#include <grp.h>
+
+#include "sudoers.h"
+#include "check.h"
+
+static bool display_lecture(int);
+static struct passwd *get_authpw(int);
+
+struct getpass_closure {
+    void *cookie;
+    struct passwd *auth_pw;
+};
+
+/*
+ * Called when getpass is suspended so we can drop the lock.
+ */
+static int
+getpass_suspend(int signo, void *vclosure)
+{
+    struct getpass_closure *closure = vclosure;
+
+    timestamp_close(closure->cookie);
+    closure->cookie = NULL;
+    return 0;
+}
+
+/*
+ * Called when getpass is resumed so we can reacquire the lock.
+ */
+static int
+getpass_resume(int signo, void *vclosure)
+{
+    struct getpass_closure *closure = vclosure;
+
+    closure->cookie = timestamp_open(user_name, user_sid);
+    if (closure->cookie == NULL)
+	return -1;
+    if (!timestamp_lock(closure->cookie, closure->auth_pw))
+	return -1;
+    return 0;
+}
+
+/*
+ * Returns true if the user successfully authenticates, false if not
+ * or -1 on fatal error.
+ */
+static int
+check_user_interactive(int validated, int mode, struct passwd *auth_pw)
+{
+    struct sudo_conv_callback cb, *callback = NULL;
+    struct getpass_closure closure;
+    int status = TS_ERROR;
+    int ret = -1;
+    char *prompt;
+    bool lectured;
+    debug_decl(check_user_interactive, SUDOERS_DEBUG_AUTH)
+
+    /* Setup closure for getpass_{suspend,resume} */
+    closure.auth_pw = auth_pw;
+    closure.cookie = NULL;
+    sudo_pw_addref(closure.auth_pw);
+
+    /* Open, lock and read time stamp file if we are using it. */
+    if (!ISSET(mode, MODE_IGNORE_TICKET)) {
+	/* Open time stamp file and check its status. */
+	closure.cookie = timestamp_open(user_name, user_sid);
+	if (timestamp_lock(closure.cookie, closure.auth_pw))
+	    status = timestamp_status(closure.cookie, closure.auth_pw);
+
+	/* Construct callback for getpass function. */
+	memset(&cb, 0, sizeof(cb));
+	cb.version = SUDO_CONV_CALLBACK_VERSION;
+	cb.closure = &closure;
+	cb.on_suspend = getpass_suspend;
+	cb.on_resume = getpass_resume;
+	callback = &cb;
+    }
+
+    switch (status) {
+    case TS_FATAL:
+	/* Fatal error (usually setuid failure), unsafe to proceed. */
+	goto done;
+
+    case TS_CURRENT:
+	/* Time stamp file is valid and current. */
+	if (!ISSET(validated, FLAG_CHECK_USER)) {
+	    ret = true;
+	    break;
+	}
+	sudo_debug_printf(SUDO_DEBUG_INFO,
+	    "%s: check user flag overrides time stamp", __func__);
+	/* FALLTHROUGH */
+
+    default:
+	/* Bail out if we are non-interactive and a password is required */
+	if (ISSET(mode, MODE_NONINTERACTIVE)) {
+	    validated |= FLAG_NON_INTERACTIVE;
+	    log_auth_failure(validated, 0);
+	    goto done;
+	}
+
+	/* XXX - should not lecture if askpass helper is being used. */
+	lectured = display_lecture(status);
+
+	/* Expand any escapes in the prompt. */
+	prompt = expand_prompt(user_prompt ? user_prompt : def_passprompt,
+	    closure.auth_pw->pw_name);
+	if (prompt == NULL)
+	    goto done;
+
+	ret = verify_user(closure.auth_pw, prompt, validated, callback);
+	if (ret == true && lectured)
+	    (void)set_lectured();	/* lecture error not fatal */
+	free(prompt);
+	break;
+    }
+
+    /*
+     * Only update time stamp if user was validated.
+     * Failure to update the time stamp is not a fatal error.
+     */
+    if (ret == true && ISSET(validated, VALIDATE_SUCCESS) && status != TS_ERROR)
+	(void)timestamp_update(closure.cookie, closure.auth_pw);
+done:
+    if (closure.cookie != NULL)
+	timestamp_close(closure.cookie);
+    sudo_pw_delref(closure.auth_pw);
+
+    debug_return_int(ret);
+}
+
+/*
+ * Returns true if the user successfully authenticates, false if not
+ * or -1 on error.
+ */
+int
+check_user(int validated, int mode)
+{
+    struct passwd *auth_pw;
+    int ret = -1;
+    bool exempt = false;
+    debug_decl(check_user, SUDOERS_DEBUG_AUTH)
+
+    /*
+     * Init authentication system regardless of whether we need a password.
+     * Required for proper PAM session support.
+     */
+    if ((auth_pw = get_authpw(mode)) == NULL)
+	goto done;
+    if (sudo_auth_init(auth_pw) == -1)
+	goto done;
+
+    /*
+     * Don't prompt for the root passwd or if the user is exempt.
+     * If the user is not changing uid/gid, no need for a password.
+     */
+    if (!def_authenticate || user_is_exempt()) {
+	sudo_debug_printf(SUDO_DEBUG_INFO, "%s: %s", __func__,
+	    !def_authenticate ? "authentication disabled" :
+	    "user exempt from authentication");
+	exempt = true;
+	ret = true;
+	goto done;
+    }
+    if (user_uid == 0 || (user_uid == runas_pw->pw_uid &&
+	(!runas_gr || user_in_group(sudo_user.pw, runas_gr->gr_name)))) {
+#ifdef HAVE_SELINUX
+	if (user_role == NULL && user_type == NULL)
+#endif
+#ifdef HAVE_PRIV_SET
+	if (runas_privs == NULL && runas_limitprivs == NULL)
+#endif
+	{
+	    sudo_debug_printf(SUDO_DEBUG_INFO,
+		"%s: user running command as self", __func__);
+	    ret = true;
+	    goto done;
+	}
+    }
+
+    ret = check_user_interactive(validated, mode, auth_pw);
+
+done:
+    if (ret == true) {
+	/* The approval function may disallow a user post-authentication. */
+	ret = sudo_auth_approval(auth_pw, validated, exempt);
+    }
+    sudo_auth_cleanup(auth_pw);
+    sudo_pw_delref(auth_pw);
+
+    debug_return_int(ret);
+}
+
+/*
+ * Display sudo lecture (standard or custom).
+ * Returns true if the user was lectured, else false.
+ */
+static bool
+display_lecture(int status)
+{
+    FILE *fp;
+    char buf[BUFSIZ];
+    ssize_t nread;
+    struct sudo_conv_message msg;
+    struct sudo_conv_reply repl;
+    debug_decl(lecture, SUDOERS_DEBUG_AUTH)
+
+    if (def_lecture == never ||
+	(def_lecture == once && already_lectured(status)))
+	debug_return_bool(false);
+
+    memset(&msg, 0, sizeof(msg));
+    memset(&repl, 0, sizeof(repl));
+
+    if (def_lecture_file && (fp = fopen(def_lecture_file, "r")) != NULL) {
+	while ((nread = fread(buf, sizeof(char), sizeof(buf) - 1, fp)) != 0) {
+	    buf[nread] = '\0';
+	    msg.msg_type = SUDO_CONV_ERROR_MSG;
+	    msg.msg = buf;
+	    sudo_conv(1, &msg, &repl, NULL);
+	}
+	fclose(fp);
+    } else {
+	msg.msg_type = SUDO_CONV_ERROR_MSG;
+	msg.msg = _("\n"
+	    "We trust you have received the usual lecture from the local System\n"
+	    "Administrator. It usually boils down to these three things:\n\n"
+	    "    #1) Respect the privacy of others.\n"
+	    "    #2) Think before you type.\n"
+	    "    #3) With great power comes great responsibility.\n\n");
+	sudo_conv(1, &msg, &repl, NULL);
+    }
+    debug_return_bool(true);
+}
+
+/*
+ * Checks if the user is exempt from supplying a password.
+ */
+bool
+user_is_exempt(void)
+{
+    bool ret = false;
+    debug_decl(user_is_exempt, SUDOERS_DEBUG_AUTH)
+
+    if (def_exempt_group)
+	ret = user_in_group(sudo_user.pw, def_exempt_group);
+    debug_return_bool(ret);
+}
+
+/*
+ * Get passwd entry for the user we are going to authenticate as.
+ * By default, this is the user invoking sudo.  In the most common
+ * case, this matches sudo_user.pw or runas_pw.
+ */
+static struct passwd *
+get_authpw(int mode)
+{
+    struct passwd *pw = NULL;
+    debug_decl(get_authpw, SUDOERS_DEBUG_AUTH)
+
+    if (ISSET(mode, (MODE_CHECK|MODE_LIST))) {
+	/* In list mode we always prompt for the user's password. */
+	sudo_pw_addref(sudo_user.pw);
+	pw = sudo_user.pw;
+    } else {
+	if (def_rootpw) {
+	    if ((pw = sudo_getpwuid(ROOT_UID)) == NULL) {
+		log_warningx(SLOG_SEND_MAIL, N_("unknown uid: %u"), ROOT_UID);
+	    }
+	} else if (def_runaspw) {
+	    if ((pw = sudo_getpwnam(def_runas_default)) == NULL) {
+		log_warningx(SLOG_SEND_MAIL,
+		    N_("unknown user: %s"), def_runas_default);
+	    }
+	} else if (def_targetpw) {
+	    if (runas_pw->pw_name == NULL) {
+		/* This should never be NULL as we fake up the passwd struct */
+		log_warningx(SLOG_RAW_MSG, N_("unknown uid: %u"),
+		    (unsigned int) runas_pw->pw_uid);
+	    } else {
+		sudo_pw_addref(runas_pw);
+		pw = runas_pw;
+	    }
+	} else {
+	    sudo_pw_addref(sudo_user.pw);
+	    pw = sudo_user.pw;
+	}
+    }
+
+    debug_return_ptr(pw);
+}
diff --git a/plugins/sudoers/check.h b/plugins/sudoers/check.h
new file mode 100644
index 0000000..11013c8
--- /dev/null
+++ b/plugins/sudoers/check.h
@@ -0,0 +1,87 @@
+/*
+ * Copyright (c) 1993-1996,1998-2005, 2007-2014
+ *	Todd C. Miller <Todd.Miller@sudo.ws>
+ *
+ * Permission to use, copy, modify, and distribute this software for any
+ * purpose with or without fee is hereby granted, provided that the above
+ * copyright notice and this permission notice appear in all copies.
+ *
+ * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
+ * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
+ * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
+ * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
+ * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
+ * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
+ * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
+ *
+ * Sponsored in part by the Defense Advanced Research Projects
+ * Agency (DARPA) and Air Force Research Laboratory, Air Force
+ * Materiel Command, USAF, under agreement number F39502-99-1-0512.
+ */
+
+#ifndef SUDOERS_CHECK_H
+#define SUDOERS_CHECK_H
+
+/* Status codes for timestamp_status() */
+#define TS_CURRENT		0
+#define TS_OLD			1
+#define TS_MISSING		2
+#define TS_ERROR		3
+#define TS_FATAL		4
+
+/*
+ * Time stamps are now stored in a single file which contains multiple
+ * records.  Each record starts with a 16-bit version number and a 16-bit
+ * record size.  Multiple record types can coexist in the same file.
+ */
+#define	TS_VERSION		2
+
+/* Time stamp entry types */
+#define TS_GLOBAL		0x01	/* not restricted by tty or ppid */
+#define TS_TTY			0x02	/* restricted by tty */
+#define TS_PPID			0x03	/* restricted by ppid */
+#define TS_LOCKEXCL		0x04	/* special lock record */
+
+/* Time stamp flags */
+#define TS_DISABLED		0x01	/* entry disabled */
+#define TS_ANYUID		0x02	/* ignore uid, only valid in the key */
+
+struct timestamp_entry_v1 {
+    unsigned short version;	/* version number */
+    unsigned short size;	/* entry size */
+    unsigned short type;	/* TS_GLOBAL, TS_TTY, TS_PPID */
+    unsigned short flags;	/* TS_DISABLED, TS_ANYUID */
+    uid_t auth_uid;		/* uid to authenticate as */
+    pid_t sid;			/* session ID associated with tty/ppid */
+    struct timespec ts;		/* time stamp (CLOCK_MONOTONIC) */
+    union {
+	dev_t ttydev;		/* tty device number */
+	pid_t ppid;		/* parent pid */
+    } u;
+};
+
+struct timestamp_entry {
+    unsigned short version;	/* version number */
+    unsigned short size;	/* entry size */
+    unsigned short type;	/* TS_GLOBAL, TS_TTY, TS_PPID */
+    unsigned short flags;	/* TS_DISABLED, TS_ANYUID */
+    uid_t auth_uid;		/* uid to authenticate as */
+    pid_t sid;			/* session ID associated with tty/ppid */
+    struct timespec start_time;	/* session/ppid start time */
+    struct timespec ts;		/* time stamp (CLOCK_MONOTONIC) */
+    union {
+	dev_t ttydev;		/* tty device number */
+	pid_t ppid;		/* parent pid */
+    } u;
+};
+
+void *timestamp_open(const char *user, pid_t sid);
+void  timestamp_close(void *vcookie);
+bool  timestamp_lock(void *vcookie, struct passwd *pw);
+bool  timestamp_update(void *vcookie, struct passwd *pw);
+int   timestamp_status(void *vcookie, struct passwd *pw);
+int   get_starttime(pid_t pid, struct timespec *starttime);
+bool  already_lectured(int status);
+int   set_lectured(void);
+
+#endif /* SUDOERS_CHECK_H */
diff --git a/plugins/sudoers/cvtsudoers.c b/plugins/sudoers/cvtsudoers.c
new file mode 100644
index 0000000..0221314
--- /dev/null
+++ b/plugins/sudoers/cvtsudoers.c
@@ -0,0 +1,1334 @@
+/*
+ * Copyright (c) 2018 Todd C. Miller <Todd.Miller@sudo.ws>
+ *
+ * Permission to use, copy, modify, and distribute this software for any
+ * purpose with or without fee is hereby granted, provided that the above
+ * copyright notice and this permission notice appear in all copies.
+ *
+ * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
+ * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
+ * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
+ * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
+ * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
+ * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
+ * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
+ */
+
+/*
+ * This is an open source non-commercial project. Dear PVS-Studio, please check it.
+ * PVS-Studio Static Code Analyzer for C, C++ and C#: http://www.viva64.com
+ */
+
+/*
+ * Convert from the sudoers file format to LDIF or JSON format.
+ */
+
+#include <config.h>
+
+#include <sys/types.h>
+#include <stdio.h>
+#include <stdlib.h>
+#ifdef HAVE_STRING_H
+# include <string.h>
+#endif /* HAVE_STRING_H */
+#ifdef HAVE_STRINGS_H
+# include <strings.h>
+#endif /* HAVE_STRINGS_H */
+#include <ctype.h>
+#include <errno.h>
+#include <fcntl.h>
+#include <pwd.h>
+#include <unistd.h>
+
+#include "sudoers.h"
+#include "sudoers_version.h"
+#include "sudo_conf.h"
+#include "sudo_lbuf.h"
+#include "redblack.h"
+#include "cvtsudoers.h"
+#include <gram.h>
+
+#ifdef HAVE_GETOPT_LONG
+# include <getopt.h>
+# else
+# include "compat/getopt.h"
+#endif /* HAVE_GETOPT_LONG */
+
+/*
+ * Globals
+ */
+struct cvtsudoers_filter *filters;
+struct sudo_user sudo_user;
+struct passwd *list_pw;
+static const char short_opts[] =  "b:c:d:ef:hi:I:m:Mo:O:pP:s:V";
+static struct option long_opts[] = {
+    { "base",		required_argument,	NULL,	'b' },
+    { "config",		required_argument,	NULL,	'c' },
+    { "defaults",	required_argument,	NULL,	'd' },
+    { "expand-aliases",	no_argument,		NULL,	'e' },
+    { "output-format",	required_argument,	NULL,	'f' },
+    { "help",		no_argument,		NULL,	'h' },
+    { "input-format",	required_argument,	NULL,	'i' },
+    { "increment",	required_argument,	NULL,	'I' },
+    { "match",		required_argument,	NULL,	'm' },
+    { "match-local",	no_argument,		NULL,	'M' },
+    { "prune-matches",	no_argument,		NULL,	'p' },
+    { "padding",	required_argument,	NULL,	'P' },
+    { "order-start",	required_argument,	NULL,	'O' },
+    { "output",		required_argument,	NULL,	'o' },
+    { "suppress",	required_argument,	NULL,	's' },
+    { "version",	no_argument,		NULL,	'V' },
+    { NULL,		no_argument,		NULL,	'\0' },
+};
+
+__dso_public int main(int argc, char *argv[]);
+static void help(void) __attribute__((__noreturn__));
+static void usage(int);
+static bool convert_sudoers_sudoers(struct sudoers_parse_tree *parse_tree, const char *output_file, struct cvtsudoers_config *conf);
+static bool parse_sudoers(const char *input_file, struct cvtsudoers_config *conf);
+static bool parse_ldif(struct sudoers_parse_tree *parse_tree, const char *input_file, struct cvtsudoers_config *conf);
+static bool cvtsudoers_parse_filter(char *expression);
+static struct cvtsudoers_config *cvtsudoers_conf_read(const char *conf_file);
+static void cvtsudoers_conf_free(struct cvtsudoers_config *conf);
+static int cvtsudoers_parse_defaults(char *expression);
+static int cvtsudoers_parse_suppression(char *expression);
+static void filter_userspecs(struct sudoers_parse_tree *parse_tree, struct cvtsudoers_config *conf);
+static void filter_defaults(struct sudoers_parse_tree *parse_tree, struct cvtsudoers_config *conf);
+static void alias_remove_unused(struct sudoers_parse_tree *parse_tree);
+static void alias_prune(struct sudoers_parse_tree *parse_tree, struct cvtsudoers_config *conf);
+
+int
+main(int argc, char *argv[])
+{
+    int ch, exitcode = EXIT_FAILURE;
+    enum sudoers_formats output_format = format_ldif;
+    enum sudoers_formats input_format = format_sudoers;
+    struct cvtsudoers_config *conf = NULL;
+    bool match_local = false;
+    const char *input_file = "-";
+    const char *output_file = "-";
+    const char *conf_file = _PATH_CVTSUDOERS_CONF;
+    const char *errstr;
+    debug_decl(main, SUDOERS_DEBUG_MAIN)
+
+#if defined(SUDO_DEVEL) && defined(__OpenBSD__)
+    {
+	extern char *malloc_options;
+	malloc_options = "S";
+    }
+#endif
+
+    initprogname(argc > 0 ? argv[0] : "cvtsudoers");
+    if (!sudoers_initlocale(setlocale(LC_ALL, ""), def_sudoers_locale))
+	sudo_fatalx(U_("%s: %s"), __func__, U_("unable to allocate memory"));
+    sudo_warn_set_locale_func(sudoers_warn_setlocale);
+    bindtextdomain("sudoers", LOCALEDIR);
+    textdomain("sudoers");
+
+    /* Read debug and plugin sections of sudo.conf. */
+    if (sudo_conf_read(NULL, SUDO_CONF_DEBUG|SUDO_CONF_PLUGINS) == -1)
+	goto done;
+
+    /* Initialize the debug subsystem. */
+    if (!sudoers_debug_register(getprogname(), sudo_conf_debug_files(getprogname())))
+	goto done;
+
+    /* Check for --config option first (no getopt warnings). */
+    opterr = 0;
+    while ((ch = getopt_long(argc, argv, short_opts, long_opts, NULL)) != -1) {
+	switch (ch) {
+	case 'c':
+	    conf_file = optarg;
+	    break;
+	}
+    }
+
+    /* Read conf file. */
+    conf = cvtsudoers_conf_read(conf_file);
+
+    /*
+     * Reset getopt and handle the rest of the arguments.
+     */
+    opterr = 1;
+    optind = 1;
+#ifdef HAVE_OPTRESET
+    optreset = 1;
+#endif
+    while ((ch = getopt_long(argc, argv, short_opts, long_opts, NULL)) != -1) {
+	switch (ch) {
+	case 'b':
+	    free(conf->sudoers_base);
+	    conf->sudoers_base = strdup(optarg);
+	    if (conf->sudoers_base == NULL) {
+		sudo_fatalx(U_("%s: %s"), __func__,
+		    U_("unable to allocate memory"));
+	    }
+	    break;
+	case 'c':
+	    /* handled above */
+	    break;
+	case 'd':
+	    conf->defstr = optarg;
+	    break;
+	case 'e':
+	    conf->expand_aliases = true;
+	    break;
+	case 'f':
+	    free(conf->output_format);
+	    conf->output_format = strdup(optarg);
+	    if (conf->output_format == NULL) {
+		sudo_fatalx(U_("%s: %s"), __func__,
+		    U_("unable to allocate memory"));
+	    }
+	    break;
+	case 'h':
+	    help();
+	    break;
+	case 'i':
+	    free(conf->input_format);
+	    conf->input_format = strdup(optarg);
+	    if (conf->input_format == NULL) {
+		sudo_fatalx(U_("%s: %s"), __func__,
+		    U_("unable to allocate memory"));
+	    }
+	    break;
+	case 'I':
+	    conf->order_increment = sudo_strtonum(optarg, 1, UINT_MAX, &errstr);
+	    if (errstr != NULL) {
+		sudo_warnx(U_("order increment: %s: %s"), optarg, U_(errstr));
+		usage(1);
+	    }
+	    break;
+	case 'm':
+	    conf->filter = optarg;
+	    break;
+	case 'M':
+	    match_local = true;
+	    break;
+	case 'o':
+	    output_file = optarg;
+	    break;
+	case 'O':
+	    conf->sudo_order = sudo_strtonum(optarg, 0, UINT_MAX, &errstr);
+	    if (errstr != NULL) {
+		sudo_warnx(U_("starting order: %s: %s"), optarg, U_(errstr));
+		usage(1);
+	    }
+	    break;
+	case 'p':
+	    conf->prune_matches = true;
+	    break;
+	case 'P':
+	    conf->order_padding = sudo_strtonum(optarg, 1, UINT_MAX, &errstr);
+	    if (errstr != NULL ) {
+		sudo_warnx(U_("order padding: %s: %s"), optarg, U_(errstr));
+		usage(1);
+	    }
+	    break;
+	case 's':
+	    conf->supstr = optarg;
+	    break;
+	case 'V':
+	    (void) printf(_("%s version %s\n"), getprogname(),
+		PACKAGE_VERSION);
+	    (void) printf(_("%s grammar version %d\n"), getprogname(),
+		SUDOERS_GRAMMAR_VERSION);
+	    exitcode = EXIT_SUCCESS;
+	    goto done;
+	default:
+	    usage(1);
+	}
+    }
+    argc -= optind;
+    argv += optind;
+
+    if (conf->input_format != NULL) {
+	if (strcasecmp(conf->input_format, "ldif") == 0) {
+	    input_format = format_ldif;
+	} else if (strcasecmp(conf->input_format, "sudoers") == 0) {
+	    input_format = format_sudoers;
+	} else {
+	    sudo_warnx(U_("unsupported input format %s"), conf->input_format);
+	    usage(1);
+	}
+    }
+    if (conf->output_format != NULL) {
+	if (strcasecmp(conf->output_format, "json") == 0) {
+	    output_format = format_json;
+	    conf->store_options = true;
+	} else if (strcasecmp(conf->output_format, "ldif") == 0) {
+	    output_format = format_ldif;
+	    conf->store_options = true;
+	} else if (strcasecmp(conf->output_format, "sudoers") == 0) {
+	    output_format = format_sudoers;
+	    conf->store_options = false;
+	} else {
+	    sudo_warnx(U_("unsupported output format %s"), conf->output_format);
+	    usage(1);
+	}
+    }
+    if (conf->filter != NULL) {
+	/* We always expand aliases when filtering (may change in future). */
+	if (!cvtsudoers_parse_filter(conf->filter))
+	    usage(1);
+    }
+    if (conf->defstr != NULL) {
+	conf->defaults = cvtsudoers_parse_defaults(conf->defstr);
+	if (conf->defaults == -1)
+	    usage(1);
+    }
+    if (conf->supstr != NULL) {
+	conf->suppress = cvtsudoers_parse_suppression(conf->supstr);
+	if (conf->suppress == -1)
+	    usage(1);
+    }
+
+    /* Apply padding to sudo_order if present. */
+    if (conf->sudo_order != 0 && conf->order_padding != 0) {
+	unsigned int multiplier = 1;
+
+	do {
+	    multiplier *= 10;
+	} while (--conf->order_padding != 0);
+	conf->sudo_order *= multiplier;
+	conf->order_max = conf->sudo_order + (multiplier - 1);
+	conf->order_padding = multiplier;
+    }
+
+    /* If no base DN specified, check SUDOERS_BASE. */
+    if (conf->sudoers_base == NULL) {
+	conf->sudoers_base = getenv("SUDOERS_BASE");
+	if (conf->sudoers_base != NULL && *conf->sudoers_base != '\0') {
+	    if ((conf->sudoers_base = strdup(conf->sudoers_base)) == NULL) {
+		sudo_fatalx(U_("%s: %s"), __func__,
+		    U_("unable to allocate memory"));
+	    }
+	}
+    }
+
+    /* Input file (defaults to stdin). */
+    if (argc > 0) {
+	if (argc > 1)
+	    usage(1);
+	input_file = argv[0];
+    }
+
+    if (strcmp(input_file, "-") != 0) {
+	if (strcmp(input_file, output_file) == 0) {
+	    sudo_fatalx(U_("%s: input and output files must be different"),
+		input_file);
+	}
+    }
+
+    /* Set pwutil backend to use the filter data. */
+    if (conf->filter != NULL && !match_local) {
+	sudo_pwutil_set_backend(cvtsudoers_make_pwitem, cvtsudoers_make_gritem,
+	    cvtsudoers_make_gidlist_item, cvtsudoers_make_grlist_item);
+    }
+
+    /* We may need the hostname to resolve %h escapes in include files. */
+    get_hostname();
+
+    /* Setup defaults data structures. */
+    if (!init_defaults())
+	sudo_fatalx(U_("unable to initialize sudoers default values"));
+
+    switch (input_format) {
+    case format_ldif:
+	if (!parse_ldif(&parsed_policy, input_file, conf))
+	    goto done;
+	break;
+    case format_sudoers:
+	if (!parse_sudoers(input_file, conf))
+	    goto done;
+	break;
+    default:
+	sudo_fatalx("error: unhandled input %d", input_format);
+    }
+
+    /* Apply filters. */
+    filter_userspecs(&parsed_policy, conf);
+    filter_defaults(&parsed_policy, conf);
+    if (filters != NULL) {
+	alias_remove_unused(&parsed_policy);
+	if (conf->prune_matches && conf->expand_aliases)
+	    alias_prune(&parsed_policy, conf);
+    }
+
+    switch (output_format) {
+    case format_json:
+	exitcode = !convert_sudoers_json(&parsed_policy, output_file, conf);
+	break;
+    case format_ldif:
+	exitcode = !convert_sudoers_ldif(&parsed_policy, output_file, conf);
+	break;
+    case format_sudoers:
+	exitcode = !convert_sudoers_sudoers(&parsed_policy, output_file, conf);
+	break;
+    default:
+	sudo_fatalx("error: unhandled output format %d", output_format);
+    }
+
+done:
+    cvtsudoers_conf_free(conf);
+    sudo_debug_exit_int(__func__, __FILE__, __LINE__, sudo_debug_subsys, exitcode);
+    return exitcode;
+}
+
+/*
+ * cvtsudoers configuration data.
+ */
+static struct cvtsudoers_config cvtsudoers_config = INITIAL_CONFIG;
+static struct cvtsudoers_conf_table cvtsudoers_conf_vars[] = {
+    { "order_start", CONF_UINT, &cvtsudoers_config.sudo_order },
+    { "order_increment", CONF_UINT, &cvtsudoers_config.order_increment },
+    { "order_padding", CONF_UINT, &cvtsudoers_config.order_padding },
+    { "sudoers_base", CONF_STR, &cvtsudoers_config.sudoers_base },
+    { "input_format", CONF_STR, &cvtsudoers_config.input_format },
+    { "output_format", CONF_STR, &cvtsudoers_config.output_format },
+    { "match", CONF_STR, &cvtsudoers_config.filter },
+    { "defaults", CONF_STR, &cvtsudoers_config.defstr },
+    { "suppress", CONF_STR, &cvtsudoers_config.supstr },
+    { "expand_aliases", CONF_BOOL, &cvtsudoers_config.expand_aliases },
+    { "prune_matches", CONF_BOOL, &cvtsudoers_config.prune_matches }
+};
+
+/*
+ * Look up keyword in config table.
+ * Returns true if found, else false.
+ */
+static bool
+cvtsudoers_parse_keyword(const char *conf_file, const char *keyword,
+    const char *value, struct cvtsudoers_conf_table *table)
+{
+    struct cvtsudoers_conf_table *cur;
+    const char *errstr;
+    debug_decl(sudo_ldap_parse_keyword, SUDOERS_DEBUG_UTIL)
+
+    /* Look up keyword in config tables */
+    for (cur = table; cur->conf_str != NULL; cur++) {
+	if (strcasecmp(keyword, cur->conf_str) == 0) {
+	    switch (cur->type) {
+	    case CONF_BOOL:
+		*(bool *)(cur->valp) = sudo_strtobool(value) == true;
+		break;
+	    case CONF_UINT:
+		{
+		    unsigned int uval = 
+			strtonum(value, 0, UINT_MAX, &errstr);
+		    if (errstr != NULL) {
+			sudo_warnx(U_("%s: %s: %s: %s"),
+			    conf_file, keyword, value, U_(errstr));
+			continue;
+		    }
+		    *(unsigned int *)(cur->valp) = uval;
+		}
+		break;
+	    case CONF_STR:
+		{
+		    char *cp = strdup(value);
+		    if (cp == NULL) {
+			sudo_fatalx(U_("%s: %s"), __func__,
+			    U_("unable to allocate memory"));
+		    }
+		    free(*(char **)(cur->valp));
+		    *(char **)(cur->valp) = cp;
+		    break;
+		}
+	    }
+	    debug_return_bool(true);
+	}
+    }
+    debug_return_bool(false);
+}
+
+static struct cvtsudoers_config *
+cvtsudoers_conf_read(const char *conf_file)
+{
+    char *line = NULL;
+    size_t linesize = 0;
+    FILE *fp;
+    debug_decl(cvtsudoers_conf_read, SUDOERS_DEBUG_UTIL)
+
+    if ((fp = fopen(conf_file, "r")) == NULL)
+	debug_return_ptr(&cvtsudoers_config);
+
+    while (sudo_parseln(&line, &linesize, NULL, fp, 0) != -1) {
+	char *cp, *keyword, *value;
+
+	if (*line == '\0')
+	    continue;		/* skip empty line */
+
+	/* Parse keyword = value */
+	keyword = line;
+	if ((cp = strchr(line, '=')) == NULL)
+	    continue;
+	value = cp-- + 1;
+
+	/* Trim whitespace after keyword. */
+	while (cp != line && isblank((unsigned char)cp[-1]))
+	    cp--;
+	*cp = '\0';
+
+	/* Trim whitespace before value. */
+	while (isblank((unsigned char)*value))
+	    value++;
+
+	/* Look up keyword in config tables */
+	if (!cvtsudoers_parse_keyword(conf_file, keyword, value, cvtsudoers_conf_vars))
+	    sudo_warnx(U_("%s: unknown key word: %s"), conf_file, keyword);
+    }
+    free(line);
+    fclose(fp);
+
+    debug_return_ptr(&cvtsudoers_config);
+}
+
+static void
+cvtsudoers_conf_free(struct cvtsudoers_config *conf)
+{
+    debug_decl(cvtsudoers_conf_free, SUDOERS_DEBUG_UTIL)
+
+    if (conf != NULL) {
+	free(conf->sudoers_base);
+	free(conf->input_format);
+	free(conf->output_format);
+	conf->sudoers_base = NULL;
+	conf->input_format = NULL;
+	conf->output_format = NULL;
+    }
+
+    debug_return;
+}
+
+static int
+cvtsudoers_parse_defaults(char *expression)
+{
+    char *last, *cp = expression;
+    int flags = 0;
+    debug_decl(cvtsudoers_parse_defaults, SUDOERS_DEBUG_UTIL)
+
+    for ((cp = strtok_r(cp, ",", &last)); cp != NULL; (cp = strtok_r(NULL, ",", &last))) {
+	if (strcasecmp(cp, "all") == 0) {
+	    SET(flags, CVT_DEFAULTS_ALL);
+	} else if (strcasecmp(cp, "global") == 0) {
+	    SET(flags, CVT_DEFAULTS_GLOBAL);
+	} else if (strcasecmp(cp, "user") == 0) {
+	    SET(flags, CVT_DEFAULTS_USER);
+	} else if (strcasecmp(cp, "runas") == 0) {
+	    SET(flags, CVT_DEFAULTS_RUNAS);
+	} else if (strcasecmp(cp, "host") == 0) {
+	    SET(flags, CVT_DEFAULTS_HOST);
+	} else if (strcasecmp(cp, "command") == 0) {
+	    SET(flags, CVT_DEFAULTS_CMND);
+	} else {
+	    sudo_warnx(U_("invalid defaults type: %s"), cp);
+	    debug_return_int(-1);
+	}
+    }
+
+    debug_return_int(flags);
+}
+
+static int
+cvtsudoers_parse_suppression(char *expression)
+{
+    char *last, *cp = expression;
+    int flags = 0;
+    debug_decl(cvtsudoers_parse_suppression, SUDOERS_DEBUG_UTIL)
+
+    for ((cp = strtok_r(cp, ",", &last)); cp != NULL; (cp = strtok_r(NULL, ",", &last))) {
+	if (strcasecmp(cp, "defaults") == 0) {
+	    SET(flags, SUPPRESS_DEFAULTS);
+	} else if (strcasecmp(cp, "aliases") == 0) {
+	    SET(flags, SUPPRESS_ALIASES);
+	} else if (strcasecmp(cp, "privileges") == 0 || strcasecmp(cp, "privs") == 0) {
+	    SET(flags, SUPPRESS_PRIVS);
+	} else {
+	    sudo_warnx(U_("invalid suppression type: %s"), cp);
+	    debug_return_int(-1);
+	}
+    }
+
+    debug_return_int(flags);
+}
+
+static bool
+cvtsudoers_parse_filter(char *expression)
+{
+    char *last, *cp = expression;
+    debug_decl(cvtsudoers_parse_filter, SUDOERS_DEBUG_UTIL)
+
+    if (filters == NULL) {
+	if ((filters = malloc(sizeof(*filters))) == NULL) {
+	    sudo_fatalx(U_("%s: %s"), __func__,
+		U_("unable to allocate memory"));
+	}
+	STAILQ_INIT(&filters->users);
+	STAILQ_INIT(&filters->groups);
+	STAILQ_INIT(&filters->hosts);
+    }
+
+    for ((cp = strtok_r(cp, ",", &last)); cp != NULL; (cp = strtok_r(NULL, ",", &last))) {
+	/*
+	 * Filter expression:
+	 *	user=foo,group=bar,host=baz
+	 */
+	char *keyword;
+	struct sudoers_string *s;
+
+	if ((s = malloc(sizeof(*s))) == NULL) {
+	    sudo_fatalx(U_("%s: %s"), __func__,
+		U_("unable to allocate memory"));
+	}
+
+	/* Parse keyword = value */
+	keyword = cp;
+	if ((cp = strchr(cp, '=')) == NULL) {
+	    sudo_warnx(U_("invalid filter: %s"), keyword);;
+	    free(s);
+	    debug_return_bool(false);
+	}
+	*cp++ = '\0';
+	s->str = cp;
+
+	if (strcmp(keyword, "user") == 0 ){
+	    STAILQ_INSERT_TAIL(&filters->users, s, entries);
+	} else if (strcmp(keyword, "group") == 0 ){
+	    STAILQ_INSERT_TAIL(&filters->groups, s, entries);
+	} else if (strcmp(keyword, "host") == 0 ){
+	    STAILQ_INSERT_TAIL(&filters->hosts, s, entries);
+	} else {
+	    sudo_warnx(U_("invalid filter: %s"), keyword);;
+	    free(s);
+	    debug_return_bool(false);
+	}
+    }
+
+    debug_return_bool(true);
+}
+
+static bool
+parse_ldif(struct sudoers_parse_tree *parse_tree, const char *input_file,
+    struct cvtsudoers_config *conf)
+{
+    FILE *fp = stdin;
+    debug_decl(parse_ldif, SUDOERS_DEBUG_UTIL)
+
+    /* Open LDIF file and parse it. */
+    if (strcmp(input_file, "-") != 0) {
+	if ((fp = fopen(input_file, "r")) == NULL)
+	    sudo_fatal(U_("unable to open %s"), input_file);
+    }
+
+    debug_return_bool(sudoers_parse_ldif(parse_tree, fp, conf->sudoers_base,
+	conf->store_options));
+}
+
+static bool
+parse_sudoers(const char *input_file, struct cvtsudoers_config *conf)
+{
+    debug_decl(parse_sudoers, SUDOERS_DEBUG_UTIL)
+
+    /* Open sudoers file and parse it. */
+    if (strcmp(input_file, "-") == 0) {
+	sudoersin = stdin;
+	input_file = "stdin";
+    } else if ((sudoersin = fopen(input_file, "r")) == NULL)
+	sudo_fatal(U_("unable to open %s"), input_file);
+    init_parser(input_file, false);
+    if (sudoersparse() && !parse_error) {
+	sudo_warnx(U_("failed to parse %s file, unknown error"), input_file);
+	parse_error = true;
+	rcstr_delref(errorfile);
+	if ((errorfile = rcstr_dup(input_file)) == NULL)
+	    sudo_fatalx(U_("%s: %s"), __func__, U_("unable to allocate memory"));
+    }
+    if (parse_error) {
+	if (errorlineno != -1)
+	    sudo_warnx(U_("parse error in %s near line %d\n"),
+		errorfile, errorlineno);
+	else if (errorfile != NULL)
+	    sudo_warnx(U_("parse error in %s\n"), errorfile);
+	debug_return_bool(false);
+    }
+    debug_return_bool(true);
+}
+
+FILE *
+open_sudoers(const char *sudoers, bool doedit, bool *keepopen)
+{
+    return fopen(sudoers, "r");
+}
+
+static bool
+userlist_matches_filter(struct sudoers_parse_tree *parse_tree,
+    struct member_list *users, struct cvtsudoers_config *conf)
+{
+    struct sudoers_string *s;
+    struct member *m, *next;
+    bool ret = false;
+    debug_decl(userlist_matches_filter, SUDOERS_DEBUG_UTIL)
+
+    if (filters == NULL ||
+	(STAILQ_EMPTY(&filters->users) && STAILQ_EMPTY(&filters->groups)))
+	debug_return_bool(true);
+
+    TAILQ_FOREACH_REVERSE_SAFE(m, users, member_list, entries, next) {
+	bool matched = false;
+
+	if (STAILQ_EMPTY(&filters->users)) {
+	    struct passwd pw;
+
+	    /*
+	     * Only groups in filter, make a dummy user so userlist_matches()
+	     * can do its thing.
+	     */
+	    memset(&pw, 0, sizeof(pw));
+	    pw.pw_name = "_nobody";
+	    pw.pw_uid = (uid_t)-1;
+	    pw.pw_gid = (gid_t)-1;
+
+	    if (user_matches(parse_tree, &pw, m) == true)
+		matched = true;
+	} else {
+	    STAILQ_FOREACH(s, &filters->users, entries) {
+		struct passwd *pw = NULL;
+
+		/* An upper case filter entry may be a User_Alias */
+		/* XXX - doesn't handle nested aliases */
+		if (m->type == ALIAS && !conf->expand_aliases) {
+		    if (strcmp(m->name, s->str) == 0) {
+			matched = true;
+			break;
+		    }
+		}
+
+		if (s->str[0] == '#') {
+		    const char *errstr;
+		    uid_t uid = sudo_strtoid(s->str + 1, NULL, NULL, &errstr);
+		    if (errstr == NULL)
+			pw = sudo_getpwuid(uid);
+		}
+		if (pw == NULL)
+		    pw = sudo_getpwnam(s->str);
+		if (pw == NULL)
+		    continue;
+
+		if (user_matches(parse_tree, pw, m) == true)
+		    matched = true;
+		sudo_pw_delref(pw);
+
+		/* Only need one user in the filter to match. */
+		if (matched)
+		    break;
+	    }
+	}
+
+	if (matched) {
+	    ret = true;
+	} else if (conf->prune_matches) {
+	    TAILQ_REMOVE(users, m, entries);
+	    free_member(m);
+	}
+    }
+
+    debug_return_bool(ret);
+}
+
+static bool
+hostlist_matches_filter(struct sudoers_parse_tree *parse_tree,
+    struct member_list *hostlist, struct cvtsudoers_config *conf)
+{
+    struct sudoers_string *s;
+    struct member *m, *next;
+    char *lhost, *shost;
+    bool ret = false;
+    char **shosts;
+    int n = 0;
+    debug_decl(hostlist_matches_filter, SUDOERS_DEBUG_UTIL)
+
+    if (filters == NULL || STAILQ_EMPTY(&filters->hosts))
+	debug_return_bool(true);
+
+    /* Create an array of short host names. */
+    STAILQ_FOREACH(s, &filters->hosts, entries) {
+	n++;
+    }
+    shosts = reallocarray(NULL, n, sizeof(char *));
+    if (shosts == NULL)
+	sudo_fatalx(U_("%s: %s"), __func__, U_("unable to allocate memory"));
+    n = 0;
+    STAILQ_FOREACH(s, &filters->hosts, entries) {
+	lhost = s->str;
+	if ((shost = strchr(lhost, '.')) != NULL) {
+	    shost = strndup(lhost, (size_t)(shost - lhost));
+	    if (shost == NULL) {
+		sudo_fatalx(U_("%s: %s"), __func__,
+		    U_("unable to allocate memory"));
+	    }
+	} else {
+	    shost = lhost;
+	}
+	shosts[n++] = shost;
+    }
+
+    TAILQ_FOREACH_REVERSE_SAFE(m, hostlist, member_list, entries, next) {
+	bool matched = false;
+	n = 0;
+	STAILQ_FOREACH(s, &filters->hosts, entries) {
+	    lhost = s->str;
+	    shost = shosts[n++];
+
+	    /* An upper case filter entry may be a Host_Alias */
+	    /* XXX - doesn't handle nested aliases */
+	    if (m->type == ALIAS && !conf->expand_aliases) {
+		if (strcmp(m->name, s->str) == 0) {
+		    matched = true;
+		    break;
+		}
+	    }
+
+	    /* Only need one host in the filter to match. */
+	    /* XXX - can't use netgroup_tuple with NULL pw */
+	    if (host_matches(parse_tree, NULL, lhost, shost, m) == true) {
+		matched = true;
+		break;
+	    }
+	}
+
+	if (matched) {
+	    ret = true;
+	} else if (conf->prune_matches) {
+	    TAILQ_REMOVE(hostlist, m, entries);
+	    free_member(m);
+	}
+    }
+
+    /* Free shosts array and its contents. */
+    n = 0;
+    STAILQ_FOREACH(s, &filters->hosts, entries) {
+	lhost = s->str;
+	shost = shosts[n++];
+	if (shost != lhost)
+	    free(shost);
+    }
+    free(shosts);
+
+    debug_return_bool(ret == true);
+}
+
+/*
+ * Display Defaults entries
+ */
+static bool
+print_defaults_sudoers(struct sudoers_parse_tree *parse_tree,
+    struct sudo_lbuf *lbuf, bool expand_aliases)
+{
+    struct defaults *def, *next;
+    debug_decl(print_defaults_sudoers, SUDOERS_DEBUG_UTIL)
+
+    TAILQ_FOREACH_SAFE(def, &parse_tree->defaults, entries, next) {
+	sudoers_format_default_line(lbuf, parse_tree, def, &next,
+	    expand_aliases);
+    }
+
+    debug_return_bool(!sudo_lbuf_error(lbuf));
+}
+
+static int
+print_alias_sudoers(struct sudoers_parse_tree *parse_tree, struct alias *a,
+    void *v)
+{
+    struct sudo_lbuf *lbuf = v;
+    struct member *m;
+    debug_decl(print_alias_sudoers, SUDOERS_DEBUG_UTIL)
+
+    sudo_lbuf_append(lbuf, "%s %s = ", alias_type_to_string(a->type),
+	a->name);
+    TAILQ_FOREACH(m, &a->members, entries) {
+	if (m != TAILQ_FIRST(&a->members))
+	    sudo_lbuf_append(lbuf, ", ");
+	sudoers_format_member(lbuf, parse_tree, m, NULL, UNSPEC);
+    }
+    sudo_lbuf_append(lbuf, "\n");
+
+    debug_return_int(sudo_lbuf_error(lbuf) ? -1 : 0);
+}
+
+/*
+ * Display aliases
+ */
+static bool
+print_aliases_sudoers(struct sudoers_parse_tree *parse_tree,
+    struct sudo_lbuf *lbuf)
+{
+    debug_decl(print_aliases_sudoers, SUDOERS_DEBUG_UTIL)
+
+    alias_apply(parse_tree, print_alias_sudoers, lbuf);
+
+    debug_return_bool(!sudo_lbuf_error(lbuf));
+}
+
+static FILE *output_fp;		/* global for convert_sudoers_output */
+
+static int
+convert_sudoers_output(const char *buf)
+{
+    return fputs(buf, output_fp);
+}
+
+/*
+ * Apply filters to userspecs, removing non-matching entries.
+ */
+static void
+filter_userspecs(struct sudoers_parse_tree *parse_tree,
+    struct cvtsudoers_config *conf)
+{
+    struct userspec *us, *next_us;
+    struct privilege *priv, *next_priv;
+    debug_decl(filter_userspecs, SUDOERS_DEBUG_UTIL)
+
+    if (filters == NULL)
+	debug_return;
+
+    /*
+     * Does not currently prune out non-matching entries in the user or
+     * host lists.  It acts more like a grep than a true filter.
+     * In the future, we may want to add a prune option.
+     */
+    TAILQ_FOREACH_SAFE(us, &parse_tree->userspecs, entries, next_us) {
+	if (!userlist_matches_filter(parse_tree, &us->users, conf)) {
+	    TAILQ_REMOVE(&parse_tree->userspecs, us, entries);
+	    free_userspec(us);
+	    continue;
+	}
+	TAILQ_FOREACH_SAFE(priv, &us->privileges, entries, next_priv) {
+	    if (!hostlist_matches_filter(parse_tree, &priv->hostlist, conf)) {
+		TAILQ_REMOVE(&us->privileges, priv, entries);
+		free_privilege(priv);
+	    }
+	}
+	if (TAILQ_EMPTY(&us->privileges)) {
+	    TAILQ_REMOVE(&parse_tree->userspecs, us, entries);
+	    free_userspec(us);
+	    continue;
+	}
+    }
+    debug_return;
+}
+
+/*
+ * Check whether the alias described by "alias_name" is the same
+ * as "name" or includes an alias called "name".
+ * Returns true if matched, else false.
+ */
+static bool
+alias_matches(struct sudoers_parse_tree *parse_tree, const char *name,
+    const char *alias_name, int alias_type)
+{
+    struct alias *a;
+    struct member *m;
+    bool ret = false;
+    debug_decl(alias_matches, SUDOERS_DEBUG_ALIAS)
+
+    if (strcmp(name, alias_name) == 0)
+	debug_return_bool(true);
+
+    a = alias_get(parse_tree, alias_name, alias_type);
+    if (a != NULL) {
+	TAILQ_FOREACH(m, &a->members, entries) {
+	    if (m->type != ALIAS)
+		continue;
+	    if (alias_matches(parse_tree, name, m->name, alias_type)) {
+		ret = true;
+		break;
+	    }
+	}
+	alias_put(a);
+    }
+
+    debug_return_bool(ret);
+}
+
+/*
+ * Check whether userspecs uses the aliases in the specified member lists.
+ * If used, they are removed (and freed) from the list.
+ * This does *not* check Defaults for used aliases, only userspecs.
+ */
+static void
+alias_used_by_userspecs(struct sudoers_parse_tree *parse_tree,
+    struct member_list *user_aliases, struct member_list *runas_aliases,
+    struct member_list *host_aliases, struct member_list *cmnd_aliases)
+{
+    struct privilege *priv, *priv_next;
+    struct userspec *us, *us_next;
+    struct cmndspec *cs, *cs_next;
+    struct member *m, *m_next;
+    struct member *am, *am_next;
+    debug_decl(alias_used_by_userspecs, SUDOERS_DEBUG_ALIAS)
+
+    /* Iterate over the policy, checking for aliases. */
+    TAILQ_FOREACH_SAFE(us, &parse_tree->userspecs, entries, us_next) {
+	TAILQ_FOREACH_SAFE(m, &us->users, entries, m_next) {
+	    if (m->type == ALIAS) {
+		/* If alias is used, remove from user_aliases and free. */
+		TAILQ_FOREACH_SAFE(am, user_aliases, entries, am_next) {
+		    if (alias_matches(parse_tree, am->name, m->name, USERALIAS)) {
+			TAILQ_REMOVE(user_aliases, am, entries);
+			free_member(am);
+		    }
+		}
+	    }
+	}
+	TAILQ_FOREACH_SAFE(priv, &us->privileges, entries, priv_next) {
+	    TAILQ_FOREACH(m, &priv->hostlist, entries) {
+		if (m->type == ALIAS) {
+		    /* If alias is used, remove from host_aliases and free. */
+		    TAILQ_FOREACH_SAFE(am, host_aliases, entries, am_next) {
+			if (alias_matches(parse_tree, am->name, m->name, HOSTALIAS)) {
+			    TAILQ_REMOVE(host_aliases, am, entries);
+			    free_member(am);
+			}
+		    }
+		}
+	    }
+	    TAILQ_FOREACH_SAFE(cs, &priv->cmndlist, entries, cs_next) {
+		if (cs->runasuserlist != NULL) {
+		    TAILQ_FOREACH_SAFE(m, cs->runasuserlist, entries, m_next) {
+			if (m->type == ALIAS) {
+			    /* If alias is used, remove from runas_aliases and free. */
+			    TAILQ_FOREACH_SAFE(am, runas_aliases, entries, am_next) {
+				if (alias_matches(parse_tree, am->name, m->name, RUNASALIAS)) {
+				    TAILQ_REMOVE(runas_aliases, am, entries);
+				    free_member(am);
+				}
+			    }
+			}
+		    }
+		}
+		if (cs->runasgrouplist != NULL) {
+		    TAILQ_FOREACH_SAFE(m, cs->runasgrouplist, entries, m_next) {
+			if (m->type == ALIAS) {
+			    /* If alias is used, remove from runas_aliases and free. */
+			    TAILQ_FOREACH_SAFE(am, runas_aliases, entries, am_next) {
+				if (alias_matches(parse_tree, am->name, m->name, RUNASALIAS)) {
+				    TAILQ_REMOVE(runas_aliases, am, entries);
+				    free_member(am);
+				}
+			    }
+			}
+		    }
+		}
+		if ((m = cs->cmnd)->type == ALIAS) {
+		    /* If alias is used, remove from cmnd_aliases and free. */
+		    TAILQ_FOREACH_SAFE(am, cmnd_aliases, entries, am_next) {
+			if (alias_matches(parse_tree, am->name, m->name, CMNDALIAS)) {
+			    TAILQ_REMOVE(cmnd_aliases, am, entries);
+			    free_member(am);
+			}
+		    }
+		}
+	    }
+	}
+    }
+
+    debug_return;
+}
+
+/*
+ * Apply filters to host/user-based Defaults, removing non-matching entries.
+ */
+static void
+filter_defaults(struct sudoers_parse_tree *parse_tree,
+    struct cvtsudoers_config *conf)
+{
+    struct member_list user_aliases = TAILQ_HEAD_INITIALIZER(user_aliases);
+    struct member_list runas_aliases = TAILQ_HEAD_INITIALIZER(runas_aliases);
+    struct member_list host_aliases = TAILQ_HEAD_INITIALIZER(host_aliases);
+    struct member_list cmnd_aliases = TAILQ_HEAD_INITIALIZER(cmnd_aliases);
+    struct member_list *prev_binding = NULL;
+    struct defaults *def, *def_next;
+    struct member *m, *m_next;
+    struct alias *a;
+    int alias_type;
+    debug_decl(filter_defaults, SUDOERS_DEBUG_DEFAULTS)
+
+    if (filters == NULL && conf->defaults == CVT_DEFAULTS_ALL)
+	debug_return;
+
+    TAILQ_FOREACH_SAFE(def, &parse_tree->defaults, entries, def_next) {
+	bool keep = true;
+
+	switch (def->type) {
+	case DEFAULTS:
+	    if (!ISSET(conf->defaults, CVT_DEFAULTS_GLOBAL))
+		keep = false;
+	    alias_type = UNSPEC;
+	    break;
+	case DEFAULTS_USER:
+	    if (!ISSET(conf->defaults, CVT_DEFAULTS_USER) ||
+		!userlist_matches_filter(parse_tree, def->binding, conf))
+		keep = false;
+	    alias_type = USERALIAS;
+	    break;
+	case DEFAULTS_RUNAS:
+	    if (!ISSET(conf->defaults, CVT_DEFAULTS_RUNAS))
+		keep = false;
+	    alias_type = RUNASALIAS;
+	    break;
+	case DEFAULTS_HOST:
+	    if (!ISSET(conf->defaults, CVT_DEFAULTS_HOST) ||
+		!hostlist_matches_filter(parse_tree, def->binding, conf))
+		keep = false;
+	    alias_type = HOSTALIAS;
+	    break;
+	case DEFAULTS_CMND:
+	    if (!ISSET(conf->defaults, CVT_DEFAULTS_CMND))
+		keep = false;
+	    alias_type = CMNDALIAS;
+	    break;
+	default:
+	    sudo_fatalx_nodebug("unexpected defaults type %d", def->type);
+	    break;
+	}
+
+	if (!keep) {
+	    /* Look for aliases used by the binding. */
+	    /* XXX - move to function */
+	    if (alias_type != UNSPEC && def->binding != prev_binding) {
+		TAILQ_FOREACH_SAFE(m, def->binding, entries, m_next) {
+		    if (m->type == ALIAS) {
+			TAILQ_REMOVE(def->binding, m, entries);
+			switch (alias_type) {
+			case USERALIAS:
+			    TAILQ_INSERT_TAIL(&user_aliases, m, entries);
+			    break;
+			case RUNASALIAS:
+			    TAILQ_INSERT_TAIL(&runas_aliases, m, entries);
+			    break;
+			case HOSTALIAS:
+			    TAILQ_INSERT_TAIL(&host_aliases, m, entries);
+			    break;
+			case CMNDALIAS:
+			    TAILQ_INSERT_TAIL(&cmnd_aliases, m, entries);
+			    break;
+			default:
+			    sudo_fatalx_nodebug("unexpected alias type %d",
+				alias_type);
+			    break;
+			}
+		    }
+		}
+	    }
+	    TAILQ_REMOVE(&parse_tree->defaults, def, entries);
+	    free_default(def, &prev_binding);
+	    if (prev_binding != NULL) {
+		/* Remove and free Defaults that share the same binding. */
+		while (def_next != NULL && def_next->binding == prev_binding) {
+		    def = def_next;
+		    def_next = TAILQ_NEXT(def, entries);
+		    TAILQ_REMOVE(&parse_tree->defaults, def, entries);
+		    free_default(def, &prev_binding);
+		}
+	    }
+	} else {
+	    prev_binding = def->binding;
+	}
+    }
+
+    /* Remove now-unreferenced aliases. */
+    alias_used_by_userspecs(parse_tree, &user_aliases, &runas_aliases,
+	&host_aliases, &cmnd_aliases);
+    TAILQ_FOREACH_SAFE(m, &user_aliases, entries, m_next) {
+	a = alias_remove(parse_tree, m->name, USERALIAS);
+	alias_free(a);
+	free_member(m);
+    }
+    TAILQ_FOREACH_SAFE(m, &runas_aliases, entries, m_next) {
+	a = alias_remove(parse_tree, m->name, RUNASALIAS);
+	alias_free(a);
+	free_member(m);
+    }
+    TAILQ_FOREACH_SAFE(m, &host_aliases, entries, m_next) {
+	a = alias_remove(parse_tree, m->name, HOSTALIAS);
+	alias_free(a);
+	free_member(m);
+    }
+    TAILQ_FOREACH_SAFE(m, &cmnd_aliases, entries, m_next) {
+	a = alias_remove(parse_tree, m->name, CMNDALIAS);
+	alias_free(a);
+	free_member(m);
+    }
+
+    debug_return;
+}
+
+/*
+ * Remove unreferenced aliases.
+ */
+static void
+alias_remove_unused(struct sudoers_parse_tree *parse_tree)
+{
+    struct rbtree *used_aliases;
+    debug_decl(alias_remove_unused, SUDOERS_DEBUG_ALIAS)
+
+    used_aliases = alloc_aliases();
+    if (used_aliases == NULL)
+	sudo_fatalx(U_("%s: %s"), __func__, U_("unable to allocate memory"));
+
+    /* Move all referenced aliases to used_aliases. */
+    if (!alias_find_used(parse_tree, used_aliases))
+	sudo_fatalx(U_("%s: %s"), __func__, U_("unable to allocate memory"));
+
+    /* Only unreferenced aliases are left, swap and free the unused ones. */
+    free_aliases(parse_tree->aliases);
+    parse_tree->aliases = used_aliases;
+
+    debug_return;
+}
+
+/*
+ * Prune out non-matching entries from user and host aliases.
+ */
+static int
+alias_prune_helper(struct sudoers_parse_tree *parse_tree, struct alias *a,
+    void *v)
+{
+    struct cvtsudoers_config *conf = v;
+
+    /* XXX - misue of these functions */
+    switch (a->type) {
+    case USERALIAS:
+	userlist_matches_filter(parse_tree, &a->members, conf);
+	break;
+    case HOSTALIAS:
+	hostlist_matches_filter(parse_tree, &a->members, conf);
+	break;
+    default:
+	break;
+    }
+
+    return 0;
+}
+
+/*
+ * Prune out non-matching entries from within aliases.
+ */
+static void
+alias_prune(struct sudoers_parse_tree *parse_tree,
+    struct cvtsudoers_config *conf)
+{
+    debug_decl(alias_prune, SUDOERS_DEBUG_ALIAS)
+
+    alias_apply(parse_tree, alias_prune_helper, conf);
+
+    debug_return;
+}
+
+/*
+ * Convert back to sudoers.
+ */
+static bool
+convert_sudoers_sudoers(struct sudoers_parse_tree *parse_tree,
+    const char *output_file, struct cvtsudoers_config *conf)
+{
+    bool ret = true;
+    struct sudo_lbuf lbuf;
+    debug_decl(convert_sudoers_sudoers, SUDOERS_DEBUG_UTIL)
+
+    if (strcmp(output_file, "-") == 0) {
+	output_fp = stdout;
+    } else {
+	if ((output_fp = fopen(output_file, "w")) == NULL)
+	    sudo_fatal(U_("unable to open %s"), output_file);
+    }
+
+    /* Wrap lines at 80 columns with a 4 character indent. */
+    sudo_lbuf_init(&lbuf, convert_sudoers_output, 4, "\\", 80);
+
+    /* Print Defaults */
+    if (!ISSET(conf->suppress, SUPPRESS_DEFAULTS)) {
+	if (!print_defaults_sudoers(parse_tree, &lbuf, conf->expand_aliases))
+	    goto done;
+	if (lbuf.len > 0) {
+	    sudo_lbuf_print(&lbuf);
+	    sudo_lbuf_append(&lbuf, "\n");
+	}
+    }
+
+    /* Print Aliases */
+    if (!conf->expand_aliases && !ISSET(conf->suppress, SUPPRESS_ALIASES)) {
+	if (!print_aliases_sudoers(parse_tree, &lbuf))
+	    goto done;
+	if (lbuf.len > 1) {
+	    sudo_lbuf_print(&lbuf);
+	    sudo_lbuf_append(&lbuf, "\n");
+	}
+    }
+
+    /* Print User_Specs, separated by blank lines. */
+    if (!ISSET(conf->suppress, SUPPRESS_PRIVS)) {
+	if (!sudoers_format_userspecs(&lbuf, parse_tree, "\n",
+	    conf->expand_aliases, true)) {
+	    goto done;
+	}
+	if (lbuf.len > 1) {
+	    sudo_lbuf_print(&lbuf);
+	}
+    }
+
+done:
+    if (sudo_lbuf_error(&lbuf)) {
+	if (errno == ENOMEM)
+	    sudo_fatalx(U_("%s: %s"), __func__, U_("unable to allocate memory"));
+	ret = false;
+    }
+    sudo_lbuf_destroy(&lbuf);
+
+    (void)fflush(output_fp);
+    if (ferror(output_fp)) {
+	sudo_warn(U_("unable to write to %s"), output_file);
+	ret = false;
+    }
+    if (output_fp != stdout)
+	fclose(output_fp);
+
+    debug_return_bool(ret);
+}
+
+static void
+usage(int fatal)
+{
+    (void) fprintf(fatal ? stderr : stdout, "usage: %s [-ehMpV] [-b dn] "
+	"[-c conf_file ] [-d deftypes] [-f output_format] [-i input_format] "
+	"[-I increment] [-m filter] [-o output_file] [-O start_point] "
+	"[-P padding] [-s sections] [input_file]\n", getprogname());
+    if (fatal)
+	exit(1);
+}
+
+static void
+help(void)
+{
+    (void) printf(_("%s - convert between sudoers file formats\n\n"), getprogname());
+    usage(0);
+    (void) puts(_("\nOptions:\n"
+	"  -b, --base=dn              the base DN for sudo LDAP queries\n"
+	"  -c, --config=conf_file     the path to the configuration file\n"
+	"  -d, --defaults=deftypes    only convert Defaults of the specified types\n"
+	"  -e, --expand-aliases       expand aliases when converting\n"
+	"  -f, --output-format=format set output format: JSON, LDIF or sudoers\n"
+	"  -i, --input-format=format  set input format: LDIF or sudoers\n"
+	"  -I, --increment=num        amount to increase each sudoOrder by\n"
+	"  -h, --help                 display help message and exit\n"
+	"  -m, --match=filter         only convert entries that match the filter\n"
+	"  -M, --match-local          match filter uses passwd and group databases\n"
+	"  -o, --output=output_file   write converted sudoers to output_file\n"
+	"  -O, --order-start=num      starting point for first sudoOrder\n"
+	"  -p, --prune-matches        prune non-matching users, groups and hosts\n"
+	"  -P, --padding=num          base padding for sudoOrder increment\n"
+	"  -s, --suppress=sections    suppress output of certain sections\n"
+	"  -V, --version              display version information and exit"));
+    exit(0);
+}
diff --git a/plugins/sudoers/cvtsudoers.h b/plugins/sudoers/cvtsudoers.h
new file mode 100644
index 0000000..b93474b
--- /dev/null
+++ b/plugins/sudoers/cvtsudoers.h
@@ -0,0 +1,98 @@
+/*
+ * Copyright (c) 2018 Todd C. Miller <Todd.Miller@sudo.ws>
+ *
+ * Permission to use, copy, modify, and distribute this software for any
+ * purpose with or without fee is hereby granted, provided that the above
+ * copyright notice and this permission notice appear in all copies.
+ *
+ * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
+ * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
+ * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
+ * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
+ * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
+ * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
+ * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
+ */
+
+#ifndef SUDOERS_CVTSUDOERS_H
+#define SUDOERS_CVTSUDOERS_H
+
+#include "strlist.h"
+
+/* Supported input/output formats. */
+enum sudoers_formats {
+    format_json,
+    format_ldif,
+    format_sudoers
+};
+
+/* Flags for cvtsudoers_config.defaults */
+#define CVT_DEFAULTS_GLOBAL	0x01
+#define CVT_DEFAULTS_USER	0x02
+#define CVT_DEFAULTS_RUNAS	0x04
+#define CVT_DEFAULTS_HOST	0x08
+#define CVT_DEFAULTS_CMND	0x10
+#define CVT_DEFAULTS_ALL	0xff
+
+/* Flags for cvtsudoers_config.suppress */
+#define SUPPRESS_DEFAULTS	0x01
+#define SUPPRESS_ALIASES	0x02
+#define SUPPRESS_PRIVS		0x04
+
+/* cvtsudoers.conf settings */
+struct cvtsudoers_config {
+    unsigned int sudo_order;
+    unsigned int order_increment;
+    unsigned int order_padding;
+    unsigned int order_max;
+    short defaults;
+    short suppress;
+    bool expand_aliases;
+    bool store_options;
+    bool prune_matches;
+    char *sudoers_base;
+    char *input_format;
+    char *output_format;
+    char *filter;
+    char *defstr;
+    char *supstr;
+};
+
+/* Initial config settings for above. */
+#define INITIAL_CONFIG { 1, 1, 0, 0, CVT_DEFAULTS_ALL, 0, false, true, false }
+
+#define CONF_BOOL	0
+#define CONF_UINT	1
+#define CONF_STR	2
+
+struct cvtsudoers_conf_table {
+    const char *conf_str;	/* config file string */
+    int type;			/* CONF_BOOL, CONF_UINT, CONF_STR */
+    void *valp;			/* pointer into cvtsudoers_config */
+};
+
+struct cvtsudoers_filter {
+    struct sudoers_str_list users;
+    struct sudoers_str_list groups;
+    struct sudoers_str_list hosts;
+};
+
+/* cvtsudoers.c */
+extern struct cvtsudoers_filter *filters;
+
+/* cvtsudoers_json.c */
+bool convert_sudoers_json(struct sudoers_parse_tree *parse_tree, const char *output_file, struct cvtsudoers_config *conf);
+
+/* cvtsudoers_ldif.c */
+bool convert_sudoers_ldif(struct sudoers_parse_tree *parse_tree, const char *output_file, struct cvtsudoers_config *conf);
+
+/* cvtsudoers_pwutil.c */
+struct cache_item *cvtsudoers_make_pwitem(uid_t uid, const char *name);
+struct cache_item *cvtsudoers_make_gritem(gid_t gid, const char *name);
+struct cache_item *cvtsudoers_make_gidlist_item(const struct passwd *pw, char * const *unused1, unsigned int type);
+struct cache_item *cvtsudoers_make_grlist_item(const struct passwd *pw, char * const *unused1);
+
+/* stubs.c */
+void get_hostname(void);
+
+#endif /* SUDOERS_CVTSUDOERS_H */
diff --git a/plugins/sudoers/cvtsudoers_json.c b/plugins/sudoers/cvtsudoers_json.c
new file mode 100644
index 0000000..5fbef1c
--- /dev/null
+++ b/plugins/sudoers/cvtsudoers_json.c
@@ -0,0 +1,1161 @@
+/*
+ * Copyright (c) 2013-2018 Todd C. Miller <Todd.Miller@sudo.ws>
+ *
+ * Permission to use, copy, modify, and distribute this software for any
+ * purpose with or without fee is hereby granted, provided that the above
+ * copyright notice and this permission notice appear in all copies.
+ *
+ * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
+ * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
+ * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
+ * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
+ * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
+ * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
+ * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
+ */
+
+/*
+ * This is an open source non-commercial project. Dear PVS-Studio, please check it.
+ * PVS-Studio Static Code Analyzer for C, C++ and C#: http://www.viva64.com
+ */
+
+#include <config.h>
+
+#include <sys/types.h>
+#include <stdio.h>
+#include <stdlib.h>
+#ifdef HAVE_STRING_H
+# include <string.h>
+#endif /* HAVE_STRING_H */
+#ifdef HAVE_STRINGS_H
+# include <strings.h>
+#endif /* HAVE_STRINGS_H */
+#include <unistd.h>
+#include <stdarg.h>
+#include <time.h>
+#include <ctype.h>
+
+#include "sudoers.h"
+#include "cvtsudoers.h"
+#include <gram.h>
+
+/*
+ * JSON values may be of the following types.
+ */
+enum json_value_type {
+    JSON_STRING,
+    JSON_ID,
+    JSON_NUMBER,
+    JSON_OBJECT,
+    JSON_ARRAY,
+    JSON_BOOL,
+    JSON_NULL
+};
+
+/*
+ * JSON value suitable for printing.
+ * Note: this does not support object or array values.
+ */
+struct json_value {
+    enum json_value_type type;
+    union {
+	char *string;
+	int number;
+	id_t id;
+	bool boolean;
+    } u;
+};
+
+/*
+ * Closure used to store state when iterating over all aliases.
+ */
+struct json_alias_closure {
+    FILE *fp;
+    const char *title;
+    unsigned int count;
+    int alias_type;
+    int indent;
+    bool need_comma;
+};
+
+/*
+ * Type values used to disambiguate the generic WORD and ALIAS types.
+ */
+enum word_type {
+    TYPE_COMMAND,
+    TYPE_HOSTNAME,
+    TYPE_RUNASGROUP,
+    TYPE_RUNASUSER,
+    TYPE_USERNAME
+};
+
+/*
+ * Print "indent" number of blank characters.
+ */
+static void
+print_indent(FILE *fp, int indent)
+{
+    while (indent--)
+	putc(' ', fp);
+}
+
+/*
+ * Print a JSON string, escaping special characters.
+ * Does not support unicode escapes.
+ */
+static void
+print_string_json_unquoted(FILE *fp, const char *str)
+{
+    char ch;
+
+    while ((ch = *str++) != '\0') {
+	switch (ch) {
+	case '"':
+	case '\\':
+	    putc('\\', fp);
+	    break;
+	case '\b':
+	    ch = 'b';
+	    putc('\\', fp);
+	    break;
+	case '\f':
+	    ch = 'f';
+	    putc('\\', fp);
+	    break;
+	case '\n':
+	    ch = 'n';
+	    putc('\\', fp);
+	    break;
+	case '\r':
+	    ch = 'r';
+	    putc('\\', fp);
+	    break;
+	case '\t':
+	    ch = 't';
+	    putc('\\', fp);
+	    break;
+	}
+	putc(ch, fp);
+    }
+}
+
+/*
+ * Print a quoted JSON string, escaping special characters.
+ * Does not support unicode escapes.
+ */
+static void
+print_string_json(FILE *fp, const char *str)
+{
+    putc('\"', fp);
+    print_string_json_unquoted(fp, str);
+    putc('\"', fp);
+}
+
+/*
+ * Print a JSON name: value pair with proper quoting and escaping.
+ */
+static void
+print_pair_json(FILE *fp, const char *pre, const char *name,
+    const struct json_value *value, const char *post, int indent)
+{
+    debug_decl(print_pair_json, SUDOERS_DEBUG_UTIL)
+
+    print_indent(fp, indent);
+
+    /* prefix */
+    if (pre != NULL)
+	fputs(pre, fp);
+
+    /* name */
+    print_string_json(fp, name);
+    putc(':', fp);
+    putc(' ', fp);
+
+    /* value */
+    switch (value->type) {
+    case JSON_STRING:
+	print_string_json(fp, value->u.string);
+	break;
+    case JSON_ID:
+	fprintf(fp, "%u", (unsigned int)value->u.id);
+	break;
+    case JSON_NUMBER:
+	fprintf(fp, "%d", value->u.number);
+	break;
+    case JSON_NULL:
+	fputs("null", fp);
+	break;
+    case JSON_BOOL:
+	fputs(value->u.boolean ? "true" : "false", fp);
+	break;
+    case JSON_OBJECT:
+	sudo_fatalx("internal error: can't print JSON_OBJECT");
+	break;
+    case JSON_ARRAY:
+	sudo_fatalx("internal error: can't print JSON_ARRAY");
+	break;
+    }
+
+    /* postfix */
+    if (post != NULL)
+	fputs(post, fp);
+
+    debug_return;
+}
+
+/*
+ * Print a JSON string with optional prefix and postfix to fp.
+ * Strings are not quoted but are escaped as per the JSON spec.
+ */
+static void
+printstr_json(FILE *fp, const char *pre, const char *str, const char *post,
+    int indent)
+{
+    debug_decl(printstr_json, SUDOERS_DEBUG_UTIL)
+
+    print_indent(fp, indent);
+    if (pre != NULL)
+	fputs(pre, fp);
+    if (str != NULL) {
+	print_string_json_unquoted(fp, str);
+    }
+    if (post != NULL)
+	fputs(post, fp);
+    debug_return;
+}
+
+/*
+ * Print sudo command member in JSON format, with specified indentation.
+ * If last_one is false, a comma will be printed before the newline
+ * that closes the object.
+ */
+static void
+print_command_json(FILE *fp, const char *name, int type, bool negated, int indent, bool last_one)
+{
+    struct sudo_command *c = (struct sudo_command *)name;
+    struct json_value value;
+    const char *digest_name;
+    debug_decl(print_command_json, SUDOERS_DEBUG_UTIL)
+
+    printstr_json(fp, "{", NULL, NULL, indent);
+    if (negated || c->digest != NULL) {
+	putc('\n', fp);
+	indent += 4;
+    } else {
+	putc(' ', fp);
+	indent = 0;
+    }
+
+    /* Print command with optional command line args. */
+    if (c->args != NULL) {
+	printstr_json(fp, "\"", "command", "\": ", indent);
+	printstr_json(fp, "\"", c->cmnd, " ", 0);
+	printstr_json(fp, NULL, c->args, "\"", 0);
+    } else {
+	value.type = JSON_STRING;
+	value.u.string = c->cmnd;
+	print_pair_json(fp, NULL, "command", &value, NULL, indent);
+    }
+
+    /* Optional digest. */
+    if (c->digest != NULL) {
+	fputs(",\n", fp);
+	digest_name = digest_type_to_name(c->digest->digest_type);
+	value.type = JSON_STRING;
+	value.u.string = c->digest->digest_str;
+	print_pair_json(fp, NULL, digest_name, &value, NULL, indent);
+    }
+
+    /* Command may be negated. */
+    if (negated) {
+	fputs(",\n", fp);
+	value.type = JSON_BOOL;
+	value.u.boolean = true;
+	print_pair_json(fp, NULL, "negated", &value, NULL, indent);
+    }
+
+    if (indent != 0) {
+	indent -= 4;
+	putc('\n', fp);
+	print_indent(fp, indent);
+    } else {
+	putc(' ', fp);
+    }
+    putc('}', fp);
+    if (!last_one)
+	putc(',', fp);
+    putc('\n', fp);
+
+    debug_return;
+}
+
+/*
+ * Map an alias type to enum word_type.
+ */
+static enum word_type
+alias_to_word_type(int alias_type)
+{
+    switch (alias_type) {
+    case CMNDALIAS:
+	return TYPE_COMMAND;
+    case HOSTALIAS:
+	return TYPE_HOSTNAME;
+    case RUNASALIAS:
+	return TYPE_RUNASUSER;
+    case USERALIAS:
+	return TYPE_USERNAME;
+    default:
+	sudo_fatalx_nodebug("unexpected alias type %d", alias_type);
+    }
+}
+
+/*
+ * Map a Defaults type to enum word_type.
+ */
+static enum word_type
+defaults_to_word_type(int defaults_type)
+{
+    switch (defaults_type) {
+    case DEFAULTS_CMND:
+	return TYPE_COMMAND;
+    case DEFAULTS_HOST:
+	return TYPE_HOSTNAME;
+    case DEFAULTS_RUNAS:
+	return TYPE_RUNASUSER;
+    case DEFAULTS_USER:
+	return TYPE_USERNAME;
+    default:
+	sudo_fatalx_nodebug("unexpected defaults type %d", defaults_type);
+    }
+}
+
+/*
+ * Print struct member in JSON format, with specified indentation.
+ * If last_one is false, a comma will be printed before the newline
+ * that closes the object.
+ */
+static void
+print_member_json_int(FILE *fp, struct sudoers_parse_tree *parse_tree,
+    char *name, int type, bool negated, enum word_type word_type,
+    bool last_one, int indent, bool expand_aliases)
+{
+    struct json_value value;
+    const char *typestr = NULL;
+    const char *errstr;
+    int alias_type = UNSPEC;
+    id_t id;
+    debug_decl(print_member_json_int, SUDOERS_DEBUG_UTIL)
+
+    /* Most of the time we print a string. */
+    value.type = JSON_STRING;
+    if (name != NULL) {
+	value.u.string = name;
+    } else {
+	switch (type) {
+	case ALL:
+	    value.u.string = "ALL";
+	    break;
+	case MYSELF:
+	    value.u.string = "";
+	    break;
+	default:
+	    sudo_fatalx("missing member name for type %d", type);
+	}
+    }
+
+    switch (type) {
+    case USERGROUP:
+	value.u.string++; /* skip leading '%' */
+	if (*value.u.string == ':') {
+	    value.u.string++;
+	    typestr = "nonunixgroup";
+	    if (*value.u.string == '#') {
+		id = sudo_strtoid(value.u.string + 1, NULL, NULL, &errstr);
+		if (errstr != NULL) {
+		    sudo_warnx("internal error: non-Unix group ID %s: \"%s\"",
+			errstr, value.u.string + 1);
+		} else {
+		    value.type = JSON_ID;
+		    value.u.id = id;
+		    typestr = "nonunixgid";
+		}
+	    }
+	} else {
+	    typestr = "usergroup";
+	    if (*value.u.string == '#') {
+		id = sudo_strtoid(value.u.string + 1, NULL, NULL, &errstr);
+		if (errstr != NULL) {
+		    sudo_warnx("internal error: group ID %s: \"%s\"",
+			errstr, value.u.string + 1);
+		} else {
+		    value.type = JSON_ID;
+		    value.u.id = id;
+		    typestr = "usergid";
+		}
+	    }
+	}
+	break;
+    case NETGROUP:
+	typestr = "netgroup";
+	value.u.string++; /* skip leading '+' */
+	break;
+    case NTWKADDR:
+	typestr = "networkaddr";
+	break;
+    case COMMAND:
+	print_command_json(fp, name, type, negated, indent, last_one);
+	debug_return;
+    case ALL:
+    case MYSELF:
+    case WORD:
+	switch (word_type) {
+	case TYPE_COMMAND:
+	    typestr = "command";
+	    break;
+	case TYPE_HOSTNAME:
+	    typestr = "hostname";
+	    break;
+	case TYPE_RUNASGROUP:
+	    typestr = "usergroup";
+	    break;
+	case TYPE_RUNASUSER:
+	case TYPE_USERNAME:
+	    typestr = "username";
+	    if (*value.u.string == '#') {
+		id = sudo_strtoid(value.u.string + 1, NULL, NULL, &errstr);
+		if (errstr != NULL) {
+		    sudo_warnx("internal error: user ID %s: \"%s\"",
+			errstr, name);
+		} else {
+		    value.type = JSON_ID;
+		    value.u.id = id;
+		    typestr = "userid";
+		}
+	    }
+	    break;
+	default:
+	    sudo_fatalx("unexpected word type %d", word_type);
+	}
+	break;
+    case ALIAS:
+	switch (word_type) {
+	case TYPE_COMMAND:
+	    if (expand_aliases) {
+		alias_type = CMNDALIAS;
+	    } else {
+		typestr = "cmndalias";
+	    }
+	    break;
+	case TYPE_HOSTNAME:
+	    if (expand_aliases) {
+		alias_type = HOSTALIAS;
+	    } else {
+		typestr = "hostalias";
+	    }
+	    break;
+	case TYPE_RUNASGROUP:
+	case TYPE_RUNASUSER:
+	    if (expand_aliases) {
+		alias_type = RUNASALIAS;
+	    } else {
+		typestr = "runasalias";
+	    }
+	    break;
+	case TYPE_USERNAME:
+	    if (expand_aliases) {
+		alias_type = USERALIAS;
+	    } else {
+		typestr = "useralias";
+	    }
+	    break;
+	default:
+	    sudo_fatalx("unexpected word type %d", word_type);
+	}
+	break;
+    default:
+	sudo_fatalx("unexpected member type %d", type);
+    }
+
+    if (expand_aliases && type == ALIAS) {
+	struct alias *a;
+	struct member *m;
+
+	/* Print each member of the alias. */
+	if ((a = alias_get(parse_tree, value.u.string, alias_type)) != NULL) {
+	    TAILQ_FOREACH(m, &a->members, entries) {
+		print_member_json_int(fp, parse_tree, m->name, m->type,
+		    negated ? !m->negated : m->negated,
+		    alias_to_word_type(alias_type),
+		    last_one && TAILQ_NEXT(m, entries) == NULL, indent, true);
+	    }
+	    alias_put(a);
+	}
+    } else {
+	if (negated) {
+	    print_indent(fp, indent);
+	    fputs("{\n", fp);
+	    indent += 4;
+	    print_pair_json(fp, NULL, typestr, &value, ",\n", indent);
+	    value.type = JSON_BOOL;
+	    value.u.boolean = true;
+	    print_pair_json(fp, NULL, "negated", &value, "\n", indent);
+	    indent -= 4;
+	    print_indent(fp, indent);
+	    putc('}', fp);
+	} else {
+	    print_pair_json(fp, "{ ", typestr, &value, " }", indent);
+	}
+
+	if (!last_one)
+	    putc(',', fp);
+	putc('\n', fp);
+    }
+
+    debug_return;
+}
+
+static void
+print_member_json(FILE *fp, struct sudoers_parse_tree *parse_tree,
+    struct member *m, enum word_type word_type, bool last_one,
+    int indent, bool expand_aliases)
+{
+    print_member_json_int(fp, parse_tree, m->name, m->type, m->negated,
+	word_type, last_one, indent, expand_aliases);
+}
+
+/*
+ * Callback for alias_apply() to print an alias entry if it matches
+ * the type specified in the closure.
+ */
+static int
+print_alias_json(struct sudoers_parse_tree *parse_tree, struct alias *a, void *v)
+{
+    struct json_alias_closure *closure = v;
+    struct member *m;
+    debug_decl(print_alias_json, SUDOERS_DEBUG_UTIL)
+
+    if (a->type != closure->alias_type)
+	debug_return_int(0);
+
+    /* Open the aliases object or close the last entry, then open new one. */
+    if (closure->count++ == 0) {
+	fprintf(closure->fp, "%s\n%*s\"%s\": {\n",
+	    closure->need_comma ? "," : "", closure->indent, "",
+	    closure->title);
+	closure->indent += 4;
+    } else {
+	fprintf(closure->fp, "%*s],\n", closure->indent, "");
+    }
+    printstr_json(closure->fp, "\"", a->name, "\": [\n", closure->indent);
+
+    closure->indent += 4;
+    TAILQ_FOREACH(m, &a->members, entries) {
+	print_member_json(closure->fp, parse_tree, m,
+	    alias_to_word_type(closure->alias_type),
+	    TAILQ_NEXT(m, entries) == NULL, closure->indent, false);
+    }
+    closure->indent -= 4;
+    debug_return_int(0);
+}
+
+/*
+ * Print the binding for a Defaults entry of the specified type.
+ */
+static void
+print_binding_json(FILE *fp, struct sudoers_parse_tree *parse_tree,
+    struct member_list *binding, int type, int indent, bool expand_aliases)
+{
+    struct member *m;
+    debug_decl(print_binding_json, SUDOERS_DEBUG_UTIL)
+
+    if (TAILQ_EMPTY(binding))
+	debug_return;
+
+    fprintf(fp, "%*s\"Binding\": [\n", indent, "");
+    indent += 4;
+
+    /* Print each member object in binding. */
+    TAILQ_FOREACH(m, binding, entries) {
+	print_member_json(fp, parse_tree, m, defaults_to_word_type(type),
+	     TAILQ_NEXT(m, entries) == NULL, indent, expand_aliases);
+    }
+
+    indent -= 4;
+    fprintf(fp, "%*s],\n", indent, "");
+
+    debug_return;
+}
+
+/*
+ * Print a Defaults list JSON format.
+ */
+static void
+print_defaults_list_json(FILE *fp, struct defaults *def, int indent)
+{
+    char savech, *start, *end = def->val;
+    struct json_value value;
+    debug_decl(print_defaults_list_json, SUDOERS_DEBUG_UTIL)
+
+    fprintf(fp, "%*s{\n", indent, "");
+    indent += 4;
+    value.type = JSON_STRING;
+    switch (def->op) {
+    case '+':
+	value.u.string = "list_add";
+	break;
+    case '-':
+	value.u.string = "list_remove";
+	break;
+    case true:
+	value.u.string = "list_assign";
+	break;
+    default:
+	sudo_warnx("internal error: unexpected list op %d", def->op);
+	value.u.string = "unsupported";
+	break;
+    }
+    print_pair_json(fp, NULL, "operation", &value, ",\n", indent);
+    printstr_json(fp, "\"", def->var, "\": [\n", indent);
+    indent += 4;
+    print_indent(fp, indent);
+    /* Split value into multiple space-separated words. */
+    do {
+	/* Remove leading blanks, must have a non-empty string. */
+	for (start = end; isblank((unsigned char)*start); start++)
+	    continue;
+	if (*start == '\0')
+	    break;
+
+	/* Find the end and print it. */
+	for (end = start; *end && !isblank((unsigned char)*end); end++)
+	    continue;
+	savech = *end;
+	*end = '\0';
+	print_string_json(fp, start);
+	if (savech != '\0')
+	    putc(',', fp);
+	*end = savech;
+    } while (*end++ != '\0');
+    putc('\n', fp);
+    indent -= 4;
+    fprintf(fp, "%*s]\n", indent, "");
+    indent -= 4;
+    fprintf(fp, "%*s}", indent, "");
+
+    debug_return;
+}
+
+static int
+get_defaults_type(struct defaults *def)
+{
+    struct sudo_defs_types *cur;
+
+    /* Look up def in table to find its type. */
+    for (cur = sudo_defs_table; cur->name; cur++) {
+	if (strcmp(def->var, cur->name) == 0)
+	    return cur->type;
+    }
+    return -1;
+}
+
+/*
+ * Export all Defaults in JSON format.
+ */
+static bool
+print_defaults_json(FILE *fp, struct sudoers_parse_tree *parse_tree,
+    int indent, bool expand_aliases, bool need_comma)
+{
+    struct json_value value;
+    struct defaults *def, *next;
+    int type;
+    debug_decl(print_defaults_json, SUDOERS_DEBUG_UTIL)
+
+    if (TAILQ_EMPTY(&parse_tree->defaults))
+	debug_return_bool(need_comma);
+
+    fprintf(fp, "%s\n%*s\"Defaults\": [\n", need_comma ? "," : "", indent, "");
+    indent += 4;
+
+    TAILQ_FOREACH_SAFE(def, &parse_tree->defaults, entries, next) {
+	type = get_defaults_type(def);
+	if (type == -1) {
+	    sudo_warnx(U_("unknown defaults entry \"%s\""), def->var);
+	    /* XXX - just pass it through as a string anyway? */
+	    continue;
+	}
+
+	/* Found it, print object container and binding (if any). */
+	fprintf(fp, "%*s{\n", indent, "");
+	indent += 4;
+	print_binding_json(fp, parse_tree, def->binding, def->type,
+	    indent, expand_aliases);
+
+	/* Validation checks. */
+	/* XXX - validate values in addition to names? */
+
+	/* Print options, merging ones with the same binding. */
+	fprintf(fp, "%*s\"Options\": [\n", indent, "");
+	indent += 4;
+	for (;;) {
+	    next = TAILQ_NEXT(def, entries);
+	    /* XXX - need to update cur too */
+	    if ((type & T_MASK) == T_FLAG || def->val == NULL) {
+		value.type = JSON_BOOL;
+		value.u.boolean = def->op;
+		print_pair_json(fp, "{ ", def->var, &value, " }", indent);
+	    } else if ((type & T_MASK) == T_LIST) {
+		print_defaults_list_json(fp, def, indent);
+	    } else {
+		value.type = JSON_STRING;
+		value.u.string = def->val;
+		print_pair_json(fp, "{ ", def->var, &value, " }", indent);
+	    }
+	    if (next == NULL || def->binding != next->binding)
+		break;
+	    def = next;
+	    type = get_defaults_type(def);
+	    if (type == -1) {
+		sudo_warnx(U_("unknown defaults entry \"%s\""), def->var);
+		/* XXX - just pass it through as a string anyway? */
+		break;
+	    }
+	    fputs(",\n", fp);
+	}
+	putc('\n', fp);
+	indent -= 4;
+	print_indent(fp, indent);
+	fputs("]\n", fp);
+	indent -= 4;
+	print_indent(fp, indent);
+	fprintf(fp, "}%s\n", next != NULL ? "," : "");
+    }
+
+    /* Close Defaults array; comma (if any) & newline will be printer later. */
+    indent -= 4;
+    print_indent(fp, indent);
+    fputs("]", fp);
+
+    debug_return_bool(true);
+}
+
+/*
+ * Export all aliases of the specified type in JSON format.
+ * Iterates through the entire aliases tree.
+ */
+static bool
+print_aliases_by_type_json(FILE *fp, struct sudoers_parse_tree *parse_tree,
+    int alias_type, const char *title, int indent, bool need_comma)
+{
+    struct json_alias_closure closure;
+    debug_decl(print_aliases_by_type_json, SUDOERS_DEBUG_UTIL)
+
+    closure.fp = fp;
+    closure.indent = indent;
+    closure.count = 0;
+    closure.alias_type = alias_type;
+    closure.title = title;
+    closure.need_comma = need_comma;
+    alias_apply(parse_tree, print_alias_json, &closure);
+    if (closure.count != 0) {
+	print_indent(fp, closure.indent);
+	fputs("]\n", fp);
+	closure.indent -= 4;
+	print_indent(fp, closure.indent);
+	putc('}', fp);
+	need_comma = true;
+    }
+
+    debug_return_bool(need_comma);
+}
+
+/*
+ * Export all aliases in JSON format.
+ */
+static bool
+print_aliases_json(FILE *fp, struct sudoers_parse_tree *parse_tree,
+    int indent, bool need_comma)
+{
+    debug_decl(print_aliases_json, SUDOERS_DEBUG_UTIL)
+
+    need_comma = print_aliases_by_type_json(fp, parse_tree, USERALIAS,
+	"User_Aliases", indent, need_comma);
+    need_comma = print_aliases_by_type_json(fp, parse_tree, RUNASALIAS,
+	"Runas_Aliases", indent, need_comma);
+    need_comma = print_aliases_by_type_json(fp, parse_tree, HOSTALIAS,
+	"Host_Aliases", indent, need_comma);
+    need_comma = print_aliases_by_type_json(fp, parse_tree, CMNDALIAS,
+	"Command_Aliases", indent, need_comma);
+
+    debug_return_bool(need_comma);
+}
+
+/*
+ * Print a Cmnd_Spec in JSON format at the specified indent level.
+ * A pointer to the next Cmnd_Spec is passed in to make it possible to
+ * merge adjacent entries that are identical in all but the command.
+ */
+static void
+print_cmndspec_json(FILE *fp, struct sudoers_parse_tree *parse_tree,
+    struct cmndspec *cs, struct cmndspec **nextp,
+    struct defaults_list *options, bool expand_aliases, int indent)
+{
+    struct cmndspec *next = *nextp;
+    struct json_value value;
+    struct defaults *def;
+    struct member *m;
+    struct tm *tp;
+    bool last_one;
+    char timebuf[sizeof("20120727121554Z")];
+    debug_decl(print_cmndspec_json, SUDOERS_DEBUG_UTIL)
+
+    /* Open Cmnd_Spec object. */
+    fprintf(fp, "%*s{\n", indent, "");
+    indent += 4;
+
+    /* Print runasuserlist */
+    if (cs->runasuserlist != NULL) {
+	fprintf(fp, "%*s\"runasusers\": [\n", indent, "");
+	indent += 4;
+	TAILQ_FOREACH(m, cs->runasuserlist, entries) {
+	    print_member_json(fp, parse_tree, m, TYPE_RUNASUSER,
+		TAILQ_NEXT(m, entries) == NULL, indent, expand_aliases);
+	}
+	indent -= 4;
+	fprintf(fp, "%*s],\n", indent, "");
+    }
+
+    /* Print runasgrouplist */
+    if (cs->runasgrouplist != NULL) {
+	fprintf(fp, "%*s\"runasgroups\": [\n", indent, "");
+	indent += 4;
+	TAILQ_FOREACH(m, cs->runasgrouplist, entries) {
+	    print_member_json(fp, parse_tree, m, TYPE_RUNASGROUP,
+		TAILQ_NEXT(m, entries) == NULL, indent, expand_aliases);
+	}
+	indent -= 4;
+	fprintf(fp, "%*s],\n", indent, "");
+    }
+
+    /* Print options and tags */
+    if (cs->timeout > 0 || cs->notbefore != UNSPEC || cs->notafter != UNSPEC ||
+	TAGS_SET(cs->tags) || !TAILQ_EMPTY(options)) {
+	struct cmndtag tag = cs->tags;
+	const char *prefix = "\n";
+
+	fprintf(fp, "%*s\"Options\": [", indent, "");
+	indent += 4;
+	if (cs->timeout > 0) {
+	    value.type = JSON_NUMBER;
+	    value.u.number = cs->timeout;
+	    fputs(prefix, fp);
+	    print_pair_json(fp, "{ ", "command_timeout", &value, " }", indent);
+	    prefix = ",\n";
+	}
+	if (cs->notbefore != UNSPEC) {
+	    if ((tp = gmtime(&cs->notbefore)) == NULL) {
+		sudo_warn(U_("unable to get GMT time"));
+	    } else {
+		if (strftime(timebuf, sizeof(timebuf), "%Y%m%d%H%M%SZ", tp) == 0) {
+		    sudo_warnx(U_("unable to format timestamp"));
+		} else {
+		    value.type = JSON_STRING;
+		    value.u.string = timebuf;
+		    fputs(prefix, fp);
+		    print_pair_json(fp, "{ ", "notbefore", &value, " }", indent);
+		    prefix = ",\n";
+		}
+	    }
+	}
+	if (cs->notafter != UNSPEC) {
+	    if ((tp = gmtime(&cs->notafter)) == NULL) {
+		sudo_warn(U_("unable to get GMT time"));
+	    } else {
+		if (strftime(timebuf, sizeof(timebuf), "%Y%m%d%H%M%SZ", tp) == 0) {
+		    sudo_warnx(U_("unable to format timestamp"));
+		} else {
+		    value.type = JSON_STRING;
+		    value.u.string = timebuf;
+		    fputs(prefix, fp);
+		    print_pair_json(fp, "{ ", "notafter", &value, " }", indent);
+		    prefix = ",\n";
+		}
+	    }
+	}
+	if (tag.nopasswd != UNSPEC) {
+	    value.type = JSON_BOOL;
+	    value.u.boolean = !tag.nopasswd;
+	    fputs(prefix, fp);
+	    print_pair_json(fp, "{ ", "authenticate", &value, " }", indent);
+	    prefix = ",\n";
+	}
+	if (tag.noexec != UNSPEC) {
+	    value.type = JSON_BOOL;
+	    value.u.boolean = tag.noexec;
+	    fputs(prefix, fp);
+	    print_pair_json(fp, "{ ", "noexec", &value, " }", indent);
+	    prefix = ",\n";
+	}
+	if (tag.send_mail != UNSPEC) {
+	    value.type = JSON_BOOL;
+	    value.u.boolean = tag.send_mail;
+	    fputs(prefix, fp);
+	    print_pair_json(fp, "{ ", "send_mail", &value, " }", indent);
+	    prefix = ",\n";
+	}
+	if (tag.setenv != UNSPEC) {
+	    value.type = JSON_BOOL;
+	    value.u.boolean = tag.setenv;
+	    fputs(prefix, fp);
+	    print_pair_json(fp, "{ ", "setenv", &value, " }", indent);
+	    prefix = ",\n";
+	}
+	if (tag.follow != UNSPEC) {
+	    value.type = JSON_BOOL;
+	    value.u.boolean = tag.follow;
+	    fputs(prefix, fp);
+	    print_pair_json(fp, "{ ", "sudoedit_follow", &value, " }", indent);
+	    prefix = ",\n";
+	}
+	if (tag.log_input != UNSPEC) {
+	    value.type = JSON_BOOL;
+	    value.u.boolean = tag.log_input;
+	    fputs(prefix, fp);
+	    print_pair_json(fp, "{ ", "log_input", &value, " }", indent);
+	    prefix = ",\n";
+	}
+	if (tag.log_output != UNSPEC) {
+	    value.type = JSON_BOOL;
+	    value.u.boolean = tag.log_output;
+	    fputs(prefix, fp);
+	    print_pair_json(fp, "{ ", "log_output", &value, " }", indent);
+	    prefix = ",\n";
+	}
+	TAILQ_FOREACH(def, options, entries) {
+	    int type = get_defaults_type(def);
+	    if (type == -1) {
+		sudo_warnx(U_("unknown defaults entry \"%s\""), def->var);
+		/* XXX - just pass it through as a string anyway? */
+		continue;
+	    }
+	    fputs(prefix, fp);
+	    if ((type & T_MASK) == T_FLAG || def->val == NULL) {
+		value.type = JSON_BOOL;
+		value.u.boolean = def->op;
+		print_pair_json(fp, "{ ", def->var, &value, " }", indent);
+	    } else if ((type & T_MASK) == T_LIST) {
+		print_defaults_list_json(fp, def, indent);
+	    } else {
+		value.type = JSON_STRING;
+		value.u.string = def->val;
+		print_pair_json(fp, "{ ", def->var, &value, " }", indent);
+	    }
+	    prefix = ",\n";
+	}
+	putc('\n', fp);
+	indent -= 4;
+	fprintf(fp, "%*s],\n", indent, "");
+    }
+
+#ifdef HAVE_SELINUX
+    /* Print SELinux role/type */
+    if (cs->role != NULL && cs->type != NULL) {
+	fprintf(fp, "%*s\"SELinux_Spec\": [\n", indent, "");
+	indent += 4;
+	value.type = JSON_STRING;
+	value.u.string = cs->role;
+	print_pair_json(fp, NULL, "role", &value, ",\n", indent);
+	value.u.string = cs->type;
+	print_pair_json(fp, NULL, "type", &value, "\n", indent);
+	indent -= 4;
+	fprintf(fp, "%*s],\n", indent, "");
+    }
+#endif /* HAVE_SELINUX */
+
+#ifdef HAVE_PRIV_SET
+    /* Print Solaris privs/limitprivs */
+    if (cs->privs != NULL || cs->limitprivs != NULL) {
+	fprintf(fp, "%*s\"Solaris_Priv_Spec\": [\n", indent, "");
+	indent += 4;
+	value.type = JSON_STRING;
+	if (cs->privs != NULL) {
+	    value.u.string = cs->privs;
+	    print_pair_json(fp, NULL, "privs", &value,
+		cs->limitprivs != NULL ? ",\n" : "\n", indent);
+	}
+	if (cs->limitprivs != NULL) {
+	    value.u.string = cs->limitprivs;
+	    print_pair_json(fp, NULL, "limitprivs", &value, "\n", indent);
+	}
+	indent -= 4;
+	fprintf(fp, "%*s],\n", indent, "");
+    }
+#endif /* HAVE_PRIV_SET */
+
+    /*
+     * Merge adjacent commands with matching tags, runas, SELinux
+     * role/type and Solaris priv settings.
+     */
+    fprintf(fp, "%*s\"Commands\": [\n", indent, "");
+    indent += 4;
+    for (;;) {
+	/* Does the next entry differ only in the command itself? */
+	/* XXX - move into a function that returns bool */
+	last_one = next == NULL ||
+	    RUNAS_CHANGED(cs, next) || TAGS_CHANGED(cs->tags, next->tags)
+#ifdef HAVE_PRIV_SET
+	    || cs->privs != next->privs || cs->limitprivs != next->limitprivs
+#endif /* HAVE_PRIV_SET */
+#ifdef HAVE_SELINUX
+	    || cs->role != next->role || cs->type != next->type
+#endif /* HAVE_SELINUX */
+	    ;
+
+	print_member_json(fp, parse_tree, cs->cmnd, TYPE_COMMAND,
+	    last_one, indent, expand_aliases);
+	if (last_one)
+	    break;
+	cs = next;
+	next = TAILQ_NEXT(cs, entries);
+    }
+    indent -= 4;
+    fprintf(fp, "%*s]\n", indent, "");
+
+    /* Close Cmnd_Spec object. */
+    indent -= 4;
+    fprintf(fp, "%*s}%s\n", indent, "", TAILQ_NEXT(cs, entries) != NULL ? "," : "");
+
+    *nextp = next;
+
+    debug_return;
+}
+
+/*
+ * Print a User_Spec in JSON format at the specified indent level.
+ */
+static void
+print_userspec_json(FILE *fp, struct sudoers_parse_tree *parse_tree,
+    struct userspec *us, int indent, bool expand_aliases)
+{
+    struct privilege *priv;
+    struct member *m;
+    struct cmndspec *cs, *next;
+    debug_decl(print_userspec_json, SUDOERS_DEBUG_UTIL)
+
+    /*
+     * Each userspec struct may contain multiple privileges for
+     * a user.  We export each privilege as a separate User_Spec
+     * object for simplicity's sake.
+     */
+    TAILQ_FOREACH(priv, &us->privileges, entries) {
+	/* Open User_Spec object. */
+	fprintf(fp, "%*s{\n", indent, "");
+	indent += 4;
+
+	/* Print users list. */
+	fprintf(fp, "%*s\"User_List\": [\n", indent, "");
+	indent += 4;
+	TAILQ_FOREACH(m, &us->users, entries) {
+	    print_member_json(fp, parse_tree, m, TYPE_USERNAME,
+		TAILQ_NEXT(m, entries) == NULL, indent, expand_aliases);
+	}
+	indent -= 4;
+	fprintf(fp, "%*s],\n", indent, "");
+
+	/* Print hosts list. */
+	fprintf(fp, "%*s\"Host_List\": [\n", indent, "");
+	indent += 4;
+	TAILQ_FOREACH(m, &priv->hostlist, entries) {
+	    print_member_json(fp, parse_tree, m, TYPE_HOSTNAME,
+		TAILQ_NEXT(m, entries) == NULL, indent, expand_aliases);
+	}
+	indent -= 4;
+	fprintf(fp, "%*s],\n", indent, "");
+
+	/* Print commands. */
+	fprintf(fp, "%*s\"Cmnd_Specs\": [\n", indent, "");
+	indent += 4;
+	TAILQ_FOREACH_SAFE(cs, &priv->cmndlist, entries, next) {
+	    print_cmndspec_json(fp, parse_tree, cs, &next, &priv->defaults,
+		expand_aliases, indent);
+	}
+	indent -= 4;
+	fprintf(fp, "%*s]\n", indent, "");
+
+	/* Close User_Spec object. */
+	indent -= 4;
+	fprintf(fp, "%*s}%s\n", indent, "", TAILQ_NEXT(priv, entries) != NULL ||
+	    TAILQ_NEXT(us, entries) != NULL ? "," : "");
+    }
+
+    debug_return;
+}
+
+static bool
+print_userspecs_json(FILE *fp, struct sudoers_parse_tree *parse_tree,
+    int indent, bool expand_aliases, bool need_comma)
+{
+    struct userspec *us;
+    debug_decl(print_userspecs_json, SUDOERS_DEBUG_UTIL)
+
+    if (TAILQ_EMPTY(&parse_tree->userspecs))
+	debug_return_bool(need_comma);
+
+    fprintf(fp, "%s\n%*s\"User_Specs\": [\n", need_comma ? "," : "", indent, "");
+    indent += 4;
+    TAILQ_FOREACH(us, &parse_tree->userspecs, entries) {
+	print_userspec_json(fp, parse_tree, us, indent, expand_aliases);
+    }
+    indent -= 4;
+    fprintf(fp, "%*s]", indent, "");
+
+    debug_return_bool(true);
+}
+
+/*
+ * Export the parsed sudoers file in JSON format.
+ */
+bool
+convert_sudoers_json(struct sudoers_parse_tree *parse_tree,
+    const char *output_file, struct cvtsudoers_config *conf)
+{
+    bool ret = true, need_comma = false;
+    const int indent = 4;
+    FILE *output_fp = stdout;
+    debug_decl(convert_sudoers_json, SUDOERS_DEBUG_UTIL)
+
+    if (strcmp(output_file, "-") != 0) {
+	if ((output_fp = fopen(output_file, "w")) == NULL)
+	    sudo_fatal(U_("unable to open %s"), output_file);
+    }
+
+    /* Open JSON output. */
+    putc('{', output_fp);
+
+    /* Dump Defaults in JSON format. */
+    if (!ISSET(conf->suppress, SUPPRESS_DEFAULTS)) {
+	need_comma = print_defaults_json(output_fp, parse_tree, indent,
+	    conf->expand_aliases, need_comma);
+    }
+
+    /* Dump Aliases in JSON format. */
+    if (!conf->expand_aliases && !ISSET(conf->suppress, SUPPRESS_ALIASES)) {
+	need_comma = print_aliases_json(output_fp, parse_tree, indent,
+	    need_comma);
+    }
+
+    /* Dump User_Specs in JSON format. */
+    if (!ISSET(conf->suppress, SUPPRESS_PRIVS)) {
+	print_userspecs_json(output_fp, parse_tree, indent,
+	    conf->expand_aliases, need_comma);
+    }
+
+    /* Close JSON output. */
+    fputs("\n}\n", output_fp);
+    (void)fflush(output_fp);
+    if (ferror(output_fp))
+	ret = false;
+    if (output_fp != stdout)
+	fclose(output_fp);
+
+    debug_return_bool(ret);
+}
diff --git a/plugins/sudoers/cvtsudoers_ldif.c b/plugins/sudoers/cvtsudoers_ldif.c
new file mode 100644
index 0000000..0f43a5a
--- /dev/null
+++ b/plugins/sudoers/cvtsudoers_ldif.c
@@ -0,0 +1,665 @@
+/*
+ * Copyright (c) 2018 Todd C. Miller <Todd.Miller@sudo.ws>
+ *
+ * Permission to use, copy, modify, and distribute this software for any
+ * purpose with or without fee is hereby granted, provided that the above
+ * copyright notice and this permission notice appear in all copies.
+ *
+ * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
+ * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
+ * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
+ * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
+ * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
+ * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
+ * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
+ */
+
+/*
+ * This is an open source non-commercial project. Dear PVS-Studio, please check it.
+ * PVS-Studio Static Code Analyzer for C, C++ and C#: http://www.viva64.com
+ */
+
+#include <config.h>
+
+#include <sys/types.h>
+#include <stdio.h>
+#include <stdlib.h>
+#ifdef HAVE_STRING_H
+# include <string.h>
+#endif /* HAVE_STRING_H */
+#ifdef HAVE_STRINGS_H
+# include <strings.h>
+#endif /* HAVE_STRINGS_H */
+#include <unistd.h>
+#include <stdarg.h>
+
+#include "sudoers.h"
+#include "sudo_ldap.h"
+#include "redblack.h"
+#include "cvtsudoers.h"
+#include "sudo_lbuf.h"
+#include <gram.h>
+
+struct seen_user {
+    const char *name;
+    unsigned long count;
+};
+
+static struct rbtree *seen_users;
+
+static int
+seen_user_compare(const void *aa, const void *bb)
+{
+    const struct seen_user *a = aa;
+    const struct seen_user *b = bb;
+
+    return strcasecmp(a->name, b->name);
+}
+
+static void
+seen_user_free(void *v)
+{
+    struct seen_user *su = v;
+
+    free((void *)su->name);
+    free(su);
+}
+
+static bool
+safe_string(const char *str)
+{
+    unsigned int ch = *str++;
+    debug_decl(safe_string, SUDOERS_DEBUG_UTIL)
+
+    /* Initial char must be <= 127 and not LF, CR, SPACE, ':', '<' */
+    switch (ch) {
+    case '\0':
+	debug_return_bool(true);
+    case '\n':
+    case '\r':
+    case ' ':
+    case ':':
+    case '<':
+	debug_return_bool(false);
+    default:
+	if (ch > 127)
+	    debug_return_bool(false);
+    }
+
+    /* Any value <= 127 decimal except NUL, LF, and CR is safe */
+    while ((ch = *str++) != '\0') {
+	if (ch > 127 || ch == '\n' || ch == '\r')
+	    debug_return_bool(false);
+    }
+
+    debug_return_bool(true);
+}
+
+static bool
+print_attribute_ldif(FILE *fp, const char *name, const char *value)
+{
+    const unsigned char *uvalue = (unsigned char *)value;
+    char *encoded = NULL;
+    size_t esize;
+    debug_decl(print_attribute_ldif, SUDOERS_DEBUG_UTIL)
+
+    if (!safe_string(value)) {
+	const size_t vlen = strlen(value);
+	esize = ((vlen + 2) / 3 * 4) + 1;
+	if ((encoded = malloc(esize)) == NULL)
+	    debug_return_bool(false);
+	if (base64_encode(uvalue, vlen, encoded, esize) == (size_t)-1) {
+	    free(encoded);
+	    debug_return_bool(false);
+	}
+	fprintf(fp, "%s:: %s\n", name, encoded);
+	free(encoded);
+    } else if (*value != '\0') {
+	fprintf(fp, "%s: %s\n", name, value);
+    } else {
+	fprintf(fp, "%s:\n", name);
+    }
+
+    debug_return_bool(true);
+}
+
+/*
+ * Print sudoOptions from a defaults_list.
+ */
+static bool
+print_options_ldif(FILE *fp, struct defaults_list *options)
+{
+    struct defaults *opt;
+    char *attr_val;
+    int len;
+    debug_decl(print_options_ldif, SUDOERS_DEBUG_UTIL)
+
+    TAILQ_FOREACH(opt, options, entries) {
+	if (opt->type != DEFAULTS)
+	    continue;		/* don't support bound defaults */
+
+	if (opt->val != NULL) {
+	    /* There is no need to double quote values here. */
+	    len = asprintf(&attr_val, "%s%s%s", opt->var,
+		opt->op == '+' ? "+=" : opt->op == '-' ? "-=" : "=", opt->val);
+	} else {
+	    /* Boolean flag. */
+	    len = asprintf(&attr_val, "%s%s",
+		opt->op == false ? "!" : "", opt->var);
+	}
+	if (len == -1) {
+	    sudo_fatalx(U_("%s: %s"), __func__,
+		U_("unable to allocate memory"));
+	}
+	print_attribute_ldif(fp, "sudoOption", attr_val);
+	free(attr_val);
+    }
+
+    debug_return_bool(!ferror(fp));
+}
+
+/*
+ * Print global Defaults in a single sudoRole object.
+ */
+static bool
+print_global_defaults_ldif(FILE *fp, struct sudoers_parse_tree *parse_tree,
+    const char *base)
+{
+    unsigned int count = 0;
+    struct sudo_lbuf lbuf;
+    struct defaults *opt;
+    char *dn;
+    debug_decl(print_global_defaults_ldif, SUDOERS_DEBUG_UTIL)
+
+    sudo_lbuf_init(&lbuf, NULL, 0, NULL, 80);
+
+    TAILQ_FOREACH(opt, &parse_tree->defaults, entries) {
+	/* Skip bound Defaults (unsupported). */
+	if (opt->type == DEFAULTS) {
+	    count++;
+	} else {
+	    lbuf.len = 0;
+	    sudo_lbuf_append(&lbuf, "# ");
+	    sudoers_format_default_line(&lbuf, parse_tree, opt, false, true);
+	    fprintf(fp, "# Unable to translate %s:%d\n%s\n",
+		opt->file, opt->lineno, lbuf.buf);
+	}
+    }
+    sudo_lbuf_destroy(&lbuf);
+
+    if (count == 0)
+	debug_return_bool(true);
+
+    if (asprintf(&dn, "cn=defaults,%s", base) == -1) {
+	sudo_fatalx(U_("%s: %s"), __func__,
+	    U_("unable to allocate memory"));
+    }
+    print_attribute_ldif(fp, "dn", dn);
+    free(dn);
+    print_attribute_ldif(fp, "objectClass", "top");
+    print_attribute_ldif(fp, "objectClass", "sudoRole");
+    print_attribute_ldif(fp, "cn", "defaults");
+    print_attribute_ldif(fp, "description", "Default sudoOption's go here");
+
+    print_options_ldif(fp, &parse_tree->defaults);
+    putc('\n', fp);
+
+    debug_return_bool(!ferror(fp));
+}
+
+/*
+ * Print struct member in LDIF format as the specified attribute.
+ * See print_member_int() in parse.c.
+ */
+static void
+print_member_ldif(FILE *fp, struct sudoers_parse_tree *parse_tree, char *name,
+    int type, bool negated, int alias_type, const char *attr_name)
+{
+    struct alias *a;
+    struct member *m;
+    struct sudo_command *c;
+    char *attr_val;
+    int len;
+    debug_decl(print_member_ldif, SUDOERS_DEBUG_UTIL)
+
+    switch (type) {
+    case ALL:
+	print_attribute_ldif(fp, attr_name, negated ? "!ALL" : "ALL");
+	break;
+    case MYSELF:
+	/* Only valid for sudoRunasUser */
+	print_attribute_ldif(fp, attr_name, "");
+	break;
+    case COMMAND:
+	c = (struct sudo_command *)name;
+	len = asprintf(&attr_val, "%s%s%s%s%s%s%s%s",
+	    c->digest ? digest_type_to_name(c->digest->digest_type) : "",
+	    c->digest ? ":" : "", c->digest ? c->digest->digest_str : "",
+	    c->digest ? " " : "", negated ? "!" : "", c->cmnd,
+	    c->args ? " " : "", c->args ? c->args : "");
+	if (len == -1) {
+	    sudo_fatalx(U_("%s: %s"), __func__,
+		U_("unable to allocate memory"));
+	}
+	print_attribute_ldif(fp, attr_name, attr_val);
+	free(attr_val);
+	break;
+    case ALIAS:
+	if ((a = alias_get(parse_tree, name, alias_type)) != NULL) {
+	    TAILQ_FOREACH(m, &a->members, entries) {
+		print_member_ldif(fp, parse_tree, m->name, m->type,
+		    negated ? !m->negated : m->negated, alias_type, attr_name);
+	    }
+	    alias_put(a);
+	    break;
+	}
+	/* FALLTHROUGH */
+    default:
+	len = asprintf(&attr_val, "%s%s", negated ? "!" : "", name);
+	if (len == -1) {
+	    sudo_fatalx(U_("%s: %s"), __func__,
+		U_("unable to allocate memory"));
+	}
+	print_attribute_ldif(fp, attr_name, attr_val);
+	free(attr_val);
+	break;
+    }
+
+    debug_return;
+}
+
+/*
+ * Print a Cmnd_Spec in LDIF format.
+ * A pointer to the next Cmnd_Spec is passed in to make it possible to
+ * merge adjacent entries that are identical in all but the command.
+ */
+static void
+print_cmndspec_ldif(FILE *fp, struct sudoers_parse_tree *parse_tree,
+    struct cmndspec *cs, struct cmndspec **nextp, struct defaults_list *options)
+{
+    struct cmndspec *next = *nextp;
+    struct member *m;
+    struct tm *tp;
+    bool last_one;
+    char timebuf[sizeof("20120727121554Z")];
+    debug_decl(print_cmndspec_ldif, SUDOERS_DEBUG_UTIL)
+
+    /* Print runasuserlist as sudoRunAsUser attributes */
+    if (cs->runasuserlist != NULL) {
+	TAILQ_FOREACH(m, cs->runasuserlist, entries) {
+	    print_member_ldif(fp, parse_tree, m->name, m->type, m->negated,
+		RUNASALIAS, "sudoRunAsUser");
+	}
+    }
+
+    /* Print runasgrouplist as sudoRunAsGroup attributes */
+    if (cs->runasgrouplist != NULL) {
+	TAILQ_FOREACH(m, cs->runasgrouplist, entries) {
+	    print_member_ldif(fp, parse_tree, m->name, m->type, m->negated,
+		RUNASALIAS, "sudoRunAsGroup");
+	}
+    }
+
+    /* Print sudoNotBefore and sudoNotAfter attributes */
+    if (cs->notbefore != UNSPEC) {
+	if ((tp = gmtime(&cs->notbefore)) == NULL) {
+	    sudo_warn(U_("unable to get GMT time"));
+	} else {
+	    if (strftime(timebuf, sizeof(timebuf), "%Y%m%d%H%M%SZ", tp) == 0) {
+		sudo_warnx(U_("unable to format timestamp"));
+	    } else {
+		print_attribute_ldif(fp, "sudoNotBefore", timebuf);
+	    }
+	}
+    }
+    if (cs->notafter != UNSPEC) {
+	if ((tp = gmtime(&cs->notafter)) == NULL) {
+	    sudo_warn(U_("unable to get GMT time"));
+	} else {
+	    if (strftime(timebuf, sizeof(timebuf), "%Y%m%d%H%M%SZ", tp) == 0) {
+		sudo_warnx(U_("unable to format timestamp"));
+	    } else {
+		print_attribute_ldif(fp, "sudoNotAfter", timebuf);
+	    }
+	}
+    }
+
+    /* Print timeout as a sudoOption. */
+    if (cs->timeout > 0) {
+	char *attr_val;
+	if (asprintf(&attr_val, "command_timeout=%d", cs->timeout) == -1) {
+	    sudo_fatalx(U_("%s: %s"), __func__,
+		U_("unable to allocate memory"));
+	}
+	print_attribute_ldif(fp, "sudoOption", attr_val);
+	free(attr_val);
+    }
+
+    /* Print tags as sudoOption attributes */
+    if (TAGS_SET(cs->tags)) {
+	struct cmndtag tag = cs->tags;
+
+	if (tag.nopasswd != UNSPEC) {
+	    print_attribute_ldif(fp, "sudoOption",
+		tag.nopasswd ? "!authenticate" : "authenticate");
+	}
+	if (tag.noexec != UNSPEC) {
+	    print_attribute_ldif(fp, "sudoOption",
+		tag.noexec ? "noexec" : "!noexec");
+	}
+	if (tag.send_mail != UNSPEC) {
+	    if (tag.send_mail) {
+		print_attribute_ldif(fp, "sudoOption", "mail_all_cmnds");
+	    } else {
+		print_attribute_ldif(fp, "sudoOption", "!mail_all_cmnds");
+		print_attribute_ldif(fp, "sudoOption", "!mail_always");
+		print_attribute_ldif(fp, "sudoOption", "!mail_no_perms");
+	    }
+	}
+	if (tag.setenv != UNSPEC && tag.setenv != IMPLIED) {
+	    print_attribute_ldif(fp, "sudoOption",
+		tag.setenv ? "setenv" : "!setenv");
+	}
+	if (tag.follow != UNSPEC) {
+	    print_attribute_ldif(fp, "sudoOption",
+		tag.follow ? "sudoedit_follow" : "!sudoedit_follow");
+	}
+	if (tag.log_input != UNSPEC) {
+	    print_attribute_ldif(fp, "sudoOption",
+		tag.log_input ? "log_input" : "!log_input");
+	}
+	if (tag.log_output != UNSPEC) {
+	    print_attribute_ldif(fp, "sudoOption",
+		tag.log_output ? "log_output" : "!log_output");
+	}
+    }
+    print_options_ldif(fp, options);
+
+#ifdef HAVE_SELINUX
+    /* Print SELinux role/type */
+    if (cs->role != NULL && cs->type != NULL) {
+	char *attr_val;
+	int len;
+
+	len = asprintf(&attr_val, "role=%s", cs->role);
+	if (len == -1) {
+	    sudo_fatalx(U_("%s: %s"), __func__,
+		U_("unable to allocate memory"));
+	}
+	print_attribute_ldif(fp, "sudoOption", attr_val);
+	free(attr_val);
+
+	len = asprintf(&attr_val, "type=%s", cs->type);
+	if (len == -1) {
+	    sudo_fatalx(U_("%s: %s"), __func__,
+		U_("unable to allocate memory"));
+	}
+	print_attribute_ldif(fp, "sudoOption", attr_val);
+	free(attr_val);
+    }
+#endif /* HAVE_SELINUX */
+
+#ifdef HAVE_PRIV_SET
+    /* Print Solaris privs/limitprivs */
+    if (cs->privs != NULL || cs->limitprivs != NULL) {
+	char *attr_val;
+	int len;
+
+	if (cs->privs != NULL) {
+	    len = asprintf(&attr_val, "privs=%s", cs->privs);
+	    if (len == -1) {
+		sudo_fatalx(U_("%s: %s"), __func__,
+		    U_("unable to allocate memory"));
+	    }
+	    print_attribute_ldif(fp, "sudoOption", attr_val);
+	    free(attr_val);
+	}
+	if (cs->limitprivs != NULL) {
+	    len = asprintf(&attr_val, "limitprivs=%s", cs->limitprivs);
+	    if (len == -1) {
+		sudo_fatalx(U_("%s: %s"), __func__,
+		    U_("unable to allocate memory"));
+	    }
+	    print_attribute_ldif(fp, "sudoOption", attr_val);
+	    free(attr_val);
+	}
+    }
+#endif /* HAVE_PRIV_SET */
+
+    /*
+     * Merge adjacent commands with matching tags, runas, SELinux
+     * role/type and Solaris priv settings.
+     */
+    for (;;) {
+	/* Does the next entry differ only in the command itself? */
+	/* XXX - move into a function that returns bool */
+	/* XXX - TAG_SET does not account for implied SETENV */
+	last_one = next == NULL ||
+	    RUNAS_CHANGED(cs, next) || TAGS_CHANGED(cs->tags, next->tags)
+#ifdef HAVE_PRIV_SET
+	    || cs->privs != next->privs || cs->limitprivs != next->limitprivs
+#endif /* HAVE_PRIV_SET */
+#ifdef HAVE_SELINUX
+	    || cs->role != next->role || cs->type != next->type
+#endif /* HAVE_SELINUX */
+	    ;
+
+	print_member_ldif(fp, parse_tree, cs->cmnd->name, cs->cmnd->type,
+	    cs->cmnd->negated, CMNDALIAS, "sudoCommand");
+	if (last_one)
+	    break;
+	cs = next;
+	next = TAILQ_NEXT(cs, entries);
+    }
+
+    *nextp = next;
+
+    debug_return;
+}
+
+/*
+ * Convert user name to cn, avoiding duplicates and quoting as needed.
+ * See http://www.faqs.org/rfcs/rfc2253.html
+ */
+static char *
+user_to_cn(const char *user)
+{
+    struct seen_user key, *su = NULL;
+    struct rbnode *node;
+    const char *src;
+    char *cn, *dst;
+    size_t size;
+    debug_decl(user_to_cn, SUDOERS_DEBUG_UTIL)
+
+    /* Allocate as much as we could possibly need. */
+    size = (2 * strlen(user)) + 64 + 1;
+    if ((cn = malloc(size)) == NULL)
+	goto bad;
+
+    /*
+     * Increment the number of times we have seen this user.
+     */
+    key.name = user;
+    node = rbfind(seen_users, &key);
+    if (node != NULL) {
+	su = node->data;
+    } else {
+	if ((su = malloc(sizeof(*su))) == NULL)
+	    goto bad;
+	su->count = 0;
+	if ((su->name = strdup(user)) == NULL)
+	    goto bad;
+	if (rbinsert(seen_users, su, NULL) != 0)
+	    goto bad;
+    }
+
+    /* Build cn, quoting special chars as needed (we allocated 2 x len). */
+    for (src = user, dst = cn; *src != '\0'; src++) {
+	switch (*src) {
+	case ',':
+	case '+':
+	case '"':
+	case '\\':
+	case '<':
+	case '>':
+	case '#':
+	case ';':
+	    *dst++ = '\\';	/* always escape */
+	    break;
+	case ' ':
+	    if (src == user || src[1] == '\0')
+		*dst++ = '\\';	/* only escape at beginning or end of string */
+	    break;
+	default:
+	    break;
+	}
+	*dst++ = *src;
+    }
+    *dst = '\0';
+
+    /* Append count if there are duplicate users (cn must be unique). */
+    if (su->count != 0) {
+	size -= (size_t)(dst - cn);
+	if ((size_t)snprintf(dst, size, "_%lu", su->count) >= size) {
+	    sudo_warnx(U_("internal error, %s overflow"), __func__);
+	    goto bad;
+	}
+    }
+    su->count++;
+
+    debug_return_str(cn);
+bad:
+    if (su != NULL && su->count == 0)
+	seen_user_free(su);
+    free(cn);
+    debug_return_str(NULL);
+}
+
+/*
+ * Print a single User_Spec.
+ */
+static bool
+print_userspec_ldif(FILE *fp, struct sudoers_parse_tree *parse_tree,
+    struct userspec *us, struct cvtsudoers_config *conf)
+{
+    struct privilege *priv;
+    struct member *m;
+    struct cmndspec *cs, *next;
+    debug_decl(print_userspec_ldif, SUDOERS_DEBUG_UTIL)
+
+    /*
+     * Each userspec struct may contain multiple privileges for
+     * the user.  We export each privilege as a separate sudoRole
+     * object for simplicity's sake.
+     */
+    TAILQ_FOREACH(priv, &us->privileges, entries) {
+	TAILQ_FOREACH_SAFE(cs, &priv->cmndlist, entries, next) {
+	    const char *base = conf->sudoers_base;
+	    char *cn, *dn;
+
+	    /*
+	     * Increment the number of times we have seen this user.
+	     * If more than one user is listed, just use the first one.
+	     */
+	    m = TAILQ_FIRST(&us->users);
+	    cn = user_to_cn(m->type == ALL ? "ALL" : m->name);
+	    if (cn == NULL || asprintf(&dn, "cn=%s,%s", cn, base) == -1) {
+		sudo_fatalx(U_("%s: %s"), __func__,
+		    U_("unable to allocate memory"));
+	    }
+
+	    print_attribute_ldif(fp, "dn", dn);
+	    print_attribute_ldif(fp, "objectClass", "top");
+	    print_attribute_ldif(fp, "objectClass", "sudoRole");
+	    print_attribute_ldif(fp, "cn", cn);
+	    free(cn);
+	    free(dn);
+
+	    TAILQ_FOREACH(m, &us->users, entries) {
+		print_member_ldif(fp, parse_tree, m->name, m->type, m->negated,
+		    USERALIAS, "sudoUser");
+	    }
+
+	    TAILQ_FOREACH(m, &priv->hostlist, entries) {
+		print_member_ldif(fp, parse_tree, m->name, m->type, m->negated,
+		    HOSTALIAS, "sudoHost");
+	    }
+
+	    print_cmndspec_ldif(fp, parse_tree, cs, &next, &priv->defaults);
+
+	    if (conf->sudo_order != 0) {
+		char numbuf[(((sizeof(conf->sudo_order) * 8) + 2) / 3) + 2];
+		if (conf->order_max != 0 && conf->sudo_order > conf->order_max) {
+		    sudo_fatalx(U_("too many sudoers entries, maximum %u"),
+			conf->order_padding);
+		}
+		(void)snprintf(numbuf, sizeof(numbuf), "%u", conf->sudo_order);
+		print_attribute_ldif(fp, "sudoOrder", numbuf);
+		putc('\n', fp);
+		conf->sudo_order += conf->order_increment;
+	    }
+	}
+    }
+
+    debug_return_bool(!ferror(fp));
+}
+
+/*
+ * Print User_Specs.
+ */
+static bool
+print_userspecs_ldif(FILE *fp, struct sudoers_parse_tree *parse_tree,
+    struct cvtsudoers_config *conf)
+{
+    struct userspec *us;
+    debug_decl(print_userspecs_ldif, SUDOERS_DEBUG_UTIL)
+ 
+    TAILQ_FOREACH(us, &parse_tree->userspecs, entries) {
+	if (!print_userspec_ldif(fp, parse_tree, us, conf))
+	    debug_return_bool(false);
+    }
+    debug_return_bool(true);
+}
+
+/*
+ * Export the parsed sudoers file in LDIF format.
+ */
+bool
+convert_sudoers_ldif(struct sudoers_parse_tree *parse_tree,
+    const char *output_file, struct cvtsudoers_config *conf)
+{
+    bool ret = true;
+    FILE *output_fp = stdout;
+    debug_decl(convert_sudoers_ldif, SUDOERS_DEBUG_UTIL)
+
+    if (conf->sudoers_base == NULL) {
+	sudo_fatalx(U_("the SUDOERS_BASE environment variable is not set and the -b option was not specified."));
+    }
+
+    if (output_file != NULL && strcmp(output_file, "-") != 0) {
+	if ((output_fp = fopen(output_file, "w")) == NULL)
+	    sudo_fatal(U_("unable to open %s"), output_file);
+    }
+
+    /* Create a dictionary of already-seen users. */
+    seen_users = rbcreate(seen_user_compare);
+
+    /* Dump global Defaults in LDIF format. */
+    if (!ISSET(conf->suppress, SUPPRESS_DEFAULTS))
+	print_global_defaults_ldif(output_fp, parse_tree, conf->sudoers_base);
+
+    /* Dump User_Specs in LDIF format, expanding Aliases. */
+    if (!ISSET(conf->suppress, SUPPRESS_PRIVS))
+	print_userspecs_ldif(output_fp, parse_tree, conf);
+
+    /* Clean up. */
+    rbdestroy(seen_users, seen_user_free);
+
+    (void)fflush(output_fp);
+    if (ferror(output_fp))
+	ret = false;
+    if (output_fp != stdout)
+	fclose(output_fp);
+
+    debug_return_bool(ret);
+}
diff --git a/plugins/sudoers/cvtsudoers_pwutil.c b/plugins/sudoers/cvtsudoers_pwutil.c
new file mode 100644
index 0000000..49715a3
--- /dev/null
+++ b/plugins/sudoers/cvtsudoers_pwutil.c
@@ -0,0 +1,480 @@
+/*
+ * Copyright (c) 1996, 1998-2005, 2007-2018
+ *	Todd C. Miller <Todd.Miller@sudo.ws>
+ *
+ * Permission to use, copy, modify, and distribute this software for any
+ * purpose with or without fee is hereby granted, provided that the above
+ * copyright notice and this permission notice appear in all copies.
+ *
+ * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
+ * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
+ * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
+ * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
+ * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
+ * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
+ * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
+ *
+ * Sponsored in part by the Defense Advanced Research Projects
+ * Agency (DARPA) and Air Force Research Laboratory, Air Force
+ * Materiel Command, USAF, under agreement number F39502-99-1-0512.
+ */
+
+/*
+ * This is an open source non-commercial project. Dear PVS-Studio, please check it.
+ * PVS-Studio Static Code Analyzer for C, C++ and C#: http://www.viva64.com
+ */
+
+#include <config.h>
+
+#include <sys/types.h>
+#include <stddef.h>
+#include <stdio.h>
+#include <stdlib.h>
+#ifdef HAVE_STRING_H
+# include <string.h>
+#endif /* HAVE_STRING_H */
+#ifdef HAVE_STRINGS_H
+# include <strings.h>
+#endif /* HAVE_STRINGS_H */
+#include <unistd.h>
+#include <errno.h>
+#include <limits.h>
+#include <pwd.h>
+#include <grp.h>
+
+#include "sudoers.h"
+#include "cvtsudoers.h"
+#include "pwutil.h"
+
+#ifndef LOGIN_NAME_MAX
+# ifdef _POSIX_LOGIN_NAME_MAX
+#  define LOGIN_NAME_MAX _POSIX_LOGIN_NAME_MAX
+# else
+#  define LOGIN_NAME_MAX 9
+# endif
+#endif /* LOGIN_NAME_MAX */
+
+#define FIELD_SIZE(src, name, size)			\
+do {							\
+	if ((src)->name) {				\
+		size = strlen((src)->name) + 1;		\
+		total += size;				\
+	}                                               \
+} while (0)
+
+#define FIELD_COPY(src, dst, name, size)		\
+do {							\
+	if ((src)->name) {				\
+		memcpy(cp, (src)->name, size);		\
+		(dst)->name = cp;				\
+		cp += size;				\
+	}						\
+} while (0)
+
+/*
+ * Dynamically allocate space for a struct item plus the key and data
+ * elements.  If name is non-NULL it is used as the key, else the
+ * uid is the key.  Fills in datum from the users filter.
+ * Returns NULL on calloc error or unknown name/id, setting errno
+ * to ENOMEM or ENOENT respectively.
+ */
+struct cache_item *
+cvtsudoers_make_pwitem(uid_t uid, const char *name)
+{
+    char *cp, uidstr[MAX_UID_T_LEN + 2];
+    size_t nsize, psize, csize, gsize, dsize, ssize, total;
+    struct cache_item_pw *pwitem;
+    struct passwd pw, *newpw;
+    struct sudoers_string *s = NULL;
+    debug_decl(sudo_make_pwitem, SUDOERS_DEBUG_NSS)
+
+    /* Look up name or uid in filter list. */
+    if (name != NULL) {
+	STAILQ_FOREACH(s, &filters->users, entries) {
+	    if (strcasecmp(name, s->str) == 0) {
+		uid = (uid_t)-1;
+		break;
+	    }
+	}
+    } else {
+	STAILQ_FOREACH(s, &filters->users, entries) {
+	    const char *errstr;
+	    uid_t filter_uid;
+
+	    if (s->str[0] != '#')
+		continue;
+
+	    filter_uid = sudo_strtoid(s->str + 1, NULL, NULL, &errstr);
+	    if (errstr == NULL) {
+		if (uid != filter_uid)
+		    continue;
+		snprintf(uidstr, sizeof(uidstr), "#%u", (unsigned int)uid);
+		break;
+	    }
+	}
+    }
+    if (s == NULL) {
+	errno = ENOENT;
+	debug_return_ptr(NULL);
+    }
+
+    /* Fake up a passwd struct. */
+    memset(&pw, 0, sizeof(pw));
+    pw.pw_name = name ? s->str : uidstr;
+    pw.pw_passwd = "*";
+    pw.pw_uid = uid;
+    pw.pw_gid = (gid_t)-1;
+    pw.pw_shell = _PATH_BSHELL;
+    pw.pw_dir = "/";
+
+    /* Allocate in one big chunk for easy freeing. */
+    nsize = psize = csize = gsize = dsize = ssize = 0;
+    total = sizeof(*pwitem);
+    FIELD_SIZE(&pw, pw_name, nsize);
+    FIELD_SIZE(&pw, pw_passwd, psize);
+#ifdef HAVE_LOGIN_CAP_H
+    FIELD_SIZE(&pw, pw_class, csize);
+#endif
+    FIELD_SIZE(&pw, pw_gecos, gsize);
+    FIELD_SIZE(&pw, pw_dir, dsize);
+    FIELD_SIZE(&pw, pw_shell, ssize);
+    if (name != NULL)
+	total += strlen(name) + 1;
+
+    /* Allocate space for struct item, struct passwd and the strings. */
+    if ((pwitem = calloc(1, total)) == NULL) {
+	sudo_debug_printf(SUDO_DEBUG_ERROR|SUDO_DEBUG_LINENO,
+	    "unable to allocate memory");
+	debug_return_ptr(NULL);
+    }
+    newpw = &pwitem->pw;
+
+    /*
+     * Copy in passwd contents and make strings relative to space
+     * at the end of the struct.
+     */
+    memcpy(newpw, &pw, sizeof(pw));
+    cp = (char *)(pwitem + 1);
+    FIELD_COPY(&pw, newpw, pw_name, nsize);
+    FIELD_COPY(&pw, newpw, pw_passwd, psize);
+#ifdef HAVE_LOGIN_CAP_H
+    FIELD_COPY(&pw, newpw, pw_class, csize);
+#endif
+    FIELD_COPY(&pw, newpw, pw_gecos, gsize);
+    FIELD_COPY(&pw, newpw, pw_dir, dsize);
+    FIELD_COPY(&pw, newpw, pw_shell, ssize);
+
+    /* Set key and datum. */
+    if (name != NULL) {
+	memcpy(cp, name, strlen(name) + 1);
+	pwitem->cache.k.name = cp;
+    } else {
+	pwitem->cache.k.uid = pw.pw_uid;
+    }
+    pwitem->cache.d.pw = newpw;
+    pwitem->cache.refcnt = 1;
+
+    debug_return_ptr(&pwitem->cache);
+}
+
+/*
+ * Dynamically allocate space for a struct item plus the key and data
+ * elements.  If name is non-NULL it is used as the key, else the
+ * gid is the key.  Fills in datum from the groups filter.
+ * Returns NULL on calloc error or unknown name/id, setting errno
+ * to ENOMEM or ENOENT respectively.
+ */
+struct cache_item *
+cvtsudoers_make_gritem(gid_t gid, const char *name)
+{
+    char *cp, gidstr[MAX_UID_T_LEN + 2];
+    size_t nsize, psize, nmem, total, len;
+    struct cache_item_gr *gritem;
+    struct group gr, *newgr;
+    struct sudoers_string *s = NULL;
+    debug_decl(sudo_make_gritem, SUDOERS_DEBUG_NSS)
+
+    /* Look up name or gid in filter list. */
+    if (name != NULL) {
+	STAILQ_FOREACH(s, &filters->groups, entries) {
+	    if (strcasecmp(name, s->str) == 0) {
+		gid = (gid_t)-1;
+		break;
+	    }
+	}
+    } else {
+	STAILQ_FOREACH(s, &filters->groups, entries) {
+	    const char *errstr;
+	    gid_t filter_gid;
+
+	    if (s->str[0] != '#')
+		continue;
+
+	    filter_gid = sudo_strtoid(s->str + 1, NULL, NULL, &errstr);
+	    if (errstr == NULL) {
+		if (gid != filter_gid)
+		    continue;
+		snprintf(gidstr, sizeof(gidstr), "#%u", (unsigned int)gid);
+		break;
+	    }
+	}
+    }
+    if (s == NULL) {
+	errno = ENOENT;
+	debug_return_ptr(NULL);
+    }
+
+    /* Fake up a group struct with all filter users as members. */
+    memset(&gr, 0, sizeof(gr));
+    gr.gr_name = name ? s->str : gidstr;
+    gr.gr_gid = gid;
+
+    /* Allocate in one big chunk for easy freeing. */
+    nsize = psize = nmem = 0;
+    total = sizeof(*gritem);
+    FIELD_SIZE(&gr, gr_name, nsize);
+    FIELD_SIZE(&gr, gr_passwd, psize);
+    if (!STAILQ_EMPTY(&filters->users)) {
+	STAILQ_FOREACH(s, &filters->users, entries) {
+	    total += strlen(s->str) + 1;
+	    nmem++;
+	}
+	total += sizeof(char *) * nmem;
+    }
+    if (name != NULL)
+	total += strlen(name) + 1;
+
+    if ((gritem = calloc(1, total)) == NULL) {
+	sudo_debug_printf(SUDO_DEBUG_ERROR|SUDO_DEBUG_LINENO,
+	    "unable to allocate memory");
+	debug_return_ptr(NULL);
+    }
+
+    /*
+     * Copy in group contents and make strings relative to space
+     * at the end of the buffer.  Note that gr_mem must come
+     * immediately after struct group to guarantee proper alignment.
+     */
+    newgr = &gritem->gr;
+    memcpy(newgr, &gr, sizeof(gr));
+    cp = (char *)(gritem + 1);
+    if (nmem != 0) {
+	newgr->gr_mem = (char **)cp;
+	cp += sizeof(char *) * nmem;
+	nmem = 0;
+	STAILQ_FOREACH(s, &filters->users, entries) {
+	    len = strlen(s->str) + 1;
+	    memcpy(cp, s->str, len);
+	    newgr->gr_mem[nmem++] = cp;
+	    cp += len;
+	}
+	newgr->gr_mem[nmem] = NULL;
+    }
+    FIELD_COPY(&gr, newgr, gr_passwd, psize);
+    FIELD_COPY(&gr, newgr, gr_name, nsize);
+
+    /* Set key and datum. */
+    if (name != NULL) {
+	memcpy(cp, name, strlen(name) + 1);
+	gritem->cache.k.name = cp;
+    } else {
+	gritem->cache.k.gid = gr.gr_gid;
+    }
+    gritem->cache.d.gr = newgr;
+    gritem->cache.refcnt = 1;
+
+    debug_return_ptr(&gritem->cache);
+}
+
+static struct cache_item_gidlist *gidlist_item;
+
+/*
+ * Dynamically allocate space for a struct item plus the key and data
+ * elements.  Fills in datum from the groups filter.
+ */
+struct cache_item *
+cvtsudoers_make_gidlist_item(const struct passwd *pw, char * const *unused1,
+    unsigned int type)
+{
+    char *cp;
+    size_t nsize, total;
+    struct cache_item_gidlist *glitem;
+    struct sudoers_string *s;
+    struct gid_list *gidlist;
+    GETGROUPS_T *gids = NULL;
+    int i, ngids = 0;
+    debug_decl(sudo_make_gidlist_item, SUDOERS_DEBUG_NSS)
+
+    /*
+     * There's only a single gid list.
+     */
+    if (gidlist_item != NULL) {
+	gidlist_item->cache.refcnt++;
+	debug_return_ptr(&gidlist_item->cache);
+    }
+
+    /* Count number of possible gids in the filter. */
+    STAILQ_FOREACH(s, &filters->groups, entries) {
+	if (s->str[0] == '#')
+		ngids++;
+    }
+
+    /* Allocate gids[] array and fill it with parsed gids. */
+    if (ngids != 0) {
+	gids = reallocarray(NULL, ngids, sizeof(GETGROUPS_T));
+	if (gids == NULL) {
+	    sudo_debug_printf(SUDO_DEBUG_ERROR|SUDO_DEBUG_LINENO,
+		"unable to allocate memory");
+	    debug_return_ptr(NULL);
+	}
+	ngids = 0;
+	STAILQ_FOREACH(s, &filters->groups, entries) {
+	    if (s->str[0] == '#') {
+		const char *errstr;
+		gid_t gid = sudo_strtoid(s->str + 1, NULL, NULL, &errstr);
+		if (errstr == NULL) {
+		    /* Valid gid. */
+		    gids[ngids++] = gid;
+		}
+	    }
+	}
+    }
+    if (ngids == 0) {
+	free(gids);
+	errno = ENOENT;
+	debug_return_ptr(NULL);
+    }
+
+    /* Allocate in one big chunk for easy freeing. */
+    nsize = strlen(pw->pw_name) + 1;
+    total = sizeof(*glitem) + nsize;
+    total += sizeof(gid_t *) * ngids;
+
+    if ((glitem = calloc(1, total)) == NULL) {
+	sudo_debug_printf(SUDO_DEBUG_ERROR|SUDO_DEBUG_LINENO,
+	    "unable to allocate memory");
+	free(gids);
+	debug_return_ptr(NULL);
+    }
+
+    /*
+     * Copy in group list and make pointers relative to space
+     * at the end of the buffer.  Note that the groups array must come
+     * immediately after struct group to guarantee proper alignment.
+     */
+    gidlist = &glitem->gidlist;
+    cp = (char *)(glitem + 1);
+    gidlist->gids = (gid_t *)cp;
+    cp += sizeof(gid_t) * ngids;
+
+    /* Set key and datum. */
+    memcpy(cp, pw->pw_name, nsize);
+    glitem->cache.k.name = cp;
+    glitem->cache.d.gidlist = gidlist;
+    glitem->cache.refcnt = 1;
+    glitem->cache.type = type;
+
+    /*
+     * Store group IDs.
+     */
+    for (i = 0; i < ngids; i++)
+	gidlist->gids[i] = gids[i];
+    gidlist->ngids = ngids;
+    free(gids);
+
+    debug_return_ptr(&glitem->cache);
+}
+
+static struct cache_item_gidlist *grlist_item;
+
+/*
+ * Dynamically allocate space for a struct item plus the key and data
+ * elements.  Fills in group names from the groups filter.
+ */
+struct cache_item *
+cvtsudoers_make_grlist_item(const struct passwd *pw, char * const *unused1)
+{
+    char *cp;
+    size_t nsize, ngroups, total, len;
+    struct cache_item_grlist *grlitem;
+    struct sudoers_string *s;
+    struct group_list *grlist;
+    int groupname_len;
+    debug_decl(sudo_make_grlist_item, SUDOERS_DEBUG_NSS)
+
+    /*
+     * There's only a single group list.
+     */
+    if (grlist_item != NULL) {
+	grlist_item->cache.refcnt++;
+	debug_return_ptr(&grlist_item->cache);
+    }
+
+    /* Count number of groups in the filter. */
+    ngroups = 0;
+    STAILQ_FOREACH(s, &filters->groups, entries) {
+	ngroups++;
+    }
+
+#ifdef _SC_LOGIN_NAME_MAX
+    groupname_len = MAX((int)sysconf(_SC_LOGIN_NAME_MAX), 32);
+#else
+    groupname_len = MAX(LOGIN_NAME_MAX, 32);
+#endif
+
+    /* Allocate in one big chunk for easy freeing. */
+    nsize = strlen(pw->pw_name) + 1;
+    total = sizeof(*grlitem) + nsize;
+    total += groupname_len * ngroups;
+
+again:
+    if ((grlitem = calloc(1, total)) == NULL) {
+	sudo_debug_printf(SUDO_DEBUG_ERROR|SUDO_DEBUG_LINENO,
+	    "unable to allocate memory");
+	debug_return_ptr(NULL);
+    }
+
+    /*
+     * Copy in group list and make pointers relative to space
+     * at the end of the buffer.  Note that the groups array must come
+     * immediately after struct group to guarantee proper alignment.
+     */
+    grlist = &grlitem->grlist;
+    cp = (char *)(grlitem + 1);
+    grlist->groups = (char **)cp;
+    cp += sizeof(char *) * ngroups;
+
+    /* Set key and datum. */
+    memcpy(cp, pw->pw_name, nsize);
+    grlitem->cache.k.name = cp;
+    grlitem->cache.d.grlist = grlist;
+    grlitem->cache.refcnt = 1;
+    cp += nsize;
+
+    /*
+     * Copy groups from filter.
+     */
+    ngroups = 0;
+    STAILQ_FOREACH(s, &filters->groups, entries) {
+	if (s->str[0] == '#') {
+	    const char *errstr;
+	    sudo_strtoid(s->str + 1, NULL, NULL, &errstr);
+	    if (errstr == NULL) {
+		/* Group ID not name, ignore it. */
+		continue;
+	    }
+	}
+	len = strlen(s->str) + 1;
+	if (cp - (char *)grlitem + len > total) {
+	    total += len + groupname_len;
+	    free(grlitem);
+	    goto again;
+	}
+	memcpy(cp, s->str, len);
+	grlist->groups[ngroups++] = cp;
+	cp += len;
+    }
+    grlist->ngroups = ngroups;
+
+    debug_return_ptr(&grlitem->cache);
+}
diff --git a/plugins/sudoers/def_data.c b/plugins/sudoers/def_data.c
new file mode 100644
index 0000000..07e3433
--- /dev/null
+++ b/plugins/sudoers/def_data.c
@@ -0,0 +1,499 @@
+static struct def_values def_data_lecture[] = {
+    { "never", never },
+    { "once", once },
+    { "always", always },
+    { NULL, 0 },
+};
+
+static struct def_values def_data_listpw[] = {
+    { "never", never },
+    { "any", any },
+    { "all", all },
+    { "always", always },
+    { NULL, 0 },
+};
+
+static struct def_values def_data_verifypw[] = {
+    { "never", never },
+    { "all", all },
+    { "any", any },
+    { "always", always },
+    { NULL, 0 },
+};
+
+static struct def_values def_data_fdexec[] = {
+    { "never", never },
+    { "digest_only", digest_only },
+    { "always", always },
+    { NULL, 0 },
+};
+
+static struct def_values def_data_timestamp_type[] = {
+    { "global", global },
+    { "ppid", ppid },
+    { "tty", tty },
+    { "kernel", kernel },
+    { NULL, 0 },
+};
+
+struct sudo_defs_types sudo_defs_table[] = {
+    {
+	"syslog", T_LOGFAC|T_BOOL,
+	N_("Syslog facility if syslog is being used for logging: %s"),
+	NULL,
+    }, {
+	"syslog_goodpri", T_LOGPRI|T_BOOL,
+	N_("Syslog priority to use when user authenticates successfully: %s"),
+	NULL,
+    }, {
+	"syslog_badpri", T_LOGPRI|T_BOOL,
+	N_("Syslog priority to use when user authenticates unsuccessfully: %s"),
+	NULL,
+    }, {
+	"long_otp_prompt", T_FLAG,
+	N_("Put OTP prompt on its own line"),
+	NULL,
+    }, {
+	"ignore_dot", T_FLAG,
+	N_("Ignore '.' in $PATH"),
+	NULL,
+    }, {
+	"mail_always", T_FLAG,
+	N_("Always send mail when sudo is run"),
+	NULL,
+    }, {
+	"mail_badpass", T_FLAG,
+	N_("Send mail if user authentication fails"),
+	NULL,
+    }, {
+	"mail_no_user", T_FLAG,
+	N_("Send mail if the user is not in sudoers"),
+	NULL,
+    }, {
+	"mail_no_host", T_FLAG,
+	N_("Send mail if the user is not in sudoers for this host"),
+	NULL,
+    }, {
+	"mail_no_perms", T_FLAG,
+	N_("Send mail if the user is not allowed to run a command"),
+	NULL,
+    }, {
+	"mail_all_cmnds", T_FLAG,
+	N_("Send mail if the user tries to run a command"),
+	NULL,
+    }, {
+	"tty_tickets", T_FLAG,
+	N_("Use a separate timestamp for each user/tty combo"),
+	NULL,
+    }, {
+	"lecture", T_TUPLE|T_BOOL,
+	N_("Lecture user the first time they run sudo"),
+	def_data_lecture,
+    }, {
+	"lecture_file", T_STR|T_PATH|T_BOOL,
+	N_("File containing the sudo lecture: %s"),
+	NULL,
+    }, {
+	"authenticate", T_FLAG,
+	N_("Require users to authenticate by default"),
+	NULL,
+    }, {
+	"root_sudo", T_FLAG,
+	N_("Root may run sudo"),
+	NULL,
+    }, {
+	"log_host", T_FLAG,
+	N_("Log the hostname in the (non-syslog) log file"),
+	NULL,
+    }, {
+	"log_year", T_FLAG,
+	N_("Log the year in the (non-syslog) log file"),
+	NULL,
+    }, {
+	"shell_noargs", T_FLAG,
+	N_("If sudo is invoked with no arguments, start a shell"),
+	NULL,
+    }, {
+	"set_home", T_FLAG,
+	N_("Set $HOME to the target user when starting a shell with -s"),
+	NULL,
+    }, {
+	"always_set_home", T_FLAG,
+	N_("Always set $HOME to the target user's home directory"),
+	NULL,
+    }, {
+	"path_info", T_FLAG,
+	N_("Allow some information gathering to give useful error messages"),
+	NULL,
+    }, {
+	"fqdn", T_FLAG,
+	N_("Require fully-qualified hostnames in the sudoers file"),
+	NULL,
+    }, {
+	"insults", T_FLAG,
+	N_("Insult the user when they enter an incorrect password"),
+	NULL,
+    }, {
+	"requiretty", T_FLAG,
+	N_("Only allow the user to run sudo if they have a tty"),
+	NULL,
+    }, {
+	"env_editor", T_FLAG,
+	N_("Visudo will honor the EDITOR environment variable"),
+	NULL,
+    }, {
+	"rootpw", T_FLAG,
+	N_("Prompt for root's password, not the users's"),
+	NULL,
+    }, {
+	"runaspw", T_FLAG,
+	N_("Prompt for the runas_default user's password, not the users's"),
+	NULL,
+    }, {
+	"targetpw", T_FLAG,
+	N_("Prompt for the target user's password, not the users's"),
+	NULL,
+    }, {
+	"use_loginclass", T_FLAG,
+	N_("Apply defaults in the target user's login class if there is one"),
+	NULL,
+    }, {
+	"set_logname", T_FLAG,
+	N_("Set the LOGNAME and USER environment variables"),
+	NULL,
+    }, {
+	"stay_setuid", T_FLAG,
+	N_("Only set the effective uid to the target user, not the real uid"),
+	NULL,
+    }, {
+	"preserve_groups", T_FLAG,
+	N_("Don't initialize the group vector to that of the target user"),
+	NULL,
+    }, {
+	"loglinelen", T_UINT|T_BOOL,
+	N_("Length at which to wrap log file lines (0 for no wrap): %u"),
+	NULL,
+    }, {
+	"timestamp_timeout", T_TIMESPEC|T_BOOL,
+	N_("Authentication timestamp timeout: %.1f minutes"),
+	NULL,
+    }, {
+	"passwd_timeout", T_TIMESPEC|T_BOOL,
+	N_("Password prompt timeout: %.1f minutes"),
+	NULL,
+    }, {
+	"passwd_tries", T_UINT,
+	N_("Number of tries to enter a password: %u"),
+	NULL,
+    }, {
+	"umask", T_MODE|T_BOOL,
+	N_("Umask to use or 0777 to use user's: 0%o"),
+	NULL,
+    }, {
+	"logfile", T_STR|T_BOOL|T_PATH,
+	N_("Path to log file: %s"),
+	NULL,
+    }, {
+	"mailerpath", T_STR|T_BOOL|T_PATH,
+	N_("Path to mail program: %s"),
+	NULL,
+    }, {
+	"mailerflags", T_STR|T_BOOL,
+	N_("Flags for mail program: %s"),
+	NULL,
+    }, {
+	"mailto", T_STR|T_BOOL,
+	N_("Address to send mail to: %s"),
+	NULL,
+    }, {
+	"mailfrom", T_STR|T_BOOL,
+	N_("Address to send mail from: %s"),
+	NULL,
+    }, {
+	"mailsub", T_STR,
+	N_("Subject line for mail messages: %s"),
+	NULL,
+    }, {
+	"badpass_message", T_STR,
+	N_("Incorrect password message: %s"),
+	NULL,
+    }, {
+	"lecture_status_dir", T_STR|T_PATH,
+	N_("Path to lecture status dir: %s"),
+	NULL,
+    }, {
+	"timestampdir", T_STR|T_PATH,
+	N_("Path to authentication timestamp dir: %s"),
+	NULL,
+    }, {
+	"timestampowner", T_STR,
+	N_("Owner of the authentication timestamp dir: %s"),
+	NULL,
+    }, {
+	"exempt_group", T_STR|T_BOOL,
+	N_("Users in this group are exempt from password and PATH requirements: %s"),
+	NULL,
+    }, {
+	"passprompt", T_STR,
+	N_("Default password prompt: %s"),
+	NULL,
+    }, {
+	"passprompt_override", T_FLAG,
+	N_("If set, passprompt will override system prompt in all cases."),
+	NULL,
+    }, {
+	"runas_default", T_STR,
+	N_("Default user to run commands as: %s"),
+	NULL,
+    }, {
+	"secure_path", T_STR|T_BOOL,
+	N_("Value to override user's $PATH with: %s"),
+	NULL,
+    }, {
+	"editor", T_STR|T_PATH,
+	N_("Path to the editor for use by visudo: %s"),
+	NULL,
+    }, {
+	"listpw", T_TUPLE|T_BOOL,
+	N_("When to require a password for 'list' pseudocommand: %s"),
+	def_data_listpw,
+    }, {
+	"verifypw", T_TUPLE|T_BOOL,
+	N_("When to require a password for 'verify' pseudocommand: %s"),
+	def_data_verifypw,
+    }, {
+	"noexec", T_FLAG,
+	N_("Preload the dummy exec functions contained in the sudo_noexec library"),
+	NULL,
+    }, {
+	"ignore_local_sudoers", T_FLAG,
+	N_("If LDAP directory is up, do we ignore local sudoers file"),
+	NULL,
+    }, {
+	"closefrom", T_INT,
+	N_("File descriptors >= %d will be closed before executing a command"),
+	NULL,
+    }, {
+	"closefrom_override", T_FLAG,
+	N_("If set, users may override the value of `closefrom' with the -C option"),
+	NULL,
+    }, {
+	"setenv", T_FLAG,
+	N_("Allow users to set arbitrary environment variables"),
+	NULL,
+    }, {
+	"env_reset", T_FLAG,
+	N_("Reset the environment to a default set of variables"),
+	NULL,
+    }, {
+	"env_check", T_LIST|T_BOOL,
+	N_("Environment variables to check for sanity:"),
+	NULL,
+    }, {
+	"env_delete", T_LIST|T_BOOL,
+	N_("Environment variables to remove:"),
+	NULL,
+    }, {
+	"env_keep", T_LIST|T_BOOL,
+	N_("Environment variables to preserve:"),
+	NULL,
+    }, {
+	"role", T_STR,
+	N_("SELinux role to use in the new security context: %s"),
+	NULL,
+    }, {
+	"type", T_STR,
+	N_("SELinux type to use in the new security context: %s"),
+	NULL,
+    }, {
+	"env_file", T_STR|T_PATH|T_BOOL,
+	N_("Path to the sudo-specific environment file: %s"),
+	NULL,
+    }, {
+	"restricted_env_file", T_STR|T_PATH|T_BOOL,
+	N_("Path to the restricted sudo-specific environment file: %s"),
+	NULL,
+    }, {
+	"sudoers_locale", T_STR,
+	N_("Locale to use while parsing sudoers: %s"),
+	NULL,
+    }, {
+	"visiblepw", T_FLAG,
+	N_("Allow sudo to prompt for a password even if it would be visible"),
+	NULL,
+    }, {
+	"pwfeedback", T_FLAG,
+	N_("Provide visual feedback at the password prompt when there is user input"),
+	NULL,
+    }, {
+	"fast_glob", T_FLAG,
+	N_("Use faster globbing that is less accurate but does not access the filesystem"),
+	NULL,
+    }, {
+	"umask_override", T_FLAG,
+	N_("The umask specified in sudoers will override the user's, even if it is more permissive"),
+	NULL,
+    }, {
+	"log_input", T_FLAG,
+	N_("Log user's input for the command being run"),
+	NULL,
+    }, {
+	"log_output", T_FLAG,
+	N_("Log the output of the command being run"),
+	NULL,
+    }, {
+	"compress_io", T_FLAG,
+	N_("Compress I/O logs using zlib"),
+	NULL,
+    }, {
+	"use_pty", T_FLAG,
+	N_("Always run commands in a pseudo-tty"),
+	NULL,
+    }, {
+	"group_plugin", T_STR,
+	N_("Plugin for non-Unix group support: %s"),
+	NULL,
+    }, {
+	"iolog_dir", T_STR|T_PATH,
+	N_("Directory in which to store input/output logs: %s"),
+	NULL,
+    }, {
+	"iolog_file", T_STR,
+	N_("File in which to store the input/output log: %s"),
+	NULL,
+    }, {
+	"set_utmp", T_FLAG,
+	N_("Add an entry to the utmp/utmpx file when allocating a pty"),
+	NULL,
+    }, {
+	"utmp_runas", T_FLAG,
+	N_("Set the user in utmp to the runas user, not the invoking user"),
+	NULL,
+    }, {
+	"privs", T_STR,
+	N_("Set of permitted privileges: %s"),
+	NULL,
+    }, {
+	"limitprivs", T_STR,
+	N_("Set of limit privileges: %s"),
+	NULL,
+    }, {
+	"exec_background", T_FLAG,
+	N_("Run commands on a pty in the background"),
+	NULL,
+    }, {
+	"pam_service", T_STR,
+	N_("PAM service name to use: %s"),
+	NULL,
+    }, {
+	"pam_login_service", T_STR,
+	N_("PAM service name to use for login shells: %s"),
+	NULL,
+    }, {
+	"pam_setcred", T_FLAG,
+	N_("Attempt to establish PAM credentials for the target user"),
+	NULL,
+    }, {
+	"pam_session", T_FLAG,
+	N_("Create a new PAM session for the command to run in"),
+	NULL,
+    }, {
+	"maxseq", T_UINT,
+	N_("Maximum I/O log sequence number: %u"),
+	NULL,
+    }, {
+	"use_netgroups", T_FLAG,
+	N_("Enable sudoers netgroup support"),
+	NULL,
+    }, {
+	"sudoedit_checkdir", T_FLAG,
+	N_("Check parent directories for writability when editing files with sudoedit"),
+	NULL,
+    }, {
+	"sudoedit_follow", T_FLAG,
+	N_("Follow symbolic links when editing files with sudoedit"),
+	NULL,
+    }, {
+	"always_query_group_plugin", T_FLAG,
+	N_("Query the group plugin for unknown system groups"),
+	NULL,
+    }, {
+	"netgroup_tuple", T_FLAG,
+	N_("Match netgroups based on the entire tuple: user, host and domain"),
+	NULL,
+    }, {
+	"ignore_audit_errors", T_FLAG,
+	N_("Allow commands to be run even if sudo cannot write to the audit log"),
+	NULL,
+    }, {
+	"ignore_iolog_errors", T_FLAG,
+	N_("Allow commands to be run even if sudo cannot write to the I/O log"),
+	NULL,
+    }, {
+	"ignore_logfile_errors", T_FLAG,
+	N_("Allow commands to be run even if sudo cannot write to the log file"),
+	NULL,
+    }, {
+	"match_group_by_gid", T_FLAG,
+	N_("Resolve groups in sudoers and match on the group ID, not the name"),
+	NULL,
+    }, {
+	"syslog_maxlen", T_UINT,
+	N_("Log entries larger than this value will be split into multiple syslog messages: %u"),
+	NULL,
+    }, {
+	"iolog_user", T_STR|T_BOOL,
+	N_("User that will own the I/O log files: %s"),
+	NULL,
+    }, {
+	"iolog_group", T_STR|T_BOOL,
+	N_("Group that will own the I/O log files: %s"),
+	NULL,
+    }, {
+	"iolog_mode", T_MODE,
+	N_("File mode to use for the I/O log files: 0%o"),
+	NULL,
+    }, {
+	"fdexec", T_TUPLE|T_BOOL,
+	N_("Execute commands by file descriptor instead of by path: %s"),
+	def_data_fdexec,
+    }, {
+	"ignore_unknown_defaults", T_FLAG,
+	N_("Ignore unknown Defaults entries in sudoers instead of producing a warning"),
+	NULL,
+    }, {
+	"command_timeout", T_TIMEOUT|T_BOOL,
+	N_("Time in seconds after which the command will be terminated: %u"),
+	NULL,
+    }, {
+	"user_command_timeouts", T_FLAG,
+	N_("Allow the user to specify a timeout on the command line"),
+	NULL,
+    }, {
+	"iolog_flush", T_FLAG,
+	N_("Flush I/O log data to disk immediately instead of buffering it"),
+	NULL,
+    }, {
+	"syslog_pid", T_FLAG,
+	N_("Include the process ID when logging via syslog"),
+	NULL,
+    }, {
+	"timestamp_type", T_TUPLE,
+	N_("Type of authentication timestamp record: %s"),
+	def_data_timestamp_type,
+    }, {
+	"authfail_message", T_STR,
+	N_("Authentication failure message: %s"),
+	NULL,
+    }, {
+	"case_insensitive_user", T_FLAG,
+	N_("Ignore case when matching user names"),
+	NULL,
+    }, {
+	"case_insensitive_group", T_FLAG,
+	N_("Ignore case when matching group names"),
+	NULL,
+    }, {
+	NULL, 0, NULL
+    }
+};
diff --git a/plugins/sudoers/def_data.h b/plugins/sudoers/def_data.h
new file mode 100644
index 0000000..65f10c3
--- /dev/null
+++ b/plugins/sudoers/def_data.h
@@ -0,0 +1,241 @@
+#define I_SYSLOG                0
+#define def_syslog              (sudo_defs_table[I_SYSLOG].sd_un.ival)
+#define I_SYSLOG_GOODPRI        1
+#define def_syslog_goodpri      (sudo_defs_table[I_SYSLOG_GOODPRI].sd_un.ival)
+#define I_SYSLOG_BADPRI         2
+#define def_syslog_badpri       (sudo_defs_table[I_SYSLOG_BADPRI].sd_un.ival)
+#define I_LONG_OTP_PROMPT       3
+#define def_long_otp_prompt     (sudo_defs_table[I_LONG_OTP_PROMPT].sd_un.flag)
+#define I_IGNORE_DOT            4
+#define def_ignore_dot          (sudo_defs_table[I_IGNORE_DOT].sd_un.flag)
+#define I_MAIL_ALWAYS           5
+#define def_mail_always         (sudo_defs_table[I_MAIL_ALWAYS].sd_un.flag)
+#define I_MAIL_BADPASS          6
+#define def_mail_badpass        (sudo_defs_table[I_MAIL_BADPASS].sd_un.flag)
+#define I_MAIL_NO_USER          7
+#define def_mail_no_user        (sudo_defs_table[I_MAIL_NO_USER].sd_un.flag)
+#define I_MAIL_NO_HOST          8
+#define def_mail_no_host        (sudo_defs_table[I_MAIL_NO_HOST].sd_un.flag)
+#define I_MAIL_NO_PERMS         9
+#define def_mail_no_perms       (sudo_defs_table[I_MAIL_NO_PERMS].sd_un.flag)
+#define I_MAIL_ALL_CMNDS        10
+#define def_mail_all_cmnds      (sudo_defs_table[I_MAIL_ALL_CMNDS].sd_un.flag)
+#define I_TTY_TICKETS           11
+#define def_tty_tickets         (sudo_defs_table[I_TTY_TICKETS].sd_un.flag)
+#define I_LECTURE               12
+#define def_lecture             (sudo_defs_table[I_LECTURE].sd_un.tuple)
+#define I_LECTURE_FILE          13
+#define def_lecture_file        (sudo_defs_table[I_LECTURE_FILE].sd_un.str)
+#define I_AUTHENTICATE          14
+#define def_authenticate        (sudo_defs_table[I_AUTHENTICATE].sd_un.flag)
+#define I_ROOT_SUDO             15
+#define def_root_sudo           (sudo_defs_table[I_ROOT_SUDO].sd_un.flag)
+#define I_LOG_HOST              16
+#define def_log_host            (sudo_defs_table[I_LOG_HOST].sd_un.flag)
+#define I_LOG_YEAR              17
+#define def_log_year            (sudo_defs_table[I_LOG_YEAR].sd_un.flag)
+#define I_SHELL_NOARGS          18
+#define def_shell_noargs        (sudo_defs_table[I_SHELL_NOARGS].sd_un.flag)
+#define I_SET_HOME              19
+#define def_set_home            (sudo_defs_table[I_SET_HOME].sd_un.flag)
+#define I_ALWAYS_SET_HOME       20
+#define def_always_set_home     (sudo_defs_table[I_ALWAYS_SET_HOME].sd_un.flag)
+#define I_PATH_INFO             21
+#define def_path_info           (sudo_defs_table[I_PATH_INFO].sd_un.flag)
+#define I_FQDN                  22
+#define def_fqdn                (sudo_defs_table[I_FQDN].sd_un.flag)
+#define I_INSULTS               23
+#define def_insults             (sudo_defs_table[I_INSULTS].sd_un.flag)
+#define I_REQUIRETTY            24
+#define def_requiretty          (sudo_defs_table[I_REQUIRETTY].sd_un.flag)
+#define I_ENV_EDITOR            25
+#define def_env_editor          (sudo_defs_table[I_ENV_EDITOR].sd_un.flag)
+#define I_ROOTPW                26
+#define def_rootpw              (sudo_defs_table[I_ROOTPW].sd_un.flag)
+#define I_RUNASPW               27
+#define def_runaspw             (sudo_defs_table[I_RUNASPW].sd_un.flag)
+#define I_TARGETPW              28
+#define def_targetpw            (sudo_defs_table[I_TARGETPW].sd_un.flag)
+#define I_USE_LOGINCLASS        29
+#define def_use_loginclass      (sudo_defs_table[I_USE_LOGINCLASS].sd_un.flag)
+#define I_SET_LOGNAME           30
+#define def_set_logname         (sudo_defs_table[I_SET_LOGNAME].sd_un.flag)
+#define I_STAY_SETUID           31
+#define def_stay_setuid         (sudo_defs_table[I_STAY_SETUID].sd_un.flag)
+#define I_PRESERVE_GROUPS       32
+#define def_preserve_groups     (sudo_defs_table[I_PRESERVE_GROUPS].sd_un.flag)
+#define I_LOGLINELEN            33
+#define def_loglinelen          (sudo_defs_table[I_LOGLINELEN].sd_un.uival)
+#define I_TIMESTAMP_TIMEOUT     34
+#define def_timestamp_timeout   (sudo_defs_table[I_TIMESTAMP_TIMEOUT].sd_un.tspec)
+#define I_PASSWD_TIMEOUT        35
+#define def_passwd_timeout      (sudo_defs_table[I_PASSWD_TIMEOUT].sd_un.tspec)
+#define I_PASSWD_TRIES          36
+#define def_passwd_tries        (sudo_defs_table[I_PASSWD_TRIES].sd_un.uival)
+#define I_UMASK                 37
+#define def_umask               (sudo_defs_table[I_UMASK].sd_un.mode)
+#define I_LOGFILE               38
+#define def_logfile             (sudo_defs_table[I_LOGFILE].sd_un.str)
+#define I_MAILERPATH            39
+#define def_mailerpath          (sudo_defs_table[I_MAILERPATH].sd_un.str)
+#define I_MAILERFLAGS           40
+#define def_mailerflags         (sudo_defs_table[I_MAILERFLAGS].sd_un.str)
+#define I_MAILTO                41
+#define def_mailto              (sudo_defs_table[I_MAILTO].sd_un.str)
+#define I_MAILFROM              42
+#define def_mailfrom            (sudo_defs_table[I_MAILFROM].sd_un.str)
+#define I_MAILSUB               43
+#define def_mailsub             (sudo_defs_table[I_MAILSUB].sd_un.str)
+#define I_BADPASS_MESSAGE       44
+#define def_badpass_message     (sudo_defs_table[I_BADPASS_MESSAGE].sd_un.str)
+#define I_LECTURE_STATUS_DIR    45
+#define def_lecture_status_dir  (sudo_defs_table[I_LECTURE_STATUS_DIR].sd_un.str)
+#define I_TIMESTAMPDIR          46
+#define def_timestampdir        (sudo_defs_table[I_TIMESTAMPDIR].sd_un.str)
+#define I_TIMESTAMPOWNER        47
+#define def_timestampowner      (sudo_defs_table[I_TIMESTAMPOWNER].sd_un.str)
+#define I_EXEMPT_GROUP          48
+#define def_exempt_group        (sudo_defs_table[I_EXEMPT_GROUP].sd_un.str)
+#define I_PASSPROMPT            49
+#define def_passprompt          (sudo_defs_table[I_PASSPROMPT].sd_un.str)
+#define I_PASSPROMPT_OVERRIDE   50
+#define def_passprompt_override (sudo_defs_table[I_PASSPROMPT_OVERRIDE].sd_un.flag)
+#define I_RUNAS_DEFAULT         51
+#define def_runas_default       (sudo_defs_table[I_RUNAS_DEFAULT].sd_un.str)
+#define I_SECURE_PATH           52
+#define def_secure_path         (sudo_defs_table[I_SECURE_PATH].sd_un.str)
+#define I_EDITOR                53
+#define def_editor              (sudo_defs_table[I_EDITOR].sd_un.str)
+#define I_LISTPW                54
+#define def_listpw              (sudo_defs_table[I_LISTPW].sd_un.tuple)
+#define I_VERIFYPW              55
+#define def_verifypw            (sudo_defs_table[I_VERIFYPW].sd_un.tuple)
+#define I_NOEXEC                56
+#define def_noexec              (sudo_defs_table[I_NOEXEC].sd_un.flag)
+#define I_IGNORE_LOCAL_SUDOERS  57
+#define def_ignore_local_sudoers (sudo_defs_table[I_IGNORE_LOCAL_SUDOERS].sd_un.flag)
+#define I_CLOSEFROM             58
+#define def_closefrom           (sudo_defs_table[I_CLOSEFROM].sd_un.ival)
+#define I_CLOSEFROM_OVERRIDE    59
+#define def_closefrom_override  (sudo_defs_table[I_CLOSEFROM_OVERRIDE].sd_un.flag)
+#define I_SETENV                60
+#define def_setenv              (sudo_defs_table[I_SETENV].sd_un.flag)
+#define I_ENV_RESET             61
+#define def_env_reset           (sudo_defs_table[I_ENV_RESET].sd_un.flag)
+#define I_ENV_CHECK             62
+#define def_env_check           (sudo_defs_table[I_ENV_CHECK].sd_un.list)
+#define I_ENV_DELETE            63
+#define def_env_delete          (sudo_defs_table[I_ENV_DELETE].sd_un.list)
+#define I_ENV_KEEP              64
+#define def_env_keep            (sudo_defs_table[I_ENV_KEEP].sd_un.list)
+#define I_ROLE                  65
+#define def_role                (sudo_defs_table[I_ROLE].sd_un.str)
+#define I_TYPE                  66
+#define def_type                (sudo_defs_table[I_TYPE].sd_un.str)
+#define I_ENV_FILE              67
+#define def_env_file            (sudo_defs_table[I_ENV_FILE].sd_un.str)
+#define I_RESTRICTED_ENV_FILE   68
+#define def_restricted_env_file (sudo_defs_table[I_RESTRICTED_ENV_FILE].sd_un.str)
+#define I_SUDOERS_LOCALE        69
+#define def_sudoers_locale      (sudo_defs_table[I_SUDOERS_LOCALE].sd_un.str)
+#define I_VISIBLEPW             70
+#define def_visiblepw           (sudo_defs_table[I_VISIBLEPW].sd_un.flag)
+#define I_PWFEEDBACK            71
+#define def_pwfeedback          (sudo_defs_table[I_PWFEEDBACK].sd_un.flag)
+#define I_FAST_GLOB             72
+#define def_fast_glob           (sudo_defs_table[I_FAST_GLOB].sd_un.flag)
+#define I_UMASK_OVERRIDE        73
+#define def_umask_override      (sudo_defs_table[I_UMASK_OVERRIDE].sd_un.flag)
+#define I_LOG_INPUT             74
+#define def_log_input           (sudo_defs_table[I_LOG_INPUT].sd_un.flag)
+#define I_LOG_OUTPUT            75
+#define def_log_output          (sudo_defs_table[I_LOG_OUTPUT].sd_un.flag)
+#define I_COMPRESS_IO           76
+#define def_compress_io         (sudo_defs_table[I_COMPRESS_IO].sd_un.flag)
+#define I_USE_PTY               77
+#define def_use_pty             (sudo_defs_table[I_USE_PTY].sd_un.flag)
+#define I_GROUP_PLUGIN          78
+#define def_group_plugin        (sudo_defs_table[I_GROUP_PLUGIN].sd_un.str)
+#define I_IOLOG_DIR             79
+#define def_iolog_dir           (sudo_defs_table[I_IOLOG_DIR].sd_un.str)
+#define I_IOLOG_FILE            80
+#define def_iolog_file          (sudo_defs_table[I_IOLOG_FILE].sd_un.str)
+#define I_SET_UTMP              81
+#define def_set_utmp            (sudo_defs_table[I_SET_UTMP].sd_un.flag)
+#define I_UTMP_RUNAS            82
+#define def_utmp_runas          (sudo_defs_table[I_UTMP_RUNAS].sd_un.flag)
+#define I_PRIVS                 83
+#define def_privs               (sudo_defs_table[I_PRIVS].sd_un.str)
+#define I_LIMITPRIVS            84
+#define def_limitprivs          (sudo_defs_table[I_LIMITPRIVS].sd_un.str)
+#define I_EXEC_BACKGROUND       85
+#define def_exec_background     (sudo_defs_table[I_EXEC_BACKGROUND].sd_un.flag)
+#define I_PAM_SERVICE           86
+#define def_pam_service         (sudo_defs_table[I_PAM_SERVICE].sd_un.str)
+#define I_PAM_LOGIN_SERVICE     87
+#define def_pam_login_service   (sudo_defs_table[I_PAM_LOGIN_SERVICE].sd_un.str)
+#define I_PAM_SETCRED           88
+#define def_pam_setcred         (sudo_defs_table[I_PAM_SETCRED].sd_un.flag)
+#define I_PAM_SESSION           89
+#define def_pam_session         (sudo_defs_table[I_PAM_SESSION].sd_un.flag)
+#define I_MAXSEQ                90
+#define def_maxseq              (sudo_defs_table[I_MAXSEQ].sd_un.uival)
+#define I_USE_NETGROUPS         91
+#define def_use_netgroups       (sudo_defs_table[I_USE_NETGROUPS].sd_un.flag)
+#define I_SUDOEDIT_CHECKDIR     92
+#define def_sudoedit_checkdir   (sudo_defs_table[I_SUDOEDIT_CHECKDIR].sd_un.flag)
+#define I_SUDOEDIT_FOLLOW       93
+#define def_sudoedit_follow     (sudo_defs_table[I_SUDOEDIT_FOLLOW].sd_un.flag)
+#define I_ALWAYS_QUERY_GROUP_PLUGIN 94
+#define def_always_query_group_plugin (sudo_defs_table[I_ALWAYS_QUERY_GROUP_PLUGIN].sd_un.flag)
+#define I_NETGROUP_TUPLE        95
+#define def_netgroup_tuple      (sudo_defs_table[I_NETGROUP_TUPLE].sd_un.flag)
+#define I_IGNORE_AUDIT_ERRORS   96
+#define def_ignore_audit_errors (sudo_defs_table[I_IGNORE_AUDIT_ERRORS].sd_un.flag)
+#define I_IGNORE_IOLOG_ERRORS   97
+#define def_ignore_iolog_errors (sudo_defs_table[I_IGNORE_IOLOG_ERRORS].sd_un.flag)
+#define I_IGNORE_LOGFILE_ERRORS 98
+#define def_ignore_logfile_errors (sudo_defs_table[I_IGNORE_LOGFILE_ERRORS].sd_un.flag)
+#define I_MATCH_GROUP_BY_GID    99
+#define def_match_group_by_gid  (sudo_defs_table[I_MATCH_GROUP_BY_GID].sd_un.flag)
+#define I_SYSLOG_MAXLEN         100
+#define def_syslog_maxlen       (sudo_defs_table[I_SYSLOG_MAXLEN].sd_un.uival)
+#define I_IOLOG_USER            101
+#define def_iolog_user          (sudo_defs_table[I_IOLOG_USER].sd_un.str)
+#define I_IOLOG_GROUP           102
+#define def_iolog_group         (sudo_defs_table[I_IOLOG_GROUP].sd_un.str)
+#define I_IOLOG_MODE            103
+#define def_iolog_mode          (sudo_defs_table[I_IOLOG_MODE].sd_un.mode)
+#define I_FDEXEC                104
+#define def_fdexec              (sudo_defs_table[I_FDEXEC].sd_un.tuple)
+#define I_IGNORE_UNKNOWN_DEFAULTS 105
+#define def_ignore_unknown_defaults (sudo_defs_table[I_IGNORE_UNKNOWN_DEFAULTS].sd_un.flag)
+#define I_COMMAND_TIMEOUT       106
+#define def_command_timeout     (sudo_defs_table[I_COMMAND_TIMEOUT].sd_un.ival)
+#define I_USER_COMMAND_TIMEOUTS 107
+#define def_user_command_timeouts (sudo_defs_table[I_USER_COMMAND_TIMEOUTS].sd_un.flag)
+#define I_IOLOG_FLUSH           108
+#define def_iolog_flush         (sudo_defs_table[I_IOLOG_FLUSH].sd_un.flag)
+#define I_SYSLOG_PID            109
+#define def_syslog_pid          (sudo_defs_table[I_SYSLOG_PID].sd_un.flag)
+#define I_TIMESTAMP_TYPE        110
+#define def_timestamp_type      (sudo_defs_table[I_TIMESTAMP_TYPE].sd_un.tuple)
+#define I_AUTHFAIL_MESSAGE      111
+#define def_authfail_message    (sudo_defs_table[I_AUTHFAIL_MESSAGE].sd_un.str)
+#define I_CASE_INSENSITIVE_USER 112
+#define def_case_insensitive_user (sudo_defs_table[I_CASE_INSENSITIVE_USER].sd_un.flag)
+#define I_CASE_INSENSITIVE_GROUP 113
+#define def_case_insensitive_group (sudo_defs_table[I_CASE_INSENSITIVE_GROUP].sd_un.flag)
+
+enum def_tuple {
+	never,
+	once,
+	always,
+	any,
+	all,
+	digest_only,
+	global,
+	ppid,
+	tty,
+	kernel
+};
diff --git a/plugins/sudoers/def_data.in b/plugins/sudoers/def_data.in
new file mode 100644
index 0000000..99d4360
--- /dev/null
+++ b/plugins/sudoers/def_data.in
@@ -0,0 +1,359 @@
+#
+# Format:
+#
+# var_name
+#	TYPE
+#	description (or NULL)
+#	array of struct def_values if TYPE == T_TUPLE
+#
+# NOTE: for tuples that can be used in a boolean context the first
+#	value corresponds to boolean FALSE and the second to TRUE.
+#
+
+syslog
+	T_LOGFAC|T_BOOL
+	"Syslog facility if syslog is being used for logging: %s"
+syslog_goodpri
+	T_LOGPRI|T_BOOL
+	"Syslog priority to use when user authenticates successfully: %s"
+syslog_badpri
+	T_LOGPRI|T_BOOL
+	"Syslog priority to use when user authenticates unsuccessfully: %s"
+long_otp_prompt
+	T_FLAG
+	"Put OTP prompt on its own line"
+ignore_dot
+	T_FLAG
+	"Ignore '.' in $PATH"
+mail_always
+	T_FLAG
+	"Always send mail when sudo is run"
+mail_badpass
+	T_FLAG
+	"Send mail if user authentication fails"
+mail_no_user
+	T_FLAG
+	"Send mail if the user is not in sudoers"
+mail_no_host
+	T_FLAG
+	"Send mail if the user is not in sudoers for this host"
+mail_no_perms
+	T_FLAG
+	"Send mail if the user is not allowed to run a command"
+mail_all_cmnds
+	T_FLAG
+	"Send mail if the user tries to run a command"
+tty_tickets
+	T_FLAG
+	"Use a separate timestamp for each user/tty combo"
+lecture
+	T_TUPLE|T_BOOL
+	"Lecture user the first time they run sudo"
+	never once always
+lecture_file
+	T_STR|T_PATH|T_BOOL
+	"File containing the sudo lecture: %s"
+authenticate
+	T_FLAG
+	"Require users to authenticate by default"
+root_sudo
+	T_FLAG
+	"Root may run sudo"
+log_host
+	T_FLAG
+	"Log the hostname in the (non-syslog) log file"
+log_year
+	T_FLAG
+	"Log the year in the (non-syslog) log file"
+shell_noargs
+	T_FLAG
+	"If sudo is invoked with no arguments, start a shell"
+set_home
+	T_FLAG
+	"Set $HOME to the target user when starting a shell with -s"
+always_set_home
+	T_FLAG
+	"Always set $HOME to the target user's home directory"
+path_info
+	T_FLAG
+	"Allow some information gathering to give useful error messages"
+fqdn
+	T_FLAG
+	"Require fully-qualified hostnames in the sudoers file"
+insults
+	T_FLAG
+	"Insult the user when they enter an incorrect password"
+requiretty
+	T_FLAG
+	"Only allow the user to run sudo if they have a tty"
+env_editor
+	T_FLAG
+	"Visudo will honor the EDITOR environment variable"
+rootpw
+	T_FLAG
+	"Prompt for root's password, not the users's"
+runaspw
+	T_FLAG
+	"Prompt for the runas_default user's password, not the users's"
+targetpw
+	T_FLAG
+	"Prompt for the target user's password, not the users's"
+use_loginclass
+	T_FLAG
+	"Apply defaults in the target user's login class if there is one"
+set_logname
+	T_FLAG
+	"Set the LOGNAME and USER environment variables"
+stay_setuid
+	T_FLAG
+	"Only set the effective uid to the target user, not the real uid"
+preserve_groups
+	T_FLAG
+	"Don't initialize the group vector to that of the target user"
+loglinelen
+	T_UINT|T_BOOL
+	"Length at which to wrap log file lines (0 for no wrap): %u"
+timestamp_timeout
+	T_TIMESPEC|T_BOOL
+	"Authentication timestamp timeout: %.1f minutes"
+passwd_timeout
+	T_TIMESPEC|T_BOOL
+	"Password prompt timeout: %.1f minutes"
+passwd_tries
+	T_UINT
+	"Number of tries to enter a password: %u"
+umask
+	T_MODE|T_BOOL
+	"Umask to use or 0777 to use user's: 0%o"
+logfile
+	T_STR|T_BOOL|T_PATH
+	"Path to log file: %s"
+mailerpath
+	T_STR|T_BOOL|T_PATH
+	"Path to mail program: %s"
+mailerflags
+	T_STR|T_BOOL
+	"Flags for mail program: %s"
+mailto
+	T_STR|T_BOOL
+	"Address to send mail to: %s"
+mailfrom
+	T_STR|T_BOOL
+	"Address to send mail from: %s"
+mailsub
+	T_STR
+	"Subject line for mail messages: %s"
+badpass_message
+	T_STR
+	"Incorrect password message: %s"
+lecture_status_dir
+	T_STR|T_PATH
+	"Path to lecture status dir: %s"
+timestampdir
+	T_STR|T_PATH
+	"Path to authentication timestamp dir: %s"
+timestampowner
+	T_STR
+	"Owner of the authentication timestamp dir: %s"
+exempt_group
+	T_STR|T_BOOL
+	"Users in this group are exempt from password and PATH requirements: %s"
+passprompt
+	T_STR
+	"Default password prompt: %s"
+passprompt_override
+	T_FLAG
+	"If set, passprompt will override system prompt in all cases."
+runas_default
+	T_STR
+	"Default user to run commands as: %s"
+secure_path
+	T_STR|T_BOOL
+	"Value to override user's $PATH with: %s"
+editor
+	T_STR|T_PATH
+	"Path to the editor for use by visudo: %s"
+listpw
+	T_TUPLE|T_BOOL
+	"When to require a password for 'list' pseudocommand: %s"
+	never any all always
+verifypw
+	T_TUPLE|T_BOOL
+	"When to require a password for 'verify' pseudocommand: %s"
+	never all any always
+noexec
+	T_FLAG
+	"Preload the dummy exec functions contained in the sudo_noexec library"
+ignore_local_sudoers
+	T_FLAG
+	"If LDAP directory is up, do we ignore local sudoers file"
+closefrom
+	T_INT
+	"File descriptors >= %d will be closed before executing a command"
+closefrom_override
+	T_FLAG
+	"If set, users may override the value of `closefrom' with the -C option"
+setenv
+	T_FLAG
+	"Allow users to set arbitrary environment variables"
+env_reset
+	T_FLAG
+	"Reset the environment to a default set of variables"
+env_check
+	T_LIST|T_BOOL
+	"Environment variables to check for sanity:"
+env_delete
+	T_LIST|T_BOOL
+	"Environment variables to remove:"
+env_keep
+	T_LIST|T_BOOL
+	"Environment variables to preserve:"
+role
+	T_STR
+	"SELinux role to use in the new security context: %s"
+type
+	T_STR
+	"SELinux type to use in the new security context: %s"
+env_file
+	T_STR|T_PATH|T_BOOL
+	"Path to the sudo-specific environment file: %s"
+restricted_env_file
+	T_STR|T_PATH|T_BOOL
+	"Path to the restricted sudo-specific environment file: %s"
+sudoers_locale
+	T_STR
+	"Locale to use while parsing sudoers: %s"
+visiblepw
+	T_FLAG
+	"Allow sudo to prompt for a password even if it would be visible"
+pwfeedback
+	T_FLAG
+	"Provide visual feedback at the password prompt when there is user input"
+fast_glob
+	T_FLAG
+	"Use faster globbing that is less accurate but does not access the filesystem"
+umask_override
+	T_FLAG
+	"The umask specified in sudoers will override the user's, even if it is more permissive"
+log_input
+	T_FLAG
+	"Log user's input for the command being run"
+log_output
+	T_FLAG
+	"Log the output of the command being run"
+compress_io
+	T_FLAG
+	"Compress I/O logs using zlib"
+use_pty
+	T_FLAG
+	"Always run commands in a pseudo-tty"
+group_plugin
+	T_STR
+	"Plugin for non-Unix group support: %s"
+iolog_dir
+	T_STR|T_PATH
+	"Directory in which to store input/output logs: %s"
+iolog_file
+	T_STR
+	"File in which to store the input/output log: %s"
+set_utmp
+	T_FLAG
+	"Add an entry to the utmp/utmpx file when allocating a pty"
+utmp_runas
+	T_FLAG
+	"Set the user in utmp to the runas user, not the invoking user"
+privs
+	T_STR
+	"Set of permitted privileges: %s"
+limitprivs
+	T_STR
+	"Set of limit privileges: %s"
+exec_background
+	T_FLAG
+	"Run commands on a pty in the background"
+pam_service
+	T_STR
+	"PAM service name to use: %s"
+pam_login_service
+	T_STR
+	"PAM service name to use for login shells: %s"
+pam_setcred
+	T_FLAG
+	"Attempt to establish PAM credentials for the target user"
+pam_session
+	T_FLAG
+	"Create a new PAM session for the command to run in"
+maxseq
+	T_UINT
+	"Maximum I/O log sequence number: %u"
+use_netgroups
+	T_FLAG
+	"Enable sudoers netgroup support"
+sudoedit_checkdir
+	T_FLAG
+	"Check parent directories for writability when editing files with sudoedit"
+sudoedit_follow
+	T_FLAG
+	"Follow symbolic links when editing files with sudoedit"
+always_query_group_plugin
+	T_FLAG
+	"Query the group plugin for unknown system groups"
+netgroup_tuple
+	T_FLAG
+	"Match netgroups based on the entire tuple: user, host and domain"
+ignore_audit_errors
+	T_FLAG
+	"Allow commands to be run even if sudo cannot write to the audit log"
+ignore_iolog_errors
+	T_FLAG
+	"Allow commands to be run even if sudo cannot write to the I/O log"
+ignore_logfile_errors
+	T_FLAG
+	"Allow commands to be run even if sudo cannot write to the log file"
+match_group_by_gid
+	T_FLAG
+	"Resolve groups in sudoers and match on the group ID, not the name"
+syslog_maxlen
+	T_UINT
+	"Log entries larger than this value will be split into multiple syslog messages: %u"
+iolog_user
+	T_STR|T_BOOL
+	"User that will own the I/O log files: %s"
+iolog_group
+	T_STR|T_BOOL
+	"Group that will own the I/O log files: %s"
+iolog_mode
+	T_MODE
+	"File mode to use for the I/O log files: 0%o"
+fdexec
+	T_TUPLE|T_BOOL
+	"Execute commands by file descriptor instead of by path: %s"
+	never digest_only always
+ignore_unknown_defaults
+	T_FLAG
+	"Ignore unknown Defaults entries in sudoers instead of producing a warning"
+command_timeout
+	T_TIMEOUT|T_BOOL
+	"Time in seconds after which the command will be terminated: %u"
+user_command_timeouts
+	T_FLAG
+	"Allow the user to specify a timeout on the command line"
+iolog_flush
+	T_FLAG
+	"Flush I/O log data to disk immediately instead of buffering it"
+syslog_pid
+	T_FLAG
+	"Include the process ID when logging via syslog"
+timestamp_type
+	T_TUPLE
+	"Type of authentication timestamp record: %s"
+	global ppid tty kernel
+authfail_message
+	T_STR
+	"Authentication failure message: %s"
+case_insensitive_user
+	T_FLAG
+	"Ignore case when matching user names"
+case_insensitive_group
+	T_FLAG
+	"Ignore case when matching group names"
diff --git a/plugins/sudoers/defaults.c b/plugins/sudoers/defaults.c
new file mode 100644
index 0000000..4c8c262
--- /dev/null
+++ b/plugins/sudoers/defaults.c
@@ -0,0 +1,1132 @@
+/*
+ * Copyright (c) 1999-2005, 2007-2018
+ *	Todd C. Miller <Todd.Miller@sudo.ws>
+ *
+ * Permission to use, copy, modify, and distribute this software for any
+ * purpose with or without fee is hereby granted, provided that the above
+ * copyright notice and this permission notice appear in all copies.
+ *
+ * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
+ * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
+ * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
+ * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
+ * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
+ * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
+ * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
+ *
+ * Sponsored in part by the Defense Advanced Research Projects
+ * Agency (DARPA) and Air Force Research Laboratory, Air Force
+ * Materiel Command, USAF, under agreement number F39502-99-1-0512.
+ */
+
+/*
+ * This is an open source non-commercial project. Dear PVS-Studio, please check it.
+ * PVS-Studio Static Code Analyzer for C, C++ and C#: http://www.viva64.com
+ */
+
+#include <config.h>
+
+#include <sys/types.h>
+#include <sys/stat.h>
+#include <stdio.h>
+#include <stdlib.h>
+#ifdef HAVE_STRING_H
+# include <string.h>
+#endif /* HAVE_STRING_H */
+#ifdef HAVE_STRINGS_H
+# include <strings.h>
+#endif /* HAVE_STRINGS_H */
+#include <unistd.h>
+#include <pwd.h>
+#include <ctype.h>
+#include <syslog.h>
+
+#include "sudoers.h"
+#include <gram.h>
+
+/*
+ * For converting between syslog numbers and strings.
+ */
+struct strmap {
+    char *name;
+    int num;
+};
+
+static struct strmap facilities[] = {
+#ifdef LOG_AUTHPRIV
+	{ "authpriv",	LOG_AUTHPRIV },
+#endif
+	{ "auth",	LOG_AUTH },
+	{ "daemon",	LOG_DAEMON },
+	{ "user",	LOG_USER },
+	{ "local0",	LOG_LOCAL0 },
+	{ "local1",	LOG_LOCAL1 },
+	{ "local2",	LOG_LOCAL2 },
+	{ "local3",	LOG_LOCAL3 },
+	{ "local4",	LOG_LOCAL4 },
+	{ "local5",	LOG_LOCAL5 },
+	{ "local6",	LOG_LOCAL6 },
+	{ "local7",	LOG_LOCAL7 },
+	{ NULL,		-1 }
+};
+
+static struct strmap priorities[] = {
+	{ "alert",	LOG_ALERT },
+	{ "crit",	LOG_CRIT },
+	{ "debug",	LOG_DEBUG },
+	{ "emerg",	LOG_EMERG },
+	{ "err",	LOG_ERR },
+	{ "info",	LOG_INFO },
+	{ "notice",	LOG_NOTICE },
+	{ "warning",	LOG_WARNING },
+	{ "none",	-1 },
+	{ NULL,		-1 }
+};
+
+static struct early_default early_defaults[] = {
+    { I_IGNORE_UNKNOWN_DEFAULTS },
+#ifdef FQDN
+    { I_FQDN, true },
+#else
+    { I_FQDN },
+#endif
+    { I_MATCH_GROUP_BY_GID },
+    { I_GROUP_PLUGIN },
+    { I_RUNAS_DEFAULT },
+    { I_SUDOERS_LOCALE },
+    { -1 }
+};
+
+/*
+ * Local prototypes.
+ */
+static bool store_int(const char *str, union sudo_defs_val *sd_un);
+static bool store_list(const char *str, union sudo_defs_val *sd_un, int op);
+static bool store_mode(const char *str, union sudo_defs_val *sd_un);
+static int  store_str(const char *str, union sudo_defs_val *sd_un);
+static bool store_syslogfac(const char *str, union sudo_defs_val *sd_un);
+static bool store_syslogpri(const char *str, union sudo_defs_val *sd_un);
+static bool store_timeout(const char *str, union sudo_defs_val *sd_un);
+static bool store_tuple(const char *str, union sudo_defs_val *sd_un, struct def_values *tuple_vals);
+static bool store_uint(const char *str, union sudo_defs_val *sd_un);
+static bool store_timespec(const char *str, union sudo_defs_val *sd_un);
+static bool list_op(const char *str, size_t, union sudo_defs_val *sd_un, enum list_ops op);
+static const char *logfac2str(int);
+static const char *logpri2str(int);
+
+/*
+ * Table describing compile-time and run-time options.
+ */
+#include <def_data.c>
+
+/*
+ * Print version and configure info.
+ */
+void
+dump_defaults(void)
+{
+    struct sudo_defs_types *cur;
+    struct list_member *item;
+    struct def_values *def;
+    char *desc;
+    debug_decl(dump_defaults, SUDOERS_DEBUG_DEFAULTS)
+
+    for (cur = sudo_defs_table; cur->name; cur++) {
+	if (cur->desc) {
+	    desc = _(cur->desc);
+	    switch (cur->type & T_MASK) {
+		case T_FLAG:
+		    if (cur->sd_un.flag)
+			sudo_printf(SUDO_CONV_INFO_MSG, "%s\n", desc);
+		    break;
+		case T_STR:
+		    if (cur->sd_un.str) {
+			sudo_printf(SUDO_CONV_INFO_MSG, desc, cur->sd_un.str);
+			sudo_printf(SUDO_CONV_INFO_MSG, "\n");
+		    }
+		    break;
+		case T_LOGFAC:
+		    if (cur->sd_un.ival) {
+			sudo_printf(SUDO_CONV_INFO_MSG, desc,
+			    logfac2str(cur->sd_un.ival));
+			sudo_printf(SUDO_CONV_INFO_MSG, "\n");
+		    }
+		    break;
+		case T_LOGPRI:
+		    if (cur->sd_un.ival) {
+			sudo_printf(SUDO_CONV_INFO_MSG, desc,
+			    logpri2str(cur->sd_un.ival));
+			sudo_printf(SUDO_CONV_INFO_MSG, "\n");
+		    }
+		    break;
+		case T_INT:
+		    sudo_printf(SUDO_CONV_INFO_MSG, desc, cur->sd_un.ival);
+		    sudo_printf(SUDO_CONV_INFO_MSG, "\n");
+		    break;
+		case T_UINT:
+		    sudo_printf(SUDO_CONV_INFO_MSG, desc, cur->sd_un.uival);
+		    sudo_printf(SUDO_CONV_INFO_MSG, "\n");
+		    break;
+		case T_TIMESPEC: {
+		    /* display timespec in minutes as a double */
+		    double d = cur->sd_un.tspec.tv_sec +
+			(cur->sd_un.tspec.tv_nsec / 1000000000.0);
+		    sudo_printf(SUDO_CONV_INFO_MSG, desc, d / 60.0);
+		    sudo_printf(SUDO_CONV_INFO_MSG, "\n");
+		    break;
+		}
+		case T_MODE:
+		    sudo_printf(SUDO_CONV_INFO_MSG, desc, cur->sd_un.mode);
+		    sudo_printf(SUDO_CONV_INFO_MSG, "\n");
+		    break;
+		case T_LIST:
+		    if (!SLIST_EMPTY(&cur->sd_un.list)) {
+			sudo_printf(SUDO_CONV_INFO_MSG, "%s\n", desc);
+			SLIST_FOREACH(item, &cur->sd_un.list, entries) {
+			    sudo_printf(SUDO_CONV_INFO_MSG,
+				"\t%s\n", item->value);
+			}
+		    }
+		    break;
+		case T_TIMEOUT:
+		    if (cur->sd_un.ival) {
+			sudo_printf(SUDO_CONV_INFO_MSG, desc,
+			    cur->sd_un.ival);
+			sudo_printf(SUDO_CONV_INFO_MSG, "\n");
+		    }
+		    break;
+		case T_TUPLE:
+		    for (def = cur->values; def->sval; def++) {
+			if (cur->sd_un.tuple == def->nval) {
+			    sudo_printf(SUDO_CONV_INFO_MSG, desc, def->sval);
+			    break;
+			}
+		    }
+		    sudo_printf(SUDO_CONV_INFO_MSG, "\n");
+		    break;
+	    }
+	}
+    }
+    debug_return;
+}
+
+/*
+ * Find the index of the specified Defaults name in sudo_defs_table[]
+ * On success, returns the matching index or -1 on failure.
+ */
+static int
+find_default(const char *name, const char *file, int lineno, bool quiet)
+{
+    int i;
+    debug_decl(find_default, SUDOERS_DEBUG_DEFAULTS)
+
+    for (i = 0; sudo_defs_table[i].name != NULL; i++) {
+	if (strcmp(name, sudo_defs_table[i].name) == 0)
+	    debug_return_int(i);
+    }
+    if (!quiet && !def_ignore_unknown_defaults) {
+	if (lineno > 0) {
+	    sudo_warnx(U_("%s:%d unknown defaults entry \"%s\""),
+		file, lineno, name);
+	} else {
+	    sudo_warnx(U_("%s: unknown defaults entry \"%s\""),
+		file, name);
+	}
+    }
+    debug_return_int(-1);
+}
+
+/*
+ * Parse a defaults entry, storing the parsed entry in sd_un.
+ * Returns true on success or false on failure.
+ */
+static bool
+parse_default_entry(struct sudo_defs_types *def, const char *val, int op,
+    union sudo_defs_val *sd_un, const char *file, int lineno, bool quiet)
+{
+    int rc;
+    debug_decl(parse_default_entry, SUDOERS_DEBUG_DEFAULTS)
+
+    sudo_debug_printf(SUDO_DEBUG_INFO, "%s: %s:%d %s=%s op=%d",
+	__func__, file, lineno, def->name, val ? val : "", op);
+
+    /*
+     * If no value specified, the boolean flag must be set for non-flags.
+     * Only flags and tuples support boolean "true".
+     */
+    if (val == NULL) {
+	switch (def->type & T_MASK) {
+	case T_FLAG:
+	    break;
+	case T_TUPLE:
+	    if (ISSET(def->type, T_BOOL))
+		break;
+	    /* FALLTHROUGH */
+	case T_LOGFAC:
+	    if (op == true) {
+		/* Use default syslog facility if none specified. */
+		val = LOGFAC;
+	    }
+	    break;
+	default:
+	    if (!ISSET(def->type, T_BOOL) || op != false) {
+		if (!quiet) {
+		    if (lineno > 0) {
+			sudo_warnx(U_("%s:%d no value specified for \"%s\""),
+			    file, lineno, def->name);
+		    } else {
+			sudo_warnx(U_("%s: no value specified for \"%s\""),
+			    file, def->name);
+		    }
+		}
+		debug_return_bool(false);
+	    }
+	}
+    }
+
+    switch (def->type & T_MASK) {
+	case T_LOGFAC:
+	    rc = store_syslogfac(val, sd_un);
+	    break;
+	case T_LOGPRI:
+	    rc = store_syslogpri(val, sd_un);
+	    break;
+	case T_STR:
+	    if (ISSET(def->type, T_PATH) && val != NULL && *val != '/') {
+		if (!quiet) {
+		    if (lineno > 0) {
+			sudo_warnx(U_("%s:%d values for \"%s\" must start with a '/'"),
+			    file, lineno, def->name);
+		    } else {
+			sudo_warnx(U_("%s: values for \"%s\" must start with a '/'"),
+			    file, def->name);
+		    }
+		}
+		rc = -1;
+		break;
+	    }
+	    rc =  store_str(val, sd_un);
+	    break;
+	case T_INT:
+	    rc = store_int(val, sd_un);
+	    break;
+	case T_UINT:
+	    rc = store_uint(val, sd_un);
+	    break;
+	case T_MODE:
+	    rc = store_mode(val, sd_un);
+	    break;
+	case T_FLAG:
+	    if (val != NULL) {
+		if (!quiet) {
+		    if (lineno > 0) {
+			sudo_warnx(U_("%s:%d option \"%s\" does not take a value"),
+			    file, lineno, def->name);
+		    } else {
+			sudo_warnx(U_("%s: option \"%s\" does not take a value"),
+			    file, def->name);
+		    }
+		}
+		rc = -1;
+		break;
+	    }
+	    sd_un->flag = op;
+	    rc = true;
+	    break;
+	case T_LIST:
+	    rc = store_list(val, sd_un, op);
+	    break;
+	case T_TIMEOUT:
+	    rc = store_timeout(val, sd_un);
+	    break;
+	case T_TUPLE:
+	    rc = store_tuple(val, sd_un, def->values);
+	    break;
+	case T_TIMESPEC:
+	    rc = store_timespec(val, sd_un);
+	    break;
+	default:
+	    if (!quiet) {
+		if (lineno > 0) {
+		    sudo_warnx(U_("%s:%d invalid Defaults type 0x%x for option \"%s\""),
+			file, lineno, def->type, def->name);
+		} else {
+		    sudo_warnx(U_("%s: invalid Defaults type 0x%x for option \"%s\""),
+			file, def->type, def->name);
+		}
+	    }
+	    rc = -1;
+	    break;
+    }
+    if (rc == false) {
+	if (!quiet) {
+	    if (lineno > 0) {
+		sudo_warnx(U_("%s:%d value \"%s\" is invalid for option \"%s\""),
+		    file, lineno, val, def->name);
+	    } else {
+		sudo_warnx(U_("%s: value \"%s\" is invalid for option \"%s\""),
+		    file, val, def->name);
+	    }
+	}
+    }
+
+    debug_return_bool(rc == true);
+}
+
+struct early_default *
+is_early_default(const char *name)
+{
+    struct early_default *early;
+    debug_decl(is_early_default, SUDOERS_DEBUG_DEFAULTS)
+
+    for (early = early_defaults; early->idx != -1; early++) {
+	if (strcmp(name, sudo_defs_table[early->idx].name) == 0)
+	    debug_return_ptr(early);
+    }
+    debug_return_ptr(NULL);
+}
+
+static bool
+run_callback(struct sudo_defs_types *def)
+{
+    debug_decl(run_callback, SUDOERS_DEBUG_DEFAULTS)
+
+    if (def->callback == NULL)
+	debug_return_bool(true);
+    debug_return_bool(def->callback(&def->sd_un));
+}
+
+/*
+ * Sets/clears an entry in the defaults structure.
+ * Runs the callback if present on success.
+ */
+bool
+set_default(const char *var, const char *val, int op, const char *file,
+    int lineno, bool quiet)
+{
+    int idx;
+    debug_decl(set_default, SUDOERS_DEBUG_DEFAULTS)
+
+    idx = find_default(var, file, lineno, quiet);
+    if (idx != -1) {
+	/* Set parsed value in sudo_defs_table and run callback (if any). */
+	struct sudo_defs_types *def = &sudo_defs_table[idx];
+	if (parse_default_entry(def, val, op, &def->sd_un, file, lineno, quiet))
+	    debug_return_bool(run_callback(def));
+    }
+    debug_return_bool(false);
+}
+
+/*
+ * Like set_default() but stores the matching default value
+ * and does not run callbacks.
+ */
+bool
+set_early_default(const char *var, const char *val, int op, const char *file,
+    int lineno, bool quiet, struct early_default *early)
+{
+    int idx;
+    debug_decl(set_early_default, SUDOERS_DEBUG_DEFAULTS)
+
+    idx = find_default(var, file, lineno, quiet);
+    if (idx != -1) {
+	/* Set parsed value in sudo_defs_table but defer callback (if any). */
+	struct sudo_defs_types *def = &sudo_defs_table[idx];
+	if (parse_default_entry(def, val, op, &def->sd_un, file, lineno, quiet)) {
+	    early->run_callback = true;
+	    debug_return_bool(true);
+	}
+    }
+    debug_return_bool(false);
+}
+
+/*
+ * Run callbacks for early defaults.
+ */
+bool
+run_early_defaults(void)
+{
+    struct early_default *early;
+    bool ret = true;
+    debug_decl(run_early_defaults, SUDOERS_DEBUG_DEFAULTS)
+
+    for (early = early_defaults; early->idx != -1; early++) {
+	if (early->run_callback) {
+	    if (!run_callback(&sudo_defs_table[early->idx]))
+		ret = false;
+	    early->run_callback = false;
+	}
+    }
+    debug_return_bool(ret);
+}
+
+static void
+free_defs_val(int type, union sudo_defs_val *sd_un)
+{
+    switch (type & T_MASK) {
+	case T_STR:
+	    free(sd_un->str);
+	    break;
+	case T_LIST:
+	    (void)list_op(NULL, 0, sd_un, freeall);
+	    break;
+    }
+    memset(sd_un, 0, sizeof(*sd_un));
+}
+
+/*
+ * Set default options to compiled-in values.
+ * Any of these may be overridden at runtime by a "Defaults" file.
+ */
+bool
+init_defaults(void)
+{
+    static int firsttime = 1;
+    struct sudo_defs_types *def;
+    debug_decl(init_defaults, SUDOERS_DEBUG_DEFAULTS)
+
+    /* Clear any old settings. */
+    if (!firsttime) {
+	for (def = sudo_defs_table; def->name != NULL; def++)
+	    free_defs_val(def->type, &def->sd_un);
+    }
+
+    /* First initialize the flags. */
+#ifdef LONG_OTP_PROMPT
+    def_long_otp_prompt = true;
+#endif
+#ifdef IGNORE_DOT_PATH
+    def_ignore_dot = true;
+#endif
+#ifdef ALWAYS_SEND_MAIL
+    def_mail_always = true;
+#endif
+#ifdef SEND_MAIL_WHEN_NO_USER
+    def_mail_no_user = true;
+#endif
+#ifdef SEND_MAIL_WHEN_NO_HOST
+    def_mail_no_host = true;
+#endif
+#ifdef SEND_MAIL_WHEN_NOT_OK
+    def_mail_no_perms = true;
+#endif
+#ifndef NO_LECTURE
+    def_lecture = once;
+#endif
+#ifndef NO_AUTHENTICATION
+    def_authenticate = true;
+#endif
+#ifndef NO_ROOT_SUDO
+    def_root_sudo = true;
+#endif
+#ifdef HOST_IN_LOG
+    def_log_host = true;
+#endif
+#ifdef SHELL_IF_NO_ARGS
+    def_shell_noargs = true;
+#endif
+#ifdef SHELL_SETS_HOME
+    def_set_home = true;
+#endif
+#ifndef DONT_LEAK_PATH_INFO
+    def_path_info = true;
+#endif
+#ifdef USE_INSULTS
+    def_insults = true;
+#endif
+#ifdef FQDN
+    def_fqdn = true;
+#endif
+#ifdef ENV_EDITOR
+    def_env_editor = true;
+#endif
+#ifdef UMASK_OVERRIDE
+    def_umask_override = true;
+#endif
+    def_timestamp_type = TIMESTAMP_TYPE;
+    if ((def_iolog_file = strdup("%{seq}")) == NULL)
+	goto oom;
+    if ((def_iolog_dir = strdup(_PATH_SUDO_IO_LOGDIR)) == NULL)
+	goto oom;
+    if ((def_sudoers_locale = strdup("C")) == NULL)
+	goto oom;
+    def_env_reset = ENV_RESET;
+    def_set_logname = true;
+    def_closefrom = STDERR_FILENO + 1;
+    if ((def_pam_service = strdup("sudo")) == NULL)
+	goto oom;
+#ifdef HAVE_PAM_LOGIN
+    if ((def_pam_login_service = strdup("sudo-i")) == NULL)
+	goto oom;
+#else
+    if ((def_pam_login_service = strdup("sudo")) == NULL)
+	goto oom;
+#endif
+#ifdef NO_PAM_SESSION
+    def_pam_session = false;
+#else
+    def_pam_session = true;
+#endif
+#ifdef HAVE_INNETGR
+    def_use_netgroups = true;
+#endif
+    def_netgroup_tuple = false;
+    def_sudoedit_checkdir = true;
+    def_iolog_mode = S_IRUSR|S_IWUSR;
+    def_fdexec = digest_only;
+
+    /* Syslog options need special care since they both strings and ints */
+#if (LOGGING & SLOG_SYSLOG)
+    (void) store_syslogfac(LOGFAC, &sudo_defs_table[I_SYSLOG].sd_un);
+    (void) store_syslogpri(PRI_SUCCESS, &sudo_defs_table[I_SYSLOG_GOODPRI].sd_un);
+    (void) store_syslogpri(PRI_FAILURE, &sudo_defs_table[I_SYSLOG_BADPRI].sd_un);
+#endif
+
+    /* Password flags also have a string and integer component. */
+    (void) store_tuple("any", &sudo_defs_table[I_LISTPW].sd_un, sudo_defs_table[I_LISTPW].values);
+    (void) store_tuple("all", &sudo_defs_table[I_VERIFYPW].sd_un, sudo_defs_table[I_VERIFYPW].values);
+
+    /* Then initialize the int-like things. */
+#ifdef SUDO_UMASK
+    def_umask = SUDO_UMASK;
+#else
+    def_umask = ACCESSPERMS;
+#endif
+    def_loglinelen = MAXLOGFILELEN;
+    def_timestamp_timeout.tv_sec = TIMEOUT * 60;
+    def_passwd_timeout.tv_sec = PASSWORD_TIMEOUT * 60;
+    def_passwd_tries = TRIES_FOR_PASSWORD;
+#ifdef HAVE_ZLIB_H
+    def_compress_io = true;
+#endif
+    def_ignore_audit_errors = true;
+    def_ignore_iolog_errors = false;
+    def_ignore_logfile_errors = true;
+
+    /* Now do the strings */
+    if ((def_mailto = strdup(MAILTO)) == NULL)
+	goto oom;
+    if ((def_mailsub = strdup(N_(MAILSUBJECT))) == NULL)
+	goto oom;
+    if ((def_badpass_message = strdup(_(INCORRECT_PASSWORD))) == NULL)
+	goto oom;
+    if ((def_lecture_status_dir = strdup(_PATH_SUDO_LECTURE_DIR)) == NULL)
+	goto oom;
+    if ((def_timestampdir = strdup(_PATH_SUDO_TIMEDIR)) == NULL)
+	goto oom;
+    if ((def_passprompt = strdup(_(PASSPROMPT))) == NULL)
+	goto oom;
+    if ((def_runas_default = strdup(RUNAS_DEFAULT)) == NULL)
+	goto oom;
+#ifdef _PATH_SUDO_SENDMAIL
+    if ((def_mailerpath = strdup(_PATH_SUDO_SENDMAIL)) == NULL)
+	goto oom;
+    if ((def_mailerflags = strdup("-t")) == NULL)
+	goto oom;
+#endif
+#if (LOGGING & SLOG_FILE)
+    if ((def_logfile = strdup(_PATH_SUDO_LOGFILE)) == NULL)
+	goto oom;
+#endif
+#ifdef EXEMPTGROUP
+    if ((def_exempt_group = strdup(EXEMPTGROUP)) == NULL)
+	goto oom;
+#endif
+#ifdef SECURE_PATH
+    if ((def_secure_path = strdup(SECURE_PATH)) == NULL)
+	goto oom;
+#endif
+    if ((def_editor = strdup(EDITOR)) == NULL)
+	goto oom;
+    def_set_utmp = true;
+    def_pam_setcred = true;
+    def_syslog_maxlen = MAXSYSLOGLEN;
+    def_case_insensitive_user = true;
+    def_case_insensitive_group = true;
+
+    /* Reset the locale. */
+    if (!firsttime) {
+	if (!sudoers_initlocale(NULL, def_sudoers_locale))
+	    goto oom;
+    }
+
+    /* Finally do the lists (currently just environment tables). */
+    if (!init_envtables())
+	goto oom;
+
+    firsttime = 0;
+
+    debug_return_bool(true);
+oom:
+    sudo_warnx(U_("%s: %s"), __func__, U_("unable to allocate memory"));
+    debug_return_bool(false);
+}
+
+/*
+ * Check whether a defaults entry matches the specified type.
+ * Returns true if it matches, else false.
+ */
+static bool
+default_type_matches(struct defaults *d, int what)
+{
+    debug_decl(default_type_matches, SUDOERS_DEBUG_DEFAULTS)
+
+    switch (d->type) {
+    case DEFAULTS:
+	if (ISSET(what, SETDEF_GENERIC))
+	    debug_return_bool(true);
+	break;
+    case DEFAULTS_USER:
+	if (ISSET(what, SETDEF_USER))
+	    debug_return_bool(true);
+	break;
+    case DEFAULTS_RUNAS:
+	if (ISSET(what, SETDEF_RUNAS))
+	    debug_return_bool(true);
+	break;
+    case DEFAULTS_HOST:
+	if (ISSET(what, SETDEF_HOST))
+	    debug_return_bool(true);
+	break;
+    case DEFAULTS_CMND:
+	if (ISSET(what, SETDEF_CMND))
+	    debug_return_bool(true);
+	break;
+    }
+    debug_return_bool(false);
+}
+
+/*
+ * Check whether a defaults entry's binding matches.
+ * Returns true if it matches, else false.
+ */
+static bool
+default_binding_matches(struct sudoers_parse_tree *parse_tree,
+    struct defaults *d, int what)
+{
+    debug_decl(default_binding_matches, SUDOERS_DEBUG_DEFAULTS)
+
+    switch (d->type) {
+    case DEFAULTS:
+	debug_return_bool(true);
+	break;
+    case DEFAULTS_USER:
+	if (userlist_matches(parse_tree, sudo_user.pw, d->binding) == ALLOW)
+	    debug_return_bool(true);
+	break;
+    case DEFAULTS_RUNAS:
+	if (runaslist_matches(parse_tree, d->binding, NULL, NULL, NULL) == ALLOW)
+	    debug_return_bool(true);
+	break;
+    case DEFAULTS_HOST:
+	if (hostlist_matches(parse_tree, sudo_user.pw, d->binding) == ALLOW)
+	    debug_return_bool(true);
+	break;
+    case DEFAULTS_CMND:
+	if (cmndlist_matches(parse_tree, d->binding) == ALLOW)
+	    debug_return_bool(true);
+	break;
+    }
+    debug_return_bool(false);
+}
+
+/*
+ * Update the global defaults based on the given defaults list.
+ * Pass in an OR'd list of which default types to update.
+ */
+bool
+update_defaults(struct sudoers_parse_tree *parse_tree,
+    struct defaults_list *defs, int what, bool quiet)
+{
+    struct defaults *d;
+    bool ret = true;
+    debug_decl(update_defaults, SUDOERS_DEBUG_DEFAULTS)
+
+    sudo_debug_printf(SUDO_DEBUG_INFO|SUDO_DEBUG_LINENO,
+	"what: 0x%02x", what);
+
+    /* If no defaults list specified, use the global one in the parse tree. */
+    if (defs == NULL)
+	defs = &parse_tree->defaults;
+
+    /*
+     * First apply Defaults values marked as early.
+     */
+    TAILQ_FOREACH(d, defs, entries) {
+	struct early_default *early = is_early_default(d->var);
+	if (early == NULL)
+	    continue;
+
+	/* Defaults type and binding must match. */
+	if (!default_type_matches(d, what) ||
+	    !default_binding_matches(parse_tree, d, what))
+	    continue;
+
+	/* Copy the value to sudo_defs_table and mark as early. */
+	if (!set_early_default(d->var, d->val, d->op, d->file, d->lineno,
+	    quiet, early))
+	    ret = false;
+    }
+    /* Run callbacks for early defaults (if any) */
+    if (!run_early_defaults())
+	ret = false;
+
+    /*
+     * Then set the rest of the defaults.
+     */
+    TAILQ_FOREACH(d, defs, entries) {
+	/* Skip Defaults marked as early, we already did them. */
+	if (is_early_default(d->var))
+	    continue;
+
+	/* Defaults type and binding must match. */
+	if (!default_type_matches(d, what) ||
+	    !default_binding_matches(parse_tree, d, what))
+	    continue;
+
+	/* Copy the value to sudo_defs_table and run callback (if any) */
+	if (!set_default(d->var, d->val, d->op, d->file, d->lineno, quiet))
+	    ret = false;
+    }
+    debug_return_bool(ret);
+}
+
+/*
+ * Check all defaults entries without actually setting them.
+ */
+bool
+check_defaults(struct sudoers_parse_tree *parse_tree, bool quiet)
+{
+    struct defaults *d;
+    bool ret = true;
+    int idx;
+    debug_decl(check_defaults, SUDOERS_DEBUG_DEFAULTS)
+
+    TAILQ_FOREACH(d, &parse_tree->defaults, entries) {
+	idx = find_default(d->var, d->file, d->lineno, quiet);
+	if (idx != -1) {
+	    struct sudo_defs_types *def = &sudo_defs_table[idx];
+	    union sudo_defs_val sd_un;
+	    memset(&sd_un, 0, sizeof(sd_un));
+	    if (parse_default_entry(def, d->val, d->op, &sd_un, d->file,
+		d->lineno, quiet)) {
+		free_defs_val(def->type, &sd_un);
+		continue;
+	    }
+	}
+	/* There was an error in the entry, flag it. */
+	d->error = true;
+	ret = false;
+    }
+    debug_return_bool(ret);
+}
+
+static bool
+store_int(const char *str, union sudo_defs_val *sd_un)
+{
+    const char *errstr;
+    int i;
+    debug_decl(store_int, SUDOERS_DEBUG_DEFAULTS)
+
+    if (str == NULL) {
+	sd_un->ival = 0;
+    } else {
+	i = strtonum(str, INT_MIN, INT_MAX, &errstr);
+	if (errstr != NULL) {
+	    sudo_debug_printf(SUDO_DEBUG_ERROR|SUDO_DEBUG_LINENO,
+		"%s: %s", str, errstr);
+	    debug_return_bool(false);
+	}
+	sd_un->ival = i;
+    }
+    debug_return_bool(true);
+}
+
+static bool
+store_uint(const char *str, union sudo_defs_val *sd_un)
+{
+    const char *errstr;
+    unsigned int u;
+    debug_decl(store_uint, SUDOERS_DEBUG_DEFAULTS)
+
+    if (str == NULL) {
+	sd_un->uival = 0;
+    } else {
+	u = strtonum(str, 0, UINT_MAX, &errstr);
+	if (errstr != NULL) {
+	    sudo_debug_printf(SUDO_DEBUG_ERROR|SUDO_DEBUG_LINENO,
+		"%s: %s", str, errstr);
+	    debug_return_bool(false);
+	}
+	sd_un->uival = u;
+    }
+    debug_return_bool(true);
+}
+
+static bool
+store_timespec(const char *str, union sudo_defs_val *sd_un)
+{
+    struct timespec ts;
+    char sign = '+';
+    int i;
+    debug_decl(store_timespec, SUDOERS_DEBUG_DEFAULTS)
+
+    sudo_timespecclear(&ts);
+    if (str != NULL) {
+	/* Convert from minutes to timespec. */
+	if (*str == '+' || *str == '-')
+	    sign = *str++;
+	while (*str != '\0' && *str != '.') {
+		if (!isdigit((unsigned char)*str))
+		    debug_return_bool(false);	/* invalid number */
+		if (ts.tv_sec > TIME_T_MAX / 10)
+		    debug_return_bool(false);	/* overflow */
+		ts.tv_sec *= 10;
+		ts.tv_sec += *str++ - '0';
+	}
+	if (*str++ == '.') {
+	    /* Convert optional fractional component to nanosecs. */
+	    for (i = 100000000; i > 0; i /= 10) {
+		if (*str == '\0')
+		    break;
+		if (!isdigit((unsigned char)*str))
+		    debug_return_bool(false);	/* invalid number */
+		ts.tv_nsec += i * (*str++ - '0');
+	    }
+	}
+	/* Convert from minutes to seconds. */
+	if (ts.tv_sec > TIME_T_MAX / 60)
+	    debug_return_bool(false);	/* overflow */
+	ts.tv_sec *= 60;
+	ts.tv_nsec *= 60;
+	while (ts.tv_nsec >= 1000000000) {
+	    ts.tv_sec++;
+	    ts.tv_nsec -= 1000000000;
+	}
+    }
+    if (sign == '-') {
+	sd_un->tspec.tv_sec = -ts.tv_sec;
+	sd_un->tspec.tv_nsec = -ts.tv_nsec;
+    } else {
+	sd_un->tspec.tv_sec = ts.tv_sec;
+	sd_un->tspec.tv_nsec = ts.tv_nsec;
+    }
+    debug_return_bool(true);
+}
+
+static bool
+store_tuple(const char *str, union sudo_defs_val *sd_un,
+    struct def_values *tuple_vals)
+{
+    struct def_values *v;
+    debug_decl(store_tuple, SUDOERS_DEBUG_DEFAULTS)
+
+    /*
+     * Look up tuple value by name to find enum def_tuple value.
+     * For negation to work the first element of enum def_tuple
+     * must be equivalent to boolean false.
+     */
+    if (str == NULL) {
+	sd_un->ival = 0;
+    } else {
+	for (v = tuple_vals; v->sval != NULL; v++) {
+	    if (strcmp(v->sval, str) == 0) {
+		sd_un->tuple = v->nval;
+		break;
+	    }
+	}
+	if (v->sval == NULL)
+	    debug_return_bool(false);
+    }
+    debug_return_bool(true);
+}
+
+static int
+store_str(const char *str, union sudo_defs_val *sd_un)
+{
+    debug_decl(store_str, SUDOERS_DEBUG_DEFAULTS)
+
+    free(sd_un->str);
+    if (str == NULL) {
+	sd_un->str = NULL;
+    } else {
+	if ((sd_un->str = strdup(str)) == NULL) {
+	    sudo_warnx(U_("%s: %s"), __func__, U_("unable to allocate memory"));
+	    debug_return_int(-1);
+	}
+    }
+    debug_return_int(true);
+}
+
+static bool
+store_list(const char *str, union sudo_defs_val *sd_un, int op)
+{
+    debug_decl(store_list, SUDOERS_DEBUG_DEFAULTS)
+
+    /* Remove all old members. */
+    if (op == false || op == true)
+	(void)list_op(NULL, 0, sd_un, freeall);
+
+    /* Split str into multiple space-separated words and act on each one. */
+    if (str != NULL) {
+	const char *cp, *ep;
+	const char *end = str + strlen(str);
+	const enum list_ops lop = op == '-' ? delete : add;
+
+	for (cp = sudo_strsplit(str, end, " \t", &ep); cp != NULL;
+	    cp = sudo_strsplit(NULL, end, " \t", &ep)) {
+	    if (!list_op(cp, ep - cp, sd_un, lop))
+		debug_return_bool(false);
+	}
+    }
+    debug_return_bool(true);
+}
+
+static bool
+store_syslogfac(const char *str, union sudo_defs_val *sd_un)
+{
+    struct strmap *fac;
+    debug_decl(store_syslogfac, SUDOERS_DEBUG_DEFAULTS)
+
+    if (str == NULL) {
+	sd_un->ival = false;
+	debug_return_bool(true);
+    }
+    for (fac = facilities; fac->name != NULL; fac++) {
+	if (strcmp(str, fac->name) == 0) {
+	    sd_un->ival = fac->num;
+	    debug_return_bool(true);
+	}
+    }
+    debug_return_bool(false);		/* not found */
+}
+
+static const char *
+logfac2str(int n)
+{
+    struct strmap *fac;
+    debug_decl(logfac2str, SUDOERS_DEBUG_DEFAULTS)
+
+    for (fac = facilities; fac->name && fac->num != n; fac++)
+	continue;
+    debug_return_const_str(fac->name);
+}
+
+static bool
+store_syslogpri(const char *str, union sudo_defs_val *sd_un)
+{
+    struct strmap *pri;
+    debug_decl(store_syslogpri, SUDOERS_DEBUG_DEFAULTS)
+
+    if (str == NULL) {
+	sd_un->ival = -1;
+	debug_return_bool(true);
+    }
+    for (pri = priorities; pri->name != NULL; pri++) {
+	if (strcmp(str, pri->name) == 0) {
+	    sd_un->ival = pri->num;
+	    debug_return_bool(true);
+	}
+    }
+    debug_return_bool(false); 	/* not found */
+}
+
+static const char *
+logpri2str(int n)
+{
+    struct strmap *pri;
+    debug_decl(logpri2str, SUDOERS_DEBUG_DEFAULTS)
+
+    for (pri = priorities; pri->name != NULL; pri++) {
+	if (pri->num == n)
+	    debug_return_const_str(pri->name);
+    }
+    debug_return_const_str("unknown");
+}
+
+static bool
+store_mode(const char *str, union sudo_defs_val *sd_un)
+{
+    mode_t mode;
+    const char *errstr;
+    debug_decl(store_mode, SUDOERS_DEBUG_DEFAULTS)
+
+    if (str == NULL) {
+	sd_un->mode = ACCESSPERMS;
+    } else {
+	mode = sudo_strtomode(str, &errstr);
+	if (errstr != NULL) {
+	    sudo_debug_printf(SUDO_DEBUG_ERROR|SUDO_DEBUG_LINENO,
+		"%s is %s", str, errstr);
+	    debug_return_bool(false);
+	}
+	sd_un->mode = mode;
+    }
+    debug_return_bool(true);
+}
+
+static bool
+store_timeout(const char *str, union sudo_defs_val *sd_un)
+{
+    debug_decl(store_mode, SUDOERS_DEBUG_DEFAULTS)
+
+    if (str == NULL) {
+	sd_un->ival = 0;
+    } else {
+	int seconds = parse_timeout(str);
+	if (seconds == -1) {
+	    sudo_debug_printf(SUDO_DEBUG_ERROR|SUDO_DEBUG_ERRNO|SUDO_DEBUG_LINENO,
+		"%s", str);
+	    debug_return_bool(false);
+	}
+	sd_un->ival = seconds;
+    }
+    debug_return_bool(true);
+}
+
+static bool
+list_op(const char *str, size_t len, union sudo_defs_val *sd_un,
+    enum list_ops op)
+{
+    struct list_member *cur, *prev = NULL;
+    debug_decl(list_op, SUDOERS_DEBUG_DEFAULTS)
+
+    if (op == freeall) {
+	while ((cur = SLIST_FIRST(&sd_un->list)) != NULL) {
+	    SLIST_REMOVE_HEAD(&sd_un->list, entries);
+	    free(cur->value);
+	    free(cur);
+	}
+	debug_return_bool(true);
+    }
+
+    SLIST_FOREACH(cur, &sd_un->list, entries) {
+	if ((strncmp(cur->value, str, len) == 0 && cur->value[len] == '\0')) {
+
+	    if (op == add)
+		debug_return_bool(true); /* already exists */
+
+	    /* Delete node */
+	    if (prev == NULL)
+		SLIST_REMOVE_HEAD(&sd_un->list, entries);
+	    else
+		SLIST_REMOVE_AFTER(prev, entries);
+	    free(cur->value);
+	    free(cur);
+	    break;
+	}
+	prev = cur;
+    }
+
+    /* Add new node to the head of the list. */
+    if (op == add) {
+	cur = calloc(1, sizeof(struct list_member));
+	if (cur == NULL || (cur->value = strndup(str, len)) == NULL) {
+	    sudo_warnx(U_("%s: %s"), __func__, U_("unable to allocate memory"));
+	    free(cur);
+	    debug_return_bool(false);
+	}
+	SLIST_INSERT_HEAD(&sd_un->list, cur, entries);
+    }
+    debug_return_bool(true);
+}
diff --git a/plugins/sudoers/defaults.h b/plugins/sudoers/defaults.h
new file mode 100644
index 0000000..4b2db16
--- /dev/null
+++ b/plugins/sudoers/defaults.h
@@ -0,0 +1,138 @@
+/*
+ * Copyright (c) 1999-2005, 2008-2018
+ *	Todd C. Miller <Todd.Miller@sudo.ws>
+ *
+ * Permission to use, copy, modify, and distribute this software for any
+ * purpose with or without fee is hereby granted, provided that the above
+ * copyright notice and this permission notice appear in all copies.
+ *
+ * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
+ * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
+ * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
+ * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
+ * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
+ * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
+ * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
+ *
+ * Sponsored in part by the Defense Advanced Research Projects
+ * Agency (DARPA) and Air Force Research Laboratory, Air Force
+ * Materiel Command, USAF, under agreement number F39502-99-1-0512.
+ */
+
+#ifndef SUDOERS_DEFAULTS_H
+#define SUDOERS_DEFAULTS_H
+
+#include <time.h>
+#include <def_data.h>
+
+struct list_member {
+    SLIST_ENTRY(list_member) entries;
+    char *value;
+};
+
+SLIST_HEAD(list_members, list_member);
+
+enum list_ops {
+    add,
+    delete,
+    freeall
+};
+
+/* Mapping of tuple string value to enum def_tuple. */
+struct def_values {
+    char *sval;		/* string value */
+    enum def_tuple nval;/* numeric value */
+};
+
+union sudo_defs_val {
+    int flag;
+    int ival;
+    unsigned int uival;
+    enum def_tuple tuple;
+    char *str;
+    mode_t mode;
+    struct timespec tspec;
+    struct list_members list;
+};
+
+/*
+ * Structure describing compile-time and run-time options.
+ */
+struct sudo_defs_types {
+    char *name;
+    int type;
+    char *desc;
+    struct def_values *values;
+    bool (*callback)(const union sudo_defs_val *);
+    union sudo_defs_val sd_un;
+};
+
+/*
+ * Defaults values to apply before others.
+ */
+struct early_default {
+    short idx;
+    short run_callback;
+};
+
+/*
+ * Four types of defaults: strings, integers, and flags.
+ * Also, T_INT, T_TIMESPEC or T_STR may be ANDed with T_BOOL to indicate that
+ * a value is not required.  Flags are boolean by nature...
+ */
+#undef T_INT
+#define T_INT		0x001
+#undef T_UINT
+#define T_UINT		0x002
+#undef T_STR
+#define T_STR		0x003
+#undef T_FLAG
+#define T_FLAG		0x004
+#undef T_MODE
+#define T_MODE		0x005
+#undef T_LIST
+#define T_LIST		0x006
+#undef T_LOGFAC
+#define T_LOGFAC	0x007
+#undef T_LOGPRI
+#define T_LOGPRI	0x008
+#undef T_TUPLE
+#define T_TUPLE		0x009
+#undef T_TIMESPEC
+#define T_TIMESPEC	0x010
+#undef T_TIMEOUT
+#define T_TIMEOUT	0x020
+#undef T_MASK
+#define T_MASK		0x0FF
+#undef T_BOOL
+#define T_BOOL		0x100
+#undef T_PATH
+#define T_PATH		0x200
+
+/*
+ * Argument to update_defaults()
+ */
+#define SETDEF_GENERIC	0x01
+#define	SETDEF_HOST	0x02
+#define	SETDEF_USER	0x04
+#define	SETDEF_RUNAS	0x08
+#define	SETDEF_CMND	0x10
+#define SETDEF_ALL	(SETDEF_GENERIC|SETDEF_HOST|SETDEF_USER|SETDEF_RUNAS|SETDEF_CMND)
+
+/*
+ * Prototypes
+ */
+struct defaults_list;
+struct sudoers_parse_tree;
+void dump_default(void);
+bool init_defaults(void);
+struct early_default *is_early_default(const char *name);
+bool run_early_defaults(void);
+bool set_early_default(const char *var, const char *val, int op, const char *file, int lineno, bool quiet, struct early_default *early);
+bool set_default(const char *var, const char *val, int op, const char *file, int lineno, bool quiet);
+bool update_defaults(struct sudoers_parse_tree *parse_tree, struct defaults_list *defs, int what, bool quiet);
+bool check_defaults(struct sudoers_parse_tree *parse_tree, bool quiet);
+
+extern struct sudo_defs_types sudo_defs_table[];
+
+#endif /* SUDOERS_DEFAULTS_H */
diff --git a/plugins/sudoers/digestname.c b/plugins/sudoers/digestname.c
new file mode 100644
index 0000000..a078ede
--- /dev/null
+++ b/plugins/sudoers/digestname.c
@@ -0,0 +1,56 @@
+/*
+ * Copyright (c) 2017 Todd C. Miller <Todd.Miller@sudo.ws>
+ *
+ * Permission to use, copy, modify, and distribute this software for any
+ * purpose with or without fee is hereby granted, provided that the above
+ * copyright notice and this permission notice appear in all copies.
+ *
+ * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
+ * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
+ * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
+ * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
+ * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
+ * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
+ * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
+ */
+
+/*
+ * This is an open source non-commercial project. Dear PVS-Studio, please check it.
+ * PVS-Studio Static Code Analyzer for C, C++ and C#: http://www.viva64.com
+ */
+
+#include <config.h>
+
+#include <sys/types.h>
+#include <stdio.h>
+
+#include "sudo_compat.h"
+#include "sudo_digest.h"
+#include "sudoers_debug.h"
+#include "parse.h"
+
+const char *
+digest_type_to_name(int digest_type)
+{
+    const char *digest_name;
+    debug_decl(digest_type_to_name, SUDOERS_DEBUG_UTIL)
+
+    switch (digest_type) {
+    case SUDO_DIGEST_SHA224:
+	digest_name = "sha224";
+	break;
+    case SUDO_DIGEST_SHA256:
+	digest_name = "sha256";
+	break;
+    case SUDO_DIGEST_SHA384:
+	digest_name = "sha384";
+	break;
+    case SUDO_DIGEST_SHA512:
+	digest_name = "sha512";
+	break;
+    default:
+	digest_name = "unknown digest";
+	break;
+    }
+    debug_return_const_str(digest_name);
+}
diff --git a/plugins/sudoers/editor.c b/plugins/sudoers/editor.c
new file mode 100644
index 0000000..ec8e7b0
--- /dev/null
+++ b/plugins/sudoers/editor.c
@@ -0,0 +1,179 @@
+/*
+ * Copyright (c) 2010-2015 Todd C. Miller <Todd.Miller@sudo.ws>
+ *
+ * Permission to use, copy, modify, and distribute this software for any
+ * purpose with or without fee is hereby granted, provided that the above
+ * copyright notice and this permission notice appear in all copies.
+ *
+ * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
+ * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
+ * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
+ * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
+ * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
+ * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
+ * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
+ */
+
+/*
+ * This is an open source non-commercial project. Dear PVS-Studio, please check it.
+ * PVS-Studio Static Code Analyzer for C, C++ and C#: http://www.viva64.com
+ */
+
+#include <config.h>
+
+#include <sys/types.h>
+#include <sys/stat.h>
+#include <stdio.h>
+#include <stdlib.h>
+#ifdef HAVE_STRING_H
+# include <string.h>
+#endif /* HAVE_STRING_H */
+#ifdef HAVE_STRINGS_H
+# include <strings.h>
+#endif /* HAVE_STRINGS_H */
+#include <unistd.h>
+#include <errno.h>
+
+#include "sudoers.h"
+
+/*
+ * Search for the specified editor in the user's PATH, checking
+ * the result against whitelist if non-NULL.  An argument vector
+ * suitable for execve() is allocated and stored in argv_out.
+ * If nfiles is non-zero, files[] is added to the end of argv_out.
+ *
+ * Returns the path to be executed on success, else NULL.
+ * The caller is responsible for freeing the returned editor path
+ * as well as the argument vector.
+ */
+static char *
+resolve_editor(const char *ed, size_t edlen, int nfiles, char **files,
+    int *argc_out, char ***argv_out, char * const *whitelist)
+{
+    char **nargv, *editor, *editor_path = NULL;
+    const char *cp, *ep, *tmp;
+    const char *edend = ed + edlen;
+    struct stat user_editor_sb;
+    int nargc;
+    debug_decl(resolve_editor, SUDOERS_DEBUG_UTIL)
+
+    /*
+     * Split editor into an argument vector, including files to edit.
+     * The EDITOR and VISUAL environment variables may contain command
+     * line args so look for those and alloc space for them too.
+     */
+    cp = sudo_strsplit(ed, edend, " \t", &ep);
+    if (cp == NULL)
+	debug_return_str(NULL);
+    editor = strndup(cp, (size_t)(ep - cp));
+    if (editor == NULL) {
+	sudo_warnx(U_("%s: %s"), __func__, U_("unable to allocate memory"));
+	debug_return_str(NULL);
+    }
+
+    /* If we can't find the editor in the user's PATH, give up. */
+    if (find_path(editor, &editor_path, &user_editor_sb, getenv("PATH"), 0, whitelist) != FOUND) {
+	free(editor);
+	errno = ENOENT;
+	debug_return_str(NULL);
+    }
+
+    /* Count rest of arguments and allocate editor argv. */
+    for (nargc = 1, tmp = ep; sudo_strsplit(NULL, edend, " \t", &tmp) != NULL; )
+	nargc++;
+    if (nfiles != 0)
+	nargc += nfiles + 1;
+    nargv = reallocarray(NULL, nargc + 1, sizeof(char *));
+    if (nargv == NULL) {
+	sudo_warnx(U_("%s: %s"), __func__, U_("unable to allocate memory"));
+	free(editor);
+	free(editor_path);
+	debug_return_str(NULL);
+    }
+
+    /* Fill in editor argv (assumes files[] is NULL-terminated). */
+    nargv[0] = editor;
+    for (nargc = 1; (cp = sudo_strsplit(NULL, edend, " \t", &ep)) != NULL; nargc++) {
+	nargv[nargc] = strndup(cp, (size_t)(ep - cp));
+	if (nargv[nargc] == NULL) {
+	    sudo_warnx(U_("%s: %s"), __func__, U_("unable to allocate memory"));
+	    free(editor_path);
+	    while (nargc--)
+		free(nargv[nargc]);
+	    free(nargv);
+	    debug_return_str(NULL);
+	}
+    }
+    if (nfiles != 0) {
+	nargv[nargc++] = "--";
+	while (nfiles--)
+	    nargv[nargc++] = *files++;
+    }
+    nargv[nargc] = NULL;
+
+    *argc_out = nargc;
+    *argv_out = nargv;
+    debug_return_str(editor_path);
+}
+
+/*
+ * Determine which editor to use based on the SUDO_EDITOR, VISUAL and
+ * EDITOR environment variables as well as the editor path in sudoers.
+ * If env_error is true, an editor environment variable that cannot be
+ * resolved is an error.
+ *
+ * Returns the path to be executed on success, else NULL.
+ * The caller is responsible for freeing the returned editor path
+ * as well as the argument vector.
+ */
+char *
+find_editor(int nfiles, char **files, int *argc_out, char ***argv_out,
+     char * const *whitelist, const char **env_editor, bool env_error)
+{
+    char *ev[3], *editor_path = NULL;
+    unsigned int i;
+    debug_decl(find_editor, SUDOERS_DEBUG_UTIL)
+
+    /*
+     * If any of SUDO_EDITOR, VISUAL or EDITOR are set, choose the first one.
+     */
+    *env_editor = NULL;
+    ev[0] = "SUDO_EDITOR";
+    ev[1] = "VISUAL";
+    ev[2] = "EDITOR";
+    for (i = 0; i < nitems(ev); i++) {
+	char *editor = getenv(ev[i]);
+
+	if (editor != NULL && *editor != '\0') {
+	    *env_editor = editor;
+	    editor_path = resolve_editor(editor, strlen(editor),
+		nfiles, files, argc_out, argv_out, whitelist);
+	    if (editor_path != NULL)
+		break;
+	    if (errno != ENOENT)
+		debug_return_str(NULL);
+	}
+    }
+    if (editor_path == NULL) {
+	const char *def_editor_end = def_editor + strlen(def_editor);
+	const char *cp, *ep;
+
+	if (env_error && *env_editor != NULL) {
+	    /* User-specified editor could not be found. */
+	    debug_return_str(NULL);
+	}
+
+	/* def_editor could be a path, split it up, avoiding strtok() */
+	for (cp = sudo_strsplit(def_editor, def_editor_end, ":", &ep);
+	    cp != NULL; cp = sudo_strsplit(NULL, def_editor_end, ":", &ep)) {
+	    editor_path = resolve_editor(cp, (size_t)(ep - cp), nfiles,
+		files, argc_out, argv_out, whitelist);
+	    if (editor_path != NULL)
+		break;
+	    if (errno != ENOENT)
+		debug_return_str(NULL);
+	}
+    }
+
+    debug_return_str(editor_path);
+}
diff --git a/plugins/sudoers/env.c b/plugins/sudoers/env.c
new file mode 100644
index 0000000..0aee73f
--- /dev/null
+++ b/plugins/sudoers/env.c
@@ -0,0 +1,1389 @@
+/*
+ * Copyright (c) 2000-2005, 2007-2018
+ *	Todd C. Miller <Todd.Miller@sudo.ws>
+ *
+ * Permission to use, copy, modify, and distribute this software for any
+ * purpose with or without fee is hereby granted, provided that the above
+ * copyright notice and this permission notice appear in all copies.
+ *
+ * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
+ * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
+ * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
+ * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
+ * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
+ * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
+ * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
+ *
+ * Sponsored in part by the Defense Advanced Research Projects
+ * Agency (DARPA) and Air Force Research Laboratory, Air Force
+ * Materiel Command, USAF, under agreement number F39502-99-1-0512.
+ */
+
+/*
+ * This is an open source non-commercial project. Dear PVS-Studio, please check it.
+ * PVS-Studio Static Code Analyzer for C, C++ and C#: http://www.viva64.com
+ */
+
+#include <config.h>
+
+#include <sys/types.h>
+#include <sys/stat.h>
+#include <stdio.h>
+#include <stdlib.h>
+#ifdef HAVE_STRING_H
+# include <string.h>
+#endif /* HAVE_STRING_H */
+#ifdef HAVE_STRINGS_H
+# include <strings.h>
+#endif /* HAVE_STRINGS_H */
+#include <unistd.h>
+#if defined(HAVE_STDINT_H)
+# include <stdint.h>
+#elif defined(HAVE_INTTYPES_H)
+# include <inttypes.h>
+#endif
+#ifdef HAVE_LOGIN_CAP_H
+# include <login_cap.h>
+# ifndef LOGIN_SETENV
+#  define LOGIN_SETENV	0
+# endif
+#endif /* HAVE_LOGIN_CAP_H */
+#include <ctype.h>
+#include <errno.h>
+#include <limits.h>
+#include <pwd.h>
+
+#include "sudoers.h"
+
+/*
+ * Flags used in rebuild_env()
+ */
+#undef DID_TERM
+#define DID_TERM	0x00000001
+#undef DID_PATH
+#define DID_PATH	0x00000002
+#undef DID_HOME
+#define DID_HOME	0x00000004
+#undef DID_SHELL
+#define DID_SHELL	0x00000008
+#undef DID_LOGNAME
+#define DID_LOGNAME	0x00000010
+#undef DID_USER
+#define DID_USER    	0x00000020
+#undef DID_LOGIN
+#define DID_LOGIN   	0x00000040
+#undef DID_MAIL
+#define DID_MAIL   	0x00000080
+#undef DID_MAX
+#define DID_MAX    	0x0000ffff
+
+#undef KEPT_TERM
+#define KEPT_TERM	0x00010000
+#undef KEPT_PATH
+#define KEPT_PATH	0x00020000
+#undef KEPT_HOME
+#define KEPT_HOME	0x00040000
+#undef KEPT_SHELL
+#define KEPT_SHELL	0x00080000
+#undef KEPT_LOGNAME
+#define KEPT_LOGNAME	0x00100000
+#undef KEPT_USER
+#define KEPT_USER    	0x00200000
+#undef KEPT_LOGIN
+#define KEPT_LOGIN	0x00400000
+#undef KEPT_MAIL
+#define KEPT_MAIL	0x00800000
+#undef KEPT_MAX
+#define KEPT_MAX    	0xffff0000
+
+/*
+ * AIX sets the LOGIN environment variable too.
+ */
+#ifdef _AIX
+# define KEPT_USER_VARIABLES (KEPT_LOGIN|KEPT_LOGNAME|KEPT_USER)
+#else
+# define KEPT_USER_VARIABLES (KEPT_LOGNAME|KEPT_USER)
+#endif
+
+struct environment {
+    char **envp;		/* pointer to the new environment */
+    char **old_envp;		/* pointer the old environment we allocated */
+    size_t env_size;		/* size of new_environ in char **'s */
+    size_t env_len;		/* number of slots used, not counting NULL */
+};
+
+/*
+ * Copy of the sudo-managed environment.
+ */
+static struct environment env;
+
+/*
+ * Default table of "bad" variables to remove from the environment.
+ * XXX - how to omit TERMCAP if it starts with '/'?
+ */
+static const char *initial_badenv_table[] = {
+    "IFS",
+    "CDPATH",
+    "LOCALDOMAIN",
+    "RES_OPTIONS",
+    "HOSTALIASES",
+    "NLSPATH",
+    "PATH_LOCALE",
+    "LD_*",
+    "_RLD*",
+#ifdef __hpux
+    "SHLIB_PATH",
+#endif /* __hpux */
+#ifdef _AIX
+    "LDR_*",
+    "LIBPATH",
+    "AUTHSTATE",
+#endif
+#ifdef __APPLE__
+    "DYLD_*",
+#endif
+#ifdef HAVE_KERB5
+    "KRB5_CONFIG*",
+    "KRB5_KTNAME",
+#endif /* HAVE_KERB5 */
+#ifdef HAVE_SECURID
+    "VAR_ACE",
+    "USR_ACE",
+    "DLC_ACE",
+#endif /* HAVE_SECURID */
+    "TERMINFO",			/* terminfo, exclusive path to terminfo files */
+    "TERMINFO_DIRS",		/* terminfo, path(s) to terminfo files */
+    "TERMPATH",			/* termcap, path(s) to termcap files */
+    "TERMCAP",			/* XXX - only if it starts with '/' */
+    "ENV",			/* ksh, file to source before script runs */
+    "BASH_ENV",			/* bash, file to source before script runs */
+    "PS4",			/* bash, prefix for lines in xtrace mode */
+    "GLOBIGNORE",		/* bash, globbing patterns to ignore */
+    "BASHOPTS",			/* bash, initial "shopt -s" options */
+    "SHELLOPTS",		/* bash, initial "set -o" options */
+    "JAVA_TOOL_OPTIONS",	/* java, extra command line options */
+    "PERLIO_DEBUG ",		/* perl, debugging output file */
+    "PERLLIB",			/* perl, search path for modules/includes */
+    "PERL5LIB",			/* perl 5, search path for modules/includes */
+    "PERL5OPT",			/* perl 5, extra command line options */
+    "PERL5DB",			/* perl 5, command used to load debugger */
+    "FPATH",			/* ksh, search path for functions */
+    "NULLCMD",			/* zsh, command for null file redirection */
+    "READNULLCMD",		/* zsh, command for null file redirection */
+    "ZDOTDIR",			/* zsh, search path for dot files */
+    "TMPPREFIX",		/* zsh, prefix for temporary files */
+    "PYTHONHOME",		/* python, module search path */
+    "PYTHONPATH",		/* python, search path */
+    "PYTHONINSPECT",		/* python, allow inspection */
+    "PYTHONUSERBASE",		/* python, per user site-packages directory */
+    "RUBYLIB",			/* ruby, library load path */
+    "RUBYOPT",			/* ruby, extra command line options */
+    "*=()*",			/* bash functions */
+    NULL
+};
+
+/*
+ * Default table of variables to check for '%' and '/' characters.
+ */
+static const char *initial_checkenv_table[] = {
+    "COLORTERM",
+    "LANG",
+    "LANGUAGE",
+    "LC_*",
+    "LINGUAS",
+    "TERM",
+    "TZ",
+    NULL
+};
+
+/*
+ * Default table of variables to preserve in the environment.
+ */
+static const char *initial_keepenv_table[] = {
+    "COLORS",
+    "DISPLAY",
+    "HOSTNAME",
+    "KRB5CCNAME",
+    "LS_COLORS",
+    "PATH",
+    "PS1",
+    "PS2",
+    "XAUTHORITY",
+    "XAUTHORIZATION",
+    NULL
+};
+
+/*
+ * Initialize env based on envp.
+ */
+bool
+env_init(char * const envp[])
+{
+    char * const *ep;
+    size_t len;
+    debug_decl(env_init, SUDOERS_DEBUG_ENV)
+
+    if (envp == NULL) {
+	/* Free the old envp we allocated, if any. */
+	free(env.old_envp);
+
+	/* Reset to initial state but keep a pointer to what we allocated. */
+	env.old_envp = env.envp;
+	env.envp = NULL;
+	env.env_size = 0;
+	env.env_len = 0;
+    } else {
+	/* Make private copy of envp. */
+	for (ep = envp; *ep != NULL; ep++)
+	    continue;
+	len = (size_t)(ep - envp);
+
+	env.env_len = len;
+	env.env_size = len + 1 + 128;
+	env.envp = reallocarray(NULL, env.env_size, sizeof(char *));
+	if (env.envp == NULL) {
+	    env.env_size = 0;
+	    env.env_len = 0;
+	    sudo_warnx(U_("%s: %s"), __func__, U_("unable to allocate memory"));
+	    debug_return_bool(false);
+	}
+#ifdef ENV_DEBUG
+	memset(env.envp, 0, env.env_size * sizeof(char *));
+#endif
+	memcpy(env.envp, envp, len * sizeof(char *));
+	env.envp[len] = NULL;
+
+	/* Free the old envp we allocated, if any. */
+	free(env.old_envp);
+	env.old_envp = NULL;
+    }
+
+    debug_return_bool(true);
+}
+
+/*
+ * Getter for private copy of the environment.
+ */
+char **
+env_get(void)
+{
+    return env.envp;
+}
+
+/*
+ * Swap the old and new copies of the environment.
+ */
+bool
+env_swap_old(void)
+{
+    char **old_envp;
+
+    if (env.old_envp == NULL)
+	return false;
+    old_envp = env.old_envp;
+    env.old_envp = env.envp;
+    env.envp = old_envp;
+    return true;
+}
+
+/*
+ * Similar to putenv(3) but operates on sudo's private copy of the
+ * environment (not environ) and it always overwrites.  The dupcheck param
+ * determines whether we need to verify that the variable is not already set.
+ * Will only overwrite an existing variable if overwrite is set.
+ * Does not include warnings or debugging to avoid recursive calls.
+ */
+static int
+sudo_putenv_nodebug(char *str, bool dupcheck, bool overwrite)
+{
+    char **ep;
+    size_t len;
+    bool found = false;
+
+    /* Make sure there is room for the new entry plus a NULL. */
+    if (env.env_size > 2 && env.env_len > env.env_size - 2) {
+	char **nenvp;
+	size_t nsize;
+
+	if (env.env_size > SIZE_MAX - 128) {
+	    sudo_warnx_nodebug(U_("internal error, %s overflow"),
+		"sudo_putenv_nodebug");
+	    errno = EOVERFLOW;
+	    return -1;
+	}
+	nsize = env.env_size + 128;
+	if (nsize > SIZE_MAX / sizeof(char *)) {
+	    sudo_warnx_nodebug(U_("internal error, %s overflow"),
+		"sudo_putenv_nodebug");
+	    errno = EOVERFLOW;
+	    return -1;
+	}
+	nenvp = reallocarray(env.envp, nsize, sizeof(char *));
+	if (nenvp == NULL)
+	    return -1;
+	env.envp = nenvp;
+	env.env_size = nsize;
+#ifdef ENV_DEBUG
+	memset(env.envp + env.env_len, 0,
+	    (env.env_size - env.env_len) * sizeof(char *));
+#endif
+    }
+
+#ifdef ENV_DEBUG
+    if (env.envp[env.env_len] != NULL) {
+	errno = EINVAL;
+	return -1;
+    }
+#endif
+
+    if (dupcheck) {
+	len = (strchr(str, '=') - str) + 1;
+	for (ep = env.envp; *ep != NULL; ep++) {
+	    if (strncmp(str, *ep, len) == 0) {
+		if (overwrite)
+		    *ep = str;
+		found = true;
+		break;
+	    }
+	}
+	/* Prune out extra instances of the variable we just overwrote. */
+	if (found && overwrite) {
+	    while (*++ep != NULL) {
+		if (strncmp(str, *ep, len) == 0) {
+		    char **cur = ep;
+		    while ((*cur = *(cur + 1)) != NULL)
+			cur++;
+		    ep--;
+		}
+	    }
+	    env.env_len = ep - env.envp;
+	}
+    }
+
+    if (!found) {
+	ep = env.envp + env.env_len;
+	env.env_len++;
+	*ep++ = str;
+	*ep = NULL;
+    }
+    return 0;
+}
+
+/*
+ * Similar to putenv(3) but operates on sudo's private copy of the
+ * environment (not environ) and it always overwrites.  The dupcheck param
+ * determines whether we need to verify that the variable is not already set.
+ * Will only overwrite an existing variable if overwrite is set.
+ */
+static int
+sudo_putenv(char *str, bool dupcheck, bool overwrite)
+{
+    int ret;
+    debug_decl(sudo_putenv, SUDOERS_DEBUG_ENV)
+
+    sudo_debug_printf(SUDO_DEBUG_INFO, "sudo_putenv: %s", str);
+
+    ret = sudo_putenv_nodebug(str, dupcheck, overwrite);
+    if (ret == -1) {
+#ifdef ENV_DEBUG
+	if (env.envp[env.env_len] != NULL)
+	    sudo_warnx(U_("sudo_putenv: corrupted envp, length mismatch"));
+#endif
+    }
+    debug_return_int(ret);
+}
+
+/*
+ * Similar to setenv(3) but operates on a private copy of the environment.
+ * The dupcheck param determines whether we need to verify that the variable
+ * is not already set.
+ */
+static int
+sudo_setenv2(const char *var, const char *val, bool dupcheck, bool overwrite)
+{
+    char *estring;
+    size_t esize;
+    int ret = -1;
+    debug_decl(sudo_setenv2, SUDOERS_DEBUG_ENV)
+
+    esize = strlen(var) + 1 + strlen(val) + 1;
+    if ((estring = malloc(esize)) == NULL) {
+	sudo_debug_printf(SUDO_DEBUG_ERROR|SUDO_DEBUG_LINENO,
+	    "unable to allocate memory");
+	debug_return_int(-1);
+    }
+
+    /* Build environment string and insert it. */
+    if (strlcpy(estring, var, esize) >= esize ||
+	strlcat(estring, "=", esize) >= esize ||
+	strlcat(estring, val, esize) >= esize) {
+
+	sudo_warnx(U_("internal error, %s overflow"), __func__);
+	errno = EOVERFLOW;
+    } else {
+	ret = sudo_putenv(estring, dupcheck, overwrite);
+    }
+    if (ret == -1)
+	free(estring);
+    else
+	sudoers_gc_add(GC_PTR, estring);
+    debug_return_int(ret);
+}
+
+/*
+ * Similar to setenv(3) but operates on a private copy of the environment.
+ */
+int
+sudo_setenv(const char *var, const char *val, int overwrite)
+{
+    return sudo_setenv2(var, val, true, (bool)overwrite);
+}
+
+/*
+ * Similar to setenv(3) but operates on a private copy of the environment.
+ * Does not include warnings or debugging to avoid recursive calls.
+ */
+static int
+sudo_setenv_nodebug(const char *var, const char *val, int overwrite)
+{
+    char *ep, *estring = NULL;
+    const char *cp;
+    size_t esize;
+    int ret = -1;
+
+    if (var == NULL || *var == '\0') {
+	errno = EINVAL;
+	goto done;
+    }
+
+    /*
+     * POSIX says a var name with '=' is an error but BSD
+     * just ignores the '=' and anything after it.
+     */
+    for (cp = var; *cp && *cp != '='; cp++)
+	continue;
+    esize = (size_t)(cp - var) + 2;
+    if (val) {
+	esize += strlen(val);	/* glibc treats a NULL val as "" */
+    }
+
+    /* Allocate and fill in estring. */
+    if ((estring = ep = malloc(esize)) == NULL)
+	goto done;
+    for (cp = var; *cp && *cp != '='; cp++)
+	*ep++ = *cp;
+    *ep++ = '=';
+    if (val) {
+	for (cp = val; *cp; cp++)
+	    *ep++ = *cp;
+    }
+    *ep = '\0';
+
+    ret = sudo_putenv_nodebug(estring, true, overwrite);
+done:
+    if (ret == -1)
+	free(estring);
+    else
+	sudoers_gc_add(GC_PTR, estring);
+    return ret;
+}
+
+/*
+ * Similar to unsetenv(3) but operates on a private copy of the environment.
+ * Does not include warnings or debugging to avoid recursive calls.
+ */
+static int
+sudo_unsetenv_nodebug(const char *var)
+{
+    char **ep = env.envp;
+    size_t len;
+
+    if (ep == NULL || var == NULL || *var == '\0' || strchr(var, '=') != NULL) {
+	errno = EINVAL;
+	return -1;
+    }
+
+    len = strlen(var);
+    while (*ep != NULL) {
+	if (strncmp(var, *ep, len) == 0 && (*ep)[len] == '=') {
+	    /* Found it; shift remainder + NULL over by one. */
+	    char **cur = ep;
+	    while ((*cur = *(cur + 1)) != NULL)
+		cur++;
+	    env.env_len--;
+	    /* Keep going, could be multiple instances of the var. */
+	} else {
+	    ep++;
+	}
+    }
+    return 0;
+}
+
+/*
+ * Similar to unsetenv(3) but operates on a private copy of the environment.
+ */
+int
+sudo_unsetenv(const char *name)
+{
+    int ret;
+    debug_decl(sudo_unsetenv, SUDOERS_DEBUG_ENV)
+
+    sudo_debug_printf(SUDO_DEBUG_INFO, "sudo_unsetenv: %s", name);
+
+    ret = sudo_unsetenv_nodebug(name);
+
+    debug_return_int(ret);
+}
+
+/*
+ * Similar to getenv(3) but operates on a private copy of the environment.
+ * Does not include warnings or debugging to avoid recursive calls.
+ */
+static char *
+sudo_getenv_nodebug(const char *name)
+{
+    char **ep, *val = NULL;
+    size_t namelen = 0;
+
+    if (env.env_len != 0) {
+	/* For BSD compatibility, treat '=' in name like end of string. */
+	while (name[namelen] != '\0' && name[namelen] != '=')
+	    namelen++;
+	for (ep = env.envp; *ep != NULL; ep++) {
+	    if (strncmp(*ep, name, namelen) == 0 && (*ep)[namelen] == '=') {
+		val = *ep + namelen + 1;
+		break;
+	    }
+	}
+    }
+    return val;
+}
+
+/*
+ * Similar to getenv(3) but operates on a private copy of the environment.
+ */
+char *
+sudo_getenv(const char *name)
+{
+    char *val;
+    debug_decl(sudo_getenv, SUDOERS_DEBUG_ENV)
+
+    sudo_debug_printf(SUDO_DEBUG_INFO, "sudo_getenv: %s", name);
+
+    val = sudo_getenv_nodebug(name);
+
+    debug_return_str(val);
+}
+
+/*
+ * Check for var against patterns in the specified environment list.
+ * Returns true if the variable was found, else false.
+ */
+static bool
+matches_env_list(const char *var, struct list_members *list, bool *full_match)
+{
+    struct list_member *cur;
+    bool is_logname = false;
+    debug_decl(matches_env_list, SUDOERS_DEBUG_ENV)
+
+    switch (*var) {
+    case 'L':
+	if (strncmp(var, "LOGNAME=", 8) == 0)
+	    is_logname = true;
+#ifdef _AIX
+	else if (strncmp(var, "LOGIN=", 6) == 0)
+	    is_logname = true;
+#endif
+	break;
+    case 'U':
+	if (strncmp(var, "USER=", 5) == 0)
+	    is_logname = true;
+	break;
+    }
+
+    if (is_logname) {
+	/*
+	 * We treat LOGIN, LOGNAME and USER specially.
+	 * If one is preserved/deleted we want to preserve/delete them all.
+	 */
+	SLIST_FOREACH(cur, list, entries) {
+	    if (matches_env_pattern(cur->value, "LOGNAME", full_match) ||
+#ifdef _AIX
+		matches_env_pattern(cur->value, "LOGIN", full_match) ||
+#endif
+		matches_env_pattern(cur->value, "USER", full_match))
+		debug_return_bool(true);
+	}
+    } else {
+	SLIST_FOREACH(cur, list, entries) {
+	    if (matches_env_pattern(cur->value, var, full_match))
+		debug_return_bool(true);
+	}
+    }
+    debug_return_bool(false);
+}
+
+/*
+ * Check the env_delete blacklist.
+ * Returns true if the variable was found, else false.
+ */
+static bool
+matches_env_delete(const char *var)
+{
+    bool full_match;	/* unused */
+    debug_decl(matches_env_delete, SUDOERS_DEBUG_ENV)
+
+    /* Skip anything listed in env_delete. */
+    debug_return_bool(matches_env_list(var, &def_env_delete, &full_match));
+}
+
+/*
+ * Sanity-check the TZ environment variable.
+ * On many systems it is possible to set this to a pathname.
+ */
+static bool
+tz_is_sane(const char *tzval)
+{
+    const char *cp;
+    char lastch;
+    debug_decl(tz_is_sane, SUDOERS_DEBUG_ENV)
+
+    /* tzcode treats a value beginning with a ':' as a path. */
+    if (tzval[0] == ':')
+	tzval++;
+
+    /* Reject fully-qualified TZ that doesn't being with the zoneinfo dir. */
+    if (tzval[0] == '/') {
+#ifdef _PATH_ZONEINFO
+	if (strncmp(tzval, _PATH_ZONEINFO, sizeof(_PATH_ZONEINFO) - 1) != 0 ||
+	    tzval[sizeof(_PATH_ZONEINFO) - 1] != '/')
+	    debug_return_bool(false);
+#else
+	/* Assume the worst. */
+	debug_return_bool(false);
+#endif
+    }
+
+    /*
+     * Make sure TZ only contains printable non-space characters
+     * and does not contain a '..' path element.
+     */
+    lastch = '/';
+    for (cp = tzval; *cp != '\0'; cp++) {
+	if (isspace((unsigned char)*cp) || !isprint((unsigned char)*cp))
+	    debug_return_bool(false);
+	if (lastch == '/' && cp[0] == '.' && cp[1] == '.' &&
+	    (cp[2] == '/' || cp[2] == '\0'))
+	    debug_return_bool(false);
+	lastch = *cp;
+    }
+
+    /* Reject extra long TZ values (even if not a path). */
+    if ((size_t)(cp - tzval) >= PATH_MAX)
+	debug_return_bool(false);
+
+    debug_return_bool(true);
+}
+
+/*
+ * Apply the env_check list.
+ * Returns true if the variable is allowed, false if denied
+ * or -1 if no match.
+ */
+static int
+matches_env_check(const char *var, bool *full_match)
+{
+    int keepit = -1;
+    debug_decl(matches_env_check, SUDOERS_DEBUG_ENV)
+
+    /* Skip anything listed in env_check that includes '/' or '%'. */
+    if (matches_env_list(var, &def_env_check, full_match)) {
+	if (strncmp(var, "TZ=", 3) == 0) {
+	    /* Special case for TZ */
+	    keepit = tz_is_sane(var + 3);
+	} else {
+	    const char *val = strchr(var, '=');
+	    if (val != NULL)
+		keepit = !strpbrk(++val, "/%");
+	}
+    }
+    debug_return_int(keepit);
+}
+
+/*
+ * Check the env_keep list.
+ * Returns true if the variable is allowed else false.
+ */
+static bool
+matches_env_keep(const char *var, bool *full_match)
+{
+    bool keepit = false;
+    debug_decl(matches_env_keep, SUDOERS_DEBUG_ENV)
+
+    /* Preserve SHELL variable for "sudo -s". */
+    if (ISSET(sudo_mode, MODE_SHELL) && strncmp(var, "SHELL=", 6) == 0) {
+	keepit = true;
+    } else if (matches_env_list(var, &def_env_keep, full_match)) {
+	keepit = true;
+    }
+    debug_return_bool(keepit);
+}
+
+/*
+ * Look up var in the env_delete and env_check.
+ * Returns true if we should delete the variable, else false.
+ */
+static bool
+env_should_delete(const char *var)
+{
+    int delete_it;
+    bool full_match = false;
+    debug_decl(env_should_delete, SUDOERS_DEBUG_ENV);
+
+    delete_it = matches_env_delete(var);
+    if (!delete_it)
+	delete_it = matches_env_check(var, &full_match) == false;
+
+    sudo_debug_printf(SUDO_DEBUG_INFO, "delete %s: %s",
+	var, delete_it ? "YES" : "NO");
+    debug_return_bool(delete_it);
+}
+
+/*
+ * Lookup var in the env_check and env_keep lists.
+ * Returns true if the variable is allowed else false.
+ */
+static bool
+env_should_keep(const char *var)
+{
+    int keepit;
+    bool full_match = false;
+    const char *cp;
+    debug_decl(env_should_keep, SUDOERS_DEBUG_ENV)
+
+    keepit = matches_env_check(var, &full_match);
+    if (keepit == -1)
+	keepit = matches_env_keep(var, &full_match);
+
+    /* Skip bash functions unless we matched on the value as well as name. */
+    if (keepit && !full_match) {
+	if ((cp = strchr(var, '=')) != NULL) {
+	    if (strncmp(cp, "=() ", 4) == 0)
+		keepit = false;
+	}
+    }
+    sudo_debug_printf(SUDO_DEBUG_INFO, "keep %s: %s",
+	var, keepit == true ? "YES" : "NO");
+    debug_return_bool(keepit == true);
+}
+
+#ifdef HAVE_PAM
+/*
+ * Merge another environment with our private copy.
+ * Only overwrite an existing variable if it is not
+ * being preserved from the user's environment.
+ * Returns true on success or false on failure.
+ */
+bool
+env_merge(char * const envp[])
+{
+    char * const *ep;
+    bool ret = true;
+    debug_decl(env_merge, SUDOERS_DEBUG_ENV)
+
+    for (ep = envp; *ep != NULL; ep++) {
+	/* XXX - avoid checking value here, should only check name */
+	bool overwrite = def_env_reset ? !env_should_keep(*ep) : env_should_delete(*ep);
+	if (sudo_putenv(*ep, true, overwrite) == -1) {
+	    /* XXX cannot undo on failure */
+	    ret = false;
+	    break;
+	}
+    }
+    debug_return_bool(ret);
+}
+#endif /* HAVE_PAM */
+
+static void
+env_update_didvar(const char *ep, unsigned int *didvar)
+{
+    switch (*ep) {
+	case 'H':
+	    if (strncmp(ep, "HOME=", 5) == 0)
+		SET(*didvar, DID_HOME);
+	    break;
+	case 'L':
+#ifdef _AIX
+	    if (strncmp(ep, "LOGIN=", 8) == 0)
+		SET(*didvar, DID_LOGIN);
+#endif
+	    if (strncmp(ep, "LOGNAME=", 8) == 0)
+		SET(*didvar, DID_LOGNAME);
+	    break;
+	case 'M':
+	    if (strncmp(ep, "MAIL=", 5) == 0)
+		SET(*didvar, DID_MAIL);
+	    break;
+	case 'P':
+	    if (strncmp(ep, "PATH=", 5) == 0)
+		SET(*didvar, DID_PATH);
+	    break;
+	case 'S':
+	    if (strncmp(ep, "SHELL=", 6) == 0)
+		SET(*didvar, DID_SHELL);
+	    break;
+	case 'T':
+	    if (strncmp(ep, "TERM=", 5) == 0)
+		SET(*didvar, DID_TERM);
+	    break;
+	case 'U':
+	    if (strncmp(ep, "USER=", 5) == 0)
+		SET(*didvar, DID_USER);
+	    break;
+    }
+}
+
+#define CHECK_PUTENV(a, b, c)	do {					       \
+    if (sudo_putenv((a), (b), (c)) == -1)				       \
+	goto bad;							       \
+} while (0)
+
+#define CHECK_SETENV2(a, b, c, d)	do {				       \
+    if (sudo_setenv2((a), (b), (c), (d)) == -1)				       \
+	goto bad;							       \
+} while (0)
+
+/*
+ * Build a new environment and ether clear potentially dangerous
+ * variables from the old one or start with a clean slate.
+ * Also adds sudo-specific variables (SUDO_*).
+ * Returns true on success or false on failure.
+ */
+bool
+rebuild_env(void)
+{
+    char **ep, *cp, *ps1;
+    char idbuf[MAX_UID_T_LEN + 1];
+    unsigned int didvar;
+    bool reset_home = false;
+    debug_decl(rebuild_env, SUDOERS_DEBUG_ENV)
+
+    /*
+     * Either clean out the environment or reset to a safe default.
+     */
+    ps1 = NULL;
+    didvar = 0;
+    env.env_len = 0;
+    env.env_size = 128;
+    free(env.old_envp);
+    env.old_envp = env.envp;
+    env.envp = reallocarray(NULL, env.env_size, sizeof(char *));
+    if (env.envp == NULL) {
+	sudo_debug_printf(SUDO_DEBUG_ERROR|SUDO_DEBUG_LINENO,
+	    "unable to allocate memory");
+	env.env_size = 0;
+	goto bad;
+    }
+#ifdef ENV_DEBUG
+    memset(env.envp, 0, env.env_size * sizeof(char *));
+#else
+    env.envp[0] = NULL;
+#endif
+
+    /* Reset HOME based on target user if configured to. */
+    if (ISSET(sudo_mode, MODE_RUN)) {
+	if (def_always_set_home ||
+	    ISSET(sudo_mode, MODE_RESET_HOME | MODE_LOGIN_SHELL) || 
+	    (ISSET(sudo_mode, MODE_SHELL) && def_set_home))
+	    reset_home = true;
+    }
+
+    if (def_env_reset || ISSET(sudo_mode, MODE_LOGIN_SHELL)) {
+	/*
+	 * If starting with a fresh environment, initialize it based on
+	 * /etc/environment or login.conf.  For "sudo -i" we want those
+	 * variables to override the invoking user's environment, so we
+	 * defer reading them until later.
+	 */
+	if (!ISSET(sudo_mode, MODE_LOGIN_SHELL)) {
+#ifdef HAVE_LOGIN_CAP_H
+	    /* Insert login class environment variables. */
+	    if (login_class) {
+		login_cap_t *lc = login_getclass(login_class);
+		if (lc != NULL) {
+		    setusercontext(lc, runas_pw, runas_pw->pw_uid,
+			LOGIN_SETPATH|LOGIN_SETENV);
+		    login_close(lc);
+		}
+	    }
+#endif /* HAVE_LOGIN_CAP_H */
+#if defined(_AIX) || (defined(__linux__) && !defined(HAVE_PAM))
+	    /* Insert system-wide environment variables. */
+	    read_env_file(_PATH_ENVIRONMENT, true, false);
+#endif
+	    for (ep = env.envp; *ep; ep++)
+		env_update_didvar(*ep, &didvar);
+	}
+
+	/* Pull in vars we want to keep from the old environment. */
+	for (ep = env.old_envp; *ep; ep++) {
+	    bool keepit;
+
+	    /*
+	     * Look up the variable in the env_check and env_keep lists.
+	     */
+	    keepit = env_should_keep(*ep);
+
+	    /*
+	     * Do SUDO_PS1 -> PS1 conversion.
+	     * This must happen *after* env_should_keep() is called.
+	     */
+	    if (strncmp(*ep, "SUDO_PS1=", 9) == 0)
+		ps1 = *ep + 5;
+
+	    if (keepit) {
+		/* Preserve variable. */
+		CHECK_PUTENV(*ep, true, false);
+		env_update_didvar(*ep, &didvar);
+	    }
+	}
+	didvar |= didvar << 16;		/* convert DID_* to KEPT_* */
+
+	/*
+	 * Add in defaults.  In -i mode these come from the runas user,
+	 * otherwise they may be from the user's environment (depends
+	 * on sudoers options).
+	 */
+	if (ISSET(sudo_mode, MODE_LOGIN_SHELL)) {
+	    CHECK_SETENV2("SHELL", runas_pw->pw_shell,
+		ISSET(didvar, DID_SHELL), true);
+#ifdef _AIX
+	    CHECK_SETENV2("LOGIN", runas_pw->pw_name,
+		ISSET(didvar, DID_LOGIN), true);
+#endif
+	    CHECK_SETENV2("LOGNAME", runas_pw->pw_name,
+		ISSET(didvar, DID_LOGNAME), true);
+	    CHECK_SETENV2("USER", runas_pw->pw_name,
+		ISSET(didvar, DID_USER), true);
+	} else {
+	    /* We will set LOGNAME later in the def_set_logname case. */
+	    if (!def_set_logname) {
+#ifdef _AIX
+		if (!ISSET(didvar, DID_LOGIN))
+		    CHECK_SETENV2("LOGIN", user_name, false, true);
+#endif
+		if (!ISSET(didvar, DID_LOGNAME))
+		    CHECK_SETENV2("LOGNAME", user_name, false, true);
+		if (!ISSET(didvar, DID_USER))
+		    CHECK_SETENV2("USER", user_name, false, true);
+	    }
+	}
+
+	/* If we didn't keep HOME, reset it based on target user. */
+	if (!ISSET(didvar, KEPT_HOME))
+	    reset_home = true;
+
+	/*
+	 * Set MAIL to target user in -i mode or if MAIL is not preserved
+	 * from user's environment.
+	 */
+	if (ISSET(sudo_mode, MODE_LOGIN_SHELL) || !ISSET(didvar, KEPT_MAIL)) {
+	    if (_PATH_MAILDIR[sizeof(_PATH_MAILDIR) - 2] == '/') {
+		if (asprintf(&cp, "MAIL=%s%s", _PATH_MAILDIR, runas_pw->pw_name) == -1)
+		    goto bad;
+	    } else {
+		if (asprintf(&cp, "MAIL=%s/%s", _PATH_MAILDIR, runas_pw->pw_name) == -1)
+		    goto bad;
+	    }
+	    if (sudo_putenv(cp, ISSET(didvar, DID_MAIL), true) == -1) {
+		free(cp);
+		goto bad;
+	    }
+	    sudoers_gc_add(GC_PTR, cp);
+	}
+    } else {
+	/*
+	 * Copy environ entries as long as they don't match env_delete or
+	 * env_check.
+	 */
+	for (ep = env.old_envp; *ep; ep++) {
+	    /* Add variable unless it matches a black list. */
+	    if (!env_should_delete(*ep)) {
+		if (strncmp(*ep, "SUDO_PS1=", 9) == 0)
+		    ps1 = *ep + 5;
+		else if (strncmp(*ep, "SHELL=", 6) == 0)
+		    SET(didvar, DID_SHELL);
+		else if (strncmp(*ep, "PATH=", 5) == 0)
+		    SET(didvar, DID_PATH);
+		else if (strncmp(*ep, "TERM=", 5) == 0)
+		    SET(didvar, DID_TERM);
+		CHECK_PUTENV(*ep, true, false);
+	    }
+	}
+    }
+    /* Replace the PATH envariable with a secure one? */
+    if (def_secure_path && !user_is_exempt()) {
+	CHECK_SETENV2("PATH", def_secure_path, true, true);
+	SET(didvar, DID_PATH);
+    }
+
+    /*
+     * Set LOGIN, LOGNAME, and USER to target if "set_logname" is not
+     * disabled.  We skip this if we are running a login shell (because
+     * they have already been set).
+     */
+    if (def_set_logname && !ISSET(sudo_mode, MODE_LOGIN_SHELL)) {
+	if ((didvar & KEPT_USER_VARIABLES) == 0) {
+	    /* Nothing preserved, set them all. */
+#ifdef _AIX
+	    CHECK_SETENV2("LOGIN", runas_pw->pw_name, true, true);
+#endif
+	    CHECK_SETENV2("LOGNAME", runas_pw->pw_name, true, true);
+	    CHECK_SETENV2("USER", runas_pw->pw_name, true, true);
+	} else if ((didvar & KEPT_USER_VARIABLES) != KEPT_USER_VARIABLES) {
+	    /*
+	     * Preserved some of LOGIN, LOGNAME, USER but not all.
+	     * Make the unset ones match so we don't end up with some
+	     * set to the invoking user and others set to the runas user.
+	     */
+	    if (ISSET(didvar, KEPT_LOGNAME))
+		cp = sudo_getenv("LOGNAME");
+#ifdef _AIX
+	    else if (ISSET(didvar, KEPT_LOGIN))
+		cp = sudo_getenv("LOGIN");
+#endif
+	    else if (ISSET(didvar, KEPT_USER))
+		cp = sudo_getenv("USER");
+	    else
+		cp = NULL;
+	    if (cp != NULL) {
+#ifdef _AIX
+		if (!ISSET(didvar, KEPT_LOGIN))
+		    CHECK_SETENV2("LOGIN", cp, true, true);
+#endif
+		if (!ISSET(didvar, KEPT_LOGNAME))
+		    CHECK_SETENV2("LOGNAME", cp, true, true);
+		if (!ISSET(didvar, KEPT_USER))
+		    CHECK_SETENV2("USER", cp, true, true);
+	    }
+	}
+    }
+
+    /* Set $HOME to target user if not preserving user's value. */
+    if (reset_home)
+	CHECK_SETENV2("HOME", runas_pw->pw_dir, true, true);
+
+    /* Provide default values for $SHELL, $TERM and $PATH if not set. */
+    if (!ISSET(didvar, DID_SHELL))
+	CHECK_SETENV2("SHELL", runas_pw->pw_shell, false, false);
+    if (!ISSET(didvar, DID_TERM))
+	CHECK_PUTENV("TERM=unknown", false, false);
+    if (!ISSET(didvar, DID_PATH))
+	CHECK_SETENV2("PATH", _PATH_STDPATH, false, true);
+
+    /* Set PS1 if SUDO_PS1 is set. */
+    if (ps1 != NULL)
+	CHECK_PUTENV(ps1, true, true);
+
+    /* Add the SUDO_COMMAND envariable (cmnd + args). */
+    if (user_args) {
+	if (asprintf(&cp, "SUDO_COMMAND=%s %s", user_cmnd, user_args) == -1)
+	    goto bad;
+	if (sudo_putenv(cp, true, true) == -1) {
+	    free(cp);
+	    goto bad;
+	}
+	sudoers_gc_add(GC_PTR, cp);
+    } else {
+	CHECK_SETENV2("SUDO_COMMAND", user_cmnd, true, true);
+    }
+
+    /* Add the SUDO_USER, SUDO_UID, SUDO_GID environment variables. */
+    CHECK_SETENV2("SUDO_USER", user_name, true, true);
+    snprintf(idbuf, sizeof(idbuf), "%u", (unsigned int) user_uid);
+    CHECK_SETENV2("SUDO_UID", idbuf, true, true);
+    snprintf(idbuf, sizeof(idbuf), "%u", (unsigned int) user_gid);
+    CHECK_SETENV2("SUDO_GID", idbuf, true, true);
+
+    debug_return_bool(true);
+
+bad:
+    sudo_warn(U_("unable to rebuild the environment"));
+    debug_return_bool(false);
+}
+
+/*
+ * Insert all environment variables in envp into the private copy
+ * of the environment.
+ * Returns true on success or false on failure.
+ */
+bool
+insert_env_vars(char * const envp[])
+{
+    char * const *ep;
+    bool ret = true;
+    debug_decl(insert_env_vars, SUDOERS_DEBUG_ENV)
+
+    /* Add user-specified environment variables. */
+    if (envp != NULL) {
+	for (ep = envp; *ep != NULL; ep++) {
+	    /* XXX - no undo on failure */
+	    if (sudo_putenv(*ep, true, true) == -1) {
+		ret = false;
+		break;
+	    }
+	}
+    }
+    debug_return_bool(ret);
+}
+
+/*
+ * Validate the list of environment variables passed in on the command
+ * line against env_delete, env_check, and env_keep.
+ * Calls log_warning() if any specified variables are not allowed.
+ * Returns true if allowed, else false.
+ */
+bool
+validate_env_vars(char * const env_vars[])
+{
+    char * const *ep;
+    char *eq, errbuf[4096];
+    bool okvar, ret = true;
+    debug_decl(validate_env_vars, SUDOERS_DEBUG_ENV)
+
+    if (env_vars == NULL)
+	debug_return_bool(true);	/* nothing to do */
+
+    /* Add user-specified environment variables. */
+    errbuf[0] = '\0';
+    for (ep = env_vars; *ep != NULL; ep++) {
+	if (def_secure_path && !user_is_exempt() &&
+	    strncmp(*ep, "PATH=", 5) == 0) {
+	    okvar = false;
+	} else if (def_env_reset) {
+	    okvar = env_should_keep(*ep);
+	} else {
+	    okvar = !env_should_delete(*ep);
+	}
+	if (okvar == false) {
+	    /* Not allowed, add to error string, allocating as needed. */
+	    if ((eq = strchr(*ep, '=')) != NULL)
+		*eq = '\0';
+	    if (errbuf[0] != '\0')
+		(void)strlcat(errbuf, ", ", sizeof(errbuf));
+	    if (strlcat(errbuf, *ep, sizeof(errbuf)) >= sizeof(errbuf)) {
+		errbuf[sizeof(errbuf) - 4] = '\0';
+		(void)strlcat(errbuf, "...", sizeof(errbuf));
+	    }
+	    if (eq != NULL)
+		*eq = '=';
+	}
+    }
+    if (errbuf[0] != '\0') {
+	/* XXX - audit? */
+	log_warningx(0,
+	    N_("sorry, you are not allowed to set the following environment variables: %s"), errbuf);
+	ret = false;
+    }
+    debug_return_bool(ret);
+}
+
+/*
+ * Read in /etc/environment ala AIX and Linux.
+ * Lines may be in either of three formats:
+ *  NAME=VALUE
+ *  NAME="VALUE"
+ *  NAME='VALUE'
+ * with an optional "export" prefix so the shell can source the file.
+ * Invalid lines, blank lines, or lines consisting solely of a comment
+ * character are skipped.
+ */
+bool
+read_env_file(const char *path, bool overwrite, bool restricted)
+{
+    FILE *fp;
+    bool ret = true;
+    char *cp, *var, *val, *line = NULL;
+    size_t var_len, val_len, linesize = 0;
+    debug_decl(read_env_file, SUDOERS_DEBUG_ENV)
+
+    if ((fp = fopen(path, "r")) == NULL) {
+	if (errno != ENOENT)
+	    ret = false;
+	debug_return_bool(ret);
+    }
+
+    while (sudo_parseln(&line, &linesize, NULL, fp, PARSELN_CONT_IGN) != -1) {
+	/* Skip blank or comment lines */
+	if (*(var = line) == '\0')
+	    continue;
+
+	/* Skip optional "export " */
+	if (strncmp(var, "export", 6) == 0 && isspace((unsigned char) var[6])) {
+	    var += 7;
+	    while (isspace((unsigned char) *var)) {
+		var++;
+	    }
+	}
+
+	/* Must be of the form name=["']value['"] */
+	for (val = var; *val != '\0' && *val != '='; val++)
+	    continue;
+	if (var == val || *val != '=')
+	    continue;
+	var_len = (size_t)(val - var);
+	val_len = strlen(++val);
+
+	/*
+	 * If the env file is restricted, apply env_check and env_keep
+	 * when env_reset is set or env_delete when it is not.
+	 */
+	if (restricted) {
+	    if (def_env_reset ? !env_should_keep(var) : env_should_delete(var))
+		continue;
+	}
+
+	/* Strip leading and trailing single/double quotes */
+	if ((val[0] == '\'' || val[0] == '\"') && val[0] == val[val_len - 1]) {
+	    val[val_len - 1] = '\0';
+	    val++;
+	    val_len -= 2;
+	}
+
+	if ((cp = malloc(var_len + 1 + val_len + 1)) == NULL) {
+	    sudo_debug_printf(SUDO_DEBUG_ERROR|SUDO_DEBUG_LINENO,
+		"unable to allocate memory");
+	    /* XXX - no undo on failure */
+	    ret = false;
+	    break;
+	}
+	memcpy(cp, var, var_len + 1); /* includes '=' */
+	memcpy(cp + var_len + 1, val, val_len + 1); /* includes NUL */
+
+	sudoers_gc_add(GC_PTR, cp);
+	if (sudo_putenv(cp, true, overwrite) == -1) {
+	    /* XXX - no undo on failure */
+	    ret = false;
+	    break;
+	}
+    }
+    free(line);
+    fclose(fp);
+
+    debug_return_bool(ret);
+}
+
+bool
+init_envtables(void)
+{
+    struct list_member *cur;
+    const char **p;
+    debug_decl(init_envtables, SUDOERS_DEBUG_ENV)
+
+    /* Fill in the "env_delete" list. */
+    for (p = initial_badenv_table; *p; p++) {
+	cur = calloc(1, sizeof(struct list_member));
+	if (cur == NULL || (cur->value = strdup(*p)) == NULL) {
+	    sudo_debug_printf(SUDO_DEBUG_ERROR|SUDO_DEBUG_LINENO,
+		"unable to allocate memory");
+	    free(cur);
+	    debug_return_bool(false);
+	}
+	SLIST_INSERT_HEAD(&def_env_delete, cur, entries);
+    }
+
+    /* Fill in the "env_check" list. */
+    for (p = initial_checkenv_table; *p; p++) {
+	cur = calloc(1, sizeof(struct list_member));
+	if (cur == NULL || (cur->value = strdup(*p)) == NULL) {
+	    sudo_debug_printf(SUDO_DEBUG_ERROR|SUDO_DEBUG_LINENO,
+		"unable to allocate memory");
+	    free(cur);
+	    debug_return_bool(false);
+	}
+	SLIST_INSERT_HEAD(&def_env_check, cur, entries);
+    }
+
+    /* Fill in the "env_keep" list. */
+    for (p = initial_keepenv_table; *p; p++) {
+	cur = calloc(1, sizeof(struct list_member));
+	if (cur == NULL || (cur->value = strdup(*p)) == NULL) {
+	    sudo_debug_printf(SUDO_DEBUG_ERROR|SUDO_DEBUG_LINENO,
+		"unable to allocate memory");
+	    free(cur);
+	    debug_return_bool(false);
+	}
+	SLIST_INSERT_HEAD(&def_env_keep, cur, entries);
+    }
+    debug_return_bool(true);
+}
+
+int
+sudoers_hook_getenv(const char *name, char **value, void *closure)
+{
+    static bool in_progress = false; /* avoid recursion */
+
+    if (in_progress || env.envp == NULL)
+	return SUDO_HOOK_RET_NEXT;
+
+    in_progress = true;
+
+    /* Hack to make GNU gettext() find the sudoers locale when needed. */
+    if (*name == 'L' && sudoers_getlocale() == SUDOERS_LOCALE_SUDOERS) {
+	if (strcmp(name, "LANGUAGE") == 0 || strcmp(name, "LANG") == 0) {
+	    *value = NULL;
+	    goto done;
+	}
+	if (strcmp(name, "LC_ALL") == 0 || strcmp(name, "LC_MESSAGES") == 0) {
+	    *value = def_sudoers_locale;
+	    goto done;
+	}
+    }
+
+    *value = sudo_getenv_nodebug(name);
+done:
+    in_progress = false;
+    return SUDO_HOOK_RET_STOP;
+}
+
+int
+sudoers_hook_putenv(char *string, void *closure)
+{
+    static bool in_progress = false; /* avoid recursion */
+
+    if (in_progress || env.envp == NULL)
+	return SUDO_HOOK_RET_NEXT;
+
+    in_progress = true;
+    sudo_putenv_nodebug(string, true, true);
+    in_progress = false;
+    return SUDO_HOOK_RET_STOP;
+}
+
+int
+sudoers_hook_setenv(const char *name, const char *value, int overwrite, void *closure)
+{
+    static bool in_progress = false; /* avoid recursion */
+
+    if (in_progress || env.envp == NULL)
+	return SUDO_HOOK_RET_NEXT;
+
+    in_progress = true;
+    sudo_setenv_nodebug(name, value, overwrite);
+    in_progress = false;
+    return SUDO_HOOK_RET_STOP;
+}
+
+int
+sudoers_hook_unsetenv(const char *name, void *closure)
+{
+    static bool in_progress = false; /* avoid recursion */
+
+    if (in_progress || env.envp == NULL)
+	return SUDO_HOOK_RET_NEXT;
+
+    in_progress = true;
+    sudo_unsetenv_nodebug(name);
+    in_progress = false;
+    return SUDO_HOOK_RET_STOP;
+}
diff --git a/plugins/sudoers/env_pattern.c b/plugins/sudoers/env_pattern.c
new file mode 100644
index 0000000..a74515b
--- /dev/null
+++ b/plugins/sudoers/env_pattern.c
@@ -0,0 +1,97 @@
+/*
+ * Copyright (c) 2017 Todd C. Miller <Todd.Miller@sudo.ws>
+ *
+ * Permission to use, copy, modify, and distribute this software for any
+ * purpose with or without fee is hereby granted, provided that the above
+ * copyright notice and this permission notice appear in all copies.
+ *
+ * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
+ * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
+ * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
+ * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
+ * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
+ * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
+ * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
+ */
+
+/*
+ * This is an open source non-commercial project. Dear PVS-Studio, please check it.
+ * PVS-Studio Static Code Analyzer for C, C++ and C#: http://www.viva64.com
+ */
+
+#include <config.h>
+
+#include <sys/types.h>
+#include <stdio.h>
+#include <stdlib.h>
+#ifdef HAVE_STRING_H
+# include <string.h>
+#endif /* HAVE_STRING_H */
+#ifdef HAVE_STRINGS_H
+# include <strings.h>
+#endif /* HAVE_STRINGS_H */
+
+#include "sudoers.h"
+
+/* extern for regress tests */
+bool
+matches_env_pattern(const char *pattern, const char *var, bool *full_match)
+{
+    size_t len, sep_pos;
+    bool iswild = false, match = false;
+    bool saw_sep = false;
+    const char *cp;
+    debug_decl(matches_env_pattern, SUDOERS_DEBUG_ENV)
+
+    /* Locate position of the '=' separator in var=value. */
+    sep_pos = strcspn(var, "=");
+
+    /* Locate '*' wildcard and compute len. */
+    for (cp = pattern; *cp != '\0'; cp++) {
+	if (*cp == '*') {
+	    iswild = true;
+	    break;
+	}
+    }
+    len = (size_t)(cp - pattern);
+
+    if (iswild) {
+	/* Match up to the '*' wildcard. */
+	if (strncmp(pattern, var, len) == 0) {
+	    while (*cp != '\0') {
+		if (*cp == '*') {
+		    /* Collapse sequential '*'s */
+		    do {
+			cp++;
+		    } while (*cp == '*');
+		    /* A '*' at the end of a pattern matches anything. */
+		    if (*cp == '\0') {
+			match = true;
+			break;
+		    }
+		    /* Keep track of whether we matched an equal sign. */
+		    if (*cp == '=')
+			saw_sep = true;
+		    /* Look for first match of text after the '*' */
+		    while ((saw_sep || len != sep_pos) &&
+			var[len] != '\0' && var[len] != *cp)
+			len++;
+		}
+		if (var[len] != *cp)
+		    break;
+		cp++;
+		len++;
+	    }
+	    if (*cp == '\0' && (len == sep_pos || var[len] == '\0'))
+		match = true;
+	}
+    } else {
+	if (strncmp(pattern, var, len) == 0 &&
+	    (len == sep_pos || var[len] == '\0')) {
+	    match = true;
+	}
+    }
+    if (match)
+	*full_match = len > sep_pos + 1;
+    debug_return_bool(match);
+}
diff --git a/plugins/sudoers/file.c b/plugins/sudoers/file.c
new file mode 100644
index 0000000..a8b02b3
--- /dev/null
+++ b/plugins/sudoers/file.c
@@ -0,0 +1,156 @@
+/*
+ * Copyright (c) 2004-2005, 2007-2018 Todd C. Miller <Todd.Miller@sudo.ws>
+ *
+ * Permission to use, copy, modify, and distribute this software for any
+ * purpose with or without fee is hereby granted, provided that the above
+ * copyright notice and this permission notice appear in all copies.
+ *
+ * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
+ * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
+ * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
+ * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
+ * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
+ * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
+ * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
+ */
+
+/*
+ * This is an open source non-commercial project. Dear PVS-Studio, please check it.
+ * PVS-Studio Static Code Analyzer for C, C++ and C#: http://www.viva64.com
+ */
+
+#include <config.h>
+
+#include <sys/types.h>
+#include <stdio.h>
+#include <stdlib.h>
+#ifdef HAVE_STRING_H
+# include <string.h>
+#endif /* HAVE_STRING_H */
+#ifdef HAVE_STRINGS_H
+# include <strings.h>
+#endif /* HAVE_STRINGS_H */
+#include <unistd.h>
+#include <ctype.h>
+#include <grp.h>
+#include <pwd.h>
+#include <time.h>
+
+#include "sudoers.h"
+#include "parse.h"
+#include "sudo_lbuf.h"
+#include <gram.h>
+
+struct sudo_file_handle {
+    FILE *fp;
+    struct sudoers_parse_tree parse_tree;
+};
+
+static int
+sudo_file_close(struct sudo_nss *nss)
+{
+    debug_decl(sudo_file_close, SUDOERS_DEBUG_NSS)
+    struct sudo_file_handle *handle = nss->handle;
+
+    if (handle != NULL) {
+	fclose(handle->fp);
+	sudoersin = NULL;
+
+	free_parse_tree(&handle->parse_tree);
+	free(handle);
+	nss->handle = NULL;
+    }
+
+    debug_return_int(0);
+}
+
+static int
+sudo_file_open(struct sudo_nss *nss)
+{
+    debug_decl(sudo_file_open, SUDOERS_DEBUG_NSS)
+    struct sudo_file_handle *handle;
+
+    if (def_ignore_local_sudoers)
+	debug_return_int(-1);
+
+    if (nss->handle != NULL) {
+	sudo_debug_printf(SUDO_DEBUG_ERROR,
+	    "%s: called with non-NULL handle %p", __func__, nss->handle);
+	sudo_file_close(nss);
+    }
+
+    handle = malloc(sizeof(*handle));
+    if (handle != NULL) {
+	handle->fp = open_sudoers(sudoers_file, false, NULL);
+	if (handle->fp != NULL) {
+	    init_parse_tree(&handle->parse_tree);
+	} else {
+	    free(handle);
+	    handle = NULL;
+	}
+    }
+    nss->handle = handle;
+    debug_return_int(nss->handle ? 0 : -1);
+}
+
+/*
+ * Parse and return the specified sudoers file.
+ */
+static struct sudoers_parse_tree *
+sudo_file_parse(struct sudo_nss *nss)
+{
+    debug_decl(sudo_file_close, SUDOERS_DEBUG_NSS)
+    struct sudo_file_handle *handle = nss->handle;
+
+    if (handle == NULL || handle->fp == NULL) {
+	sudo_debug_printf(SUDO_DEBUG_ERROR, "%s: called with NULL %s",
+	    __func__, handle ? "file pointer" : "handle");
+	debug_return_ptr(NULL);
+    }
+
+    sudoersin = handle->fp;
+    if (sudoersparse() != 0 || parse_error) {
+	if (errorlineno != -1) {
+	    log_warningx(SLOG_SEND_MAIL, N_("parse error in %s near line %d"),
+		errorfile, errorlineno);
+	} else {
+	    log_warningx(SLOG_SEND_MAIL, N_("parse error in %s"), errorfile);
+	}
+	debug_return_ptr(NULL);
+    }
+
+    /* Move parsed sudoers policy to nss handle. */
+    reparent_parse_tree(&handle->parse_tree);
+
+    debug_return_ptr(&handle->parse_tree);
+}
+
+/*
+ * No need for explicit sudoers queries, the parse function handled it.
+ */
+static int
+sudo_file_query(struct sudo_nss *nss, struct passwd *pw)
+{
+    debug_decl(sudo_file_query, SUDOERS_DEBUG_NSS)
+    debug_return_int(0);
+}
+
+/*
+ * No need to get defaults for sudoers file, the parse function handled it.
+ */
+static int
+sudo_file_getdefs(struct sudo_nss *nss)
+{
+    debug_decl(sudo_file_getdefs, SUDOERS_DEBUG_NSS)
+    debug_return_int(0);
+}
+
+/* sudo_nss implementation */
+struct sudo_nss sudo_nss_file = {
+    { NULL, NULL },
+    sudo_file_open,
+    sudo_file_close,
+    sudo_file_parse,
+    sudo_file_query,
+    sudo_file_getdefs
+};
diff --git a/plugins/sudoers/filedigest.c b/plugins/sudoers/filedigest.c
new file mode 100644
index 0000000..764e35e
--- /dev/null
+++ b/plugins/sudoers/filedigest.c
@@ -0,0 +1,102 @@
+/*
+ * Copyright (c) 2013-2018 Todd C. Miller <Todd.Miller@sudo.ws>
+ *
+ * Permission to use, copy, modify, and distribute this software for any
+ * purpose with or without fee is hereby granted, provided that the above
+ * copyright notice and this permission notice appear in all copies.
+ *
+ * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
+ * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
+ * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
+ * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
+ * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
+ * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
+ * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
+ */
+
+/*
+ * This is an open source non-commercial project. Dear PVS-Studio, please check it.
+ * PVS-Studio Static Code Analyzer for C, C++ and C#: http://www.viva64.com
+ */
+
+#include <config.h>
+
+#include <sys/types.h>
+
+#include <stdio.h>
+#include <stdlib.h>
+#ifdef HAVE_STRING_H
+# include <string.h>
+#endif /* HAVE_STRING_H */
+#ifdef HAVE_STRINGS_H
+# include <strings.h>
+#endif /* HAVE_STRINGS_H */
+#if defined(HAVE_STDINT_H)
+# include <stdint.h>
+#elif defined(HAVE_INTTYPES_H)
+# include <inttypes.h>
+#endif
+#include <unistd.h>
+#include <fcntl.h>
+#include <errno.h>
+
+#include "sudoers.h"
+#include "sudo_digest.h"
+
+unsigned char *
+sudo_filedigest(int fd, const char *file, int digest_type, size_t *digest_len)
+{
+    unsigned char *file_digest = NULL;
+    unsigned char buf[32 * 1024];
+    struct sudo_digest *dig = NULL;
+    FILE *fp = NULL;
+    size_t nread;
+    int fd2;
+    debug_decl(sudo_filedigest, SUDOERS_DEBUG_UTIL)
+
+    *digest_len = sudo_digest_getlen(digest_type);
+    if (*digest_len == (size_t)-1) {
+	sudo_warnx(U_("unsupported digest type %d for %s"), digest_type, file);
+	goto bad;
+    }
+
+    if ((dig = sudo_digest_alloc(digest_type)) == NULL) {
+	sudo_warnx(U_("%s: %s"), __func__, U_("unable to allocate memory"));
+	goto bad;
+    }
+
+    if ((fd2 = dup(fd)) == -1) {
+	sudo_debug_printf(SUDO_DEBUG_INFO, "unable to dup %s: %s",
+	    file, strerror(errno));
+	goto bad;
+    }
+    if ((fp = fdopen(fd2, "r")) == NULL) {
+	sudo_debug_printf(SUDO_DEBUG_INFO, "unable to fdopen %s: %s",
+	    file, strerror(errno));
+	close(fd2);
+	goto bad;
+    }
+    if ((file_digest = malloc(*digest_len)) == NULL) {
+	sudo_warnx(U_("%s: %s"), __func__, U_("unable to allocate memory"));
+	goto bad;
+    }
+
+    while ((nread = fread(buf, 1, sizeof(buf), fp)) != 0) {
+	sudo_digest_update(dig, buf, nread);
+    }
+    if (ferror(fp)) {
+	sudo_warnx(U_("%s: read error"), file);
+	goto bad;
+    }
+    sudo_digest_final(dig, file_digest);
+    sudo_digest_free(dig);
+    fclose(fp);
+
+    debug_return_ptr(file_digest);
+bad:
+    sudo_digest_free(dig);
+    free(file_digest);
+    if (fp != NULL)
+	fclose(fp);
+    debug_return_ptr(NULL);
+}
diff --git a/plugins/sudoers/find_path.c b/plugins/sudoers/find_path.c
new file mode 100644
index 0000000..70b9218
--- /dev/null
+++ b/plugins/sudoers/find_path.c
@@ -0,0 +1,173 @@
+/*
+ * Copyright (c) 1996, 1998-2005, 2010-2015
+ *	Todd C. Miller <Todd.Miller@sudo.ws>
+ *
+ * Permission to use, copy, modify, and distribute this software for any
+ * purpose with or without fee is hereby granted, provided that the above
+ * copyright notice and this permission notice appear in all copies.
+ *
+ * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
+ * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
+ * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
+ * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
+ * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
+ * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
+ * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
+ *
+ * Sponsored in part by the Defense Advanced Research Projects
+ * Agency (DARPA) and Air Force Research Laboratory, Air Force
+ * Materiel Command, USAF, under agreement number F39502-99-1-0512.
+ */
+
+/*
+ * This is an open source non-commercial project. Dear PVS-Studio, please check it.
+ * PVS-Studio Static Code Analyzer for C, C++ and C#: http://www.viva64.com
+ */
+
+#include <config.h>
+
+#include <sys/types.h>
+#include <sys/stat.h>
+#include <stdio.h>
+#include <stdlib.h>
+#ifdef HAVE_STRING_H
+# include <string.h>
+#endif /* HAVE_STRING_H */
+#ifdef HAVE_STRINGS_H
+# include <strings.h>
+#endif /* HAVE_STRINGS_H */
+#include <unistd.h>
+#include <errno.h>
+
+#include "sudoers.h"
+
+/*
+ * Check the given command against the specified whitelist (NULL-terminated).
+ * On success, rewrites cmnd based on the whitelist and returns true.
+ * On failure, returns false.
+ */
+static bool
+cmnd_allowed(char *cmnd, size_t cmnd_size, struct stat *cmnd_sbp,
+    char * const *whitelist)
+{
+    const char *cmnd_base;
+    char * const *wl;
+    debug_decl(cmnd_allowed, SUDOERS_DEBUG_UTIL)
+
+    if (!sudo_goodpath(cmnd, cmnd_sbp))
+	debug_return_bool(false);
+
+    if (whitelist == NULL)
+	debug_return_bool(true);	/* nothing to check */
+
+    /* We compare the base names to avoid excessive stat()ing. */
+    if ((cmnd_base = strrchr(cmnd, '/')) == NULL)
+	debug_return_bool(false);	/* can't happen */
+    cmnd_base++;
+
+    for (wl = whitelist; *wl != NULL; wl++) {
+	struct stat sb;
+	const char *base;
+
+	if ((base = strrchr(*wl, '/')) == NULL)
+	    continue;		/* XXX - warn? */
+	base++;
+
+	if (strcmp(cmnd_base, base) != 0)
+	    continue;
+
+	if (sudo_goodpath(*wl, &sb) &&
+	    sb.st_dev == cmnd_sbp->st_dev && sb.st_ino == cmnd_sbp->st_ino) {
+	    /* Overwrite cmnd with safe version from whitelist. */
+	    if (strlcpy(cmnd, *wl, cmnd_size) < cmnd_size)
+		return true;
+		debug_return_bool(true);
+	}
+    }
+    debug_return_bool(false);
+}
+
+/*
+ * This function finds the full pathname for a command and
+ * stores it in a statically allocated array, filling in a pointer
+ * to the array.  Returns FOUND if the command was found, NOT_FOUND
+ * if it was not found, or NOT_FOUND_DOT if it would have been found
+ * but it is in '.' and IGNORE_DOT is set.
+ * The caller is responsible for freeing the output file.
+ */
+int
+find_path(const char *infile, char **outfile, struct stat *sbp,
+    const char *path, int ignore_dot, char * const *whitelist)
+{
+    char command[PATH_MAX];
+    const char *cp, *ep, *pathend;
+    bool found = false;
+    bool checkdot = false;
+    int len;
+    debug_decl(find_path, SUDOERS_DEBUG_UTIL)
+
+    /*
+     * If we were given a fully qualified or relative path
+     * there is no need to look at $PATH.
+     */
+    if (strchr(infile, '/') != NULL) {
+	if (strlcpy(command, infile, sizeof(command)) >= sizeof(command)) {
+	    errno = ENAMETOOLONG;
+	    debug_return_int(NOT_FOUND_ERROR);
+	}
+	found = cmnd_allowed(command, sizeof(command), sbp, whitelist);
+	goto done;
+    }
+
+    if (path == NULL)
+	debug_return_int(NOT_FOUND);
+
+    pathend = path + strlen(path);
+    for (cp = sudo_strsplit(path, pathend, ":", &ep); cp != NULL;
+	cp = sudo_strsplit(NULL, pathend, ":", &ep)) {
+
+	/*
+	 * Search current dir last if it is in PATH.
+	 * This will miss sneaky things like using './' or './/' (XXX)
+	 */
+	if (cp == ep || (*cp == '.' && cp + 1 == ep)) {
+	    checkdot = 1;
+	    continue;
+	}
+
+	/*
+	 * Resolve the path and exit the loop if found.
+	 */
+	len = snprintf(command, sizeof(command), "%.*s/%s",
+	    (int)(ep - cp), cp, infile);
+	if (len <= 0 || (size_t)len >= sizeof(command)) {
+	    errno = ENAMETOOLONG;
+	    debug_return_int(NOT_FOUND_ERROR);
+	}
+	found = cmnd_allowed(command, sizeof(command), sbp, whitelist);
+	if (found)
+	    break;
+    }
+
+    /*
+     * Check current dir if dot was in the PATH
+     */
+    if (!found && checkdot) {
+	len = snprintf(command, sizeof(command), "./%s", infile);
+	if (len <= 0 || (size_t)len >= sizeof(command)) {
+	    errno = ENAMETOOLONG;
+	    debug_return_int(NOT_FOUND_ERROR);
+	}
+	found = cmnd_allowed(command, sizeof(command), sbp, whitelist);
+	if (found && ignore_dot)
+	    debug_return_int(NOT_FOUND_DOT);
+    }
+
+done:
+    if (found) {
+	if ((*outfile = strdup(command)) == NULL)
+	    debug_return_int(NOT_FOUND_ERROR);
+	debug_return_int(FOUND);
+    }
+    debug_return_int(NOT_FOUND);
+}
diff --git a/plugins/sudoers/fmtsudoers.c b/plugins/sudoers/fmtsudoers.c
new file mode 100644
index 0000000..8c73f9c
--- /dev/null
+++ b/plugins/sudoers/fmtsudoers.c
@@ -0,0 +1,477 @@
+/*
+ * Copyright (c) 2004-2005, 2007-2018 Todd C. Miller <Todd.Miller@sudo.ws>
+ *
+ * Permission to use, copy, modify, and distribute this software for any
+ * purpose with or without fee is hereby granted, provided that the above
+ * copyright notice and this permission notice appear in all copies.
+ *
+ * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
+ * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
+ * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
+ * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
+ * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
+ * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
+ * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
+ */
+
+/*
+ * This is an open source non-commercial project. Dear PVS-Studio, please check it.
+ * PVS-Studio Static Code Analyzer for C, C++ and C#: http://www.viva64.com
+ */
+
+#include <config.h>
+
+#include <sys/types.h>
+#include <stdio.h>
+#include <stdlib.h>
+#ifdef HAVE_STRING_H
+# include <string.h>
+#endif /* HAVE_STRING_H */
+#ifdef HAVE_STRINGS_H
+# include <strings.h>
+#endif /* HAVE_STRINGS_H */
+#include <time.h>
+
+#include "sudoers.h"
+#include "sudo_lbuf.h"
+#include <gram.h>
+
+/*
+ * Write the contents of a struct member to the lbuf.
+ * If alias_type is not UNSPEC, expand aliases using that type with
+ * the specified separator (which must not be NULL in the UNSPEC case).
+ */
+static bool
+sudoers_format_member_int(struct sudo_lbuf *lbuf,
+    struct sudoers_parse_tree *parse_tree, char *name, int type, bool negated,
+    const char *separator, int alias_type)
+{
+    struct alias *a;
+    struct member *m;
+    struct sudo_command *c;
+    debug_decl(sudoers_format_member_int, SUDOERS_DEBUG_UTIL)
+
+    switch (type) {
+	case ALL:
+	    sudo_lbuf_append(lbuf, "%sALL", negated ? "!" : "");
+	    break;
+	case MYSELF:
+	    sudo_lbuf_append(lbuf, "%s%s", negated ? "!" : "",
+		user_name ? user_name : "");
+	    break;
+	case COMMAND:
+	    c = (struct sudo_command *) name;
+	    if (c->digest != NULL) {
+		sudo_lbuf_append(lbuf, "%s:%s ",
+		    digest_type_to_name(c->digest->digest_type),
+		    c->digest->digest_str);
+	    }
+	    if (negated)
+		sudo_lbuf_append(lbuf, "!");
+	    sudo_lbuf_append_quoted(lbuf, SUDOERS_QUOTED" \t", "%s", c->cmnd);
+	    if (c->args) {
+		sudo_lbuf_append(lbuf, " ");
+		sudo_lbuf_append_quoted(lbuf, SUDOERS_QUOTED, "%s", c->args);
+	    }
+	    break;
+	case USERGROUP:
+	    /* Special case for %#gid, %:non-unix-group, %:#non-unix-gid */
+	    if (strpbrk(name, " \t") == NULL) {
+		if (*++name == ':') {
+		    name++;
+		    sudo_lbuf_append(lbuf, "%s", "%:");
+		} else {
+		    sudo_lbuf_append(lbuf, "%s", "%");
+		}
+	    }
+	    goto print_word;
+	case ALIAS:
+	    if (alias_type != UNSPEC) {
+		if ((a = alias_get(parse_tree, name, alias_type)) != NULL) {
+		    TAILQ_FOREACH(m, &a->members, entries) {
+			if (m != TAILQ_FIRST(&a->members))
+			    sudo_lbuf_append(lbuf, "%s", separator);
+			sudoers_format_member_int(lbuf, parse_tree, m->name,
+			    m->type, negated ? !m->negated : m->negated,
+			    separator, alias_type);
+		    }
+		    alias_put(a);
+		    break;
+		}
+	    }
+	    /* FALLTHROUGH */
+	default:
+	print_word:
+	    /* Do not quote UID/GID, all others get quoted. */
+	    if (name[0] == '#' &&
+		name[strspn(name + 1, "0123456789") + 1] == '\0') {
+		sudo_lbuf_append(lbuf, "%s%s", negated ? "!" : "", name);
+	    } else {
+		if (strpbrk(name, " \t") != NULL) {
+		    sudo_lbuf_append(lbuf, "%s\"", negated ? "!" : "");
+		    sudo_lbuf_append_quoted(lbuf, "\"", "%s", name);
+		    sudo_lbuf_append(lbuf, "\"");
+		} else {
+		    sudo_lbuf_append_quoted(lbuf, SUDOERS_QUOTED, "%s%s",
+			negated ? "!" : "", name);
+		}
+	    }
+	    break;
+    }
+    debug_return_bool(!sudo_lbuf_error(lbuf));
+}
+
+bool
+sudoers_format_member(struct sudo_lbuf *lbuf,
+    struct sudoers_parse_tree *parse_tree, struct member *m,
+    const char *separator, int alias_type)
+{
+    return sudoers_format_member_int(lbuf, parse_tree, m->name, m->type,
+	m->negated, separator, alias_type);
+}
+
+/*
+ * Store a defaults entry as a command tag.
+ */
+bool
+sudoers_defaults_to_tags(const char *var, const char *val, int op,
+    struct cmndtag *tags)
+{
+    bool ret = true;
+    debug_decl(sudoers_defaults_to_tags, SUDOERS_DEBUG_UTIL)
+
+    if (op == true || op == false) {
+	if (strcmp(var, "authenticate") == 0) {
+	    tags->nopasswd = op == false;
+	} else if (strcmp(var, "sudoedit_follow") == 0) {
+	    tags->follow = op == true;
+	} else if (strcmp(var, "log_input") == 0) {
+	    tags->log_input = op == true;
+	} else if (strcmp(var, "log_output") == 0) {
+	    tags->log_output = op == true;
+	} else if (strcmp(var, "noexec") == 0) {
+	    tags->noexec = op == true;
+	} else if (strcmp(var, "setenv") == 0) {
+	    tags->setenv = op == true;
+	} else if (strcmp(var, "mail_all_cmnds") == 0 ||
+	    strcmp(var, "mail_always") == 0 ||
+	    strcmp(var, "mail_no_perms") == 0) {
+	    tags->send_mail = op == true;
+	} else {
+	    ret = false;
+	}
+    } else {
+	ret = false;
+    }
+    debug_return_bool(ret);
+}
+
+/*
+ * Convert a defaults list to command tags.
+ */
+bool
+sudoers_defaults_list_to_tags(struct defaults_list *defs, struct cmndtag *tags)
+{
+    bool ret = true;
+    struct defaults *d;
+    debug_decl(sudoers_defaults_list_to_tags, SUDOERS_DEBUG_UTIL)
+
+    TAGS_INIT(*tags);
+    if (defs != NULL) {
+	TAILQ_FOREACH(d, defs, entries) {
+	    if (!sudoers_defaults_to_tags(d->var, d->val, d->op, tags)) {
+		if (d->val != NULL) {
+		    sudo_debug_printf(SUDO_DEBUG_WARN,
+			"unable to convert defaults to tag: %s%s%s", d->var,
+			d->op == '+' ? "+=" : d->op == '-' ? "-=" : "=", d->val);
+		} else {
+		    sudo_debug_printf(SUDO_DEBUG_WARN,
+			"unable to convert defaults to tag: %s%s%s",
+			d->op == false ? "!" : "", d->var, "");
+		}
+		ret = false;
+	    }
+	}
+    }
+    debug_return_bool(ret);
+}
+
+#define	FIELD_CHANGED(ocs, ncs, fld) \
+	((ocs) == NULL || (ncs)->fld != (ocs)->fld)
+
+#define	TAG_CHANGED(ocs, ncs, t, tt) \
+	(TAG_SET((t).tt) && FIELD_CHANGED(ocs, ncs, tags.tt))
+
+/*
+ * Write a cmndspec to lbuf in sudoers format.
+ */
+bool
+sudoers_format_cmndspec(struct sudo_lbuf *lbuf,
+    struct sudoers_parse_tree *parse_tree, struct cmndspec *cs,
+    struct cmndspec *prev_cs, struct cmndtag tags, bool expand_aliases)
+{
+    debug_decl(sudoers_format_cmndspec, SUDOERS_DEBUG_UTIL)
+
+    /* Merge privilege-level tags with cmndspec tags. */
+    TAGS_MERGE(tags, cs->tags);
+
+#ifdef HAVE_PRIV_SET
+    if (cs->privs != NULL && FIELD_CHANGED(prev_cs, cs, privs))
+	sudo_lbuf_append(lbuf, "PRIVS=\"%s\" ", cs->privs);
+    if (cs->limitprivs != NULL && FIELD_CHANGED(prev_cs, cs, limitprivs))
+	sudo_lbuf_append(lbuf, "LIMITPRIVS=\"%s\" ", cs->limitprivs);
+#endif /* HAVE_PRIV_SET */
+#ifdef HAVE_SELINUX
+    if (cs->role != NULL && FIELD_CHANGED(prev_cs, cs, role))
+	sudo_lbuf_append(lbuf, "ROLE=%s ", cs->role);
+    if (cs->type != NULL && FIELD_CHANGED(prev_cs, cs, type))
+	sudo_lbuf_append(lbuf, "TYPE=%s ", cs->type);
+#endif /* HAVE_SELINUX */
+    if (cs->timeout > 0 && FIELD_CHANGED(prev_cs, cs, timeout)) {
+	char numbuf[(((sizeof(int) * 8) + 2) / 3) + 2];
+	snprintf(numbuf, sizeof(numbuf), "%d", cs->timeout);
+	sudo_lbuf_append(lbuf, "TIMEOUT=%s ", numbuf);
+    }
+    if (cs->notbefore != UNSPEC && FIELD_CHANGED(prev_cs, cs, notbefore)) {
+	char buf[sizeof("CCYYMMDDHHMMSSZ")];
+	struct tm *tm = gmtime(&cs->notbefore);
+	snprintf(buf, sizeof(buf), "%04d%02d%02d%02d%02d%02dZ",
+	    tm->tm_year + 1900, tm->tm_mon + 1, tm->tm_mday,
+	    tm->tm_hour, tm->tm_min, tm->tm_sec);
+	sudo_lbuf_append(lbuf, "NOTBEFORE=%s ", buf);
+    }
+    if (cs->notafter != UNSPEC && FIELD_CHANGED(prev_cs, cs, notafter)) {
+	char buf[sizeof("CCYYMMDDHHMMSSZ")];
+	struct tm *tm = gmtime(&cs->notafter);
+	snprintf(buf, sizeof(buf), "%04d%02d%02d%02d%02d%02dZ",
+	    tm->tm_year + 1900, tm->tm_mon + 1, tm->tm_mday,
+	    tm->tm_hour, tm->tm_min, tm->tm_sec);
+	sudo_lbuf_append(lbuf, "NOTAFTER=%s ", buf);
+    }
+    if (TAG_CHANGED(prev_cs, cs, tags, setenv))
+	sudo_lbuf_append(lbuf, tags.setenv ? "SETENV: " : "NOSETENV: ");
+    if (TAG_CHANGED(prev_cs, cs, tags, noexec))
+	sudo_lbuf_append(lbuf, tags.noexec ? "NOEXEC: " : "EXEC: ");
+    if (TAG_CHANGED(prev_cs, cs, tags, nopasswd))
+	sudo_lbuf_append(lbuf, tags.nopasswd ? "NOPASSWD: " : "PASSWD: ");
+    if (TAG_CHANGED(prev_cs, cs, tags, log_input))
+	sudo_lbuf_append(lbuf, tags.log_input ? "LOG_INPUT: " : "NOLOG_INPUT: ");
+    if (TAG_CHANGED(prev_cs, cs, tags, log_output))
+	sudo_lbuf_append(lbuf, tags.log_output ? "LOG_OUTPUT: " : "NOLOG_OUTPUT: ");
+    if (TAG_CHANGED(prev_cs, cs, tags, send_mail))
+	sudo_lbuf_append(lbuf, tags.send_mail ? "MAIL: " : "NOMAIL: ");
+    if (TAG_CHANGED(prev_cs, cs, tags, follow))
+	sudo_lbuf_append(lbuf, tags.follow ? "FOLLOW: " : "NOFOLLOW: ");
+    sudoers_format_member(lbuf, parse_tree, cs->cmnd, ", ",
+	expand_aliases ? CMNDALIAS : UNSPEC);
+    debug_return_bool(!sudo_lbuf_error(lbuf));
+}
+
+/*
+ * Write a privilege to lbuf in sudoers format.
+ */
+bool
+sudoers_format_privilege(struct sudo_lbuf *lbuf,
+    struct sudoers_parse_tree *parse_tree, struct privilege *priv,
+    bool expand_aliases)
+{
+    struct cmndspec *cs, *prev_cs;
+    struct cmndtag tags;
+    struct member *m;
+    debug_decl(sudoers_format_privilege, SUDOERS_DEBUG_UTIL)
+
+    /* Convert per-privilege defaults to tags. */
+    sudoers_defaults_list_to_tags(&priv->defaults, &tags);
+
+    /* Print hosts list. */
+    TAILQ_FOREACH(m, &priv->hostlist, entries) {
+	if (m != TAILQ_FIRST(&priv->hostlist))
+	    sudo_lbuf_append(lbuf, ", ");
+	sudoers_format_member(lbuf, parse_tree, m, ", ",
+	    expand_aliases ? HOSTALIAS : UNSPEC);
+    }
+
+    /* Print commands. */
+    sudo_lbuf_append(lbuf, " = ");
+    prev_cs = NULL;
+    TAILQ_FOREACH(cs, &priv->cmndlist, entries) {
+	if (prev_cs == NULL || RUNAS_CHANGED(cs, prev_cs)) {
+	    if (cs != TAILQ_FIRST(&priv->cmndlist))
+		sudo_lbuf_append(lbuf, ", ");
+	    if (cs->runasuserlist != NULL || cs->runasgrouplist != NULL)
+		sudo_lbuf_append(lbuf, "(");
+	    if (cs->runasuserlist != NULL) {
+		TAILQ_FOREACH(m, cs->runasuserlist, entries) {
+		    if (m != TAILQ_FIRST(cs->runasuserlist))
+			sudo_lbuf_append(lbuf, ", ");
+		    sudoers_format_member(lbuf, parse_tree, m, ", ",
+			expand_aliases ? RUNASALIAS : UNSPEC);
+		}
+	    }
+	    if (cs->runasgrouplist != NULL) {
+		sudo_lbuf_append(lbuf, " : ");
+		TAILQ_FOREACH(m, cs->runasgrouplist, entries) {
+		    if (m != TAILQ_FIRST(cs->runasgrouplist))
+			sudo_lbuf_append(lbuf, ", ");
+		    sudoers_format_member(lbuf, parse_tree, m, ", ",
+			expand_aliases ? RUNASALIAS : UNSPEC);
+		}
+	    }
+	    if (cs->runasuserlist != NULL || cs->runasgrouplist != NULL)
+		sudo_lbuf_append(lbuf, ") ");
+	} else if (cs != TAILQ_FIRST(&priv->cmndlist)) {
+	    sudo_lbuf_append(lbuf, ", ");
+	}
+	sudoers_format_cmndspec(lbuf, parse_tree, cs, prev_cs, tags,
+	    expand_aliases);
+	prev_cs = cs;
+    }
+
+    debug_return_bool(!sudo_lbuf_error(lbuf));
+}
+
+/*
+ * Write a userspec to lbuf in sudoers format.
+ */
+bool
+sudoers_format_userspec(struct sudo_lbuf *lbuf,
+    struct sudoers_parse_tree *parse_tree,
+    struct userspec *us, bool expand_aliases)
+{
+    struct privilege *priv;
+    struct sudoers_comment *comment;
+    struct member *m;
+    debug_decl(sudoers_format_userspec, SUDOERS_DEBUG_UTIL)
+
+    /* Print comments (if any). */
+    STAILQ_FOREACH(comment, &us->comments, entries) {
+	sudo_lbuf_append(lbuf, "# %s\n", comment->str);
+    }
+
+    /* Print users list. */
+    TAILQ_FOREACH(m, &us->users, entries) {
+	if (m != TAILQ_FIRST(&us->users))
+	    sudo_lbuf_append(lbuf, ", ");
+	sudoers_format_member(lbuf, parse_tree, m, ", ",
+	    expand_aliases ? USERALIAS : UNSPEC);
+    }
+
+    TAILQ_FOREACH(priv, &us->privileges, entries) {
+	if (priv != TAILQ_FIRST(&us->privileges))
+	    sudo_lbuf_append(lbuf, " : ");
+	else
+	    sudo_lbuf_append(lbuf, " ");
+	if (!sudoers_format_privilege(lbuf, parse_tree, priv, expand_aliases))
+	    break;
+    }
+    sudo_lbuf_append(lbuf, "\n");
+
+    debug_return_bool(!sudo_lbuf_error(lbuf));
+}
+
+/*
+ * Write a userspec_list to lbuf in sudoers format.
+ */
+bool
+sudoers_format_userspecs(struct sudo_lbuf *lbuf,
+    struct sudoers_parse_tree *parse_tree, const char *separator,
+    bool expand_aliases, bool flush)
+{
+    struct userspec *us;
+    debug_decl(sudoers_format_userspecs, SUDOERS_DEBUG_UTIL)
+
+    TAILQ_FOREACH(us, &parse_tree->userspecs, entries) {
+	if (separator != NULL && us != TAILQ_FIRST(&parse_tree->userspecs))
+	    sudo_lbuf_append(lbuf, "%s", separator);
+	if (!sudoers_format_userspec(lbuf, parse_tree, us, expand_aliases))
+	    break;
+	sudo_lbuf_print(lbuf);
+    }
+
+    debug_return_bool(!sudo_lbuf_error(lbuf));
+}
+
+/*
+ * Format and append a defaults entry to the specified lbuf.
+ */
+bool
+sudoers_format_default(struct sudo_lbuf *lbuf, struct defaults *d)
+{
+    debug_decl(sudoers_format_default, SUDOERS_DEBUG_UTIL)
+
+    if (d->val != NULL) {
+	sudo_lbuf_append(lbuf, "%s%s", d->var,
+	    d->op == '+' ? "+=" : d->op == '-' ? "-=" : "=");
+	if (strpbrk(d->val, " \t") != NULL) {
+	    sudo_lbuf_append(lbuf, "\"");
+	    sudo_lbuf_append_quoted(lbuf, "\"", "%s", d->val);
+	    sudo_lbuf_append(lbuf, "\"");
+	} else
+	    sudo_lbuf_append_quoted(lbuf, SUDOERS_QUOTED, "%s", d->val);
+    } else {
+	sudo_lbuf_append(lbuf, "%s%s", d->op == false ? "!" : "", d->var);
+    }
+    debug_return_bool(!sudo_lbuf_error(lbuf));
+}
+
+/*
+ * Format and append a defaults line to the specified lbuf.
+ * If next, is specified, it must point to the next defaults
+ * entry in the list; this is used to print multiple defaults
+ * entries with the same binding on a single line.
+ */
+bool
+sudoers_format_default_line( struct sudo_lbuf *lbuf,
+    struct sudoers_parse_tree *parse_tree, struct defaults *d,
+    struct defaults **next, bool expand_aliases)
+{
+    struct member *m;
+    int alias_type;
+    debug_decl(sudoers_format_default_line, SUDOERS_DEBUG_UTIL)
+
+    /* Print Defaults type and binding (if present) */
+    switch (d->type) {
+	case DEFAULTS_HOST:
+	    sudo_lbuf_append(lbuf, "Defaults@");
+	    alias_type = expand_aliases ? HOSTALIAS : UNSPEC;
+	    break;
+	case DEFAULTS_USER:
+	    sudo_lbuf_append(lbuf, "Defaults:");
+	    alias_type = expand_aliases ? USERALIAS : UNSPEC;
+	    break;
+	case DEFAULTS_RUNAS:
+	    sudo_lbuf_append(lbuf, "Defaults>");
+	    alias_type = expand_aliases ? RUNASALIAS : UNSPEC;
+	    break;
+	case DEFAULTS_CMND:
+	    sudo_lbuf_append(lbuf, "Defaults!");
+	    alias_type = expand_aliases ? CMNDALIAS : UNSPEC;
+	    break;
+	default:
+	    sudo_lbuf_append(lbuf, "Defaults");
+	    alias_type = UNSPEC;
+	    break;
+    }
+    TAILQ_FOREACH(m, d->binding, entries) {
+	if (m != TAILQ_FIRST(d->binding))
+	    sudo_lbuf_append(lbuf, ", ");
+	sudoers_format_member(lbuf, parse_tree, m, ", ", alias_type);
+    }
+
+    sudo_lbuf_append(lbuf, " ");
+    sudoers_format_default(lbuf, d);
+
+    if (next != NULL) {
+	/* Merge Defaults with the same binding, there may be multiple. */
+	struct defaults *n;
+	while ((n = TAILQ_NEXT(d, entries)) && d->binding == n->binding) {
+	    sudo_lbuf_append(lbuf, ", ");
+	    sudoers_format_default(lbuf, n);
+	    d = n;
+	}
+	*next = n;
+    }
+    sudo_lbuf_append(lbuf, "\n");
+
+    debug_return_bool(!sudo_lbuf_error(lbuf));
+}
diff --git a/plugins/sudoers/gc.c b/plugins/sudoers/gc.c
new file mode 100644
index 0000000..1c14b71
--- /dev/null
+++ b/plugins/sudoers/gc.c
@@ -0,0 +1,151 @@
+/*
+ * Copyright (c) 2016 Todd C. Miller <Todd.Miller@sudo.ws>
+ *
+ * Permission to use, copy, modify, and distribute this software for any
+ * purpose with or without fee is hereby granted, provided that the above
+ * copyright notice and this permission notice appear in all copies.
+ *
+ * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
+ * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
+ * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
+ * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
+ * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
+ * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
+ * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
+ */
+
+/*
+ * This is an open source non-commercial project. Dear PVS-Studio, please check it.
+ * PVS-Studio Static Code Analyzer for C, C++ and C#: http://www.viva64.com
+ */
+
+#include <config.h>
+
+#include <sys/types.h>
+
+#include <stdio.h>
+#include <stdlib.h>
+
+#include "sudoers.h"
+
+struct sudoers_gc_entry {
+    SLIST_ENTRY(sudoers_gc_entry) entries;
+    enum sudoers_gc_types type;
+    union {
+	char **vec;
+	void *ptr;
+    } u;
+};
+SLIST_HEAD(sudoers_gc_list, sudoers_gc_entry);
+#ifdef NO_LEAKS
+static struct sudoers_gc_list sudoers_gc_list =
+    SLIST_HEAD_INITIALIZER(sudoers_gc_list);
+#endif
+
+bool
+sudoers_gc_add(enum sudoers_gc_types type, void *v)
+{
+#ifdef NO_LEAKS
+    struct sudoers_gc_entry *gc;
+    debug_decl(sudoers_gc_add, SUDOERS_DEBUG_UTIL)
+
+    if (v == NULL)
+	debug_return_bool(false);
+
+    gc = calloc(1, sizeof(*gc));
+    if (gc == NULL) {
+	sudo_warnx(U_("%s: %s"), __func__, U_("unable to allocate memory"));
+	debug_return_bool(false);
+    }
+    switch (type) {
+    case GC_PTR:
+	gc->u.ptr = v;
+	break;
+    case GC_VECTOR:
+	gc->u.vec = v;
+	break;
+    default:
+	free(gc);
+	sudo_warnx("unexpected garbage type %d", type);
+	debug_return_bool(false);
+    }
+    gc->type = type;
+    SLIST_INSERT_HEAD(&sudoers_gc_list, gc, entries);
+    debug_return_bool(true);
+#else
+    return true;
+#endif /* NO_LEAKS */
+}
+
+bool
+sudoers_gc_remove(enum sudoers_gc_types type, void *v)
+{
+#ifdef NO_LEAKS
+    struct sudoers_gc_entry *gc, *prev = NULL;
+    debug_decl(sudoers_gc_remove, SUDOERS_DEBUG_UTIL)
+
+    SLIST_FOREACH(gc, &sudoers_gc_list, entries) {
+	switch (gc->type) {
+	case GC_PTR:
+	    if (gc->u.ptr == v)
+	    	goto found;
+	    break;
+	case GC_VECTOR:
+	    if (gc->u.vec == v)
+	    	goto found;
+	    break;
+	default:
+	    sudo_warnx("unexpected garbage type %d in %p", gc->type, gc);
+	}
+	prev = gc;
+    }
+    return false;
+found:
+    if (prev == NULL)
+	SLIST_REMOVE_HEAD(&sudoers_gc_list, entries);
+    else
+	SLIST_REMOVE_AFTER(prev, entries);
+    return true;
+#else
+    return false;
+#endif /* NO_LEAKS */
+}
+
+#ifdef NO_LEAKS
+static void
+sudoers_gc_run(void)
+{
+    struct sudoers_gc_entry *gc;
+    char **cur;
+    debug_decl(sudoers_gc_run, SUDOERS_DEBUG_UTIL)
+
+    /* Collect garbage. */
+    while ((gc = SLIST_FIRST(&sudoers_gc_list))) {
+	SLIST_REMOVE_HEAD(&sudoers_gc_list, entries);
+	switch (gc->type) {
+	case GC_PTR:
+	    free(gc->u.ptr);
+	    free(gc);
+	    break;
+	case GC_VECTOR:
+	    for (cur = gc->u.vec; *cur != NULL; cur++)
+		free(*cur);
+	    free(gc->u.vec);
+	    free(gc);
+	    break;
+	default:
+	    sudo_warnx("unexpected garbage type %d", gc->type);
+	}
+    }
+
+    debug_return;
+}
+#endif /* NO_LEAKS */
+
+void
+sudoers_gc_init(void)
+{
+#ifdef NO_LEAKS
+    atexit(sudoers_gc_run);
+#endif
+}
diff --git a/plugins/sudoers/gentime.c b/plugins/sudoers/gentime.c
new file mode 100644
index 0000000..eea4595
--- /dev/null
+++ b/plugins/sudoers/gentime.c
@@ -0,0 +1,161 @@
+/*
+ * Copyright (c) 2017 Todd C. Miller <Todd.Miller@sudo.ws>
+ *
+ * Permission to use, copy, modify, and distribute this software for any
+ * purpose with or without fee is hereby granted, provided that the above
+ * copyright notice and this permission notice appear in all copies.
+ *
+ * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
+ * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
+ * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
+ * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
+ * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
+ * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
+ * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
+ */
+
+/*
+ * This is an open source non-commercial project. Dear PVS-Studio, please check it.
+ * PVS-Studio Static Code Analyzer for C, C++ and C#: http://www.viva64.com
+ */
+
+#include <config.h>
+
+#include <sys/types.h>
+#include <stdio.h>
+#include <stdlib.h>
+#ifdef HAVE_STDBOOL_H
+# include <stdbool.h>
+#else
+# include "compat/stdbool.h"
+#endif /* HAVE_STDBOOL_H */
+#ifdef HAVE_STRING_H
+# include <string.h>
+#endif /* HAVE_STRING_H */
+#ifdef HAVE_STRINGS_H
+# include <strings.h>
+#endif /* HAVE_STRINGS_H */
+#include <ctype.h>
+#include <time.h>
+
+#include "sudo_compat.h"
+#include "sudoers_debug.h"
+#include "parse.h"
+
+/*
+ * Parse a timestamp in Generalized Time format as per RFC4517.
+ * E.g. yyyymmddHHMMSS.FZ or yyyymmddHHMMSS.F[+-]TZOFF
+ * where minutes, seconds and fraction are optional.
+ * Returns the time in Unix time format or -1 on error.
+ */
+time_t
+parse_gentime(const char *timestr)
+{
+    char tcopy[sizeof("yyyymmddHHMMSS.F")];
+    const char *cp;
+    time_t result;
+    struct tm tm;
+    size_t len;
+    int items, tzoff = 0;
+    bool islocal = false;
+    debug_decl(parse_gentime, SUDOERS_DEBUG_PARSER)
+
+    /* Make a copy of the time without time zone for easy parsing. */
+    len = strspn(timestr, "0123456789.,");
+    if (len >= sizeof(tcopy)) {
+	sudo_debug_printf(SUDO_DEBUG_ERROR|SUDO_DEBUG_LINENO,
+	    "unable to parse general time string %s", timestr);
+	debug_return_time_t(-1);
+    }
+    memcpy(tcopy, timestr, len);
+    tcopy[len] = '\0';
+
+    /* Parse general time, ignoring the timezone for now. */
+    memset(&tm, 0, sizeof(tm));
+    items = sscanf(tcopy, "%4d%2d%2d%2d%2d%2d", &tm.tm_year, &tm.tm_mon,
+	&tm.tm_mday, &tm.tm_hour, &tm.tm_min, &tm.tm_sec);
+    if (items == EOF || items < 4) {
+	sudo_debug_printf(SUDO_DEBUG_ERROR|SUDO_DEBUG_LINENO,
+	    "only parsed %d items in general time string %s", items, timestr); 
+	debug_return_time_t(-1);
+    }
+    cp = timestr + ((items + 1) * 2);
+
+    /* Parse optional fractional hours/minute/second if present. */
+    if ((cp[0] == '.' || cp[0] == ',') && isdigit((unsigned char)cp[1])) {
+	int frac = cp[1] - '0';
+	switch (items) {
+	case 4:
+	    /* convert fractional hour -> minutes */
+	    tm.tm_min += 60 / 10 * frac;
+	    break;
+	case 5:
+	    /* convert fractional minute -> seconds */
+	    tm.tm_sec += 60 / 10 * frac;
+	    break;
+	case 6:
+	    /* ignore fractional second */
+	    break;
+	}
+	cp += 2;	/* skip over radix and fraction */
+    }
+
+    switch (*cp) {
+    case '-':
+    case '+': {
+	int hour = 0, min = 0;
+
+	/* No DST */
+	tm.tm_isdst = 0;
+	/* parse time zone offset */
+	items = sscanf(cp + 1, "%2d%2d", &hour, &min);
+	if (items == EOF || items < 1) {
+	    sudo_debug_printf(SUDO_DEBUG_ERROR|SUDO_DEBUG_LINENO,
+		"unable to parse time zone offset in %s, items %d",
+		timestr, items);
+	    debug_return_time_t(-1);
+	}
+	if (*cp == '-')
+	    tzoff = -((hour * 60) + min) * 60;
+	else
+	    tzoff = ((hour * 60) + min) * 60;
+	cp += 1 + (items * 2);
+	break;
+    }
+    case 'Z':
+	/* GMT/UTC, no DST */
+	tm.tm_isdst = 0;
+	cp++;
+	break;
+    case '\0':
+	/* no zone specified, use local time */
+	tm.tm_isdst = -1;
+	islocal = true;
+	break;
+    default:
+	sudo_debug_printf(SUDO_DEBUG_ERROR|SUDO_DEBUG_LINENO,
+	    "unable to parse general time string %s", timestr);
+	debug_return_time_t(-1);
+    }
+    if (*cp != '\0') {
+	sudo_debug_printf(SUDO_DEBUG_ERROR|SUDO_DEBUG_LINENO,
+	    "trailing garbage in general time string %s", timestr);
+	debug_return_time_t(-1);
+    }
+
+    /* Adjust from Generalized Time to struct tm */
+    tm.tm_year -= 1900;
+    tm.tm_mon--;
+
+    result = mktime(&tm);
+    if (result != -1) {
+	if (!islocal) {
+	    /* Not local time, convert to GMT */
+	    result += get_gmtoff(&result);
+	    /* Adjust time based on supplied GMT offset. */
+	    result -= tzoff;
+	}
+    }
+
+    debug_return_time_t(result);
+}
diff --git a/plugins/sudoers/getdate.c b/plugins/sudoers/getdate.c
new file mode 100644
index 0000000..a625d04
--- /dev/null
+++ b/plugins/sudoers/getdate.c
@@ -0,0 +1,1582 @@
+/*
+ * This is an open source non-commercial project. Dear PVS-Studio, please check it.
+ * PVS-Studio Static Code Analyzer for C, C++ and C#: http://www.viva64.com
+ */
+
+#include <config.h>
+#include <stdlib.h>
+#include <string.h>
+#define YYBYACC 1
+#define YYMAJOR 1
+#define YYMINOR 9
+#define YYLEX yylex()
+#define YYEMPTY -1
+#define yyclearin (yychar=(YYEMPTY))
+#define yyerrok (yyerrflag=0)
+#define YYRECOVERING() (yyerrflag!=0)
+#define YYPREFIX "yy"
+#line 2 "getdate.y"
+/*
+**  Originally written by Steven M. Bellovin <smb@research.att.com> while
+**  at the University of North Carolina at Chapel Hill.  Later tweaked by
+**  a couple of people on Usenet.  Completely overhauled by Rich $alz
+**  <rsalz@bbn.com> and Jim Berets <jberets@bbn.com> in August, 1990;
+**
+**  This grammar has 10 shift/reduce conflicts.
+**
+**  This code is in the public domain and has no copyright.
+*/
+/* SUPPRESS 287 on yaccpar_sccsid *//* Unused static variable */
+/* SUPPRESS 288 on yyerrlab *//* Label unused */
+
+#include <config.h>
+
+#include <sys/types.h>
+#include <stdio.h>
+#include <stdlib.h>
+#ifdef HAVE_STRING_H
+# include <string.h>
+#endif /* HAVE_STRING_H */
+#ifdef HAVE_STRINGS_H
+# include <strings.h>
+#endif /* HAVE_STRINGS_H */
+#if defined(HAVE_STDINT_H)
+# include <stdint.h>
+#elif defined(HAVE_INTTYPES_H)
+# include <inttypes.h>
+#endif
+#include <time.h>
+#include <limits.h>
+#include <ctype.h>
+
+#include "sudo_compat.h"
+
+
+#define EPOCH		1970
+#define HOUR(x)		((time_t)(x) * 60)
+#define SECSPERDAY	(24L * 60L * 60L)
+
+
+/*
+**  An entry in the lexical lookup table.
+*/
+typedef struct _TABLE {
+    char	*name;
+    int		type;
+    time_t	value;
+} TABLE;
+
+
+/*
+**  Daylight-savings mode:  on, off, or not yet known.
+*/
+typedef enum _DSTMODE {
+    DSTon, DSToff, DSTmaybe
+} DSTMODE;
+
+/*
+**  Meridian:  am, pm, or 24-hour style.
+*/
+typedef enum _MERIDIAN {
+    MERam, MERpm, MER24
+} MERIDIAN;
+
+
+/*
+**  Global variables.  We could get rid of most of these by using a good
+**  union as the yacc stack.  (This routine was originally written before
+**  yacc had the %union construct.)  Maybe someday; right now we only use
+**  the %union very rarely.
+*/
+static char	*yyInput;
+static DSTMODE	yyDSTmode;
+static time_t	yyDayOrdinal;
+static time_t	yyDayNumber;
+static int	yyHaveDate;
+static int	yyHaveDay;
+static int	yyHaveRel;
+static int	yyHaveTime;
+static int	yyHaveZone;
+static time_t	yyTimezone;
+static time_t	yyDay;
+static time_t	yyHour;
+static time_t	yyMinutes;
+static time_t	yyMonth;
+static time_t	yySeconds;
+static time_t	yyYear;
+static MERIDIAN	yyMeridian;
+static time_t	yyRelMonth;
+static time_t	yyRelSeconds;
+
+static int	yyerror(const char *s);
+static int	yylex(void);
+       int	yyparse(void);
+
+#line 100 "getdate.y"
+#ifndef YYSTYPE_DEFINED
+#define YYSTYPE_DEFINED
+typedef union {
+    time_t		Number;
+    enum _MERIDIAN	Meridian;
+} YYSTYPE;
+#endif /* YYSTYPE_DEFINED */
+#line 118 "getdate.c"
+#define tAGO 257
+#define tDAY 258
+#define tDAYZONE 259
+#define tID 260
+#define tMERIDIAN 261
+#define tMINUTE_UNIT 262
+#define tMONTH 263
+#define tMONTH_UNIT 264
+#define tSEC_UNIT 265
+#define tSNUMBER 266
+#define tUNUMBER 267
+#define tZONE 268
+#define tDST 269
+#define YYERRCODE 256
+#if defined(__cplusplus) || defined(__STDC__)
+const short yylhs[] =
+#else
+short yylhs[] =
+#endif
+	{                                        -1,
+    0,    0,    2,    2,    2,    2,    2,    2,    3,    3,
+    3,    3,    3,    4,    4,    4,    6,    6,    6,    5,
+    5,    5,    5,    5,    5,    5,    5,    7,    7,    9,
+    9,    9,    9,    9,    9,    9,    9,    9,    8,    1,
+    1,
+};
+#if defined(__cplusplus) || defined(__STDC__)
+const short yylen[] =
+#else
+short yylen[] =
+#endif
+	{                                         2,
+    0,    2,    1,    1,    1,    1,    1,    1,    2,    4,
+    4,    6,    6,    1,    1,    2,    1,    2,    2,    3,
+    5,    3,    3,    2,    4,    2,    3,    2,    1,    2,
+    2,    1,    2,    2,    1,    2,    2,    1,    1,    0,
+    1,
+};
+#if defined(__cplusplus) || defined(__STDC__)
+const short yydefred[] =
+#else
+short yydefred[] =
+#endif
+	{                                      1,
+    0,    0,   15,   32,    0,   38,   35,    0,    0,    0,
+    2,    3,    4,    5,    6,    7,    8,    0,   18,    0,
+   31,   36,   33,   19,    9,   30,    0,   37,   34,    0,
+    0,    0,   16,   28,    0,   23,   27,   22,    0,    0,
+   25,   41,   11,    0,   10,    0,    0,   21,   13,   12,
+};
+#if defined(__cplusplus) || defined(__STDC__)
+const short yydgoto[] =
+#else
+short yydgoto[] =
+#endif
+	{                                       1,
+   45,   11,   12,   13,   14,   15,   16,   17,   18,
+};
+#if defined(__cplusplus) || defined(__STDC__)
+const short yysindex[] =
+#else
+short yysindex[] =
+#endif
+	{                                      0,
+ -249,  -38,    0,    0, -260,    0,    0, -240,  -47, -248,
+    0,    0,    0,    0,    0,    0,    0, -237,    0,  -18,
+    0,    0,    0,    0,    0,    0, -262,    0,    0, -239,
+ -238, -236,    0,    0, -235,    0,    0,    0,  -56,  -19,
+    0,    0,    0, -234,    0, -232, -258,    0,    0,    0,};
+#if defined(__cplusplus) || defined(__STDC__)
+const short yyrindex[] =
+#else
+short yyrindex[] =
+#endif
+	{                                      0,
+    0,    1,    0,    0,    0,    0,    0,    0,   69,   12,
+    0,    0,    0,    0,    0,    0,    0,   23,    0,   34,
+    0,    0,    0,    0,    0,    0,   67,    0,    0,    0,
+    0,    0,    0,    0,    0,    0,    0,    0,   56,   45,
+    0,    0,    0,    0,    0,    0,   56,    0,    0,    0,};
+#if defined(__cplusplus) || defined(__STDC__)
+const short yygindex[] =
+#else
+short yygindex[] =
+#endif
+	{                                      0,
+  -17,    0,    0,    0,    0,    0,    0,    0,    0,
+};
+#define YYTABLESIZE 337
+#if defined(__cplusplus) || defined(__STDC__)
+const short yytable[] =
+#else
+short yytable[] =
+#endif
+	{                                      32,
+   17,   44,   42,   36,   37,   19,   20,   49,    2,    3,
+   31,   14,    4,    5,    6,    7,    8,    9,   10,   34,
+   33,   21,   29,   22,   23,   35,   38,   46,   39,   50,
+   40,   41,   47,   24,   48,    0,    0,    0,    0,    0,
+    0,    0,    0,    0,   20,    0,    0,    0,    0,    0,
+    0,    0,    0,    0,    0,   40,    0,    0,    0,    0,
+    0,    0,    0,    0,    0,    0,   26,    0,   39,    0,
+    0,    0,    0,    0,    0,    0,    0,    0,    0,    0,
+    0,    0,    0,    0,    0,    0,    0,    0,    0,    0,
+    0,    0,    0,    0,    0,    0,    0,    0,    0,    0,
+    0,    0,    0,    0,    0,    0,    0,    0,    0,    0,
+    0,    0,    0,    0,    0,    0,    0,    0,    0,    0,
+    0,    0,    0,    0,    0,    0,    0,    0,    0,    0,
+    0,    0,    0,    0,    0,    0,    0,    0,    0,    0,
+    0,    0,    0,    0,    0,    0,    0,    0,    0,    0,
+    0,    0,    0,    0,    0,    0,    0,    0,    0,    0,
+    0,    0,    0,    0,    0,    0,    0,    0,    0,    0,
+    0,    0,    0,    0,    0,    0,    0,    0,    0,    0,
+    0,    0,    0,    0,    0,    0,    0,    0,    0,    0,
+    0,    0,    0,    0,    0,    0,    0,    0,    0,    0,
+    0,    0,    0,    0,   42,    0,    0,    0,    0,   43,
+   24,    0,    0,   25,   26,   27,   28,   29,   30,    0,
+    0,    0,    0,    0,    0,    0,    0,    0,    0,    0,
+    0,    0,    0,    0,    0,    0,    0,    0,    0,    0,
+    0,    0,    0,    0,    0,    0,    0,    0,    0,    0,
+    0,    0,    0,    0,    0,    0,    0,    0,   17,   17,
+    0,    0,   17,   17,   17,   17,   17,   17,   17,   14,
+   14,    0,    0,   14,   14,   14,   14,   14,   14,   14,
+   29,   29,    0,    0,   29,   29,   29,   29,   29,   29,
+   29,   24,   24,    0,    0,   24,   24,   24,   24,   24,
+   24,   24,   20,   20,    0,    0,   20,   20,   20,   20,
+   20,   20,   20,   40,   40,    0,    0,   40,   40,   40,
+   40,    0,   40,   40,   26,   26,    0,   39,   26,   26,
+   26,   26,    0,    0,   26,   39,   39,
+};
+#if defined(__cplusplus) || defined(__STDC__)
+const short yycheck[] =
+#else
+short yycheck[] =
+#endif
+	{                                      47,
+    0,   58,  261,  266,  267,   44,  267,  266,  258,  259,
+   58,    0,  262,  263,  264,  265,  266,  267,  268,  257,
+  269,  262,    0,  264,  265,   44,  266,   47,  267,   47,
+  267,  267,  267,    0,  267,   -1,   -1,   -1,   -1,   -1,
+   -1,   -1,   -1,   -1,    0,   -1,   -1,   -1,   -1,   -1,
+   -1,   -1,   -1,   -1,   -1,    0,   -1,   -1,   -1,   -1,
+   -1,   -1,   -1,   -1,   -1,   -1,    0,   -1,    0,   -1,
+   -1,   -1,   -1,   -1,   -1,   -1,   -1,   -1,   -1,   -1,
+   -1,   -1,   -1,   -1,   -1,   -1,   -1,   -1,   -1,   -1,
+   -1,   -1,   -1,   -1,   -1,   -1,   -1,   -1,   -1,   -1,
+   -1,   -1,   -1,   -1,   -1,   -1,   -1,   -1,   -1,   -1,
+   -1,   -1,   -1,   -1,   -1,   -1,   -1,   -1,   -1,   -1,
+   -1,   -1,   -1,   -1,   -1,   -1,   -1,   -1,   -1,   -1,
+   -1,   -1,   -1,   -1,   -1,   -1,   -1,   -1,   -1,   -1,
+   -1,   -1,   -1,   -1,   -1,   -1,   -1,   -1,   -1,   -1,
+   -1,   -1,   -1,   -1,   -1,   -1,   -1,   -1,   -1,   -1,
+   -1,   -1,   -1,   -1,   -1,   -1,   -1,   -1,   -1,   -1,
+   -1,   -1,   -1,   -1,   -1,   -1,   -1,   -1,   -1,   -1,
+   -1,   -1,   -1,   -1,   -1,   -1,   -1,   -1,   -1,   -1,
+   -1,   -1,   -1,   -1,   -1,   -1,   -1,   -1,   -1,   -1,
+   -1,   -1,   -1,   -1,  261,   -1,   -1,   -1,   -1,  266,
+  258,   -1,   -1,  261,  262,  263,  264,  265,  266,   -1,
+   -1,   -1,   -1,   -1,   -1,   -1,   -1,   -1,   -1,   -1,
+   -1,   -1,   -1,   -1,   -1,   -1,   -1,   -1,   -1,   -1,
+   -1,   -1,   -1,   -1,   -1,   -1,   -1,   -1,   -1,   -1,
+   -1,   -1,   -1,   -1,   -1,   -1,   -1,   -1,  258,  259,
+   -1,   -1,  262,  263,  264,  265,  266,  267,  268,  258,
+  259,   -1,   -1,  262,  263,  264,  265,  266,  267,  268,
+  258,  259,   -1,   -1,  262,  263,  264,  265,  266,  267,
+  268,  258,  259,   -1,   -1,  262,  263,  264,  265,  266,
+  267,  268,  258,  259,   -1,   -1,  262,  263,  264,  265,
+  266,  267,  268,  258,  259,   -1,   -1,  262,  263,  264,
+  265,   -1,  267,  268,  258,  259,   -1,  259,  262,  263,
+  264,  265,   -1,   -1,  268,  267,  268,
+};
+#define YYFINAL 1
+#ifndef YYDEBUG
+#define YYDEBUG 0
+#endif
+#define YYMAXTOKEN 269
+#if YYDEBUG
+#if defined(__cplusplus) || defined(__STDC__)
+const char * const yyname[] =
+#else
+char *yyname[] =
+#endif
+	{
+"end-of-file",0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,
+0,0,0,0,0,0,0,0,0,0,"','",0,0,"'/'",0,0,0,0,0,0,0,0,0,0,"':'",0,0,0,0,0,0,0,0,0,
+0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,
+0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,
+0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,
+0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,
+0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,"tAGO","tDAY",
+"tDAYZONE","tID","tMERIDIAN","tMINUTE_UNIT","tMONTH","tMONTH_UNIT","tSEC_UNIT",
+"tSNUMBER","tUNUMBER","tZONE","tDST",
+};
+#if defined(__cplusplus) || defined(__STDC__)
+const char * const yyrule[] =
+#else
+char *yyrule[] =
+#endif
+	{"$accept : spec",
+"spec :",
+"spec : spec item",
+"item : time",
+"item : zone",
+"item : date",
+"item : day",
+"item : rel",
+"item : number",
+"time : tUNUMBER tMERIDIAN",
+"time : tUNUMBER ':' tUNUMBER o_merid",
+"time : tUNUMBER ':' tUNUMBER tSNUMBER",
+"time : tUNUMBER ':' tUNUMBER ':' tUNUMBER o_merid",
+"time : tUNUMBER ':' tUNUMBER ':' tUNUMBER tSNUMBER",
+"zone : tZONE",
+"zone : tDAYZONE",
+"zone : tZONE tDST",
+"day : tDAY",
+"day : tDAY ','",
+"day : tUNUMBER tDAY",
+"date : tUNUMBER '/' tUNUMBER",
+"date : tUNUMBER '/' tUNUMBER '/' tUNUMBER",
+"date : tUNUMBER tSNUMBER tSNUMBER",
+"date : tUNUMBER tMONTH tSNUMBER",
+"date : tMONTH tUNUMBER",
+"date : tMONTH tUNUMBER ',' tUNUMBER",
+"date : tUNUMBER tMONTH",
+"date : tUNUMBER tMONTH tUNUMBER",
+"rel : relunit tAGO",
+"rel : relunit",
+"relunit : tUNUMBER tMINUTE_UNIT",
+"relunit : tSNUMBER tMINUTE_UNIT",
+"relunit : tMINUTE_UNIT",
+"relunit : tSNUMBER tSEC_UNIT",
+"relunit : tUNUMBER tSEC_UNIT",
+"relunit : tSEC_UNIT",
+"relunit : tSNUMBER tMONTH_UNIT",
+"relunit : tUNUMBER tMONTH_UNIT",
+"relunit : tMONTH_UNIT",
+"number : tUNUMBER",
+"o_merid :",
+"o_merid : tMERIDIAN",
+};
+#endif
+#ifdef YYSTACKSIZE
+#undef YYMAXDEPTH
+#define YYMAXDEPTH YYSTACKSIZE
+#else
+#ifdef YYMAXDEPTH
+#define YYSTACKSIZE YYMAXDEPTH
+#else
+#define YYSTACKSIZE 10000
+#define YYMAXDEPTH 10000
+#endif
+#endif
+#define YYINITSTACKSIZE 200
+/* LINTUSED */
+int yydebug;
+int yynerrs;
+int yyerrflag;
+int yychar;
+short *yyssp;
+YYSTYPE *yyvsp;
+YYSTYPE yyval;
+YYSTYPE yylval;
+short *yyss;
+short *yysslim;
+YYSTYPE *yyvs;
+unsigned int yystacksize;
+int yyparse(void);
+#line 319 "getdate.y"
+
+/* Month and day table. */
+static TABLE const MonthDayTable[] = {
+    { "january",	tMONTH,  1 },
+    { "february",	tMONTH,  2 },
+    { "march",		tMONTH,  3 },
+    { "april",		tMONTH,  4 },
+    { "may",		tMONTH,  5 },
+    { "june",		tMONTH,  6 },
+    { "july",		tMONTH,  7 },
+    { "august",		tMONTH,  8 },
+    { "september",	tMONTH,  9 },
+    { "sept",		tMONTH,  9 },
+    { "october",	tMONTH, 10 },
+    { "november",	tMONTH, 11 },
+    { "december",	tMONTH, 12 },
+    { "sunday",		tDAY, 0 },
+    { "monday",		tDAY, 1 },
+    { "tuesday",	tDAY, 2 },
+    { "tues",		tDAY, 2 },
+    { "wednesday",	tDAY, 3 },
+    { "wednes",		tDAY, 3 },
+    { "thursday",	tDAY, 4 },
+    { "thur",		tDAY, 4 },
+    { "thurs",		tDAY, 4 },
+    { "friday",		tDAY, 5 },
+    { "saturday",	tDAY, 6 },
+    { NULL }
+};
+
+/* Time units table. */
+static TABLE const UnitsTable[] = {
+    { "year",		tMONTH_UNIT,	12 },
+    { "month",		tMONTH_UNIT,	1 },
+    { "fortnight",	tMINUTE_UNIT,	14 * 24 * 60 },
+    { "week",		tMINUTE_UNIT,	7 * 24 * 60 },
+    { "day",		tMINUTE_UNIT,	1 * 24 * 60 },
+    { "hour",		tMINUTE_UNIT,	60 },
+    { "minute",		tMINUTE_UNIT,	1 },
+    { "min",		tMINUTE_UNIT,	1 },
+    { "second",		tSEC_UNIT,	1 },
+    { "sec",		tSEC_UNIT,	1 },
+    { NULL }
+};
+
+/* Assorted relative-time words. */
+static TABLE const OtherTable[] = {
+    { "tomorrow",	tMINUTE_UNIT,	1 * 24 * 60 },
+    { "yesterday",	tMINUTE_UNIT,	-1 * 24 * 60 },
+    { "today",		tMINUTE_UNIT,	0 },
+    { "now",		tMINUTE_UNIT,	0 },
+    { "last",		tUNUMBER,	-1 },
+    { "this",		tUNUMBER,	0 },
+    { "next",		tUNUMBER,	2 },
+    { "first",		tUNUMBER,	1 },
+/*  { "second",		tUNUMBER,	2 }, */
+    { "third",		tUNUMBER,	3 },
+    { "fourth",		tUNUMBER,	4 },
+    { "fifth",		tUNUMBER,	5 },
+    { "sixth",		tUNUMBER,	6 },
+    { "seventh",	tUNUMBER,	7 },
+    { "eighth",		tUNUMBER,	8 },
+    { "ninth",		tUNUMBER,	9 },
+    { "tenth",		tUNUMBER,	10 },
+    { "eleventh",	tUNUMBER,	11 },
+    { "twelfth",	tUNUMBER,	12 },
+    { "ago",		tAGO,	1 },
+    { NULL }
+};
+
+/* The timezone table. */
+/* Some of these are commented out because a time_t can't store a float. */
+static TABLE const TimezoneTable[] = {
+    { "gmt",	tZONE,     HOUR( 0) },	/* Greenwich Mean */
+    { "ut",	tZONE,     HOUR( 0) },	/* Universal (Coordinated) */
+    { "utc",	tZONE,     HOUR( 0) },
+    { "wet",	tZONE,     HOUR( 0) },	/* Western European */
+    { "bst",	tDAYZONE,  HOUR( 0) },	/* British Summer */
+    { "wat",	tZONE,     HOUR( 1) },	/* West Africa */
+    { "at",	tZONE,     HOUR( 2) },	/* Azores */
+#if	0
+    /* For completeness.  BST is also British Summer, and GST is
+     * also Guam Standard. */
+    { "bst",	tZONE,     HOUR( 3) },	/* Brazil Standard */
+    { "gst",	tZONE,     HOUR( 3) },	/* Greenland Standard */
+#endif
+#if 0
+    { "nft",	tZONE,     HOUR(3.5) },	/* Newfoundland */
+    { "nst",	tZONE,     HOUR(3.5) },	/* Newfoundland Standard */
+    { "ndt",	tDAYZONE,  HOUR(3.5) },	/* Newfoundland Daylight */
+#endif
+    { "ast",	tZONE,     HOUR( 4) },	/* Atlantic Standard */
+    { "adt",	tDAYZONE,  HOUR( 4) },	/* Atlantic Daylight */
+    { "est",	tZONE,     HOUR( 5) },	/* Eastern Standard */
+    { "edt",	tDAYZONE,  HOUR( 5) },	/* Eastern Daylight */
+    { "cst",	tZONE,     HOUR( 6) },	/* Central Standard */
+    { "cdt",	tDAYZONE,  HOUR( 6) },	/* Central Daylight */
+    { "mst",	tZONE,     HOUR( 7) },	/* Mountain Standard */
+    { "mdt",	tDAYZONE,  HOUR( 7) },	/* Mountain Daylight */
+    { "pst",	tZONE,     HOUR( 8) },	/* Pacific Standard */
+    { "pdt",	tDAYZONE,  HOUR( 8) },	/* Pacific Daylight */
+    { "yst",	tZONE,     HOUR( 9) },	/* Yukon Standard */
+    { "ydt",	tDAYZONE,  HOUR( 9) },	/* Yukon Daylight */
+    { "hst",	tZONE,     HOUR(10) },	/* Hawaii Standard */
+    { "hdt",	tDAYZONE,  HOUR(10) },	/* Hawaii Daylight */
+    { "cat",	tZONE,     HOUR(10) },	/* Central Alaska */
+    { "ahst",	tZONE,     HOUR(10) },	/* Alaska-Hawaii Standard */
+    { "nt",	tZONE,     HOUR(11) },	/* Nome */
+    { "idlw",	tZONE,     HOUR(12) },	/* International Date Line West */
+    { "cet",	tZONE,     -HOUR(1) },	/* Central European */
+    { "met",	tZONE,     -HOUR(1) },	/* Middle European */
+    { "mewt",	tZONE,     -HOUR(1) },	/* Middle European Winter */
+    { "mest",	tDAYZONE,  -HOUR(1) },	/* Middle European Summer */
+    { "swt",	tZONE,     -HOUR(1) },	/* Swedish Winter */
+    { "sst",	tDAYZONE,  -HOUR(1) },	/* Swedish Summer */
+    { "fwt",	tZONE,     -HOUR(1) },	/* French Winter */
+    { "fst",	tDAYZONE,  -HOUR(1) },	/* French Summer */
+    { "eet",	tZONE,     -HOUR(2) },	/* Eastern Europe, USSR Zone 1 */
+    { "bt",	tZONE,     -HOUR(3) },	/* Baghdad, USSR Zone 2 */
+#if 0
+    { "it",	tZONE,     -HOUR(3.5) },/* Iran */
+#endif
+    { "zp4",	tZONE,     -HOUR(4) },	/* USSR Zone 3 */
+    { "zp5",	tZONE,     -HOUR(5) },	/* USSR Zone 4 */
+#if 0
+    { "ist",	tZONE,     -HOUR(5.5) },/* Indian Standard */
+#endif
+    { "zp6",	tZONE,     -HOUR(6) },	/* USSR Zone 5 */
+#if	0
+    /* For completeness.  NST is also Newfoundland Stanard, and SST is
+     * also Swedish Summer. */
+    { "nst",	tZONE,     -HOUR(6.5) },/* North Sumatra */
+    { "sst",	tZONE,     -HOUR(7) },	/* South Sumatra, USSR Zone 6 */
+#endif	/* 0 */
+    { "wast",	tZONE,     -HOUR(7) },	/* West Australian Standard */
+    { "wadt",	tDAYZONE,  -HOUR(7) },	/* West Australian Daylight */
+#if 0
+    { "jt",	tZONE,     -HOUR(7.5) },/* Java (3pm in Cronusland!) */
+#endif
+    { "cct",	tZONE,     -HOUR(8) },	/* China Coast, USSR Zone 7 */
+    { "jst",	tZONE,     -HOUR(9) },	/* Japan Standard, USSR Zone 8 */
+#if 0
+    { "cast",	tZONE,     -HOUR(9.5) },/* Central Australian Standard */
+    { "cadt",	tDAYZONE,  -HOUR(9.5) },/* Central Australian Daylight */
+#endif
+    { "east",	tZONE,     -HOUR(10) },	/* Eastern Australian Standard */
+    { "eadt",	tDAYZONE,  -HOUR(10) },	/* Eastern Australian Daylight */
+    { "gst",	tZONE,     -HOUR(10) },	/* Guam Standard, USSR Zone 9 */
+    { "nzt",	tZONE,     -HOUR(12) },	/* New Zealand */
+    { "nzst",	tZONE,     -HOUR(12) },	/* New Zealand Standard */
+    { "nzdt",	tDAYZONE,  -HOUR(12) },	/* New Zealand Daylight */
+    { "idle",	tZONE,     -HOUR(12) },	/* International Date Line East */
+    {  NULL  }
+};
+
+/* Military timezone table. */
+static TABLE const MilitaryTable[] = {
+    { "a",	tZONE,	HOUR(  1) },
+    { "b",	tZONE,	HOUR(  2) },
+    { "c",	tZONE,	HOUR(  3) },
+    { "d",	tZONE,	HOUR(  4) },
+    { "e",	tZONE,	HOUR(  5) },
+    { "f",	tZONE,	HOUR(  6) },
+    { "g",	tZONE,	HOUR(  7) },
+    { "h",	tZONE,	HOUR(  8) },
+    { "i",	tZONE,	HOUR(  9) },
+    { "k",	tZONE,	HOUR( 10) },
+    { "l",	tZONE,	HOUR( 11) },
+    { "m",	tZONE,	HOUR( 12) },
+    { "n",	tZONE,	HOUR(- 1) },
+    { "o",	tZONE,	HOUR(- 2) },
+    { "p",	tZONE,	HOUR(- 3) },
+    { "q",	tZONE,	HOUR(- 4) },
+    { "r",	tZONE,	HOUR(- 5) },
+    { "s",	tZONE,	HOUR(- 6) },
+    { "t",	tZONE,	HOUR(- 7) },
+    { "u",	tZONE,	HOUR(- 8) },
+    { "v",	tZONE,	HOUR(- 9) },
+    { "w",	tZONE,	HOUR(-10) },
+    { "x",	tZONE,	HOUR(-11) },
+    { "y",	tZONE,	HOUR(-12) },
+    { "z",	tZONE,	HOUR(  0) },
+    { NULL }
+};
+
+
+
+
+/* ARGSUSED */
+static int
+yyerror(const char *s)
+{
+  return 0;
+}
+
+
+static time_t
+ToSeconds(time_t Hours, time_t Minutes, time_t Seconds, MERIDIAN Meridian)
+{
+    if (Minutes < 0 || Minutes > 59 || Seconds < 0 || Seconds > 59)
+	return -1;
+    switch (Meridian) {
+    case MER24:
+	if (Hours < 0 || Hours > 23)
+	    return -1;
+	return (Hours * 60L + Minutes) * 60L + Seconds;
+    case MERam:
+	if (Hours < 1 || Hours > 12)
+	    return -1;
+	if (Hours == 12)
+	    Hours = 0;
+	return (Hours * 60L + Minutes) * 60L + Seconds;
+    case MERpm:
+	if (Hours < 1 || Hours > 12)
+	    return -1;
+	if (Hours == 12)
+	    Hours = 0;
+	return ((Hours + 12) * 60L + Minutes) * 60L + Seconds;
+    default:
+	abort ();
+    }
+    /* NOTREACHED */
+}
+
+
+/* Year is either
+   * A negative number, which means to use its absolute value (why?)
+   * A number from 0 to 99, which means a year from 1900 to 1999, or
+   * The actual year (>=100).  */
+static time_t
+Convert(time_t Month, time_t Day, time_t Year, time_t Hours, time_t Minutes,
+    time_t Seconds, MERIDIAN Meridian, DSTMODE DSTmode)
+{
+    static int DaysInMonth[12] = {
+	31, 0, 31, 30, 31, 30, 31, 31, 30, 31, 30, 31
+    };
+    struct tm	*tm;
+    time_t	tod;
+    time_t	Julian;
+    int		i;
+
+    if (Year < 0)
+	Year = -Year;
+    if (Year < 69)
+	Year += 2000;
+    else if (Year < 100) {
+	Year += 1900;
+	if (Year < EPOCH)
+		Year += 100;
+    }
+    DaysInMonth[1] = Year % 4 == 0 && (Year % 100 != 0 || Year % 400 == 0)
+		    ? 29 : 28;
+    /* 32-bit time_t cannot represent years past 2038 */
+    if (Year < EPOCH || (sizeof(time_t) == sizeof(int) && Year > 2038)
+     || Month < 1 || Month > 12
+     /* Lint fluff:  "conversion from long may lose accuracy" */
+     || Day < 1 || Day > DaysInMonth[(int)--Month])
+	return -1;
+
+    for (Julian = Day - 1, i = 0; i < Month; i++)
+	Julian += DaysInMonth[i];
+    for (i = EPOCH; i < Year; i++)
+	Julian += 365 + (i % 4 == 0);
+    Julian *= SECSPERDAY;
+    Julian += yyTimezone * 60L;
+    if ((tod = ToSeconds(Hours, Minutes, Seconds, Meridian)) < 0)
+	return -1;
+    Julian += tod;
+    if (DSTmode == DSTon
+     || (DSTmode == DSTmaybe && (tm = localtime(&Julian)) && tm->tm_isdst))
+	Julian -= 60 * 60;
+    return Julian;
+}
+
+
+static time_t
+DSTcorrect(time_t Start, time_t Future)
+{
+    struct tm	*start_tm;
+    struct tm	*future_tm;
+    time_t	StartDay;
+    time_t	FutureDay;
+
+    start_tm = localtime(&Start);
+    future_tm = localtime(&Future);
+    if (!start_tm || !future_tm)
+	return -1;
+
+    StartDay = (start_tm->tm_hour + 1) % 24;
+    FutureDay = (future_tm->tm_hour + 1) % 24;
+    return (Future - Start) + (StartDay - FutureDay) * 60L * 60L;
+}
+
+
+static time_t
+RelativeDate(time_t Start, time_t DayOrdinal, time_t DayNumber)
+{
+    struct tm	*tm;
+    time_t	now;
+
+    now = Start;
+    if (!(tm = localtime(&now)))
+	return -1;
+    now += SECSPERDAY * ((DayNumber - tm->tm_wday + 7) % 7);
+    now += 7 * SECSPERDAY * (DayOrdinal <= 0 ? DayOrdinal : DayOrdinal - 1);
+    return DSTcorrect(Start, now);
+}
+
+
+static time_t
+RelativeMonth(time_t Start, time_t RelMonth)
+{
+    struct tm	*tm;
+    time_t	Month;
+    time_t	Year;
+
+    if (RelMonth == 0)
+	return 0;
+    if (!(tm = localtime(&Start)))
+	return -1;
+    Month = 12 * (tm->tm_year + 1900) + tm->tm_mon + RelMonth;
+    Year = Month / 12;
+    Month = Month % 12 + 1;
+    return DSTcorrect(Start,
+	    Convert(Month, (time_t)tm->tm_mday, Year,
+		(time_t)tm->tm_hour, (time_t)tm->tm_min, (time_t)tm->tm_sec,
+		MER24, DSTmaybe));
+}
+
+
+static int
+LookupWord(char *buff)
+{
+    char		*p;
+    char		*q;
+    const TABLE		*tp;
+    int			i;
+    int			abbrev;
+
+    /* Make it lowercase. */
+    for (p = buff; *p; p++)
+	if (isupper((unsigned char)*p))
+	    *p = tolower((unsigned char)*p);
+
+    if (strcmp(buff, "am") == 0 || strcmp(buff, "a.m.") == 0) {
+	yylval.Meridian = MERam;
+	return tMERIDIAN;
+    }
+    if (strcmp(buff, "pm") == 0 || strcmp(buff, "p.m.") == 0) {
+	yylval.Meridian = MERpm;
+	return tMERIDIAN;
+    }
+
+    /* See if we have an abbreviation for a month. */
+    if (strlen(buff) == 3)
+	abbrev = 1;
+    else if (strlen(buff) == 4 && buff[3] == '.') {
+	abbrev = 1;
+	buff[3] = '\0';
+    }
+    else
+	abbrev = 0;
+
+    for (tp = MonthDayTable; tp->name; tp++) {
+	if (abbrev) {
+	    if (strncmp(buff, tp->name, 3) == 0) {
+		yylval.Number = tp->value;
+		return tp->type;
+	    }
+	}
+	else if (strcmp(buff, tp->name) == 0) {
+	    yylval.Number = tp->value;
+	    return tp->type;
+	}
+    }
+
+    for (tp = TimezoneTable; tp->name; tp++)
+	if (strcmp(buff, tp->name) == 0) {
+	    yylval.Number = tp->value;
+	    return tp->type;
+	}
+
+    if (strcmp(buff, "dst") == 0) 
+	return tDST;
+
+    for (tp = UnitsTable; tp->name; tp++)
+	if (strcmp(buff, tp->name) == 0) {
+	    yylval.Number = tp->value;
+	    return tp->type;
+	}
+
+    /* Strip off any plural and try the units table again. */
+    i = strlen(buff) - 1;
+    if (buff[i] == 's') {
+	buff[i] = '\0';
+	for (tp = UnitsTable; tp->name; tp++)
+	    if (strcmp(buff, tp->name) == 0) {
+		yylval.Number = tp->value;
+		return tp->type;
+	    }
+	buff[i] = 's';		/* Put back for "this" in OtherTable. */
+    }
+
+    for (tp = OtherTable; tp->name; tp++)
+	if (strcmp(buff, tp->name) == 0) {
+	    yylval.Number = tp->value;
+	    return tp->type;
+	}
+
+    /* Military timezones. */
+    if (buff[1] == '\0' && isalpha((unsigned char)*buff)) {
+	for (tp = MilitaryTable; tp->name; tp++)
+	    if (strcmp(buff, tp->name) == 0) {
+		yylval.Number = tp->value;
+		return tp->type;
+	    }
+    }
+
+    /* Drop out any periods and try the timezone table again. */
+    for (i = 0, p = q = buff; *q; q++)
+	if (*q != '.')
+	    *p++ = *q;
+	else
+	    i++;
+    *p = '\0';
+    if (i)
+	for (tp = TimezoneTable; tp->name; tp++)
+	    if (strcmp(buff, tp->name) == 0) {
+		yylval.Number = tp->value;
+		return tp->type;
+	    }
+
+    return tID;
+}
+
+
+static int
+yylex(void)
+{
+    char		c;
+    char		*p;
+    char		buff[20];
+    int			Count;
+    int			sign;
+
+    for ( ; ; ) {
+	while (isspace((unsigned char)*yyInput))
+	    yyInput++;
+
+	if (isdigit((unsigned char)(c = *yyInput)) || c == '-' || c == '+') {
+	    if (c == '-' || c == '+') {
+		sign = c == '-' ? -1 : 1;
+		if (!isdigit((unsigned char)*++yyInput))
+		    /* skip the '-' sign */
+		    continue;
+	    }
+	    else
+		sign = 0;
+	    for (yylval.Number = 0; isdigit((unsigned char)(c = *yyInput++)); )
+		yylval.Number = 10 * yylval.Number + c - '0';
+	    yyInput--;
+	    if (sign < 0)
+		yylval.Number = -yylval.Number;
+	    return sign ? tSNUMBER : tUNUMBER;
+	}
+	if (isalpha((unsigned char)c)) {
+	    for (p = buff; isalpha((unsigned char)(c = *yyInput++)) || c == '.'; )
+		if (p < &buff[sizeof buff - 1])
+		    *p++ = c;
+	    *p = '\0';
+	    yyInput--;
+	    return LookupWord(buff);
+	}
+	if (c != '(')
+	    return *yyInput++;
+	Count = 0;
+	do {
+	    c = *yyInput++;
+	    if (c == '\0')
+		return c;
+	    if (c == '(')
+		Count++;
+	    else if (c == ')')
+		Count--;
+	} while (Count > 0);
+    }
+}
+
+#define TM_YEAR_ORIGIN 1900
+
+/* Yield A - B, measured in seconds.  */
+static long
+difftm(struct tm *a, struct tm *b)
+{
+  int ay = a->tm_year + (TM_YEAR_ORIGIN - 1);
+  int by = b->tm_year + (TM_YEAR_ORIGIN - 1);
+  int days = (
+	      /* difference in day of year */
+	      a->tm_yday - b->tm_yday
+	      /* + intervening leap days */
+	      +  ((ay >> 2) - (by >> 2))
+	      -  (ay/100 - by/100)
+	      +  ((ay/100 >> 2) - (by/100 >> 2))
+	      /* + difference in years * 365 */
+	      +  (long)(ay-by) * 365
+	      );
+  return (60*(60*(24*days + (a->tm_hour - b->tm_hour))
+	      + (a->tm_min - b->tm_min))
+	  + (a->tm_sec - b->tm_sec));
+}
+
+time_t
+get_date(char *p)
+{
+    struct tm		*tm, *gmt, gmtbuf;
+    time_t		Start;
+    time_t		tod;
+    time_t		now;
+    time_t		timezone;
+
+    yyInput = p;
+    (void)time (&now);
+
+    gmt = gmtime (&now);
+    if (gmt != NULL)
+    {
+	/* Make a copy, in case localtime modifies *tm (I think
+	   that comment now applies to *gmt, but I am too
+	   lazy to dig into how gmtime and locatime allocate the
+	   structures they return pointers to).  */
+	gmtbuf = *gmt;
+	gmt = &gmtbuf;
+    }
+
+    if (! (tm = localtime (&now)))
+	return -1;
+
+    if (gmt != NULL)
+	timezone = difftm (gmt, tm) / 60;
+    else
+	/* We are on a system like VMS, where the system clock is
+	   in local time and the system has no concept of timezones.
+	   Hopefully we can fake this out (for the case in which the
+	   user specifies no timezone) by just saying the timezone
+	   is zero.  */
+	timezone = 0;
+
+    if(tm->tm_isdst)
+	timezone += 60;
+
+    yyYear = tm->tm_year + 1900;
+    yyMonth = tm->tm_mon + 1;
+    yyDay = tm->tm_mday;
+    yyTimezone = timezone;
+    yyDSTmode = DSTmaybe;
+    yyHour = 0;
+    yyMinutes = 0;
+    yySeconds = 0;
+    yyMeridian = MER24;
+    yyRelSeconds = 0;
+    yyRelMonth = 0;
+    yyHaveDate = 0;
+    yyHaveDay = 0;
+    yyHaveRel = 0;
+    yyHaveTime = 0;
+    yyHaveZone = 0;
+
+    if (yyparse()
+     || yyHaveTime > 1 || yyHaveZone > 1 || yyHaveDate > 1 || yyHaveDay > 1)
+	return -1;
+
+    if (yyHaveDate || yyHaveTime || yyHaveDay) {
+	Start = Convert(yyMonth, yyDay, yyYear, yyHour, yyMinutes, yySeconds,
+		    yyMeridian, yyDSTmode);
+	if (Start < 0)
+	    return -1;
+    }
+    else {
+	Start = now;
+	if (!yyHaveRel)
+	    Start -= ((tm->tm_hour * 60L + tm->tm_min) * 60L) + tm->tm_sec;
+    }
+
+    Start += yyRelSeconds;
+    Start += RelativeMonth(Start, yyRelMonth);
+
+    if (yyHaveDay && !yyHaveDate) {
+	tod = RelativeDate(Start, yyDayOrdinal, yyDayNumber);
+	Start += tod;
+    }
+
+    /* Have to do *something* with a legitimate -1 so it's distinguishable
+     * from the error return value.  (Alternately could set errno on error.) */
+    return Start == -1 ? 0 : Start;
+}
+
+
+#ifdef TEST
+
+/* ARGSUSED */
+int
+main(int argc, char *argv[])
+{
+    char	buff[128];
+    time_t	d;
+
+    (void)printf("Enter date, or blank line to exit.\n\t> ");
+    (void)fflush(stdout);
+    while (fgets(buff, sizeof(buff), stdin) && buff[0]) {
+	d = get_date(buff);
+	if (d == -1)
+	    (void)printf("Bad format - couldn't convert.\n");
+	else
+	    (void)printf("%s", ctime(&d));
+	(void)printf("\t> ");
+	(void)fflush(stdout);
+    }
+    exit(0);
+    /* NOTREACHED */
+}
+#endif	/* TEST */
+#line 957 "getdate.c"
+/* allocate initial stack or double stack size, up to YYMAXDEPTH */
+#if defined(__cplusplus) || defined(__STDC__)
+static int yygrowstack(void)
+#else
+static int yygrowstack()
+#endif
+{
+    unsigned int newsize;
+    long sslen;
+    short *newss;
+    YYSTYPE *newvs;
+
+    if ((newsize = yystacksize) == 0)
+        newsize = YYINITSTACKSIZE;
+    else if (newsize >= YYMAXDEPTH)
+        return -1;
+    else if ((newsize *= 2) > YYMAXDEPTH)
+        newsize = YYMAXDEPTH;
+#ifdef SIZE_MAX
+#define YY_SIZE_MAX SIZE_MAX
+#else
+#ifdef __STDC__
+#define YY_SIZE_MAX 0xffffffffU
+#else
+#define YY_SIZE_MAX (unsigned int)0xffffffff
+#endif
+#endif
+    if (YY_SIZE_MAX / newsize < sizeof *newss)
+        goto bail;
+    sslen = yyssp - yyss;
+    newss = yyss ? (short *)realloc(yyss, newsize * sizeof *newss) :
+      (short *)malloc(newsize * sizeof *newss); /* overflow check above */
+    if (newss == NULL)
+        goto bail;
+    yyss = newss;
+    yyssp = newss + sslen;
+    newvs = yyvs ? (YYSTYPE *)realloc(yyvs, newsize * sizeof *newvs) :
+      (YYSTYPE *)malloc(newsize * sizeof *newvs); /* overflow check above */
+    if (newvs == NULL)
+        goto bail;
+    yyvs = newvs;
+    yyvsp = newvs + sslen;
+    yystacksize = newsize;
+    yysslim = yyss + newsize - 1;
+    return 0;
+bail:
+    if (yyss)
+            free(yyss);
+    if (yyvs)
+            free(yyvs);
+    yyss = yyssp = NULL;
+    yyvs = yyvsp = NULL;
+    yystacksize = 0;
+    return -1;
+}
+
+#define YYABORT goto yyabort
+#define YYREJECT goto yyabort
+#define YYACCEPT goto yyaccept
+#define YYERROR goto yyerrlab
+int
+#if defined(__cplusplus) || defined(__STDC__)
+yyparse(void)
+#else
+yyparse()
+#endif
+{
+    int yym, yyn, yystate;
+#if YYDEBUG
+#if defined(__cplusplus) || defined(__STDC__)
+    const char *yys;
+#else /* !(defined(__cplusplus) || defined(__STDC__)) */
+    char *yys;
+#endif /* !(defined(__cplusplus) || defined(__STDC__)) */
+
+    if ((yys = getenv("YYDEBUG")))
+    {
+        yyn = *yys;
+        if (yyn >= '0' && yyn <= '9')
+            yydebug = yyn - '0';
+    }
+#endif /* YYDEBUG */
+
+    yynerrs = 0;
+    yyerrflag = 0;
+    yychar = (-1);
+
+    if (yyss == NULL && yygrowstack()) goto yyoverflow;
+    yyssp = yyss;
+    yyvsp = yyvs;
+    *yyssp = yystate = 0;
+
+yyloop:
+    if ((yyn = yydefred[yystate]) != 0) goto yyreduce;
+    if (yychar < 0)
+    {
+        if ((yychar = yylex()) < 0) yychar = 0;
+#if YYDEBUG
+        if (yydebug)
+        {
+            yys = 0;
+            if (yychar <= YYMAXTOKEN) yys = yyname[yychar];
+            if (!yys) yys = "illegal-symbol";
+            printf("%sdebug: state %d, reading %d (%s)\n",
+                    YYPREFIX, yystate, yychar, yys);
+        }
+#endif
+    }
+    if ((yyn = yysindex[yystate]) && (yyn += yychar) >= 0 &&
+            yyn <= YYTABLESIZE && yycheck[yyn] == yychar)
+    {
+#if YYDEBUG
+        if (yydebug)
+            printf("%sdebug: state %d, shifting to state %d\n",
+                    YYPREFIX, yystate, yytable[yyn]);
+#endif
+        if (yyssp >= yysslim && yygrowstack())
+        {
+            goto yyoverflow;
+        }
+        *++yyssp = yystate = yytable[yyn];
+        *++yyvsp = yylval;
+        yychar = (-1);
+        if (yyerrflag > 0)  --yyerrflag;
+        goto yyloop;
+    }
+    if ((yyn = yyrindex[yystate]) && (yyn += yychar) >= 0 &&
+            yyn <= YYTABLESIZE && yycheck[yyn] == yychar)
+    {
+        yyn = yytable[yyn];
+        goto yyreduce;
+    }
+    if (yyerrflag) goto yyinrecovery;
+#if defined(__GNUC__)
+    goto yynewerror;
+#endif
+yynewerror:
+    yyerror("syntax error");
+#if defined(__GNUC__)
+    goto yyerrlab;
+#endif
+yyerrlab:
+    ++yynerrs;
+yyinrecovery:
+    if (yyerrflag < 3)
+    {
+        yyerrflag = 3;
+        for (;;)
+        {
+            if ((yyn = yysindex[*yyssp]) && (yyn += YYERRCODE) >= 0 &&
+                    yyn <= YYTABLESIZE && yycheck[yyn] == YYERRCODE)
+            {
+#if YYDEBUG
+                if (yydebug)
+                    printf("%sdebug: state %d, error recovery shifting\
+ to state %d\n", YYPREFIX, *yyssp, yytable[yyn]);
+#endif
+                if (yyssp >= yysslim && yygrowstack())
+                {
+                    goto yyoverflow;
+                }
+                *++yyssp = yystate = yytable[yyn];
+                *++yyvsp = yylval;
+                goto yyloop;
+            }
+            else
+            {
+#if YYDEBUG
+                if (yydebug)
+                    printf("%sdebug: error recovery discarding state %d\n",
+                            YYPREFIX, *yyssp);
+#endif
+                if (yyssp <= yyss) goto yyabort;
+                --yyssp;
+                --yyvsp;
+            }
+        }
+    }
+    else
+    {
+        if (yychar == 0) goto yyabort;
+#if YYDEBUG
+        if (yydebug)
+        {
+            yys = 0;
+            if (yychar <= YYMAXTOKEN) yys = yyname[yychar];
+            if (!yys) yys = "illegal-symbol";
+            printf("%sdebug: state %d, error recovery discards token %d (%s)\n",
+                    YYPREFIX, yystate, yychar, yys);
+        }
+#endif
+        yychar = (-1);
+        goto yyloop;
+    }
+yyreduce:
+#if YYDEBUG
+    if (yydebug)
+        printf("%sdebug: state %d, reducing by rule %d (%s)\n",
+                YYPREFIX, yystate, yyn, yyrule[yyn]);
+#endif
+    yym = yylen[yyn];
+    if (yym)
+        yyval = yyvsp[1-yym];
+    else
+        memset(&yyval, 0, sizeof yyval);
+    switch (yyn)
+    {
+case 3:
+#line 118 "getdate.y"
+{
+	    yyHaveTime++;
+	}
+break;
+case 4:
+#line 121 "getdate.y"
+{
+	    yyHaveZone++;
+	}
+break;
+case 5:
+#line 124 "getdate.y"
+{
+	    yyHaveDate++;
+	}
+break;
+case 6:
+#line 127 "getdate.y"
+{
+	    yyHaveDay++;
+	}
+break;
+case 7:
+#line 130 "getdate.y"
+{
+	    yyHaveRel++;
+	}
+break;
+case 9:
+#line 136 "getdate.y"
+{
+	    yyHour = yyvsp[-1].Number;
+	    yyMinutes = 0;
+	    yySeconds = 0;
+	    yyMeridian = yyvsp[0].Meridian;
+	}
+break;
+case 10:
+#line 142 "getdate.y"
+{
+	    yyHour = yyvsp[-3].Number;
+	    yyMinutes = yyvsp[-1].Number;
+	    yySeconds = 0;
+	    yyMeridian = yyvsp[0].Meridian;
+	}
+break;
+case 11:
+#line 148 "getdate.y"
+{
+	    yyHour = yyvsp[-3].Number;
+	    yyMinutes = yyvsp[-1].Number;
+	    yyMeridian = MER24;
+	    yyDSTmode = DSToff;
+	    yyTimezone = - (yyvsp[0].Number % 100 + (yyvsp[0].Number / 100) * 60);
+	}
+break;
+case 12:
+#line 155 "getdate.y"
+{
+	    yyHour = yyvsp[-5].Number;
+	    yyMinutes = yyvsp[-3].Number;
+	    yySeconds = yyvsp[-1].Number;
+	    yyMeridian = yyvsp[0].Meridian;
+	}
+break;
+case 13:
+#line 161 "getdate.y"
+{
+	    yyHour = yyvsp[-5].Number;
+	    yyMinutes = yyvsp[-3].Number;
+	    yySeconds = yyvsp[-1].Number;
+	    yyMeridian = MER24;
+	    yyDSTmode = DSToff;
+	    yyTimezone = - (yyvsp[0].Number % 100 + (yyvsp[0].Number / 100) * 60);
+	}
+break;
+case 14:
+#line 171 "getdate.y"
+{
+	    yyTimezone = yyvsp[0].Number;
+	    yyDSTmode = DSToff;
+	}
+break;
+case 15:
+#line 175 "getdate.y"
+{
+	    yyTimezone = yyvsp[0].Number;
+	    yyDSTmode = DSTon;
+	}
+break;
+case 16:
+#line 180 "getdate.y"
+{
+	    yyTimezone = yyvsp[-1].Number;
+	    yyDSTmode = DSTon;
+	}
+break;
+case 17:
+#line 186 "getdate.y"
+{
+	    yyDayOrdinal = 1;
+	    yyDayNumber = yyvsp[0].Number;
+	}
+break;
+case 18:
+#line 190 "getdate.y"
+{
+	    yyDayOrdinal = 1;
+	    yyDayNumber = yyvsp[-1].Number;
+	}
+break;
+case 19:
+#line 194 "getdate.y"
+{
+	    yyDayOrdinal = yyvsp[-1].Number;
+	    yyDayNumber = yyvsp[0].Number;
+	}
+break;
+case 20:
+#line 200 "getdate.y"
+{
+	    yyMonth = yyvsp[-2].Number;
+	    yyDay = yyvsp[0].Number;
+	}
+break;
+case 21:
+#line 204 "getdate.y"
+{
+	    if (yyvsp[-4].Number >= 100) {
+		yyYear = yyvsp[-4].Number;
+		yyMonth = yyvsp[-2].Number;
+		yyDay = yyvsp[0].Number;
+	    } else {
+		yyMonth = yyvsp[-4].Number;
+		yyDay = yyvsp[-2].Number;
+		yyYear = yyvsp[0].Number;
+	    }
+	}
+break;
+case 22:
+#line 215 "getdate.y"
+{
+	    /* ISO 8601 format.  yyyy-mm-dd.  */
+	    yyYear = yyvsp[-2].Number;
+	    yyMonth = -yyvsp[-1].Number;
+	    yyDay = -yyvsp[0].Number;
+	}
+break;
+case 23:
+#line 221 "getdate.y"
+{
+	    /* e.g. 17-JUN-1992.  */
+	    yyDay = yyvsp[-2].Number;
+	    yyMonth = yyvsp[-1].Number;
+	    yyYear = -yyvsp[0].Number;
+	}
+break;
+case 24:
+#line 227 "getdate.y"
+{
+	    yyMonth = yyvsp[-1].Number;
+	    yyDay = yyvsp[0].Number;
+	}
+break;
+case 25:
+#line 231 "getdate.y"
+{
+	    yyMonth = yyvsp[-3].Number;
+	    yyDay = yyvsp[-2].Number;
+	    yyYear = yyvsp[0].Number;
+	}
+break;
+case 26:
+#line 236 "getdate.y"
+{
+	    yyMonth = yyvsp[0].Number;
+	    yyDay = yyvsp[-1].Number;
+	}
+break;
+case 27:
+#line 240 "getdate.y"
+{
+	    yyMonth = yyvsp[-1].Number;
+	    yyDay = yyvsp[-2].Number;
+	    yyYear = yyvsp[0].Number;
+	}
+break;
+case 28:
+#line 247 "getdate.y"
+{
+	    yyRelSeconds = -yyRelSeconds;
+	    yyRelMonth = -yyRelMonth;
+	}
+break;
+case 30:
+#line 254 "getdate.y"
+{
+	    yyRelSeconds += yyvsp[-1].Number * yyvsp[0].Number * 60L;
+	}
+break;
+case 31:
+#line 257 "getdate.y"
+{
+	    yyRelSeconds += yyvsp[-1].Number * yyvsp[0].Number * 60L;
+	}
+break;
+case 32:
+#line 260 "getdate.y"
+{
+	    yyRelSeconds += yyvsp[0].Number * 60L;
+	}
+break;
+case 33:
+#line 263 "getdate.y"
+{
+	    yyRelSeconds += yyvsp[-1].Number;
+	}
+break;
+case 34:
+#line 266 "getdate.y"
+{
+	    yyRelSeconds += yyvsp[-1].Number;
+	}
+break;
+case 35:
+#line 269 "getdate.y"
+{
+	    yyRelSeconds++;
+	}
+break;
+case 36:
+#line 272 "getdate.y"
+{
+	    yyRelMonth += yyvsp[-1].Number * yyvsp[0].Number;
+	}
+break;
+case 37:
+#line 275 "getdate.y"
+{
+	    yyRelMonth += yyvsp[-1].Number * yyvsp[0].Number;
+	}
+break;
+case 38:
+#line 278 "getdate.y"
+{
+	    yyRelMonth += yyvsp[0].Number;
+	}
+break;
+case 39:
+#line 283 "getdate.y"
+{
+	    if (yyHaveTime && yyHaveDate && !yyHaveRel)
+		yyYear = yyvsp[0].Number;
+	    else {
+		if(yyvsp[0].Number>10000) {
+		    yyHaveDate++;
+		    yyDay= (yyvsp[0].Number)%100;
+		    yyMonth= (yyvsp[0].Number/100)%100;
+		    yyYear = yyvsp[0].Number/10000;
+		}
+		else {
+		    yyHaveTime++;
+		    if (yyvsp[0].Number < 100) {
+			yyHour = yyvsp[0].Number;
+			yyMinutes = 0;
+		    }
+		    else {
+		    	yyHour = yyvsp[0].Number / 100;
+		    	yyMinutes = yyvsp[0].Number % 100;
+		    }
+		    yySeconds = 0;
+		    yyMeridian = MER24;
+	        }
+	    }
+	}
+break;
+case 40:
+#line 310 "getdate.y"
+{
+	    yyval.Meridian = MER24;
+	}
+break;
+case 41:
+#line 313 "getdate.y"
+{
+	    yyval.Meridian = yyvsp[0].Meridian;
+	}
+break;
+#line 1455 "getdate.c"
+    }
+    yyssp -= yym;
+    yystate = *yyssp;
+    yyvsp -= yym;
+    yym = yylhs[yyn];
+    if (yystate == 0 && yym == 0)
+    {
+#if YYDEBUG
+        if (yydebug)
+            printf("%sdebug: after reduction, shifting from state 0 to\
+ state %d\n", YYPREFIX, YYFINAL);
+#endif
+        yystate = YYFINAL;
+        *++yyssp = YYFINAL;
+        *++yyvsp = yyval;
+        if (yychar < 0)
+        {
+            if ((yychar = yylex()) < 0) yychar = 0;
+#if YYDEBUG
+            if (yydebug)
+            {
+                yys = 0;
+                if (yychar <= YYMAXTOKEN) yys = yyname[yychar];
+                if (!yys) yys = "illegal-symbol";
+                printf("%sdebug: state %d, reading %d (%s)\n",
+                        YYPREFIX, YYFINAL, yychar, yys);
+            }
+#endif
+        }
+        if (yychar == 0) goto yyaccept;
+        goto yyloop;
+    }
+    if ((yyn = yygindex[yym]) && (yyn += yystate) >= 0 &&
+            yyn <= YYTABLESIZE && yycheck[yyn] == yystate)
+        yystate = yytable[yyn];
+    else
+        yystate = yydgoto[yym];
+#if YYDEBUG
+    if (yydebug)
+        printf("%sdebug: after reduction, shifting from state %d \
+to state %d\n", YYPREFIX, *yyssp, yystate);
+#endif
+    if (yyssp >= yysslim && yygrowstack())
+    {
+        goto yyoverflow;
+    }
+    *++yyssp = yystate;
+    *++yyvsp = yyval;
+    goto yyloop;
+yyoverflow:
+    yyerror("yacc stack overflow");
+yyabort:
+    if (yyss)
+            free(yyss);
+    if (yyvs)
+            free(yyvs);
+    yyss = yyssp = NULL;
+    yyvs = yyvsp = NULL;
+    yystacksize = 0;
+    return (1);
+yyaccept:
+    if (yyss)
+            free(yyss);
+    if (yyvs)
+            free(yyvs);
+    yyss = yyssp = NULL;
+    yyvs = yyvsp = NULL;
+    yystacksize = 0;
+    return (0);
+}
diff --git a/plugins/sudoers/getdate.y b/plugins/sudoers/getdate.y
new file mode 100644
index 0000000..e23ef8d
--- /dev/null
+++ b/plugins/sudoers/getdate.y
@@ -0,0 +1,939 @@
+%{
+/*
+**  Originally written by Steven M. Bellovin <smb@research.att.com> while
+**  at the University of North Carolina at Chapel Hill.  Later tweaked by
+**  a couple of people on Usenet.  Completely overhauled by Rich $alz
+**  <rsalz@bbn.com> and Jim Berets <jberets@bbn.com> in August, 1990;
+**
+**  This grammar has 10 shift/reduce conflicts.
+**
+**  This code is in the public domain and has no copyright.
+*/
+/* SUPPRESS 287 on yaccpar_sccsid *//* Unused static variable */
+/* SUPPRESS 288 on yyerrlab *//* Label unused */
+
+#include <config.h>
+
+#include <sys/types.h>
+#include <stdio.h>
+#include <stdlib.h>
+#ifdef HAVE_STRING_H
+# include <string.h>
+#endif /* HAVE_STRING_H */
+#ifdef HAVE_STRINGS_H
+# include <strings.h>
+#endif /* HAVE_STRINGS_H */
+#if defined(HAVE_STDINT_H)
+# include <stdint.h>
+#elif defined(HAVE_INTTYPES_H)
+# include <inttypes.h>
+#endif
+#include <time.h>
+#include <limits.h>
+#include <ctype.h>
+
+#include "sudo_compat.h"
+
+
+#define EPOCH		1970
+#define HOUR(x)		((time_t)(x) * 60)
+#define SECSPERDAY	(24L * 60L * 60L)
+
+
+/*
+**  An entry in the lexical lookup table.
+*/
+typedef struct _TABLE {
+    char	*name;
+    int		type;
+    time_t	value;
+} TABLE;
+
+
+/*
+**  Daylight-savings mode:  on, off, or not yet known.
+*/
+typedef enum _DSTMODE {
+    DSTon, DSToff, DSTmaybe
+} DSTMODE;
+
+/*
+**  Meridian:  am, pm, or 24-hour style.
+*/
+typedef enum _MERIDIAN {
+    MERam, MERpm, MER24
+} MERIDIAN;
+
+
+/*
+**  Global variables.  We could get rid of most of these by using a good
+**  union as the yacc stack.  (This routine was originally written before
+**  yacc had the %union construct.)  Maybe someday; right now we only use
+**  the %union very rarely.
+*/
+static char	*yyInput;
+static DSTMODE	yyDSTmode;
+static time_t	yyDayOrdinal;
+static time_t	yyDayNumber;
+static int	yyHaveDate;
+static int	yyHaveDay;
+static int	yyHaveRel;
+static int	yyHaveTime;
+static int	yyHaveZone;
+static time_t	yyTimezone;
+static time_t	yyDay;
+static time_t	yyHour;
+static time_t	yyMinutes;
+static time_t	yyMonth;
+static time_t	yySeconds;
+static time_t	yyYear;
+static MERIDIAN	yyMeridian;
+static time_t	yyRelMonth;
+static time_t	yyRelSeconds;
+
+static int	yyerror(const char *s);
+static int	yylex(void);
+       int	yyparse(void);
+
+%}
+
+%union {
+    time_t		Number;
+    enum _MERIDIAN	Meridian;
+}
+
+%token	tAGO tDAY tDAYZONE tID tMERIDIAN tMINUTE_UNIT tMONTH tMONTH_UNIT
+%token	tSEC_UNIT tSNUMBER tUNUMBER tZONE tDST
+
+%type	<Number>	tDAY tDAYZONE tMINUTE_UNIT tMONTH tMONTH_UNIT
+%type	<Number>	tSEC_UNIT tSNUMBER tUNUMBER tZONE
+%type	<Meridian>	tMERIDIAN o_merid
+
+%%
+
+spec	: /* NULL */
+	| spec item
+	;
+
+item	: time {
+	    yyHaveTime++;
+	}
+	| zone {
+	    yyHaveZone++;
+	}
+	| date {
+	    yyHaveDate++;
+	}
+	| day {
+	    yyHaveDay++;
+	}
+	| rel {
+	    yyHaveRel++;
+	}
+	| number
+	;
+
+time	: tUNUMBER tMERIDIAN {
+	    yyHour = $1;
+	    yyMinutes = 0;
+	    yySeconds = 0;
+	    yyMeridian = $2;
+	}
+	| tUNUMBER ':' tUNUMBER o_merid {
+	    yyHour = $1;
+	    yyMinutes = $3;
+	    yySeconds = 0;
+	    yyMeridian = $4;
+	}
+	| tUNUMBER ':' tUNUMBER tSNUMBER {
+	    yyHour = $1;
+	    yyMinutes = $3;
+	    yyMeridian = MER24;
+	    yyDSTmode = DSToff;
+	    yyTimezone = - ($4 % 100 + ($4 / 100) * 60);
+	}
+	| tUNUMBER ':' tUNUMBER ':' tUNUMBER o_merid {
+	    yyHour = $1;
+	    yyMinutes = $3;
+	    yySeconds = $5;
+	    yyMeridian = $6;
+	}
+	| tUNUMBER ':' tUNUMBER ':' tUNUMBER tSNUMBER {
+	    yyHour = $1;
+	    yyMinutes = $3;
+	    yySeconds = $5;
+	    yyMeridian = MER24;
+	    yyDSTmode = DSToff;
+	    yyTimezone = - ($6 % 100 + ($6 / 100) * 60);
+	}
+	;
+
+zone	: tZONE {
+	    yyTimezone = $1;
+	    yyDSTmode = DSToff;
+	}
+	| tDAYZONE {
+	    yyTimezone = $1;
+	    yyDSTmode = DSTon;
+	}
+	|
+	  tZONE tDST {
+	    yyTimezone = $1;
+	    yyDSTmode = DSTon;
+	}
+	;
+
+day	: tDAY {
+	    yyDayOrdinal = 1;
+	    yyDayNumber = $1;
+	}
+	| tDAY ',' {
+	    yyDayOrdinal = 1;
+	    yyDayNumber = $1;
+	}
+	| tUNUMBER tDAY {
+	    yyDayOrdinal = $1;
+	    yyDayNumber = $2;
+	}
+	;
+
+date	: tUNUMBER '/' tUNUMBER {
+	    yyMonth = $1;
+	    yyDay = $3;
+	}
+	| tUNUMBER '/' tUNUMBER '/' tUNUMBER {
+	    if ($1 >= 100) {
+		yyYear = $1;
+		yyMonth = $3;
+		yyDay = $5;
+	    } else {
+		yyMonth = $1;
+		yyDay = $3;
+		yyYear = $5;
+	    }
+	}
+	| tUNUMBER tSNUMBER tSNUMBER {
+	    /* ISO 8601 format.  yyyy-mm-dd.  */
+	    yyYear = $1;
+	    yyMonth = -$2;
+	    yyDay = -$3;
+	}
+	| tUNUMBER tMONTH tSNUMBER {
+	    /* e.g. 17-JUN-1992.  */
+	    yyDay = $1;
+	    yyMonth = $2;
+	    yyYear = -$3;
+	}
+	| tMONTH tUNUMBER {
+	    yyMonth = $1;
+	    yyDay = $2;
+	}
+	| tMONTH tUNUMBER ',' tUNUMBER {
+	    yyMonth = $1;
+	    yyDay = $2;
+	    yyYear = $4;
+	}
+	| tUNUMBER tMONTH {
+	    yyMonth = $2;
+	    yyDay = $1;
+	}
+	| tUNUMBER tMONTH tUNUMBER {
+	    yyMonth = $2;
+	    yyDay = $1;
+	    yyYear = $3;
+	}
+	;
+
+rel	: relunit tAGO {
+	    yyRelSeconds = -yyRelSeconds;
+	    yyRelMonth = -yyRelMonth;
+	}
+	| relunit
+	;
+
+relunit	: tUNUMBER tMINUTE_UNIT {
+	    yyRelSeconds += $1 * $2 * 60L;
+	}
+	| tSNUMBER tMINUTE_UNIT {
+	    yyRelSeconds += $1 * $2 * 60L;
+	}
+	| tMINUTE_UNIT {
+	    yyRelSeconds += $1 * 60L;
+	}
+	| tSNUMBER tSEC_UNIT {
+	    yyRelSeconds += $1;
+	}
+	| tUNUMBER tSEC_UNIT {
+	    yyRelSeconds += $1;
+	}
+	| tSEC_UNIT {
+	    yyRelSeconds++;
+	}
+	| tSNUMBER tMONTH_UNIT {
+	    yyRelMonth += $1 * $2;
+	}
+	| tUNUMBER tMONTH_UNIT {
+	    yyRelMonth += $1 * $2;
+	}
+	| tMONTH_UNIT {
+	    yyRelMonth += $1;
+	}
+	;
+
+number	: tUNUMBER {
+	    if (yyHaveTime && yyHaveDate && !yyHaveRel)
+		yyYear = $1;
+	    else {
+		if($1>10000) {
+		    yyHaveDate++;
+		    yyDay= ($1)%100;
+		    yyMonth= ($1/100)%100;
+		    yyYear = $1/10000;
+		}
+		else {
+		    yyHaveTime++;
+		    if ($1 < 100) {
+			yyHour = $1;
+			yyMinutes = 0;
+		    }
+		    else {
+		    	yyHour = $1 / 100;
+		    	yyMinutes = $1 % 100;
+		    }
+		    yySeconds = 0;
+		    yyMeridian = MER24;
+	        }
+	    }
+	}
+	;
+
+o_merid	: /* NULL */ {
+	    $$ = MER24;
+	}
+	| tMERIDIAN {
+	    $$ = $1;
+	}
+	;
+
+%%
+
+/* Month and day table. */
+static TABLE const MonthDayTable[] = {
+    { "january",	tMONTH,  1 },
+    { "february",	tMONTH,  2 },
+    { "march",		tMONTH,  3 },
+    { "april",		tMONTH,  4 },
+    { "may",		tMONTH,  5 },
+    { "june",		tMONTH,  6 },
+    { "july",		tMONTH,  7 },
+    { "august",		tMONTH,  8 },
+    { "september",	tMONTH,  9 },
+    { "sept",		tMONTH,  9 },
+    { "october",	tMONTH, 10 },
+    { "november",	tMONTH, 11 },
+    { "december",	tMONTH, 12 },
+    { "sunday",		tDAY, 0 },
+    { "monday",		tDAY, 1 },
+    { "tuesday",	tDAY, 2 },
+    { "tues",		tDAY, 2 },
+    { "wednesday",	tDAY, 3 },
+    { "wednes",		tDAY, 3 },
+    { "thursday",	tDAY, 4 },
+    { "thur",		tDAY, 4 },
+    { "thurs",		tDAY, 4 },
+    { "friday",		tDAY, 5 },
+    { "saturday",	tDAY, 6 },
+    { NULL }
+};
+
+/* Time units table. */
+static TABLE const UnitsTable[] = {
+    { "year",		tMONTH_UNIT,	12 },
+    { "month",		tMONTH_UNIT,	1 },
+    { "fortnight",	tMINUTE_UNIT,	14 * 24 * 60 },
+    { "week",		tMINUTE_UNIT,	7 * 24 * 60 },
+    { "day",		tMINUTE_UNIT,	1 * 24 * 60 },
+    { "hour",		tMINUTE_UNIT,	60 },
+    { "minute",		tMINUTE_UNIT,	1 },
+    { "min",		tMINUTE_UNIT,	1 },
+    { "second",		tSEC_UNIT,	1 },
+    { "sec",		tSEC_UNIT,	1 },
+    { NULL }
+};
+
+/* Assorted relative-time words. */
+static TABLE const OtherTable[] = {
+    { "tomorrow",	tMINUTE_UNIT,	1 * 24 * 60 },
+    { "yesterday",	tMINUTE_UNIT,	-1 * 24 * 60 },
+    { "today",		tMINUTE_UNIT,	0 },
+    { "now",		tMINUTE_UNIT,	0 },
+    { "last",		tUNUMBER,	-1 },
+    { "this",		tUNUMBER,	0 },
+    { "next",		tUNUMBER,	2 },
+    { "first",		tUNUMBER,	1 },
+/*  { "second",		tUNUMBER,	2 }, */
+    { "third",		tUNUMBER,	3 },
+    { "fourth",		tUNUMBER,	4 },
+    { "fifth",		tUNUMBER,	5 },
+    { "sixth",		tUNUMBER,	6 },
+    { "seventh",	tUNUMBER,	7 },
+    { "eighth",		tUNUMBER,	8 },
+    { "ninth",		tUNUMBER,	9 },
+    { "tenth",		tUNUMBER,	10 },
+    { "eleventh",	tUNUMBER,	11 },
+    { "twelfth",	tUNUMBER,	12 },
+    { "ago",		tAGO,	1 },
+    { NULL }
+};
+
+/* The timezone table. */
+/* Some of these are commented out because a time_t can't store a float. */
+static TABLE const TimezoneTable[] = {
+    { "gmt",	tZONE,     HOUR( 0) },	/* Greenwich Mean */
+    { "ut",	tZONE,     HOUR( 0) },	/* Universal (Coordinated) */
+    { "utc",	tZONE,     HOUR( 0) },
+    { "wet",	tZONE,     HOUR( 0) },	/* Western European */
+    { "bst",	tDAYZONE,  HOUR( 0) },	/* British Summer */
+    { "wat",	tZONE,     HOUR( 1) },	/* West Africa */
+    { "at",	tZONE,     HOUR( 2) },	/* Azores */
+#if	0
+    /* For completeness.  BST is also British Summer, and GST is
+     * also Guam Standard. */
+    { "bst",	tZONE,     HOUR( 3) },	/* Brazil Standard */
+    { "gst",	tZONE,     HOUR( 3) },	/* Greenland Standard */
+#endif
+#if 0
+    { "nft",	tZONE,     HOUR(3.5) },	/* Newfoundland */
+    { "nst",	tZONE,     HOUR(3.5) },	/* Newfoundland Standard */
+    { "ndt",	tDAYZONE,  HOUR(3.5) },	/* Newfoundland Daylight */
+#endif
+    { "ast",	tZONE,     HOUR( 4) },	/* Atlantic Standard */
+    { "adt",	tDAYZONE,  HOUR( 4) },	/* Atlantic Daylight */
+    { "est",	tZONE,     HOUR( 5) },	/* Eastern Standard */
+    { "edt",	tDAYZONE,  HOUR( 5) },	/* Eastern Daylight */
+    { "cst",	tZONE,     HOUR( 6) },	/* Central Standard */
+    { "cdt",	tDAYZONE,  HOUR( 6) },	/* Central Daylight */
+    { "mst",	tZONE,     HOUR( 7) },	/* Mountain Standard */
+    { "mdt",	tDAYZONE,  HOUR( 7) },	/* Mountain Daylight */
+    { "pst",	tZONE,     HOUR( 8) },	/* Pacific Standard */
+    { "pdt",	tDAYZONE,  HOUR( 8) },	/* Pacific Daylight */
+    { "yst",	tZONE,     HOUR( 9) },	/* Yukon Standard */
+    { "ydt",	tDAYZONE,  HOUR( 9) },	/* Yukon Daylight */
+    { "hst",	tZONE,     HOUR(10) },	/* Hawaii Standard */
+    { "hdt",	tDAYZONE,  HOUR(10) },	/* Hawaii Daylight */
+    { "cat",	tZONE,     HOUR(10) },	/* Central Alaska */
+    { "ahst",	tZONE,     HOUR(10) },	/* Alaska-Hawaii Standard */
+    { "nt",	tZONE,     HOUR(11) },	/* Nome */
+    { "idlw",	tZONE,     HOUR(12) },	/* International Date Line West */
+    { "cet",	tZONE,     -HOUR(1) },	/* Central European */
+    { "met",	tZONE,     -HOUR(1) },	/* Middle European */
+    { "mewt",	tZONE,     -HOUR(1) },	/* Middle European Winter */
+    { "mest",	tDAYZONE,  -HOUR(1) },	/* Middle European Summer */
+    { "swt",	tZONE,     -HOUR(1) },	/* Swedish Winter */
+    { "sst",	tDAYZONE,  -HOUR(1) },	/* Swedish Summer */
+    { "fwt",	tZONE,     -HOUR(1) },	/* French Winter */
+    { "fst",	tDAYZONE,  -HOUR(1) },	/* French Summer */
+    { "eet",	tZONE,     -HOUR(2) },	/* Eastern Europe, USSR Zone 1 */
+    { "bt",	tZONE,     -HOUR(3) },	/* Baghdad, USSR Zone 2 */
+#if 0
+    { "it",	tZONE,     -HOUR(3.5) },/* Iran */
+#endif
+    { "zp4",	tZONE,     -HOUR(4) },	/* USSR Zone 3 */
+    { "zp5",	tZONE,     -HOUR(5) },	/* USSR Zone 4 */
+#if 0
+    { "ist",	tZONE,     -HOUR(5.5) },/* Indian Standard */
+#endif
+    { "zp6",	tZONE,     -HOUR(6) },	/* USSR Zone 5 */
+#if	0
+    /* For completeness.  NST is also Newfoundland Stanard, and SST is
+     * also Swedish Summer. */
+    { "nst",	tZONE,     -HOUR(6.5) },/* North Sumatra */
+    { "sst",	tZONE,     -HOUR(7) },	/* South Sumatra, USSR Zone 6 */
+#endif	/* 0 */
+    { "wast",	tZONE,     -HOUR(7) },	/* West Australian Standard */
+    { "wadt",	tDAYZONE,  -HOUR(7) },	/* West Australian Daylight */
+#if 0
+    { "jt",	tZONE,     -HOUR(7.5) },/* Java (3pm in Cronusland!) */
+#endif
+    { "cct",	tZONE,     -HOUR(8) },	/* China Coast, USSR Zone 7 */
+    { "jst",	tZONE,     -HOUR(9) },	/* Japan Standard, USSR Zone 8 */
+#if 0
+    { "cast",	tZONE,     -HOUR(9.5) },/* Central Australian Standard */
+    { "cadt",	tDAYZONE,  -HOUR(9.5) },/* Central Australian Daylight */
+#endif
+    { "east",	tZONE,     -HOUR(10) },	/* Eastern Australian Standard */
+    { "eadt",	tDAYZONE,  -HOUR(10) },	/* Eastern Australian Daylight */
+    { "gst",	tZONE,     -HOUR(10) },	/* Guam Standard, USSR Zone 9 */
+    { "nzt",	tZONE,     -HOUR(12) },	/* New Zealand */
+    { "nzst",	tZONE,     -HOUR(12) },	/* New Zealand Standard */
+    { "nzdt",	tDAYZONE,  -HOUR(12) },	/* New Zealand Daylight */
+    { "idle",	tZONE,     -HOUR(12) },	/* International Date Line East */
+    {  NULL  }
+};
+
+/* Military timezone table. */
+static TABLE const MilitaryTable[] = {
+    { "a",	tZONE,	HOUR(  1) },
+    { "b",	tZONE,	HOUR(  2) },
+    { "c",	tZONE,	HOUR(  3) },
+    { "d",	tZONE,	HOUR(  4) },
+    { "e",	tZONE,	HOUR(  5) },
+    { "f",	tZONE,	HOUR(  6) },
+    { "g",	tZONE,	HOUR(  7) },
+    { "h",	tZONE,	HOUR(  8) },
+    { "i",	tZONE,	HOUR(  9) },
+    { "k",	tZONE,	HOUR( 10) },
+    { "l",	tZONE,	HOUR( 11) },
+    { "m",	tZONE,	HOUR( 12) },
+    { "n",	tZONE,	HOUR(- 1) },
+    { "o",	tZONE,	HOUR(- 2) },
+    { "p",	tZONE,	HOUR(- 3) },
+    { "q",	tZONE,	HOUR(- 4) },
+    { "r",	tZONE,	HOUR(- 5) },
+    { "s",	tZONE,	HOUR(- 6) },
+    { "t",	tZONE,	HOUR(- 7) },
+    { "u",	tZONE,	HOUR(- 8) },
+    { "v",	tZONE,	HOUR(- 9) },
+    { "w",	tZONE,	HOUR(-10) },
+    { "x",	tZONE,	HOUR(-11) },
+    { "y",	tZONE,	HOUR(-12) },
+    { "z",	tZONE,	HOUR(  0) },
+    { NULL }
+};
+
+
+
+
+/* ARGSUSED */
+static int
+yyerror(const char *s)
+{
+  return 0;
+}
+
+
+static time_t
+ToSeconds(time_t Hours, time_t Minutes, time_t Seconds, MERIDIAN Meridian)
+{
+    if (Minutes < 0 || Minutes > 59 || Seconds < 0 || Seconds > 59)
+	return -1;
+    switch (Meridian) {
+    case MER24:
+	if (Hours < 0 || Hours > 23)
+	    return -1;
+	return (Hours * 60L + Minutes) * 60L + Seconds;
+    case MERam:
+	if (Hours < 1 || Hours > 12)
+	    return -1;
+	if (Hours == 12)
+	    Hours = 0;
+	return (Hours * 60L + Minutes) * 60L + Seconds;
+    case MERpm:
+	if (Hours < 1 || Hours > 12)
+	    return -1;
+	if (Hours == 12)
+	    Hours = 0;
+	return ((Hours + 12) * 60L + Minutes) * 60L + Seconds;
+    default:
+	abort ();
+    }
+    /* NOTREACHED */
+}
+
+
+/* Year is either
+   * A negative number, which means to use its absolute value (why?)
+   * A number from 0 to 99, which means a year from 1900 to 1999, or
+   * The actual year (>=100).  */
+static time_t
+Convert(time_t Month, time_t Day, time_t Year, time_t Hours, time_t Minutes,
+    time_t Seconds, MERIDIAN Meridian, DSTMODE DSTmode)
+{
+    static int DaysInMonth[12] = {
+	31, 0, 31, 30, 31, 30, 31, 31, 30, 31, 30, 31
+    };
+    struct tm	*tm;
+    time_t	tod;
+    time_t	Julian;
+    int		i;
+
+    if (Year < 0)
+	Year = -Year;
+    if (Year < 69)
+	Year += 2000;
+    else if (Year < 100) {
+	Year += 1900;
+	if (Year < EPOCH)
+		Year += 100;
+    }
+    DaysInMonth[1] = Year % 4 == 0 && (Year % 100 != 0 || Year % 400 == 0)
+		    ? 29 : 28;
+    /* 32-bit time_t cannot represent years past 2038 */
+    if (Year < EPOCH || (sizeof(time_t) == sizeof(int) && Year > 2038)
+     || Month < 1 || Month > 12
+     /* Lint fluff:  "conversion from long may lose accuracy" */
+     || Day < 1 || Day > DaysInMonth[(int)--Month])
+	return -1;
+
+    for (Julian = Day - 1, i = 0; i < Month; i++)
+	Julian += DaysInMonth[i];
+    for (i = EPOCH; i < Year; i++)
+	Julian += 365 + (i % 4 == 0);
+    Julian *= SECSPERDAY;
+    Julian += yyTimezone * 60L;
+    if ((tod = ToSeconds(Hours, Minutes, Seconds, Meridian)) < 0)
+	return -1;
+    Julian += tod;
+    if (DSTmode == DSTon
+     || (DSTmode == DSTmaybe && (tm = localtime(&Julian)) && tm->tm_isdst))
+	Julian -= 60 * 60;
+    return Julian;
+}
+
+
+static time_t
+DSTcorrect(time_t Start, time_t Future)
+{
+    struct tm	*start_tm;
+    struct tm	*future_tm;
+    time_t	StartDay;
+    time_t	FutureDay;
+
+    start_tm = localtime(&Start);
+    future_tm = localtime(&Future);
+    if (!start_tm || !future_tm)
+	return -1;
+
+    StartDay = (start_tm->tm_hour + 1) % 24;
+    FutureDay = (future_tm->tm_hour + 1) % 24;
+    return (Future - Start) + (StartDay - FutureDay) * 60L * 60L;
+}
+
+
+static time_t
+RelativeDate(time_t Start, time_t DayOrdinal, time_t DayNumber)
+{
+    struct tm	*tm;
+    time_t	now;
+
+    now = Start;
+    if (!(tm = localtime(&now)))
+	return -1;
+    now += SECSPERDAY * ((DayNumber - tm->tm_wday + 7) % 7);
+    now += 7 * SECSPERDAY * (DayOrdinal <= 0 ? DayOrdinal : DayOrdinal - 1);
+    return DSTcorrect(Start, now);
+}
+
+
+static time_t
+RelativeMonth(time_t Start, time_t RelMonth)
+{
+    struct tm	*tm;
+    time_t	Month;
+    time_t	Year;
+
+    if (RelMonth == 0)
+	return 0;
+    if (!(tm = localtime(&Start)))
+	return -1;
+    Month = 12 * (tm->tm_year + 1900) + tm->tm_mon + RelMonth;
+    Year = Month / 12;
+    Month = Month % 12 + 1;
+    return DSTcorrect(Start,
+	    Convert(Month, (time_t)tm->tm_mday, Year,
+		(time_t)tm->tm_hour, (time_t)tm->tm_min, (time_t)tm->tm_sec,
+		MER24, DSTmaybe));
+}
+
+
+static int
+LookupWord(char *buff)
+{
+    char		*p;
+    char		*q;
+    const TABLE		*tp;
+    int			i;
+    int			abbrev;
+
+    /* Make it lowercase. */
+    for (p = buff; *p; p++)
+	if (isupper((unsigned char)*p))
+	    *p = tolower((unsigned char)*p);
+
+    if (strcmp(buff, "am") == 0 || strcmp(buff, "a.m.") == 0) {
+	yylval.Meridian = MERam;
+	return tMERIDIAN;
+    }
+    if (strcmp(buff, "pm") == 0 || strcmp(buff, "p.m.") == 0) {
+	yylval.Meridian = MERpm;
+	return tMERIDIAN;
+    }
+
+    /* See if we have an abbreviation for a month. */
+    if (strlen(buff) == 3)
+	abbrev = 1;
+    else if (strlen(buff) == 4 && buff[3] == '.') {
+	abbrev = 1;
+	buff[3] = '\0';
+    }
+    else
+	abbrev = 0;
+
+    for (tp = MonthDayTable; tp->name; tp++) {
+	if (abbrev) {
+	    if (strncmp(buff, tp->name, 3) == 0) {
+		yylval.Number = tp->value;
+		return tp->type;
+	    }
+	}
+	else if (strcmp(buff, tp->name) == 0) {
+	    yylval.Number = tp->value;
+	    return tp->type;
+	}
+    }
+
+    for (tp = TimezoneTable; tp->name; tp++)
+	if (strcmp(buff, tp->name) == 0) {
+	    yylval.Number = tp->value;
+	    return tp->type;
+	}
+
+    if (strcmp(buff, "dst") == 0) 
+	return tDST;
+
+    for (tp = UnitsTable; tp->name; tp++)
+	if (strcmp(buff, tp->name) == 0) {
+	    yylval.Number = tp->value;
+	    return tp->type;
+	}
+
+    /* Strip off any plural and try the units table again. */
+    i = strlen(buff) - 1;
+    if (buff[i] == 's') {
+	buff[i] = '\0';
+	for (tp = UnitsTable; tp->name; tp++)
+	    if (strcmp(buff, tp->name) == 0) {
+		yylval.Number = tp->value;
+		return tp->type;
+	    }
+	buff[i] = 's';		/* Put back for "this" in OtherTable. */
+    }
+
+    for (tp = OtherTable; tp->name; tp++)
+	if (strcmp(buff, tp->name) == 0) {
+	    yylval.Number = tp->value;
+	    return tp->type;
+	}
+
+    /* Military timezones. */
+    if (buff[1] == '\0' && isalpha((unsigned char)*buff)) {
+	for (tp = MilitaryTable; tp->name; tp++)
+	    if (strcmp(buff, tp->name) == 0) {
+		yylval.Number = tp->value;
+		return tp->type;
+	    }
+    }
+
+    /* Drop out any periods and try the timezone table again. */
+    for (i = 0, p = q = buff; *q; q++)
+	if (*q != '.')
+	    *p++ = *q;
+	else
+	    i++;
+    *p = '\0';
+    if (i)
+	for (tp = TimezoneTable; tp->name; tp++)
+	    if (strcmp(buff, tp->name) == 0) {
+		yylval.Number = tp->value;
+		return tp->type;
+	    }
+
+    return tID;
+}
+
+
+static int
+yylex(void)
+{
+    char		c;
+    char		*p;
+    char		buff[20];
+    int			Count;
+    int			sign;
+
+    for ( ; ; ) {
+	while (isspace((unsigned char)*yyInput))
+	    yyInput++;
+
+	if (isdigit((unsigned char)(c = *yyInput)) || c == '-' || c == '+') {
+	    if (c == '-' || c == '+') {
+		sign = c == '-' ? -1 : 1;
+		if (!isdigit((unsigned char)*++yyInput))
+		    /* skip the '-' sign */
+		    continue;
+	    }
+	    else
+		sign = 0;
+	    for (yylval.Number = 0; isdigit((unsigned char)(c = *yyInput++)); )
+		yylval.Number = 10 * yylval.Number + c - '0';
+	    yyInput--;
+	    if (sign < 0)
+		yylval.Number = -yylval.Number;
+	    return sign ? tSNUMBER : tUNUMBER;
+	}
+	if (isalpha((unsigned char)c)) {
+	    for (p = buff; isalpha((unsigned char)(c = *yyInput++)) || c == '.'; )
+		if (p < &buff[sizeof buff - 1])
+		    *p++ = c;
+	    *p = '\0';
+	    yyInput--;
+	    return LookupWord(buff);
+	}
+	if (c != '(')
+	    return *yyInput++;
+	Count = 0;
+	do {
+	    c = *yyInput++;
+	    if (c == '\0')
+		return c;
+	    if (c == '(')
+		Count++;
+	    else if (c == ')')
+		Count--;
+	} while (Count > 0);
+    }
+}
+
+#define TM_YEAR_ORIGIN 1900
+
+/* Yield A - B, measured in seconds.  */
+static long
+difftm(struct tm *a, struct tm *b)
+{
+  int ay = a->tm_year + (TM_YEAR_ORIGIN - 1);
+  int by = b->tm_year + (TM_YEAR_ORIGIN - 1);
+  int days = (
+	      /* difference in day of year */
+	      a->tm_yday - b->tm_yday
+	      /* + intervening leap days */
+	      +  ((ay >> 2) - (by >> 2))
+	      -  (ay/100 - by/100)
+	      +  ((ay/100 >> 2) - (by/100 >> 2))
+	      /* + difference in years * 365 */
+	      +  (long)(ay-by) * 365
+	      );
+  return (60*(60*(24*days + (a->tm_hour - b->tm_hour))
+	      + (a->tm_min - b->tm_min))
+	  + (a->tm_sec - b->tm_sec));
+}
+
+time_t
+get_date(char *p)
+{
+    struct tm		*tm, *gmt, gmtbuf;
+    time_t		Start;
+    time_t		tod;
+    time_t		now;
+    time_t		timezone;
+
+    yyInput = p;
+    (void)time (&now);
+
+    gmt = gmtime (&now);
+    if (gmt != NULL)
+    {
+	/* Make a copy, in case localtime modifies *tm (I think
+	   that comment now applies to *gmt, but I am too
+	   lazy to dig into how gmtime and locatime allocate the
+	   structures they return pointers to).  */
+	gmtbuf = *gmt;
+	gmt = &gmtbuf;
+    }
+
+    if (! (tm = localtime (&now)))
+	return -1;
+
+    if (gmt != NULL)
+	timezone = difftm (gmt, tm) / 60;
+    else
+	/* We are on a system like VMS, where the system clock is
+	   in local time and the system has no concept of timezones.
+	   Hopefully we can fake this out (for the case in which the
+	   user specifies no timezone) by just saying the timezone
+	   is zero.  */
+	timezone = 0;
+
+    if(tm->tm_isdst)
+	timezone += 60;
+
+    yyYear = tm->tm_year + 1900;
+    yyMonth = tm->tm_mon + 1;
+    yyDay = tm->tm_mday;
+    yyTimezone = timezone;
+    yyDSTmode = DSTmaybe;
+    yyHour = 0;
+    yyMinutes = 0;
+    yySeconds = 0;
+    yyMeridian = MER24;
+    yyRelSeconds = 0;
+    yyRelMonth = 0;
+    yyHaveDate = 0;
+    yyHaveDay = 0;
+    yyHaveRel = 0;
+    yyHaveTime = 0;
+    yyHaveZone = 0;
+
+    if (yyparse()
+     || yyHaveTime > 1 || yyHaveZone > 1 || yyHaveDate > 1 || yyHaveDay > 1)
+	return -1;
+
+    if (yyHaveDate || yyHaveTime || yyHaveDay) {
+	Start = Convert(yyMonth, yyDay, yyYear, yyHour, yyMinutes, yySeconds,
+		    yyMeridian, yyDSTmode);
+	if (Start < 0)
+	    return -1;
+    }
+    else {
+	Start = now;
+	if (!yyHaveRel)
+	    Start -= ((tm->tm_hour * 60L + tm->tm_min) * 60L) + tm->tm_sec;
+    }
+
+    Start += yyRelSeconds;
+    Start += RelativeMonth(Start, yyRelMonth);
+
+    if (yyHaveDay && !yyHaveDate) {
+	tod = RelativeDate(Start, yyDayOrdinal, yyDayNumber);
+	Start += tod;
+    }
+
+    /* Have to do *something* with a legitimate -1 so it's distinguishable
+     * from the error return value.  (Alternately could set errno on error.) */
+    return Start == -1 ? 0 : Start;
+}
+
+
+#ifdef TEST
+
+/* ARGSUSED */
+int
+main(int argc, char *argv[])
+{
+    char	buff[128];
+    time_t	d;
+
+    (void)printf("Enter date, or blank line to exit.\n\t> ");
+    (void)fflush(stdout);
+    while (fgets(buff, sizeof(buff), stdin) && buff[0]) {
+	d = get_date(buff);
+	if (d == -1)
+	    (void)printf("Bad format - couldn't convert.\n");
+	else
+	    (void)printf("%s", ctime(&d));
+	(void)printf("\t> ");
+	(void)fflush(stdout);
+    }
+    exit(0);
+    /* NOTREACHED */
+}
+#endif	/* TEST */
diff --git a/plugins/sudoers/getspwuid.c b/plugins/sudoers/getspwuid.c
new file mode 100644
index 0000000..da77769
--- /dev/null
+++ b/plugins/sudoers/getspwuid.c
@@ -0,0 +1,142 @@
+/*
+ * Copyright (c) 1996, 1998-2005, 2010-2012, 2014-2015
+ *	Todd C. Miller <Todd.Miller@sudo.ws>
+ *
+ * Permission to use, copy, modify, and distribute this software for any
+ * purpose with or without fee is hereby granted, provided that the above
+ * copyright notice and this permission notice appear in all copies.
+ *
+ * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
+ * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
+ * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
+ * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
+ * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
+ * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
+ * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
+ *
+ * Sponsored in part by the Defense Advanced Research Projects
+ * Agency (DARPA) and Air Force Research Laboratory, Air Force
+ * Materiel Command, USAF, under agreement number F39502-99-1-0512.
+ */
+
+/*
+ * This is an open source non-commercial project. Dear PVS-Studio, please check it.
+ * PVS-Studio Static Code Analyzer for C, C++ and C#: http://www.viva64.com
+ */
+
+#include <config.h>
+
+#include <sys/types.h>
+#include <sys/stat.h>
+#include <stdio.h>
+#include <stdlib.h>
+#ifdef HAVE_STRING_H
+# include <string.h>
+#endif /* HAVE_STRING_H */
+#ifdef HAVE_STRINGS_H
+# include <strings.h>
+#endif /* HAVE_STRINGS_H */
+#include <unistd.h>
+#include <pwd.h>
+#include <grp.h>
+#ifdef HAVE_GETSPNAM
+# include <shadow.h>
+#endif /* HAVE_GETSPNAM */
+#ifdef HAVE_GETPRPWNAM
+# ifdef __hpux
+#  undef MAXINT
+#  include <hpsecurity.h>
+# else
+#  include <sys/security.h>
+# endif /* __hpux */
+# include <prot.h>
+#endif /* HAVE_GETPRPWNAM */
+
+#include "sudoers.h"
+
+/*
+ * Exported for auth/secureware.c
+ */
+#if defined(HAVE_GETPRPWNAM) && defined(__alpha)
+int crypt_type = INT_MAX;
+#endif /* HAVE_GETPRPWNAM && __alpha */
+
+/*
+ * Return a copy of the encrypted password for the user described by pw.
+ * If shadow passwords are in use, look in the shadow file.
+ */
+char *
+sudo_getepw(const struct passwd *pw)
+{
+    char *epw = NULL;
+    debug_decl(sudo_getepw, SUDOERS_DEBUG_AUTH)
+
+    /* If there is a function to check for shadow enabled, use it... */
+#ifdef HAVE_ISCOMSEC
+    if (!iscomsec())
+	goto done;
+#endif /* HAVE_ISCOMSEC */
+
+#ifdef HAVE_GETPWNAM_SHADOW
+    {
+	struct passwd *spw;
+
+	if ((spw = getpwnam_shadow(pw->pw_name)) != NULL)
+	    epw = spw->pw_passwd;
+    }
+#endif /* HAVE_GETPWNAM_SHADOW */
+#ifdef HAVE_GETPRPWNAM
+    {
+	struct pr_passwd *spw;
+
+	if ((spw = getprpwnam(pw->pw_name)) && spw->ufld.fd_encrypt) {
+# ifdef __alpha
+	    crypt_type = spw->ufld.fd_oldcrypt;
+# endif /* __alpha */
+	    epw = spw->ufld.fd_encrypt;
+	}
+    }
+#endif /* HAVE_GETPRPWNAM */
+#ifdef HAVE_GETSPNAM
+    {
+	struct spwd *spw;
+
+	if ((spw = getspnam(pw->pw_name)) && spw->sp_pwdp)
+	    epw = spw->sp_pwdp;
+    }
+#endif /* HAVE_GETSPNAM */
+
+#if defined(HAVE_ISCOMSEC)
+done:
+#endif
+    /* If no shadow password, fall back on regular password. */
+    debug_return_str(strdup(epw ? epw : pw->pw_passwd));
+}
+
+void
+sudo_setspent(void)
+{
+    debug_decl(sudo_setspent, SUDOERS_DEBUG_AUTH)
+
+#ifdef HAVE_GETPRPWNAM
+    setprpwent();
+#endif
+#ifdef HAVE_GETSPNAM
+    setspent();
+#endif
+    debug_return;
+}
+
+void
+sudo_endspent(void)
+{
+    debug_decl(sudo_endspent, SUDOERS_DEBUG_AUTH)
+
+#ifdef HAVE_GETPRPWNAM
+    endprpwent();
+#endif
+#ifdef HAVE_GETSPNAM
+    endspent();
+#endif
+    debug_return;
+}
diff --git a/plugins/sudoers/gmtoff.c b/plugins/sudoers/gmtoff.c
new file mode 100644
index 0000000..2e62d9f
--- /dev/null
+++ b/plugins/sudoers/gmtoff.c
@@ -0,0 +1,75 @@
+/*
+ * Copyright (c) 2017 Todd C. Miller <Todd.Miller@sudo.ws>
+ *
+ * Permission to use, copy, modify, and distribute this software for any
+ * purpose with or without fee is hereby granted, provided that the above
+ * copyright notice and this permission notice appear in all copies.
+ *
+ * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
+ * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
+ * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
+ * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
+ * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
+ * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
+ * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
+ */
+
+/*
+ * This is an open source non-commercial project. Dear PVS-Studio, please check it.
+ * PVS-Studio Static Code Analyzer for C, C++ and C#: http://www.viva64.com
+ */
+
+#include <config.h>
+
+#include <sys/types.h>
+#include <stdio.h>
+#include <stdlib.h>
+#include <time.h>
+
+#include "sudo_compat.h"
+#include "sudoers_debug.h"
+#include "parse.h"
+
+/*
+ * Returns the offset from GMT in seconds (algorithm taken from sendmail).
+ * Warning: clobbers the static storage used by localtime() and gmtime().
+ */
+#ifdef HAVE_STRUCT_TM_TM_GMTOFF
+long
+get_gmtoff(time_t *clock)
+{
+	struct tm *local;
+
+	local = localtime(clock);
+	return local->tm_gmtoff;
+}
+#else
+long
+get_gmtoff(time_t *clock)
+{
+	struct tm *gm, gmt, *local;
+	long offset;
+
+	if ((gm = gmtime(clock)) == NULL)
+	    return 0;
+	gmt = *gm;
+	if ((local = localtime(clock)) == NULL)
+	    return 0;
+
+	offset = (local->tm_sec - gmt.tm_sec) +
+	    ((local->tm_min - gmt.tm_min) * 60) +
+	    ((local->tm_hour - gmt.tm_hour) * 3600);
+
+	/* Timezone may cause year rollover to happen on a different day. */
+	if (local->tm_year < gmt.tm_year)
+		offset -= 24 * 3600;
+	else if (local->tm_year > gmt.tm_year)
+		offset -= 24 * 3600;
+	else if (local->tm_yday < gmt.tm_yday)
+		offset -= 24 * 3600;
+	else if (local->tm_yday > gmt.tm_yday)
+		offset += 24 * 3600;
+
+	return offset;
+}
+#endif /* HAVE_TM_GMTOFF */
diff --git a/plugins/sudoers/goodpath.c b/plugins/sudoers/goodpath.c
new file mode 100644
index 0000000..a570e48
--- /dev/null
+++ b/plugins/sudoers/goodpath.c
@@ -0,0 +1,68 @@
+/*
+ * Copyright (c) 1996, 1998-2005, 2010-2012, 2014-2016
+ *	Todd C. Miller <Todd.Miller@sudo.ws>
+ *
+ * Permission to use, copy, modify, and distribute this software for any
+ * purpose with or without fee is hereby granted, provided that the above
+ * copyright notice and this permission notice appear in all copies.
+ *
+ * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
+ * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
+ * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
+ * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
+ * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
+ * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
+ * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
+ *
+ * Sponsored in part by the Defense Advanced Research Projects
+ * Agency (DARPA) and Air Force Research Laboratory, Air Force
+ * Materiel Command, USAF, under agreement number F39502-99-1-0512.
+ */
+
+/*
+ * This is an open source non-commercial project. Dear PVS-Studio, please check it.
+ * PVS-Studio Static Code Analyzer for C, C++ and C#: http://www.viva64.com
+ */
+
+#include <config.h>
+
+#include <sys/types.h>
+#include <sys/stat.h>
+#include <stdio.h>
+#ifdef HAVE_STRING_H
+# include <string.h>
+#endif /* HAVE_STRING_H */
+#ifdef HAVE_STRINGS_H
+# include <strings.h>
+#endif /* HAVE_STRINGS_H */
+#include <unistd.h>
+#include <errno.h>
+
+#include "sudoers.h"
+
+/*
+ * Verify that path is a normal file and executable by root.
+ */
+bool
+sudo_goodpath(const char *path, struct stat *sbp)
+{
+    bool ret = false;
+    debug_decl(sudo_goodpath, SUDOERS_DEBUG_UTIL)
+
+    if (path != NULL) {
+	struct stat sb;
+
+	if (sbp == NULL)
+	    sbp = &sb;
+
+	if (stat(path, sbp) == 0) {
+	    /* Make sure path describes an executable regular file. */
+	    if (S_ISREG(sbp->st_mode) && ISSET(sbp->st_mode, S_IXUSR|S_IXGRP|S_IXOTH))
+		ret = true;
+	    else
+		errno = EACCES;
+	}
+    }
+
+    debug_return_bool(ret);
+}
diff --git a/plugins/sudoers/gram.c b/plugins/sudoers/gram.c
new file mode 100644
index 0000000..fff971b
--- /dev/null
+++ b/plugins/sudoers/gram.c
@@ -0,0 +1,2300 @@
+/*
+ * This is an open source non-commercial project. Dear PVS-Studio, please check it.
+ * PVS-Studio Static Code Analyzer for C, C++ and C#: http://www.viva64.com
+ */
+
+#include <config.h>
+#include <stdlib.h>
+#include <string.h>
+#define YYBYACC 1
+#define YYMAJOR 1
+#define YYMINOR 9
+#define YYLEX yylex()
+#define YYEMPTY -1
+#define yyclearin (yychar=(YYEMPTY))
+#define yyerrok (yyerrflag=0)
+#define YYRECOVERING() (yyerrflag!=0)
+#define yyparse sudoersparse
+#define yylex sudoerslex
+#define yyerror sudoerserror
+#define yychar sudoerschar
+#define yyval sudoersval
+#define yylval sudoerslval
+#define yydebug sudoersdebug
+#define yynerrs sudoersnerrs
+#define yyerrflag sudoerserrflag
+#define yyss sudoersss
+#define yysslim sudoerssslim
+#define yyssp sudoersssp
+#define yyvs sudoersvs
+#define yyvsp sudoersvsp
+#define yystacksize sudoersstacksize
+#define yylhs sudoerslhs
+#define yylen sudoerslen
+#define yydefred sudoersdefred
+#define yydgoto sudoersdgoto
+#define yysindex sudoerssindex
+#define yyrindex sudoersrindex
+#define yygindex sudoersgindex
+#define yytable sudoerstable
+#define yycheck sudoerscheck
+#define yyname sudoersname
+#define yyrule sudoersrule
+#define YYPREFIX "sudoers"
+#line 2 "gram.y"
+/*
+ * Copyright (c) 1996, 1998-2005, 2007-2013, 2014-2018
+ *	Todd C. Miller <Todd.Miller@sudo.ws>
+ *
+ * Permission to use, copy, modify, and distribute this software for any
+ * purpose with or without fee is hereby granted, provided that the above
+ * copyright notice and this permission notice appear in all copies.
+ *
+ * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
+ * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
+ * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
+ * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
+ * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
+ * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
+ * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
+ *
+ * Sponsored in part by the Defense Advanced Research Projects
+ * Agency (DARPA) and Air Force Research Laboratory, Air Force
+ * Materiel Command, USAF, under agreement number F39502-99-1-0512.
+ */
+
+#include <config.h>
+
+#include <sys/types.h>
+#include <stdio.h>
+#include <stdlib.h>
+#include <stddef.h>
+#ifdef HAVE_STRING_H
+# include <string.h>
+#endif /* HAVE_STRING_H */
+#ifdef HAVE_STRINGS_H
+# include <strings.h>
+#endif /* HAVE_STRINGS_H */
+#include <unistd.h>
+#if defined(HAVE_STDINT_H)
+# include <stdint.h>
+#elif defined(HAVE_INTTYPES_H)
+# include <inttypes.h>
+#endif
+#if defined(YYBISON) && defined(HAVE_ALLOCA_H) && !defined(__GNUC__)
+# include <alloca.h>
+#endif /* YYBISON && HAVE_ALLOCA_H && !__GNUC__ */
+#include <errno.h>
+
+#include "sudoers.h"
+#include "sudo_digest.h"
+#include "toke.h"
+
+/* If we last saw a newline the entry is on the preceding line. */
+#define this_lineno	(last_token == COMMENT ? sudolineno - 1 : sudolineno)
+
+/*
+ * Globals
+ */
+bool sudoers_warnings = true;
+bool parse_error = false;
+int errorlineno = -1;
+char *errorfile = NULL;
+
+struct sudoers_parse_tree parsed_policy = {
+    TAILQ_HEAD_INITIALIZER(parsed_policy.userspecs),
+    TAILQ_HEAD_INITIALIZER(parsed_policy.defaults),
+    NULL /* aliases */
+};
+
+/*
+ * Local protoypes
+ */
+static void init_options(struct command_options *opts);
+static bool add_defaults(int, struct member *, struct defaults *);
+static bool add_userspec(struct member *, struct privilege *);
+static struct defaults *new_default(char *, char *, short);
+static struct member *new_member(char *, int);
+static struct command_digest *new_digest(int, char *);
+#line 78 "gram.y"
+#ifndef YYSTYPE_DEFINED
+#define YYSTYPE_DEFINED
+typedef union {
+    struct cmndspec *cmndspec;
+    struct defaults *defaults;
+    struct member *member;
+    struct runascontainer *runas;
+    struct privilege *privilege;
+    struct command_digest *digest;
+    struct sudo_command command;
+    struct command_options options;
+    struct cmndtag tag;
+    char *string;
+    int tok;
+} YYSTYPE;
+#endif /* YYSTYPE_DEFINED */
+#line 131 "gram.c"
+#define COMMAND 257
+#define ALIAS 258
+#define DEFVAR 259
+#define NTWKADDR 260
+#define NETGROUP 261
+#define USERGROUP 262
+#define WORD 263
+#define DIGEST 264
+#define DEFAULTS 265
+#define DEFAULTS_HOST 266
+#define DEFAULTS_USER 267
+#define DEFAULTS_RUNAS 268
+#define DEFAULTS_CMND 269
+#define NOPASSWD 270
+#define PASSWD 271
+#define NOEXEC 272
+#define EXEC 273
+#define SETENV 274
+#define NOSETENV 275
+#define LOG_INPUT 276
+#define NOLOG_INPUT 277
+#define LOG_OUTPUT 278
+#define NOLOG_OUTPUT 279
+#define MAIL 280
+#define NOMAIL 281
+#define FOLLOW 282
+#define NOFOLLOW 283
+#define ALL 284
+#define COMMENT 285
+#define HOSTALIAS 286
+#define CMNDALIAS 287
+#define USERALIAS 288
+#define RUNASALIAS 289
+#define ERROR 290
+#define TYPE 291
+#define ROLE 292
+#define PRIVS 293
+#define LIMITPRIVS 294
+#define CMND_TIMEOUT 295
+#define NOTBEFORE 296
+#define NOTAFTER 297
+#define MYSELF 298
+#define SHA224_TOK 299
+#define SHA256_TOK 300
+#define SHA384_TOK 301
+#define SHA512_TOK 302
+#define YYERRCODE 256
+#if defined(__cplusplus) || defined(__STDC__)
+const short sudoerslhs[] =
+#else
+short sudoerslhs[] =
+#endif
+	{                                        -1,
+    0,    0,   32,   32,   33,   33,   33,   33,   33,   33,
+   33,   33,   33,   33,   33,   33,    4,    4,    3,    3,
+    3,    3,    3,   21,   21,   20,   11,   11,    9,    9,
+    9,    9,    9,    2,    2,    1,   31,   31,   31,   31,
+    7,    7,    6,    6,   28,   29,   30,   24,   25,   26,
+   27,   18,   18,   19,   19,   19,   19,   19,   23,   23,
+   23,   23,   23,   23,   23,   23,   22,   22,   22,   22,
+   22,   22,   22,   22,   22,   22,   22,   22,   22,   22,
+   22,    5,    5,    5,   35,   35,   38,   10,   10,   36,
+   36,   39,    8,    8,   37,   37,   40,   34,   34,   41,
+   14,   14,   12,   12,   13,   13,   13,   13,   13,   17,
+   17,   15,   15,   16,   16,   16,
+};
+#if defined(__cplusplus) || defined(__STDC__)
+const short sudoerslen[] =
+#else
+short sudoerslen[] =
+#endif
+	{                                         2,
+    0,    1,    1,    2,    1,    2,    2,    2,    2,    2,
+    2,    2,    3,    3,    3,    3,    1,    3,    1,    2,
+    3,    3,    3,    1,    3,    3,    1,    2,    1,    1,
+    1,    1,    1,    1,    3,    4,    3,    3,    3,    3,
+    1,    2,    1,    2,    3,    3,    3,    3,    3,    3,
+    3,    0,    3,    0,    1,    3,    2,    1,    0,    2,
+    2,    2,    2,    2,    2,    2,    0,    2,    2,    2,
+    2,    2,    2,    2,    2,    2,    2,    2,    2,    2,
+    2,    1,    1,    1,    1,    3,    3,    1,    3,    1,
+    3,    3,    1,    3,    1,    3,    3,    1,    3,    3,
+    1,    3,    1,    2,    1,    1,    1,    1,    1,    1,
+    3,    1,    2,    1,    1,    1,
+};
+#if defined(__cplusplus) || defined(__STDC__)
+const short sudoersdefred[] =
+#else
+short sudoersdefred[] =
+#endif
+	{                                      0,
+    0,  105,  107,  108,  109,    0,    0,    0,    0,    0,
+  106,    5,    0,    0,    0,    0,    0,    0,  101,  103,
+    0,    0,    3,    6,    0,    0,   17,    0,   29,   32,
+   31,   33,   30,    0,   27,    0,   88,    0,    0,   84,
+   83,   82,    0,    0,    0,    0,    0,   43,   41,   93,
+    0,    0,    0,    0,   85,    0,    0,   90,    0,    0,
+   98,    0,    0,   95,  104,    0,    0,   24,    0,    4,
+    0,    0,    0,   20,    0,   28,    0,    0,    0,    0,
+   44,    0,    0,    0,    0,    0,    0,   42,    0,    0,
+    0,    0,    0,    0,    0,    0,  102,    0,    0,   21,
+   22,   23,   18,   89,   37,   38,   39,   40,   94,    0,
+   86,    0,   91,    0,   99,    0,   96,    0,   34,    0,
+   59,   25,    0,    0,    0,    0,    0,  114,  116,  115,
+    0,  110,  112,    0,    0,   53,   35,    0,    0,    0,
+    0,    0,    0,    0,    0,   63,   64,   65,   66,   62,
+   60,   61,  113,    0,    0,    0,    0,    0,    0,    0,
+    0,    0,   68,   69,   70,   71,   72,   73,   74,   75,
+   76,   77,   80,   81,   78,   79,   36,  111,   49,   48,
+   50,   51,   45,   46,   47,
+};
+#if defined(__cplusplus) || defined(__STDC__)
+const short sudoersdgoto[] =
+#else
+short sudoersdgoto[] =
+#endif
+	{                                      18,
+  119,  120,   27,   28,   48,   49,   50,   51,   35,   67,
+   37,   19,   20,   21,  132,  133,  134,  121,  125,   68,
+   69,  145,  127,  146,  147,  148,  149,  150,  151,  152,
+   52,   22,   23,   60,   54,   57,   63,   55,   58,   64,
+   61,
+};
+#if defined(__cplusplus) || defined(__STDC__)
+const short sudoerssindex[] =
+#else
+short sudoerssindex[] =
+#endif
+	{                                    512,
+ -272,    0,    0,    0,    0,  -23,  227,  -19,  -19,   -5,
+    0,    0, -239, -236, -234, -232, -231,    0,    0,    0,
+  -33,  512,    0,    0,   -3, -220,    0,    3,    0,    0,
+    0,    0,    0, -225,    0,  -28,    0,  -24,  -24,    0,
+    0,    0, -240,  -15,   -8,    2,    4,    0,    0,    0,
+  -21,  -12,   -9,    6,    0,    7,   12,    0,   10,   14,
+    0,   13,   25,    0,    0,  -19,  -36,    0,   26,    0,
+ -208, -202, -198,    0,  -23,    0,  227,    3,    3,    3,
+    0, -179, -178, -174, -173,   -5,    3,    0,  227, -239,
+   -5, -236,  -19, -234,  -19, -232,    0,   52,  227,    0,
+    0,    0,    0,    0,    0,    0,    0,    0,    0,   50,
+    0,   51,    0,   54,    0,   54,    0,  -29,    0,   55,
+    0,    0,  289,   -7,   59,   52, -216,    0,    0,    0,
+ -217,    0,    0,   57,  289,    0,    0,   32,   41,   42,
+   43,   44,   45,   47,  450,    0,    0,    0,    0,    0,
+    0,    0,    0,  289,   57, -154, -153, -150, -149, -148,
+ -147, -146,    0,    0,    0,    0,    0,    0,    0,    0,
+    0,    0,    0,    0,    0,    0,    0,    0,    0,    0,
+    0,    0,    0,    0,    0,};
+#if defined(__cplusplus) || defined(__STDC__)
+const short sudoersrindex[] =
+#else
+short sudoersrindex[] =
+#endif
+	{                                    118,
+    0,    0,    0,    0,    0,    0,    0,    0,    0,    0,
+    0,    0,    0,    0,    0,    0,    0,    0,    0,    0,
+    0,  119,    0,    0,    1,    0,    0,  145,    0,    0,
+    0,    0,    0,    0,    0,    0,    0,    0,    0,    0,
+    0,    0,    0,    0,    0,    0,    0,    0,    0,    0,
+    0,    0,    0,  159,    0,    0,  193,    0,    0,  207,
+    0,    0,  241,    0,    0,    0,    0,    0,  275,    0,
+    0,    0,    0,    0,    0,    0,    0,  309,  323,  357,
+    0,    0,    0,    0,    0,    0,  371,    0,    0,    0,
+    0,    0,    0,    0,    0,    0,    0,  404,    0,    0,
+    0,    0,    0,    0,    0,    0,    0,    0,    0,   15,
+    0,   49,    0,   63,    0,   97,    0,   79,    0,  111,
+    0,    0,   81,   82,    0,  404,  483,    0,    0,    0,
+    0,    0,    0,   83,    0,    0,    0,    0,    0,    0,
+    0,    0,    0,    0,    0,    0,    0,    0,    0,    0,
+    0,    0,    0,    0,   84,    0,    0,    0,    0,    0,
+    0,    0,    0,    0,    0,    0,    0,    0,    0,    0,
+    0,    0,    0,    0,    0,    0,    0,    0,    0,    0,
+    0,    0,    0,    0,    0,};
+#if defined(__cplusplus) || defined(__STDC__)
+const short sudoersgindex[] =
+#else
+short sudoersgindex[] =
+#endif
+	{                                      0,
+    5,    0,   53,   18,   86,   74,  -79,   36,   98,   -1,
+   56,   68,  120,   -6,  -18,    8,   11,    0,    0,   39,
+    0,    0,    0,    0,    0,    0,    0,    0,    0,    0,
+    0,    0,  113,    0,    0,    0,    0,   58,   48,   46,
+   60,
+};
+#define YYTABLESIZE 801
+#if defined(__cplusplus) || defined(__STDC__)
+const short sudoerstable[] =
+#else
+short sudoerstable[] =
+#endif
+	{                                      34,
+   19,   38,   39,   17,   26,   36,  109,   77,   26,   26,
+   66,   26,   24,   17,   87,   77,   40,   41,   53,   66,
+   43,   56,   86,   59,   98,   62,    2,   43,  123,    3,
+    4,    5,   29,   19,   30,   31,   66,   32,   74,   72,
+  128,   73,   82,   42,   19,  129,   75,   87,   92,   83,
+  135,   89,   11,   78,  100,   79,   80,   71,   33,   84,
+  101,   85,  100,   90,  102,  177,  130,   91,   87,   92,
+   93,   94,   87,   95,  138,  139,  140,  141,  142,  143,
+  144,   92,   96,   99,  105,  106,  114,  110,  116,  107,
+  108,  118,  156,   77,   86,  100,   97,   66,  126,  136,
+  154,  157,  158,  159,  160,  161,   92,  162,  179,  180,
+   26,  124,  181,  182,  183,  184,  185,    1,    2,   54,
+  100,   58,   55,   57,   56,   88,  112,  103,   81,   97,
+  137,   76,  104,   97,   70,  178,   65,  122,  153,  113,
+    0,  117,    0,   26,   12,  155,    0,  111,    0,    0,
+    0,    0,    0,  115,   97,    0,    0,    0,    9,    0,
+    0,    0,    0,    0,    0,    0,    0,    0,   26,    0,
+    0,    0,    0,    0,    0,    0,    0,   12,    0,    0,
+    0,    0,    0,    0,    0,    0,    0,    0,    0,    0,
+    0,    9,   10,    0,    0,    0,    0,    0,    0,    0,
+    0,    0,    0,    0,    0,    0,    8,    0,    0,    0,
+    0,    0,    0,    0,    0,    0,    0,    0,    0,    0,
+    0,    0,    0,    0,   29,   10,   30,   31,    2,   32,
+   25,    3,    4,    5,   25,   25,    0,   25,    2,    8,
+   11,    3,    4,    5,   40,   41,    0,    0,    0,    0,
+   33,   40,   41,    0,   11,    0,   19,    0,   19,   34,
+    0,   19,   19,   19,   11,   19,   19,   19,   19,   19,
+   87,   42,   87,   11,    7,   87,   87,   87,   42,   87,
+   87,   87,   87,   87,   19,   19,   19,   19,   19,   19,
+    0,    0,    0,   44,   45,   46,   47,    0,   87,   87,
+   87,   87,   87,   87,   92,    0,   92,    7,   15,   92,
+   92,   92,    0,   92,   92,   92,   92,   92,  100,    0,
+  100,  131,   13,  100,  100,  100,    0,  100,  100,  100,
+  100,  100,   92,   92,   92,   92,   92,   92,    0,    0,
+    0,   15,    0,    0,    0,    0,  100,  100,  100,  100,
+  100,  100,   97,    0,   97,   13,   14,   97,   97,   97,
+    0,   97,   97,   97,   97,   97,   26,    0,   26,    0,
+   16,   26,   26,   26,    0,   26,   26,   26,   26,   26,
+   97,   97,   97,   97,   97,   97,    0,    0,    0,   14,
+    0,    0,    0,    0,   26,   26,   26,   26,   26,   26,
+   12,    0,   12,   16,    0,   12,   12,   12,    0,   12,
+   12,   12,   12,   12,    9,    0,    9,    0,    0,    9,
+    9,    9,    0,    9,    9,    9,    9,    9,   12,   12,
+   12,   12,   12,   12,    0,    0,   52,    0,    0,    0,
+    0,    0,    9,    9,    9,    9,    9,    9,   10,    0,
+   10,    0,    0,   10,   10,   10,    0,   10,   10,   10,
+   10,   10,    8,    0,    8,    0,    0,    8,    8,    8,
+    0,    8,    8,    8,    8,    8,   10,   10,   10,   10,
+   10,   10,   43,    0,   29,    0,   30,   31,    0,   32,
+    8,    8,    8,    8,    8,    8,   11,    0,   11,    0,
+    0,   11,   11,   11,    0,   11,   11,   11,   11,   11,
+   33,    0,    0,    0,    0,   67,    0,    0,    0,    0,
+    0,    0,    0,    0,   11,   11,   11,   11,   11,   11,
+    7,    0,    7,    0,    0,    7,    7,    7,    0,    7,
+    7,    7,    7,    7,   17,    0,  128,    0,    0,    0,
+    0,  129,    0,    0,    0,    0,    0,    0,    7,    7,
+    7,    7,    7,    7,   15,    0,   15,    0,    0,   15,
+   15,   15,  130,   15,   15,   15,   15,   15,   13,    0,
+   13,    0,    0,   13,   13,   13,    0,   13,   13,   13,
+   13,   13,   15,   15,   15,   15,   15,   15,    0,    0,
+    0,    0,    0,    0,    0,    0,   13,   13,   13,   13,
+   13,   13,   14,    0,   14,    0,    0,   14,   14,   14,
+    0,   14,   14,   14,   14,   14,   16,    0,   16,    0,
+    0,   16,   16,   16,    0,   16,   16,   16,   16,   16,
+   14,   14,   14,   14,   14,   14,    0,    0,    0,    0,
+    0,    0,    0,    0,   16,   16,   16,   16,   16,   16,
+   52,   52,    0,    0,    0,    0,    0,    0,    0,    0,
+    0,    0,    0,   52,   52,   52,   52,   52,   52,   52,
+   52,   52,   52,   52,   52,   52,   52,   52,    0,    0,
+    0,    0,    0,    0,   52,   52,   52,   52,   52,   52,
+   52,    0,   52,   52,   52,   52,   40,   41,    0,    0,
+    0,    0,    0,    0,    0,    0,    0,    0,    0,  163,
+  164,  165,  166,  167,  168,  169,  170,  171,  172,  173,
+  174,  175,  176,   42,    0,    0,    0,    0,    0,   67,
+   67,    0,    0,    0,    0,    0,    0,    0,   44,   45,
+   46,   47,   67,   67,   67,   67,   67,   67,   67,   67,
+   67,   67,   67,   67,   67,   67,   67,    1,    0,    2,
+    0,    0,    3,    4,    5,    0,    6,    7,    8,    9,
+   10,   67,   67,   67,   67,    0,    0,    0,    0,    0,
+    0,    0,    0,    0,    0,   11,   12,   13,   14,   15,
+   16,
+};
+#if defined(__cplusplus) || defined(__STDC__)
+const short sudoerscheck[] =
+#else
+short sudoerscheck[] =
+#endif
+	{                                      33,
+    0,    8,    9,   33,   33,    7,   86,   44,   33,   33,
+   44,   33,  285,   33,    0,   44,  257,  258,  258,   44,
+   33,  258,   44,  258,   61,  258,  258,   33,   58,  261,
+  262,  263,  258,   33,  260,  261,   44,  263,  259,   43,
+  258,   45,   58,  284,   44,  263,   44,   33,    0,   58,
+   58,   61,  284,   36,  263,   38,   39,   61,  284,   58,
+  263,   58,    0,   58,  263,  145,  284,   61,   51,   58,
+   61,   58,   58,   61,  291,  292,  293,  294,  295,  296,
+  297,   33,   58,   58,  264,  264,   93,   89,   95,  264,
+  264,   40,   61,   44,   44,   33,    0,   44,   44,   41,
+   44,   61,   61,   61,   61,   61,   58,   61,  263,  263,
+    0,  118,  263,  263,  263,  263,  263,    0,    0,   41,
+   58,   41,   41,   41,   41,   52,   91,   75,   43,   33,
+  126,   34,   77,   66,   22,  154,   17,   99,  131,   92,
+   -1,   96,   -1,   33,    0,  135,   -1,   90,   -1,   -1,
+   -1,   -1,   -1,   94,   58,   -1,   -1,   -1,    0,   -1,
+   -1,   -1,   -1,   -1,   -1,   -1,   -1,   -1,   58,   -1,
+   -1,   -1,   -1,   -1,   -1,   -1,   -1,   33,   -1,   -1,
+   -1,   -1,   -1,   -1,   -1,   -1,   -1,   -1,   -1,   -1,
+   -1,   33,    0,   -1,   -1,   -1,   -1,   -1,   -1,   -1,
+   -1,   -1,   -1,   -1,   -1,   -1,    0,   -1,   -1,   -1,
+   -1,   -1,   -1,   -1,   -1,   -1,   -1,   -1,   -1,   -1,
+   -1,   -1,   -1,   -1,  258,   33,  260,  261,  258,  263,
+  259,  261,  262,  263,  259,  259,   -1,  259,  258,   33,
+    0,  261,  262,  263,  257,  258,   -1,   -1,   -1,   -1,
+  284,  257,  258,   -1,  284,   -1,  256,   -1,  258,   33,
+   -1,  261,  262,  263,  284,  265,  266,  267,  268,  269,
+  256,  284,  258,   33,    0,  261,  262,  263,  284,  265,
+  266,  267,  268,  269,  284,  285,  286,  287,  288,  289,
+   -1,   -1,   -1,  299,  300,  301,  302,   -1,  284,  285,
+  286,  287,  288,  289,  256,   -1,  258,   33,    0,  261,
+  262,  263,   -1,  265,  266,  267,  268,  269,  256,   -1,
+  258,   33,    0,  261,  262,  263,   -1,  265,  266,  267,
+  268,  269,  284,  285,  286,  287,  288,  289,   -1,   -1,
+   -1,   33,   -1,   -1,   -1,   -1,  284,  285,  286,  287,
+  288,  289,  256,   -1,  258,   33,    0,  261,  262,  263,
+   -1,  265,  266,  267,  268,  269,  256,   -1,  258,   -1,
+    0,  261,  262,  263,   -1,  265,  266,  267,  268,  269,
+  284,  285,  286,  287,  288,  289,   -1,   -1,   -1,   33,
+   -1,   -1,   -1,   -1,  284,  285,  286,  287,  288,  289,
+  256,   -1,  258,   33,   -1,  261,  262,  263,   -1,  265,
+  266,  267,  268,  269,  256,   -1,  258,   -1,   -1,  261,
+  262,  263,   -1,  265,  266,  267,  268,  269,  284,  285,
+  286,  287,  288,  289,   -1,   -1,   33,   -1,   -1,   -1,
+   -1,   -1,  284,  285,  286,  287,  288,  289,  256,   -1,
+  258,   -1,   -1,  261,  262,  263,   -1,  265,  266,  267,
+  268,  269,  256,   -1,  258,   -1,   -1,  261,  262,  263,
+   -1,  265,  266,  267,  268,  269,  284,  285,  286,  287,
+  288,  289,   33,   -1,  258,   -1,  260,  261,   -1,  263,
+  284,  285,  286,  287,  288,  289,  256,   -1,  258,   -1,
+   -1,  261,  262,  263,   -1,  265,  266,  267,  268,  269,
+  284,   -1,   -1,   -1,   -1,   33,   -1,   -1,   -1,   -1,
+   -1,   -1,   -1,   -1,  284,  285,  286,  287,  288,  289,
+  256,   -1,  258,   -1,   -1,  261,  262,  263,   -1,  265,
+  266,  267,  268,  269,   33,   -1,  258,   -1,   -1,   -1,
+   -1,  263,   -1,   -1,   -1,   -1,   -1,   -1,  284,  285,
+  286,  287,  288,  289,  256,   -1,  258,   -1,   -1,  261,
+  262,  263,  284,  265,  266,  267,  268,  269,  256,   -1,
+  258,   -1,   -1,  261,  262,  263,   -1,  265,  266,  267,
+  268,  269,  284,  285,  286,  287,  288,  289,   -1,   -1,
+   -1,   -1,   -1,   -1,   -1,   -1,  284,  285,  286,  287,
+  288,  289,  256,   -1,  258,   -1,   -1,  261,  262,  263,
+   -1,  265,  266,  267,  268,  269,  256,   -1,  258,   -1,
+   -1,  261,  262,  263,   -1,  265,  266,  267,  268,  269,
+  284,  285,  286,  287,  288,  289,   -1,   -1,   -1,   -1,
+   -1,   -1,   -1,   -1,  284,  285,  286,  287,  288,  289,
+  257,  258,   -1,   -1,   -1,   -1,   -1,   -1,   -1,   -1,
+   -1,   -1,   -1,  270,  271,  272,  273,  274,  275,  276,
+  277,  278,  279,  280,  281,  282,  283,  284,   -1,   -1,
+   -1,   -1,   -1,   -1,  291,  292,  293,  294,  295,  296,
+  297,   -1,  299,  300,  301,  302,  257,  258,   -1,   -1,
+   -1,   -1,   -1,   -1,   -1,   -1,   -1,   -1,   -1,  270,
+  271,  272,  273,  274,  275,  276,  277,  278,  279,  280,
+  281,  282,  283,  284,   -1,   -1,   -1,   -1,   -1,  257,
+  258,   -1,   -1,   -1,   -1,   -1,   -1,   -1,  299,  300,
+  301,  302,  270,  271,  272,  273,  274,  275,  276,  277,
+  278,  279,  280,  281,  282,  283,  284,  256,   -1,  258,
+   -1,   -1,  261,  262,  263,   -1,  265,  266,  267,  268,
+  269,  299,  300,  301,  302,   -1,   -1,   -1,   -1,   -1,
+   -1,   -1,   -1,   -1,   -1,  284,  285,  286,  287,  288,
+  289,
+};
+#define YYFINAL 18
+#ifndef YYDEBUG
+#define YYDEBUG 0
+#endif
+#define YYMAXTOKEN 302
+#if YYDEBUG
+#if defined(__cplusplus) || defined(__STDC__)
+const char * const sudoersname[] =
+#else
+char *sudoersname[] =
+#endif
+	{
+"end-of-file",0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,
+"'!'",0,0,0,0,0,0,"'('","')'",0,"'+'","','","'-'",0,0,0,0,0,0,0,0,0,0,0,0,"':'",
+0,0,"'='",0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,
+0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,
+0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,
+0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,
+0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,
+"COMMAND","ALIAS","DEFVAR","NTWKADDR","NETGROUP","USERGROUP","WORD","DIGEST",
+"DEFAULTS","DEFAULTS_HOST","DEFAULTS_USER","DEFAULTS_RUNAS","DEFAULTS_CMND",
+"NOPASSWD","PASSWD","NOEXEC","EXEC","SETENV","NOSETENV","LOG_INPUT",
+"NOLOG_INPUT","LOG_OUTPUT","NOLOG_OUTPUT","MAIL","NOMAIL","FOLLOW","NOFOLLOW",
+"ALL","COMMENT","HOSTALIAS","CMNDALIAS","USERALIAS","RUNASALIAS","ERROR","TYPE",
+"ROLE","PRIVS","LIMITPRIVS","CMND_TIMEOUT","NOTBEFORE","NOTAFTER","MYSELF",
+"SHA224_TOK","SHA256_TOK","SHA384_TOK","SHA512_TOK",
+};
+#if defined(__cplusplus) || defined(__STDC__)
+const char * const sudoersrule[] =
+#else
+char *sudoersrule[] =
+#endif
+	{"$accept : file",
+"file :",
+"file : line",
+"line : entry",
+"line : line entry",
+"entry : COMMENT",
+"entry : error COMMENT",
+"entry : userlist privileges",
+"entry : USERALIAS useraliases",
+"entry : HOSTALIAS hostaliases",
+"entry : CMNDALIAS cmndaliases",
+"entry : RUNASALIAS runasaliases",
+"entry : DEFAULTS defaults_list",
+"entry : DEFAULTS_USER userlist defaults_list",
+"entry : DEFAULTS_RUNAS userlist defaults_list",
+"entry : DEFAULTS_HOST hostlist defaults_list",
+"entry : DEFAULTS_CMND cmndlist defaults_list",
+"defaults_list : defaults_entry",
+"defaults_list : defaults_list ',' defaults_entry",
+"defaults_entry : DEFVAR",
+"defaults_entry : '!' DEFVAR",
+"defaults_entry : DEFVAR '=' WORD",
+"defaults_entry : DEFVAR '+' WORD",
+"defaults_entry : DEFVAR '-' WORD",
+"privileges : privilege",
+"privileges : privileges ':' privilege",
+"privilege : hostlist '=' cmndspeclist",
+"ophost : host",
+"ophost : '!' host",
+"host : ALIAS",
+"host : ALL",
+"host : NETGROUP",
+"host : NTWKADDR",
+"host : WORD",
+"cmndspeclist : cmndspec",
+"cmndspeclist : cmndspeclist ',' cmndspec",
+"cmndspec : runasspec options cmndtag digcmnd",
+"digest : SHA224_TOK ':' DIGEST",
+"digest : SHA256_TOK ':' DIGEST",
+"digest : SHA384_TOK ':' DIGEST",
+"digest : SHA512_TOK ':' DIGEST",
+"digcmnd : opcmnd",
+"digcmnd : digest opcmnd",
+"opcmnd : cmnd",
+"opcmnd : '!' cmnd",
+"timeoutspec : CMND_TIMEOUT '=' WORD",
+"notbeforespec : NOTBEFORE '=' WORD",
+"notafterspec : NOTAFTER '=' WORD",
+"rolespec : ROLE '=' WORD",
+"typespec : TYPE '=' WORD",
+"privsspec : PRIVS '=' WORD",
+"limitprivsspec : LIMITPRIVS '=' WORD",
+"runasspec :",
+"runasspec : '(' runaslist ')'",
+"runaslist :",
+"runaslist : userlist",
+"runaslist : userlist ':' grouplist",
+"runaslist : ':' grouplist",
+"runaslist : ':'",
+"options :",
+"options : options notbeforespec",
+"options : options notafterspec",
+"options : options timeoutspec",
+"options : options rolespec",
+"options : options typespec",
+"options : options privsspec",
+"options : options limitprivsspec",
+"cmndtag :",
+"cmndtag : cmndtag NOPASSWD",
+"cmndtag : cmndtag PASSWD",
+"cmndtag : cmndtag NOEXEC",
+"cmndtag : cmndtag EXEC",
+"cmndtag : cmndtag SETENV",
+"cmndtag : cmndtag NOSETENV",
+"cmndtag : cmndtag LOG_INPUT",
+"cmndtag : cmndtag NOLOG_INPUT",
+"cmndtag : cmndtag LOG_OUTPUT",
+"cmndtag : cmndtag NOLOG_OUTPUT",
+"cmndtag : cmndtag FOLLOW",
+"cmndtag : cmndtag NOFOLLOW",
+"cmndtag : cmndtag MAIL",
+"cmndtag : cmndtag NOMAIL",
+"cmnd : ALL",
+"cmnd : ALIAS",
+"cmnd : COMMAND",
+"hostaliases : hostalias",
+"hostaliases : hostaliases ':' hostalias",
+"hostalias : ALIAS '=' hostlist",
+"hostlist : ophost",
+"hostlist : hostlist ',' ophost",
+"cmndaliases : cmndalias",
+"cmndaliases : cmndaliases ':' cmndalias",
+"cmndalias : ALIAS '=' cmndlist",
+"cmndlist : digcmnd",
+"cmndlist : cmndlist ',' digcmnd",
+"runasaliases : runasalias",
+"runasaliases : runasaliases ':' runasalias",
+"runasalias : ALIAS '=' userlist",
+"useraliases : useralias",
+"useraliases : useraliases ':' useralias",
+"useralias : ALIAS '=' userlist",
+"userlist : opuser",
+"userlist : userlist ',' opuser",
+"opuser : user",
+"opuser : '!' user",
+"user : ALIAS",
+"user : ALL",
+"user : NETGROUP",
+"user : USERGROUP",
+"user : WORD",
+"grouplist : opgroup",
+"grouplist : grouplist ',' opgroup",
+"opgroup : group",
+"opgroup : '!' group",
+"group : ALIAS",
+"group : ALL",
+"group : WORD",
+};
+#endif
+#ifdef YYSTACKSIZE
+#undef YYMAXDEPTH
+#define YYMAXDEPTH YYSTACKSIZE
+#else
+#ifdef YYMAXDEPTH
+#define YYSTACKSIZE YYMAXDEPTH
+#else
+#define YYSTACKSIZE 10000
+#define YYMAXDEPTH 10000
+#endif
+#endif
+#define YYINITSTACKSIZE 200
+/* LINTUSED */
+int yydebug;
+int yynerrs;
+int yyerrflag;
+int yychar;
+short *yyssp;
+YYSTYPE *yyvsp;
+YYSTYPE yyval;
+YYSTYPE yylval;
+short *yyss;
+short *yysslim;
+YYSTYPE *yyvs;
+unsigned int yystacksize;
+int yyparse(void);
+#line 904 "gram.y"
+void
+sudoerserror(const char *s)
+{
+    debug_decl(sudoerserror, SUDOERS_DEBUG_PARSER)
+
+    /* Save the line the first error occurred on. */
+    if (errorlineno == -1) {
+	errorlineno = this_lineno;
+	rcstr_delref(errorfile);
+	errorfile = rcstr_addref(sudoers);
+    }
+    if (sudoers_warnings && s != NULL) {
+	LEXTRACE("<*> ");
+#ifndef TRACELEXER
+	if (trace_print == NULL || trace_print == sudoers_trace_print) {
+	    const char fmt[] = ">>> %s: %s near line %d <<<\n";
+	    int oldlocale;
+
+	    /* Warnings are displayed in the user's locale. */
+	    sudoers_setlocale(SUDOERS_LOCALE_USER, &oldlocale);
+	    sudo_printf(SUDO_CONV_ERROR_MSG, _(fmt), sudoers, _(s), this_lineno);
+	    sudoers_setlocale(oldlocale, NULL);
+	}
+#endif
+    }
+    parse_error = true;
+    debug_return;
+}
+
+static struct defaults *
+new_default(char *var, char *val, short op)
+{
+    struct defaults *d;
+    debug_decl(new_default, SUDOERS_DEBUG_PARSER)
+
+    if ((d = calloc(1, sizeof(struct defaults))) == NULL) {
+	sudo_debug_printf(SUDO_DEBUG_ERROR|SUDO_DEBUG_LINENO,
+	    "unable to allocate memory");
+	debug_return_ptr(NULL);
+    }
+
+    d->var = var;
+    d->val = val;
+    /* d->type = 0; */
+    d->op = op;
+    /* d->binding = NULL */
+    d->lineno = this_lineno;
+    d->file = rcstr_addref(sudoers);
+    HLTQ_INIT(d, entries);
+
+    debug_return_ptr(d);
+}
+
+static struct member *
+new_member(char *name, int type)
+{
+    struct member *m;
+    debug_decl(new_member, SUDOERS_DEBUG_PARSER)
+
+    if ((m = calloc(1, sizeof(struct member))) == NULL) {
+	sudo_debug_printf(SUDO_DEBUG_ERROR|SUDO_DEBUG_LINENO,
+	    "unable to allocate memory");
+	debug_return_ptr(NULL);
+    }
+
+    m->name = name;
+    m->type = type;
+    HLTQ_INIT(m, entries);
+
+    debug_return_ptr(m);
+}
+
+static struct command_digest *
+new_digest(int digest_type, char *digest_str)
+{
+    struct command_digest *digest;
+    debug_decl(new_digest, SUDOERS_DEBUG_PARSER)
+
+    if ((digest = malloc(sizeof(*digest))) == NULL) {
+	sudo_debug_printf(SUDO_DEBUG_ERROR|SUDO_DEBUG_LINENO,
+	    "unable to allocate memory");
+	debug_return_ptr(NULL);
+    }
+
+    digest->digest_type = digest_type;
+    digest->digest_str = digest_str;
+    if (digest->digest_str == NULL) {
+	sudo_debug_printf(SUDO_DEBUG_ERROR|SUDO_DEBUG_LINENO,
+	    "unable to allocate memory");
+	free(digest);
+	digest = NULL;
+    }
+
+    debug_return_ptr(digest);
+}
+
+/*
+ * Add a list of defaults structures to the defaults list.
+ * The binding, if non-NULL, specifies a list of hosts, users, or
+ * runas users the entries apply to (specified by the type).
+ */
+static bool
+add_defaults(int type, struct member *bmem, struct defaults *defs)
+{
+    struct defaults *d, *next;
+    struct member_list *binding;
+    bool ret = true;
+    debug_decl(add_defaults, SUDOERS_DEBUG_PARSER)
+
+    if (defs != NULL) {
+	/*
+	 * We use a single binding for each entry in defs.
+	 */
+	if ((binding = malloc(sizeof(*binding))) == NULL) {
+	    sudo_debug_printf(SUDO_DEBUG_ERROR|SUDO_DEBUG_LINENO,
+		"unable to allocate memory");
+	    sudoerserror(N_("unable to allocate memory"));
+	    debug_return_bool(false);
+	}
+	if (bmem != NULL)
+	    HLTQ_TO_TAILQ(binding, bmem, entries);
+	else
+	    TAILQ_INIT(binding);
+
+	/*
+	 * Set type and binding (who it applies to) for new entries.
+	 * Then add to the global defaults list.
+	 */
+	HLTQ_FOREACH_SAFE(d, defs, entries, next) {
+	    d->type = type;
+	    d->binding = binding;
+	    TAILQ_INSERT_TAIL(&parsed_policy.defaults, d, entries);
+	}
+    }
+
+    debug_return_bool(ret);
+}
+
+/*
+ * Allocate a new struct userspec, populate it, and insert it at the
+ * end of the userspecs list.
+ */
+static bool
+add_userspec(struct member *members, struct privilege *privs)
+{
+    struct userspec *u;
+    debug_decl(add_userspec, SUDOERS_DEBUG_PARSER)
+
+    if ((u = calloc(1, sizeof(*u))) == NULL) {
+	sudo_debug_printf(SUDO_DEBUG_ERROR|SUDO_DEBUG_LINENO,
+	    "unable to allocate memory");
+	debug_return_bool(false);
+    }
+    u->lineno = this_lineno;
+    u->file = rcstr_addref(sudoers);
+    HLTQ_TO_TAILQ(&u->users, members, entries);
+    HLTQ_TO_TAILQ(&u->privileges, privs, entries);
+    STAILQ_INIT(&u->comments);
+    TAILQ_INSERT_TAIL(&parsed_policy.userspecs, u, entries);
+
+    debug_return_bool(true);
+}
+
+/*
+ * Free a member struct and its contents.
+ */
+void
+free_member(struct member *m)
+{
+    debug_decl(free_member, SUDOERS_DEBUG_PARSER)
+
+    if (m->type == COMMAND) {
+	    struct sudo_command *c = (struct sudo_command *)m->name;
+	    free(c->cmnd);
+	    free(c->args);
+	    if (c->digest != NULL) {
+		free(c->digest->digest_str);
+		free(c->digest);
+	    }
+    }
+    free(m->name);
+    free(m);
+
+    debug_return;
+}
+
+/*
+ * Free a tailq of members but not the struct member_list container itself.
+ */
+void
+free_members(struct member_list *members)
+{
+    struct member *m;
+    debug_decl(free_members, SUDOERS_DEBUG_PARSER)
+
+    while ((m = TAILQ_FIRST(members)) != NULL) {
+	TAILQ_REMOVE(members, m, entries);
+	free_member(m);
+    }
+
+    debug_return;
+}
+
+void
+free_defaults(struct defaults_list *defs)
+{
+    struct member_list *prev_binding = NULL;
+    struct defaults *def;
+    debug_decl(free_defaults, SUDOERS_DEBUG_PARSER)
+
+    while ((def = TAILQ_FIRST(defs)) != NULL) {
+	TAILQ_REMOVE(defs, def, entries);
+	free_default(def, &prev_binding);
+    }
+
+    debug_return;
+}
+
+void
+free_default(struct defaults *def, struct member_list **binding)
+{
+    debug_decl(free_default, SUDOERS_DEBUG_PARSER)
+
+    if (def->binding != *binding) {
+	*binding = def->binding;
+	if (def->binding != NULL) {
+	    free_members(def->binding);
+	    free(def->binding);
+	}
+    }
+    rcstr_delref(def->file);
+    free(def->var);
+    free(def->val);
+    free(def);
+
+    debug_return;
+}
+
+void
+free_privilege(struct privilege *priv)
+{
+    struct member_list *runasuserlist = NULL, *runasgrouplist = NULL;
+    struct member_list *prev_binding = NULL;
+    struct cmndspec *cs;
+    struct defaults *def;
+#ifdef HAVE_SELINUX
+    char *role = NULL, *type = NULL;
+#endif /* HAVE_SELINUX */
+#ifdef HAVE_PRIV_SET
+    char *privs = NULL, *limitprivs = NULL;
+#endif /* HAVE_PRIV_SET */
+    debug_decl(free_privilege, SUDOERS_DEBUG_PARSER)
+
+    free(priv->ldap_role);
+    free_members(&priv->hostlist);
+    while ((cs = TAILQ_FIRST(&priv->cmndlist)) != NULL) {
+	TAILQ_REMOVE(&priv->cmndlist, cs, entries);
+#ifdef HAVE_SELINUX
+	/* Only free the first instance of a role/type. */
+	if (cs->role != role) {
+	    role = cs->role;
+	    free(cs->role);
+	}
+	if (cs->type != type) {
+	    type = cs->type;
+	    free(cs->type);
+	}
+#endif /* HAVE_SELINUX */
+#ifdef HAVE_PRIV_SET
+	/* Only free the first instance of privs/limitprivs. */
+	if (cs->privs != privs) {
+	    privs = cs->privs;
+	    free(cs->privs);
+	}
+	if (cs->limitprivs != limitprivs) {
+	    limitprivs = cs->limitprivs;
+	    free(cs->limitprivs);
+	}
+#endif /* HAVE_PRIV_SET */
+	/* Only free the first instance of runas user/group lists. */
+	if (cs->runasuserlist && cs->runasuserlist != runasuserlist) {
+	    runasuserlist = cs->runasuserlist;
+	    free_members(runasuserlist);
+	    free(runasuserlist);
+	}
+	if (cs->runasgrouplist && cs->runasgrouplist != runasgrouplist) {
+	    runasgrouplist = cs->runasgrouplist;
+	    free_members(runasgrouplist);
+	    free(runasgrouplist);
+	}
+	free_member(cs->cmnd);
+	free(cs);
+    }
+    while ((def = TAILQ_FIRST(&priv->defaults)) != NULL) {
+	TAILQ_REMOVE(&priv->defaults, def, entries);
+	free_default(def, &prev_binding);
+    }
+    free(priv);
+
+    debug_return;
+}
+
+void
+free_userspecs(struct userspec_list *usl)
+{
+    struct userspec *us;
+    debug_decl(free_userspecs, SUDOERS_DEBUG_PARSER)
+
+    while ((us = TAILQ_FIRST(usl)) != NULL) {
+	TAILQ_REMOVE(usl, us, entries);
+	free_userspec(us);
+    }
+
+    debug_return;
+}
+
+void
+free_userspec(struct userspec *us)
+{
+    struct privilege *priv;
+    struct sudoers_comment *comment;
+    debug_decl(free_userspec, SUDOERS_DEBUG_PARSER)
+
+    free_members(&us->users);
+    while ((priv = TAILQ_FIRST(&us->privileges)) != NULL) {
+	TAILQ_REMOVE(&us->privileges, priv, entries);
+	free_privilege(priv);
+    }
+    while ((comment = STAILQ_FIRST(&us->comments)) != NULL) {
+	STAILQ_REMOVE_HEAD(&us->comments, entries);
+	free(comment->str);
+	free(comment);
+    }
+    rcstr_delref(us->file);
+    free(us);
+
+    debug_return;
+}
+
+/*
+ * Initialized a sudoers parse tree.
+ */
+void
+init_parse_tree(struct sudoers_parse_tree *parse_tree)
+{
+    TAILQ_INIT(&parse_tree->userspecs);
+    TAILQ_INIT(&parse_tree->defaults);
+    parse_tree->aliases = NULL;
+}
+
+/*
+ * Move the contents of parsed_policy to new_tree.
+ */
+void
+reparent_parse_tree(struct sudoers_parse_tree *new_tree)
+{
+    TAILQ_CONCAT(&new_tree->userspecs, &parsed_policy.userspecs, entries);
+    TAILQ_CONCAT(&new_tree->defaults, &parsed_policy.defaults, entries);
+    new_tree->aliases = parsed_policy.aliases;
+    parsed_policy.aliases = NULL;
+}
+
+/*
+ * Free the contents of a sudoers parse tree and initialize it.
+ */
+void
+free_parse_tree(struct sudoers_parse_tree *parse_tree)
+{
+    free_userspecs(&parse_tree->userspecs);
+    free_defaults(&parse_tree->defaults);
+    free_aliases(parse_tree->aliases);
+    parse_tree->aliases = NULL;
+}
+
+/*
+ * Free up space used by data structures from a previous parser run and sets
+ * the current sudoers file to path.
+ */
+bool
+init_parser(const char *path, bool quiet)
+{
+    bool ret = true;
+    debug_decl(init_parser, SUDOERS_DEBUG_PARSER)
+
+    free_parse_tree(&parsed_policy);
+    init_lexer();
+
+    rcstr_delref(sudoers);
+    if (path != NULL) {
+	if ((sudoers = rcstr_dup(path)) == NULL) {
+	    sudo_warnx(U_("%s: %s"), __func__, U_("unable to allocate memory"));
+	    ret = false;
+	}
+    } else {
+	sudoers = NULL;
+    }
+
+    parse_error = false;
+    errorlineno = -1;
+    rcstr_delref(errorfile);
+    errorfile = NULL;
+    sudoers_warnings = !quiet;
+
+    debug_return_bool(ret);
+}
+
+/*
+ * Initialize all options in a cmndspec.
+ */
+static void
+init_options(struct command_options *opts)
+{
+    opts->notbefore = UNSPEC;
+    opts->notafter = UNSPEC;
+    opts->timeout = UNSPEC;
+#ifdef HAVE_SELINUX
+    opts->role = NULL;
+    opts->type = NULL;
+#endif
+#ifdef HAVE_PRIV_SET
+    opts->privs = NULL;
+    opts->limitprivs = NULL;
+#endif
+}
+#line 1044 "gram.c"
+/* allocate initial stack or double stack size, up to YYMAXDEPTH */
+#if defined(__cplusplus) || defined(__STDC__)
+static int yygrowstack(void)
+#else
+static int yygrowstack()
+#endif
+{
+    unsigned int newsize;
+    long sslen;
+    short *newss;
+    YYSTYPE *newvs;
+
+    if ((newsize = yystacksize) == 0)
+        newsize = YYINITSTACKSIZE;
+    else if (newsize >= YYMAXDEPTH)
+        return -1;
+    else if ((newsize *= 2) > YYMAXDEPTH)
+        newsize = YYMAXDEPTH;
+#ifdef SIZE_MAX
+#define YY_SIZE_MAX SIZE_MAX
+#else
+#ifdef __STDC__
+#define YY_SIZE_MAX 0xffffffffU
+#else
+#define YY_SIZE_MAX (unsigned int)0xffffffff
+#endif
+#endif
+    if (YY_SIZE_MAX / newsize < sizeof *newss)
+        goto bail;
+    sslen = yyssp - yyss;
+    newss = yyss ? (short *)realloc(yyss, newsize * sizeof *newss) :
+      (short *)malloc(newsize * sizeof *newss); /* overflow check above */
+    if (newss == NULL)
+        goto bail;
+    yyss = newss;
+    yyssp = newss + sslen;
+    newvs = yyvs ? (YYSTYPE *)realloc(yyvs, newsize * sizeof *newvs) :
+      (YYSTYPE *)malloc(newsize * sizeof *newvs); /* overflow check above */
+    if (newvs == NULL)
+        goto bail;
+    yyvs = newvs;
+    yyvsp = newvs + sslen;
+    yystacksize = newsize;
+    yysslim = yyss + newsize - 1;
+    return 0;
+bail:
+    if (yyss)
+            free(yyss);
+    if (yyvs)
+            free(yyvs);
+    yyss = yyssp = NULL;
+    yyvs = yyvsp = NULL;
+    yystacksize = 0;
+    return -1;
+}
+
+#define YYABORT goto yyabort
+#define YYREJECT goto yyabort
+#define YYACCEPT goto yyaccept
+#define YYERROR goto yyerrlab
+int
+#if defined(__cplusplus) || defined(__STDC__)
+yyparse(void)
+#else
+yyparse()
+#endif
+{
+    int yym, yyn, yystate;
+#if YYDEBUG
+#if defined(__cplusplus) || defined(__STDC__)
+    const char *yys;
+#else /* !(defined(__cplusplus) || defined(__STDC__)) */
+    char *yys;
+#endif /* !(defined(__cplusplus) || defined(__STDC__)) */
+
+    if ((yys = getenv("YYDEBUG")))
+    {
+        yyn = *yys;
+        if (yyn >= '0' && yyn <= '9')
+            yydebug = yyn - '0';
+    }
+#endif /* YYDEBUG */
+
+    yynerrs = 0;
+    yyerrflag = 0;
+    yychar = (-1);
+
+    if (yyss == NULL && yygrowstack()) goto yyoverflow;
+    yyssp = yyss;
+    yyvsp = yyvs;
+    *yyssp = yystate = 0;
+
+yyloop:
+    if ((yyn = yydefred[yystate]) != 0) goto yyreduce;
+    if (yychar < 0)
+    {
+        if ((yychar = yylex()) < 0) yychar = 0;
+#if YYDEBUG
+        if (yydebug)
+        {
+            yys = 0;
+            if (yychar <= YYMAXTOKEN) yys = yyname[yychar];
+            if (!yys) yys = "illegal-symbol";
+            printf("%sdebug: state %d, reading %d (%s)\n",
+                    YYPREFIX, yystate, yychar, yys);
+        }
+#endif
+    }
+    if ((yyn = yysindex[yystate]) && (yyn += yychar) >= 0 &&
+            yyn <= YYTABLESIZE && yycheck[yyn] == yychar)
+    {
+#if YYDEBUG
+        if (yydebug)
+            printf("%sdebug: state %d, shifting to state %d\n",
+                    YYPREFIX, yystate, yytable[yyn]);
+#endif
+        if (yyssp >= yysslim && yygrowstack())
+        {
+            goto yyoverflow;
+        }
+        *++yyssp = yystate = yytable[yyn];
+        *++yyvsp = yylval;
+        yychar = (-1);
+        if (yyerrflag > 0)  --yyerrflag;
+        goto yyloop;
+    }
+    if ((yyn = yyrindex[yystate]) && (yyn += yychar) >= 0 &&
+            yyn <= YYTABLESIZE && yycheck[yyn] == yychar)
+    {
+        yyn = yytable[yyn];
+        goto yyreduce;
+    }
+    if (yyerrflag) goto yyinrecovery;
+#if defined(__GNUC__)
+    goto yynewerror;
+#endif
+yynewerror:
+    yyerror("syntax error");
+#if defined(__GNUC__)
+    goto yyerrlab;
+#endif
+yyerrlab:
+    ++yynerrs;
+yyinrecovery:
+    if (yyerrflag < 3)
+    {
+        yyerrflag = 3;
+        for (;;)
+        {
+            if ((yyn = yysindex[*yyssp]) && (yyn += YYERRCODE) >= 0 &&
+                    yyn <= YYTABLESIZE && yycheck[yyn] == YYERRCODE)
+            {
+#if YYDEBUG
+                if (yydebug)
+                    printf("%sdebug: state %d, error recovery shifting\
+ to state %d\n", YYPREFIX, *yyssp, yytable[yyn]);
+#endif
+                if (yyssp >= yysslim && yygrowstack())
+                {
+                    goto yyoverflow;
+                }
+                *++yyssp = yystate = yytable[yyn];
+                *++yyvsp = yylval;
+                goto yyloop;
+            }
+            else
+            {
+#if YYDEBUG
+                if (yydebug)
+                    printf("%sdebug: error recovery discarding state %d\n",
+                            YYPREFIX, *yyssp);
+#endif
+                if (yyssp <= yyss) goto yyabort;
+                --yyssp;
+                --yyvsp;
+            }
+        }
+    }
+    else
+    {
+        if (yychar == 0) goto yyabort;
+#if YYDEBUG
+        if (yydebug)
+        {
+            yys = 0;
+            if (yychar <= YYMAXTOKEN) yys = yyname[yychar];
+            if (!yys) yys = "illegal-symbol";
+            printf("%sdebug: state %d, error recovery discards token %d (%s)\n",
+                    YYPREFIX, yystate, yychar, yys);
+        }
+#endif
+        yychar = (-1);
+        goto yyloop;
+    }
+yyreduce:
+#if YYDEBUG
+    if (yydebug)
+        printf("%sdebug: state %d, reducing by rule %d (%s)\n",
+                YYPREFIX, yystate, yyn, yyrule[yyn]);
+#endif
+    yym = yylen[yyn];
+    if (yym)
+        yyval = yyvsp[1-yym];
+    else
+        memset(&yyval, 0, sizeof yyval);
+    switch (yyn)
+    {
+case 1:
+#line 176 "gram.y"
+{ ; }
+break;
+case 5:
+#line 184 "gram.y"
+{
+			    ;
+			}
+break;
+case 6:
+#line 187 "gram.y"
+{
+			    yyerrok;
+			}
+break;
+case 7:
+#line 190 "gram.y"
+{
+			    if (!add_userspec(yyvsp[-1].member, yyvsp[0].privilege)) {
+				sudoerserror(N_("unable to allocate memory"));
+				YYERROR;
+			    }
+			}
+break;
+case 8:
+#line 196 "gram.y"
+{
+			    ;
+			}
+break;
+case 9:
+#line 199 "gram.y"
+{
+			    ;
+			}
+break;
+case 10:
+#line 202 "gram.y"
+{
+			    ;
+			}
+break;
+case 11:
+#line 205 "gram.y"
+{
+			    ;
+			}
+break;
+case 12:
+#line 208 "gram.y"
+{
+			    if (!add_defaults(DEFAULTS, NULL, yyvsp[0].defaults))
+				YYERROR;
+			}
+break;
+case 13:
+#line 212 "gram.y"
+{
+			    if (!add_defaults(DEFAULTS_USER, yyvsp[-1].member, yyvsp[0].defaults))
+				YYERROR;
+			}
+break;
+case 14:
+#line 216 "gram.y"
+{
+			    if (!add_defaults(DEFAULTS_RUNAS, yyvsp[-1].member, yyvsp[0].defaults))
+				YYERROR;
+			}
+break;
+case 15:
+#line 220 "gram.y"
+{
+			    if (!add_defaults(DEFAULTS_HOST, yyvsp[-1].member, yyvsp[0].defaults))
+				YYERROR;
+			}
+break;
+case 16:
+#line 224 "gram.y"
+{
+			    if (!add_defaults(DEFAULTS_CMND, yyvsp[-1].member, yyvsp[0].defaults))
+				YYERROR;
+			}
+break;
+case 18:
+#line 231 "gram.y"
+{
+			    HLTQ_CONCAT(yyvsp[-2].defaults, yyvsp[0].defaults, entries);
+			    yyval.defaults = yyvsp[-2].defaults;
+			}
+break;
+case 19:
+#line 237 "gram.y"
+{
+			    yyval.defaults = new_default(yyvsp[0].string, NULL, true);
+			    if (yyval.defaults == NULL) {
+				sudoerserror(N_("unable to allocate memory"));
+				YYERROR;
+			    }
+			}
+break;
+case 20:
+#line 244 "gram.y"
+{
+			    yyval.defaults = new_default(yyvsp[0].string, NULL, false);
+			    if (yyval.defaults == NULL) {
+				sudoerserror(N_("unable to allocate memory"));
+				YYERROR;
+			    }
+			}
+break;
+case 21:
+#line 251 "gram.y"
+{
+			    yyval.defaults = new_default(yyvsp[-2].string, yyvsp[0].string, true);
+			    if (yyval.defaults == NULL) {
+				sudoerserror(N_("unable to allocate memory"));
+				YYERROR;
+			    }
+			}
+break;
+case 22:
+#line 258 "gram.y"
+{
+			    yyval.defaults = new_default(yyvsp[-2].string, yyvsp[0].string, '+');
+			    if (yyval.defaults == NULL) {
+				sudoerserror(N_("unable to allocate memory"));
+				YYERROR;
+			    }
+			}
+break;
+case 23:
+#line 265 "gram.y"
+{
+			    yyval.defaults = new_default(yyvsp[-2].string, yyvsp[0].string, '-');
+			    if (yyval.defaults == NULL) {
+				sudoerserror(N_("unable to allocate memory"));
+				YYERROR;
+			    }
+			}
+break;
+case 25:
+#line 275 "gram.y"
+{
+			    HLTQ_CONCAT(yyvsp[-2].privilege, yyvsp[0].privilege, entries);
+			    yyval.privilege = yyvsp[-2].privilege;
+			}
+break;
+case 26:
+#line 281 "gram.y"
+{
+			    struct privilege *p = calloc(1, sizeof(*p));
+			    if (p == NULL) {
+				sudoerserror(N_("unable to allocate memory"));
+				YYERROR;
+			    }
+			    TAILQ_INIT(&p->defaults);
+			    HLTQ_TO_TAILQ(&p->hostlist, yyvsp[-2].member, entries);
+			    HLTQ_TO_TAILQ(&p->cmndlist, yyvsp[0].cmndspec, entries);
+			    HLTQ_INIT(p, entries);
+			    yyval.privilege = p;
+			}
+break;
+case 27:
+#line 295 "gram.y"
+{
+			    yyval.member = yyvsp[0].member;
+			    yyval.member->negated = false;
+			}
+break;
+case 28:
+#line 299 "gram.y"
+{
+			    yyval.member = yyvsp[0].member;
+			    yyval.member->negated = true;
+			}
+break;
+case 29:
+#line 305 "gram.y"
+{
+			    yyval.member = new_member(yyvsp[0].string, ALIAS);
+			    if (yyval.member == NULL) {
+				sudoerserror(N_("unable to allocate memory"));
+				YYERROR;
+			    }
+			}
+break;
+case 30:
+#line 312 "gram.y"
+{
+			    yyval.member = new_member(NULL, ALL);
+			    if (yyval.member == NULL) {
+				sudoerserror(N_("unable to allocate memory"));
+				YYERROR;
+			    }
+			}
+break;
+case 31:
+#line 319 "gram.y"
+{
+			    yyval.member = new_member(yyvsp[0].string, NETGROUP);
+			    if (yyval.member == NULL) {
+				sudoerserror(N_("unable to allocate memory"));
+				YYERROR;
+			    }
+			}
+break;
+case 32:
+#line 326 "gram.y"
+{
+			    yyval.member = new_member(yyvsp[0].string, NTWKADDR);
+			    if (yyval.member == NULL) {
+				sudoerserror(N_("unable to allocate memory"));
+				YYERROR;
+			    }
+			}
+break;
+case 33:
+#line 333 "gram.y"
+{
+			    yyval.member = new_member(yyvsp[0].string, WORD);
+			    if (yyval.member == NULL) {
+				sudoerserror(N_("unable to allocate memory"));
+				YYERROR;
+			    }
+			}
+break;
+case 35:
+#line 343 "gram.y"
+{
+			    struct cmndspec *prev;
+			    prev = HLTQ_LAST(yyvsp[-2].cmndspec, cmndspec, entries);
+			    HLTQ_CONCAT(yyvsp[-2].cmndspec, yyvsp[0].cmndspec, entries);
+#ifdef HAVE_SELINUX
+			    /* propagate role and type */
+			    if (yyvsp[0].cmndspec->role == NULL && yyvsp[0].cmndspec->type == NULL) {
+				yyvsp[0].cmndspec->role = prev->role;
+				yyvsp[0].cmndspec->type = prev->type;
+			    }
+#endif /* HAVE_SELINUX */
+#ifdef HAVE_PRIV_SET
+			    /* propagate privs & limitprivs */
+			    if (yyvsp[0].cmndspec->privs == NULL && yyvsp[0].cmndspec->limitprivs == NULL) {
+			        yyvsp[0].cmndspec->privs = prev->privs;
+			        yyvsp[0].cmndspec->limitprivs = prev->limitprivs;
+			    }
+#endif /* HAVE_PRIV_SET */
+			    /* propagate command time restrictions */
+			    if (yyvsp[0].cmndspec->notbefore == UNSPEC)
+				yyvsp[0].cmndspec->notbefore = prev->notbefore;
+			    if (yyvsp[0].cmndspec->notafter == UNSPEC)
+				yyvsp[0].cmndspec->notafter = prev->notafter;
+			    /* propagate command timeout */
+			    if (yyvsp[0].cmndspec->timeout == UNSPEC)
+				yyvsp[0].cmndspec->timeout = prev->timeout;
+			    /* propagate tags and runas list */
+			    if (yyvsp[0].cmndspec->tags.nopasswd == UNSPEC)
+				yyvsp[0].cmndspec->tags.nopasswd = prev->tags.nopasswd;
+			    if (yyvsp[0].cmndspec->tags.noexec == UNSPEC)
+				yyvsp[0].cmndspec->tags.noexec = prev->tags.noexec;
+			    if (yyvsp[0].cmndspec->tags.setenv == UNSPEC &&
+				prev->tags.setenv != IMPLIED)
+				yyvsp[0].cmndspec->tags.setenv = prev->tags.setenv;
+			    if (yyvsp[0].cmndspec->tags.log_input == UNSPEC)
+				yyvsp[0].cmndspec->tags.log_input = prev->tags.log_input;
+			    if (yyvsp[0].cmndspec->tags.log_output == UNSPEC)
+				yyvsp[0].cmndspec->tags.log_output = prev->tags.log_output;
+			    if (yyvsp[0].cmndspec->tags.send_mail == UNSPEC)
+				yyvsp[0].cmndspec->tags.send_mail = prev->tags.send_mail;
+			    if (yyvsp[0].cmndspec->tags.follow == UNSPEC)
+				yyvsp[0].cmndspec->tags.follow = prev->tags.follow;
+			    if ((yyvsp[0].cmndspec->runasuserlist == NULL &&
+				 yyvsp[0].cmndspec->runasgrouplist == NULL) &&
+				(prev->runasuserlist != NULL ||
+				 prev->runasgrouplist != NULL)) {
+				yyvsp[0].cmndspec->runasuserlist = prev->runasuserlist;
+				yyvsp[0].cmndspec->runasgrouplist = prev->runasgrouplist;
+			    }
+			    yyval.cmndspec = yyvsp[-2].cmndspec;
+			}
+break;
+case 36:
+#line 396 "gram.y"
+{
+			    struct cmndspec *cs = calloc(1, sizeof(*cs));
+			    if (cs == NULL) {
+				sudoerserror(N_("unable to allocate memory"));
+				YYERROR;
+			    }
+			    if (yyvsp[-3].runas != NULL) {
+				if (yyvsp[-3].runas->runasusers != NULL) {
+				    cs->runasuserlist =
+					malloc(sizeof(*cs->runasuserlist));
+				    if (cs->runasuserlist == NULL) {
+					sudoerserror(N_("unable to allocate memory"));
+					YYERROR;
+				    }
+				    HLTQ_TO_TAILQ(cs->runasuserlist,
+					yyvsp[-3].runas->runasusers, entries);
+				}
+				if (yyvsp[-3].runas->runasgroups != NULL) {
+				    cs->runasgrouplist =
+					malloc(sizeof(*cs->runasgrouplist));
+				    if (cs->runasgrouplist == NULL) {
+					sudoerserror(N_("unable to allocate memory"));
+					YYERROR;
+				    }
+				    HLTQ_TO_TAILQ(cs->runasgrouplist,
+					yyvsp[-3].runas->runasgroups, entries);
+				}
+				free(yyvsp[-3].runas);
+			    }
+#ifdef HAVE_SELINUX
+			    cs->role = yyvsp[-2].options.role;
+			    cs->type = yyvsp[-2].options.type;
+#endif
+#ifdef HAVE_PRIV_SET
+			    cs->privs = yyvsp[-2].options.privs;
+			    cs->limitprivs = yyvsp[-2].options.limitprivs;
+#endif
+			    cs->notbefore = yyvsp[-2].options.notbefore;
+			    cs->notafter = yyvsp[-2].options.notafter;
+			    cs->timeout = yyvsp[-2].options.timeout;
+			    cs->tags = yyvsp[-1].tag;
+			    cs->cmnd = yyvsp[0].member;
+			    HLTQ_INIT(cs, entries);
+			    /* sudo "ALL" implies the SETENV tag */
+			    if (cs->cmnd->type == ALL && !cs->cmnd->negated &&
+				cs->tags.setenv == UNSPEC)
+				cs->tags.setenv = IMPLIED;
+			    yyval.cmndspec = cs;
+			}
+break;
+case 37:
+#line 447 "gram.y"
+{
+			    yyval.digest = new_digest(SUDO_DIGEST_SHA224, yyvsp[0].string);
+			    if (yyval.digest == NULL) {
+				sudoerserror(N_("unable to allocate memory"));
+				YYERROR;
+			    }
+			}
+break;
+case 38:
+#line 454 "gram.y"
+{
+			    yyval.digest = new_digest(SUDO_DIGEST_SHA256, yyvsp[0].string);
+			    if (yyval.digest == NULL) {
+				sudoerserror(N_("unable to allocate memory"));
+				YYERROR;
+			    }
+			}
+break;
+case 39:
+#line 461 "gram.y"
+{
+			    yyval.digest = new_digest(SUDO_DIGEST_SHA384, yyvsp[0].string);
+			    if (yyval.digest == NULL) {
+				sudoerserror(N_("unable to allocate memory"));
+				YYERROR;
+			    }
+			}
+break;
+case 40:
+#line 468 "gram.y"
+{
+			    yyval.digest = new_digest(SUDO_DIGEST_SHA512, yyvsp[0].string);
+			    if (yyval.digest == NULL) {
+				sudoerserror(N_("unable to allocate memory"));
+				YYERROR;
+			    }
+			}
+break;
+case 41:
+#line 477 "gram.y"
+{
+			    yyval.member = yyvsp[0].member;
+			}
+break;
+case 42:
+#line 480 "gram.y"
+{
+			    if (yyvsp[0].member->type != COMMAND) {
+				sudoerserror(N_("a digest requires a path name"));
+				YYERROR;
+			    }
+			    /* XXX - yuck */
+			    ((struct sudo_command *) yyvsp[0].member->name)->digest = yyvsp[-1].digest;
+			    yyval.member = yyvsp[0].member;
+			}
+break;
+case 43:
+#line 491 "gram.y"
+{
+			    yyval.member = yyvsp[0].member;
+			    yyval.member->negated = false;
+			}
+break;
+case 44:
+#line 495 "gram.y"
+{
+			    yyval.member = yyvsp[0].member;
+			    yyval.member->negated = true;
+			}
+break;
+case 45:
+#line 501 "gram.y"
+{
+			    yyval.string = yyvsp[0].string;
+			}
+break;
+case 46:
+#line 506 "gram.y"
+{
+			    yyval.string = yyvsp[0].string;
+			}
+break;
+case 47:
+#line 510 "gram.y"
+{
+			    yyval.string = yyvsp[0].string;
+			}
+break;
+case 48:
+#line 515 "gram.y"
+{
+			    yyval.string = yyvsp[0].string;
+			}
+break;
+case 49:
+#line 520 "gram.y"
+{
+			    yyval.string = yyvsp[0].string;
+			}
+break;
+case 50:
+#line 525 "gram.y"
+{
+			    yyval.string = yyvsp[0].string;
+			}
+break;
+case 51:
+#line 529 "gram.y"
+{
+			    yyval.string = yyvsp[0].string;
+			}
+break;
+case 52:
+#line 534 "gram.y"
+{
+			    yyval.runas = NULL;
+			}
+break;
+case 53:
+#line 537 "gram.y"
+{
+			    yyval.runas = yyvsp[-1].runas;
+			}
+break;
+case 54:
+#line 542 "gram.y"
+{
+			    yyval.runas = calloc(1, sizeof(struct runascontainer));
+			    if (yyval.runas != NULL) {
+				yyval.runas->runasusers = new_member(NULL, MYSELF);
+				/* $$->runasgroups = NULL; */
+				if (yyval.runas->runasusers == NULL) {
+				    free(yyval.runas);
+				    yyval.runas = NULL;
+				}
+			    }
+			    if (yyval.runas == NULL) {
+				sudoerserror(N_("unable to allocate memory"));
+				YYERROR;
+			    }
+			}
+break;
+case 55:
+#line 557 "gram.y"
+{
+			    yyval.runas = calloc(1, sizeof(struct runascontainer));
+			    if (yyval.runas == NULL) {
+				sudoerserror(N_("unable to allocate memory"));
+				YYERROR;
+			    }
+			    yyval.runas->runasusers = yyvsp[0].member;
+			    /* $$->runasgroups = NULL; */
+			}
+break;
+case 56:
+#line 566 "gram.y"
+{
+			    yyval.runas = calloc(1, sizeof(struct runascontainer));
+			    if (yyval.runas == NULL) {
+				sudoerserror(N_("unable to allocate memory"));
+				YYERROR;
+			    }
+			    yyval.runas->runasusers = yyvsp[-2].member;
+			    yyval.runas->runasgroups = yyvsp[0].member;
+			}
+break;
+case 57:
+#line 575 "gram.y"
+{
+			    yyval.runas = calloc(1, sizeof(struct runascontainer));
+			    if (yyval.runas == NULL) {
+				sudoerserror(N_("unable to allocate memory"));
+				YYERROR;
+			    }
+			    /* $$->runasusers = NULL; */
+			    yyval.runas->runasgroups = yyvsp[0].member;
+			}
+break;
+case 58:
+#line 584 "gram.y"
+{
+			    yyval.runas = calloc(1, sizeof(struct runascontainer));
+			    if (yyval.runas != NULL) {
+				yyval.runas->runasusers = new_member(NULL, MYSELF);
+				/* $$->runasgroups = NULL; */
+				if (yyval.runas->runasusers == NULL) {
+				    free(yyval.runas);
+				    yyval.runas = NULL;
+				}
+			    }
+			    if (yyval.runas == NULL) {
+				sudoerserror(N_("unable to allocate memory"));
+				YYERROR;
+			    }
+			}
+break;
+case 59:
+#line 601 "gram.y"
+{
+			    init_options(&yyval.options);
+			}
+break;
+case 60:
+#line 604 "gram.y"
+{
+			    yyval.options.notbefore = parse_gentime(yyvsp[0].string);
+			    free(yyvsp[0].string);
+			    if (yyval.options.notbefore == -1) {
+				sudoerserror(N_("invalid notbefore value"));
+				YYERROR;
+			    }
+			}
+break;
+case 61:
+#line 612 "gram.y"
+{
+			    yyval.options.notafter = parse_gentime(yyvsp[0].string);
+			    free(yyvsp[0].string);
+			    if (yyval.options.notafter == -1) {
+				sudoerserror(N_("invalid notafter value"));
+				YYERROR;
+			    }
+			}
+break;
+case 62:
+#line 620 "gram.y"
+{
+			    yyval.options.timeout = parse_timeout(yyvsp[0].string);
+			    free(yyvsp[0].string);
+			    if (yyval.options.timeout == -1) {
+				if (errno == ERANGE)
+				    sudoerserror(N_("timeout value too large"));
+				else
+				    sudoerserror(N_("invalid timeout value"));
+				YYERROR;
+			    }
+			}
+break;
+case 63:
+#line 631 "gram.y"
+{
+#ifdef HAVE_SELINUX
+			    free(yyval.options.role);
+			    yyval.options.role = yyvsp[0].string;
+#endif
+			}
+break;
+case 64:
+#line 637 "gram.y"
+{
+#ifdef HAVE_SELINUX
+			    free(yyval.options.type);
+			    yyval.options.type = yyvsp[0].string;
+#endif
+			}
+break;
+case 65:
+#line 643 "gram.y"
+{
+#ifdef HAVE_PRIV_SET
+			    free(yyval.options.privs);
+			    yyval.options.privs = yyvsp[0].string;
+#endif
+			}
+break;
+case 66:
+#line 649 "gram.y"
+{
+#ifdef HAVE_PRIV_SET
+			    free(yyval.options.limitprivs);
+			    yyval.options.limitprivs = yyvsp[0].string;
+#endif
+			}
+break;
+case 67:
+#line 657 "gram.y"
+{
+			    TAGS_INIT(yyval.tag);
+			}
+break;
+case 68:
+#line 660 "gram.y"
+{
+			    yyval.tag.nopasswd = true;
+			}
+break;
+case 69:
+#line 663 "gram.y"
+{
+			    yyval.tag.nopasswd = false;
+			}
+break;
+case 70:
+#line 666 "gram.y"
+{
+			    yyval.tag.noexec = true;
+			}
+break;
+case 71:
+#line 669 "gram.y"
+{
+			    yyval.tag.noexec = false;
+			}
+break;
+case 72:
+#line 672 "gram.y"
+{
+			    yyval.tag.setenv = true;
+			}
+break;
+case 73:
+#line 675 "gram.y"
+{
+			    yyval.tag.setenv = false;
+			}
+break;
+case 74:
+#line 678 "gram.y"
+{
+			    yyval.tag.log_input = true;
+			}
+break;
+case 75:
+#line 681 "gram.y"
+{
+			    yyval.tag.log_input = false;
+			}
+break;
+case 76:
+#line 684 "gram.y"
+{
+			    yyval.tag.log_output = true;
+			}
+break;
+case 77:
+#line 687 "gram.y"
+{
+			    yyval.tag.log_output = false;
+			}
+break;
+case 78:
+#line 690 "gram.y"
+{
+			    yyval.tag.follow = true;
+			}
+break;
+case 79:
+#line 693 "gram.y"
+{
+			    yyval.tag.follow = false;
+			}
+break;
+case 80:
+#line 696 "gram.y"
+{
+			    yyval.tag.send_mail = true;
+			}
+break;
+case 81:
+#line 699 "gram.y"
+{
+			    yyval.tag.send_mail = false;
+			}
+break;
+case 82:
+#line 704 "gram.y"
+{
+			    yyval.member = new_member(NULL, ALL);
+			    if (yyval.member == NULL) {
+				sudoerserror(N_("unable to allocate memory"));
+				YYERROR;
+			    }
+			}
+break;
+case 83:
+#line 711 "gram.y"
+{
+			    yyval.member = new_member(yyvsp[0].string, ALIAS);
+			    if (yyval.member == NULL) {
+				sudoerserror(N_("unable to allocate memory"));
+				YYERROR;
+			    }
+			}
+break;
+case 84:
+#line 718 "gram.y"
+{
+			    struct sudo_command *c = calloc(1, sizeof(*c));
+			    if (c == NULL) {
+				sudoerserror(N_("unable to allocate memory"));
+				YYERROR;
+			    }
+			    c->cmnd = yyvsp[0].command.cmnd;
+			    c->args = yyvsp[0].command.args;
+			    yyval.member = new_member((char *)c, COMMAND);
+			    if (yyval.member == NULL) {
+				free(c);
+				sudoerserror(N_("unable to allocate memory"));
+				YYERROR;
+			    }
+			}
+break;
+case 87:
+#line 739 "gram.y"
+{
+			    const char *s;
+			    s = alias_add(&parsed_policy, yyvsp[-2].string, HOSTALIAS,
+				sudoers, this_lineno, yyvsp[0].member);
+			    if (s != NULL) {
+				sudoerserror(s);
+				YYERROR;
+			    }
+			}
+break;
+case 89:
+#line 751 "gram.y"
+{
+			    HLTQ_CONCAT(yyvsp[-2].member, yyvsp[0].member, entries);
+			    yyval.member = yyvsp[-2].member;
+			}
+break;
+case 92:
+#line 761 "gram.y"
+{
+			    const char *s;
+			    s = alias_add(&parsed_policy, yyvsp[-2].string, CMNDALIAS,
+				sudoers, this_lineno, yyvsp[0].member);
+			    if (s != NULL) {
+				sudoerserror(s);
+				YYERROR;
+			    }
+			}
+break;
+case 94:
+#line 773 "gram.y"
+{
+			    HLTQ_CONCAT(yyvsp[-2].member, yyvsp[0].member, entries);
+			    yyval.member = yyvsp[-2].member;
+			}
+break;
+case 97:
+#line 783 "gram.y"
+{
+			    const char *s;
+			    s = alias_add(&parsed_policy, yyvsp[-2].string, RUNASALIAS,
+				sudoers, this_lineno, yyvsp[0].member);
+			    if (s != NULL) {
+				sudoerserror(s);
+				YYERROR;
+			    }
+			}
+break;
+case 100:
+#line 798 "gram.y"
+{
+			    const char *s;
+			    s = alias_add(&parsed_policy, yyvsp[-2].string, USERALIAS,
+				sudoers, this_lineno, yyvsp[0].member);
+			    if (s != NULL) {
+				sudoerserror(s);
+				YYERROR;
+			    }
+			}
+break;
+case 102:
+#line 810 "gram.y"
+{
+			    HLTQ_CONCAT(yyvsp[-2].member, yyvsp[0].member, entries);
+			    yyval.member = yyvsp[-2].member;
+			}
+break;
+case 103:
+#line 816 "gram.y"
+{
+			    yyval.member = yyvsp[0].member;
+			    yyval.member->negated = false;
+			}
+break;
+case 104:
+#line 820 "gram.y"
+{
+			    yyval.member = yyvsp[0].member;
+			    yyval.member->negated = true;
+			}
+break;
+case 105:
+#line 826 "gram.y"
+{
+			    yyval.member = new_member(yyvsp[0].string, ALIAS);
+			    if (yyval.member == NULL) {
+				sudoerserror(N_("unable to allocate memory"));
+				YYERROR;
+			    }
+			}
+break;
+case 106:
+#line 833 "gram.y"
+{
+			    yyval.member = new_member(NULL, ALL);
+			    if (yyval.member == NULL) {
+				sudoerserror(N_("unable to allocate memory"));
+				YYERROR;
+			    }
+			}
+break;
+case 107:
+#line 840 "gram.y"
+{
+			    yyval.member = new_member(yyvsp[0].string, NETGROUP);
+			    if (yyval.member == NULL) {
+				sudoerserror(N_("unable to allocate memory"));
+				YYERROR;
+			    }
+			}
+break;
+case 108:
+#line 847 "gram.y"
+{
+			    yyval.member = new_member(yyvsp[0].string, USERGROUP);
+			    if (yyval.member == NULL) {
+				sudoerserror(N_("unable to allocate memory"));
+				YYERROR;
+			    }
+			}
+break;
+case 109:
+#line 854 "gram.y"
+{
+			    yyval.member = new_member(yyvsp[0].string, WORD);
+			    if (yyval.member == NULL) {
+				sudoerserror(N_("unable to allocate memory"));
+				YYERROR;
+			    }
+			}
+break;
+case 111:
+#line 864 "gram.y"
+{
+			    HLTQ_CONCAT(yyvsp[-2].member, yyvsp[0].member, entries);
+			    yyval.member = yyvsp[-2].member;
+			}
+break;
+case 112:
+#line 870 "gram.y"
+{
+			    yyval.member = yyvsp[0].member;
+			    yyval.member->negated = false;
+			}
+break;
+case 113:
+#line 874 "gram.y"
+{
+			    yyval.member = yyvsp[0].member;
+			    yyval.member->negated = true;
+			}
+break;
+case 114:
+#line 880 "gram.y"
+{
+			    yyval.member = new_member(yyvsp[0].string, ALIAS);
+			    if (yyval.member == NULL) {
+				sudoerserror(N_("unable to allocate memory"));
+				YYERROR;
+			    }
+			}
+break;
+case 115:
+#line 887 "gram.y"
+{
+			    yyval.member = new_member(NULL, ALL);
+			    if (yyval.member == NULL) {
+				sudoerserror(N_("unable to allocate memory"));
+				YYERROR;
+			    }
+			}
+break;
+case 116:
+#line 894 "gram.y"
+{
+			    yyval.member = new_member(yyvsp[0].string, WORD);
+			    if (yyval.member == NULL) {
+				sudoerserror(N_("unable to allocate memory"));
+				YYERROR;
+			    }
+			}
+break;
+#line 2173 "gram.c"
+    }
+    yyssp -= yym;
+    yystate = *yyssp;
+    yyvsp -= yym;
+    yym = yylhs[yyn];
+    if (yystate == 0 && yym == 0)
+    {
+#if YYDEBUG
+        if (yydebug)
+            printf("%sdebug: after reduction, shifting from state 0 to\
+ state %d\n", YYPREFIX, YYFINAL);
+#endif
+        yystate = YYFINAL;
+        *++yyssp = YYFINAL;
+        *++yyvsp = yyval;
+        if (yychar < 0)
+        {
+            if ((yychar = yylex()) < 0) yychar = 0;
+#if YYDEBUG
+            if (yydebug)
+            {
+                yys = 0;
+                if (yychar <= YYMAXTOKEN) yys = yyname[yychar];
+                if (!yys) yys = "illegal-symbol";
+                printf("%sdebug: state %d, reading %d (%s)\n",
+                        YYPREFIX, YYFINAL, yychar, yys);
+            }
+#endif
+        }
+        if (yychar == 0) goto yyaccept;
+        goto yyloop;
+    }
+    if ((yyn = yygindex[yym]) && (yyn += yystate) >= 0 &&
+            yyn <= YYTABLESIZE && yycheck[yyn] == yystate)
+        yystate = yytable[yyn];
+    else
+        yystate = yydgoto[yym];
+#if YYDEBUG
+    if (yydebug)
+        printf("%sdebug: after reduction, shifting from state %d \
+to state %d\n", YYPREFIX, *yyssp, yystate);
+#endif
+    if (yyssp >= yysslim && yygrowstack())
+    {
+        goto yyoverflow;
+    }
+    *++yyssp = yystate;
+    *++yyvsp = yyval;
+    goto yyloop;
+yyoverflow:
+    yyerror("yacc stack overflow");
+yyabort:
+    if (yyss)
+            free(yyss);
+    if (yyvs)
+            free(yyvs);
+    yyss = yyssp = NULL;
+    yyvs = yyvsp = NULL;
+    yystacksize = 0;
+    return (1);
+yyaccept:
+    if (yyss)
+            free(yyss);
+    if (yyvs)
+            free(yyvs);
+    yyss = yyssp = NULL;
+    yyvs = yyvsp = NULL;
+    yystacksize = 0;
+    return (0);
+}
diff --git a/plugins/sudoers/gram.h b/plugins/sudoers/gram.h
new file mode 100644
index 0000000..c53f97a
--- /dev/null
+++ b/plugins/sudoers/gram.h
@@ -0,0 +1,63 @@
+#define COMMAND 257
+#define ALIAS 258
+#define DEFVAR 259
+#define NTWKADDR 260
+#define NETGROUP 261
+#define USERGROUP 262
+#define WORD 263
+#define DIGEST 264
+#define DEFAULTS 265
+#define DEFAULTS_HOST 266
+#define DEFAULTS_USER 267
+#define DEFAULTS_RUNAS 268
+#define DEFAULTS_CMND 269
+#define NOPASSWD 270
+#define PASSWD 271
+#define NOEXEC 272
+#define EXEC 273
+#define SETENV 274
+#define NOSETENV 275
+#define LOG_INPUT 276
+#define NOLOG_INPUT 277
+#define LOG_OUTPUT 278
+#define NOLOG_OUTPUT 279
+#define MAIL 280
+#define NOMAIL 281
+#define FOLLOW 282
+#define NOFOLLOW 283
+#define ALL 284
+#define COMMENT 285
+#define HOSTALIAS 286
+#define CMNDALIAS 287
+#define USERALIAS 288
+#define RUNASALIAS 289
+#define ERROR 290
+#define TYPE 291
+#define ROLE 292
+#define PRIVS 293
+#define LIMITPRIVS 294
+#define CMND_TIMEOUT 295
+#define NOTBEFORE 296
+#define NOTAFTER 297
+#define MYSELF 298
+#define SHA224_TOK 299
+#define SHA256_TOK 300
+#define SHA384_TOK 301
+#define SHA512_TOK 302
+#ifndef YYSTYPE_DEFINED
+#define YYSTYPE_DEFINED
+typedef union {
+    struct cmndspec *cmndspec;
+    struct defaults *defaults;
+    struct member *member;
+    struct runascontainer *runas;
+    struct privilege *privilege;
+    struct command_digest *digest;
+    struct sudo_command command;
+    struct command_options options;
+    struct cmndtag tag;
+    char *string;
+    int tok;
+} YYSTYPE;
+#endif /* YYSTYPE_DEFINED */
+extern YYSTYPE sudoerslval;
diff --git a/plugins/sudoers/gram.y b/plugins/sudoers/gram.y
new file mode 100644
index 0000000..0665ce9
--- /dev/null
+++ b/plugins/sudoers/gram.y
@@ -0,0 +1,1327 @@
+%{
+/*
+ * Copyright (c) 1996, 1998-2005, 2007-2013, 2014-2018
+ *	Todd C. Miller <Todd.Miller@sudo.ws>
+ *
+ * Permission to use, copy, modify, and distribute this software for any
+ * purpose with or without fee is hereby granted, provided that the above
+ * copyright notice and this permission notice appear in all copies.
+ *
+ * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
+ * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
+ * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
+ * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
+ * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
+ * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
+ * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
+ *
+ * Sponsored in part by the Defense Advanced Research Projects
+ * Agency (DARPA) and Air Force Research Laboratory, Air Force
+ * Materiel Command, USAF, under agreement number F39502-99-1-0512.
+ */
+
+#include <config.h>
+
+#include <sys/types.h>
+#include <stdio.h>
+#include <stdlib.h>
+#include <stddef.h>
+#ifdef HAVE_STRING_H
+# include <string.h>
+#endif /* HAVE_STRING_H */
+#ifdef HAVE_STRINGS_H
+# include <strings.h>
+#endif /* HAVE_STRINGS_H */
+#include <unistd.h>
+#if defined(HAVE_STDINT_H)
+# include <stdint.h>
+#elif defined(HAVE_INTTYPES_H)
+# include <inttypes.h>
+#endif
+#if defined(YYBISON) && defined(HAVE_ALLOCA_H) && !defined(__GNUC__)
+# include <alloca.h>
+#endif /* YYBISON && HAVE_ALLOCA_H && !__GNUC__ */
+#include <errno.h>
+
+#include "sudoers.h"
+#include "sudo_digest.h"
+#include "toke.h"
+
+/* If we last saw a newline the entry is on the preceding line. */
+#define this_lineno	(last_token == COMMENT ? sudolineno - 1 : sudolineno)
+
+/*
+ * Globals
+ */
+bool sudoers_warnings = true;
+bool parse_error = false;
+int errorlineno = -1;
+char *errorfile = NULL;
+
+struct sudoers_parse_tree parsed_policy = {
+    TAILQ_HEAD_INITIALIZER(parsed_policy.userspecs),
+    TAILQ_HEAD_INITIALIZER(parsed_policy.defaults),
+    NULL /* aliases */
+};
+
+/*
+ * Local protoypes
+ */
+static void init_options(struct command_options *opts);
+static bool add_defaults(int, struct member *, struct defaults *);
+static bool add_userspec(struct member *, struct privilege *);
+static struct defaults *new_default(char *, char *, short);
+static struct member *new_member(char *, int);
+static struct command_digest *new_digest(int, char *);
+%}
+
+%union {
+    struct cmndspec *cmndspec;
+    struct defaults *defaults;
+    struct member *member;
+    struct runascontainer *runas;
+    struct privilege *privilege;
+    struct command_digest *digest;
+    struct sudo_command command;
+    struct command_options options;
+    struct cmndtag tag;
+    char *string;
+    int tok;
+}
+
+%start file				/* special start symbol */
+%token <command> COMMAND		/* absolute pathname w/ optional args */
+%token <string>  ALIAS			/* an UPPERCASE alias name */
+%token <string>	 DEFVAR			/* a Defaults variable name */
+%token <string>  NTWKADDR		/* ipv4 or ipv6 address */
+%token <string>  NETGROUP		/* a netgroup (+NAME) */
+%token <string>  USERGROUP		/* a usergroup (%NAME) */
+%token <string>  WORD			/* a word */
+%token <string>  DIGEST			/* a SHA-2 digest */
+%token <tok>	 DEFAULTS		/* Defaults entry */
+%token <tok>	 DEFAULTS_HOST		/* Host-specific defaults entry */
+%token <tok>	 DEFAULTS_USER		/* User-specific defaults entry */
+%token <tok>	 DEFAULTS_RUNAS		/* Runas-specific defaults entry */
+%token <tok>	 DEFAULTS_CMND		/* Command-specific defaults entry */
+%token <tok> 	 NOPASSWD		/* no passwd req for command */
+%token <tok> 	 PASSWD			/* passwd req for command (default) */
+%token <tok> 	 NOEXEC			/* preload dummy execve() for cmnd */
+%token <tok> 	 EXEC			/* don't preload dummy execve() */
+%token <tok>	 SETENV			/* user may set environment for cmnd */
+%token <tok>	 NOSETENV		/* user may not set environment */
+%token <tok>	 LOG_INPUT		/* log user's cmnd input */
+%token <tok>	 NOLOG_INPUT		/* don't log user's cmnd input */
+%token <tok>	 LOG_OUTPUT		/* log cmnd output */
+%token <tok>	 NOLOG_OUTPUT		/* don't log cmnd output */
+%token <tok>	 MAIL			/* mail log message */
+%token <tok>	 NOMAIL			/* don't mail log message */
+%token <tok>	 FOLLOW			/* follow symbolic links */
+%token <tok>	 NOFOLLOW		/* don't follow symbolic links */
+%token <tok>	 ALL			/* ALL keyword */
+%token <tok>	 COMMENT		/* comment and/or carriage return */
+%token <tok>	 HOSTALIAS		/* Host_Alias keyword */
+%token <tok>	 CMNDALIAS		/* Cmnd_Alias keyword */
+%token <tok>	 USERALIAS		/* User_Alias keyword */
+%token <tok>	 RUNASALIAS		/* Runas_Alias keyword */
+%token <tok>	 ':' '=' ',' '!' '+' '-' /* union member tokens */
+%token <tok>	 '(' ')'		/* runas tokens */
+%token <tok>	 ERROR
+%token <tok>	 TYPE			/* SELinux type */
+%token <tok>	 ROLE			/* SELinux role */
+%token <tok>	 PRIVS			/* Solaris privileges */
+%token <tok>	 LIMITPRIVS		/* Solaris limit privileges */
+%token <tok>	 CMND_TIMEOUT		/* command timeout */
+%token <tok>	 NOTBEFORE		/* time restriction */
+%token <tok>	 NOTAFTER		/* time restriction */
+%token <tok>	 MYSELF			/* run as myself, not another user */
+%token <tok>	 SHA224_TOK		/* sha224 token */
+%token <tok>	 SHA256_TOK		/* sha256 token */
+%token <tok>	 SHA384_TOK		/* sha384 token */
+%token <tok>	 SHA512_TOK		/* sha512 token */
+
+%type <cmndspec>  cmndspec
+%type <cmndspec>  cmndspeclist
+%type <defaults>  defaults_entry
+%type <defaults>  defaults_list
+%type <member>	  cmnd
+%type <member>	  opcmnd
+%type <member>	  digcmnd
+%type <member>	  cmndlist
+%type <member>	  host
+%type <member>	  hostlist
+%type <member>	  ophost
+%type <member>	  opuser
+%type <member>	  user
+%type <member>	  userlist
+%type <member>	  opgroup
+%type <member>	  group
+%type <member>	  grouplist
+%type <runas>	  runasspec
+%type <runas>	  runaslist
+%type <privilege> privilege
+%type <privilege> privileges
+%type <tag>	  cmndtag
+%type <options>	  options
+%type <string>	  rolespec
+%type <string>	  typespec
+%type <string>	  privsspec
+%type <string>	  limitprivsspec
+%type <string>	  timeoutspec
+%type <string>	  notbeforespec
+%type <string>	  notafterspec
+%type <digest>	  digest
+
+%%
+
+file		:	{ ; }
+		|	line
+		;
+
+line		:	entry
+		|	line entry
+		;
+
+entry		:	COMMENT {
+			    ;
+			}
+                |       error COMMENT {
+			    yyerrok;
+			}
+		|	userlist privileges {
+			    if (!add_userspec($1, $2)) {
+				sudoerserror(N_("unable to allocate memory"));
+				YYERROR;
+			    }
+			}
+		|	USERALIAS useraliases {
+			    ;
+			}
+		|	HOSTALIAS hostaliases {
+			    ;
+			}
+		|	CMNDALIAS cmndaliases {
+			    ;
+			}
+		|	RUNASALIAS runasaliases {
+			    ;
+			}
+		|	DEFAULTS defaults_list {
+			    if (!add_defaults(DEFAULTS, NULL, $2))
+				YYERROR;
+			}
+		|	DEFAULTS_USER userlist defaults_list {
+			    if (!add_defaults(DEFAULTS_USER, $2, $3))
+				YYERROR;
+			}
+		|	DEFAULTS_RUNAS userlist defaults_list {
+			    if (!add_defaults(DEFAULTS_RUNAS, $2, $3))
+				YYERROR;
+			}
+		|	DEFAULTS_HOST hostlist defaults_list {
+			    if (!add_defaults(DEFAULTS_HOST, $2, $3))
+				YYERROR;
+			}
+		|	DEFAULTS_CMND cmndlist defaults_list {
+			    if (!add_defaults(DEFAULTS_CMND, $2, $3))
+				YYERROR;
+			}
+		;
+
+defaults_list	:	defaults_entry
+		|	defaults_list ',' defaults_entry {
+			    HLTQ_CONCAT($1, $3, entries);
+			    $$ = $1;
+			}
+		;
+
+defaults_entry	:	DEFVAR {
+			    $$ = new_default($1, NULL, true);
+			    if ($$ == NULL) {
+				sudoerserror(N_("unable to allocate memory"));
+				YYERROR;
+			    }
+			}
+		|	'!' DEFVAR {
+			    $$ = new_default($2, NULL, false);
+			    if ($$ == NULL) {
+				sudoerserror(N_("unable to allocate memory"));
+				YYERROR;
+			    }
+			}
+		|	DEFVAR '=' WORD {
+			    $$ = new_default($1, $3, true);
+			    if ($$ == NULL) {
+				sudoerserror(N_("unable to allocate memory"));
+				YYERROR;
+			    }
+			}
+		|	DEFVAR '+' WORD {
+			    $$ = new_default($1, $3, '+');
+			    if ($$ == NULL) {
+				sudoerserror(N_("unable to allocate memory"));
+				YYERROR;
+			    }
+			}
+		|	DEFVAR '-' WORD {
+			    $$ = new_default($1, $3, '-');
+			    if ($$ == NULL) {
+				sudoerserror(N_("unable to allocate memory"));
+				YYERROR;
+			    }
+			}
+		;
+
+privileges	:	privilege
+		|	privileges ':' privilege {
+			    HLTQ_CONCAT($1, $3, entries);
+			    $$ = $1;
+			}
+		;
+
+privilege	:	hostlist '=' cmndspeclist {
+			    struct privilege *p = calloc(1, sizeof(*p));
+			    if (p == NULL) {
+				sudoerserror(N_("unable to allocate memory"));
+				YYERROR;
+			    }
+			    TAILQ_INIT(&p->defaults);
+			    HLTQ_TO_TAILQ(&p->hostlist, $1, entries);
+			    HLTQ_TO_TAILQ(&p->cmndlist, $3, entries);
+			    HLTQ_INIT(p, entries);
+			    $$ = p;
+			}
+		;
+
+ophost		:	host {
+			    $$ = $1;
+			    $$->negated = false;
+			}
+		|	'!' host {
+			    $$ = $2;
+			    $$->negated = true;
+			}
+		;
+
+host		:	ALIAS {
+			    $$ = new_member($1, ALIAS);
+			    if ($$ == NULL) {
+				sudoerserror(N_("unable to allocate memory"));
+				YYERROR;
+			    }
+			}
+		|	ALL {
+			    $$ = new_member(NULL, ALL);
+			    if ($$ == NULL) {
+				sudoerserror(N_("unable to allocate memory"));
+				YYERROR;
+			    }
+			}
+		|	NETGROUP {
+			    $$ = new_member($1, NETGROUP);
+			    if ($$ == NULL) {
+				sudoerserror(N_("unable to allocate memory"));
+				YYERROR;
+			    }
+			}
+		|	NTWKADDR {
+			    $$ = new_member($1, NTWKADDR);
+			    if ($$ == NULL) {
+				sudoerserror(N_("unable to allocate memory"));
+				YYERROR;
+			    }
+			}
+		|	WORD {
+			    $$ = new_member($1, WORD);
+			    if ($$ == NULL) {
+				sudoerserror(N_("unable to allocate memory"));
+				YYERROR;
+			    }
+			}
+		;
+
+cmndspeclist	:	cmndspec
+		|	cmndspeclist ',' cmndspec {
+			    struct cmndspec *prev;
+			    prev = HLTQ_LAST($1, cmndspec, entries);
+			    HLTQ_CONCAT($1, $3, entries);
+#ifdef HAVE_SELINUX
+			    /* propagate role and type */
+			    if ($3->role == NULL && $3->type == NULL) {
+				$3->role = prev->role;
+				$3->type = prev->type;
+			    }
+#endif /* HAVE_SELINUX */
+#ifdef HAVE_PRIV_SET
+			    /* propagate privs & limitprivs */
+			    if ($3->privs == NULL && $3->limitprivs == NULL) {
+			        $3->privs = prev->privs;
+			        $3->limitprivs = prev->limitprivs;
+			    }
+#endif /* HAVE_PRIV_SET */
+			    /* propagate command time restrictions */
+			    if ($3->notbefore == UNSPEC)
+				$3->notbefore = prev->notbefore;
+			    if ($3->notafter == UNSPEC)
+				$3->notafter = prev->notafter;
+			    /* propagate command timeout */
+			    if ($3->timeout == UNSPEC)
+				$3->timeout = prev->timeout;
+			    /* propagate tags and runas list */
+			    if ($3->tags.nopasswd == UNSPEC)
+				$3->tags.nopasswd = prev->tags.nopasswd;
+			    if ($3->tags.noexec == UNSPEC)
+				$3->tags.noexec = prev->tags.noexec;
+			    if ($3->tags.setenv == UNSPEC &&
+				prev->tags.setenv != IMPLIED)
+				$3->tags.setenv = prev->tags.setenv;
+			    if ($3->tags.log_input == UNSPEC)
+				$3->tags.log_input = prev->tags.log_input;
+			    if ($3->tags.log_output == UNSPEC)
+				$3->tags.log_output = prev->tags.log_output;
+			    if ($3->tags.send_mail == UNSPEC)
+				$3->tags.send_mail = prev->tags.send_mail;
+			    if ($3->tags.follow == UNSPEC)
+				$3->tags.follow = prev->tags.follow;
+			    if (($3->runasuserlist == NULL &&
+				 $3->runasgrouplist == NULL) &&
+				(prev->runasuserlist != NULL ||
+				 prev->runasgrouplist != NULL)) {
+				$3->runasuserlist = prev->runasuserlist;
+				$3->runasgrouplist = prev->runasgrouplist;
+			    }
+			    $$ = $1;
+			}
+		;
+
+cmndspec	:	runasspec options cmndtag digcmnd {
+			    struct cmndspec *cs = calloc(1, sizeof(*cs));
+			    if (cs == NULL) {
+				sudoerserror(N_("unable to allocate memory"));
+				YYERROR;
+			    }
+			    if ($1 != NULL) {
+				if ($1->runasusers != NULL) {
+				    cs->runasuserlist =
+					malloc(sizeof(*cs->runasuserlist));
+				    if (cs->runasuserlist == NULL) {
+					sudoerserror(N_("unable to allocate memory"));
+					YYERROR;
+				    }
+				    HLTQ_TO_TAILQ(cs->runasuserlist,
+					$1->runasusers, entries);
+				}
+				if ($1->runasgroups != NULL) {
+				    cs->runasgrouplist =
+					malloc(sizeof(*cs->runasgrouplist));
+				    if (cs->runasgrouplist == NULL) {
+					sudoerserror(N_("unable to allocate memory"));
+					YYERROR;
+				    }
+				    HLTQ_TO_TAILQ(cs->runasgrouplist,
+					$1->runasgroups, entries);
+				}
+				free($1);
+			    }
+#ifdef HAVE_SELINUX
+			    cs->role = $2.role;
+			    cs->type = $2.type;
+#endif
+#ifdef HAVE_PRIV_SET
+			    cs->privs = $2.privs;
+			    cs->limitprivs = $2.limitprivs;
+#endif
+			    cs->notbefore = $2.notbefore;
+			    cs->notafter = $2.notafter;
+			    cs->timeout = $2.timeout;
+			    cs->tags = $3;
+			    cs->cmnd = $4;
+			    HLTQ_INIT(cs, entries);
+			    /* sudo "ALL" implies the SETENV tag */
+			    if (cs->cmnd->type == ALL && !cs->cmnd->negated &&
+				cs->tags.setenv == UNSPEC)
+				cs->tags.setenv = IMPLIED;
+			    $$ = cs;
+			}
+		;
+
+digest		:	SHA224_TOK ':' DIGEST {
+			    $$ = new_digest(SUDO_DIGEST_SHA224, $3);
+			    if ($$ == NULL) {
+				sudoerserror(N_("unable to allocate memory"));
+				YYERROR;
+			    }
+			}
+		|	SHA256_TOK ':' DIGEST {
+			    $$ = new_digest(SUDO_DIGEST_SHA256, $3);
+			    if ($$ == NULL) {
+				sudoerserror(N_("unable to allocate memory"));
+				YYERROR;
+			    }
+			}
+		|	SHA384_TOK ':' DIGEST {
+			    $$ = new_digest(SUDO_DIGEST_SHA384, $3);
+			    if ($$ == NULL) {
+				sudoerserror(N_("unable to allocate memory"));
+				YYERROR;
+			    }
+			}
+		|	SHA512_TOK ':' DIGEST {
+			    $$ = new_digest(SUDO_DIGEST_SHA512, $3);
+			    if ($$ == NULL) {
+				sudoerserror(N_("unable to allocate memory"));
+				YYERROR;
+			    }
+			}
+		;
+
+digcmnd		:	opcmnd {
+			    $$ = $1;
+			}
+		|	digest opcmnd {
+			    if ($2->type != COMMAND) {
+				sudoerserror(N_("a digest requires a path name"));
+				YYERROR;
+			    }
+			    /* XXX - yuck */
+			    ((struct sudo_command *) $2->name)->digest = $1;
+			    $$ = $2;
+			}
+		;
+
+opcmnd		:	cmnd {
+			    $$ = $1;
+			    $$->negated = false;
+			}
+		|	'!' cmnd {
+			    $$ = $2;
+			    $$->negated = true;
+			}
+		;
+
+timeoutspec	:	CMND_TIMEOUT '=' WORD {
+			    $$ = $3;
+			}
+		;
+
+notbeforespec	:	NOTBEFORE '=' WORD {
+			    $$ = $3;
+			}
+
+notafterspec	:	NOTAFTER '=' WORD {
+			    $$ = $3;
+			}
+		;
+
+rolespec	:	ROLE '=' WORD {
+			    $$ = $3;
+			}
+		;
+
+typespec	:	TYPE '=' WORD {
+			    $$ = $3;
+			}
+		;
+
+privsspec	:	PRIVS '=' WORD {
+			    $$ = $3;
+			}
+		;
+limitprivsspec	:	LIMITPRIVS '=' WORD {
+			    $$ = $3;
+			}
+		;
+
+runasspec	:	/* empty */ {
+			    $$ = NULL;
+			}
+		|	'(' runaslist ')' {
+			    $$ = $2;
+			}
+		;
+
+runaslist	:	/* empty */ {
+			    $$ = calloc(1, sizeof(struct runascontainer));
+			    if ($$ != NULL) {
+				$$->runasusers = new_member(NULL, MYSELF);
+				/* $$->runasgroups = NULL; */
+				if ($$->runasusers == NULL) {
+				    free($$);
+				    $$ = NULL;
+				}
+			    }
+			    if ($$ == NULL) {
+				sudoerserror(N_("unable to allocate memory"));
+				YYERROR;
+			    }
+			}
+		|	userlist {
+			    $$ = calloc(1, sizeof(struct runascontainer));
+			    if ($$ == NULL) {
+				sudoerserror(N_("unable to allocate memory"));
+				YYERROR;
+			    }
+			    $$->runasusers = $1;
+			    /* $$->runasgroups = NULL; */
+			}
+		|	userlist ':' grouplist {
+			    $$ = calloc(1, sizeof(struct runascontainer));
+			    if ($$ == NULL) {
+				sudoerserror(N_("unable to allocate memory"));
+				YYERROR;
+			    }
+			    $$->runasusers = $1;
+			    $$->runasgroups = $3;
+			}
+		|	':' grouplist {
+			    $$ = calloc(1, sizeof(struct runascontainer));
+			    if ($$ == NULL) {
+				sudoerserror(N_("unable to allocate memory"));
+				YYERROR;
+			    }
+			    /* $$->runasusers = NULL; */
+			    $$->runasgroups = $2;
+			}
+		|	':' {
+			    $$ = calloc(1, sizeof(struct runascontainer));
+			    if ($$ != NULL) {
+				$$->runasusers = new_member(NULL, MYSELF);
+				/* $$->runasgroups = NULL; */
+				if ($$->runasusers == NULL) {
+				    free($$);
+				    $$ = NULL;
+				}
+			    }
+			    if ($$ == NULL) {
+				sudoerserror(N_("unable to allocate memory"));
+				YYERROR;
+			    }
+			}
+		;
+
+options		:	/* empty */ {
+			    init_options(&$$);
+			}
+		|	options notbeforespec {
+			    $$.notbefore = parse_gentime($2);
+			    free($2);
+			    if ($$.notbefore == -1) {
+				sudoerserror(N_("invalid notbefore value"));
+				YYERROR;
+			    }
+			}
+		|	options notafterspec {
+			    $$.notafter = parse_gentime($2);
+			    free($2);
+			    if ($$.notafter == -1) {
+				sudoerserror(N_("invalid notafter value"));
+				YYERROR;
+			    }
+			}
+		|	options timeoutspec {
+			    $$.timeout = parse_timeout($2);
+			    free($2);
+			    if ($$.timeout == -1) {
+				if (errno == ERANGE)
+				    sudoerserror(N_("timeout value too large"));
+				else
+				    sudoerserror(N_("invalid timeout value"));
+				YYERROR;
+			    }
+			}
+		|	options rolespec {
+#ifdef HAVE_SELINUX
+			    free($$.role);
+			    $$.role = $2;
+#endif
+			}
+		|	options typespec {
+#ifdef HAVE_SELINUX
+			    free($$.type);
+			    $$.type = $2;
+#endif
+			}
+		|	options privsspec {
+#ifdef HAVE_PRIV_SET
+			    free($$.privs);
+			    $$.privs = $2;
+#endif
+			}
+		|	options limitprivsspec {
+#ifdef HAVE_PRIV_SET
+			    free($$.limitprivs);
+			    $$.limitprivs = $2;
+#endif
+			}
+		;
+
+cmndtag		:	/* empty */ {
+			    TAGS_INIT($$);
+			}
+		|	cmndtag NOPASSWD {
+			    $$.nopasswd = true;
+			}
+		|	cmndtag PASSWD {
+			    $$.nopasswd = false;
+			}
+		|	cmndtag NOEXEC {
+			    $$.noexec = true;
+			}
+		|	cmndtag EXEC {
+			    $$.noexec = false;
+			}
+		|	cmndtag SETENV {
+			    $$.setenv = true;
+			}
+		|	cmndtag NOSETENV {
+			    $$.setenv = false;
+			}
+		|	cmndtag LOG_INPUT {
+			    $$.log_input = true;
+			}
+		|	cmndtag NOLOG_INPUT {
+			    $$.log_input = false;
+			}
+		|	cmndtag LOG_OUTPUT {
+			    $$.log_output = true;
+			}
+		|	cmndtag NOLOG_OUTPUT {
+			    $$.log_output = false;
+			}
+		|	cmndtag FOLLOW {
+			    $$.follow = true;
+			}
+		|	cmndtag NOFOLLOW {
+			    $$.follow = false;
+			}
+		|	cmndtag MAIL {
+			    $$.send_mail = true;
+			}
+		|	cmndtag NOMAIL {
+			    $$.send_mail = false;
+			}
+		;
+
+cmnd		:	ALL {
+			    $$ = new_member(NULL, ALL);
+			    if ($$ == NULL) {
+				sudoerserror(N_("unable to allocate memory"));
+				YYERROR;
+			    }
+			}
+		|	ALIAS {
+			    $$ = new_member($1, ALIAS);
+			    if ($$ == NULL) {
+				sudoerserror(N_("unable to allocate memory"));
+				YYERROR;
+			    }
+			}
+		|	COMMAND {
+			    struct sudo_command *c = calloc(1, sizeof(*c));
+			    if (c == NULL) {
+				sudoerserror(N_("unable to allocate memory"));
+				YYERROR;
+			    }
+			    c->cmnd = $1.cmnd;
+			    c->args = $1.args;
+			    $$ = new_member((char *)c, COMMAND);
+			    if ($$ == NULL) {
+				free(c);
+				sudoerserror(N_("unable to allocate memory"));
+				YYERROR;
+			    }
+			}
+		;
+
+hostaliases	:	hostalias
+		|	hostaliases ':' hostalias
+		;
+
+hostalias	:	ALIAS '=' hostlist {
+			    const char *s;
+			    s = alias_add(&parsed_policy, $1, HOSTALIAS,
+				sudoers, this_lineno, $3);
+			    if (s != NULL) {
+				sudoerserror(s);
+				YYERROR;
+			    }
+			}
+		;
+
+hostlist	:	ophost
+		|	hostlist ',' ophost {
+			    HLTQ_CONCAT($1, $3, entries);
+			    $$ = $1;
+			}
+		;
+
+cmndaliases	:	cmndalias
+		|	cmndaliases ':' cmndalias
+		;
+
+cmndalias	:	ALIAS '=' cmndlist {
+			    const char *s;
+			    s = alias_add(&parsed_policy, $1, CMNDALIAS,
+				sudoers, this_lineno, $3);
+			    if (s != NULL) {
+				sudoerserror(s);
+				YYERROR;
+			    }
+			}
+		;
+
+cmndlist	:	digcmnd
+		|	cmndlist ',' digcmnd {
+			    HLTQ_CONCAT($1, $3, entries);
+			    $$ = $1;
+			}
+		;
+
+runasaliases	:	runasalias
+		|	runasaliases ':' runasalias
+		;
+
+runasalias	:	ALIAS '=' userlist {
+			    const char *s;
+			    s = alias_add(&parsed_policy, $1, RUNASALIAS,
+				sudoers, this_lineno, $3);
+			    if (s != NULL) {
+				sudoerserror(s);
+				YYERROR;
+			    }
+			}
+		;
+
+useraliases	:	useralias
+		|	useraliases ':' useralias
+		;
+
+useralias	:	ALIAS '=' userlist {
+			    const char *s;
+			    s = alias_add(&parsed_policy, $1, USERALIAS,
+				sudoers, this_lineno, $3);
+			    if (s != NULL) {
+				sudoerserror(s);
+				YYERROR;
+			    }
+			}
+		;
+
+userlist	:	opuser
+		|	userlist ',' opuser {
+			    HLTQ_CONCAT($1, $3, entries);
+			    $$ = $1;
+			}
+		;
+
+opuser		:	user {
+			    $$ = $1;
+			    $$->negated = false;
+			}
+		|	'!' user {
+			    $$ = $2;
+			    $$->negated = true;
+			}
+		;
+
+user		:	ALIAS {
+			    $$ = new_member($1, ALIAS);
+			    if ($$ == NULL) {
+				sudoerserror(N_("unable to allocate memory"));
+				YYERROR;
+			    }
+			}
+		|	ALL {
+			    $$ = new_member(NULL, ALL);
+			    if ($$ == NULL) {
+				sudoerserror(N_("unable to allocate memory"));
+				YYERROR;
+			    }
+			}
+		|	NETGROUP {
+			    $$ = new_member($1, NETGROUP);
+			    if ($$ == NULL) {
+				sudoerserror(N_("unable to allocate memory"));
+				YYERROR;
+			    }
+			}
+		|	USERGROUP {
+			    $$ = new_member($1, USERGROUP);
+			    if ($$ == NULL) {
+				sudoerserror(N_("unable to allocate memory"));
+				YYERROR;
+			    }
+			}
+		|	WORD {
+			    $$ = new_member($1, WORD);
+			    if ($$ == NULL) {
+				sudoerserror(N_("unable to allocate memory"));
+				YYERROR;
+			    }
+			}
+		;
+
+grouplist	:	opgroup
+		|	grouplist ',' opgroup {
+			    HLTQ_CONCAT($1, $3, entries);
+			    $$ = $1;
+			}
+		;
+
+opgroup		:	group {
+			    $$ = $1;
+			    $$->negated = false;
+			}
+		|	'!' group {
+			    $$ = $2;
+			    $$->negated = true;
+			}
+		;
+
+group		:	ALIAS {
+			    $$ = new_member($1, ALIAS);
+			    if ($$ == NULL) {
+				sudoerserror(N_("unable to allocate memory"));
+				YYERROR;
+			    }
+			}
+		|	ALL {
+			    $$ = new_member(NULL, ALL);
+			    if ($$ == NULL) {
+				sudoerserror(N_("unable to allocate memory"));
+				YYERROR;
+			    }
+			}
+		|	WORD {
+			    $$ = new_member($1, WORD);
+			    if ($$ == NULL) {
+				sudoerserror(N_("unable to allocate memory"));
+				YYERROR;
+			    }
+			}
+		;
+
+%%
+void
+sudoerserror(const char *s)
+{
+    debug_decl(sudoerserror, SUDOERS_DEBUG_PARSER)
+
+    /* Save the line the first error occurred on. */
+    if (errorlineno == -1) {
+	errorlineno = this_lineno;
+	rcstr_delref(errorfile);
+	errorfile = rcstr_addref(sudoers);
+    }
+    if (sudoers_warnings && s != NULL) {
+	LEXTRACE("<*> ");
+#ifndef TRACELEXER
+	if (trace_print == NULL || trace_print == sudoers_trace_print) {
+	    const char fmt[] = ">>> %s: %s near line %d <<<\n";
+	    int oldlocale;
+
+	    /* Warnings are displayed in the user's locale. */
+	    sudoers_setlocale(SUDOERS_LOCALE_USER, &oldlocale);
+	    sudo_printf(SUDO_CONV_ERROR_MSG, _(fmt), sudoers, _(s), this_lineno);
+	    sudoers_setlocale(oldlocale, NULL);
+	}
+#endif
+    }
+    parse_error = true;
+    debug_return;
+}
+
+static struct defaults *
+new_default(char *var, char *val, short op)
+{
+    struct defaults *d;
+    debug_decl(new_default, SUDOERS_DEBUG_PARSER)
+
+    if ((d = calloc(1, sizeof(struct defaults))) == NULL) {
+	sudo_debug_printf(SUDO_DEBUG_ERROR|SUDO_DEBUG_LINENO,
+	    "unable to allocate memory");
+	debug_return_ptr(NULL);
+    }
+
+    d->var = var;
+    d->val = val;
+    /* d->type = 0; */
+    d->op = op;
+    /* d->binding = NULL */
+    d->lineno = this_lineno;
+    d->file = rcstr_addref(sudoers);
+    HLTQ_INIT(d, entries);
+
+    debug_return_ptr(d);
+}
+
+static struct member *
+new_member(char *name, int type)
+{
+    struct member *m;
+    debug_decl(new_member, SUDOERS_DEBUG_PARSER)
+
+    if ((m = calloc(1, sizeof(struct member))) == NULL) {
+	sudo_debug_printf(SUDO_DEBUG_ERROR|SUDO_DEBUG_LINENO,
+	    "unable to allocate memory");
+	debug_return_ptr(NULL);
+    }
+
+    m->name = name;
+    m->type = type;
+    HLTQ_INIT(m, entries);
+
+    debug_return_ptr(m);
+}
+
+static struct command_digest *
+new_digest(int digest_type, char *digest_str)
+{
+    struct command_digest *digest;
+    debug_decl(new_digest, SUDOERS_DEBUG_PARSER)
+
+    if ((digest = malloc(sizeof(*digest))) == NULL) {
+	sudo_debug_printf(SUDO_DEBUG_ERROR|SUDO_DEBUG_LINENO,
+	    "unable to allocate memory");
+	debug_return_ptr(NULL);
+    }
+
+    digest->digest_type = digest_type;
+    digest->digest_str = digest_str;
+    if (digest->digest_str == NULL) {
+	sudo_debug_printf(SUDO_DEBUG_ERROR|SUDO_DEBUG_LINENO,
+	    "unable to allocate memory");
+	free(digest);
+	digest = NULL;
+    }
+
+    debug_return_ptr(digest);
+}
+
+/*
+ * Add a list of defaults structures to the defaults list.
+ * The binding, if non-NULL, specifies a list of hosts, users, or
+ * runas users the entries apply to (specified by the type).
+ */
+static bool
+add_defaults(int type, struct member *bmem, struct defaults *defs)
+{
+    struct defaults *d, *next;
+    struct member_list *binding;
+    bool ret = true;
+    debug_decl(add_defaults, SUDOERS_DEBUG_PARSER)
+
+    if (defs != NULL) {
+	/*
+	 * We use a single binding for each entry in defs.
+	 */
+	if ((binding = malloc(sizeof(*binding))) == NULL) {
+	    sudo_debug_printf(SUDO_DEBUG_ERROR|SUDO_DEBUG_LINENO,
+		"unable to allocate memory");
+	    sudoerserror(N_("unable to allocate memory"));
+	    debug_return_bool(false);
+	}
+	if (bmem != NULL)
+	    HLTQ_TO_TAILQ(binding, bmem, entries);
+	else
+	    TAILQ_INIT(binding);
+
+	/*
+	 * Set type and binding (who it applies to) for new entries.
+	 * Then add to the global defaults list.
+	 */
+	HLTQ_FOREACH_SAFE(d, defs, entries, next) {
+	    d->type = type;
+	    d->binding = binding;
+	    TAILQ_INSERT_TAIL(&parsed_policy.defaults, d, entries);
+	}
+    }
+
+    debug_return_bool(ret);
+}
+
+/*
+ * Allocate a new struct userspec, populate it, and insert it at the
+ * end of the userspecs list.
+ */
+static bool
+add_userspec(struct member *members, struct privilege *privs)
+{
+    struct userspec *u;
+    debug_decl(add_userspec, SUDOERS_DEBUG_PARSER)
+
+    if ((u = calloc(1, sizeof(*u))) == NULL) {
+	sudo_debug_printf(SUDO_DEBUG_ERROR|SUDO_DEBUG_LINENO,
+	    "unable to allocate memory");
+	debug_return_bool(false);
+    }
+    u->lineno = this_lineno;
+    u->file = rcstr_addref(sudoers);
+    HLTQ_TO_TAILQ(&u->users, members, entries);
+    HLTQ_TO_TAILQ(&u->privileges, privs, entries);
+    STAILQ_INIT(&u->comments);
+    TAILQ_INSERT_TAIL(&parsed_policy.userspecs, u, entries);
+
+    debug_return_bool(true);
+}
+
+/*
+ * Free a member struct and its contents.
+ */
+void
+free_member(struct member *m)
+{
+    debug_decl(free_member, SUDOERS_DEBUG_PARSER)
+
+    if (m->type == COMMAND) {
+	    struct sudo_command *c = (struct sudo_command *)m->name;
+	    free(c->cmnd);
+	    free(c->args);
+	    if (c->digest != NULL) {
+		free(c->digest->digest_str);
+		free(c->digest);
+	    }
+    }
+    free(m->name);
+    free(m);
+
+    debug_return;
+}
+
+/*
+ * Free a tailq of members but not the struct member_list container itself.
+ */
+void
+free_members(struct member_list *members)
+{
+    struct member *m;
+    debug_decl(free_members, SUDOERS_DEBUG_PARSER)
+
+    while ((m = TAILQ_FIRST(members)) != NULL) {
+	TAILQ_REMOVE(members, m, entries);
+	free_member(m);
+    }
+
+    debug_return;
+}
+
+void
+free_defaults(struct defaults_list *defs)
+{
+    struct member_list *prev_binding = NULL;
+    struct defaults *def;
+    debug_decl(free_defaults, SUDOERS_DEBUG_PARSER)
+
+    while ((def = TAILQ_FIRST(defs)) != NULL) {
+	TAILQ_REMOVE(defs, def, entries);
+	free_default(def, &prev_binding);
+    }
+
+    debug_return;
+}
+
+void
+free_default(struct defaults *def, struct member_list **binding)
+{
+    debug_decl(free_default, SUDOERS_DEBUG_PARSER)
+
+    if (def->binding != *binding) {
+	*binding = def->binding;
+	if (def->binding != NULL) {
+	    free_members(def->binding);
+	    free(def->binding);
+	}
+    }
+    rcstr_delref(def->file);
+    free(def->var);
+    free(def->val);
+    free(def);
+
+    debug_return;
+}
+
+void
+free_privilege(struct privilege *priv)
+{
+    struct member_list *runasuserlist = NULL, *runasgrouplist = NULL;
+    struct member_list *prev_binding = NULL;
+    struct cmndspec *cs;
+    struct defaults *def;
+#ifdef HAVE_SELINUX
+    char *role = NULL, *type = NULL;
+#endif /* HAVE_SELINUX */
+#ifdef HAVE_PRIV_SET
+    char *privs = NULL, *limitprivs = NULL;
+#endif /* HAVE_PRIV_SET */
+    debug_decl(free_privilege, SUDOERS_DEBUG_PARSER)
+
+    free(priv->ldap_role);
+    free_members(&priv->hostlist);
+    while ((cs = TAILQ_FIRST(&priv->cmndlist)) != NULL) {
+	TAILQ_REMOVE(&priv->cmndlist, cs, entries);
+#ifdef HAVE_SELINUX
+	/* Only free the first instance of a role/type. */
+	if (cs->role != role) {
+	    role = cs->role;
+	    free(cs->role);
+	}
+	if (cs->type != type) {
+	    type = cs->type;
+	    free(cs->type);
+	}
+#endif /* HAVE_SELINUX */
+#ifdef HAVE_PRIV_SET
+	/* Only free the first instance of privs/limitprivs. */
+	if (cs->privs != privs) {
+	    privs = cs->privs;
+	    free(cs->privs);
+	}
+	if (cs->limitprivs != limitprivs) {
+	    limitprivs = cs->limitprivs;
+	    free(cs->limitprivs);
+	}
+#endif /* HAVE_PRIV_SET */
+	/* Only free the first instance of runas user/group lists. */
+	if (cs->runasuserlist && cs->runasuserlist != runasuserlist) {
+	    runasuserlist = cs->runasuserlist;
+	    free_members(runasuserlist);
+	    free(runasuserlist);
+	}
+	if (cs->runasgrouplist && cs->runasgrouplist != runasgrouplist) {
+	    runasgrouplist = cs->runasgrouplist;
+	    free_members(runasgrouplist);
+	    free(runasgrouplist);
+	}
+	free_member(cs->cmnd);
+	free(cs);
+    }
+    while ((def = TAILQ_FIRST(&priv->defaults)) != NULL) {
+	TAILQ_REMOVE(&priv->defaults, def, entries);
+	free_default(def, &prev_binding);
+    }
+    free(priv);
+
+    debug_return;
+}
+
+void
+free_userspecs(struct userspec_list *usl)
+{
+    struct userspec *us;
+    debug_decl(free_userspecs, SUDOERS_DEBUG_PARSER)
+
+    while ((us = TAILQ_FIRST(usl)) != NULL) {
+	TAILQ_REMOVE(usl, us, entries);
+	free_userspec(us);
+    }
+
+    debug_return;
+}
+
+void
+free_userspec(struct userspec *us)
+{
+    struct privilege *priv;
+    struct sudoers_comment *comment;
+    debug_decl(free_userspec, SUDOERS_DEBUG_PARSER)
+
+    free_members(&us->users);
+    while ((priv = TAILQ_FIRST(&us->privileges)) != NULL) {
+	TAILQ_REMOVE(&us->privileges, priv, entries);
+	free_privilege(priv);
+    }
+    while ((comment = STAILQ_FIRST(&us->comments)) != NULL) {
+	STAILQ_REMOVE_HEAD(&us->comments, entries);
+	free(comment->str);
+	free(comment);
+    }
+    rcstr_delref(us->file);
+    free(us);
+
+    debug_return;
+}
+
+/*
+ * Initialized a sudoers parse tree.
+ */
+void
+init_parse_tree(struct sudoers_parse_tree *parse_tree)
+{
+    TAILQ_INIT(&parse_tree->userspecs);
+    TAILQ_INIT(&parse_tree->defaults);
+    parse_tree->aliases = NULL;
+}
+
+/*
+ * Move the contents of parsed_policy to new_tree.
+ */
+void
+reparent_parse_tree(struct sudoers_parse_tree *new_tree)
+{
+    TAILQ_CONCAT(&new_tree->userspecs, &parsed_policy.userspecs, entries);
+    TAILQ_CONCAT(&new_tree->defaults, &parsed_policy.defaults, entries);
+    new_tree->aliases = parsed_policy.aliases;
+    parsed_policy.aliases = NULL;
+}
+
+/*
+ * Free the contents of a sudoers parse tree and initialize it.
+ */
+void
+free_parse_tree(struct sudoers_parse_tree *parse_tree)
+{
+    free_userspecs(&parse_tree->userspecs);
+    free_defaults(&parse_tree->defaults);
+    free_aliases(parse_tree->aliases);
+    parse_tree->aliases = NULL;
+}
+
+/*
+ * Free up space used by data structures from a previous parser run and sets
+ * the current sudoers file to path.
+ */
+bool
+init_parser(const char *path, bool quiet)
+{
+    bool ret = true;
+    debug_decl(init_parser, SUDOERS_DEBUG_PARSER)
+
+    free_parse_tree(&parsed_policy);
+    init_lexer();
+
+    rcstr_delref(sudoers);
+    if (path != NULL) {
+	if ((sudoers = rcstr_dup(path)) == NULL) {
+	    sudo_warnx(U_("%s: %s"), __func__, U_("unable to allocate memory"));
+	    ret = false;
+	}
+    } else {
+	sudoers = NULL;
+    }
+
+    parse_error = false;
+    errorlineno = -1;
+    rcstr_delref(errorfile);
+    errorfile = NULL;
+    sudoers_warnings = !quiet;
+
+    debug_return_bool(ret);
+}
+
+/*
+ * Initialize all options in a cmndspec.
+ */
+static void
+init_options(struct command_options *opts)
+{
+    opts->notbefore = UNSPEC;
+    opts->notafter = UNSPEC;
+    opts->timeout = UNSPEC;
+#ifdef HAVE_SELINUX
+    opts->role = NULL;
+    opts->type = NULL;
+#endif
+#ifdef HAVE_PRIV_SET
+    opts->privs = NULL;
+    opts->limitprivs = NULL;
+#endif
+}
diff --git a/plugins/sudoers/group_plugin.c b/plugins/sudoers/group_plugin.c
new file mode 100644
index 0000000..21d6510
--- /dev/null
+++ b/plugins/sudoers/group_plugin.c
@@ -0,0 +1,232 @@
+/*
+ * Copyright (c) 2010-2018 Todd C. Miller <Todd.Miller@sudo.ws>
+ *
+ * Permission to use, copy, modify, and distribute this software for any
+ * purpose with or without fee is hereby granted, provided that the above
+ * copyright notice and this permission notice appear in all copies.
+ *
+ * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
+ * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
+ * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
+ * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
+ * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
+ * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
+ * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
+ */
+
+/*
+ * This is an open source non-commercial project. Dear PVS-Studio, please check it.
+ * PVS-Studio Static Code Analyzer for C, C++ and C#: http://www.viva64.com
+ */
+
+#include <config.h>
+
+#include <sys/types.h>
+#include <sys/stat.h>
+#include <stdio.h>
+#include <stdlib.h>
+#ifdef HAVE_STRING_H
+# include <string.h>
+#endif /* HAVE_STRING_H */
+#ifdef HAVE_STRINGS_H
+# include <strings.h>
+#endif /* HAVE_STRINGS_H */
+#include <unistd.h>
+#include <time.h>
+#include <ctype.h>
+#include <errno.h>
+#include <pwd.h>
+
+#include "sudoers.h"
+#include "sudo_dso.h"
+
+#if defined(HAVE_DLOPEN) || defined(HAVE_SHL_LOAD)
+
+static void *group_handle;
+static struct sudoers_group_plugin *group_plugin;
+const char *path_plugin_dir = _PATH_SUDO_PLUGIN_DIR;
+
+/*
+ * Load the specified plugin and run its init function.
+ * Returns -1 if unable to open the plugin, else it returns
+ * the value from the plugin's init function.
+ */
+int
+group_plugin_load(char *plugin_info)
+{
+    struct stat sb;
+    char *args, path[PATH_MAX];
+    char **argv = NULL;
+    int len, rc = -1;
+    debug_decl(group_plugin_load, SUDOERS_DEBUG_UTIL)
+
+    /*
+     * Fill in .so path and split out args (if any).
+     */
+    if ((args = strpbrk(plugin_info, " \t")) != NULL) {
+	len = snprintf(path, sizeof(path), "%s%.*s",
+	    (*plugin_info != '/') ? path_plugin_dir : "",
+	    (int)(args - plugin_info), plugin_info);
+	args++;
+    } else {
+	len = snprintf(path, sizeof(path), "%s%s",
+	    (*plugin_info != '/') ? path_plugin_dir : "", plugin_info);
+    }
+    if (len <= 0 || (size_t)len >= sizeof(path)) {
+	errno = ENAMETOOLONG;
+	sudo_warn("%s%s",
+	    (*plugin_info != '/') ? path_plugin_dir : "", plugin_info);
+	goto done;
+    }
+
+    /* Sanity check plugin path. */
+    if (stat(path, &sb) != 0) {
+	sudo_warn("%s", path);
+	goto done;
+    }
+    if (sb.st_uid != ROOT_UID) {
+	sudo_warnx(U_("%s must be owned by uid %d"), path, ROOT_UID);
+	goto done;
+    }
+    if ((sb.st_mode & (S_IWGRP|S_IWOTH)) != 0) {
+	sudo_warnx(U_("%s must only be writable by owner"), path);
+	goto done;
+    }
+
+    /* Open plugin and map in symbol. */
+    group_handle = sudo_dso_load(path, SUDO_DSO_LAZY|SUDO_DSO_GLOBAL);
+    if (!group_handle) {
+	const char *errstr = sudo_dso_strerror();
+	sudo_warnx(U_("unable to load %s: %s"), path,
+	    errstr ? errstr : "unknown error");
+	goto done;
+    }
+    group_plugin = sudo_dso_findsym(group_handle, "group_plugin");
+    if (group_plugin == NULL) {
+	sudo_warnx(U_("unable to find symbol \"group_plugin\" in %s"), path);
+	goto done;
+    }
+
+    if (SUDO_API_VERSION_GET_MAJOR(group_plugin->version) != GROUP_API_VERSION_MAJOR) {
+	sudo_warnx(U_("%s: incompatible group plugin major version %d, expected %d"),
+	    path, SUDO_API_VERSION_GET_MAJOR(group_plugin->version),
+	    GROUP_API_VERSION_MAJOR);
+	goto done;
+    }
+
+    /*
+     * Split args into a vector if specified.
+     */
+    if (args != NULL) {
+	int ac = 0;
+	bool wasblank = true;
+	char *cp, *last;
+
+        for (cp = args; *cp != '\0'; cp++) {
+            if (isblank((unsigned char)*cp)) {
+                wasblank = true;
+            } else if (wasblank) {
+                wasblank = false;
+                ac++;
+            }
+        }
+	if (ac != 0) {
+	    argv = reallocarray(NULL, ac, sizeof(char *));
+	    if (argv == NULL) {
+		sudo_warnx(U_("%s: %s"), __func__, U_("unable to allocate memory"));
+		goto done;
+	    }
+	    ac = 0;
+	    for ((cp = strtok_r(args, " \t", &last)); cp != NULL; (cp = strtok_r(NULL, " \t", &last)))
+		argv[ac++] = cp;
+	}
+    }
+
+    rc = (group_plugin->init)(GROUP_API_VERSION, sudo_printf, argv);
+
+done:
+    free(argv);
+
+    if (rc != true) {
+	if (group_handle != NULL) {
+	    sudo_dso_unload(group_handle);
+	    group_handle = NULL;
+	    group_plugin = NULL;
+	}
+    }
+
+    debug_return_int(rc);
+}
+
+void
+group_plugin_unload(void)
+{
+    debug_decl(group_plugin_unload, SUDOERS_DEBUG_UTIL)
+
+    if (group_plugin != NULL) {
+	(group_plugin->cleanup)();
+	group_plugin = NULL;
+    }
+    if (group_handle != NULL) {
+	sudo_dso_unload(group_handle);
+	group_handle = NULL;
+    }
+    debug_return;
+}
+
+int
+group_plugin_query(const char *user, const char *group,
+    const struct passwd *pwd)
+{
+    debug_decl(group_plugin_query, SUDOERS_DEBUG_UTIL)
+
+    if (group_plugin == NULL)
+	debug_return_int(false);
+    debug_return_int((group_plugin->query)(user, group, pwd));
+}
+
+#else /* !HAVE_DLOPEN && !HAVE_SHL_LOAD */
+
+/*
+ * No loadable shared object support.
+ */
+
+int
+group_plugin_load(char *plugin_info)
+{
+    debug_decl(group_plugin_load, SUDOERS_DEBUG_UTIL)
+    debug_return_int(false);
+}
+
+void
+group_plugin_unload(void)
+{
+    debug_decl(group_plugin_unload, SUDOERS_DEBUG_UTIL)
+    debug_return;
+}
+
+int
+group_plugin_query(const char *user, const char *group,
+    const struct passwd *pwd)
+{
+    debug_decl(group_plugin_query, SUDOERS_DEBUG_UTIL)
+    debug_return_int(false);
+}
+
+#endif /* HAVE_DLOPEN || HAVE_SHL_LOAD */
+
+/*
+ * Group plugin sudoers callback.
+ */
+bool
+cb_group_plugin(const union sudo_defs_val *sd_un)
+{
+    bool rc = true;
+    debug_decl(cb_group_plugin, SUDOERS_DEBUG_PLUGIN)
+
+    /* Unload any existing group plugin before loading a new one. */
+    group_plugin_unload();
+    if (sd_un->str != NULL)
+	rc = group_plugin_load(sd_un->str);
+    debug_return_bool(rc);
+}
diff --git a/plugins/sudoers/hexchar.c b/plugins/sudoers/hexchar.c
new file mode 100644
index 0000000..1813b66
--- /dev/null
+++ b/plugins/sudoers/hexchar.c
@@ -0,0 +1,102 @@
+/*
+ * Copyright (c) 2013-2015 Todd C. Miller <Todd.Miller@sudo.ws>
+ *
+ * Permission to use, copy, modify, and distribute this software for any
+ * purpose with or without fee is hereby granted, provided that the above
+ * copyright notice and this permission notice appear in all copies.
+ *
+ * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
+ * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
+ * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
+ * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
+ * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
+ * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
+ * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
+ */
+
+/*
+ * This is an open source non-commercial project. Dear PVS-Studio, please check it.
+ * PVS-Studio Static Code Analyzer for C, C++ and C#: http://www.viva64.com
+ */
+
+#include <config.h>
+
+#include <sys/types.h>
+#include <stdio.h>
+
+#include "sudoers.h"
+
+/*
+ * Converts a two-byte hex string to decimal.
+ * Returns the decimal value or -1 for invalid input.
+ */
+int
+hexchar(const char *s)
+{
+    unsigned char result[2];
+    int i;
+    debug_decl(hexchar, SUDOERS_DEBUG_UTIL)
+
+    for (i = 0; i < 2; i++) {
+	switch (s[i]) {
+	case '0':
+	    result[i] = 0;
+	    break;
+	case '1':
+	    result[i] = 1;
+	    break;
+	case '2':
+	    result[i] = 2;
+	    break;
+	case '3':
+	    result[i] = 3;
+	    break;
+	case '4':
+	    result[i] = 4;
+	    break;
+	case '5':
+	    result[i] = 5;
+	    break;
+	case '6':
+	    result[i] = 6;
+	    break;
+	case '7':
+	    result[i] = 7;
+	    break;
+	case '8':
+	    result[i] = 8;
+	    break;
+	case '9':
+	    result[i] = 9;
+	    break;
+	case 'A':
+	case 'a':
+	    result[i] = 10;
+	    break;
+	case 'B':
+	case 'b':
+	    result[i] = 11;
+	    break;
+	case 'C':
+	case 'c':
+	    result[i] = 12;
+	    break;
+	case 'D':
+	case 'd':
+	    result[i] = 13;
+	    break;
+	case 'E':
+	case 'e':
+	    result[i] = 14;
+	    break;
+	case 'F':
+	case 'f':
+	    result[i] = 15;
+	    break;
+	default:
+	    /* Invalid input. */
+	    debug_return_int(-1);
+	}
+    }
+    debug_return_int((result[0] << 4) | result[1]);
+}
diff --git a/plugins/sudoers/ins_2001.h b/plugins/sudoers/ins_2001.h
new file mode 100644
index 0000000..c6ad6ff
--- /dev/null
+++ b/plugins/sudoers/ins_2001.h
@@ -0,0 +1,33 @@
+/*
+ * Copyright (c) 1996, 1998, 1999 Todd C. Miller <Todd.Miller@sudo.ws>
+ *
+ * Permission to use, copy, modify, and distribute this software for any
+ * purpose with or without fee is hereby granted, provided that the above
+ * copyright notice and this permission notice appear in all copies.
+ *
+ * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
+ * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
+ * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
+ * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
+ * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
+ * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
+ * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
+ */
+
+#ifndef SUDOERS_INS_2001_H
+#define SUDOERS_INS_2001_H
+
+    /*
+     * HAL insults (paraphrased) from 2001.
+     */
+
+    "Just what do you think you're doing Dave?",
+    "It can only be attributed to human error.",
+    "That's something I cannot allow to happen.",
+    "My mind is going. I can feel it.",
+    "Sorry about this, I know it's a bit silly.",
+    "Take a stress pill and think things over.",
+    "This mission is too important for me to allow you to jeopardize it.",
+    "I feel much better now.",
+
+#endif /* SUDOERS_INS_2001_H */
diff --git a/plugins/sudoers/ins_classic.h b/plugins/sudoers/ins_classic.h
new file mode 100644
index 0000000..2448151
--- /dev/null
+++ b/plugins/sudoers/ins_classic.h
@@ -0,0 +1,37 @@
+/*
+ * Copyright (c) 1996, 1998, 1999 Todd C. Miller <Todd.Miller@sudo.ws>
+ *
+ * Permission to use, copy, modify, and distribute this software for any
+ * purpose with or without fee is hereby granted, provided that the above
+ * copyright notice and this permission notice appear in all copies.
+ *
+ * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
+ * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
+ * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
+ * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
+ * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
+ * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
+ * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
+ */
+
+#ifndef SUDOERS_INS_CLASSIC_H
+#define SUDOERS_INS_CLASSIC_H
+
+    /*
+     * Insults from the original sudo(8).
+     */
+
+    "Wrong!  You cheating scum!",
+#ifndef OFFENSIVE_INSULTS
+    "And you call yourself a Rocket Scientist!",
+#else
+    "No soap, honkie-lips.",
+#endif
+    "Where did you learn to type?",
+    "Are you on drugs?",
+    "My pet ferret can type better than you!",
+    "You type like i drive.",
+    "Do you think like you type?",
+    "Your mind just hasn't been the same since the electro-shock, has it?",
+
+#endif /* SUDOERS_INS_CLASSIC_H */
diff --git a/plugins/sudoers/ins_csops.h b/plugins/sudoers/ins_csops.h
new file mode 100644
index 0000000..45c5dd3
--- /dev/null
+++ b/plugins/sudoers/ins_csops.h
@@ -0,0 +1,39 @@
+/*
+ * Copyright (c) 1996, 1998, 1999, 2004
+ *	Todd C. Miller <Todd.Miller@sudo.ws>
+ *
+ * Permission to use, copy, modify, and distribute this software for any
+ * purpose with or without fee is hereby granted, provided that the above
+ * copyright notice and this permission notice appear in all copies.
+ *
+ * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
+ * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
+ * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
+ * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
+ * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
+ * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
+ * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
+ */
+
+#ifndef SUDOERS_INS_CSOPS_H
+#define SUDOERS_INS_CSOPS_H
+
+    /*
+     * CSOps insults (may be site dependent).
+     */
+
+    "Maybe if you used more than just two fingers...",
+    "BOB says:  You seem to have forgotten your passwd, enter another!",
+    "stty: unknown mode: doofus",
+    "I can't hear you -- I'm using the scrambler.",
+    "The more you drive -- the dumber you get.",
+#ifdef PC_INSULTS
+    "Listen, broccoli brains, I don't have time to listen to this trash.",
+#else
+    "Listen, burrito brains, I don't have time to listen to this trash.",
+#endif
+    "I've seen penguins that can type better than that.",
+    "Have you considered trying to match wits with a rutabaga?",
+    "You speak an infinite deal of nothing",
+
+#endif /* SUDOERS_INS_CSOPS_H */
diff --git a/plugins/sudoers/ins_goons.h b/plugins/sudoers/ins_goons.h
new file mode 100644
index 0000000..5ed5e31
--- /dev/null
+++ b/plugins/sudoers/ins_goons.h
@@ -0,0 +1,48 @@
+/*
+ * Copyright (c) 1996, 1998, 1999 Todd C. Miller <Todd.Miller@sudo.ws>
+ *
+ * Permission to use, copy, modify, and distribute this software for any
+ * purpose with or without fee is hereby granted, provided that the above
+ * copyright notice and this permission notice appear in all copies.
+ *
+ * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
+ * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
+ * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
+ * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
+ * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
+ * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
+ * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
+ */
+
+#ifndef SUDOERS_INS_GOONS_H
+#define SUDOERS_INS_GOONS_H
+
+    /*
+     * Insults from the "Goon Show."
+     */
+
+    "You silly, twisted boy you.",
+    "He has fallen in the water!",
+    "We'll all be murdered in our beds!",
+    "You can't come in. Our tiger has got flu",
+    "I don't wish to know that.",
+    "What, what, what, what, what, what, what, what, what, what?",
+    "You can't get the wood, you know.",
+    "You'll starve!",
+    "... and it used to be so popular...",
+    "Pauses for audience applause, not a sausage",
+    "Hold it up to the light --- not a brain in sight!",
+    "Have a gorilla...",
+    "There must be cure for it!",
+    "There's a lot of it about, you know.",
+    "You do that again and see what happens...",
+    "Ying Tong Iddle I Po",
+    "Harm can come to a young lad like that!",
+    "And with that remarks folks, the case of the Crown vs yourself was proven.",
+    "Speak English you fool --- there are no subtitles in this scene.",
+    "You gotta go owwwww!",
+    "I have been called worse.",
+    "It's only your word against mine.",
+    "I think ... err ... I think ... I think I'll go home",
+
+#endif /* SUDOERS_INS_GOONS_H */
diff --git a/plugins/sudoers/ins_python.h b/plugins/sudoers/ins_python.h
new file mode 100644
index 0000000..28f53d2
--- /dev/null
+++ b/plugins/sudoers/ins_python.h
@@ -0,0 +1,37 @@
+/*
+ * Copyright (c) 2018 Todd C. Miller <Todd.Miller@sudo.ws>
+ *
+ * Permission to use, copy, modify, and distribute this software for any
+ * purpose with or without fee is hereby granted, provided that the above
+ * copyright notice and this permission notice appear in all copies.
+ *
+ * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
+ * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
+ * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
+ * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
+ * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
+ * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
+ * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
+ */
+
+#ifndef SUDOERS_INS_PYTHON_H
+#define SUDOERS_INS_PYTHON_H
+
+    /*
+     * Insults from "Monty Python's Flying Circus" and family.
+     */
+
+    "That is no basis for supreme executive power!",
+    "You empty-headed animal food trough wiper!",
+    "I fart in your general direction!",
+    "Your mother was a hamster and your father smelt of elderberries!",
+    "You must cut down the mightiest tree in the forest... with... a herring!",
+    "I wave my private parts at your aunties!",
+    "He's not the Messiah, he's a very naughty boy!",
+    "I wish to make a complaint.",
+    "When you're walking home tonight, and some homicidal maniac comes after you with a bunch of loganberries, don't come crying to me!",
+    "This man, he doesn't know when he's beaten! He doesn't know when he's winning, either. He has no... sort of... sensory apparatus...",
+    "There's nothing wrong with you that an expensive operation can't prolong.",
+    "I'm very sorry, but I'm not allowed to argue unless you've paid.",
+
+#endif /* SUDOERS_INS_PYTHON_H */
diff --git a/plugins/sudoers/insults.h b/plugins/sudoers/insults.h
new file mode 100644
index 0000000..cc08023
--- /dev/null
+++ b/plugins/sudoers/insults.h
@@ -0,0 +1,67 @@
+/*
+ * Copyright (c) 1994-1996, 1998-1999, 2004
+ *	Todd C. Miller <Todd.Miller@sudo.ws>
+ *
+ * Permission to use, copy, modify, and distribute this software for any
+ * purpose with or without fee is hereby granted, provided that the above
+ * copyright notice and this permission notice appear in all copies.
+ *
+ * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
+ * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
+ * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
+ * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
+ * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
+ * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
+ * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
+ */
+
+#ifndef SUDOERS_INSULTS_H
+#define SUDOERS_INSULTS_H
+
+#if defined(HAL_INSULTS) || defined(GOONS_INSULTS) || defined(CLASSIC_INSULTS) || defined(CSOPS_INSULTS) || defined(PYTHON_INSULTS)
+
+#include "sudo_rand.h"
+
+/*
+ * Use one or more set of insults as determined by configure
+ */
+
+char *insults[] = {
+
+# ifdef HAL_INSULTS
+#  include "ins_2001.h"
+# endif
+
+# ifdef GOONS_INSULTS
+#  include "ins_goons.h"
+# endif
+
+# ifdef CLASSIC_INSULTS
+#  include "ins_classic.h"
+# endif
+
+# ifdef CSOPS_INSULTS
+#  include "ins_csops.h"
+# endif
+
+# ifdef PYTHON_INSULTS
+#  include "ins_python.h"
+# endif
+
+    NULL
+
+};
+
+/*
+ * How may I insult you?  Let me count the ways...
+ */
+#define NOFINSULTS (nitems(insults) - 1)
+
+/*
+ * return a pseudo-random insult.
+ */
+#define INSULT		(insults[arc4random_uniform(NOFINSULTS)])
+
+#endif /* HAL_INSULTS || GOONS_INSULTS || CLASSIC_INSULTS || CSOPS_INSULTS || PYTHON_INSULTS */
+
+#endif /* SUDOERS_INSULTS_H */
diff --git a/plugins/sudoers/interfaces.c b/plugins/sudoers/interfaces.c
new file mode 100644
index 0000000..bd65366
--- /dev/null
+++ b/plugins/sudoers/interfaces.c
@@ -0,0 +1,142 @@
+/*
+ * Copyright (c) 2010-2016 Todd C. Miller <Todd.Miller@sudo.ws>
+ *
+ * Permission to use, copy, modify, and distribute this software for any
+ * purpose with or without fee is hereby granted, provided that the above
+ * copyright notice and this permission notice appear in all copies.
+ *
+ * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
+ * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
+ * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
+ * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
+ * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
+ * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
+ * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
+ */
+
+/*
+ * This is an open source non-commercial project. Dear PVS-Studio, please check it.
+ * PVS-Studio Static Code Analyzer for C, C++ and C#: http://www.viva64.com
+ */
+
+#include <config.h>
+
+#include <sys/types.h>
+#include <sys/socket.h>
+#include <stdio.h>
+#include <stdlib.h>
+#ifdef HAVE_STRING_H
+# include <string.h>
+#endif /* HAVE_STRING_H */
+#ifdef HAVE_STRINGS_H
+# include <strings.h>
+#endif /* HAVE_STRINGS_H */
+#include <unistd.h>
+#include <netinet/in.h>  
+#include <arpa/inet.h>
+#ifdef NEED_RESOLV_H
+# include <arpa/nameser.h>
+# include <resolv.h>
+#endif /* NEED_RESOLV_H */
+#include <netdb.h>
+#include <errno.h>
+
+#include "sudoers.h"
+#include "interfaces.h"
+
+#ifndef INADDR_NONE
+# define INADDR_NONE ((unsigned int)-1)
+#endif
+
+static struct interface_list interfaces = SLIST_HEAD_INITIALIZER(interfaces);
+
+/*
+ * Parse a space-delimited list of IP address/netmask pairs and
+ * store in a list of interface structures.  Returns true on
+ * success and false on parse error or memory allocation error.
+ */
+bool
+set_interfaces(const char *ai)
+{
+    char *addrinfo, *addr, *mask, *last;
+    struct interface *ifp;
+    bool ret = false;
+    debug_decl(set_interfaces, SUDOERS_DEBUG_NETIF)
+
+    if ((addrinfo = strdup(ai)) == NULL)
+	debug_return_bool(false);
+    for (addr = strtok_r(addrinfo, " \t", &last); addr != NULL; addr = strtok_r(NULL, " \t", &last)) {
+	/* Separate addr and mask. */
+	if ((mask = strchr(addr, '/')) == NULL)
+	    continue;
+	*mask++ = '\0';
+
+	/* Parse addr and store in list. */
+	if ((ifp = calloc(1, sizeof(*ifp))) == NULL) {
+	    sudo_warnx(U_("%s: %s"), __func__, U_("unable to allocate memory"));
+	    goto done;
+	}
+	if (strchr(addr, ':')) {
+	    /* IPv6 */
+#ifdef HAVE_STRUCT_IN6_ADDR
+	    ifp->family = AF_INET6;
+	    if (inet_pton(AF_INET6, addr, &ifp->addr.ip6) != 1) {
+		sudo_warnx(U_("unable to parse IP address \"%s\""), addr);
+		free(ifp);
+		goto done;
+	    }
+	    if (inet_pton(AF_INET6, mask, &ifp->netmask.ip6) != 1) {
+		sudo_warnx(U_("unable to parse netmask \"%s\""), mask);
+		free(ifp);
+		goto done;
+	    }
+#else
+	    free(ifp);
+	    continue;
+#endif
+	} else {
+	    /* IPv4 */
+	    ifp->family = AF_INET;
+	    if (inet_pton(AF_INET, addr, &ifp->addr.ip4) != 1) {
+		sudo_warnx(U_("unable to parse IP address \"%s\""), addr);
+		free(ifp);
+		goto done;
+	    }
+	    if (inet_pton(AF_INET, mask, &ifp->netmask.ip4) != 1) {
+		sudo_warnx(U_("unable to parse netmask \"%s\""), mask);
+		free(ifp);
+		goto done;
+	    }
+	}
+	SLIST_INSERT_HEAD(&interfaces, ifp, entries);
+    }
+    ret = true;
+
+done:
+    free(addrinfo);
+    debug_return_bool(ret);
+}
+
+struct interface_list *
+get_interfaces(void)
+{
+    return &interfaces;
+}
+
+void
+dump_interfaces(const char *ai)
+{
+    const char *cp, *ep;
+    const char *ai_end = ai + strlen(ai);
+    debug_decl(set_interfaces, SUDOERS_DEBUG_NETIF)
+
+    sudo_printf(SUDO_CONV_INFO_MSG,
+	_("Local IP address and netmask pairs:\n"));
+    cp = sudo_strsplit(ai, ai_end, " \t", &ep);
+    while (cp != NULL) {
+	sudo_printf(SUDO_CONV_INFO_MSG, "\t%.*s\n", (int)(ep - cp), cp);
+	cp = sudo_strsplit(NULL, ai_end, " \t", &ep);
+    }
+
+    debug_return;
+}
diff --git a/plugins/sudoers/interfaces.h b/plugins/sudoers/interfaces.h
new file mode 100644
index 0000000..73e55b4
--- /dev/null
+++ b/plugins/sudoers/interfaces.h
@@ -0,0 +1,55 @@
+/*
+ * Copyright (c) 1996, 1998-2005, 2007, 2010-2013
+ *	Todd C. Miller <Todd.Miller@sudo.ws>
+ *
+ * Permission to use, copy, modify, and distribute this software for any
+ * purpose with or without fee is hereby granted, provided that the above
+ * copyright notice and this permission notice appear in all copies.
+ *
+ * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
+ * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
+ * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
+ * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
+ * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
+ * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
+ * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
+ *
+ * Sponsored in part by the Defense Advanced Research Projects
+ * Agency (DARPA) and Air Force Research Laboratory, Air Force
+ * Materiel Command, USAF, under agreement number F39502-99-1-0512.
+ */
+
+#ifndef SUDOERS_INTERFACES_H
+#define SUDOERS_INTERFACES_H
+
+/*
+ * Union to hold either strucr in_addr or in6_add
+ */
+union sudo_in_addr_un {
+    struct in_addr ip4;
+#ifdef HAVE_STRUCT_IN6_ADDR
+    struct in6_addr ip6;
+#endif
+};
+
+/*
+ * IP address and netmask pairs for checking against local interfaces.
+ */
+struct interface {
+    SLIST_ENTRY(interface) entries;
+    unsigned int family;	/* AF_INET or AF_INET6 */
+    union sudo_in_addr_un addr;
+    union sudo_in_addr_un netmask;
+};
+
+SLIST_HEAD(interface_list, interface);
+
+/*
+ * Prototypes for external functions.
+ */
+int get_net_ifs(char **addrinfo);
+void dump_interfaces(const char *);
+bool set_interfaces(const char *);
+struct interface_list *get_interfaces(void);
+
+#endif /* SUDOERS_INTERFACES_H */
diff --git a/plugins/sudoers/iolog.c b/plugins/sudoers/iolog.c
new file mode 100644
index 0000000..b746c61
--- /dev/null
+++ b/plugins/sudoers/iolog.c
@@ -0,0 +1,1292 @@
+/*
+ * Copyright (c) 2009-2018 Todd C. Miller <Todd.Miller@sudo.ws>
+ *
+ * Permission to use, copy, modify, and distribute this software for any
+ * purpose with or without fee is hereby granted, provided that the above
+ * copyright notice and this permission notice appear in all copies.
+ *
+ * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
+ * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
+ * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
+ * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
+ * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
+ * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
+ * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
+ */
+
+/*
+ * This is an open source non-commercial project. Dear PVS-Studio, please check it.
+ * PVS-Studio Static Code Analyzer for C, C++ and C#: http://www.viva64.com
+ */
+
+#include <config.h>
+
+#include <sys/types.h>
+#include <sys/stat.h>
+#include <stdio.h>
+#include <stdlib.h>
+#ifdef HAVE_STRING_H
+# include <string.h>
+#endif /* HAVE_STRING_H */
+#ifdef HAVE_STRINGS_H
+# include <strings.h>
+#endif /* HAVE_STRINGS_H */
+#include <unistd.h>
+#include <time.h>
+#include <errno.h>
+#include <fcntl.h>
+#include <signal.h>
+#include <pwd.h>
+#include <grp.h>
+
+#include "sudoers.h"
+#include "iolog.h"
+#include "iolog_files.h"
+
+/* XXX - separate sudoers.h and iolog.h? */
+#undef runas_pw
+#undef runas_gr
+
+struct iolog_details {
+    const char *cwd;
+    const char *tty;
+    const char *user;
+    const char *command;
+    const char *iolog_path;
+    struct passwd *runas_pw;
+    struct group *runas_gr;
+    int lines;
+    int cols;
+    bool ignore_iolog_errors;
+};
+
+static struct iolog_details iolog_details;
+static bool iolog_compress = false;
+static bool warned = false;
+static struct timespec last_time;
+static unsigned int sessid_max = SESSID_MAX;
+static mode_t iolog_filemode = S_IRUSR|S_IWUSR;
+static mode_t iolog_dirmode = S_IRWXU;
+static bool iolog_gid_set;
+
+/* shared with set_perms.c */
+uid_t iolog_uid = ROOT_UID;
+gid_t iolog_gid = ROOT_GID;
+
+/* sudoers_io is declared at the end of this file. */
+extern __dso_public struct io_plugin sudoers_io;
+
+/*
+ * Create directory and any parent directories as needed.
+ */
+static bool
+io_mkdirs(char *path)
+{
+    struct stat sb;
+    bool ok, uid_changed = false;
+    debug_decl(io_mkdirs, SUDOERS_DEBUG_UTIL)
+
+    ok = stat(path, &sb) == 0;
+    if (!ok && errno == EACCES) {
+	/* Try again as the I/O log owner (for NFS). */
+	if (set_perms(PERM_IOLOG)) {
+	    ok = stat(path, &sb) == 0;
+	    if (!restore_perms())
+		ok = false;
+	}
+    }
+    if (ok) {
+	if (S_ISDIR(sb.st_mode)) {
+	    if (sb.st_uid != iolog_uid || sb.st_gid != iolog_gid) {
+		if (chown(path, iolog_uid, iolog_gid) != 0) {
+		    sudo_debug_printf(SUDO_DEBUG_ERROR|SUDO_DEBUG_ERRNO,
+			"%s: unable to chown %d:%d %s", __func__,
+			(int)iolog_uid, (int)iolog_gid, path);
+		}
+	    }
+	    if ((sb.st_mode & ALLPERMS) != iolog_dirmode) {
+		if (chmod(path, iolog_dirmode) != 0) {
+		    sudo_debug_printf(SUDO_DEBUG_ERROR|SUDO_DEBUG_ERRNO,
+			"%s: unable to chmod 0%o %s", __func__,
+			(int)iolog_dirmode, path);
+		}
+	    }
+	} else {
+	    sudo_warnx(U_("%s exists but is not a directory (0%o)"),
+		path, (unsigned int) sb.st_mode);
+	    ok = false;
+	}
+	goto done;
+    }
+
+    ok = sudo_mkdir_parents(path, iolog_uid, iolog_gid, iolog_dirmode, true);
+    if (!ok && errno == EACCES) {
+	/* Try again as the I/O log owner (for NFS). */
+	uid_changed = set_perms(PERM_IOLOG);
+	ok = sudo_mkdir_parents(path, -1, -1, iolog_dirmode, false);
+    }
+    if (ok) {
+	/* Create final path component. */
+	sudo_debug_printf(SUDO_DEBUG_DEBUG|SUDO_DEBUG_LINENO,
+	    "mkdir %s, mode 0%o", path, (unsigned int) iolog_dirmode);
+	ok = mkdir(path, iolog_dirmode) == 0 || errno == EEXIST;
+	if (!ok) {
+	    if (errno == EACCES && !uid_changed) {
+		/* Try again as the I/O log owner (for NFS). */
+		uid_changed = set_perms(PERM_IOLOG);
+		ok = mkdir(path, iolog_dirmode) == 0 || errno == EEXIST;
+	    }
+	    if (!ok)
+		sudo_warn(U_("unable to mkdir %s"), path);
+	} else {
+	    if (chown(path, iolog_uid, iolog_gid) != 0) {
+		sudo_debug_printf(SUDO_DEBUG_ERROR|SUDO_DEBUG_ERRNO,
+		    "%s: unable to chown %d:%d %s", __func__,
+		    (int)iolog_uid, (int)iolog_gid, path);
+	    }
+	}
+    }
+    if (uid_changed) {
+	if (!restore_perms())
+	    ok = false;
+    }
+done:
+    debug_return_bool(ok);
+}
+
+/*
+ * Create temporary directory and any parent directories as needed.
+ */
+static bool
+io_mkdtemp(char *path)
+{
+    bool ok, uid_changed = false;
+    debug_decl(io_mkdtemp, SUDOERS_DEBUG_UTIL)
+
+    ok = sudo_mkdir_parents(path, iolog_uid, iolog_gid, iolog_dirmode, true);
+    if (!ok && errno == EACCES) {
+	/* Try again as the I/O log owner (for NFS). */
+	uid_changed = set_perms(PERM_IOLOG);
+	ok = sudo_mkdir_parents(path, -1, -1, iolog_dirmode, false);
+    }
+    if (ok) {
+	/* Create final path component. */
+	sudo_debug_printf(SUDO_DEBUG_DEBUG|SUDO_DEBUG_LINENO,
+	    "mkdtemp %s", path);
+	/* We cannot retry mkdtemp() so always use PERM_IOLOG */
+	if (!uid_changed)
+	    uid_changed = set_perms(PERM_IOLOG);
+	if (mkdtemp(path) == NULL) {
+	    sudo_warn(U_("unable to mkdir %s"), path);
+	    ok = false;
+	} else {
+	    if (chmod(path, iolog_dirmode) != 0) {
+		sudo_warn(U_("unable to change mode of %s to 0%o"),
+		    path, (unsigned int)iolog_dirmode);
+	    }
+	}
+    }
+
+    if (uid_changed) {
+	if (!restore_perms())
+	    ok = false;
+    }
+    debug_return_bool(ok);
+}
+
+/*
+ * Set max session ID (aka sequence number)
+ */
+static bool
+io_set_max_sessid(const char *maxval)
+{
+    const char *errstr;
+    unsigned int value;
+    debug_decl(io_set_max_sessid, SUDOERS_DEBUG_UTIL)
+
+    value = strtonum(maxval, 0, SESSID_MAX, &errstr);
+    if (errstr != NULL) {
+	if (errno != ERANGE) {
+	    sudo_debug_printf(SUDO_DEBUG_ERROR|SUDO_DEBUG_LINENO,
+		"bad maxseq: %s: %s", maxval, errstr);
+	    debug_return_bool(false);
+	}
+	/* Out of range, clamp to SESSID_MAX as documented. */
+	value = SESSID_MAX;
+    }
+    sessid_max = value;
+    debug_return_bool(true);
+}
+
+/*
+ * Sudoers callback for maxseq Defaults setting.
+ */
+bool
+cb_maxseq(const union sudo_defs_val *sd_un)
+{
+    debug_decl(cb_maxseq, SUDOERS_DEBUG_UTIL)
+
+    /* Clamp value to SESSID_MAX as documented. */
+    sessid_max = sd_un->uival < SESSID_MAX ? sd_un->uival : SESSID_MAX;
+    debug_return_bool(true);
+}
+
+/*
+ * Look up I/O log user ID from user name.  Sets iolog_uid.
+ * Also sets iolog_gid if iolog_group not specified.
+ */
+static bool
+iolog_set_user(const char *name)
+{
+    struct passwd *pw;
+    debug_decl(iolog_set_user, SUDOERS_DEBUG_UTIL)
+
+    if (name != NULL) {
+	pw = sudo_getpwnam(name);
+	if (pw != NULL) {
+	    iolog_uid = pw->pw_uid;
+	    if (!iolog_gid_set)
+		iolog_gid = pw->pw_gid;
+	    sudo_pw_delref(pw);
+	} else {
+	    log_warningx(SLOG_SEND_MAIL,
+		N_("unknown user: %s"), name);
+	}
+    } else {
+	/* Reset to default. */
+	iolog_uid = ROOT_UID;
+	if (!iolog_gid_set)
+	    iolog_gid = ROOT_GID;
+    }
+
+    debug_return_bool(true);
+}
+
+/*
+ * Sudoers callback for iolog_user Defaults setting.
+ */
+bool
+cb_iolog_user(const union sudo_defs_val *sd_un)
+{
+    return iolog_set_user(sd_un->str);
+}
+
+/*
+ * Look up I/O log group ID from group name.
+ * Sets iolog_gid.
+ */
+static bool
+iolog_set_group(const char *name)
+{
+    struct group *gr;
+    debug_decl(iolog_set_group, SUDOERS_DEBUG_UTIL)
+
+    if (name != NULL) {
+	gr = sudo_getgrnam(name);
+	if (gr != NULL) {
+	    iolog_gid = gr->gr_gid;
+	    iolog_gid_set = true;
+	    sudo_gr_delref(gr);
+	} else {
+	    log_warningx(SLOG_SEND_MAIL,
+		N_("unknown group: %s"), name);
+	}
+    } else {
+	/* Reset to default. */
+	iolog_gid = ROOT_GID;
+	iolog_gid_set = false;
+    }
+
+    debug_return_bool(true);
+}
+
+/*
+ * Look up I/O log group ID from group name.
+ */
+bool
+cb_iolog_group(const union sudo_defs_val *sd_un)
+{
+    return iolog_set_group(sd_un->str);
+}
+
+/*
+ * Set iolog_filemode and iolog_dirmode.
+ */
+static bool
+iolog_set_mode(mode_t mode)
+{
+    debug_decl(iolog_set_mode, SUDOERS_DEBUG_UTIL)
+
+    /* I/O log files must be readable and writable by owner. */
+    iolog_filemode = S_IRUSR|S_IWUSR;
+
+    /* Add in group and other read/write if specified. */
+    iolog_filemode |= mode & (S_IRGRP|S_IWGRP|S_IROTH|S_IWOTH);
+
+    /* For directory mode, add execute bits as needed. */
+    iolog_dirmode = iolog_filemode | S_IXUSR;
+    if (iolog_dirmode & (S_IRGRP|S_IWGRP))
+	iolog_dirmode |= S_IXGRP;
+    if (iolog_dirmode & (S_IROTH|S_IWOTH))
+	iolog_dirmode |= S_IXOTH;
+
+    debug_return_bool(true);
+}
+
+/*
+ * Sudoers callback for iolog_mode Defaults setting.
+ */
+bool
+cb_iolog_mode(const union sudo_defs_val *sd_un)
+{
+    return iolog_set_mode(sd_un->mode);
+}
+
+/*
+ * Wrapper for open(2) that retries with PERM_IOLOG if open(2)
+ * returns EACCES.
+ */
+static int
+io_open(const char *path, int flags, mode_t perm)
+{
+    int fd;
+    debug_decl(io_open, SUDOERS_DEBUG_UTIL)
+
+    fd = open(path, flags, perm);
+    if (fd == -1 && errno == EACCES) {
+	/* Try again as the I/O log owner (for NFS). */
+	if (set_perms(PERM_IOLOG)) {
+	    fd = open(path, flags, perm);
+	    if (!restore_perms()) {
+		/* restore_perms() warns on error. */
+		if (fd != -1) {
+		    close(fd);
+		    fd = -1;
+		}
+	    }
+	}
+    }
+    debug_return_int(fd);
+}
+
+/*
+ * Read the on-disk sequence number, set sessid to the next
+ * number, and update the on-disk copy.
+ * Uses file locking to avoid sequence number collisions.
+ */
+bool
+io_nextid(char *iolog_dir, char *iolog_dir_fallback, char sessid[7])
+{
+    struct stat sb;
+    char buf[32], *ep;
+    int i, len, fd = -1;
+    unsigned long id = 0;
+    mode_t omask;
+    ssize_t nread;
+    bool ret = false;
+    char pathbuf[PATH_MAX];
+    static const char b36char[] = "0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZ";
+    debug_decl(io_nextid, SUDOERS_DEBUG_UTIL)
+
+    /* umask must not be more restrictive than the file modes. */
+    omask = umask(ACCESSPERMS & ~(iolog_filemode|iolog_dirmode));
+
+    /*
+     * Create I/O log directory if it doesn't already exist.
+     */
+    if (!io_mkdirs(iolog_dir))
+	goto done;
+
+    /*
+     * Open sequence file
+     */
+    len = snprintf(pathbuf, sizeof(pathbuf), "%s/seq", iolog_dir);
+    if (len <= 0 || (size_t)len >= sizeof(pathbuf)) {
+	errno = ENAMETOOLONG;
+	log_warning(SLOG_SEND_MAIL, "%s/seq", pathbuf);
+	goto done;
+    }
+    fd = io_open(pathbuf, O_RDWR|O_CREAT, iolog_filemode);
+    if (fd == -1) {
+	log_warning(SLOG_SEND_MAIL, N_("unable to open %s"), pathbuf);
+	goto done;
+    }
+    sudo_lock_file(fd, SUDO_LOCK);
+    if (fchown(fd, iolog_uid, iolog_gid) != 0) {
+	sudo_debug_printf(SUDO_DEBUG_ERROR|SUDO_DEBUG_ERRNO,
+	    "%s: unable to fchown %d:%d %s", __func__,
+	    (int)iolog_uid, (int)iolog_gid, pathbuf);
+    }
+
+    /*
+     * If there is no seq file in iolog_dir and a fallback dir was
+     * specified, look for seq in the fallback dir.  This is to work
+     * around a bug in sudo 1.8.5 and older where iolog_dir was not
+     * expanded before the sequence number was updated.
+     */
+    if (iolog_dir_fallback != NULL && fstat(fd, &sb) == 0 && sb.st_size == 0) {
+	char fallback[PATH_MAX];
+
+	len = snprintf(fallback, sizeof(fallback), "%s/seq",
+	    iolog_dir_fallback);
+	if (len > 0 && (size_t)len < sizeof(fallback)) {
+	    int fd2 = io_open(fallback, O_RDWR|O_CREAT, iolog_filemode);
+	    if (fd2 != -1) {
+		if (fchown(fd2, iolog_uid, iolog_gid) != 0) {
+		    sudo_debug_printf(SUDO_DEBUG_ERROR|SUDO_DEBUG_ERRNO,
+			"%s: unable to fchown %d:%d %s", __func__,
+			(int)iolog_uid, (int)iolog_gid, fallback);
+		}
+		nread = read(fd2, buf, sizeof(buf) - 1);
+		if (nread > 0) {
+		    if (buf[nread - 1] == '\n')
+			nread--;
+		    buf[nread] = '\0';
+		    id = strtoul(buf, &ep, 36);
+		    if (ep == buf || *ep != '\0' || id >= sessid_max) {
+			sudo_debug_printf(SUDO_DEBUG_ERROR|SUDO_DEBUG_LINENO,
+			    "%s: bad sequence number: %s", fallback, buf);
+			id = 0;
+		    }
+		}
+		close(fd2);
+	    }
+	}
+    }
+
+    /* Read current seq number (base 36). */
+    if (id == 0) {
+	nread = read(fd, buf, sizeof(buf) - 1);
+	if (nread != 0) {
+	    if (nread == -1) {
+		log_warning(SLOG_SEND_MAIL, N_("unable to read %s"), pathbuf);
+		goto done;
+	    }
+	    if (buf[nread - 1] == '\n')
+		nread--;
+	    buf[nread] = '\0';
+	    id = strtoul(buf, &ep, 36);
+	    if (ep == buf || *ep != '\0' || id >= sessid_max) {
+		sudo_debug_printf(SUDO_DEBUG_ERROR|SUDO_DEBUG_LINENO,
+		    "%s: bad sequence number: %s", pathbuf, buf);
+		id = 0;
+	    }
+	}
+    }
+    id++;
+
+    /*
+     * Convert id to a string and stash in sessid.
+     * Note that that least significant digits go at the end of the string.
+     */
+    for (i = 5; i >= 0; i--) {
+	buf[i] = b36char[id % 36];
+	id /= 36;
+    }
+    buf[6] = '\n';
+
+    /* Stash id for logging purposes. */
+    memcpy(sessid, buf, 6);
+    sessid[6] = '\0';
+
+    /* Rewind and overwrite old seq file, including the NUL byte. */
+#ifdef HAVE_PWRITE
+    if (pwrite(fd, buf, 7, 0) != 7) {
+#else
+    if (lseek(fd, 0, SEEK_SET) == -1 || write(fd, buf, 7) != 7) {
+#endif
+	log_warning(SLOG_SEND_MAIL, N_("unable to write to %s"), pathbuf);
+	warned = true;
+	goto done;
+    }
+    ret = true;
+
+done:
+    umask(omask);
+    if (fd != -1)
+	close(fd);
+    debug_return_bool(ret);
+}
+
+/*
+ * Copy iolog_path to pathbuf and create the directory and any intermediate
+ * directories.  If iolog_path ends in 'XXXXXX', use mkdtemp().
+ * Returns SIZE_MAX on error.
+ */
+static size_t
+mkdir_iopath(const char *iolog_path, char *pathbuf, size_t pathsize)
+{
+    size_t len;
+    bool ok;
+    debug_decl(mkdir_iopath, SUDOERS_DEBUG_UTIL)
+
+    len = strlcpy(pathbuf, iolog_path, pathsize);
+    if (len >= pathsize) {
+	errno = ENAMETOOLONG;
+	log_warning(SLOG_SEND_MAIL, "%s", iolog_path);
+	debug_return_size_t((size_t)-1);
+    }
+
+    /*
+     * Create path and intermediate subdirs as needed.
+     * If path ends in at least 6 Xs (ala POSIX mktemp), use mkdtemp().
+     * Sets iolog_gid (if it is not already set) as a side effect.
+     */
+    if (len >= 6 && strcmp(&pathbuf[len - 6], "XXXXXX") == 0)
+	ok = io_mkdtemp(pathbuf);
+    else
+	ok = io_mkdirs(pathbuf);
+
+    debug_return_size_t(ok ? len : (size_t)-1);
+}
+
+/*
+ * Append suffix to pathbuf after len chars and open the resulting file.
+ * Note that the size of pathbuf is assumed to be PATH_MAX.
+ * Uses zlib if docompress is true.
+ * Stores the open file handle which has the close-on-exec flag set.
+ */
+static bool
+open_io_fd(char *pathbuf, size_t len, struct io_log_file *iol, bool docompress)
+{
+    debug_decl(open_io_fd, SUDOERS_DEBUG_UTIL)
+
+    pathbuf[len] = '\0';
+    strlcat(pathbuf, iol->suffix, PATH_MAX);
+    if (iol->enabled) {
+	int fd = io_open(pathbuf, O_CREAT|O_TRUNC|O_WRONLY, iolog_filemode);
+	if (fd != -1) {
+	    if (fchown(fd, iolog_uid, iolog_gid) != 0) {
+		sudo_debug_printf(SUDO_DEBUG_ERROR|SUDO_DEBUG_ERRNO,
+		    "%s: unable to fchown %d:%d %s", __func__,
+		    (int)iolog_uid, (int)iolog_gid, pathbuf);
+	    }
+	    (void)fcntl(fd, F_SETFD, FD_CLOEXEC);
+#ifdef HAVE_ZLIB_H
+	    if (docompress)
+		iol->fd.g = gzdopen(fd, "w");
+	    else
+#endif
+		iol->fd.f = fdopen(fd, "w");
+	    if (iol->fd.v == NULL) {
+		close(fd);
+		fd = -1;
+	    }
+	}
+	if (fd == -1) {
+	    log_warning(SLOG_SEND_MAIL, N_("unable to create %s"), pathbuf);
+	    debug_return_bool(false);
+	}
+    } else {
+	/* Remove old log file if we recycled sequence numbers. */
+	unlink(pathbuf);
+    }
+    debug_return_bool(true);
+}
+
+/*
+ * Pull out I/O log related data from user_info and command_info arrays.
+ * Returns true if I/O logging is enabled, else false.
+ */
+static bool
+iolog_deserialize_info(struct iolog_details *details, char * const user_info[],
+    char * const command_info[])
+{
+    const char *runas_uid_str = "0", *runas_euid_str = NULL;
+    const char *runas_gid_str = "0", *runas_egid_str = NULL;
+    const char *errstr;
+    char idbuf[MAX_UID_T_LEN + 2];
+    char * const *cur;
+    id_t id;
+    uid_t runas_uid = 0;
+    gid_t runas_gid = 0;
+    debug_decl(iolog_deserialize_info, SUDOERS_DEBUG_UTIL)
+
+    details->lines = 24;
+    details->cols = 80;
+
+    for (cur = user_info; *cur != NULL; cur++) {
+	switch (**cur) {
+	case 'c':
+	    if (strncmp(*cur, "cols=", sizeof("cols=") - 1) == 0) {
+		int n = strtonum(*cur + sizeof("cols=") - 1, 1, INT_MAX, NULL);
+		if (n > 0)
+		    details->cols = n;
+		continue;
+	    }
+	    if (strncmp(*cur, "cwd=", sizeof("cwd=") - 1) == 0) {
+		details->cwd = *cur + sizeof("cwd=") - 1;
+		continue;
+	    }
+	    break;
+	case 'l':
+	    if (strncmp(*cur, "lines=", sizeof("lines=") - 1) == 0) {
+		int n = strtonum(*cur + sizeof("lines=") - 1, 1, INT_MAX, NULL);
+		if (n > 0)
+		    details->lines = n;
+		continue;
+	    }
+	    break;
+	case 't':
+	    if (strncmp(*cur, "tty=", sizeof("tty=") - 1) == 0) {
+		details->tty = *cur + sizeof("tty=") - 1;
+		continue;
+	    }
+	    break;
+	case 'u':
+	    if (strncmp(*cur, "user=", sizeof("user=") - 1) == 0) {
+		details->user = *cur + sizeof("user=") - 1;
+		continue;
+	    }
+	    break;
+	}
+    }
+
+    for (cur = command_info; *cur != NULL; cur++) {
+	switch (**cur) {
+	case 'c':
+	    if (strncmp(*cur, "command=", sizeof("command=") - 1) == 0) {
+		details->command = *cur + sizeof("command=") - 1;
+		continue;
+	    }
+	    break;
+	case 'i':
+	    if (strncmp(*cur, "ignore_iolog_errors=", sizeof("ignore_iolog_errors=") - 1) == 0) {
+		if (sudo_strtobool(*cur + sizeof("ignore_iolog_errors=") - 1) == true)
+		    details->ignore_iolog_errors = true;
+		continue;
+	    }
+	    if (strncmp(*cur, "iolog_path=", sizeof("iolog_path=") - 1) == 0) {
+		details->iolog_path = *cur + sizeof("iolog_path=") - 1;
+		continue;
+	    }
+	    if (strncmp(*cur, "iolog_stdin=", sizeof("iolog_stdin=") - 1) == 0) {
+		if (sudo_strtobool(*cur + sizeof("iolog_stdin=") - 1) == true)
+		    io_log_files[IOFD_STDIN].enabled = true;
+		continue;
+	    }
+	    if (strncmp(*cur, "iolog_stdout=", sizeof("iolog_stdout=") - 1) == 0) {
+		if (sudo_strtobool(*cur + sizeof("iolog_stdout=") - 1) == true)
+		    io_log_files[IOFD_STDOUT].enabled = true;
+		continue;
+	    }
+	    if (strncmp(*cur, "iolog_stderr=", sizeof("iolog_stderr=") - 1) == 0) {
+		if (sudo_strtobool(*cur + sizeof("iolog_stderr=") - 1) == true)
+		    io_log_files[IOFD_STDERR].enabled = true;
+		continue;
+	    }
+	    if (strncmp(*cur, "iolog_ttyin=", sizeof("iolog_ttyin=") - 1) == 0) {
+		if (sudo_strtobool(*cur + sizeof("iolog_ttyin=") - 1) == true)
+		    io_log_files[IOFD_TTYIN].enabled = true;
+		continue;
+	    }
+	    if (strncmp(*cur, "iolog_ttyout=", sizeof("iolog_ttyout=") - 1) == 0) {
+		if (sudo_strtobool(*cur + sizeof("iolog_ttyout=") - 1) == true)
+		    io_log_files[IOFD_TTYOUT].enabled = true;
+		continue;
+	    }
+	    if (strncmp(*cur, "iolog_compress=", sizeof("iolog_compress=") - 1) == 0) {
+		if (sudo_strtobool(*cur + sizeof("iolog_compress=") - 1) == true)
+		    iolog_compress = true; /* must be global */
+		continue;
+	    }
+	    if (strncmp(*cur, "iolog_mode=", sizeof("iolog_mode=") - 1) == 0) {
+		mode_t mode = sudo_strtomode(*cur + sizeof("iolog_mode=") - 1, &errstr);
+		if (errstr == NULL)
+		    iolog_set_mode(mode);
+		continue;
+	    }
+	    if (strncmp(*cur, "iolog_group=", sizeof("iolog_group=") - 1) == 0) {
+		iolog_set_group(*cur + sizeof("iolog_group=") - 1);
+		continue;
+	    }
+	    if (strncmp(*cur, "iolog_user=", sizeof("iolog_user=") - 1) == 0) {
+		iolog_set_user(*cur + sizeof("iolog_user=") - 1);
+		continue;
+	    }
+	    break;
+	case 'm':
+	    if (strncmp(*cur, "maxseq=", sizeof("maxseq=") - 1) == 0) {
+		io_set_max_sessid(*cur + sizeof("maxseq=") - 1);
+		continue;
+	    }
+	    break;
+	case 'r':
+	    if (strncmp(*cur, "runas_gid=", sizeof("runas_gid=") - 1) == 0) {
+		runas_gid_str = *cur + sizeof("runas_gid=") - 1;
+		continue;
+	    }
+	    if (strncmp(*cur, "runas_egid=", sizeof("runas_egid=") - 1) == 0) {
+		runas_egid_str = *cur + sizeof("runas_egid=") - 1;
+		continue;
+	    }
+	    if (strncmp(*cur, "runas_uid=", sizeof("runas_uid=") - 1) == 0) {
+		runas_uid_str = *cur + sizeof("runas_uid=") - 1;
+		continue;
+	    }
+	    if (strncmp(*cur, "runas_euid=", sizeof("runas_euid=") - 1) == 0) {
+		runas_euid_str = *cur + sizeof("runas_euid=") - 1;
+		continue;
+	    }
+	    break;
+	}
+    }
+
+    /*
+     * Lookup runas user and group, preferring effective over real uid/gid.
+     */
+    if (runas_euid_str != NULL)
+	runas_uid_str = runas_euid_str;
+    if (runas_uid_str != NULL) {
+	id = sudo_strtoid(runas_uid_str, NULL, NULL, &errstr);
+	if (errstr != NULL)
+	    sudo_warnx("runas uid %s: %s", runas_uid_str, U_(errstr));
+	else
+	    runas_uid = (uid_t)id;
+    }
+    if (runas_egid_str != NULL)
+	runas_gid_str = runas_egid_str;
+    if (runas_gid_str != NULL) {
+	id = sudo_strtoid(runas_gid_str, NULL, NULL, &errstr);
+	if (errstr != NULL)
+	    sudo_warnx("runas gid %s: %s", runas_gid_str, U_(errstr));
+	else
+	    runas_gid = (gid_t)id;
+    }
+
+    details->runas_pw = sudo_getpwuid(runas_uid);
+    if (details->runas_pw == NULL) {
+	idbuf[0] = '#';
+	strlcpy(&idbuf[1], runas_uid_str, sizeof(idbuf) - 1);
+	details->runas_pw = sudo_fakepwnam(idbuf, runas_gid);
+    }
+
+    if (runas_gid != details->runas_pw->pw_gid) {
+	details->runas_gr = sudo_getgrgid(runas_gid);
+	if (details->runas_gr == NULL) {
+	    idbuf[0] = '#';
+	    strlcpy(&idbuf[1], runas_gid_str, sizeof(idbuf) - 1);
+	    details->runas_gr = sudo_fakegrnam(idbuf);
+	}
+    }
+    debug_return_bool(
+	io_log_files[IOFD_STDIN].enabled || io_log_files[IOFD_STDOUT].enabled ||
+	io_log_files[IOFD_STDERR].enabled || io_log_files[IOFD_TTYIN].enabled ||
+	io_log_files[IOFD_TTYOUT].enabled);
+}
+
+/*
+ * Write the "/log" file that contains the user and command info.
+ * This file is not compressed.
+ */
+static bool
+write_info_log(char *pathbuf, size_t len, struct iolog_details *details,
+    char * const argv[])
+{
+    time_t now;
+    char * const *av;
+    FILE *fp;
+    int fd;
+    bool ret = true;
+    debug_decl(write_info_log, SUDOERS_DEBUG_UTIL)
+
+    pathbuf[len] = '\0';
+    strlcat(pathbuf, "/log", PATH_MAX);
+    fd = io_open(pathbuf, O_CREAT|O_TRUNC|O_WRONLY, iolog_filemode);
+    if (fd == -1 || (fp = fdopen(fd, "w")) == NULL) {
+	log_warning(SLOG_SEND_MAIL, N_("unable to create %s"), pathbuf);
+	debug_return_bool(false);
+    }
+    if (fchown(fd, iolog_uid, iolog_gid) != 0) {
+	sudo_debug_printf(SUDO_DEBUG_ERROR|SUDO_DEBUG_ERRNO,
+	    "%s: unable to fchown %d:%d %s", __func__,
+	    (int)iolog_uid, (int)iolog_gid, pathbuf);
+    }
+
+    fprintf(fp, "%lld:%s:%s:%s:%s:%d:%d\n%s\n%s", (long long)time(&now),
+	details->user ? details->user : "unknown", details->runas_pw->pw_name,
+	details->runas_gr ? details->runas_gr->gr_name : "",
+	details->tty ? details->tty : "unknown", details->lines, details->cols,
+	details->cwd ? details->cwd : "unknown",
+	details->command ? details->command : "unknown");
+    for (av = argv + 1; *av != NULL; av++) {
+	fputc(' ', fp);
+	fputs(*av, fp);
+    }
+    fputc('\n', fp);
+    fflush(fp);
+    if (ferror(fp)) {
+	log_warning(SLOG_SEND_MAIL,
+	    N_("unable to write to I/O log file: %s"), strerror(errno));
+	warned = true;
+	ret = false;
+    }
+    fclose(fp);
+    debug_return_bool(ret);
+}
+
+#ifdef HAVE_ZLIB_H
+static const char *
+gzstrerror(gzFile file)
+{
+    int errnum;
+
+    return gzerror(file, &errnum);
+}
+#endif /* HAVE_ZLIB_H */
+
+/*
+ * Write to an I/O log, compressing if iolog_compress is enabled.
+ * If def_iolog_flush is true, flush the buffer immediately.
+ */
+static const char *
+iolog_write(union io_fd ifd, const void *buf, unsigned int len)
+{
+    const char *errstr = NULL;
+    debug_decl(iolog_write, SUDOERS_DEBUG_PLUGIN)
+
+#ifdef HAVE_ZLIB_H
+    if (iolog_compress) {
+	if (gzwrite(ifd.g, (const voidp)buf, len) != (int)len) {
+	    errstr = gzstrerror(ifd.g);
+	    goto done;
+	}
+	if (def_iolog_flush) {
+	    if (gzflush(ifd.g, Z_SYNC_FLUSH) != Z_OK) {
+		errstr = gzstrerror(ifd.g);
+		goto done;
+	    }
+	}
+    } else
+#endif
+    {
+	if (fwrite(buf, 1, len, ifd.f) != len) {
+	    errstr = strerror(errno);
+	    goto done;
+	}
+	if (def_iolog_flush) {
+	    if (fflush(ifd.f) != 0) {
+		errstr = strerror(errno);
+		goto done;
+	    }
+	}
+    }
+
+done:
+    debug_return_const_str(errstr);
+}
+
+static int
+sudoers_io_open(unsigned int version, sudo_conv_t conversation,
+    sudo_printf_t plugin_printf, char * const settings[],
+    char * const user_info[], char * const command_info[],
+    int argc, char * const argv[], char * const user_env[], char * const args[])
+{
+    struct sudo_conf_debug_file_list debug_files = TAILQ_HEAD_INITIALIZER(debug_files);
+    char pathbuf[PATH_MAX], sessid[7];
+    char *tofree = NULL;
+    char * const *cur;
+    const char *cp, *plugin_path = NULL;
+    size_t len;
+    mode_t omask;
+    int i, ret = -1;
+    debug_decl(sudoers_io_open, SUDOERS_DEBUG_PLUGIN)
+
+    sudo_conv = conversation;
+    sudo_printf = plugin_printf;
+
+    /* If we have no command (because -V was specified) just return. */
+    if (argc == 0)
+	debug_return_int(true);
+
+    bindtextdomain("sudoers", LOCALEDIR);
+
+    /* Initialize the debug subsystem.  */
+    for (cur = settings; (cp = *cur) != NULL; cur++) {
+	if (strncmp(cp, "debug_flags=", sizeof("debug_flags=") - 1) == 0) {
+	    cp += sizeof("debug_flags=") - 1;
+	    if (!sudoers_debug_parse_flags(&debug_files, cp))
+		debug_return_int(-1);
+	    continue;
+	}
+	if (strncmp(cp, "plugin_path=", sizeof("plugin_path=") - 1) == 0) {
+	    plugin_path = cp + sizeof("plugin_path=") - 1;
+	    continue;
+	}
+    }
+
+    /* umask must not be more restrictive than the file modes. */
+    omask = umask(ACCESSPERMS & ~(iolog_filemode|iolog_dirmode));
+
+    if (!sudoers_debug_register(plugin_path, &debug_files)) {
+	ret = -1;
+	goto done;
+    }
+
+    /*
+     * Pull iolog settings out of command_info.
+     */
+    if (!iolog_deserialize_info(&iolog_details, user_info, command_info)) {
+	ret = false;
+	goto done;
+    }
+
+    /* If no I/O log path defined we need to figure it out ourselves. */
+    if (iolog_details.iolog_path == NULL) {
+	/* Get next session ID and convert it into a path. */
+	tofree = malloc(sizeof(_PATH_SUDO_IO_LOGDIR) + sizeof(sessid) + 2);
+	if (tofree == NULL) {
+	    sudo_warnx(U_("%s: %s"), __func__, U_("unable to allocate memory"));
+	    goto done;
+	}
+	memcpy(tofree, _PATH_SUDO_IO_LOGDIR, sizeof(_PATH_SUDO_IO_LOGDIR));
+	if (!io_nextid(tofree, NULL, sessid)) {
+	    ret = false;
+	    goto done;
+	}
+	snprintf(tofree + sizeof(_PATH_SUDO_IO_LOGDIR), sizeof(sessid) + 2,
+	    "%c%c/%c%c/%c%c", sessid[0], sessid[1], sessid[2], sessid[3],
+	    sessid[4], sessid[5]);
+	iolog_details.iolog_path = tofree;
+    }
+
+    /*
+     * Make local copy of I/O log path and create it, along with any
+     * intermediate subdirs.  Calls mkdtemp() if iolog_path ends in XXXXXX.
+     */
+    len = mkdir_iopath(iolog_details.iolog_path, pathbuf, sizeof(pathbuf));
+    if (len >= sizeof(pathbuf))
+	goto done;
+
+    /* Write log file with user and command details. */
+    if (!write_info_log(pathbuf, len, &iolog_details, argv))
+	goto done;
+
+    /* Create the timing and I/O log files. */
+    for (i = 0; i < IOFD_MAX; i++) {
+	if (!open_io_fd(pathbuf, len, &io_log_files[i], iolog_compress))
+	    goto done;
+    }
+
+    /*
+     * Clear I/O log function pointers for disabled log functions.
+     */
+    if (!io_log_files[IOFD_STDIN].enabled)
+	sudoers_io.log_stdin = NULL;
+    if (!io_log_files[IOFD_STDOUT].enabled)
+	sudoers_io.log_stdout = NULL;
+    if (!io_log_files[IOFD_STDERR].enabled)
+	sudoers_io.log_stderr = NULL;
+    if (!io_log_files[IOFD_TTYIN].enabled)
+	sudoers_io.log_ttyin = NULL;
+    if (!io_log_files[IOFD_TTYOUT].enabled)
+	sudoers_io.log_ttyout = NULL;
+
+    if (sudo_gettime_awake(&last_time) == -1) {
+	sudo_debug_printf(SUDO_DEBUG_ERROR|SUDO_DEBUG_ERRNO,
+	    "%s: unable to get time of day", __func__);
+	goto done;
+    }
+
+    ret = true;
+
+done:
+    umask(omask);
+    free(tofree);
+    if (iolog_details.runas_pw)
+	sudo_pw_delref(iolog_details.runas_pw);
+    if (iolog_details.runas_gr)
+	sudo_gr_delref(iolog_details.runas_gr);
+    sudo_freepwcache();
+    sudo_freegrcache();
+
+    /* Ignore errors if they occur if the policy says so. */
+    if (ret == -1 && iolog_details.ignore_iolog_errors)
+	ret = 0;
+
+    debug_return_int(ret);
+}
+
+static void
+sudoers_io_close(int exit_status, int error)
+{
+    const char *errstr = NULL;
+    int i;
+    debug_decl(sudoers_io_close, SUDOERS_DEBUG_PLUGIN)
+
+    for (i = 0; i < IOFD_MAX; i++) {
+	if (io_log_files[i].fd.v == NULL)
+	    continue;
+#ifdef HAVE_ZLIB_H
+	if (iolog_compress) {
+	    int errnum;
+
+	    if (gzclose(io_log_files[i].fd.g) != Z_OK)
+		errstr = gzerror(io_log_files[i].fd.g, &errnum);
+	} else
+#endif
+	if (fclose(io_log_files[i].fd.f) != 0)
+	    errstr = strerror(errno);
+    }
+
+    if (errstr != NULL && !warned) {
+	/* Only warn about I/O log file errors once. */
+	log_warning(SLOG_SEND_MAIL,
+	    N_("unable to write to I/O log file: %s"), errstr);
+	warned = true;
+    }
+
+    sudoers_debug_deregister();
+
+    return;
+}
+
+static int
+sudoers_io_version(int verbose)
+{
+    debug_decl(sudoers_io_version, SUDOERS_DEBUG_PLUGIN)
+
+    sudo_printf(SUDO_CONV_INFO_MSG, "Sudoers I/O plugin version %s\n",
+	PACKAGE_VERSION);
+
+    debug_return_int(true);
+}
+
+/*
+ * Generic I/O logging function.  Called by the I/O logging entry points.
+ * Returns 1 on success and -1 on error.
+ */
+static int
+sudoers_io_log(union io_fd ifd, const char *buf, unsigned int len, int event)
+{
+    struct timespec now, delay;
+    char tbuf[1024];
+    const char *errstr = NULL;
+    int ret = -1;
+    debug_decl(sudoers_io_log, SUDOERS_DEBUG_PLUGIN)
+
+    if (ifd.v == NULL) {
+	sudo_warnx(U_("%s: internal error, I/O log file for event %d not open"),
+	    __func__, event);
+	debug_return_int(-1);
+    }
+
+    if (sudo_gettime_awake(&now) == -1) {
+	sudo_debug_printf(SUDO_DEBUG_ERROR|SUDO_DEBUG_ERRNO,
+	    "%s: unable to get time of day", __func__);
+	errstr = strerror(errno);
+	goto bad;
+    }
+
+    /* Write I/O log file entry. */
+    errstr = iolog_write(ifd, buf, len);
+    if (errstr != NULL)
+	goto done;
+
+    /* Write timing file entry. */
+    sudo_timespecsub(&now, &last_time, &delay);
+    len = (unsigned int)snprintf(tbuf, sizeof(tbuf), "%d %lld.%09ld %u\n",
+	event, (long long)delay.tv_sec, delay.tv_nsec, len);
+    if (len >= sizeof(tbuf)) {
+	/* Not actually possible due to the size of tbuf[]. */
+	errstr = strerror(EOVERFLOW);
+	goto done;
+    }
+    errstr = iolog_write(io_log_files[IOFD_TIMING].fd, tbuf, len);
+    if (errstr != NULL)
+	goto done;
+
+    /* Success. */
+    ret = 1;
+
+done:
+    last_time.tv_sec = now.tv_sec;
+    last_time.tv_nsec = now.tv_nsec;
+
+bad:
+    if (ret == -1) {
+	if (errstr != NULL && !warned) {
+	    /* Only warn about I/O log file errors once. */
+	    log_warning(SLOG_SEND_MAIL,
+		N_("unable to write to I/O log file: %s"), errstr);
+	    warned = true;
+	}
+
+	/* Ignore errors if they occur if the policy says so. */
+	if (iolog_details.ignore_iolog_errors)
+	    ret = 1;
+    }
+
+    debug_return_int(ret);
+}
+
+static int
+sudoers_io_log_stdin(const char *buf, unsigned int len)
+{
+    const union io_fd ifd = io_log_files[IOFD_STDIN].fd;
+
+    return sudoers_io_log(ifd, buf, len, IO_EVENT_STDIN);
+}
+
+static int
+sudoers_io_log_stdout(const char *buf, unsigned int len)
+{
+    const union io_fd ifd = io_log_files[IOFD_STDOUT].fd;
+
+    return sudoers_io_log(ifd, buf, len, IO_EVENT_STDOUT);
+}
+
+static int
+sudoers_io_log_stderr(const char *buf, unsigned int len)
+{
+    const union io_fd ifd = io_log_files[IOFD_STDERR].fd;
+
+    return sudoers_io_log(ifd, buf, len, IO_EVENT_STDERR);
+}
+
+static int
+sudoers_io_log_ttyin(const char *buf, unsigned int len)
+{
+    const union io_fd ifd = io_log_files[IOFD_TTYIN].fd;
+
+    return sudoers_io_log(ifd, buf, len, IO_EVENT_TTYIN);
+}
+
+static int
+sudoers_io_log_ttyout(const char *buf, unsigned int len)
+{
+    const union io_fd ifd = io_log_files[IOFD_TTYOUT].fd;
+
+    return sudoers_io_log(ifd, buf, len, IO_EVENT_TTYOUT);
+}
+
+static int
+sudoers_io_change_winsize(unsigned int lines, unsigned int cols)
+{
+    struct timespec now, delay;
+    unsigned int len;
+    char tbuf[1024];
+    const char *errstr = NULL;
+    int ret = -1;
+    debug_decl(sudoers_io_change_winsize, SUDOERS_DEBUG_PLUGIN)
+
+    if (sudo_gettime_awake(&now) == -1) {
+	sudo_debug_printf(SUDO_DEBUG_ERROR|SUDO_DEBUG_ERRNO,
+	    "%s: unable to get time of day", __func__);
+	errstr = strerror(errno);
+	goto bad;
+    }
+
+    /* Write window change event to the timing file. */
+    sudo_timespecsub(&now, &last_time, &delay);
+    len = (unsigned int)snprintf(tbuf, sizeof(tbuf), "%d %lld.%09ld %u %u\n",
+	IO_EVENT_WINSIZE, (long long)delay.tv_sec, delay.tv_nsec, lines, cols);
+    if (len >= sizeof(tbuf)) {
+	/* Not actually possible due to the size of tbuf[]. */
+	errstr = strerror(EOVERFLOW);
+	goto done;
+    }
+    errstr = iolog_write(io_log_files[IOFD_TIMING].fd, tbuf, len);
+    if (errstr != NULL)
+	goto done;
+
+    /* Success. */
+    ret = 1;
+
+done:
+    last_time.tv_sec = now.tv_sec;
+    last_time.tv_nsec = now.tv_nsec;
+
+bad:
+    if (ret == -1) {
+	if (errstr != NULL && !warned) {
+	    /* Only warn about I/O log file errors once. */
+	    log_warning(SLOG_SEND_MAIL,
+		N_("unable to write to I/O log file: %s"), errstr);
+	    warned = true;
+	}
+
+	/* Ignore errors if they occur if the policy says so. */
+	if (iolog_details.ignore_iolog_errors)
+	    ret = 1;
+    }
+
+    debug_return_int(ret);
+}
+
+static int
+sudoers_io_suspend(int signo)
+{
+    struct timespec now, delay;
+    unsigned int len;
+    char tbuf[1024];
+    const char *errstr = NULL;
+    int ret = -1;
+    debug_decl(sudoers_io_suspend, SUDOERS_DEBUG_PLUGIN)
+
+    if (signo <= 0) {
+	sudo_warnx(U_("%s: internal error, invalid signal %d"),
+	    __func__, signo);
+	debug_return_int(-1);
+    }
+
+    if (sudo_gettime_awake(&now) == -1) {
+	sudo_debug_printf(SUDO_DEBUG_ERROR|SUDO_DEBUG_ERRNO,
+	    "%s: unable to get time of day", __func__);
+	errstr = strerror(errno);
+	goto bad;
+    }
+
+    /* Write suspend event to the timing file. */
+    sudo_timespecsub(&now, &last_time, &delay);
+    len = (unsigned int)snprintf(tbuf, sizeof(tbuf), "%d %lld.%09ld %d\n",
+	IO_EVENT_SUSPEND, (long long)delay.tv_sec, delay.tv_nsec, signo);
+    if (len >= sizeof(tbuf)) {
+	/* Not actually possible due to the size of tbuf[]. */
+	errstr = strerror(EOVERFLOW);
+	goto done;
+    }
+    errstr = iolog_write(io_log_files[IOFD_TIMING].fd, tbuf, len);
+    if (errstr != NULL)
+	goto done;
+
+    /* Success. */
+    ret = 1;
+
+done:
+    last_time.tv_sec = now.tv_sec;
+    last_time.tv_nsec = now.tv_nsec;
+
+bad:
+    if (ret == -1) {
+	if (errstr != NULL && !warned) {
+	    /* Only warn about I/O log file errors once. */
+	    log_warning(SLOG_SEND_MAIL,
+		N_("unable to write to I/O log file: %s"), errstr);
+	    warned = true;
+	}
+
+	/* Ignore errors if they occur if the policy says so. */
+	if (iolog_details.ignore_iolog_errors)
+	    ret = 1;
+    }
+
+    debug_return_int(ret);
+}
+
+__dso_public struct io_plugin sudoers_io = {
+    SUDO_IO_PLUGIN,
+    SUDO_API_VERSION,
+    sudoers_io_open,
+    sudoers_io_close,
+    sudoers_io_version,
+    sudoers_io_log_ttyin,
+    sudoers_io_log_ttyout,
+    sudoers_io_log_stdin,
+    sudoers_io_log_stdout,
+    sudoers_io_log_stderr,
+    NULL, /* register_hooks */
+    NULL, /* deregister_hooks */
+    sudoers_io_change_winsize,
+    sudoers_io_suspend
+};
diff --git a/plugins/sudoers/iolog.h b/plugins/sudoers/iolog.h
new file mode 100644
index 0000000..d803a15
--- /dev/null
+++ b/plugins/sudoers/iolog.h
@@ -0,0 +1,86 @@
+/*
+ * Copyright (c) 2009-2018 Todd C. Miller <Todd.Miller@sudo.ws>
+ *
+ * Permission to use, copy, modify, and distribute this software for any
+ * purpose with or without fee is hereby granted, provided that the above
+ * copyright notice and this permission notice appear in all copies.
+ *
+ * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
+ * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
+ * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
+ * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
+ * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
+ * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
+ * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
+ */
+
+#ifndef SUDOERS_IOLOG_H
+#define SUDOERS_IOLOG_H
+
+#ifdef HAVE_ZLIB_H
+# include <zlib.h>	/* for gzFile */
+#endif
+
+/*
+ * I/O log event types as stored as the first field in the timing file.
+ * Changing existing values will result in incompatible I/O log files.
+ */
+#define IO_EVENT_STDIN		0
+#define IO_EVENT_STDOUT		1
+#define IO_EVENT_STDERR		2
+#define IO_EVENT_TTYIN		3
+#define IO_EVENT_TTYOUT		4
+#define IO_EVENT_WINSIZE	5
+#define IO_EVENT_TTYOUT_1_8_7	6
+#define IO_EVENT_SUSPEND	7
+#define IO_EVENT_COUNT		8
+
+/* Default maximum session ID */
+#define SESSID_MAX      2176782336U
+
+union io_fd {
+    FILE *f;
+#ifdef HAVE_ZLIB_H
+    gzFile g;
+#endif
+    void *v;
+};
+
+/*
+ * Info present in the I/O log file
+ */
+struct log_info {
+    char *cwd;
+    char *user;
+    char *runas_user;
+    char *runas_group;
+    char *tty;
+    char *cmd;
+    time_t tstamp;
+    int rows;
+    int cols;
+};
+
+struct timing_closure {
+    const char *decimal;
+    struct timespec *max_delay;
+    union io_fd fd;
+    int event;
+    union {
+	struct {
+	    int rows;
+	    int cols;
+	} winsize;
+	size_t nbytes; // XXX
+	int signo;
+    } u;
+};
+
+/* iolog_util.c */
+bool parse_timing(const char *buf, struct timespec *delay, struct timing_closure *timing);
+char *parse_delay(const char *cp, struct timespec *delay, const char *decimal_point);
+struct log_info *parse_logfile(const char *logfile);
+void free_log_info(struct log_info *li);
+void adjust_delay(struct timespec *delay, struct timespec *max_delay, double scale_factor);
+
+#endif /* SUDOERS_IOLOG_H */
diff --git a/plugins/sudoers/iolog_files.h b/plugins/sudoers/iolog_files.h
new file mode 100644
index 0000000..889c20b
--- /dev/null
+++ b/plugins/sudoers/iolog_files.h
@@ -0,0 +1,47 @@
+/*
+ * Copyright (c) 2013 Todd C. Miller <Todd.Miller@sudo.ws>
+ *
+ * Permission to use, copy, modify, and distribute this software for any
+ * purpose with or without fee is hereby granted, provided that the above
+ * copyright notice and this permission notice appear in all copies.
+ *
+ * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
+ * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
+ * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
+ * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
+ * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
+ * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
+ * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
+ */
+
+#ifndef SUDOERS_IOLOG_FILES_H
+#define SUDOERS_IOLOG_FILES_H
+
+/*
+ * Indexes into io_log_files[]
+ */
+#define IOFD_STDIN	0
+#define IOFD_STDOUT	1
+#define IOFD_STDERR	2
+#define IOFD_TTYIN	3
+#define IOFD_TTYOUT	4
+#define IOFD_TIMING	5
+#define IOFD_MAX	6
+
+struct io_log_file {
+    bool enabled;
+    const char *suffix;
+    union io_fd fd;
+};
+
+static struct io_log_file io_log_files[] = {
+    { false, "/stdin" },	/* IOFD_STDIN */
+    { false, "/stdout" },	/* IOFD_STDOUT */
+    { false, "/stderr" },	/* IOFD_STDERR */
+    { false, "/ttyin" },	/* IOFD_TTYIN  */
+    { false, "/ttyout" },	/* IOFD_TTYOUT */
+    { true,  "/timing" },	/* IOFD_TIMING */
+    { false, NULL }		/* IOFD_MAX */
+};
+
+#endif /* SUDOERS_IOLOG_H */
diff --git a/plugins/sudoers/iolog_path.c b/plugins/sudoers/iolog_path.c
new file mode 100644
index 0000000..7cdc6ed
--- /dev/null
+++ b/plugins/sudoers/iolog_path.c
@@ -0,0 +1,287 @@
+/*
+ * Copyright (c) 2011-2015 Todd C. Miller <Todd.Miller@sudo.ws>
+ *
+ * Permission to use, copy, modify, and distribute this software for any
+ * purpose with or without fee is hereby granted, provided that the above
+ * copyright notice and this permission notice appear in all copies.
+ *
+ * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
+ * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
+ * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
+ * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
+ * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
+ * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
+ * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
+ */
+
+/*
+ * This is an open source non-commercial project. Dear PVS-Studio, please check it.
+ * PVS-Studio Static Code Analyzer for C, C++ and C#: http://www.viva64.com
+ */
+
+#include <config.h>
+
+#include <sys/types.h>
+#include <stdio.h>
+#include <stdlib.h>
+#ifdef HAVE_STRING_H
+# include <string.h>
+#endif /* HAVE_STRING_H */
+#ifdef HAVE_STRINGS_H
+# include <strings.h>
+#endif /* HAVE_STRINGS_H */
+#include <pwd.h>
+#include <grp.h>
+#include <time.h>
+
+#include "sudoers.h"
+
+struct path_escape {
+    const char *name;
+    size_t (*copy_fn)(char *, size_t, char *);
+};
+
+static size_t
+fill_seq(char *str, size_t strsize, char *logdir)
+{
+#ifdef SUDOERS_NO_SEQ
+    debug_decl(fill_seq, SUDOERS_DEBUG_UTIL)
+    debug_return_size_t(strlcpy(str, "%{seq}", strsize));
+#else
+    static char sessid[7];
+    int len;
+    debug_decl(fill_seq, SUDOERS_DEBUG_UTIL)
+
+    if (sessid[0] == '\0') {
+	if (!io_nextid(logdir, def_iolog_dir, sessid))
+	    debug_return_size_t((size_t)-1);
+    }
+
+    /* Path is of the form /var/log/sudo-io/00/00/01. */
+    len = snprintf(str, strsize, "%c%c/%c%c/%c%c", sessid[0],
+	sessid[1], sessid[2], sessid[3], sessid[4], sessid[5]);
+    if (len < 0)
+	debug_return_size_t(strsize); /* handle non-standard snprintf() */
+    debug_return_size_t(len);
+#endif /* SUDOERS_NO_SEQ */
+}
+
+static size_t
+fill_user(char *str, size_t strsize, char *unused)
+{
+    debug_decl(fill_user, SUDOERS_DEBUG_UTIL)
+    debug_return_size_t(strlcpy(str, user_name, strsize));
+}
+
+static size_t
+fill_group(char *str, size_t strsize, char *unused)
+{
+    struct group *grp;
+    size_t len;
+    debug_decl(fill_group, SUDOERS_DEBUG_UTIL)
+
+    if ((grp = sudo_getgrgid(user_gid)) != NULL) {
+	len = strlcpy(str, grp->gr_name, strsize);
+	sudo_gr_delref(grp);
+    } else {
+	len = strlen(str);
+	len = snprintf(str + len, strsize - len, "#%u",
+	    (unsigned int) user_gid);
+    }
+    debug_return_size_t(len);
+}
+
+static size_t
+fill_runas_user(char *str, size_t strsize, char *unused)
+{
+    debug_decl(fill_runas_user, SUDOERS_DEBUG_UTIL)
+    debug_return_size_t(strlcpy(str, runas_pw->pw_name, strsize));
+}
+
+static size_t
+fill_runas_group(char *str, size_t strsize, char *unused)
+{
+    struct group *grp;
+    size_t len;
+    debug_decl(fill_runas_group, SUDOERS_DEBUG_UTIL)
+
+    if (runas_gr != NULL) {
+	len = strlcpy(str, runas_gr->gr_name, strsize);
+    } else {
+	if ((grp = sudo_getgrgid(runas_pw->pw_gid)) != NULL) {
+	    len = strlcpy(str, grp->gr_name, strsize);
+	    sudo_gr_delref(grp);
+	} else {
+	    len = strlen(str);
+	    len = snprintf(str + len, strsize - len, "#%u",
+		(unsigned int) runas_pw->pw_gid);
+	}
+    }
+    debug_return_size_t(len);
+}
+
+static size_t
+fill_hostname(char *str, size_t strsize, char *unused)
+{
+    debug_decl(fill_hostname, SUDOERS_DEBUG_UTIL)
+    debug_return_size_t(strlcpy(str, user_shost, strsize));
+}
+
+static size_t
+fill_command(char *str, size_t strsize, char *unused)
+{
+    debug_decl(fill_command, SUDOERS_DEBUG_UTIL)
+    debug_return_size_t(strlcpy(str, user_base, strsize));
+}
+
+/* Note: "seq" must be first in the list. */
+static struct path_escape io_path_escapes[] = {
+    { "seq", fill_seq },
+    { "user", fill_user },
+    { "group", fill_group },
+    { "runas_user", fill_runas_user },
+    { "runas_group", fill_runas_group },
+    { "hostname", fill_hostname },
+    { "command", fill_command },
+    { NULL, NULL }
+};
+
+/*
+ * Concatenate dir + file, expanding any escape sequences.
+ * Returns the concatenated path and sets slashp point to
+ * the path separator between the expanded dir and file.
+ */
+char *
+expand_iolog_path(const char *prefix, const char *dir, const char *file,
+    char **slashp)
+{
+    size_t len, prelen = 0;
+    char *dst, *dst0, *path, *pathend, tmpbuf[PATH_MAX];
+    char *slash = NULL;
+    const char *endbrace, *src = dir;
+    struct path_escape *escapes = NULL;
+    int pass, oldlocale;
+    bool strfit;
+    debug_decl(expand_iolog_path, SUDOERS_DEBUG_UTIL)
+
+    /* Expanded path must be <= PATH_MAX */
+    if (prefix != NULL)
+	prelen = strlen(prefix);
+    path = malloc(prelen + PATH_MAX);
+    if (path == NULL) {
+	sudo_warnx(U_("%s: %s"), __func__, U_("unable to allocate memory"));
+	goto bad;
+    }
+    *path = '\0';
+    pathend = path + prelen + PATH_MAX;
+    dst = path;
+
+    /* Copy prefix, if present. */
+    if (prefix != NULL) {
+	memcpy(path, prefix, prelen);
+	dst += prelen;
+	*dst = '\0';
+    }
+
+    /* Trim leading slashes from file component. */
+    while (*file == '/')
+	file++;
+
+    for (pass = 0; pass < 3; pass++) {
+	strfit = false;
+	switch (pass) {
+	case 0:
+	    src = dir;
+	    escapes = io_path_escapes + 1; /* skip "%{seq}" */
+	    break;
+	case 1:
+	    /* Trim trailing slashes from dir component. */
+	    while (dst > path + prelen + 1 && dst[-1] == '/')
+		dst--;
+	    /* The NUL will be replaced with a '/' at the end. */
+	    if (dst + 1 >= pathend)
+		goto bad;
+	    slash = dst++;
+	    continue;
+	case 2:
+	    src = file;
+	    escapes = io_path_escapes;
+	    break;
+	}
+	dst0 = dst;
+	for (; *src != '\0'; src++) {
+	    if (src[0] == '%') {
+		if (src[1] == '{') {
+		    endbrace = strchr(src + 2, '}');
+		    if (endbrace != NULL) {
+			struct path_escape *esc;
+			len = (size_t)(endbrace - src - 2);
+			for (esc = escapes; esc->name != NULL; esc++) {
+			    if (strncmp(src + 2, esc->name, len) == 0 &&
+				esc->name[len] == '\0')
+				break;
+			}
+			if (esc->name != NULL) {
+			    len = esc->copy_fn(dst, (size_t)(pathend - dst),
+				path + prelen);
+			    if (len >= (size_t)(pathend - dst))
+				goto bad;
+			    dst += len;
+			    src = endbrace;
+			    continue;
+			}
+		    }
+		} else if (src[1] == '%') {
+		    /* Collapse %% -> % */
+		    src++;
+		} else {
+		    /* May need strftime() */
+		    strfit = 1;
+		}
+	    }
+	    /* Need at least 2 chars, including the NUL terminator. */
+	    if (dst + 1 >= pathend)
+		goto bad;
+	    *dst++ = *src;
+	}
+	*dst = '\0';
+
+	/* Expand strftime escapes as needed. */
+	if (strfit) {
+	    time_t now;
+	    struct tm *timeptr;
+
+	    time(&now);
+	    if ((timeptr = localtime(&now)) == NULL)
+		goto bad;
+
+	    /* Use sudoers locale for strftime() */
+	    sudoers_setlocale(SUDOERS_LOCALE_SUDOERS, &oldlocale);
+
+	    /* We only call strftime() on the current part of the buffer. */
+	    tmpbuf[sizeof(tmpbuf) - 1] = '\0';
+	    len = strftime(tmpbuf, sizeof(tmpbuf), dst0, timeptr);
+
+	    /* Restore old locale. */
+	    sudoers_setlocale(oldlocale, NULL);
+
+	    if (len == 0 || tmpbuf[sizeof(tmpbuf) - 1] != '\0')
+		goto bad;		/* strftime() failed, buf too small? */
+
+	    if (len >= (size_t)(pathend - dst0))
+		goto bad;		/* expanded buffer too big to fit. */
+	    memcpy(dst0, tmpbuf, len);
+	    dst = dst0 + len;
+	    *dst = '\0';
+	}
+    }
+    if (slash != NULL)
+	*slash = '/';
+    if (slashp != NULL)
+	*slashp = slash;
+
+    debug_return_str(path);
+bad:
+    free(path);
+    debug_return_str(NULL);
+}
diff --git a/plugins/sudoers/iolog_util.c b/plugins/sudoers/iolog_util.c
new file mode 100644
index 0000000..f22ca62
--- /dev/null
+++ b/plugins/sudoers/iolog_util.c
@@ -0,0 +1,387 @@
+/*
+ * Copyright (c) 2009-2018 Todd C. Miller <Todd.Miller@sudo.ws>
+ *
+ * Permission to use, copy, modify, and distribute this software for any
+ * purpose with or without fee is hereby granted, provided that the above
+ * copyright notice and this permission notice appear in all copies.
+ *
+ * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
+ * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
+ * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
+ * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
+ * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
+ * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
+ * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
+ */
+
+/*
+ * This is an open source non-commercial project. Dear PVS-Studio, please check it.
+ * PVS-Studio Static Code Analyzer for C, C++ and C#: http://www.viva64.com
+ */
+
+#include <config.h>
+
+#include <sys/types.h>
+#include <stdio.h>
+#include <stdlib.h>
+#if defined(HAVE_STDINT_H)
+# include <stdint.h>
+#elif defined(HAVE_INTTYPES_H)
+# include <inttypes.h>
+#endif
+#ifdef HAVE_STRING_H
+# include <string.h>
+#endif /* HAVE_STRING_H */
+#ifdef HAVE_STRINGS_H
+# include <strings.h>
+#endif /* HAVE_STRINGS_H */
+#include <unistd.h>
+#include <ctype.h>
+#include <errno.h>
+#include <limits.h>
+#include <fcntl.h>
+#include <time.h>
+#ifdef HAVE_STDBOOL_H
+# include <stdbool.h>
+#else
+# include "compat/stdbool.h"
+#endif /* HAVE_STDBOOL_H */
+
+#include "sudo_gettext.h"	/* must be included before sudo_compat.h */
+
+#include "sudo_compat.h"
+#include "sudo_fatal.h"
+#include "sudo_debug.h"
+#include "sudo_util.h"
+#include "iolog.h"
+
+static int timing_event_adj;
+
+struct log_info *
+parse_logfile(const char *logfile)
+{
+    FILE *fp;
+    char *buf = NULL, *cp, *ep;
+    const char *errstr;
+    size_t bufsize = 0, cwdsize = 0, cmdsize = 0;
+    struct log_info *li = NULL;
+    debug_decl(parse_logfile, SUDO_DEBUG_UTIL)
+
+    fp = fopen(logfile, "r");
+    if (fp == NULL) {
+	sudo_warn(U_("unable to open %s"), logfile);
+	goto bad;
+    }
+
+    /*
+     * ID file has three lines:
+     *  1) a log info line
+     *  2) cwd
+     *  3) command with args
+     */
+    if ((li = calloc(1, sizeof(*li))) == NULL)
+	sudo_fatalx(U_("%s: %s"), __func__, U_("unable to allocate memory"));
+    if (getline(&buf, &bufsize, fp) == -1 ||
+	getline(&li->cwd, &cwdsize, fp) == -1 ||
+	getline(&li->cmd, &cmdsize, fp) == -1) {
+	sudo_warn(U_("%s: invalid log file"), logfile);
+	goto bad;
+    }
+
+    /* Strip the newline from the cwd and command. */
+    li->cwd[strcspn(li->cwd, "\n")] = '\0';
+    li->cmd[strcspn(li->cmd, "\n")] = '\0';
+
+    /*
+     * Crack the log line (rows and cols not present in old versions).
+     *	timestamp:user:runas_user:runas_group:tty:rows:cols
+     * XXX - probably better to use strtok and switch on the state.
+     */
+    buf[strcspn(buf, "\n")] = '\0';
+    cp = buf;
+
+    /* timestamp */
+    if ((ep = strchr(cp, ':')) == NULL) {
+	sudo_warn(U_("%s: time stamp field is missing"), logfile);
+	goto bad;
+    }
+    *ep = '\0';
+    li->tstamp = strtonum(cp, 0, TIME_T_MAX, &errstr);
+    if (errstr != NULL) {
+	sudo_warn(U_("%s: time stamp %s: %s"), logfile, cp, errstr);
+	goto bad;
+    }
+
+    /* user */
+    cp = ep + 1;
+    if ((ep = strchr(cp, ':')) == NULL) {
+	sudo_warn(U_("%s: user field is missing"), logfile);
+	goto bad;
+    }
+    if ((li->user = strndup(cp, (size_t)(ep - cp))) == NULL)
+	sudo_fatalx(U_("%s: %s"), __func__, U_("unable to allocate memory"));
+
+    /* runas user */
+    cp = ep + 1;
+    if ((ep = strchr(cp, ':')) == NULL) {
+	sudo_warn(U_("%s: runas user field is missing"), logfile);
+	goto bad;
+    }
+    if ((li->runas_user = strndup(cp, (size_t)(ep - cp))) == NULL)
+	sudo_fatalx(U_("%s: %s"), __func__, U_("unable to allocate memory"));
+
+    /* runas group */
+    cp = ep + 1;
+    if ((ep = strchr(cp, ':')) == NULL) {
+	sudo_warn(U_("%s: runas group field is missing"), logfile);
+	goto bad;
+    }
+    if (cp != ep) {
+	if ((li->runas_group = strndup(cp, (size_t)(ep - cp))) == NULL)
+	    sudo_fatalx(U_("%s: %s"), __func__, U_("unable to allocate memory"));
+    }
+
+    /* tty, followed by optional rows + columns */
+    cp = ep + 1;
+    if ((ep = strchr(cp, ':')) == NULL) {
+	/* just the tty */
+	if ((li->tty = strdup(cp)) == NULL)
+	    sudo_fatalx(U_("%s: %s"), __func__, U_("unable to allocate memory"));
+    } else {
+	/* tty followed by rows + columns */
+	if ((li->tty = strndup(cp, (size_t)(ep - cp))) == NULL)
+	    sudo_fatalx(U_("%s: %s"), __func__, U_("unable to allocate memory"));
+	cp = ep + 1;
+	/* need to NULL out separator to use strtonum() */
+	if ((ep = strchr(cp, ':')) != NULL) {
+	    *ep = '\0';
+	}
+	li->rows = strtonum(cp, 1, INT_MAX, &errstr);
+	if (errstr != NULL) {
+	    sudo_debug_printf(SUDO_DEBUG_ERROR|SUDO_DEBUG_LINENO,
+		"%s: tty rows %s: %s", logfile, cp, errstr);
+	}
+	if (ep != NULL) {
+	    cp = ep + 1;
+	    li->cols = strtonum(cp, 1, INT_MAX, &errstr);
+	    if (errstr != NULL) {
+		sudo_debug_printf(SUDO_DEBUG_ERROR|SUDO_DEBUG_LINENO,
+		    "%s: tty cols %s: %s", logfile, cp, errstr);
+	    }
+	}
+    }
+    fclose(fp);
+    free(buf);
+    debug_return_ptr(li);
+
+bad:
+    if (fp != NULL)
+	fclose(fp);
+    free(buf);
+    free_log_info(li);
+    debug_return_ptr(NULL);
+}
+
+void
+adjust_delay(struct timespec *delay, struct timespec *max_delay,
+     double scale_factor)
+{
+    double seconds;
+    debug_decl(adjust_delay, SUDO_DEBUG_UTIL)
+
+    if (scale_factor != 1.0) {
+	/* Order is important: we don't want to double the remainder. */
+        seconds = (double)delay->tv_sec / scale_factor;
+        delay->tv_sec = (time_t)seconds;
+        delay->tv_nsec /= scale_factor;
+        delay->tv_nsec += (seconds - delay->tv_sec) * 1000000000;
+        while (delay->tv_nsec >= 1000000000) {
+            delay->tv_sec++;
+            delay->tv_nsec -= 1000000000;
+        }
+    }
+
+    /* Clamp to max delay. */
+    if (max_delay != NULL) {
+	if (sudo_timespeccmp(delay, max_delay, >)) {
+	    delay->tv_sec = max_delay->tv_sec;
+	    delay->tv_nsec = max_delay->tv_nsec;
+	}
+    }
+
+    debug_return;
+}
+
+/*
+ * Parse the delay as seconds and nanoseconds: %lld.%09ld
+ * Sudo used to write this as a double, but since timing data is logged
+ * in the C locale this may not match the current locale.
+ */
+char *
+parse_delay(const char *cp, struct timespec *delay, const char *decimal_point)
+{
+    char numbuf[(((sizeof(long long) * 8) + 2) / 3) + 2];
+    const char *errstr, *ep;
+    long long llval;
+    size_t len;
+    debug_decl(parse_delay, SUDO_DEBUG_UTIL)
+
+    /* Parse seconds (whole number portion). */
+    for (ep = cp; isdigit((unsigned char)*ep); ep++)
+	continue;
+    len = (size_t)(ep - cp);
+    if (len >= sizeof(numbuf)) {
+	sudo_debug_printf(SUDO_DEBUG_ERROR|SUDO_DEBUG_LINENO,
+	    "%s: number of seconds is too large", cp);
+	debug_return_ptr(NULL);
+    }
+    memcpy(numbuf, cp, len);
+    numbuf[len] = '\0';
+    delay->tv_sec = strtonum(numbuf, 0, TIME_T_MAX, &errstr);
+    if (errstr != NULL) {
+	sudo_debug_printf(SUDO_DEBUG_ERROR|SUDO_DEBUG_LINENO,
+	    "%s: number of seconds is %s", numbuf, errstr);
+	debug_return_ptr(NULL);
+    }
+
+    /* Radix may be in user's locale for sudo < 1.7.4 so accept that too. */
+    if (*ep != '.' && *ep != *decimal_point) {
+	sudo_debug_printf(SUDO_DEBUG_ERROR|SUDO_DEBUG_LINENO,
+	    "invalid characters after seconds: %s", ep);
+	debug_return_ptr(NULL);
+    }
+    cp = ep + 1;
+
+    /* Parse fractional part, we may read more precision than we can store. */
+    for (ep = cp; isdigit((unsigned char)*ep); ep++)
+	continue;
+    len = (size_t)(ep - cp);
+    if (len >= sizeof(numbuf)) {
+	sudo_debug_printf(SUDO_DEBUG_ERROR|SUDO_DEBUG_LINENO,
+	    "%s: number of nanoseconds is too large", cp);
+	debug_return_ptr(NULL);
+    }
+    memcpy(numbuf, cp, len);
+    numbuf[len] = '\0';
+    llval = strtonum(numbuf, 0, LLONG_MAX, &errstr);
+    if (errstr != NULL) {
+	sudo_debug_printf(SUDO_DEBUG_ERROR|SUDO_DEBUG_LINENO,
+	    "%s: number of nanoseconds is %s", numbuf, errstr);
+	debug_return_ptr(NULL);
+    }
+
+    /* Adjust fractional part to nanosecond precision. */
+    if (len < 9) {
+	/* Convert to nanosecond precision. */
+	do {
+	    llval *= 10;
+	} while (++len < 9);
+    } else if (len > 9) {
+	/* Clamp to nanoseconds. */
+	do {
+	    llval /= 10;
+	} while (--len > 9);
+    }
+    delay->tv_nsec = (long)llval;
+
+    /* Advance to the next field. */
+    while (isspace((unsigned char)*ep))
+	ep++;
+
+    debug_return_str((char *)ep);
+}
+
+/*
+ * Parse a timing line, which is formatted as:
+ *	IO_EVENT_TTYOUT sleep_time num_bytes
+ *	IO_EVENT_WINSIZE sleep_time rows cols
+ *	IO_EVENT_SUSPEND sleep_time signo
+ * Where type is IO_EVENT_*, sleep_time is the number of seconds to sleep
+ * before writing the data and num_bytes is the number of bytes to output.
+ * Returns true on success and false on failure.
+ */
+bool
+parse_timing(const char *buf, struct timespec *delay,
+    struct timing_closure *timing)
+{
+    unsigned long ulval;
+    char *cp, *ep;
+    debug_decl(parse_timing, SUDO_DEBUG_UTIL)
+
+    /* Clear fd. */
+    timing->fd.v = NULL;
+
+    /* Parse event type. */
+    ulval = strtoul(buf, &ep, 10);
+    if (ep == buf || !isspace((unsigned char) *ep))
+	goto bad;
+    if (ulval >= IO_EVENT_COUNT)
+	goto bad;
+    if (ulval == IO_EVENT_TTYOUT_1_8_7) {
+	/* work around a bug in timing files generated by sudo 1.8.7 */
+	timing_event_adj = 2;
+    }
+    timing->event = (int)ulval - timing_event_adj;
+    for (cp = ep + 1; isspace((unsigned char) *cp); cp++)
+	continue;
+
+    /* Parse delay, returns the next field or NULL on error. */
+    if ((cp = parse_delay(cp, delay, timing->decimal)) == NULL)
+	goto bad;
+
+    switch (timing->event) {
+    case IO_EVENT_SUSPEND:
+	ulval = strtoul(cp, &ep, 10);
+	if (ep == cp || *ep != '\0')
+	    goto bad;
+	if (ulval > INT_MAX)
+	    goto bad;
+	timing->u.signo = (int)ulval;
+	break;
+    case IO_EVENT_WINSIZE:
+	ulval = strtoul(cp, &ep, 10);
+	if (ep == cp || !isspace((unsigned char) *ep))
+	    goto bad;
+	if (ulval > INT_MAX)
+	    goto bad;
+	timing->u.winsize.rows = (int)ulval;
+	for (cp = ep + 1; isspace((unsigned char) *cp); cp++)
+	    continue;
+
+	ulval = strtoul(cp, &ep, 10);
+	if (ep == cp || *ep != '\0')
+	    goto bad;
+	if (ulval > INT_MAX)
+	    goto bad;
+	timing->u.winsize.cols = (int)ulval;
+	break;
+    default:
+	errno = 0;
+	ulval = strtoul(cp, &ep, 10);
+	if (ep == cp || *ep != '\0')
+	    goto bad;
+	/* Note: assumes SIZE_MAX == ULONG_MAX */
+	if (errno == ERANGE && ulval == ULONG_MAX)
+	    goto bad;
+	timing->u.nbytes = (size_t)ulval;
+	break;
+    }
+
+    debug_return_bool(true);
+bad:
+    debug_return_bool(false);
+}
+
+void
+free_log_info(struct log_info *li)
+{
+    if (li != NULL) {
+	free(li->cwd);
+	free(li->user);
+	free(li->runas_user);
+	free(li->runas_group);
+	free(li->tty);
+	free(li->cmd);
+	free(li);
+    }
+}
diff --git a/plugins/sudoers/ldap.c b/plugins/sudoers/ldap.c
new file mode 100644
index 0000000..bc2baec
--- /dev/null
+++ b/plugins/sudoers/ldap.c
@@ -0,0 +1,2050 @@
+/*
+ * Copyright (c) 2003-2018 Todd C. Miller <Todd.Miller@sudo.ws>
+ *
+ * This code is derived from software contributed by Aaron Spangler.
+ *
+ * Permission to use, copy, modify, and distribute this software for any
+ * purpose with or without fee is hereby granted, provided that the above
+ * copyright notice and this permission notice appear in all copies.
+ *
+ * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
+ * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
+ * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
+ * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
+ * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
+ * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
+ * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
+ */
+
+/*
+ * This is an open source non-commercial project. Dear PVS-Studio, please check it.
+ * PVS-Studio Static Code Analyzer for C, C++ and C#: http://www.viva64.com
+ */
+
+#include <config.h>
+
+#include <sys/types.h>
+#include <sys/time.h>
+#include <sys/stat.h>
+#include <stddef.h>
+#include <stdio.h>
+#include <stdlib.h>
+#ifdef HAVE_STRING_H
+# include <string.h>
+#endif /* HAVE_STRING_H */
+#ifdef HAVE_STRINGS_H
+# include <strings.h>
+#endif /* HAVE_STRINGS_H */
+#include <unistd.h>
+#include <time.h>
+#include <ctype.h>
+#include <errno.h>
+#include <fcntl.h>
+#include <pwd.h>
+#include <grp.h>
+#ifdef HAVE_LBER_H
+# include <lber.h>
+#endif
+#include <ldap.h>
+#if defined(HAVE_LDAP_SSL_H)
+# include <ldap_ssl.h>
+#elif defined(HAVE_MPS_LDAP_SSL_H)
+# include <mps/ldap_ssl.h>
+#endif
+#ifdef HAVE_LDAP_SASL_INTERACTIVE_BIND_S
+# ifdef HAVE_SASL_SASL_H
+#  include <sasl/sasl.h>
+# else
+#  include <sasl.h>
+# endif
+#endif /* HAVE_LDAP_SASL_INTERACTIVE_BIND_S */
+
+#include "sudoers.h"
+#include "gram.h"
+#include "sudo_lbuf.h"
+#include "sudo_ldap.h"
+#include "sudo_ldap_conf.h"
+#include "sudo_dso.h"
+
+#ifndef LDAP_OPT_RESULT_CODE
+# define LDAP_OPT_RESULT_CODE LDAP_OPT_ERROR_NUMBER
+#endif
+
+#ifndef LDAP_OPT_SUCCESS
+# define LDAP_OPT_SUCCESS LDAP_SUCCESS
+#endif
+
+#if defined(HAVE_LDAP_SASL_INTERACTIVE_BIND_S) && !defined(LDAP_SASL_QUIET)
+# define LDAP_SASL_QUIET	0
+#endif
+
+#ifndef HAVE_LDAP_UNBIND_EXT_S
+#define ldap_unbind_ext_s(a, b, c)	ldap_unbind_s(a)
+#endif
+
+#ifndef HAVE_LDAP_SEARCH_EXT_S
+# ifdef HAVE_LDAP_SEARCH_ST
+#  define ldap_search_ext_s(a, b, c, d, e, f, g, h, i, j, k)		\
+	ldap_search_st(a, b, c, d, e, f, i, k)
+# else
+#  define ldap_search_ext_s(a, b, c, d, e, f, g, h, i, j, k)		\
+	ldap_search_s(a, b, c, d, e, f, k)
+# endif
+#endif
+
+#define LDAP_FOREACH(var, ld, res)					\
+    for ((var) = ldap_first_entry((ld), (res));				\
+	(var) != NULL;							\
+	(var) = ldap_next_entry((ld), (var)))
+
+/* The TIMEFILTER_LENGTH is the length of the filter when timed entries
+   are used. The length is computed as follows:
+       81       for the filter itself
+       + 2 * 17 for the now timestamp
+*/
+#define TIMEFILTER_LENGTH	115
+
+/*
+ * The ldap_search structure implements a linked list of ldap and
+ * search result pointers, which allows us to remove them after
+ * all search results have been combined in memory.
+ */
+struct ldap_search_result {
+    STAILQ_ENTRY(ldap_search_result) entries;
+    LDAP *ldap;
+    LDAPMessage *searchresult;
+};
+STAILQ_HEAD(ldap_search_list, ldap_search_result);
+
+/*
+ * The ldap_entry_wrapper structure is used to implement sorted result entries.
+ * A double is used for the order to allow for insertion of new entries
+ * without having to renumber everything.
+ * Note: there is no standard floating point type in LDAP.
+ *       As a result, some LDAP servers will only allow an integer.
+ */
+struct ldap_entry_wrapper {
+    LDAPMessage	*entry;
+    double order;
+};
+
+/*
+ * The ldap_result structure contains the list of matching searches as
+ * well as an array of all result entries sorted by the sudoOrder attribute.
+ */
+struct ldap_result {
+    struct ldap_search_list searches;
+    struct ldap_entry_wrapper *entries;
+    unsigned int allocated_entries;
+    unsigned int nentries;
+};
+#define	ALLOCATION_INCREMENT	100
+
+/*
+ * The ldap_netgroup structure implements a singly-linked tail queue of
+ * netgroups a user is a member of when querying netgroups directly.
+ */
+struct ldap_netgroup {
+    STAILQ_ENTRY(ldap_netgroup) entries;
+    char *name;
+};
+STAILQ_HEAD(ldap_netgroup_list, ldap_netgroup);
+
+/*
+ * LDAP sudo_nss handle.
+ * We store the connection to the LDAP server and the passwd struct of the
+ * user the last query was performed for.
+ */
+struct sudo_ldap_handle {
+    LDAP *ld;
+    struct passwd *pw;
+    struct sudoers_parse_tree parse_tree;
+};
+
+#ifdef HAVE_LDAP_INITIALIZE
+static char *
+sudo_ldap_join_uri(struct ldap_config_str_list *uri_list)
+{
+    struct ldap_config_str *uri;
+    size_t len = 0;
+    char *buf = NULL;
+    debug_decl(sudo_ldap_join_uri, SUDOERS_DEBUG_LDAP)
+
+    STAILQ_FOREACH(uri, uri_list, entries) {
+	if (ldap_conf.ssl_mode == SUDO_LDAP_STARTTLS) {
+	    if (strncasecmp(uri->val, "ldaps://", 8) == 0) {
+		sudo_warnx(U_("starttls not supported when using ldaps"));
+		ldap_conf.ssl_mode = SUDO_LDAP_SSL;
+	    }
+	}
+	len += strlen(uri->val) + 1;
+    }
+    if (len == 0 || (buf = malloc(len)) == NULL) {
+	sudo_warnx(U_("%s: %s"), __func__, U_("unable to allocate memory"));
+    } else {
+	char *cp = buf;
+
+	STAILQ_FOREACH(uri, uri_list, entries) {
+	    cp += strlcpy(cp, uri->val, len - (cp - buf));
+	    *cp++ = ' ';
+	}
+	cp[-1] = '\0';
+    }
+    debug_return_str(buf);
+}
+#endif /* HAVE_LDAP_INITIALIZE */
+
+/*
+ * Wrapper for ldap_create() or ldap_init() that handles
+ * SSL/TLS initialization as well.
+ * Returns LDAP_SUCCESS on success, else non-zero.
+ */
+static int
+sudo_ldap_init(LDAP **ldp, const char *host, int port)
+{
+    LDAP *ld;
+    int ret = LDAP_CONNECT_ERROR;
+    debug_decl(sudo_ldap_init, SUDOERS_DEBUG_LDAP)
+
+#ifdef HAVE_LDAPSSL_INIT
+    if (ldap_conf.ssl_mode != SUDO_LDAP_CLEAR) {
+	const int defsecure = ldap_conf.ssl_mode == SUDO_LDAP_SSL;
+	DPRINTF2("ldapssl_clientauth_init(%s, %s)",
+	    ldap_conf.tls_certfile ? ldap_conf.tls_certfile : "NULL",
+	    ldap_conf.tls_keyfile ? ldap_conf.tls_keyfile : "NULL");
+	ret = ldapssl_clientauth_init(ldap_conf.tls_certfile, NULL,
+	    ldap_conf.tls_keyfile != NULL, ldap_conf.tls_keyfile, NULL);
+	/*
+	 * Starting with version 5.0, Mozilla-derived LDAP SDKs require
+	 * the cert and key paths to be a directory, not a file.
+	 * If the user specified a file and it fails, try the parent dir.
+	 */
+	if (ret != LDAP_SUCCESS) {
+	    bool retry = false;
+	    if (ldap_conf.tls_certfile != NULL) {
+		char *cp = strrchr(ldap_conf.tls_certfile, '/');
+		if (cp != NULL && strncmp(cp + 1, "cert", 4) == 0) {
+		    *cp = '\0';
+		    retry = true;
+		}
+	    }
+	    if (ldap_conf.tls_keyfile != NULL) {
+		char *cp = strrchr(ldap_conf.tls_keyfile, '/');
+		if (cp != NULL && strncmp(cp + 1, "key", 3) == 0) {
+		    *cp = '\0';
+		    retry = true;
+		}
+	    }
+	    if (retry) {
+		DPRINTF2("retry ldapssl_clientauth_init(%s, %s)",
+		    ldap_conf.tls_certfile ? ldap_conf.tls_certfile : "NULL",
+		    ldap_conf.tls_keyfile ? ldap_conf.tls_keyfile : "NULL");
+		ret = ldapssl_clientauth_init(ldap_conf.tls_certfile, NULL,
+		    ldap_conf.tls_keyfile != NULL, ldap_conf.tls_keyfile, NULL);
+	    }
+	}
+	if (ret != LDAP_SUCCESS) {
+	    sudo_warnx(U_("unable to initialize SSL cert and key db: %s"),
+		ldapssl_err2string(ret));
+	    if (ldap_conf.tls_certfile == NULL)
+		sudo_warnx(U_("you must set TLS_CERT in %s to use SSL"),
+		    path_ldap_conf);
+	    goto done;
+	}
+
+	DPRINTF2("ldapssl_init(%s, %d, %d)", host, port, defsecure);
+	if ((ld = ldapssl_init(host, port, defsecure)) != NULL)
+	    ret = LDAP_SUCCESS;
+    } else
+#elif defined(HAVE_LDAP_SSL_INIT) && defined(HAVE_LDAP_SSL_CLIENT_INIT)
+    if (ldap_conf.ssl_mode == SUDO_LDAP_SSL) {
+	int sslrc;
+	ret = ldap_ssl_client_init(ldap_conf.tls_keyfile, ldap_conf.tls_keypw,
+	    0, &sslrc);
+	if (ret != LDAP_SUCCESS) {
+	    sudo_warnx("ldap_ssl_client_init(): %s (SSL reason code %d)",
+		ldap_err2string(ret), sslrc);
+	    goto done;
+	}
+	DPRINTF2("ldap_ssl_init(%s, %d, NULL)", host, port);
+	if ((ld = ldap_ssl_init((char *)host, port, NULL)) != NULL)
+	    ret = LDAP_SUCCESS;
+    } else
+#endif
+    {
+#ifdef HAVE_LDAP_CREATE
+	DPRINTF2("ldap_create()");
+	if ((ret = ldap_create(&ld)) != LDAP_SUCCESS)
+	    goto done;
+	DPRINTF2("ldap_set_option(LDAP_OPT_HOST_NAME, %s)", host);
+	ret = ldap_set_option(ld, LDAP_OPT_HOST_NAME, host);
+#else
+	DPRINTF2("ldap_init(%s, %d)", host, port);
+	if ((ld = ldap_init((char *)host, port)) == NULL)
+	    goto done;
+	ret = LDAP_SUCCESS;
+#endif
+    }
+
+    *ldp = ld;
+done:
+    debug_return_int(ret);
+}
+
+/*
+ * Wrapper for ldap_get_values_len() that fills in the response code
+ * on error.
+ */
+static struct berval **
+sudo_ldap_get_values_len(LDAP *ld, LDAPMessage *entry, char *attr, int *rc)
+{
+    struct berval **bval;
+
+    bval = ldap_get_values_len(ld, entry, attr);
+    if (bval == NULL) {
+	int optrc = ldap_get_option(ld, LDAP_OPT_RESULT_CODE, rc);
+	if (optrc != LDAP_OPT_SUCCESS)
+	    *rc = optrc;
+    } else {
+	*rc = LDAP_SUCCESS;
+    }
+    return bval;
+}
+
+/*
+ * Walk through search results and return true if we have a matching
+ * non-Unix group (including netgroups), else false.
+ */
+static int
+sudo_ldap_check_non_unix_group(LDAP *ld, LDAPMessage *entry, struct passwd *pw)
+{
+    struct berval **bv, **p;
+    bool ret = false;
+    char *val;
+    int rc;
+    debug_decl(sudo_ldap_check_non_unix_group, SUDOERS_DEBUG_LDAP)
+
+    if (!entry)
+	debug_return_bool(ret);
+
+    /* get the values from the entry */
+    bv = sudo_ldap_get_values_len(ld, entry, "sudoUser", &rc);
+    if (bv == NULL) {
+	if (rc == LDAP_NO_MEMORY)
+	    debug_return_int(-1);
+	debug_return_bool(false);
+    }
+
+    /* walk through values */
+    for (p = bv; *p != NULL && !ret; p++) {
+	val = (*p)->bv_val;
+	if (*val == '+') {
+	    if (netgr_matches(val, def_netgroup_tuple ? user_runhost : NULL,
+		def_netgroup_tuple ? user_srunhost : NULL, pw->pw_name))
+		ret = true;
+	    DPRINTF2("ldap sudoUser netgroup '%s' ... %s", val,
+		ret ? "MATCH!" : "not");
+	} else {
+	    if (group_plugin_query(pw->pw_name, val + 2, pw))
+		ret = true;
+	    DPRINTF2("ldap sudoUser non-Unix group '%s' ... %s", val,
+		ret ? "MATCH!" : "not");
+	}
+    }
+
+    ldap_value_free_len(bv);	/* cleanup */
+
+    debug_return_bool(ret);
+}
+
+/*
+ * Extract the dn from an entry and return the first rdn from it.
+ */
+static char *
+sudo_ldap_get_first_rdn(LDAP *ld, LDAPMessage *entry)
+{
+#ifdef HAVE_LDAP_STR2DN
+    char *dn, *rdn = NULL;
+    LDAPDN tmpDN;
+    debug_decl(sudo_ldap_get_first_rdn, SUDOERS_DEBUG_LDAP)
+
+    if ((dn = ldap_get_dn(ld, entry)) == NULL)
+	debug_return_str(NULL);
+    if (ldap_str2dn(dn, &tmpDN, LDAP_DN_FORMAT_LDAP) == LDAP_SUCCESS) {
+	ldap_rdn2str(tmpDN[0], &rdn, LDAP_DN_FORMAT_UFN);
+	ldap_dnfree(tmpDN);
+    }
+    ldap_memfree(dn);
+    debug_return_str(rdn);
+#else
+    char *dn, **edn;
+    debug_decl(sudo_ldap_get_first_rdn, SUDOERS_DEBUG_LDAP)
+
+    if ((dn = ldap_get_dn(ld, entry)) == NULL)
+	debug_return_str(NULL);
+    edn = ldap_explode_dn(dn, 1);
+    ldap_memfree(dn);
+    debug_return_str(edn ? edn[0] : NULL);
+#endif
+}
+
+/*
+ * Read sudoOption and fill in the defaults list.
+ * This is used to parse the cn=defaults entry.
+ */
+static bool
+sudo_ldap_parse_options(LDAP *ld, LDAPMessage *entry, struct defaults_list *defs)
+{
+    struct berval **bv, **p;
+    char *cn, *cp, *source = NULL;
+    bool ret = false;
+    int rc;
+    debug_decl(sudo_ldap_parse_options, SUDOERS_DEBUG_LDAP)
+
+    bv = sudo_ldap_get_values_len(ld, entry, "sudoOption", &rc);
+    if (bv == NULL) {
+	if (rc == LDAP_NO_MEMORY)
+	    debug_return_bool(false);
+	debug_return_bool(true);
+    }
+
+    /* Use sudoRole in place of file name in defaults. */
+    cn = sudo_ldap_get_first_rdn(ld, entry);
+    if (asprintf(&cp, "sudoRole %s", cn ? cn : "UNKNOWN") == -1) {
+	sudo_warnx(U_("%s: %s"), __func__, U_("unable to allocate memory"));
+	goto done;
+    }
+    if ((source = rcstr_dup(cp)) == NULL) {
+	sudo_warnx(U_("%s: %s"), __func__, U_("unable to allocate memory"));
+	free(cp);
+	goto done;
+    }
+
+    /* Walk through options, appending to defs. */
+    for (p = bv; *p != NULL; p++) {
+	char *var, *val;
+	int op;
+
+	op = sudo_ldap_parse_option((*p)->bv_val, &var, &val);
+	if (!sudo_ldap_add_default(var, val, op, source, defs)) {
+	    sudo_warnx(U_("%s: %s"), __func__, U_("unable to allocate memory"));
+	    goto done;
+	}
+    }
+
+    ret = true;
+
+done:
+    rcstr_delref(source);
+    if (cn)
+	ldap_memfree(cn);
+    ldap_value_free_len(bv);
+
+    debug_return_bool(ret);
+}
+
+/*
+ * Build an LDAP timefilter.
+ *
+ * Stores a filter in the buffer that makes sure only entries
+ * are selected that have a sudoNotBefore in the past and a
+ * sudoNotAfter in the future, i.e. a filter of the following
+ * structure (spaced out a little more for better readability:
+ *
+ * (&
+ *   (|
+ *	(!(sudoNotAfter=*))
+ *	(sudoNotAfter>__now__)
+ *   )
+ *   (|
+ *	(!(sudoNotBefore=*))
+ *	(sudoNotBefore<__now__)
+ *   )
+ * )
+ *
+ * If either the sudoNotAfter or sudoNotBefore attributes are missing,
+ * no time restriction shall be imposed.
+ */
+static bool
+sudo_ldap_timefilter(char *buffer, size_t buffersize)
+{
+    struct tm *tp;
+    time_t now;
+    char timebuffer[sizeof("20120727121554.0Z")];
+    int len = -1;
+    debug_decl(sudo_ldap_timefilter, SUDOERS_DEBUG_LDAP)
+
+    /* Make sure we have a formatted timestamp for __now__. */
+    time(&now);
+    if ((tp = gmtime(&now)) == NULL) {
+	sudo_warn(U_("unable to get GMT time"));
+	goto done;
+    }
+
+    /* Format the timestamp according to the RFC. */
+    if (strftime(timebuffer, sizeof(timebuffer), "%Y%m%d%H%M%S.0Z", tp) == 0) {
+	sudo_warnx(U_("unable to format timestamp"));
+	goto done;
+    }
+
+    /* Build filter. */
+    len = snprintf(buffer, buffersize, "(&(|(!(sudoNotAfter=*))(sudoNotAfter>=%s))(|(!(sudoNotBefore=*))(sudoNotBefore<=%s)))",
+	timebuffer, timebuffer);
+    if (len <= 0 || (size_t)len >= buffersize) {
+	sudo_warnx(U_("internal error, %s overflow"), __func__);
+	errno = EOVERFLOW;
+	len = -1;
+    }
+
+done:
+    debug_return_bool(len != -1);
+}
+
+/*
+ * Builds up a filter to search for default settings
+ */
+static char *
+sudo_ldap_build_default_filter(void)
+{
+    char *filt;
+    debug_decl(sudo_ldap_build_default_filter, SUDOERS_DEBUG_LDAP)
+
+    if (!ldap_conf.search_filter)
+	debug_return_str(strdup("cn=defaults"));
+
+    if (asprintf(&filt, "(&%s(cn=defaults))", ldap_conf.search_filter) == -1)
+	debug_return_str(NULL);
+
+    debug_return_str(filt);
+}
+
+/*
+ * Determine length of query value after escaping characters
+ * as per RFC 4515.
+ */
+static size_t
+sudo_ldap_value_len(const char *value)
+{
+    const char *s;
+    size_t len = 0;
+
+    for (s = value; *s != '\0'; s++) {
+	switch (*s) {
+	case '\\':
+	case '(':
+	case ')':
+	case '*':
+	    len += 2;
+	    break;
+	}
+    }
+    len += (size_t)(s - value);
+    return len;
+}
+
+/*
+ * Like strlcat() but escapes characters as per RFC 4515.
+ */
+static size_t
+sudo_ldap_value_cat(char *dst, const char *src, size_t size)
+{
+    char *d = dst;
+    const char *s = src;
+    size_t n = size;
+    size_t dlen;
+
+    /* Find the end of dst and adjust bytes left but don't go past end */
+    while (n-- != 0 && *d != '\0')
+	d++;
+    dlen = d - dst;
+    n = size - dlen;
+
+    if (n == 0)
+	return dlen + strlen(s);
+    while (*s != '\0') {
+	switch (*s) {
+	case '\\':
+	    if (n < 3)
+		goto done;
+	    *d++ = '\\';
+	    *d++ = '5';
+	    *d++ = 'c';
+	    n -= 3;
+	    break;
+	case '(':
+	    if (n < 3)
+		goto done;
+	    *d++ = '\\';
+	    *d++ = '2';
+	    *d++ = '8';
+	    n -= 3;
+	    break;
+	case ')':
+	    if (n < 3)
+		goto done;
+	    *d++ = '\\';
+	    *d++ = '2';
+	    *d++ = '9';
+	    n -= 3;
+	    break;
+	case '*':
+	    if (n < 3)
+		goto done;
+	    *d++ = '\\';
+	    *d++ = '2';
+	    *d++ = 'a';
+	    n -= 3;
+	    break;
+	default:
+	    if (n < 1)
+		goto done;
+	    *d++ = *s;
+	    n--;
+	    break;
+	}
+	s++;
+    }
+done:
+    *d = '\0';
+    while (*s != '\0')
+	s++;
+    return dlen + (s - src);	/* count does not include NUL */
+}
+
+/*
+ * Like strdup() but escapes characters as per RFC 4515.
+ */
+static char *
+sudo_ldap_value_dup(const char *src)
+{
+    char *dst;
+    size_t size;
+
+    size = sudo_ldap_value_len(src) + 1;
+    dst = malloc(size);
+    if (dst == NULL)
+	return NULL;
+
+    *dst = '\0';
+    if (sudo_ldap_value_cat(dst, src, size) >= size) {
+	/* Should not be possible... */
+	free(dst);
+	dst = NULL;
+    }
+    return dst;
+}
+
+/*
+ * Check the netgroups list beginning at "start" for nesting.
+ * Parent nodes with a memberNisNetgroup that match one of the
+ * netgroups are added to the list and checked for further nesting.
+ * Return true on success or false if there was an internal overflow.
+ */
+static bool
+sudo_netgroup_lookup_nested(LDAP *ld, char *base, struct timeval *timeout,
+    struct ldap_netgroup_list *netgroups, struct ldap_netgroup *start)
+{
+    LDAPMessage *entry, *result;
+    size_t filt_len;
+    char *filt;
+    int rc;
+    debug_decl(sudo_netgroup_lookup_nested, SUDOERS_DEBUG_LDAP);
+
+    DPRINTF1("Checking for nested netgroups from netgroup_base '%s'", base);
+    do {
+	struct ldap_netgroup *ng, *old_tail;
+
+	result = NULL;
+	old_tail = STAILQ_LAST(netgroups, ldap_netgroup, entries);
+	filt_len = strlen(ldap_conf.netgroup_search_filter) + 7;
+	for (ng = start; ng != NULL; ng = STAILQ_NEXT(ng, entries)) {
+	    filt_len += sudo_ldap_value_len(ng->name) + 20;
+	}
+	if ((filt = malloc(filt_len)) == NULL)
+	    goto oom;
+	CHECK_STRLCPY(filt, "(&", filt_len);
+	CHECK_STRLCAT(filt, ldap_conf.netgroup_search_filter, filt_len);
+	CHECK_STRLCAT(filt, "(|", filt_len);
+	for (ng = start; ng != NULL; ng = STAILQ_NEXT(ng, entries)) {
+	    CHECK_STRLCAT(filt, "(memberNisNetgroup=", filt_len);
+	    CHECK_LDAP_VCAT(filt, ng->name, filt_len);
+	    CHECK_STRLCAT(filt, ")", filt_len);
+	}
+	CHECK_STRLCAT(filt, "))", filt_len);
+	DPRINTF1("ldap netgroup search filter: '%s'", filt);
+	rc = ldap_search_ext_s(ld, base, LDAP_SCOPE_SUBTREE, filt,
+	    NULL, 0, NULL, NULL, timeout, 0, &result);
+	free(filt);
+	if (rc == LDAP_SUCCESS) {
+	    LDAP_FOREACH(entry, ld, result) {
+		struct berval **bv;
+
+		bv = sudo_ldap_get_values_len(ld, entry, "cn", &rc);
+		if (bv == NULL) {
+		    if (rc == LDAP_NO_MEMORY)
+			goto oom;
+		} else {
+		    /* Don't add a netgroup twice. */
+		    STAILQ_FOREACH(ng, netgroups, entries) {
+			/* Assumes only one cn per entry. */
+			if (strcasecmp(ng->name, (*bv)->bv_val) == 0)
+			    break;
+		    }
+		    if (ng == NULL) {
+			ng = malloc(sizeof(*ng));
+			if (ng == NULL ||
+			    (ng->name = strdup((*bv)->bv_val)) == NULL) {
+			    free(ng);
+			    ldap_value_free_len(bv);
+			    goto oom;
+			}
+#ifdef __clang_analyzer__
+			/* clang analyzer false positive */
+			if (__builtin_expect(netgroups->stqh_last == NULL, 0))
+			    __builtin_trap();
+#endif
+			STAILQ_INSERT_TAIL(netgroups, ng, entries);
+			DPRINTF1("Found new netgroup %s for %s", ng->name, base);
+		    }
+		    ldap_value_free_len(bv);
+		}
+	    }
+	}
+	ldap_msgfree(result);
+
+	/* Check for nested netgroups in what we added. */
+	start = old_tail ? STAILQ_NEXT(old_tail, entries) : STAILQ_FIRST(netgroups);
+    } while (start != NULL);
+
+    debug_return_bool(true);
+oom:
+    sudo_warnx(U_("%s: %s"), __func__, U_("unable to allocate memory"));
+    ldap_msgfree(result);
+    debug_return_bool(false);
+overflow:
+    sudo_warnx(U_("internal error, %s overflow"), __func__);
+    free(filt);
+    debug_return_bool(false);
+}
+
+/*
+ * Look up netgroups that the specified user is a member of.
+ * Appends new entries to the netgroups list.
+ * Return true on success or false if there was an internal overflow.
+ */
+static bool
+sudo_netgroup_lookup(LDAP *ld, struct passwd *pw,
+    struct ldap_netgroup_list *netgroups)
+{
+    struct ldap_config_str *base;
+    struct ldap_netgroup *ng, *old_tail;
+    struct timeval tv, *tvp = NULL;
+    LDAPMessage *entry, *result = NULL;
+    const char *domain;
+    char *escaped_domain = NULL, *escaped_user = NULL;
+    char *escaped_host = NULL, *escaped_shost = NULL, *filt = NULL;
+    int filt_len, rc;
+    bool ret = false;
+    debug_decl(sudo_netgroup_lookup, SUDOERS_DEBUG_LDAP);
+
+    if (ldap_conf.timeout > 0) {
+	tv.tv_sec = ldap_conf.timeout;
+	tv.tv_usec = 0;
+	tvp = &tv;
+    }
+
+    /* Use NIS domain if set, else wildcard match. */
+    domain = sudo_getdomainname();
+
+    /* Escape the domain, host names, and user name per RFC 4515. */
+    if (domain != NULL) {
+	if ((escaped_domain = sudo_ldap_value_dup(domain)) == NULL)
+	    goto oom;
+    }
+    if ((escaped_user = sudo_ldap_value_dup(pw->pw_name)) == NULL)
+	    goto oom;
+    if (def_netgroup_tuple) {
+	escaped_host = sudo_ldap_value_dup(user_runhost);
+	if (user_runhost == user_srunhost)
+	    escaped_shost = escaped_host;
+	else
+	    escaped_shost = sudo_ldap_value_dup(user_srunhost);
+	if (escaped_host == NULL || escaped_shost == NULL)
+	    goto oom;
+    }
+
+    /* Build query, using NIS domain if it is set. */
+    if (domain != NULL) {
+	if (escaped_host != escaped_shost) {
+	    filt_len = asprintf(&filt, "(&%s(|"
+		"(nisNetgroupTriple=\\28,%s,%s\\29)"
+		"(nisNetgroupTriple=\\28%s,%s,%s\\29)"
+		"(nisNetgroupTriple=\\28%s,%s,%s\\29)"
+		"(nisNetgroupTriple=\\28,%s,\\29)"
+		"(nisNetgroupTriple=\\28%s,%s,\\29)"
+		"(nisNetgroupTriple=\\28%s,%s,\\29)))",
+		ldap_conf.netgroup_search_filter, escaped_user, escaped_domain,
+		escaped_shost, escaped_user, escaped_domain,
+		escaped_host, escaped_user, escaped_domain, escaped_user,
+		escaped_shost, escaped_user, escaped_host, escaped_user);
+	} else if (escaped_shost != NULL) {
+	    filt_len = asprintf(&filt, "(&%s(|"
+		"(nisNetgroupTriple=\\28,%s,%s\\29)"
+		"(nisNetgroupTriple=\\28%s,%s,%s\\29)"
+		"(nisNetgroupTriple=\\28,%s,\\29)"
+		"(nisNetgroupTriple=\\28%s,%s,\\29)))",
+		ldap_conf.netgroup_search_filter, escaped_user, escaped_domain,
+		escaped_shost, escaped_user, escaped_domain,
+		escaped_user, escaped_shost, escaped_user);
+	} else {
+	    filt_len = asprintf(&filt, "(&%s(|"
+		"(nisNetgroupTriple=\\28*,%s,%s\\29)"
+		"(nisNetgroupTriple=\\28*,%s,\\29)))",
+		ldap_conf.netgroup_search_filter, escaped_user, escaped_domain,
+		escaped_user);
+	}
+    } else {
+	if (escaped_host != escaped_shost) {
+	    filt_len = asprintf(&filt, "(&%s(|"
+		"(nisNetgroupTriple=\\28,%s,*\\29)"
+		"(nisNetgroupTriple=\\28%s,%s,*\\29)"
+		"(nisNetgroupTriple=\\28%s,%s,*\\29)))",
+		ldap_conf.netgroup_search_filter, escaped_user,
+		escaped_shost, escaped_user, escaped_host, escaped_user);
+	} else if (escaped_shost != NULL) {
+	    filt_len = asprintf(&filt, "(&%s(|"
+		"(nisNetgroupTriple=\\28,%s,*\\29)"
+		"(nisNetgroupTriple=\\28%s,%s,*\\29)))",
+		ldap_conf.netgroup_search_filter, escaped_user,
+		escaped_shost, escaped_user);
+	} else {
+	    filt_len = asprintf(&filt,
+		"(&%s(|(nisNetgroupTriple=\\28*,%s,*\\29)))",
+		ldap_conf.netgroup_search_filter, escaped_user);
+	}
+    }
+    if (filt_len == -1)
+	goto oom;
+    DPRINTF1("ldap netgroup search filter: '%s'", filt);
+
+    STAILQ_FOREACH(base, &ldap_conf.netgroup_base, entries) {
+	DPRINTF1("searching from netgroup_base '%s'", base->val);
+	rc = ldap_search_ext_s(ld, base->val, LDAP_SCOPE_SUBTREE, filt,
+	    NULL, 0, NULL, NULL, tvp, 0, &result);
+	if (rc != LDAP_SUCCESS) {
+	    DPRINTF1("ldap netgroup search failed: %s", ldap_err2string(rc));
+	    ldap_msgfree(result);
+	    result = NULL;
+	    continue;
+	}
+
+	old_tail = STAILQ_LAST(netgroups, ldap_netgroup, entries);
+	LDAP_FOREACH(entry, ld, result) {
+	    struct berval **bv;
+
+	    bv = sudo_ldap_get_values_len(ld, entry, "cn", &rc);
+	    if (bv == NULL) {
+		if (rc == LDAP_NO_MEMORY)
+		    goto oom;
+	    } else {
+		/* Don't add a netgroup twice. */
+		STAILQ_FOREACH(ng, netgroups, entries) {
+		    /* Assumes only one cn per entry. */
+		    if (strcasecmp(ng->name, (*bv)->bv_val) == 0)
+			break;
+		}
+		if (ng == NULL) {
+		    ng = malloc(sizeof(*ng));
+		    if (ng == NULL ||
+			(ng->name = strdup((*bv)->bv_val)) == NULL) {
+			free(ng);
+			ldap_value_free_len(bv);
+			goto oom;
+		    }
+		    STAILQ_INSERT_TAIL(netgroups, ng, entries);
+		    DPRINTF1("Found new netgroup %s for %s", ng->name,
+			base->val);
+		}
+		ldap_value_free_len(bv);
+	    }
+	}
+	ldap_msgfree(result);
+	result = NULL;
+
+	/* Check for nested netgroups in what we added. */
+	ng = old_tail ? STAILQ_NEXT(old_tail, entries) : STAILQ_FIRST(netgroups);
+	if (ng != NULL) {
+	    if (!sudo_netgroup_lookup_nested(ld, base->val, tvp, netgroups, ng))
+		goto done;
+	}
+    }
+    ret = true;
+    goto done;
+
+oom:
+    sudo_warnx(U_("%s: %s"), __func__, U_("unable to allocate memory"));
+done:
+    free(escaped_domain);
+    free(escaped_user);
+    free(escaped_host);
+    if (escaped_host != escaped_shost)
+	free(escaped_shost);
+    free(filt);
+    ldap_msgfree(result);
+    debug_return_bool(ret);
+}
+
+/*
+ * Builds up a filter to check against LDAP.
+ */
+static char *
+sudo_ldap_build_pass1(LDAP *ld, struct passwd *pw)
+{
+    char *buf, timebuffer[TIMEFILTER_LENGTH + 1], gidbuf[MAX_UID_T_LEN + 1];
+    struct ldap_netgroup_list netgroups;
+    struct ldap_netgroup *ng = NULL;
+    struct gid_list *gidlist;
+    struct group_list *grlist;
+    struct group *grp;
+    size_t sz = 0;
+    int i;
+    debug_decl(sudo_ldap_build_pass1, SUDOERS_DEBUG_LDAP)
+
+    STAILQ_INIT(&netgroups);
+
+    /* If there is a filter, allocate space for the global AND. */
+    if (ldap_conf.timed || ldap_conf.search_filter)
+	sz += 3;
+
+    /* Add LDAP search filter if present. */
+    if (ldap_conf.search_filter)
+	sz += strlen(ldap_conf.search_filter);
+
+    /* Then add (|(sudoUser=USERNAME)(sudoUser=ALL)) + NUL */
+    sz += 29 + sudo_ldap_value_len(pw->pw_name);
+
+    /* Add space for primary and supplementary groups and gids */
+    if ((grp = sudo_getgrgid(pw->pw_gid)) != NULL) {
+	sz += 12 + sudo_ldap_value_len(grp->gr_name);
+    }
+    sz += 13 + MAX_UID_T_LEN;
+    if ((grlist = sudo_get_grlist(pw)) != NULL) {
+	for (i = 0; i < grlist->ngroups; i++) {
+	    if (grp != NULL && strcasecmp(grlist->groups[i], grp->gr_name) == 0)
+		continue;
+	    sz += 12 + sudo_ldap_value_len(grlist->groups[i]);
+	}
+    }
+    if ((gidlist = sudo_get_gidlist(pw, ENTRY_TYPE_ANY)) != NULL) {
+	for (i = 0; i < gidlist->ngids; i++) {
+	    if (pw->pw_gid == gidlist->gids[i])
+		continue;
+	    sz += 13 + MAX_UID_T_LEN;
+	}
+    }
+
+    /* Add space for user netgroups if netgroup_base specified. */
+    if (!STAILQ_EMPTY(&ldap_conf.netgroup_base)) {
+	DPRINTF1("Looking up netgroups for %s", pw->pw_name);
+	if (sudo_netgroup_lookup(ld, pw, &netgroups)) {
+	    STAILQ_FOREACH(ng, &netgroups, entries) {
+		sz += 14 + strlen(ng->name);
+	    }
+	} else {
+	    /* sudo_netgroup_lookup() failed, clean up. */
+	    while ((ng = STAILQ_FIRST(&netgroups)) != NULL) {
+		STAILQ_REMOVE_HEAD(&netgroups, entries);
+		free(ng->name);
+		free(ng);
+	    }
+	}
+    }
+
+    /* If timed, add space for time limits. */
+    if (ldap_conf.timed)
+	sz += TIMEFILTER_LENGTH;
+    if ((buf = malloc(sz)) == NULL)
+	goto bad;
+    *buf = '\0';
+
+    /*
+     * If timed or using a search filter, start a global AND clause to
+     * contain the search filter, search criteria, and time restriction.
+     */
+    if (ldap_conf.timed || ldap_conf.search_filter)
+	CHECK_STRLCPY(buf, "(&", sz);
+
+    if (ldap_conf.search_filter)
+	CHECK_STRLCAT(buf, ldap_conf.search_filter, sz);
+
+    /* Global OR + sudoUser=user_name filter */
+    CHECK_STRLCAT(buf, "(|(sudoUser=", sz);
+    CHECK_LDAP_VCAT(buf, pw->pw_name, sz);
+    CHECK_STRLCAT(buf, ")", sz);
+
+    /* Append primary group and gid */
+    if (grp != NULL) {
+	CHECK_STRLCAT(buf, "(sudoUser=%", sz);
+	CHECK_LDAP_VCAT(buf, grp->gr_name, sz);
+	CHECK_STRLCAT(buf, ")", sz);
+    }
+    (void) snprintf(gidbuf, sizeof(gidbuf), "%u", (unsigned int)pw->pw_gid);
+    CHECK_STRLCAT(buf, "(sudoUser=%#", sz);
+    CHECK_STRLCAT(buf, gidbuf, sz);
+    CHECK_STRLCAT(buf, ")", sz);
+
+    /* Append supplementary groups and gids */
+    if (grlist != NULL) {
+	for (i = 0; i < grlist->ngroups; i++) {
+	    if (grp != NULL && strcasecmp(grlist->groups[i], grp->gr_name) == 0)
+		continue;
+	    CHECK_STRLCAT(buf, "(sudoUser=%", sz);
+	    CHECK_LDAP_VCAT(buf, grlist->groups[i], sz);
+	    CHECK_STRLCAT(buf, ")", sz);
+	}
+    }
+    if (gidlist != NULL) {
+	for (i = 0; i < gidlist->ngids; i++) {
+	    if (pw->pw_gid == gidlist->gids[i])
+		continue;
+	    (void) snprintf(gidbuf, sizeof(gidbuf), "%u",
+		(unsigned int)gidlist->gids[i]);
+	    CHECK_STRLCAT(buf, "(sudoUser=%#", sz);
+	    CHECK_STRLCAT(buf, gidbuf, sz);
+	    CHECK_STRLCAT(buf, ")", sz);
+	}
+    }
+
+    /* Done with groups. */
+    if (gidlist != NULL)
+	sudo_gidlist_delref(gidlist);
+    if (grlist != NULL)
+	sudo_grlist_delref(grlist);
+    if (grp != NULL)
+	sudo_gr_delref(grp);
+
+    /* Add netgroups (if any), freeing the list as we go. */
+    while ((ng = STAILQ_FIRST(&netgroups)) != NULL) {
+	STAILQ_REMOVE_HEAD(&netgroups, entries);
+	CHECK_STRLCAT(buf, "(sudoUser=+", sz);
+	CHECK_LDAP_VCAT(buf, ng->name, sz);
+	CHECK_STRLCAT(buf, ")", sz);
+	free(ng->name);
+	free(ng);
+    }
+
+    /* Add ALL to list and end the global OR. */
+    CHECK_STRLCAT(buf, "(sudoUser=ALL)", sz);
+
+    /* Add the time restriction, or simply end the global OR. */
+    if (ldap_conf.timed) {
+	CHECK_STRLCAT(buf, ")", sz); /* closes the global OR */
+	if (!sudo_ldap_timefilter(timebuffer, sizeof(timebuffer)))
+	    goto bad;
+	CHECK_STRLCAT(buf, timebuffer, sz);
+    } else if (ldap_conf.search_filter) {
+	CHECK_STRLCAT(buf, ")", sz); /* closes the global OR */
+    }
+    CHECK_STRLCAT(buf, ")", sz); /* closes the global OR or the global AND */
+
+    debug_return_str(buf);
+overflow:
+    sudo_warnx(U_("internal error, %s overflow"), __func__);
+    if (ng != NULL) {
+	/* Overflow while traversing netgroups. */
+	free(ng->name);
+	free(ng);
+    }
+    errno = EOVERFLOW;
+bad:
+    while ((ng = STAILQ_FIRST(&netgroups)) != NULL) {
+	STAILQ_REMOVE_HEAD(&netgroups, entries);
+	free(ng->name);
+	free(ng);
+    }
+    free(buf);
+    debug_return_str(NULL);
+}
+
+/*
+ * Builds up a filter to check against non-Unix group
+ * entries in LDAP, including netgroups.
+ */
+static char *
+sudo_ldap_build_pass2(void)
+{
+    char *filt, timebuffer[TIMEFILTER_LENGTH + 1];
+    bool query_netgroups = def_use_netgroups;
+    int len;
+    debug_decl(sudo_ldap_build_pass2, SUDOERS_DEBUG_LDAP)
+
+    /* No need to query netgroups if using netgroup_base. */
+    if (!STAILQ_EMPTY(&ldap_conf.netgroup_base))
+	query_netgroups = false;
+
+    /* Short circuit if no netgroups and no non-Unix groups. */
+    if (!query_netgroups && !def_group_plugin) {
+	errno = ENOENT;
+	debug_return_str(NULL);
+    }
+
+    if (ldap_conf.timed) {
+	if (!sudo_ldap_timefilter(timebuffer, sizeof(timebuffer)))
+	    debug_return_str(NULL);
+    }
+
+    /*
+     * Match all sudoUsers beginning with '+' or '%:'.
+     * If a search filter or time restriction is specified,
+     * those get ANDed in to the expression.
+     */
+    if (query_netgroups && def_group_plugin) {
+	len = asprintf(&filt, "%s%s(|(sudoUser=+*)(sudoUser=%%:*))%s%s",
+	    (ldap_conf.timed || ldap_conf.search_filter) ? "(&" : "",
+	    ldap_conf.search_filter ? ldap_conf.search_filter : "",
+	    ldap_conf.timed ? timebuffer : "",
+	    (ldap_conf.timed || ldap_conf.search_filter) ? ")" : "");
+    } else {
+	len = asprintf(&filt, "(&%s(sudoUser=*)(sudoUser=%s*)%s)",
+	    ldap_conf.search_filter ? ldap_conf.search_filter : "",
+	    query_netgroups ? "+" : "%:",
+	    ldap_conf.timed ? timebuffer : "");
+    }
+    if (len == -1)
+	filt = NULL;
+
+    debug_return_str(filt);
+}
+
+static char *
+berval_iter(void **vp)
+{
+    struct berval **bv = *vp;
+
+    *vp = bv + 1;
+    return *bv ? (*bv)->bv_val : NULL;
+}
+
+static bool
+ldap_to_sudoers(LDAP *ld, struct ldap_result *lres,
+    struct userspec_list *ldap_userspecs)
+{
+    struct userspec *us;
+    struct member *m;
+    unsigned int i;
+    int rc;
+    debug_decl(ldap_to_sudoers, SUDOERS_DEBUG_LDAP)
+
+    /* We only have a single userspec */
+    if ((us = calloc(1, sizeof(*us))) == NULL)
+	goto oom;
+    TAILQ_INIT(&us->users);
+    TAILQ_INIT(&us->privileges);
+    STAILQ_INIT(&us->comments);
+    TAILQ_INSERT_TAIL(ldap_userspecs, us, entries);
+
+    /* The user has already matched, use ALL as wildcard. */
+    if ((m = calloc(1, sizeof(*m))) == NULL)
+	goto oom;
+    m->type = ALL;
+    TAILQ_INSERT_TAIL(&us->users, m, entries);
+
+    /* Treat each sudoRole as a separate privilege. */
+    for (i = 0; i < lres->nentries; i++) {
+	LDAPMessage *entry = lres->entries[i].entry;
+	struct berval **cmnds = NULL, **hosts = NULL;
+	struct berval **runasusers = NULL, **runasgroups = NULL;
+	struct berval **opts = NULL, **notbefore = NULL, **notafter = NULL;
+	struct privilege *priv = NULL;
+	char *cn = NULL;
+
+	/* Ignore sudoRole without sudoCommand. */
+	cmnds = sudo_ldap_get_values_len(ld, entry, "sudoCommand", &rc);
+	if (cmnds == NULL) {
+	    if (rc == LDAP_NO_MEMORY)
+		goto cleanup;
+	    continue;
+	}
+
+	/* Get the entry's dn for long format printing. */
+	if ((cn = sudo_ldap_get_first_rdn(ld, entry)) == NULL)
+	    goto cleanup;
+
+	/* Get sudoHost */
+	hosts = sudo_ldap_get_values_len(ld, entry, "sudoHost", &rc);
+	if (rc == LDAP_NO_MEMORY)
+	    goto cleanup;
+
+	/* Get sudoRunAsUser / sudoRunAsGroup */
+	runasusers = sudo_ldap_get_values_len(ld, entry, "sudoRunAsUser", &rc);
+	if (runasusers == NULL) {
+	    if (rc != LDAP_NO_MEMORY)
+		runasusers = sudo_ldap_get_values_len(ld, entry, "sudoRunAs", &rc);
+	    if (rc == LDAP_NO_MEMORY)
+		goto cleanup;
+	}
+	runasgroups = sudo_ldap_get_values_len(ld, entry, "sudoRunAsGroup", &rc);
+	if (rc == LDAP_NO_MEMORY)
+	    goto cleanup;
+
+	/* Get sudoNotBefore / sudoNotAfter */
+	notbefore = sudo_ldap_get_values_len(ld, entry, "sudoNotBefore", &rc);
+	if (rc == LDAP_NO_MEMORY)
+	    goto cleanup;
+	notafter = sudo_ldap_get_values_len(ld, entry, "sudoNotAfter", &rc);
+	if (rc == LDAP_NO_MEMORY)
+	    goto cleanup;
+
+	/* Parse sudoOptions. */
+	opts = sudo_ldap_get_values_len(ld, entry, "sudoOption", &rc);
+	if (rc == LDAP_NO_MEMORY)
+	    goto cleanup;
+
+	priv = sudo_ldap_role_to_priv(cn, hosts, runasusers, runasgroups,
+	    cmnds, opts, notbefore ? notbefore[0]->bv_val : NULL,
+	    notafter ? notafter[0]->bv_val : NULL, false, true, berval_iter);
+
+    cleanup:
+	if (cn != NULL)
+	    ldap_memfree(cn);
+	if (cmnds != NULL)
+	    ldap_value_free_len(cmnds);
+	if (hosts != NULL)
+	    ldap_value_free_len(hosts);
+	if (runasusers != NULL)
+	    ldap_value_free_len(runasusers);
+	if (runasgroups != NULL)
+	    ldap_value_free_len(runasgroups);
+	if (opts != NULL)
+	    ldap_value_free_len(opts);
+	if (notbefore != NULL)
+	    ldap_value_free_len(notbefore);
+	if (notafter != NULL)
+	    ldap_value_free_len(notafter);
+
+	if (priv == NULL)
+	    goto oom;
+	TAILQ_INSERT_TAIL(&us->privileges, priv, entries);
+    }
+
+    debug_return_bool(true);
+
+oom:
+    sudo_warnx(U_("%s: %s"), __func__, U_("unable to allocate memory"));
+    free_userspecs(ldap_userspecs);
+    debug_return_bool(false);
+}
+
+#ifdef HAVE_LDAP_SASL_INTERACTIVE_BIND_S
+typedef unsigned int (*sudo_gss_krb5_ccache_name_t)(unsigned int *minor_status, const char *name, const char **old_name);
+static sudo_gss_krb5_ccache_name_t sudo_gss_krb5_ccache_name;
+
+static int
+sudo_set_krb5_ccache_name(const char *name, const char **old_name)
+{
+    int ret = 0;
+    unsigned int junk;
+    static bool initialized;
+    debug_decl(sudo_set_krb5_ccache_name, SUDOERS_DEBUG_LDAP)
+
+    if (!initialized) {
+	sudo_gss_krb5_ccache_name = (sudo_gss_krb5_ccache_name_t)
+	    sudo_dso_findsym(SUDO_DSO_DEFAULT, "gss_krb5_ccache_name");
+	initialized = true;
+    }
+
+    /*
+     * Try to use gss_krb5_ccache_name() if possible.
+     * We also need to set KRB5CCNAME since some LDAP libs may not use
+     * gss_krb5_ccache_name().
+     */
+    if (sudo_gss_krb5_ccache_name != NULL) {
+	ret = sudo_gss_krb5_ccache_name(&junk, name, old_name);
+    } else {
+	/* No gss_krb5_ccache_name(), fall back on KRB5CCNAME. */
+	if (old_name != NULL)
+	    *old_name = sudo_getenv("KRB5CCNAME");
+    }
+    if (name != NULL && *name != '\0') {
+	if (sudo_setenv("KRB5CCNAME", name, true) == -1)
+	    ret = -1;
+    } else {
+	if (sudo_unsetenv("KRB5CCNAME") == -1)
+	    ret = -1;
+    }
+
+    debug_return_int(ret);
+}
+
+/*
+ * Make a copy of the credential cache file specified by KRB5CCNAME
+ * which must be readable by the user.  The resulting cache file
+ * is root-owned and will be removed after authenticating via SASL.
+ */
+static char *
+sudo_krb5_copy_cc_file(const char *old_ccname)
+{
+    int nfd, ofd = -1;
+    ssize_t nread, nwritten = -1;
+    static char new_ccname[sizeof(_PATH_TMP) + sizeof("sudocc_XXXXXXXX") - 1];
+    char buf[10240], *ret = NULL;
+    debug_decl(sudo_krb5_copy_cc_file, SUDOERS_DEBUG_LDAP)
+
+    old_ccname = sudo_krb5_ccname_path(old_ccname);
+    if (old_ccname != NULL) {
+	/* Open credential cache as user to prevent stolen creds. */
+	if (!set_perms(PERM_USER))
+	    goto done;
+	ofd = open(old_ccname, O_RDONLY|O_NONBLOCK);
+	if (!restore_perms())
+	    goto done;
+
+	if (ofd != -1) {
+	    (void) fcntl(ofd, F_SETFL, 0);
+	    if (sudo_lock_file(ofd, SUDO_LOCK)) {
+		snprintf(new_ccname, sizeof(new_ccname), "%s%s",
+		    _PATH_TMP, "sudocc_XXXXXXXX");
+		nfd = mkstemp(new_ccname);
+		if (nfd != -1) {
+		    sudo_debug_printf(SUDO_DEBUG_INFO|SUDO_DEBUG_LINENO,
+			"copy ccache %s -> %s", old_ccname, new_ccname);
+		    while ((nread = read(ofd, buf, sizeof(buf))) > 0) {
+			ssize_t off = 0;
+			do {
+			    nwritten = write(nfd, buf + off, nread - off);
+			    if (nwritten == -1) {
+				sudo_warn("error writing to %s", new_ccname);
+				goto write_error;
+			    }
+			    off += nwritten;
+			} while (off < nread);
+		    }
+		    if (nread == -1)
+			sudo_warn("unable to read %s", new_ccname);
+write_error:
+		    close(nfd);
+		    if (nread != -1 && nwritten != -1) {
+			ret = new_ccname;	/* success! */
+		    } else {
+			unlink(new_ccname);	/* failed */
+		    }
+		} else {
+		    sudo_warn("unable to create temp file %s", new_ccname);
+		}
+	    }
+	} else {
+	    sudo_debug_printf(SUDO_DEBUG_WARN|SUDO_DEBUG_LINENO|SUDO_DEBUG_ERRNO,
+		"unable to open %s", old_ccname);
+	}
+    }
+done:
+    if (ofd != -1)
+	close(ofd);
+    debug_return_str(ret);
+}
+
+static int
+sudo_ldap_sasl_interact(LDAP *ld, unsigned int flags, void *_auth_id,
+    void *_interact)
+{
+    char *auth_id = (char *)_auth_id;
+    sasl_interact_t *interact = (sasl_interact_t *)_interact;
+    int ret = LDAP_SUCCESS;
+    debug_decl(sudo_ldap_sasl_interact, SUDOERS_DEBUG_LDAP)
+
+    for (; interact->id != SASL_CB_LIST_END; interact++) {
+	if (interact->id != SASL_CB_USER) {
+	    sudo_warnx("sudo_ldap_sasl_interact: unexpected interact id %lu",
+		interact->id);
+	    ret = LDAP_PARAM_ERROR;
+	    break;
+	}
+
+	if (auth_id != NULL)
+	    interact->result = auth_id;
+	else if (interact->defresult != NULL)
+	    interact->result = interact->defresult;
+	else
+	    interact->result = "";
+
+	interact->len = strlen(interact->result);
+#if SASL_VERSION_MAJOR < 2
+	interact->result = strdup(interact->result);
+	if (interact->result == NULL) {
+	    ret = LDAP_NO_MEMORY;
+	    break;
+	}
+#endif /* SASL_VERSION_MAJOR < 2 */
+	DPRINTF2("sudo_ldap_sasl_interact: SASL_CB_USER %s",
+	    (const char *)interact->result);
+    }
+    debug_return_int(ret);
+}
+#endif /* HAVE_LDAP_SASL_INTERACTIVE_BIND_S */
+
+/*
+ * Create a new sudo_ldap_result structure.
+ */
+static struct ldap_result *
+sudo_ldap_result_alloc(void)
+{
+    struct ldap_result *result;
+    debug_decl(sudo_ldap_result_alloc, SUDOERS_DEBUG_LDAP)
+
+    result = calloc(1, sizeof(*result));
+    if (result != NULL)
+	STAILQ_INIT(&result->searches);
+
+    debug_return_ptr(result);
+}
+
+/*
+ * Free the ldap result structure
+ */
+static void
+sudo_ldap_result_free(struct ldap_result *lres)
+{
+    struct ldap_search_result *s;
+    debug_decl(sudo_ldap_result_free, SUDOERS_DEBUG_LDAP)
+
+    if (lres != NULL) {
+	if (lres->nentries) {
+	    free(lres->entries);
+	    lres->entries = NULL;
+	}
+	while ((s = STAILQ_FIRST(&lres->searches)) != NULL) {
+	    STAILQ_REMOVE_HEAD(&lres->searches, entries);
+	    ldap_msgfree(s->searchresult);
+	    free(s);
+	}
+	free(lres);
+    }
+    debug_return;
+}
+
+/*
+ * Add a search result to the ldap_result structure.
+ */
+static struct ldap_search_result *
+sudo_ldap_result_add_search(struct ldap_result *lres, LDAP *ldap,
+    LDAPMessage *searchresult)
+{
+    struct ldap_search_result *news;
+    debug_decl(sudo_ldap_result_add_search, SUDOERS_DEBUG_LDAP)
+
+    /* Create new entry and add it to the end of the chain. */
+    news = calloc(1, sizeof(*news));
+    if (news != NULL) {
+	news->ldap = ldap;
+	news->searchresult = searchresult;
+	STAILQ_INSERT_TAIL(&lres->searches, news, entries);
+    }
+
+    debug_return_ptr(news);
+}
+
+/*
+ * Connect to the LDAP server specified by ld.
+ * Returns LDAP_SUCCESS on success, else non-zero.
+ */
+static int
+sudo_ldap_bind_s(LDAP *ld)
+{
+    int ret;
+    debug_decl(sudo_ldap_bind_s, SUDOERS_DEBUG_LDAP)
+
+#ifdef HAVE_LDAP_SASL_INTERACTIVE_BIND_S
+    if (ldap_conf.rootuse_sasl == true ||
+	(ldap_conf.rootuse_sasl != false && ldap_conf.use_sasl == true)) {
+	const char *old_ccname = NULL;
+	const char *new_ccname = ldap_conf.krb5_ccname;
+	const char *tmp_ccname = NULL;
+	void *auth_id = ldap_conf.rootsasl_auth_id ?
+	    ldap_conf.rootsasl_auth_id : ldap_conf.sasl_auth_id;
+	int rc;
+
+	/* Make temp copy of the user's credential cache as needed. */
+	if (ldap_conf.krb5_ccname == NULL && user_ccname != NULL) {
+	    new_ccname = tmp_ccname = sudo_krb5_copy_cc_file(user_ccname);
+	    if (tmp_ccname == NULL) {
+		/* XXX - fatal error */
+		sudo_debug_printf(SUDO_DEBUG_INFO|SUDO_DEBUG_LINENO,
+		    "unable to copy user ccache %s", user_ccname);
+	    }
+	}
+
+	if (new_ccname != NULL) {
+	    rc = sudo_set_krb5_ccache_name(new_ccname, &old_ccname);
+	    if (rc == 0) {
+		sudo_debug_printf(SUDO_DEBUG_INFO|SUDO_DEBUG_LINENO,
+		    "set ccache name %s -> %s",
+		    old_ccname ? old_ccname : "(none)", new_ccname);
+	    } else {
+		sudo_debug_printf(SUDO_DEBUG_WARN|SUDO_DEBUG_LINENO,
+		    "sudo_set_krb5_ccache_name() failed: %d", rc);
+	    }
+	}
+	ret = ldap_sasl_interactive_bind_s(ld, ldap_conf.binddn,
+	    ldap_conf.sasl_mech, NULL, NULL, LDAP_SASL_QUIET,
+	    sudo_ldap_sasl_interact, auth_id);
+	if (new_ccname != NULL) {
+	    rc = sudo_set_krb5_ccache_name(old_ccname ? old_ccname : "", NULL);
+	    if (rc == 0) {
+		sudo_debug_printf(SUDO_DEBUG_INFO|SUDO_DEBUG_LINENO,
+		    "restore ccache name %s -> %s", new_ccname,
+		    old_ccname ? old_ccname : "(none)");
+	    } else {
+		sudo_debug_printf(SUDO_DEBUG_WARN|SUDO_DEBUG_LINENO,
+		    "sudo_set_krb5_ccache_name() failed: %d", rc);
+	    }
+	    /* Remove temporary copy of user's credential cache. */
+	    if (tmp_ccname != NULL)
+		unlink(tmp_ccname);
+	}
+	if (ret != LDAP_SUCCESS) {
+	    sudo_warnx("ldap_sasl_interactive_bind_s(): %s",
+		ldap_err2string(ret));
+	    goto done;
+	}
+	DPRINTF1("ldap_sasl_interactive_bind_s() ok");
+    } else
+#endif /* HAVE_LDAP_SASL_INTERACTIVE_BIND_S */
+#ifdef HAVE_LDAP_SASL_BIND_S
+    {
+	struct berval bv;
+
+	bv.bv_val = ldap_conf.bindpw ? ldap_conf.bindpw : "";
+	bv.bv_len = strlen(bv.bv_val);
+
+	ret = ldap_sasl_bind_s(ld, ldap_conf.binddn, LDAP_SASL_SIMPLE, &bv,
+	    NULL, NULL, NULL);
+	if (ret != LDAP_SUCCESS) {
+	    sudo_warnx("ldap_sasl_bind_s(): %s", ldap_err2string(ret));
+	    goto done;
+	}
+	DPRINTF1("ldap_sasl_bind_s() ok");
+    }
+#else
+    {
+	ret = ldap_simple_bind_s(ld, ldap_conf.binddn, ldap_conf.bindpw);
+	if (ret != LDAP_SUCCESS) {
+	    sudo_warnx("ldap_simple_bind_s(): %s", ldap_err2string(ret));
+	    goto done;
+	}
+	DPRINTF1("ldap_simple_bind_s() ok");
+    }
+#endif
+done:
+    debug_return_int(ret);
+}
+
+/*
+ * Shut down the LDAP connection.
+ */
+static int
+sudo_ldap_close(struct sudo_nss *nss)
+{
+    struct sudo_ldap_handle *handle = nss->handle;
+    debug_decl(sudo_ldap_close, SUDOERS_DEBUG_LDAP)
+
+    if (handle != NULL) {
+	/* Unbind and close the LDAP connection. */
+	if (handle->ld != NULL) {
+	    ldap_unbind_ext_s(handle->ld, NULL, NULL);
+	    handle->ld = NULL;
+	}
+
+	/* Free the handle container. */
+	if (handle->pw != NULL)
+	    sudo_pw_delref(handle->pw);
+	free_parse_tree(&handle->parse_tree);
+	free(handle);
+	nss->handle = NULL;
+    }
+    debug_return_int(0);
+}
+
+/*
+ * Open a connection to the LDAP server.
+ * Returns 0 on success and non-zero on failure.
+ */
+static int
+sudo_ldap_open(struct sudo_nss *nss)
+{
+    LDAP *ld;
+    int rc = -1;
+    bool ldapnoinit = false;
+    struct sudo_ldap_handle *handle;
+    debug_decl(sudo_ldap_open, SUDOERS_DEBUG_LDAP)
+
+    if (nss->handle != NULL) {
+	sudo_debug_printf(SUDO_DEBUG_ERROR,
+	    "%s: called with non-NULL handle %p", __func__, nss->handle);
+	sudo_ldap_close(nss);
+    }
+
+    if (!sudo_ldap_read_config())
+	goto done;
+
+    /* Prevent reading of user ldaprc and system defaults. */
+    if (sudo_getenv("LDAPNOINIT") == NULL) {
+	if (sudo_setenv("LDAPNOINIT", "1", true) == 0)
+	    ldapnoinit = true;
+    }
+
+    /* Set global LDAP options */
+    if (sudo_ldap_set_options_global() != LDAP_SUCCESS)
+	goto done;
+
+    /* Connect to LDAP server */
+#ifdef HAVE_LDAP_INITIALIZE
+    if (!STAILQ_EMPTY(&ldap_conf.uri)) {
+	char *buf = sudo_ldap_join_uri(&ldap_conf.uri);
+	if (buf == NULL)
+	    goto done;
+	DPRINTF2("ldap_initialize(ld, %s)", buf);
+	rc = ldap_initialize(&ld, buf);
+	free(buf);
+    } else
+#endif
+	rc = sudo_ldap_init(&ld, ldap_conf.host, ldap_conf.port);
+    if (rc != LDAP_SUCCESS) {
+	sudo_warnx(U_("unable to initialize LDAP: %s"), ldap_err2string(rc));
+	goto done;
+    }
+
+    /* Set LDAP per-connection options */
+    rc = sudo_ldap_set_options_conn(ld);
+    if (rc != LDAP_SUCCESS)
+	goto done;
+
+    if (ldapnoinit)
+	(void) sudo_unsetenv("LDAPNOINIT");
+
+    if (ldap_conf.ssl_mode == SUDO_LDAP_STARTTLS) {
+#if defined(HAVE_LDAP_START_TLS_S)
+	rc = ldap_start_tls_s(ld, NULL, NULL);
+	if (rc != LDAP_SUCCESS) {
+	    sudo_warnx("ldap_start_tls_s(): %s", ldap_err2string(rc));
+	    goto done;
+	}
+	DPRINTF1("ldap_start_tls_s() ok");
+#elif defined(HAVE_LDAP_SSL_CLIENT_INIT) && defined(HAVE_LDAP_START_TLS_S_NP)
+	int sslrc;
+	rc = ldap_ssl_client_init(ldap_conf.tls_keyfile, ldap_conf.tls_keypw,
+	    0, &sslrc);
+	if (rc != LDAP_SUCCESS) {
+	    sudo_warnx("ldap_ssl_client_init(): %s (SSL reason code %d)",
+		ldap_err2string(rc), sslrc);
+	    goto done;
+	}
+	rc = ldap_start_tls_s_np(ld, NULL);
+	if (rc != LDAP_SUCCESS) {
+	    sudo_warnx("ldap_start_tls_s_np(): %s", ldap_err2string(rc));
+	    goto done;
+	}
+	DPRINTF1("ldap_start_tls_s_np() ok");
+#else
+	sudo_warnx(U_("start_tls specified but LDAP libs do not support ldap_start_tls_s() or ldap_start_tls_s_np()"));
+#endif /* !HAVE_LDAP_START_TLS_S && !HAVE_LDAP_START_TLS_S_NP */
+    }
+
+    /* Actually connect */
+    rc = sudo_ldap_bind_s(ld);
+    if (rc != LDAP_SUCCESS)
+	goto done;
+
+    /* Create a handle container. */
+    handle = calloc(1, sizeof(struct sudo_ldap_handle));
+    if (handle == NULL) {
+	sudo_warnx(U_("%s: %s"), __func__, U_("unable to allocate memory"));
+	rc = -1;
+	goto done;
+    }
+    handle->ld = ld;
+    /* handle->pw = NULL; */
+    init_parse_tree(&handle->parse_tree);
+    nss->handle = handle;
+
+done:
+    debug_return_int(rc == LDAP_SUCCESS ? 0 : -1);
+}
+
+static int
+sudo_ldap_getdefs(struct sudo_nss *nss)
+{
+    struct sudo_ldap_handle *handle = nss->handle;
+    struct timeval tv, *tvp = NULL;
+    struct ldap_config_str *base;
+    LDAPMessage *entry, *result = NULL;
+    char *filt = NULL;
+    int rc, ret = -1;
+    static bool cached;
+    debug_decl(sudo_ldap_getdefs, SUDOERS_DEBUG_LDAP)
+
+    if (handle == NULL) {
+	sudo_debug_printf(SUDO_DEBUG_ERROR,
+	    "%s: called with NULL handle", __func__);
+	debug_return_int(-1);
+    }
+
+    /* Use cached result if present. */
+    if (cached)
+	debug_return_int(0);
+
+    filt = sudo_ldap_build_default_filter();
+    if (filt == NULL) {
+	sudo_warnx(U_("%s: %s"), __func__, U_("unable to allocate memory"));
+	debug_return_int(-1);
+    }
+    DPRINTF1("Looking for cn=defaults: %s", filt);
+
+    STAILQ_FOREACH(base, &ldap_conf.base, entries) {
+	LDAP *ld = handle->ld;
+
+	if (ldap_conf.timeout > 0) {
+	    tv.tv_sec = ldap_conf.timeout;
+	    tv.tv_usec = 0;
+	    tvp = &tv;
+	}
+	ldap_msgfree(result);
+	result = NULL;
+	rc = ldap_search_ext_s(ld, base->val, LDAP_SCOPE_SUBTREE,
+	    filt, NULL, 0, NULL, NULL, tvp, 0, &result);
+	if (rc == LDAP_SUCCESS && (entry = ldap_first_entry(ld, result))) {
+	    DPRINTF1("found:%s", ldap_get_dn(ld, entry));
+	    if (!sudo_ldap_parse_options(ld, entry, &handle->parse_tree.defaults))
+		goto done;
+	} else {
+	    DPRINTF1("no default options found in %s", base->val);
+	}
+    }
+    cached = true;
+    ret = 0;
+
+done:
+    ldap_msgfree(result);
+    free(filt);
+
+    debug_return_int(ret);
+}
+
+/*
+ * Comparison function for ldap_entry_wrapper structures, ascending order.
+ * This should match role_order_cmp() in parse_ldif.c.
+ */
+static int
+ldap_entry_compare(const void *a, const void *b)
+{
+    const struct ldap_entry_wrapper *aw = a;
+    const struct ldap_entry_wrapper *bw = b;
+    debug_decl(ldap_entry_compare, SUDOERS_DEBUG_LDAP)
+
+    debug_return_int(aw->order < bw->order ? -1 :
+	(aw->order > bw->order ? 1 : 0));
+}
+
+/*
+ * Return the last entry in the list of searches, usually the
+ * one currently being used to add entries.
+ */
+static struct ldap_search_result *
+sudo_ldap_result_last_search(struct ldap_result *lres)
+{
+    debug_decl(sudo_ldap_result_last_search, SUDOERS_DEBUG_LDAP)
+
+    debug_return_ptr(STAILQ_LAST(&lres->searches, ldap_search_result, entries));
+}
+
+/*
+ * Add an entry to the result structure.
+ */
+static struct ldap_entry_wrapper *
+sudo_ldap_result_add_entry(struct ldap_result *lres, LDAPMessage *entry)
+{
+    struct ldap_search_result *last;
+    struct berval **bv;
+    double order = 0.0;
+    char *ep;
+    int rc;
+    debug_decl(sudo_ldap_result_add_entry, SUDOERS_DEBUG_LDAP)
+
+    /* Determine whether the entry has the sudoOrder attribute. */
+    last = sudo_ldap_result_last_search(lres);
+    if (last != NULL) {
+	bv = sudo_ldap_get_values_len(last->ldap, entry, "sudoOrder", &rc);
+	if (rc == LDAP_NO_MEMORY) {
+	    /* XXX - return error */
+	    sudo_warnx(U_("%s: %s"), __func__, U_("unable to allocate memory"));
+	} else {
+	    if (ldap_count_values_len(bv) > 0) {
+		/* Get the value of this attribute, 0 if not present. */
+		DPRINTF2("order attribute raw: %s", (*bv)->bv_val);
+		order = strtod((*bv)->bv_val, &ep);
+		if (ep == (*bv)->bv_val || *ep != '\0') {
+		    sudo_warnx(U_("invalid sudoOrder attribute: %s"),
+			(*bv)->bv_val);
+		    order = 0.0;
+		}
+		DPRINTF2("order attribute: %f", order);
+	    }
+	    ldap_value_free_len(bv);
+	}
+    }
+
+    /*
+     * Enlarge the array of entry wrappers as needed, preallocating blocks
+     * of 100 entries to save on allocation time.
+     */
+    if (++lres->nentries > lres->allocated_entries) {
+	int allocated_entries = lres->allocated_entries + ALLOCATION_INCREMENT;
+	struct ldap_entry_wrapper *entries = reallocarray(lres->entries,
+	    allocated_entries, sizeof(lres->entries[0]));
+	if (entries == NULL)
+	    debug_return_ptr(NULL);
+	lres->allocated_entries = allocated_entries;
+	lres->entries = entries;
+    }
+
+    /* Fill in the new entry and return it. */
+    lres->entries[lres->nentries - 1].entry = entry;
+    lres->entries[lres->nentries - 1].order = order;
+
+    debug_return_ptr(&lres->entries[lres->nentries - 1]);
+}
+
+/*
+ * Perform the LDAP query for the user.  The caller is responsible for
+ * freeing the result with sudo_ldap_result_free().
+ */
+static struct ldap_result *
+sudo_ldap_result_get(struct sudo_nss *nss, struct passwd *pw)
+{
+    struct sudo_ldap_handle *handle = nss->handle;
+    struct ldap_config_str *base;
+    struct ldap_result *lres;
+    struct timeval tv, *tvp = NULL;
+    LDAPMessage *entry, *result;
+    LDAP *ld = handle->ld;
+    char *filt = NULL;
+    int pass, rc;
+    debug_decl(sudo_ldap_result_get, SUDOERS_DEBUG_LDAP)
+
+    /*
+     * Okay - time to search for anything that matches this user
+     * Lets limit it to only two queries of the LDAP server
+     *
+     * The first pass will look by the username, groups, and
+     * the keyword ALL.  We will then inspect the results that
+     * came back from the query.  We don't need to inspect the
+     * sudoUser in this pass since the LDAP server already scanned
+     * it for us.
+     *
+     * The second pass will return all the entries that contain non-
+     * Unix groups, including netgroups.  Then we take the non-Unix
+     * groups returned and try to match them against the username.
+     *
+     * Since we have to sort the possible entries before we make a
+     * decision, we perform the queries and store all of the results in
+     * an ldap_result object.  The results are then sorted by sudoOrder.
+     */
+    lres = sudo_ldap_result_alloc();
+    if (lres == NULL)
+	goto oom;
+    for (pass = 0; pass < 2; pass++) {
+	filt = pass ? sudo_ldap_build_pass2() : sudo_ldap_build_pass1(ld, pw);
+	if (filt != NULL) {
+	    DPRINTF1("ldap search '%s'", filt);
+	    STAILQ_FOREACH(base, &ldap_conf.base, entries) {
+		DPRINTF1("searching from base '%s'",
+		    base->val);
+		if (ldap_conf.timeout > 0) {
+		    tv.tv_sec = ldap_conf.timeout;
+		    tv.tv_usec = 0;
+		    tvp = &tv;
+		}
+		result = NULL;
+		rc = ldap_search_ext_s(ld, base->val, LDAP_SCOPE_SUBTREE, filt,
+		    NULL, 0, NULL, NULL, tvp, 0, &result);
+		if (rc != LDAP_SUCCESS) {
+		    DPRINTF1("ldap search pass %d failed: %s", pass + 1,
+			ldap_err2string(rc));
+		    continue;
+		}
+
+		/* Add the search result to list of search results. */
+		DPRINTF1("adding search result");
+		if (sudo_ldap_result_add_search(lres, ld, result) == NULL)
+		    goto oom;
+		LDAP_FOREACH(entry, ld, result) {
+		    if (pass != 0) {
+			/* Check non-unix group in 2nd pass. */
+			switch (sudo_ldap_check_non_unix_group(ld, entry, pw)) {
+			case -1:
+			    goto oom;
+			case false:
+			    continue;
+			default:
+			    break;
+			}
+		    }
+		    if (sudo_ldap_result_add_entry(lres, entry) == NULL)
+			goto oom;
+		}
+		DPRINTF1("result now has %d entries", lres->nentries);
+	    }
+	    free(filt);
+	    filt = NULL;
+	} else if (errno != ENOENT) {
+	    /* Out of memory? */
+	    goto oom;
+	}
+    }
+
+    /* Sort the entries by the sudoOrder attribute. */
+    if (lres->nentries != 0) {
+	DPRINTF1("sorting remaining %d entries", lres->nentries);
+	qsort(lres->entries, lres->nentries, sizeof(lres->entries[0]),
+	    ldap_entry_compare);
+    }
+
+    debug_return_ptr(lres);
+oom:
+    sudo_warnx(U_("%s: %s"), __func__, U_("unable to allocate memory"));
+    free(filt);
+    sudo_ldap_result_free(lres);
+    debug_return_ptr(NULL);
+}
+
+/*
+ * Perform LDAP query for user and host and convert to sudoers
+ * parse tree.
+ */
+static int
+sudo_ldap_query(struct sudo_nss *nss, struct passwd *pw)
+{
+    struct sudo_ldap_handle *handle = nss->handle;
+    struct ldap_result *lres = NULL;
+    int ret = -1;
+    debug_decl(sudo_ldap_query, SUDOERS_DEBUG_LDAP)
+
+    if (handle == NULL) {
+	sudo_debug_printf(SUDO_DEBUG_ERROR,
+	    "%s: called with NULL handle", __func__);
+	debug_return_int(-1);
+    }
+
+    /* Use cached result if it matches pw. */
+    if (handle->pw != NULL) {
+	if (pw == handle->pw) {
+	    ret = 0;
+	    goto done;
+	}
+	sudo_pw_delref(handle->pw);
+	handle->pw = NULL;
+    }
+
+    /* Free old userspecs, if any. */
+    free_userspecs(&handle->parse_tree.userspecs);
+
+    DPRINTF1("%s: ldap search user %s, host %s", __func__, pw->pw_name,
+	user_runhost);
+    if ((lres = sudo_ldap_result_get(nss, pw)) == NULL)
+	goto done;
+
+    /* Convert to sudoers parse tree. */
+    if (!ldap_to_sudoers(handle->ld, lres, &handle->parse_tree.userspecs))
+	goto done;
+
+    /* Stash a ref to the passwd struct in the handle. */
+    sudo_pw_addref(pw);
+    handle->pw = pw;
+
+    ret = 0;
+
+done:
+    /* Cleanup. */
+    sudo_ldap_result_free(lres);
+    if (ret == -1)
+	free_userspecs(&handle->parse_tree.userspecs);
+    debug_return_int(ret);
+}
+
+/*
+ * Return the initialized (but empty) sudoers parse tree.
+ * The contents will be populated by the getdefs() and query() functions.
+ */
+static struct sudoers_parse_tree *
+sudo_ldap_parse(struct sudo_nss *nss)
+{
+    struct sudo_ldap_handle *handle = nss->handle;
+    debug_decl(sudo_ldap_parse, SUDOERS_DEBUG_LDAP)
+
+    if (handle == NULL) {
+	sudo_debug_printf(SUDO_DEBUG_ERROR,
+	    "%s: called with NULL handle", __func__);
+	debug_return_ptr(NULL);
+    }
+
+    debug_return_ptr(&handle->parse_tree);
+}
+
+#if 0
+/*
+ * Create an ldap_result from an LDAP search result.
+ *
+ * This function is currently not used anywhere, it is left here as
+ * an example of how to use the cached searches.
+ */
+static struct ldap_result *
+sudo_ldap_result_from_search(LDAP *ldap, LDAPMessage *searchresult)
+{
+    struct ldap_search_result *last;
+    struct ldap_result *result;
+    LDAPMessage	*entry;
+
+    /*
+     * An ldap_result is built from several search results, which are
+     * organized in a list. The head of the list is maintained in the
+     * ldap_result structure, together with the wrappers that point
+     * to individual entries, this has to be initialized first.
+     */
+    result = sudo_ldap_result_alloc();
+    if (result == NULL) {
+	sudo_warnx(U_("%s: %s"), __func__, U_("unable to allocate memory"));
+	debug_return_ptr(NULL);
+    }
+
+    /*
+     * Build a new list node for the search result, this creates the
+     * list node.
+     */
+    last = sudo_ldap_result_add_search(result, ldap, searchresult);
+
+    /*
+     * Now add each entry in the search result to the array of of entries
+     * in the ldap_result object.
+     */
+    LDAP_FOREACH(entry, last->ldap, last->searchresult) {
+	if (sudo_ldap_result_add_entry(result, entry) == NULL) {
+	    sudo_warnx(U_("%s: %s"), __func__, U_("unable to allocate memory"));
+	    sudo_ldap_result_free(result);
+	    result = NULL;
+	    break;
+	}
+    }
+    DPRINTF1("sudo_ldap_result_from_search: %d entries found",
+	result ? result->nentries : -1);
+    return result;
+}
+#endif
+
+/* sudo_nss implementation */
+struct sudo_nss sudo_nss_ldap = {
+    { NULL, NULL },
+    sudo_ldap_open,
+    sudo_ldap_close,
+    sudo_ldap_parse,
+    sudo_ldap_query,
+    sudo_ldap_getdefs
+};
diff --git a/plugins/sudoers/ldap_conf.c b/plugins/sudoers/ldap_conf.c
new file mode 100644
index 0000000..06591d4
--- /dev/null
+++ b/plugins/sudoers/ldap_conf.c
@@ -0,0 +1,934 @@
+/*
+ * Copyright (c) 2003-2018 Todd C. Miller <Todd.Miller@sudo.ws>
+ *
+ * This code is derived from software contributed by Aaron Spangler.
+ *
+ * Permission to use, copy, modify, and distribute this software for any
+ * purpose with or without fee is hereby granted, provided that the above
+ * copyright notice and this permission notice appear in all copies.
+ *
+ * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
+ * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
+ * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
+ * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
+ * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
+ * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
+ * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
+ */
+
+/*
+ * This is an open source non-commercial project. Dear PVS-Studio, please check it.
+ * PVS-Studio Static Code Analyzer for C, C++ and C#: http://www.viva64.com
+ */
+
+#include <config.h>
+
+#include <sys/types.h>
+#include <sys/time.h>
+#include <sys/stat.h>
+#include <stdio.h>
+#include <stdlib.h>
+#ifdef HAVE_STRING_H
+# include <string.h>
+#endif /* HAVE_STRING_H */
+#ifdef HAVE_STRINGS_H
+# include <strings.h>
+#endif /* HAVE_STRINGS_H */
+#include <unistd.h>
+#include <time.h>
+#include <ctype.h>
+#include <fcntl.h>
+#ifdef HAVE_LBER_H
+# include <lber.h>
+#endif
+#include <ldap.h>
+#if defined(HAVE_LDAP_SSL_H)
+# include <ldap_ssl.h>
+#elif defined(HAVE_MPS_LDAP_SSL_H)
+# include <mps/ldap_ssl.h>
+#endif
+
+#include "sudoers.h"
+#include "sudo_lbuf.h"
+#include "sudo_ldap.h"
+#include "sudo_ldap_conf.h"
+
+/* Older Netscape LDAP SDKs don't prototype ldapssl_set_strength() */
+#if defined(HAVE_LDAPSSL_SET_STRENGTH) && !defined(HAVE_LDAP_SSL_H) && !defined(HAVE_MPS_LDAP_SSL_H)
+extern int ldapssl_set_strength(LDAP *ldap, int strength);
+#endif
+
+#if !defined(LDAP_OPT_NETWORK_TIMEOUT) && defined(LDAP_OPT_CONNECT_TIMEOUT)
+# define LDAP_OPT_NETWORK_TIMEOUT LDAP_OPT_CONNECT_TIMEOUT
+#endif
+
+#ifndef LDAP_OPT_SUCCESS
+# define LDAP_OPT_SUCCESS LDAP_SUCCESS
+#endif
+
+#ifndef LDAPS_PORT
+# define LDAPS_PORT 636
+#endif
+
+/* Default search filter. */
+#define DEFAULT_SEARCH_FILTER	"(objectClass=sudoRole)"
+
+/* Default netgroup search filter. */
+#define DEFAULT_NETGROUP_SEARCH_FILTER	"(objectClass=nisNetgroup)"
+
+/* LDAP configuration structure */
+struct ldap_config ldap_conf;
+
+static struct ldap_config_table ldap_conf_global[] = {
+    { "sudoers_debug", CONF_INT, -1, &ldap_conf.debug },
+    { "host", CONF_STR, -1, &ldap_conf.host },
+    { "port", CONF_INT, -1, &ldap_conf.port },
+    { "ssl", CONF_STR, -1, &ldap_conf.ssl },
+    { "sslpath", CONF_STR, -1, &ldap_conf.tls_certfile },
+    { "uri", CONF_LIST_STR, -1, &ldap_conf.uri },
+#ifdef LDAP_OPT_DEBUG_LEVEL
+    { "debug", CONF_INT, LDAP_OPT_DEBUG_LEVEL, &ldap_conf.ldap_debug },
+#endif
+#ifdef LDAP_OPT_X_TLS_REQUIRE_CERT
+    { "tls_checkpeer", CONF_BOOL, LDAP_OPT_X_TLS_REQUIRE_CERT,
+	&ldap_conf.tls_checkpeer },
+    { "tls_reqcert", CONF_REQCERT_VAL, LDAP_OPT_X_TLS_REQUIRE_CERT,
+	&ldap_conf.tls_reqcert },
+#else
+    { "tls_checkpeer", CONF_BOOL, -1, &ldap_conf.tls_checkpeer },
+#endif
+#ifdef LDAP_OPT_X_TLS_CACERTFILE
+    { "tls_cacertfile", CONF_STR, LDAP_OPT_X_TLS_CACERTFILE,
+	&ldap_conf.tls_cacertfile },
+    { "tls_cacert", CONF_STR, LDAP_OPT_X_TLS_CACERTFILE,
+	&ldap_conf.tls_cacertfile },
+#endif
+#ifdef LDAP_OPT_X_TLS_CACERTDIR
+    { "tls_cacertdir", CONF_STR, LDAP_OPT_X_TLS_CACERTDIR,
+	&ldap_conf.tls_cacertdir },
+#endif
+#ifdef LDAP_OPT_X_TLS_RANDOM_FILE
+    { "tls_randfile", CONF_STR, LDAP_OPT_X_TLS_RANDOM_FILE,
+	&ldap_conf.tls_random_file },
+#endif
+#ifdef LDAP_OPT_X_TLS_CIPHER_SUITE
+    { "tls_ciphers", CONF_STR, LDAP_OPT_X_TLS_CIPHER_SUITE,
+	&ldap_conf.tls_cipher_suite },
+#elif defined(LDAP_OPT_SSL_CIPHER)
+    { "tls_ciphers", CONF_STR, LDAP_OPT_SSL_CIPHER,
+	&ldap_conf.tls_cipher_suite },
+#endif
+#ifdef LDAP_OPT_X_TLS_CERTFILE
+    { "tls_cert", CONF_STR, LDAP_OPT_X_TLS_CERTFILE,
+	&ldap_conf.tls_certfile },
+#else
+    { "tls_cert", CONF_STR, -1, &ldap_conf.tls_certfile },
+#endif
+#ifdef LDAP_OPT_X_TLS_KEYFILE
+    { "tls_key", CONF_STR, LDAP_OPT_X_TLS_KEYFILE,
+	&ldap_conf.tls_keyfile },
+#else
+    { "tls_key", CONF_STR, -1, &ldap_conf.tls_keyfile },
+#endif
+#ifdef HAVE_LDAP_SSL_CLIENT_INIT
+    { "tls_keypw", CONF_STR, -1, &ldap_conf.tls_keypw },
+#endif
+    { "binddn", CONF_STR, -1, &ldap_conf.binddn },
+    { "bindpw", CONF_STR, -1, &ldap_conf.bindpw },
+    { "rootbinddn", CONF_STR, -1, &ldap_conf.rootbinddn },
+    { "sudoers_base", CONF_LIST_STR, -1, &ldap_conf.base },
+    { "sudoers_timed", CONF_BOOL, -1, &ldap_conf.timed },
+    { "sudoers_search_filter", CONF_STR, -1, &ldap_conf.search_filter },
+    { "netgroup_base", CONF_LIST_STR, -1, &ldap_conf.netgroup_base },
+    { "netgroup_search_filter", CONF_STR, -1, &ldap_conf.netgroup_search_filter },
+#ifdef HAVE_LDAP_SASL_INTERACTIVE_BIND_S
+    { "use_sasl", CONF_BOOL, -1, &ldap_conf.use_sasl },
+    { "sasl_mech", CONF_STR, -1, &ldap_conf.sasl_mech },
+    { "sasl_auth_id", CONF_STR, -1, &ldap_conf.sasl_auth_id },
+    { "rootuse_sasl", CONF_BOOL, -1, &ldap_conf.rootuse_sasl },
+    { "rootsasl_auth_id", CONF_STR, -1, &ldap_conf.rootsasl_auth_id },
+    { "krb5_ccname", CONF_STR, -1, &ldap_conf.krb5_ccname },
+#endif /* HAVE_LDAP_SASL_INTERACTIVE_BIND_S */
+    { NULL }
+};
+
+static struct ldap_config_table ldap_conf_conn[] = {
+#ifdef LDAP_OPT_PROTOCOL_VERSION
+    { "ldap_version", CONF_INT, LDAP_OPT_PROTOCOL_VERSION,
+	&ldap_conf.version },
+#endif
+#ifdef LDAP_OPT_NETWORK_TIMEOUT
+    { "bind_timelimit", CONF_INT, -1 /* needs timeval, set manually */,
+	&ldap_conf.bind_timelimit },
+    { "network_timeout", CONF_INT, -1 /* needs timeval, set manually */,
+	&ldap_conf.bind_timelimit },
+#elif defined(LDAP_X_OPT_CONNECT_TIMEOUT)
+    { "bind_timelimit", CONF_INT, LDAP_X_OPT_CONNECT_TIMEOUT,
+	&ldap_conf.bind_timelimit },
+    { "network_timeout", CONF_INT, LDAP_X_OPT_CONNECT_TIMEOUT,
+	&ldap_conf.bind_timelimit },
+#endif
+    { "timelimit", CONF_INT, LDAP_OPT_TIMELIMIT, &ldap_conf.timelimit },
+#ifdef LDAP_OPT_TIMEOUT
+    { "timeout", CONF_INT, -1 /* needs timeval, set manually */,
+	&ldap_conf.timeout },
+#endif
+#ifdef LDAP_OPT_DEREF
+    { "deref", CONF_DEREF_VAL, LDAP_OPT_DEREF, &ldap_conf.deref },
+#endif
+#ifdef LDAP_OPT_X_SASL_SECPROPS
+    { "sasl_secprops", CONF_STR, LDAP_OPT_X_SASL_SECPROPS,
+	&ldap_conf.sasl_secprops },
+#endif
+    { NULL }
+};
+
+#ifdef HAVE_LDAP_CREATE
+/*
+ * Rebuild the hosts list and include a specific port for each host.
+ * ldap_create() does not take a default port parameter so we must
+ * append one if we want something other than LDAP_PORT.
+ */
+static bool
+sudo_ldap_conf_add_ports(void)
+{
+    char *host, *last, *port, defport[13];
+    char hostbuf[LINE_MAX * 2];
+    int len;
+    debug_decl(sudo_ldap_conf_add_ports, SUDOERS_DEBUG_LDAP)
+
+    hostbuf[0] = '\0';
+    len = snprintf(defport, sizeof(defport), ":%d", ldap_conf.port);
+    if (len <= 0 || (size_t)len >= sizeof(defport)) {
+	sudo_warnx(U_("sudo_ldap_conf_add_ports: port too large"));
+	debug_return_bool(false);
+    }
+
+    for ((host = strtok_r(ldap_conf.host, " \t", &last)); host; (host = strtok_r(NULL, " \t", &last))) {
+	if (hostbuf[0] != '\0')
+	    CHECK_STRLCAT(hostbuf, " ", sizeof(hostbuf));
+	CHECK_STRLCAT(hostbuf, host, sizeof(hostbuf));
+
+	/* Append port if there is not one already. */
+	if ((port = strrchr(host, ':')) == NULL ||
+	    !isdigit((unsigned char)port[1])) {
+	    CHECK_STRLCAT(hostbuf, defport, sizeof(hostbuf));
+	}
+    }
+
+    free(ldap_conf.host);
+    if ((ldap_conf.host = strdup(hostbuf)) == NULL)
+	sudo_warnx(U_("%s: %s"), __func__, U_("unable to allocate memory"));
+    debug_return_bool(ldap_conf.host != NULL);
+
+overflow:
+    sudo_warnx(U_("internal error, %s overflow"), __func__);
+    debug_return_bool(false);
+}
+#endif
+
+#ifndef HAVE_LDAP_INITIALIZE
+/*
+ * For each uri, convert to host:port pairs.  For ldaps:// enable SSL
+ * Accepts: uris of the form ldap:/// or ldap://hostname:portnum/
+ * where the trailing slash is optional.
+ * Returns LDAP_SUCCESS on success, else non-zero.
+ */
+static int
+sudo_ldap_parse_uri(const struct ldap_config_str_list *uri_list)
+{
+    const struct ldap_config_str *entry;
+    char *buf, hostbuf[LINE_MAX];
+    int nldap = 0, nldaps = 0;
+    int ret = -1;
+    debug_decl(sudo_ldap_parse_uri, SUDOERS_DEBUG_LDAP)
+
+    hostbuf[0] = '\0';
+    STAILQ_FOREACH(entry, uri_list, entries) {
+	char *cp, *host, *last, *port, *uri;
+
+	buf = strdup(entry->val);
+	if (buf == NULL) {
+	    sudo_warnx(U_("%s: %s"), __func__, U_("unable to allocate memory"));
+	    goto done;
+	}
+	for ((uri = strtok_r(buf, " \t", &last)); uri != NULL; (uri = strtok_r(NULL, " \t", &last))) {
+	    if (strncasecmp(uri, "ldap://", 7) == 0) {
+		nldap++;
+		host = uri + 7;
+	    } else if (strncasecmp(uri, "ldaps://", 8) == 0) {
+		nldaps++;
+		host = uri + 8;
+	    } else {
+		sudo_warnx(U_("unsupported LDAP uri type: %s"), uri);
+		goto done;
+	    }
+
+	    /* trim optional trailing slash */
+	    if ((cp = strrchr(host, '/')) != NULL && cp[1] == '\0') {
+		*cp = '\0';
+	    }
+
+	    if (hostbuf[0] != '\0')
+		CHECK_STRLCAT(hostbuf, " ", sizeof(hostbuf));
+
+	    if (*host == '\0')
+		host = "localhost";		/* no host specified, use localhost */
+
+	    CHECK_STRLCAT(hostbuf, host, sizeof(hostbuf));
+
+	    /* If using SSL and no port specified, add port 636 */
+	    if (nldaps) {
+		if ((port = strrchr(host, ':')) == NULL ||
+		    !isdigit((unsigned char)port[1]))
+		    CHECK_STRLCAT(hostbuf, ":636", sizeof(hostbuf));
+	    }
+	}
+
+	if (nldaps != 0) {
+	    if (nldap != 0) {
+		sudo_warnx(U_("unable to mix ldap and ldaps URIs"));
+		goto done;
+	    }
+	    if (ldap_conf.ssl_mode == SUDO_LDAP_STARTTLS)
+		sudo_warnx(U_("starttls not supported when using ldaps"));
+	    ldap_conf.ssl_mode = SUDO_LDAP_SSL;
+	}
+	free(buf);
+    }
+    buf = NULL;
+
+    /* Store parsed URI(s) in host for ldap_create() or ldap_init(). */
+    free(ldap_conf.host);
+    if ((ldap_conf.host = strdup(hostbuf)) == NULL) {
+	sudo_warnx(U_("%s: %s"), __func__, U_("unable to allocate memory"));
+	goto done;
+    }
+
+    ret = LDAP_SUCCESS;
+
+done:
+    free(buf);
+    debug_return_int(ret);
+
+overflow:
+    sudo_warnx(U_("internal error, %s overflow"), __func__);
+    free(buf);
+    debug_return_int(-1);
+}
+#endif /* HAVE_LDAP_INITIALIZE */
+
+/*
+ * Decode a secret if it is base64 encoded, else return NULL.
+ */
+static char *
+sudo_ldap_decode_secret(const char *secret)
+{
+    unsigned char *result = NULL;
+    size_t len, reslen;
+    debug_decl(sudo_ldap_decode_secret, SUDOERS_DEBUG_LDAP)
+
+    if (strncasecmp(secret, "base64:", sizeof("base64:") - 1) == 0) {
+	/*
+	 * Decode a base64 secret.  The decoded length is 3/4 the encoded
+	 * length but padding may be missing so round up to a multiple of 4.
+	 */
+	secret += sizeof("base64:") - 1;
+	reslen = ((strlen(secret) + 3) / 4 * 3);
+	result = malloc(reslen + 1);
+	if (result == NULL) {
+	    sudo_warnx(U_("%s: %s"), __func__, U_("unable to allocate memory"));
+	} else {
+	    len = base64_decode(secret, result, reslen);
+	    if (len == (size_t)-1) {
+		free(result);
+		result = NULL;
+	    } else {
+		result[len] = '\0';
+	    }
+	}
+    }
+    debug_return_str((char *)result);
+}
+
+static void
+sudo_ldap_read_secret(const char *path)
+{
+    FILE *fp;
+    char *line = NULL;
+    size_t linesize = 0;
+    ssize_t len;
+    debug_decl(sudo_ldap_read_secret, SUDOERS_DEBUG_LDAP)
+
+    if ((fp = fopen(path_ldap_secret, "r")) != NULL) {
+	len = getline(&line, &linesize, fp);
+	if (len != -1) {
+	    /* trim newline */
+	    while (len > 0 && line[len - 1] == '\n')
+		line[--len] = '\0';
+	    /* copy to bindpw and binddn */
+	    free(ldap_conf.bindpw);
+	    ldap_conf.bindpw = sudo_ldap_decode_secret(line);
+	    if (ldap_conf.bindpw == NULL) {
+		/* not base64 encoded, use directly */
+		ldap_conf.bindpw = line;
+		line = NULL;
+	    }
+	    free(ldap_conf.binddn);
+	    ldap_conf.binddn = ldap_conf.rootbinddn;
+	    ldap_conf.rootbinddn = NULL;
+	}
+	fclose(fp);
+	free(line);
+    }
+    debug_return;
+}
+
+/*
+ * Look up keyword in config tables.
+ * Returns true if found, else false.
+ */
+static bool
+sudo_ldap_parse_keyword(const char *keyword, const char *value,
+    struct ldap_config_table *table)
+{
+    struct ldap_config_table *cur;
+    const char *errstr;
+    debug_decl(sudo_ldap_parse_keyword, SUDOERS_DEBUG_LDAP)
+
+    /* Look up keyword in config tables */
+    for (cur = table; cur->conf_str != NULL; cur++) {
+	if (strcasecmp(keyword, cur->conf_str) == 0) {
+	    switch (cur->type) {
+	    case CONF_DEREF_VAL:
+		if (strcasecmp(value, "searching") == 0)
+		    *(int *)(cur->valp) = LDAP_DEREF_SEARCHING;
+		else if (strcasecmp(value, "finding") == 0)
+		    *(int *)(cur->valp) = LDAP_DEREF_FINDING;
+		else if (strcasecmp(value, "always") == 0)
+		    *(int *)(cur->valp) = LDAP_DEREF_ALWAYS;
+		else
+		    *(int *)(cur->valp) = LDAP_DEREF_NEVER;
+		break;
+	    case CONF_REQCERT_VAL:
+#ifdef LDAP_OPT_X_TLS_REQUIRE_CERT
+		if (strcasecmp(value, "never") == 0)
+		    *(int *)(cur->valp) = LDAP_OPT_X_TLS_NEVER;
+		else if (strcasecmp(value, "allow") == 0)
+		    *(int *)(cur->valp) = LDAP_OPT_X_TLS_ALLOW;
+		else if (strcasecmp(value, "try") == 0)
+		    *(int *)(cur->valp) = LDAP_OPT_X_TLS_TRY;
+		else if (strcasecmp(value, "hard") == 0)
+		    *(int *)(cur->valp) = LDAP_OPT_X_TLS_HARD;
+		else if (strcasecmp(value, "demand") == 0)
+		    *(int *)(cur->valp) = LDAP_OPT_X_TLS_DEMAND;
+#endif /* LDAP_OPT_X_TLS_REQUIRE_CERT */
+		break;
+	    case CONF_BOOL:
+		*(int *)(cur->valp) = sudo_strtobool(value) == true;
+		break;
+	    case CONF_INT:
+		*(int *)(cur->valp) = strtonum(value, INT_MIN, INT_MAX, &errstr);
+		if (errstr != NULL) {
+		    sudo_warnx(U_("%s: %s: %s: %s"),
+			path_ldap_conf, keyword, value, U_(errstr));
+		}
+		break;
+	    case CONF_STR:
+		{
+		    char *cp = NULL;
+
+		    free(*(char **)(cur->valp));
+		    if (*value && (cp = strdup(value)) == NULL) {
+			sudo_warnx(U_("%s: %s"), __func__, U_("unable to allocate memory"));
+			debug_return_bool(false);
+		    }
+		    *(char **)(cur->valp) = cp;
+		    break;
+		}
+	    case CONF_LIST_STR:
+		{
+		    struct ldap_config_str_list *head;
+		    struct ldap_config_str *str;
+		    size_t len = strlen(value);
+
+		    if (len > 0) {
+			head = (struct ldap_config_str_list *)cur->valp;
+			if ((str = malloc(sizeof(*str) + len)) == NULL) {
+			    sudo_warnx(U_("%s: %s"), __func__, U_("unable to allocate memory"));
+			    debug_return_bool(false);
+			}
+			memcpy(str->val, value, len + 1);
+			STAILQ_INSERT_TAIL(head, str, entries);
+		    }
+		}
+		break;
+	    }
+	    debug_return_bool(true);
+	}
+    }
+    debug_return_bool(false);
+}
+
+#ifdef HAVE_LDAP_SASL_INTERACTIVE_BIND_S
+const char *
+sudo_krb5_ccname_path(const char *old_ccname)
+{
+    const char *ccname = old_ccname;
+    debug_decl(sudo_krb5_ccname_path, SUDOERS_DEBUG_LDAP)
+
+    /* Strip off leading FILE: or WRFILE: prefix. */
+    switch (ccname[0]) {
+	case 'F':
+	case 'f':
+	    if (strncasecmp(ccname, "FILE:", 5) == 0)
+		ccname += 5;
+	    break;
+	case 'W':
+	case 'w':
+	    if (strncasecmp(ccname, "WRFILE:", 7) == 0)
+		ccname += 7;
+	    break;
+    }
+    sudo_debug_printf(SUDO_DEBUG_INFO|SUDO_DEBUG_LINENO,
+	"ccache %s -> %s", old_ccname, ccname);
+
+    /* Credential cache must be a fully-qualified path name. */
+    debug_return_const_str(*ccname == '/' ? ccname : NULL);
+}
+
+static bool
+sudo_check_krb5_ccname(const char *ccname)
+{
+    int fd = -1;
+    const char *ccname_path;
+    debug_decl(sudo_check_krb5_ccname, SUDOERS_DEBUG_LDAP)
+
+    /* Strip off prefix to get path name. */
+    ccname_path = sudo_krb5_ccname_path(ccname);
+    if (ccname_path == NULL) {
+	sudo_debug_printf(SUDO_DEBUG_WARN|SUDO_DEBUG_LINENO,
+	    "unsupported krb5 credential cache path: %s", ccname);
+	debug_return_bool(false);
+    }
+    /* Make sure credential cache is fully-qualified and exists. */
+    fd = open(ccname_path, O_RDONLY|O_NONBLOCK, 0);
+    if (fd == -1) {
+	sudo_debug_printf(SUDO_DEBUG_WARN|SUDO_DEBUG_LINENO,
+	    "unable to open krb5 credential cache: %s", ccname_path);
+	debug_return_bool(false);
+    }
+    close(fd);
+    sudo_debug_printf(SUDO_DEBUG_INFO,
+	"using krb5 credential cache: %s", ccname_path);
+    debug_return_bool(true);
+}
+#endif /* HAVE_LDAP_SASL_INTERACTIVE_BIND_S */
+
+bool
+sudo_ldap_read_config(void)
+{
+    char *cp, *keyword, *value, *line = NULL;
+    struct ldap_config_str *conf_str;
+    size_t linesize = 0;
+    FILE *fp;
+    debug_decl(sudo_ldap_read_config, SUDOERS_DEBUG_LDAP)
+
+    /* defaults */
+    ldap_conf.version = 3;
+    ldap_conf.port = -1;
+    ldap_conf.tls_checkpeer = -1;
+    ldap_conf.tls_reqcert = -1;
+    ldap_conf.timelimit = -1;
+    ldap_conf.timeout = -1;
+    ldap_conf.bind_timelimit = -1;
+    ldap_conf.use_sasl = -1;
+    ldap_conf.rootuse_sasl = -1;
+    ldap_conf.deref = -1;
+    ldap_conf.search_filter = strdup(DEFAULT_SEARCH_FILTER);
+    ldap_conf.netgroup_search_filter = strdup(DEFAULT_NETGROUP_SEARCH_FILTER);
+    STAILQ_INIT(&ldap_conf.uri);
+    STAILQ_INIT(&ldap_conf.base);
+    STAILQ_INIT(&ldap_conf.netgroup_base);
+
+    if (ldap_conf.search_filter == NULL || ldap_conf.netgroup_search_filter == NULL) {
+	sudo_warnx(U_("%s: %s"), __func__, U_("unable to allocate memory"));
+	debug_return_bool(false);
+    }
+
+    if ((fp = fopen(path_ldap_conf, "r")) == NULL)
+	debug_return_bool(false);
+
+    while (sudo_parseln(&line, &linesize, NULL, fp, PARSELN_COMM_BOL|PARSELN_CONT_IGN) != -1) {
+	if (*line == '\0')
+	    continue;		/* skip empty line */
+
+	/* split into keyword and value */
+	keyword = cp = line;
+	while (*cp && !isblank((unsigned char) *cp))
+	    cp++;
+	if (*cp)
+	    *cp++ = '\0';	/* terminate keyword */
+
+	/* skip whitespace before value */
+	while (isblank((unsigned char) *cp))
+	    cp++;
+	value = cp;
+
+	/* Look up keyword in config tables */
+	if (!sudo_ldap_parse_keyword(keyword, value, ldap_conf_global))
+	    sudo_ldap_parse_keyword(keyword, value, ldap_conf_conn);
+    }
+    free(line);
+    fclose(fp);
+
+    if (!ldap_conf.host) {
+	ldap_conf.host = strdup("localhost");
+	if (ldap_conf.host == NULL) {
+	    sudo_warnx(U_("%s: %s"), __func__, U_("unable to allocate memory"));
+	    debug_return_bool(false);
+	}
+    }
+
+    DPRINTF1("LDAP Config Summary");
+    DPRINTF1("===================");
+    if (!STAILQ_EMPTY(&ldap_conf.uri)) {
+	STAILQ_FOREACH(conf_str, &ldap_conf.uri, entries) {
+	    DPRINTF1("uri              %s", conf_str->val);
+	}
+    } else {
+	DPRINTF1("host             %s",
+	    ldap_conf.host ? ldap_conf.host : "(NONE)");
+	DPRINTF1("port             %d", ldap_conf.port);
+    }
+    DPRINTF1("ldap_version     %d", ldap_conf.version);
+
+    if (!STAILQ_EMPTY(&ldap_conf.base)) {
+	STAILQ_FOREACH(conf_str, &ldap_conf.base, entries) {
+	    DPRINTF1("sudoers_base     %s", conf_str->val);
+	}
+    } else {
+	DPRINTF1("sudoers_base     %s", "(NONE: LDAP disabled)");
+    }
+    if (ldap_conf.search_filter) {
+	DPRINTF1("search_filter    %s", ldap_conf.search_filter);
+    }
+    if (!STAILQ_EMPTY(&ldap_conf.netgroup_base)) {
+	STAILQ_FOREACH(conf_str, &ldap_conf.netgroup_base, entries) {
+	    DPRINTF1("netgroup_base    %s", conf_str->val);
+	}
+    } else {
+	DPRINTF1("netgroup_base %s", "(NONE: will use nsswitch)");
+    }
+    if (ldap_conf.netgroup_search_filter) {
+        DPRINTF1("netgroup_search_filter %s", ldap_conf.netgroup_search_filter);
+    }
+    DPRINTF1("binddn           %s",
+	ldap_conf.binddn ? ldap_conf.binddn : "(anonymous)");
+    DPRINTF1("bindpw           %s",
+	ldap_conf.bindpw ? ldap_conf.bindpw : "(anonymous)");
+    if (ldap_conf.bind_timelimit > 0) {
+	DPRINTF1("bind_timelimit   %d", ldap_conf.bind_timelimit);
+    }
+    if (ldap_conf.timelimit > 0) {
+	DPRINTF1("timelimit        %d", ldap_conf.timelimit);
+    }
+    if (ldap_conf.deref != -1) {
+	DPRINTF1("deref            %d", ldap_conf.deref);
+    }
+    DPRINTF1("ssl              %s", ldap_conf.ssl ? ldap_conf.ssl : "(no)");
+    if (ldap_conf.tls_checkpeer != -1) {
+	DPRINTF1("tls_checkpeer    %s",
+	    ldap_conf.tls_checkpeer ? "(yes)" : "(no)");
+    }
+#ifdef LDAP_OPT_X_TLS_REQUIRE_CERT
+    if (ldap_conf.tls_reqcert != -1) {
+	DPRINTF1("tls_reqcert    %s",
+	    ldap_conf.tls_reqcert == LDAP_OPT_X_TLS_NEVER ? "hard" :
+	    ldap_conf.tls_reqcert == LDAP_OPT_X_TLS_ALLOW ? "allow" :
+	    ldap_conf.tls_reqcert == LDAP_OPT_X_TLS_TRY ? "try" :
+	    ldap_conf.tls_reqcert == LDAP_OPT_X_TLS_HARD ? "hard" :
+	    ldap_conf.tls_reqcert == LDAP_OPT_X_TLS_DEMAND ? "demand" :
+	    "unknown");
+    }
+#endif /* LDAP_OPT_X_TLS_REQUIRE_CERT */
+    if (ldap_conf.tls_cacertfile != NULL) {
+	DPRINTF1("tls_cacertfile   %s", ldap_conf.tls_cacertfile);
+    }
+    if (ldap_conf.tls_cacertdir != NULL) {
+	DPRINTF1("tls_cacertdir    %s", ldap_conf.tls_cacertdir);
+    }
+    if (ldap_conf.tls_random_file != NULL) {
+	DPRINTF1("tls_random_file  %s", ldap_conf.tls_random_file);
+    }
+    if (ldap_conf.tls_cipher_suite != NULL) {
+	DPRINTF1("tls_cipher_suite %s", ldap_conf.tls_cipher_suite);
+    }
+    if (ldap_conf.tls_certfile != NULL) {
+	DPRINTF1("tls_certfile     %s", ldap_conf.tls_certfile);
+    }
+    if (ldap_conf.tls_keyfile != NULL) {
+	DPRINTF1("tls_keyfile      %s", ldap_conf.tls_keyfile);
+    }
+#ifdef HAVE_LDAP_SASL_INTERACTIVE_BIND_S
+    if (ldap_conf.use_sasl != -1) {
+	if (ldap_conf.sasl_mech == NULL) {
+	    /* Default mechanism is GSSAPI. */
+	    ldap_conf.sasl_mech = strdup("GSSAPI");
+	    if (ldap_conf.sasl_mech == NULL) {
+		sudo_warnx(U_("%s: %s"), __func__,
+		    U_("unable to allocate memory"));
+		debug_return_bool(false);
+	    }
+	}
+	DPRINTF1("use_sasl         %s", ldap_conf.use_sasl ? "yes" : "no");
+	DPRINTF1("sasl_mech        %s", ldap_conf.sasl_mech);
+	DPRINTF1("sasl_auth_id     %s",
+	    ldap_conf.sasl_auth_id ? ldap_conf.sasl_auth_id : "(NONE)");
+	DPRINTF1("rootuse_sasl     %d",
+	    ldap_conf.rootuse_sasl);
+	DPRINTF1("rootsasl_auth_id %s",
+	    ldap_conf.rootsasl_auth_id ? ldap_conf.rootsasl_auth_id : "(NONE)");
+	DPRINTF1("sasl_secprops    %s",
+	    ldap_conf.sasl_secprops ? ldap_conf.sasl_secprops : "(NONE)");
+	DPRINTF1("krb5_ccname      %s",
+	    ldap_conf.krb5_ccname ? ldap_conf.krb5_ccname : "(NONE)");
+    }
+#endif
+    DPRINTF1("===================");
+
+    if (STAILQ_EMPTY(&ldap_conf.base))
+	debug_return_bool(false);	/* if no base is defined, ignore LDAP */
+
+    if (ldap_conf.bind_timelimit > 0)
+	ldap_conf.bind_timelimit *= 1000;	/* convert to ms */
+
+    /*
+     * Interpret SSL option
+     */
+    if (ldap_conf.ssl != NULL) {
+	if (strcasecmp(ldap_conf.ssl, "start_tls") == 0)
+	    ldap_conf.ssl_mode = SUDO_LDAP_STARTTLS;
+	else if (sudo_strtobool(ldap_conf.ssl) == true)
+	    ldap_conf.ssl_mode = SUDO_LDAP_SSL;
+    }
+
+#if defined(HAVE_LDAPSSL_SET_STRENGTH) && !defined(LDAP_OPT_X_TLS_REQUIRE_CERT)
+    if (ldap_conf.tls_checkpeer != -1) {
+	ldapssl_set_strength(NULL,
+	    ldap_conf.tls_checkpeer ? LDAPSSL_AUTH_CERT : LDAPSSL_AUTH_WEAK);
+    }
+#endif
+
+#ifndef HAVE_LDAP_INITIALIZE
+    /* Convert uri list to host list if no ldap_initialize(). */
+    if (!STAILQ_EMPTY(&ldap_conf.uri)) {
+	struct ldap_config_str *uri;
+
+	if (sudo_ldap_parse_uri(&ldap_conf.uri) != LDAP_SUCCESS)
+	    debug_return_bool(false);
+	while ((uri = STAILQ_FIRST(&ldap_conf.uri)) != NULL) {
+	    STAILQ_REMOVE_HEAD(&ldap_conf.uri, entries);
+	    free(uri);
+	}
+	ldap_conf.port = LDAP_PORT;
+    }
+#endif
+
+    if (STAILQ_EMPTY(&ldap_conf.uri)) {
+	/* Use port 389 for plaintext LDAP and port 636 for SSL LDAP */
+	if (ldap_conf.port < 0)
+	    ldap_conf.port =
+		ldap_conf.ssl_mode == SUDO_LDAP_SSL ? LDAPS_PORT : LDAP_PORT;
+
+#ifdef HAVE_LDAP_CREATE
+	/*
+	 * Cannot specify port directly to ldap_create(), each host must
+	 * include :port to override the default.
+	 */
+	if (ldap_conf.port != LDAP_PORT) {
+	    if (!sudo_ldap_conf_add_ports())
+		debug_return_bool(false);
+	}
+#endif
+    }
+
+    /* If search filter is not parenthesized, make it so. */
+    if (ldap_conf.search_filter && ldap_conf.search_filter[0] != '(') {
+	size_t len = strlen(ldap_conf.search_filter);
+	cp = ldap_conf.search_filter;
+	ldap_conf.search_filter = malloc(len + 3);
+	if (ldap_conf.search_filter == NULL) {
+	    sudo_warnx(U_("%s: %s"), __func__, U_("unable to allocate memory"));
+	    debug_return_bool(false);
+	}
+	ldap_conf.search_filter[0] = '(';
+	memcpy(ldap_conf.search_filter + 1, cp, len);
+	ldap_conf.search_filter[len + 1] = ')';
+	ldap_conf.search_filter[len + 2] = '\0';
+	free(cp);
+    }
+
+
+    /* If rootbinddn set, read in /etc/ldap.secret if it exists. */
+    if (ldap_conf.rootbinddn) {
+	sudo_ldap_read_secret(path_ldap_secret);
+    } else if (ldap_conf.bindpw) {
+	cp = sudo_ldap_decode_secret(ldap_conf.bindpw);
+	if (cp != NULL) {
+	    free(ldap_conf.bindpw);
+	    ldap_conf.bindpw = cp;
+	}
+    }
+
+    if (ldap_conf.tls_keypw) {
+	cp = sudo_ldap_decode_secret(ldap_conf.tls_keypw);
+	if (cp != NULL) {
+	    free(ldap_conf.tls_keypw);
+	    ldap_conf.tls_keypw = cp;
+	}
+    }
+
+#ifdef HAVE_LDAP_SASL_INTERACTIVE_BIND_S
+    /*
+     * Make sure we can open the file specified by krb5_ccname.
+     */
+    if (ldap_conf.krb5_ccname != NULL) {
+	if (!sudo_check_krb5_ccname(ldap_conf.krb5_ccname))
+	    ldap_conf.krb5_ccname = NULL;
+    }
+#endif
+
+    debug_return_bool(true);
+}
+
+/*
+ * Set LDAP options from the specified options table
+ * Returns LDAP_SUCCESS on success, else non-zero.
+ */
+static int
+sudo_ldap_set_options_table(LDAP *ld, struct ldap_config_table *table)
+{
+    struct ldap_config_table *cur;
+    int ival, rc, errors = 0;
+    char *sval;
+    debug_decl(sudo_ldap_set_options_table, SUDOERS_DEBUG_LDAP)
+
+    for (cur = table; cur->conf_str != NULL; cur++) {
+	if (cur->opt_val == -1)
+	    continue;
+
+	switch (cur->type) {
+	case CONF_BOOL:
+	case CONF_INT:
+	    ival = *(int *)(cur->valp);
+	    if (ival >= 0) {
+		DPRINTF1("ldap_set_option: %s -> %d", cur->conf_str, ival);
+		rc = ldap_set_option(ld, cur->opt_val, &ival);
+		if (rc != LDAP_OPT_SUCCESS) {
+		    sudo_warnx("ldap_set_option: %s -> %d: %s",
+			cur->conf_str, ival, ldap_err2string(rc));
+		    errors++;
+		}
+	    }
+	    break;
+	case CONF_STR:
+	    sval = *(char **)(cur->valp);
+	    if (sval != NULL) {
+		DPRINTF1("ldap_set_option: %s -> %s", cur->conf_str, sval);
+		rc = ldap_set_option(ld, cur->opt_val, sval);
+		if (rc != LDAP_OPT_SUCCESS) {
+		    sudo_warnx("ldap_set_option: %s -> %s: %s",
+			cur->conf_str, sval, ldap_err2string(rc));
+		    errors++;
+		}
+	    }
+	    break;
+	}
+    }
+    debug_return_int(errors ? -1 : LDAP_SUCCESS);
+}
+
+/*
+ * Set LDAP options based on the global config table.
+ * Returns LDAP_SUCCESS on success, else non-zero.
+ */
+int
+sudo_ldap_set_options_global(void)
+{
+    int ret;
+    debug_decl(sudo_ldap_set_options_global, SUDOERS_DEBUG_LDAP)
+
+    /* Set ber options */
+#ifdef LBER_OPT_DEBUG_LEVEL
+    if (ldap_conf.ldap_debug)
+	ber_set_option(NULL, LBER_OPT_DEBUG_LEVEL, &ldap_conf.ldap_debug);
+#endif
+
+    /* Parse global LDAP options table. */
+    ret = sudo_ldap_set_options_table(NULL, ldap_conf_global);
+    debug_return_int(ret);
+}
+
+/*
+ * Set LDAP options based on the per-connection config table.
+ * Returns LDAP_SUCCESS on success, else non-zero.
+ */
+int
+sudo_ldap_set_options_conn(LDAP *ld)
+{
+    int rc;
+    debug_decl(sudo_ldap_set_options_conn, SUDOERS_DEBUG_LDAP)
+
+    /* Parse per-connection LDAP options table. */
+    rc = sudo_ldap_set_options_table(ld, ldap_conf_conn);
+    if (rc == -1)
+	debug_return_int(-1);
+
+#ifdef LDAP_OPT_TIMEOUT
+    /* Convert timeout to a timeval */
+    if (ldap_conf.timeout > 0) {
+	struct timeval tv;
+	tv.tv_sec = ldap_conf.timeout;
+	tv.tv_usec = 0;
+	DPRINTF1("ldap_set_option(LDAP_OPT_TIMEOUT, %d)", ldap_conf.timeout);
+	rc = ldap_set_option(ld, LDAP_OPT_TIMEOUT, &tv);
+	if (rc != LDAP_OPT_SUCCESS) {
+	    sudo_warnx("ldap_set_option(TIMEOUT, %d): %s",
+		ldap_conf.timeout, ldap_err2string(rc));
+	}
+    }
+#endif
+#ifdef LDAP_OPT_NETWORK_TIMEOUT
+    /* Convert bind_timelimit to a timeval */
+    if (ldap_conf.bind_timelimit > 0) {
+	struct timeval tv;
+	tv.tv_sec = ldap_conf.bind_timelimit / 1000;
+	tv.tv_usec = 0;
+	DPRINTF1("ldap_set_option(LDAP_OPT_NETWORK_TIMEOUT, %d)",
+	    ldap_conf.bind_timelimit / 1000);
+	rc = ldap_set_option(ld, LDAP_OPT_NETWORK_TIMEOUT, &tv);
+# if !defined(LDAP_OPT_CONNECT_TIMEOUT) || LDAP_VENDOR_VERSION != 510
+	/* Tivoli Directory Server 6.3 libs always return a (bogus) error. */
+	if (rc != LDAP_OPT_SUCCESS) {
+	    sudo_warnx("ldap_set_option(NETWORK_TIMEOUT, %d): %s",
+		ldap_conf.bind_timelimit / 1000, ldap_err2string(rc));
+	}
+# endif
+    }
+#endif
+
+#if defined(LDAP_OPT_X_TLS) && !defined(HAVE_LDAPSSL_INIT)
+    if (ldap_conf.ssl_mode == SUDO_LDAP_SSL) {
+	int val = LDAP_OPT_X_TLS_HARD;
+	DPRINTF1("ldap_set_option(LDAP_OPT_X_TLS, LDAP_OPT_X_TLS_HARD)");
+	rc = ldap_set_option(ld, LDAP_OPT_X_TLS, &val);
+	if (rc != LDAP_SUCCESS) {
+	    sudo_warnx("ldap_set_option(LDAP_OPT_X_TLS, LDAP_OPT_X_TLS_HARD): %s",
+		ldap_err2string(rc));
+	    debug_return_int(-1);
+	}
+    }
+#endif
+    debug_return_int(LDAP_SUCCESS);
+}
diff --git a/plugins/sudoers/ldap_util.c b/plugins/sudoers/ldap_util.c
new file mode 100644
index 0000000..9b8f69e
--- /dev/null
+++ b/plugins/sudoers/ldap_util.c
@@ -0,0 +1,581 @@
+/*
+ * Copyright (c) 2013, 2016, 2018 Todd C. Miller <Todd.Miller@sudo.ws>
+ *
+ * This code is derived from software contributed by Aaron Spangler.
+ *
+ * Permission to use, copy, modify, and distribute this software for any
+ * purpose with or without fee is hereby granted, provided that the above
+ * copyright notice and this permission notice appear in all copies.
+ *
+ * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
+ * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
+ * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
+ * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
+ * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
+ * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
+ * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
+ */
+
+/*
+ * This is an open source non-commercial project. Dear PVS-Studio, please check it.
+ * PVS-Studio Static Code Analyzer for C, C++ and C#: http://www.viva64.com
+ */
+
+#include <config.h>
+
+#include <sys/types.h>
+#include <sys/socket.h>
+#include <stdio.h>
+#include <stdlib.h>
+#ifdef HAVE_STRING_H
+# include <string.h>
+#endif /* HAVE_STRING_H */
+#ifdef HAVE_STRINGS_H
+# include <strings.h>
+#endif /* HAVE_STRINGS_H */
+#include <ctype.h>
+#include <netinet/in.h>
+#include <arpa/inet.h>
+
+#include "sudoers.h"
+#include "interfaces.h"
+#include "gram.h"
+#include "sudo_lbuf.h"
+#include "sudo_ldap.h"
+#include "sudo_digest.h"
+
+/*
+ * Returns true if the string pointed to by valp begins with an
+ * odd number of '!' characters.  Intervening blanks are ignored.
+ * Stores the address of the string after '!' removal in valp.
+ */
+bool
+sudo_ldap_is_negated(char **valp)
+{
+    char *val = *valp;
+    bool ret = false;
+    debug_decl(sudo_ldap_is_negated, SUDOERS_DEBUG_LDAP)
+
+    while (*val == '!') {
+	ret = !ret;
+	do {
+	    val++;
+	} while (isblank((unsigned char)*val));
+    }
+    *valp = val;
+    debug_return_bool(ret);
+}
+
+/*
+ * Parse an option string into a defaults structure.
+ * The members of def are pointers into optstr (which is modified).
+ */
+int
+sudo_ldap_parse_option(char *optstr, char **varp, char **valp)
+{
+    char *cp, *val = NULL;
+    char *var = optstr;
+    int op;
+    debug_decl(sudo_ldap_parse_option, SUDOERS_DEBUG_LDAP)
+
+    /* check for equals sign past first char */
+    cp = strchr(var, '=');
+    if (cp > var) {
+	val = cp + 1;
+	op = cp[-1];	/* peek for += or -= cases */
+	if (op == '+' || op == '-') {
+	    /* case var+=val or var-=val */
+	    cp--;
+	} else {
+	    /* case var=val */
+	    op = true;
+	}
+	/* Trim whitespace between var and operator. */
+	while (cp > var && isblank((unsigned char)cp[-1]))
+	    cp--;
+	/* Truncate variable name. */
+	*cp = '\0';
+	/* Trim leading whitespace from val. */
+	while (isblank((unsigned char)*val))
+	    val++;
+	/* Strip double quotes if present. */
+	if (*val == '"') {
+	    char *ep = val + strlen(val);
+	    if (ep != val && ep[-1] == '"') {
+		val++;
+		ep[-1] = '\0';
+	    }
+	}
+    } else {
+	/* Boolean value, either true or false. */
+	op = sudo_ldap_is_negated(&var) ? false : true;
+    }
+    *varp = var;
+    *valp = val;
+
+    debug_return_int(op);
+}
+
+/*
+ * Convert an array of user/group names to a member list.
+ * The caller is responsible for freeing the returned struct member_list.
+ */
+static struct member_list *
+array_to_member_list(void *a, sudo_ldap_iter_t iter)
+{
+    struct member_list negated_members =
+	TAILQ_HEAD_INITIALIZER(negated_members);
+    struct member_list *members;
+    struct member *m;
+    char *val;
+    debug_decl(bv_to_member_list, SUDOERS_DEBUG_LDAP)
+
+    if ((members = calloc(1, sizeof(*members))) == NULL)
+	return NULL;
+    TAILQ_INIT(members);                      
+
+    while ((val = iter(&a)) != NULL) {
+	if ((m = calloc(1, sizeof(*m))) == NULL)
+	    goto bad;
+	m->negated = sudo_ldap_is_negated(&val);
+
+	switch (val[0]) {
+	case '\0':
+	    /* Empty RunAsUser means run as the invoking user. */
+	    m->type = MYSELF;
+	    break;
+	case '+':
+	    m->type = NETGROUP;
+	    m->name = strdup(val);
+	    if (m->name == NULL) {
+		free(m);
+		goto bad;
+	    }
+	    break;
+	case '%':
+	    m->type = USERGROUP;
+	    m->name = strdup(val);
+	    if (m->name == NULL) {
+		free(m);
+		goto bad;
+	    }
+	    break;
+	case 'A':
+	    if (strcmp(val, "ALL") == 0) {
+		m->type = ALL;
+		break;
+	    }
+	    /* FALLTHROUGH */
+	default:
+	    m->type = WORD;
+	    m->name = strdup(val);
+	    if (m->name == NULL) {
+		free(m);
+		goto bad;
+	    }
+	    break;
+	}
+	if (m->negated)
+	    TAILQ_INSERT_TAIL(&negated_members, m, entries);
+	else
+	    TAILQ_INSERT_TAIL(members, m, entries);
+    }
+
+    /* Negated members take precedence so we insert them at the end. */
+    TAILQ_CONCAT(members, &negated_members, entries);
+    debug_return_ptr(members);
+bad:
+    free_members(&negated_members);
+    free_members(members);
+    free(members);
+    debug_return_ptr(NULL);
+}
+
+static bool
+is_address(char *host)
+{
+    union sudo_in_addr_un addr;
+    bool ret = false;
+    char *slash;
+    debug_decl(is_address, SUDOERS_DEBUG_LDAP)
+
+    /* Check for mask, not currently parsed. */
+    if ((slash = strchr(host, '/')) != NULL)
+	*slash = '\0';
+
+    if (inet_pton(AF_INET, host, &addr.ip4) == 1)
+	ret = true;
+#ifdef HAVE_STRUCT_IN6_ADDR
+    else if (inet_pton(AF_INET6, host, &addr.ip6) == 1)
+	ret = true;
+#endif
+
+    if (slash != NULL)
+	*slash = '/';
+
+    debug_return_bool(ret);
+}
+
+static struct member *
+host_to_member(char *host)
+{
+    struct member *m;
+    debug_decl(host_to_member, SUDOERS_DEBUG_LDAP)
+
+    if ((m = calloc(1, sizeof(*m))) == NULL)
+	goto oom;
+    m->negated = sudo_ldap_is_negated(&host);
+    m->name = strdup(host);
+    if (m->name == NULL)
+	goto oom;
+    switch (*host) {
+    case '+':
+	m->type = NETGROUP;
+	break;
+    case 'A':
+	if (strcmp(host, "ALL") == 0) {
+	    m->type = ALL;
+	    break;
+	}
+	/* FALLTHROUGH */
+    default:
+	if (is_address(host)) {
+	    m->type = NTWKADDR;
+	} else {
+	    m->type = WORD;
+	}
+	break;
+    }
+
+    debug_return_ptr(m);
+oom:
+    free(m);
+    debug_return_ptr(NULL);
+}
+
+bool
+sudo_ldap_add_default(const char *var, const char *val, int op,
+    char *source, struct defaults_list *defs)
+{
+    struct defaults *def;
+    debug_decl(sudo_ldap_add_default, SUDOERS_DEBUG_LDAP)
+
+    if ((def = calloc(1, sizeof(*def))) == NULL)
+	goto oom;
+
+    def->type = DEFAULTS;
+    def->op = op;
+    if ((def->var = strdup(var)) == NULL) {
+	goto oom;
+    }
+    if (val != NULL) {
+	if ((def->val = strdup(val)) == NULL)
+	    goto oom;
+    }
+    def->file = source;
+    rcstr_addref(source);
+    TAILQ_INSERT_TAIL(defs, def, entries);
+    debug_return_bool(true);
+
+oom:
+    if (def != NULL) {
+	free(def->var);
+	free(def->val);
+	free(def);
+    }
+    debug_return_bool(false);
+}
+
+/*
+ * Convert an LDAP sudoRole to a sudoers privilege.
+ * Pass in struct berval ** for LDAP or char *** for SSSD.
+ */
+struct privilege *
+sudo_ldap_role_to_priv(const char *cn, void *hosts, void *runasusers,
+    void *runasgroups, void *cmnds, void *opts, const char *notbefore,
+    const char *notafter, bool warnings, bool store_options,
+    sudo_ldap_iter_t iter)
+{
+    struct cmndspec_list negated_cmnds = TAILQ_HEAD_INITIALIZER(negated_cmnds);
+    struct member_list negated_hosts = TAILQ_HEAD_INITIALIZER(negated_hosts);
+    struct cmndspec *prev_cmndspec = NULL;
+    struct privilege *priv;
+    struct member *m;
+    char *cmnd;
+    debug_decl(sudo_ldap_role_to_priv, SUDOERS_DEBUG_LDAP)
+
+    if ((priv = calloc(1, sizeof(*priv))) == NULL)
+	goto oom;
+    TAILQ_INIT(&priv->hostlist);
+    TAILQ_INIT(&priv->cmndlist);
+    TAILQ_INIT(&priv->defaults);
+
+    priv->ldap_role = strdup(cn ? cn : "UNKNOWN");
+    if (priv->ldap_role == NULL)
+	goto oom;
+
+    if (hosts == NULL) {
+	/* The host has already matched, use ALL as wildcard. */
+	if ((m = calloc(1, sizeof(*m))) == NULL)
+	    goto oom;
+	m->type = ALL;
+	TAILQ_INSERT_TAIL(&priv->hostlist, m, entries);
+    } else {
+	char *host;
+	while ((host = iter(&hosts)) != NULL) {
+	    if ((m = host_to_member(host)) == NULL)
+		goto oom;
+	    if (m->negated)
+		TAILQ_INSERT_TAIL(&negated_hosts, m, entries);
+	    else
+		TAILQ_INSERT_TAIL(&priv->hostlist, m, entries);
+	}
+	/* Negated hosts take precedence so we insert them at the end. */
+	TAILQ_CONCAT(&priv->hostlist, &negated_hosts, entries);
+    }
+
+    /*
+     * Parse sudoCommands and add to cmndlist.
+     */
+    while ((cmnd = iter(&cmnds)) != NULL) {
+	bool negated = sudo_ldap_is_negated(&cmnd);
+	struct sudo_command *c = NULL;
+	struct cmndspec *cmndspec;
+
+	/* Allocate storage upfront. */
+	if ((cmndspec = calloc(1, sizeof(*cmndspec))) == NULL)
+	    goto oom;
+	if ((m = calloc(1, sizeof(*m))) == NULL) {
+	    free(cmndspec);
+	    goto oom;
+	}
+	if (strcmp(cmnd, "ALL") != 0) {
+	    if ((c = calloc(1, sizeof(*c))) == NULL) {
+		free(cmndspec);
+		free(m);
+		goto oom;
+	    }
+	    m->name = (char *)c;
+	}
+
+	/* Negated commands have precedence so insert them at the end. */
+	if (negated)
+	    TAILQ_INSERT_TAIL(&negated_cmnds, cmndspec, entries);
+	else
+	    TAILQ_INSERT_TAIL(&priv->cmndlist, cmndspec, entries);
+
+	/* Initialize cmndspec */
+	TAGS_INIT(cmndspec->tags);
+	cmndspec->notbefore = UNSPEC;
+	cmndspec->notafter = UNSPEC;
+	cmndspec->timeout = UNSPEC;
+	cmndspec->cmnd = m;
+
+	if (prev_cmndspec != NULL) {
+	    /* Inherit values from prior cmndspec (common to the sudoRole). */
+	    cmndspec->runasuserlist = prev_cmndspec->runasuserlist;
+	    cmndspec->runasgrouplist = prev_cmndspec->runasgrouplist;
+	    cmndspec->notbefore = prev_cmndspec->notbefore;
+	    cmndspec->notafter = prev_cmndspec->notafter;
+	    cmndspec->tags = prev_cmndspec->tags;
+	    if (cmndspec->tags.setenv == IMPLIED)
+		cmndspec->tags.setenv = UNSPEC;
+	} else {
+	    /* Parse sudoRunAsUser / sudoRunAs */
+	    if (runasusers != NULL) {
+		cmndspec->runasuserlist =
+		    array_to_member_list(runasusers, iter);
+		if (cmndspec->runasuserlist == NULL)
+		    goto oom;
+	    }
+
+	    /* Parse sudoRunAsGroup */
+	    if (runasgroups != NULL) {
+		cmndspec->runasgrouplist =
+		    array_to_member_list(runasgroups, iter);
+		if (cmndspec->runasgrouplist == NULL)
+		    goto oom;
+	    }
+
+	    /* Parse sudoNotBefore / sudoNotAfter */
+	    if (notbefore != NULL)
+		cmndspec->notbefore = parse_gentime(notbefore);
+	    if (notafter != NULL)
+		cmndspec->notafter = parse_gentime(notafter);
+
+	    /* Parse sudoOptions. */
+	    if (opts != NULL) {
+		char *opt, *source = NULL;
+
+		if (store_options) {
+		    /* Use sudoRole in place of file name in defaults. */
+		    size_t slen = sizeof("sudoRole") + strlen(priv->ldap_role);
+		    if ((source = rcstr_alloc(slen)) == NULL)
+			goto oom;
+		    snprintf(source, slen, "sudoRole %s", priv->ldap_role);
+		}
+
+		while ((opt = iter(&opts)) != NULL) {
+		    char *var, *val;
+		    int op;
+
+		    op = sudo_ldap_parse_option(opt, &var, &val);
+		    if (strcmp(var, "command_timeout") == 0 && val != NULL) {
+			cmndspec->timeout = parse_timeout(val);
+#ifdef HAVE_SELINUX
+		    } else if (strcmp(var, "role") == 0 && val != NULL) {
+			if ((cmndspec->role = strdup(val)) == NULL)
+			    break;
+		    } else if (strcmp(var, "type") == 0 && val != NULL) {
+			if ((cmndspec->type = strdup(val)) == NULL)
+			    break;
+#endif /* HAVE_SELINUX */
+#ifdef HAVE_PRIV_SET
+		    } else if (strcmp(var, "privs") == 0 && val != NULL) {
+			if ((cmndspec->privs = strdup(val)) == NULL)
+			    break;
+		    } else if (strcmp(var, "limitprivs") == 0 && val != NULL) {
+			if ((cmndspec->limitprivs = strdup(val)) == NULL)
+			    break;
+#endif /* HAVE_PRIV_SET */
+		    } else if (store_options) {
+			if (!sudo_ldap_add_default(var, val, op, source,
+			    &priv->defaults)) {
+			    break;
+			}
+		    } else {
+			/* Convert to tags. */
+			bool converted = sudoers_defaults_to_tags(var, val, op,
+			    &cmndspec->tags);
+			if (!converted) {
+			    if (warnings) {
+				/* XXX - callback to process unsupported options. */
+				if (val != NULL) {
+				    sudo_warnx(U_("unable to convert sudoOption: %s%s%s"), var, op == '+' ? "+=" : op == '-' ? "-=" : "=", val);
+				} else {
+				    sudo_warnx(U_("unable to convert sudoOption: %s%s%s"), op == false ? "!" : "", var, "");
+				}
+			    }
+			    continue;
+			}
+		    }
+		}
+		rcstr_delref(source);
+		if (opt != NULL) {
+		    /* Defer oom until we drop the ref on source. */
+		    goto oom;
+		}
+	    }
+
+	    /* So we can inherit previous values. */
+	    prev_cmndspec = cmndspec;
+	}
+
+	/* Fill in command member now that options have been processed. */
+	m->negated = negated;
+	if (c == NULL) {
+	    /* No command name for "ALL" */
+	    m->type = ALL;
+	    if (cmndspec->tags.setenv == UNSPEC)
+		cmndspec->tags.setenv = IMPLIED;
+	} else {
+	    struct command_digest digest;
+	    char *args;
+
+	    m->type = COMMAND;
+
+	    /* Fill in command with optional digest. */
+	    if (sudo_ldap_extract_digest(&cmnd, &digest) != NULL) {
+		if ((c->digest = malloc(sizeof(*c->digest))) == NULL)
+		    goto oom;
+		*c->digest = digest;
+	    }
+	    if ((args = strpbrk(cmnd, " \t")) != NULL) {
+		*args++ = '\0';
+		if ((c->args = strdup(args)) == NULL)
+		    goto oom;
+	    }
+	    if ((c->cmnd = strdup(cmnd)) == NULL)
+		goto oom;
+	}
+    }
+    /* Negated commands take precedence so we insert them at the end. */
+    TAILQ_CONCAT(&priv->cmndlist, &negated_cmnds, entries);
+
+    debug_return_ptr(priv);
+
+oom:
+    sudo_warnx(U_("%s: %s"), __func__, U_("unable to allocate memory"));
+    if (priv != NULL) {
+	TAILQ_CONCAT(&priv->cmndlist, &negated_cmnds, entries);
+	free_privilege(priv);
+    }
+    debug_return_ptr(NULL);
+}
+
+/*
+ * If a digest prefix is present, fills in struct command_digest
+ * and returns a pointer to it, updating cmnd to point to the
+ * command after the digest.
+ */
+struct command_digest *
+sudo_ldap_extract_digest(char **cmnd, struct command_digest *digest)
+{
+    char *ep, *cp = *cmnd;
+    int digest_type = SUDO_DIGEST_INVALID;
+    debug_decl(sudo_ldap_check_command, SUDOERS_DEBUG_LDAP)
+
+    /*
+     * Check for and extract a digest prefix, e.g.
+     * sha224:d06a2617c98d377c250edd470fd5e576327748d82915d6e33b5f8db1 /bin/ls
+     */
+    if (cp[0] == 's' && cp[1] == 'h' && cp[2] == 'a') {
+	switch (cp[3]) {
+	case '2':
+	    if (cp[4] == '2' && cp[5] == '4')
+		digest_type = SUDO_DIGEST_SHA224;
+	    else if (cp[4] == '5' && cp[5] == '6')
+		digest_type = SUDO_DIGEST_SHA256;
+	    break;
+	case '3':
+	    if (cp[4] == '8' && cp[5] == '4')
+		digest_type = SUDO_DIGEST_SHA384;
+	    break;
+	case '5':
+	    if (cp[4] == '1' && cp[5] == '2')
+		digest_type = SUDO_DIGEST_SHA512;
+	    break;
+	}
+	if (digest_type != SUDO_DIGEST_INVALID) {
+	    cp += 6;
+	    while (isblank((unsigned char)*cp))
+		cp++;
+	    if (*cp == ':') {
+		cp++;
+		while (isblank((unsigned char)*cp))
+		    cp++;
+		ep = cp;
+		while (*ep != '\0' && !isblank((unsigned char)*ep))
+		    ep++;
+		if (*ep != '\0') {
+		    digest->digest_type = digest_type;
+		    digest->digest_str = strndup(cp, (size_t)(ep - cp));
+		    if (digest->digest_str == NULL) {
+			sudo_warnx(U_("%s: %s"), __func__, U_("unable to allocate memory"));
+			debug_return_ptr(NULL);
+		    }
+		    cp = ep + 1;
+		    while (isblank((unsigned char)*cp))
+			cp++;
+		    *cmnd = cp;
+		    sudo_debug_printf(SUDO_DEBUG_INFO,
+			"%s digest %s for %s",
+			digest_type_to_name(digest_type),
+			digest->digest_str, cp);
+		    debug_return_ptr(digest);
+		}
+	    }
+	}
+    }
+    debug_return_ptr(NULL);
+}
diff --git a/plugins/sudoers/linux_audit.c b/plugins/sudoers/linux_audit.c
new file mode 100644
index 0000000..6ac8be0
--- /dev/null
+++ b/plugins/sudoers/linux_audit.c
@@ -0,0 +1,111 @@
+/*
+ * Copyright (c) 2010-2015 Todd C. Miller <Todd.Miller@sudo.ws>
+ *
+ * Permission to use, copy, modify, and distribute this software for any
+ * purpose with or without fee is hereby granted, provided that the above
+ * copyright notice and this permission notice appear in all copies.
+ *
+ * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
+ * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
+ * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
+ * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
+ * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
+ * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
+ * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
+ */
+
+/*
+ * This is an open source non-commercial project. Dear PVS-Studio, please check it.
+ * PVS-Studio Static Code Analyzer for C, C++ and C#: http://www.viva64.com
+ */
+
+#include <config.h>
+
+#ifdef HAVE_LINUX_AUDIT
+
+#include <sys/types.h>
+#include <stdio.h>
+#include <stdlib.h>
+#include <errno.h>
+#include <fcntl.h>
+#include <string.h>
+#include <libaudit.h>
+
+#include "sudoers.h"
+#include "linux_audit.h"
+
+#define AUDIT_NOT_CONFIGURED	-2
+
+/*
+ * Open audit connection if possible.
+ * Returns audit fd on success and -1 on failure.
+ */
+static int
+linux_audit_open(void)
+{
+    static int au_fd = -1;
+    debug_decl(linux_audit_open, SUDOERS_DEBUG_AUDIT)
+
+    if (au_fd != -1)
+	debug_return_int(au_fd);
+    au_fd = audit_open();
+    if (au_fd == -1) {
+	/* Kernel may not have audit support. */
+	if (errno == EINVAL || errno == EPROTONOSUPPORT || errno == EAFNOSUPPORT)
+	    au_fd = AUDIT_NOT_CONFIGURED;
+	else
+	    sudo_warn(U_("unable to open audit system"));
+    } else {
+	(void)fcntl(au_fd, F_SETFD, FD_CLOEXEC);
+    }
+    debug_return_int(au_fd);
+}
+
+int
+linux_audit_command(char *argv[], int result)
+{
+    int au_fd, rc = -1;
+    char *command, *cp, **av;
+    size_t size, n;
+    debug_decl(linux_audit_command, SUDOERS_DEBUG_AUDIT)
+
+    /* Don't return an error if auditing is not configured. */
+    if ((au_fd = linux_audit_open()) < 0)
+	debug_return_int(au_fd == AUDIT_NOT_CONFIGURED ? 0 : -1);
+
+    /* Convert argv to a flat string. */
+    for (size = 0, av = argv; *av != NULL; av++)
+	size += strlen(*av) + 1;
+    command = malloc(size);
+    if (command == NULL) {
+	sudo_warnx(U_("%s: %s"), __func__, U_("unable to allocate memory"));
+	goto done;
+    }
+    for (av = argv, cp = command; *av != NULL; av++) {
+	n = strlcpy(cp, *av, size - (cp - command));
+	if (n >= size - (cp - command)) {
+	    sudo_warnx(U_("internal error, %s overflow"), __func__);
+	    goto done;
+	}
+	cp += n;
+	*cp++ = ' ';
+    }
+    *--cp = '\0';
+
+    /* Log command, ignoring ECONNREFUSED on error. */
+    if (audit_log_user_command(au_fd, AUDIT_USER_CMD, command, NULL, result) <= 0) {
+	if (errno != ECONNREFUSED) {
+	    sudo_warn(U_("unable to send audit message"));
+	    goto done;
+	}
+    }
+
+    rc = 0;
+
+done:
+    free(command);
+
+    debug_return_int(rc);
+}
+
+#endif /* HAVE_LINUX_AUDIT */
diff --git a/plugins/sudoers/linux_audit.h b/plugins/sudoers/linux_audit.h
new file mode 100644
index 0000000..84e55a0
--- /dev/null
+++ b/plugins/sudoers/linux_audit.h
@@ -0,0 +1,22 @@
+/*
+ * Copyright (c) 2010, 2013 Todd C. Miller <Todd.Miller@sudo.ws>
+ *
+ * Permission to use, copy, modify, and distribute this software for any
+ * purpose with or without fee is hereby granted, provided that the above
+ * copyright notice and this permission notice appear in all copies.
+ *
+ * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
+ * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
+ * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
+ * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
+ * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
+ * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
+ * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
+ */
+
+#ifndef SUDOERS_LINUX_AUDIT_H
+#define	SUDOERS_LINUX_AUDIT_H
+
+int	linux_audit_command(char *argv[], int result);
+
+#endif /* SUDOERS_LINUX_AUDIT_H */
diff --git a/plugins/sudoers/locale.c b/plugins/sudoers/locale.c
new file mode 100644
index 0000000..c69fd60
--- /dev/null
+++ b/plugins/sudoers/locale.c
@@ -0,0 +1,156 @@
+/*
+ * Copyright (c) 2012-2016 Todd C. Miller <Todd.Miller@sudo.ws>
+ *
+ * Permission to use, copy, modify, and distribute this software for any
+ * purpose with or without fee is hereby granted, provided that the above
+ * copyright notice and this permission notice appear in all copies.
+ *
+ * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
+ * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
+ * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
+ * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
+ * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
+ * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
+ * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
+ */
+
+/*
+ * This is an open source non-commercial project. Dear PVS-Studio, please check it.
+ * PVS-Studio Static Code Analyzer for C, C++ and C#: http://www.viva64.com
+ */
+
+#include <config.h>
+
+#include <sys/types.h>
+#include <stdio.h>
+#include <stdlib.h>
+#ifdef HAVE_STRING_H
+# include <string.h>
+#endif /* HAVE_STRING_H */
+#ifdef HAVE_STRINGS_H
+# include <strings.h>
+#endif /* HAVE_STRINGS_H */
+#ifdef HAVE_STDBOOL_H
+# include <stdbool.h>
+#else
+# include "compat/stdbool.h"
+#endif /* HAVE_STDBOOL_H */
+
+#define DEFAULT_TEXT_DOMAIN	"sudoers"
+#include "sudo_gettext.h"	/* must be included before sudo_compat.h */
+
+#include "sudo_compat.h"
+#include "sudo_fatal.h"
+#include "sudoers_debug.h"
+#include "defaults.h"
+#include "logging.h"
+
+static int current_locale = SUDOERS_LOCALE_USER;
+static char *user_locale;
+static char *sudoers_locale;
+
+int
+sudoers_getlocale(void)
+{
+    debug_decl(sudoers_getlocale, SUDOERS_DEBUG_UTIL)
+    debug_return_int(current_locale);
+}
+
+bool
+sudoers_initlocale(const char *ulocale, const char *slocale)
+{
+    debug_decl(sudoers_initlocale, SUDOERS_DEBUG_UTIL)
+
+    if (ulocale != NULL) {
+	free(user_locale);
+	if ((user_locale = strdup(ulocale)) == NULL)
+	    debug_return_bool(false);
+    }
+    if (slocale != NULL) {
+	free(sudoers_locale);
+	if ((sudoers_locale = strdup(slocale)) == NULL)
+	    debug_return_bool(false);
+    }
+    sudo_debug_printf(SUDO_DEBUG_INFO, "%s: user locale %s, sudoers locale %s",
+	__func__, user_locale, sudoers_locale);
+    debug_return_bool(true);
+}
+
+/*
+ * Set locale to user or sudoers value.
+ * Returns true on success and false on failure,
+ * If prevlocale is non-NULL it will be filled in with the
+ * old SUDOERS_LOCALE_* value.
+ */
+bool
+sudoers_setlocale(int newlocale, int *prevlocale)
+{
+    char *res = NULL;
+    debug_decl(sudoers_setlocale, SUDOERS_DEBUG_UTIL)
+
+    switch (newlocale) {
+	case SUDOERS_LOCALE_USER:
+	    if (prevlocale)
+		*prevlocale = current_locale;
+	    if (current_locale != SUDOERS_LOCALE_USER) {
+		current_locale = SUDOERS_LOCALE_USER;
+		sudo_debug_printf(SUDO_DEBUG_DEBUG,
+		    "%s: setting locale to %s (user)", __func__,
+		    user_locale ? user_locale : "");
+		res = setlocale(LC_ALL, user_locale ? user_locale : "");
+		if (res != NULL && user_locale == NULL) {
+		    user_locale = setlocale(LC_ALL, NULL);
+		    if (user_locale != NULL)
+			user_locale = strdup(user_locale);
+		    if (user_locale == NULL)
+			res = NULL;
+		}
+	    }
+	    break;
+	case SUDOERS_LOCALE_SUDOERS:
+	    if (prevlocale)
+		*prevlocale = current_locale;
+	    if (current_locale != SUDOERS_LOCALE_SUDOERS) {
+		current_locale = SUDOERS_LOCALE_SUDOERS;
+		sudo_debug_printf(SUDO_DEBUG_DEBUG,
+		    "%s: setting locale to %s (sudoers)", __func__,
+		    sudoers_locale ? sudoers_locale : "C");
+		res = setlocale(LC_ALL, sudoers_locale ? sudoers_locale : "C");
+		if (res == NULL && sudoers_locale != NULL) {
+		    if (strcmp(sudoers_locale, "C") != 0) {
+			free(sudoers_locale);
+			sudoers_locale = strdup("C");
+			if (sudoers_locale != NULL)
+			    res = setlocale(LC_ALL, "C");
+		    }
+		}
+	    }
+	    break;
+    }
+    debug_return_bool(res ? true : false);
+}
+
+bool
+sudoers_warn_setlocale(bool restore, int *cookie)
+{
+    debug_decl(sudoers_warn_setlocale, SUDOERS_DEBUG_UTIL)
+
+    if (restore)
+	debug_return_bool(sudoers_setlocale(*cookie, NULL));
+    debug_return_bool(sudoers_setlocale(SUDOERS_LOCALE_USER, cookie));
+}
+
+/*
+ * Callback for sudoers_locale sudoers setting.
+ */
+bool
+sudoers_locale_callback(const union sudo_defs_val *sd_un)
+{
+    debug_decl(sudoers_locale_callback, SUDOERS_DEBUG_UTIL)
+
+    if (sudoers_initlocale(NULL, sd_un->str)) {
+	if (setlocale(LC_ALL, sd_un->str) != NULL)
+	    debug_return_bool(true);
+    }
+    debug_return_bool(false);
+}
diff --git a/plugins/sudoers/logging.c b/plugins/sudoers/logging.c
new file mode 100644
index 0000000..9562609
--- /dev/null
+++ b/plugins/sudoers/logging.c
@@ -0,0 +1,1044 @@
+/*
+ * Copyright (c) 1994-1996, 1998-2018 Todd C. Miller <Todd.Miller@sudo.ws>
+ *
+ * Permission to use, copy, modify, and distribute this software for any
+ * purpose with or without fee is hereby granted, provided that the above
+ * copyright notice and this permission notice appear in all copies.
+ *
+ * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
+ * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
+ * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
+ * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
+ * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
+ * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
+ * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
+ *
+ * Sponsored in part by the Defense Advanced Research Projects
+ * Agency (DARPA) and Air Force Research Laboratory, Air Force
+ * Materiel Command, USAF, under agreement number F39502-99-1-0512.
+ */
+
+/*
+ * This is an open source non-commercial project. Dear PVS-Studio, please check it.
+ * PVS-Studio Static Code Analyzer for C, C++ and C#: http://www.viva64.com
+ */
+
+#ifdef __TANDEM
+# include <floss.h>
+#endif
+
+#include <config.h>
+
+#include <sys/types.h>
+#include <sys/stat.h>
+#include <sys/ioctl.h>
+#include <sys/wait.h>
+#include <stdio.h>
+#include <stdlib.h>
+#ifdef HAVE_STRING_H
+# include <string.h>
+#endif /* HAVE_STRING_H */
+#ifdef HAVE_STRINGS_H
+# include <strings.h>
+#endif /* HAVE_STRINGS_H */
+#include <unistd.h>
+#ifdef HAVE_NL_LANGINFO
+# include <langinfo.h>
+#endif /* HAVE_NL_LANGINFO */
+#include <netdb.h>
+#include <pwd.h>
+#include <grp.h>
+#include <signal.h>
+#include <time.h>
+#include <ctype.h>
+#include <errno.h>
+#include <fcntl.h>
+#include <syslog.h>
+
+#include "sudoers.h"
+
+#ifndef HAVE_GETADDRINFO
+# include "compat/getaddrinfo.h"
+#endif
+
+/* Special message for log_warning() so we know to use ngettext() */
+#define INCORRECT_PASSWORD_ATTEMPT	((char *)0x01)
+
+static void do_syslog(int, char *);
+static bool do_logfile(const char *);
+static bool send_mail(const char *fmt, ...);
+static bool should_mail(int);
+static void mysyslog(int, const char *, ...);
+static char *new_logline(const char *, const char *);
+
+#define MAXSYSLOGTRIES	16	/* num of retries for broken syslogs */
+
+/*
+ * We do an openlog(3)/closelog(3) for each message because some
+ * authentication methods (notably PAM) use syslog(3) for their
+ * own nefarious purposes and may call openlog(3) and closelog(3).
+ */
+static void
+mysyslog(int pri, const char *fmt, ...)
+{
+    const int flags = def_syslog_pid ? LOG_PID : 0;
+    va_list ap;
+    debug_decl(mysyslog, SUDOERS_DEBUG_LOGGING)
+
+    openlog("sudo", flags, def_syslog);
+    va_start(ap, fmt);
+    vsyslog(pri, fmt, ap);
+    va_end(ap);
+    closelog();
+    debug_return;
+}
+
+/*
+ * Log a message to syslog, pre-pending the username and splitting the
+ * message into parts if it is longer than syslog_maxlen.
+ */
+static void
+do_syslog(int pri, char *msg)
+{
+    size_t len, maxlen;
+    char *p, *tmp, save;
+    const char *fmt;
+    int oldlocale;
+    debug_decl(do_syslog, SUDOERS_DEBUG_LOGGING)
+
+    /* A priority of -1 corresponds to "none". */
+    if (pri == -1)
+	debug_return;
+
+    sudoers_setlocale(SUDOERS_LOCALE_SUDOERS, &oldlocale);
+
+    /*
+     * Log the full line, breaking into multiple syslog(3) calls if necessary
+     */
+    fmt = _("%8s : %s");
+    maxlen = def_syslog_maxlen - (strlen(fmt) - 5 + strlen(user_name));
+    for (p = msg; *p != '\0'; ) {
+	len = strlen(p);
+	if (len > maxlen) {
+	    /*
+	     * Break up the line into what will fit on one syslog(3) line
+	     * Try to avoid breaking words into several lines if possible.
+	     */
+	    tmp = memrchr(p, ' ', maxlen);
+	    if (tmp == NULL)
+		tmp = p + maxlen;
+
+	    /* NULL terminate line, but save the char to restore later */
+	    save = *tmp;
+	    *tmp = '\0';
+
+	    mysyslog(pri, fmt, user_name, p);
+
+	    *tmp = save;			/* restore saved character */
+
+	    /* Advance p and eliminate leading whitespace */
+	    for (p = tmp; *p == ' '; p++)
+		continue;
+	} else {
+	    mysyslog(pri, fmt, user_name, p);
+	    p += len;
+	}
+	fmt = _("%8s : (command continued) %s");
+	maxlen = def_syslog_maxlen - (strlen(fmt) - 5 + strlen(user_name));
+    }
+
+    sudoers_setlocale(oldlocale, NULL);
+
+    debug_return;
+}
+
+static bool
+do_logfile(const char *msg)
+{
+    static bool warned = false;
+    const char *timestr;
+    int len, oldlocale;
+    bool ret = false;
+    char *full_line;
+    mode_t oldmask;
+    FILE *fp;
+    debug_decl(do_logfile, SUDOERS_DEBUG_LOGGING)
+
+    sudoers_setlocale(SUDOERS_LOCALE_SUDOERS, &oldlocale);
+
+    oldmask = umask(S_IRWXG|S_IRWXO);
+    fp = fopen(def_logfile, "a");
+    (void) umask(oldmask);
+    if (fp == NULL) {
+	if (!warned) {
+	    log_warning(SLOG_SEND_MAIL|SLOG_NO_LOG,
+		N_("unable to open log file: %s"), def_logfile);
+	    warned = true;
+	}
+	goto done;
+    }
+    if (!sudo_lock_file(fileno(fp), SUDO_LOCK)) {
+	if (!warned) {
+	    log_warning(SLOG_SEND_MAIL|SLOG_NO_LOG,
+		N_("unable to lock log file: %s"), def_logfile);
+	    warned = true;
+	}
+	goto done;
+    }
+
+    timestr = get_timestr(time(NULL), def_log_year);
+    if (timestr == NULL)
+	timestr = "invalid date";
+    if (def_log_host) {
+	len = asprintf(&full_line, "%s : %s : HOST=%s : %s",
+	    timestr, user_name, user_srunhost, msg);
+    } else {
+	len = asprintf(&full_line, "%s : %s : %s",
+	    timestr, user_name, msg);
+    }
+    if (len == -1) {
+	sudo_warnx(U_("%s: %s"), __func__, U_("unable to allocate memory"));
+	goto done;
+    }
+    if ((size_t)def_loglinelen < sizeof(LOG_INDENT)) {
+	/* Don't pretty-print long log file lines (hard to grep). */
+	(void) fputs(full_line, fp);
+	(void) fputc('\n', fp);
+    } else {
+	/* Write line with word wrap around def_loglinelen chars. */
+	writeln_wrap(fp, full_line, len, def_loglinelen);
+    }
+    free(full_line);
+    (void) fflush(fp);
+    if (ferror(fp)) {
+	if (!warned) {
+	    log_warning(SLOG_SEND_MAIL|SLOG_NO_LOG,
+		N_("unable to write log file: %s"), def_logfile);
+	    warned = true;
+	}
+	goto done;
+    }
+    ret = true;
+
+done:
+    if (fp != NULL)
+	(void) fclose(fp);
+    sudoers_setlocale(oldlocale, NULL);
+
+    debug_return_bool(ret);
+}
+
+/*
+ * Log, audit and mail the denial message, optionally informing the user.
+ */
+bool
+log_denial(int status, bool inform_user)
+{
+    const char *message;
+    char *logline;
+    int oldlocale;
+    bool uid_changed, ret = true;
+    debug_decl(log_denial, SUDOERS_DEBUG_LOGGING)
+
+    /* Handle auditing first (audit_failure() handles the locale itself). */
+    if (ISSET(status, FLAG_NO_USER | FLAG_NO_HOST))
+	audit_failure(NewArgc, NewArgv, N_("No user or host"));
+    else
+	audit_failure(NewArgc, NewArgv, N_("validation failure"));
+
+    /* Log and mail messages should be in the sudoers locale. */
+    sudoers_setlocale(SUDOERS_LOCALE_SUDOERS, &oldlocale);
+
+    /* Set error message. */
+    if (ISSET(status, FLAG_NO_USER))
+	message = _("user NOT in sudoers");
+    else if (ISSET(status, FLAG_NO_HOST))
+	message = _("user NOT authorized on host");
+    else
+	message = _("command not allowed");
+
+    logline = new_logline(message, NULL);
+    if (logline == NULL)
+	debug_return_bool(false);
+
+    /* Become root if we are not already. */
+    uid_changed = set_perms(PERM_ROOT);
+
+    if (should_mail(status))
+	send_mail("%s", logline);	/* send mail based on status */
+
+    /*
+     * Log via syslog and/or a file.
+     */
+    if (def_syslog)
+	do_syslog(def_syslog_badpri, logline);
+    if (def_logfile && !do_logfile(logline))
+	ret = false;
+
+    if (uid_changed) {
+	if (!restore_perms())
+	    ret = false;		/* XXX - return -1 instead? */
+    }
+
+    free(logline);
+
+    /* Restore locale. */
+    sudoers_setlocale(oldlocale, NULL);
+
+    /* Inform the user if they failed to authenticate (in their locale).  */
+    if (inform_user) {
+	sudoers_setlocale(SUDOERS_LOCALE_USER, &oldlocale);
+
+	if (ISSET(status, FLAG_NO_USER)) {
+	    sudo_printf(SUDO_CONV_ERROR_MSG, _("%s is not in the sudoers "
+		"file.  This incident will be reported.\n"), user_name);
+	} else if (ISSET(status, FLAG_NO_HOST)) {
+	    sudo_printf(SUDO_CONV_ERROR_MSG, _("%s is not allowed to run sudo "
+		"on %s.  This incident will be reported.\n"),
+		user_name, user_srunhost);
+	} else if (ISSET(status, FLAG_NO_CHECK)) {
+	    sudo_printf(SUDO_CONV_ERROR_MSG, _("Sorry, user %s may not run "
+		"sudo on %s.\n"), user_name, user_srunhost);
+	} else {
+	    sudo_printf(SUDO_CONV_ERROR_MSG, _("Sorry, user %s is not allowed "
+		"to execute '%s%s%s' as %s%s%s on %s.\n"),
+		user_name, user_cmnd, user_args ? " " : "",
+		user_args ? user_args : "",
+		list_pw ? list_pw->pw_name : runas_pw ?
+		runas_pw->pw_name : user_name, runas_gr ? ":" : "",
+		runas_gr ? runas_gr->gr_name : "", user_host);
+	}
+	sudoers_setlocale(oldlocale, NULL);
+    }
+    debug_return_bool(ret);
+}
+
+/*
+ * Log and audit that user was not allowed to run the command.
+ */
+bool
+log_failure(int status, int flags)
+{
+    bool ret, inform_user = true;
+    debug_decl(log_failure, SUDOERS_DEBUG_LOGGING)
+
+    /* The user doesn't always get to see the log message (path info). */
+    if (!ISSET(status, FLAG_NO_USER | FLAG_NO_HOST) && def_path_info &&
+	(flags == NOT_FOUND_DOT || flags == NOT_FOUND))
+	inform_user = false;
+    ret = log_denial(status, inform_user);
+
+    if (!inform_user) {
+	/*
+	 * We'd like to not leak path info at all here, but that can
+	 * *really* confuse the users.  To really close the leak we'd
+	 * have to say "not allowed to run foo" even when the problem
+	 * is just "no foo in path" since the user can trivially set
+	 * their path to just contain a single dir.
+	 */
+	if (flags == NOT_FOUND)
+	    sudo_warnx(U_("%s: command not found"), user_cmnd);
+	else if (flags == NOT_FOUND_DOT)
+	    sudo_warnx(U_("ignoring \"%s\" found in '.'\nUse \"sudo ./%s\" if this is the \"%s\" you wish to run."), user_cmnd, user_cmnd, user_cmnd);
+    }
+
+    debug_return_bool(ret);
+}
+
+/*
+ * Log and audit that user was not able to authenticate themselves.
+ */
+bool
+log_auth_failure(int status, unsigned int tries)
+{
+    int flags = 0;
+    bool ret = true;
+    debug_decl(log_auth_failure, SUDOERS_DEBUG_LOGGING)
+
+    /* Handle auditing first. */
+    audit_failure(NewArgc, NewArgv, N_("authentication failure"));
+
+    /*
+     * Do we need to send mail?
+     * We want to avoid sending multiple messages for the same command
+     * so if we are going to send an email about the denial, that takes
+     * precedence.
+     */
+    if (ISSET(status, VALIDATE_SUCCESS)) {
+	/* Command allowed, auth failed; do we need to send mail? */
+	if (def_mail_badpass || def_mail_always)
+	    SET(flags, SLOG_SEND_MAIL);
+    } else {
+	/* Command denied, auth failed; make sure we don't send mail twice. */
+	if (def_mail_badpass && !should_mail(status))
+	    SET(flags, SLOG_SEND_MAIL);
+	/* Don't log the bad password message, we'll log a denial instead. */
+	SET(flags, SLOG_NO_LOG);
+    }
+
+    /*
+     * If sudoers denied the command we'll log that separately.
+     */
+    if (ISSET(status, FLAG_BAD_PASSWORD))
+	ret = log_warningx(flags, INCORRECT_PASSWORD_ATTEMPT, tries);
+    else if (ISSET(status, FLAG_NON_INTERACTIVE))
+	ret = log_warningx(flags, N_("a password is required"));
+
+    debug_return_bool(ret);
+}
+
+/*
+ * Log and potentially mail the allowed command.
+ */
+bool
+log_allowed(int status)
+{
+    char *logline;
+    int oldlocale;
+    bool uid_changed, ret = true;
+    debug_decl(log_allowed, SUDOERS_DEBUG_LOGGING)
+
+    /* Log and mail messages should be in the sudoers locale. */
+    sudoers_setlocale(SUDOERS_LOCALE_SUDOERS, &oldlocale);
+
+    if ((logline = new_logline(NULL, NULL)) == NULL)
+	debug_return_bool(false);
+
+    /* Become root if we are not already. */
+    uid_changed = set_perms(PERM_ROOT);
+
+    /* XXX - return value */
+    if (should_mail(status))
+	send_mail("%s", logline);	/* send mail based on status */
+
+    /*
+     * Log via syslog and/or a file.
+     */
+    if (def_syslog)
+	do_syslog(def_syslog_goodpri, logline);
+    if (def_logfile && !do_logfile(logline))
+	ret = false;
+
+    if (uid_changed) {
+	if (!restore_perms())
+	    ret = false;		/* XXX - return -1 instead? */
+    }
+
+    free(logline);
+
+    sudoers_setlocale(oldlocale, NULL);
+
+    debug_return_bool(ret);
+}
+
+/*
+ * Format an authentication failure message, using either
+ * authfail_message from sudoers or a locale-specific message.
+ */
+static int
+fmt_authfail_message(char **str, va_list ap)
+{
+    unsigned int tries = va_arg(ap, unsigned int);
+    char *src, *dst0, *dst, *dst_end;
+    size_t size;
+    int len;
+    debug_decl(fmt_authfail_message, SUDOERS_DEBUG_LOGGING)
+
+    if (def_authfail_message == NULL) {
+	debug_return_int(asprintf(str, ngettext("%u incorrect password attempt",
+	    "%u incorrect password attempts", tries), tries));
+    }
+
+    src = def_authfail_message;
+    size = strlen(src) + 33;
+    if ((dst0 = dst = malloc(size)) == NULL)
+	debug_return_int(-1);
+    dst_end = dst + size;
+
+    /* Always leave space for the terminating NUL. */
+    while (*src != '\0' && dst + 1 < dst_end) {
+	if (src[0] == '%') {
+	    switch (src[1]) {
+	    case '%':
+		src++;
+		break;
+	    case 'd':
+		len = snprintf(dst, dst_end - dst, "%u", tries);
+		if (len == -1 || len >= (int)(dst_end - dst))
+		    goto done;
+		dst += len;
+		src += 2;
+		continue;
+	    default:
+		break;
+	    }
+	}
+	*dst++ = *src++;
+    }
+done:
+    *dst = '\0';
+
+    *str = dst0;
+#ifdef __clang_analyzer__
+    /* clang analyzer false positive */
+    if (__builtin_expect(dst < dst0, 0))
+	__builtin_trap();
+#endif
+    debug_return_int(dst - dst0);
+}
+
+/*
+ * Perform logging for log_warning()/log_warningx().
+ */
+static bool
+vlog_warning(int flags, int errnum, const char *fmt, va_list ap)
+{
+    int oldlocale;
+    const char *errstr = NULL;
+    char *logline, *message;
+    bool uid_changed, ret = true;
+    va_list ap2;
+    int len;
+    debug_decl(vlog_warning, SUDOERS_DEBUG_LOGGING)
+
+    /* Need extra copy of ap for sudo_vwarn()/sudo_vwarnx() below. */
+    va_copy(ap2, ap);
+
+    /* Log messages should be in the sudoers locale. */
+    sudoers_setlocale(SUDOERS_LOCALE_SUDOERS, &oldlocale);
+
+    /* Expand printf-style format + args (with a special case). */
+    if (fmt == INCORRECT_PASSWORD_ATTEMPT) {
+	len = fmt_authfail_message(&message, ap);
+    } else {
+	len = vasprintf(&message, _(fmt), ap);
+    }
+    if (len == -1) {
+	sudo_warnx(U_("%s: %s"), __func__, U_("unable to allocate memory"));
+	ret = false;
+	goto done;
+    }
+
+    if (ISSET(flags, SLOG_USE_ERRNO))
+	errstr = strerror(errnum);
+    else if (ISSET(flags, SLOG_GAI_ERRNO))
+	errstr = gai_strerror(errnum);
+
+    /* Log to debug file. */
+    if (errstr != NULL) {
+	sudo_debug_printf2(NULL, NULL, 0,
+	    SUDO_DEBUG_WARN|sudo_debug_subsys, "%s: %s", message, errstr);
+    } else {
+	sudo_debug_printf2(NULL, NULL, 0,
+	    SUDO_DEBUG_WARN|sudo_debug_subsys, "%s", message);
+    }
+
+    if (ISSET(flags, SLOG_RAW_MSG)) {
+	logline = message;
+    } else {
+	logline = new_logline(message, errstr);
+        free(message);
+	if (logline == NULL) {
+	    ret = false;
+	    sudo_warnx(U_("%s: %s"), __func__, U_("unable to allocate memory"));
+	    goto done;
+	}
+    }
+
+    /* Become root if we are not already. */
+    uid_changed = set_perms(PERM_ROOT);
+
+    /*
+     * Send a copy of the error via mail.
+     * XXX - return value
+     */
+    if (ISSET(flags, SLOG_SEND_MAIL))
+	send_mail("%s", logline);
+
+    /*
+     * Log to syslog and/or a file.
+     */
+    if (!ISSET(flags, SLOG_NO_LOG)) {
+	if (def_syslog)
+	    do_syslog(def_syslog_badpri, logline);
+	if (def_logfile && !do_logfile(logline))
+	    ret = false;
+    }
+
+    if (uid_changed) {
+	if (!restore_perms())
+	    ret = false;
+    }
+
+    free(logline);
+
+    /*
+     * Tell the user (in their locale).
+     */
+    if (!ISSET(flags, SLOG_NO_STDERR)) {
+	sudoers_setlocale(SUDOERS_LOCALE_USER, NULL);
+	if (fmt == INCORRECT_PASSWORD_ATTEMPT) {
+	    len = fmt_authfail_message(&message, ap2);
+	    if (len == -1) {
+		sudo_warnx(U_("%s: %s"), __func__,
+		    U_("unable to allocate memory"));
+		ret = false;
+		goto done;
+	    }
+	    sudo_warnx_nodebug("%s", message);
+	    free(message);
+	} else {
+	    if (ISSET(flags, SLOG_USE_ERRNO)) {
+		errno = errnum;
+		sudo_vwarn_nodebug(_(fmt), ap2);
+	    } else if (ISSET(flags, SLOG_GAI_ERRNO)) {
+		sudo_gai_vwarn_nodebug(errnum, _(fmt), ap2);
+	    } else
+		sudo_vwarnx_nodebug(_(fmt), ap2);
+	}
+    }
+
+done:
+    va_end(ap2);
+    sudoers_setlocale(oldlocale, NULL);
+
+    debug_return_bool(ret);
+}
+
+bool
+log_warning(int flags, const char *fmt, ...)
+{
+    va_list ap;
+    bool ret;
+    debug_decl(log_warning, SUDOERS_DEBUG_LOGGING)
+
+    /* Log the error. */
+    va_start(ap, fmt);
+    ret = vlog_warning(flags|SLOG_USE_ERRNO, errno, fmt, ap);
+    va_end(ap);
+
+    debug_return_bool(ret);
+}
+
+bool
+log_warningx(int flags, const char *fmt, ...)
+{
+    va_list ap;
+    bool ret;
+    debug_decl(log_warningx, SUDOERS_DEBUG_LOGGING)
+
+    /* Log the error. */
+    va_start(ap, fmt);
+    ret = vlog_warning(flags, 0, fmt, ap);
+    va_end(ap);
+
+    debug_return_bool(ret);
+}
+
+bool
+gai_log_warning(int flags, int errnum, const char *fmt, ...)
+{
+    va_list ap;
+    bool ret;
+    debug_decl(gai_log_warning, SUDOERS_DEBUG_LOGGING)
+
+    /* Log the error. */
+    va_start(ap, fmt);
+    ret = vlog_warning(flags|SLOG_GAI_ERRNO, errnum, fmt, ap);
+    va_end(ap);
+
+    debug_return_bool(ret);
+}
+
+
+#define MAX_MAILFLAGS	63
+
+/*
+ * Send a message to MAILTO user
+ */
+static bool
+send_mail(const char *fmt, ...)
+{
+    FILE *mail;
+    char *p;
+    const char *timestr;
+    int fd, pfd[2], status;
+    pid_t pid, rv;
+    struct stat sb;
+    va_list ap;
+#ifndef NO_ROOT_MAILER
+    static char *root_envp[] = {
+	"HOME=/",
+	"PATH=/usr/bin:/bin:/usr/sbin:/sbin",
+	"LOGNAME=root",
+	"USER=root",
+# ifdef _AIX
+	"LOGIN=root",
+# endif
+	NULL
+    };
+#endif /* NO_ROOT_MAILER */
+    debug_decl(send_mail, SUDOERS_DEBUG_LOGGING)
+
+    /* If mailer is disabled just return. */
+    if (!def_mailerpath || !def_mailto)
+	debug_return_bool(true);
+
+    /* Make sure the mailer exists and is a regular file. */
+    if (stat(def_mailerpath, &sb) != 0 || !S_ISREG(sb.st_mode))
+	debug_return_bool(false);
+
+    /* Fork and return, child will daemonize. */
+    switch (pid = sudo_debug_fork()) {
+	case -1:
+	    /* Error. */
+	    sudo_warn(U_("unable to fork"));
+	    debug_return_bool(false);
+	    break;
+	case 0:
+	    /* Child. */
+	    switch (pid = fork()) {
+		case -1:
+		    /* Error. */
+		    mysyslog(LOG_ERR, _("unable to fork: %m"));
+		    sudo_debug_printf(SUDO_DEBUG_ERROR, "unable to fork: %s",
+			strerror(errno));
+		    _exit(1);
+		case 0:
+		    /* Grandchild continues below. */
+		    break;
+		default:
+		    /* Parent will wait for us. */
+		    _exit(0);
+	    }
+	    break;
+	default:
+	    /* Parent. */
+	    for (;;) {
+		rv = waitpid(pid, &status, 0);
+		if (rv == -1 && errno != EINTR)
+		    break;
+		if (rv != -1 && !WIFSTOPPED(status))
+		    break;
+	    }
+	    return true; /* not debug */
+    }
+
+    /* Daemonize - disassociate from session/tty. */
+    if (setsid() == -1)
+      sudo_warn("setsid");
+    if (chdir("/") == -1)
+      sudo_warn("chdir(/)");
+    fd = open(_PATH_DEVNULL, O_RDWR, S_IRUSR|S_IWUSR|S_IRGRP|S_IROTH);
+    if (fd != -1) {
+	(void) dup2(fd, STDIN_FILENO);
+	(void) dup2(fd, STDOUT_FILENO);
+	(void) dup2(fd, STDERR_FILENO);
+    }
+
+    sudoers_setlocale(SUDOERS_LOCALE_SUDOERS, NULL);
+
+    /* Close fds so we don't leak anything. */
+    closefrom(STDERR_FILENO + 1);
+
+    if (pipe(pfd) == -1) {
+	mysyslog(LOG_ERR, _("unable to open pipe: %m"));
+	sudo_debug_printf(SUDO_DEBUG_ERROR, "unable to open pipe: %s",
+	    strerror(errno));
+	sudo_debug_exit(__func__, __FILE__, __LINE__, sudo_debug_subsys);
+	_exit(1);
+    }
+
+    switch (pid = sudo_debug_fork()) {
+	case -1:
+	    /* Error. */
+	    mysyslog(LOG_ERR, _("unable to fork: %m"));
+	    sudo_debug_printf(SUDO_DEBUG_ERROR, "unable to fork: %s",
+		strerror(errno));
+	    sudo_debug_exit(__func__, __FILE__, __LINE__, sudo_debug_subsys);
+	    _exit(1);
+	    break;
+	case 0:
+	    {
+		char *last, *argv[MAX_MAILFLAGS + 1];
+		char *mflags, *mpath = def_mailerpath;
+		int i;
+
+		/* Child, set stdin to output side of the pipe */
+		if (pfd[0] != STDIN_FILENO) {
+		    if (dup2(pfd[0], STDIN_FILENO) == -1) {
+			mysyslog(LOG_ERR, _("unable to dup stdin: %m"));
+			sudo_debug_printf(SUDO_DEBUG_ERROR,
+			    "unable to dup stdin: %s", strerror(errno));
+			_exit(127);
+		    }
+		    (void) close(pfd[0]);
+		}
+		(void) close(pfd[1]);
+
+		/* Build up an argv based on the mailer path and flags */
+		if ((mflags = strdup(def_mailerflags)) == NULL) {
+		    mysyslog(LOG_ERR, _("unable to allocate memory"));
+		    _exit(127);
+		}
+		if ((argv[0] = strrchr(mpath, '/')))
+		    argv[0]++;
+		else
+		    argv[0] = mpath;
+
+		i = 1;
+		if ((p = strtok_r(mflags, " \t", &last))) {
+		    do {
+			argv[i] = p;
+		    } while (++i < MAX_MAILFLAGS && (p = strtok_r(NULL, " \t", &last)));
+		}
+		argv[i] = NULL;
+
+		/*
+		 * Depending on the config, either run the mailer as root
+		 * (so user cannot kill it) or as the user (for the paranoid).
+		 */
+#ifndef NO_ROOT_MAILER
+		(void) set_perms(PERM_ROOT);
+		execve(mpath, argv, root_envp);
+#else
+		(void) set_perms(PERM_FULL_USER);
+		execv(mpath, argv);
+#endif /* NO_ROOT_MAILER */
+		mysyslog(LOG_ERR, _("unable to execute %s: %m"), mpath);
+		sudo_debug_printf(SUDO_DEBUG_ERROR, "unable to execute %s: %s",
+		    mpath, strerror(errno));
+		_exit(127);
+	    }
+	    break;
+    }
+
+    (void) close(pfd[0]);
+    mail = fdopen(pfd[1], "w");
+
+    /* Pipes are all setup, send message. */
+    (void) fprintf(mail, "To: %s\nFrom: %s\nAuto-Submitted: %s\nSubject: ",
+	def_mailto, def_mailfrom ? def_mailfrom : user_name, "auto-generated");
+    for (p = _(def_mailsub); *p; p++) {
+	/* Expand escapes in the subject */
+	if (*p == '%' && *(p+1) != '%') {
+	    switch (*(++p)) {
+		case 'h':
+		    (void) fputs(user_host, mail);
+		    break;
+		case 'u':
+		    (void) fputs(user_name, mail);
+		    break;
+		default:
+		    p--;
+		    break;
+	    }
+	} else
+	    (void) fputc(*p, mail);
+    }
+
+#ifdef HAVE_NL_LANGINFO
+    if (strcmp(def_sudoers_locale, "C") != 0)
+	(void) fprintf(mail, "\nContent-Type: text/plain; charset=\"%s\"\nContent-Transfer-Encoding: 8bit", nl_langinfo(CODESET));
+#endif /* HAVE_NL_LANGINFO */
+
+    if ((timestr = get_timestr(time(NULL), def_log_year)) == NULL)
+	timestr = "invalid date";
+    (void) fprintf(mail, "\n\n%s : %s : %s : ", user_host, timestr, user_name);
+    va_start(ap, fmt);
+    (void) vfprintf(mail, fmt, ap);
+    va_end(ap);
+    fputs("\n\n", mail);
+
+    fclose(mail);
+    for (;;) {
+	rv = waitpid(pid, &status, 0);
+	if (rv == -1 && errno != EINTR)
+	    break;
+	if (rv != -1 && !WIFSTOPPED(status))
+	    break;
+    }
+    sudo_debug_exit(__func__, __FILE__, __LINE__, sudo_debug_subsys);
+    _exit(0);
+}
+
+/*
+ * Determine whether we should send mail based on "status" and defaults options.
+ */
+static bool
+should_mail(int status)
+{
+    debug_decl(should_mail, SUDOERS_DEBUG_LOGGING)
+
+    debug_return_bool(def_mail_always || ISSET(status, VALIDATE_ERROR) ||
+	(def_mail_all_cmnds && ISSET(sudo_mode, (MODE_RUN|MODE_EDIT))) ||
+	(def_mail_no_user && ISSET(status, FLAG_NO_USER)) ||
+	(def_mail_no_host && ISSET(status, FLAG_NO_HOST)) ||
+	(def_mail_no_perms && !ISSET(status, VALIDATE_SUCCESS)));
+}
+
+#define	LL_TTY_STR	"TTY="
+#define	LL_CWD_STR	"PWD="		/* XXX - should be CWD= */
+#define	LL_USER_STR	"USER="
+#define	LL_GROUP_STR	"GROUP="
+#define	LL_ENV_STR	"ENV="
+#define	LL_CMND_STR	"COMMAND="
+#define	LL_TSID_STR	"TSID="
+
+#define IS_SESSID(s) ( \
+    isalnum((unsigned char)(s)[0]) && isalnum((unsigned char)(s)[1]) && \
+    (s)[2] == '/' && \
+    isalnum((unsigned char)(s)[3]) && isalnum((unsigned char)(s)[4]) && \
+    (s)[5] == '/' && \
+    isalnum((unsigned char)(s)[6]) && isalnum((unsigned char)(s)[7]) && \
+    (s)[8] == '\0')
+
+/*
+ * Allocate and fill in a new logline.
+ */
+static char *
+new_logline(const char *message, const char *errstr)
+{
+    char *line = NULL, *evstr = NULL;
+#ifndef SUDOERS_NO_SEQ
+    char sessid[7];
+#endif
+    const char *tsid = NULL;
+    size_t len = 0;
+    debug_decl(new_logline, SUDOERS_DEBUG_LOGGING)
+
+#ifndef SUDOERS_NO_SEQ
+    /* A TSID may be a sudoers-style session ID or a free-form string. */
+    if (sudo_user.iolog_file != NULL) {
+	if (IS_SESSID(sudo_user.iolog_file)) {
+	    sessid[0] = sudo_user.iolog_file[0];
+	    sessid[1] = sudo_user.iolog_file[1];
+	    sessid[2] = sudo_user.iolog_file[3];
+	    sessid[3] = sudo_user.iolog_file[4];
+	    sessid[4] = sudo_user.iolog_file[6];
+	    sessid[5] = sudo_user.iolog_file[7];
+	    sessid[6] = '\0';
+	    tsid = sessid;
+	} else {
+	    tsid = sudo_user.iolog_file;
+	}
+    }
+#endif
+
+    /*
+     * Compute line length
+     */
+    if (message != NULL)
+	len += strlen(message) + 3;
+    if (errstr != NULL)
+	len += strlen(errstr) + 3;
+    len += sizeof(LL_TTY_STR) + 2 + strlen(user_tty);
+    len += sizeof(LL_CWD_STR) + 2 + strlen(user_cwd);
+    if (runas_pw != NULL)
+	len += sizeof(LL_USER_STR) + 2 + strlen(runas_pw->pw_name);
+    if (runas_gr != NULL)
+	len += sizeof(LL_GROUP_STR) + 2 + strlen(runas_gr->gr_name);
+    if (tsid != NULL)
+	len += sizeof(LL_TSID_STR) + 2 + strlen(tsid);
+    if (sudo_user.env_vars != NULL) {
+	size_t evlen = 0;
+	char * const *ep;
+
+	for (ep = sudo_user.env_vars; *ep != NULL; ep++)
+	    evlen += strlen(*ep) + 1;
+	if (evlen != 0) {
+	    if ((evstr = malloc(evlen)) == NULL)
+		goto oom;
+	    evstr[0] = '\0';
+	    for (ep = sudo_user.env_vars; *ep != NULL; ep++) {
+		strlcat(evstr, *ep, evlen);
+		strlcat(evstr, " ", evlen);	/* NOTE: last one will fail */
+	    }
+	    len += sizeof(LL_ENV_STR) + 2 + evlen;
+	}
+    }
+    if (user_cmnd != NULL) {
+	/* Note: we log "sudo -l command arg ..." as "list command arg ..." */
+	len += sizeof(LL_CMND_STR) - 1 + strlen(user_cmnd);
+	if (ISSET(sudo_mode, MODE_CHECK))
+	    len += sizeof("list ") - 1;
+	if (user_args != NULL)
+	    len += strlen(user_args) + 1;
+    }
+
+    /*
+     * Allocate and build up the line.
+     */
+    if ((line = malloc(++len)) == NULL)
+	goto oom;
+    line[0] = '\0';
+
+    if (message != NULL) {
+	if (strlcat(line, message, len) >= len ||
+	    strlcat(line, errstr ? " : " : " ; ", len) >= len)
+	    goto toobig;
+    }
+    if (errstr != NULL) {
+	if (strlcat(line, errstr, len) >= len ||
+	    strlcat(line, " ; ", len) >= len)
+	    goto toobig;
+    }
+    if (strlcat(line, LL_TTY_STR, len) >= len ||
+	strlcat(line, user_tty, len) >= len ||
+	strlcat(line, " ; ", len) >= len)
+	goto toobig;
+    if (strlcat(line, LL_CWD_STR, len) >= len ||
+	strlcat(line, user_cwd, len) >= len ||
+	strlcat(line, " ; ", len) >= len)
+	goto toobig;
+    if (runas_pw != NULL) {
+	if (strlcat(line, LL_USER_STR, len) >= len ||
+	    strlcat(line, runas_pw->pw_name, len) >= len ||
+	    strlcat(line, " ; ", len) >= len)
+	    goto toobig;
+    }
+    if (runas_gr != NULL) {
+	if (strlcat(line, LL_GROUP_STR, len) >= len ||
+	    strlcat(line, runas_gr->gr_name, len) >= len ||
+	    strlcat(line, " ; ", len) >= len)
+	    goto toobig;
+    }
+    if (tsid != NULL) {
+	if (strlcat(line, LL_TSID_STR, len) >= len ||
+	    strlcat(line, tsid, len) >= len ||
+	    strlcat(line, " ; ", len) >= len)
+	    goto toobig;
+    }
+    if (evstr != NULL) {
+	if (strlcat(line, LL_ENV_STR, len) >= len ||
+	    strlcat(line, evstr, len) >= len ||
+	    strlcat(line, " ; ", len) >= len)
+	    goto toobig;
+	free(evstr);
+	evstr = NULL;
+    }
+    if (user_cmnd != NULL) {
+	if (strlcat(line, LL_CMND_STR, len) >= len)
+	    goto toobig;
+	if (ISSET(sudo_mode, MODE_CHECK) && strlcat(line, "list ", len) >= len)
+	    goto toobig;
+	if (strlcat(line, user_cmnd, len) >= len)
+	    goto toobig;
+	if (user_args != NULL) {
+	    if (strlcat(line, " ", len) >= len ||
+		strlcat(line, user_args, len) >= len)
+		goto toobig;
+	}
+    }
+
+    debug_return_str(line);
+oom:
+    free(evstr);
+    sudo_warnx(U_("%s: %s"), __func__, U_("unable to allocate memory"));
+    debug_return_str(NULL);
+toobig:
+    free(evstr);
+    free(line);
+    sudo_warnx(U_("internal error, %s overflow"), __func__);
+    debug_return_str(NULL);
+}
diff --git a/plugins/sudoers/logging.h b/plugins/sudoers/logging.h
new file mode 100644
index 0000000..c7e99ae
--- /dev/null
+++ b/plugins/sudoers/logging.h
@@ -0,0 +1,83 @@
+/*
+ * Copyright (c) 1999-2005, 2009-2018
+ *	Todd C. Miller <Todd.Miller@sudo.ws>
+ *
+ * Permission to use, copy, modify, and distribute this software for any
+ * purpose with or without fee is hereby granted, provided that the above
+ * copyright notice and this permission notice appear in all copies.
+ *
+ * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
+ * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
+ * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
+ * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
+ * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
+ * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
+ * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
+ */
+
+#ifndef SUDOERS_LOGGING_H
+#define SUDOERS_LOGGING_H
+
+#ifdef __STDC__
+# include <stdarg.h>
+#else
+# include <varargs.h>
+#endif
+
+/*
+ * Values for sudoers_setlocale()
+ */
+#define SUDOERS_LOCALE_USER     0
+#define SUDOERS_LOCALE_SUDOERS  1
+
+/* Logging types */
+#define SLOG_SYSLOG		0x01
+#define SLOG_FILE		0x02
+#define SLOG_BOTH		0x03
+
+/* Flags for log_warning()/log_warningx() */
+#define SLOG_USE_ERRNO		0x01	/* internal use only */
+#define SLOG_GAI_ERRNO		0x02	/* internal use only */
+#define SLOG_RAW_MSG		0x04	/* do not format msg before logging */
+#define SLOG_SEND_MAIL		0x08	/* log via mail */
+#define SLOG_NO_STDERR		0x10	/* do not log via stderr */
+#define SLOG_NO_LOG		0x20	/* do not log via file or syslog */
+
+/*
+ * Maximum number of characters to log per entry.  The syslogger
+ * will log this much, after that, it truncates the log line.
+ * We need this here to make sure that we continue with another
+ * syslog(3) call if the internal buffer is more than 1023 characters.
+ */
+#ifndef MAXSYSLOGLEN
+# define MAXSYSLOGLEN		960
+#endif
+
+/*
+ * Indentation level for file-based logs when word wrap is enabled.
+ */
+#define LOG_INDENT	"    "
+
+/* XXX - needed for auditing */
+extern int NewArgc;
+extern char **NewArgv;
+
+union sudo_defs_val;
+
+bool sudoers_warn_setlocale(bool restore, int *cookie);
+bool sudoers_setlocale(int newlocale, int *prevlocale);
+int sudoers_getlocale(void);
+int audit_success(int argc, char *argv[]);
+int audit_failure(int argc, char *argv[], char const *const fmt, ...) __printflike(3, 4);
+bool log_allowed(int status);
+bool log_auth_failure(int status, unsigned int tries);
+bool log_denial(int status, bool inform_user);
+bool log_failure(int status, int flags);
+bool log_warning(int flags, const char *fmt, ...) __printflike(2, 3);
+bool log_warningx(int flags, const char *fmt, ...) __printflike(2, 3);
+bool gai_log_warning(int flags, int errnum, const char *fmt, ...) __printflike(3, 4);
+bool sudoers_initlocale(const char *ulocale, const char *slocale);
+bool sudoers_locale_callback(const union sudo_defs_val *);
+int writeln_wrap(FILE *fp, char *line, size_t len, size_t maxlen);
+
+#endif /* SUDOERS_LOGGING_H */
diff --git a/plugins/sudoers/logwrap.c b/plugins/sudoers/logwrap.c
new file mode 100644
index 0000000..b10e465
--- /dev/null
+++ b/plugins/sudoers/logwrap.c
@@ -0,0 +1,80 @@
+/*
+ * Copyright (c) 2011, 2014-2016 Todd C. Miller <Todd.Miller@sudo.ws>
+ *
+ * Permission to use, copy, modify, and distribute this software for any
+ * purpose with or without fee is hereby granted, provided that the above
+ * copyright notice and this permission notice appear in all copies.
+ *
+ * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
+ * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
+ * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
+ * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
+ * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
+ * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
+ * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
+ */
+
+/*
+ * This is an open source non-commercial project. Dear PVS-Studio, please check it.
+ * PVS-Studio Static Code Analyzer for C, C++ and C#: http://www.viva64.com
+ */
+
+#include <config.h>
+
+#include <sys/types.h>
+#include <stdio.h>
+#include <stdlib.h>
+#ifdef HAVE_STRING_H
+# include <string.h>
+#endif /* HAVE_STRING_H */
+#ifdef HAVE_STRINGS_H
+# include <strings.h>
+#endif /* HAVE_STRINGS_H */
+
+#include "sudoers.h"
+
+int
+writeln_wrap(FILE *fp, char *line, size_t linelen, size_t maxlen)
+{
+    char *indent = "";
+    char *beg = line;
+    char *end;
+    int len, outlen = 0;
+    debug_decl(writeln_wrap, SUDOERS_DEBUG_LOGGING)
+
+    /*
+     * Print out line with word wrap around maxlen characters.
+     */
+    while (linelen > maxlen) {
+	end = beg + maxlen;
+	while (end != beg && *end != ' ')
+	    end--;
+	if (beg == end) {
+	    /* Unable to find word break within maxlen, look beyond. */
+	    end = strchr(beg + maxlen, ' ');
+	    if (end == NULL)
+		break;	/* no word break */
+	}
+	len = fprintf(fp, "%s%.*s\n", indent, (int)(end - beg), beg);
+	if (len < 0)
+	    debug_return_int(-1);
+	outlen += len;
+	while (*end == ' ')
+	    end++;
+	linelen -= (end - beg);
+	beg = end;
+	if (indent[0] == '\0') {
+	    indent = LOG_INDENT;
+	    maxlen -= sizeof(LOG_INDENT) - 1;
+	}
+    }
+    /* Print remainder, if any. */
+    if (linelen) {
+	len = fprintf(fp, "%s%s\n", indent, beg);
+	if (len < 0)
+	    debug_return_int(-1);
+	outlen += len;
+    }
+
+    debug_return_int(outlen);
+}
diff --git a/plugins/sudoers/match.c b/plugins/sudoers/match.c
new file mode 100644
index 0000000..7c8e9d8
--- /dev/null
+++ b/plugins/sudoers/match.c
@@ -0,0 +1,1281 @@
+/*
+ * Copyright (c) 1996, 1998-2005, 2007-2018
+ *	Todd C. Miller <Todd.Miller@sudo.ws>
+ *
+ * Permission to use, copy, modify, and distribute this software for any
+ * purpose with or without fee is hereby granted, provided that the above
+ * copyright notice and this permission notice appear in all copies.
+ *
+ * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
+ * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
+ * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
+ * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
+ * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
+ * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
+ * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
+ *
+ * Sponsored in part by the Defense Advanced Research Projects
+ * Agency (DARPA) and Air Force Research Laboratory, Air Force
+ * Materiel Command, USAF, under agreement number F39502-99-1-0512.
+ */
+
+/*
+ * This is an open source non-commercial project. Dear PVS-Studio, please check it.
+ * PVS-Studio Static Code Analyzer for C, C++ and C#: http://www.viva64.com
+ */
+
+#include <config.h>
+
+#include <sys/types.h>
+#include <sys/stat.h>
+#ifdef HAVE_SYS_SYSTEMINFO_H
+# include <sys/systeminfo.h>
+#endif
+#include <stdio.h>
+#include <stdlib.h>
+#ifdef HAVE_STRING_H
+# include <string.h>
+#endif /* HAVE_STRING_H */
+#ifdef HAVE_STRINGS_H
+# include <strings.h>
+#endif /* HAVE_STRINGS_H */
+#if defined(HAVE_STDINT_H)
+# include <stdint.h>
+#elif defined(HAVE_INTTYPES_H)
+# include <inttypes.h>
+#endif
+#include <unistd.h>
+#ifndef SUDOERS_NAME_MATCH
+# ifdef HAVE_GLOB
+#  include <glob.h>
+# else
+#  include "compat/glob.h"
+# endif /* HAVE_GLOB */
+#endif /* SUDOERS_NAME_MATCH */
+#ifdef HAVE_NETGROUP_H
+# include <netgroup.h>
+#else
+# include <netdb.h>
+#endif /* HAVE_NETGROUP_H */
+#include <dirent.h>
+#include <fcntl.h>
+#include <pwd.h>
+#include <grp.h>
+#include <errno.h>
+
+#include "sudoers.h"
+#include <gram.h>
+
+#ifdef HAVE_FNMATCH
+# include <fnmatch.h>
+#else
+# include "compat/fnmatch.h"
+#endif /* HAVE_FNMATCH */
+
+#if !defined(O_EXEC) && defined(O_PATH)
+# define O_EXEC O_PATH
+#endif
+
+static struct member_list empty = TAILQ_HEAD_INITIALIZER(empty);
+
+static bool command_matches_dir(const char *sudoers_dir, size_t dlen, const struct command_digest *digest);
+#ifndef SUDOERS_NAME_MATCH
+static bool command_matches_glob(const char *sudoers_cmnd, const char *sudoers_args, const struct command_digest *digest);
+#endif
+static bool command_matches_fnmatch(const char *sudoers_cmnd, const char *sudoers_args, const struct command_digest *digest);
+static bool command_matches_normal(const char *sudoers_cmnd, const char *sudoers_args, const struct command_digest *digest);
+static bool digest_matches(int fd, const char *file, const struct command_digest *digest);
+
+/*
+ * Returns true if string 's' contains meta characters.
+ */
+#define has_meta(s)	(strpbrk(s, "\\?*[]") != NULL)
+
+/*
+ * Check whether user described by pw matches member.
+ * Returns ALLOW, DENY or UNSPEC.
+ */
+int
+user_matches(struct sudoers_parse_tree *parse_tree, const struct passwd *pw,
+    const struct member *m)
+{
+    struct alias *a;
+    int matched = UNSPEC;
+    debug_decl(user_matches, SUDOERS_DEBUG_MATCH)
+
+    switch (m->type) {
+	case ALL:
+	    matched = !m->negated;
+	    break;
+	case NETGROUP:
+	    if (netgr_matches(m->name,
+		def_netgroup_tuple ? user_runhost : NULL,
+		def_netgroup_tuple ? user_srunhost : NULL, pw->pw_name))
+		matched = !m->negated;
+	    break;
+	case USERGROUP:
+	    if (usergr_matches(m->name, pw->pw_name, pw))
+		matched = !m->negated;
+	    break;
+	case ALIAS:
+	    if ((a = alias_get(parse_tree, m->name, USERALIAS)) != NULL) {
+		/* XXX */
+		int rc = userlist_matches(parse_tree, pw, &a->members);
+		if (rc != UNSPEC)
+		    matched = m->negated ? !rc : rc;
+		alias_put(a);
+		break;
+	    }
+	    /* FALLTHROUGH */
+	case WORD:
+	    if (userpw_matches(m->name, pw->pw_name, pw))
+		matched = !m->negated;
+	    break;
+    }
+    debug_return_int(matched);
+}
+
+/*
+ * Check for user described by pw in a list of members.
+ * Returns ALLOW, DENY or UNSPEC.
+ */
+int
+userlist_matches(struct sudoers_parse_tree *parse_tree, const struct passwd *pw,
+    const struct member_list *list)
+{
+    struct member *m;
+    int matched = UNSPEC;
+    debug_decl(userlist_matches, SUDOERS_DEBUG_MATCH)
+
+    TAILQ_FOREACH_REVERSE(m, list, member_list, entries) {
+	if ((matched = user_matches(parse_tree, pw, m)) != UNSPEC)
+	    break;
+    }
+    debug_return_int(matched);
+}
+
+struct gid_list *
+runas_getgroups(void)
+{
+    const struct passwd *pw;
+    debug_decl(runas_getgroups, SUDOERS_DEBUG_MATCH)
+
+    if (def_preserve_groups) {
+	sudo_gidlist_addref(user_gid_list);
+	debug_return_ptr(user_gid_list);
+    }
+
+    /* Only use results from a group db query, not the front end. */
+    pw = runas_pw ? runas_pw : sudo_user.pw;
+    debug_return_ptr(sudo_get_gidlist(pw, ENTRY_TYPE_QUERIED));
+}
+
+/*
+ * Check for user described by pw in a list of members.
+ * If both lists are empty compare against def_runas_default.
+ * Returns ALLOW, DENY or UNSPEC.
+ */
+int
+runaslist_matches(struct sudoers_parse_tree *parse_tree,
+    const struct member_list *user_list, const struct member_list *group_list,
+    struct member **matching_user, struct member **matching_group)
+{
+    struct member *m;
+    struct alias *a;
+    int rc;
+    int user_matched = UNSPEC;
+    int group_matched = UNSPEC;
+    debug_decl(runaslist_matches, SUDOERS_DEBUG_MATCH)
+
+    if (ISSET(sudo_user.flags, RUNAS_USER_SPECIFIED) || !ISSET(sudo_user.flags, RUNAS_GROUP_SPECIFIED)) {
+	/* If no runas user or runas group listed in sudoers, use default. */
+	if (user_list == NULL && group_list == NULL) {
+	    debug_return_int(userpw_matches(def_runas_default,
+		runas_pw->pw_name, runas_pw));
+	}
+
+	if (user_list != NULL) {
+	    TAILQ_FOREACH_REVERSE(m, user_list, member_list, entries) {
+		switch (m->type) {
+		    case ALL:
+			user_matched = !m->negated;
+			break;
+		    case NETGROUP:
+			if (netgr_matches(m->name,
+			    def_netgroup_tuple ? user_runhost : NULL,
+			    def_netgroup_tuple ? user_srunhost : NULL,
+			    runas_pw->pw_name))
+			    user_matched = !m->negated;
+			break;
+		    case USERGROUP:
+			if (usergr_matches(m->name, runas_pw->pw_name, runas_pw))
+			    user_matched = !m->negated;
+			break;
+		    case ALIAS:
+			a = alias_get(parse_tree, m->name, RUNASALIAS);
+			if (a != NULL) {
+			    rc = runaslist_matches(parse_tree, &a->members,
+				&empty, matching_user, NULL);
+			    if (rc != UNSPEC)
+				user_matched = m->negated ? !rc : rc;
+			    alias_put(a);
+			    break;
+			}
+			/* FALLTHROUGH */
+		    case WORD:
+			if (userpw_matches(m->name, runas_pw->pw_name, runas_pw))
+			    user_matched = !m->negated;
+			break;
+		    case MYSELF:
+			if (!ISSET(sudo_user.flags, RUNAS_USER_SPECIFIED) ||
+			    strcmp(user_name, runas_pw->pw_name) == 0)
+			    user_matched = !m->negated;
+			break;
+		}
+		if (user_matched != UNSPEC) {
+		    if (matching_user != NULL && m->type != ALIAS)
+			*matching_user = m;
+		    break;
+		}
+	    }
+	}
+    }
+
+    /*
+     * Skip checking runas group if none was specified.
+     */
+    if (ISSET(sudo_user.flags, RUNAS_GROUP_SPECIFIED)) {
+	if (user_matched == UNSPEC) {
+	    if (strcmp(user_name, runas_pw->pw_name) == 0)
+		user_matched = ALLOW;	/* only changing group */
+	}
+	if (group_list != NULL) {
+	    TAILQ_FOREACH_REVERSE(m, group_list, member_list, entries) {
+		switch (m->type) {
+		    case ALL:
+			group_matched = !m->negated;
+			break;
+		    case ALIAS:
+			a = alias_get(parse_tree, m->name, RUNASALIAS);
+			if (a != NULL) {
+			    rc = runaslist_matches(parse_tree, &empty,
+				&a->members, NULL, matching_group);
+			    if (rc != UNSPEC)
+				group_matched = m->negated ? !rc : rc;
+			    alias_put(a);
+			    break;
+			}
+			/* FALLTHROUGH */
+		    case WORD:
+			if (group_matches(m->name, runas_gr))
+			    group_matched = !m->negated;
+			break;
+		}
+		if (group_matched != UNSPEC) {
+		    if (matching_group != NULL && m->type != ALIAS)
+			*matching_group = m;
+		    break;
+		}
+	    }
+	}
+	if (group_matched == UNSPEC) {
+	    struct gid_list *runas_groups;
+	    /*
+	     * The runas group was not explicitly allowed by sudoers.
+	     * Check whether it is one of the target user's groups.
+	     */
+	    if (runas_pw->pw_gid == runas_gr->gr_gid) {
+		group_matched = ALLOW;	/* runas group matches passwd db */
+	    } else if ((runas_groups = runas_getgroups()) != NULL) {
+		int i;
+
+		for (i = 0; i < runas_groups->ngids; i++) {
+		    if (runas_groups->gids[i] == runas_gr->gr_gid) {
+			group_matched = ALLOW;	/* matched aux group vector */
+			break;
+		    }
+		}
+		sudo_gidlist_delref(runas_groups);
+	    }
+	}
+    }
+
+    if (user_matched == DENY || group_matched == DENY)
+	debug_return_int(DENY);
+    if (user_matched == group_matched || runas_gr == NULL)
+	debug_return_int(user_matched);
+    debug_return_int(UNSPEC);
+}
+
+/*
+ * Check for lhost and shost in a list of members.
+ * Returns ALLOW, DENY or UNSPEC.
+ */
+static int
+hostlist_matches_int(struct sudoers_parse_tree *parse_tree,
+    const struct passwd *pw, const char *lhost, const char *shost,
+    const struct member_list *list)
+{
+    struct member *m;
+    int matched = UNSPEC;
+    debug_decl(hostlist_matches, SUDOERS_DEBUG_MATCH)
+
+    TAILQ_FOREACH_REVERSE(m, list, member_list, entries) {
+	matched = host_matches(parse_tree, pw, lhost, shost, m);
+	if (matched != UNSPEC)
+	    break;
+    }
+    debug_return_int(matched);
+}
+
+/*
+ * Check for user_runhost and user_srunhost in a list of members.
+ * Returns ALLOW, DENY or UNSPEC.
+ */
+int
+hostlist_matches(struct sudoers_parse_tree *parse_tree, const struct passwd *pw,
+    const struct member_list *list)
+{
+    return hostlist_matches_int(parse_tree, pw, user_runhost, user_srunhost, list);
+}
+
+/*
+ * Check whether host or shost matches member.
+ * Returns ALLOW, DENY or UNSPEC.
+ */
+int
+host_matches(struct sudoers_parse_tree *parse_tree, const struct passwd *pw,
+    const char *lhost, const char *shost, const struct member *m)
+{
+    struct alias *a;
+    int matched = UNSPEC;
+    debug_decl(host_matches, SUDOERS_DEBUG_MATCH)
+
+    switch (m->type) {
+	case ALL:
+	    matched = !m->negated;
+	    break;
+	case NETGROUP:
+	    if (netgr_matches(m->name, lhost, shost,
+		def_netgroup_tuple ? pw->pw_name : NULL))
+		matched = !m->negated;
+	    break;
+	case NTWKADDR:
+	    if (addr_matches(m->name))
+		matched = !m->negated;
+	    break;
+	case ALIAS:
+	    a = alias_get(parse_tree, m->name, HOSTALIAS);
+	    if (a != NULL) {
+		/* XXX */
+		int rc = hostlist_matches_int(parse_tree, pw, lhost, shost,
+		    &a->members);
+		if (rc != UNSPEC)
+		    matched = m->negated ? !rc : rc;
+		alias_put(a);
+		break;
+	    }
+	    /* FALLTHROUGH */
+	case WORD:
+	    if (hostname_matches(shost, lhost, m->name))
+		matched = !m->negated;
+	    break;
+    }
+    debug_return_int(matched);
+}
+
+/*
+ * Check for cmnd and args in a list of members.
+ * Returns ALLOW, DENY or UNSPEC.
+ */
+int
+cmndlist_matches(struct sudoers_parse_tree *parse_tree,
+    const struct member_list *list)
+{
+    struct member *m;
+    int matched = UNSPEC;
+    debug_decl(cmndlist_matches, SUDOERS_DEBUG_MATCH)
+
+    TAILQ_FOREACH_REVERSE(m, list, member_list, entries) {
+	matched = cmnd_matches(parse_tree, m);
+	if (matched != UNSPEC)
+	    break;
+    }
+    debug_return_int(matched);
+}
+
+/*
+ * Check cmnd and args.
+ * Returns ALLOW, DENY or UNSPEC.
+ */
+int
+cmnd_matches(struct sudoers_parse_tree *parse_tree, const struct member *m)
+{
+    struct alias *a;
+    struct sudo_command *c;
+    int rc, matched = UNSPEC;
+    debug_decl(cmnd_matches, SUDOERS_DEBUG_MATCH)
+
+    switch (m->type) {
+	case ALL:
+	    matched = !m->negated;
+	    break;
+	case ALIAS:
+	    a = alias_get(parse_tree, m->name, CMNDALIAS);
+	    if (a != NULL) {
+		rc = cmndlist_matches(parse_tree, &a->members);
+		if (rc != UNSPEC)
+		    matched = m->negated ? !rc : rc;
+		alias_put(a);
+	    }
+	    break;
+	case COMMAND:
+	    c = (struct sudo_command *)m->name;
+	    if (command_matches(c->cmnd, c->args, c->digest))
+		matched = !m->negated;
+	    break;
+    }
+    debug_return_int(matched);
+}
+
+static bool
+command_args_match(const char *sudoers_cmnd, const char *sudoers_args)
+{
+    int flags = 0;
+    debug_decl(command_args_match, SUDOERS_DEBUG_MATCH)
+
+    /*
+     * If no args specified in sudoers, any user args are allowed.
+     * If the empty string is specified in sudoers, no user args are allowed.
+     */
+    if (!sudoers_args || (!user_args && !strcmp("\"\"", sudoers_args)))
+	debug_return_bool(true);
+
+    /*
+     * If args are specified in sudoers, they must match the user args.
+     * If running as sudoedit, all args are assumed to be paths.
+     */
+    if (strcmp(sudoers_cmnd, "sudoedit") == 0)
+	flags = FNM_PATHNAME;
+    if (fnmatch(sudoers_args, user_args ? user_args : "", flags) == 0)
+	debug_return_bool(true);
+
+    debug_return_bool(false);
+}
+
+/*
+ * If path doesn't end in /, return true iff cmnd & path name the same inode;
+ * otherwise, return true if user_cmnd names one of the inodes in path.
+ */
+bool
+command_matches(const char *sudoers_cmnd, const char *sudoers_args, const struct command_digest *digest)
+{
+    bool rc = false;
+    debug_decl(command_matches, SUDOERS_DEBUG_MATCH)
+
+    /* Check for pseudo-commands */
+    if (sudoers_cmnd[0] != '/') {
+	/*
+	 * Return true if both sudoers_cmnd and user_cmnd are "sudoedit" AND
+	 *  a) there are no args in sudoers OR
+	 *  b) there are no args on command line and none req by sudoers OR
+	 *  c) there are args in sudoers and on command line and they match
+	 */
+	if (strcmp(sudoers_cmnd, "sudoedit") == 0 &&
+	    strcmp(user_cmnd, "sudoedit") == 0 &&
+	    command_args_match(sudoers_cmnd, sudoers_args)) {
+	    /* No need to set safe_cmnd since user_cmnd matches sudoers_cmnd */
+	    rc = true;
+	}
+	goto done;
+    }
+
+    if (has_meta(sudoers_cmnd)) {
+	/*
+	 * If sudoers_cmnd has meta characters in it, we need to
+	 * use glob(3) and/or fnmatch(3) to do the matching.
+	 */
+#ifdef SUDOERS_NAME_MATCH
+	rc = command_matches_fnmatch(sudoers_cmnd, sudoers_args, digest);
+#else
+	if (def_fast_glob)
+	    rc = command_matches_fnmatch(sudoers_cmnd, sudoers_args, digest);
+	else
+	    rc = command_matches_glob(sudoers_cmnd, sudoers_args, digest);
+#endif
+    } else {
+	rc = command_matches_normal(sudoers_cmnd, sudoers_args, digest);
+    }
+done:
+    sudo_debug_printf(SUDO_DEBUG_DEBUG|SUDO_DEBUG_LINENO,
+	"user command \"%s%s%s\" matches sudoers command \"%s%s%s\": %s",
+	user_cmnd, user_args ? " " : "", user_args ? user_args : "",
+	sudoers_cmnd, sudoers_args ? " " : "", sudoers_args ? sudoers_args : "",
+	rc ? "true" : "false");
+    debug_return_bool(rc);
+}
+
+/*
+ * Stat file by fd is possible, else by path.
+ * Returns true on success, else false.
+ */
+static bool
+do_stat(int fd, const char *path, struct stat *sb)
+{
+    debug_decl(do_stat, SUDOERS_DEBUG_MATCH)
+
+    if (fd != -1)
+	debug_return_bool(fstat(fd, sb) == 0);
+    debug_return_bool(stat(path, sb) == 0);
+}
+
+/*
+ * Check whether the fd refers to a shell script with a "#!" shebang.
+ */
+static bool
+is_script(int fd)
+{
+    bool ret = false;
+    char magic[2];
+    debug_decl(is_script, SUDOERS_DEBUG_MATCH)
+
+    if (read(fd, magic, 2) == 2) {
+	if (magic[0] == '#' && magic[1] == '!')
+	    ret = true;
+    }
+    if (lseek(fd, (off_t)0, SEEK_SET) == -1) {
+	sudo_debug_printf(SUDO_DEBUG_ERROR|SUDO_DEBUG_ERRNO|SUDO_DEBUG_LINENO,
+	    "unable to rewind script fd");
+    }
+    debug_return_int(ret);
+}
+
+/*
+ * Open path if fdexec is enabled or if a digest is present.
+ * Returns false on error, else true.
+ */
+static bool
+open_cmnd(const char *path, const struct command_digest *digest, int *fdp)
+{
+    int fd = -1;
+    debug_decl(open_cmnd, SUDOERS_DEBUG_MATCH)
+
+    /* Only open the file for fdexec or for digest matching. */
+    if (def_fdexec != always && digest == NULL)
+	debug_return_bool(true);
+
+    fd = open(path, O_RDONLY|O_NONBLOCK);
+# ifdef O_EXEC
+    if (fd == -1 && errno == EACCES && digest == NULL) {
+	/* Try again with O_EXEC if no digest is specified. */
+	const int saved_errno = errno;
+	if ((fd = open(path, O_EXEC)) == -1)
+	    errno = saved_errno;
+    }
+# endif
+    if (fd == -1)
+	debug_return_bool(false);
+
+    (void)fcntl(fd, F_SETFD, FD_CLOEXEC);
+    *fdp = fd;
+    debug_return_bool(true);
+}
+
+static void
+set_cmnd_fd(int fd)
+{
+    debug_decl(set_cmnd_fd, SUDOERS_DEBUG_MATCH)
+
+    if (cmnd_fd != -1)
+	close(cmnd_fd);
+
+    if (fd != -1) {
+	if (def_fdexec == never) {
+	    /* Never use fexedcve() */
+	    close(fd);
+	    fd = -1;
+	} else if (is_script(fd)) {
+	    char fdpath[PATH_MAX];
+	    struct stat sb;
+	    int flags;
+
+	    /* We can only use fexecve() on a script if /dev/fd/N exists. */
+	    snprintf(fdpath, sizeof(fdpath), "/dev/fd/%d", fd);
+	    if (stat(fdpath, &sb) != 0) {
+		/* Missing /dev/fd file, can't use fexecve(). */
+		close(fd);
+		fd = -1;
+	    } else {
+		/*
+		 * Shell scripts go through namei twice so we can't have the
+		 * close on exec flag set on the fd for fexecve(2).
+		 */
+		flags = fcntl(fd, F_GETFD) & ~FD_CLOEXEC;
+		(void)fcntl(fd, F_SETFD, flags);
+	    }
+	}
+    }
+
+    cmnd_fd = fd;
+
+    debug_return;
+}
+
+static bool
+command_matches_fnmatch(const char *sudoers_cmnd, const char *sudoers_args,
+    const struct command_digest *digest)
+{
+    struct stat sb; /* XXX - unused */
+    int fd = -1;
+    debug_decl(command_matches_fnmatch, SUDOERS_DEBUG_MATCH)
+
+    /*
+     * Return true if fnmatch(3) succeeds AND
+     *  a) there are no args in sudoers OR
+     *  b) there are no args on command line and none required by sudoers OR
+     *  c) there are args in sudoers and on command line and they match
+     * else return false.
+     */
+    if (fnmatch(sudoers_cmnd, user_cmnd, FNM_PATHNAME) != 0)
+	debug_return_bool(false);
+    if (command_args_match(sudoers_cmnd, sudoers_args)) {
+	/* Open the file for fdexec or for digest matching. */
+	if (!open_cmnd(user_cmnd, digest, &fd))
+	    goto bad;
+	if (!do_stat(fd, user_cmnd, &sb))
+	    goto bad;
+	/* Check digest of user_cmnd since sudoers_cmnd is a pattern. */
+	if (digest != NULL && !digest_matches(fd, user_cmnd, digest))
+	    goto bad;
+	set_cmnd_fd(fd);
+
+	/* No need to set safe_cmnd since user_cmnd matches sudoers_cmnd */
+	debug_return_bool(true);
+bad:
+	if (fd != -1) {
+	    close(fd);
+	    fd = -1;
+	}
+	debug_return_bool(false);
+    }
+    debug_return_bool(false);
+}
+
+#ifndef SUDOERS_NAME_MATCH
+static bool
+command_matches_glob(const char *sudoers_cmnd, const char *sudoers_args,
+    const struct command_digest *digest)
+{
+    struct stat sudoers_stat;
+    bool bad_digest = false;
+    char **ap, *base, *cp;
+    int fd = -1;
+    size_t dlen;
+    glob_t gl;
+    debug_decl(command_matches_glob, SUDOERS_DEBUG_MATCH)
+
+    /*
+     * First check to see if we can avoid the call to glob(3).
+     * Short circuit if there are no meta chars in the command itself
+     * and user_base and basename(sudoers_cmnd) don't match.
+     */
+    dlen = strlen(sudoers_cmnd);
+    if (sudoers_cmnd[dlen - 1] != '/') {
+	if ((base = strrchr(sudoers_cmnd, '/')) != NULL) {
+	    base++;
+	    if (!has_meta(base) && strcmp(user_base, base) != 0)
+		debug_return_bool(false);
+	}
+    }
+    /*
+     * Return true if we find a match in the glob(3) results AND
+     *  a) there are no args in sudoers OR
+     *  b) there are no args on command line and none required by sudoers OR
+     *  c) there are args in sudoers and on command line and they match
+     * else return false.
+     */
+    if (glob(sudoers_cmnd, GLOB_NOSORT, NULL, &gl) != 0 || gl.gl_pathc == 0) {
+	globfree(&gl);
+	debug_return_bool(false);
+    }
+    /* If user_cmnd is fully-qualified, check for an exact match. */
+    if (user_cmnd[0] == '/') {
+	for (ap = gl.gl_pathv; (cp = *ap) != NULL; ap++) {
+	    if (fd != -1) {
+		close(fd);
+		fd = -1;
+	    }
+	    if (strcmp(cp, user_cmnd) != 0)
+		continue;
+	    /* Open the file for fdexec or for digest matching. */
+	    if (!open_cmnd(cp, digest, &fd))
+		continue;
+	    if (!do_stat(fd, cp, &sudoers_stat))
+		continue;
+	    if (user_stat == NULL ||
+		(user_stat->st_dev == sudoers_stat.st_dev &&
+		user_stat->st_ino == sudoers_stat.st_ino)) {
+		/* There could be multiple matches, check digest early. */
+		if (digest != NULL && !digest_matches(fd, cp, digest)) {
+		    bad_digest = true;
+		    continue;
+		}
+		free(safe_cmnd);
+		if ((safe_cmnd = strdup(cp)) == NULL) {
+		    sudo_warnx(U_("%s: %s"), __func__,
+			U_("unable to allocate memory"));
+		    cp = NULL;		/* fail closed */
+		}
+	    } else {
+		/* Paths match, but st_dev and st_ino are different. */
+		cp = NULL;		/* fail closed */
+	    }
+	    goto done;
+	}
+    }
+    /* No exact match, compare basename, st_dev and st_ino. */
+    if (!bad_digest) {
+	for (ap = gl.gl_pathv; (cp = *ap) != NULL; ap++) {
+	    if (fd != -1) {
+		close(fd);
+		fd = -1;
+	    }
+
+	    /* If it ends in '/' it is a directory spec. */
+	    dlen = strlen(cp);
+	    if (cp[dlen - 1] == '/') {
+		if (command_matches_dir(cp, dlen, digest))
+		    debug_return_bool(true);
+		continue;
+	    }
+
+	    /* Only proceed if user_base and basename(cp) match */
+	    if ((base = strrchr(cp, '/')) != NULL)
+		base++;
+	    else
+		base = cp;
+	    if (strcmp(user_base, base) != 0)
+		continue;
+
+	    /* Open the file for fdexec or for digest matching. */
+	    if (!open_cmnd(cp, digest, &fd))
+		continue;
+	    if (!do_stat(fd, cp, &sudoers_stat))
+		continue;
+	    if (user_stat == NULL ||
+		(user_stat->st_dev == sudoers_stat.st_dev &&
+		user_stat->st_ino == sudoers_stat.st_ino)) {
+		if (digest != NULL && !digest_matches(fd, cp, digest))
+		    continue;
+		free(safe_cmnd);
+		if ((safe_cmnd = strdup(cp)) == NULL) {
+		    sudo_warnx(U_("%s: %s"), __func__,
+			U_("unable to allocate memory"));
+		    cp = NULL;		/* fail closed */
+		}
+		goto done;
+	    }
+	}
+    }
+done:
+    globfree(&gl);
+    if (cp != NULL) {
+	if (command_args_match(sudoers_cmnd, sudoers_args)) {
+	    /* safe_cmnd was set above. */
+	    set_cmnd_fd(fd);
+	    debug_return_bool(true);
+	}
+    }
+    if (fd != -1)
+	close(fd);
+    debug_return_bool(false);
+}
+#endif /* SUDOERS_NAME_MATCH */
+
+#ifdef SUDOERS_NAME_MATCH
+static bool
+command_matches_normal(const char *sudoers_cmnd, const char *sudoers_args, const struct command_digest *digest)
+{
+    size_t dlen;
+    debug_decl(command_matches_normal, SUDOERS_DEBUG_MATCH)
+
+    dlen = strlen(sudoers_cmnd);
+
+    /* If it ends in '/' it is a directory spec. */
+    if (sudoers_cmnd[dlen - 1] == '/')
+	debug_return_bool(command_matches_dir(sudoers_cmnd, dlen, digest));
+
+    if (strcmp(user_cmnd, sudoers_cmnd) == 0) {
+	if (command_args_match(sudoers_cmnd, sudoers_args)) {
+	    /* XXX - check digest */
+	    free(safe_cmnd);
+	    if ((safe_cmnd = strdup(sudoers_cmnd)) != NULL)
+		debug_return_bool(true);
+	    sudo_warnx(U_("%s: %s"), __func__, U_("unable to allocate memory"));
+	}
+    }
+    debug_return_bool(false);
+}
+#else /* !SUDOERS_NAME_MATCH */
+
+static bool
+digest_matches(int fd, const char *file, const struct command_digest *digest)
+{
+    unsigned char *file_digest = NULL;
+    unsigned char *sudoers_digest = NULL;
+    bool matched = false;
+    size_t digest_len;
+    debug_decl(digest_matches, SUDOERS_DEBUG_MATCH)
+
+    file_digest = sudo_filedigest(fd, file, digest->digest_type, &digest_len);
+    if (lseek(fd, (off_t)0, SEEK_SET) == -1) {
+	sudo_debug_printf(SUDO_DEBUG_ERROR|SUDO_DEBUG_ERRNO|SUDO_DEBUG_LINENO,
+	    "unable to rewind digest fd");
+    }
+    if (file_digest == NULL) {
+	/* Warning (if any) printed by sudo_filedigest() */
+	goto done;
+    }
+
+    /* Convert the command digest from ascii to binary. */
+    if ((sudoers_digest = malloc(digest_len)) == NULL) {
+	sudo_warnx(U_("%s: %s"), __func__, U_("unable to allocate memory"));
+	goto done;
+    }
+    if (strlen(digest->digest_str) == digest_len * 2) {
+	/* Convert ascii hex to binary. */
+	unsigned int i;
+	for (i = 0; i < digest_len; i++) {
+	    const int h = hexchar(&digest->digest_str[i + i]);
+	    if (h == -1)
+		goto bad_format;
+	    sudoers_digest[i] = (unsigned char)h;
+	}
+    } else {
+	/* Convert base64 to binary. */
+	size_t len = base64_decode(digest->digest_str, sudoers_digest, digest_len);
+	if (len != digest_len) {
+	    sudo_debug_printf(SUDO_DEBUG_ERROR|SUDO_DEBUG_LINENO,
+		"incorrect length for digest, expected %zu, got %zu",
+		digest_len, len);
+	    goto bad_format;
+	}
+    }
+
+    if (memcmp(file_digest, sudoers_digest, digest_len) == 0) {
+	matched = true;
+    } else {
+	sudo_debug_printf(SUDO_DEBUG_DIAG|SUDO_DEBUG_LINENO,
+	    "%s digest mismatch for %s, expecting %s",
+	    digest_type_to_name(digest->digest_type), file, digest->digest_str);
+    }
+    goto done;
+
+bad_format:
+    sudo_warnx(U_("digest for %s (%s) is not in %s form"), file,
+	digest->digest_str, digest_type_to_name(digest->digest_type));
+done:
+    free(sudoers_digest);
+    free(file_digest);
+    debug_return_bool(matched);
+}
+
+static bool
+command_matches_normal(const char *sudoers_cmnd, const char *sudoers_args, const struct command_digest *digest)
+{
+    struct stat sudoers_stat;
+    const char *base;
+    size_t dlen;
+    int fd = -1;
+    debug_decl(command_matches_normal, SUDOERS_DEBUG_MATCH)
+
+    /* If it ends in '/' it is a directory spec. */
+    dlen = strlen(sudoers_cmnd);
+    if (sudoers_cmnd[dlen - 1] == '/')
+	debug_return_bool(command_matches_dir(sudoers_cmnd, dlen, digest));
+
+    /* Only proceed if user_base and basename(sudoers_cmnd) match */
+    if ((base = strrchr(sudoers_cmnd, '/')) == NULL)
+	base = sudoers_cmnd;
+    else
+	base++;
+    if (strcmp(user_base, base) != 0)
+	debug_return_bool(false);
+
+    /* Open the file for fdexec or for digest matching. */
+    if (!open_cmnd(sudoers_cmnd, digest, &fd))
+	goto bad;
+    if (!do_stat(fd, sudoers_cmnd, &sudoers_stat))
+	goto bad;
+
+    /*
+     * Return true if inode/device matches AND
+     *  a) there are no args in sudoers OR
+     *  b) there are no args on command line and none req by sudoers OR
+     *  c) there are args in sudoers and on command line and they match
+     *  d) there is a digest and it matches
+     */
+    if (user_stat != NULL &&
+	(user_stat->st_dev != sudoers_stat.st_dev ||
+	user_stat->st_ino != sudoers_stat.st_ino))
+	goto bad;
+    if (!command_args_match(sudoers_cmnd, sudoers_args))
+	goto bad;
+    if (digest != NULL && !digest_matches(fd, sudoers_cmnd, digest)) {
+	/* XXX - log functions not available but we should log very loudly */
+	goto bad;
+    }
+    free(safe_cmnd);
+    if ((safe_cmnd = strdup(sudoers_cmnd)) == NULL) {
+	sudo_warnx(U_("%s: %s"), __func__, U_("unable to allocate memory"));
+	goto bad;
+    }
+    set_cmnd_fd(fd);
+    debug_return_bool(true);
+bad:
+    if (fd != -1)
+	close(fd);
+    debug_return_bool(false);
+}
+#endif /* SUDOERS_NAME_MATCH */
+
+#ifdef SUDOERS_NAME_MATCH
+/*
+ * Return true if user_cmnd begins with sudoers_dir, else false.
+ * Note that sudoers_dir include the trailing '/'
+ */
+static bool
+command_matches_dir(const char *sudoers_dir, size_t dlen,
+    const struct command_digest *digest)
+{
+    debug_decl(command_matches_dir, SUDOERS_DEBUG_MATCH)
+    /* XXX - check digest */
+    debug_return_bool(strncmp(user_cmnd, sudoers_dir, dlen) == 0);
+}
+#else /* !SUDOERS_NAME_MATCH */
+/*
+ * Return true if user_cmnd names one of the inodes in dir, else false.
+ */
+static bool
+command_matches_dir(const char *sudoers_dir, size_t dlen,
+    const struct command_digest *digest)
+{
+    struct stat sudoers_stat;
+    struct dirent *dent;
+    char buf[PATH_MAX];
+    int fd = -1;
+    DIR *dirp;
+    debug_decl(command_matches_dir, SUDOERS_DEBUG_MATCH)
+
+    /*
+     * Grot through directory entries, looking for user_base.
+     */
+    dirp = opendir(sudoers_dir);
+    if (dirp == NULL)
+	debug_return_bool(false);
+
+    if (strlcpy(buf, sudoers_dir, sizeof(buf)) >= sizeof(buf)) {
+	closedir(dirp);
+	debug_return_bool(false);
+    }
+    while ((dent = readdir(dirp)) != NULL) {
+	if (fd != -1) {
+	    close(fd);
+	    fd = -1;
+	}
+
+	/* ignore paths > PATH_MAX (XXX - log) */
+	buf[dlen] = '\0';
+	if (strlcat(buf, dent->d_name, sizeof(buf)) >= sizeof(buf))
+	    continue;
+
+	/* only stat if basenames are the same */
+	if (strcmp(user_base, dent->d_name) != 0)
+	    continue;
+
+	/* Open the file for fdexec or for digest matching. */
+	if (!open_cmnd(buf, digest, &fd))
+	    continue;
+	if (!do_stat(fd, buf, &sudoers_stat))
+	    continue;
+
+	if (user_stat == NULL ||
+	    (user_stat->st_dev == sudoers_stat.st_dev &&
+	    user_stat->st_ino == sudoers_stat.st_ino)) {
+	    if (digest != NULL && !digest_matches(fd, buf, digest))
+		continue;
+	    free(safe_cmnd);
+	    if ((safe_cmnd = strdup(buf)) == NULL) {
+		sudo_warnx(U_("%s: %s"), __func__,
+		    U_("unable to allocate memory"));
+		dent = NULL;
+	    }
+	    break;
+	}
+    }
+    closedir(dirp);
+
+    if (dent != NULL) {
+	set_cmnd_fd(fd);
+	debug_return_bool(true);
+    }
+    if (fd != -1)
+	close(fd);
+    debug_return_bool(false);
+}
+#endif /* SUDOERS_NAME_MATCH */
+
+/*
+ * Returns true if the hostname matches the pattern, else false
+ */
+bool
+hostname_matches(const char *shost, const char *lhost, const char *pattern)
+{
+    const char *host;
+    bool rc;
+    debug_decl(hostname_matches, SUDOERS_DEBUG_MATCH)
+
+    host = strchr(pattern, '.') != NULL ? lhost : shost;
+    if (has_meta(pattern)) {
+	rc = !fnmatch(pattern, host, FNM_CASEFOLD);
+    } else {
+	rc = !strcasecmp(host, pattern);
+    }
+    sudo_debug_printf(SUDO_DEBUG_DEBUG|SUDO_DEBUG_LINENO,
+	"host %s matches sudoers pattern %s: %s",
+	host, pattern, rc ? "true" : "false");
+    debug_return_bool(rc);
+}
+
+/*
+ * Returns true if the user/uid from sudoers matches the specified user/uid,
+ * else returns false.
+ */
+bool
+userpw_matches(const char *sudoers_user, const char *user, const struct passwd *pw)
+{
+    const char *errstr;
+    uid_t uid;
+    bool rc;
+    debug_decl(userpw_matches, SUDOERS_DEBUG_MATCH)
+
+    if (pw != NULL && *sudoers_user == '#') {
+	uid = (uid_t) sudo_strtoid(sudoers_user + 1, NULL, NULL, &errstr);
+	if (errstr == NULL && uid == pw->pw_uid) {
+	    rc = true;
+	    goto done;
+	}
+    }
+    if (def_case_insensitive_user)
+	rc = strcasecmp(sudoers_user, user) == 0;
+    else
+	rc = strcmp(sudoers_user, user) == 0;
+done:
+    sudo_debug_printf(SUDO_DEBUG_DEBUG|SUDO_DEBUG_LINENO,
+	"user %s matches sudoers user %s: %s",
+	user, sudoers_user, rc ? "true" : "false");
+    debug_return_bool(rc);
+}
+
+/*
+ * Returns true if the group/gid from sudoers matches the specified group/gid,
+ * else returns false.
+ */
+bool
+group_matches(const char *sudoers_group, const struct group *gr)
+{
+    const char *errstr;
+    gid_t gid;
+    bool rc;
+    debug_decl(group_matches, SUDOERS_DEBUG_MATCH)
+
+    if (*sudoers_group == '#') {
+	gid = (gid_t) sudo_strtoid(sudoers_group + 1, NULL, NULL, &errstr);
+	if (errstr == NULL && gid == gr->gr_gid) {
+	    rc = true;
+	    goto done;
+	}
+    }
+    if (def_case_insensitive_group)
+	rc = strcasecmp(sudoers_group, gr->gr_name) == 0;
+    else
+	rc = strcmp(sudoers_group, gr->gr_name) == 0;
+done:
+    sudo_debug_printf(SUDO_DEBUG_DEBUG|SUDO_DEBUG_LINENO,
+	"group %s matches sudoers group %s: %s",
+	gr->gr_name, sudoers_group, rc ? "true" : "false");
+    debug_return_bool(rc);
+}
+
+/*
+ * Returns true if the given user belongs to the named group,
+ * else returns false.
+ */
+bool
+usergr_matches(const char *group, const char *user, const struct passwd *pw)
+{
+    bool matched = false;
+    struct passwd *pw0 = NULL;
+    debug_decl(usergr_matches, SUDOERS_DEBUG_MATCH)
+
+    /* Make sure we have a valid usergroup, sudo style */
+    if (*group++ != '%') {
+	sudo_debug_printf(SUDO_DEBUG_DIAG, "user group %s has no leading '%%'",
+	    group);
+	goto done;
+    }
+
+    /* Query group plugin for %:name groups. */
+    if (*group == ':' && def_group_plugin) {
+	if (group_plugin_query(user, group + 1, pw) == true)
+	    matched = true;
+	goto done;
+    }
+
+    /* Look up user's primary gid in the passwd file. */
+    if (pw == NULL) {
+	if ((pw0 = sudo_getpwnam(user)) == NULL) {
+	    sudo_debug_printf(SUDO_DEBUG_DIAG, "unable to find %s in passwd db",
+		user);
+	    goto done;
+	}
+	pw = pw0;
+    }
+
+    if (user_in_group(pw, group)) {
+	matched = true;
+	goto done;
+    }
+
+    /* Query the group plugin for Unix groups too? */
+    if (def_group_plugin && def_always_query_group_plugin) {
+	if (group_plugin_query(user, group, pw) == true) {
+	    matched = true;
+	    goto done;
+	}
+    }
+
+done:
+    if (pw0 != NULL)
+	sudo_pw_delref(pw0);
+
+    sudo_debug_printf(SUDO_DEBUG_DEBUG|SUDO_DEBUG_LINENO,
+	"user %s matches group %s: %s", user, group, matched ? "true" : "false");
+    debug_return_bool(matched);
+}
+
+#if defined(HAVE_GETDOMAINNAME) || defined(SI_SRPC_DOMAIN)
+/*
+ * Check the domain for invalid characters.
+ * Linux getdomainname(2) returns (none) if no domain is set.
+ */
+static bool
+valid_domain(const char *domain)
+{
+    const char *cp;
+    debug_decl(valid_domain, SUDOERS_DEBUG_MATCH)
+
+    for (cp = domain; *cp != '\0'; cp++) {
+	/* Check for illegal characters, Linux may use "(none)". */
+	if (*cp == '(' || *cp == ')' || *cp == ',' || *cp == ' ')
+	    break;
+    }
+    if (cp == domain || *cp != '\0')
+	debug_return_bool(false);
+    debug_return_bool(true);
+}
+
+/*
+ * Get NIS-style domain name and copy from static storage or NULL if none.
+ */
+const char *
+sudo_getdomainname(void)
+{
+    static char *domain;
+    static bool initialized;
+    debug_decl(sudo_getdomainname, SUDOERS_DEBUG_MATCH)
+
+    if (!initialized) {
+	size_t host_name_max;
+	int rc;
+
+# ifdef _SC_HOST_NAME_MAX
+	host_name_max = (size_t)sysconf(_SC_HOST_NAME_MAX);
+	if (host_name_max == (size_t)-1)
+# endif
+	    host_name_max = 255;    /* POSIX and historic BSD */
+
+	domain = malloc(host_name_max + 1);
+	if (domain != NULL) {
+	    domain[0] = '\0';
+# ifdef SI_SRPC_DOMAIN
+	    rc = sysinfo(SI_SRPC_DOMAIN, domain, host_name_max + 1);
+# else
+	    rc = getdomainname(domain, host_name_max + 1);
+# endif
+	    if (rc == -1 || !valid_domain(domain)) {
+		/* Error or invalid domain name. */
+		free(domain);
+		domain = NULL;
+	    }
+	} else {
+	    /* XXX - want to pass error back to caller */
+	    sudo_debug_printf(SUDO_DEBUG_ERROR|SUDO_DEBUG_LINENO,
+		"unable to allocate memory");
+	}
+	initialized = true;
+    }
+    debug_return_str(domain);
+}
+#else
+const char *
+sudo_getdomainname(void)
+{
+    debug_decl(sudo_getdomainname, SUDOERS_DEBUG_MATCH)
+    debug_return_ptr(NULL);
+}
+#endif /* HAVE_GETDOMAINNAME || SI_SRPC_DOMAIN */
+
+/*
+ * Returns true if "host" and "user" belong to the netgroup "netgr",
+ * else return false.  Either of "lhost", "shost" or "user" may be NULL
+ * in which case that argument is not checked...
+ */
+bool
+netgr_matches(const char *netgr, const char *lhost, const char *shost, const char *user)
+{
+#ifdef HAVE_INNETGR
+    const char *domain;
+#endif
+    bool rc = false;
+    debug_decl(netgr_matches, SUDOERS_DEBUG_MATCH)
+
+    if (!def_use_netgroups) {
+	sudo_debug_printf(SUDO_DEBUG_INFO, "netgroups are disabled");
+	debug_return_bool(false);
+    }
+
+#ifdef HAVE_INNETGR
+    /* make sure we have a valid netgroup, sudo style */
+    if (*netgr++ != '+') {
+	sudo_debug_printf(SUDO_DEBUG_DIAG, "netgroup %s has no leading '+'",
+	    netgr);
+	debug_return_bool(false);
+    }
+
+    /* get the domain name (if any) */
+    domain = sudo_getdomainname();
+
+    if (innetgr(netgr, lhost, user, domain))
+	rc = true;
+    else if (lhost != shost && innetgr(netgr, shost, user, domain))
+	rc = true;
+
+    sudo_debug_printf(SUDO_DEBUG_DEBUG|SUDO_DEBUG_LINENO,
+	"netgroup %s matches (%s|%s, %s, %s): %s", netgr, lhost ? lhost : "",
+	shost ? shost : "", user ? user : "", domain ? domain : "",
+	rc ? "true" : "false");
+#endif /* HAVE_INNETGR */
+
+    debug_return_bool(rc);
+}
diff --git a/plugins/sudoers/match_addr.c b/plugins/sudoers/match_addr.c
new file mode 100644
index 0000000..4310e05
--- /dev/null
+++ b/plugins/sudoers/match_addr.c
@@ -0,0 +1,211 @@
+/*
+ * Copyright (c) 1996, 1998-2005, 2007-2015
+ *	Todd C. Miller <Todd.Miller@sudo.ws>
+ *
+ * Permission to use, copy, modify, and distribute this software for any
+ * purpose with or without fee is hereby granted, provided that the above
+ * copyright notice and this permission notice appear in all copies.
+ *
+ * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
+ * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
+ * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
+ * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
+ * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
+ * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
+ * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
+ *
+ * Sponsored in part by the Defense Advanced Research Projects
+ * Agency (DARPA) and Air Force Research Laboratory, Air Force
+ * Materiel Command, USAF, under agreement number F39502-99-1-0512.
+ */
+
+/*
+ * This is an open source non-commercial project. Dear PVS-Studio, please check it.
+ * PVS-Studio Static Code Analyzer for C, C++ and C#: http://www.viva64.com
+ */
+
+#include <config.h>
+
+#include <sys/types.h>
+#include <sys/socket.h>
+#include <stdio.h>
+#include <stdlib.h>
+#ifdef HAVE_STRING_H
+# include <string.h>
+#endif /* HAVE_STRING_H */
+#ifdef HAVE_STRINGS_H
+# include <strings.h>
+#endif /* HAVE_STRINGS_H */
+#include <unistd.h>
+#include <netinet/in.h>
+#include <arpa/inet.h>
+#ifdef NEED_RESOLV_H
+# include <arpa/nameser.h>
+# include <resolv.h>
+#endif /* NEED_RESOLV_H */
+
+#include "sudoers.h"
+#include "interfaces.h"
+
+static bool
+addr_matches_if(const char *n)
+{
+    union sudo_in_addr_un addr;
+    struct interface *ifp;
+#ifdef HAVE_STRUCT_IN6_ADDR
+    unsigned int j;
+#endif
+    unsigned int family;
+    debug_decl(addr_matches_if, SUDOERS_DEBUG_MATCH)
+
+#ifdef HAVE_STRUCT_IN6_ADDR
+    if (inet_pton(AF_INET6, n, &addr.ip6) == 1) {
+	family = AF_INET6;
+    } else
+#endif /* HAVE_STRUCT_IN6_ADDR */
+    if (inet_pton(AF_INET, n, &addr.ip4) == 1) {
+	family = AF_INET;
+    } else {
+	debug_return_bool(false);
+    }
+
+    SLIST_FOREACH(ifp, get_interfaces(), entries) {
+	if (ifp->family != family)
+	    continue;
+	switch (family) {
+	    case AF_INET:
+		if (ifp->addr.ip4.s_addr == addr.ip4.s_addr ||
+		    (ifp->addr.ip4.s_addr & ifp->netmask.ip4.s_addr)
+		    == addr.ip4.s_addr)
+		    debug_return_bool(true);
+		break;
+#ifdef HAVE_STRUCT_IN6_ADDR
+	    case AF_INET6:
+		if (memcmp(ifp->addr.ip6.s6_addr, addr.ip6.s6_addr,
+		    sizeof(addr.ip6.s6_addr)) == 0)
+		    debug_return_bool(true);
+		for (j = 0; j < sizeof(addr.ip6.s6_addr); j++) {
+		    if ((ifp->addr.ip6.s6_addr[j] & ifp->netmask.ip6.s6_addr[j]) != addr.ip6.s6_addr[j])
+			break;
+		}
+		if (j == sizeof(addr.ip6.s6_addr))
+		    debug_return_bool(true);
+		break;
+#endif /* HAVE_STRUCT_IN6_ADDR */
+	}
+    }
+
+    debug_return_bool(false);
+}
+
+static bool
+addr_matches_if_netmask(const char *n, const char *m)
+{
+    unsigned int i;
+    union sudo_in_addr_un addr, mask;
+    struct interface *ifp;
+#ifdef HAVE_STRUCT_IN6_ADDR
+    unsigned int j;
+#endif
+    unsigned int family;
+    const char *errstr;
+    debug_decl(addr_matches_if, SUDOERS_DEBUG_MATCH)
+
+#ifdef HAVE_STRUCT_IN6_ADDR
+    if (inet_pton(AF_INET6, n, &addr.ip6) == 1)
+	family = AF_INET6;
+    else
+#endif /* HAVE_STRUCT_IN6_ADDR */
+    if (inet_pton(AF_INET, n, &addr.ip4) == 1) {
+	family = AF_INET;
+    } else {
+	debug_return_bool(false);
+    }
+
+    if (family == AF_INET) {
+	if (strchr(m, '.')) {
+	    if (inet_pton(AF_INET, m, &mask.ip4) != 1) {
+		sudo_debug_printf(SUDO_DEBUG_ERROR|SUDO_DEBUG_LINENO,
+		    "IPv4 netmask %s: %s", m, "invalid value");
+		debug_return_bool(false);
+	    }
+	} else {
+	    i = strtonum(m, 1, 32, &errstr);
+	    if (errstr != NULL) {
+		sudo_debug_printf(SUDO_DEBUG_ERROR|SUDO_DEBUG_LINENO,
+		    "IPv4 netmask %s: %s", m, errstr);
+		debug_return_bool(false);
+	    }
+	    mask.ip4.s_addr = htonl(0xffffffffU << (32 - i));
+	}
+	addr.ip4.s_addr &= mask.ip4.s_addr;
+    }
+#ifdef HAVE_STRUCT_IN6_ADDR
+    else {
+	if (inet_pton(AF_INET6, m, &mask.ip6) != 1) {
+	    j = strtonum(m, 1, 128, &errstr);
+	    if (errstr != NULL) {
+		sudo_debug_printf(SUDO_DEBUG_ERROR|SUDO_DEBUG_LINENO,
+		    "IPv6 netmask %s: %s", m, errstr);
+		debug_return_bool(false);
+	    }
+	    for (i = 0; i < sizeof(addr.ip6.s6_addr); i++) {
+		if (j < i * 8)
+		    mask.ip6.s6_addr[i] = 0;
+		else if (i * 8 + 8 <= j)
+		    mask.ip6.s6_addr[i] = 0xff;
+		else
+		    mask.ip6.s6_addr[i] = 0xff00 >> (j - i * 8);
+		addr.ip6.s6_addr[i] &= mask.ip6.s6_addr[i];
+	    }
+	}
+    }
+#endif /* HAVE_STRUCT_IN6_ADDR */
+
+    SLIST_FOREACH(ifp, get_interfaces(), entries) {
+	if (ifp->family != family)
+	    continue;
+	switch (family) {
+	    case AF_INET:
+		if ((ifp->addr.ip4.s_addr & mask.ip4.s_addr) == addr.ip4.s_addr)
+		    debug_return_bool(true);
+		break;
+#ifdef HAVE_STRUCT_IN6_ADDR
+	    case AF_INET6:
+		for (j = 0; j < sizeof(addr.ip6.s6_addr); j++) {
+		    if ((ifp->addr.ip6.s6_addr[j] & mask.ip6.s6_addr[j]) != addr.ip6.s6_addr[j])
+			break;
+		}
+		if (j == sizeof(addr.ip6.s6_addr))
+		    debug_return_bool(true);
+		break;
+#endif /* HAVE_STRUCT_IN6_ADDR */
+	}
+    }
+
+    debug_return_bool(false);
+}
+
+/*
+ * Returns true if "n" is one of our ip addresses or if
+ * "n" is a network that we are on, else returns false.
+ */
+bool
+addr_matches(char *n)
+{
+    char *m;
+    bool rc;
+    debug_decl(addr_matches, SUDOERS_DEBUG_MATCH)
+
+    /* If there's an explicit netmask, use it. */
+    if ((m = strchr(n, '/'))) {
+	*m++ = '\0';
+	rc = addr_matches_if_netmask(n, m);
+	*(m - 1) = '/';
+    } else
+	rc = addr_matches_if(n);
+
+    sudo_debug_printf(SUDO_DEBUG_DEBUG|SUDO_DEBUG_LINENO,
+	"IP address %s matches local host: %s", n, rc ? "true" : "false");
+    debug_return_bool(rc);
+}
diff --git a/plugins/sudoers/mkdefaults b/plugins/sudoers/mkdefaults
new file mode 100755
index 0000000..885c1b5
--- /dev/null
+++ b/plugins/sudoers/mkdefaults
@@ -0,0 +1,164 @@
+#!/usr/bin/env perl
+#
+# Generate sudo_defs_table and associated defines
+#
+# Input should be formatted thusly:
+#
+# var_name
+#	TYPE
+#	description (or NULL)
+#	array of struct def_values if TYPE == T_TUPLE
+
+use warnings;
+use strict;
+
+my ($header, $cfile, $infile);
+
+# Deal with optional -o (output) argument
+if ($#ARGV > 0 && $ARGV[0] eq "-o") {
+    shift;
+    $header = $cfile = shift;
+    $header .= '.h';
+    $cfile .= '.c';
+}
+die "usage: $0 [input_file]\n" unless $#ARGV == -1 || $#ARGV == 0;
+
+$infile = $ARGV[0] || "def_data.in";
+if (!defined($header)) {
+    $header = $infile;
+    $header =~ s/(\.in)?$/.h/;
+}
+if (!defined($cfile)) {
+    $cfile = $infile;
+    $cfile =~ s/(\.in)?$/.c/;
+}
+
+open(IN, "<$infile") || die "$0: can't open $infile: $!\n";
+open(HEADER, ">$header") || die "$0: can't open $header: $!\n";
+open(CFILE, ">$cfile") || die "$0: can't open $cfile: $!\n";
+
+my $count = 0;
+my @tuple_values = ( "never" );
+my @records = ();
+my ($var, $type, $desc, $values, $callback, $field);
+while (<IN>) {
+    chomp;
+    s/\s*#.*$//;
+    next if /^\s*$/;
+
+    if (/^\S/) {
+	# Store previous record and begin new one
+	$records[$count++] = [$var, $type, $desc, $values, $callback] if defined($var);
+
+	$var = $_;
+	$type = '';
+	$desc = undef;
+	$values = undef;
+	$callback = undef;
+	$field = 0;
+    } else {
+	$field++;
+	s/^\s+//;
+	s/\s+$//;
+	if ($field == 1) {
+	    # type
+	    $type = $_;
+	} elsif ($field == 2) {
+	    # description
+	    if ($_ eq "NULL") {
+		$desc = "NULL";
+	    } else {
+		# Strip leading and trailing double quote and escape the rest
+		s/^"//;
+		s/"$//;
+		s/"/\\"/g;
+		$desc = "N_(\"$_\")";
+	    }
+	} elsif ($field == 3 || $field == 4) {
+	    if (s/^\*//) {
+		$callback = $_;
+	    } else {
+		die "$0: syntax error near line $.\n" if $type !~ /^T_TUPLE/;
+		$values = [ split ];
+		foreach my $v (@$values) {
+		    push(@tuple_values, $v) unless grep(/^$v$/, @tuple_values);
+		}
+	    }
+	} else {
+	    die "$0: syntax error near line $.\n";
+	}
+    }
+}
+$records[$count++] = [$var, $type, $desc, $values, $callback] if defined($var);
+
+# Print out value arrays
+for (my $i = 0; $i < $count; $i++) {
+    if (defined($records[$i]->[3])) {
+	die "Values list specified for non-tuple\n" unless
+	    $records[$i]->[1] =~ /^T_TUPLE/;
+	printf CFILE "static struct def_values def_data_%s[] = {\n",
+	    $records[$i]->[0];
+	foreach (@{$records[$i]->[3]}) {
+	    print CFILE "    { \"$_\", $_ },\n";
+	}
+	print CFILE "    { NULL, 0 },\n";
+	print CFILE "};\n\n";
+    }
+}
+
+# Print each record
+print CFILE "struct sudo_defs_types sudo_defs_table[] = {\n    {\n";
+for (my $i = 0; $i < $count; $i++) {
+    print_record($records[$i], $i);
+}
+print CFILE "\tNULL, 0, NULL\n    }\n};\n";
+
+# Print out def_tuple
+if (@tuple_values) {
+    print HEADER "\nenum def_tuple {\n";
+    for (my $i = 0; $i <= $#tuple_values; $i++) {
+	printf HEADER "\t%s%s\n", $tuple_values[$i],
+	    $i != $#tuple_values ? "," : "";
+    }
+    print HEADER "};\n";
+}
+
+close(IN);
+close(HEADER);
+close(CFILE);
+
+exit(0);
+
+sub print_record {
+    my ($rec, $recnum) = @_;
+    my ($i, $v, $defname);
+
+    # each variable gets a macro to access its value
+    $defname = "I_" . uc($rec->[0]);
+    printf HEADER "#define %-23s %d\n", $defname, $recnum;
+    for ($rec->[1]) {
+	if    (/^T_INT/)      { $v = "ival"; }
+	elsif (/^T_UINT/)     { $v = "uival"; }
+	elsif (/^T_STR/)      { $v = "str"; }
+	elsif (/^T_FLAG/)     { $v = "flag"; }
+	elsif (/^T_MODE/)     { $v = "mode"; }
+	elsif (/^T_LIST/)     { $v = "list"; }
+	elsif (/^T_LOGFAC/)   { $v = "ival"; }
+	elsif (/^T_LOGPRI/)   { $v = "ival"; }
+	elsif (/^T_TUPLE/)    { $v = "tuple"; }
+	elsif (/^T_TIMESPEC/) { $v = "tspec"; }
+	elsif (/^T_TIMEOUT/)  { $v = "ival"; }
+	else { die "$0: unknown defaults type: $_\n"; }
+    }
+    printf HEADER "#define %-23s (sudo_defs_table[$defname].sd_un.${v})\n",
+	"def_$rec->[0]";
+
+    print CFILE "\t\"$rec->[0]\", $rec->[1],\n\t$rec->[2],\n";
+    if (defined($rec->[3])) {
+	printf CFILE "\tdef_data_$rec->[0],\n";
+    } else {
+	printf CFILE "\tNULL,\n";
+    }
+    printf CFILE "\t$rec->[4],\n" if defined($rec->[4]);
+    print CFILE "    }, {\n";
+}
diff --git a/plugins/sudoers/mkdir_parents.c b/plugins/sudoers/mkdir_parents.c
new file mode 100644
index 0000000..5fa51ac
--- /dev/null
+++ b/plugins/sudoers/mkdir_parents.c
@@ -0,0 +1,93 @@
+/*
+ * Copyright (c) 2009-2017 Todd C. Miller <Todd.Miller@sudo.ws>
+ *
+ * Permission to use, copy, modify, and distribute this software for any
+ * purpose with or without fee is hereby granted, provided that the above
+ * copyright notice and this permission notice appear in all copies.
+ *
+ * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
+ * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
+ * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
+ * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
+ * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
+ * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
+ * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
+ */
+
+/*
+ * This is an open source non-commercial project. Dear PVS-Studio, please check it.
+ * PVS-Studio Static Code Analyzer for C, C++ and C#: http://www.viva64.com
+ */
+
+#include <config.h>
+
+#include <sys/types.h>
+#include <sys/stat.h>
+#include <stdio.h>
+#include <stdlib.h>
+#ifdef HAVE_STRING_H
+# include <string.h>
+#endif /* HAVE_STRING_H */
+#ifdef HAVE_STRINGS_H
+# include <strings.h>
+#endif /* HAVE_STRINGS_H */
+#include <unistd.h>
+#include <errno.h>
+#include <pwd.h>
+#include <grp.h>
+
+#include "sudoers.h"
+
+/*
+ * Create any parent directories needed by path (but not path itself).
+ * Note that path is modified but is restored before it returns.
+ */
+bool
+sudo_mkdir_parents(char *path, uid_t uid, gid_t gid, mode_t mode, bool quiet)
+{
+    struct stat sb;
+    char *slash = path;
+    debug_decl(sudo_mkdir_parents, SUDOERS_DEBUG_UTIL)
+
+    /* cppcheck-suppress nullPointerRedundantCheck */
+    while ((slash = strchr(slash + 1, '/')) != NULL) {
+	*slash = '\0';
+	sudo_debug_printf(SUDO_DEBUG_DEBUG|SUDO_DEBUG_LINENO,
+	    "mkdir %s, mode 0%o, uid %d, gid %d", path, (unsigned int)mode,
+	    (int)uid, (int)gid);
+	if (mkdir(path, mode) == 0) {
+	    if (uid != (uid_t)-1 && gid != (gid_t)-1) {
+		if (chown(path, uid, gid) != 0) {
+		    sudo_debug_printf(SUDO_DEBUG_ERROR|SUDO_DEBUG_ERRNO,
+			"%s: unable to chown %d:%d %s", __func__,
+			(int)uid, (int)gid, path);
+		}
+	    }
+	} else {
+	    if (errno != EEXIST) {
+		if (!quiet)
+		    sudo_warn(U_("unable to mkdir %s"), path);
+		goto bad;
+	    }
+	    /* Already exists, make sure it is a directory. */
+	    if (stat(path, &sb) != 0) {
+		if (!quiet)
+		    sudo_warn(U_("unable to stat %s"), path);
+		goto bad;
+	    }
+	    if (!S_ISDIR(sb.st_mode)) {
+		if (!quiet)
+		    sudo_warnx(U_("%s exists but is not a directory (0%o)"),
+			path, (unsigned int) sb.st_mode);
+		goto bad;
+	    }
+	}
+	*slash = '/';
+    }
+
+    debug_return_bool(true);
+bad:
+    /* We must restore the path before we return. */
+    *slash = '/';
+    debug_return_bool(false);
+}
diff --git a/plugins/sudoers/parse.c b/plugins/sudoers/parse.c
new file mode 100644
index 0000000..fb781f5
--- /dev/null
+++ b/plugins/sudoers/parse.c
@@ -0,0 +1,864 @@
+/*
+ * Copyright (c) 2004-2005, 2007-2018 Todd C. Miller <Todd.Miller@sudo.ws>
+ *
+ * Permission to use, copy, modify, and distribute this software for any
+ * purpose with or without fee is hereby granted, provided that the above
+ * copyright notice and this permission notice appear in all copies.
+ *
+ * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
+ * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
+ * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
+ * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
+ * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
+ * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
+ * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
+ */
+
+/*
+ * This is an open source non-commercial project. Dear PVS-Studio, please check it.
+ * PVS-Studio Static Code Analyzer for C, C++ and C#: http://www.viva64.com
+ */
+
+#include <config.h>
+
+#include <sys/types.h>
+#include <sys/stat.h>
+#include <stdio.h>
+#include <stdlib.h>
+#ifdef HAVE_STRING_H
+# include <string.h>
+#endif /* HAVE_STRING_H */
+#ifdef HAVE_STRINGS_H
+# include <strings.h>
+#endif /* HAVE_STRINGS_H */
+#include <unistd.h>
+#include <ctype.h>
+#include <grp.h>
+#include <pwd.h>
+#include <time.h>
+
+#include "sudoers.h"
+#include "sudo_lbuf.h"
+#include <gram.h>
+
+/*
+ * Look up the user in the sudoers prase tree for pseudo-commands like
+ * list, verify and kill.
+ */
+static int
+sudoers_lookup_pseudo(struct sudo_nss_list *snl, struct passwd *pw,
+    int validated, int pwflag)
+{
+    int match;
+    struct sudo_nss *nss;
+    struct cmndspec *cs;
+    struct privilege *priv;
+    struct userspec *us;
+    struct defaults *def;
+    int nopass;
+    enum def_tuple pwcheck;
+    debug_decl(sudoers_lookup_pseudo, SUDOERS_DEBUG_PARSER)
+
+    pwcheck = (pwflag == -1) ? never : sudo_defs_table[pwflag].sd_un.tuple;
+    nopass = (pwcheck == all) ? true : false;
+
+    if (list_pw == NULL)
+	SET(validated, FLAG_NO_CHECK);
+    CLR(validated, FLAG_NO_USER);
+    CLR(validated, FLAG_NO_HOST);
+    match = DENY;
+    TAILQ_FOREACH(nss, snl, entries) {
+	if (nss->query(nss, pw) == -1) {
+	    /* The query function should have printed an error message. */
+	    SET(validated, VALIDATE_ERROR);
+	    break;
+	}
+	TAILQ_FOREACH(us, &nss->parse_tree->userspecs, entries) {
+	    if (userlist_matches(nss->parse_tree, pw, &us->users) != ALLOW)
+		continue;
+	    TAILQ_FOREACH(priv, &us->privileges, entries) {
+		int priv_nopass = UNSPEC;
+
+		if (hostlist_matches(nss->parse_tree, pw, &priv->hostlist) != ALLOW)
+		    continue;
+		TAILQ_FOREACH(def, &priv->defaults, entries) {
+		    if (strcmp(def->var, "authenticate") == 0)
+			priv_nopass = !def->op;
+		}
+		TAILQ_FOREACH(cs, &priv->cmndlist, entries) {
+		    if (pwcheck == any) {
+			if (cs->tags.nopasswd == true || priv_nopass == true)
+			    nopass = true;
+		    } else if (pwcheck == all) {
+			if (cs->tags.nopasswd != true && priv_nopass != true)
+			    nopass = false;
+		    }
+		    if (match == ALLOW)
+			continue;
+		    /* Only check the command when listing another user. */
+		    if (user_uid == 0 || list_pw == NULL ||
+			user_uid == list_pw->pw_uid ||
+			cmnd_matches(nss->parse_tree, cs->cmnd) == ALLOW)
+			    match = ALLOW;
+		}
+	    }
+	}
+    }
+    if (match == ALLOW || user_uid == 0) {
+	/* User has an entry for this host. */
+	SET(validated, VALIDATE_SUCCESS);
+    } else if (match == DENY)
+	SET(validated, VALIDATE_FAILURE);
+    if (pwcheck == always && def_authenticate)
+	SET(validated, FLAG_CHECK_USER);
+    else if (nopass == true)
+	def_authenticate = false;
+    debug_return_int(validated);
+}
+
+static int
+sudoers_lookup_check(struct sudo_nss *nss, struct passwd *pw,
+    int *validated, struct cmndspec **matching_cs,
+    struct defaults_list **defs, time_t now)
+{
+    int host_match, runas_match, cmnd_match;
+    struct cmndspec *cs;
+    struct privilege *priv;
+    struct userspec *us;
+    struct member *matching_user;
+    debug_decl(sudoers_lookup_check, SUDOERS_DEBUG_PARSER)
+
+    TAILQ_FOREACH_REVERSE(us, &nss->parse_tree->userspecs, userspec_list, entries) {
+	if (userlist_matches(nss->parse_tree, pw, &us->users) != ALLOW)
+	    continue;
+	CLR(*validated, FLAG_NO_USER);
+	TAILQ_FOREACH_REVERSE(priv, &us->privileges, privilege_list, entries) {
+	    host_match = hostlist_matches(nss->parse_tree, pw, &priv->hostlist);
+	    if (host_match == ALLOW)
+		CLR(*validated, FLAG_NO_HOST);
+	    else
+		continue;
+	    TAILQ_FOREACH_REVERSE(cs, &priv->cmndlist, cmndspec_list, entries) {
+		if (cs->notbefore != UNSPEC) {
+		    if (now < cs->notbefore)
+			continue;
+		}
+		if (cs->notafter != UNSPEC) {
+		    if (now > cs->notafter)
+			continue;
+		}
+		matching_user = NULL;
+		runas_match = runaslist_matches(nss->parse_tree,
+		    cs->runasuserlist, cs->runasgrouplist, &matching_user,
+		    NULL);
+		if (runas_match == ALLOW) {
+		    cmnd_match = cmnd_matches(nss->parse_tree, cs->cmnd);
+		    if (cmnd_match != UNSPEC) {
+			/*
+			 * If user is running command as himself,
+			 * set runas_pw = sudo_user.pw.
+			 * XXX - hack, want more general solution
+			 */
+			if (matching_user && matching_user->type == MYSELF) {
+			    sudo_pw_delref(runas_pw);
+			    sudo_pw_addref(sudo_user.pw);
+			    runas_pw = sudo_user.pw;
+			}
+			*matching_cs = cs;
+			*defs = &priv->defaults;
+			debug_return_int(cmnd_match);
+		    }
+		}
+	    }
+	}
+    }
+    debug_return_int(UNSPEC);
+}
+
+/*
+ * Apply cmndspec-specific settngs including SELinux role/type,
+ * Solaris privs, and command tags.
+ */
+static bool
+apply_cmndspec(struct cmndspec *cs)
+{
+    debug_decl(apply_cmndspec, SUDOERS_DEBUG_PARSER)
+
+    if (cs != NULL) {
+#ifdef HAVE_SELINUX
+	/* Set role and type if not specified on command line. */
+	if (user_role == NULL) {
+	    if (cs->role != NULL) {
+		user_role = strdup(cs->role);
+		if (user_role == NULL) {
+		    sudo_warnx(U_("%s: %s"), __func__,
+			U_("unable to allocate memory"));
+		    debug_return_bool(false);
+		}
+	    } else {
+		user_role = def_role;
+	    }
+	}
+	if (user_type == NULL) {
+	    if (cs->type != NULL) {
+		user_type = strdup(cs->type);
+		if (user_type == NULL) {
+		    sudo_warnx(U_("%s: %s"), __func__,
+			U_("unable to allocate memory"));
+		    debug_return_bool(false);
+		}
+	    } else {
+		user_type = def_type;
+	    }
+	}
+#endif /* HAVE_SELINUX */
+#ifdef HAVE_PRIV_SET
+	/* Set Solaris privilege sets */
+	if (runas_privs == NULL) {
+	    if (cs->privs != NULL) {
+		runas_privs = strdup(cs->privs);
+		if (runas_privs == NULL) {
+		    sudo_warnx(U_("%s: %s"), __func__,
+			U_("unable to allocate memory"));
+		    debug_return_bool(false);
+		}
+	    } else {
+		runas_privs = def_privs;
+	    }
+	}
+	if (runas_limitprivs == NULL) {
+	    if (cs->limitprivs != NULL) {
+		runas_limitprivs = strdup(cs->limitprivs);
+		if (runas_limitprivs == NULL) {
+		    sudo_warnx(U_("%s: %s"), __func__,
+			U_("unable to allocate memory"));
+		    debug_return_bool(false);
+		}
+	    } else {
+		runas_limitprivs = def_limitprivs;
+	    }
+	}
+#endif /* HAVE_PRIV_SET */
+	if (cs->timeout > 0)
+	    def_command_timeout = cs->timeout;
+	if (cs->tags.nopasswd != UNSPEC)
+	    def_authenticate = !cs->tags.nopasswd;
+	if (cs->tags.noexec != UNSPEC)
+	    def_noexec = cs->tags.noexec;
+	if (cs->tags.setenv != UNSPEC)
+	    def_setenv = cs->tags.setenv;
+	if (cs->tags.log_input != UNSPEC)
+	    def_log_input = cs->tags.log_input;
+	if (cs->tags.log_output != UNSPEC)
+	    def_log_output = cs->tags.log_output;
+	if (cs->tags.send_mail != UNSPEC) {
+	    if (cs->tags.send_mail) {
+		def_mail_all_cmnds = true;
+	    } else {
+		def_mail_all_cmnds = false;
+		def_mail_always = false;
+		def_mail_no_perms = false;
+	    }
+	}
+	if (cs->tags.follow != UNSPEC)
+	    def_sudoedit_follow = cs->tags.follow;
+    }
+
+    debug_return_bool(true);
+}
+
+/*
+ * Look up the user in the sudoers prase tree and check to see if they are
+ * allowed to run the specified command on this host as the target user.
+ */
+int
+sudoers_lookup(struct sudo_nss_list *snl, struct passwd *pw, int validated,
+    int pwflag)
+{
+    struct defaults_list *defs = NULL;
+    struct sudoers_parse_tree *parse_tree = NULL;
+    struct cmndspec *cs = NULL;
+    struct sudo_nss *nss;
+    int m, match = UNSPEC;
+    time_t now;
+    debug_decl(sudoers_lookup, SUDOERS_DEBUG_PARSER)
+
+    /*
+     * Special case checking the "validate", "list" and "kill" pseudo-commands.
+     */
+    if (pwflag)
+	debug_return_int(sudoers_lookup_pseudo(snl, pw, validated, pwflag));
+
+    /* Need to be runas user while stat'ing things. */
+    if (!set_perms(PERM_RUNAS))
+	debug_return_int(validated);
+
+    /* Query each sudoers source and check the user. */
+    time(&now);
+    TAILQ_FOREACH(nss, snl, entries) {
+	if (nss->query(nss, pw) == -1) {
+	    /* The query function should have printed an error message. */
+	    SET(validated, VALIDATE_ERROR);
+	    break;
+	}
+
+	m = sudoers_lookup_check(nss, pw, &validated, &cs, &defs, now);
+	if (m != UNSPEC) {
+	    match = m;
+	    parse_tree = nss->parse_tree;
+	}
+
+	if (!sudo_nss_can_continue(nss, m))
+	    break;
+    }
+    if (match != UNSPEC) {
+	if (defs != NULL)
+	    update_defaults(parse_tree, defs, SETDEF_GENERIC, false);
+	if (!apply_cmndspec(cs))
+	    SET(validated, VALIDATE_ERROR);
+	else if (match == ALLOW)
+	    SET(validated, VALIDATE_SUCCESS);
+	else
+	    SET(validated, VALIDATE_FAILURE);
+    }
+    if (!restore_perms())
+	SET(validated, VALIDATE_ERROR);
+    debug_return_int(validated);
+}
+
+static int
+display_priv_short(struct sudoers_parse_tree *parse_tree, struct passwd *pw,
+    struct userspec *us, struct sudo_lbuf *lbuf)
+{
+    struct privilege *priv;
+    int nfound = 0;
+    debug_decl(display_priv_short, SUDOERS_DEBUG_PARSER)
+
+    TAILQ_FOREACH(priv, &us->privileges, entries) {
+	struct cmndspec *cs, *prev_cs = NULL;
+	struct cmndtag tags;
+
+	if (hostlist_matches(parse_tree, pw, &priv->hostlist) != ALLOW)
+	    continue;
+
+	sudoers_defaults_list_to_tags(&priv->defaults, &tags);
+	TAILQ_FOREACH(cs, &priv->cmndlist, entries) {
+	    /* Start a new line if RunAs changes. */
+	    if (prev_cs == NULL || RUNAS_CHANGED(cs, prev_cs)) {
+		struct member *m;
+
+		if (cs != TAILQ_FIRST(&priv->cmndlist))
+		    sudo_lbuf_append(lbuf, "\n");
+		sudo_lbuf_append(lbuf, "    (");
+		if (cs->runasuserlist != NULL) {
+		    TAILQ_FOREACH(m, cs->runasuserlist, entries) {
+			if (m != TAILQ_FIRST(cs->runasuserlist))
+			    sudo_lbuf_append(lbuf, ", ");
+			sudoers_format_member(lbuf, parse_tree, m, ", ",
+			    RUNASALIAS);
+		    }
+		} else if (cs->runasgrouplist == NULL) {
+		    sudo_lbuf_append(lbuf, "%s", def_runas_default);
+		} else {
+		    sudo_lbuf_append(lbuf, "%s", pw->pw_name);
+		}
+		if (cs->runasgrouplist != NULL) {
+		    sudo_lbuf_append(lbuf, " : ");
+		    TAILQ_FOREACH(m, cs->runasgrouplist, entries) {
+			if (m != TAILQ_FIRST(cs->runasgrouplist))
+			    sudo_lbuf_append(lbuf, ", ");
+			sudoers_format_member(lbuf, parse_tree, m, ", ",
+			    RUNASALIAS);
+		    }
+		}
+		sudo_lbuf_append(lbuf, ") ");
+	    } else if (cs != TAILQ_FIRST(&priv->cmndlist)) {
+		sudo_lbuf_append(lbuf, ", ");
+	    }
+	    sudoers_format_cmndspec(lbuf, parse_tree, cs, prev_cs, tags, true);
+	    prev_cs = cs;
+	    nfound++;
+	}
+	sudo_lbuf_append(lbuf, "\n");
+    }
+    debug_return_int(nfound);
+}
+
+/*
+ * Compare the current cmndspec with the previous one to determine
+ * whether we need to start a new long entry for "sudo -ll".
+ * Returns true if we should start a new long entry, else false.
+ */
+static bool
+new_long_entry(struct cmndspec *cs, struct cmndspec *prev_cs)
+{
+    debug_decl(new_long_entry, SUDOERS_DEBUG_PARSER)
+
+    if (prev_cs == NULL)
+	debug_return_bool(true);
+    if (RUNAS_CHANGED(cs, prev_cs) || TAGS_CHANGED(prev_cs->tags, cs->tags))
+	debug_return_bool(true);
+#ifdef HAVE_PRIV_SET
+    if (cs->privs && (!prev_cs->privs || strcmp(cs->privs, prev_cs->privs) != 0))
+	debug_return_bool(true);
+    if (cs->limitprivs && (!prev_cs->limitprivs || strcmp(cs->limitprivs, prev_cs->limitprivs) != 0))
+	debug_return_bool(true);
+#endif /* HAVE_PRIV_SET */
+#ifdef HAVE_SELINUX
+    if (cs->role && (!prev_cs->role || strcmp(cs->role, prev_cs->role) != 0))
+	debug_return_bool(true);
+    if (cs->type && (!prev_cs->type || strcmp(cs->type, prev_cs->type) != 0))
+	debug_return_bool(true);
+#endif /* HAVE_SELINUX */
+    if (cs->timeout != prev_cs->timeout)
+	debug_return_bool(true);
+    if (cs->notbefore != prev_cs->notbefore)
+	debug_return_bool(true);
+    if (cs->notafter != prev_cs->notafter)
+	debug_return_bool(true);
+    debug_return_bool(false);
+}
+
+static int
+display_priv_long(struct sudoers_parse_tree *parse_tree, struct passwd *pw,
+    struct userspec *us, struct sudo_lbuf *lbuf)
+{
+    struct privilege *priv;
+    int nfound = 0;
+    debug_decl(display_priv_long, SUDOERS_DEBUG_PARSER)
+
+    TAILQ_FOREACH(priv, &us->privileges, entries) {
+	struct cmndspec *cs, *prev_cs;
+
+	if (hostlist_matches(parse_tree, pw, &priv->hostlist) != ALLOW)
+	    continue;
+	prev_cs = NULL;
+	TAILQ_FOREACH(cs, &priv->cmndlist, entries) {
+	    struct defaults *d;
+	    struct member *m;
+
+	    if (new_long_entry(cs, prev_cs)) {
+		int olen;
+
+		if (priv->ldap_role != NULL) {
+		    sudo_lbuf_append(lbuf, _("\nLDAP Role: %s\n"),
+			priv->ldap_role);
+		} else {
+		    sudo_lbuf_append(lbuf, _("\nSudoers entry:\n"));
+		}
+		sudo_lbuf_append(lbuf, _("    RunAsUsers: "));
+		if (cs->runasuserlist != NULL) {
+		    TAILQ_FOREACH(m, cs->runasuserlist, entries) {
+			if (m != TAILQ_FIRST(cs->runasuserlist))
+			    sudo_lbuf_append(lbuf, ", ");
+			sudoers_format_member(lbuf, parse_tree, m, ", ",
+			    RUNASALIAS);
+		    }
+		} else if (cs->runasgrouplist == NULL) {
+		    sudo_lbuf_append(lbuf, "%s", def_runas_default);
+		} else {
+		    sudo_lbuf_append(lbuf, "%s", pw->pw_name);
+		}
+		sudo_lbuf_append(lbuf, "\n");
+		if (cs->runasgrouplist != NULL) {
+		    sudo_lbuf_append(lbuf, _("    RunAsGroups: "));
+		    TAILQ_FOREACH(m, cs->runasgrouplist, entries) {
+			if (m != TAILQ_FIRST(cs->runasgrouplist))
+			    sudo_lbuf_append(lbuf, ", ");
+			sudoers_format_member(lbuf, parse_tree, m, ", ",
+			    RUNASALIAS);
+		    }
+		    sudo_lbuf_append(lbuf, "\n");
+		}
+		olen = lbuf->len;
+		sudo_lbuf_append(lbuf, _("    Options: "));
+		TAILQ_FOREACH(d, &priv->defaults, entries) {
+		    sudoers_format_default(lbuf, d);
+		    sudo_lbuf_append(lbuf, ", ");
+		}
+		if (TAG_SET(cs->tags.setenv))
+		    sudo_lbuf_append(lbuf, "%ssetenv, ", cs->tags.setenv ? "" : "!");
+		if (TAG_SET(cs->tags.noexec))
+		    sudo_lbuf_append(lbuf, "%snoexec, ", cs->tags.noexec ? "" : "!");
+		if (TAG_SET(cs->tags.nopasswd))
+		    sudo_lbuf_append(lbuf, "%sauthenticate, ", cs->tags.nopasswd ? "!" : "");
+		if (TAG_SET(cs->tags.log_input))
+		    sudo_lbuf_append(lbuf, "%slog_input, ", cs->tags.log_input ? "" : "!");
+		if (TAG_SET(cs->tags.log_output))
+		    sudo_lbuf_append(lbuf, "%slog_output, ", cs->tags.log_output ? "" : "!");
+		if (lbuf->buf[lbuf->len - 2] == ',') {
+		    lbuf->len -= 2;	/* remove trailing ", " */
+		    sudo_lbuf_append(lbuf, "\n");
+		} else {
+		    lbuf->len = olen;	/* no options */
+		}
+#ifdef HAVE_PRIV_SET
+		if (cs->privs)
+		    sudo_lbuf_append(lbuf, "    Privs: %s\n", cs->privs);
+		if (cs->limitprivs)
+		    sudo_lbuf_append(lbuf, "    Limitprivs: %s\n", cs->limitprivs);
+#endif /* HAVE_PRIV_SET */
+#ifdef HAVE_SELINUX
+		if (cs->role)
+		    sudo_lbuf_append(lbuf, "    Role: %s\n", cs->role);
+		if (cs->type)
+		    sudo_lbuf_append(lbuf, "    Type: %s\n", cs->type);
+#endif /* HAVE_SELINUX */
+		if (cs->timeout > 0) {
+		    char numbuf[(((sizeof(int) * 8) + 2) / 3) + 2];
+		    snprintf(numbuf, sizeof(numbuf), "%d", cs->timeout);
+		    sudo_lbuf_append(lbuf, "    Timeout: %s\n", numbuf);
+		}
+		if (cs->notbefore != UNSPEC) {
+		    char buf[sizeof("CCYYMMDDHHMMSSZ")];
+		    struct tm *tm = gmtime(&cs->notbefore);
+		    snprintf(buf, sizeof(buf), "%04d%02d%02d%02d%02d%02dZ",
+			tm->tm_year + 1900, tm->tm_mon + 1, tm->tm_mday,
+			tm->tm_hour, tm->tm_min, tm->tm_sec);
+		    sudo_lbuf_append(lbuf, "    NotBefore: %s\n", buf);
+		}
+		if (cs->notafter != UNSPEC) {
+		    char buf[sizeof("CCYYMMDDHHMMSSZ")];
+		    struct tm *tm = gmtime(&cs->notafter);
+		    snprintf(buf, sizeof(buf), "%04d%02d%02d%02d%02d%02dZ",
+			tm->tm_year + 1900, tm->tm_mon + 1, tm->tm_mday,
+			tm->tm_hour, tm->tm_min, tm->tm_sec);
+		    sudo_lbuf_append(lbuf, "    NotAfter: %s\n", buf);
+		}
+		sudo_lbuf_append(lbuf, _("    Commands:\n"));
+	    }
+	    sudo_lbuf_append(lbuf, "\t");
+	    sudoers_format_member(lbuf, parse_tree, cs->cmnd, "\n\t",
+		CMNDALIAS);
+	    sudo_lbuf_append(lbuf, "\n");
+	    prev_cs = cs;
+	    nfound++;
+	}
+    }
+    debug_return_int(nfound);
+}
+
+static int
+sudo_display_userspecs(struct sudoers_parse_tree *parse_tree, struct passwd *pw,
+    struct sudo_lbuf *lbuf, bool verbose)
+{
+    struct userspec *us;
+    int nfound = 0;
+    debug_decl(sudo_display_userspecs, SUDOERS_DEBUG_PARSER)
+
+    TAILQ_FOREACH(us, &parse_tree->userspecs, entries) {
+	if (userlist_matches(parse_tree, pw, &us->users) != ALLOW)
+	    continue;
+
+	if (verbose)
+	    nfound += display_priv_long(parse_tree, pw, us, lbuf);
+	else
+	    nfound += display_priv_short(parse_tree, pw, us, lbuf);
+    }
+    if (sudo_lbuf_error(lbuf))
+	debug_return_int(-1);
+    debug_return_int(nfound);
+}
+
+/*
+ * Display matching Defaults entries for the given user on this host.
+ */
+static int
+display_defaults(struct sudoers_parse_tree *parse_tree, struct passwd *pw,
+    struct sudo_lbuf *lbuf)
+{
+    struct defaults *d;
+    char *prefix;
+    int nfound = 0;
+    debug_decl(display_defaults, SUDOERS_DEBUG_PARSER)
+
+    if (lbuf->len == 0 || isspace((unsigned char)lbuf->buf[lbuf->len - 1]))
+	prefix = "    ";
+    else
+	prefix = ", ";
+
+    TAILQ_FOREACH(d, &parse_tree->defaults, entries) {
+	switch (d->type) {
+	    case DEFAULTS_HOST:
+		if (hostlist_matches(parse_tree, pw, d->binding) != ALLOW)
+		    continue;
+		break;
+	    case DEFAULTS_USER:
+		if (userlist_matches(parse_tree, pw, d->binding) != ALLOW)
+		    continue;
+		break;
+	    case DEFAULTS_RUNAS:
+	    case DEFAULTS_CMND:
+		continue;
+	}
+	sudo_lbuf_append(lbuf, "%s", prefix);
+	sudoers_format_default(lbuf, d);
+	prefix = ", ";
+	nfound++;
+    }
+    if (sudo_lbuf_error(lbuf))
+	debug_return_int(-1);
+    debug_return_int(nfound);
+}
+
+/*
+ * Display Defaults entries of the given type.
+ */
+static int
+display_bound_defaults_by_type(struct sudoers_parse_tree *parse_tree,
+    int deftype, struct sudo_lbuf *lbuf)
+{
+    struct defaults *d;
+    struct member_list *binding = NULL;
+    struct member *m;
+    char *dsep;
+    int atype, nfound = 0;
+    debug_decl(display_bound_defaults_by_type, SUDOERS_DEBUG_PARSER)
+
+    switch (deftype) {
+	case DEFAULTS_HOST:
+	    atype = HOSTALIAS;
+	    dsep = "@";
+	    break;
+	case DEFAULTS_USER:
+	    atype = USERALIAS;
+	    dsep = ":";
+	    break;
+	case DEFAULTS_RUNAS:
+	    atype = RUNASALIAS;
+	    dsep = ">";
+	    break;
+	case DEFAULTS_CMND:
+	    atype = CMNDALIAS;
+	    dsep = "!";
+	    break;
+	default:
+	    debug_return_int(-1);
+    }
+    TAILQ_FOREACH(d, &parse_tree->defaults, entries) {
+	if (d->type != deftype)
+	    continue;
+
+	nfound++;
+	if (binding != d->binding) {
+	    binding = d->binding;
+	    if (nfound != 1)
+		sudo_lbuf_append(lbuf, "\n");
+	    sudo_lbuf_append(lbuf, "    Defaults%s", dsep);
+	    TAILQ_FOREACH(m, binding, entries) {
+		if (m != TAILQ_FIRST(binding))
+		    sudo_lbuf_append(lbuf, ",");
+		sudoers_format_member(lbuf, parse_tree, m, ", ", atype);
+		sudo_lbuf_append(lbuf, " ");
+	    }
+	} else
+	    sudo_lbuf_append(lbuf, ", ");
+	sudoers_format_default(lbuf, d);
+    }
+
+    if (sudo_lbuf_error(lbuf))
+	debug_return_int(-1);
+    debug_return_int(nfound);
+}
+
+/*
+ * Display Defaults entries that are per-runas or per-command
+ */
+static int
+display_bound_defaults(struct sudoers_parse_tree *parse_tree,
+    struct passwd *pw, struct sudo_lbuf *lbuf)
+{
+    int nfound = 0;
+    debug_decl(display_bound_defaults, SUDOERS_DEBUG_PARSER)
+
+    /* XXX - should only print ones that match what the user can do. */
+    nfound += display_bound_defaults_by_type(parse_tree, DEFAULTS_RUNAS, lbuf);
+    nfound += display_bound_defaults_by_type(parse_tree, DEFAULTS_CMND, lbuf);
+
+    if (sudo_lbuf_error(lbuf))
+	debug_return_int(-1);
+    debug_return_int(nfound);
+}
+
+static int
+output(const char *buf)
+{
+    struct sudo_conv_message msg;
+    struct sudo_conv_reply repl;
+    debug_decl(output, SUDOERS_DEBUG_NSS)
+
+    /* Call conversation function */
+    memset(&msg, 0, sizeof(msg));
+    msg.msg_type = SUDO_CONV_INFO_MSG;
+    msg.msg = buf;
+    memset(&repl, 0, sizeof(repl));
+    if (sudo_conv(1, &msg, &repl, NULL) == -1)
+	debug_return_int(0);
+    debug_return_int(strlen(buf));
+}
+
+/*
+ * Print out privileges for the specified user.
+ * Returns true on success or -1 on error.
+ */
+int
+display_privs(struct sudo_nss_list *snl, struct passwd *pw, bool verbose)
+{
+    struct sudo_nss *nss;
+    struct sudo_lbuf def_buf, priv_buf;
+    struct stat sb;
+    int cols, count, olen, n;
+    debug_decl(display_privs, SUDOERS_DEBUG_PARSER)
+
+    cols = sudo_user.cols;
+    if (fstat(STDOUT_FILENO, &sb) == 0 && S_ISFIFO(sb.st_mode))
+	cols = 0;
+    sudo_lbuf_init(&def_buf, output, 4, NULL, cols);
+    sudo_lbuf_init(&priv_buf, output, 8, NULL, cols);
+
+    sudo_lbuf_append(&def_buf, _("Matching Defaults entries for %s on %s:\n"),
+	pw->pw_name, user_srunhost);
+    count = 0;
+    TAILQ_FOREACH(nss, snl, entries) {
+	n = display_defaults(nss->parse_tree, pw, &def_buf);
+	if (n == -1)
+	    goto bad;
+	count += n;
+    }
+    if (count != 0) {
+	sudo_lbuf_append(&def_buf, "\n\n");
+    } else {
+	/* Undo Defaults header. */
+	def_buf.len = 0;
+    }
+
+    /* Display Runas and Cmnd-specific defaults. */
+    olen = def_buf.len;
+    sudo_lbuf_append(&def_buf, _("Runas and Command-specific defaults for %s:\n"),
+	pw->pw_name);
+    count = 0;
+    TAILQ_FOREACH(nss, snl, entries) {
+	n = display_bound_defaults(nss->parse_tree, pw, &def_buf);
+	if (n == -1)
+	    goto bad;
+	count += n;
+    }
+    if (count != 0) {
+	sudo_lbuf_append(&def_buf, "\n\n");
+    } else {
+	/* Undo Defaults header. */
+	def_buf.len = olen;
+    }
+
+    /* Display privileges from all sources. */
+    sudo_lbuf_append(&priv_buf,
+	_("User %s may run the following commands on %s:\n"),
+	pw->pw_name, user_srunhost);
+    count = 0;
+    TAILQ_FOREACH(nss, snl, entries) {
+	if (nss->query(nss, pw) != -1) {
+	    n = sudo_display_userspecs(nss->parse_tree, pw, &priv_buf, verbose);
+	    if (n == -1)
+		goto bad;
+	    count += n;
+	}
+    }
+    if (count == 0) {
+	def_buf.len = 0;
+	priv_buf.len = 0;
+	sudo_lbuf_append(&priv_buf,
+	    _("User %s is not allowed to run sudo on %s.\n"),
+	    pw->pw_name, user_shost);
+    }
+    if (sudo_lbuf_error(&def_buf) || sudo_lbuf_error(&priv_buf))
+	goto bad;
+
+    sudo_lbuf_print(&def_buf);
+    sudo_lbuf_print(&priv_buf);
+
+    sudo_lbuf_destroy(&def_buf);
+    sudo_lbuf_destroy(&priv_buf);
+
+    debug_return_int(true);
+bad:
+    sudo_lbuf_destroy(&def_buf);
+    sudo_lbuf_destroy(&priv_buf);
+
+    debug_return_int(-1);
+}
+
+static int
+display_cmnd_check(struct sudoers_parse_tree *parse_tree, struct passwd *pw,
+    time_t now)
+{
+    int host_match, runas_match, cmnd_match;
+    struct cmndspec *cs;
+    struct privilege *priv;
+    struct userspec *us;
+    debug_decl(display_cmnd_check, SUDOERS_DEBUG_PARSER)
+
+    TAILQ_FOREACH_REVERSE(us, &parse_tree->userspecs, userspec_list, entries) {
+	if (userlist_matches(parse_tree, pw, &us->users) != ALLOW)
+	    continue;
+	TAILQ_FOREACH_REVERSE(priv, &us->privileges, privilege_list, entries) {
+	    host_match = hostlist_matches(parse_tree, pw, &priv->hostlist);
+	    if (host_match != ALLOW)
+		continue;
+	    TAILQ_FOREACH_REVERSE(cs, &priv->cmndlist, cmndspec_list, entries) {
+		if (cs->notbefore != UNSPEC) {
+		    if (now < cs->notbefore)
+			continue;
+		}
+		if (cs->notafter != UNSPEC) {
+		    if (now > cs->notafter)
+			continue;
+		}
+		runas_match = runaslist_matches(parse_tree, cs->runasuserlist,
+		    cs->runasgrouplist, NULL, NULL);
+		if (runas_match == ALLOW) {
+		    cmnd_match = cmnd_matches(parse_tree, cs->cmnd);
+		    if (cmnd_match != UNSPEC)
+			debug_return_int(cmnd_match);
+		}
+	    }
+	}
+    }
+    debug_return_int(UNSPEC);
+}
+
+/*
+ * Check user_cmnd against sudoers and print the matching entry if the
+ * command is allowed.
+ * Returns true if the command is allowed, false if not or -1 on error.
+ */
+int
+display_cmnd(struct sudo_nss_list *snl, struct passwd *pw)
+{
+    struct sudo_nss *nss;
+    int m, match = UNSPEC;
+    int ret = false;
+    time_t now;
+    debug_decl(display_cmnd, SUDOERS_DEBUG_PARSER)
+
+    /* Iterate over each source, checking for the command. */
+    time(&now);
+    TAILQ_FOREACH(nss, snl, entries) {
+	if (nss->query(nss, pw) == -1) {
+	    /* The query function should have printed an error message. */
+	    debug_return_int(-1);
+	}
+
+	m = display_cmnd_check(nss->parse_tree, pw, now);
+	if (m != UNSPEC)
+	    match = m;
+
+	if (!sudo_nss_can_continue(nss, m))
+	    break;
+    }
+    if (match == ALLOW) {
+	const int len = sudo_printf(SUDO_CONV_INFO_MSG, "%s%s%s\n",
+	    safe_cmnd, user_args ? " " : "", user_args ? user_args : "");
+	ret = len < 0 ? -1 : true;
+    }
+    debug_return_int(ret);
+}
diff --git a/plugins/sudoers/parse.h b/plugins/sudoers/parse.h
new file mode 100644
index 0000000..7dcbdca
--- /dev/null
+++ b/plugins/sudoers/parse.h
@@ -0,0 +1,365 @@
+/*
+ * Copyright (c) 1996, 1998-2000, 2004, 2007-2018
+ *	Todd C. Miller <Todd.Miller@sudo.ws>
+ *
+ * Permission to use, copy, modify, and distribute this software for any
+ * purpose with or without fee is hereby granted, provided that the above
+ * copyright notice and this permission notice appear in all copies.
+ *
+ * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
+ * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
+ * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
+ * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
+ * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
+ * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
+ * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
+ */
+
+#ifndef SUDOERS_PARSE_H
+#define SUDOERS_PARSE_H
+
+/* Characters that must be quoted in sudoers */
+#define SUDOERS_QUOTED  ":\\,=#\""
+
+#undef UNSPEC
+#define UNSPEC	-1
+#undef DENY
+#define DENY	 0
+#undef ALLOW
+#define ALLOW	 1
+#undef IMPLIED
+#define IMPLIED	 2
+
+/*
+ * Initialize all tags to UNSPEC.
+ */
+#define TAGS_INIT(t)	do {						       \
+    (t).follow = UNSPEC;						       \
+    (t).log_input = UNSPEC;						       \
+    (t).log_output = UNSPEC;						       \
+    (t).noexec = UNSPEC;						       \
+    (t).nopasswd = UNSPEC;						       \
+    (t).send_mail = UNSPEC;						       \
+    (t).setenv = UNSPEC;						       \
+} while (0)
+
+/*
+ * Copy any tags set in t2 into t, overriding the value in t.
+ */
+#define TAGS_MERGE(t, t2) do {						       \
+    if ((t2).follow != UNSPEC)						       \
+	(t).follow = (t2).follow;					       \
+    if ((t2).log_input != UNSPEC)					       \
+	(t).log_input = (t2).log_input;					       \
+    if ((t2).log_output != UNSPEC)					       \
+	(t).log_output = (t2).log_output;				       \
+    if ((t2).noexec != UNSPEC)						       \
+	(t).noexec = (t2).noexec;					       \
+    if ((t2).nopasswd != UNSPEC)					       \
+	(t).nopasswd = (t2).nopasswd;					       \
+    if ((t2).send_mail != UNSPEC)					       \
+	(t).send_mail = (t2).send_mail;					       \
+    if ((t2).setenv != UNSPEC)						       \
+	(t).setenv = (t2).setenv;					       \
+} while (0)
+
+/*
+ * Returns true if any tag are not UNSPEC, else false.
+ */
+#define TAGS_SET(t)							       \
+    ((t).follow != UNSPEC || (t).log_input != UNSPEC ||			       \
+     (t).log_output != UNSPEC || (t).noexec != UNSPEC ||		       \
+     (t).nopasswd != UNSPEC || (t).send_mail != UNSPEC ||		       \
+     (t).setenv != UNSPEC)
+
+/*
+ * Returns true if the specified tag is not UNSPEC or IMPLIED, else false.
+ */
+#define TAG_SET(tt) \
+    ((tt) != UNSPEC && (tt) != IMPLIED)
+
+/*
+ * Returns true if any tags set in nt differ between ot and nt, else false.
+ */
+#define TAGS_CHANGED(ot, nt) \
+    ((TAG_SET((nt).follow) && (nt).follow != (ot).follow) || \
+    (TAG_SET((nt).log_input) && (nt).log_input != (ot).log_input) || \
+    (TAG_SET((nt).log_output) && (nt).log_output != (ot).log_output) || \
+    (TAG_SET((nt).noexec) && (nt).noexec != (ot).noexec) || \
+    (TAG_SET((nt).nopasswd) && (nt).nopasswd != (ot).nopasswd) || \
+    (TAG_SET((nt).setenv) && (nt).setenv != (ot).setenv) || \
+    (TAG_SET((nt).send_mail) && (nt).send_mail != (ot).send_mail))
+
+/*
+ * Returns true if the runas user and group lists match, else false.
+ */
+#define RUNAS_CHANGED(cs1, cs2) \
+     ((cs1)->runasuserlist != (cs2)->runasuserlist || \
+     (cs1)->runasgrouplist != (cs2)->runasgrouplist)
+
+struct command_digest {
+    unsigned int digest_type;
+    char *digest_str;
+};
+
+/*
+ * A command with option args and digest.
+ * XXX - merge into struct member
+ */
+struct sudo_command {
+    char *cmnd;
+    char *args;
+    struct command_digest *digest;
+};
+
+/*
+ * Tags associated with a command.
+ * Possible values: true, false, IMPLIED, UNSPEC.
+ */
+struct cmndtag {
+    signed int nopasswd: 3;
+    signed int noexec: 3;
+    signed int setenv: 3;
+    signed int log_input: 3;
+    signed int log_output: 3;
+    signed int send_mail: 3;
+    signed int follow: 3;
+};
+
+/*
+ * Per-command option container struct.
+ */
+struct command_options {
+    time_t notbefore;			/* time restriction */
+    time_t notafter;			/* time restriction */
+    int timeout;			/* command timeout */
+#ifdef HAVE_SELINUX
+    char *role, *type;			/* SELinux role and type */
+#endif
+#ifdef HAVE_PRIV_SET
+    char *privs, *limitprivs;		/* Solaris privilege sets */
+#endif
+};
+
+/*
+ * The parsed sudoers file is stored as a collection of linked lists,
+ * modelled after the yacc grammar.
+ *
+ * Other than the alias struct, which is stored in a red-black tree,
+ * the data structure used is a doubly-linked tail queue.  While sudoers
+ * is being parsed, a headless tail queue is used where the first entry
+ * acts as the head and the prev pointer does double duty as the tail pointer.
+ * This makes it possible to trivally append sub-lists.  In addition, the prev
+ * pointer is always valid (even if it points to itself).  Unlike a circle
+ * queue, the next pointer of the last entry is NULL and does not point back
+ * to the head.  When the tail queue is finalized, it is converted to a
+ * normal BSD tail queue.
+ */
+
+/*
+ * Tail queue list head structure.
+ */
+TAILQ_HEAD(defaults_list, defaults);
+TAILQ_HEAD(userspec_list, userspec);
+TAILQ_HEAD(member_list, member);
+TAILQ_HEAD(privilege_list, privilege);
+TAILQ_HEAD(cmndspec_list, cmndspec);
+STAILQ_HEAD(comment_list, sudoers_comment);
+
+/*
+ * Structure describing a user specification and list thereof.
+ */
+struct userspec {
+    TAILQ_ENTRY(userspec) entries;
+    struct member_list users;		/* list of users */
+    struct privilege_list privileges;	/* list of privileges */
+    struct comment_list comments;	/* optional comments */
+    int lineno;
+    char *file;
+};
+
+/*
+ * Structure describing a privilege specification.
+ */
+struct privilege {
+    TAILQ_ENTRY(privilege) entries;
+    char *ldap_role;			/* LDAP sudoRole */
+    struct member_list hostlist;	/* list of hosts */
+    struct cmndspec_list cmndlist;	/* list of Cmnd_Specs */
+    struct defaults_list defaults;	/* list of sudoOptions */
+};
+
+/*
+ * Structure describing a linked list of Cmnd_Specs.
+ * XXX - include struct command_options instad of its contents inline
+ */
+struct cmndspec {
+    TAILQ_ENTRY(cmndspec) entries;
+    struct member_list *runasuserlist;	/* list of runas users */
+    struct member_list *runasgrouplist;	/* list of runas groups */
+    struct member *cmnd;		/* command to allow/deny */
+    struct cmndtag tags;		/* tag specificaion */
+    int timeout;			/* command timeout */
+    time_t notbefore;			/* time restriction */
+    time_t notafter;			/* time restriction */
+#ifdef HAVE_SELINUX
+    char *role, *type;			/* SELinux role and type */
+#endif
+#ifdef HAVE_PRIV_SET
+    char *privs, *limitprivs;		/* Solaris privilege sets */
+#endif
+};
+
+/*
+ * Generic structure to hold users, hosts, commands.
+ */
+struct member {
+    TAILQ_ENTRY(member) entries;
+    char *name;				/* member name */
+    short type;				/* type (see gram.h) */
+    short negated;			/* negated via '!'? */
+};
+
+struct runascontainer {
+    struct member *runasusers;
+    struct member *runasgroups;
+};
+
+struct sudoers_comment {
+    STAILQ_ENTRY(sudoers_comment) entries;
+    char *str;
+};
+
+/*
+ * Generic structure to hold {User,Host,Runas,Cmnd}_Alias
+ * Aliases are stored in a red-black tree, sorted by name and type.
+ */
+struct alias {
+    char *name;				/* alias name */
+    unsigned short type;		/* {USER,HOST,RUNAS,CMND}ALIAS */
+    short used;				/* "used" flag for cycle detection */
+    int lineno;				/* line number of alias entry */
+    char *file;				/* file the alias entry was in */
+    struct member_list members;		/* list of alias members */
+};
+
+/*
+ * Structure describing a Defaults entry in sudoers.
+ */
+struct defaults {
+    TAILQ_ENTRY(defaults) entries;
+    char *var;				/* variable name */
+    char *val;				/* variable value */
+    struct member_list *binding;	/* user/host/runas binding */
+    char *file;				/* file Defaults entry was in */
+    short type;				/* DEFAULTS{,_USER,_RUNAS,_HOST} */
+    char op;				/* true, false, '+', '-' */
+    char error;				/* parse error flag */
+    int lineno;				/* line number of Defaults entry */
+};
+
+/*
+ * Parsed sudoers policy.
+ */
+struct sudoers_parse_tree {
+    struct userspec_list userspecs;
+    struct defaults_list defaults;
+    struct rbtree *aliases;
+};
+
+/* alias.c */
+struct rbtree *alloc_aliases(void);
+void free_aliases(struct rbtree *aliases);
+bool no_aliases(struct sudoers_parse_tree *parse_tree);
+const char *alias_add(struct sudoers_parse_tree *parse_tree, char *name, int type, char *file, int lineno, struct member *members);
+const char *alias_type_to_string(int alias_type);
+struct alias *alias_get(struct sudoers_parse_tree *parse_tree, const char *name, int type);
+struct alias *alias_remove(struct sudoers_parse_tree *parse_tree, char *name, int type);
+bool alias_find_used(struct sudoers_parse_tree *parse_tree, struct rbtree *used_aliases);
+void alias_apply(struct sudoers_parse_tree *parse_tree, int (*func)(struct sudoers_parse_tree *, struct alias *, void *), void *cookie);
+void alias_free(void *a);
+void alias_put(struct alias *a);
+
+/* gram.c */
+extern struct sudoers_parse_tree parsed_policy;
+bool init_parser(const char *path, bool quiet);
+void free_member(struct member *m);
+void free_members(struct member_list *members);
+void free_privilege(struct privilege *priv);
+void free_userspec(struct userspec *us);
+void free_userspecs(struct userspec_list *usl);
+void free_default(struct defaults *def, struct member_list **binding);
+void free_defaults(struct defaults_list *defs);
+void init_parse_tree(struct sudoers_parse_tree *parse_tree);
+void free_parse_tree(struct sudoers_parse_tree *parse_tree);
+void reparent_parse_tree(struct sudoers_parse_tree *new_tree);
+
+/* match_addr.c */
+bool addr_matches(char *n);
+
+/* match.c */
+struct group;
+struct passwd;
+bool command_matches(const char *sudoers_cmnd, const char *sudoers_args, const struct command_digest *digest);
+bool group_matches(const char *sudoers_group, const struct group *gr);
+bool hostname_matches(const char *shost, const char *lhost, const char *pattern);
+bool netgr_matches(const char *netgr, const char *lhost, const char *shost, const char *user);
+bool usergr_matches(const char *group, const char *user, const struct passwd *pw);
+bool userpw_matches(const char *sudoers_user, const char *user, const struct passwd *pw);
+int cmnd_matches(struct sudoers_parse_tree *parse_tree, const struct member *m);
+int cmndlist_matches(struct sudoers_parse_tree *parse_tree, const struct member_list *list);
+int host_matches(struct sudoers_parse_tree *parse_tree, const struct passwd *pw, const char *host, const char *shost, const struct member *m);
+int hostlist_matches(struct sudoers_parse_tree *parse_tree, const struct passwd *pw, const struct member_list *list);
+int runaslist_matches(struct sudoers_parse_tree *parse_tree, const struct member_list *user_list, const struct member_list *group_list, struct member **matching_user, struct member **matching_group);
+int user_matches(struct sudoers_parse_tree *parse_tree, const struct passwd *pw, const struct member *m);
+int userlist_matches(struct sudoers_parse_tree *parse_tree, const struct passwd *pw, const struct member_list *list);
+const char *sudo_getdomainname(void);
+struct gid_list *runas_getgroups(void);
+
+/* toke.c */
+void init_lexer(void);
+
+/* hexchar.c */
+int hexchar(const char *s);
+
+/* base64.c */
+size_t base64_decode(const char *str, unsigned char *dst, size_t dsize);
+size_t base64_encode(const unsigned char *in, size_t in_len, char *out, size_t out_len);
+
+/* timeout.c */
+int parse_timeout(const char *timestr);
+
+/* gmtoff.c */
+long get_gmtoff(time_t *clock);
+
+/* gentime.c */
+time_t parse_gentime(const char *expstr);
+
+/* filedigest.c */
+unsigned char *sudo_filedigest(int fd, const char *file, int digest_type, size_t *digest_len);
+
+/* digestname.c */
+const char *digest_type_to_name(int digest_type);
+
+/* parse.c */
+struct sudo_nss_list;
+int sudoers_lookup(struct sudo_nss_list *snl, struct passwd *pw, int validated, int pwflag);
+int display_privs(struct sudo_nss_list *snl, struct passwd *pw, bool verbose);
+int display_cmnd(struct sudo_nss_list *snl, struct passwd *pw);
+
+/* parse_ldif.c */
+bool sudoers_parse_ldif(struct sudoers_parse_tree *parse_tree, FILE *fp, const char *sudoers_base, bool store_options);
+
+/* fmtsudoers.c */
+struct sudo_lbuf;
+bool sudoers_format_cmndspec(struct sudo_lbuf *lbuf, struct sudoers_parse_tree *parse_tree, struct cmndspec *cs, struct cmndspec *prev_cs, struct cmndtag tags, bool expand_aliases);
+bool sudoers_format_default(struct sudo_lbuf *lbuf, struct defaults *d);
+bool sudoers_format_default_line(struct sudo_lbuf *lbuf, struct sudoers_parse_tree *parse_tree, struct defaults *d, struct defaults **next, bool expand_aliases);
+bool sudoers_format_member(struct sudo_lbuf *lbuf, struct sudoers_parse_tree *parse_tree, struct member *m, const char *separator, int alias_type);
+bool sudoers_format_privilege(struct sudo_lbuf *lbuf, struct sudoers_parse_tree *parse_tree, struct privilege *priv, bool expand_aliases);
+bool sudoers_format_userspec(struct sudo_lbuf *lbuf, struct sudoers_parse_tree *parse_tree, struct userspec *us, bool expand_aliases);
+bool sudoers_format_userspecs(struct sudo_lbuf *lbuf, struct sudoers_parse_tree *parse_tree, const char *separator, bool expand_aliases, bool flush);
+bool sudoers_defaults_to_tags(const char *var, const char *val, int op, struct cmndtag *tags);
+bool sudoers_defaults_list_to_tags(struct defaults_list *defs, struct cmndtag *tags);
+
+#endif /* SUDOERS_PARSE_H */
diff --git a/plugins/sudoers/parse_ldif.c b/plugins/sudoers/parse_ldif.c
new file mode 100644
index 0000000..9635ea8
--- /dev/null
+++ b/plugins/sudoers/parse_ldif.c
@@ -0,0 +1,774 @@
+/*
+ * Copyright (c) 2018 Todd C. Miller <Todd.Miller@sudo.ws>
+ *
+ * Permission to use, copy, modify, and distribute this software for any
+ * purpose with or without fee is hereby granted, provided that the above
+ * copyright notice and this permission notice appear in all copies.
+ *
+ * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
+ * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
+ * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
+ * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
+ * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
+ * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
+ * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
+ */
+
+/*
+ * This is an open source non-commercial project. Dear PVS-Studio, please check it.
+ * PVS-Studio Static Code Analyzer for C, C++ and C#: http://www.viva64.com
+ */
+
+#include <config.h>
+
+#include <sys/types.h>
+#include <stdio.h>
+#include <stdlib.h>
+#ifdef HAVE_STRING_H
+# include <string.h>
+#endif /* HAVE_STRING_H */
+#ifdef HAVE_STRINGS_H
+# include <strings.h>
+#endif /* HAVE_STRINGS_H */
+
+#include "sudoers.h"
+#include "sudo_ldap.h"
+#include "redblack.h"
+#include "strlist.h"
+#include <gram.h>
+
+struct sudo_role {
+    STAILQ_ENTRY(sudo_role) entries;
+    char *cn;
+    char *notbefore;
+    char *notafter;
+    double order;
+    struct sudoers_str_list *cmnds;
+    struct sudoers_str_list *hosts;
+    struct sudoers_str_list *users;
+    struct sudoers_str_list *runasusers;
+    struct sudoers_str_list *runasgroups;
+    struct sudoers_str_list *options;
+};
+STAILQ_HEAD(sudo_role_list, sudo_role);
+
+static void
+sudo_role_free(struct sudo_role *role)
+{
+    debug_decl(sudo_role_free, SUDOERS_DEBUG_UTIL)
+
+    if (role != NULL) {
+	free(role->cn);
+	free(role->notbefore);
+	free(role->notafter);
+	str_list_free(role->cmnds);
+	str_list_free(role->hosts);
+	str_list_free(role->users);
+	str_list_free(role->runasusers);
+	str_list_free(role->runasgroups);
+	str_list_free(role->options);
+	free(role);
+    }
+
+    debug_return;
+}
+
+static struct sudo_role *
+sudo_role_alloc(void)
+{
+    struct sudo_role *role;
+    debug_decl(sudo_role_alloc, SUDOERS_DEBUG_UTIL)
+
+    role = calloc(1, sizeof(*role));
+    if (role != NULL) {
+	role->cmnds = str_list_alloc();
+	role->hosts = str_list_alloc();
+	role->users = str_list_alloc();
+	role->runasusers = str_list_alloc();
+	role->runasgroups = str_list_alloc();
+	role->options = str_list_alloc();
+	if (role->cmnds == NULL || role->hosts == NULL ||
+	    role->users == NULL || role->runasusers == NULL ||
+	    role->runasgroups == NULL || role->options == NULL) {
+	    sudo_role_free(role);
+	    role = NULL;
+	}
+    }
+
+    debug_return_ptr(role);
+}
+
+/*
+ * Parse an LDIF attribute, including base64 support.
+ * See http://www.faqs.org/rfcs/rfc2849.html
+ */
+static char *
+ldif_parse_attribute(char *str)
+{
+    bool encoded = false;
+    char *attr, *ep;
+    size_t len;
+    debug_decl(ldif_parse_attribute, SUDOERS_DEBUG_UTIL)
+
+    /* Check for foo:: base64str. */
+    if (*str == ':') {
+	encoded = true;
+	str++;
+    }
+
+    /* Trim leading and trailing space. */
+    while (*str == ' ')
+	str++;
+
+    ep = str + strlen(str);
+    while (ep > str && ep[-1] == ' ') {
+	ep--;
+	/* Don't trim escaped trailing space if not base64. */
+	if (!encoded && ep != str && ep[-1] == '\\')
+	    break;
+	*ep = '\0';
+    }
+
+    attr = str;
+    if (encoded) {
+	/*
+	 * Decode base64 inline and add NUL-terminator.
+	 * The copy allows us to provide a useful message on error.
+	 */
+	char *copy = strdup(str);
+	if (copy == NULL) {
+	    sudo_fatalx(U_("%s: %s"), __func__,
+		U_("unable to allocate memory"));
+	}
+	len = base64_decode(copy, (unsigned char *)attr, strlen(attr));
+	if (len == (size_t)-1) {
+	    sudo_warnx(U_("ignoring invalid attribute value: %s"), copy);
+	    free(copy);
+	    debug_return_str(NULL);
+	}
+	attr[len] = '\0';
+	free(copy);
+    }
+
+    debug_return_str(attr);
+}
+
+/*
+ * Allocate a struct sudoers_string, store str in it and
+ * insert into the specified strlist.
+ */
+static void
+ldif_store_string(const char *str, struct sudoers_str_list *strlist, bool sorted)
+{
+    struct sudoers_string *ls;
+    debug_decl(ldif_store_string, SUDOERS_DEBUG_UTIL)
+
+    if ((ls = sudoers_string_alloc(str)) == NULL) {
+	sudo_fatalx(U_("%s: %s"), __func__,
+	    U_("unable to allocate memory"));
+    }
+    if (!sorted) {
+	STAILQ_INSERT_TAIL(strlist, ls, entries);
+    } else {
+	struct sudoers_string *prev, *next;
+
+	/* Insertion sort, list is small. */
+	prev = STAILQ_FIRST(strlist);
+	if (prev == NULL || strcasecmp(str, prev->str) <= 0) {
+	    STAILQ_INSERT_HEAD(strlist, ls, entries);
+	} else {
+	    while ((next = STAILQ_NEXT(prev, entries)) != NULL) {
+		if (strcasecmp(str, next->str) <= 0)
+		    break;
+		prev = next;
+	    }
+	    STAILQ_INSERT_AFTER(strlist, prev, ls, entries);
+	}
+    }
+
+    debug_return;
+}
+
+/*
+ * Iterator for sudo_ldap_role_to_priv().
+ * Takes a pointer to a struct sudoers_string *.
+ * Returns the string or NULL if we've reached the end.
+ */
+static char *
+sudoers_string_iter(void **vp)
+{
+    struct sudoers_string *ls = *vp;
+
+    if (ls == NULL)
+	return NULL;
+
+    *vp = STAILQ_NEXT(ls, entries);
+
+    return ls->str;
+}
+
+static int
+role_order_cmp(const void *va, const void *vb)
+{
+    const struct sudo_role *a = *(const struct sudo_role **)va;
+    const struct sudo_role *b = *(const struct sudo_role **)vb;
+    debug_decl(role_order_cmp, SUDOERS_DEBUG_LDAP)
+
+    debug_return_int(a->order < b->order ? -1 :
+        (a->order > b->order ? 1 : 0));
+}
+
+/*
+ * Parse list of sudoOption and store in the parse tree's defaults list.
+ */
+static void
+ldif_store_options(struct sudoers_parse_tree *parse_tree,
+    struct sudoers_str_list *options)
+{
+    struct defaults *d;
+    struct sudoers_string *ls;
+    char *var, *val;
+    debug_decl(ldif_store_options, SUDOERS_DEBUG_UTIL)
+
+    STAILQ_FOREACH(ls, options, entries) {
+	if ((d = calloc(1, sizeof(*d))) == NULL ||
+	    (d->binding = malloc(sizeof(*d->binding))) == NULL) {
+	    sudo_fatalx(U_("%s: %s"), __func__,
+		U_("unable to allocate memory"));
+	}
+	TAILQ_INIT(d->binding);
+	d->type = DEFAULTS;
+	d->op = sudo_ldap_parse_option(ls->str, &var, &val);
+	if ((d->var = strdup(var)) == NULL) {
+	    sudo_fatalx(U_("%s: %s"), __func__,
+		U_("unable to allocate memory"));
+	}
+	if (val != NULL) {
+	    if ((d->val = strdup(val)) == NULL) {
+		sudo_fatalx(U_("%s: %s"), __func__,
+		    U_("unable to allocate memory"));
+	    }
+	}
+	TAILQ_INSERT_TAIL(&parse_tree->defaults, d, entries);
+    }
+    debug_return;
+}
+
+static int
+str_list_cmp(const void *aa, const void *bb)
+{
+    const struct sudoers_str_list *a = aa;
+    const struct sudoers_str_list *b = bb;
+    const struct sudoers_string *lsa = STAILQ_FIRST(a);
+    const struct sudoers_string *lsb = STAILQ_FIRST(b);
+    int ret;
+
+    while (lsa != NULL && lsb != NULL) {
+	if ((ret = strcmp(lsa->str, lsb->str)) != 0)
+	    return ret;
+	lsa = STAILQ_NEXT(lsa, entries);
+	lsb = STAILQ_NEXT(lsb, entries);
+    }
+    return lsa == lsb ? 0 : (lsa == NULL ? -1 : 1);
+}
+
+static int
+str_list_cache(struct rbtree *cache, struct sudoers_str_list **strlistp)
+{
+    struct sudoers_str_list *strlist = *strlistp;
+    struct rbnode *node;
+    int ret;
+    debug_decl(str_list_cache, SUDOERS_DEBUG_UTIL)
+
+    ret = rbinsert(cache, strlist, &node);
+    switch (ret) {
+    case 0:
+	/* new entry, take a ref for the cache */
+	strlist->refcnt++;
+	break;
+    case 1:
+	/* already exists, use existing and take a ref. */
+	str_list_free(strlist);
+	strlist = node->data;
+	strlist->refcnt++;
+	*strlistp = strlist;
+	break;
+    }
+    debug_return_int(ret);
+}
+
+/*
+ * Convert a sudoRole to sudoers format and store in the parse tree.
+ */
+static void
+role_to_sudoers(struct sudoers_parse_tree *parse_tree, struct sudo_role *role,
+    bool store_options, bool reuse_userspec, bool reuse_privilege,
+    bool reuse_runas)
+{
+    struct privilege *priv;
+    struct sudoers_string *ls;
+    struct userspec *us;
+    struct member *m;
+    debug_decl(role_to_sudoers, SUDOERS_DEBUG_UTIL)
+
+    /*
+     * TODO: use cn to create a UserAlias if multiple users in it?
+     */
+
+    if (reuse_userspec) {
+	/* Re-use the previous userspec */
+	us = TAILQ_LAST(&parse_tree->userspecs, userspec_list);
+    } else {
+	/* Allocate a new userspec and fill in the user list. */
+	if ((us = calloc(1, sizeof(*us))) == NULL) {
+	    sudo_fatalx(U_("%s: %s"), __func__,
+		U_("unable to allocate memory"));
+	}
+	TAILQ_INIT(&us->privileges);
+	TAILQ_INIT(&us->users);
+	STAILQ_INIT(&us->comments);
+
+	STAILQ_FOREACH(ls, role->users, entries) {
+	    char *user = ls->str;
+
+	    if ((m = calloc(1, sizeof(*m))) == NULL) {
+		sudo_fatalx(U_("%s: %s"), __func__,
+		    U_("unable to allocate memory"));
+	    }
+	    m->negated = sudo_ldap_is_negated(&user);
+	    m->name = strdup(user);
+	    if (m->name == NULL) {
+		sudo_fatalx(U_("%s: %s"), __func__,
+		    U_("unable to allocate memory"));
+	    }
+	    if (strcmp(user, "ALL") == 0) {
+		m->type = ALL;
+	    } else if (*user == '+') {
+		m->type = NETGROUP;
+	    } else if (*user == '%') {
+		m->type = USERGROUP;
+	    } else {
+		m->type = WORD;
+	    }
+	    TAILQ_INSERT_TAIL(&us->users, m, entries);
+	}
+    }
+
+    /* Add source role as a comment. */
+    if (role->cn != NULL) {
+	struct sudoers_comment *comment = NULL;
+	if (reuse_userspec) {
+	    /* Try to re-use comment too. */
+	    STAILQ_FOREACH(comment, &us->comments, entries) {
+		if (strncmp(comment->str, "sudoRole ", 9) == 0) {
+		    char *tmpstr;
+		    if (asprintf(&tmpstr, "%s, %s", comment->str, role->cn) == -1) {
+			sudo_fatalx(U_("%s: %s"), __func__,
+			    U_("unable to allocate memory"));
+		    }
+		    free(comment->str);
+		    comment->str = tmpstr;
+		    break;
+		}
+	    }
+	}
+	if (comment == NULL) {
+	    /* Create a new comment. */
+	    if ((comment = malloc(sizeof(*comment))) == NULL) {
+		sudo_fatalx(U_("%s: %s"), __func__,
+		    U_("unable to allocate memory"));
+	    }
+	    if (asprintf(&comment->str, "sudoRole %s", role->cn) == -1) {
+		sudo_fatalx(U_("%s: %s"), __func__,
+		    U_("unable to allocate memory"));
+	    }
+	    STAILQ_INSERT_TAIL(&us->comments, comment, entries);
+	}
+    }
+
+    /* Convert role to sudoers privilege. */
+    priv = sudo_ldap_role_to_priv(role->cn, STAILQ_FIRST(role->hosts),
+	STAILQ_FIRST(role->runasusers), STAILQ_FIRST(role->runasgroups),
+	STAILQ_FIRST(role->cmnds), STAILQ_FIRST(role->options),
+	role->notbefore, role->notafter, true, store_options,
+	sudoers_string_iter);
+    if (priv == NULL) {
+	sudo_fatalx(U_("%s: %s"), __func__,
+	    U_("unable to allocate memory"));
+    }
+
+    if (reuse_privilege) {
+	/* Hostspec unchanged, append cmndlist to previous privilege. */
+	struct privilege *prev_priv = TAILQ_LAST(&us->privileges, privilege_list);
+	if (reuse_runas) {
+	    /* Runas users and groups same if as in previous privilege. */
+	    struct member_list *runasuserlist =
+		TAILQ_FIRST(&prev_priv->cmndlist)->runasuserlist;
+	    struct member_list *runasgrouplist =
+		TAILQ_FIRST(&prev_priv->cmndlist)->runasgrouplist;
+	    struct cmndspec *cmndspec = TAILQ_FIRST(&priv->cmndlist);
+
+	    /* Free duplicate runas lists. */
+	    if (cmndspec->runasuserlist != NULL) {
+		free_members(cmndspec->runasuserlist);
+		free(cmndspec->runasuserlist);
+	    }
+	    if (cmndspec->runasgrouplist != NULL) {
+		free_members(cmndspec->runasgrouplist);
+		free(cmndspec->runasgrouplist);
+	    }
+
+	    /* Update cmndspec with previous runas lists. */
+	    TAILQ_FOREACH(cmndspec, &priv->cmndlist, entries) {
+		cmndspec->runasuserlist = runasuserlist;
+		cmndspec->runasgrouplist = runasgrouplist;
+	    }
+	}
+	TAILQ_CONCAT(&prev_priv->cmndlist, &priv->cmndlist, entries);
+	free_privilege(priv);
+    } else {
+	TAILQ_INSERT_TAIL(&us->privileges, priv, entries);
+    }
+
+    /* Add finished userspec to the list if new. */
+    if (!reuse_userspec)
+	TAILQ_INSERT_TAIL(&parse_tree->userspecs, us, entries);
+
+    debug_return;
+}
+
+/*
+ * Convert the list of sudoRoles to sudoers format and store in the parse tree.
+ */
+static void
+ldif_to_sudoers(struct sudoers_parse_tree *parse_tree,
+    struct sudo_role_list *roles, unsigned int numroles, bool store_options)
+{
+    struct sudo_role **role_array, *role = NULL;
+    unsigned int n;
+    debug_decl(ldif_to_sudoers, SUDOERS_DEBUG_UTIL)
+
+    /* Convert from list of roles to array and sort by order. */
+    role_array = reallocarray(NULL, numroles + 1, sizeof(*role_array));
+    for (n = 0; n < numroles; n++) {
+	if ((role = STAILQ_FIRST(roles)) == NULL)
+	    break;	/* cannot happen */
+	STAILQ_REMOVE_HEAD(roles, entries);
+	role_array[n] = role;
+    }
+    role_array[n] = NULL;
+    qsort(role_array, numroles, sizeof(*role_array), role_order_cmp);
+
+    /*
+     * Iterate over roles in sorted order, converting to sudoers.
+     */
+    for (n = 0; n < numroles; n++) {
+	bool reuse_userspec = false;
+	bool reuse_privilege = false;
+	bool reuse_runas = false;
+
+	role = role_array[n];
+
+	/* Check whether we can reuse the previous user and host specs */
+	if (n > 0 && role->users == role_array[n - 1]->users) {
+	    reuse_userspec = true;
+
+	    /*
+	     * Since options are stored per-privilege we can't
+	     * append to the previous privilege's cmndlist if
+	     * we are storing options.
+	     */
+	    if (!store_options) {
+		if (role->hosts == role_array[n - 1]->hosts) {
+		    reuse_privilege = true;
+
+		    /* Reuse runasusers and runasgroups if possible. */
+		    if (role->runasusers == role_array[n - 1]->runasusers &&
+			role->runasgroups == role_array[n - 1]->runasgroups)
+			reuse_runas = true;
+		}
+	    }
+	}
+
+	role_to_sudoers(parse_tree, role, store_options, reuse_userspec,
+	    reuse_privilege, reuse_runas);
+    }
+
+    /* Clean up. */
+    for (n = 0; n < numroles; n++)
+	sudo_role_free(role_array[n]);
+    free(role_array);
+
+    debug_return;
+}
+
+/*
+ * Given a cn with possible quoted characters, return a copy of
+ * the cn with quote characters ('\\') removed.
+ * The caller is responsible for freeing the returned string.
+ */
+static
+char *unquote_cn(const char *src)
+{
+    char *dst, *new_cn;
+    size_t len;
+    debug_decl(unquote_cn, SUDOERS_DEBUG_UTIL)
+
+    len = strlen(src);
+    if ((new_cn = malloc(len + 1)) == NULL)
+	debug_return_str(NULL);
+
+    for (dst = new_cn; *src != '\0';) {
+	if (src[0] == '\\' && src[1] != '\0')
+	    src++;
+	*dst++ = *src++;
+    }
+    *dst = '\0';
+
+    debug_return_str(new_cn);
+}
+
+/*
+ * Parse a sudoers file in LDIF format, https://tools.ietf.org/html/rfc2849
+ * Parsed sudoRole objects are stored in the specified parse_tree which
+ * must already be initialized.
+ */
+bool
+sudoers_parse_ldif(struct sudoers_parse_tree *parse_tree,
+    FILE *fp, const char *sudoers_base, bool store_options)
+{
+    struct sudo_role_list roles = STAILQ_HEAD_INITIALIZER(roles);
+    struct sudo_role *role = NULL;
+    struct rbtree *usercache, *groupcache, *hostcache;
+    unsigned numroles = 0;
+    bool in_role = false;
+    size_t linesize = 0;
+    char *attr, *line = NULL, *savedline = NULL;
+    ssize_t savedlen = 0;
+    bool mismatch = false;
+    debug_decl(sudoers_parse_ldif, SUDOERS_DEBUG_UTIL)
+
+    /* Free old contents of the parse tree (if any). */
+    free_parse_tree(parse_tree);
+
+    /*
+     * We cache user, group and host lists to make it eay to detect when there
+     * are identical lists (simple pointer compare).  This makes it possible
+     * to merge multiplpe sudoRole objects into a single UserSpec and/or
+     * Privilege.  The lists are sorted since LDAP order is arbitrary.
+     */
+    usercache = rbcreate(str_list_cmp);
+    groupcache = rbcreate(str_list_cmp);
+    hostcache = rbcreate(str_list_cmp);
+    if (usercache == NULL || groupcache == NULL || hostcache == NULL)
+	sudo_fatalx(U_("%s: %s"), __func__, U_("unable to allocate memory"));
+
+    /* Read through input, parsing into sudo_roles and global defaults. */
+    for (;;) {
+	int ch;
+	ssize_t len = getline(&line, &linesize, fp);
+
+	/* Trim trailing return or newline. */
+	while (len > 0 && (line[len - 1] == '\r' || line[len - 1] == '\n'))
+	    line[--len] = '\0';
+
+	/* Blank line or EOF terminates an entry. */
+	if (len <= 0) {
+	    if (in_role) {
+		if (role->cn != NULL && strcmp(role->cn, "defaults") == 0) {
+		    ldif_store_options(parse_tree, role->options);
+		    sudo_role_free(role);
+		} else if (STAILQ_EMPTY(role->users) ||
+		    STAILQ_EMPTY(role->hosts) || STAILQ_EMPTY(role->cmnds)) {
+		    /* Incomplete role. */
+		    sudo_warnx(U_("ignoring incomplete sudoRole: cn: %s"),
+			role->cn ? role->cn : "UNKNOWN");
+		    sudo_role_free(role);
+		} else {
+		    /* Cache users, hosts, runasusers and runasgroups. */
+		    if (str_list_cache(usercache, &role->users) == -1 ||
+			str_list_cache(hostcache, &role->hosts) == -1 ||
+			str_list_cache(usercache, &role->runasusers) == -1 ||
+			str_list_cache(groupcache, &role->runasgroups) == -1) {
+			sudo_fatalx(U_("%s: %s"), __func__,
+			    U_("unable to allocate memory"));
+		    }
+
+		    /* Store finished role. */
+		    STAILQ_INSERT_TAIL(&roles, role, entries);
+		    numroles++;
+		}
+		role = NULL;
+		in_role = false;
+	    }
+	    if (len == -1) {
+		/* EOF */
+		break;
+	    }
+	    mismatch = false;
+	    continue;
+	}
+
+	if (savedline != NULL) {
+	    char *tmp;
+
+	    /* Append to saved line. */
+	    linesize = savedlen + len + 1;
+	    if ((tmp = realloc(savedline, linesize)) == NULL) {
+		sudo_fatalx(U_("%s: %s"), __func__,
+		    U_("unable to allocate memory"));
+	    }
+	    memcpy(tmp + savedlen, line, len + 1);
+	    free(line);
+	    line = tmp;
+	    savedline = NULL;
+	} else {
+	    /* Skip comment lines or records that don't match the base. */
+	    if (*line == '#' || mismatch)
+		continue;
+	}
+
+	/* Check for folded line */
+	if ((ch = getc(fp)) == ' ') {
+	    /* folded line, append to the saved portion. */
+	    savedlen = len;
+	    savedline = line;
+	    line = NULL;
+	    linesize = 0;
+	    continue;
+	} else {
+	    /* not folded, push back ch */
+	    ungetc(ch, fp);
+	}
+
+	/* Parse dn and objectClass. */
+	if (strncasecmp(line, "dn:", 3) == 0) {
+	    /* Compare dn to base, if specified. */
+	    if (sudoers_base != NULL) {
+		attr = ldif_parse_attribute(line + 3);
+		if (attr == NULL) {
+		    /* invalid attribute */
+		    mismatch = true;
+		    continue;
+		}
+		/* Skip over cn if present. */
+		if (strncasecmp(attr, "cn=", 3) == 0) {
+		    for (attr += 3; *attr != '\0'; attr++) {
+			/* Handle escaped ',' chars. */
+			if (*attr == '\\')
+			    attr++;
+			if (*attr == ',') {
+			    attr++;
+			    break;
+			}
+		    }
+		}
+		if (strcasecmp(attr, sudoers_base) != 0) {
+		    /* Doesn't match base, skip the rest of it. */
+		    mismatch = true;
+		    continue;
+		}
+	    }
+	} else if (strncmp(line, "objectClass:", 12) == 0) {
+	    attr = ldif_parse_attribute(line + 12);
+	    if (attr != NULL && strcmp(attr, "sudoRole") == 0) {
+		/* Allocate new role as needed. */
+		if (role == NULL) {
+		    if ((role = sudo_role_alloc()) == NULL) {
+			sudo_fatalx(U_("%s: %s"), __func__,
+			    U_("unable to allocate memory"));
+		    }
+		}
+		in_role = true;
+	    }
+	}
+
+	/* Not in a sudoRole, keep reading. */
+	if (!in_role)
+	    continue;
+
+	/* Part of a sudoRole, parse it. */
+	if (strncmp(line, "cn:", 3) == 0) {
+	    attr = ldif_parse_attribute(line + 3);
+	    if (attr != NULL) {
+		free(role->cn);
+		role->cn = unquote_cn(attr);
+		if (role->cn == NULL) {
+		    sudo_fatalx(U_("%s: %s"), __func__,
+			U_("unable to allocate memory"));
+		}
+	    }
+	} else if (strncmp(line, "sudoUser:", 9) == 0) {
+	    attr = ldif_parse_attribute(line + 9);
+	    if (attr != NULL)
+		ldif_store_string(attr, role->users, true);
+	} else if (strncmp(line, "sudoHost:", 9) == 0) {
+	    attr = ldif_parse_attribute(line + 9);
+	    if (attr != NULL)
+		ldif_store_string(attr, role->hosts, true);
+	} else if (strncmp(line, "sudoRunAs:", 10) == 0) {
+	    attr = ldif_parse_attribute(line + 10);
+	    if (attr != NULL)
+		ldif_store_string(attr, role->runasusers, true);
+	} else if (strncmp(line, "sudoRunAsUser:", 14) == 0) {
+	    attr = ldif_parse_attribute(line + 14);
+	    if (attr != NULL)
+		ldif_store_string(attr, role->runasusers, true);
+	} else if (strncmp(line, "sudoRunAsGroup:", 15) == 0) {
+	    attr = ldif_parse_attribute(line + 15);
+	    if (attr != NULL)
+		ldif_store_string(attr, role->runasgroups, true);
+	} else if (strncmp(line, "sudoCommand:", 12) == 0) {
+	    attr = ldif_parse_attribute(line + 12);
+	    if (attr != NULL)
+		ldif_store_string(attr, role->cmnds, false);
+	} else if (strncmp(line, "sudoOption:", 11) == 0) {
+	    attr = ldif_parse_attribute(line + 11);
+	    if (attr != NULL)
+		ldif_store_string(attr, role->options, false);
+	} else if (strncmp(line, "sudoOrder:", 10) == 0) {
+	    char *ep;
+	    attr = ldif_parse_attribute(line + 10);
+	    if (attr != NULL) {
+		role->order = strtod(attr, &ep);
+		if (ep == attr || *ep != '\0')
+		    sudo_warnx(U_("invalid sudoOrder attribute: %s"), attr);
+	    }
+	} else if (strncmp(line, "sudoNotBefore:", 14) == 0) {
+	    attr = ldif_parse_attribute(line + 14);
+	    if (attr != NULL) {
+		free(role->notbefore);
+		role->notbefore = strdup(attr);
+		if (role->notbefore == NULL) {
+		    sudo_fatalx(U_("%s: %s"), __func__,
+			U_("unable to allocate memory"));
+		}
+	    }
+	} else if (strncmp(line, "sudoNotAfter:", 13) == 0) {
+	    attr = ldif_parse_attribute(line + 13);
+	    if (attr != NULL) {
+		free(role->notafter);
+		role->notafter = strdup(attr);
+		if (role->notafter == NULL) {
+		    sudo_fatalx(U_("%s: %s"), __func__,
+			U_("unable to allocate memory"));
+		}
+	    }
+	}
+    }
+    sudo_role_free(role);
+    free(line);
+
+    /* Convert from roles to sudoers data structures. */
+    ldif_to_sudoers(parse_tree, &roles, numroles, store_options);
+
+    /* Clean up. */
+    rbdestroy(usercache, str_list_free);
+    rbdestroy(groupcache, str_list_free);
+    rbdestroy(hostcache, str_list_free);
+
+    if (fp != stdin)
+	fclose(fp);
+
+    debug_return_bool(true);
+}
diff --git a/plugins/sudoers/po/README b/plugins/sudoers/po/README
new file mode 100644
index 0000000..ff9b845
--- /dev/null
+++ b/plugins/sudoers/po/README
@@ -0,0 +1,14 @@
+NLS Translations for sudo are coordinated through the Translation
+Project, at http://translationproject.org/
+
+If you would like to contribute a translation for sudo, please join
+a translation team at the Translation Project instead of contributing
+a po file directly.  This will avoid duplicated work if there is
+already a translation in progress.  If you would like to become a
+member of a translation team, please follow the instructions at
+http://translationproject.org/html/translators.html
+
+The messages in sudo are split into two domains: sudo and sudoers.
+The former is used by the sudo front-end and utility functions.
+The latter is used by the sudoers policy and I/O logging plug-ins
+as well as the sudoers-specific commands visudo and sudoreplay.
diff --git a/plugins/sudoers/po/ca.mo b/plugins/sudoers/po/ca.mo
new file mode 100644
index 0000000..c6cf548
--- /dev/null
+++ b/plugins/sudoers/po/ca.mo
diff --git a/plugins/sudoers/po/ca.po b/plugins/sudoers/po/ca.po
new file mode 100644
index 0000000..bfa425f
--- /dev/null
+++ b/plugins/sudoers/po/ca.po
@@ -0,0 +1,2081 @@
+# Portable object template file for the sudoers plugin
+# This file is put in the public domain.
+# Walter Garcia-Fontes <walter.garcia@upf.edu>, 2016.
+#
+# Glossari
+#
+# principal - Es refereix a "Principals may represent users, network hosts, or network services. A principal that corresponds to a network host is called a host principal", s'ha traduït com a "principal".
+# tty - el terminal, això prové de l'acrònim en anglès per a teletip (tty) i ara s'usa per a un terminal obert on es pot entrar informació
+msgid ""
+msgstr ""
+"Project-Id-Version: sudoers 1.8.19b2\n"
+"Report-Msgid-Bugs-To: https://bugzilla.sudo.ws\n"
+"POT-Creation-Date: 2016-12-03 19:24-0700\n"
+"PO-Revision-Date: 2016-12-29 17:28+0100\n"
+"Last-Translator: Walter Garcia-Fontes <walter.garcia@upf.edu>\n"
+"Language-Team: Catalan <ca@dodds.net>\n"
+"Language: ca\n"
+"MIME-Version: 1.0\n"
+"Content-Type: text/plain; charset=UTF-8\n"
+"Content-Transfer-Encoding: 8bit\n"
+"X-Bugs: Report translation errors to the Language-Team address.\n"
+"Plural-Forms:  nplurals=2; plural=n != 1;\n"
+
+#: confstr.sh:1
+msgid "syntax error"
+msgstr "error de sintaxi"
+
+#: confstr.sh:2
+msgid "%p's password: "
+msgstr "contrasenya de %p: "
+
+#: confstr.sh:3
+msgid "[sudo] password for %p: "
+msgstr "[sudo] contrasenya per a %p: "
+
+#: confstr.sh:4
+msgid "Password: "
+msgstr "Contrasenya: "
+
+#: confstr.sh:5
+msgid "*** SECURITY information for %h ***"
+msgstr "*** Informació de SEGURETAT per a %h ***"
+
+#: confstr.sh:6
+msgid "Sorry, try again."
+msgstr "Ho sentim, proveu un altre cop."
+
+#: gram.y:186 gram.y:234 gram.y:241 gram.y:248 gram.y:255 gram.y:262
+#: gram.y:278 gram.y:301 gram.y:308 gram.y:315 gram.y:322 gram.y:329
+#: gram.y:384 gram.y:392 gram.y:402 gram.y:432 gram.y:439 gram.y:446
+#: gram.y:453 gram.y:565 gram.y:572 gram.y:581 gram.y:590 gram.y:607
+#: gram.y:663 gram.y:670 gram.y:677 gram.y:685 gram.y:781 gram.y:788
+#: gram.y:795 gram.y:802 gram.y:809 gram.y:835 gram.y:842 gram.y:849
+#: gram.y:972 gram.y:1148 gram.y:1155 plugins/sudoers/alias.c:124
+#: plugins/sudoers/alias.c:139 plugins/sudoers/auth/bsdauth.c:141
+#: plugins/sudoers/auth/kerb5.c:119 plugins/sudoers/auth/kerb5.c:145
+#: plugins/sudoers/auth/pam.c:443 plugins/sudoers/auth/rfc1938.c:109
+#: plugins/sudoers/auth/sia.c:59 plugins/sudoers/defaults.c:618
+#: plugins/sudoers/defaults.c:873 plugins/sudoers/defaults.c:1025
+#: plugins/sudoers/editor.c:64 plugins/sudoers/editor.c:82
+#: plugins/sudoers/editor.c:93 plugins/sudoers/env.c:234
+#: plugins/sudoers/gc.c:52 plugins/sudoers/group_plugin.c:134
+#: plugins/sudoers/interfaces.c:71 plugins/sudoers/iolog.c:805
+#: plugins/sudoers/iolog_path.c:167 plugins/sudoers/ldap.c:447
+#: plugins/sudoers/ldap.c:478 plugins/sudoers/ldap.c:530
+#: plugins/sudoers/ldap.c:563 plugins/sudoers/ldap.c:961
+#: plugins/sudoers/ldap.c:1157 plugins/sudoers/ldap.c:1168
+#: plugins/sudoers/ldap.c:1184 plugins/sudoers/ldap.c:1471
+#: plugins/sudoers/ldap.c:1631 plugins/sudoers/ldap.c:1713
+#: plugins/sudoers/ldap.c:1853 plugins/sudoers/ldap.c:1877
+#: plugins/sudoers/ldap.c:1966 plugins/sudoers/ldap.c:1981
+#: plugins/sudoers/ldap.c:2077 plugins/sudoers/ldap.c:2110
+#: plugins/sudoers/ldap.c:2263 plugins/sudoers/ldap.c:2360
+#: plugins/sudoers/ldap.c:3178 plugins/sudoers/ldap.c:3210
+#: plugins/sudoers/ldap.c:3519 plugins/sudoers/ldap.c:3547
+#: plugins/sudoers/ldap.c:3563 plugins/sudoers/ldap.c:3653
+#: plugins/sudoers/ldap.c:3669 plugins/sudoers/linux_audit.c:76
+#: plugins/sudoers/logging.c:188 plugins/sudoers/logging.c:450
+#: plugins/sudoers/logging.c:471 plugins/sudoers/logging.c:683
+#: plugins/sudoers/logging.c:941 plugins/sudoers/match.c:501
+#: plugins/sudoers/match.c:535 plugins/sudoers/match.c:572
+#: plugins/sudoers/match.c:770 plugins/sudoers/match.c:828
+#: plugins/sudoers/parse.c:236 plugins/sudoers/parse.c:248
+#: plugins/sudoers/parse.c:263 plugins/sudoers/parse.c:275
+#: plugins/sudoers/policy.c:405 plugins/sudoers/policy.c:632
+#: plugins/sudoers/prompt.c:93 plugins/sudoers/pwutil.c:139
+#: plugins/sudoers/pwutil.c:210 plugins/sudoers/pwutil.c:286
+#: plugins/sudoers/pwutil.c:457 plugins/sudoers/pwutil.c:522
+#: plugins/sudoers/pwutil.c:591 plugins/sudoers/pwutil.c:749
+#: plugins/sudoers/pwutil.c:806 plugins/sudoers/pwutil.c:851
+#: plugins/sudoers/pwutil.c:908 plugins/sudoers/sssd.c:162
+#: plugins/sudoers/sssd.c:194 plugins/sudoers/sssd.c:237
+#: plugins/sudoers/sssd.c:244 plugins/sudoers/sssd.c:280
+#: plugins/sudoers/sssd.c:390 plugins/sudoers/sssd.c:462
+#: plugins/sudoers/sssd.c:1053 plugins/sudoers/sssd.c:1234
+#: plugins/sudoers/sssd.c:1248 plugins/sudoers/sssd.c:1264
+#: plugins/sudoers/sudoers.c:261 plugins/sudoers/sudoers.c:271
+#: plugins/sudoers/sudoers.c:279 plugins/sudoers/sudoers.c:363
+#: plugins/sudoers/sudoers.c:660 plugins/sudoers/sudoers.c:775
+#: plugins/sudoers/sudoers.c:819 plugins/sudoers/sudoers_debug.c:107
+#: plugins/sudoers/sudoreplay.c:517 plugins/sudoers/sudoreplay.c:716
+#: plugins/sudoers/sudoreplay.c:828 plugins/sudoers/sudoreplay.c:868
+#: plugins/sudoers/sudoreplay.c:877 plugins/sudoers/sudoreplay.c:887
+#: plugins/sudoers/sudoreplay.c:895 plugins/sudoers/sudoreplay.c:899
+#: plugins/sudoers/sudoreplay.c:1055 plugins/sudoers/sudoreplay.c:1059
+#: plugins/sudoers/testsudoers.c:130 plugins/sudoers/testsudoers.c:216
+#: plugins/sudoers/testsudoers.c:233 plugins/sudoers/timestamp.c:374
+#: plugins/sudoers/timestamp.c:418 plugins/sudoers/timestamp.c:834
+#: plugins/sudoers/toke_util.c:56 plugins/sudoers/toke_util.c:109
+#: plugins/sudoers/toke_util.c:146 plugins/sudoers/visudo.c:152
+#: plugins/sudoers/visudo.c:309 plugins/sudoers/visudo.c:315
+#: plugins/sudoers/visudo.c:446 plugins/sudoers/visudo.c:624
+#: plugins/sudoers/visudo.c:964 plugins/sudoers/visudo.c:1030
+#: plugins/sudoers/visudo.c:1074 plugins/sudoers/visudo.c:1171
+#: plugins/sudoers/visudo_json.c:1035 toke.l:832 toke.l:932 toke.l:1090
+msgid "unable to allocate memory"
+msgstr "no es pot assignar memòria"
+
+#: gram.y:464
+msgid "a digest requires a path name"
+msgstr "au un resum li cal un nom de camí"
+
+#: gram.y:1148 gram.y:1155 plugins/sudoers/auth/pam.c:320
+#: plugins/sudoers/auth/pam.c:443 plugins/sudoers/auth/rfc1938.c:109
+#: plugins/sudoers/defaults.c:618 plugins/sudoers/defaults.c:873
+#: plugins/sudoers/defaults.c:1025 plugins/sudoers/editor.c:64
+#: plugins/sudoers/editor.c:82 plugins/sudoers/editor.c:93
+#: plugins/sudoers/env.c:234 plugins/sudoers/gc.c:52
+#: plugins/sudoers/group_plugin.c:134 plugins/sudoers/interfaces.c:71
+#: plugins/sudoers/iolog.c:805 plugins/sudoers/iolog_path.c:167
+#: plugins/sudoers/ldap.c:447 plugins/sudoers/ldap.c:478
+#: plugins/sudoers/ldap.c:530 plugins/sudoers/ldap.c:563
+#: plugins/sudoers/ldap.c:961 plugins/sudoers/ldap.c:1157
+#: plugins/sudoers/ldap.c:1168 plugins/sudoers/ldap.c:1184
+#: plugins/sudoers/ldap.c:1471 plugins/sudoers/ldap.c:1631
+#: plugins/sudoers/ldap.c:1713 plugins/sudoers/ldap.c:1853
+#: plugins/sudoers/ldap.c:1877 plugins/sudoers/ldap.c:1966
+#: plugins/sudoers/ldap.c:1981 plugins/sudoers/ldap.c:2077
+#: plugins/sudoers/ldap.c:2110 plugins/sudoers/ldap.c:2263
+#: plugins/sudoers/ldap.c:2360 plugins/sudoers/ldap.c:3178
+#: plugins/sudoers/ldap.c:3210 plugins/sudoers/ldap.c:3519
+#: plugins/sudoers/ldap.c:3546 plugins/sudoers/ldap.c:3562
+#: plugins/sudoers/ldap.c:3653 plugins/sudoers/ldap.c:3669
+#: plugins/sudoers/linux_audit.c:76 plugins/sudoers/logging.c:188
+#: plugins/sudoers/logging.c:450 plugins/sudoers/logging.c:471
+#: plugins/sudoers/logging.c:941 plugins/sudoers/match.c:500
+#: plugins/sudoers/match.c:534 plugins/sudoers/match.c:572
+#: plugins/sudoers/match.c:770 plugins/sudoers/match.c:827
+#: plugins/sudoers/parse.c:236 plugins/sudoers/parse.c:248
+#: plugins/sudoers/parse.c:263 plugins/sudoers/parse.c:275
+#: plugins/sudoers/policy.c:97 plugins/sudoers/policy.c:106
+#: plugins/sudoers/policy.c:115 plugins/sudoers/policy.c:139
+#: plugins/sudoers/policy.c:250 plugins/sudoers/policy.c:278
+#: plugins/sudoers/policy.c:287 plugins/sudoers/policy.c:326
+#: plugins/sudoers/policy.c:336 plugins/sudoers/policy.c:345
+#: plugins/sudoers/policy.c:354 plugins/sudoers/policy.c:405
+#: plugins/sudoers/policy.c:632 plugins/sudoers/prompt.c:93
+#: plugins/sudoers/pwutil.c:139 plugins/sudoers/pwutil.c:210
+#: plugins/sudoers/pwutil.c:286 plugins/sudoers/pwutil.c:457
+#: plugins/sudoers/pwutil.c:522 plugins/sudoers/pwutil.c:591
+#: plugins/sudoers/pwutil.c:749 plugins/sudoers/pwutil.c:806
+#: plugins/sudoers/pwutil.c:851 plugins/sudoers/pwutil.c:908
+#: plugins/sudoers/set_perms.c:356 plugins/sudoers/set_perms.c:695
+#: plugins/sudoers/set_perms.c:1054 plugins/sudoers/set_perms.c:1350
+#: plugins/sudoers/set_perms.c:1514 plugins/sudoers/sssd.c:162
+#: plugins/sudoers/sssd.c:194 plugins/sudoers/sssd.c:237
+#: plugins/sudoers/sssd.c:244 plugins/sudoers/sssd.c:280
+#: plugins/sudoers/sssd.c:390 plugins/sudoers/sssd.c:462
+#: plugins/sudoers/sssd.c:1053 plugins/sudoers/sssd.c:1233
+#: plugins/sudoers/sssd.c:1248 plugins/sudoers/sssd.c:1264
+#: plugins/sudoers/sudoers.c:261 plugins/sudoers/sudoers.c:271
+#: plugins/sudoers/sudoers.c:279 plugins/sudoers/sudoers.c:363
+#: plugins/sudoers/sudoers.c:660 plugins/sudoers/sudoers.c:775
+#: plugins/sudoers/sudoers.c:819 plugins/sudoers/sudoers_debug.c:106
+#: plugins/sudoers/sudoreplay.c:517 plugins/sudoers/sudoreplay.c:716
+#: plugins/sudoers/sudoreplay.c:828 plugins/sudoers/sudoreplay.c:868
+#: plugins/sudoers/sudoreplay.c:877 plugins/sudoers/sudoreplay.c:887
+#: plugins/sudoers/sudoreplay.c:895 plugins/sudoers/sudoreplay.c:899
+#: plugins/sudoers/sudoreplay.c:1055 plugins/sudoers/sudoreplay.c:1059
+#: plugins/sudoers/testsudoers.c:130 plugins/sudoers/testsudoers.c:216
+#: plugins/sudoers/testsudoers.c:233 plugins/sudoers/timestamp.c:374
+#: plugins/sudoers/timestamp.c:418 plugins/sudoers/timestamp.c:834
+#: plugins/sudoers/toke_util.c:56 plugins/sudoers/toke_util.c:109
+#: plugins/sudoers/toke_util.c:146 plugins/sudoers/visudo.c:152
+#: plugins/sudoers/visudo.c:309 plugins/sudoers/visudo.c:315
+#: plugins/sudoers/visudo.c:446 plugins/sudoers/visudo.c:624
+#: plugins/sudoers/visudo.c:964 plugins/sudoers/visudo.c:1030
+#: plugins/sudoers/visudo.c:1074 plugins/sudoers/visudo.c:1171
+#: plugins/sudoers/visudo_json.c:1035 toke.l:832 toke.l:932 toke.l:1090
+#, c-format
+msgid "%s: %s"
+msgstr "%s: %s"
+
+#: plugins/sudoers/alias.c:135
+#, c-format
+msgid "Alias \"%s\" already defined"
+msgstr "L'àlies «%s» ja està definit"
+
+#: plugins/sudoers/auth/bsdauth.c:68
+#, c-format
+msgid "unable to get login class for user %s"
+msgstr "no s'ha pogut obtenir la classe d'inici de sessió per a l'usuari %s"
+
+#: plugins/sudoers/auth/bsdauth.c:73
+msgid "unable to begin bsd authentication"
+msgstr "no s'ha pogut iniciar l'autenticació bsd"
+
+#: plugins/sudoers/auth/bsdauth.c:81
+msgid "invalid authentication type"
+msgstr "tipus no vàlida d'autenticació"
+
+#: plugins/sudoers/auth/bsdauth.c:90
+msgid "unable to initialize BSD authentication"
+msgstr "no s'ha pogut inicialitzar l'autenticació BSD"
+
+#: plugins/sudoers/auth/fwtk.c:52
+msgid "unable to read fwtk config"
+msgstr "no s'ha pogut llegir la configuració fwtk"
+
+#: plugins/sudoers/auth/fwtk.c:57
+msgid "unable to connect to authentication server"
+msgstr "no s'ha pogut connectar al servidor d'autenticació"
+
+#: plugins/sudoers/auth/fwtk.c:63 plugins/sudoers/auth/fwtk.c:87
+#: plugins/sudoers/auth/fwtk.c:121
+msgid "lost connection to authentication server"
+msgstr "s'ha perdut la connexió al servidor d'autenticació"
+
+#: plugins/sudoers/auth/fwtk.c:67
+#, c-format
+msgid ""
+"authentication server error:\n"
+"%s"
+msgstr ""
+"error de servidor d'autenticació:\n"
+"%s"
+
+#: plugins/sudoers/auth/kerb5.c:111
+#, c-format
+msgid "%s: unable to convert principal to string ('%s'): %s"
+msgstr "%s: no s'ha pogut convertir el principal a la cadena de caràcters ('%s'): %s"
+
+#: plugins/sudoers/auth/kerb5.c:161
+#, c-format
+msgid "%s: unable to parse '%s': %s"
+msgstr "%s: no s'ha pogut analitzar '%s': %s"
+
+#: plugins/sudoers/auth/kerb5.c:170
+#, c-format
+msgid "%s: unable to resolve credential cache: %s"
+msgstr "%s: no s'ha pogut resoldre el cau de credencials : %s"
+
+#: plugins/sudoers/auth/kerb5.c:217
+#, c-format
+msgid "%s: unable to allocate options: %s"
+msgstr "%s: no s'han pogut assignar les opcions: %s"
+
+#: plugins/sudoers/auth/kerb5.c:232
+#, c-format
+msgid "%s: unable to get credentials: %s"
+msgstr "%s: no s'ha pogut obtenir les credencials: %s"
+
+#: plugins/sudoers/auth/kerb5.c:245
+#, c-format
+msgid "%s: unable to initialize credential cache: %s"
+msgstr "%s: no s'ha pogut inicialitzar el cau de credencials: %s"
+
+#: plugins/sudoers/auth/kerb5.c:248
+#, c-format
+msgid "%s: unable to store credential in cache: %s"
+msgstr "%s: no s'ha pogut emmagatzemar la credencial al cau: %s"
+
+#: plugins/sudoers/auth/kerb5.c:312
+#, c-format
+msgid "%s: unable to get host principal: %s"
+msgstr "%s: no s'ha pogut obtenir el principal de l'amfitrió: %s"
+
+#: plugins/sudoers/auth/kerb5.c:326
+#, c-format
+msgid "%s: Cannot verify TGT! Possible attack!: %s"
+msgstr "%s: No s'ha pogut verificar TGT! Possible atac!: %s"
+
+#: plugins/sudoers/auth/pam.c:108
+msgid "unable to initialize PAM"
+msgstr "No s'ha pogut inicialitzar PAM"
+
+#: plugins/sudoers/auth/pam.c:194
+msgid "account validation failure, is your account locked?"
+msgstr "fallada de validació de compte, està bloquejat el vostre compte?"
+
+#: plugins/sudoers/auth/pam.c:198
+msgid "Account or password is expired, reset your password and try again"
+msgstr "Ha expirat el compte o la contrasenya, restabliu la vostra contrasenya i proveu un altre cop"
+
+#: plugins/sudoers/auth/pam.c:206
+#, c-format
+msgid "unable to change expired password: %s"
+msgstr "no s'ha pogut canviar la contrasenya expirada: %s"
+
+#: plugins/sudoers/auth/pam.c:211
+msgid "Password expired, contact your system administrator"
+msgstr "Ha expirat la contrasenya, contacteu el vostre administrador de sistema"
+
+#: plugins/sudoers/auth/pam.c:215
+msgid "Account expired or PAM config lacks an \"account\" section for sudo, contact your system administrator"
+msgstr "Ha expirat el compte o la configuració PAM no té una secció \"compte\" per a sudo, contacteu el vostre administrador de sistema"
+
+#: plugins/sudoers/auth/pam.c:229
+#, c-format
+msgid "PAM authentication error: %s"
+msgstr "Error d'autenticació PAM: %s"
+
+#: plugins/sudoers/auth/rfc1938.c:97 plugins/sudoers/visudo.c:226
+#, c-format
+msgid "you do not exist in the %s database"
+msgstr "no existiu a la base de dades %s"
+
+#: plugins/sudoers/auth/securid5.c:73
+msgid "failed to initialise the ACE API library"
+msgstr "ha fallat la inicialització de la biblioteca ACE API"
+
+#: plugins/sudoers/auth/securid5.c:99
+msgid "unable to contact the SecurID server"
+msgstr "no s'ha pogut contactar el servidor SecurID"
+
+#: plugins/sudoers/auth/securid5.c:108
+msgid "User ID locked for SecurID Authentication"
+msgstr "L'ID de l'usuari esta bloquejat per a Autenticació SecurID"
+
+#: plugins/sudoers/auth/securid5.c:112 plugins/sudoers/auth/securid5.c:163
+msgid "invalid username length for SecurID"
+msgstr "nom d'usuari no vàlid per a SecurID"
+
+#: plugins/sudoers/auth/securid5.c:116 plugins/sudoers/auth/securid5.c:168
+msgid "invalid Authentication Handle for SecurID"
+msgstr "Mànec d'Autenticació no vàlid per a SecurID"
+
+#: plugins/sudoers/auth/securid5.c:120
+msgid "SecurID communication failed"
+msgstr "Ha fallat la comunicació SecurID"
+
+#: plugins/sudoers/auth/securid5.c:124 plugins/sudoers/auth/securid5.c:213
+msgid "unknown SecurID error"
+msgstr "error desconegut de SecurID"
+
+#: plugins/sudoers/auth/securid5.c:158
+msgid "invalid passcode length for SecurID"
+msgstr "longitud no vàlida de contrasenya per a SecurID"
+
+#: plugins/sudoers/auth/sia.c:69 plugins/sudoers/auth/sia.c:125
+msgid "unable to initialize SIA session"
+msgstr "no s'ha pogut inicialitzar la sessió SIA"
+
+#: plugins/sudoers/auth/sudo_auth.c:126
+msgid "invalid authentication methods"
+msgstr "mètodes no vàlids d'autenticació"
+
+#: plugins/sudoers/auth/sudo_auth.c:128
+msgid "Invalid authentication methods compiled into sudo!  You may not mix standalone and non-standalone authentication."
+msgstr "Mètodes no vàlids d'autenticació compilats dins del sudo! No podeu barrejar l'autenticació independent i no independent."
+
+#: plugins/sudoers/auth/sudo_auth.c:224 plugins/sudoers/auth/sudo_auth.c:274
+msgid "no authentication methods"
+msgstr "no hi ha mètodes d'autenticació"
+
+#: plugins/sudoers/auth/sudo_auth.c:226
+msgid "There are no authentication methods compiled into sudo!  If you want to turn off authentication, use the --disable-authentication configure option."
+msgstr "No hi ha mètodes d'autenticació compilats dins del sudo! Si voleu deshabilitar l'autenticació, useu l'opció de configuració --disable-authentication"
+
+#: plugins/sudoers/auth/sudo_auth.c:276
+msgid "Unable to initialize authentication methods."
+msgstr "No s'han pogut inicialitzar els mètodes d'autenticació."
+
+#: plugins/sudoers/auth/sudo_auth.c:441
+msgid "Authentication methods:"
+msgstr "Mètodes d'autenticació:"
+
+#: plugins/sudoers/bsm_audit.c:111 plugins/sudoers/bsm_audit.c:200
+msgid "Could not determine audit condition"
+msgstr "No s'ha pogut determinar la condició d'auditoria"
+
+#: plugins/sudoers/bsm_audit.c:172 plugins/sudoers/bsm_audit.c:260
+msgid "unable to commit audit record"
+msgstr "no s'ha pogut validar el registre d'auditoria"
+
+#: plugins/sudoers/check.c:252
+msgid ""
+"\n"
+"We trust you have received the usual lecture from the local System\n"
+"Administrator. It usually boils down to these three things:\n"
+"\n"
+"    #1) Respect the privacy of others.\n"
+"    #2) Think before you type.\n"
+"    #3) With great power comes great responsibility.\n"
+"\n"
+msgstr ""
+"\n"
+"Confiem que heu rebut la llissó habitual de l'Administrador del\n"
+"Sistema. Generalment es resumeix en aquestes tres coses:\n"
+"\n"
+"    #1) Respecteu la privacitat dels altres.\n"
+"    #2) Penseu abans d'escriure.\n"
+"    #3) Tenir molt de poder està associat amb tenir molta responsabilitat.\n"
+"\n"
+
+#: plugins/sudoers/check.c:295 plugins/sudoers/check.c:305
+#: plugins/sudoers/sudoers.c:696 plugins/sudoers/sudoers.c:738
+#, c-format
+msgid "unknown uid: %u"
+msgstr "uid desconegut: %u"
+
+#: plugins/sudoers/check.c:300 plugins/sudoers/iolog.c:235
+#: plugins/sudoers/policy.c:805 plugins/sudoers/sudoers.c:1127
+#: plugins/sudoers/testsudoers.c:207 plugins/sudoers/testsudoers.c:365
+#, c-format
+msgid "unknown user: %s"
+msgstr "usuari desconegut: %s"
+
+#: plugins/sudoers/def_data.c:27
+#, c-format
+msgid "Syslog facility if syslog is being used for logging: %s"
+msgstr "Eina syslog si s'està usant syslog per als registres: %s"
+
+#: plugins/sudoers/def_data.c:31
+#, c-format
+msgid "Syslog priority to use when user authenticates successfully: %s"
+msgstr "Prioritat de syslog a usar quan l'usuari s'autentica amb èxit: %s"
+
+#: plugins/sudoers/def_data.c:35
+#, c-format
+msgid "Syslog priority to use when user authenticates unsuccessfully: %s"
+msgstr "Prioritat de syslog a usar quan l'usuari no té èxit a autenticar- %s"
+
+#: plugins/sudoers/def_data.c:39
+msgid "Put OTP prompt on its own line"
+msgstr "Poseu la pregunta OTP a la seva pròpia línia"
+
+#: plugins/sudoers/def_data.c:43
+msgid "Ignore '.' in $PATH"
+msgstr "Ignoreu '.' al $PATH"
+
+#: plugins/sudoers/def_data.c:47
+msgid "Always send mail when sudo is run"
+msgstr "Envia sempre correu electrònic quan s'executi sudo"
+
+#: plugins/sudoers/def_data.c:51
+msgid "Send mail if user authentication fails"
+msgstr "Envia correu electrònic si falla l'autenticació de l'usuari"
+
+#: plugins/sudoers/def_data.c:55
+msgid "Send mail if the user is not in sudoers"
+msgstr "Envia correu electrònic si l'usuari no està als sudoers"
+
+#: plugins/sudoers/def_data.c:59
+msgid "Send mail if the user is not in sudoers for this host"
+msgstr "Envia el correu electrònic si l'usuari no està als sudoers per a aquesta amfitrió"
+
+#: plugins/sudoers/def_data.c:63
+msgid "Send mail if the user is not allowed to run a command"
+msgstr "Envia correu electrònic si l'usuari no té permís per executar aquesta ordre"
+
+#: plugins/sudoers/def_data.c:67
+msgid "Send mail if the user tries to run a command"
+msgstr "Envia correu electrònic si l'usuari intenta executar una ordre"
+
+#: plugins/sudoers/def_data.c:71
+msgid "Use a separate timestamp for each user/tty combo"
+msgstr "Usa una marca horària separada per a cada combinació usuari/terminal"
+
+#: plugins/sudoers/def_data.c:75
+msgid "Lecture user the first time they run sudo"
+msgstr "Dóna una llissó a l'usuari cada cop que executi sudo"
+
+#: plugins/sudoers/def_data.c:79
+#, c-format
+msgid "File containing the sudo lecture: %s"
+msgstr "Fitxer que conté la llissó de sudo: %s"
+
+#: plugins/sudoers/def_data.c:83
+msgid "Require users to authenticate by default"
+msgstr "Requereix de forma predeterminada que els usuaris s'autentiquin"
+
+#: plugins/sudoers/def_data.c:87
+msgid "Root may run sudo"
+msgstr "L'usuari primari pot executar sudo"
+
+#: plugins/sudoers/def_data.c:91
+msgid "Log the hostname in the (non-syslog) log file"
+msgstr "Registra el nom del sistema amfitrió al fitxer de registre (que no és syslog)"
+
+#: plugins/sudoers/def_data.c:95
+msgid "Log the year in the (non-syslog) log file"
+msgstr "Registra l'any al fitxer de registre (que no és syslog)"
+
+#: plugins/sudoers/def_data.c:99
+msgid "If sudo is invoked with no arguments, start a shell"
+msgstr "Si sudo s'invoca sense arguments, inicia un intèrpret d'ordres"
+
+#: plugins/sudoers/def_data.c:103
+msgid "Set $HOME to the target user when starting a shell with -s"
+msgstr "Estableix $HOME per a l'usuari destí quan s'inicia un d'ordres amb -s"
+
+#: plugins/sudoers/def_data.c:107
+msgid "Always set $HOME to the target user's home directory"
+msgstr "Estableix sempre $HOME al directori de l'usuari destí"
+
+#: plugins/sudoers/def_data.c:111
+msgid "Allow some information gathering to give useful error messages"
+msgstr "Permet recollir alguna informació per donar missatges d'error útils"
+
+#: plugins/sudoers/def_data.c:115
+msgid "Require fully-qualified hostnames in the sudoers file"
+msgstr "Requereix noms de sistema amfitrió qualificats completament al sudoers"
+
+#: plugins/sudoers/def_data.c:119
+msgid "Insult the user when they enter an incorrect password"
+msgstr "Insulta a l'usuari quen entri una contrasenya incorrecta"
+
+#: plugins/sudoers/def_data.c:123
+msgid "Only allow the user to run sudo if they have a tty"
+msgstr "Permet a l'usuari executar sudo únicament si té un terminal"
+
+#: plugins/sudoers/def_data.c:127
+msgid "Visudo will honor the EDITOR environment variable"
+msgstr "Visudo tindrà en compte la variable d'entorn EDITOR"
+
+#: plugins/sudoers/def_data.c:131
+msgid "Prompt for root's password, not the users's"
+msgstr "Pregunta per la contrasenya de l'usuari primari, no la de l'usuari normal"
+
+#: plugins/sudoers/def_data.c:135
+msgid "Prompt for the runas_default user's password, not the users's"
+msgstr "Pregunta per la contrasenya de l'usuari runas_default, no la de l'usuari normal"
+
+#: plugins/sudoers/def_data.c:139
+msgid "Prompt for the target user's password, not the users's"
+msgstr "Pregunta per la contrasenya de l'usuari destí, no la de l'usuari normal"
+
+#: plugins/sudoers/def_data.c:143
+msgid "Apply defaults in the target user's login class if there is one"
+msgstr "Aplica els paràmetres predeterminats a la classe d'inici de sessió de l'usuari destí si hi ha una"
+
+#: plugins/sudoers/def_data.c:147
+msgid "Set the LOGNAME and USER environment variables"
+msgstr "Estableix les variables d'entorn LOGNAME i USER"
+
+#: plugins/sudoers/def_data.c:151
+msgid "Only set the effective uid to the target user, not the real uid"
+msgstr "Estableix únicament l'uid efectiu de l'usuari destí, no l'uid real"
+
+#: plugins/sudoers/def_data.c:155
+msgid "Don't initialize the group vector to that of the target user"
+msgstr "No inicialitzis el vector de grup perquè coincideixi amb el de l'usuari destí"
+
+#: plugins/sudoers/def_data.c:159
+#, c-format
+msgid "Length at which to wrap log file lines (0 for no wrap): %u"
+msgstr "longitud a la qual ajustar les línies del fitxer de registres (0 per a no ajustar): %u"
+
+#: plugins/sudoers/def_data.c:163
+#, c-format
+msgid "Authentication timestamp timeout: %.1f minutes"
+msgstr "Temps màxim d'espera per a la marca horària de l'autenticació: %.1f minuts"
+
+#: plugins/sudoers/def_data.c:167
+#, c-format
+msgid "Password prompt timeout: %.1f minutes"
+msgstr "Temps màxim d'espera per a la pregunta de la contrasenya: %.1f minuts"
+
+#: plugins/sudoers/def_data.c:171
+#, c-format
+msgid "Number of tries to enter a password: %u"
+msgstr "Nombre de intents per entrar una contrasenya: %u"
+
+#: plugins/sudoers/def_data.c:175
+#, c-format
+msgid "Umask to use or 0777 to use user's: 0%o"
+msgstr "Umask a usar o 0777 per usar la de l'usuari: 0%o"
+
+#: plugins/sudoers/def_data.c:179
+#, c-format
+msgid "Path to log file: %s"
+msgstr "Camí al fitxer de registre: %s"
+
+#: plugins/sudoers/def_data.c:183
+#, c-format
+msgid "Path to mail program: %s"
+msgstr "Camí al programa de correu electrònic: %s"
+
+#: plugins/sudoers/def_data.c:187
+#, c-format
+msgid "Flags for mail program: %s"
+msgstr "Indicadors per al programa de correu electrònic: %s"
+
+#: plugins/sudoers/def_data.c:191
+#, c-format
+msgid "Address to send mail to: %s"
+msgstr "Adreça per enviar correu electrònic: %s"
+
+#: plugins/sudoers/def_data.c:195
+#, c-format
+msgid "Address to send mail from: %s"
+msgstr "Adreça per enviar correu electrònic des de: %s"
+
+#: plugins/sudoers/def_data.c:199
+#, c-format
+msgid "Subject line for mail messages: %s"
+msgstr "Línia d'assumpte per als missatges de correu electrònic: %s"
+
+#: plugins/sudoers/def_data.c:203
+#, c-format
+msgid "Incorrect password message: %s"
+msgstr "Missatge de contrasenya incorrecta: %s"
+
+#: plugins/sudoers/def_data.c:207
+#, c-format
+msgid "Path to lecture status dir: %s"
+msgstr "Camí al directori d'estat de la llissó: %s"
+
+#: plugins/sudoers/def_data.c:211
+#, c-format
+msgid "Path to authentication timestamp dir: %s"
+msgstr "Camí del directori de marques horàries d'autenticació: %s"
+
+#: plugins/sudoers/def_data.c:215
+#, c-format
+msgid "Owner of the authentication timestamp dir: %s"
+msgstr "Propietari del directori de marques horàries d'autenticació: %s"
+
+#: plugins/sudoers/def_data.c:219
+#, c-format
+msgid "Users in this group are exempt from password and PATH requirements: %s"
+msgstr "Els usuaris d'aquest grup estan exempts dels requeriments  contrasenya i PATH: %s"
+
+#: plugins/sudoers/def_data.c:223
+#, c-format
+msgid "Default password prompt: %s"
+msgstr "Pregunta predeterminada de contrasenya: %s"
+
+#: plugins/sudoers/def_data.c:227
+msgid "If set, passprompt will override system prompt in all cases."
+msgstr "Si està establert, la pregunta de contrasenya primarà sobre la pregunta del sistema en tots els casos."
+
+#: plugins/sudoers/def_data.c:231
+#, c-format
+msgid "Default user to run commands as: %s"
+msgstr "Usuari predeterminat per executar ordres com a: %s"
+
+#: plugins/sudoers/def_data.c:235
+#, c-format
+msgid "Value to override user's $PATH with: %s"
+msgstr "Valor per anul·lar el $PATH de l'usuari amb: %s"
+
+#: plugins/sudoers/def_data.c:239
+#, c-format
+msgid "Path to the editor for use by visudo: %s"
+msgstr "Camí a l'editor a usar per visudo: %s"
+
+#: plugins/sudoers/def_data.c:243
+#, c-format
+msgid "When to require a password for 'list' pseudocommand: %s"
+msgstr "Quan requerir una contrasenya per a la pseudo-ordre 'list': %s"
+
+#: plugins/sudoers/def_data.c:247
+#, c-format
+msgid "When to require a password for 'verify' pseudocommand: %s"
+msgstr "Quan requerir una contrasenya per a la pseudo-ordre 'verify': %s"
+
+#: plugins/sudoers/def_data.c:251
+msgid "Preload the dummy exec functions contained in the sudo_noexec library"
+msgstr "Pre-carrega les funcions dummy exex contingudes a la biblioteca sudo_noexec"
+
+#: plugins/sudoers/def_data.c:255
+msgid "If LDAP directory is up, do we ignore local sudoers file"
+msgstr "Si el directori LDAP està actiu, ignorem el fitxer local sudoers?"
+
+#: plugins/sudoers/def_data.c:259
+#, c-format
+msgid "File descriptors >= %d will be closed before executing a command"
+msgstr "Els descriptors de fitxer >= %d es tancaran abans d'executar una ordre"
+
+#: plugins/sudoers/def_data.c:263
+msgid "If set, users may override the value of `closefrom' with the -C option"
+msgstr "Si està establert, els usuaris podran anul·lar el valor de `closeform' amb l'opció -C"
+
+#: plugins/sudoers/def_data.c:267
+msgid "Allow users to set arbitrary environment variables"
+msgstr "Permet als usuaris fixar variables arbitràries d'entorn"
+
+#: plugins/sudoers/def_data.c:271
+msgid "Reset the environment to a default set of variables"
+msgstr "Restableix l'entorn a un conjunt predeterminat de variables"
+
+#: plugins/sudoers/def_data.c:275
+msgid "Environment variables to check for sanity:"
+msgstr "Les variables d'entorn per comprovar la validesa:"
+
+#: plugins/sudoers/def_data.c:279
+msgid "Environment variables to remove:"
+msgstr "Variables d'entorn a suprimir:"
+
+#: plugins/sudoers/def_data.c:283
+msgid "Environment variables to preserve:"
+msgstr "Variables d'entorn a preservar:"
+
+#: plugins/sudoers/def_data.c:287
+#, c-format
+msgid "SELinux role to use in the new security context: %s"
+msgstr "Rol SELinux a usar al nou context de seguretat: %s"
+
+#: plugins/sudoers/def_data.c:291
+#, c-format
+msgid "SELinux type to use in the new security context: %s"
+msgstr "Tipus SELinux a usar al nou context de seguretat: %s"
+
+#: plugins/sudoers/def_data.c:295
+#, c-format
+msgid "Path to the sudo-specific environment file: %s"
+msgstr "Camí al fitxer d'entorn sudo-específic: %s"
+
+#: plugins/sudoers/def_data.c:299
+#, c-format
+msgid "Locale to use while parsing sudoers: %s"
+msgstr "Configuració local a usar quan s'estan analitzant els sudoers: %s"
+
+#: plugins/sudoers/def_data.c:303
+msgid "Allow sudo to prompt for a password even if it would be visible"
+msgstr "Permet a sudo preguntar per una contrasenya tot i que pugui ser visible"
+
+#: plugins/sudoers/def_data.c:307
+msgid "Provide visual feedback at the password prompt when there is user input"
+msgstr "Proveeix retroalimentació a la pregunta de contrasenya quan hi ha una entrada per l'usuari"
+
+#: plugins/sudoers/def_data.c:311
+msgid "Use faster globbing that is less accurate but does not access the filesystem"
+msgstr "Usa una expansió que és menys precisa però no accedeix el sistema de fitxers"
+
+#: plugins/sudoers/def_data.c:315
+msgid "The umask specified in sudoers will override the user's, even if it is more permissive"
+msgstr "Els permisos umask als sudoers anul·larà els permisos de l'usuari, tot i que siguin més permissius"
+
+#: plugins/sudoers/def_data.c:319
+msgid "Log user's input for the command being run"
+msgstr "Registra l'entrada feta per l'usuari per a l'ordre que s'està executant"
+
+#: plugins/sudoers/def_data.c:323
+msgid "Log the output of the command being run"
+msgstr "Registra la sortida de l'ordre que s'està executant"
+
+#: plugins/sudoers/def_data.c:327
+msgid "Compress I/O logs using zlib"
+msgstr "Comprimeix els registres d'entrada/sortida usant zlib"
+
+#: plugins/sudoers/def_data.c:331
+msgid "Always run commands in a pseudo-tty"
+msgstr "Executa sempre les ordres en un pseudo-terminal"
+
+#: plugins/sudoers/def_data.c:335
+#, c-format
+msgid "Plugin for non-Unix group support: %s"
+msgstr "Connector per a suport de grup no Unix: %s"
+
+#: plugins/sudoers/def_data.c:339
+#, c-format
+msgid "Directory in which to store input/output logs: %s"
+msgstr "Directori on arxivar els registres entrada/sortida: %s"
+
+#: plugins/sudoers/def_data.c:343
+#, c-format
+msgid "File in which to store the input/output log: %s"
+msgstr "Fitxer on arxivar el registre entrada/sortida: %s"
+
+#: plugins/sudoers/def_data.c:347
+msgid "Add an entry to the utmp/utmpx file when allocating a pty"
+msgstr "Afegeix una entrada al fitxer utmp/utmpx quan s'estigui assignant un pty"
+
+#: plugins/sudoers/def_data.c:351
+msgid "Set the user in utmp to the runas user, not the invoking user"
+msgstr "Estableix l'usuari a utmp perquè sigui l'usuari runas, no l'usuari invocant"
+
+#: plugins/sudoers/def_data.c:355
+msgid "Set of permitted privileges"
+msgstr "Conjunt de privilegis permesos"
+
+#: plugins/sudoers/def_data.c:359
+msgid "Set of limit privileges"
+msgstr "Conjunt de privilegis límit"
+
+#: plugins/sudoers/def_data.c:363
+msgid "Run commands on a pty in the background"
+msgstr "Executa les ordres a un pseudo-terminal (pty) al fons"
+
+#: plugins/sudoers/def_data.c:367
+msgid "PAM service name to use"
+msgstr "Nom del servei PAM a usar"
+
+#: plugins/sudoers/def_data.c:371
+msgid "PAM service name to use for login shells"
+msgstr "Nom del servei PAM a usar per a intèrprets d'ordres d'inici de sessió"
+
+#: plugins/sudoers/def_data.c:375
+msgid "Attempt to establish PAM credentials for the target user"
+msgstr "Intent d'establir credencials PAM per a l'usuari destí"
+
+#: plugins/sudoers/def_data.c:379
+msgid "Create a new PAM session for the command to run in"
+msgstr "Crea una nova sessió PAM on s'executi l'ordre"
+
+#: plugins/sudoers/def_data.c:383
+#, c-format
+msgid "Maximum I/O log sequence number: %u"
+msgstr "Número màxim de seqüència de registre d'entrada/sortida: %u"
+
+#: plugins/sudoers/def_data.c:387
+msgid "Enable sudoers netgroup support"
+msgstr "Habilita el suport de netgroup dels sudoers"
+
+#: plugins/sudoers/def_data.c:391
+msgid "Check parent directories for writability when editing files with sudoedit"
+msgstr "Comprova que el directori pare tingui permisos d'escriptura quan s'estiguin editant fitxers amb sudoedit"
+
+#: plugins/sudoers/def_data.c:395
+msgid "Follow symbolic links when editing files with sudoedit"
+msgstr "Segueix els enllaços simbòlics quan s'estiguin editant fitxers amb sudoedit"
+
+#: plugins/sudoers/def_data.c:399
+msgid "Query the group plugin for unknown system groups"
+msgstr "Consulta al connector de grups per grups desconeguts de sistema"
+
+#: plugins/sudoers/def_data.c:403
+msgid "Match netgroups based on the entire tuple: user, host and domain"
+msgstr "Fes concordar els grups de xarxa en base al conjunt sencer: usuari, amfitrió i domini"
+
+#: plugins/sudoers/def_data.c:407
+msgid "Allow commands to be run even if sudo cannot write to the audit log"
+msgstr "Permet que s'executin les ordres tot i que sudo no pot escriure al registre d'auditoria"
+
+#: plugins/sudoers/def_data.c:411
+msgid "Allow commands to be run even if sudo cannot write to the I/O log"
+msgstr "Permet que s'executin les ordres tot i que sudo no pot escriure al registre d'entrada/sortida"
+
+#: plugins/sudoers/def_data.c:415
+msgid "Allow commands to be run even if sudo cannot write to the log file"
+msgstr "Permet que s'executin les ordres tot i que sudo no pot escriure al fitxer de registre"
+
+#: plugins/sudoers/def_data.c:419
+msgid "Resolve groups in sudoers and match on the group ID, not the name"
+msgstr "Resol els grups a sudoers i fes concordar amb l'identificador de grup, no el nom"
+
+#: plugins/sudoers/def_data.c:423
+msgid "Log entries larger than this value will be split into multiple syslog messages"
+msgstr "Les entrades de registre més grans que aquest valor es dividiran en múltiples missatges de syslog"
+
+#: plugins/sudoers/def_data.c:427
+#, c-format
+msgid "User that will own the I/O log files: %s"
+msgstr "L'usuari que serà el propietari dels fitxers d'entrada/sortida: %s"
+
+#: plugins/sudoers/def_data.c:431
+#, c-format
+msgid "Group that will own the I/O log files: %s"
+msgstr "El grup que serà el propietari dels fitxers de registre d'entrada/sortida: %s"
+
+#: plugins/sudoers/def_data.c:435
+#, c-format
+msgid "File mode to use for the I/O log files: 0%o"
+msgstr "Mode de fitxer a usar per als fitxers de registre d'entrada/sortida: 0%o"
+
+#: plugins/sudoers/defaults.c:211
+#, c-format
+msgid "%s:%d unknown defaults entry \"%s\""
+msgstr "%s:%d entrada «%s» desconeguda de paràmetres predeterminats"
+
+#: plugins/sudoers/defaults.c:214
+#, c-format
+msgid "%s: unknown defaults entry \"%s\""
+msgstr "%s: entrada «%s» desconeguda de paràmetres predeterminats"
+
+#: plugins/sudoers/defaults.c:237
+#, c-format
+msgid "%s:%d no value specified for \"%s\""
+msgstr "%s:%d no s'ha especificat un valor per a «%s»"
+
+#: plugins/sudoers/defaults.c:240
+#, c-format
+msgid "%s: no value specified for \"%s\""
+msgstr "%s: no s'ha especificat un valor per a «%s»"
+
+#: plugins/sudoers/defaults.c:259
+#, c-format
+msgid "%s:%d values for \"%s\" must start with a '/'"
+msgstr "%s:%d els valors per a «%s» han de començar amb un «/»"
+
+#: plugins/sudoers/defaults.c:262
+#, c-format
+msgid "%s: values for \"%s\" must start with a '/'"
+msgstr "%s: els valors per a «%s» han de començar amb un «/»"
+
+#: plugins/sudoers/defaults.c:287
+#, c-format
+msgid "%s:%d option \"%s\" does not take a value"
+msgstr "%s:%d l'opció «%s» no pren un valor"
+
+#: plugins/sudoers/defaults.c:290
+#, c-format
+msgid "%s: option \"%s\" does not take a value"
+msgstr "%s: l'opció «%s» no pren un valor"
+
+#: plugins/sudoers/defaults.c:309
+#, c-format
+msgid "%s:%d invalid Defaults type 0x%x for option \"%s\""
+msgstr "%s:%d tipus de paràmetres predeterminats 0x%x per a l'opció «%s»"
+
+#: plugins/sudoers/defaults.c:312
+#, c-format
+msgid "%s: invalid Defaults type 0x%x for option \"%s\""
+msgstr "%s: tipus 0x%x no vàlid de paràmetres predeterminats per a l'opció «%s»"
+
+#: plugins/sudoers/defaults.c:322
+#, c-format
+msgid "%s:%d value \"%s\" is invalid for option \"%s\""
+msgstr "%s:%d el valor «%s» no és vàlid per a l'opció «%s»"
+
+#: plugins/sudoers/defaults.c:325
+#, c-format
+msgid "%s: value \"%s\" is invalid for option \"%s\""
+msgstr "%s: el valor «%s» no és vàlid per a l'opció «%s»"
+
+#: plugins/sudoers/env.c:296 plugins/sudoers/env.c:303
+#: plugins/sudoers/env.c:408 plugins/sudoers/ldap.c:451
+#: plugins/sudoers/ldap.c:541 plugins/sudoers/ldap.c:1253
+#: plugins/sudoers/ldap.c:1475 plugins/sudoers/ldap.c:1801
+#: plugins/sudoers/linux_audit.c:82 plugins/sudoers/logging.c:946
+#: plugins/sudoers/policy.c:523 plugins/sudoers/policy.c:533
+#: plugins/sudoers/prompt.c:161 plugins/sudoers/sudoers.c:841
+#: plugins/sudoers/testsudoers.c:237 plugins/sudoers/toke_util.c:158
+#, c-format
+msgid "internal error, %s overflow"
+msgstr "error intern, desbordament de %s"
+
+#: plugins/sudoers/env.c:377
+msgid "sudo_putenv: corrupted envp, length mismatch"
+msgstr "sudo_putenv: envp corrupte, discordança de longitud"
+
+#: plugins/sudoers/env.c:1082
+msgid "unable to rebuild the environment"
+msgstr "no s'ha pogut reconstruir l'entorn"
+
+#: plugins/sudoers/env.c:1156
+#, c-format
+msgid "sorry, you are not allowed to set the following environment variables: %s"
+msgstr "ho sentim, no teniu permís d'establir les següents variables d'entorn: %s"
+
+#: plugins/sudoers/group_plugin.c:86
+#, c-format
+msgid "%s must be owned by uid %d"
+msgstr "%s ha de ser propietat de l'uid %d"
+
+#: plugins/sudoers/group_plugin.c:90
+#, c-format
+msgid "%s must only be writable by owner"
+msgstr "%s ha de ser modificable sols pel seu propietari"
+
+#: plugins/sudoers/group_plugin.c:98 plugins/sudoers/sssd.c:398
+#, c-format
+msgid "unable to load %s: %s"
+msgstr "no s'ha pogut carregar %s: %s"
+
+#: plugins/sudoers/group_plugin.c:104
+#, c-format
+msgid "unable to find symbol \"group_plugin\" in %s"
+msgstr "no s'ha pogut trobar el símbol \"group_plugin\" a %s"
+
+#: plugins/sudoers/group_plugin.c:109
+#, c-format
+msgid "%s: incompatible group plugin major version %d, expected %d"
+msgstr "%s: connector incompatible de group versió principal %d, s'esperava %d"
+
+#: plugins/sudoers/interfaces.c:79 plugins/sudoers/interfaces.c:96
+#, c-format
+msgid "unable to parse IP address \"%s\""
+msgstr "no s'ha pogut analitzar l'adreça IP «%s»"
+
+#: plugins/sudoers/interfaces.c:84 plugins/sudoers/interfaces.c:101
+#, c-format
+msgid "unable to parse netmask \"%s\""
+msgstr "no s'ha pogut analitzar la màscara de xarxa «%s»"
+
+#: plugins/sudoers/interfaces.c:129
+msgid "Local IP address and netmask pairs:\n"
+msgstr "Adreça local IP i parelles netmask:\n"
+
+#: plugins/sudoers/iolog.c:99 plugins/sudoers/mkdir_parents.c:78
+#, c-format
+msgid "%s exists but is not a directory (0%o)"
+msgstr "%s existeix però no és un directori (0%o)"
+
+#: plugins/sudoers/iolog.c:126 plugins/sudoers/iolog.c:170
+#: plugins/sudoers/mkdir_parents.c:65 plugins/sudoers/timestamp.c:167
+#, c-format
+msgid "unable to mkdir %s"
+msgstr "no s'ha pogut mkdir %s"
+
+#: plugins/sudoers/iolog.c:269 plugins/sudoers/sudoers.c:1158
+#: plugins/sudoers/testsudoers.c:389
+#, c-format
+msgid "unknown group: %s"
+msgstr "grup desconegut: %s"
+
+#: plugins/sudoers/iolog.c:356 plugins/sudoers/sudoers.c:897
+#: plugins/sudoers/sudoreplay.c:304 plugins/sudoers/sudoreplay.c:817
+#: plugins/sudoers/sudoreplay.c:1021 plugins/sudoers/timestamp.c:383
+#: plugins/sudoers/visudo.c:951 plugins/sudoers/visudo_json.c:1011
+#: plugins/sudoers/visudo_json.c:1024
+#, c-format
+msgid "unable to open %s"
+msgstr "no s'ha pogut obrir %s"
+
+#: plugins/sudoers/iolog.c:399 plugins/sudoers/sudoers.c:901
+#: plugins/sudoers/sudoreplay.c:1132
+#, c-format
+msgid "unable to read %s"
+msgstr "no s'ha pogut llegir %s"
+
+#: plugins/sudoers/iolog.c:435 plugins/sudoers/sudoreplay.c:598
+#: plugins/sudoers/timestamp.c:282 plugins/sudoers/timestamp.c:285
+#, c-format
+msgid "unable to write to %s"
+msgstr "no s'ha pogut escriure a %s"
+
+#: plugins/sudoers/iolog.c:509 plugins/sudoers/iolog.c:727
+#, c-format
+msgid "unable to create %s"
+msgstr "no s'ha pogut crear %s"
+
+#: plugins/sudoers/iolog.c:895 plugins/sudoers/iolog.c:976
+#, c-format
+msgid "unable to write to I/O log file: %s"
+msgstr "no s'ha pogut escriure al fitxer de registre d'entrada/sortida: %s"
+
+#: plugins/sudoers/iolog.c:927
+#, c-format
+msgid "%s: internal error, file index %d not open"
+msgstr "%s: error intern, l'índex %d de fitxers no està obert"
+
+#: plugins/sudoers/ldap.c:429
+msgid "sudo_ldap_conf_add_ports: port too large"
+msgstr "sudo_ldap_conf_add_ports: el port és massa gran"
+
+#: plugins/sudoers/ldap.c:489
+#, c-format
+msgid "unsupported LDAP uri type: %s"
+msgstr "tipus d'uri LDAP no suportat: %s"
+
+#: plugins/sudoers/ldap.c:516
+msgid "unable to mix ldap and ldaps URIs"
+msgstr "no s'han pogut barrejar el ldap i els ldaps URIs "
+
+#: plugins/sudoers/ldap.c:520 plugins/sudoers/ldap.c:556
+msgid "starttls not supported when using ldaps"
+msgstr "starttls no suportat quan s'està usant ldaps"
+
+#: plugins/sudoers/ldap.c:627
+#, c-format
+msgid "unable to initialize SSL cert and key db: %s"
+msgstr "no s'ha pogut inicialitzar el certificat SSL i la clau db: %s"
+
+#: plugins/sudoers/ldap.c:630
+#, c-format
+msgid "you must set TLS_CERT in %s to use SSL"
+msgstr "heu d'establir TLS_CERT a %s per usar SSL"
+
+#: plugins/sudoers/ldap.c:1239
+msgid "unable to get GMT time"
+msgstr "no s'ha pogut obtenir l'hora GMT"
+
+#: plugins/sudoers/ldap.c:1245
+msgid "unable to format timestamp"
+msgstr "no s'ha pogut donar format a la marca horària"
+
+#: plugins/sudoers/ldap.c:1956
+#, c-format
+msgid "%s: %s: %s: %s"
+msgstr "%s: %s: %s: %s"
+
+#: plugins/sudoers/ldap.c:2504
+#, c-format
+msgid ""
+"\n"
+"LDAP Role: %s\n"
+msgstr ""
+"\n"
+"Rol LDAP: %s\n"
+
+#: plugins/sudoers/ldap.c:2506
+#, c-format
+msgid ""
+"\n"
+"LDAP Role: UNKNOWN\n"
+msgstr ""
+"\n"
+"Rol LDAP: DESCONEGUT\n"
+
+#: plugins/sudoers/ldap.c:2562
+#, c-format
+msgid "    Order: %s\n"
+msgstr "    Ordre: %s\n"
+
+#: plugins/sudoers/ldap.c:2570 plugins/sudoers/parse.c:556
+#: plugins/sudoers/sssd.c:1626
+#, c-format
+msgid "    Commands:\n"
+msgstr "    Ordres:\n"
+
+#: plugins/sudoers/ldap.c:3130
+#, c-format
+msgid "unable to initialize LDAP: %s"
+msgstr "no s'ha pogut inicialitzar LDAP: %s"
+
+#: plugins/sudoers/ldap.c:3166
+msgid "start_tls specified but LDAP libs do not support ldap_start_tls_s() or ldap_start_tls_s_np()"
+msgstr "s'ha especificat start_tls  però les biblioteques LDAP no donen suport a ldap_start_tls_s() o ldap_start_tls_s_np()"
+
+#: plugins/sudoers/ldap.c:3415
+#, c-format
+msgid "invalid sudoOrder attribute: %s"
+msgstr "atribut sudoOrder no vàlid: %s"
+
+#: plugins/sudoers/linux_audit.c:52
+msgid "unable to open audit system"
+msgstr "no s'ha pogut obrir el sistema d'auditoria"
+
+#: plugins/sudoers/linux_audit.c:93
+msgid "unable to send audit message"
+msgstr "no s'ha pogut enviar el missatge d'auditoria"
+
+#: plugins/sudoers/logging.c:106
+#, c-format
+msgid "%8s : %s"
+msgstr "%8s : %s"
+
+#: plugins/sudoers/logging.c:134
+#, c-format
+msgid "%8s : (command continued) %s"
+msgstr "%8s : (ordre continuada) %s"
+
+#: plugins/sudoers/logging.c:163
+#, c-format
+msgid "unable to open log file: %s"
+msgstr "no s'ha pogut obrir el fitxer de registre: %s"
+
+#: plugins/sudoers/logging.c:171
+#, c-format
+msgid "unable to lock log file: %s"
+msgstr "no s'ha pogut bloquejar el fitxer de registre: %s"
+
+#: plugins/sudoers/logging.c:204
+#, c-format
+msgid "unable to write log file: %s"
+msgstr "no s'ha pogut escriure el fitxer de registre: %s"
+
+#: plugins/sudoers/logging.c:233
+msgid "No user or host"
+msgstr "No hi ha usuari o amfitrió"
+
+#: plugins/sudoers/logging.c:235
+msgid "validation failure"
+msgstr "ha fallat la validació"
+
+#: plugins/sudoers/logging.c:242
+msgid "user NOT in sudoers"
+msgstr "l'usuari NO ESTÀ als sudoers"
+
+#: plugins/sudoers/logging.c:244
+msgid "user NOT authorized on host"
+msgstr "l'usuari NO està autoritzat a l'amfitrió"
+
+#: plugins/sudoers/logging.c:246
+msgid "command not allowed"
+msgstr "ordre no permesa"
+
+#: plugins/sudoers/logging.c:281
+#, c-format
+msgid "%s is not in the sudoers file.  This incident will be reported.\n"
+msgstr "%s no està al fitxer sudoers.  S'informarà d'aquest incident.\n"
+
+#: plugins/sudoers/logging.c:284
+#, c-format
+msgid "%s is not allowed to run sudo on %s.  This incident will be reported.\n"
+msgstr "%s no té permís per executar sudo a %s.  S'informarà d'aquest incident.\n"
+
+#: plugins/sudoers/logging.c:288
+#, c-format
+msgid "Sorry, user %s may not run sudo on %s.\n"
+msgstr "Ho sentim, l'usuari %s no pot executar sudo a %s.\n"
+
+#: plugins/sudoers/logging.c:291
+#, c-format
+msgid "Sorry, user %s is not allowed to execute '%s%s%s' as %s%s%s on %s.\n"
+msgstr "Ho sentim, l'usuari %s no pot executar '%s%s%s' com a %s%s%s a %s.\n"
+
+#: plugins/sudoers/logging.c:328 plugins/sudoers/sudoers.c:468
+#: plugins/sudoers/sudoers.c:470 plugins/sudoers/sudoers.c:472
+#: plugins/sudoers/sudoers.c:474 plugins/sudoers/sudoers.c:1247
+#: plugins/sudoers/sudoers.c:1249
+#, c-format
+msgid "%s: command not found"
+msgstr "%s: no s'ha trobar l'ordre"
+
+#: plugins/sudoers/logging.c:330 plugins/sudoers/sudoers.c:464
+#, c-format
+msgid ""
+"ignoring \"%s\" found in '.'\n"
+"Use \"sudo ./%s\" if this is the \"%s\" you wish to run."
+msgstr ""
+"s'ignorarà «%s» trobat a «.»\n"
+"Useu «sudo ./%s» si aquest és el «%s» que voleu executar."
+
+#: plugins/sudoers/logging.c:347
+msgid "authentication failure"
+msgstr "ha fallat l'autenticació"
+
+#: plugins/sudoers/logging.c:373
+msgid "a password is required"
+msgstr "es requereix una contrasenya"
+
+#: plugins/sudoers/logging.c:444 plugins/sudoers/logging.c:510
+#, c-format
+msgid "%u incorrect password attempt"
+msgid_plural "%u incorrect password attempts"
+msgstr[0] "%u intent incorrecte de contrasenya"
+msgstr[1] "%u intents incorrectes de contrasenya"
+
+#: plugins/sudoers/logging.c:597
+msgid "unable to fork"
+msgstr "no es pot bifurcar"
+
+#: plugins/sudoers/logging.c:605 plugins/sudoers/logging.c:657
+#, c-format
+msgid "unable to fork: %m"
+msgstr "no est pot bifurcar: %m"
+
+#: plugins/sudoers/logging.c:647
+#, c-format
+msgid "unable to open pipe: %m"
+msgstr "no es pot obrir la canonada: %m"
+
+#: plugins/sudoers/logging.c:672
+#, c-format
+msgid "unable to dup stdin: %m"
+msgstr "no es pot duplicar l'entrada estàndard: %m"
+
+#: plugins/sudoers/logging.c:710
+#, c-format
+msgid "unable to execute %s: %m"
+msgstr "no es pot executar %s: %m"
+
+#: plugins/sudoers/match.c:644
+#, c-format
+msgid "unsupported digest type %d for %s"
+msgstr "tipus de resum no suportat %d per a %s"
+
+#: plugins/sudoers/match.c:685
+#, c-format
+msgid "%s: read error"
+msgstr "%s: error de lectura"
+
+#: plugins/sudoers/match.c:720
+#, c-format
+msgid "digest for %s (%s) is not in %s form"
+msgstr "digest per a  %s (%s) no està en forma %s"
+
+#: plugins/sudoers/mkdir_parents.c:72 plugins/sudoers/sudoers.c:912
+#: plugins/sudoers/visudo.c:439 plugins/sudoers/visudo.c:715
+#, c-format
+msgid "unable to stat %s"
+msgstr "no s'ha pogut accedir %s"
+
+#: plugins/sudoers/parse.c:114
+#, c-format
+msgid "parse error in %s near line %d"
+msgstr "error d'anàlisi a %s a prop de la línia %d"
+
+#: plugins/sudoers/parse.c:117
+#, c-format
+msgid "parse error in %s"
+msgstr "error d'anàlisi a la línia %s"
+
+#: plugins/sudoers/parse.c:503
+#, c-format
+msgid ""
+"\n"
+"Sudoers entry:\n"
+msgstr ""
+"\n"
+"Entrada de sudoers:\n"
+
+#: plugins/sudoers/parse.c:504
+#, c-format
+msgid "    RunAsUsers: "
+msgstr "    RunAsUsers: "
+
+#: plugins/sudoers/parse.c:518
+#, c-format
+msgid "    RunAsGroups: "
+msgstr "    RunAsGroups: "
+
+#: plugins/sudoers/parse.c:527
+#, c-format
+msgid "    Options: "
+msgstr "    Opcions: "
+
+#: plugins/sudoers/policy.c:240 plugins/sudoers/testsudoers.c:260
+msgid "unable to parse network address list"
+msgstr "no s'ha pogut analitzar la llista d'adreces de xarxa"
+
+#: plugins/sudoers/policy.c:690 plugins/sudoers/visudo.c:889
+#, c-format
+msgid "unable to execute %s"
+msgstr "no s'ha pogut executar %s"
+
+#: plugins/sudoers/policy.c:823
+#, c-format
+msgid "Sudoers policy plugin version %s\n"
+msgstr "Versió del connector de política de sudoers %s\n"
+
+#: plugins/sudoers/policy.c:825
+#, c-format
+msgid "Sudoers file grammar version %d\n"
+msgstr "Versió de gramàtica del fitxer sudoers %d\n"
+
+#: plugins/sudoers/policy.c:829
+#, c-format
+msgid ""
+"\n"
+"Sudoers path: %s\n"
+msgstr ""
+"\n"
+"Camí del sudoers: %s\n"
+
+#: plugins/sudoers/policy.c:832
+#, c-format
+msgid "nsswitch path: %s\n"
+msgstr "camí del nsswitch: %s\n"
+
+#: plugins/sudoers/policy.c:834
+#, c-format
+msgid "ldap.conf path: %s\n"
+msgstr "camí de ldap.conf: %s\n"
+
+#: plugins/sudoers/policy.c:835
+#, c-format
+msgid "ldap.secret path: %s\n"
+msgstr "camí del ldap.secret: %s\n"
+
+#: plugins/sudoers/policy.c:868
+#, c-format
+msgid "unable to register hook of type %d (version %d.%d)"
+msgstr "no s'ha pogut registrar el lligam de tipus %d (versió %d.%d)"
+
+#: plugins/sudoers/pwutil.c:162 plugins/sudoers/pwutil.c:180
+#, c-format
+msgid "unable to cache uid %u, out of memory"
+msgstr "no s'ha pogut posar al cau l'uid %u, s'ha exhaurit la memòria"
+
+#: plugins/sudoers/pwutil.c:174
+#, c-format
+msgid "unable to cache uid %u, already exists"
+msgstr "no s'ha pogut posar l'uid %u al cau, ja existeix"
+
+#: plugins/sudoers/pwutil.c:234 plugins/sudoers/pwutil.c:251
+#: plugins/sudoers/pwutil.c:313 plugins/sudoers/pwutil.c:358
+#, c-format
+msgid "unable to cache user %s, out of memory"
+msgstr "no s'ha pogut posar l'usuari %s, s'ha exhaurit la memòria"
+
+#: plugins/sudoers/pwutil.c:246
+#, c-format
+msgid "unable to cache user %s, already exists"
+msgstr "no s'ha pogut posar l'usuari %s al cau, ja existeix"
+
+#: plugins/sudoers/pwutil.c:474 plugins/sudoers/pwutil.c:492
+#, c-format
+msgid "unable to cache gid %u, out of memory"
+msgstr "no s'ha pogut posar el gid %u al cau, s'ha exhaurit la memòria"
+
+#: plugins/sudoers/pwutil.c:486
+#, c-format
+msgid "unable to cache gid %u, already exists"
+msgstr "no s'ha pogut posar el gid %u al cau, ja existeix"
+
+#: plugins/sudoers/pwutil.c:540 plugins/sudoers/pwutil.c:557
+#: plugins/sudoers/pwutil.c:604 plugins/sudoers/pwutil.c:646
+#, c-format
+msgid "unable to cache group %s, out of memory"
+msgstr "no s'ha pogut posar el grup %s al cau, s'ha exhaurit"
+
+#: plugins/sudoers/pwutil.c:552
+#, c-format
+msgid "unable to cache group %s, already exists"
+msgstr "no s'ha pogut posar el grup %s al cau, ja existeix"
+
+#: plugins/sudoers/pwutil.c:772 plugins/sudoers/pwutil.c:824
+#: plugins/sudoers/pwutil.c:874 plugins/sudoers/pwutil.c:926
+#, c-format
+msgid "unable to cache group list for %s, already exists"
+msgstr "no s'ha pogut la llista de grups al cau per a %s, ja existeix"
+
+#: plugins/sudoers/pwutil.c:778 plugins/sudoers/pwutil.c:829
+#: plugins/sudoers/pwutil.c:880 plugins/sudoers/pwutil.c:931
+#, c-format
+msgid "unable to cache group list for %s, out of memory"
+msgstr "no s'ha pogut la llista de grups al cau per a %s,  s'ha exhaurit la memòria"
+
+#: plugins/sudoers/pwutil.c:818
+#, c-format
+msgid "unable to parse groups for %s"
+msgstr "no s'han pogut analitzar els grups per a %s"
+
+#: plugins/sudoers/pwutil.c:920
+#, c-format
+msgid "unable to parse gids for %s"
+msgstr "no s'han pogut analitzar els identificadors de grups per a %s"
+
+#: plugins/sudoers/set_perms.c:113 plugins/sudoers/set_perms.c:438
+#: plugins/sudoers/set_perms.c:841 plugins/sudoers/set_perms.c:1138
+#: plugins/sudoers/set_perms.c:1430
+msgid "perm stack overflow"
+msgstr "desbordament de la pila de permisos"
+
+#: plugins/sudoers/set_perms.c:121 plugins/sudoers/set_perms.c:369
+#: plugins/sudoers/set_perms.c:446 plugins/sudoers/set_perms.c:708
+#: plugins/sudoers/set_perms.c:849 plugins/sudoers/set_perms.c:1067
+#: plugins/sudoers/set_perms.c:1146 plugins/sudoers/set_perms.c:1363
+#: plugins/sudoers/set_perms.c:1438 plugins/sudoers/set_perms.c:1527
+msgid "perm stack underflow"
+msgstr "subdesbordament de la pila de permisos"
+
+#: plugins/sudoers/set_perms.c:180 plugins/sudoers/set_perms.c:492
+#: plugins/sudoers/set_perms.c:1197 plugins/sudoers/set_perms.c:1470
+msgid "unable to change to root gid"
+msgstr "no s'ha pogut canvir el gid de l'usuari primari"
+
+#: plugins/sudoers/set_perms.c:269 plugins/sudoers/set_perms.c:589
+#: plugins/sudoers/set_perms.c:978 plugins/sudoers/set_perms.c:1274
+msgid "unable to change to runas gid"
+msgstr "no s'ha pogut canviar el gid runas"
+
+#: plugins/sudoers/set_perms.c:274 plugins/sudoers/set_perms.c:594
+#: plugins/sudoers/set_perms.c:983 plugins/sudoers/set_perms.c:1279
+msgid "unable to set runas group vector"
+msgstr "no s'ha pogut configurar el vector de grup runas"
+
+#: plugins/sudoers/set_perms.c:285 plugins/sudoers/set_perms.c:605
+#: plugins/sudoers/set_perms.c:992 plugins/sudoers/set_perms.c:1288
+msgid "unable to change to runas uid"
+msgstr "no s'ha pogut canviar l'uid runas"
+
+#: plugins/sudoers/set_perms.c:303 plugins/sudoers/set_perms.c:623
+#: plugins/sudoers/set_perms.c:1008 plugins/sudoers/set_perms.c:1304
+msgid "unable to change to sudoers gid"
+msgstr "no s'ha pogut canvir el gid del sudoers"
+
+#: plugins/sudoers/set_perms.c:356 plugins/sudoers/set_perms.c:695
+#: plugins/sudoers/set_perms.c:1054 plugins/sudoers/set_perms.c:1350
+#: plugins/sudoers/set_perms.c:1514
+msgid "too many processes"
+msgstr "massa processos"
+
+#: plugins/sudoers/solaris_audit.c:51
+msgid "unable to get current working directory"
+msgstr "no s'ha pogut obtenir el directori actual de treball"
+
+#: plugins/sudoers/solaris_audit.c:59
+#, c-format
+msgid "truncated audit path user_cmnd: %s"
+msgstr "camí truncat d'auditoria use_cmd: %s"
+
+#: plugins/sudoers/solaris_audit.c:66
+#, c-format
+msgid "truncated audit path argv[0]: %s"
+msgstr "camí truncat d'auditoria argv[0]: %s"
+
+#: plugins/sudoers/solaris_audit.c:115
+msgid "audit_failure message too long"
+msgstr "missatge audit_failure massa llarg"
+
+#: plugins/sudoers/sssd.c:400
+msgid "unable to initialize SSS source. Is SSSD installed on your machine?"
+msgstr "no s'ha pogut inicialitzar la font del SSS. Està el SSSD instal·lat al vostre sistema?"
+
+#: plugins/sudoers/sssd.c:408 plugins/sudoers/sssd.c:417
+#: plugins/sudoers/sssd.c:426 plugins/sudoers/sssd.c:435
+#: plugins/sudoers/sssd.c:444
+#, c-format
+msgid "unable to find symbol \"%s\" in %s"
+msgstr "no s'ha pogut trobar el símbol \"%s\" a %s"
+
+#: plugins/sudoers/sssd.c:1541
+#, c-format
+msgid ""
+"\n"
+"SSSD Role: %s\n"
+msgstr ""
+"\n"
+"Rol SSDD: %s\n"
+
+#: plugins/sudoers/sssd.c:1546
+#, c-format
+msgid ""
+"\n"
+"SSSD Role: UNKNOWN\n"
+msgstr ""
+"\n"
+"Rol SSSD: DESCONEGUT\n"
+
+#: plugins/sudoers/sudo_nss.c:290
+#, c-format
+msgid "Matching Defaults entries for %s on %s:\n"
+msgstr "Entrades predeterminades concordants per a %s a %s:\n"
+
+#: plugins/sudoers/sudo_nss.c:308
+#, c-format
+msgid "Runas and Command-specific defaults for %s:\n"
+msgstr "Runas i valors predeterminats específics d'ordres per a %s:\n"
+
+#: plugins/sudoers/sudo_nss.c:326
+#, c-format
+msgid "User %s may run the following commands on %s:\n"
+msgstr "L'usuari %s pot executar les ordres següents a %s:\n"
+
+#: plugins/sudoers/sudo_nss.c:339
+#, c-format
+msgid "User %s is not allowed to run sudo on %s.\n"
+msgstr "L'usuari %s no té permisos per executar sudo a %s.\n"
+
+#: plugins/sudoers/sudoers.c:166 plugins/sudoers/testsudoers.c:246
+#: plugins/sudoers/visudo.c:232 plugins/sudoers/visudo.c:612
+#: plugins/sudoers/visudo.c:955
+msgid "unable to initialize sudoers default values"
+msgstr "no s'han pogut inicialitzar el valors predeterminats dels sudoers"
+
+#: plugins/sudoers/sudoers.c:196 plugins/sudoers/sudoers.c:859
+msgid "problem with defaults entries"
+msgstr "hi ha un problema amb les entrades predeterminades"
+
+#: plugins/sudoers/sudoers.c:203
+msgid "no valid sudoers sources found, quitting"
+msgstr "no s'han trobat fonts vàlides de sudoers, se sortirà"
+
+#: plugins/sudoers/sudoers.c:242
+msgid "sudoers specifies that root is not allowed to sudo"
+msgstr "el fitxer sudoers especifica que l'usuari primar no pot executar sudo"
+
+#: plugins/sudoers/sudoers.c:299
+msgid "you are not permitted to use the -C option"
+msgstr "no teniu permisos per usar l'opció -C"
+
+#: plugins/sudoers/sudoers.c:387
+#, c-format
+msgid "timestamp owner (%s): No such user"
+msgstr "propietari de la marca horària (%s): No existeix aquest usuari"
+
+#: plugins/sudoers/sudoers.c:401
+msgid "no tty"
+msgstr "no hi ha una terminal"
+
+#: plugins/sudoers/sudoers.c:402
+msgid "sorry, you must have a tty to run sudo"
+msgstr "ho sentim, heu de tenir una terminal per executar sudo"
+
+#: plugins/sudoers/sudoers.c:463
+msgid "command in current directory"
+msgstr "ordre al directori actual"
+
+#: plugins/sudoers/sudoers.c:483
+msgid "sorry, you are not allowed to preserve the environment"
+msgstr "ho sentim, no teniu permisos per preserver l'entorn"
+
+#: plugins/sudoers/sudoers.c:804
+msgid "command too long"
+msgstr "ordre massa llarga"
+
+#: plugins/sudoers/sudoers.c:916
+#, c-format
+msgid "%s is not a regular file"
+msgstr "%s no és un fitxer regular"
+
+#: plugins/sudoers/sudoers.c:920 plugins/sudoers/timestamp.c:209 toke.l:952
+#, c-format
+msgid "%s is owned by uid %u, should be %u"
+msgstr "%s és propietat de l'uid %u, hauria de ser %u"
+
+#: plugins/sudoers/sudoers.c:924 toke.l:957
+#, c-format
+msgid "%s is world writable"
+msgstr "%s te permís universal d'escriptura"
+
+#: plugins/sudoers/sudoers.c:928 toke.l:960
+#, c-format
+msgid "%s is owned by gid %u, should be %u"
+msgstr "%s és propietat del gid %u, hauria de ser %u"
+
+#: plugins/sudoers/sudoers.c:961
+#, c-format
+msgid "only root can use \"-c %s\""
+msgstr "sols l'usuari primari pot usar «-c %s»"
+
+#: plugins/sudoers/sudoers.c:980
+#, c-format
+msgid "unknown login class: %s"
+msgstr "classe desconeguda d'inici de sessió: %s"
+
+#: plugins/sudoers/sudoers.c:1063 plugins/sudoers/sudoers.c:1091
+#, c-format
+msgid "unable to resolve host %s"
+msgstr "no s'ha pogut resoldre l'amfitrió %s"
+
+#: plugins/sudoers/sudoreplay.c:236
+#, c-format
+msgid "invalid filter option: %s"
+msgstr "opció no vàlida de filtre: %s"
+
+#: plugins/sudoers/sudoreplay.c:249
+#, c-format
+msgid "invalid max wait: %s"
+msgstr "espera màxima no vàlida: %s"
+
+#: plugins/sudoers/sudoreplay.c:255
+#, c-format
+msgid "invalid speed factor: %s"
+msgstr "factor no vàlid de velocitat: %s"
+
+#: plugins/sudoers/sudoreplay.c:258 plugins/sudoers/visudo.c:185
+#, c-format
+msgid "%s version %s\n"
+msgstr "%s versió %s\n"
+
+#: plugins/sudoers/sudoreplay.c:290
+#, c-format
+msgid "%s/%.2s/%.2s/%.2s/timing: %s"
+msgstr "%s/%.2s/%.2s/%.2s/sincronització: %s"
+
+#: plugins/sudoers/sudoreplay.c:296
+#, c-format
+msgid "%s/%s/timing: %s"
+msgstr "%s/%s/sincronització: %s"
+
+#: plugins/sudoers/sudoreplay.c:312
+#, c-format
+msgid "Replaying sudo session: %s\n"
+msgstr "S'està tornant a reproduir la sessió sudo: %s\n"
+
+#: plugins/sudoers/sudoreplay.c:318
+#, c-format
+msgid "Warning: your terminal is too small to properly replay the log.\n"
+msgstr "Advertiment: el vostre terminal és massa petit per reproduir apropiadament el registre.\n"
+
+#: plugins/sudoers/sudoreplay.c:319
+#, c-format
+msgid "Log geometry is %d x %d, your terminal's geometry is %d x %d."
+msgstr "La geometria del registre és %d x %d, la geometria del vostre terminal és %d x %d."
+
+#: plugins/sudoers/sudoreplay.c:410
+msgid "unable to set tty to raw mode"
+msgstr "no s'ha pogut configurar el terminal a mode de dades en brut"
+
+#: plugins/sudoers/sudoreplay.c:439
+#, c-format
+msgid "invalid timing file line: %s"
+msgstr "línia no vàlida de fitxer de sincronització: %s"
+
+#: plugins/sudoers/sudoreplay.c:659 plugins/sudoers/sudoreplay.c:684
+#, c-format
+msgid "ambiguous expression \"%s\""
+msgstr "expressió ambigua \"%s\""
+
+#: plugins/sudoers/sudoreplay.c:706
+msgid "unmatched ')' in expression"
+msgstr "')' sense concordança a l'expressió"
+
+#: plugins/sudoers/sudoreplay.c:710
+#, c-format
+msgid "unknown search term \"%s\""
+msgstr "terme desconegut de cerca \"%s\""
+
+#: plugins/sudoers/sudoreplay.c:725
+#, c-format
+msgid "%s requires an argument"
+msgstr "%s requereix un argument"
+
+#: plugins/sudoers/sudoreplay.c:728 plugins/sudoers/sudoreplay.c:1108
+#, c-format
+msgid "invalid regular expression: %s"
+msgstr "expressió regular no vàlida: %s"
+
+#: plugins/sudoers/sudoreplay.c:732
+#, c-format
+msgid "could not parse date \"%s\""
+msgstr "no s'ha pogut analitzar la data \"%s\""
+
+#: plugins/sudoers/sudoreplay.c:741
+msgid "unmatched '(' in expression"
+msgstr "'(' sense concordança a l'expressió"
+
+#: plugins/sudoers/sudoreplay.c:743
+msgid "illegal trailing \"or\""
+msgstr "\"or\" final il·legal"
+
+#: plugins/sudoers/sudoreplay.c:745
+msgid "illegal trailing \"!\""
+msgstr "\"!\" final il·legal"
+
+#: plugins/sudoers/sudoreplay.c:794
+#, c-format
+msgid "unknown search type %d"
+msgstr "tipus desconegut de cerca %d"
+
+#: plugins/sudoers/sudoreplay.c:832
+#, c-format
+msgid "%s: invalid log file"
+msgstr "%s: fitxer no vàlid de registre"
+
+#: plugins/sudoers/sudoreplay.c:850
+#, c-format
+msgid "%s: time stamp field is missing"
+msgstr "%s: no hi ha el camp de marca horària "
+
+#: plugins/sudoers/sudoreplay.c:857
+#, c-format
+msgid "%s: time stamp %s: %s"
+msgstr "%s: marca horària %s: %s"
+
+#: plugins/sudoers/sudoreplay.c:864
+#, c-format
+msgid "%s: user field is missing"
+msgstr "%s: no hi ha el camp d'usuari runas"
+
+#: plugins/sudoers/sudoreplay.c:873
+#, c-format
+msgid "%s: runas user field is missing"
+msgstr "%s: no hi ha el camp del grup runas"
+
+#: plugins/sudoers/sudoreplay.c:882
+#, c-format
+msgid "%s: runas group field is missing"
+msgstr "%s: no es troba el camp del grup runas"
+
+#: plugins/sudoers/sudoreplay.c:1245
+#, c-format
+msgid "usage: %s [-h] [-d dir] [-m num] [-s num] ID\n"
+msgstr "ús: %s [-h] [-d dir] [-m num] [-s num] ID\n"
+
+#: plugins/sudoers/sudoreplay.c:1248
+#, c-format
+msgid "usage: %s [-h] [-d dir] -l [search expression]\n"
+msgstr "usage: %s [-h] [-d dir] -l [cerca l'expressió]\n"
+
+#: plugins/sudoers/sudoreplay.c:1257
+#, c-format
+msgid ""
+"%s - replay sudo session logs\n"
+"\n"
+msgstr ""
+"%s - reprodueix els registres de la sessió sudo\n"
+"\n"
+
+#: plugins/sudoers/sudoreplay.c:1259
+msgid ""
+"\n"
+"Options:\n"
+"  -d, --directory=dir  specify directory for session logs\n"
+"  -f, --filter=filter  specify which I/O type(s) to display\n"
+"  -h, --help           display help message and exit\n"
+"  -l, --list           list available session IDs, with optional expression\n"
+"  -m, --max-wait=num   max number of seconds to wait between events\n"
+"  -s, --speed=num      speed up or slow down output\n"
+"  -V, --version        display version information and exit"
+msgstr ""
+"\n"
+"Opcions:\n"
+"  -d, --directori=dir  especifiqueu el directori per als registres de la sessió\n"
+"  -f, --filter=filtre  especifiqueu quin(s) tipus d'entrada/sortida mostrar\n"
+"  -h, --help           mostra el missatge d'ajuda i surt\n"
+"  -l, --list           mostra una llista dels IDs de les sessions\n"
+"                       disponibles, amb expressions opcionals\n"
+"  -m, --max-wait=num   nombre màxim de segons a esperar entre esdeveniments\n"
+"  -s, --speed=num      accelera o alenteix la sortida\n"
+"  -V, --version        mostra la versió d'informació i surt"
+
+#: plugins/sudoers/testsudoers.c:328
+msgid "\thost  unmatched"
+msgstr "\tamfitrió sense concordança"
+
+#: plugins/sudoers/testsudoers.c:331
+msgid ""
+"\n"
+"Command allowed"
+msgstr ""
+"\n"
+"Ordre permesa"
+
+#: plugins/sudoers/testsudoers.c:332
+msgid ""
+"\n"
+"Command denied"
+msgstr ""
+"\n"
+"Ordre denegada"
+
+#: plugins/sudoers/testsudoers.c:332
+msgid ""
+"\n"
+"Command unmatched"
+msgstr ""
+"\n"
+"Ordre sense concordança"
+
+#: plugins/sudoers/timestamp.c:217
+#, c-format
+msgid "%s is group writable"
+msgstr "%s és modificable pel grup"
+
+#: plugins/sudoers/timestamp.c:293
+#, c-format
+msgid "unable to truncate time stamp file to %lld bytes"
+msgstr "no s'ha pogut truncar el fitxer de marca horària a %lld bytes"
+
+#: plugins/sudoers/timestamp.c:738 plugins/sudoers/timestamp.c:805
+#: plugins/sudoers/visudo.c:500 plugins/sudoers/visudo.c:506
+msgid "unable to read the clock"
+msgstr "no s'ha pogut llegir el rellotge"
+
+#: plugins/sudoers/timestamp.c:752
+msgid "ignoring time stamp from the future"
+msgstr "s'ignorarà la marca horària del futur"
+
+#: plugins/sudoers/timestamp.c:764
+#, c-format
+msgid "time stamp too far in the future: %20.20s"
+msgstr "la marca horària està massa lluny en el futur: %20.20s"
+
+#: plugins/sudoers/timestamp.c:859
+#, c-format
+msgid "unable to lock time stamp file %s"
+msgstr "no s'ha pogut bloquejar el fitxer de marca horària %s"
+
+#: plugins/sudoers/timestamp.c:903 plugins/sudoers/timestamp.c:923
+#, c-format
+msgid "lecture status path too long: %s/%s"
+msgstr "el camí de l'estat de la llissó és massa llarg: %s/%s"
+
+#: plugins/sudoers/visudo.c:187
+#, c-format
+msgid "%s grammar version %d\n"
+msgstr "%s versió de la gramàtica %d\n"
+
+#: plugins/sudoers/visudo.c:265 plugins/sudoers/visudo.c:665
+#, c-format
+msgid "press return to edit %s: "
+msgstr "prem la tecla d'introducció per editar %s: "
+
+#: plugins/sudoers/visudo.c:331
+#, c-format
+msgid "specified editor (%s) doesn't exist"
+msgstr "l'editor especificat (%s) no existeix"
+
+#: plugins/sudoers/visudo.c:349
+#, c-format
+msgid "no editor found (editor path = %s)"
+msgstr "no s'ha trobat un editor (el camí de l'editor = %s)"
+
+#: plugins/sudoers/visudo.c:459 plugins/sudoers/visudo.c:467
+msgid "write error"
+msgstr "error d'escriptura"
+
+#: plugins/sudoers/visudo.c:513
+#, c-format
+msgid "unable to stat temporary file (%s), %s unchanged"
+msgstr "no s'ha pogut accedir al fitxer temporal (%s), no s'ha modificat %s"
+
+#: plugins/sudoers/visudo.c:520
+#, c-format
+msgid "zero length temporary file (%s), %s unchanged"
+msgstr "fitxer temporal amb longitud nul·la (%s), no s'ha modificat %s"
+
+#: plugins/sudoers/visudo.c:526
+#, c-format
+msgid "editor (%s) failed, %s unchanged"
+msgstr "l'editor (%s) ha fallat, no s'ha modificat %s"
+
+#: plugins/sudoers/visudo.c:548
+#, c-format
+msgid "%s unchanged"
+msgstr "no s'ha modificat %s"
+
+#: plugins/sudoers/visudo.c:607
+#, c-format
+msgid "unable to re-open temporary file (%s), %s unchanged."
+msgstr "no s'ha pogut reobrir el fitxer temporal (%s), no s'ha modificat %s"
+
+#: plugins/sudoers/visudo.c:619
+#, c-format
+msgid "unabled to parse temporary file (%s), unknown error"
+msgstr "no s'ha pogut analitzar el fitxer temporal (%s), error desconegut"
+
+#: plugins/sudoers/visudo.c:656
+#, c-format
+msgid "internal error, unable to find %s in list!"
+msgstr "error intern, no s'ha pogut trobar %s a la llista!"
+
+#: plugins/sudoers/visudo.c:717 plugins/sudoers/visudo.c:726
+#, c-format
+msgid "unable to set (uid, gid) of %s to (%u, %u)"
+msgstr "no s'ha pogut establir (uid, gid) de %s a (%u, %u)"
+
+#: plugins/sudoers/visudo.c:721 plugins/sudoers/visudo.c:731
+#, c-format
+msgid "unable to change mode of %s to 0%o"
+msgstr "no s'ha pogut canviar el mode de %s a 0%o"
+
+#: plugins/sudoers/visudo.c:748
+#, c-format
+msgid "%s and %s not on the same file system, using mv to rename"
+msgstr "%s i %s no estan al mateix sistema de fitxers, s'usarà mv per reanomenar"
+
+#: plugins/sudoers/visudo.c:762
+#, c-format
+msgid "command failed: '%s %s %s', %s unchanged"
+msgstr "l'ordre ha fallat: '%s %s %s', no s'ha modificat %s"
+
+#: plugins/sudoers/visudo.c:772
+#, c-format
+msgid "error renaming %s, %s unchanged"
+msgstr "error quan s'estava reanomenant %s, no s'ha modificat %s"
+
+#: plugins/sudoers/visudo.c:834
+msgid "What now? "
+msgstr "Què fem ara? "
+
+#: plugins/sudoers/visudo.c:848
+msgid ""
+"Options are:\n"
+"  (e)dit sudoers file again\n"
+"  e(x)it without saving changes to sudoers file\n"
+"  (Q)uit and save changes to sudoers file (DANGER!)\n"
+msgstr ""
+"Les opcions són:\n"
+"  (e)dita el fitxer sudoers un altre cop\n"
+"  (x) surt sense desar els canvis al fitxer sudoers\n"
+"  (Q) surt i desa el canvis el fitxer sudoers (PERILL!)\n"
+
+#: plugins/sudoers/visudo.c:894
+#, c-format
+msgid "unable to run %s"
+msgstr "no s'ha pogut executar %s"
+
+#: plugins/sudoers/visudo.c:924
+#, c-format
+msgid "%s: wrong owner (uid, gid) should be (%u, %u)\n"
+msgstr "%s: propietari incorrecte (uid, gid) hauria de ser (%uk, %u)\n"
+
+#: plugins/sudoers/visudo.c:931
+#, c-format
+msgid "%s: bad permissions, should be mode 0%o\n"
+msgstr "%s: permisos dolents, hauria de ser mode 0%o\n"
+
+#: plugins/sudoers/visudo.c:960 plugins/sudoers/visudo_json.c:1031
+#, c-format
+msgid "failed to parse %s file, unknown error"
+msgstr "no s'ha pogut analitzar el fitxer %s, error desconegut"
+
+#: plugins/sudoers/visudo.c:976 plugins/sudoers/visudo_json.c:1042
+#, c-format
+msgid "parse error in %s near line %d\n"
+msgstr "error d'anàlisi a %s a prop de la línia %d\n"
+
+#: plugins/sudoers/visudo.c:979 plugins/sudoers/visudo_json.c:1045
+#, c-format
+msgid "parse error in %s\n"
+msgstr "error d'anàlisi a %s\n"
+
+#: plugins/sudoers/visudo.c:987 plugins/sudoers/visudo.c:994
+#, c-format
+msgid "%s: parsed OK\n"
+msgstr "%s: s'analitzat correctament\n"
+
+#: plugins/sudoers/visudo.c:1041
+#, c-format
+msgid "%s busy, try again later"
+msgstr "%s està ocupat, proveu un altre cop més tard"
+
+#: plugins/sudoers/visudo.c:1137
+#, c-format
+msgid "%s:%d cycle in %s \"%s\""
+msgstr "%s:%d cicle a %s «%s»"
+
+#: plugins/sudoers/visudo.c:1140
+#, c-format
+msgid "%s:%d %s \"%s\" referenced but not defined"
+msgstr "%s:%d %s «%s» s'ha referenciat però no s'ha definit "
+
+#: plugins/sudoers/visudo.c:1292
+#, c-format
+msgid "%s:%d unused %s \"%s\""
+msgstr "%s:%d sense usar %s «%s»"
+
+#: plugins/sudoers/visudo.c:1403
+#, c-format
+msgid ""
+"%s - safely edit the sudoers file\n"
+"\n"
+msgstr ""
+"%s - edita amb seguretat el fitxer sudoers\n"
+"\n"
+
+#: plugins/sudoers/visudo.c:1405
+msgid ""
+"\n"
+"Options:\n"
+"  -c, --check              check-only mode\n"
+"  -f, --file=sudoers       specify sudoers file location\n"
+"  -h, --help               display help message and exit\n"
+"  -q, --quiet              less verbose (quiet) syntax error messages\n"
+"  -s, --strict             strict syntax checking\n"
+"  -V, --version            display version information and exit\n"
+"  -x, --export=output_file write sudoers in JSON format to output_file"
+msgstr ""
+"\n"
+"Opcions:\n"
+"  -c, --check              mode de sols verificació\n"
+"  -f, --file=sudoers       especifiqueu la ubicació del fitxer sudoers\n"
+"  -h, --help               mostra el missatge d'ajuda i surt\n"
+"  -q, --quiet              missatges d'error de sintaxi menys informatius (silenciós)\n"
+"  -s, --strict             verificació estricta de la sintaxi\n"
+"  -V, --version            mostra la informació de la versió i surt\n"
+"  -x, --export=output_file escriu el fitxer sudoers en format JSON a output_file"
+
+#: plugins/sudoers/visudo_json.c:632 plugins/sudoers/visudo_json.c:667
+#, c-format
+msgid "unknown defaults entry \"%s\""
+msgstr "entrada «%s» desconeguda de paràmetres predeterminats"
+
+#: plugins/sudoers/visudo_json.c:1017
+#, c-format
+msgid "%s: input and output files must be different"
+msgstr "%s: els fitxers d'entrada i de sortida han de ser diferents"
+
+#: toke.l:926
+msgid "too many levels of includes"
+msgstr "massa nivells d'inclusions"
+
+#~ msgid "Warning: cycle in %s `%s'"
+#~ msgstr "Advertiment: cicle a %s `%s'"
+
+#~ msgid "Warning: %s `%s' referenced but not defined"
+#~ msgstr "Advertiment: s'ha referenciat però no s'ha definit %s `%s'"
+
+#~ msgid "Warning: unused %s `%s'"
+#~ msgstr "Advertiment: %s `%s' sense usar"
+
+#~ msgid "sudo_ldap_conf_add_ports: out of space expanding hostbuf"
+#~ msgstr "sudo_ldap_conf_add_ports: s'ha exhaurit l'espai quan s'estava expandint hostbuf"
+
+#~ msgid "sudo_ldap_parse_uri: out of space building hostbuf"
+#~ msgstr "sudo_ldap_parse_uri: s'ha exhaurit l'espai construint hostbuf"
+
+#~ msgid "sudo_ldap_build_pass1 allocation mismatch"
+#~ msgstr "discordança d'assignació de sudo_ldap_build_pass1"
+
+#~ msgid "timestamp path too long: %s/%s"
+#~ msgstr "el camí de la marca horària és massa llarg: %s/%s"
+
+#~ msgid "unable to stat editor (%s)"
+#~ msgstr "no s'ha pogut accedir l'editor (%s)"
+
+#~ msgid "internal error: insufficient space for log line"
+#~ msgstr "error intern: espai insuficient per a la línia de registre"
+
+#~ msgid "fill_args: buffer overflow"
+#~ msgstr "fill_args: desbordament de la memòria intermèdia"
diff --git a/plugins/sudoers/po/cs.mo b/plugins/sudoers/po/cs.mo
new file mode 100644
index 0000000..7b96570
--- /dev/null
+++ b/plugins/sudoers/po/cs.mo
diff --git a/plugins/sudoers/po/cs.po b/plugins/sudoers/po/cs.po
new file mode 100644
index 0000000..300776d
--- /dev/null
+++ b/plugins/sudoers/po/cs.po
@@ -0,0 +1,2412 @@
+# Czech translation for sudo.
+# This file is distributed under the same license as the sudo package.
+# Todd C. Miller <Todd.Miller@courtesan.com>, 2011-2013
+# Petr Pisar <petr.pisar@atlas.cz>, 2013, 2014, 2015, 2016, 2017, 2018.
+#
+# (AIX) registry → (AIXový) registr
+# timestamp → časové údaje
+#
+msgid ""
+msgstr ""
+"Project-Id-Version: sudoers 1.8.26b1\n"
+"Report-Msgid-Bugs-To: https://bugzilla.sudo.ws\n"
+"POT-Creation-Date: 2018-10-29 08:31-0600\n"
+"PO-Revision-Date: 2018-10-31 19:22+01:00\n"
+"Last-Translator: Petr Pisar <petr.pisar@atlas.cz>\n"
+"Language-Team: Czech <translation-team-cs@lists.sourceforge.net>\n"
+"Language: cs\n"
+"MIME-Version: 1.0\n"
+"Content-Type: text/plain; charset=UTF-8\n"
+"Content-Transfer-Encoding: 8bit\n"
+"X-Bugs: Report translation errors to the Language-Team address.\n"
+"Plural-Forms: nplurals=3; plural=(n==1) ? 0 : (n>=2 && n<=4) ? 1 : 2;\n"
+
+#: confstr.sh:1
+msgid "syntax error"
+msgstr "chyba syntaxe"
+
+#: confstr.sh:2
+msgid "%p's password: "
+msgstr "Heslo pro %p: "
+
+#: confstr.sh:3
+msgid "[sudo] password for %p: "
+msgstr "[sudo] heslo pro %p: "
+
+#: confstr.sh:4
+msgid "Password: "
+msgstr "Heslo: "
+
+#: confstr.sh:5
+msgid "*** SECURITY information for %h ***"
+msgstr "*** BEZPEČNOSTNÍ hlášení o %h ***"
+
+#: confstr.sh:6
+msgid "Sorry, try again."
+msgstr "Je nám líto, zkuste to znovu."
+
+#: gram.y:192 gram.y:240 gram.y:247 gram.y:254 gram.y:261 gram.y:268
+#: gram.y:284 gram.y:308 gram.y:315 gram.y:322 gram.y:329 gram.y:336
+#: gram.y:399 gram.y:407 gram.y:417 gram.y:450 gram.y:457 gram.y:464
+#: gram.y:471 gram.y:553 gram.y:560 gram.y:569 gram.y:578 gram.y:595
+#: gram.y:707 gram.y:714 gram.y:721 gram.y:729 gram.y:829 gram.y:836
+#: gram.y:843 gram.y:850 gram.y:857 gram.y:883 gram.y:890 gram.y:897
+#: gram.y:1020 gram.y:1294 plugins/sudoers/alias.c:130
+#: plugins/sudoers/alias.c:137 plugins/sudoers/alias.c:153
+#: plugins/sudoers/auth/bsdauth.c:146 plugins/sudoers/auth/kerb5.c:121
+#: plugins/sudoers/auth/kerb5.c:147 plugins/sudoers/auth/pam.c:524
+#: plugins/sudoers/auth/rfc1938.c:114 plugins/sudoers/auth/sia.c:62
+#: plugins/sudoers/cvtsudoers.c:123 plugins/sudoers/cvtsudoers.c:164
+#: plugins/sudoers/cvtsudoers.c:181 plugins/sudoers/cvtsudoers.c:192
+#: plugins/sudoers/cvtsudoers.c:304 plugins/sudoers/cvtsudoers.c:432
+#: plugins/sudoers/cvtsudoers.c:565 plugins/sudoers/cvtsudoers.c:582
+#: plugins/sudoers/cvtsudoers.c:645 plugins/sudoers/cvtsudoers.c:760
+#: plugins/sudoers/cvtsudoers.c:768 plugins/sudoers/cvtsudoers.c:1178
+#: plugins/sudoers/cvtsudoers.c:1182 plugins/sudoers/cvtsudoers.c:1284
+#: plugins/sudoers/cvtsudoers_ldif.c:152 plugins/sudoers/cvtsudoers_ldif.c:195
+#: plugins/sudoers/cvtsudoers_ldif.c:242 plugins/sudoers/cvtsudoers_ldif.c:261
+#: plugins/sudoers/cvtsudoers_ldif.c:332 plugins/sudoers/cvtsudoers_ldif.c:387
+#: plugins/sudoers/cvtsudoers_ldif.c:395 plugins/sudoers/cvtsudoers_ldif.c:412
+#: plugins/sudoers/cvtsudoers_ldif.c:421 plugins/sudoers/cvtsudoers_ldif.c:568
+#: plugins/sudoers/defaults.c:661 plugins/sudoers/defaults.c:954
+#: plugins/sudoers/defaults.c:1125 plugins/sudoers/editor.c:70
+#: plugins/sudoers/editor.c:88 plugins/sudoers/editor.c:99
+#: plugins/sudoers/env.c:247 plugins/sudoers/filedigest.c:64
+#: plugins/sudoers/filedigest.c:80 plugins/sudoers/gc.c:57
+#: plugins/sudoers/group_plugin.c:136 plugins/sudoers/interfaces.c:76
+#: plugins/sudoers/iolog.c:939 plugins/sudoers/iolog_path.c:172
+#: plugins/sudoers/iolog_util.c:83 plugins/sudoers/iolog_util.c:122
+#: plugins/sudoers/iolog_util.c:131 plugins/sudoers/iolog_util.c:141
+#: plugins/sudoers/iolog_util.c:149 plugins/sudoers/iolog_util.c:153
+#: plugins/sudoers/ldap.c:183 plugins/sudoers/ldap.c:414
+#: plugins/sudoers/ldap.c:418 plugins/sudoers/ldap.c:430
+#: plugins/sudoers/ldap.c:721 plugins/sudoers/ldap.c:885
+#: plugins/sudoers/ldap.c:1233 plugins/sudoers/ldap.c:1660
+#: plugins/sudoers/ldap.c:1697 plugins/sudoers/ldap.c:1778
+#: plugins/sudoers/ldap.c:1913 plugins/sudoers/ldap.c:2014
+#: plugins/sudoers/ldap.c:2030 plugins/sudoers/ldap_conf.c:221
+#: plugins/sudoers/ldap_conf.c:252 plugins/sudoers/ldap_conf.c:304
+#: plugins/sudoers/ldap_conf.c:340 plugins/sudoers/ldap_conf.c:443
+#: plugins/sudoers/ldap_conf.c:458 plugins/sudoers/ldap_conf.c:555
+#: plugins/sudoers/ldap_conf.c:588 plugins/sudoers/ldap_conf.c:680
+#: plugins/sudoers/ldap_conf.c:762 plugins/sudoers/ldap_util.c:508
+#: plugins/sudoers/ldap_util.c:564 plugins/sudoers/linux_audit.c:81
+#: plugins/sudoers/logging.c:195 plugins/sudoers/logging.c:511
+#: plugins/sudoers/logging.c:532 plugins/sudoers/logging.c:573
+#: plugins/sudoers/logging.c:752 plugins/sudoers/logging.c:1010
+#: plugins/sudoers/match.c:725 plugins/sudoers/match.c:772
+#: plugins/sudoers/match.c:813 plugins/sudoers/match.c:841
+#: plugins/sudoers/match.c:929 plugins/sudoers/match.c:1009
+#: plugins/sudoers/parse.c:195 plugins/sudoers/parse.c:207
+#: plugins/sudoers/parse.c:222 plugins/sudoers/parse.c:234
+#: plugins/sudoers/parse_ldif.c:141 plugins/sudoers/parse_ldif.c:168
+#: plugins/sudoers/parse_ldif.c:237 plugins/sudoers/parse_ldif.c:244
+#: plugins/sudoers/parse_ldif.c:249 plugins/sudoers/parse_ldif.c:325
+#: plugins/sudoers/parse_ldif.c:336 plugins/sudoers/parse_ldif.c:342
+#: plugins/sudoers/parse_ldif.c:367 plugins/sudoers/parse_ldif.c:379
+#: plugins/sudoers/parse_ldif.c:383 plugins/sudoers/parse_ldif.c:397
+#: plugins/sudoers/parse_ldif.c:564 plugins/sudoers/parse_ldif.c:594
+#: plugins/sudoers/parse_ldif.c:619 plugins/sudoers/parse_ldif.c:679
+#: plugins/sudoers/parse_ldif.c:698 plugins/sudoers/parse_ldif.c:744
+#: plugins/sudoers/parse_ldif.c:754 plugins/sudoers/policy.c:502
+#: plugins/sudoers/policy.c:744 plugins/sudoers/prompt.c:98
+#: plugins/sudoers/pwutil.c:197 plugins/sudoers/pwutil.c:269
+#: plugins/sudoers/pwutil.c:346 plugins/sudoers/pwutil.c:520
+#: plugins/sudoers/pwutil.c:586 plugins/sudoers/pwutil.c:656
+#: plugins/sudoers/pwutil.c:814 plugins/sudoers/pwutil.c:871
+#: plugins/sudoers/pwutil.c:916 plugins/sudoers/pwutil.c:974
+#: plugins/sudoers/sssd.c:152 plugins/sudoers/sssd.c:398
+#: plugins/sudoers/sssd.c:461 plugins/sudoers/sssd.c:505
+#: plugins/sudoers/sssd.c:552 plugins/sudoers/sssd.c:743
+#: plugins/sudoers/stubs.c:101 plugins/sudoers/stubs.c:109
+#: plugins/sudoers/sudoers.c:269 plugins/sudoers/sudoers.c:279
+#: plugins/sudoers/sudoers.c:288 plugins/sudoers/sudoers.c:330
+#: plugins/sudoers/sudoers.c:653 plugins/sudoers/sudoers.c:779
+#: plugins/sudoers/sudoers.c:823 plugins/sudoers/sudoers.c:1097
+#: plugins/sudoers/sudoers_debug.c:112 plugins/sudoers/sudoreplay.c:579
+#: plugins/sudoers/sudoreplay.c:582 plugins/sudoers/sudoreplay.c:1259
+#: plugins/sudoers/sudoreplay.c:1459 plugins/sudoers/sudoreplay.c:1463
+#: plugins/sudoers/testsudoers.c:134 plugins/sudoers/testsudoers.c:234
+#: plugins/sudoers/testsudoers.c:251 plugins/sudoers/testsudoers.c:585
+#: plugins/sudoers/timestamp.c:437 plugins/sudoers/timestamp.c:481
+#: plugins/sudoers/timestamp.c:958 plugins/sudoers/toke_util.c:57
+#: plugins/sudoers/toke_util.c:110 plugins/sudoers/toke_util.c:147
+#: plugins/sudoers/tsdump.c:128 plugins/sudoers/visudo.c:150
+#: plugins/sudoers/visudo.c:312 plugins/sudoers/visudo.c:318
+#: plugins/sudoers/visudo.c:428 plugins/sudoers/visudo.c:606
+#: plugins/sudoers/visudo.c:926 plugins/sudoers/visudo.c:1013
+#: plugins/sudoers/visudo.c:1102 toke.l:844 toke.l:945 toke.l:1102
+msgid "unable to allocate memory"
+msgstr "nelze alokovat paměť"
+
+#: gram.y:482
+msgid "a digest requires a path name"
+msgstr "kontrolní součet vyžaduje název cesty"
+
+#: gram.y:608
+msgid "invalid notbefore value"
+msgstr "neplatná hodnota notbefore (začátek platnosti)"
+
+#: gram.y:616
+msgid "invalid notafter value"
+msgstr "neplatná hodnota notafter (konec platnosti)"
+
+#: gram.y:625 plugins/sudoers/policy.c:318
+msgid "timeout value too large"
+msgstr "hodnota časového limitu je příliš velká"
+
+#: gram.y:627 plugins/sudoers/policy.c:320
+msgid "invalid timeout value"
+msgstr "neplatná hodnota časového limitu"
+
+#: gram.y:1294 plugins/sudoers/auth/pam.c:354 plugins/sudoers/auth/pam.c:524
+#: plugins/sudoers/auth/rfc1938.c:114 plugins/sudoers/cvtsudoers.c:123
+#: plugins/sudoers/cvtsudoers.c:163 plugins/sudoers/cvtsudoers.c:180
+#: plugins/sudoers/cvtsudoers.c:191 plugins/sudoers/cvtsudoers.c:303
+#: plugins/sudoers/cvtsudoers.c:431 plugins/sudoers/cvtsudoers.c:564
+#: plugins/sudoers/cvtsudoers.c:581 plugins/sudoers/cvtsudoers.c:645
+#: plugins/sudoers/cvtsudoers.c:760 plugins/sudoers/cvtsudoers.c:767
+#: plugins/sudoers/cvtsudoers.c:1178 plugins/sudoers/cvtsudoers.c:1182
+#: plugins/sudoers/cvtsudoers.c:1284 plugins/sudoers/cvtsudoers_ldif.c:151
+#: plugins/sudoers/cvtsudoers_ldif.c:194 plugins/sudoers/cvtsudoers_ldif.c:241
+#: plugins/sudoers/cvtsudoers_ldif.c:260 plugins/sudoers/cvtsudoers_ldif.c:331
+#: plugins/sudoers/cvtsudoers_ldif.c:386 plugins/sudoers/cvtsudoers_ldif.c:394
+#: plugins/sudoers/cvtsudoers_ldif.c:411 plugins/sudoers/cvtsudoers_ldif.c:420
+#: plugins/sudoers/cvtsudoers_ldif.c:567 plugins/sudoers/defaults.c:661
+#: plugins/sudoers/defaults.c:954 plugins/sudoers/defaults.c:1125
+#: plugins/sudoers/editor.c:70 plugins/sudoers/editor.c:88
+#: plugins/sudoers/editor.c:99 plugins/sudoers/env.c:247
+#: plugins/sudoers/filedigest.c:64 plugins/sudoers/filedigest.c:80
+#: plugins/sudoers/gc.c:57 plugins/sudoers/group_plugin.c:136
+#: plugins/sudoers/interfaces.c:76 plugins/sudoers/iolog.c:939
+#: plugins/sudoers/iolog_path.c:172 plugins/sudoers/iolog_util.c:83
+#: plugins/sudoers/iolog_util.c:122 plugins/sudoers/iolog_util.c:131
+#: plugins/sudoers/iolog_util.c:141 plugins/sudoers/iolog_util.c:149
+#: plugins/sudoers/iolog_util.c:153 plugins/sudoers/ldap.c:183
+#: plugins/sudoers/ldap.c:414 plugins/sudoers/ldap.c:418
+#: plugins/sudoers/ldap.c:430 plugins/sudoers/ldap.c:721
+#: plugins/sudoers/ldap.c:885 plugins/sudoers/ldap.c:1233
+#: plugins/sudoers/ldap.c:1660 plugins/sudoers/ldap.c:1697
+#: plugins/sudoers/ldap.c:1778 plugins/sudoers/ldap.c:1913
+#: plugins/sudoers/ldap.c:2014 plugins/sudoers/ldap.c:2030
+#: plugins/sudoers/ldap_conf.c:221 plugins/sudoers/ldap_conf.c:252
+#: plugins/sudoers/ldap_conf.c:304 plugins/sudoers/ldap_conf.c:340
+#: plugins/sudoers/ldap_conf.c:443 plugins/sudoers/ldap_conf.c:458
+#: plugins/sudoers/ldap_conf.c:555 plugins/sudoers/ldap_conf.c:588
+#: plugins/sudoers/ldap_conf.c:679 plugins/sudoers/ldap_conf.c:762
+#: plugins/sudoers/ldap_util.c:508 plugins/sudoers/ldap_util.c:564
+#: plugins/sudoers/linux_audit.c:81 plugins/sudoers/logging.c:195
+#: plugins/sudoers/logging.c:511 plugins/sudoers/logging.c:532
+#: plugins/sudoers/logging.c:572 plugins/sudoers/logging.c:1010
+#: plugins/sudoers/match.c:724 plugins/sudoers/match.c:771
+#: plugins/sudoers/match.c:813 plugins/sudoers/match.c:841
+#: plugins/sudoers/match.c:929 plugins/sudoers/match.c:1008
+#: plugins/sudoers/parse.c:194 plugins/sudoers/parse.c:206
+#: plugins/sudoers/parse.c:221 plugins/sudoers/parse.c:233
+#: plugins/sudoers/parse_ldif.c:140 plugins/sudoers/parse_ldif.c:167
+#: plugins/sudoers/parse_ldif.c:236 plugins/sudoers/parse_ldif.c:243
+#: plugins/sudoers/parse_ldif.c:248 plugins/sudoers/parse_ldif.c:324
+#: plugins/sudoers/parse_ldif.c:335 plugins/sudoers/parse_ldif.c:341
+#: plugins/sudoers/parse_ldif.c:366 plugins/sudoers/parse_ldif.c:378
+#: plugins/sudoers/parse_ldif.c:382 plugins/sudoers/parse_ldif.c:396
+#: plugins/sudoers/parse_ldif.c:564 plugins/sudoers/parse_ldif.c:593
+#: plugins/sudoers/parse_ldif.c:618 plugins/sudoers/parse_ldif.c:678
+#: plugins/sudoers/parse_ldif.c:697 plugins/sudoers/parse_ldif.c:743
+#: plugins/sudoers/parse_ldif.c:753 plugins/sudoers/policy.c:132
+#: plugins/sudoers/policy.c:141 plugins/sudoers/policy.c:150
+#: plugins/sudoers/policy.c:176 plugins/sudoers/policy.c:303
+#: plugins/sudoers/policy.c:318 plugins/sudoers/policy.c:320
+#: plugins/sudoers/policy.c:346 plugins/sudoers/policy.c:356
+#: plugins/sudoers/policy.c:400 plugins/sudoers/policy.c:410
+#: plugins/sudoers/policy.c:419 plugins/sudoers/policy.c:428
+#: plugins/sudoers/policy.c:502 plugins/sudoers/policy.c:744
+#: plugins/sudoers/prompt.c:98 plugins/sudoers/pwutil.c:197
+#: plugins/sudoers/pwutil.c:269 plugins/sudoers/pwutil.c:346
+#: plugins/sudoers/pwutil.c:520 plugins/sudoers/pwutil.c:586
+#: plugins/sudoers/pwutil.c:656 plugins/sudoers/pwutil.c:814
+#: plugins/sudoers/pwutil.c:871 plugins/sudoers/pwutil.c:916
+#: plugins/sudoers/pwutil.c:974 plugins/sudoers/set_perms.c:392
+#: plugins/sudoers/set_perms.c:771 plugins/sudoers/set_perms.c:1155
+#: plugins/sudoers/set_perms.c:1481 plugins/sudoers/set_perms.c:1646
+#: plugins/sudoers/sssd.c:151 plugins/sudoers/sssd.c:398
+#: plugins/sudoers/sssd.c:461 plugins/sudoers/sssd.c:505
+#: plugins/sudoers/sssd.c:552 plugins/sudoers/sssd.c:743
+#: plugins/sudoers/stubs.c:101 plugins/sudoers/stubs.c:109
+#: plugins/sudoers/sudoers.c:269 plugins/sudoers/sudoers.c:279
+#: plugins/sudoers/sudoers.c:288 plugins/sudoers/sudoers.c:330
+#: plugins/sudoers/sudoers.c:653 plugins/sudoers/sudoers.c:779
+#: plugins/sudoers/sudoers.c:823 plugins/sudoers/sudoers.c:1097
+#: plugins/sudoers/sudoers_debug.c:111 plugins/sudoers/sudoreplay.c:579
+#: plugins/sudoers/sudoreplay.c:582 plugins/sudoers/sudoreplay.c:1259
+#: plugins/sudoers/sudoreplay.c:1459 plugins/sudoers/sudoreplay.c:1463
+#: plugins/sudoers/testsudoers.c:134 plugins/sudoers/testsudoers.c:234
+#: plugins/sudoers/testsudoers.c:251 plugins/sudoers/testsudoers.c:585
+#: plugins/sudoers/timestamp.c:437 plugins/sudoers/timestamp.c:481
+#: plugins/sudoers/timestamp.c:958 plugins/sudoers/toke_util.c:57
+#: plugins/sudoers/toke_util.c:110 plugins/sudoers/toke_util.c:147
+#: plugins/sudoers/tsdump.c:128 plugins/sudoers/visudo.c:150
+#: plugins/sudoers/visudo.c:312 plugins/sudoers/visudo.c:318
+#: plugins/sudoers/visudo.c:428 plugins/sudoers/visudo.c:606
+#: plugins/sudoers/visudo.c:926 plugins/sudoers/visudo.c:1013
+#: plugins/sudoers/visudo.c:1102 toke.l:844 toke.l:945 toke.l:1102
+#, c-format
+msgid "%s: %s"
+msgstr "%s: %s"
+
+#: plugins/sudoers/alias.c:148
+#, c-format
+msgid "Alias \"%s\" already defined"
+msgstr "Alias „%s“ je již definován"
+
+#: plugins/sudoers/auth/bsdauth.c:73
+#, c-format
+msgid "unable to get login class for user %s"
+msgstr "nelze získat přihlašovací třídu uživatele %s"
+
+#: plugins/sudoers/auth/bsdauth.c:78
+msgid "unable to begin bsd authentication"
+msgstr "nelze zahájit BSD autentizaci"
+
+#: plugins/sudoers/auth/bsdauth.c:86
+msgid "invalid authentication type"
+msgstr "neplatný druh autentizace"
+
+#: plugins/sudoers/auth/bsdauth.c:95
+msgid "unable to initialize BSD authentication"
+msgstr "nelze inicializovat BSD autentizaci"
+
+#: plugins/sudoers/auth/bsdauth.c:183
+msgid "your account has expired"
+msgstr "vašemu účtu skončila platnost"
+
+#: plugins/sudoers/auth/bsdauth.c:185
+msgid "approval failed"
+msgstr "schválení selhalo"
+
+#: plugins/sudoers/auth/fwtk.c:57
+msgid "unable to read fwtk config"
+msgstr "nelze načíst konfiguraci FWTK"
+
+#: plugins/sudoers/auth/fwtk.c:62
+msgid "unable to connect to authentication server"
+msgstr "k autentizačnímu serveru se nelze připojit"
+
+#: plugins/sudoers/auth/fwtk.c:68 plugins/sudoers/auth/fwtk.c:92
+#: plugins/sudoers/auth/fwtk.c:124
+msgid "lost connection to authentication server"
+msgstr "spojení k autentizačnímu serveru ztraceno"
+
+#: plugins/sudoers/auth/fwtk.c:72
+#, c-format
+msgid ""
+"authentication server error:\n"
+"%s"
+msgstr ""
+"chyba autentizačního serveru:\n"
+"%s"
+
+#: plugins/sudoers/auth/kerb5.c:113
+#, c-format
+msgid "%s: unable to convert principal to string ('%s'): %s"
+msgstr "%s: principála nelze převést na řetězec („%s“): %s"
+
+#: plugins/sudoers/auth/kerb5.c:163
+#, c-format
+msgid "%s: unable to parse '%s': %s"
+msgstr "%s: „%s“ nelze rozebrat: %s"
+
+#: plugins/sudoers/auth/kerb5.c:172
+#, c-format
+msgid "%s: unable to resolve credential cache: %s"
+msgstr "%s: nelze najít keš s pověřeními: %s"
+
+#: plugins/sudoers/auth/kerb5.c:219
+#, c-format
+msgid "%s: unable to allocate options: %s"
+msgstr "%s: nelze alokovat volby: %s"
+
+#: plugins/sudoers/auth/kerb5.c:234
+#, c-format
+msgid "%s: unable to get credentials: %s"
+msgstr "%s: nelze získat pověření: %s"
+
+#: plugins/sudoers/auth/kerb5.c:247
+#, c-format
+msgid "%s: unable to initialize credential cache: %s"
+msgstr "%s: nelze inicializovat keš s pověřeními: %s"
+
+#: plugins/sudoers/auth/kerb5.c:250
+#, c-format
+msgid "%s: unable to store credential in cache: %s"
+msgstr "%s: pověření nelze uložit do keše: %s"
+
+#: plugins/sudoers/auth/kerb5.c:314
+#, c-format
+msgid "%s: unable to get host principal: %s"
+msgstr "%s: nelze získat principála stroje: %s"
+
+#: plugins/sudoers/auth/kerb5.c:328
+#, c-format
+msgid "%s: Cannot verify TGT! Possible attack!: %s"
+msgstr "%s: TGT nelze ověřit! Podezření na útok!: %s"
+
+#: plugins/sudoers/auth/pam.c:113
+msgid "unable to initialize PAM"
+msgstr "PAM nelze inicializovat"
+
+#: plugins/sudoers/auth/pam.c:204
+#, c-format
+msgid "PAM authentication error: %s"
+msgstr "Chyba autentizace PAM: %s"
+
+#: plugins/sudoers/auth/pam.c:221
+msgid "account validation failure, is your account locked?"
+msgstr "ověření účtu selhalo, není váš účet zamknutý?"
+
+#: plugins/sudoers/auth/pam.c:229
+msgid "Account or password is expired, reset your password and try again"
+msgstr "Účtu nebo heslu vypršela platnost, nastavte si nové heslo a zkuste to znovu"
+
+#: plugins/sudoers/auth/pam.c:238
+#, c-format
+msgid "unable to change expired password: %s"
+msgstr "prošlé heslo nelze změnit: %s"
+
+#: plugins/sudoers/auth/pam.c:246
+msgid "Password expired, contact your system administrator"
+msgstr "Heslu vypršela platnost, kontaktujte správce svého systému"
+
+#: plugins/sudoers/auth/pam.c:250
+msgid "Account expired or PAM config lacks an \"account\" section for sudo, contact your system administrator"
+msgstr "Účtu vypršela platnost nebo v konfiguraci PAM pro sudo chybí sekce „account“. Kontaktujte správce svého systému"
+
+#: plugins/sudoers/auth/pam.c:257 plugins/sudoers/auth/pam.c:262
+#, c-format
+msgid "PAM account management error: %s"
+msgstr "Chyba správy účtů PAM: %s"
+
+#: plugins/sudoers/auth/rfc1938.c:102 plugins/sudoers/visudo.c:232
+#, c-format
+msgid "you do not exist in the %s database"
+msgstr "v databázi %s neexistujete"
+
+#: plugins/sudoers/auth/securid5.c:75
+msgid "failed to initialise the ACE API library"
+msgstr "inicializace knihovny ACE selhala"
+
+#: plugins/sudoers/auth/securid5.c:101
+msgid "unable to contact the SecurID server"
+msgstr "nelze kontaktovat server SecurID"
+
+#: plugins/sudoers/auth/securid5.c:110
+msgid "User ID locked for SecurID Authentication"
+msgstr "ID uživatele je pro autentizaci SecurID uzamčeno"
+
+#: plugins/sudoers/auth/securid5.c:114 plugins/sudoers/auth/securid5.c:165
+msgid "invalid username length for SecurID"
+msgstr "neplatná délka uživatelského jména pro SecurID"
+
+#: plugins/sudoers/auth/securid5.c:118 plugins/sudoers/auth/securid5.c:170
+msgid "invalid Authentication Handle for SecurID"
+msgstr "neplatný deskriptor autentizace pro SecurID"
+
+#: plugins/sudoers/auth/securid5.c:122
+msgid "SecurID communication failed"
+msgstr "komunikace se SecurID selhala"
+
+#: plugins/sudoers/auth/securid5.c:126 plugins/sudoers/auth/securid5.c:215
+msgid "unknown SecurID error"
+msgstr "neznámá chyba SecurID"
+
+#: plugins/sudoers/auth/securid5.c:160
+msgid "invalid passcode length for SecurID"
+msgstr "neplatná délka kódu pro SecurID"
+
+#: plugins/sudoers/auth/sia.c:72 plugins/sudoers/auth/sia.c:127
+msgid "unable to initialize SIA session"
+msgstr "nelze inicializovat relaci SIA"
+
+#: plugins/sudoers/auth/sudo_auth.c:136
+msgid "invalid authentication methods"
+msgstr "neplatné autentizační metody"
+
+#: plugins/sudoers/auth/sudo_auth.c:138
+msgid "Invalid authentication methods compiled into sudo!  You may not mix standalone and non-standalone authentication."
+msgstr "Sudo bylo sestaveno s neplatnými autentizačními metodami! Nesmíte míchat samostatnou a nesamostatnou autentizaci."
+
+#: plugins/sudoers/auth/sudo_auth.c:259 plugins/sudoers/auth/sudo_auth.c:309
+msgid "no authentication methods"
+msgstr "žádné autentizační metody"
+
+#: plugins/sudoers/auth/sudo_auth.c:261
+msgid "There are no authentication methods compiled into sudo!  If you want to turn off authentication, use the --disable-authentication configure option."
+msgstr "Sudo bylo sestaveno bez autentizačních metod! Chcete-li vypnout autentizaci, použijte při sestavování přepínač --disable-autentizaci."
+
+#: plugins/sudoers/auth/sudo_auth.c:311
+msgid "Unable to initialize authentication methods."
+msgstr "Nelze inicializovat metody autentizace."
+
+#: plugins/sudoers/auth/sudo_auth.c:477
+msgid "Authentication methods:"
+msgstr "Autentizační metody:"
+
+#: plugins/sudoers/bsm_audit.c:123 plugins/sudoers/bsm_audit.c:215
+msgid "Could not determine audit condition"
+msgstr "Nebylo možné určit podmínku pro audit"
+
+#: plugins/sudoers/bsm_audit.c:188 plugins/sudoers/bsm_audit.c:279
+msgid "unable to commit audit record"
+msgstr "auditní zprávu nelze odeslat"
+
+#: plugins/sudoers/check.c:267
+msgid ""
+"\n"
+"We trust you have received the usual lecture from the local System\n"
+"Administrator. It usually boils down to these three things:\n"
+"\n"
+"    #1) Respect the privacy of others.\n"
+"    #2) Think before you type.\n"
+"    #3) With great power comes great responsibility.\n"
+"\n"
+msgstr ""
+"\n"
+"Věříme, že jste od správce místního systému obdrželi obvyklé školení.\n"
+"Obvykle se jedná o tyto tři věci:\n"
+"\n"
+"    1. Respektujte soukromí druhých.\n"
+"    2. Přemýšlejte, než začnete psát.\n"
+"    3. S velkými právy přichází velká zodpovědnost.\n"
+"\n"
+
+#: plugins/sudoers/check.c:310 plugins/sudoers/check.c:320
+#: plugins/sudoers/sudoers.c:696 plugins/sudoers/sudoers.c:741
+#: plugins/sudoers/tsdump.c:124
+#, c-format
+msgid "unknown uid: %u"
+msgstr "neznámé UID: %u"
+
+#: plugins/sudoers/check.c:315 plugins/sudoers/iolog.c:253
+#: plugins/sudoers/policy.c:915 plugins/sudoers/sudoers.c:1136
+#: plugins/sudoers/testsudoers.c:225 plugins/sudoers/testsudoers.c:398
+#, c-format
+msgid "unknown user: %s"
+msgstr "neznámý uživatel: %s"
+
+#: plugins/sudoers/cvtsudoers.c:198
+#, c-format
+msgid "order increment: %s: %s"
+msgstr "přírůstek pořadí: %s: %s"
+
+#: plugins/sudoers/cvtsudoers.c:214
+#, c-format
+msgid "starting order: %s: %s"
+msgstr "počáteční pořadí: %s: %s"
+
+#: plugins/sudoers/cvtsudoers.c:224
+#, c-format
+msgid "order padding: %s: %s"
+msgstr "odsazení pořadí: %s: %s"
+
+#: plugins/sudoers/cvtsudoers.c:232 plugins/sudoers/sudoreplay.c:287
+#: plugins/sudoers/visudo.c:182
+#, c-format
+msgid "%s version %s\n"
+msgstr "%s verze %s\n"
+
+#: plugins/sudoers/cvtsudoers.c:234 plugins/sudoers/visudo.c:184
+#, c-format
+msgid "%s grammar version %d\n"
+msgstr "verze gramatiky %s je %d\n"
+
+#: plugins/sudoers/cvtsudoers.c:251 plugins/sudoers/testsudoers.c:173
+#, c-format
+msgid "unsupported input format %s"
+msgstr "nepodporovaný formát vstupu %s"
+
+#: plugins/sudoers/cvtsudoers.c:266
+#, c-format
+msgid "unsupported output format %s"
+msgstr "nepodporovaný formát výstupu %s"
+
+#: plugins/sudoers/cvtsudoers.c:318
+#, c-format
+msgid "%s: input and output files must be different"
+msgstr "%s: vstupní a výstupní soubory se musí lišit"
+
+#: plugins/sudoers/cvtsudoers.c:334 plugins/sudoers/sudoers.c:172
+#: plugins/sudoers/testsudoers.c:264 plugins/sudoers/visudo.c:238
+#: plugins/sudoers/visudo.c:594 plugins/sudoers/visudo.c:917
+msgid "unable to initialize sudoers default values"
+msgstr "nelze inicializovat výchozí hodnoty sudoers"
+
+#: plugins/sudoers/cvtsudoers.c:420 plugins/sudoers/ldap_conf.c:433
+#, c-format
+msgid "%s: %s: %s: %s"
+msgstr "%s: %s: %s: %s"
+
+#: plugins/sudoers/cvtsudoers.c:479
+#, c-format
+msgid "%s: unknown key word: %s"
+msgstr "%s: neznámé klíčové slovo: %s"
+
+#: plugins/sudoers/cvtsudoers.c:525
+#, c-format
+msgid "invalid defaults type: %s"
+msgstr "neplatný druh položky defaults: %s"
+
+#: plugins/sudoers/cvtsudoers.c:548
+#, c-format
+msgid "invalid suppression type: %s"
+msgstr "neplatný druh potlačení: %s"
+
+#: plugins/sudoers/cvtsudoers.c:588 plugins/sudoers/cvtsudoers.c:602
+#, c-format
+msgid "invalid filter: %s"
+msgstr "neplatný filtr: %s"
+
+#: plugins/sudoers/cvtsudoers.c:621 plugins/sudoers/cvtsudoers.c:638
+#: plugins/sudoers/cvtsudoers.c:1244 plugins/sudoers/cvtsudoers_json.c:1128
+#: plugins/sudoers/cvtsudoers_ldif.c:641 plugins/sudoers/iolog.c:411
+#: plugins/sudoers/iolog_util.c:72 plugins/sudoers/sudoers.c:903
+#: plugins/sudoers/sudoreplay.c:333 plugins/sudoers/sudoreplay.c:1425
+#: plugins/sudoers/timestamp.c:446 plugins/sudoers/tsdump.c:133
+#: plugins/sudoers/visudo.c:913
+#, c-format
+msgid "unable to open %s"
+msgstr "nelze otevřít %s"
+
+#: plugins/sudoers/cvtsudoers.c:641 plugins/sudoers/visudo.c:922
+#, c-format
+msgid "failed to parse %s file, unknown error"
+msgstr "rozbor souboru %s se nezdařil, neznámá chyba"
+
+#: plugins/sudoers/cvtsudoers.c:649 plugins/sudoers/visudo.c:939
+#, c-format
+msgid "parse error in %s near line %d\n"
+msgstr "chyba při rozboru %s kolem řádku %d\n"
+
+#: plugins/sudoers/cvtsudoers.c:652 plugins/sudoers/visudo.c:942
+#, c-format
+msgid "parse error in %s\n"
+msgstr "chyba při rozboru %s\n"
+
+#: plugins/sudoers/cvtsudoers.c:1291 plugins/sudoers/iolog.c:498
+#: plugins/sudoers/sudoreplay.c:1129 plugins/sudoers/timestamp.c:330
+#: plugins/sudoers/timestamp.c:333
+#, c-format
+msgid "unable to write to %s"
+msgstr "do %s nelze zapsat"
+
+#: plugins/sudoers/cvtsudoers.c:1314
+#, c-format
+msgid ""
+"%s - convert between sudoers file formats\n"
+"\n"
+msgstr ""
+"%s – převádí mezí formáty souboru sudoers\n"
+"\n"
+
+#: plugins/sudoers/cvtsudoers.c:1316
+msgid ""
+"\n"
+"Options:\n"
+"  -b, --base=dn              the base DN for sudo LDAP queries\n"
+"  -d, --defaults=deftypes    only convert Defaults of the specified types\n"
+"  -e, --expand-aliases       expand aliases when converting\n"
+"  -f, --output-format=format set output format: JSON, LDIF or sudoers\n"
+"  -i, --input-format=format  set input format: LDIF or sudoers\n"
+"  -I, --increment=num        amount to increase each sudoOrder by\n"
+"  -h, --help                 display help message and exit\n"
+"  -m, --match=filter         only convert entries that match the filter\n"
+"  -M, --match-local          match filter uses passwd and group databases\n"
+"  -o, --output=output_file   write converted sudoers to output_file\n"
+"  -O, --order-start=num      starting point for first sudoOrder\n"
+"  -p, --prune-matches        prune non-matching users, groups and hosts\n"
+"  -P, --padding=num          base padding for sudoOrder increment\n"
+"  -s, --suppress=sections    suppress output of certain sections\n"
+"  -V, --version              display version information and exit"
+msgstr ""
+"\n"
+"Přepínače:\n"
+"  -b, --base=dn              base DN pro ldapové dotazy suda\n"
+"  -d, --defaults=druhydef    převede pouze Defaults zadaných druhů\n"
+"  -e, --expand-aliases       při převodu expanduje aliasy\n"
+"  -f, --output-format=formát nastaví formát výstupu: JSON, LDIF nebo sudoers\n"
+"  -i, --input-format=formát  nastaví formát vstupu: LDIF nebo sudoers\n"
+"  -I, --increment=číslo      množství, o které zvýšit každou definici sudoOrder\n"
+"  -h, --help                 zobrazí zprávu s nápovědou a skončí\n"
+"  -m, --match=filtr          převede pouze položky, které odpovídají filtru\n"
+"  -M, --match-local          porovnávací filtr použije databáze passwd a group\n"
+"  -o, --output=výstupní_soubor\n"
+"                             zapíše převedený sudoers to výstupního_souboru\n"
+"  -O, --order-start=číslo    počáteční bod pro první sudoOrder\n"
+"  -p, --prune-matches        odstraní neodpovídající uživatele, skupiny a stroje\n"
+"  -P, --padding=číslo        základní odsazení přírůstku sudoOrder\n"
+"  -s, --suppress=oddíl       potlačí výstup jistých oddílů\n"
+"  -V, --version              zobrazí údaje o verzi a skončí"
+
+#: plugins/sudoers/cvtsudoers_json.c:682 plugins/sudoers/cvtsudoers_json.c:718
+#: plugins/sudoers/cvtsudoers_json.c:936
+#, c-format
+msgid "unknown defaults entry \"%s\""
+msgstr "neznámá položka defaults „%s“"
+
+#: plugins/sudoers/cvtsudoers_json.c:856 plugins/sudoers/cvtsudoers_json.c:871
+#: plugins/sudoers/cvtsudoers_ldif.c:306 plugins/sudoers/cvtsudoers_ldif.c:317
+#: plugins/sudoers/ldap.c:480
+msgid "unable to get GMT time"
+msgstr "nelze získat čas GMT"
+
+#: plugins/sudoers/cvtsudoers_json.c:859 plugins/sudoers/cvtsudoers_json.c:874
+#: plugins/sudoers/cvtsudoers_ldif.c:309 plugins/sudoers/cvtsudoers_ldif.c:320
+#: plugins/sudoers/ldap.c:486
+msgid "unable to format timestamp"
+msgstr "nelze naformátovat časový údaj"
+
+#: plugins/sudoers/cvtsudoers_ldif.c:524 plugins/sudoers/env.c:309
+#: plugins/sudoers/env.c:316 plugins/sudoers/env.c:421
+#: plugins/sudoers/ldap.c:494 plugins/sudoers/ldap.c:725
+#: plugins/sudoers/ldap.c:1052 plugins/sudoers/ldap_conf.c:225
+#: plugins/sudoers/ldap_conf.c:315 plugins/sudoers/linux_audit.c:87
+#: plugins/sudoers/logging.c:1015 plugins/sudoers/policy.c:623
+#: plugins/sudoers/policy.c:633 plugins/sudoers/prompt.c:166
+#: plugins/sudoers/sudoers.c:845 plugins/sudoers/testsudoers.c:255
+#: plugins/sudoers/toke_util.c:159
+#, c-format
+msgid "internal error, %s overflow"
+msgstr "vnitřní chyba, přetečení %s"
+
+#: plugins/sudoers/cvtsudoers_ldif.c:593
+#, c-format
+msgid "too many sudoers entries, maximum %u"
+msgstr "příliš mnoho záznamů sudoers, maximum je %u"
+
+#: plugins/sudoers/cvtsudoers_ldif.c:636
+msgid "the SUDOERS_BASE environment variable is not set and the -b option was not specified."
+msgstr "proměnná prostředí SUDOERS_BASE není nastavená a přepínač -b nebyl zadán."
+
+#: plugins/sudoers/def_data.c:42
+#, c-format
+msgid "Syslog facility if syslog is being used for logging: %s"
+msgstr "Obor systémového protokolu, je-li syslog použit pro protokolování: %s"
+
+#: plugins/sudoers/def_data.c:46
+#, c-format
+msgid "Syslog priority to use when user authenticates successfully: %s"
+msgstr "Priorita systémového protokolu, která se použije při úspěšné autentizaci uživatele: %s"
+
+#: plugins/sudoers/def_data.c:50
+#, c-format
+msgid "Syslog priority to use when user authenticates unsuccessfully: %s"
+msgstr "Priorita systémového protokolu, která se použije při neúspěšné autentizaci: %s"
+
+#: plugins/sudoers/def_data.c:54
+msgid "Put OTP prompt on its own line"
+msgstr "Dotaz na jednorázový kód bude na vlastním řádku"
+
+#: plugins/sudoers/def_data.c:58
+msgid "Ignore '.' in $PATH"
+msgstr "Ignoruje „.“ v PATH"
+
+#: plugins/sudoers/def_data.c:62
+msgid "Always send mail when sudo is run"
+msgstr "Vždy, když se použije sudo, odešle e-mail"
+
+#: plugins/sudoers/def_data.c:66
+msgid "Send mail if user authentication fails"
+msgstr "Odešle e-mail, když autentizace uživatele selže"
+
+#: plugins/sudoers/def_data.c:70
+msgid "Send mail if the user is not in sudoers"
+msgstr "Odešle e-mail, pokud uživatel není v sudoers"
+
+#: plugins/sudoers/def_data.c:74
+msgid "Send mail if the user is not in sudoers for this host"
+msgstr "Odešle e-mail, když uživatel není v sudoers uveden pro tento stroj"
+
+#: plugins/sudoers/def_data.c:78
+msgid "Send mail if the user is not allowed to run a command"
+msgstr "Odešle e-mail, když uživatel nemá dovoleno spustit příkaz"
+
+#: plugins/sudoers/def_data.c:82
+msgid "Send mail if the user tries to run a command"
+msgstr "Odešle e-mail, když uživatel zkusí spustit příkaz"
+
+#: plugins/sudoers/def_data.c:86
+msgid "Use a separate timestamp for each user/tty combo"
+msgstr "Pro každou kombinaci uživatele a TTY použije samostatný časovač"
+
+#: plugins/sudoers/def_data.c:90
+msgid "Lecture user the first time they run sudo"
+msgstr "Před prvním použitím sudo proškolí uživatele"
+
+#: plugins/sudoers/def_data.c:94
+#, c-format
+msgid "File containing the sudo lecture: %s"
+msgstr "Soubor obsahující školení k sudo: %s"
+
+#: plugins/sudoers/def_data.c:98
+msgid "Require users to authenticate by default"
+msgstr "Standardně vyžaduje, aby se uživatelé autentizovali"
+
+#: plugins/sudoers/def_data.c:102
+msgid "Root may run sudo"
+msgstr "Root může spustit sudo"
+
+#: plugins/sudoers/def_data.c:106
+msgid "Log the hostname in the (non-syslog) log file"
+msgstr "Do (nesyslogového) protokolu zaznamenává název stroje"
+
+#: plugins/sudoers/def_data.c:110
+msgid "Log the year in the (non-syslog) log file"
+msgstr "Do (nesyslogového) protokolu zaznamenává rok"
+
+#: plugins/sudoers/def_data.c:114
+msgid "If sudo is invoked with no arguments, start a shell"
+msgstr "Je-li sudo zavoláno bez argumentů, spustí shell"
+
+#: plugins/sudoers/def_data.c:118
+msgid "Set $HOME to the target user when starting a shell with -s"
+msgstr "Nastaví HOME na cílového uživatele, když se pouští shell s -s"
+
+#: plugins/sudoers/def_data.c:122
+msgid "Always set $HOME to the target user's home directory"
+msgstr "Vždy nastaví HOME na domovský adresář cílového uživatele"
+
+#: plugins/sudoers/def_data.c:126
+msgid "Allow some information gathering to give useful error messages"
+msgstr "Dovolí sběr některých údajů za účelem užitečných chybových zpráv"
+
+#: plugins/sudoers/def_data.c:130
+msgid "Require fully-qualified hostnames in the sudoers file"
+msgstr "Vyžaduje v souboru sudoers plně kvalifikované názvy strojů"
+
+#: plugins/sudoers/def_data.c:134
+msgid "Insult the user when they enter an incorrect password"
+msgstr "Urazí uživatele, pokud zadá chybné heslo"
+
+#: plugins/sudoers/def_data.c:138
+msgid "Only allow the user to run sudo if they have a tty"
+msgstr "Dovolí uživateli spustit sudo, pouze když má TTY"
+
+#: plugins/sudoers/def_data.c:142
+msgid "Visudo will honor the EDITOR environment variable"
+msgstr "Visudo bude dodržovat proměnou prostředí EDITOR"
+
+#: plugins/sudoers/def_data.c:146
+msgid "Prompt for root's password, not the users's"
+msgstr "Ptá se heslo roota, ne na heslo uživatele"
+
+#: plugins/sudoers/def_data.c:150
+msgid "Prompt for the runas_default user's password, not the users's"
+msgstr "Ptá se na heslo runas_default uživatele, ne na heslo uživatele"
+
+#: plugins/sudoers/def_data.c:154
+msgid "Prompt for the target user's password, not the users's"
+msgstr "Ptá se na heslo cílového uživatele, ne na heslo uživatele"
+
+#: plugins/sudoers/def_data.c:158
+msgid "Apply defaults in the target user's login class if there is one"
+msgstr "Použije výchozí nastavení v přihlašovací třídě cílového uživatele, existuje-li"
+
+#: plugins/sudoers/def_data.c:162
+msgid "Set the LOGNAME and USER environment variables"
+msgstr "Nastaví proměnné prostředí LOGNAME a USER"
+
+#: plugins/sudoers/def_data.c:166
+msgid "Only set the effective uid to the target user, not the real uid"
+msgstr "Nastaví pouze efektivní UID na cílového uživatele, nikoliv reálné UID"
+
+#: plugins/sudoers/def_data.c:170
+msgid "Don't initialize the group vector to that of the target user"
+msgstr "Neinicializuje vektor skupin na vektor cílového uživatele"
+
+#: plugins/sudoers/def_data.c:174
+#, c-format
+msgid "Length at which to wrap log file lines (0 for no wrap): %u"
+msgstr "Délka zlomu řádků v protokolu (0 pro nezalamování): %u"
+
+#: plugins/sudoers/def_data.c:178
+#, c-format
+msgid "Authentication timestamp timeout: %.1f minutes"
+msgstr "Limit na časové údaje autentizace: %.1f min"
+
+#: plugins/sudoers/def_data.c:182
+#, c-format
+msgid "Password prompt timeout: %.1f minutes"
+msgstr "Limit na výzvu k heslu: %.1f min"
+
+#: plugins/sudoers/def_data.c:186
+#, c-format
+msgid "Number of tries to enter a password: %u"
+msgstr "Počet pokusů na zadání hesla: %u"
+
+#: plugins/sudoers/def_data.c:190
+#, c-format
+msgid "Umask to use or 0777 to use user's: 0%o"
+msgstr "Umask nebo 0777 pro hodnotu uživatele: 0%o"
+
+#: plugins/sudoers/def_data.c:194
+#, c-format
+msgid "Path to log file: %s"
+msgstr "Cesta k souboru s protokolem: %s"
+
+#: plugins/sudoers/def_data.c:198
+#, c-format
+msgid "Path to mail program: %s"
+msgstr "Cesta k poštovnímu programu: %s"
+
+#: plugins/sudoers/def_data.c:202
+#, c-format
+msgid "Flags for mail program: %s"
+msgstr "Přepínače pro poštovní program: %s"
+
+#: plugins/sudoers/def_data.c:206
+#, c-format
+msgid "Address to send mail to: %s"
+msgstr "Adresa, kam zasílat poštu: %s"
+
+#: plugins/sudoers/def_data.c:210
+#, c-format
+msgid "Address to send mail from: %s"
+msgstr "Adrese, ze které zasílat poštu: %s"
+
+#: plugins/sudoers/def_data.c:214
+#, c-format
+msgid "Subject line for mail messages: %s"
+msgstr "Řádek s předmětem pro poštovní zprávy: %s"
+
+#: plugins/sudoers/def_data.c:218
+#, c-format
+msgid "Incorrect password message: %s"
+msgstr "Zpráva při chybném hesle: %s"
+
+#: plugins/sudoers/def_data.c:222
+#, c-format
+msgid "Path to lecture status dir: %s"
+msgstr "Cesta k adresáři se stavy lekcí: %s"
+
+#: plugins/sudoers/def_data.c:226
+#, c-format
+msgid "Path to authentication timestamp dir: %s"
+msgstr "Cesta k adresáři s časovými údaji autentizace: %s"
+
+#: plugins/sudoers/def_data.c:230
+#, c-format
+msgid "Owner of the authentication timestamp dir: %s"
+msgstr "Vlastník adresáře s časovými údaji autentizace: %s"
+
+#: plugins/sudoers/def_data.c:234
+#, c-format
+msgid "Users in this group are exempt from password and PATH requirements: %s"
+msgstr "Uživatelé v této skupině jsou vyjmuti z požadavků na heslo na PATH: %s"
+
+#: plugins/sudoers/def_data.c:238
+#, c-format
+msgid "Default password prompt: %s"
+msgstr "Výchozí výzva pro heslo: %s"
+
+#: plugins/sudoers/def_data.c:242
+msgid "If set, passprompt will override system prompt in all cases."
+msgstr "Je-li nastaveno, passprompt přebije systémovou výzvu ve všech případech."
+
+#: plugins/sudoers/def_data.c:246
+#, c-format
+msgid "Default user to run commands as: %s"
+msgstr "Výchozí uživatel, pro kterým spouštět příkazy: %s"
+
+#: plugins/sudoers/def_data.c:250
+#, c-format
+msgid "Value to override user's $PATH with: %s"
+msgstr "Hodnota, kterou přebít PATH uživatele: %s"
+
+#: plugins/sudoers/def_data.c:254
+#, c-format
+msgid "Path to the editor for use by visudo: %s"
+msgstr "Cesta k editoru pro potřeby visudo: %s"
+
+#: plugins/sudoers/def_data.c:258
+#, c-format
+msgid "When to require a password for 'list' pseudocommand: %s"
+msgstr "Kdy vyžadovat heslo pro pseudopříkaz „list“: %s"
+
+#: plugins/sudoers/def_data.c:262
+#, c-format
+msgid "When to require a password for 'verify' pseudocommand: %s"
+msgstr "Kdy vyžadovat heslo pro pseudopříkaz „verify“: %s"
+
+#: plugins/sudoers/def_data.c:266
+msgid "Preload the dummy exec functions contained in the sudo_noexec library"
+msgstr "Přednačíst prázdné spouštěcí funkce obsažené v knihovně sudo_noexec"
+
+#: plugins/sudoers/def_data.c:270
+msgid "If LDAP directory is up, do we ignore local sudoers file"
+msgstr "Pokud je adresář LDAP dostupný, ignorovat místní soubor sudoers"
+
+#: plugins/sudoers/def_data.c:274
+#, c-format
+msgid "File descriptors >= %d will be closed before executing a command"
+msgstr "Souborové deskriptory >= %d budou před spuštěním příkazu uzavřeny"
+
+#: plugins/sudoers/def_data.c:278
+msgid "If set, users may override the value of `closefrom' with the -C option"
+msgstr "Je-li nastaveno, uživatelé mohou přebít hodnotu „closefrom“ přepínačem -C"
+
+#: plugins/sudoers/def_data.c:282
+msgid "Allow users to set arbitrary environment variables"
+msgstr "Dovolit uživatelům nastavit libovolné proměnné prostředí"
+
+#: plugins/sudoers/def_data.c:286
+msgid "Reset the environment to a default set of variables"
+msgstr "Vrátit prostředí do výchozí množiny proměnných"
+
+#: plugins/sudoers/def_data.c:290
+msgid "Environment variables to check for sanity:"
+msgstr "Proměnné prostředí kontrolované na logičnost:"
+
+#: plugins/sudoers/def_data.c:294
+msgid "Environment variables to remove:"
+msgstr "Proměnné prostředí, které se mají odstranit:"
+
+#: plugins/sudoers/def_data.c:298
+msgid "Environment variables to preserve:"
+msgstr "Proměnné prostředí, které se mají zachovat:"
+
+#: plugins/sudoers/def_data.c:302
+#, c-format
+msgid "SELinux role to use in the new security context: %s"
+msgstr "Selinuxový role, která se použije v novém bezpečnostním kontextu: %s"
+
+#: plugins/sudoers/def_data.c:306
+#, c-format
+msgid "SELinux type to use in the new security context: %s"
+msgstr "Selinuxový typ, který se použije v novém bezpečnostním kontextu: %s"
+
+#: plugins/sudoers/def_data.c:310
+#, c-format
+msgid "Path to the sudo-specific environment file: %s"
+msgstr "Cesta k souboru s prostředím určeném pro sudo: %s"
+
+#: plugins/sudoers/def_data.c:314
+#, c-format
+msgid "Path to the restricted sudo-specific environment file: %s"
+msgstr "Cesta k souboru s omezeným prostředím určeném pro sudo: %s"
+
+#: plugins/sudoers/def_data.c:318
+#, c-format
+msgid "Locale to use while parsing sudoers: %s"
+msgstr "Národní prostředí, které se použije pro rozbor sudoers: %s"
+
+#: plugins/sudoers/def_data.c:322
+msgid "Allow sudo to prompt for a password even if it would be visible"
+msgstr "Dovolit sudu ptát se na heslo, i kdyby bylo čitelné"
+
+#: plugins/sudoers/def_data.c:326
+msgid "Provide visual feedback at the password prompt when there is user input"
+msgstr "Indikovat vstup uživatele při dotazu na heslo"
+
+#: plugins/sudoers/def_data.c:330
+msgid "Use faster globbing that is less accurate but does not access the filesystem"
+msgstr "Použit rychlejší expanzi globů, která je méně přesná, ale nepřistupuje k souborovému systému"
+
+#: plugins/sudoers/def_data.c:334
+msgid "The umask specified in sudoers will override the user's, even if it is more permissive"
+msgstr "Umask zadaná v sudoers přebije uživatelovu, i když je volnější"
+
+#: plugins/sudoers/def_data.c:338
+msgid "Log user's input for the command being run"
+msgstr "Zaznamenávat vstup uživatele pro spouštěný příkaz"
+
+#: plugins/sudoers/def_data.c:342
+msgid "Log the output of the command being run"
+msgstr "Zaznamenávat výstup spouštěného příkazu"
+
+#: plugins/sudoers/def_data.c:346
+msgid "Compress I/O logs using zlib"
+msgstr "Komprimovat protokoly o vstupu/výstupu pomocí zlib"
+
+#: plugins/sudoers/def_data.c:350
+msgid "Always run commands in a pseudo-tty"
+msgstr "Vždy spouštět příkazy v pseudoTTY"
+
+#: plugins/sudoers/def_data.c:354
+#, c-format
+msgid "Plugin for non-Unix group support: %s"
+msgstr "Modul pro podporu neunixových skupin: %s"
+
+#: plugins/sudoers/def_data.c:358
+#, c-format
+msgid "Directory in which to store input/output logs: %s"
+msgstr "Adresář, kam ukládat protokoly o vstupu/výstupu: %s"
+
+#: plugins/sudoers/def_data.c:362
+#, c-format
+msgid "File in which to store the input/output log: %s"
+msgstr "Soubor, do kterého ukládat protokol o vstupu/výstupu: %s"
+
+#: plugins/sudoers/def_data.c:366
+msgid "Add an entry to the utmp/utmpx file when allocating a pty"
+msgstr "Při alokaci PTY přidat záznam do souboru utmp/utmpx"
+
+#: plugins/sudoers/def_data.c:370
+msgid "Set the user in utmp to the runas user, not the invoking user"
+msgstr "Do utmp zapisovat runas uživatele, nikoliv uživatele volajícího"
+
+#: plugins/sudoers/def_data.c:374
+#, c-format
+msgid "Set of permitted privileges: %s"
+msgstr "Množina povolujících práv: %s"
+
+#: plugins/sudoers/def_data.c:378
+#, c-format
+msgid "Set of limit privileges: %s"
+msgstr "Množina omezujících práv: %s"
+
+#: plugins/sudoers/def_data.c:382
+msgid "Run commands on a pty in the background"
+msgstr "Spouštět příkazy v PTY na pozadí"
+
+#: plugins/sudoers/def_data.c:386
+#, c-format
+msgid "PAM service name to use: %s"
+msgstr "Použít tuto službu PAM: %s"
+
+#: plugins/sudoers/def_data.c:390
+#, c-format
+msgid "PAM service name to use for login shells: %s"
+msgstr "Název služby PAM, který se použije pro přihlašovací shelly: %s"
+
+#: plugins/sudoers/def_data.c:394
+msgid "Attempt to establish PAM credentials for the target user"
+msgstr "Pokusit se získat pověření PAM pro cílového uživatele"
+
+#: plugins/sudoers/def_data.c:398
+msgid "Create a new PAM session for the command to run in"
+msgstr "Vytvořit pro spouštěný příkaz novou relaci PAM"
+
+#: plugins/sudoers/def_data.c:402
+#, c-format
+msgid "Maximum I/O log sequence number: %u"
+msgstr "Maximální pořadové číslo protokolu o vstupu/výstupu: %u"
+
+#: plugins/sudoers/def_data.c:406
+msgid "Enable sudoers netgroup support"
+msgstr "Zapnout v sudoers podporu netgroup"
+
+#: plugins/sudoers/def_data.c:410
+msgid "Check parent directories for writability when editing files with sudoedit"
+msgstr "Kontrolovat nadřazené adresáře na možnost zápisu při úpravě souborů pomocí sudoedit"
+
+#: plugins/sudoers/def_data.c:414
+msgid "Follow symbolic links when editing files with sudoedit"
+msgstr "Následovat symbolické odkazy při úpravě souborů pomocí sudoedit"
+
+#: plugins/sudoers/def_data.c:418
+msgid "Query the group plugin for unknown system groups"
+msgstr "Dotazovat se modulu pro skupiny na neznámé systémové skupiny"
+
+#: plugins/sudoers/def_data.c:422
+msgid "Match netgroups based on the entire tuple: user, host and domain"
+msgstr "Porovnávat netgroups na celou n-tici: uživatel, stroj a doména"
+
+#: plugins/sudoers/def_data.c:426
+msgid "Allow commands to be run even if sudo cannot write to the audit log"
+msgstr "Dovolit spuštění příkazu, i když sudo nemůže zapsat do auditního protokolu"
+
+#: plugins/sudoers/def_data.c:430
+msgid "Allow commands to be run even if sudo cannot write to the I/O log"
+msgstr "Dovolit spuštění příkazu, i když sudo nemůže zapsat do I/O protokolu"
+
+#: plugins/sudoers/def_data.c:434
+msgid "Allow commands to be run even if sudo cannot write to the log file"
+msgstr "Dovolit spuštění příkazu, i když sudo nemůže zapsat do souboru s protokolem"
+
+#: plugins/sudoers/def_data.c:438
+msgid "Resolve groups in sudoers and match on the group ID, not the name"
+msgstr "Překládat skupiny v sudoers a hledat shodu na ID skupiny, ne na jméně"
+
+#: plugins/sudoers/def_data.c:442
+#, c-format
+msgid "Log entries larger than this value will be split into multiple syslog messages: %u"
+msgstr "Položky protokolu větší než tato hodnota budou rozděleny do více zpráv syslogu: %u"
+
+#: plugins/sudoers/def_data.c:446
+#, c-format
+msgid "User that will own the I/O log files: %s"
+msgstr "Uživatel, který bude vlastnit soubory s I/O protokolem: %s"
+
+#: plugins/sudoers/def_data.c:450
+#, c-format
+msgid "Group that will own the I/O log files: %s"
+msgstr "Skupina, která bude vlastnit soubory s I/O protokolem: %s"
+
+#: plugins/sudoers/def_data.c:454
+#, c-format
+msgid "File mode to use for the I/O log files: 0%o"
+msgstr "Přístupová práva k souboru s I/O protokolem: 0%o"
+
+#: plugins/sudoers/def_data.c:458
+#, c-format
+msgid "Execute commands by file descriptor instead of by path: %s"
+msgstr "Spustit příkazy podle deskriptoru souboru namísto podle cesty: %s"
+
+#: plugins/sudoers/def_data.c:462
+msgid "Ignore unknown Defaults entries in sudoers instead of producing a warning"
+msgstr "Ignorovat neznámé položky Defaults v sudoers namísto vypisování varování"
+
+#: plugins/sudoers/def_data.c:466
+#, c-format
+msgid "Time in seconds after which the command will be terminated: %u"
+msgstr "Čas v sekundách, po kterém bude příkaz ukončen: %u"
+
+#: plugins/sudoers/def_data.c:470
+msgid "Allow the user to specify a timeout on the command line"
+msgstr "Povolit uživateli zadat časový limit na příkazovém řádku"
+
+#: plugins/sudoers/def_data.c:474
+msgid "Flush I/O log data to disk immediately instead of buffering it"
+msgstr "Zapisovat log na disk ihned namísto po větších částech"
+
+#: plugins/sudoers/def_data.c:478
+msgid "Include the process ID when logging via syslog"
+msgstr "Při protokolování přes syslog zahrnout ID procesu"
+
+#: plugins/sudoers/def_data.c:482
+#, c-format
+msgid "Type of authentication timestamp record: %s"
+msgstr "Druh záznamu s časovým údajem autentizace: %s"
+
+#: plugins/sudoers/def_data.c:486
+#, c-format
+msgid "Authentication failure message: %s"
+msgstr "Zpráva o selhání autentizace: %s"
+
+#: plugins/sudoers/def_data.c:490
+msgid "Ignore case when matching user names"
+msgstr "Ignorovat velikost znaků při porovnávání jmen uživatelů"
+
+#: plugins/sudoers/def_data.c:494
+msgid "Ignore case when matching group names"
+msgstr "Ignorovat velikost znaků při porovnávání názvů skupin"
+
+#: plugins/sudoers/defaults.c:229
+#, c-format
+msgid "%s:%d unknown defaults entry \"%s\""
+msgstr "%s:%d neznámá položka defaults „%s“"
+
+#: plugins/sudoers/defaults.c:232
+#, c-format
+msgid "%s: unknown defaults entry \"%s\""
+msgstr "%s: neznámá položka defaults „%s“"
+
+#: plugins/sudoers/defaults.c:275
+#, c-format
+msgid "%s:%d no value specified for \"%s\""
+msgstr "%s:%d u „%s“ nebyla zadána žádná hodnota"
+
+#: plugins/sudoers/defaults.c:278
+#, c-format
+msgid "%s: no value specified for \"%s\""
+msgstr "%s: u „%s“ nebyla zadána žádná hodnota"
+
+#: plugins/sudoers/defaults.c:298
+#, c-format
+msgid "%s:%d values for \"%s\" must start with a '/'"
+msgstr "%s:%d hodnoty u „%s“ musí začínat na „/“"
+
+#: plugins/sudoers/defaults.c:301
+#, c-format
+msgid "%s: values for \"%s\" must start with a '/'"
+msgstr "%s: hodnoty u „%s“ musí začínat na „/“"
+
+#: plugins/sudoers/defaults.c:323
+#, c-format
+msgid "%s:%d option \"%s\" does not take a value"
+msgstr "%s:%d volba „%s“ nebere hodnotu"
+
+#: plugins/sudoers/defaults.c:326
+#, c-format
+msgid "%s: option \"%s\" does not take a value"
+msgstr "%s: volba „%s“ nebere hodnotu"
+
+#: plugins/sudoers/defaults.c:351
+#, c-format
+msgid "%s:%d invalid Defaults type 0x%x for option \"%s\""
+msgstr "%s:%d neplatný typ Defaults 0x%x u volby „%s“"
+
+#: plugins/sudoers/defaults.c:354
+#, c-format
+msgid "%s: invalid Defaults type 0x%x for option \"%s\""
+msgstr "%s: neplatný typ Defaults 0x%x u volby „%s“"
+
+#: plugins/sudoers/defaults.c:364
+#, c-format
+msgid "%s:%d value \"%s\" is invalid for option \"%s\""
+msgstr "%s:%d hodnota „%s“ je pro volbu „%s“ neplatná"
+
+#: plugins/sudoers/defaults.c:367
+#, c-format
+msgid "%s: value \"%s\" is invalid for option \"%s\""
+msgstr "%s: hodnota „%s“ je pro volbu „%s“ neplatná"
+
+#: plugins/sudoers/env.c:390
+msgid "sudo_putenv: corrupted envp, length mismatch"
+msgstr "sudo_putenv: poškozené pole envp, délka nesouhlasí"
+
+#: plugins/sudoers/env.c:1111
+msgid "unable to rebuild the environment"
+msgstr "prostředí nelze znovu sestavit"
+
+#: plugins/sudoers/env.c:1185
+#, c-format
+msgid "sorry, you are not allowed to set the following environment variables: %s"
+msgstr "je nám líto, ale nemáte dovoleno nastavovat následující proměnné prostředí: %s"
+
+#: plugins/sudoers/file.c:114
+#, c-format
+msgid "parse error in %s near line %d"
+msgstr "chyba rozboru v %s kolem řádku %d"
+
+#: plugins/sudoers/file.c:117
+#, c-format
+msgid "parse error in %s"
+msgstr "chyba rozboru v %s"
+
+#: plugins/sudoers/filedigest.c:59
+#, c-format
+msgid "unsupported digest type %d for %s"
+msgstr "nepodporovaný druh kontrolního součtu %d pro %s"
+
+#: plugins/sudoers/filedigest.c:88
+#, c-format
+msgid "%s: read error"
+msgstr "%s: chyba při čtení"
+
+#: plugins/sudoers/group_plugin.c:88
+#, c-format
+msgid "%s must be owned by uid %d"
+msgstr "%s musí být vlastněn UID %d"
+
+#: plugins/sudoers/group_plugin.c:92
+#, c-format
+msgid "%s must only be writable by owner"
+msgstr "%s smí být zapisovatelný jen pro vlastníka"
+
+#: plugins/sudoers/group_plugin.c:100 plugins/sudoers/sssd.c:561
+#, c-format
+msgid "unable to load %s: %s"
+msgstr "nelze zavést %s: %s"
+
+#: plugins/sudoers/group_plugin.c:106
+#, c-format
+msgid "unable to find symbol \"group_plugin\" in %s"
+msgstr "v %s nelze nalézt symbol „group_plugin“"
+
+#: plugins/sudoers/group_plugin.c:111
+#, c-format
+msgid "%s: incompatible group plugin major version %d, expected %d"
+msgstr "%s: nekompatibilní hlavní verze modulu pro skupiny %d, očekávána %d"
+
+#: plugins/sudoers/interfaces.c:84 plugins/sudoers/interfaces.c:101
+#, c-format
+msgid "unable to parse IP address \"%s\""
+msgstr "nelze rozebrat IP adresu „%s“"
+
+#: plugins/sudoers/interfaces.c:89 plugins/sudoers/interfaces.c:106
+#, c-format
+msgid "unable to parse netmask \"%s\""
+msgstr "nelze rozebrat síťovou masku „%s“"
+
+#: plugins/sudoers/interfaces.c:134
+msgid "Local IP address and netmask pairs:\n"
+msgstr "Pár místní IP adresy a masky sítě:\n"
+
+#: plugins/sudoers/iolog.c:115 plugins/sudoers/mkdir_parents.c:80
+#, c-format
+msgid "%s exists but is not a directory (0%o)"
+msgstr "%s existuje, ale nejedná se o adresář (0%o)"
+
+#: plugins/sudoers/iolog.c:140 plugins/sudoers/iolog.c:180
+#: plugins/sudoers/mkdir_parents.c:69 plugins/sudoers/timestamp.c:210
+#, c-format
+msgid "unable to mkdir %s"
+msgstr "nelze vytvořit adresář %s"
+
+#: plugins/sudoers/iolog.c:184 plugins/sudoers/visudo.c:723
+#: plugins/sudoers/visudo.c:734
+#, c-format
+msgid "unable to change mode of %s to 0%o"
+msgstr "nelze změnit práva %s na 0%o"
+
+#: plugins/sudoers/iolog.c:292 plugins/sudoers/sudoers.c:1167
+#: plugins/sudoers/testsudoers.c:422
+#, c-format
+msgid "unknown group: %s"
+msgstr "neznámá skupina: %s"
+
+#: plugins/sudoers/iolog.c:462 plugins/sudoers/sudoers.c:907
+#: plugins/sudoers/sudoreplay.c:840 plugins/sudoers/sudoreplay.c:1536
+#: plugins/sudoers/tsdump.c:143
+#, c-format
+msgid "unable to read %s"
+msgstr "%s nelze číst"
+
+#: plugins/sudoers/iolog.c:577 plugins/sudoers/iolog.c:797
+#, c-format
+msgid "unable to create %s"
+msgstr "%s nelze vytvořit"
+
+#: plugins/sudoers/iolog.c:820 plugins/sudoers/iolog.c:1035
+#: plugins/sudoers/iolog.c:1111 plugins/sudoers/iolog.c:1205
+#: plugins/sudoers/iolog.c:1265
+#, c-format
+msgid "unable to write to I/O log file: %s"
+msgstr "nelze zapsat do souboru s I/O protokolem: %s"
+
+#: plugins/sudoers/iolog.c:1069
+#, c-format
+msgid "%s: internal error, I/O log file for event %d not open"
+msgstr "%s: vnitřní chyba, soubor s I/O protokolem pro událost %d není otevřen"
+
+#: plugins/sudoers/iolog.c:1228
+#, c-format
+msgid "%s: internal error, invalid signal %d"
+msgstr "%s: vnitřní chyba, neplatný signál %d"
+
+#: plugins/sudoers/iolog_util.c:87
+#, c-format
+msgid "%s: invalid log file"
+msgstr "%s: neplatný soubor s protokolem"
+
+#: plugins/sudoers/iolog_util.c:105
+#, c-format
+msgid "%s: time stamp field is missing"
+msgstr "%s: chybí položka s časovým údajem"
+
+#: plugins/sudoers/iolog_util.c:111
+#, c-format
+msgid "%s: time stamp %s: %s"
+msgstr "%s: čas %s: %s"
+
+#: plugins/sudoers/iolog_util.c:118
+#, c-format
+msgid "%s: user field is missing"
+msgstr "%s: chybí položka s uživatelem"
+
+#: plugins/sudoers/iolog_util.c:127
+#, c-format
+msgid "%s: runas user field is missing"
+msgstr "%s: chybí položka s runas uživatelem"
+
+#: plugins/sudoers/iolog_util.c:136
+#, c-format
+msgid "%s: runas group field is missing"
+msgstr "%s chybí položka s runas skupinou"
+
+#: plugins/sudoers/ldap.c:176 plugins/sudoers/ldap_conf.c:294
+msgid "starttls not supported when using ldaps"
+msgstr "při použití ldaps není starttls podporováno"
+
+#: plugins/sudoers/ldap.c:247
+#, c-format
+msgid "unable to initialize SSL cert and key db: %s"
+msgstr "nelze inicializovat certifikát SSL a databázi klíčů: %s"
+
+#: plugins/sudoers/ldap.c:250
+#, c-format
+msgid "you must set TLS_CERT in %s to use SSL"
+msgstr "pro SSL musíte v %s nastavit TLS_CERT"
+
+#: plugins/sudoers/ldap.c:1612
+#, c-format
+msgid "unable to initialize LDAP: %s"
+msgstr "LDAP nelze inicializovat: %s"
+
+#: plugins/sudoers/ldap.c:1648
+msgid "start_tls specified but LDAP libs do not support ldap_start_tls_s() or ldap_start_tls_s_np()"
+msgstr "start_tls uvedeno, ale knihovna LDAP nepodporuje ldap_start_tls_s_np() ani ldap_start_tls_s_np()"
+
+#: plugins/sudoers/ldap.c:1785 plugins/sudoers/parse_ldif.c:735
+#, c-format
+msgid "invalid sudoOrder attribute: %s"
+msgstr "neplatný atribut sudoOrder: %s"
+
+#: plugins/sudoers/ldap_conf.c:203
+msgid "sudo_ldap_conf_add_ports: port too large"
+msgstr "sudo_ldap_conf_add_ports: port je příliš velký"
+
+#: plugins/sudoers/ldap_conf.c:263
+#, c-format
+msgid "unsupported LDAP uri type: %s"
+msgstr "nepodporovaný typ ldapového URI: %s"
+
+#: plugins/sudoers/ldap_conf.c:290
+msgid "unable to mix ldap and ldaps URIs"
+msgstr "nelze míchat URI ldap a ldaps"
+
+#: plugins/sudoers/ldap_util.c:454 plugins/sudoers/ldap_util.c:456
+#, c-format
+msgid "unable to convert sudoOption: %s%s%s"
+msgstr "nelze převést sudoOption: %s%s%s"
+
+#: plugins/sudoers/linux_audit.c:57
+msgid "unable to open audit system"
+msgstr "nelze otevřít auditní systém"
+
+#: plugins/sudoers/linux_audit.c:98
+msgid "unable to send audit message"
+msgstr "nelze odeslat auditní zprávu"
+
+#: plugins/sudoers/logging.c:113
+#, c-format
+msgid "%8s : %s"
+msgstr "%8s : %s"
+
+#: plugins/sudoers/logging.c:141
+#, c-format
+msgid "%8s : (command continued) %s"
+msgstr "%8s : (příkaz pokračuje) %s"
+
+#: plugins/sudoers/logging.c:170
+#, c-format
+msgid "unable to open log file: %s"
+msgstr "nelze otevřít soubor protokolu: %s"
+
+#: plugins/sudoers/logging.c:178
+#, c-format
+msgid "unable to lock log file: %s"
+msgstr "nelze zamknout soubor protokolu: %s"
+
+#: plugins/sudoers/logging.c:211
+#, c-format
+msgid "unable to write log file: %s"
+msgstr "nelze zapsat soubor protokolu: %s"
+
+#: plugins/sudoers/logging.c:240
+msgid "No user or host"
+msgstr "Žádný uživatel nebo stroj"
+
+#: plugins/sudoers/logging.c:242
+msgid "validation failure"
+msgstr "selhání ověření"
+
+#: plugins/sudoers/logging.c:249
+msgid "user NOT in sudoers"
+msgstr "uživatel NENÍ v sudoers"
+
+#: plugins/sudoers/logging.c:251
+msgid "user NOT authorized on host"
+msgstr "uživatel NENÍ na stroji autorizován"
+
+#: plugins/sudoers/logging.c:253
+msgid "command not allowed"
+msgstr "příkaz nedovolen"
+
+#: plugins/sudoers/logging.c:288
+#, c-format
+msgid "%s is not in the sudoers file.  This incident will be reported.\n"
+msgstr "%s není v souboru sudoers. Tento událost bude ohlášena.\n"
+
+#: plugins/sudoers/logging.c:291
+#, c-format
+msgid "%s is not allowed to run sudo on %s.  This incident will be reported.\n"
+msgstr "%s nemá dovoleno spouštět sudo na %s. Tato událost bude ohlášena.\n"
+
+#: plugins/sudoers/logging.c:295
+#, c-format
+msgid "Sorry, user %s may not run sudo on %s.\n"
+msgstr "Je nám líto, uživatel %s nesmí spouštět sudo na %s.\n"
+
+#: plugins/sudoers/logging.c:298
+#, c-format
+msgid "Sorry, user %s is not allowed to execute '%s%s%s' as %s%s%s on %s.\n"
+msgstr "Je nám líto, uživatel %s nemá dovoleno spouštět „%s%s%s“ jako %s%s%s na %s.\n"
+
+#: plugins/sudoers/logging.c:335 plugins/sudoers/sudoers.c:438
+#: plugins/sudoers/sudoers.c:440 plugins/sudoers/sudoers.c:442
+#: plugins/sudoers/sudoers.c:444 plugins/sudoers/sudoers.c:599
+#: plugins/sudoers/sudoers.c:601
+#, c-format
+msgid "%s: command not found"
+msgstr "%s: příkaz nenalezen"
+
+#: plugins/sudoers/logging.c:337 plugins/sudoers/sudoers.c:434
+#, c-format
+msgid ""
+"ignoring \"%s\" found in '.'\n"
+"Use \"sudo ./%s\" if this is the \"%s\" you wish to run."
+msgstr ""
+"ignoruje se „%s“ nalezený v „.“\n"
+"Použijte „sudo ./%s„, je-li toto „%s“', který chcete spustit."
+
+#: plugins/sudoers/logging.c:354
+msgid "authentication failure"
+msgstr "selhání autentizace"
+
+#: plugins/sudoers/logging.c:380
+msgid "a password is required"
+msgstr "je vyžadováno heslo"
+
+#: plugins/sudoers/logging.c:443
+#, c-format
+msgid "%u incorrect password attempt"
+msgid_plural "%u incorrect password attempts"
+msgstr[0] "%u chybný pokus zadat heslo"
+msgstr[1] "%u chybné pokusy zadat heslo"
+msgstr[2] "%u chybných pokusů zadat heslo"
+
+#: plugins/sudoers/logging.c:666
+msgid "unable to fork"
+msgstr "nelze vytvořit proces"
+
+#: plugins/sudoers/logging.c:674 plugins/sudoers/logging.c:726
+#, c-format
+msgid "unable to fork: %m"
+msgstr "nelze vytvořit proces: %m"
+
+#: plugins/sudoers/logging.c:716
+#, c-format
+msgid "unable to open pipe: %m"
+msgstr "nelze otevřít rouru: %m"
+
+#: plugins/sudoers/logging.c:741
+#, c-format
+msgid "unable to dup stdin: %m"
+msgstr "nelze zdvojit standardní vstup: %m"
+
+#: plugins/sudoers/logging.c:779
+#, c-format
+msgid "unable to execute %s: %m"
+msgstr "nelze spustit %s: %m"
+
+#: plugins/sudoers/match.c:874
+#, c-format
+msgid "digest for %s (%s) is not in %s form"
+msgstr "součet pro %s (%s) nemá tvar %s"
+
+#: plugins/sudoers/mkdir_parents.c:75 plugins/sudoers/sudoers.c:918
+#: plugins/sudoers/visudo.c:421 plugins/sudoers/visudo.c:717
+#, c-format
+msgid "unable to stat %s"
+msgstr "nelze zjistit údaje o %s"
+
+#: plugins/sudoers/parse.c:444
+#, c-format
+msgid ""
+"\n"
+"LDAP Role: %s\n"
+msgstr ""
+"\n"
+"Role LDAP: %s\n"
+
+#: plugins/sudoers/parse.c:447
+#, c-format
+msgid ""
+"\n"
+"Sudoers entry:\n"
+msgstr ""
+"\n"
+"Položka v sudoers:\n"
+
+#: plugins/sudoers/parse.c:449
+#, c-format
+msgid "    RunAsUsers: "
+msgstr "    RunAsUsers: "
+
+#: plugins/sudoers/parse.c:464
+#, c-format
+msgid "    RunAsGroups: "
+msgstr "    RunAsGroups: "
+
+#: plugins/sudoers/parse.c:474
+#, c-format
+msgid "    Options: "
+msgstr "    Volby: "
+
+#: plugins/sudoers/parse.c:528
+#, c-format
+msgid "    Commands:\n"
+msgstr "    Příkazy:\n"
+
+#: plugins/sudoers/parse.c:719
+#, c-format
+msgid "Matching Defaults entries for %s on %s:\n"
+msgstr "Odpovídající položky Defaults pro %s na %s:\n"
+
+#: plugins/sudoers/parse.c:737
+#, c-format
+msgid "Runas and Command-specific defaults for %s:\n"
+msgstr "Výchozí hodnoty Runas a Command pro %s:\n"
+
+#: plugins/sudoers/parse.c:755
+#, c-format
+msgid "User %s may run the following commands on %s:\n"
+msgstr "Uživatel %s smí spustit následující příkazy na %s:\n"
+
+#: plugins/sudoers/parse.c:770
+#, c-format
+msgid "User %s is not allowed to run sudo on %s.\n"
+msgstr "Uživatel %s nemá dovoleno spustit sudo na %s.\n"
+
+#: plugins/sudoers/parse_ldif.c:145
+#, c-format
+msgid "ignoring invalid attribute value: %s"
+msgstr "neplatná hodnota hodnota atributu se ignoruje: %s"
+
+#: plugins/sudoers/parse_ldif.c:584
+#, c-format
+msgid "ignoring incomplete sudoRole: cn: %s"
+msgstr "neúplná definice sudoRole se ignoruje: cn: %s"
+
+#: plugins/sudoers/policy.c:88 plugins/sudoers/policy.c:114
+#, c-format
+msgid "invalid %.*s set by sudo front-end"
+msgstr "neplatné %.*s nenastaveno vnějším rozhraním sudo"
+
+#: plugins/sudoers/policy.c:293 plugins/sudoers/testsudoers.c:278
+msgid "unable to parse network address list"
+msgstr "nelze rozebrat seznam síťových adres"
+
+#: plugins/sudoers/policy.c:437
+msgid "user name not set by sudo front-end"
+msgstr "uživatelské jméno nenastaveno vnějším rozhraním sudo"
+
+#: plugins/sudoers/policy.c:441
+msgid "user ID not set by sudo front-end"
+msgstr "ID uživatele nenastaveno vnějším rozhraním sudo"
+
+#: plugins/sudoers/policy.c:445
+msgid "group ID not set by sudo front-end"
+msgstr "ID skupiny nenastaveno vnějším rozhraním sudo"
+
+#: plugins/sudoers/policy.c:449
+msgid "host name not set by sudo front-end"
+msgstr "název počítače nenastaven vnějším rozhraním sudo"
+
+#: plugins/sudoers/policy.c:802 plugins/sudoers/visudo.c:220
+#: plugins/sudoers/visudo.c:851
+#, c-format
+msgid "unable to execute %s"
+msgstr "nelze vykonat %s"
+
+#: plugins/sudoers/policy.c:933
+#, c-format
+msgid "Sudoers policy plugin version %s\n"
+msgstr "Verze modulu s politikami sudoers je %s\n"
+
+#: plugins/sudoers/policy.c:935
+#, c-format
+msgid "Sudoers file grammar version %d\n"
+msgstr "Verze gramatiky souboru sudoers je %d\n"
+
+#: plugins/sudoers/policy.c:939
+#, c-format
+msgid ""
+"\n"
+"Sudoers path: %s\n"
+msgstr ""
+"\n"
+"Cesta sudoers: %s\n"
+
+#: plugins/sudoers/policy.c:942
+#, c-format
+msgid "nsswitch path: %s\n"
+msgstr "cesta k nsswitch: %s\n"
+
+#: plugins/sudoers/policy.c:944
+#, c-format
+msgid "ldap.conf path: %s\n"
+msgstr "cesta k ldap.conf: %s\n"
+
+#: plugins/sudoers/policy.c:945
+#, c-format
+msgid "ldap.secret path: %s\n"
+msgstr "cesta k ldap.secret: %s\n"
+
+#: plugins/sudoers/policy.c:978
+#, c-format
+msgid "unable to register hook of type %d (version %d.%d)"
+msgstr "nelze zaregistrovat háček typu %d (verze %d.%d)"
+
+#: plugins/sudoers/pwutil.c:220 plugins/sudoers/pwutil.c:239
+#, c-format
+msgid "unable to cache uid %u, out of memory"
+msgstr "nelze zapamatovat si UID %u, nedostatek paměti"
+
+#: plugins/sudoers/pwutil.c:233
+#, c-format
+msgid "unable to cache uid %u, already exists"
+msgstr "nelze zapamatovat si UID %u, již existuje"
+
+#: plugins/sudoers/pwutil.c:293 plugins/sudoers/pwutil.c:311
+#: plugins/sudoers/pwutil.c:373 plugins/sudoers/pwutil.c:418
+#, c-format
+msgid "unable to cache user %s, out of memory"
+msgstr "nelze zapamatovat si uživatele %s, nedostatek paměti"
+
+#: plugins/sudoers/pwutil.c:306
+#, c-format
+msgid "unable to cache user %s, already exists"
+msgstr "nelze zapamatovat si uživatele %s, již existuje"
+
+#: plugins/sudoers/pwutil.c:537 plugins/sudoers/pwutil.c:556
+#, c-format
+msgid "unable to cache gid %u, out of memory"
+msgstr "nelze zapamatovat si GID %u, nedostatek paměti"
+
+#: plugins/sudoers/pwutil.c:550
+#, c-format
+msgid "unable to cache gid %u, already exists"
+msgstr "nelze zapamatovat si GID %u, již existuje"
+
+#: plugins/sudoers/pwutil.c:604 plugins/sudoers/pwutil.c:622
+#: plugins/sudoers/pwutil.c:669 plugins/sudoers/pwutil.c:711
+#, c-format
+msgid "unable to cache group %s, out of memory"
+msgstr "nelze zapamatovat si skupinu %s, nedostatek paměti"
+
+#: plugins/sudoers/pwutil.c:617
+#, c-format
+msgid "unable to cache group %s, already exists"
+msgstr "nelze zapamatovat si skupinu %s, již existuje"
+
+#: plugins/sudoers/pwutil.c:837 plugins/sudoers/pwutil.c:889
+#: plugins/sudoers/pwutil.c:940 plugins/sudoers/pwutil.c:993
+#, c-format
+msgid "unable to cache group list for %s, already exists"
+msgstr "nelze zapamatovat si seznam skupin pro %s, již existuje"
+
+#: plugins/sudoers/pwutil.c:843 plugins/sudoers/pwutil.c:894
+#: plugins/sudoers/pwutil.c:946 plugins/sudoers/pwutil.c:998
+#, c-format
+msgid "unable to cache group list for %s, out of memory"
+msgstr "nelze zapamatovat si seznam skupin pro %s, nedostatek paměti"
+
+#: plugins/sudoers/pwutil.c:883
+#, c-format
+msgid "unable to parse groups for %s"
+msgstr "nelze rozebrat skupiny pro %s"
+
+#: plugins/sudoers/pwutil.c:987
+#, c-format
+msgid "unable to parse gids for %s"
+msgstr "nelze rozebrat čísla GID pro %s"
+
+#: plugins/sudoers/set_perms.c:118 plugins/sudoers/set_perms.c:474
+#: plugins/sudoers/set_perms.c:917 plugins/sudoers/set_perms.c:1244
+#: plugins/sudoers/set_perms.c:1561
+msgid "perm stack overflow"
+msgstr "přetečení zásobníku oprávnění"
+
+#: plugins/sudoers/set_perms.c:126 plugins/sudoers/set_perms.c:405
+#: plugins/sudoers/set_perms.c:482 plugins/sudoers/set_perms.c:784
+#: plugins/sudoers/set_perms.c:925 plugins/sudoers/set_perms.c:1168
+#: plugins/sudoers/set_perms.c:1252 plugins/sudoers/set_perms.c:1494
+#: plugins/sudoers/set_perms.c:1569 plugins/sudoers/set_perms.c:1659
+msgid "perm stack underflow"
+msgstr "podtečení zásobníku oprávnění"
+
+#: plugins/sudoers/set_perms.c:185 plugins/sudoers/set_perms.c:528
+#: plugins/sudoers/set_perms.c:1303 plugins/sudoers/set_perms.c:1601
+msgid "unable to change to root gid"
+msgstr "nelze přepnout GID na root"
+
+#: plugins/sudoers/set_perms.c:274 plugins/sudoers/set_perms.c:625
+#: plugins/sudoers/set_perms.c:1054 plugins/sudoers/set_perms.c:1380
+msgid "unable to change to runas gid"
+msgstr "nelze přepnout na běhové GID"
+
+#: plugins/sudoers/set_perms.c:279 plugins/sudoers/set_perms.c:630
+#: plugins/sudoers/set_perms.c:1059 plugins/sudoers/set_perms.c:1385
+msgid "unable to set runas group vector"
+msgstr "nelze nastavit vektor běhových skupin"
+
+#: plugins/sudoers/set_perms.c:290 plugins/sudoers/set_perms.c:641
+#: plugins/sudoers/set_perms.c:1068 plugins/sudoers/set_perms.c:1394
+msgid "unable to change to runas uid"
+msgstr "nelze přepnout na běhové UID"
+
+#: plugins/sudoers/set_perms.c:308 plugins/sudoers/set_perms.c:659
+#: plugins/sudoers/set_perms.c:1084 plugins/sudoers/set_perms.c:1410
+msgid "unable to change to sudoers gid"
+msgstr "nelze přepnout na GID sudoers"
+
+#: plugins/sudoers/set_perms.c:392 plugins/sudoers/set_perms.c:771
+#: plugins/sudoers/set_perms.c:1155 plugins/sudoers/set_perms.c:1481
+#: plugins/sudoers/set_perms.c:1646
+msgid "too many processes"
+msgstr "příliš mnoho procesů"
+
+#: plugins/sudoers/solaris_audit.c:56
+msgid "unable to get current working directory"
+msgstr "současný pracovní adresář nelze zjistit"
+
+#: plugins/sudoers/solaris_audit.c:64
+#, c-format
+msgid "truncated audit path user_cmnd: %s"
+msgstr "zkrácená auditní cesta user_cmnd: %s"
+
+#: plugins/sudoers/solaris_audit.c:71
+#, c-format
+msgid "truncated audit path argv[0]: %s"
+msgstr "zkrácená auditní cesta argv[0]: %s"
+
+#: plugins/sudoers/solaris_audit.c:120
+msgid "audit_failure message too long"
+msgstr "zpráva audit_failure je příliš dlouhá"
+
+#: plugins/sudoers/sssd.c:563
+msgid "unable to initialize SSS source. Is SSSD installed on your machine?"
+msgstr "nelze inicializovat zdroj SSS. Je SSSD nainstalován na vašem stroji?"
+
+#: plugins/sudoers/sssd.c:571 plugins/sudoers/sssd.c:580
+#: plugins/sudoers/sssd.c:589 plugins/sudoers/sssd.c:598
+#: plugins/sudoers/sssd.c:607
+#, c-format
+msgid "unable to find symbol \"%s\" in %s"
+msgstr "nelze nalézt symbol „%s“ v %s"
+
+#: plugins/sudoers/sudoers.c:208 plugins/sudoers/sudoers.c:864
+msgid "problem with defaults entries"
+msgstr "problém s položkami defaults"
+
+#: plugins/sudoers/sudoers.c:212
+msgid "no valid sudoers sources found, quitting"
+msgstr "nenalezeny žádné platné zdroje sudoers, končí se"
+
+#: plugins/sudoers/sudoers.c:250
+msgid "sudoers specifies that root is not allowed to sudo"
+msgstr "sudoers udává, že root nemá dovoleno použít sudo"
+
+#: plugins/sudoers/sudoers.c:308
+msgid "you are not permitted to use the -C option"
+msgstr "nemáte dovoleno použít přepínač -C"
+
+#: plugins/sudoers/sudoers.c:355
+#, c-format
+msgid "timestamp owner (%s): No such user"
+msgstr "vlastník časového údaje (%s): Takový uživatel neexistuje"
+
+#: plugins/sudoers/sudoers.c:370
+msgid "no tty"
+msgstr "žádné TTY"
+
+#: plugins/sudoers/sudoers.c:371
+msgid "sorry, you must have a tty to run sudo"
+msgstr "je nám líto, ale pro spuštění sudo musíte mít TTY"
+
+#: plugins/sudoers/sudoers.c:433
+msgid "command in current directory"
+msgstr "příkaz v aktuálním adresáři"
+
+#: plugins/sudoers/sudoers.c:452
+msgid "sorry, you are not allowed set a command timeout"
+msgstr "je nám líto, ale nastavit časový limit nemáte dovoleno"
+
+#: plugins/sudoers/sudoers.c:460
+msgid "sorry, you are not allowed to preserve the environment"
+msgstr "je nám líto, ale zachovat prostředí nemáte dovoleno"
+
+#: plugins/sudoers/sudoers.c:808
+msgid "command too long"
+msgstr "příkaz je příliš dlouhý"
+
+#: plugins/sudoers/sudoers.c:922
+#, c-format
+msgid "%s is not a regular file"
+msgstr "%s není běžný soubor"
+
+#: plugins/sudoers/sudoers.c:926 plugins/sudoers/timestamp.c:257 toke.l:965
+#, c-format
+msgid "%s is owned by uid %u, should be %u"
+msgstr "%s je vlastněn UID %u, měl by být vlastněn %u"
+
+#: plugins/sudoers/sudoers.c:930 toke.l:970
+#, c-format
+msgid "%s is world writable"
+msgstr "%s je zapisovatelný pro všechny"
+
+#: plugins/sudoers/sudoers.c:934 toke.l:973
+#, c-format
+msgid "%s is owned by gid %u, should be %u"
+msgstr "%s je vlastněn GID %u, mělo by být %u"
+
+#: plugins/sudoers/sudoers.c:967
+#, c-format
+msgid "only root can use \"-c %s\""
+msgstr "pouze root může použít „-c %s“"
+
+#: plugins/sudoers/sudoers.c:986
+#, c-format
+msgid "unknown login class: %s"
+msgstr "neznáma přihlašovací třída: %s"
+
+#: plugins/sudoers/sudoers.c:1069 plugins/sudoers/sudoers.c:1083
+#, c-format
+msgid "unable to resolve host %s"
+msgstr "nelze přeložit název stroje %s"
+
+#: plugins/sudoers/sudoreplay.c:248
+#, c-format
+msgid "invalid filter option: %s"
+msgstr "neplatná volba filtru: %s"
+
+#: plugins/sudoers/sudoreplay.c:261
+#, c-format
+msgid "invalid max wait: %s"
+msgstr "neplatná maximální doba čekání: %s"
+
+#: plugins/sudoers/sudoreplay.c:284
+#, c-format
+msgid "invalid speed factor: %s"
+msgstr "neplatný násobek rychlosti: %s"
+
+#: plugins/sudoers/sudoreplay.c:319
+#, c-format
+msgid "%s/%.2s/%.2s/%.2s/timing: %s"
+msgstr "%s/%.2s/%.2s/%.2s/časování: %s"
+
+#: plugins/sudoers/sudoreplay.c:325
+#, c-format
+msgid "%s/%s/timing: %s"
+msgstr "%s/%s/časování: %s"
+
+#: plugins/sudoers/sudoreplay.c:341
+#, c-format
+msgid "Replaying sudo session: %s"
+msgstr "Přehrává se relace sudo: %s"
+
+#: plugins/sudoers/sudoreplay.c:539 plugins/sudoers/sudoreplay.c:586
+#: plugins/sudoers/sudoreplay.c:783 plugins/sudoers/sudoreplay.c:892
+#: plugins/sudoers/sudoreplay.c:977 plugins/sudoers/sudoreplay.c:992
+#: plugins/sudoers/sudoreplay.c:999 plugins/sudoers/sudoreplay.c:1006
+#: plugins/sudoers/sudoreplay.c:1013 plugins/sudoers/sudoreplay.c:1020
+#: plugins/sudoers/sudoreplay.c:1168
+msgid "unable to add event to queue"
+msgstr "událost nelze přidat do fronty"
+
+#: plugins/sudoers/sudoreplay.c:654
+msgid "unable to set tty to raw mode"
+msgstr "TTY nelze nastavit do přímého režimu"
+
+#: plugins/sudoers/sudoreplay.c:705
+#, c-format
+msgid "Warning: your terminal is too small to properly replay the log.\n"
+msgstr "Pozor: váš terminál je příliš malý pro správné zobrazení záznamu.\n"
+
+#: plugins/sudoers/sudoreplay.c:706
+#, c-format
+msgid "Log geometry is %d x %d, your terminal's geometry is %d x %d."
+msgstr "Rozměry záznamu jsou %d × %d, váš terminál má rozměry %d × %d."
+
+#: plugins/sudoers/sudoreplay.c:734
+msgid "Replay finished, press any key to restore the terminal."
+msgstr "Přehrávání skončilo, pro obnovení terminálu stiskněte libovolnou klávesu."
+
+#: plugins/sudoers/sudoreplay.c:766
+#, c-format
+msgid "invalid timing file line: %s"
+msgstr "neplatný řádek s časovacím souborem: %s"
+
+#: plugins/sudoers/sudoreplay.c:1202 plugins/sudoers/sudoreplay.c:1227
+#, c-format
+msgid "ambiguous expression \"%s\""
+msgstr "nejednoznačný výraz „%s“"
+
+#: plugins/sudoers/sudoreplay.c:1249
+msgid "unmatched ')' in expression"
+msgstr "ve výrazu neodpovídá „)“"
+
+#: plugins/sudoers/sudoreplay.c:1253
+#, c-format
+msgid "unknown search term \"%s\""
+msgstr "neznámý vyhledávací výraz „%s“"
+
+#: plugins/sudoers/sudoreplay.c:1268
+#, c-format
+msgid "%s requires an argument"
+msgstr "%s vyžaduje argument"
+
+#: plugins/sudoers/sudoreplay.c:1271 plugins/sudoers/sudoreplay.c:1512
+#, c-format
+msgid "invalid regular expression: %s"
+msgstr "neplatný regulární výraz: %s"
+
+#: plugins/sudoers/sudoreplay.c:1275
+#, c-format
+msgid "could not parse date \"%s\""
+msgstr "datum „%s“ se nepodařilo rozebrat"
+
+#: plugins/sudoers/sudoreplay.c:1284
+msgid "unmatched '(' in expression"
+msgstr "ve výrazu neodpovídá „(“"
+
+#: plugins/sudoers/sudoreplay.c:1286
+msgid "illegal trailing \"or\""
+msgstr "zakázané zakončení „or“"
+
+#: plugins/sudoers/sudoreplay.c:1288
+msgid "illegal trailing \"!\""
+msgstr "zakázané zakončení „!“"
+
+#: plugins/sudoers/sudoreplay.c:1338
+#, c-format
+msgid "unknown search type %d"
+msgstr "neznámý vyhledávácí typ %d"
+
+#: plugins/sudoers/sudoreplay.c:1605
+#, c-format
+msgid "usage: %s [-hnRS] [-d dir] [-m num] [-s num] ID\n"
+msgstr "použití: %s [-hnRS] [-d adresář] [-m číslo] [-s číslo] ID\n"
+
+#: plugins/sudoers/sudoreplay.c:1608
+#, c-format
+msgid "usage: %s [-h] [-d dir] -l [search expression]\n"
+msgstr "použití: %s [-h] [-d adresář] -l [vyhledávací_výraz]\n"
+
+#: plugins/sudoers/sudoreplay.c:1617
+#, c-format
+msgid ""
+"%s - replay sudo session logs\n"
+"\n"
+msgstr ""
+"%s – přehraje záznam relace sudo\n"
+"\n"
+
+#: plugins/sudoers/sudoreplay.c:1619
+msgid ""
+"\n"
+"Options:\n"
+"  -d, --directory=dir  specify directory for session logs\n"
+"  -f, --filter=filter  specify which I/O type(s) to display\n"
+"  -h, --help           display help message and exit\n"
+"  -l, --list           list available session IDs, with optional expression\n"
+"  -m, --max-wait=num   max number of seconds to wait between events\n"
+"  -S, --suspend-wait   wait while the command was suspended\n"
+"  -s, --speed=num      speed up or slow down output\n"
+"  -V, --version        display version information and exit"
+msgstr ""
+"\n"
+"Přepínače:\n"
+"  -d, --directory=adresář\n"
+"                       určuje adresář pro záznamy relace\n"
+"  -f, --filter=filtr   určuje, které druhy I/O se mají zobrazit\n"
+"  -h, --help           zobrazí nápovědu a skončí\n"
+"  -l, --list           vypíše seznam ID dostupných relací, s volitelným výrazem\n"
+"  -m, --max-wait=číslo čeká maximálně počet sekund mezi událostmi\n"
+"  -S, --suspend-wait   čeká pokud byl příkaz pozastaven\n"
+"  -s, --speed=číslo    zrychlí nebo zpomalí výstup\n"
+"  -V, --version        zobrazí údaje o verzi a skončí"
+
+#: plugins/sudoers/testsudoers.c:360
+msgid "\thost  unmatched"
+msgstr "\tstroj se neshoduje"
+
+#: plugins/sudoers/testsudoers.c:363
+msgid ""
+"\n"
+"Command allowed"
+msgstr ""
+"\n"
+"Příkaz povolen"
+
+#: plugins/sudoers/testsudoers.c:364
+msgid ""
+"\n"
+"Command denied"
+msgstr ""
+"\n"
+"Příkaz odepřen"
+
+#: plugins/sudoers/testsudoers.c:364
+msgid ""
+"\n"
+"Command unmatched"
+msgstr ""
+"\n"
+"Příkaz se neshoduje"
+
+#: plugins/sudoers/timestamp.c:265
+#, c-format
+msgid "%s is group writable"
+msgstr "%s je zapisovatelný pro skupinu"
+
+# TODO: pluralize
+#: plugins/sudoers/timestamp.c:341
+#, c-format
+msgid "unable to truncate time stamp file to %lld bytes"
+msgstr "nelze zkrátit soubor s časovými údaji na %lld bajtů"
+
+#: plugins/sudoers/timestamp.c:827 plugins/sudoers/timestamp.c:919
+#: plugins/sudoers/visudo.c:482 plugins/sudoers/visudo.c:488
+msgid "unable to read the clock"
+msgstr "nelze přečíst hodiny"
+
+#: plugins/sudoers/timestamp.c:838
+msgid "ignoring time stamp from the future"
+msgstr "časový údaj z budoucnosti se ignoruje"
+
+#: plugins/sudoers/timestamp.c:861
+#, c-format
+msgid "time stamp too far in the future: %20.20s"
+msgstr "časový údaj ukazuje příliš do budoucna: %20.20s"
+
+# TODO: pluralize
+#: plugins/sudoers/timestamp.c:983
+#, c-format
+msgid "unable to lock time stamp file %s"
+msgstr "soubor s časovými údaji %s nelze zamknout"
+
+#: plugins/sudoers/timestamp.c:1027 plugins/sudoers/timestamp.c:1047
+#, c-format
+msgid "lecture status path too long: %s/%s"
+msgstr "cesta ke stavům lekce je příliš dlouhý: %s/%s"
+
+#: plugins/sudoers/visudo.c:216
+msgid "the -x option will be removed in a future release"
+msgstr "přepínač -x bude v příštím vydání odstraněn"
+
+#: plugins/sudoers/visudo.c:217
+msgid "please consider using the cvtsudoers utility instead"
+msgstr "prosím, zvažte použití nástroje cvtsudoers"
+
+#: plugins/sudoers/visudo.c:268 plugins/sudoers/visudo.c:650
+#, c-format
+msgid "press return to edit %s: "
+msgstr "pro úpravu %s stiskněte enter: "
+
+#: plugins/sudoers/visudo.c:329
+#, c-format
+msgid "specified editor (%s) doesn't exist"
+msgstr "zadaný editor (%s) neexistuje"
+
+#: plugins/sudoers/visudo.c:331
+#, c-format
+msgid "no editor found (editor path = %s)"
+msgstr "žádný editor nenalezen (cesta k editoru = %s)"
+
+#: plugins/sudoers/visudo.c:441 plugins/sudoers/visudo.c:449
+msgid "write error"
+msgstr "chyba zápisu"
+
+#: plugins/sudoers/visudo.c:495
+#, c-format
+msgid "unable to stat temporary file (%s), %s unchanged"
+msgstr "nelze získat údaje o dočasném souboru (%s), %s nezměněno"
+
+#: plugins/sudoers/visudo.c:502
+#, c-format
+msgid "zero length temporary file (%s), %s unchanged"
+msgstr "dočasný soubor o nulové velikosti (%s), %s nezměněno"
+
+#: plugins/sudoers/visudo.c:508
+#, c-format
+msgid "editor (%s) failed, %s unchanged"
+msgstr "editor (%s) selhal, %s nezměněno"
+
+#: plugins/sudoers/visudo.c:530
+#, c-format
+msgid "%s unchanged"
+msgstr "%s nezměněno"
+
+#: plugins/sudoers/visudo.c:589
+#, c-format
+msgid "unable to re-open temporary file (%s), %s unchanged."
+msgstr "nelze znovu otevřít dočasný soubor (%s), %s nezměněno."
+
+#: plugins/sudoers/visudo.c:601
+#, c-format
+msgid "unabled to parse temporary file (%s), unknown error"
+msgstr "nebylo možné rozebrat dočasný soubor (%s), neznámá chyba"
+
+#: plugins/sudoers/visudo.c:639
+#, c-format
+msgid "internal error, unable to find %s in list!"
+msgstr "vnitřní chyba, v seznamu nelze nalézt %s!"
+
+#: plugins/sudoers/visudo.c:719 plugins/sudoers/visudo.c:728
+#, c-format
+msgid "unable to set (uid, gid) of %s to (%u, %u)"
+msgstr "nelze nastavit (UID, GID) %s na (%u, %u)"
+
+#: plugins/sudoers/visudo.c:751
+#, c-format
+msgid "%s and %s not on the same file system, using mv to rename"
+msgstr "%s a %s se nenachází na jednom souborovém systému, pro přejmenování se použije mv"
+
+#: plugins/sudoers/visudo.c:765
+#, c-format
+msgid "command failed: '%s %s %s', %s unchanged"
+msgstr "příkaz selhal: „'%s %s %s“, %s nezměněno"
+
+#: plugins/sudoers/visudo.c:775
+#, c-format
+msgid "error renaming %s, %s unchanged"
+msgstr "chyba při přejmenování %s, %s nezměněno"
+
+#: plugins/sudoers/visudo.c:796
+msgid "What now? "
+msgstr "Co teď? "
+
+#: plugins/sudoers/visudo.c:810
+msgid ""
+"Options are:\n"
+"  (e)dit sudoers file again\n"
+"  e(x)it without saving changes to sudoers file\n"
+"  (Q)uit and save changes to sudoers file (DANGER!)\n"
+msgstr ""
+"Možnosti jsou:\n"
+"  (e) upravit soubor sudoers znovu\n"
+"  (x) skončit bez uložení změn do souboru sudoers\n"
+"  (Q) skončit a uložit změny do souboru sudoers (NEBEZPEČNÉ!)\n"
+
+#: plugins/sudoers/visudo.c:856
+#, c-format
+msgid "unable to run %s"
+msgstr "nelze spustit %s"
+
+#: plugins/sudoers/visudo.c:886
+#, c-format
+msgid "%s: wrong owner (uid, gid) should be (%u, %u)\n"
+msgstr "%s: chybný vlastník (UID, GID), měl by být (%u, %u)\n"
+
+#: plugins/sudoers/visudo.c:893
+#, c-format
+msgid "%s: bad permissions, should be mode 0%o\n"
+msgstr "%s: chybná práva, měla by být 0%o\n"
+
+#: plugins/sudoers/visudo.c:950 plugins/sudoers/visudo.c:957
+#, c-format
+msgid "%s: parsed OK\n"
+msgstr "%s: rozbor úspěšný\n"
+
+#: plugins/sudoers/visudo.c:976
+#, c-format
+msgid "%s busy, try again later"
+msgstr "%s je zaneprázdněn, zkuste to později"
+
+#: plugins/sudoers/visudo.c:979
+#, c-format
+msgid "unable to lock %s"
+msgstr "%s nelze uzamknout"
+
+# The code indeed checks for non-localized "y" character.
+#: plugins/sudoers/visudo.c:980
+msgid "Edit anyway? [y/N]"
+msgstr "Přesto upravit? [y/N]"
+
+#: plugins/sudoers/visudo.c:1064
+#, c-format
+msgid "Error: %s:%d cycle in %s \"%s\""
+msgstr "Chyba: %s:%d: smyčka v %s „%s“"
+
+#: plugins/sudoers/visudo.c:1065
+#, c-format
+msgid "Warning: %s:%d cycle in %s \"%s\""
+msgstr "Pozor: %s:%d: smyčka v %s „%s“"
+
+#: plugins/sudoers/visudo.c:1069
+#, c-format
+msgid "Error: %s:%d %s \"%s\" referenced but not defined"
+msgstr "Chyba: %s:%d: %s „%s“ použit, ale nedefinován"
+
+#: plugins/sudoers/visudo.c:1070
+#, c-format
+msgid "Warning: %s:%d %s \"%s\" referenced but not defined"
+msgstr "Pozor: %s:%d: %s „%s“ použit, ale nedefinován"
+
+#: plugins/sudoers/visudo.c:1161
+#, c-format
+msgid "Warning: %s:%d unused %s \"%s\""
+msgstr "Pozor> %s:%d nepoužitý %s „%s“"
+
+#: plugins/sudoers/visudo.c:1276
+#, c-format
+msgid ""
+"%s - safely edit the sudoers file\n"
+"\n"
+msgstr ""
+"%s – bezpečně upraví soubor sudoers\n"
+"\n"
+
+#: plugins/sudoers/visudo.c:1278
+msgid ""
+"\n"
+"Options:\n"
+"  -c, --check              check-only mode\n"
+"  -f, --file=sudoers       specify sudoers file location\n"
+"  -h, --help               display help message and exit\n"
+"  -q, --quiet              less verbose (quiet) syntax error messages\n"
+"  -s, --strict             strict syntax checking\n"
+"  -V, --version            display version information and exit\n"
+msgstr ""
+"\n"
+"Přepínače:\n"
+"  -c, --check       pouze kontroluje\n"
+"  -f, --file=sudoers\n"
+"                    určuje umístění souboru sudoers\n"
+"  -h, --help        zobrazí nápovědu a skončí\n"
+"  -q, --quiet       méně upovídaná (stručnější) hlášení chyb syntaxe\n"
+"  -s, --strict      přísná kontrola syntaxe\n"
+"  -V, --version     zobrazí údaje o verzi a skončí\n"
+
+#: toke.l:939
+msgid "too many levels of includes"
+msgstr "příliš mnoho úrovní zanoření"
+
+#~ msgid ""
+#~ "\n"
+#~ "LDAP Role: UNKNOWN\n"
+#~ msgstr ""
+#~ "\n"
+#~ "Role LDAP: NEZNÁMÁ\n"
+
+#~ msgid "    Order: %s\n"
+#~ msgstr "    Pořadí: %s\n"
+
+#~ msgid ""
+#~ "\n"
+#~ "SSSD Role: %s\n"
+#~ msgstr ""
+#~ "\n"
+#~ "Role SSSD: %s\n"
+
+#~ msgid ""
+#~ "\n"
+#~ "SSSD Role: UNKNOWN\n"
+#~ msgstr ""
+#~ "\n"
+#~ "Role SSSD: NEZNÁMÁ\n"
+
+#~ msgid "Warning: cycle in %s `%s'"
+#~ msgstr "Pozor: smyčka v %s „%s“"
+
+#~ msgid "Warning: %s `%s' referenced but not defined"
+#~ msgstr "Pozor: %s „%s“ použit, ale nedefinován"
+
+#~ msgid "Warning: unused %s `%s'"
+#~ msgstr "Pozor: nepožitý %s „%s“"
+
+#~ msgid "unable allocate memory"
+#~ msgstr "nelze alokovat paměť"
+
+#~ msgid "timestamp path too long: %s/%s"
+#~ msgstr "cesta k časovým údajům je příliš dlouhá: %s/%s"
+
+#~ msgid "unable to stat editor (%s)"
+#~ msgstr "nelze zjisti údaje o editoru (%s)"
+
+#~ msgid "sudo_ldap_conf_add_ports: out of space expanding hostbuf"
+#~ msgstr "sudo_ldap_conf_add_ports: nedostatek místa na rozšíření hostbuf"
+
+#~ msgid "sudo_ldap_parse_uri: out of space building hostbuf"
+#~ msgstr "sudo_ldap_parse_uri: nedostatek místo pro vytvoření hostbuf"
+
+#~ msgid "sudo_ldap_build_pass1 allocation mismatch"
+#~ msgstr "nesouhlasí alokace sudo_ldap_build_pass1"
+
+#~ msgid "internal error: insufficient space for log line"
+#~ msgstr "vnitřní chyba: nedostatek místa pro řádek protokolu"
+
+#~ msgid "fill_args: buffer overflow"
+#~ msgstr "fill_args: přetečení bufferu"
diff --git a/plugins/sudoers/po/da.mo b/plugins/sudoers/po/da.mo
new file mode 100644
index 0000000..c185751
--- /dev/null
+++ b/plugins/sudoers/po/da.mo
diff --git a/plugins/sudoers/po/da.po b/plugins/sudoers/po/da.po
new file mode 100644
index 0000000..c1cb6f4
--- /dev/null
+++ b/plugins/sudoers/po/da.po
@@ -0,0 +1,2344 @@
+# Danish translation of sudoers.
+# This file is put in the public domain.
+# Joe Hansen <joedalton2@yahoo.dk>, 2011, 2012, 2013, 2014, 2015, 2016, 2017, 2018.
+#
+# audit -> overvågning
+# dummy -> attrap
+# epoch -> epoke
+# execute -> udføre (run -> kør)
+# overflow -> overløb
+# principal -> værtshovedstol
+# runas -> runas ? (eller måske bedre med kør som. den er valgt indtil videre)
+# stat -> stat
+# timeout -> tidsudløb (eller ventetid, er dog lidt noget andet)
+#
+# der bliver brugt masser af forskellige citationstegn i den her ('' \" \" ``,
+# nogle gange også tre styk). De er alle lavet med »« på dansk.
+#
+msgid ""
+msgstr ""
+"Project-Id-Version: sudoers 1.8.24b2\n"
+"Report-Msgid-Bugs-To: https://bugzilla.sudo.ws\n"
+"POT-Creation-Date: 2018-07-31 07:13-0600\n"
+"PO-Revision-Date: 2018-08-12 07:48+0200\n"
+"Last-Translator: joe Hansen <joedalton2@yahoo.dk>\n"
+"Language-Team: Danish <dansk@dansk-gruppen.dk>\n"
+"Language: da\n"
+"MIME-Version: 1.0\n"
+"Content-Type: text/plain; charset=UTF-8\n"
+"Content-Transfer-Encoding: 8bit\n"
+"X-Bugs: Report translation errors to the Language-Team address.\n"
+"Plural-Forms: nplurals=2; plural=(n != 1);\n"
+"X-Generator: Poedit 1.8.11\n"
+
+#: confstr.sh:1
+msgid "syntax error"
+msgstr "syntaksfejl"
+
+#: confstr.sh:2
+msgid "%p's password: "
+msgstr "%ps adgangskode: "
+
+#: confstr.sh:3
+msgid "[sudo] password for %p: "
+msgstr "[sudo] adgangskode for %p: "
+
+#: confstr.sh:4
+msgid "Password: "
+msgstr "Adgangskode: "
+
+#: confstr.sh:5
+msgid "*** SECURITY information for %h ***"
+msgstr "*** SIKKERHEDSINFORMATION for %h ***"
+
+#: confstr.sh:6
+msgid "Sorry, try again."
+msgstr "Beklager, prøv igen."
+
+#: gram.y:194 gram.y:242 gram.y:249 gram.y:256 gram.y:263 gram.y:270
+#: gram.y:286 gram.y:310 gram.y:317 gram.y:324 gram.y:331 gram.y:338
+#: gram.y:401 gram.y:409 gram.y:419 gram.y:452 gram.y:459 gram.y:466
+#: gram.y:473 gram.y:555 gram.y:562 gram.y:571 gram.y:580 gram.y:597
+#: gram.y:709 gram.y:716 gram.y:723 gram.y:731 gram.y:831 gram.y:838
+#: gram.y:845 gram.y:852 gram.y:859 gram.y:885 gram.y:892 gram.y:899
+#: gram.y:1022 gram.y:1296 plugins/sudoers/alias.c:122
+#: plugins/sudoers/alias.c:129 plugins/sudoers/alias.c:145
+#: plugins/sudoers/auth/bsdauth.c:141 plugins/sudoers/auth/kerb5.c:119
+#: plugins/sudoers/auth/kerb5.c:145 plugins/sudoers/auth/pam.c:519
+#: plugins/sudoers/auth/rfc1938.c:109 plugins/sudoers/auth/sia.c:59
+#: plugins/sudoers/cvtsudoers.c:116 plugins/sudoers/cvtsudoers.c:157
+#: plugins/sudoers/cvtsudoers.c:174 plugins/sudoers/cvtsudoers.c:185
+#: plugins/sudoers/cvtsudoers.c:278 plugins/sudoers/cvtsudoers.c:405
+#: plugins/sudoers/cvtsudoers.c:538 plugins/sudoers/cvtsudoers.c:555
+#: plugins/sudoers/cvtsudoers.c:660 plugins/sudoers/cvtsudoers.c:773
+#: plugins/sudoers/cvtsudoers.c:781 plugins/sudoers/cvtsudoers.c:1186
+#: plugins/sudoers/cvtsudoers.c:1190 plugins/sudoers/cvtsudoers.c:1290
+#: plugins/sudoers/cvtsudoers_ldif.c:147 plugins/sudoers/cvtsudoers_ldif.c:189
+#: plugins/sudoers/cvtsudoers_ldif.c:236 plugins/sudoers/cvtsudoers_ldif.c:255
+#: plugins/sudoers/cvtsudoers_ldif.c:325 plugins/sudoers/cvtsudoers_ldif.c:380
+#: plugins/sudoers/cvtsudoers_ldif.c:388 plugins/sudoers/cvtsudoers_ldif.c:405
+#: plugins/sudoers/cvtsudoers_ldif.c:414 plugins/sudoers/cvtsudoers_ldif.c:560
+#: plugins/sudoers/cvtsudoers_ldif.c:753 plugins/sudoers/cvtsudoers_ldif.c:780
+#: plugins/sudoers/cvtsudoers_ldif.c:848 plugins/sudoers/cvtsudoers_ldif.c:855
+#: plugins/sudoers/cvtsudoers_ldif.c:860 plugins/sudoers/cvtsudoers_ldif.c:936
+#: plugins/sudoers/cvtsudoers_ldif.c:947 plugins/sudoers/cvtsudoers_ldif.c:953
+#: plugins/sudoers/cvtsudoers_ldif.c:978 plugins/sudoers/cvtsudoers_ldif.c:990
+#: plugins/sudoers/cvtsudoers_ldif.c:994
+#: plugins/sudoers/cvtsudoers_ldif.c:1008
+#: plugins/sudoers/cvtsudoers_ldif.c:1176
+#: plugins/sudoers/cvtsudoers_ldif.c:1208
+#: plugins/sudoers/cvtsudoers_ldif.c:1233
+#: plugins/sudoers/cvtsudoers_ldif.c:1262
+#: plugins/sudoers/cvtsudoers_ldif.c:1312
+#: plugins/sudoers/cvtsudoers_ldif.c:1358
+#: plugins/sudoers/cvtsudoers_ldif.c:1368 plugins/sudoers/defaults.c:656
+#: plugins/sudoers/defaults.c:952 plugins/sudoers/defaults.c:1123
+#: plugins/sudoers/editor.c:65 plugins/sudoers/editor.c:83
+#: plugins/sudoers/editor.c:94 plugins/sudoers/env.c:233
+#: plugins/sudoers/filedigest.c:61 plugins/sudoers/filedigest.c:77
+#: plugins/sudoers/gc.c:52 plugins/sudoers/group_plugin.c:131
+#: plugins/sudoers/interfaces.c:71 plugins/sudoers/iolog.c:938
+#: plugins/sudoers/iolog_path.c:167 plugins/sudoers/ldap.c:177
+#: plugins/sudoers/ldap.c:408 plugins/sudoers/ldap.c:412
+#: plugins/sudoers/ldap.c:424 plugins/sudoers/ldap.c:715
+#: plugins/sudoers/ldap.c:879 plugins/sudoers/ldap.c:1228
+#: plugins/sudoers/ldap.c:1654 plugins/sudoers/ldap.c:1691
+#: plugins/sudoers/ldap.c:1771 plugins/sudoers/ldap.c:1906
+#: plugins/sudoers/ldap.c:2007 plugins/sudoers/ldap.c:2023
+#: plugins/sudoers/ldap_conf.c:214 plugins/sudoers/ldap_conf.c:245
+#: plugins/sudoers/ldap_conf.c:297 plugins/sudoers/ldap_conf.c:333
+#: plugins/sudoers/ldap_conf.c:422 plugins/sudoers/ldap_conf.c:437
+#: plugins/sudoers/ldap_conf.c:533 plugins/sudoers/ldap_conf.c:566
+#: plugins/sudoers/ldap_conf.c:647 plugins/sudoers/ldap_conf.c:729
+#: plugins/sudoers/ldap_util.c:519 plugins/sudoers/ldap_util.c:575
+#: plugins/sudoers/linux_audit.c:76 plugins/sudoers/logging.c:190
+#: plugins/sudoers/logging.c:506 plugins/sudoers/logging.c:527
+#: plugins/sudoers/logging.c:568 plugins/sudoers/logging.c:745
+#: plugins/sudoers/logging.c:1003 plugins/sudoers/match.c:693
+#: plugins/sudoers/match.c:740 plugins/sudoers/match.c:781
+#: plugins/sudoers/match.c:809 plugins/sudoers/match.c:897
+#: plugins/sudoers/match.c:977 plugins/sudoers/parse.c:192
+#: plugins/sudoers/parse.c:204 plugins/sudoers/parse.c:219
+#: plugins/sudoers/parse.c:231 plugins/sudoers/policy.c:497
+#: plugins/sudoers/policy.c:739 plugins/sudoers/prompt.c:93
+#: plugins/sudoers/pwutil.c:191 plugins/sudoers/pwutil.c:263
+#: plugins/sudoers/pwutil.c:340 plugins/sudoers/pwutil.c:514
+#: plugins/sudoers/pwutil.c:580 plugins/sudoers/pwutil.c:650
+#: plugins/sudoers/pwutil.c:808 plugins/sudoers/pwutil.c:865
+#: plugins/sudoers/pwutil.c:910 plugins/sudoers/pwutil.c:968
+#: plugins/sudoers/sssd.c:147 plugins/sudoers/sssd.c:387
+#: plugins/sudoers/sssd.c:450 plugins/sudoers/sssd.c:494
+#: plugins/sudoers/sssd.c:541 plugins/sudoers/sssd.c:732
+#: plugins/sudoers/stubs.c:96 plugins/sudoers/stubs.c:104
+#: plugins/sudoers/sudoers.c:265 plugins/sudoers/sudoers.c:275
+#: plugins/sudoers/sudoers.c:283 plugins/sudoers/sudoers.c:325
+#: plugins/sudoers/sudoers.c:648 plugins/sudoers/sudoers.c:774
+#: plugins/sudoers/sudoers.c:818 plugins/sudoers/sudoers.c:1092
+#: plugins/sudoers/sudoers_debug.c:107 plugins/sudoers/sudoreplay.c:1265
+#: plugins/sudoers/sudoreplay.c:1377 plugins/sudoers/sudoreplay.c:1417
+#: plugins/sudoers/sudoreplay.c:1426 plugins/sudoers/sudoreplay.c:1436
+#: plugins/sudoers/sudoreplay.c:1444 plugins/sudoers/sudoreplay.c:1448
+#: plugins/sudoers/sudoreplay.c:1604 plugins/sudoers/sudoreplay.c:1608
+#: plugins/sudoers/testsudoers.c:125 plugins/sudoers/testsudoers.c:215
+#: plugins/sudoers/testsudoers.c:232 plugins/sudoers/testsudoers.c:554
+#: plugins/sudoers/timestamp.c:401 plugins/sudoers/timestamp.c:445
+#: plugins/sudoers/timestamp.c:923 plugins/sudoers/toke_util.c:55
+#: plugins/sudoers/toke_util.c:108 plugins/sudoers/toke_util.c:145
+#: plugins/sudoers/tsdump.c:125 plugins/sudoers/visudo.c:145
+#: plugins/sudoers/visudo.c:307 plugins/sudoers/visudo.c:313
+#: plugins/sudoers/visudo.c:423 plugins/sudoers/visudo.c:601
+#: plugins/sudoers/visudo.c:920 plugins/sudoers/visudo.c:987
+#: plugins/sudoers/visudo.c:1076 toke.l:847 toke.l:948 toke.l:1105
+msgid "unable to allocate memory"
+msgstr "kan ikke tildele hukommelse"
+
+#: gram.y:484
+msgid "a digest requires a path name"
+msgstr "et sammendrag kræver et stinavn"
+
+#: gram.y:610
+msgid "invalid notbefore value"
+msgstr "ugyldig notbefore-værdi"
+
+#: gram.y:618
+msgid "invalid notafter value"
+msgstr "ugyldig notafter-værdi"
+
+#: gram.y:627 plugins/sudoers/policy.c:313
+msgid "timeout value too large"
+msgstr "værdi for tidsudløb er for stor"
+
+#: gram.y:629 plugins/sudoers/policy.c:315
+msgid "invalid timeout value"
+msgstr "ugyldig værdi for tidsudløb"
+
+#: gram.y:1296 plugins/sudoers/auth/pam.c:349 plugins/sudoers/auth/pam.c:519
+#: plugins/sudoers/auth/rfc1938.c:109 plugins/sudoers/cvtsudoers.c:116
+#: plugins/sudoers/cvtsudoers.c:156 plugins/sudoers/cvtsudoers.c:173
+#: plugins/sudoers/cvtsudoers.c:184 plugins/sudoers/cvtsudoers.c:277
+#: plugins/sudoers/cvtsudoers.c:404 plugins/sudoers/cvtsudoers.c:537
+#: plugins/sudoers/cvtsudoers.c:554 plugins/sudoers/cvtsudoers.c:660
+#: plugins/sudoers/cvtsudoers.c:773 plugins/sudoers/cvtsudoers.c:780
+#: plugins/sudoers/cvtsudoers.c:1186 plugins/sudoers/cvtsudoers.c:1190
+#: plugins/sudoers/cvtsudoers.c:1290 plugins/sudoers/cvtsudoers_ldif.c:146
+#: plugins/sudoers/cvtsudoers_ldif.c:188 plugins/sudoers/cvtsudoers_ldif.c:235
+#: plugins/sudoers/cvtsudoers_ldif.c:254 plugins/sudoers/cvtsudoers_ldif.c:324
+#: plugins/sudoers/cvtsudoers_ldif.c:379 plugins/sudoers/cvtsudoers_ldif.c:387
+#: plugins/sudoers/cvtsudoers_ldif.c:404 plugins/sudoers/cvtsudoers_ldif.c:413
+#: plugins/sudoers/cvtsudoers_ldif.c:559 plugins/sudoers/cvtsudoers_ldif.c:752
+#: plugins/sudoers/cvtsudoers_ldif.c:779 plugins/sudoers/cvtsudoers_ldif.c:847
+#: plugins/sudoers/cvtsudoers_ldif.c:854 plugins/sudoers/cvtsudoers_ldif.c:859
+#: plugins/sudoers/cvtsudoers_ldif.c:935 plugins/sudoers/cvtsudoers_ldif.c:946
+#: plugins/sudoers/cvtsudoers_ldif.c:952 plugins/sudoers/cvtsudoers_ldif.c:977
+#: plugins/sudoers/cvtsudoers_ldif.c:989 plugins/sudoers/cvtsudoers_ldif.c:993
+#: plugins/sudoers/cvtsudoers_ldif.c:1007
+#: plugins/sudoers/cvtsudoers_ldif.c:1176
+#: plugins/sudoers/cvtsudoers_ldif.c:1207
+#: plugins/sudoers/cvtsudoers_ldif.c:1232
+#: plugins/sudoers/cvtsudoers_ldif.c:1261
+#: plugins/sudoers/cvtsudoers_ldif.c:1311
+#: plugins/sudoers/cvtsudoers_ldif.c:1357
+#: plugins/sudoers/cvtsudoers_ldif.c:1367 plugins/sudoers/defaults.c:656
+#: plugins/sudoers/defaults.c:952 plugins/sudoers/defaults.c:1123
+#: plugins/sudoers/editor.c:65 plugins/sudoers/editor.c:83
+#: plugins/sudoers/editor.c:94 plugins/sudoers/env.c:233
+#: plugins/sudoers/filedigest.c:61 plugins/sudoers/filedigest.c:77
+#: plugins/sudoers/gc.c:52 plugins/sudoers/group_plugin.c:131
+#: plugins/sudoers/interfaces.c:71 plugins/sudoers/iolog.c:938
+#: plugins/sudoers/iolog_path.c:167 plugins/sudoers/ldap.c:177
+#: plugins/sudoers/ldap.c:408 plugins/sudoers/ldap.c:412
+#: plugins/sudoers/ldap.c:424 plugins/sudoers/ldap.c:715
+#: plugins/sudoers/ldap.c:879 plugins/sudoers/ldap.c:1228
+#: plugins/sudoers/ldap.c:1654 plugins/sudoers/ldap.c:1691
+#: plugins/sudoers/ldap.c:1771 plugins/sudoers/ldap.c:1906
+#: plugins/sudoers/ldap.c:2007 plugins/sudoers/ldap.c:2023
+#: plugins/sudoers/ldap_conf.c:214 plugins/sudoers/ldap_conf.c:245
+#: plugins/sudoers/ldap_conf.c:297 plugins/sudoers/ldap_conf.c:333
+#: plugins/sudoers/ldap_conf.c:422 plugins/sudoers/ldap_conf.c:437
+#: plugins/sudoers/ldap_conf.c:533 plugins/sudoers/ldap_conf.c:566
+#: plugins/sudoers/ldap_conf.c:646 plugins/sudoers/ldap_conf.c:729
+#: plugins/sudoers/ldap_util.c:519 plugins/sudoers/ldap_util.c:575
+#: plugins/sudoers/linux_audit.c:76 plugins/sudoers/logging.c:190
+#: plugins/sudoers/logging.c:506 plugins/sudoers/logging.c:527
+#: plugins/sudoers/logging.c:567 plugins/sudoers/logging.c:1003
+#: plugins/sudoers/match.c:692 plugins/sudoers/match.c:739
+#: plugins/sudoers/match.c:781 plugins/sudoers/match.c:809
+#: plugins/sudoers/match.c:897 plugins/sudoers/match.c:976
+#: plugins/sudoers/parse.c:191 plugins/sudoers/parse.c:203
+#: plugins/sudoers/parse.c:218 plugins/sudoers/parse.c:230
+#: plugins/sudoers/policy.c:127 plugins/sudoers/policy.c:136
+#: plugins/sudoers/policy.c:145 plugins/sudoers/policy.c:171
+#: plugins/sudoers/policy.c:298 plugins/sudoers/policy.c:313
+#: plugins/sudoers/policy.c:315 plugins/sudoers/policy.c:341
+#: plugins/sudoers/policy.c:351 plugins/sudoers/policy.c:395
+#: plugins/sudoers/policy.c:405 plugins/sudoers/policy.c:414
+#: plugins/sudoers/policy.c:423 plugins/sudoers/policy.c:497
+#: plugins/sudoers/policy.c:739 plugins/sudoers/prompt.c:93
+#: plugins/sudoers/pwutil.c:191 plugins/sudoers/pwutil.c:263
+#: plugins/sudoers/pwutil.c:340 plugins/sudoers/pwutil.c:514
+#: plugins/sudoers/pwutil.c:580 plugins/sudoers/pwutil.c:650
+#: plugins/sudoers/pwutil.c:808 plugins/sudoers/pwutil.c:865
+#: plugins/sudoers/pwutil.c:910 plugins/sudoers/pwutil.c:968
+#: plugins/sudoers/set_perms.c:387 plugins/sudoers/set_perms.c:766
+#: plugins/sudoers/set_perms.c:1150 plugins/sudoers/set_perms.c:1476
+#: plugins/sudoers/set_perms.c:1641 plugins/sudoers/sssd.c:146
+#: plugins/sudoers/sssd.c:387 plugins/sudoers/sssd.c:450
+#: plugins/sudoers/sssd.c:494 plugins/sudoers/sssd.c:541
+#: plugins/sudoers/sssd.c:732 plugins/sudoers/stubs.c:96
+#: plugins/sudoers/stubs.c:104 plugins/sudoers/sudoers.c:265
+#: plugins/sudoers/sudoers.c:275 plugins/sudoers/sudoers.c:283
+#: plugins/sudoers/sudoers.c:325 plugins/sudoers/sudoers.c:648
+#: plugins/sudoers/sudoers.c:774 plugins/sudoers/sudoers.c:818
+#: plugins/sudoers/sudoers.c:1092 plugins/sudoers/sudoers_debug.c:106
+#: plugins/sudoers/sudoreplay.c:1265 plugins/sudoers/sudoreplay.c:1377
+#: plugins/sudoers/sudoreplay.c:1417 plugins/sudoers/sudoreplay.c:1426
+#: plugins/sudoers/sudoreplay.c:1436 plugins/sudoers/sudoreplay.c:1444
+#: plugins/sudoers/sudoreplay.c:1448 plugins/sudoers/sudoreplay.c:1604
+#: plugins/sudoers/sudoreplay.c:1608 plugins/sudoers/testsudoers.c:125
+#: plugins/sudoers/testsudoers.c:215 plugins/sudoers/testsudoers.c:232
+#: plugins/sudoers/testsudoers.c:554 plugins/sudoers/timestamp.c:401
+#: plugins/sudoers/timestamp.c:445 plugins/sudoers/timestamp.c:923
+#: plugins/sudoers/toke_util.c:55 plugins/sudoers/toke_util.c:108
+#: plugins/sudoers/toke_util.c:145 plugins/sudoers/tsdump.c:125
+#: plugins/sudoers/visudo.c:145 plugins/sudoers/visudo.c:307
+#: plugins/sudoers/visudo.c:313 plugins/sudoers/visudo.c:423
+#: plugins/sudoers/visudo.c:601 plugins/sudoers/visudo.c:920
+#: plugins/sudoers/visudo.c:987 plugins/sudoers/visudo.c:1076 toke.l:847
+#: toke.l:948 toke.l:1105
+#, c-format
+msgid "%s: %s"
+msgstr "%s: %s"
+
+#: plugins/sudoers/alias.c:140
+#, c-format
+msgid "Alias \"%s\" already defined"
+msgstr "Alias »%s« er allerede defineret"
+
+#: plugins/sudoers/auth/bsdauth.c:68
+#, c-format
+msgid "unable to get login class for user %s"
+msgstr "kan ikke hente logindklasse for bruger %s"
+
+#: plugins/sudoers/auth/bsdauth.c:73
+msgid "unable to begin bsd authentication"
+msgstr "kan ikke starte bsd-godkendelse"
+
+#: plugins/sudoers/auth/bsdauth.c:81
+msgid "invalid authentication type"
+msgstr "ugyldig godkendelsestype"
+
+#: plugins/sudoers/auth/bsdauth.c:90
+msgid "unable to initialize BSD authentication"
+msgstr "kan ikke initialisere BSD-godkendelse"
+
+#: plugins/sudoers/auth/bsdauth.c:178
+msgid "your account has expired"
+msgstr "din konto er udløbet"
+
+#: plugins/sudoers/auth/bsdauth.c:180
+msgid "approval failed"
+msgstr "godkendelse mislykkedes"
+
+#: plugins/sudoers/auth/fwtk.c:52
+msgid "unable to read fwtk config"
+msgstr "kan ikke læse fwtk-konfiguration"
+
+#: plugins/sudoers/auth/fwtk.c:57
+msgid "unable to connect to authentication server"
+msgstr "kan ikke forbinde til godkendelsesserver"
+
+#: plugins/sudoers/auth/fwtk.c:63 plugins/sudoers/auth/fwtk.c:87
+#: plugins/sudoers/auth/fwtk.c:119
+msgid "lost connection to authentication server"
+msgstr "mistede forbindelsen til godkendelseserveren"
+
+#: plugins/sudoers/auth/fwtk.c:67
+#, c-format
+msgid ""
+"authentication server error:\n"
+"%s"
+msgstr ""
+"godkendelsesserverfejl:\n"
+"%s"
+
+#: plugins/sudoers/auth/kerb5.c:111
+#, c-format
+msgid "%s: unable to convert principal to string ('%s'): %s"
+msgstr "%s: Kan ikke konvertere værtshovedstol til streng (»%s«): %s"
+
+#: plugins/sudoers/auth/kerb5.c:161
+#, c-format
+msgid "%s: unable to parse '%s': %s"
+msgstr "%s: Kan ikke fortolke »%s«: %s"
+
+#: plugins/sudoers/auth/kerb5.c:170
+#, c-format
+msgid "%s: unable to resolve credential cache: %s"
+msgstr "%s: Kan ikke slå akkreditivmellemlager op: %s"
+
+#: plugins/sudoers/auth/kerb5.c:217
+#, c-format
+msgid "%s: unable to allocate options: %s"
+msgstr "%s: Kan ikke allokere tilvalg: %s"
+
+#: plugins/sudoers/auth/kerb5.c:232
+#, c-format
+msgid "%s: unable to get credentials: %s"
+msgstr "%s: Kan ikke indhente akkreditiver: %s"
+
+#: plugins/sudoers/auth/kerb5.c:245
+#, c-format
+msgid "%s: unable to initialize credential cache: %s"
+msgstr "%s: Kan ikke initialisere akkreditivmellemlager: %s"
+
+#: plugins/sudoers/auth/kerb5.c:248
+#, c-format
+msgid "%s: unable to store credential in cache: %s"
+msgstr "%s: Kan ikke gemme akkreditiver i mellemlager: %s"
+
+#: plugins/sudoers/auth/kerb5.c:312
+#, c-format
+msgid "%s: unable to get host principal: %s"
+msgstr "%s: Kan ikke indhente værtshovedstol: %s"
+
+#: plugins/sudoers/auth/kerb5.c:326
+#, c-format
+msgid "%s: Cannot verify TGT! Possible attack!: %s"
+msgstr "%s: Kan ikke verifiere TGT! Muligt angreb!: %s"
+
+#: plugins/sudoers/auth/pam.c:108
+msgid "unable to initialize PAM"
+msgstr "kan ikke initialisere PAM"
+
+#: plugins/sudoers/auth/pam.c:199
+#, c-format
+msgid "PAM authentication error: %s"
+msgstr "PAM-godkendelsesserverfejl: %s"
+
+#: plugins/sudoers/auth/pam.c:216
+msgid "account validation failure, is your account locked?"
+msgstr "valideringsfejl for konto, er din konto låst?"
+
+#: plugins/sudoers/auth/pam.c:224
+msgid "Account or password is expired, reset your password and try again"
+msgstr "Konto eller adgangskoder er udløbet, nulstil din adgangskode og forsøg igen"
+
+#: plugins/sudoers/auth/pam.c:233
+#, c-format
+msgid "unable to change expired password: %s"
+msgstr "kan ikke ændre udløbet adgangskode: %s"
+
+#: plugins/sudoers/auth/pam.c:241
+msgid "Password expired, contact your system administrator"
+msgstr "Adgangskode udløbet, kontakt din systemadministrator"
+
+#: plugins/sudoers/auth/pam.c:245
+msgid "Account expired or PAM config lacks an \"account\" section for sudo, contact your system administrator"
+msgstr "Konto udløbet eller PAM-konfiguration mangler et »kontoafsnit« for sudo. Kontakt din systemadministrator"
+
+#: plugins/sudoers/auth/pam.c:252 plugins/sudoers/auth/pam.c:257
+#, c-format
+msgid "PAM account management error: %s"
+msgstr "PAM-kontohåndteringsfejl: %s"
+
+#: plugins/sudoers/auth/rfc1938.c:97 plugins/sudoers/visudo.c:227
+#, c-format
+msgid "you do not exist in the %s database"
+msgstr "du findes ikke i %s-databasen"
+
+#: plugins/sudoers/auth/securid5.c:73
+msgid "failed to initialise the ACE API library"
+msgstr "kunne ikke initialisere ACE API-biblioteket"
+
+#: plugins/sudoers/auth/securid5.c:99
+msgid "unable to contact the SecurID server"
+msgstr "kan ikke kontakte SecurID-serveren"
+
+#: plugins/sudoers/auth/securid5.c:108
+msgid "User ID locked for SecurID Authentication"
+msgstr "Bruger-ID låst for SecurID-godkendelse"
+
+#: plugins/sudoers/auth/securid5.c:112 plugins/sudoers/auth/securid5.c:163
+msgid "invalid username length for SecurID"
+msgstr "ugyldigt brugernavnslængde for SecurID"
+
+#: plugins/sudoers/auth/securid5.c:116 plugins/sudoers/auth/securid5.c:168
+msgid "invalid Authentication Handle for SecurID"
+msgstr "ugyldigt godkendelseshåndtag for SecurID"
+
+#: plugins/sudoers/auth/securid5.c:120
+msgid "SecurID communication failed"
+msgstr "SecurID-kommunikation fejlede"
+
+#: plugins/sudoers/auth/securid5.c:124 plugins/sudoers/auth/securid5.c:213
+msgid "unknown SecurID error"
+msgstr "ukendt SecurID-fejl"
+
+#: plugins/sudoers/auth/securid5.c:158
+msgid "invalid passcode length for SecurID"
+msgstr "ugyldig adgangskodelængde for SecurID"
+
+#: plugins/sudoers/auth/sia.c:69 plugins/sudoers/auth/sia.c:124
+msgid "unable to initialize SIA session"
+msgstr "kan ikke initialisere SIA-session"
+
+#: plugins/sudoers/auth/sudo_auth.c:131
+msgid "invalid authentication methods"
+msgstr "ugyldige godkendelsesmetoder"
+
+#: plugins/sudoers/auth/sudo_auth.c:133
+msgid "Invalid authentication methods compiled into sudo!  You may not mix standalone and non-standalone authentication."
+msgstr "Ugyldige godkendelsesmetoder kompileret ind i sudo! Du kan ikke blande uafhængig og ikkeuafhængig godkendelse."
+
+#: plugins/sudoers/auth/sudo_auth.c:254 plugins/sudoers/auth/sudo_auth.c:304
+msgid "no authentication methods"
+msgstr "ingen godkendelsesmetoder"
+
+#: plugins/sudoers/auth/sudo_auth.c:256
+msgid "There are no authentication methods compiled into sudo!  If you want to turn off authentication, use the --disable-authentication configure option."
+msgstr "Der er ingen godkendelsesmetoder kompileret ind i sudo! Hvis du ønsker at fravælge godkendelse så brug konfigurationstilvalget --disable-authentication."
+
+#: plugins/sudoers/auth/sudo_auth.c:306
+msgid "Unable to initialize authentication methods."
+msgstr "Kan ikke initialisere godkendelsesmetoder."
+
+#: plugins/sudoers/auth/sudo_auth.c:472
+msgid "Authentication methods:"
+msgstr "Godkendelsesmetoder:"
+
+#: plugins/sudoers/bsm_audit.c:120 plugins/sudoers/bsm_audit.c:211
+msgid "Could not determine audit condition"
+msgstr "Kunne ikke bestemme overvågningsbetingelse"
+
+#: plugins/sudoers/bsm_audit.c:183 plugins/sudoers/bsm_audit.c:273
+msgid "unable to commit audit record"
+msgstr "kan ikke indsende overvågningspost"
+
+#: plugins/sudoers/check.c:262
+msgid ""
+"\n"
+"We trust you have received the usual lecture from the local System\n"
+"Administrator. It usually boils down to these three things:\n"
+"\n"
+"    #1) Respect the privacy of others.\n"
+"    #2) Think before you type.\n"
+"    #3) With great power comes great responsibility.\n"
+"\n"
+msgstr ""
+"\n"
+"Vi stoler på, at du har modtaget den gængse advarsel fra den lokale\n"
+"systemadministrator. Det drejer sig normalt om følgende tre ting:\n"
+"\n"
+"    #1) Respekter andres privatliv.\n"
+"    #2) Tænk før du taster.\n"
+"    #3) Med stor magt følger stort ansvar.\n"
+"\n"
+
+#: plugins/sudoers/check.c:305 plugins/sudoers/check.c:315
+#: plugins/sudoers/sudoers.c:691 plugins/sudoers/sudoers.c:736
+#: plugins/sudoers/tsdump.c:121
+#, c-format
+msgid "unknown uid: %u"
+msgstr "ukendt uid: %u"
+
+#: plugins/sudoers/check.c:310 plugins/sudoers/iolog.c:257
+#: plugins/sudoers/policy.c:912 plugins/sudoers/sudoers.c:1131
+#: plugins/sudoers/testsudoers.c:206 plugins/sudoers/testsudoers.c:366
+#, c-format
+msgid "unknown user: %s"
+msgstr "ukendt bruger: %s"
+
+#: plugins/sudoers/cvtsudoers.c:191
+#, c-format
+msgid "order increment: %s: %s"
+msgstr "rækkefølgeforøgelse: %s: %s"
+
+#: plugins/sudoers/cvtsudoers.c:207
+#, c-format
+msgid "starting order: %s: %s"
+msgstr "startrækkefølge: %s: %s"
+
+#: plugins/sudoers/cvtsudoers.c:218 plugins/sudoers/sudoreplay.c:310
+#: plugins/sudoers/visudo.c:177
+#, c-format
+msgid "%s version %s\n"
+msgstr "%s version %s\n"
+
+#: plugins/sudoers/cvtsudoers.c:220 plugins/sudoers/visudo.c:179
+#, c-format
+msgid "%s grammar version %d\n"
+msgstr "%s grammatikversion %d\n"
+
+#: plugins/sudoers/cvtsudoers.c:237
+#, c-format
+msgid "unsupported input format %s"
+msgstr "ej understøttet inddataformat %s"
+
+#: plugins/sudoers/cvtsudoers.c:252
+#, c-format
+msgid "unsupported output format %s"
+msgstr "ej understøttet uddataformat %s"
+
+#: plugins/sudoers/cvtsudoers.c:292
+#, c-format
+msgid "%s: input and output files must be different"
+msgstr "%s: inddata- og uddatafiler skal være forskellige"
+
+#: plugins/sudoers/cvtsudoers.c:308 plugins/sudoers/sudoers.c:168
+#: plugins/sudoers/testsudoers.c:245 plugins/sudoers/visudo.c:233
+#: plugins/sudoers/visudo.c:589 plugins/sudoers/visudo.c:911
+msgid "unable to initialize sudoers default values"
+msgstr "kan ikke initialisere sudoers' standardværdier"
+
+#: plugins/sudoers/cvtsudoers.c:393 plugins/sudoers/ldap_conf.c:412
+#, c-format
+msgid "%s: %s: %s: %s"
+msgstr "%s: %s: %s: %s"
+
+#: plugins/sudoers/cvtsudoers.c:452
+#, c-format
+msgid "%s: unknown key word: %s"
+msgstr "%s: ukendt nøgleord: %s"
+
+#: plugins/sudoers/cvtsudoers.c:498
+#, c-format
+msgid "invalid defaults type: %s"
+msgstr "ugyldig type for standarder: %s"
+
+#: plugins/sudoers/cvtsudoers.c:521
+#, c-format
+msgid "invalid suppression type: %s"
+msgstr "ugyldig undertrykkelsestype: %s"
+
+#: plugins/sudoers/cvtsudoers.c:561 plugins/sudoers/cvtsudoers.c:575
+#, c-format
+msgid "invalid filter: %s"
+msgstr "ugyldigt filter: %s"
+
+#: plugins/sudoers/cvtsudoers.c:653 plugins/sudoers/cvtsudoers.c:1250
+#: plugins/sudoers/cvtsudoers_json.c:1113
+#: plugins/sudoers/cvtsudoers_ldif.c:627
+#: plugins/sudoers/cvtsudoers_ldif.c:1163 plugins/sudoers/iolog.c:415
+#: plugins/sudoers/sudoers.c:898 plugins/sudoers/sudoreplay.c:356
+#: plugins/sudoers/sudoreplay.c:1366 plugins/sudoers/sudoreplay.c:1570
+#: plugins/sudoers/timestamp.c:410 plugins/sudoers/tsdump.c:130
+#: plugins/sudoers/visudo.c:907
+#, c-format
+msgid "unable to open %s"
+msgstr "kan ikke åbne %s"
+
+#: plugins/sudoers/cvtsudoers.c:656 plugins/sudoers/visudo.c:916
+#, c-format
+msgid "failed to parse %s file, unknown error"
+msgstr "kunne ikke fortolke %s-fil, ukendt fejl"
+
+#: plugins/sudoers/cvtsudoers.c:664 plugins/sudoers/visudo.c:933
+#, c-format
+msgid "parse error in %s near line %d\n"
+msgstr "fortolkningsfejl i %s nær linje %d\n"
+
+#: plugins/sudoers/cvtsudoers.c:667 plugins/sudoers/visudo.c:936
+#, c-format
+msgid "parse error in %s\n"
+msgstr "fortolkningsfejl i %s\n"
+
+#: plugins/sudoers/cvtsudoers.c:1297 plugins/sudoers/iolog.c:502
+#: plugins/sudoers/sudoreplay.c:1135 plugins/sudoers/timestamp.c:294
+#: plugins/sudoers/timestamp.c:297
+#, c-format
+msgid "unable to write to %s"
+msgstr "kan ikke skrive til %s"
+
+#: plugins/sudoers/cvtsudoers.c:1320
+#, c-format
+msgid ""
+"%s - convert between sudoers file formats\n"
+"\n"
+msgstr ""
+"%s - konverter mellem sudoers-filformater\n"
+"\n"
+
+#: plugins/sudoers/cvtsudoers.c:1322
+msgid ""
+"\n"
+"Options:\n"
+"  -b, --base=dn              the base DN for sudo LDAP queries\n"
+"  -d, --defaults=deftypes    only convert Defaults of the specified types\n"
+"  -e, --expand-aliases       expand aliases when converting\n"
+"  -f, --output-format=format set output format: JSON, LDIF or sudoers\n"
+"  -i, --input-format=format  set input format: LDIF or sudoers\n"
+"  -I, --increment=num        amount to increase each sudoOrder by\n"
+"  -h, --help                 display help message and exit\n"
+"  -m, --match=filter         only convert entries that match the filter\n"
+"  -M, --match-local          match filter uses passwd and group databases\n"
+"  -o, --output=output_file   write converted sudoers to output_file\n"
+"  -O, --order-start=num      starting point for first sudoOrder\n"
+"  -p, --prune-matches        prune non-matching users, groups and hosts\n"
+"  -s, --suppress=sections    suppress output of certain sections\n"
+"  -V, --version              display version information and exit"
+msgstr ""
+"\n"
+"Tilvalg:\n"
+"  -b, --base=dn              base-DN'en for sudo LDAP-forespørgsler\n"
+"  -d, --defaults=deftyper    konverter kun Standarder for angivne typer\n"
+"  -e, --expand-aliases       udvid aliasser under konvertering\n"
+"  -f, --output-format=format angiv uddataformat: JSON, LDIF eller sudoers\n"
+"  -i, --input-format=format  angiv inddataformat: LDIF eller sudoers\n"
+"  -I, --increment=num        mængde at øge hver sudoOrder med\n"
+"  -h, --help                 vis denne hjælpetekst og afslut\n"
+"  -m, --match=filter         konverter kun poster som matcher filteret\n"
+"  -M, --match-local          matchfilter bruger passwd og gruppedatabaser\n"
+"  -o, --output=uddatafil     skriv konverteret sudoers til uddatafil\n"
+"  -O, --order-start=num      startpunkt for første sudoOrder\n"
+"  -p, --prune-matches        trim ikkematchende brugere, grupper og værter\n"
+"  -s, --suppress=sektioner   undertryk uddata for bestemte sektioner\n"
+"  -V, --version              vis information om version og afslut"
+
+#: plugins/sudoers/cvtsudoers_json.c:673 plugins/sudoers/cvtsudoers_json.c:708
+#: plugins/sudoers/cvtsudoers_json.c:924
+#, c-format
+msgid "unknown defaults entry \"%s\""
+msgstr "ukendt indgang »%s« for standarder"
+
+#: plugins/sudoers/cvtsudoers_json.c:844 plugins/sudoers/cvtsudoers_json.c:859
+#: plugins/sudoers/cvtsudoers_ldif.c:299 plugins/sudoers/cvtsudoers_ldif.c:310
+#: plugins/sudoers/ldap.c:474
+msgid "unable to get GMT time"
+msgstr "kan ikke indhente GMT-tid"
+
+#: plugins/sudoers/cvtsudoers_json.c:847 plugins/sudoers/cvtsudoers_json.c:862
+#: plugins/sudoers/cvtsudoers_ldif.c:302 plugins/sudoers/cvtsudoers_ldif.c:313
+#: plugins/sudoers/ldap.c:480
+msgid "unable to format timestamp"
+msgstr "kan ikke formatere tidsstempel"
+
+#: plugins/sudoers/cvtsudoers_ldif.c:517 plugins/sudoers/env.c:295
+#: plugins/sudoers/env.c:302 plugins/sudoers/env.c:407
+#: plugins/sudoers/ldap.c:488 plugins/sudoers/ldap.c:719
+#: plugins/sudoers/ldap.c:1046 plugins/sudoers/ldap_conf.c:218
+#: plugins/sudoers/ldap_conf.c:308 plugins/sudoers/linux_audit.c:82
+#: plugins/sudoers/logging.c:1008 plugins/sudoers/policy.c:618
+#: plugins/sudoers/policy.c:628 plugins/sudoers/prompt.c:161
+#: plugins/sudoers/sudoers.c:840 plugins/sudoers/testsudoers.c:236
+#: plugins/sudoers/toke_util.c:157
+#, c-format
+msgid "internal error, %s overflow"
+msgstr "intern fejl, %s-overløb"
+
+#: plugins/sudoers/cvtsudoers_ldif.c:622
+msgid "the SUDOERS_BASE environment variable is not set and the -b option was not specified."
+msgstr "miljøvariablen SUDOERS_BASE er ikke angivet og tilvalget -b var ikke angivet."
+
+#: plugins/sudoers/cvtsudoers_ldif.c:757
+#, c-format
+msgid "ignoring invalid attribute value: %s"
+msgstr "ignorerer ugyldig attributværdi: %s"
+
+#: plugins/sudoers/cvtsudoers_ldif.c:1197
+#, c-format
+msgid "ignoring incomplete sudoRole: cn: %s"
+msgstr "ignorerer ufuldstændig sudoRole: cn: %s"
+
+#: plugins/sudoers/cvtsudoers_ldif.c:1349 plugins/sudoers/ldap.c:1778
+#, c-format
+msgid "invalid sudoOrder attribute: %s"
+msgstr "ugyldig sudoOrder-attribut: %s"
+
+#: plugins/sudoers/def_data.c:42
+#, c-format
+msgid "Syslog facility if syslog is being used for logging: %s"
+msgstr "Syslog-facilitet hvis syslog bruges til logning: %s"
+
+#: plugins/sudoers/def_data.c:46
+#, c-format
+msgid "Syslog priority to use when user authenticates successfully: %s"
+msgstr "Syslog-prioritet at bruge når brugergodkendelser går igennem: %s"
+
+#: plugins/sudoers/def_data.c:50
+#, c-format
+msgid "Syslog priority to use when user authenticates unsuccessfully: %s"
+msgstr "Syslog-prioritet at bruge når brugergodkendelser ikke går igennem: %s"
+
+#: plugins/sudoers/def_data.c:54
+msgid "Put OTP prompt on its own line"
+msgstr "Placer OTP-prompter på deres egen linje"
+
+#: plugins/sudoers/def_data.c:58
+msgid "Ignore '.' in $PATH"
+msgstr "Ignorer ».« i $PATH"
+
+#: plugins/sudoers/def_data.c:62
+msgid "Always send mail when sudo is run"
+msgstr "Send altid post når sudo køres"
+
+#: plugins/sudoers/def_data.c:66
+msgid "Send mail if user authentication fails"
+msgstr "Send post hvis brugergodkendelse fejler"
+
+#: plugins/sudoers/def_data.c:70
+msgid "Send mail if the user is not in sudoers"
+msgstr "Send post hvis brugeren ikke er i suoders"
+
+#: plugins/sudoers/def_data.c:74
+msgid "Send mail if the user is not in sudoers for this host"
+msgstr "Send post hvis brugeren ikke er i sudoers for denne vært"
+
+#: plugins/sudoers/def_data.c:78
+msgid "Send mail if the user is not allowed to run a command"
+msgstr "Send post hvis brugeren ikke har tilladelse til at køre en kommando"
+
+#: plugins/sudoers/def_data.c:82
+msgid "Send mail if the user tries to run a command"
+msgstr "Send post hvis brugeren forsøger at køre en kommando"
+
+#: plugins/sudoers/def_data.c:86
+msgid "Use a separate timestamp for each user/tty combo"
+msgstr "Brug et separat tidsstempel for hver bruger/tty-kombination"
+
+#: plugins/sudoers/def_data.c:90
+msgid "Lecture user the first time they run sudo"
+msgstr "Undervis brugere den første gang de kører sudo"
+
+#: plugins/sudoers/def_data.c:94
+#, c-format
+msgid "File containing the sudo lecture: %s"
+msgstr "Fil indeholdende sudo-undervisningen: %s"
+
+#: plugins/sudoers/def_data.c:98
+msgid "Require users to authenticate by default"
+msgstr "Kræv som standard at brugere skal godkendes"
+
+#: plugins/sudoers/def_data.c:102
+msgid "Root may run sudo"
+msgstr "Root kan køre sudo"
+
+#: plugins/sudoers/def_data.c:106
+msgid "Log the hostname in the (non-syslog) log file"
+msgstr "Log værtsnavnet i logfilen (non-syslog)"
+
+#: plugins/sudoers/def_data.c:110
+msgid "Log the year in the (non-syslog) log file"
+msgstr "Log året i logfilen (non-syslog)"
+
+#: plugins/sudoers/def_data.c:114
+msgid "If sudo is invoked with no arguments, start a shell"
+msgstr "Hvis sudo er startet op uden argumenter så start en skal"
+
+#: plugins/sudoers/def_data.c:118
+msgid "Set $HOME to the target user when starting a shell with -s"
+msgstr "Angiv $HOME for målbrugeren når der startes en skal med -s"
+
+#: plugins/sudoers/def_data.c:122
+msgid "Always set $HOME to the target user's home directory"
+msgstr "Angiv altid $HOME for målbrugerens hjemmemappe"
+
+#: plugins/sudoers/def_data.c:126
+msgid "Allow some information gathering to give useful error messages"
+msgstr "Tillad lidt informationsindsamling for at lave brugbare fejlbeskeder"
+
+#: plugins/sudoers/def_data.c:130
+msgid "Require fully-qualified hostnames in the sudoers file"
+msgstr "Kræv fuldkvalificerede værtsnavne i sudoersfilen"
+
+#: plugins/sudoers/def_data.c:134
+msgid "Insult the user when they enter an incorrect password"
+msgstr "Fornærm brugeren når de indtaster en forkert adgangskode"
+
+#: plugins/sudoers/def_data.c:138
+msgid "Only allow the user to run sudo if they have a tty"
+msgstr "Tillad kun brugeren at køre sudo hvis de har en tty"
+
+#: plugins/sudoers/def_data.c:142
+msgid "Visudo will honor the EDITOR environment variable"
+msgstr "Visudo vil overholde EDITOR-miljøvariablen"
+
+#: plugins/sudoers/def_data.c:146
+msgid "Prompt for root's password, not the users's"
+msgstr "Spørg om adgangskoden for root, ikke brugerens"
+
+#: plugins/sudoers/def_data.c:150
+msgid "Prompt for the runas_default user's password, not the users's"
+msgstr "Spørg om brugerens kør som_standard adgangskode, ikke brugernes"
+
+#: plugins/sudoers/def_data.c:154
+msgid "Prompt for the target user's password, not the users's"
+msgstr "Spørg om målbrugerens adgangskode, ikke brugernes"
+
+#: plugins/sudoers/def_data.c:158
+msgid "Apply defaults in the target user's login class if there is one"
+msgstr "Brug standarder i målbrugerens logindklasse hvis der er en"
+
+#: plugins/sudoers/def_data.c:162
+msgid "Set the LOGNAME and USER environment variables"
+msgstr "Angiv LOGNAME- og USER-miljøvariablerne"
+
+#: plugins/sudoers/def_data.c:166
+msgid "Only set the effective uid to the target user, not the real uid"
+msgstr "Angiv kun den effektive uid til målbrugeren, ikke den reelle uid"
+
+#: plugins/sudoers/def_data.c:170
+msgid "Don't initialize the group vector to that of the target user"
+msgstr "Initialiser ikke gruppevektoren til målbrugerens"
+
+#: plugins/sudoers/def_data.c:174
+#, c-format
+msgid "Length at which to wrap log file lines (0 for no wrap): %u"
+msgstr "Længde hvor logfillinjer skal ombrydes (0 for ingen ombrydning): %u"
+
+#: plugins/sudoers/def_data.c:178
+#, c-format
+msgid "Authentication timestamp timeout: %.1f minutes"
+msgstr "Tidsudløb for godkendelsestidsstempel: %.1f minutter"
+
+#: plugins/sudoers/def_data.c:182
+#, c-format
+msgid "Password prompt timeout: %.1f minutes"
+msgstr "Tidsudløb for adgangskodeprompt: %.1f minutter"
+
+#: plugins/sudoers/def_data.c:186
+#, c-format
+msgid "Number of tries to enter a password: %u"
+msgstr "Antal forsøg for indtastning af adgangskode: %u"
+
+#: plugins/sudoers/def_data.c:190
+#, c-format
+msgid "Umask to use or 0777 to use user's: 0%o"
+msgstr "Umask at bruge eller 0777 for at bruge brugers: 0%o"
+
+#: plugins/sudoers/def_data.c:194
+#, c-format
+msgid "Path to log file: %s"
+msgstr "Sti til logfil: %s"
+
+#: plugins/sudoers/def_data.c:198
+#, c-format
+msgid "Path to mail program: %s"
+msgstr "Stil til postprogram: %s"
+
+#: plugins/sudoers/def_data.c:202
+#, c-format
+msgid "Flags for mail program: %s"
+msgstr "Flag for postprogram: %s"
+
+#: plugins/sudoers/def_data.c:206
+#, c-format
+msgid "Address to send mail to: %s"
+msgstr "Adresse at sende post til: %s"
+
+#: plugins/sudoers/def_data.c:210
+#, c-format
+msgid "Address to send mail from: %s"
+msgstr "Adresse at sende post fra: %s"
+
+#: plugins/sudoers/def_data.c:214
+#, c-format
+msgid "Subject line for mail messages: %s"
+msgstr "Emnelinje for postbeskeder: %s"
+
+#: plugins/sudoers/def_data.c:218
+#, c-format
+msgid "Incorrect password message: %s"
+msgstr "Ugyldig adgangskodebesked: %s"
+
+#: plugins/sudoers/def_data.c:222
+#, c-format
+msgid "Path to lecture status dir: %s"
+msgstr "Sti til undervisningsstatusmappen: %s"
+
+#: plugins/sudoers/def_data.c:226
+#, c-format
+msgid "Path to authentication timestamp dir: %s"
+msgstr "Sti til mappe for godkendelsestidsstempel: %s"
+
+#: plugins/sudoers/def_data.c:230
+#, c-format
+msgid "Owner of the authentication timestamp dir: %s"
+msgstr "Ejer af mappen for godkendelsestidsstempel: %s"
+
+#: plugins/sudoers/def_data.c:234
+#, c-format
+msgid "Users in this group are exempt from password and PATH requirements: %s"
+msgstr "Brugere i denne gruppe er undtaget fra adgangskode og STI-krav: %s"
+
+#: plugins/sudoers/def_data.c:238
+#, c-format
+msgid "Default password prompt: %s"
+msgstr "Standard for adgangskodeprompt: %s"
+
+#: plugins/sudoers/def_data.c:242
+msgid "If set, passprompt will override system prompt in all cases."
+msgstr "Hvis angivet vil adgangsprompt overskrive systemprompt i alle tilfælde."
+
+#: plugins/sudoers/def_data.c:246
+#, c-format
+msgid "Default user to run commands as: %s"
+msgstr "Standardbruger at køre kommandoer som: %s"
+
+#: plugins/sudoers/def_data.c:250
+#, c-format
+msgid "Value to override user's $PATH with: %s"
+msgstr "Værdi at overskrive brugers $PATH med: %s"
+
+#: plugins/sudoers/def_data.c:254
+#, c-format
+msgid "Path to the editor for use by visudo: %s"
+msgstr "Sti til redigeringsprogrammet for brug af visudo: %s"
+
+#: plugins/sudoers/def_data.c:258
+#, c-format
+msgid "When to require a password for 'list' pseudocommand: %s"
+msgstr "Hvornår der skal kræves en adgangskode for »list« pseudokommando: %s"
+
+#: plugins/sudoers/def_data.c:262
+#, c-format
+msgid "When to require a password for 'verify' pseudocommand: %s"
+msgstr "Hvornår der skal kræves en adgangskode for »verify« pseudokommando: %s"
+
+#: plugins/sudoers/def_data.c:266
+msgid "Preload the dummy exec functions contained in the sudo_noexec library"
+msgstr "Præindlæs attrap-udførelsesfunktioner indeholdt i biblioteket sudo_noexec"
+
+#: plugins/sudoers/def_data.c:270
+msgid "If LDAP directory is up, do we ignore local sudoers file"
+msgstr "Hvis LDAP-mappe er sat op, ignorer vi så lokal sudoersfil"
+
+#: plugins/sudoers/def_data.c:274
+#, c-format
+msgid "File descriptors >= %d will be closed before executing a command"
+msgstr "Filbeskrivelser >= %d vil blive lukket før udførelse af en kommando"
+
+#: plugins/sudoers/def_data.c:278
+msgid "If set, users may override the value of `closefrom' with the -C option"
+msgstr "Hvis angivet kan brugere overskrive værdien af »closeform« med tilvalget -C"
+
+#: plugins/sudoers/def_data.c:282
+msgid "Allow users to set arbitrary environment variables"
+msgstr "Tillad at brugere kan angive arbitrære miljøvariabler"
+
+#: plugins/sudoers/def_data.c:286
+msgid "Reset the environment to a default set of variables"
+msgstr "Nulstil miljøet til et standardsæt af variabler"
+
+#: plugins/sudoers/def_data.c:290
+msgid "Environment variables to check for sanity:"
+msgstr "Miljøvariabler at indstillingskontrollere:"
+
+#: plugins/sudoers/def_data.c:294
+msgid "Environment variables to remove:"
+msgstr "Miljøvariabler at fjerne:"
+
+#: plugins/sudoers/def_data.c:298
+msgid "Environment variables to preserve:"
+msgstr "Miljøvariabler at bevare:"
+
+#: plugins/sudoers/def_data.c:302
+#, c-format
+msgid "SELinux role to use in the new security context: %s"
+msgstr "SELinux-rolle at bruge i den nye sikkerhedskontekst: %s"
+
+#: plugins/sudoers/def_data.c:306
+#, c-format
+msgid "SELinux type to use in the new security context: %s"
+msgstr "SELinux-type at bruge i den nye sikkerhedskontekst: %s"
+
+#: plugins/sudoers/def_data.c:310
+#, c-format
+msgid "Path to the sudo-specific environment file: %s"
+msgstr "Sti til den sudo-specifikke miljøfil: %s"
+
+#: plugins/sudoers/def_data.c:314
+#, c-format
+msgid "Path to the restricted sudo-specific environment file: %s"
+msgstr "Sti til det begrænsede sudo-specifikke miljøfil: %s"
+
+#: plugins/sudoers/def_data.c:318
+#, c-format
+msgid "Locale to use while parsing sudoers: %s"
+msgstr "Sprog at bruge under fortolkning af sudoers: %s"
+
+#: plugins/sudoers/def_data.c:322
+msgid "Allow sudo to prompt for a password even if it would be visible"
+msgstr "Tillad at sudo spørger om en adgangskode selv om den vil være synlig"
+
+#: plugins/sudoers/def_data.c:326
+msgid "Provide visual feedback at the password prompt when there is user input"
+msgstr "Tilbyd visuel tilbagemeldning ved adgangskodeprompten når der er brugerinddata"
+
+#: plugins/sudoers/def_data.c:330
+msgid "Use faster globbing that is less accurate but does not access the filesystem"
+msgstr "Brug hurtigere globbing som er mindre præcis, men som ikke tilgår filsystemet"
+
+#: plugins/sudoers/def_data.c:334
+msgid "The umask specified in sudoers will override the user's, even if it is more permissive"
+msgstr "Umask'en angivet i sudoers vil overskrive brugerens, også selv om den er mere tilladende"
+
+#: plugins/sudoers/def_data.c:338
+msgid "Log user's input for the command being run"
+msgstr "Log brugers inddata for kommandoen der bliver kørt"
+
+#: plugins/sudoers/def_data.c:342
+msgid "Log the output of the command being run"
+msgstr "Log uddata for kommandoen der bliver kørt"
+
+#: plugins/sudoers/def_data.c:346
+msgid "Compress I/O logs using zlib"
+msgstr "Komprimer I/O-log med brug af zlib"
+
+#: plugins/sudoers/def_data.c:350
+msgid "Always run commands in a pseudo-tty"
+msgstr "Kør altid kommandoer i en pseudo-tty"
+
+#: plugins/sudoers/def_data.c:354
+#, c-format
+msgid "Plugin for non-Unix group support: %s"
+msgstr "Udvidelsesmodul for ikke-Unix-gruppeunderstøttelse: %s"
+
+#: plugins/sudoers/def_data.c:358
+#, c-format
+msgid "Directory in which to store input/output logs: %s"
+msgstr "Mappe at gemme inddata-/uddatalogge i: %s"
+
+#: plugins/sudoers/def_data.c:362
+#, c-format
+msgid "File in which to store the input/output log: %s"
+msgstr "Fil at gemme inddata-/uddatalog i: %s"
+
+#: plugins/sudoers/def_data.c:366
+msgid "Add an entry to the utmp/utmpx file when allocating a pty"
+msgstr "Tilføjer et punkt til utmp/utmpx-filen når der allokeres en pty"
+
+#: plugins/sudoers/def_data.c:370
+msgid "Set the user in utmp to the runas user, not the invoking user"
+msgstr "Angiv brugeren i utmp til brugeren kør som, ikke den opstartende bruger"
+
+#: plugins/sudoers/def_data.c:374
+#, c-format
+msgid "Set of permitted privileges: %s"
+msgstr "Sæt af tilladte privilegier: %s"
+
+# Det skal forstås som et sæt af grænseprivilegier
+# https://www.sudo.ws/man/1.8.21/sudoers.man.html (se limitprivs)
+#: plugins/sudoers/def_data.c:378
+#, c-format
+msgid "Set of limit privileges: %s"
+msgstr "Sæt af grænseprivilegier: %s"
+
+#: plugins/sudoers/def_data.c:382
+msgid "Run commands on a pty in the background"
+msgstr "Kør kommandoer på en pty i baggrunden"
+
+#: plugins/sudoers/def_data.c:386
+#, c-format
+msgid "PAM service name to use: %s"
+msgstr "PAM-tjenestenavn der skal bruges: %s"
+
+#: plugins/sudoers/def_data.c:390
+#, c-format
+msgid "PAM service name to use for login shells: %s"
+msgstr "PAM-tjenestenavn der skal bruges for logindskaller: %s"
+
+#: plugins/sudoers/def_data.c:394
+msgid "Attempt to establish PAM credentials for the target user"
+msgstr "Forsøg på at etablere PAM-akkreditiver for målbrugeren"
+
+#: plugins/sudoers/def_data.c:398
+msgid "Create a new PAM session for the command to run in"
+msgstr "Opret en ny PAM-session som kommandoen kan køre i"
+
+#: plugins/sudoers/def_data.c:402
+#, c-format
+msgid "Maximum I/O log sequence number: %u"
+msgstr "Maksimalt I/O-logsekvenstal: %u"
+
+#: plugins/sudoers/def_data.c:406
+msgid "Enable sudoers netgroup support"
+msgstr "Aktiver sudoers netgroup-understøttelse"
+
+#: plugins/sudoers/def_data.c:410
+msgid "Check parent directories for writability when editing files with sudoedit"
+msgstr "Kontroller overmappers skriverettigheder ved redigering af filer med sudoedit"
+
+#: plugins/sudoers/def_data.c:414
+msgid "Follow symbolic links when editing files with sudoedit"
+msgstr "Følg symbolske henvisninger når filer redigeres med sudoedit"
+
+#: plugins/sudoers/def_data.c:418
+msgid "Query the group plugin for unknown system groups"
+msgstr "Forespørg gruppe-udvidelsesmodulet for ukendte systemgrupper"
+
+#: plugins/sudoers/def_data.c:422
+msgid "Match netgroups based on the entire tuple: user, host and domain"
+msgstr "Sammenlign netgrupper baseret på hele tuplen: bruger, vært og domæne"
+
+#: plugins/sudoers/def_data.c:426
+msgid "Allow commands to be run even if sudo cannot write to the audit log"
+msgstr "Tillader at kommandoer køres, selv om sudo ikke kan skrive til revisionsloggen"
+
+#: plugins/sudoers/def_data.c:430
+msgid "Allow commands to be run even if sudo cannot write to the I/O log"
+msgstr "Tillader at kommandoer køres, selv om sudo ikke kan skrive til I/O-loggen"
+
+#: plugins/sudoers/def_data.c:434
+msgid "Allow commands to be run even if sudo cannot write to the log file"
+msgstr "Tillader at kommandoer køres, selv om sudo ikke kan skrive til logfilen"
+
+#: plugins/sudoers/def_data.c:438
+msgid "Resolve groups in sudoers and match on the group ID, not the name"
+msgstr "Slå grupper op i sudoers og match efter gruppe-id, ikke navnet"
+
+#: plugins/sudoers/def_data.c:442
+#, c-format
+msgid "Log entries larger than this value will be split into multiple syslog messages: %u"
+msgstr "Logposter større end denne værdi vil blive opdelt i flere syslogbeskeder: %u"
+
+#: plugins/sudoers/def_data.c:446
+#, c-format
+msgid "User that will own the I/O log files: %s"
+msgstr "Bruger som vil eje I/O-logfilerne: %s"
+
+#: plugins/sudoers/def_data.c:450
+#, c-format
+msgid "Group that will own the I/O log files: %s"
+msgstr "Gruppe som vil eje I/O-logfilerne: %s"
+
+#: plugins/sudoers/def_data.c:454
+#, c-format
+msgid "File mode to use for the I/O log files: 0%o"
+msgstr "Filtilstand der skal bruges for I/O-logfilerne: 0%o"
+
+#: plugins/sudoers/def_data.c:458
+#, c-format
+msgid "Execute commands by file descriptor instead of by path: %s"
+msgstr "Kør kommandoer efter fildeskriptor i stedet for efter sti: %s"
+
+# Defaults-punkter/indgange", vil jeg tro
+# Vil mene at det er en overskrift i konfigurationsfilen eller lignende
+#: plugins/sudoers/def_data.c:462
+msgid "Ignore unknown Defaults entries in sudoers instead of producing a warning"
+msgstr "Ignorer ukendte Defaults-punkter i sudoere i stedet for at give en advarsel"
+
+#: plugins/sudoers/def_data.c:466
+#, c-format
+msgid "Time in seconds after which the command will be terminated: %u"
+msgstr "Tid i sekunder hvorefter kommandoen vil blive afsluttet: %u"
+
+#: plugins/sudoers/def_data.c:470
+msgid "Allow the user to specify a timeout on the command line"
+msgstr "Tillad at brugeren angiver et tidsudløb på kommandolinjen"
+
+#: plugins/sudoers/def_data.c:474
+msgid "Flush I/O log data to disk immediately instead of buffering it"
+msgstr "Tøm I/O-logdata til disken med det samme i stedet for at mellemlagre den"
+
+#: plugins/sudoers/def_data.c:478
+msgid "Include the process ID when logging via syslog"
+msgstr "Inkluder proces-id'et når der logges via syslog"
+
+#: plugins/sudoers/def_data.c:482
+#, c-format
+msgid "Type of authentication timestamp record: %s"
+msgstr "Elementtype for godkendelsestidsstempel: %s"
+
+#: plugins/sudoers/def_data.c:486
+#, c-format
+msgid "Authentication failure message: %s"
+msgstr "godkendelsesfejlbesked: %s"
+
+#: plugins/sudoers/def_data.c:490
+msgid "Ignore case when matching user names"
+msgstr "Ignorer store/små bogstaver når brugernavne matches"
+
+#: plugins/sudoers/def_data.c:494
+msgid "Ignore case when matching group names"
+msgstr "Ignorer store/små bogstaver når gruppenavne matches"
+
+#: plugins/sudoers/defaults.c:224
+#, c-format
+msgid "%s:%d unknown defaults entry \"%s\""
+msgstr "%s:%d ukendt indgang »%s« for standarder"
+
+#: plugins/sudoers/defaults.c:227
+#, c-format
+msgid "%s: unknown defaults entry \"%s\""
+msgstr "%s: ukendt indgang »%s« for standarder"
+
+#: plugins/sudoers/defaults.c:270
+#, c-format
+msgid "%s:%d no value specified for \"%s\""
+msgstr "%s:%d ingen værdi angivet for »%s«"
+
+#: plugins/sudoers/defaults.c:273
+#, c-format
+msgid "%s: no value specified for \"%s\""
+msgstr "%s: ingen værdi angivet for »%s«"
+
+#: plugins/sudoers/defaults.c:293
+#, c-format
+msgid "%s:%d values for \"%s\" must start with a '/'"
+msgstr "%s:%d værdier for »%s« skal begynde med en »/«"
+
+#: plugins/sudoers/defaults.c:296
+#, c-format
+msgid "%s: values for \"%s\" must start with a '/'"
+msgstr "%s: værdier for »%s« skal begynde med en »/«"
+
+#: plugins/sudoers/defaults.c:318
+#, c-format
+msgid "%s:%d option \"%s\" does not take a value"
+msgstr "%s:%d indstillingen »%s« kan ikke modtage en værdi"
+
+#: plugins/sudoers/defaults.c:321
+#, c-format
+msgid "%s: option \"%s\" does not take a value"
+msgstr "%s: indstillingen »%s« kan ikke modtage en værdi"
+
+#: plugins/sudoers/defaults.c:346
+#, c-format
+msgid "%s:%d invalid Defaults type 0x%x for option \"%s\""
+msgstr "%s:%d ugyldig standardtype 0x%x for tilvalget »%s«"
+
+#: plugins/sudoers/defaults.c:349
+#, c-format
+msgid "%s: invalid Defaults type 0x%x for option \"%s\""
+msgstr "%s: ugyldig standardtype 0x%x for tilvalget »%s«"
+
+#: plugins/sudoers/defaults.c:359
+#, c-format
+msgid "%s:%d value \"%s\" is invalid for option \"%s\""
+msgstr "%s:%d værdien »%s« er ugyldig for tilvalget »%s«"
+
+#: plugins/sudoers/defaults.c:362
+#, c-format
+msgid "%s: value \"%s\" is invalid for option \"%s\""
+msgstr "%s: værdien »%s« er ugyldig for tilvalget »%s«"
+
+#: plugins/sudoers/env.c:376
+msgid "sudo_putenv: corrupted envp, length mismatch"
+msgstr "sudo_putenv: ødelagt envp, forskellig længde"
+
+#: plugins/sudoers/env.c:1055
+msgid "unable to rebuild the environment"
+msgstr "kan ikke genopbygge miljøet"
+
+#: plugins/sudoers/env.c:1129
+#, c-format
+msgid "sorry, you are not allowed to set the following environment variables: %s"
+msgstr "beklager, du har ikke tilladelse til at angive de følgende miljøvariabler: %s"
+
+#: plugins/sudoers/file.c:111
+#, c-format
+msgid "parse error in %s near line %d"
+msgstr "fortolkningsfejl i %s nær linje %d"
+
+#: plugins/sudoers/file.c:114
+#, c-format
+msgid "parse error in %s"
+msgstr "fortolkningsfejl i %s"
+
+#: plugins/sudoers/filedigest.c:56
+#, c-format
+msgid "unsupported digest type %d for %s"
+msgstr "ej understøttet sammendragstype %d for %s"
+
+#: plugins/sudoers/filedigest.c:85
+#, c-format
+msgid "%s: read error"
+msgstr "%s: læsefejl"
+
+#: plugins/sudoers/group_plugin.c:83
+#, c-format
+msgid "%s must be owned by uid %d"
+msgstr "%s skal være ejet af uid %d"
+
+#: plugins/sudoers/group_plugin.c:87
+#, c-format
+msgid "%s must only be writable by owner"
+msgstr "%s skal være skrivbar af ejer"
+
+#: plugins/sudoers/group_plugin.c:95 plugins/sudoers/sssd.c:550
+#, c-format
+msgid "unable to load %s: %s"
+msgstr "kan ikke indlæse %s: %s"
+
+#: plugins/sudoers/group_plugin.c:101
+#, c-format
+msgid "unable to find symbol \"group_plugin\" in %s"
+msgstr "kan ikke finde symbol »group_plugin« i %s"
+
+#: plugins/sudoers/group_plugin.c:106
+#, c-format
+msgid "%s: incompatible group plugin major version %d, expected %d"
+msgstr "%s: inkompatibel gruppeudvidelsesmodul for hovedversion %d, forventede %d"
+
+#: plugins/sudoers/interfaces.c:79 plugins/sudoers/interfaces.c:96
+#, c-format
+msgid "unable to parse IP address \"%s\""
+msgstr "kan ikke fortolke IP-adressen »%s«"
+
+#: plugins/sudoers/interfaces.c:84 plugins/sudoers/interfaces.c:101
+#, c-format
+msgid "unable to parse netmask \"%s\""
+msgstr "kan ikke fortolke netmasken »%s«"
+
+#: plugins/sudoers/interfaces.c:129
+msgid "Local IP address and netmask pairs:\n"
+msgstr "Lokal IP-adresse og netmaskepar:\n"
+
+#: plugins/sudoers/iolog.c:119 plugins/sudoers/mkdir_parents.c:75
+#, c-format
+msgid "%s exists but is not a directory (0%o)"
+msgstr "%s findes men er ikke en mappe (0%o)"
+
+#: plugins/sudoers/iolog.c:144 plugins/sudoers/iolog.c:184
+#: plugins/sudoers/mkdir_parents.c:64 plugins/sudoers/timestamp.c:174
+#, c-format
+msgid "unable to mkdir %s"
+msgstr "kan ikke mkdir %s"
+
+#: plugins/sudoers/iolog.c:188 plugins/sudoers/visudo.c:718
+#: plugins/sudoers/visudo.c:728
+#, c-format
+msgid "unable to change mode of %s to 0%o"
+msgstr "kan ikke ændre tilstand på %s til 0%o"
+
+#: plugins/sudoers/iolog.c:296 plugins/sudoers/sudoers.c:1162
+#: plugins/sudoers/testsudoers.c:390
+#, c-format
+msgid "unknown group: %s"
+msgstr "ukendt gruppe: %s"
+
+#: plugins/sudoers/iolog.c:466 plugins/sudoers/sudoers.c:902
+#: plugins/sudoers/sudoreplay.c:868 plugins/sudoers/sudoreplay.c:1681
+#: plugins/sudoers/tsdump.c:140
+#, c-format
+msgid "unable to read %s"
+msgstr "kan ikke læse %s"
+
+#: plugins/sudoers/iolog.c:581 plugins/sudoers/iolog.c:800
+#, c-format
+msgid "unable to create %s"
+msgstr "kan ikke oprette %s"
+
+#: plugins/sudoers/iolog.c:1032 plugins/sudoers/iolog.c:1107
+#: plugins/sudoers/iolog.c:1188
+#, c-format
+msgid "unable to write to I/O log file: %s"
+msgstr "kan ikke skrive til I/O-logfilen: %s"
+
+#: plugins/sudoers/iolog.c:1066
+#, c-format
+msgid "%s: internal error, file index %d not open"
+msgstr "%s: intern fejl, filindekset %d er ikke åbent"
+
+#: plugins/sudoers/ldap.c:170 plugins/sudoers/ldap_conf.c:287
+msgid "starttls not supported when using ldaps"
+msgstr "starttls er ikke understøttet, når der bruges ldaps"
+
+#: plugins/sudoers/ldap.c:241
+#, c-format
+msgid "unable to initialize SSL cert and key db: %s"
+msgstr "kan ikke initialisere SSL-cert og key db: %s"
+
+#: plugins/sudoers/ldap.c:244
+#, c-format
+msgid "you must set TLS_CERT in %s to use SSL"
+msgstr "du skal angive at TLS_CERT i %s skal bruge SSL"
+
+#: plugins/sudoers/ldap.c:1606
+#, c-format
+msgid "unable to initialize LDAP: %s"
+msgstr "kan ikke initialisere LDAP: %s"
+
+#: plugins/sudoers/ldap.c:1642
+msgid "start_tls specified but LDAP libs do not support ldap_start_tls_s() or ldap_start_tls_s_np()"
+msgstr "start_tls angivet men LDAP libs understøtter ikke ldap_start_tls_s() eller ldap_start_tls_s_np()"
+
+#: plugins/sudoers/ldap_conf.c:196
+msgid "sudo_ldap_conf_add_ports: port too large"
+msgstr "sudo_ldap_conf_add_ports: port for stor"
+
+#: plugins/sudoers/ldap_conf.c:256
+#, c-format
+msgid "unsupported LDAP uri type: %s"
+msgstr "ikkeunderstøttet LDAP uri-type: %s"
+
+#: plugins/sudoers/ldap_conf.c:283
+msgid "unable to mix ldap and ldaps URIs"
+msgstr "kan ikke blande ldap og ldaps URI'er"
+
+#: plugins/sudoers/ldap_util.c:470 plugins/sudoers/ldap_util.c:472
+#, c-format
+msgid "unable to convert sudoOption: %s%s%s"
+msgstr "kan ikke konvertere sudoOption: %s%s%s"
+
+#: plugins/sudoers/linux_audit.c:52
+msgid "unable to open audit system"
+msgstr "kan ikke åbne overvågningssystem"
+
+#: plugins/sudoers/linux_audit.c:93
+msgid "unable to send audit message"
+msgstr "kan ikke sende overvågningsbesked"
+
+#: plugins/sudoers/logging.c:108
+#, c-format
+msgid "%8s : %s"
+msgstr "%8s : %s"
+
+#: plugins/sudoers/logging.c:136
+#, c-format
+msgid "%8s : (command continued) %s"
+msgstr "%8s: (kommando fortsat) %s"
+
+#: plugins/sudoers/logging.c:165
+#, c-format
+msgid "unable to open log file: %s"
+msgstr "kan ikke åbne logfilen: %s"
+
+#: plugins/sudoers/logging.c:173
+#, c-format
+msgid "unable to lock log file: %s"
+msgstr "kan ikke låse logfilen: %s"
+
+#: plugins/sudoers/logging.c:206
+#, c-format
+msgid "unable to write log file: %s"
+msgstr "kan ikke skrive til logfilen: %s"
+
+#: plugins/sudoers/logging.c:235
+msgid "No user or host"
+msgstr "Ingen bruger eller vært"
+
+#: plugins/sudoers/logging.c:237
+msgid "validation failure"
+msgstr "valideringsfejl"
+
+#: plugins/sudoers/logging.c:244
+msgid "user NOT in sudoers"
+msgstr "bruger IKKE i sudoers"
+
+#: plugins/sudoers/logging.c:246
+msgid "user NOT authorized on host"
+msgstr "bruger IKKE autoriseret på vært"
+
+#: plugins/sudoers/logging.c:248
+msgid "command not allowed"
+msgstr "kommando ikke tilladt"
+
+#: plugins/sudoers/logging.c:283
+#, c-format
+msgid "%s is not in the sudoers file.  This incident will be reported.\n"
+msgstr "%s er ikke sudoersfilen. Denne handling vil blive rapporteret.\n"
+
+#: plugins/sudoers/logging.c:286
+#, c-format
+msgid "%s is not allowed to run sudo on %s.  This incident will be reported.\n"
+msgstr "%s har ikke tilladelse til at køre sudo på %s. Denne handling vil blive rapporteret.\n"
+
+#: plugins/sudoers/logging.c:290
+#, c-format
+msgid "Sorry, user %s may not run sudo on %s.\n"
+msgstr "Beklager. Bruger %s må ikke køre sudo på %s.\n"
+
+#: plugins/sudoers/logging.c:293
+#, c-format
+msgid "Sorry, user %s is not allowed to execute '%s%s%s' as %s%s%s on %s.\n"
+msgstr "Beklager. Bruger %s har ikke tilladelse til at køre »%s%s%s« som %s%s%s på %s.\n"
+
+#: plugins/sudoers/logging.c:330 plugins/sudoers/sudoers.c:433
+#: plugins/sudoers/sudoers.c:435 plugins/sudoers/sudoers.c:437
+#: plugins/sudoers/sudoers.c:439 plugins/sudoers/sudoers.c:594
+#: plugins/sudoers/sudoers.c:596
+#, c-format
+msgid "%s: command not found"
+msgstr "%s: Kommando ikke fundet"
+
+#: plugins/sudoers/logging.c:332 plugins/sudoers/sudoers.c:429
+#, c-format
+msgid ""
+"ignoring \"%s\" found in '.'\n"
+"Use \"sudo ./%s\" if this is the \"%s\" you wish to run."
+msgstr ""
+"ignorerer »%s« fundet i ».«\n"
+"Brug »sudo ./%s«, hvis dette er den »%s«, du ønsker at køre."
+
+#: plugins/sudoers/logging.c:349
+msgid "authentication failure"
+msgstr "godkendelsesfejl"
+
+#: plugins/sudoers/logging.c:375
+msgid "a password is required"
+msgstr "der kræves en adgangskode"
+
+#: plugins/sudoers/logging.c:438
+#, c-format
+msgid "%u incorrect password attempt"
+msgid_plural "%u incorrect password attempts"
+msgstr[0] "%u ukorrekt adgangskodeforsøg"
+msgstr[1] "%u ukorrekte adgangskodeforsøg"
+
+#: plugins/sudoers/logging.c:659
+msgid "unable to fork"
+msgstr "kan ikke forgrene"
+
+#: plugins/sudoers/logging.c:667 plugins/sudoers/logging.c:719
+#, c-format
+msgid "unable to fork: %m"
+msgstr "kan ikke forgrene: %m"
+
+#: plugins/sudoers/logging.c:709
+#, c-format
+msgid "unable to open pipe: %m"
+msgstr "kan ikke åbne datakanal: %m"
+
+#: plugins/sudoers/logging.c:734
+#, c-format
+msgid "unable to dup stdin: %m"
+msgstr "kan ikke dup stdin: %m"
+
+#: plugins/sudoers/logging.c:772
+#, c-format
+msgid "unable to execute %s: %m"
+msgstr "kan ikke køre %s: %m"
+
+#: plugins/sudoers/match.c:842
+#, c-format
+msgid "digest for %s (%s) is not in %s form"
+msgstr "sammendrag for %s (%s) er ikke i %s-form"
+
+#: plugins/sudoers/mkdir_parents.c:70 plugins/sudoers/sudoers.c:913
+#: plugins/sudoers/visudo.c:416 plugins/sudoers/visudo.c:712
+#, c-format
+msgid "unable to stat %s"
+msgstr "kan ikke stat %s"
+
+#: plugins/sudoers/parse.c:434
+#, c-format
+msgid ""
+"\n"
+"LDAP Role: %s\n"
+msgstr ""
+"\n"
+"LDAP-rolle: %s\n"
+
+#: plugins/sudoers/parse.c:437
+#, c-format
+msgid ""
+"\n"
+"Sudoers entry:\n"
+msgstr ""
+"\n"
+"Sudoers-punkt:\n"
+
+#: plugins/sudoers/parse.c:439
+#, c-format
+msgid "    RunAsUsers: "
+msgstr "    KørSomBrugere: "
+
+#: plugins/sudoers/parse.c:454
+#, c-format
+msgid "    RunAsGroups: "
+msgstr "    KørSomGrupper: "
+
+#: plugins/sudoers/parse.c:464
+#, c-format
+msgid "    Options: "
+msgstr "    Tilvalg: "
+
+#: plugins/sudoers/parse.c:518
+#, c-format
+msgid "    Commands:\n"
+msgstr "    Kommandoer:\n"
+
+#: plugins/sudoers/parse.c:709
+#, c-format
+msgid "Matching Defaults entries for %s on %s:\n"
+msgstr "Matchende standardpunkter for %s på %s:\n"
+
+#: plugins/sudoers/parse.c:727
+#, c-format
+msgid "Runas and Command-specific defaults for %s:\n"
+msgstr "Kør som og kommandospecifikke standarder for %s:\n"
+
+#: plugins/sudoers/parse.c:745
+#, c-format
+msgid "User %s may run the following commands on %s:\n"
+msgstr "Bruger %s må køre de følgende kommandoer på %s:\n"
+
+#: plugins/sudoers/parse.c:760
+#, c-format
+msgid "User %s is not allowed to run sudo on %s.\n"
+msgstr "Bruger %s har ikke tilladelse til at køre sudo på %s.\n"
+
+#: plugins/sudoers/policy.c:83 plugins/sudoers/policy.c:109
+#, c-format
+msgid "invalid %.*s set by sudo front-end"
+msgstr "ugyldig %.*s angivet af sudo-brugerfladen"
+
+#: plugins/sudoers/policy.c:288 plugins/sudoers/testsudoers.c:259
+msgid "unable to parse network address list"
+msgstr "kan ikke fortolke netværksadresseliste"
+
+#: plugins/sudoers/policy.c:432
+msgid "user name not set by sudo front-end"
+msgstr "brugernavn er ikke angivet af sudo-brugerfladen"
+
+#: plugins/sudoers/policy.c:436
+msgid "user ID not set by sudo front-end"
+msgstr "bruger-id er ikke angivet af sudo-brugerfladen"
+
+#: plugins/sudoers/policy.c:440
+msgid "group ID not set by sudo front-end"
+msgstr "gruppe-id er ikke angivet af sudo-brugerfladen"
+
+#: plugins/sudoers/policy.c:444
+msgid "host name not set by sudo front-end"
+msgstr "værtsnavn er ikke angivet af sudo-brugerfladen"
+
+#: plugins/sudoers/policy.c:797 plugins/sudoers/visudo.c:215
+#: plugins/sudoers/visudo.c:845
+#, c-format
+msgid "unable to execute %s"
+msgstr "kan ikke udføre %s"
+
+#: plugins/sudoers/policy.c:930
+#, c-format
+msgid "Sudoers policy plugin version %s\n"
+msgstr "Udvidelsesmodulversion %s for sudoerspolitik\n"
+
+#: plugins/sudoers/policy.c:932
+#, c-format
+msgid "Sudoers file grammar version %d\n"
+msgstr "Grammatikversion %d for sudoersfil\n"
+
+#: plugins/sudoers/policy.c:936
+#, c-format
+msgid ""
+"\n"
+"Sudoers path: %s\n"
+msgstr ""
+"\n"
+"Sudoers-sti: %s\n"
+
+#: plugins/sudoers/policy.c:939
+#, c-format
+msgid "nsswitch path: %s\n"
+msgstr "nsswitch-sti: %s\n"
+
+#: plugins/sudoers/policy.c:941
+#, c-format
+msgid "ldap.conf path: %s\n"
+msgstr "ldap.conf-sti: %s\n"
+
+#: plugins/sudoers/policy.c:942
+#, c-format
+msgid "ldap.secret path: %s\n"
+msgstr "ldap.secret-sti: %s\n"
+
+# lidt i tvivl om hvad hook er her, så har beholdt den uoversat
+# Er OK. Er enig med hensyn til hook, skal nok forstås som
+# fastgøringspunkt, men lyder for bøvlet
+#: plugins/sudoers/policy.c:975
+#, c-format
+msgid "unable to register hook of type %d (version %d.%d)"
+msgstr "kan ikke registrere »hook« af typen %d (version %d.%d)"
+
+#: plugins/sudoers/pwutil.c:214 plugins/sudoers/pwutil.c:233
+#, c-format
+msgid "unable to cache uid %u, out of memory"
+msgstr "kan ikke cache uid %u, ikke nok hukommelse"
+
+#: plugins/sudoers/pwutil.c:227
+#, c-format
+msgid "unable to cache uid %u, already exists"
+msgstr "kan ikke cache uid %u, findes allerede"
+
+#: plugins/sudoers/pwutil.c:287 plugins/sudoers/pwutil.c:305
+#: plugins/sudoers/pwutil.c:367 plugins/sudoers/pwutil.c:412
+#, c-format
+msgid "unable to cache user %s, out of memory"
+msgstr "kan ikke cache bruger %s, ikke nok hukommelse"
+
+#: plugins/sudoers/pwutil.c:300
+#, c-format
+msgid "unable to cache user %s, already exists"
+msgstr "kan ikke cache bruger %s, findes allerede"
+
+#: plugins/sudoers/pwutil.c:531 plugins/sudoers/pwutil.c:550
+#, c-format
+msgid "unable to cache gid %u, out of memory"
+msgstr "kan ikke cache gid %u, ikke nok hukommelse"
+
+#: plugins/sudoers/pwutil.c:544
+#, c-format
+msgid "unable to cache gid %u, already exists"
+msgstr "kan ikke cache gid %u, findes allerede"
+
+#: plugins/sudoers/pwutil.c:598 plugins/sudoers/pwutil.c:616
+#: plugins/sudoers/pwutil.c:663 plugins/sudoers/pwutil.c:705
+#, c-format
+msgid "unable to cache group %s, out of memory"
+msgstr "kan ikke cache gruppe %s, ikke nok hukommelse"
+
+#: plugins/sudoers/pwutil.c:611
+#, c-format
+msgid "unable to cache group %s, already exists"
+msgstr "kan ikke cache gruppe %s, findes allerede"
+
+#: plugins/sudoers/pwutil.c:831 plugins/sudoers/pwutil.c:883
+#: plugins/sudoers/pwutil.c:934 plugins/sudoers/pwutil.c:987
+#, c-format
+msgid "unable to cache group list for %s, already exists"
+msgstr "kan ikke cache gruppeliste for %s, findes allerede"
+
+#: plugins/sudoers/pwutil.c:837 plugins/sudoers/pwutil.c:888
+#: plugins/sudoers/pwutil.c:940 plugins/sudoers/pwutil.c:992
+#, c-format
+msgid "unable to cache group list for %s, out of memory"
+msgstr "kan ikke cache gruppeliste for %s, ikke nok hukommelse"
+
+#: plugins/sudoers/pwutil.c:877
+#, c-format
+msgid "unable to parse groups for %s"
+msgstr "kan ikke fortolke grupper for %s"
+
+#: plugins/sudoers/pwutil.c:981
+#, c-format
+msgid "unable to parse gids for %s"
+msgstr "kan ikke fortolke gid'er for %s"
+
+#: plugins/sudoers/set_perms.c:113 plugins/sudoers/set_perms.c:469
+#: plugins/sudoers/set_perms.c:912 plugins/sudoers/set_perms.c:1239
+#: plugins/sudoers/set_perms.c:1556
+msgid "perm stack overflow"
+msgstr "permanent stakoverløb"
+
+#: plugins/sudoers/set_perms.c:121 plugins/sudoers/set_perms.c:400
+#: plugins/sudoers/set_perms.c:477 plugins/sudoers/set_perms.c:779
+#: plugins/sudoers/set_perms.c:920 plugins/sudoers/set_perms.c:1163
+#: plugins/sudoers/set_perms.c:1247 plugins/sudoers/set_perms.c:1489
+#: plugins/sudoers/set_perms.c:1564 plugins/sudoers/set_perms.c:1654
+msgid "perm stack underflow"
+msgstr "permanent stakunderløb"
+
+#: plugins/sudoers/set_perms.c:180 plugins/sudoers/set_perms.c:523
+#: plugins/sudoers/set_perms.c:1298 plugins/sudoers/set_perms.c:1596
+msgid "unable to change to root gid"
+msgstr "kan ikke ændre til root gid"
+
+#: plugins/sudoers/set_perms.c:269 plugins/sudoers/set_perms.c:620
+#: plugins/sudoers/set_perms.c:1049 plugins/sudoers/set_perms.c:1375
+msgid "unable to change to runas gid"
+msgstr "kan ikke ændre til kør som gid"
+
+#: plugins/sudoers/set_perms.c:274 plugins/sudoers/set_perms.c:625
+#: plugins/sudoers/set_perms.c:1054 plugins/sudoers/set_perms.c:1380
+msgid "unable to set runas group vector"
+msgstr "kan ikke angive kør som gruppevektor"
+
+#: plugins/sudoers/set_perms.c:285 plugins/sudoers/set_perms.c:636
+#: plugins/sudoers/set_perms.c:1063 plugins/sudoers/set_perms.c:1389
+msgid "unable to change to runas uid"
+msgstr "kan ikke ændre til kør som uid"
+
+#: plugins/sudoers/set_perms.c:303 plugins/sudoers/set_perms.c:654
+#: plugins/sudoers/set_perms.c:1079 plugins/sudoers/set_perms.c:1405
+msgid "unable to change to sudoers gid"
+msgstr "kan ikke ændre til sudoers gid"
+
+#: plugins/sudoers/set_perms.c:387 plugins/sudoers/set_perms.c:766
+#: plugins/sudoers/set_perms.c:1150 plugins/sudoers/set_perms.c:1476
+#: plugins/sudoers/set_perms.c:1641
+msgid "too many processes"
+msgstr "for mange processer"
+
+#: plugins/sudoers/solaris_audit.c:51
+msgid "unable to get current working directory"
+msgstr "kan ikke hente nuværende arbejdsmappe"
+
+#: plugins/sudoers/solaris_audit.c:59
+#, c-format
+msgid "truncated audit path user_cmnd: %s"
+msgstr "afkortet revisionssti user_cmnd: %s"
+
+#: plugins/sudoers/solaris_audit.c:66
+#, c-format
+msgid "truncated audit path argv[0]: %s"
+msgstr "afkortet revisionssti argv[0]: %s"
+
+#: plugins/sudoers/solaris_audit.c:115
+msgid "audit_failure message too long"
+msgstr "audit_failure-besked er for lang"
+
+#: plugins/sudoers/sssd.c:552
+msgid "unable to initialize SSS source. Is SSSD installed on your machine?"
+msgstr "kan ikke initialisere SSS-kilde. Er SSSD installeret på din maskine?"
+
+#: plugins/sudoers/sssd.c:560 plugins/sudoers/sssd.c:569
+#: plugins/sudoers/sssd.c:578 plugins/sudoers/sssd.c:587
+#: plugins/sudoers/sssd.c:596
+#, c-format
+msgid "unable to find symbol \"%s\" in %s"
+msgstr "kan ikke finde symbol »%s« i %s"
+
+#: plugins/sudoers/sudoers.c:204 plugins/sudoers/sudoers.c:859
+msgid "problem with defaults entries"
+msgstr "problem med standardpunkter"
+
+#: plugins/sudoers/sudoers.c:208
+msgid "no valid sudoers sources found, quitting"
+msgstr "ingen gyldige sudoerskilder fundet, afslutter"
+
+#: plugins/sudoers/sudoers.c:246
+msgid "sudoers specifies that root is not allowed to sudo"
+msgstr "sudoers angiver at administrator (root) ikke har tilladelse til sudo"
+
+#: plugins/sudoers/sudoers.c:303
+msgid "you are not permitted to use the -C option"
+msgstr "du har ikke tilladelse til at bruge tilvalget -C"
+
+#: plugins/sudoers/sudoers.c:350
+#, c-format
+msgid "timestamp owner (%s): No such user"
+msgstr "tidsstempelejer (%s): Ingen sådan bruger"
+
+#: plugins/sudoers/sudoers.c:365
+msgid "no tty"
+msgstr "ingen tty"
+
+#: plugins/sudoers/sudoers.c:366
+msgid "sorry, you must have a tty to run sudo"
+msgstr "beklager, du skal bruge en tty for at køre sudo"
+
+#: plugins/sudoers/sudoers.c:428
+msgid "command in current directory"
+msgstr "kommando i aktuel mappe"
+
+#: plugins/sudoers/sudoers.c:447
+msgid "sorry, you are not allowed set a command timeout"
+msgstr "beklager, men du har ikke tilladelse til at angive tidsudløb for kommando"
+
+#: plugins/sudoers/sudoers.c:455
+msgid "sorry, you are not allowed to preserve the environment"
+msgstr "beklager, men du har ikke tilladelse til at bevare miljøet"
+
+#: plugins/sudoers/sudoers.c:803
+msgid "command too long"
+msgstr "kommando er for lang"
+
+#: plugins/sudoers/sudoers.c:917
+#, c-format
+msgid "%s is not a regular file"
+msgstr "%s er ikke en regulær fil"
+
+#: plugins/sudoers/sudoers.c:921 plugins/sudoers/timestamp.c:221 toke.l:968
+#, c-format
+msgid "%s is owned by uid %u, should be %u"
+msgstr "%s er ejet af uid %u, bør være %u"
+
+#: plugins/sudoers/sudoers.c:925 toke.l:973
+#, c-format
+msgid "%s is world writable"
+msgstr "%s er skrivbar for alle"
+
+#: plugins/sudoers/sudoers.c:929 toke.l:976
+#, c-format
+msgid "%s is owned by gid %u, should be %u"
+msgstr "%s er eget af gid %u, bør være %u"
+
+#: plugins/sudoers/sudoers.c:962
+#, c-format
+msgid "only root can use \"-c %s\""
+msgstr "kun administrator (root) kan bruge »-c %s«"
+
+#: plugins/sudoers/sudoers.c:981
+#, c-format
+msgid "unknown login class: %s"
+msgstr "ukendt logindklasse: %s"
+
+#: plugins/sudoers/sudoers.c:1064 plugins/sudoers/sudoers.c:1078
+#, c-format
+msgid "unable to resolve host %s"
+msgstr "kan ikke slå vært %s op"
+
+#: plugins/sudoers/sudoreplay.c:274
+#, c-format
+msgid "invalid filter option: %s"
+msgstr "ugyldigt filtertilvalg: %s"
+
+#: plugins/sudoers/sudoreplay.c:287
+#, c-format
+msgid "invalid max wait: %s"
+msgstr "ugyldig maks ventetid: %s"
+
+#: plugins/sudoers/sudoreplay.c:307
+#, c-format
+msgid "invalid speed factor: %s"
+msgstr "ugyldig hastighedsfaktor: %s"
+
+#: plugins/sudoers/sudoreplay.c:342
+#, c-format
+msgid "%s/%.2s/%.2s/%.2s/timing: %s"
+msgstr "%s/%.2s/%.2s/%.2s/timing: %s"
+
+#: plugins/sudoers/sudoreplay.c:348
+#, c-format
+msgid "%s/%s/timing: %s"
+msgstr "%s/%s/timing: %s"
+
+#: plugins/sudoers/sudoreplay.c:364
+#, c-format
+msgid "Replaying sudo session: %s"
+msgstr "Genafspiller sudosession: %s"
+
+#: plugins/sudoers/sudoreplay.c:562 plugins/sudoers/sudoreplay.c:609
+#: plugins/sudoers/sudoreplay.c:816 plugins/sudoers/sudoreplay.c:906
+#: plugins/sudoers/sudoreplay.c:985 plugins/sudoers/sudoreplay.c:1000
+#: plugins/sudoers/sudoreplay.c:1007 plugins/sudoers/sudoreplay.c:1014
+#: plugins/sudoers/sudoreplay.c:1021 plugins/sudoers/sudoreplay.c:1028
+#: plugins/sudoers/sudoreplay.c:1174
+msgid "unable to add event to queue"
+msgstr "kan ikke tilføje hændelse til køen"
+
+#: plugins/sudoers/sudoreplay.c:677
+msgid "unable to set tty to raw mode"
+msgstr "kan ikke angive tty til rå (raw) tilstand"
+
+#: plugins/sudoers/sudoreplay.c:728
+#, c-format
+msgid "Warning: your terminal is too small to properly replay the log.\n"
+msgstr "Advarsel: Din terminal er for lille til korrekt at afspille loggen.\n"
+
+#: plugins/sudoers/sudoreplay.c:729
+#, c-format
+msgid "Log geometry is %d x %d, your terminal's geometry is %d x %d."
+msgstr "Loggeometri er %d x %d, din terminals geometri er %d x %d."
+
+#: plugins/sudoers/sudoreplay.c:757
+msgid "Replay finished, press any key to restore the terminal."
+msgstr "Genafspilning er afsluttet. Tryk på en tast for at gendanne terminalen."
+
+#: plugins/sudoers/sudoreplay.c:790
+#, c-format
+msgid "invalid timing file line: %s"
+msgstr "ugyldig timingfillinje: %s"
+
+#: plugins/sudoers/sudoreplay.c:1208 plugins/sudoers/sudoreplay.c:1233
+#, c-format
+msgid "ambiguous expression \"%s\""
+msgstr "tvetydigt udtryk »%s«"
+
+#: plugins/sudoers/sudoreplay.c:1255
+msgid "unmatched ')' in expression"
+msgstr "manglende »)« i udtryk"
+
+#: plugins/sudoers/sudoreplay.c:1259
+#, c-format
+msgid "unknown search term \"%s\""
+msgstr "ukendt søgeterm »%s«"
+
+#: plugins/sudoers/sudoreplay.c:1274
+#, c-format
+msgid "%s requires an argument"
+msgstr "%s kræver et argument"
+
+#: plugins/sudoers/sudoreplay.c:1277 plugins/sudoers/sudoreplay.c:1657
+#, c-format
+msgid "invalid regular expression: %s"
+msgstr "ugyldigt regulært udtryk: %s"
+
+#: plugins/sudoers/sudoreplay.c:1281
+#, c-format
+msgid "could not parse date \"%s\""
+msgstr "kunne ikke fortolke dato »%s«"
+
+#: plugins/sudoers/sudoreplay.c:1290
+msgid "unmatched '(' in expression"
+msgstr "mangler »(« i udtryk"
+
+#: plugins/sudoers/sudoreplay.c:1292
+msgid "illegal trailing \"or\""
+msgstr "ugyldig kæde »or« (eller)"
+
+#: plugins/sudoers/sudoreplay.c:1294
+msgid "illegal trailing \"!\""
+msgstr "ugyldig kæde »!«"
+
+#: plugins/sudoers/sudoreplay.c:1343
+#, c-format
+msgid "unknown search type %d"
+msgstr "ukendt søgeterm %d"
+
+#: plugins/sudoers/sudoreplay.c:1381
+#, c-format
+msgid "%s: invalid log file"
+msgstr "%s: Ugyldig logfil"
+
+#: plugins/sudoers/sudoreplay.c:1399
+#, c-format
+msgid "%s: time stamp field is missing"
+msgstr "%s: Tidsstempelfelt mangler"
+
+#: plugins/sudoers/sudoreplay.c:1406
+#, c-format
+msgid "%s: time stamp %s: %s"
+msgstr "%s: Tidsstempel %s: %s"
+
+#: plugins/sudoers/sudoreplay.c:1413
+#, c-format
+msgid "%s: user field is missing"
+msgstr "%s: Brugerfelt mangler"
+
+#: plugins/sudoers/sudoreplay.c:1422
+#, c-format
+msgid "%s: runas user field is missing"
+msgstr "%s: runas-brugerfelt mangler"
+
+#: plugins/sudoers/sudoreplay.c:1431
+#, c-format
+msgid "%s: runas group field is missing"
+msgstr "%s: runas-gruppefelt mangler"
+
+#: plugins/sudoers/sudoreplay.c:1837
+#, c-format
+msgid "usage: %s [-hnR] [-d dir] [-m num] [-s num] ID\n"
+msgstr "brug: %s [-hnR] [-d mappe] [-m num] [-s num] ID\n"
+
+#: plugins/sudoers/sudoreplay.c:1840
+#, c-format
+msgid "usage: %s [-h] [-d dir] -l [search expression]\n"
+msgstr "brug: %s [-h] [-d mappe] -l [søgeudtryk]\n"
+
+#: plugins/sudoers/sudoreplay.c:1849
+#, c-format
+msgid ""
+"%s - replay sudo session logs\n"
+"\n"
+msgstr ""
+"%s - genafspil sudosessionslogge\n"
+"\n"
+
+#: plugins/sudoers/sudoreplay.c:1851
+msgid ""
+"\n"
+"Options:\n"
+"  -d, --directory=dir  specify directory for session logs\n"
+"  -f, --filter=filter  specify which I/O type(s) to display\n"
+"  -h, --help           display help message and exit\n"
+"  -l, --list           list available session IDs, with optional expression\n"
+"  -m, --max-wait=num   max number of seconds to wait between events\n"
+"  -s, --speed=num      speed up or slow down output\n"
+"  -V, --version        display version information and exit"
+msgstr ""
+"\n"
+"Tilvalg:\n"
+"  -d, --directory=dir  angiv mappe for sessionslogge\n"
+"  -f, --filter=filter  angiv hvilken I/O-type at vise\n"
+"  -h, --help           vis denne hjælpetekst og afslut\n"
+"  -l, --list           vis tilgængelige sessions-ID'er med valgfrit udtryk\n"
+"  -m, --max-wait=num   maks antal sekunder at vente mellem hændelser\n"
+"  -s, --speed=num      øg eller sænk uddata\n"
+"  -V, --version        vis versionsinformation og afslut"
+
+#: plugins/sudoers/testsudoers.c:328
+msgid "\thost  unmatched"
+msgstr "\thost  matchede ikke"
+
+#: plugins/sudoers/testsudoers.c:331
+msgid ""
+"\n"
+"Command allowed"
+msgstr ""
+"\n"
+"Kommando tilladt"
+
+#: plugins/sudoers/testsudoers.c:332
+msgid ""
+"\n"
+"Command denied"
+msgstr ""
+"\n"
+"Kommando nægtet"
+
+#: plugins/sudoers/testsudoers.c:332
+msgid ""
+"\n"
+"Command unmatched"
+msgstr ""
+"\n"
+"Kommando ikke matchet"
+
+#: plugins/sudoers/timestamp.c:229
+#, c-format
+msgid "%s is group writable"
+msgstr "%s er gruppe-skrivbar"
+
+#: plugins/sudoers/timestamp.c:305
+#, c-format
+msgid "unable to truncate time stamp file to %lld bytes"
+msgstr "kan ikke afkorte tidsstempelfil til %lld byte"
+
+#: plugins/sudoers/timestamp.c:792 plugins/sudoers/timestamp.c:884
+#: plugins/sudoers/visudo.c:477 plugins/sudoers/visudo.c:483
+msgid "unable to read the clock"
+msgstr "kan ikke læse uret"
+
+#: plugins/sudoers/timestamp.c:803
+msgid "ignoring time stamp from the future"
+msgstr "ignorerer tidsstempel fra fremtiden"
+
+#: plugins/sudoers/timestamp.c:826
+#, c-format
+msgid "time stamp too far in the future: %20.20s"
+msgstr "tidsstempel for langt ude i fremtiden: %20.20s"
+
+#: plugins/sudoers/timestamp.c:948
+#, c-format
+msgid "unable to lock time stamp file %s"
+msgstr "kan ikke låse tidsstempelfilen %s"
+
+#: plugins/sudoers/timestamp.c:992 plugins/sudoers/timestamp.c:1012
+#, c-format
+msgid "lecture status path too long: %s/%s"
+msgstr "undervisningsstatussti er for lang: %s/%s"
+
+#: plugins/sudoers/visudo.c:211
+msgid "the -x option will be removed in a future release"
+msgstr "tilvalget -x vil blive fjernet i fremtidige udgivelser"
+
+#: plugins/sudoers/visudo.c:212
+msgid "please consider using the cvtsudoers utility instead"
+msgstr "overvej i stedet for at bruge redskabet cvtsudoers"
+
+#: plugins/sudoers/visudo.c:263 plugins/sudoers/visudo.c:645
+#, c-format
+msgid "press return to edit %s: "
+msgstr "tryk retur for at redigere %s: "
+
+#: plugins/sudoers/visudo.c:324
+#, c-format
+msgid "specified editor (%s) doesn't exist"
+msgstr "angivet redigeringsprogram (%s) findes ikke"
+
+#: plugins/sudoers/visudo.c:326
+#, c-format
+msgid "no editor found (editor path = %s)"
+msgstr "intet redigeringsprogram fundet (sti for redigeringsprogram = %s)"
+
+#: plugins/sudoers/visudo.c:436 plugins/sudoers/visudo.c:444
+msgid "write error"
+msgstr "skrivefejl"
+
+#: plugins/sudoers/visudo.c:490
+#, c-format
+msgid "unable to stat temporary file (%s), %s unchanged"
+msgstr "kan ikke stat midlertidig fil (%s), %s unchanged"
+
+#: plugins/sudoers/visudo.c:497
+#, c-format
+msgid "zero length temporary file (%s), %s unchanged"
+msgstr "midlertidig fil med nullængde (%s), %s uændret"
+
+#: plugins/sudoers/visudo.c:503
+#, c-format
+msgid "editor (%s) failed, %s unchanged"
+msgstr "redigeringsprogram (%s) fejlede, %s uændret"
+
+#: plugins/sudoers/visudo.c:525
+#, c-format
+msgid "%s unchanged"
+msgstr "%s uændret"
+
+#: plugins/sudoers/visudo.c:584
+#, c-format
+msgid "unable to re-open temporary file (%s), %s unchanged."
+msgstr "kan ikke genåbne midlertidig fil (%s), %s uændrede."
+
+#: plugins/sudoers/visudo.c:596
+#, c-format
+msgid "unabled to parse temporary file (%s), unknown error"
+msgstr "kan ikke fortolke midlertidig fil (%s), ukendt fejl"
+
+#: plugins/sudoers/visudo.c:634
+#, c-format
+msgid "internal error, unable to find %s in list!"
+msgstr "intern fejl, kan ikke finde %s på listen!"
+
+#: plugins/sudoers/visudo.c:714 plugins/sudoers/visudo.c:723
+#, c-format
+msgid "unable to set (uid, gid) of %s to (%u, %u)"
+msgstr "kan ikke angive (uid, gid) af %s til (%u, %u)"
+
+#: plugins/sudoers/visudo.c:745
+#, c-format
+msgid "%s and %s not on the same file system, using mv to rename"
+msgstr "%s og %s er ikke på det samme filsystem, bruger mv til at omdøbe"
+
+#: plugins/sudoers/visudo.c:759
+#, c-format
+msgid "command failed: '%s %s %s', %s unchanged"
+msgstr "kommando fejlede: »%s %s %s«, %s uændret"
+
+#: plugins/sudoers/visudo.c:769
+#, c-format
+msgid "error renaming %s, %s unchanged"
+msgstr "fejl under omdøbing af %s, %s uændret"
+
+#: plugins/sudoers/visudo.c:790
+msgid "What now? "
+msgstr "Hvad nu? "
+
+#: plugins/sudoers/visudo.c:804
+msgid ""
+"Options are:\n"
+"  (e)dit sudoers file again\n"
+"  e(x)it without saving changes to sudoers file\n"
+"  (Q)uit and save changes to sudoers file (DANGER!)\n"
+msgstr ""
+"Tilvalg er:\n"
+"  r(e)diger sudoersfil igen\n"
+"  afslut(x) uden at gemme ændringer til sudoersfil\n"
+"  afslut(Q) og gem ændringer til sudoersfil (FARLIGT!)\n"
+
+#: plugins/sudoers/visudo.c:850
+#, c-format
+msgid "unable to run %s"
+msgstr "kan ikke køre %s"
+
+#: plugins/sudoers/visudo.c:880
+#, c-format
+msgid "%s: wrong owner (uid, gid) should be (%u, %u)\n"
+msgstr "%s: forkert ejer (uid, gid) bør være (%u, %u)\n"
+
+#: plugins/sudoers/visudo.c:887
+#, c-format
+msgid "%s: bad permissions, should be mode 0%o\n"
+msgstr "%s: ugyldige rettigheder, bør være tilstand 0%o\n"
+
+#: plugins/sudoers/visudo.c:944 plugins/sudoers/visudo.c:951
+#, c-format
+msgid "%s: parsed OK\n"
+msgstr "%s: fortolket o.k.\n"
+
+#: plugins/sudoers/visudo.c:998
+#, c-format
+msgid "%s busy, try again later"
+msgstr "%s travl, forsøg igen senere"
+
+#: plugins/sudoers/visudo.c:1038
+#, c-format
+msgid "Error: %s:%d cycle in %s \"%s\""
+msgstr "Fejl: %s:%d: cyklus i %s »%s«"
+
+#: plugins/sudoers/visudo.c:1039
+#, c-format
+msgid "Warning: %s:%d cycle in %s \"%s\""
+msgstr "Advarsel: %s:%d: cyklus i %s »%s«"
+
+#: plugins/sudoers/visudo.c:1043
+#, c-format
+msgid "Error: %s:%d %s \"%s\" referenced but not defined"
+msgstr "Fejl: %s:%d %s »%s« refereret men ikke defineret"
+
+#: plugins/sudoers/visudo.c:1044
+#, c-format
+msgid "Warning: %s:%d %s \"%s\" referenced but not defined"
+msgstr "Advarsel: %s:%d %s »%s« refereret men ikke defineret"
+
+# (ental)
+#: plugins/sudoers/visudo.c:1137
+#, c-format
+msgid "Warning: %s:%d unused %s \"%s\""
+msgstr "Advarsel: %s:%d ubrugt %s »%s«"
+
+#: plugins/sudoers/visudo.c:1252
+#, c-format
+msgid ""
+"%s - safely edit the sudoers file\n"
+"\n"
+msgstr ""
+"%s - rediger sikkert sudoersfilen\n"
+"\n"
+
+#: plugins/sudoers/visudo.c:1254
+msgid ""
+"\n"
+"Options:\n"
+"  -c, --check              check-only mode\n"
+"  -f, --file=sudoers       specify sudoers file location\n"
+"  -h, --help               display help message and exit\n"
+"  -q, --quiet              less verbose (quiet) syntax error messages\n"
+"  -s, --strict             strict syntax checking\n"
+"  -V, --version            display version information and exit\n"
+msgstr ""
+"\n"
+"Tilvalg:\n"
+"  -c, --check              kun kontroltilstand\n"
+"  -f, --file=file          angiv filplacering for sudoers\n"
+"  -h, --help               vis denne hjælpetekst og afslut\n"
+"  -q, --quiet              mindre uddybende (stille) beskeder for syntaksfejl\n"
+"  -s, --strict             streng syntakskontrol\n"
+"  -V, --version            vis information om version og afslut\n"
+
+#: toke.l:942
+msgid "too many levels of includes"
+msgstr "for mange niveauer af includes (inkluderinger)"
diff --git a/plugins/sudoers/po/de.mo b/plugins/sudoers/po/de.mo
new file mode 100644
index 0000000..ae6278d
--- /dev/null
+++ b/plugins/sudoers/po/de.mo
diff --git a/plugins/sudoers/po/de.po b/plugins/sudoers/po/de.po
new file mode 100644
index 0000000..67b23ea
--- /dev/null
+++ b/plugins/sudoers/po/de.po
@@ -0,0 +1,2357 @@
+# Portable object template file for the sudoers plugin
+# This file is put in the public domain.
+# Todd C. Miller <Todd.Miller@courtesan.com>, 2011-2013
+# Hendrik Knackstedt <hendrik.knackstedt@t-online.de>, 2013
+# Mario Blättermann  <mario.blaettermann@gmail.com>, 2015.
+# Jochen Hein <jochen@jochen.org>, 2001-2018.
+msgid ""
+msgstr ""
+"Project-Id-Version: sudoers 1.8.26b1\n"
+"Report-Msgid-Bugs-To: https://bugzilla.sudo.ws\n"
+"POT-Creation-Date: 2018-10-29 08:31-0600\n"
+"PO-Revision-Date: 2018-11-02 22:41+0100\n"
+"Last-Translator: Jochen Hein <jochen@jochen.org>\n"
+"Language-Team: German <translation-team-de@lists.sourceforge.net>\n"
+"Language: German\n"
+"MIME-Version: 1.0\n"
+"Content-Type: text/plain; charset=UTF-8\n"
+"Content-Transfer-Encoding: 8bit\n"
+"X-Bugs: Report translation errors to the Language-Team address.\n"
+"Plural-Forms: nplurals=2; plural=(n != 1);\n"
+
+#: confstr.sh:1
+msgid "syntax error"
+msgstr "Syntax-Fehler"
+
+#: confstr.sh:2
+msgid "%p's password: "
+msgstr "%p's Passwort: "
+
+#: confstr.sh:3
+msgid "[sudo] password for %p: "
+msgstr "[sudo] Passwort für %p: "
+
+#: confstr.sh:4
+msgid "Password: "
+msgstr "Passwort: "
+
+#: confstr.sh:5
+msgid "*** SECURITY information for %h ***"
+msgstr "*** Sicherheits-Information für %h ***"
+
+#: confstr.sh:6
+msgid "Sorry, try again."
+msgstr "Das hat nicht funktioniert, bitte nochmal probieren."
+
+#: gram.y:192 gram.y:240 gram.y:247 gram.y:254 gram.y:261 gram.y:268
+#: gram.y:284 gram.y:308 gram.y:315 gram.y:322 gram.y:329 gram.y:336
+#: gram.y:399 gram.y:407 gram.y:417 gram.y:450 gram.y:457 gram.y:464
+#: gram.y:471 gram.y:553 gram.y:560 gram.y:569 gram.y:578 gram.y:595
+#: gram.y:707 gram.y:714 gram.y:721 gram.y:729 gram.y:829 gram.y:836
+#: gram.y:843 gram.y:850 gram.y:857 gram.y:883 gram.y:890 gram.y:897
+#: gram.y:1020 gram.y:1294 plugins/sudoers/alias.c:130
+#: plugins/sudoers/alias.c:137 plugins/sudoers/alias.c:153
+#: plugins/sudoers/auth/bsdauth.c:146 plugins/sudoers/auth/kerb5.c:121
+#: plugins/sudoers/auth/kerb5.c:147 plugins/sudoers/auth/pam.c:524
+#: plugins/sudoers/auth/rfc1938.c:114 plugins/sudoers/auth/sia.c:62
+#: plugins/sudoers/cvtsudoers.c:123 plugins/sudoers/cvtsudoers.c:164
+#: plugins/sudoers/cvtsudoers.c:181 plugins/sudoers/cvtsudoers.c:192
+#: plugins/sudoers/cvtsudoers.c:304 plugins/sudoers/cvtsudoers.c:432
+#: plugins/sudoers/cvtsudoers.c:565 plugins/sudoers/cvtsudoers.c:582
+#: plugins/sudoers/cvtsudoers.c:645 plugins/sudoers/cvtsudoers.c:760
+#: plugins/sudoers/cvtsudoers.c:768 plugins/sudoers/cvtsudoers.c:1178
+#: plugins/sudoers/cvtsudoers.c:1182 plugins/sudoers/cvtsudoers.c:1284
+#: plugins/sudoers/cvtsudoers_ldif.c:152 plugins/sudoers/cvtsudoers_ldif.c:195
+#: plugins/sudoers/cvtsudoers_ldif.c:242 plugins/sudoers/cvtsudoers_ldif.c:261
+#: plugins/sudoers/cvtsudoers_ldif.c:332 plugins/sudoers/cvtsudoers_ldif.c:387
+#: plugins/sudoers/cvtsudoers_ldif.c:395 plugins/sudoers/cvtsudoers_ldif.c:412
+#: plugins/sudoers/cvtsudoers_ldif.c:421 plugins/sudoers/cvtsudoers_ldif.c:568
+#: plugins/sudoers/defaults.c:661 plugins/sudoers/defaults.c:954
+#: plugins/sudoers/defaults.c:1125 plugins/sudoers/editor.c:70
+#: plugins/sudoers/editor.c:88 plugins/sudoers/editor.c:99
+#: plugins/sudoers/env.c:247 plugins/sudoers/filedigest.c:64
+#: plugins/sudoers/filedigest.c:80 plugins/sudoers/gc.c:57
+#: plugins/sudoers/group_plugin.c:136 plugins/sudoers/interfaces.c:76
+#: plugins/sudoers/iolog.c:939 plugins/sudoers/iolog_path.c:172
+#: plugins/sudoers/iolog_util.c:83 plugins/sudoers/iolog_util.c:122
+#: plugins/sudoers/iolog_util.c:131 plugins/sudoers/iolog_util.c:141
+#: plugins/sudoers/iolog_util.c:149 plugins/sudoers/iolog_util.c:153
+#: plugins/sudoers/ldap.c:183 plugins/sudoers/ldap.c:414
+#: plugins/sudoers/ldap.c:418 plugins/sudoers/ldap.c:430
+#: plugins/sudoers/ldap.c:721 plugins/sudoers/ldap.c:885
+#: plugins/sudoers/ldap.c:1233 plugins/sudoers/ldap.c:1660
+#: plugins/sudoers/ldap.c:1697 plugins/sudoers/ldap.c:1778
+#: plugins/sudoers/ldap.c:1913 plugins/sudoers/ldap.c:2014
+#: plugins/sudoers/ldap.c:2030 plugins/sudoers/ldap_conf.c:221
+#: plugins/sudoers/ldap_conf.c:252 plugins/sudoers/ldap_conf.c:304
+#: plugins/sudoers/ldap_conf.c:340 plugins/sudoers/ldap_conf.c:443
+#: plugins/sudoers/ldap_conf.c:458 plugins/sudoers/ldap_conf.c:555
+#: plugins/sudoers/ldap_conf.c:588 plugins/sudoers/ldap_conf.c:680
+#: plugins/sudoers/ldap_conf.c:762 plugins/sudoers/ldap_util.c:508
+#: plugins/sudoers/ldap_util.c:564 plugins/sudoers/linux_audit.c:81
+#: plugins/sudoers/logging.c:195 plugins/sudoers/logging.c:511
+#: plugins/sudoers/logging.c:532 plugins/sudoers/logging.c:573
+#: plugins/sudoers/logging.c:752 plugins/sudoers/logging.c:1010
+#: plugins/sudoers/match.c:725 plugins/sudoers/match.c:772
+#: plugins/sudoers/match.c:813 plugins/sudoers/match.c:841
+#: plugins/sudoers/match.c:929 plugins/sudoers/match.c:1009
+#: plugins/sudoers/parse.c:195 plugins/sudoers/parse.c:207
+#: plugins/sudoers/parse.c:222 plugins/sudoers/parse.c:234
+#: plugins/sudoers/parse_ldif.c:141 plugins/sudoers/parse_ldif.c:168
+#: plugins/sudoers/parse_ldif.c:237 plugins/sudoers/parse_ldif.c:244
+#: plugins/sudoers/parse_ldif.c:249 plugins/sudoers/parse_ldif.c:325
+#: plugins/sudoers/parse_ldif.c:336 plugins/sudoers/parse_ldif.c:342
+#: plugins/sudoers/parse_ldif.c:367 plugins/sudoers/parse_ldif.c:379
+#: plugins/sudoers/parse_ldif.c:383 plugins/sudoers/parse_ldif.c:397
+#: plugins/sudoers/parse_ldif.c:564 plugins/sudoers/parse_ldif.c:594
+#: plugins/sudoers/parse_ldif.c:619 plugins/sudoers/parse_ldif.c:679
+#: plugins/sudoers/parse_ldif.c:698 plugins/sudoers/parse_ldif.c:744
+#: plugins/sudoers/parse_ldif.c:754 plugins/sudoers/policy.c:502
+#: plugins/sudoers/policy.c:744 plugins/sudoers/prompt.c:98
+#: plugins/sudoers/pwutil.c:197 plugins/sudoers/pwutil.c:269
+#: plugins/sudoers/pwutil.c:346 plugins/sudoers/pwutil.c:520
+#: plugins/sudoers/pwutil.c:586 plugins/sudoers/pwutil.c:656
+#: plugins/sudoers/pwutil.c:814 plugins/sudoers/pwutil.c:871
+#: plugins/sudoers/pwutil.c:916 plugins/sudoers/pwutil.c:974
+#: plugins/sudoers/sssd.c:152 plugins/sudoers/sssd.c:398
+#: plugins/sudoers/sssd.c:461 plugins/sudoers/sssd.c:505
+#: plugins/sudoers/sssd.c:552 plugins/sudoers/sssd.c:743
+#: plugins/sudoers/stubs.c:101 plugins/sudoers/stubs.c:109
+#: plugins/sudoers/sudoers.c:269 plugins/sudoers/sudoers.c:279
+#: plugins/sudoers/sudoers.c:288 plugins/sudoers/sudoers.c:330
+#: plugins/sudoers/sudoers.c:653 plugins/sudoers/sudoers.c:779
+#: plugins/sudoers/sudoers.c:823 plugins/sudoers/sudoers.c:1097
+#: plugins/sudoers/sudoers_debug.c:112 plugins/sudoers/sudoreplay.c:579
+#: plugins/sudoers/sudoreplay.c:582 plugins/sudoers/sudoreplay.c:1259
+#: plugins/sudoers/sudoreplay.c:1459 plugins/sudoers/sudoreplay.c:1463
+#: plugins/sudoers/testsudoers.c:134 plugins/sudoers/testsudoers.c:234
+#: plugins/sudoers/testsudoers.c:251 plugins/sudoers/testsudoers.c:585
+#: plugins/sudoers/timestamp.c:437 plugins/sudoers/timestamp.c:481
+#: plugins/sudoers/timestamp.c:958 plugins/sudoers/toke_util.c:57
+#: plugins/sudoers/toke_util.c:110 plugins/sudoers/toke_util.c:147
+#: plugins/sudoers/tsdump.c:128 plugins/sudoers/visudo.c:150
+#: plugins/sudoers/visudo.c:312 plugins/sudoers/visudo.c:318
+#: plugins/sudoers/visudo.c:428 plugins/sudoers/visudo.c:606
+#: plugins/sudoers/visudo.c:926 plugins/sudoers/visudo.c:1013
+#: plugins/sudoers/visudo.c:1102 toke.l:844 toke.l:945 toke.l:1102
+msgid "unable to allocate memory"
+msgstr "Es kann kein Speicher mehr alloziert werden"
+
+#: gram.y:482
+msgid "a digest requires a path name"
+msgstr "Eine Prüfsumme erfordert einen Pfadnamen"
+
+#: gram.y:608
+msgid "invalid notbefore value"
+msgstr "ungültiger Wert für »notbefore«"
+
+#: gram.y:616
+msgid "invalid notafter value"
+msgstr "ungültiger Wert für »notafter«"
+
+#: gram.y:625 plugins/sudoers/policy.c:318
+msgid "timeout value too large"
+msgstr "Wert für Timeout ist zu groß"
+
+#: gram.y:627 plugins/sudoers/policy.c:320
+msgid "invalid timeout value"
+msgstr "ungültiger Wert für Timeout"
+
+#: gram.y:1294 plugins/sudoers/auth/pam.c:354 plugins/sudoers/auth/pam.c:524
+#: plugins/sudoers/auth/rfc1938.c:114 plugins/sudoers/cvtsudoers.c:123
+#: plugins/sudoers/cvtsudoers.c:163 plugins/sudoers/cvtsudoers.c:180
+#: plugins/sudoers/cvtsudoers.c:191 plugins/sudoers/cvtsudoers.c:303
+#: plugins/sudoers/cvtsudoers.c:431 plugins/sudoers/cvtsudoers.c:564
+#: plugins/sudoers/cvtsudoers.c:581 plugins/sudoers/cvtsudoers.c:645
+#: plugins/sudoers/cvtsudoers.c:760 plugins/sudoers/cvtsudoers.c:767
+#: plugins/sudoers/cvtsudoers.c:1178 plugins/sudoers/cvtsudoers.c:1182
+#: plugins/sudoers/cvtsudoers.c:1284 plugins/sudoers/cvtsudoers_ldif.c:151
+#: plugins/sudoers/cvtsudoers_ldif.c:194 plugins/sudoers/cvtsudoers_ldif.c:241
+#: plugins/sudoers/cvtsudoers_ldif.c:260 plugins/sudoers/cvtsudoers_ldif.c:331
+#: plugins/sudoers/cvtsudoers_ldif.c:386 plugins/sudoers/cvtsudoers_ldif.c:394
+#: plugins/sudoers/cvtsudoers_ldif.c:411 plugins/sudoers/cvtsudoers_ldif.c:420
+#: plugins/sudoers/cvtsudoers_ldif.c:567 plugins/sudoers/defaults.c:661
+#: plugins/sudoers/defaults.c:954 plugins/sudoers/defaults.c:1125
+#: plugins/sudoers/editor.c:70 plugins/sudoers/editor.c:88
+#: plugins/sudoers/editor.c:99 plugins/sudoers/env.c:247
+#: plugins/sudoers/filedigest.c:64 plugins/sudoers/filedigest.c:80
+#: plugins/sudoers/gc.c:57 plugins/sudoers/group_plugin.c:136
+#: plugins/sudoers/interfaces.c:76 plugins/sudoers/iolog.c:939
+#: plugins/sudoers/iolog_path.c:172 plugins/sudoers/iolog_util.c:83
+#: plugins/sudoers/iolog_util.c:122 plugins/sudoers/iolog_util.c:131
+#: plugins/sudoers/iolog_util.c:141 plugins/sudoers/iolog_util.c:149
+#: plugins/sudoers/iolog_util.c:153 plugins/sudoers/ldap.c:183
+#: plugins/sudoers/ldap.c:414 plugins/sudoers/ldap.c:418
+#: plugins/sudoers/ldap.c:430 plugins/sudoers/ldap.c:721
+#: plugins/sudoers/ldap.c:885 plugins/sudoers/ldap.c:1233
+#: plugins/sudoers/ldap.c:1660 plugins/sudoers/ldap.c:1697
+#: plugins/sudoers/ldap.c:1778 plugins/sudoers/ldap.c:1913
+#: plugins/sudoers/ldap.c:2014 plugins/sudoers/ldap.c:2030
+#: plugins/sudoers/ldap_conf.c:221 plugins/sudoers/ldap_conf.c:252
+#: plugins/sudoers/ldap_conf.c:304 plugins/sudoers/ldap_conf.c:340
+#: plugins/sudoers/ldap_conf.c:443 plugins/sudoers/ldap_conf.c:458
+#: plugins/sudoers/ldap_conf.c:555 plugins/sudoers/ldap_conf.c:588
+#: plugins/sudoers/ldap_conf.c:679 plugins/sudoers/ldap_conf.c:762
+#: plugins/sudoers/ldap_util.c:508 plugins/sudoers/ldap_util.c:564
+#: plugins/sudoers/linux_audit.c:81 plugins/sudoers/logging.c:195
+#: plugins/sudoers/logging.c:511 plugins/sudoers/logging.c:532
+#: plugins/sudoers/logging.c:572 plugins/sudoers/logging.c:1010
+#: plugins/sudoers/match.c:724 plugins/sudoers/match.c:771
+#: plugins/sudoers/match.c:813 plugins/sudoers/match.c:841
+#: plugins/sudoers/match.c:929 plugins/sudoers/match.c:1008
+#: plugins/sudoers/parse.c:194 plugins/sudoers/parse.c:206
+#: plugins/sudoers/parse.c:221 plugins/sudoers/parse.c:233
+#: plugins/sudoers/parse_ldif.c:140 plugins/sudoers/parse_ldif.c:167
+#: plugins/sudoers/parse_ldif.c:236 plugins/sudoers/parse_ldif.c:243
+#: plugins/sudoers/parse_ldif.c:248 plugins/sudoers/parse_ldif.c:324
+#: plugins/sudoers/parse_ldif.c:335 plugins/sudoers/parse_ldif.c:341
+#: plugins/sudoers/parse_ldif.c:366 plugins/sudoers/parse_ldif.c:378
+#: plugins/sudoers/parse_ldif.c:382 plugins/sudoers/parse_ldif.c:396
+#: plugins/sudoers/parse_ldif.c:564 plugins/sudoers/parse_ldif.c:593
+#: plugins/sudoers/parse_ldif.c:618 plugins/sudoers/parse_ldif.c:678
+#: plugins/sudoers/parse_ldif.c:697 plugins/sudoers/parse_ldif.c:743
+#: plugins/sudoers/parse_ldif.c:753 plugins/sudoers/policy.c:132
+#: plugins/sudoers/policy.c:141 plugins/sudoers/policy.c:150
+#: plugins/sudoers/policy.c:176 plugins/sudoers/policy.c:303
+#: plugins/sudoers/policy.c:318 plugins/sudoers/policy.c:320
+#: plugins/sudoers/policy.c:346 plugins/sudoers/policy.c:356
+#: plugins/sudoers/policy.c:400 plugins/sudoers/policy.c:410
+#: plugins/sudoers/policy.c:419 plugins/sudoers/policy.c:428
+#: plugins/sudoers/policy.c:502 plugins/sudoers/policy.c:744
+#: plugins/sudoers/prompt.c:98 plugins/sudoers/pwutil.c:197
+#: plugins/sudoers/pwutil.c:269 plugins/sudoers/pwutil.c:346
+#: plugins/sudoers/pwutil.c:520 plugins/sudoers/pwutil.c:586
+#: plugins/sudoers/pwutil.c:656 plugins/sudoers/pwutil.c:814
+#: plugins/sudoers/pwutil.c:871 plugins/sudoers/pwutil.c:916
+#: plugins/sudoers/pwutil.c:974 plugins/sudoers/set_perms.c:392
+#: plugins/sudoers/set_perms.c:771 plugins/sudoers/set_perms.c:1155
+#: plugins/sudoers/set_perms.c:1481 plugins/sudoers/set_perms.c:1646
+#: plugins/sudoers/sssd.c:151 plugins/sudoers/sssd.c:398
+#: plugins/sudoers/sssd.c:461 plugins/sudoers/sssd.c:505
+#: plugins/sudoers/sssd.c:552 plugins/sudoers/sssd.c:743
+#: plugins/sudoers/stubs.c:101 plugins/sudoers/stubs.c:109
+#: plugins/sudoers/sudoers.c:269 plugins/sudoers/sudoers.c:279
+#: plugins/sudoers/sudoers.c:288 plugins/sudoers/sudoers.c:330
+#: plugins/sudoers/sudoers.c:653 plugins/sudoers/sudoers.c:779
+#: plugins/sudoers/sudoers.c:823 plugins/sudoers/sudoers.c:1097
+#: plugins/sudoers/sudoers_debug.c:111 plugins/sudoers/sudoreplay.c:579
+#: plugins/sudoers/sudoreplay.c:582 plugins/sudoers/sudoreplay.c:1259
+#: plugins/sudoers/sudoreplay.c:1459 plugins/sudoers/sudoreplay.c:1463
+#: plugins/sudoers/testsudoers.c:134 plugins/sudoers/testsudoers.c:234
+#: plugins/sudoers/testsudoers.c:251 plugins/sudoers/testsudoers.c:585
+#: plugins/sudoers/timestamp.c:437 plugins/sudoers/timestamp.c:481
+#: plugins/sudoers/timestamp.c:958 plugins/sudoers/toke_util.c:57
+#: plugins/sudoers/toke_util.c:110 plugins/sudoers/toke_util.c:147
+#: plugins/sudoers/tsdump.c:128 plugins/sudoers/visudo.c:150
+#: plugins/sudoers/visudo.c:312 plugins/sudoers/visudo.c:318
+#: plugins/sudoers/visudo.c:428 plugins/sudoers/visudo.c:606
+#: plugins/sudoers/visudo.c:926 plugins/sudoers/visudo.c:1013
+#: plugins/sudoers/visudo.c:1102 toke.l:844 toke.l:945 toke.l:1102
+#, c-format
+msgid "%s: %s"
+msgstr "%s: %s"
+
+#: plugins/sudoers/alias.c:148
+#, c-format
+msgid "Alias \"%s\" already defined"
+msgstr "Alias »%s« ist bereits definiert"
+
+#: plugins/sudoers/auth/bsdauth.c:73
+#, c-format
+msgid "unable to get login class for user %s"
+msgstr "Die Anmeldeklasse des Benutzers »%s« kann nicht gelesen werden"
+
+#: plugins/sudoers/auth/bsdauth.c:78
+msgid "unable to begin bsd authentication"
+msgstr "Die BSD-Authentifizierung kann nicht begonnen werden"
+
+#: plugins/sudoers/auth/bsdauth.c:86
+msgid "invalid authentication type"
+msgstr "Ungültiger Authentifizierungstyp"
+
+#: plugins/sudoers/auth/bsdauth.c:95
+msgid "unable to initialize BSD authentication"
+msgstr "Die BSD-Authentifizierung kann nicht begonnen werden"
+
+#: plugins/sudoers/auth/bsdauth.c:183
+msgid "your account has expired"
+msgstr "Ihr Account ist abgelaufen"
+
+#: plugins/sudoers/auth/bsdauth.c:185
+msgid "approval failed"
+msgstr "Genehmigung fehlgeschlagen"
+
+#: plugins/sudoers/auth/fwtk.c:57
+msgid "unable to read fwtk config"
+msgstr "Die fwtk-Konfiguration kann nicht gelesen werden"
+
+#: plugins/sudoers/auth/fwtk.c:62
+msgid "unable to connect to authentication server"
+msgstr "Verbindung zum Authentifizierungsserver kann nicht aufgebaut werden"
+
+#: plugins/sudoers/auth/fwtk.c:68 plugins/sudoers/auth/fwtk.c:92
+#: plugins/sudoers/auth/fwtk.c:124
+msgid "lost connection to authentication server"
+msgstr "Verbindung zum Authentisierungsserver verloren"
+
+#: plugins/sudoers/auth/fwtk.c:72
+#, c-format
+msgid ""
+"authentication server error:\n"
+"%s"
+msgstr ""
+"Fehler des Authentifizierungsservers:\n"
+"%s"
+
+#: plugins/sudoers/auth/kerb5.c:113
+#, c-format
+msgid "%s: unable to convert principal to string ('%s'): %s"
+msgstr "%s: Principal kann nicht in eine Zeichenkette umgewandelt werden (»%s«): %s"
+
+#: plugins/sudoers/auth/kerb5.c:163
+#, c-format
+msgid "%s: unable to parse '%s': %s"
+msgstr "%s: »%s« kann nicht ausgewertet werden: %s"
+
+# XXX check source?
+#: plugins/sudoers/auth/kerb5.c:172
+#, c-format
+msgid "%s: unable to resolve credential cache: %s"
+msgstr "%s: Anmeldedaten-Zwischenspeicher kann nicht aufgelöst werden: %s"
+
+#: plugins/sudoers/auth/kerb5.c:219
+#, c-format
+msgid "%s: unable to allocate options: %s"
+msgstr "%s: Optionen können nicht zugewiesen werden: %s"
+
+#: plugins/sudoers/auth/kerb5.c:234
+#, c-format
+msgid "%s: unable to get credentials: %s"
+msgstr "%s: Anmeldedaten können nicht bekommen werden: %s"
+
+#: plugins/sudoers/auth/kerb5.c:247
+#, c-format
+msgid "%s: unable to initialize credential cache: %s"
+msgstr "%s: Anmeldedaten-Zwischenspeicher kann nicht initialisiert werden: %s"
+
+#: plugins/sudoers/auth/kerb5.c:250
+#, c-format
+msgid "%s: unable to store credential in cache: %s"
+msgstr "%s: Anmeldedaten können nicht im Zwischenspeicher abgelegt werden: %s"
+
+#: plugins/sudoers/auth/kerb5.c:314
+#, c-format
+msgid "%s: unable to get host principal: %s"
+msgstr "%s: Rechner-Principal kann nicht bekommen werden: %s"
+
+#: plugins/sudoers/auth/kerb5.c:328
+#, c-format
+msgid "%s: Cannot verify TGT! Possible attack!: %s"
+msgstr "%s: TGT kann nicht verifiziert werden! Möglicher Angriff!: %s"
+
+#: plugins/sudoers/auth/pam.c:113
+msgid "unable to initialize PAM"
+msgstr "PAM kann nicht initialisiert werden"
+
+#: plugins/sudoers/auth/pam.c:204
+#, c-format
+msgid "PAM authentication error: %s"
+msgstr "Fehler bei der PAM-Authentifizierung: %s"
+
+#: plugins/sudoers/auth/pam.c:221
+msgid "account validation failure, is your account locked?"
+msgstr "Fehler bei der Validierung des Kontos, ist das Konto gesperrt?"
+
+#: plugins/sudoers/auth/pam.c:229
+msgid "Account or password is expired, reset your password and try again"
+msgstr "Konto oder Passwort ist abgelaufen, bitte Passwort zurücksetzen und nochmal probieren"
+
+#: plugins/sudoers/auth/pam.c:238
+#, c-format
+msgid "unable to change expired password: %s"
+msgstr "Das abgelaufene Passwort kann nicht geändert werden: %s«"
+
+#: plugins/sudoers/auth/pam.c:246
+msgid "Password expired, contact your system administrator"
+msgstr "Das Passwort ist abgelaufen, bitte wenden Sie sich an den Systemadministrator"
+
+#: plugins/sudoers/auth/pam.c:250
+msgid "Account expired or PAM config lacks an \"account\" section for sudo, contact your system administrator"
+msgstr "Das Konto ist abgelaufen oder in der PAM-Konfiguration fehlt der »account«-Abschnitt für sudo.  Bitte wenden Sie sich an den Systemadministrator"
+
+#: plugins/sudoers/auth/pam.c:257 plugins/sudoers/auth/pam.c:262
+#, c-format
+msgid "PAM account management error: %s"
+msgstr "Fehler beim PAM-Account-Management: %s"
+
+#: plugins/sudoers/auth/rfc1938.c:102 plugins/sudoers/visudo.c:232
+#, c-format
+msgid "you do not exist in the %s database"
+msgstr "Der Benutzer existiert in der %s-Datenbank nicht"
+
+#: plugins/sudoers/auth/securid5.c:75
+msgid "failed to initialise the ACE API library"
+msgstr "Die ACE-API-Bibliothek konnte nicht initialisiert werden"
+
+#: plugins/sudoers/auth/securid5.c:101
+msgid "unable to contact the SecurID server"
+msgstr "SecurID-Server kann nicht erreicht werden"
+
+#: plugins/sudoers/auth/securid5.c:110
+msgid "User ID locked for SecurID Authentication"
+msgstr "Benutzer-ID ist für SecurID-Authentifizierung gesperrt"
+
+#: plugins/sudoers/auth/securid5.c:114 plugins/sudoers/auth/securid5.c:165
+msgid "invalid username length for SecurID"
+msgstr "Ungültige Länge des Benutzernamens für SecurID"
+
+#: plugins/sudoers/auth/securid5.c:118 plugins/sudoers/auth/securid5.c:170
+msgid "invalid Authentication Handle for SecurID"
+msgstr "Ungültiges Authentifizierungs-Handle für SecurID"
+
+#: plugins/sudoers/auth/securid5.c:122
+msgid "SecurID communication failed"
+msgstr "SecurID-Kommunikation fehlgeschlagen"
+
+#: plugins/sudoers/auth/securid5.c:126 plugins/sudoers/auth/securid5.c:215
+msgid "unknown SecurID error"
+msgstr "Unbekannter SecurID-Fehler"
+
+#: plugins/sudoers/auth/securid5.c:160
+msgid "invalid passcode length for SecurID"
+msgstr "Ungültige Länge des Passcodes für SecurID"
+
+#: plugins/sudoers/auth/sia.c:72 plugins/sudoers/auth/sia.c:127
+msgid "unable to initialize SIA session"
+msgstr "Die SIA-Sitzung kann nicht initialisiert werden"
+
+#: plugins/sudoers/auth/sudo_auth.c:136
+msgid "invalid authentication methods"
+msgstr "Ungültige Authentifizierungsmethoden"
+
+#: plugins/sudoers/auth/sudo_auth.c:138
+msgid "Invalid authentication methods compiled into sudo!  You may not mix standalone and non-standalone authentication."
+msgstr "Ungültige Authentifizierungsmethoden sind in sudo einkompiliert! Standalone- und Nicht-Standalone-Authentifizierung können nicht zusammen verwendet werden."
+
+#: plugins/sudoers/auth/sudo_auth.c:259 plugins/sudoers/auth/sudo_auth.c:309
+msgid "no authentication methods"
+msgstr "Keine Authentifizierungsmethoden"
+
+#: plugins/sudoers/auth/sudo_auth.c:261
+msgid "There are no authentication methods compiled into sudo!  If you want to turn off authentication, use the --disable-authentication configure option."
+msgstr "Es sind keine Authentifizierungsmethoden in sudo einkompiliert! Wenn Sie die Authentifizierung wirklich abschalten wollen, verwenden Sie bitte die configure-Option »--disable-authentication«."
+
+#: plugins/sudoers/auth/sudo_auth.c:311
+msgid "Unable to initialize authentication methods."
+msgstr "Die Authentifizierungsmethoden können nicht initialisiert werden."
+
+#: plugins/sudoers/auth/sudo_auth.c:477
+msgid "Authentication methods:"
+msgstr "Authentifizierungsmethoden:"
+
+#: plugins/sudoers/bsm_audit.c:123 plugins/sudoers/bsm_audit.c:215
+msgid "Could not determine audit condition"
+msgstr "Der Audit-Zustand kann nicht bestimmt werden"
+
+#: plugins/sudoers/bsm_audit.c:188 plugins/sudoers/bsm_audit.c:279
+msgid "unable to commit audit record"
+msgstr "Audit-Satz kann nicht auf Platte geschrieben werden"
+
+#: plugins/sudoers/check.c:267
+msgid ""
+"\n"
+"We trust you have received the usual lecture from the local System\n"
+"Administrator. It usually boils down to these three things:\n"
+"\n"
+"    #1) Respect the privacy of others.\n"
+"    #2) Think before you type.\n"
+"    #3) With great power comes great responsibility.\n"
+"\n"
+msgstr ""
+"\n"
+"Wir gehen davon aus, dass der lokale Systemadministrator Ihnen die\n"
+"Regeln erklärt hat.  Normalerweise läuft es auf drei Regeln hinaus:\n"
+"\n"
+"    #1) Respektieren Sie die Privatsphäre anderer.\n"
+"    #2) Denken Sie nach, bevor Sie tippen.\n"
+"    #3) Mit großer Macht kommt große Verantwortung.\n"
+"\n"
+
+#: plugins/sudoers/check.c:310 plugins/sudoers/check.c:320
+#: plugins/sudoers/sudoers.c:696 plugins/sudoers/sudoers.c:741
+#: plugins/sudoers/tsdump.c:124
+#, c-format
+msgid "unknown uid: %u"
+msgstr "Unbekannte Benutzer-ID: %u"
+
+#: plugins/sudoers/check.c:315 plugins/sudoers/iolog.c:253
+#: plugins/sudoers/policy.c:915 plugins/sudoers/sudoers.c:1136
+#: plugins/sudoers/testsudoers.c:225 plugins/sudoers/testsudoers.c:398
+#, c-format
+msgid "unknown user: %s"
+msgstr "Unbekannter Benutzer: %s"
+
+#: plugins/sudoers/cvtsudoers.c:198
+#, c-format
+msgid "order increment: %s: %s"
+msgstr "Schrittgröße: %s: %s"
+
+#: plugins/sudoers/cvtsudoers.c:214
+#, c-format
+msgid "starting order: %s: %s"
+msgstr "Start der Folge: %s: %s"
+
+#: plugins/sudoers/cvtsudoers.c:224
+#, c-format
+msgid "order padding: %s: %s"
+msgstr "Auffüllen der Folge: %s: %s"
+
+#: plugins/sudoers/cvtsudoers.c:232 plugins/sudoers/sudoreplay.c:287
+#: plugins/sudoers/visudo.c:182
+#, c-format
+msgid "%s version %s\n"
+msgstr "%s Version %s\n"
+
+#: plugins/sudoers/cvtsudoers.c:234 plugins/sudoers/visudo.c:184
+#, c-format
+msgid "%s grammar version %d\n"
+msgstr "%s-Grammatik Version %d\n"
+
+#: plugins/sudoers/cvtsudoers.c:251 plugins/sudoers/testsudoers.c:173
+#, c-format
+msgid "unsupported input format %s"
+msgstr "Nicht unterstütztes Eingabeformat %s"
+
+#: plugins/sudoers/cvtsudoers.c:266
+#, c-format
+msgid "unsupported output format %s"
+msgstr "Nicht unterstütztes Ausgabeformat %s"
+
+#: plugins/sudoers/cvtsudoers.c:318
+#, c-format
+msgid "%s: input and output files must be different"
+msgstr "%s: Eingabe- und Ausgabedatei müssen unterschiedlich sein"
+
+#: plugins/sudoers/cvtsudoers.c:334 plugins/sudoers/sudoers.c:172
+#: plugins/sudoers/testsudoers.c:264 plugins/sudoers/visudo.c:238
+#: plugins/sudoers/visudo.c:594 plugins/sudoers/visudo.c:917
+msgid "unable to initialize sudoers default values"
+msgstr "Standardwerte für sudoers können nicht initialisiert werden"
+
+#: plugins/sudoers/cvtsudoers.c:420 plugins/sudoers/ldap_conf.c:433
+#, c-format
+msgid "%s: %s: %s: %s"
+msgstr "%s: %s: %s: %s"
+
+#: plugins/sudoers/cvtsudoers.c:479
+#, c-format
+msgid "%s: unknown key word: %s"
+msgstr "%s: unbekanntes Schlüsselwort: %s"
+
+#: plugins/sudoers/cvtsudoers.c:525
+#, c-format
+msgid "invalid defaults type: %s"
+msgstr "Ungültiger Standardtyp: %s"
+
+#: plugins/sudoers/cvtsudoers.c:548
+#, c-format
+msgid "invalid suppression type: %s"
+msgstr "ungültiger suppression Typ: %s"
+
+#: plugins/sudoers/cvtsudoers.c:588 plugins/sudoers/cvtsudoers.c:602
+#, c-format
+msgid "invalid filter: %s"
+msgstr "Ungültiger Filter: %s"
+
+#: plugins/sudoers/cvtsudoers.c:621 plugins/sudoers/cvtsudoers.c:638
+#: plugins/sudoers/cvtsudoers.c:1244 plugins/sudoers/cvtsudoers_json.c:1128
+#: plugins/sudoers/cvtsudoers_ldif.c:641 plugins/sudoers/iolog.c:411
+#: plugins/sudoers/iolog_util.c:72 plugins/sudoers/sudoers.c:903
+#: plugins/sudoers/sudoreplay.c:333 plugins/sudoers/sudoreplay.c:1425
+#: plugins/sudoers/timestamp.c:446 plugins/sudoers/tsdump.c:133
+#: plugins/sudoers/visudo.c:913
+#, c-format
+msgid "unable to open %s"
+msgstr "Die Datei »%s« kann nicht geöffnet werden"
+
+#: plugins/sudoers/cvtsudoers.c:641 plugins/sudoers/visudo.c:922
+#, c-format
+msgid "failed to parse %s file, unknown error"
+msgstr "Analyse der Datei %s gescheitert, unbekannter Fehler"
+
+#: plugins/sudoers/cvtsudoers.c:649 plugins/sudoers/visudo.c:939
+#, c-format
+msgid "parse error in %s near line %d\n"
+msgstr "Analysefehler in %s nahe Zeile %d\n"
+
+#: plugins/sudoers/cvtsudoers.c:652 plugins/sudoers/visudo.c:942
+#, c-format
+msgid "parse error in %s\n"
+msgstr "Analysefehler in %s\n"
+
+#: plugins/sudoers/cvtsudoers.c:1291 plugins/sudoers/iolog.c:498
+#: plugins/sudoers/sudoreplay.c:1129 plugins/sudoers/timestamp.c:330
+#: plugins/sudoers/timestamp.c:333
+#, c-format
+msgid "unable to write to %s"
+msgstr "In die Datei »%s« kann nicht geschrieben werden"
+
+#: plugins/sudoers/cvtsudoers.c:1314
+#, c-format
+msgid ""
+"%s - convert between sudoers file formats\n"
+"\n"
+msgstr ""
+"%s – zwischen sudoers Dateiformaten konvertieren\n"
+"\n"
+
+# XXX
+#: plugins/sudoers/cvtsudoers.c:1316
+msgid ""
+"\n"
+"Options:\n"
+"  -b, --base=dn              the base DN for sudo LDAP queries\n"
+"  -d, --defaults=deftypes    only convert Defaults of the specified types\n"
+"  -e, --expand-aliases       expand aliases when converting\n"
+"  -f, --output-format=format set output format: JSON, LDIF or sudoers\n"
+"  -i, --input-format=format  set input format: LDIF or sudoers\n"
+"  -I, --increment=num        amount to increase each sudoOrder by\n"
+"  -h, --help                 display help message and exit\n"
+"  -m, --match=filter         only convert entries that match the filter\n"
+"  -M, --match-local          match filter uses passwd and group databases\n"
+"  -o, --output=output_file   write converted sudoers to output_file\n"
+"  -O, --order-start=num      starting point for first sudoOrder\n"
+"  -p, --prune-matches        prune non-matching users, groups and hosts\n"
+"  -P, --padding=num          base padding for sudoOrder increment\n"
+"  -s, --suppress=sections    suppress output of certain sections\n"
+"  -V, --version              display version information and exit"
+msgstr ""
+"\n"
+"Optionen:\n"
+"  -b, --base=dn              Der Basis DN für sudo LDAP Abfragen\n"
+"  -d, --defaults=deftypes    Konvertiere nur Defaults von spezifischen Typen\n"
+"  -e, --expand-aliases       Expandiere Aliase beim Konvertieren\n"
+"  -f, --output-format=format Ausgabeformat: JSON, LDIF oder sudoers\n"
+"  -i, --input-format=format  Eingabeformat: LDIF oder sudoers\n"
+"  -I, --increment=num        Größe der Schrittweite für sudoOrder\n"
+"  -h, --help                 Zeige diese Hilfe an und Ende\n"
+"  -m, --match=filter         Konvertiere nur Einträge die zum Filter passen\n"
+"  -M, --match-local          Filter verwendet passwd und group Databank\n"
+"  -o, --output=output_file   Schreibe die konvertiere sudoers in die Ausgabe-Datei\n"
+"  -P, --padding=num          Auffüllen der sudoOrder Folge\n"
+"  -O, --order-start=num      Start für die erste sudoOrder\n"
+"  -p, --prune-matches        nicht passende Benutzer, Gruppen und Hosts nicht ausgeben\n"
+"  -s, --suppress=sections    Unterdrücke Ausgabe von bestimmten Abschnitten\n"
+"  -V, --version              Zeige Versionsinformationen an und Ende"
+
+#: plugins/sudoers/cvtsudoers_json.c:682 plugins/sudoers/cvtsudoers_json.c:718
+#: plugins/sudoers/cvtsudoers_json.c:936
+#, c-format
+msgid "unknown defaults entry \"%s\""
+msgstr "unbekannter defaults-Eintrag »%s«"
+
+#: plugins/sudoers/cvtsudoers_json.c:856 plugins/sudoers/cvtsudoers_json.c:871
+#: plugins/sudoers/cvtsudoers_ldif.c:306 plugins/sudoers/cvtsudoers_ldif.c:317
+#: plugins/sudoers/ldap.c:480
+msgid "unable to get GMT time"
+msgstr "Die GMT-Zeit kann nicht bekommen werden"
+
+#: plugins/sudoers/cvtsudoers_json.c:859 plugins/sudoers/cvtsudoers_json.c:874
+#: plugins/sudoers/cvtsudoers_ldif.c:309 plugins/sudoers/cvtsudoers_ldif.c:320
+#: plugins/sudoers/ldap.c:486
+msgid "unable to format timestamp"
+msgstr "Der Zeitstempel kann nicht formatiert werden"
+
+#: plugins/sudoers/cvtsudoers_ldif.c:524 plugins/sudoers/env.c:309
+#: plugins/sudoers/env.c:316 plugins/sudoers/env.c:421
+#: plugins/sudoers/ldap.c:494 plugins/sudoers/ldap.c:725
+#: plugins/sudoers/ldap.c:1052 plugins/sudoers/ldap_conf.c:225
+#: plugins/sudoers/ldap_conf.c:315 plugins/sudoers/linux_audit.c:87
+#: plugins/sudoers/logging.c:1015 plugins/sudoers/policy.c:623
+#: plugins/sudoers/policy.c:633 plugins/sudoers/prompt.c:166
+#: plugins/sudoers/sudoers.c:845 plugins/sudoers/testsudoers.c:255
+#: plugins/sudoers/toke_util.c:159
+#, c-format
+msgid "internal error, %s overflow"
+msgstr "Interner Fehler, %s-Überlauf"
+
+#: plugins/sudoers/cvtsudoers_ldif.c:593
+#, c-format
+msgid "too many sudoers entries, maximum %u"
+msgstr "Zu viele sudoers Einträge, Maximum ist %u"
+
+#: plugins/sudoers/cvtsudoers_ldif.c:636
+msgid "the SUDOERS_BASE environment variable is not set and the -b option was not specified."
+msgstr "Die Umgebunsvariable SUDOERS_BASE ist nicht gesetzt und die Option -b ist nicht angegeben."
+
+#: plugins/sudoers/def_data.c:42
+#, c-format
+msgid "Syslog facility if syslog is being used for logging: %s"
+msgstr "Syslog Facility, wenn syslog für Protokollierung verwendet wird: %s"
+
+#: plugins/sudoers/def_data.c:46
+#, c-format
+msgid "Syslog priority to use when user authenticates successfully: %s"
+msgstr "Syslog-Priorität, wenn sich der Benutzer erfolgreich authentifiziert: %s"
+
+#: plugins/sudoers/def_data.c:50
+#, c-format
+msgid "Syslog priority to use when user authenticates unsuccessfully: %s"
+msgstr "Syslog-Priorität, wenn sich der Benutzer nicht erfolgreich authentifiziert: %s"
+
+#: plugins/sudoers/def_data.c:54
+msgid "Put OTP prompt on its own line"
+msgstr "Die OTP-Eingabeaufforderung (One-Time-Passwords) in eine eigene Zeile schreiben"
+
+#: plugins/sudoers/def_data.c:58
+msgid "Ignore '.' in $PATH"
+msgstr "».« in $PATH ignorieren"
+
+#: plugins/sudoers/def_data.c:62
+msgid "Always send mail when sudo is run"
+msgstr "Immer eine Mail senden, wenn sudo gestartet wird"
+
+#: plugins/sudoers/def_data.c:66
+msgid "Send mail if user authentication fails"
+msgstr "Eine Mail senden, wenn die Authentifizierung des Benutzers fehlschlägt"
+
+#: plugins/sudoers/def_data.c:70
+msgid "Send mail if the user is not in sudoers"
+msgstr "Eine Mail senden, wenn der Benutzer nicht in der sudoers-Datei steht"
+
+#: plugins/sudoers/def_data.c:74
+msgid "Send mail if the user is not in sudoers for this host"
+msgstr "Eine Mail senden, wenn der Benutzer nicht in der sudoers-Datei für diesen Rechner steht"
+
+#: plugins/sudoers/def_data.c:78
+msgid "Send mail if the user is not allowed to run a command"
+msgstr "Eine Mail senden, wenn der Benutzer nicht berechtigt ist, einen Befehl auszuführen"
+
+#: plugins/sudoers/def_data.c:82
+msgid "Send mail if the user tries to run a command"
+msgstr "Eine Mail senden, wenn der Benutzer versucht, einen Befehl auszuführen"
+
+#: plugins/sudoers/def_data.c:86
+msgid "Use a separate timestamp for each user/tty combo"
+msgstr "Getrennte Zeitstempel für jede Benutzer/tty-Kombination verwenden"
+
+#: plugins/sudoers/def_data.c:90
+msgid "Lecture user the first time they run sudo"
+msgstr "Den Benutzer beim ersten Aufruf von sudo belehren"
+
+#: plugins/sudoers/def_data.c:94
+#, c-format
+msgid "File containing the sudo lecture: %s"
+msgstr "Datei mit der sudo-Belehrung: %s"
+
+#: plugins/sudoers/def_data.c:98
+msgid "Require users to authenticate by default"
+msgstr "Standardmäßig muss sich der Benutzer authentifizieren"
+
+#: plugins/sudoers/def_data.c:102
+msgid "Root may run sudo"
+msgstr "Root darf sudo verwenden"
+
+#: plugins/sudoers/def_data.c:106
+msgid "Log the hostname in the (non-syslog) log file"
+msgstr "Den Hostnamen in der (nicht-syslog-)Protokolldatei speichern"
+
+#: plugins/sudoers/def_data.c:110
+msgid "Log the year in the (non-syslog) log file"
+msgstr "Das Jahr in der (nicht-syslog-)Protokolldatei speichern"
+
+#: plugins/sudoers/def_data.c:114
+msgid "If sudo is invoked with no arguments, start a shell"
+msgstr "Eine Shell starten, wenn sudo ohne Parameter aufgerufen wird"
+
+#: plugins/sudoers/def_data.c:118
+msgid "Set $HOME to the target user when starting a shell with -s"
+msgstr "Die Umgebungsvariable $HOME beim Starten einer Shell mit »-s« setzen"
+
+#: plugins/sudoers/def_data.c:122
+msgid "Always set $HOME to the target user's home directory"
+msgstr "Immer die Variable $HOME auf das Home-Verzeichnis des Ziel-Benutzers setzen"
+
+#: plugins/sudoers/def_data.c:126
+msgid "Allow some information gathering to give useful error messages"
+msgstr "Informationssammlung für nützliche Fehlermeldungen erlauben"
+
+#: plugins/sudoers/def_data.c:130
+msgid "Require fully-qualified hostnames in the sudoers file"
+msgstr "Vollständige Hostnamen in der sudoers-Datei erfordern"
+
+#: plugins/sudoers/def_data.c:134
+msgid "Insult the user when they enter an incorrect password"
+msgstr "»Beschimpfung« bei Eingabe eines falschen Passwortes"
+
+#: plugins/sudoers/def_data.c:138
+msgid "Only allow the user to run sudo if they have a tty"
+msgstr "Der Benutzer darf sudo nur aufrufen, wenn ein tty vorhanden ist"
+
+#: plugins/sudoers/def_data.c:142
+msgid "Visudo will honor the EDITOR environment variable"
+msgstr "Visudo beachtet die Umgebungsvariable »EDITOR«"
+
+#: plugins/sudoers/def_data.c:146
+msgid "Prompt for root's password, not the users's"
+msgstr "Nach dem root-Passwort fragen, nicht nach dem Passwort des Benutzers"
+
+#: plugins/sudoers/def_data.c:150
+msgid "Prompt for the runas_default user's password, not the users's"
+msgstr "Nach dem Passwort des Benutzers »runas_default« fragen, nicht nach dem Passwort des aufrufenden Benutzers"
+
+#: plugins/sudoers/def_data.c:154
+msgid "Prompt for the target user's password, not the users's"
+msgstr "Nach dem Passwort des Ziel-Benutzers fragen, nicht nach dem Passwort des aufrufenden Benutzers"
+
+#: plugins/sudoers/def_data.c:158
+msgid "Apply defaults in the target user's login class if there is one"
+msgstr "Standards auf die Anmeldeklasse des Zielbenutzers anwenden, falls diese vorhanden ist"
+
+#: plugins/sudoers/def_data.c:162
+msgid "Set the LOGNAME and USER environment variables"
+msgstr "Die Umgebungsvariablen »LOGNAME« und »USER« setzen"
+
+#: plugins/sudoers/def_data.c:166
+msgid "Only set the effective uid to the target user, not the real uid"
+msgstr "Nur die effektive UID auf den Ziel-Benutzer setzen, nicht die reale UID"
+
+#: plugins/sudoers/def_data.c:170
+msgid "Don't initialize the group vector to that of the target user"
+msgstr "Die sekundären Gruppen nicht auf die Gruppen des Ziel-Benutzers setzen"
+
+#: plugins/sudoers/def_data.c:174
+#, c-format
+msgid "Length at which to wrap log file lines (0 for no wrap): %u"
+msgstr "Zeilenlänge der Protokolldatei für Zeilenumbruch (0 für keinen Zeilenumbruch): %u"
+
+#: plugins/sudoers/def_data.c:178
+#, c-format
+msgid "Authentication timestamp timeout: %.1f minutes"
+msgstr "Zeitlimit für den Authentifizierungszeitstempel: %.1f Minuten"
+
+#: plugins/sudoers/def_data.c:182
+#, c-format
+msgid "Password prompt timeout: %.1f minutes"
+msgstr "Zeitlimit bei der Eingabe des Passwortes: %.1f Minuten"
+
+#: plugins/sudoers/def_data.c:186
+#, c-format
+msgid "Number of tries to enter a password: %u"
+msgstr "Anzahl Versuche zur Eingabe des Passwortes: %u"
+
+#: plugins/sudoers/def_data.c:190
+#, c-format
+msgid "Umask to use or 0777 to use user's: 0%o"
+msgstr "Zu verwendende Umask oder 0777, um die Umask des Benutzers zu verwenden: 0%o"
+
+#: plugins/sudoers/def_data.c:194
+#, c-format
+msgid "Path to log file: %s"
+msgstr "Pfad zur Protokolldatei: %s"
+
+#: plugins/sudoers/def_data.c:198
+#, c-format
+msgid "Path to mail program: %s"
+msgstr "Pfad zum Mail-Programm: %s"
+
+#: plugins/sudoers/def_data.c:202
+#, c-format
+msgid "Flags for mail program: %s"
+msgstr "Parameter für das Mail-Programm: %s"
+
+#: plugins/sudoers/def_data.c:206
+#, c-format
+msgid "Address to send mail to: %s"
+msgstr "Mail-Adresse des Empfängers: %s"
+
+#: plugins/sudoers/def_data.c:210
+#, c-format
+msgid "Address to send mail from: %s"
+msgstr "Mail-Adresse des Absenders: %s"
+
+#: plugins/sudoers/def_data.c:214
+#, c-format
+msgid "Subject line for mail messages: %s"
+msgstr "Betreffzeile für Mails: %s"
+
+#: plugins/sudoers/def_data.c:218
+#, c-format
+msgid "Incorrect password message: %s"
+msgstr "Meldung bei Eingabe eines falschen Passwortes: %s"
+
+#: plugins/sudoers/def_data.c:222
+#, c-format
+msgid "Path to lecture status dir: %s"
+msgstr "Verzeichnis für den Belehrungsstatus: %s"
+
+#: plugins/sudoers/def_data.c:226
+#, c-format
+msgid "Path to authentication timestamp dir: %s"
+msgstr "Pfad zum Authentifizierungszeitstempel-Verzeichnis: %s"
+
+#: plugins/sudoers/def_data.c:230
+#, c-format
+msgid "Owner of the authentication timestamp dir: %s"
+msgstr "Besitzer des Authentifizierungszeitstempelverzeichnisses: %s"
+
+#: plugins/sudoers/def_data.c:234
+#, c-format
+msgid "Users in this group are exempt from password and PATH requirements: %s"
+msgstr "Benutzer in dieser Gruppe sind von Passwort- und PATH-Anforderungen ausgenommen: %s"
+
+#: plugins/sudoers/def_data.c:238
+#, c-format
+msgid "Default password prompt: %s"
+msgstr "Standard-Eingabeaufforderung für das Passwort: %s"
+
+#: plugins/sudoers/def_data.c:242
+msgid "If set, passprompt will override system prompt in all cases."
+msgstr "Überschreibt in allen Fällen bei der Passwortabfrage die Systemabfrage, falls gesetzt."
+
+#: plugins/sudoers/def_data.c:246
+#, c-format
+msgid "Default user to run commands as: %s"
+msgstr "Standardbenutzer, unter dem die Befehle ausgeführt werden: %s"
+
+#: plugins/sudoers/def_data.c:250
+#, c-format
+msgid "Value to override user's $PATH with: %s"
+msgstr "Wert, mit dem der Inhalt von $PATH des Benutzers überschrieben werden soll: %s"
+
+#: plugins/sudoers/def_data.c:254
+#, c-format
+msgid "Path to the editor for use by visudo: %s"
+msgstr "Pfad zum Editor, den visudo verwenden soll: %s"
+
+#: plugins/sudoers/def_data.c:258
+#, c-format
+msgid "When to require a password for 'list' pseudocommand: %s"
+msgstr "Wann soll ein Passwort für den Pseudobefehl »list« erforderlich sein: %s"
+
+#: plugins/sudoers/def_data.c:262
+#, c-format
+msgid "When to require a password for 'verify' pseudocommand: %s"
+msgstr "Wann soll ein Passwort für den Pseudobefehl »verify« erforderlich sein: %s"
+
+#: plugins/sudoers/def_data.c:266
+msgid "Preload the dummy exec functions contained in the sudo_noexec library"
+msgstr "Die Dummy-exec-Funktion aus der Bibliothek sudo_noexec vorladen"
+
+#: plugins/sudoers/def_data.c:270
+msgid "If LDAP directory is up, do we ignore local sudoers file"
+msgstr "Wenn das LDAP-Verzeichnis erreichbar ist, wird die lokale sudoers-Datei ignoriert?"
+
+#: plugins/sudoers/def_data.c:274
+#, c-format
+msgid "File descriptors >= %d will be closed before executing a command"
+msgstr "Datei-Deskriptoren >= %d werden geschlossen, bevor ein Befehl ausgeführt wird"
+
+#: plugins/sudoers/def_data.c:278
+msgid "If set, users may override the value of `closefrom' with the -C option"
+msgstr "Benutzer können den Wert für »closeform« mit der der Option -C überschreiben, wenn diese Option gesetzt ist."
+
+#: plugins/sudoers/def_data.c:282
+msgid "Allow users to set arbitrary environment variables"
+msgstr "Benutzern das Setzen beliebiger Umgebungsvariablen erlauben"
+
+#: plugins/sudoers/def_data.c:286
+msgid "Reset the environment to a default set of variables"
+msgstr "Die Umgebung auf einen Standardsatz an Variablen zurücksetzen"
+
+#: plugins/sudoers/def_data.c:290
+msgid "Environment variables to check for sanity:"
+msgstr "Folgende Umgebungsvariablen prüfen:"
+
+#: plugins/sudoers/def_data.c:294
+msgid "Environment variables to remove:"
+msgstr "Folgende Umgebungsvariablen löschen:"
+
+#: plugins/sudoers/def_data.c:298
+msgid "Environment variables to preserve:"
+msgstr "Folgende Umgebungsvariablen bewahren:"
+
+#: plugins/sudoers/def_data.c:302
+#, c-format
+msgid "SELinux role to use in the new security context: %s"
+msgstr "Im neuen Security-Kontext von SELinux wird diese Rolle verwendet: %s"
+
+#: plugins/sudoers/def_data.c:306
+#, c-format
+msgid "SELinux type to use in the new security context: %s"
+msgstr "Im neuen Security-Kontext von SELinux wird dieser Typ verwendet: %s"
+
+#: plugins/sudoers/def_data.c:310
+#, c-format
+msgid "Path to the sudo-specific environment file: %s"
+msgstr "Pfad zur sudo-spezifischen »environment«-Datei: %s"
+
+# XXX
+#: plugins/sudoers/def_data.c:314
+#, c-format
+msgid "Path to the restricted sudo-specific environment file: %s"
+msgstr "Pfad zur eingeschränkten sudo »environment«-Datei: %s"
+
+#: plugins/sudoers/def_data.c:318
+#, c-format
+msgid "Locale to use while parsing sudoers: %s"
+msgstr "Beim Auswerten der sudoers-Datei wird diese Locale verwendet: %s"
+
+#: plugins/sudoers/def_data.c:322
+msgid "Allow sudo to prompt for a password even if it would be visible"
+msgstr "sudo erlauben, nach einem Passwort zu fragen, auch wenn das Passwort sichtbar wird"
+
+#: plugins/sudoers/def_data.c:326
+msgid "Provide visual feedback at the password prompt when there is user input"
+msgstr "Sichtbare Rückmeldung bei der Passworteingabeaufforderung, wenn der Benutzer etwas eingibt"
+
+#: plugins/sudoers/def_data.c:330
+msgid "Use faster globbing that is less accurate but does not access the filesystem"
+msgstr "Schnelleren Musterabgleich verwenden, der zwar ungenauer ist, aber nicht auf das Dateisystem zugreift"
+
+#: plugins/sudoers/def_data.c:334
+msgid "The umask specified in sudoers will override the user's, even if it is more permissive"
+msgstr "Die umask in sudoers überschreibt die umask des Benutzers, selbst wenn diese mehr Berechtigungen zulässt"
+
+#: plugins/sudoers/def_data.c:338
+msgid "Log user's input for the command being run"
+msgstr "Benutzereingaben für den ausgeführten Befehl protokollieren"
+
+#: plugins/sudoers/def_data.c:342
+msgid "Log the output of the command being run"
+msgstr "Die Ausgabe des ausgeführten Befehls protokollieren"
+
+#: plugins/sudoers/def_data.c:346
+msgid "Compress I/O logs using zlib"
+msgstr "Ein-/Ausgabe-Protokolle mittels zlib protokollieren"
+
+#: plugins/sudoers/def_data.c:350
+msgid "Always run commands in a pseudo-tty"
+msgstr "Befehle immer in einem Pseudo-TTY ausführen"
+
+#: plugins/sudoers/def_data.c:354
+#, c-format
+msgid "Plugin for non-Unix group support: %s"
+msgstr "Plugin für Unterstützung von Nicht-Unix-Gruppen: %s"
+
+#: plugins/sudoers/def_data.c:358
+#, c-format
+msgid "Directory in which to store input/output logs: %s"
+msgstr "Verzeichnis zur Speicherung der Ein-/Ausgabe-Protokolle: %s"
+
+#: plugins/sudoers/def_data.c:362
+#, c-format
+msgid "File in which to store the input/output log: %s"
+msgstr "Datei zur Speicherung der Ein-/Ausgabe-Protokolle: %s"
+
+#: plugins/sudoers/def_data.c:366
+msgid "Add an entry to the utmp/utmpx file when allocating a pty"
+msgstr "Einen Eintrag in die utmp/utmpx-Datei einfügen, wenn ein Pseudo-TTY erzeugt wird"
+
+#: plugins/sudoers/def_data.c:370
+msgid "Set the user in utmp to the runas user, not the invoking user"
+msgstr "Für den Eintrag in der utmp-Datei den runas-Benutzer verwenden, nicht den aufrufenden Benutzer"
+
+#: plugins/sudoers/def_data.c:374
+#, c-format
+msgid "Set of permitted privileges: %s"
+msgstr "Menge der erlaubten Privilegien: %s"
+
+# XXX einschränkenden?
+#: plugins/sudoers/def_data.c:378
+#, c-format
+msgid "Set of limit privileges: %s"
+msgstr "Menge der eingeschränkten Privilegien: %s"
+
+#: plugins/sudoers/def_data.c:382
+msgid "Run commands on a pty in the background"
+msgstr "Befehle mit einem Pseudo-TTY im Hintergrund starten"
+
+#: plugins/sudoers/def_data.c:386
+#, c-format
+msgid "PAM service name to use: %s"
+msgstr "Verwendeter PAM-Service-Name: %s"
+
+#: plugins/sudoers/def_data.c:390
+#, c-format
+msgid "PAM service name to use for login shells: %s"
+msgstr "PAM-Service-Namen für Anmelde-Shells: %s"
+
+#: plugins/sudoers/def_data.c:394
+msgid "Attempt to establish PAM credentials for the target user"
+msgstr "Versuchen, die PAM-Anmeldedaten für den Ziel-Benutzer zu bekommen"
+
+#: plugins/sudoers/def_data.c:398
+msgid "Create a new PAM session for the command to run in"
+msgstr "Eine neue PAM-Sitzung erzeugen, um den Befehl auszuführen"
+
+#: plugins/sudoers/def_data.c:402
+#, c-format
+msgid "Maximum I/O log sequence number: %u"
+msgstr "Maximale Sequenznummer des Ein-/Ausgabe-Protokolls: %u"
+
+#: plugins/sudoers/def_data.c:406
+msgid "Enable sudoers netgroup support"
+msgstr "Unterstützung für netgroups in sudoers aktivieren"
+
+#: plugins/sudoers/def_data.c:410
+msgid "Check parent directories for writability when editing files with sudoedit"
+msgstr "Prüfe die übergeordneten Verzeichnisse auf Schreibbarkeit beim Editieren von Dateien mit »sudoedit«"
+
+#: plugins/sudoers/def_data.c:414
+msgid "Follow symbolic links when editing files with sudoedit"
+msgstr "Folge symbolischen Links beim Editieren von Dateien mit sudoedit"
+
+#: plugins/sudoers/def_data.c:418
+msgid "Query the group plugin for unknown system groups"
+msgstr "Frage das Group-Plugin nach unbekannten System-Gruppen"
+
+#: plugins/sudoers/def_data.c:422
+msgid "Match netgroups based on the entire tuple: user, host and domain"
+msgstr "Prüfe die Netgroup-Zuordnung aufgrund des gesamten Tupels: Benutzer, Host und Domain"
+
+#: plugins/sudoers/def_data.c:426
+msgid "Allow commands to be run even if sudo cannot write to the audit log"
+msgstr "Erlaubt das Ausführen von Kommandos, auch wenn kein Audit-Log geschrieben werden kann"
+
+#: plugins/sudoers/def_data.c:430
+msgid "Allow commands to be run even if sudo cannot write to the I/O log"
+msgstr "Erlaubt das Ausführen von Kommandos, auch wenn kein I/O-Log geschrieben werden kann"
+
+#: plugins/sudoers/def_data.c:434
+msgid "Allow commands to be run even if sudo cannot write to the log file"
+msgstr "Erlaubt das Ausführen von Kommandos, auch wenn kein Log geschrieben werden kann"
+
+#: plugins/sudoers/def_data.c:438
+msgid "Resolve groups in sudoers and match on the group ID, not the name"
+msgstr "Beim Auflösen von Gruppen in der sudoers nach der Guppen-ID suchen, nicht nach dem Gruppenname"
+
+#: plugins/sudoers/def_data.c:442
+#, c-format
+msgid "Log entries larger than this value will be split into multiple syslog messages: %u"
+msgstr "Log-Einträge größer als dieser Wert werden auf mehrere Syslog Einträge verteilt: %u"
+
+#: plugins/sudoers/def_data.c:446
+#, c-format
+msgid "User that will own the I/O log files: %s"
+msgstr "Eigentümer der I/O Logdateien: %s"
+
+#: plugins/sudoers/def_data.c:450
+#, c-format
+msgid "Group that will own the I/O log files: %s"
+msgstr "Gruppe der I/O Logdateien: %s"
+
+#: plugins/sudoers/def_data.c:454
+#, c-format
+msgid "File mode to use for the I/O log files: 0%o"
+msgstr "Dateimode der I/O Logdatei: 0%o"
+
+#: plugins/sudoers/def_data.c:458
+#, c-format
+msgid "Execute commands by file descriptor instead of by path: %s"
+msgstr "Führe Kommandos mit Hilfe eines Dateideskriptors anstelle des Pfades aus: %s"
+
+#: plugins/sudoers/def_data.c:462
+msgid "Ignore unknown Defaults entries in sudoers instead of producing a warning"
+msgstr "Ignoriere unbekannte Default-Einträge in der Datei »sudoers« anstatt eine Warnung auszugeben"
+
+#: plugins/sudoers/def_data.c:466
+#, c-format
+msgid "Time in seconds after which the command will be terminated: %u"
+msgstr "Laufzeit in Sekunde, nach der das Kommando abgebrochen wird: %u"
+
+#: plugins/sudoers/def_data.c:470
+msgid "Allow the user to specify a timeout on the command line"
+msgstr "Erlaube dem Benutzer per Kommandozeile einen Timeout anzugeben"
+
+#: plugins/sudoers/def_data.c:474
+msgid "Flush I/O log data to disk immediately instead of buffering it"
+msgstr "Schreibe Log-Daten direkt ohne zu puffern"
+
+#: plugins/sudoers/def_data.c:478
+msgid "Include the process ID when logging via syslog"
+msgstr "Protokolliere auch die Prozess-ID beim Schreiben ins Systemlog"
+
+#: plugins/sudoers/def_data.c:482
+#, c-format
+msgid "Type of authentication timestamp record: %s"
+msgstr "Typ des Authentifizierungszeitstempelprotokolls: %s"
+
+#: plugins/sudoers/def_data.c:486
+#, c-format
+msgid "Authentication failure message: %s"
+msgstr "Fehler bei der Authentifizierung: %s"
+
+#: plugins/sudoers/def_data.c:490
+msgid "Ignore case when matching user names"
+msgstr "Ignoriere Groß-/Kleinschreibung beim Matchen von Benutzernamen"
+
+#: plugins/sudoers/def_data.c:494
+msgid "Ignore case when matching group names"
+msgstr "Ignoriere Groß-/Kleinschreibung beim Matchen von Gruppennamen"
+
+#: plugins/sudoers/defaults.c:229
+#, c-format
+msgid "%s:%d unknown defaults entry \"%s\""
+msgstr "%s:%d unbekannter defaults-Eintrag »%s«"
+
+#: plugins/sudoers/defaults.c:232
+#, c-format
+msgid "%s: unknown defaults entry \"%s\""
+msgstr "%s: unbekannter defaults-Eintrag »%s«"
+
+#: plugins/sudoers/defaults.c:275
+#, c-format
+msgid "%s:%d no value specified for \"%s\""
+msgstr "%s:%d Kein Wert für »%s« angegeben"
+
+#: plugins/sudoers/defaults.c:278
+#, c-format
+msgid "%s: no value specified for \"%s\""
+msgstr "%s: Kein Wert für »%s« angegeben"
+
+#: plugins/sudoers/defaults.c:298
+#, c-format
+msgid "%s:%d values for \"%s\" must start with a '/'"
+msgstr "%s:%d Werte für »%s« müssen mit einem »/« beginnen"
+
+#: plugins/sudoers/defaults.c:301
+#, c-format
+msgid "%s: values for \"%s\" must start with a '/'"
+msgstr "%s: Werte für »%s« müssen mit einem »/« beginnen"
+
+#: plugins/sudoers/defaults.c:323
+#, c-format
+msgid "%s:%d option \"%s\" does not take a value"
+msgstr "%s:%d Die Option »%s« wird ohne Wert verwendet"
+
+#: plugins/sudoers/defaults.c:326
+#, c-format
+msgid "%s: option \"%s\" does not take a value"
+msgstr "%s: Die Option »%s« wird ohne Wert verwendet"
+
+#: plugins/sudoers/defaults.c:351
+#, c-format
+msgid "%s:%d invalid Defaults type 0x%x for option \"%s\""
+msgstr "%s:%d Ungültiger »Defaults« Typ 0x%x für Option »%s«"
+
+#: plugins/sudoers/defaults.c:354
+#, c-format
+msgid "%s: invalid Defaults type 0x%x for option \"%s\""
+msgstr "%s: Ungültiger »Defaults« Typ 0x%x für Option »%s«"
+
+#: plugins/sudoers/defaults.c:364
+#, c-format
+msgid "%s:%d value \"%s\" is invalid for option \"%s\""
+msgstr "%s:%d Der Wert »%s« ist für die Option »%s« ungültig"
+
+#: plugins/sudoers/defaults.c:367
+#, c-format
+msgid "%s: value \"%s\" is invalid for option \"%s\""
+msgstr "%s: Der Wert »%s« ist für die Option »%s« ungültig"
+
+#: plugins/sudoers/env.c:390
+msgid "sudo_putenv: corrupted envp, length mismatch"
+msgstr "sudo_putenv: envp ist beschädigt, die Längen passen nicht"
+
+#: plugins/sudoers/env.c:1111
+msgid "unable to rebuild the environment"
+msgstr "Das Environment kann nicht neu erstellt werden"
+
+#: plugins/sudoers/env.c:1185
+#, c-format
+msgid "sorry, you are not allowed to set the following environment variables: %s"
+msgstr "Leider dürfen die folgenden Umgebungsvariablen nicht gesetzt werden: %s"
+
+#: plugins/sudoers/file.c:114
+#, c-format
+msgid "parse error in %s near line %d"
+msgstr "Syntax-Fehler in %s bei der Zeile %d"
+
+#: plugins/sudoers/file.c:117
+#, c-format
+msgid "parse error in %s"
+msgstr "Syntax-Fehler in %s"
+
+#: plugins/sudoers/filedigest.c:59
+#, c-format
+msgid "unsupported digest type %d for %s"
+msgstr "Prüfsummentyp %d wird für %s nicht unterstützt"
+
+#: plugins/sudoers/filedigest.c:88
+#, c-format
+msgid "%s: read error"
+msgstr "%s: Fehler beim Lesen"
+
+#: plugins/sudoers/group_plugin.c:88
+#, c-format
+msgid "%s must be owned by uid %d"
+msgstr "%s muss der uid %d gehören"
+
+#: plugins/sudoers/group_plugin.c:92
+#, c-format
+msgid "%s must only be writable by owner"
+msgstr "%s darf nur für den Eigentümer der Datei schreibbar sein"
+
+#: plugins/sudoers/group_plugin.c:100 plugins/sudoers/sssd.c:561
+#, c-format
+msgid "unable to load %s: %s"
+msgstr "Laden von %s fehlgeschlagen: %s"
+
+#: plugins/sudoers/group_plugin.c:106
+#, c-format
+msgid "unable to find symbol \"group_plugin\" in %s"
+msgstr "Das Symbol »group_plugin« kann in %s nicht gefunden werden"
+
+#: plugins/sudoers/group_plugin.c:111
+#, c-format
+msgid "%s: incompatible group plugin major version %d, expected %d"
+msgstr "%s: Die Major-Version %d des Group-Plugins ist inkompatibel, erwartet wird %d"
+
+#: plugins/sudoers/interfaces.c:84 plugins/sudoers/interfaces.c:101
+#, c-format
+msgid "unable to parse IP address \"%s\""
+msgstr "»%s« ist keine gültige IP-Adresse"
+
+#: plugins/sudoers/interfaces.c:89 plugins/sudoers/interfaces.c:106
+#, c-format
+msgid "unable to parse netmask \"%s\""
+msgstr "»%s« ist keine gültige Netzmaske"
+
+#: plugins/sudoers/interfaces.c:134
+msgid "Local IP address and netmask pairs:\n"
+msgstr "Lokale IP-Adresse und Netzmaske:\n"
+
+#: plugins/sudoers/iolog.c:115 plugins/sudoers/mkdir_parents.c:80
+#, c-format
+msgid "%s exists but is not a directory (0%o)"
+msgstr "%s existiert, aber ist kein Verzeichnis (0%o)"
+
+#: plugins/sudoers/iolog.c:140 plugins/sudoers/iolog.c:180
+#: plugins/sudoers/mkdir_parents.c:69 plugins/sudoers/timestamp.c:210
+#, c-format
+msgid "unable to mkdir %s"
+msgstr "Das Verzeichnis »%s« kann nicht erstellt werden"
+
+#: plugins/sudoers/iolog.c:184 plugins/sudoers/visudo.c:723
+#: plugins/sudoers/visudo.c:734
+#, c-format
+msgid "unable to change mode of %s to 0%o"
+msgstr "Ändern des Modus von %s auf 0%o gescheitert"
+
+#: plugins/sudoers/iolog.c:292 plugins/sudoers/sudoers.c:1167
+#: plugins/sudoers/testsudoers.c:422
+#, c-format
+msgid "unknown group: %s"
+msgstr "Unbekannte Gruppe: %s"
+
+#: plugins/sudoers/iolog.c:462 plugins/sudoers/sudoers.c:907
+#: plugins/sudoers/sudoreplay.c:840 plugins/sudoers/sudoreplay.c:1536
+#: plugins/sudoers/tsdump.c:143
+#, c-format
+msgid "unable to read %s"
+msgstr "Die Datei »%s« kann nicht gelesen werden"
+
+#: plugins/sudoers/iolog.c:577 plugins/sudoers/iolog.c:797
+#, c-format
+msgid "unable to create %s"
+msgstr "Die Datei »%s« kann nicht erstellt werden"
+
+#: plugins/sudoers/iolog.c:820 plugins/sudoers/iolog.c:1035
+#: plugins/sudoers/iolog.c:1111 plugins/sudoers/iolog.c:1205
+#: plugins/sudoers/iolog.c:1265
+#, c-format
+msgid "unable to write to I/O log file: %s"
+msgstr "In die I/O Logdatei kann nicht geschrieben werden: %s"
+
+#: plugins/sudoers/iolog.c:1069
+#, c-format
+msgid "%s: internal error, I/O log file for event %d not open"
+msgstr "%s: Interner Fehler, Logdatei für Event %d nicht geöffnet!"
+
+#: plugins/sudoers/iolog.c:1228
+#, c-format
+msgid "%s: internal error, invalid signal %d"
+msgstr "%s: Interner Fehler, ungültiges Signal %d"
+
+#: plugins/sudoers/iolog_util.c:87
+#, c-format
+msgid "%s: invalid log file"
+msgstr "%s: ungültige Protokolldatei"
+
+#: plugins/sudoers/iolog_util.c:105
+#, c-format
+msgid "%s: time stamp field is missing"
+msgstr "%s: Das Feld für den Zeitstempel fehlt"
+
+#: plugins/sudoers/iolog_util.c:111
+#, c-format
+msgid "%s: time stamp %s: %s"
+msgstr "%s: Zeitstempel %s: %s"
+
+#: plugins/sudoers/iolog_util.c:118
+#, c-format
+msgid "%s: user field is missing"
+msgstr "%s: Das Benutzerfeld fehlt"
+
+#: plugins/sudoers/iolog_util.c:127
+#, c-format
+msgid "%s: runas user field is missing"
+msgstr "%s: Das Feld für den »runas«-Benutzer fehlt"
+
+#: plugins/sudoers/iolog_util.c:136
+#, c-format
+msgid "%s: runas group field is missing"
+msgstr "%s: Das Feld für die »runas«-Gruppe fehlt"
+
+#: plugins/sudoers/ldap.c:176 plugins/sudoers/ldap_conf.c:294
+msgid "starttls not supported when using ldaps"
+msgstr "starttls wird für ldaps nicht unterstützt"
+
+#: plugins/sudoers/ldap.c:247
+#, c-format
+msgid "unable to initialize SSL cert and key db: %s"
+msgstr "Die Zertifikat- und Schlüsseldatenbank für SSL kann nicht initialisiert werden: %s"
+
+#: plugins/sudoers/ldap.c:250
+#, c-format
+msgid "you must set TLS_CERT in %s to use SSL"
+msgstr "In der Datei »%s« muss »TLS_CERT« angegeben sein, um SSL zu nutzen"
+
+#: plugins/sudoers/ldap.c:1612
+#, c-format
+msgid "unable to initialize LDAP: %s"
+msgstr "LDAP kann nicht initialisiert werden: %s"
+
+#: plugins/sudoers/ldap.c:1648
+msgid "start_tls specified but LDAP libs do not support ldap_start_tls_s() or ldap_start_tls_s_np()"
+msgstr "start_tls ist angegeben, aber die LDAP-Bibliotheken unterstützen ldap_start_tls_s() und ldap_start_tls_s_np() nicht"
+
+#: plugins/sudoers/ldap.c:1785 plugins/sudoers/parse_ldif.c:735
+#, c-format
+msgid "invalid sudoOrder attribute: %s"
+msgstr "Ungültiges »sudoOrder« Attribut: %s"
+
+#: plugins/sudoers/ldap_conf.c:203
+msgid "sudo_ldap_conf_add_ports: port too large"
+msgstr "sudo_ldap_conf_add_ports: Port ist zu groß"
+
+#: plugins/sudoers/ldap_conf.c:263
+#, c-format
+msgid "unsupported LDAP uri type: %s"
+msgstr "LDAP-Adresstyp wird nicht unterstützt: %s"
+
+#: plugins/sudoers/ldap_conf.c:290
+msgid "unable to mix ldap and ldaps URIs"
+msgstr "ldap- und ldaps-Adressen können nicht zusammen verwendet werden"
+
+#: plugins/sudoers/ldap_util.c:454 plugins/sudoers/ldap_util.c:456
+#, c-format
+msgid "unable to convert sudoOption: %s%s%s"
+msgstr "sudoOption kann nicht konvertiert werden: %s%s%s"
+
+#: plugins/sudoers/linux_audit.c:57
+msgid "unable to open audit system"
+msgstr "Das Audit-System kann nicht geöffnet werden"
+
+#: plugins/sudoers/linux_audit.c:98
+msgid "unable to send audit message"
+msgstr "Die Audit-Nachricht kann nicht gesendet werden"
+
+#: plugins/sudoers/logging.c:113
+#, c-format
+msgid "%8s : %s"
+msgstr "%8s : %s"
+
+#: plugins/sudoers/logging.c:141
+#, c-format
+msgid "%8s : (command continued) %s"
+msgstr "%8s : (Befehl fortgesetzt) %s"
+
+#: plugins/sudoers/logging.c:170
+#, c-format
+msgid "unable to open log file: %s"
+msgstr "Die Protokolldatei kann nicht geöffnet werden: %s"
+
+#: plugins/sudoers/logging.c:178
+#, c-format
+msgid "unable to lock log file: %s"
+msgstr "Die Sperrdatei kann nicht geöffnet werden: %s"
+
+#: plugins/sudoers/logging.c:211
+#, c-format
+msgid "unable to write log file: %s"
+msgstr "In die Logdatei kann nicht geschrieben werden: %s"
+
+#: plugins/sudoers/logging.c:240
+msgid "No user or host"
+msgstr "Kein Benutzer oder Rechner angegeben"
+
+#: plugins/sudoers/logging.c:242
+msgid "validation failure"
+msgstr "Fehler bei der Validierung"
+
+#: plugins/sudoers/logging.c:249
+msgid "user NOT in sudoers"
+msgstr "Der Benutzer ist NICHT in der sudoers-Datei enthalten"
+
+#: plugins/sudoers/logging.c:251
+msgid "user NOT authorized on host"
+msgstr "Der Benutzer ist NICHT auf dem Rechner autorisiert"
+
+#: plugins/sudoers/logging.c:253
+msgid "command not allowed"
+msgstr "Der Befehl ist nicht erlaubt"
+
+#: plugins/sudoers/logging.c:288
+#, c-format
+msgid "%s is not in the sudoers file.  This incident will be reported.\n"
+msgstr "%s ist nicht in der sudoers-Datei. Dieser Vorfall wird gemeldet.\n"
+
+#: plugins/sudoers/logging.c:291
+#, c-format
+msgid "%s is not allowed to run sudo on %s.  This incident will be reported.\n"
+msgstr "%s darf sudo für %s nicht verwenden. Dieser Vorfall wird gemeldet.\n"
+
+#: plugins/sudoers/logging.c:295
+#, c-format
+msgid "Sorry, user %s may not run sudo on %s.\n"
+msgstr "Leider darf der Benutzer %s sudo für %s nicht verwenden.\n"
+
+#: plugins/sudoers/logging.c:298
+#, c-format
+msgid "Sorry, user %s is not allowed to execute '%s%s%s' as %s%s%s on %s.\n"
+msgstr "Leider darf der Benutzer %s »%s%s%s« als %s%s%s auf %s nicht ausführen.\n"
+
+#: plugins/sudoers/logging.c:335 plugins/sudoers/sudoers.c:438
+#: plugins/sudoers/sudoers.c:440 plugins/sudoers/sudoers.c:442
+#: plugins/sudoers/sudoers.c:444 plugins/sudoers/sudoers.c:599
+#: plugins/sudoers/sudoers.c:601
+#, c-format
+msgid "%s: command not found"
+msgstr "%s: Befehl nicht gefunden"
+
+#: plugins/sudoers/logging.c:337 plugins/sudoers/sudoers.c:434
+#, c-format
+msgid ""
+"ignoring \"%s\" found in '.'\n"
+"Use \"sudo ./%s\" if this is the \"%s\" you wish to run."
+msgstr ""
+"Im aktuellen Verzeichnis ».« gefundenes »%s« wird ignoriert.\n"
+"Verwenden Sie »sudo ./%s«, wenn dies der gewünschte Befehl »%s« ist."
+
+#: plugins/sudoers/logging.c:354
+msgid "authentication failure"
+msgstr "Fehler bei der Authentifizierung"
+
+#: plugins/sudoers/logging.c:380
+msgid "a password is required"
+msgstr "Ein Passwort ist notwendig"
+
+#: plugins/sudoers/logging.c:443
+#, c-format
+msgid "%u incorrect password attempt"
+msgid_plural "%u incorrect password attempts"
+msgstr[0] "%u Fehlversuch bei der Passwort-Eingabe"
+msgstr[1] "%u Fehlversuche bei der Passwort-Eingabe"
+
+#: plugins/sudoers/logging.c:666
+msgid "unable to fork"
+msgstr "Fehler bei fork()"
+
+#: plugins/sudoers/logging.c:674 plugins/sudoers/logging.c:726
+#, c-format
+msgid "unable to fork: %m"
+msgstr "Fehler bei fork(): %m"
+
+#: plugins/sudoers/logging.c:716
+#, c-format
+msgid "unable to open pipe: %m"
+msgstr "Die Pipe kann nicht geöffnet werden: %m"
+
+#: plugins/sudoers/logging.c:741
+#, c-format
+msgid "unable to dup stdin: %m"
+msgstr "Die Standardeingabe kann nicht dupliziert werden: %m"
+
+#: plugins/sudoers/logging.c:779
+#, c-format
+msgid "unable to execute %s: %m"
+msgstr "%s kann nicht ausgeführt werden: %m"
+
+#: plugins/sudoers/match.c:874
+#, c-format
+msgid "digest for %s (%s) is not in %s form"
+msgstr "Prüfsumme für %s (%s) ist nicht in der Form %s"
+
+#: plugins/sudoers/mkdir_parents.c:75 plugins/sudoers/sudoers.c:918
+#: plugins/sudoers/visudo.c:421 plugins/sudoers/visudo.c:717
+#, c-format
+msgid "unable to stat %s"
+msgstr "stat konnte nicht auf %s angewendet werden"
+
+#: plugins/sudoers/parse.c:444
+#, c-format
+msgid ""
+"\n"
+"LDAP Role: %s\n"
+msgstr ""
+"\n"
+"LDAP-Rolle: %s\n"
+
+#: plugins/sudoers/parse.c:447
+#, c-format
+msgid ""
+"\n"
+"Sudoers entry:\n"
+msgstr ""
+"\n"
+"Sudoers-Eintrag:\n"
+
+#: plugins/sudoers/parse.c:449
+#, c-format
+msgid "    RunAsUsers: "
+msgstr "    RunAsUsers: "
+
+#: plugins/sudoers/parse.c:464
+#, c-format
+msgid "    RunAsGroups: "
+msgstr "    RunAsGroups: "
+
+#: plugins/sudoers/parse.c:474
+#, c-format
+msgid "    Options: "
+msgstr "    Optionen: "
+
+#: plugins/sudoers/parse.c:528
+#, c-format
+msgid "    Commands:\n"
+msgstr "    Befehle:\n"
+
+#: plugins/sudoers/parse.c:719
+#, c-format
+msgid "Matching Defaults entries for %s on %s:\n"
+msgstr "Passende Defaults-Einträge für %s auf %s:\n"
+
+#: plugins/sudoers/parse.c:737
+#, c-format
+msgid "Runas and Command-specific defaults for %s:\n"
+msgstr "Runas und befehlsspezifische Standardwerte für %s:\n"
+
+#: plugins/sudoers/parse.c:755
+#, c-format
+msgid "User %s may run the following commands on %s:\n"
+msgstr "Der Benutzer %s darf die folgenden Befehle auf %s ausführen:\n"
+
+#: plugins/sudoers/parse.c:770
+#, c-format
+msgid "User %s is not allowed to run sudo on %s.\n"
+msgstr "Der Benutzer %s darf sudo auf dem Rechner %s nicht ausführen.\n"
+
+#: plugins/sudoers/parse_ldif.c:145
+#, c-format
+msgid "ignoring invalid attribute value: %s"
+msgstr "ignoriere ungültigen Attribut-Wert: %s"
+
+#: plugins/sudoers/parse_ldif.c:584
+#, c-format
+msgid "ignoring incomplete sudoRole: cn: %s"
+msgstr "ignoriere die unvollständige sudoRole: cn: %s"
+
+#: plugins/sudoers/policy.c:88 plugins/sudoers/policy.c:114
+#, c-format
+msgid "invalid %.*s set by sudo front-end"
+msgstr "ungültige Option »%.*s« durch das sudo-Frontend angegeben"
+
+#: plugins/sudoers/policy.c:293 plugins/sudoers/testsudoers.c:278
+msgid "unable to parse network address list"
+msgstr "Die Netzwerkadressliste kann nicht eingelesen werden"
+
+#: plugins/sudoers/policy.c:437
+msgid "user name not set by sudo front-end"
+msgstr "Benutzername nicht durch das sudo-Frontend angegeben"
+
+#: plugins/sudoers/policy.c:441
+msgid "user ID not set by sudo front-end"
+msgstr "User-ID nicht durch das sudo-Frontend angegeben"
+
+#: plugins/sudoers/policy.c:445
+msgid "group ID not set by sudo front-end"
+msgstr "Gruppen-ID nicht durch das sudo-Frontend angegeben"
+
+#: plugins/sudoers/policy.c:449
+msgid "host name not set by sudo front-end"
+msgstr "Hostname nicht durch das sudo-Frontend angegeben"
+
+#: plugins/sudoers/policy.c:802 plugins/sudoers/visudo.c:220
+#: plugins/sudoers/visudo.c:851
+#, c-format
+msgid "unable to execute %s"
+msgstr "%s kann nicht ausgeführt werden"
+
+#: plugins/sudoers/policy.c:933
+#, c-format
+msgid "Sudoers policy plugin version %s\n"
+msgstr "Sudoers-Policy-Plugin Version %s\n"
+
+#: plugins/sudoers/policy.c:935
+#, c-format
+msgid "Sudoers file grammar version %d\n"
+msgstr "Sudoers-Datei-Grammatik-Version %d\n"
+
+#: plugins/sudoers/policy.c:939
+#, c-format
+msgid ""
+"\n"
+"Sudoers path: %s\n"
+msgstr ""
+"\n"
+"Sudoers-Pfad: %s\n"
+
+#: plugins/sudoers/policy.c:942
+#, c-format
+msgid "nsswitch path: %s\n"
+msgstr "nsswitch-Pfad: %s\n"
+
+#: plugins/sudoers/policy.c:944
+#, c-format
+msgid "ldap.conf path: %s\n"
+msgstr "ldap.conf-Pfad: %s\n"
+
+#: plugins/sudoers/policy.c:945
+#, c-format
+msgid "ldap.secret path: %s\n"
+msgstr "ldap.secret-Pfad: %s\n"
+
+#: plugins/sudoers/policy.c:978
+#, c-format
+msgid "unable to register hook of type %d (version %d.%d)"
+msgstr "Der Hook vom Typ %d kann nicht registriert werden (Version %d.%d)"
+
+#: plugins/sudoers/pwutil.c:220 plugins/sudoers/pwutil.c:239
+#, c-format
+msgid "unable to cache uid %u, out of memory"
+msgstr "Die Benutzer-ID %u kann nicht zwischengespeichert werden, kein Speicher verfügbar"
+
+#: plugins/sudoers/pwutil.c:233
+#, c-format
+msgid "unable to cache uid %u, already exists"
+msgstr "Die Benutzer-ID %u kann nicht zwischengespeichert werden, sie existiert bereits"
+
+#: plugins/sudoers/pwutil.c:293 plugins/sudoers/pwutil.c:311
+#: plugins/sudoers/pwutil.c:373 plugins/sudoers/pwutil.c:418
+#, c-format
+msgid "unable to cache user %s, out of memory"
+msgstr "Der Benutzer %s kann nicht in den Zwischenspeicher aufgenommen werden, kein Speicher verfügbar"
+
+#: plugins/sudoers/pwutil.c:306
+#, c-format
+msgid "unable to cache user %s, already exists"
+msgstr "Der Benutzer %s kann nicht in den Zwischenspeicher aufgenommen werden, er existiert bereits"
+
+#: plugins/sudoers/pwutil.c:537 plugins/sudoers/pwutil.c:556
+#, c-format
+msgid "unable to cache gid %u, out of memory"
+msgstr "Die Gruppen-ID %u kann nicht in den Zwischenspeicher aufgenommen werden, kein Speicher verfügbar"
+
+#: plugins/sudoers/pwutil.c:550
+#, c-format
+msgid "unable to cache gid %u, already exists"
+msgstr "Die Gruppen-ID %u kann nicht in den Zwischenspeicher aufgenommen werden, sie existiert bereits"
+
+#: plugins/sudoers/pwutil.c:604 plugins/sudoers/pwutil.c:622
+#: plugins/sudoers/pwutil.c:669 plugins/sudoers/pwutil.c:711
+#, c-format
+msgid "unable to cache group %s, out of memory"
+msgstr "Die Gruppe %s kann nicht in den Zwischenspeicher aufgenommen werden, kein Speicher verfügbar"
+
+#: plugins/sudoers/pwutil.c:617
+#, c-format
+msgid "unable to cache group %s, already exists"
+msgstr "Die Gruppe %s kann nicht in den Zwischenspeicher aufgenommen werden, sie existiert bereits"
+
+#: plugins/sudoers/pwutil.c:837 plugins/sudoers/pwutil.c:889
+#: plugins/sudoers/pwutil.c:940 plugins/sudoers/pwutil.c:993
+#, c-format
+msgid "unable to cache group list for %s, already exists"
+msgstr "Die Gruppen-Liste für %s kann nicht in den Zwischenspeicher aufgenommen werden, sie existiert bereits"
+
+#: plugins/sudoers/pwutil.c:843 plugins/sudoers/pwutil.c:894
+#: plugins/sudoers/pwutil.c:946 plugins/sudoers/pwutil.c:998
+#, c-format
+msgid "unable to cache group list for %s, out of memory"
+msgstr "Die Gruppen-Liste für %s kann nicht in den Zwischenspeicher aufgenommen werden, kein Speicher verfügbar"
+
+#: plugins/sudoers/pwutil.c:883
+#, c-format
+msgid "unable to parse groups for %s"
+msgstr "Die Gruppen für %s können nicht eingelesen werden"
+
+#: plugins/sudoers/pwutil.c:987
+#, c-format
+msgid "unable to parse gids for %s"
+msgstr "Die Gruppen für %s können nicht geparst werden"
+
+#: plugins/sudoers/set_perms.c:118 plugins/sudoers/set_perms.c:474
+#: plugins/sudoers/set_perms.c:917 plugins/sudoers/set_perms.c:1244
+#: plugins/sudoers/set_perms.c:1561
+msgid "perm stack overflow"
+msgstr "Stack-Überlauf der Zugriffsrechte"
+
+#: plugins/sudoers/set_perms.c:126 plugins/sudoers/set_perms.c:405
+#: plugins/sudoers/set_perms.c:482 plugins/sudoers/set_perms.c:784
+#: plugins/sudoers/set_perms.c:925 plugins/sudoers/set_perms.c:1168
+#: plugins/sudoers/set_perms.c:1252 plugins/sudoers/set_perms.c:1494
+#: plugins/sudoers/set_perms.c:1569 plugins/sudoers/set_perms.c:1659
+msgid "perm stack underflow"
+msgstr "Stack-Bereichsunterschreitung der Zugriffsrechte"
+
+#: plugins/sudoers/set_perms.c:185 plugins/sudoers/set_perms.c:528
+#: plugins/sudoers/set_perms.c:1303 plugins/sudoers/set_perms.c:1601
+msgid "unable to change to root gid"
+msgstr "Wechsel zur root-GID ist nicht möglich"
+
+#: plugins/sudoers/set_perms.c:274 plugins/sudoers/set_perms.c:625
+#: plugins/sudoers/set_perms.c:1054 plugins/sudoers/set_perms.c:1380
+msgid "unable to change to runas gid"
+msgstr "Wechsel zur runas-UID ist nicht möglich"
+
+#: plugins/sudoers/set_perms.c:279 plugins/sudoers/set_perms.c:630
+#: plugins/sudoers/set_perms.c:1059 plugins/sudoers/set_perms.c:1385
+msgid "unable to set runas group vector"
+msgstr "Die runas-Gruppen können nicht gesetzt werden"
+
+#: plugins/sudoers/set_perms.c:290 plugins/sudoers/set_perms.c:641
+#: plugins/sudoers/set_perms.c:1068 plugins/sudoers/set_perms.c:1394
+msgid "unable to change to runas uid"
+msgstr "Wechsel zur runas-GID ist nicht möglich"
+
+#: plugins/sudoers/set_perms.c:308 plugins/sudoers/set_perms.c:659
+#: plugins/sudoers/set_perms.c:1084 plugins/sudoers/set_perms.c:1410
+msgid "unable to change to sudoers gid"
+msgstr "Wechsel zur sudoers-GID ist nicht möglich"
+
+#: plugins/sudoers/set_perms.c:392 plugins/sudoers/set_perms.c:771
+#: plugins/sudoers/set_perms.c:1155 plugins/sudoers/set_perms.c:1481
+#: plugins/sudoers/set_perms.c:1646
+msgid "too many processes"
+msgstr "Zu viele Prozesse"
+
+#: plugins/sudoers/solaris_audit.c:56
+msgid "unable to get current working directory"
+msgstr "Das aktuelle Arbeitsverzeichnis kann nicht bestimmt werden"
+
+#: plugins/sudoers/solaris_audit.c:64
+#, c-format
+msgid "truncated audit path user_cmnd: %s"
+msgstr "Audit-Pfad user_cmnd abgeschnitten: %s"
+
+#: plugins/sudoers/solaris_audit.c:71
+#, c-format
+msgid "truncated audit path argv[0]: %s"
+msgstr "Audit-Pfad argv[0] abgeschnitten: %s"
+
+#: plugins/sudoers/solaris_audit.c:120
+msgid "audit_failure message too long"
+msgstr "audit_failure-Meldung ist zu lang"
+
+#: plugins/sudoers/sssd.c:563
+msgid "unable to initialize SSS source. Is SSSD installed on your machine?"
+msgstr "Die SSS-Quelle kann nicht initialisiert werden. Ist SSSD auf dem Rechner installiert?"
+
+#: plugins/sudoers/sssd.c:571 plugins/sudoers/sssd.c:580
+#: plugins/sudoers/sssd.c:589 plugins/sudoers/sssd.c:598
+#: plugins/sudoers/sssd.c:607
+#, c-format
+msgid "unable to find symbol \"%s\" in %s"
+msgstr "Das Symbol »%s« kann in %s nicht gefunden werden"
+
+#: plugins/sudoers/sudoers.c:208 plugins/sudoers/sudoers.c:864
+msgid "problem with defaults entries"
+msgstr "Problem mit den Standard-Einträgen"
+
+#: plugins/sudoers/sudoers.c:212
+msgid "no valid sudoers sources found, quitting"
+msgstr "Keine gültige sudoers-Quelle gefunden, Programmende"
+
+#: plugins/sudoers/sudoers.c:250
+msgid "sudoers specifies that root is not allowed to sudo"
+msgstr "sudoers gibt an, dass root sudo nicht verwenden darf"
+
+#: plugins/sudoers/sudoers.c:308
+msgid "you are not permitted to use the -C option"
+msgstr "Sie dürfen die Option -C nicht verwenden"
+
+#: plugins/sudoers/sudoers.c:355
+#, c-format
+msgid "timestamp owner (%s): No such user"
+msgstr "Zeitstempelbesitzer (%s): Benutzer existiert nicht"
+
+#: plugins/sudoers/sudoers.c:370
+msgid "no tty"
+msgstr "Kein tty"
+
+#: plugins/sudoers/sudoers.c:371
+msgid "sorry, you must have a tty to run sudo"
+msgstr "Sie müssen ein TTY haben, um sudo zu verwenden"
+
+#: plugins/sudoers/sudoers.c:433
+msgid "command in current directory"
+msgstr "Befehl ist im aktuellen Verzeichnis"
+
+#: plugins/sudoers/sudoers.c:452
+msgid "sorry, you are not allowed set a command timeout"
+msgstr "Sie dürfen keinen Timeout angeben"
+
+#: plugins/sudoers/sudoers.c:460
+msgid "sorry, you are not allowed to preserve the environment"
+msgstr "Sie dürfen das Environment nicht erhalten"
+
+#: plugins/sudoers/sudoers.c:808
+msgid "command too long"
+msgstr "Der Befehl ist zu lang"
+
+#: plugins/sudoers/sudoers.c:922
+#, c-format
+msgid "%s is not a regular file"
+msgstr "%s ist keine reguläre Datei"
+
+#: plugins/sudoers/sudoers.c:926 plugins/sudoers/timestamp.c:257 toke.l:965
+#, c-format
+msgid "%s is owned by uid %u, should be %u"
+msgstr "%s gehört UID %u, sollte UID %u gehören"
+
+#: plugins/sudoers/sudoers.c:930 toke.l:970
+#, c-format
+msgid "%s is world writable"
+msgstr "%s ist für alle beschreibbar (world writable)"
+
+#: plugins/sudoers/sudoers.c:934 toke.l:973
+#, c-format
+msgid "%s is owned by gid %u, should be %u"
+msgstr "%s gehört GID %u, sollte allerdings %u gehören"
+
+#: plugins/sudoers/sudoers.c:967
+#, c-format
+msgid "only root can use \"-c %s\""
+msgstr "Nur root kann »-c %s« verwenden"
+
+#: plugins/sudoers/sudoers.c:986
+#, c-format
+msgid "unknown login class: %s"
+msgstr "Unbekannte Anmeldeklasse: %s"
+
+#: plugins/sudoers/sudoers.c:1069 plugins/sudoers/sudoers.c:1083
+#, c-format
+msgid "unable to resolve host %s"
+msgstr "Hostname %s kann nicht aufgelöst werden"
+
+#: plugins/sudoers/sudoreplay.c:248
+#, c-format
+msgid "invalid filter option: %s"
+msgstr "Ungültige Filteroption: %s"
+
+#: plugins/sudoers/sudoreplay.c:261
+#, c-format
+msgid "invalid max wait: %s"
+msgstr "Ungültige maximale Wartezeit: %s"
+
+#: plugins/sudoers/sudoreplay.c:284
+#, c-format
+msgid "invalid speed factor: %s"
+msgstr "Ungültiger Geschwindigkeitsfaktor: %s"
+
+#: plugins/sudoers/sudoreplay.c:319
+#, c-format
+msgid "%s/%.2s/%.2s/%.2s/timing: %s"
+msgstr "%s/%.2s/%.2s/%.2s/Zeit: %s"
+
+#: plugins/sudoers/sudoreplay.c:325
+#, c-format
+msgid "%s/%s/timing: %s"
+msgstr "%s/%s/Zeit: %s"
+
+#: plugins/sudoers/sudoreplay.c:341
+#, c-format
+msgid "Replaying sudo session: %s"
+msgstr "Sudo-Sitzung wird abgespielt: %s"
+
+#: plugins/sudoers/sudoreplay.c:539 plugins/sudoers/sudoreplay.c:586
+#: plugins/sudoers/sudoreplay.c:783 plugins/sudoers/sudoreplay.c:892
+#: plugins/sudoers/sudoreplay.c:977 plugins/sudoers/sudoreplay.c:992
+#: plugins/sudoers/sudoreplay.c:999 plugins/sudoers/sudoreplay.c:1006
+#: plugins/sudoers/sudoreplay.c:1013 plugins/sudoers/sudoreplay.c:1020
+#: plugins/sudoers/sudoreplay.c:1168
+msgid "unable to add event to queue"
+msgstr "Event kann nicht zur Warteschlange hinzugefügt werden"
+
+#: plugins/sudoers/sudoreplay.c:654
+msgid "unable to set tty to raw mode"
+msgstr "TTY konnte nicht in den Raw-Modus versetzt werden"
+
+#: plugins/sudoers/sudoreplay.c:705
+#, c-format
+msgid "Warning: your terminal is too small to properly replay the log.\n"
+msgstr ""
+"Warnung: Ihr Terminal ist zu klein, um das Protokoll korrekt\n"
+"wiederzugeben.\n"
+
+#: plugins/sudoers/sudoreplay.c:706
+#, c-format
+msgid "Log geometry is %d x %d, your terminal's geometry is %d x %d."
+msgstr "Protokollgeometrie ist %d x %d, die Geometrie Ihres Terminals ist %d x %d."
+
+#: plugins/sudoers/sudoreplay.c:734
+msgid "Replay finished, press any key to restore the terminal."
+msgstr "Wiedergabe beendet, eine Taste drücken um das Terminal wiederherzustellen."
+
+#: plugins/sudoers/sudoreplay.c:766
+#, c-format
+msgid "invalid timing file line: %s"
+msgstr "Ungültige Zeitdateizeile: %s"
+
+#: plugins/sudoers/sudoreplay.c:1202 plugins/sudoers/sudoreplay.c:1227
+#, c-format
+msgid "ambiguous expression \"%s\""
+msgstr "Mehrdeutiger Ausdruck »%s«"
+
+#: plugins/sudoers/sudoreplay.c:1249
+msgid "unmatched ')' in expression"
+msgstr "»)« ohne öffnende Klammer im Ausdruck"
+
+#: plugins/sudoers/sudoreplay.c:1253
+#, c-format
+msgid "unknown search term \"%s\""
+msgstr "Unbekannter Suchbegriff »%s«"
+
+#: plugins/sudoers/sudoreplay.c:1268
+#, c-format
+msgid "%s requires an argument"
+msgstr "%s erfordert ein Argument"
+
+#: plugins/sudoers/sudoreplay.c:1271 plugins/sudoers/sudoreplay.c:1512
+#, c-format
+msgid "invalid regular expression: %s"
+msgstr "ungültiger regulärer Ausdruck: %s"
+
+#: plugins/sudoers/sudoreplay.c:1275
+#, c-format
+msgid "could not parse date \"%s\""
+msgstr "Datum »%s« konnte nicht analysiert werden"
+
+#: plugins/sudoers/sudoreplay.c:1284
+msgid "unmatched '(' in expression"
+msgstr "»(« ohne schließende Klammer im Ausdruck"
+
+#: plugins/sudoers/sudoreplay.c:1286
+msgid "illegal trailing \"or\""
+msgstr "Ungültiges nachgestelltes »or«"
+
+#: plugins/sudoers/sudoreplay.c:1288
+msgid "illegal trailing \"!\""
+msgstr "Ungültiges nachgestelltes »!«"
+
+#: plugins/sudoers/sudoreplay.c:1338
+#, c-format
+msgid "unknown search type %d"
+msgstr "Unbekannter Suchtyp %d"
+
+#: plugins/sudoers/sudoreplay.c:1605
+#, c-format
+msgid "usage: %s [-hnRS] [-d dir] [-m num] [-s num] ID\n"
+msgstr "Aufruf: %s [-hnRS] [-d Verzeichnis] [-m Max_Wartezeit] [-s Geschwindigkeitsfaktor] ID\n"
+
+#: plugins/sudoers/sudoreplay.c:1608
+#, c-format
+msgid "usage: %s [-h] [-d dir] -l [search expression]\n"
+msgstr "Aufruf: %s [-h] [-d Verzeichnis] -l [Suchausdruck]\n"
+
+#: plugins/sudoers/sudoreplay.c:1617
+#, c-format
+msgid ""
+"%s - replay sudo session logs\n"
+"\n"
+msgstr ""
+"%s – sudo-Sitzungsprotokolle abspielen\n"
+"\n"
+
+#: plugins/sudoers/sudoreplay.c:1619
+msgid ""
+"\n"
+"Options:\n"
+"  -d, --directory=dir  specify directory for session logs\n"
+"  -f, --filter=filter  specify which I/O type(s) to display\n"
+"  -h, --help           display help message and exit\n"
+"  -l, --list           list available session IDs, with optional expression\n"
+"  -m, --max-wait=num   max number of seconds to wait between events\n"
+"  -S, --suspend-wait   wait while the command was suspended\n"
+"  -s, --speed=num      speed up or slow down output\n"
+"  -V, --version        display version information and exit"
+msgstr ""
+"\n"
+"Optionen:\n"
+"  -d, --directory=Verzeichnis  gibt ein Verzeichnis für Sitzungsprotokolle an\n"
+"  -f, --filter=Filter          gibt an, welcher E/A-Typ angezeigt werden soll\n"
+"  -h, --help                   zeigt einen Hilfetext an und beendet\n"
+"                                 das Programm\n"
+"  -l, --list                   zeigt verfügbare Sitzungs-IDs an, die mit dem\n"
+"                                 Ausdruck übereinstimmen\n"
+"  -m, --max-wait=Zahl          gibt die maximale Wartezeit zwischen Ereignissen\n"
+"                                 in Sekunden an\n"
+"  -S, --suspend-wait           wait while the command was suspended\n"
+"  -s, --speed=Zahl             beschleunigt oder verlangsamt die Wiedergabe\n"
+"  -V, --version                zeigt Versionsinformationen an und beendet\n"
+"                                 das Programm"
+
+#: plugins/sudoers/testsudoers.c:360
+msgid "\thost  unmatched"
+msgstr "\tHost  stimmt nicht überein"
+
+#: plugins/sudoers/testsudoers.c:363
+msgid ""
+"\n"
+"Command allowed"
+msgstr ""
+"\n"
+"Befehl erlaubt"
+
+#: plugins/sudoers/testsudoers.c:364
+msgid ""
+"\n"
+"Command denied"
+msgstr ""
+"\n"
+"Befehl verweigert"
+
+#: plugins/sudoers/testsudoers.c:364
+msgid ""
+"\n"
+"Command unmatched"
+msgstr ""
+"\n"
+"Befehl nicht erkannt"
+
+#: plugins/sudoers/timestamp.c:265
+#, c-format
+msgid "%s is group writable"
+msgstr "%s ist für die Gruppe beschreibbar"
+
+#: plugins/sudoers/timestamp.c:341
+#, c-format
+msgid "unable to truncate time stamp file to %lld bytes"
+msgstr "Die Zeitstempeldatei kann nicht auf %lld Bytes abgeschnitten werden"
+
+#: plugins/sudoers/timestamp.c:827 plugins/sudoers/timestamp.c:919
+#: plugins/sudoers/visudo.c:482 plugins/sudoers/visudo.c:488
+msgid "unable to read the clock"
+msgstr "Die Uhrzeit kann nicht ausgelesen werden"
+
+#: plugins/sudoers/timestamp.c:838
+msgid "ignoring time stamp from the future"
+msgstr "Zeitstempel aus der Zukunft wird ignoriert"
+
+#: plugins/sudoers/timestamp.c:861
+#, c-format
+msgid "time stamp too far in the future: %20.20s"
+msgstr "Zeitstempel ist zu weit in der Zukunft: %20.20s"
+
+#: plugins/sudoers/timestamp.c:983
+#, c-format
+msgid "unable to lock time stamp file %s"
+msgstr "Die Zeitstempeldatei »%s« kann nicht gesperrt werden"
+
+#: plugins/sudoers/timestamp.c:1027 plugins/sudoers/timestamp.c:1047
+#, c-format
+msgid "lecture status path too long: %s/%s"
+msgstr "Pfad zur Belehrung ist zu lang: %s/%s"
+
+#: plugins/sudoers/visudo.c:216
+msgid "the -x option will be removed in a future release"
+msgstr "Die Option »-x» wird in einer zukünftigen Version entfernt"
+
+#: plugins/sudoers/visudo.c:217
+msgid "please consider using the cvtsudoers utility instead"
+msgstr "Bitte verwenden Sie stattdessen das Programm »cvtsudoers«"
+
+#: plugins/sudoers/visudo.c:268 plugins/sudoers/visudo.c:650
+#, c-format
+msgid "press return to edit %s: "
+msgstr "Drücken Sie die Eingabetaste, um %s zu bearbeiten: "
+
+#: plugins/sudoers/visudo.c:329
+#, c-format
+msgid "specified editor (%s) doesn't exist"
+msgstr "Der angegebene Editor (%s) ist nicht vorhanden"
+
+#: plugins/sudoers/visudo.c:331
+#, c-format
+msgid "no editor found (editor path = %s)"
+msgstr "Kein Editor gefunden (Pfad zum Editor = %s)"
+
+#: plugins/sudoers/visudo.c:441 plugins/sudoers/visudo.c:449
+msgid "write error"
+msgstr "Schreibfehler"
+
+#: plugins/sudoers/visudo.c:495
+#, c-format
+msgid "unable to stat temporary file (%s), %s unchanged"
+msgstr "Anwenden von stat auf die temporäre Datei (%s) gescheitert, %s ist unverändert"
+
+#: plugins/sudoers/visudo.c:502
+#, c-format
+msgid "zero length temporary file (%s), %s unchanged"
+msgstr "Leere temporäre Datei (%s), %s ist unverändert"
+
+#: plugins/sudoers/visudo.c:508
+#, c-format
+msgid "editor (%s) failed, %s unchanged"
+msgstr "Editor-Aufruf (%s) ist gescheitert, %s ist unverändert"
+
+#: plugins/sudoers/visudo.c:530
+#, c-format
+msgid "%s unchanged"
+msgstr "%s unverändert"
+
+#: plugins/sudoers/visudo.c:589
+#, c-format
+msgid "unable to re-open temporary file (%s), %s unchanged."
+msgstr "Erneutes Öffnen der temporären Datei (%s) gescheitert, %s ist unverändert."
+
+#: plugins/sudoers/visudo.c:601
+#, c-format
+msgid "unabled to parse temporary file (%s), unknown error"
+msgstr "Analyse der temporären Datei (%s) gescheitert, unbekannter Fehler"
+
+#: plugins/sudoers/visudo.c:639
+#, c-format
+msgid "internal error, unable to find %s in list!"
+msgstr "Interner Fehler, %s in der Liste nicht gefunden!"
+
+#: plugins/sudoers/visudo.c:719 plugins/sudoers/visudo.c:728
+#, c-format
+msgid "unable to set (uid, gid) of %s to (%u, %u)"
+msgstr "Festlegen von (uid, gid) von %s auf (%u, %u) gescheitert"
+
+#: plugins/sudoers/visudo.c:751
+#, c-format
+msgid "%s and %s not on the same file system, using mv to rename"
+msgstr "%s und %s befinden sich nicht im gleichen Dateisystem, werden mit mv umbenannt"
+
+#: plugins/sudoers/visudo.c:765
+#, c-format
+msgid "command failed: '%s %s %s', %s unchanged"
+msgstr "Befehl gescheitert: »%s %s %s«, %s unverändert"
+
+#: plugins/sudoers/visudo.c:775
+#, c-format
+msgid "error renaming %s, %s unchanged"
+msgstr "Fehler beim Umbenennen von %s, %s unverändert"
+
+#: plugins/sudoers/visudo.c:796
+msgid "What now? "
+msgstr "Was jetzt? "
+
+#: plugins/sudoers/visudo.c:810
+msgid ""
+"Options are:\n"
+"  (e)dit sudoers file again\n"
+"  e(x)it without saving changes to sudoers file\n"
+"  (Q)uit and save changes to sudoers file (DANGER!)\n"
+msgstr ""
+"Optionen sind:\n"
+"  sudoers-Datei (e)rneut bearbeiten\n"
+"  Beenden, ohne die Änderungen an der sudoers-Datei zu speichern (mit x)\n"
+"  Beenden und Änderungen an der sudoers-Datei speichern (mit Q, VORSICHT!)\n"
+
+#: plugins/sudoers/visudo.c:856
+#, c-format
+msgid "unable to run %s"
+msgstr "%s konnte nicht ausgeführt werden"
+
+#: plugins/sudoers/visudo.c:886
+#, c-format
+msgid "%s: wrong owner (uid, gid) should be (%u, %u)\n"
+msgstr "%s: Falsche Besitzer-(uid, gid), sollte (%u, %u) sein\n"
+
+#: plugins/sudoers/visudo.c:893
+#, c-format
+msgid "%s: bad permissions, should be mode 0%o\n"
+msgstr "%s: Falsche Zugriffsrechte, sollte Modus 0%o sein\n"
+
+#: plugins/sudoers/visudo.c:950 plugins/sudoers/visudo.c:957
+#, c-format
+msgid "%s: parsed OK\n"
+msgstr "%s: Analyse OK\n"
+
+#: plugins/sudoers/visudo.c:976
+#, c-format
+msgid "%s busy, try again later"
+msgstr "%s ist in Verwendung, versuchen Sie es später erneut"
+
+#: plugins/sudoers/visudo.c:979
+#, c-format
+msgid "unable to lock %s"
+msgstr "Die Datei »%s« kann nicht gesperrt werden"
+
+# XXX
+#: plugins/sudoers/visudo.c:980
+msgid "Edit anyway? [y/N]"
+msgstr "Trotzdem ändern? [y/N]"
+
+#: plugins/sudoers/visudo.c:1064
+#, c-format
+msgid "Error: %s:%d cycle in %s \"%s\""
+msgstr "Fehler: %s:%d Zyklus in %s »%s«"
+
+#: plugins/sudoers/visudo.c:1065
+#, c-format
+msgid "Warning: %s:%d cycle in %s \"%s\""
+msgstr "Warnung: %s:%d Zyklus in %s »%s«"
+
+#: plugins/sudoers/visudo.c:1069
+#, c-format
+msgid "Error: %s:%d %s \"%s\" referenced but not defined"
+msgstr "Fehler: %s:%d %s »%s« wird verwendet, ist aber nicht definiert"
+
+#: plugins/sudoers/visudo.c:1070
+#, c-format
+msgid "Warning: %s:%d %s \"%s\" referenced but not defined"
+msgstr "Warnung: %s:%d %s »%s« wird verwendet, ist aber nicht definiert"
+
+#: plugins/sudoers/visudo.c:1161
+#, c-format
+msgid "Warning: %s:%d unused %s \"%s\""
+msgstr "Warnung: %s:%d nicht verwendet: %s »%s«"
+
+#: plugins/sudoers/visudo.c:1276
+#, c-format
+msgid ""
+"%s - safely edit the sudoers file\n"
+"\n"
+msgstr ""
+"%s – Die sudoers-Datei sicher bearbeiten\n"
+"\n"
+
+#: plugins/sudoers/visudo.c:1278
+msgid ""
+"\n"
+"Options:\n"
+"  -c, --check              check-only mode\n"
+"  -f, --file=sudoers       specify sudoers file location\n"
+"  -h, --help               display help message and exit\n"
+"  -q, --quiet              less verbose (quiet) syntax error messages\n"
+"  -s, --strict             strict syntax checking\n"
+"  -V, --version            display version information and exit\n"
+msgstr ""
+"\n"
+"Optionen:\n"
+"  -c, --check                 nur den Prüf-Modus verwenden\n"
+"  -f, --file=sudoers          gibt den Namen der sudoers Datei an\n"
+"  -h, --help                  diese Hilfe anzeigen und beenden\n"
+"  -q, --quiet                 weniger ausführliche Syntaxfehler-Meldungen\n"
+"  -s, --strict                strikte Syntax-Prüfung\n"
+"  -V, --version               Versionsinformation anzeigen und beenden\n"
+
+#: toke.l:939
+msgid "too many levels of includes"
+msgstr "Zu viele geschachtelte include-Einträge"
diff --git a/plugins/sudoers/po/el.mo b/plugins/sudoers/po/el.mo
new file mode 100644
index 0000000..aad70c3
--- /dev/null
+++ b/plugins/sudoers/po/el.mo
diff --git a/plugins/sudoers/po/el.po b/plugins/sudoers/po/el.po
new file mode 100644
index 0000000..781bb8e
--- /dev/null
+++ b/plugins/sudoers/po/el.po
@@ -0,0 +1,1718 @@
+# Translation of sudoers to Greek
+# Todd C. Miller &lt;Todd.Miller@courtesan.com&gt;, 2011-2013
+# This file is distributed under the same license as the sudo package.
+# Dimitris Spingos (Δημήτρης Σπίγγος) <dmtrs32@gmail.com>, 2014.
+msgid ""
+msgstr ""
+"Project-Id-Version: sudoers-1.8.10b3\n"
+"Report-Msgid-Bugs-To: http://www.sudo.ws/bugs\n"
+"POT-Creation-Date: 2014-02-07 15:13-0700\n"
+"PO-Revision-Date: 2014-06-04 08:01+0300\n"
+"Last-Translator: Dimitris Spingos (Δημήτρης Σπίγγος) <dmtrs32@gmail.com>\n"
+"Language-Team: Greek <team@lists.gnome.gr>\n"
+"Language: el\n"
+"X-Bugs: Report translation errors to the Language-Team address.\n"
+"MIME-Version: 1.0\n"
+"Content-Type: text/plain; charset=UTF-8\n"
+"Content-Transfer-Encoding: 8bit\n"
+"Plural-Forms: nplurals=2; plural=(n != 1);\n"
+"X-Generator: Virtaal 0.7.0\n"
+
+#: confstr.sh:2
+msgid "Password:"
+msgstr "Κωδικός πρόσβασης:"
+
+#: confstr.sh:3
+msgid "*** SECURITY information for %h ***"
+msgstr "*** Πληροφορίες ΑΣΦΑΛΕΙΑΣ για το %h ***"
+
+#: confstr.sh:4
+msgid "Sorry, try again."
+msgstr "Συγνώμη, δοκιμάστε ξανά."
+
+#: plugins/sudoers/alias.c:136
+#, c-format
+msgid "Alias `%s' already defined"
+msgstr "Έχει ήδη οριστεί το ψευδώνυμο `%s'"
+
+#: plugins/sudoers/auth/bsdauth.c:75
+#, c-format
+msgid "unable to get login class for user %s"
+msgstr "αδύνατη η λήψη κλάσης σύνδεσης για τον χρήστη %s"
+
+#: plugins/sudoers/auth/bsdauth.c:81
+msgid "unable to begin bsd authentication"
+msgstr "αδύνατη η έναρξη της πιστοποίησης bsd"
+
+#: plugins/sudoers/auth/bsdauth.c:89
+msgid "invalid authentication type"
+msgstr "άκυρος τύπος πιστοποίησης"
+
+#: plugins/sudoers/auth/bsdauth.c:98
+msgid "unable to initialize BSD authentication"
+msgstr "αδύνατη η αρχικοποίηση της πιστοποίησης BSD"
+
+#: plugins/sudoers/auth/fwtk.c:59
+msgid "unable to read fwtk config"
+msgstr "αδύνατη η ανάγνωση του fwtk config"
+
+#: plugins/sudoers/auth/fwtk.c:64
+msgid "unable to connect to authentication server"
+msgstr "αδύνατη η σύνδεση με τον εξυπηρετητή πιστοποίησης"
+
+#: plugins/sudoers/auth/fwtk.c:70 plugins/sudoers/auth/fwtk.c:94
+#: plugins/sudoers/auth/fwtk.c:127
+msgid "lost connection to authentication server"
+msgstr "απώλεια σύνδεσης με τον εξυπηρετητή πιστοποίησης"
+
+#: plugins/sudoers/auth/fwtk.c:74
+#, c-format
+msgid ""
+"authentication server error:\n"
+"%s"
+msgstr ""
+"σφάλμα εξυπηρετητή πιστοποίησης:\n"
+"%s"
+
+#: plugins/sudoers/auth/kerb5.c:116
+#, c-format
+msgid "%s: unable to convert principal to string ('%s'): %s"
+msgstr "%s: αδύνατη η μετατροπή της αρχής ασφάλειας σε συμβολοσειρά ('%s'): %s"
+
+#: plugins/sudoers/auth/kerb5.c:159
+#, c-format
+msgid "%s: unable to parse '%s': %s"
+msgstr "%s: αδύνατη η ανάλυση του '%s': %s"
+
+#: plugins/sudoers/auth/kerb5.c:169
+#, c-format
+msgid "%s: unable to resolve credential cache: %s"
+msgstr "%s: αδύνατη η επίλυση κρυφής μνήμης διαπιστευτήριων: %s"
+
+#: plugins/sudoers/auth/kerb5.c:217
+#, c-format
+msgid "%s: unable to allocate options: %s"
+msgstr "%s: αδύνατη η κατανομή επιλογών: %s"
+
+#: plugins/sudoers/auth/kerb5.c:233
+#, c-format
+msgid "%s: unable to get credentials: %s"
+msgstr "%s: αδύνατη η λήψη διαπιστευτηρίων: %s"
+
+#: plugins/sudoers/auth/kerb5.c:246
+#, c-format
+msgid "%s: unable to initialize credential cache: %s"
+msgstr "%s: αδύνατη η αρχικοποίηση κρυφής μνήμης διαπιστευτηρίων: %s"
+
+#: plugins/sudoers/auth/kerb5.c:250
+#, c-format
+msgid "%s: unable to store credential in cache: %s"
+msgstr "%s: αδύνατη η αποθήκευση διαπιστευτηρίων στην κρυφή μνήμη: %s"
+
+#: plugins/sudoers/auth/kerb5.c:315
+#, c-format
+msgid "%s: unable to get host principal: %s"
+msgstr "%s: αδύνατη η λήψη αρχής ασφάλειας του οικοδεσπότη: %s"
+
+#: plugins/sudoers/auth/kerb5.c:330
+#, c-format
+msgid "%s: Cannot verify TGT! Possible attack!: %s"
+msgstr "%s: Αδύνατη η επιβεβαίωση TGT! Πιθανή επίθεση!: %s"
+
+#: plugins/sudoers/auth/pam.c:98
+msgid "unable to initialize PAM"
+msgstr "αδύνατη η αρχικοποίηση του PAM"
+
+#: plugins/sudoers/auth/pam.c:149
+msgid "account validation failure, is your account locked?"
+msgstr "αποτυχία επικύρωσης λογαριασμού, είναι κλειδωμένος ο λογαριασμός σας;"
+
+#: plugins/sudoers/auth/pam.c:153
+msgid "Account or password is expired, reset your password and try again"
+msgstr "Ο λογαριασμός ή ο κωδικός πρόσβασης έχει λήξει, επαναφέρτε τον κωδικό πρόσβασής σας και ξαναδοκιμάστε"
+
+#: plugins/sudoers/auth/pam.c:161
+#, c-format
+msgid "unable to change expired password: %s"
+msgstr "αδύνατη η αλλαγή του ληγμένου κωδικού πρόσβασης: %s"
+
+#: plugins/sudoers/auth/pam.c:166
+msgid "Password expired, contact your system administrator"
+msgstr "Ο κωδικός πρόσβασης έχει λήξει, επικοινωνήστε με τον διαχειριστή του συστήματος"
+
+#: plugins/sudoers/auth/pam.c:170
+msgid "Account expired or PAM config lacks an \"account\" section for sudo, contact your system administrator"
+msgstr "Ο λογαριασμός έχει λήξει ή το PAM config στερείται μιας ενότητας \"λογαριασμού\" για sudo, επικοινωνήστε με τον διαχειριστή του συστήματός σας"
+
+#: plugins/sudoers/auth/pam.c:187
+#, c-format
+msgid "PAM authentication error: %s"
+msgstr "Σφάλμα πιστοποίησης PAM: %s"
+
+#: plugins/sudoers/auth/rfc1938.c:103 plugins/sudoers/visudo.c:222
+#, c-format
+msgid "you do not exist in the %s database"
+msgstr "δεν υπάρχετε στη βάση δεδομένων %s"
+
+#: plugins/sudoers/auth/securid5.c:80
+msgid "failed to initialise the ACE API library"
+msgstr "αποτυχία αρχικοποίησης της βιβλιοθήκης ACE API"
+
+#: plugins/sudoers/auth/securid5.c:106
+msgid "unable to contact the SecurID server"
+msgstr "αδύνατη η επικοινωνία με τον εξυπηρετητή SecurID"
+
+#: plugins/sudoers/auth/securid5.c:115
+msgid "User ID locked for SecurID Authentication"
+msgstr "Το αναγνωριστικό του χρήστη για πιστοποίηση SecurID είναι κλειδωμένο"
+
+#: plugins/sudoers/auth/securid5.c:119 plugins/sudoers/auth/securid5.c:170
+msgid "invalid username length for SecurID"
+msgstr "άκυρο μήκος ονόματος χρήστη για SecurID"
+
+#: plugins/sudoers/auth/securid5.c:123 plugins/sudoers/auth/securid5.c:175
+msgid "invalid Authentication Handle for SecurID"
+msgstr "άκυρη διαχείριση πιστοποίησης για SecurID"
+
+#: plugins/sudoers/auth/securid5.c:127
+msgid "SecurID communication failed"
+msgstr "αποτυχία επικοινωνίας SecurID"
+
+#: plugins/sudoers/auth/securid5.c:131 plugins/sudoers/auth/securid5.c:214
+msgid "unknown SecurID error"
+msgstr "άγνωστο σφάλμα SecurID"
+
+#: plugins/sudoers/auth/securid5.c:165
+msgid "invalid passcode length for SecurID"
+msgstr "άκυρο μήκος κωδικού περάσματος για το SecurID"
+
+#: plugins/sudoers/auth/sia.c:108
+msgid "unable to initialize SIA session"
+msgstr "αδύνατη η αρχικοποίηση της συνεδρίας SIA"
+
+#: plugins/sudoers/auth/sudo_auth.c:119
+msgid "invalid authentication methods"
+msgstr "άκυρες μέθοδοι πιστοποίησης"
+
+#: plugins/sudoers/auth/sudo_auth.c:120
+msgid "Invalid authentication methods compiled into sudo!  You may not mix standalone and non-standalone authentication."
+msgstr "Άκυρες μεταγλωττισμένες μέθοδοι πιστοποίησης στο sudo! Δεν μπορείτε να αναμίξετε αυτόνομη και μη αυτόνομη πιστοποίηση."
+
+#: plugins/sudoers/auth/sudo_auth.c:203
+msgid "no authentication methods"
+msgstr "δεν υπάρχουν μέθοδοι πιστοποίησης"
+
+#: plugins/sudoers/auth/sudo_auth.c:205
+msgid "There are no authentication methods compiled into sudo!  If you want to turn off authentication, use the --disable-authentication configure option."
+msgstr "Δεν υπάρχουν μεταγλωττισμένες μέθοδοι πιστοποίησης στο sudo! Αν θέλετε να απενεργοποιήσετε την πιστοποίηση, χρησιμοποιήστε την επιλογή ρύθμισης --disable-authentication."
+
+#: plugins/sudoers/auth/sudo_auth.c:389
+msgid "Authentication methods:"
+msgstr "Μέθοδοι πιστοποίησης:"
+
+#: plugins/sudoers/bsm_audit.c:91 plugins/sudoers/bsm_audit.c:158
+msgid "Could not determine audit condition"
+msgstr "Αδυναμία εντοπισμού συνθήκης ελέγχου"
+
+#: plugins/sudoers/bsm_audit.c:134 plugins/sudoers/bsm_audit.c:199
+msgid "unable to commit audit record"
+msgstr "αδύνατη η υποβολή εγγραφής ελέγχου"
+
+#: plugins/sudoers/check.c:189
+msgid ""
+"\n"
+"We trust you have received the usual lecture from the local System\n"
+"Administrator. It usually boils down to these three things:\n"
+"\n"
+"    #1) Respect the privacy of others.\n"
+"    #2) Think before you type.\n"
+"    #3) With great power comes great responsibility.\n"
+"\n"
+msgstr ""
+"\n"
+"Εμπιστευόμαστε ότι έχετε δεχτεί τις συνηθισμένες οδηγίες από τον\n"
+"διαχειριστή του τοπικού συστήματος. Συνήθως συμπυκνώνεται σε τρία πράγματα:\n"
+"\n"
+"    #1) Σεβασμός της ιδιωτικότητας των άλλων.\n"
+"    #2) Σκεφτείτε πριν πληκτρολογήσετε.\n"
+"    #3) Η μεγάλη ισχύς συνυπάρχει με τη μεγάλη ευθύνη.\n"
+"\n"
+
+#: plugins/sudoers/check.c:232 plugins/sudoers/check.c:238
+#: plugins/sudoers/sudoers.c:562 plugins/sudoers/sudoers.c:588
+#, c-format
+msgid "unknown uid: %u"
+msgstr "άγνωστο uid: %u"
+
+#: plugins/sudoers/check.c:235 plugins/sudoers/policy.c:657
+#: plugins/sudoers/sudoers.c:850 plugins/sudoers/testsudoers.c:211
+#: plugins/sudoers/testsudoers.c:363
+#, c-format
+msgid "unknown user: %s"
+msgstr "άγνωστος χρήστης: %s"
+
+#: plugins/sudoers/def_data.c:27
+#, c-format
+msgid "Syslog facility if syslog is being used for logging: %s"
+msgstr "Ευκολία Syslog αν το syslog χρησιμοποιείται για καταγραφή: %s"
+
+#: plugins/sudoers/def_data.c:31
+#, c-format
+msgid "Syslog priority to use when user authenticates successfully: %s"
+msgstr "Προτεραιότητα χρήσης Syslog, όταν ο χρήστης πιστοποιείται επιτυχώς: %s"
+
+#: plugins/sudoers/def_data.c:35
+#, c-format
+msgid "Syslog priority to use when user authenticates unsuccessfully: %s"
+msgstr "Προτεραιότητα χρήσης Syslog, όταν ο χρήστης πιστοποιείται ανεπιτυχώς: %s"
+
+#: plugins/sudoers/def_data.c:39
+msgid "Put OTP prompt on its own line"
+msgstr "Τοποθέτηση της προτροπής OTP στη δική της γραμμή"
+
+#: plugins/sudoers/def_data.c:43
+msgid "Ignore '.' in $PATH"
+msgstr "Παράβλεψη '.' στο $PATH"
+
+#: plugins/sudoers/def_data.c:47
+msgid "Always send mail when sudo is run"
+msgstr "Να στέλνετε πάντα μήνυμα όταν εκτελείται το sudo"
+
+#: plugins/sudoers/def_data.c:51
+msgid "Send mail if user authentication fails"
+msgstr "Να στέλνετε μήνυμα αν η πιστοποίηση χρήστη αποτύχει"
+
+#: plugins/sudoers/def_data.c:55
+msgid "Send mail if the user is not in sudoers"
+msgstr "Να στέλνετε μήνυμα αν ο χρήστης δεν είναι στους χρήστες sudo"
+
+#: plugins/sudoers/def_data.c:59
+msgid "Send mail if the user is not in sudoers for this host"
+msgstr "Να στέλνετε μήνυμα αν ο χρήστης δεν είναι στους χρήστες sudo για αυτόν τον οικοδεσπότη"
+
+#: plugins/sudoers/def_data.c:63
+msgid "Send mail if the user is not allowed to run a command"
+msgstr "Να στέλνετε μήνυμα αν ο χρήστης δεν επιτρέπεται να εκτελέσει μια εντολή"
+
+#: plugins/sudoers/def_data.c:67
+msgid "Use a separate timestamp for each user/tty combo"
+msgstr "Να χρησιμοποιείται ξεχωριστή χρονική σήμανση για κάθε χρήστη/σύνθετο tty"
+
+#: plugins/sudoers/def_data.c:71
+msgid "Lecture user the first time they run sudo"
+msgstr "Να δίνονται οδηγίες στον χρήστη την πρώτη φορά που εκτελεί sudo"
+
+#: plugins/sudoers/def_data.c:75
+#, c-format
+msgid "File containing the sudo lecture: %s"
+msgstr "Το αρχείο που περιέχει τις οδηγίες sudo: %s"
+
+#: plugins/sudoers/def_data.c:79
+msgid "Require users to authenticate by default"
+msgstr "Να απαιτείται από τους χρήστες να πιστοποιούνται από προεπιλογή"
+
+#: plugins/sudoers/def_data.c:83
+msgid "Root may run sudo"
+msgstr "Ο υπερχρήστης μπορεί να εκτελεί sudo"
+
+#: plugins/sudoers/def_data.c:87
+msgid "Log the hostname in the (non-syslog) log file"
+msgstr "Καταγραφή του ονόματος οικοδεσπότη στο αρχείο καταγραφής (non-syslog)"
+
+#: plugins/sudoers/def_data.c:91
+msgid "Log the year in the (non-syslog) log file"
+msgstr "Καταγραφή του έτους στο αρχείο καταγραφής (non-syslog)"
+
+#: plugins/sudoers/def_data.c:95
+msgid "If sudo is invoked with no arguments, start a shell"
+msgstr "Αν το sudo κλήθηκε χωρίς ορίσματα, να αρχίσει ένα κέλυφος"
+
+#: plugins/sudoers/def_data.c:99
+msgid "Set $HOME to the target user when starting a shell with -s"
+msgstr "Ορίστε το $HOME του προοριζόμενου χρήστη όταν ξεκινάτε ένα κέλυφος με -s"
+
+#: plugins/sudoers/def_data.c:103
+msgid "Always set $HOME to the target user's home directory"
+msgstr "Να ορίζεται πάντα το $HOME στον προσωπικό κατάλογο του προοριζόμενου χρήστη"
+
+#: plugins/sudoers/def_data.c:107
+msgid "Allow some information gathering to give useful error messages"
+msgstr "Να επιτρέπεται η συγκέντρωση κάποιων πληροφοριών για να δίνονται χρήσιμα μηνύματα σφαλμάτων"
+
+#: plugins/sudoers/def_data.c:111
+msgid "Require fully-qualified hostnames in the sudoers file"
+msgstr "Να απαιτούνται πλήρως χαρακτηρισμένα ονόματα οικοδεσπότη στο αρχείο χρηστών sudo"
+
+#: plugins/sudoers/def_data.c:115
+msgid "Insult the user when they enter an incorrect password"
+msgstr "Να ειδοποιείται ο χρήστης όταν εισάγει έναν εσφαλμένο κωδικό πρόσβασης"
+
+#: plugins/sudoers/def_data.c:119
+msgid "Only allow the user to run sudo if they have a tty"
+msgstr "Να επιτρέπεται στον χρήστη να εκτελεί sudo μόνο αν έχει ένα tty"
+
+#: plugins/sudoers/def_data.c:123
+msgid "Visudo will honor the EDITOR environment variable"
+msgstr "Το Visudo θα σεβαστεί τη μεταβλητή περιβάλλοντος του EDITOR"
+
+#: plugins/sudoers/def_data.c:127
+msgid "Prompt for root's password, not the users's"
+msgstr "Να ζητιέται ο κωδικός πρόσβασης του υπερχρήστη, όχι του χρήστη"
+
+#: plugins/sudoers/def_data.c:131
+msgid "Prompt for the runas_default user's password, not the users's"
+msgstr "Να ζητιέται ο κωδικός πρόσβασης των χρηστών runas_default, όχι των χρηστών"
+
+#: plugins/sudoers/def_data.c:135
+msgid "Prompt for the target user's password, not the users's"
+msgstr "Να ζητιέται ο κωδικός πρόσβασης του προοριζόμενου χρήστη, όχι των χρηστών"
+
+#: plugins/sudoers/def_data.c:139
+msgid "Apply defaults in the target user's login class if there is one"
+msgstr "Να εφαρμόζονται οι προεπιλογές στην κλάση σύνδεσης του προοριζόμενου χρήστη αν υπάρχει κάποιες"
+
+#: plugins/sudoers/def_data.c:143
+msgid "Set the LOGNAME and USER environment variables"
+msgstr "Να ορίζονται οι μεταβλητές περιβάλλοντος LOGNAME και USER"
+
+#: plugins/sudoers/def_data.c:147
+msgid "Only set the effective uid to the target user, not the real uid"
+msgstr "Να ορίζεται μόνο το ενεργό uid του προοριζόμενου χρήστη, όχι το πραγματικό uid"
+
+#: plugins/sudoers/def_data.c:151
+msgid "Don't initialize the group vector to that of the target user"
+msgstr "Να μην αρχικοποιείται το διάνυσμα ομάδας σε αυτό του προοριζόμενου χρήστη"
+
+#: plugins/sudoers/def_data.c:155
+#, c-format
+msgid "Length at which to wrap log file lines (0 for no wrap): %u"
+msgstr "Το μήκος στο οποίο θα αναδιπλώνονται οι γραμμές του αρχείου καταγραφής (0 για χωρίς αναδίπλωση): %u"
+
+#: plugins/sudoers/def_data.c:159
+#, c-format
+msgid "Authentication timestamp timeout: %.1f minutes"
+msgstr "Όριο χρόνου χρονικής σήμανσης πιστοποίησης: %.1f λεπτά"
+
+#: plugins/sudoers/def_data.c:163
+#, c-format
+msgid "Password prompt timeout: %.1f minutes"
+msgstr "Όριο χρόνου προτροπής κωδικού πρόσβασης: %.1f λεπτά"
+
+#: plugins/sudoers/def_data.c:167
+#, c-format
+msgid "Number of tries to enter a password: %u"
+msgstr "Αριθμός προσπαθειών για να εισάγετε έναν κωδικό πρόσβασης: %u"
+
+#: plugins/sudoers/def_data.c:171
+#, c-format
+msgid "Umask to use or 0777 to use user's: 0%o"
+msgstr "Χρησιμοποιήστε umask ή 0777 για να χρησιμοποιήσετε του χρήστη: 0%o"
+
+#: plugins/sudoers/def_data.c:175
+#, c-format
+msgid "Path to log file: %s"
+msgstr "Διαδρομή για το αρχείο καταγραφής: %s"
+
+#: plugins/sudoers/def_data.c:179
+#, c-format
+msgid "Path to mail program: %s"
+msgstr "Διαδρομή για το πρόγραμμα αλληλογραφίας: %s"
+
+#: plugins/sudoers/def_data.c:183
+#, c-format
+msgid "Flags for mail program: %s"
+msgstr "Σημαίες για το πρόγραμμα αλληλογραφίας: %s"
+
+#: plugins/sudoers/def_data.c:187
+#, c-format
+msgid "Address to send mail to: %s"
+msgstr "Διεύθυνση αποστολής αλληλογραφίας προς: %s"
+
+#: plugins/sudoers/def_data.c:191
+#, c-format
+msgid "Address to send mail from: %s"
+msgstr "Διεύθυνση λήψης αλληλογραφίας από: %s"
+
+#: plugins/sudoers/def_data.c:195
+#, c-format
+msgid "Subject line for mail messages: %s"
+msgstr "Γραμμή θέματος για μηνύματα αλληλογραφίας: %s"
+
+#: plugins/sudoers/def_data.c:199
+#, c-format
+msgid "Incorrect password message: %s"
+msgstr "Εσφαλμένο μήνυμα κωδικού πρόσβασης: %s"
+
+#: plugins/sudoers/def_data.c:203
+#, c-format
+msgid "Path to lecture status dir: %s"
+msgstr "Διαδρομή για τον κατάλογο κατάστασης οδηγιών: %s"
+
+#: plugins/sudoers/def_data.c:207
+#, c-format
+msgid "Path to authentication timestamp dir: %s"
+msgstr "Διαδρομή για τον κατάλογο χρονικής σήμανσης πιστοποίησης: %s"
+
+#: plugins/sudoers/def_data.c:211
+#, c-format
+msgid "Owner of the authentication timestamp dir: %s"
+msgstr "Κάτοχος καταλόγου χρονικής σήμανσης πιστοποίησης: %s"
+
+#: plugins/sudoers/def_data.c:215
+#, c-format
+msgid "Users in this group are exempt from password and PATH requirements: %s"
+msgstr "Οι χρήστες αυτής της ομάδας εξαιρούνται από τον κωδικό πρόσβασης και της απαιτήσεις PATH: %s"
+
+#: plugins/sudoers/def_data.c:219
+#, c-format
+msgid "Default password prompt: %s"
+msgstr "Προτροπή προεπιλεγμένου κωδικού πρόσβασης: %s"
+
+#: plugins/sudoers/def_data.c:223
+msgid "If set, passprompt will override system prompt in all cases."
+msgstr "Αν οριστεί, η προτροπή περάσματος θα αντικαταστήσει την προτροπή συστήματος σε όλες τις περιπτώσεις."
+
+#: plugins/sudoers/def_data.c:227
+#, c-format
+msgid "Default user to run commands as: %s"
+msgstr "Προεπιλεγμένος χρήστης για να εκτελεί εντολές ως: %s"
+
+#: plugins/sudoers/def_data.c:231
+#, c-format
+msgid "Value to override user's $PATH with: %s"
+msgstr "Τιμή που θα αντικαθιστά τη $PATH χρήστη με: %s"
+
+#: plugins/sudoers/def_data.c:235
+#, c-format
+msgid "Path to the editor for use by visudo: %s"
+msgstr "Διαδρομή για τον επεξεργαστή για χρήση από το visudo: %s"
+
+#: plugins/sudoers/def_data.c:239
+#, c-format
+msgid "When to require a password for 'list' pseudocommand: %s"
+msgstr "Πότε θα απαιτείται κωδικός πρόσβασης για τον 'κατάλογο' ψευδοεντολών: %s"
+
+#: plugins/sudoers/def_data.c:243
+#, c-format
+msgid "When to require a password for 'verify' pseudocommand: %s"
+msgstr "Πότε θα απαιτείται κωδικός πρόσβασης για 'επιβεβαίωση' ψευδοεντολής: %s"
+
+#: plugins/sudoers/def_data.c:247
+msgid "Preload the dummy exec functions contained in the sudo_noexec library"
+msgstr "Να προφορτώνονται οι εικονικές συναρτήσεις εκτέλεσης στη βιβλιοθήκη sudo_noexec"
+
+#: plugins/sudoers/def_data.c:251
+msgid "If LDAP directory is up, do we ignore local sudoers file"
+msgstr "Αν ο κατάλογος LDAP είναι ανεβασμένος, παραβλέπουμε το τοπικό αρχείο χρηστών sudo."
+
+#: plugins/sudoers/def_data.c:255
+#, fuzzy, c-format
+msgid "File descriptors >= %d will be closed before executing a command"
+msgstr "Οι περιγραφείς αρχείων &gt;= %d να είναι κλειστοί πριν την εκτέλεση μιας εντολής"
+
+#: plugins/sudoers/def_data.c:259
+msgid "If set, users may override the value of `closefrom' with the -C option"
+msgstr "Αν οριστεί, οι χρήστες μπορούν να αντικαθιστούν την τιμή του `closefrom' με την επιλογή -C"
+
+#: plugins/sudoers/def_data.c:263
+msgid "Allow users to set arbitrary environment variables"
+msgstr "Να επιτρέπεται στους χρήστες να ορίζουν ελεύθερες μεταβλητές περιβάλλοντος"
+
+#: plugins/sudoers/def_data.c:267
+msgid "Reset the environment to a default set of variables"
+msgstr "Να επαναρρυθμίζεται το περιβάλλον σε ένα προεπιλεγμένο σύνολο μεταβλητών"
+
+#: plugins/sudoers/def_data.c:271
+msgid "Environment variables to check for sanity:"
+msgstr "Οι μεταβλητές περιβάλλοντος που θα ελέγχονται για ακεραιότητα:"
+
+#: plugins/sudoers/def_data.c:275
+msgid "Environment variables to remove:"
+msgstr "Οι μεταβλητές περιβάλλοντος προς αφαίρεση:"
+
+#: plugins/sudoers/def_data.c:279
+msgid "Environment variables to preserve:"
+msgstr "Οι μεταβλητές περιβάλλοντος για διατήρηση:"
+
+#: plugins/sudoers/def_data.c:283
+#, c-format
+msgid "SELinux role to use in the new security context: %s"
+msgstr "Ο ρόλος του SELinux που θα χρησιμοποιηθεί στο νέο περιεχόμενο ασφάλειας: %s"
+
+#: plugins/sudoers/def_data.c:287
+#, c-format
+msgid "SELinux type to use in the new security context: %s"
+msgstr "Ο τύπος SELinux που θα χρησιμοποιηθεί στο νέο περιεχόμενο ασφάλειας: %s"
+
+#: plugins/sudoers/def_data.c:291
+#, c-format
+msgid "Path to the sudo-specific environment file: %s"
+msgstr "Η διαδρομή προς το αρχείο περιβάλλοντος που είναι ειδικό για sudo: %s"
+
+#: plugins/sudoers/def_data.c:295
+#, c-format
+msgid "Locale to use while parsing sudoers: %s"
+msgstr "Οι τοπικές ρυθμίσεις που θα χρησιμοποιηθούν κατά την ανάλυση των χρηστών sudo: %s"
+
+#: plugins/sudoers/def_data.c:299
+msgid "Allow sudo to prompt for a password even if it would be visible"
+msgstr "Να επιτρέπεται στο sudo να ζητά κωδικό πρόσβασης ακόμα κι αν θα είναι ορατό"
+
+#: plugins/sudoers/def_data.c:303
+msgid "Provide visual feedback at the password prompt when there is user input"
+msgstr "Να παρέχεται οπτική ανάδραση στην προτροπή κωδικού πρόσβασης όταν υπάρχει είσοδος χρήστη"
+
+#: plugins/sudoers/def_data.c:307
+msgid "Use faster globbing that is less accurate but does not access the filesystem"
+msgstr "Να χρησιμοποιείται γρηγορότερη επέκταση (globbing) που είναι λιγότερο ακριβές, αλλά δεν έχει πρόσβαση στο σύστημα αρχείων"
+
+#: plugins/sudoers/def_data.c:311
+msgid "The umask specified in sudoers will override the user's, even if it is more permissive"
+msgstr "Η umask που ορίστηκε στους χρήστες sudo θα αντικαταστήσει αυτή του χρήστη, ακόμα κι αν δίνει περισσότερα δικαιώματα."
+
+#: plugins/sudoers/def_data.c:315
+msgid "Log user's input for the command being run"
+msgstr "Να καταγράφεται η είσοδος χρήστη για την εκτελούμενη εντολή"
+
+#: plugins/sudoers/def_data.c:319
+msgid "Log the output of the command being run"
+msgstr "Να καταγράφεται η έξοδος της εκτελούμενης εντολής"
+
+#: plugins/sudoers/def_data.c:323
+msgid "Compress I/O logs using zlib"
+msgstr "Συμπίεση καταγραφών εισόδου/εξόδου χρησιμοποιώντας το zlib"
+
+#: plugins/sudoers/def_data.c:327
+msgid "Always run commands in a pseudo-tty"
+msgstr "Να εκτελούνται πάντα εντολές σε ψευδο-tty"
+
+#: plugins/sudoers/def_data.c:331
+#, c-format
+msgid "Plugin for non-Unix group support: %s"
+msgstr "Πρόσθετο για υποστήριξη ομάδας μη Γιούνιξ: %s"
+
+#: plugins/sudoers/def_data.c:335
+#, c-format
+msgid "Directory in which to store input/output logs: %s"
+msgstr "Κατάλογος στον οποίο αποθηκεύονται οι καταγραφές εισόδου/εξόδου: %s"
+
+#: plugins/sudoers/def_data.c:339
+#, c-format
+msgid "File in which to store the input/output log: %s"
+msgstr "Αρχείο στο οποίο θα αποθηκεύεται η καταγραφή εισόδου/εξόδου: %s"
+
+#: plugins/sudoers/def_data.c:343
+msgid "Add an entry to the utmp/utmpx file when allocating a pty"
+msgstr "Να προστίθεται μια καταχώριση στο αρχείο utmp/utmpx κατά την εκχώρηση ενός pty"
+
+#: plugins/sudoers/def_data.c:347
+msgid "Set the user in utmp to the runas user, not the invoking user"
+msgstr "Να ορίζεται ο χρήστης στο utmp στον χρήστη runas, να μην καλείται ο χρήστης"
+
+#: plugins/sudoers/def_data.c:351
+msgid "Set of permitted privileges"
+msgstr "Να ορίζονται τα επιτρεπόμενα δικαιώματα"
+
+#: plugins/sudoers/def_data.c:355
+msgid "Set of limit privileges"
+msgstr "Να ορίζονται τα δικαιώματα ορίου"
+
+#: plugins/sudoers/def_data.c:359
+msgid "Run commands on a pty in the background"
+msgstr "Να εκτελούνται εντολές σε ένα pty στο παρασκήνιο"
+
+#: plugins/sudoers/def_data.c:363
+msgid "PAM service name to use"
+msgstr "Το όνομα υπηρεσίας PAM που θα χρησιμοποιηθεί"
+
+#: plugins/sudoers/def_data.c:367
+msgid "PAM service name to use for login shells"
+msgstr "Το όνομα υπηρεσίας PAM που θα χρησιμοποιηθεί για κελύφη σύνδεσης"
+
+#: plugins/sudoers/def_data.c:371
+msgid "Attempt to establish PAM credentials for the target user"
+msgstr "Να γίνεται προσπάθεια δημιουργίας διαπιστευτηρίων για τον προοριζόμενο χρήστη"
+
+#: plugins/sudoers/def_data.c:375
+msgid "Create a new PAM session for the command to run in"
+msgstr "Να δημιουργείται μια νέα συνεδρία PAM για την εκτελούμενη εντολή"
+
+#: plugins/sudoers/def_data.c:379
+#, c-format
+msgid "Maximum I/O log sequence number: %u"
+msgstr "Μέγιστος αριθμός αλληλουχίας καταγραφών εισόδου/εξόδου: %u"
+
+#: plugins/sudoers/def_data.c:383
+msgid "Enable sudoers netgroup support"
+msgstr "Να ενεργοποιείται η υποστήριξη ομάδας δικτύου στους χρήστες sudo"
+
+#: plugins/sudoers/defaults.c:210 plugins/sudoers/defaults.c:600
+#: plugins/sudoers/visudo_json.c:611 plugins/sudoers/visudo_json.c:647
+#, c-format
+msgid "unknown defaults entry `%s'"
+msgstr "άγνωστες προεπιλογές καταχώρισης `%s'"
+
+#: plugins/sudoers/defaults.c:218 plugins/sudoers/defaults.c:228
+#: plugins/sudoers/defaults.c:248 plugins/sudoers/defaults.c:261
+#: plugins/sudoers/defaults.c:274 plugins/sudoers/defaults.c:287
+#: plugins/sudoers/defaults.c:300 plugins/sudoers/defaults.c:320
+#: plugins/sudoers/defaults.c:330
+#, c-format
+msgid "value `%s' is invalid for option `%s'"
+msgstr "η τιμή `%s' είναι άκυρη για την επιλογή `%s'"
+
+#: plugins/sudoers/defaults.c:221 plugins/sudoers/defaults.c:231
+#: plugins/sudoers/defaults.c:239 plugins/sudoers/defaults.c:256
+#: plugins/sudoers/defaults.c:269 plugins/sudoers/defaults.c:282
+#: plugins/sudoers/defaults.c:295 plugins/sudoers/defaults.c:315
+#: plugins/sudoers/defaults.c:326
+#, c-format
+msgid "no value specified for `%s'"
+msgstr "δεν ορίστηκε τιμή για το `%s'"
+
+#: plugins/sudoers/defaults.c:244
+#, c-format
+msgid "values for `%s' must start with a '/'"
+msgstr "οι τιμές για το `%s' πρέπει να αρχίζουν με ένα '/'"
+
+#: plugins/sudoers/defaults.c:306
+#, c-format
+msgid "option `%s' does not take a value"
+msgstr "η επιλογή `%s' δεν παίρνει τιμή"
+
+#: plugins/sudoers/env.c:288 plugins/sudoers/env.c:293
+#: plugins/sudoers/env.c:395 plugins/sudoers/linux_audit.c:82
+#: plugins/sudoers/policy.c:442 plugins/sudoers/policy.c:449
+#: plugins/sudoers/prompt.c:171 plugins/sudoers/sudoers.c:656
+#: plugins/sudoers/testsudoers.c:241
+#, c-format
+msgid "internal error, %s overflow"
+msgstr "εσωτερικό σφάλμα, υπερχείλιση του %s"
+
+#: plugins/sudoers/env.c:367
+msgid "sudo_putenv: corrupted envp, length mismatch"
+msgstr "sudo_putenv: αλλοιωμένο envp, ασυμφωνία μήκους"
+
+#: plugins/sudoers/env.c:1014
+#, c-format
+msgid "sorry, you are not allowed to set the following environment variables: %s"
+msgstr "συγνώμη, δεν σας επιτρέπετε να ορίσετε τις παρακάτω μεταβλητές περιβάλλοντος: %s"
+
+#: plugins/sudoers/group_plugin.c:94
+#, c-format
+msgid "%s must be owned by uid %d"
+msgstr "το %s πρέπει να κατέχεται από το uid %d"
+
+#: plugins/sudoers/group_plugin.c:98
+#, c-format
+msgid "%s must only be writable by owner"
+msgstr "το %s πρέπει να είναι εγγράψιμο μόνο από τον κάτοχο"
+
+#: plugins/sudoers/group_plugin.c:105 plugins/sudoers/sssd.c:251
+#, c-format
+msgid "unable to load %s: %s"
+msgstr "αδύνατη η φόρτωση του %s: %s"
+
+#: plugins/sudoers/group_plugin.c:110
+#, c-format
+msgid "unable to find symbol \"group_plugin\" in %s"
+msgstr "αδύνατη η εύρεση συμβόλου \"group_plugin\" στο %s"
+
+#: plugins/sudoers/group_plugin.c:115
+#, c-format
+msgid "%s: incompatible group plugin major version %d, expected %d"
+msgstr "%s: ασύμβατη μεγάλη έκδοση %d του προσθέτου ομάδας, αναμενόταν %d"
+
+#: plugins/sudoers/interfaces.c:116
+msgid "Local IP address and netmask pairs:\n"
+msgstr "Ζεύγη τοπικής διεύθυνσης IP και μάσκας δικτύου:\n"
+
+#: plugins/sudoers/iolog.c:99 plugins/sudoers/iolog.c:112
+#: plugins/sudoers/timestamp.c:227
+#, c-format
+msgid "%s exists but is not a directory (0%o)"
+msgstr "το %s υπάρχει, αλλά δεν είναι κατάλογος (0%o)"
+
+#: plugins/sudoers/iolog.c:109 plugins/sudoers/iolog.c:123
+#: plugins/sudoers/iolog.c:127 plugins/sudoers/timestamp.c:221
+#: plugins/sudoers/timestamp.c:242
+#, c-format
+msgid "unable to mkdir %s"
+msgstr "αδύνατο το mkdir %s"
+
+#: plugins/sudoers/iolog.c:190 plugins/sudoers/sudoers.c:710
+#: plugins/sudoers/sudoreplay.c:342 plugins/sudoers/sudoreplay.c:813
+#: plugins/sudoers/sudoreplay.c:1010 plugins/sudoers/timestamp.c:345
+#: plugins/sudoers/visudo.c:823 plugins/sudoers/visudo_json.c:995
+#: plugins/sudoers/visudo_json.c:1001
+#, c-format
+msgid "unable to open %s"
+msgstr "αδύνατο το άνοιγμα του %s"
+
+#: plugins/sudoers/iolog.c:229 plugins/sudoers/sudoers.c:713
+#: plugins/sudoers/sudoreplay.c:1117
+#, c-format
+msgid "unable to read %s"
+msgstr "αδύνατη η ανάγνωση του %s"
+
+#: plugins/sudoers/iolog.c:259 plugins/sudoers/sudoreplay.c:582
+#: plugins/sudoers/timestamp.c:184
+#, c-format
+msgid "unable to write to %s"
+msgstr "αδύνατη η εγγραφή σε %s"
+
+#: plugins/sudoers/iolog.c:319 plugins/sudoers/iolog.c:512
+#, c-format
+msgid "unable to create %s"
+msgstr "αδύνατη η δημιουργία του %s"
+
+#: plugins/sudoers/ldap.c:406
+msgid "sudo_ldap_conf_add_ports: port too large"
+msgstr "sudo_ldap_conf_add_ports: υπερβολικά μεγάλη θύρα"
+
+#: plugins/sudoers/ldap.c:429
+msgid "sudo_ldap_conf_add_ports: out of space expanding hostbuf"
+msgstr "sudo_ldap_conf_add_ports: εκτός χώρου επέκτασης hostbuf"
+
+#: plugins/sudoers/ldap.c:461
+#, c-format
+msgid "unsupported LDAP uri type: %s"
+msgstr "ανυποστήρικτος τύπος LDAP uri: %s"
+
+#: plugins/sudoers/ldap.c:492
+msgid "unable to mix ldap and ldaps URIs"
+msgstr "αδύνατη η ανάμιξη URIs ldap και ldaps"
+
+#: plugins/sudoers/ldap.c:496 plugins/sudoers/ldap.c:528
+msgid "starttls not supported when using ldaps"
+msgstr "το starttls δεν υποστηρίζεται όταν χρησιμοποιείται το ldaps"
+
+#: plugins/sudoers/ldap.c:514
+msgid "sudo_ldap_parse_uri: out of space building hostbuf"
+msgstr "sudo_ldap_parse_uri: εκτός χώρου δόμησης του hostbuf"
+
+#: plugins/sudoers/ldap.c:595
+#, c-format
+msgid "unable to initialize SSL cert and key db: %s"
+msgstr "αδύνατη η αρχικοποίηση των cert SSL και db κλειδιών: %s"
+
+#: plugins/sudoers/ldap.c:598
+#, c-format
+msgid "you must set TLS_CERT in %s to use SSL"
+msgstr "πρέπει να ορίσετε το TLS_CERT σε %s για να χρησιμοποιήσετε το SSL"
+
+#: plugins/sudoers/ldap.c:1089
+msgid "unable to get GMT time"
+msgstr "αδύνατη η λήψη χρόνου GMT"
+
+#: plugins/sudoers/ldap.c:1095
+msgid "unable to format timestamp"
+msgstr "αδύνατη η μορφοποίηση της χρονικής σήμανσης"
+
+#: plugins/sudoers/ldap.c:1103
+msgid "unable to build time filter"
+msgstr "αδύνατη η δόμηση φίλτρου χρόνου"
+
+#: plugins/sudoers/ldap.c:1322
+msgid "sudo_ldap_build_pass1 allocation mismatch"
+msgstr "ασυμφωνία κατανομής sudo_ldap_build_pass1"
+
+#: plugins/sudoers/ldap.c:1433
+#, c-format
+msgid "%s: %s: %s: %s"
+msgstr "%s: %s: %s: %s"
+
+#: plugins/sudoers/ldap.c:1909
+#, c-format
+msgid ""
+"\n"
+"LDAP Role: %s\n"
+msgstr ""
+"\n"
+"Ρόλος LDAP: %s\n"
+
+#: plugins/sudoers/ldap.c:1911
+#, c-format
+msgid ""
+"\n"
+"LDAP Role: UNKNOWN\n"
+msgstr ""
+"\n"
+"Ρόλος LDAP: ΑΓΝΩΣΤΟΣ\n"
+
+#: plugins/sudoers/ldap.c:1958
+#, c-format
+msgid "    Order: %s\n"
+msgstr "    Σειρά: %s\n"
+
+#: plugins/sudoers/ldap.c:1966 plugins/sudoers/parse.c:504
+#: plugins/sudoers/sssd.c:1295
+#, c-format
+msgid "    Commands:\n"
+msgstr "    Εντολές:\n"
+
+#: plugins/sudoers/ldap.c:2509
+#, c-format
+msgid "unable to initialize LDAP: %s"
+msgstr "αδύνατη η αρχικοποίηση του LDAP: %s"
+
+#: plugins/sudoers/ldap.c:2551
+msgid "start_tls specified but LDAP libs do not support ldap_start_tls_s() or ldap_start_tls_s_np()"
+msgstr "ορίστηκε το start_tls, αλλά οι βιβλιοθήκες LDAP υποστηρίζουν ldap_start_tls_s() ή ldap_start_tls_s_np()"
+
+#: plugins/sudoers/ldap.c:2784
+#, c-format
+msgid "invalid sudoOrder attribute: %s"
+msgstr "άκυρο γνώρισμα sudoOrder: %s"
+
+#: plugins/sudoers/linux_audit.c:57
+msgid "unable to open audit system"
+msgstr "αδύνατο το άνοιγμα συστήματος ελέγχου"
+
+#: plugins/sudoers/linux_audit.c:93
+msgid "unable to send audit message"
+msgstr "αδύνατη η αποστολή μηνύματος ελέγχου"
+
+#: plugins/sudoers/logging.c:136
+#, c-format
+msgid "%8s : %s"
+msgstr "%8s : %s"
+
+#: plugins/sudoers/logging.c:164
+#, c-format
+msgid "%8s : (command continued) %s"
+msgstr "%8s : (συνεχιζόμενη εντολή) %s"
+
+#: plugins/sudoers/logging.c:189
+#, c-format
+msgid "unable to open log file: %s: %s"
+msgstr "αδύνατο το άνοιγμα αρχείου καταγραφής: %s: %s"
+
+#: plugins/sudoers/logging.c:192
+#, c-format
+msgid "unable to lock log file: %s: %s"
+msgstr "αδύνατο το κλείδωμα αρχείου καταγραφής: %s: %s"
+
+#: plugins/sudoers/logging.c:243
+msgid "No user or host"
+msgstr "Χωρίς χρήστη ή οικοδεσπότη"
+
+#: plugins/sudoers/logging.c:245
+msgid "validation failure"
+msgstr "αποτυχία επικύρωσης"
+
+#: plugins/sudoers/logging.c:252
+msgid "user NOT in sudoers"
+msgstr "ο χρήστης ΔΕΝ είναι στους sudo"
+
+#: plugins/sudoers/logging.c:254
+msgid "user NOT authorized on host"
+msgstr "ο χρήστης ΔΕΝ εξουσιοδοτήθηκε στον οικοδεσπότη"
+
+#: plugins/sudoers/logging.c:256
+msgid "command not allowed"
+msgstr "μη επιτρεπόμενη εντολή"
+
+#: plugins/sudoers/logging.c:286
+#, c-format
+msgid "%s is not in the sudoers file.  This incident will be reported.\n"
+msgstr "το %s δεν είναι στο αρχείο χρηστών sudo. Αυτό το συμβάν θα αναφερθεί.\n"
+
+#: plugins/sudoers/logging.c:289
+#, c-format
+msgid "%s is not allowed to run sudo on %s.  This incident will be reported.\n"
+msgstr "ο %s δεν επιτρέπεται να εκτελέσει sudo στο %s. Αυτό το συμβάν θα αναφερθεί.\n"
+
+#: plugins/sudoers/logging.c:293
+#, c-format
+msgid "Sorry, user %s may not run sudo on %s.\n"
+msgstr "Συγνώμη, ο χρήστης %s δεν μπορεί να εκτελέσει sudo στο %s.\n"
+
+#: plugins/sudoers/logging.c:296
+#, c-format
+msgid "Sorry, user %s is not allowed to execute '%s%s%s' as %s%s%s on %s.\n"
+msgstr "Συγνώμη, ο χρήστης %s δεν επιτρέπεται να εκτελέσει '%s%s%s' ως %s%s%s στο %s.\n"
+
+#: plugins/sudoers/logging.c:333 plugins/sudoers/sudoers.c:382
+#: plugins/sudoers/sudoers.c:383 plugins/sudoers/sudoers.c:385
+#: plugins/sudoers/sudoers.c:386 plugins/sudoers/sudoers.c:1017
+#: plugins/sudoers/sudoers.c:1018
+#, c-format
+msgid "%s: command not found"
+msgstr "%s: δεν βρέθηκε η εντολή"
+
+#: plugins/sudoers/logging.c:335 plugins/sudoers/sudoers.c:378
+#, c-format
+msgid ""
+"ignoring `%s' found in '.'\n"
+"Use `sudo ./%s' if this is the `%s' you wish to run."
+msgstr ""
+"παραβλέπεται το `%s' που βρέθηκε στο '.'\n"
+"Χρησιμοποιήστε `sudo ./%s' αν αυτό είναι το `%s' που θέλετε να εκτελέσετε."
+
+#: plugins/sudoers/logging.c:351
+msgid "authentication failure"
+msgstr "αποτυχία πιστοποίησης"
+
+#: plugins/sudoers/logging.c:377
+msgid "a password is required"
+msgstr "απαιτείται κωδικός πρόσβασης"
+
+#: plugins/sudoers/logging.c:441 plugins/sudoers/logging.c:495
+#, c-format
+msgid "%u incorrect password attempt"
+msgid_plural "%u incorrect password attempts"
+msgstr[0] "%u ανεπιτυχής προσπάθεια κωδικού πρόσβασης"
+msgstr[1] "%u ανεπιτυχείς προσπάθειες κωδικού πρόσβασης"
+
+#: plugins/sudoers/logging.c:581
+msgid "unable to fork"
+msgstr "αδύνατη η διακλάδωση"
+
+#: plugins/sudoers/logging.c:588 plugins/sudoers/logging.c:644
+#, c-format
+msgid "unable to fork: %m"
+msgstr "αδύνατη η διακλάδωση: %m"
+
+#: plugins/sudoers/logging.c:634
+#, c-format
+msgid "unable to open pipe: %m"
+msgstr "αδύνατο το άνοιγμα της διοχέτευσης: %m"
+
+#: plugins/sudoers/logging.c:659
+#, c-format
+msgid "unable to dup stdin: %m"
+msgstr "αδύνατο να dup στην τυπική είσοδο: %m"
+
+#: plugins/sudoers/logging.c:694
+#, c-format
+msgid "unable to execute %s: %m"
+msgstr "αδύνατη η εκτέλεση %s: %m"
+
+#: plugins/sudoers/logging.c:914
+msgid "internal error: insufficient space for log line"
+msgstr "εσωτερικό σφάλμα: ανεπαρκής χώρος για γραμμή καταγραφής"
+
+#: plugins/sudoers/match.c:617
+#, c-format
+msgid "unsupported digest type %d for %s"
+msgstr "ανυποστήρικτος τύπος αφομοίωσης %d για %s"
+
+#: plugins/sudoers/match.c:647
+#, c-format
+msgid "%s: read error"
+msgstr "%s: σφάλμα ανάγνωσης"
+
+#: plugins/sudoers/match.c:661
+#, c-format
+msgid "digest for %s (%s) is not in %s form"
+msgstr "η αφομοίωση για το %s (%s) δεν είναι στη μορφή %s"
+
+#: plugins/sudoers/parse.c:115
+#, c-format
+msgid "parse error in %s near line %d"
+msgstr "σφάλμα ανάλυσης στο %s κοντά στη γραμμή %d"
+
+#: plugins/sudoers/parse.c:118
+#, c-format
+msgid "parse error in %s"
+msgstr "ανάλυση σφάλματος για %s"
+
+#: plugins/sudoers/parse.c:451
+#, c-format
+msgid ""
+"\n"
+"Sudoers entry:\n"
+msgstr ""
+"\n"
+"Καταχώριση χρηστών sudo:\n"
+
+#: plugins/sudoers/parse.c:452
+#, c-format
+msgid "    RunAsUsers: "
+msgstr "    RunAsUsers: "
+
+#: plugins/sudoers/parse.c:466
+#, c-format
+msgid "    RunAsGroups: "
+msgstr "    RunAsGroups: "
+
+#: plugins/sudoers/parse.c:475
+#, c-format
+msgid "    Options: "
+msgstr "  Επιλογές: "
+
+#: plugins/sudoers/policy.c:109 plugins/sudoers/policy.c:116
+#: plugins/sudoers/policy.c:123 plugins/sudoers/policy.c:145
+#: plugins/sudoers/policy.c:259 plugins/sudoers/policy.c:277
+#: plugins/sudoers/policy.c:284 plugins/sudoers/policy.c:312
+#: plugins/sudoers/policy.c:320 plugins/sudoers/policy.c:327
+#: plugins/sudoers/set_perms.c:363 plugins/sudoers/set_perms.c:702
+#: plugins/sudoers/set_perms.c:1061 plugins/sudoers/set_perms.c:1357
+#: plugins/sudoers/set_perms.c:1525
+#, c-format
+msgid "%s: %s"
+msgstr "%s: %s"
+
+#: plugins/sudoers/policy.c:539 plugins/sudoers/visudo.c:764
+#, c-format
+msgid "unable to execute %s"
+msgstr "Αδύνατη η εκτέλεση του %s."
+
+#: plugins/sudoers/policy.c:681
+#, c-format
+msgid "Sudoers policy plugin version %s\n"
+msgstr "Η έκδοση προσθέτου πολιτικής χρηστών sudo %s\n"
+
+#: plugins/sudoers/policy.c:683
+#, c-format
+msgid "Sudoers file grammar version %d\n"
+msgstr "Η έκδοση γραμματικής αρχείου χρηστών sudo %d\n"
+
+#: plugins/sudoers/policy.c:687
+#, c-format
+msgid ""
+"\n"
+"Sudoers path: %s\n"
+msgstr ""
+"\n"
+"διαδρομή χρηστών sudo: %s\n"
+
+#: plugins/sudoers/policy.c:690
+#, c-format
+msgid "nsswitch path: %s\n"
+msgstr "διαδρομή nsswitch: %s\n"
+
+#: plugins/sudoers/policy.c:692
+#, c-format
+msgid "ldap.conf path: %s\n"
+msgstr "διαδρομή ldap.conf: %s\n"
+
+#: plugins/sudoers/policy.c:693
+#, c-format
+msgid "ldap.secret path: %s\n"
+msgstr "διαδρομή ldap.secret: %s\n"
+
+#: plugins/sudoers/pwutil.c:148
+#, c-format
+msgid "unable to cache uid %u, already exists"
+msgstr "αδύνατη η αποθήκευση του uid %u, υπάρχει ήδη"
+
+#: plugins/sudoers/pwutil.c:190
+#, c-format
+msgid "unable to cache user %s, already exists"
+msgstr "αδύνατη η αποθήκευση του %s χρήστη, υπάρχει ήδη"
+
+#: plugins/sudoers/pwutil.c:393
+#, c-format
+msgid "unable to cache gid %u, already exists"
+msgstr "αδύνατη η αποθήκευση του gid %u, υπάρχει ήδη"
+
+#: plugins/sudoers/pwutil.c:429
+#, c-format
+msgid "unable to cache group %s, already exists"
+msgstr "αδύνατη η αποθήκευση ομάδας %s, υπάρχει ήδη"
+
+#: plugins/sudoers/pwutil.c:592 plugins/sudoers/pwutil.c:614
+#, c-format
+msgid "unable to cache group list for %s, already exists"
+msgstr "αδύνατη η αποθήκευση καταλόγου ομάδας %s, υπάρχει ήδη"
+
+#: plugins/sudoers/pwutil.c:612
+#, c-format
+msgid "unable to parse groups for %s"
+msgstr "αδύνατη η ανάλυση ομάδων για %s"
+
+#: plugins/sudoers/set_perms.c:124 plugins/sudoers/set_perms.c:449
+#: plugins/sudoers/set_perms.c:852 plugins/sudoers/set_perms.c:1149
+#: plugins/sudoers/set_perms.c:1441
+msgid "perm stack overflow"
+msgstr "υπερχείλιση στοίβας perm"
+
+#: plugins/sudoers/set_perms.c:132 plugins/sudoers/set_perms.c:457
+#: plugins/sudoers/set_perms.c:860 plugins/sudoers/set_perms.c:1157
+#: plugins/sudoers/set_perms.c:1449
+msgid "perm stack underflow"
+msgstr "υποχείλιση στοίβας perm"
+
+#: plugins/sudoers/set_perms.c:191 plugins/sudoers/set_perms.c:504
+#: plugins/sudoers/set_perms.c:1208 plugins/sudoers/set_perms.c:1481
+msgid "unable to change to root gid"
+msgstr "αδύνατη η αλλαγή σε gid υπερχρήστη"
+
+#: plugins/sudoers/set_perms.c:280 plugins/sudoers/set_perms.c:601
+#: plugins/sudoers/set_perms.c:989 plugins/sudoers/set_perms.c:1285
+msgid "unable to change to runas gid"
+msgstr "αδύνατη η αλλαγή σε gid runas"
+
+#: plugins/sudoers/set_perms.c:292 plugins/sudoers/set_perms.c:613
+#: plugins/sudoers/set_perms.c:999 plugins/sudoers/set_perms.c:1295
+msgid "unable to change to runas uid"
+msgstr "αδύνατη η αλλαγή σε uid runas"
+
+#: plugins/sudoers/set_perms.c:310 plugins/sudoers/set_perms.c:631
+#: plugins/sudoers/set_perms.c:1015 plugins/sudoers/set_perms.c:1311
+msgid "unable to change to sudoers gid"
+msgstr "αδύνατη η αλλαγή σε gid χρηστών sudo"
+
+#: plugins/sudoers/set_perms.c:363 plugins/sudoers/set_perms.c:702
+#: plugins/sudoers/set_perms.c:1061 plugins/sudoers/set_perms.c:1357
+#: plugins/sudoers/set_perms.c:1525
+msgid "too many processes"
+msgstr "υπερβολικά πολλές διεργασίες"
+
+#: plugins/sudoers/set_perms.c:1595
+msgid "unable to set runas group vector"
+msgstr "αδύνατος ο ορισμός διανύσματος ομάδας runas"
+
+#: plugins/sudoers/sssd.c:252
+msgid "unable to initialize SSS source. Is SSSD installed on your machine?"
+msgstr "αδύνατη η αρχικοποίηση πηγής SSS. Είναι το SSSD εγκατεστημένο στο μηχάνημά σας;"
+
+#: plugins/sudoers/sssd.c:259 plugins/sudoers/sssd.c:267
+#: plugins/sudoers/sssd.c:275 plugins/sudoers/sssd.c:283
+#: plugins/sudoers/sssd.c:291
+#, c-format
+msgid "unable to find symbol \"%s\" in %s"
+msgstr "αδύνατη η εύρεση συμβόλου \"%s\" στο %s"
+
+#: plugins/sudoers/sudo_nss.c:283
+#, c-format
+msgid "Matching Defaults entries for %s on %s:\n"
+msgstr "Συμφωνία προεπιλεγμένων καταχωρίσεων για %s στο %s:\n"
+
+#: plugins/sudoers/sudo_nss.c:296
+#, c-format
+msgid "Runas and Command-specific defaults for %s:\n"
+msgstr "Runas και προεπιλεγμένες ειδικές εντολές για το %s:\n"
+
+#: plugins/sudoers/sudo_nss.c:309
+#, c-format
+msgid "User %s may run the following commands on %s:\n"
+msgstr "Ο χρήστης %s μπορεί να εκτελέσει τις παρακάτω εντολές στο %s:\n"
+
+#: plugins/sudoers/sudo_nss.c:318
+#, c-format
+msgid "User %s is not allowed to run sudo on %s.\n"
+msgstr "Ο χρήστης %s δεν επιτρέπεται να εκτελέσει sudo στο %s.\n"
+
+#: plugins/sudoers/sudoers.c:154 plugins/sudoers/sudoers.c:188
+#: plugins/sudoers/sudoers.c:675
+msgid "problem with defaults entries"
+msgstr "πρόβλημα με τις προεπιλεγμένες καταχωρίσεις"
+
+#: plugins/sudoers/sudoers.c:160
+msgid "no valid sudoers sources found, quitting"
+msgstr "δεν βρέθηκαν έγκυρες πηγές χρηστών sudo, έξοδος"
+
+#: plugins/sudoers/sudoers.c:222
+msgid "sudoers specifies that root is not allowed to sudo"
+msgstr "οι χρήστες sudo καθορίζουν ότι ο υπερχρήστης δεν επιτρέπεται να εκτελέσει sudo"
+
+#: plugins/sudoers/sudoers.c:261
+msgid "you are not permitted to use the -C option"
+msgstr "δεν επιτρέπετε να χρησιμοποιήσετε την επιλογή -C"
+
+#: plugins/sudoers/sudoers.c:314
+#, c-format
+msgid "timestamp owner (%s): No such user"
+msgstr "κάτοχος χρονικής σήμανσης (%s): Δεν υπάρχει τέτοιος χρήστης"
+
+#: plugins/sudoers/sudoers.c:328
+msgid "no tty"
+msgstr "χωρίς tty"
+
+#: plugins/sudoers/sudoers.c:329
+msgid "sorry, you must have a tty to run sudo"
+msgstr "συγνώμη, πρέπει να έχετε ένα tty για να εκτελέσετε sudo"
+
+#: plugins/sudoers/sudoers.c:377
+msgid "command in current directory"
+msgstr "εντολή στο τρέχοντα κατάλογο"
+
+#: plugins/sudoers/sudoers.c:394
+msgid "sorry, you are not allowed to preserve the environment"
+msgstr "συγνώμη, δεν σας επιτρέπεται να διατηρήσετε το περιβάλλον"
+
+#: plugins/sudoers/sudoers.c:725 plugins/sudoers/visudo.c:326
+#: plugins/sudoers/visudo.c:590
+#, c-format
+msgid "unable to stat %s"
+msgstr "αδύνατο να εκτελεστεί stat %s"
+
+#: plugins/sudoers/sudoers.c:728
+#, c-format
+msgid "%s is not a regular file"
+msgstr "το %s δεν είναι ένα κανονικό αρχείο"
+
+#: plugins/sudoers/sudoers.c:731 plugins/sudoers/timestamp.c:283 toke.l:923
+#, c-format
+msgid "%s is owned by uid %u, should be %u"
+msgstr "το %s κατέχεται από uid %u, θα έπρεπε να είναι %u"
+
+#: plugins/sudoers/sudoers.c:735 toke.l:930
+#, c-format
+msgid "%s is world writable"
+msgstr "Το %s είναι εγγράψιμο από όλους"
+
+#: plugins/sudoers/sudoers.c:738 toke.l:935
+#, c-format
+msgid "%s is owned by gid %u, should be %u"
+msgstr "το %s κατέχεται από gid %u, θα έπρεπε να είναι %u"
+
+#: plugins/sudoers/sudoers.c:764
+#, c-format
+msgid "only root can use `-c %s'"
+msgstr "μόνο ο υπερχρήστης μπορεί να χρησιμοποιήσει `-c %s'"
+
+#: plugins/sudoers/sudoers.c:781 plugins/sudoers/sudoers.c:783
+#, c-format
+msgid "unknown login class: %s"
+msgstr "άγνωστη κλάση σύνδεσης: %s"
+
+#: plugins/sudoers/sudoers.c:815
+#, c-format
+msgid "unable to resolve host %s"
+msgstr "αδύνατη η επίλυση οικοδεσπότη %s"
+
+#: plugins/sudoers/sudoers.c:878 plugins/sudoers/testsudoers.c:387
+#, c-format
+msgid "unknown group: %s"
+msgstr "άγνωστη ομάδα: %s"
+
+#: plugins/sudoers/sudoreplay.c:274
+#, c-format
+msgid "invalid filter option: %s"
+msgstr "άκυρη επιλογή φίλτρου: %s"
+
+#: plugins/sudoers/sudoreplay.c:287
+#, c-format
+msgid "invalid max wait: %s"
+msgstr "άκυρη μέγιστη αναμονή: %s"
+
+#: plugins/sudoers/sudoreplay.c:293
+#, c-format
+msgid "invalid speed factor: %s"
+msgstr "άκυρος συντελεστής ταχύτητας: %s"
+
+#: plugins/sudoers/sudoreplay.c:296 plugins/sudoers/visudo.c:184
+#, c-format
+msgid "%s version %s\n"
+msgstr "%s έκδοση %s\n"
+
+#: plugins/sudoers/sudoreplay.c:328
+#, c-format
+msgid "%s/%.2s/%.2s/%.2s/timing: %s"
+msgstr "%s/%.2s/%.2s/%.2s/χρονισμός: %s"
+
+#: plugins/sudoers/sudoreplay.c:334
+#, c-format
+msgid "%s/%s/timing: %s"
+msgstr "%s/%s/χρονισμός: %s"
+
+#: plugins/sudoers/sudoreplay.c:350
+#, c-format
+msgid "Replaying sudo session: %s\n"
+msgstr "Αναπαράγεται η συνεδρία sudo: %s\n"
+
+#: plugins/sudoers/sudoreplay.c:356
+#, c-format
+msgid "Warning: your terminal is too small to properly replay the log.\n"
+msgstr "Προειδοποίηση: το τερματικό σας είναι υπερβολικά μικρό για σωστή επανάληψη του ημερολογίου.\n"
+
+#: plugins/sudoers/sudoreplay.c:357
+#, c-format
+msgid "Log geometry is %d x %d, your terminal's geometry is %d x %d."
+msgstr "Η γεωμετρία του ημερολογίου είναι %d x %d, η γεωμετρία του τερματικού σας είναι %d x %d."
+
+#: plugins/sudoers/sudoreplay.c:412
+msgid "unable to set tty to raw mode"
+msgstr "αδύνατος ο ορισμός σε ακατέργαστη κατάσταση"
+
+#: plugins/sudoers/sudoreplay.c:443
+#, c-format
+msgid "invalid timing file line: %s"
+msgstr "άκυρη γραμμή αρχείου χρονισμού: %s"
+
+#: plugins/sudoers/sudoreplay.c:649 plugins/sudoers/sudoreplay.c:674
+#, c-format
+msgid "ambiguous expression \"%s\""
+msgstr "ασαφής παράσταση \"%s\""
+
+#: plugins/sudoers/sudoreplay.c:696
+msgid "unmatched ')' in expression"
+msgstr "ασύμφωνο ')' σε παράσταση"
+
+#: plugins/sudoers/sudoreplay.c:700
+#, c-format
+msgid "unknown search term \"%s\""
+msgstr "άγνωστος όρος αναζήτησης \"%s\""
+
+#: plugins/sudoers/sudoreplay.c:714
+#, c-format
+msgid "%s requires an argument"
+msgstr "το %s απαιτεί ένα όρισμα"
+
+#: plugins/sudoers/sudoreplay.c:718 plugins/sudoers/sudoreplay.c:1090
+#, c-format
+msgid "invalid regular expression: %s"
+msgstr "άκυρη κανονική έκφραση: %s"
+
+#: plugins/sudoers/sudoreplay.c:724
+#, c-format
+msgid "could not parse date \"%s\""
+msgstr "αδύνατη η ανάλυση ημερομηνίας \"%s\""
+
+#: plugins/sudoers/sudoreplay.c:733
+msgid "unmatched '(' in expression"
+msgstr "ασύμφωνο '(' σε παράσταση"
+
+#: plugins/sudoers/sudoreplay.c:735
+msgid "illegal trailing \"or\""
+msgstr "απαράδεκτο τελικό \"or\""
+
+#: plugins/sudoers/sudoreplay.c:737
+msgid "illegal trailing \"!\""
+msgstr "απαράδεκτο τελικό \"!\""
+
+#: plugins/sudoers/sudoreplay.c:790
+#, c-format
+msgid "unknown search type %d"
+msgstr "άγνωστος τύπος αναζήτησης %d"
+
+#: plugins/sudoers/sudoreplay.c:827
+#, c-format
+msgid "%s: invalid log file"
+msgstr "%s: άκυρο αρχείο ημερολογίου"
+
+#: plugins/sudoers/sudoreplay.c:845
+#, c-format
+msgid "%s: time stamp field is missing"
+msgstr "%s: το πεδίο σήμανσης χρόνου λείπει"
+
+#: plugins/sudoers/sudoreplay.c:852
+#, c-format
+msgid "%s: time stamp %s: %s"
+msgstr "%s: η σήμανση χρόνου %s: %s"
+
+#: plugins/sudoers/sudoreplay.c:859
+#, c-format
+msgid "%s: user field is missing"
+msgstr "%s: το πεδίο χρήστη λείπει"
+
+#: plugins/sudoers/sudoreplay.c:867
+#, c-format
+msgid "%s: runas user field is missing"
+msgstr "%s: το πεδίο χρήστη runas λείπει"
+
+#: plugins/sudoers/sudoreplay.c:875
+#, c-format
+msgid "%s: runas group field is missing"
+msgstr "%s: το πεδίο ομάδας runas λείπει"
+
+#: plugins/sudoers/sudoreplay.c:1230
+#, c-format
+msgid "usage: %s [-h] [-d dir] [-m num] [-s num] ID\n"
+msgstr "χρήση: %s [-h] [-d dir] [-m num] [-s num] ID\n"
+
+#: plugins/sudoers/sudoreplay.c:1233
+#, c-format
+msgid "usage: %s [-h] [-d dir] -l [search expression]\n"
+msgstr "χρήση: %s [-h] [-d dir] -l [παράσταση αναζήτησης]\n"
+
+#: plugins/sudoers/sudoreplay.c:1242
+#, c-format
+msgid ""
+"%s - replay sudo session logs\n"
+"\n"
+msgstr ""
+"%s - επανάληψη ημερολογίων συνεδρίας sudo\n"
+"\n"
+
+#: plugins/sudoers/sudoreplay.c:1244
+msgid ""
+"\n"
+"Options:\n"
+"  -d, --directory=dir  specify directory for session logs\n"
+"  -f, --filter=filter  specify which I/O type(s) to display\n"
+"  -h, --help           display help message and exit\n"
+"  -l, --list           list available session IDs, with optional expression\n"
+"  -m, --max-wait=num   max number of seconds to wait between events\n"
+"  -s, --speed=num      speed up or slow down output\n"
+"  -V, --version        display version information and exit"
+msgstr ""
+"\n"
+"Επιλογές:\n"
+"  -d, --directory=κατάλογος  καθορισμός καταλόγου για ημερολόγια συνεδρίας\n"
+"  -f, --filter=φίλτρο  ορισμός ποιοι τύποι εισόδου/εξόδου να εμφανίζονται\n"
+"  -h, --help           εμφάνιση μηνύματος βοήθειας και έξοδος\n"
+"  -l, --list           κατάλογος διαθέσιμων αναγνωριστικών συνεδρίας, με προαιρετική παράσταση\n"
+"  -m, --max-wait=αριθ  μέγιστος αριθμός δευτερολέπτων αναμονής μεταξύ συμβάντων\n"
+"  -s, --speed=αριθ     επιτάχυνση ή επιβράδυνση εξόδου\n"
+"  -V, --version        εμφάνιση πληροφοριών έκδοσης και έξοδος"
+
+#: plugins/sudoers/testsudoers.c:326
+msgid "\thost  unmatched"
+msgstr "        ασύμφωνος οικοδεσπότης"
+
+#: plugins/sudoers/testsudoers.c:329
+msgid ""
+"\n"
+"Command allowed"
+msgstr ""
+"\n"
+"Επιτρεπόμενη εντολή"
+
+#: plugins/sudoers/testsudoers.c:330
+msgid ""
+"\n"
+"Command denied"
+msgstr ""
+"\n"
+"Απαγορευμένη εντολή"
+
+#: plugins/sudoers/testsudoers.c:330
+msgid ""
+"\n"
+"Command unmatched"
+msgstr ""
+"\n"
+"ασύμφωνη εντολή"
+
+#: plugins/sudoers/timestamp.c:191
+#, c-format
+msgid "unable to truncate time stamp file to %lld bytes"
+msgstr "αδύνατη η περικοπή αρχείου σήμανσης χρόνου σε %lld ψηφιολέξεις"
+
+#: plugins/sudoers/timestamp.c:291
+#, c-format
+msgid "%s is group writable"
+msgstr "το %s είναι εγγράψιμη ομάδα"
+
+#: plugins/sudoers/timestamp.c:311
+#, c-format
+msgid "timestamp path too long: %s/%s"
+msgstr "η διαδρομή χρονικής σήμανσης είναι υπερβολικά μεγάλη: %s/%s"
+
+#: plugins/sudoers/timestamp.c:484
+msgid "ignoring time stamp from the future"
+msgstr "να αγνοείται η χρονική σήμανση στο μέλλον"
+
+#: plugins/sudoers/timestamp.c:496
+#, c-format
+msgid "time stamp too far in the future: %20.20s"
+msgstr "η χρονική σήμανση υπερβολικά μακρινή στο μέλλον: %20.20s"
+
+#: plugins/sudoers/timestamp.c:596 plugins/sudoers/timestamp.c:618
+#, c-format
+msgid "lecture status path too long: %s/%s"
+msgstr "η διαδρομή κατάστασης οδηγίας υπερβολικά μεγάλη: %s/%s"
+
+#: plugins/sudoers/toke_util.c:176
+msgid "fill_args: buffer overflow"
+msgstr "fill_args: υπερχείλιση ενδιάμεσης μνήμης"
+
+#: plugins/sudoers/visudo.c:186
+#, c-format
+msgid "%s grammar version %d\n"
+msgstr "γραμματική %s έκδοση %d\n"
+
+#: plugins/sudoers/visudo.c:257 plugins/sudoers/visudo.c:543
+#, c-format
+msgid "press return to edit %s: "
+msgstr "πατήστε return για να επεξεργαστείτε το %s: "
+
+#: plugins/sudoers/visudo.c:342 plugins/sudoers/visudo.c:348
+msgid "write error"
+msgstr "σφάλμα εγγραφής"
+
+#: plugins/sudoers/visudo.c:430
+#, c-format
+msgid "unable to stat temporary file (%s), %s unchanged"
+msgstr "αδύνατη η εκτέλεση stat προσωρινού αρχείου (%s), το %s δεν άλλαξε"
+
+#: plugins/sudoers/visudo.c:435
+#, c-format
+msgid "zero length temporary file (%s), %s unchanged"
+msgstr "προσωρινό αρχείο μηδενικού μήκους (%s), το %s αμετάβλητο"
+
+#: plugins/sudoers/visudo.c:441
+#, c-format
+msgid "editor (%s) failed, %s unchanged"
+msgstr "αποτυχία επεξεργασίας του (%s), το %s αμετάβλητο"
+
+#: plugins/sudoers/visudo.c:463
+#, c-format
+msgid "%s unchanged"
+msgstr "αμετάβλητο %s"
+
+#: plugins/sudoers/visudo.c:488
+#, c-format
+msgid "unable to re-open temporary file (%s), %s unchanged."
+msgstr "αδύνατο το ξαναάνοιγμα του προσωρινού αρχείου (%s), το %s αμετάβλητο"
+
+#: plugins/sudoers/visudo.c:498
+#, c-format
+msgid "unabled to parse temporary file (%s), unknown error"
+msgstr "αδύνατη η ανάλυση του προσωρινού αρχείου (%s), άγνωστο σφάλμα"
+
+#: plugins/sudoers/visudo.c:534
+#, c-format
+msgid "internal error, unable to find %s in list!"
+msgstr "εσωτερικό σφάλμα, αδύνατη η εύρεση του %s στον κατάλογο!"
+
+#: plugins/sudoers/visudo.c:592 plugins/sudoers/visudo.c:601
+#, c-format
+msgid "unable to set (uid, gid) of %s to (%u, %u)"
+msgstr "αδύνατος ο ορισμός (uid, gid) του %s στο (%u, %u)"
+
+#: plugins/sudoers/visudo.c:596 plugins/sudoers/visudo.c:606
+#, c-format
+msgid "unable to change mode of %s to 0%o"
+msgstr "αδύνατη η αλλαγή κατάστασης του %s στο 0%o"
+
+#: plugins/sudoers/visudo.c:623
+#, c-format
+msgid "%s and %s not on the same file system, using mv to rename"
+msgstr "τα %s και %s δεν έχουν το ίδιο σύστημα αρχείων, χρησιμοποιήστε το mv για μετονομασία"
+
+#: plugins/sudoers/visudo.c:637
+#, c-format
+msgid "command failed: '%s %s %s', %s unchanged"
+msgstr "αποτυχία εντολής: '%s %s %s', το %s αμετάβλητο"
+
+#: plugins/sudoers/visudo.c:647
+#, c-format
+msgid "error renaming %s, %s unchanged"
+msgstr "σφάλμα μετονομασίας του %s, το %s αμετάβλητο"
+
+#: plugins/sudoers/visudo.c:709
+msgid "What now? "
+msgstr "Τι να γίνει τώρα; "
+
+#: plugins/sudoers/visudo.c:723
+msgid ""
+"Options are:\n"
+"  (e)dit sudoers file again\n"
+"  e(x)it without saving changes to sudoers file\n"
+"  (Q)uit and save changes to sudoers file (DANGER!)\n"
+msgstr ""
+"Οι επιλογές είναι:\n"
+"  (e)dit νέα επεξεργασία του αρχείου χρηστών sudo\n"
+"  e(x)it έξοδος χωρίς αποθήκευση αλλαγών στο αρχείο χρηστών sudo\n"
+"  (Q)uit έξοδος και αποθήκευση αλλαγών στο αρχείο χρηστών sudo (ΚΙΝΔΥΝΟΣ!)\n"
+
+#: plugins/sudoers/visudo.c:771
+#, c-format
+msgid "unable to run %s"
+msgstr "αδύνατη η εκτέλεση του %s"
+
+#: plugins/sudoers/visudo.c:797
+#, c-format
+msgid "%s: wrong owner (uid, gid) should be (%u, %u)\n"
+msgstr "%s: εσφαλμένος κάτοχος (uid, gid) πρέπει να είναι (%u, %u)\n"
+
+#: plugins/sudoers/visudo.c:804
+#, c-format
+msgid "%s: bad permissions, should be mode 0%o\n"
+msgstr "%s: εσφαλμένα δικαιώματα, πρέπει να είναι κατάσταση 0%o\n"
+
+#: plugins/sudoers/visudo.c:829 plugins/sudoers/visudo_json.c:1008
+#, c-format
+msgid "failed to parse %s file, unknown error"
+msgstr "αποτυχία ανάλυσης αρχείου %s, άγνωστο σφάλμα"
+
+#: plugins/sudoers/visudo.c:845 plugins/sudoers/visudo_json.c:1017
+#, c-format
+msgid "parse error in %s near line %d\n"
+msgstr "ανάλυση σφάλματος στο %s κοντά στη γραμμή %d\n"
+
+#: plugins/sudoers/visudo.c:848 plugins/sudoers/visudo_json.c:1020
+#, c-format
+msgid "parse error in %s\n"
+msgstr "ανάλυση σφάλματος %s\n"
+
+#: plugins/sudoers/visudo.c:856 plugins/sudoers/visudo.c:863
+#, c-format
+msgid "%s: parsed OK\n"
+msgstr "%s: επιτυχής ανάλυση\n"
+
+#: plugins/sudoers/visudo.c:909
+#, c-format
+msgid "%s busy, try again later"
+msgstr "το %s είναι απασχολημένο, ξαναδοκιμάστε αργότερα"
+
+#: plugins/sudoers/visudo.c:953
+#, c-format
+msgid "specified editor (%s) doesn't exist"
+msgstr "ο συγκεκριμένος επεξεργαστής (%s) δεν υπάρχει"
+
+#: plugins/sudoers/visudo.c:976
+#, c-format
+msgid "unable to stat editor (%s)"
+msgstr "αδύνατο να εκτελέσουμε stat στον επεξεργαστή (%s)"
+
+#: plugins/sudoers/visudo.c:1024
+#, c-format
+msgid "no editor found (editor path = %s)"
+msgstr "δεν βρέθηκε κανένας επεξεργαστής (διαδρομή επεξεργαστή = %s)"
+
+#: plugins/sudoers/visudo.c:1117
+#, c-format
+msgid "Error: cycle in %s_Alias `%s'"
+msgstr "Σφάλμα: κύκλος στο %s_Alias `%s'"
+
+#: plugins/sudoers/visudo.c:1118
+#, c-format
+msgid "Warning: cycle in %s_Alias `%s'"
+msgstr "Προειδοποίηση: κύκλος στο %s_Alias `%s'"
+
+#: plugins/sudoers/visudo.c:1124
+#, c-format
+msgid "Error: %s_Alias `%s' referenced but not defined"
+msgstr "Σφάλμα: αναφέρθηκε το %s_Alias `%s', αλλά δεν ορίστηκε"
+
+#: plugins/sudoers/visudo.c:1125
+#, c-format
+msgid "Warning: %s_Alias `%s' referenced but not defined"
+msgstr "Προειδοποίηση: αναφέρθηκε το %s_Alias `%s', αλλά δεν ορίστηκε"
+
+#: plugins/sudoers/visudo.c:1267
+#, c-format
+msgid "%s: unused %s_Alias %s"
+msgstr "%s: αχρησιμοποίητο %s_Alias %s"
+
+#: plugins/sudoers/visudo.c:1329
+#, c-format
+msgid ""
+"%s - safely edit the sudoers file\n"
+"\n"
+msgstr ""
+"%s - ασφαλής επεξεργασία του αρχείου χρηστών sudo\n"
+"\n"
+
+#: plugins/sudoers/visudo.c:1331
+msgid ""
+"\n"
+"Options:\n"
+"  -c, --check       check-only mode\n"
+"  -f, --file=file   specify sudoers file location\n"
+"  -h, --help        display help message and exit\n"
+"  -q, --quiet       less verbose (quiet) syntax error messages\n"
+"  -s, --strict      strict syntax checking\n"
+"  -V, --version     display version information and exit\n"
+"  -x, --export=file export sudoers in JSON format"
+msgstr ""
+"\n"
+"Επιλογές:\n"
+"  -c, --check       κατάσταση μόνο ελέγχου\n"
+"  -f, --file=αρχείο καθορισμός θέσης αρχείου χρηστών sudo\n"
+"  -h, --help        εμφάνιση μηνύματος βοήθειας και έξοδος\n"
+"  -q, --quiet       λιγότερο αναλυτική (αθόρυβη) σύνταξη μηνυμάτων σφαλμάτων\n"
+"  -s, --strict      αυστηρός έλεγχος σύνταξης\n"
+"  -V, --version     εμφάνιση πληροφοριών έκδοσης και έξοδος\n"
+"  -x, --export=αρχείο εξαγωγή χρηστών sudo σε μορφή JSON"
+
+#: toke.l:894
+msgid "too many levels of includes"
+msgstr "περιλαμβάνει υπερβολικά πολλά επίπεδα"
diff --git a/plugins/sudoers/po/eo.mo b/plugins/sudoers/po/eo.mo
new file mode 100644
index 0000000..5433dd2
--- /dev/null
+++ b/plugins/sudoers/po/eo.mo
diff --git a/plugins/sudoers/po/eo.po b/plugins/sudoers/po/eo.po
new file mode 100644
index 0000000..143439e
--- /dev/null
+++ b/plugins/sudoers/po/eo.po
@@ -0,0 +1,2347 @@
+# Esperanto translations for sudo package.
+# This file is put in the public domain.
+# Felipe Castro <fefcas@gmail.com>, 2013, 2014, 2015, 2016, 2017, 2018.
+#
+msgid ""
+msgstr ""
+"Project-Id-Version: sudoers 1.8.24b2\n"
+"Report-Msgid-Bugs-To: https://bugzilla.sudo.ws\n"
+"POT-Creation-Date: 2018-07-31 07:13-0600\n"
+"PO-Revision-Date: 2018-08-06 20:03-0300\n"
+"Last-Translator: Felipe Castro <fefcas@gmail.com>\n"
+"Language-Team: Esperanto <translation-team-eo@lists.sourceforge.net>\n"
+"Language: eo\n"
+"MIME-Version: 1.0\n"
+"Content-Type: text/plain; charset=UTF-8\n"
+"Content-Transfer-Encoding: 8bit\n"
+"X-Bugs: Report translation errors to the Language-Team address.\n"
+"Plural-Forms: nplurals=2; plural=(n != 1);\n"
+"X-Generator: Poedit 1.8.7.1\n"
+
+#: confstr.sh:1
+msgid "syntax error"
+msgstr "sintaksa eraro"
+
+#: confstr.sh:2
+msgid "%p's password: "
+msgstr "Pasvorto de %p: "
+
+#: confstr.sh:3
+msgid "[sudo] password for %p: "
+msgstr "[sudo] pasvorto por %p: "
+
+#: confstr.sh:4
+msgid "Password: "
+msgstr "Pasvorto: "
+
+#: confstr.sh:5
+msgid "*** SECURITY information for %h ***"
+msgstr "*** SEKURECO: informoj por %h ***"
+
+#: confstr.sh:6
+msgid "Sorry, try again."
+msgstr "Malĝuste. Reprovu."
+
+#: gram.y:194 gram.y:242 gram.y:249 gram.y:256 gram.y:263 gram.y:270
+#: gram.y:286 gram.y:310 gram.y:317 gram.y:324 gram.y:331 gram.y:338
+#: gram.y:401 gram.y:409 gram.y:419 gram.y:452 gram.y:459 gram.y:466
+#: gram.y:473 gram.y:555 gram.y:562 gram.y:571 gram.y:580 gram.y:597
+#: gram.y:709 gram.y:716 gram.y:723 gram.y:731 gram.y:831 gram.y:838
+#: gram.y:845 gram.y:852 gram.y:859 gram.y:885 gram.y:892 gram.y:899
+#: gram.y:1022 gram.y:1296 plugins/sudoers/alias.c:122
+#: plugins/sudoers/alias.c:129 plugins/sudoers/alias.c:145
+#: plugins/sudoers/auth/bsdauth.c:141 plugins/sudoers/auth/kerb5.c:119
+#: plugins/sudoers/auth/kerb5.c:145 plugins/sudoers/auth/pam.c:519
+#: plugins/sudoers/auth/rfc1938.c:109 plugins/sudoers/auth/sia.c:59
+#: plugins/sudoers/cvtsudoers.c:116 plugins/sudoers/cvtsudoers.c:157
+#: plugins/sudoers/cvtsudoers.c:174 plugins/sudoers/cvtsudoers.c:185
+#: plugins/sudoers/cvtsudoers.c:278 plugins/sudoers/cvtsudoers.c:405
+#: plugins/sudoers/cvtsudoers.c:538 plugins/sudoers/cvtsudoers.c:555
+#: plugins/sudoers/cvtsudoers.c:660 plugins/sudoers/cvtsudoers.c:773
+#: plugins/sudoers/cvtsudoers.c:781 plugins/sudoers/cvtsudoers.c:1186
+#: plugins/sudoers/cvtsudoers.c:1190 plugins/sudoers/cvtsudoers.c:1290
+#: plugins/sudoers/cvtsudoers_ldif.c:147 plugins/sudoers/cvtsudoers_ldif.c:189
+#: plugins/sudoers/cvtsudoers_ldif.c:236 plugins/sudoers/cvtsudoers_ldif.c:255
+#: plugins/sudoers/cvtsudoers_ldif.c:325 plugins/sudoers/cvtsudoers_ldif.c:380
+#: plugins/sudoers/cvtsudoers_ldif.c:388 plugins/sudoers/cvtsudoers_ldif.c:405
+#: plugins/sudoers/cvtsudoers_ldif.c:414 plugins/sudoers/cvtsudoers_ldif.c:560
+#: plugins/sudoers/cvtsudoers_ldif.c:753 plugins/sudoers/cvtsudoers_ldif.c:780
+#: plugins/sudoers/cvtsudoers_ldif.c:848 plugins/sudoers/cvtsudoers_ldif.c:855
+#: plugins/sudoers/cvtsudoers_ldif.c:860 plugins/sudoers/cvtsudoers_ldif.c:936
+#: plugins/sudoers/cvtsudoers_ldif.c:947 plugins/sudoers/cvtsudoers_ldif.c:953
+#: plugins/sudoers/cvtsudoers_ldif.c:978 plugins/sudoers/cvtsudoers_ldif.c:990
+#: plugins/sudoers/cvtsudoers_ldif.c:994
+#: plugins/sudoers/cvtsudoers_ldif.c:1008
+#: plugins/sudoers/cvtsudoers_ldif.c:1176
+#: plugins/sudoers/cvtsudoers_ldif.c:1208
+#: plugins/sudoers/cvtsudoers_ldif.c:1233
+#: plugins/sudoers/cvtsudoers_ldif.c:1262
+#: plugins/sudoers/cvtsudoers_ldif.c:1312
+#: plugins/sudoers/cvtsudoers_ldif.c:1358
+#: plugins/sudoers/cvtsudoers_ldif.c:1368 plugins/sudoers/defaults.c:656
+#: plugins/sudoers/defaults.c:952 plugins/sudoers/defaults.c:1123
+#: plugins/sudoers/editor.c:65 plugins/sudoers/editor.c:83
+#: plugins/sudoers/editor.c:94 plugins/sudoers/env.c:233
+#: plugins/sudoers/filedigest.c:61 plugins/sudoers/filedigest.c:77
+#: plugins/sudoers/gc.c:52 plugins/sudoers/group_plugin.c:131
+#: plugins/sudoers/interfaces.c:71 plugins/sudoers/iolog.c:938
+#: plugins/sudoers/iolog_path.c:167 plugins/sudoers/ldap.c:177
+#: plugins/sudoers/ldap.c:408 plugins/sudoers/ldap.c:412
+#: plugins/sudoers/ldap.c:424 plugins/sudoers/ldap.c:715
+#: plugins/sudoers/ldap.c:879 plugins/sudoers/ldap.c:1228
+#: plugins/sudoers/ldap.c:1654 plugins/sudoers/ldap.c:1691
+#: plugins/sudoers/ldap.c:1771 plugins/sudoers/ldap.c:1906
+#: plugins/sudoers/ldap.c:2007 plugins/sudoers/ldap.c:2023
+#: plugins/sudoers/ldap_conf.c:214 plugins/sudoers/ldap_conf.c:245
+#: plugins/sudoers/ldap_conf.c:297 plugins/sudoers/ldap_conf.c:333
+#: plugins/sudoers/ldap_conf.c:422 plugins/sudoers/ldap_conf.c:437
+#: plugins/sudoers/ldap_conf.c:533 plugins/sudoers/ldap_conf.c:566
+#: plugins/sudoers/ldap_conf.c:647 plugins/sudoers/ldap_conf.c:729
+#: plugins/sudoers/ldap_util.c:519 plugins/sudoers/ldap_util.c:575
+#: plugins/sudoers/linux_audit.c:76 plugins/sudoers/logging.c:190
+#: plugins/sudoers/logging.c:506 plugins/sudoers/logging.c:527
+#: plugins/sudoers/logging.c:568 plugins/sudoers/logging.c:745
+#: plugins/sudoers/logging.c:1003 plugins/sudoers/match.c:693
+#: plugins/sudoers/match.c:740 plugins/sudoers/match.c:781
+#: plugins/sudoers/match.c:809 plugins/sudoers/match.c:897
+#: plugins/sudoers/match.c:977 plugins/sudoers/parse.c:192
+#: plugins/sudoers/parse.c:204 plugins/sudoers/parse.c:219
+#: plugins/sudoers/parse.c:231 plugins/sudoers/policy.c:497
+#: plugins/sudoers/policy.c:739 plugins/sudoers/prompt.c:93
+#: plugins/sudoers/pwutil.c:191 plugins/sudoers/pwutil.c:263
+#: plugins/sudoers/pwutil.c:340 plugins/sudoers/pwutil.c:514
+#: plugins/sudoers/pwutil.c:580 plugins/sudoers/pwutil.c:650
+#: plugins/sudoers/pwutil.c:808 plugins/sudoers/pwutil.c:865
+#: plugins/sudoers/pwutil.c:910 plugins/sudoers/pwutil.c:968
+#: plugins/sudoers/sssd.c:147 plugins/sudoers/sssd.c:387
+#: plugins/sudoers/sssd.c:450 plugins/sudoers/sssd.c:494
+#: plugins/sudoers/sssd.c:541 plugins/sudoers/sssd.c:732
+#: plugins/sudoers/stubs.c:96 plugins/sudoers/stubs.c:104
+#: plugins/sudoers/sudoers.c:265 plugins/sudoers/sudoers.c:275
+#: plugins/sudoers/sudoers.c:283 plugins/sudoers/sudoers.c:325
+#: plugins/sudoers/sudoers.c:648 plugins/sudoers/sudoers.c:774
+#: plugins/sudoers/sudoers.c:818 plugins/sudoers/sudoers.c:1092
+#: plugins/sudoers/sudoers_debug.c:107 plugins/sudoers/sudoreplay.c:1265
+#: plugins/sudoers/sudoreplay.c:1377 plugins/sudoers/sudoreplay.c:1417
+#: plugins/sudoers/sudoreplay.c:1426 plugins/sudoers/sudoreplay.c:1436
+#: plugins/sudoers/sudoreplay.c:1444 plugins/sudoers/sudoreplay.c:1448
+#: plugins/sudoers/sudoreplay.c:1604 plugins/sudoers/sudoreplay.c:1608
+#: plugins/sudoers/testsudoers.c:125 plugins/sudoers/testsudoers.c:215
+#: plugins/sudoers/testsudoers.c:232 plugins/sudoers/testsudoers.c:554
+#: plugins/sudoers/timestamp.c:401 plugins/sudoers/timestamp.c:445
+#: plugins/sudoers/timestamp.c:923 plugins/sudoers/toke_util.c:55
+#: plugins/sudoers/toke_util.c:108 plugins/sudoers/toke_util.c:145
+#: plugins/sudoers/tsdump.c:125 plugins/sudoers/visudo.c:145
+#: plugins/sudoers/visudo.c:307 plugins/sudoers/visudo.c:313
+#: plugins/sudoers/visudo.c:423 plugins/sudoers/visudo.c:601
+#: plugins/sudoers/visudo.c:920 plugins/sudoers/visudo.c:987
+#: plugins/sudoers/visudo.c:1076 toke.l:847 toke.l:948 toke.l:1105
+msgid "unable to allocate memory"
+msgstr "ne eblas rezervi memoron"
+
+#: gram.y:484
+msgid "a digest requires a path name"
+msgstr "resumo postulas vojnomon"
+
+#: gram.y:610
+msgid "invalid notbefore value"
+msgstr "malvalida valoro notafter"
+
+#: gram.y:618
+msgid "invalid notafter value"
+msgstr "validiga valoro notafter"
+
+#: gram.y:627 plugins/sudoers/policy.c:313
+msgid "timeout value too large"
+msgstr "eksvalidiĝo-valoro tro grandas"
+
+#: gram.y:629 plugins/sudoers/policy.c:315
+msgid "invalid timeout value"
+msgstr "malvalida eksvalidiĝo-valoro"
+
+#: gram.y:1296 plugins/sudoers/auth/pam.c:349 plugins/sudoers/auth/pam.c:519
+#: plugins/sudoers/auth/rfc1938.c:109 plugins/sudoers/cvtsudoers.c:116
+#: plugins/sudoers/cvtsudoers.c:156 plugins/sudoers/cvtsudoers.c:173
+#: plugins/sudoers/cvtsudoers.c:184 plugins/sudoers/cvtsudoers.c:277
+#: plugins/sudoers/cvtsudoers.c:404 plugins/sudoers/cvtsudoers.c:537
+#: plugins/sudoers/cvtsudoers.c:554 plugins/sudoers/cvtsudoers.c:660
+#: plugins/sudoers/cvtsudoers.c:773 plugins/sudoers/cvtsudoers.c:780
+#: plugins/sudoers/cvtsudoers.c:1186 plugins/sudoers/cvtsudoers.c:1190
+#: plugins/sudoers/cvtsudoers.c:1290 plugins/sudoers/cvtsudoers_ldif.c:146
+#: plugins/sudoers/cvtsudoers_ldif.c:188 plugins/sudoers/cvtsudoers_ldif.c:235
+#: plugins/sudoers/cvtsudoers_ldif.c:254 plugins/sudoers/cvtsudoers_ldif.c:324
+#: plugins/sudoers/cvtsudoers_ldif.c:379 plugins/sudoers/cvtsudoers_ldif.c:387
+#: plugins/sudoers/cvtsudoers_ldif.c:404 plugins/sudoers/cvtsudoers_ldif.c:413
+#: plugins/sudoers/cvtsudoers_ldif.c:559 plugins/sudoers/cvtsudoers_ldif.c:752
+#: plugins/sudoers/cvtsudoers_ldif.c:779 plugins/sudoers/cvtsudoers_ldif.c:847
+#: plugins/sudoers/cvtsudoers_ldif.c:854 plugins/sudoers/cvtsudoers_ldif.c:859
+#: plugins/sudoers/cvtsudoers_ldif.c:935 plugins/sudoers/cvtsudoers_ldif.c:946
+#: plugins/sudoers/cvtsudoers_ldif.c:952 plugins/sudoers/cvtsudoers_ldif.c:977
+#: plugins/sudoers/cvtsudoers_ldif.c:989 plugins/sudoers/cvtsudoers_ldif.c:993
+#: plugins/sudoers/cvtsudoers_ldif.c:1007
+#: plugins/sudoers/cvtsudoers_ldif.c:1176
+#: plugins/sudoers/cvtsudoers_ldif.c:1207
+#: plugins/sudoers/cvtsudoers_ldif.c:1232
+#: plugins/sudoers/cvtsudoers_ldif.c:1261
+#: plugins/sudoers/cvtsudoers_ldif.c:1311
+#: plugins/sudoers/cvtsudoers_ldif.c:1357
+#: plugins/sudoers/cvtsudoers_ldif.c:1367 plugins/sudoers/defaults.c:656
+#: plugins/sudoers/defaults.c:952 plugins/sudoers/defaults.c:1123
+#: plugins/sudoers/editor.c:65 plugins/sudoers/editor.c:83
+#: plugins/sudoers/editor.c:94 plugins/sudoers/env.c:233
+#: plugins/sudoers/filedigest.c:61 plugins/sudoers/filedigest.c:77
+#: plugins/sudoers/gc.c:52 plugins/sudoers/group_plugin.c:131
+#: plugins/sudoers/interfaces.c:71 plugins/sudoers/iolog.c:938
+#: plugins/sudoers/iolog_path.c:167 plugins/sudoers/ldap.c:177
+#: plugins/sudoers/ldap.c:408 plugins/sudoers/ldap.c:412
+#: plugins/sudoers/ldap.c:424 plugins/sudoers/ldap.c:715
+#: plugins/sudoers/ldap.c:879 plugins/sudoers/ldap.c:1228
+#: plugins/sudoers/ldap.c:1654 plugins/sudoers/ldap.c:1691
+#: plugins/sudoers/ldap.c:1771 plugins/sudoers/ldap.c:1906
+#: plugins/sudoers/ldap.c:2007 plugins/sudoers/ldap.c:2023
+#: plugins/sudoers/ldap_conf.c:214 plugins/sudoers/ldap_conf.c:245
+#: plugins/sudoers/ldap_conf.c:297 plugins/sudoers/ldap_conf.c:333
+#: plugins/sudoers/ldap_conf.c:422 plugins/sudoers/ldap_conf.c:437
+#: plugins/sudoers/ldap_conf.c:533 plugins/sudoers/ldap_conf.c:566
+#: plugins/sudoers/ldap_conf.c:646 plugins/sudoers/ldap_conf.c:729
+#: plugins/sudoers/ldap_util.c:519 plugins/sudoers/ldap_util.c:575
+#: plugins/sudoers/linux_audit.c:76 plugins/sudoers/logging.c:190
+#: plugins/sudoers/logging.c:506 plugins/sudoers/logging.c:527
+#: plugins/sudoers/logging.c:567 plugins/sudoers/logging.c:1003
+#: plugins/sudoers/match.c:692 plugins/sudoers/match.c:739
+#: plugins/sudoers/match.c:781 plugins/sudoers/match.c:809
+#: plugins/sudoers/match.c:897 plugins/sudoers/match.c:976
+#: plugins/sudoers/parse.c:191 plugins/sudoers/parse.c:203
+#: plugins/sudoers/parse.c:218 plugins/sudoers/parse.c:230
+#: plugins/sudoers/policy.c:127 plugins/sudoers/policy.c:136
+#: plugins/sudoers/policy.c:145 plugins/sudoers/policy.c:171
+#: plugins/sudoers/policy.c:298 plugins/sudoers/policy.c:313
+#: plugins/sudoers/policy.c:315 plugins/sudoers/policy.c:341
+#: plugins/sudoers/policy.c:351 plugins/sudoers/policy.c:395
+#: plugins/sudoers/policy.c:405 plugins/sudoers/policy.c:414
+#: plugins/sudoers/policy.c:423 plugins/sudoers/policy.c:497
+#: plugins/sudoers/policy.c:739 plugins/sudoers/prompt.c:93
+#: plugins/sudoers/pwutil.c:191 plugins/sudoers/pwutil.c:263
+#: plugins/sudoers/pwutil.c:340 plugins/sudoers/pwutil.c:514
+#: plugins/sudoers/pwutil.c:580 plugins/sudoers/pwutil.c:650
+#: plugins/sudoers/pwutil.c:808 plugins/sudoers/pwutil.c:865
+#: plugins/sudoers/pwutil.c:910 plugins/sudoers/pwutil.c:968
+#: plugins/sudoers/set_perms.c:387 plugins/sudoers/set_perms.c:766
+#: plugins/sudoers/set_perms.c:1150 plugins/sudoers/set_perms.c:1476
+#: plugins/sudoers/set_perms.c:1641 plugins/sudoers/sssd.c:146
+#: plugins/sudoers/sssd.c:387 plugins/sudoers/sssd.c:450
+#: plugins/sudoers/sssd.c:494 plugins/sudoers/sssd.c:541
+#: plugins/sudoers/sssd.c:732 plugins/sudoers/stubs.c:96
+#: plugins/sudoers/stubs.c:104 plugins/sudoers/sudoers.c:265
+#: plugins/sudoers/sudoers.c:275 plugins/sudoers/sudoers.c:283
+#: plugins/sudoers/sudoers.c:325 plugins/sudoers/sudoers.c:648
+#: plugins/sudoers/sudoers.c:774 plugins/sudoers/sudoers.c:818
+#: plugins/sudoers/sudoers.c:1092 plugins/sudoers/sudoers_debug.c:106
+#: plugins/sudoers/sudoreplay.c:1265 plugins/sudoers/sudoreplay.c:1377
+#: plugins/sudoers/sudoreplay.c:1417 plugins/sudoers/sudoreplay.c:1426
+#: plugins/sudoers/sudoreplay.c:1436 plugins/sudoers/sudoreplay.c:1444
+#: plugins/sudoers/sudoreplay.c:1448 plugins/sudoers/sudoreplay.c:1604
+#: plugins/sudoers/sudoreplay.c:1608 plugins/sudoers/testsudoers.c:125
+#: plugins/sudoers/testsudoers.c:215 plugins/sudoers/testsudoers.c:232
+#: plugins/sudoers/testsudoers.c:554 plugins/sudoers/timestamp.c:401
+#: plugins/sudoers/timestamp.c:445 plugins/sudoers/timestamp.c:923
+#: plugins/sudoers/toke_util.c:55 plugins/sudoers/toke_util.c:108
+#: plugins/sudoers/toke_util.c:145 plugins/sudoers/tsdump.c:125
+#: plugins/sudoers/visudo.c:145 plugins/sudoers/visudo.c:307
+#: plugins/sudoers/visudo.c:313 plugins/sudoers/visudo.c:423
+#: plugins/sudoers/visudo.c:601 plugins/sudoers/visudo.c:920
+#: plugins/sudoers/visudo.c:987 plugins/sudoers/visudo.c:1076 toke.l:847
+#: toke.l:948 toke.l:1105
+#, c-format
+msgid "%s: %s"
+msgstr "%s: %s"
+
+#: plugins/sudoers/alias.c:140
+#, c-format
+msgid "Alias \"%s\" already defined"
+msgstr "Kromnomo \"%s\" jam ekzistas"
+
+#: plugins/sudoers/auth/bsdauth.c:68
+#, c-format
+msgid "unable to get login class for user %s"
+msgstr "ne eblas akiri ensalutan klason por uzanto %s"
+
+#: plugins/sudoers/auth/bsdauth.c:73
+msgid "unable to begin bsd authentication"
+msgstr "ne eblas komenci bsd-aŭtentikigon"
+
+#: plugins/sudoers/auth/bsdauth.c:81
+msgid "invalid authentication type"
+msgstr "malvalida aŭtentikiga tipo"
+
+#: plugins/sudoers/auth/bsdauth.c:90
+msgid "unable to initialize BSD authentication"
+msgstr "ne eblas komenci BSD-aŭtentikigon"
+
+#: plugins/sudoers/auth/bsdauth.c:178
+msgid "your account has expired"
+msgstr "via konto ekzvalidiĝis"
+
+#: plugins/sudoers/auth/bsdauth.c:180
+msgid "approval failed"
+msgstr "aprobo malsukcesis"
+
+#: plugins/sudoers/auth/fwtk.c:52
+msgid "unable to read fwtk config"
+msgstr "ne eblas legi fwtk-agordon"
+
+#: plugins/sudoers/auth/fwtk.c:57
+msgid "unable to connect to authentication server"
+msgstr "ne eblas konektiĝi al aŭtentikiga servilo"
+
+#: plugins/sudoers/auth/fwtk.c:63 plugins/sudoers/auth/fwtk.c:87
+#: plugins/sudoers/auth/fwtk.c:119
+msgid "lost connection to authentication server"
+msgstr "konekto al aŭtentikiga servilo perdita"
+
+#: plugins/sudoers/auth/fwtk.c:67
+#, c-format
+msgid ""
+"authentication server error:\n"
+"%s"
+msgstr ""
+"eraro de aŭtentikiga servilo:\n"
+"%s"
+
+#: plugins/sudoers/auth/kerb5.c:111
+#, c-format
+msgid "%s: unable to convert principal to string ('%s'): %s"
+msgstr "%s ne eblas konverti ĉefon al ĉeno ('%s'): %s"
+
+#: plugins/sudoers/auth/kerb5.c:161
+#, c-format
+msgid "%s: unable to parse '%s': %s"
+msgstr "%s: ne eblas analizi: '%s': %s"
+
+#: plugins/sudoers/auth/kerb5.c:170
+#, c-format
+msgid "%s: unable to resolve credential cache: %s"
+msgstr "%s: ne eblas trovi ccache-on: %s"
+
+#: plugins/sudoers/auth/kerb5.c:217
+#, c-format
+msgid "%s: unable to allocate options: %s"
+msgstr "%s: ne eblas generi elektojn: %s"
+
+#: plugins/sudoers/auth/kerb5.c:232
+#, c-format
+msgid "%s: unable to get credentials: %s"
+msgstr "%s: ne eblas akiri atestilojn: %s"
+
+#: plugins/sudoers/auth/kerb5.c:245
+#, c-format
+msgid "%s: unable to initialize credential cache: %s"
+msgstr "%s: ne eblas ekigi atestilan kaŝmemoron: %s"
+
+#: plugins/sudoers/auth/kerb5.c:248
+#, c-format
+msgid "%s: unable to store credential in cache: %s"
+msgstr "%s: ne eblas konservi atestilon en kaŝmemoro: %s"
+
+#: plugins/sudoers/auth/kerb5.c:312
+#, c-format
+msgid "%s: unable to get host principal: %s"
+msgstr "%s: ne eblas atingi gastiganton ĉefan: %s"
+
+#: plugins/sudoers/auth/kerb5.c:326
+#, c-format
+msgid "%s: Cannot verify TGT! Possible attack!: %s"
+msgstr "%s: Ne eblas kontroli TGT! Ebla atako!: %s"
+
+#: plugins/sudoers/auth/pam.c:108
+msgid "unable to initialize PAM"
+msgstr "ne eblas ekigi PAM"
+
+#: plugins/sudoers/auth/pam.c:199
+#, c-format
+msgid "PAM authentication error: %s"
+msgstr "eraro de aŭtentikiga servilo: %s"
+
+#: plugins/sudoers/auth/pam.c:216
+msgid "account validation failure, is your account locked?"
+msgstr "malsukceso ĉe konta validigo, ĉu via konto estas ŝlosita?"
+
+#: plugins/sudoers/auth/pam.c:224
+msgid "Account or password is expired, reset your password and try again"
+msgstr "Konto aŭ pasvorto eksvalidiĝis, restarigu vian pasvorton kaj reprovu"
+
+#: plugins/sudoers/auth/pam.c:233
+#, c-format
+msgid "unable to change expired password: %s"
+msgstr "ne eblas ŝanĝi eksvalidan pasvorton: %s"
+
+#: plugins/sudoers/auth/pam.c:241
+msgid "Password expired, contact your system administrator"
+msgstr "Pasvorto eksvalidiĝis, kontaktu vian sistemestron"
+
+#: plugins/sudoers/auth/pam.c:245
+msgid "Account expired or PAM config lacks an \"account\" section for sudo, contact your system administrator"
+msgstr "Konto eksvalidiĝis aŭ PAM-agordon malhavas sekcion \"account\" por sudo, kontaktu vian sistemestron"
+
+#: plugins/sudoers/auth/pam.c:252 plugins/sudoers/auth/pam.c:257
+#, c-format
+msgid "PAM account management error: %s"
+msgstr "eraro de administro de konto PAM: %s"
+
+#: plugins/sudoers/auth/rfc1938.c:97 plugins/sudoers/visudo.c:227
+#, c-format
+msgid "you do not exist in the %s database"
+msgstr "vi ne ekzistas en la datumbazo %s"
+
+#: plugins/sudoers/auth/securid5.c:73
+msgid "failed to initialise the ACE API library"
+msgstr "malsukcesis ekigi la bibliotekon de la API ACE"
+
+#: plugins/sudoers/auth/securid5.c:99
+msgid "unable to contact the SecurID server"
+msgstr "ne eblas kontakti la servilon de SecurID"
+
+#: plugins/sudoers/auth/securid5.c:108
+msgid "User ID locked for SecurID Authentication"
+msgstr "Uzanto-identigilo ŝlosita pro Aŭtentikigo SecurID"
+
+#: plugins/sudoers/auth/securid5.c:112 plugins/sudoers/auth/securid5.c:163
+msgid "invalid username length for SecurID"
+msgstr "malvalida salutnoma longo por SecurID"
+
+#: plugins/sudoers/auth/securid5.c:116 plugins/sudoers/auth/securid5.c:168
+msgid "invalid Authentication Handle for SecurID"
+msgstr "malvalida Aŭtentikiga Traktilo por SecurID"
+
+#: plugins/sudoers/auth/securid5.c:120
+msgid "SecurID communication failed"
+msgstr "Komunikiĝo kun SecurID malsukcesis"
+
+#: plugins/sudoers/auth/securid5.c:124 plugins/sudoers/auth/securid5.c:213
+msgid "unknown SecurID error"
+msgstr "nekonata SecurID-eraro"
+
+#: plugins/sudoers/auth/securid5.c:158
+msgid "invalid passcode length for SecurID"
+msgstr "malvalida paskoda longo por SecurID"
+
+#: plugins/sudoers/auth/sia.c:69 plugins/sudoers/auth/sia.c:124
+msgid "unable to initialize SIA session"
+msgstr "ne eblas ekigi SIA-seascon"
+
+#: plugins/sudoers/auth/sudo_auth.c:131
+msgid "invalid authentication methods"
+msgstr "malvalidaj aŭtentikigaj metodoj"
+
+#: plugins/sudoers/auth/sudo_auth.c:133
+msgid "Invalid authentication methods compiled into sudo!  You may not mix standalone and non-standalone authentication."
+msgstr "Nevalidaj aŭtentikigaj metodoj kompilitaj en sudo! Vi ne rajtas miksi dependan kaj sendependan aŭtentikigon."
+
+#: plugins/sudoers/auth/sudo_auth.c:254 plugins/sudoers/auth/sudo_auth.c:304
+msgid "no authentication methods"
+msgstr "neniu aŭtentikiga metodo"
+
+#: plugins/sudoers/auth/sudo_auth.c:256
+msgid "There are no authentication methods compiled into sudo!  If you want to turn off authentication, use the --disable-authentication configure option."
+msgstr "Ekzistas neniaj aŭtentikigaj metodoj kompilitaj en sudo! Se vi volas malŝalti aŭtentikigon, uzu la agordan parametron --disable-authentication."
+
+#: plugins/sudoers/auth/sudo_auth.c:306
+msgid "Unable to initialize authentication methods."
+msgstr "ne eblas komenci BSD-aŭtentikigajn metodojn."
+
+#: plugins/sudoers/auth/sudo_auth.c:472
+msgid "Authentication methods:"
+msgstr "Aŭtentikigaj metodoj:"
+
+#: plugins/sudoers/bsm_audit.c:120 plugins/sudoers/bsm_audit.c:211
+msgid "Could not determine audit condition"
+msgstr "Ne eblis determini revizian kondiĉon"
+
+#: plugins/sudoers/bsm_audit.c:183 plugins/sudoers/bsm_audit.c:273
+msgid "unable to commit audit record"
+msgstr "ne eblis konservi revizian rikordon"
+
+#: plugins/sudoers/check.c:262
+msgid ""
+"\n"
+"We trust you have received the usual lecture from the local System\n"
+"Administrator. It usually boils down to these three things:\n"
+"\n"
+"    #1) Respect the privacy of others.\n"
+"    #2) Think before you type.\n"
+"    #3) With great power comes great responsibility.\n"
+"\n"
+msgstr ""
+"\n"
+"Ni fidas, ke vi ricevis la kutiman prelegon fare de la sistemestro.\n"
+"Resume memoru la jenajn:\n"
+"\n"
+"    #1) Estimu la privatecon de aliaj.\n"
+"    #2) Pensu antaŭ ol tajpi.\n"
+"    #3) Granda povo devigas grandan responson.\n"
+"\n"
+
+#: plugins/sudoers/check.c:305 plugins/sudoers/check.c:315
+#: plugins/sudoers/sudoers.c:691 plugins/sudoers/sudoers.c:736
+#: plugins/sudoers/tsdump.c:121
+#, c-format
+msgid "unknown uid: %u"
+msgstr "nekonata uid: %u"
+
+#: plugins/sudoers/check.c:310 plugins/sudoers/iolog.c:257
+#: plugins/sudoers/policy.c:912 plugins/sudoers/sudoers.c:1131
+#: plugins/sudoers/testsudoers.c:206 plugins/sudoers/testsudoers.c:366
+#, c-format
+msgid "unknown user: %s"
+msgstr "nekonata uzanto: %s"
+
+#: plugins/sudoers/cvtsudoers.c:191
+#, c-format
+msgid "order increment: %s: %s"
+msgstr "alkremento de ordo: %s: %s"
+
+#: plugins/sudoers/cvtsudoers.c:207
+#, c-format
+msgid "starting order: %s: %s"
+msgstr "komenca ordo: %s: %s"
+
+#: plugins/sudoers/cvtsudoers.c:218 plugins/sudoers/sudoreplay.c:310
+#: plugins/sudoers/visudo.c:177
+#, c-format
+msgid "%s version %s\n"
+msgstr "%s eldono %s\n"
+
+#: plugins/sudoers/cvtsudoers.c:220 plugins/sudoers/visudo.c:179
+#, c-format
+msgid "%s grammar version %d\n"
+msgstr "%s gramatika eldono %d\n"
+
+#: plugins/sudoers/cvtsudoers.c:237
+#, c-format
+msgid "unsupported input format %s"
+msgstr "nesubtenata enig-formo %s"
+
+#: plugins/sudoers/cvtsudoers.c:252
+#, c-format
+msgid "unsupported output format %s"
+msgstr "nesubtenata elig-formo %s"
+
+#: plugins/sudoers/cvtsudoers.c:292
+#, c-format
+msgid "%s: input and output files must be different"
+msgstr "%s: eliga kaj eniga dosieroj devas esti malsamaj"
+
+#: plugins/sudoers/cvtsudoers.c:308 plugins/sudoers/sudoers.c:168
+#: plugins/sudoers/testsudoers.c:245 plugins/sudoers/visudo.c:233
+#: plugins/sudoers/visudo.c:589 plugins/sudoers/visudo.c:911
+msgid "unable to initialize sudoers default values"
+msgstr "%s: ne eblas ekigi aŭtomatajn valorojn de sudoers"
+
+#: plugins/sudoers/cvtsudoers.c:393 plugins/sudoers/ldap_conf.c:412
+#, c-format
+msgid "%s: %s: %s: %s"
+msgstr "%s: %s: %s: %s"
+
+#: plugins/sudoers/cvtsudoers.c:452
+#, c-format
+msgid "%s: unknown key word: %s"
+msgstr "%s: nekonata ŝlosilvorto: %s"
+
+#: plugins/sudoers/cvtsudoers.c:498
+#, c-format
+msgid "invalid defaults type: %s"
+msgstr "malvalida defaŭlto-tipo: %s"
+
+#: plugins/sudoers/cvtsudoers.c:521
+#, c-format
+msgid "invalid suppression type: %s"
+msgstr "malvalida demeto-tipo: %s"
+
+#: plugins/sudoers/cvtsudoers.c:561 plugins/sudoers/cvtsudoers.c:575
+#, c-format
+msgid "invalid filter: %s"
+msgstr "malvalida filtro: %s"
+
+#: plugins/sudoers/cvtsudoers.c:653 plugins/sudoers/cvtsudoers.c:1250
+#: plugins/sudoers/cvtsudoers_json.c:1113
+#: plugins/sudoers/cvtsudoers_ldif.c:627
+#: plugins/sudoers/cvtsudoers_ldif.c:1163 plugins/sudoers/iolog.c:415
+#: plugins/sudoers/sudoers.c:898 plugins/sudoers/sudoreplay.c:356
+#: plugins/sudoers/sudoreplay.c:1366 plugins/sudoers/sudoreplay.c:1570
+#: plugins/sudoers/timestamp.c:410 plugins/sudoers/tsdump.c:130
+#: plugins/sudoers/visudo.c:907
+#, c-format
+msgid "unable to open %s"
+msgstr "ne eblas malfermi: %s"
+
+#: plugins/sudoers/cvtsudoers.c:656 plugins/sudoers/visudo.c:916
+#, c-format
+msgid "failed to parse %s file, unknown error"
+msgstr "malsukcesis analizi dosieron %s, nekonata eraro"
+
+#: plugins/sudoers/cvtsudoers.c:664 plugins/sudoers/visudo.c:933
+#, c-format
+msgid "parse error in %s near line %d\n"
+msgstr "analiza eraro en %s proksime al linio %d\n"
+
+#: plugins/sudoers/cvtsudoers.c:667 plugins/sudoers/visudo.c:936
+#, c-format
+msgid "parse error in %s\n"
+msgstr "analiza eraro en %s\n"
+
+#: plugins/sudoers/cvtsudoers.c:1297 plugins/sudoers/iolog.c:502
+#: plugins/sudoers/sudoreplay.c:1135 plugins/sudoers/timestamp.c:294
+#: plugins/sudoers/timestamp.c:297
+#, c-format
+msgid "unable to write to %s"
+msgstr "ne eblas skribi al %s"
+
+#: plugins/sudoers/cvtsudoers.c:1320
+#, c-format
+msgid ""
+"%s - convert between sudoers file formats\n"
+"\n"
+msgstr ""
+"%s - konverti inter dosierformoj de sudoers\n"
+"\n"
+
+#: plugins/sudoers/cvtsudoers.c:1322
+msgid ""
+"\n"
+"Options:\n"
+"  -b, --base=dn              the base DN for sudo LDAP queries\n"
+"  -d, --defaults=deftypes    only convert Defaults of the specified types\n"
+"  -e, --expand-aliases       expand aliases when converting\n"
+"  -f, --output-format=format set output format: JSON, LDIF or sudoers\n"
+"  -i, --input-format=format  set input format: LDIF or sudoers\n"
+"  -I, --increment=num        amount to increase each sudoOrder by\n"
+"  -h, --help                 display help message and exit\n"
+"  -m, --match=filter         only convert entries that match the filter\n"
+"  -M, --match-local          match filter uses passwd and group databases\n"
+"  -o, --output=output_file   write converted sudoers to output_file\n"
+"  -O, --order-start=num      starting point for first sudoOrder\n"
+"  -p, --prune-matches        prune non-matching users, groups and hosts\n"
+"  -s, --suppress=sections    suppress output of certain sections\n"
+"  -V, --version              display version information and exit"
+msgstr ""
+"\n"
+"Modifiloj:\n"
+"  -b, --base=dn              la baza DN por petoj de sudo LDAP\n"
+"  -d, --defaults=deftipoj    nur konverti Defaŭltoj el la indikitaj tipoj\n"
+"  -e, --expand-aliases       disvolvigi kromnomojn dum konverto\n"
+"  -f, --output-format=formo  difini elig-formon: JSON, LDIF aŭ sudoers\n"
+"  -i, --input-format=formo   difini enig-formon: LDIF aŭ sudoers\n"
+"  -I, --increment=num        kiom alkrementi po ĉiu sudoOrder\n"
+"  -h, --help                 montri helpmesaĝo kaj eliri\n"
+"  -m, --match=filtro         nur konverti enigojn kiuj akordas al la filtro\n"
+"  -M, --match-local          akordo-filtro uzas datumbazojn de passwd kaj de group\n"
+"  -o, --output=elig_dosiero  skribi konvertitan sudoers al elig-dosiero\n"
+"  -O, --order-start=num      ekpunkto por la unua sudoOrder\n"
+"  -p, --prune-matches        pritondi nekongruantajn uzantojn, grupojn kaj gastigantojn\n"
+"  -s, --suppress=sekcioj     demeti eligon el kelkaj sekcioj\n"
+"  -V, --version              montri informon pri versio kaj eliri"
+
+#: plugins/sudoers/cvtsudoers_json.c:673 plugins/sudoers/cvtsudoers_json.c:708
+#: plugins/sudoers/cvtsudoers_json.c:924
+#, c-format
+msgid "unknown defaults entry \"%s\""
+msgstr "nekonata ero \"%s\" en defaults"
+
+#: plugins/sudoers/cvtsudoers_json.c:844 plugins/sudoers/cvtsudoers_json.c:859
+#: plugins/sudoers/cvtsudoers_ldif.c:299 plugins/sudoers/cvtsudoers_ldif.c:310
+#: plugins/sudoers/ldap.c:474
+msgid "unable to get GMT time"
+msgstr "ne eblas atingi GMT-tempon"
+
+#: plugins/sudoers/cvtsudoers_json.c:847 plugins/sudoers/cvtsudoers_json.c:862
+#: plugins/sudoers/cvtsudoers_ldif.c:302 plugins/sudoers/cvtsudoers_ldif.c:313
+#: plugins/sudoers/ldap.c:480
+msgid "unable to format timestamp"
+msgstr "ne eblas aranĝi tempo-indikilon"
+
+#: plugins/sudoers/cvtsudoers_ldif.c:517 plugins/sudoers/env.c:295
+#: plugins/sudoers/env.c:302 plugins/sudoers/env.c:407
+#: plugins/sudoers/ldap.c:488 plugins/sudoers/ldap.c:719
+#: plugins/sudoers/ldap.c:1046 plugins/sudoers/ldap_conf.c:218
+#: plugins/sudoers/ldap_conf.c:308 plugins/sudoers/linux_audit.c:82
+#: plugins/sudoers/logging.c:1008 plugins/sudoers/policy.c:618
+#: plugins/sudoers/policy.c:628 plugins/sudoers/prompt.c:161
+#: plugins/sudoers/sudoers.c:840 plugins/sudoers/testsudoers.c:236
+#: plugins/sudoers/toke_util.c:157
+#, c-format
+msgid "internal error, %s overflow"
+msgstr "interna eraro, troo en %s"
+
+#: plugins/sudoers/cvtsudoers_ldif.c:622
+msgid "the SUDOERS_BASE environment variable is not set and the -b option was not specified."
+msgstr "la medivariablo SUDOERS_BASE ne estas difinita kaj la modifilo -b ne estis indikata."
+
+#: plugins/sudoers/cvtsudoers_ldif.c:757
+#, c-format
+msgid "ignoring invalid attribute value: %s"
+msgstr "ni preteratentas malvalidan atribut-valoron: %s"
+
+#: plugins/sudoers/cvtsudoers_ldif.c:1197
+#, c-format
+msgid "ignoring incomplete sudoRole: cn: %s"
+msgstr "ni preteratentas malkompletan sudoRole: cn: %s"
+
+#: plugins/sudoers/cvtsudoers_ldif.c:1349 plugins/sudoers/ldap.c:1778
+#, c-format
+msgid "invalid sudoOrder attribute: %s"
+msgstr "malvalida atributo de sudoOrder: %s"
+
+#: plugins/sudoers/def_data.c:42
+#, c-format
+msgid "Syslog facility if syslog is being used for logging: %s"
+msgstr "Syslog-trajto se syslog estas uzata por protokoli: %s"
+
+#: plugins/sudoers/def_data.c:46
+#, c-format
+msgid "Syslog priority to use when user authenticates successfully: %s"
+msgstr "Syslog-prioritato por uzi, kiam uzanto sukcese aŭtentikiĝas: %s"
+
+#: plugins/sudoers/def_data.c:50
+#, c-format
+msgid "Syslog priority to use when user authenticates unsuccessfully: %s"
+msgstr "Syslog-prioritato por uzi kiam uzanto malsukcese aŭtentikigas: %s"
+
+#: plugins/sudoers/def_data.c:54
+msgid "Put OTP prompt on its own line"
+msgstr "Meti OTP-demandilon en sia propra linio"
+
+#: plugins/sudoers/def_data.c:58
+msgid "Ignore '.' in $PATH"
+msgstr "Ignoro punkton en $PATH"
+
+#: plugins/sudoers/def_data.c:62
+msgid "Always send mail when sudo is run"
+msgstr "Ĉiam sendi retmesaĝon kiam sudo plenumiĝas"
+
+#: plugins/sudoers/def_data.c:66
+msgid "Send mail if user authentication fails"
+msgstr "Sendi retmesaĝon se uzanto-aŭtentikiĝo malsukcesas"
+
+#: plugins/sudoers/def_data.c:70
+msgid "Send mail if the user is not in sudoers"
+msgstr "Sendi retmesaĝon se la uzanto ne estas en sudoers"
+
+#: plugins/sudoers/def_data.c:74
+msgid "Send mail if the user is not in sudoers for this host"
+msgstr "Sendi retmesaĝon se la uzanto ne estas en sudors por la gastiganto"
+
+#: plugins/sudoers/def_data.c:78
+msgid "Send mail if the user is not allowed to run a command"
+msgstr "Sendi retmesaĝon se la uzanto ne estas permesata plenumigi komandon"
+
+#: plugins/sudoers/def_data.c:82
+msgid "Send mail if the user tries to run a command"
+msgstr "Sendi retmesaĝon se la uzanto provi plenumigi komandon"
+
+#: plugins/sudoers/def_data.c:86
+msgid "Use a separate timestamp for each user/tty combo"
+msgstr "Uzi apartan tempo-indikilon por ĉiu uzanto/tty-kombino"
+
+#: plugins/sudoers/def_data.c:90
+msgid "Lecture user the first time they run sudo"
+msgstr "Averti uzanton dum la unua fojo ĝi plenumigas je sudo"
+
+#: plugins/sudoers/def_data.c:94
+#, c-format
+msgid "File containing the sudo lecture: %s"
+msgstr "Dosiero havanta la sudo-averton: %s"
+
+#: plugins/sudoers/def_data.c:98
+msgid "Require users to authenticate by default"
+msgstr "Postulas, ke uzantoj aŭtentikiĝu aŭtomate"
+
+#: plugins/sudoers/def_data.c:102
+msgid "Root may run sudo"
+msgstr "Ĉefuzanto rajtas plenumigi: sudo"
+
+#: plugins/sudoers/def_data.c:106
+msgid "Log the hostname in the (non-syslog) log file"
+msgstr "Protokoli la gastignomon en la (ne syslog) protokolo"
+
+#: plugins/sudoers/def_data.c:110
+msgid "Log the year in the (non-syslog) log file"
+msgstr "Protokoli la jaron en la (ne syslog) protokolo"
+
+#: plugins/sudoers/def_data.c:114
+msgid "If sudo is invoked with no arguments, start a shell"
+msgstr "Se sudo estas vokata kun neniuj parametroj, komencu ŝelon"
+
+#: plugins/sudoers/def_data.c:118
+msgid "Set $HOME to the target user when starting a shell with -s"
+msgstr "Valorizi medivariablon $HOME al la cela uzanto dum komenci ŝelon kun -s"
+
+#: plugins/sudoers/def_data.c:122
+msgid "Always set $HOME to the target user's home directory"
+msgstr "Ĉiam valorizi medivariablon $HOME al la hejma dosierujo de la cela uzanto"
+
+#: plugins/sudoers/def_data.c:126
+msgid "Allow some information gathering to give useful error messages"
+msgstr "Permesi, ke iu informokolektado por doni utilajn eraromesaĝojn"
+
+#: plugins/sudoers/def_data.c:130
+msgid "Require fully-qualified hostnames in the sudoers file"
+msgstr "Postuli tute kvalifikitajn gastiganto-nomojn en la dosiero sudoers"
+
+#: plugins/sudoers/def_data.c:134
+msgid "Insult the user when they enter an incorrect password"
+msgstr "Insulti la uzanton, kiam si enmetas malĝustan pasvorton"
+
+#: plugins/sudoers/def_data.c:138
+msgid "Only allow the user to run sudo if they have a tty"
+msgstr "Nur permesi, ke uzanto plenumigu sudo-on se si havas tty-on"
+
+#: plugins/sudoers/def_data.c:142
+msgid "Visudo will honor the EDITOR environment variable"
+msgstr "Visudo honoru la medivariablon EDITOR"
+
+#: plugins/sudoers/def_data.c:146
+msgid "Prompt for root's password, not the users's"
+msgstr "Peti la ĉefuzantan pasvorton, ne la uzanto-pasvorton"
+
+#: plugins/sudoers/def_data.c:150
+msgid "Prompt for the runas_default user's password, not the users's"
+msgstr "Peti la pasvorton de runas_default, ne de la uzanto"
+
+#: plugins/sudoers/def_data.c:154
+msgid "Prompt for the target user's password, not the users's"
+msgstr "Peti la pasvorton de la cela uzanto, ne la nuna uzanto"
+
+#: plugins/sudoers/def_data.c:158
+msgid "Apply defaults in the target user's login class if there is one"
+msgstr "Apliki aŭtomataĵojn en la ensaluta klaso de la cela uzanto, se ĝi ekzistas"
+
+#: plugins/sudoers/def_data.c:162
+msgid "Set the LOGNAME and USER environment variables"
+msgstr "Valorizi la medivariablojn LOGNAME kaj USER"
+
+#: plugins/sudoers/def_data.c:166
+msgid "Only set the effective uid to the target user, not the real uid"
+msgstr "Nur valorizi la efikan uid-on al la cela uzanto, ne la realan uid-on"
+
+#: plugins/sudoers/def_data.c:170
+msgid "Don't initialize the group vector to that of the target user"
+msgstr "Ne ekigi la grupon vektoron al tio de la cela uzanto"
+
+#: plugins/sudoers/def_data.c:174
+#, c-format
+msgid "Length at which to wrap log file lines (0 for no wrap): %u"
+msgstr "Longo je kiu linfaldi la protokol-dosieraj linioj (0 por senfalda): %u"
+
+#: plugins/sudoers/def_data.c:178
+#, c-format
+msgid "Authentication timestamp timeout: %.1f minutes"
+msgstr "Eksvalidiĝo de la aŭtentikiga tempo-indikilo: %.1f minutoj"
+
+#: plugins/sudoers/def_data.c:182
+#, c-format
+msgid "Password prompt timeout: %.1f minutes"
+msgstr "Eksvalidiĝo de la pasvortilo: %.1f minutoj"
+
+#: plugins/sudoers/def_data.c:186
+#, c-format
+msgid "Number of tries to enter a password: %u"
+msgstr "Nombro da provoj por enmeti pasvorton: %u"
+
+#: plugins/sudoers/def_data.c:190
+#, c-format
+msgid "Umask to use or 0777 to use user's: 0%o"
+msgstr "Umask uzi aŭ 07777 por uzi uzanton: 0%o"
+
+#: plugins/sudoers/def_data.c:194
+#, c-format
+msgid "Path to log file: %s"
+msgstr "Vojo al protokolo: %s"
+
+#: plugins/sudoers/def_data.c:198
+#, c-format
+msgid "Path to mail program: %s"
+msgstr "Vojo al retpoŝtilo: %s"
+
+#: plugins/sudoers/def_data.c:202
+#, c-format
+msgid "Flags for mail program: %s"
+msgstr "Parametroj por retpoŝtilo: %s"
+
+#: plugins/sudoers/def_data.c:206
+#, c-format
+msgid "Address to send mail to: %s"
+msgstr "Retpoŝtadreso adresata: %s"
+
+#: plugins/sudoers/def_data.c:210
+#, c-format
+msgid "Address to send mail from: %s"
+msgstr "Retpoŝtadreso adresanta: %s"
+
+#: plugins/sudoers/def_data.c:214
+#, c-format
+msgid "Subject line for mail messages: %s"
+msgstr "Subjekta linio por ĉiuj mesaĝoj: %s"
+
+#: plugins/sudoers/def_data.c:218
+#, c-format
+msgid "Incorrect password message: %s"
+msgstr "Neĝusta pasvorta mesaĝo: %s"
+
+#: plugins/sudoers/def_data.c:222
+#, c-format
+msgid "Path to lecture status dir: %s"
+msgstr "Vojo al dosierujo de prelega stato: %s"
+
+#: plugins/sudoers/def_data.c:226
+#, c-format
+msgid "Path to authentication timestamp dir: %s"
+msgstr "Vojo al dosierujo de aŭtentikiga tempo-indikilo: %s"
+
+#: plugins/sudoers/def_data.c:230
+#, c-format
+msgid "Owner of the authentication timestamp dir: %s"
+msgstr "Estro de la dosierujo de aŭtentikiga tempo-indikilo: %s"
+
+#: plugins/sudoers/def_data.c:234
+#, c-format
+msgid "Users in this group are exempt from password and PATH requirements: %s"
+msgstr "Uzantoj en la grupo en devas plenumi la postulojn de pasvorto kaj PATH: %s"
+
+#: plugins/sudoers/def_data.c:238
+#, c-format
+msgid "Default password prompt: %s"
+msgstr "Defaŭlta pasvorta peto: %s"
+
+#: plugins/sudoers/def_data.c:242
+msgid "If set, passprompt will override system prompt in all cases."
+msgstr "Se aktivigita, passprompt superregas sistemajn invitojn ĉiuokaze."
+
+#: plugins/sudoers/def_data.c:246
+#, c-format
+msgid "Default user to run commands as: %s"
+msgstr "Defaŭlta uzanto por plenumigi komandojn: %s"
+
+#: plugins/sudoers/def_data.c:250
+#, c-format
+msgid "Value to override user's $PATH with: %s"
+msgstr "Valoro per kiu superregi la PATH-on de uzanto: %s"
+
+#: plugins/sudoers/def_data.c:254
+#, c-format
+msgid "Path to the editor for use by visudo: %s"
+msgstr "Vojo al la tekstoredaktilo uzota de visudo: %s"
+
+#: plugins/sudoers/def_data.c:258
+#, c-format
+msgid "When to require a password for 'list' pseudocommand: %s"
+msgstr "Kiam postuli pasvorton por la pseŭdokomando 'list': %s"
+
+#: plugins/sudoers/def_data.c:262
+#, c-format
+msgid "When to require a password for 'verify' pseudocommand: %s"
+msgstr "Kiam postuli pasvorton por la pseŭdokamando 'verify': %s"
+
+#: plugins/sudoers/def_data.c:266
+msgid "Preload the dummy exec functions contained in the sudo_noexec library"
+msgstr "Anstaŭŝargi la falsan exec-funkciojn enhavatajn en la biblioteko sudo_noexec"
+
+#: plugins/sudoers/def_data.c:270
+msgid "If LDAP directory is up, do we ignore local sudoers file"
+msgstr "Se LDAP-dosierujo estas aktiva, ni ignoru la lokan suders-dosieron"
+
+#: plugins/sudoers/def_data.c:274
+#, c-format
+msgid "File descriptors >= %d will be closed before executing a command"
+msgstr "Dosiero-priskribiloj >= %d fermiĝos antaŭ ol plenumigi komandon"
+
+#: plugins/sudoers/def_data.c:278
+msgid "If set, users may override the value of `closefrom' with the -C option"
+msgstr "Se aktiva, uzantoj rajtas superregi la voloron de 'closefrom' per la parametro -C"
+
+#: plugins/sudoers/def_data.c:282
+msgid "Allow users to set arbitrary environment variables"
+msgstr "Permesi, ke uzantoj valorizu arbitrajn medivariablojn"
+
+#: plugins/sudoers/def_data.c:286
+msgid "Reset the environment to a default set of variables"
+msgstr "Restarigi la medion al apriora aro da variabloj"
+
+#: plugins/sudoers/def_data.c:290
+msgid "Environment variables to check for sanity:"
+msgstr "Medivariabloj por kontroli por sano:"
+
+#: plugins/sudoers/def_data.c:294
+msgid "Environment variables to remove:"
+msgstr "Medivariabloj por forigi:"
+
+#: plugins/sudoers/def_data.c:298
+msgid "Environment variables to preserve:"
+msgstr "Medivariabloj konservi:"
+
+#: plugins/sudoers/def_data.c:302
+#, c-format
+msgid "SELinux role to use in the new security context: %s"
+msgstr "SELinux-rolo por uzi en la nova sekureca kunteksto: %s"
+
+#: plugins/sudoers/def_data.c:306
+#, c-format
+msgid "SELinux type to use in the new security context: %s"
+msgstr "SELinux-tipo por uzi en la nova sekureca kunteksto: %s"
+
+#: plugins/sudoers/def_data.c:310
+#, c-format
+msgid "Path to the sudo-specific environment file: %s"
+msgstr "Vojo al media dosiero specifa al sudo: %s"
+
+#: plugins/sudoers/def_data.c:314
+#, c-format
+msgid "Path to the restricted sudo-specific environment file: %s"
+msgstr "Vojo al la neatingebla sudo-specifa medio-dosiero: %s"
+
+#: plugins/sudoers/def_data.c:318
+#, c-format
+msgid "Locale to use while parsing sudoers: %s"
+msgstr "Lokaĵaro por uzi dum analizi dosieron sudoers: %s"
+
+#: plugins/sudoers/def_data.c:322
+msgid "Allow sudo to prompt for a password even if it would be visible"
+msgstr "Permesi, ke sudo peti pasvorton eĉ se ĝi estus videbla"
+
+#: plugins/sudoers/def_data.c:326
+msgid "Provide visual feedback at the password prompt when there is user input"
+msgstr "Doni vidajn indikojn je la pasvorta enmetanta kiam ekzistas enmeto"
+
+#: plugins/sudoers/def_data.c:330
+msgid "Use faster globbing that is less accurate but does not access the filesystem"
+msgstr "Uzi pli rapida kunigo, kiu estas malpli ĝusta sed ne atingas la dosiersistemon"
+
+#: plugins/sudoers/def_data.c:334
+msgid "The umask specified in sudoers will override the user's, even if it is more permissive"
+msgstr "La umask specifa en sudors superregos tio de la uzanto, eĉ se ĝi estas pli permesema"
+
+#: plugins/sudoers/def_data.c:338
+msgid "Log user's input for the command being run"
+msgstr "Protokoli enmeton de uzanto por la komando, kiun si plenumigas"
+
+#: plugins/sudoers/def_data.c:342
+msgid "Log the output of the command being run"
+msgstr "Protokoli la eligon de la komando, kiu estas plenumiĝi"
+
+#: plugins/sudoers/def_data.c:346
+msgid "Compress I/O logs using zlib"
+msgstr "Kunpremi eneligaj protokoloj per zlib"
+
+#: plugins/sudoers/def_data.c:350
+msgid "Always run commands in a pseudo-tty"
+msgstr "Ĉiam protokoli komandojn en pseŭda tty"
+
+#: plugins/sudoers/def_data.c:354
+#, c-format
+msgid "Plugin for non-Unix group support: %s"
+msgstr "Kromprogramo por kompreno de ne-uniksaj grupoj: %s"
+
+#: plugins/sudoers/def_data.c:358
+#, c-format
+msgid "Directory in which to store input/output logs: %s"
+msgstr "Dosierujo en kiu konservi eneligaj protokoloj: %s"
+
+#: plugins/sudoers/def_data.c:362
+#, c-format
+msgid "File in which to store the input/output log: %s"
+msgstr "Dosiero en kiu konservi la eneliga protokolo: %s"
+
+#: plugins/sudoers/def_data.c:366
+msgid "Add an entry to the utmp/utmpx file when allocating a pty"
+msgstr "Aldoni eron al la utmp/utmpx-dosiero dum generi pty-on"
+
+#: plugins/sudoers/def_data.c:370
+msgid "Set the user in utmp to the runas user, not the invoking user"
+msgstr "Valorizi uzanton en utmp al la plenumigkiela uzanto, ne la vokanta uzanto"
+
+#: plugins/sudoers/def_data.c:374
+#, c-format
+msgid "Set of permitted privileges: %s"
+msgstr "Aro da permesitaj privilegioj: %s"
+
+#: plugins/sudoers/def_data.c:378
+#, c-format
+msgid "Set of limit privileges: %s"
+msgstr "Aro da limigaj privilegioj: %s"
+
+#: plugins/sudoers/def_data.c:382
+msgid "Run commands on a pty in the background"
+msgstr "Plenumigi komandojn en pty en la fono"
+
+#: plugins/sudoers/def_data.c:386
+#, c-format
+msgid "PAM service name to use: %s"
+msgstr "PAM-servonomo uzota: %s"
+
+#: plugins/sudoers/def_data.c:390
+#, c-format
+msgid "PAM service name to use for login shells: %s"
+msgstr "PAM-servonomo uzota por ensalutaj ŝeloj: %s"
+
+#: plugins/sudoers/def_data.c:394
+msgid "Attempt to establish PAM credentials for the target user"
+msgstr "ne eblas establi PAM-atestilojn por la cela uzanto"
+
+#: plugins/sudoers/def_data.c:398
+msgid "Create a new PAM session for the command to run in"
+msgstr "Krei novan PAM-seancon en kiu la komando plenumiĝos"
+
+#: plugins/sudoers/def_data.c:402
+#, c-format
+msgid "Maximum I/O log sequence number: %u"
+msgstr "Maksimuma sinsekva numero de la en/eliga protokolo: %u"
+
+#: plugins/sudoers/def_data.c:406
+msgid "Enable sudoers netgroup support"
+msgstr "Aktivigi retgrupan regon de sudoers"
+
+#: plugins/sudoers/def_data.c:410
+msgid "Check parent directories for writability when editing files with sudoedit"
+msgstr "Kontroli gepatrajn dosierujojn pri skribeblo dum redakto de dosieroj per sudoedit"
+
+#: plugins/sudoers/def_data.c:414
+msgid "Follow symbolic links when editing files with sudoedit"
+msgstr "Sekvi simbolajn ligojn dum redakto de dosieroj per sudoedit"
+
+#: plugins/sudoers/def_data.c:418
+msgid "Query the group plugin for unknown system groups"
+msgstr "Informo-mendi la grupan kromprogramon por nekonataj sistem-grupoj"
+
+#: plugins/sudoers/def_data.c:422
+msgid "Match netgroups based on the entire tuple: user, host and domain"
+msgstr "Kongrui retgrupoj surbaze de entuta n-opo: uzanto, gastiganto kaj domajno"
+
+#: plugins/sudoers/def_data.c:426
+msgid "Allow commands to be run even if sudo cannot write to the audit log"
+msgstr "Permesi ke komandoj estu plenumataj eĉ se sudo ne povas skribi al la ekzamena protokolo"
+
+#: plugins/sudoers/def_data.c:430
+msgid "Allow commands to be run even if sudo cannot write to the I/O log"
+msgstr "Permesi ke komandoj estu plenumataj eĉ se sudo ne povas skribi al la eneliga protokolo"
+
+#: plugins/sudoers/def_data.c:434
+msgid "Allow commands to be run even if sudo cannot write to the log file"
+msgstr "Permesi ke komandoj estu plenumataj eĉ se sudo ne povas skribi al la protokola dosiero"
+
+#: plugins/sudoers/def_data.c:438
+msgid "Resolve groups in sudoers and match on the group ID, not the name"
+msgstr "Solvi grupojn en sudoers kaj kongrui al la grupa ID, ne la nomo"
+
+#: plugins/sudoers/def_data.c:442
+#, c-format
+msgid "Log entries larger than this value will be split into multiple syslog messages: %u"
+msgstr "Protokoleroj pli grandaj ol tiu ĉi valoro estos dividitaj en multoblajn mesaĝojn en syslog: %u"
+
+#: plugins/sudoers/def_data.c:446
+#, c-format
+msgid "User that will own the I/O log files: %s"
+msgstr "Uzanto kiu posedos la eneligajn protokol-dosierojn: %s"
+
+#: plugins/sudoers/def_data.c:450
+#, c-format
+msgid "Group that will own the I/O log files: %s"
+msgstr "Grupo kiu posedos la eneligajn protokol-dosierojn: %s"
+
+#: plugins/sudoers/def_data.c:454
+#, c-format
+msgid "File mode to use for the I/O log files: 0%o"
+msgstr "Dosier-reĝimo uzota por la eneligaj protokol-dosieroj: 0%o"
+
+#: plugins/sudoers/def_data.c:458
+#, c-format
+msgid "Execute commands by file descriptor instead of by path: %s"
+msgstr "Plenumigi komandojn laŭ dosiernumero anstataŭ laŭ vojo: %s"
+
+#: plugins/sudoers/def_data.c:462
+msgid "Ignore unknown Defaults entries in sudoers instead of producing a warning"
+msgstr "Ignori nekonatajn erojn Defaults en sudoers anstataŭ prezenti averton"
+
+#: plugins/sudoers/def_data.c:466
+#, c-format
+msgid "Time in seconds after which the command will be terminated: %u"
+msgstr "Tempo laŭ sekundoj pust kiu la komando finiĝos: %u"
+
+#: plugins/sudoers/def_data.c:470
+msgid "Allow the user to specify a timeout on the command line"
+msgstr "Permesi al la uzanto specifi eksvalidiĝon per la komandlinio"
+
+#: plugins/sudoers/def_data.c:474
+msgid "Flush I/O log data to disk immediately instead of buffering it"
+msgstr "Tuj elbufrigi eneligo-protokolajn datumojn en diskon anstataŭ enbufrigi ĝin"
+
+#: plugins/sudoers/def_data.c:478
+msgid "Include the process ID when logging via syslog"
+msgstr "Inkluzivigi la procezan identigilon dum protokoli per syslog"
+
+#: plugins/sudoers/def_data.c:482
+#, c-format
+msgid "Type of authentication timestamp record: %s"
+msgstr "Tipo de tempindika rikordo por aŭtentikigo: %s"
+
+#: plugins/sudoers/def_data.c:486
+#, c-format
+msgid "Authentication failure message: %s"
+msgstr "Mesaĝo pri malsukceso dum aŭtentikigo: %s"
+
+#: plugins/sudoers/def_data.c:490
+msgid "Ignore case when matching user names"
+msgstr "Preteratenti usklecon dum kongruo al uzantnomoj"
+
+#: plugins/sudoers/def_data.c:494
+msgid "Ignore case when matching group names"
+msgstr "Preteratenti usklecon dum kongruo al grupnomoj"
+
+#: plugins/sudoers/defaults.c:224
+#, c-format
+msgid "%s:%d unknown defaults entry \"%s\""
+msgstr "%s:%d nekonata ero \"%s\" en defaults"
+
+#: plugins/sudoers/defaults.c:227
+#, c-format
+msgid "%s: unknown defaults entry \"%s\""
+msgstr "%s: nekonata ero \"%s\" en defaults"
+
+#: plugins/sudoers/defaults.c:270
+#, c-format
+msgid "%s:%d no value specified for \"%s\""
+msgstr "%s:%d neniu valoro indikita por \"%s\""
+
+#: plugins/sudoers/defaults.c:273
+#, c-format
+msgid "%s: no value specified for \"%s\""
+msgstr "%s: neniu valoro indikita por \"%s\""
+
+#: plugins/sudoers/defaults.c:293
+#, c-format
+msgid "%s:%d values for \"%s\" must start with a '/'"
+msgstr "%s:%d valoroj por \"%s\" devas komenciĝi per '/'"
+
+#: plugins/sudoers/defaults.c:296
+#, c-format
+msgid "%s: values for \"%s\" must start with a '/'"
+msgstr "%s: valoroj por \"%s\" devas komenciĝi per '/'"
+
+#: plugins/sudoers/defaults.c:318
+#, c-format
+msgid "%s:%d option \"%s\" does not take a value"
+msgstr "%s:%d parametro \"%s\" ne povas havi valoron"
+
+#: plugins/sudoers/defaults.c:321
+#, c-format
+msgid "%s: option \"%s\" does not take a value"
+msgstr "%s: parametro \"%s\" ne povas havi valoron"
+
+#: plugins/sudoers/defaults.c:346
+#, c-format
+msgid "%s:%d invalid Defaults type 0x%x for option \"%s\""
+msgstr "%s:%d malvalida Defaults-tipo 0x%x por parametro \"%s\""
+
+#: plugins/sudoers/defaults.c:349
+#, c-format
+msgid "%s: invalid Defaults type 0x%x for option \"%s\""
+msgstr "%s: malvalida Defaults-tipo 0x%x por parametro \"%s\""
+
+#: plugins/sudoers/defaults.c:359
+#, c-format
+msgid "%s:%d value \"%s\" is invalid for option \"%s\""
+msgstr "%s:%d valoro \"%s\" estas malvalida por parametro \"%s\""
+
+#: plugins/sudoers/defaults.c:362
+#, c-format
+msgid "%s: value \"%s\" is invalid for option \"%s\""
+msgstr "%s: valoro \"%s\" estas malvalida por parametro \"%s\""
+
+#: plugins/sudoers/env.c:376
+msgid "sudo_putenv: corrupted envp, length mismatch"
+msgstr "sudo_putenv: medio tro granda"
+
+#: plugins/sudoers/env.c:1055
+msgid "unable to rebuild the environment"
+msgstr "ne eblas rekonstrui la medion"
+
+#: plugins/sudoers/env.c:1129
+#, c-format
+msgid "sorry, you are not allowed to set the following environment variables: %s"
+msgstr "bedaŭre vi ne estas permesata valorizi la jenajn medivariablojn: %s"
+
+#: plugins/sudoers/file.c:111
+#, c-format
+msgid "parse error in %s near line %d"
+msgstr "analiza eraro en %s proksime al linio %d"
+
+#: plugins/sudoers/file.c:114
+#, c-format
+msgid "parse error in %s"
+msgstr "analiza eraro en %s"
+
+#: plugins/sudoers/filedigest.c:56
+#, c-format
+msgid "unsupported digest type %d for %s"
+msgstr "nekonata resuma tipo %d por %s"
+
+#: plugins/sudoers/filedigest.c:85
+#, c-format
+msgid "%s: read error"
+msgstr "%s: lega eraro"
+
+#: plugins/sudoers/group_plugin.c:83
+#, c-format
+msgid "%s must be owned by uid %d"
+msgstr "%s devas esti estrata de uid %d"
+
+#: plugins/sudoers/group_plugin.c:87
+#, c-format
+msgid "%s must only be writable by owner"
+msgstr "%s devas esti skribebla nur de estro"
+
+#: plugins/sudoers/group_plugin.c:95 plugins/sudoers/sssd.c:550
+#, c-format
+msgid "unable to load %s: %s"
+msgstr "ne eblas ŝarĝi je %s: %s"
+
+#: plugins/sudoers/group_plugin.c:101
+#, c-format
+msgid "unable to find symbol \"group_plugin\" in %s"
+msgstr "ne eblas trovi simbolon \"group_plugin\" en %s"
+
+#: plugins/sudoers/group_plugin.c:106
+#, c-format
+msgid "%s: incompatible group plugin major version %d, expected %d"
+msgstr "%s: nekongrua grupa kromprogramo: ĉefa eldono %d, atendita %d"
+
+#: plugins/sudoers/interfaces.c:79 plugins/sudoers/interfaces.c:96
+#, c-format
+msgid "unable to parse IP address \"%s\""
+msgstr "ne eblas trakti IP-adreson \"%s\""
+
+#: plugins/sudoers/interfaces.c:84 plugins/sudoers/interfaces.c:101
+#, c-format
+msgid "unable to parse netmask \"%s\""
+msgstr "ne eblas trakti retmaskon \"%s\""
+
+#: plugins/sudoers/interfaces.c:129
+msgid "Local IP address and netmask pairs:\n"
+msgstr "Loka IP-adresa kaj retmaska paroj:\n"
+
+#: plugins/sudoers/iolog.c:119 plugins/sudoers/mkdir_parents.c:75
+#, c-format
+msgid "%s exists but is not a directory (0%o)"
+msgstr "%s ekzistas sed ne dosierujo (0%o)"
+
+#: plugins/sudoers/iolog.c:144 plugins/sudoers/iolog.c:184
+#: plugins/sudoers/mkdir_parents.c:64 plugins/sudoers/timestamp.c:174
+#, c-format
+msgid "unable to mkdir %s"
+msgstr "ne eblas mkdir-i: %s"
+
+#: plugins/sudoers/iolog.c:188 plugins/sudoers/visudo.c:718
+#: plugins/sudoers/visudo.c:728
+#, c-format
+msgid "unable to change mode of %s to 0%o"
+msgstr "ne eblas ŝanĝi reĝimon de %s al 0%o"
+
+#: plugins/sudoers/iolog.c:296 plugins/sudoers/sudoers.c:1162
+#: plugins/sudoers/testsudoers.c:390
+#, c-format
+msgid "unknown group: %s"
+msgstr "nekonata grupo: %s"
+
+#: plugins/sudoers/iolog.c:466 plugins/sudoers/sudoers.c:902
+#: plugins/sudoers/sudoreplay.c:868 plugins/sudoers/sudoreplay.c:1681
+#: plugins/sudoers/tsdump.c:140
+#, c-format
+msgid "unable to read %s"
+msgstr "ne eblas legi %s"
+
+#: plugins/sudoers/iolog.c:581 plugins/sudoers/iolog.c:800
+#, c-format
+msgid "unable to create %s"
+msgstr "ne eblas krei: %s"
+
+#: plugins/sudoers/iolog.c:1032 plugins/sudoers/iolog.c:1107
+#: plugins/sudoers/iolog.c:1188
+#, c-format
+msgid "unable to write to I/O log file: %s"
+msgstr "ne eblas skribi al eneliga protokoldosiero: %s"
+
+#: plugins/sudoers/iolog.c:1066
+#, c-format
+msgid "%s: internal error, file index %d not open"
+msgstr "%s: interna eraro, dosiera indekso %d ne estas malferma"
+
+#: plugins/sudoers/ldap.c:170 plugins/sudoers/ldap_conf.c:287
+msgid "starttls not supported when using ldaps"
+msgstr "starttls ne estas regata dum uzo de ldaps"
+
+#: plugins/sudoers/ldap.c:241
+#, c-format
+msgid "unable to initialize SSL cert and key db: %s"
+msgstr "ne eblas ekigi SSL-asertilon kaj ŝlosilan datumbazon: %s"
+
+#: plugins/sudoers/ldap.c:244
+#, c-format
+msgid "you must set TLS_CERT in %s to use SSL"
+msgstr "TLS_CERT devas havi valoron en %s antaŭ ol SSL uzeblos"
+
+#: plugins/sudoers/ldap.c:1606
+#, c-format
+msgid "unable to initialize LDAP: %s"
+msgstr "ne eblas ekigi LDAP-on: %s"
+
+#: plugins/sudoers/ldap.c:1642
+msgid "start_tls specified but LDAP libs do not support ldap_start_tls_s() or ldap_start_tls_s_np()"
+msgstr "start_tls specifita sed LDAP-bibliotekoj ne havas la funkciojn ldap_start_tls_s() kaj ldap_start_tls_s_np()"
+
+#: plugins/sudoers/ldap_conf.c:196
+msgid "sudo_ldap_conf_add_ports: port too large"
+msgstr "sudo_ldap_conf_add_ports: pordo tro granda"
+
+#: plugins/sudoers/ldap_conf.c:256
+#, c-format
+msgid "unsupported LDAP uri type: %s"
+msgstr "nekonata retadresa tipo de LDAP: %s"
+
+#: plugins/sudoers/ldap_conf.c:283
+msgid "unable to mix ldap and ldaps URIs"
+msgstr "ne eblas miksi sekurajn kaj nesekurajn retadresojn de LDAP"
+
+#: plugins/sudoers/ldap_util.c:470 plugins/sudoers/ldap_util.c:472
+#, c-format
+msgid "unable to convert sudoOption: %s%s%s"
+msgstr "ne eblas konverti sudoOption: %s%s%s"
+
+#: plugins/sudoers/linux_audit.c:52
+msgid "unable to open audit system"
+msgstr "ne eblas malfermi revizian sistemon"
+
+#: plugins/sudoers/linux_audit.c:93
+msgid "unable to send audit message"
+msgstr "ne eblas sendi revizian mesaĝon"
+
+#: plugins/sudoers/logging.c:108
+#, c-format
+msgid "%8s : %s"
+msgstr "%8s: %s"
+
+#: plugins/sudoers/logging.c:136
+#, c-format
+msgid "%8s : (command continued) %s"
+msgstr "%8s : (komando daŭrigis) %s"
+
+#: plugins/sudoers/logging.c:165
+#, c-format
+msgid "unable to open log file: %s"
+msgstr "ne eblas malfermi protokolon: %s"
+
+#: plugins/sudoers/logging.c:173
+#, c-format
+msgid "unable to lock log file: %s"
+msgstr "ne eblas ŝlosi protokolon: %s"
+
+#: plugins/sudoers/logging.c:206
+#, c-format
+msgid "unable to write log file: %s"
+msgstr "ne eblas skribi al protokolo: %s"
+
+#: plugins/sudoers/logging.c:235
+msgid "No user or host"
+msgstr "Neniu uzanto aŭ gastiganto"
+
+#: plugins/sudoers/logging.c:237
+msgid "validation failure"
+msgstr "validiga malsukceso"
+
+#: plugins/sudoers/logging.c:244
+msgid "user NOT in sudoers"
+msgstr "uzanto NE estas en sudoers"
+
+#: plugins/sudoers/logging.c:246
+msgid "user NOT authorized on host"
+msgstr "uzanto NE permesata en gastiganto"
+
+#: plugins/sudoers/logging.c:248
+msgid "command not allowed"
+msgstr "komando ne permesata"
+
+#: plugins/sudoers/logging.c:283
+#, c-format
+msgid "%s is not in the sudoers file.  This incident will be reported.\n"
+msgstr "%s ne estas en la dosiero sudoers. Ĉi tiu estos raportita.\n"
+
+#: plugins/sudoers/logging.c:286
+#, c-format
+msgid "%s is not allowed to run sudo on %s.  This incident will be reported.\n"
+msgstr "%s ne estas permesata plenumigi sudo-on en %s. Ĉi tio estos raportita.\n"
+
+#: plugins/sudoers/logging.c:290
+#, c-format
+msgid "Sorry, user %s may not run sudo on %s.\n"
+msgstr "Bedaŭre uzanto %s ne rajtas plenumigi sudo-on en %s.\n"
+
+#: plugins/sudoers/logging.c:293
+#, c-format
+msgid "Sorry, user %s is not allowed to execute '%s%s%s' as %s%s%s on %s.\n"
+msgstr "Bedaŭre uzanto %s ne rajtas plenumigi '%s%s%s'-on kiel %s%s%s en %s.\n"
+
+#: plugins/sudoers/logging.c:330 plugins/sudoers/sudoers.c:433
+#: plugins/sudoers/sudoers.c:435 plugins/sudoers/sudoers.c:437
+#: plugins/sudoers/sudoers.c:439 plugins/sudoers/sudoers.c:594
+#: plugins/sudoers/sudoers.c:596
+#, c-format
+msgid "%s: command not found"
+msgstr "%s: komando ne trovita"
+
+#: plugins/sudoers/logging.c:332 plugins/sudoers/sudoers.c:429
+#, c-format
+msgid ""
+"ignoring \"%s\" found in '.'\n"
+"Use \"sudo ./%s\" if this is the \"%s\" you wish to run."
+msgstr ""
+"ni malatentas \"%s\" trovita en '.'\n"
+"Uzu \"sudo ./%s\" se tio estas la \"%s\", kiun vi volas plenumigi."
+
+#: plugins/sudoers/logging.c:349
+msgid "authentication failure"
+msgstr "aŭtentiga malsukceso"
+
+#: plugins/sudoers/logging.c:375
+msgid "a password is required"
+msgstr "pasvorto estas bezonata"
+
+#: plugins/sudoers/logging.c:438
+#, c-format
+msgid "%u incorrect password attempt"
+msgid_plural "%u incorrect password attempts"
+msgstr[0] "%u malĝusta pasvorta provo"
+msgstr[1] "%u malĝustaj pasvortaj provoj"
+
+#: plugins/sudoers/logging.c:659
+msgid "unable to fork"
+msgstr "ne eblas forki"
+
+#: plugins/sudoers/logging.c:667 plugins/sudoers/logging.c:719
+#, c-format
+msgid "unable to fork: %m"
+msgstr "ne eblas forki: %m"
+
+#: plugins/sudoers/logging.c:709
+#, c-format
+msgid "unable to open pipe: %m"
+msgstr "ne eblas malfermi tubon: %m"
+
+#: plugins/sudoers/logging.c:734
+#, c-format
+msgid "unable to dup stdin: %m"
+msgstr "ne eblas kopii enigon: %m"
+
+#: plugins/sudoers/logging.c:772
+#, c-format
+msgid "unable to execute %s: %m"
+msgstr "ne eblas plenumigi %s-on: %m"
+
+#: plugins/sudoers/match.c:842
+#, c-format
+msgid "digest for %s (%s) is not in %s form"
+msgstr "resumo por %s (%s) ne estas laŭ la formo %s"
+
+#: plugins/sudoers/mkdir_parents.c:70 plugins/sudoers/sudoers.c:913
+#: plugins/sudoers/visudo.c:416 plugins/sudoers/visudo.c:712
+#, c-format
+msgid "unable to stat %s"
+msgstr "ne eblas stat-i: %s"
+
+#: plugins/sudoers/parse.c:434
+#, c-format
+msgid ""
+"\n"
+"LDAP Role: %s\n"
+msgstr ""
+"\n"
+"LDAP-rolo: %s\n"
+
+#: plugins/sudoers/parse.c:437
+#, c-format
+msgid ""
+"\n"
+"Sudoers entry:\n"
+msgstr ""
+"\n"
+"Ero en sudoers:\n"
+
+#: plugins/sudoers/parse.c:439
+#, c-format
+msgid "    RunAsUsers: "
+msgstr "    RunAsUsers: "
+
+#: plugins/sudoers/parse.c:454
+#, c-format
+msgid "    RunAsGroups: "
+msgstr "    RunAsGroups: "
+
+#: plugins/sudoers/parse.c:464
+#, c-format
+msgid "    Options: "
+msgstr "   Modifiloj: "
+
+#: plugins/sudoers/parse.c:518
+#, c-format
+msgid "    Commands:\n"
+msgstr "    Komandoj:\n"
+
+#: plugins/sudoers/parse.c:709
+#, c-format
+msgid "Matching Defaults entries for %s on %s:\n"
+msgstr "Kongruantaj eroj de Defaults: %s en %s:\n"
+
+#: plugins/sudoers/parse.c:727
+#, c-format
+msgid "Runas and Command-specific defaults for %s:\n"
+msgstr "Plenumigkiela komando-specifaj aŭtomataĵoj por %s:\n"
+
+#: plugins/sudoers/parse.c:745
+#, c-format
+msgid "User %s may run the following commands on %s:\n"
+msgstr "Uzanto %s rajtas plenumigi la jenajn komandojn en %s:\n"
+
+#: plugins/sudoers/parse.c:760
+#, c-format
+msgid "User %s is not allowed to run sudo on %s.\n"
+msgstr "Uzanto %s ne rajtas plenumigi sudo-on en %s.\n"
+
+#: plugins/sudoers/policy.c:83 plugins/sudoers/policy.c:109
+#, c-format
+msgid "invalid %.*s set by sudo front-end"
+msgstr "malvalida %.*s difinita de sudo-fasado"
+
+#: plugins/sudoers/policy.c:288 plugins/sudoers/testsudoers.c:259
+msgid "unable to parse network address list"
+msgstr "ne eblas trakti reto-adresan liston"
+
+#: plugins/sudoers/policy.c:432
+msgid "user name not set by sudo front-end"
+msgstr "uzantnomo ne difinita de sudo-fasado"
+
+#: plugins/sudoers/policy.c:436
+msgid "user ID not set by sudo front-end"
+msgstr "uzanto-ID ne difinita de sudo-fasado"
+
+#: plugins/sudoers/policy.c:440
+msgid "group ID not set by sudo front-end"
+msgstr "grupo-ID ne difinita de sudo-fasado"
+
+#: plugins/sudoers/policy.c:444
+msgid "host name not set by sudo front-end"
+msgstr "gastiganta nomo ne difinita de sudo-fasado"
+
+#: plugins/sudoers/policy.c:797 plugins/sudoers/visudo.c:215
+#: plugins/sudoers/visudo.c:845
+#, c-format
+msgid "unable to execute %s"
+msgstr "ne eblas plenumigi: %s"
+
+#: plugins/sudoers/policy.c:930
+#, c-format
+msgid "Sudoers policy plugin version %s\n"
+msgstr "Eldono %s de la konduta kromprogramo\n"
+
+#: plugins/sudoers/policy.c:932
+#, c-format
+msgid "Sudoers file grammar version %d\n"
+msgstr "Eldono %d de la gramatikilo de sudoers\n"
+
+#: plugins/sudoers/policy.c:936
+#, c-format
+msgid ""
+"\n"
+"Sudoers path: %s\n"
+msgstr ""
+"\n"
+"Vojo de sudoers: %s\n"
+
+#: plugins/sudoers/policy.c:939
+#, c-format
+msgid "nsswitch path: %s\n"
+msgstr "vojo de nsswitch: %s\n"
+
+#: plugins/sudoers/policy.c:941
+#, c-format
+msgid "ldap.conf path: %s\n"
+msgstr "vojo de ldap.conf: %s\n"
+
+#: plugins/sudoers/policy.c:942
+#, c-format
+msgid "ldap.secret path: %s\n"
+msgstr "vojo de ldap.secret: %s\n"
+
+#: plugins/sudoers/policy.c:975
+#, c-format
+msgid "unable to register hook of type %d (version %d.%d)"
+msgstr "ne eblas registri hokon el tipo %d (versio %d.%d)"
+
+#: plugins/sudoers/pwutil.c:214 plugins/sudoers/pwutil.c:233
+#, c-format
+msgid "unable to cache uid %u, out of memory"
+msgstr "ne eblas konservi uid-on %u, memoro plenplena"
+
+#: plugins/sudoers/pwutil.c:227
+#, c-format
+msgid "unable to cache uid %u, already exists"
+msgstr "ne eblas konservi uid-on %u, jam ekzistas"
+
+#: plugins/sudoers/pwutil.c:287 plugins/sudoers/pwutil.c:305
+#: plugins/sudoers/pwutil.c:367 plugins/sudoers/pwutil.c:412
+#, c-format
+msgid "unable to cache user %s, out of memory"
+msgstr "ne eblas konservi uzanton %s, memoro plenplena"
+
+#: plugins/sudoers/pwutil.c:300
+#, c-format
+msgid "unable to cache user %s, already exists"
+msgstr "ne eblas konservi uzanton %s, jam ekzistas"
+
+#: plugins/sudoers/pwutil.c:531 plugins/sudoers/pwutil.c:550
+#, c-format
+msgid "unable to cache gid %u, out of memory"
+msgstr "ne eblas konservi gid-on %u, memoro plenplena"
+
+#: plugins/sudoers/pwutil.c:544
+#, c-format
+msgid "unable to cache gid %u, already exists"
+msgstr "ne eblas konservi gid-on %u, jam ekzistas"
+
+#: plugins/sudoers/pwutil.c:598 plugins/sudoers/pwutil.c:616
+#: plugins/sudoers/pwutil.c:663 plugins/sudoers/pwutil.c:705
+#, c-format
+msgid "unable to cache group %s, out of memory"
+msgstr "ne eblas konservi grupon %s, memoro plenplena"
+
+#: plugins/sudoers/pwutil.c:611
+#, c-format
+msgid "unable to cache group %s, already exists"
+msgstr "ne eblas konservi grupon %s, jam ekzistas"
+
+#: plugins/sudoers/pwutil.c:831 plugins/sudoers/pwutil.c:883
+#: plugins/sudoers/pwutil.c:934 plugins/sudoers/pwutil.c:987
+#, c-format
+msgid "unable to cache group list for %s, already exists"
+msgstr "ne eblas konservi grupan liston por %s, jam ekzistas"
+
+#: plugins/sudoers/pwutil.c:837 plugins/sudoers/pwutil.c:888
+#: plugins/sudoers/pwutil.c:940 plugins/sudoers/pwutil.c:992
+#, c-format
+msgid "unable to cache group list for %s, out of memory"
+msgstr "ne eblas konservi grupan liston por %s, memoro plenplena"
+
+#: plugins/sudoers/pwutil.c:877
+#, c-format
+msgid "unable to parse groups for %s"
+msgstr "ne eblas trakti grupon en %s"
+
+#: plugins/sudoers/pwutil.c:981
+#, c-format
+msgid "unable to parse gids for %s"
+msgstr "ne eblas trakti 'gids' por %s"
+
+#: plugins/sudoers/set_perms.c:113 plugins/sudoers/set_perms.c:469
+#: plugins/sudoers/set_perms.c:912 plugins/sudoers/set_perms.c:1239
+#: plugins/sudoers/set_perms.c:1556
+msgid "perm stack overflow"
+msgstr "permeso-staka troo"
+
+#: plugins/sudoers/set_perms.c:121 plugins/sudoers/set_perms.c:400
+#: plugins/sudoers/set_perms.c:477 plugins/sudoers/set_perms.c:779
+#: plugins/sudoers/set_perms.c:920 plugins/sudoers/set_perms.c:1163
+#: plugins/sudoers/set_perms.c:1247 plugins/sudoers/set_perms.c:1489
+#: plugins/sudoers/set_perms.c:1564 plugins/sudoers/set_perms.c:1654
+msgid "perm stack underflow"
+msgstr "permeso-staka maltroo"
+
+#: plugins/sudoers/set_perms.c:180 plugins/sudoers/set_perms.c:523
+#: plugins/sudoers/set_perms.c:1298 plugins/sudoers/set_perms.c:1596
+msgid "unable to change to root gid"
+msgstr "ne eblas ŝanĝi al radika gid"
+
+#: plugins/sudoers/set_perms.c:269 plugins/sudoers/set_perms.c:620
+#: plugins/sudoers/set_perms.c:1049 plugins/sudoers/set_perms.c:1375
+msgid "unable to change to runas gid"
+msgstr "ne eblas ŝanĝi al plenumigkiela gid"
+
+#: plugins/sudoers/set_perms.c:274 plugins/sudoers/set_perms.c:625
+#: plugins/sudoers/set_perms.c:1054 plugins/sudoers/set_perms.c:1380
+msgid "unable to set runas group vector"
+msgstr "ne eblas elekti vektoron de plenumigkiela grupo"
+
+#: plugins/sudoers/set_perms.c:285 plugins/sudoers/set_perms.c:636
+#: plugins/sudoers/set_perms.c:1063 plugins/sudoers/set_perms.c:1389
+msgid "unable to change to runas uid"
+msgstr "ne eblas ŝanĝi al plenumigkiela uid"
+
+#: plugins/sudoers/set_perms.c:303 plugins/sudoers/set_perms.c:654
+#: plugins/sudoers/set_perms.c:1079 plugins/sudoers/set_perms.c:1405
+msgid "unable to change to sudoers gid"
+msgstr "ne eblas ŝanĝi al gid de sudo-redaktantoj"
+
+#: plugins/sudoers/set_perms.c:387 plugins/sudoers/set_perms.c:766
+#: plugins/sudoers/set_perms.c:1150 plugins/sudoers/set_perms.c:1476
+#: plugins/sudoers/set_perms.c:1641
+msgid "too many processes"
+msgstr "tro da procezoj"
+
+#: plugins/sudoers/solaris_audit.c:51
+msgid "unable to get current working directory"
+msgstr "ne eblas scii la nunan labor-dosierujon"
+
+#: plugins/sudoers/solaris_audit.c:59
+#, c-format
+msgid "truncated audit path user_cmnd: %s"
+msgstr "tranĉita ekzamen-vojo user_cmnd: %s"
+
+#: plugins/sudoers/solaris_audit.c:66
+#, c-format
+msgid "truncated audit path argv[0]: %s"
+msgstr "tranĉita ekzamen-vojo argv[0]: %s"
+
+#: plugins/sudoers/solaris_audit.c:115
+msgid "audit_failure message too long"
+msgstr "mesaĝo audit_failure (ekzamena fiasko) tro longas"
+
+#: plugins/sudoers/sssd.c:552
+msgid "unable to initialize SSS source. Is SSSD installed on your machine?"
+msgstr "ne eblas ekigi SSS-fonton. Ĉu SSSD estas instalita en via maŝino?"
+
+#: plugins/sudoers/sssd.c:560 plugins/sudoers/sssd.c:569
+#: plugins/sudoers/sssd.c:578 plugins/sudoers/sssd.c:587
+#: plugins/sudoers/sssd.c:596
+#, c-format
+msgid "unable to find symbol \"%s\" in %s"
+msgstr "ne eblas trovi simbolon \"%s\" en %s"
+
+#: plugins/sudoers/sudoers.c:204 plugins/sudoers/sudoers.c:859
+msgid "problem with defaults entries"
+msgstr "problemoj kun aŭtomataj eroj"
+
+#: plugins/sudoers/sudoers.c:208
+msgid "no valid sudoers sources found, quitting"
+msgstr "ne validaj fontotekstoj de sudoers trovita, ĉesiganta"
+
+#: plugins/sudoers/sudoers.c:246
+msgid "sudoers specifies that root is not allowed to sudo"
+msgstr "sudoers specifas, ke ĉefuzanto ne rajtas sudo-i"
+
+#: plugins/sudoers/sudoers.c:303
+msgid "you are not permitted to use the -C option"
+msgstr "vi ne rajtas uzi la parametron -C"
+
+#: plugins/sudoers/sudoers.c:350
+#, c-format
+msgid "timestamp owner (%s): No such user"
+msgstr "tempo-indikila posedanto (%s): neniu tia uzanto"
+
+#: plugins/sudoers/sudoers.c:365
+msgid "no tty"
+msgstr "neniu tty"
+
+#: plugins/sudoers/sudoers.c:366
+msgid "sorry, you must have a tty to run sudo"
+msgstr "bedaŭre vi devas havi tty-on por plenumigi sudo-on"
+
+#: plugins/sudoers/sudoers.c:428
+msgid "command in current directory"
+msgstr "komando en nuna dosierujo"
+
+#: plugins/sudoers/sudoers.c:447
+msgid "sorry, you are not allowed set a command timeout"
+msgstr "bedaŭre vi ne rajtas elekti komando-eksvalidiĝo"
+
+#: plugins/sudoers/sudoers.c:455
+msgid "sorry, you are not allowed to preserve the environment"
+msgstr "bedaŭre vi ne rajtas konservi la medion"
+
+#: plugins/sudoers/sudoers.c:803
+msgid "command too long"
+msgstr "komando tro longas"
+
+#: plugins/sudoers/sudoers.c:917
+#, c-format
+msgid "%s is not a regular file"
+msgstr "%s ne estas normala dosiero"
+
+#: plugins/sudoers/sudoers.c:921 plugins/sudoers/timestamp.c:221 toke.l:968
+#, c-format
+msgid "%s is owned by uid %u, should be %u"
+msgstr "%s estas estrita de uid %u, devas esti %u"
+
+#: plugins/sudoers/sudoers.c:925 toke.l:973
+#, c-format
+msgid "%s is world writable"
+msgstr "%s estas skribebla de ĉiuj"
+
+#: plugins/sudoers/sudoers.c:929 toke.l:976
+#, c-format
+msgid "%s is owned by gid %u, should be %u"
+msgstr "%s estas estrita de gid %u, devas esti %u"
+
+#: plugins/sudoers/sudoers.c:962
+#, c-format
+msgid "only root can use \"-c %s\""
+msgstr "nur ĉefuzanto rajtas uzi \"-c %s\""
+
+#: plugins/sudoers/sudoers.c:981
+#, c-format
+msgid "unknown login class: %s"
+msgstr "nekonata ensaluta klaso: %s"
+
+#: plugins/sudoers/sudoers.c:1064 plugins/sudoers/sudoers.c:1078
+#, c-format
+msgid "unable to resolve host %s"
+msgstr "ne eblas trovi gastiganton %s"
+
+#: plugins/sudoers/sudoreplay.c:274
+#, c-format
+msgid "invalid filter option: %s"
+msgstr "malvalida filtrila elekto: %s"
+
+#: plugins/sudoers/sudoreplay.c:287
+#, c-format
+msgid "invalid max wait: %s"
+msgstr "malvalida maksimuma atendo: %s"
+
+#: plugins/sudoers/sudoreplay.c:307
+#, c-format
+msgid "invalid speed factor: %s"
+msgstr "malvalida rapida faktoro: %s"
+
+#: plugins/sudoers/sudoreplay.c:342
+#, c-format
+msgid "%s/%.2s/%.2s/%.2s/timing: %s"
+msgstr "%s/%.2s/%.2s/%.2s tempo-registrado: %s"
+
+#: plugins/sudoers/sudoreplay.c:348
+#, c-format
+msgid "%s/%s/timing: %s"
+msgstr "%s/%s/tempo-registrado: %s"
+
+#: plugins/sudoers/sudoreplay.c:364
+#, c-format
+msgid "Replaying sudo session: %s"
+msgstr "Refaranta sudo-seancon: %s"
+
+#: plugins/sudoers/sudoreplay.c:562 plugins/sudoers/sudoreplay.c:609
+#: plugins/sudoers/sudoreplay.c:816 plugins/sudoers/sudoreplay.c:906
+#: plugins/sudoers/sudoreplay.c:985 plugins/sudoers/sudoreplay.c:1000
+#: plugins/sudoers/sudoreplay.c:1007 plugins/sudoers/sudoreplay.c:1014
+#: plugins/sudoers/sudoreplay.c:1021 plugins/sudoers/sudoreplay.c:1028
+#: plugins/sudoers/sudoreplay.c:1174
+msgid "unable to add event to queue"
+msgstr "ne eblas aldoni eventon al atendovico"
+
+#: plugins/sudoers/sudoreplay.c:677
+msgid "unable to set tty to raw mode"
+msgstr "ne eblas elekti tty-on en nudan reĝimon"
+
+#: plugins/sudoers/sudoreplay.c:728
+#, c-format
+msgid "Warning: your terminal is too small to properly replay the log.\n"
+msgstr "Averto: via terminalo estas tro malgranda por konvene reskribi la protokolon.\n"
+
+#: plugins/sudoers/sudoreplay.c:729
+#, c-format
+msgid "Log geometry is %d x %d, your terminal's geometry is %d x %d."
+msgstr "Protokola grando estas %dx%d, sed via terminala grando estas %dx%d."
+
+#: plugins/sudoers/sudoreplay.c:757
+msgid "Replay finished, press any key to restore the terminal."
+msgstr "Refarado finita, premu iu ajn klavon por restarigi la terminalon."
+
+#: plugins/sudoers/sudoreplay.c:790
+#, c-format
+msgid "invalid timing file line: %s"
+msgstr "malvalida linio en la tempo-registran dosieron: %s"
+
+#: plugins/sudoers/sudoreplay.c:1208 plugins/sudoers/sudoreplay.c:1233
+#, c-format
+msgid "ambiguous expression \"%s\""
+msgstr "ambigua esprimo \"%s\""
+
+#: plugins/sudoers/sudoreplay.c:1255
+msgid "unmatched ')' in expression"
+msgstr "esprimo kun ')' sen samnivela '('"
+
+#: plugins/sudoers/sudoreplay.c:1259
+#, c-format
+msgid "unknown search term \"%s\""
+msgstr "nekonata serĉaĵo \"%s\""
+
+#: plugins/sudoers/sudoreplay.c:1274
+#, c-format
+msgid "%s requires an argument"
+msgstr "%s bezonas parametron"
+
+#: plugins/sudoers/sudoreplay.c:1277 plugins/sudoers/sudoreplay.c:1657
+#, c-format
+msgid "invalid regular expression: %s"
+msgstr "malvalida regulesprimo: %s"
+
+#: plugins/sudoers/sudoreplay.c:1281
+#, c-format
+msgid "could not parse date \"%s\""
+msgstr "ne eblis analizi daton \"%s\""
+
+#: plugins/sudoers/sudoreplay.c:1290
+msgid "unmatched '(' in expression"
+msgstr "esprimo kun '(' sen samnivela ')'"
+
+#: plugins/sudoers/sudoreplay.c:1292
+msgid "illegal trailing \"or\""
+msgstr "malvalida posta \"or\""
+
+#: plugins/sudoers/sudoreplay.c:1294
+msgid "illegal trailing \"!\""
+msgstr "malvalida posta \"!\""
+
+#: plugins/sudoers/sudoreplay.c:1343
+#, c-format
+msgid "unknown search type %d"
+msgstr "nekonata serĉtipo %d"
+
+#: plugins/sudoers/sudoreplay.c:1381
+#, c-format
+msgid "%s: invalid log file"
+msgstr "%s: malvalida protokolo-dosiero"
+
+#: plugins/sudoers/sudoreplay.c:1399
+#, c-format
+msgid "%s: time stamp field is missing"
+msgstr "%s: mankas temp-indikila kampo"
+
+#: plugins/sudoers/sudoreplay.c:1406
+#, c-format
+msgid "%s: time stamp %s: %s"
+msgstr "%s: temp-indikilo %s: %s"
+
+#: plugins/sudoers/sudoreplay.c:1413
+#, c-format
+msgid "%s: user field is missing"
+msgstr "%s: mankas kampo de uzanto"
+
+#: plugins/sudoers/sudoreplay.c:1422
+#, c-format
+msgid "%s: runas user field is missing"
+msgstr "%s: mankas kampo de runa uzanto"
+
+#: plugins/sudoers/sudoreplay.c:1431
+#, c-format
+msgid "%s: runas group field is missing"
+msgstr "%s: mankas kampo de runa grupo"
+
+#: plugins/sudoers/sudoreplay.c:1837
+#, c-format
+msgid "usage: %s [-hnR] [-d dir] [-m num] [-s num] ID\n"
+msgstr "uzado: %s [-hnR] [-d dosierujo] [-m nombro] [-s nombro] identigilo\n"
+
+#: plugins/sudoers/sudoreplay.c:1840
+#, c-format
+msgid "usage: %s [-h] [-d dir] -l [search expression]\n"
+msgstr "uzado: %s [-h] [-d dosierujo] -l [serĉaĵo]\n"
+
+#: plugins/sudoers/sudoreplay.c:1849
+#, c-format
+msgid ""
+"%s - replay sudo session logs\n"
+"\n"
+msgstr ""
+"%s - refari sudo-seancajn protokolojn\n"
+"\n"
+
+#: plugins/sudoers/sudoreplay.c:1851
+msgid ""
+"\n"
+"Options:\n"
+"  -d, --directory=dir  specify directory for session logs\n"
+"  -f, --filter=filter  specify which I/O type(s) to display\n"
+"  -h, --help           display help message and exit\n"
+"  -l, --list           list available session IDs, with optional expression\n"
+"  -m, --max-wait=num   max number of seconds to wait between events\n"
+"  -s, --speed=num      speed up or slow down output\n"
+"  -V, --version        display version information and exit"
+msgstr ""
+"\n"
+"Modifiloj:\n"
+"  -d ,--directory=dosierujo specifi dosierujon por seancaj protokoloj\n"
+"  -f, --filter=filtrilo     specifi kiajn eneligajn tipojn por montri\n"
+"  -h, --help                montri helpan mesaĝon kaj eliri\n"
+"  -l, --list listigi        haveblajn seancajn identigilojn, kiuj kongruas kun esprimo\n"
+"  -m, --max-wait=nombro     maksimuma nombro da sekundoj por atendi inter okazoj\n"
+"  -s, --speed=nombro        rapidigi aŭ malrapidigi eligon\n"
+"  -V, --version             eligi eldonan informon kaj eliri"
+
+#: plugins/sudoers/testsudoers.c:328
+msgid "\thost  unmatched"
+msgstr "\thost  sen egalo"
+
+#: plugins/sudoers/testsudoers.c:331
+msgid ""
+"\n"
+"Command allowed"
+msgstr ""
+"\n"
+"Komando permesata"
+
+#: plugins/sudoers/testsudoers.c:332
+msgid ""
+"\n"
+"Command denied"
+msgstr ""
+"\n"
+"Komando rifuzata"
+
+#: plugins/sudoers/testsudoers.c:332
+msgid ""
+"\n"
+"Command unmatched"
+msgstr ""
+"\n"
+"Komando sen egalo"
+
+#: plugins/sudoers/timestamp.c:229
+#, c-format
+msgid "%s is group writable"
+msgstr "%s estas skribebla de la grupo"
+
+#: plugins/sudoers/timestamp.c:305
+#, c-format
+msgid "unable to truncate time stamp file to %lld bytes"
+msgstr "ne eblas mallongigi tempo-indikilan dosieron ĝis %lld bajtoj"
+
+#: plugins/sudoers/timestamp.c:792 plugins/sudoers/timestamp.c:884
+#: plugins/sudoers/visudo.c:477 plugins/sudoers/visudo.c:483
+msgid "unable to read the clock"
+msgstr "ne eblas legi la horloĝon"
+
+#: plugins/sudoers/timestamp.c:803
+msgid "ignoring time stamp from the future"
+msgstr "ignoranta tempo-indikilon el la estonteco"
+
+#: plugins/sudoers/timestamp.c:826
+#, c-format
+msgid "time stamp too far in the future: %20.20s"
+msgstr "tempo-indikilo tro estonte: %20.20s"
+
+#: plugins/sudoers/timestamp.c:948
+#, c-format
+msgid "unable to lock time stamp file %s"
+msgstr "ne eblas ŝlosi tempo-indikilan dosieron %s"
+
+#: plugins/sudoers/timestamp.c:992 plugins/sudoers/timestamp.c:1012
+#, c-format
+msgid "lecture status path too long: %s/%s"
+msgstr "vojo de prelega stato tro longas: %s/%s"
+
+#: plugins/sudoers/visudo.c:211
+msgid "the -x option will be removed in a future release"
+msgstr "la domifilo -x estos forigita en posta eldono"
+
+#: plugins/sudoers/visudo.c:212
+msgid "please consider using the cvtsudoers utility instead"
+msgstr "bonvolu konsideri uzi la utilaĵon cvtsudoers anstataŭe"
+
+#: plugins/sudoers/visudo.c:263 plugins/sudoers/visudo.c:645
+#, c-format
+msgid "press return to edit %s: "
+msgstr "premu enen-klavon por redakti %s-on: "
+
+#: plugins/sudoers/visudo.c:324
+#, c-format
+msgid "specified editor (%s) doesn't exist"
+msgstr "specifita tekstoredaktilo (%s) ne ekzistas"
+
+#: plugins/sudoers/visudo.c:326
+#, c-format
+msgid "no editor found (editor path = %s)"
+msgstr "neniu tekstoredaktilo trovita (vojo = %s)"
+
+#: plugins/sudoers/visudo.c:436 plugins/sudoers/visudo.c:444
+msgid "write error"
+msgstr "skriba eraro"
+
+#: plugins/sudoers/visudo.c:490
+#, c-format
+msgid "unable to stat temporary file (%s), %s unchanged"
+msgstr "ne eblas stat-i provizoran dosieron (%s), %s neŝanĝita"
+
+#: plugins/sudoers/visudo.c:497
+#, c-format
+msgid "zero length temporary file (%s), %s unchanged"
+msgstr "nul-longa provizora dosiero (%s), %s neŝanĝita"
+
+#: plugins/sudoers/visudo.c:503
+#, c-format
+msgid "editor (%s) failed, %s unchanged"
+msgstr "redaktilo (%s) malsukcesis, %s neŝanĝita"
+
+#: plugins/sudoers/visudo.c:525
+#, c-format
+msgid "%s unchanged"
+msgstr "%s neŝanĝita"
+
+#: plugins/sudoers/visudo.c:584
+#, c-format
+msgid "unable to re-open temporary file (%s), %s unchanged."
+msgstr "ne eblas remalfermi provizoran dosieron (%s), %s neŝanĝita."
+
+#: plugins/sudoers/visudo.c:596
+#, c-format
+msgid "unabled to parse temporary file (%s), unknown error"
+msgstr "ne eblas analizi provizoran dosieron (%s), nekonata eraro"
+
+#: plugins/sudoers/visudo.c:634
+#, c-format
+msgid "internal error, unable to find %s in list!"
+msgstr "interna eraro, ne eblas trovi '%s'-on en listo!"
+
+#: plugins/sudoers/visudo.c:714 plugins/sudoers/visudo.c:723
+#, c-format
+msgid "unable to set (uid, gid) of %s to (%u, %u)"
+msgstr "ne eblas ŝanĝi (uid, gid) de %s al (%u, %u)"
+
+#: plugins/sudoers/visudo.c:745
+#, c-format
+msgid "%s and %s not on the same file system, using mv to rename"
+msgstr "%s kaj %s ne estas la sama dosiersistemo, uzanta mv-on por alinomi"
+
+#: plugins/sudoers/visudo.c:759
+#, c-format
+msgid "command failed: '%s %s %s', %s unchanged"
+msgstr "komando malsukcesis: '%s %s %s', %s neŝanĝita"
+
+#: plugins/sudoers/visudo.c:769
+#, c-format
+msgid "error renaming %s, %s unchanged"
+msgstr "eraro dum alinomi %s-on; %s neŝanĝita"
+
+#: plugins/sudoers/visudo.c:790
+msgid "What now? "
+msgstr "Kion nun? "
+
+#: plugins/sudoers/visudo.c:804
+msgid ""
+"Options are:\n"
+"  (e)dit sudoers file again\n"
+"  e(x)it without saving changes to sudoers file\n"
+"  (Q)uit and save changes to sudoers file (DANGER!)\n"
+msgstr ""
+"Elektoj estas:\n"
+"  r(e)dakti refoje sudoers-dosieron\n"
+"  x) eliri sen konservi ŝanĝojn al sudoers-dosiero\n"
+"  q) Eliri kaj konservi ŝanĝojn al sudoers-dosiero (DANĜERA!)\n"
+
+#: plugins/sudoers/visudo.c:850
+#, c-format
+msgid "unable to run %s"
+msgstr "ne eblas plenumigi: %s"
+
+#: plugins/sudoers/visudo.c:880
+#, c-format
+msgid "%s: wrong owner (uid, gid) should be (%u, %u)\n"
+msgstr "%s: malĝusta estro (uid, gid) devas esti (%u, %u)\n"
+
+#: plugins/sudoers/visudo.c:887
+#, c-format
+msgid "%s: bad permissions, should be mode 0%o\n"
+msgstr "%s: misaj permesoj, devas esti reĝimo 0%o\n"
+
+#: plugins/sudoers/visudo.c:944 plugins/sudoers/visudo.c:951
+#, c-format
+msgid "%s: parsed OK\n"
+msgstr "%s: analizita senerare\n"
+
+#: plugins/sudoers/visudo.c:998
+#, c-format
+msgid "%s busy, try again later"
+msgstr "%s okupata, reprovu pli malfrue"
+
+#: plugins/sudoers/visudo.c:1038
+#, c-format
+msgid "Error: %s:%d cycle in %s \"%s\""
+msgstr "Eraro: %s:%d ciklo en %s \"%s\""
+
+#: plugins/sudoers/visudo.c:1039
+#, c-format
+msgid "Warning: %s:%d cycle in %s \"%s\""
+msgstr "Averto: %s:%d ciklo en %s \"%s\""
+
+#: plugins/sudoers/visudo.c:1043
+#, c-format
+msgid "Error: %s:%d %s \"%s\" referenced but not defined"
+msgstr "Eraro: %s:%d %s \"%s\" estas referencita sed ne difinita"
+
+#: plugins/sudoers/visudo.c:1044
+#, c-format
+msgid "Warning: %s:%d %s \"%s\" referenced but not defined"
+msgstr "Averto: %s:%d %s \"%s\" estas referencita sed ne difinita"
+
+#: plugins/sudoers/visudo.c:1137
+#, c-format
+msgid "Warning: %s:%d unused %s \"%s\""
+msgstr "Averto: %s:%d neuzata %s \"%s\""
+
+#: plugins/sudoers/visudo.c:1252
+#, c-format
+msgid ""
+"%s - safely edit the sudoers file\n"
+"\n"
+msgstr ""
+"%s - sekure redakti la dosieron sudoers\n"
+"\n"
+
+#: plugins/sudoers/visudo.c:1254
+msgid ""
+"\n"
+"Options:\n"
+"  -c, --check              check-only mode\n"
+"  -f, --file=sudoers       specify sudoers file location\n"
+"  -h, --help               display help message and exit\n"
+"  -q, --quiet              less verbose (quiet) syntax error messages\n"
+"  -s, --strict             strict syntax checking\n"
+"  -V, --version            display version information and exit\n"
+msgstr ""
+"\n"
+"Modifiloj:\n"
+"  -c, --check              nur kontroli\n"
+"  -f, --file=sudoers       indiki lokon de la dosiero sudoers\n"
+"  -h, --help               montri helpan mesaĝon kaj eliri\n"
+"  -q, --quit               pli silenta pri sintaksaj eraroj\n"
+"  -s, --strict             severa kontrolado de sintakso\n"
+"  -V, --version            montri eldonon kaj eliri\n"
+
+#: toke.l:942
+msgid "too many levels of includes"
+msgstr "tro da niveloj de inkluzivaĵoj"
+
+#~ msgid ""
+#~ "\n"
+#~ "LDAP Role: UNKNOWN\n"
+#~ msgstr ""
+#~ "\n"
+#~ "LDAP-rolo: NEKONATA\n"
+
+#~ msgid "    Order: %s\n"
+#~ msgstr "    Ordo: %s\n"
+
+#~ msgid ""
+#~ "\n"
+#~ "SSSD Role: %s\n"
+#~ msgstr ""
+#~ "\n"
+#~ "SSSD-rolo: %s\n"
+
+#~ msgid ""
+#~ "\n"
+#~ "SSSD Role: UNKNOWN\n"
+#~ msgstr ""
+#~ "\n"
+#~ "SSSD-rolo: NEKONATA\n"
diff --git a/plugins/sudoers/po/eu.mo b/plugins/sudoers/po/eu.mo
new file mode 100644
index 0000000..9f2ccc4
--- /dev/null
+++ b/plugins/sudoers/po/eu.mo
diff --git a/plugins/sudoers/po/eu.po b/plugins/sudoers/po/eu.po
new file mode 100644
index 0000000..6fa330e
--- /dev/null
+++ b/plugins/sudoers/po/eu.po
@@ -0,0 +1,1679 @@
+# Basque translation of sudoers.
+# Copyright (C) 2011 Free Software Foundation, Inc.
+# This file is distributed under the same license as the sudo package.
+# Mikel Olasagasti Uranga <mikel@olasagasti.info>, 2011.
+#
+msgid ""
+msgstr ""
+"Project-Id-Version: sudoers-1.8.2-rc2\n"
+"Report-Msgid-Bugs-To: http://www.sudo.ws/bugs\n"
+"POT-Creation-Date: 2011-06-04 18:27-0400\n"
+"PO-Revision-Date: 2011-06-06 19:15+0100\n"
+"Last-Translator: Mikel Olasagasti Uranga <mikel@olasagasti.info>\n"
+"Language-Team: Basque <translation-team-eu@lists.sourceforge.net>\n"
+"Language: \n"
+"X-Bugs: Report translation errors to the Language-Team address.\n"
+"MIME-Version: 1.0\n"
+"Content-Type: text/plain; charset=UTF-8\n"
+"Content-Transfer-Encoding: 8bit\n"
+"Plural-Forms: nplurals=2; plural=(n != 1);\n"
+
+#: plugins/sudoers/alias.c:122
+#, c-format
+msgid "Alias `%s' already defined"
+msgstr "`%s' alias-a lehendik ere definitua dago"
+
+#: plugins/sudoers/bsm_audit.c:58 plugins/sudoers/bsm_audit.c:61
+#: plugins/sudoers/bsm_audit.c:109 plugins/sudoers/bsm_audit.c:113
+#: plugins/sudoers/bsm_audit.c:163 plugins/sudoers/bsm_audit.c:167
+msgid "getaudit: failed"
+msgstr "getaudit: huts egin du"
+
+#: plugins/sudoers/bsm_audit.c:87 plugins/sudoers/bsm_audit.c:148
+msgid "Could not determine audit condition"
+msgstr "Ezin izan da auditoretza baldintza finkatu"
+
+#: plugins/sudoers/bsm_audit.c:98
+msgid "getauid failed"
+msgstr "getauid-ek huts egin du"
+
+#: plugins/sudoers/bsm_audit.c:100 plugins/sudoers/bsm_audit.c:157
+msgid "au_open: failed"
+msgstr "au_open: huts egin du"
+
+#: plugins/sudoers/bsm_audit.c:115 plugins/sudoers/bsm_audit.c:169
+msgid "au_to_subject: failed"
+msgstr "au_to_subject: huts egin du"
+
+#: plugins/sudoers/bsm_audit.c:119 plugins/sudoers/bsm_audit.c:173
+msgid "au_to_exec_args: failed"
+msgstr "au_to_exec_args: huts egin du"
+
+#: plugins/sudoers/bsm_audit.c:123 plugins/sudoers/bsm_audit.c:182
+msgid "au_to_return32: failed"
+msgstr "au_to_return32: huts egin du"
+
+#: plugins/sudoers/bsm_audit.c:126 plugins/sudoers/bsm_audit.c:185
+msgid "unable to commit audit record"
+msgstr "ezin da auditoretza sarrera gorde"
+
+#: plugins/sudoers/bsm_audit.c:155
+msgid "getauid: failed"
+msgstr "getauid: huts egin du"
+
+#: plugins/sudoers/bsm_audit.c:178
+msgid "au_to_text: failed"
+msgstr "au_to_text: huts egin du"
+
+#: plugins/sudoers/check.c:141
+#, c-format
+msgid "sorry, a password is required to run %s"
+msgstr "barkatu, pasahitz bat behar da %s abiarazteko"
+
+#: plugins/sudoers/check.c:225 plugins/sudoers/iolog.c:169
+#: plugins/sudoers/sudoers.c:939 plugins/sudoers/sudoreplay.c:325
+#: plugins/sudoers/sudoreplay.c:334 plugins/sudoers/sudoreplay.c:675
+#: plugins/sudoers/sudoreplay.c:767 plugins/sudoers/visudo.c:700
+#, c-format
+msgid "unable to open %s"
+msgstr "ezin da %s ireki"
+
+#: plugins/sudoers/check.c:229 plugins/sudoers/iolog.c:199
+#, c-format
+msgid "unable to write to %s"
+msgstr "ezin da %s-(e)ra idatzi"
+
+#: plugins/sudoers/check.c:237 plugins/sudoers/check.c:475
+#: plugins/sudoers/check.c:525 plugins/sudoers/iolog.c:122
+#: plugins/sudoers/iolog.c:153
+#, c-format
+msgid "unable to mkdir %s"
+msgstr "ezin da mkdir %s egin"
+
+#: plugins/sudoers/check.c:370
+#, c-format
+msgid "internal error, expand_prompt() overflow"
+msgstr "barne errorea, expand_prompt() overflow"
+
+#: plugins/sudoers/check.c:426
+#, c-format
+msgid "timestamp path too long: %s"
+msgstr ""
+
+#: plugins/sudoers/check.c:454 plugins/sudoers/check.c:498
+#: plugins/sudoers/iolog.c:155
+#, c-format
+msgid "%s exists but is not a directory (0%o)"
+msgstr "%s existitzen da baina ez da direktorio bat (0%o)"
+
+#: plugins/sudoers/check.c:457 plugins/sudoers/check.c:501
+#: plugins/sudoers/check.c:546
+#, c-format
+msgid "%s owned by uid %u, should be uid %u"
+msgstr "%s-(r)en jabea %u uid-a da, %u uid-a beharko luke"
+
+#: plugins/sudoers/check.c:462 plugins/sudoers/check.c:506
+#, c-format
+msgid "%s writable by non-owner (0%o), should be mode 0700"
+msgstr ""
+
+#: plugins/sudoers/check.c:470 plugins/sudoers/check.c:514
+#: plugins/sudoers/check.c:582 plugins/sudoers/sudoers.c:925
+#: plugins/sudoers/visudo.c:284 plugins/sudoers/visudo.c:500
+#, c-format
+msgid "unable to stat %s"
+msgstr "ezin da stat egin %s-(r)engan"
+
+#: plugins/sudoers/check.c:540
+#, c-format
+msgid "%s exists but is not a regular file (0%o)"
+msgstr ""
+
+#: plugins/sudoers/check.c:552
+#, c-format
+msgid "%s writable by non-owner (0%o), should be mode 0600"
+msgstr ""
+
+#: plugins/sudoers/check.c:606
+#, c-format
+msgid "timestamp too far in the future: %20.20s"
+msgstr ""
+
+#: plugins/sudoers/check.c:652
+#, c-format
+msgid "unable to remove %s (%s), will reset to the epoch"
+msgstr ""
+
+#: plugins/sudoers/check.c:659
+#, c-format
+msgid "unable to reset %s to the epoch"
+msgstr ""
+
+#: plugins/sudoers/check.c:713 plugins/sudoers/check.c:719
+#, c-format
+msgid "unknown uid: %u"
+msgstr "uid ezezaguna: %u"
+
+#: plugins/sudoers/check.c:716 plugins/sudoers/sudoers.c:736
+#: plugins/sudoers/sudoers.c:802 plugins/sudoers/sudoers.c:803
+#: plugins/sudoers/sudoers.c:1056 plugins/sudoers/sudoers.c:1057
+#: plugins/sudoers/testsudoers.c:200 plugins/sudoers/testsudoers.c:330
+#, c-format
+msgid "unknown user: %s"
+msgstr "erabiltzaile ezezaguna: %s"
+
+#: plugins/sudoers/def_data.c:27
+#, c-format
+msgid "Syslog facility if syslog is being used for logging: %s"
+msgstr ""
+
+#: plugins/sudoers/def_data.c:31
+#, c-format
+msgid "Syslog priority to use when user authenticates successfully: %s"
+msgstr ""
+
+#: plugins/sudoers/def_data.c:35
+#, c-format
+msgid "Syslog priority to use when user authenticates unsuccessfully: %s"
+msgstr ""
+
+#: plugins/sudoers/def_data.c:39
+msgid "Put OTP prompt on its own line"
+msgstr ""
+
+#: plugins/sudoers/def_data.c:43
+msgid "Ignore '.' in $PATH"
+msgstr ""
+
+#: plugins/sudoers/def_data.c:47
+msgid "Always send mail when sudo is run"
+msgstr ""
+
+#: plugins/sudoers/def_data.c:51
+msgid "Send mail if user authentication fails"
+msgstr ""
+
+#: plugins/sudoers/def_data.c:55
+msgid "Send mail if the user is not in sudoers"
+msgstr ""
+
+#: plugins/sudoers/def_data.c:59
+msgid "Send mail if the user is not in sudoers for this host"
+msgstr ""
+
+#: plugins/sudoers/def_data.c:63
+msgid "Send mail if the user is not allowed to run a command"
+msgstr ""
+
+#: plugins/sudoers/def_data.c:67
+msgid "Use a separate timestamp for each user/tty combo"
+msgstr ""
+
+#: plugins/sudoers/def_data.c:71
+msgid "Lecture user the first time they run sudo"
+msgstr ""
+
+#: plugins/sudoers/def_data.c:75
+#, c-format
+msgid "File containing the sudo lecture: %s"
+msgstr ""
+
+#: plugins/sudoers/def_data.c:79
+msgid "Require users to authenticate by default"
+msgstr ""
+
+#: plugins/sudoers/def_data.c:83
+msgid "Root may run sudo"
+msgstr "root-ek sudo abiarizi lezake"
+
+#: plugins/sudoers/def_data.c:87
+msgid "Log the hostname in the (non-syslog) log file"
+msgstr ""
+
+#: plugins/sudoers/def_data.c:91
+msgid "Log the year in the (non-syslog) log file"
+msgstr ""
+
+#: plugins/sudoers/def_data.c:95
+msgid "If sudo is invoked with no arguments, start a shell"
+msgstr ""
+
+#: plugins/sudoers/def_data.c:99
+msgid "Set $HOME to the target user when starting a shell with -s"
+msgstr ""
+
+#: plugins/sudoers/def_data.c:103
+msgid "Always set $HOME to the target user's home directory"
+msgstr ""
+
+#: plugins/sudoers/def_data.c:107
+msgid "Allow some information gathering to give useful error messages"
+msgstr ""
+
+#: plugins/sudoers/def_data.c:111
+msgid "Require fully-qualified hostnames in the sudoers file"
+msgstr ""
+
+#: plugins/sudoers/def_data.c:115
+msgid "Insult the user when they enter an incorrect password"
+msgstr ""
+
+#: plugins/sudoers/def_data.c:119
+msgid "Only allow the user to run sudo if they have a tty"
+msgstr ""
+
+#: plugins/sudoers/def_data.c:123
+msgid "Visudo will honor the EDITOR environment variable"
+msgstr "Visudo-k EDITOR ingurune aldagaia erabiliko du"
+
+#: plugins/sudoers/def_data.c:127
+msgid "Prompt for root's password, not the users's"
+msgstr ""
+
+#: plugins/sudoers/def_data.c:131
+msgid "Prompt for the runas_default user's password, not the users's"
+msgstr ""
+
+#: plugins/sudoers/def_data.c:135
+msgid "Prompt for the target user's password, not the users's"
+msgstr ""
+
+#: plugins/sudoers/def_data.c:139
+msgid "Apply defaults in the target user's login class if there is one"
+msgstr ""
+
+#: plugins/sudoers/def_data.c:143
+msgid "Set the LOGNAME and USER environment variables"
+msgstr ""
+
+#: plugins/sudoers/def_data.c:147
+msgid "Only set the effective uid to the target user, not the real uid"
+msgstr ""
+
+#: plugins/sudoers/def_data.c:151
+msgid "Don't initialize the group vector to that of the target user"
+msgstr ""
+
+#: plugins/sudoers/def_data.c:155
+#, c-format
+msgid "Length at which to wrap log file lines (0 for no wrap): %d"
+msgstr ""
+
+#: plugins/sudoers/def_data.c:159
+#, c-format
+msgid "Authentication timestamp timeout: %.1f minutes"
+msgstr ""
+
+#: plugins/sudoers/def_data.c:163
+#, c-format
+msgid "Password prompt timeout: %.1f minutes"
+msgstr ""
+
+#: plugins/sudoers/def_data.c:167
+#, c-format
+msgid "Number of tries to enter a password: %d"
+msgstr ""
+
+#: plugins/sudoers/def_data.c:171
+#, c-format
+msgid "Umask to use or 0777 to use user's: 0%o"
+msgstr ""
+
+#: plugins/sudoers/def_data.c:175
+#, c-format
+msgid "Path to log file: %s"
+msgstr ""
+
+#: plugins/sudoers/def_data.c:179
+#, c-format
+msgid "Path to mail program: %s"
+msgstr ""
+
+#: plugins/sudoers/def_data.c:183
+#, c-format
+msgid "Flags for mail program: %s"
+msgstr ""
+
+#: plugins/sudoers/def_data.c:187
+#, c-format
+msgid "Address to send mail to: %s"
+msgstr ""
+
+#: plugins/sudoers/def_data.c:191
+#, c-format
+msgid "Address to send mail from: %s"
+msgstr ""
+
+#: plugins/sudoers/def_data.c:195
+#, c-format
+msgid "Subject line for mail messages: %s"
+msgstr ""
+
+#: plugins/sudoers/def_data.c:199
+#, c-format
+msgid "Incorrect password message: %s"
+msgstr ""
+
+#: plugins/sudoers/def_data.c:203
+#, c-format
+msgid "Path to authentication timestamp dir: %s"
+msgstr ""
+
+#: plugins/sudoers/def_data.c:207
+#, c-format
+msgid "Owner of the authentication timestamp dir: %s"
+msgstr ""
+
+#: plugins/sudoers/def_data.c:211
+#, c-format
+msgid "Users in this group are exempt from password and PATH requirements: %s"
+msgstr ""
+
+#: plugins/sudoers/def_data.c:215
+#, c-format
+msgid "Default password prompt: %s"
+msgstr ""
+
+#: plugins/sudoers/def_data.c:219
+msgid "If set, passprompt will override system prompt in all cases."
+msgstr ""
+
+#: plugins/sudoers/def_data.c:223
+#, c-format
+msgid "Default user to run commands as: %s"
+msgstr ""
+
+#: plugins/sudoers/def_data.c:227
+#, c-format
+msgid "Value to override user's $PATH with: %s"
+msgstr ""
+
+#: plugins/sudoers/def_data.c:231
+#, c-format
+msgid "Path to the editor for use by visudo: %s"
+msgstr ""
+
+#: plugins/sudoers/def_data.c:235
+#, c-format
+msgid "When to require a password for 'list' pseudocommand: %s"
+msgstr ""
+
+#: plugins/sudoers/def_data.c:239
+#, c-format
+msgid "When to require a password for 'verify' pseudocommand: %s"
+msgstr ""
+
+#: plugins/sudoers/def_data.c:243
+msgid "Preload the dummy exec functions contained in 'noexec_file'"
+msgstr ""
+
+#: plugins/sudoers/def_data.c:247
+#, c-format
+msgid "File containing dummy exec functions: %s"
+msgstr ""
+
+#: plugins/sudoers/def_data.c:251
+msgid "If LDAP directory is up, do we ignore local sudoers file"
+msgstr ""
+
+#: plugins/sudoers/def_data.c:255
+#, c-format
+msgid "File descriptors >= %d will be closed before executing a command"
+msgstr ""
+
+#: plugins/sudoers/def_data.c:259
+msgid "If set, users may override the value of `closefrom' with the -C option"
+msgstr ""
+
+#: plugins/sudoers/def_data.c:263
+msgid "Allow users to set arbitrary environment variables"
+msgstr ""
+
+#: plugins/sudoers/def_data.c:267
+msgid "Reset the environment to a default set of variables"
+msgstr ""
+
+#: plugins/sudoers/def_data.c:271
+msgid "Environment variables to check for sanity:"
+msgstr ""
+
+#: plugins/sudoers/def_data.c:275
+msgid "Environment variables to remove:"
+msgstr ""
+
+#: plugins/sudoers/def_data.c:279
+msgid "Environment variables to preserve:"
+msgstr ""
+
+#: plugins/sudoers/def_data.c:283
+#, c-format
+msgid "SELinux role to use in the new security context: %s"
+msgstr ""
+
+#: plugins/sudoers/def_data.c:287
+#, c-format
+msgid "SELinux type to use in the new security context: %s"
+msgstr ""
+
+#: plugins/sudoers/def_data.c:291
+#, c-format
+msgid "Path to the sudo-specific environment file: %s"
+msgstr ""
+
+#: plugins/sudoers/def_data.c:295
+#, c-format
+msgid "Locale to use while parsing sudoers: %s"
+msgstr ""
+
+#: plugins/sudoers/def_data.c:299
+msgid "Allow sudo to prompt for a password even if it would be visisble"
+msgstr ""
+
+#: plugins/sudoers/def_data.c:303
+msgid "Provide visual feedback at the password prompt when there is user input"
+msgstr ""
+
+#: plugins/sudoers/def_data.c:307
+msgid "Use faster globbing that is less accurate but does not access the filesystem"
+msgstr ""
+
+#: plugins/sudoers/def_data.c:311
+msgid "The umask specified in sudoers will override the user's, even if it is more permissive"
+msgstr ""
+
+#: plugins/sudoers/def_data.c:315
+msgid "Log user's input for the command being run"
+msgstr ""
+
+#: plugins/sudoers/def_data.c:319
+msgid "Log the output of the command being run"
+msgstr ""
+
+#: plugins/sudoers/def_data.c:323
+msgid "Compress I/O logs using zlib"
+msgstr "Trinkotu S/E gertaerak zlib erabiliz"
+
+#: plugins/sudoers/def_data.c:327
+msgid "Always run commands in a pseudo-tty"
+msgstr ""
+
+#: plugins/sudoers/def_data.c:331
+msgid "Plugin for non-Unix group support"
+msgstr ""
+
+#: plugins/sudoers/def_data.c:335
+msgid "Directory in which to store input/output logs"
+msgstr ""
+
+#: plugins/sudoers/def_data.c:339
+msgid "File in which to store the input/output log"
+msgstr ""
+
+#: plugins/sudoers/def_data.c:343
+msgid "Add an entry to the utmp/utmpx file when allocating a pty"
+msgstr ""
+
+#: plugins/sudoers/def_data.c:347
+msgid "Set the user in utmp to the runas user, not the invoking user"
+msgstr ""
+
+#: plugins/sudoers/defaults.c:197
+msgid ""
+"Available options in a sudoers ``Defaults'' line:\n"
+"\n"
+msgstr ""
+
+#: plugins/sudoers/defaults.c:204 plugins/sudoers/defaults.c:215
+#, c-format
+msgid "%s: %s\n"
+msgstr "%s: %s\n"
+
+#: plugins/sudoers/defaults.c:211
+#, c-format
+msgid "%s: %.*s\n"
+msgstr "%s: %.*s\n"
+
+#: plugins/sudoers/defaults.c:241
+#, c-format
+msgid "unknown defaults entry `%s'"
+msgstr ""
+
+#: plugins/sudoers/defaults.c:249 plugins/sudoers/defaults.c:259
+#: plugins/sudoers/defaults.c:279 plugins/sudoers/defaults.c:292
+#: plugins/sudoers/defaults.c:305 plugins/sudoers/defaults.c:318
+#: plugins/sudoers/defaults.c:331 plugins/sudoers/defaults.c:351
+#: plugins/sudoers/defaults.c:361
+#, c-format
+msgid "value `%s' is invalid for option `%s'"
+msgstr "`%s' balorea baliogabea da `%s' aukerarentzat"
+
+#: plugins/sudoers/defaults.c:252 plugins/sudoers/defaults.c:262
+#: plugins/sudoers/defaults.c:270 plugins/sudoers/defaults.c:287
+#: plugins/sudoers/defaults.c:300 plugins/sudoers/defaults.c:313
+#: plugins/sudoers/defaults.c:326 plugins/sudoers/defaults.c:346
+#: plugins/sudoers/defaults.c:357
+#, c-format
+msgid "no value specified for `%s'"
+msgstr "ez da baliorik ezarri `%s'-(r)entzat"
+
+#: plugins/sudoers/defaults.c:275
+#, c-format
+msgid "values for `%s' must start with a '/'"
+msgstr ""
+
+#: plugins/sudoers/defaults.c:337
+#, c-format
+msgid "option `%s' does not take a value"
+msgstr ""
+
+#: plugins/sudoers/env.c:259
+#, c-format
+msgid "internal error, sudo_setenv() overflow"
+msgstr ""
+
+#: plugins/sudoers/env.c:289
+#, c-format
+msgid "sudo_putenv: corrupted envp, length mismatch"
+msgstr ""
+
+#: plugins/sudoers/env.c:694
+#, c-format
+msgid "sorry, you are not allowed to set the following environment variables: %s"
+msgstr ""
+
+#: plugins/sudoers/find_path.c:68 plugins/sudoers/find_path.c:107
+#: plugins/sudoers/find_path.c:122 plugins/sudoers/iolog.c:124
+#: plugins/sudoers/sudoers.c:868 toke.l:663 toke.l:814
+#, c-format
+msgid "%s: %s"
+msgstr "%s: %s"
+
+#: gram.y:103
+#, c-format
+msgid ">>> %s: %s near line %d <<<"
+msgstr ""
+
+#: plugins/sudoers/group_plugin.c:91
+#, c-format
+msgid "%s%s: %s"
+msgstr "%s%s: %s"
+
+#: plugins/sudoers/group_plugin.c:103
+#, c-format
+msgid "%s must be owned by uid %d"
+msgstr ""
+
+#: plugins/sudoers/group_plugin.c:107
+#, c-format
+msgid "%s must only be writable by owner"
+msgstr ""
+
+#: plugins/sudoers/group_plugin.c:114
+#, c-format
+msgid "unable to dlopen %s: %s"
+msgstr ""
+
+#: plugins/sudoers/group_plugin.c:119
+#, c-format
+msgid "unable to find symbol \"group_plugin\" in %s"
+msgstr ""
+
+#: plugins/sudoers/group_plugin.c:124
+#, c-format
+msgid "%s: incompatible group plugin major version %d, expected %d"
+msgstr ""
+
+#: plugins/sudoers/interfaces.c:109
+msgid "Local IP address and netmask pairs:\n"
+msgstr ""
+
+#: plugins/sudoers/iolog.c:176 plugins/sudoers/sudoers.c:946
+#, c-format
+msgid "unable to read %s"
+msgstr "ezin da %s irakurri"
+
+#: plugins/sudoers/iolog.c:179
+#, c-format
+msgid "invalid sequence number %s"
+msgstr ""
+
+#: plugins/sudoers/iolog.c:225 plugins/sudoers/iolog.c:228
+#: plugins/sudoers/iolog.c:478 plugins/sudoers/iolog.c:483
+#: plugins/sudoers/iolog.c:489 plugins/sudoers/iolog.c:497
+#: plugins/sudoers/iolog.c:505 plugins/sudoers/iolog.c:513
+#: plugins/sudoers/iolog.c:521
+#, c-format
+msgid "unable to create %s"
+msgstr "ezin da %s sortu"
+
+#: plugins/sudoers/iolog_path.c:245 plugins/sudoers/sudoers.c:361
+#, c-format
+msgid "unable to set locale to \"%s\", using \"C\""
+msgstr ""
+
+#: plugins/sudoers/ldap.c:363
+#, c-format
+msgid "sudo_ldap_conf_add_ports: port too large"
+msgstr "sudo_ldap_conf_add_ports: port too large"
+
+#: plugins/sudoers/ldap.c:386
+#, c-format
+msgid "sudo_ldap_conf_add_ports: out of space expanding hostbuf"
+msgstr "sudo_ldap_conf_add_ports: out of space expanding hostbuf"
+
+#: plugins/sudoers/ldap.c:415
+#, c-format
+msgid "unsupported LDAP uri type: %s"
+msgstr ""
+
+#: plugins/sudoers/ldap.c:444
+#, c-format
+msgid "invalid uri: %s"
+msgstr "baliogabeko uri-a: %s"
+
+#: plugins/sudoers/ldap.c:450
+#, c-format
+msgid "unable to mix ldap and ldaps URIs"
+msgstr ""
+
+#: plugins/sudoers/ldap.c:454
+#, c-format
+msgid "unable to mix ldaps and starttls"
+msgstr ""
+
+#: plugins/sudoers/ldap.c:473
+#, c-format
+msgid "sudo_ldap_parse_uri: out of space building hostbuf"
+msgstr ""
+
+#: plugins/sudoers/ldap.c:536
+#, c-format
+msgid "unable to initialize SSL cert and key db: %s"
+msgstr ""
+
+#: plugins/sudoers/ldap.c:932
+#, c-format
+msgid "unable to get GMT time"
+msgstr ""
+
+#: plugins/sudoers/ldap.c:938
+#, c-format
+msgid "unable to format timestamp"
+msgstr ""
+
+#: plugins/sudoers/ldap.c:946
+#, c-format
+msgid "unable to build time filter"
+msgstr ""
+
+#: plugins/sudoers/ldap.c:1044
+#, c-format
+msgid "sudo_ldap_build_pass1 allocation mismatch"
+msgstr ""
+
+#: plugins/sudoers/ldap.c:1539
+#, c-format
+msgid ""
+"\n"
+"LDAP Role: %s\n"
+msgstr ""
+
+#: plugins/sudoers/ldap.c:1541
+#, c-format
+msgid ""
+"\n"
+"LDAP Role: UNKNOWN\n"
+msgstr ""
+
+#: plugins/sudoers/ldap.c:1588
+#, c-format
+msgid "    Order: %s\n"
+msgstr ""
+
+#: plugins/sudoers/ldap.c:1596
+#, c-format
+msgid "    Commands:\n"
+msgstr ""
+
+#: plugins/sudoers/ldap.c:1983
+#, c-format
+msgid "unable to initialize LDAP: %s"
+msgstr ""
+
+#: plugins/sudoers/ldap.c:2014
+#, c-format
+msgid "start_tls specified but LDAP libs do not support ldap_start_tls_s() or ldap_start_tls_s_np()"
+msgstr ""
+
+#: plugins/sudoers/ldap.c:2245
+#, c-format
+msgid "invalid sudoOrder attribute: %s"
+msgstr ""
+
+#: plugins/sudoers/linux_audit.c:55
+#, c-format
+msgid "unable to open audit system"
+msgstr ""
+
+#: plugins/sudoers/linux_audit.c:79
+#, c-format
+msgid "internal error, linux_audit_command() overflow"
+msgstr ""
+
+#: plugins/sudoers/linux_audit.c:88
+#, c-format
+msgid "unable to send audit message"
+msgstr ""
+
+#: plugins/sudoers/logging.c:193
+#, c-format
+msgid "unable to open log file: %s: %s"
+msgstr ""
+
+#: plugins/sudoers/logging.c:196
+#, c-format
+msgid "unable to lock log file: %s: %s"
+msgstr ""
+
+#: plugins/sudoers/logging.c:295
+msgid "user NOT in sudoers"
+msgstr "erabiltzailea ez dago sudoers-en"
+
+#: plugins/sudoers/logging.c:297
+msgid "user NOT authorized on host"
+msgstr "erabiltzailea ez dago baimendutako ostalarian"
+
+#: plugins/sudoers/logging.c:299
+msgid "command not allowed"
+msgstr "komandua ez dago baimenduta"
+
+#: plugins/sudoers/logging.c:309
+#, c-format
+msgid "%s is not in the sudoers file.  This incident will be reported.\n"
+msgstr "%s ez dago sudoers fitxatzegian.  Gertaeraren berri emango da.\n"
+
+#: plugins/sudoers/logging.c:312
+#, c-format
+msgid "%s is not allowed to run sudo on %s.  This incident will be reported.\n"
+msgstr "%s ez dago baimenduta sudo abiarazteko %s-(e)n.  Gertaeraren berri emango da.\n"
+
+#: plugins/sudoers/logging.c:316
+#, c-format
+msgid "Sorry, user %s may not run sudo on %s.\n"
+msgstr "Barkatu, %s erabiltzaileak ez luke sudo abiariazi beharko %s-(e)n.\n"
+
+#: plugins/sudoers/logging.c:319
+#, c-format
+msgid "Sorry, user %s is not allowed to execute '%s%s%s' as %s%s%s on %s.\n"
+msgstr "Barkatu, %s erabiltzaileak ez du '%s%s%s' %s%s%s bezala exekutatzeko baimenik %s-(e)n.\n"
+
+#: plugins/sudoers/logging.c:454
+#, c-format
+msgid "unable to fork"
+msgstr ""
+
+#: plugins/sudoers/logging.c:461 plugins/sudoers/logging.c:518
+#, c-format
+msgid "unable to fork: %m"
+msgstr ""
+
+#: plugins/sudoers/logging.c:511
+#, c-format
+msgid "unable to open pipe: %m"
+msgstr ""
+
+#: plugins/sudoers/logging.c:530
+#, c-format
+msgid "unable to dup stdin: %m"
+msgstr ""
+
+#: plugins/sudoers/logging.c:564
+#, c-format
+msgid "unable to execute %s: %m"
+msgstr ""
+
+#: plugins/sudoers/logging.c:774
+#, c-format
+msgid "internal error: insufficient space for log line"
+msgstr ""
+
+#: plugins/sudoers/parse.c:115
+#, c-format
+msgid "parse error in %s near line %d"
+msgstr ""
+
+#: plugins/sudoers/parse.c:369
+#, c-format
+msgid ""
+"\n"
+"Sudoers entry:\n"
+msgstr ""
+
+#: plugins/sudoers/parse.c:371
+#, c-format
+msgid "    RunAsUsers: "
+msgstr ""
+
+#: plugins/sudoers/parse.c:386
+#, c-format
+msgid "    RunAsGroups: "
+msgstr ""
+
+#: plugins/sudoers/parse.c:395
+#, c-format
+msgid ""
+"    Commands:\n"
+"\t"
+msgstr ""
+
+#: plugins/sudoers/plugin_error.c:100 plugins/sudoers/plugin_error.c:105
+msgid ": "
+msgstr ": "
+
+#: plugins/sudoers/pwutil.c:244
+#, c-format
+msgid "unable to cache uid %u (%s), already exists"
+msgstr ""
+
+#: plugins/sudoers/pwutil.c:252
+#, c-format
+msgid "unable to cache uid %u, already exists"
+msgstr ""
+
+#: plugins/sudoers/pwutil.c:288 plugins/sudoers/pwutil.c:297
+#, c-format
+msgid "unable to cache user %s, already exists"
+msgstr ""
+
+#: plugins/sudoers/pwutil.c:511
+#, c-format
+msgid "unable to cache gid %u (%s), already exists"
+msgstr ""
+
+#: plugins/sudoers/pwutil.c:519
+#, c-format
+msgid "unable to cache gid %u, already exists"
+msgstr ""
+
+#: plugins/sudoers/pwutil.c:548 plugins/sudoers/pwutil.c:557
+#, c-format
+msgid "unable to cache group %s, already exists"
+msgstr ""
+
+#: plugins/sudoers/set_perms.c:249 plugins/sudoers/set_perms.c:476
+#: plugins/sudoers/set_perms.c:710
+#, c-format
+msgid "unable to change to sudoers gid"
+msgstr ""
+
+#: plugins/sudoers/set_perms.c:290 plugins/sudoers/set_perms.c:514
+#: plugins/sudoers/set_perms.c:748 plugins/sudoers/set_perms.c:882
+msgid "too many processes"
+msgstr "prozesu gehiegi"
+
+#: plugins/sudoers/set_perms.c:943 plugins/sudoers/set_perms.c:959
+msgid "unable to set runas group vector"
+msgstr ""
+
+#: plugins/sudoers/set_perms.c:952
+msgid "unable to get runas group vector"
+msgstr ""
+
+#: plugins/sudoers/sudo_nss.c:217
+msgid "unable to reset group vector"
+msgstr ""
+
+#: plugins/sudoers/sudo_nss.c:223
+msgid "unable to get group vector"
+msgstr ""
+
+#: plugins/sudoers/sudo_nss.c:266
+#, c-format
+msgid "Matching Defaults entries for %s on this host:\n"
+msgstr ""
+
+#: plugins/sudoers/sudo_nss.c:279
+#, c-format
+msgid "Runas and Command-specific defaults for %s:\n"
+msgstr ""
+
+#: plugins/sudoers/sudo_nss.c:292
+#, c-format
+msgid "User %s may run the following commands on this host:\n"
+msgstr ""
+
+#: plugins/sudoers/sudo_nss.c:302
+#, c-format
+msgid "User %s is not allowed to run sudo on %s.\n"
+msgstr ""
+
+#: plugins/sudoers/sudoers.c:206 plugins/sudoers/sudoers.c:241
+#: plugins/sudoers/sudoers.c:876
+msgid "problem with defaults entries"
+msgstr ""
+
+#: plugins/sudoers/sudoers.c:210
+#, c-format
+msgid "no valid sudoers sources found, quitting"
+msgstr ""
+
+#: plugins/sudoers/sudoers.c:264
+#, c-format
+msgid "unable to execute %s: %s"
+msgstr "ezin da %s exekutatu: %s"
+
+#: plugins/sudoers/sudoers.c:311
+#, c-format
+msgid "sudoers specifies that root is not allowed to sudo"
+msgstr ""
+
+#: plugins/sudoers/sudoers.c:318
+#, c-format
+msgid "you are not permitted to use the -C option"
+msgstr ""
+
+#: plugins/sudoers/sudoers.c:407
+#, c-format
+msgid "timestamp owner (%s): No such user"
+msgstr "data-zigiluaren jabea (%s): ez dago horrelako erabiltzailerik"
+
+#: plugins/sudoers/sudoers.c:423
+msgid "no tty"
+msgstr "tty gabe"
+
+#: plugins/sudoers/sudoers.c:424
+#, c-format
+msgid "sorry, you must have a tty to run sudo"
+msgstr "barkatu, tty bat behar duzu sudo abiarazteko"
+
+#: plugins/sudoers/sudoers.c:470
+msgid "No user or host"
+msgstr "Ez dago erabiltzaile edo ostalaririk"
+
+#: plugins/sudoers/sudoers.c:484 plugins/sudoers/sudoers.c:505
+#: plugins/sudoers/sudoers.c:506 plugins/sudoers/sudoers.c:1413
+#: plugins/sudoers/sudoers.c:1414
+#, c-format
+msgid "%s: command not found"
+msgstr "%s: komandoa ez da aurkitu"
+
+#: plugins/sudoers/sudoers.c:486 plugins/sudoers/sudoers.c:502
+#, c-format
+msgid ""
+"ignoring `%s' found in '.'\n"
+"Use `sudo ./%s' if this is the `%s' you wish to run."
+msgstr ""
+
+#: plugins/sudoers/sudoers.c:491
+msgid "validation failure"
+msgstr "balidazio hutsegitea"
+
+#: plugins/sudoers/sudoers.c:501
+msgid "command in current directory"
+msgstr ""
+
+#: plugins/sudoers/sudoers.c:513
+#, c-format
+msgid "sorry, you are not allowed to preserve the environment"
+msgstr ""
+
+#: plugins/sudoers/sudoers.c:860
+#, c-format
+msgid "internal error, set_cmnd() overflow"
+msgstr ""
+
+#: plugins/sudoers/sudoers.c:904
+#, c-format
+msgid "fixed mode on %s"
+msgstr ""
+
+#: plugins/sudoers/sudoers.c:908
+#, c-format
+msgid "set group on %s"
+msgstr ""
+
+#: plugins/sudoers/sudoers.c:911
+#, c-format
+msgid "unable to set group on %s"
+msgstr ""
+
+#: plugins/sudoers/sudoers.c:914
+#, c-format
+msgid "unable to fix mode on %s"
+msgstr ""
+
+#: plugins/sudoers/sudoers.c:927
+#, c-format
+msgid "%s is not a regular file"
+msgstr ""
+
+#: plugins/sudoers/sudoers.c:929
+#, c-format
+msgid "%s is mode 0%o, should be 0%o"
+msgstr ""
+
+#: plugins/sudoers/sudoers.c:933
+#, c-format
+msgid "%s is owned by uid %u, should be %u"
+msgstr ""
+
+#: plugins/sudoers/sudoers.c:936
+#, c-format
+msgid "%s is owned by gid %u, should be %u"
+msgstr ""
+
+#: plugins/sudoers/sudoers.c:980
+#, c-format
+msgid "only root can use `-c %s'"
+msgstr "soilik root-ek erabili dezake `-c %s'"
+
+#: plugins/sudoers/sudoers.c:990
+#, c-format
+msgid "unknown login class: %s"
+msgstr ""
+
+#: plugins/sudoers/sudoers.c:1024
+#, c-format
+msgid "unable to resolve host %s"
+msgstr ""
+
+#: plugins/sudoers/sudoers.c:1076 plugins/sudoers/testsudoers.c:342
+#, c-format
+msgid "unknown group: %s"
+msgstr "talde ezezaguna: %s"
+
+#: plugins/sudoers/sudoers.c:1108
+#, c-format
+msgid "Sudoers policy plugin version %s\n"
+msgstr ""
+
+#: plugins/sudoers/sudoers.c:1110
+#, c-format
+msgid "Sudoers file grammar version %d\n"
+msgstr ""
+
+#: plugins/sudoers/sudoers.c:1114
+#, c-format
+msgid ""
+"\n"
+"Sudoers path: %s\n"
+msgstr ""
+"\n"
+"Sudoers-en bidea: %s\n"
+
+#: plugins/sudoers/sudoers.c:1117
+#, c-format
+msgid "nsswitch path: %s\n"
+msgstr "nsswitch-en bidea: %s\n"
+
+#: plugins/sudoers/sudoers.c:1119
+#, c-format
+msgid "ldap.conf path: %s\n"
+msgstr "ldap.conf-en bidea: %s\n"
+
+#: plugins/sudoers/sudoers.c:1120
+#, c-format
+msgid "ldap.secret path: %s\n"
+msgstr "ldap.secret-en bidea: %s\n"
+
+#: plugins/sudoers/sudoreplay.c:265
+#, c-format
+msgid "invalid filter option: %s"
+msgstr ""
+
+#: plugins/sudoers/sudoreplay.c:278
+#, c-format
+msgid "invalid max wait: %s"
+msgstr ""
+
+#: plugins/sudoers/sudoreplay.c:284
+#, c-format
+msgid "invalid speed factor: %s"
+msgstr ""
+
+#: plugins/sudoers/sudoreplay.c:287 plugins/sudoers/visudo.c:174
+#, c-format
+msgid "%s version %s\n"
+msgstr "%s bertsioa %s\n"
+
+#: plugins/sudoers/sudoreplay.c:310
+#, c-format
+msgid "%s/%.2s/%.2s/%.2s/timing: %s"
+msgstr ""
+
+#: plugins/sudoers/sudoreplay.c:316
+#, c-format
+msgid "%s/%s/timing: %s"
+msgstr ""
+
+#: plugins/sudoers/sudoreplay.c:341
+#, c-format
+msgid "invalid log file %s"
+msgstr "baliogabeko %s log fitxategia"
+
+#: plugins/sudoers/sudoreplay.c:343
+#, c-format
+msgid "Replaying sudo session: %s"
+msgstr ""
+
+#: plugins/sudoers/sudoreplay.c:369
+#, c-format
+msgid "unable to set tty to raw mode"
+msgstr ""
+
+#: plugins/sudoers/sudoreplay.c:383
+#, c-format
+msgid "invalid timing file line: %s"
+msgstr ""
+
+#: plugins/sudoers/sudoreplay.c:425
+#, c-format
+msgid "writing to standard output"
+msgstr ""
+
+#: plugins/sudoers/sudoreplay.c:455
+#, c-format
+msgid "nanosleep: tv_sec %ld, tv_nsec %ld"
+msgstr ""
+
+#: plugins/sudoers/sudoreplay.c:503 plugins/sudoers/sudoreplay.c:528
+#, c-format
+msgid "ambiguous expression \"%s\""
+msgstr ""
+
+#: plugins/sudoers/sudoreplay.c:545
+#, c-format
+msgid "too many parenthesized expressions, max %d"
+msgstr ""
+
+#: plugins/sudoers/sudoreplay.c:556
+#, c-format
+msgid "unmatched ')' in expression"
+msgstr ""
+
+#: plugins/sudoers/sudoreplay.c:562
+#, c-format
+msgid "unknown search term \"%s\""
+msgstr ""
+
+#: plugins/sudoers/sudoreplay.c:576
+#, c-format
+msgid "%s requires an argument"
+msgstr ""
+
+#: plugins/sudoers/sudoreplay.c:580
+#, c-format
+msgid "invalid regular expression: %s"
+msgstr ""
+
+#: plugins/sudoers/sudoreplay.c:586
+#, c-format
+msgid "could not parse date \"%s\""
+msgstr ""
+
+#: plugins/sudoers/sudoreplay.c:599
+#, c-format
+msgid "unmatched '(' in expression"
+msgstr ""
+
+#: plugins/sudoers/sudoreplay.c:601
+#, c-format
+msgid "illegal trailing \"or\""
+msgstr ""
+
+#: plugins/sudoers/sudoreplay.c:603
+#, c-format
+msgid "illegal trailing \"!\""
+msgstr ""
+
+#: plugins/sudoers/sudoreplay.c:819
+#, c-format
+msgid "invalid regex: %s"
+msgstr "baliogabeko regex-a: %s"
+
+#: plugins/sudoers/sudoreplay.c:941
+#, c-format
+msgid "usage: %s [-h] [-d directory] [-m max_wait] [-s speed_factor] ID\n"
+msgstr ""
+
+#: plugins/sudoers/sudoreplay.c:944
+#, c-format
+msgid "usage: %s [-h] [-d directory] -l [search expression]\n"
+msgstr ""
+
+#: plugins/sudoers/sudoreplay.c:953
+#, c-format
+msgid ""
+"%s - replay sudo session logs\n"
+"\n"
+msgstr ""
+
+#: plugins/sudoers/sudoreplay.c:955
+msgid ""
+"\n"
+"Options:\n"
+"  -d directory     specify directory for session logs\n"
+"  -f filter        specify which I/O type to display\n"
+"  -h               display help message and exit\n"
+"  -l [expression]  list available session IDs that match expression\n"
+"  -m max_wait      max number of seconds to wait between events\n"
+"  -s speed_factor  speed up or slow down output\n"
+"  -V               display version information and exit"
+msgstr ""
+
+#: plugins/sudoers/testsudoers.c:228
+#, c-format
+msgid "internal error, init_vars() overflow"
+msgstr ""
+
+#: plugins/sudoers/testsudoers.c:304
+msgid "\thost  unmatched"
+msgstr ""
+
+#: plugins/sudoers/testsudoers.c:307
+msgid ""
+"\n"
+"Command allowed"
+msgstr ""
+
+#: plugins/sudoers/testsudoers.c:308
+msgid ""
+"\n"
+"Command denied"
+msgstr ""
+
+#: plugins/sudoers/testsudoers.c:308
+msgid ""
+"\n"
+"Command unmatched"
+msgstr ""
+
+#: toke.l:667 toke.l:793 toke.l:818 toke.l:904 plugins/sudoers/toke_util.c:111
+#: plugins/sudoers/toke_util.c:163 plugins/sudoers/toke_util.c:202
+msgid "unable to allocate memory"
+msgstr ""
+
+#: toke.l:786
+msgid "too many levels of includes"
+msgstr "include maila gehiegi"
+
+#: plugins/sudoers/toke_util.c:213
+msgid "fill_args: buffer overflow"
+msgstr "fill_args: buffer overflow"
+
+#: plugins/sudoers/visudo.c:175
+#, c-format
+msgid "%s grammar version %d\n"
+msgstr ""
+
+#: plugins/sudoers/visudo.c:208 plugins/sudoers/auth/rfc1938.c:103
+#, c-format
+msgid "you do not exist in the %s database"
+msgstr "ez zara %s datubasean existitzen"
+
+#: plugins/sudoers/visudo.c:238 plugins/sudoers/visudo.c:470
+#, c-format
+msgid "press return to edit %s: "
+msgstr "sakatu intro %s editatzeko:"
+
+#: plugins/sudoers/visudo.c:300 plugins/sudoers/visudo.c:306
+#, c-format
+msgid "write error"
+msgstr "idazketa errorea"
+
+#: plugins/sudoers/visudo.c:360
+#, c-format
+msgid "unable to stat temporary file (%s), %s unchanged"
+msgstr ""
+
+#: plugins/sudoers/visudo.c:365
+#, c-format
+msgid "zero length temporary file (%s), %s unchanged"
+msgstr ""
+
+#: plugins/sudoers/visudo.c:371
+#, c-format
+msgid "editor (%s) failed, %s unchanged"
+msgstr ""
+
+#: plugins/sudoers/visudo.c:394
+#, c-format
+msgid "%s unchanged"
+msgstr "%s aldatu gabea"
+
+#: plugins/sudoers/visudo.c:418
+#, c-format
+msgid "unable to re-open temporary file (%s), %s unchanged."
+msgstr ""
+
+#: plugins/sudoers/visudo.c:428
+#, c-format
+msgid "unabled to parse temporary file (%s), unknown error"
+msgstr ""
+
+#: plugins/sudoers/visudo.c:463
+#, c-format
+msgid "internal error, unable to find %s in list!"
+msgstr ""
+
+#: plugins/sudoers/visudo.c:502 plugins/sudoers/visudo.c:511
+#, c-format
+msgid "unable to set (uid, gid) of %s to (%d, %d)"
+msgstr ""
+
+#: plugins/sudoers/visudo.c:506 plugins/sudoers/visudo.c:516
+#, c-format
+msgid "unable to change mode of %s to 0%o"
+msgstr ""
+
+#: plugins/sudoers/visudo.c:533
+#, c-format
+msgid "%s and %s not on the same file system, using mv to rename"
+msgstr ""
+
+#: plugins/sudoers/visudo.c:547
+#, c-format
+msgid "command failed: '%s %s %s', %s unchanged"
+msgstr ""
+
+#: plugins/sudoers/visudo.c:557
+#, c-format
+msgid "error renaming %s, %s unchanged"
+msgstr ""
+
+#: plugins/sudoers/visudo.c:617
+msgid "What now? "
+msgstr "Eta orain?"
+
+#: plugins/sudoers/visudo.c:631
+msgid ""
+"Options are:\n"
+"  (e)dit sudoers file again\n"
+"  e(x)it without saving changes to sudoers file\n"
+"  (Q)uit and save changes to sudoers file (DANGER!)\n"
+msgstr ""
+
+#: plugins/sudoers/visudo.c:668
+#, c-format
+msgid "unable to execute %s"
+msgstr "ezin da %s exekutatu"
+
+#: plugins/sudoers/visudo.c:675
+#, c-format
+msgid "unable to run %s"
+msgstr "ezin da %s abiarazi"
+
+#: plugins/sudoers/visudo.c:706
+#, c-format
+msgid "failed to parse %s file, unknown error"
+msgstr ""
+
+#: plugins/sudoers/visudo.c:718
+#, c-format
+msgid "parse error in %s near line %d\n"
+msgstr ""
+
+#: plugins/sudoers/visudo.c:721
+#, c-format
+msgid "parse error in %s\n"
+msgstr ""
+
+#: plugins/sudoers/visudo.c:723
+#, c-format
+msgid "%s: parsed OK\n"
+msgstr ""
+
+#: plugins/sudoers/visudo.c:737
+#, c-format
+msgid "%s: wrong owner (uid, gid) should be (%d, %d)\n"
+msgstr ""
+
+#: plugins/sudoers/visudo.c:744
+#, c-format
+msgid "%s: bad permissions, should be mode 0%o\n"
+msgstr ""
+
+#: plugins/sudoers/visudo.c:783
+#, c-format
+msgid "%s busy, try again later"
+msgstr "%s okupatuta, saiatu berriz beranduago"
+
+#: plugins/sudoers/visudo.c:826
+#, c-format
+msgid "specified editor (%s) doesn't exist"
+msgstr ""
+
+#: plugins/sudoers/visudo.c:849
+#, c-format
+msgid "unable to stat editor (%s)"
+msgstr ""
+
+#: plugins/sudoers/visudo.c:897
+#, c-format
+msgid "no editor found (editor path = %s)"
+msgstr ""
+
+#: plugins/sudoers/visudo.c:986
+#, c-format
+msgid "Error: cycle in %s_Alias `%s'"
+msgstr ""
+
+#: plugins/sudoers/visudo.c:987
+#, c-format
+msgid "Warning: cycle in %s_Alias `%s'"
+msgstr ""
+
+#: plugins/sudoers/visudo.c:990
+#, c-format
+msgid "Error: %s_Alias `%s' referenced but not defined"
+msgstr ""
+
+#: plugins/sudoers/visudo.c:991
+#, c-format
+msgid "Warning: %s_Alias `%s' referenced but not defined"
+msgstr ""
+
+#: plugins/sudoers/visudo.c:1128
+#, c-format
+msgid "%s: unused %s_Alias %s"
+msgstr ""
+
+#: plugins/sudoers/visudo.c:1185
+#, c-format
+msgid ""
+"%s - safely edit the sudoers file\n"
+"\n"
+msgstr ""
+
+#: plugins/sudoers/visudo.c:1187
+msgid ""
+"\n"
+"Options:\n"
+"  -c          check-only mode\n"
+"  -f sudoers  specify sudoers file location\n"
+"  -h          display help message and exit\n"
+"  -q          less verbose (quiet) syntax error messages\n"
+"  -s          strict syntax checking\n"
+"  -V          display version information and exit"
+msgstr ""
+
+#: plugins/sudoers/auth/bsdauth.c:64
+msgid "unable to begin bsd authentication"
+msgstr ""
+
+#: plugins/sudoers/auth/bsdauth.c:71
+msgid "invalid authentication type"
+msgstr ""
+
+#: plugins/sudoers/auth/bsdauth.c:79
+msgid "unable to setup authentication"
+msgstr ""
+
+#: plugins/sudoers/auth/fwtk.c:59
+#, c-format
+msgid "unable to read fwtk config"
+msgstr ""
+
+#: plugins/sudoers/auth/fwtk.c:64
+#, c-format
+msgid "unable to connect to authentication server"
+msgstr ""
+
+#: plugins/sudoers/auth/fwtk.c:70 plugins/sudoers/auth/fwtk.c:93
+#: plugins/sudoers/auth/fwtk.c:126
+#, c-format
+msgid "lost connection to authentication server"
+msgstr ""
+
+#: plugins/sudoers/auth/fwtk.c:74
+#, c-format
+msgid ""
+"authentication server error:\n"
+"%s"
+msgstr ""
+
+#: plugins/sudoers/auth/kerb5.c:114
+#, c-format
+msgid "%s: unable to parse '%s': %s"
+msgstr ""
+
+#: plugins/sudoers/auth/kerb5.c:127
+#, c-format
+msgid "%s: unable to unparse princ ('%s'): %s"
+msgstr ""
+
+#: plugins/sudoers/auth/kerb5.c:144
+#, c-format
+msgid "%s: unable to resolve ccache: %s"
+msgstr ""
+
+#: plugins/sudoers/auth/kerb5.c:188
+#, c-format
+msgid "%s: unable to allocate options: %s"
+msgstr ""
+
+#: plugins/sudoers/auth/kerb5.c:204
+#, c-format
+msgid "%s: unable to get credentials: %s"
+msgstr ""
+
+#: plugins/sudoers/auth/kerb5.c:217
+#, c-format
+msgid "%s: unable to initialize ccache: %s"
+msgstr ""
+
+#: plugins/sudoers/auth/kerb5.c:221
+#, c-format
+msgid "%s: unable to store cred in ccache: %s"
+msgstr ""
+
+#: plugins/sudoers/auth/kerb5.c:284
+#, c-format
+msgid "%s: unable to get host principal: %s"
+msgstr ""
+
+#: plugins/sudoers/auth/kerb5.c:299
+#, c-format
+msgid "%s: Cannot verify TGT! Possible attack!: %s"
+msgstr ""
+
+#: plugins/sudoers/auth/pam.c:99
+msgid "unable to initialize PAM"
+msgstr "ezin da PAM hasieratu"
+
+#: plugins/sudoers/auth/pam.c:142
+msgid "account validation failure, is your account locked?"
+msgstr ""
+
+#: plugins/sudoers/auth/pam.c:146
+msgid "Account or password is expired, reset your password and try again"
+msgstr ""
+
+#: plugins/sudoers/auth/pam.c:153
+#, c-format
+msgid "pam_chauthtok: %s"
+msgstr "pam_chauthtok: %s"
+
+#: plugins/sudoers/auth/pam.c:157
+msgid "Password expired, contact your system administrator"
+msgstr ""
+
+#: plugins/sudoers/auth/pam.c:161
+msgid "Account expired or PAM config lacks an \"account\" section for sudo, contact your system administrator"
+msgstr ""
+
+#: plugins/sudoers/auth/pam.c:176
+#, c-format
+msgid "pam_authenticate: %s"
+msgstr "pam_authenticate: %s"
+
+#: plugins/sudoers/auth/pam.c:296
+msgid "Password: "
+msgstr "Pasahitza: "
+
+#: plugins/sudoers/auth/pam.c:297
+msgid "Password:"
+msgstr "Pasahitza:"
+
+#: plugins/sudoers/auth/securid.c:82 plugins/sudoers/auth/securid5.c:106
+#, c-format
+msgid "unable to contact the SecurID server"
+msgstr ""
+
+#: plugins/sudoers/auth/securid5.c:81
+#, c-format
+msgid "failed to initialise the ACE API library"
+msgstr ""
+
+#: plugins/sudoers/auth/securid5.c:115
+#, c-format
+msgid "User ID locked for SecurID Authentication"
+msgstr ""
+
+#: plugins/sudoers/auth/securid5.c:119 plugins/sudoers/auth/securid5.c:169
+#, c-format
+msgid "invalid username length for SecurID"
+msgstr ""
+
+#: plugins/sudoers/auth/securid5.c:123 plugins/sudoers/auth/securid5.c:174
+#, c-format
+msgid "invalid Authentication Handle for SecurID"
+msgstr ""
+
+#: plugins/sudoers/auth/securid5.c:127
+#, c-format
+msgid "SecurID communication failed"
+msgstr ""
+
+#: plugins/sudoers/auth/securid5.c:131 plugins/sudoers/auth/securid5.c:213
+#, c-format
+msgid "unknown SecurID error"
+msgstr ""
+
+#: plugins/sudoers/auth/securid5.c:164
+#, c-format
+msgid "invalid passcode length for SecurID"
+msgstr ""
+
+#: plugins/sudoers/auth/sia.c:106
+msgid "unable to initialize SIA session"
+msgstr ""
+
+#: plugins/sudoers/auth/sudo_auth.c:124
+msgid "There are no authentication methods compiled into sudo!  If you want to turn off authentication, use the --disable-authentication configure option."
+msgstr ""
+
+#: plugins/sudoers/auth/sudo_auth.c:134
+msgid "Invalid authentication methods compiled into sudo!  You may mix standalone and non-standalone authentication."
+msgstr ""
+
+#: plugins/sudoers/auth/sudo_auth.c:243
+#, c-format
+msgid "%d incorrect password attempt"
+msgid_plural "%d incorrect password attempts"
+msgstr[0] "pasahitz sartze saiakera oker %d"
+msgstr[1] "%d pasahitz sartze saiakera oker"
+
+#: plugins/sudoers/auth/sudo_auth.c:335
+msgid "Authentication methods:"
+msgstr "Autentikazio metodoak:"
diff --git a/plugins/sudoers/po/fi.mo b/plugins/sudoers/po/fi.mo
new file mode 100644
index 0000000..1811849
--- /dev/null
+++ b/plugins/sudoers/po/fi.mo
diff --git a/plugins/sudoers/po/fi.po b/plugins/sudoers/po/fi.po
new file mode 100644
index 0000000..3797f6c
--- /dev/null
+++ b/plugins/sudoers/po/fi.po
@@ -0,0 +1,2361 @@
+# Finnish messages for sudoers.
+# This file is put in the public domain.
+# This file is distributed under the same license as the sudo package.
+# Jorma Karvonen <karvonen.jorma@gmail.com>, 2011-2017.
+#
+msgid ""
+msgstr ""
+"Project-Id-Version: sudoers 1.8.21b2\n"
+"Report-Msgid-Bugs-To: https://bugzilla.sudo.ws\n"
+"POT-Creation-Date: 2017-08-03 10:04-0600\n"
+"PO-Revision-Date: 2017-08-20 16:23+0300\n"
+"Last-Translator: Jorma Karvonen <karvonen.jorma@gmail.com>\n"
+"Language-Team: Finnish <translation-team-fi@lists.sourceforge.net>\n"
+"Language: fi\n"
+"MIME-Version: 1.0\n"
+"Content-Type: text/plain; charset=UTF-8\n"
+"Content-Transfer-Encoding: 8bit\n"
+"X-Bugs: Report translation errors to the Language-Team address.\n"
+"Plural-Forms: nplurals=2; plural=n != 1;\n"
+
+#: confstr.sh:1
+msgid "syntax error"
+msgstr "syntaksivirhe"
+
+#: confstr.sh:2
+msgid "%p's password: "
+msgstr "%p:n salasana: "
+
+#: confstr.sh:3
+msgid "[sudo] password for %p: "
+msgstr "[sudo] salasana henkilölle %p: "
+
+#: confstr.sh:4
+msgid "Password: "
+msgstr "Salasana: "
+
+#: confstr.sh:5
+msgid "*** SECURITY information for %h ***"
+msgstr "*** TURVALLISUUS-tietoja kohteelle %h ***"
+
+#: confstr.sh:6
+msgid "Sorry, try again."
+msgstr "Yritä uudelleen."
+
+#: gram.y:192 gram.y:240 gram.y:247 gram.y:254 gram.y:261 gram.y:268
+#: gram.y:284 gram.y:307 gram.y:314 gram.y:321 gram.y:328 gram.y:335
+#: gram.y:398 gram.y:406 gram.y:416 gram.y:449 gram.y:456 gram.y:463
+#: gram.y:470 gram.y:552 gram.y:559 gram.y:568 gram.y:577 gram.y:594
+#: gram.y:706 gram.y:713 gram.y:720 gram.y:728 gram.y:824 gram.y:831
+#: gram.y:838 gram.y:845 gram.y:852 gram.y:878 gram.y:885 gram.y:892
+#: gram.y:1015 gram.y:1195 gram.y:1202 plugins/sudoers/alias.c:124
+#: plugins/sudoers/alias.c:139 plugins/sudoers/auth/bsdauth.c:141
+#: plugins/sudoers/auth/kerb5.c:119 plugins/sudoers/auth/kerb5.c:145
+#: plugins/sudoers/auth/pam.c:486 plugins/sudoers/auth/rfc1938.c:109
+#: plugins/sudoers/auth/sia.c:59 plugins/sudoers/defaults.c:647
+#: plugins/sudoers/defaults.c:902 plugins/sudoers/defaults.c:1073
+#: plugins/sudoers/editor.c:64 plugins/sudoers/editor.c:82
+#: plugins/sudoers/editor.c:93 plugins/sudoers/env.c:233
+#: plugins/sudoers/filedigest.c:120 plugins/sudoers/filedigest_gcrypt.c:90
+#: plugins/sudoers/filedigest_openssl.c:111 plugins/sudoers/gc.c:52
+#: plugins/sudoers/group_plugin.c:134 plugins/sudoers/interfaces.c:71
+#: plugins/sudoers/iolog.c:941 plugins/sudoers/iolog_path.c:167
+#: plugins/sudoers/ldap.c:449 plugins/sudoers/ldap.c:480
+#: plugins/sudoers/ldap.c:532 plugins/sudoers/ldap.c:565
+#: plugins/sudoers/ldap.c:963 plugins/sudoers/ldap.c:1157
+#: plugins/sudoers/ldap.c:1168 plugins/sudoers/ldap.c:1184
+#: plugins/sudoers/ldap.c:1476 plugins/sudoers/ldap.c:1636
+#: plugins/sudoers/ldap.c:1718 plugins/sudoers/ldap.c:1858
+#: plugins/sudoers/ldap.c:1882 plugins/sudoers/ldap.c:1971
+#: plugins/sudoers/ldap.c:1986 plugins/sudoers/ldap.c:2082
+#: plugins/sudoers/ldap.c:2115 plugins/sudoers/ldap.c:2196
+#: plugins/sudoers/ldap.c:2278 plugins/sudoers/ldap.c:2375
+#: plugins/sudoers/ldap.c:3209 plugins/sudoers/ldap.c:3241
+#: plugins/sudoers/ldap.c:3550 plugins/sudoers/ldap.c:3578
+#: plugins/sudoers/ldap.c:3594 plugins/sudoers/ldap.c:3684
+#: plugins/sudoers/ldap.c:3700 plugins/sudoers/linux_audit.c:76
+#: plugins/sudoers/logging.c:189 plugins/sudoers/logging.c:451
+#: plugins/sudoers/logging.c:472 plugins/sudoers/logging.c:684
+#: plugins/sudoers/logging.c:942 plugins/sudoers/match.c:617
+#: plugins/sudoers/match.c:664 plugins/sudoers/match.c:714
+#: plugins/sudoers/match.c:738 plugins/sudoers/match.c:826
+#: plugins/sudoers/match.c:915 plugins/sudoers/parse.c:248
+#: plugins/sudoers/parse.c:260 plugins/sudoers/parse.c:275
+#: plugins/sudoers/parse.c:287 plugins/sudoers/policy.c:419
+#: plugins/sudoers/policy.c:653 plugins/sudoers/prompt.c:93
+#: plugins/sudoers/pwutil.c:139 plugins/sudoers/pwutil.c:210
+#: plugins/sudoers/pwutil.c:286 plugins/sudoers/pwutil.c:457
+#: plugins/sudoers/pwutil.c:522 plugins/sudoers/pwutil.c:591
+#: plugins/sudoers/pwutil.c:749 plugins/sudoers/pwutil.c:806
+#: plugins/sudoers/pwutil.c:851 plugins/sudoers/pwutil.c:908
+#: plugins/sudoers/sssd.c:162 plugins/sudoers/sssd.c:194
+#: plugins/sudoers/sssd.c:237 plugins/sudoers/sssd.c:244
+#: plugins/sudoers/sssd.c:280 plugins/sudoers/sssd.c:390
+#: plugins/sudoers/sssd.c:459 plugins/sudoers/sssd.c:1057
+#: plugins/sudoers/sssd.c:1236 plugins/sudoers/sssd.c:1250
+#: plugins/sudoers/sssd.c:1266 plugins/sudoers/sudoers.c:263
+#: plugins/sudoers/sudoers.c:273 plugins/sudoers/sudoers.c:281
+#: plugins/sudoers/sudoers.c:365 plugins/sudoers/sudoers.c:681
+#: plugins/sudoers/sudoers.c:806 plugins/sudoers/sudoers.c:850
+#: plugins/sudoers/sudoers.c:1122 plugins/sudoers/sudoers_debug.c:107
+#: plugins/sudoers/sudoreplay.c:1234 plugins/sudoers/sudoreplay.c:1346
+#: plugins/sudoers/sudoreplay.c:1386 plugins/sudoers/sudoreplay.c:1395
+#: plugins/sudoers/sudoreplay.c:1405 plugins/sudoers/sudoreplay.c:1413
+#: plugins/sudoers/sudoreplay.c:1417 plugins/sudoers/sudoreplay.c:1573
+#: plugins/sudoers/sudoreplay.c:1577 plugins/sudoers/testsudoers.c:131
+#: plugins/sudoers/testsudoers.c:217 plugins/sudoers/testsudoers.c:234
+#: plugins/sudoers/timestamp.c:389 plugins/sudoers/timestamp.c:433
+#: plugins/sudoers/timestamp.c:852 plugins/sudoers/toke_util.c:56
+#: plugins/sudoers/toke_util.c:109 plugins/sudoers/toke_util.c:146
+#: plugins/sudoers/visudo.c:153 plugins/sudoers/visudo.c:309
+#: plugins/sudoers/visudo.c:315 plugins/sudoers/visudo.c:446
+#: plugins/sudoers/visudo.c:624 plugins/sudoers/visudo.c:985
+#: plugins/sudoers/visudo.c:1051 plugins/sudoers/visudo.c:1095
+#: plugins/sudoers/visudo.c:1197 plugins/sudoers/visudo_json.c:1025 toke.l:849
+#: toke.l:949 toke.l:1106
+msgid "unable to allocate memory"
+msgstr "muistin varaaminen epäonnistui"
+
+#: gram.y:481
+msgid "a digest requires a path name"
+msgstr "tiiviste vaatii polkunimen"
+
+#: gram.y:607
+msgid "invalid notbefore value"
+msgstr "virheellinen notbefore-arvo"
+
+#: gram.y:615
+msgid "invalid notafter value"
+msgstr "virheellinen notafter-arvo"
+
+#: gram.y:624 plugins/sudoers/policy.c:266
+msgid "timeout value too large"
+msgstr "aikavalvonta-arvo on liian iso"
+
+#: gram.y:626 plugins/sudoers/policy.c:268
+msgid "invalid timeout value"
+msgstr "virheellinen aikavalvonta-arvo"
+
+#: gram.y:1195 gram.y:1202 plugins/sudoers/auth/pam.c:320
+#: plugins/sudoers/auth/pam.c:486 plugins/sudoers/auth/rfc1938.c:109
+#: plugins/sudoers/defaults.c:647 plugins/sudoers/defaults.c:902
+#: plugins/sudoers/defaults.c:1073 plugins/sudoers/editor.c:64
+#: plugins/sudoers/editor.c:82 plugins/sudoers/editor.c:93
+#: plugins/sudoers/env.c:233 plugins/sudoers/filedigest.c:120
+#: plugins/sudoers/filedigest_gcrypt.c:72
+#: plugins/sudoers/filedigest_gcrypt.c:90
+#: plugins/sudoers/filedigest_openssl.c:111 plugins/sudoers/gc.c:52
+#: plugins/sudoers/group_plugin.c:134 plugins/sudoers/interfaces.c:71
+#: plugins/sudoers/iolog.c:941 plugins/sudoers/iolog_path.c:167
+#: plugins/sudoers/ldap.c:449 plugins/sudoers/ldap.c:480
+#: plugins/sudoers/ldap.c:532 plugins/sudoers/ldap.c:565
+#: plugins/sudoers/ldap.c:963 plugins/sudoers/ldap.c:1157
+#: plugins/sudoers/ldap.c:1168 plugins/sudoers/ldap.c:1184
+#: plugins/sudoers/ldap.c:1476 plugins/sudoers/ldap.c:1636
+#: plugins/sudoers/ldap.c:1718 plugins/sudoers/ldap.c:1858
+#: plugins/sudoers/ldap.c:1882 plugins/sudoers/ldap.c:1971
+#: plugins/sudoers/ldap.c:1986 plugins/sudoers/ldap.c:2082
+#: plugins/sudoers/ldap.c:2115 plugins/sudoers/ldap.c:2195
+#: plugins/sudoers/ldap.c:2278 plugins/sudoers/ldap.c:2375
+#: plugins/sudoers/ldap.c:3209 plugins/sudoers/ldap.c:3241
+#: plugins/sudoers/ldap.c:3550 plugins/sudoers/ldap.c:3577
+#: plugins/sudoers/ldap.c:3593 plugins/sudoers/ldap.c:3684
+#: plugins/sudoers/ldap.c:3700 plugins/sudoers/linux_audit.c:76
+#: plugins/sudoers/logging.c:189 plugins/sudoers/logging.c:451
+#: plugins/sudoers/logging.c:472 plugins/sudoers/logging.c:942
+#: plugins/sudoers/match.c:616 plugins/sudoers/match.c:663
+#: plugins/sudoers/match.c:714 plugins/sudoers/match.c:738
+#: plugins/sudoers/match.c:826 plugins/sudoers/match.c:914
+#: plugins/sudoers/parse.c:248 plugins/sudoers/parse.c:260
+#: plugins/sudoers/parse.c:275 plugins/sudoers/parse.c:287
+#: plugins/sudoers/policy.c:99 plugins/sudoers/policy.c:108
+#: plugins/sudoers/policy.c:117 plugins/sudoers/policy.c:141
+#: plugins/sudoers/policy.c:252 plugins/sudoers/policy.c:266
+#: plugins/sudoers/policy.c:268 plugins/sudoers/policy.c:292
+#: plugins/sudoers/policy.c:301 plugins/sudoers/policy.c:340
+#: plugins/sudoers/policy.c:350 plugins/sudoers/policy.c:359
+#: plugins/sudoers/policy.c:368 plugins/sudoers/policy.c:419
+#: plugins/sudoers/policy.c:653 plugins/sudoers/prompt.c:93
+#: plugins/sudoers/pwutil.c:139 plugins/sudoers/pwutil.c:210
+#: plugins/sudoers/pwutil.c:286 plugins/sudoers/pwutil.c:457
+#: plugins/sudoers/pwutil.c:522 plugins/sudoers/pwutil.c:591
+#: plugins/sudoers/pwutil.c:749 plugins/sudoers/pwutil.c:806
+#: plugins/sudoers/pwutil.c:851 plugins/sudoers/pwutil.c:908
+#: plugins/sudoers/set_perms.c:387 plugins/sudoers/set_perms.c:766
+#: plugins/sudoers/set_perms.c:1150 plugins/sudoers/set_perms.c:1476
+#: plugins/sudoers/set_perms.c:1641 plugins/sudoers/sssd.c:162
+#: plugins/sudoers/sssd.c:194 plugins/sudoers/sssd.c:237
+#: plugins/sudoers/sssd.c:244 plugins/sudoers/sssd.c:280
+#: plugins/sudoers/sssd.c:390 plugins/sudoers/sssd.c:459
+#: plugins/sudoers/sssd.c:1057 plugins/sudoers/sssd.c:1235
+#: plugins/sudoers/sssd.c:1250 plugins/sudoers/sssd.c:1266
+#: plugins/sudoers/sudoers.c:263 plugins/sudoers/sudoers.c:273
+#: plugins/sudoers/sudoers.c:281 plugins/sudoers/sudoers.c:365
+#: plugins/sudoers/sudoers.c:681 plugins/sudoers/sudoers.c:806
+#: plugins/sudoers/sudoers.c:850 plugins/sudoers/sudoers.c:1122
+#: plugins/sudoers/sudoers_debug.c:106 plugins/sudoers/sudoreplay.c:1234
+#: plugins/sudoers/sudoreplay.c:1346 plugins/sudoers/sudoreplay.c:1386
+#: plugins/sudoers/sudoreplay.c:1395 plugins/sudoers/sudoreplay.c:1405
+#: plugins/sudoers/sudoreplay.c:1413 plugins/sudoers/sudoreplay.c:1417
+#: plugins/sudoers/sudoreplay.c:1573 plugins/sudoers/sudoreplay.c:1577
+#: plugins/sudoers/testsudoers.c:131 plugins/sudoers/testsudoers.c:217
+#: plugins/sudoers/testsudoers.c:234 plugins/sudoers/timestamp.c:389
+#: plugins/sudoers/timestamp.c:433 plugins/sudoers/timestamp.c:852
+#: plugins/sudoers/toke_util.c:56 plugins/sudoers/toke_util.c:109
+#: plugins/sudoers/toke_util.c:146 plugins/sudoers/visudo.c:153
+#: plugins/sudoers/visudo.c:309 plugins/sudoers/visudo.c:315
+#: plugins/sudoers/visudo.c:446 plugins/sudoers/visudo.c:624
+#: plugins/sudoers/visudo.c:985 plugins/sudoers/visudo.c:1051
+#: plugins/sudoers/visudo.c:1095 plugins/sudoers/visudo.c:1197
+#: plugins/sudoers/visudo_json.c:1025 toke.l:849 toke.l:949 toke.l:1106
+#, c-format
+msgid "%s: %s"
+msgstr "%s: %s"
+
+#: plugins/sudoers/alias.c:135
+#, c-format
+msgid "Alias \"%s\" already defined"
+msgstr "Alias \"%s\" on jo määritelty"
+
+#: plugins/sudoers/auth/bsdauth.c:68
+#, c-format
+msgid "unable to get login class for user %s"
+msgstr "kirjautumisluokan saaminen käyttäjälle %s epäonnistui"
+
+#: plugins/sudoers/auth/bsdauth.c:73
+msgid "unable to begin bsd authentication"
+msgstr "bsd-todentamisen aloittaminen epäonnistui"
+
+#: plugins/sudoers/auth/bsdauth.c:81
+msgid "invalid authentication type"
+msgstr "virheellinen todennustyyppi"
+
+#: plugins/sudoers/auth/bsdauth.c:90
+msgid "unable to initialize BSD authentication"
+msgstr "BSD-todentamisen alustaminen epäonnistui"
+
+#: plugins/sudoers/auth/fwtk.c:52
+msgid "unable to read fwtk config"
+msgstr "fwtk config -asetuksen lukeminen epäonnistui"
+
+#: plugins/sudoers/auth/fwtk.c:57
+msgid "unable to connect to authentication server"
+msgstr "todentamispalvelimelle yhdistäminen epäonnistui"
+
+#: plugins/sudoers/auth/fwtk.c:63 plugins/sudoers/auth/fwtk.c:87
+#: plugins/sudoers/auth/fwtk.c:121
+msgid "lost connection to authentication server"
+msgstr "kadotettiin yhteys todentamispalvelimelle"
+
+#: plugins/sudoers/auth/fwtk.c:67
+#, c-format
+msgid ""
+"authentication server error:\n"
+"%s"
+msgstr ""
+"todentamispalvelinvirhe:\n"
+"%s"
+
+#: plugins/sudoers/auth/kerb5.c:111
+#, c-format
+msgid "%s: unable to convert principal to string ('%s'): %s"
+msgstr "%s: valtuutetun (’%s’) muuntaminen merkkijonoksi epäonnistui: %s"
+
+#  Ensimmäinen parametri on auth name
+#: plugins/sudoers/auth/kerb5.c:161
+#, c-format
+msgid "%s: unable to parse '%s': %s"
+msgstr "%s: todentamisnimen ’%s’ jäsentäminen epäonnistui: %s"
+
+#: plugins/sudoers/auth/kerb5.c:170
+#, c-format
+msgid "%s: unable to resolve credential cache: %s"
+msgstr "%s: valtuustietovälimuistin ratkaiseminen epäonnistui: %s"
+
+#: plugins/sudoers/auth/kerb5.c:217
+#, c-format
+msgid "%s: unable to allocate options: %s"
+msgstr "%s: muistin varaaminen valitsimille epäonnistui: %s"
+
+#: plugins/sudoers/auth/kerb5.c:232
+#, c-format
+msgid "%s: unable to get credentials: %s"
+msgstr "%s: valtuustietojen hakeminen epäonnistui: %s"
+
+#: plugins/sudoers/auth/kerb5.c:245
+#, c-format
+msgid "%s: unable to initialize credential cache: %s"
+msgstr "%s: valtuustietovälimuistin alustaminen epäonnistui: %s"
+
+#: plugins/sudoers/auth/kerb5.c:248
+#, c-format
+msgid "%s: unable to store credential in cache: %s"
+msgstr "%s: valtuustietojen tallentaminen valtuustietovälimuistiin epäonnistui: %s"
+
+#: plugins/sudoers/auth/kerb5.c:312
+#, c-format
+msgid "%s: unable to get host principal: %s"
+msgstr "%s: tietokoneen valtuutetun hakeminen epäonnistui: %s"
+
+#: plugins/sudoers/auth/kerb5.c:326
+#, c-format
+msgid "%s: Cannot verify TGT! Possible attack!: %s"
+msgstr "%s: TGT-lipun todentaminen epäonnistui! Mahdollinen hyökkäys!: %s"
+
+#: plugins/sudoers/auth/pam.c:108
+msgid "unable to initialize PAM"
+msgstr "PAM:in alustaminen epäonnistui"
+
+#: plugins/sudoers/auth/pam.c:194
+msgid "account validation failure, is your account locked?"
+msgstr "tilikelpuutushäiriö, onko tilisi lukittu?"
+
+#: plugins/sudoers/auth/pam.c:198
+msgid "Account or password is expired, reset your password and try again"
+msgstr "Tili tai salasana on vanhentunut, nollaa salasanasi tai yritä uudelleen"
+
+#: plugins/sudoers/auth/pam.c:206
+#, c-format
+msgid "unable to change expired password: %s"
+msgstr "vanhentuneen salasanan vaihtaminen epäonnistui: %s"
+
+#: plugins/sudoers/auth/pam.c:211
+msgid "Password expired, contact your system administrator"
+msgstr "Salasana vanhentunut, ota yhteyttä järjestelmän ylläpitäjään"
+
+#: plugins/sudoers/auth/pam.c:215
+msgid "Account expired or PAM config lacks an \"account\" section for sudo, contact your system administrator"
+msgstr "Tili vanhentunut tai PAM-asetuksista puuttuu ”account”-lohko sudo-komennolle, ota yhteyttä järjestelmän ylläpitäjään"
+
+#: plugins/sudoers/auth/pam.c:229
+#, c-format
+msgid "PAM authentication error: %s"
+msgstr "PAM-todentamisvirhe: %s"
+
+#: plugins/sudoers/auth/rfc1938.c:97 plugins/sudoers/visudo.c:227
+#, c-format
+msgid "you do not exist in the %s database"
+msgstr "ei ole olemassa %s-tietokannassa"
+
+#: plugins/sudoers/auth/securid5.c:73
+msgid "failed to initialise the ACE API library"
+msgstr "ACE API -kirjaston alustaminen epäonnistui"
+
+#: plugins/sudoers/auth/securid5.c:99
+msgid "unable to contact the SecurID server"
+msgstr "yhteyden ottaminen SecurID-palvelimeen epäonnistui"
+
+#: plugins/sudoers/auth/securid5.c:108
+msgid "User ID locked for SecurID Authentication"
+msgstr "Käyttäjätunniste lukittu SecurID-todennukselle"
+
+#: plugins/sudoers/auth/securid5.c:112 plugins/sudoers/auth/securid5.c:163
+msgid "invalid username length for SecurID"
+msgstr "virheellinen käyttäjänimipituus kohteelle SecurID"
+
+#: plugins/sudoers/auth/securid5.c:116 plugins/sudoers/auth/securid5.c:168
+msgid "invalid Authentication Handle for SecurID"
+msgstr "virheellinen todentamiskäsittelijä kohteelle SecurID"
+
+#: plugins/sudoers/auth/securid5.c:120
+msgid "SecurID communication failed"
+msgstr "SecurID-viestintä epäonnistui"
+
+#: plugins/sudoers/auth/securid5.c:124 plugins/sudoers/auth/securid5.c:213
+msgid "unknown SecurID error"
+msgstr "tuntematon SecurID-virhe"
+
+#: plugins/sudoers/auth/securid5.c:158
+msgid "invalid passcode length for SecurID"
+msgstr "virheellinen salasanakoodipituus kohteelle SecurID"
+
+#: plugins/sudoers/auth/sia.c:69 plugins/sudoers/auth/sia.c:125
+msgid "unable to initialize SIA session"
+msgstr "SIA-istunnon alustaminen epäonnistui"
+
+#: plugins/sudoers/auth/sudo_auth.c:126
+msgid "invalid authentication methods"
+msgstr "virheelliset todennusmetodit"
+
+#: plugins/sudoers/auth/sudo_auth.c:128
+msgid "Invalid authentication methods compiled into sudo!  You may not mix standalone and non-standalone authentication."
+msgstr "Virheellisiä todennusmenetelmiä käännetty sudo-ohjelmaan! Yksittäisiä ja ei-yksittäisiä todennuksia ei voi sekoittaa keskenään."
+
+#: plugins/sudoers/auth/sudo_auth.c:224 plugins/sudoers/auth/sudo_auth.c:274
+msgid "no authentication methods"
+msgstr "ei todennusmenetelmiä:"
+
+#: plugins/sudoers/auth/sudo_auth.c:226
+msgid "There are no authentication methods compiled into sudo!  If you want to turn off authentication, use the --disable-authentication configure option."
+msgstr "Sudo-ohjelmaan ei ole käännetty todentamismenelmiä! Jos haluat kääntää pois todentamisen, käytä asetusvalitsinta --disable-authentication."
+
+#: plugins/sudoers/auth/sudo_auth.c:276
+msgid "Unable to initialize authentication methods."
+msgstr "Todentamismenetelmien alustaminen epäonnistui."
+
+#: plugins/sudoers/auth/sudo_auth.c:441
+msgid "Authentication methods:"
+msgstr "Todennusmenetelmät:"
+
+#: plugins/sudoers/bsm_audit.c:120 plugins/sudoers/bsm_audit.c:211
+msgid "Could not determine audit condition"
+msgstr "Audit-ehdon määrittely epäonnistui"
+
+#: plugins/sudoers/bsm_audit.c:183 plugins/sudoers/bsm_audit.c:273
+msgid "unable to commit audit record"
+msgstr "commit-toiminnon suorittaminen audit-tietueelle epäonnistui"
+
+#: plugins/sudoers/check.c:252
+msgid ""
+"\n"
+"We trust you have received the usual lecture from the local System\n"
+"Administrator. It usually boils down to these three things:\n"
+"\n"
+"    #1) Respect the privacy of others.\n"
+"    #2) Think before you type.\n"
+"    #3) With great power comes great responsibility.\n"
+"\n"
+msgstr ""
+"\n"
+"Luotamme, että olet saanut tavanomaisen saarnan paikalliselta järjestelmän\n"
+"ylläpitäjältä. Yleensä se tiivistyy kolmeen asiaan:\n"
+"\n"
+"    #1) Kunnioita muiden yksityisyyttä.\n"
+"    #2) Ajattele ennen kuin kirjoitat.\n"
+"    #3) Suuren voiman mukana tulee suuri vastuu.\n"
+"\n"
+
+#: plugins/sudoers/check.c:295 plugins/sudoers/check.c:305
+#: plugins/sudoers/sudoers.c:724 plugins/sudoers/sudoers.c:769
+#, c-format
+msgid "unknown uid: %u"
+msgstr "tuntematon uid-käyttäjätunniste: %u"
+
+#: plugins/sudoers/check.c:300 plugins/sudoers/iolog.c:260
+#: plugins/sudoers/policy.c:826 plugins/sudoers/sudoers.c:1161
+#: plugins/sudoers/testsudoers.c:208 plugins/sudoers/testsudoers.c:366
+#, c-format
+msgid "unknown user: %s"
+msgstr "tuntematon käyttäjä: %s"
+
+#: plugins/sudoers/def_data.c:41
+#, c-format
+msgid "Syslog facility if syslog is being used for logging: %s"
+msgstr "Syslog-apuneuvo, jos syslog-lokia käytetään kirjautumista varten: %s"
+
+#: plugins/sudoers/def_data.c:45
+#, c-format
+msgid "Syslog priority to use when user authenticates successfully: %s"
+msgstr "Käytettävä syslog-prioriteetti, kun käyttäjä todennetaan onnistuneesti: %s"
+
+#: plugins/sudoers/def_data.c:49
+#, c-format
+msgid "Syslog priority to use when user authenticates unsuccessfully: %s"
+msgstr "Käytettävä syslog-prioriteetti, kun käyttäjän todennus epäonnistui: %s"
+
+#: plugins/sudoers/def_data.c:53
+msgid "Put OTP prompt on its own line"
+msgstr "Laita OPT-kehote omalle rivilleen"
+
+#: plugins/sudoers/def_data.c:57
+msgid "Ignore '.' in $PATH"
+msgstr "Ohita ’.’ $PATH-asetuksessa"
+
+#: plugins/sudoers/def_data.c:61
+msgid "Always send mail when sudo is run"
+msgstr "Lähetä aina sähkopostia, kun sudo suoritetaan"
+
+#: plugins/sudoers/def_data.c:65
+msgid "Send mail if user authentication fails"
+msgstr "Lähetä sähköpostia, jos käyttäjän todennus epäonnistuu"
+
+#: plugins/sudoers/def_data.c:69
+msgid "Send mail if the user is not in sudoers"
+msgstr "Lähetä sähköpostia, jos käyttäjä ei ole sudoers-määrittelyssä"
+
+#: plugins/sudoers/def_data.c:73
+msgid "Send mail if the user is not in sudoers for this host"
+msgstr "Lähetä sähköpostia, jos käyttäjä ei ole tällä tietokoneella sudoers-määrittelyssä"
+
+#: plugins/sudoers/def_data.c:77
+msgid "Send mail if the user is not allowed to run a command"
+msgstr "Lähetä sähköpostia, jos käyttäjän ei sallita suorittaa komentoa"
+
+#: plugins/sudoers/def_data.c:81
+msgid "Send mail if the user tries to run a command"
+msgstr "Lähetä sähköpostia, jos käyttäjä yrittää suorittaa komennon"
+
+#: plugins/sudoers/def_data.c:85
+msgid "Use a separate timestamp for each user/tty combo"
+msgstr "Käytä erillistä aikaleimaa jokaiselle käyttäjä/tty -yhdistelmälle"
+
+#: plugins/sudoers/def_data.c:89
+msgid "Lecture user the first time they run sudo"
+msgstr "Saarnaa ensimmäistä kertaa sudo-ohjelmaa käyttävälle"
+
+#: plugins/sudoers/def_data.c:93
+#, c-format
+msgid "File containing the sudo lecture: %s"
+msgstr "Tiedosto, joka sisältää sudo-saarnan: %s"
+
+#: plugins/sudoers/def_data.c:97
+msgid "Require users to authenticate by default"
+msgstr "Vaadi käyttäjien todennus oletuksena"
+
+#: plugins/sudoers/def_data.c:101
+msgid "Root may run sudo"
+msgstr "Root voi suorittaa sudo-ohjelman"
+
+#: plugins/sudoers/def_data.c:105
+msgid "Log the hostname in the (non-syslog) log file"
+msgstr "Kirjaa tietokonenimi (ei-syslog)lokitiedostoon"
+
+#: plugins/sudoers/def_data.c:109
+msgid "Log the year in the (non-syslog) log file"
+msgstr "Kirjaa vuosi (ei-syslog)lokitiedostoon"
+
+#: plugins/sudoers/def_data.c:113
+msgid "If sudo is invoked with no arguments, start a shell"
+msgstr "Jos sudo-ohjelmaa kutsutaan ilman argumentteja, käynnistä käyttöjärjestelmäkuori"
+
+#: plugins/sudoers/def_data.c:117
+msgid "Set $HOME to the target user when starting a shell with -s"
+msgstr "Aseta $HOME-muuttujaksi kohdekäyttäjä kun käyttöjärjestelmäkuori käynnistetään valitsimella -s"
+
+#: plugins/sudoers/def_data.c:121
+msgid "Always set $HOME to the target user's home directory"
+msgstr "Aseta $HOME-muuttujaksi aina kohdekäyttäjän kotihakemisto"
+
+#: plugins/sudoers/def_data.c:125
+msgid "Allow some information gathering to give useful error messages"
+msgstr "Salli jotain tietojenkeräystä hyödyllisten virheilmoitusten tarjoamiseksi"
+
+#: plugins/sudoers/def_data.c:129
+msgid "Require fully-qualified hostnames in the sudoers file"
+msgstr "Vaadi täysin rakennettu tietokonenimi suoders-tiedostossa"
+
+#: plugins/sudoers/def_data.c:133
+msgid "Insult the user when they enter an incorrect password"
+msgstr "Solvaa käyttäjiä, kun he kirjoittavat väärän salasanan"
+
+#: plugins/sudoers/def_data.c:137
+msgid "Only allow the user to run sudo if they have a tty"
+msgstr "Salli käyttäjien suorittaa sudo-ohjelma vain jos heillä on tty"
+
+#: plugins/sudoers/def_data.c:141
+msgid "Visudo will honor the EDITOR environment variable"
+msgstr "Visudo noudattaa EDITOR-ympäristömuuttujaa"
+
+#: plugins/sudoers/def_data.c:145
+msgid "Prompt for root's password, not the users's"
+msgstr "Kysy root-käyttäjän salasana, ei käyttäjän"
+
+#: plugins/sudoers/def_data.c:149
+msgid "Prompt for the runas_default user's password, not the users's"
+msgstr "Kysy runas_default-käyttäjän salasana, ei käyttäjän"
+
+#: plugins/sudoers/def_data.c:153
+msgid "Prompt for the target user's password, not the users's"
+msgstr "Kysy kohdekäyttäjän salasana, ei käyttäjän"
+
+#: plugins/sudoers/def_data.c:157
+msgid "Apply defaults in the target user's login class if there is one"
+msgstr "Käytä oletuksia kohdekäyttäjän kirjautumisluokassa, jos siinä on yhtään"
+
+#: plugins/sudoers/def_data.c:161
+msgid "Set the LOGNAME and USER environment variables"
+msgstr "Aseta LOGNAME- ja USER-ympäristömuuttujat"
+
+#: plugins/sudoers/def_data.c:165
+msgid "Only set the effective uid to the target user, not the real uid"
+msgstr "Aseta vain voimassa oleva uid-käyttäjätunniste kohdekäyttäjälle, ei oikeaa uid-tunnistetta"
+
+#: plugins/sudoers/def_data.c:169
+msgid "Don't initialize the group vector to that of the target user"
+msgstr "Älä alusta ryhmävektoria kohdekäyttäjän vastaavaan arvoon"
+
+#: plugins/sudoers/def_data.c:173
+#, c-format
+msgid "Length at which to wrap log file lines (0 for no wrap): %u"
+msgstr "Pituus, jossa pitkät lokitiedostorivit jaetaan seuraavalle riville (0 ei jaeta): %u"
+
+#: plugins/sudoers/def_data.c:177
+#, c-format
+msgid "Authentication timestamp timeout: %.1f minutes"
+msgstr "Todennusaikaleiman aikavalvonta: %.1f minuuttia"
+
+#: plugins/sudoers/def_data.c:181
+#, c-format
+msgid "Password prompt timeout: %.1f minutes"
+msgstr "Salasanakehotteen aikavalvonta: %.1f minuuttia"
+
+#: plugins/sudoers/def_data.c:185
+#, c-format
+msgid "Number of tries to enter a password: %u"
+msgstr "Salasanayritysten lukumäärä: %u"
+
+#: plugins/sudoers/def_data.c:189
+#, c-format
+msgid "Umask to use or 0777 to use user's: 0%o"
+msgstr "Käytettävä umask-määrittely tai 0777 käytettäväksi käyttäjän umask-määrittelyksi: 0%o"
+
+#: plugins/sudoers/def_data.c:193
+#, c-format
+msgid "Path to log file: %s"
+msgstr "Polku lokitiedostoon: %s"
+
+#: plugins/sudoers/def_data.c:197
+#, c-format
+msgid "Path to mail program: %s"
+msgstr "Polku sähköpostiohjelmaan: %s"
+
+#: plugins/sudoers/def_data.c:201
+#, c-format
+msgid "Flags for mail program: %s"
+msgstr "Sähköpostiohjelman liput: %s"
+
+#: plugins/sudoers/def_data.c:205
+#, c-format
+msgid "Address to send mail to: %s"
+msgstr "Osoite, johon sähköposti lähetetään: %s"
+
+#: plugins/sudoers/def_data.c:209
+#, c-format
+msgid "Address to send mail from: %s"
+msgstr "Osoite, josta sähköposti lähetetään: %s"
+
+#: plugins/sudoers/def_data.c:213
+#, c-format
+msgid "Subject line for mail messages: %s"
+msgstr "Sähköpostiviestin Aihe-rivi: %s"
+
+#: plugins/sudoers/def_data.c:217
+#, c-format
+msgid "Incorrect password message: %s"
+msgstr "Virheellinen salasanaviesti: %s"
+
+#: plugins/sudoers/def_data.c:221
+#, c-format
+msgid "Path to lecture status dir: %s"
+msgstr "Polku luentotilahakemistoon: %s"
+
+#: plugins/sudoers/def_data.c:225
+#, c-format
+msgid "Path to authentication timestamp dir: %s"
+msgstr "Polku todennusaikaleimahakemistoon: %s"
+
+#: plugins/sudoers/def_data.c:229
+#, c-format
+msgid "Owner of the authentication timestamp dir: %s"
+msgstr "Todennusaikaleimahakemiston omistaja: %s"
+
+#: plugins/sudoers/def_data.c:233
+#, c-format
+msgid "Users in this group are exempt from password and PATH requirements: %s"
+msgstr "Käyttäjät tässä ryhmässä on vapautettu salasana- ja PATH-vaatimuksista: %s"
+
+#: plugins/sudoers/def_data.c:237
+#, c-format
+msgid "Default password prompt: %s"
+msgstr "Oletussalasanakehote: %s"
+
+#: plugins/sudoers/def_data.c:241
+msgid "If set, passprompt will override system prompt in all cases."
+msgstr "Jos asetettu, salasanakehote korvaa järjestelmäkehotteen kaikissa tapauksissa."
+
+#  Tämä on tekemisessä runas_default -määrittelyn kanssa
+#: plugins/sudoers/def_data.c:245
+#, c-format
+msgid "Default user to run commands as: %s"
+msgstr "Oletuskäyttäjä suorittaa komennot käyttäjänä: %s"
+
+#: plugins/sudoers/def_data.c:249
+#, c-format
+msgid "Value to override user's $PATH with: %s"
+msgstr "Arvo, jolla korvataan käyttäjän $PATH-asetus: %s"
+
+#: plugins/sudoers/def_data.c:253
+#, c-format
+msgid "Path to the editor for use by visudo: %s"
+msgstr "Visudo-editorin käyttämä polku: %s"
+
+#: plugins/sudoers/def_data.c:257
+#, c-format
+msgid "When to require a password for 'list' pseudocommand: %s"
+msgstr "Kun vaaditaan salasana ’list’-näennäiskomennolle: %s"
+
+#: plugins/sudoers/def_data.c:261
+#, c-format
+msgid "When to require a password for 'verify' pseudocommand: %s"
+msgstr "Kun vaaditaan salasana ’verify’-näennäiskomennolle: %s"
+
+#: plugins/sudoers/def_data.c:265
+msgid "Preload the dummy exec functions contained in the sudo_noexec library"
+msgstr "Esilataa vale-exec-funktiot, jotka sisältyvät sudo_noexec-kirjastoon"
+
+#: plugins/sudoers/def_data.c:269
+msgid "If LDAP directory is up, do we ignore local sudoers file"
+msgstr "Jos LDAP-hakemisto on ylhäällä, ohitammeko paikallisen sudoers-tiedoston"
+
+#: plugins/sudoers/def_data.c:273
+#, c-format
+msgid "File descriptors >= %d will be closed before executing a command"
+msgstr "Tiedostokuvaajat >= %d suljetaan ennen komennon suoritusta"
+
+#: plugins/sudoers/def_data.c:277
+msgid "If set, users may override the value of `closefrom' with the -C option"
+msgstr "Jos asetettu, käyttäjä voi korvata ’closefrom’-arvon valitsimella -C"
+
+#: plugins/sudoers/def_data.c:281
+msgid "Allow users to set arbitrary environment variables"
+msgstr "Salli käyttäjien asettaa mielivaltaisia ympäristömuuttujia"
+
+#: plugins/sudoers/def_data.c:285
+msgid "Reset the environment to a default set of variables"
+msgstr "Nollaa ympäristö muuttujien oletusjoukoksi"
+
+#: plugins/sudoers/def_data.c:289
+msgid "Environment variables to check for sanity:"
+msgstr "Ympäristömuuttujat, joille tehdään järkevyystarkistus:"
+
+#: plugins/sudoers/def_data.c:293
+msgid "Environment variables to remove:"
+msgstr "Poistettavat ympäristömuuttujat:"
+
+#: plugins/sudoers/def_data.c:297
+msgid "Environment variables to preserve:"
+msgstr "Säilytettävät ympäristömuuttujat:"
+
+#: plugins/sudoers/def_data.c:301
+#, c-format
+msgid "SELinux role to use in the new security context: %s"
+msgstr "Uudessa turva-asiayhteydessä käytettävä SELinux-rooli: %s"
+
+#: plugins/sudoers/def_data.c:305
+#, c-format
+msgid "SELinux type to use in the new security context: %s"
+msgstr "Uudessa turva-asiayhteydessä käytettävä SELinux-tyyppi: %s"
+
+#: plugins/sudoers/def_data.c:309
+#, c-format
+msgid "Path to the sudo-specific environment file: %s"
+msgstr "Polku sudo-kohtaiseen ympäristötiedostoon: %s"
+
+#: plugins/sudoers/def_data.c:313
+#, c-format
+msgid "Path to the restricted sudo-specific environment file: %s"
+msgstr "Polku rajoitettuun sudo-kohtaiseen ympäristötiedostoon: %s"
+
+#: plugins/sudoers/def_data.c:317
+#, c-format
+msgid "Locale to use while parsing sudoers: %s"
+msgstr "Locale-asetus, jota käytetään sudoers-jäsentämisessä: %s"
+
+#: plugins/sudoers/def_data.c:321
+msgid "Allow sudo to prompt for a password even if it would be visible"
+msgstr "Salli sudo-ohjelman kysyä salasana vieläpä jos se olisi näkyvä"
+
+#: plugins/sudoers/def_data.c:325
+msgid "Provide visual feedback at the password prompt when there is user input"
+msgstr "Tarjoa visuaalista palautetta salasanakehotteelta silloin kun on käyttäjäsyöte"
+
+#: plugins/sudoers/def_data.c:329
+msgid "Use faster globbing that is less accurate but does not access the filesystem"
+msgstr "Käyttää nopeampaa jokerimerkkien korvausta, joka on epätarkempi, mutta ei lue tiedostojärjestelmää"
+
+#: plugins/sudoers/def_data.c:333
+msgid "The umask specified in sudoers will override the user's, even if it is more permissive"
+msgstr "Sudoers umask korvaa käyttäjän umask-määrittelyn, vieläpä jos se on sallivampi"
+
+#: plugins/sudoers/def_data.c:337
+msgid "Log user's input for the command being run"
+msgstr "Kirjaa lokiin käyttäjän syöte suoritettavalle komennolle"
+
+#: plugins/sudoers/def_data.c:341
+msgid "Log the output of the command being run"
+msgstr "Kirjaa lokiin suoritettavan komennon tuloste"
+
+#: plugins/sudoers/def_data.c:345
+msgid "Compress I/O logs using zlib"
+msgstr "Tiivistä siirräntälokit käyttäen zlib-ohjelmaa"
+
+#: plugins/sudoers/def_data.c:349
+msgid "Always run commands in a pseudo-tty"
+msgstr "Suorita aina komennot näennäis-tty:ssä"
+
+#: plugins/sudoers/def_data.c:353
+#, c-format
+msgid "Plugin for non-Unix group support: %s"
+msgstr "Lisäosa ei-Unix-ryhmätuelle: %s"
+
+#: plugins/sudoers/def_data.c:357
+#, c-format
+msgid "Directory in which to store input/output logs: %s"
+msgstr "Hakemisto, johon tallennetaan syöte-/tulostelokit: %s"
+
+#: plugins/sudoers/def_data.c:361
+#, c-format
+msgid "File in which to store the input/output log: %s"
+msgstr "Tiedosto, johon tallennetaan syöte-/tulosteloki: %s"
+
+#: plugins/sudoers/def_data.c:365
+msgid "Add an entry to the utmp/utmpx file when allocating a pty"
+msgstr "Lisää rivi utmp-/utmpx-tiedostoon, kun varataan pty"
+
+#: plugins/sudoers/def_data.c:369
+msgid "Set the user in utmp to the runas user, not the invoking user"
+msgstr "Aseta käyttäjäksi utmp-tiedostoon suorittava käyttäjä, ei kutsuva käyttäjä"
+
+#: plugins/sudoers/def_data.c:373
+#, c-format
+msgid "Set of permitted privileges: %s"
+msgstr "Sallittujen käyttöoikeuksien joukko: %s"
+
+#: plugins/sudoers/def_data.c:377
+#, c-format
+msgid "Set of limit privileges: %s"
+msgstr "Rajoitettujen käyttöoikeuksien joukko: %s"
+
+#: plugins/sudoers/def_data.c:381
+msgid "Run commands on a pty in the background"
+msgstr "Suorita komentoja pty:llä taustalla"
+
+#: plugins/sudoers/def_data.c:385
+#, c-format
+msgid "PAM service name to use: %s"
+msgstr "Käytettävä PAM-palvelunimi: %s"
+
+#: plugins/sudoers/def_data.c:389
+#, c-format
+msgid "PAM service name to use for login shells: %s"
+msgstr "Kirjautumiskomentotulkeille käytettävä PAM-palvelunimi: %s"
+
+#: plugins/sudoers/def_data.c:393
+msgid "Attempt to establish PAM credentials for the target user"
+msgstr "Yritys perustaa PAM-valtuustiedot kohdekäyttäjälle"
+
+#: plugins/sudoers/def_data.c:397
+msgid "Create a new PAM session for the command to run in"
+msgstr "Luo uusi PAM-istunto suoritettavalle komennolle"
+
+#: plugins/sudoers/def_data.c:401
+#, c-format
+msgid "Maximum I/O log sequence number: %u"
+msgstr "Suurin siirräntälokin sarjanumero: %u"
+
+#: plugins/sudoers/def_data.c:405
+msgid "Enable sudoers netgroup support"
+msgstr "Ota käyttöön sudoers-verkkoryhmätuki"
+
+#: plugins/sudoers/def_data.c:409
+msgid "Check parent directories for writability when editing files with sudoedit"
+msgstr "Tarkista yläpuolella olevan hakemistojen kirjoituskelpoisuus kun tiedostoja muokataan sudoedit-ohjelmalla"
+
+#: plugins/sudoers/def_data.c:413
+msgid "Follow symbolic links when editing files with sudoedit"
+msgstr "Seuraa symbolisia linkejä kun tiedostoja muokataan sudoedit-ohjelmalla"
+
+#: plugins/sudoers/def_data.c:417
+msgid "Query the group plugin for unknown system groups"
+msgstr "Kysy ryhmälisäosaa tuntemattomille järjestelmäryhmille"
+
+#: plugins/sudoers/def_data.c:421
+msgid "Match netgroups based on the entire tuple: user, host and domain"
+msgstr "Täsmäävät verkkoryhmät perustuen koko monikolle: käyttäjä, tietokone ja verkkotunnus"
+
+#: plugins/sudoers/def_data.c:425
+msgid "Allow commands to be run even if sudo cannot write to the audit log"
+msgstr "Salli komentojen suorittaminen silloinkin kun sudo ei kykene kirjoittamaan valvontatarkastuslokiin"
+
+#: plugins/sudoers/def_data.c:429
+msgid "Allow commands to be run even if sudo cannot write to the I/O log"
+msgstr "Salli komentojen suorittaminen silloinkin kun sudo ei kykene kirjoittamaan siirtolokiin"
+
+#: plugins/sudoers/def_data.c:433
+msgid "Allow commands to be run even if sudo cannot write to the log file"
+msgstr "Salli komentojen suorittaminen silloinkin kun sudo ei kykene kirjoittamaan lokitiedostoon"
+
+#: plugins/sudoers/def_data.c:437
+msgid "Resolve groups in sudoers and match on the group ID, not the name"
+msgstr "Ratkaise sudoers-ryhmät ja täsmäytä ryhmätunnisteeseen, ei nimeen"
+
+#: plugins/sudoers/def_data.c:441
+#, c-format
+msgid "Log entries larger than this value will be split into multiple syslog messages: %u"
+msgstr "Lokirivit, jotka ovat pitempiä kuin tämä arvo, jaetaan useisiin syslog-viesteihin: %u"
+
+#: plugins/sudoers/def_data.c:445
+#, c-format
+msgid "User that will own the I/O log files: %s"
+msgstr "Käyttäjä, joka omistaa siirräntälokitiedostot: %s"
+
+#: plugins/sudoers/def_data.c:449
+#, c-format
+msgid "Group that will own the I/O log files: %s"
+msgstr "Ryhmä, joka omistaa siirräntälokitiedostot: %s"
+
+#: plugins/sudoers/def_data.c:453
+#, c-format
+msgid "File mode to use for the I/O log files: 0%o"
+msgstr "Tiedostotila käytettäväksi siirräntälokitiedostoissa: 0%o"
+
+#: plugins/sudoers/def_data.c:457
+#, c-format
+msgid "Execute commands by file descriptor instead of by path: %s"
+msgstr "Suorita komentoja tiedostokuvaan avulla eikä polun avulla: %s"
+
+#: plugins/sudoers/def_data.c:461
+msgid "Ignore unknown Defaults entries in sudoers instead of producing a warning"
+msgstr "Ohita tuntemattomat Defaults-rivit sudoers-tiedostossa sen sijaan että tuottaisit varoituksia"
+
+#: plugins/sudoers/def_data.c:465
+#, c-format
+msgid "Time in seconds after which the command will be terminated: %u"
+msgstr "Sekuntimäärä, jossa komento päätetään: %u"
+
+#: plugins/sudoers/def_data.c:469
+msgid "Allow the user to specify a timeout on the command line"
+msgstr "Salli käyttäjän määritellä aikavalvonta komentorivillä"
+
+#: plugins/sudoers/def_data.c:473
+msgid "Flush I/O log data to disk immediately instead of buffering it"
+msgstr "Tyhjennä siirräntälokitiedot levylle välittömästi sen sijaan että puskuroisit ne"
+
+#: plugins/sudoers/def_data.c:477
+msgid "Include the process ID when logging via syslog"
+msgstr "Sisällytä prosessitunniste, kun kirjataan syslog-tiedostoon"
+
+#: plugins/sudoers/def_data.c:481
+#, c-format
+msgid "Type of authentication timestamp record: %s"
+msgstr "Todennusaikaleimatietueen tyyppi: %s"
+
+#: plugins/sudoers/defaults.c:220
+#, c-format
+msgid "%s:%d unknown defaults entry \"%s\""
+msgstr "%s:%d tuntematon oletusrivi ”%s”"
+
+#: plugins/sudoers/defaults.c:223
+#, c-format
+msgid "%s: unknown defaults entry \"%s\""
+msgstr "%s: tuntematon oletusrivi ”%s”"
+
+#  parametrinä on variable
+#: plugins/sudoers/defaults.c:263
+#, c-format
+msgid "%s:%d no value specified for \"%s\""
+msgstr "%s:%d arvoa ei ole määritelty muuttujalle ”%s”"
+
+#  parametrinä on variable
+#: plugins/sudoers/defaults.c:266
+#, c-format
+msgid "%s: no value specified for \"%s\""
+msgstr "%s: arvoa ei ole määritelty muuttujalle ”%s”"
+
+#  Parametri on muuttuja
+#: plugins/sudoers/defaults.c:286
+#, c-format
+msgid "%s:%d values for \"%s\" must start with a '/'"
+msgstr "%s:%d muuttujan ”%s” arvojen on alettava merkillä ’/’"
+
+#  Parametri on muuttuja
+#: plugins/sudoers/defaults.c:289
+#, c-format
+msgid "%s: values for \"%s\" must start with a '/'"
+msgstr "%s: muuttujan ”%s” arvojen on alettava merkillä ’/’"
+
+#: plugins/sudoers/defaults.c:314
+#, c-format
+msgid "%s:%d option \"%s\" does not take a value"
+msgstr "%s:%d valitsin ”%s” ei ota arvoa"
+
+#: plugins/sudoers/defaults.c:317
+#, c-format
+msgid "%s: option \"%s\" does not take a value"
+msgstr "%s: valitsin ”%s” ei ota arvoa"
+
+#: plugins/sudoers/defaults.c:339
+#, c-format
+msgid "%s:%d invalid Defaults type 0x%x for option \"%s\""
+msgstr "%s:%d virheellinen Defaults-tyyppi 0x%x valitsimelle ”%s”"
+
+#: plugins/sudoers/defaults.c:342
+#, c-format
+msgid "%s: invalid Defaults type 0x%x for option \"%s\""
+msgstr "%s: virheellinen Defaults-tyyppi 0x%x valitsimelle ”%s”"
+
+#: plugins/sudoers/defaults.c:352
+#, c-format
+msgid "%s:%d value \"%s\" is invalid for option \"%s\""
+msgstr "%s:%d arvo ”%s” on virheellinen valitsimelle ”%s”"
+
+#: plugins/sudoers/defaults.c:355
+#, c-format
+msgid "%s: value \"%s\" is invalid for option \"%s\""
+msgstr "%s: arvo ”%s” on virheellinen valitsimelle ”%s”"
+
+#: plugins/sudoers/env.c:295 plugins/sudoers/env.c:302
+#: plugins/sudoers/env.c:407 plugins/sudoers/ldap.c:453
+#: plugins/sudoers/ldap.c:543 plugins/sudoers/ldap.c:1253
+#: plugins/sudoers/ldap.c:1480 plugins/sudoers/ldap.c:1806
+#: plugins/sudoers/linux_audit.c:82 plugins/sudoers/logging.c:947
+#: plugins/sudoers/policy.c:537 plugins/sudoers/policy.c:547
+#: plugins/sudoers/prompt.c:161 plugins/sudoers/sudoers.c:872
+#: plugins/sudoers/testsudoers.c:238 plugins/sudoers/toke_util.c:158
+#, c-format
+msgid "internal error, %s overflow"
+msgstr "sisäinen virhe, %s-ylivuoto"
+
+#: plugins/sudoers/env.c:376
+msgid "sudo_putenv: corrupted envp, length mismatch"
+msgstr "sudo_putenv: rikkoutunut envp, pituus ei täsmää"
+
+#: plugins/sudoers/env.c:1055
+msgid "unable to rebuild the environment"
+msgstr "ympäristön rakentaminen uudelleen epäonnistui"
+
+#: plugins/sudoers/env.c:1129
+#, c-format
+msgid "sorry, you are not allowed to set the following environment variables: %s"
+msgstr "seuraavia ympäristömuuttujia ei ole lupa asettaa: %s"
+
+#: plugins/sudoers/filedigest.c:104 plugins/sudoers/filedigest_gcrypt.c:66
+#: plugins/sudoers/filedigest_openssl.c:95
+#, c-format
+msgid "unsupported digest type %d for %s"
+msgstr "tukematon tiivistetyyppi %d kohteelle %s"
+
+#: plugins/sudoers/filedigest.c:129 plugins/sudoers/filedigest_gcrypt.c:98
+#: plugins/sudoers/filedigest_openssl.c:120
+#, c-format
+msgid "%s: read error"
+msgstr "%s: kirjoitusvirhe"
+
+#: plugins/sudoers/group_plugin.c:86
+#, c-format
+msgid "%s must be owned by uid %d"
+msgstr "%s-omistajan on oltava uid %d"
+
+#: plugins/sudoers/group_plugin.c:90
+#, c-format
+msgid "%s must only be writable by owner"
+msgstr "%s on vain omistajan kirjoitettava"
+
+#: plugins/sudoers/group_plugin.c:98 plugins/sudoers/sssd.c:398
+#, c-format
+msgid "unable to load %s: %s"
+msgstr "kohteen %s lataaminen epäonnistui: %s"
+
+#  parametrina on path
+#: plugins/sudoers/group_plugin.c:104
+#, c-format
+msgid "unable to find symbol \"group_plugin\" in %s"
+msgstr "symbolin ”group_plugin” löytäminen polusta %s epäonnistui"
+
+#: plugins/sudoers/group_plugin.c:109
+#, c-format
+msgid "%s: incompatible group plugin major version %d, expected %d"
+msgstr "%s: yhteensopimaton ryhmälisäosan major-versio %d, odotettiin %d"
+
+#: plugins/sudoers/interfaces.c:79 plugins/sudoers/interfaces.c:96
+#, c-format
+msgid "unable to parse IP address \"%s\""
+msgstr "verkko-osoitteen ”%s” jäsentäminen epäonnistui"
+
+#  Parametri on sudoers file
+#: plugins/sudoers/interfaces.c:84 plugins/sudoers/interfaces.c:101
+#, c-format
+msgid "unable to parse netmask \"%s\""
+msgstr "verkkopeitteen ”%s” jäsentäminen epäonnistui"
+
+#: plugins/sudoers/interfaces.c:129
+msgid "Local IP address and netmask pairs:\n"
+msgstr "Paikallinen verkko-osoite ja verkkopeiteparit:\n"
+
+#: plugins/sudoers/iolog.c:121 plugins/sudoers/mkdir_parents.c:75
+#, c-format
+msgid "%s exists but is not a directory (0%o)"
+msgstr "%s on olemassa, mutta ei ole hakemisto (0%o)"
+
+#: plugins/sudoers/iolog.c:146 plugins/sudoers/iolog.c:187
+#: plugins/sudoers/mkdir_parents.c:64 plugins/sudoers/timestamp.c:170
+#, c-format
+msgid "unable to mkdir %s"
+msgstr "käskyn mkdir %s suorittaminen epäonnistui"
+
+#: plugins/sudoers/iolog.c:191 plugins/sudoers/visudo.c:740
+#: plugins/sudoers/visudo.c:750
+#, c-format
+msgid "unable to change mode of %s to 0%o"
+msgstr "tilan %s vaihtaminen arvoon 0%o epäonnistui"
+
+#: plugins/sudoers/iolog.c:299 plugins/sudoers/sudoers.c:1192
+#: plugins/sudoers/testsudoers.c:390
+#, c-format
+msgid "unknown group: %s"
+msgstr "tuntematon ryhmä: %s"
+
+#  Avaamisen kohde voi olla timestamp file, sudoers file tai pathbuf
+#: plugins/sudoers/iolog.c:418 plugins/sudoers/sudoers.c:928
+#: plugins/sudoers/sudoreplay.c:349 plugins/sudoers/sudoreplay.c:1335
+#: plugins/sudoers/sudoreplay.c:1539 plugins/sudoers/timestamp.c:398
+#: plugins/sudoers/visudo.c:972 plugins/sudoers/visudo_json.c:1001
+#: plugins/sudoers/visudo_json.c:1014
+#, c-format
+msgid "unable to open %s"
+msgstr "kohteen %s avaaminen epäonnistui"
+
+#  Parametrinä on sudoers-tiedosto tai pathbuf
+#: plugins/sudoers/iolog.c:469 plugins/sudoers/sudoers.c:932
+#: plugins/sudoers/sudoreplay.c:831 plugins/sudoers/sudoreplay.c:1650
+#, c-format
+msgid "unable to read %s"
+msgstr "kohteen %s lukeminen epäonnistui"
+
+#  Kirjoittamisen kohde voi olla timestamp file tai pathbuf
+#: plugins/sudoers/iolog.c:505 plugins/sudoers/sudoreplay.c:1104
+#: plugins/sudoers/timestamp.c:290 plugins/sudoers/timestamp.c:293
+#, c-format
+msgid "unable to write to %s"
+msgstr "kohteeseen %s kirjoittaminen epäonnistui"
+
+#  Parametrina on pathbuf
+#: plugins/sudoers/iolog.c:584 plugins/sudoers/iolog.c:803
+#, c-format
+msgid "unable to create %s"
+msgstr "hakemistopolun %s luominen epäonnistui"
+
+#: plugins/sudoers/iolog.c:1035 plugins/sudoers/iolog.c:1110
+#: plugins/sudoers/iolog.c:1191
+#, c-format
+msgid "unable to write to I/O log file: %s"
+msgstr "siirtolokitiedostoon: %s kirjoittaminen epäonnistui"
+
+#: plugins/sudoers/iolog.c:1069
+#, c-format
+msgid "%s: internal error, file index %d not open"
+msgstr "%s: sisäinen virhe, tiedostoindeksi %d ei ole avoin"
+
+#: plugins/sudoers/ldap.c:431
+msgid "sudo_ldap_conf_add_ports: port too large"
+msgstr "sudo_ldap_conf_add_ports: portti on liian suuri"
+
+#  URL on verkko-osoite, loogisesti URI on verkkoresurssi(osoite)
+#: plugins/sudoers/ldap.c:491
+#, c-format
+msgid "unsupported LDAP uri type: %s"
+msgstr "tukematon LDAP-verkkoresurssin tunnustyyppi: %s"
+
+#: plugins/sudoers/ldap.c:518
+msgid "unable to mix ldap and ldaps URIs"
+msgstr "ldap:n ja ldap-verkkoresurssitunnuksien sekoittaminen epäonnistui"
+
+#: plugins/sudoers/ldap.c:522 plugins/sudoers/ldap.c:558
+msgid "starttls not supported when using ldaps"
+msgstr "starttls ei ole tuettu ldaps-käytössä"
+
+#: plugins/sudoers/ldap.c:629
+#, c-format
+msgid "unable to initialize SSL cert and key db: %s"
+msgstr "SSL-varmenne- ja -avaintietokannan alustaminen epäonnistui: %s"
+
+#: plugins/sudoers/ldap.c:632
+#, c-format
+msgid "you must set TLS_CERT in %s to use SSL"
+msgstr "kohteessa %s TLS_CERT on asetettava käyttämään SSL:ää"
+
+#: plugins/sudoers/ldap.c:1239
+msgid "unable to get GMT time"
+msgstr "GMT-ajan saaminen epäonnistui"
+
+#: plugins/sudoers/ldap.c:1245
+msgid "unable to format timestamp"
+msgstr "aikaleiman muotoileminen epäonnistui"
+
+#: plugins/sudoers/ldap.c:1961
+#, c-format
+msgid "%s: %s: %s: %s"
+msgstr "%s: %s: %s: %s"
+
+#: plugins/sudoers/ldap.c:2533
+#, c-format
+msgid ""
+"\n"
+"LDAP Role: %s\n"
+msgstr ""
+"\n"
+"LDAP-rooli: %s\n"
+
+#: plugins/sudoers/ldap.c:2535
+#, c-format
+msgid ""
+"\n"
+"LDAP Role: UNKNOWN\n"
+msgstr ""
+"\n"
+"LDAP-rooli: TUNTEMATON\n"
+
+#: plugins/sudoers/ldap.c:2591
+#, c-format
+msgid "    Order: %s\n"
+msgstr "    Järjestys: %s\n"
+
+#: plugins/sudoers/ldap.c:2599 plugins/sudoers/parse.c:614
+#: plugins/sudoers/sssd.c:1628
+#, c-format
+msgid "    Commands:\n"
+msgstr "    Komennot:\n"
+
+#: plugins/sudoers/ldap.c:3161
+#, c-format
+msgid "unable to initialize LDAP: %s"
+msgstr "kohteen LDAP alustaminen epäonnistui: %s"
+
+#: plugins/sudoers/ldap.c:3197
+msgid "start_tls specified but LDAP libs do not support ldap_start_tls_s() or ldap_start_tls_s_np()"
+msgstr "start_tls määritelty, mutta LDAP-kirjastot ei tue funktiota ldap_start_tls_s() tai funktiota ldap_start_tls_s_np()"
+
+#: plugins/sudoers/ldap.c:3446
+#, c-format
+msgid "invalid sudoOrder attribute: %s"
+msgstr "virheellinen sudoOrder-attribuutti: %s"
+
+#: plugins/sudoers/linux_audit.c:52
+msgid "unable to open audit system"
+msgstr "audit-järjestelmän avaaminen epäonnistui"
+
+#: plugins/sudoers/linux_audit.c:93
+msgid "unable to send audit message"
+msgstr "audit-viestin lähettäminen epäonnistui"
+
+#: plugins/sudoers/logging.c:107
+#, c-format
+msgid "%8s : %s"
+msgstr "%8s : %s"
+
+#: plugins/sudoers/logging.c:135
+#, c-format
+msgid "%8s : (command continued) %s"
+msgstr "%8s: (komento jatkui) %s"
+
+#: plugins/sudoers/logging.c:164
+#, c-format
+msgid "unable to open log file: %s"
+msgstr "lokitiedoston avaaminen epäonnistui: %s"
+
+#: plugins/sudoers/logging.c:172
+#, c-format
+msgid "unable to lock log file: %s"
+msgstr "lokitiedoston lukitseminen epäonnistui: %s"
+
+#: plugins/sudoers/logging.c:205
+#, c-format
+msgid "unable to write log file: %s"
+msgstr "lokitiedostoon: %s kirjoittaminen epäonnistui"
+
+#: plugins/sudoers/logging.c:234
+msgid "No user or host"
+msgstr "Ei käyttäjä eikä tietokone"
+
+#: plugins/sudoers/logging.c:236
+msgid "validation failure"
+msgstr "kelpuutushäiriö"
+
+#: plugins/sudoers/logging.c:243
+msgid "user NOT in sudoers"
+msgstr "käyttäjä EI ole sudoers-tiedostossa"
+
+#: plugins/sudoers/logging.c:245
+msgid "user NOT authorized on host"
+msgstr "käyttäjä ei ole varmennettu tietokoneella"
+
+#: plugins/sudoers/logging.c:247
+msgid "command not allowed"
+msgstr "komento ei ole sallittu"
+
+#: plugins/sudoers/logging.c:282
+#, c-format
+msgid "%s is not in the sudoers file.  This incident will be reported.\n"
+msgstr "käyttäjä %s ei ole sudoers-tiedostossa.  Tästä tapahtumasta ilmoitetaan.\n"
+
+#: plugins/sudoers/logging.c:285
+#, c-format
+msgid "%s is not allowed to run sudo on %s.  This incident will be reported.\n"
+msgstr "käyttäjä %s ei saa suorittaa komentoa sudo tietokoneella %s.  Tästä tapahtumasta ilmoitetaan.\n"
+
+#: plugins/sudoers/logging.c:289
+#, c-format
+msgid "Sorry, user %s may not run sudo on %s.\n"
+msgstr "Käyttäjä %s ei voi suorittaa komentoa sudo tietokoneella %s.\n"
+
+#: plugins/sudoers/logging.c:292
+#, c-format
+msgid "Sorry, user %s is not allowed to execute '%s%s%s' as %s%s%s on %s.\n"
+msgstr "Käyttäjän %s ei sallita suorittaa ’%s%s%s’ käyttäjänä %s%s%s tietokoneella %s.\n"
+
+#: plugins/sudoers/logging.c:329 plugins/sudoers/sudoers.c:472
+#: plugins/sudoers/sudoers.c:474 plugins/sudoers/sudoers.c:476
+#: plugins/sudoers/sudoers.c:478 plugins/sudoers/sudoers.c:1297
+#: plugins/sudoers/sudoers.c:1299
+#, c-format
+msgid "%s: command not found"
+msgstr "%s: komentoa ei löytynyt"
+
+#: plugins/sudoers/logging.c:331 plugins/sudoers/sudoers.c:468
+#, c-format
+msgid ""
+"ignoring \"%s\" found in '.'\n"
+"Use \"sudo ./%s\" if this is the \"%s\" you wish to run."
+msgstr ""
+"ohitetaan komento ”%s”, joka löytyi kohteesta ’.’\n"
+"Käytä ”sudo ./%s”, jos tämä on ”%s”-komento, joka halutaan suorittaa."
+
+#: plugins/sudoers/logging.c:348
+msgid "authentication failure"
+msgstr "todentamishäiriö"
+
+#: plugins/sudoers/logging.c:374
+msgid "a password is required"
+msgstr "vaaditaan salasana"
+
+#: plugins/sudoers/logging.c:445 plugins/sudoers/logging.c:511
+#, c-format
+msgid "%u incorrect password attempt"
+msgid_plural "%u incorrect password attempts"
+msgstr[0] "%u väärä salasana yritetty"
+msgstr[1] "%u väärää salasanaa yritetty"
+
+#: plugins/sudoers/logging.c:598
+msgid "unable to fork"
+msgstr "fork-funktion kutsuminen epäonnistui"
+
+#: plugins/sudoers/logging.c:606 plugins/sudoers/logging.c:658
+#, c-format
+msgid "unable to fork: %m"
+msgstr "fork-funktion kutsuminen epäonnistui: %m"
+
+#: plugins/sudoers/logging.c:648
+#, c-format
+msgid "unable to open pipe: %m"
+msgstr "putken avaaminen epäonnistui: %m"
+
+#: plugins/sudoers/logging.c:673
+#, c-format
+msgid "unable to dup stdin: %m"
+msgstr "funktion dup kutsuminen vakiosyötteellä epäonnistui: %m"
+
+#: plugins/sudoers/logging.c:711
+#, c-format
+msgid "unable to execute %s: %m"
+msgstr "käskyn %s suorittaminen epäonnistui: %m"
+
+#: plugins/sudoers/match.c:771
+#, c-format
+msgid "digest for %s (%s) is not in %s form"
+msgstr "tiiviste kohteelle %s (%s) ei ole %s-muodossa"
+
+#: plugins/sudoers/mkdir_parents.c:70 plugins/sudoers/sudoers.c:943
+#: plugins/sudoers/visudo.c:439 plugins/sudoers/visudo.c:734
+#, c-format
+msgid "unable to stat %s"
+msgstr "funktion stat %s kutsuminen epäonnistui"
+
+#: plugins/sudoers/parse.c:115
+#, c-format
+msgid "parse error in %s near line %d"
+msgstr "jäsentämisvirhe tiedostossa %s lähellä riviä %d"
+
+#: plugins/sudoers/parse.c:118
+#, c-format
+msgid "parse error in %s"
+msgstr "jäsentämisvirhe tiedostossa %s"
+
+#: plugins/sudoers/parse.c:540
+#, c-format
+msgid ""
+"\n"
+"Sudoers entry:\n"
+msgstr ""
+"\n"
+"Sudoers-rivi:\n"
+
+#: plugins/sudoers/parse.c:541
+#, c-format
+msgid "    RunAsUsers: "
+msgstr "    SuoritaKäyttäjänä: "
+
+#: plugins/sudoers/parse.c:555
+#, c-format
+msgid "    RunAsGroups: "
+msgstr "    SuoritaRyhmänä: "
+
+#: plugins/sudoers/parse.c:564
+#, c-format
+msgid "    Options: "
+msgstr "    Valitsimet: "
+
+#: plugins/sudoers/policy.c:242 plugins/sudoers/testsudoers.c:261
+msgid "unable to parse network address list"
+msgstr "verkko-osoiteluettelon jäsentäminen epäonnistui"
+
+#  Parametri on path, mutta saattaa sisältää suoritettavan ohjelman
+#: plugins/sudoers/policy.c:711 plugins/sudoers/visudo.c:910
+#, c-format
+msgid "unable to execute %s"
+msgstr "kohteen %s suorittaminen epäonnistui"
+
+#: plugins/sudoers/policy.c:844
+#, c-format
+msgid "Sudoers policy plugin version %s\n"
+msgstr "Sudoers-menettelytapalisäosaversio %s\n"
+
+#: plugins/sudoers/policy.c:846
+#, c-format
+msgid "Sudoers file grammar version %d\n"
+msgstr "Sudoers-tiedostokielioppiversio %d\n"
+
+#: plugins/sudoers/policy.c:850
+#, c-format
+msgid ""
+"\n"
+"Sudoers path: %s\n"
+msgstr ""
+"\n"
+"Sudoers-polku: %s\n"
+
+#: plugins/sudoers/policy.c:853
+#, c-format
+msgid "nsswitch path: %s\n"
+msgstr "nsswitch-polku: %s\n"
+
+#: plugins/sudoers/policy.c:855
+#, c-format
+msgid "ldap.conf path: %s\n"
+msgstr "ldap.conf-polku: %s\n"
+
+#: plugins/sudoers/policy.c:856
+#, c-format
+msgid "ldap.secret path: %s\n"
+msgstr "ldap.secret-polku: %s\n"
+
+#: plugins/sudoers/policy.c:889
+#, c-format
+msgid "unable to register hook of type %d (version %d.%d)"
+msgstr "kytkentätyypin %d (version %d.%d) rekisteröiminen epäonnistui"
+
+#: plugins/sudoers/pwutil.c:162 plugins/sudoers/pwutil.c:180
+#, c-format
+msgid "unable to cache uid %u, out of memory"
+msgstr "käyttäjän uid %u laittaminen välimuistiin epäonnistui, muistia ei riittävästi"
+
+#: plugins/sudoers/pwutil.c:174
+#, c-format
+msgid "unable to cache uid %u, already exists"
+msgstr "käyttäjän uid %u laittaminen välimuistiin epäonnistui, käyttäjä on jo siellä"
+
+#: plugins/sudoers/pwutil.c:234 plugins/sudoers/pwutil.c:251
+#: plugins/sudoers/pwutil.c:313 plugins/sudoers/pwutil.c:358
+#, c-format
+msgid "unable to cache user %s, out of memory"
+msgstr "käyttäjän %s laittaminen välimuistiin epäonnistui, muistia ei riittävästi"
+
+#: plugins/sudoers/pwutil.c:246
+#, c-format
+msgid "unable to cache user %s, already exists"
+msgstr "käyttäjän %s laittaminen välimuistiin epäonnistui, käyttäjä on jo siellä"
+
+#: plugins/sudoers/pwutil.c:474 plugins/sudoers/pwutil.c:492
+#, c-format
+msgid "unable to cache gid %u, out of memory"
+msgstr "ryhmän gid %u laittaminen välimuistiin epäonnistui, muistia ei riittävästi"
+
+#: plugins/sudoers/pwutil.c:486
+#, c-format
+msgid "unable to cache gid %u, already exists"
+msgstr "ryhmän gid %u laittaminen välimuistiin epäonnistui, ryhmä on jo siellä"
+
+#: plugins/sudoers/pwutil.c:540 plugins/sudoers/pwutil.c:557
+#: plugins/sudoers/pwutil.c:604 plugins/sudoers/pwutil.c:646
+#, c-format
+msgid "unable to cache group %s, out of memory"
+msgstr "ryhmän %s laittaminen välimuistiin epäonnistui, muistia ei riittävästi"
+
+#: plugins/sudoers/pwutil.c:552
+#, c-format
+msgid "unable to cache group %s, already exists"
+msgstr "ryhmän %s laittaminen välimuistiin epäonnistui, ryhmä on jo siellä"
+
+#: plugins/sudoers/pwutil.c:772 plugins/sudoers/pwutil.c:824
+#: plugins/sudoers/pwutil.c:874 plugins/sudoers/pwutil.c:926
+#, c-format
+msgid "unable to cache group list for %s, already exists"
+msgstr "ryhmäluettelon laittaminen välimuistiin tiedostossa %s epäonnistui, ryhmäluettelo on jo siellä"
+
+#: plugins/sudoers/pwutil.c:778 plugins/sudoers/pwutil.c:829
+#: plugins/sudoers/pwutil.c:880 plugins/sudoers/pwutil.c:931
+#, c-format
+msgid "unable to cache group list for %s, out of memory"
+msgstr "ryhmäluettelon laittaminen välimuistiin tiedostossa %s epäonnistui, muistia ei riittävästi"
+
+#  Parametri on sudoers file
+#: plugins/sudoers/pwutil.c:818
+#, c-format
+msgid "unable to parse groups for %s"
+msgstr "ryhmien jäsentäminen tiedostossa %s epäonnistui"
+
+#  Parametri on sudoers file
+#: plugins/sudoers/pwutil.c:920
+#, c-format
+msgid "unable to parse gids for %s"
+msgstr "ryhmätunnisteiden jäsentäminen tiedostolle %s epäonnistui"
+
+#: plugins/sudoers/set_perms.c:113 plugins/sudoers/set_perms.c:469
+#: plugins/sudoers/set_perms.c:912 plugins/sudoers/set_perms.c:1239
+#: plugins/sudoers/set_perms.c:1556
+msgid "perm stack overflow"
+msgstr "käyttöoikeuspinoylivuoto"
+
+#: plugins/sudoers/set_perms.c:121 plugins/sudoers/set_perms.c:400
+#: plugins/sudoers/set_perms.c:477 plugins/sudoers/set_perms.c:779
+#: plugins/sudoers/set_perms.c:920 plugins/sudoers/set_perms.c:1163
+#: plugins/sudoers/set_perms.c:1247 plugins/sudoers/set_perms.c:1489
+#: plugins/sudoers/set_perms.c:1564 plugins/sudoers/set_perms.c:1654
+msgid "perm stack underflow"
+msgstr "käyttöoikeuspinovajaus"
+
+#: plugins/sudoers/set_perms.c:180 plugins/sudoers/set_perms.c:523
+#: plugins/sudoers/set_perms.c:1298 plugins/sudoers/set_perms.c:1596
+msgid "unable to change to root gid"
+msgstr "vaihtaminen root gid -tunnisteeksi epäonnistui"
+
+#: plugins/sudoers/set_perms.c:269 plugins/sudoers/set_perms.c:620
+#: plugins/sudoers/set_perms.c:1049 plugins/sudoers/set_perms.c:1375
+msgid "unable to change to runas gid"
+msgstr "vaihtaminen runas gid -tunnisteeksi epäonnistui"
+
+#: plugins/sudoers/set_perms.c:274 plugins/sudoers/set_perms.c:625
+#: plugins/sudoers/set_perms.c:1054 plugins/sudoers/set_perms.c:1380
+msgid "unable to set runas group vector"
+msgstr "runas-ryhmävektorin asettaminen epäonnistui"
+
+#: plugins/sudoers/set_perms.c:285 plugins/sudoers/set_perms.c:636
+#: plugins/sudoers/set_perms.c:1063 plugins/sudoers/set_perms.c:1389
+msgid "unable to change to runas uid"
+msgstr "vaihtaminen runas uid -tunnisteeksi epäonnistui"
+
+#: plugins/sudoers/set_perms.c:303 plugins/sudoers/set_perms.c:654
+#: plugins/sudoers/set_perms.c:1079 plugins/sudoers/set_perms.c:1405
+msgid "unable to change to sudoers gid"
+msgstr "vaihtaminen sudoers gid-tunnisteeksi epäonnistui"
+
+#: plugins/sudoers/set_perms.c:387 plugins/sudoers/set_perms.c:766
+#: plugins/sudoers/set_perms.c:1150 plugins/sudoers/set_perms.c:1476
+#: plugins/sudoers/set_perms.c:1641
+msgid "too many processes"
+msgstr "liian monta prosessia"
+
+#: plugins/sudoers/solaris_audit.c:51
+msgid "unable to get current working directory"
+msgstr "nykyisen työhakemiston hakeminen epäonnistui"
+
+#: plugins/sudoers/solaris_audit.c:59
+#, c-format
+msgid "truncated audit path user_cmnd: %s"
+msgstr "typistetty audit-polku user_cmnd: %s"
+
+#: plugins/sudoers/solaris_audit.c:66
+#, c-format
+msgid "truncated audit path argv[0]: %s"
+msgstr "typistetty audit-polku argv[0]: %s"
+
+#: plugins/sudoers/solaris_audit.c:115
+msgid "audit_failure message too long"
+msgstr "audit_failure-viesti on liian pitkä"
+
+#: plugins/sudoers/sssd.c:400
+msgid "unable to initialize SSS source. Is SSSD installed on your machine?"
+msgstr "lähteen SSS alustaminen epäonnistui. Onko SSSD asennettu tietokoneeseesi?"
+
+#  parametrina on path
+#: plugins/sudoers/sssd.c:408 plugins/sudoers/sssd.c:417
+#: plugins/sudoers/sssd.c:426 plugins/sudoers/sssd.c:435
+#: plugins/sudoers/sssd.c:444
+#, c-format
+msgid "unable to find symbol \"%s\" in %s"
+msgstr "symbolin ”%s” löytäminen polusta %s epäonnistui"
+
+#: plugins/sudoers/sssd.c:1543
+#, c-format
+msgid ""
+"\n"
+"SSSD Role: %s\n"
+msgstr ""
+"\n"
+"SSSD-rooli: %s\n"
+
+#: plugins/sudoers/sssd.c:1548
+#, c-format
+msgid ""
+"\n"
+"SSSD Role: UNKNOWN\n"
+msgstr ""
+"\n"
+"SSSD-rooli: TUNTEMATON\n"
+
+#: plugins/sudoers/sudo_nss.c:290
+#, c-format
+msgid "Matching Defaults entries for %s on %s:\n"
+msgstr "Täsmäävät Defaults-rivit kohteelle %s kohteella %s:\n"
+
+#: plugins/sudoers/sudo_nss.c:308
+#, c-format
+msgid "Runas and Command-specific defaults for %s:\n"
+msgstr "Runas- ja Command-kohtaiset oletukset kohteelle %s:\n"
+
+#: plugins/sudoers/sudo_nss.c:326
+#, c-format
+msgid "User %s may run the following commands on %s:\n"
+msgstr "Käyttäjä %s voi suorittaa seuraavat komennot kohteella %s:\n"
+
+#: plugins/sudoers/sudo_nss.c:339
+#, c-format
+msgid "User %s is not allowed to run sudo on %s.\n"
+msgstr "Käyttäjä %s ei saa suorittaa komentoa sudo tietokoneella %s.\n"
+
+#: plugins/sudoers/sudoers.c:168 plugins/sudoers/testsudoers.c:247
+#: plugins/sudoers/visudo.c:233 plugins/sudoers/visudo.c:612
+#: plugins/sudoers/visudo.c:976
+msgid "unable to initialize sudoers default values"
+msgstr "sudoers-oletusarvojen alustaminen epäonnistui"
+
+#: plugins/sudoers/sudoers.c:198 plugins/sudoers/sudoers.c:890
+msgid "problem with defaults entries"
+msgstr "oletusrivien pulma"
+
+#: plugins/sudoers/sudoers.c:205
+msgid "no valid sudoers sources found, quitting"
+msgstr "ei löytynyt kelvollisia sudoers-lähteitä, poistutaan"
+
+#: plugins/sudoers/sudoers.c:244
+msgid "sudoers specifies that root is not allowed to sudo"
+msgstr "sudoers määrittelee, että root ei saa suorittaa sudo-komentoa"
+
+#: plugins/sudoers/sudoers.c:301
+msgid "you are not permitted to use the -C option"
+msgstr "ei käyttöoikeuksia valitsimelle -C"
+
+#: plugins/sudoers/sudoers.c:390
+#, c-format
+msgid "timestamp owner (%s): No such user"
+msgstr "aikaleimaomistaja (%s): Tuntematon käyttäjä"
+
+#: plugins/sudoers/sudoers.c:405
+msgid "no tty"
+msgstr "ei tty:tä"
+
+#: plugins/sudoers/sudoers.c:406
+msgid "sorry, you must have a tty to run sudo"
+msgstr "sudo-komennon suorittamiseksi on oltava tty"
+
+#: plugins/sudoers/sudoers.c:467
+msgid "command in current directory"
+msgstr "komento nykyisessä hakemistossa"
+
+#: plugins/sudoers/sudoers.c:486
+msgid "sorry, you are not allowed set a command timeout"
+msgstr "komennon aikavalvonnan asettaminen ei ole sallittua"
+
+#: plugins/sudoers/sudoers.c:494
+msgid "sorry, you are not allowed to preserve the environment"
+msgstr "ympäristöä ei ole lupa säilyttää"
+
+#: plugins/sudoers/sudoers.c:835
+msgid "command too long"
+msgstr "komento on liian pitkä"
+
+#: plugins/sudoers/sudoers.c:947
+#, c-format
+msgid "%s is not a regular file"
+msgstr "%s ei ole tavallinen tiedosto"
+
+#: plugins/sudoers/sudoers.c:951 plugins/sudoers/timestamp.c:217 toke.l:969
+#, c-format
+msgid "%s is owned by uid %u, should be %u"
+msgstr "%s on uid %u -käyttäjän omistama, pitäisi olla %u"
+
+#: plugins/sudoers/sudoers.c:955 toke.l:974
+#, c-format
+msgid "%s is world writable"
+msgstr "%s on yleiskirjoitettava"
+
+#: plugins/sudoers/sudoers.c:959 toke.l:977
+#, c-format
+msgid "%s is owned by gid %u, should be %u"
+msgstr "%s on gid %u -ryhmän omistama, pitäisi olla %u"
+
+#: plugins/sudoers/sudoers.c:992
+#, c-format
+msgid "only root can use \"-c %s\""
+msgstr "vain root-käyttäjä voi käyttää valitsinta ”-c %s”"
+
+#: plugins/sudoers/sudoers.c:1011
+#, c-format
+msgid "unknown login class: %s"
+msgstr "tuntematon kirjautumisluokka: %s"
+
+#: plugins/sudoers/sudoers.c:1094 plugins/sudoers/sudoers.c:1108
+#, c-format
+msgid "unable to resolve host %s"
+msgstr "tietokoneen %s ratkaiseminen epäonnistui"
+
+#: plugins/sudoers/sudoreplay.c:275
+#, c-format
+msgid "invalid filter option: %s"
+msgstr "virheellinen suodatinvalitsin: %s"
+
+#: plugins/sudoers/sudoreplay.c:288
+#, c-format
+msgid "invalid max wait: %s"
+msgstr "virheellinen enimmäisodotusaika: %s"
+
+#: plugins/sudoers/sudoreplay.c:300
+#, c-format
+msgid "invalid speed factor: %s"
+msgstr "virheellinen nopeustekijä: %s"
+
+#: plugins/sudoers/sudoreplay.c:303 plugins/sudoers/visudo.c:186
+#, c-format
+msgid "%s version %s\n"
+msgstr "%s versio %s\n"
+
+#: plugins/sudoers/sudoreplay.c:335
+#, c-format
+msgid "%s/%.2s/%.2s/%.2s/timing: %s"
+msgstr "%s/%.2s/%.2s/%.2s/ajoitus: %s"
+
+#: plugins/sudoers/sudoreplay.c:341
+#, c-format
+msgid "%s/%s/timing: %s"
+msgstr "%s/%s/ajoitus: %s"
+
+#: plugins/sudoers/sudoreplay.c:357
+#, c-format
+msgid "Replaying sudo session: %s"
+msgstr "Toistetaan sudo-istunto: %s"
+
+#: plugins/sudoers/sudoreplay.c:555 plugins/sudoers/sudoreplay.c:602
+#: plugins/sudoers/sudoreplay.c:804 plugins/sudoers/sudoreplay.c:879
+#: plugins/sudoers/sudoreplay.c:958 plugins/sudoers/sudoreplay.c:973
+#: plugins/sudoers/sudoreplay.c:980 plugins/sudoers/sudoreplay.c:987
+#: plugins/sudoers/sudoreplay.c:994 plugins/sudoers/sudoreplay.c:1001
+#: plugins/sudoers/sudoreplay.c:1143
+msgid "unable to add event to queue"
+msgstr "tapahtuman lisääminen jonoon epäonnistui"
+
+#: plugins/sudoers/sudoreplay.c:670
+msgid "unable to set tty to raw mode"
+msgstr "tty:n asettaminen raakatilaan epäonnistui"
+
+#: plugins/sudoers/sudoreplay.c:721
+#, c-format
+msgid "Warning: your terminal is too small to properly replay the log.\n"
+msgstr "Varoitus: pääteikkunasi on liian pieni tämän lokin toistamiseksi oikein.\n"
+
+#: plugins/sudoers/sudoreplay.c:722
+#, c-format
+msgid "Log geometry is %d x %d, your terminal's geometry is %d x %d."
+msgstr "Lokigeometria on %d x %d, pääteikkunasi geometria on %d x %d."
+
+#: plugins/sudoers/sudoreplay.c:749
+msgid "Replay finished, press any key to restore the terminal."
+msgstr "Toistaminen päättyi, palaa pääteikkunaan painamalla mitä tahansa näppäintä."
+
+#: plugins/sudoers/sudoreplay.c:782
+#, c-format
+msgid "invalid timing file line: %s"
+msgstr "virheellinen ajoitustiedostorivi: %s"
+
+#: plugins/sudoers/sudoreplay.c:1177 plugins/sudoers/sudoreplay.c:1202
+#, c-format
+msgid "ambiguous expression \"%s\""
+msgstr "monimerkityksellinen lauseke ”%s”"
+
+#: plugins/sudoers/sudoreplay.c:1224
+msgid "unmatched ')' in expression"
+msgstr "täsmäämätön ’)’ lausekkeessa"
+
+#: plugins/sudoers/sudoreplay.c:1228
+#, c-format
+msgid "unknown search term \"%s\""
+msgstr "tuntematon hakutermi ”%s”"
+
+#: plugins/sudoers/sudoreplay.c:1243
+#, c-format
+msgid "%s requires an argument"
+msgstr "%s vaatii argumentin"
+
+#: plugins/sudoers/sudoreplay.c:1246 plugins/sudoers/sudoreplay.c:1626
+#, c-format
+msgid "invalid regular expression: %s"
+msgstr "virheellinen säännöllinen lauseke: %s"
+
+#: plugins/sudoers/sudoreplay.c:1250
+#, c-format
+msgid "could not parse date \"%s\""
+msgstr "päivämäärän ”%s” jäsentäminen epäonnistui"
+
+#: plugins/sudoers/sudoreplay.c:1259
+msgid "unmatched '(' in expression"
+msgstr "täsmäämätön ’(’ lausekkeessa"
+
+#: plugins/sudoers/sudoreplay.c:1261
+msgid "illegal trailing \"or\""
+msgstr "virheellinen jäljessä oleva ”or”"
+
+#: plugins/sudoers/sudoreplay.c:1263
+msgid "illegal trailing \"!\""
+msgstr "virheellinen jäljessä oleva ”!”"
+
+#: plugins/sudoers/sudoreplay.c:1312
+#, c-format
+msgid "unknown search type %d"
+msgstr "tuntematon hakutyyppi %d"
+
+#: plugins/sudoers/sudoreplay.c:1350
+#, c-format
+msgid "%s: invalid log file"
+msgstr "%s: virheellinen lokitiedosto"
+
+#: plugins/sudoers/sudoreplay.c:1368
+#, c-format
+msgid "%s: time stamp field is missing"
+msgstr "%s: aikaleimakenttä puuttuu"
+
+#: plugins/sudoers/sudoreplay.c:1375
+#, c-format
+msgid "%s: time stamp %s: %s"
+msgstr "%s: aikaleima %s: %s"
+
+#: plugins/sudoers/sudoreplay.c:1382
+#, c-format
+msgid "%s: user field is missing"
+msgstr "%s: käyttäjäkenttä puuttuu"
+
+#: plugins/sudoers/sudoreplay.c:1391
+#, c-format
+msgid "%s: runas user field is missing"
+msgstr "%s: suorita käyttäjänä-kenttä puuttuu"
+
+#: plugins/sudoers/sudoreplay.c:1400
+#, c-format
+msgid "%s: runas group field is missing"
+msgstr "%s: suorita ryhmänä-kenttä puuttuu"
+
+#: plugins/sudoers/sudoreplay.c:1806
+#, c-format
+msgid "usage: %s [-hnR] [-d dir] [-m num] [-s num] ID\n"
+msgstr "käyttö: %s [-hnR] [-d hakemisto] [-m numero] [-s numero] ID-tunniste\n"
+
+#: plugins/sudoers/sudoreplay.c:1809
+#, c-format
+msgid "usage: %s [-h] [-d dir] -l [search expression]\n"
+msgstr "käyttö: %s [-h] [-d hakemisto] -l [hakulauseke]\n"
+
+#: plugins/sudoers/sudoreplay.c:1818
+#, c-format
+msgid ""
+"%s - replay sudo session logs\n"
+"\n"
+msgstr ""
+"%s - toista sudo-istuntolokit\n"
+"\n"
+
+#: plugins/sudoers/sudoreplay.c:1820
+msgid ""
+"\n"
+"Options:\n"
+"  -d, --directory=dir  specify directory for session logs\n"
+"  -f, --filter=filter  specify which I/O type(s) to display\n"
+"  -h, --help           display help message and exit\n"
+"  -l, --list           list available session IDs, with optional expression\n"
+"  -m, --max-wait=num   max number of seconds to wait between events\n"
+"  -s, --speed=num      speed up or slow down output\n"
+"  -V, --version        display version information and exit"
+msgstr ""
+"\n"
+"Valitsimet:\n"
+"  -d, --directory=hakemisto  määrittele istuntolokien hakemisto\n"
+"  -f, --filter=suodatin      määrittele, mitä siirräntätyyppiä näytetään\n"
+"  -h, --help                 näytä opasteviesti ja poistu\n"
+"  -l, --list [lauseke]       luettele käytettävissä oleva istuntotunnisteet, jotka täsmäävät lausekkeeseen\n"
+"  -m, --max-wait=numero      maksimisodotusaika tapahtumien välien enimmäisodotusaika sekunteina\n"
+"  -s, --speed=numero         nopeustekijä  nopeuta tai hidasta tulostusta\n"
+"  -V, --version              näytä versiotiedot ja poistu"
+
+#: plugins/sudoers/testsudoers.c:329
+msgid "\thost  unmatched"
+msgstr "\ttietokone täsmäämätön"
+
+#: plugins/sudoers/testsudoers.c:332
+msgid ""
+"\n"
+"Command allowed"
+msgstr ""
+"\n"
+"Komento sallittu"
+
+#: plugins/sudoers/testsudoers.c:333
+msgid ""
+"\n"
+"Command denied"
+msgstr ""
+"\n"
+"Komento kielletty"
+
+#: plugins/sudoers/testsudoers.c:333
+msgid ""
+"\n"
+"Command unmatched"
+msgstr ""
+"\n"
+"Täsmäämätön komento"
+
+#: plugins/sudoers/timestamp.c:225
+#, c-format
+msgid "%s is group writable"
+msgstr "%s on ryhmäkirjoitettava"
+
+#: plugins/sudoers/timestamp.c:301
+#, c-format
+msgid "unable to truncate time stamp file to %lld bytes"
+msgstr "aikaleimatiedoston typistäminen %lld-tavun kokoiseksi epäonnistui"
+
+#: plugins/sudoers/timestamp.c:756 plugins/sudoers/timestamp.c:823
+#: plugins/sudoers/visudo.c:500 plugins/sudoers/visudo.c:506
+msgid "unable to read the clock"
+msgstr "kellon lukeminen epäonnistui"
+
+#: plugins/sudoers/timestamp.c:770
+msgid "ignoring time stamp from the future"
+msgstr "ohitetaan aikaleima tulevaisuudesta"
+
+#: plugins/sudoers/timestamp.c:782
+#, c-format
+msgid "time stamp too far in the future: %20.20s"
+msgstr "aikaleima liian kaukana tulevaisuudessa: %20.20s"
+
+#: plugins/sudoers/timestamp.c:877
+#, c-format
+msgid "unable to lock time stamp file %s"
+msgstr "aikaleimatiedoston %s lukitseminen epäonnistui"
+
+#: plugins/sudoers/timestamp.c:921 plugins/sudoers/timestamp.c:941
+#, c-format
+msgid "lecture status path too long: %s/%s"
+msgstr "luentotilapolku on liian pitkä: %s/%s"
+
+#: plugins/sudoers/visudo.c:188
+#, c-format
+msgid "%s grammar version %d\n"
+msgstr "%s kielioppiversio %d\n"
+
+#: plugins/sudoers/visudo.c:266 plugins/sudoers/visudo.c:667
+#, c-format
+msgid "press return to edit %s: "
+msgstr "muokkaa %s painamalla enter-painiketta: "
+
+#: plugins/sudoers/visudo.c:331
+#, c-format
+msgid "specified editor (%s) doesn't exist"
+msgstr "määritelty editori (%s) ei ole olemassa"
+
+#: plugins/sudoers/visudo.c:349
+#, c-format
+msgid "no editor found (editor path = %s)"
+msgstr "editoria ei löytynyt (editoripolku = %s)"
+
+#: plugins/sudoers/visudo.c:459 plugins/sudoers/visudo.c:467
+msgid "write error"
+msgstr "kirjoitusvirhe"
+
+#: plugins/sudoers/visudo.c:513
+#, c-format
+msgid "unable to stat temporary file (%s), %s unchanged"
+msgstr "funktion stat kutsuminen tilapäiselle tiedostolle (%s) epäonnistui, %s ennallaan"
+
+#: plugins/sudoers/visudo.c:520
+#, c-format
+msgid "zero length temporary file (%s), %s unchanged"
+msgstr "nollapituinen tilapäinen tiedosto (%s), %s ennallaan"
+
+#: plugins/sudoers/visudo.c:526
+#, c-format
+msgid "editor (%s) failed, %s unchanged"
+msgstr "editori (%s) epäonnistui, %s ennallaan"
+
+#: plugins/sudoers/visudo.c:548
+#, c-format
+msgid "%s unchanged"
+msgstr "%s ennallaan"
+
+#: plugins/sudoers/visudo.c:607
+#, c-format
+msgid "unable to re-open temporary file (%s), %s unchanged."
+msgstr "tilapäisen tiedoston (%s) avaaminen uudelleen epäonnistui, %s ennallaan."
+
+#: plugins/sudoers/visudo.c:619
+#, c-format
+msgid "unabled to parse temporary file (%s), unknown error"
+msgstr "tilapäisen tiedoston (%s) jäsentäminen epäonnistui, tuntematon virhe"
+
+#: plugins/sudoers/visudo.c:656
+#, c-format
+msgid "internal error, unable to find %s in list!"
+msgstr "sisäinen virhe, kohteen %s löytäminen luettelosta epäonnistui!"
+
+#: plugins/sudoers/visudo.c:736 plugins/sudoers/visudo.c:745
+#, c-format
+msgid "unable to set (uid, gid) of %s to (%u, %u)"
+msgstr "kohteen %s (uid, gid) asettaminen arvoihin (%u, %u) epäonnistui"
+
+#: plugins/sudoers/visudo.c:767
+#, c-format
+msgid "%s and %s not on the same file system, using mv to rename"
+msgstr "%s ja %s eivät ole samassa tiedostojärjestelmässä, käytetään komentoa mv uudelleennimeämiseen"
+
+#: plugins/sudoers/visudo.c:781
+#, c-format
+msgid "command failed: '%s %s %s', %s unchanged"
+msgstr "komento epäonnistui: ’%s %s %s’, %s ennallaan"
+
+#: plugins/sudoers/visudo.c:791
+#, c-format
+msgid "error renaming %s, %s unchanged"
+msgstr "virhe nimettäessä %s uudelleen, %s ennallaan"
+
+#: plugins/sudoers/visudo.c:855
+msgid "What now? "
+msgstr "Mitä nyt?"
+
+#: plugins/sudoers/visudo.c:869
+msgid ""
+"Options are:\n"
+"  (e)dit sudoers file again\n"
+"  e(x)it without saving changes to sudoers file\n"
+"  (Q)uit and save changes to sudoers file (DANGER!)\n"
+msgstr ""
+"Valitsimia ovat:\n"
+"  (e) muokkaa sudoers-tiedostoa uudelleen\n"
+"  (x) poistu tallentamatta sudoers-tiedoston muutoksia\n"
+"  (Q) poistu ja tallenna muutokset sudoers-tiedostoon (VAARA!)\n"
+
+#  Parametri on path, mutta saattaa sisältää suoritettavan ohjelman
+#: plugins/sudoers/visudo.c:915
+#, c-format
+msgid "unable to run %s"
+msgstr "kohteen %s suorittaminen epäonnistui"
+
+#: plugins/sudoers/visudo.c:945
+#, c-format
+msgid "%s: wrong owner (uid, gid) should be (%u, %u)\n"
+msgstr "%s: väärä omistaja (uid, gid), pitäisi olla (%u, %u)\n"
+
+#: plugins/sudoers/visudo.c:952
+#, c-format
+msgid "%s: bad permissions, should be mode 0%o\n"
+msgstr "%s: väärät käyttöoikeudet, pitäisi olla tila 0%o\n"
+
+#: plugins/sudoers/visudo.c:981 plugins/sudoers/visudo_json.c:1021
+#, c-format
+msgid "failed to parse %s file, unknown error"
+msgstr "tiedoston %s jäsentäminen epäonnistui, tuntematon virhe"
+
+#: plugins/sudoers/visudo.c:997 plugins/sudoers/visudo_json.c:1032
+#, c-format
+msgid "parse error in %s near line %d\n"
+msgstr "jäsentämisvirhe tiedostossa %s lähellä riviä %d\n"
+
+#: plugins/sudoers/visudo.c:1000 plugins/sudoers/visudo_json.c:1035
+#, c-format
+msgid "parse error in %s\n"
+msgstr "jäsentämisvirhe tiedostossa %s\n"
+
+#: plugins/sudoers/visudo.c:1008 plugins/sudoers/visudo.c:1015
+#, c-format
+msgid "%s: parsed OK\n"
+msgstr "%s: jäsentäminen valmis\n"
+
+#: plugins/sudoers/visudo.c:1062
+#, c-format
+msgid "%s busy, try again later"
+msgstr "%s varattu, yritä myöhemmin uudelleen"
+
+#: plugins/sudoers/visudo.c:1159
+#, c-format
+msgid "Error: %s:%d cycle in %s \"%s\""
+msgstr "Virhe: %s:%d jakso kohteessa %s \"%s\""
+
+#: plugins/sudoers/visudo.c:1160
+#, c-format
+msgid "Warning: %s:%d cycle in %s \"%s\""
+msgstr "Varoitus: %s:%d jakso kohteessa %s \"%s\""
+
+#: plugins/sudoers/visudo.c:1164
+#, c-format
+msgid "Error: %s:%d %s \"%s\" referenced but not defined"
+msgstr "Virhe: %s:%d %s \"%s\" uudelleenviitattu, mutta ei määritelty"
+
+#: plugins/sudoers/visudo.c:1165
+#, c-format
+msgid "Warning: %s:%d %s \"%s\" referenced but not defined"
+msgstr "Varoitus: %s:%d %s \"%s\" uudelleenviitattu, mutta ei määritelty"
+
+#: plugins/sudoers/visudo.c:1318
+#, c-format
+msgid "Warning: %s:%d unused %s \"%s\""
+msgstr "Varoitus: %s:%d käyttämätön %s \"%s\""
+
+#: plugins/sudoers/visudo.c:1433
+#, c-format
+msgid ""
+"%s - safely edit the sudoers file\n"
+"\n"
+msgstr ""
+"%s - muokkaa sudoers-tiedostoa turvallisesti\n"
+"\n"
+
+#: plugins/sudoers/visudo.c:1435
+msgid ""
+"\n"
+"Options:\n"
+"  -c, --check              check-only mode\n"
+"  -f, --file=sudoers       specify sudoers file location\n"
+"  -h, --help               display help message and exit\n"
+"  -q, --quiet              less verbose (quiet) syntax error messages\n"
+"  -s, --strict             strict syntax checking\n"
+"  -V, --version            display version information and exit\n"
+"  -x, --export=output_file write sudoers in JSON format to output_file"
+msgstr ""
+"\n"
+"Valitsimet:\n"
+"  -c, --check              vain tarkistus -tila\n"
+"  -f, --file=sudoers       määrittele sudoers-tiedoston sijainti\n"
+"  -h, --help               näytä opasteteksti ja poistu\n"
+"  -q, --quiet              vähemmän laveat (hiljaiset) syntaksivirheviestit\n"
+"  -s, --strict             tiukka syntaksitarkistus\n"
+"  -V, --version            näytä versiotiedot ja poistu\n"
+"  -x, --export=output_file kirjoita sudoers-tiedosto JSON-muodossa tiedostoon output_file"
+
+#: plugins/sudoers/visudo_json.c:616 plugins/sudoers/visudo_json.c:651
+#, c-format
+msgid "unknown defaults entry \"%s\""
+msgstr "tuntematon oletusrivi \"%s\""
+
+#: plugins/sudoers/visudo_json.c:1007
+#, c-format
+msgid "%s: input and output files must be different"
+msgstr "%s: syöte- ja tulostetiedostojen on oltava erilaiset"
+
+#: toke.l:943
+msgid "too many levels of includes"
+msgstr "liian monta include-tasoa"
+
+#~ msgid "timestamp path too long: %s/%s"
+#~ msgstr "aikaleimapolku on liian pitkä: %s/%s"
+
+#~ msgid "unable to stat editor (%s)"
+#~ msgstr "funktion stat editor (%s) kutsuminen epäonnistui"
+
+#~ msgid "sudo_ldap_conf_add_ports: out of space expanding hostbuf"
+#~ msgstr "sudo_ldap_conf_add_ports: hostbuf-puskuritila loppui"
+
+#~ msgid "sudo_ldap_parse_uri: out of space building hostbuf"
+#~ msgstr "sudo_ldap_parse_uri: hostbuf-puskuritila loppui"
+
+#~ msgid "sudo_ldap_build_pass1 allocation mismatch"
+#~ msgstr "sudo_ldap_build_pass1-varaustäsmäämättömyys"
+
+#~ msgid "Password:"
+#~ msgstr "Salasana:"
+
+#~ msgid "internal error: insufficient space for log line"
+#~ msgstr "sisäinen virhe: riittämättömästi tilaa lokiriville"
+
+#~ msgid "fill_args: buffer overflow"
+#~ msgstr "fill_args: puskuriylivuoto"
+
+#~ msgid "%s: unused %s_Alias %s"
+#~ msgstr "%s: käyttämätön %s_Alias %s"
+
+#~ msgid "%s owned by uid %u, should be uid %u"
+#~ msgstr "%s on uid %u:n omistama, pitäisi olla uid %u:n omistama"
+
+#~ msgid "%s writable by non-owner (0%o), should be mode 0700"
+#~ msgstr "%s on kirjoitettava ei-omistajalle (0%o), pitäisi olla tila 0700"
+
+#~ msgid "%s exists but is not a regular file (0%o)"
+#~ msgstr "%s on olemassa, mutta ei ole tavallinen tiedosto (0%o)"
+
+#~ msgid "%s writable by non-owner (0%o), should be mode 0600"
+#~ msgstr "%s on kirjoitettava ei-omistajalle (0%o), pitäisi olla tila 0600"
+
+#~ msgid "unable to remove %s, will reset to the Unix epoch"
+#~ msgstr "kohteen %s poistaminen epäonnistui, nollaa Unix-ajan"
+
+#~ msgid "unable to reset %s to the Unix epoch"
+#~ msgstr "kohteen %s nollaaminen Unix-ajaksi epäonnistui"
+
+#~ msgid "value out of range"
+#~ msgstr "arvo lukualueen ulkopuolella"
+
+#~ msgid ""
+#~ "\n"
+#~ "Options:\n"
+#~ "  -c, --check      check-only mode\n"
+#~ "  -f, --file=file  specify sudoers file location\n"
+#~ "  -h, --help       display help message and exit\n"
+#~ "  -q, --quiet      less verbose (quiet) syntax error messages\n"
+#~ "  -s, --strict     strict syntax checking\n"
+#~ "  -V, --version    display version information and exit  -x, --export     export sudoers in JSON format"
+#~ msgstr ""
+#~ "\n"
+#~ "Valitsimet:\n"
+#~ "  -c, --check         vain tarkistus -tila\n"
+#~ "  -f, --file=tiedosto määrittele sudoers-tiedoston sijainti\n"
+#~ "  -h, --help          näytä opasteteksti ja poistu\n"
+#~ "  -q, --quiet         vähemmän laveat (hiljaiset) syntaksivirheviestit\n"
+#~ "  -s, --strict        tiukka syntaksitarkistus\n"
+#~ "  -V, --version       näytä versiotiedot ja poistu  -x, --export     vie sudoers-tiedosto JSON-muodossa"
+
+#~ msgid "invalid uri: %s"
+#~ msgstr "virheellinen verkkoresurssin tunnus: %s"
+
+#~ msgid "unable to mix ldaps and starttls"
+#~ msgstr "ldap- ja starttl-kohteiden sekoittaminen epäonnistui"
+
+#~ msgid "writing to standard output"
+#~ msgstr "kirjoitetaan vakiotulosteeseen"
+
+#~ msgid "too many parenthesized expressions, max %d"
+#~ msgstr "liian monta sulkumerkillistä lauseketta, enintään %d"
+
+#~ msgid "unable to setup authentication"
+#~ msgstr "asetustodentaminen epäonnistui"
+
+#~ msgid "getaudit: failed"
+#~ msgstr "getaudit: epäonnistui"
+
+#~ msgid "getauid: failed"
+#~ msgstr "getauid: epäonnistui"
+
+#~ msgid "au_open: failed"
+#~ msgstr "au_open: epäonnistui"
+
+#~ msgid "au_to_subject: failed"
+#~ msgstr "au_to_subject: epäonnistui"
+
+#~ msgid "au_to_exec_args: failed"
+#~ msgstr "au_to_exec_args: epäonnistui"
+
+#~ msgid "au_to_return32: failed"
+#~ msgstr "au_to_return32: epäonnistui"
+
+#~ msgid "au_to_text: failed"
+#~ msgstr "au_to_text: epäonnistui"
+
+#~ msgid "nanosleep: tv_sec %ld, tv_nsec %ld"
+#~ msgstr "nanosleep: tv_sec %ld, tv_nsec %ld"
+
+#~ msgid "pam_chauthtok: %s"
+#~ msgstr "pam_chauthtok: %s"
+
+#~ msgid "pam_authenticate: %s"
+#~ msgstr "pam_authenticate: %s"
+
+#~ msgid "getauid failed"
+#~ msgstr "getauid epäonnistui"
+
+#~ msgid "Unable to dlopen %s: %s"
+#~ msgstr "Funktion dlopen %s kutsuminen epäonnistui: %s"
+
+#~ msgid "invalid regex: %s"
+#~ msgstr "virheellinen säännöllinen lauseke: %s"
+
+#~ msgid ">>> %s: %s near line %d <<<"
+#~ msgstr ">>> %s: %s lähellä riviä %d <<<"
+
+#~ msgid "unable to set locale to \"%s\", using \"C\""
+#~ msgstr "locale-asetuksen ”%s” asettaminen epäonnistui, käytetään ”C”"
+
+#~ msgid ""
+#~ "    Commands:\n"
+#~ "\t"
+#~ msgstr ""
+#~ "    Komennot:\n"
+#~ "\t"
+
+#~ msgid ": "
+#~ msgstr ": "
+
+#~ msgid "unable to cache uid %u (%s), already exists"
+#~ msgstr "käyttäjän uid %u (%s) laittaminen välimuistiin epäonnistui, käyttäjä on jo siellä"
+
+#~ msgid "unable to cache gid %u (%s), already exists"
+#~ msgstr "ryhmän gid %u (%s) laittaminen välimuistiin epäonnistui, ryhmä on jo siellä"
+
+#~ msgid "unable to execute %s: %s"
+#~ msgstr "komennon %s suorittaminen epäonnistui: %s"
+
+#~ msgid "internal error, expand_prompt() overflow"
+#~ msgstr "sisäinen virhe, expand_prompt()-ylivuoto"
+
+#~ msgid "internal error, sudo_setenv2() overflow"
+#~ msgstr "sisäinen virhe, sudo_setenv2()-ylivuoto"
+
+#~ msgid "internal error, sudo_setenv() overflow"
+#~ msgstr "sisäinen virhe, sudo_setenv()-ylivuoto"
+
+#~ msgid "internal error, linux_audit_command() overflow"
+#~ msgstr "sisäinen virhe, linux_audit_command()-ylivuoto"
+
+#~ msgid "internal error, runas_groups overflow"
+#~ msgstr "sisäinen virhe, runas_groups-ylivuoto"
+
+#~ msgid "internal error, init_vars() overflow"
+#~ msgstr "sisäinen virhe, init_vars()-ylivuoto"
+
+#  Parametri on sudoers file
+#~ msgid "fixed mode on %s"
+#~ msgstr "korjattu tila tiedostossa %s"
+
+#  Parametri on suoders file
+#~ msgid "set group on %s"
+#~ msgstr "aseta ryhmä tiedostossa %s"
+
+#~ msgid "unable to fix mode on %s"
+#~ msgstr "tilan korjaaminen tiedostossa %s epäonnistui"
+
+#~ msgid "%s is mode 0%o, should be 0%o"
+#~ msgstr "%s on tila 0%o, pitäisi olla 0%o"
+
+#~ msgid "File containing dummy exec functions: %s"
+#~ msgstr "Tiedosto, joka sisältää vale-exec-funktioita: %s"
+
+#~ msgid ""
+#~ "Available options in a sudoers ``Defaults'' line:\n"
+#~ "\n"
+#~ msgstr ""
+#~ "Käytettävissä olevat valitsimet sudoers ’’Defaults’’ -rivillä:\n"
+#~ "\n"
+
+#~ msgid "%s: %.*s\n"
+#~ msgstr "%s: %.*s\n"
+
+#~ msgid "unable to get runas group vector"
+#~ msgstr "runas-ryhmävektorin hakeminen epäonnistui"
+
+#~ msgid "%s: %s_Alias `%s' references self"
+#~ msgstr "%s: %s_Alias ”%s” viittaa itseensä"
+
+#~ msgid "unable to parse temporary file (%s), unknown error"
+#~ msgstr "tilapäisen tiedoston (%s) jäsentäminen epäonnistui, tuntematon virhe"
diff --git a/plugins/sudoers/po/fr.mo b/plugins/sudoers/po/fr.mo
new file mode 100644
index 0000000..a3a2fee
--- /dev/null
+++ b/plugins/sudoers/po/fr.mo
diff --git a/plugins/sudoers/po/fr.po b/plugins/sudoers/po/fr.po
new file mode 100644
index 0000000..b17259c
--- /dev/null
+++ b/plugins/sudoers/po/fr.po
@@ -0,0 +1,2048 @@
+# This file is put in the public domain.
+# This file is distributed under the same license as the sudo package.
+#
+# Frédéric Hantrais <fhantrais@gmail.com>, 2014, 2015, 2016.
+msgid ""
+msgstr ""
+"Project-Id-Version: sudoers 1.8.15rc3\n"
+"Report-Msgid-Bugs-To: http://www.sudo.ws/bugs\n"
+"POT-Creation-Date: 2015-10-24 06:26-0600\n"
+"PO-Revision-Date: 2016-02-14 08:17-0500\n"
+"Last-Translator: Frédéric Hantrais <fhantrais@gmail.com>\n"
+"Language-Team: French <traduc@traduc.org>\n"
+"Language: fr\n"
+"X-Bugs: Report translation errors to the Language-Team address.\n"
+"MIME-Version: 1.0\n"
+"Content-Type: text/plain; charset=UTF-8\n"
+"Content-Transfer-Encoding: 8bit\n"
+"Plural-Forms: nplurals=2; plural=(n > 1);\n"
+"X-Generator: Lokalize 1.5\n"
+
+#: confstr.sh:1
+msgid "syntax error"
+msgstr "erreur de syntaxe"
+
+#: confstr.sh:2
+msgid "%p's password: "
+msgstr "Mot de passe de %p : "
+
+#: confstr.sh:3
+msgid "[sudo] password for %p: "
+msgstr "[sudo] Mot de passe de %p : "
+
+#: confstr.sh:4
+msgid "Password: "
+msgstr "Mot de passe : "
+
+#: confstr.sh:5
+msgid "*** SECURITY information for %h ***"
+msgstr "*** Informations de sécurité pour %h ***"
+
+#: confstr.sh:6
+msgid "Sorry, try again."
+msgstr "Désolé, essayez de nouveau."
+
+#: gram.y:183 gram.y:201 gram.y:207 gram.y:213 gram.y:219 gram.y:225
+#: gram.y:241 gram.y:248 gram.y:255 gram.y:262 gram.y:269 gram.y:285
+#: gram.y:308 gram.y:315 gram.y:322 gram.y:329 gram.y:336 gram.y:391
+#: gram.y:399 gram.y:409 gram.y:439 gram.y:446 gram.y:453 gram.y:460
+#: gram.y:572 gram.y:579 gram.y:588 gram.y:597 gram.y:614 gram.y:670
+#: gram.y:677 gram.y:684 gram.y:692 gram.y:784 gram.y:791 gram.y:798
+#: gram.y:805 gram.y:812 gram.y:838 gram.y:845 gram.y:852 gram.y:1136
+#: gram.y:1143 plugins/sudoers/alias.c:123 plugins/sudoers/alias.c:136
+#: plugins/sudoers/auth/bsdauth.c:141 plugins/sudoers/auth/kerb5.c:119
+#: plugins/sudoers/auth/kerb5.c:145 plugins/sudoers/auth/pam.c:398
+#: plugins/sudoers/auth/pam.c:449 plugins/sudoers/auth/rfc1938.c:109
+#: plugins/sudoers/auth/sia.c:59 plugins/sudoers/defaults.c:516
+#: plugins/sudoers/defaults.c:720 plugins/sudoers/defaults.c:880
+#: plugins/sudoers/editor.c:64 plugins/sudoers/editor.c:82
+#: plugins/sudoers/editor.c:92 plugins/sudoers/env.c:233
+#: plugins/sudoers/group_plugin.c:133 plugins/sudoers/iolog.c:586
+#: plugins/sudoers/iolog.c:618 plugins/sudoers/iolog_path.c:167
+#: plugins/sudoers/ldap.c:446 plugins/sudoers/ldap.c:477
+#: plugins/sudoers/ldap.c:529 plugins/sudoers/ldap.c:562
+#: plugins/sudoers/ldap.c:914 plugins/sudoers/ldap.c:1061
+#: plugins/sudoers/ldap.c:1348 plugins/sudoers/ldap.c:1521
+#: plugins/sudoers/ldap.c:1597 plugins/sudoers/ldap.c:1733
+#: plugins/sudoers/ldap.c:1757 plugins/sudoers/ldap.c:1787
+#: plugins/sudoers/ldap.c:1840 plugins/sudoers/ldap.c:1855
+#: plugins/sudoers/ldap.c:1951 plugins/sudoers/ldap.c:1984
+#: plugins/sudoers/ldap.c:2137 plugins/sudoers/ldap.c:2234
+#: plugins/sudoers/ldap.c:3041 plugins/sudoers/ldap.c:3074
+#: plugins/sudoers/ldap.c:3388 plugins/sudoers/ldap.c:3416
+#: plugins/sudoers/ldap.c:3427 plugins/sudoers/ldap.c:3517
+#: plugins/sudoers/ldap.c:3533 plugins/sudoers/linux_audit.c:76
+#: plugins/sudoers/logging.c:188 plugins/sudoers/logging.c:666
+#: plugins/sudoers/logging.c:924 plugins/sudoers/match.c:501
+#: plugins/sudoers/match.c:537 plugins/sudoers/match.c:699
+#: plugins/sudoers/match.c:756 plugins/sudoers/parse.c:235
+#: plugins/sudoers/parse.c:247 plugins/sudoers/parse.c:262
+#: plugins/sudoers/parse.c:274 plugins/sudoers/policy.c:384
+#: plugins/sudoers/policy.c:583 plugins/sudoers/prompt.c:93
+#: plugins/sudoers/sssd.c:160 plugins/sudoers/sssd.c:192
+#: plugins/sudoers/sssd.c:235 plugins/sudoers/sssd.c:242
+#: plugins/sudoers/sssd.c:278 plugins/sudoers/sssd.c:323
+#: plugins/sudoers/sssd.c:917 plugins/sudoers/sssd.c:1050
+#: plugins/sudoers/sudoers.c:159 plugins/sudoers/sudoers.c:294
+#: plugins/sudoers/sudoers.c:304 plugins/sudoers/sudoers.c:312
+#: plugins/sudoers/sudoers.c:365 plugins/sudoers/sudoers.c:663
+#: plugins/sudoers/sudoers.c:749 plugins/sudoers/sudoers.c:793
+#: plugins/sudoers/sudoers_debug.c:107 plugins/sudoers/sudoreplay.c:472
+#: plugins/sudoers/sudoreplay.c:668 plugins/sudoers/sudoreplay.c:780
+#: plugins/sudoers/sudoreplay.c:820 plugins/sudoers/sudoreplay.c:829
+#: plugins/sudoers/sudoreplay.c:839 plugins/sudoers/sudoreplay.c:847
+#: plugins/sudoers/sudoreplay.c:851 plugins/sudoers/sudoreplay.c:1007
+#: plugins/sudoers/sudoreplay.c:1011 plugins/sudoers/testsudoers.c:130
+#: plugins/sudoers/testsudoers.c:188 plugins/sudoers/testsudoers.c:215
+#: plugins/sudoers/testsudoers.c:232 plugins/sudoers/timestamp.c:390
+#: plugins/sudoers/timestamp.c:426 plugins/sudoers/timestamp.c:838
+#: plugins/sudoers/toke_util.c:56 plugins/sudoers/toke_util.c:109
+#: plugins/sudoers/toke_util.c:147 plugins/sudoers/visudo.c:152
+#: plugins/sudoers/visudo.c:213 plugins/sudoers/visudo.c:297
+#: plugins/sudoers/visudo.c:303 plugins/sudoers/visudo.c:433
+#: plugins/sudoers/visudo.c:979 plugins/sudoers/visudo.c:1023
+#: plugins/sudoers/visudo.c:1119 toke.l:785 toke.l:806 toke.l:816 toke.l:924
+#: toke.l:1082
+msgid "unable to allocate memory"
+msgstr "impossible d'allouer la mémoire"
+
+#: gram.y:471
+msgid "a digest requires a path name"
+msgstr "un résumé (digest) nécessite un chemin d'accès"
+
+#: gram.y:1136 gram.y:1143 plugins/sudoers/auth/pam.c:398
+#: plugins/sudoers/auth/pam.c:449 plugins/sudoers/auth/rfc1938.c:109
+#: plugins/sudoers/defaults.c:516 plugins/sudoers/defaults.c:720
+#: plugins/sudoers/defaults.c:880 plugins/sudoers/editor.c:64
+#: plugins/sudoers/editor.c:82 plugins/sudoers/editor.c:92
+#: plugins/sudoers/env.c:233 plugins/sudoers/group_plugin.c:133
+#: plugins/sudoers/iolog.c:586 plugins/sudoers/iolog.c:618
+#: plugins/sudoers/iolog_path.c:167 plugins/sudoers/ldap.c:446
+#: plugins/sudoers/ldap.c:477 plugins/sudoers/ldap.c:529
+#: plugins/sudoers/ldap.c:562 plugins/sudoers/ldap.c:914
+#: plugins/sudoers/ldap.c:1061 plugins/sudoers/ldap.c:1348
+#: plugins/sudoers/ldap.c:1521 plugins/sudoers/ldap.c:1597
+#: plugins/sudoers/ldap.c:1733 plugins/sudoers/ldap.c:1757
+#: plugins/sudoers/ldap.c:1787 plugins/sudoers/ldap.c:1840
+#: plugins/sudoers/ldap.c:1855 plugins/sudoers/ldap.c:1951
+#: plugins/sudoers/ldap.c:1984 plugins/sudoers/ldap.c:2137
+#: plugins/sudoers/ldap.c:2234 plugins/sudoers/ldap.c:3041
+#: plugins/sudoers/ldap.c:3074 plugins/sudoers/ldap.c:3388
+#: plugins/sudoers/ldap.c:3416 plugins/sudoers/ldap.c:3427
+#: plugins/sudoers/ldap.c:3517 plugins/sudoers/ldap.c:3533
+#: plugins/sudoers/linux_audit.c:76 plugins/sudoers/logging.c:188
+#: plugins/sudoers/logging.c:924 plugins/sudoers/match.c:501
+#: plugins/sudoers/match.c:537 plugins/sudoers/match.c:699
+#: plugins/sudoers/match.c:756 plugins/sudoers/parse.c:235
+#: plugins/sudoers/parse.c:247 plugins/sudoers/parse.c:262
+#: plugins/sudoers/parse.c:274 plugins/sudoers/policy.c:97
+#: plugins/sudoers/policy.c:106 plugins/sudoers/policy.c:115
+#: plugins/sudoers/policy.c:139 plugins/sudoers/policy.c:250
+#: plugins/sudoers/policy.c:271 plugins/sudoers/policy.c:280
+#: plugins/sudoers/policy.c:319 plugins/sudoers/policy.c:329
+#: plugins/sudoers/policy.c:338 plugins/sudoers/policy.c:384
+#: plugins/sudoers/policy.c:583 plugins/sudoers/prompt.c:93
+#: plugins/sudoers/set_perms.c:356 plugins/sudoers/set_perms.c:695
+#: plugins/sudoers/set_perms.c:1054 plugins/sudoers/set_perms.c:1350
+#: plugins/sudoers/set_perms.c:1514 plugins/sudoers/sssd.c:160
+#: plugins/sudoers/sssd.c:192 plugins/sudoers/sssd.c:235
+#: plugins/sudoers/sssd.c:242 plugins/sudoers/sssd.c:278
+#: plugins/sudoers/sssd.c:323 plugins/sudoers/sssd.c:917
+#: plugins/sudoers/sssd.c:1050 plugins/sudoers/sudoers.c:159
+#: plugins/sudoers/sudoers.c:294 plugins/sudoers/sudoers.c:304
+#: plugins/sudoers/sudoers.c:312 plugins/sudoers/sudoers.c:365
+#: plugins/sudoers/sudoers.c:663 plugins/sudoers/sudoers.c:749
+#: plugins/sudoers/sudoers.c:793 plugins/sudoers/sudoers_debug.c:106
+#: plugins/sudoers/sudoreplay.c:472 plugins/sudoers/sudoreplay.c:668
+#: plugins/sudoers/sudoreplay.c:780 plugins/sudoers/sudoreplay.c:820
+#: plugins/sudoers/sudoreplay.c:829 plugins/sudoers/sudoreplay.c:839
+#: plugins/sudoers/sudoreplay.c:847 plugins/sudoers/sudoreplay.c:851
+#: plugins/sudoers/sudoreplay.c:1007 plugins/sudoers/sudoreplay.c:1011
+#: plugins/sudoers/testsudoers.c:130 plugins/sudoers/testsudoers.c:188
+#: plugins/sudoers/testsudoers.c:215 plugins/sudoers/testsudoers.c:232
+#: plugins/sudoers/timestamp.c:390 plugins/sudoers/timestamp.c:426
+#: plugins/sudoers/timestamp.c:838 plugins/sudoers/toke_util.c:56
+#: plugins/sudoers/toke_util.c:109 plugins/sudoers/toke_util.c:147
+#: plugins/sudoers/visudo.c:152 plugins/sudoers/visudo.c:213
+#: plugins/sudoers/visudo.c:297 plugins/sudoers/visudo.c:303
+#: plugins/sudoers/visudo.c:433 plugins/sudoers/visudo.c:979
+#: plugins/sudoers/visudo.c:1023 plugins/sudoers/visudo.c:1119 toke.l:785
+#: toke.l:806 toke.l:816 toke.l:924 toke.l:1082
+#, c-format
+msgid "%s: %s"
+msgstr "%s : %s"
+
+#: plugins/sudoers/alias.c:132
+#, c-format
+msgid "Alias `%s' already defined"
+msgstr "L'alias « %s » est déjà défini"
+
+#: plugins/sudoers/auth/bsdauth.c:68
+#, c-format
+msgid "unable to get login class for user %s"
+msgstr "récupération de la classe de connexion impossible pour l'utilisateur %s"
+
+#: plugins/sudoers/auth/bsdauth.c:73
+msgid "unable to begin bsd authentication"
+msgstr "démarrage de l'authentification bsd impossible"
+
+#: plugins/sudoers/auth/bsdauth.c:81
+msgid "invalid authentication type"
+msgstr "type d'authentification non valide"
+
+#: plugins/sudoers/auth/bsdauth.c:90
+msgid "unable to initialize BSD authentication"
+msgstr "démarrage de l'authentification BSD impossible"
+
+#: plugins/sudoers/auth/fwtk.c:52
+msgid "unable to read fwtk config"
+msgstr "lecture de la configuration fwtk (firewall) impossible"
+
+#: plugins/sudoers/auth/fwtk.c:57
+msgid "unable to connect to authentication server"
+msgstr "connexion au serveur d'authentification impossible"
+
+#: plugins/sudoers/auth/fwtk.c:63 plugins/sudoers/auth/fwtk.c:87
+#: plugins/sudoers/auth/fwtk.c:120
+msgid "lost connection to authentication server"
+msgstr "perte de la connexion au serveur d'authentification"
+
+#: plugins/sudoers/auth/fwtk.c:67
+#, c-format
+msgid ""
+"authentication server error:\n"
+"%s"
+msgstr ""
+"erreur du serveur d'authentification :\n"
+"%s"
+
+#: plugins/sudoers/auth/kerb5.c:111
+#, c-format
+msgid "%s: unable to convert principal to string ('%s'): %s"
+msgstr "%s : conversion de l'identité de l'hôte en chaîne de caractères impossible(« %s ») : %s"
+
+#: plugins/sudoers/auth/kerb5.c:161
+#, c-format
+msgid "%s: unable to parse '%s': %s"
+msgstr "%s : analyse grammaticale (parse) de « %s » impossible : %s"
+
+#: plugins/sudoers/auth/kerb5.c:170
+#, c-format
+msgid "%s: unable to resolve credential cache: %s"
+msgstr "%s : accès au cache des données d'identification impossible : %s"
+
+#: plugins/sudoers/auth/kerb5.c:217
+#, c-format
+msgid "%s: unable to allocate options: %s"
+msgstr "%s : allocation des options impossible : %s"
+
+#: plugins/sudoers/auth/kerb5.c:232
+#, c-format
+msgid "%s: unable to get credentials: %s"
+msgstr "%s : récupération des données d'identification impossible : %s"
+
+#: plugins/sudoers/auth/kerb5.c:245
+#, c-format
+msgid "%s: unable to initialize credential cache: %s"
+msgstr "%s : initialisation du cache des données d'identification impossible : %s"
+
+#: plugins/sudoers/auth/kerb5.c:248
+#, c-format
+msgid "%s: unable to store credential in cache: %s"
+msgstr "%s : enregistrement des données d'identification dans le cache impossible : %s"
+
+#: plugins/sudoers/auth/kerb5.c:312
+#, c-format
+msgid "%s: unable to get host principal: %s"
+msgstr "%s : récupération de l'identité kerberos de l'hôte (host \"\"principal) impossible : %s"
+
+#: plugins/sudoers/auth/kerb5.c:326
+#, c-format
+msgid "%s: Cannot verify TGT! Possible attack!: %s"
+msgstr "%s : vérification du ticket TGT impossible ! Il s'agit peut-être d'une attaque ! : %s"
+
+#: plugins/sudoers/auth/pam.c:92
+msgid "unable to initialize PAM"
+msgstr "initialisation du module PAM impossible"
+
+#: plugins/sudoers/auth/pam.c:164
+msgid "account validation failure, is your account locked?"
+msgstr "la validation du compte a échoué, vérifiez que le compte n'est pas verrouillé. "
+
+#: plugins/sudoers/auth/pam.c:168
+msgid "Account or password is expired, reset your password and try again"
+msgstr "Le compte ou le mot de passe a expiré, réinitialisez votre mot de passe puis réessayez de vous connecter"
+
+#: plugins/sudoers/auth/pam.c:176
+#, c-format
+msgid "unable to change expired password: %s"
+msgstr "changement du mot de passe expiré impossible : %s"
+
+#: plugins/sudoers/auth/pam.c:181
+msgid "Password expired, contact your system administrator"
+msgstr "Le mot de passe a expiré, contactez votre administrateur système"
+
+#: plugins/sudoers/auth/pam.c:185
+msgid "Account expired or PAM config lacks an \"account\" section for sudo, contact your system administrator"
+msgstr "Le compte a expiré, ou la section « account » du module PAM n'est pas renseignée pour sudo, contactez votre administrateur système"
+
+#: plugins/sudoers/auth/pam.c:199
+#, c-format
+msgid "PAM authentication error: %s"
+msgstr "Erreur du serveur d'authentification PAM : %s"
+
+#: plugins/sudoers/auth/rfc1938.c:97 plugins/sudoers/visudo.c:218
+#, c-format
+msgid "you do not exist in the %s database"
+msgstr "votre compte n'existe pas dans la base de données %s"
+
+#: plugins/sudoers/auth/securid5.c:73
+msgid "failed to initialise the ACE API library"
+msgstr "échec de l'initialisation de la bibliothèque d'API ACE"
+
+#: plugins/sudoers/auth/securid5.c:99
+msgid "unable to contact the SecurID server"
+msgstr "le contact avec le serveur SecurID n'a pas pu être établi"
+
+#: plugins/sudoers/auth/securid5.c:108
+msgid "User ID locked for SecurID Authentication"
+msgstr "échec de l'authentification SecurId, l'identifiant de l'utilisateur est verrouillé"
+
+#: plugins/sudoers/auth/securid5.c:112 plugins/sudoers/auth/securid5.c:163
+msgid "invalid username length for SecurID"
+msgstr "la longueur du nom de l'utilisateur n'est pas conforme aux règles fixées pour SecurID"
+
+#: plugins/sudoers/auth/securid5.c:116 plugins/sudoers/auth/securid5.c:168
+msgid "invalid Authentication Handle for SecurID"
+msgstr "le mode de traitement de l'authentification n'est pas accepté par SecurID"
+
+#: plugins/sudoers/auth/securid5.c:120
+msgid "SecurID communication failed"
+msgstr "la communication avec SecurID a échoué"
+
+#: plugins/sudoers/auth/securid5.c:124 plugins/sudoers/auth/securid5.c:207
+msgid "unknown SecurID error"
+msgstr "erreur SecurID non identifiée"
+
+#: plugins/sudoers/auth/securid5.c:158
+msgid "invalid passcode length for SecurID"
+msgstr "la longueur du mot de passe n'est pas conforme aux règles fixées pour SecurID"
+
+#: plugins/sudoers/auth/sia.c:69 plugins/sudoers/auth/sia.c:124
+msgid "unable to initialize SIA session"
+msgstr "initialisation de la session SIA impossible"
+
+#: plugins/sudoers/auth/sudo_auth.c:126
+msgid "invalid authentication methods"
+msgstr "méthodes d'authentification invalides"
+
+#: plugins/sudoers/auth/sudo_auth.c:128
+msgid "Invalid authentication methods compiled into sudo!  You may not mix standalone and non-standalone authentication."
+msgstr "Méthodes d'authentification non valides compilées dans sudo ! La combinaison d'authentifications autonomes et non-autonomes n'est pas permise."
+
+#: plugins/sudoers/auth/sudo_auth.c:225 plugins/sudoers/auth/sudo_auth.c:274
+msgid "no authentication methods"
+msgstr "Pas de méthodes d'authentification"
+
+#: plugins/sudoers/auth/sudo_auth.c:227
+msgid "There are no authentication methods compiled into sudo!  If you want to turn off authentication, use the --disable-authentication configure option."
+msgstr "Aucune méthode d'authentification compilée dans sudo ! Si vous souhaitez désactiver l'authentification, utilisez l'option de configuration --disable-authentication"
+
+#: plugins/sudoers/auth/sudo_auth.c:276
+msgid "Unable to initialize authentication methods."
+msgstr "Initialisation des méthodes d'authentification impossible."
+
+#: plugins/sudoers/auth/sudo_auth.c:435
+msgid "Authentication methods:"
+msgstr "Méthodes d'authentification : "
+
+#: plugins/sudoers/bsm_audit.c:111 plugins/sudoers/bsm_audit.c:200
+msgid "Could not determine audit condition"
+msgstr "Identification de la condition d'audit impossible"
+
+#: plugins/sudoers/bsm_audit.c:172 plugins/sudoers/bsm_audit.c:260
+msgid "unable to commit audit record"
+msgstr "impossible d'enregistrer l'enregistrement d'audit"
+
+#: plugins/sudoers/check.c:252
+msgid ""
+"\n"
+"We trust you have received the usual lecture from the local System\n"
+"Administrator. It usually boils down to these three things:\n"
+"\n"
+"    #1) Respect the privacy of others.\n"
+"    #2) Think before you type.\n"
+"    #3) With great power comes great responsibility.\n"
+"\n"
+msgstr ""
+"\n"
+"Nous espérons que vous avez reçu de votre administrateur système local les consignes traditionnelles. Généralement, elles se concentrent sur ces trois éléments :\n"
+"\n"
+"    #1) Respectez la vie privée des autres.\n"
+"    #2) Réfléchissez avant d'utiliser le clavier.\n"
+"    #3) De grands pouvoirs confèrent de grandes responsabilités.\n"
+"\n"
+
+#: plugins/sudoers/check.c:295 plugins/sudoers/check.c:305
+#: plugins/sudoers/sudoers.c:699 plugins/sudoers/sudoers.c:728
+#, c-format
+msgid "unknown uid: %u"
+msgstr "identifiant utilisateur inconnu : %u"
+
+#: plugins/sudoers/check.c:300 plugins/sudoers/policy.c:755
+#: plugins/sudoers/sudoers.c:1095 plugins/sudoers/testsudoers.c:206
+#: plugins/sudoers/testsudoers.c:361
+#, c-format
+msgid "unknown user: %s"
+msgstr "utilisateur inconnu : %s"
+
+#: plugins/sudoers/def_data.c:27
+#, c-format
+msgid "Syslog facility if syslog is being used for logging: %s"
+msgstr "Mécanisme syslog (si syslog est utilisé pour la journalisation des événements) : %s "
+
+#: plugins/sudoers/def_data.c:31
+#, c-format
+msgid "Syslog priority to use when user authenticates successfully: %s"
+msgstr "Priorité syslog utilisée lorsque l'authentification de l'utilisateur est réussie : %s"
+
+#: plugins/sudoers/def_data.c:35
+#, c-format
+msgid "Syslog priority to use when user authenticates unsuccessfully: %s"
+msgstr "Priorité Syslog utilisée lorsque l'authentification de l'utilisateur a échoué : %s"
+
+#: plugins/sudoers/def_data.c:39
+msgid "Put OTP prompt on its own line"
+msgstr "Présentation de l'invite OTP sur une ligne distincte"
+
+#: plugins/sudoers/def_data.c:43
+msgid "Ignore '.' in $PATH"
+msgstr "Ne pas tenir compte de « . » dans $PATH"
+
+#: plugins/sudoers/def_data.c:47
+msgid "Always send mail when sudo is run"
+msgstr "Envoi d'un courriel à chaque exécution de sudo"
+
+#: plugins/sudoers/def_data.c:51
+msgid "Send mail if user authentication fails"
+msgstr "Envoi d'un courriel lorsqu'une authentification échoue"
+
+#: plugins/sudoers/def_data.c:55
+msgid "Send mail if the user is not in sudoers"
+msgstr "Envoi d'un courriel si l'utilisateur ne figure pas dans sudoers"
+
+#: plugins/sudoers/def_data.c:59
+msgid "Send mail if the user is not in sudoers for this host"
+msgstr "Envoi d'un courriel si l'utilisateur ne figure pas dans sudoers pour l'hôte sur lequel sudo est exécuté"
+
+#: plugins/sudoers/def_data.c:63
+msgid "Send mail if the user is not allowed to run a command"
+msgstr "Envoi d'un courriel si l'utilisateur n'est pas autorisé à exécuter une commande"
+
+#: plugins/sudoers/def_data.c:67
+msgid "Send mail if the user tries to run a command"
+msgstr "Envoi d'un courriel si l'utilisateur tente d'exécuter une commande"
+
+#: plugins/sudoers/def_data.c:71
+msgid "Use a separate timestamp for each user/tty combo"
+msgstr "Utilisation d'un horodatage distinct pour chaque couple utilisateur/terminal (user/tty)"
+
+#: plugins/sudoers/def_data.c:75
+msgid "Lecture user the first time they run sudo"
+msgstr "Adresse les recommandations d'usage à l'utilisateur lors de la première exécution de sudo"
+
+#: plugins/sudoers/def_data.c:79
+#, c-format
+msgid "File containing the sudo lecture: %s"
+msgstr "Fichier contenant les recommandations sur l'usage de sudo : %s"
+
+#: plugins/sudoers/def_data.c:83
+msgid "Require users to authenticate by default"
+msgstr "Exige l'authentification de l'utilisateur par défaut"
+
+#: plugins/sudoers/def_data.c:87
+msgid "Root may run sudo"
+msgstr "L'utilisateur root peut exécuter sudo"
+
+#: plugins/sudoers/def_data.c:91
+msgid "Log the hostname in the (non-syslog) log file"
+msgstr "Consignation du nom de l'hôte dans le fichier de journalisation (qui n'est pas syslog)"
+
+#: plugins/sudoers/def_data.c:95
+msgid "Log the year in the (non-syslog) log file"
+msgstr "Consignation de l'année dans le fichier de journalisation (qui n'est pas syslog)"
+
+#: plugins/sudoers/def_data.c:99
+msgid "If sudo is invoked with no arguments, start a shell"
+msgstr "démarrage d'un interpréteur de commande lorsque sudo est lancé sans argument"
+
+#: plugins/sudoers/def_data.c:103
+msgid "Set $HOME to the target user when starting a shell with -s"
+msgstr "Assignation à $HOME du répertoire de l'utilisateur cible lorsque l'interpréteur de commandes est lancé avec l'option -s"
+
+#: plugins/sudoers/def_data.c:107
+msgid "Always set $HOME to the target user's home directory"
+msgstr "Assignation systématique à $HOME du répertoire personnel de l'utilisateur cible"
+
+#: plugins/sudoers/def_data.c:111
+msgid "Allow some information gathering to give useful error messages"
+msgstr "Autorise la collecte de certaines informations dans le but d'afficher des messages d'erreurs pertinents"
+
+#: plugins/sudoers/def_data.c:115
+msgid "Require fully-qualified hostnames in the sudoers file"
+msgstr "Exige l'emploi du nom complet (fully qualified) de l'ordinateur dans le fichier sudoers"
+
+#: plugins/sudoers/def_data.c:119
+msgid "Insult the user when they enter an incorrect password"
+msgstr "Sermonne l'utilisateur lorsqu'un mot de passe incorrect est saisi"
+
+#: plugins/sudoers/def_data.c:123
+msgid "Only allow the user to run sudo if they have a tty"
+msgstr "Autorise l'utilisateur à exécuter sudo seulement à la condition qu'il dispose d'un terminal tty"
+
+#: plugins/sudoers/def_data.c:127
+msgid "Visudo will honor the EDITOR environment variable"
+msgstr "Visudo se conformera au contenu de la variable d'environnement EDITOR"
+
+#: plugins/sudoers/def_data.c:131
+msgid "Prompt for root's password, not the users's"
+msgstr "Demande de la saisie du mot de passe de root et non de celui de l'utilisateur"
+
+#: plugins/sudoers/def_data.c:135
+msgid "Prompt for the runas_default user's password, not the users's"
+msgstr "Demande de la saisie du mot de passe runas_default de l'utilisateur et non de son propre mot de passe"
+
+#: plugins/sudoers/def_data.c:139
+msgid "Prompt for the target user's password, not the users's"
+msgstr "Demande de la saisie du mot de passe de l'utilisateur cible et non de celui de l'utilisateur exécutant la commande"
+
+#: plugins/sudoers/def_data.c:143
+msgid "Apply defaults in the target user's login class if there is one"
+msgstr "Utilisation des paramètres par défaut de la classe de connexion de l'utilisateur cible (lorsqu'elle existe)"
+
+#: plugins/sudoers/def_data.c:147
+msgid "Set the LOGNAME and USER environment variables"
+msgstr "Affectation les variables d'environnement LOGNAME et USER"
+
+#: plugins/sudoers/def_data.c:151
+msgid "Only set the effective uid to the target user, not the real uid"
+msgstr "Attribution de l'identifiant utilisateur (UID) effectif à l'utilisateur cible, et non l'identifiant réel."
+
+#: plugins/sudoers/def_data.c:155
+msgid "Don't initialize the group vector to that of the target user"
+msgstr "N'initialise pas le vecteur de groupe avec les valeurs de l'utilisateur cible"
+
+#: plugins/sudoers/def_data.c:159
+#, c-format
+msgid "Length at which to wrap log file lines (0 for no wrap): %u"
+msgstr "Longueur après laquelle intercaler un retour à la ligne (0 indique qu'il n'y a pas de retour à la ligne) : %u"
+
+#: plugins/sudoers/def_data.c:163
+#, c-format
+msgid "Authentication timestamp timeout: %.1f minutes"
+msgstr "Délai d'expiration de l'horodatage de l'authentification : %.1f minutes"
+
+#: plugins/sudoers/def_data.c:167
+#, c-format
+msgid "Password prompt timeout: %.1f minutes"
+msgstr "Délai d'expiration de l'invite de saisie de mot de passe : %.1f minutes"
+
+#: plugins/sudoers/def_data.c:171
+#, c-format
+msgid "Number of tries to enter a password: %u"
+msgstr "Nombre de tentatives de saisie du mot de passe : %u"
+
+#: plugins/sudoers/def_data.c:175
+#, c-format
+msgid "Umask to use or 0777 to use user's: 0%o"
+msgstr "Umask à utiliser, ou 0777 pour hériter de celui de l'utilisateur : 0%o"
+
+#: plugins/sudoers/def_data.c:179
+#, c-format
+msgid "Path to log file: %s"
+msgstr "Emplacement du fichier de journalisation : %s"
+
+#: plugins/sudoers/def_data.c:183
+#, c-format
+msgid "Path to mail program: %s"
+msgstr "Emplacement du programme d'envoi de courriel : %s"
+
+#: plugins/sudoers/def_data.c:187
+#, c-format
+msgid "Flags for mail program: %s"
+msgstr "Attributs à affecter au programme d'envoi de courriel : %s"
+
+#: plugins/sudoers/def_data.c:191
+#, c-format
+msgid "Address to send mail to: %s"
+msgstr "Adresse du destinataire des courriels : %s"
+
+#: plugins/sudoers/def_data.c:195
+#, c-format
+msgid "Address to send mail from: %s"
+msgstr "Adresse de l'expéditeur des courriels : %s"
+
+#: plugins/sudoers/def_data.c:199
+#, c-format
+msgid "Subject line for mail messages: %s"
+msgstr "Champ objet des courriels envoyés : %s"
+
+#: plugins/sudoers/def_data.c:203
+#, c-format
+msgid "Incorrect password message: %s"
+msgstr "Message informant de la saisie d'un mot de passe incorrect : %s"
+
+#: plugins/sudoers/def_data.c:207
+#, c-format
+msgid "Path to lecture status dir: %s"
+msgstr "Répertoire contenant l'attestation que l'utilisateur a déjà reçu les recommandations : %s"
+
+#: plugins/sudoers/def_data.c:211
+#, c-format
+msgid "Path to authentication timestamp dir: %s"
+msgstr "Répertoire contenant l'horodatage de l'authentification : %s"
+
+#: plugins/sudoers/def_data.c:215
+#, c-format
+msgid "Owner of the authentication timestamp dir: %s"
+msgstr "Propriétaire du répertoire contenant l'horodatage de l'authentification : %s"
+
+#: plugins/sudoers/def_data.c:219
+#, c-format
+msgid "Users in this group are exempt from password and PATH requirements: %s"
+msgstr "Les utilisateurs de ce groupe sont affranchis des contraintes relatives au mot de passe et à PATH : %s"
+
+#: plugins/sudoers/def_data.c:223
+#, c-format
+msgid "Default password prompt: %s"
+msgstr "Invite de mot de passe par défaut : %s"
+
+#: plugins/sudoers/def_data.c:227
+msgid "If set, passprompt will override system prompt in all cases."
+msgstr "S'il est défini, passprompt se substituera toujours à l'invite du système."
+
+#: plugins/sudoers/def_data.c:231
+#, c-format
+msgid "Default user to run commands as: %s"
+msgstr "Utilisateur par défaut avec l'identité duquel exécuter les commandes : %s"
+
+#: plugins/sudoers/def_data.c:235
+#, c-format
+msgid "Value to override user's $PATH with: %s"
+msgstr "Nouvelle valeur prise par la variable $PATH de l'utilisateur : %s"
+
+#: plugins/sudoers/def_data.c:239
+#, c-format
+msgid "Path to the editor for use by visudo: %s"
+msgstr "Emplacement de l'éditeur appelé par visudo : %s"
+
+#: plugins/sudoers/def_data.c:243
+#, c-format
+msgid "When to require a password for 'list' pseudocommand: %s"
+msgstr "Quand demander un mot de passe pour l'usage des pseudo commandes de « list » : %s"
+
+#: plugins/sudoers/def_data.c:247
+#, c-format
+msgid "When to require a password for 'verify' pseudocommand: %s"
+msgstr "Quand demander un mot de passe pour l'utilisation des pseudo commandes de « verify » : %s"
+
+#: plugins/sudoers/def_data.c:251
+msgid "Preload the dummy exec functions contained in the sudo_noexec library"
+msgstr "Préchargement des fonctions d'exécution « à blanc » contenues dans la bibliothèque sudo_noexec"
+
+#: plugins/sudoers/def_data.c:255
+msgid "If LDAP directory is up, do we ignore local sudoers file"
+msgstr "Si un annuaire LDAP est actif, faut-il tenir compter du fichier sudoers local"
+
+#: plugins/sudoers/def_data.c:259
+#, c-format
+msgid "File descriptors >= %d will be closed before executing a command"
+msgstr "Les descripteurs de fichiers >= %d seront fermés avant l'exécution d'une commande"
+
+#: plugins/sudoers/def_data.c:263
+msgid "If set, users may override the value of `closefrom' with the -C option"
+msgstr "Si elle est définie, les utilisateurs peuvent passer outre la valeur de « closeform » grâce à l'option -C"
+
+#: plugins/sudoers/def_data.c:267
+msgid "Allow users to set arbitrary environment variables"
+msgstr "Autorise les utilisateurs à définir des variables d'environnement arbitraires"
+
+#: plugins/sudoers/def_data.c:271
+msgid "Reset the environment to a default set of variables"
+msgstr "Réinitialise l'environnement à un jeu de variables par défaut"
+
+#: plugins/sudoers/def_data.c:275
+msgid "Environment variables to check for sanity:"
+msgstr "Variables d'environnement à valider pour s'assurer du bon fonctionnement :"
+
+#: plugins/sudoers/def_data.c:279
+msgid "Environment variables to remove:"
+msgstr "Variables d'environnement à supprimer :"
+
+#: plugins/sudoers/def_data.c:283
+msgid "Environment variables to preserve:"
+msgstr "Variables d'environnement à conserver : "
+
+#: plugins/sudoers/def_data.c:287
+#, c-format
+msgid "SELinux role to use in the new security context: %s"
+msgstr "Rôle SELinux à utiliser dans le nouveau contexte de sécurité : %s"
+
+#: plugins/sudoers/def_data.c:291
+#, c-format
+msgid "SELinux type to use in the new security context: %s"
+msgstr "Type SELinux à utiliser dans le nouveau contexte de sécurité : %s"
+
+#: plugins/sudoers/def_data.c:295
+#, c-format
+msgid "Path to the sudo-specific environment file: %s"
+msgstr "Emplacement du fichiers d'environnement propre à sudo : %s"
+
+#: plugins/sudoers/def_data.c:299
+#, c-format
+msgid "Locale to use while parsing sudoers: %s"
+msgstr "Localisation à utiliser lors du traitement de sudoers : %s"
+
+#: plugins/sudoers/def_data.c:303
+msgid "Allow sudo to prompt for a password even if it would be visible"
+msgstr "Autoriser sudo à demander la saisie d'un mot de passe même lorsque celui-ci sera affiché « en clair »"
+
+#: plugins/sudoers/def_data.c:307
+msgid "Provide visual feedback at the password prompt when there is user input"
+msgstr "Afficher un contrôle visuel lors de la saisie du mot de passe"
+
+#: plugins/sudoers/def_data.c:311
+msgid "Use faster globbing that is less accurate but does not access the filesystem"
+msgstr "Utilisation du développement rapide des noms de fichiers, qui est moins fiable, mais ne nécessite pas d'accès au système de fichiers"
+
+#: plugins/sudoers/def_data.c:315
+msgid "The umask specified in sudoers will override the user's, even if it is more permissive"
+msgstr "L'umask indiqué dans sudoers se substituera à celui de l'utilisateur, même s'il est plus permissif"
+
+#: plugins/sudoers/def_data.c:319
+msgid "Log user's input for the command being run"
+msgstr "Consignation des saisies des utilisateur dans le journal pour la commande en cours d'exécution"
+
+#: plugins/sudoers/def_data.c:323
+msgid "Log the output of the command being run"
+msgstr "Consignation du retour de la commande en cours d'exécution dans le journal"
+
+#: plugins/sudoers/def_data.c:327
+msgid "Compress I/O logs using zlib"
+msgstr "Compression des informations renvoyées par les opérations d'E/S avec zlib"
+
+#: plugins/sudoers/def_data.c:331
+msgid "Always run commands in a pseudo-tty"
+msgstr "Exécute toujours les commandes dans un pseudo-terminal (tty)"
+
+#: plugins/sudoers/def_data.c:335
+#, c-format
+msgid "Plugin for non-Unix group support: %s"
+msgstr "Greffon pour la prise en charge des groupes non-Unix : %s"
+
+#: plugins/sudoers/def_data.c:339
+#, c-format
+msgid "Directory in which to store input/output logs: %s"
+msgstr "Répertoire dans lequel les informations renvoyées par les opérations d'entrée/sortie seront stockées : %s"
+
+#: plugins/sudoers/def_data.c:343
+#, c-format
+msgid "File in which to store the input/output log: %s"
+msgstr "Fichier dans lequel les informations renvoyées par les opérations d'entrée/sortie seront stockées : %s"
+
+#: plugins/sudoers/def_data.c:347
+msgid "Add an entry to the utmp/utmpx file when allocating a pty"
+msgstr "Ajout d'une entrée au fichier utmp/utmpx lors de l'allocation d'un pseudo-terminal"
+
+#: plugins/sudoers/def_data.c:351
+msgid "Set the user in utmp to the runas user, not the invoking user"
+msgstr "Conservation dans utmp du nom de l'utilisateur runas, et non de celui de l'utilisateur appelant sudo"
+
+#: plugins/sudoers/def_data.c:355
+msgid "Set of permitted privileges"
+msgstr "Jeu de privilèges autorisés"
+
+#: plugins/sudoers/def_data.c:359
+msgid "Set of limit privileges"
+msgstr "Jeu de limites autorisées"
+
+#: plugins/sudoers/def_data.c:363
+msgid "Run commands on a pty in the background"
+msgstr "Exécution des commandes sur un pseudo-terminal en tâche de fond."
+
+#: plugins/sudoers/def_data.c:367
+msgid "PAM service name to use"
+msgstr "Nom de service PAM à utiliser"
+
+#: plugins/sudoers/def_data.c:371
+msgid "PAM service name to use for login shells"
+msgstr "Nom de service PAM à utiliser pour les interpréteurs de commandes"
+
+#: plugins/sudoers/def_data.c:375
+msgid "Attempt to establish PAM credentials for the target user"
+msgstr "Tentative de création des données d'identification PAM pour l'utilisateur cible"
+
+#: plugins/sudoers/def_data.c:379
+msgid "Create a new PAM session for the command to run in"
+msgstr "Création d'une nouvelle session PAM pour la commande à exécuter"
+
+#: plugins/sudoers/def_data.c:383
+#, c-format
+msgid "Maximum I/O log sequence number: %u"
+msgstr "Numéro de séquence maximum dans le journal E/S : %u"
+
+#: plugins/sudoers/def_data.c:387
+msgid "Enable sudoers netgroup support"
+msgstr "Activation de la prise en charge de netgroup par sudoers"
+
+#: plugins/sudoers/def_data.c:391
+msgid "Check the parent directory for writability when editing files with sudoedit"
+msgstr "Vérification que les droits du répertoire parent autorisent la modification des fichiers lors de l'édition"
+
+#: plugins/sudoers/def_data.c:395
+msgid "Follow symbolic links when editing files with sudoedit"
+msgstr "Prise en compte des liens symboliques lors de l'édition des fichiers"
+
+#: plugins/sudoers/def_data.c:399
+msgid "Query the group plugin for unknown system groups"
+msgstr "interroge le greffon group pour les groupes système inconnus"
+
+#: plugins/sudoers/defaults.c:199 plugins/sudoers/defaults.c:608
+#: plugins/sudoers/visudo_json.c:633 plugins/sudoers/visudo_json.c:668
+#, c-format
+msgid "unknown defaults entry `%s'"
+msgstr "Entrée par défaut inconnue « %s »"
+
+#: plugins/sudoers/defaults.c:207 plugins/sudoers/defaults.c:217
+#: plugins/sudoers/defaults.c:241 plugins/sudoers/defaults.c:256
+#: plugins/sudoers/defaults.c:269 plugins/sudoers/defaults.c:282
+#: plugins/sudoers/defaults.c:295 plugins/sudoers/defaults.c:315
+#: plugins/sudoers/defaults.c:325
+#, c-format
+msgid "value `%s' is invalid for option `%s'"
+msgstr "la valeur « %s » ne convient pas pour l'option « %s »"
+
+#: plugins/sudoers/defaults.c:210 plugins/sudoers/defaults.c:220
+#: plugins/sudoers/defaults.c:228 plugins/sudoers/defaults.c:251
+#: plugins/sudoers/defaults.c:264 plugins/sudoers/defaults.c:277
+#: plugins/sudoers/defaults.c:290 plugins/sudoers/defaults.c:310
+#: plugins/sudoers/defaults.c:321
+#, c-format
+msgid "no value specified for `%s'"
+msgstr "pas de valeur précisée pour « %s »"
+
+#: plugins/sudoers/defaults.c:233
+#, c-format
+msgid "values for `%s' must start with a '/'"
+msgstr "Les valeurs de « %s » doivent commencer par « / »"
+
+#: plugins/sudoers/defaults.c:301
+#, c-format
+msgid "option `%s' does not take a value"
+msgstr "l'option « %s » ne prend pas de valeur"
+
+#: plugins/sudoers/env.c:295 plugins/sudoers/env.c:302
+#: plugins/sudoers/env.c:407 plugins/sudoers/ldap.c:450
+#: plugins/sudoers/ldap.c:540 plugins/sudoers/ldap.c:1152
+#: plugins/sudoers/ldap.c:1354 plugins/sudoers/ldap.c:1526
+#: plugins/sudoers/ldap.c:1682 plugins/sudoers/linux_audit.c:82
+#: plugins/sudoers/logging.c:929 plugins/sudoers/policy.c:502
+#: plugins/sudoers/policy.c:511 plugins/sudoers/prompt.c:161
+#: plugins/sudoers/sudoers.c:815 plugins/sudoers/testsudoers.c:236
+#: plugins/sudoers/toke_util.c:160
+#, c-format
+msgid "internal error, %s overflow"
+msgstr "erreur interne, dépassement de %s"
+
+#: plugins/sudoers/env.c:376
+msgid "sudo_putenv: corrupted envp, length mismatch"
+msgstr "sudo_putenv : envp est corrompu, longueur incorrecte"
+
+#: plugins/sudoers/env.c:1076
+msgid "unable to rebuild the environment"
+msgstr "recréation de l'environnement impossible"
+
+#: plugins/sudoers/env.c:1150
+#, c-format
+msgid "sorry, you are not allowed to set the following environment variables: %s"
+msgstr "Désolé, vous n'êtes pas autorisé à définir ces variables d'environnement : %s"
+
+#: plugins/sudoers/group_plugin.c:85
+#, c-format
+msgid "%s must be owned by uid %d"
+msgstr "%s doit appartenir à l'utilisateur (uid) %d"
+
+#: plugins/sudoers/group_plugin.c:89
+#, c-format
+msgid "%s must only be writable by owner"
+msgstr "Seul le propriétaire doit avoir le droit en écriture sur %s"
+
+#: plugins/sudoers/group_plugin.c:97 plugins/sudoers/sssd.c:331
+#, c-format
+msgid "unable to load %s: %s"
+msgstr "chargement de %s impossible : %s"
+
+#: plugins/sudoers/group_plugin.c:103
+#, c-format
+msgid "unable to find symbol \"group_plugin\" in %s"
+msgstr "le symbole « group_plugin » est introuvable dans %s"
+
+#: plugins/sudoers/group_plugin.c:108
+#, c-format
+msgid "%s: incompatible group plugin major version %d, expected %d"
+msgstr "%s : la version majeure du greffon group %d est incompatible, la version attendue est %d"
+
+#: plugins/sudoers/interfaces.c:117
+msgid "Local IP address and netmask pairs:\n"
+msgstr "Couples adresse IP locale/netmask :\n"
+
+#: plugins/sudoers/iolog.c:92 plugins/sudoers/iolog.c:110
+#: plugins/sudoers/timestamp.c:169
+#, c-format
+msgid "%s exists but is not a directory (0%o)"
+msgstr "%s existe mais n'est pas un répertoire (0%o)"
+
+#: plugins/sudoers/iolog.c:103 plugins/sudoers/iolog.c:124
+#: plugins/sudoers/iolog.c:131 plugins/sudoers/timestamp.c:163
+#: plugins/sudoers/timestamp.c:184
+#, c-format
+msgid "unable to mkdir %s"
+msgstr "création du répertoire (mkdir) %s impossible"
+
+#: plugins/sudoers/iolog.c:200 plugins/sudoers/sudoers.c:871
+#: plugins/sudoers/sudoreplay.c:300 plugins/sudoers/sudoreplay.c:769
+#: plugins/sudoers/sudoreplay.c:973 plugins/sudoers/timestamp.c:399
+#: plugins/sudoers/visudo.c:903 plugins/sudoers/visudo_json.c:1012
+#: plugins/sudoers/visudo_json.c:1025
+#, c-format
+msgid "unable to open %s"
+msgstr "ouverture de %s impossible"
+
+#: plugins/sudoers/iolog.c:241 plugins/sudoers/sudoers.c:875
+#: plugins/sudoers/sudoreplay.c:1084
+#, c-format
+msgid "unable to read %s"
+msgstr "lecture de %s impossible"
+
+#: plugins/sudoers/iolog.c:277 plugins/sudoers/sudoreplay.c:550
+#: plugins/sudoers/timestamp.c:298 plugins/sudoers/timestamp.c:301
+#, c-format
+msgid "unable to write to %s"
+msgstr "Écriture impossible dans %s"
+
+#: plugins/sudoers/iolog.c:342 plugins/sudoers/iolog.c:540
+#, c-format
+msgid "unable to create %s"
+msgstr "création de %s impossible"
+
+#: plugins/sudoers/ldap.c:428
+msgid "sudo_ldap_conf_add_ports: port too large"
+msgstr "sudo_ldap_conf_add_ports : valeur de port trop élevée"
+
+#: plugins/sudoers/ldap.c:488
+#, c-format
+msgid "unsupported LDAP uri type: %s"
+msgstr "Type d'uri LDAP non pris en charge : %s"
+
+#: plugins/sudoers/ldap.c:515
+msgid "unable to mix ldap and ldaps URIs"
+msgstr "fusion des URIs ldap et ldaps impossible"
+
+#: plugins/sudoers/ldap.c:519 plugins/sudoers/ldap.c:555
+msgid "starttls not supported when using ldaps"
+msgstr "starttls n'est pas pris en charge lors de l'utilisation de ldap"
+
+#: plugins/sudoers/ldap.c:626
+#, c-format
+msgid "unable to initialize SSL cert and key db: %s"
+msgstr "initialisation du certificat SSL et la base de clés impossible : %s"
+
+#: plugins/sudoers/ldap.c:629
+#, c-format
+msgid "you must set TLS_CERT in %s to use SSL"
+msgstr "TLS_CERT doit être défini dans %s pour pouvoir utiliser SSL"
+
+#: plugins/sudoers/ldap.c:1138
+msgid "unable to get GMT time"
+msgstr "récupération de l'heure GMT impossible"
+
+#: plugins/sudoers/ldap.c:1144
+msgid "unable to format timestamp"
+msgstr "impossible de formater l'horodatage"
+
+#: plugins/sudoers/ldap.c:1830
+#, c-format
+msgid "%s: %s: %s: %s"
+msgstr "%s : %s : %s : %s"
+
+#: plugins/sudoers/ldap.c:2372
+#, c-format
+msgid ""
+"\n"
+"LDAP Role: %s\n"
+msgstr ""
+"\n"
+"Rôle LDAP : %s\n"
+
+#: plugins/sudoers/ldap.c:2374
+#, c-format
+msgid ""
+"\n"
+"LDAP Role: UNKNOWN\n"
+msgstr ""
+"\n"
+"Rôle LDAP : INCONNU\n"
+
+#: plugins/sudoers/ldap.c:2421
+#, c-format
+msgid "    Order: %s\n"
+msgstr "    Ordre : %s\n"
+
+#: plugins/sudoers/ldap.c:2429 plugins/sudoers/parse.c:555
+#: plugins/sudoers/sssd.c:1417
+#, c-format
+msgid "    Commands:\n"
+msgstr "    Commandes :\n"
+
+#: plugins/sudoers/ldap.c:2993
+#, c-format
+msgid "unable to initialize LDAP: %s"
+msgstr "initialisation de LDAP impossible : %s"
+
+#: plugins/sudoers/ldap.c:3029
+msgid "start_tls specified but LDAP libs do not support ldap_start_tls_s() or ldap_start_tls_s_np()"
+msgstr "start_tls est sélectionné, mais les bibliothèques LDAP ne gèrent pas ldap_start_tls_s() ou ldap_start_tls_s_np()"
+
+#: plugins/sudoers/ldap.c:3286
+#, c-format
+msgid "invalid sudoOrder attribute: %s"
+msgstr "attribut sudoOrder invalide : %s"
+
+#: plugins/sudoers/linux_audit.c:52
+msgid "unable to open audit system"
+msgstr "ouverture du fichier d'audit du système impossible"
+
+#: plugins/sudoers/linux_audit.c:93
+msgid "unable to send audit message"
+msgstr "envoi du message d'audit impossible"
+
+#: plugins/sudoers/logging.c:106
+#, c-format
+msgid "%8s : %s"
+msgstr "%8s : %s"
+
+#: plugins/sudoers/logging.c:134
+#, c-format
+msgid "%8s : (command continued) %s"
+msgstr "%8s : (suite de la commande) %s"
+
+#: plugins/sudoers/logging.c:159
+#, c-format
+msgid "unable to open log file: %s: %s"
+msgstr "ouverture du fichier de journalisation impossible : %s : %s"
+
+#: plugins/sudoers/logging.c:162
+#, c-format
+msgid "unable to lock log file: %s: %s"
+msgstr "verrouillage du fichier de journalisation impossible : %s : %s"
+
+#: plugins/sudoers/logging.c:211
+msgid "No user or host"
+msgstr "Pas d'utilisateur ou d'hôte"
+
+#: plugins/sudoers/logging.c:213
+msgid "validation failure"
+msgstr "échec de la validation"
+
+#: plugins/sudoers/logging.c:220
+msgid "user NOT in sudoers"
+msgstr "l'utilisateur n'apparaît PAS dans sudoers"
+
+#: plugins/sudoers/logging.c:222
+msgid "user NOT authorized on host"
+msgstr "l'utilisateur n'est PAS autorisé sur cet hôte"
+
+#: plugins/sudoers/logging.c:224
+msgid "command not allowed"
+msgstr "commande non autorisée"
+
+#: plugins/sudoers/logging.c:259
+#, c-format
+msgid "%s is not in the sudoers file.  This incident will be reported.\n"
+msgstr "%s n'apparaît pas dans le fichier sudoers. Cet événement sera signalé.\n"
+
+#: plugins/sudoers/logging.c:262
+#, c-format
+msgid "%s is not allowed to run sudo on %s.  This incident will be reported.\n"
+msgstr "%s n'est pas autorisé à exécuter sudo sur %s. Cet événement sera signalé.\n"
+
+#: plugins/sudoers/logging.c:266
+#, c-format
+msgid "Sorry, user %s may not run sudo on %s.\n"
+msgstr "Désolé, l'utilisateur %s ne peut pas utiliser sudo sur %s.\n"
+
+#: plugins/sudoers/logging.c:269
+#, c-format
+msgid "Sorry, user %s is not allowed to execute '%s%s%s' as %s%s%s on %s.\n"
+msgstr "Désolé, l'utilisateur %s n'est pas autorisé à exécuter « %s%s%s » en tant que %s%s%s sur %s.\n"
+
+#: plugins/sudoers/logging.c:306 plugins/sudoers/sudoers.c:471
+#: plugins/sudoers/sudoers.c:473 plugins/sudoers/sudoers.c:475
+#: plugins/sudoers/sudoers.c:477 plugins/sudoers/sudoers.c:1222
+#: plugins/sudoers/sudoers.c:1224
+#, c-format
+msgid "%s: command not found"
+msgstr "%s : commande introuvable"
+
+#: plugins/sudoers/logging.c:308 plugins/sudoers/sudoers.c:467
+#, c-format
+msgid ""
+"ignoring `%s' found in '.'\n"
+"Use `sudo ./%s' if this is the `%s' you wish to run."
+msgstr ""
+"« %s » trouvé dans « . » n'a pas été exécuté\n"
+"Utilisez « sudo ./%s » si c'est bien la version de « %s » que vous souhaitez exécuter."
+
+#: plugins/sudoers/logging.c:325
+msgid "authentication failure"
+msgstr "échec de l'authentification"
+
+#: plugins/sudoers/logging.c:351
+msgid "a password is required"
+msgstr "il est nécessaire de saisir un mot de passe"
+
+#: plugins/sudoers/logging.c:422 plugins/sudoers/logging.c:484
+#, c-format
+msgid "%u incorrect password attempt"
+msgid_plural "%u incorrect password attempts"
+msgstr[0] "%u saisie de mot de passe incorrecte"
+msgstr[1] "%u saisies de mots de passe incorrectes"
+
+#: plugins/sudoers/logging.c:572
+msgid "unable to fork"
+msgstr "création du processus fils impossible"
+
+#: plugins/sudoers/logging.c:580 plugins/sudoers/logging.c:640
+#, c-format
+msgid "unable to fork: %m"
+msgstr "création du processus fils impossible : %m"
+
+#: plugins/sudoers/logging.c:630
+#, c-format
+msgid "unable to open pipe: %m"
+msgstr "ouverture du tube impossible : %m"
+
+#: plugins/sudoers/logging.c:655
+#, c-format
+msgid "unable to dup stdin: %m"
+msgstr "duplication (dup) de stdin impossible : %m"
+
+#: plugins/sudoers/logging.c:693
+#, c-format
+msgid "unable to execute %s: %m"
+msgstr "exécution de %s impossible : %m"
+
+#: plugins/sudoers/match.c:606
+#, c-format
+msgid "unsupported digest type %d for %s"
+msgstr "le type résumé (digest type ) %d pour n'est pas autorisé pour %s"
+
+#: plugins/sudoers/match.c:639
+#, c-format
+msgid "%s: read error"
+msgstr "%s : erreur en lecture"
+
+#: plugins/sudoers/match.c:653
+#, c-format
+msgid "digest for %s (%s) is not in %s form"
+msgstr "Le résume (digest) de %s (%s) n'est pas dans le forme %s"
+
+#: plugins/sudoers/parse.c:114
+#, c-format
+msgid "parse error in %s near line %d"
+msgstr "erreur d'analyse grammaticale dans %s aux environs de la ligne %d"
+
+#: plugins/sudoers/parse.c:117
+#, c-format
+msgid "parse error in %s"
+msgstr "erreur d'analyse grammaticale dans %s"
+
+#: plugins/sudoers/parse.c:502
+#, c-format
+msgid ""
+"\n"
+"Sudoers entry:\n"
+msgstr ""
+"\n"
+"Entrée sudoers :\n"
+
+#: plugins/sudoers/parse.c:503
+#, c-format
+msgid "    RunAsUsers: "
+msgstr "    RunAsUsers : "
+
+#: plugins/sudoers/parse.c:517
+#, c-format
+msgid "    RunAsGroups: "
+msgstr "    RunAsGroups : "
+
+#: plugins/sudoers/parse.c:526
+#, c-format
+msgid "    Options: "
+msgstr "    Options : "
+
+#: plugins/sudoers/policy.c:240 plugins/sudoers/testsudoers.c:253
+msgid "unable to parse network address list"
+msgstr "analyse grammaticale (parse) des adresses réseau impossible"
+
+#: plugins/sudoers/policy.c:640 plugins/sudoers/visudo.c:840
+#, c-format
+msgid "unable to execute %s"
+msgstr "exécution de %s impossible"
+
+#: plugins/sudoers/policy.c:773
+#, c-format
+msgid "Sudoers policy plugin version %s\n"
+msgstr "La version du greffon de politique de sudoers est %s\n"
+
+#: plugins/sudoers/policy.c:775
+#, c-format
+msgid "Sudoers file grammar version %d\n"
+msgstr "La version de la grammaire du fichier sudoers est %d\n"
+
+#: plugins/sudoers/policy.c:779
+#, c-format
+msgid ""
+"\n"
+"Sudoers path: %s\n"
+msgstr ""
+"\n"
+"Chemin d'accès à sudoers : %s\n"
+
+#: plugins/sudoers/policy.c:782
+#, c-format
+msgid "nsswitch path: %s\n"
+msgstr "chemin d'accès à nsswitch : %s\n"
+
+#: plugins/sudoers/policy.c:784
+#, c-format
+msgid "ldap.conf path: %s\n"
+msgstr "chemin d'accès à ldap_conf : %s\n"
+
+#: plugins/sudoers/policy.c:785
+#, c-format
+msgid "ldap.secret path: %s\n"
+msgstr "chemin d'accès à ldap.secret : %s\n"
+
+#: plugins/sudoers/policy.c:818
+#, c-format
+msgid "unable to register hook of type %d (version %d.%d)"
+msgstr "activation d'un point d'ancrage de type %d (version %d.%d) impossible"
+
+#: plugins/sudoers/pwutil.c:136 plugins/sudoers/pwutil.c:153
+#, c-format
+msgid "unable to cache uid %u, out of memory"
+msgstr "enregistrement de l'uid %u dans le cache impossible, mémoire insuffisante"
+
+#: plugins/sudoers/pwutil.c:147
+#, c-format
+msgid "unable to cache uid %u, already exists"
+msgstr "enregistrement de l'uid %u dans le cache impossible, l'entrée existe déjà"
+
+#: plugins/sudoers/pwutil.c:191 plugins/sudoers/pwutil.c:207
+#: plugins/sudoers/pwutil.c:250 plugins/sudoers/pwutil.c:294
+#, c-format
+msgid "unable to cache user %s, out of memory"
+msgstr "enregistrement des informations de l'utilisateur %s dans le cache impossible, mémoire insuffisante"
+
+#: plugins/sudoers/pwutil.c:202
+#, c-format
+msgid "unable to cache user %s, already exists"
+msgstr "enregistrement des informations de l'utilisateur %s dans le cache impossible, l'entrée existe déjà"
+
+#: plugins/sudoers/pwutil.c:427 plugins/sudoers/pwutil.c:444
+#, c-format
+msgid "unable to cache gid %u, out of memory"
+msgstr "enregistrement du gid %u dans le cache impossible, mémoire insuffisante"
+
+#: plugins/sudoers/pwutil.c:438
+#, c-format
+msgid "unable to cache gid %u, already exists"
+msgstr "enregistrement du gid %u dans le cache impossible, l'entrée existe déjà"
+
+#: plugins/sudoers/pwutil.c:476 plugins/sudoers/pwutil.c:492
+#: plugins/sudoers/pwutil.c:524 plugins/sudoers/pwutil.c:565
+#, c-format
+msgid "unable to cache group %s, out of memory"
+msgstr "enregistrement du groupe %s dans le cache impossible, mémoire insuffisante"
+
+#: plugins/sudoers/pwutil.c:487
+#, c-format
+msgid "unable to cache group %s, already exists"
+msgstr "enregistrement du groupe %s dans le cache impossible, l'entrée existe déjà"
+
+#: plugins/sudoers/pwutil.c:676 plugins/sudoers/pwutil.c:710
+#, c-format
+msgid "unable to cache group list for %s, already exists"
+msgstr "enregistrement de la liste de groupe %s dans le cache impossible, l'entrée existe déjà"
+
+#: plugins/sudoers/pwutil.c:682 plugins/sudoers/pwutil.c:715
+#, c-format
+msgid "unable to cache group list for %s, out of memory"
+msgstr "enregistrement de la liste de groupe %s dans le cache impossible, mémoire insuffisante"
+
+#: plugins/sudoers/pwutil.c:705
+#, c-format
+msgid "unable to parse groups for %s"
+msgstr "analyse grammaticale (parse) de %s impossible"
+
+#: plugins/sudoers/set_perms.c:113 plugins/sudoers/set_perms.c:438
+#: plugins/sudoers/set_perms.c:841 plugins/sudoers/set_perms.c:1138
+#: plugins/sudoers/set_perms.c:1430
+msgid "perm stack overflow"
+msgstr "débordement de la pile perm"
+
+#: plugins/sudoers/set_perms.c:121 plugins/sudoers/set_perms.c:369
+#: plugins/sudoers/set_perms.c:446 plugins/sudoers/set_perms.c:708
+#: plugins/sudoers/set_perms.c:849 plugins/sudoers/set_perms.c:1067
+#: plugins/sudoers/set_perms.c:1146 plugins/sudoers/set_perms.c:1363
+#: plugins/sudoers/set_perms.c:1438 plugins/sudoers/set_perms.c:1527
+msgid "perm stack underflow"
+msgstr "débordement inférieur de la pile perm"
+
+#: plugins/sudoers/set_perms.c:180 plugins/sudoers/set_perms.c:493
+#: plugins/sudoers/set_perms.c:1197 plugins/sudoers/set_perms.c:1470
+msgid "unable to change to root gid"
+msgstr "changement de l'identificateur de groupe (gid) de root impossible"
+
+#: plugins/sudoers/set_perms.c:269 plugins/sudoers/set_perms.c:590
+#: plugins/sudoers/set_perms.c:978 plugins/sudoers/set_perms.c:1274
+msgid "unable to change to runas gid"
+msgstr "changement du groupe effectif (runas) impossible"
+
+#: plugins/sudoers/set_perms.c:274 plugins/sudoers/set_perms.c:595
+#: plugins/sudoers/set_perms.c:983 plugins/sudoers/set_perms.c:1279
+msgid "unable to set runas group vector"
+msgstr "positionnement du vecteur du groupe effectif (runas) impossible"
+
+#: plugins/sudoers/set_perms.c:285 plugins/sudoers/set_perms.c:606
+#: plugins/sudoers/set_perms.c:992 plugins/sudoers/set_perms.c:1288
+msgid "unable to change to runas uid"
+msgstr "changement de l'uid effectif (runas) impossible"
+
+#: plugins/sudoers/set_perms.c:303 plugins/sudoers/set_perms.c:624
+#: plugins/sudoers/set_perms.c:1008 plugins/sudoers/set_perms.c:1304
+msgid "unable to change to sudoers gid"
+msgstr "changement du groupe (gid) de sudoers impossible"
+
+#: plugins/sudoers/set_perms.c:356 plugins/sudoers/set_perms.c:695
+#: plugins/sudoers/set_perms.c:1054 plugins/sudoers/set_perms.c:1350
+#: plugins/sudoers/set_perms.c:1514
+msgid "too many processes"
+msgstr "trop de processus"
+
+#: plugins/sudoers/solaris_audit.c:51
+msgid "unable to get current working directory"
+msgstr "récupération du répertoire de travail impossible"
+
+#: plugins/sudoers/solaris_audit.c:59
+#, c-format
+msgid "truncated audit path user_cmnd: %s"
+msgstr "le chemin d'accès à l'audit user_cmnd est incomplet : %s"
+
+#: plugins/sudoers/solaris_audit.c:66
+#, c-format
+msgid "truncated audit path argv[0]: %s"
+msgstr "le chemin d'accès à l'audit argv[0] est incomplet : %s"
+
+#: plugins/sudoers/solaris_audit.c:115
+msgid "audit_failure message too long"
+msgstr "le message audit_failure est trop long"
+
+#: plugins/sudoers/sssd.c:333
+msgid "unable to initialize SSS source. Is SSSD installed on your machine?"
+msgstr "initialisation de la source SSS impossible. SSSD est-il installé sur cette machine ?"
+
+#: plugins/sudoers/sssd.c:341 plugins/sudoers/sssd.c:350
+#: plugins/sudoers/sssd.c:359 plugins/sudoers/sssd.c:368
+#: plugins/sudoers/sssd.c:377
+#, c-format
+msgid "unable to find symbol \"%s\" in %s"
+msgstr "Le symbole « %s » est introuvable dans %s"
+
+#: plugins/sudoers/sudo_nss.c:290
+#, c-format
+msgid "Matching Defaults entries for %s on %s:\n"
+msgstr "Entrées par défaut pour %s sur %s :\n"
+
+#: plugins/sudoers/sudo_nss.c:308
+#, c-format
+msgid "Runas and Command-specific defaults for %s:\n"
+msgstr "Paramètres par défaut de runas ou d'autres commandes pour %s :\n"
+
+#: plugins/sudoers/sudo_nss.c:326
+#, c-format
+msgid "User %s may run the following commands on %s:\n"
+msgstr "L'utilisateur %s peut utiliser les commandes suivantes sur %s :\n"
+
+#: plugins/sudoers/sudo_nss.c:339
+#, c-format
+msgid "User %s is not allowed to run sudo on %s.\n"
+msgstr "L'utilisateur %s n'est pas autorisé à exécuter sudo sur %s.\n"
+
+#: plugins/sudoers/sudoers.c:172 plugins/sudoers/testsudoers.c:245
+#: plugins/sudoers/visudo.c:223 plugins/sudoers/visudo.c:566
+msgid "unable to initialize sudoers default values"
+msgstr "initialisation des valeurs par défaut de sudoers impossible"
+
+#: plugins/sudoers/sudoers.c:197 plugins/sudoers/sudoers.c:239
+#: plugins/sudoers/sudoers.c:833
+msgid "problem with defaults entries"
+msgstr "les entrées par défaut posent un problème"
+
+#: plugins/sudoers/sudoers.c:205
+msgid "no valid sudoers sources found, quitting"
+msgstr "aucune source sudoers valide n'a été trouvée, fin d'exécution"
+
+#: plugins/sudoers/sudoers.c:275
+msgid "sudoers specifies that root is not allowed to sudo"
+msgstr "il est précisé dans sudoers que root n'est pas autorisé à utiliser sudo"
+
+#: plugins/sudoers/sudoers.c:332
+msgid "you are not permitted to use the -C option"
+msgstr "vous n'êtes pas autorisé à utiliser l'option -C"
+
+#: plugins/sudoers/sudoers.c:396
+#, c-format
+msgid "timestamp owner (%s): No such user"
+msgstr "propriétaire du fichier d'horodatage (%s) : utilisateur inconnu"
+
+#: plugins/sudoers/sudoers.c:410
+msgid "no tty"
+msgstr "pas de terminal tty"
+
+#: plugins/sudoers/sudoers.c:411
+msgid "sorry, you must have a tty to run sudo"
+msgstr "désolé, vous devez avoir un terminal tty pour exécuter sudo"
+
+#: plugins/sudoers/sudoers.c:466
+msgid "command in current directory"
+msgstr "commande dans le répertoire courant"
+
+#: plugins/sudoers/sudoers.c:486
+msgid "sorry, you are not allowed to preserve the environment"
+msgstr "désolé, vous n'êtes pas autorisé à conserver l'environnement"
+
+#: plugins/sudoers/sudoers.c:778
+msgid "command too long"
+msgstr "commande trop longue"
+
+#: plugins/sudoers/sudoers.c:886 plugins/sudoers/visudo.c:426
+#: plugins/sudoers/visudo.c:666
+#, c-format
+msgid "unable to stat %s"
+msgstr "impossible d'appliquer la fonction stat à %s"
+
+#: plugins/sudoers/sudoers.c:890
+#, c-format
+msgid "%s is not a regular file"
+msgstr "%s n'est pas un fichier ordinaire"
+
+#: plugins/sudoers/sudoers.c:894 plugins/sudoers/timestamp.c:225 toke.l:947
+#, c-format
+msgid "%s is owned by uid %u, should be %u"
+msgstr "Le fichier %s a l'utilisateur (uid) %u pour propriétaire, alors qu'il devraitappartenir à %u"
+
+#: plugins/sudoers/sudoers.c:898 toke.l:954
+#, c-format
+msgid "%s is world writable"
+msgstr "Le fichier %s est ouvert en écriture pour tous"
+
+#: plugins/sudoers/sudoers.c:902 toke.l:959
+#, c-format
+msgid "%s is owned by gid %u, should be %u"
+msgstr "Le fichier %s a pour groupe (gid) %u, alors qu'il devrait appartenir au groupe %u"
+
+#: plugins/sudoers/sudoers.c:933
+#, c-format
+msgid "only root can use `-c %s'"
+msgstr "« -c %s » est réservé à l'utilisateur root"
+
+#: plugins/sudoers/sudoers.c:952
+#, c-format
+msgid "unknown login class: %s"
+msgstr "classe de connexion inconnue : %s"
+
+#: plugins/sudoers/sudoers.c:1031 plugins/sudoers/sudoers.c:1059
+#, c-format
+msgid "unable to resolve host %s"
+msgstr "impossible de déterminer le nom de l'hôte %s"
+
+#: plugins/sudoers/sudoers.c:1126 plugins/sudoers/testsudoers.c:385
+#, c-format
+msgid "unknown group: %s"
+msgstr "groupe inconnu : %s"
+
+#: plugins/sudoers/sudoreplay.c:232
+#, c-format
+msgid "invalid filter option: %s"
+msgstr "option du filte invalide : %s"
+
+#: plugins/sudoers/sudoreplay.c:245
+#, c-format
+msgid "invalid max wait: %s"
+msgstr "attente maximum invalide : %s"
+
+#: plugins/sudoers/sudoreplay.c:251
+#, c-format
+msgid "invalid speed factor: %s"
+msgstr "facteur de vitesse invalide : %s"
+
+#: plugins/sudoers/sudoreplay.c:254 plugins/sudoers/visudo.c:180
+#, c-format
+msgid "%s version %s\n"
+msgstr "%s version %s\n"
+
+#: plugins/sudoers/sudoreplay.c:286
+#, c-format
+msgid "%s/%.2s/%.2s/%.2s/timing: %s"
+msgstr "%s/%.2s/%.2s/%.2s/timing : %s"
+
+#: plugins/sudoers/sudoreplay.c:292
+#, c-format
+msgid "%s/%s/timing: %s"
+msgstr "%s/%s/timing : %s"
+
+#: plugins/sudoers/sudoreplay.c:308
+#, c-format
+msgid "Replaying sudo session: %s\n"
+msgstr "Rejeu de la session sudo : %s\n"
+
+#: plugins/sudoers/sudoreplay.c:314
+#, c-format
+msgid "Warning: your terminal is too small to properly replay the log.\n"
+msgstr "Attention : la taille du terminal n'est pas suffisante pour pouvoir rejouer correctement la séquence.\n"
+
+#: plugins/sudoers/sudoreplay.c:315
+#, c-format
+msgid "Log geometry is %d x %d, your terminal's geometry is %d x %d."
+msgstr "La taille du journal est %d x %d, la taille de votre terminal est %d x %d."
+
+#: plugins/sudoers/sudoreplay.c:368
+msgid "unable to set tty to raw mode"
+msgstr "impossible d'initialiser le terminal tty en mode direct"
+
+#: plugins/sudoers/sudoreplay.c:401
+#, c-format
+msgid "invalid timing file line: %s"
+msgstr "entrée invalide dans le fichier de timing : %s"
+
+#: plugins/sudoers/sudoreplay.c:611 plugins/sudoers/sudoreplay.c:636
+#, c-format
+msgid "ambiguous expression \"%s\""
+msgstr "expression ambiguë « %s »"
+
+#: plugins/sudoers/sudoreplay.c:658
+msgid "unmatched ')' in expression"
+msgstr "il manque une parenthèse ouvrante « ( » dans l'expression"
+
+#: plugins/sudoers/sudoreplay.c:662
+#, c-format
+msgid "unknown search term \"%s\""
+msgstr "terme de recherche « %s » inconnu"
+
+#: plugins/sudoers/sudoreplay.c:677
+#, c-format
+msgid "%s requires an argument"
+msgstr "%s requiert le passage d'un argument"
+
+#: plugins/sudoers/sudoreplay.c:680 plugins/sudoers/sudoreplay.c:1060
+#, c-format
+msgid "invalid regular expression: %s"
+msgstr "expression régulière invalide : %s"
+
+#: plugins/sudoers/sudoreplay.c:684
+#, c-format
+msgid "could not parse date \"%s\""
+msgstr "Analyse grammaticale de la date « %s » impossible"
+
+#: plugins/sudoers/sudoreplay.c:693
+msgid "unmatched '(' in expression"
+msgstr "il manque une parenthèse fermante « ) » dans l'expression"
+
+#: plugins/sudoers/sudoreplay.c:695
+msgid "illegal trailing \"or\""
+msgstr "« or » n'est pas autorisé en fin d'expression"
+
+#: plugins/sudoers/sudoreplay.c:697
+msgid "illegal trailing \"!\""
+msgstr "« ! » n'est pas autorisé en fin d'expression"
+
+#: plugins/sudoers/sudoreplay.c:746
+#, c-format
+msgid "unknown search type %d"
+msgstr "type de recherche « %d » inconnu"
+
+#: plugins/sudoers/sudoreplay.c:784
+#, c-format
+msgid "%s: invalid log file"
+msgstr "%s : fichier de journalisation incorrect"
+
+#: plugins/sudoers/sudoreplay.c:802
+#, c-format
+msgid "%s: time stamp field is missing"
+msgstr "%s : il manque le champ d'horodatage"
+
+#: plugins/sudoers/sudoreplay.c:809
+#, c-format
+msgid "%s: time stamp %s: %s"
+msgstr "%s : horodatage %s : %s"
+
+#: plugins/sudoers/sudoreplay.c:816
+#, c-format
+msgid "%s: user field is missing"
+msgstr "%s : il manque le champ utilisateur"
+
+#: plugins/sudoers/sudoreplay.c:825
+#, c-format
+msgid "%s: runas user field is missing"
+msgstr "%s : il manque le champ précisant l'utilisateur effectif (runas)"
+
+#: plugins/sudoers/sudoreplay.c:834
+#, c-format
+msgid "%s: runas group field is missing"
+msgstr "%s : il manque le champ précisant le groupe effectif (runas)"
+
+#: plugins/sudoers/sudoreplay.c:1197
+#, c-format
+msgid "usage: %s [-h] [-d dir] [-m num] [-s num] ID\n"
+msgstr "Utilisation : %s [-h] [-d répertoire] [-m nombre] [-s nombre] ID\n"
+
+#: plugins/sudoers/sudoreplay.c:1200
+#, c-format
+msgid "usage: %s [-h] [-d dir] -l [search expression]\n"
+msgstr "Utilisation : %s [-h] [-d répertoire] -l [expression recherchée ]\n"
+
+#: plugins/sudoers/sudoreplay.c:1209
+#, c-format
+msgid ""
+"%s - replay sudo session logs\n"
+"\n"
+msgstr ""
+"%s - Rejeu du journal de la session sudo\n"
+"\n"
+
+#: plugins/sudoers/sudoreplay.c:1211
+msgid ""
+"\n"
+"Options:\n"
+"  -d, --directory=dir  specify directory for session logs\n"
+"  -f, --filter=filter  specify which I/O type(s) to display\n"
+"  -h, --help           display help message and exit\n"
+"  -l, --list           list available session IDs, with optional expression\n"
+"  -m, --max-wait=num   max number of seconds to wait between events\n"
+"  -s, --speed=num      speed up or slow down output\n"
+"  -V, --version        display version information and exit"
+msgstr ""
+"\n"
+"Options :\n"
+"  -d, --directory=répertoire    indique le répertoire à utiliser pour les traces de la session\n"
+"   -f, --filter=filtre        indique quel type E/S utiliser pour l'affichage\n"
+"  -h, --help               affiche le message et d'aide, puis termine l'exécution\n"
+"  -l, --list             liste les identificateurs de sessions disponible, il est possible d'ajouter une expression en paramètre \n"
+"  -m, max_wait=valeur     nombre maximum de secondes de temporisation entre les événements\n"
+"  -s, --speed=valeur  accélère ou ralentit l'exécution\n"
+"  -V, --version               affiche la version du programme, puis termine l'exécution"
+
+#: plugins/sudoers/testsudoers.c:324
+msgid "\thost  unmatched"
+msgstr "\tl'hôte n'a pas de correspondance"
+
+#: plugins/sudoers/testsudoers.c:327
+msgid ""
+"\n"
+"Command allowed"
+msgstr ""
+"\n"
+"Commande autorisée"
+
+#: plugins/sudoers/testsudoers.c:328
+msgid ""
+"\n"
+"Command denied"
+msgstr ""
+"\n"
+"Commande refusée"
+
+#: plugins/sudoers/testsudoers.c:328
+msgid ""
+"\n"
+"Command unmatched"
+msgstr ""
+"\n"
+"Commande sans correspondance"
+
+#: plugins/sudoers/timestamp.c:233
+#, c-format
+msgid "%s is group writable"
+msgstr "%s est accessible en écriture pour les membres du groupe"
+
+#: plugins/sudoers/timestamp.c:309
+#, c-format
+msgid "unable to truncate time stamp file to %lld bytes"
+msgstr "impossible de tronquer le fichier d'horodatage de %lld octets"
+
+#: plugins/sudoers/timestamp.c:742 plugins/sudoers/timestamp.c:809
+#: plugins/sudoers/visudo.c:487 plugins/sudoers/visudo.c:493
+msgid "unable to read the clock"
+msgstr "lecture du bloc impossible"
+
+#: plugins/sudoers/timestamp.c:756
+msgid "ignoring time stamp from the future"
+msgstr "un horodatage dans le futur n'a pas été pris en compte"
+
+#: plugins/sudoers/timestamp.c:768
+#, c-format
+msgid "time stamp too far in the future: %20.20s"
+msgstr "l'horodatage est trop avancé dans le temps : %20.20s"
+
+#: plugins/sudoers/timestamp.c:863
+#, c-format
+msgid "unable to lock time stamp file %s"
+msgstr "verrouillage de l'horodatage du fichier %s impossible"
+
+#: plugins/sudoers/timestamp.c:906 plugins/sudoers/timestamp.c:926
+#, c-format
+msgid "lecture status path too long: %s/%s"
+msgstr "le chemin d'accès au fichier d'état de la recommandation est trop long : %s/%s"
+
+#: plugins/sudoers/visudo.c:182
+#, c-format
+msgid "%s grammar version %d\n"
+msgstr "Version de la grammaire de %s : %d\n"
+
+#: plugins/sudoers/visudo.c:254 plugins/sudoers/visudo.c:618
+#, c-format
+msgid "press return to edit %s: "
+msgstr "appuyer sur entrée pour afficher %s : "
+
+#: plugins/sudoers/visudo.c:319
+#, c-format
+msgid "specified editor (%s) doesn't exist"
+msgstr "l'éditeur indiqué (%s) n'existe pas"
+
+#: plugins/sudoers/visudo.c:337
+#, c-format
+msgid "no editor found (editor path = %s)"
+msgstr "aucun éditeur trouvé (chemin d'accès à l'éditeur : %s)"
+
+#: plugins/sudoers/visudo.c:446 plugins/sudoers/visudo.c:454
+msgid "write error"
+msgstr "erreur en écriture"
+
+#: plugins/sudoers/visudo.c:500
+#, c-format
+msgid "unable to stat temporary file (%s), %s unchanged"
+msgstr "impossible d'appliquer la fonction stat au fichier temporaire (%s), %s n'a pas été modifié"
+
+#: plugins/sudoers/visudo.c:507
+#, c-format
+msgid "zero length temporary file (%s), %s unchanged"
+msgstr "fichier temporaire vide (%s), %s n'a pas été modifié"
+
+#: plugins/sudoers/visudo.c:513
+#, c-format
+msgid "editor (%s) failed, %s unchanged"
+msgstr "l'éditeur (%s) a échoué, %s n'a pas été modifié"
+
+#: plugins/sudoers/visudo.c:535
+#, c-format
+msgid "%s unchanged"
+msgstr "%s n'a pas été modifié"
+
+#: plugins/sudoers/visudo.c:561
+#, c-format
+msgid "unable to re-open temporary file (%s), %s unchanged."
+msgstr "impossible de rouvrir le fichier temporaire (%s), %s n'a pas été modifié."
+
+#: plugins/sudoers/visudo.c:572
+#, c-format
+msgid "unabled to parse temporary file (%s), unknown error"
+msgstr "impossible d'effectuer l'analyse grammaticale du fichier temporaire (%s), erreur inconnue"
+
+#: plugins/sudoers/visudo.c:609
+#, c-format
+msgid "internal error, unable to find %s in list!"
+msgstr "erreur interne, impossible de trouver %s dans la liste !"
+
+#: plugins/sudoers/visudo.c:668 plugins/sudoers/visudo.c:677
+#, c-format
+msgid "unable to set (uid, gid) of %s to (%u, %u)"
+msgstr "impossible d'affecter (uid, gid) de %s à (%u, %u)"
+
+#: plugins/sudoers/visudo.c:672 plugins/sudoers/visudo.c:682
+#, c-format
+msgid "unable to change mode of %s to 0%o"
+msgstr "impossible de changer le mode de %s pour lui affecter 0%o"
+
+#: plugins/sudoers/visudo.c:699
+#, c-format
+msgid "%s and %s not on the same file system, using mv to rename"
+msgstr "%s et %s ne sont pas dans le même système de fichiers, tentative de renommage à l'aide de la commande mv"
+
+#: plugins/sudoers/visudo.c:713
+#, c-format
+msgid "command failed: '%s %s %s', %s unchanged"
+msgstr "la commande a échoué : « %s  %s %s », %s n'a pas été modifié"
+
+#: plugins/sudoers/visudo.c:723
+#, c-format
+msgid "error renaming %s, %s unchanged"
+msgstr "erreur lors du renommage de %s, %s n'a pas été modifié"
+
+#: plugins/sudoers/visudo.c:785
+msgid "What now? "
+msgstr "Et maintenant ?"
+
+#: plugins/sudoers/visudo.c:799
+msgid ""
+"Options are:\n"
+"  (e)dit sudoers file again\n"
+"  e(x)it without saving changes to sudoers file\n"
+"  (Q)uit and save changes to sudoers file (DANGER!)\n"
+msgstr ""
+"Les options sont :\n"
+"  (e)dition du fichier sudoers (de nouveau)\n"
+"  e(x)it sans sauvegarde des modifications apportées au fichier sudoers\n"
+"  (Q)uitter et sauvegarder les modifications apportées au fichier sudoers (DANGER!)\n"
+
+#: plugins/sudoers/visudo.c:847
+#, c-format
+msgid "unable to run %s"
+msgstr "lancement de %s impossible"
+
+#: plugins/sudoers/visudo.c:877
+#, c-format
+msgid "%s: wrong owner (uid, gid) should be (%u, %u)\n"
+msgstr "%s : mauvais utilisateur (uid, gid), celui-ci devrait être (%u,%u)\n"
+
+#: plugins/sudoers/visudo.c:884
+#, c-format
+msgid "%s: bad permissions, should be mode 0%o\n"
+msgstr "%s : mauvais droits d'utilisation, le mode devrait être 0%o\n"
+
+#: plugins/sudoers/visudo.c:909 plugins/sudoers/visudo_json.c:1032
+#, c-format
+msgid "failed to parse %s file, unknown error"
+msgstr "échec lors de l'analyse grammaticale de %s, erreur inconnue"
+
+#: plugins/sudoers/visudo.c:925 plugins/sudoers/visudo_json.c:1041
+#, c-format
+msgid "parse error in %s near line %d\n"
+msgstr "erreur lors de l'analyse grammaticale de %s au environs de la ligne %d\n"
+
+#: plugins/sudoers/visudo.c:928 plugins/sudoers/visudo_json.c:1044
+#, c-format
+msgid "parse error in %s\n"
+msgstr "erreur lors de l'analyse grammaticale de %s\n"
+
+#: plugins/sudoers/visudo.c:936 plugins/sudoers/visudo.c:943
+#, c-format
+msgid "%s: parsed OK\n"
+msgstr "%s : analyse grammaticale réussie\n"
+
+#: plugins/sudoers/visudo.c:990
+#, c-format
+msgid "%s busy, try again later"
+msgstr "%s n'est pas disponible, réessayez plus tard"
+
+#: plugins/sudoers/visudo.c:1086
+#, c-format
+msgid "Error: cycle in %s `%s'"
+msgstr "Erreur : boucle dans %s « %s »"
+
+#: plugins/sudoers/visudo.c:1087
+#, c-format
+msgid "Warning: cycle in %s `%s'"
+msgstr "Attention : boucle dans %s « %s »"
+
+#: plugins/sudoers/visudo.c:1091
+#, c-format
+msgid "Error: %s `%s' referenced but not defined"
+msgstr "Erreur : il est fait mention de %s « %s » alors qu'il n'a pas été défini"
+
+#: plugins/sudoers/visudo.c:1092
+#, c-format
+msgid "Warning: %s `%s' referenced but not defined"
+msgstr "Attention : il est fait mention de %s « %s » alors qu'il n'a pas été défini"
+
+#: plugins/sudoers/visudo.c:1235
+#, c-format
+msgid "Warning: unused %s `%s'"
+msgstr "Attention : %s « %s » n'est pas utilisé"
+
+#: plugins/sudoers/visudo.c:1348
+#, c-format
+msgid ""
+"%s - safely edit the sudoers file\n"
+"\n"
+msgstr ""
+"%s - édite le fichier sudoers\n"
+"\n"
+
+#: plugins/sudoers/visudo.c:1350
+msgid ""
+"\n"
+"Options:\n"
+"  -c, --check              check-only mode\n"
+"  -f, --file=sudoers       specify sudoers file location\n"
+"  -h, --help               display help message and exit\n"
+"  -q, --quiet              less verbose (quiet) syntax error messages\n"
+"  -s, --strict             strict syntax checking\n"
+"  -V, --version            display version information and exit\n"
+"  -x, --export=output_file write sudoers in JSON format to output_file"
+msgstr ""
+"\n"
+"Options :\n"
+"  -c, --check          mode validation\n"
+"  -f, --file==fichier précise l'emplacement du fichier sudoers\n"
+"  -h, --help          affiche le message d'aide, puis met fin à l'exécution\n"
+"  -q, --quiet          nombre de messages d'erreur de syntaxe réduit (mode silencieux)\n"
+"  -s, --strict          validation stricte de la syntaxe\n"
+"  -V, --version          affiche la version, puis met fin à l'exécution -x, --export=fichier_sortie affiche sudoers au format JSON dans le fichier fichier_sortie"
+
+#: plugins/sudoers/visudo_json.c:1018
+#, c-format
+msgid "%s: input and output files must be different"
+msgstr "%s : les fichiers d'entrée et de sortie doivent être différents"
+
+#: toke.l:918
+msgid "too many levels of includes"
+msgstr "nombre de niveaux d'inclusions trop élevé"
+
+#~ msgid "timestamp path too long: %s/%s"
+#~ msgstr "Chemin d'accès au fichier d'horodatage trop long : %s/%s"
+
+#~ msgid "unable to stat editor (%s)"
+#~ msgstr "impossible d'obtenir les stats de l'éditeur (%s)"
+
+#~ msgid "Password:"
+#~ msgstr "Mot de passe :"
+
+#~ msgid "sudo_ldap_conf_add_ports: out of space expanding hostbuf"
+#~ msgstr "sudo_ldap_conf_add_ports : espace insuffisant pour étendre hostbuf"
+
+#~ msgid "sudo_ldap_parse_uri: out of space building hostbuf"
+#~ msgstr "sudo_ldap_parse_uri :espace insuffisant pour créer hostbuf"
+
+#~ msgid "sudo_ldap_build_pass1 allocation mismatch"
+#~ msgstr "sudo_ldap_build_pass1 : erreur d'allocation"
+
+#~ msgid "unable to setup authentication"
+#~ msgstr "configuration de l'authentification impossible"
+
+#~ msgid "invalid uri: %s"
+#~ msgstr "uri invalide : %s"
+
+#~ msgid "unable to mix ldaps and starttls"
+#~ msgstr "fusion ldaps et starttls impossible"
+
+#~ msgid "internal error: insufficient space for log line"
+#~ msgstr "erreur interne : espace insuffisant pour la ligne de journalisation"
+
+#~ msgid "value out of range"
+#~ msgstr "valeur hors de limites "
+
+#~ msgid "writing to standard output"
+#~ msgstr "écriture vers la sortie standard"
+
+#~ msgid "too many parenthesized expressions, max %d"
+#~ msgstr "le nombre d'expressions entre parenthèses est trop élevé, le maximum autorisé est %d"
+
+#~ msgid "%s owned by uid %u, should be uid %u"
+#~ msgstr "%s appartient à l'utilisateur identifié par %u, alors qu'il devrait appartenir à l'utilisateur identifié par %u"
+
+#~ msgid "%s writable by non-owner (0%o), should be mode 0700"
+#~ msgstr "%s peut être modifié par d'autres utilisateur que son propriétaire (0%o), le mode des privilèges devrait être 0700"
+
+#~ msgid "%s exists but is not a regular file (0%o)"
+#~ msgstr "%s existe mais n'est pas un fichier ordinaire (0%o)"
+
+#~ msgid "%s writable by non-owner (0%o), should be mode 0600"
+#~ msgstr "%s peut être modifié par d'autres utilisateurs que son propriétaire (0%o), le mode des privilèges devrait être 0600"
+
+#~ msgid "unable to remove %s, will reset to the epoch"
+#~ msgstr "suppression de %s impossible, l'horodatage sera réinitialisé à la date courante"
+
+#~ msgid "unable to reset %s to the epoch"
+#~ msgstr "impossible de réinitialiser %s à la date courante"
+
+#~ msgid "fill_args: buffer overflow"
+#~ msgstr "fill_args : débordement du tampon"
+
+#~ msgid "%s: unused %s_Alias %s"
+#~ msgstr "%s : %s_Alias %s n'est pas utilisé"
+
+#~ msgid ">>> %s: %s near line %d <<<"
+#~ msgstr ">>> %s : %s aux environs de la ligne %d <<<"
+
+#~ msgid "pam_chauthtok: %s"
+#~ msgstr "pam_chauthtok : %s"
+
+#~ msgid "pam_authenticate: %s"
+#~ msgstr "pam_authenticate : %s"
+
+#~ msgid "getaudit: failed"
+#~ msgstr "getaudit : échec"
+
+#~ msgid "getauid failed"
+#~ msgstr "échec de getauid"
+
+#~ msgid "au_open: failed"
+#~ msgstr "au_open : échec"
+
+#~ msgid "au_to_subject: failed"
+#~ msgstr "au_to_subject : échec"
+
+#~ msgid "au_to_exec_args: failed"
+#~ msgstr "au_to_exec_args : échec"
+
+#~ msgid "au_to_return32: failed"
+#~ msgstr "au_to_return32 : échec"
+
+#~ msgid "getauid: failed"
+#~ msgstr "getauid : échec"
+
+#~ msgid "au_to_text: failed"
+#~ msgstr "au_to_text : échec"
+
+#~ msgid "unable to set locale to \"%s\", using \"C\""
+#~ msgstr "impossible d'initialiser la localisation à « %s », initialisation à « C »"
+
+#~ msgid ""
+#~ "    Commands:\n"
+#~ "\t"
+#~ msgstr ""
+#~ "    Commandes :\n"
+#~ "\t"
+
+#~ msgid ": "
+#~ msgstr " : "
+
+#~ msgid "unable to cache uid %u (%s), already exists"
+#~ msgstr "impossible d'enregistrer l'uid %u (%s) dans le cache, l'entrée existe déjà"
+
+#~ msgid "unable to cache gid %u (%s), already exists"
+#~ msgstr "impossible d'enregistrer le gid %u (%s) dans le cache, l'entrée existe déjà"
+
+#~ msgid "Unable to dlopen %s: %s"
+#~ msgstr "impossible d'appliquer dlopen à %s : %s"
+
+#~ msgid "unable to execute %s: %s"
+#~ msgstr "impossible d'exécuter %s : %s"
+
+#~ msgid "nanosleep: tv_sec %ld, tv_nsec %ld"
+#~ msgstr "nanosleep : tv_sec %ld, tv_nsec %ld"
+
+#~ msgid "invalid regex: %s"
+#~ msgstr "Expression régulière invalide : %s"
diff --git a/plugins/sudoers/po/fur.mo b/plugins/sudoers/po/fur.mo
new file mode 100644
index 0000000..5beaa90
--- /dev/null
+++ b/plugins/sudoers/po/fur.mo
diff --git a/plugins/sudoers/po/fur.po b/plugins/sudoers/po/fur.po
new file mode 100644
index 0000000..4423803
--- /dev/null
+++ b/plugins/sudoers/po/fur.po
@@ -0,0 +1,2119 @@
+# Friulian translations for sudoers package
+# This file is put in the public domain.
+# Fabio Tomat <f.t.public@gmail.com>, 2017
+#
+msgid ""
+msgstr ""
+"Project-Id-Version: sudoers-1.8.22b2\n"
+"Report-Msgid-Bugs-To: https://bugzilla.sudo.ws\n"
+"POT-Creation-Date: 2017-12-18 10:37-0700\n"
+"PO-Revision-Date: 2017-12-24 14:18+0100\n"
+"Last-Translator: Fabio Tomat <f.t.public@gmail.com>\n"
+"Language-Team: Friulian <f.t.public@gmail.com>\n"
+"Language: fur\n"
+"MIME-Version: 1.0\n"
+"Content-Type: text/plain; charset=UTF-8\n"
+"Content-Transfer-Encoding: 8bit\n"
+"X-Bugs: Report translation errors to the Language-Team address.\n"
+"Plural-Forms: nplurals=2; plural=(n != 1);\n"
+"X-Generator: Poedit 2.0.3\n"
+
+#: confstr.sh:1
+msgid "syntax error"
+msgstr "erôr di sintassi"
+
+#: confstr.sh:2
+msgid "%p's password: "
+msgstr "Password di %p: "
+
+#: confstr.sh:3
+msgid "[sudo] password for %p: "
+msgstr "[sudo] password par %p: "
+
+#: confstr.sh:4
+msgid "Password: "
+msgstr "Password: "
+
+#: confstr.sh:5
+msgid "*** SECURITY information for %h ***"
+msgstr "*** informazions di SIGURECE par %h ***"
+
+#: confstr.sh:6
+msgid "Sorry, try again."
+msgstr "Torne prove."
+
+#: gram.y:192 gram.y:240 gram.y:247 gram.y:254 gram.y:261 gram.y:268
+#: gram.y:284 gram.y:307 gram.y:314 gram.y:321 gram.y:328 gram.y:335
+#: gram.y:398 gram.y:406 gram.y:416 gram.y:449 gram.y:456 gram.y:463
+#: gram.y:470 gram.y:552 gram.y:559 gram.y:568 gram.y:577 gram.y:594
+#: gram.y:706 gram.y:713 gram.y:720 gram.y:728 gram.y:824 gram.y:831
+#: gram.y:838 gram.y:845 gram.y:852 gram.y:878 gram.y:885 gram.y:892
+#: gram.y:1015 gram.y:1195 gram.y:1202 plugins/sudoers/alias.c:124
+#: plugins/sudoers/alias.c:139 plugins/sudoers/auth/bsdauth.c:141
+#: plugins/sudoers/auth/kerb5.c:119 plugins/sudoers/auth/kerb5.c:145
+#: plugins/sudoers/auth/pam.c:490 plugins/sudoers/auth/rfc1938.c:109
+#: plugins/sudoers/auth/sia.c:59 plugins/sudoers/defaults.c:651
+#: plugins/sudoers/defaults.c:906 plugins/sudoers/defaults.c:1077
+#: plugins/sudoers/editor.c:64 plugins/sudoers/editor.c:82
+#: plugins/sudoers/editor.c:93 plugins/sudoers/env.c:233
+#: plugins/sudoers/filedigest.c:120 plugins/sudoers/filedigest_gcrypt.c:90
+#: plugins/sudoers/filedigest_openssl.c:111 plugins/sudoers/gc.c:52
+#: plugins/sudoers/group_plugin.c:134 plugins/sudoers/interfaces.c:71
+#: plugins/sudoers/iolog.c:941 plugins/sudoers/iolog_path.c:167
+#: plugins/sudoers/ldap.c:449 plugins/sudoers/ldap.c:480
+#: plugins/sudoers/ldap.c:532 plugins/sudoers/ldap.c:566
+#: plugins/sudoers/ldap.c:980 plugins/sudoers/ldap.c:1174
+#: plugins/sudoers/ldap.c:1185 plugins/sudoers/ldap.c:1201
+#: plugins/sudoers/ldap.c:1493 plugins/sudoers/ldap.c:1653
+#: plugins/sudoers/ldap.c:1735 plugins/sudoers/ldap.c:1883
+#: plugins/sudoers/ldap.c:1907 plugins/sudoers/ldap.c:1996
+#: plugins/sudoers/ldap.c:2011 plugins/sudoers/ldap.c:2107
+#: plugins/sudoers/ldap.c:2140 plugins/sudoers/ldap.c:2221
+#: plugins/sudoers/ldap.c:2303 plugins/sudoers/ldap.c:2400
+#: plugins/sudoers/ldap.c:3235 plugins/sudoers/ldap.c:3267
+#: plugins/sudoers/ldap.c:3579 plugins/sudoers/ldap.c:3607
+#: plugins/sudoers/ldap.c:3623 plugins/sudoers/ldap.c:3713
+#: plugins/sudoers/ldap.c:3729 plugins/sudoers/linux_audit.c:76
+#: plugins/sudoers/logging.c:190 plugins/sudoers/logging.c:501
+#: plugins/sudoers/logging.c:522 plugins/sudoers/logging.c:563
+#: plugins/sudoers/logging.c:740 plugins/sudoers/logging.c:998
+#: plugins/sudoers/match.c:617 plugins/sudoers/match.c:664
+#: plugins/sudoers/match.c:714 plugins/sudoers/match.c:738
+#: plugins/sudoers/match.c:826 plugins/sudoers/match.c:915
+#: plugins/sudoers/parse.c:252 plugins/sudoers/parse.c:264
+#: plugins/sudoers/parse.c:279 plugins/sudoers/parse.c:291
+#: plugins/sudoers/policy.c:498 plugins/sudoers/policy.c:735
+#: plugins/sudoers/prompt.c:93 plugins/sudoers/pwutil.c:165
+#: plugins/sudoers/pwutil.c:236 plugins/sudoers/pwutil.c:312
+#: plugins/sudoers/pwutil.c:486 plugins/sudoers/pwutil.c:551
+#: plugins/sudoers/pwutil.c:620 plugins/sudoers/pwutil.c:778
+#: plugins/sudoers/pwutil.c:835 plugins/sudoers/pwutil.c:880
+#: plugins/sudoers/pwutil.c:938 plugins/sudoers/sssd.c:162
+#: plugins/sudoers/sssd.c:194 plugins/sudoers/sssd.c:237
+#: plugins/sudoers/sssd.c:244 plugins/sudoers/sssd.c:280
+#: plugins/sudoers/sssd.c:353 plugins/sudoers/sssd.c:392
+#: plugins/sudoers/sssd.c:1073 plugins/sudoers/sssd.c:1252
+#: plugins/sudoers/sssd.c:1266 plugins/sudoers/sssd.c:1282
+#: plugins/sudoers/sudoers.c:263 plugins/sudoers/sudoers.c:273
+#: plugins/sudoers/sudoers.c:281 plugins/sudoers/sudoers.c:365
+#: plugins/sudoers/sudoers.c:682 plugins/sudoers/sudoers.c:807
+#: plugins/sudoers/sudoers.c:851 plugins/sudoers/sudoers.c:1123
+#: plugins/sudoers/sudoers_debug.c:107 plugins/sudoers/sudoreplay.c:1254
+#: plugins/sudoers/sudoreplay.c:1366 plugins/sudoers/sudoreplay.c:1406
+#: plugins/sudoers/sudoreplay.c:1415 plugins/sudoers/sudoreplay.c:1425
+#: plugins/sudoers/sudoreplay.c:1433 plugins/sudoers/sudoreplay.c:1437
+#: plugins/sudoers/sudoreplay.c:1593 plugins/sudoers/sudoreplay.c:1597
+#: plugins/sudoers/testsudoers.c:131 plugins/sudoers/testsudoers.c:217
+#: plugins/sudoers/testsudoers.c:234 plugins/sudoers/timestamp.c:397
+#: plugins/sudoers/timestamp.c:441 plugins/sudoers/timestamp.c:868
+#: plugins/sudoers/toke_util.c:56 plugins/sudoers/toke_util.c:109
+#: plugins/sudoers/toke_util.c:146 plugins/sudoers/visudo.c:153
+#: plugins/sudoers/visudo.c:309 plugins/sudoers/visudo.c:315
+#: plugins/sudoers/visudo.c:446 plugins/sudoers/visudo.c:624
+#: plugins/sudoers/visudo.c:985 plugins/sudoers/visudo.c:1051
+#: plugins/sudoers/visudo.c:1095 plugins/sudoers/visudo.c:1197
+#: plugins/sudoers/visudo_json.c:1025 toke.l:849 toke.l:949 toke.l:1106
+msgid "unable to allocate memory"
+msgstr "impussibil assegnâ memorie"
+
+#: gram.y:481
+msgid "a digest requires a path name"
+msgstr "un digest al domande un non di percors"
+
+#: gram.y:607
+msgid "invalid notbefore value"
+msgstr ""
+
+#: gram.y:615
+msgid "invalid notafter value"
+msgstr ""
+
+#: gram.y:624 plugins/sudoers/policy.c:314
+msgid "timeout value too large"
+msgstr "valôr di timeout masse larc"
+
+#: gram.y:626 plugins/sudoers/policy.c:316
+msgid "invalid timeout value"
+msgstr "valôr di timeout no valit"
+
+#: gram.y:1195 gram.y:1202 plugins/sudoers/auth/pam.c:320
+#: plugins/sudoers/auth/pam.c:490 plugins/sudoers/auth/rfc1938.c:109
+#: plugins/sudoers/defaults.c:651 plugins/sudoers/defaults.c:906
+#: plugins/sudoers/defaults.c:1077 plugins/sudoers/editor.c:64
+#: plugins/sudoers/editor.c:82 plugins/sudoers/editor.c:93
+#: plugins/sudoers/env.c:233 plugins/sudoers/filedigest.c:120
+#: plugins/sudoers/filedigest_gcrypt.c:72
+#: plugins/sudoers/filedigest_gcrypt.c:90
+#: plugins/sudoers/filedigest_openssl.c:111 plugins/sudoers/gc.c:52
+#: plugins/sudoers/group_plugin.c:134 plugins/sudoers/interfaces.c:71
+#: plugins/sudoers/iolog.c:941 plugins/sudoers/iolog_path.c:167
+#: plugins/sudoers/ldap.c:449 plugins/sudoers/ldap.c:480
+#: plugins/sudoers/ldap.c:532 plugins/sudoers/ldap.c:566
+#: plugins/sudoers/ldap.c:980 plugins/sudoers/ldap.c:1174
+#: plugins/sudoers/ldap.c:1185 plugins/sudoers/ldap.c:1201
+#: plugins/sudoers/ldap.c:1493 plugins/sudoers/ldap.c:1653
+#: plugins/sudoers/ldap.c:1735 plugins/sudoers/ldap.c:1883
+#: plugins/sudoers/ldap.c:1907 plugins/sudoers/ldap.c:1996
+#: plugins/sudoers/ldap.c:2011 plugins/sudoers/ldap.c:2107
+#: plugins/sudoers/ldap.c:2140 plugins/sudoers/ldap.c:2220
+#: plugins/sudoers/ldap.c:2303 plugins/sudoers/ldap.c:2400
+#: plugins/sudoers/ldap.c:3235 plugins/sudoers/ldap.c:3267
+#: plugins/sudoers/ldap.c:3579 plugins/sudoers/ldap.c:3606
+#: plugins/sudoers/ldap.c:3622 plugins/sudoers/ldap.c:3713
+#: plugins/sudoers/ldap.c:3729 plugins/sudoers/linux_audit.c:76
+#: plugins/sudoers/logging.c:190 plugins/sudoers/logging.c:501
+#: plugins/sudoers/logging.c:522 plugins/sudoers/logging.c:562
+#: plugins/sudoers/logging.c:998 plugins/sudoers/match.c:616
+#: plugins/sudoers/match.c:663 plugins/sudoers/match.c:714
+#: plugins/sudoers/match.c:738 plugins/sudoers/match.c:826
+#: plugins/sudoers/match.c:914 plugins/sudoers/parse.c:252
+#: plugins/sudoers/parse.c:264 plugins/sudoers/parse.c:279
+#: plugins/sudoers/parse.c:291 plugins/sudoers/policy.c:128
+#: plugins/sudoers/policy.c:137 plugins/sudoers/policy.c:146
+#: plugins/sudoers/policy.c:172 plugins/sudoers/policy.c:299
+#: plugins/sudoers/policy.c:314 plugins/sudoers/policy.c:316
+#: plugins/sudoers/policy.c:342 plugins/sudoers/policy.c:352
+#: plugins/sudoers/policy.c:396 plugins/sudoers/policy.c:406
+#: plugins/sudoers/policy.c:415 plugins/sudoers/policy.c:424
+#: plugins/sudoers/policy.c:498 plugins/sudoers/policy.c:735
+#: plugins/sudoers/prompt.c:93 plugins/sudoers/pwutil.c:165
+#: plugins/sudoers/pwutil.c:236 plugins/sudoers/pwutil.c:312
+#: plugins/sudoers/pwutil.c:486 plugins/sudoers/pwutil.c:551
+#: plugins/sudoers/pwutil.c:620 plugins/sudoers/pwutil.c:778
+#: plugins/sudoers/pwutil.c:835 plugins/sudoers/pwutil.c:880
+#: plugins/sudoers/pwutil.c:938 plugins/sudoers/set_perms.c:387
+#: plugins/sudoers/set_perms.c:766 plugins/sudoers/set_perms.c:1150
+#: plugins/sudoers/set_perms.c:1476 plugins/sudoers/set_perms.c:1641
+#: plugins/sudoers/sssd.c:162 plugins/sudoers/sssd.c:194
+#: plugins/sudoers/sssd.c:237 plugins/sudoers/sssd.c:244
+#: plugins/sudoers/sssd.c:280 plugins/sudoers/sssd.c:352
+#: plugins/sudoers/sssd.c:392 plugins/sudoers/sssd.c:1073
+#: plugins/sudoers/sssd.c:1251 plugins/sudoers/sssd.c:1266
+#: plugins/sudoers/sssd.c:1282 plugins/sudoers/sudoers.c:263
+#: plugins/sudoers/sudoers.c:273 plugins/sudoers/sudoers.c:281
+#: plugins/sudoers/sudoers.c:365 plugins/sudoers/sudoers.c:682
+#: plugins/sudoers/sudoers.c:807 plugins/sudoers/sudoers.c:851
+#: plugins/sudoers/sudoers.c:1123 plugins/sudoers/sudoers_debug.c:106
+#: plugins/sudoers/sudoreplay.c:1254 plugins/sudoers/sudoreplay.c:1366
+#: plugins/sudoers/sudoreplay.c:1406 plugins/sudoers/sudoreplay.c:1415
+#: plugins/sudoers/sudoreplay.c:1425 plugins/sudoers/sudoreplay.c:1433
+#: plugins/sudoers/sudoreplay.c:1437 plugins/sudoers/sudoreplay.c:1593
+#: plugins/sudoers/sudoreplay.c:1597 plugins/sudoers/testsudoers.c:131
+#: plugins/sudoers/testsudoers.c:217 plugins/sudoers/testsudoers.c:234
+#: plugins/sudoers/timestamp.c:397 plugins/sudoers/timestamp.c:441
+#: plugins/sudoers/timestamp.c:868 plugins/sudoers/toke_util.c:56
+#: plugins/sudoers/toke_util.c:109 plugins/sudoers/toke_util.c:146
+#: plugins/sudoers/visudo.c:153 plugins/sudoers/visudo.c:309
+#: plugins/sudoers/visudo.c:315 plugins/sudoers/visudo.c:446
+#: plugins/sudoers/visudo.c:624 plugins/sudoers/visudo.c:985
+#: plugins/sudoers/visudo.c:1051 plugins/sudoers/visudo.c:1095
+#: plugins/sudoers/visudo.c:1197 plugins/sudoers/visudo_json.c:1025 toke.l:849
+#: toke.l:949 toke.l:1106
+#, c-format
+msgid "%s: %s"
+msgstr "%s: %s"
+
+#: plugins/sudoers/alias.c:135
+#, c-format
+msgid "Alias \"%s\" already defined"
+msgstr ""
+
+#: plugins/sudoers/auth/bsdauth.c:68
+#, c-format
+msgid "unable to get login class for user %s"
+msgstr "impussibil otignî la classe di login pal utent %s"
+
+#: plugins/sudoers/auth/bsdauth.c:73
+msgid "unable to begin bsd authentication"
+msgstr "impussibil tacâ la autenticazion bsd"
+
+#: plugins/sudoers/auth/bsdauth.c:81
+msgid "invalid authentication type"
+msgstr "gjenar di autenticazion no valit"
+
+#: plugins/sudoers/auth/bsdauth.c:90
+msgid "unable to initialize BSD authentication"
+msgstr "impussibil inizializâ la autenticazion BSD"
+
+#: plugins/sudoers/auth/fwtk.c:52
+msgid "unable to read fwtk config"
+msgstr ""
+
+#: plugins/sudoers/auth/fwtk.c:57
+msgid "unable to connect to authentication server"
+msgstr "impussibil conetisi al servidôr di autenticazion"
+
+#: plugins/sudoers/auth/fwtk.c:63 plugins/sudoers/auth/fwtk.c:87
+#: plugins/sudoers/auth/fwtk.c:121
+msgid "lost connection to authentication server"
+msgstr "conession pierdude al servidôr di autenticazion"
+
+#: plugins/sudoers/auth/fwtk.c:67
+#, c-format
+msgid ""
+"authentication server error:\n"
+"%s"
+msgstr ""
+"erôr dal servidôr di autenticazion:\n"
+"%s"
+
+#: plugins/sudoers/auth/kerb5.c:111
+#, c-format
+msgid "%s: unable to convert principal to string ('%s'): %s"
+msgstr ""
+
+#: plugins/sudoers/auth/kerb5.c:161
+#, c-format
+msgid "%s: unable to parse '%s': %s"
+msgstr "%s: impussibil analizâ '%s': %s"
+
+#: plugins/sudoers/auth/kerb5.c:170
+#, c-format
+msgid "%s: unable to resolve credential cache: %s"
+msgstr ""
+
+#: plugins/sudoers/auth/kerb5.c:217
+#, c-format
+msgid "%s: unable to allocate options: %s"
+msgstr "%s: impussibil assegnâ opzions: %s"
+
+#: plugins/sudoers/auth/kerb5.c:232
+#, c-format
+msgid "%s: unable to get credentials: %s"
+msgstr "%s: impussibil otignî credenziâls: %s"
+
+#: plugins/sudoers/auth/kerb5.c:245
+#, c-format
+msgid "%s: unable to initialize credential cache: %s"
+msgstr ""
+
+#: plugins/sudoers/auth/kerb5.c:248
+#, c-format
+msgid "%s: unable to store credential in cache: %s"
+msgstr "%s: impussibil archiviâ la credenziâl te cache: %s"
+
+#: plugins/sudoers/auth/kerb5.c:312
+#, c-format
+msgid "%s: unable to get host principal: %s"
+msgstr ""
+
+#: plugins/sudoers/auth/kerb5.c:326
+#, c-format
+msgid "%s: Cannot verify TGT! Possible attack!: %s"
+msgstr "%s: Impussibil verificâ TGT! Pussibil atac in vore!: %s"
+
+#: plugins/sudoers/auth/pam.c:108
+msgid "unable to initialize PAM"
+msgstr "impussibil inizializâ PAM"
+
+#: plugins/sudoers/auth/pam.c:194
+msgid "account validation failure, is your account locked?"
+msgstr "validazion account falide, isal blocât?"
+
+#: plugins/sudoers/auth/pam.c:198
+msgid "Account or password is expired, reset your password and try again"
+msgstr "Acount o password scjadude, ristabilìs la password e torne prove"
+
+#: plugins/sudoers/auth/pam.c:206
+#, c-format
+msgid "unable to change expired password: %s"
+msgstr "impussibil cambiâ la password scjadude: %s"
+
+#: plugins/sudoers/auth/pam.c:211
+msgid "Password expired, contact your system administrator"
+msgstr "Password scjadude, contatâ l'aministradôr di sisteme"
+
+#: plugins/sudoers/auth/pam.c:215
+msgid "Account expired or PAM config lacks an \"account\" section for sudo, contact your system administrator"
+msgstr ""
+
+#: plugins/sudoers/auth/pam.c:229
+#, c-format
+msgid "PAM authentication error: %s"
+msgstr "Erôr di autenticazion PAM: %s"
+
+#: plugins/sudoers/auth/rfc1938.c:97 plugins/sudoers/visudo.c:227
+#, c-format
+msgid "you do not exist in the %s database"
+msgstr "no tu esistis te base di dâts %s"
+
+#: plugins/sudoers/auth/securid5.c:73
+msgid "failed to initialise the ACE API library"
+msgstr "no si è rivâts a inizializâ la librarie API ACE"
+
+#: plugins/sudoers/auth/securid5.c:99
+msgid "unable to contact the SecurID server"
+msgstr "impussibil contatâ il servidôr SecurID"
+
+#: plugins/sudoers/auth/securid5.c:108
+msgid "User ID locked for SecurID Authentication"
+msgstr "ID utent blocât pe autenticazion SecurID"
+
+#: plugins/sudoers/auth/securid5.c:112 plugins/sudoers/auth/securid5.c:163
+msgid "invalid username length for SecurID"
+msgstr "lungjece dal non utent no valide par SecurID"
+
+#: plugins/sudoers/auth/securid5.c:116 plugins/sudoers/auth/securid5.c:168
+msgid "invalid Authentication Handle for SecurID"
+msgstr ""
+
+#: plugins/sudoers/auth/securid5.c:120
+msgid "SecurID communication failed"
+msgstr "Comunicazion SecurID falide"
+
+#: plugins/sudoers/auth/securid5.c:124 plugins/sudoers/auth/securid5.c:213
+msgid "unknown SecurID error"
+msgstr "erôr SecurID no cognossût"
+
+#: plugins/sudoers/auth/securid5.c:158
+msgid "invalid passcode length for SecurID"
+msgstr "lungjece dal passcode no valide par SecurID"
+
+#: plugins/sudoers/auth/sia.c:69 plugins/sudoers/auth/sia.c:125
+msgid "unable to initialize SIA session"
+msgstr "impussibil inizializâ la session SIA"
+
+#: plugins/sudoers/auth/sudo_auth.c:126
+msgid "invalid authentication methods"
+msgstr "metodis di autenticazion no valits"
+
+#: plugins/sudoers/auth/sudo_auth.c:128
+msgid "Invalid authentication methods compiled into sudo!  You may not mix standalone and non-standalone authentication."
+msgstr ""
+
+#: plugins/sudoers/auth/sudo_auth.c:224 plugins/sudoers/auth/sudo_auth.c:274
+msgid "no authentication methods"
+msgstr "nissun metodi di autenticazion"
+
+#: plugins/sudoers/auth/sudo_auth.c:226
+msgid "There are no authentication methods compiled into sudo!  If you want to turn off authentication, use the --disable-authentication configure option."
+msgstr ""
+
+#: plugins/sudoers/auth/sudo_auth.c:276
+msgid "Unable to initialize authentication methods."
+msgstr "Impussibil inizializâ i metodis di autenticazion."
+
+#: plugins/sudoers/auth/sudo_auth.c:441
+msgid "Authentication methods:"
+msgstr "Metodis di autenticazion:"
+
+#: plugins/sudoers/bsm_audit.c:120 plugins/sudoers/bsm_audit.c:211
+msgid "Could not determine audit condition"
+msgstr ""
+
+#: plugins/sudoers/bsm_audit.c:183 plugins/sudoers/bsm_audit.c:273
+msgid "unable to commit audit record"
+msgstr ""
+
+#: plugins/sudoers/check.c:259
+msgid ""
+"\n"
+"We trust you have received the usual lecture from the local System\n"
+"Administrator. It usually boils down to these three things:\n"
+"\n"
+"    #1) Respect the privacy of others.\n"
+"    #2) Think before you type.\n"
+"    #3) With great power comes great responsibility.\n"
+"\n"
+msgstr ""
+
+#: plugins/sudoers/check.c:302 plugins/sudoers/check.c:312
+#: plugins/sudoers/sudoers.c:725 plugins/sudoers/sudoers.c:770
+#, c-format
+msgid "unknown uid: %u"
+msgstr "uid no cognossût: %u"
+
+#: plugins/sudoers/check.c:307 plugins/sudoers/iolog.c:260
+#: plugins/sudoers/policy.c:908 plugins/sudoers/sudoers.c:1162
+#: plugins/sudoers/testsudoers.c:208 plugins/sudoers/testsudoers.c:366
+#, c-format
+msgid "unknown user: %s"
+msgstr "utent no cognossût: %s"
+
+#: plugins/sudoers/def_data.c:41
+#, c-format
+msgid "Syslog facility if syslog is being used for logging: %s"
+msgstr ""
+
+#: plugins/sudoers/def_data.c:45
+#, c-format
+msgid "Syslog priority to use when user authenticates successfully: %s"
+msgstr ""
+
+#: plugins/sudoers/def_data.c:49
+#, c-format
+msgid "Syslog priority to use when user authenticates unsuccessfully: %s"
+msgstr ""
+
+#: plugins/sudoers/def_data.c:53
+msgid "Put OTP prompt on its own line"
+msgstr ""
+
+#: plugins/sudoers/def_data.c:57
+msgid "Ignore '.' in $PATH"
+msgstr "Ignore '.' in $PATH"
+
+#: plugins/sudoers/def_data.c:61
+msgid "Always send mail when sudo is run"
+msgstr ""
+
+#: plugins/sudoers/def_data.c:65
+msgid "Send mail if user authentication fails"
+msgstr "Invie une mail se la autenticazion dal utent e falìs"
+
+#: plugins/sudoers/def_data.c:69
+msgid "Send mail if the user is not in sudoers"
+msgstr "Invie une mail se l'utent nol è tai sudoers"
+
+#: plugins/sudoers/def_data.c:73
+msgid "Send mail if the user is not in sudoers for this host"
+msgstr "Invie une mail se l'utent nol è tai sudoers par chest host"
+
+#: plugins/sudoers/def_data.c:77
+msgid "Send mail if the user is not allowed to run a command"
+msgstr "Invie une mail se l'utent nol pues eseguî un comant"
+
+#: plugins/sudoers/def_data.c:81
+msgid "Send mail if the user tries to run a command"
+msgstr "Invie une mail se l'utent al cîr di eseguî un comant"
+
+#: plugins/sudoers/def_data.c:85
+msgid "Use a separate timestamp for each user/tty combo"
+msgstr ""
+
+#: plugins/sudoers/def_data.c:89
+msgid "Lecture user the first time they run sudo"
+msgstr ""
+
+#: plugins/sudoers/def_data.c:93
+#, c-format
+msgid "File containing the sudo lecture: %s"
+msgstr ""
+
+#: plugins/sudoers/def_data.c:97
+msgid "Require users to authenticate by default"
+msgstr ""
+
+#: plugins/sudoers/def_data.c:101
+msgid "Root may run sudo"
+msgstr "L'utent root al pues eseguî sudo"
+
+#: plugins/sudoers/def_data.c:105
+msgid "Log the hostname in the (non-syslog) log file"
+msgstr "Regjistre il non host tal file di regjistri (no-syslog)"
+
+#: plugins/sudoers/def_data.c:109
+msgid "Log the year in the (non-syslog) log file"
+msgstr "Regjistre l'an tal file di regjistri (no-syslog)"
+
+#: plugins/sudoers/def_data.c:113
+msgid "If sudo is invoked with no arguments, start a shell"
+msgstr ""
+
+#: plugins/sudoers/def_data.c:117
+msgid "Set $HOME to the target user when starting a shell with -s"
+msgstr ""
+
+#: plugins/sudoers/def_data.c:121
+msgid "Always set $HOME to the target user's home directory"
+msgstr ""
+
+#: plugins/sudoers/def_data.c:125
+msgid "Allow some information gathering to give useful error messages"
+msgstr ""
+
+#: plugins/sudoers/def_data.c:129
+msgid "Require fully-qualified hostnames in the sudoers file"
+msgstr ""
+
+#: plugins/sudoers/def_data.c:133
+msgid "Insult the user when they enter an incorrect password"
+msgstr ""
+
+#: plugins/sudoers/def_data.c:137
+msgid "Only allow the user to run sudo if they have a tty"
+msgstr ""
+
+#: plugins/sudoers/def_data.c:141
+msgid "Visudo will honor the EDITOR environment variable"
+msgstr ""
+
+#: plugins/sudoers/def_data.c:145
+msgid "Prompt for root's password, not the users's"
+msgstr ""
+
+#: plugins/sudoers/def_data.c:149
+msgid "Prompt for the runas_default user's password, not the users's"
+msgstr ""
+
+#: plugins/sudoers/def_data.c:153
+msgid "Prompt for the target user's password, not the users's"
+msgstr ""
+
+#: plugins/sudoers/def_data.c:157
+msgid "Apply defaults in the target user's login class if there is one"
+msgstr ""
+
+#: plugins/sudoers/def_data.c:161
+msgid "Set the LOGNAME and USER environment variables"
+msgstr ""
+
+#: plugins/sudoers/def_data.c:165
+msgid "Only set the effective uid to the target user, not the real uid"
+msgstr ""
+
+#: plugins/sudoers/def_data.c:169
+msgid "Don't initialize the group vector to that of the target user"
+msgstr ""
+
+#: plugins/sudoers/def_data.c:173
+#, c-format
+msgid "Length at which to wrap log file lines (0 for no wrap): %u"
+msgstr ""
+
+#: plugins/sudoers/def_data.c:177
+#, c-format
+msgid "Authentication timestamp timeout: %.1f minutes"
+msgstr ""
+
+#: plugins/sudoers/def_data.c:181
+#, c-format
+msgid "Password prompt timeout: %.1f minutes"
+msgstr ""
+
+#: plugins/sudoers/def_data.c:185
+#, c-format
+msgid "Number of tries to enter a password: %u"
+msgstr ""
+
+#: plugins/sudoers/def_data.c:189
+#, c-format
+msgid "Umask to use or 0777 to use user's: 0%o"
+msgstr ""
+
+#: plugins/sudoers/def_data.c:193
+#, c-format
+msgid "Path to log file: %s"
+msgstr ""
+
+#: plugins/sudoers/def_data.c:197
+#, c-format
+msgid "Path to mail program: %s"
+msgstr ""
+
+#: plugins/sudoers/def_data.c:201
+#, c-format
+msgid "Flags for mail program: %s"
+msgstr ""
+
+#: plugins/sudoers/def_data.c:205
+#, c-format
+msgid "Address to send mail to: %s"
+msgstr ""
+
+#: plugins/sudoers/def_data.c:209
+#, c-format
+msgid "Address to send mail from: %s"
+msgstr ""
+
+#: plugins/sudoers/def_data.c:213
+#, c-format
+msgid "Subject line for mail messages: %s"
+msgstr ""
+
+#: plugins/sudoers/def_data.c:217
+#, c-format
+msgid "Incorrect password message: %s"
+msgstr ""
+
+#: plugins/sudoers/def_data.c:221
+#, c-format
+msgid "Path to lecture status dir: %s"
+msgstr ""
+
+#: plugins/sudoers/def_data.c:225
+#, c-format
+msgid "Path to authentication timestamp dir: %s"
+msgstr ""
+
+#: plugins/sudoers/def_data.c:229
+#, c-format
+msgid "Owner of the authentication timestamp dir: %s"
+msgstr ""
+
+#: plugins/sudoers/def_data.c:233
+#, c-format
+msgid "Users in this group are exempt from password and PATH requirements: %s"
+msgstr ""
+
+#: plugins/sudoers/def_data.c:237
+#, c-format
+msgid "Default password prompt: %s"
+msgstr ""
+
+#: plugins/sudoers/def_data.c:241
+msgid "If set, passprompt will override system prompt in all cases."
+msgstr ""
+
+#: plugins/sudoers/def_data.c:245
+#, c-format
+msgid "Default user to run commands as: %s"
+msgstr ""
+
+#: plugins/sudoers/def_data.c:249
+#, c-format
+msgid "Value to override user's $PATH with: %s"
+msgstr ""
+
+#: plugins/sudoers/def_data.c:253
+#, c-format
+msgid "Path to the editor for use by visudo: %s"
+msgstr ""
+
+#: plugins/sudoers/def_data.c:257
+#, c-format
+msgid "When to require a password for 'list' pseudocommand: %s"
+msgstr ""
+
+#: plugins/sudoers/def_data.c:261
+#, c-format
+msgid "When to require a password for 'verify' pseudocommand: %s"
+msgstr ""
+
+#: plugins/sudoers/def_data.c:265
+msgid "Preload the dummy exec functions contained in the sudo_noexec library"
+msgstr ""
+
+#: plugins/sudoers/def_data.c:269
+msgid "If LDAP directory is up, do we ignore local sudoers file"
+msgstr ""
+
+#: plugins/sudoers/def_data.c:273
+#, c-format
+msgid "File descriptors >= %d will be closed before executing a command"
+msgstr ""
+
+#: plugins/sudoers/def_data.c:277
+msgid "If set, users may override the value of `closefrom' with the -C option"
+msgstr ""
+
+#: plugins/sudoers/def_data.c:281
+msgid "Allow users to set arbitrary environment variables"
+msgstr ""
+
+#: plugins/sudoers/def_data.c:285
+msgid "Reset the environment to a default set of variables"
+msgstr ""
+
+#: plugins/sudoers/def_data.c:289
+msgid "Environment variables to check for sanity:"
+msgstr ""
+
+#: plugins/sudoers/def_data.c:293
+msgid "Environment variables to remove:"
+msgstr ""
+
+#: plugins/sudoers/def_data.c:297
+msgid "Environment variables to preserve:"
+msgstr ""
+
+#: plugins/sudoers/def_data.c:301
+#, c-format
+msgid "SELinux role to use in the new security context: %s"
+msgstr ""
+
+#: plugins/sudoers/def_data.c:305
+#, c-format
+msgid "SELinux type to use in the new security context: %s"
+msgstr ""
+
+#: plugins/sudoers/def_data.c:309
+#, c-format
+msgid "Path to the sudo-specific environment file: %s"
+msgstr ""
+
+#: plugins/sudoers/def_data.c:313
+#, c-format
+msgid "Path to the restricted sudo-specific environment file: %s"
+msgstr ""
+
+#: plugins/sudoers/def_data.c:317
+#, c-format
+msgid "Locale to use while parsing sudoers: %s"
+msgstr ""
+
+#: plugins/sudoers/def_data.c:321
+msgid "Allow sudo to prompt for a password even if it would be visible"
+msgstr ""
+
+#: plugins/sudoers/def_data.c:325
+msgid "Provide visual feedback at the password prompt when there is user input"
+msgstr ""
+
+#: plugins/sudoers/def_data.c:329
+msgid "Use faster globbing that is less accurate but does not access the filesystem"
+msgstr ""
+
+#: plugins/sudoers/def_data.c:333
+msgid "The umask specified in sudoers will override the user's, even if it is more permissive"
+msgstr ""
+
+#: plugins/sudoers/def_data.c:337
+msgid "Log user's input for the command being run"
+msgstr ""
+
+#: plugins/sudoers/def_data.c:341
+msgid "Log the output of the command being run"
+msgstr ""
+
+#: plugins/sudoers/def_data.c:345
+msgid "Compress I/O logs using zlib"
+msgstr ""
+
+#: plugins/sudoers/def_data.c:349
+msgid "Always run commands in a pseudo-tty"
+msgstr ""
+
+#: plugins/sudoers/def_data.c:353
+#, c-format
+msgid "Plugin for non-Unix group support: %s"
+msgstr ""
+
+#: plugins/sudoers/def_data.c:357
+#, c-format
+msgid "Directory in which to store input/output logs: %s"
+msgstr ""
+
+#: plugins/sudoers/def_data.c:361
+#, c-format
+msgid "File in which to store the input/output log: %s"
+msgstr ""
+
+#: plugins/sudoers/def_data.c:365
+msgid "Add an entry to the utmp/utmpx file when allocating a pty"
+msgstr ""
+
+#: plugins/sudoers/def_data.c:369
+msgid "Set the user in utmp to the runas user, not the invoking user"
+msgstr ""
+
+#: plugins/sudoers/def_data.c:373
+#, c-format
+msgid "Set of permitted privileges: %s"
+msgstr ""
+
+#: plugins/sudoers/def_data.c:377
+#, c-format
+msgid "Set of limit privileges: %s"
+msgstr ""
+
+#: plugins/sudoers/def_data.c:381
+msgid "Run commands on a pty in the background"
+msgstr ""
+
+#: plugins/sudoers/def_data.c:385
+#, c-format
+msgid "PAM service name to use: %s"
+msgstr "Non dal servizi PAM di doprâ: %s"
+
+#: plugins/sudoers/def_data.c:389
+#, c-format
+msgid "PAM service name to use for login shells: %s"
+msgstr "Non dal servizi PAM di doprâ pes interfacis di acès: %s"
+
+#: plugins/sudoers/def_data.c:393
+msgid "Attempt to establish PAM credentials for the target user"
+msgstr "Tentatîf di stabilî lis credentziâls PAM pal utent designât"
+
+#: plugins/sudoers/def_data.c:397
+msgid "Create a new PAM session for the command to run in"
+msgstr ""
+
+#: plugins/sudoers/def_data.c:401
+#, c-format
+msgid "Maximum I/O log sequence number: %u"
+msgstr ""
+
+#: plugins/sudoers/def_data.c:405
+msgid "Enable sudoers netgroup support"
+msgstr ""
+
+#: plugins/sudoers/def_data.c:409
+msgid "Check parent directories for writability when editing files with sudoedit"
+msgstr ""
+
+#: plugins/sudoers/def_data.c:413
+msgid "Follow symbolic links when editing files with sudoedit"
+msgstr ""
+
+#: plugins/sudoers/def_data.c:417
+msgid "Query the group plugin for unknown system groups"
+msgstr ""
+
+#: plugins/sudoers/def_data.c:421
+msgid "Match netgroups based on the entire tuple: user, host and domain"
+msgstr ""
+
+#: plugins/sudoers/def_data.c:425
+msgid "Allow commands to be run even if sudo cannot write to the audit log"
+msgstr ""
+
+#: plugins/sudoers/def_data.c:429
+msgid "Allow commands to be run even if sudo cannot write to the I/O log"
+msgstr ""
+
+#: plugins/sudoers/def_data.c:433
+msgid "Allow commands to be run even if sudo cannot write to the log file"
+msgstr ""
+
+#: plugins/sudoers/def_data.c:437
+msgid "Resolve groups in sudoers and match on the group ID, not the name"
+msgstr ""
+
+#: plugins/sudoers/def_data.c:441
+#, c-format
+msgid "Log entries larger than this value will be split into multiple syslog messages: %u"
+msgstr ""
+
+#: plugins/sudoers/def_data.c:445
+#, c-format
+msgid "User that will own the I/O log files: %s"
+msgstr ""
+
+#: plugins/sudoers/def_data.c:449
+#, c-format
+msgid "Group that will own the I/O log files: %s"
+msgstr ""
+
+#: plugins/sudoers/def_data.c:453
+#, c-format
+msgid "File mode to use for the I/O log files: 0%o"
+msgstr ""
+
+#: plugins/sudoers/def_data.c:457
+#, c-format
+msgid "Execute commands by file descriptor instead of by path: %s"
+msgstr ""
+
+#: plugins/sudoers/def_data.c:461
+msgid "Ignore unknown Defaults entries in sudoers instead of producing a warning"
+msgstr ""
+
+#: plugins/sudoers/def_data.c:465
+#, c-format
+msgid "Time in seconds after which the command will be terminated: %u"
+msgstr ""
+
+#: plugins/sudoers/def_data.c:469
+msgid "Allow the user to specify a timeout on the command line"
+msgstr ""
+
+#: plugins/sudoers/def_data.c:473
+msgid "Flush I/O log data to disk immediately instead of buffering it"
+msgstr ""
+
+#: plugins/sudoers/def_data.c:477
+msgid "Include the process ID when logging via syslog"
+msgstr ""
+
+#: plugins/sudoers/def_data.c:481
+#, c-format
+msgid "Type of authentication timestamp record: %s"
+msgstr ""
+
+#: plugins/sudoers/def_data.c:485
+#, fuzzy, c-format
+#| msgid "Authentication methods:"
+msgid "Authentication failure message: %s"
+msgstr "Metodis di autenticazion:"
+
+#: plugins/sudoers/defaults.c:221
+#, c-format
+msgid "%s:%d unknown defaults entry \"%s\""
+msgstr ""
+
+#: plugins/sudoers/defaults.c:224
+#, c-format
+msgid "%s: unknown defaults entry \"%s\""
+msgstr ""
+
+#: plugins/sudoers/defaults.c:267
+#, c-format
+msgid "%s:%d no value specified for \"%s\""
+msgstr ""
+
+#: plugins/sudoers/defaults.c:270
+#, c-format
+msgid "%s: no value specified for \"%s\""
+msgstr ""
+
+#: plugins/sudoers/defaults.c:290
+#, c-format
+msgid "%s:%d values for \"%s\" must start with a '/'"
+msgstr ""
+
+#: plugins/sudoers/defaults.c:293
+#, c-format
+msgid "%s: values for \"%s\" must start with a '/'"
+msgstr ""
+
+#: plugins/sudoers/defaults.c:318
+#, c-format
+msgid "%s:%d option \"%s\" does not take a value"
+msgstr ""
+
+#: plugins/sudoers/defaults.c:321
+#, c-format
+msgid "%s: option \"%s\" does not take a value"
+msgstr ""
+
+#: plugins/sudoers/defaults.c:343
+#, c-format
+msgid "%s:%d invalid Defaults type 0x%x for option \"%s\""
+msgstr ""
+
+#: plugins/sudoers/defaults.c:346
+#, c-format
+msgid "%s: invalid Defaults type 0x%x for option \"%s\""
+msgstr ""
+
+#: plugins/sudoers/defaults.c:356
+#, c-format
+msgid "%s:%d value \"%s\" is invalid for option \"%s\""
+msgstr ""
+
+#: plugins/sudoers/defaults.c:359
+#, c-format
+msgid "%s: value \"%s\" is invalid for option \"%s\""
+msgstr ""
+
+#: plugins/sudoers/env.c:295 plugins/sudoers/env.c:302
+#: plugins/sudoers/env.c:407 plugins/sudoers/ldap.c:453
+#: plugins/sudoers/ldap.c:543 plugins/sudoers/ldap.c:1270
+#: plugins/sudoers/ldap.c:1497 plugins/sudoers/ldap.c:1822
+#: plugins/sudoers/linux_audit.c:82 plugins/sudoers/logging.c:1003
+#: plugins/sudoers/policy.c:619 plugins/sudoers/policy.c:629
+#: plugins/sudoers/prompt.c:161 plugins/sudoers/sudoers.c:873
+#: plugins/sudoers/testsudoers.c:238 plugins/sudoers/toke_util.c:158
+#, c-format
+msgid "internal error, %s overflow"
+msgstr "erôr interni, %s overflow (stranfât)"
+
+#: plugins/sudoers/env.c:376
+msgid "sudo_putenv: corrupted envp, length mismatch"
+msgstr ""
+
+#: plugins/sudoers/env.c:1055
+msgid "unable to rebuild the environment"
+msgstr ""
+
+#: plugins/sudoers/env.c:1129
+#, c-format
+msgid "sorry, you are not allowed to set the following environment variables: %s"
+msgstr ""
+
+#: plugins/sudoers/filedigest.c:104 plugins/sudoers/filedigest_gcrypt.c:66
+#: plugins/sudoers/filedigest_openssl.c:95
+#, c-format
+msgid "unsupported digest type %d for %s"
+msgstr ""
+
+#: plugins/sudoers/filedigest.c:129 plugins/sudoers/filedigest_gcrypt.c:98
+#: plugins/sudoers/filedigest_openssl.c:120
+#, c-format
+msgid "%s: read error"
+msgstr "%s: erôr di leture"
+
+#: plugins/sudoers/group_plugin.c:86
+#, c-format
+msgid "%s must be owned by uid %d"
+msgstr ""
+
+#: plugins/sudoers/group_plugin.c:90
+#, c-format
+msgid "%s must only be writable by owner"
+msgstr ""
+
+#: plugins/sudoers/group_plugin.c:98 plugins/sudoers/sssd.c:400
+#, c-format
+msgid "unable to load %s: %s"
+msgstr "impussibil cjariâ %s: %s"
+
+#: plugins/sudoers/group_plugin.c:104
+#, c-format
+msgid "unable to find symbol \"group_plugin\" in %s"
+msgstr ""
+
+#: plugins/sudoers/group_plugin.c:109
+#, c-format
+msgid "%s: incompatible group plugin major version %d, expected %d"
+msgstr ""
+
+#: plugins/sudoers/interfaces.c:79 plugins/sudoers/interfaces.c:96
+#, c-format
+msgid "unable to parse IP address \"%s\""
+msgstr ""
+
+#: plugins/sudoers/interfaces.c:84 plugins/sudoers/interfaces.c:101
+#, c-format
+msgid "unable to parse netmask \"%s\""
+msgstr ""
+
+#: plugins/sudoers/interfaces.c:129
+msgid "Local IP address and netmask pairs:\n"
+msgstr ""
+
+#: plugins/sudoers/iolog.c:121 plugins/sudoers/mkdir_parents.c:75
+#, c-format
+msgid "%s exists but is not a directory (0%o)"
+msgstr ""
+
+#: plugins/sudoers/iolog.c:146 plugins/sudoers/iolog.c:187
+#: plugins/sudoers/mkdir_parents.c:64 plugins/sudoers/timestamp.c:175
+#, c-format
+msgid "unable to mkdir %s"
+msgstr ""
+
+#: plugins/sudoers/iolog.c:191 plugins/sudoers/visudo.c:740
+#: plugins/sudoers/visudo.c:750
+#, c-format
+msgid "unable to change mode of %s to 0%o"
+msgstr ""
+
+#: plugins/sudoers/iolog.c:299 plugins/sudoers/sudoers.c:1193
+#: plugins/sudoers/testsudoers.c:390
+#, c-format
+msgid "unknown group: %s"
+msgstr ""
+
+#: plugins/sudoers/iolog.c:418 plugins/sudoers/sudoers.c:929
+#: plugins/sudoers/sudoreplay.c:349 plugins/sudoers/sudoreplay.c:1355
+#: plugins/sudoers/sudoreplay.c:1559 plugins/sudoers/timestamp.c:406
+#: plugins/sudoers/visudo.c:972 plugins/sudoers/visudo_json.c:1001
+#: plugins/sudoers/visudo_json.c:1014
+#, c-format
+msgid "unable to open %s"
+msgstr "impussibil vierzi %s"
+
+#: plugins/sudoers/iolog.c:469 plugins/sudoers/sudoers.c:933
+#: plugins/sudoers/sudoreplay.c:857 plugins/sudoers/sudoreplay.c:1670
+#, c-format
+msgid "unable to read %s"
+msgstr "impussibil lei %s"
+
+#: plugins/sudoers/iolog.c:505 plugins/sudoers/sudoreplay.c:1124
+#: plugins/sudoers/timestamp.c:295 plugins/sudoers/timestamp.c:298
+#, c-format
+msgid "unable to write to %s"
+msgstr "impussibil scrivi su %s"
+
+#: plugins/sudoers/iolog.c:584 plugins/sudoers/iolog.c:803
+#, c-format
+msgid "unable to create %s"
+msgstr "impussibil creâ %s"
+
+#: plugins/sudoers/iolog.c:1035 plugins/sudoers/iolog.c:1110
+#: plugins/sudoers/iolog.c:1191
+#, c-format
+msgid "unable to write to I/O log file: %s"
+msgstr "impussibil scrivi sul file di regjistri I/O: %s"
+
+#: plugins/sudoers/iolog.c:1069
+#, c-format
+msgid "%s: internal error, file index %d not open"
+msgstr ""
+
+#: plugins/sudoers/ldap.c:431
+msgid "sudo_ldap_conf_add_ports: port too large"
+msgstr ""
+
+#: plugins/sudoers/ldap.c:491
+#, c-format
+msgid "unsupported LDAP uri type: %s"
+msgstr ""
+
+#: plugins/sudoers/ldap.c:518
+msgid "unable to mix ldap and ldaps URIs"
+msgstr ""
+
+#: plugins/sudoers/ldap.c:522 plugins/sudoers/ldap.c:559
+msgid "starttls not supported when using ldaps"
+msgstr ""
+
+#: plugins/sudoers/ldap.c:630
+#, c-format
+msgid "unable to initialize SSL cert and key db: %s"
+msgstr ""
+
+#: plugins/sudoers/ldap.c:633
+#, c-format
+msgid "you must set TLS_CERT in %s to use SSL"
+msgstr ""
+
+#: plugins/sudoers/ldap.c:1256
+msgid "unable to get GMT time"
+msgstr "impussibil otignî la ore GMT"
+
+#: plugins/sudoers/ldap.c:1262
+msgid "unable to format timestamp"
+msgstr ""
+
+#: plugins/sudoers/ldap.c:1986
+#, c-format
+msgid "%s: %s: %s: %s"
+msgstr ""
+
+#: plugins/sudoers/ldap.c:2559
+#, c-format
+msgid ""
+"\n"
+"LDAP Role: %s\n"
+msgstr ""
+
+#: plugins/sudoers/ldap.c:2561
+#, c-format
+msgid ""
+"\n"
+"LDAP Role: UNKNOWN\n"
+msgstr ""
+
+#: plugins/sudoers/ldap.c:2617
+#, c-format
+msgid "    Order: %s\n"
+msgstr ""
+
+#: plugins/sudoers/ldap.c:2625 plugins/sudoers/parse.c:618
+#: plugins/sudoers/sssd.c:1647
+#, c-format
+msgid "    Commands:\n"
+msgstr "    Comants:\n"
+
+#: plugins/sudoers/ldap.c:3187
+#, c-format
+msgid "unable to initialize LDAP: %s"
+msgstr "impussibil inizializâ LDAP: %s"
+
+#: plugins/sudoers/ldap.c:3223
+msgid "start_tls specified but LDAP libs do not support ldap_start_tls_s() or ldap_start_tls_s_np()"
+msgstr ""
+
+#: plugins/sudoers/ldap.c:3475
+#, c-format
+msgid "invalid sudoOrder attribute: %s"
+msgstr ""
+
+#: plugins/sudoers/linux_audit.c:52
+msgid "unable to open audit system"
+msgstr "impussibil vierzi il sisteme di audit"
+
+#: plugins/sudoers/linux_audit.c:93
+msgid "unable to send audit message"
+msgstr "impussibil inviâ il messaç di audit"
+
+#: plugins/sudoers/logging.c:108
+#, c-format
+msgid "%8s : %s"
+msgstr ""
+
+#: plugins/sudoers/logging.c:136
+#, c-format
+msgid "%8s : (command continued) %s"
+msgstr ""
+
+#: plugins/sudoers/logging.c:165
+#, c-format
+msgid "unable to open log file: %s"
+msgstr "impussibil vierzi il file di regjistri: %s"
+
+#: plugins/sudoers/logging.c:173
+#, c-format
+msgid "unable to lock log file: %s"
+msgstr "impussibil blocâ il file di regjistri: %s"
+
+#: plugins/sudoers/logging.c:206
+#, c-format
+msgid "unable to write log file: %s"
+msgstr "impussibil scrivi il file di regjistri: %s"
+
+#: plugins/sudoers/logging.c:235
+msgid "No user or host"
+msgstr "Nissun utent o host"
+
+#: plugins/sudoers/logging.c:237
+msgid "validation failure"
+msgstr "validazion falide"
+
+#: plugins/sudoers/logging.c:244
+msgid "user NOT in sudoers"
+msgstr "l'utent NOL è in sudoers"
+
+#: plugins/sudoers/logging.c:246
+msgid "user NOT authorized on host"
+msgstr "l'utent NOL è autorizât sul host"
+
+#: plugins/sudoers/logging.c:248
+msgid "command not allowed"
+msgstr "comant no permetût"
+
+#: plugins/sudoers/logging.c:283
+#, c-format
+msgid "%s is not in the sudoers file.  This incident will be reported.\n"
+msgstr "%s nol è tal file sudoers.  Chest incident al vignarà segnalât.\n"
+
+#: plugins/sudoers/logging.c:286
+#, c-format
+msgid "%s is not allowed to run sudo on %s.  This incident will be reported.\n"
+msgstr "%s nol è permetût eseguî sudo su %s.  Chest incident al vignarà segnalât.\n"
+
+#: plugins/sudoers/logging.c:290
+#, c-format
+msgid "Sorry, user %s may not run sudo on %s.\n"
+msgstr "Mi displâs, l'utent %s nol pues eseguî sudo su %s.\n"
+
+#: plugins/sudoers/logging.c:293
+#, c-format
+msgid "Sorry, user %s is not allowed to execute '%s%s%s' as %s%s%s on %s.\n"
+msgstr ""
+
+#: plugins/sudoers/logging.c:330 plugins/sudoers/sudoers.c:473
+#: plugins/sudoers/sudoers.c:475 plugins/sudoers/sudoers.c:477
+#: plugins/sudoers/sudoers.c:479 plugins/sudoers/sudoers.c:1298
+#: plugins/sudoers/sudoers.c:1300
+#, c-format
+msgid "%s: command not found"
+msgstr "%s: comant no cjatât"
+
+#: plugins/sudoers/logging.c:332 plugins/sudoers/sudoers.c:469
+#, c-format
+msgid ""
+"ignoring \"%s\" found in '.'\n"
+"Use \"sudo ./%s\" if this is the \"%s\" you wish to run."
+msgstr ""
+
+#: plugins/sudoers/logging.c:349
+msgid "authentication failure"
+msgstr "autenticazion falide"
+
+#: plugins/sudoers/logging.c:375
+msgid "a password is required"
+msgstr "e covente une password"
+
+#: plugins/sudoers/logging.c:438
+#, c-format
+msgid "%u incorrect password attempt"
+msgid_plural "%u incorrect password attempts"
+msgstr[0] ""
+msgstr[1] ""
+
+#: plugins/sudoers/logging.c:654
+msgid "unable to fork"
+msgstr "impussibil inglovâ (fâ il fork)"
+
+#: plugins/sudoers/logging.c:662 plugins/sudoers/logging.c:714
+#, c-format
+msgid "unable to fork: %m"
+msgstr "impussibil inglovâ (fâ il fork): %m"
+
+#: plugins/sudoers/logging.c:704
+#, c-format
+msgid "unable to open pipe: %m"
+msgstr "impussibil vierzi il condot (pipe): %m"
+
+#: plugins/sudoers/logging.c:729
+#, c-format
+msgid "unable to dup stdin: %m"
+msgstr "impussibil fâ il \"dup\" di \"stdin\": %m"
+
+#: plugins/sudoers/logging.c:767
+#, c-format
+msgid "unable to execute %s: %m"
+msgstr "impussibil eseguî %s: %m"
+
+#: plugins/sudoers/match.c:771
+#, c-format
+msgid "digest for %s (%s) is not in %s form"
+msgstr ""
+
+#: plugins/sudoers/mkdir_parents.c:70 plugins/sudoers/sudoers.c:944
+#: plugins/sudoers/visudo.c:439 plugins/sudoers/visudo.c:734
+#, c-format
+msgid "unable to stat %s"
+msgstr ""
+
+#: plugins/sudoers/parse.c:115
+#, c-format
+msgid "parse error in %s near line %d"
+msgstr ""
+
+#: plugins/sudoers/parse.c:118
+#, c-format
+msgid "parse error in %s"
+msgstr ""
+
+#: plugins/sudoers/parse.c:544
+#, c-format
+msgid ""
+"\n"
+"Sudoers entry:\n"
+msgstr ""
+
+#: plugins/sudoers/parse.c:545
+#, c-format
+msgid "    RunAsUsers: "
+msgstr ""
+
+#: plugins/sudoers/parse.c:559
+#, c-format
+msgid "    RunAsGroups: "
+msgstr ""
+
+#: plugins/sudoers/parse.c:568
+#, c-format
+msgid "    Options: "
+msgstr "    Opzions: "
+
+#: plugins/sudoers/policy.c:84 plugins/sudoers/policy.c:110
+#, c-format
+msgid "invalid %.*s set by sudo front-end"
+msgstr ""
+
+#: plugins/sudoers/policy.c:289 plugins/sudoers/testsudoers.c:261
+msgid "unable to parse network address list"
+msgstr ""
+
+#: plugins/sudoers/policy.c:433
+msgid "user name not set by sudo front-end"
+msgstr ""
+
+#: plugins/sudoers/policy.c:437
+msgid "user ID not set by sudo front-end"
+msgstr ""
+
+#: plugins/sudoers/policy.c:441
+msgid "group ID not set by sudo front-end"
+msgstr ""
+
+#: plugins/sudoers/policy.c:445
+msgid "host name not set by sudo front-end"
+msgstr ""
+
+#: plugins/sudoers/policy.c:793 plugins/sudoers/visudo.c:910
+#, c-format
+msgid "unable to execute %s"
+msgstr "impussibil eseguî %s"
+
+#: plugins/sudoers/policy.c:926
+#, c-format
+msgid "Sudoers policy plugin version %s\n"
+msgstr ""
+
+#: plugins/sudoers/policy.c:928
+#, c-format
+msgid "Sudoers file grammar version %d\n"
+msgstr ""
+
+#: plugins/sudoers/policy.c:932
+#, c-format
+msgid ""
+"\n"
+"Sudoers path: %s\n"
+msgstr ""
+"\n"
+"Percors di sudoers: %s\n"
+
+#: plugins/sudoers/policy.c:935
+#, c-format
+msgid "nsswitch path: %s\n"
+msgstr "percors di nsswitch: %s\n"
+
+#: plugins/sudoers/policy.c:937
+#, c-format
+msgid "ldap.conf path: %s\n"
+msgstr "percors di ldap.conf: %s\n"
+
+#: plugins/sudoers/policy.c:938
+#, c-format
+msgid "ldap.secret path: %s\n"
+msgstr "percors di ldap.secret: %s\n"
+
+#: plugins/sudoers/policy.c:971
+#, c-format
+msgid "unable to register hook of type %d (version %d.%d)"
+msgstr ""
+
+#: plugins/sudoers/pwutil.c:188 plugins/sudoers/pwutil.c:206
+#, c-format
+msgid "unable to cache uid %u, out of memory"
+msgstr ""
+
+#: plugins/sudoers/pwutil.c:200
+#, c-format
+msgid "unable to cache uid %u, already exists"
+msgstr ""
+
+#: plugins/sudoers/pwutil.c:260 plugins/sudoers/pwutil.c:277
+#: plugins/sudoers/pwutil.c:339 plugins/sudoers/pwutil.c:384
+#, c-format
+msgid "unable to cache user %s, out of memory"
+msgstr ""
+
+#: plugins/sudoers/pwutil.c:272
+#, c-format
+msgid "unable to cache user %s, already exists"
+msgstr ""
+
+#: plugins/sudoers/pwutil.c:503 plugins/sudoers/pwutil.c:521
+#, c-format
+msgid "unable to cache gid %u, out of memory"
+msgstr ""
+
+#: plugins/sudoers/pwutil.c:515
+#, c-format
+msgid "unable to cache gid %u, already exists"
+msgstr ""
+
+#: plugins/sudoers/pwutil.c:569 plugins/sudoers/pwutil.c:586
+#: plugins/sudoers/pwutil.c:633 plugins/sudoers/pwutil.c:675
+#, c-format
+msgid "unable to cache group %s, out of memory"
+msgstr ""
+
+#: plugins/sudoers/pwutil.c:581
+#, c-format
+msgid "unable to cache group %s, already exists"
+msgstr ""
+
+#: plugins/sudoers/pwutil.c:801 plugins/sudoers/pwutil.c:853
+#: plugins/sudoers/pwutil.c:904 plugins/sudoers/pwutil.c:957
+#, c-format
+msgid "unable to cache group list for %s, already exists"
+msgstr ""
+
+#: plugins/sudoers/pwutil.c:807 plugins/sudoers/pwutil.c:858
+#: plugins/sudoers/pwutil.c:910 plugins/sudoers/pwutil.c:962
+#, c-format
+msgid "unable to cache group list for %s, out of memory"
+msgstr ""
+
+#: plugins/sudoers/pwutil.c:847
+#, c-format
+msgid "unable to parse groups for %s"
+msgstr ""
+
+#: plugins/sudoers/pwutil.c:951
+#, c-format
+msgid "unable to parse gids for %s"
+msgstr ""
+
+#: plugins/sudoers/set_perms.c:113 plugins/sudoers/set_perms.c:469
+#: plugins/sudoers/set_perms.c:912 plugins/sudoers/set_perms.c:1239
+#: plugins/sudoers/set_perms.c:1556
+msgid "perm stack overflow"
+msgstr ""
+
+#: plugins/sudoers/set_perms.c:121 plugins/sudoers/set_perms.c:400
+#: plugins/sudoers/set_perms.c:477 plugins/sudoers/set_perms.c:779
+#: plugins/sudoers/set_perms.c:920 plugins/sudoers/set_perms.c:1163
+#: plugins/sudoers/set_perms.c:1247 plugins/sudoers/set_perms.c:1489
+#: plugins/sudoers/set_perms.c:1564 plugins/sudoers/set_perms.c:1654
+msgid "perm stack underflow"
+msgstr ""
+
+#: plugins/sudoers/set_perms.c:180 plugins/sudoers/set_perms.c:523
+#: plugins/sudoers/set_perms.c:1298 plugins/sudoers/set_perms.c:1596
+msgid "unable to change to root gid"
+msgstr ""
+
+#: plugins/sudoers/set_perms.c:269 plugins/sudoers/set_perms.c:620
+#: plugins/sudoers/set_perms.c:1049 plugins/sudoers/set_perms.c:1375
+msgid "unable to change to runas gid"
+msgstr ""
+
+#: plugins/sudoers/set_perms.c:274 plugins/sudoers/set_perms.c:625
+#: plugins/sudoers/set_perms.c:1054 plugins/sudoers/set_perms.c:1380
+msgid "unable to set runas group vector"
+msgstr ""
+
+#: plugins/sudoers/set_perms.c:285 plugins/sudoers/set_perms.c:636
+#: plugins/sudoers/set_perms.c:1063 plugins/sudoers/set_perms.c:1389
+msgid "unable to change to runas uid"
+msgstr ""
+
+#: plugins/sudoers/set_perms.c:303 plugins/sudoers/set_perms.c:654
+#: plugins/sudoers/set_perms.c:1079 plugins/sudoers/set_perms.c:1405
+msgid "unable to change to sudoers gid"
+msgstr ""
+
+#: plugins/sudoers/set_perms.c:387 plugins/sudoers/set_perms.c:766
+#: plugins/sudoers/set_perms.c:1150 plugins/sudoers/set_perms.c:1476
+#: plugins/sudoers/set_perms.c:1641
+msgid "too many processes"
+msgstr "masse procès"
+
+#: plugins/sudoers/solaris_audit.c:51
+msgid "unable to get current working directory"
+msgstr "impussibil otignî la cartele di vore atuâl"
+
+#: plugins/sudoers/solaris_audit.c:59
+#, c-format
+msgid "truncated audit path user_cmnd: %s"
+msgstr ""
+
+#: plugins/sudoers/solaris_audit.c:66
+#, c-format
+msgid "truncated audit path argv[0]: %s"
+msgstr ""
+
+#: plugins/sudoers/solaris_audit.c:115
+msgid "audit_failure message too long"
+msgstr ""
+
+#: plugins/sudoers/sssd.c:402
+msgid "unable to initialize SSS source. Is SSSD installed on your machine?"
+msgstr ""
+
+#: plugins/sudoers/sssd.c:410 plugins/sudoers/sssd.c:419
+#: plugins/sudoers/sssd.c:428 plugins/sudoers/sssd.c:437
+#: plugins/sudoers/sssd.c:446
+#, c-format
+msgid "unable to find symbol \"%s\" in %s"
+msgstr ""
+
+#: plugins/sudoers/sssd.c:1562
+#, c-format
+msgid ""
+"\n"
+"SSSD Role: %s\n"
+msgstr ""
+
+#: plugins/sudoers/sssd.c:1567
+#, c-format
+msgid ""
+"\n"
+"SSSD Role: UNKNOWN\n"
+msgstr ""
+
+#: plugins/sudoers/sudo_nss.c:289
+#, c-format
+msgid "Matching Defaults entries for %s on %s:\n"
+msgstr ""
+
+#: plugins/sudoers/sudo_nss.c:307
+#, c-format
+msgid "Runas and Command-specific defaults for %s:\n"
+msgstr ""
+
+#: plugins/sudoers/sudo_nss.c:325
+#, c-format
+msgid "User %s may run the following commands on %s:\n"
+msgstr "L'utent %s al pues eseguî su %s i comants chi daurman:\n"
+
+#: plugins/sudoers/sudo_nss.c:338
+#, c-format
+msgid "User %s is not allowed to run sudo on %s.\n"
+msgstr "L'utent %s nol pues eseguî sudo su %s.\n"
+
+#: plugins/sudoers/sudoers.c:168 plugins/sudoers/testsudoers.c:247
+#: plugins/sudoers/visudo.c:233 plugins/sudoers/visudo.c:612
+#: plugins/sudoers/visudo.c:976
+msgid "unable to initialize sudoers default values"
+msgstr "impussibil inizializâ i valôrs predefinîts di sudoers"
+
+#: plugins/sudoers/sudoers.c:198 plugins/sudoers/sudoers.c:891
+msgid "problem with defaults entries"
+msgstr ""
+
+#: plugins/sudoers/sudoers.c:205
+msgid "no valid sudoers sources found, quitting"
+msgstr ""
+
+#: plugins/sudoers/sudoers.c:244
+msgid "sudoers specifies that root is not allowed to sudo"
+msgstr ""
+
+#: plugins/sudoers/sudoers.c:301
+msgid "you are not permitted to use the -C option"
+msgstr ""
+
+#: plugins/sudoers/sudoers.c:390
+#, c-format
+msgid "timestamp owner (%s): No such user"
+msgstr ""
+
+#: plugins/sudoers/sudoers.c:405
+msgid "no tty"
+msgstr ""
+
+#: plugins/sudoers/sudoers.c:406
+msgid "sorry, you must have a tty to run sudo"
+msgstr "mi displâs, si scugne vê un tty par eseguî sudo"
+
+#: plugins/sudoers/sudoers.c:468
+msgid "command in current directory"
+msgstr ""
+
+#: plugins/sudoers/sudoers.c:487
+msgid "sorry, you are not allowed set a command timeout"
+msgstr ""
+
+#: plugins/sudoers/sudoers.c:495
+msgid "sorry, you are not allowed to preserve the environment"
+msgstr ""
+
+#: plugins/sudoers/sudoers.c:836
+msgid "command too long"
+msgstr "comant masse lunc"
+
+#: plugins/sudoers/sudoers.c:948
+#, c-format
+msgid "%s is not a regular file"
+msgstr "%s nol è un file regolâr"
+
+#: plugins/sudoers/sudoers.c:952 plugins/sudoers/timestamp.c:222 toke.l:969
+#, c-format
+msgid "%s is owned by uid %u, should be %u"
+msgstr ""
+
+#: plugins/sudoers/sudoers.c:956 toke.l:974
+#, c-format
+msgid "%s is world writable"
+msgstr ""
+
+#: plugins/sudoers/sudoers.c:960 toke.l:977
+#, c-format
+msgid "%s is owned by gid %u, should be %u"
+msgstr ""
+
+#: plugins/sudoers/sudoers.c:993
+#, c-format
+msgid "only root can use \"-c %s\""
+msgstr ""
+
+#: plugins/sudoers/sudoers.c:1012
+#, c-format
+msgid "unknown login class: %s"
+msgstr ""
+
+#: plugins/sudoers/sudoers.c:1095 plugins/sudoers/sudoers.c:1109
+#, c-format
+msgid "unable to resolve host %s"
+msgstr ""
+
+#: plugins/sudoers/sudoreplay.c:275
+#, c-format
+msgid "invalid filter option: %s"
+msgstr ""
+
+#: plugins/sudoers/sudoreplay.c:288
+#, c-format
+msgid "invalid max wait: %s"
+msgstr ""
+
+#: plugins/sudoers/sudoreplay.c:300
+#, c-format
+msgid "invalid speed factor: %s"
+msgstr ""
+
+#: plugins/sudoers/sudoreplay.c:303 plugins/sudoers/visudo.c:186
+#, c-format
+msgid "%s version %s\n"
+msgstr ""
+
+#: plugins/sudoers/sudoreplay.c:335
+#, c-format
+msgid "%s/%.2s/%.2s/%.2s/timing: %s"
+msgstr ""
+
+#: plugins/sudoers/sudoreplay.c:341
+#, c-format
+msgid "%s/%s/timing: %s"
+msgstr ""
+
+#: plugins/sudoers/sudoreplay.c:357
+#, c-format
+msgid "Replaying sudo session: %s"
+msgstr ""
+
+#: plugins/sudoers/sudoreplay.c:555 plugins/sudoers/sudoreplay.c:602
+#: plugins/sudoers/sudoreplay.c:805 plugins/sudoers/sudoreplay.c:895
+#: plugins/sudoers/sudoreplay.c:974 plugins/sudoers/sudoreplay.c:989
+#: plugins/sudoers/sudoreplay.c:996 plugins/sudoers/sudoreplay.c:1003
+#: plugins/sudoers/sudoreplay.c:1010 plugins/sudoers/sudoreplay.c:1017
+#: plugins/sudoers/sudoreplay.c:1163
+msgid "unable to add event to queue"
+msgstr ""
+
+#: plugins/sudoers/sudoreplay.c:670
+msgid "unable to set tty to raw mode"
+msgstr ""
+
+#: plugins/sudoers/sudoreplay.c:721
+#, c-format
+msgid "Warning: your terminal is too small to properly replay the log.\n"
+msgstr ""
+
+#: plugins/sudoers/sudoreplay.c:722
+#, c-format
+msgid "Log geometry is %d x %d, your terminal's geometry is %d x %d."
+msgstr ""
+
+#: plugins/sudoers/sudoreplay.c:750
+msgid "Replay finished, press any key to restore the terminal."
+msgstr ""
+
+#: plugins/sudoers/sudoreplay.c:783
+#, c-format
+msgid "invalid timing file line: %s"
+msgstr ""
+
+#: plugins/sudoers/sudoreplay.c:1197 plugins/sudoers/sudoreplay.c:1222
+#, c-format
+msgid "ambiguous expression \"%s\""
+msgstr ""
+
+#: plugins/sudoers/sudoreplay.c:1244
+msgid "unmatched ')' in expression"
+msgstr ""
+
+#: plugins/sudoers/sudoreplay.c:1248
+#, c-format
+msgid "unknown search term \"%s\""
+msgstr ""
+
+#: plugins/sudoers/sudoreplay.c:1263
+#, c-format
+msgid "%s requires an argument"
+msgstr ""
+
+#: plugins/sudoers/sudoreplay.c:1266 plugins/sudoers/sudoreplay.c:1646
+#, c-format
+msgid "invalid regular expression: %s"
+msgstr ""
+
+#: plugins/sudoers/sudoreplay.c:1270
+#, c-format
+msgid "could not parse date \"%s\""
+msgstr ""
+
+#: plugins/sudoers/sudoreplay.c:1279
+msgid "unmatched '(' in expression"
+msgstr ""
+
+#: plugins/sudoers/sudoreplay.c:1281
+msgid "illegal trailing \"or\""
+msgstr ""
+
+#: plugins/sudoers/sudoreplay.c:1283
+msgid "illegal trailing \"!\""
+msgstr ""
+
+#: plugins/sudoers/sudoreplay.c:1332
+#, c-format
+msgid "unknown search type %d"
+msgstr ""
+
+#: plugins/sudoers/sudoreplay.c:1370
+#, c-format
+msgid "%s: invalid log file"
+msgstr ""
+
+#: plugins/sudoers/sudoreplay.c:1388
+#, c-format
+msgid "%s: time stamp field is missing"
+msgstr ""
+
+#: plugins/sudoers/sudoreplay.c:1395
+#, c-format
+msgid "%s: time stamp %s: %s"
+msgstr ""
+
+#: plugins/sudoers/sudoreplay.c:1402
+#, c-format
+msgid "%s: user field is missing"
+msgstr ""
+
+#: plugins/sudoers/sudoreplay.c:1411
+#, c-format
+msgid "%s: runas user field is missing"
+msgstr ""
+
+#: plugins/sudoers/sudoreplay.c:1420
+#, c-format
+msgid "%s: runas group field is missing"
+msgstr ""
+
+#: plugins/sudoers/sudoreplay.c:1826
+#, c-format
+msgid "usage: %s [-hnR] [-d dir] [-m num] [-s num] ID\n"
+msgstr ""
+
+#: plugins/sudoers/sudoreplay.c:1829
+#, c-format
+msgid "usage: %s [-h] [-d dir] -l [search expression]\n"
+msgstr ""
+
+#: plugins/sudoers/sudoreplay.c:1838
+#, c-format
+msgid ""
+"%s - replay sudo session logs\n"
+"\n"
+msgstr ""
+
+#: plugins/sudoers/sudoreplay.c:1840
+msgid ""
+"\n"
+"Options:\n"
+"  -d, --directory=dir  specify directory for session logs\n"
+"  -f, --filter=filter  specify which I/O type(s) to display\n"
+"  -h, --help           display help message and exit\n"
+"  -l, --list           list available session IDs, with optional expression\n"
+"  -m, --max-wait=num   max number of seconds to wait between events\n"
+"  -s, --speed=num      speed up or slow down output\n"
+"  -V, --version        display version information and exit"
+msgstr ""
+
+#: plugins/sudoers/testsudoers.c:329
+msgid "\thost  unmatched"
+msgstr ""
+
+#: plugins/sudoers/testsudoers.c:332
+msgid ""
+"\n"
+"Command allowed"
+msgstr ""
+
+#: plugins/sudoers/testsudoers.c:333
+msgid ""
+"\n"
+"Command denied"
+msgstr ""
+
+#: plugins/sudoers/testsudoers.c:333
+msgid ""
+"\n"
+"Command unmatched"
+msgstr ""
+
+#: plugins/sudoers/timestamp.c:230
+#, c-format
+msgid "%s is group writable"
+msgstr ""
+
+#: plugins/sudoers/timestamp.c:306
+#, c-format
+msgid "unable to truncate time stamp file to %lld bytes"
+msgstr ""
+
+#: plugins/sudoers/timestamp.c:772 plugins/sudoers/timestamp.c:839
+#: plugins/sudoers/visudo.c:500 plugins/sudoers/visudo.c:506
+msgid "unable to read the clock"
+msgstr ""
+
+#: plugins/sudoers/timestamp.c:786
+msgid "ignoring time stamp from the future"
+msgstr ""
+
+#: plugins/sudoers/timestamp.c:798
+#, c-format
+msgid "time stamp too far in the future: %20.20s"
+msgstr ""
+
+#: plugins/sudoers/timestamp.c:893
+#, c-format
+msgid "unable to lock time stamp file %s"
+msgstr ""
+
+#: plugins/sudoers/timestamp.c:937 plugins/sudoers/timestamp.c:957
+#, c-format
+msgid "lecture status path too long: %s/%s"
+msgstr ""
+
+#: plugins/sudoers/visudo.c:188
+#, c-format
+msgid "%s grammar version %d\n"
+msgstr ""
+
+#: plugins/sudoers/visudo.c:266 plugins/sudoers/visudo.c:667
+#, c-format
+msgid "press return to edit %s: "
+msgstr ""
+
+#: plugins/sudoers/visudo.c:331
+#, c-format
+msgid "specified editor (%s) doesn't exist"
+msgstr ""
+
+#: plugins/sudoers/visudo.c:349
+#, c-format
+msgid "no editor found (editor path = %s)"
+msgstr ""
+
+#: plugins/sudoers/visudo.c:459 plugins/sudoers/visudo.c:467
+msgid "write error"
+msgstr ""
+
+#: plugins/sudoers/visudo.c:513
+#, c-format
+msgid "unable to stat temporary file (%s), %s unchanged"
+msgstr ""
+
+#: plugins/sudoers/visudo.c:520
+#, c-format
+msgid "zero length temporary file (%s), %s unchanged"
+msgstr ""
+
+#: plugins/sudoers/visudo.c:526
+#, c-format
+msgid "editor (%s) failed, %s unchanged"
+msgstr ""
+
+#: plugins/sudoers/visudo.c:548
+#, c-format
+msgid "%s unchanged"
+msgstr ""
+
+#: plugins/sudoers/visudo.c:607
+#, c-format
+msgid "unable to re-open temporary file (%s), %s unchanged."
+msgstr ""
+
+#: plugins/sudoers/visudo.c:619
+#, c-format
+msgid "unabled to parse temporary file (%s), unknown error"
+msgstr ""
+
+#: plugins/sudoers/visudo.c:656
+#, c-format
+msgid "internal error, unable to find %s in list!"
+msgstr ""
+
+#: plugins/sudoers/visudo.c:736 plugins/sudoers/visudo.c:745
+#, c-format
+msgid "unable to set (uid, gid) of %s to (%u, %u)"
+msgstr ""
+
+#: plugins/sudoers/visudo.c:767
+#, c-format
+msgid "%s and %s not on the same file system, using mv to rename"
+msgstr ""
+
+#: plugins/sudoers/visudo.c:781
+#, c-format
+msgid "command failed: '%s %s %s', %s unchanged"
+msgstr ""
+
+#: plugins/sudoers/visudo.c:791
+#, c-format
+msgid "error renaming %s, %s unchanged"
+msgstr ""
+
+#: plugins/sudoers/visudo.c:855
+msgid "What now? "
+msgstr ""
+
+#: plugins/sudoers/visudo.c:869
+msgid ""
+"Options are:\n"
+"  (e)dit sudoers file again\n"
+"  e(x)it without saving changes to sudoers file\n"
+"  (Q)uit and save changes to sudoers file (DANGER!)\n"
+msgstr ""
+
+#: plugins/sudoers/visudo.c:915
+#, c-format
+msgid "unable to run %s"
+msgstr ""
+
+#: plugins/sudoers/visudo.c:945
+#, c-format
+msgid "%s: wrong owner (uid, gid) should be (%u, %u)\n"
+msgstr ""
+
+#: plugins/sudoers/visudo.c:952
+#, c-format
+msgid "%s: bad permissions, should be mode 0%o\n"
+msgstr ""
+
+#: plugins/sudoers/visudo.c:981 plugins/sudoers/visudo_json.c:1021
+#, c-format
+msgid "failed to parse %s file, unknown error"
+msgstr ""
+
+#: plugins/sudoers/visudo.c:997 plugins/sudoers/visudo_json.c:1032
+#, c-format
+msgid "parse error in %s near line %d\n"
+msgstr ""
+
+#: plugins/sudoers/visudo.c:1000 plugins/sudoers/visudo_json.c:1035
+#, c-format
+msgid "parse error in %s\n"
+msgstr ""
+
+#: plugins/sudoers/visudo.c:1008 plugins/sudoers/visudo.c:1015
+#, c-format
+msgid "%s: parsed OK\n"
+msgstr ""
+
+#: plugins/sudoers/visudo.c:1062
+#, c-format
+msgid "%s busy, try again later"
+msgstr ""
+
+#: plugins/sudoers/visudo.c:1159
+#, c-format
+msgid "Error: %s:%d cycle in %s \"%s\""
+msgstr ""
+
+#: plugins/sudoers/visudo.c:1160
+#, c-format
+msgid "Warning: %s:%d cycle in %s \"%s\""
+msgstr ""
+
+#: plugins/sudoers/visudo.c:1164
+#, c-format
+msgid "Error: %s:%d %s \"%s\" referenced but not defined"
+msgstr ""
+
+#: plugins/sudoers/visudo.c:1165
+#, c-format
+msgid "Warning: %s:%d %s \"%s\" referenced but not defined"
+msgstr ""
+
+#: plugins/sudoers/visudo.c:1318
+#, c-format
+msgid "Warning: %s:%d unused %s \"%s\""
+msgstr ""
+
+#: plugins/sudoers/visudo.c:1433
+#, c-format
+msgid ""
+"%s - safely edit the sudoers file\n"
+"\n"
+msgstr ""
+
+#: plugins/sudoers/visudo.c:1435
+msgid ""
+"\n"
+"Options:\n"
+"  -c, --check              check-only mode\n"
+"  -f, --file=sudoers       specify sudoers file location\n"
+"  -h, --help               display help message and exit\n"
+"  -q, --quiet              less verbose (quiet) syntax error messages\n"
+"  -s, --strict             strict syntax checking\n"
+"  -V, --version            display version information and exit\n"
+"  -x, --export=output_file write sudoers in JSON format to output_file"
+msgstr ""
+
+#: plugins/sudoers/visudo_json.c:616 plugins/sudoers/visudo_json.c:651
+#, c-format
+msgid "unknown defaults entry \"%s\""
+msgstr ""
+
+#: plugins/sudoers/visudo_json.c:1007
+#, c-format
+msgid "%s: input and output files must be different"
+msgstr ""
+
+#: toke.l:943
+msgid "too many levels of includes"
+msgstr ""
diff --git a/plugins/sudoers/po/hr.mo b/plugins/sudoers/po/hr.mo
new file mode 100644
index 0000000..2af8d49
--- /dev/null
+++ b/plugins/sudoers/po/hr.mo
diff --git a/plugins/sudoers/po/hr.po b/plugins/sudoers/po/hr.po
new file mode 100644
index 0000000..2ce609e
--- /dev/null
+++ b/plugins/sudoers/po/hr.po
@@ -0,0 +1,2518 @@
+# Translation of sudoers to Croatian.
+# This file is put in the public domain.
+#
+# Božidar Putanec <bozidarp@yahoo.com>, 2016, 2017, 2018.
+msgid ""
+msgstr ""
+"Project-Id-Version: sudoers-1.8.26b1\n"
+"Report-Msgid-Bugs-To: https://bugzilla.sudo.ws\n"
+"POT-Creation-Date: 2018-10-29 08:31-0600\n"
+"PO-Revision-Date: 2018-10-30 13:22-0700\n"
+"Last-Translator: Božidar Putanec <bozidarp@yahoo.com>\n"
+"Language-Team: Croatian <lokalizacija@linux.hr>\n"
+"Language: hr\n"
+"MIME-Version: 1.0\n"
+"Content-Type: text/plain; charset=UTF-8\n"
+"Content-Transfer-Encoding: 8bit\n"
+"X-Bugs: Report translation errors to the Language-Team address.\n"
+"Plural-Forms: nplurals=3; plural=(n%10==1 && n%100!=11 ? 0 : n%10>=2 && n%10<=4 && (n%100<10 || n%100>=20) ? 1 : 2);\n"
+"X-Generator: Poedit 2.2\n"
+"X-Poedit-Basepath: ../packages/sudo-1.8.23b2\n"
+"X-Poedit-SearchPath-0: .\n"
+
+#: confstr.sh:1
+msgid "syntax error"
+msgstr "pogreška u sintaksi"
+
+#: confstr.sh:2
+msgid "%p's password: "
+msgstr "Lozinka za %p: "
+
+#: confstr.sh:3
+msgid "[sudo] password for %p: "
+msgstr "[sudo] lozinka za %p: "
+
+#: confstr.sh:4
+msgid "Password: "
+msgstr "Lozinka: "
+
+#: confstr.sh:5
+msgid "*** SECURITY information for %h ***"
+msgstr "*** SIGURNOSNE informacije za %h ***"
+
+#: confstr.sh:6
+msgid "Sorry, try again."
+msgstr "Pokušajte ponovo."
+
+#: gram.y:192 gram.y:240 gram.y:247 gram.y:254 gram.y:261 gram.y:268
+#: gram.y:284 gram.y:308 gram.y:315 gram.y:322 gram.y:329 gram.y:336
+#: gram.y:399 gram.y:407 gram.y:417 gram.y:450 gram.y:457 gram.y:464
+#: gram.y:471 gram.y:553 gram.y:560 gram.y:569 gram.y:578 gram.y:595
+#: gram.y:707 gram.y:714 gram.y:721 gram.y:729 gram.y:829 gram.y:836
+#: gram.y:843 gram.y:850 gram.y:857 gram.y:883 gram.y:890 gram.y:897
+#: gram.y:1020 gram.y:1294 plugins/sudoers/alias.c:130
+#: plugins/sudoers/alias.c:137 plugins/sudoers/alias.c:153
+#: plugins/sudoers/auth/bsdauth.c:146 plugins/sudoers/auth/kerb5.c:121
+#: plugins/sudoers/auth/kerb5.c:147 plugins/sudoers/auth/pam.c:524
+#: plugins/sudoers/auth/rfc1938.c:114 plugins/sudoers/auth/sia.c:62
+#: plugins/sudoers/cvtsudoers.c:123 plugins/sudoers/cvtsudoers.c:164
+#: plugins/sudoers/cvtsudoers.c:181 plugins/sudoers/cvtsudoers.c:192
+#: plugins/sudoers/cvtsudoers.c:304 plugins/sudoers/cvtsudoers.c:432
+#: plugins/sudoers/cvtsudoers.c:565 plugins/sudoers/cvtsudoers.c:582
+#: plugins/sudoers/cvtsudoers.c:645 plugins/sudoers/cvtsudoers.c:760
+#: plugins/sudoers/cvtsudoers.c:768 plugins/sudoers/cvtsudoers.c:1178
+#: plugins/sudoers/cvtsudoers.c:1182 plugins/sudoers/cvtsudoers.c:1284
+#: plugins/sudoers/cvtsudoers_ldif.c:152 plugins/sudoers/cvtsudoers_ldif.c:195
+#: plugins/sudoers/cvtsudoers_ldif.c:242 plugins/sudoers/cvtsudoers_ldif.c:261
+#: plugins/sudoers/cvtsudoers_ldif.c:332 plugins/sudoers/cvtsudoers_ldif.c:387
+#: plugins/sudoers/cvtsudoers_ldif.c:395 plugins/sudoers/cvtsudoers_ldif.c:412
+#: plugins/sudoers/cvtsudoers_ldif.c:421 plugins/sudoers/cvtsudoers_ldif.c:568
+#: plugins/sudoers/defaults.c:661 plugins/sudoers/defaults.c:954
+#: plugins/sudoers/defaults.c:1125 plugins/sudoers/editor.c:70
+#: plugins/sudoers/editor.c:88 plugins/sudoers/editor.c:99
+#: plugins/sudoers/env.c:247 plugins/sudoers/filedigest.c:64
+#: plugins/sudoers/filedigest.c:80 plugins/sudoers/gc.c:57
+#: plugins/sudoers/group_plugin.c:136 plugins/sudoers/interfaces.c:76
+#: plugins/sudoers/iolog.c:939 plugins/sudoers/iolog_path.c:172
+#: plugins/sudoers/iolog_util.c:83 plugins/sudoers/iolog_util.c:122
+#: plugins/sudoers/iolog_util.c:131 plugins/sudoers/iolog_util.c:141
+#: plugins/sudoers/iolog_util.c:149 plugins/sudoers/iolog_util.c:153
+#: plugins/sudoers/ldap.c:183 plugins/sudoers/ldap.c:414
+#: plugins/sudoers/ldap.c:418 plugins/sudoers/ldap.c:430
+#: plugins/sudoers/ldap.c:721 plugins/sudoers/ldap.c:885
+#: plugins/sudoers/ldap.c:1233 plugins/sudoers/ldap.c:1660
+#: plugins/sudoers/ldap.c:1697 plugins/sudoers/ldap.c:1778
+#: plugins/sudoers/ldap.c:1913 plugins/sudoers/ldap.c:2014
+#: plugins/sudoers/ldap.c:2030 plugins/sudoers/ldap_conf.c:221
+#: plugins/sudoers/ldap_conf.c:252 plugins/sudoers/ldap_conf.c:304
+#: plugins/sudoers/ldap_conf.c:340 plugins/sudoers/ldap_conf.c:443
+#: plugins/sudoers/ldap_conf.c:458 plugins/sudoers/ldap_conf.c:555
+#: plugins/sudoers/ldap_conf.c:588 plugins/sudoers/ldap_conf.c:680
+#: plugins/sudoers/ldap_conf.c:762 plugins/sudoers/ldap_util.c:508
+#: plugins/sudoers/ldap_util.c:564 plugins/sudoers/linux_audit.c:81
+#: plugins/sudoers/logging.c:195 plugins/sudoers/logging.c:511
+#: plugins/sudoers/logging.c:532 plugins/sudoers/logging.c:573
+#: plugins/sudoers/logging.c:752 plugins/sudoers/logging.c:1010
+#: plugins/sudoers/match.c:725 plugins/sudoers/match.c:772
+#: plugins/sudoers/match.c:813 plugins/sudoers/match.c:841
+#: plugins/sudoers/match.c:929 plugins/sudoers/match.c:1009
+#: plugins/sudoers/parse.c:195 plugins/sudoers/parse.c:207
+#: plugins/sudoers/parse.c:222 plugins/sudoers/parse.c:234
+#: plugins/sudoers/parse_ldif.c:141 plugins/sudoers/parse_ldif.c:168
+#: plugins/sudoers/parse_ldif.c:237 plugins/sudoers/parse_ldif.c:244
+#: plugins/sudoers/parse_ldif.c:249 plugins/sudoers/parse_ldif.c:325
+#: plugins/sudoers/parse_ldif.c:336 plugins/sudoers/parse_ldif.c:342
+#: plugins/sudoers/parse_ldif.c:367 plugins/sudoers/parse_ldif.c:379
+#: plugins/sudoers/parse_ldif.c:383 plugins/sudoers/parse_ldif.c:397
+#: plugins/sudoers/parse_ldif.c:564 plugins/sudoers/parse_ldif.c:594
+#: plugins/sudoers/parse_ldif.c:619 plugins/sudoers/parse_ldif.c:679
+#: plugins/sudoers/parse_ldif.c:698 plugins/sudoers/parse_ldif.c:744
+#: plugins/sudoers/parse_ldif.c:754 plugins/sudoers/policy.c:502
+#: plugins/sudoers/policy.c:744 plugins/sudoers/prompt.c:98
+#: plugins/sudoers/pwutil.c:197 plugins/sudoers/pwutil.c:269
+#: plugins/sudoers/pwutil.c:346 plugins/sudoers/pwutil.c:520
+#: plugins/sudoers/pwutil.c:586 plugins/sudoers/pwutil.c:656
+#: plugins/sudoers/pwutil.c:814 plugins/sudoers/pwutil.c:871
+#: plugins/sudoers/pwutil.c:916 plugins/sudoers/pwutil.c:974
+#: plugins/sudoers/sssd.c:152 plugins/sudoers/sssd.c:398
+#: plugins/sudoers/sssd.c:461 plugins/sudoers/sssd.c:505
+#: plugins/sudoers/sssd.c:552 plugins/sudoers/sssd.c:743
+#: plugins/sudoers/stubs.c:101 plugins/sudoers/stubs.c:109
+#: plugins/sudoers/sudoers.c:269 plugins/sudoers/sudoers.c:279
+#: plugins/sudoers/sudoers.c:288 plugins/sudoers/sudoers.c:330
+#: plugins/sudoers/sudoers.c:653 plugins/sudoers/sudoers.c:779
+#: plugins/sudoers/sudoers.c:823 plugins/sudoers/sudoers.c:1097
+#: plugins/sudoers/sudoers_debug.c:112 plugins/sudoers/sudoreplay.c:579
+#: plugins/sudoers/sudoreplay.c:582 plugins/sudoers/sudoreplay.c:1259
+#: plugins/sudoers/sudoreplay.c:1459 plugins/sudoers/sudoreplay.c:1463
+#: plugins/sudoers/testsudoers.c:134 plugins/sudoers/testsudoers.c:234
+#: plugins/sudoers/testsudoers.c:251 plugins/sudoers/testsudoers.c:585
+#: plugins/sudoers/timestamp.c:437 plugins/sudoers/timestamp.c:481
+#: plugins/sudoers/timestamp.c:958 plugins/sudoers/toke_util.c:57
+#: plugins/sudoers/toke_util.c:110 plugins/sudoers/toke_util.c:147
+#: plugins/sudoers/tsdump.c:128 plugins/sudoers/visudo.c:150
+#: plugins/sudoers/visudo.c:312 plugins/sudoers/visudo.c:318
+#: plugins/sudoers/visudo.c:428 plugins/sudoers/visudo.c:606
+#: plugins/sudoers/visudo.c:926 plugins/sudoers/visudo.c:1013
+#: plugins/sudoers/visudo.c:1102 toke.l:844 toke.l:945 toke.l:1102
+msgid "unable to allocate memory"
+msgstr "nije moguće dodijeliti memoriju"
+
+#: gram.y:482
+msgid "a digest requires a path name"
+msgstr "kontrolni zbroj zahtijeva ime staze"
+
+#: gram.y:608
+msgid "invalid notbefore value"
+msgstr "nevaljana „notbefore“ vrijednost"
+
+#: gram.y:616
+msgid "invalid notafter value"
+msgstr "nevaljana „notafter“ vrijednost"
+
+#: gram.y:625 plugins/sudoers/policy.c:318
+msgid "timeout value too large"
+msgstr "vrijednost za istek vremena je prevelika"
+
+#: gram.y:627 plugins/sudoers/policy.c:320
+msgid "invalid timeout value"
+msgstr "nevaljana vrijednost za istek vremena"
+
+#: gram.y:1294 plugins/sudoers/auth/pam.c:354 plugins/sudoers/auth/pam.c:524
+#: plugins/sudoers/auth/rfc1938.c:114 plugins/sudoers/cvtsudoers.c:123
+#: plugins/sudoers/cvtsudoers.c:163 plugins/sudoers/cvtsudoers.c:180
+#: plugins/sudoers/cvtsudoers.c:191 plugins/sudoers/cvtsudoers.c:303
+#: plugins/sudoers/cvtsudoers.c:431 plugins/sudoers/cvtsudoers.c:564
+#: plugins/sudoers/cvtsudoers.c:581 plugins/sudoers/cvtsudoers.c:645
+#: plugins/sudoers/cvtsudoers.c:760 plugins/sudoers/cvtsudoers.c:767
+#: plugins/sudoers/cvtsudoers.c:1178 plugins/sudoers/cvtsudoers.c:1182
+#: plugins/sudoers/cvtsudoers.c:1284 plugins/sudoers/cvtsudoers_ldif.c:151
+#: plugins/sudoers/cvtsudoers_ldif.c:194 plugins/sudoers/cvtsudoers_ldif.c:241
+#: plugins/sudoers/cvtsudoers_ldif.c:260 plugins/sudoers/cvtsudoers_ldif.c:331
+#: plugins/sudoers/cvtsudoers_ldif.c:386 plugins/sudoers/cvtsudoers_ldif.c:394
+#: plugins/sudoers/cvtsudoers_ldif.c:411 plugins/sudoers/cvtsudoers_ldif.c:420
+#: plugins/sudoers/cvtsudoers_ldif.c:567 plugins/sudoers/defaults.c:661
+#: plugins/sudoers/defaults.c:954 plugins/sudoers/defaults.c:1125
+#: plugins/sudoers/editor.c:70 plugins/sudoers/editor.c:88
+#: plugins/sudoers/editor.c:99 plugins/sudoers/env.c:247
+#: plugins/sudoers/filedigest.c:64 plugins/sudoers/filedigest.c:80
+#: plugins/sudoers/gc.c:57 plugins/sudoers/group_plugin.c:136
+#: plugins/sudoers/interfaces.c:76 plugins/sudoers/iolog.c:939
+#: plugins/sudoers/iolog_path.c:172 plugins/sudoers/iolog_util.c:83
+#: plugins/sudoers/iolog_util.c:122 plugins/sudoers/iolog_util.c:131
+#: plugins/sudoers/iolog_util.c:141 plugins/sudoers/iolog_util.c:149
+#: plugins/sudoers/iolog_util.c:153 plugins/sudoers/ldap.c:183
+#: plugins/sudoers/ldap.c:414 plugins/sudoers/ldap.c:418
+#: plugins/sudoers/ldap.c:430 plugins/sudoers/ldap.c:721
+#: plugins/sudoers/ldap.c:885 plugins/sudoers/ldap.c:1233
+#: plugins/sudoers/ldap.c:1660 plugins/sudoers/ldap.c:1697
+#: plugins/sudoers/ldap.c:1778 plugins/sudoers/ldap.c:1913
+#: plugins/sudoers/ldap.c:2014 plugins/sudoers/ldap.c:2030
+#: plugins/sudoers/ldap_conf.c:221 plugins/sudoers/ldap_conf.c:252
+#: plugins/sudoers/ldap_conf.c:304 plugins/sudoers/ldap_conf.c:340
+#: plugins/sudoers/ldap_conf.c:443 plugins/sudoers/ldap_conf.c:458
+#: plugins/sudoers/ldap_conf.c:555 plugins/sudoers/ldap_conf.c:588
+#: plugins/sudoers/ldap_conf.c:679 plugins/sudoers/ldap_conf.c:762
+#: plugins/sudoers/ldap_util.c:508 plugins/sudoers/ldap_util.c:564
+#: plugins/sudoers/linux_audit.c:81 plugins/sudoers/logging.c:195
+#: plugins/sudoers/logging.c:511 plugins/sudoers/logging.c:532
+#: plugins/sudoers/logging.c:572 plugins/sudoers/logging.c:1010
+#: plugins/sudoers/match.c:724 plugins/sudoers/match.c:771
+#: plugins/sudoers/match.c:813 plugins/sudoers/match.c:841
+#: plugins/sudoers/match.c:929 plugins/sudoers/match.c:1008
+#: plugins/sudoers/parse.c:194 plugins/sudoers/parse.c:206
+#: plugins/sudoers/parse.c:221 plugins/sudoers/parse.c:233
+#: plugins/sudoers/parse_ldif.c:140 plugins/sudoers/parse_ldif.c:167
+#: plugins/sudoers/parse_ldif.c:236 plugins/sudoers/parse_ldif.c:243
+#: plugins/sudoers/parse_ldif.c:248 plugins/sudoers/parse_ldif.c:324
+#: plugins/sudoers/parse_ldif.c:335 plugins/sudoers/parse_ldif.c:341
+#: plugins/sudoers/parse_ldif.c:366 plugins/sudoers/parse_ldif.c:378
+#: plugins/sudoers/parse_ldif.c:382 plugins/sudoers/parse_ldif.c:396
+#: plugins/sudoers/parse_ldif.c:564 plugins/sudoers/parse_ldif.c:593
+#: plugins/sudoers/parse_ldif.c:618 plugins/sudoers/parse_ldif.c:678
+#: plugins/sudoers/parse_ldif.c:697 plugins/sudoers/parse_ldif.c:743
+#: plugins/sudoers/parse_ldif.c:753 plugins/sudoers/policy.c:132
+#: plugins/sudoers/policy.c:141 plugins/sudoers/policy.c:150
+#: plugins/sudoers/policy.c:176 plugins/sudoers/policy.c:303
+#: plugins/sudoers/policy.c:318 plugins/sudoers/policy.c:320
+#: plugins/sudoers/policy.c:346 plugins/sudoers/policy.c:356
+#: plugins/sudoers/policy.c:400 plugins/sudoers/policy.c:410
+#: plugins/sudoers/policy.c:419 plugins/sudoers/policy.c:428
+#: plugins/sudoers/policy.c:502 plugins/sudoers/policy.c:744
+#: plugins/sudoers/prompt.c:98 plugins/sudoers/pwutil.c:197
+#: plugins/sudoers/pwutil.c:269 plugins/sudoers/pwutil.c:346
+#: plugins/sudoers/pwutil.c:520 plugins/sudoers/pwutil.c:586
+#: plugins/sudoers/pwutil.c:656 plugins/sudoers/pwutil.c:814
+#: plugins/sudoers/pwutil.c:871 plugins/sudoers/pwutil.c:916
+#: plugins/sudoers/pwutil.c:974 plugins/sudoers/set_perms.c:392
+#: plugins/sudoers/set_perms.c:771 plugins/sudoers/set_perms.c:1155
+#: plugins/sudoers/set_perms.c:1481 plugins/sudoers/set_perms.c:1646
+#: plugins/sudoers/sssd.c:151 plugins/sudoers/sssd.c:398
+#: plugins/sudoers/sssd.c:461 plugins/sudoers/sssd.c:505
+#: plugins/sudoers/sssd.c:552 plugins/sudoers/sssd.c:743
+#: plugins/sudoers/stubs.c:101 plugins/sudoers/stubs.c:109
+#: plugins/sudoers/sudoers.c:269 plugins/sudoers/sudoers.c:279
+#: plugins/sudoers/sudoers.c:288 plugins/sudoers/sudoers.c:330
+#: plugins/sudoers/sudoers.c:653 plugins/sudoers/sudoers.c:779
+#: plugins/sudoers/sudoers.c:823 plugins/sudoers/sudoers.c:1097
+#: plugins/sudoers/sudoers_debug.c:111 plugins/sudoers/sudoreplay.c:579
+#: plugins/sudoers/sudoreplay.c:582 plugins/sudoers/sudoreplay.c:1259
+#: plugins/sudoers/sudoreplay.c:1459 plugins/sudoers/sudoreplay.c:1463
+#: plugins/sudoers/testsudoers.c:134 plugins/sudoers/testsudoers.c:234
+#: plugins/sudoers/testsudoers.c:251 plugins/sudoers/testsudoers.c:585
+#: plugins/sudoers/timestamp.c:437 plugins/sudoers/timestamp.c:481
+#: plugins/sudoers/timestamp.c:958 plugins/sudoers/toke_util.c:57
+#: plugins/sudoers/toke_util.c:110 plugins/sudoers/toke_util.c:147
+#: plugins/sudoers/tsdump.c:128 plugins/sudoers/visudo.c:150
+#: plugins/sudoers/visudo.c:312 plugins/sudoers/visudo.c:318
+#: plugins/sudoers/visudo.c:428 plugins/sudoers/visudo.c:606
+#: plugins/sudoers/visudo.c:926 plugins/sudoers/visudo.c:1013
+#: plugins/sudoers/visudo.c:1102 toke.l:844 toke.l:945 toke.l:1102
+#, c-format
+msgid "%s: %s"
+msgstr "%s: %s"
+
+#: plugins/sudoers/alias.c:148
+#, c-format
+msgid "Alias \"%s\" already defined"
+msgstr "Alias „%s“ je već definirani"
+
+#: plugins/sudoers/auth/bsdauth.c:73
+#, c-format
+msgid "unable to get login class for user %s"
+msgstr "nije moguće dobiti razred klasu korisnika %s"
+
+#: plugins/sudoers/auth/bsdauth.c:78
+msgid "unable to begin bsd authentication"
+msgstr "nije moguće početi s BSD autentifikacijom"
+
+#: plugins/sudoers/auth/bsdauth.c:86
+msgid "invalid authentication type"
+msgstr "nevaljana vrsta autentifikacije"
+
+#: plugins/sudoers/auth/bsdauth.c:95
+msgid "unable to initialize BSD authentication"
+msgstr "nije moguće inicijalizirati BSD autentifikaciju"
+
+#: plugins/sudoers/auth/bsdauth.c:183
+msgid "your account has expired"
+msgstr "vaš račun nije valjan, istekao je"
+
+#: plugins/sudoers/auth/bsdauth.c:185
+msgid "approval failed"
+msgstr "odobrenje nije uspjelo"
+
+#: plugins/sudoers/auth/fwtk.c:57
+msgid "unable to read fwtk config"
+msgstr "nije moguće pročitati konfiguraciju FWTK"
+
+#: plugins/sudoers/auth/fwtk.c:62
+msgid "unable to connect to authentication server"
+msgstr "nije moguće spojiti se na autentifikacijski poslužitelj"
+
+#: plugins/sudoers/auth/fwtk.c:68 plugins/sudoers/auth/fwtk.c:92
+#: plugins/sudoers/auth/fwtk.c:124
+msgid "lost connection to authentication server"
+msgstr "veza s autentifikacijskim poslužiteljem je prekinuta (izgubljena)"
+
+#: plugins/sudoers/auth/fwtk.c:72
+#, c-format
+msgid ""
+"authentication server error:\n"
+"%s"
+msgstr ""
+"greška autentifikacijskoga poslužitelja:\n"
+"%s"
+
+#: plugins/sudoers/auth/kerb5.c:113
+#, c-format
+msgid "%s: unable to convert principal to string ('%s'): %s"
+msgstr "%s: nije moguće pretvoriti principala u string („%s“): %s"
+
+#: plugins/sudoers/auth/kerb5.c:163
+#, c-format
+msgid "%s: unable to parse '%s': %s"
+msgstr "%s: nije moguće raščlaniti „%s“: %s"
+
+#: plugins/sudoers/auth/kerb5.c:172
+#, c-format
+msgid "%s: unable to resolve credential cache: %s"
+msgstr "%s: nije moguće naći verifikacijsku predmemoriju: %s"
+
+#: plugins/sudoers/auth/kerb5.c:219
+#, c-format
+msgid "%s: unable to allocate options: %s"
+msgstr "%s: nije moguće dodijeliti opcije: %s"
+
+#: plugins/sudoers/auth/kerb5.c:234
+#, c-format
+msgid "%s: unable to get credentials: %s"
+msgstr "%s: nije moguće dobiti verifikaciju: %s"
+
+#: plugins/sudoers/auth/kerb5.c:247
+#, c-format
+msgid "%s: unable to initialize credential cache: %s"
+msgstr "%s: nije moguće inicijalizirati verifikacijsku predmemoriju: %s"
+
+#: plugins/sudoers/auth/kerb5.c:250
+#, c-format
+msgid "%s: unable to store credential in cache: %s"
+msgstr "%s: nije moguće spremiti verifikaciju u predmemoriju: %s"
+
+#: plugins/sudoers/auth/kerb5.c:314
+#, c-format
+msgid "%s: unable to get host principal: %s"
+msgstr "%s: nije moguće dobiti principala: %s"
+
+#: plugins/sudoers/auth/kerb5.c:328
+#, c-format
+msgid "%s: Cannot verify TGT! Possible attack!: %s"
+msgstr "%s: Nije moguće provjeriti TGT! Mogući napad!: %s"
+
+#: plugins/sudoers/auth/pam.c:113
+msgid "unable to initialize PAM"
+msgstr "nije moguće inicijalizirati PAM"
+
+#: plugins/sudoers/auth/pam.c:204
+#, c-format
+msgid "PAM authentication error: %s"
+msgstr "Greška PAM autentifikacije: %s"
+
+#: plugins/sudoers/auth/pam.c:221
+msgid "account validation failure, is your account locked?"
+msgstr "provjera valjanosti računa nije uspjela, je li vaš račun zaključan?"
+
+#: plugins/sudoers/auth/pam.c:229
+msgid "Account or password is expired, reset your password and try again"
+msgstr "Račun ili lozinka su istekli, postavite novu lozinku i pokušajte ponovo"
+
+#: plugins/sudoers/auth/pam.c:238
+#, c-format
+msgid "unable to change expired password: %s"
+msgstr "nije moguće promijeniti zastarjelu lozinku: %s"
+
+#: plugins/sudoers/auth/pam.c:246
+msgid "Password expired, contact your system administrator"
+msgstr "Lozinka je istekla, javite se vašem administratoru sustava"
+
+#: plugins/sudoers/auth/pam.c:250
+msgid "Account expired or PAM config lacks an \"account\" section for sudo, contact your system administrator"
+msgstr "Račun je istekao ili PAM konfiguracija nema sekciju „account“ za sudo, javite se vašem administratoru sustava"
+
+#: plugins/sudoers/auth/pam.c:257 plugins/sudoers/auth/pam.c:262
+#, c-format
+msgid "PAM account management error: %s"
+msgstr "Pogreška u upravljanju PAM računom: %s"
+
+#: plugins/sudoers/auth/rfc1938.c:102 plugins/sudoers/visudo.c:232
+#, c-format
+msgid "you do not exist in the %s database"
+msgstr "vas nema u %s bazi podataka"
+
+#: plugins/sudoers/auth/securid5.c:75
+msgid "failed to initialise the ACE API library"
+msgstr "nije uspjelo inicijalizirati ACE API biblioteku"
+
+#: plugins/sudoers/auth/securid5.c:101
+msgid "unable to contact the SecurID server"
+msgstr "nije moguće uspostaviti vezu sa SecurID poslužiteljem"
+
+#: plugins/sudoers/auth/securid5.c:110
+msgid "User ID locked for SecurID Authentication"
+msgstr "Korisnikov ID je zaključan prilikom SecurID autentifikacije"
+
+#: plugins/sudoers/auth/securid5.c:114 plugins/sudoers/auth/securid5.c:165
+msgid "invalid username length for SecurID"
+msgstr "nevaljana duljina imena korisnika za SecurID"
+
+#: plugins/sudoers/auth/securid5.c:118 plugins/sudoers/auth/securid5.c:170
+msgid "invalid Authentication Handle for SecurID"
+msgstr "nevaljani autentifikacijski token za SecurID"
+
+#: plugins/sudoers/auth/securid5.c:122
+msgid "SecurID communication failed"
+msgstr "SecurID komunikacija nije uspjela"
+
+#: plugins/sudoers/auth/securid5.c:126 plugins/sudoers/auth/securid5.c:215
+msgid "unknown SecurID error"
+msgstr "nepoznata SecurID greška"
+
+#: plugins/sudoers/auth/securid5.c:160
+msgid "invalid passcode length for SecurID"
+msgstr "nevaljana duljina lozinke za SecurID"
+
+#: plugins/sudoers/auth/sia.c:72 plugins/sudoers/auth/sia.c:127
+msgid "unable to initialize SIA session"
+msgstr "nije moguće inicijalizirati SIA sesiju"
+
+#: plugins/sudoers/auth/sudo_auth.c:136
+msgid "invalid authentication methods"
+msgstr "nevaljane metode autentifikacije"
+
+#: plugins/sudoers/auth/sudo_auth.c:138
+msgid "Invalid authentication methods compiled into sudo!  You may not mix standalone and non-standalone authentication."
+msgstr "Nevaljane metode autentifikacije su ugrađene u sudo! Ne smijete miješati samostalne i nesamostalne autentifikacije."
+
+#: plugins/sudoers/auth/sudo_auth.c:259 plugins/sudoers/auth/sudo_auth.c:309
+msgid "no authentication methods"
+msgstr "nema metoda autentifikacije"
+
+#: plugins/sudoers/auth/sudo_auth.c:261
+msgid "There are no authentication methods compiled into sudo!  If you want to turn off authentication, use the --disable-authentication configure option."
+msgstr "Metode autentifikacije nisu ugrađene u sudo!  Ako želite isključiti autentifikaciju, koristite konfiguracijsku opciju --disable-authentication."
+
+#: plugins/sudoers/auth/sudo_auth.c:311
+msgid "Unable to initialize authentication methods."
+msgstr "Nije moguće inicijalizirati metode autentifikacije."
+
+#: plugins/sudoers/auth/sudo_auth.c:477
+msgid "Authentication methods:"
+msgstr "Metode autentifikacije:"
+
+#: plugins/sudoers/bsm_audit.c:123 plugins/sudoers/bsm_audit.c:215
+msgid "Could not determine audit condition"
+msgstr "Nije bilo moguće odrediti uvjete za reviziju"
+
+#: plugins/sudoers/bsm_audit.c:188 plugins/sudoers/bsm_audit.c:279
+msgid "unable to commit audit record"
+msgstr "revizijski izvještaj nije bilo moguće zapisati na disk"
+
+#: plugins/sudoers/check.c:267
+msgid ""
+"\n"
+"We trust you have received the usual lecture from the local System\n"
+"Administrator. It usually boils down to these three things:\n"
+"\n"
+"    #1) Respect the privacy of others.\n"
+"    #2) Think before you type.\n"
+"    #3) With great power comes great responsibility.\n"
+"\n"
+msgstr ""
+"\n"
+"Vjerujemo da vam je administrator lokalnog sustava održao uobičajeno\n"
+"predavanje. To se obično svodi na sljedeće tri stvari:\n"
+"\n"
+"    #1) Poštujte tuđu privatnost.\n"
+"    #2) Mislite prije tipkanja.\n"
+"    #3) S velikim moćima dolazi velika odgovornost.\n"
+"\n"
+
+#: plugins/sudoers/check.c:310 plugins/sudoers/check.c:320
+#: plugins/sudoers/sudoers.c:696 plugins/sudoers/sudoers.c:741
+#: plugins/sudoers/tsdump.c:124
+#, c-format
+msgid "unknown uid: %u"
+msgstr "nepoznati UID: %u"
+
+#: plugins/sudoers/check.c:315 plugins/sudoers/iolog.c:253
+#: plugins/sudoers/policy.c:915 plugins/sudoers/sudoers.c:1136
+#: plugins/sudoers/testsudoers.c:225 plugins/sudoers/testsudoers.c:398
+#, c-format
+msgid "unknown user: %s"
+msgstr "nepoznati korisnik: %s"
+
+#: plugins/sudoers/cvtsudoers.c:198
+#, c-format
+msgid "order increment: %s: %s"
+msgstr "inkrement redoslijeda (order): %s: %s"
+
+#: plugins/sudoers/cvtsudoers.c:214
+#, c-format
+msgid "starting order: %s: %s"
+msgstr "početni redoslijed (order): %s: %s"
+
+#: plugins/sudoers/cvtsudoers.c:224
+#, c-format
+msgid "order padding: %s: %s"
+msgstr "popuna redoslijeda (order): %s: %s"
+
+#: plugins/sudoers/cvtsudoers.c:232 plugins/sudoers/sudoreplay.c:287
+#: plugins/sudoers/visudo.c:182
+#, c-format
+msgid "%s version %s\n"
+msgstr "%s inačica %s\n"
+
+#: plugins/sudoers/cvtsudoers.c:234 plugins/sudoers/visudo.c:184
+#, c-format
+msgid "%s grammar version %d\n"
+msgstr "%s inačica gramatike %d\n"
+
+#: plugins/sudoers/cvtsudoers.c:251 plugins/sudoers/testsudoers.c:173
+#, c-format
+msgid "unsupported input format %s"
+msgstr "nepodržani ulazni formata %s"
+
+#: plugins/sudoers/cvtsudoers.c:266
+#, c-format
+msgid "unsupported output format %s"
+msgstr "nepodržani izlazni formata %s"
+
+#: plugins/sudoers/cvtsudoers.c:318
+#, c-format
+msgid "%s: input and output files must be different"
+msgstr "%s: ulazna i izlazna datoteka moraju biti različite datoteke"
+
+#: plugins/sudoers/cvtsudoers.c:334 plugins/sudoers/sudoers.c:172
+#: plugins/sudoers/testsudoers.c:264 plugins/sudoers/visudo.c:238
+#: plugins/sudoers/visudo.c:594 plugins/sudoers/visudo.c:917
+msgid "unable to initialize sudoers default values"
+msgstr "nije moguće inicijalizirati zadane vrijednosti sudoers"
+
+#: plugins/sudoers/cvtsudoers.c:420 plugins/sudoers/ldap_conf.c:433
+#, c-format
+msgid "%s: %s: %s: %s"
+msgstr "%s: %s: %s: %s"
+
+#: plugins/sudoers/cvtsudoers.c:479
+#, c-format
+msgid "%s: unknown key word: %s"
+msgstr "%s: nepoznata ključna riječ: %s"
+
+#: plugins/sudoers/cvtsudoers.c:525
+#, c-format
+msgid "invalid defaults type: %s"
+msgstr "nevaljane zadane vrste: %s"
+
+#: plugins/sudoers/cvtsudoers.c:548
+#, c-format
+msgid "invalid suppression type: %s"
+msgstr "nevaljana vrsta za izostavljanje: %s"
+
+#: plugins/sudoers/cvtsudoers.c:588 plugins/sudoers/cvtsudoers.c:602
+#, c-format
+msgid "invalid filter: %s"
+msgstr "nevaljani filtar: %s"
+
+#: plugins/sudoers/cvtsudoers.c:621 plugins/sudoers/cvtsudoers.c:638
+#: plugins/sudoers/cvtsudoers.c:1244 plugins/sudoers/cvtsudoers_json.c:1128
+#: plugins/sudoers/cvtsudoers_ldif.c:641 plugins/sudoers/iolog.c:411
+#: plugins/sudoers/iolog_util.c:72 plugins/sudoers/sudoers.c:903
+#: plugins/sudoers/sudoreplay.c:333 plugins/sudoers/sudoreplay.c:1425
+#: plugins/sudoers/timestamp.c:446 plugins/sudoers/tsdump.c:133
+#: plugins/sudoers/visudo.c:913
+#, c-format
+msgid "unable to open %s"
+msgstr "nije moguće otvoriti %s"
+
+#: plugins/sudoers/cvtsudoers.c:641 plugins/sudoers/visudo.c:922
+#, c-format
+msgid "failed to parse %s file, unknown error"
+msgstr "nije uspjelo raščlaniti %s datoteku, nepoznata greška"
+
+#: plugins/sudoers/cvtsudoers.c:649 plugins/sudoers/visudo.c:939
+#, c-format
+msgid "parse error in %s near line %d\n"
+msgstr "greška u raščlambi u %s blizu retka %d\n"
+
+#: plugins/sudoers/cvtsudoers.c:652 plugins/sudoers/visudo.c:942
+#, c-format
+msgid "parse error in %s\n"
+msgstr "greška u raščlambi u %s\n"
+
+#: plugins/sudoers/cvtsudoers.c:1291 plugins/sudoers/iolog.c:498
+#: plugins/sudoers/sudoreplay.c:1129 plugins/sudoers/timestamp.c:330
+#: plugins/sudoers/timestamp.c:333
+#, c-format
+msgid "unable to write to %s"
+msgstr "nije moguće pisati u %s"
+
+#: plugins/sudoers/cvtsudoers.c:1314
+#, c-format
+msgid ""
+"%s - convert between sudoers file formats\n"
+"\n"
+msgstr ""
+"%s - pretvara formate sudoers datoteka\n"
+"\n"
+
+#: plugins/sudoers/cvtsudoers.c:1316
+msgid ""
+"\n"
+"Options:\n"
+"  -b, --base=dn              the base DN for sudo LDAP queries\n"
+"  -d, --defaults=deftypes    only convert Defaults of the specified types\n"
+"  -e, --expand-aliases       expand aliases when converting\n"
+"  -f, --output-format=format set output format: JSON, LDIF or sudoers\n"
+"  -i, --input-format=format  set input format: LDIF or sudoers\n"
+"  -I, --increment=num        amount to increase each sudoOrder by\n"
+"  -h, --help                 display help message and exit\n"
+"  -m, --match=filter         only convert entries that match the filter\n"
+"  -M, --match-local          match filter uses passwd and group databases\n"
+"  -o, --output=output_file   write converted sudoers to output_file\n"
+"  -O, --order-start=num      starting point for first sudoOrder\n"
+"  -p, --prune-matches        prune non-matching users, groups and hosts\n"
+"  -P, --padding=num          base padding for sudoOrder increment\n"
+"  -s, --suppress=sections    suppress output of certain sections\n"
+"  -V, --version              display version information and exit"
+msgstr ""
+"\n"
+"Opcije:\n"
+"  -b, --base=dn              osnovni DN za sudo LDAP upite\n"
+"  -d, --defaults=deftypes    pretvori samo Defaults od specificiranih deftypes\n"
+"  -e, --expand-aliases       proširuje aliase kada pretvara\n"
+"  -f, --output-format=format izlazni format jedan od: JSON, LDIF ili sudoers\n"
+"  -i, --input-format=format  ulazni format jedan od: LDIF ili sudoers\n"
+"  -I, --increment=num        inkrement za num svaki sudoOrder\n"
+"  -h, --help                 pokaže ovu pomoć i završi\n"
+"  -m, --match=filter         pretvori samo stavke koje podudaraju filter\n"
+"  -M, --match-local          filter rabi passwd i group baze podataka\n"
+"  -o, --output=output_file   pretvoreni sudoers zapiše u output_file\n"
+"  -O, --order-start=num      prvi sudoOrder započinje od num\n"
+"  -p, --prune-matches        izreže nepodudarne korisnike, grupe i računala\n"
+"  -P, --padding=num          osnovna popuna za sudoOrder inkrement\n"
+"  -s, --suppress=sections    izostavi izlaz od sections sekcija\n"
+"  -V, --version              informira o inačici ovog programa i završi"
+
+#: plugins/sudoers/cvtsudoers_json.c:682 plugins/sudoers/cvtsudoers_json.c:718
+#: plugins/sudoers/cvtsudoers_json.c:936
+#, c-format
+msgid "unknown defaults entry \"%s\""
+msgstr "nepoznati unos defaults „%s“"
+
+#: plugins/sudoers/cvtsudoers_json.c:856 plugins/sudoers/cvtsudoers_json.c:871
+#: plugins/sudoers/cvtsudoers_ldif.c:306 plugins/sudoers/cvtsudoers_ldif.c:317
+#: plugins/sudoers/ldap.c:480
+msgid "unable to get GMT time"
+msgstr "nije moguće dobiti GMT vrijeme"
+
+#: plugins/sudoers/cvtsudoers_json.c:859 plugins/sudoers/cvtsudoers_json.c:874
+#: plugins/sudoers/cvtsudoers_ldif.c:309 plugins/sudoers/cvtsudoers_ldif.c:320
+#: plugins/sudoers/ldap.c:486
+msgid "unable to format timestamp"
+msgstr "nije moguće oblikovati vremensku oznaku"
+
+#: plugins/sudoers/cvtsudoers_ldif.c:524 plugins/sudoers/env.c:309
+#: plugins/sudoers/env.c:316 plugins/sudoers/env.c:421
+#: plugins/sudoers/ldap.c:494 plugins/sudoers/ldap.c:725
+#: plugins/sudoers/ldap.c:1052 plugins/sudoers/ldap_conf.c:225
+#: plugins/sudoers/ldap_conf.c:315 plugins/sudoers/linux_audit.c:87
+#: plugins/sudoers/logging.c:1015 plugins/sudoers/policy.c:623
+#: plugins/sudoers/policy.c:633 plugins/sudoers/prompt.c:166
+#: plugins/sudoers/sudoers.c:845 plugins/sudoers/testsudoers.c:255
+#: plugins/sudoers/toke_util.c:159
+#, c-format
+msgid "internal error, %s overflow"
+msgstr "**interna greška**, %s prelijevanje"
+
+#: plugins/sudoers/cvtsudoers_ldif.c:593
+#, c-format
+msgid "too many sudoers entries, maximum %u"
+msgstr "previše sudoers grešaka, maksimum je %u"
+
+#: plugins/sudoers/cvtsudoers_ldif.c:636
+msgid "the SUDOERS_BASE environment variable is not set and the -b option was not specified."
+msgstr "varijabla okoline SUDOERS_BASE nije postavljena i -b opcija nije specificirana."
+
+#: plugins/sudoers/def_data.c:42
+#, c-format
+msgid "Syslog facility if syslog is being used for logging: %s"
+msgstr "Alat za bilježenje ako se syslog koristi za pisanje dnevnika: %s"
+
+#: plugins/sudoers/def_data.c:46
+#, c-format
+msgid "Syslog priority to use when user authenticates successfully: %s"
+msgstr "Pri uspješnoj autentifikaciji korisnika rabi se syslog prioritet: %s"
+
+#: plugins/sudoers/def_data.c:50
+#, c-format
+msgid "Syslog priority to use when user authenticates unsuccessfully: %s"
+msgstr "Pri neuspješnoj autentifikaciji korisnika rabi se syslog prioritet: %s"
+
+#: plugins/sudoers/def_data.c:54
+msgid "Put OTP prompt on its own line"
+msgstr "Postavite OTP (One-Time-Password) prompt u zasebni, vlastiti redak"
+
+#: plugins/sudoers/def_data.c:58
+msgid "Ignore '.' in $PATH"
+msgstr "Ignorira se „.“ u $PATH"
+
+#: plugins/sudoers/def_data.c:62
+msgid "Always send mail when sudo is run"
+msgstr "Poštu poslati kad god se pokrene sudo"
+
+#: plugins/sudoers/def_data.c:66
+msgid "Send mail if user authentication fails"
+msgstr "Poštu poslati ako autentifikacija korisnika nije uspjela"
+
+#: plugins/sudoers/def_data.c:70
+msgid "Send mail if the user is not in sudoers"
+msgstr "Poštu poslati ako korisnik nije u sudoers"
+
+#: plugins/sudoers/def_data.c:74
+msgid "Send mail if the user is not in sudoers for this host"
+msgstr "Poštu poslati ako korisnik nije u sudoers na ovom računalu"
+
+#: plugins/sudoers/def_data.c:78
+msgid "Send mail if the user is not allowed to run a command"
+msgstr "Poštu poslati ako korisnik nema dopuštenje za pokretanje naredbe"
+
+#: plugins/sudoers/def_data.c:82
+msgid "Send mail if the user tries to run a command"
+msgstr "Poštu poslati ako korisnik pokušava unositi naredbe"
+
+#: plugins/sudoers/def_data.c:86
+msgid "Use a separate timestamp for each user/tty combo"
+msgstr "Za svaku kombinaciju korisnik/terminal koristi se zasebna vremenska oznaka"
+
+#: plugins/sudoers/def_data.c:90
+msgid "Lecture user the first time they run sudo"
+msgstr "Korisnika podučiti prilikom prvog pokretanja sudo"
+
+#: plugins/sudoers/def_data.c:94
+#, c-format
+msgid "File containing the sudo lecture: %s"
+msgstr "Datoteka koja sadrži sudo poduku: %s"
+
+#: plugins/sudoers/def_data.c:98
+msgid "Require users to authenticate by default"
+msgstr "Po zadanim postavkama zahtijeva se autentifikacija korisnika"
+
+#: plugins/sudoers/def_data.c:102
+msgid "Root may run sudo"
+msgstr "Root smije pokrenuti sudo"
+
+#: plugins/sudoers/def_data.c:106
+msgid "Log the hostname in the (non-syslog) log file"
+msgstr "Ime računala zapiše se u (ne-syslog) dnevničku datoteku"
+
+#: plugins/sudoers/def_data.c:110
+msgid "Log the year in the (non-syslog) log file"
+msgstr "Godina se zapiše u (ne-syslog) dnevničku datoteku"
+
+#: plugins/sudoers/def_data.c:114
+msgid "If sudo is invoked with no arguments, start a shell"
+msgstr "Ako se sudo pozove bez argumenata, pokrene se ljuska"
+
+#: plugins/sudoers/def_data.c:118
+msgid "Set $HOME to the target user when starting a shell with -s"
+msgstr "Postavlja $HOME na ciljanoga korisnika pri pokretanju ljuske s opcijom -s"
+
+#: plugins/sudoers/def_data.c:122
+msgid "Always set $HOME to the target user's home directory"
+msgstr "Uvijek postavlja $HOME na osobni direktorij ciljanoga korisnika"
+
+#: plugins/sudoers/def_data.c:126
+msgid "Allow some information gathering to give useful error messages"
+msgstr "Dopušteno je prikupljanje informacija za ispis korisnih poruka o greškama"
+
+#: plugins/sudoers/def_data.c:130
+msgid "Require fully-qualified hostnames in the sudoers file"
+msgstr "Datoteka sudoers zahtjeva potpuno kvalificirana (fully-qualified) imena računala"
+
+#: plugins/sudoers/def_data.c:134
+msgid "Insult the user when they enter an incorrect password"
+msgstr "Korisnika izgrditi ako upiše netočnu lozinku"
+
+#: plugins/sudoers/def_data.c:138
+msgid "Only allow the user to run sudo if they have a tty"
+msgstr "Korisniku dopustiti pokretanje sudo samo ako ima tty"
+
+#: plugins/sudoers/def_data.c:142
+msgid "Visudo will honor the EDITOR environment variable"
+msgstr "Visudo poštuje varijablu okoline EDITOR"
+
+#: plugins/sudoers/def_data.c:146
+msgid "Prompt for root's password, not the users's"
+msgstr "Zatražiti root lozinku umjesto lozinke korisnika"
+
+#: plugins/sudoers/def_data.c:150
+msgid "Prompt for the runas_default user's password, not the users's"
+msgstr "Zatražiti lozinku runas_default korisnika a ne lozinku trenutačnoga korisnika"
+
+#: plugins/sudoers/def_data.c:154
+msgid "Prompt for the target user's password, not the users's"
+msgstr "Zatražiti lozinku ciljanoga korisnika a ne lozinku trenutačnoga korisnika"
+
+#: plugins/sudoers/def_data.c:158
+msgid "Apply defaults in the target user's login class if there is one"
+msgstr "Ako postoje, primijeniti zadane vrijednosti iz login klase ciljanoga korisnika"
+
+#: plugins/sudoers/def_data.c:162
+msgid "Set the LOGNAME and USER environment variables"
+msgstr "Postavlja varijable okoline LOGNAME i USER"
+
+#: plugins/sudoers/def_data.c:166
+msgid "Only set the effective uid to the target user, not the real uid"
+msgstr "Postavlja samo efektivni UID na onaj ciljanoga korisnika umjesto stvarnog UID"
+
+#: plugins/sudoers/def_data.c:170
+msgid "Don't initialize the group vector to that of the target user"
+msgstr "Ne inicijalizirati grupni vektor na onaj od ciljanoga korisnika"
+
+#: plugins/sudoers/def_data.c:174
+#, c-format
+msgid "Length at which to wrap log file lines (0 for no wrap): %u"
+msgstr "Pozicija na kojoj se prelamaju redci dnevničke datoteke (0, bez prelamanja): %u"
+
+#: plugins/sudoers/def_data.c:178
+#, c-format
+msgid "Authentication timestamp timeout: %.1f minutes"
+msgstr "Istek vremena za vremensku oznaku autentifikacije: %.1f minuta"
+
+#: plugins/sudoers/def_data.c:182
+#, c-format
+msgid "Password prompt timeout: %.1f minutes"
+msgstr "Istek vremena za unos lozinke: %.1f minuta"
+
+#: plugins/sudoers/def_data.c:186
+#, c-format
+msgid "Number of tries to enter a password: %u"
+msgstr "Broj pokušaja unosa lozinke: %u"
+
+#: plugins/sudoers/def_data.c:190
+#, c-format
+msgid "Umask to use or 0777 to use user's: 0%o"
+msgstr "Umask za korištenje ili 0777 za korisničku: 0%o"
+
+#: plugins/sudoers/def_data.c:194
+#, c-format
+msgid "Path to log file: %s"
+msgstr "Staza do dnevničke datoteke: %s"
+
+#: plugins/sudoers/def_data.c:198
+#, c-format
+msgid "Path to mail program: %s"
+msgstr "Staza do programa pošte: %s"
+
+#: plugins/sudoers/def_data.c:202
+#, c-format
+msgid "Flags for mail program: %s"
+msgstr "Zastavice za program pošte: %s"
+
+#: plugins/sudoers/def_data.c:206
+#, c-format
+msgid "Address to send mail to: %s"
+msgstr "Adresa na koju se šalje pošta: %s"
+
+#: plugins/sudoers/def_data.c:210
+#, c-format
+msgid "Address to send mail from: %s"
+msgstr "Adresa s koje se šalje pošta: %s"
+
+#: plugins/sudoers/def_data.c:214
+#, c-format
+msgid "Subject line for mail messages: %s"
+msgstr "Redak za upis predmeta (subject) poštanskih poruka: %s"
+
+#: plugins/sudoers/def_data.c:218
+#, c-format
+msgid "Incorrect password message: %s"
+msgstr "Poruka za netočnu lozinku: %s"
+
+#: plugins/sudoers/def_data.c:222
+#, c-format
+msgid "Path to lecture status dir: %s"
+msgstr "Staza do direktorija s lekcijom: %s"
+
+#: plugins/sudoers/def_data.c:226
+#, c-format
+msgid "Path to authentication timestamp dir: %s"
+msgstr "Staza do direktorija s vremenskim oznakama autentifikacije: %s"
+
+#: plugins/sudoers/def_data.c:230
+#, c-format
+msgid "Owner of the authentication timestamp dir: %s"
+msgstr "Vlasnik direktorija s vremenskim oznakama autentifikacije: %s"
+
+#: plugins/sudoers/def_data.c:234
+#, c-format
+msgid "Users in this group are exempt from password and PATH requirements: %s"
+msgstr "Korisnici u ovoj grupi su izuzeti od zahtjeva za unos lozinke i PATH: %s"
+
+#: plugins/sudoers/def_data.c:238
+#, c-format
+msgid "Default password prompt: %s"
+msgstr "Zadani zahtjev (prompt) za lozinku: %s"
+
+#: plugins/sudoers/def_data.c:242
+msgid "If set, passprompt will override system prompt in all cases."
+msgstr "Ako je postavljen, passprompt će zamijeniti prompt sustava u svim slučajevima."
+
+#: plugins/sudoers/def_data.c:246
+#, c-format
+msgid "Default user to run commands as: %s"
+msgstr "Zadani korisnik za pokretanje naredbi: %s"
+
+#: plugins/sudoers/def_data.c:250
+#, c-format
+msgid "Value to override user's $PATH with: %s"
+msgstr "Vrijednost s kojom se zamijeni korisnikov $PATH: %s"
+
+#: plugins/sudoers/def_data.c:254
+#, c-format
+msgid "Path to the editor for use by visudo: %s"
+msgstr "Staza do uređivača koji će koristiti visudo: %s"
+
+#: plugins/sudoers/def_data.c:258
+#, c-format
+msgid "When to require a password for 'list' pseudocommand: %s"
+msgstr "Kada zatražiti lozinku za pseudonaredbu „list“: %s"
+
+#: plugins/sudoers/def_data.c:262
+#, c-format
+msgid "When to require a password for 'verify' pseudocommand: %s"
+msgstr "Kada zatražiti lozinku za pseudonaredbu „verify“: %s"
+
+#: plugins/sudoers/def_data.c:266
+msgid "Preload the dummy exec functions contained in the sudo_noexec library"
+msgstr "Prethodno učitati prividne izvršne funkcije sadržane u biblioteci sudo_noexec"
+
+#: plugins/sudoers/def_data.c:270
+msgid "If LDAP directory is up, do we ignore local sudoers file"
+msgstr "Ako je dostupni LDAP direktorij, zanemaruje li se lokalna sudoers datoteka"
+
+#: plugins/sudoers/def_data.c:274
+#, c-format
+msgid "File descriptors >= %d will be closed before executing a command"
+msgstr "Deskriptori datoteka >= %d biti će zatvoreni prije izvršavanja naredbe"
+
+#: plugins/sudoers/def_data.c:278
+msgid "If set, users may override the value of `closefrom' with the -C option"
+msgstr "Ako je postavljena, korisnici mogu zamijeniti vrijednost „closeform“ s opcijom -C"
+
+#: plugins/sudoers/def_data.c:282
+msgid "Allow users to set arbitrary environment variables"
+msgstr "Korisnici mogu postaviti bilo koje varijable okoline"
+
+#: plugins/sudoers/def_data.c:286
+msgid "Reset the environment to a default set of variables"
+msgstr "Okolinu vratiti u zadani skup varijabli okoline"
+
+#: plugins/sudoers/def_data.c:290
+msgid "Environment variables to check for sanity:"
+msgstr "Varijable okoline čije „zdravlje“ treba ispitati:"
+
+#: plugins/sudoers/def_data.c:294
+msgid "Environment variables to remove:"
+msgstr "Varijable okoline koje treba ukloniti:"
+
+#: plugins/sudoers/def_data.c:298
+msgid "Environment variables to preserve:"
+msgstr "Varijable okoline koje treba sačuvati:"
+
+#: plugins/sudoers/def_data.c:302
+#, c-format
+msgid "SELinux role to use in the new security context: %s"
+msgstr "SELinux uloga za korištenje u novom sigurnosnom kontekstu: %s"
+
+#: plugins/sudoers/def_data.c:306
+#, c-format
+msgid "SELinux type to use in the new security context: %s"
+msgstr "SELinux vrsta za korištenje u novom sigurnosnom kontekstu: %s"
+
+#: plugins/sudoers/def_data.c:310
+#, c-format
+msgid "Path to the sudo-specific environment file: %s"
+msgstr "Staza do datoteke okoline specifične za sudo: %s"
+
+#: plugins/sudoers/def_data.c:314
+#, c-format
+msgid "Path to the restricted sudo-specific environment file: %s"
+msgstr "Staza do datoteke okoline s ograničenim pristupom specifične za sudo: %s"
+
+#: plugins/sudoers/def_data.c:318
+#, c-format
+msgid "Locale to use while parsing sudoers: %s"
+msgstr "Locale za korištenje pri obradi sudoers: %s"
+
+#: plugins/sudoers/def_data.c:322
+msgid "Allow sudo to prompt for a password even if it would be visible"
+msgstr "Dopustiti da sudo zatraži lozinku čak i ako će biti vidljiva"
+
+#: plugins/sudoers/def_data.c:326
+msgid "Provide visual feedback at the password prompt when there is user input"
+msgstr "Vizualno pokazati rezultat nakon unosa lozinke korisnikom"
+
+#: plugins/sudoers/def_data.c:330
+msgid "Use faster globbing that is less accurate but does not access the filesystem"
+msgstr "Rabi se brže i manje precizno podudaranje ali nema dostupa datotečnom sustavu"
+
+#: plugins/sudoers/def_data.c:334
+msgid "The umask specified in sudoers will override the user's, even if it is more permissive"
+msgstr "U sudoers specificirani umask zamijeniti će korisnički čak i ako je tolerantniji"
+
+#: plugins/sudoers/def_data.c:338
+msgid "Log user's input for the command being run"
+msgstr "Urudžbirati korisnikom pokrenute naredbe"
+
+#: plugins/sudoers/def_data.c:342
+msgid "Log the output of the command being run"
+msgstr "Urudžbirati izlaz pokrenute naredbe"
+
+#: plugins/sudoers/def_data.c:346
+msgid "Compress I/O logs using zlib"
+msgstr "U/I urudžbirane dnevnike komprimirati s programom zlib"
+
+#: plugins/sudoers/def_data.c:350
+msgid "Always run commands in a pseudo-tty"
+msgstr "Naredbe uvijek pokrenuti u pseudo-TTY"
+
+#: plugins/sudoers/def_data.c:354
+#, c-format
+msgid "Plugin for non-Unix group support: %s"
+msgstr "Plugin za podršku za ne-Unix grupe: %s"
+
+#: plugins/sudoers/def_data.c:358
+#, c-format
+msgid "Directory in which to store input/output logs: %s"
+msgstr "Direktorij u kojem se spremaju ulazno/izlazni dnevnici: %s"
+
+#: plugins/sudoers/def_data.c:362
+#, c-format
+msgid "File in which to store the input/output log: %s"
+msgstr "Datoteka u koju se sprema ulazno/izlazni dnevnik: %s"
+
+#: plugins/sudoers/def_data.c:366
+msgid "Add an entry to the utmp/utmpx file when allocating a pty"
+msgstr "Dodati stavku u utmp/utmpx datoteku pri dodijeli pseudoterminala"
+
+#: plugins/sudoers/def_data.c:370
+msgid "Set the user in utmp to the runas user, not the invoking user"
+msgstr "Postaviti korisnika u utmp na runas-korisnika umjesto na pozivatelja"
+
+#: plugins/sudoers/def_data.c:374
+#, c-format
+msgid "Set of permitted privileges: %s"
+msgstr "Skup dopuštenih privilegija: %s"
+
+#: plugins/sudoers/def_data.c:378
+#, c-format
+msgid "Set of limit privileges: %s"
+msgstr "Skup limitiranih privilegija: %s"
+
+#: plugins/sudoers/def_data.c:382
+msgid "Run commands on a pty in the background"
+msgstr "Pokrenuti naredbe na pseudoterminalu u pozadini"
+
+#: plugins/sudoers/def_data.c:386
+#, c-format
+msgid "PAM service name to use: %s"
+msgstr "Naziv PAM usluge za upotrebu: %s"
+
+#: plugins/sudoers/def_data.c:390
+#, c-format
+msgid "PAM service name to use for login shells: %s"
+msgstr "Naziv PAM usluge za upotrebu za prijavnu ljusku: %s"
+
+#: plugins/sudoers/def_data.c:394
+msgid "Attempt to establish PAM credentials for the target user"
+msgstr "Pokušaj da se uspostavi PAM verifikacija za ciljanoga korisnika"
+
+#: plugins/sudoers/def_data.c:398
+msgid "Create a new PAM session for the command to run in"
+msgstr "Kreira novu PAM sesiju za izvršavanje naredbe"
+
+#: plugins/sudoers/def_data.c:402
+#, c-format
+msgid "Maximum I/O log sequence number: %u"
+msgstr "Maksimalni redni broj U/I dnevnika: %u"
+
+#: plugins/sudoers/def_data.c:406
+msgid "Enable sudoers netgroup support"
+msgstr "Omogućite podršku mrežnih grupa (netgroup) u sudoers"
+
+#: plugins/sudoers/def_data.c:410
+msgid "Check parent directories for writability when editing files with sudoedit"
+msgstr "Provjerite mogućnost pisanja u naddirektorijima kad se koristi sudoedit za uređivanje"
+
+#: plugins/sudoers/def_data.c:414
+msgid "Follow symbolic links when editing files with sudoedit"
+msgstr "Slijedi simboličke veze kad se koristi sudoedit za uređivanje datoteka"
+
+#: plugins/sudoers/def_data.c:418
+msgid "Query the group plugin for unknown system groups"
+msgstr "Ispituje plugin grupe za nepoznate sustavske grupe"
+
+#: plugins/sudoers/def_data.c:422
+msgid "Match netgroups based on the entire tuple: user, host and domain"
+msgstr "Podudaranje mrežnih grupa bazira se na kompletnoj n-torki: korisnik, računalo, domena"
+
+#: plugins/sudoers/def_data.c:426
+msgid "Allow commands to be run even if sudo cannot write to the audit log"
+msgstr "Naredbe je dopušteno izvršiti iako ih sudo ne može upisati u revizijski dnevnik"
+
+#: plugins/sudoers/def_data.c:430
+msgid "Allow commands to be run even if sudo cannot write to the I/O log"
+msgstr "Naredbe je dopušteno izvršiti iako ih sudo ne može upisati u U/I dnevnik"
+
+#: plugins/sudoers/def_data.c:434
+msgid "Allow commands to be run even if sudo cannot write to the log file"
+msgstr "Naredbe je dopušteno izvršiti iako ih sudo ne može upisati u dnevnik"
+
+#: plugins/sudoers/def_data.c:438
+msgid "Resolve groups in sudoers and match on the group ID, not the name"
+msgstr "Razriješi grupe u sudoers i podudari ih po ID grupe umjesto po imenu grupe"
+
+#: plugins/sudoers/def_data.c:442
+#, c-format
+msgid "Log entries larger than this value will be split into multiple syslog messages: %u"
+msgstr "Dnevničke stavke veće od ove vrijednosti podijeliti će se u više syslog poruka: %u"
+
+#: plugins/sudoers/def_data.c:446
+#, c-format
+msgid "User that will own the I/O log files: %s"
+msgstr "Korisnik koji će biti vlasnik U/I dnevnika: %s"
+
+#: plugins/sudoers/def_data.c:450
+#, c-format
+msgid "Group that will own the I/O log files: %s"
+msgstr "Grupa koja će biti vlasnik U/I dnevnika: %s"
+
+#: plugins/sudoers/def_data.c:454
+#, c-format
+msgid "File mode to use for the I/O log files: 0%o"
+msgstr "Prava pristupa za uporabu za U/I dnevnike: 0%o"
+
+#: plugins/sudoers/def_data.c:458
+#, c-format
+msgid "Execute commands by file descriptor instead of by path: %s"
+msgstr "Izvrši naredbe pomoću deskriptora datoteke umjesto staze: %s"
+
+#: plugins/sudoers/def_data.c:462
+msgid "Ignore unknown Defaults entries in sudoers instead of producing a warning"
+msgstr "Nepoznati zadani podaci za sudoers se ignoriraju umjesto ispisa upozorenja"
+
+#: plugins/sudoers/def_data.c:466
+#, c-format
+msgid "Time in seconds after which the command will be terminated: %u"
+msgstr "Vrijeme u sekundama nakon kojeg se naredba prekida: %u"
+
+#: plugins/sudoers/def_data.c:470
+msgid "Allow the user to specify a timeout on the command line"
+msgstr "Dopustite korisniku da specificira istek vremena na komandnom retku"
+
+#: plugins/sudoers/def_data.c:474
+msgid "Flush I/O log data to disk immediately instead of buffering it"
+msgstr "U/I dnevnik ispisivati direktno na disk umjesto preko međuspremnika"
+
+#: plugins/sudoers/def_data.c:478
+msgid "Include the process ID when logging via syslog"
+msgstr "U syslog dnevnik upisivati i ID procesa"
+
+#: plugins/sudoers/def_data.c:482
+#, c-format
+msgid "Type of authentication timestamp record: %s"
+msgstr "Vrsta zapisa autentifikacijskih vremenskih oznaka: %s"
+
+#: plugins/sudoers/def_data.c:486
+#, c-format
+msgid "Authentication failure message: %s"
+msgstr "Greška u provjeri autentičnosti: %s"
+
+#: plugins/sudoers/def_data.c:490
+msgid "Ignore case when matching user names"
+msgstr "Ignorira se veličina slova kad se uspoređuju imena korisnika"
+
+#: plugins/sudoers/def_data.c:494
+msgid "Ignore case when matching group names"
+msgstr "Ignorira se veličinu slova kada se uspoređuju imena grupa"
+
+#: plugins/sudoers/defaults.c:229
+#, c-format
+msgid "%s:%d unknown defaults entry \"%s\""
+msgstr "%s:%d nepoznata stavka zadanih vrijednosti „%s“"
+
+#: plugins/sudoers/defaults.c:232
+#, c-format
+msgid "%s: unknown defaults entry \"%s\""
+msgstr "%s: nepoznata stavka zadanih vrijednosti „%s“"
+
+#: plugins/sudoers/defaults.c:275
+#, c-format
+msgid "%s:%d no value specified for \"%s\""
+msgstr "%s:%d nije navedena vrijednost za „%s“"
+
+#: plugins/sudoers/defaults.c:278
+#, c-format
+msgid "%s: no value specified for \"%s\""
+msgstr "%s: nije navedena vrijednost za „%s“"
+
+#: plugins/sudoers/defaults.c:298
+#, c-format
+msgid "%s:%d values for \"%s\" must start with a '/'"
+msgstr "%s:%d vrijednost za „%s“ mora početi s „/“"
+
+#: plugins/sudoers/defaults.c:301
+#, c-format
+msgid "%s: values for \"%s\" must start with a '/'"
+msgstr "%s: vrijednost za „%s“ mora početi s „/“"
+
+#: plugins/sudoers/defaults.c:323
+#, c-format
+msgid "%s:%d option \"%s\" does not take a value"
+msgstr "%s:%d opcija „%s“ ne prihvaća vrijednost"
+
+#: plugins/sudoers/defaults.c:326
+#, c-format
+msgid "%s: option \"%s\" does not take a value"
+msgstr "%s: opcija „%s“ ne prihvaća vrijednost"
+
+#: plugins/sudoers/defaults.c:351
+#, c-format
+msgid "%s:%d invalid Defaults type 0x%x for option \"%s\""
+msgstr "%s:%d nevaljana zadana vrsta 0x%x za opciju „%s“"
+
+#: plugins/sudoers/defaults.c:354
+#, c-format
+msgid "%s: invalid Defaults type 0x%x for option \"%s\""
+msgstr "%s: nevaljana Defaults vrsta 0x%x za opciju „%s“"
+
+#: plugins/sudoers/defaults.c:364
+#, c-format
+msgid "%s:%d value \"%s\" is invalid for option \"%s\""
+msgstr "%s:%d vrijednost „%s“ nije ispravna za opciju „%s“"
+
+#: plugins/sudoers/defaults.c:367
+#, c-format
+msgid "%s: value \"%s\" is invalid for option \"%s\""
+msgstr "%s: vrijednost „%s“ nije ispravna za opciju „%s“"
+
+#: plugins/sudoers/env.c:390
+msgid "sudo_putenv: corrupted envp, length mismatch"
+msgstr "sudo_putenv: oštećen envp, duljina ne odgovara"
+
+#: plugins/sudoers/env.c:1111
+msgid "unable to rebuild the environment"
+msgstr "nije moguće obnoviti okolinu"
+
+#: plugins/sudoers/env.c:1185
+#, c-format
+msgid "sorry, you are not allowed to set the following environment variables: %s"
+msgstr "nemate dopuštenje za postavljanje sljedećih varijabli okoline: %s"
+
+#: plugins/sudoers/file.c:114
+#, c-format
+msgid "parse error in %s near line %d"
+msgstr "greška u raščlambi u %s blizu retka %d"
+
+#: plugins/sudoers/file.c:117
+#, c-format
+msgid "parse error in %s"
+msgstr "greška u raščlambi u %s"
+
+#: plugins/sudoers/filedigest.c:59
+#, c-format
+msgid "unsupported digest type %d for %s"
+msgstr "nepodržana vrsta kontrolnog zbroja %d za %s"
+
+#: plugins/sudoers/filedigest.c:88
+#, c-format
+msgid "%s: read error"
+msgstr "%s: greška čitanja"
+
+#: plugins/sudoers/group_plugin.c:88
+#, c-format
+msgid "%s must be owned by uid %d"
+msgstr "vlasnik %s mora biti UID %d"
+
+#: plugins/sudoers/group_plugin.c:92
+#, c-format
+msgid "%s must only be writable by owner"
+msgstr "%s mora biti dostupan za pisanje samo vlasniku"
+
+#: plugins/sudoers/group_plugin.c:100 plugins/sudoers/sssd.c:561
+#, c-format
+msgid "unable to load %s: %s"
+msgstr "nije moguće učitati %s: %s"
+
+#: plugins/sudoers/group_plugin.c:106
+#, c-format
+msgid "unable to find symbol \"group_plugin\" in %s"
+msgstr "nije moguće pronaći simbol „group_plugin“ u %s"
+
+#: plugins/sudoers/group_plugin.c:111
+#, c-format
+msgid "%s: incompatible group plugin major version %d, expected %d"
+msgstr "%s: nekompatibilna glavna inačica plugin grupe %d, očekivano je %d"
+
+#: plugins/sudoers/interfaces.c:84 plugins/sudoers/interfaces.c:101
+#, c-format
+msgid "unable to parse IP address \"%s\""
+msgstr "„%s“ nije valjana IP adresa (nemoguće ju je raščlaniti)"
+
+#: plugins/sudoers/interfaces.c:89 plugins/sudoers/interfaces.c:106
+#, c-format
+msgid "unable to parse netmask \"%s\""
+msgstr "„%s“ nije valjana mrežna maska (nemoguće ju je raščlaniti)"
+
+#: plugins/sudoers/interfaces.c:134
+msgid "Local IP address and netmask pairs:\n"
+msgstr "Parovi lokalnih IP adresa i mrežnih maski:\n"
+
+#: plugins/sudoers/iolog.c:115 plugins/sudoers/mkdir_parents.c:80
+#, c-format
+msgid "%s exists but is not a directory (0%o)"
+msgstr "%s postoji, ali nije direktorij (0%o)"
+
+#: plugins/sudoers/iolog.c:140 plugins/sudoers/iolog.c:180
+#: plugins/sudoers/mkdir_parents.c:69 plugins/sudoers/timestamp.c:210
+#, c-format
+msgid "unable to mkdir %s"
+msgstr "nije moguće napraviti direktorij %s"
+
+#: plugins/sudoers/iolog.c:184 plugins/sudoers/visudo.c:723
+#: plugins/sudoers/visudo.c:734
+#, c-format
+msgid "unable to change mode of %s to 0%o"
+msgstr "nije moguće promijeniti mȏd od %s na 0%o"
+
+#: plugins/sudoers/iolog.c:292 plugins/sudoers/sudoers.c:1167
+#: plugins/sudoers/testsudoers.c:422
+#, c-format
+msgid "unknown group: %s"
+msgstr "nepoznata grupa: %s"
+
+#: plugins/sudoers/iolog.c:462 plugins/sudoers/sudoers.c:907
+#: plugins/sudoers/sudoreplay.c:840 plugins/sudoers/sudoreplay.c:1536
+#: plugins/sudoers/tsdump.c:143
+#, c-format
+msgid "unable to read %s"
+msgstr "nije moguće pročitati %s"
+
+#: plugins/sudoers/iolog.c:577 plugins/sudoers/iolog.c:797
+#, c-format
+msgid "unable to create %s"
+msgstr "nije moguće stvoriti %s"
+
+#: plugins/sudoers/iolog.c:820 plugins/sudoers/iolog.c:1035
+#: plugins/sudoers/iolog.c:1111 plugins/sudoers/iolog.c:1205
+#: plugins/sudoers/iolog.c:1265
+#, c-format
+msgid "unable to write to I/O log file: %s"
+msgstr "nije moguće pisati u U/I dnevnik: %s"
+
+#: plugins/sudoers/iolog.c:1069
+#, c-format
+msgid "%s: internal error, I/O log file for event %d not open"
+msgstr "%s: interna greška, U/I dnevnička datoteka za događaj %d nije otvorena"
+
+#: plugins/sudoers/iolog.c:1228
+#, c-format
+msgid "%s: internal error, invalid signal %d"
+msgstr "%s: interna greška, nevaljani signal %d"
+
+#: plugins/sudoers/iolog_util.c:87
+#, c-format
+msgid "%s: invalid log file"
+msgstr "%s: nevaljana dnevnička datoteka"
+
+#: plugins/sudoers/iolog_util.c:105
+#, c-format
+msgid "%s: time stamp field is missing"
+msgstr "%s: nedostaje polje za vremensku oznaku"
+
+#: plugins/sudoers/iolog_util.c:111
+#, c-format
+msgid "%s: time stamp %s: %s"
+msgstr "%s: vremenska oznaka %s: %s"
+
+#: plugins/sudoers/iolog_util.c:118
+#, c-format
+msgid "%s: user field is missing"
+msgstr "%s: nedostaje polje za korisnika"
+
+#: plugins/sudoers/iolog_util.c:127
+#, c-format
+msgid "%s: runas user field is missing"
+msgstr "%s: nedostaje polje za runas-korisnika"
+
+#: plugins/sudoers/iolog_util.c:136
+#, c-format
+msgid "%s: runas group field is missing"
+msgstr "%s: nedostaje polje za runas-grupe"
+
+#: plugins/sudoers/ldap.c:176 plugins/sudoers/ldap_conf.c:294
+msgid "starttls not supported when using ldaps"
+msgstr "starttls nije podržan kad se koristi ldaps"
+
+#: plugins/sudoers/ldap.c:247
+#, c-format
+msgid "unable to initialize SSL cert and key db: %s"
+msgstr "nije moguće inicijalizirati SSL certifikat i bazu podataka ključeva: %s"
+
+#: plugins/sudoers/ldap.c:250
+#, c-format
+msgid "you must set TLS_CERT in %s to use SSL"
+msgstr "morate postaviti TLS_CERT u %s da koristite SSL"
+
+#: plugins/sudoers/ldap.c:1612
+#, c-format
+msgid "unable to initialize LDAP: %s"
+msgstr "nije moguće inicijalizirati LDAP: %s"
+
+#: plugins/sudoers/ldap.c:1648
+msgid "start_tls specified but LDAP libs do not support ldap_start_tls_s() or ldap_start_tls_s_np()"
+msgstr "start_tls je specificirani, ali LDAP biblioteke ne podržavaju ldap_start_tls_s() ili ldap_start_tls_s_np()"
+
+#: plugins/sudoers/ldap.c:1785 plugins/sudoers/parse_ldif.c:735
+#, c-format
+msgid "invalid sudoOrder attribute: %s"
+msgstr "nevaljani sudoOrder atribut: %s"
+
+#: plugins/sudoers/ldap_conf.c:203
+msgid "sudo_ldap_conf_add_ports: port too large"
+msgstr "sudo_ldap_conf_add_ports: port vrijednost je prevelika"
+
+#: plugins/sudoers/ldap_conf.c:263
+#, c-format
+msgid "unsupported LDAP uri type: %s"
+msgstr "nepodržana vrsta adrese LDAP: %s"
+
+#: plugins/sudoers/ldap_conf.c:290
+msgid "unable to mix ldap and ldaps URIs"
+msgstr "ne možete zajedno koristiti ldap i ldaps adrese"
+
+#: plugins/sudoers/ldap_util.c:454 plugins/sudoers/ldap_util.c:456
+#, c-format
+msgid "unable to convert sudoOption: %s%s%s"
+msgstr "nije moguće pretvoriti sudoOption: %s%s%s"
+
+#: plugins/sudoers/linux_audit.c:57
+msgid "unable to open audit system"
+msgstr "nije moguće otvoriti sustav revizije"
+
+#: plugins/sudoers/linux_audit.c:98
+msgid "unable to send audit message"
+msgstr "nije moguće poslati revizijsku poruku"
+
+#: plugins/sudoers/logging.c:113
+#, c-format
+msgid "%8s : %s"
+msgstr "%8s : %s"
+
+#: plugins/sudoers/logging.c:141
+#, c-format
+msgid "%8s : (command continued) %s"
+msgstr "%8s : (naredba se nastavlja) %s"
+
+#: plugins/sudoers/logging.c:170
+#, c-format
+msgid "unable to open log file: %s"
+msgstr "nije moguće otvoriti dnevničku datoteku: %s"
+
+#: plugins/sudoers/logging.c:178
+#, c-format
+msgid "unable to lock log file: %s"
+msgstr "nije moguće zaključati dnevničku datoteku: %s"
+
+#: plugins/sudoers/logging.c:211
+#, c-format
+msgid "unable to write log file: %s"
+msgstr "nije moguće pisati u dnevničku datoteku: %s"
+
+#: plugins/sudoers/logging.c:240
+msgid "No user or host"
+msgstr "Nema korisnika ili računala"
+
+#: plugins/sudoers/logging.c:242
+msgid "validation failure"
+msgstr "greška pri provjeri valjanosti"
+
+#: plugins/sudoers/logging.c:249
+msgid "user NOT in sudoers"
+msgstr "korisnik NIJE u sudoers"
+
+# Authentication is about who somebody is.
+# Authorisation is about what they're allowed to do.
+# https://en.wikipedia.org/wiki/AAA_(computer_security)#Authorization
+#: plugins/sudoers/logging.c:251
+msgid "user NOT authorized on host"
+msgstr "korisnik NEMA ovlasti na računalu (nije autoriziran)"
+
+#: plugins/sudoers/logging.c:253
+msgid "command not allowed"
+msgstr "naredba nije dopuštena"
+
+#: plugins/sudoers/logging.c:288
+#, c-format
+msgid "%s is not in the sudoers file.  This incident will be reported.\n"
+msgstr "%s nije u sudoers datoteci.  Ovaj će incident biti prijavljen.\n"
+
+#: plugins/sudoers/logging.c:291
+#, c-format
+msgid "%s is not allowed to run sudo on %s.  This incident will be reported.\n"
+msgstr ""
+"%s nema dopuštenja pokrenuti sudo na %s.  Ovaj će incident biti prijavljen.\n"
+"\n"
+
+#: plugins/sudoers/logging.c:295
+#, c-format
+msgid "Sorry, user %s may not run sudo on %s.\n"
+msgstr "Nažalost, korisnik %s ne smije pokrenuti sudo na %s.\n"
+
+#: plugins/sudoers/logging.c:298
+#, c-format
+msgid "Sorry, user %s is not allowed to execute '%s%s%s' as %s%s%s on %s.\n"
+msgstr "Nažalost, korisniku %s nije dopušteno izvršiti „%s%s%s“ kao %s%s%s na %s.\n"
+
+#: plugins/sudoers/logging.c:335 plugins/sudoers/sudoers.c:438
+#: plugins/sudoers/sudoers.c:440 plugins/sudoers/sudoers.c:442
+#: plugins/sudoers/sudoers.c:444 plugins/sudoers/sudoers.c:599
+#: plugins/sudoers/sudoers.c:601
+#, c-format
+msgid "%s: command not found"
+msgstr "%s: naredba nije pronađena"
+
+#: plugins/sudoers/logging.c:337 plugins/sudoers/sudoers.c:434
+#, c-format
+msgid ""
+"ignoring \"%s\" found in '.'\n"
+"Use \"sudo ./%s\" if this is the \"%s\" you wish to run."
+msgstr ""
+"zanemaruje se „%s“ pronađen u „.“\n"
+"Koristite „sudo ./%s“ ako je to „%s“ koji želite pokrenuti."
+
+#: plugins/sudoers/logging.c:354
+msgid "authentication failure"
+msgstr "neuspješna autentifikacija"
+
+#: plugins/sudoers/logging.c:380
+msgid "a password is required"
+msgstr "nužna je lozinka"
+
+#: plugins/sudoers/logging.c:443
+#, c-format
+msgid "%u incorrect password attempt"
+msgid_plural "%u incorrect password attempts"
+msgstr[0] "%u netočni pokušaj unosa lozinke"
+msgstr[1] "%u netočna pokušaja unosa lozinke"
+msgstr[2] "%u netočnih pokušaja unosa lozinke"
+
+#: plugins/sudoers/logging.c:666
+msgid "unable to fork"
+msgstr "nije moguće stvoriti novi proces (greška u fork())"
+
+#: plugins/sudoers/logging.c:674 plugins/sudoers/logging.c:726
+#, c-format
+msgid "unable to fork: %m"
+msgstr "nije moguće stvoriti novi proces (greška u fork()): %m"
+
+#: plugins/sudoers/logging.c:716
+#, c-format
+msgid "unable to open pipe: %m"
+msgstr "nije moguće otvoriti cijev: %m"
+
+#: plugins/sudoers/logging.c:741
+#, c-format
+msgid "unable to dup stdin: %m"
+msgstr "nije moguće duplicirati stdin: %m"
+
+#: plugins/sudoers/logging.c:779
+#, c-format
+msgid "unable to execute %s: %m"
+msgstr "nije moguće izvršiti %s: %m"
+
+#: plugins/sudoers/match.c:874
+#, c-format
+msgid "digest for %s (%s) is not in %s form"
+msgstr "kontrolni zbroj za %s (%s) nije u %s obliku"
+
+#: plugins/sudoers/mkdir_parents.c:75 plugins/sudoers/sudoers.c:918
+#: plugins/sudoers/visudo.c:421 plugins/sudoers/visudo.c:717
+#, c-format
+msgid "unable to stat %s"
+msgstr "nije moguće dobiti status od %s"
+
+#: plugins/sudoers/parse.c:444
+#, c-format
+msgid ""
+"\n"
+"LDAP Role: %s\n"
+msgstr ""
+"\n"
+"LDAP uloga: %s\n"
+
+#: plugins/sudoers/parse.c:447
+#, c-format
+msgid ""
+"\n"
+"Sudoers entry:\n"
+msgstr ""
+"\n"
+"Sudoers stavka:\n"
+
+#: plugins/sudoers/parse.c:449
+#, c-format
+msgid "    RunAsUsers: "
+msgstr "    RunAsUsers: "
+
+#: plugins/sudoers/parse.c:464
+#, c-format
+msgid "    RunAsGroups: "
+msgstr "    RunAsGroups: "
+
+#: plugins/sudoers/parse.c:474
+#, c-format
+msgid "    Options: "
+msgstr "    Opcije: "
+
+#: plugins/sudoers/parse.c:528
+#, c-format
+msgid "    Commands:\n"
+msgstr "    Naredbe:\n"
+
+#: plugins/sudoers/parse.c:719
+#, c-format
+msgid "Matching Defaults entries for %s on %s:\n"
+msgstr "Odgovarajući Defaults unosi za %s na %s:\n"
+
+#: plugins/sudoers/parse.c:737
+#, c-format
+msgid "Runas and Command-specific defaults for %s:\n"
+msgstr "Runas i Command-specifične zadane vrijednosti za %s:\n"
+
+#: plugins/sudoers/parse.c:755
+#, c-format
+msgid "User %s may run the following commands on %s:\n"
+msgstr "Korisnik %s može pokrenuti sljedeće naredbe na %s:\n"
+
+#: plugins/sudoers/parse.c:770
+#, c-format
+msgid "User %s is not allowed to run sudo on %s.\n"
+msgstr "Korisniku %s nije dopušteno pokrenuti sudo na %s.\n"
+
+#: plugins/sudoers/parse_ldif.c:145
+#, c-format
+msgid "ignoring invalid attribute value: %s"
+msgstr "ignorira se nevaljana vrijednost atributa: %s"
+
+#: plugins/sudoers/parse_ldif.c:584
+#, c-format
+msgid "ignoring incomplete sudoRole: cn: %s"
+msgstr "ignorira se nekompletni sudoRole: cn: %s"
+
+#: plugins/sudoers/policy.c:88 plugins/sudoers/policy.c:114
+#, c-format
+msgid "invalid %.*s set by sudo front-end"
+msgstr "nevaljana opcija %.*s postavljena kroz sudo front-end"
+
+#: plugins/sudoers/policy.c:293 plugins/sudoers/testsudoers.c:278
+msgid "unable to parse network address list"
+msgstr "nije moguće pročitati popis mrežnih adresa (nemoguće ih je raščlaniti)"
+
+#: plugins/sudoers/policy.c:437
+msgid "user name not set by sudo front-end"
+msgstr "sudo front-end nije postavio ime korisnika"
+
+#: plugins/sudoers/policy.c:441
+msgid "user ID not set by sudo front-end"
+msgstr "sudo front-end nije postavio ID korisnika"
+
+#: plugins/sudoers/policy.c:445
+msgid "group ID not set by sudo front-end"
+msgstr "sudo front-end nije postavio ID grupe"
+
+#: plugins/sudoers/policy.c:449
+msgid "host name not set by sudo front-end"
+msgstr "sudo front-end nije postavio ime računala"
+
+#: plugins/sudoers/policy.c:802 plugins/sudoers/visudo.c:220
+#: plugins/sudoers/visudo.c:851
+#, c-format
+msgid "unable to execute %s"
+msgstr "nije moguće izvršiti %s"
+
+#: plugins/sudoers/policy.c:933
+#, c-format
+msgid "Sudoers policy plugin version %s\n"
+msgstr "Inačica sudoers plugina s pravilima %s\n"
+
+#: plugins/sudoers/policy.c:935
+#, c-format
+msgid "Sudoers file grammar version %d\n"
+msgstr "Inačica sudoers datotečne gramatike %d\n"
+
+#: plugins/sudoers/policy.c:939
+#, c-format
+msgid ""
+"\n"
+"Sudoers path: %s\n"
+msgstr ""
+"\n"
+"Staza do sudoers: %s\n"
+
+#: plugins/sudoers/policy.c:942
+#, c-format
+msgid "nsswitch path: %s\n"
+msgstr "nsswitch staza: %s\n"
+
+#: plugins/sudoers/policy.c:944
+#, c-format
+msgid "ldap.conf path: %s\n"
+msgstr "ldap.conf staza: %s\n"
+
+#: plugins/sudoers/policy.c:945
+#, c-format
+msgid "ldap.secret path: %s\n"
+msgstr "ldap.secret staza: %s\n"
+
+# hook: A location in a routine or program in which the programmer can connect or insert other routines for the purpose of debugging or enhancing functionality.
+#: plugins/sudoers/policy.c:978
+#, c-format
+msgid "unable to register hook of type %d (version %d.%d)"
+msgstr "nije moguće registrirati rutinu (hook) vrste %d (inačica %d.%d)"
+
+#: plugins/sudoers/pwutil.c:220 plugins/sudoers/pwutil.c:239
+#, c-format
+msgid "unable to cache uid %u, out of memory"
+msgstr "nije moguće predmemorirati UID %u jer nema dovoljno memorije"
+
+#: plugins/sudoers/pwutil.c:233
+#, c-format
+msgid "unable to cache uid %u, already exists"
+msgstr "nije moguće predmemorirati UID %u jer već postoji"
+
+#: plugins/sudoers/pwutil.c:293 plugins/sudoers/pwutil.c:311
+#: plugins/sudoers/pwutil.c:373 plugins/sudoers/pwutil.c:418
+#, c-format
+msgid "unable to cache user %s, out of memory"
+msgstr "nije moguće predmemorirati korisnika %s jer nema dovoljno memorije"
+
+#: plugins/sudoers/pwutil.c:306
+#, c-format
+msgid "unable to cache user %s, already exists"
+msgstr "nije moguće predmemorirati korisnika %s jer već postoji"
+
+#: plugins/sudoers/pwutil.c:537 plugins/sudoers/pwutil.c:556
+#, c-format
+msgid "unable to cache gid %u, out of memory"
+msgstr "nije moguće predmemorirati GID %u jer nema dovoljno memorije"
+
+#: plugins/sudoers/pwutil.c:550
+#, c-format
+msgid "unable to cache gid %u, already exists"
+msgstr "nije moguće predmemorirati GID %u jer već postoji"
+
+#: plugins/sudoers/pwutil.c:604 plugins/sudoers/pwutil.c:622
+#: plugins/sudoers/pwutil.c:669 plugins/sudoers/pwutil.c:711
+#, c-format
+msgid "unable to cache group %s, out of memory"
+msgstr "nije moguće predmemorirati grupu %s jer nema dovoljno memorije"
+
+#: plugins/sudoers/pwutil.c:617
+#, c-format
+msgid "unable to cache group %s, already exists"
+msgstr "nije moguće predmemorirati grupu %s jer već postoji"
+
+#: plugins/sudoers/pwutil.c:837 plugins/sudoers/pwutil.c:889
+#: plugins/sudoers/pwutil.c:940 plugins/sudoers/pwutil.c:993
+#, c-format
+msgid "unable to cache group list for %s, already exists"
+msgstr "nije moguće predmemorirati popis grupa za %s jer već postoji"
+
+#: plugins/sudoers/pwutil.c:843 plugins/sudoers/pwutil.c:894
+#: plugins/sudoers/pwutil.c:946 plugins/sudoers/pwutil.c:998
+#, c-format
+msgid "unable to cache group list for %s, out of memory"
+msgstr "nije moguće predmemorirati popis grupa za %s jer nema dovoljno memorije"
+
+#: plugins/sudoers/pwutil.c:883
+#, c-format
+msgid "unable to parse groups for %s"
+msgstr "nije moguće pročitati grupe za %s"
+
+#: plugins/sudoers/pwutil.c:987
+#, c-format
+msgid "unable to parse gids for %s"
+msgstr "nije moguće razabrati GID-ove za %s"
+
+#: plugins/sudoers/set_perms.c:118 plugins/sudoers/set_perms.c:474
+#: plugins/sudoers/set_perms.c:917 plugins/sudoers/set_perms.c:1244
+#: plugins/sudoers/set_perms.c:1561
+msgid "perm stack overflow"
+msgstr "prelijevanje snopa s pravima pristupa"
+
+#: plugins/sudoers/set_perms.c:126 plugins/sudoers/set_perms.c:405
+#: plugins/sudoers/set_perms.c:482 plugins/sudoers/set_perms.c:784
+#: plugins/sudoers/set_perms.c:925 plugins/sudoers/set_perms.c:1168
+#: plugins/sudoers/set_perms.c:1252 plugins/sudoers/set_perms.c:1494
+#: plugins/sudoers/set_perms.c:1569 plugins/sudoers/set_perms.c:1659
+msgid "perm stack underflow"
+msgstr "iscrpljenje snopa s pravima pristupa"
+
+#: plugins/sudoers/set_perms.c:185 plugins/sudoers/set_perms.c:528
+#: plugins/sudoers/set_perms.c:1303 plugins/sudoers/set_perms.c:1601
+msgid "unable to change to root gid"
+msgstr "nije moguće promijeniti na GID od root"
+
+#: plugins/sudoers/set_perms.c:274 plugins/sudoers/set_perms.c:625
+#: plugins/sudoers/set_perms.c:1054 plugins/sudoers/set_perms.c:1380
+msgid "unable to change to runas gid"
+msgstr "nije moguće promijeniti na runas GID"
+
+#: plugins/sudoers/set_perms.c:279 plugins/sudoers/set_perms.c:630
+#: plugins/sudoers/set_perms.c:1059 plugins/sudoers/set_perms.c:1385
+msgid "unable to set runas group vector"
+msgstr "nije moguće postaviti runas grupni vektor"
+
+#: plugins/sudoers/set_perms.c:290 plugins/sudoers/set_perms.c:641
+#: plugins/sudoers/set_perms.c:1068 plugins/sudoers/set_perms.c:1394
+msgid "unable to change to runas uid"
+msgstr "nije moguće promijeniti na runas UID"
+
+#: plugins/sudoers/set_perms.c:308 plugins/sudoers/set_perms.c:659
+#: plugins/sudoers/set_perms.c:1084 plugins/sudoers/set_perms.c:1410
+msgid "unable to change to sudoers gid"
+msgstr "nije moguće promijeniti na sudoers GID"
+
+#: plugins/sudoers/set_perms.c:392 plugins/sudoers/set_perms.c:771
+#: plugins/sudoers/set_perms.c:1155 plugins/sudoers/set_perms.c:1481
+#: plugins/sudoers/set_perms.c:1646
+msgid "too many processes"
+msgstr "previše procesa"
+
+#: plugins/sudoers/solaris_audit.c:56
+msgid "unable to get current working directory"
+msgstr "nije moguće odrediti trenutačni radni direktorij"
+
+#: plugins/sudoers/solaris_audit.c:64
+#, c-format
+msgid "truncated audit path user_cmnd: %s"
+msgstr "skraćena (audit) staza revizije user_cmd: %s"
+
+#: plugins/sudoers/solaris_audit.c:71
+#, c-format
+msgid "truncated audit path argv[0]: %s"
+msgstr "skraćena (audit) staza revizije argv[0]: %s"
+
+#: plugins/sudoers/solaris_audit.c:120
+msgid "audit_failure message too long"
+msgstr "audit_failure poruka (revizije) je preduga"
+
+#: plugins/sudoers/sssd.c:563
+msgid "unable to initialize SSS source. Is SSSD installed on your machine?"
+msgstr "nije moguće inicijalizirati SSS izvor. Je li SSSD instaliran na vašem računalu?"
+
+#: plugins/sudoers/sssd.c:571 plugins/sudoers/sssd.c:580
+#: plugins/sudoers/sssd.c:589 plugins/sudoers/sssd.c:598
+#: plugins/sudoers/sssd.c:607
+#, c-format
+msgid "unable to find symbol \"%s\" in %s"
+msgstr "nije moguće pronaći simbol „%s“ u %s"
+
+#: plugins/sudoers/sudoers.c:208 plugins/sudoers/sudoers.c:864
+msgid "problem with defaults entries"
+msgstr "problem sa stavkama defaults"
+
+#: plugins/sudoers/sudoers.c:212
+msgid "no valid sudoers sources found, quitting"
+msgstr "nisu pronađeni valjani sudoers izvori, kraj rada"
+
+#: plugins/sudoers/sudoers.c:250
+msgid "sudoers specifies that root is not allowed to sudo"
+msgstr "sudoers specificira da root ne može koristiti sudo"
+
+#: plugins/sudoers/sudoers.c:308
+msgid "you are not permitted to use the -C option"
+msgstr "vama nije dopušteno koristi opciju -C"
+
+#: plugins/sudoers/sudoers.c:355
+#, c-format
+msgid "timestamp owner (%s): No such user"
+msgstr "vlasnik vremenske oznake (%s): Nema takvog korisnika"
+
+#: plugins/sudoers/sudoers.c:370
+msgid "no tty"
+msgstr "nema TTY"
+
+#: plugins/sudoers/sudoers.c:371
+msgid "sorry, you must have a tty to run sudo"
+msgstr "nažalost, da pokrenete sudo morate imati TTY"
+
+#: plugins/sudoers/sudoers.c:433
+msgid "command in current directory"
+msgstr "naredba u trenutačnom direktoriju"
+
+#: plugins/sudoers/sudoers.c:452
+msgid "sorry, you are not allowed set a command timeout"
+msgstr "nažalost, vama nije dopušteno postavljanje isteka vremena za naredbu"
+
+#: plugins/sudoers/sudoers.c:460
+msgid "sorry, you are not allowed to preserve the environment"
+msgstr "nažalost, vama nije dopušteno sačuvati okolinu"
+
+#: plugins/sudoers/sudoers.c:808
+msgid "command too long"
+msgstr "naredba je preduga"
+
+#: plugins/sudoers/sudoers.c:922
+#, c-format
+msgid "%s is not a regular file"
+msgstr "%s nije obična datoteka"
+
+#: plugins/sudoers/sudoers.c:926 plugins/sudoers/timestamp.c:257 toke.l:965
+#, c-format
+msgid "%s is owned by uid %u, should be %u"
+msgstr "vlasnik %s je UID %u, a treba biti %u"
+
+#: plugins/sudoers/sudoers.c:930 toke.l:970
+#, c-format
+msgid "%s is world writable"
+msgstr "%s smije svako mijenjati/pisati"
+
+#: plugins/sudoers/sudoers.c:934 toke.l:973
+#, c-format
+msgid "%s is owned by gid %u, should be %u"
+msgstr "vlasnik %s je GID %u, a treba biti %u"
+
+#: plugins/sudoers/sudoers.c:967
+#, c-format
+msgid "only root can use \"-c %s\""
+msgstr "samo root može koristiti „-c %s“"
+
+#: plugins/sudoers/sudoers.c:986
+#, c-format
+msgid "unknown login class: %s"
+msgstr "nepoznata klasa prijave: %s"
+
+#: plugins/sudoers/sudoers.c:1069 plugins/sudoers/sudoers.c:1083
+#, c-format
+msgid "unable to resolve host %s"
+msgstr "nije moguće pronaći računalo %s"
+
+#: plugins/sudoers/sudoreplay.c:248
+#, c-format
+msgid "invalid filter option: %s"
+msgstr "nevaljana opcija filtra: %s"
+
+#: plugins/sudoers/sudoreplay.c:261
+#, c-format
+msgid "invalid max wait: %s"
+msgstr "nevaljano maksimalno vrijeme čekanja: %s"
+
+#: plugins/sudoers/sudoreplay.c:284
+#, c-format
+msgid "invalid speed factor: %s"
+msgstr "nevaljani faktor brzine: %s"
+
+#: plugins/sudoers/sudoreplay.c:319
+#, c-format
+msgid "%s/%.2s/%.2s/%.2s/timing: %s"
+msgstr "%s/%.2s/%.2s/%.2s/vrijeme: %s"
+
+#: plugins/sudoers/sudoreplay.c:325
+#, c-format
+msgid "%s/%s/timing: %s"
+msgstr "%s/%s/vrijeme: %s"
+
+#: plugins/sudoers/sudoreplay.c:341
+#, c-format
+msgid "Replaying sudo session: %s"
+msgstr "Reproduciranje sudo sesije: %s"
+
+#: plugins/sudoers/sudoreplay.c:539 plugins/sudoers/sudoreplay.c:586
+#: plugins/sudoers/sudoreplay.c:783 plugins/sudoers/sudoreplay.c:892
+#: plugins/sudoers/sudoreplay.c:977 plugins/sudoers/sudoreplay.c:992
+#: plugins/sudoers/sudoreplay.c:999 plugins/sudoers/sudoreplay.c:1006
+#: plugins/sudoers/sudoreplay.c:1013 plugins/sudoers/sudoreplay.c:1020
+#: plugins/sudoers/sudoreplay.c:1168
+msgid "unable to add event to queue"
+msgstr "nije moguće dodati događaj u red čekanja"
+
+#: plugins/sudoers/sudoreplay.c:654
+msgid "unable to set tty to raw mode"
+msgstr "nije moguće postaviti TTY u direktni mȏd (da ne interpretira posebne znakove)"
+
+#: plugins/sudoers/sudoreplay.c:705
+#, c-format
+msgid "Warning: your terminal is too small to properly replay the log.\n"
+msgstr "Upozorenje: vaš terminal je premaleni da pravilno reproducira dnevnik.\n"
+
+#: plugins/sudoers/sudoreplay.c:706
+#, c-format
+msgid "Log geometry is %d x %d, your terminal's geometry is %d x %d."
+msgstr "Veličina dnevnika je %d x %d, a veličina vašeg terminala %d x %d."
+
+#: plugins/sudoers/sudoreplay.c:734
+msgid "Replay finished, press any key to restore the terminal."
+msgstr "Reprodukcija je završena -- obnovite terminal pritiskom na bilo koju tipku."
+
+#: plugins/sudoers/sudoreplay.c:766
+#, c-format
+msgid "invalid timing file line: %s"
+msgstr "nevaljani redak u timing datoteci: %s"
+
+#: plugins/sudoers/sudoreplay.c:1202 plugins/sudoers/sudoreplay.c:1227
+#, c-format
+msgid "ambiguous expression \"%s\""
+msgstr "dvosmisleni izraz „%s“"
+
+#: plugins/sudoers/sudoreplay.c:1249
+msgid "unmatched ')' in expression"
+msgstr "nesparena „)“ u izrazu"
+
+#: plugins/sudoers/sudoreplay.c:1253
+#, c-format
+msgid "unknown search term \"%s\""
+msgstr "nepoznati pojam za pretragu „%s“"
+
+#: plugins/sudoers/sudoreplay.c:1268
+#, c-format
+msgid "%s requires an argument"
+msgstr "%s zahtijeva argument"
+
+#: plugins/sudoers/sudoreplay.c:1271 plugins/sudoers/sudoreplay.c:1512
+#, c-format
+msgid "invalid regular expression: %s"
+msgstr "nevaljani regularni izraz: %s"
+
+#: plugins/sudoers/sudoreplay.c:1275
+#, c-format
+msgid "could not parse date \"%s\""
+msgstr "nije moguće raščlaniti datum „%s“"
+
+#: plugins/sudoers/sudoreplay.c:1284
+msgid "unmatched '(' in expression"
+msgstr "nesparena „(“ u izrazu"
+
+#: plugins/sudoers/sudoreplay.c:1286
+msgid "illegal trailing \"or\""
+msgstr "nedopušteni zaostali „or“"
+
+#: plugins/sudoers/sudoreplay.c:1288
+msgid "illegal trailing \"!\""
+msgstr "nedopušteni zaostali „!“"
+
+#: plugins/sudoers/sudoreplay.c:1338
+#, c-format
+msgid "unknown search type %d"
+msgstr "nepoznata vrsta za pretragu %d"
+
+#: plugins/sudoers/sudoreplay.c:1605
+#, c-format
+msgid "usage: %s [-hnRS] [-d dir] [-m num] [-s num] ID\n"
+msgstr "uporaba: %s [-hnRS] [-d dir] [-m num] [-s num] ID\n"
+
+#: plugins/sudoers/sudoreplay.c:1608
+#, c-format
+msgid "usage: %s [-h] [-d dir] -l [search expression]\n"
+msgstr "uporaba: %s [-h] [-d direktorij] -l [izraz za pretragu]\n"
+
+#: plugins/sudoers/sudoreplay.c:1617
+#, c-format
+msgid ""
+"%s - replay sudo session logs\n"
+"\n"
+msgstr ""
+"%s - reproducira dnevnike sudo sesija\n"
+"\n"
+
+#: plugins/sudoers/sudoreplay.c:1619
+msgid ""
+"\n"
+"Options:\n"
+"  -d, --directory=dir  specify directory for session logs\n"
+"  -f, --filter=filter  specify which I/O type(s) to display\n"
+"  -h, --help           display help message and exit\n"
+"  -l, --list           list available session IDs, with optional expression\n"
+"  -m, --max-wait=num   max number of seconds to wait between events\n"
+"  -S, --suspend-wait   wait while the command was suspended\n"
+"  -s, --speed=num      speed up or slow down output\n"
+"  -V, --version        display version information and exit"
+msgstr ""
+"\n"
+"Options:\n"
+"  -d, --directory=dir  navedite direktorij dir za dnevnike sesija\n"
+"  -f, --filter=filter  navedite (filter) vrstu/vrste U/I koje treba prikazati\n"
+"  -h, --help           pokaže ovu pomoć i iziđe\n"
+"  -l, --list           popis dostupnih ID-ova sjednica koji se podudaraju\n"
+"                         s neobveznim izrazom za pretragu\n"
+"  -m, --max-wait=num   čekati ne više od num sekundi između događaja\n"
+"  -S, --suspend-wait   čeka dok je naredba obustavljena\n"
+"  -s, --speed=num      ubrza ili uspori reprodukciju\n"
+"  -V, --version        informira o inačici ovog programa i iziđe"
+
+#: plugins/sudoers/testsudoers.c:360
+msgid "\thost  unmatched"
+msgstr "\tračunalo se ne podudara"
+
+#: plugins/sudoers/testsudoers.c:363
+msgid ""
+"\n"
+"Command allowed"
+msgstr ""
+"\n"
+"Naredba je dopuštena"
+
+#: plugins/sudoers/testsudoers.c:364
+msgid ""
+"\n"
+"Command denied"
+msgstr ""
+"\n"
+"Naredba nije dopuštena"
+
+#: plugins/sudoers/testsudoers.c:364
+msgid ""
+"\n"
+"Command unmatched"
+msgstr ""
+"\n"
+"Naredba nije prepoznata"
+
+#: plugins/sudoers/timestamp.c:265
+#, c-format
+msgid "%s is group writable"
+msgstr "%s članovi grupe mogu mijenjati/pisati"
+
+#: plugins/sudoers/timestamp.c:341
+#, c-format
+msgid "unable to truncate time stamp file to %lld bytes"
+msgstr "nije moguće skratiti datoteku s vremenskim podacima na %lld bajtova"
+
+#: plugins/sudoers/timestamp.c:827 plugins/sudoers/timestamp.c:919
+#: plugins/sudoers/visudo.c:482 plugins/sudoers/visudo.c:488
+msgid "unable to read the clock"
+msgstr "nije moguće pročitati vrijeme (clock)"
+
+#: plugins/sudoers/timestamp.c:838
+msgid "ignoring time stamp from the future"
+msgstr "ignorira se vremenska oznaka iz budućnosti"
+
+#: plugins/sudoers/timestamp.c:861
+#, c-format
+msgid "time stamp too far in the future: %20.20s"
+msgstr "vremenska oznaka je predaleko u budućnosti: %20.20s"
+
+#: plugins/sudoers/timestamp.c:983
+#, c-format
+msgid "unable to lock time stamp file %s"
+msgstr "nije moguće zaključati datoteku s vremenskim oznakama %s"
+
+#: plugins/sudoers/timestamp.c:1027 plugins/sudoers/timestamp.c:1047
+#, c-format
+msgid "lecture status path too long: %s/%s"
+msgstr "staza do lekcije je preduga: %s/%s"
+
+#: plugins/sudoers/visudo.c:216
+msgid "the -x option will be removed in a future release"
+msgstr "opcija -x biti će uklonjena iz buduće inačice"
+
+#: plugins/sudoers/visudo.c:217
+msgid "please consider using the cvtsudoers utility instead"
+msgstr "molimo da umjesto toga pokušate rabiti cvtsudoers uslužni program"
+
+#: plugins/sudoers/visudo.c:268 plugins/sudoers/visudo.c:650
+#, c-format
+msgid "press return to edit %s: "
+msgstr "pritisnite return/enter za redigirati %s: "
+
+#: plugins/sudoers/visudo.c:329
+#, c-format
+msgid "specified editor (%s) doesn't exist"
+msgstr "navedeni uređivač (%s) ne postoji"
+
+#: plugins/sudoers/visudo.c:331
+#, c-format
+msgid "no editor found (editor path = %s)"
+msgstr "nijedan uređivač nije pronađen (editor path = %s)"
+
+#: plugins/sudoers/visudo.c:441 plugins/sudoers/visudo.c:449
+msgid "write error"
+msgstr "greška pisanja"
+
+#: plugins/sudoers/visudo.c:495
+#, c-format
+msgid "unable to stat temporary file (%s), %s unchanged"
+msgstr "nije moguće dobiti status privremene datoteke (%s), %s nije promijenjena"
+
+#: plugins/sudoers/visudo.c:502
+#, c-format
+msgid "zero length temporary file (%s), %s unchanged"
+msgstr "privremena datoteka duljine nula (%s), %s nije promijenjena"
+
+#: plugins/sudoers/visudo.c:508
+#, c-format
+msgid "editor (%s) failed, %s unchanged"
+msgstr "greška uređivač (%s), %s nije promijenjena"
+
+#: plugins/sudoers/visudo.c:530
+#, c-format
+msgid "%s unchanged"
+msgstr "%s nije promijenjeno"
+
+#: plugins/sudoers/visudo.c:589
+#, c-format
+msgid "unable to re-open temporary file (%s), %s unchanged."
+msgstr "nije moguće ponovo otvoriti privremenu datoteku (%s), %s nije promijenjena."
+
+#: plugins/sudoers/visudo.c:601
+#, c-format
+msgid "unabled to parse temporary file (%s), unknown error"
+msgstr "nije moguće raščlaniti privremenu datoteku (%s), nepoznata greška"
+
+#: plugins/sudoers/visudo.c:639
+#, c-format
+msgid "internal error, unable to find %s in list!"
+msgstr "**interna greška**, nije moguće pronaći %s na popisu!"
+
+#: plugins/sudoers/visudo.c:719 plugins/sudoers/visudo.c:728
+#, c-format
+msgid "unable to set (uid, gid) of %s to (%u, %u)"
+msgstr "nije moguće postaviti (UID, GID) od %s na (%u, %u)"
+
+#: plugins/sudoers/visudo.c:751
+#, c-format
+msgid "%s and %s not on the same file system, using mv to rename"
+msgstr "%s i %s nisu na istom datotečnom sustavu, koristi se mv za preimenovanje"
+
+#: plugins/sudoers/visudo.c:765
+#, c-format
+msgid "command failed: '%s %s %s', %s unchanged"
+msgstr "naredba nije uspjela: „%s %s %s“, %s nije promijenjena"
+
+#: plugins/sudoers/visudo.c:775
+#, c-format
+msgid "error renaming %s, %s unchanged"
+msgstr "greška u preimenovanju %s, %s nije promijenjena"
+
+#: plugins/sudoers/visudo.c:796
+msgid "What now? "
+msgstr "Što sada? "
+
+#: plugins/sudoers/visudo.c:810
+msgid ""
+"Options are:\n"
+"  (e)dit sudoers file again\n"
+"  e(x)it without saving changes to sudoers file\n"
+"  (Q)uit and save changes to sudoers file (DANGER!)\n"
+msgstr ""
+"Mogućnosti su:\n"
+"  (e) datoteku sudoers ponovno redigirati\n"
+"  (x) završiti bez spremanja promjena u datoteku sudoers)\n"
+"  (Q) prekinuti i spremiti promjene u datoteku sudoers (OPASNO!)\n"
+
+#: plugins/sudoers/visudo.c:856
+#, c-format
+msgid "unable to run %s"
+msgstr "nije moguće pokrenuti %s"
+
+#: plugins/sudoers/visudo.c:886
+#, c-format
+msgid "%s: wrong owner (uid, gid) should be (%u, %u)\n"
+msgstr "%s: krivi vlasnik (UID, GID) a treba biti (%u, %u)\n"
+
+#: plugins/sudoers/visudo.c:893
+#, c-format
+msgid "%s: bad permissions, should be mode 0%o\n"
+msgstr "%s: loša prava pristupa, trebala bi biti 0%o\n"
+
+#: plugins/sudoers/visudo.c:950 plugins/sudoers/visudo.c:957
+#, c-format
+msgid "%s: parsed OK\n"
+msgstr "%s: raščlamba je uspjela\n"
+
+#: plugins/sudoers/visudo.c:976
+#, c-format
+msgid "%s busy, try again later"
+msgstr "%s je zauzeti, pokušajte ponovo kasnije"
+
+#: plugins/sudoers/visudo.c:979
+#, c-format
+msgid "unable to lock %s"
+msgstr "nije moguće zaključati %s"
+
+#: plugins/sudoers/visudo.c:980
+msgid "Edit anyway? [y/N]"
+msgstr "Ipak redigirati? [y/N]"
+
+#: plugins/sudoers/visudo.c:1064
+#, c-format
+msgid "Error: %s:%d cycle in %s \"%s\""
+msgstr "Greška: %s:%d ciklus u %s „%s“"
+
+#: plugins/sudoers/visudo.c:1065
+#, c-format
+msgid "Warning: %s:%d cycle in %s \"%s\""
+msgstr "Upozorenje: %s:%d ciklus u %s „%s“"
+
+#: plugins/sudoers/visudo.c:1069
+#, c-format
+msgid "Error: %s:%d %s \"%s\" referenced but not defined"
+msgstr "Greška: %s:%d %s „%s“ se koristi ali nije definirano"
+
+#: plugins/sudoers/visudo.c:1070
+#, c-format
+msgid "Warning: %s:%d %s \"%s\" referenced but not defined"
+msgstr "Upozorenje: %s:%d %s „%s“ se koristi ali nije definirano"
+
+#: plugins/sudoers/visudo.c:1161
+#, c-format
+msgid "Warning: %s:%d unused %s \"%s\""
+msgstr "Upozorenje: %s:%d neupotrijebljeno %s „%s“"
+
+#: plugins/sudoers/visudo.c:1276
+#, c-format
+msgid ""
+"%s - safely edit the sudoers file\n"
+"\n"
+msgstr ""
+"%s - sigurno redigira sudoers datoteku\n"
+"\n"
+
+#: plugins/sudoers/visudo.c:1278
+msgid ""
+"\n"
+"Options:\n"
+"  -c, --check              check-only mode\n"
+"  -f, --file=sudoers       specify sudoers file location\n"
+"  -h, --help               display help message and exit\n"
+"  -q, --quiet              less verbose (quiet) syntax error messages\n"
+"  -s, --strict             strict syntax checking\n"
+"  -V, --version            display version information and exit\n"
+msgstr ""
+"\n"
+"Opcije:\n"
+"  -c, --check              samo testira sudoers datoteku\n"
+"  -f, --file=sudoers       navedite alternativnu lokaciju sudoers datoteke\n"
+"  -h, --help               pokaže ovu pomoć i iziđe\n"
+"  -q, --quite              manje opširne (tihe) poruke grešaka u sintaksi\n"
+"  -s, --strick             striktna testira sintaksu sudoers datoteke\n"
+"  -V, --version            informira o inačici ovog programa i iziđe\n"
+
+#: toke.l:939
+msgid "too many levels of includes"
+msgstr "previše razina uključivanja"
+
+#~ msgid ""
+#~ "\n"
+#~ "LDAP Role: UNKNOWN\n"
+#~ msgstr ""
+#~ "\n"
+#~ "LDAP uloga: NEPOZNATA\n"
+
+#~ msgid "    Order: %s\n"
+#~ msgstr "    Redoslijed: %s\n"
+
+#~ msgid ""
+#~ "\n"
+#~ "SSSD Role: %s\n"
+#~ msgstr ""
+#~ "\n"
+#~ "SSSD uloga: %s\n"
+
+#~ msgid ""
+#~ "\n"
+#~ "SSSD Role: UNKNOWN\n"
+#~ msgstr ""
+#~ "\n"
+#~ "SSSD uloga: NEPOZNATA\n"
+
+#~ msgid "Warning: cycle in %s `%s'"
+#~ msgstr "Upozorenje: ciklus u %s „%s“"
+
+#~ msgid "Warning: %s `%s' referenced but not defined"
+#~ msgstr "Upozorenje: %s „%s“ ima referenciju ali nije definiran"
+
+#~ msgid "Warning: unused %s `%s'"
+#~ msgstr "Upozorenje: %s „%s“ nije upotrebljen"
+
+#~ msgid "Password:"
+#~ msgstr "Lozinka:"
+
+#~ msgid "unable to setup authentication"
+#~ msgstr "ne mogu postaviti provjeru"
+
+#~ msgid "pam_chauthtok: %s"
+#~ msgstr "pam_chauthtok: %s"
+
+#~ msgid "pam_authenticate: %s"
+#~ msgstr "pam_authenticate: %s"
+
+#~ msgid "getaudit: failed"
+#~ msgstr "getaudit: nije uspio"
+
+#~ msgid "getauid failed"
+#~ msgstr "getauid nije uspio"
+
+#~ msgid "au_to_subject: failed"
+#~ msgstr "au_to_subject: nije uspio"
+
+#~ msgid "au_to_exec_args: failed"
+#~ msgstr "au_to_exec_args: nije uspio"
+
+#~ msgid "au_to_return32: failed"
+#~ msgstr "au_to_return32: nije uspio"
+
+#~ msgid "getauid: failed"
+#~ msgstr "getauid: nije uspio"
+
+#~ msgid "au_to_text: failed"
+#~ msgstr "au_to_text: nije uspio"
+
+#~ msgid "sudo_ldap_conf_add_ports: out of space expanding hostbuf"
+#~ msgstr "sudo_ldap_conf_add_ports: nema dovoljno prostora za proširenje međuspremnika računala"
+
+#~ msgid "invalid uri: %s"
+#~ msgstr "neispravan uri: %s"
+
+#~ msgid "unable to mix ldaps and starttls"
+#~ msgstr "ne mogu miješati ldaps i starttls"
+
+#~ msgid "sudo_ldap_parse_uri: out of space building hostbuf"
+#~ msgstr "sudo_ldap_parse_uri: nema dovoljno prostora za izgradnju međuspremnika računala"
+
+#~ msgid "sudo_ldap_build_pass1 allocation mismatch"
+#~ msgstr "neodgovarajuća sudo_ldap_build_pass1 alokacija"
+
+#~ msgid "internal error: insufficient space for log line"
+#~ msgstr "interna greška: nema dovoljno prostora za redak dnevnika"
+
+#~ msgid "Unable to dlopen %s: %s"
+#~ msgstr "Ne mogu izvršiti dlopen %s: %s"
+
+#~ msgid "writing to standard output"
+#~ msgstr "ispisujem na standardni izlaz"
+
+#~ msgid "nanosleep: tv_sec %ld, tv_nsec %ld"
+#~ msgstr "nanosleep: tv_sec %ld, tv_nsec %ld"
+
+#~ msgid "too many parenthesized expressions, max %d"
+#~ msgstr "previše izraza u zagradama, najviše %d"
+
+#~ msgid "invalid regex: %s"
+#~ msgstr "neispravni regularni izraz: %s"
+
+#~ msgid "%s owned by uid %u, should be uid %u"
+#~ msgstr "vlasnik %s je uid %u, treba biti uid %u"
+
+#~ msgid "%s writable by non-owner (0%o), should be mode 0700"
+#~ msgstr "nevlasnici imaju dozvolu za pisanje u %s (0%o), treba biti mod 0700"
+
+#~ msgid "%s exists but is not a regular file (0%o)"
+#~ msgstr "%s postoji, ali nije obična datoteka (0%o)"
+
+#~ msgid "%s writable by non-owner (0%o), should be mode 0600"
+#~ msgstr "nevlasnici imaju dozvolu za pisanje u %s (0%o), treba biti mod 0600"
+
+#~ msgid "unable to remove %s, will reset to the epoch"
+#~ msgstr "ne mogu ukloniti %s, vratit ću na početnu epohu"
+
+#~ msgid "fill_args: buffer overflow"
+#~ msgstr "fill_args: preljev međuspremnika"
+
+#~ msgid "unable to stat editor (%s)"
+#~ msgstr "ne mogu odrediti stanje uređivača (%s)"
+
+#~ msgid ">>> %s: %s near line %d <<<"
+#~ msgstr ">>> %s: %s kod retka %d <<<"
+
+#~ msgid "unable to set locale to \"%s\", using \"C\""
+#~ msgstr "ne mogu postaviti lokal u „%s”, koristim „C”"
+
+#~ msgid ""
+#~ "    Commands:\n"
+#~ "\t"
+#~ msgstr ""
+#~ "    Naredbe:\n"
+#~ "\t"
+
+#~ msgid ": "
+#~ msgstr ": "
+
+#~ msgid "unable to cache uid %u (%s), already exists"
+#~ msgstr "ne mogu staviti uid %u (%s) u spremnik, već postoji"
+
+#~ msgid "unable to cache gid %u (%s), already exists"
+#~ msgstr "ne mogu staviti gid %u (%s) u spremnik, već postoji"
+
+#~ msgid "unable to execute %s: %s"
+#~ msgstr "ne mogu izvršiti %s: %s"
+
+#~ msgid "internal error, expand_prompt() overflow"
+#~ msgstr "interna greška, expand_prompt() preljev"
+
+#~ msgid "internal error, sudo_setenv2() overflow"
+#~ msgstr "interna greška, sudo_setenv2() preljev"
+
+#~ msgid "internal error, sudo_setenv() overflow"
+#~ msgstr "interna greška, sudo_setenv() preljev"
+
+#~ msgid "internal error, linux_audit_command() overflow"
+#~ msgstr "interna greška, linux_audit_command() preljev"
+
+#~ msgid "internal error, runas_groups overflow"
+#~ msgstr "interna greška, runas_groups preljev"
+
+#~ msgid "internal error, init_vars() overflow"
+#~ msgstr "interna greška, init_vars() preljev"
diff --git a/plugins/sudoers/po/hu.mo b/plugins/sudoers/po/hu.mo
new file mode 100644
index 0000000..9e60420
--- /dev/null
+++ b/plugins/sudoers/po/hu.mo
diff --git a/plugins/sudoers/po/hu.po b/plugins/sudoers/po/hu.po
new file mode 100644
index 0000000..2e9239e
--- /dev/null
+++ b/plugins/sudoers/po/hu.po
@@ -0,0 +1,2152 @@
+# Hungarian translation for sudoers.
+# Portable object template file for the sudoers plugin
+# This file is put in the public domain.
+#
+# Todd C. Miller <Todd.Miller@courtesan.com>, 2011-2014.
+# Gabor Kelemen <kelemeng@ubuntu.com>, 2015.
+# Balázs Úr <urbalazs@gmail.com>, 2017, 2018.
+msgid ""
+msgstr ""
+"Project-Id-Version: sudoers 1.8.22b2\n"
+"Report-Msgid-Bugs-To: https://bugzilla.sudo.ws\n"
+"POT-Creation-Date: 2017-12-18 10:37-0700\n"
+"PO-Revision-Date: 2018-01-20 14:06+0100\n"
+"Last-Translator: Balázs Úr <urbalazs@gmail.com>\n"
+"Language-Team: Hungarian <translation-team-hu@lists.sourceforge.net>\n"
+"Language: hu\n"
+"MIME-Version: 1.0\n"
+"Content-Type: text/plain; charset=UTF-8\n"
+"Content-Transfer-Encoding: 8bit\n"
+"X-Bugs: Report translation errors to the Language-Team address.\n"
+"Plural-Forms: nplurals=2; plural=(n != 1);\n"
+"X-Generator: Lokalize 1.2\n"
+
+#: confstr.sh:1
+msgid "syntax error"
+msgstr "szintaktikai hiba"
+
+#: confstr.sh:2
+msgid "%p's password: "
+msgstr "%p jelszava: "
+
+#: confstr.sh:3
+msgid "[sudo] password for %p: "
+msgstr "[sudo] %p jelszava: "
+
+#: confstr.sh:4
+msgid "Password: "
+msgstr "Jelszó: "
+
+#: confstr.sh:5
+msgid "*** SECURITY information for %h ***"
+msgstr "*** BIZTONSÁGI információk erről: %h ***"
+
+#: confstr.sh:6
+msgid "Sorry, try again."
+msgstr "Elnézést, próbálja újra."
+
+#: gram.y:192 gram.y:240 gram.y:247 gram.y:254 gram.y:261 gram.y:268
+#: gram.y:284 gram.y:307 gram.y:314 gram.y:321 gram.y:328 gram.y:335
+#: gram.y:398 gram.y:406 gram.y:416 gram.y:449 gram.y:456 gram.y:463
+#: gram.y:470 gram.y:552 gram.y:559 gram.y:568 gram.y:577 gram.y:594
+#: gram.y:706 gram.y:713 gram.y:720 gram.y:728 gram.y:824 gram.y:831
+#: gram.y:838 gram.y:845 gram.y:852 gram.y:878 gram.y:885 gram.y:892
+#: gram.y:1015 gram.y:1195 gram.y:1202 plugins/sudoers/alias.c:124
+#: plugins/sudoers/alias.c:139 plugins/sudoers/auth/bsdauth.c:141
+#: plugins/sudoers/auth/kerb5.c:119 plugins/sudoers/auth/kerb5.c:145
+#: plugins/sudoers/auth/pam.c:490 plugins/sudoers/auth/rfc1938.c:109
+#: plugins/sudoers/auth/sia.c:59 plugins/sudoers/defaults.c:651
+#: plugins/sudoers/defaults.c:906 plugins/sudoers/defaults.c:1077
+#: plugins/sudoers/editor.c:64 plugins/sudoers/editor.c:82
+#: plugins/sudoers/editor.c:93 plugins/sudoers/env.c:233
+#: plugins/sudoers/filedigest.c:120 plugins/sudoers/filedigest_gcrypt.c:90
+#: plugins/sudoers/filedigest_openssl.c:111 plugins/sudoers/gc.c:52
+#: plugins/sudoers/group_plugin.c:134 plugins/sudoers/interfaces.c:71
+#: plugins/sudoers/iolog.c:941 plugins/sudoers/iolog_path.c:167
+#: plugins/sudoers/ldap.c:449 plugins/sudoers/ldap.c:480
+#: plugins/sudoers/ldap.c:532 plugins/sudoers/ldap.c:566
+#: plugins/sudoers/ldap.c:980 plugins/sudoers/ldap.c:1174
+#: plugins/sudoers/ldap.c:1185 plugins/sudoers/ldap.c:1201
+#: plugins/sudoers/ldap.c:1493 plugins/sudoers/ldap.c:1653
+#: plugins/sudoers/ldap.c:1735 plugins/sudoers/ldap.c:1883
+#: plugins/sudoers/ldap.c:1907 plugins/sudoers/ldap.c:1996
+#: plugins/sudoers/ldap.c:2011 plugins/sudoers/ldap.c:2107
+#: plugins/sudoers/ldap.c:2140 plugins/sudoers/ldap.c:2221
+#: plugins/sudoers/ldap.c:2303 plugins/sudoers/ldap.c:2400
+#: plugins/sudoers/ldap.c:3235 plugins/sudoers/ldap.c:3267
+#: plugins/sudoers/ldap.c:3579 plugins/sudoers/ldap.c:3607
+#: plugins/sudoers/ldap.c:3623 plugins/sudoers/ldap.c:3713
+#: plugins/sudoers/ldap.c:3729 plugins/sudoers/linux_audit.c:76
+#: plugins/sudoers/logging.c:190 plugins/sudoers/logging.c:501
+#: plugins/sudoers/logging.c:522 plugins/sudoers/logging.c:563
+#: plugins/sudoers/logging.c:740 plugins/sudoers/logging.c:998
+#: plugins/sudoers/match.c:617 plugins/sudoers/match.c:664
+#: plugins/sudoers/match.c:714 plugins/sudoers/match.c:738
+#: plugins/sudoers/match.c:826 plugins/sudoers/match.c:915
+#: plugins/sudoers/parse.c:252 plugins/sudoers/parse.c:264
+#: plugins/sudoers/parse.c:279 plugins/sudoers/parse.c:291
+#: plugins/sudoers/policy.c:498 plugins/sudoers/policy.c:735
+#: plugins/sudoers/prompt.c:93 plugins/sudoers/pwutil.c:165
+#: plugins/sudoers/pwutil.c:236 plugins/sudoers/pwutil.c:312
+#: plugins/sudoers/pwutil.c:486 plugins/sudoers/pwutil.c:551
+#: plugins/sudoers/pwutil.c:620 plugins/sudoers/pwutil.c:778
+#: plugins/sudoers/pwutil.c:835 plugins/sudoers/pwutil.c:880
+#: plugins/sudoers/pwutil.c:938 plugins/sudoers/sssd.c:162
+#: plugins/sudoers/sssd.c:194 plugins/sudoers/sssd.c:237
+#: plugins/sudoers/sssd.c:244 plugins/sudoers/sssd.c:280
+#: plugins/sudoers/sssd.c:353 plugins/sudoers/sssd.c:392
+#: plugins/sudoers/sssd.c:1073 plugins/sudoers/sssd.c:1252
+#: plugins/sudoers/sssd.c:1266 plugins/sudoers/sssd.c:1282
+#: plugins/sudoers/sudoers.c:263 plugins/sudoers/sudoers.c:273
+#: plugins/sudoers/sudoers.c:281 plugins/sudoers/sudoers.c:365
+#: plugins/sudoers/sudoers.c:682 plugins/sudoers/sudoers.c:807
+#: plugins/sudoers/sudoers.c:851 plugins/sudoers/sudoers.c:1123
+#: plugins/sudoers/sudoers_debug.c:107 plugins/sudoers/sudoreplay.c:1254
+#: plugins/sudoers/sudoreplay.c:1366 plugins/sudoers/sudoreplay.c:1406
+#: plugins/sudoers/sudoreplay.c:1415 plugins/sudoers/sudoreplay.c:1425
+#: plugins/sudoers/sudoreplay.c:1433 plugins/sudoers/sudoreplay.c:1437
+#: plugins/sudoers/sudoreplay.c:1593 plugins/sudoers/sudoreplay.c:1597
+#: plugins/sudoers/testsudoers.c:131 plugins/sudoers/testsudoers.c:217
+#: plugins/sudoers/testsudoers.c:234 plugins/sudoers/timestamp.c:397
+#: plugins/sudoers/timestamp.c:441 plugins/sudoers/timestamp.c:868
+#: plugins/sudoers/toke_util.c:56 plugins/sudoers/toke_util.c:109
+#: plugins/sudoers/toke_util.c:146 plugins/sudoers/visudo.c:153
+#: plugins/sudoers/visudo.c:309 plugins/sudoers/visudo.c:315
+#: plugins/sudoers/visudo.c:446 plugins/sudoers/visudo.c:624
+#: plugins/sudoers/visudo.c:985 plugins/sudoers/visudo.c:1051
+#: plugins/sudoers/visudo.c:1095 plugins/sudoers/visudo.c:1197
+#: plugins/sudoers/visudo_json.c:1025 toke.l:849 toke.l:949 toke.l:1106
+msgid "unable to allocate memory"
+msgstr "nem foglalható memória"
+
+#: gram.y:481
+msgid "a digest requires a path name"
+msgstr "egy kivonat egy útvonalnevet igényel"
+
+#: gram.y:607
+msgid "invalid notbefore value"
+msgstr "érvénytelen „notbefore” érték"
+
+#: gram.y:615
+msgid "invalid notafter value"
+msgstr "érvénytelen „notafter” érték"
+
+#: gram.y:624 plugins/sudoers/policy.c:314
+msgid "timeout value too large"
+msgstr "az időkorlát értéke túl nagy"
+
+#: gram.y:626 plugins/sudoers/policy.c:316
+msgid "invalid timeout value"
+msgstr "érvénytelen időkorlát érték"
+
+#: gram.y:1195 gram.y:1202 plugins/sudoers/auth/pam.c:320
+#: plugins/sudoers/auth/pam.c:490 plugins/sudoers/auth/rfc1938.c:109
+#: plugins/sudoers/defaults.c:651 plugins/sudoers/defaults.c:906
+#: plugins/sudoers/defaults.c:1077 plugins/sudoers/editor.c:64
+#: plugins/sudoers/editor.c:82 plugins/sudoers/editor.c:93
+#: plugins/sudoers/env.c:233 plugins/sudoers/filedigest.c:120
+#: plugins/sudoers/filedigest_gcrypt.c:72
+#: plugins/sudoers/filedigest_gcrypt.c:90
+#: plugins/sudoers/filedigest_openssl.c:111 plugins/sudoers/gc.c:52
+#: plugins/sudoers/group_plugin.c:134 plugins/sudoers/interfaces.c:71
+#: plugins/sudoers/iolog.c:941 plugins/sudoers/iolog_path.c:167
+#: plugins/sudoers/ldap.c:449 plugins/sudoers/ldap.c:480
+#: plugins/sudoers/ldap.c:532 plugins/sudoers/ldap.c:566
+#: plugins/sudoers/ldap.c:980 plugins/sudoers/ldap.c:1174
+#: plugins/sudoers/ldap.c:1185 plugins/sudoers/ldap.c:1201
+#: plugins/sudoers/ldap.c:1493 plugins/sudoers/ldap.c:1653
+#: plugins/sudoers/ldap.c:1735 plugins/sudoers/ldap.c:1883
+#: plugins/sudoers/ldap.c:1907 plugins/sudoers/ldap.c:1996
+#: plugins/sudoers/ldap.c:2011 plugins/sudoers/ldap.c:2107
+#: plugins/sudoers/ldap.c:2140 plugins/sudoers/ldap.c:2220
+#: plugins/sudoers/ldap.c:2303 plugins/sudoers/ldap.c:2400
+#: plugins/sudoers/ldap.c:3235 plugins/sudoers/ldap.c:3267
+#: plugins/sudoers/ldap.c:3579 plugins/sudoers/ldap.c:3606
+#: plugins/sudoers/ldap.c:3622 plugins/sudoers/ldap.c:3713
+#: plugins/sudoers/ldap.c:3729 plugins/sudoers/linux_audit.c:76
+#: plugins/sudoers/logging.c:190 plugins/sudoers/logging.c:501
+#: plugins/sudoers/logging.c:522 plugins/sudoers/logging.c:562
+#: plugins/sudoers/logging.c:998 plugins/sudoers/match.c:616
+#: plugins/sudoers/match.c:663 plugins/sudoers/match.c:714
+#: plugins/sudoers/match.c:738 plugins/sudoers/match.c:826
+#: plugins/sudoers/match.c:914 plugins/sudoers/parse.c:252
+#: plugins/sudoers/parse.c:264 plugins/sudoers/parse.c:279
+#: plugins/sudoers/parse.c:291 plugins/sudoers/policy.c:128
+#: plugins/sudoers/policy.c:137 plugins/sudoers/policy.c:146
+#: plugins/sudoers/policy.c:172 plugins/sudoers/policy.c:299
+#: plugins/sudoers/policy.c:314 plugins/sudoers/policy.c:316
+#: plugins/sudoers/policy.c:342 plugins/sudoers/policy.c:352
+#: plugins/sudoers/policy.c:396 plugins/sudoers/policy.c:406
+#: plugins/sudoers/policy.c:415 plugins/sudoers/policy.c:424
+#: plugins/sudoers/policy.c:498 plugins/sudoers/policy.c:735
+#: plugins/sudoers/prompt.c:93 plugins/sudoers/pwutil.c:165
+#: plugins/sudoers/pwutil.c:236 plugins/sudoers/pwutil.c:312
+#: plugins/sudoers/pwutil.c:486 plugins/sudoers/pwutil.c:551
+#: plugins/sudoers/pwutil.c:620 plugins/sudoers/pwutil.c:778
+#: plugins/sudoers/pwutil.c:835 plugins/sudoers/pwutil.c:880
+#: plugins/sudoers/pwutil.c:938 plugins/sudoers/set_perms.c:387
+#: plugins/sudoers/set_perms.c:766 plugins/sudoers/set_perms.c:1150
+#: plugins/sudoers/set_perms.c:1476 plugins/sudoers/set_perms.c:1641
+#: plugins/sudoers/sssd.c:162 plugins/sudoers/sssd.c:194
+#: plugins/sudoers/sssd.c:237 plugins/sudoers/sssd.c:244
+#: plugins/sudoers/sssd.c:280 plugins/sudoers/sssd.c:352
+#: plugins/sudoers/sssd.c:392 plugins/sudoers/sssd.c:1073
+#: plugins/sudoers/sssd.c:1251 plugins/sudoers/sssd.c:1266
+#: plugins/sudoers/sssd.c:1282 plugins/sudoers/sudoers.c:263
+#: plugins/sudoers/sudoers.c:273 plugins/sudoers/sudoers.c:281
+#: plugins/sudoers/sudoers.c:365 plugins/sudoers/sudoers.c:682
+#: plugins/sudoers/sudoers.c:807 plugins/sudoers/sudoers.c:851
+#: plugins/sudoers/sudoers.c:1123 plugins/sudoers/sudoers_debug.c:106
+#: plugins/sudoers/sudoreplay.c:1254 plugins/sudoers/sudoreplay.c:1366
+#: plugins/sudoers/sudoreplay.c:1406 plugins/sudoers/sudoreplay.c:1415
+#: plugins/sudoers/sudoreplay.c:1425 plugins/sudoers/sudoreplay.c:1433
+#: plugins/sudoers/sudoreplay.c:1437 plugins/sudoers/sudoreplay.c:1593
+#: plugins/sudoers/sudoreplay.c:1597 plugins/sudoers/testsudoers.c:131
+#: plugins/sudoers/testsudoers.c:217 plugins/sudoers/testsudoers.c:234
+#: plugins/sudoers/timestamp.c:397 plugins/sudoers/timestamp.c:441
+#: plugins/sudoers/timestamp.c:868 plugins/sudoers/toke_util.c:56
+#: plugins/sudoers/toke_util.c:109 plugins/sudoers/toke_util.c:146
+#: plugins/sudoers/visudo.c:153 plugins/sudoers/visudo.c:309
+#: plugins/sudoers/visudo.c:315 plugins/sudoers/visudo.c:446
+#: plugins/sudoers/visudo.c:624 plugins/sudoers/visudo.c:985
+#: plugins/sudoers/visudo.c:1051 plugins/sudoers/visudo.c:1095
+#: plugins/sudoers/visudo.c:1197 plugins/sudoers/visudo_json.c:1025 toke.l:849
+#: toke.l:949 toke.l:1106
+#, c-format
+msgid "%s: %s"
+msgstr "%s: %s"
+
+#: plugins/sudoers/alias.c:135
+#, c-format
+msgid "Alias \"%s\" already defined"
+msgstr "A(z) „%s” álnév már meg van határozva"
+
+#: plugins/sudoers/auth/bsdauth.c:68
+#, c-format
+msgid "unable to get login class for user %s"
+msgstr "a bejelentkezési osztály lekérése sikertelen ennél a felhasználónál: %s"
+
+#: plugins/sudoers/auth/bsdauth.c:73
+msgid "unable to begin bsd authentication"
+msgstr "a BSD hitelesítés elkezdése sikertelen"
+
+#: plugins/sudoers/auth/bsdauth.c:81
+msgid "invalid authentication type"
+msgstr "érvénytelen hitelesítési típus"
+
+#: plugins/sudoers/auth/bsdauth.c:90
+msgid "unable to initialize BSD authentication"
+msgstr "a BSD hitelesítés előkészítése sikertelen"
+
+#: plugins/sudoers/auth/fwtk.c:52
+msgid "unable to read fwtk config"
+msgstr "az fwtk beállítás olvasása sikertelen"
+
+#: plugins/sudoers/auth/fwtk.c:57
+msgid "unable to connect to authentication server"
+msgstr "a hitelesítési kiszolgálóhoz való kapcsolódás sikertelen"
+
+#: plugins/sudoers/auth/fwtk.c:63 plugins/sudoers/auth/fwtk.c:87
+#: plugins/sudoers/auth/fwtk.c:121
+msgid "lost connection to authentication server"
+msgstr "a kapcsolat megszakadt a hitelesítési kiszolgálóval"
+
+#: plugins/sudoers/auth/fwtk.c:67
+#, c-format
+msgid ""
+"authentication server error:\n"
+"%s"
+msgstr ""
+"hitelesítési kiszolgáló hiba:\n"
+"%s"
+
+#: plugins/sudoers/auth/kerb5.c:111
+#, c-format
+msgid "%s: unable to convert principal to string ('%s'): %s"
+msgstr "%s: az elsődleges átalakítása karakterláncra („%s”) sikertelen: %s"
+
+#: plugins/sudoers/auth/kerb5.c:161
+#, c-format
+msgid "%s: unable to parse '%s': %s"
+msgstr "%s: „%s” feldolgozása sikertelen: %s"
+
+#: plugins/sudoers/auth/kerb5.c:170
+#, c-format
+msgid "%s: unable to resolve credential cache: %s"
+msgstr "%s: a hitelesítési adatok gyorsítótárának feloldása sikertelen: %s"
+
+#: plugins/sudoers/auth/kerb5.c:217
+#, c-format
+msgid "%s: unable to allocate options: %s"
+msgstr "%s: a kapcsolók lefoglalása sikertelen: %s"
+
+#: plugins/sudoers/auth/kerb5.c:232
+#, c-format
+msgid "%s: unable to get credentials: %s"
+msgstr "%s: a hitelesítési adatok lekérése sikertelen: %s"
+
+#: plugins/sudoers/auth/kerb5.c:245
+#, c-format
+msgid "%s: unable to initialize credential cache: %s"
+msgstr "%s: a hitelesítési adatok gyorsítótárának előkészítése sikertelen: %s"
+
+#: plugins/sudoers/auth/kerb5.c:248
+#, c-format
+msgid "%s: unable to store credential in cache: %s"
+msgstr "%s: a hitelesítési adatok gyorsítótárban való tárolósa sikertelen: %s"
+
+#: plugins/sudoers/auth/kerb5.c:312
+#, c-format
+msgid "%s: unable to get host principal: %s"
+msgstr "%s: az elsődleges gép lekérése sikertelen: %s"
+
+#: plugins/sudoers/auth/kerb5.c:326
+#, c-format
+msgid "%s: Cannot verify TGT! Possible attack!: %s"
+msgstr "%s: a TGT nem ellenőrizhető! Lehetséges támadás! %s"
+
+#: plugins/sudoers/auth/pam.c:108
+msgid "unable to initialize PAM"
+msgstr "a PAM előkészítése sikertelen"
+
+#: plugins/sudoers/auth/pam.c:194
+msgid "account validation failure, is your account locked?"
+msgstr "fiókellenőrzési hiba, a fiókja zárolva van?"
+
+#: plugins/sudoers/auth/pam.c:198
+msgid "Account or password is expired, reset your password and try again"
+msgstr "A fiók vagy a jelszó lejárt, állítsa vissza a jelszavát, és próbálja újra"
+
+#: plugins/sudoers/auth/pam.c:206
+#, c-format
+msgid "unable to change expired password: %s"
+msgstr "a lejárt jelszó megváltoztatása sikertelen: %s"
+
+#: plugins/sudoers/auth/pam.c:211
+msgid "Password expired, contact your system administrator"
+msgstr "A jelszó lejárt, vegye fel a kapcsolatot a rendszergazdával"
+
+#: plugins/sudoers/auth/pam.c:215
+msgid "Account expired or PAM config lacks an \"account\" section for sudo, contact your system administrator"
+msgstr "A fiók lejárt vagy a PAM beállításból hiányzik egy „account” szakasz a sudo számára, vegye fel a kapcsolatot a rendszergazdával"
+
+#: plugins/sudoers/auth/pam.c:229
+#, c-format
+msgid "PAM authentication error: %s"
+msgstr "PAM hitelesítési hiba: %s"
+
+#: plugins/sudoers/auth/rfc1938.c:97 plugins/sudoers/visudo.c:227
+#, c-format
+msgid "you do not exist in the %s database"
+msgstr "Ön nem létezik a(z) %s adatbázisban"
+
+#: plugins/sudoers/auth/securid5.c:73
+msgid "failed to initialise the ACE API library"
+msgstr "nem sikerült előkészíteni az ACE API programkönyvtárat"
+
+#: plugins/sudoers/auth/securid5.c:99
+msgid "unable to contact the SecurID server"
+msgstr "a SecurID kiszolgálóhoz való kapcsolódás sikertelen"
+
+#: plugins/sudoers/auth/securid5.c:108
+msgid "User ID locked for SecurID Authentication"
+msgstr "A felhasználó-azonosító zárolva van a SecurID hitelesítéshez"
+
+#: plugins/sudoers/auth/securid5.c:112 plugins/sudoers/auth/securid5.c:163
+msgid "invalid username length for SecurID"
+msgstr "érvénytelen felhasználónév hossz a SecurID-nál"
+
+#: plugins/sudoers/auth/securid5.c:116 plugins/sudoers/auth/securid5.c:168
+msgid "invalid Authentication Handle for SecurID"
+msgstr "érvénytelen hitelesítéskezelés a SecurID-nál"
+
+#: plugins/sudoers/auth/securid5.c:120
+msgid "SecurID communication failed"
+msgstr "a SecurID kommunikáció meghiúsult"
+
+#: plugins/sudoers/auth/securid5.c:124 plugins/sudoers/auth/securid5.c:213
+msgid "unknown SecurID error"
+msgstr "ismeretlen SecurID hiba"
+
+#: plugins/sudoers/auth/securid5.c:158
+msgid "invalid passcode length for SecurID"
+msgstr "érvénytelen jelkód hossz a SecurID-nál"
+
+#: plugins/sudoers/auth/sia.c:69 plugins/sudoers/auth/sia.c:125
+msgid "unable to initialize SIA session"
+msgstr "a SIA munkamenet előkészítése sikertelen"
+
+#: plugins/sudoers/auth/sudo_auth.c:126
+msgid "invalid authentication methods"
+msgstr "érvénytelen hitelesítési módszerek"
+
+#: plugins/sudoers/auth/sudo_auth.c:128
+msgid "Invalid authentication methods compiled into sudo!  You may not mix standalone and non-standalone authentication."
+msgstr "Érvénytelen hitelesítési módszerek lettek belefordítva a sudo programba! Nem keverheti az önálló és a nem önálló hitelesítéseket."
+
+#: plugins/sudoers/auth/sudo_auth.c:224 plugins/sudoers/auth/sudo_auth.c:274
+msgid "no authentication methods"
+msgstr "nincsenek hitelesítési módszerek"
+
+#: plugins/sudoers/auth/sudo_auth.c:226
+msgid "There are no authentication methods compiled into sudo!  If you want to turn off authentication, use the --disable-authentication configure option."
+msgstr "Nincsenek hitelesítési módszerek belefordítva a sudo programba! Ha ki szeretné kapcsolni a hitelesítést, akkor használja a --disable-authentication konfigurációs kapcsolót."
+
+#: plugins/sudoers/auth/sudo_auth.c:276
+msgid "Unable to initialize authentication methods."
+msgstr "A hitelesítési módszerek előkészítése sikertelen."
+
+#: plugins/sudoers/auth/sudo_auth.c:441
+msgid "Authentication methods:"
+msgstr "Hitelesítési módszerek:"
+
+#: plugins/sudoers/bsm_audit.c:120 plugins/sudoers/bsm_audit.c:211
+msgid "Could not determine audit condition"
+msgstr "Nem sikerült meghatározni a felülvizsgálati feltételt"
+
+#: plugins/sudoers/bsm_audit.c:183 plugins/sudoers/bsm_audit.c:273
+msgid "unable to commit audit record"
+msgstr "a felülvizsgálati rekord véglegesítése sikertelen"
+
+#: plugins/sudoers/check.c:259
+msgid ""
+"\n"
+"We trust you have received the usual lecture from the local System\n"
+"Administrator. It usually boils down to these three things:\n"
+"\n"
+"    #1) Respect the privacy of others.\n"
+"    #2) Think before you type.\n"
+"    #3) With great power comes great responsibility.\n"
+"\n"
+msgstr ""
+"\n"
+"Bízunk benne, hogy megkapta a szokásos tudnivalókat a helyi\n"
+"rendszergazdától. Általában a következő három dolog lényeges:\n"
+"\n"
+"    #1) Tartsa tiszteletben mások személyiségi jogait.\n"
+"    #2) Gondolkodjon gépelés előtt.\n"
+"    #3) A nagy erő nagy felelősséggel jár.\n"
+"\n"
+
+#: plugins/sudoers/check.c:302 plugins/sudoers/check.c:312
+#: plugins/sudoers/sudoers.c:725 plugins/sudoers/sudoers.c:770
+#, c-format
+msgid "unknown uid: %u"
+msgstr "ismeretlen uid: %u"
+
+#: plugins/sudoers/check.c:307 plugins/sudoers/iolog.c:260
+#: plugins/sudoers/policy.c:908 plugins/sudoers/sudoers.c:1162
+#: plugins/sudoers/testsudoers.c:208 plugins/sudoers/testsudoers.c:366
+#, c-format
+msgid "unknown user: %s"
+msgstr "ismeretlen felhasználó: %s"
+
+#: plugins/sudoers/def_data.c:41
+#, c-format
+msgid "Syslog facility if syslog is being used for logging: %s"
+msgstr "Syslog képesség, ha a syslog programot használják naplózáshoz: %s"
+
+#: plugins/sudoers/def_data.c:45
+#, c-format
+msgid "Syslog priority to use when user authenticates successfully: %s"
+msgstr "A használandó syslog prioritás, amikor a felhasználó sikeresen hitelesíti magát: %s"
+
+#: plugins/sudoers/def_data.c:49
+#, c-format
+msgid "Syslog priority to use when user authenticates unsuccessfully: %s"
+msgstr "A használandó syslog prioritás, amikor a felhasználó sikertelenül hitelesíti magát: %s"
+
+#: plugins/sudoers/def_data.c:53
+msgid "Put OTP prompt on its own line"
+msgstr "Az OTP kérdés elhelyezés a saját sorába"
+
+#: plugins/sudoers/def_data.c:57
+msgid "Ignore '.' in $PATH"
+msgstr "A „.” figyelmen kívül hagyása a $PATH változóban"
+
+#: plugins/sudoers/def_data.c:61
+msgid "Always send mail when sudo is run"
+msgstr "Mindig küldjön levelet, amikor a sudo fut"
+
+#: plugins/sudoers/def_data.c:65
+msgid "Send mail if user authentication fails"
+msgstr "Levél küldése, ha a felhasználó-hitelesítés sikertelen"
+
+#: plugins/sudoers/def_data.c:69
+msgid "Send mail if the user is not in sudoers"
+msgstr "Levél küldése, ha a felhasználó nincs a sudoers fájlban"
+
+#: plugins/sudoers/def_data.c:73
+msgid "Send mail if the user is not in sudoers for this host"
+msgstr "Levél küldése, ha a felhasználó nincs a sudoers fájlban ennél a gépnél"
+
+#: plugins/sudoers/def_data.c:77
+msgid "Send mail if the user is not allowed to run a command"
+msgstr "Levél küldése, ha a felhasználónak nem engedélyezett egy parancs futtatása"
+
+#: plugins/sudoers/def_data.c:81
+msgid "Send mail if the user tries to run a command"
+msgstr "Levél küldése, ha a felhasználó megpróbál egy parancsot futtatni"
+
+#: plugins/sudoers/def_data.c:85
+msgid "Use a separate timestamp for each user/tty combo"
+msgstr "Különálló időbélyeg használata minden felhasználó/tty párosnál"
+
+#: plugins/sudoers/def_data.c:89
+msgid "Lecture user the first time they run sudo"
+msgstr "Felhasználó oktatása a sudo első alkalommal történő futtatásakor"
+
+#: plugins/sudoers/def_data.c:93
+#, c-format
+msgid "File containing the sudo lecture: %s"
+msgstr "A sudo oktatóanyagot tartalmazó fájl: %s"
+
+#: plugins/sudoers/def_data.c:97
+msgid "Require users to authenticate by default"
+msgstr "Felhasználók hitelesítésének megkövetelése alapértelmezetten"
+
+#: plugins/sudoers/def_data.c:101
+msgid "Root may run sudo"
+msgstr "A rendszergazda futtathatja a sudo programot"
+
+#: plugins/sudoers/def_data.c:105
+msgid "Log the hostname in the (non-syslog) log file"
+msgstr "A gépnév naplózása a (nem syslog) naplófájlba"
+
+#: plugins/sudoers/def_data.c:109
+msgid "Log the year in the (non-syslog) log file"
+msgstr "Az év naplózása a (nem syslog) naplófájlba"
+
+#: plugins/sudoers/def_data.c:113
+msgid "If sudo is invoked with no arguments, start a shell"
+msgstr "Ha a sudo programot argumentumok nélkül hívják meg, akkor indítson egy parancsértelmezőt"
+
+#: plugins/sudoers/def_data.c:117
+msgid "Set $HOME to the target user when starting a shell with -s"
+msgstr "A $HOME beállítása a célfelhasználóra, amikor a -s kapcsolóval indít egy parancsértelmezőt"
+
+#: plugins/sudoers/def_data.c:121
+msgid "Always set $HOME to the target user's home directory"
+msgstr "Mindig állítsa be a $HOME értékét a célfelhasználó saját könyvtárára"
+
+#: plugins/sudoers/def_data.c:125
+msgid "Allow some information gathering to give useful error messages"
+msgstr "Néhány információ begyűjtésének engedélyezése hasznos hibaüzenetek adásához"
+
+#: plugins/sudoers/def_data.c:129
+msgid "Require fully-qualified hostnames in the sudoers file"
+msgstr "Teljes képzésű gépnevek megkövetelése a sudoers fájlban"
+
+#: plugins/sudoers/def_data.c:133
+msgid "Insult the user when they enter an incorrect password"
+msgstr "A felhasználó piszkálása, amikor helytelen jelszót ad meg"
+
+#: plugins/sudoers/def_data.c:137
+msgid "Only allow the user to run sudo if they have a tty"
+msgstr "Csak akkor engedélyezze a sudo futtatását a felhasználónak, ha rendelkezik tty-nal"
+
+#: plugins/sudoers/def_data.c:141
+msgid "Visudo will honor the EDITOR environment variable"
+msgstr "A visudo el fogja fogadni az EDITOR környezeti változót"
+
+#: plugins/sudoers/def_data.c:145
+msgid "Prompt for root's password, not the users's"
+msgstr "A rendszergazda jelszavának bekérése, nem a felhasználóénak"
+
+#: plugins/sudoers/def_data.c:149
+msgid "Prompt for the runas_default user's password, not the users's"
+msgstr "A runas_default felhasználó jelszavának bekérése, nem a felhasználóénak"
+
+#: plugins/sudoers/def_data.c:153
+msgid "Prompt for the target user's password, not the users's"
+msgstr "A célfelhasználó jelszavának bekérése, nem a felhasználóénak"
+
+#: plugins/sudoers/def_data.c:157
+msgid "Apply defaults in the target user's login class if there is one"
+msgstr "Alapértelmezések alkalmazása a célfelhasználó bejelentkezési osztályán, ha van ilyen"
+
+#: plugins/sudoers/def_data.c:161
+msgid "Set the LOGNAME and USER environment variables"
+msgstr "A LOGNAME és a USER környezeti változók beállítása"
+
+#: plugins/sudoers/def_data.c:165
+msgid "Only set the effective uid to the target user, not the real uid"
+msgstr "Csak a tényleges uid beállítása a célfelhasználóra, nem a valódi uid értékének"
+
+#: plugins/sudoers/def_data.c:169
+msgid "Don't initialize the group vector to that of the target user"
+msgstr "Ne készítse elő a csoportvektort a célfelhasználóéra"
+
+#: plugins/sudoers/def_data.c:173
+#, c-format
+msgid "Length at which to wrap log file lines (0 for no wrap): %u"
+msgstr "A hossz, amelyre a naplófájl sorait tördelni kell (0 esetén nincs tördelés): %u"
+
+#: plugins/sudoers/def_data.c:177
+#, c-format
+msgid "Authentication timestamp timeout: %.1f minutes"
+msgstr "Hitelesítési időbélyeg időkorlát: %.1f perc"
+
+#: plugins/sudoers/def_data.c:181
+#, c-format
+msgid "Password prompt timeout: %.1f minutes"
+msgstr "Jelszóbekérési időkorlát: %.1f perc"
+
+#: plugins/sudoers/def_data.c:185
+#, c-format
+msgid "Number of tries to enter a password: %u"
+msgstr "Egy jelszómegadás kísérleteinek száma: %u"
+
+#: plugins/sudoers/def_data.c:189
+#, c-format
+msgid "Umask to use or 0777 to use user's: 0%o"
+msgstr "A használandó umask vagy 0777 a felhasználóé használatához: 0%o"
+
+#: plugins/sudoers/def_data.c:193
+#, c-format
+msgid "Path to log file: %s"
+msgstr "Útvonal a naplófájlhoz: %s"
+
+#: plugins/sudoers/def_data.c:197
+#, c-format
+msgid "Path to mail program: %s"
+msgstr "Útvonal a levelezőprogramhoz: %s"
+
+#: plugins/sudoers/def_data.c:201
+#, c-format
+msgid "Flags for mail program: %s"
+msgstr "Jelzők a levelezőprogramhoz: %s"
+
+#: plugins/sudoers/def_data.c:205
+#, c-format
+msgid "Address to send mail to: %s"
+msgstr "A cím, amelyre a levelet küldeni kell: %s"
+
+#: plugins/sudoers/def_data.c:209
+#, c-format
+msgid "Address to send mail from: %s"
+msgstr "A cím, amelyről a levelet küldeni kell: %s"
+
+#: plugins/sudoers/def_data.c:213
+#, c-format
+msgid "Subject line for mail messages: %s"
+msgstr "Tárgysor a levél üzeneteihez: %s"
+
+#: plugins/sudoers/def_data.c:217
+#, c-format
+msgid "Incorrect password message: %s"
+msgstr "Helytelen jelszó üzenet: %s"
+
+#: plugins/sudoers/def_data.c:221
+#, c-format
+msgid "Path to lecture status dir: %s"
+msgstr "Útvonal az oktatóanyag állapot könyvtárához: %s"
+
+#: plugins/sudoers/def_data.c:225
+#, c-format
+msgid "Path to authentication timestamp dir: %s"
+msgstr "Útvonal a hitelesítési időbélyeg könyvtárához: %s"
+
+#: plugins/sudoers/def_data.c:229
+#, c-format
+msgid "Owner of the authentication timestamp dir: %s"
+msgstr "A hitelesítési időbélyeg könyvtárának tulajdonosa: %s"
+
+#: plugins/sudoers/def_data.c:233
+#, c-format
+msgid "Users in this group are exempt from password and PATH requirements: %s"
+msgstr "Az ebben a csoportban lévő felhasználók mentesülnek a jelszó és PATH követelmények alól: %s"
+
+#: plugins/sudoers/def_data.c:237
+#, c-format
+msgid "Default password prompt: %s"
+msgstr "Alapértelmezett jelszóbekérés: %s"
+
+#: plugins/sudoers/def_data.c:241
+msgid "If set, passprompt will override system prompt in all cases."
+msgstr "Ha be van állítva, akkor a jelszóbekérés minden esetben felül fogja bírálni a rendszer bekéréseit."
+
+#: plugins/sudoers/def_data.c:245
+#, c-format
+msgid "Default user to run commands as: %s"
+msgstr "Alapértelmezett felhasználó a parancsok futtatásához másként: %s"
+
+#: plugins/sudoers/def_data.c:249
+#, c-format
+msgid "Value to override user's $PATH with: %s"
+msgstr "Érték a felhasználó $PATH változójának felülbírálásához ezzel: %s"
+
+#: plugins/sudoers/def_data.c:253
+#, c-format
+msgid "Path to the editor for use by visudo: %s"
+msgstr "Útvonal a visudo által használt szerkesztőhöz: %s"
+
+#: plugins/sudoers/def_data.c:257
+#, c-format
+msgid "When to require a password for 'list' pseudocommand: %s"
+msgstr "Mikor szükséges jelszó a „list” álparancshoz: %s"
+
+#: plugins/sudoers/def_data.c:261
+#, c-format
+msgid "When to require a password for 'verify' pseudocommand: %s"
+msgstr "Mikor szükséges jelszó a „verify” álparancshoz: %s"
+
+#: plugins/sudoers/def_data.c:265
+msgid "Preload the dummy exec functions contained in the sudo_noexec library"
+msgstr "A sudo_noexec programkönyvtárban található üres végrehajtási függvények előtöltése"
+
+#: plugins/sudoers/def_data.c:269
+msgid "If LDAP directory is up, do we ignore local sudoers file"
+msgstr "Ha az LDAP könyvtár be van kapcsolva, akkor mellőzzük-e a helyi sodoers fájlt"
+
+#: plugins/sudoers/def_data.c:273
+#, c-format
+msgid "File descriptors >= %d will be closed before executing a command"
+msgstr "A fájlleírók >= %d le lesznek zárva a parancs végrehajtása előtt"
+
+#: plugins/sudoers/def_data.c:277
+msgid "If set, users may override the value of `closefrom' with the -C option"
+msgstr "Ha be van állítva, akkor a felhasználók felülbírálhatják a „closefrom” értékét a -C kapcsolóval"
+
+#: plugins/sudoers/def_data.c:281
+msgid "Allow users to set arbitrary environment variables"
+msgstr "Lehetővé teszi a felhasználóknak tetszőleges környezeti változók beállítását"
+
+#: plugins/sudoers/def_data.c:285
+msgid "Reset the environment to a default set of variables"
+msgstr "A környezet visszaállítása egy alapértelmezett változókészletre"
+
+#: plugins/sudoers/def_data.c:289
+msgid "Environment variables to check for sanity:"
+msgstr "Környezeti változók az épség ellenőrzéséhez:"
+
+#: plugins/sudoers/def_data.c:293
+msgid "Environment variables to remove:"
+msgstr "Eltávolítandó környezeti változók:"
+
+#: plugins/sudoers/def_data.c:297
+msgid "Environment variables to preserve:"
+msgstr "Megőrzendő környezeti változók:"
+
+#: plugins/sudoers/def_data.c:301
+#, c-format
+msgid "SELinux role to use in the new security context: %s"
+msgstr "Az új biztonsági környezetben használandó SELinux szerep: %s"
+
+#: plugins/sudoers/def_data.c:305
+#, c-format
+msgid "SELinux type to use in the new security context: %s"
+msgstr "Az új biztonsági környezetben használandó SELinux típus: %s"
+
+#: plugins/sudoers/def_data.c:309
+#, c-format
+msgid "Path to the sudo-specific environment file: %s"
+msgstr "Útvonal a sudo specifikus környezeti fájlhoz: %s"
+
+#: plugins/sudoers/def_data.c:313
+#, c-format
+msgid "Path to the restricted sudo-specific environment file: %s"
+msgstr "Útvonal a korlátozott sudo specifikus környezeti fájlhoz: %s"
+
+#: plugins/sudoers/def_data.c:317
+#, c-format
+msgid "Locale to use while parsing sudoers: %s"
+msgstr "A sudoers feldolgozásakor használandó területi beállítás: %s"
+
+#: plugins/sudoers/def_data.c:321
+msgid "Allow sudo to prompt for a password even if it would be visible"
+msgstr "Lehetővé tenni a sudo számára egy jelszó bekérését akkor is, ha látható lesz"
+
+#: plugins/sudoers/def_data.c:325
+msgid "Provide visual feedback at the password prompt when there is user input"
+msgstr "Látható visszajelzés nyújtása a jelszóbekérésnél, amikor felhasználói bevitel van"
+
+#: plugins/sudoers/def_data.c:329
+msgid "Use faster globbing that is less accurate but does not access the filesystem"
+msgstr "Gyorsabb mintaillesztés használata, ami kevésbé pontos, de nem fér hozzá a fájlrendszerhez"
+
+#: plugins/sudoers/def_data.c:333
+msgid "The umask specified in sudoers will override the user's, even if it is more permissive"
+msgstr "A sudoers fájlban megadott umask felül fogja bírálni a felhasználóét akkor is, ha az engedékenyebb"
+
+#: plugins/sudoers/def_data.c:337
+msgid "Log user's input for the command being run"
+msgstr "A futtatott parancs felhasználói bevitelének naplózása"
+
+#: plugins/sudoers/def_data.c:341
+msgid "Log the output of the command being run"
+msgstr "A futtatott parancs kimenetének naplózása"
+
+#: plugins/sudoers/def_data.c:345
+msgid "Compress I/O logs using zlib"
+msgstr "I/O naplók tömörítése zlib használatával"
+
+#: plugins/sudoers/def_data.c:349
+msgid "Always run commands in a pseudo-tty"
+msgstr "A parancsokat mindig egy ál-tty-ban futtassa"
+
+#: plugins/sudoers/def_data.c:353
+#, c-format
+msgid "Plugin for non-Unix group support: %s"
+msgstr "Bővítmény a nem Unix csoport támogatáshoz: %s"
+
+#: plugins/sudoers/def_data.c:357
+#, c-format
+msgid "Directory in which to store input/output logs: %s"
+msgstr "A könyvtár, amelyben a bemeneti/kimeneti naplók tárolva lesznek: %s"
+
+#: plugins/sudoers/def_data.c:361
+#, c-format
+msgid "File in which to store the input/output log: %s"
+msgstr "A fájl, amelyben a bemeneti/kimeneti napló tárolva lesz: %s"
+
+#: plugins/sudoers/def_data.c:365
+msgid "Add an entry to the utmp/utmpx file when allocating a pty"
+msgstr "Bejegyzés hozzáadása az utmp/utmpx fájlhoz egy pty lefoglalásakor"
+
+#: plugins/sudoers/def_data.c:369
+msgid "Set the user in utmp to the runas user, not the invoking user"
+msgstr "Az utmp-ben lévő felhasználó beállítása a runas felhasználóra, nem a meghívó felhasználóra"
+
+#: plugins/sudoers/def_data.c:373
+#, c-format
+msgid "Set of permitted privileges: %s"
+msgstr "Engedélyezett jogosultságok halmaza: %s"
+
+#: plugins/sudoers/def_data.c:377
+#, c-format
+msgid "Set of limit privileges: %s"
+msgstr "Korlátozott jogosultságok halmaza: %s"
+
+#: plugins/sudoers/def_data.c:381
+msgid "Run commands on a pty in the background"
+msgstr "Parancsok futtatása egy pty-on a háttérben"
+
+#: plugins/sudoers/def_data.c:385
+#, c-format
+msgid "PAM service name to use: %s"
+msgstr "A használandó PAM szolgáltatás neve: %s"
+
+#: plugins/sudoers/def_data.c:389
+#, c-format
+msgid "PAM service name to use for login shells: %s"
+msgstr "A bejelentkezési parancsértelmezőkhöz használandó PAM szolgáltatás neve: %s"
+
+#: plugins/sudoers/def_data.c:393
+msgid "Attempt to establish PAM credentials for the target user"
+msgstr "PAM hitelesítési adatok kiépítésének kísérlete a célfelhasználónál"
+
+#: plugins/sudoers/def_data.c:397
+msgid "Create a new PAM session for the command to run in"
+msgstr "Új PAM munkamenet létrehozása annál a parancsnál, amelyben fut"
+
+#: plugins/sudoers/def_data.c:401
+#, c-format
+msgid "Maximum I/O log sequence number: %u"
+msgstr "Legnagyobb I/O napló sorozatszáma: %u"
+
+#: plugins/sudoers/def_data.c:405
+msgid "Enable sudoers netgroup support"
+msgstr "A sudoers netgroup támogatásának engedélyezése"
+
+#: plugins/sudoers/def_data.c:409
+msgid "Check parent directories for writability when editing files with sudoedit"
+msgstr "A szülőkönyvtárak írhatóságának ellenőrzése a sudoedit programmal történő fájlszerkesztéskor"
+
+#: plugins/sudoers/def_data.c:413
+msgid "Follow symbolic links when editing files with sudoedit"
+msgstr "Szimbolikus linkek követése a sudoedit programmal történő fájlszerkesztéskor"
+
+#: plugins/sudoers/def_data.c:417
+msgid "Query the group plugin for unknown system groups"
+msgstr ""
+
+#: plugins/sudoers/def_data.c:421
+msgid "Match netgroups based on the entire tuple: user, host and domain"
+msgstr ""
+
+#: plugins/sudoers/def_data.c:425
+msgid "Allow commands to be run even if sudo cannot write to the audit log"
+msgstr ""
+
+#: plugins/sudoers/def_data.c:429
+msgid "Allow commands to be run even if sudo cannot write to the I/O log"
+msgstr ""
+
+#: plugins/sudoers/def_data.c:433
+msgid "Allow commands to be run even if sudo cannot write to the log file"
+msgstr ""
+
+#: plugins/sudoers/def_data.c:437
+msgid "Resolve groups in sudoers and match on the group ID, not the name"
+msgstr ""
+
+#: plugins/sudoers/def_data.c:441
+#, c-format
+msgid "Log entries larger than this value will be split into multiple syslog messages: %u"
+msgstr ""
+
+#: plugins/sudoers/def_data.c:445
+#, c-format
+msgid "User that will own the I/O log files: %s"
+msgstr ""
+
+#: plugins/sudoers/def_data.c:449
+#, c-format
+msgid "Group that will own the I/O log files: %s"
+msgstr ""
+
+#: plugins/sudoers/def_data.c:453
+#, c-format
+msgid "File mode to use for the I/O log files: 0%o"
+msgstr ""
+
+#: plugins/sudoers/def_data.c:457
+#, c-format
+msgid "Execute commands by file descriptor instead of by path: %s"
+msgstr ""
+
+#: plugins/sudoers/def_data.c:461
+msgid "Ignore unknown Defaults entries in sudoers instead of producing a warning"
+msgstr ""
+
+#: plugins/sudoers/def_data.c:465
+#, c-format
+msgid "Time in seconds after which the command will be terminated: %u"
+msgstr ""
+
+#: plugins/sudoers/def_data.c:469
+msgid "Allow the user to specify a timeout on the command line"
+msgstr ""
+
+#: plugins/sudoers/def_data.c:473
+msgid "Flush I/O log data to disk immediately instead of buffering it"
+msgstr ""
+
+#: plugins/sudoers/def_data.c:477
+msgid "Include the process ID when logging via syslog"
+msgstr ""
+
+#: plugins/sudoers/def_data.c:481
+#, c-format
+msgid "Type of authentication timestamp record: %s"
+msgstr ""
+
+#: plugins/sudoers/def_data.c:485
+#, c-format
+msgid "Authentication failure message: %s"
+msgstr ""
+
+#: plugins/sudoers/defaults.c:221
+#, c-format
+msgid "%s:%d unknown defaults entry \"%s\""
+msgstr ""
+
+#: plugins/sudoers/defaults.c:224
+#, c-format
+msgid "%s: unknown defaults entry \"%s\""
+msgstr ""
+
+#: plugins/sudoers/defaults.c:267
+#, c-format
+msgid "%s:%d no value specified for \"%s\""
+msgstr ""
+
+#: plugins/sudoers/defaults.c:270
+#, c-format
+msgid "%s: no value specified for \"%s\""
+msgstr ""
+
+#: plugins/sudoers/defaults.c:290
+#, c-format
+msgid "%s:%d values for \"%s\" must start with a '/'"
+msgstr ""
+
+#: plugins/sudoers/defaults.c:293
+#, c-format
+msgid "%s: values for \"%s\" must start with a '/'"
+msgstr ""
+
+#: plugins/sudoers/defaults.c:318
+#, c-format
+msgid "%s:%d option \"%s\" does not take a value"
+msgstr ""
+
+#: plugins/sudoers/defaults.c:321
+#, c-format
+msgid "%s: option \"%s\" does not take a value"
+msgstr ""
+
+#: plugins/sudoers/defaults.c:343
+#, c-format
+msgid "%s:%d invalid Defaults type 0x%x for option \"%s\""
+msgstr ""
+
+#: plugins/sudoers/defaults.c:346
+#, c-format
+msgid "%s: invalid Defaults type 0x%x for option \"%s\""
+msgstr ""
+
+#: plugins/sudoers/defaults.c:356
+#, c-format
+msgid "%s:%d value \"%s\" is invalid for option \"%s\""
+msgstr ""
+
+#: plugins/sudoers/defaults.c:359
+#, c-format
+msgid "%s: value \"%s\" is invalid for option \"%s\""
+msgstr ""
+
+#: plugins/sudoers/env.c:295 plugins/sudoers/env.c:302
+#: plugins/sudoers/env.c:407 plugins/sudoers/ldap.c:453
+#: plugins/sudoers/ldap.c:543 plugins/sudoers/ldap.c:1270
+#: plugins/sudoers/ldap.c:1497 plugins/sudoers/ldap.c:1822
+#: plugins/sudoers/linux_audit.c:82 plugins/sudoers/logging.c:1003
+#: plugins/sudoers/policy.c:619 plugins/sudoers/policy.c:629
+#: plugins/sudoers/prompt.c:161 plugins/sudoers/sudoers.c:873
+#: plugins/sudoers/testsudoers.c:238 plugins/sudoers/toke_util.c:158
+#, c-format
+msgid "internal error, %s overflow"
+msgstr ""
+
+#: plugins/sudoers/env.c:376
+msgid "sudo_putenv: corrupted envp, length mismatch"
+msgstr ""
+
+#: plugins/sudoers/env.c:1055
+msgid "unable to rebuild the environment"
+msgstr ""
+
+#: plugins/sudoers/env.c:1129
+#, c-format
+msgid "sorry, you are not allowed to set the following environment variables: %s"
+msgstr ""
+
+#: plugins/sudoers/filedigest.c:104 plugins/sudoers/filedigest_gcrypt.c:66
+#: plugins/sudoers/filedigest_openssl.c:95
+#, c-format
+msgid "unsupported digest type %d for %s"
+msgstr ""
+
+#: plugins/sudoers/filedigest.c:129 plugins/sudoers/filedigest_gcrypt.c:98
+#: plugins/sudoers/filedigest_openssl.c:120
+#, c-format
+msgid "%s: read error"
+msgstr "%s: olvasási hiba"
+
+#: plugins/sudoers/group_plugin.c:86
+#, c-format
+msgid "%s must be owned by uid %d"
+msgstr "%s a(z) %d uid tulajdona kell legyen"
+
+#: plugins/sudoers/group_plugin.c:90
+#, c-format
+msgid "%s must only be writable by owner"
+msgstr "%s csak a tulajdonos által írható lehet"
+
+#: plugins/sudoers/group_plugin.c:98 plugins/sudoers/sssd.c:400
+#, c-format
+msgid "unable to load %s: %s"
+msgstr "a(z) %s nem tölthető be: %s"
+
+#: plugins/sudoers/group_plugin.c:104
+#, c-format
+msgid "unable to find symbol \"group_plugin\" in %s"
+msgstr "nem található a „group_plugin” szimbólum ebben: %s"
+
+#: plugins/sudoers/group_plugin.c:109
+#, c-format
+msgid "%s: incompatible group plugin major version %d, expected %d"
+msgstr ""
+
+#: plugins/sudoers/interfaces.c:79 plugins/sudoers/interfaces.c:96
+#, c-format
+msgid "unable to parse IP address \"%s\""
+msgstr ""
+
+#: plugins/sudoers/interfaces.c:84 plugins/sudoers/interfaces.c:101
+#, c-format
+msgid "unable to parse netmask \"%s\""
+msgstr ""
+
+#: plugins/sudoers/interfaces.c:129
+msgid "Local IP address and netmask pairs:\n"
+msgstr ""
+
+#: plugins/sudoers/iolog.c:121 plugins/sudoers/mkdir_parents.c:75
+#, c-format
+msgid "%s exists but is not a directory (0%o)"
+msgstr ""
+
+#: plugins/sudoers/iolog.c:146 plugins/sudoers/iolog.c:187
+#: plugins/sudoers/mkdir_parents.c:64 plugins/sudoers/timestamp.c:175
+#, c-format
+msgid "unable to mkdir %s"
+msgstr "%s könyvtár létrehozása sikertelen"
+
+#: plugins/sudoers/iolog.c:191 plugins/sudoers/visudo.c:740
+#: plugins/sudoers/visudo.c:750
+#, c-format
+msgid "unable to change mode of %s to 0%o"
+msgstr "nem lehet a(z) %s módját megváltoztatni erre: 0%o"
+
+#: plugins/sudoers/iolog.c:299 plugins/sudoers/sudoers.c:1193
+#: plugins/sudoers/testsudoers.c:390
+#, c-format
+msgid "unknown group: %s"
+msgstr "ismeretlen csoport: %s"
+
+#: plugins/sudoers/iolog.c:418 plugins/sudoers/sudoers.c:929
+#: plugins/sudoers/sudoreplay.c:349 plugins/sudoers/sudoreplay.c:1355
+#: plugins/sudoers/sudoreplay.c:1559 plugins/sudoers/timestamp.c:406
+#: plugins/sudoers/visudo.c:972 plugins/sudoers/visudo_json.c:1001
+#: plugins/sudoers/visudo_json.c:1014
+#, c-format
+msgid "unable to open %s"
+msgstr "%s nem nyitható meg"
+
+#: plugins/sudoers/iolog.c:469 plugins/sudoers/sudoers.c:933
+#: plugins/sudoers/sudoreplay.c:857 plugins/sudoers/sudoreplay.c:1670
+#, c-format
+msgid "unable to read %s"
+msgstr "%s nem olvasható"
+
+#: plugins/sudoers/iolog.c:505 plugins/sudoers/sudoreplay.c:1124
+#: plugins/sudoers/timestamp.c:295 plugins/sudoers/timestamp.c:298
+#, c-format
+msgid "unable to write to %s"
+msgstr "az írás sikertelen ebbe: %s"
+
+#: plugins/sudoers/iolog.c:584 plugins/sudoers/iolog.c:803
+#, c-format
+msgid "unable to create %s"
+msgstr "%s létrehozása sikertelen"
+
+#: plugins/sudoers/iolog.c:1035 plugins/sudoers/iolog.c:1110
+#: plugins/sudoers/iolog.c:1191
+#, c-format
+msgid "unable to write to I/O log file: %s"
+msgstr ""
+
+#: plugins/sudoers/iolog.c:1069
+#, c-format
+msgid "%s: internal error, file index %d not open"
+msgstr ""
+
+#: plugins/sudoers/ldap.c:431
+msgid "sudo_ldap_conf_add_ports: port too large"
+msgstr ""
+
+#: plugins/sudoers/ldap.c:491
+#, c-format
+msgid "unsupported LDAP uri type: %s"
+msgstr ""
+
+#: plugins/sudoers/ldap.c:518
+msgid "unable to mix ldap and ldaps URIs"
+msgstr ""
+
+#: plugins/sudoers/ldap.c:522 plugins/sudoers/ldap.c:559
+msgid "starttls not supported when using ldaps"
+msgstr ""
+
+#: plugins/sudoers/ldap.c:630
+#, c-format
+msgid "unable to initialize SSL cert and key db: %s"
+msgstr ""
+
+#: plugins/sudoers/ldap.c:633
+#, c-format
+msgid "you must set TLS_CERT in %s to use SSL"
+msgstr ""
+
+#: plugins/sudoers/ldap.c:1256
+msgid "unable to get GMT time"
+msgstr ""
+
+#: plugins/sudoers/ldap.c:1262
+msgid "unable to format timestamp"
+msgstr ""
+
+#: plugins/sudoers/ldap.c:1986
+#, c-format
+msgid "%s: %s: %s: %s"
+msgstr ""
+
+#: plugins/sudoers/ldap.c:2559
+#, c-format
+msgid ""
+"\n"
+"LDAP Role: %s\n"
+msgstr ""
+
+#: plugins/sudoers/ldap.c:2561
+#, c-format
+msgid ""
+"\n"
+"LDAP Role: UNKNOWN\n"
+msgstr ""
+
+#: plugins/sudoers/ldap.c:2617
+#, c-format
+msgid "    Order: %s\n"
+msgstr "    Sorrend: %s\n"
+
+#: plugins/sudoers/ldap.c:2625 plugins/sudoers/parse.c:618
+#: plugins/sudoers/sssd.c:1647
+#, c-format
+msgid "    Commands:\n"
+msgstr "    Parancsok:\n"
+
+#: plugins/sudoers/ldap.c:3187
+#, c-format
+msgid "unable to initialize LDAP: %s"
+msgstr ""
+
+#: plugins/sudoers/ldap.c:3223
+msgid "start_tls specified but LDAP libs do not support ldap_start_tls_s() or ldap_start_tls_s_np()"
+msgstr ""
+
+#: plugins/sudoers/ldap.c:3475
+#, c-format
+msgid "invalid sudoOrder attribute: %s"
+msgstr ""
+
+#: plugins/sudoers/linux_audit.c:52
+msgid "unable to open audit system"
+msgstr ""
+
+#: plugins/sudoers/linux_audit.c:93
+msgid "unable to send audit message"
+msgstr ""
+
+#: plugins/sudoers/logging.c:108
+#, c-format
+msgid "%8s : %s"
+msgstr "%8s : %s"
+
+#: plugins/sudoers/logging.c:136
+#, c-format
+msgid "%8s : (command continued) %s"
+msgstr "%8s : (parancs folytatása) %s"
+
+#: plugins/sudoers/logging.c:165
+#, c-format
+msgid "unable to open log file: %s"
+msgstr ""
+
+#: plugins/sudoers/logging.c:173
+#, c-format
+msgid "unable to lock log file: %s"
+msgstr ""
+
+#: plugins/sudoers/logging.c:206
+#, c-format
+msgid "unable to write log file: %s"
+msgstr ""
+
+#: plugins/sudoers/logging.c:235
+msgid "No user or host"
+msgstr "Nem felhasználó vagy gép"
+
+#: plugins/sudoers/logging.c:237
+msgid "validation failure"
+msgstr "érvényesítési hiba"
+
+#: plugins/sudoers/logging.c:244
+msgid "user NOT in sudoers"
+msgstr "a felhasználó NINCS a sudoers-ben"
+
+#: plugins/sudoers/logging.c:246
+msgid "user NOT authorized on host"
+msgstr "a felhasználó NINCS felhatalmazva a gépen"
+
+#: plugins/sudoers/logging.c:248
+msgid "command not allowed"
+msgstr "a parancs nem engedélyezett"
+
+#: plugins/sudoers/logging.c:283
+#, c-format
+msgid "%s is not in the sudoers file.  This incident will be reported.\n"
+msgstr "%s nincs a sudoers fájlban. Ez az eset jelentésre kerül.\n"
+
+#: plugins/sudoers/logging.c:286
+#, c-format
+msgid "%s is not allowed to run sudo on %s.  This incident will be reported.\n"
+msgstr "%s nem futtathatja a sudo-t ezen: %s. Ez az eset jelentésre kerül.\n"
+
+#: plugins/sudoers/logging.c:290
+#, c-format
+msgid "Sorry, user %s may not run sudo on %s.\n"
+msgstr "Elnézést, %s felhasználó nem futtathatja a sudo-t ezen: %s.\n"
+
+#: plugins/sudoers/logging.c:293
+#, c-format
+msgid "Sorry, user %s is not allowed to execute '%s%s%s' as %s%s%s on %s.\n"
+msgstr ""
+
+#: plugins/sudoers/logging.c:330 plugins/sudoers/sudoers.c:473
+#: plugins/sudoers/sudoers.c:475 plugins/sudoers/sudoers.c:477
+#: plugins/sudoers/sudoers.c:479 plugins/sudoers/sudoers.c:1298
+#: plugins/sudoers/sudoers.c:1300
+#, c-format
+msgid "%s: command not found"
+msgstr "%s: parancs nem található"
+
+#: plugins/sudoers/logging.c:332 plugins/sudoers/sudoers.c:469
+#, c-format
+msgid ""
+"ignoring \"%s\" found in '.'\n"
+"Use \"sudo ./%s\" if this is the \"%s\" you wish to run."
+msgstr ""
+
+#: plugins/sudoers/logging.c:349
+msgid "authentication failure"
+msgstr "hitelesítési hiba"
+
+#: plugins/sudoers/logging.c:375
+msgid "a password is required"
+msgstr "jelszó szükséges"
+
+#: plugins/sudoers/logging.c:438
+#, c-format
+msgid "%u incorrect password attempt"
+msgid_plural "%u incorrect password attempts"
+msgstr[0] "%u helytelen jelszópróbálkozás"
+msgstr[1] "%u helytelen jelszópróbálkozás"
+
+#: plugins/sudoers/logging.c:654
+msgid "unable to fork"
+msgstr ""
+
+#: plugins/sudoers/logging.c:662 plugins/sudoers/logging.c:714
+#, c-format
+msgid "unable to fork: %m"
+msgstr ""
+
+#: plugins/sudoers/logging.c:704
+#, c-format
+msgid "unable to open pipe: %m"
+msgstr ""
+
+#: plugins/sudoers/logging.c:729
+#, c-format
+msgid "unable to dup stdin: %m"
+msgstr ""
+
+#: plugins/sudoers/logging.c:767
+#, c-format
+msgid "unable to execute %s: %m"
+msgstr ""
+
+#: plugins/sudoers/match.c:771
+#, c-format
+msgid "digest for %s (%s) is not in %s form"
+msgstr ""
+
+#: plugins/sudoers/mkdir_parents.c:70 plugins/sudoers/sudoers.c:944
+#: plugins/sudoers/visudo.c:439 plugins/sudoers/visudo.c:734
+#, c-format
+msgid "unable to stat %s"
+msgstr "%s nem érhető el"
+
+#: plugins/sudoers/parse.c:115
+#, c-format
+msgid "parse error in %s near line %d"
+msgstr ""
+
+#: plugins/sudoers/parse.c:118
+#, c-format
+msgid "parse error in %s"
+msgstr ""
+
+#: plugins/sudoers/parse.c:544
+#, c-format
+msgid ""
+"\n"
+"Sudoers entry:\n"
+msgstr ""
+
+#: plugins/sudoers/parse.c:545
+#, c-format
+msgid "    RunAsUsers: "
+msgstr ""
+
+#: plugins/sudoers/parse.c:559
+#, c-format
+msgid "    RunAsGroups: "
+msgstr ""
+
+#: plugins/sudoers/parse.c:568
+#, c-format
+msgid "    Options: "
+msgstr ""
+
+#: plugins/sudoers/policy.c:84 plugins/sudoers/policy.c:110
+#, c-format
+msgid "invalid %.*s set by sudo front-end"
+msgstr ""
+
+#: plugins/sudoers/policy.c:289 plugins/sudoers/testsudoers.c:261
+msgid "unable to parse network address list"
+msgstr ""
+
+#: plugins/sudoers/policy.c:433
+msgid "user name not set by sudo front-end"
+msgstr ""
+
+#: plugins/sudoers/policy.c:437
+msgid "user ID not set by sudo front-end"
+msgstr ""
+
+#: plugins/sudoers/policy.c:441
+msgid "group ID not set by sudo front-end"
+msgstr ""
+
+#: plugins/sudoers/policy.c:445
+msgid "host name not set by sudo front-end"
+msgstr ""
+
+#: plugins/sudoers/policy.c:793 plugins/sudoers/visudo.c:910
+#, c-format
+msgid "unable to execute %s"
+msgstr "%s nem hajtható végre"
+
+#: plugins/sudoers/policy.c:926
+#, c-format
+msgid "Sudoers policy plugin version %s\n"
+msgstr ""
+
+#: plugins/sudoers/policy.c:928
+#, c-format
+msgid "Sudoers file grammar version %d\n"
+msgstr ""
+
+#: plugins/sudoers/policy.c:932
+#, c-format
+msgid ""
+"\n"
+"Sudoers path: %s\n"
+msgstr ""
+
+#: plugins/sudoers/policy.c:935
+#, c-format
+msgid "nsswitch path: %s\n"
+msgstr ""
+
+#: plugins/sudoers/policy.c:937
+#, c-format
+msgid "ldap.conf path: %s\n"
+msgstr ""
+
+#: plugins/sudoers/policy.c:938
+#, c-format
+msgid "ldap.secret path: %s\n"
+msgstr ""
+
+#: plugins/sudoers/policy.c:971
+#, c-format
+msgid "unable to register hook of type %d (version %d.%d)"
+msgstr ""
+
+#: plugins/sudoers/pwutil.c:188 plugins/sudoers/pwutil.c:206
+#, c-format
+msgid "unable to cache uid %u, out of memory"
+msgstr ""
+
+#: plugins/sudoers/pwutil.c:200
+#, c-format
+msgid "unable to cache uid %u, already exists"
+msgstr ""
+
+#: plugins/sudoers/pwutil.c:260 plugins/sudoers/pwutil.c:277
+#: plugins/sudoers/pwutil.c:339 plugins/sudoers/pwutil.c:384
+#, c-format
+msgid "unable to cache user %s, out of memory"
+msgstr ""
+
+#: plugins/sudoers/pwutil.c:272
+#, c-format
+msgid "unable to cache user %s, already exists"
+msgstr ""
+
+#: plugins/sudoers/pwutil.c:503 plugins/sudoers/pwutil.c:521
+#, c-format
+msgid "unable to cache gid %u, out of memory"
+msgstr ""
+
+#: plugins/sudoers/pwutil.c:515
+#, c-format
+msgid "unable to cache gid %u, already exists"
+msgstr ""
+
+#: plugins/sudoers/pwutil.c:569 plugins/sudoers/pwutil.c:586
+#: plugins/sudoers/pwutil.c:633 plugins/sudoers/pwutil.c:675
+#, c-format
+msgid "unable to cache group %s, out of memory"
+msgstr ""
+
+#: plugins/sudoers/pwutil.c:581
+#, c-format
+msgid "unable to cache group %s, already exists"
+msgstr ""
+
+#: plugins/sudoers/pwutil.c:801 plugins/sudoers/pwutil.c:853
+#: plugins/sudoers/pwutil.c:904 plugins/sudoers/pwutil.c:957
+#, c-format
+msgid "unable to cache group list for %s, already exists"
+msgstr ""
+
+#: plugins/sudoers/pwutil.c:807 plugins/sudoers/pwutil.c:858
+#: plugins/sudoers/pwutil.c:910 plugins/sudoers/pwutil.c:962
+#, c-format
+msgid "unable to cache group list for %s, out of memory"
+msgstr ""
+
+#: plugins/sudoers/pwutil.c:847
+#, c-format
+msgid "unable to parse groups for %s"
+msgstr ""
+
+#: plugins/sudoers/pwutil.c:951
+#, c-format
+msgid "unable to parse gids for %s"
+msgstr ""
+
+#: plugins/sudoers/set_perms.c:113 plugins/sudoers/set_perms.c:469
+#: plugins/sudoers/set_perms.c:912 plugins/sudoers/set_perms.c:1239
+#: plugins/sudoers/set_perms.c:1556
+msgid "perm stack overflow"
+msgstr ""
+
+#: plugins/sudoers/set_perms.c:121 plugins/sudoers/set_perms.c:400
+#: plugins/sudoers/set_perms.c:477 plugins/sudoers/set_perms.c:779
+#: plugins/sudoers/set_perms.c:920 plugins/sudoers/set_perms.c:1163
+#: plugins/sudoers/set_perms.c:1247 plugins/sudoers/set_perms.c:1489
+#: plugins/sudoers/set_perms.c:1564 plugins/sudoers/set_perms.c:1654
+msgid "perm stack underflow"
+msgstr ""
+
+#: plugins/sudoers/set_perms.c:180 plugins/sudoers/set_perms.c:523
+#: plugins/sudoers/set_perms.c:1298 plugins/sudoers/set_perms.c:1596
+msgid "unable to change to root gid"
+msgstr ""
+
+#: plugins/sudoers/set_perms.c:269 plugins/sudoers/set_perms.c:620
+#: plugins/sudoers/set_perms.c:1049 plugins/sudoers/set_perms.c:1375
+msgid "unable to change to runas gid"
+msgstr ""
+
+#: plugins/sudoers/set_perms.c:274 plugins/sudoers/set_perms.c:625
+#: plugins/sudoers/set_perms.c:1054 plugins/sudoers/set_perms.c:1380
+msgid "unable to set runas group vector"
+msgstr ""
+
+#: plugins/sudoers/set_perms.c:285 plugins/sudoers/set_perms.c:636
+#: plugins/sudoers/set_perms.c:1063 plugins/sudoers/set_perms.c:1389
+msgid "unable to change to runas uid"
+msgstr ""
+
+#: plugins/sudoers/set_perms.c:303 plugins/sudoers/set_perms.c:654
+#: plugins/sudoers/set_perms.c:1079 plugins/sudoers/set_perms.c:1405
+msgid "unable to change to sudoers gid"
+msgstr ""
+
+#: plugins/sudoers/set_perms.c:387 plugins/sudoers/set_perms.c:766
+#: plugins/sudoers/set_perms.c:1150 plugins/sudoers/set_perms.c:1476
+#: plugins/sudoers/set_perms.c:1641
+msgid "too many processes"
+msgstr "túl sok folyamat"
+
+#: plugins/sudoers/solaris_audit.c:51
+msgid "unable to get current working directory"
+msgstr "az aktuális munkakönyvtár lekérése meghiúsult"
+
+#: plugins/sudoers/solaris_audit.c:59
+#, c-format
+msgid "truncated audit path user_cmnd: %s"
+msgstr ""
+
+#: plugins/sudoers/solaris_audit.c:66
+#, c-format
+msgid "truncated audit path argv[0]: %s"
+msgstr ""
+
+#: plugins/sudoers/solaris_audit.c:115
+msgid "audit_failure message too long"
+msgstr ""
+
+#: plugins/sudoers/sssd.c:402
+msgid "unable to initialize SSS source. Is SSSD installed on your machine?"
+msgstr ""
+
+#: plugins/sudoers/sssd.c:410 plugins/sudoers/sssd.c:419
+#: plugins/sudoers/sssd.c:428 plugins/sudoers/sssd.c:437
+#: plugins/sudoers/sssd.c:446
+#, c-format
+msgid "unable to find symbol \"%s\" in %s"
+msgstr ""
+
+#: plugins/sudoers/sssd.c:1562
+#, c-format
+msgid ""
+"\n"
+"SSSD Role: %s\n"
+msgstr ""
+
+#: plugins/sudoers/sssd.c:1567
+#, c-format
+msgid ""
+"\n"
+"SSSD Role: UNKNOWN\n"
+msgstr ""
+
+#: plugins/sudoers/sudo_nss.c:289
+#, c-format
+msgid "Matching Defaults entries for %s on %s:\n"
+msgstr ""
+
+#: plugins/sudoers/sudo_nss.c:307
+#, c-format
+msgid "Runas and Command-specific defaults for %s:\n"
+msgstr ""
+
+#: plugins/sudoers/sudo_nss.c:325
+#, c-format
+msgid "User %s may run the following commands on %s:\n"
+msgstr ""
+
+#: plugins/sudoers/sudo_nss.c:338
+#, c-format
+msgid "User %s is not allowed to run sudo on %s.\n"
+msgstr ""
+
+#: plugins/sudoers/sudoers.c:168 plugins/sudoers/testsudoers.c:247
+#: plugins/sudoers/visudo.c:233 plugins/sudoers/visudo.c:612
+#: plugins/sudoers/visudo.c:976
+msgid "unable to initialize sudoers default values"
+msgstr ""
+
+#: plugins/sudoers/sudoers.c:198 plugins/sudoers/sudoers.c:891
+msgid "problem with defaults entries"
+msgstr ""
+
+#: plugins/sudoers/sudoers.c:205
+msgid "no valid sudoers sources found, quitting"
+msgstr ""
+
+#: plugins/sudoers/sudoers.c:244
+msgid "sudoers specifies that root is not allowed to sudo"
+msgstr ""
+
+#: plugins/sudoers/sudoers.c:301
+msgid "you are not permitted to use the -C option"
+msgstr ""
+
+#: plugins/sudoers/sudoers.c:390
+#, c-format
+msgid "timestamp owner (%s): No such user"
+msgstr ""
+
+#: plugins/sudoers/sudoers.c:405
+msgid "no tty"
+msgstr ""
+
+#: plugins/sudoers/sudoers.c:406
+msgid "sorry, you must have a tty to run sudo"
+msgstr ""
+
+#: plugins/sudoers/sudoers.c:468
+msgid "command in current directory"
+msgstr ""
+
+#: plugins/sudoers/sudoers.c:487
+msgid "sorry, you are not allowed set a command timeout"
+msgstr ""
+
+#: plugins/sudoers/sudoers.c:495
+msgid "sorry, you are not allowed to preserve the environment"
+msgstr ""
+
+#: plugins/sudoers/sudoers.c:836
+msgid "command too long"
+msgstr "a parancs túl hosszú"
+
+#: plugins/sudoers/sudoers.c:948
+#, c-format
+msgid "%s is not a regular file"
+msgstr "a(z) %s nem egy szabályos fájl"
+
+#: plugins/sudoers/sudoers.c:952 plugins/sudoers/timestamp.c:222 toke.l:969
+#, c-format
+msgid "%s is owned by uid %u, should be %u"
+msgstr "%s a(z) %u uid tulajdona, ennek kellene lennie: %u"
+
+#: plugins/sudoers/sudoers.c:956 toke.l:974
+#, c-format
+msgid "%s is world writable"
+msgstr "%s bárki számára írható"
+
+#: plugins/sudoers/sudoers.c:960 toke.l:977
+#, c-format
+msgid "%s is owned by gid %u, should be %u"
+msgstr "%s a(z) %u gid tulajdona, ennek kellene lennie: %u"
+
+#: plugins/sudoers/sudoers.c:993
+#, c-format
+msgid "only root can use \"-c %s\""
+msgstr ""
+
+#: plugins/sudoers/sudoers.c:1012
+#, c-format
+msgid "unknown login class: %s"
+msgstr "ismeretlen bejelentkezési osztály: %s"
+
+#: plugins/sudoers/sudoers.c:1095 plugins/sudoers/sudoers.c:1109
+#, c-format
+msgid "unable to resolve host %s"
+msgstr ""
+
+#: plugins/sudoers/sudoreplay.c:275
+#, c-format
+msgid "invalid filter option: %s"
+msgstr ""
+
+#: plugins/sudoers/sudoreplay.c:288
+#, c-format
+msgid "invalid max wait: %s"
+msgstr ""
+
+#: plugins/sudoers/sudoreplay.c:300
+#, c-format
+msgid "invalid speed factor: %s"
+msgstr ""
+
+#: plugins/sudoers/sudoreplay.c:303 plugins/sudoers/visudo.c:186
+#, c-format
+msgid "%s version %s\n"
+msgstr "%s: %s verzió\n"
+
+#: plugins/sudoers/sudoreplay.c:335
+#, c-format
+msgid "%s/%.2s/%.2s/%.2s/timing: %s"
+msgstr ""
+
+#: plugins/sudoers/sudoreplay.c:341
+#, c-format
+msgid "%s/%s/timing: %s"
+msgstr ""
+
+#: plugins/sudoers/sudoreplay.c:357
+#, c-format
+msgid "Replaying sudo session: %s"
+msgstr ""
+
+#: plugins/sudoers/sudoreplay.c:555 plugins/sudoers/sudoreplay.c:602
+#: plugins/sudoers/sudoreplay.c:805 plugins/sudoers/sudoreplay.c:895
+#: plugins/sudoers/sudoreplay.c:974 plugins/sudoers/sudoreplay.c:989
+#: plugins/sudoers/sudoreplay.c:996 plugins/sudoers/sudoreplay.c:1003
+#: plugins/sudoers/sudoreplay.c:1010 plugins/sudoers/sudoreplay.c:1017
+#: plugins/sudoers/sudoreplay.c:1163
+msgid "unable to add event to queue"
+msgstr "az esemény hozzáadása a sorhoz sikertelen"
+
+#: plugins/sudoers/sudoreplay.c:670
+msgid "unable to set tty to raw mode"
+msgstr ""
+
+#: plugins/sudoers/sudoreplay.c:721
+#, c-format
+msgid "Warning: your terminal is too small to properly replay the log.\n"
+msgstr ""
+
+#: plugins/sudoers/sudoreplay.c:722
+#, c-format
+msgid "Log geometry is %d x %d, your terminal's geometry is %d x %d."
+msgstr ""
+
+#: plugins/sudoers/sudoreplay.c:750
+msgid "Replay finished, press any key to restore the terminal."
+msgstr ""
+
+#: plugins/sudoers/sudoreplay.c:783
+#, c-format
+msgid "invalid timing file line: %s"
+msgstr ""
+
+#: plugins/sudoers/sudoreplay.c:1197 plugins/sudoers/sudoreplay.c:1222
+#, c-format
+msgid "ambiguous expression \"%s\""
+msgstr ""
+
+#: plugins/sudoers/sudoreplay.c:1244
+msgid "unmatched ')' in expression"
+msgstr ""
+
+#: plugins/sudoers/sudoreplay.c:1248
+#, c-format
+msgid "unknown search term \"%s\""
+msgstr ""
+
+#: plugins/sudoers/sudoreplay.c:1263
+#, c-format
+msgid "%s requires an argument"
+msgstr "%s egy argumentumot igényel"
+
+#: plugins/sudoers/sudoreplay.c:1266 plugins/sudoers/sudoreplay.c:1646
+#, c-format
+msgid "invalid regular expression: %s"
+msgstr "érvénytelen reguláris kifejezés: %s"
+
+#: plugins/sudoers/sudoreplay.c:1270
+#, c-format
+msgid "could not parse date \"%s\""
+msgstr ""
+
+#: plugins/sudoers/sudoreplay.c:1279
+msgid "unmatched '(' in expression"
+msgstr ""
+
+#: plugins/sudoers/sudoreplay.c:1281
+msgid "illegal trailing \"or\""
+msgstr ""
+
+#: plugins/sudoers/sudoreplay.c:1283
+msgid "illegal trailing \"!\""
+msgstr ""
+
+#: plugins/sudoers/sudoreplay.c:1332
+#, c-format
+msgid "unknown search type %d"
+msgstr ""
+
+#: plugins/sudoers/sudoreplay.c:1370
+#, c-format
+msgid "%s: invalid log file"
+msgstr ""
+
+#: plugins/sudoers/sudoreplay.c:1388
+#, c-format
+msgid "%s: time stamp field is missing"
+msgstr ""
+
+#: plugins/sudoers/sudoreplay.c:1395
+#, c-format
+msgid "%s: time stamp %s: %s"
+msgstr ""
+
+#: plugins/sudoers/sudoreplay.c:1402
+#, c-format
+msgid "%s: user field is missing"
+msgstr ""
+
+#: plugins/sudoers/sudoreplay.c:1411
+#, c-format
+msgid "%s: runas user field is missing"
+msgstr ""
+
+#: plugins/sudoers/sudoreplay.c:1420
+#, c-format
+msgid "%s: runas group field is missing"
+msgstr ""
+
+#: plugins/sudoers/sudoreplay.c:1826
+#, c-format
+msgid "usage: %s [-hnR] [-d dir] [-m num] [-s num] ID\n"
+msgstr "használat: %s [-hnR] [-d kvt] [-m szám] [-s szám] ID\n"
+
+#: plugins/sudoers/sudoreplay.c:1829
+#, c-format
+msgid "usage: %s [-h] [-d dir] -l [search expression]\n"
+msgstr "használat: %s [-h] [-d kvt] -l [keresőkifejezés]\n"
+
+#: plugins/sudoers/sudoreplay.c:1838
+#, c-format
+msgid ""
+"%s - replay sudo session logs\n"
+"\n"
+msgstr ""
+"%s - sudo munkamenetek naplójának újrajátszása\n"
+"\n"
+
+#: plugins/sudoers/sudoreplay.c:1840
+msgid ""
+"\n"
+"Options:\n"
+"  -d, --directory=dir  specify directory for session logs\n"
+"  -f, --filter=filter  specify which I/O type(s) to display\n"
+"  -h, --help           display help message and exit\n"
+"  -l, --list           list available session IDs, with optional expression\n"
+"  -m, --max-wait=num   max number of seconds to wait between events\n"
+"  -s, --speed=num      speed up or slow down output\n"
+"  -V, --version        display version information and exit"
+msgstr ""
+"\n"
+"Beállítások:\n"
+"  -d, --directory=kvt  munkamenet-naplók könyvtárának megadása\n"
+"  -f, --filter=szűrő   megjelenítendő I/O típusok megadása\n"
+"  -h, --help           súgóüzenet megjelenítése és kilépés\n"
+"  -l, --list           elérhető munkamenet-azonosítók listája, elhagyható\n"
+"                         kifejezéssel\n"
+"  -m, --max-wait=szám  események közti várakozás legfeljebb ennyi másodpercig\n"
+"  -s, --speed=szám     kimenet felgyorsítása vagy lelassítása\n"
+"  -V, --version        verzióinformációk kiírása és kilépés"
+
+#: plugins/sudoers/testsudoers.c:329
+msgid "\thost  unmatched"
+msgstr ""
+
+#: plugins/sudoers/testsudoers.c:332
+msgid ""
+"\n"
+"Command allowed"
+msgstr ""
+
+#: plugins/sudoers/testsudoers.c:333
+msgid ""
+"\n"
+"Command denied"
+msgstr ""
+
+#: plugins/sudoers/testsudoers.c:333
+msgid ""
+"\n"
+"Command unmatched"
+msgstr ""
+
+#: plugins/sudoers/timestamp.c:230
+#, c-format
+msgid "%s is group writable"
+msgstr ""
+
+#: plugins/sudoers/timestamp.c:306
+#, c-format
+msgid "unable to truncate time stamp file to %lld bytes"
+msgstr ""
+
+#: plugins/sudoers/timestamp.c:772 plugins/sudoers/timestamp.c:839
+#: plugins/sudoers/visudo.c:500 plugins/sudoers/visudo.c:506
+msgid "unable to read the clock"
+msgstr ""
+
+#: plugins/sudoers/timestamp.c:786
+msgid "ignoring time stamp from the future"
+msgstr ""
+
+#: plugins/sudoers/timestamp.c:798
+#, c-format
+msgid "time stamp too far in the future: %20.20s"
+msgstr ""
+
+#: plugins/sudoers/timestamp.c:893
+#, c-format
+msgid "unable to lock time stamp file %s"
+msgstr ""
+
+#: plugins/sudoers/timestamp.c:937 plugins/sudoers/timestamp.c:957
+#, c-format
+msgid "lecture status path too long: %s/%s"
+msgstr ""
+
+#: plugins/sudoers/visudo.c:188
+#, c-format
+msgid "%s grammar version %d\n"
+msgstr ""
+
+#: plugins/sudoers/visudo.c:266 plugins/sudoers/visudo.c:667
+#, c-format
+msgid "press return to edit %s: "
+msgstr ""
+
+#: plugins/sudoers/visudo.c:331
+#, c-format
+msgid "specified editor (%s) doesn't exist"
+msgstr ""
+
+#: plugins/sudoers/visudo.c:349
+#, c-format
+msgid "no editor found (editor path = %s)"
+msgstr ""
+
+#: plugins/sudoers/visudo.c:459 plugins/sudoers/visudo.c:467
+msgid "write error"
+msgstr "íráshiba"
+
+#: plugins/sudoers/visudo.c:513
+#, c-format
+msgid "unable to stat temporary file (%s), %s unchanged"
+msgstr ""
+
+#: plugins/sudoers/visudo.c:520
+#, c-format
+msgid "zero length temporary file (%s), %s unchanged"
+msgstr ""
+
+#: plugins/sudoers/visudo.c:526
+#, c-format
+msgid "editor (%s) failed, %s unchanged"
+msgstr ""
+
+#: plugins/sudoers/visudo.c:548
+#, c-format
+msgid "%s unchanged"
+msgstr ""
+
+#: plugins/sudoers/visudo.c:607
+#, c-format
+msgid "unable to re-open temporary file (%s), %s unchanged."
+msgstr ""
+
+#: plugins/sudoers/visudo.c:619
+#, c-format
+msgid "unabled to parse temporary file (%s), unknown error"
+msgstr ""
+
+#: plugins/sudoers/visudo.c:656
+#, c-format
+msgid "internal error, unable to find %s in list!"
+msgstr ""
+
+#: plugins/sudoers/visudo.c:736 plugins/sudoers/visudo.c:745
+#, c-format
+msgid "unable to set (uid, gid) of %s to (%u, %u)"
+msgstr ""
+
+#: plugins/sudoers/visudo.c:767
+#, c-format
+msgid "%s and %s not on the same file system, using mv to rename"
+msgstr ""
+
+#: plugins/sudoers/visudo.c:781
+#, c-format
+msgid "command failed: '%s %s %s', %s unchanged"
+msgstr ""
+
+#: plugins/sudoers/visudo.c:791
+#, c-format
+msgid "error renaming %s, %s unchanged"
+msgstr ""
+
+#: plugins/sudoers/visudo.c:855
+msgid "What now? "
+msgstr ""
+
+#: plugins/sudoers/visudo.c:869
+msgid ""
+"Options are:\n"
+"  (e)dit sudoers file again\n"
+"  e(x)it without saving changes to sudoers file\n"
+"  (Q)uit and save changes to sudoers file (DANGER!)\n"
+msgstr ""
+
+#: plugins/sudoers/visudo.c:915
+#, c-format
+msgid "unable to run %s"
+msgstr ""
+
+#: plugins/sudoers/visudo.c:945
+#, c-format
+msgid "%s: wrong owner (uid, gid) should be (%u, %u)\n"
+msgstr ""
+
+#: plugins/sudoers/visudo.c:952
+#, c-format
+msgid "%s: bad permissions, should be mode 0%o\n"
+msgstr ""
+
+#: plugins/sudoers/visudo.c:981 plugins/sudoers/visudo_json.c:1021
+#, c-format
+msgid "failed to parse %s file, unknown error"
+msgstr ""
+
+#: plugins/sudoers/visudo.c:997 plugins/sudoers/visudo_json.c:1032
+#, c-format
+msgid "parse error in %s near line %d\n"
+msgstr ""
+
+#: plugins/sudoers/visudo.c:1000 plugins/sudoers/visudo_json.c:1035
+#, c-format
+msgid "parse error in %s\n"
+msgstr ""
+
+#: plugins/sudoers/visudo.c:1008 plugins/sudoers/visudo.c:1015
+#, c-format
+msgid "%s: parsed OK\n"
+msgstr ""
+
+#: plugins/sudoers/visudo.c:1062
+#, c-format
+msgid "%s busy, try again later"
+msgstr ""
+
+#: plugins/sudoers/visudo.c:1159
+#, c-format
+msgid "Error: %s:%d cycle in %s \"%s\""
+msgstr ""
+
+#: plugins/sudoers/visudo.c:1160
+#, c-format
+msgid "Warning: %s:%d cycle in %s \"%s\""
+msgstr ""
+
+#: plugins/sudoers/visudo.c:1164
+#, c-format
+msgid "Error: %s:%d %s \"%s\" referenced but not defined"
+msgstr ""
+
+#: plugins/sudoers/visudo.c:1165
+#, c-format
+msgid "Warning: %s:%d %s \"%s\" referenced but not defined"
+msgstr ""
+
+#: plugins/sudoers/visudo.c:1318
+#, c-format
+msgid "Warning: %s:%d unused %s \"%s\""
+msgstr ""
+
+#: plugins/sudoers/visudo.c:1433
+#, c-format
+msgid ""
+"%s - safely edit the sudoers file\n"
+"\n"
+msgstr ""
+"%s - a sudoers fájl biztonságos szerkesztése\n"
+"\n"
+
+#: plugins/sudoers/visudo.c:1435
+msgid ""
+"\n"
+"Options:\n"
+"  -c, --check              check-only mode\n"
+"  -f, --file=sudoers       specify sudoers file location\n"
+"  -h, --help               display help message and exit\n"
+"  -q, --quiet              less verbose (quiet) syntax error messages\n"
+"  -s, --strict             strict syntax checking\n"
+"  -V, --version            display version information and exit\n"
+"  -x, --export=output_file write sudoers in JSON format to output_file"
+msgstr ""
+"\n"
+"Kapcsolók:\n"
+"  -c, --check              csak ellenőrzés mód\n"
+"  -f, --file=sudoers       a sudoers fájl helyének megadása\n"
+"  -h, --help               súgóüzenet megjelenítése és kilépés\n"
+"  -q, --quiet              kevésbé részletes (csendes) szintaktikai hiba\n"
+"                             üzenetek\n"
+"  -s, --strict             szigorú szintaxis-ellenőrzés\n"
+"  -V, --version            verzióinformációk kiírása és kilépés\n"
+"  -x, --export=KIMENETIFÁJL  a sudoers kiírása JSON formátumban a\n"
+"                             KIMENETIFÁJLBA"
+
+#: plugins/sudoers/visudo_json.c:616 plugins/sudoers/visudo_json.c:651
+#, c-format
+msgid "unknown defaults entry \"%s\""
+msgstr ""
+
+#: plugins/sudoers/visudo_json.c:1007
+#, c-format
+msgid "%s: input and output files must be different"
+msgstr ""
+
+#: toke.l:943
+msgid "too many levels of includes"
+msgstr ""
diff --git a/plugins/sudoers/po/it.mo b/plugins/sudoers/po/it.mo
new file mode 100644
index 0000000..4db50a8
--- /dev/null
+++ b/plugins/sudoers/po/it.mo
diff --git a/plugins/sudoers/po/it.po b/plugins/sudoers/po/it.po
new file mode 100644
index 0000000..41c5dc6
--- /dev/null
+++ b/plugins/sudoers/po/it.po
@@ -0,0 +1,2345 @@
+# Italian translations for sudoers package
+# This file is put in the public domain.
+# Milo Casagrande <milo@milo.name>, 2011, 2012, 2013, 2014, 2015, 2016, 2017, 2018.
+#
+msgid ""
+msgstr ""
+"Project-Id-Version: sudoers-1.8.26b1\n"
+"Report-Msgid-Bugs-To: https://bugzilla.sudo.ws\n"
+"POT-Creation-Date: 2018-10-29 08:31-0600\n"
+"PO-Revision-Date: 2018-10-31 11:12+0100\n"
+"Last-Translator: Milo Casagrande <milo@milo.name>\n"
+"Language-Team: Italian <tp@lists.linux.it>\n"
+"Language: it\n"
+"MIME-Version: 1.0\n"
+"Content-Type: text/plain; charset=UTF-8\n"
+"Content-Transfer-Encoding: 8bit\n"
+"X-Bugs: Report translation errors to the Language-Team address.\n"
+"Plural-Forms: nplurals=2; plural=(n != 1);\n"
+"X-Generator: Poedit 2.1.1\n"
+"X-Poedit-SourceCharset: UTF-8\n"
+
+#: confstr.sh:1
+msgid "syntax error"
+msgstr "errore di sintassi"
+
+#: confstr.sh:2
+msgid "%p's password: "
+msgstr "password di %p: "
+
+#: confstr.sh:3
+msgid "[sudo] password for %p: "
+msgstr "[sudo] password di %p: "
+
+#: confstr.sh:4
+msgid "Password: "
+msgstr "Password: "
+
+#: confstr.sh:5
+msgid "*** SECURITY information for %h ***"
+msgstr "*** Informazioni di SICUREZZA per %h ***"
+
+#: confstr.sh:6
+msgid "Sorry, try again."
+msgstr "Riprovare."
+
+#: gram.y:192 gram.y:240 gram.y:247 gram.y:254 gram.y:261 gram.y:268
+#: gram.y:284 gram.y:308 gram.y:315 gram.y:322 gram.y:329 gram.y:336
+#: gram.y:399 gram.y:407 gram.y:417 gram.y:450 gram.y:457 gram.y:464
+#: gram.y:471 gram.y:553 gram.y:560 gram.y:569 gram.y:578 gram.y:595
+#: gram.y:707 gram.y:714 gram.y:721 gram.y:729 gram.y:829 gram.y:836
+#: gram.y:843 gram.y:850 gram.y:857 gram.y:883 gram.y:890 gram.y:897
+#: gram.y:1020 gram.y:1294 plugins/sudoers/alias.c:130
+#: plugins/sudoers/alias.c:137 plugins/sudoers/alias.c:153
+#: plugins/sudoers/auth/bsdauth.c:146 plugins/sudoers/auth/kerb5.c:121
+#: plugins/sudoers/auth/kerb5.c:147 plugins/sudoers/auth/pam.c:524
+#: plugins/sudoers/auth/rfc1938.c:114 plugins/sudoers/auth/sia.c:62
+#: plugins/sudoers/cvtsudoers.c:123 plugins/sudoers/cvtsudoers.c:164
+#: plugins/sudoers/cvtsudoers.c:181 plugins/sudoers/cvtsudoers.c:192
+#: plugins/sudoers/cvtsudoers.c:304 plugins/sudoers/cvtsudoers.c:432
+#: plugins/sudoers/cvtsudoers.c:565 plugins/sudoers/cvtsudoers.c:582
+#: plugins/sudoers/cvtsudoers.c:645 plugins/sudoers/cvtsudoers.c:760
+#: plugins/sudoers/cvtsudoers.c:768 plugins/sudoers/cvtsudoers.c:1178
+#: plugins/sudoers/cvtsudoers.c:1182 plugins/sudoers/cvtsudoers.c:1284
+#: plugins/sudoers/cvtsudoers_ldif.c:152 plugins/sudoers/cvtsudoers_ldif.c:195
+#: plugins/sudoers/cvtsudoers_ldif.c:242 plugins/sudoers/cvtsudoers_ldif.c:261
+#: plugins/sudoers/cvtsudoers_ldif.c:332 plugins/sudoers/cvtsudoers_ldif.c:387
+#: plugins/sudoers/cvtsudoers_ldif.c:395 plugins/sudoers/cvtsudoers_ldif.c:412
+#: plugins/sudoers/cvtsudoers_ldif.c:421 plugins/sudoers/cvtsudoers_ldif.c:568
+#: plugins/sudoers/defaults.c:661 plugins/sudoers/defaults.c:954
+#: plugins/sudoers/defaults.c:1125 plugins/sudoers/editor.c:70
+#: plugins/sudoers/editor.c:88 plugins/sudoers/editor.c:99
+#: plugins/sudoers/env.c:247 plugins/sudoers/filedigest.c:64
+#: plugins/sudoers/filedigest.c:80 plugins/sudoers/gc.c:57
+#: plugins/sudoers/group_plugin.c:136 plugins/sudoers/interfaces.c:76
+#: plugins/sudoers/iolog.c:939 plugins/sudoers/iolog_path.c:172
+#: plugins/sudoers/iolog_util.c:83 plugins/sudoers/iolog_util.c:122
+#: plugins/sudoers/iolog_util.c:131 plugins/sudoers/iolog_util.c:141
+#: plugins/sudoers/iolog_util.c:149 plugins/sudoers/iolog_util.c:153
+#: plugins/sudoers/ldap.c:183 plugins/sudoers/ldap.c:414
+#: plugins/sudoers/ldap.c:418 plugins/sudoers/ldap.c:430
+#: plugins/sudoers/ldap.c:721 plugins/sudoers/ldap.c:885
+#: plugins/sudoers/ldap.c:1233 plugins/sudoers/ldap.c:1660
+#: plugins/sudoers/ldap.c:1697 plugins/sudoers/ldap.c:1778
+#: plugins/sudoers/ldap.c:1913 plugins/sudoers/ldap.c:2014
+#: plugins/sudoers/ldap.c:2030 plugins/sudoers/ldap_conf.c:221
+#: plugins/sudoers/ldap_conf.c:252 plugins/sudoers/ldap_conf.c:304
+#: plugins/sudoers/ldap_conf.c:340 plugins/sudoers/ldap_conf.c:443
+#: plugins/sudoers/ldap_conf.c:458 plugins/sudoers/ldap_conf.c:555
+#: plugins/sudoers/ldap_conf.c:588 plugins/sudoers/ldap_conf.c:680
+#: plugins/sudoers/ldap_conf.c:762 plugins/sudoers/ldap_util.c:508
+#: plugins/sudoers/ldap_util.c:564 plugins/sudoers/linux_audit.c:81
+#: plugins/sudoers/logging.c:195 plugins/sudoers/logging.c:511
+#: plugins/sudoers/logging.c:532 plugins/sudoers/logging.c:573
+#: plugins/sudoers/logging.c:752 plugins/sudoers/logging.c:1010
+#: plugins/sudoers/match.c:725 plugins/sudoers/match.c:772
+#: plugins/sudoers/match.c:813 plugins/sudoers/match.c:841
+#: plugins/sudoers/match.c:929 plugins/sudoers/match.c:1009
+#: plugins/sudoers/parse.c:195 plugins/sudoers/parse.c:207
+#: plugins/sudoers/parse.c:222 plugins/sudoers/parse.c:234
+#: plugins/sudoers/parse_ldif.c:141 plugins/sudoers/parse_ldif.c:168
+#: plugins/sudoers/parse_ldif.c:237 plugins/sudoers/parse_ldif.c:244
+#: plugins/sudoers/parse_ldif.c:249 plugins/sudoers/parse_ldif.c:325
+#: plugins/sudoers/parse_ldif.c:336 plugins/sudoers/parse_ldif.c:342
+#: plugins/sudoers/parse_ldif.c:367 plugins/sudoers/parse_ldif.c:379
+#: plugins/sudoers/parse_ldif.c:383 plugins/sudoers/parse_ldif.c:397
+#: plugins/sudoers/parse_ldif.c:564 plugins/sudoers/parse_ldif.c:594
+#: plugins/sudoers/parse_ldif.c:619 plugins/sudoers/parse_ldif.c:679
+#: plugins/sudoers/parse_ldif.c:698 plugins/sudoers/parse_ldif.c:744
+#: plugins/sudoers/parse_ldif.c:754 plugins/sudoers/policy.c:502
+#: plugins/sudoers/policy.c:744 plugins/sudoers/prompt.c:98
+#: plugins/sudoers/pwutil.c:197 plugins/sudoers/pwutil.c:269
+#: plugins/sudoers/pwutil.c:346 plugins/sudoers/pwutil.c:520
+#: plugins/sudoers/pwutil.c:586 plugins/sudoers/pwutil.c:656
+#: plugins/sudoers/pwutil.c:814 plugins/sudoers/pwutil.c:871
+#: plugins/sudoers/pwutil.c:916 plugins/sudoers/pwutil.c:974
+#: plugins/sudoers/sssd.c:152 plugins/sudoers/sssd.c:398
+#: plugins/sudoers/sssd.c:461 plugins/sudoers/sssd.c:505
+#: plugins/sudoers/sssd.c:552 plugins/sudoers/sssd.c:743
+#: plugins/sudoers/stubs.c:101 plugins/sudoers/stubs.c:109
+#: plugins/sudoers/sudoers.c:269 plugins/sudoers/sudoers.c:279
+#: plugins/sudoers/sudoers.c:288 plugins/sudoers/sudoers.c:330
+#: plugins/sudoers/sudoers.c:653 plugins/sudoers/sudoers.c:779
+#: plugins/sudoers/sudoers.c:823 plugins/sudoers/sudoers.c:1097
+#: plugins/sudoers/sudoers_debug.c:112 plugins/sudoers/sudoreplay.c:579
+#: plugins/sudoers/sudoreplay.c:582 plugins/sudoers/sudoreplay.c:1259
+#: plugins/sudoers/sudoreplay.c:1459 plugins/sudoers/sudoreplay.c:1463
+#: plugins/sudoers/testsudoers.c:134 plugins/sudoers/testsudoers.c:234
+#: plugins/sudoers/testsudoers.c:251 plugins/sudoers/testsudoers.c:585
+#: plugins/sudoers/timestamp.c:437 plugins/sudoers/timestamp.c:481
+#: plugins/sudoers/timestamp.c:958 plugins/sudoers/toke_util.c:57
+#: plugins/sudoers/toke_util.c:110 plugins/sudoers/toke_util.c:147
+#: plugins/sudoers/tsdump.c:128 plugins/sudoers/visudo.c:150
+#: plugins/sudoers/visudo.c:312 plugins/sudoers/visudo.c:318
+#: plugins/sudoers/visudo.c:428 plugins/sudoers/visudo.c:606
+#: plugins/sudoers/visudo.c:926 plugins/sudoers/visudo.c:1013
+#: plugins/sudoers/visudo.c:1102 toke.l:844 toke.l:945 toke.l:1102
+msgid "unable to allocate memory"
+msgstr "impossibile allocare memoria"
+
+#: gram.y:482
+msgid "a digest requires a path name"
+msgstr "un digest richiede il nome di percorso"
+
+#: gram.y:608
+msgid "invalid notbefore value"
+msgstr "valore notbefore non valido"
+
+#: gram.y:616
+msgid "invalid notafter value"
+msgstr "valore notafter non valido"
+
+#: gram.y:625 plugins/sudoers/policy.c:318
+msgid "timeout value too large"
+msgstr "valore timeout troppo grande"
+
+#: gram.y:627 plugins/sudoers/policy.c:320
+msgid "invalid timeout value"
+msgstr "valore timeout non valido"
+
+#: gram.y:1294 plugins/sudoers/auth/pam.c:354 plugins/sudoers/auth/pam.c:524
+#: plugins/sudoers/auth/rfc1938.c:114 plugins/sudoers/cvtsudoers.c:123
+#: plugins/sudoers/cvtsudoers.c:163 plugins/sudoers/cvtsudoers.c:180
+#: plugins/sudoers/cvtsudoers.c:191 plugins/sudoers/cvtsudoers.c:303
+#: plugins/sudoers/cvtsudoers.c:431 plugins/sudoers/cvtsudoers.c:564
+#: plugins/sudoers/cvtsudoers.c:581 plugins/sudoers/cvtsudoers.c:645
+#: plugins/sudoers/cvtsudoers.c:760 plugins/sudoers/cvtsudoers.c:767
+#: plugins/sudoers/cvtsudoers.c:1178 plugins/sudoers/cvtsudoers.c:1182
+#: plugins/sudoers/cvtsudoers.c:1284 plugins/sudoers/cvtsudoers_ldif.c:151
+#: plugins/sudoers/cvtsudoers_ldif.c:194 plugins/sudoers/cvtsudoers_ldif.c:241
+#: plugins/sudoers/cvtsudoers_ldif.c:260 plugins/sudoers/cvtsudoers_ldif.c:331
+#: plugins/sudoers/cvtsudoers_ldif.c:386 plugins/sudoers/cvtsudoers_ldif.c:394
+#: plugins/sudoers/cvtsudoers_ldif.c:411 plugins/sudoers/cvtsudoers_ldif.c:420
+#: plugins/sudoers/cvtsudoers_ldif.c:567 plugins/sudoers/defaults.c:661
+#: plugins/sudoers/defaults.c:954 plugins/sudoers/defaults.c:1125
+#: plugins/sudoers/editor.c:70 plugins/sudoers/editor.c:88
+#: plugins/sudoers/editor.c:99 plugins/sudoers/env.c:247
+#: plugins/sudoers/filedigest.c:64 plugins/sudoers/filedigest.c:80
+#: plugins/sudoers/gc.c:57 plugins/sudoers/group_plugin.c:136
+#: plugins/sudoers/interfaces.c:76 plugins/sudoers/iolog.c:939
+#: plugins/sudoers/iolog_path.c:172 plugins/sudoers/iolog_util.c:83
+#: plugins/sudoers/iolog_util.c:122 plugins/sudoers/iolog_util.c:131
+#: plugins/sudoers/iolog_util.c:141 plugins/sudoers/iolog_util.c:149
+#: plugins/sudoers/iolog_util.c:153 plugins/sudoers/ldap.c:183
+#: plugins/sudoers/ldap.c:414 plugins/sudoers/ldap.c:418
+#: plugins/sudoers/ldap.c:430 plugins/sudoers/ldap.c:721
+#: plugins/sudoers/ldap.c:885 plugins/sudoers/ldap.c:1233
+#: plugins/sudoers/ldap.c:1660 plugins/sudoers/ldap.c:1697
+#: plugins/sudoers/ldap.c:1778 plugins/sudoers/ldap.c:1913
+#: plugins/sudoers/ldap.c:2014 plugins/sudoers/ldap.c:2030
+#: plugins/sudoers/ldap_conf.c:221 plugins/sudoers/ldap_conf.c:252
+#: plugins/sudoers/ldap_conf.c:304 plugins/sudoers/ldap_conf.c:340
+#: plugins/sudoers/ldap_conf.c:443 plugins/sudoers/ldap_conf.c:458
+#: plugins/sudoers/ldap_conf.c:555 plugins/sudoers/ldap_conf.c:588
+#: plugins/sudoers/ldap_conf.c:679 plugins/sudoers/ldap_conf.c:762
+#: plugins/sudoers/ldap_util.c:508 plugins/sudoers/ldap_util.c:564
+#: plugins/sudoers/linux_audit.c:81 plugins/sudoers/logging.c:195
+#: plugins/sudoers/logging.c:511 plugins/sudoers/logging.c:532
+#: plugins/sudoers/logging.c:572 plugins/sudoers/logging.c:1010
+#: plugins/sudoers/match.c:724 plugins/sudoers/match.c:771
+#: plugins/sudoers/match.c:813 plugins/sudoers/match.c:841
+#: plugins/sudoers/match.c:929 plugins/sudoers/match.c:1008
+#: plugins/sudoers/parse.c:194 plugins/sudoers/parse.c:206
+#: plugins/sudoers/parse.c:221 plugins/sudoers/parse.c:233
+#: plugins/sudoers/parse_ldif.c:140 plugins/sudoers/parse_ldif.c:167
+#: plugins/sudoers/parse_ldif.c:236 plugins/sudoers/parse_ldif.c:243
+#: plugins/sudoers/parse_ldif.c:248 plugins/sudoers/parse_ldif.c:324
+#: plugins/sudoers/parse_ldif.c:335 plugins/sudoers/parse_ldif.c:341
+#: plugins/sudoers/parse_ldif.c:366 plugins/sudoers/parse_ldif.c:378
+#: plugins/sudoers/parse_ldif.c:382 plugins/sudoers/parse_ldif.c:396
+#: plugins/sudoers/parse_ldif.c:564 plugins/sudoers/parse_ldif.c:593
+#: plugins/sudoers/parse_ldif.c:618 plugins/sudoers/parse_ldif.c:678
+#: plugins/sudoers/parse_ldif.c:697 plugins/sudoers/parse_ldif.c:743
+#: plugins/sudoers/parse_ldif.c:753 plugins/sudoers/policy.c:132
+#: plugins/sudoers/policy.c:141 plugins/sudoers/policy.c:150
+#: plugins/sudoers/policy.c:176 plugins/sudoers/policy.c:303
+#: plugins/sudoers/policy.c:318 plugins/sudoers/policy.c:320
+#: plugins/sudoers/policy.c:346 plugins/sudoers/policy.c:356
+#: plugins/sudoers/policy.c:400 plugins/sudoers/policy.c:410
+#: plugins/sudoers/policy.c:419 plugins/sudoers/policy.c:428
+#: plugins/sudoers/policy.c:502 plugins/sudoers/policy.c:744
+#: plugins/sudoers/prompt.c:98 plugins/sudoers/pwutil.c:197
+#: plugins/sudoers/pwutil.c:269 plugins/sudoers/pwutil.c:346
+#: plugins/sudoers/pwutil.c:520 plugins/sudoers/pwutil.c:586
+#: plugins/sudoers/pwutil.c:656 plugins/sudoers/pwutil.c:814
+#: plugins/sudoers/pwutil.c:871 plugins/sudoers/pwutil.c:916
+#: plugins/sudoers/pwutil.c:974 plugins/sudoers/set_perms.c:392
+#: plugins/sudoers/set_perms.c:771 plugins/sudoers/set_perms.c:1155
+#: plugins/sudoers/set_perms.c:1481 plugins/sudoers/set_perms.c:1646
+#: plugins/sudoers/sssd.c:151 plugins/sudoers/sssd.c:398
+#: plugins/sudoers/sssd.c:461 plugins/sudoers/sssd.c:505
+#: plugins/sudoers/sssd.c:552 plugins/sudoers/sssd.c:743
+#: plugins/sudoers/stubs.c:101 plugins/sudoers/stubs.c:109
+#: plugins/sudoers/sudoers.c:269 plugins/sudoers/sudoers.c:279
+#: plugins/sudoers/sudoers.c:288 plugins/sudoers/sudoers.c:330
+#: plugins/sudoers/sudoers.c:653 plugins/sudoers/sudoers.c:779
+#: plugins/sudoers/sudoers.c:823 plugins/sudoers/sudoers.c:1097
+#: plugins/sudoers/sudoers_debug.c:111 plugins/sudoers/sudoreplay.c:579
+#: plugins/sudoers/sudoreplay.c:582 plugins/sudoers/sudoreplay.c:1259
+#: plugins/sudoers/sudoreplay.c:1459 plugins/sudoers/sudoreplay.c:1463
+#: plugins/sudoers/testsudoers.c:134 plugins/sudoers/testsudoers.c:234
+#: plugins/sudoers/testsudoers.c:251 plugins/sudoers/testsudoers.c:585
+#: plugins/sudoers/timestamp.c:437 plugins/sudoers/timestamp.c:481
+#: plugins/sudoers/timestamp.c:958 plugins/sudoers/toke_util.c:57
+#: plugins/sudoers/toke_util.c:110 plugins/sudoers/toke_util.c:147
+#: plugins/sudoers/tsdump.c:128 plugins/sudoers/visudo.c:150
+#: plugins/sudoers/visudo.c:312 plugins/sudoers/visudo.c:318
+#: plugins/sudoers/visudo.c:428 plugins/sudoers/visudo.c:606
+#: plugins/sudoers/visudo.c:926 plugins/sudoers/visudo.c:1013
+#: plugins/sudoers/visudo.c:1102 toke.l:844 toke.l:945 toke.l:1102
+#, c-format
+msgid "%s: %s"
+msgstr "%s: %s"
+
+#: plugins/sudoers/alias.c:148
+#, c-format
+msgid "Alias \"%s\" already defined"
+msgstr "Alias \"%s\" già definito"
+
+#: plugins/sudoers/auth/bsdauth.c:73
+#, c-format
+msgid "unable to get login class for user %s"
+msgstr "impossibile ottenere la classe di login per l'utente %s"
+
+#: plugins/sudoers/auth/bsdauth.c:78
+msgid "unable to begin bsd authentication"
+msgstr "impossibile iniziare l'autenticazione bsd"
+
+#: plugins/sudoers/auth/bsdauth.c:86
+msgid "invalid authentication type"
+msgstr "tipo di autenticazione non valida"
+
+#: plugins/sudoers/auth/bsdauth.c:95
+msgid "unable to initialize BSD authentication"
+msgstr "impossibile iniziare l'autenticazione BSD"
+
+#: plugins/sudoers/auth/bsdauth.c:183
+msgid "your account has expired"
+msgstr "il proprio account è scaduto"
+
+#: plugins/sudoers/auth/bsdauth.c:185
+msgid "approval failed"
+msgstr "approvazione non riuscita"
+
+#: plugins/sudoers/auth/fwtk.c:57
+msgid "unable to read fwtk config"
+msgstr "impossibile leggere la configurazione fwtk"
+
+#: plugins/sudoers/auth/fwtk.c:62
+msgid "unable to connect to authentication server"
+msgstr "impossibile connettersi al server di autenticazione"
+
+#: plugins/sudoers/auth/fwtk.c:68 plugins/sudoers/auth/fwtk.c:92
+#: plugins/sudoers/auth/fwtk.c:124
+msgid "lost connection to authentication server"
+msgstr "connessione al server di autenticazione persa"
+
+#: plugins/sudoers/auth/fwtk.c:72
+#, c-format
+msgid ""
+"authentication server error:\n"
+"%s"
+msgstr ""
+"errore del server di autenticazione:\n"
+"%s"
+
+#: plugins/sudoers/auth/kerb5.c:113
+#, c-format
+msgid "%s: unable to convert principal to string ('%s'): %s"
+msgstr "%s: impossibile convertire il principal in stringa (\"%s\"): %s"
+
+#: plugins/sudoers/auth/kerb5.c:163
+#, c-format
+msgid "%s: unable to parse '%s': %s"
+msgstr "%s: impossibile analizzare \"%s\": %s"
+
+#: plugins/sudoers/auth/kerb5.c:172
+#, c-format
+msgid "%s: unable to resolve credential cache: %s"
+msgstr "%s: impossibile risolvere la cache delle credenziali: %s"
+
+#: plugins/sudoers/auth/kerb5.c:219
+#, c-format
+msgid "%s: unable to allocate options: %s"
+msgstr "%s: impossibile allocare le opzioni: %s"
+
+#: plugins/sudoers/auth/kerb5.c:234
+#, c-format
+msgid "%s: unable to get credentials: %s"
+msgstr "%s: impossibile ottenere le credenziali: %s"
+
+#: plugins/sudoers/auth/kerb5.c:247
+#, c-format
+msgid "%s: unable to initialize credential cache: %s"
+msgstr "%s: impossibile inizializzare la cache delle credenziali: %s"
+
+#: plugins/sudoers/auth/kerb5.c:250
+#, c-format
+msgid "%s: unable to store credential in cache: %s"
+msgstr "%s: impossibile memorizzare le credenziali nella cache: %s"
+
+#: plugins/sudoers/auth/kerb5.c:314
+#, c-format
+msgid "%s: unable to get host principal: %s"
+msgstr "%s: impossibile ottenere il principal dell'host: %s"
+
+#: plugins/sudoers/auth/kerb5.c:328
+#, c-format
+msgid "%s: Cannot verify TGT! Possible attack!: %s"
+msgstr "%s: impossibile verificare TGT. Possibile attacco in corso: %s"
+
+#: plugins/sudoers/auth/pam.c:113
+msgid "unable to initialize PAM"
+msgstr "impossibile inizializzare PAM"
+
+#: plugins/sudoers/auth/pam.c:204
+#, c-format
+msgid "PAM authentication error: %s"
+msgstr "Errore autenticazione PAM: %s"
+
+#: plugins/sudoers/auth/pam.c:221
+msgid "account validation failure, is your account locked?"
+msgstr "validazione dell'account non riuscita: forse è bloccato?"
+
+#: plugins/sudoers/auth/pam.c:229
+msgid "Account or password is expired, reset your password and try again"
+msgstr "Account o password scaduto: reimpostare la password e provare nuovamente"
+
+#: plugins/sudoers/auth/pam.c:238
+#, c-format
+msgid "unable to change expired password: %s"
+msgstr "impossibile modificare la password scaduta: %s"
+
+#: plugins/sudoers/auth/pam.c:246
+msgid "Password expired, contact your system administrator"
+msgstr "Password scaduta, contattare l'amministratore di sistema"
+
+#: plugins/sudoers/auth/pam.c:250
+msgid "Account expired or PAM config lacks an \"account\" section for sudo, contact your system administrator"
+msgstr "Account scaduto o alla configurazione PAM manca una sezione \"account\" per sudo: contattare l'amministratore di sistema"
+
+#: plugins/sudoers/auth/pam.c:257 plugins/sudoers/auth/pam.c:262
+#, c-format
+msgid "PAM account management error: %s"
+msgstr "Errore gestione account PAM: %s"
+
+#: plugins/sudoers/auth/rfc1938.c:102 plugins/sudoers/visudo.c:232
+#, c-format
+msgid "you do not exist in the %s database"
+msgstr "l'utente attuale non esiste nel database %s"
+
+#: plugins/sudoers/auth/securid5.c:75
+msgid "failed to initialise the ACE API library"
+msgstr "inizializzazione della libreria API ACE non riuscita"
+
+#: plugins/sudoers/auth/securid5.c:101
+msgid "unable to contact the SecurID server"
+msgstr "impossibile contattare il server SecurID"
+
+#: plugins/sudoers/auth/securid5.c:110
+msgid "User ID locked for SecurID Authentication"
+msgstr "ID utente bloccato per l'autenticazione SecurID"
+
+#: plugins/sudoers/auth/securid5.c:114 plugins/sudoers/auth/securid5.c:165
+msgid "invalid username length for SecurID"
+msgstr "lunghezza del nome utente per SecurID non valida"
+
+#: plugins/sudoers/auth/securid5.c:118 plugins/sudoers/auth/securid5.c:170
+msgid "invalid Authentication Handle for SecurID"
+msgstr "gestore di autenticazione per SecurID non valido"
+
+#: plugins/sudoers/auth/securid5.c:122
+msgid "SecurID communication failed"
+msgstr "Comunicazione SecurID non riuscita"
+
+#: plugins/sudoers/auth/securid5.c:126 plugins/sudoers/auth/securid5.c:215
+msgid "unknown SecurID error"
+msgstr "errore sconosciuto di SecurID"
+
+#: plugins/sudoers/auth/securid5.c:160
+msgid "invalid passcode length for SecurID"
+msgstr "lunghezza del passcode per SecurID errata"
+
+#: plugins/sudoers/auth/sia.c:72 plugins/sudoers/auth/sia.c:127
+msgid "unable to initialize SIA session"
+msgstr "impossibile inizializzare la sessione SIA"
+
+#: plugins/sudoers/auth/sudo_auth.c:136
+msgid "invalid authentication methods"
+msgstr "metodi di autenticazione non validi"
+
+#: plugins/sudoers/auth/sudo_auth.c:138
+msgid "Invalid authentication methods compiled into sudo!  You may not mix standalone and non-standalone authentication."
+msgstr "Metodi di autenticazione non validi compilati all'interno di sudo. Non è possibile usare assieme autenticazione standalone e non-standalone."
+
+#: plugins/sudoers/auth/sudo_auth.c:259 plugins/sudoers/auth/sudo_auth.c:309
+msgid "no authentication methods"
+msgstr "nessun metodo di autenticazione"
+
+#: plugins/sudoers/auth/sudo_auth.c:261
+msgid "There are no authentication methods compiled into sudo!  If you want to turn off authentication, use the --disable-authentication configure option."
+msgstr "Non ci sono metodi di autenticazione compilati all'interno di sudo. Per disabilitare l'autenticazione, usare l'opzione di configurazione --disable-authentication."
+
+#: plugins/sudoers/auth/sudo_auth.c:311
+msgid "Unable to initialize authentication methods."
+msgstr "Impossibile inizializzare i metodi di autenticazione."
+
+#: plugins/sudoers/auth/sudo_auth.c:477
+msgid "Authentication methods:"
+msgstr "Metodi di autenticazione:"
+
+#: plugins/sudoers/bsm_audit.c:123 plugins/sudoers/bsm_audit.c:215
+msgid "Could not determine audit condition"
+msgstr "Impossibile determinare la condizione di audit"
+
+#: plugins/sudoers/bsm_audit.c:188 plugins/sudoers/bsm_audit.c:279
+msgid "unable to commit audit record"
+msgstr "impossibile inviare il record di audit"
+
+#: plugins/sudoers/check.c:267
+msgid ""
+"\n"
+"We trust you have received the usual lecture from the local System\n"
+"Administrator. It usually boils down to these three things:\n"
+"\n"
+"    #1) Respect the privacy of others.\n"
+"    #2) Think before you type.\n"
+"    #3) With great power comes great responsibility.\n"
+"\n"
+msgstr ""
+"\n"
+"Questa lezione dovrebbe essere stata impartita dall'amministratore\n"
+"di sistema locale. Solitamente equivale a:\n"
+"\n"
+"    #1) Rispettare la privacy degli altri\n"
+"    #2) Pensare prima di digitare\n"
+"    #3) Da grandi poteri derivano grandi responsabilità\n"
+"\n"
+
+#: plugins/sudoers/check.c:310 plugins/sudoers/check.c:320
+#: plugins/sudoers/sudoers.c:696 plugins/sudoers/sudoers.c:741
+#: plugins/sudoers/tsdump.c:124
+#, c-format
+msgid "unknown uid: %u"
+msgstr "uid sconosciuto: %u"
+
+#: plugins/sudoers/check.c:315 plugins/sudoers/iolog.c:253
+#: plugins/sudoers/policy.c:915 plugins/sudoers/sudoers.c:1136
+#: plugins/sudoers/testsudoers.c:225 plugins/sudoers/testsudoers.c:398
+#, c-format
+msgid "unknown user: %s"
+msgstr "utente sconosciuto: %s"
+
+#: plugins/sudoers/cvtsudoers.c:198
+#, c-format
+msgid "order increment: %s: %s"
+msgstr "ordine di incremento: %s: %s"
+
+#: plugins/sudoers/cvtsudoers.c:214
+#, c-format
+msgid "starting order: %s: %s"
+msgstr "ordine di partenza: %s: %s"
+
+#: plugins/sudoers/cvtsudoers.c:224
+#, c-format
+msgid "order padding: %s: %s"
+msgstr "ordine di riempimento: %s: %s"
+
+#: plugins/sudoers/cvtsudoers.c:232 plugins/sudoers/sudoreplay.c:287
+#: plugins/sudoers/visudo.c:182
+#, c-format
+msgid "%s version %s\n"
+msgstr "%s versione %s\n"
+
+#: plugins/sudoers/cvtsudoers.c:234 plugins/sudoers/visudo.c:184
+#, c-format
+msgid "%s grammar version %d\n"
+msgstr "%s versione grammaticale %d\n"
+
+#: plugins/sudoers/cvtsudoers.c:251 plugins/sudoers/testsudoers.c:173
+#, c-format
+msgid "unsupported input format %s"
+msgstr "formato di input %s non supportato"
+
+#: plugins/sudoers/cvtsudoers.c:266
+#, c-format
+msgid "unsupported output format %s"
+msgstr "formato di output %s non supportato"
+
+#: plugins/sudoers/cvtsudoers.c:318
+#, c-format
+msgid "%s: input and output files must be different"
+msgstr "%s: i file di input e output devono essere diversi"
+
+#: plugins/sudoers/cvtsudoers.c:334 plugins/sudoers/sudoers.c:172
+#: plugins/sudoers/testsudoers.c:264 plugins/sudoers/visudo.c:238
+#: plugins/sudoers/visudo.c:594 plugins/sudoers/visudo.c:917
+msgid "unable to initialize sudoers default values"
+msgstr "impossibile inizializzare i valori predefiniti di sudoers"
+
+#: plugins/sudoers/cvtsudoers.c:420 plugins/sudoers/ldap_conf.c:433
+#, c-format
+msgid "%s: %s: %s: %s"
+msgstr "%s: %s: %s: %s"
+
+#: plugins/sudoers/cvtsudoers.c:479
+#, c-format
+msgid "%s: unknown key word: %s"
+msgstr "%s: chiave sconosciuta: %s"
+
+#: plugins/sudoers/cvtsudoers.c:525
+#, c-format
+msgid "invalid defaults type: %s"
+msgstr "tipo di defaults non valido: %s"
+
+#: plugins/sudoers/cvtsudoers.c:548
+#, c-format
+msgid "invalid suppression type: %s"
+msgstr "tipo di occultamento non valido: %s"
+
+#: plugins/sudoers/cvtsudoers.c:588 plugins/sudoers/cvtsudoers.c:602
+#, c-format
+msgid "invalid filter: %s"
+msgstr "filtro non valido: %s"
+
+#: plugins/sudoers/cvtsudoers.c:621 plugins/sudoers/cvtsudoers.c:638
+#: plugins/sudoers/cvtsudoers.c:1244 plugins/sudoers/cvtsudoers_json.c:1128
+#: plugins/sudoers/cvtsudoers_ldif.c:641 plugins/sudoers/iolog.c:411
+#: plugins/sudoers/iolog_util.c:72 plugins/sudoers/sudoers.c:903
+#: plugins/sudoers/sudoreplay.c:333 plugins/sudoers/sudoreplay.c:1425
+#: plugins/sudoers/timestamp.c:446 plugins/sudoers/tsdump.c:133
+#: plugins/sudoers/visudo.c:913
+#, c-format
+msgid "unable to open %s"
+msgstr "impossibile aprire %s"
+
+#: plugins/sudoers/cvtsudoers.c:641 plugins/sudoers/visudo.c:922
+#, c-format
+msgid "failed to parse %s file, unknown error"
+msgstr "analisi del file %s non riuscita, errore sconosciuto"
+
+#: plugins/sudoers/cvtsudoers.c:649 plugins/sudoers/visudo.c:939
+#, c-format
+msgid "parse error in %s near line %d\n"
+msgstr "errore di analisi in %s vicino alla riga %d\n"
+
+#: plugins/sudoers/cvtsudoers.c:652 plugins/sudoers/visudo.c:942
+#, c-format
+msgid "parse error in %s\n"
+msgstr "errore di analisi in %s\n"
+
+#: plugins/sudoers/cvtsudoers.c:1291 plugins/sudoers/iolog.c:498
+#: plugins/sudoers/sudoreplay.c:1129 plugins/sudoers/timestamp.c:330
+#: plugins/sudoers/timestamp.c:333
+#, c-format
+msgid "unable to write to %s"
+msgstr "impossibile scrivere su %s"
+
+#: plugins/sudoers/cvtsudoers.c:1314
+#, c-format
+msgid ""
+"%s - convert between sudoers file formats\n"
+"\n"
+msgstr ""
+"%s - Converte tra formati del file sudoers\n"
+"\n"
+"\n"
+
+#: plugins/sudoers/cvtsudoers.c:1316
+msgid ""
+"\n"
+"Options:\n"
+"  -b, --base=dn              the base DN for sudo LDAP queries\n"
+"  -d, --defaults=deftypes    only convert Defaults of the specified types\n"
+"  -e, --expand-aliases       expand aliases when converting\n"
+"  -f, --output-format=format set output format: JSON, LDIF or sudoers\n"
+"  -i, --input-format=format  set input format: LDIF or sudoers\n"
+"  -I, --increment=num        amount to increase each sudoOrder by\n"
+"  -h, --help                 display help message and exit\n"
+"  -m, --match=filter         only convert entries that match the filter\n"
+"  -M, --match-local          match filter uses passwd and group databases\n"
+"  -o, --output=output_file   write converted sudoers to output_file\n"
+"  -O, --order-start=num      starting point for first sudoOrder\n"
+"  -p, --prune-matches        prune non-matching users, groups and hosts\n"
+"  -P, --padding=num          base padding for sudoOrder increment\n"
+"  -s, --suppress=sections    suppress output of certain sections\n"
+"  -V, --version              display version information and exit"
+msgstr ""
+"\n"
+"Opzioni:\n"
+"  -b, --base=dn               Il DN base per le ricerche LDAP\n"
+"  -d, --defaults=tipidef      Converte Defaults solo dei tipi indicati\n"
+"  -e, --expand-aliases        Espande gli alias nella conversione\n"
+"  -f, --output-format=formato Imposta il formato di output: JSON, LDIF o sudoers\n"
+"  -i, --input-format=format   Imposta il formato di input: LDIF o sudoers\n"
+"  -I, --increment=num         Di quanto incrementare il valore sudoOrder\n"
+"  -h, --help                  Mostra il messaggio di aiuto ed esce\n"
+"  -m, --match=filtro          Converte le voci che corrispondo al filtro\n"
+"  -M, --match-local           Il filtro usa i dati da passwd e group\n"
+"  -o, --output=file_output    Scrive il file convertito su file_output\n"
+"  -O, --order-start=num       Punto di partenza del primo sudoOrder\n"
+"  -p, --prune-matches         Elimina utenti, gruppi e host che non corrispondono\n"
+"  -P, --padding=num           Riempimento base per incrementi di sudoOrder\n"
+"  -s, --suppress=sezioni      Disabilita l'output per alcune sezioni\n"
+"  -V, --version               Visualizza la versione ed esce"
+
+#: plugins/sudoers/cvtsudoers_json.c:682 plugins/sudoers/cvtsudoers_json.c:718
+#: plugins/sudoers/cvtsudoers_json.c:936
+#, c-format
+msgid "unknown defaults entry \"%s\""
+msgstr "voce Defaults \"%s\" sconosciuta"
+
+#: plugins/sudoers/cvtsudoers_json.c:856 plugins/sudoers/cvtsudoers_json.c:871
+#: plugins/sudoers/cvtsudoers_ldif.c:306 plugins/sudoers/cvtsudoers_ldif.c:317
+#: plugins/sudoers/ldap.c:480
+msgid "unable to get GMT time"
+msgstr "impossibile ottenere l'ora GMT"
+
+#: plugins/sudoers/cvtsudoers_json.c:859 plugins/sudoers/cvtsudoers_json.c:874
+#: plugins/sudoers/cvtsudoers_ldif.c:309 plugins/sudoers/cvtsudoers_ldif.c:320
+#: plugins/sudoers/ldap.c:486
+msgid "unable to format timestamp"
+msgstr "impossibile formattare la marcatura temporale"
+
+#: plugins/sudoers/cvtsudoers_ldif.c:524 plugins/sudoers/env.c:309
+#: plugins/sudoers/env.c:316 plugins/sudoers/env.c:421
+#: plugins/sudoers/ldap.c:494 plugins/sudoers/ldap.c:725
+#: plugins/sudoers/ldap.c:1052 plugins/sudoers/ldap_conf.c:225
+#: plugins/sudoers/ldap_conf.c:315 plugins/sudoers/linux_audit.c:87
+#: plugins/sudoers/logging.c:1015 plugins/sudoers/policy.c:623
+#: plugins/sudoers/policy.c:633 plugins/sudoers/prompt.c:166
+#: plugins/sudoers/sudoers.c:845 plugins/sudoers/testsudoers.c:255
+#: plugins/sudoers/toke_util.c:159
+#, c-format
+msgid "internal error, %s overflow"
+msgstr "errore interno, overflow di %s"
+
+#: plugins/sudoers/cvtsudoers_ldif.c:593
+#, c-format
+msgid "too many sudoers entries, maximum %u"
+msgstr "troppe voci sudoers, massimo %u"
+
+#: plugins/sudoers/cvtsudoers_ldif.c:636
+msgid "the SUDOERS_BASE environment variable is not set and the -b option was not specified."
+msgstr "la variabile d'ambiente SUDOERS_BASE non è impostata e non è stata specificata l'opzione -b."
+
+#: plugins/sudoers/def_data.c:42
+#, c-format
+msgid "Syslog facility if syslog is being used for logging: %s"
+msgstr "Infrastruttura syslog se syslog viene utilizzato per le registrazioni: %s"
+
+#: plugins/sudoers/def_data.c:46
+#, c-format
+msgid "Syslog priority to use when user authenticates successfully: %s"
+msgstr "Priorità di syslog se l'utente si identifica con successo: %s"
+
+#: plugins/sudoers/def_data.c:50
+#, c-format
+msgid "Syslog priority to use when user authenticates unsuccessfully: %s"
+msgstr "Priorità di syslog se l'utente non si identifica con successo: %s"
+
+#: plugins/sudoers/def_data.c:54
+msgid "Put OTP prompt on its own line"
+msgstr "Mette il prompt OTP su una riga a parte"
+
+#: plugins/sudoers/def_data.c:58
+msgid "Ignore '.' in $PATH"
+msgstr "Ignora \".\" in $PATH"
+
+#: plugins/sudoers/def_data.c:62
+msgid "Always send mail when sudo is run"
+msgstr "Invia sempre una email quando viene eseguito sudo"
+
+#: plugins/sudoers/def_data.c:66
+msgid "Send mail if user authentication fails"
+msgstr "Invia una email se l'autenticazione utente non riesce"
+
+#: plugins/sudoers/def_data.c:70
+msgid "Send mail if the user is not in sudoers"
+msgstr "Invia una email se l'utente non è tra i sudoers"
+
+#: plugins/sudoers/def_data.c:74
+msgid "Send mail if the user is not in sudoers for this host"
+msgstr "Invia una email se l'utente non è tra i sudoers per questo host"
+
+#: plugins/sudoers/def_data.c:78
+msgid "Send mail if the user is not allowed to run a command"
+msgstr "Invia una email se l'utente non è abilitato a eseguire un comando"
+
+#: plugins/sudoers/def_data.c:82
+msgid "Send mail if the user tries to run a command"
+msgstr "Invia una email se l'utente tenta di eseguire un comando"
+
+#: plugins/sudoers/def_data.c:86
+msgid "Use a separate timestamp for each user/tty combo"
+msgstr "Usa una marcatura temporale diversa per ogni combinazione utente/tty"
+
+#: plugins/sudoers/def_data.c:90
+msgid "Lecture user the first time they run sudo"
+msgstr "Aiuta gli utenti alla prima esecuzione di sudo"
+
+#: plugins/sudoers/def_data.c:94
+#, c-format
+msgid "File containing the sudo lecture: %s"
+msgstr "File contenente la lezione su sudo: %s"
+
+#: plugins/sudoers/def_data.c:98
+msgid "Require users to authenticate by default"
+msgstr "Richiede in modo predefinito l'autenticazione degli utenti"
+
+#: plugins/sudoers/def_data.c:102
+msgid "Root may run sudo"
+msgstr "Root può eseguire sudo"
+
+#: plugins/sudoers/def_data.c:106
+msgid "Log the hostname in the (non-syslog) log file"
+msgstr "Registra il nome host nel file di registro (non-syslog)"
+
+#: plugins/sudoers/def_data.c:110
+msgid "Log the year in the (non-syslog) log file"
+msgstr "Registra l'anno nel file di registro (non-syslog)"
+
+#: plugins/sudoers/def_data.c:114
+msgid "If sudo is invoked with no arguments, start a shell"
+msgstr "Se sudo viene lanciato senza alcun argomento, avvia una shell"
+
+#: plugins/sudoers/def_data.c:118
+msgid "Set $HOME to the target user when starting a shell with -s"
+msgstr "Imposta $HOME all'utente definito quando viene avviata una shell con -s"
+
+#: plugins/sudoers/def_data.c:122
+msgid "Always set $HOME to the target user's home directory"
+msgstr "Imposta sempre $HOME alla directory home dell'utente definito"
+
+#: plugins/sudoers/def_data.c:126
+msgid "Allow some information gathering to give useful error messages"
+msgstr "Consente la raccolta di alcune informazioni per dare messaggi di errore utili"
+
+#: plugins/sudoers/def_data.c:130
+msgid "Require fully-qualified hostnames in the sudoers file"
+msgstr "Richiede nomi host completi nel file sudoers"
+
+#: plugins/sudoers/def_data.c:134
+msgid "Insult the user when they enter an incorrect password"
+msgstr "Apostrofa l'utente quando inserisce una password errata"
+
+#: plugins/sudoers/def_data.c:138
+msgid "Only allow the user to run sudo if they have a tty"
+msgstr "Consente all'utente di seguire sudo solo se dispone di un tty"
+
+#: plugins/sudoers/def_data.c:142
+msgid "Visudo will honor the EDITOR environment variable"
+msgstr "visudo utilizzerà il valore definito nella variabile EDITOR"
+
+#: plugins/sudoers/def_data.c:146
+msgid "Prompt for root's password, not the users's"
+msgstr "Chiede la password di root, non quella dell'utente"
+
+#: plugins/sudoers/def_data.c:150
+msgid "Prompt for the runas_default user's password, not the users's"
+msgstr "Chiede la password dell'utente runas_default, non quella dell'utente"
+
+#: plugins/sudoers/def_data.c:154
+msgid "Prompt for the target user's password, not the users's"
+msgstr "Chiede la password dell'utente definito, non quella dell'invocante"
+
+#: plugins/sudoers/def_data.c:158
+msgid "Apply defaults in the target user's login class if there is one"
+msgstr "Applica i Defaults nella classe di login dell'utente definito, se presente"
+
+#: plugins/sudoers/def_data.c:162
+msgid "Set the LOGNAME and USER environment variables"
+msgstr "Imposta le variabili d'ambiente LOGNAME e USER"
+
+#: plugins/sudoers/def_data.c:166
+msgid "Only set the effective uid to the target user, not the real uid"
+msgstr "Imposta lo uid effettivo all'utente definito, non lo uid reale"
+
+#: plugins/sudoers/def_data.c:170
+msgid "Don't initialize the group vector to that of the target user"
+msgstr "Non inizializza il vettore di gruppo con quello dell'utente definito"
+
+#: plugins/sudoers/def_data.c:174
+#, c-format
+msgid "Length at which to wrap log file lines (0 for no wrap): %u"
+msgstr "Lunghezza a cui andare a capo nei file di registro (0 per non andare a capo): %u"
+
+#: plugins/sudoers/def_data.c:178
+#, c-format
+msgid "Authentication timestamp timeout: %.1f minutes"
+msgstr "Timeout marcatura temporale di autenticazione: %.1f minuti"
+
+#: plugins/sudoers/def_data.c:182
+#, c-format
+msgid "Password prompt timeout: %.1f minutes"
+msgstr "Timeout per inserimento password: %.1f minuti"
+
+#: plugins/sudoers/def_data.c:186
+#, c-format
+msgid "Number of tries to enter a password: %u"
+msgstr "Numero di tentativi per l'inserimento della password: %u"
+
+#: plugins/sudoers/def_data.c:190
+#, c-format
+msgid "Umask to use or 0777 to use user's: 0%o"
+msgstr "umask da utilizzare o 0777 per utilizzare quella dell'utente: 0%o"
+
+#: plugins/sudoers/def_data.c:194
+#, c-format
+msgid "Path to log file: %s"
+msgstr "Percorso al file di registro: %s"
+
+#: plugins/sudoers/def_data.c:198
+#, c-format
+msgid "Path to mail program: %s"
+msgstr "Percorso al programma email: %s"
+
+#: plugins/sudoers/def_data.c:202
+#, c-format
+msgid "Flags for mail program: %s"
+msgstr "Flag per il programma email: %s"
+
+#: plugins/sudoers/def_data.c:206
+#, c-format
+msgid "Address to send mail to: %s"
+msgstr "Indirizzo a cui mandare l'email: %s"
+
+#: plugins/sudoers/def_data.c:210
+#, c-format
+msgid "Address to send mail from: %s"
+msgstr "Indirizzo da cui mandare l'email: %s"
+
+#: plugins/sudoers/def_data.c:214
+#, c-format
+msgid "Subject line for mail messages: %s"
+msgstr "Oggetto dell'email: %s"
+
+#: plugins/sudoers/def_data.c:218
+#, c-format
+msgid "Incorrect password message: %s"
+msgstr "Messaggio password errata: %s"
+
+#: plugins/sudoers/def_data.c:222
+#, c-format
+msgid "Path to lecture status dir: %s"
+msgstr "Percorso directory di stato della lezione: %s"
+
+#: plugins/sudoers/def_data.c:226
+#, c-format
+msgid "Path to authentication timestamp dir: %s"
+msgstr "Percorso directory con la marcatura temporale di autenticazione: %s"
+
+#: plugins/sudoers/def_data.c:230
+#, c-format
+msgid "Owner of the authentication timestamp dir: %s"
+msgstr "Proprietario directory con la marcatura temporale di autenticazione: %s"
+
+#: plugins/sudoers/def_data.c:234
+#, c-format
+msgid "Users in this group are exempt from password and PATH requirements: %s"
+msgstr "Agli utenti di questo gruppo non sono richiesti password e PATH: %s"
+
+#: plugins/sudoers/def_data.c:238
+#, c-format
+msgid "Default password prompt: %s"
+msgstr "Prompt predefinito per la password: %s"
+
+#: plugins/sudoers/def_data.c:242
+msgid "If set, passprompt will override system prompt in all cases."
+msgstr "Se impostato, passprompt scavalcherà sempre il prompt di sistema."
+
+#: plugins/sudoers/def_data.c:246
+#, c-format
+msgid "Default user to run commands as: %s"
+msgstr "Utente predefinito con cui eseguire i comandi: %s"
+
+#: plugins/sudoers/def_data.c:250
+#, c-format
+msgid "Value to override user's $PATH with: %s"
+msgstr "Valore con cui sovrascrivere la variabile $PATH dell'utente: %s"
+
+#: plugins/sudoers/def_data.c:254
+#, c-format
+msgid "Path to the editor for use by visudo: %s"
+msgstr "Percorso all'editor per visudo: %s"
+
+#: plugins/sudoers/def_data.c:258
+#, c-format
+msgid "When to require a password for 'list' pseudocommand: %s"
+msgstr "Quando richiedere una password per il pseudo-comando \"list\": %s"
+
+#: plugins/sudoers/def_data.c:262
+#, c-format
+msgid "When to require a password for 'verify' pseudocommand: %s"
+msgstr "Quando richiedere una password per il pseudo-comando \"verify\": %s"
+
+#: plugins/sudoers/def_data.c:266
+msgid "Preload the dummy exec functions contained in the sudo_noexec library"
+msgstr "Pre-carica le funzioni exec dummy contenute nella libreria sudo_noexec"
+
+#: plugins/sudoers/def_data.c:270
+msgid "If LDAP directory is up, do we ignore local sudoers file"
+msgstr "Se LDAP è funzionante, viene ignorato il file sudoers locale"
+
+#: plugins/sudoers/def_data.c:274
+#, c-format
+msgid "File descriptors >= %d will be closed before executing a command"
+msgstr "I descrittori di file >= %d verranno chiusi prima dell'esecuzione di un comando"
+
+#: plugins/sudoers/def_data.c:278
+msgid "If set, users may override the value of `closefrom' with the -C option"
+msgstr "Se impostata, gli utenti possono sovrascrivere il valore di \"closefrom\" con l'opzione -C"
+
+#: plugins/sudoers/def_data.c:282
+msgid "Allow users to set arbitrary environment variables"
+msgstr "Consente agli utenti di impostare variabili d'ambiente"
+
+#: plugins/sudoers/def_data.c:286
+msgid "Reset the environment to a default set of variables"
+msgstr "Reimposta l'ambiente con le variabili predefinite"
+
+#: plugins/sudoers/def_data.c:290
+msgid "Environment variables to check for sanity:"
+msgstr "Variabile d'ambienti da validare:"
+
+#: plugins/sudoers/def_data.c:294
+msgid "Environment variables to remove:"
+msgstr "Variabili d'ambiente da rimuovere:"
+
+#: plugins/sudoers/def_data.c:298
+msgid "Environment variables to preserve:"
+msgstr "Variabili d'ambiente da preservare:"
+
+#: plugins/sudoers/def_data.c:302
+#, c-format
+msgid "SELinux role to use in the new security context: %s"
+msgstr "Ruolo SELinux da usare nel nuovo contesto di sicurezza: %s"
+
+#: plugins/sudoers/def_data.c:306
+#, c-format
+msgid "SELinux type to use in the new security context: %s"
+msgstr "Tipologia di SELinux da usare nel nuovo contesto di sicurezza: %s"
+
+#: plugins/sudoers/def_data.c:310
+#, c-format
+msgid "Path to the sudo-specific environment file: %s"
+msgstr "Percorso al file d'ambiente specifico di sudo: %s"
+
+#: plugins/sudoers/def_data.c:314
+#, c-format
+msgid "Path to the restricted sudo-specific environment file: %s"
+msgstr "Percorso al file d'ambiente riservato specifico di sudo: %s"
+
+#: plugins/sudoers/def_data.c:318
+#, c-format
+msgid "Locale to use while parsing sudoers: %s"
+msgstr "Localizzazione da usare durante l'analisi del file sudoers: %s"
+
+#: plugins/sudoers/def_data.c:322
+msgid "Allow sudo to prompt for a password even if it would be visible"
+msgstr "Abilita sudo a chiedere una password anche se sarebbe visibile"
+
+#: plugins/sudoers/def_data.c:326
+msgid "Provide visual feedback at the password prompt when there is user input"
+msgstr "Fornisce riscontro visibile al prompt della password nel caso di input utente"
+
+#: plugins/sudoers/def_data.c:330
+msgid "Use faster globbing that is less accurate but does not access the filesystem"
+msgstr "Usa glob più veloce e meno preciso, ma non accede al file system"
+
+#: plugins/sudoers/def_data.c:334
+msgid "The umask specified in sudoers will override the user's, even if it is more permissive"
+msgstr "La umask definita in sudoers scavalca quella dell'utente, anche se è più permissiva"
+
+#: plugins/sudoers/def_data.c:338
+msgid "Log user's input for the command being run"
+msgstr "Registra l'input dell'utente per il comando in esecuzione"
+
+#: plugins/sudoers/def_data.c:342
+msgid "Log the output of the command being run"
+msgstr "Registra l'output del comando in esecuzione"
+
+#: plugins/sudoers/def_data.c:346
+msgid "Compress I/O logs using zlib"
+msgstr "Comprime i registri utilizzando zlib"
+
+#: plugins/sudoers/def_data.c:350
+msgid "Always run commands in a pseudo-tty"
+msgstr "Esegue sempre i comandi in uno pseudo-tty"
+
+#: plugins/sudoers/def_data.c:354
+#, c-format
+msgid "Plugin for non-Unix group support: %s"
+msgstr "Plugin per supporto ai gruppi non-Unix: %s"
+
+#: plugins/sudoers/def_data.c:358
+#, c-format
+msgid "Directory in which to store input/output logs: %s"
+msgstr "Directory in cui salvare i registri di I/O: %s"
+
+#: plugins/sudoers/def_data.c:362
+#, c-format
+msgid "File in which to store the input/output log: %s"
+msgstr "File in cui salvare il registro I/O: %s"
+
+#: plugins/sudoers/def_data.c:366
+msgid "Add an entry to the utmp/utmpx file when allocating a pty"
+msgstr "Aggiunge una voce al file utmp/utmpx quando viene allocato un pty"
+
+#: plugins/sudoers/def_data.c:370
+msgid "Set the user in utmp to the runas user, not the invoking user"
+msgstr "Imposta l'utente in utmp all'utente runas, non l'utente invocante"
+
+#: plugins/sudoers/def_data.c:374
+#, c-format
+msgid "Set of permitted privileges: %s"
+msgstr "Insieme di privilegi concessi: %s"
+
+#: plugins/sudoers/def_data.c:378
+#, c-format
+msgid "Set of limit privileges: %s"
+msgstr "Insieme di privilegi non concessi: %s"
+
+#: plugins/sudoers/def_data.c:382
+msgid "Run commands on a pty in the background"
+msgstr "Esegue i comandi in un pty in background"
+
+#: plugins/sudoers/def_data.c:386
+#, c-format
+msgid "PAM service name to use: %s"
+msgstr "Nome del servizio PAM da usare: %s"
+
+#: plugins/sudoers/def_data.c:390
+#, c-format
+msgid "PAM service name to use for login shells: %s"
+msgstr "Nome del servizio PAM da usare per le shell di login: %s"
+
+#: plugins/sudoers/def_data.c:394
+msgid "Attempt to establish PAM credentials for the target user"
+msgstr "Tentativo di stabilire le credenziali PAM per l'utente finale"
+
+#: plugins/sudoers/def_data.c:398
+msgid "Create a new PAM session for the command to run in"
+msgstr "Crea una nuova sessione PAM in cui eseguire il comando"
+
+#: plugins/sudoers/def_data.c:402
+#, c-format
+msgid "Maximum I/O log sequence number: %u"
+msgstr "Numero massimo di sequenze I/O di registro: %u"
+
+#: plugins/sudoers/def_data.c:406
+msgid "Enable sudoers netgroup support"
+msgstr "Abilita support netgroup in sudoers"
+
+#: plugins/sudoers/def_data.c:410
+msgid "Check parent directories for writability when editing files with sudoedit"
+msgstr "Controlla le directory superiori per accesso in scrittura durante le modifiche con sudoedit"
+
+#: plugins/sudoers/def_data.c:414
+msgid "Follow symbolic links when editing files with sudoedit"
+msgstr "Segue i collegamenti simbolici durante le modifiche con sudoedit"
+
+#: plugins/sudoers/def_data.c:418
+msgid "Query the group plugin for unknown system groups"
+msgstr "Interroga il plugin dei gruppi per gruppi di sistema sconosciuti"
+
+#: plugins/sudoers/def_data.c:422
+msgid "Match netgroups based on the entire tuple: user, host and domain"
+msgstr "Corrispondenza gruppi di rete con tutti i valori: utente, host e dominio"
+
+#: plugins/sudoers/def_data.c:426
+msgid "Allow commands to be run even if sudo cannot write to the audit log"
+msgstr "Consente di eseguire i comandi anche se sudo non può scrivere sul registro di controllo"
+
+#: plugins/sudoers/def_data.c:430
+msgid "Allow commands to be run even if sudo cannot write to the I/O log"
+msgstr "Consente di eseguire i comandi anche se sudo non può scrivere sul registro di I/O"
+
+#: plugins/sudoers/def_data.c:434
+msgid "Allow commands to be run even if sudo cannot write to the log file"
+msgstr "Consente di eseguire i comandi anche se sudo non può scrivere sul file di registro"
+
+#: plugins/sudoers/def_data.c:438
+msgid "Resolve groups in sudoers and match on the group ID, not the name"
+msgstr "Gestisce i gruppi attraverso sudoers ed esegue la corrispondenza sull'ID del gruppo, non sul nome"
+
+#: plugins/sudoers/def_data.c:442
+#, c-format
+msgid "Log entries larger than this value will be split into multiple syslog messages: %u"
+msgstr "Voci di registro più grandi di questo valore vengono divise su più messaggi: %u"
+
+#: plugins/sudoers/def_data.c:446
+#, c-format
+msgid "User that will own the I/O log files: %s"
+msgstr "Utente proprietario dei file di registro di I/O: %s"
+
+#: plugins/sudoers/def_data.c:450
+#, c-format
+msgid "Group that will own the I/O log files: %s"
+msgstr "Gruppo proprietario dei file di registro di I/O: %s"
+
+#: plugins/sudoers/def_data.c:454
+#, c-format
+msgid "File mode to use for the I/O log files: 0%o"
+msgstr "Modalità dei file di registro di I/O: 0%o"
+
+#: plugins/sudoers/def_data.c:458
+#, c-format
+msgid "Execute commands by file descriptor instead of by path: %s"
+msgstr "Esegue comandi in base al descrittore del file e non sul percorso: %s"
+
+#: plugins/sudoers/def_data.c:462
+msgid "Ignore unknown Defaults entries in sudoers instead of producing a warning"
+msgstr "Ignora le voci Defaults sconosciute nel file sudoers invece di inviare un avviso"
+
+#: plugins/sudoers/def_data.c:466
+#, c-format
+msgid "Time in seconds after which the command will be terminated: %u"
+msgstr "Tempo in secondi dopo il quale il comando viene terminato: %u"
+
+#: plugins/sudoers/def_data.c:470
+msgid "Allow the user to specify a timeout on the command line"
+msgstr "Consente all'utente di specificare un timeout attraverso la riga di comando"
+
+#: plugins/sudoers/def_data.c:474
+msgid "Flush I/O log data to disk immediately instead of buffering it"
+msgstr "Scrive immediatamente i dati I/O del registro sul disco invece di tenerli in memoria"
+
+#: plugins/sudoers/def_data.c:478
+msgid "Include the process ID when logging via syslog"
+msgstr "Include l'ID del processo quando viene usato syslog"
+
+#: plugins/sudoers/def_data.c:482
+#, c-format
+msgid "Type of authentication timestamp record: %s"
+msgstr "Tipo di marcatura temporale di autenticazione: %s"
+
+#: plugins/sudoers/def_data.c:486
+#, c-format
+msgid "Authentication failure message: %s"
+msgstr "Messaggio di autenticazione non riuscita: %s"
+
+#: plugins/sudoers/def_data.c:490
+msgid "Ignore case when matching user names"
+msgstr "Ignora maiuscole/minuscole nella corrispondenza coi nomi utente"
+
+#: plugins/sudoers/def_data.c:494
+msgid "Ignore case when matching group names"
+msgstr "Ignora maiuscole/minuscole nella corrispondenza coi gruppi"
+
+#: plugins/sudoers/defaults.c:229
+#, c-format
+msgid "%s:%d unknown defaults entry \"%s\""
+msgstr "%s:%d voce Defaults \"%s\" sconosciuta"
+
+#: plugins/sudoers/defaults.c:232
+#, c-format
+msgid "%s: unknown defaults entry \"%s\""
+msgstr "%s: voce Defaults \"%s\" sconosciuta"
+
+#: plugins/sudoers/defaults.c:275
+#, c-format
+msgid "%s:%d no value specified for \"%s\""
+msgstr "%s:%d nessun valore specificato per \"%s\""
+
+#: plugins/sudoers/defaults.c:278
+#, c-format
+msgid "%s: no value specified for \"%s\""
+msgstr "%s: nessun valore specificato per \"%s\""
+
+#: plugins/sudoers/defaults.c:298
+#, c-format
+msgid "%s:%d values for \"%s\" must start with a '/'"
+msgstr "%s:%d i valori per \"%s\" devono iniziare con un carattere \"/\""
+
+#: plugins/sudoers/defaults.c:301
+#, c-format
+msgid "%s: values for \"%s\" must start with a '/'"
+msgstr "%s: i valori per \"%s\" devono iniziare con un carattere \"/\""
+
+#: plugins/sudoers/defaults.c:323
+#, c-format
+msgid "%s:%d option \"%s\" does not take a value"
+msgstr "%s:%d l'opzione \"%s\" non accetta un valore"
+
+#: plugins/sudoers/defaults.c:326
+#, c-format
+msgid "%s: option \"%s\" does not take a value"
+msgstr "%s: l'opzione \"%s\" non accetta un valore"
+
+#: plugins/sudoers/defaults.c:351
+#, c-format
+msgid "%s:%d invalid Defaults type 0x%x for option \"%s\""
+msgstr "%s:%d tipo Defaults 0x%x non valido per l'opzione \"%s\""
+
+#: plugins/sudoers/defaults.c:354
+#, c-format
+msgid "%s: invalid Defaults type 0x%x for option \"%s\""
+msgstr "%s: tipo Defaults 0x%x non valido per l'opzione \"%s\""
+
+#: plugins/sudoers/defaults.c:364
+#, c-format
+msgid "%s:%d value \"%s\" is invalid for option \"%s\""
+msgstr "%s:%d il valore \"%s\" non è valido per l'opzione \"%s\""
+
+#: plugins/sudoers/defaults.c:367
+#, c-format
+msgid "%s: value \"%s\" is invalid for option \"%s\""
+msgstr "%s: il valore \"%s\" non è valido per l'opzione \"%s\""
+
+#: plugins/sudoers/env.c:390
+msgid "sudo_putenv: corrupted envp, length mismatch"
+msgstr "sudo_putenv: envp danneggiato, discordanza nella lunghezza"
+
+#: plugins/sudoers/env.c:1111
+msgid "unable to rebuild the environment"
+msgstr "impossibile ricostruire l’ambiente"
+
+#: plugins/sudoers/env.c:1185
+#, c-format
+msgid "sorry, you are not allowed to set the following environment variables: %s"
+msgstr "permessi non sufficienti per impostare le seguenti variabili d'ambiente: %s"
+
+#: plugins/sudoers/file.c:114
+#, c-format
+msgid "parse error in %s near line %d"
+msgstr "errore di analisi in %s vicino alla riga %d"
+
+#: plugins/sudoers/file.c:117
+#, c-format
+msgid "parse error in %s"
+msgstr "errore di analisi in %s"
+
+#: plugins/sudoers/filedigest.c:59
+#, c-format
+msgid "unsupported digest type %d for %s"
+msgstr "tipo di digest %d non supportato per %s"
+
+#: plugins/sudoers/filedigest.c:88
+#, c-format
+msgid "%s: read error"
+msgstr "%s: errore di lettura"
+
+#: plugins/sudoers/group_plugin.c:88
+#, c-format
+msgid "%s must be owned by uid %d"
+msgstr "%s deve essere di proprietà dello uid %d"
+
+#: plugins/sudoers/group_plugin.c:92
+#, c-format
+msgid "%s must only be writable by owner"
+msgstr "%s deve essere scrivibile solo dal proprietario"
+
+#: plugins/sudoers/group_plugin.c:100 plugins/sudoers/sssd.c:561
+#, c-format
+msgid "unable to load %s: %s"
+msgstr "impossibile caricare %s: %s"
+
+#: plugins/sudoers/group_plugin.c:106
+#, c-format
+msgid "unable to find symbol \"group_plugin\" in %s"
+msgstr "impossibile trovare il simbolo \"group_plugin\" in %s"
+
+#: plugins/sudoers/group_plugin.c:111
+#, c-format
+msgid "%s: incompatible group plugin major version %d, expected %d"
+msgstr "%s: version major %d del plugin per il gruppo non compatibile, atteso %d"
+
+#: plugins/sudoers/interfaces.c:84 plugins/sudoers/interfaces.c:101
+#, c-format
+msgid "unable to parse IP address \"%s\""
+msgstr "impossibile analizzare l'indirizzo IP \"%s\""
+
+#: plugins/sudoers/interfaces.c:89 plugins/sudoers/interfaces.c:106
+#, c-format
+msgid "unable to parse netmask \"%s\""
+msgstr "impossibile analizzare la maschera di rete \"%s\""
+
+#: plugins/sudoers/interfaces.c:134
+msgid "Local IP address and netmask pairs:\n"
+msgstr "Coppia indirizzo IP locale e maschera di rete:\n"
+
+#: plugins/sudoers/iolog.c:115 plugins/sudoers/mkdir_parents.c:80
+#, c-format
+msgid "%s exists but is not a directory (0%o)"
+msgstr "%s esiste, ma non è una directory (0%o)"
+
+#: plugins/sudoers/iolog.c:140 plugins/sudoers/iolog.c:180
+#: plugins/sudoers/mkdir_parents.c:69 plugins/sudoers/timestamp.c:210
+#, c-format
+msgid "unable to mkdir %s"
+msgstr "impossibile creare la directory %s"
+
+#: plugins/sudoers/iolog.c:184 plugins/sudoers/visudo.c:723
+#: plugins/sudoers/visudo.c:734
+#, c-format
+msgid "unable to change mode of %s to 0%o"
+msgstr "impossibile modificare la modalità di %s a 0%o"
+
+#: plugins/sudoers/iolog.c:292 plugins/sudoers/sudoers.c:1167
+#: plugins/sudoers/testsudoers.c:422
+#, c-format
+msgid "unknown group: %s"
+msgstr "gruppo sconosciuto: %s"
+
+#: plugins/sudoers/iolog.c:462 plugins/sudoers/sudoers.c:907
+#: plugins/sudoers/sudoreplay.c:840 plugins/sudoers/sudoreplay.c:1536
+#: plugins/sudoers/tsdump.c:143
+#, c-format
+msgid "unable to read %s"
+msgstr "impossibile leggere %s"
+
+#: plugins/sudoers/iolog.c:577 plugins/sudoers/iolog.c:797
+#, c-format
+msgid "unable to create %s"
+msgstr "impossibile creare %s"
+
+#: plugins/sudoers/iolog.c:820 plugins/sudoers/iolog.c:1035
+#: plugins/sudoers/iolog.c:1111 plugins/sudoers/iolog.c:1205
+#: plugins/sudoers/iolog.c:1265
+#, c-format
+msgid "unable to write to I/O log file: %s"
+msgstr "impossibile scrivere sul file di registro di I/O: %s"
+
+#: plugins/sudoers/iolog.c:1069
+#, c-format
+msgid "%s: internal error, I/O log file for event %d not open"
+msgstr "%s: errore interno, file registro IO per l'evento %d non aperto"
+
+#: plugins/sudoers/iolog.c:1228
+#, c-format
+msgid "%s: internal error, invalid signal %d"
+msgstr "%s: errore interno, segnale %d non valido"
+
+#: plugins/sudoers/iolog_util.c:87
+#, c-format
+msgid "%s: invalid log file"
+msgstr "%s: file di registro non valido"
+
+#: plugins/sudoers/iolog_util.c:105
+#, c-format
+msgid "%s: time stamp field is missing"
+msgstr "%s: manca il campo della marcatura temporale"
+
+#: plugins/sudoers/iolog_util.c:111
+#, c-format
+msgid "%s: time stamp %s: %s"
+msgstr "%s: marcatura temporale %s: %s"
+
+#: plugins/sudoers/iolog_util.c:118
+#, c-format
+msgid "%s: user field is missing"
+msgstr "%s: manca il campo utente"
+
+#: plugins/sudoers/iolog_util.c:127
+#, c-format
+msgid "%s: runas user field is missing"
+msgstr "%s: manca il campo utente di runas"
+
+#: plugins/sudoers/iolog_util.c:136
+#, c-format
+msgid "%s: runas group field is missing"
+msgstr "%s: manca il campo gruppo di runas"
+
+#: plugins/sudoers/ldap.c:176 plugins/sudoers/ldap_conf.c:294
+msgid "starttls not supported when using ldaps"
+msgstr "starttls non supportato quando viene utilizzato ldaps"
+
+#: plugins/sudoers/ldap.c:247
+#, c-format
+msgid "unable to initialize SSL cert and key db: %s"
+msgstr "impossibile inizializzare il certificato SSL e il database delle chiavi: %s"
+
+#: plugins/sudoers/ldap.c:250
+#, c-format
+msgid "you must set TLS_CERT in %s to use SSL"
+msgstr "è necessario impostare TLS_CERT in %s per usare SSL"
+
+#: plugins/sudoers/ldap.c:1612
+#, c-format
+msgid "unable to initialize LDAP: %s"
+msgstr "impossibile inizializzare LDAP: %s"
+
+#: plugins/sudoers/ldap.c:1648
+msgid "start_tls specified but LDAP libs do not support ldap_start_tls_s() or ldap_start_tls_s_np()"
+msgstr "specificato start_tls ma le librerie LDAP non supportano ldap_start_tls_s() o ldap_start_tls_s_np()"
+
+#: plugins/sudoers/ldap.c:1785 plugins/sudoers/parse_ldif.c:735
+#, c-format
+msgid "invalid sudoOrder attribute: %s"
+msgstr "attributo sudoOrder non valido: %s"
+
+#: plugins/sudoers/ldap_conf.c:203
+msgid "sudo_ldap_conf_add_ports: port too large"
+msgstr "sudo_ldap_conf_add_ports: porta troppo grande"
+
+#: plugins/sudoers/ldap_conf.c:263
+#, c-format
+msgid "unsupported LDAP uri type: %s"
+msgstr "tipologia di uri LDAP non supportata: %s"
+
+#: plugins/sudoers/ldap_conf.c:290
+msgid "unable to mix ldap and ldaps URIs"
+msgstr "impossibile utilizzare URI ldap e ldaps assieme"
+
+#: plugins/sudoers/ldap_util.c:454 plugins/sudoers/ldap_util.c:456
+#, c-format
+msgid "unable to convert sudoOption: %s%s%s"
+msgstr "impossibile convertire sudoOption: %s%s%s"
+
+#: plugins/sudoers/linux_audit.c:57
+msgid "unable to open audit system"
+msgstr "impossibile aprire il sistema di audit"
+
+#: plugins/sudoers/linux_audit.c:98
+msgid "unable to send audit message"
+msgstr "impossibile inviare il messaggio di audit"
+
+#: plugins/sudoers/logging.c:113
+#, c-format
+msgid "%8s : %s"
+msgstr "%8s : %s"
+
+#: plugins/sudoers/logging.c:141
+#, c-format
+msgid "%8s : (command continued) %s"
+msgstr "%8s : (comando continuato) %s"
+
+#: plugins/sudoers/logging.c:170
+#, c-format
+msgid "unable to open log file: %s"
+msgstr "impossibile aprire il file di registro: %s"
+
+#: plugins/sudoers/logging.c:178
+#, c-format
+msgid "unable to lock log file: %s"
+msgstr "impossibile impostare il blocco sul file di registro: %s"
+
+#: plugins/sudoers/logging.c:211
+#, c-format
+msgid "unable to write log file: %s"
+msgstr "impossibile scrivere sul file di registro: %s"
+
+#: plugins/sudoers/logging.c:240
+msgid "No user or host"
+msgstr "Nessun utente o host"
+
+#: plugins/sudoers/logging.c:242
+msgid "validation failure"
+msgstr "validazione non riuscita"
+
+#: plugins/sudoers/logging.c:249
+msgid "user NOT in sudoers"
+msgstr "utente non tra i sudoers"
+
+#: plugins/sudoers/logging.c:251
+msgid "user NOT authorized on host"
+msgstr "utente non autorizzato sull'host"
+
+#: plugins/sudoers/logging.c:253
+msgid "command not allowed"
+msgstr "comando non consentito"
+
+#: plugins/sudoers/logging.c:288
+#, c-format
+msgid "%s is not in the sudoers file.  This incident will be reported.\n"
+msgstr "%s non è nel file sudoers. Questo evento verrà segnalato.\n"
+
+#: plugins/sudoers/logging.c:291
+#, c-format
+msgid "%s is not allowed to run sudo on %s.  This incident will be reported.\n"
+msgstr "A %s non è consentito eseguire sudo su %s. Questo evento verrà segnalato.\n"
+
+#: plugins/sudoers/logging.c:295
+#, c-format
+msgid "Sorry, user %s may not run sudo on %s.\n"
+msgstr "L'utente %s non può eseguire sudo su %s.\n"
+
+#: plugins/sudoers/logging.c:298
+#, c-format
+msgid "Sorry, user %s is not allowed to execute '%s%s%s' as %s%s%s on %s.\n"
+msgstr "All'utente %s non è consentito eseguire \"%s%s%s\" come %s%s%s su %s.\n"
+
+#: plugins/sudoers/logging.c:335 plugins/sudoers/sudoers.c:438
+#: plugins/sudoers/sudoers.c:440 plugins/sudoers/sudoers.c:442
+#: plugins/sudoers/sudoers.c:444 plugins/sudoers/sudoers.c:599
+#: plugins/sudoers/sudoers.c:601
+#, c-format
+msgid "%s: command not found"
+msgstr "%s: comando non trovato"
+
+#: plugins/sudoers/logging.c:337 plugins/sudoers/sudoers.c:434
+#, c-format
+msgid ""
+"ignoring \"%s\" found in '.'\n"
+"Use \"sudo ./%s\" if this is the \"%s\" you wish to run."
+msgstr ""
+"viene ignorato \"%s\" trovato in \".\"\n"
+"Usare \"sudo ./%s\" per eseguire \"%s\"."
+
+#: plugins/sudoers/logging.c:354
+msgid "authentication failure"
+msgstr "autenticazione non riuscita"
+
+#: plugins/sudoers/logging.c:380
+msgid "a password is required"
+msgstr "è necessaria una password"
+
+#: plugins/sudoers/logging.c:443
+#, c-format
+msgid "%u incorrect password attempt"
+msgid_plural "%u incorrect password attempts"
+msgstr[0] "%u tentativo di immissione password non corretto"
+msgstr[1] "%u tentativi di immissione password non corretti"
+
+#: plugins/sudoers/logging.c:666
+msgid "unable to fork"
+msgstr "impossibile eseguire fork"
+
+#: plugins/sudoers/logging.c:674 plugins/sudoers/logging.c:726
+#, c-format
+msgid "unable to fork: %m"
+msgstr "impossibile eseguire fork: %m"
+
+#: plugins/sudoers/logging.c:716
+#, c-format
+msgid "unable to open pipe: %m"
+msgstr "impossibile aprire una pipe: %m"
+
+#: plugins/sudoers/logging.c:741
+#, c-format
+msgid "unable to dup stdin: %m"
+msgstr "impossibile eseguire dup sullo stdin: %m"
+
+#: plugins/sudoers/logging.c:779
+#, c-format
+msgid "unable to execute %s: %m"
+msgstr "impossibile eseguire %s: %m"
+
+#: plugins/sudoers/match.c:874
+#, c-format
+msgid "digest for %s (%s) is not in %s form"
+msgstr "il digest per %s (%s) non è nella forma %s"
+
+#: plugins/sudoers/mkdir_parents.c:75 plugins/sudoers/sudoers.c:918
+#: plugins/sudoers/visudo.c:421 plugins/sudoers/visudo.c:717
+#, c-format
+msgid "unable to stat %s"
+msgstr "impossibile eseguire stat su %s"
+
+#: plugins/sudoers/parse.c:444
+#, c-format
+msgid ""
+"\n"
+"LDAP Role: %s\n"
+msgstr ""
+"\n"
+"Ruolo LDAP: %s\n"
+
+#: plugins/sudoers/parse.c:447
+#, c-format
+msgid ""
+"\n"
+"Sudoers entry:\n"
+msgstr ""
+"\n"
+"Voce sudoers:\n"
+
+#: plugins/sudoers/parse.c:449
+#, c-format
+msgid "    RunAsUsers: "
+msgstr "    RunAsUsers: "
+
+#: plugins/sudoers/parse.c:464
+#, c-format
+msgid "    RunAsGroups: "
+msgstr "    RunAsGroups: "
+
+#: plugins/sudoers/parse.c:474
+#, c-format
+msgid "    Options: "
+msgstr "    Opzioni: "
+
+#: plugins/sudoers/parse.c:528
+#, c-format
+msgid "    Commands:\n"
+msgstr "    Comandi:\n"
+
+#: plugins/sudoers/parse.c:719
+#, c-format
+msgid "Matching Defaults entries for %s on %s:\n"
+msgstr "Corrispondenza voci Defaults per %s su %s:\n"
+
+#: plugins/sudoers/parse.c:737
+#, c-format
+msgid "Runas and Command-specific defaults for %s:\n"
+msgstr "Valori predefiniti per Runas e Command per %s:\n"
+
+#: plugins/sudoers/parse.c:755
+#, c-format
+msgid "User %s may run the following commands on %s:\n"
+msgstr "L'utente %s può eseguire i seguenti comandi su %s:\n"
+
+#: plugins/sudoers/parse.c:770
+#, c-format
+msgid "User %s is not allowed to run sudo on %s.\n"
+msgstr "L'utente %s non è abilitato all'esecuzione di sudo su %s.\n"
+
+#: plugins/sudoers/parse_ldif.c:145
+#, c-format
+msgid "ignoring invalid attribute value: %s"
+msgstr "valore attributo non valido ignorato: %s"
+
+#: plugins/sudoers/parse_ldif.c:584
+#, c-format
+msgid "ignoring incomplete sudoRole: cn: %s"
+msgstr "ignorato sudoRole non completo: cn: %s"
+
+#: plugins/sudoers/policy.c:88 plugins/sudoers/policy.c:114
+#, c-format
+msgid "invalid %.*s set by sudo front-end"
+msgstr "%.*s non valido impostato dal front-end sudo"
+
+#: plugins/sudoers/policy.c:293 plugins/sudoers/testsudoers.c:278
+msgid "unable to parse network address list"
+msgstr "impossibile analizzare l'elenco degli indirizzi di rete"
+
+#: plugins/sudoers/policy.c:437
+msgid "user name not set by sudo front-end"
+msgstr "nome utente non impostato dal front-end sudo"
+
+#: plugins/sudoers/policy.c:441
+msgid "user ID not set by sudo front-end"
+msgstr "ID utente non impostato dal front-end sudo"
+
+#: plugins/sudoers/policy.c:445
+msgid "group ID not set by sudo front-end"
+msgstr "ID gruppo non impostato dal front-end sudo"
+
+#: plugins/sudoers/policy.c:449
+msgid "host name not set by sudo front-end"
+msgstr "nome dell'host non impostato dal front-end sudo"
+
+#: plugins/sudoers/policy.c:802 plugins/sudoers/visudo.c:220
+#: plugins/sudoers/visudo.c:851
+#, c-format
+msgid "unable to execute %s"
+msgstr "impossibile eseguire %s"
+
+#: plugins/sudoers/policy.c:933
+#, c-format
+msgid "Sudoers policy plugin version %s\n"
+msgstr "Versione %s del plugin della politica sudoers\n"
+
+#: plugins/sudoers/policy.c:935
+#, c-format
+msgid "Sudoers file grammar version %d\n"
+msgstr "Versione %d della grammatica del file sudoers\n"
+
+#: plugins/sudoers/policy.c:939
+#, c-format
+msgid ""
+"\n"
+"Sudoers path: %s\n"
+msgstr ""
+"\n"
+"Percorso sudoers: %s\n"
+
+#: plugins/sudoers/policy.c:942
+#, c-format
+msgid "nsswitch path: %s\n"
+msgstr "percorso nsswitch: %s\n"
+
+#: plugins/sudoers/policy.c:944
+#, c-format
+msgid "ldap.conf path: %s\n"
+msgstr "percorso ldap.conf: %s\n"
+
+#: plugins/sudoers/policy.c:945
+#, c-format
+msgid "ldap.secret path: %s\n"
+msgstr "percorso ldap.secret: %s\n"
+
+#: plugins/sudoers/policy.c:978
+#, c-format
+msgid "unable to register hook of type %d (version %d.%d)"
+msgstr "impossibile registrare un hook di tipo %d (versione %d.%d)"
+
+#: plugins/sudoers/pwutil.c:220 plugins/sudoers/pwutil.c:239
+#, c-format
+msgid "unable to cache uid %u, out of memory"
+msgstr "impossibile memorizzare in cache lo uid %u, memoria esaurita"
+
+#: plugins/sudoers/pwutil.c:233
+#, c-format
+msgid "unable to cache uid %u, already exists"
+msgstr "impossibile memorizzare in cache lo uid %u, esiste già"
+
+#: plugins/sudoers/pwutil.c:293 plugins/sudoers/pwutil.c:311
+#: plugins/sudoers/pwutil.c:373 plugins/sudoers/pwutil.c:418
+#, c-format
+msgid "unable to cache user %s, out of memory"
+msgstr "impossibile memorizzare in cache l'utente %s, memoria esaurita"
+
+#: plugins/sudoers/pwutil.c:306
+#, c-format
+msgid "unable to cache user %s, already exists"
+msgstr "impossibile memorizzare in cache l'utente %s, esiste già"
+
+#: plugins/sudoers/pwutil.c:537 plugins/sudoers/pwutil.c:556
+#, c-format
+msgid "unable to cache gid %u, out of memory"
+msgstr "impossibile memorizzare in cache il gid %u, memoria esaurita"
+
+#: plugins/sudoers/pwutil.c:550
+#, c-format
+msgid "unable to cache gid %u, already exists"
+msgstr "impossibile memorizzare in cache il gid %u, esiste già"
+
+#: plugins/sudoers/pwutil.c:604 plugins/sudoers/pwutil.c:622
+#: plugins/sudoers/pwutil.c:669 plugins/sudoers/pwutil.c:711
+#, c-format
+msgid "unable to cache group %s, out of memory"
+msgstr "impossibile memorizzare in cache il gruppo %s, memoria esaurita"
+
+#: plugins/sudoers/pwutil.c:617
+#, c-format
+msgid "unable to cache group %s, already exists"
+msgstr "impossibile memorizzare in cache il gruppo %s, esiste già"
+
+#: plugins/sudoers/pwutil.c:837 plugins/sudoers/pwutil.c:889
+#: plugins/sudoers/pwutil.c:940 plugins/sudoers/pwutil.c:993
+#, c-format
+msgid "unable to cache group list for %s, already exists"
+msgstr "impossibile memorizzare in cache l'elenco di gruppo %s, esiste già"
+
+#: plugins/sudoers/pwutil.c:843 plugins/sudoers/pwutil.c:894
+#: plugins/sudoers/pwutil.c:946 plugins/sudoers/pwutil.c:998
+#, c-format
+msgid "unable to cache group list for %s, out of memory"
+msgstr "impossibile memorizzare in cache l'elenco di gruppo %s, memoria esaurita"
+
+#: plugins/sudoers/pwutil.c:883
+#, c-format
+msgid "unable to parse groups for %s"
+msgstr "impossibile analizzare i gruppi per %s"
+
+#: plugins/sudoers/pwutil.c:987
+#, c-format
+msgid "unable to parse gids for %s"
+msgstr "impossibile analizzare i gid per %s"
+
+#: plugins/sudoers/set_perms.c:118 plugins/sudoers/set_perms.c:474
+#: plugins/sudoers/set_perms.c:917 plugins/sudoers/set_perms.c:1244
+#: plugins/sudoers/set_perms.c:1561
+msgid "perm stack overflow"
+msgstr "overflow dello stack perm"
+
+#: plugins/sudoers/set_perms.c:126 plugins/sudoers/set_perms.c:405
+#: plugins/sudoers/set_perms.c:482 plugins/sudoers/set_perms.c:784
+#: plugins/sudoers/set_perms.c:925 plugins/sudoers/set_perms.c:1168
+#: plugins/sudoers/set_perms.c:1252 plugins/sudoers/set_perms.c:1494
+#: plugins/sudoers/set_perms.c:1569 plugins/sudoers/set_perms.c:1659
+msgid "perm stack underflow"
+msgstr "underflow dello stack perm"
+
+#: plugins/sudoers/set_perms.c:185 plugins/sudoers/set_perms.c:528
+#: plugins/sudoers/set_perms.c:1303 plugins/sudoers/set_perms.c:1601
+msgid "unable to change to root gid"
+msgstr "impossibile passare al gid root"
+
+#: plugins/sudoers/set_perms.c:274 plugins/sudoers/set_perms.c:625
+#: plugins/sudoers/set_perms.c:1054 plugins/sudoers/set_perms.c:1380
+msgid "unable to change to runas gid"
+msgstr "impossibile passare al gid runas"
+
+#: plugins/sudoers/set_perms.c:279 plugins/sudoers/set_perms.c:630
+#: plugins/sudoers/set_perms.c:1059 plugins/sudoers/set_perms.c:1385
+msgid "unable to set runas group vector"
+msgstr "impossibile impostare il vettore di gruppo per runas"
+
+#: plugins/sudoers/set_perms.c:290 plugins/sudoers/set_perms.c:641
+#: plugins/sudoers/set_perms.c:1068 plugins/sudoers/set_perms.c:1394
+msgid "unable to change to runas uid"
+msgstr "impossibile passare allo uid runas"
+
+#: plugins/sudoers/set_perms.c:308 plugins/sudoers/set_perms.c:659
+#: plugins/sudoers/set_perms.c:1084 plugins/sudoers/set_perms.c:1410
+msgid "unable to change to sudoers gid"
+msgstr "impossibile passare al gid sudoers"
+
+#: plugins/sudoers/set_perms.c:392 plugins/sudoers/set_perms.c:771
+#: plugins/sudoers/set_perms.c:1155 plugins/sudoers/set_perms.c:1481
+#: plugins/sudoers/set_perms.c:1646
+msgid "too many processes"
+msgstr "troppi processi"
+
+#: plugins/sudoers/solaris_audit.c:56
+msgid "unable to get current working directory"
+msgstr "impossibile ottenere la directory di lavoro corrente"
+
+#: plugins/sudoers/solaris_audit.c:64
+#, c-format
+msgid "truncated audit path user_cmnd: %s"
+msgstr "percorso audit user_cmnd troncato: %s"
+
+#: plugins/sudoers/solaris_audit.c:71
+#, c-format
+msgid "truncated audit path argv[0]: %s"
+msgstr "percorso audit argv[0] troncato: %s"
+
+#: plugins/sudoers/solaris_audit.c:120
+msgid "audit_failure message too long"
+msgstr "messaggio audit_failure troppo lungo"
+
+#: plugins/sudoers/sssd.c:563
+msgid "unable to initialize SSS source. Is SSSD installed on your machine?"
+msgstr "impossibile inizializzare la sorgente SSS. È stato installato SSSD?"
+
+#: plugins/sudoers/sssd.c:571 plugins/sudoers/sssd.c:580
+#: plugins/sudoers/sssd.c:589 plugins/sudoers/sssd.c:598
+#: plugins/sudoers/sssd.c:607
+#, c-format
+msgid "unable to find symbol \"%s\" in %s"
+msgstr "impossibile trovare il simbolo \"%s\" in %s"
+
+#: plugins/sudoers/sudoers.c:208 plugins/sudoers/sudoers.c:864
+msgid "problem with defaults entries"
+msgstr "problema con le voci Defaults"
+
+#: plugins/sudoers/sudoers.c:212
+msgid "no valid sudoers sources found, quitting"
+msgstr "nessuna sorgente valida di sudoers trovata, uscita"
+
+#: plugins/sudoers/sudoers.c:250
+msgid "sudoers specifies that root is not allowed to sudo"
+msgstr "sudoers indica che a root non è consentito usare sudo"
+
+#: plugins/sudoers/sudoers.c:308
+msgid "you are not permitted to use the -C option"
+msgstr "utente non abilitato all'uso dell'opzione -C"
+
+#: plugins/sudoers/sudoers.c:355
+#, c-format
+msgid "timestamp owner (%s): No such user"
+msgstr "proprietario marcatura temporale (%s): utente inesistente"
+
+#: plugins/sudoers/sudoers.c:370
+msgid "no tty"
+msgstr "nessun tty"
+
+#: plugins/sudoers/sudoers.c:371
+msgid "sorry, you must have a tty to run sudo"
+msgstr "è necessario disporre di un tty per eseguire sudo"
+
+#: plugins/sudoers/sudoers.c:433
+msgid "command in current directory"
+msgstr "comando nella directory corrente"
+
+#: plugins/sudoers/sudoers.c:452
+msgid "sorry, you are not allowed set a command timeout"
+msgstr "non è consentito impostare un timeout per i comandi"
+
+#: plugins/sudoers/sudoers.c:460
+msgid "sorry, you are not allowed to preserve the environment"
+msgstr "non è consentito preservare l'ambiente"
+
+#: plugins/sudoers/sudoers.c:808
+msgid "command too long"
+msgstr "comando troppo lungo"
+
+#: plugins/sudoers/sudoers.c:922
+#, c-format
+msgid "%s is not a regular file"
+msgstr "%s non è un file regolare"
+
+#: plugins/sudoers/sudoers.c:926 plugins/sudoers/timestamp.c:257 toke.l:965
+#, c-format
+msgid "%s is owned by uid %u, should be %u"
+msgstr "%s è di proprietà dello uid %u, dovrebbe essere %u"
+
+#: plugins/sudoers/sudoers.c:930 toke.l:970
+#, c-format
+msgid "%s is world writable"
+msgstr "%s è scrivibile da tutti"
+
+#: plugins/sudoers/sudoers.c:934 toke.l:973
+#, c-format
+msgid "%s is owned by gid %u, should be %u"
+msgstr "%s è di proprietà del gid %u, dovrebbe essere %u"
+
+#: plugins/sudoers/sudoers.c:967
+#, c-format
+msgid "only root can use \"-c %s\""
+msgstr "solo root può usare \"-c %s\""
+
+#: plugins/sudoers/sudoers.c:986
+#, c-format
+msgid "unknown login class: %s"
+msgstr "classe di login sconosciuta: %s"
+
+#: plugins/sudoers/sudoers.c:1069 plugins/sudoers/sudoers.c:1083
+#, c-format
+msgid "unable to resolve host %s"
+msgstr "impossibile risolvere l'host %s"
+
+#: plugins/sudoers/sudoreplay.c:248
+#, c-format
+msgid "invalid filter option: %s"
+msgstr "opzione di filtro non valida: %s"
+
+#: plugins/sudoers/sudoreplay.c:261
+#, c-format
+msgid "invalid max wait: %s"
+msgstr "attesa massima non valida: %s"
+
+#: plugins/sudoers/sudoreplay.c:284
+#, c-format
+msgid "invalid speed factor: %s"
+msgstr "fattore di velocità non valido: %s"
+
+#: plugins/sudoers/sudoreplay.c:319
+#, c-format
+msgid "%s/%.2s/%.2s/%.2s/timing: %s"
+msgstr "%s/%.2s/%.2s/%.2s/timing: %s"
+
+#: plugins/sudoers/sudoreplay.c:325
+#, c-format
+msgid "%s/%s/timing: %s"
+msgstr "%s/%s/timing: %s"
+
+#: plugins/sudoers/sudoreplay.c:341
+#, c-format
+msgid "Replaying sudo session: %s"
+msgstr "Riproduzione della sessione sudo: %s"
+
+#: plugins/sudoers/sudoreplay.c:539 plugins/sudoers/sudoreplay.c:586
+#: plugins/sudoers/sudoreplay.c:783 plugins/sudoers/sudoreplay.c:892
+#: plugins/sudoers/sudoreplay.c:977 plugins/sudoers/sudoreplay.c:992
+#: plugins/sudoers/sudoreplay.c:999 plugins/sudoers/sudoreplay.c:1006
+#: plugins/sudoers/sudoreplay.c:1013 plugins/sudoers/sudoreplay.c:1020
+#: plugins/sudoers/sudoreplay.c:1168
+msgid "unable to add event to queue"
+msgstr "impossibile aggiungere l'evento alla coda"
+
+#: plugins/sudoers/sudoreplay.c:654
+msgid "unable to set tty to raw mode"
+msgstr "impossibile impostare il terminale in modalità raw"
+
+#: plugins/sudoers/sudoreplay.c:705
+#, c-format
+msgid "Warning: your terminal is too small to properly replay the log.\n"
+msgstr "Attenzione: il terminale è troppo piccolo per riprodurre correttamente il registro.\n"
+
+#: plugins/sudoers/sudoreplay.c:706
+#, c-format
+msgid "Log geometry is %d x %d, your terminal's geometry is %d x %d."
+msgstr "La geometria del registro è %dx%d, quella del terminale è %dx%d."
+
+#: plugins/sudoers/sudoreplay.c:734
+msgid "Replay finished, press any key to restore the terminal."
+msgstr "Riproduzione terminata. Premere un tasto per ripristinare il terminale."
+
+#: plugins/sudoers/sudoreplay.c:766
+#, c-format
+msgid "invalid timing file line: %s"
+msgstr "riga di timing del file non valida: %s"
+
+#: plugins/sudoers/sudoreplay.c:1202 plugins/sudoers/sudoreplay.c:1227
+#, c-format
+msgid "ambiguous expression \"%s\""
+msgstr "espressione \"%s\" ambigua"
+
+#: plugins/sudoers/sudoreplay.c:1249
+msgid "unmatched ')' in expression"
+msgstr "carattere \")\" nell'espressione non corrisposto"
+
+#: plugins/sudoers/sudoreplay.c:1253
+#, c-format
+msgid "unknown search term \"%s\""
+msgstr "termine di ricerca \"%s\" sconosciuto"
+
+#: plugins/sudoers/sudoreplay.c:1268
+#, c-format
+msgid "%s requires an argument"
+msgstr "%s richiede un argomento"
+
+#: plugins/sudoers/sudoreplay.c:1271 plugins/sudoers/sudoreplay.c:1512
+#, c-format
+msgid "invalid regular expression: %s"
+msgstr "espressione regolare non valida: %s"
+
+#: plugins/sudoers/sudoreplay.c:1275
+#, c-format
+msgid "could not parse date \"%s\""
+msgstr "impossibile analizzare la data \"%s\""
+
+#: plugins/sudoers/sudoreplay.c:1284
+msgid "unmatched '(' in expression"
+msgstr "carattere \"(\" nell'espressione non corrisposto"
+
+#: plugins/sudoers/sudoreplay.c:1286
+msgid "illegal trailing \"or\""
+msgstr "\"or\" finale non consentito"
+
+#: plugins/sudoers/sudoreplay.c:1288
+msgid "illegal trailing \"!\""
+msgstr "carattere \"!\" finale non consentito"
+
+#: plugins/sudoers/sudoreplay.c:1338
+#, c-format
+msgid "unknown search type %d"
+msgstr "tipo di ricerca %d sconosciuto"
+
+#: plugins/sudoers/sudoreplay.c:1605
+#, c-format
+msgid "usage: %s [-hnRS] [-d dir] [-m num] [-s num] ID\n"
+msgstr "uso: %s [-hnRS] [-d DIR] [-m NUM] [-s NUM] ID\n"
+
+#: plugins/sudoers/sudoreplay.c:1608
+#, c-format
+msgid "usage: %s [-h] [-d dir] -l [search expression]\n"
+msgstr "uso: %s [-h] [-d DIR] -l [ESPRESSIONE DI RICERCA]\n"
+
+#: plugins/sudoers/sudoreplay.c:1617
+#, c-format
+msgid ""
+"%s - replay sudo session logs\n"
+"\n"
+msgstr ""
+"%s - Riproduce i registri di sessione di sudo\n"
+"\n"
+
+#: plugins/sudoers/sudoreplay.c:1619
+msgid ""
+"\n"
+"Options:\n"
+"  -d, --directory=dir  specify directory for session logs\n"
+"  -f, --filter=filter  specify which I/O type(s) to display\n"
+"  -h, --help           display help message and exit\n"
+"  -l, --list           list available session IDs, with optional expression\n"
+"  -m, --max-wait=num   max number of seconds to wait between events\n"
+"  -S, --suspend-wait   wait while the command was suspended\n"
+"  -s, --speed=num      speed up or slow down output\n"
+"  -V, --version        display version information and exit"
+msgstr ""
+"\n"
+"Opzioni:\n"
+"  -d, --directory=DIR  Specifica la directory per i registri di sessione\n"
+"  -f, --filter=FILTRO  Specifica il tipo di I/O da mostrare\n"
+"  -h, --help           Visualizza il messaggio di aiuto ed esce\n"
+"  -l, --list           Elenca gli ID di sessione disponibili corrispondenti\n"
+"  -m, --max-wait=NUME  Secondi da attendere tra gli eventi\n"
+"  -S, --suspend-wait   Attende mentre il comando è sospeso\n"
+"  -s, --speed=NUME     Velocizza o rallenta l'output\n"
+"  -V, --version        Visualizza la versione ed esce"
+
+#: plugins/sudoers/testsudoers.c:360
+msgid "\thost  unmatched"
+msgstr "\thost  non corrispondente"
+
+#: plugins/sudoers/testsudoers.c:363
+msgid ""
+"\n"
+"Command allowed"
+msgstr ""
+"\n"
+"Comando consentito"
+
+#: plugins/sudoers/testsudoers.c:364
+msgid ""
+"\n"
+"Command denied"
+msgstr ""
+"\n"
+"Comando negato"
+
+#: plugins/sudoers/testsudoers.c:364
+msgid ""
+"\n"
+"Command unmatched"
+msgstr ""
+"\n"
+"Comando non corrispondente"
+
+#: plugins/sudoers/timestamp.c:265
+#, c-format
+msgid "%s is group writable"
+msgstr "%s è scrivibile da tutti"
+
+#: plugins/sudoers/timestamp.c:341
+#, c-format
+msgid "unable to truncate time stamp file to %lld bytes"
+msgstr "impossibile troncare il file della marcatura temporale a %lld byte"
+
+#: plugins/sudoers/timestamp.c:827 plugins/sudoers/timestamp.c:919
+#: plugins/sudoers/visudo.c:482 plugins/sudoers/visudo.c:488
+msgid "unable to read the clock"
+msgstr "impossibile leggere l'orologio"
+
+#: plugins/sudoers/timestamp.c:838
+msgid "ignoring time stamp from the future"
+msgstr "marcatura temporale dal futuro ignorata"
+
+#: plugins/sudoers/timestamp.c:861
+#, c-format
+msgid "time stamp too far in the future: %20.20s"
+msgstr "marcatura temporale troppo avanti nel tempo: %20.20s"
+
+#: plugins/sudoers/timestamp.c:983
+#, c-format
+msgid "unable to lock time stamp file %s"
+msgstr "impossibile bloccare il file della marcatura temporale %s"
+
+#: plugins/sudoers/timestamp.c:1027 plugins/sudoers/timestamp.c:1047
+#, c-format
+msgid "lecture status path too long: %s/%s"
+msgstr "percorso marcatura temporale troppo lungo: %s %s"
+
+#: plugins/sudoers/visudo.c:216
+msgid "the -x option will be removed in a future release"
+msgstr "l'opzione -x verrà rimossa in una prossima versione"
+
+#: plugins/sudoers/visudo.c:217
+msgid "please consider using the cvtsudoers utility instead"
+msgstr "utilizzare lo strumento cvtsudoers al suo posto"
+
+#: plugins/sudoers/visudo.c:268 plugins/sudoers/visudo.c:650
+#, c-format
+msgid "press return to edit %s: "
+msgstr "premere Invio per modificare %s: "
+
+#: plugins/sudoers/visudo.c:329
+#, c-format
+msgid "specified editor (%s) doesn't exist"
+msgstr "l'editor specificato (%s) non esiste"
+
+#: plugins/sudoers/visudo.c:331
+#, c-format
+msgid "no editor found (editor path = %s)"
+msgstr "nessun editor trovato (percorso dell'editor = %s)"
+
+#: plugins/sudoers/visudo.c:441 plugins/sudoers/visudo.c:449
+msgid "write error"
+msgstr "errore di scrittura"
+
+#: plugins/sudoers/visudo.c:495
+#, c-format
+msgid "unable to stat temporary file (%s), %s unchanged"
+msgstr "impossibile eseguire stat sul file temporaneo (%s), %s non modificato"
+
+#: plugins/sudoers/visudo.c:502
+#, c-format
+msgid "zero length temporary file (%s), %s unchanged"
+msgstr "file temporaneo di lunghezza pari a zero (%s), %s non modificato"
+
+#: plugins/sudoers/visudo.c:508
+#, c-format
+msgid "editor (%s) failed, %s unchanged"
+msgstr "editor (%s) non riuscito, %s non modificato"
+
+#: plugins/sudoers/visudo.c:530
+#, c-format
+msgid "%s unchanged"
+msgstr "%s non modificato"
+
+#: plugins/sudoers/visudo.c:589
+#, c-format
+msgid "unable to re-open temporary file (%s), %s unchanged."
+msgstr "impossibile riaprire il file temporaneo (%s), %s non modificato."
+
+#: plugins/sudoers/visudo.c:601
+#, c-format
+msgid "unabled to parse temporary file (%s), unknown error"
+msgstr "impossibile analizzare il file temporaneo (%s), errore sconosciuto"
+
+#: plugins/sudoers/visudo.c:639
+#, c-format
+msgid "internal error, unable to find %s in list!"
+msgstr "errore interno, impossibile trovare %s nell'elenco."
+
+#: plugins/sudoers/visudo.c:719 plugins/sudoers/visudo.c:728
+#, c-format
+msgid "unable to set (uid, gid) of %s to (%u, %u)"
+msgstr "impossibile impostare (uid, gid) di %s a (%u, %u)"
+
+#: plugins/sudoers/visudo.c:751
+#, c-format
+msgid "%s and %s not on the same file system, using mv to rename"
+msgstr "%s e %s non sono sullo stesso file system, viene usato \"mv\" per rinominare"
+
+#: plugins/sudoers/visudo.c:765
+#, c-format
+msgid "command failed: '%s %s %s', %s unchanged"
+msgstr "comando non riuscito: \"%s %s %s\", %s non modificato"
+
+#: plugins/sudoers/visudo.c:775
+#, c-format
+msgid "error renaming %s, %s unchanged"
+msgstr "errore nel rinominare %s, %s non è stato modificato"
+
+#: plugins/sudoers/visudo.c:796
+msgid "What now? "
+msgstr "Che fare ora? "
+
+#: plugins/sudoers/visudo.c:810
+msgid ""
+"Options are:\n"
+"  (e)dit sudoers file again\n"
+"  e(x)it without saving changes to sudoers file\n"
+"  (Q)uit and save changes to sudoers file (DANGER!)\n"
+msgstr ""
+"Le opzioni sono:\n"
+"  (e) Modifica nuovamente il file sudoers\n"
+"  (x) Esce senza salvare le modifiche al file sudoers\n"
+"  (Q) Esce e salva le modifiche al file sudoers (pericoloso)\n"
+
+#: plugins/sudoers/visudo.c:856
+#, c-format
+msgid "unable to run %s"
+msgstr "impossibile avviare %s"
+
+#: plugins/sudoers/visudo.c:886
+#, c-format
+msgid "%s: wrong owner (uid, gid) should be (%u, %u)\n"
+msgstr "%s: proprietario errato (uid, gid), dovrebbe essere (%u, %u)\n"
+
+#: plugins/sudoers/visudo.c:893
+#, c-format
+msgid "%s: bad permissions, should be mode 0%o\n"
+msgstr "%s: permessi errati, dovrebbe avere modalità 0%o\n"
+
+#: plugins/sudoers/visudo.c:950 plugins/sudoers/visudo.c:957
+#, c-format
+msgid "%s: parsed OK\n"
+msgstr "%s: analisi effettuata correttamente\n"
+
+#: plugins/sudoers/visudo.c:976
+#, c-format
+msgid "%s busy, try again later"
+msgstr "%s occupato, riprovare"
+
+#: plugins/sudoers/visudo.c:979
+#, c-format
+msgid "unable to lock %s"
+msgstr "impossibile bloccare %s"
+
+#: plugins/sudoers/visudo.c:980
+msgid "Edit anyway? [y/N]"
+msgstr "Modificare comunque? [y/N]"
+
+#: plugins/sudoers/visudo.c:1064
+#, c-format
+msgid "Error: %s:%d cycle in %s \"%s\""
+msgstr "Errore: %s:%d ciclo in %s \"%s\""
+
+#: plugins/sudoers/visudo.c:1065
+#, c-format
+msgid "Warning: %s:%d cycle in %s \"%s\""
+msgstr "Attenzione: %s:%d ciclo in %s \"%s\""
+
+#: plugins/sudoers/visudo.c:1069
+#, c-format
+msgid "Error: %s:%d %s \"%s\" referenced but not defined"
+msgstr "Attenzione: %1$s:%2$d riferimento a \"%4$s\" %3$s, ma non definito"
+
+#: plugins/sudoers/visudo.c:1070
+#, c-format
+msgid "Warning: %s:%d %s \"%s\" referenced but not defined"
+msgstr "Attenzione: %1$s:%2$d riferimento a \"%4$s\" %3$s, ma non definito"
+
+#: plugins/sudoers/visudo.c:1161
+#, c-format
+msgid "Warning: %s:%d unused %s \"%s\""
+msgstr "Attenzione %s:%d inutilizzato %s \"%s\""
+
+#: plugins/sudoers/visudo.c:1276
+#, c-format
+msgid ""
+"%s - safely edit the sudoers file\n"
+"\n"
+msgstr "%s - Modifica in sicurezza il file sudoers\n"
+
+#: plugins/sudoers/visudo.c:1278
+msgid ""
+"\n"
+"Options:\n"
+"  -c, --check              check-only mode\n"
+"  -f, --file=sudoers       specify sudoers file location\n"
+"  -h, --help               display help message and exit\n"
+"  -q, --quiet              less verbose (quiet) syntax error messages\n"
+"  -s, --strict             strict syntax checking\n"
+"  -V, --version            display version information and exit\n"
+msgstr ""
+"\n"
+"Opzioni:\n"
+"  -c, --check        Modalità solo verifica\n"
+"  -f, --file=sudoers Specifica la posizione del file sudoers\n"
+"  -h, --help         Visualizza il messaggio di aiuto ed esce\n"
+"  -q, --quiet        Messaggi di errore meno prolissi\n"
+"  -s, --strict       Verifica precisa della sintassi\n"
+"  -V, --version      Visualizza la versione ed esce\n"
+
+#: toke.l:939
+msgid "too many levels of includes"
+msgstr "troppi livelli di inclusioni"
diff --git a/plugins/sudoers/po/ja.mo b/plugins/sudoers/po/ja.mo
new file mode 100644
index 0000000..decf1cb
--- /dev/null
+++ b/plugins/sudoers/po/ja.mo
diff --git a/plugins/sudoers/po/ja.po b/plugins/sudoers/po/ja.po
new file mode 100644
index 0000000..10a6fd3
--- /dev/null
+++ b/plugins/sudoers/po/ja.po
@@ -0,0 +1,2525 @@
+# Japanese messages for sudoers
+# This file is put in the public domain.
+# Yasuaki Taniguchi <yasuakit@gmail.com>, 2011.
+# Takeshi Hamasaki <hmatrjp@users.sourceforge.jp>, 2012, 2015, 2016, 2017, 2018
+msgid ""
+msgstr ""
+"Project-Id-Version: sudoers 1.8.26b1\n"
+"Report-Msgid-Bugs-To: https://bugzilla.sudo.ws\n"
+"POT-Creation-Date: 2018-10-29 08:31-0600\n"
+"PO-Revision-Date: 2018-12-09 19:18+0900\n"
+"Last-Translator: Takeshi Hamasaki <hmatrjp@users.sourceforge.jp>\n"
+"Language-Team: Japanese <translation-team-ja@lists.sourceforge.net>\n"
+"Language: ja\n"
+"MIME-Version: 1.0\n"
+"Content-Type: text/plain; charset=UTF-8\n"
+"Content-Transfer-Encoding: 8bit\n"
+"X-Bugs: Report translation errors to the Language-Team address.\n"
+"Plural-Forms: nplurals=1; plural=0;\n"
+"X-Poedit-Basepath: sudo-1.8.23b2\n"
+"X-Generator: Poedit 2.1.1\n"
+"X-Poedit-SearchPath-0: .\n"
+
+#: confstr.sh:1
+msgid "syntax error"
+msgstr "構文エラー"
+
+#: confstr.sh:2
+msgid "%p's password: "
+msgstr "%p のパスワード:"
+
+#: confstr.sh:3
+msgid "[sudo] password for %p: "
+msgstr "[sudo] %p のパスワード:"
+
+#: confstr.sh:4
+msgid "Password: "
+msgstr "パスワード: "
+
+#: confstr.sh:5
+msgid "*** SECURITY information for %h ***"
+msgstr "*** %h のセキュリティ情報 ***"
+
+#: confstr.sh:6
+msgid "Sorry, try again."
+msgstr "残念、また試してください。"
+
+#: gram.y:192 gram.y:240 gram.y:247 gram.y:254 gram.y:261 gram.y:268
+#: gram.y:284 gram.y:308 gram.y:315 gram.y:322 gram.y:329 gram.y:336
+#: gram.y:399 gram.y:407 gram.y:417 gram.y:450 gram.y:457 gram.y:464
+#: gram.y:471 gram.y:553 gram.y:560 gram.y:569 gram.y:578 gram.y:595
+#: gram.y:707 gram.y:714 gram.y:721 gram.y:729 gram.y:829 gram.y:836
+#: gram.y:843 gram.y:850 gram.y:857 gram.y:883 gram.y:890 gram.y:897
+#: gram.y:1020 gram.y:1294 plugins/sudoers/alias.c:130
+#: plugins/sudoers/alias.c:137 plugins/sudoers/alias.c:153
+#: plugins/sudoers/auth/bsdauth.c:146 plugins/sudoers/auth/kerb5.c:121
+#: plugins/sudoers/auth/kerb5.c:147 plugins/sudoers/auth/pam.c:524
+#: plugins/sudoers/auth/rfc1938.c:114 plugins/sudoers/auth/sia.c:62
+#: plugins/sudoers/cvtsudoers.c:123 plugins/sudoers/cvtsudoers.c:164
+#: plugins/sudoers/cvtsudoers.c:181 plugins/sudoers/cvtsudoers.c:192
+#: plugins/sudoers/cvtsudoers.c:304 plugins/sudoers/cvtsudoers.c:432
+#: plugins/sudoers/cvtsudoers.c:565 plugins/sudoers/cvtsudoers.c:582
+#: plugins/sudoers/cvtsudoers.c:645 plugins/sudoers/cvtsudoers.c:760
+#: plugins/sudoers/cvtsudoers.c:768 plugins/sudoers/cvtsudoers.c:1178
+#: plugins/sudoers/cvtsudoers.c:1182 plugins/sudoers/cvtsudoers.c:1284
+#: plugins/sudoers/cvtsudoers_ldif.c:152 plugins/sudoers/cvtsudoers_ldif.c:195
+#: plugins/sudoers/cvtsudoers_ldif.c:242 plugins/sudoers/cvtsudoers_ldif.c:261
+#: plugins/sudoers/cvtsudoers_ldif.c:332 plugins/sudoers/cvtsudoers_ldif.c:387
+#: plugins/sudoers/cvtsudoers_ldif.c:395 plugins/sudoers/cvtsudoers_ldif.c:412
+#: plugins/sudoers/cvtsudoers_ldif.c:421 plugins/sudoers/cvtsudoers_ldif.c:568
+#: plugins/sudoers/defaults.c:661 plugins/sudoers/defaults.c:954
+#: plugins/sudoers/defaults.c:1125 plugins/sudoers/editor.c:70
+#: plugins/sudoers/editor.c:88 plugins/sudoers/editor.c:99
+#: plugins/sudoers/env.c:247 plugins/sudoers/filedigest.c:64
+#: plugins/sudoers/filedigest.c:80 plugins/sudoers/gc.c:57
+#: plugins/sudoers/group_plugin.c:136 plugins/sudoers/interfaces.c:76
+#: plugins/sudoers/iolog.c:939 plugins/sudoers/iolog_path.c:172
+#: plugins/sudoers/iolog_util.c:83 plugins/sudoers/iolog_util.c:122
+#: plugins/sudoers/iolog_util.c:131 plugins/sudoers/iolog_util.c:141
+#: plugins/sudoers/iolog_util.c:149 plugins/sudoers/iolog_util.c:153
+#: plugins/sudoers/ldap.c:183 plugins/sudoers/ldap.c:414
+#: plugins/sudoers/ldap.c:418 plugins/sudoers/ldap.c:430
+#: plugins/sudoers/ldap.c:721 plugins/sudoers/ldap.c:885
+#: plugins/sudoers/ldap.c:1233 plugins/sudoers/ldap.c:1660
+#: plugins/sudoers/ldap.c:1697 plugins/sudoers/ldap.c:1778
+#: plugins/sudoers/ldap.c:1913 plugins/sudoers/ldap.c:2014
+#: plugins/sudoers/ldap.c:2030 plugins/sudoers/ldap_conf.c:221
+#: plugins/sudoers/ldap_conf.c:252 plugins/sudoers/ldap_conf.c:304
+#: plugins/sudoers/ldap_conf.c:340 plugins/sudoers/ldap_conf.c:443
+#: plugins/sudoers/ldap_conf.c:458 plugins/sudoers/ldap_conf.c:555
+#: plugins/sudoers/ldap_conf.c:588 plugins/sudoers/ldap_conf.c:680
+#: plugins/sudoers/ldap_conf.c:762 plugins/sudoers/ldap_util.c:508
+#: plugins/sudoers/ldap_util.c:564 plugins/sudoers/linux_audit.c:81
+#: plugins/sudoers/logging.c:195 plugins/sudoers/logging.c:511
+#: plugins/sudoers/logging.c:532 plugins/sudoers/logging.c:573
+#: plugins/sudoers/logging.c:752 plugins/sudoers/logging.c:1010
+#: plugins/sudoers/match.c:725 plugins/sudoers/match.c:772
+#: plugins/sudoers/match.c:813 plugins/sudoers/match.c:841
+#: plugins/sudoers/match.c:929 plugins/sudoers/match.c:1009
+#: plugins/sudoers/parse.c:195 plugins/sudoers/parse.c:207
+#: plugins/sudoers/parse.c:222 plugins/sudoers/parse.c:234
+#: plugins/sudoers/parse_ldif.c:141 plugins/sudoers/parse_ldif.c:168
+#: plugins/sudoers/parse_ldif.c:237 plugins/sudoers/parse_ldif.c:244
+#: plugins/sudoers/parse_ldif.c:249 plugins/sudoers/parse_ldif.c:325
+#: plugins/sudoers/parse_ldif.c:336 plugins/sudoers/parse_ldif.c:342
+#: plugins/sudoers/parse_ldif.c:367 plugins/sudoers/parse_ldif.c:379
+#: plugins/sudoers/parse_ldif.c:383 plugins/sudoers/parse_ldif.c:397
+#: plugins/sudoers/parse_ldif.c:564 plugins/sudoers/parse_ldif.c:594
+#: plugins/sudoers/parse_ldif.c:619 plugins/sudoers/parse_ldif.c:679
+#: plugins/sudoers/parse_ldif.c:698 plugins/sudoers/parse_ldif.c:744
+#: plugins/sudoers/parse_ldif.c:754 plugins/sudoers/policy.c:502
+#: plugins/sudoers/policy.c:744 plugins/sudoers/prompt.c:98
+#: plugins/sudoers/pwutil.c:197 plugins/sudoers/pwutil.c:269
+#: plugins/sudoers/pwutil.c:346 plugins/sudoers/pwutil.c:520
+#: plugins/sudoers/pwutil.c:586 plugins/sudoers/pwutil.c:656
+#: plugins/sudoers/pwutil.c:814 plugins/sudoers/pwutil.c:871
+#: plugins/sudoers/pwutil.c:916 plugins/sudoers/pwutil.c:974
+#: plugins/sudoers/sssd.c:152 plugins/sudoers/sssd.c:398
+#: plugins/sudoers/sssd.c:461 plugins/sudoers/sssd.c:505
+#: plugins/sudoers/sssd.c:552 plugins/sudoers/sssd.c:743
+#: plugins/sudoers/stubs.c:101 plugins/sudoers/stubs.c:109
+#: plugins/sudoers/sudoers.c:269 plugins/sudoers/sudoers.c:279
+#: plugins/sudoers/sudoers.c:288 plugins/sudoers/sudoers.c:330
+#: plugins/sudoers/sudoers.c:653 plugins/sudoers/sudoers.c:779
+#: plugins/sudoers/sudoers.c:823 plugins/sudoers/sudoers.c:1097
+#: plugins/sudoers/sudoers_debug.c:112 plugins/sudoers/sudoreplay.c:579
+#: plugins/sudoers/sudoreplay.c:582 plugins/sudoers/sudoreplay.c:1259
+#: plugins/sudoers/sudoreplay.c:1459 plugins/sudoers/sudoreplay.c:1463
+#: plugins/sudoers/testsudoers.c:134 plugins/sudoers/testsudoers.c:234
+#: plugins/sudoers/testsudoers.c:251 plugins/sudoers/testsudoers.c:585
+#: plugins/sudoers/timestamp.c:437 plugins/sudoers/timestamp.c:481
+#: plugins/sudoers/timestamp.c:958 plugins/sudoers/toke_util.c:57
+#: plugins/sudoers/toke_util.c:110 plugins/sudoers/toke_util.c:147
+#: plugins/sudoers/tsdump.c:128 plugins/sudoers/visudo.c:150
+#: plugins/sudoers/visudo.c:312 plugins/sudoers/visudo.c:318
+#: plugins/sudoers/visudo.c:428 plugins/sudoers/visudo.c:606
+#: plugins/sudoers/visudo.c:926 plugins/sudoers/visudo.c:1013
+#: plugins/sudoers/visudo.c:1102 toke.l:844 toke.l:945 toke.l:1102
+msgid "unable to allocate memory"
+msgstr "メモリ割り当てを行えませんでした"
+
+#: gram.y:482
+msgid "a digest requires a path name"
+msgstr "認証方式にはパスが必要です"
+
+#: gram.y:608
+msgid "invalid notbefore value"
+msgstr "notbefore の値が無効です"
+
+#: gram.y:616
+msgid "invalid notafter value"
+msgstr "notafter の値が無効です"
+
+#: gram.y:625 plugins/sudoers/policy.c:318
+msgid "timeout value too large"
+msgstr "制限時間の値が大き過ぎます"
+
+#: gram.y:627 plugins/sudoers/policy.c:320
+msgid "invalid timeout value"
+msgstr "時間制限値が無効です"
+
+#: gram.y:1294 plugins/sudoers/auth/pam.c:354 plugins/sudoers/auth/pam.c:524
+#: plugins/sudoers/auth/rfc1938.c:114 plugins/sudoers/cvtsudoers.c:123
+#: plugins/sudoers/cvtsudoers.c:163 plugins/sudoers/cvtsudoers.c:180
+#: plugins/sudoers/cvtsudoers.c:191 plugins/sudoers/cvtsudoers.c:303
+#: plugins/sudoers/cvtsudoers.c:431 plugins/sudoers/cvtsudoers.c:564
+#: plugins/sudoers/cvtsudoers.c:581 plugins/sudoers/cvtsudoers.c:645
+#: plugins/sudoers/cvtsudoers.c:760 plugins/sudoers/cvtsudoers.c:767
+#: plugins/sudoers/cvtsudoers.c:1178 plugins/sudoers/cvtsudoers.c:1182
+#: plugins/sudoers/cvtsudoers.c:1284 plugins/sudoers/cvtsudoers_ldif.c:151
+#: plugins/sudoers/cvtsudoers_ldif.c:194 plugins/sudoers/cvtsudoers_ldif.c:241
+#: plugins/sudoers/cvtsudoers_ldif.c:260 plugins/sudoers/cvtsudoers_ldif.c:331
+#: plugins/sudoers/cvtsudoers_ldif.c:386 plugins/sudoers/cvtsudoers_ldif.c:394
+#: plugins/sudoers/cvtsudoers_ldif.c:411 plugins/sudoers/cvtsudoers_ldif.c:420
+#: plugins/sudoers/cvtsudoers_ldif.c:567 plugins/sudoers/defaults.c:661
+#: plugins/sudoers/defaults.c:954 plugins/sudoers/defaults.c:1125
+#: plugins/sudoers/editor.c:70 plugins/sudoers/editor.c:88
+#: plugins/sudoers/editor.c:99 plugins/sudoers/env.c:247
+#: plugins/sudoers/filedigest.c:64 plugins/sudoers/filedigest.c:80
+#: plugins/sudoers/gc.c:57 plugins/sudoers/group_plugin.c:136
+#: plugins/sudoers/interfaces.c:76 plugins/sudoers/iolog.c:939
+#: plugins/sudoers/iolog_path.c:172 plugins/sudoers/iolog_util.c:83
+#: plugins/sudoers/iolog_util.c:122 plugins/sudoers/iolog_util.c:131
+#: plugins/sudoers/iolog_util.c:141 plugins/sudoers/iolog_util.c:149
+#: plugins/sudoers/iolog_util.c:153 plugins/sudoers/ldap.c:183
+#: plugins/sudoers/ldap.c:414 plugins/sudoers/ldap.c:418
+#: plugins/sudoers/ldap.c:430 plugins/sudoers/ldap.c:721
+#: plugins/sudoers/ldap.c:885 plugins/sudoers/ldap.c:1233
+#: plugins/sudoers/ldap.c:1660 plugins/sudoers/ldap.c:1697
+#: plugins/sudoers/ldap.c:1778 plugins/sudoers/ldap.c:1913
+#: plugins/sudoers/ldap.c:2014 plugins/sudoers/ldap.c:2030
+#: plugins/sudoers/ldap_conf.c:221 plugins/sudoers/ldap_conf.c:252
+#: plugins/sudoers/ldap_conf.c:304 plugins/sudoers/ldap_conf.c:340
+#: plugins/sudoers/ldap_conf.c:443 plugins/sudoers/ldap_conf.c:458
+#: plugins/sudoers/ldap_conf.c:555 plugins/sudoers/ldap_conf.c:588
+#: plugins/sudoers/ldap_conf.c:679 plugins/sudoers/ldap_conf.c:762
+#: plugins/sudoers/ldap_util.c:508 plugins/sudoers/ldap_util.c:564
+#: plugins/sudoers/linux_audit.c:81 plugins/sudoers/logging.c:195
+#: plugins/sudoers/logging.c:511 plugins/sudoers/logging.c:532
+#: plugins/sudoers/logging.c:572 plugins/sudoers/logging.c:1010
+#: plugins/sudoers/match.c:724 plugins/sudoers/match.c:771
+#: plugins/sudoers/match.c:813 plugins/sudoers/match.c:841
+#: plugins/sudoers/match.c:929 plugins/sudoers/match.c:1008
+#: plugins/sudoers/parse.c:194 plugins/sudoers/parse.c:206
+#: plugins/sudoers/parse.c:221 plugins/sudoers/parse.c:233
+#: plugins/sudoers/parse_ldif.c:140 plugins/sudoers/parse_ldif.c:167
+#: plugins/sudoers/parse_ldif.c:236 plugins/sudoers/parse_ldif.c:243
+#: plugins/sudoers/parse_ldif.c:248 plugins/sudoers/parse_ldif.c:324
+#: plugins/sudoers/parse_ldif.c:335 plugins/sudoers/parse_ldif.c:341
+#: plugins/sudoers/parse_ldif.c:366 plugins/sudoers/parse_ldif.c:378
+#: plugins/sudoers/parse_ldif.c:382 plugins/sudoers/parse_ldif.c:396
+#: plugins/sudoers/parse_ldif.c:564 plugins/sudoers/parse_ldif.c:593
+#: plugins/sudoers/parse_ldif.c:618 plugins/sudoers/parse_ldif.c:678
+#: plugins/sudoers/parse_ldif.c:697 plugins/sudoers/parse_ldif.c:743
+#: plugins/sudoers/parse_ldif.c:753 plugins/sudoers/policy.c:132
+#: plugins/sudoers/policy.c:141 plugins/sudoers/policy.c:150
+#: plugins/sudoers/policy.c:176 plugins/sudoers/policy.c:303
+#: plugins/sudoers/policy.c:318 plugins/sudoers/policy.c:320
+#: plugins/sudoers/policy.c:346 plugins/sudoers/policy.c:356
+#: plugins/sudoers/policy.c:400 plugins/sudoers/policy.c:410
+#: plugins/sudoers/policy.c:419 plugins/sudoers/policy.c:428
+#: plugins/sudoers/policy.c:502 plugins/sudoers/policy.c:744
+#: plugins/sudoers/prompt.c:98 plugins/sudoers/pwutil.c:197
+#: plugins/sudoers/pwutil.c:269 plugins/sudoers/pwutil.c:346
+#: plugins/sudoers/pwutil.c:520 plugins/sudoers/pwutil.c:586
+#: plugins/sudoers/pwutil.c:656 plugins/sudoers/pwutil.c:814
+#: plugins/sudoers/pwutil.c:871 plugins/sudoers/pwutil.c:916
+#: plugins/sudoers/pwutil.c:974 plugins/sudoers/set_perms.c:392
+#: plugins/sudoers/set_perms.c:771 plugins/sudoers/set_perms.c:1155
+#: plugins/sudoers/set_perms.c:1481 plugins/sudoers/set_perms.c:1646
+#: plugins/sudoers/sssd.c:151 plugins/sudoers/sssd.c:398
+#: plugins/sudoers/sssd.c:461 plugins/sudoers/sssd.c:505
+#: plugins/sudoers/sssd.c:552 plugins/sudoers/sssd.c:743
+#: plugins/sudoers/stubs.c:101 plugins/sudoers/stubs.c:109
+#: plugins/sudoers/sudoers.c:269 plugins/sudoers/sudoers.c:279
+#: plugins/sudoers/sudoers.c:288 plugins/sudoers/sudoers.c:330
+#: plugins/sudoers/sudoers.c:653 plugins/sudoers/sudoers.c:779
+#: plugins/sudoers/sudoers.c:823 plugins/sudoers/sudoers.c:1097
+#: plugins/sudoers/sudoers_debug.c:111 plugins/sudoers/sudoreplay.c:579
+#: plugins/sudoers/sudoreplay.c:582 plugins/sudoers/sudoreplay.c:1259
+#: plugins/sudoers/sudoreplay.c:1459 plugins/sudoers/sudoreplay.c:1463
+#: plugins/sudoers/testsudoers.c:134 plugins/sudoers/testsudoers.c:234
+#: plugins/sudoers/testsudoers.c:251 plugins/sudoers/testsudoers.c:585
+#: plugins/sudoers/timestamp.c:437 plugins/sudoers/timestamp.c:481
+#: plugins/sudoers/timestamp.c:958 plugins/sudoers/toke_util.c:57
+#: plugins/sudoers/toke_util.c:110 plugins/sudoers/toke_util.c:147
+#: plugins/sudoers/tsdump.c:128 plugins/sudoers/visudo.c:150
+#: plugins/sudoers/visudo.c:312 plugins/sudoers/visudo.c:318
+#: plugins/sudoers/visudo.c:428 plugins/sudoers/visudo.c:606
+#: plugins/sudoers/visudo.c:926 plugins/sudoers/visudo.c:1013
+#: plugins/sudoers/visudo.c:1102 toke.l:844 toke.l:945 toke.l:1102
+#, c-format
+msgid "%s: %s"
+msgstr "%s: %s"
+
+#: plugins/sudoers/alias.c:148
+#, c-format
+msgid "Alias \"%s\" already defined"
+msgstr "別名 \"%s\" はすでに定義されています"
+
+#: plugins/sudoers/auth/bsdauth.c:73
+#, c-format
+msgid "unable to get login class for user %s"
+msgstr "ユーザー%s のログインクラスを得ることができません"
+
+#: plugins/sudoers/auth/bsdauth.c:78
+msgid "unable to begin bsd authentication"
+msgstr "BSD 認証を開始できません"
+
+#: plugins/sudoers/auth/bsdauth.c:86
+msgid "invalid authentication type"
+msgstr "無効な認証タイプです"
+
+#: plugins/sudoers/auth/bsdauth.c:95
+msgid "unable to initialize BSD authentication"
+msgstr "BSD 認証を開始できません"
+
+#: plugins/sudoers/auth/bsdauth.c:183
+msgid "your account has expired"
+msgstr "あなたのアカウントの有効期限が切れています"
+
+#: plugins/sudoers/auth/bsdauth.c:185
+msgid "approval failed"
+msgstr "認証に失敗しました"
+
+#: plugins/sudoers/auth/fwtk.c:57
+msgid "unable to read fwtk config"
+msgstr "fwtk 設定を読み込めません"
+
+#: plugins/sudoers/auth/fwtk.c:62
+msgid "unable to connect to authentication server"
+msgstr "認証サーバーに接続できません"
+
+#: plugins/sudoers/auth/fwtk.c:68 plugins/sudoers/auth/fwtk.c:92
+#: plugins/sudoers/auth/fwtk.c:124
+msgid "lost connection to authentication server"
+msgstr "認証サーバーへの接続が失われました"
+
+#: plugins/sudoers/auth/fwtk.c:72
+#, c-format
+msgid ""
+"authentication server error:\n"
+"%s"
+msgstr ""
+"認証サーバーエラーです:\n"
+"%s"
+
+#: plugins/sudoers/auth/kerb5.c:113
+#, c-format
+msgid "%s: unable to convert principal to string ('%s'): %s"
+msgstr "%s: プリンシパルを文字列('%s')に変換できません: %s"
+
+#: plugins/sudoers/auth/kerb5.c:163
+#, c-format
+msgid "%s: unable to parse '%s': %s"
+msgstr "%s: '%s' を構文解析できません: %s"
+
+#: plugins/sudoers/auth/kerb5.c:172
+#, c-format
+msgid "%s: unable to resolve credential cache: %s"
+msgstr "%s: 資格情報キャッシュ を解決できません: %s"
+
+#: plugins/sudoers/auth/kerb5.c:219
+#, c-format
+msgid "%s: unable to allocate options: %s"
+msgstr "%s: オプションを設定できません: %s"
+
+#: plugins/sudoers/auth/kerb5.c:234
+#, c-format
+msgid "%s: unable to get credentials: %s"
+msgstr "%s: 資格情報を取得できません: %s"
+
+#: plugins/sudoers/auth/kerb5.c:247
+#, c-format
+msgid "%s: unable to initialize credential cache: %s"
+msgstr "%s: 資格情報キャッシュ を初期化できません: %s"
+
+#: plugins/sudoers/auth/kerb5.c:250
+#, c-format
+msgid "%s: unable to store credential in cache: %s"
+msgstr "%s: 資格情報をキャッシュできません: %s"
+
+#: plugins/sudoers/auth/kerb5.c:314
+#, c-format
+msgid "%s: unable to get host principal: %s"
+msgstr "%s: ホストプリンシパルを取得できません: %s"
+
+#: plugins/sudoers/auth/kerb5.c:328
+#, c-format
+msgid "%s: Cannot verify TGT! Possible attack!: %s"
+msgstr "%s: TGT を検証できません! おそらく攻撃です!: %s"
+
+#: plugins/sudoers/auth/pam.c:113
+msgid "unable to initialize PAM"
+msgstr "PAM を初期化できません"
+
+#: plugins/sudoers/auth/pam.c:204
+#, c-format
+msgid "PAM authentication error: %s"
+msgstr "PAM 認証エラーです: %s"
+
+#: plugins/sudoers/auth/pam.c:221
+msgid "account validation failure, is your account locked?"
+msgstr "アカウントの有効性検証に失敗しました。あなたのアカウントはロックされていませんか?"
+
+#: plugins/sudoers/auth/pam.c:229
+msgid "Account or password is expired, reset your password and try again"
+msgstr "アカウントまたはパスワードが期限切れです。パスワードをリセットして再試行してください"
+
+#: plugins/sudoers/auth/pam.c:238
+#, c-format
+msgid "unable to change expired password: %s"
+msgstr "期限の切れたパスワードを変更できません: %s"
+
+#: plugins/sudoers/auth/pam.c:246
+msgid "Password expired, contact your system administrator"
+msgstr "パスワードが期限切れです。システム管理者に連絡してください"
+
+#: plugins/sudoers/auth/pam.c:250
+msgid "Account expired or PAM config lacks an \"account\" section for sudo, contact your system administrator"
+msgstr "アカウントの期限切れ、または sudo 用の PAM 設定に \"account\" セクションがありません。システム管理者に連絡してください"
+
+#: plugins/sudoers/auth/pam.c:257 plugins/sudoers/auth/pam.c:262
+#, c-format
+msgid "PAM account management error: %s"
+msgstr "PAM アカウント管理エラーです: %s"
+
+#: plugins/sudoers/auth/rfc1938.c:102 plugins/sudoers/visudo.c:232
+#, c-format
+msgid "you do not exist in the %s database"
+msgstr "あなたは %s データベース内に存在しません"
+
+#: plugins/sudoers/auth/securid5.c:75
+msgid "failed to initialise the ACE API library"
+msgstr "ACE API ライブラリの初期化に失敗しました"
+
+#: plugins/sudoers/auth/securid5.c:101
+msgid "unable to contact the SecurID server"
+msgstr "SecurID サーバーに接続できません"
+
+#: plugins/sudoers/auth/securid5.c:110
+msgid "User ID locked for SecurID Authentication"
+msgstr "SecurID 認証のユーザーIDがロックされています"
+
+#: plugins/sudoers/auth/securid5.c:114 plugins/sudoers/auth/securid5.c:165
+msgid "invalid username length for SecurID"
+msgstr "SecurID 用のユーザー名の長さが無効です"
+
+#: plugins/sudoers/auth/securid5.c:118 plugins/sudoers/auth/securid5.c:170
+msgid "invalid Authentication Handle for SecurID"
+msgstr "SecurID 用の認証ハンドルが無効です"
+
+#: plugins/sudoers/auth/securid5.c:122
+msgid "SecurID communication failed"
+msgstr "SecurID 通信に失敗しました"
+
+#: plugins/sudoers/auth/securid5.c:126 plugins/sudoers/auth/securid5.c:215
+msgid "unknown SecurID error"
+msgstr "不明な SecurID エラーです"
+
+#: plugins/sudoers/auth/securid5.c:160
+msgid "invalid passcode length for SecurID"
+msgstr "SecurID 用のパスコード長が無効です"
+
+#: plugins/sudoers/auth/sia.c:72 plugins/sudoers/auth/sia.c:127
+msgid "unable to initialize SIA session"
+msgstr "SIA セッションを初期化できません"
+
+#: plugins/sudoers/auth/sudo_auth.c:136
+msgid "invalid authentication methods"
+msgstr "無効な認証方法"
+
+#: plugins/sudoers/auth/sudo_auth.c:138
+msgid "Invalid authentication methods compiled into sudo!  You may not mix standalone and non-standalone authentication."
+msgstr "無効な認証方法が sudo のコンパイル時に組み込まれています!  スタンドアローンと非スタンドアローン認証を混在させてはいけません。"
+
+#: plugins/sudoers/auth/sudo_auth.c:259 plugins/sudoers/auth/sudo_auth.c:309
+msgid "no authentication methods"
+msgstr "認証方法がありません"
+
+#: plugins/sudoers/auth/sudo_auth.c:261
+msgid "There are no authentication methods compiled into sudo!  If you want to turn off authentication, use the --disable-authentication configure option."
+msgstr "認証方法が sudo のコンパイル時に組み込まれていません!  認証を無効にする場合には、configure オプションで --disable-authentication を指定してください。"
+
+#: plugins/sudoers/auth/sudo_auth.c:311
+msgid "Unable to initialize authentication methods."
+msgstr "認証方法を初期化できません。"
+
+#: plugins/sudoers/auth/sudo_auth.c:477
+msgid "Authentication methods:"
+msgstr "認証方法:"
+
+#: plugins/sudoers/bsm_audit.c:123 plugins/sudoers/bsm_audit.c:215
+msgid "Could not determine audit condition"
+msgstr "監査条件を決定できませんでした"
+
+#: plugins/sudoers/bsm_audit.c:188 plugins/sudoers/bsm_audit.c:279
+msgid "unable to commit audit record"
+msgstr "監査レコードをコミットできません"
+
+#: plugins/sudoers/check.c:267
+msgid ""
+"\n"
+"We trust you have received the usual lecture from the local System\n"
+"Administrator. It usually boils down to these three things:\n"
+"\n"
+"    #1) Respect the privacy of others.\n"
+"    #2) Think before you type.\n"
+"    #3) With great power comes great responsibility.\n"
+"\n"
+msgstr ""
+"\n"
+"あなたはシステム管理者から通常の講習を受けたはずです。\n"
+"これは通常、以下の3点に要約されます:\n"
+"\n"
+"    #1) 他人のプライバシーを尊重すること。\n"
+"    #2) タイプする前に考えること。\n"
+"    #3) 大いなる力には大いなる責任が伴うこと。\n"
+"\n"
+
+#: plugins/sudoers/check.c:310 plugins/sudoers/check.c:320
+#: plugins/sudoers/sudoers.c:696 plugins/sudoers/sudoers.c:741
+#: plugins/sudoers/tsdump.c:124
+#, c-format
+msgid "unknown uid: %u"
+msgstr "不明なユーザーID (uid) です: %u"
+
+#: plugins/sudoers/check.c:315 plugins/sudoers/iolog.c:253
+#: plugins/sudoers/policy.c:915 plugins/sudoers/sudoers.c:1136
+#: plugins/sudoers/testsudoers.c:225 plugins/sudoers/testsudoers.c:398
+#, c-format
+msgid "unknown user: %s"
+msgstr "不明なユーザーです: %s"
+
+#: plugins/sudoers/cvtsudoers.c:198
+#, c-format
+msgid "order increment: %s: %s"
+msgstr "order の増分: %s: %s"
+
+#: plugins/sudoers/cvtsudoers.c:214
+#, c-format
+msgid "starting order: %s: %s"
+msgstr "開始の order: %s: %s"
+
+#: plugins/sudoers/cvtsudoers.c:224
+#, c-format
+msgid "order padding: %s: %s"
+msgstr "order の増分: %s: %s"
+
+#: plugins/sudoers/cvtsudoers.c:232 plugins/sudoers/sudoreplay.c:287
+#: plugins/sudoers/visudo.c:182
+#, c-format
+msgid "%s version %s\n"
+msgstr "%s バージョン %s\n"
+
+#: plugins/sudoers/cvtsudoers.c:234 plugins/sudoers/visudo.c:184
+#, c-format
+msgid "%s grammar version %d\n"
+msgstr "%s 文法バージョン %d\n"
+
+#: plugins/sudoers/cvtsudoers.c:251 plugins/sudoers/testsudoers.c:173
+#, c-format
+msgid "unsupported input format %s"
+msgstr "サポートされてない入力形式です %s"
+
+#: plugins/sudoers/cvtsudoers.c:266
+#, c-format
+msgid "unsupported output format %s"
+msgstr "サポートされてない出力形式です %s"
+
+#: plugins/sudoers/cvtsudoers.c:318
+#, c-format
+msgid "%s: input and output files must be different"
+msgstr "%s: 入力ファイルと出力ファイルは別である必要があります"
+
+#: plugins/sudoers/cvtsudoers.c:334 plugins/sudoers/sudoers.c:172
+#: plugins/sudoers/testsudoers.c:264 plugins/sudoers/visudo.c:238
+#: plugins/sudoers/visudo.c:594 plugins/sudoers/visudo.c:917
+msgid "unable to initialize sudoers default values"
+msgstr "sudoers のデフォルト値を初期化できません"
+
+#: plugins/sudoers/cvtsudoers.c:420 plugins/sudoers/ldap_conf.c:433
+#, c-format
+msgid "%s: %s: %s: %s"
+msgstr "%s: %s: %s: %s"
+
+#: plugins/sudoers/cvtsudoers.c:479
+#, c-format
+msgid "%s: unknown key word: %s"
+msgstr "%s: 不明なキーワードです: %s"
+
+#: plugins/sudoers/cvtsudoers.c:525
+#, c-format
+msgid "invalid defaults type: %s"
+msgstr "無効なデフォルトの指定です: %s"
+
+#: plugins/sudoers/cvtsudoers.c:548
+#, c-format
+msgid "invalid suppression type: %s"
+msgstr "無効な抑制の指定です: %s"
+
+#: plugins/sudoers/cvtsudoers.c:588 plugins/sudoers/cvtsudoers.c:602
+#, c-format
+msgid "invalid filter: %s"
+msgstr "無効なフィルターです: %s"
+
+#: plugins/sudoers/cvtsudoers.c:621 plugins/sudoers/cvtsudoers.c:638
+#: plugins/sudoers/cvtsudoers.c:1244 plugins/sudoers/cvtsudoers_json.c:1128
+#: plugins/sudoers/cvtsudoers_ldif.c:641 plugins/sudoers/iolog.c:411
+#: plugins/sudoers/iolog_util.c:72 plugins/sudoers/sudoers.c:903
+#: plugins/sudoers/sudoreplay.c:333 plugins/sudoers/sudoreplay.c:1425
+#: plugins/sudoers/timestamp.c:446 plugins/sudoers/tsdump.c:133
+#: plugins/sudoers/visudo.c:913
+#, c-format
+msgid "unable to open %s"
+msgstr "%s を開けません"
+
+#: plugins/sudoers/cvtsudoers.c:641 plugins/sudoers/visudo.c:922
+#, c-format
+msgid "failed to parse %s file, unknown error"
+msgstr "%s ファイルの構文解析に失敗しました。不明なエラーです"
+
+#: plugins/sudoers/cvtsudoers.c:649 plugins/sudoers/visudo.c:939
+#, c-format
+msgid "parse error in %s near line %d\n"
+msgstr "%s 内 %d 行付近で構文解析エラーが発生しました\n"
+
+#: plugins/sudoers/cvtsudoers.c:652 plugins/sudoers/visudo.c:942
+#, c-format
+msgid "parse error in %s\n"
+msgstr "%s 内で構文解析エラーが発生しました\n"
+
+#: plugins/sudoers/cvtsudoers.c:1291 plugins/sudoers/iolog.c:498
+#: plugins/sudoers/sudoreplay.c:1129 plugins/sudoers/timestamp.c:330
+#: plugins/sudoers/timestamp.c:333
+#, c-format
+msgid "unable to write to %s"
+msgstr "%s へ書き込むことができません"
+
+#: plugins/sudoers/cvtsudoers.c:1314
+#, c-format
+msgid ""
+"%s - convert between sudoers file formats\n"
+"\n"
+msgstr ""
+"%s - sudoers ファイル形式間での変換を行う\n"
+"\n"
+
+#: plugins/sudoers/cvtsudoers.c:1316
+msgid ""
+"\n"
+"Options:\n"
+"  -b, --base=dn              the base DN for sudo LDAP queries\n"
+"  -d, --defaults=deftypes    only convert Defaults of the specified types\n"
+"  -e, --expand-aliases       expand aliases when converting\n"
+"  -f, --output-format=format set output format: JSON, LDIF or sudoers\n"
+"  -i, --input-format=format  set input format: LDIF or sudoers\n"
+"  -I, --increment=num        amount to increase each sudoOrder by\n"
+"  -h, --help                 display help message and exit\n"
+"  -m, --match=filter         only convert entries that match the filter\n"
+"  -M, --match-local          match filter uses passwd and group databases\n"
+"  -o, --output=output_file   write converted sudoers to output_file\n"
+"  -O, --order-start=num      starting point for first sudoOrder\n"
+"  -p, --prune-matches        prune non-matching users, groups and hosts\n"
+"  -P, --padding=num          base padding for sudoOrder increment\n"
+"  -s, --suppress=sections    suppress output of certain sections\n"
+"  -V, --version              display version information and exit"
+msgstr ""
+"\n"
+"オプション:\n"
+"  -b, --base=dn              sudo の LDAP クエリ のベース DN\n"
+"  -d, --defaults=deftypes    指定した形式の Defaults のみを変換する\n"
+"  -e, --expand-aliases       変換する時にエイリアスを展開する\n"
+"  -f, --output-format=format 出力の書式: JSON, LDIF または sudoers\n"
+"  -i, --input-format=format  入力の書式: LDIF または sudoers\n"
+"  -I, --increment=num        それぞれの sudoOrder の増分\n"
+"  -h, --help                 ヘルプメッセージを表示して終了する\n"
+"  -m, --match=filter         filter にマッチするエントリのみを変換する\n"
+"  -M, --match-local          フィルタは passwd および group データベースを使用する\n"
+"  -o, --output=output_file   変換された sudoers を output_file に出力する\n"
+"  -O, --order-start=num      最初の sudoOrder の開始点\n"
+"  -p, --prune-matches        マッチしないユーザー、グループ、ホストを取り除く\n"
+"  -P, --padding=num          base padding for sudoOrder の増分\n"
+"  -s, --suppress=sections    いくつかのセクションの出力を抑制する\n"
+"  -V, --version              バージョン情報を表示して終了する"
+
+#: plugins/sudoers/cvtsudoers_json.c:682 plugins/sudoers/cvtsudoers_json.c:718
+#: plugins/sudoers/cvtsudoers_json.c:936
+#, c-format
+msgid "unknown defaults entry \"%s\""
+msgstr "不明なデフォルト項目 \"%s\" です"
+
+#: plugins/sudoers/cvtsudoers_json.c:856 plugins/sudoers/cvtsudoers_json.c:871
+#: plugins/sudoers/cvtsudoers_ldif.c:306 plugins/sudoers/cvtsudoers_ldif.c:317
+#: plugins/sudoers/ldap.c:480
+msgid "unable to get GMT time"
+msgstr "GMT 時刻を取得できません"
+
+#: plugins/sudoers/cvtsudoers_json.c:859 plugins/sudoers/cvtsudoers_json.c:874
+#: plugins/sudoers/cvtsudoers_ldif.c:309 plugins/sudoers/cvtsudoers_ldif.c:320
+#: plugins/sudoers/ldap.c:486
+msgid "unable to format timestamp"
+msgstr "タイムスタンプを書式整形できません"
+
+#: plugins/sudoers/cvtsudoers_ldif.c:524 plugins/sudoers/env.c:309
+#: plugins/sudoers/env.c:316 plugins/sudoers/env.c:421
+#: plugins/sudoers/ldap.c:494 plugins/sudoers/ldap.c:725
+#: plugins/sudoers/ldap.c:1052 plugins/sudoers/ldap_conf.c:225
+#: plugins/sudoers/ldap_conf.c:315 plugins/sudoers/linux_audit.c:87
+#: plugins/sudoers/logging.c:1015 plugins/sudoers/policy.c:623
+#: plugins/sudoers/policy.c:633 plugins/sudoers/prompt.c:166
+#: plugins/sudoers/sudoers.c:845 plugins/sudoers/testsudoers.c:255
+#: plugins/sudoers/toke_util.c:159
+#, c-format
+msgid "internal error, %s overflow"
+msgstr "内部エラー、%s がオーバーフローしました"
+
+#: plugins/sudoers/cvtsudoers_ldif.c:593
+#, c-format
+msgid "too many sudoers entries, maximum %u"
+msgstr "sudoers の項目が多すぎます、最大は %u です。"
+
+#: plugins/sudoers/cvtsudoers_ldif.c:636
+msgid "the SUDOERS_BASE environment variable is not set and the -b option was not specified."
+msgstr "SUDOERS_BASE 環境変数が設定されておらず -b オプションも指定されていません。"
+
+#: plugins/sudoers/def_data.c:42
+#, c-format
+msgid "Syslog facility if syslog is being used for logging: %s"
+msgstr "ログ記録時に syslog を使用する場合の syslog facility: %s"
+
+#: plugins/sudoers/def_data.c:46
+#, c-format
+msgid "Syslog priority to use when user authenticates successfully: %s"
+msgstr "ログ記録時に syslog を使用する場合の syslog priority: %s"
+
+#: plugins/sudoers/def_data.c:50
+#, c-format
+msgid "Syslog priority to use when user authenticates unsuccessfully: %s"
+msgstr "ユーザー認証に失敗したと時に使用される syslog priority: %s"
+
+#: plugins/sudoers/def_data.c:54
+msgid "Put OTP prompt on its own line"
+msgstr "ワンタイムパスワード入力要求をそれのみの行に表示します"
+
+#: plugins/sudoers/def_data.c:58
+msgid "Ignore '.' in $PATH"
+msgstr "$PATH 内にある '.' を無視します"
+
+#: plugins/sudoers/def_data.c:62
+msgid "Always send mail when sudo is run"
+msgstr "sudo を実行した時に、常にメールを送信します"
+
+#: plugins/sudoers/def_data.c:66
+msgid "Send mail if user authentication fails"
+msgstr "ユーザー認証に失敗した場合にメールを送信します"
+
+#: plugins/sudoers/def_data.c:70
+msgid "Send mail if the user is not in sudoers"
+msgstr "ユーザー他 sudoers 内に存在しない場合にメールを送信します"
+
+#: plugins/sudoers/def_data.c:74
+msgid "Send mail if the user is not in sudoers for this host"
+msgstr "ユーザーがこのホスト用の sudoers 内に存在しない場合にメールを送信します"
+
+#: plugins/sudoers/def_data.c:78
+msgid "Send mail if the user is not allowed to run a command"
+msgstr "ユーザーが許可されていないコマンドを実行しようとした場合にメールを送信します"
+
+#: plugins/sudoers/def_data.c:82
+msgid "Send mail if the user tries to run a command"
+msgstr "ユーザーがマンドを実行しようとした場合にメールを送信します"
+
+#: plugins/sudoers/def_data.c:86
+msgid "Use a separate timestamp for each user/tty combo"
+msgstr "ユーザー/tty の組み合わせごとに分離したタイムスタンプを使用します"
+
+#: plugins/sudoers/def_data.c:90
+msgid "Lecture user the first time they run sudo"
+msgstr "ユーザーが最初に sudo を実行した時に講義を行う"
+
+#: plugins/sudoers/def_data.c:94
+#, c-format
+msgid "File containing the sudo lecture: %s"
+msgstr "sudo の講義が含まれているファイル: %s"
+
+#: plugins/sudoers/def_data.c:98
+msgid "Require users to authenticate by default"
+msgstr "デフォルトでユーザーが認証されていることを必要とします"
+
+#: plugins/sudoers/def_data.c:102
+msgid "Root may run sudo"
+msgstr "root が sudo を実行するかもしれません"
+
+#: plugins/sudoers/def_data.c:106
+msgid "Log the hostname in the (non-syslog) log file"
+msgstr " ログファイル (syslog 以外) に記録する時にホスト名を含めます"
+
+#: plugins/sudoers/def_data.c:110
+msgid "Log the year in the (non-syslog) log file"
+msgstr "ログファイル (syslog 以外) に記録する時に年情報を含めます"
+
+#: plugins/sudoers/def_data.c:114
+msgid "If sudo is invoked with no arguments, start a shell"
+msgstr "sudo を引数無しで起動した場合、シェルを開始します"
+
+#: plugins/sudoers/def_data.c:118
+msgid "Set $HOME to the target user when starting a shell with -s"
+msgstr "シェルを -s で開始した時に $HOME を変更後のユーザーのホームディレクトリに設定します"
+
+#: plugins/sudoers/def_data.c:122
+msgid "Always set $HOME to the target user's home directory"
+msgstr "$HOME を常に変更後のユーザーのホームディレクトリに設定します"
+
+#: plugins/sudoers/def_data.c:126
+msgid "Allow some information gathering to give useful error messages"
+msgstr "役に立つエラーメッセージを表示するためにいくつかの情報を収集することを許可します"
+
+#: plugins/sudoers/def_data.c:130
+msgid "Require fully-qualified hostnames in the sudoers file"
+msgstr "sudoers ファイルに完全修飾ホスト名 (FQDN) を要求します"
+
+#: plugins/sudoers/def_data.c:134
+msgid "Insult the user when they enter an incorrect password"
+msgstr "間違ったパスワードを入力した時にユーザーを侮辱します"
+
+#: plugins/sudoers/def_data.c:138
+msgid "Only allow the user to run sudo if they have a tty"
+msgstr "tty がある場合のみ sudo の実行を許可します"
+
+#: plugins/sudoers/def_data.c:142
+msgid "Visudo will honor the EDITOR environment variable"
+msgstr "visudo が EDITOR 環境変数を尊重して使用します"
+
+#: plugins/sudoers/def_data.c:146
+msgid "Prompt for root's password, not the users's"
+msgstr "ユーザーのパスワードではなく、root のパスワードの入力を要求します"
+
+#: plugins/sudoers/def_data.c:150
+msgid "Prompt for the runas_default user's password, not the users's"
+msgstr "ユーザーのパスワードではなく、 runas_default ユーザーのパスワードの入力を要求します"
+
+#: plugins/sudoers/def_data.c:154
+msgid "Prompt for the target user's password, not the users's"
+msgstr "現在のユーザーのパスワードではなく、変更先ユーザーのパスワードの入力を要求します"
+
+#: plugins/sudoers/def_data.c:158
+msgid "Apply defaults in the target user's login class if there is one"
+msgstr "変更先ユーザーのログインクラスのデフォルトが存在する場合は、デフォルトを適用します"
+
+#: plugins/sudoers/def_data.c:162
+msgid "Set the LOGNAME and USER environment variables"
+msgstr "LOGNAME および USER 環境変数を設定します"
+
+#: plugins/sudoers/def_data.c:166
+msgid "Only set the effective uid to the target user, not the real uid"
+msgstr "実効ユーザーIDのみ変更先ユーザーの UID に設定し、実ユーザーIDは変更しない"
+
+#: plugins/sudoers/def_data.c:170
+msgid "Don't initialize the group vector to that of the target user"
+msgstr "グループベクトルを変更先ユーザーの値で初期化しない"
+
+#: plugins/sudoers/def_data.c:174
+#, c-format
+msgid "Length at which to wrap log file lines (0 for no wrap): %u"
+msgstr "ログファイルの行頭から改行までの長さ (0 の場合は改行しない): %u"
+
+#: plugins/sudoers/def_data.c:178
+#, c-format
+msgid "Authentication timestamp timeout: %.1f minutes"
+msgstr "認証タイムスタンプのタイムアウト値: %.1f 分"
+
+#: plugins/sudoers/def_data.c:182
+#, c-format
+msgid "Password prompt timeout: %.1f minutes"
+msgstr "パスワード入力要求のタイムアウト値: %.1f 分"
+
+#: plugins/sudoers/def_data.c:186
+#, c-format
+msgid "Number of tries to enter a password: %u"
+msgstr "パスワード入力の試行回数: %u"
+
+#: plugins/sudoers/def_data.c:190
+#, c-format
+msgid "Umask to use or 0777 to use user's: 0%o"
+msgstr "使用する umask 値 (0777 の場合はユーザーの設定値を使用します): 0%o"
+
+#: plugins/sudoers/def_data.c:194
+#, c-format
+msgid "Path to log file: %s"
+msgstr "ログファイルのパス: %s"
+
+#: plugins/sudoers/def_data.c:198
+#, c-format
+msgid "Path to mail program: %s"
+msgstr "メールプログラムのパス: %s"
+
+#: plugins/sudoers/def_data.c:202
+#, c-format
+msgid "Flags for mail program: %s"
+msgstr "メールプログラムの引数フラグ: %s"
+
+#: plugins/sudoers/def_data.c:206
+#, c-format
+msgid "Address to send mail to: %s"
+msgstr "メールの送信先アドレス: %s"
+
+#: plugins/sudoers/def_data.c:210
+#, c-format
+msgid "Address to send mail from: %s"
+msgstr "メールの送信元アドレス: %s"
+
+#: plugins/sudoers/def_data.c:214
+#, c-format
+msgid "Subject line for mail messages: %s"
+msgstr "メールの件名 (Subject) 行: %s"
+
+#: plugins/sudoers/def_data.c:218
+#, c-format
+msgid "Incorrect password message: %s"
+msgstr "パスワードを間違った時のメッセージ: %s"
+
+#: plugins/sudoers/def_data.c:222
+#, c-format
+msgid "Path to lecture status dir: %s"
+msgstr "受講状況ディレクトリのパス: %s"
+
+#: plugins/sudoers/def_data.c:226
+#, c-format
+msgid "Path to authentication timestamp dir: %s"
+msgstr "認証タイムスタンプディレクトリのパス: %s"
+
+#: plugins/sudoers/def_data.c:230
+#, c-format
+msgid "Owner of the authentication timestamp dir: %s"
+msgstr "認証タイムスタンプディレクトリの所有者: %s"
+
+#: plugins/sudoers/def_data.c:234
+#, c-format
+msgid "Users in this group are exempt from password and PATH requirements: %s"
+msgstr "パスワード入力と PATH の要求が免除されるグループに属するユーザー: %s"
+
+#: plugins/sudoers/def_data.c:238
+#, c-format
+msgid "Default password prompt: %s"
+msgstr "パスワード入力要求時に表示される文字列: %s"
+
+#: plugins/sudoers/def_data.c:242
+msgid "If set, passprompt will override system prompt in all cases."
+msgstr "設定した場合、すべての場合において passprompt がシステムの入力要求表示を上書きします"
+
+#: plugins/sudoers/def_data.c:246
+#, c-format
+msgid "Default user to run commands as: %s"
+msgstr "コマンドを実行するデフォルトの変更先ユーザー: %s"
+
+#: plugins/sudoers/def_data.c:250
+#, c-format
+msgid "Value to override user's $PATH with: %s"
+msgstr "ユーザーの $PATH を上書きする時の値: %s"
+
+#: plugins/sudoers/def_data.c:254
+#, c-format
+msgid "Path to the editor for use by visudo: %s"
+msgstr "visudo で使用されるエディターのパス: %s"
+
+#: plugins/sudoers/def_data.c:258
+#, c-format
+msgid "When to require a password for 'list' pseudocommand: %s"
+msgstr "'list' 疑似コマンド使用するためにパスワードを要求される時: %s"
+
+#: plugins/sudoers/def_data.c:262
+#, c-format
+msgid "When to require a password for 'verify' pseudocommand: %s"
+msgstr "'verify' 疑似コマンドを使用するためにパスワードを要求される時: %s"
+
+#: plugins/sudoers/def_data.c:266
+msgid "Preload the dummy exec functions contained in the sudo_noexec library"
+msgstr "sudo_noexec ライブラリに含まれるダミーの exec 関数群を事前ロードします"
+
+# do はたぶん強調の do
+#: plugins/sudoers/def_data.c:270
+msgid "If LDAP directory is up, do we ignore local sudoers file"
+msgstr "LDAP ディレクトリが実行中の場合、ローカルの sudoers ファイルを無視します"
+
+#: plugins/sudoers/def_data.c:274
+#, c-format
+msgid "File descriptors >= %d will be closed before executing a command"
+msgstr "%d 以上の値をもつファイル記述子をコマンド実行前に閉じます"
+
+#: plugins/sudoers/def_data.c:278
+msgid "If set, users may override the value of `closefrom' with the -C option"
+msgstr "設定した場合、ユーザーが `closefrom' の値を -C オプションで上書きするかもしれません"
+
+#: plugins/sudoers/def_data.c:282
+msgid "Allow users to set arbitrary environment variables"
+msgstr "ユーザーが任意の環境変数を設定することを許可します"
+
+#: plugins/sudoers/def_data.c:286
+msgid "Reset the environment to a default set of variables"
+msgstr "環境変数の集合をデフォルトに設定します"
+
+#: plugins/sudoers/def_data.c:290
+msgid "Environment variables to check for sanity:"
+msgstr "正当性の確認を行う環境変数:"
+
+#: plugins/sudoers/def_data.c:294
+msgid "Environment variables to remove:"
+msgstr "削除する環境変数:"
+
+#: plugins/sudoers/def_data.c:298
+msgid "Environment variables to preserve:"
+msgstr "保護する環境変数:"
+
+#: plugins/sudoers/def_data.c:302
+#, c-format
+msgid "SELinux role to use in the new security context: %s"
+msgstr "新しいセキュリティコンテキスト内で使用する SELinux の役割: %s"
+
+#: plugins/sudoers/def_data.c:306
+#, c-format
+msgid "SELinux type to use in the new security context: %s"
+msgstr "新しいセキュリティコンテキスト内で使用する SELinux のタイプ: %s"
+
+#: plugins/sudoers/def_data.c:310
+#, c-format
+msgid "Path to the sudo-specific environment file: %s"
+msgstr "sudo 固有の環境ファイルのパス: %s"
+
+#: plugins/sudoers/def_data.c:314
+#, c-format
+msgid "Path to the restricted sudo-specific environment file: %s"
+msgstr "制限付きsudo 固有の環境ファイルのパス: %s"
+
+#: plugins/sudoers/def_data.c:318
+#, c-format
+msgid "Locale to use while parsing sudoers: %s"
+msgstr "sudoers を構文解析する時に使用するロケール: %s"
+
+#: plugins/sudoers/def_data.c:322
+msgid "Allow sudo to prompt for a password even if it would be visible"
+msgstr "パスワードが表示されてしまう状態であっても sudo がパスワード入力を要求することを許可します"
+
+#: plugins/sudoers/def_data.c:326
+msgid "Provide visual feedback at the password prompt when there is user input"
+msgstr "パスワード入力要求でユーザーの入力があった時に、視覚的なフィードバックを提供します"
+
+#: plugins/sudoers/def_data.c:330
+msgid "Use faster globbing that is less accurate but does not access the filesystem"
+msgstr "ファイルシステムにアクセスしないがより正確では無い、素早い一致確認処理を行います"
+
+#: plugins/sudoers/def_data.c:334
+msgid "The umask specified in sudoers will override the user's, even if it is more permissive"
+msgstr "sudoers で指定した umask 値でユーザーの umask 値を上書きします (ユーザーの umask 値より緩い場合でも)"
+
+#: plugins/sudoers/def_data.c:338
+msgid "Log user's input for the command being run"
+msgstr "コマンドを実行した時のユーザー入力をログに記録します"
+
+#: plugins/sudoers/def_data.c:342
+msgid "Log the output of the command being run"
+msgstr "コマンドを実行した時の出力をログに記録します"
+
+#: plugins/sudoers/def_data.c:346
+msgid "Compress I/O logs using zlib"
+msgstr "I/O ログを zlib を使用して圧縮します"
+
+#: plugins/sudoers/def_data.c:350
+msgid "Always run commands in a pseudo-tty"
+msgstr "常に疑似 tty 内でコマンドを実行します"
+
+#: plugins/sudoers/def_data.c:354
+#, c-format
+msgid "Plugin for non-Unix group support: %s"
+msgstr "UNIX 以外のグループをサポートするためのプラグインです:%s"
+
+#: plugins/sudoers/def_data.c:358
+#, c-format
+msgid "Directory in which to store input/output logs: %s"
+msgstr "入出力 (I/O) ログを保存するディレクトリです:%s"
+
+#: plugins/sudoers/def_data.c:362
+#, c-format
+msgid "File in which to store the input/output log: %s"
+msgstr "入出力 (I/O) ログを保存するファイルです:%s"
+
+#: plugins/sudoers/def_data.c:366
+msgid "Add an entry to the utmp/utmpx file when allocating a pty"
+msgstr "pty を割り当てた時に utmp/utmpx ファイルに記録を加えます"
+
+#: plugins/sudoers/def_data.c:370
+msgid "Set the user in utmp to the runas user, not the invoking user"
+msgstr "utmp に記録するユーザーを、実行したユーザーではなく、変更後のユーザーにします"
+
+#: plugins/sudoers/def_data.c:374
+#, c-format
+msgid "Set of permitted privileges: %s"
+msgstr "許容される権限の集合: %s"
+
+#: plugins/sudoers/def_data.c:378
+#, c-format
+msgid "Set of limit privileges: %s"
+msgstr "制限される権限の集合: %s"
+
+#: plugins/sudoers/def_data.c:382
+msgid "Run commands on a pty in the background"
+msgstr "コマンドを pty でバックグラウンドで実行する"
+
+#: plugins/sudoers/def_data.c:386
+#, c-format
+msgid "PAM service name to use: %s"
+msgstr "利用する PAM サービス名: %s"
+
+#: plugins/sudoers/def_data.c:390
+#, c-format
+msgid "PAM service name to use for login shells: %s"
+msgstr "ログインシェルで利用する PAM サービス名: %s"
+
+#: plugins/sudoers/def_data.c:394
+msgid "Attempt to establish PAM credentials for the target user"
+msgstr "ターゲットユーザーの PAM 資格情報による認証を試みる"
+
+#: plugins/sudoers/def_data.c:398
+msgid "Create a new PAM session for the command to run in"
+msgstr "実行するコマンドのために新しい PAM セッションを生成する"
+
+#: plugins/sudoers/def_data.c:402
+#, c-format
+msgid "Maximum I/O log sequence number: %u"
+msgstr "I/O ログシーケンス番号の最大値: %u"
+
+#: plugins/sudoers/def_data.c:406
+msgid "Enable sudoers netgroup support"
+msgstr "sudoers のネットグループサポートを有効にする"
+
+#: plugins/sudoers/def_data.c:410
+msgid "Check parent directories for writability when editing files with sudoedit"
+msgstr "ファイルを sudoedit で編集するときに親ディレクトリが書き込み可能か確かめる"
+
+#: plugins/sudoers/def_data.c:414
+msgid "Follow symbolic links when editing files with sudoedit"
+msgstr "ファイルを sudoedit で編集するときにシンボリックリンクを追う"
+
+#: plugins/sudoers/def_data.c:418
+msgid "Query the group plugin for unknown system groups"
+msgstr "不明なシステムグループについて、グループプラグインに問い合わせる"
+
+#: plugins/sudoers/def_data.c:422
+msgid "Match netgroups based on the entire tuple: user, host and domain"
+msgstr "ネットグループについて、すべてのタプル（ユーザー、ホスト、ドメイン）を基に判定する"
+
+#: plugins/sudoers/def_data.c:426
+msgid "Allow commands to be run even if sudo cannot write to the audit log"
+msgstr "監査ログファイルへの書き込みができなくても、コマンドの実行を許可する"
+
+#: plugins/sudoers/def_data.c:430
+msgid "Allow commands to be run even if sudo cannot write to the I/O log"
+msgstr "I/O ログファイルへの書き込みができなくても、コマンドの実行を許可する"
+
+#: plugins/sudoers/def_data.c:434
+msgid "Allow commands to be run even if sudo cannot write to the log file"
+msgstr "ログファイルへの書き込みができなくても、コマンドの実行を許可する"
+
+#: plugins/sudoers/def_data.c:438
+msgid "Resolve groups in sudoers and match on the group ID, not the name"
+msgstr "グループの照合を sudoers の中で行い、グループ名でなくグループIDを用いる"
+
+#: plugins/sudoers/def_data.c:442
+#, c-format
+msgid "Log entries larger than this value will be split into multiple syslog messages: %u"
+msgstr "ログエントリーがこの値より長くなると、複数の syslog メッセージに分割されます: %u"
+
+#: plugins/sudoers/def_data.c:446
+#, c-format
+msgid "User that will own the I/O log files: %s"
+msgstr "I/O ログの所有者となるユーザー: %s"
+
+#: plugins/sudoers/def_data.c:450
+#, c-format
+msgid "Group that will own the I/O log files: %s"
+msgstr "I/O ログの所有者となるグループ: %s"
+
+#: plugins/sudoers/def_data.c:454
+#, c-format
+msgid "File mode to use for the I/O log files: 0%o"
+msgstr "I/O ログのファイルモード: 0%o"
+
+#: plugins/sudoers/def_data.c:458
+#, c-format
+msgid "Execute commands by file descriptor instead of by path: %s"
+msgstr "コマンドの実行時にパスでなくファイル記述子を使う: %s"
+
+#: plugins/sudoers/def_data.c:462
+msgid "Ignore unknown Defaults entries in sudoers instead of producing a warning"
+msgstr "sudoers の中の未知の Defaults エントリーを無視し、警告を出さない"
+
+#: plugins/sudoers/def_data.c:466
+#, c-format
+msgid "Time in seconds after which the command will be terminated: %u"
+msgstr "コマンドが中断されるまでの経過時間を秒で指定する: %u"
+
+#: plugins/sudoers/def_data.c:470
+msgid "Allow the user to specify a timeout on the command line"
+msgstr "ユーザーがコマンド実行の制限時間をコマンドラインで指定できるようにする"
+
+#: plugins/sudoers/def_data.c:474
+msgid "Flush I/O log data to disk immediately instead of buffering it"
+msgstr "I/O ログのデータをバッファせずに、即ディスクにフラッシュする"
+
+#: plugins/sudoers/def_data.c:478
+msgid "Include the process ID when logging via syslog"
+msgstr "syslog へのログ記録時にプロセスIDを含める"
+
+#: plugins/sudoers/def_data.c:482
+#, c-format
+msgid "Type of authentication timestamp record: %s"
+msgstr "認証タイムスタンプのタイプ: %s"
+
+#: plugins/sudoers/def_data.c:486
+#, c-format
+msgid "Authentication failure message: %s"
+msgstr "認証失敗メッセージ: %s"
+
+#: plugins/sudoers/def_data.c:490
+msgid "Ignore case when matching user names"
+msgstr "ユーザー名の検索で大文字小文字を同一視する"
+
+#: plugins/sudoers/def_data.c:494
+msgid "Ignore case when matching group names"
+msgstr "グループ名の検索で大文字小文字を同一視する"
+
+#: plugins/sudoers/defaults.c:229
+#, c-format
+msgid "%s:%d unknown defaults entry \"%s\""
+msgstr "%s:%d 不明なデフォルト項目 \"%s\" です"
+
+#: plugins/sudoers/defaults.c:232
+#, c-format
+msgid "%s: unknown defaults entry \"%s\""
+msgstr "%s: 不明なデフォルト項目 \"%s\" です"
+
+#: plugins/sudoers/defaults.c:275
+#, c-format
+msgid "%s:%d no value specified for \"%s\""
+msgstr "%s:%d \"%s\" に値が指定されていません"
+
+#: plugins/sudoers/defaults.c:278
+#, c-format
+msgid "%s: no value specified for \"%s\""
+msgstr "%s: \"%s\" に値が指定されていません"
+
+#: plugins/sudoers/defaults.c:298
+#, c-format
+msgid "%s:%d values for \"%s\" must start with a '/'"
+msgstr "%s:%d \"%s\" の値は '/' で開始しなければいけません"
+
+#: plugins/sudoers/defaults.c:301
+#, c-format
+msgid "%s: values for \"%s\" must start with a '/'"
+msgstr "%s: \"%s\" の値は '/' で開始しなければいけません"
+
+#: plugins/sudoers/defaults.c:323
+#, c-format
+msgid "%s:%d option \"%s\" does not take a value"
+msgstr "%s:%d オプション \"%s\" は値をとりません"
+
+#: plugins/sudoers/defaults.c:326
+#, c-format
+msgid "%s: option \"%s\" does not take a value"
+msgstr "%s: オプション \"%s\" は値をとりません"
+
+#: plugins/sudoers/defaults.c:351
+#, c-format
+msgid "%s:%d invalid Defaults type 0x%x for option \"%s\""
+msgstr "%s:%d 0x%x はオプション \"%s\" のデフォルトタイプとして無効です"
+
+#: plugins/sudoers/defaults.c:354
+#, c-format
+msgid "%s: invalid Defaults type 0x%x for option \"%s\""
+msgstr "%s: 0x%x はオプション \"%s\" のデフォルトタイプとして無効です"
+
+#: plugins/sudoers/defaults.c:364
+#, c-format
+msgid "%s:%d value \"%s\" is invalid for option \"%s\""
+msgstr "%s:%d \"%s\" はオプション \"%s\" の値としては無効です"
+
+#: plugins/sudoers/defaults.c:367
+#, c-format
+msgid "%s: value \"%s\" is invalid for option \"%s\""
+msgstr "%s: \"%s\" はオプション \"%s\" の値としては無効です"
+
+#: plugins/sudoers/env.c:390
+msgid "sudo_putenv: corrupted envp, length mismatch"
+msgstr "sudo_putenv: envp が破損しています。長さが合いません"
+
+#: plugins/sudoers/env.c:1111
+msgid "unable to rebuild the environment"
+msgstr "環境を再構築できません"
+
+#: plugins/sudoers/env.c:1185
+#, c-format
+msgid "sorry, you are not allowed to set the following environment variables: %s"
+msgstr "残念ですが、あなたは次の環境変数を設定することを許可されていません: %s"
+
+#: plugins/sudoers/file.c:114
+#, c-format
+msgid "parse error in %s near line %d"
+msgstr "%s 内 %d 行付近で構文解析エラーが発生しました"
+
+#: plugins/sudoers/file.c:117
+#, c-format
+msgid "parse error in %s"
+msgstr "%s 内で構文解析エラーが発生しました"
+
+#: plugins/sudoers/filedigest.c:59
+#, c-format
+msgid "unsupported digest type %d for %s"
+msgstr "サポートされてない 認証方式 %d です: %s"
+
+#: plugins/sudoers/filedigest.c:88
+#, c-format
+msgid "%s: read error"
+msgstr "%s: 読み込みエラー"
+
+#: plugins/sudoers/group_plugin.c:88
+#, c-format
+msgid "%s must be owned by uid %d"
+msgstr "%s の所有者は uid %d でなければいけません"
+
+#: plugins/sudoers/group_plugin.c:92
+#, c-format
+msgid "%s must only be writable by owner"
+msgstr "%s は所有者のみ書き込み可能でなければいけません"
+
+#: plugins/sudoers/group_plugin.c:100 plugins/sudoers/sssd.c:561
+#, c-format
+msgid "unable to load %s: %s"
+msgstr "%s をロードできません: %su"
+
+#: plugins/sudoers/group_plugin.c:106
+#, c-format
+msgid "unable to find symbol \"group_plugin\" in %s"
+msgstr "%s 内にシンボル \"group_plugin\" がありません"
+
+#: plugins/sudoers/group_plugin.c:111
+#, c-format
+msgid "%s: incompatible group plugin major version %d, expected %d"
+msgstr "%s: 互換性のないグループプラグインメジャーバージョン %d です。予期されるのは %d です"
+
+#: plugins/sudoers/interfaces.c:84 plugins/sudoers/interfaces.c:101
+#, c-format
+msgid "unable to parse IP address \"%s\""
+msgstr "IPアドレス \"%s\" を解析できません"
+
+#: plugins/sudoers/interfaces.c:89 plugins/sudoers/interfaces.c:106
+#, c-format
+msgid "unable to parse netmask \"%s\""
+msgstr "ネットマスク \"%s\" を解析できません"
+
+#: plugins/sudoers/interfaces.c:134
+msgid "Local IP address and netmask pairs:\n"
+msgstr "ローカル IP アドレスとネットマスクの組:\n"
+
+#: plugins/sudoers/iolog.c:115 plugins/sudoers/mkdir_parents.c:80
+#, c-format
+msgid "%s exists but is not a directory (0%o)"
+msgstr "%s が存在しますがディレクトリではありません (0%o)"
+
+#: plugins/sudoers/iolog.c:140 plugins/sudoers/iolog.c:180
+#: plugins/sudoers/mkdir_parents.c:69 plugins/sudoers/timestamp.c:210
+#, c-format
+msgid "unable to mkdir %s"
+msgstr "ディレクトリ %s を作成できません"
+
+#: plugins/sudoers/iolog.c:184 plugins/sudoers/visudo.c:723
+#: plugins/sudoers/visudo.c:734
+#, c-format
+msgid "unable to change mode of %s to 0%o"
+msgstr "%s のアクセス権限のモードを 0%o に変更できません"
+
+#: plugins/sudoers/iolog.c:292 plugins/sudoers/sudoers.c:1167
+#: plugins/sudoers/testsudoers.c:422
+#, c-format
+msgid "unknown group: %s"
+msgstr "不明なグループです: %s"
+
+#: plugins/sudoers/iolog.c:462 plugins/sudoers/sudoers.c:907
+#: plugins/sudoers/sudoreplay.c:840 plugins/sudoers/sudoreplay.c:1536
+#: plugins/sudoers/tsdump.c:143
+#, c-format
+msgid "unable to read %s"
+msgstr "%s を読み込めません"
+
+#: plugins/sudoers/iolog.c:577 plugins/sudoers/iolog.c:797
+#, c-format
+msgid "unable to create %s"
+msgstr "%s を作成できません"
+
+#: plugins/sudoers/iolog.c:820 plugins/sudoers/iolog.c:1035
+#: plugins/sudoers/iolog.c:1111 plugins/sudoers/iolog.c:1205
+#: plugins/sudoers/iolog.c:1265
+#, c-format
+msgid "unable to write to I/O log file: %s"
+msgstr "%s へ I/O ログを書き込むことができません"
+
+#: plugins/sudoers/iolog.c:1069
+#, c-format
+msgid "%s: internal error, I/O log file for event %d not open"
+msgstr "%s: 内部エラー、I/O イベント %d のログファイルを開けません"
+
+#: plugins/sudoers/iolog.c:1228
+#, c-format
+msgid "%s: internal error, invalid signal %d"
+msgstr "%s: 内部エラー、無効なシグナル %d"
+
+#: plugins/sudoers/iolog_util.c:87
+#, c-format
+msgid "%s: invalid log file"
+msgstr "%s: 無効なログファイルのパス"
+
+#: plugins/sudoers/iolog_util.c:105
+#, c-format
+msgid "%s: time stamp field is missing"
+msgstr "%s: タイムスタンプのフィールドがありません"
+
+#: plugins/sudoers/iolog_util.c:111
+#, c-format
+msgid "%s: time stamp %s: %s"
+msgstr "%s: タイムスタンプ %s: %s"
+
+#: plugins/sudoers/iolog_util.c:118
+#, c-format
+msgid "%s: user field is missing"
+msgstr "%s: ユーザー名フィールドがありません"
+
+#: plugins/sudoers/iolog_util.c:127
+#, c-format
+msgid "%s: runas user field is missing"
+msgstr "%s: runasユーザー名フィールドがありません"
+
+#: plugins/sudoers/iolog_util.c:136
+#, c-format
+msgid "%s: runas group field is missing"
+msgstr "%s: runasグループ名フィールドがありません"
+
+#: plugins/sudoers/ldap.c:176 plugins/sudoers/ldap_conf.c:294
+msgid "starttls not supported when using ldaps"
+msgstr "starttls は ldaps を使用時にはサポートされていません"
+
+#: plugins/sudoers/ldap.c:247
+#, c-format
+msgid "unable to initialize SSL cert and key db: %s"
+msgstr "SSL 証明書と鍵データベースを初期化できません: %s"
+
+#: plugins/sudoers/ldap.c:250
+#, c-format
+msgid "you must set TLS_CERT in %s to use SSL"
+msgstr "SSL を使用するためには %s の中の TLS_CERT を設定する必要があります"
+
+#: plugins/sudoers/ldap.c:1612
+#, c-format
+msgid "unable to initialize LDAP: %s"
+msgstr "LDAP を初期化できません: %s"
+
+#: plugins/sudoers/ldap.c:1648
+msgid "start_tls specified but LDAP libs do not support ldap_start_tls_s() or ldap_start_tls_s_np()"
+msgstr "start_tls が指定されていますが、LDAP ライブラリが ldap_start_tls_s() または ldap_start_tls_s_np() をサポートしていません"
+
+#: plugins/sudoers/ldap.c:1785 plugins/sudoers/parse_ldif.c:735
+#, c-format
+msgid "invalid sudoOrder attribute: %s"
+msgstr "無効な sudoOrder 属性です: %s"
+
+#: plugins/sudoers/ldap_conf.c:203
+msgid "sudo_ldap_conf_add_ports: port too large"
+msgstr "sudo_ldap_conf_add_ports: ポートが大きすぎます"
+
+#: plugins/sudoers/ldap_conf.c:263
+#, c-format
+msgid "unsupported LDAP uri type: %s"
+msgstr "サポートされてない LDAP URI タイプです: %s"
+
+#: plugins/sudoers/ldap_conf.c:290
+msgid "unable to mix ldap and ldaps URIs"
+msgstr "ldap と ldaps の URI を混ぜて使用できません"
+
+#: plugins/sudoers/ldap_util.c:454 plugins/sudoers/ldap_util.c:456
+#, c-format
+msgid "unable to convert sudoOption: %s%s%s"
+msgstr "sudoOption を変換できません: %s%s%s"
+
+#: plugins/sudoers/linux_audit.c:57
+msgid "unable to open audit system"
+msgstr "監査システムを開くことができません"
+
+#: plugins/sudoers/linux_audit.c:98
+msgid "unable to send audit message"
+msgstr "監査メッセージを送ることができません"
+
+#: plugins/sudoers/logging.c:113
+#, c-format
+msgid "%8s : %s"
+msgstr "%8s : %s"
+
+#: plugins/sudoers/logging.c:141
+#, c-format
+msgid "%8s : (command continued) %s"
+msgstr "%8s : (コマンド継続中) %s"
+
+#: plugins/sudoers/logging.c:170
+#, c-format
+msgid "unable to open log file: %s"
+msgstr "ログファイルを開けません: %s"
+
+#: plugins/sudoers/logging.c:178
+#, c-format
+msgid "unable to lock log file: %s"
+msgstr "ログファイルをロックできません: %s"
+
+#: plugins/sudoers/logging.c:211
+#, c-format
+msgid "unable to write log file: %s"
+msgstr "%s へログを書き込むことができません"
+
+#: plugins/sudoers/logging.c:240
+msgid "No user or host"
+msgstr "ユーザーまたはホストがありません"
+
+#: plugins/sudoers/logging.c:242
+msgid "validation failure"
+msgstr "検証に失敗しました"
+
+#: plugins/sudoers/logging.c:249
+msgid "user NOT in sudoers"
+msgstr "ユーザーが sudoers 内にありません"
+
+#: plugins/sudoers/logging.c:251
+msgid "user NOT authorized on host"
+msgstr "ホスト上でユーザーが認証されていません"
+
+#: plugins/sudoers/logging.c:253
+msgid "command not allowed"
+msgstr "コマンドが許可されていません"
+
+#: plugins/sudoers/logging.c:288
+#, c-format
+msgid "%s is not in the sudoers file.  This incident will be reported.\n"
+msgstr "%s は sudoers ファイル内にありません。この事象は記録・報告されます。\n"
+
+#: plugins/sudoers/logging.c:291
+#, c-format
+msgid "%s is not allowed to run sudo on %s.  This incident will be reported.\n"
+msgstr "%s は %s 上で sudo を実行することを許可されていません。この事象は記録・報告されます。\n"
+
+#: plugins/sudoers/logging.c:295
+#, c-format
+msgid "Sorry, user %s may not run sudo on %s.\n"
+msgstr "残念ですが、ユーザー %s は %s 上で sudo を実行できません。\n"
+
+#: plugins/sudoers/logging.c:298
+#, c-format
+msgid "Sorry, user %s is not allowed to execute '%s%s%s' as %s%s%s on %s.\n"
+msgstr "残念ですが、ユーザー %s は'%s%s%s' を %s%s%s として %s 上で実行することは許可されていません。\n"
+
+#: plugins/sudoers/logging.c:335 plugins/sudoers/sudoers.c:438
+#: plugins/sudoers/sudoers.c:440 plugins/sudoers/sudoers.c:442
+#: plugins/sudoers/sudoers.c:444 plugins/sudoers/sudoers.c:599
+#: plugins/sudoers/sudoers.c:601
+#, c-format
+msgid "%s: command not found"
+msgstr "%s: コマンドが見つかりません"
+
+#: plugins/sudoers/logging.c:337 plugins/sudoers/sudoers.c:434
+#, c-format
+msgid ""
+"ignoring \"%s\" found in '.'\n"
+"Use \"sudo ./%s\" if this is the \"%s\" you wish to run."
+msgstr ""
+"'.' 内で見つかった \"%1$s\" を無視します\n"
+"この \"%3$s\" を実行したい場合は \"sudo ./%2$s\" を使用してください。"
+
+#: plugins/sudoers/logging.c:354
+msgid "authentication failure"
+msgstr "認証失敗"
+
+#: plugins/sudoers/logging.c:380
+msgid "a password is required"
+msgstr "パスワードが必要です"
+
+#: plugins/sudoers/logging.c:443
+#, c-format
+msgid "%u incorrect password attempt"
+msgid_plural "%u incorrect password attempts"
+msgstr[0] "%u 回パスワード試行を間違えました"
+
+#: plugins/sudoers/logging.c:666
+msgid "unable to fork"
+msgstr "fork できません"
+
+#: plugins/sudoers/logging.c:674 plugins/sudoers/logging.c:726
+#, c-format
+msgid "unable to fork: %m"
+msgstr "fork できません: %m"
+
+#: plugins/sudoers/logging.c:716
+#, c-format
+msgid "unable to open pipe: %m"
+msgstr "パイプを開けません: %m"
+
+#: plugins/sudoers/logging.c:741
+#, c-format
+msgid "unable to dup stdin: %m"
+msgstr "標準入力を複製できません: %m"
+
+#: plugins/sudoers/logging.c:779
+#, c-format
+msgid "unable to execute %s: %m"
+msgstr "%s を実行できません: %m"
+
+#: plugins/sudoers/match.c:874
+#, c-format
+msgid "digest for %s (%s) is not in %s form"
+msgstr "%s (%s) の認証方式は %s 形式ではありません"
+
+#: plugins/sudoers/mkdir_parents.c:75 plugins/sudoers/sudoers.c:918
+#: plugins/sudoers/visudo.c:421 plugins/sudoers/visudo.c:717
+#, c-format
+msgid "unable to stat %s"
+msgstr "%s の状態取得 (stat) ができません"
+
+#: plugins/sudoers/parse.c:444
+#, c-format
+msgid ""
+"\n"
+"LDAP Role: %s\n"
+msgstr ""
+"\n"
+"LDAP 役割: %s\n"
+
+#: plugins/sudoers/parse.c:447
+#, c-format
+msgid ""
+"\n"
+"Sudoers entry:\n"
+msgstr ""
+"\n"
+"sudoers 項目:\n"
+
+#: plugins/sudoers/parse.c:449
+#, c-format
+msgid "    RunAsUsers: "
+msgstr "    RunAsUsers: "
+
+#: plugins/sudoers/parse.c:464
+#, c-format
+msgid "    RunAsGroups: "
+msgstr "    RunAsGroups: "
+
+#: plugins/sudoers/parse.c:474
+#, c-format
+msgid "    Options: "
+msgstr "    オプション: "
+
+#: plugins/sudoers/parse.c:528
+#, c-format
+msgid "    Commands:\n"
+msgstr "    コマンド:\n"
+
+#: plugins/sudoers/parse.c:719
+#, c-format
+msgid "Matching Defaults entries for %s on %s:\n"
+msgstr "既定値のエントリと照合中 (ユーザー名 %s) (ホスト名 %s):\n"
+
+#: plugins/sudoers/parse.c:737
+#, c-format
+msgid "Runas and Command-specific defaults for %s:\n"
+msgstr "ユーザー %s 用の Runas およびコマンド特有のデフォルト:\n"
+
+#: plugins/sudoers/parse.c:755
+#, c-format
+msgid "User %s may run the following commands on %s:\n"
+msgstr "ユーザー %s は %s 上で コマンドを実行できます\n"
+
+#: plugins/sudoers/parse.c:770
+#, c-format
+msgid "User %s is not allowed to run sudo on %s.\n"
+msgstr "ユーザー %s は %s 上で sudo を実行することを許可されていません。\n"
+
+#: plugins/sudoers/parse_ldif.c:145
+#, c-format
+msgid "ignoring invalid attribute value: %s"
+msgstr "無効な属性値を無視します: %s"
+
+#: plugins/sudoers/parse_ldif.c:584
+#, c-format
+msgid "ignoring incomplete sudoRole: cn: %s"
+msgstr "不完全な sudoRole: cn: %s を無視します"
+
+#: plugins/sudoers/policy.c:88 plugins/sudoers/policy.c:114
+#, c-format
+msgid "invalid %.*s set by sudo front-end"
+msgstr "無効な %.*s が sudo のフロントエンドで設定されています"
+
+#: plugins/sudoers/policy.c:293 plugins/sudoers/testsudoers.c:278
+msgid "unable to parse network address list"
+msgstr "ネットワークのアドレスリストを解析できません"
+
+#: plugins/sudoers/policy.c:437
+msgid "user name not set by sudo front-end"
+msgstr "ユーザー名が sudo のフロントエンドで設定されていません"
+
+#: plugins/sudoers/policy.c:441
+msgid "user ID not set by sudo front-end"
+msgstr "ユーザーIDが sudo のフロントエンドで設定されていません"
+
+#: plugins/sudoers/policy.c:445
+msgid "group ID not set by sudo front-end"
+msgstr "グループIDが sudo のフロントエンドで設定されていません"
+
+#: plugins/sudoers/policy.c:449
+msgid "host name not set by sudo front-end"
+msgstr "ホスト名が sudo のフロントエンドで設定されていません"
+
+#: plugins/sudoers/policy.c:802 plugins/sudoers/visudo.c:220
+#: plugins/sudoers/visudo.c:851
+#, c-format
+msgid "unable to execute %s"
+msgstr "%s を実行できません"
+
+#: plugins/sudoers/policy.c:933
+#, c-format
+msgid "Sudoers policy plugin version %s\n"
+msgstr "sudoers ポリシープラグイン  バージョン %s\n"
+
+#: plugins/sudoers/policy.c:935
+#, c-format
+msgid "Sudoers file grammar version %d\n"
+msgstr "sudoers ファイル文法バージョン %d\n"
+
+#: plugins/sudoers/policy.c:939
+#, c-format
+msgid ""
+"\n"
+"Sudoers path: %s\n"
+msgstr ""
+"\n"
+"sudoers のパス: %s\n"
+
+#: plugins/sudoers/policy.c:942
+#, c-format
+msgid "nsswitch path: %s\n"
+msgstr "nsswitch のパス: %s\n"
+
+#: plugins/sudoers/policy.c:944
+#, c-format
+msgid "ldap.conf path: %s\n"
+msgstr "ldap.conf のパス: %s\n"
+
+#: plugins/sudoers/policy.c:945
+#, c-format
+msgid "ldap.secret path: %s\n"
+msgstr "ldap.secret のパス: %s\n"
+
+#: plugins/sudoers/policy.c:978
+#, c-format
+msgid "unable to register hook of type %d (version %d.%d)"
+msgstr "タイプ %d のフックを登録できません (バージョン %d.%d)"
+
+#: plugins/sudoers/pwutil.c:220 plugins/sudoers/pwutil.c:239
+#, c-format
+msgid "unable to cache uid %u, out of memory"
+msgstr "ユーザーID %u をキャッシュできません。メモリ不足です。"
+
+#: plugins/sudoers/pwutil.c:233
+#, c-format
+msgid "unable to cache uid %u, already exists"
+msgstr "ユーザーID %u をキャッシュできません。すでに存在します"
+
+#: plugins/sudoers/pwutil.c:293 plugins/sudoers/pwutil.c:311
+#: plugins/sudoers/pwutil.c:373 plugins/sudoers/pwutil.c:418
+#, c-format
+msgid "unable to cache user %s, out of memory"
+msgstr "ユーザー %s をキャッシュできません。メモリ不足です。"
+
+#: plugins/sudoers/pwutil.c:306
+#, c-format
+msgid "unable to cache user %s, already exists"
+msgstr "ユーザー %s をキャッシュできません。すでに存在します"
+
+#: plugins/sudoers/pwutil.c:537 plugins/sudoers/pwutil.c:556
+#, c-format
+msgid "unable to cache gid %u, out of memory"
+msgstr "グループID %u をキャッシュできません。メモリ不足です。"
+
+#: plugins/sudoers/pwutil.c:550
+#, c-format
+msgid "unable to cache gid %u, already exists"
+msgstr "グループID %u をキャッシュできません。すでに存在します"
+
+#: plugins/sudoers/pwutil.c:604 plugins/sudoers/pwutil.c:622
+#: plugins/sudoers/pwutil.c:669 plugins/sudoers/pwutil.c:711
+#, c-format
+msgid "unable to cache group %s, out of memory"
+msgstr "グループ %s をキャッシュできません。メモリ不足です。"
+
+#: plugins/sudoers/pwutil.c:617
+#, c-format
+msgid "unable to cache group %s, already exists"
+msgstr "グループ %s をキャッシュできません。すでに存在します"
+
+#: plugins/sudoers/pwutil.c:837 plugins/sudoers/pwutil.c:889
+#: plugins/sudoers/pwutil.c:940 plugins/sudoers/pwutil.c:993
+#, c-format
+msgid "unable to cache group list for %s, already exists"
+msgstr "グループリスト %s をキャッシュできません。すでに存在します"
+
+#: plugins/sudoers/pwutil.c:843 plugins/sudoers/pwutil.c:894
+#: plugins/sudoers/pwutil.c:946 plugins/sudoers/pwutil.c:998
+#, c-format
+msgid "unable to cache group list for %s, out of memory"
+msgstr "グループリスト %s をキャッシュできません。メモリ不足です。"
+
+#: plugins/sudoers/pwutil.c:883
+#, c-format
+msgid "unable to parse groups for %s"
+msgstr "%s のグループを解析できません"
+
+#: plugins/sudoers/pwutil.c:987
+#, c-format
+msgid "unable to parse gids for %s"
+msgstr "%s のグループIDを解析できません"
+
+#: plugins/sudoers/set_perms.c:118 plugins/sudoers/set_perms.c:474
+#: plugins/sudoers/set_perms.c:917 plugins/sudoers/set_perms.c:1244
+#: plugins/sudoers/set_perms.c:1561
+msgid "perm stack overflow"
+msgstr "perm スタックがオーバーフローしました"
+
+#: plugins/sudoers/set_perms.c:126 plugins/sudoers/set_perms.c:405
+#: plugins/sudoers/set_perms.c:482 plugins/sudoers/set_perms.c:784
+#: plugins/sudoers/set_perms.c:925 plugins/sudoers/set_perms.c:1168
+#: plugins/sudoers/set_perms.c:1252 plugins/sudoers/set_perms.c:1494
+#: plugins/sudoers/set_perms.c:1569 plugins/sudoers/set_perms.c:1659
+msgid "perm stack underflow"
+msgstr "perm スタックがアンダーフローしました"
+
+#: plugins/sudoers/set_perms.c:185 plugins/sudoers/set_perms.c:528
+#: plugins/sudoers/set_perms.c:1303 plugins/sudoers/set_perms.c:1601
+msgid "unable to change to root gid"
+msgstr "root のグループIDへ変更できません"
+
+#: plugins/sudoers/set_perms.c:274 plugins/sudoers/set_perms.c:625
+#: plugins/sudoers/set_perms.c:1054 plugins/sudoers/set_perms.c:1380
+msgid "unable to change to runas gid"
+msgstr "実行するためのグループIDに変更できません"
+
+#: plugins/sudoers/set_perms.c:279 plugins/sudoers/set_perms.c:630
+#: plugins/sudoers/set_perms.c:1059 plugins/sudoers/set_perms.c:1385
+msgid "unable to set runas group vector"
+msgstr "グループベクトルを実行するためのものに変更できません"
+
+#: plugins/sudoers/set_perms.c:290 plugins/sudoers/set_perms.c:641
+#: plugins/sudoers/set_perms.c:1068 plugins/sudoers/set_perms.c:1394
+msgid "unable to change to runas uid"
+msgstr "実行するためのユーザーIDに変更できません"
+
+#: plugins/sudoers/set_perms.c:308 plugins/sudoers/set_perms.c:659
+#: plugins/sudoers/set_perms.c:1084 plugins/sudoers/set_perms.c:1410
+msgid "unable to change to sudoers gid"
+msgstr "sudoers のグループIDへ変更できません"
+
+#: plugins/sudoers/set_perms.c:392 plugins/sudoers/set_perms.c:771
+#: plugins/sudoers/set_perms.c:1155 plugins/sudoers/set_perms.c:1481
+#: plugins/sudoers/set_perms.c:1646
+msgid "too many processes"
+msgstr "プロセスが多すぎます"
+
+#: plugins/sudoers/solaris_audit.c:56
+msgid "unable to get current working directory"
+msgstr "カレントディレクトリを取得できません"
+
+#: plugins/sudoers/solaris_audit.c:64
+#, c-format
+msgid "truncated audit path user_cmnd: %s"
+msgstr "検証の対象とする長さを切り詰めました user_cmnd: %s"
+
+#: plugins/sudoers/solaris_audit.c:71
+#, c-format
+msgid "truncated audit path argv[0]: %s"
+msgstr "検証の対象とする長さを切り詰めました argv[0]: %s"
+
+#: plugins/sudoers/solaris_audit.c:120
+msgid "audit_failure message too long"
+msgstr "audit_failure のメッセージが長すぎます"
+
+#: plugins/sudoers/sssd.c:563
+msgid "unable to initialize SSS source. Is SSSD installed on your machine?"
+msgstr "SSS のソースを初期化できません。SSSD はあなたのマシンにインストールされていますか？"
+
+#: plugins/sudoers/sssd.c:571 plugins/sudoers/sssd.c:580
+#: plugins/sudoers/sssd.c:589 plugins/sudoers/sssd.c:598
+#: plugins/sudoers/sssd.c:607
+#, c-format
+msgid "unable to find symbol \"%s\" in %s"
+msgstr "シンボル \"%s\" が %s 内にありません"
+
+#: plugins/sudoers/sudoers.c:208 plugins/sudoers/sudoers.c:864
+msgid "problem with defaults entries"
+msgstr "デフォルト項目で問題が発生しました"
+
+#: plugins/sudoers/sudoers.c:212
+msgid "no valid sudoers sources found, quitting"
+msgstr "有効な sudoers のソースが見つかりません。終了します"
+
+#: plugins/sudoers/sudoers.c:250
+msgid "sudoers specifies that root is not allowed to sudo"
+msgstr "sudoers の指定により root が sudo を使用することは禁止されています"
+
+#: plugins/sudoers/sudoers.c:308
+msgid "you are not permitted to use the -C option"
+msgstr "-C オプションを使用することは許可されていません"
+
+#: plugins/sudoers/sudoers.c:355
+#, c-format
+msgid "timestamp owner (%s): No such user"
+msgstr "タイムスタンプの所有者 (%s): そのようなユーザーはありません"
+
+#: plugins/sudoers/sudoers.c:370
+msgid "no tty"
+msgstr "tty がありません"
+
+#: plugins/sudoers/sudoers.c:371
+msgid "sorry, you must have a tty to run sudo"
+msgstr "残念ですが、sudo を実行するには tty が必要です"
+
+#: plugins/sudoers/sudoers.c:433
+msgid "command in current directory"
+msgstr "コマンドがカレントディレクトリにあります"
+
+#: plugins/sudoers/sudoers.c:452
+msgid "sorry, you are not allowed set a command timeout"
+msgstr "残念ですが、あなたはコマンド実行の制限時間を設定することを許可されていません。"
+
+#: plugins/sudoers/sudoers.c:460
+msgid "sorry, you are not allowed to preserve the environment"
+msgstr "残念ですが、あなたは環境変数を保存することを許可されていません。"
+
+#: plugins/sudoers/sudoers.c:808
+msgid "command too long"
+msgstr "コマンド名が長すぎます"
+
+#: plugins/sudoers/sudoers.c:922
+#, c-format
+msgid "%s is not a regular file"
+msgstr "%s は通常ファイルではありません"
+
+#: plugins/sudoers/sudoers.c:926 plugins/sudoers/timestamp.c:257 toke.l:965
+#, c-format
+msgid "%s is owned by uid %u, should be %u"
+msgstr "%s はユーザーID %u によって所有されています。これは %u であるべきです"
+
+#: plugins/sudoers/sudoers.c:930 toke.l:970
+#, c-format
+msgid "%s is world writable"
+msgstr "%s は誰でも書き込み可能です"
+
+#: plugins/sudoers/sudoers.c:934 toke.l:973
+#, c-format
+msgid "%s is owned by gid %u, should be %u"
+msgstr "%s のグループIDは %u になっています。これは %u であるべきです"
+
+#: plugins/sudoers/sudoers.c:967
+#, c-format
+msgid "only root can use \"-c %s\""
+msgstr "root のみ \"-c %s\" を使用できます"
+
+#: plugins/sudoers/sudoers.c:986
+#, c-format
+msgid "unknown login class: %s"
+msgstr "不明なログインクラスです: %s"
+
+#: plugins/sudoers/sudoers.c:1069 plugins/sudoers/sudoers.c:1083
+#, c-format
+msgid "unable to resolve host %s"
+msgstr "ホスト %s の名前解決ができません"
+
+#: plugins/sudoers/sudoreplay.c:248
+#, c-format
+msgid "invalid filter option: %s"
+msgstr "無効なフィルターオプションです: %s"
+
+#: plugins/sudoers/sudoreplay.c:261
+#, c-format
+msgid "invalid max wait: %s"
+msgstr "無効な最大待機時間です: %s"
+
+#: plugins/sudoers/sudoreplay.c:284
+#, c-format
+msgid "invalid speed factor: %s"
+msgstr "無効な speed_factor の値です: %s"
+
+#: plugins/sudoers/sudoreplay.c:319
+#, c-format
+msgid "%s/%.2s/%.2s/%.2s/timing: %s"
+msgstr "%s/%.2s/%.2s/%.2s/タイミング: %s"
+
+#: plugins/sudoers/sudoreplay.c:325
+#, c-format
+msgid "%s/%s/timing: %s"
+msgstr "%s/%s/タイミング: %s"
+
+#: plugins/sudoers/sudoreplay.c:341
+#, c-format
+msgid "Replaying sudo session: %s"
+msgstr "再生する sudo セッション: %s"
+
+#: plugins/sudoers/sudoreplay.c:539 plugins/sudoers/sudoreplay.c:586
+#: plugins/sudoers/sudoreplay.c:783 plugins/sudoers/sudoreplay.c:892
+#: plugins/sudoers/sudoreplay.c:977 plugins/sudoers/sudoreplay.c:992
+#: plugins/sudoers/sudoreplay.c:999 plugins/sudoers/sudoreplay.c:1006
+#: plugins/sudoers/sudoreplay.c:1013 plugins/sudoers/sudoreplay.c:1020
+#: plugins/sudoers/sudoreplay.c:1168
+msgid "unable to add event to queue"
+msgstr "イベントをキューに追加できません"
+
+#: plugins/sudoers/sudoreplay.c:654
+msgid "unable to set tty to raw mode"
+msgstr "tty を raw モードに設定できません"
+
+#: plugins/sudoers/sudoreplay.c:705
+#, c-format
+msgid "Warning: your terminal is too small to properly replay the log.\n"
+msgstr "警告: ログをきちんとリプレイするには端末が小さすぎます。\n"
+
+#: plugins/sudoers/sudoreplay.c:706
+#, c-format
+msgid "Log geometry is %d x %d, your terminal's geometry is %d x %d."
+msgstr "ログの大きさは %d x %d で、端末の大きさは %d x %d です。"
+
+#: plugins/sudoers/sudoreplay.c:734
+msgid "Replay finished, press any key to restore the terminal."
+msgstr "再生が終了しました、何かキーを押すと端末を回復します。"
+
+#: plugins/sudoers/sudoreplay.c:766
+#, c-format
+msgid "invalid timing file line: %s"
+msgstr "無効なタイミングファイルの行です: %s"
+
+#: plugins/sudoers/sudoreplay.c:1202 plugins/sudoers/sudoreplay.c:1227
+#, c-format
+msgid "ambiguous expression \"%s\""
+msgstr "曖昧な式 \"%s です\""
+
+#: plugins/sudoers/sudoreplay.c:1249
+msgid "unmatched ')' in expression"
+msgstr "式内で ')' が不一致です"
+
+#: plugins/sudoers/sudoreplay.c:1253
+#, c-format
+msgid "unknown search term \"%s\""
+msgstr "不明な検索語 \"%s\" です"
+
+#: plugins/sudoers/sudoreplay.c:1268
+#, c-format
+msgid "%s requires an argument"
+msgstr "%s は引数が必要です"
+
+#: plugins/sudoers/sudoreplay.c:1271 plugins/sudoers/sudoreplay.c:1512
+#, c-format
+msgid "invalid regular expression: %s"
+msgstr "無効な正規表現です: %s"
+
+#: plugins/sudoers/sudoreplay.c:1275
+#, c-format
+msgid "could not parse date \"%s\""
+msgstr "日付 \"%s\" を構文解析できませんでした"
+
+#: plugins/sudoers/sudoreplay.c:1284
+msgid "unmatched '(' in expression"
+msgstr "式内で '(' が不一致です"
+
+#: plugins/sudoers/sudoreplay.c:1286
+msgid "illegal trailing \"or\""
+msgstr "末尾に \"or\" を配置できません"
+
+#: plugins/sudoers/sudoreplay.c:1288
+msgid "illegal trailing \"!\""
+msgstr "末尾に \"!\" を配置できません"
+
+#: plugins/sudoers/sudoreplay.c:1338
+#, c-format
+msgid "unknown search type %d"
+msgstr "未知の検索タイプ %d"
+
+#: plugins/sudoers/sudoreplay.c:1605
+#, c-format
+msgid "usage: %s [-hnRS] [-d dir] [-m num] [-s num] ID\n"
+msgstr "使用法: %s [-hnRS] [-d dir] [-m num] [-s num] ID\n"
+
+#: plugins/sudoers/sudoreplay.c:1608
+#, c-format
+msgid "usage: %s [-h] [-d dir] -l [search expression]\n"
+msgstr "使用法: %s [-h] [-d dir] -l [search expression]\n"
+
+#: plugins/sudoers/sudoreplay.c:1617
+#, c-format
+msgid ""
+"%s - replay sudo session logs\n"
+"\n"
+msgstr ""
+"%s - sudo セッションログをリプレイします\n"
+"\n"
+
+#: plugins/sudoers/sudoreplay.c:1619
+msgid ""
+"\n"
+"Options:\n"
+"  -d, --directory=dir  specify directory for session logs\n"
+"  -f, --filter=filter  specify which I/O type(s) to display\n"
+"  -h, --help           display help message and exit\n"
+"  -l, --list           list available session IDs, with optional expression\n"
+"  -m, --max-wait=num   max number of seconds to wait between events\n"
+"  -S, --suspend-wait   wait while the command was suspended\n"
+"  -s, --speed=num      speed up or slow down output\n"
+"  -V, --version        display version information and exit"
+msgstr ""
+"\n"
+"オプション:\n"
+"  -d, --directory=dir  セッションログのディレクトリを指定する\n"
+"  -f, --filter=filter  表示する I/O タイプを指定する\n"
+"  -h, --help           ヘルプメッセージを表示して終了する\n"
+"  -l, --list[=expr]    使用可能なセッションIDを一覧表示する、オプションで条件 expr を指定可能\n"
+"  -m, --max-wait=num   イベント間の待ち時間の最大秒数を指定する\n"
+"  -S, --suspend-wait   コマンドがサスペンドされている間、待機する\n"
+"  -s, --speed=num      出力速度を速くする、または遅くする\n"
+"  -V, --version        バージョン情報を表示して終了する"
+
+#: plugins/sudoers/testsudoers.c:360
+msgid "\thost  unmatched"
+msgstr "\tホストが一致しません"
+
+#: plugins/sudoers/testsudoers.c:363
+msgid ""
+"\n"
+"Command allowed"
+msgstr ""
+"\n"
+"コマンドが許可されました"
+
+#: plugins/sudoers/testsudoers.c:364
+msgid ""
+"\n"
+"Command denied"
+msgstr ""
+"\n"
+"コマンドが拒否されました"
+
+#: plugins/sudoers/testsudoers.c:364
+msgid ""
+"\n"
+"Command unmatched"
+msgstr ""
+"\n"
+"コマンドが一致しませんでした"
+
+#: plugins/sudoers/timestamp.c:265
+#, c-format
+msgid "%s is group writable"
+msgstr "%s はグループのメンバーによる書き込みが可能です"
+
+#: plugins/sudoers/timestamp.c:341
+#, c-format
+msgid "unable to truncate time stamp file to %lld bytes"
+msgstr "タイムスタンプファイルを %lld バイトに切り詰めることができません"
+
+#: plugins/sudoers/timestamp.c:827 plugins/sudoers/timestamp.c:919
+#: plugins/sudoers/visudo.c:482 plugins/sudoers/visudo.c:488
+msgid "unable to read the clock"
+msgstr "時刻を読み込むことができません"
+
+#: plugins/sudoers/timestamp.c:838
+msgid "ignoring time stamp from the future"
+msgstr "未来の時刻のタイムスタンプを無視します"
+
+#: plugins/sudoers/timestamp.c:861
+#, c-format
+msgid "time stamp too far in the future: %20.20s"
+msgstr "タイムスタンプが遠すぎる将来になっています: %20.20s"
+
+#: plugins/sudoers/timestamp.c:983
+#, c-format
+msgid "unable to lock time stamp file %s"
+msgstr "タイムスタンプファイル %s をロックすることができません"
+
+#: plugins/sudoers/timestamp.c:1027 plugins/sudoers/timestamp.c:1047
+#, c-format
+msgid "lecture status path too long: %s/%s"
+msgstr "受講状況格納パスが長すぎます: %s/%s"
+
+#: plugins/sudoers/visudo.c:216
+msgid "the -x option will be removed in a future release"
+msgstr "-x オプションは将来のリリースでは削除されます"
+
+#: plugins/sudoers/visudo.c:217
+msgid "please consider using the cvtsudoers utility instead"
+msgstr "cvtsudoers ユーティリティーを代わりに使用することを検討してください"
+
+#: plugins/sudoers/visudo.c:268 plugins/sudoers/visudo.c:650
+#, c-format
+msgid "press return to edit %s: "
+msgstr "%s を編集するためにリターンを押してください: "
+
+#: plugins/sudoers/visudo.c:329
+#, c-format
+msgid "specified editor (%s) doesn't exist"
+msgstr "指定したエディター (%s) が存在しません"
+
+#: plugins/sudoers/visudo.c:331
+#, c-format
+msgid "no editor found (editor path = %s)"
+msgstr "エディターが見つかりません (エディターのパス = %s)"
+
+#: plugins/sudoers/visudo.c:441 plugins/sudoers/visudo.c:449
+msgid "write error"
+msgstr "書き込みエラーです"
+
+#: plugins/sudoers/visudo.c:495
+#, c-format
+msgid "unable to stat temporary file (%s), %s unchanged"
+msgstr "一時ファイル (%s) の状態取得 (stat) ができません。%s は変更されません"
+
+#: plugins/sudoers/visudo.c:502
+#, c-format
+msgid "zero length temporary file (%s), %s unchanged"
+msgstr "一時ファイル (%s) の大きさが 0 です。%s は変更されません"
+
+#: plugins/sudoers/visudo.c:508
+#, c-format
+msgid "editor (%s) failed, %s unchanged"
+msgstr "エディター (%s) が異常終了しました。%s は変更されません"
+
+#: plugins/sudoers/visudo.c:530
+#, c-format
+msgid "%s unchanged"
+msgstr "%s は変更されません"
+
+#: plugins/sudoers/visudo.c:589
+#, c-format
+msgid "unable to re-open temporary file (%s), %s unchanged."
+msgstr "一時ファイル (%s) を再度開くことができません。%s は変更されません。"
+
+#: plugins/sudoers/visudo.c:601
+#, c-format
+msgid "unabled to parse temporary file (%s), unknown error"
+msgstr "一時ファイル (%s) の構文解析ができません。不明なエラーです"
+
+#: plugins/sudoers/visudo.c:639
+#, c-format
+msgid "internal error, unable to find %s in list!"
+msgstr "内部エラー、リスト内に %s が見つかりません!"
+
+#: plugins/sudoers/visudo.c:719 plugins/sudoers/visudo.c:728
+#, c-format
+msgid "unable to set (uid, gid) of %s to (%u, %u)"
+msgstr "%s の (ユーザーID, グループID) を (%u, %u) に設定できません"
+
+#: plugins/sudoers/visudo.c:751
+#, c-format
+msgid "%s and %s not on the same file system, using mv to rename"
+msgstr "%s と %s は同じファイルシステム上にありません。名前を変更するために mv を使用しています"
+
+#: plugins/sudoers/visudo.c:765
+#, c-format
+msgid "command failed: '%s %s %s', %s unchanged"
+msgstr "コマンドの失敗です: '%s %s %s'。%s は変更されません"
+
+#: plugins/sudoers/visudo.c:775
+#, c-format
+msgid "error renaming %s, %s unchanged"
+msgstr "%s の名前変更に失敗しました。%s は変更されません"
+
+#: plugins/sudoers/visudo.c:796
+msgid "What now? "
+msgstr "次は何でしょうか? "
+
+#: plugins/sudoers/visudo.c:810
+msgid ""
+"Options are:\n"
+"  (e)dit sudoers file again\n"
+"  e(x)it without saving changes to sudoers file\n"
+"  (Q)uit and save changes to sudoers file (DANGER!)\n"
+msgstr ""
+"オプション:\n"
+"  e -- sudoers ファイルを再度編集します\n"
+"  x -- sudoers ファイルへの変更を保存せずに終了します\n"
+"  Q -- sudoers ファイルへの変更を保存して終了します (*危険です!*)\n"
+
+#: plugins/sudoers/visudo.c:856
+#, c-format
+msgid "unable to run %s"
+msgstr "%s を実行できません"
+
+#: plugins/sudoers/visudo.c:886
+#, c-format
+msgid "%s: wrong owner (uid, gid) should be (%u, %u)\n"
+msgstr "%s: 所有権に誤りがあります。(ユーザーID, グループID) は (%u, %u) であるべきです\n"
+
+#: plugins/sudoers/visudo.c:893
+#, c-format
+msgid "%s: bad permissions, should be mode 0%o\n"
+msgstr "%s: アクセス権限に誤りがあります。モードは 0%o であるべきです\n"
+
+#: plugins/sudoers/visudo.c:950 plugins/sudoers/visudo.c:957
+#, c-format
+msgid "%s: parsed OK\n"
+msgstr "%s: 正しく構文解析されました\n"
+
+#: plugins/sudoers/visudo.c:976
+#, c-format
+msgid "%s busy, try again later"
+msgstr "%s がビジー状態です。後で再試行してください"
+
+#: plugins/sudoers/visudo.c:979
+#, c-format
+msgid "unable to lock %s"
+msgstr "%s をロックできません"
+
+#: plugins/sudoers/visudo.c:980
+msgid "Edit anyway? [y/N]"
+msgstr "それでも編集しますか? [y/N]"
+
+#: plugins/sudoers/visudo.c:1064
+#, c-format
+msgid "Error: %s:%d cycle in %s \"%s\""
+msgstr "エラー: %s:%d %s のエイリアス \"%s\" で定義が循環しています"
+
+#: plugins/sudoers/visudo.c:1065
+#, c-format
+msgid "Warning: %s:%d cycle in %s \"%s\""
+msgstr "警告: %s:%d %s のエイリアス \"%s\" で定義が循環しています"
+
+#: plugins/sudoers/visudo.c:1069
+#, c-format
+msgid "Error: %s:%d %s \"%s\" referenced but not defined"
+msgstr "エラー: %s:%d %s \"%s\" は参照されているのに定義されていません"
+
+#: plugins/sudoers/visudo.c:1070
+#, c-format
+msgid "Warning: %s:%d %s \"%s\" referenced but not defined"
+msgstr "警告: %s:%d %s \"%s\" は参照されているのに定義されていません"
+
+#: plugins/sudoers/visudo.c:1161
+#, c-format
+msgid "Warning: %s:%d unused %s \"%s\""
+msgstr "警告: %s:%d エイリアス %s として \"%s\" は使用されていません"
+
+#: plugins/sudoers/visudo.c:1276
+#, c-format
+msgid ""
+"%s - safely edit the sudoers file\n"
+"\n"
+msgstr ""
+"%s - sudoers ファイルを安全に編集する\n"
+"\n"
+
+#: plugins/sudoers/visudo.c:1278
+msgid ""
+"\n"
+"Options:\n"
+"  -c, --check              check-only mode\n"
+"  -f, --file=sudoers       specify sudoers file location\n"
+"  -h, --help               display help message and exit\n"
+"  -q, --quiet              less verbose (quiet) syntax error messages\n"
+"  -s, --strict             strict syntax checking\n"
+"  -V, --version            display version information and exit\n"
+msgstr ""
+"\n"
+"オプション:\n"
+"  -c, --check              検査のみを行う\n"
+"  -f, --file=sudoers       sudoers ファイルの位置を指定する\n"
+"  -h, --help               ヘルプメッセージを表示して終了する\n"
+"  -q, --quiet              文法エラーメッセージをより少なく (静かに) する\n"
+"  -s, --strict             厳密な文法検査を行う\n"
+"  -V, --version            バージョン情報を表示して終了する\n"
+
+#: toke.l:939
+msgid "too many levels of includes"
+msgstr "インクルードの階層が大きすぎます"
+
+#~ msgid ""
+#~ "\n"
+#~ "LDAP Role: UNKNOWN\n"
+#~ msgstr ""
+#~ "\n"
+#~ "LDAP 役割: 不明\n"
+
+#~ msgid "    Order: %s\n"
+#~ msgstr "    Order: %s\n"
+
+#~ msgid ""
+#~ "\n"
+#~ "SSSD Role: %s\n"
+#~ msgstr ""
+#~ "\n"
+#~ "SSSD 役割: %s\n"
+
+#~ msgid ""
+#~ "\n"
+#~ "SSSD Role: UNKNOWN\n"
+#~ msgstr ""
+#~ "\n"
+#~ "SSSD 役割: 不明\n"
+
+#~ msgid "Warning: cycle in %s `%s'"
+#~ msgstr "警告: 循環を発見 %s `%s'"
+
+#~ msgid "Warning: %s `%s' referenced but not defined"
+#~ msgstr "警告: %s `%s' は参照されていますが定義されていません"
+
+#~ msgid "Warning: unused %s `%s'"
+#~ msgstr "警告: 使われていません %s `%s'"
+
+#~ msgid "timestamp path too long: %s/%s"
+#~ msgstr "タイムスタンプのパスが長過ぎます: %s/%s"
+
+#~ msgid "unable to stat editor (%s)"
+#~ msgstr "エディター (%s) の状態取得 (stat) ができません"
+
+#~ msgid ">>> %s: %s near line %d <<<"
+#~ msgstr ">>> %s: %s (%d行付近) <<<"
+
+#~ msgid "pam_chauthtok: %s"
+#~ msgstr "pam_chauthtok: %s"
+
+#~ msgid "pam_authenticate: %s"
+#~ msgstr "pam_authenticate: %s"
+
+#~ msgid "Password:"
+#~ msgstr "パスワード:"
+
+#~ msgid "getaudit: failed"
+#~ msgstr "getaudit: 失敗しました"
+
+#~ msgid "getauid failed"
+#~ msgstr "getauid に失敗しました"
+
+#~ msgid "au_to_subject: failed"
+#~ msgstr "au_to_subject: 失敗しました"
+
+#~ msgid "au_to_exec_args: failed"
+#~ msgstr "au_to_exec_args: 失敗しました"
+
+#~ msgid "au_to_return32: failed"
+#~ msgstr "au_to_return32: 失敗しました"
+
+#~ msgid "getauid: failed"
+#~ msgstr "getauid: 失敗しました"
+
+#~ msgid "au_to_text: failed"
+#~ msgstr "au_to_text: 失敗しました"
+
+#~ msgid "%s owned by uid %u, should be uid %u"
+#~ msgstr "%s はユーザーID (uid) %u によって所有されています。これはユーザーID %u であるべきです"
+
+#~ msgid "%s writable by non-owner (0%o), should be mode 0700"
+#~ msgstr "%s は所有者以外でも書き込み可能 (0%o) です。アクセス権限のモードは 0700 であるべきです"
+
+#~ msgid "%s exists but is not a regular file (0%o)"
+#~ msgstr "%s が存在しますが通常ファイル (0%o) ではありません"
+
+#~ msgid "%s writable by non-owner (0%o), should be mode 0600"
+#~ msgstr "%s は所有者以外でも書き込み可能 (0%o) です。アクセス権限のモードは 0600 であるべきです"
+
+#~ msgid "unable to remove %s (%s), will reset to the epoch"
+#~ msgstr "%s (%s) を削除できません。エポックにリセットします"
+
+#~ msgid "unable to set locale to \"%s\", using \"C\""
+#~ msgstr "ロケールを \"%s\" に設定できません。 \"C\" を使用します"
+
+#~ msgid "sudo_ldap_conf_add_ports: out of space expanding hostbuf"
+#~ msgstr "sudo_ldap_conf_add_ports: hostbuf を拡張中にメモリ空間が不足しました"
+
+#~ msgid "invalid uri: %s"
+#~ msgstr "無効な URI です: %s"
+
+#~ msgid "unable to mix ldaps and starttls"
+#~ msgstr "ldaps と starttls を混ぜて使用できません"
+
+#~ msgid "sudo_ldap_parse_uri: out of space building hostbuf"
+#~ msgstr "sudo_ldap_parse_uri: hostbuf を構築中にメモリ空間が不足しました"
+
+#~ msgid "sudo_ldap_build_pass1 allocation mismatch"
+#~ msgstr "sudo_ldap_build_pass1 配置が一致しません"
+
+#~ msgid "internal error: insufficient space for log line"
+#~ msgstr "内部エラー: ログの行に十分な空間がありません"
+
+#~ msgid ""
+#~ "    Commands:\n"
+#~ "\t"
+#~ msgstr ""
+#~ "    コマンド:\n"
+#~ "\t"
+
+#~ msgid ": "
+#~ msgstr ": "
+
+#~ msgid "unable to cache uid %u (%s), already exists"
+#~ msgstr "ユーザーID %u (%s) をキャッシュできません。すでに存在します"
+
+#~ msgid "unable to cache gid %u (%s), already exists"
+#~ msgstr "グループID %u (%s) をキャッシュできません。すでに存在します"
+
+#~ msgid "Unable to dlopen %s: %s"
+#~ msgstr "dlopen %s を行うことができません: %s"
+
+#~ msgid "unable to execute %s: %s"
+#~ msgstr "%s を実行できません: %s"
+
+#~ msgid "writing to standard output"
+#~ msgstr "標準出力に書き込んでいます"
+
+#~ msgid "nanosleep: tv_sec %ld, tv_nsec %ld"
+#~ msgstr "nanosleep: tv_sec %ld, tv_nsec %ld"
+
+#~ msgid "too many parenthesized expressions, max %d"
+#~ msgstr "式内の小括弧のくくりが多すぎます。最大は %d です。"
+
+#~ msgid "invalid regex: %s"
+#~ msgstr "無効な正規表現です: %s"
+
+#~ msgid "fill_args: buffer overflow"
+#~ msgstr "fill_args: バッファオーバーフローが発生しました"
+
+#~ msgid "internal error, expand_prompt() overflow"
+#~ msgstr "内部エラー、expand_prompt() がオーバーフローしました"
+
+#~ msgid "internal error, sudo_setenv2() overflow"
+#~ msgstr "内部エラー、 sudo_setenv2() がオーバーフローしました"
+
+#~ msgid "internal error, sudo_setenv() overflow"
+#~ msgstr "内部エラー、 sudo_setenv() がオーバーフローしました"
+
+#~ msgid "internal error, linux_audit_command() overflow"
+#~ msgstr "内部エラー、linux_audit_command() がオーバーフローしました"
+
+#~ msgid "internal error, runas_groups overflow"
+#~ msgstr "内部エラー、runas_groups がオーバーフローしました"
+
+#~ msgid "internal error, init_vars() overflow"
+#~ msgstr "内部エラー、init_vars() がオーバーフローしました"
+
+#~ msgid "fixed mode on %s"
+#~ msgstr "%s のアクセス権限のモードを修正しました"
+
+#~ msgid "set group on %s"
+#~ msgstr "%s のグループを設定しました"
+
+#~ msgid "unable to fix mode on %s"
+#~ msgstr "%s のアクセス権限のモードを修正できません"
+
+#~ msgid "%s is mode 0%o, should be 0%o"
+#~ msgstr "%s のアクセス権限のモードは 0%o です。これは 0%o であるべきです"
+
+#~ msgid "File containing dummy exec functions: %s"
+#~ msgstr "偽の exec 関数が含まれるファイル: %s"
diff --git a/plugins/sudoers/po/ko.mo b/plugins/sudoers/po/ko.mo
new file mode 100644
index 0000000..cd3bce1
--- /dev/null
+++ b/plugins/sudoers/po/ko.mo
diff --git a/plugins/sudoers/po/ko.po b/plugins/sudoers/po/ko.po
new file mode 100644
index 0000000..5f7839e
--- /dev/null
+++ b/plugins/sudoers/po/ko.po
@@ -0,0 +1,2122 @@
+# Korean translation for the sudoers plugin
+# This file is distributed under the same license as the sudo package.
+# Todd C. Miller <Todd.Miller@courtesan.com>, 2011-2015
+# Seong-ho Cho <darkcircle.0426@gmail.com>, 2016, 2017.
+#
+msgid ""
+msgstr ""
+"Project-Id-Version: sudoers 1.8.20b1\n"
+"Report-Msgid-Bugs-To: https://bugzilla.sudo.ws\n"
+"POT-Creation-Date: 2017-03-24 15:36-0600\n"
+"PO-Revision-Date: 2017-06-06 17:14+0900\n"
+"Last-Translator: Seong-ho Cho <darkcircle.0426@gmail.com>\n"
+"Language-Team: Korean <translation-team-ko@googlegroups.com>\n"
+"Language: ko\n"
+"MIME-Version: 1.0\n"
+"Content-Type: text/plain; charset=UTF-8\n"
+"Content-Transfer-Encoding: 8bit\n"
+"X-Bugs: Report translation errors to the Language-Team address.\n"
+"Plural-Forms: nplurals=1; plural=0;\n"
+"X-Generator: Poedit 1.8.7\n"
+
+#: confstr.sh:1
+msgid "syntax error"
+msgstr "문법 오류"
+
+#: confstr.sh:2
+msgid "%p's password: "
+msgstr "%p의 암호: "
+
+#: confstr.sh:3
+msgid "[sudo] password for %p: "
+msgstr "[sudo] %p의 암호: "
+
+#: confstr.sh:4
+msgid "Password: "
+msgstr "암호:"
+
+#: confstr.sh:5
+msgid "*** SECURITY information for %h ***"
+msgstr "*** %h 보안 알림 ***"
+
+#: confstr.sh:6
+msgid "Sorry, try again."
+msgstr "죄송합니다만, 다시 시도하십시오."
+
+#: gram.y:192 gram.y:240 gram.y:247 gram.y:254 gram.y:261 gram.y:268
+#: gram.y:284 gram.y:307 gram.y:314 gram.y:321 gram.y:328 gram.y:335
+#: gram.y:398 gram.y:406 gram.y:416 gram.y:449 gram.y:456 gram.y:463
+#: gram.y:470 gram.y:552 gram.y:559 gram.y:568 gram.y:577 gram.y:594
+#: gram.y:706 gram.y:713 gram.y:720 gram.y:728 gram.y:824 gram.y:831
+#: gram.y:838 gram.y:845 gram.y:852 gram.y:878 gram.y:885 gram.y:892
+#: gram.y:1015 gram.y:1195 gram.y:1202 plugins/sudoers/alias.c:124
+#: plugins/sudoers/alias.c:139 plugins/sudoers/auth/bsdauth.c:141
+#: plugins/sudoers/auth/kerb5.c:119 plugins/sudoers/auth/kerb5.c:145
+#: plugins/sudoers/auth/pam.c:443 plugins/sudoers/auth/rfc1938.c:109
+#: plugins/sudoers/auth/sia.c:59 plugins/sudoers/defaults.c:631
+#: plugins/sudoers/defaults.c:886 plugins/sudoers/defaults.c:1057
+#: plugins/sudoers/editor.c:64 plugins/sudoers/editor.c:82
+#: plugins/sudoers/editor.c:93 plugins/sudoers/env.c:234
+#: plugins/sudoers/filedigest.c:120 plugins/sudoers/filedigest_gcrypt.c:90
+#: plugins/sudoers/filedigest_openssl.c:111 plugins/sudoers/gc.c:52
+#: plugins/sudoers/group_plugin.c:134 plugins/sudoers/interfaces.c:71
+#: plugins/sudoers/iolog.c:909 plugins/sudoers/iolog_path.c:167
+#: plugins/sudoers/ldap.c:449 plugins/sudoers/ldap.c:480
+#: plugins/sudoers/ldap.c:532 plugins/sudoers/ldap.c:565
+#: plugins/sudoers/ldap.c:963 plugins/sudoers/ldap.c:1157
+#: plugins/sudoers/ldap.c:1168 plugins/sudoers/ldap.c:1184
+#: plugins/sudoers/ldap.c:1471 plugins/sudoers/ldap.c:1631
+#: plugins/sudoers/ldap.c:1713 plugins/sudoers/ldap.c:1853
+#: plugins/sudoers/ldap.c:1877 plugins/sudoers/ldap.c:1966
+#: plugins/sudoers/ldap.c:1981 plugins/sudoers/ldap.c:2077
+#: plugins/sudoers/ldap.c:2110 plugins/sudoers/ldap.c:2191
+#: plugins/sudoers/ldap.c:2273 plugins/sudoers/ldap.c:2370
+#: plugins/sudoers/ldap.c:3203 plugins/sudoers/ldap.c:3235
+#: plugins/sudoers/ldap.c:3544 plugins/sudoers/ldap.c:3572
+#: plugins/sudoers/ldap.c:3588 plugins/sudoers/ldap.c:3678
+#: plugins/sudoers/ldap.c:3694 plugins/sudoers/linux_audit.c:76
+#: plugins/sudoers/logging.c:188 plugins/sudoers/logging.c:450
+#: plugins/sudoers/logging.c:471 plugins/sudoers/logging.c:683
+#: plugins/sudoers/logging.c:941 plugins/sudoers/match.c:617
+#: plugins/sudoers/match.c:664 plugins/sudoers/match.c:714
+#: plugins/sudoers/match.c:738 plugins/sudoers/match.c:826
+#: plugins/sudoers/match.c:915 plugins/sudoers/parse.c:248
+#: plugins/sudoers/parse.c:260 plugins/sudoers/parse.c:275
+#: plugins/sudoers/parse.c:287 plugins/sudoers/policy.c:418
+#: plugins/sudoers/policy.c:652 plugins/sudoers/prompt.c:93
+#: plugins/sudoers/pwutil.c:139 plugins/sudoers/pwutil.c:210
+#: plugins/sudoers/pwutil.c:286 plugins/sudoers/pwutil.c:457
+#: plugins/sudoers/pwutil.c:522 plugins/sudoers/pwutil.c:591
+#: plugins/sudoers/pwutil.c:749 plugins/sudoers/pwutil.c:806
+#: plugins/sudoers/pwutil.c:851 plugins/sudoers/pwutil.c:908
+#: plugins/sudoers/sssd.c:162 plugins/sudoers/sssd.c:194
+#: plugins/sudoers/sssd.c:237 plugins/sudoers/sssd.c:244
+#: plugins/sudoers/sssd.c:280 plugins/sudoers/sssd.c:390
+#: plugins/sudoers/sssd.c:462 plugins/sudoers/sssd.c:1054
+#: plugins/sudoers/sssd.c:1233 plugins/sudoers/sssd.c:1247
+#: plugins/sudoers/sssd.c:1263 plugins/sudoers/sudoers.c:262
+#: plugins/sudoers/sudoers.c:272 plugins/sudoers/sudoers.c:280
+#: plugins/sudoers/sudoers.c:364 plugins/sudoers/sudoers.c:680
+#: plugins/sudoers/sudoers.c:795 plugins/sudoers/sudoers.c:839
+#: plugins/sudoers/sudoers_debug.c:107 plugins/sudoers/sudoreplay.c:517
+#: plugins/sudoers/sudoreplay.c:716 plugins/sudoers/sudoreplay.c:828
+#: plugins/sudoers/sudoreplay.c:868 plugins/sudoers/sudoreplay.c:877
+#: plugins/sudoers/sudoreplay.c:887 plugins/sudoers/sudoreplay.c:895
+#: plugins/sudoers/sudoreplay.c:899 plugins/sudoers/sudoreplay.c:1055
+#: plugins/sudoers/sudoreplay.c:1059 plugins/sudoers/testsudoers.c:131
+#: plugins/sudoers/testsudoers.c:217 plugins/sudoers/testsudoers.c:234
+#: plugins/sudoers/timestamp.c:378 plugins/sudoers/timestamp.c:422
+#: plugins/sudoers/timestamp.c:838 plugins/sudoers/toke_util.c:56
+#: plugins/sudoers/toke_util.c:109 plugins/sudoers/toke_util.c:146
+#: plugins/sudoers/visudo.c:153 plugins/sudoers/visudo.c:310
+#: plugins/sudoers/visudo.c:316 plugins/sudoers/visudo.c:447
+#: plugins/sudoers/visudo.c:625 plugins/sudoers/visudo.c:967
+#: plugins/sudoers/visudo.c:1033 plugins/sudoers/visudo.c:1077
+#: plugins/sudoers/visudo.c:1179 plugins/sudoers/visudo_json.c:1025 toke.l:849
+#: toke.l:949 toke.l:1106
+msgid "unable to allocate memory"
+msgstr "메모리를 할당할 수 없습니다"
+
+#: gram.y:481
+msgid "a digest requires a path name"
+msgstr "다이제스트에 경로 이름이 필요합니다"
+
+#: gram.y:607
+msgid "invalid notbefore value"
+msgstr "잘못된 notbefore 값"
+
+#: gram.y:615
+msgid "invalid notafter value"
+msgstr "잘못된 notafter 값"
+
+#: gram.y:624 plugins/sudoers/policy.c:265
+msgid "timeout value too large"
+msgstr "제한 시간 값이 너무 큽니다"
+
+#: gram.y:626 plugins/sudoers/policy.c:267
+msgid "invalid timeout value"
+msgstr "잘못된 제한 시간 값"
+
+#: gram.y:1195 gram.y:1202 plugins/sudoers/auth/pam.c:320
+#: plugins/sudoers/auth/pam.c:443 plugins/sudoers/auth/rfc1938.c:109
+#: plugins/sudoers/defaults.c:631 plugins/sudoers/defaults.c:886
+#: plugins/sudoers/defaults.c:1057 plugins/sudoers/editor.c:64
+#: plugins/sudoers/editor.c:82 plugins/sudoers/editor.c:93
+#: plugins/sudoers/env.c:234 plugins/sudoers/filedigest.c:120
+#: plugins/sudoers/filedigest_gcrypt.c:72
+#: plugins/sudoers/filedigest_gcrypt.c:90
+#: plugins/sudoers/filedigest_openssl.c:111 plugins/sudoers/gc.c:52
+#: plugins/sudoers/group_plugin.c:134 plugins/sudoers/interfaces.c:71
+#: plugins/sudoers/iolog.c:909 plugins/sudoers/iolog_path.c:167
+#: plugins/sudoers/ldap.c:449 plugins/sudoers/ldap.c:480
+#: plugins/sudoers/ldap.c:532 plugins/sudoers/ldap.c:565
+#: plugins/sudoers/ldap.c:963 plugins/sudoers/ldap.c:1157
+#: plugins/sudoers/ldap.c:1168 plugins/sudoers/ldap.c:1184
+#: plugins/sudoers/ldap.c:1471 plugins/sudoers/ldap.c:1631
+#: plugins/sudoers/ldap.c:1713 plugins/sudoers/ldap.c:1853
+#: plugins/sudoers/ldap.c:1877 plugins/sudoers/ldap.c:1966
+#: plugins/sudoers/ldap.c:1981 plugins/sudoers/ldap.c:2077
+#: plugins/sudoers/ldap.c:2110 plugins/sudoers/ldap.c:2190
+#: plugins/sudoers/ldap.c:2273 plugins/sudoers/ldap.c:2370
+#: plugins/sudoers/ldap.c:3203 plugins/sudoers/ldap.c:3235
+#: plugins/sudoers/ldap.c:3544 plugins/sudoers/ldap.c:3571
+#: plugins/sudoers/ldap.c:3587 plugins/sudoers/ldap.c:3678
+#: plugins/sudoers/ldap.c:3694 plugins/sudoers/linux_audit.c:76
+#: plugins/sudoers/logging.c:188 plugins/sudoers/logging.c:450
+#: plugins/sudoers/logging.c:471 plugins/sudoers/logging.c:941
+#: plugins/sudoers/match.c:616 plugins/sudoers/match.c:663
+#: plugins/sudoers/match.c:714 plugins/sudoers/match.c:738
+#: plugins/sudoers/match.c:826 plugins/sudoers/match.c:914
+#: plugins/sudoers/parse.c:248 plugins/sudoers/parse.c:260
+#: plugins/sudoers/parse.c:275 plugins/sudoers/parse.c:287
+#: plugins/sudoers/policy.c:98 plugins/sudoers/policy.c:107
+#: plugins/sudoers/policy.c:116 plugins/sudoers/policy.c:140
+#: plugins/sudoers/policy.c:251 plugins/sudoers/policy.c:265
+#: plugins/sudoers/policy.c:267 plugins/sudoers/policy.c:291
+#: plugins/sudoers/policy.c:300 plugins/sudoers/policy.c:339
+#: plugins/sudoers/policy.c:349 plugins/sudoers/policy.c:358
+#: plugins/sudoers/policy.c:367 plugins/sudoers/policy.c:418
+#: plugins/sudoers/policy.c:652 plugins/sudoers/prompt.c:93
+#: plugins/sudoers/pwutil.c:139 plugins/sudoers/pwutil.c:210
+#: plugins/sudoers/pwutil.c:286 plugins/sudoers/pwutil.c:457
+#: plugins/sudoers/pwutil.c:522 plugins/sudoers/pwutil.c:591
+#: plugins/sudoers/pwutil.c:749 plugins/sudoers/pwutil.c:806
+#: plugins/sudoers/pwutil.c:851 plugins/sudoers/pwutil.c:908
+#: plugins/sudoers/set_perms.c:387 plugins/sudoers/set_perms.c:766
+#: plugins/sudoers/set_perms.c:1150 plugins/sudoers/set_perms.c:1471
+#: plugins/sudoers/set_perms.c:1636 plugins/sudoers/sssd.c:162
+#: plugins/sudoers/sssd.c:194 plugins/sudoers/sssd.c:237
+#: plugins/sudoers/sssd.c:244 plugins/sudoers/sssd.c:280
+#: plugins/sudoers/sssd.c:390 plugins/sudoers/sssd.c:462
+#: plugins/sudoers/sssd.c:1054 plugins/sudoers/sssd.c:1232
+#: plugins/sudoers/sssd.c:1247 plugins/sudoers/sssd.c:1263
+#: plugins/sudoers/sudoers.c:262 plugins/sudoers/sudoers.c:272
+#: plugins/sudoers/sudoers.c:280 plugins/sudoers/sudoers.c:364
+#: plugins/sudoers/sudoers.c:680 plugins/sudoers/sudoers.c:795
+#: plugins/sudoers/sudoers.c:839 plugins/sudoers/sudoers_debug.c:106
+#: plugins/sudoers/sudoreplay.c:517 plugins/sudoers/sudoreplay.c:716
+#: plugins/sudoers/sudoreplay.c:828 plugins/sudoers/sudoreplay.c:868
+#: plugins/sudoers/sudoreplay.c:877 plugins/sudoers/sudoreplay.c:887
+#: plugins/sudoers/sudoreplay.c:895 plugins/sudoers/sudoreplay.c:899
+#: plugins/sudoers/sudoreplay.c:1055 plugins/sudoers/sudoreplay.c:1059
+#: plugins/sudoers/testsudoers.c:131 plugins/sudoers/testsudoers.c:217
+#: plugins/sudoers/testsudoers.c:234 plugins/sudoers/timestamp.c:378
+#: plugins/sudoers/timestamp.c:422 plugins/sudoers/timestamp.c:838
+#: plugins/sudoers/toke_util.c:56 plugins/sudoers/toke_util.c:109
+#: plugins/sudoers/toke_util.c:146 plugins/sudoers/visudo.c:153
+#: plugins/sudoers/visudo.c:310 plugins/sudoers/visudo.c:316
+#: plugins/sudoers/visudo.c:447 plugins/sudoers/visudo.c:625
+#: plugins/sudoers/visudo.c:967 plugins/sudoers/visudo.c:1033
+#: plugins/sudoers/visudo.c:1077 plugins/sudoers/visudo.c:1179
+#: plugins/sudoers/visudo_json.c:1025 toke.l:849 toke.l:949 toke.l:1106
+#, c-format
+msgid "%s: %s"
+msgstr "%s: %s"
+
+#: plugins/sudoers/alias.c:135
+#, c-format
+msgid "Alias \"%s\" already defined"
+msgstr "\"%s\" 별칭을 이미 정의했습니다"
+
+#: plugins/sudoers/auth/bsdauth.c:68
+#, c-format
+msgid "unable to get login class for user %s"
+msgstr "%s 사용자의 로그인 클래스를 가져올 수 없습니다"
+
+#: plugins/sudoers/auth/bsdauth.c:73
+msgid "unable to begin bsd authentication"
+msgstr "BSD 인증을 시작할 수 없습니다"
+
+#: plugins/sudoers/auth/bsdauth.c:81
+msgid "invalid authentication type"
+msgstr "잘못된 인증 형식입니다"
+
+#: plugins/sudoers/auth/bsdauth.c:90
+msgid "unable to initialize BSD authentication"
+msgstr "BSD 인증을 초기화할 수 없습니다"
+
+#: plugins/sudoers/auth/fwtk.c:52
+msgid "unable to read fwtk config"
+msgstr "fwtk 설정을 읽을 수 없습니다"
+
+#: plugins/sudoers/auth/fwtk.c:57
+msgid "unable to connect to authentication server"
+msgstr "인증 서버에 연결할 수 없습니다"
+
+#: plugins/sudoers/auth/fwtk.c:63 plugins/sudoers/auth/fwtk.c:87
+#: plugins/sudoers/auth/fwtk.c:121
+msgid "lost connection to authentication server"
+msgstr "인증 서버의 연결이 끊어졌습니다"
+
+#: plugins/sudoers/auth/fwtk.c:67
+#, c-format
+msgid ""
+"authentication server error:\n"
+"%s"
+msgstr ""
+"인증 서버 오류:\n"
+"%s"
+
+#: plugins/sudoers/auth/kerb5.c:111
+#, c-format
+msgid "%s: unable to convert principal to string ('%s'): %s"
+msgstr "%s: 본인 정보를 문자열('%s')로 변환할 수 없습니다: %s"
+
+#: plugins/sudoers/auth/kerb5.c:161
+#, c-format
+msgid "%s: unable to parse '%s': %s"
+msgstr "%s: '%s'을(를) 해석할 수 없습니다: %s"
+
+#: plugins/sudoers/auth/kerb5.c:170
+#, c-format
+msgid "%s: unable to resolve credential cache: %s"
+msgstr "%s: 자격 정보 캐시를 해석할 수 없습니다: %s"
+
+#: plugins/sudoers/auth/kerb5.c:217
+#, c-format
+msgid "%s: unable to allocate options: %s"
+msgstr "%s: 옵션을 할당할 수 없습니다: %s"
+
+#: plugins/sudoers/auth/kerb5.c:232
+#, c-format
+msgid "%s: unable to get credentials: %s"
+msgstr "%s: 자격 정보를 가져올 수 없습니다: %s"
+
+#: plugins/sudoers/auth/kerb5.c:245
+#, c-format
+msgid "%s: unable to initialize credential cache: %s"
+msgstr "%s: 자격 정보 캐시를 초기화할 수 없습니다: %s"
+
+#: plugins/sudoers/auth/kerb5.c:248
+#, c-format
+msgid "%s: unable to store credential in cache: %s"
+msgstr "%s: 캐시에 자격 정보를 저장할 수 없습니다: %s"
+
+#: plugins/sudoers/auth/kerb5.c:312
+#, c-format
+msgid "%s: unable to get host principal: %s"
+msgstr "%s: 호스트 정보를 가져올 수 없습니다: %s"
+
+#: plugins/sudoers/auth/kerb5.c:326
+#, c-format
+msgid "%s: Cannot verify TGT! Possible attack!: %s"
+msgstr "%s: TGT를 검증할 수 없습니다! 공격 가능성이 있습니다!: %s"
+
+#: plugins/sudoers/auth/pam.c:108
+msgid "unable to initialize PAM"
+msgstr "PAM을 초기화할 수 없습니다"
+
+#: plugins/sudoers/auth/pam.c:194
+msgid "account validation failure, is your account locked?"
+msgstr "계정 검증 실패, 계정이 잠겼습니까?"
+
+#: plugins/sudoers/auth/pam.c:198
+msgid "Account or password is expired, reset your password and try again"
+msgstr "계정 또는 암호 기한이 지났습니다. 암호를 다시 설정한 후 시도하십시오"
+
+#: plugins/sudoers/auth/pam.c:206
+#, c-format
+msgid "unable to change expired password: %s"
+msgstr "기한이 지난 암호를 바꿀 수 없습니다: %s"
+
+#: plugins/sudoers/auth/pam.c:211
+msgid "Password expired, contact your system administrator"
+msgstr "암호 기한이 지났습니다. 시스템 관리자에게 문의하십시오"
+
+#: plugins/sudoers/auth/pam.c:215
+msgid "Account expired or PAM config lacks an \"account\" section for sudo, contact your system administrator"
+msgstr "계정 기한이 지났거나 PAM 설정에 sudo에서 확인할 \"account\" 섹션이 빠졌습니다. 시스템 관리자에게 문의하십시오."
+
+#: plugins/sudoers/auth/pam.c:229
+#, c-format
+msgid "PAM authentication error: %s"
+msgstr "PAM 인증 오류: %s"
+
+#: plugins/sudoers/auth/rfc1938.c:97 plugins/sudoers/visudo.c:227
+#, c-format
+msgid "you do not exist in the %s database"
+msgstr "%s 데이터베이스에 없습니다"
+
+#: plugins/sudoers/auth/securid5.c:73
+msgid "failed to initialise the ACE API library"
+msgstr "ACE API 라이브러리 초기화에 실패했습니다"
+
+#: plugins/sudoers/auth/securid5.c:99
+msgid "unable to contact the SecurID server"
+msgstr "SecurID 서버에 연결할 수 없습니다"
+
+#: plugins/sudoers/auth/securid5.c:108
+msgid "User ID locked for SecurID Authentication"
+msgstr "SecurID 인증 과정에 사용자 ID가 잠겼습니다"
+
+#: plugins/sudoers/auth/securid5.c:112 plugins/sudoers/auth/securid5.c:163
+msgid "invalid username length for SecurID"
+msgstr "SecurID용 사용자 이름 길이가 잘못되었습니다"
+
+#: plugins/sudoers/auth/securid5.c:116 plugins/sudoers/auth/securid5.c:168
+msgid "invalid Authentication Handle for SecurID"
+msgstr "SecurID용 인증 핸들이 잘못되었습니다"
+
+#: plugins/sudoers/auth/securid5.c:120
+msgid "SecurID communication failed"
+msgstr "SecurID 통신에 실패했습니다"
+
+#: plugins/sudoers/auth/securid5.c:124 plugins/sudoers/auth/securid5.c:213
+msgid "unknown SecurID error"
+msgstr "알 수 없는 SecurID 오류"
+
+#: plugins/sudoers/auth/securid5.c:158
+msgid "invalid passcode length for SecurID"
+msgstr "SecurID용 암호 길이가 잘못되었습니다"
+
+#: plugins/sudoers/auth/sia.c:69 plugins/sudoers/auth/sia.c:125
+msgid "unable to initialize SIA session"
+msgstr "SIA 세션을 초기화할 수 없습니다"
+
+#: plugins/sudoers/auth/sudo_auth.c:126
+msgid "invalid authentication methods"
+msgstr "잘못된 인증 방식"
+
+#: plugins/sudoers/auth/sudo_auth.c:128
+msgid "Invalid authentication methods compiled into sudo!  You may not mix standalone and non-standalone authentication."
+msgstr "sudo에 컴파일한 인증 방식이 잘못됐습니다! 독립-비독립 인증 방식을 혼합하여 활용하면 안됩니다."
+
+#: plugins/sudoers/auth/sudo_auth.c:224 plugins/sudoers/auth/sudo_auth.c:274
+msgid "no authentication methods"
+msgstr "인증 방식 없음"
+
+#: plugins/sudoers/auth/sudo_auth.c:226
+msgid "There are no authentication methods compiled into sudo!  If you want to turn off authentication, use the --disable-authentication configure option."
+msgstr "sudo에 컴파일한 인증 방식이 없습니다!  인증 기능을 끄려면 --disable-authentication 설정 옵션을 사용하십시오."
+
+#: plugins/sudoers/auth/sudo_auth.c:276
+msgid "Unable to initialize authentication methods."
+msgstr "인증 방식을 초기화할 수 없습니다."
+
+#: plugins/sudoers/auth/sudo_auth.c:441
+msgid "Authentication methods:"
+msgstr "인증 방식:"
+
+#: plugins/sudoers/bsm_audit.c:111 plugins/sudoers/bsm_audit.c:200
+msgid "Could not determine audit condition"
+msgstr "감사 상태를 결정할 수 없습니다"
+
+#: plugins/sudoers/bsm_audit.c:172 plugins/sudoers/bsm_audit.c:260
+msgid "unable to commit audit record"
+msgstr "감사 레코드를 제출할 수 없습니다"
+
+#: plugins/sudoers/check.c:252
+msgid ""
+"\n"
+"We trust you have received the usual lecture from the local System\n"
+"Administrator. It usually boils down to these three things:\n"
+"\n"
+"    #1) Respect the privacy of others.\n"
+"    #2) Think before you type.\n"
+"    #3) With great power comes great responsibility.\n"
+"\n"
+msgstr ""
+"\n"
+"로컬 시스템 관리자에게 일반적인 지침을 받았으리라 믿습니다.\n"
+"보통 세가지로 요약합니다:\n"
+"\n"
+"    #1) 타인의 사생활을 존중하십시오.\n"
+"    #2) 입력하기 전에 한 번 더 생각하십시오.\n"
+"    #3) 막강한 힘에는 상당한 책임이 뒤따릅니다.\n"
+"\n"
+
+#: plugins/sudoers/check.c:295 plugins/sudoers/check.c:305
+#: plugins/sudoers/sudoers.c:716 plugins/sudoers/sudoers.c:758
+#, c-format
+msgid "unknown uid: %u"
+msgstr "알 수 없는 uid: %u"
+
+#: plugins/sudoers/check.c:300 plugins/sudoers/iolog.c:246
+#: plugins/sudoers/policy.c:825 plugins/sudoers/sudoers.c:1147
+#: plugins/sudoers/testsudoers.c:208 plugins/sudoers/testsudoers.c:366
+#, c-format
+msgid "unknown user: %s"
+msgstr "알 수 없는 사용자: %s"
+
+#: plugins/sudoers/def_data.c:34
+#, c-format
+msgid "Syslog facility if syslog is being used for logging: %s"
+msgstr "syslog를 기록 목적으로 활용할 때의 syslog 기능: %s"
+
+#: plugins/sudoers/def_data.c:38
+#, c-format
+msgid "Syslog priority to use when user authenticates successfully: %s"
+msgstr "사용자 인증에 성공했을 때 사용할 syslog 우선 순위: %s"
+
+#: plugins/sudoers/def_data.c:42
+#, c-format
+msgid "Syslog priority to use when user authenticates unsuccessfully: %s"
+msgstr "사용자 인증에 실패했을 때 사용할 syslog 우선 순위: %s"
+
+#: plugins/sudoers/def_data.c:46
+msgid "Put OTP prompt on its own line"
+msgstr "일회용 암호 입력 프롬프트를 자체 줄에 표시"
+
+#: plugins/sudoers/def_data.c:50
+msgid "Ignore '.' in $PATH"
+msgstr "$PATH의 '.'은 무시합니다"
+
+#: plugins/sudoers/def_data.c:54
+msgid "Always send mail when sudo is run"
+msgstr "sudo를 실행할 때 항상 메일을 보냄"
+
+#: plugins/sudoers/def_data.c:58
+msgid "Send mail if user authentication fails"
+msgstr "사용자가 인증에 실패했을 때 메일을 보냄"
+
+#: plugins/sudoers/def_data.c:62
+msgid "Send mail if the user is not in sudoers"
+msgstr "사용자가 sudoer가 아닐 때 메일을 보냄"
+
+#: plugins/sudoers/def_data.c:66
+msgid "Send mail if the user is not in sudoers for this host"
+msgstr "사용자가 이 호스트의 sudoer가 아닐 때 메일을 보냄"
+
+#: plugins/sudoers/def_data.c:70
+msgid "Send mail if the user is not allowed to run a command"
+msgstr "사용자가 명령을 실행하도록 허용하지 않았을 때 메일을 보냄"
+
+#: plugins/sudoers/def_data.c:74
+msgid "Send mail if the user tries to run a command"
+msgstr "사용자가 명령 실행을 시도했을 때 메일을 보냄"
+
+#: plugins/sudoers/def_data.c:78
+msgid "Use a separate timestamp for each user/tty combo"
+msgstr "각 사용자/tty에 타임스탬프를 따로 사용"
+
+#: plugins/sudoers/def_data.c:82
+msgid "Lecture user the first time they run sudo"
+msgstr "sudo를 처음 실행할 때 사용자에게 지침 안내"
+
+#: plugins/sudoers/def_data.c:86
+#, c-format
+msgid "File containing the sudo lecture: %s"
+msgstr "sudo 지침 안내가 들어있는 파일: %s"
+
+#: plugins/sudoers/def_data.c:90
+msgid "Require users to authenticate by default"
+msgstr "기본적으로 사용자 인증 필요"
+
+#: plugins/sudoers/def_data.c:94
+msgid "Root may run sudo"
+msgstr "루트 사용자의 sudo 실행"
+
+#: plugins/sudoers/def_data.c:98
+msgid "Log the hostname in the (non-syslog) log file"
+msgstr "로그(비 syslog) 파일에 호스트 이름 기록"
+
+#: plugins/sudoers/def_data.c:102
+msgid "Log the year in the (non-syslog) log file"
+msgstr "로그(비 syslog) 파일에 연도 기록"
+
+#: plugins/sudoers/def_data.c:106
+msgid "If sudo is invoked with no arguments, start a shell"
+msgstr "sudo에 인자를 넣어 실행하지 않으면 셸 시작"
+
+#: plugins/sudoers/def_data.c:110
+msgid "Set $HOME to the target user when starting a shell with -s"
+msgstr "-s 옵션으로 셸을 시작할 때 $HOME을 대상 사용자로 설정"
+
+#: plugins/sudoers/def_data.c:114
+msgid "Always set $HOME to the target user's home directory"
+msgstr "항상 $HOME을 대상 사용자의 내 폴더로 설정"
+
+#: plugins/sudoers/def_data.c:118
+msgid "Allow some information gathering to give useful error messages"
+msgstr "쓸만한 오류 메시지를 제공할 목적으로 일부 정보 수집 허용"
+
+#: plugins/sudoers/def_data.c:122
+msgid "Require fully-qualified hostnames in the sudoers file"
+msgstr "sudoers 파일에 완전한 형태를 갖춘 호스트 이름 필요"
+
+#: plugins/sudoers/def_data.c:126
+msgid "Insult the user when they enter an incorrect password"
+msgstr "올바르지 않은 암호를 입력했을 때 사용자 놀리기"
+
+#: plugins/sudoers/def_data.c:130
+msgid "Only allow the user to run sudo if they have a tty"
+msgstr "tty를 보유한 사용자만 sudo 실행 허용"
+
+#: plugins/sudoers/def_data.c:134
+msgid "Visudo will honor the EDITOR environment variable"
+msgstr "EDITOR 환경 변수 대신 visudo 사용"
+
+#: plugins/sudoers/def_data.c:138
+msgid "Prompt for root's password, not the users's"
+msgstr "사용자 암호가 아닌 루트 암호 요구"
+
+#: plugins/sudoers/def_data.c:142
+msgid "Prompt for the runas_default user's password, not the users's"
+msgstr "사용자 암호가 아닌 runas_default 사용자 암호 요구"
+
+#: plugins/sudoers/def_data.c:146
+msgid "Prompt for the target user's password, not the users's"
+msgstr "사용자 암호가 아닌 대상 사용자 암호 요구"
+
+#: plugins/sudoers/def_data.c:150
+msgid "Apply defaults in the target user's login class if there is one"
+msgstr "대상 사용자 로그인 클래스가 있다면 기본값 적용"
+
+#: plugins/sudoers/def_data.c:154
+msgid "Set the LOGNAME and USER environment variables"
+msgstr "LOGNAME 및 USER 환경 변수 설정"
+
+#: plugins/sudoers/def_data.c:158
+msgid "Only set the effective uid to the target user, not the real uid"
+msgstr "실제 uid가 아닌 대상 사용자에게 유효한 uid 설정"
+
+#: plugins/sudoers/def_data.c:162
+msgid "Don't initialize the group vector to that of the target user"
+msgstr "대상 사용자의 그룹 벡터 초기화 안함"
+
+#: plugins/sudoers/def_data.c:166
+#, c-format
+msgid "Length at which to wrap log file lines (0 for no wrap): %u"
+msgstr "로그 파일 줄을 바꿀 줄의 한계 길이(0 값은 줄 바꿈 안함): %u"
+
+#: plugins/sudoers/def_data.c:170
+#, c-format
+msgid "Authentication timestamp timeout: %.1f minutes"
+msgstr "인증 타임스탬프 제한 시간: %.1f분"
+
+#: plugins/sudoers/def_data.c:174
+#, c-format
+msgid "Password prompt timeout: %.1f minutes"
+msgstr "암호 요구 제한시간: %.1f분"
+
+#: plugins/sudoers/def_data.c:178
+#, c-format
+msgid "Number of tries to enter a password: %u"
+msgstr "암호 입력 시도 횟수: %u"
+
+#: plugins/sudoers/def_data.c:182
+#, c-format
+msgid "Umask to use or 0777 to use user's: 0%o"
+msgstr "사용자가 활용할 umask 또는 0777: 0%o"
+
+#: plugins/sudoers/def_data.c:186
+#, c-format
+msgid "Path to log file: %s"
+msgstr "로그 파일 경로: %s"
+
+#: plugins/sudoers/def_data.c:190
+#, c-format
+msgid "Path to mail program: %s"
+msgstr "메일 프로그램 경로: %s"
+
+#: plugins/sudoers/def_data.c:194
+#, c-format
+msgid "Flags for mail program: %s"
+msgstr "메일 프로그램 플래그: %s"
+
+#: plugins/sudoers/def_data.c:198
+#, c-format
+msgid "Address to send mail to: %s"
+msgstr "메일을 보낼 주소: %s"
+
+#: plugins/sudoers/def_data.c:202
+#, c-format
+msgid "Address to send mail from: %s"
+msgstr "메일을 보내려는 주소: %s"
+
+#: plugins/sudoers/def_data.c:206
+#, c-format
+msgid "Subject line for mail messages: %s"
+msgstr "메일 메시지 제목 줄: %s"
+
+#: plugins/sudoers/def_data.c:210
+#, c-format
+msgid "Incorrect password message: %s"
+msgstr "올바르지 않은 암호 메시지: %s"
+
+#: plugins/sudoers/def_data.c:214
+#, c-format
+msgid "Path to lecture status dir: %s"
+msgstr "지침 상태 디렉터리 경로: %s"
+
+#: plugins/sudoers/def_data.c:218
+#, c-format
+msgid "Path to authentication timestamp dir: %s"
+msgstr "인증 타임스탬프 디렉터리 경로: %s"
+
+#: plugins/sudoers/def_data.c:222
+#, c-format
+msgid "Owner of the authentication timestamp dir: %s"
+msgstr "인증 타임스탬프 디렉터리 소유자: %s"
+
+#: plugins/sudoers/def_data.c:226
+#, c-format
+msgid "Users in this group are exempt from password and PATH requirements: %s"
+msgstr "암호와 PATH 변수 요구를 하지 않을 이 그룹의 사용자: %s"
+
+#: plugins/sudoers/def_data.c:230
+#, c-format
+msgid "Default password prompt: %s"
+msgstr "기본 암호 프롬프트: %s"
+
+#: plugins/sudoers/def_data.c:234
+msgid "If set, passprompt will override system prompt in all cases."
+msgstr "설정하면 모든 경우의 시스템 프롬프트 대신 이 암호 프롬프트를 사용합니다."
+
+#: plugins/sudoers/def_data.c:238
+#, c-format
+msgid "Default user to run commands as: %s"
+msgstr "명령을 실행할 기본 사용자: %s"
+
+#: plugins/sudoers/def_data.c:242
+#, c-format
+msgid "Value to override user's $PATH with: %s"
+msgstr "사용자의 $PATH를 대신할 값: %s"
+
+#: plugins/sudoers/def_data.c:246
+#, c-format
+msgid "Path to the editor for use by visudo: %s"
+msgstr "visudo에서 사용할 편집기 경로: %s"
+
+#: plugins/sudoers/def_data.c:250
+#, c-format
+msgid "When to require a password for 'list' pseudocommand: %s"
+msgstr "'list' 유사 명령 실행시 암호가 필요할 때: %s"
+
+#: plugins/sudoers/def_data.c:254
+#, c-format
+msgid "When to require a password for 'verify' pseudocommand: %s"
+msgstr "'verify' 유사 명령 실행시 암호가 필요할 때: %s"
+
+#: plugins/sudoers/def_data.c:258
+msgid "Preload the dummy exec functions contained in the sudo_noexec library"
+msgstr "sudo_noexec 라이브러리에 있는 모조 exec 함수 미리 불러오기"
+
+#: plugins/sudoers/def_data.c:262
+msgid "If LDAP directory is up, do we ignore local sudoers file"
+msgstr "LDAP 디렉터리가 동작 중이라면 로컬 sudoers 파일을 무시합니다"
+
+#: plugins/sudoers/def_data.c:266
+#, c-format
+msgid "File descriptors >= %d will be closed before executing a command"
+msgstr "%d보다 큰 파일 서술자는 명령을 실행하기 전에 닫습니다"
+
+#: plugins/sudoers/def_data.c:270
+msgid "If set, users may override the value of `closefrom' with the -C option"
+msgstr "이 값을 설정하면 -C 옵션으로 `closefrom' 값을 대신 사용합니다"
+
+#: plugins/sudoers/def_data.c:274
+msgid "Allow users to set arbitrary environment variables"
+msgstr "사용자가 환경 변수 값을 임의대로 설정할 수 있게 합니다"
+
+#: plugins/sudoers/def_data.c:278
+msgid "Reset the environment to a default set of variables"
+msgstr "변수 기본 설정 값으로 환경 초기화"
+
+#: plugins/sudoers/def_data.c:282
+msgid "Environment variables to check for sanity:"
+msgstr "무결성 검사할 환경 변수:"
+
+#: plugins/sudoers/def_data.c:286
+msgid "Environment variables to remove:"
+msgstr "제거할 환경 변수:"
+
+#: plugins/sudoers/def_data.c:290
+msgid "Environment variables to preserve:"
+msgstr "유지할 환경 변수:"
+
+#: plugins/sudoers/def_data.c:294
+#, c-format
+msgid "SELinux role to use in the new security context: %s"
+msgstr "새 보안 컨텍스트에 사용할 SELinux 역할: %s"
+
+#: plugins/sudoers/def_data.c:298
+#, c-format
+msgid "SELinux type to use in the new security context: %s"
+msgstr "새 보안 컨텍스트에 사용할 SELinux 형식: %s"
+
+#: plugins/sudoers/def_data.c:302
+#, c-format
+msgid "Path to the sudo-specific environment file: %s"
+msgstr "sudo용 환경 파일 경로: %s"
+
+#: plugins/sudoers/def_data.c:306
+#, c-format
+msgid "Path to the restricted sudo-specific environment file: %s"
+msgstr "sudo 전용 환경 파일 경로: %s"
+
+#: plugins/sudoers/def_data.c:310
+#, c-format
+msgid "Locale to use while parsing sudoers: %s"
+msgstr "sudoers 파일을 해석할 때 사용할 로캘: %s"
+
+#: plugins/sudoers/def_data.c:314
+msgid "Allow sudo to prompt for a password even if it would be visible"
+msgstr "암호가 나타나더라도 sudo에서 암호 입력 요구 허용"
+
+#: plugins/sudoers/def_data.c:318
+msgid "Provide visual feedback at the password prompt when there is user input"
+msgstr "사용자 입력이 있을 때 암호 프롬프트에서 시각 반응 처리"
+
+#: plugins/sudoers/def_data.c:322
+msgid "Use faster globbing that is less accurate but does not access the filesystem"
+msgstr "덜 정확하지만 파일 시스템에 접근하지 않는 빠른 비교 검사 사용"
+
+#: plugins/sudoers/def_data.c:326
+msgid "The umask specified in sudoers will override the user's, even if it is more permissive"
+msgstr "sudoers에 지정한 umask 값이 관대한 권한이라 하더라도 사용자의 umask 값으로 적용"
+
+#: plugins/sudoers/def_data.c:330
+msgid "Log user's input for the command being run"
+msgstr "실행 명령에 대한 사용자 입력 기록"
+
+#: plugins/sudoers/def_data.c:334
+msgid "Log the output of the command being run"
+msgstr "실행 명령에 대한 출력 기록"
+
+#: plugins/sudoers/def_data.c:338
+msgid "Compress I/O logs using zlib"
+msgstr "zlib로 입출력 로그 압축"
+
+#: plugins/sudoers/def_data.c:342
+msgid "Always run commands in a pseudo-tty"
+msgstr "항상 명령을 유사 tty에서 실행"
+
+#: plugins/sudoers/def_data.c:346
+#, c-format
+msgid "Plugin for non-Unix group support: %s"
+msgstr "비 유닉스 그룹을 지원하는 플러그인: %s"
+
+#: plugins/sudoers/def_data.c:350
+#, c-format
+msgid "Directory in which to store input/output logs: %s"
+msgstr "입출력 로그를 저장할 디렉터리: %s"
+
+#: plugins/sudoers/def_data.c:354
+#, c-format
+msgid "File in which to store the input/output log: %s"
+msgstr "입출력 로그를 저장할 파일: %s"
+
+#: plugins/sudoers/def_data.c:358
+msgid "Add an entry to the utmp/utmpx file when allocating a pty"
+msgstr "pty를 할당할 때 utmp/utmpx 파일에 항목 추가"
+
+#: plugins/sudoers/def_data.c:362
+msgid "Set the user in utmp to the runas user, not the invoking user"
+msgstr "utmp의 사용자를 실제 실행 사용자가 아닌 대리 실행 사용자로 설정"
+
+#: plugins/sudoers/def_data.c:366
+msgid "Set of permitted privileges"
+msgstr "권한 허용 설정"
+
+#: plugins/sudoers/def_data.c:370
+msgid "Set of limit privileges"
+msgstr "권한 제한 설정"
+
+#: plugins/sudoers/def_data.c:374
+msgid "Run commands on a pty in the background"
+msgstr "백그라운드의 pty에서 명령 실행"
+
+#: plugins/sudoers/def_data.c:378
+msgid "PAM service name to use"
+msgstr "사용할 PAM 서비스 이름"
+
+#: plugins/sudoers/def_data.c:382
+msgid "PAM service name to use for login shells"
+msgstr "로그인 셸에서 사용할 PAM 서비스 이름"
+
+#: plugins/sudoers/def_data.c:386
+msgid "Attempt to establish PAM credentials for the target user"
+msgstr "대상 사용자의 PAM 인증 처리 시도"
+
+#: plugins/sudoers/def_data.c:390
+msgid "Create a new PAM session for the command to run in"
+msgstr "실행할 명령에 새 PAM 세션을 만듭니다"
+
+#: plugins/sudoers/def_data.c:394
+#, c-format
+msgid "Maximum I/O log sequence number: %u"
+msgstr "최대 입출력 로그 순차 번호: %u"
+
+#: plugins/sudoers/def_data.c:398
+msgid "Enable sudoers netgroup support"
+msgstr "sudoers에 네트워크 그룹 지원 활성화"
+
+#: plugins/sudoers/def_data.c:402
+msgid "Check parent directories for writability when editing files with sudoedit"
+msgstr "sudoedit로 파일을 편집할 때 상위 디렉터리 기록 가능 여부 확인"
+
+#: plugins/sudoers/def_data.c:406
+msgid "Follow symbolic links when editing files with sudoedit"
+msgstr "sudoedit로 파일을 편집할 때 심볼릭 링크 따라감"
+
+#: plugins/sudoers/def_data.c:410
+msgid "Query the group plugin for unknown system groups"
+msgstr "알 수 없는 시스템 그룹에 그룹 플러그인 요청"
+
+#: plugins/sudoers/def_data.c:414
+msgid "Match netgroups based on the entire tuple: user, host and domain"
+msgstr "user, host, domain 전체 튜플을 기반으로 네트워크 그룹 비교"
+
+#: plugins/sudoers/def_data.c:418
+msgid "Allow commands to be run even if sudo cannot write to the audit log"
+msgstr "sudo에서 감시 로그를 기록할 수 없을 경우에도 명령 실행 허용"
+
+#: plugins/sudoers/def_data.c:422
+msgid "Allow commands to be run even if sudo cannot write to the I/O log"
+msgstr "sudo에서 입출력 로그를 기록할 수 없을 경우에도 명령 실행 허용"
+
+#: plugins/sudoers/def_data.c:426
+msgid "Allow commands to be run even if sudo cannot write to the log file"
+msgstr "sudo에서 로그 파일에 기록할 수 없을 경우에도 명령 실행 허용"
+
+#: plugins/sudoers/def_data.c:430
+msgid "Resolve groups in sudoers and match on the group ID, not the name"
+msgstr "sudoers의 그룹을 해석하고 그룹 이름이 아닌 ID와 비교"
+
+#: plugins/sudoers/def_data.c:434
+#, c-format
+msgid "Log entries larger than this value will be split into multiple syslog messages: %u"
+msgstr "이 값보다 큰 로그 항목은 다수의 syslog 메시지로 나눕니다: %u"
+
+#: plugins/sudoers/def_data.c:438
+#, c-format
+msgid "User that will own the I/O log files: %s"
+msgstr "입출력 로그 파일을 소유할 사용자: %s"
+
+#: plugins/sudoers/def_data.c:442
+#, c-format
+msgid "Group that will own the I/O log files: %s"
+msgstr "입출력 로그 파일을 소유할 그룹: %s"
+
+#: plugins/sudoers/def_data.c:446
+#, c-format
+msgid "File mode to use for the I/O log files: 0%o"
+msgstr "입출력 로그 파일에 사용할 파일 모드: 0%o"
+
+#: plugins/sudoers/def_data.c:450
+#, c-format
+msgid "Execute commands by file descriptor instead of by path: %s"
+msgstr "경로가 아닌 파일 서술자로 명령어 실행: %s"
+
+#: plugins/sudoers/def_data.c:454
+msgid "Ignore unknown Defaults entries in sudoers instead of producing a warning"
+msgstr "경고를 출력하는 대신 sudoers에서 알 수 없는 기본 항목을 무시"
+
+#: plugins/sudoers/def_data.c:458
+#, c-format
+msgid "Time in seconds after which the command will be terminated: %u"
+msgstr "명령 처리가 끝난 후의 초 단위 시간: %u"
+
+#: plugins/sudoers/def_data.c:462
+msgid "Allow the user to specify a timeout on the command line"
+msgstr "사용자가 명령행에서 제한 시간을 지정하도록 허용"
+
+#: plugins/sudoers/def_data.c:466
+msgid "Flush I/O log data to disk immediately instead of buffering it"
+msgstr "입출력 로그 데이터를 버퍼링하는 대신 즉시 디스크로 플러싱"
+
+#: plugins/sudoers/defaults.c:220
+#, c-format
+msgid "%s:%d unknown defaults entry \"%s\""
+msgstr "%s:%d 알 수 없는 \"%s\" 기본 항목"
+
+#: plugins/sudoers/defaults.c:223
+#, c-format
+msgid "%s: unknown defaults entry \"%s\""
+msgstr "%s: 알 수 없는 \"%s\" 기본 항목"
+
+#: plugins/sudoers/defaults.c:246
+#, c-format
+msgid "%s:%d no value specified for \"%s\""
+msgstr "%s:%d \"%s\"에 지정한 값이 없습니다"
+
+#: plugins/sudoers/defaults.c:249
+#, c-format
+msgid "%s: no value specified for \"%s\""
+msgstr "%s: \"%s\"에 지정한 값이 없습니다"
+
+#: plugins/sudoers/defaults.c:268
+#, c-format
+msgid "%s:%d values for \"%s\" must start with a '/'"
+msgstr "%s:%d \"%s\" 값은 '/' 문자로 시작해야합니다"
+
+#: plugins/sudoers/defaults.c:271
+#, c-format
+msgid "%s: values for \"%s\" must start with a '/'"
+msgstr "%s: \"%s\" 값은 '/' 문자로 시작해야합니다"
+
+#: plugins/sudoers/defaults.c:296
+#, c-format
+msgid "%s:%d option \"%s\" does not take a value"
+msgstr "%s:%d \"%s\" 옵션에 값이 없습니다"
+
+#: plugins/sudoers/defaults.c:299
+#, c-format
+msgid "%s: option \"%s\" does not take a value"
+msgstr "%s: \"%s\" 옵션에 값이 없습니다"
+
+#: plugins/sudoers/defaults.c:321
+#, c-format
+msgid "%s:%d invalid Defaults type 0x%x for option \"%s\""
+msgstr "%1$s:%2$d \"%4$s\" 옵션의 잘못된 기본 형식 0x%3$x"
+
+#: plugins/sudoers/defaults.c:324
+#, c-format
+msgid "%s: invalid Defaults type 0x%x for option \"%s\""
+msgstr "%1$s: \"%3$s\" 옵션의 잘못된 기본 형식 0x%2$x"
+
+#: plugins/sudoers/defaults.c:334
+#, c-format
+msgid "%s:%d value \"%s\" is invalid for option \"%s\""
+msgstr "%s:%d \"%s\" 값은 \"%s\" 옵션에 맞지 않습니다"
+
+#: plugins/sudoers/defaults.c:337
+#, c-format
+msgid "%s: value \"%s\" is invalid for option \"%s\""
+msgstr "%s: \"%s\" 값은 \"%s\" 옵션에 맞지 않습니다"
+
+#: plugins/sudoers/env.c:296 plugins/sudoers/env.c:303
+#: plugins/sudoers/env.c:408 plugins/sudoers/ldap.c:453
+#: plugins/sudoers/ldap.c:543 plugins/sudoers/ldap.c:1253
+#: plugins/sudoers/ldap.c:1475 plugins/sudoers/ldap.c:1801
+#: plugins/sudoers/linux_audit.c:82 plugins/sudoers/logging.c:946
+#: plugins/sudoers/policy.c:536 plugins/sudoers/policy.c:546
+#: plugins/sudoers/prompt.c:161 plugins/sudoers/sudoers.c:861
+#: plugins/sudoers/testsudoers.c:238 plugins/sudoers/toke_util.c:158
+#, c-format
+msgid "internal error, %s overflow"
+msgstr "내부 오류. %s 오버플로우"
+
+#: plugins/sudoers/env.c:377
+msgid "sudo_putenv: corrupted envp, length mismatch"
+msgstr "sudo_putenv: envp가 깨졌습니다. 길이가 일치하지 않습니다"
+
+#: plugins/sudoers/env.c:1083
+msgid "unable to rebuild the environment"
+msgstr "환경 구성을 다시 갖출 수 없습니다"
+
+#: plugins/sudoers/env.c:1157
+#, c-format
+msgid "sorry, you are not allowed to set the following environment variables: %s"
+msgstr "죄송하지만 다음 환경 변수를 설정하도록 허가받지 않았습니다: %s"
+
+#: plugins/sudoers/filedigest.c:104 plugins/sudoers/filedigest_gcrypt.c:66
+#: plugins/sudoers/filedigest_openssl.c:95
+#, c-format
+msgid "unsupported digest type %d for %s"
+msgstr "%2$s에서 지원하지 않는 다이제스트 형식 %1$d"
+
+#: plugins/sudoers/filedigest.c:129 plugins/sudoers/filedigest_gcrypt.c:98
+#: plugins/sudoers/filedigest_openssl.c:120
+#, c-format
+msgid "%s: read error"
+msgstr "%s: 읽기 오류"
+
+#: plugins/sudoers/group_plugin.c:86
+#, c-format
+msgid "%s must be owned by uid %d"
+msgstr "%s은(는) %d uid가 소유해야 합니다"
+
+#: plugins/sudoers/group_plugin.c:90
+#, c-format
+msgid "%s must only be writable by owner"
+msgstr "%s은(는) 소유자만 쓸 수 있습니다"
+
+#: plugins/sudoers/group_plugin.c:98 plugins/sudoers/sssd.c:398
+#, c-format
+msgid "unable to load %s: %s"
+msgstr "%s을(를) 불러올 수 없습니다: %s"
+
+#: plugins/sudoers/group_plugin.c:104
+#, c-format
+msgid "unable to find symbol \"group_plugin\" in %s"
+msgstr "%s에서 \"group_plugin\" 심볼을 찾을 수 없습니다"
+
+#: plugins/sudoers/group_plugin.c:109
+#, c-format
+msgid "%s: incompatible group plugin major version %d, expected %d"
+msgstr "%s: 호환되지 않는 그룹 플러그인 주 버전 %d입니다. %d이(가) 필요합니다."
+
+#: plugins/sudoers/interfaces.c:79 plugins/sudoers/interfaces.c:96
+#, c-format
+msgid "unable to parse IP address \"%s\""
+msgstr "\"%s\" IP 주소를 해석할 수 없습니다"
+
+#: plugins/sudoers/interfaces.c:84 plugins/sudoers/interfaces.c:101
+#, c-format
+msgid "unable to parse netmask \"%s\""
+msgstr "\"%s\" 네트워크 마스크 주소를 해석할 수 없습니다"
+
+#: plugins/sudoers/interfaces.c:129
+msgid "Local IP address and netmask pairs:\n"
+msgstr "로컬 IP 주소 및 넷마스크 쌍:\n"
+
+#: plugins/sudoers/iolog.c:111 plugins/sudoers/mkdir_parents.c:70
+#, c-format
+msgid "%s exists but is not a directory (0%o)"
+msgstr "%s이(가) 있지만 디렉터리가 아닙니다(0%o)"
+
+#: plugins/sudoers/iolog.c:136 plugins/sudoers/iolog.c:173
+#: plugins/sudoers/mkdir_parents.c:59 plugins/sudoers/timestamp.c:170
+#, c-format
+msgid "unable to mkdir %s"
+msgstr "mkdir %s 명령을 실행할 수 없습니다"
+
+#: plugins/sudoers/iolog.c:177 plugins/sudoers/visudo.c:722
+#: plugins/sudoers/visudo.c:732
+#, c-format
+msgid "unable to change mode of %s to 0%o"
+msgstr "%s 모드를 0%o 값으로 바꿀 수 없습니다"
+
+#: plugins/sudoers/iolog.c:285 plugins/sudoers/sudoers.c:1178
+#: plugins/sudoers/testsudoers.c:390
+#, c-format
+msgid "unknown group: %s"
+msgstr "잘못된 그룹: %s"
+
+#: plugins/sudoers/iolog.c:383 plugins/sudoers/sudoers.c:917
+#: plugins/sudoers/sudoreplay.c:304 plugins/sudoers/sudoreplay.c:817
+#: plugins/sudoers/sudoreplay.c:1021 plugins/sudoers/timestamp.c:387
+#: plugins/sudoers/visudo.c:954 plugins/sudoers/visudo_json.c:1001
+#: plugins/sudoers/visudo_json.c:1014
+#, c-format
+msgid "unable to open %s"
+msgstr "%s을(를) 열 수 없습니다"
+
+#: plugins/sudoers/iolog.c:433 plugins/sudoers/sudoers.c:921
+#: plugins/sudoers/sudoreplay.c:1132
+#, c-format
+msgid "unable to read %s"
+msgstr "%s을(를) 읽을 수 없습니다"
+
+#: plugins/sudoers/iolog.c:469 plugins/sudoers/sudoreplay.c:598
+#: plugins/sudoers/timestamp.c:286 plugins/sudoers/timestamp.c:289
+#, c-format
+msgid "unable to write to %s"
+msgstr "%s에 기록할 수 없습니다"
+
+#: plugins/sudoers/iolog.c:550 plugins/sudoers/iolog.c:775
+#, c-format
+msgid "unable to create %s"
+msgstr "%s을(를) 만들 수 없습니다"
+
+#: plugins/sudoers/iolog.c:1000 plugins/sudoers/iolog.c:1070
+#, c-format
+msgid "unable to write to I/O log file: %s"
+msgstr "입출력 로그에 기록할 수 없습니다: %s"
+
+#: plugins/sudoers/iolog.c:1034
+#, c-format
+msgid "%s: internal error, file index %d not open"
+msgstr "%s: 내부 오류. 파일 인덱스 %d을(를) 열지 않았습니다"
+
+#: plugins/sudoers/ldap.c:431
+msgid "sudo_ldap_conf_add_ports: port too large"
+msgstr "sudo_ldap_conf_add_ports: 포트 값이 너무 큽니다"
+
+#: plugins/sudoers/ldap.c:491
+#, c-format
+msgid "unsupported LDAP uri type: %s"
+msgstr "지원하지 않는 LDAP URI 형식: %s"
+
+#: plugins/sudoers/ldap.c:518
+msgid "unable to mix ldap and ldaps URIs"
+msgstr "ldap 및 ldaps URI를 함께 사용할 수 없습니다"
+
+#: plugins/sudoers/ldap.c:522 plugins/sudoers/ldap.c:558
+msgid "starttls not supported when using ldaps"
+msgstr "ldaps를 사용할 때 starttls를 지원하지 않습니다"
+
+#: plugins/sudoers/ldap.c:629
+#, c-format
+msgid "unable to initialize SSL cert and key db: %s"
+msgstr "SSL 인증서 및 키 DB를 초기화할 수 없습니다: %s"
+
+#: plugins/sudoers/ldap.c:632
+#, c-format
+msgid "you must set TLS_CERT in %s to use SSL"
+msgstr "SSL을 사용하려면 %s에서 TLS_CERT를 설정해야 합니다"
+
+#: plugins/sudoers/ldap.c:1239
+msgid "unable to get GMT time"
+msgstr "GMT 시간을 가져올 수 없습니다"
+
+#: plugins/sudoers/ldap.c:1245
+msgid "unable to format timestamp"
+msgstr "타임스탬프를 형식에 맞출 수 없습니다"
+
+#: plugins/sudoers/ldap.c:1956
+#, c-format
+msgid "%s: %s: %s: %s"
+msgstr "%s: %s: %s: %s"
+
+#: plugins/sudoers/ldap.c:2528
+#, c-format
+msgid ""
+"\n"
+"LDAP Role: %s\n"
+msgstr ""
+"\n"
+"LDAP 역할: %s\n"
+
+#: plugins/sudoers/ldap.c:2530
+#, c-format
+msgid ""
+"\n"
+"LDAP Role: UNKNOWN\n"
+msgstr ""
+"\n"
+"LDAP 역할: 알 수 없음\n"
+
+#: plugins/sudoers/ldap.c:2586
+#, c-format
+msgid "    Order: %s\n"
+msgstr "    순서: %s\n"
+
+#: plugins/sudoers/ldap.c:2594 plugins/sudoers/parse.c:614
+#: plugins/sudoers/sssd.c:1625
+#, c-format
+msgid "    Commands:\n"
+msgstr "    명령:\n"
+
+#: plugins/sudoers/ldap.c:3155
+#, c-format
+msgid "unable to initialize LDAP: %s"
+msgstr "LDAP를 초기화할 수 없습니다: %s"
+
+#: plugins/sudoers/ldap.c:3191
+msgid "start_tls specified but LDAP libs do not support ldap_start_tls_s() or ldap_start_tls_s_np()"
+msgstr "start_tls를 지정했지만 LDAP 라이브러리에서 ldap_start_tls_s() 또는 ldap_start_tls_s_np() 함수를 지원하지 않습니다"
+
+#: plugins/sudoers/ldap.c:3440
+#, c-format
+msgid "invalid sudoOrder attribute: %s"
+msgstr "잘못된 sudoOrder 속성: %s"
+
+#: plugins/sudoers/linux_audit.c:52
+msgid "unable to open audit system"
+msgstr "감시 시스템을 열 수 없습니다"
+
+#: plugins/sudoers/linux_audit.c:93
+msgid "unable to send audit message"
+msgstr "감시 메시지를 보낼 수 없습니다"
+
+#: plugins/sudoers/logging.c:106
+#, c-format
+msgid "%8s : %s"
+msgstr "%8s : %s"
+
+#: plugins/sudoers/logging.c:134
+#, c-format
+msgid "%8s : (command continued) %s"
+msgstr "%8s : (명령 계속 실행) %s"
+
+#: plugins/sudoers/logging.c:163
+#, c-format
+msgid "unable to open log file: %s"
+msgstr "로그 파일을 열 수 없습니다: %s"
+
+#: plugins/sudoers/logging.c:171
+#, c-format
+msgid "unable to lock log file: %s"
+msgstr "로그 파일을 잠글 수 없습니다: %s"
+
+#: plugins/sudoers/logging.c:204
+#, c-format
+msgid "unable to write log file: %s"
+msgstr "로그 파일에 기록할 수 없습니다: %s"
+
+#: plugins/sudoers/logging.c:233
+msgid "No user or host"
+msgstr "사용자 또는 호스트 없음"
+
+#: plugins/sudoers/logging.c:235
+msgid "validation failure"
+msgstr "검증 실패"
+
+#: plugins/sudoers/logging.c:242
+msgid "user NOT in sudoers"
+msgstr "사용자가 sudoers에 없습니다"
+
+#: plugins/sudoers/logging.c:244
+msgid "user NOT authorized on host"
+msgstr "사용자가 호스트에서 인증하지 않았습니다"
+
+#: plugins/sudoers/logging.c:246
+msgid "command not allowed"
+msgstr "명령을 허용하지 않았습니다"
+
+#: plugins/sudoers/logging.c:281
+#, c-format
+msgid "%s is not in the sudoers file.  This incident will be reported.\n"
+msgstr "%s은(는) sudoers 설정 파일에 없습니다.  이 시도를 보고합니다.\n"
+
+#: plugins/sudoers/logging.c:284
+#, c-format
+msgid "%s is not allowed to run sudo on %s.  This incident will be reported.\n"
+msgstr "%s은(는) %s에서 sudo를 실행하도록 허가받지 않았습니다.  이 시도를 보고합니다.\n"
+
+#: plugins/sudoers/logging.c:288
+#, c-format
+msgid "Sorry, user %s may not run sudo on %s.\n"
+msgstr "죄송하지만, %s 사용자는 %s에서 sudo를 실행하면 안됩니다.\n"
+
+#: plugins/sudoers/logging.c:291
+#, c-format
+msgid "Sorry, user %s is not allowed to execute '%s%s%s' as %s%s%s on %s.\n"
+msgstr "죄송하지만 %1$s 사용자는 '%2$s%3$s%4$s'을(를) %8$s의 %5$s%6$s%7$s(으)로 실행하도록 허가받지 않았습니다.\n"
+
+#: plugins/sudoers/logging.c:328 plugins/sudoers/sudoers.c:471
+#: plugins/sudoers/sudoers.c:473 plugins/sudoers/sudoers.c:475
+#: plugins/sudoers/sudoers.c:477 plugins/sudoers/sudoers.c:1267
+#: plugins/sudoers/sudoers.c:1269
+#, c-format
+msgid "%s: command not found"
+msgstr "%s: 명령이 없습니다"
+
+#: plugins/sudoers/logging.c:330 plugins/sudoers/sudoers.c:467
+#, c-format
+msgid ""
+"ignoring \"%s\" found in '.'\n"
+"Use \"sudo ./%s\" if this is the \"%s\" you wish to run."
+msgstr ""
+"'.'에 무시 중인 \"%1$s\" 요소가 있습니다.\n"
+"\"%3$s\" 명령을 실행하려면, \"sudo ./%2$s\" 명령을 사용하십시오."
+
+#: plugins/sudoers/logging.c:347
+msgid "authentication failure"
+msgstr "인증 실패"
+
+#: plugins/sudoers/logging.c:373
+msgid "a password is required"
+msgstr "암호가 필요합니다"
+
+#: plugins/sudoers/logging.c:444 plugins/sudoers/logging.c:510
+#, c-format
+msgid "%u incorrect password attempt"
+msgid_plural "%u incorrect password attempts"
+msgstr[0] "잘못된 암호 입력 시도 %u번"
+
+#: plugins/sudoers/logging.c:597
+msgid "unable to fork"
+msgstr "포킹할 수 없습니다"
+
+#: plugins/sudoers/logging.c:605 plugins/sudoers/logging.c:657
+#, c-format
+msgid "unable to fork: %m"
+msgstr "포킹할 수 없습니다: %m"
+
+#: plugins/sudoers/logging.c:647
+#, c-format
+msgid "unable to open pipe: %m"
+msgstr "파이프를 열 수 없습니다: %m"
+
+#: plugins/sudoers/logging.c:672
+#, c-format
+msgid "unable to dup stdin: %m"
+msgstr "표준 입력을 복제할 수 없습니다: %m"
+
+#: plugins/sudoers/logging.c:710
+#, c-format
+msgid "unable to execute %s: %m"
+msgstr "%s을(를) 실행할 수 없습니다: %m"
+
+#: plugins/sudoers/match.c:771
+#, c-format
+msgid "digest for %s (%s) is not in %s form"
+msgstr "%s 다이제스트(%s)는 %s 형식이 아닙니다"
+
+#: plugins/sudoers/mkdir_parents.c:65 plugins/sudoers/sudoers.c:932
+#: plugins/sudoers/visudo.c:440 plugins/sudoers/visudo.c:716
+#, c-format
+msgid "unable to stat %s"
+msgstr "%s의 상태를 가져올 수 없습니다"
+
+#: plugins/sudoers/parse.c:115
+#, c-format
+msgid "parse error in %s near line %d"
+msgstr "%s %d번째 줄에서 해석 오류"
+
+#: plugins/sudoers/parse.c:118
+#, c-format
+msgid "parse error in %s"
+msgstr "%s 해석 오류"
+
+#: plugins/sudoers/parse.c:540
+#, c-format
+msgid ""
+"\n"
+"Sudoers entry:\n"
+msgstr ""
+"\n"
+"Sudoers 항목:\n"
+
+#: plugins/sudoers/parse.c:541
+#, c-format
+msgid "    RunAsUsers: "
+msgstr "    실행 사용자: "
+
+#: plugins/sudoers/parse.c:555
+#, c-format
+msgid "    RunAsGroups: "
+msgstr "    실행 그룹: "
+
+#: plugins/sudoers/parse.c:564
+#, c-format
+msgid "    Options: "
+msgstr "    옵션: "
+
+#: plugins/sudoers/policy.c:241 plugins/sudoers/testsudoers.c:261
+msgid "unable to parse network address list"
+msgstr "네트워크 주소 목록을 해석할 수 없습니다"
+
+#: plugins/sudoers/policy.c:710 plugins/sudoers/visudo.c:892
+#, c-format
+msgid "unable to execute %s"
+msgstr "%s을(를) 실행할 수 없습니다"
+
+#: plugins/sudoers/policy.c:843
+#, c-format
+msgid "Sudoers policy plugin version %s\n"
+msgstr "Sudoers 정책 플러그인 버전 %s\n"
+
+#: plugins/sudoers/policy.c:845
+#, c-format
+msgid "Sudoers file grammar version %d\n"
+msgstr "Sudoers 파일 문법 버전 %d\n"
+
+#: plugins/sudoers/policy.c:849
+#, c-format
+msgid ""
+"\n"
+"Sudoers path: %s\n"
+msgstr ""
+"\n"
+"Sudoers 경로: %s\n"
+
+#: plugins/sudoers/policy.c:852
+#, c-format
+msgid "nsswitch path: %s\n"
+msgstr "nsswitch 경로: %s\n"
+
+#: plugins/sudoers/policy.c:854
+#, c-format
+msgid "ldap.conf path: %s\n"
+msgstr "ldap.conf 경로: %s\n"
+
+#: plugins/sudoers/policy.c:855
+#, c-format
+msgid "ldap.secret path: %s\n"
+msgstr "ldap.secret 경로: %s\n"
+
+#: plugins/sudoers/policy.c:888
+#, c-format
+msgid "unable to register hook of type %d (version %d.%d)"
+msgstr "%d 형식의 후크를 등록할 수 없습니다(버전 %d.%d)"
+
+#: plugins/sudoers/pwutil.c:162 plugins/sudoers/pwutil.c:180
+#, c-format
+msgid "unable to cache uid %u, out of memory"
+msgstr "%u uid를 캐시에 적재할 수 없습니다. 메모리가 부족합니다."
+
+#: plugins/sudoers/pwutil.c:174
+#, c-format
+msgid "unable to cache uid %u, already exists"
+msgstr "%u uid를 캐시에 적재할 수 없습니다. 이미 존재합니다."
+
+#: plugins/sudoers/pwutil.c:234 plugins/sudoers/pwutil.c:251
+#: plugins/sudoers/pwutil.c:313 plugins/sudoers/pwutil.c:358
+#, c-format
+msgid "unable to cache user %s, out of memory"
+msgstr "%s 사용자를 캐시에 적재할 수 없습니다. 메모리가 부족합니다."
+
+#: plugins/sudoers/pwutil.c:246
+#, c-format
+msgid "unable to cache user %s, already exists"
+msgstr "%s 사용자를 캐시에 적재할 수 없습니다. 이미 존재합니다."
+
+#: plugins/sudoers/pwutil.c:474 plugins/sudoers/pwutil.c:492
+#, c-format
+msgid "unable to cache gid %u, out of memory"
+msgstr "%u gid를 캐시에 적재할 수 없습니다. 메모리가 부족합니다."
+
+#: plugins/sudoers/pwutil.c:486
+#, c-format
+msgid "unable to cache gid %u, already exists"
+msgstr "%u gid를 캐시에 적재할 수 없습니다. 이미 존재합니다."
+
+#: plugins/sudoers/pwutil.c:540 plugins/sudoers/pwutil.c:557
+#: plugins/sudoers/pwutil.c:604 plugins/sudoers/pwutil.c:646
+#, c-format
+msgid "unable to cache group %s, out of memory"
+msgstr "%s 그룹을 캐시에 적재할 수 없습니다. 메모리가 부족합니다."
+
+#: plugins/sudoers/pwutil.c:552
+#, c-format
+msgid "unable to cache group %s, already exists"
+msgstr "%s 그룹을 캐시에 적재할 수 없습니다. 이미 존재합니다."
+
+#: plugins/sudoers/pwutil.c:772 plugins/sudoers/pwutil.c:824
+#: plugins/sudoers/pwutil.c:874 plugins/sudoers/pwutil.c:926
+#, c-format
+msgid "unable to cache group list for %s, already exists"
+msgstr "%s 그룹 목록을 캐시에 적재할 수 없습니다. 이미 존재합니다."
+
+#: plugins/sudoers/pwutil.c:778 plugins/sudoers/pwutil.c:829
+#: plugins/sudoers/pwutil.c:880 plugins/sudoers/pwutil.c:931
+#, c-format
+msgid "unable to cache group list for %s, out of memory"
+msgstr "%s 그룹 목록을 캐시에 적재할 수 없습니다. 메모리가 부족합니다."
+
+#: plugins/sudoers/pwutil.c:818
+#, c-format
+msgid "unable to parse groups for %s"
+msgstr "%s 그룹을 해석할 수 없습니다"
+
+#: plugins/sudoers/pwutil.c:920
+#, c-format
+msgid "unable to parse gids for %s"
+msgstr "%s 그룹 ID를 해석할 수 없습니다"
+
+#: plugins/sudoers/set_perms.c:113 plugins/sudoers/set_perms.c:469
+#: plugins/sudoers/set_perms.c:912 plugins/sudoers/set_perms.c:1234
+#: plugins/sudoers/set_perms.c:1551
+msgid "perm stack overflow"
+msgstr "perm 스택 오버플로우"
+
+#: plugins/sudoers/set_perms.c:121 plugins/sudoers/set_perms.c:400
+#: plugins/sudoers/set_perms.c:477 plugins/sudoers/set_perms.c:779
+#: plugins/sudoers/set_perms.c:920 plugins/sudoers/set_perms.c:1163
+#: plugins/sudoers/set_perms.c:1242 plugins/sudoers/set_perms.c:1484
+#: plugins/sudoers/set_perms.c:1559 plugins/sudoers/set_perms.c:1649
+msgid "perm stack underflow"
+msgstr "parm 스택 언더플로우"
+
+#: plugins/sudoers/set_perms.c:180 plugins/sudoers/set_perms.c:523
+#: plugins/sudoers/set_perms.c:1293 plugins/sudoers/set_perms.c:1591
+msgid "unable to change to root gid"
+msgstr "루트 gid로 바꿀 수 없습니다"
+
+#: plugins/sudoers/set_perms.c:269 plugins/sudoers/set_perms.c:620
+#: plugins/sudoers/set_perms.c:1049 plugins/sudoers/set_perms.c:1370
+msgid "unable to change to runas gid"
+msgstr "실행 gid로 바꿀 수 없습니다"
+
+#: plugins/sudoers/set_perms.c:274 plugins/sudoers/set_perms.c:625
+#: plugins/sudoers/set_perms.c:1054 plugins/sudoers/set_perms.c:1375
+msgid "unable to set runas group vector"
+msgstr "실행 그룹 벡터를 설정할 수 없습니다"
+
+#: plugins/sudoers/set_perms.c:285 plugins/sudoers/set_perms.c:636
+#: plugins/sudoers/set_perms.c:1063 plugins/sudoers/set_perms.c:1384
+msgid "unable to change to runas uid"
+msgstr "실행 uid로 바꿀 수 없습니다"
+
+#: plugins/sudoers/set_perms.c:303 plugins/sudoers/set_perms.c:654
+#: plugins/sudoers/set_perms.c:1079 plugins/sudoers/set_perms.c:1400
+msgid "unable to change to sudoers gid"
+msgstr "sudoers gid로 바꿀 수 없습니다"
+
+#: plugins/sudoers/set_perms.c:387 plugins/sudoers/set_perms.c:766
+#: plugins/sudoers/set_perms.c:1150 plugins/sudoers/set_perms.c:1471
+#: plugins/sudoers/set_perms.c:1636
+msgid "too many processes"
+msgstr "동작 중인 프로세스가 너무 많습니다"
+
+#: plugins/sudoers/solaris_audit.c:51
+msgid "unable to get current working directory"
+msgstr "현재 작업 디렉터리를 가져올 수 없습니다"
+
+#: plugins/sudoers/solaris_audit.c:59
+#, c-format
+msgid "truncated audit path user_cmnd: %s"
+msgstr "user_cmnd 감사 경로가 잘렸습니다: %s"
+
+#: plugins/sudoers/solaris_audit.c:66
+#, c-format
+msgid "truncated audit path argv[0]: %s"
+msgstr "argv[0] 감사 경로가 잘렸습니다: %s"
+
+#: plugins/sudoers/solaris_audit.c:115
+msgid "audit_failure message too long"
+msgstr "audit_failure 메시지가 너무 깁니다"
+
+#: plugins/sudoers/sssd.c:400
+msgid "unable to initialize SSS source. Is SSSD installed on your machine?"
+msgstr "SSS 소스를 초기화할 수 없습니다. 머신에 SSSD를 설치했습니까?"
+
+#: plugins/sudoers/sssd.c:408 plugins/sudoers/sssd.c:417
+#: plugins/sudoers/sssd.c:426 plugins/sudoers/sssd.c:435
+#: plugins/sudoers/sssd.c:444
+#, c-format
+msgid "unable to find symbol \"%s\" in %s"
+msgstr "%2$s에서 \"%1$s\" 심볼을 찾을 수 없습니다"
+
+#: plugins/sudoers/sssd.c:1540
+#, c-format
+msgid ""
+"\n"
+"SSSD Role: %s\n"
+msgstr ""
+"\n"
+"SSSD 역할: %s\n"
+
+#: plugins/sudoers/sssd.c:1545
+#, c-format
+msgid ""
+"\n"
+"SSSD Role: UNKNOWN\n"
+msgstr ""
+"\n"
+"SSSD 역할: 알 수 없음\n"
+
+#: plugins/sudoers/sudo_nss.c:290
+#, c-format
+msgid "Matching Defaults entries for %s on %s:\n"
+msgstr "%2$s에서 %1$s에 일치하는 기본 항목:\n"
+
+#: plugins/sudoers/sudo_nss.c:308
+#, c-format
+msgid "Runas and Command-specific defaults for %s:\n"
+msgstr "%s의 실행 권한 및 명령별 기본 값:\n"
+
+#: plugins/sudoers/sudo_nss.c:326
+#, c-format
+msgid "User %s may run the following commands on %s:\n"
+msgstr "%s 사용자는  %s에서 다음 명령을 실행해야 합니다:\n"
+
+#: plugins/sudoers/sudo_nss.c:339
+#, c-format
+msgid "User %s is not allowed to run sudo on %s.\n"
+msgstr "%s 사용자는 %s에서 sudo를 실행하도록 허가받지 않았습니다.\n"
+
+#: plugins/sudoers/sudoers.c:167 plugins/sudoers/testsudoers.c:247
+#: plugins/sudoers/visudo.c:233 plugins/sudoers/visudo.c:613
+#: plugins/sudoers/visudo.c:958
+msgid "unable to initialize sudoers default values"
+msgstr "sudoers 기본 값을 초기화할 수 없습니다"
+
+#: plugins/sudoers/sudoers.c:197 plugins/sudoers/sudoers.c:879
+msgid "problem with defaults entries"
+msgstr "기본 항목에 문제 발생"
+
+#: plugins/sudoers/sudoers.c:204
+msgid "no valid sudoers sources found, quitting"
+msgstr "올바른 sudoers 설정 원본이 없습니다. 나갑니다."
+
+#: plugins/sudoers/sudoers.c:243
+msgid "sudoers specifies that root is not allowed to sudo"
+msgstr "sudoers에서 root가 sudo를 실행하지 못하게 지정했습니다"
+
+#: plugins/sudoers/sudoers.c:300
+msgid "you are not permitted to use the -C option"
+msgstr "-C 옵션 사용을 허가받지 않았습니다"
+
+#: plugins/sudoers/sudoers.c:389
+#, c-format
+msgid "timestamp owner (%s): No such user"
+msgstr "타임스탬프 소유자(%s): 사용자 없음"
+
+#: plugins/sudoers/sudoers.c:404
+msgid "no tty"
+msgstr "tty 없음"
+
+#: plugins/sudoers/sudoers.c:405
+msgid "sorry, you must have a tty to run sudo"
+msgstr "죄송하지만 sudo를 실행하려면 tty를 확보해야합니다"
+
+#: plugins/sudoers/sudoers.c:466
+msgid "command in current directory"
+msgstr "현재 디렉터리의 명령"
+
+#: plugins/sudoers/sudoers.c:485
+msgid "sorry, you are not allowed set a command timeout"
+msgstr "죄송하지만, 명령 처리 제한 시간을 설정할 수 없습니다"
+
+#: plugins/sudoers/sudoers.c:493
+msgid "sorry, you are not allowed to preserve the environment"
+msgstr "죄송하지만 이 환경 상태를 유지하도록 허가받지 않았습니다"
+
+#: plugins/sudoers/sudoers.c:824
+msgid "command too long"
+msgstr "명령이 너무 깁니다"
+
+#: plugins/sudoers/sudoers.c:936
+#, c-format
+msgid "%s is not a regular file"
+msgstr "%s은(는) 일반 파일이 아닙니다"
+
+#: plugins/sudoers/sudoers.c:940 plugins/sudoers/timestamp.c:213 toke.l:969
+#, c-format
+msgid "%s is owned by uid %u, should be %u"
+msgstr "%s은(는) %u uid가 소유했지만, %u uid가 소유해야합니다"
+
+#: plugins/sudoers/sudoers.c:944 toke.l:974
+#, c-format
+msgid "%s is world writable"
+msgstr "%s에 모두가 기록할 수 있습니다"
+
+#: plugins/sudoers/sudoers.c:948 toke.l:977
+#, c-format
+msgid "%s is owned by gid %u, should be %u"
+msgstr "%s은(는) %u gid가 소유했지만, %u gid가 소유해야합니다"
+
+#: plugins/sudoers/sudoers.c:981
+#, c-format
+msgid "only root can use \"-c %s\""
+msgstr "루트만 \"-c %s\" 옵션을 사용할 수 있습니다"
+
+#: plugins/sudoers/sudoers.c:1000
+#, c-format
+msgid "unknown login class: %s"
+msgstr "알 수 없는 로그인 클래스: %s"
+
+#: plugins/sudoers/sudoers.c:1083 plugins/sudoers/sudoers.c:1111
+#, c-format
+msgid "unable to resolve host %s"
+msgstr "%s 호스트를 해석할 수 없습니다"
+
+#: plugins/sudoers/sudoreplay.c:236
+#, c-format
+msgid "invalid filter option: %s"
+msgstr "잘못된 필터 옵션: %s"
+
+#: plugins/sudoers/sudoreplay.c:249
+#, c-format
+msgid "invalid max wait: %s"
+msgstr "잘못된 최대 대기 시간 값: %s"
+
+#: plugins/sudoers/sudoreplay.c:255
+#, c-format
+msgid "invalid speed factor: %s"
+msgstr "잘못된 속도 인수: %s"
+
+#: plugins/sudoers/sudoreplay.c:258 plugins/sudoers/visudo.c:186
+#, c-format
+msgid "%s version %s\n"
+msgstr "%s 버전 %s\n"
+
+#: plugins/sudoers/sudoreplay.c:290
+#, c-format
+msgid "%s/%.2s/%.2s/%.2s/timing: %s"
+msgstr "%s/%.2s/%.2s/%.2s/타이밍: %s"
+
+#: plugins/sudoers/sudoreplay.c:296
+#, c-format
+msgid "%s/%s/timing: %s"
+msgstr "%s/%s/타이밍: %s"
+
+#: plugins/sudoers/sudoreplay.c:312
+#, c-format
+msgid "Replaying sudo session: %s\n"
+msgstr "sudo 세션 재현 중: %s\n"
+
+#: plugins/sudoers/sudoreplay.c:318
+#, c-format
+msgid "Warning: your terminal is too small to properly replay the log.\n"
+msgstr "경고: 터미널 화면이 로그를 올바르게 나타내기에 너무 작습니다.\n"
+
+#: plugins/sudoers/sudoreplay.c:319
+#, c-format
+msgid "Log geometry is %d x %d, your terminal's geometry is %d x %d."
+msgstr "로그 화면 크기는 %d x %d 이지만, 터미널 화면 크기는 %d x %d 입니다."
+
+#: plugins/sudoers/sudoreplay.c:410
+msgid "unable to set tty to raw mode"
+msgstr "RAW 모드로 tty를 설정할 수 없습니다"
+
+#: plugins/sudoers/sudoreplay.c:439
+#, c-format
+msgid "invalid timing file line: %s"
+msgstr "잘못된 타이밍 파일 행: %s"
+
+#: plugins/sudoers/sudoreplay.c:659 plugins/sudoers/sudoreplay.c:684
+#, c-format
+msgid "ambiguous expression \"%s\""
+msgstr "모호한 식 \"%s\""
+
+#: plugins/sudoers/sudoreplay.c:706
+msgid "unmatched ')' in expression"
+msgstr "수식에 일치하지 않는 ')'"
+
+#: plugins/sudoers/sudoreplay.c:710
+#, c-format
+msgid "unknown search term \"%s\""
+msgstr "알 수 없는 검색어 \"%s\""
+
+#: plugins/sudoers/sudoreplay.c:725
+#, c-format
+msgid "%s requires an argument"
+msgstr "%s에 인자가 필요합니다"
+
+#: plugins/sudoers/sudoreplay.c:728 plugins/sudoers/sudoreplay.c:1108
+#, c-format
+msgid "invalid regular expression: %s"
+msgstr "잘못된 정규 표현식: %s"
+
+#: plugins/sudoers/sudoreplay.c:732
+#, c-format
+msgid "could not parse date \"%s\""
+msgstr "\"%s\" 날짜를 해석할 수 없습니다"
+
+#: plugins/sudoers/sudoreplay.c:741
+msgid "unmatched '(' in expression"
+msgstr "수식에 일치하지 않는 '('"
+
+#: plugins/sudoers/sudoreplay.c:743
+msgid "illegal trailing \"or\""
+msgstr "잘못된 후위 연산자 \"or\""
+
+#: plugins/sudoers/sudoreplay.c:745
+msgid "illegal trailing \"!\""
+msgstr "잘못된 후위 문자 \"!\""
+
+#: plugins/sudoers/sudoreplay.c:794
+#, c-format
+msgid "unknown search type %d"
+msgstr "알 수 없는 검색 형식 %d"
+
+#: plugins/sudoers/sudoreplay.c:832
+#, c-format
+msgid "%s: invalid log file"
+msgstr "%s: 잘못된 로그 파일"
+
+#: plugins/sudoers/sudoreplay.c:850
+#, c-format
+msgid "%s: time stamp field is missing"
+msgstr "%s: 타임스탬프 필드가 빠졌습니다"
+
+#: plugins/sudoers/sudoreplay.c:857
+#, c-format
+msgid "%s: time stamp %s: %s"
+msgstr "%s: %s 타임스탬프: %s"
+
+#: plugins/sudoers/sudoreplay.c:864
+#, c-format
+msgid "%s: user field is missing"
+msgstr "%s: 사용자 필드가 빠졌습니다"
+
+#: plugins/sudoers/sudoreplay.c:873
+#, c-format
+msgid "%s: runas user field is missing"
+msgstr "%s: 실행 사용자 필드가 빠졌습니다"
+
+#: plugins/sudoers/sudoreplay.c:882
+#, c-format
+msgid "%s: runas group field is missing"
+msgstr "%s: 실행 그룹 필드가 빠졌습니다"
+
+#: plugins/sudoers/sudoreplay.c:1245
+#, c-format
+msgid "usage: %s [-h] [-d dir] [-m num] [-s num] ID\n"
+msgstr "사용법: %s [-h] [-d <디렉터리>] [-m <숫자>] [-s <숫자>] <ID>\n"
+
+#: plugins/sudoers/sudoreplay.c:1248
+#, c-format
+msgid "usage: %s [-h] [-d dir] -l [search expression]\n"
+msgstr "사용법: %s [-h] [-d <디렉터리>] -l [<검색식>]\n"
+
+#: plugins/sudoers/sudoreplay.c:1257
+#, c-format
+msgid ""
+"%s - replay sudo session logs\n"
+"\n"
+msgstr ""
+"%s - sudo 세션 로그를 보여줍니다\n"
+"\n"
+
+#: plugins/sudoers/sudoreplay.c:1259
+msgid ""
+"\n"
+"Options:\n"
+"  -d, --directory=dir  specify directory for session logs\n"
+"  -f, --filter=filter  specify which I/O type(s) to display\n"
+"  -h, --help           display help message and exit\n"
+"  -l, --list           list available session IDs, with optional expression\n"
+"  -m, --max-wait=num   max number of seconds to wait between events\n"
+"  -s, --speed=num      speed up or slow down output\n"
+"  -V, --version        display version information and exit"
+msgstr ""
+"\n"
+"옵션:\n"
+"  -d, --directory=dir  세션 로그 디렉터리를 지정합니다\n"
+"  -f, --filter=filter  화면에 나타낼 입출력 형식을 지정합니다\n"
+"  -h, --help           도움말 메시지를 나타낸 후 빠져나갑니다\n"
+"  -l, --list           유효한 세션 ID 및 추가 표현식을 보여줍니다\n"
+"  -m, --max-wait=num   이벤트 처리간 초단위 최대 대기 시간\n"
+"  -s, --speed=num      출력 속도를 올리거나 내립니다\n"
+"  -V, --version        버전 정보를 나타낸 후 빠져나갑니다"
+
+#: plugins/sudoers/testsudoers.c:329
+msgid "\thost  unmatched"
+msgstr "\t호스트가  일치하지 않습니다"
+
+#: plugins/sudoers/testsudoers.c:332
+msgid ""
+"\n"
+"Command allowed"
+msgstr ""
+"\n"
+"명령 허용함"
+
+#: plugins/sudoers/testsudoers.c:333
+msgid ""
+"\n"
+"Command denied"
+msgstr ""
+"\n"
+"명령 거부함"
+
+#: plugins/sudoers/testsudoers.c:333
+msgid ""
+"\n"
+"Command unmatched"
+msgstr ""
+"\n"
+"명령이 일치하지 않음"
+
+#: plugins/sudoers/timestamp.c:221
+#, c-format
+msgid "%s is group writable"
+msgstr "%s은(는) 그룹이 기록할 수 있습니다"
+
+#: plugins/sudoers/timestamp.c:297
+#, c-format
+msgid "unable to truncate time stamp file to %lld bytes"
+msgstr "타임스탬프 파일을 %lld 바이트로 자를 수 없습니다"
+
+#: plugins/sudoers/timestamp.c:742 plugins/sudoers/timestamp.c:809
+#: plugins/sudoers/visudo.c:501 plugins/sudoers/visudo.c:507
+msgid "unable to read the clock"
+msgstr "클록을 읽을 수 없습니다"
+
+#: plugins/sudoers/timestamp.c:756
+msgid "ignoring time stamp from the future"
+msgstr "미래 타임스탬프 값 무시"
+
+#: plugins/sudoers/timestamp.c:768
+#, c-format
+msgid "time stamp too far in the future: %20.20s"
+msgstr "타임스탬프 값이 미래 값으로 너무 밀려있습니다: %20.20s"
+
+#: plugins/sudoers/timestamp.c:863
+#, c-format
+msgid "unable to lock time stamp file %s"
+msgstr "%s 타임스탬프 파일을 잠글 수 없습니다"
+
+#: plugins/sudoers/timestamp.c:907 plugins/sudoers/timestamp.c:927
+#, c-format
+msgid "lecture status path too long: %s/%s"
+msgstr "지침 상태 경로가 너무 깁니다: %s/%s"
+
+#: plugins/sudoers/visudo.c:188
+#, c-format
+msgid "%s grammar version %d\n"
+msgstr "%s 문법 버전 %d\n"
+
+#: plugins/sudoers/visudo.c:266 plugins/sudoers/visudo.c:666
+#, c-format
+msgid "press return to edit %s: "
+msgstr "%s을(를) 편집하려면 return 키를 누르십시오:"
+
+#: plugins/sudoers/visudo.c:332
+#, c-format
+msgid "specified editor (%s) doesn't exist"
+msgstr "지정 편집기(%s)가 없습니다"
+
+#: plugins/sudoers/visudo.c:350
+#, c-format
+msgid "no editor found (editor path = %s)"
+msgstr "편집기가 없습니다(편집기 경로 = %s)"
+
+#: plugins/sudoers/visudo.c:460 plugins/sudoers/visudo.c:468
+msgid "write error"
+msgstr "쓰기 오류"
+
+#: plugins/sudoers/visudo.c:514
+#, c-format
+msgid "unable to stat temporary file (%s), %s unchanged"
+msgstr "임시 파일 상태를 가져올 수 없습니다(%s). %s을(를) 바꾸지 않았습니다"
+
+#: plugins/sudoers/visudo.c:521
+#, c-format
+msgid "zero length temporary file (%s), %s unchanged"
+msgstr "임시 파일 길이가 0입니다(%s). %s을(를) 바꾸지 않았습니다"
+
+#: plugins/sudoers/visudo.c:527
+#, c-format
+msgid "editor (%s) failed, %s unchanged"
+msgstr "편집기(%s) 실패. %s을(를) 바꾸지 않았습니다."
+
+#: plugins/sudoers/visudo.c:549
+#, c-format
+msgid "%s unchanged"
+msgstr "%s 바꾸지 않음"
+
+#: plugins/sudoers/visudo.c:608
+#, c-format
+msgid "unable to re-open temporary file (%s), %s unchanged."
+msgstr "임시 파일(%s)을 다시 열 수 없습니다. %s을(를) 바꾸지 않았습니다."
+
+#: plugins/sudoers/visudo.c:620
+#, c-format
+msgid "unabled to parse temporary file (%s), unknown error"
+msgstr "임시 파일(%s)을 해석할 수 없습니다. 알 수 없는 오류."
+
+#: plugins/sudoers/visudo.c:657
+#, c-format
+msgid "internal error, unable to find %s in list!"
+msgstr "내부 오류. %s을(를) 목록에서 찾을 수 없습니다!"
+
+#: plugins/sudoers/visudo.c:718 plugins/sudoers/visudo.c:727
+#, c-format
+msgid "unable to set (uid, gid) of %s to (%u, %u)"
+msgstr "%s의 uid/gid를 %u/%u 값으로 설정할 수 없습니다"
+
+#: plugins/sudoers/visudo.c:749
+#, c-format
+msgid "%s and %s not on the same file system, using mv to rename"
+msgstr "%s 및 %s은(는) 동일한 파일 시스템에 없습니다. mv 명령으로 이름을 바꿉니다"
+
+#: plugins/sudoers/visudo.c:763
+#, c-format
+msgid "command failed: '%s %s %s', %s unchanged"
+msgstr "명령 실행 실패: '%s %s %s', %s을(를) 바꾸지 않았습니다"
+
+#: plugins/sudoers/visudo.c:773
+#, c-format
+msgid "error renaming %s, %s unchanged"
+msgstr "%s 이름 바꾸기 오류. %s을(를) 바꾸지 않았습니다"
+
+#: plugins/sudoers/visudo.c:837
+msgid "What now? "
+msgstr "어떻게 하시겠습니까?"
+
+#: plugins/sudoers/visudo.c:851
+msgid ""
+"Options are:\n"
+"  (e)dit sudoers file again\n"
+"  e(x)it without saving changes to sudoers file\n"
+"  (Q)uit and save changes to sudoers file (DANGER!)\n"
+msgstr ""
+"사용할 수 있는 옵션:\n"
+"  sudoers 파일을 다시 편집합니다(E)\n"
+"  sudoers 파일을 바꾼 상태에서 저장하지 않고 나갑니다(X)\n"
+"  sudoers 파일을 바꾼 상태에서 저장하고 끝냅니다(Q)\n"
+
+#: plugins/sudoers/visudo.c:897
+#, c-format
+msgid "unable to run %s"
+msgstr "%s을(를) 실행할 수 없음"
+
+#: plugins/sudoers/visudo.c:927
+#, c-format
+msgid "%s: wrong owner (uid, gid) should be (%u, %u)\n"
+msgstr "%s: 잘못된 소유자 uid/gid를 %u/%u 값으로 설정해야 합니다\n"
+
+#: plugins/sudoers/visudo.c:934
+#, c-format
+msgid "%s: bad permissions, should be mode 0%o\n"
+msgstr "%s: 잘못된 권한입니다. 0%o 모드 값을 설정해야 합니다\n"
+
+#: plugins/sudoers/visudo.c:963 plugins/sudoers/visudo_json.c:1021
+#, c-format
+msgid "failed to parse %s file, unknown error"
+msgstr "%s 파일 해석에 실패했습니다. 알 수 없는 오류."
+
+#: plugins/sudoers/visudo.c:979 plugins/sudoers/visudo_json.c:1032
+#, c-format
+msgid "parse error in %s near line %d\n"
+msgstr "%s %d번째 줄 인근 해석 오류\n"
+
+#: plugins/sudoers/visudo.c:982 plugins/sudoers/visudo_json.c:1035
+#, c-format
+msgid "parse error in %s\n"
+msgstr "%s 해석 오류\n"
+
+#: plugins/sudoers/visudo.c:990 plugins/sudoers/visudo.c:997
+#, c-format
+msgid "%s: parsed OK\n"
+msgstr "%s: 해석 성공\n"
+
+#: plugins/sudoers/visudo.c:1044
+#, c-format
+msgid "%s busy, try again later"
+msgstr "%s을(를) 사용중입니다. 나중에 다시 시도하십시오"
+
+#: plugins/sudoers/visudo.c:1141
+#, c-format
+msgid "Error: %s:%d cycle in %s \"%s\""
+msgstr "오류: %3$s \"%4$s\"의 %1$s:%2$d사이클"
+
+#: plugins/sudoers/visudo.c:1142
+#, c-format
+msgid "Warning: %s:%d cycle in %s \"%s\""
+msgstr "경고: %3$s \"%4$s\"의 %1$s:%2$d사이클"
+
+#: plugins/sudoers/visudo.c:1146
+#, c-format
+msgid "Error: %s:%d %s \"%s\" referenced but not defined"
+msgstr "오류: %s: %d %s \"%s\"을(를) 참조했지만 정의하지 않았습니다"
+
+#: plugins/sudoers/visudo.c:1147
+#, c-format
+msgid "Warning: %s:%d %s \"%s\" referenced but not defined"
+msgstr "경고: %s: %d %s \"%s\"을(를) 참조했지만 정의하지 않았습니다"
+
+#: plugins/sudoers/visudo.c:1300
+#, c-format
+msgid "Warning: %s:%d unused %s \"%s\""
+msgstr "경고: %s:%d 사용하지 않는 %s \"%s\"이(가) 있습니다"
+
+#: plugins/sudoers/visudo.c:1412
+#, c-format
+msgid ""
+"%s - safely edit the sudoers file\n"
+"\n"
+msgstr ""
+"%s - sudoers 파일을 안전하게 편집합니다\n"
+"\n"
+
+#: plugins/sudoers/visudo.c:1414
+msgid ""
+"\n"
+"Options:\n"
+"  -c, --check              check-only mode\n"
+"  -f, --file=sudoers       specify sudoers file location\n"
+"  -h, --help               display help message and exit\n"
+"  -q, --quiet              less verbose (quiet) syntax error messages\n"
+"  -s, --strict             strict syntax checking\n"
+"  -V, --version            display version information and exit\n"
+"  -x, --export=output_file write sudoers in JSON format to output_file"
+msgstr ""
+"\n"
+"옵션:\n"
+"  -c, --check              확인 전용 모드\n"
+"  -f, --file=sudoers       sudoers 파일 위치 지정\n"
+"  -h, --help               도움말 메시지를 나타낸 후 빠져나갑니다\n"
+"  -q, --quiet              자세한 문법 오류 메시지를 줄입니다(없앰)\n"
+"  -s, --strict             엄격한 문법 검사 시행\n"
+"  -V, --version            버전 정보를 나타낸 후 빠져나갑니다\n"
+"  -x, --export=output_file sudoers 파일을 JSON 형식으로 output_file에 기록"
+
+#: plugins/sudoers/visudo_json.c:616 plugins/sudoers/visudo_json.c:651
+#, c-format
+msgid "unknown defaults entry \"%s\""
+msgstr "알 수 없는 \"%s\" 기본 항목"
+
+#: plugins/sudoers/visudo_json.c:1007
+#, c-format
+msgid "%s: input and output files must be different"
+msgstr "%s: 입출력 파일은 달라야합니다"
+
+#: toke.l:943
+msgid "too many levels of includes"
+msgstr "포함 레벨이 너무 많습니다"
+
+#~ msgid "Warning: cycle in %s `%s'"
+#~ msgstr "경고: %s의 사이클 `%s'"
+
+#~ msgid "Warning: %s `%s' referenced but not defined"
+#~ msgstr "경고: %s `%s'을(를) 참조했지만 정의하지 않았습니다"
diff --git a/plugins/sudoers/po/lt.mo b/plugins/sudoers/po/lt.mo
new file mode 100644
index 0000000..380ae50
--- /dev/null
+++ b/plugins/sudoers/po/lt.mo
diff --git a/plugins/sudoers/po/lt.po b/plugins/sudoers/po/lt.po
new file mode 100644
index 0000000..8db0e29
--- /dev/null
+++ b/plugins/sudoers/po/lt.po
@@ -0,0 +1,1682 @@
+# SOME DESCRIPTIVE TITLE.
+# This file is put in the public domain.
+# FIRST AUTHOR <EMAIL@ADDRESS>, YEAR.
+# Algimantas Margevičius <margevicius.algimantas@gmail.com>, 2012.
+#
+msgid ""
+msgstr ""
+"Project-Id-Version: sudoers 1.8.4rc1\n"
+"Report-Msgid-Bugs-To: http://www.sudo.ws/bugs\n"
+"POT-Creation-Date: 2012-02-06 15:48-0500\n"
+"PO-Revision-Date: 2012-02-25 11:56+0200\n"
+"Last-Translator: Algimantas Margevičius <margevicius.algimantas@gmail.com>\n"
+"Language-Team: Lithuanian <komp_lt@konferencijos.lt>\n"
+"Language: lt\n"
+"X-Bugs: Report translation errors to the Language-Team address.\n"
+"MIME-Version: 1.0\n"
+"Content-Type: text/plain; charset=UTF-8\n"
+"Content-Transfer-Encoding: 8bit\n"
+"Plural-Forms: nplurals=3; plural=(n%10==1 && n%100!=11 ? 0 : n%10>=2 && (n%100<10 || n%100>=20) ? 1 : 2)\n"
+
+#: plugins/sudoers/alias.c:125
+#, c-format
+msgid "Alias `%s' already defined"
+msgstr ""
+
+#: plugins/sudoers/bsm_audit.c:61 plugins/sudoers/bsm_audit.c:64
+#: plugins/sudoers/bsm_audit.c:113 plugins/sudoers/bsm_audit.c:117
+#: plugins/sudoers/bsm_audit.c:169 plugins/sudoers/bsm_audit.c:173
+msgid "getaudit: failed"
+msgstr ""
+
+#: plugins/sudoers/bsm_audit.c:91 plugins/sudoers/bsm_audit.c:154
+msgid "Could not determine audit condition"
+msgstr ""
+
+#: plugins/sudoers/bsm_audit.c:102
+msgid "getauid failed"
+msgstr ""
+
+#: plugins/sudoers/bsm_audit.c:104 plugins/sudoers/bsm_audit.c:163
+msgid "au_open: failed"
+msgstr ""
+
+#: plugins/sudoers/bsm_audit.c:119 plugins/sudoers/bsm_audit.c:175
+msgid "au_to_subject: failed"
+msgstr ""
+
+#: plugins/sudoers/bsm_audit.c:123 plugins/sudoers/bsm_audit.c:179
+msgid "au_to_exec_args: failed"
+msgstr ""
+
+#: plugins/sudoers/bsm_audit.c:127 plugins/sudoers/bsm_audit.c:188
+msgid "au_to_return32: failed"
+msgstr ""
+
+#: plugins/sudoers/bsm_audit.c:130 plugins/sudoers/bsm_audit.c:191
+msgid "unable to commit audit record"
+msgstr ""
+
+#: plugins/sudoers/bsm_audit.c:161
+msgid "getauid: failed"
+msgstr ""
+
+#: plugins/sudoers/bsm_audit.c:184
+msgid "au_to_text: failed"
+msgstr ""
+
+#: plugins/sudoers/check.c:158
+#, c-format
+msgid "sorry, a password is required to run %s"
+msgstr ""
+
+#: plugins/sudoers/check.c:249 plugins/sudoers/iolog.c:172
+#: plugins/sudoers/sudoers.c:992 plugins/sudoers/sudoreplay.c:348
+#: plugins/sudoers/sudoreplay.c:357 plugins/sudoers/sudoreplay.c:703
+#: plugins/sudoers/sudoreplay.c:797 plugins/sudoers/visudo.c:790
+#, c-format
+msgid "unable to open %s"
+msgstr ""
+
+#: plugins/sudoers/check.c:253 plugins/sudoers/iolog.c:202
+#, c-format
+msgid "unable to write to %s"
+msgstr ""
+
+#: plugins/sudoers/check.c:261 plugins/sudoers/check.c:506
+#: plugins/sudoers/check.c:556 plugins/sudoers/iolog.c:123
+#: plugins/sudoers/iolog.c:156
+#, c-format
+msgid "unable to mkdir %s"
+msgstr ""
+
+#: plugins/sudoers/check.c:396
+#, c-format
+msgid "internal error, expand_prompt() overflow"
+msgstr ""
+
+#: plugins/sudoers/check.c:456
+#, c-format
+msgid "timestamp path too long: %s"
+msgstr ""
+
+#: plugins/sudoers/check.c:485 plugins/sudoers/check.c:529
+#: plugins/sudoers/iolog.c:158
+#, c-format
+msgid "%s exists but is not a directory (0%o)"
+msgstr ""
+
+#: plugins/sudoers/check.c:488 plugins/sudoers/check.c:532
+#: plugins/sudoers/check.c:577
+#, c-format
+msgid "%s owned by uid %u, should be uid %u"
+msgstr ""
+
+#: plugins/sudoers/check.c:493 plugins/sudoers/check.c:537
+#, c-format
+msgid "%s writable by non-owner (0%o), should be mode 0700"
+msgstr ""
+
+#: plugins/sudoers/check.c:501 plugins/sudoers/check.c:545
+#: plugins/sudoers/check.c:613 plugins/sudoers/sudoers.c:978
+#: plugins/sudoers/visudo.c:320 plugins/sudoers/visudo.c:582
+#, c-format
+msgid "unable to stat %s"
+msgstr ""
+
+#: plugins/sudoers/check.c:571
+#, c-format
+msgid "%s exists but is not a regular file (0%o)"
+msgstr ""
+
+#: plugins/sudoers/check.c:583
+#, c-format
+msgid "%s writable by non-owner (0%o), should be mode 0600"
+msgstr ""
+
+#: plugins/sudoers/check.c:637
+#, c-format
+msgid "timestamp too far in the future: %20.20s"
+msgstr ""
+
+#: plugins/sudoers/check.c:684
+#, c-format
+msgid "unable to remove %s (%s), will reset to the epoch"
+msgstr ""
+
+#: plugins/sudoers/check.c:692
+#, c-format
+msgid "unable to reset %s to the epoch"
+msgstr ""
+
+#: plugins/sudoers/check.c:752 plugins/sudoers/check.c:758
+#: plugins/sudoers/sudoers.c:829 plugins/sudoers/sudoers.c:833
+#, c-format
+msgid "unknown uid: %u"
+msgstr ""
+
+#: plugins/sudoers/check.c:755 plugins/sudoers/sudoers.c:770
+#: plugins/sudoers/sudoers.c:1108 plugins/sudoers/testsudoers.c:218
+#: plugins/sudoers/testsudoers.c:362
+#, c-format
+msgid "unknown user: %s"
+msgstr ""
+
+#: plugins/sudoers/def_data.c:27
+#, c-format
+msgid "Syslog facility if syslog is being used for logging: %s"
+msgstr ""
+
+#: plugins/sudoers/def_data.c:31
+#, c-format
+msgid "Syslog priority to use when user authenticates successfully: %s"
+msgstr ""
+
+#: plugins/sudoers/def_data.c:35
+#, c-format
+msgid "Syslog priority to use when user authenticates unsuccessfully: %s"
+msgstr ""
+
+#: plugins/sudoers/def_data.c:39
+msgid "Put OTP prompt on its own line"
+msgstr ""
+
+#: plugins/sudoers/def_data.c:43
+msgid "Ignore '.' in $PATH"
+msgstr ""
+
+#: plugins/sudoers/def_data.c:47
+msgid "Always send mail when sudo is run"
+msgstr ""
+
+#: plugins/sudoers/def_data.c:51
+msgid "Send mail if user authentication fails"
+msgstr ""
+
+#: plugins/sudoers/def_data.c:55
+msgid "Send mail if the user is not in sudoers"
+msgstr ""
+
+#: plugins/sudoers/def_data.c:59
+msgid "Send mail if the user is not in sudoers for this host"
+msgstr ""
+
+#: plugins/sudoers/def_data.c:63
+msgid "Send mail if the user is not allowed to run a command"
+msgstr ""
+
+#: plugins/sudoers/def_data.c:67
+msgid "Use a separate timestamp for each user/tty combo"
+msgstr ""
+
+#: plugins/sudoers/def_data.c:71
+msgid "Lecture user the first time they run sudo"
+msgstr ""
+
+#: plugins/sudoers/def_data.c:75
+#, c-format
+msgid "File containing the sudo lecture: %s"
+msgstr ""
+
+#: plugins/sudoers/def_data.c:79
+msgid "Require users to authenticate by default"
+msgstr ""
+
+#: plugins/sudoers/def_data.c:83
+msgid "Root may run sudo"
+msgstr ""
+
+#: plugins/sudoers/def_data.c:87
+msgid "Log the hostname in the (non-syslog) log file"
+msgstr ""
+
+#: plugins/sudoers/def_data.c:91
+msgid "Log the year in the (non-syslog) log file"
+msgstr ""
+
+#: plugins/sudoers/def_data.c:95
+msgid "If sudo is invoked with no arguments, start a shell"
+msgstr ""
+
+#: plugins/sudoers/def_data.c:99
+msgid "Set $HOME to the target user when starting a shell with -s"
+msgstr ""
+
+#: plugins/sudoers/def_data.c:103
+msgid "Always set $HOME to the target user's home directory"
+msgstr ""
+
+#: plugins/sudoers/def_data.c:107
+msgid "Allow some information gathering to give useful error messages"
+msgstr ""
+
+#: plugins/sudoers/def_data.c:111
+msgid "Require fully-qualified hostnames in the sudoers file"
+msgstr ""
+
+#: plugins/sudoers/def_data.c:115
+msgid "Insult the user when they enter an incorrect password"
+msgstr ""
+
+#: plugins/sudoers/def_data.c:119
+msgid "Only allow the user to run sudo if they have a tty"
+msgstr ""
+
+#: plugins/sudoers/def_data.c:123
+msgid "Visudo will honor the EDITOR environment variable"
+msgstr ""
+
+#: plugins/sudoers/def_data.c:127
+msgid "Prompt for root's password, not the users's"
+msgstr ""
+
+#: plugins/sudoers/def_data.c:131
+msgid "Prompt for the runas_default user's password, not the users's"
+msgstr ""
+
+#: plugins/sudoers/def_data.c:135
+msgid "Prompt for the target user's password, not the users's"
+msgstr ""
+
+#: plugins/sudoers/def_data.c:139
+msgid "Apply defaults in the target user's login class if there is one"
+msgstr ""
+
+#: plugins/sudoers/def_data.c:143
+msgid "Set the LOGNAME and USER environment variables"
+msgstr ""
+
+#: plugins/sudoers/def_data.c:147
+msgid "Only set the effective uid to the target user, not the real uid"
+msgstr ""
+
+#: plugins/sudoers/def_data.c:151
+msgid "Don't initialize the group vector to that of the target user"
+msgstr ""
+
+#: plugins/sudoers/def_data.c:155
+#, c-format
+msgid "Length at which to wrap log file lines (0 for no wrap): %d"
+msgstr ""
+
+#: plugins/sudoers/def_data.c:159
+#, c-format
+msgid "Authentication timestamp timeout: %.1f minutes"
+msgstr ""
+
+#: plugins/sudoers/def_data.c:163
+#, c-format
+msgid "Password prompt timeout: %.1f minutes"
+msgstr ""
+
+#: plugins/sudoers/def_data.c:167
+#, c-format
+msgid "Number of tries to enter a password: %d"
+msgstr ""
+
+#: plugins/sudoers/def_data.c:171
+#, c-format
+msgid "Umask to use or 0777 to use user's: 0%o"
+msgstr ""
+
+#: plugins/sudoers/def_data.c:175
+#, c-format
+msgid "Path to log file: %s"
+msgstr ""
+
+#: plugins/sudoers/def_data.c:179
+#, c-format
+msgid "Path to mail program: %s"
+msgstr ""
+
+#: plugins/sudoers/def_data.c:183
+#, c-format
+msgid "Flags for mail program: %s"
+msgstr ""
+
+#: plugins/sudoers/def_data.c:187
+#, c-format
+msgid "Address to send mail to: %s"
+msgstr ""
+
+#: plugins/sudoers/def_data.c:191
+#, c-format
+msgid "Address to send mail from: %s"
+msgstr ""
+
+#: plugins/sudoers/def_data.c:195
+#, c-format
+msgid "Subject line for mail messages: %s"
+msgstr ""
+
+#: plugins/sudoers/def_data.c:199
+#, c-format
+msgid "Incorrect password message: %s"
+msgstr ""
+
+#: plugins/sudoers/def_data.c:203
+#, c-format
+msgid "Path to authentication timestamp dir: %s"
+msgstr ""
+
+#: plugins/sudoers/def_data.c:207
+#, c-format
+msgid "Owner of the authentication timestamp dir: %s"
+msgstr ""
+
+#: plugins/sudoers/def_data.c:211
+#, c-format
+msgid "Users in this group are exempt from password and PATH requirements: %s"
+msgstr ""
+
+#: plugins/sudoers/def_data.c:215
+#, c-format
+msgid "Default password prompt: %s"
+msgstr ""
+
+#: plugins/sudoers/def_data.c:219
+msgid "If set, passprompt will override system prompt in all cases."
+msgstr ""
+
+#: plugins/sudoers/def_data.c:223
+#, c-format
+msgid "Default user to run commands as: %s"
+msgstr ""
+
+#: plugins/sudoers/def_data.c:227
+#, c-format
+msgid "Value to override user's $PATH with: %s"
+msgstr ""
+
+#: plugins/sudoers/def_data.c:231
+#, c-format
+msgid "Path to the editor for use by visudo: %s"
+msgstr ""
+
+#: plugins/sudoers/def_data.c:235
+#, c-format
+msgid "When to require a password for 'list' pseudocommand: %s"
+msgstr ""
+
+#: plugins/sudoers/def_data.c:239
+#, c-format
+msgid "When to require a password for 'verify' pseudocommand: %s"
+msgstr ""
+
+#: plugins/sudoers/def_data.c:243
+msgid "Preload the dummy exec functions contained in \"_PATH_SUDO_NOEXEC"
+msgstr ""
+
+#: plugins/sudoers/def_data.c:247
+msgid "If LDAP directory is up, do we ignore local sudoers file"
+msgstr ""
+
+#: plugins/sudoers/def_data.c:251
+#, c-format
+msgid "File descriptors >= %d will be closed before executing a command"
+msgstr ""
+
+#: plugins/sudoers/def_data.c:255
+msgid "If set, users may override the value of `closefrom' with the -C option"
+msgstr ""
+
+#: plugins/sudoers/def_data.c:259
+msgid "Allow users to set arbitrary environment variables"
+msgstr ""
+
+#: plugins/sudoers/def_data.c:263
+msgid "Reset the environment to a default set of variables"
+msgstr ""
+
+#: plugins/sudoers/def_data.c:267
+msgid "Environment variables to check for sanity:"
+msgstr ""
+
+#: plugins/sudoers/def_data.c:271
+msgid "Environment variables to remove:"
+msgstr ""
+
+#: plugins/sudoers/def_data.c:275
+msgid "Environment variables to preserve:"
+msgstr ""
+
+#: plugins/sudoers/def_data.c:279
+#, c-format
+msgid "SELinux role to use in the new security context: %s"
+msgstr ""
+
+#: plugins/sudoers/def_data.c:283
+#, c-format
+msgid "SELinux type to use in the new security context: %s"
+msgstr ""
+
+#: plugins/sudoers/def_data.c:287
+#, c-format
+msgid "Path to the sudo-specific environment file: %s"
+msgstr ""
+
+#: plugins/sudoers/def_data.c:291
+#, c-format
+msgid "Locale to use while parsing sudoers: %s"
+msgstr ""
+
+#: plugins/sudoers/def_data.c:295
+msgid "Allow sudo to prompt for a password even if it would be visible"
+msgstr ""
+
+#: plugins/sudoers/def_data.c:299
+msgid "Provide visual feedback at the password prompt when there is user input"
+msgstr ""
+
+#: plugins/sudoers/def_data.c:303
+msgid "Use faster globbing that is less accurate but does not access the filesystem"
+msgstr ""
+
+#: plugins/sudoers/def_data.c:307
+msgid "The umask specified in sudoers will override the user's, even if it is more permissive"
+msgstr ""
+
+#: plugins/sudoers/def_data.c:311
+msgid "Log user's input for the command being run"
+msgstr ""
+
+#: plugins/sudoers/def_data.c:315
+msgid "Log the output of the command being run"
+msgstr ""
+
+#: plugins/sudoers/def_data.c:319
+msgid "Compress I/O logs using zlib"
+msgstr ""
+
+#: plugins/sudoers/def_data.c:323
+msgid "Always run commands in a pseudo-tty"
+msgstr ""
+
+#: plugins/sudoers/def_data.c:327
+#, c-format
+msgid "Plugin for non-Unix group support: %s"
+msgstr ""
+
+#: plugins/sudoers/def_data.c:331
+#, c-format
+msgid "Directory in which to store input/output logs: %s"
+msgstr ""
+
+#: plugins/sudoers/def_data.c:335
+#, c-format
+msgid "File in which to store the input/output log: %s"
+msgstr ""
+
+#: plugins/sudoers/def_data.c:339
+msgid "Add an entry to the utmp/utmpx file when allocating a pty"
+msgstr ""
+
+#: plugins/sudoers/def_data.c:343
+msgid "Set the user in utmp to the runas user, not the invoking user"
+msgstr ""
+
+#: plugins/sudoers/defaults.c:208
+#, c-format
+msgid "unknown defaults entry `%s'"
+msgstr ""
+
+#: plugins/sudoers/defaults.c:216 plugins/sudoers/defaults.c:226
+#: plugins/sudoers/defaults.c:246 plugins/sudoers/defaults.c:259
+#: plugins/sudoers/defaults.c:272 plugins/sudoers/defaults.c:285
+#: plugins/sudoers/defaults.c:298 plugins/sudoers/defaults.c:318
+#: plugins/sudoers/defaults.c:328
+#, c-format
+msgid "value `%s' is invalid for option `%s'"
+msgstr ""
+
+#: plugins/sudoers/defaults.c:219 plugins/sudoers/defaults.c:229
+#: plugins/sudoers/defaults.c:237 plugins/sudoers/defaults.c:254
+#: plugins/sudoers/defaults.c:267 plugins/sudoers/defaults.c:280
+#: plugins/sudoers/defaults.c:293 plugins/sudoers/defaults.c:313
+#: plugins/sudoers/defaults.c:324
+#, c-format
+msgid "no value specified for `%s'"
+msgstr ""
+
+#: plugins/sudoers/defaults.c:242
+#, c-format
+msgid "values for `%s' must start with a '/'"
+msgstr ""
+
+#: plugins/sudoers/defaults.c:304
+#, c-format
+msgid "option `%s' does not take a value"
+msgstr ""
+
+#: plugins/sudoers/env.c:258
+#, c-format
+msgid "internal error, sudo_setenv() overflow"
+msgstr ""
+
+#: plugins/sudoers/env.c:291
+#, c-format
+msgid "sudo_putenv: corrupted envp, length mismatch"
+msgstr ""
+
+#: plugins/sudoers/env.c:710
+#, c-format
+msgid "sorry, you are not allowed to set the following environment variables: %s"
+msgstr ""
+
+#: plugins/sudoers/find_path.c:69 plugins/sudoers/find_path.c:108
+#: plugins/sudoers/find_path.c:123 plugins/sudoers/iolog.c:125
+#: plugins/sudoers/sudoers.c:923 toke.l:668 toke.l:823
+#, c-format
+msgid "%s: %s"
+msgstr "%s: %s"
+
+#: gram.y:110
+#, c-format
+msgid ">>> %s: %s near line %d <<<"
+msgstr ""
+
+#: plugins/sudoers/group_plugin.c:91
+#, c-format
+msgid "%s%s: %s"
+msgstr "%s%s: %s"
+
+#: plugins/sudoers/group_plugin.c:103
+#, c-format
+msgid "%s must be owned by uid %d"
+msgstr "%s turi priklausyti uid %d"
+
+#: plugins/sudoers/group_plugin.c:107
+#, c-format
+msgid "%s must only be writable by owner"
+msgstr "%s turi būti įrašomas tik savininkui"
+
+#: plugins/sudoers/group_plugin.c:114
+#, c-format
+msgid "unable to dlopen %s: %s"
+msgstr ""
+
+#: plugins/sudoers/group_plugin.c:119
+#, c-format
+msgid "unable to find symbol \"group_plugin\" in %s"
+msgstr ""
+
+#: plugins/sudoers/group_plugin.c:124
+#, c-format
+msgid "%s: incompatible group plugin major version %d, expected %d"
+msgstr ""
+
+#: plugins/sudoers/interfaces.c:112
+msgid "Local IP address and netmask pairs:\n"
+msgstr ""
+
+#: plugins/sudoers/iolog.c:179 plugins/sudoers/sudoers.c:999
+#, c-format
+msgid "unable to read %s"
+msgstr ""
+
+#: plugins/sudoers/iolog.c:182
+#, c-format
+msgid "invalid sequence number %s"
+msgstr ""
+
+#: plugins/sudoers/iolog.c:231 plugins/sudoers/iolog.c:234
+#: plugins/sudoers/iolog.c:499 plugins/sudoers/iolog.c:504
+#: plugins/sudoers/iolog.c:510 plugins/sudoers/iolog.c:518
+#: plugins/sudoers/iolog.c:526 plugins/sudoers/iolog.c:534
+#: plugins/sudoers/iolog.c:542
+#, c-format
+msgid "unable to create %s"
+msgstr ""
+
+#: plugins/sudoers/iolog_path.c:256 plugins/sudoers/sudoers.c:362
+#, c-format
+msgid "unable to set locale to \"%s\", using \"C\""
+msgstr ""
+
+#: plugins/sudoers/ldap.c:374
+#, c-format
+msgid "sudo_ldap_conf_add_ports: port too large"
+msgstr ""
+
+#: plugins/sudoers/ldap.c:397
+#, c-format
+msgid "sudo_ldap_conf_add_ports: out of space expanding hostbuf"
+msgstr ""
+
+#: plugins/sudoers/ldap.c:427
+#, c-format
+msgid "unsupported LDAP uri type: %s"
+msgstr ""
+
+#: plugins/sudoers/ldap.c:456
+#, c-format
+msgid "invalid uri: %s"
+msgstr ""
+
+#: plugins/sudoers/ldap.c:462
+#, c-format
+msgid "unable to mix ldap and ldaps URIs"
+msgstr ""
+
+#: plugins/sudoers/ldap.c:466
+#, c-format
+msgid "unable to mix ldaps and starttls"
+msgstr ""
+
+#: plugins/sudoers/ldap.c:485
+#, c-format
+msgid "sudo_ldap_parse_uri: out of space building hostbuf"
+msgstr ""
+
+#: plugins/sudoers/ldap.c:550
+#, c-format
+msgid "unable to initialize SSL cert and key db: %s"
+msgstr ""
+
+#: plugins/sudoers/ldap.c:958
+#, c-format
+msgid "unable to get GMT time"
+msgstr ""
+
+#: plugins/sudoers/ldap.c:964
+#, c-format
+msgid "unable to format timestamp"
+msgstr ""
+
+#: plugins/sudoers/ldap.c:972
+#, c-format
+msgid "unable to build time filter"
+msgstr ""
+
+#: plugins/sudoers/ldap.c:1185
+#, c-format
+msgid "sudo_ldap_build_pass1 allocation mismatch"
+msgstr ""
+
+#: plugins/sudoers/ldap.c:1705
+#, c-format
+msgid ""
+"\n"
+"LDAP Role: %s\n"
+msgstr ""
+
+#: plugins/sudoers/ldap.c:1707
+#, c-format
+msgid ""
+"\n"
+"LDAP Role: UNKNOWN\n"
+msgstr ""
+
+#: plugins/sudoers/ldap.c:1754
+#, c-format
+msgid "    Order: %s\n"
+msgstr ""
+
+#: plugins/sudoers/ldap.c:1762
+#, c-format
+msgid "    Commands:\n"
+msgstr ""
+
+#: plugins/sudoers/ldap.c:2161
+#, c-format
+msgid "unable to initialize LDAP: %s"
+msgstr ""
+
+#: plugins/sudoers/ldap.c:2192
+#, c-format
+msgid "start_tls specified but LDAP libs do not support ldap_start_tls_s() or ldap_start_tls_s_np()"
+msgstr ""
+
+#: plugins/sudoers/ldap.c:2428
+#, c-format
+msgid "invalid sudoOrder attribute: %s"
+msgstr ""
+
+#: plugins/sudoers/linux_audit.c:57
+#, c-format
+msgid "unable to open audit system"
+msgstr ""
+
+#: plugins/sudoers/linux_audit.c:82
+#, c-format
+msgid "internal error, linux_audit_command() overflow"
+msgstr ""
+
+#: plugins/sudoers/linux_audit.c:91
+#, c-format
+msgid "unable to send audit message"
+msgstr ""
+
+#: plugins/sudoers/logging.c:198
+#, c-format
+msgid "unable to open log file: %s: %s"
+msgstr ""
+
+#: plugins/sudoers/logging.c:201
+#, c-format
+msgid "unable to lock log file: %s: %s"
+msgstr ""
+
+#: plugins/sudoers/logging.c:256
+msgid "user NOT in sudoers"
+msgstr ""
+
+#: plugins/sudoers/logging.c:258
+msgid "user NOT authorized on host"
+msgstr ""
+
+#: plugins/sudoers/logging.c:260
+msgid "command not allowed"
+msgstr ""
+
+#: plugins/sudoers/logging.c:270
+#, c-format
+msgid "%s is not in the sudoers file.  This incident will be reported.\n"
+msgstr "%s nėra „sudoers“ faile.  Apie šį įvykį bus pranešta.\n"
+
+#: plugins/sudoers/logging.c:273
+#, c-format
+msgid "%s is not allowed to run sudo on %s.  This incident will be reported.\n"
+msgstr "%s neleidžiama vykdyti „sudo“ kompiuteryje %s.  Apie šį įvykį bus pranešta.\n"
+
+#: plugins/sudoers/logging.c:277
+#, c-format
+msgid "Sorry, user %s may not run sudo on %s.\n"
+msgstr "Deja, naudotojas %s negali vykdyti „sudo“ kompiuteryje %s.\n"
+
+#: plugins/sudoers/logging.c:280
+#, c-format
+msgid "Sorry, user %s is not allowed to execute '%s%s%s' as %s%s%s on %s.\n"
+msgstr "Deja, naudotojui %s neleidžiama vykdyti „%s%s%s“ kaip %s%s%s kompiuteryje %s.\n"
+
+#: plugins/sudoers/logging.c:420
+#, c-format
+msgid "unable to fork"
+msgstr ""
+
+#: plugins/sudoers/logging.c:427 plugins/sudoers/logging.c:489
+#, c-format
+msgid "unable to fork: %m"
+msgstr ""
+
+#: plugins/sudoers/logging.c:479
+#, c-format
+msgid "unable to open pipe: %m"
+msgstr ""
+
+#: plugins/sudoers/logging.c:504
+#, c-format
+msgid "unable to dup stdin: %m"
+msgstr ""
+
+#: plugins/sudoers/logging.c:540
+#, c-format
+msgid "unable to execute %s: %m"
+msgstr ""
+
+#: plugins/sudoers/logging.c:755
+#, c-format
+msgid "internal error: insufficient space for log line"
+msgstr ""
+
+#: plugins/sudoers/parse.c:123
+#, c-format
+msgid "parse error in %s near line %d"
+msgstr ""
+
+#: plugins/sudoers/parse.c:126
+#, c-format
+msgid "parse error in %s"
+msgstr ""
+
+#: plugins/sudoers/parse.c:389
+#, c-format
+msgid ""
+"\n"
+"Sudoers entry:\n"
+msgstr ""
+
+#: plugins/sudoers/parse.c:391
+#, c-format
+msgid "    RunAsUsers: "
+msgstr ""
+
+#: plugins/sudoers/parse.c:406
+#, c-format
+msgid "    RunAsGroups: "
+msgstr ""
+
+#: plugins/sudoers/parse.c:415
+#, c-format
+msgid ""
+"    Commands:\n"
+"\t"
+msgstr ""
+
+#: plugins/sudoers/plugin_error.c:100 plugins/sudoers/plugin_error.c:105
+msgid ": "
+msgstr ": "
+
+#: plugins/sudoers/pwutil.c:260
+#, c-format
+msgid "unable to cache uid %u (%s), already exists"
+msgstr ""
+
+#: plugins/sudoers/pwutil.c:268
+#, c-format
+msgid "unable to cache uid %u, already exists"
+msgstr ""
+
+#: plugins/sudoers/pwutil.c:305 plugins/sudoers/pwutil.c:314
+#, c-format
+msgid "unable to cache user %s, already exists"
+msgstr ""
+
+#: plugins/sudoers/pwutil.c:655
+#, c-format
+msgid "unable to cache gid %u (%s), already exists"
+msgstr ""
+
+#: plugins/sudoers/pwutil.c:663
+#, c-format
+msgid "unable to cache gid %u, already exists"
+msgstr ""
+
+#: plugins/sudoers/pwutil.c:693 plugins/sudoers/pwutil.c:702
+#, c-format
+msgid "unable to cache group %s, already exists"
+msgstr ""
+
+#: plugins/sudoers/set_perms.c:114 plugins/sudoers/set_perms.c:365
+#: plugins/sudoers/set_perms.c:601 plugins/sudoers/set_perms.c:837
+msgid "perm stack overflow"
+msgstr ""
+
+#: plugins/sudoers/set_perms.c:122 plugins/sudoers/set_perms.c:373
+#: plugins/sudoers/set_perms.c:609 plugins/sudoers/set_perms.c:845
+msgid "perm stack underflow"
+msgstr ""
+
+#: plugins/sudoers/set_perms.c:228 plugins/sudoers/set_perms.c:466
+#: plugins/sudoers/set_perms.c:706
+msgid "unable to change to runas gid"
+msgstr ""
+
+#: plugins/sudoers/set_perms.c:236 plugins/sudoers/set_perms.c:473
+#: plugins/sudoers/set_perms.c:713
+msgid "unable to change to runas uid"
+msgstr ""
+
+#: plugins/sudoers/set_perms.c:250 plugins/sudoers/set_perms.c:486
+#: plugins/sudoers/set_perms.c:726
+#, c-format
+msgid "unable to change to sudoers gid"
+msgstr ""
+
+#: plugins/sudoers/set_perms.c:291 plugins/sudoers/set_perms.c:524
+#: plugins/sudoers/set_perms.c:764 plugins/sudoers/set_perms.c:906
+msgid "too many processes"
+msgstr ""
+
+#: plugins/sudoers/set_perms.c:970
+msgid "unable to set runas group vector"
+msgstr ""
+
+#: plugins/sudoers/sudo_nss.c:243
+#, c-format
+msgid "Matching Defaults entries for %s on this host:\n"
+msgstr ""
+
+#: plugins/sudoers/sudo_nss.c:256
+#, c-format
+msgid "Runas and Command-specific defaults for %s:\n"
+msgstr ""
+
+#: plugins/sudoers/sudo_nss.c:269
+#, c-format
+msgid "User %s may run the following commands on this host:\n"
+msgstr ""
+
+#: plugins/sudoers/sudo_nss.c:279
+#, c-format
+msgid "User %s is not allowed to run sudo on %s.\n"
+msgstr "Naudotojui %s neleidžiama vykdyti „sudo“ kompiuteryje %s.\n"
+
+#: plugins/sudoers/sudoers.c:201 plugins/sudoers/sudoers.c:232
+#: plugins/sudoers/sudoers.c:931
+msgid "problem with defaults entries"
+msgstr ""
+
+#: plugins/sudoers/sudoers.c:205
+#, c-format
+msgid "no valid sudoers sources found, quitting"
+msgstr ""
+
+#: plugins/sudoers/sudoers.c:257
+#, c-format
+msgid "unable to execute %s: %s"
+msgstr ""
+
+#: plugins/sudoers/sudoers.c:311
+#, c-format
+msgid "sudoers specifies that root is not allowed to sudo"
+msgstr ""
+
+#: plugins/sudoers/sudoers.c:318
+#, c-format
+msgid "you are not permitted to use the -C option"
+msgstr ""
+
+#: plugins/sudoers/sudoers.c:408
+#, c-format
+msgid "timestamp owner (%s): No such user"
+msgstr ""
+
+#: plugins/sudoers/sudoers.c:424
+msgid "no tty"
+msgstr ""
+
+#: plugins/sudoers/sudoers.c:425
+#, c-format
+msgid "sorry, you must have a tty to run sudo"
+msgstr ""
+
+#: plugins/sudoers/sudoers.c:464
+msgid "No user or host"
+msgstr ""
+
+#: plugins/sudoers/sudoers.c:478 plugins/sudoers/sudoers.c:499
+#: plugins/sudoers/sudoers.c:500 plugins/sudoers/sudoers.c:1509
+#: plugins/sudoers/sudoers.c:1510
+#, c-format
+msgid "%s: command not found"
+msgstr ""
+
+#: plugins/sudoers/sudoers.c:480 plugins/sudoers/sudoers.c:496
+#, c-format
+msgid ""
+"ignoring `%s' found in '.'\n"
+"Use `sudo ./%s' if this is the `%s' you wish to run."
+msgstr ""
+
+#: plugins/sudoers/sudoers.c:485
+msgid "validation failure"
+msgstr ""
+
+#: plugins/sudoers/sudoers.c:495
+msgid "command in current directory"
+msgstr ""
+
+#: plugins/sudoers/sudoers.c:507
+#, c-format
+msgid "sorry, you are not allowed to preserve the environment"
+msgstr ""
+
+#: plugins/sudoers/sudoers.c:657 plugins/sudoers/sudoers.c:664
+#, c-format
+msgid "internal error, runas_groups overflow"
+msgstr ""
+
+#: plugins/sudoers/sudoers.c:914
+#, c-format
+msgid "internal error, set_cmnd() overflow"
+msgstr ""
+
+#: plugins/sudoers/sudoers.c:957
+#, c-format
+msgid "fixed mode on %s"
+msgstr ""
+
+#: plugins/sudoers/sudoers.c:961
+#, c-format
+msgid "set group on %s"
+msgstr ""
+
+#: plugins/sudoers/sudoers.c:964
+#, c-format
+msgid "unable to set group on %s"
+msgstr ""
+
+#: plugins/sudoers/sudoers.c:967
+#, c-format
+msgid "unable to fix mode on %s"
+msgstr ""
+
+#: plugins/sudoers/sudoers.c:980
+#, c-format
+msgid "%s is not a regular file"
+msgstr ""
+
+#: plugins/sudoers/sudoers.c:982
+#, c-format
+msgid "%s is mode 0%o, should be 0%o"
+msgstr ""
+
+#: plugins/sudoers/sudoers.c:986
+#, c-format
+msgid "%s is owned by uid %u, should be %u"
+msgstr "%s priklauso uid %u, nors turėtų %u"
+
+#: plugins/sudoers/sudoers.c:989
+#, c-format
+msgid "%s is owned by gid %u, should be %u"
+msgstr "%s priklauso gid %u, nors turėtų %u"
+
+#: plugins/sudoers/sudoers.c:1038
+#, c-format
+msgid "only root can use `-c %s'"
+msgstr "„-c %s“ gali naudoti tik „root“ naudotojas"
+
+#: plugins/sudoers/sudoers.c:1049
+#, c-format
+msgid "unknown login class: %s"
+msgstr ""
+
+#: plugins/sudoers/sudoers.c:1077
+#, c-format
+msgid "unable to resolve host %s"
+msgstr ""
+
+#: plugins/sudoers/sudoers.c:1129 plugins/sudoers/testsudoers.c:380
+#, c-format
+msgid "unknown group: %s"
+msgstr ""
+
+#: plugins/sudoers/sudoers.c:1178
+#, c-format
+msgid "Sudoers policy plugin version %s\n"
+msgstr ""
+
+#: plugins/sudoers/sudoers.c:1180
+#, c-format
+msgid "Sudoers file grammar version %d\n"
+msgstr ""
+
+#: plugins/sudoers/sudoers.c:1184
+#, c-format
+msgid ""
+"\n"
+"Sudoers path: %s\n"
+msgstr ""
+
+#: plugins/sudoers/sudoers.c:1187
+#, c-format
+msgid "nsswitch path: %s\n"
+msgstr ""
+
+#: plugins/sudoers/sudoers.c:1189
+#, c-format
+msgid "ldap.conf path: %s\n"
+msgstr ""
+
+#: plugins/sudoers/sudoers.c:1190
+#, c-format
+msgid "ldap.secret path: %s\n"
+msgstr ""
+
+#: plugins/sudoers/sudoreplay.c:286
+#, c-format
+msgid "invalid filter option: %s"
+msgstr ""
+
+#: plugins/sudoers/sudoreplay.c:299
+#, c-format
+msgid "invalid max wait: %s"
+msgstr ""
+
+#: plugins/sudoers/sudoreplay.c:305
+#, c-format
+msgid "invalid speed factor: %s"
+msgstr ""
+
+#: plugins/sudoers/sudoreplay.c:308 plugins/sudoers/visudo.c:187
+#, c-format
+msgid "%s version %s\n"
+msgstr ""
+
+#: plugins/sudoers/sudoreplay.c:333
+#, c-format
+msgid "%s/%.2s/%.2s/%.2s/timing: %s"
+msgstr ""
+
+#: plugins/sudoers/sudoreplay.c:339
+#, c-format
+msgid "%s/%s/timing: %s"
+msgstr ""
+
+#: plugins/sudoers/sudoreplay.c:364
+#, c-format
+msgid "invalid log file %s"
+msgstr ""
+
+#: plugins/sudoers/sudoreplay.c:366
+#, c-format
+msgid "Replaying sudo session: %s"
+msgstr ""
+
+#: plugins/sudoers/sudoreplay.c:392
+#, c-format
+msgid "unable to set tty to raw mode"
+msgstr ""
+
+#: plugins/sudoers/sudoreplay.c:406
+#, c-format
+msgid "invalid timing file line: %s"
+msgstr ""
+
+#: plugins/sudoers/sudoreplay.c:448
+#, c-format
+msgid "writing to standard output"
+msgstr ""
+
+#: plugins/sudoers/sudoreplay.c:480
+#, c-format
+msgid "nanosleep: tv_sec %ld, tv_nsec %ld"
+msgstr ""
+
+#: plugins/sudoers/sudoreplay.c:529 plugins/sudoers/sudoreplay.c:554
+#, c-format
+msgid "ambiguous expression \"%s\""
+msgstr ""
+
+#: plugins/sudoers/sudoreplay.c:571
+#, c-format
+msgid "too many parenthesized expressions, max %d"
+msgstr ""
+
+#: plugins/sudoers/sudoreplay.c:582
+#, c-format
+msgid "unmatched ')' in expression"
+msgstr ""
+
+#: plugins/sudoers/sudoreplay.c:588
+#, c-format
+msgid "unknown search term \"%s\""
+msgstr ""
+
+#: plugins/sudoers/sudoreplay.c:602
+#, c-format
+msgid "%s requires an argument"
+msgstr ""
+
+#: plugins/sudoers/sudoreplay.c:606
+#, c-format
+msgid "invalid regular expression: %s"
+msgstr ""
+
+#: plugins/sudoers/sudoreplay.c:612
+#, c-format
+msgid "could not parse date \"%s\""
+msgstr ""
+
+#: plugins/sudoers/sudoreplay.c:625
+#, c-format
+msgid "unmatched '(' in expression"
+msgstr ""
+
+#: plugins/sudoers/sudoreplay.c:627
+#, c-format
+msgid "illegal trailing \"or\""
+msgstr ""
+
+#: plugins/sudoers/sudoreplay.c:629
+#, c-format
+msgid "illegal trailing \"!\""
+msgstr ""
+
+#: plugins/sudoers/sudoreplay.c:851
+#, c-format
+msgid "invalid regex: %s"
+msgstr ""
+
+#: plugins/sudoers/sudoreplay.c:976
+#, c-format
+msgid "usage: %s [-h] [-d directory] [-m max_wait] [-s speed_factor] ID\n"
+msgstr ""
+
+#: plugins/sudoers/sudoreplay.c:979
+#, c-format
+msgid "usage: %s [-h] [-d directory] -l [search expression]\n"
+msgstr ""
+
+#: plugins/sudoers/sudoreplay.c:988
+#, c-format
+msgid ""
+"%s - replay sudo session logs\n"
+"\n"
+msgstr ""
+
+#: plugins/sudoers/sudoreplay.c:990
+msgid ""
+"\n"
+"Options:\n"
+"  -d directory     specify directory for session logs\n"
+"  -f filter        specify which I/O type to display\n"
+"  -h               display help message and exit\n"
+"  -l [expression]  list available session IDs that match expression\n"
+"  -m max_wait      max number of seconds to wait between events\n"
+"  -s speed_factor  speed up or slow down output\n"
+"  -V               display version information and exit"
+msgstr ""
+
+#: plugins/sudoers/testsudoers.c:246
+#, c-format
+msgid "internal error, init_vars() overflow"
+msgstr ""
+
+#: plugins/sudoers/testsudoers.c:331
+msgid "\thost  unmatched"
+msgstr ""
+
+#: plugins/sudoers/testsudoers.c:334
+msgid ""
+"\n"
+"Command allowed"
+msgstr ""
+
+#: plugins/sudoers/testsudoers.c:335
+msgid ""
+"\n"
+"Command denied"
+msgstr ""
+
+#: plugins/sudoers/testsudoers.c:335
+msgid ""
+"\n"
+"Command unmatched"
+msgstr ""
+
+#: toke.l:672 toke.l:802 toke.l:827 toke.l:923 plugins/sudoers/toke_util.c:113
+#: plugins/sudoers/toke_util.c:167 plugins/sudoers/toke_util.c:207
+msgid "unable to allocate memory"
+msgstr ""
+
+#: toke.l:795
+msgid "too many levels of includes"
+msgstr ""
+
+#: plugins/sudoers/toke_util.c:218
+msgid "fill_args: buffer overflow"
+msgstr ""
+
+#: plugins/sudoers/visudo.c:188
+#, c-format
+msgid "%s grammar version %d\n"
+msgstr ""
+
+#: plugins/sudoers/visudo.c:221 plugins/sudoers/auth/rfc1938.c:104
+#, c-format
+msgid "you do not exist in the %s database"
+msgstr ""
+
+#: plugins/sudoers/visudo.c:253 plugins/sudoers/visudo.c:539
+#, c-format
+msgid "press return to edit %s: "
+msgstr ""
+
+#: plugins/sudoers/visudo.c:336 plugins/sudoers/visudo.c:342
+#, c-format
+msgid "write error"
+msgstr ""
+
+#: plugins/sudoers/visudo.c:424
+#, c-format
+msgid "unable to stat temporary file (%s), %s unchanged"
+msgstr ""
+
+#: plugins/sudoers/visudo.c:429
+#, c-format
+msgid "zero length temporary file (%s), %s unchanged"
+msgstr ""
+
+#: plugins/sudoers/visudo.c:435
+#, c-format
+msgid "editor (%s) failed, %s unchanged"
+msgstr ""
+
+#: plugins/sudoers/visudo.c:458
+#, c-format
+msgid "%s unchanged"
+msgstr ""
+
+#: plugins/sudoers/visudo.c:484
+#, c-format
+msgid "unable to re-open temporary file (%s), %s unchanged."
+msgstr ""
+
+#: plugins/sudoers/visudo.c:494
+#, c-format
+msgid "unabled to parse temporary file (%s), unknown error"
+msgstr ""
+
+#: plugins/sudoers/visudo.c:532
+#, c-format
+msgid "internal error, unable to find %s in list!"
+msgstr ""
+
+#: plugins/sudoers/visudo.c:584 plugins/sudoers/visudo.c:593
+#, c-format
+msgid "unable to set (uid, gid) of %s to (%u, %u)"
+msgstr ""
+
+#: plugins/sudoers/visudo.c:588 plugins/sudoers/visudo.c:598
+#, c-format
+msgid "unable to change mode of %s to 0%o"
+msgstr ""
+
+#: plugins/sudoers/visudo.c:615
+#, c-format
+msgid "%s and %s not on the same file system, using mv to rename"
+msgstr ""
+
+#: plugins/sudoers/visudo.c:629
+#, c-format
+msgid "command failed: '%s %s %s', %s unchanged"
+msgstr ""
+
+#: plugins/sudoers/visudo.c:639
+#, c-format
+msgid "error renaming %s, %s unchanged"
+msgstr ""
+
+#: plugins/sudoers/visudo.c:702
+msgid "What now? "
+msgstr ""
+
+#: plugins/sudoers/visudo.c:716
+msgid ""
+"Options are:\n"
+"  (e)dit sudoers file again\n"
+"  e(x)it without saving changes to sudoers file\n"
+"  (Q)uit and save changes to sudoers file (DANGER!)\n"
+msgstr ""
+
+#: plugins/sudoers/visudo.c:757
+#, c-format
+msgid "unable to execute %s"
+msgstr ""
+
+#: plugins/sudoers/visudo.c:764
+#, c-format
+msgid "unable to run %s"
+msgstr ""
+
+#: plugins/sudoers/visudo.c:796
+#, c-format
+msgid "failed to parse %s file, unknown error"
+msgstr ""
+
+#: plugins/sudoers/visudo.c:808
+#, c-format
+msgid "parse error in %s near line %d\n"
+msgstr ""
+
+#: plugins/sudoers/visudo.c:811
+#, c-format
+msgid "parse error in %s\n"
+msgstr ""
+
+#: plugins/sudoers/visudo.c:814 plugins/sudoers/visudo.c:816
+#, c-format
+msgid "%s: parsed OK\n"
+msgstr ""
+
+#: plugins/sudoers/visudo.c:826
+#, c-format
+msgid "%s: wrong owner (uid, gid) should be (%u, %u)\n"
+msgstr ""
+
+#: plugins/sudoers/visudo.c:833
+#, c-format
+msgid "%s: bad permissions, should be mode 0%o\n"
+msgstr ""
+
+#: plugins/sudoers/visudo.c:880
+#, c-format
+msgid "%s busy, try again later"
+msgstr ""
+
+#: plugins/sudoers/visudo.c:924
+#, c-format
+msgid "specified editor (%s) doesn't exist"
+msgstr ""
+
+#: plugins/sudoers/visudo.c:947
+#, c-format
+msgid "unable to stat editor (%s)"
+msgstr ""
+
+#: plugins/sudoers/visudo.c:995
+#, c-format
+msgid "no editor found (editor path = %s)"
+msgstr ""
+
+#: plugins/sudoers/visudo.c:1089
+#, c-format
+msgid "Error: cycle in %s_Alias `%s'"
+msgstr ""
+
+#: plugins/sudoers/visudo.c:1090
+#, c-format
+msgid "Warning: cycle in %s_Alias `%s'"
+msgstr ""
+
+#: plugins/sudoers/visudo.c:1093
+#, c-format
+msgid "Error: %s_Alias `%s' referenced but not defined"
+msgstr ""
+
+#: plugins/sudoers/visudo.c:1094
+#, c-format
+msgid "Warning: %s_Alias `%s' referenced but not defined"
+msgstr ""
+
+#: plugins/sudoers/visudo.c:1229
+#, c-format
+msgid "%s: unused %s_Alias %s"
+msgstr ""
+
+#: plugins/sudoers/visudo.c:1286
+#, c-format
+msgid ""
+"%s - safely edit the sudoers file\n"
+"\n"
+msgstr ""
+
+#: plugins/sudoers/visudo.c:1288
+msgid ""
+"\n"
+"Options:\n"
+"  -c          check-only mode\n"
+"  -f sudoers  specify sudoers file location\n"
+"  -h          display help message and exit\n"
+"  -q          less verbose (quiet) syntax error messages\n"
+"  -s          strict syntax checking\n"
+"  -V          display version information and exit"
+msgstr ""
+
+#: plugins/sudoers/auth/bsdauth.c:78
+#, c-format
+msgid "unable to get login class for user %s"
+msgstr ""
+
+#: plugins/sudoers/auth/bsdauth.c:84
+msgid "unable to begin bsd authentication"
+msgstr ""
+
+#: plugins/sudoers/auth/bsdauth.c:92
+msgid "invalid authentication type"
+msgstr ""
+
+#: plugins/sudoers/auth/bsdauth.c:101
+msgid "unable to setup authentication"
+msgstr ""
+
+#: plugins/sudoers/auth/fwtk.c:60
+#, c-format
+msgid "unable to read fwtk config"
+msgstr ""
+
+#: plugins/sudoers/auth/fwtk.c:65
+#, c-format
+msgid "unable to connect to authentication server"
+msgstr ""
+
+#: plugins/sudoers/auth/fwtk.c:71 plugins/sudoers/auth/fwtk.c:95
+#: plugins/sudoers/auth/fwtk.c:128
+#, c-format
+msgid "lost connection to authentication server"
+msgstr ""
+
+#: plugins/sudoers/auth/fwtk.c:75
+#, c-format
+msgid ""
+"authentication server error:\n"
+"%s"
+msgstr ""
+
+#: plugins/sudoers/auth/kerb5.c:117
+#, c-format
+msgid "%s: unable to unparse princ ('%s'): %s"
+msgstr ""
+
+#: plugins/sudoers/auth/kerb5.c:160
+#, c-format
+msgid "%s: unable to parse '%s': %s"
+msgstr ""
+
+#: plugins/sudoers/auth/kerb5.c:170
+#, c-format
+msgid "%s: unable to resolve ccache: %s"
+msgstr ""
+
+#: plugins/sudoers/auth/kerb5.c:218
+#, c-format
+msgid "%s: unable to allocate options: %s"
+msgstr ""
+
+#: plugins/sudoers/auth/kerb5.c:234
+#, c-format
+msgid "%s: unable to get credentials: %s"
+msgstr ""
+
+#: plugins/sudoers/auth/kerb5.c:247
+#, c-format
+msgid "%s: unable to initialize ccache: %s"
+msgstr ""
+
+#: plugins/sudoers/auth/kerb5.c:251
+#, c-format
+msgid "%s: unable to store cred in ccache: %s"
+msgstr ""
+
+#: plugins/sudoers/auth/kerb5.c:316
+#, c-format
+msgid "%s: unable to get host principal: %s"
+msgstr ""
+
+#: plugins/sudoers/auth/kerb5.c:331
+#, c-format
+msgid "%s: Cannot verify TGT! Possible attack!: %s"
+msgstr ""
+
+#: plugins/sudoers/auth/pam.c:100
+msgid "unable to initialize PAM"
+msgstr ""
+
+#: plugins/sudoers/auth/pam.c:144
+msgid "account validation failure, is your account locked?"
+msgstr ""
+
+#: plugins/sudoers/auth/pam.c:148
+msgid "Account or password is expired, reset your password and try again"
+msgstr ""
+
+#: plugins/sudoers/auth/pam.c:155
+#, c-format
+msgid "pam_chauthtok: %s"
+msgstr ""
+
+#: plugins/sudoers/auth/pam.c:159
+msgid "Password expired, contact your system administrator"
+msgstr ""
+
+#: plugins/sudoers/auth/pam.c:163
+msgid "Account expired or PAM config lacks an \"account\" section for sudo, contact your system administrator"
+msgstr ""
+
+#: plugins/sudoers/auth/pam.c:178
+#, c-format
+msgid "pam_authenticate: %s"
+msgstr ""
+
+#: plugins/sudoers/auth/pam.c:306
+msgid "Password: "
+msgstr "Slaptažodis: "
+
+#: plugins/sudoers/auth/pam.c:307
+msgid "Password:"
+msgstr "Slaptažodis:"
+
+#: plugins/sudoers/auth/securid5.c:81
+#, c-format
+msgid "failed to initialise the ACE API library"
+msgstr ""
+
+#: plugins/sudoers/auth/securid5.c:107
+#, c-format
+msgid "unable to contact the SecurID server"
+msgstr ""
+
+#: plugins/sudoers/auth/securid5.c:116
+#, c-format
+msgid "User ID locked for SecurID Authentication"
+msgstr ""
+
+#: plugins/sudoers/auth/securid5.c:120 plugins/sudoers/auth/securid5.c:171
+#, c-format
+msgid "invalid username length for SecurID"
+msgstr ""
+
+#: plugins/sudoers/auth/securid5.c:124 plugins/sudoers/auth/securid5.c:176
+#, c-format
+msgid "invalid Authentication Handle for SecurID"
+msgstr ""
+
+#: plugins/sudoers/auth/securid5.c:128
+#, c-format
+msgid "SecurID communication failed"
+msgstr ""
+
+#: plugins/sudoers/auth/securid5.c:132 plugins/sudoers/auth/securid5.c:215
+#, c-format
+msgid "unknown SecurID error"
+msgstr ""
+
+#: plugins/sudoers/auth/securid5.c:166
+#, c-format
+msgid "invalid passcode length for SecurID"
+msgstr ""
+
+#: plugins/sudoers/auth/sia.c:109
+msgid "unable to initialize SIA session"
+msgstr ""
+
+#: plugins/sudoers/auth/sudo_auth.c:117
+msgid "Invalid authentication methods compiled into sudo!  You may mix standalone and non-standalone authentication."
+msgstr ""
+
+#: plugins/sudoers/auth/sudo_auth.c:199
+msgid "There are no authentication methods compiled into sudo!  If you want to turn off authentication, use the --disable-authentication configure option."
+msgstr ""
+
+#: plugins/sudoers/auth/sudo_auth.c:271
+#, c-format
+msgid "%d incorrect password attempt"
+msgid_plural "%d incorrect password attempts"
+msgstr[0] ""
+msgstr[1] ""
+
+#: plugins/sudoers/auth/sudo_auth.c:374
+msgid "Authentication methods:"
+msgstr ""
diff --git a/plugins/sudoers/po/nb.mo b/plugins/sudoers/po/nb.mo
new file mode 100644
index 0000000..6b5a288
--- /dev/null
+++ b/plugins/sudoers/po/nb.mo
diff --git a/plugins/sudoers/po/nb.po b/plugins/sudoers/po/nb.po
new file mode 100644
index 0000000..d045bd9
--- /dev/null
+++ b/plugins/sudoers/po/nb.po
@@ -0,0 +1,2404 @@
+# Norwegian bokmål translation of sudoers.
+# This file is distributed under the same license as the sudo package.
+# Copyright (C) 2017 Free Software Foundation, Inc.
+# Todd C. Miller <Todd.Miller@courtesan.com>, 2011-2013.
+# Åka Sikrom <a4@hush.com>, 2014-2018.
+#
+msgid ""
+msgstr ""
+"Project-Id-Version: sudoers-1.8.26b1\n"
+"Report-Msgid-Bugs-To: https://bugzilla.sudo.ws\n"
+"POT-Creation-Date: 2018-10-29 08:31-0600\n"
+"PO-Revision-Date: 2018-10-30 08:49+0100\n"
+"Last-Translator: Åka Sikrom <a4@hush.com>\n"
+"Language-Team: Norwegian Bokmaal <i18n-nb@lister.ping.uio.no>\n"
+"Language: nb\n"
+"MIME-Version: 1.0\n"
+"Content-Type: text/plain; charset=UTF-8\n"
+"Content-Transfer-Encoding: 8bit\n"
+"X-Bugs: Report translation errors to the Language-Team address.\n"
+"Plural-Forms: nplurals=2; plural=(n != 1);\n"
+"X-Generator: Poedit 1.8.7.1\n"
+
+#: confstr.sh:1
+msgid "syntax error"
+msgstr "syntaksfeil"
+
+#: confstr.sh:2
+msgid "%p's password: "
+msgstr "passord for %p: "
+
+#: confstr.sh:3
+msgid "[sudo] password for %p: "
+msgstr "[sudo] passord for %p: "
+
+#: confstr.sh:4
+msgid "Password: "
+msgstr "Passord:"
+
+#: confstr.sh:5
+msgid "*** SECURITY information for %h ***"
+msgstr "*** SIKKERHETSinformasjon om %h ***"
+
+#: confstr.sh:6
+msgid "Sorry, try again."
+msgstr "Feil. Prøv igjen."
+
+#: gram.y:192 gram.y:240 gram.y:247 gram.y:254 gram.y:261 gram.y:268
+#: gram.y:284 gram.y:308 gram.y:315 gram.y:322 gram.y:329 gram.y:336
+#: gram.y:399 gram.y:407 gram.y:417 gram.y:450 gram.y:457 gram.y:464
+#: gram.y:471 gram.y:553 gram.y:560 gram.y:569 gram.y:578 gram.y:595
+#: gram.y:707 gram.y:714 gram.y:721 gram.y:729 gram.y:829 gram.y:836
+#: gram.y:843 gram.y:850 gram.y:857 gram.y:883 gram.y:890 gram.y:897
+#: gram.y:1020 gram.y:1294 plugins/sudoers/alias.c:130
+#: plugins/sudoers/alias.c:137 plugins/sudoers/alias.c:153
+#: plugins/sudoers/auth/bsdauth.c:146 plugins/sudoers/auth/kerb5.c:121
+#: plugins/sudoers/auth/kerb5.c:147 plugins/sudoers/auth/pam.c:524
+#: plugins/sudoers/auth/rfc1938.c:114 plugins/sudoers/auth/sia.c:62
+#: plugins/sudoers/cvtsudoers.c:123 plugins/sudoers/cvtsudoers.c:164
+#: plugins/sudoers/cvtsudoers.c:181 plugins/sudoers/cvtsudoers.c:192
+#: plugins/sudoers/cvtsudoers.c:304 plugins/sudoers/cvtsudoers.c:432
+#: plugins/sudoers/cvtsudoers.c:565 plugins/sudoers/cvtsudoers.c:582
+#: plugins/sudoers/cvtsudoers.c:645 plugins/sudoers/cvtsudoers.c:760
+#: plugins/sudoers/cvtsudoers.c:768 plugins/sudoers/cvtsudoers.c:1178
+#: plugins/sudoers/cvtsudoers.c:1182 plugins/sudoers/cvtsudoers.c:1284
+#: plugins/sudoers/cvtsudoers_ldif.c:152 plugins/sudoers/cvtsudoers_ldif.c:195
+#: plugins/sudoers/cvtsudoers_ldif.c:242 plugins/sudoers/cvtsudoers_ldif.c:261
+#: plugins/sudoers/cvtsudoers_ldif.c:332 plugins/sudoers/cvtsudoers_ldif.c:387
+#: plugins/sudoers/cvtsudoers_ldif.c:395 plugins/sudoers/cvtsudoers_ldif.c:412
+#: plugins/sudoers/cvtsudoers_ldif.c:421 plugins/sudoers/cvtsudoers_ldif.c:568
+#: plugins/sudoers/defaults.c:661 plugins/sudoers/defaults.c:954
+#: plugins/sudoers/defaults.c:1125 plugins/sudoers/editor.c:70
+#: plugins/sudoers/editor.c:88 plugins/sudoers/editor.c:99
+#: plugins/sudoers/env.c:247 plugins/sudoers/filedigest.c:64
+#: plugins/sudoers/filedigest.c:80 plugins/sudoers/gc.c:57
+#: plugins/sudoers/group_plugin.c:136 plugins/sudoers/interfaces.c:76
+#: plugins/sudoers/iolog.c:939 plugins/sudoers/iolog_path.c:172
+#: plugins/sudoers/iolog_util.c:83 plugins/sudoers/iolog_util.c:122
+#: plugins/sudoers/iolog_util.c:131 plugins/sudoers/iolog_util.c:141
+#: plugins/sudoers/iolog_util.c:149 plugins/sudoers/iolog_util.c:153
+#: plugins/sudoers/ldap.c:183 plugins/sudoers/ldap.c:414
+#: plugins/sudoers/ldap.c:418 plugins/sudoers/ldap.c:430
+#: plugins/sudoers/ldap.c:721 plugins/sudoers/ldap.c:885
+#: plugins/sudoers/ldap.c:1233 plugins/sudoers/ldap.c:1660
+#: plugins/sudoers/ldap.c:1697 plugins/sudoers/ldap.c:1778
+#: plugins/sudoers/ldap.c:1913 plugins/sudoers/ldap.c:2014
+#: plugins/sudoers/ldap.c:2030 plugins/sudoers/ldap_conf.c:221
+#: plugins/sudoers/ldap_conf.c:252 plugins/sudoers/ldap_conf.c:304
+#: plugins/sudoers/ldap_conf.c:340 plugins/sudoers/ldap_conf.c:443
+#: plugins/sudoers/ldap_conf.c:458 plugins/sudoers/ldap_conf.c:555
+#: plugins/sudoers/ldap_conf.c:588 plugins/sudoers/ldap_conf.c:680
+#: plugins/sudoers/ldap_conf.c:762 plugins/sudoers/ldap_util.c:508
+#: plugins/sudoers/ldap_util.c:564 plugins/sudoers/linux_audit.c:81
+#: plugins/sudoers/logging.c:195 plugins/sudoers/logging.c:511
+#: plugins/sudoers/logging.c:532 plugins/sudoers/logging.c:573
+#: plugins/sudoers/logging.c:752 plugins/sudoers/logging.c:1010
+#: plugins/sudoers/match.c:725 plugins/sudoers/match.c:772
+#: plugins/sudoers/match.c:813 plugins/sudoers/match.c:841
+#: plugins/sudoers/match.c:929 plugins/sudoers/match.c:1009
+#: plugins/sudoers/parse.c:195 plugins/sudoers/parse.c:207
+#: plugins/sudoers/parse.c:222 plugins/sudoers/parse.c:234
+#: plugins/sudoers/parse_ldif.c:141 plugins/sudoers/parse_ldif.c:168
+#: plugins/sudoers/parse_ldif.c:237 plugins/sudoers/parse_ldif.c:244
+#: plugins/sudoers/parse_ldif.c:249 plugins/sudoers/parse_ldif.c:325
+#: plugins/sudoers/parse_ldif.c:336 plugins/sudoers/parse_ldif.c:342
+#: plugins/sudoers/parse_ldif.c:367 plugins/sudoers/parse_ldif.c:379
+#: plugins/sudoers/parse_ldif.c:383 plugins/sudoers/parse_ldif.c:397
+#: plugins/sudoers/parse_ldif.c:564 plugins/sudoers/parse_ldif.c:594
+#: plugins/sudoers/parse_ldif.c:619 plugins/sudoers/parse_ldif.c:679
+#: plugins/sudoers/parse_ldif.c:698 plugins/sudoers/parse_ldif.c:744
+#: plugins/sudoers/parse_ldif.c:754 plugins/sudoers/policy.c:502
+#: plugins/sudoers/policy.c:744 plugins/sudoers/prompt.c:98
+#: plugins/sudoers/pwutil.c:197 plugins/sudoers/pwutil.c:269
+#: plugins/sudoers/pwutil.c:346 plugins/sudoers/pwutil.c:520
+#: plugins/sudoers/pwutil.c:586 plugins/sudoers/pwutil.c:656
+#: plugins/sudoers/pwutil.c:814 plugins/sudoers/pwutil.c:871
+#: plugins/sudoers/pwutil.c:916 plugins/sudoers/pwutil.c:974
+#: plugins/sudoers/sssd.c:152 plugins/sudoers/sssd.c:398
+#: plugins/sudoers/sssd.c:461 plugins/sudoers/sssd.c:505
+#: plugins/sudoers/sssd.c:552 plugins/sudoers/sssd.c:743
+#: plugins/sudoers/stubs.c:101 plugins/sudoers/stubs.c:109
+#: plugins/sudoers/sudoers.c:269 plugins/sudoers/sudoers.c:279
+#: plugins/sudoers/sudoers.c:288 plugins/sudoers/sudoers.c:330
+#: plugins/sudoers/sudoers.c:653 plugins/sudoers/sudoers.c:779
+#: plugins/sudoers/sudoers.c:823 plugins/sudoers/sudoers.c:1097
+#: plugins/sudoers/sudoers_debug.c:112 plugins/sudoers/sudoreplay.c:579
+#: plugins/sudoers/sudoreplay.c:582 plugins/sudoers/sudoreplay.c:1259
+#: plugins/sudoers/sudoreplay.c:1459 plugins/sudoers/sudoreplay.c:1463
+#: plugins/sudoers/testsudoers.c:134 plugins/sudoers/testsudoers.c:234
+#: plugins/sudoers/testsudoers.c:251 plugins/sudoers/testsudoers.c:585
+#: plugins/sudoers/timestamp.c:437 plugins/sudoers/timestamp.c:481
+#: plugins/sudoers/timestamp.c:958 plugins/sudoers/toke_util.c:57
+#: plugins/sudoers/toke_util.c:110 plugins/sudoers/toke_util.c:147
+#: plugins/sudoers/tsdump.c:128 plugins/sudoers/visudo.c:150
+#: plugins/sudoers/visudo.c:312 plugins/sudoers/visudo.c:318
+#: plugins/sudoers/visudo.c:428 plugins/sudoers/visudo.c:606
+#: plugins/sudoers/visudo.c:926 plugins/sudoers/visudo.c:1013
+#: plugins/sudoers/visudo.c:1102 toke.l:844 toke.l:945 toke.l:1102
+msgid "unable to allocate memory"
+msgstr "klarte ikke å tildele minne"
+
+#: gram.y:482
+msgid "a digest requires a path name"
+msgstr "kontrollsummering krever at du velger et stinavn"
+
+#: gram.y:608
+msgid "invalid notbefore value"
+msgstr "ugyldig «notbefore»-verdi"
+
+#: gram.y:616
+msgid "invalid notafter value"
+msgstr "ugyldig «notafter»-verdi"
+
+#: gram.y:625 plugins/sudoers/policy.c:318
+msgid "timeout value too large"
+msgstr "for langt tidsavbrudd"
+
+#: gram.y:627 plugins/sudoers/policy.c:320
+msgid "invalid timeout value"
+msgstr "ugyldig tidsavbrudd"
+
+#: gram.y:1294 plugins/sudoers/auth/pam.c:354 plugins/sudoers/auth/pam.c:524
+#: plugins/sudoers/auth/rfc1938.c:114 plugins/sudoers/cvtsudoers.c:123
+#: plugins/sudoers/cvtsudoers.c:163 plugins/sudoers/cvtsudoers.c:180
+#: plugins/sudoers/cvtsudoers.c:191 plugins/sudoers/cvtsudoers.c:303
+#: plugins/sudoers/cvtsudoers.c:431 plugins/sudoers/cvtsudoers.c:564
+#: plugins/sudoers/cvtsudoers.c:581 plugins/sudoers/cvtsudoers.c:645
+#: plugins/sudoers/cvtsudoers.c:760 plugins/sudoers/cvtsudoers.c:767
+#: plugins/sudoers/cvtsudoers.c:1178 plugins/sudoers/cvtsudoers.c:1182
+#: plugins/sudoers/cvtsudoers.c:1284 plugins/sudoers/cvtsudoers_ldif.c:151
+#: plugins/sudoers/cvtsudoers_ldif.c:194 plugins/sudoers/cvtsudoers_ldif.c:241
+#: plugins/sudoers/cvtsudoers_ldif.c:260 plugins/sudoers/cvtsudoers_ldif.c:331
+#: plugins/sudoers/cvtsudoers_ldif.c:386 plugins/sudoers/cvtsudoers_ldif.c:394
+#: plugins/sudoers/cvtsudoers_ldif.c:411 plugins/sudoers/cvtsudoers_ldif.c:420
+#: plugins/sudoers/cvtsudoers_ldif.c:567 plugins/sudoers/defaults.c:661
+#: plugins/sudoers/defaults.c:954 plugins/sudoers/defaults.c:1125
+#: plugins/sudoers/editor.c:70 plugins/sudoers/editor.c:88
+#: plugins/sudoers/editor.c:99 plugins/sudoers/env.c:247
+#: plugins/sudoers/filedigest.c:64 plugins/sudoers/filedigest.c:80
+#: plugins/sudoers/gc.c:57 plugins/sudoers/group_plugin.c:136
+#: plugins/sudoers/interfaces.c:76 plugins/sudoers/iolog.c:939
+#: plugins/sudoers/iolog_path.c:172 plugins/sudoers/iolog_util.c:83
+#: plugins/sudoers/iolog_util.c:122 plugins/sudoers/iolog_util.c:131
+#: plugins/sudoers/iolog_util.c:141 plugins/sudoers/iolog_util.c:149
+#: plugins/sudoers/iolog_util.c:153 plugins/sudoers/ldap.c:183
+#: plugins/sudoers/ldap.c:414 plugins/sudoers/ldap.c:418
+#: plugins/sudoers/ldap.c:430 plugins/sudoers/ldap.c:721
+#: plugins/sudoers/ldap.c:885 plugins/sudoers/ldap.c:1233
+#: plugins/sudoers/ldap.c:1660 plugins/sudoers/ldap.c:1697
+#: plugins/sudoers/ldap.c:1778 plugins/sudoers/ldap.c:1913
+#: plugins/sudoers/ldap.c:2014 plugins/sudoers/ldap.c:2030
+#: plugins/sudoers/ldap_conf.c:221 plugins/sudoers/ldap_conf.c:252
+#: plugins/sudoers/ldap_conf.c:304 plugins/sudoers/ldap_conf.c:340
+#: plugins/sudoers/ldap_conf.c:443 plugins/sudoers/ldap_conf.c:458
+#: plugins/sudoers/ldap_conf.c:555 plugins/sudoers/ldap_conf.c:588
+#: plugins/sudoers/ldap_conf.c:679 plugins/sudoers/ldap_conf.c:762
+#: plugins/sudoers/ldap_util.c:508 plugins/sudoers/ldap_util.c:564
+#: plugins/sudoers/linux_audit.c:81 plugins/sudoers/logging.c:195
+#: plugins/sudoers/logging.c:511 plugins/sudoers/logging.c:532
+#: plugins/sudoers/logging.c:572 plugins/sudoers/logging.c:1010
+#: plugins/sudoers/match.c:724 plugins/sudoers/match.c:771
+#: plugins/sudoers/match.c:813 plugins/sudoers/match.c:841
+#: plugins/sudoers/match.c:929 plugins/sudoers/match.c:1008
+#: plugins/sudoers/parse.c:194 plugins/sudoers/parse.c:206
+#: plugins/sudoers/parse.c:221 plugins/sudoers/parse.c:233
+#: plugins/sudoers/parse_ldif.c:140 plugins/sudoers/parse_ldif.c:167
+#: plugins/sudoers/parse_ldif.c:236 plugins/sudoers/parse_ldif.c:243
+#: plugins/sudoers/parse_ldif.c:248 plugins/sudoers/parse_ldif.c:324
+#: plugins/sudoers/parse_ldif.c:335 plugins/sudoers/parse_ldif.c:341
+#: plugins/sudoers/parse_ldif.c:366 plugins/sudoers/parse_ldif.c:378
+#: plugins/sudoers/parse_ldif.c:382 plugins/sudoers/parse_ldif.c:396
+#: plugins/sudoers/parse_ldif.c:564 plugins/sudoers/parse_ldif.c:593
+#: plugins/sudoers/parse_ldif.c:618 plugins/sudoers/parse_ldif.c:678
+#: plugins/sudoers/parse_ldif.c:697 plugins/sudoers/parse_ldif.c:743
+#: plugins/sudoers/parse_ldif.c:753 plugins/sudoers/policy.c:132
+#: plugins/sudoers/policy.c:141 plugins/sudoers/policy.c:150
+#: plugins/sudoers/policy.c:176 plugins/sudoers/policy.c:303
+#: plugins/sudoers/policy.c:318 plugins/sudoers/policy.c:320
+#: plugins/sudoers/policy.c:346 plugins/sudoers/policy.c:356
+#: plugins/sudoers/policy.c:400 plugins/sudoers/policy.c:410
+#: plugins/sudoers/policy.c:419 plugins/sudoers/policy.c:428
+#: plugins/sudoers/policy.c:502 plugins/sudoers/policy.c:744
+#: plugins/sudoers/prompt.c:98 plugins/sudoers/pwutil.c:197
+#: plugins/sudoers/pwutil.c:269 plugins/sudoers/pwutil.c:346
+#: plugins/sudoers/pwutil.c:520 plugins/sudoers/pwutil.c:586
+#: plugins/sudoers/pwutil.c:656 plugins/sudoers/pwutil.c:814
+#: plugins/sudoers/pwutil.c:871 plugins/sudoers/pwutil.c:916
+#: plugins/sudoers/pwutil.c:974 plugins/sudoers/set_perms.c:392
+#: plugins/sudoers/set_perms.c:771 plugins/sudoers/set_perms.c:1155
+#: plugins/sudoers/set_perms.c:1481 plugins/sudoers/set_perms.c:1646
+#: plugins/sudoers/sssd.c:151 plugins/sudoers/sssd.c:398
+#: plugins/sudoers/sssd.c:461 plugins/sudoers/sssd.c:505
+#: plugins/sudoers/sssd.c:552 plugins/sudoers/sssd.c:743
+#: plugins/sudoers/stubs.c:101 plugins/sudoers/stubs.c:109
+#: plugins/sudoers/sudoers.c:269 plugins/sudoers/sudoers.c:279
+#: plugins/sudoers/sudoers.c:288 plugins/sudoers/sudoers.c:330
+#: plugins/sudoers/sudoers.c:653 plugins/sudoers/sudoers.c:779
+#: plugins/sudoers/sudoers.c:823 plugins/sudoers/sudoers.c:1097
+#: plugins/sudoers/sudoers_debug.c:111 plugins/sudoers/sudoreplay.c:579
+#: plugins/sudoers/sudoreplay.c:582 plugins/sudoers/sudoreplay.c:1259
+#: plugins/sudoers/sudoreplay.c:1459 plugins/sudoers/sudoreplay.c:1463
+#: plugins/sudoers/testsudoers.c:134 plugins/sudoers/testsudoers.c:234
+#: plugins/sudoers/testsudoers.c:251 plugins/sudoers/testsudoers.c:585
+#: plugins/sudoers/timestamp.c:437 plugins/sudoers/timestamp.c:481
+#: plugins/sudoers/timestamp.c:958 plugins/sudoers/toke_util.c:57
+#: plugins/sudoers/toke_util.c:110 plugins/sudoers/toke_util.c:147
+#: plugins/sudoers/tsdump.c:128 plugins/sudoers/visudo.c:150
+#: plugins/sudoers/visudo.c:312 plugins/sudoers/visudo.c:318
+#: plugins/sudoers/visudo.c:428 plugins/sudoers/visudo.c:606
+#: plugins/sudoers/visudo.c:926 plugins/sudoers/visudo.c:1013
+#: plugins/sudoers/visudo.c:1102 toke.l:844 toke.l:945 toke.l:1102
+#, c-format
+msgid "%s: %s"
+msgstr "%s: %s"
+
+#: plugins/sudoers/alias.c:148
+#, c-format
+msgid "Alias \"%s\" already defined"
+msgstr "Alias «%s» er allerede definert"
+
+#: plugins/sudoers/auth/bsdauth.c:73
+#, c-format
+msgid "unable to get login class for user %s"
+msgstr "klarte ikke å hente innloggingsklasse for brukeren %s"
+
+#: plugins/sudoers/auth/bsdauth.c:78
+msgid "unable to begin bsd authentication"
+msgstr "klarte ikke å starte bsd-autentisering"
+
+#: plugins/sudoers/auth/bsdauth.c:86
+msgid "invalid authentication type"
+msgstr "ugyldig autentiseringstype"
+
+#: plugins/sudoers/auth/bsdauth.c:95
+msgid "unable to initialize BSD authentication"
+msgstr "klarte ikke å starte opp BSD-autentisering"
+
+#: plugins/sudoers/auth/bsdauth.c:183
+msgid "your account has expired"
+msgstr "kontoen din er utgått"
+
+#: plugins/sudoers/auth/bsdauth.c:185
+msgid "approval failed"
+msgstr "godkjenning mislyktes"
+
+#: plugins/sudoers/auth/fwtk.c:57
+msgid "unable to read fwtk config"
+msgstr "klarte ikke å lese fwtk-innstillinger"
+
+#: plugins/sudoers/auth/fwtk.c:62
+msgid "unable to connect to authentication server"
+msgstr "klarte ikke å koble til autentiseringstjener"
+
+#: plugins/sudoers/auth/fwtk.c:68 plugins/sudoers/auth/fwtk.c:92
+#: plugins/sudoers/auth/fwtk.c:124
+msgid "lost connection to authentication server"
+msgstr "tilkobling til autentiseringstjener ble brutt"
+
+#: plugins/sudoers/auth/fwtk.c:72
+#, c-format
+msgid ""
+"authentication server error:\n"
+"%s"
+msgstr ""
+"det oppstod en feil med autentiseringstjener:\n"
+"%s"
+
+#: plugins/sudoers/auth/kerb5.c:113
+#, c-format
+msgid "%s: unable to convert principal to string ('%s'): %s"
+msgstr "%s: klarte ikke å konvertere fullmaktsgiver til streng («%s»). %s"
+
+#: plugins/sudoers/auth/kerb5.c:163
+#, c-format
+msgid "%s: unable to parse '%s': %s"
+msgstr "%s: klarte ikke å tolke «%s». %s"
+
+#: plugins/sudoers/auth/kerb5.c:172
+#, c-format
+msgid "%s: unable to resolve credential cache: %s"
+msgstr "%s: klarte ikke å slå opp i akkreditiv-hurtiglager. %s"
+
+#: plugins/sudoers/auth/kerb5.c:219
+#, c-format
+msgid "%s: unable to allocate options: %s"
+msgstr "%s: klarte ikke å tildele innstillinger. %s"
+
+#: plugins/sudoers/auth/kerb5.c:234
+#, c-format
+msgid "%s: unable to get credentials: %s"
+msgstr "%s: klarte ikke å hente akkreditiver. %s"
+
+#: plugins/sudoers/auth/kerb5.c:247
+#, c-format
+msgid "%s: unable to initialize credential cache: %s"
+msgstr "%s: klarte ikke å starte opp akkreditiv-hurtiglager. %s"
+
+#: plugins/sudoers/auth/kerb5.c:250
+#, c-format
+msgid "%s: unable to store credential in cache: %s"
+msgstr "%s: klarte ikke å lagre akkreditiv i hurtiglager. %s"
+
+#: plugins/sudoers/auth/kerb5.c:314
+#, c-format
+msgid "%s: unable to get host principal: %s"
+msgstr "%s: klarte ikke å hente vertens fullmaktsgiver. %s"
+
+#: plugins/sudoers/auth/kerb5.c:328
+#, c-format
+msgid "%s: Cannot verify TGT! Possible attack!: %s"
+msgstr "%s: Klarte ikke å bekrefte TGT! Dette kan være et tegn på at du er under angrep! %s"
+
+#: plugins/sudoers/auth/pam.c:113
+msgid "unable to initialize PAM"
+msgstr "klarte ikke å starte opp PAM"
+
+#: plugins/sudoers/auth/pam.c:204
+#, c-format
+msgid "PAM authentication error: %s"
+msgstr "Feil ved PAM-autentisering. %s"
+
+#: plugins/sudoers/auth/pam.c:221
+msgid "account validation failure, is your account locked?"
+msgstr "det oppstod en feil ved validering av brukerkonto. Er kontoen din sperret?"
+
+#: plugins/sudoers/auth/pam.c:229
+msgid "Account or password is expired, reset your password and try again"
+msgstr "Kontoen eller passordet er utgått. Tilbakestill passordet ditt og prøv igjen"
+
+#: plugins/sudoers/auth/pam.c:238
+#, c-format
+msgid "unable to change expired password: %s"
+msgstr "klarte ikke å endre et utgått passord. %s"
+
+#: plugins/sudoers/auth/pam.c:246
+msgid "Password expired, contact your system administrator"
+msgstr "Passordet er utgått. Kontakt systemadministratoren"
+
+#: plugins/sudoers/auth/pam.c:250
+msgid "Account expired or PAM config lacks an \"account\" section for sudo, contact your system administrator"
+msgstr "Kontoen er utgått, eller PAM-innstillingene mangler en «account»-del for sudo. Kontakt systemadministratoren"
+
+#: plugins/sudoers/auth/pam.c:257 plugins/sudoers/auth/pam.c:262
+#, c-format
+msgid "PAM account management error: %s"
+msgstr "Feil med PAM-kontohåndtering: %s"
+
+#: plugins/sudoers/auth/rfc1938.c:102 plugins/sudoers/visudo.c:232
+#, c-format
+msgid "you do not exist in the %s database"
+msgstr "du finnes ikke i %s-databasen"
+
+#: plugins/sudoers/auth/securid5.c:75
+msgid "failed to initialise the ACE API library"
+msgstr "klarte ikke å starte opp ACE API-biblioteket"
+
+#: plugins/sudoers/auth/securid5.c:101
+msgid "unable to contact the SecurID server"
+msgstr "klarte ikke å kontakte SecurID-tjener"
+
+#: plugins/sudoers/auth/securid5.c:110
+msgid "User ID locked for SecurID Authentication"
+msgstr "Bruker-ID-en er sperret fra SecurID-autentisering"
+
+#: plugins/sudoers/auth/securid5.c:114 plugins/sudoers/auth/securid5.c:165
+msgid "invalid username length for SecurID"
+msgstr "lengden på brukernavnet er ugyldig for SecurID"
+
+#: plugins/sudoers/auth/securid5.c:118 plugins/sudoers/auth/securid5.c:170
+msgid "invalid Authentication Handle for SecurID"
+msgstr "ugyldig autentiseringshåndtak for SecurID"
+
+#: plugins/sudoers/auth/securid5.c:122
+msgid "SecurID communication failed"
+msgstr "Det oppstod en feil under kommunikasjon med SecurID"
+
+#: plugins/sudoers/auth/securid5.c:126 plugins/sudoers/auth/securid5.c:215
+msgid "unknown SecurID error"
+msgstr "ukjent SecurID-feil"
+
+#: plugins/sudoers/auth/securid5.c:160
+msgid "invalid passcode length for SecurID"
+msgstr "kodelengden er ugyldig for SecurID"
+
+#: plugins/sudoers/auth/sia.c:72 plugins/sudoers/auth/sia.c:127
+msgid "unable to initialize SIA session"
+msgstr "kalrte ikke å starte opp SIA-økt"
+
+#: plugins/sudoers/auth/sudo_auth.c:136
+msgid "invalid authentication methods"
+msgstr "ugyldige autentiseringsmetoder"
+
+#: plugins/sudoers/auth/sudo_auth.c:138
+msgid "Invalid authentication methods compiled into sudo!  You may not mix standalone and non-standalone authentication."
+msgstr "Din installasjon av sudo har ugyldige autentiseringsmetoder! Du kan ikke blande selvgående og tjeneravhengige autentiseringsmetoder."
+
+#: plugins/sudoers/auth/sudo_auth.c:259 plugins/sudoers/auth/sudo_auth.c:309
+msgid "no authentication methods"
+msgstr "fant ingen autentiseringsmetoder"
+
+#: plugins/sudoers/auth/sudo_auth.c:261
+msgid "There are no authentication methods compiled into sudo!  If you want to turn off authentication, use the --disable-authentication configure option."
+msgstr "Din installasjon av sudo har ingen autentiseringsmetoder tilgjengelig! Bruk valget «--disable-authentication» hvis du vil skru av autentisering."
+
+#: plugins/sudoers/auth/sudo_auth.c:311
+msgid "Unable to initialize authentication methods."
+msgstr "Klarte ikke å starte opp autentiseringsmetoder."
+
+#: plugins/sudoers/auth/sudo_auth.c:477
+msgid "Authentication methods:"
+msgstr "Autentiseringsmetoder:"
+
+#: plugins/sudoers/bsm_audit.c:123 plugins/sudoers/bsm_audit.c:215
+msgid "Could not determine audit condition"
+msgstr "Klarte ikke å finne revisjonsstatus"
+
+#: plugins/sudoers/bsm_audit.c:188 plugins/sudoers/bsm_audit.c:279
+msgid "unable to commit audit record"
+msgstr "klarte ikke å kjøre revisjonsoppføring"
+
+#: plugins/sudoers/check.c:267
+msgid ""
+"\n"
+"We trust you have received the usual lecture from the local System\n"
+"Administrator. It usually boils down to these three things:\n"
+"\n"
+"    #1) Respect the privacy of others.\n"
+"    #2) Think before you type.\n"
+"    #3) With great power comes great responsibility.\n"
+"\n"
+msgstr ""
+"\n"
+"Vi går ut i fra at systemadministrator har gitt deg en\n"
+"typisk moralpreken om det du gjør. Det koker som regel ned til tre ting:\n"
+"\n"
+"    #1) Ha respekt for andres privatliv og personvern.\n"
+"    #2) Tenk før du skriver.\n"
+"    #3) Makt medfører plikt og ansvar.\n"
+"\n"
+
+#: plugins/sudoers/check.c:310 plugins/sudoers/check.c:320
+#: plugins/sudoers/sudoers.c:696 plugins/sudoers/sudoers.c:741
+#: plugins/sudoers/tsdump.c:124
+#, c-format
+msgid "unknown uid: %u"
+msgstr "uid-en «%u» er ukjent"
+
+#: plugins/sudoers/check.c:315 plugins/sudoers/iolog.c:253
+#: plugins/sudoers/policy.c:915 plugins/sudoers/sudoers.c:1136
+#: plugins/sudoers/testsudoers.c:225 plugins/sudoers/testsudoers.c:398
+#, c-format
+msgid "unknown user: %s"
+msgstr "brukeren %s er ukjent"
+
+#: plugins/sudoers/cvtsudoers.c:198
+#, c-format
+msgid "order increment: %s: %s"
+msgstr "økning: %s: %s"
+
+#: plugins/sudoers/cvtsudoers.c:214
+#, c-format
+msgid "starting order: %s: %s"
+msgstr "begynnende rekkefølge: %s: %s"
+
+#: plugins/sudoers/cvtsudoers.c:224
+#, c-format
+msgid "order padding: %s: %s"
+msgstr "sorteringsutfylling: %s: %s"
+
+#: plugins/sudoers/cvtsudoers.c:232 plugins/sudoers/sudoreplay.c:287
+#: plugins/sudoers/visudo.c:182
+#, c-format
+msgid "%s version %s\n"
+msgstr "%s versjon %s\n"
+
+#: plugins/sudoers/cvtsudoers.c:234 plugins/sudoers/visudo.c:184
+#, c-format
+msgid "%s grammar version %d\n"
+msgstr "%s gramatikkversjon %d\n"
+
+#: plugins/sudoers/cvtsudoers.c:251 plugins/sudoers/testsudoers.c:173
+#, c-format
+msgid "unsupported input format %s"
+msgstr "inndata-format %s støttes ikke"
+
+#: plugins/sudoers/cvtsudoers.c:266
+#, c-format
+msgid "unsupported output format %s"
+msgstr "utdata-format %s støttes ikke"
+
+#: plugins/sudoers/cvtsudoers.c:318
+#, c-format
+msgid "%s: input and output files must be different"
+msgstr "%s: inndata- og utdatafiler må være ulike"
+
+#: plugins/sudoers/cvtsudoers.c:334 plugins/sudoers/sudoers.c:172
+#: plugins/sudoers/testsudoers.c:264 plugins/sudoers/visudo.c:238
+#: plugins/sudoers/visudo.c:594 plugins/sudoers/visudo.c:917
+msgid "unable to initialize sudoers default values"
+msgstr "klarte ikke å laste inn standardverdier for sudoers"
+
+#: plugins/sudoers/cvtsudoers.c:420 plugins/sudoers/ldap_conf.c:433
+#, c-format
+msgid "%s: %s: %s: %s"
+msgstr "%s: %s: %s: %s"
+
+#: plugins/sudoers/cvtsudoers.c:479
+#, c-format
+msgid "%s: unknown key word: %s"
+msgstr "%s: nøkkelord %s er ukjent"
+
+#: plugins/sudoers/cvtsudoers.c:525
+#, c-format
+msgid "invalid defaults type: %s"
+msgstr "%s er en ukjent forvalgtype"
+
+#: plugins/sudoers/cvtsudoers.c:548
+#, c-format
+msgid "invalid suppression type: %s"
+msgstr "%s er en ukjent utelatelsestype"
+
+#: plugins/sudoers/cvtsudoers.c:588 plugins/sudoers/cvtsudoers.c:602
+#, c-format
+msgid "invalid filter: %s"
+msgstr "%s er et ugyldig filter"
+
+#: plugins/sudoers/cvtsudoers.c:621 plugins/sudoers/cvtsudoers.c:638
+#: plugins/sudoers/cvtsudoers.c:1244 plugins/sudoers/cvtsudoers_json.c:1128
+#: plugins/sudoers/cvtsudoers_ldif.c:641 plugins/sudoers/iolog.c:411
+#: plugins/sudoers/iolog_util.c:72 plugins/sudoers/sudoers.c:903
+#: plugins/sudoers/sudoreplay.c:333 plugins/sudoers/sudoreplay.c:1425
+#: plugins/sudoers/timestamp.c:446 plugins/sudoers/tsdump.c:133
+#: plugins/sudoers/visudo.c:913
+#, c-format
+msgid "unable to open %s"
+msgstr "klarte ikke å åpne %s"
+
+#: plugins/sudoers/cvtsudoers.c:641 plugins/sudoers/visudo.c:922
+#, c-format
+msgid "failed to parse %s file, unknown error"
+msgstr "klarte ikke å tolke %s. Ukjent feil"
+
+#: plugins/sudoers/cvtsudoers.c:649 plugins/sudoers/visudo.c:939
+#, c-format
+msgid "parse error in %s near line %d\n"
+msgstr "tolkefeil i %s ved linje %d\n"
+
+#: plugins/sudoers/cvtsudoers.c:652 plugins/sudoers/visudo.c:942
+#, c-format
+msgid "parse error in %s\n"
+msgstr "tolkefeil i %s\n"
+
+#: plugins/sudoers/cvtsudoers.c:1291 plugins/sudoers/iolog.c:498
+#: plugins/sudoers/sudoreplay.c:1129 plugins/sudoers/timestamp.c:330
+#: plugins/sudoers/timestamp.c:333
+#, c-format
+msgid "unable to write to %s"
+msgstr "klarte ikke å skrive til %s"
+
+#: plugins/sudoers/cvtsudoers.c:1314
+#, c-format
+msgid ""
+"%s - convert between sudoers file formats\n"
+"\n"
+msgstr ""
+"%s - konverter mellom «sudoers»-filformater\n"
+"\n"
+
+#: plugins/sudoers/cvtsudoers.c:1316
+msgid ""
+"\n"
+"Options:\n"
+"  -b, --base=dn              the base DN for sudo LDAP queries\n"
+"  -d, --defaults=deftypes    only convert Defaults of the specified types\n"
+"  -e, --expand-aliases       expand aliases when converting\n"
+"  -f, --output-format=format set output format: JSON, LDIF or sudoers\n"
+"  -i, --input-format=format  set input format: LDIF or sudoers\n"
+"  -I, --increment=num        amount to increase each sudoOrder by\n"
+"  -h, --help                 display help message and exit\n"
+"  -m, --match=filter         only convert entries that match the filter\n"
+"  -M, --match-local          match filter uses passwd and group databases\n"
+"  -o, --output=output_file   write converted sudoers to output_file\n"
+"  -O, --order-start=num      starting point for first sudoOrder\n"
+"  -p, --prune-matches        prune non-matching users, groups and hosts\n"
+"  -P, --padding=num          base padding for sudoOrder increment\n"
+"  -s, --suppress=sections    suppress output of certain sections\n"
+"  -V, --version              display version information and exit"
+msgstr ""
+"\n"
+"Valg:\n"
+"  -b, --base=dn              base-domenenavn for sudo LDAP-forespørsler\n"
+"  -d, --defaults=deftypes    bare konverter standardverdier av valgte typer\n"
+"  -e, --expand-aliases       utvid aliaser ved konvertering\n"
+"  -f, --output-format=format velg utdata-format («JSON», «LDIF» eller «sudoers»)\n"
+"  -i, --input-format=format  velg inndata-format («LDIF» eller «sudoers»)\n"
+"  -I, --increment=tall       mengde som hver sudoOrder skal økes med\n"
+"  -h, --help                 vis hjelpetekst og avslutt\n"
+"  -m, --match=filter         bare konverter oppføringer som samsvarer med valgt filter\n"
+"  -M, --match-local          filtrer på passwd- og group-databaser\n"
+"  -o, --output=utdatafile    lagre konvertert sudoers i valgt utdatafil\n"
+"  -O, --order-start=num      startpunkt for første sudoOrder\n"
+"  -p, --prune-matches        fjern brukere, grupper og vertsnavn som ikke samsvarer\n"
+"  -P, --padding=num          grunnutfylling for sudoOrder-økning\n"
+"  -s, --suppress=områder     fjern utdata for valgte områder\n"
+"  -V, --version              vis versjonsinfo og avslutt"
+
+#: plugins/sudoers/cvtsudoers_json.c:682 plugins/sudoers/cvtsudoers_json.c:718
+#: plugins/sudoers/cvtsudoers_json.c:936
+#, c-format
+msgid "unknown defaults entry \"%s\""
+msgstr "forvalg «%s» er ukjent"
+
+#: plugins/sudoers/cvtsudoers_json.c:856 plugins/sudoers/cvtsudoers_json.c:871
+#: plugins/sudoers/cvtsudoers_ldif.c:306 plugins/sudoers/cvtsudoers_ldif.c:317
+#: plugins/sudoers/ldap.c:480
+msgid "unable to get GMT time"
+msgstr "klarte ikke å hente GMT-tid"
+
+#: plugins/sudoers/cvtsudoers_json.c:859 plugins/sudoers/cvtsudoers_json.c:874
+#: plugins/sudoers/cvtsudoers_ldif.c:309 plugins/sudoers/cvtsudoers_ldif.c:320
+#: plugins/sudoers/ldap.c:486
+msgid "unable to format timestamp"
+msgstr "klarte ikke å formatere tidsstempel"
+
+#: plugins/sudoers/cvtsudoers_ldif.c:524 plugins/sudoers/env.c:309
+#: plugins/sudoers/env.c:316 plugins/sudoers/env.c:421
+#: plugins/sudoers/ldap.c:494 plugins/sudoers/ldap.c:725
+#: plugins/sudoers/ldap.c:1052 plugins/sudoers/ldap_conf.c:225
+#: plugins/sudoers/ldap_conf.c:315 plugins/sudoers/linux_audit.c:87
+#: plugins/sudoers/logging.c:1015 plugins/sudoers/policy.c:623
+#: plugins/sudoers/policy.c:633 plugins/sudoers/prompt.c:166
+#: plugins/sudoers/sudoers.c:845 plugins/sudoers/testsudoers.c:255
+#: plugins/sudoers/toke_util.c:159
+#, c-format
+msgid "internal error, %s overflow"
+msgstr "intern feil: %s er full"
+
+#: plugins/sudoers/cvtsudoers_ldif.c:593
+#, c-format
+msgid "too many sudoers entries, maximum %u"
+msgstr "sudoers inneholder for mange linjer. Maksgrense er %u"
+
+#: plugins/sudoers/cvtsudoers_ldif.c:636
+msgid "the SUDOERS_BASE environment variable is not set and the -b option was not specified."
+msgstr "miljøvariabel «SUDOERS_BASE» er tom, og «-b» er ikke valgt."
+
+#: plugins/sudoers/def_data.c:42
+#, c-format
+msgid "Syslog facility if syslog is being used for logging: %s"
+msgstr "Syslog-plassering, hvis syslog brukes til loggføring: %s"
+
+#: plugins/sudoers/def_data.c:46
+#, c-format
+msgid "Syslog priority to use when user authenticates successfully: %s"
+msgstr "Syslog-prioritet når brukeren har autentisert seg: %s"
+
+#: plugins/sudoers/def_data.c:50
+#, c-format
+msgid "Syslog priority to use when user authenticates unsuccessfully: %s"
+msgstr "Syslog-prioritet når brukeren ikke har klart å autentisere seg: %s"
+
+#: plugins/sudoers/def_data.c:54
+msgid "Put OTP prompt on its own line"
+msgstr "Legg OTP-ledetekst på egen linje"
+
+#: plugins/sudoers/def_data.c:58
+msgid "Ignore '.' in $PATH"
+msgstr "Ignorer «.» i $PATH"
+
+#: plugins/sudoers/def_data.c:62
+msgid "Always send mail when sudo is run"
+msgstr "Send alltid e-post når noen kjører sudo"
+
+#: plugins/sudoers/def_data.c:66
+msgid "Send mail if user authentication fails"
+msgstr "Send e-post hvis en bruker mislykkes i å autentisere seg"
+
+#: plugins/sudoers/def_data.c:70
+msgid "Send mail if the user is not in sudoers"
+msgstr "Send e-post hvis bruker ikke finnes i sudoers-fil"
+
+#: plugins/sudoers/def_data.c:74
+msgid "Send mail if the user is not in sudoers for this host"
+msgstr "Send e-post hvis brukeren ikke finnes i sudoers-fil for denne verten"
+
+#: plugins/sudoers/def_data.c:78
+msgid "Send mail if the user is not allowed to run a command"
+msgstr "Send e-post hvis brukeren ikke har lov til å kjøre en kommando"
+
+#: plugins/sudoers/def_data.c:82
+msgid "Send mail if the user tries to run a command"
+msgstr "Send e-post hvis brukeren prøver å kjøre en kommando"
+
+#: plugins/sudoers/def_data.c:86
+msgid "Use a separate timestamp for each user/tty combo"
+msgstr "Bruk separat tidsstempel for hver kombinasjon av bruker og tty"
+
+#: plugins/sudoers/def_data.c:90
+msgid "Lecture user the first time they run sudo"
+msgstr "Gi brukere en moralpreken første gang de kjører sudo"
+
+#: plugins/sudoers/def_data.c:94
+#, c-format
+msgid "File containing the sudo lecture: %s"
+msgstr "Fil som inneholder sudo-moralpreken: %s"
+
+#: plugins/sudoers/def_data.c:98
+msgid "Require users to authenticate by default"
+msgstr "Krev at brukere skal autentisere seg som standard"
+
+#: plugins/sudoers/def_data.c:102
+msgid "Root may run sudo"
+msgstr "Rotbruker kan kjøre sudo"
+
+#: plugins/sudoers/def_data.c:106
+msgid "Log the hostname in the (non-syslog) log file"
+msgstr "Ta med vertsnavn i loggfil (ikke syslog)"
+
+#: plugins/sudoers/def_data.c:110
+msgid "Log the year in the (non-syslog) log file"
+msgstr "Ta med år i loggfil (ikke syslog)"
+
+#: plugins/sudoers/def_data.c:114
+msgid "If sudo is invoked with no arguments, start a shell"
+msgstr "Start et skall hvis sudo kjøres uten argumenter"
+
+#: plugins/sudoers/def_data.c:118
+msgid "Set $HOME to the target user when starting a shell with -s"
+msgstr "Velg målbrukers $HOME når et skall startes med «-s»"
+
+#: plugins/sudoers/def_data.c:122
+msgid "Always set $HOME to the target user's home directory"
+msgstr "Bruk alltid målbrukers hjemmemappe som $HOME"
+
+#: plugins/sudoers/def_data.c:126
+msgid "Allow some information gathering to give useful error messages"
+msgstr "Tillat informasjonsinnhenting for å gjøre feilmeldingene nyttige"
+
+#: plugins/sudoers/def_data.c:130
+msgid "Require fully-qualified hostnames in the sudoers file"
+msgstr "Krev fullstendige vertsnavn i sudoers-fil"
+
+#: plugins/sudoers/def_data.c:134
+msgid "Insult the user when they enter an incorrect password"
+msgstr "Send brukere en fornærmelsestekst når de oppgir feil passord"
+
+#: plugins/sudoers/def_data.c:138
+msgid "Only allow the user to run sudo if they have a tty"
+msgstr "Bare tillat brukere å kjøre sudo hvis de bruker en tty"
+
+#: plugins/sudoers/def_data.c:142
+msgid "Visudo will honor the EDITOR environment variable"
+msgstr "Visudo tar hensyn til miljøvariabelen EDITOR"
+
+#: plugins/sudoers/def_data.c:146
+msgid "Prompt for root's password, not the users's"
+msgstr "Spør etter rotbrukers passord, i stedet for eget passord"
+
+#: plugins/sudoers/def_data.c:150
+msgid "Prompt for the runas_default user's password, not the users's"
+msgstr "Spør etter passord for «runas_default» i stedet for eget passord"
+
+#: plugins/sudoers/def_data.c:154
+msgid "Prompt for the target user's password, not the users's"
+msgstr "Spør etter målbrukers passord, i stedet for eget passord"
+
+#: plugins/sudoers/def_data.c:158
+msgid "Apply defaults in the target user's login class if there is one"
+msgstr "Bruk standardverdier i målbrukers innloggingsklasse, hvis den finnes"
+
+#: plugins/sudoers/def_data.c:162
+msgid "Set the LOGNAME and USER environment variables"
+msgstr "Gi verdier til miljøvariablene «LOGNAME» og «USER»"
+
+#: plugins/sudoers/def_data.c:166
+msgid "Only set the effective uid to the target user, not the real uid"
+msgstr "Velg målbrukers uid som effektiv uid, i stedet for faktisk uid"
+
+#: plugins/sudoers/def_data.c:170
+msgid "Don't initialize the group vector to that of the target user"
+msgstr "Ikke last inn målbrukers gruppevektor"
+
+#: plugins/sudoers/def_data.c:174
+#, c-format
+msgid "Length at which to wrap log file lines (0 for no wrap): %u"
+msgstr "Hvilken lengde linjer i loggfiler skal pakkes ned til (bruk 0 for å deaktivere pakking): %u"
+
+#: plugins/sudoers/def_data.c:178
+#, c-format
+msgid "Authentication timestamp timeout: %.1f minutes"
+msgstr "Tidsavbrudd for autentiseringstidsstempel: %.1f minutter"
+
+#: plugins/sudoers/def_data.c:182
+#, c-format
+msgid "Password prompt timeout: %.1f minutes"
+msgstr "Tidsavbrudd for passordetterspørsel: %.1f minutter"
+
+#: plugins/sudoers/def_data.c:186
+#, c-format
+msgid "Number of tries to enter a password: %u"
+msgstr "Antall forsøk på å skrive inn passord: %u"
+
+#: plugins/sudoers/def_data.c:190
+#, c-format
+msgid "Umask to use or 0777 to use user's: 0%o"
+msgstr "U-maske som skal brukes, eller 0777 for å bruke egen maske: 0%o"
+
+#: plugins/sudoers/def_data.c:194
+#, c-format
+msgid "Path to log file: %s"
+msgstr "Sti til loggfil: %s"
+
+#: plugins/sudoers/def_data.c:198
+#, c-format
+msgid "Path to mail program: %s"
+msgstr "Sti til e-postprogram: %s"
+
+#: plugins/sudoers/def_data.c:202
+#, c-format
+msgid "Flags for mail program: %s"
+msgstr "Valg for e-postprogram: %s"
+
+#: plugins/sudoers/def_data.c:206
+#, c-format
+msgid "Address to send mail to: %s"
+msgstr "Hvilken adresse det skal sendes e-post til: %s"
+
+#: plugins/sudoers/def_data.c:210
+#, c-format
+msgid "Address to send mail from: %s"
+msgstr "Hvilken adresse e-posten skal sendes fra: %s"
+
+#: plugins/sudoers/def_data.c:214
+#, c-format
+msgid "Subject line for mail messages: %s"
+msgstr "Emnelinje i e-postmeldinger: %s"
+
+#: plugins/sudoers/def_data.c:218
+#, c-format
+msgid "Incorrect password message: %s"
+msgstr "Melding om feil passord: %s"
+
+#: plugins/sudoers/def_data.c:222
+#, c-format
+msgid "Path to lecture status dir: %s"
+msgstr "Sti til mappe for moralpreken-status: %s"
+
+#: plugins/sudoers/def_data.c:226
+#, c-format
+msgid "Path to authentication timestamp dir: %s"
+msgstr "Sti til mappe for autentiseringstidsstempel: %s"
+
+#: plugins/sudoers/def_data.c:230
+#, c-format
+msgid "Owner of the authentication timestamp dir: %s"
+msgstr "Eieren av mappa for autentiseringstidsstempel: %s"
+
+#: plugins/sudoers/def_data.c:234
+#, c-format
+msgid "Users in this group are exempt from password and PATH requirements: %s"
+msgstr "Brukerne i denne gruppa fritas fra passord- og PATH-krav: %s"
+
+#: plugins/sudoers/def_data.c:238
+#, c-format
+msgid "Default password prompt: %s"
+msgstr "Standard passord-ledetekst: %s"
+
+#: plugins/sudoers/def_data.c:242
+msgid "If set, passprompt will override system prompt in all cases."
+msgstr "Hvis dette er valgt, blir system-ledetekst alltid overstyrt av passord-ledetekst."
+
+#: plugins/sudoers/def_data.c:246
+#, c-format
+msgid "Default user to run commands as: %s"
+msgstr "Standardbruker for kjøring av kommandoer: %s"
+
+#: plugins/sudoers/def_data.c:250
+#, c-format
+msgid "Value to override user's $PATH with: %s"
+msgstr "Verdi som overstyrer brukerspesifikk $PATH: %s"
+
+#: plugins/sudoers/def_data.c:254
+#, c-format
+msgid "Path to the editor for use by visudo: %s"
+msgstr "Filsti til tekstbehandler som visudo skal bruke: %s"
+
+#: plugins/sudoers/def_data.c:258
+#, c-format
+msgid "When to require a password for 'list' pseudocommand: %s"
+msgstr "Når pseudokommandoen «list» skal kreve passord: %s"
+
+#: plugins/sudoers/def_data.c:262
+#, c-format
+msgid "When to require a password for 'verify' pseudocommand: %s"
+msgstr "Når pseudokommandoen «verify» skal kreve passord: %s"
+
+#: plugins/sudoers/def_data.c:266
+msgid "Preload the dummy exec functions contained in the sudo_noexec library"
+msgstr "Last inn prøvekjøringsfunksjonene som ligger i biblioteket «sudo_noexec»"
+
+#: plugins/sudoers/def_data.c:270
+msgid "If LDAP directory is up, do we ignore local sudoers file"
+msgstr "Om lokal sudoers-fil skal ignoreres når en LDAP er aktiv"
+
+#: plugins/sudoers/def_data.c:274
+#, c-format
+msgid "File descriptors >= %d will be closed before executing a command"
+msgstr "Fildeskriptorne >= %d lukkes før en kommando blir kjørt"
+
+#: plugins/sudoers/def_data.c:278
+msgid "If set, users may override the value of `closefrom' with the -C option"
+msgstr "Hvis dette er valgt, har brukerne mulighet til å overstyre «closefrom»-verdien med valget «-C»"
+
+#: plugins/sudoers/def_data.c:282
+msgid "Allow users to set arbitrary environment variables"
+msgstr "Tillat brukere å velge arbitrære miljøvariabler"
+
+#: plugins/sudoers/def_data.c:286
+msgid "Reset the environment to a default set of variables"
+msgstr "Tilbakestill brukermiljøet til et sett med standardvariabler"
+
+#: plugins/sudoers/def_data.c:290
+msgid "Environment variables to check for sanity:"
+msgstr "Miljøvariabler som skal kontrolleres:"
+
+#: plugins/sudoers/def_data.c:294
+msgid "Environment variables to remove:"
+msgstr "Miljøvariabler som skal fjernes:"
+
+#: plugins/sudoers/def_data.c:298
+msgid "Environment variables to preserve:"
+msgstr "Miljøvariabler som skal beholdes:"
+
+#: plugins/sudoers/def_data.c:302
+#, c-format
+msgid "SELinux role to use in the new security context: %s"
+msgstr "SELinux-rolle som skal brukes i ny sikkerhetskontekst: %s"
+
+#: plugins/sudoers/def_data.c:306
+#, c-format
+msgid "SELinux type to use in the new security context: %s"
+msgstr "SELinux-type som skal brukes i ny sikkerhetskontekst: %s"
+
+#: plugins/sudoers/def_data.c:310
+#, c-format
+msgid "Path to the sudo-specific environment file: %s"
+msgstr "Sti til sudo-spesifikk miljøfil: %s"
+
+#: plugins/sudoers/def_data.c:314
+#, c-format
+msgid "Path to the restricted sudo-specific environment file: %s"
+msgstr "Sti til sudo-spesifikk miljøfil: %s"
+
+#: plugins/sudoers/def_data.c:318
+#, c-format
+msgid "Locale to use while parsing sudoers: %s"
+msgstr "Regioninnstilling som skal brukes når «sudoers» tolkes: %s"
+
+#: plugins/sudoers/def_data.c:322
+msgid "Allow sudo to prompt for a password even if it would be visible"
+msgstr "Tillat sudo å spørre etter et passord som - hvis skrevet inn - blir synlig på skjermen"
+
+#: plugins/sudoers/def_data.c:326
+msgid "Provide visual feedback at the password prompt when there is user input"
+msgstr "Gi visuell respons når brukere skriver inn passord"
+
+#: plugins/sudoers/def_data.c:330
+msgid "Use faster globbing that is less accurate but does not access the filesystem"
+msgstr "Bruk raskere joker-søking som er mindre presis (og som ikke søker i filsystemet)"
+
+#: plugins/sudoers/def_data.c:334
+msgid "The umask specified in sudoers will override the user's, even if it is more permissive"
+msgstr "U-masker som er valgt i sudoers overstyrer brukermasker, selv hvis sudoers åpner for mer tilgang enn brukermaska"
+
+#: plugins/sudoers/def_data.c:338
+msgid "Log user's input for the command being run"
+msgstr "Loggfør bruker-inndata i kommandoen som kjøres"
+
+#: plugins/sudoers/def_data.c:342
+msgid "Log the output of the command being run"
+msgstr "Loggfør utskrift fra kommandoen som kjøres"
+
+#: plugins/sudoers/def_data.c:346
+msgid "Compress I/O logs using zlib"
+msgstr "Komprimer inn- og utdatalogger ved bruk av «zlib»"
+
+#: plugins/sudoers/def_data.c:350
+msgid "Always run commands in a pseudo-tty"
+msgstr "Kjør alltid kommandoer i en pseudo-tty"
+
+#: plugins/sudoers/def_data.c:354
+#, c-format
+msgid "Plugin for non-Unix group support: %s"
+msgstr "Støttetillegg for grupper som ikke er Unix-grupper: %s"
+
+#: plugins/sudoers/def_data.c:358
+#, c-format
+msgid "Directory in which to store input/output logs: %s"
+msgstr "Mappe hvor inn- og utdatalogger skal lagres: %s"
+
+#: plugins/sudoers/def_data.c:362
+#, c-format
+msgid "File in which to store the input/output log: %s"
+msgstr "Fil hvor inn- og utdatalogger skal lagres: %s"
+
+#: plugins/sudoers/def_data.c:366
+msgid "Add an entry to the utmp/utmpx file when allocating a pty"
+msgstr "Legg til en oppføring i utmp-/utmpx-fil ved tildeling av pty"
+
+#: plugins/sudoers/def_data.c:370
+msgid "Set the user in utmp to the runas user, not the invoking user"
+msgstr "Kjør kommandoer som utmp-bruker, i stedet for brukeren som skriver inn kommando"
+
+#: plugins/sudoers/def_data.c:374
+#, c-format
+msgid "Set of permitted privileges: %s"
+msgstr "Tillatte privilegier: %s"
+
+#: plugins/sudoers/def_data.c:378
+#, c-format
+msgid "Set of limit privileges: %s"
+msgstr "Begrensningsprivilegier: %s"
+
+#: plugins/sudoers/def_data.c:382
+msgid "Run commands on a pty in the background"
+msgstr "Kjør kommandoer på en pty i bakgrunnen"
+
+#: plugins/sudoers/def_data.c:386
+#, c-format
+msgid "PAM service name to use: %s"
+msgstr "PAM-tjenestenavn som skal brukes: %s"
+
+#: plugins/sudoers/def_data.c:390
+#, c-format
+msgid "PAM service name to use for login shells: %s"
+msgstr "PAM-tjenestenavn som skal brukes til innloggingsskall: %s"
+
+#: plugins/sudoers/def_data.c:394
+msgid "Attempt to establish PAM credentials for the target user"
+msgstr "Prøv å sette opp PAM-akkreditiver for målbruker"
+
+#: plugins/sudoers/def_data.c:398
+msgid "Create a new PAM session for the command to run in"
+msgstr "Lag en ny PAM-økt som kommandoen kjøres i"
+
+#: plugins/sudoers/def_data.c:402
+#, c-format
+msgid "Maximum I/O log sequence number: %u"
+msgstr "Høyeste tillatte sekvensnummer i inn-/utdatalogg: %u"
+
+#: plugins/sudoers/def_data.c:406
+msgid "Enable sudoers netgroup support"
+msgstr "Slå på støtte for sudoers-nettgruppe"
+
+#: plugins/sudoers/def_data.c:410
+msgid "Check parent directories for writability when editing files with sudoedit"
+msgstr "Kontroller skrivetillatelse til foreldermapper ved redigering av filer med sudoedit"
+
+#: plugins/sudoers/def_data.c:414
+msgid "Follow symbolic links when editing files with sudoedit"
+msgstr "Følg symbolske lenker ved redigering av filer med sudoedit"
+
+#: plugins/sudoers/def_data.c:418
+msgid "Query the group plugin for unknown system groups"
+msgstr "Spør gruppetillegget om ukjente systemgrupper"
+
+#: plugins/sudoers/def_data.c:422
+msgid "Match netgroups based on the entire tuple: user, host and domain"
+msgstr "Kontroller nettgrupper basert på både bruker, vert og domene"
+
+#: plugins/sudoers/def_data.c:426
+msgid "Allow commands to be run even if sudo cannot write to the audit log"
+msgstr "Tillat kjøring av kommandoer selv om sudo ikke klarer å skrive til revisjonslogg"
+
+#: plugins/sudoers/def_data.c:430
+msgid "Allow commands to be run even if sudo cannot write to the I/O log"
+msgstr "Tillat kjøring av kommandoer selv om sudo ikke klarer å skrive til I/O-logg"
+
+#: plugins/sudoers/def_data.c:434
+msgid "Allow commands to be run even if sudo cannot write to the log file"
+msgstr "Tillat kjøring av kommandoer selv om sudo ikke klarer å skrive til loggfil"
+
+#: plugins/sudoers/def_data.c:438
+msgid "Resolve groups in sudoers and match on the group ID, not the name"
+msgstr "Slå opp grupper i sudoers på gruppe-ID i stedet for gruppenavn"
+
+#: plugins/sudoers/def_data.c:442
+#, c-format
+msgid "Log entries larger than this value will be split into multiple syslog messages: %u"
+msgstr "Loggoppføringer som er større enn dette blir delt opp i flere syslog-meldinger: %u"
+
+#: plugins/sudoers/def_data.c:446
+#, c-format
+msgid "User that will own the I/O log files: %s"
+msgstr "Bruker som skal eie I/O-loggfiler: %s"
+
+#: plugins/sudoers/def_data.c:450
+#, c-format
+msgid "Group that will own the I/O log files: %s"
+msgstr "Gruppe som skal eie I/O-loggfiler: %s"
+
+#: plugins/sudoers/def_data.c:454
+#, c-format
+msgid "File mode to use for the I/O log files: 0%o"
+msgstr "Filmodus for I/O-loggfiler: 0%o"
+
+#: plugins/sudoers/def_data.c:458
+#, c-format
+msgid "Execute commands by file descriptor instead of by path: %s"
+msgstr "Kjør kommandoer med fildeskriptor i stedet for sti: %s"
+
+#: plugins/sudoers/def_data.c:462
+msgid "Ignore unknown Defaults entries in sudoers instead of producing a warning"
+msgstr "Ignorer ukjente standardverdier i sudoers i stedet for å vise advarsel"
+
+#: plugins/sudoers/def_data.c:466
+#, c-format
+msgid "Time in seconds after which the command will be terminated: %u"
+msgstr "TIdsavbrudd for kommando: %u sekunder"
+
+#: plugins/sudoers/def_data.c:470
+msgid "Allow the user to specify a timeout on the command line"
+msgstr "La bruker velge tidsavbrudd via kommandolinje"
+
+#: plugins/sudoers/def_data.c:474
+msgid "Flush I/O log data to disk immediately instead of buffering it"
+msgstr "Tøm inn- og utdata direkte til disk i stedet for å mellomlagre"
+
+#: plugins/sudoers/def_data.c:478
+msgid "Include the process ID when logging via syslog"
+msgstr "Ta med prosess-ID ved bruk av syslog"
+
+#: plugins/sudoers/def_data.c:482
+#, c-format
+msgid "Type of authentication timestamp record: %s"
+msgstr "Type autentiseringstidsstempel: %s"
+
+#: plugins/sudoers/def_data.c:486
+#, c-format
+msgid "Authentication failure message: %s"
+msgstr "Feilmelding ved autentisering: %s"
+
+#: plugins/sudoers/def_data.c:490
+msgid "Ignore case when matching user names"
+msgstr "Ignorer små/store bokstaver i brukernavn"
+
+#: plugins/sudoers/def_data.c:494
+msgid "Ignore case when matching group names"
+msgstr "Ignorer små/store bokstaver i gruppenavn"
+
+#: plugins/sudoers/defaults.c:229
+#, c-format
+msgid "%s:%d unknown defaults entry \"%s\""
+msgstr "%s: %d «%s» er en ukjent standardoppføring"
+
+#: plugins/sudoers/defaults.c:232
+#, c-format
+msgid "%s: unknown defaults entry \"%s\""
+msgstr "%s: «%s» er en ukjent standardoppføring"
+
+#: plugins/sudoers/defaults.c:275
+#, c-format
+msgid "%s:%d no value specified for \"%s\""
+msgstr "%s: %d «%s» har ingen verdi"
+
+#: plugins/sudoers/defaults.c:278
+#, c-format
+msgid "%s: no value specified for \"%s\""
+msgstr "%s: «%s» har ingen verdi"
+
+#: plugins/sudoers/defaults.c:298
+#, c-format
+msgid "%s:%d values for \"%s\" must start with a '/'"
+msgstr "%s:%d verdier av «%s» må begynne med «/»"
+
+#: plugins/sudoers/defaults.c:301
+#, c-format
+msgid "%s: values for \"%s\" must start with a '/'"
+msgstr "%s: verdier av «%s» må begynne med «/»"
+
+#: plugins/sudoers/defaults.c:323
+#, c-format
+msgid "%s:%d option \"%s\" does not take a value"
+msgstr "%s:%d «%s» kan ikke ha en verdi"
+
+#: plugins/sudoers/defaults.c:326
+#, c-format
+msgid "%s: option \"%s\" does not take a value"
+msgstr "%s: «%s» kan ikke ha en verdi"
+
+#: plugins/sudoers/defaults.c:351
+#, c-format
+msgid "%s:%d invalid Defaults type 0x%x for option \"%s\""
+msgstr "%s:%d Defaults-type 0x%x for valget «%s» er ugyldig"
+
+#: plugins/sudoers/defaults.c:354
+#, c-format
+msgid "%s: invalid Defaults type 0x%x for option \"%s\""
+msgstr "%s: Defaults-type 0x%x for valget «%s» er ugyldig"
+
+#: plugins/sudoers/defaults.c:364
+#, c-format
+msgid "%s:%d value \"%s\" is invalid for option \"%s\""
+msgstr "%s:%d «%s» er en ugyldig verdi for valget «%s»"
+
+#: plugins/sudoers/defaults.c:367
+#, c-format
+msgid "%s: value \"%s\" is invalid for option \"%s\""
+msgstr "%s: verdien «%s» er ugyldig valget «%s»"
+
+#: plugins/sudoers/env.c:390
+msgid "sudo_putenv: corrupted envp, length mismatch"
+msgstr "sudo_putenv: envp er korrupt (lengde samsvarer ikke)"
+
+#: plugins/sudoers/env.c:1111
+msgid "unable to rebuild the environment"
+msgstr "klarte ikke å bygge opp miljøet på nytt"
+
+#: plugins/sudoers/env.c:1185
+#, c-format
+msgid "sorry, you are not allowed to set the following environment variables: %s"
+msgstr "du har ikke tillatelse til å bestemme følgende miljøvariabler: %s"
+
+#: plugins/sudoers/file.c:114
+#, c-format
+msgid "parse error in %s near line %d"
+msgstr "tolkningsfeil i %s ved linje %d"
+
+#: plugins/sudoers/file.c:117
+#, c-format
+msgid "parse error in %s"
+msgstr "tolkningsfeil i %s"
+
+#: plugins/sudoers/filedigest.c:59
+#, c-format
+msgid "unsupported digest type %d for %s"
+msgstr "behandlingstype %d for %s støttes ikke"
+
+#: plugins/sudoers/filedigest.c:88
+#, c-format
+msgid "%s: read error"
+msgstr "%s: lesefeil"
+
+#: plugins/sudoers/group_plugin.c:88
+#, c-format
+msgid "%s must be owned by uid %d"
+msgstr "%s må eies av uid %d"
+
+#: plugins/sudoers/group_plugin.c:92
+#, c-format
+msgid "%s must only be writable by owner"
+msgstr "%s kan ikke gi skrivetillatelse til andre enn eieren"
+
+#: plugins/sudoers/group_plugin.c:100 plugins/sudoers/sssd.c:561
+#, c-format
+msgid "unable to load %s: %s"
+msgstr "klarte ikke å laste inn %s. %s"
+
+#: plugins/sudoers/group_plugin.c:106
+#, c-format
+msgid "unable to find symbol \"group_plugin\" in %s"
+msgstr "fant ikke symbolet «group_plugin» i %s"
+
+#: plugins/sudoers/group_plugin.c:111
+#, c-format
+msgid "%s: incompatible group plugin major version %d, expected %d"
+msgstr "%s: versjon %d av gruppetillegget passer ikke (forventet versjon %d)"
+
+#: plugins/sudoers/interfaces.c:84 plugins/sudoers/interfaces.c:101
+#, c-format
+msgid "unable to parse IP address \"%s\""
+msgstr "klarte ikke å tolke IP-adresse «%s»"
+
+#: plugins/sudoers/interfaces.c:89 plugins/sudoers/interfaces.c:106
+#, c-format
+msgid "unable to parse netmask \"%s\""
+msgstr "klarte ikke å tolke nettverksmaske «%s»"
+
+#: plugins/sudoers/interfaces.c:134
+msgid "Local IP address and netmask pairs:\n"
+msgstr "Lokale par av IP-adresser og nettverksmasker:\n"
+
+#: plugins/sudoers/iolog.c:115 plugins/sudoers/mkdir_parents.c:80
+#, c-format
+msgid "%s exists but is not a directory (0%o)"
+msgstr "%s finnes, men er ikke en mappe (0%o)"
+
+#: plugins/sudoers/iolog.c:140 plugins/sudoers/iolog.c:180
+#: plugins/sudoers/mkdir_parents.c:69 plugins/sudoers/timestamp.c:210
+#, c-format
+msgid "unable to mkdir %s"
+msgstr "klarte ikke å utføre mkdir %s"
+
+#: plugins/sudoers/iolog.c:184 plugins/sudoers/visudo.c:723
+#: plugins/sudoers/visudo.c:734
+#, c-format
+msgid "unable to change mode of %s to 0%o"
+msgstr "klarte ikke å endre %s modus til 0%o"
+
+#: plugins/sudoers/iolog.c:292 plugins/sudoers/sudoers.c:1167
+#: plugins/sudoers/testsudoers.c:422
+#, c-format
+msgid "unknown group: %s"
+msgstr "%s er en ukjent gruppe"
+
+#: plugins/sudoers/iolog.c:462 plugins/sudoers/sudoers.c:907
+#: plugins/sudoers/sudoreplay.c:840 plugins/sudoers/sudoreplay.c:1536
+#: plugins/sudoers/tsdump.c:143
+#, c-format
+msgid "unable to read %s"
+msgstr "klarte ikke å lese %s"
+
+#: plugins/sudoers/iolog.c:577 plugins/sudoers/iolog.c:797
+#, c-format
+msgid "unable to create %s"
+msgstr "klarte ikke å opprette %s"
+
+#: plugins/sudoers/iolog.c:820 plugins/sudoers/iolog.c:1035
+#: plugins/sudoers/iolog.c:1111 plugins/sudoers/iolog.c:1205
+#: plugins/sudoers/iolog.c:1265
+#, c-format
+msgid "unable to write to I/O log file: %s"
+msgstr "klarte ikke å skrive til I/O-loggfil: %s"
+
+#: plugins/sudoers/iolog.c:1069
+#, c-format
+msgid "%s: internal error, I/O log file for event %d not open"
+msgstr "%s: intern feil. Inn-/ut-loggfil for hendelse %d er ikke åpen"
+
+#: plugins/sudoers/iolog.c:1228
+#, c-format
+msgid "%s: internal error, invalid signal %d"
+msgstr "%s: intern feil. Signal %d er ugyldig"
+
+#: plugins/sudoers/iolog_util.c:87
+#, c-format
+msgid "%s: invalid log file"
+msgstr "%s: ugyldig loggfil"
+
+#: plugins/sudoers/iolog_util.c:105
+#, c-format
+msgid "%s: time stamp field is missing"
+msgstr "%s: tidsstempel-felt mangler"
+
+#: plugins/sudoers/iolog_util.c:111
+#, c-format
+msgid "%s: time stamp %s: %s"
+msgstr "%s: tidsstempel %s: %s"
+
+#: plugins/sudoers/iolog_util.c:118
+#, c-format
+msgid "%s: user field is missing"
+msgstr "%s: brukerfelt mangler"
+
+#: plugins/sudoers/iolog_util.c:127
+#, c-format
+msgid "%s: runas user field is missing"
+msgstr "%s: «kjør som bruker»-felt mangler"
+
+#: plugins/sudoers/iolog_util.c:136
+#, c-format
+msgid "%s: runas group field is missing"
+msgstr "%s: «kjør som gruppe»-felt mangler"
+
+#: plugins/sudoers/ldap.c:176 plugins/sudoers/ldap_conf.c:294
+msgid "starttls not supported when using ldaps"
+msgstr "starttls støttes ikke når du bruker ldaps"
+
+#: plugins/sudoers/ldap.c:247
+#, c-format
+msgid "unable to initialize SSL cert and key db: %s"
+msgstr "klarte ikke å starte opp database for SSL-sertifikater og -nøkler. %s"
+
+#: plugins/sudoers/ldap.c:250
+#, c-format
+msgid "you must set TLS_CERT in %s to use SSL"
+msgstr "du må velge TLS_CERT i %s for å bruke SSL"
+
+#: plugins/sudoers/ldap.c:1612
+#, c-format
+msgid "unable to initialize LDAP: %s"
+msgstr "klarte ikke å starte opp LDAP. %s"
+
+#: plugins/sudoers/ldap.c:1648
+msgid "start_tls specified but LDAP libs do not support ldap_start_tls_s() or ldap_start_tls_s_np()"
+msgstr "start_tls er valgt, men LDAP-bibliotekene støtter hverken «ldap_start_tls_s()» eller «ldap_start_tls_s_np()»"
+
+#: plugins/sudoers/ldap.c:1785 plugins/sudoers/parse_ldif.c:735
+#, c-format
+msgid "invalid sudoOrder attribute: %s"
+msgstr "«%s» er en ugyldig sudoOrder-attributt"
+
+#: plugins/sudoers/ldap_conf.c:203
+msgid "sudo_ldap_conf_add_ports: port too large"
+msgstr "sudo_ldap_conf_add_ports: portnummeret er for stort"
+
+#: plugins/sudoers/ldap_conf.c:263
+#, c-format
+msgid "unsupported LDAP uri type: %s"
+msgstr "LDAP-ens adressetype %s støttes ikke"
+
+#: plugins/sudoers/ldap_conf.c:290
+msgid "unable to mix ldap and ldaps URIs"
+msgstr "du kan ikke blande ldap- og ldaps-nettadresser"
+
+#: plugins/sudoers/ldap_util.c:454 plugins/sudoers/ldap_util.c:456
+#, c-format
+msgid "unable to convert sudoOption: %s%s%s"
+msgstr "klarte ikke å konvertere sudoOption: %s%s%s"
+
+#: plugins/sudoers/linux_audit.c:57
+msgid "unable to open audit system"
+msgstr "klarte ikke å åpne revisjonssystemet"
+
+#: plugins/sudoers/linux_audit.c:98
+msgid "unable to send audit message"
+msgstr "klarte ikke å sende revisjonsmelding"
+
+#: plugins/sudoers/logging.c:113
+#, c-format
+msgid "%8s : %s"
+msgstr "%8s : %s"
+
+#: plugins/sudoers/logging.c:141
+#, c-format
+msgid "%8s : (command continued) %s"
+msgstr "%8s : (kommando fortsetter) %s"
+
+#: plugins/sudoers/logging.c:170
+#, c-format
+msgid "unable to open log file: %s"
+msgstr "klarte ikke å åpne loggfil: %s"
+
+#: plugins/sudoers/logging.c:178
+#, c-format
+msgid "unable to lock log file: %s"
+msgstr "klarte ikke å låse loggfil: %s"
+
+#: plugins/sudoers/logging.c:211
+#, c-format
+msgid "unable to write log file: %s"
+msgstr "klarte ikke å skrive loggfil: %s"
+
+#: plugins/sudoers/logging.c:240
+msgid "No user or host"
+msgstr "Ingen bruker eller vert"
+
+#: plugins/sudoers/logging.c:242
+msgid "validation failure"
+msgstr "feil ved gyldighetssjekk"
+
+#: plugins/sudoers/logging.c:249
+msgid "user NOT in sudoers"
+msgstr "brukeren er IKKE i sudoers"
+
+#: plugins/sudoers/logging.c:251
+msgid "user NOT authorized on host"
+msgstr "brukeren er IKKE autorisert på verten"
+
+#: plugins/sudoers/logging.c:253
+msgid "command not allowed"
+msgstr "denne kommandoen tillates ikke"
+
+#: plugins/sudoers/logging.c:288
+#, c-format
+msgid "%s is not in the sudoers file.  This incident will be reported.\n"
+msgstr "%s finnes ikke i sudoers-fil. Denne hendelsen blir rapportert.\n"
+
+#: plugins/sudoers/logging.c:291
+#, c-format
+msgid "%s is not allowed to run sudo on %s.  This incident will be reported.\n"
+msgstr "%s has ikke tillatelse til å kjøre sudo på %s. Denne hendelsen blir rapportert.\n"
+
+#: plugins/sudoers/logging.c:295
+#, c-format
+msgid "Sorry, user %s may not run sudo on %s.\n"
+msgstr "Brukeren %s kan ikke kjøre sudo på %s.\n"
+
+#: plugins/sudoers/logging.c:298
+#, c-format
+msgid "Sorry, user %s is not allowed to execute '%s%s%s' as %s%s%s on %s.\n"
+msgstr "Brukeren %s har ikke tillatelse til å kjøre «%s%s%s» som %s%s%s på %s.\n"
+
+#: plugins/sudoers/logging.c:335 plugins/sudoers/sudoers.c:438
+#: plugins/sudoers/sudoers.c:440 plugins/sudoers/sudoers.c:442
+#: plugins/sudoers/sudoers.c:444 plugins/sudoers/sudoers.c:599
+#: plugins/sudoers/sudoers.c:601
+#, c-format
+msgid "%s: command not found"
+msgstr "%s: fant ikke kommando"
+
+#: plugins/sudoers/logging.c:337 plugins/sudoers/sudoers.c:434
+#, c-format
+msgid ""
+"ignoring \"%s\" found in '.'\n"
+"Use \"sudo ./%s\" if this is the \"%s\" you wish to run."
+msgstr ""
+"ignorerer «%s» i «.».\n"
+"Bruk «sudo ./%s» hvis dette er «%s»-programmet du prøver å kjøre."
+
+#: plugins/sudoers/logging.c:354
+msgid "authentication failure"
+msgstr "feil ved autentisering"
+
+#: plugins/sudoers/logging.c:380
+msgid "a password is required"
+msgstr "du må oppgi et passord"
+
+#: plugins/sudoers/logging.c:443
+#, c-format
+msgid "%u incorrect password attempt"
+msgid_plural "%u incorrect password attempts"
+msgstr[0] "%u mislykket passordforsøk"
+msgstr[1] "%u mislykkede passordforsøk"
+
+#: plugins/sudoers/logging.c:666
+msgid "unable to fork"
+msgstr "klarte ikke å kopiere prosess"
+
+#: plugins/sudoers/logging.c:674 plugins/sudoers/logging.c:726
+#, c-format
+msgid "unable to fork: %m"
+msgstr "klarte ikke å kopiere prosess. %m"
+
+#: plugins/sudoers/logging.c:716
+#, c-format
+msgid "unable to open pipe: %m"
+msgstr "klarte ikke å åpne datarør. %m"
+
+#: plugins/sudoers/logging.c:741
+#, c-format
+msgid "unable to dup stdin: %m"
+msgstr "klarte ikke å duplisere standard innkanal. %m"
+
+#: plugins/sudoers/logging.c:779
+#, c-format
+msgid "unable to execute %s: %m"
+msgstr "klarte ikke å kjøre %s. %m"
+
+#: plugins/sudoers/match.c:874
+#, c-format
+msgid "digest for %s (%s) is not in %s form"
+msgstr "behandlingen for %s (%s) er ikke i %s-skjemaet"
+
+#: plugins/sudoers/mkdir_parents.c:75 plugins/sudoers/sudoers.c:918
+#: plugins/sudoers/visudo.c:421 plugins/sudoers/visudo.c:717
+#, c-format
+msgid "unable to stat %s"
+msgstr "klarte ikke å lage statistikk av %s"
+
+#: plugins/sudoers/parse.c:444
+#, c-format
+msgid ""
+"\n"
+"LDAP Role: %s\n"
+msgstr ""
+"\n"
+"LDAP-rolle: %s\n"
+
+#: plugins/sudoers/parse.c:447
+#, c-format
+msgid ""
+"\n"
+"Sudoers entry:\n"
+msgstr ""
+"\n"
+"Oppføring i sudoers:\n"
+
+#: plugins/sudoers/parse.c:449
+#, c-format
+msgid "    RunAsUsers: "
+msgstr "    Kjør som-brukere: "
+
+#: plugins/sudoers/parse.c:464
+#, c-format
+msgid "    RunAsGroups: "
+msgstr "    Kjør som-grupper: "
+
+#: plugins/sudoers/parse.c:474
+#, c-format
+msgid "    Options: "
+msgstr "    Valg: "
+
+#: plugins/sudoers/parse.c:528
+#, c-format
+msgid "    Commands:\n"
+msgstr "    Kommandoer:\n"
+
+#: plugins/sudoers/parse.c:719
+#, c-format
+msgid "Matching Defaults entries for %s on %s:\n"
+msgstr "Standardoppføringer som gjelder for %s på %s:\n"
+
+#: plugins/sudoers/parse.c:737
+#, c-format
+msgid "Runas and Command-specific defaults for %s:\n"
+msgstr "Kjør-som- og kommandospesifikke standardoppføringer for %s:\n"
+
+#: plugins/sudoers/parse.c:755
+#, c-format
+msgid "User %s may run the following commands on %s:\n"
+msgstr "Brukeren %s kan kjøre følgende kommandoer på %s:\n"
+
+#: plugins/sudoers/parse.c:770
+#, c-format
+msgid "User %s is not allowed to run sudo on %s.\n"
+msgstr "Brukeren %s har ikke tillatelse til å kjøre sudo på %s.\n"
+
+#: plugins/sudoers/parse_ldif.c:145
+#, c-format
+msgid "ignoring invalid attribute value: %s"
+msgstr "ignorerer ugyldig attributtverdi: %s"
+
+#: plugins/sudoers/parse_ldif.c:584
+#, c-format
+msgid "ignoring incomplete sudoRole: cn: %s"
+msgstr "ignorerer ufullstendig sudoRole: cn: %s"
+
+#: plugins/sudoers/policy.c:88 plugins/sudoers/policy.c:114
+#, c-format
+msgid "invalid %.*s set by sudo front-end"
+msgstr "ugyldig %.*s fra sudo-grenseflate"
+
+#: plugins/sudoers/policy.c:293 plugins/sudoers/testsudoers.c:278
+msgid "unable to parse network address list"
+msgstr "klarte ikke å tolke nettverksadresse-liste"
+
+#: plugins/sudoers/policy.c:437
+msgid "user name not set by sudo front-end"
+msgstr "sudo-grenseflate har ikke angitt brukernavn"
+
+#: plugins/sudoers/policy.c:441
+msgid "user ID not set by sudo front-end"
+msgstr "sudo-grenseflate har ikke angitt bruker-ID"
+
+#: plugins/sudoers/policy.c:445
+msgid "group ID not set by sudo front-end"
+msgstr "sudo-grenseflate har ikke angitt gruppe-ID"
+
+#: plugins/sudoers/policy.c:449
+msgid "host name not set by sudo front-end"
+msgstr "sudo-grenseflate har ikke angitt vertsnavn"
+
+#: plugins/sudoers/policy.c:802 plugins/sudoers/visudo.c:220
+#: plugins/sudoers/visudo.c:851
+#, c-format
+msgid "unable to execute %s"
+msgstr "klarte ikke å kjøre %s"
+
+#: plugins/sudoers/policy.c:933
+#, c-format
+msgid "Sudoers policy plugin version %s\n"
+msgstr "Sudoers regeltillegg versjon %s\n"
+
+#: plugins/sudoers/policy.c:935
+#, c-format
+msgid "Sudoers file grammar version %d\n"
+msgstr "Sudoers-grammatikkversjon %d\n"
+
+#: plugins/sudoers/policy.c:939
+#, c-format
+msgid ""
+"\n"
+"Sudoers path: %s\n"
+msgstr ""
+"\n"
+"Sti til «sudoers»-fil: %s\n"
+
+#: plugins/sudoers/policy.c:942
+#, c-format
+msgid "nsswitch path: %s\n"
+msgstr "Sti til «nsswitch»: %s\n"
+
+#: plugins/sudoers/policy.c:944
+#, c-format
+msgid "ldap.conf path: %s\n"
+msgstr "Sti til «ldap.conf»: %s\n"
+
+#: plugins/sudoers/policy.c:945
+#, c-format
+msgid "ldap.secret path: %s\n"
+msgstr "Stil til «ldap.secret»: %s\n"
+
+#: plugins/sudoers/policy.c:978
+#, c-format
+msgid "unable to register hook of type %d (version %d.%d)"
+msgstr "klarte ikke å tildele krok av typen %d (versjon %d.%d)"
+
+#: plugins/sudoers/pwutil.c:220 plugins/sudoers/pwutil.c:239
+#, c-format
+msgid "unable to cache uid %u, out of memory"
+msgstr "klarte ikke å hurtiglagre uid %u. Minnet er fullt"
+
+#: plugins/sudoers/pwutil.c:233
+#, c-format
+msgid "unable to cache uid %u, already exists"
+msgstr "klarte ikke å hurtiglagre uid %u. Uid-en eksisterer allerede"
+
+#: plugins/sudoers/pwutil.c:293 plugins/sudoers/pwutil.c:311
+#: plugins/sudoers/pwutil.c:373 plugins/sudoers/pwutil.c:418
+#, c-format
+msgid "unable to cache user %s, out of memory"
+msgstr "klarte ikke å hurtiglagre brukeren %s. Minnet er fullt"
+
+#: plugins/sudoers/pwutil.c:306
+#, c-format
+msgid "unable to cache user %s, already exists"
+msgstr "klarte ikke å hurtiglagre brukeren %s. Brukeren eksisterer allerede"
+
+#: plugins/sudoers/pwutil.c:537 plugins/sudoers/pwutil.c:556
+#, c-format
+msgid "unable to cache gid %u, out of memory"
+msgstr "klarte ikke å hurtiglagre gid %u. Minnet er fullt"
+
+#: plugins/sudoers/pwutil.c:550
+#, c-format
+msgid "unable to cache gid %u, already exists"
+msgstr "klarte ikke å hurtiglagre gid %u. Gid-en eksisterer allerede"
+
+#: plugins/sudoers/pwutil.c:604 plugins/sudoers/pwutil.c:622
+#: plugins/sudoers/pwutil.c:669 plugins/sudoers/pwutil.c:711
+#, c-format
+msgid "unable to cache group %s, out of memory"
+msgstr "klarte ikke å hurtiglagre gruppa %s. Minnet er fullt"
+
+#: plugins/sudoers/pwutil.c:617
+#, c-format
+msgid "unable to cache group %s, already exists"
+msgstr "klarte ikke å hurtiglagre gruppa %s. Gruppa eksisterer allerede"
+
+#: plugins/sudoers/pwutil.c:837 plugins/sudoers/pwutil.c:889
+#: plugins/sudoers/pwutil.c:940 plugins/sudoers/pwutil.c:993
+#, c-format
+msgid "unable to cache group list for %s, already exists"
+msgstr "klarte ikke å hurtiglagre liste over %s. Lista eksisterer allerede"
+
+#: plugins/sudoers/pwutil.c:843 plugins/sudoers/pwutil.c:894
+#: plugins/sudoers/pwutil.c:946 plugins/sudoers/pwutil.c:998
+#, c-format
+msgid "unable to cache group list for %s, out of memory"
+msgstr "klarte ikke å hurtiglagre liste over %s. Minnet er fullt"
+
+#: plugins/sudoers/pwutil.c:883
+#, c-format
+msgid "unable to parse groups for %s"
+msgstr "klarte ikke å tolke grupper for %s"
+
+#: plugins/sudoers/pwutil.c:987
+#, c-format
+msgid "unable to parse gids for %s"
+msgstr "klarte ikke å tolke gid-er for %s"
+
+#: plugins/sudoers/set_perms.c:118 plugins/sudoers/set_perms.c:474
+#: plugins/sudoers/set_perms.c:917 plugins/sudoers/set_perms.c:1244
+#: plugins/sudoers/set_perms.c:1561
+msgid "perm stack overflow"
+msgstr "perm-stabelen er full"
+
+#: plugins/sudoers/set_perms.c:126 plugins/sudoers/set_perms.c:405
+#: plugins/sudoers/set_perms.c:482 plugins/sudoers/set_perms.c:784
+#: plugins/sudoers/set_perms.c:925 plugins/sudoers/set_perms.c:1168
+#: plugins/sudoers/set_perms.c:1252 plugins/sudoers/set_perms.c:1494
+#: plugins/sudoers/set_perms.c:1569 plugins/sudoers/set_perms.c:1659
+msgid "perm stack underflow"
+msgstr "perm-stabelen er tom"
+
+#: plugins/sudoers/set_perms.c:185 plugins/sudoers/set_perms.c:528
+#: plugins/sudoers/set_perms.c:1303 plugins/sudoers/set_perms.c:1601
+msgid "unable to change to root gid"
+msgstr "klarte ikke å endre gid til rotbruker"
+
+#: plugins/sudoers/set_perms.c:274 plugins/sudoers/set_perms.c:625
+#: plugins/sudoers/set_perms.c:1054 plugins/sudoers/set_perms.c:1380
+msgid "unable to change to runas gid"
+msgstr "klarte ikke å endre til kjør som-gid"
+
+#: plugins/sudoers/set_perms.c:279 plugins/sudoers/set_perms.c:630
+#: plugins/sudoers/set_perms.c:1059 plugins/sudoers/set_perms.c:1385
+msgid "unable to set runas group vector"
+msgstr "klarte ikke å velge «kjør som»-gruppevektor"
+
+#: plugins/sudoers/set_perms.c:290 plugins/sudoers/set_perms.c:641
+#: plugins/sudoers/set_perms.c:1068 plugins/sudoers/set_perms.c:1394
+msgid "unable to change to runas uid"
+msgstr "klarte ikke å endre uid til «kjør som»-bruker"
+
+#: plugins/sudoers/set_perms.c:308 plugins/sudoers/set_perms.c:659
+#: plugins/sudoers/set_perms.c:1084 plugins/sudoers/set_perms.c:1410
+msgid "unable to change to sudoers gid"
+msgstr "klarte ikke å endre gid til sudoers"
+
+#: plugins/sudoers/set_perms.c:392 plugins/sudoers/set_perms.c:771
+#: plugins/sudoers/set_perms.c:1155 plugins/sudoers/set_perms.c:1481
+#: plugins/sudoers/set_perms.c:1646
+msgid "too many processes"
+msgstr "for mange prosesser"
+
+#: plugins/sudoers/solaris_audit.c:56
+msgid "unable to get current working directory"
+msgstr "klarte ikke å hente gjeldende arbeidsmappe"
+
+#: plugins/sudoers/solaris_audit.c:64
+#, c-format
+msgid "truncated audit path user_cmnd: %s"
+msgstr "forkortet revisjonssti «user_cmnd»: %s"
+
+#: plugins/sudoers/solaris_audit.c:71
+#, c-format
+msgid "truncated audit path argv[0]: %s"
+msgstr "forkortet revisjonssti «argv[0]»: %s"
+
+#: plugins/sudoers/solaris_audit.c:120
+msgid "audit_failure message too long"
+msgstr "audit_failure-meldinga er for lang"
+
+#: plugins/sudoers/sssd.c:563
+msgid "unable to initialize SSS source. Is SSSD installed on your machine?"
+msgstr "klarte ikke å starte opp SSS-kilde. Har du installert SSSD på maskinen?"
+
+#: plugins/sudoers/sssd.c:571 plugins/sudoers/sssd.c:580
+#: plugins/sudoers/sssd.c:589 plugins/sudoers/sssd.c:598
+#: plugins/sudoers/sssd.c:607
+#, c-format
+msgid "unable to find symbol \"%s\" in %s"
+msgstr "fant ikke symbolet «%s» i %s"
+
+#: plugins/sudoers/sudoers.c:208 plugins/sudoers/sudoers.c:864
+msgid "problem with defaults entries"
+msgstr "det har oppstått et problem med én eller flere standardoppføringer"
+
+#: plugins/sudoers/sudoers.c:212
+msgid "no valid sudoers sources found, quitting"
+msgstr "fant ingen gyldig sudoers-kilde. Avslutter."
+
+#: plugins/sudoers/sudoers.c:250
+msgid "sudoers specifies that root is not allowed to sudo"
+msgstr "sudoers-fil tillater ikke rotbruker å kjøre sudo"
+
+#: plugins/sudoers/sudoers.c:308
+msgid "you are not permitted to use the -C option"
+msgstr "du har ikke tillatelse til å bruke valget «-C»"
+
+#: plugins/sudoers/sudoers.c:355
+#, c-format
+msgid "timestamp owner (%s): No such user"
+msgstr "eier («%s») av tidsstempel finnes ikke"
+
+#: plugins/sudoers/sudoers.c:370
+msgid "no tty"
+msgstr "ingen tty"
+
+#: plugins/sudoers/sudoers.c:371
+msgid "sorry, you must have a tty to run sudo"
+msgstr "du må ha en tty for å kunne kjøre sudo"
+
+#: plugins/sudoers/sudoers.c:433
+msgid "command in current directory"
+msgstr "kommando i gjeldende mappe"
+
+#: plugins/sudoers/sudoers.c:452
+msgid "sorry, you are not allowed set a command timeout"
+msgstr "du har ikke tillatelse til å velge tidsavbrudd for kommandoer"
+
+#: plugins/sudoers/sudoers.c:460
+msgid "sorry, you are not allowed to preserve the environment"
+msgstr "du har ikke tillatelse til å beholde brukermiljøet"
+
+#: plugins/sudoers/sudoers.c:808
+msgid "command too long"
+msgstr "kommandoen er for lang"
+
+#: plugins/sudoers/sudoers.c:922
+#, c-format
+msgid "%s is not a regular file"
+msgstr "%s er ikke en vanlig fil"
+
+#: plugins/sudoers/sudoers.c:926 plugins/sudoers/timestamp.c:257 toke.l:965
+#, c-format
+msgid "%s is owned by uid %u, should be %u"
+msgstr "%s eies av uid %u, som skulle vært %u"
+
+#: plugins/sudoers/sudoers.c:930 toke.l:970
+#, c-format
+msgid "%s is world writable"
+msgstr "%s kan overskrives av alle"
+
+#: plugins/sudoers/sudoers.c:934 toke.l:973
+#, c-format
+msgid "%s is owned by gid %u, should be %u"
+msgstr "%s eies av gid %u, som skulle vært %u"
+
+#: plugins/sudoers/sudoers.c:967
+#, c-format
+msgid "only root can use \"-c %s\""
+msgstr "du må være rotbruker for å velge «-c %s»"
+
+#: plugins/sudoers/sudoers.c:986
+#, c-format
+msgid "unknown login class: %s"
+msgstr "innloggingsklasse %s er ukjent"
+
+#: plugins/sudoers/sudoers.c:1069 plugins/sudoers/sudoers.c:1083
+#, c-format
+msgid "unable to resolve host %s"
+msgstr "klarte ikke å slå opp vertsnavn %s"
+
+#: plugins/sudoers/sudoreplay.c:248
+#, c-format
+msgid "invalid filter option: %s"
+msgstr "%s er et ugyldig filtervalg"
+
+#: plugins/sudoers/sudoreplay.c:261
+#, c-format
+msgid "invalid max wait: %s"
+msgstr "%s er ugyldig maksimal ventetid"
+
+#: plugins/sudoers/sudoreplay.c:284
+#, c-format
+msgid "invalid speed factor: %s"
+msgstr "%s er en ugyldig hastighetsfaktor"
+
+#: plugins/sudoers/sudoreplay.c:319
+#, c-format
+msgid "%s/%.2s/%.2s/%.2s/timing: %s"
+msgstr "%s/%.2s/%.2s/%.2s/tidsberegning: %s"
+
+#: plugins/sudoers/sudoreplay.c:325
+#, c-format
+msgid "%s/%s/timing: %s"
+msgstr "%s/%s/tidsberegning: %s"
+
+#: plugins/sudoers/sudoreplay.c:341
+#, c-format
+msgid "Replaying sudo session: %s"
+msgstr "Spiller av sudo-økt i reprise: %s"
+
+#: plugins/sudoers/sudoreplay.c:539 plugins/sudoers/sudoreplay.c:586
+#: plugins/sudoers/sudoreplay.c:783 plugins/sudoers/sudoreplay.c:892
+#: plugins/sudoers/sudoreplay.c:977 plugins/sudoers/sudoreplay.c:992
+#: plugins/sudoers/sudoreplay.c:999 plugins/sudoers/sudoreplay.c:1006
+#: plugins/sudoers/sudoreplay.c:1013 plugins/sudoers/sudoreplay.c:1020
+#: plugins/sudoers/sudoreplay.c:1168
+msgid "unable to add event to queue"
+msgstr "klarte ikke å legge hendelse i kø"
+
+#: plugins/sudoers/sudoreplay.c:654
+msgid "unable to set tty to raw mode"
+msgstr "klarte ikke å velge råmodus for tty"
+
+#: plugins/sudoers/sudoreplay.c:705
+#, c-format
+msgid "Warning: your terminal is too small to properly replay the log.\n"
+msgstr "Advarsel: terminalen din er for liten for å spille av loggen skikkelig.\n"
+
+#: plugins/sudoers/sudoreplay.c:706
+#, c-format
+msgid "Log geometry is %d x %d, your terminal's geometry is %d x %d."
+msgstr "Loggens størrelse er %d x %d, mens terminalstørrelsen din er %d x %d."
+
+#: plugins/sudoers/sudoreplay.c:734
+msgid "Replay finished, press any key to restore the terminal."
+msgstr "Sudo-reprise ferdig. Trykk på en knapp for å gå tilbake til terminal."
+
+#: plugins/sudoers/sudoreplay.c:766
+#, c-format
+msgid "invalid timing file line: %s"
+msgstr "linja for tidsberegningsfil  er ugyldig: %s"
+
+#: plugins/sudoers/sudoreplay.c:1202 plugins/sudoers/sudoreplay.c:1227
+#, c-format
+msgid "ambiguous expression \"%s\""
+msgstr "uttrykket «%s» er flertydig"
+
+#: plugins/sudoers/sudoreplay.c:1249
+msgid "unmatched ')' in expression"
+msgstr "fant ingenting som samsvarer med deluttrykket «)»"
+
+#: plugins/sudoers/sudoreplay.c:1253
+#, c-format
+msgid "unknown search term \"%s\""
+msgstr "«%s» er et ukjent søkevalg"
+
+#: plugins/sudoers/sudoreplay.c:1268
+#, c-format
+msgid "%s requires an argument"
+msgstr "%s krever at du bruker et argument"
+
+#: plugins/sudoers/sudoreplay.c:1271 plugins/sudoers/sudoreplay.c:1512
+#, c-format
+msgid "invalid regular expression: %s"
+msgstr "%s er et ugyldig regulært uttrykk"
+
+#: plugins/sudoers/sudoreplay.c:1275
+#, c-format
+msgid "could not parse date \"%s\""
+msgstr "klarte ikke å tolke datoen «%s»"
+
+#: plugins/sudoers/sudoreplay.c:1284
+msgid "unmatched '(' in expression"
+msgstr "uttrykkets «(» samsvarer ikke"
+
+#: plugins/sudoers/sudoreplay.c:1286
+msgid "illegal trailing \"or\""
+msgstr "du kan ikke avslutte med «or»"
+
+#: plugins/sudoers/sudoreplay.c:1288
+msgid "illegal trailing \"!\""
+msgstr "du kan ikke avslutte med «!»"
+
+#: plugins/sudoers/sudoreplay.c:1338
+#, c-format
+msgid "unknown search type %d"
+msgstr "«%d» er en ukjent søketype"
+
+#: plugins/sudoers/sudoreplay.c:1605
+#, c-format
+msgid "usage: %s [-hnRS] [-d dir] [-m num] [-s num] ID\n"
+msgstr "bruk: %s [-hnRS] [-d mappe] [-m tall] [-s tall] ID\n"
+
+#: plugins/sudoers/sudoreplay.c:1608
+#, c-format
+msgid "usage: %s [-h] [-d dir] -l [search expression]\n"
+msgstr "bruk: %s [-h] [-d dir] -l [søkeuttrykk]\n"
+
+#: plugins/sudoers/sudoreplay.c:1617
+#, c-format
+msgid ""
+"%s - replay sudo session logs\n"
+"\n"
+msgstr ""
+"%s - spill av sudo-øktlogg\n"
+"\n"
+
+#: plugins/sudoers/sudoreplay.c:1619
+msgid ""
+"\n"
+"Options:\n"
+"  -d, --directory=dir  specify directory for session logs\n"
+"  -f, --filter=filter  specify which I/O type(s) to display\n"
+"  -h, --help           display help message and exit\n"
+"  -l, --list           list available session IDs, with optional expression\n"
+"  -m, --max-wait=num   max number of seconds to wait between events\n"
+"  -S, --suspend-wait   wait while the command was suspended\n"
+"  -s, --speed=num      speed up or slow down output\n"
+"  -V, --version        display version information and exit"
+msgstr ""
+"\n"
+"Valg:\n"
+"  -d, --directory=dir  velg øktlogg-mappe\n"
+"  -f, --filter=filter  velg hvilke(n) inn- og utdatatype(r) som skal vises\n"
+"  -h, --help           vis hjelpetekst og avslutt\n"
+"  -l, --list           vis tilgjengelige ID-er, med valgfritt uttrykk\n"
+"  -m, --max-wait=num   maskimal ventetid mellom hendelser (i sekunder)\n"
+"  -S, --suspend-wait   vent mens kommando er på pause\n"
+"  -s, --speed=num      øk eller senk utskriftshastigheten\n"
+"  -V, --version        vis versjon og avslutt"
+
+#: plugins/sudoers/testsudoers.c:360
+msgid "\thost  unmatched"
+msgstr "\tvert  samsvarer ikke"
+
+#: plugins/sudoers/testsudoers.c:363
+msgid ""
+"\n"
+"Command allowed"
+msgstr ""
+"\n"
+"Kommando tillatt"
+
+#: plugins/sudoers/testsudoers.c:364
+msgid ""
+"\n"
+"Command denied"
+msgstr ""
+"\n"
+"Kommandoen tillates ikke"
+
+#: plugins/sudoers/testsudoers.c:364
+msgid ""
+"\n"
+"Command unmatched"
+msgstr ""
+"\n"
+"Kommandoen samsvarer ikke"
+
+#: plugins/sudoers/timestamp.c:265
+#, c-format
+msgid "%s is group writable"
+msgstr "%s kan overskrives av gruppa den tilhører"
+
+#: plugins/sudoers/timestamp.c:341
+#, c-format
+msgid "unable to truncate time stamp file to %lld bytes"
+msgstr "klarte ikke å korte ned tidsstempel-fil til %lld byte"
+
+#: plugins/sudoers/timestamp.c:827 plugins/sudoers/timestamp.c:919
+#: plugins/sudoers/visudo.c:482 plugins/sudoers/visudo.c:488
+msgid "unable to read the clock"
+msgstr "klarte ikke å lese klokka"
+
+#: plugins/sudoers/timestamp.c:838
+msgid "ignoring time stamp from the future"
+msgstr "tidsstempel for fremtidig tidspunkt blir ignorert"
+
+#: plugins/sudoers/timestamp.c:861
+#, c-format
+msgid "time stamp too far in the future: %20.20s"
+msgstr "tidsstempelet er for langt inn i fremtiden: %20.20s"
+
+#: plugins/sudoers/timestamp.c:983
+#, c-format
+msgid "unable to lock time stamp file %s"
+msgstr "klarte ikke å låse tidsstempel-fil %s"
+
+#: plugins/sudoers/timestamp.c:1027 plugins/sudoers/timestamp.c:1047
+#, c-format
+msgid "lecture status path too long: %s/%s"
+msgstr "filsti for moralpreken-status («%s/%s») er for lang"
+
+#: plugins/sudoers/visudo.c:216
+msgid "the -x option will be removed in a future release"
+msgstr "valget «-x» blir fjernet i en fremtidig versjon"
+
+#: plugins/sudoers/visudo.c:217
+msgid "please consider using the cvtsudoers utility instead"
+msgstr "bruk verktøyet cvtsudoers i stedet"
+
+#: plugins/sudoers/visudo.c:268 plugins/sudoers/visudo.c:650
+#, c-format
+msgid "press return to edit %s: "
+msgstr "trykk linjeskift for å redigere %s: "
+
+#: plugins/sudoers/visudo.c:329
+#, c-format
+msgid "specified editor (%s) doesn't exist"
+msgstr "finner ikke valgt redigeringsprogram (%s)"
+
+#: plugins/sudoers/visudo.c:331
+#, c-format
+msgid "no editor found (editor path = %s)"
+msgstr "fant ingen redigeringsprogram («editor»-sti = %s)"
+
+#: plugins/sudoers/visudo.c:441 plugins/sudoers/visudo.c:449
+msgid "write error"
+msgstr "skrivefeil"
+
+#: plugins/sudoers/visudo.c:495
+#, c-format
+msgid "unable to stat temporary file (%s), %s unchanged"
+msgstr "klarte ikke å undersøke midlertidig fil (%s). %s er ikke endret"
+
+#: plugins/sudoers/visudo.c:502
+#, c-format
+msgid "zero length temporary file (%s), %s unchanged"
+msgstr "midlertidig fil (%s) er tom. %s er ikke endret"
+
+#: plugins/sudoers/visudo.c:508
+#, c-format
+msgid "editor (%s) failed, %s unchanged"
+msgstr "noe gikk galt med behandleren (%s). %s er ikke endret"
+
+#: plugins/sudoers/visudo.c:530
+#, c-format
+msgid "%s unchanged"
+msgstr "%s er ikke endret"
+
+#: plugins/sudoers/visudo.c:589
+#, c-format
+msgid "unable to re-open temporary file (%s), %s unchanged."
+msgstr "klarte ikke å åpne midlertidig fil (%s) på nytt. %s er ikke endret"
+
+#: plugins/sudoers/visudo.c:601
+#, c-format
+msgid "unabled to parse temporary file (%s), unknown error"
+msgstr "klarte ikke å tolke midlertidig fil (%s). Ukjent feil"
+
+#: plugins/sudoers/visudo.c:639
+#, c-format
+msgid "internal error, unable to find %s in list!"
+msgstr "intern feil: fant ikke %s i lista!"
+
+#: plugins/sudoers/visudo.c:719 plugins/sudoers/visudo.c:728
+#, c-format
+msgid "unable to set (uid, gid) of %s to (%u, %u)"
+msgstr "klarte ikke å endre uid og gid for %s til (%u, %u)"
+
+#: plugins/sudoers/visudo.c:751
+#, c-format
+msgid "%s and %s not on the same file system, using mv to rename"
+msgstr "%s og %s er ikke på samme filsystem. Bruker «mv» til å gi nye navn"
+
+#: plugins/sudoers/visudo.c:765
+#, c-format
+msgid "command failed: '%s %s %s', %s unchanged"
+msgstr "kommando mislyktes. «%s %s %s». %s er ikke endret"
+
+#: plugins/sudoers/visudo.c:775
+#, c-format
+msgid "error renaming %s, %s unchanged"
+msgstr "klarte ikke å gi %s nytt navn. %s er ikke endret"
+
+#: plugins/sudoers/visudo.c:796
+msgid "What now? "
+msgstr "Hva nå? "
+
+#: plugins/sudoers/visudo.c:810
+msgid ""
+"Options are:\n"
+"  (e)dit sudoers file again\n"
+"  e(x)it without saving changes to sudoers file\n"
+"  (Q)uit and save changes to sudoers file (DANGER!)\n"
+msgstr ""
+"Du har følgende valgmuligheter:\n"
+"  (e) rediger sudoers-fil på nytt\n"
+"  (x) avslutt uten å lagre endringer i sudoers-fil\n"
+"  (Q) avslutt og lagre endringene i sudoers-fil (FARLIG!)\n"
+
+#: plugins/sudoers/visudo.c:856
+#, c-format
+msgid "unable to run %s"
+msgstr "klarte ikke å kjøre %s"
+
+#: plugins/sudoers/visudo.c:886
+#, c-format
+msgid "%s: wrong owner (uid, gid) should be (%u, %u)\n"
+msgstr "%s: feil eier. uid og gid skulle vært «%u, %u»\n"
+
+#: plugins/sudoers/visudo.c:893
+#, c-format
+msgid "%s: bad permissions, should be mode 0%o\n"
+msgstr "%s: feil tillatelsesmodus. Skulle vært modus 0%o\n"
+
+#: plugins/sudoers/visudo.c:950 plugins/sudoers/visudo.c:957
+#, c-format
+msgid "%s: parsed OK\n"
+msgstr "%s: lest og tolket OK\n"
+
+#: plugins/sudoers/visudo.c:976
+#, c-format
+msgid "%s busy, try again later"
+msgstr "%s er opptatt. Prøv igjen senere"
+
+#: plugins/sudoers/visudo.c:979
+#, c-format
+msgid "unable to lock %s"
+msgstr "klarte ikke å låse %s"
+
+#: plugins/sudoers/visudo.c:980
+msgid "Edit anyway? [y/N]"
+msgstr "Vil du redigere likevel [j/N]"
+
+#: plugins/sudoers/visudo.c:1064
+#, c-format
+msgid "Error: %s:%d cycle in %s \"%s\""
+msgstr "Feil: %s:%d sløyfe i %s «%s»"
+
+#: plugins/sudoers/visudo.c:1065
+#, c-format
+msgid "Warning: %s:%d cycle in %s \"%s\""
+msgstr "Advarsel: %s:%d sløyfe i %s «%s»"
+
+#: plugins/sudoers/visudo.c:1069
+#, c-format
+msgid "Error: %s:%d %s \"%s\" referenced but not defined"
+msgstr "Feil: %s:%d referanse til %s «%s», som ikke er definert"
+
+#: plugins/sudoers/visudo.c:1070
+#, c-format
+msgid "Warning: %s:%d %s \"%s\" referenced but not defined"
+msgstr "Advarsel: %s:%d referanse til %s «%s», som ikke er definert"
+
+#: plugins/sudoers/visudo.c:1161
+#, c-format
+msgid "Warning: %s:%d unused %s \"%s\""
+msgstr "Advarsel: %s:%d %s «%s» står ubrukt"
+
+#: plugins/sudoers/visudo.c:1276
+#, c-format
+msgid ""
+"%s - safely edit the sudoers file\n"
+"\n"
+msgstr ""
+"%s - rediger sudoers-fil på en trygg måte\n"
+"\n"
+
+#: plugins/sudoers/visudo.c:1278
+msgid ""
+"\n"
+"Options:\n"
+"  -c, --check              check-only mode\n"
+"  -f, --file=sudoers       specify sudoers file location\n"
+"  -h, --help               display help message and exit\n"
+"  -q, --quiet              less verbose (quiet) syntax error messages\n"
+"  -s, --strict             strict syntax checking\n"
+"  -V, --version            display version information and exit\n"
+msgstr ""
+"\n"
+"Valg:\n"
+"  -c, --check       undersøkelsesmodus\n"
+"  -f, --file=sudoers   oppgi hvor sudoers-fila ligger\n"
+"  -h, --help        vis denne hjelpeteksten og avslutt\n"
+"  -q, --quiet       mindre detaljerte meldinger om syntaksfeil\n"
+"  -s, --strict      streng syntakskontroll\n"
+"  -V, --version     vis versjon og avslutt\n"
+
+#: toke.l:939
+msgid "too many levels of includes"
+msgstr "du har for mange nivåer av inkluderte filer"
+
+#~ msgid ""
+#~ "\n"
+#~ "LDAP Role: UNKNOWN\n"
+#~ msgstr ""
+#~ "\n"
+#~ "LDAP-role: UKJENT\n"
+
+#~ msgid "    Order: %s\n"
+#~ msgstr "    Sorter: %s\n"
+
+#~ msgid ""
+#~ "\n"
+#~ "SSSD Role: %s\n"
+#~ msgstr ""
+#~ "\n"
+#~ "SSSD-rolle: %s\n"
+
+#~ msgid ""
+#~ "\n"
+#~ "SSSD Role: UNKNOWN\n"
+#~ msgstr ""
+#~ "\n"
+#~ "SSSD-rolle: UKJENT\n"
+
+#~ msgid "Warning: cycle in %s `%s'"
+#~ msgstr "Advarsel: sløyfe i %s «%s»"
+
+#~ msgid "Warning: %s `%s' referenced but not defined"
+#~ msgstr "Advarsel: det refereres til %s «%s», som ikke er definert"
+
+#~ msgid "Warning: unused %s `%s'"
+#~ msgstr "Advarsel: %s «%s» er ubrukt"
+
+#~ msgid "unable allocate memory"
+#~ msgstr "klarte ikke å tildele minne"
+
+#~ msgid "timestamp path too long: %s/%s"
+#~ msgstr "filstien «%s/%s» for tidsstempel er for lang"
+
+#~ msgid "unable to stat editor (%s)"
+#~ msgstr "klarte ikke å undersøke redigeringsprogrammet (%s)"
+
+#~ msgid "sudo_ldap_conf_add_ports: out of space expanding hostbuf"
+#~ msgstr "sudo_ldap_conf_add_ports: ikke nok lagringsplass for å utvide vertens hurtiglager"
+
+#~ msgid "sudo_ldap_parse_uri: out of space building hostbuf"
+#~ msgstr "sudo_ldap_parse_uri: ikke nok lagringsplass til å bygge opp vertens hurtiglager"
+
+#~ msgid "sudo_ldap_build_pass1 allocation mismatch"
+#~ msgstr "sudo_ldap_build_pass1 samsvar ikke ved tildeling"
+
+#~ msgid "internal error: insufficient space for log line"
+#~ msgstr "intern feil: logglinje mangler plass"
+
+#~ msgid "fill_args: buffer overflow"
+#~ msgstr "fill_args: hurtiglageret er fullt"
diff --git a/plugins/sudoers/po/nl.mo b/plugins/sudoers/po/nl.mo
new file mode 100644
index 0000000..c40147a
--- /dev/null
+++ b/plugins/sudoers/po/nl.mo
diff --git a/plugins/sudoers/po/nl.po b/plugins/sudoers/po/nl.po
new file mode 100644
index 0000000..3ea66a0
--- /dev/null
+++ b/plugins/sudoers/po/nl.po
@@ -0,0 +1,2282 @@
+# Dutch translation for sudoers.
+# This file is distributed under the same license as the sudo package.
+# P. Hamming <peterhamming@gmail.com>, 2013.
+# Benno Schulenberg <vertaling@coevern.nl>, 2017.
+#
+msgid ""
+msgstr ""
+"Project-Id-Version: sudoers 1.8.22b1\n"
+"Report-Msgid-Bugs-To: https://bugzilla.sudo.ws\n"
+"POT-Creation-Date: 2017-12-01 15:42-0700\n"
+"PO-Revision-Date: 2017-12-05 21:44+0100\n"
+"Last-Translator: Benno Schulenberg <vertaling@coevern.nl>\n"
+"Language-Team: Dutch <vertaling@vrijschrift.org>\n"
+"Language: nl\n"
+"MIME-Version: 1.0\n"
+"Content-Type: text/plain; charset=UTF-8\n"
+"Content-Transfer-Encoding: 8bit\n"
+"X-Bugs: Report translation errors to the Language-Team address.\n"
+"Plural-Forms: nplurals=2; plural=n != 1;\n"
+"X-Generator: Poedit 2.0.4\n"
+
+#: confstr.sh:1
+msgid "syntax error"
+msgstr "invoerfout"
+
+#: confstr.sh:2
+msgid "%p's password: "
+msgstr "%p's wachtwoord: "
+
+#: confstr.sh:3
+msgid "[sudo] password for %p: "
+msgstr "[sudo] wachtwoord voor %p: "
+
+#: confstr.sh:4
+msgid "Password: "
+msgstr "Wachtwoord: "
+
+#: confstr.sh:5
+msgid "*** SECURITY information for %h ***"
+msgstr "*** VEILIGHEIDSinformatie voor %h ***"
+
+#: confstr.sh:6
+msgid "Sorry, try again."
+msgstr "Sorry, probeer het opnieuw."
+
+#: gram.y:192 gram.y:240 gram.y:247 gram.y:254 gram.y:261 gram.y:268
+#: gram.y:284 gram.y:307 gram.y:314 gram.y:321 gram.y:328 gram.y:335
+#: gram.y:398 gram.y:406 gram.y:416 gram.y:449 gram.y:456 gram.y:463
+#: gram.y:470 gram.y:552 gram.y:559 gram.y:568 gram.y:577 gram.y:594
+#: gram.y:706 gram.y:713 gram.y:720 gram.y:728 gram.y:824 gram.y:831
+#: gram.y:838 gram.y:845 gram.y:852 gram.y:878 gram.y:885 gram.y:892
+#: gram.y:1015 gram.y:1195 gram.y:1202 plugins/sudoers/alias.c:124
+#: plugins/sudoers/alias.c:139 plugins/sudoers/auth/bsdauth.c:141
+#: plugins/sudoers/auth/kerb5.c:119 plugins/sudoers/auth/kerb5.c:145
+#: plugins/sudoers/auth/pam.c:490 plugins/sudoers/auth/rfc1938.c:109
+#: plugins/sudoers/auth/sia.c:59 plugins/sudoers/defaults.c:650
+#: plugins/sudoers/defaults.c:905 plugins/sudoers/defaults.c:1076
+#: plugins/sudoers/editor.c:64 plugins/sudoers/editor.c:82
+#: plugins/sudoers/editor.c:93 plugins/sudoers/env.c:233
+#: plugins/sudoers/filedigest.c:120 plugins/sudoers/filedigest_gcrypt.c:90
+#: plugins/sudoers/filedigest_openssl.c:111 plugins/sudoers/gc.c:52
+#: plugins/sudoers/group_plugin.c:134 plugins/sudoers/interfaces.c:71
+#: plugins/sudoers/iolog.c:941 plugins/sudoers/iolog_path.c:167
+#: plugins/sudoers/ldap.c:449 plugins/sudoers/ldap.c:480
+#: plugins/sudoers/ldap.c:532 plugins/sudoers/ldap.c:566
+#: plugins/sudoers/ldap.c:974 plugins/sudoers/ldap.c:1168
+#: plugins/sudoers/ldap.c:1179 plugins/sudoers/ldap.c:1195
+#: plugins/sudoers/ldap.c:1487 plugins/sudoers/ldap.c:1647
+#: plugins/sudoers/ldap.c:1729 plugins/sudoers/ldap.c:1877
+#: plugins/sudoers/ldap.c:1901 plugins/sudoers/ldap.c:1990
+#: plugins/sudoers/ldap.c:2005 plugins/sudoers/ldap.c:2101
+#: plugins/sudoers/ldap.c:2134 plugins/sudoers/ldap.c:2215
+#: plugins/sudoers/ldap.c:2297 plugins/sudoers/ldap.c:2394
+#: plugins/sudoers/ldap.c:3228 plugins/sudoers/ldap.c:3260
+#: plugins/sudoers/ldap.c:3572 plugins/sudoers/ldap.c:3600
+#: plugins/sudoers/ldap.c:3616 plugins/sudoers/ldap.c:3706
+#: plugins/sudoers/ldap.c:3722 plugins/sudoers/linux_audit.c:76
+#: plugins/sudoers/logging.c:189 plugins/sudoers/logging.c:451
+#: plugins/sudoers/logging.c:472 plugins/sudoers/logging.c:684
+#: plugins/sudoers/logging.c:942 plugins/sudoers/match.c:617
+#: plugins/sudoers/match.c:664 plugins/sudoers/match.c:714
+#: plugins/sudoers/match.c:738 plugins/sudoers/match.c:826
+#: plugins/sudoers/match.c:915 plugins/sudoers/parse.c:252
+#: plugins/sudoers/parse.c:264 plugins/sudoers/parse.c:279
+#: plugins/sudoers/parse.c:291 plugins/sudoers/policy.c:441
+#: plugins/sudoers/policy.c:678 plugins/sudoers/prompt.c:93
+#: plugins/sudoers/pwutil.c:165 plugins/sudoers/pwutil.c:236
+#: plugins/sudoers/pwutil.c:312 plugins/sudoers/pwutil.c:486
+#: plugins/sudoers/pwutil.c:551 plugins/sudoers/pwutil.c:620
+#: plugins/sudoers/pwutil.c:778 plugins/sudoers/pwutil.c:835
+#: plugins/sudoers/pwutil.c:880 plugins/sudoers/pwutil.c:938
+#: plugins/sudoers/sssd.c:162 plugins/sudoers/sssd.c:194
+#: plugins/sudoers/sssd.c:237 plugins/sudoers/sssd.c:244
+#: plugins/sudoers/sssd.c:280 plugins/sudoers/sssd.c:353
+#: plugins/sudoers/sssd.c:392 plugins/sudoers/sssd.c:1067
+#: plugins/sudoers/sssd.c:1246 plugins/sudoers/sssd.c:1260
+#: plugins/sudoers/sssd.c:1276 plugins/sudoers/sudoers.c:263
+#: plugins/sudoers/sudoers.c:273 plugins/sudoers/sudoers.c:281
+#: plugins/sudoers/sudoers.c:365 plugins/sudoers/sudoers.c:682
+#: plugins/sudoers/sudoers.c:807 plugins/sudoers/sudoers.c:851
+#: plugins/sudoers/sudoers.c:1123 plugins/sudoers/sudoers_debug.c:107
+#: plugins/sudoers/sudoreplay.c:1253 plugins/sudoers/sudoreplay.c:1365
+#: plugins/sudoers/sudoreplay.c:1405 plugins/sudoers/sudoreplay.c:1414
+#: plugins/sudoers/sudoreplay.c:1424 plugins/sudoers/sudoreplay.c:1432
+#: plugins/sudoers/sudoreplay.c:1436 plugins/sudoers/sudoreplay.c:1592
+#: plugins/sudoers/sudoreplay.c:1596 plugins/sudoers/testsudoers.c:131
+#: plugins/sudoers/testsudoers.c:217 plugins/sudoers/testsudoers.c:234
+#: plugins/sudoers/timestamp.c:389 plugins/sudoers/timestamp.c:433
+#: plugins/sudoers/timestamp.c:852 plugins/sudoers/toke_util.c:56
+#: plugins/sudoers/toke_util.c:109 plugins/sudoers/toke_util.c:146
+#: plugins/sudoers/visudo.c:153 plugins/sudoers/visudo.c:309
+#: plugins/sudoers/visudo.c:315 plugins/sudoers/visudo.c:446
+#: plugins/sudoers/visudo.c:624 plugins/sudoers/visudo.c:985
+#: plugins/sudoers/visudo.c:1051 plugins/sudoers/visudo.c:1095
+#: plugins/sudoers/visudo.c:1197 plugins/sudoers/visudo_json.c:1025 toke.l:849
+#: toke.l:949 toke.l:1106
+msgid "unable to allocate memory"
+msgstr "kan geen geheugen reserveren"
+
+#: gram.y:481
+msgid "a digest requires a path name"
+msgstr "een digest vereist een padnaam"
+
+#: gram.y:607
+msgid "invalid notbefore value"
+msgstr "ongeldige 'notbefore'-waarde"
+
+#: gram.y:615
+msgid "invalid notafter value"
+msgstr "ongeldige 'notafter'-waarde"
+
+#: gram.y:624 plugins/sudoers/policy.c:267
+msgid "timeout value too large"
+msgstr ""
+
+#: gram.y:626 plugins/sudoers/policy.c:269
+msgid "invalid timeout value"
+msgstr ""
+
+#: gram.y:1195 gram.y:1202 plugins/sudoers/auth/pam.c:320
+#: plugins/sudoers/auth/pam.c:490 plugins/sudoers/auth/rfc1938.c:109
+#: plugins/sudoers/defaults.c:650 plugins/sudoers/defaults.c:905
+#: plugins/sudoers/defaults.c:1076 plugins/sudoers/editor.c:64
+#: plugins/sudoers/editor.c:82 plugins/sudoers/editor.c:93
+#: plugins/sudoers/env.c:233 plugins/sudoers/filedigest.c:120
+#: plugins/sudoers/filedigest_gcrypt.c:72
+#: plugins/sudoers/filedigest_gcrypt.c:90
+#: plugins/sudoers/filedigest_openssl.c:111 plugins/sudoers/gc.c:52
+#: plugins/sudoers/group_plugin.c:134 plugins/sudoers/interfaces.c:71
+#: plugins/sudoers/iolog.c:941 plugins/sudoers/iolog_path.c:167
+#: plugins/sudoers/ldap.c:449 plugins/sudoers/ldap.c:480
+#: plugins/sudoers/ldap.c:532 plugins/sudoers/ldap.c:566
+#: plugins/sudoers/ldap.c:974 plugins/sudoers/ldap.c:1168
+#: plugins/sudoers/ldap.c:1179 plugins/sudoers/ldap.c:1195
+#: plugins/sudoers/ldap.c:1487 plugins/sudoers/ldap.c:1647
+#: plugins/sudoers/ldap.c:1729 plugins/sudoers/ldap.c:1877
+#: plugins/sudoers/ldap.c:1901 plugins/sudoers/ldap.c:1990
+#: plugins/sudoers/ldap.c:2005 plugins/sudoers/ldap.c:2101
+#: plugins/sudoers/ldap.c:2134 plugins/sudoers/ldap.c:2214
+#: plugins/sudoers/ldap.c:2297 plugins/sudoers/ldap.c:2394
+#: plugins/sudoers/ldap.c:3228 plugins/sudoers/ldap.c:3260
+#: plugins/sudoers/ldap.c:3572 plugins/sudoers/ldap.c:3599
+#: plugins/sudoers/ldap.c:3615 plugins/sudoers/ldap.c:3706
+#: plugins/sudoers/ldap.c:3722 plugins/sudoers/linux_audit.c:76
+#: plugins/sudoers/logging.c:189 plugins/sudoers/logging.c:451
+#: plugins/sudoers/logging.c:472 plugins/sudoers/logging.c:942
+#: plugins/sudoers/match.c:616 plugins/sudoers/match.c:663
+#: plugins/sudoers/match.c:714 plugins/sudoers/match.c:738
+#: plugins/sudoers/match.c:826 plugins/sudoers/match.c:914
+#: plugins/sudoers/parse.c:252 plugins/sudoers/parse.c:264
+#: plugins/sudoers/parse.c:279 plugins/sudoers/parse.c:291
+#: plugins/sudoers/policy.c:100 plugins/sudoers/policy.c:109
+#: plugins/sudoers/policy.c:118 plugins/sudoers/policy.c:142
+#: plugins/sudoers/policy.c:253 plugins/sudoers/policy.c:267
+#: plugins/sudoers/policy.c:269 plugins/sudoers/policy.c:293
+#: plugins/sudoers/policy.c:303 plugins/sudoers/policy.c:343
+#: plugins/sudoers/policy.c:353 plugins/sudoers/policy.c:362
+#: plugins/sudoers/policy.c:371 plugins/sudoers/policy.c:441
+#: plugins/sudoers/policy.c:678 plugins/sudoers/prompt.c:93
+#: plugins/sudoers/pwutil.c:165 plugins/sudoers/pwutil.c:236
+#: plugins/sudoers/pwutil.c:312 plugins/sudoers/pwutil.c:486
+#: plugins/sudoers/pwutil.c:551 plugins/sudoers/pwutil.c:620
+#: plugins/sudoers/pwutil.c:778 plugins/sudoers/pwutil.c:835
+#: plugins/sudoers/pwutil.c:880 plugins/sudoers/pwutil.c:938
+#: plugins/sudoers/set_perms.c:387 plugins/sudoers/set_perms.c:766
+#: plugins/sudoers/set_perms.c:1150 plugins/sudoers/set_perms.c:1476
+#: plugins/sudoers/set_perms.c:1641 plugins/sudoers/sssd.c:162
+#: plugins/sudoers/sssd.c:194 plugins/sudoers/sssd.c:237
+#: plugins/sudoers/sssd.c:244 plugins/sudoers/sssd.c:280
+#: plugins/sudoers/sssd.c:352 plugins/sudoers/sssd.c:392
+#: plugins/sudoers/sssd.c:1067 plugins/sudoers/sssd.c:1245
+#: plugins/sudoers/sssd.c:1260 plugins/sudoers/sssd.c:1276
+#: plugins/sudoers/sudoers.c:263 plugins/sudoers/sudoers.c:273
+#: plugins/sudoers/sudoers.c:281 plugins/sudoers/sudoers.c:365
+#: plugins/sudoers/sudoers.c:682 plugins/sudoers/sudoers.c:807
+#: plugins/sudoers/sudoers.c:851 plugins/sudoers/sudoers.c:1123
+#: plugins/sudoers/sudoers_debug.c:106 plugins/sudoers/sudoreplay.c:1253
+#: plugins/sudoers/sudoreplay.c:1365 plugins/sudoers/sudoreplay.c:1405
+#: plugins/sudoers/sudoreplay.c:1414 plugins/sudoers/sudoreplay.c:1424
+#: plugins/sudoers/sudoreplay.c:1432 plugins/sudoers/sudoreplay.c:1436
+#: plugins/sudoers/sudoreplay.c:1592 plugins/sudoers/sudoreplay.c:1596
+#: plugins/sudoers/testsudoers.c:131 plugins/sudoers/testsudoers.c:217
+#: plugins/sudoers/testsudoers.c:234 plugins/sudoers/timestamp.c:389
+#: plugins/sudoers/timestamp.c:433 plugins/sudoers/timestamp.c:852
+#: plugins/sudoers/toke_util.c:56 plugins/sudoers/toke_util.c:109
+#: plugins/sudoers/toke_util.c:146 plugins/sudoers/visudo.c:153
+#: plugins/sudoers/visudo.c:309 plugins/sudoers/visudo.c:315
+#: plugins/sudoers/visudo.c:446 plugins/sudoers/visudo.c:624
+#: plugins/sudoers/visudo.c:985 plugins/sudoers/visudo.c:1051
+#: plugins/sudoers/visudo.c:1095 plugins/sudoers/visudo.c:1197
+#: plugins/sudoers/visudo_json.c:1025 toke.l:849 toke.l:949 toke.l:1106
+#, c-format
+msgid "%s: %s"
+msgstr "%s: %s"
+
+#: plugins/sudoers/alias.c:135
+#, c-format
+msgid "Alias \"%s\" already defined"
+msgstr "Alias \"%s\" is al gedefinieerd"
+
+#: plugins/sudoers/auth/bsdauth.c:68
+#, c-format
+msgid "unable to get login class for user %s"
+msgstr "kan de loginklasse voor gebruiker %s niet verkrijgen"
+
+#: plugins/sudoers/auth/bsdauth.c:73
+msgid "unable to begin bsd authentication"
+msgstr "kan de bsd-aanmelding niet starten"
+
+#: plugins/sudoers/auth/bsdauth.c:81
+msgid "invalid authentication type"
+msgstr "ongeldig type verificatie"
+
+#: plugins/sudoers/auth/bsdauth.c:90
+msgid "unable to initialize BSD authentication"
+msgstr "kan de bsd-aanmelding niet initialiseren"
+
+#: plugins/sudoers/auth/fwtk.c:52
+msgid "unable to read fwtk config"
+msgstr "kan fwtk-configuratie niet lezen"
+
+#: plugins/sudoers/auth/fwtk.c:57
+msgid "unable to connect to authentication server"
+msgstr "kan niet verbinden met aanmeldingsserver"
+
+#: plugins/sudoers/auth/fwtk.c:63 plugins/sudoers/auth/fwtk.c:87
+#: plugins/sudoers/auth/fwtk.c:121
+msgid "lost connection to authentication server"
+msgstr "verbinding met aanmeldingsserver verloren"
+
+#: plugins/sudoers/auth/fwtk.c:67
+#, c-format
+msgid ""
+"authentication server error:\n"
+"%s"
+msgstr ""
+"aanmeldingsserverfout:\n"
+"%s"
+
+#: plugins/sudoers/auth/kerb5.c:111
+#, fuzzy, c-format
+msgid "%s: unable to convert principal to string ('%s'): %s"
+msgstr "%s: kan opdrachtgever niet converteren naar een string ('%s'): %s"
+
+#: plugins/sudoers/auth/kerb5.c:161
+#, c-format
+msgid "%s: unable to parse '%s': %s"
+msgstr "%s: kan '%s' niet ontleden: %s"
+
+#: plugins/sudoers/auth/kerb5.c:170
+#, c-format
+msgid "%s: unable to resolve credential cache: %s"
+msgstr "%s: kan cache voor aanmeldingsgegevens niet vinden: %s"
+
+#: plugins/sudoers/auth/kerb5.c:217
+#, c-format
+msgid "%s: unable to allocate options: %s"
+msgstr "%s: kan opties niet reserveren: %s"
+
+#: plugins/sudoers/auth/kerb5.c:232
+#, c-format
+msgid "%s: unable to get credentials: %s"
+msgstr "%s: kan aanmeldingsgegevens niet verkrijgen: %s"
+
+#: plugins/sudoers/auth/kerb5.c:245
+#, c-format
+msgid "%s: unable to initialize credential cache: %s"
+msgstr "%s: kan cache voor aanmeldingsgegevens niet initialiseren: %s"
+
+#: plugins/sudoers/auth/kerb5.c:248
+#, c-format
+msgid "%s: unable to store credential in cache: %s"
+msgstr "%s: kan aanmeldingsgegeven niet opslaan in cache: %s"
+
+#: plugins/sudoers/auth/kerb5.c:312
+#, c-format
+msgid "%s: unable to get host principal: %s"
+msgstr "%s: kan belangrijkste server niet vinden: %s"
+
+#: plugins/sudoers/auth/kerb5.c:326
+#, c-format
+msgid "%s: Cannot verify TGT! Possible attack!: %s"
+msgstr "%s: Kan TGT niet verifieren! U bent mogelijk aangevallen!: %s"
+
+#: plugins/sudoers/auth/pam.c:108
+msgid "unable to initialize PAM"
+msgstr "kan PAM niet initialiseren"
+
+#: plugins/sudoers/auth/pam.c:194
+msgid "account validation failure, is your account locked?"
+msgstr "fout bij valideren van account, is uw account geblokkeerd?"
+
+#: plugins/sudoers/auth/pam.c:198
+msgid "Account or password is expired, reset your password and try again"
+msgstr "Account of wachtwoord is verlopen, stel uw wachtwoord opnieuw in en probeer het opnieuw"
+
+#: plugins/sudoers/auth/pam.c:206
+#, c-format
+msgid "unable to change expired password: %s"
+msgstr "kan verlopen wachtwoord niet wijzigen: %s"
+
+#: plugins/sudoers/auth/pam.c:211
+msgid "Password expired, contact your system administrator"
+msgstr "Wachtwoord is verlopen, neem contact op met uw systeembeheerder"
+
+#: plugins/sudoers/auth/pam.c:215
+msgid "Account expired or PAM config lacks an \"account\" section for sudo, contact your system administrator"
+msgstr "Account is verlopen of PAM-configuratie heeft geen \"account\"-gedeelte voor sudo, neem contact op met uw systeembeheerder"
+
+#: plugins/sudoers/auth/pam.c:229
+#, c-format
+msgid "PAM authentication error: %s"
+msgstr "fout in PAM-aanmelding: %s"
+
+#: plugins/sudoers/auth/rfc1938.c:97 plugins/sudoers/visudo.c:227
+#, c-format
+msgid "you do not exist in the %s database"
+msgstr "u bestaat niet in de %s-database"
+
+#: plugins/sudoers/auth/securid5.c:73
+msgid "failed to initialise the ACE API library"
+msgstr "initialiseren van de ACE API-bibliotheek is mislukt"
+
+#: plugins/sudoers/auth/securid5.c:99
+msgid "unable to contact the SecurID server"
+msgstr "kan geen contact krijgen met de SecurID-server"
+
+#: plugins/sudoers/auth/securid5.c:108
+msgid "User ID locked for SecurID Authentication"
+msgstr "Gebruikers-ID is geblokkeerd voor SecurID-verificatie"
+
+#: plugins/sudoers/auth/securid5.c:112 plugins/sudoers/auth/securid5.c:163
+msgid "invalid username length for SecurID"
+msgstr "ongeldige gebruikersnaamlengte voor SecurID"
+
+#: plugins/sudoers/auth/securid5.c:116 plugins/sudoers/auth/securid5.c:168
+msgid "invalid Authentication Handle for SecurID"
+msgstr "kan verificatie voor SecurID op deze manier niet afhandelen"
+
+#: plugins/sudoers/auth/securid5.c:120
+msgid "SecurID communication failed"
+msgstr "SecurID-communicatie is mislukt"
+
+#: plugins/sudoers/auth/securid5.c:124 plugins/sudoers/auth/securid5.c:213
+msgid "unknown SecurID error"
+msgstr "onbekende SecurID-fout"
+
+#: plugins/sudoers/auth/securid5.c:158
+msgid "invalid passcode length for SecurID"
+msgstr "ongeldige lengte van passcode voor SecurID"
+
+#: plugins/sudoers/auth/sia.c:69 plugins/sudoers/auth/sia.c:125
+msgid "unable to initialize SIA session"
+msgstr "kan SIA-sessie niet initialiseren"
+
+#: plugins/sudoers/auth/sudo_auth.c:126
+msgid "invalid authentication methods"
+msgstr "ongeldige verificatiemethoden"
+
+#: plugins/sudoers/auth/sudo_auth.c:128
+msgid "Invalid authentication methods compiled into sudo!  You may not mix standalone and non-standalone authentication."
+msgstr "Er zijn ongeldige verificatiemethoden in sudo gecompileerd!  U kunt geen zelfstandige en niet-zelfstandige verificatiemethoden door elkaar gebruiken."
+
+#: plugins/sudoers/auth/sudo_auth.c:224 plugins/sudoers/auth/sudo_auth.c:274
+msgid "no authentication methods"
+msgstr "geen verificatiemethoden"
+
+#: plugins/sudoers/auth/sudo_auth.c:226
+msgid "There are no authentication methods compiled into sudo!  If you want to turn off authentication, use the --disable-authentication configure option."
+msgstr "Er zijn geen verificatie-methoden in sudo gecompileerd!  Als u verificatie wilt uitschakelen, dient u de --disable-authentication configuratie-optie te gebruiken."
+
+#: plugins/sudoers/auth/sudo_auth.c:276
+msgid "Unable to initialize authentication methods."
+msgstr "Kon verificatiemethoden niet starten."
+
+#: plugins/sudoers/auth/sudo_auth.c:441
+msgid "Authentication methods:"
+msgstr "Verificatie-methoden:"
+
+#: plugins/sudoers/bsm_audit.c:120 plugins/sudoers/bsm_audit.c:211
+msgid "Could not determine audit condition"
+msgstr "Kan voorwaarden voor controle niet bepalen"
+
+#: plugins/sudoers/bsm_audit.c:183 plugins/sudoers/bsm_audit.c:273
+msgid "unable to commit audit record"
+msgstr "kan controlestructuur niet opbouwen"
+
+#: plugins/sudoers/check.c:259
+msgid ""
+"\n"
+"We trust you have received the usual lecture from the local System\n"
+"Administrator. It usually boils down to these three things:\n"
+"\n"
+"    #1) Respect the privacy of others.\n"
+"    #2) Think before you type.\n"
+"    #3) With great power comes great responsibility.\n"
+"\n"
+msgstr ""
+"\n"
+"Als het goed is hebt u de gebruikelijke informatie ontvangen van uw\n"
+"systeembeheerder. Gewoonlijk komt het neer op de volgende drie punten:\n"
+"\n"
+"    1. Respecteer de privacy van anderen.\n"
+"    2. Denk na voordat u iets doet.\n"
+"    3. Veel mogelijkheden betekent veel verantwoordelijkheid.\n"
+"\n"
+
+#: plugins/sudoers/check.c:302 plugins/sudoers/check.c:312
+#: plugins/sudoers/sudoers.c:725 plugins/sudoers/sudoers.c:770
+#, c-format
+msgid "unknown uid: %u"
+msgstr "onbekend gebruikersnummer: %u"
+
+#: plugins/sudoers/check.c:307 plugins/sudoers/iolog.c:260
+#: plugins/sudoers/policy.c:851 plugins/sudoers/sudoers.c:1162
+#: plugins/sudoers/testsudoers.c:208 plugins/sudoers/testsudoers.c:366
+#, c-format
+msgid "unknown user: %s"
+msgstr "onbekende gebruiker: %s"
+
+#: plugins/sudoers/def_data.c:41
+#, c-format
+msgid "Syslog facility if syslog is being used for logging: %s"
+msgstr "Syslog-voorziening als syslog wordt gebruikt voor loggen: %s"
+
+#: plugins/sudoers/def_data.c:45
+#, c-format
+msgid "Syslog priority to use when user authenticates successfully: %s"
+msgstr "Syslog-prioriteit wanneer aanmelden van gebruiker gelukt is: %s"
+
+#: plugins/sudoers/def_data.c:49
+#, c-format
+msgid "Syslog priority to use when user authenticates unsuccessfully: %s"
+msgstr "Syslog-prioriteit wanneer aanmelden van gebruiker niet gelukt is: %s"
+
+#: plugins/sudoers/def_data.c:53
+msgid "Put OTP prompt on its own line"
+msgstr "Geef OTP-prompt een eigen regel"
+
+#: plugins/sudoers/def_data.c:57
+msgid "Ignore '.' in $PATH"
+msgstr "Negeer '.' in $PATH"
+
+#: plugins/sudoers/def_data.c:61
+msgid "Always send mail when sudo is run"
+msgstr "Stuur altijd een mail wanneer sudo is gebruikt"
+
+#: plugins/sudoers/def_data.c:65
+msgid "Send mail if user authentication fails"
+msgstr "Stuur een mail wanneer aanmelden van gebruiker mislukt"
+
+#: plugins/sudoers/def_data.c:69
+msgid "Send mail if the user is not in sudoers"
+msgstr "Stuur een mail als de gebruiker niet in sudoers staat"
+
+#: plugins/sudoers/def_data.c:73
+msgid "Send mail if the user is not in sudoers for this host"
+msgstr "Stuur een mail als de gebruiker niet voor deze computer in sudoers staat"
+
+#: plugins/sudoers/def_data.c:77
+msgid "Send mail if the user is not allowed to run a command"
+msgstr "Stuur een mail als de gebruiker een opdracht niet mag gebruiken"
+
+#: plugins/sudoers/def_data.c:81
+msgid "Send mail if the user tries to run a command"
+msgstr "Stuur een mail als de gebruiker een opdracht probeert te gebruiken"
+
+#: plugins/sudoers/def_data.c:85
+msgid "Use a separate timestamp for each user/tty combo"
+msgstr "Gebruik een verschillende tijd voor elke gebruiker/terminal-combinatie"
+
+#: plugins/sudoers/def_data.c:89
+msgid "Lecture user the first time they run sudo"
+msgstr "Instrueer gebruikers de eerste keer dat ze sudo gebruiken"
+
+#: plugins/sudoers/def_data.c:93
+#, c-format
+msgid "File containing the sudo lecture: %s"
+msgstr "Bestand met de sudo-instructies: %s"
+
+#: plugins/sudoers/def_data.c:97
+msgid "Require users to authenticate by default"
+msgstr "Standaard is verificatie van gebruikers vereist"
+
+#: plugins/sudoers/def_data.c:101
+msgid "Root may run sudo"
+msgstr "Root mag sudo gebruiken"
+
+#: plugins/sudoers/def_data.c:105
+msgid "Log the hostname in the (non-syslog) log file"
+msgstr "Log de computernaam in het (niet-syslog) logbestand"
+
+#: plugins/sudoers/def_data.c:109
+msgid "Log the year in the (non-syslog) log file"
+msgstr "Log het jaar in het (niet-syslog) logbestand"
+
+#: plugins/sudoers/def_data.c:113
+msgid "If sudo is invoked with no arguments, start a shell"
+msgstr "Start een shell als sudo wordt aangeroepen zonder argumenten"
+
+#: plugins/sudoers/def_data.c:117
+msgid "Set $HOME to the target user when starting a shell with -s"
+msgstr "Stel $HOME in op de doelgebruiker wanneer een shell wordt gestart met -s"
+
+#: plugins/sudoers/def_data.c:121
+msgid "Always set $HOME to the target user's home directory"
+msgstr "$HOME altijd instellen op de persoonlijke map van de doelgebruiker"
+
+#: plugins/sudoers/def_data.c:125
+msgid "Allow some information gathering to give useful error messages"
+msgstr "Sta verzamelen van informatie toe om bruikbare foutberichten te geven"
+
+#: plugins/sudoers/def_data.c:129
+msgid "Require fully-qualified hostnames in the sudoers file"
+msgstr "Vereis volledig-gekwalificeerde computernamen (fqdn) in het sudoers-bestand"
+
+#: plugins/sudoers/def_data.c:133
+msgid "Insult the user when they enter an incorrect password"
+msgstr "Beledig de gebruiker wanneer ze een verkeerd wachtwoord invoeren"
+
+#: plugins/sudoers/def_data.c:137
+msgid "Only allow the user to run sudo if they have a tty"
+msgstr "Gebruiker alleen toestaan sudo te gebruiken wanneer deze een terminal heeft"
+
+#: plugins/sudoers/def_data.c:141
+msgid "Visudo will honor the EDITOR environment variable"
+msgstr "Visudo zal de EDITOR omgevingsvariabele in acht nemen"
+
+#: plugins/sudoers/def_data.c:145
+msgid "Prompt for root's password, not the users's"
+msgstr "Vraag naar wachtwoord van root, niet van de gebruiker"
+
+#: plugins/sudoers/def_data.c:149
+msgid "Prompt for the runas_default user's password, not the users's"
+msgstr "Vraag naar wachtwoord van runas_default gebruiker, niet van huidige gebruiker"
+
+#: plugins/sudoers/def_data.c:153
+msgid "Prompt for the target user's password, not the users's"
+msgstr "Vraag naar wachtwoord van doelgebruiker, niet van huidige gebruiker"
+
+#: plugins/sudoers/def_data.c:157
+msgid "Apply defaults in the target user's login class if there is one"
+msgstr "Pas de standaardinstellingen van de doelgebruikers inlogklasse toe wanneer deze bestaat"
+
+#: plugins/sudoers/def_data.c:161
+msgid "Set the LOGNAME and USER environment variables"
+msgstr "Stel de LOGNAME en USER omgevingsvariabelen in"
+
+#: plugins/sudoers/def_data.c:165
+msgid "Only set the effective uid to the target user, not the real uid"
+msgstr "Stel het effectieve gebruikersnummer van de doelgebuiker in, niet het werkelijke gebruikersnummer"
+
+#: plugins/sudoers/def_data.c:169
+msgid "Don't initialize the group vector to that of the target user"
+msgstr "De groepsvector niet initialiseren naar die van de doelgebruiker"
+
+#: plugins/sudoers/def_data.c:173
+#, c-format
+msgid "Length at which to wrap log file lines (0 for no wrap): %u"
+msgstr "Breek regels in logbestanden af op (0 voor niet afbreken): %u"
+
+#: plugins/sudoers/def_data.c:177
+#, c-format
+msgid "Authentication timestamp timeout: %.1f minutes"
+msgstr "Aanmeldtijd timeout: %.1f minuten"
+
+#: plugins/sudoers/def_data.c:181
+#, c-format
+msgid "Password prompt timeout: %.1f minutes"
+msgstr "Wachtwoordprompt timeout: %.1f minuten"
+
+#: plugins/sudoers/def_data.c:185
+#, c-format
+msgid "Number of tries to enter a password: %u"
+msgstr "Aantal pogingen om een wachtwoord in te voeren: %u"
+
+#: plugins/sudoers/def_data.c:189
+#, c-format
+msgid "Umask to use or 0777 to use user's: 0%o"
+msgstr "Te gebruiken umask of 0777 om die van gebruiker te gebruiken: 0%o"
+
+#: plugins/sudoers/def_data.c:193
+#, c-format
+msgid "Path to log file: %s"
+msgstr "Pad naar logbestand: %s"
+
+#: plugins/sudoers/def_data.c:197
+#, c-format
+msgid "Path to mail program: %s"
+msgstr "Pad naar mailprogramma: %s"
+
+#: plugins/sudoers/def_data.c:201
+#, c-format
+msgid "Flags for mail program: %s"
+msgstr "Opties voor mailprogramma: %s"
+
+#: plugins/sudoers/def_data.c:205
+#, c-format
+msgid "Address to send mail to: %s"
+msgstr "Adres waarnaar mail wordt verzonden: %s"
+
+#: plugins/sudoers/def_data.c:209
+#, c-format
+msgid "Address to send mail from: %s"
+msgstr "Afzenderadres: %s"
+
+#: plugins/sudoers/def_data.c:213
+#, c-format
+msgid "Subject line for mail messages: %s"
+msgstr "Onderwerp voor mails: %s"
+
+#: plugins/sudoers/def_data.c:217
+#, c-format
+msgid "Incorrect password message: %s"
+msgstr "Boodschap voor verkeerd wachtwoord: %s"
+
+#: plugins/sudoers/def_data.c:221
+#, fuzzy, c-format
+msgid "Path to lecture status dir: %s"
+msgstr "Pad naar aanmeld-tijdmap: %s"
+
+#: plugins/sudoers/def_data.c:225
+#, c-format
+msgid "Path to authentication timestamp dir: %s"
+msgstr "Pad naar aanmeld-tijdmap: %s"
+
+#: plugins/sudoers/def_data.c:229
+#, c-format
+msgid "Owner of the authentication timestamp dir: %s"
+msgstr "Eigenaar van aanmeld-tijdmap: %s"
+
+#: plugins/sudoers/def_data.c:233
+#, c-format
+msgid "Users in this group are exempt from password and PATH requirements: %s"
+msgstr "Gebruikers in deze groep zijn uitgezonderd van de wachtwoord- en PATH-vereisten: %s"
+
+#: plugins/sudoers/def_data.c:237
+#, c-format
+msgid "Default password prompt: %s"
+msgstr "Standaard wachtwoordprompt: %s"
+
+#: plugins/sudoers/def_data.c:241
+msgid "If set, passprompt will override system prompt in all cases."
+msgstr "Indien ingesteld, zal de wachtwoordprompt altijd de systeemprompt vervangen."
+
+#: plugins/sudoers/def_data.c:245
+#, c-format
+msgid "Default user to run commands as: %s"
+msgstr "Standaardgebruiker om opdrachten uit te voeren: %s"
+
+#: plugins/sudoers/def_data.c:249
+#, c-format
+msgid "Value to override user's $PATH with: %s"
+msgstr "Waarde waarmee $PATH van gebruiker wordt vervangen: %s"
+
+#: plugins/sudoers/def_data.c:253
+#, c-format
+msgid "Path to the editor for use by visudo: %s"
+msgstr "Pad naar de editor bij gebruik van visudo: %s"
+
+#: plugins/sudoers/def_data.c:257
+#, c-format
+msgid "When to require a password for 'list' pseudocommand: %s"
+msgstr "Wanneer een wachtwoord noodzakelijk is voor 'list'-pseudopdracht: %s"
+
+#: plugins/sudoers/def_data.c:261
+#, c-format
+msgid "When to require a password for 'verify' pseudocommand: %s"
+msgstr "Wanneer een wachtwoord noodzakelijk is voor 'verify'-pseudopdracht: %s"
+
+#: plugins/sudoers/def_data.c:265
+msgid "Preload the dummy exec functions contained in the sudo_noexec library"
+msgstr "Laadt vooraf de dummy uitvoerfuncties uit de sudo_noexec-bibliotheek"
+
+#: plugins/sudoers/def_data.c:269
+msgid "If LDAP directory is up, do we ignore local sudoers file"
+msgstr "Als de LDAP-map beschikbaar is, wordt het lokale sudoersbestand genegeerd?"
+
+#: plugins/sudoers/def_data.c:273
+#, c-format
+msgid "File descriptors >= %d will be closed before executing a command"
+msgstr "Bestandsdescriptors >= %d zullen worden gesloten vóór het uitvoeren van een opdracht"
+
+#: plugins/sudoers/def_data.c:277
+msgid "If set, users may override the value of `closefrom' with the -C option"
+msgstr "Indien ingesteld, mogen gebruikers de waarde van 'closefrom' vervangen met de optie -C"
+
+#: plugins/sudoers/def_data.c:281
+msgid "Allow users to set arbitrary environment variables"
+msgstr "Gebruikers toestaan willekeurige omgevingsvariabelen in te stellen"
+
+#: plugins/sudoers/def_data.c:285
+msgid "Reset the environment to a default set of variables"
+msgstr "Stel de omgevingsvariablen in op een standaard set"
+
+#: plugins/sudoers/def_data.c:289
+msgid "Environment variables to check for sanity:"
+msgstr "Op \"gezondheid\" te controleren omgevingsvariabelen:"
+
+#: plugins/sudoers/def_data.c:293
+msgid "Environment variables to remove:"
+msgstr "Te verwijderen omgevingsvariabelen:"
+
+#: plugins/sudoers/def_data.c:297
+msgid "Environment variables to preserve:"
+msgstr "Te behouden omgevingsvariabelen:"
+
+#: plugins/sudoers/def_data.c:301
+#, c-format
+msgid "SELinux role to use in the new security context: %s"
+msgstr "SELinux role om in de nieuwe beveiligingscontext te gebruiken: %s"
+
+#: plugins/sudoers/def_data.c:305
+#, c-format
+msgid "SELinux type to use in the new security context: %s"
+msgstr "SELinux type om in de nieuwe beveiligingscontext te gebruiken: %s"
+
+#: plugins/sudoers/def_data.c:309
+#, c-format
+msgid "Path to the sudo-specific environment file: %s"
+msgstr "Pad naar het omgevingsbestand voor sudo: %s"
+
+#: plugins/sudoers/def_data.c:313
+#, fuzzy, c-format
+msgid "Path to the restricted sudo-specific environment file: %s"
+msgstr "Pad naar het omgevingsbestand voor sudo: %s"
+
+#: plugins/sudoers/def_data.c:317
+#, c-format
+msgid "Locale to use while parsing sudoers: %s"
+msgstr "Te gebruiken taalregio bij ontleden van sudoers: %s"
+
+#: plugins/sudoers/def_data.c:321
+msgid "Allow sudo to prompt for a password even if it would be visible"
+msgstr "Sta sudo toe ook te vragen naar een wachtwoord wanneer dit zichtbaar zou worden"
+
+#: plugins/sudoers/def_data.c:325
+msgid "Provide visual feedback at the password prompt when there is user input"
+msgstr "Zorg voor zichtbare terugkoppeling op de wachtwoordprompt wanneer er gebruikersinvoer is"
+
+#: plugins/sudoers/def_data.c:329
+msgid "Use faster globbing that is less accurate but does not access the filesystem"
+msgstr "Gebruik snellere expansie van jokertekens. Dit is minder nauwkeurig, maar maakt geen gebruik van het bestandsysteem"
+
+#: plugins/sudoers/def_data.c:333
+msgid "The umask specified in sudoers will override the user's, even if it is more permissive"
+msgstr "De umask die is opgegeven in het sudoersbestand zal die van de gebruiker vervangen, ook wanneer deze meer toestaat"
+
+#: plugins/sudoers/def_data.c:337
+msgid "Log user's input for the command being run"
+msgstr "Log gebruikersinvoer voor de uitgevoerde opdracht"
+
+#: plugins/sudoers/def_data.c:341
+msgid "Log the output of the command being run"
+msgstr "Log uitvoer voor de uitgevoerde opdracht"
+
+#: plugins/sudoers/def_data.c:345
+msgid "Compress I/O logs using zlib"
+msgstr "Comprimeer in-/uitvoerlogs met zlib"
+
+#: plugins/sudoers/def_data.c:349
+msgid "Always run commands in a pseudo-tty"
+msgstr "Voer opdrachten altijd uit in een pseudo-terminal"
+
+#: plugins/sudoers/def_data.c:353
+#, c-format
+msgid "Plugin for non-Unix group support: %s"
+msgstr "Plugin voor ondersteuning van niet-Unixgroepen: %s"
+
+#: plugins/sudoers/def_data.c:357
+#, c-format
+msgid "Directory in which to store input/output logs: %s"
+msgstr "Map waarin in-/uitvoerlogs moeten worden opgeslagen: %s"
+
+#: plugins/sudoers/def_data.c:361
+#, c-format
+msgid "File in which to store the input/output log: %s"
+msgstr "Bestand waarin in-/uitvoerlogs moeten worden opgeslagen: %s"
+
+#: plugins/sudoers/def_data.c:365
+msgid "Add an entry to the utmp/utmpx file when allocating a pty"
+msgstr "Voeg een item toe aan het utmp/utmpx-bestand wanneer een virtuele terminal wordt gereserveerd"
+
+#: plugins/sudoers/def_data.c:369
+msgid "Set the user in utmp to the runas user, not the invoking user"
+msgstr "Stel in utmp de gebruiker in op de runas-gebruiker, niet op de aanroepende gebruiker"
+
+#: plugins/sudoers/def_data.c:373
+#, c-format
+msgid "Set of permitted privileges: %s"
+msgstr "Set van toegestane privileges: %s"
+
+#: plugins/sudoers/def_data.c:377
+#, c-format
+msgid "Set of limit privileges: %s"
+msgstr "Set van beperkende privileges: %s"
+
+#: plugins/sudoers/def_data.c:381
+msgid "Run commands on a pty in the background"
+msgstr "Draai opdrachten op een virtuele terminal op de achtergrond."
+
+#: plugins/sudoers/def_data.c:385
+#, c-format
+msgid "PAM service name to use: %s"
+msgstr "te gebruiken naam van PAM-service: %s"
+
+#: plugins/sudoers/def_data.c:389
+#, c-format
+msgid "PAM service name to use for login shells: %s"
+msgstr "te gebruiken naam van PAM-service voor inlog-shells: %s"
+
+#: plugins/sudoers/def_data.c:393
+msgid "Attempt to establish PAM credentials for the target user"
+msgstr "Probeer PAM-aanmeldgegevens voor doelgebruiker te verkrijgen"
+
+#: plugins/sudoers/def_data.c:397
+msgid "Create a new PAM session for the command to run in"
+msgstr "Maak een nieuwe PAM-sessie om de opdracht in uit te voeren"
+
+#: plugins/sudoers/def_data.c:401
+#, c-format
+msgid "Maximum I/O log sequence number: %u"
+msgstr "Maximaal in-/uitvoerlog volgnummer: %u"
+
+#: plugins/sudoers/def_data.c:405
+msgid "Enable sudoers netgroup support"
+msgstr "Ondersteuning voor sudoers-netgroup inschakelen"
+
+#: plugins/sudoers/def_data.c:409
+msgid "Check parent directories for writability when editing files with sudoedit"
+msgstr ""
+
+#: plugins/sudoers/def_data.c:413
+msgid "Follow symbolic links when editing files with sudoedit"
+msgstr ""
+
+#: plugins/sudoers/def_data.c:417
+msgid "Query the group plugin for unknown system groups"
+msgstr ""
+
+#: plugins/sudoers/def_data.c:421
+msgid "Match netgroups based on the entire tuple: user, host and domain"
+msgstr ""
+
+#: plugins/sudoers/def_data.c:425
+msgid "Allow commands to be run even if sudo cannot write to the audit log"
+msgstr ""
+
+#: plugins/sudoers/def_data.c:429
+msgid "Allow commands to be run even if sudo cannot write to the I/O log"
+msgstr ""
+
+#: plugins/sudoers/def_data.c:433
+msgid "Allow commands to be run even if sudo cannot write to the log file"
+msgstr ""
+
+#: plugins/sudoers/def_data.c:437
+msgid "Resolve groups in sudoers and match on the group ID, not the name"
+msgstr ""
+
+#: plugins/sudoers/def_data.c:441
+#, c-format
+msgid "Log entries larger than this value will be split into multiple syslog messages: %u"
+msgstr ""
+
+#: plugins/sudoers/def_data.c:445
+#, c-format
+msgid "User that will own the I/O log files: %s"
+msgstr ""
+
+#: plugins/sudoers/def_data.c:449
+#, c-format
+msgid "Group that will own the I/O log files: %s"
+msgstr ""
+
+#: plugins/sudoers/def_data.c:453
+#, c-format
+msgid "File mode to use for the I/O log files: 0%o"
+msgstr ""
+
+#: plugins/sudoers/def_data.c:457
+#, c-format
+msgid "Execute commands by file descriptor instead of by path: %s"
+msgstr ""
+
+#: plugins/sudoers/def_data.c:461
+msgid "Ignore unknown Defaults entries in sudoers instead of producing a warning"
+msgstr ""
+
+#: plugins/sudoers/def_data.c:465
+#, c-format
+msgid "Time in seconds after which the command will be terminated: %u"
+msgstr ""
+
+#: plugins/sudoers/def_data.c:469
+msgid "Allow the user to specify a timeout on the command line"
+msgstr ""
+
+#: plugins/sudoers/def_data.c:473
+msgid "Flush I/O log data to disk immediately instead of buffering it"
+msgstr ""
+
+#: plugins/sudoers/def_data.c:477
+msgid "Include the process ID when logging via syslog"
+msgstr ""
+
+#: plugins/sudoers/def_data.c:481
+#, fuzzy, c-format
+msgid "Type of authentication timestamp record: %s"
+msgstr "Eigenaar van aanmeld-tijdmap: %s"
+
+#: plugins/sudoers/defaults.c:220
+#, c-format
+msgid "%s:%d unknown defaults entry \"%s\""
+msgstr "%s:%d onbekend standaarditem \"%s\""
+
+#: plugins/sudoers/defaults.c:223
+#, c-format
+msgid "%s: unknown defaults entry \"%s\""
+msgstr "%s: onbekend standaarditem \"%s\""
+
+#: plugins/sudoers/defaults.c:266
+#, c-format
+msgid "%s:%d no value specified for \"%s\""
+msgstr "%s:%d geen waarde opgegeven voor \"%s\""
+
+#: plugins/sudoers/defaults.c:269
+#, c-format
+msgid "%s: no value specified for \"%s\""
+msgstr "%s: geen waarde opgegeven voor \"%s\""
+
+#: plugins/sudoers/defaults.c:289
+#, c-format
+msgid "%s:%d values for \"%s\" must start with a '/'"
+msgstr "%s:%d waarden voor \"%s\" moeten beginnen met een '/'"
+
+#: plugins/sudoers/defaults.c:292
+#, c-format
+msgid "%s: values for \"%s\" must start with a '/'"
+msgstr "%s: waarden voor \"%s\" moeten beginnen met een '/'"
+
+#: plugins/sudoers/defaults.c:317
+#, c-format
+msgid "%s:%d option \"%s\" does not take a value"
+msgstr "%s:%d optie '%s' accepteert geen waarde"
+
+#: plugins/sudoers/defaults.c:320
+#, c-format
+msgid "%s: option \"%s\" does not take a value"
+msgstr "%s: optie '%s' accepteert geen waarde"
+
+#: plugins/sudoers/defaults.c:342
+#, fuzzy, c-format
+msgid "%s:%d invalid Defaults type 0x%x for option \"%s\""
+msgstr "ongeldige filteroptie: %s"
+
+#: plugins/sudoers/defaults.c:345
+#, fuzzy, c-format
+msgid "%s: invalid Defaults type 0x%x for option \"%s\""
+msgstr "ongeldige filteroptie: %s"
+
+#: plugins/sudoers/defaults.c:355
+#, c-format
+msgid "%s:%d value \"%s\" is invalid for option \"%s\""
+msgstr "%s:%d waarde \"%s\" is ongeldig voor optie '%s'"
+
+#: plugins/sudoers/defaults.c:358
+#, c-format
+msgid "%s: value \"%s\" is invalid for option \"%s\""
+msgstr "%s: waarde \"%s\" is ongeldig voor optie '%s'"
+
+#: plugins/sudoers/env.c:295 plugins/sudoers/env.c:302
+#: plugins/sudoers/env.c:407 plugins/sudoers/ldap.c:453
+#: plugins/sudoers/ldap.c:543 plugins/sudoers/ldap.c:1264
+#: plugins/sudoers/ldap.c:1491 plugins/sudoers/ldap.c:1816
+#: plugins/sudoers/linux_audit.c:82 plugins/sudoers/logging.c:947
+#: plugins/sudoers/policy.c:562 plugins/sudoers/policy.c:572
+#: plugins/sudoers/prompt.c:161 plugins/sudoers/sudoers.c:873
+#: plugins/sudoers/testsudoers.c:238 plugins/sudoers/toke_util.c:158
+#, c-format
+msgid "internal error, %s overflow"
+msgstr "interne fout, %s overflow"
+
+#: plugins/sudoers/env.c:376
+msgid "sudo_putenv: corrupted envp, length mismatch"
+msgstr "sudo_putenv: envp bevat fouten, verkeerde lengte"
+
+#: plugins/sudoers/env.c:1055
+msgid "unable to rebuild the environment"
+msgstr "kan omgeving niet opnieuw opbouwen"
+
+#: plugins/sudoers/env.c:1129
+#, c-format
+msgid "sorry, you are not allowed to set the following environment variables: %s"
+msgstr "sorry, u mag de volgende omgevingsvariabelen niet instellen: %s"
+
+#: plugins/sudoers/filedigest.c:104 plugins/sudoers/filedigest_gcrypt.c:66
+#: plugins/sudoers/filedigest_openssl.c:95
+#, c-format
+msgid "unsupported digest type %d for %s"
+msgstr "niet-ondersteund type controlegetal %d voor %s"
+
+#: plugins/sudoers/filedigest.c:129 plugins/sudoers/filedigest_gcrypt.c:98
+#: plugins/sudoers/filedigest_openssl.c:120
+#, c-format
+msgid "%s: read error"
+msgstr "%s: leesfout"
+
+#: plugins/sudoers/group_plugin.c:86
+#, c-format
+msgid "%s must be owned by uid %d"
+msgstr "%s moet eigendom zijn van gebruikersnummer %d"
+
+#: plugins/sudoers/group_plugin.c:90
+#, c-format
+msgid "%s must only be writable by owner"
+msgstr "%s mag enkel schrijfbaar zijn voor eigenaar"
+
+#: plugins/sudoers/group_plugin.c:98 plugins/sudoers/sssd.c:400
+#, c-format
+msgid "unable to load %s: %s"
+msgstr "kan %s niet laden: %s"
+
+#: plugins/sudoers/group_plugin.c:104
+#, c-format
+msgid "unable to find symbol \"group_plugin\" in %s"
+msgstr "kan symbool \"group_plugin\" niet vinden in %s"
+
+#: plugins/sudoers/group_plugin.c:109
+#, c-format
+msgid "%s: incompatible group plugin major version %d, expected %d"
+msgstr "%s: incompatibele groepplugin hoofdversie %d, verwacht wordt %d"
+
+#: plugins/sudoers/interfaces.c:79 plugins/sudoers/interfaces.c:96
+#, c-format
+msgid "unable to parse IP address \"%s\""
+msgstr "kan IP-adres \"%s\" niet ontleden"
+
+#: plugins/sudoers/interfaces.c:84 plugins/sudoers/interfaces.c:101
+#, c-format
+msgid "unable to parse netmask \"%s\""
+msgstr "kan netmasker \"%s\" niet ontleden"
+
+#: plugins/sudoers/interfaces.c:129
+msgid "Local IP address and netmask pairs:\n"
+msgstr "Combinaties van lokale IP-adressen en netwerkmaskers:\n"
+
+#: plugins/sudoers/iolog.c:121 plugins/sudoers/mkdir_parents.c:75
+#, c-format
+msgid "%s exists but is not a directory (0%o)"
+msgstr "%s bestaat al, maar is geen map (0%o)"
+
+#: plugins/sudoers/iolog.c:146 plugins/sudoers/iolog.c:187
+#: plugins/sudoers/mkdir_parents.c:64 plugins/sudoers/timestamp.c:170
+#, c-format
+msgid "unable to mkdir %s"
+msgstr "mkdir %s: aanmaken mislukt"
+
+#: plugins/sudoers/iolog.c:191 plugins/sudoers/visudo.c:740
+#: plugins/sudoers/visudo.c:750
+#, c-format
+msgid "unable to change mode of %s to 0%o"
+msgstr "kan modus van %s niet wijzigen naar 0%o"
+
+#: plugins/sudoers/iolog.c:299 plugins/sudoers/sudoers.c:1193
+#: plugins/sudoers/testsudoers.c:390
+#, c-format
+msgid "unknown group: %s"
+msgstr "onbekende groep: %s"
+
+#: plugins/sudoers/iolog.c:418 plugins/sudoers/sudoers.c:929
+#: plugins/sudoers/sudoreplay.c:349 plugins/sudoers/sudoreplay.c:1354
+#: plugins/sudoers/sudoreplay.c:1558 plugins/sudoers/timestamp.c:398
+#: plugins/sudoers/visudo.c:972 plugins/sudoers/visudo_json.c:1001
+#: plugins/sudoers/visudo_json.c:1014
+#, c-format
+msgid "unable to open %s"
+msgstr "kan %s niet openen"
+
+#: plugins/sudoers/iolog.c:469 plugins/sudoers/sudoers.c:933
+#: plugins/sudoers/sudoreplay.c:856 plugins/sudoers/sudoreplay.c:1669
+#, c-format
+msgid "unable to read %s"
+msgstr "kan %s niet lezen"
+
+#: plugins/sudoers/iolog.c:505 plugins/sudoers/sudoreplay.c:1123
+#: plugins/sudoers/timestamp.c:290 plugins/sudoers/timestamp.c:293
+#, c-format
+msgid "unable to write to %s"
+msgstr "kan %s niet schrijven"
+
+#: plugins/sudoers/iolog.c:584 plugins/sudoers/iolog.c:803
+#, c-format
+msgid "unable to create %s"
+msgstr "kan %s niet aanmaken"
+
+#: plugins/sudoers/iolog.c:1035 plugins/sudoers/iolog.c:1110
+#: plugins/sudoers/iolog.c:1191
+#, c-format
+msgid "unable to write to I/O log file: %s"
+msgstr "kan niet schrijven naar in-/uitvoerlogbestand: %s"
+
+#: plugins/sudoers/iolog.c:1069
+#, fuzzy, c-format
+msgid "%s: internal error, file index %d not open"
+msgstr "interne fout, kan %s niet in de lijst vinden!"
+
+#: plugins/sudoers/ldap.c:431
+msgid "sudo_ldap_conf_add_ports: port too large"
+msgstr "sudo_ldap_conf_add_ports: poort te groot"
+
+#: plugins/sudoers/ldap.c:491
+#, c-format
+msgid "unsupported LDAP uri type: %s"
+msgstr "niet-ondersteund LDAP uri type: %s"
+
+#: plugins/sudoers/ldap.c:518
+msgid "unable to mix ldap and ldaps URIs"
+msgstr "kan ldap en ldaps URIs niet door elkaar gebruiken"
+
+#: plugins/sudoers/ldap.c:522 plugins/sudoers/ldap.c:559
+msgid "starttls not supported when using ldaps"
+msgstr "starttls wordt niet ondersteund in combinatie met ldaps"
+
+#: plugins/sudoers/ldap.c:630
+#, c-format
+msgid "unable to initialize SSL cert and key db: %s"
+msgstr "kan SSL cert en key db niet initialiseren: %s"
+
+#: plugins/sudoers/ldap.c:633
+#, c-format
+msgid "you must set TLS_CERT in %s to use SSL"
+msgstr "u moet TLS_CERT in %s instellen om SSL te gebruiken"
+
+#: plugins/sudoers/ldap.c:1250
+msgid "unable to get GMT time"
+msgstr "kan GMT-tijd niet verkrijgen"
+
+#: plugins/sudoers/ldap.c:1256
+msgid "unable to format timestamp"
+msgstr "kan tijd niet juist opmaken"
+
+#: plugins/sudoers/ldap.c:1980
+#, c-format
+msgid "%s: %s: %s: %s"
+msgstr "%s: %s: %s: %s"
+
+#: plugins/sudoers/ldap.c:2552
+#, c-format
+msgid ""
+"\n"
+"LDAP Role: %s\n"
+msgstr ""
+"\n"
+"LDAP Role: %s\n"
+
+#: plugins/sudoers/ldap.c:2554
+#, c-format
+msgid ""
+"\n"
+"LDAP Role: UNKNOWN\n"
+msgstr ""
+"\n"
+"LDAP Role: UNKNOWN\n"
+
+#: plugins/sudoers/ldap.c:2610
+#, c-format
+msgid "    Order: %s\n"
+msgstr "     Volgorde: %s\n"
+
+#: plugins/sudoers/ldap.c:2618 plugins/sudoers/parse.c:618
+#: plugins/sudoers/sssd.c:1641
+#, c-format
+msgid "    Commands:\n"
+msgstr "     Opdrachten:\n"
+
+#: plugins/sudoers/ldap.c:3180
+#, c-format
+msgid "unable to initialize LDAP: %s"
+msgstr "kan LDAP niet initialiseren: %s"
+
+#: plugins/sudoers/ldap.c:3216
+msgid "start_tls specified but LDAP libs do not support ldap_start_tls_s() or ldap_start_tls_s_np()"
+msgstr "start_tls opgegeven maar LDAP bibliotheken ondersteunen geen ldap_start_tls_s() of ldap_start_tls_s_np()"
+
+#: plugins/sudoers/ldap.c:3468
+#, c-format
+msgid "invalid sudoOrder attribute: %s"
+msgstr "ongeldig sudoOrder kenmerk: %s"
+
+#: plugins/sudoers/linux_audit.c:52
+msgid "unable to open audit system"
+msgstr "kan controlesysteem niet openen"
+
+#: plugins/sudoers/linux_audit.c:93
+msgid "unable to send audit message"
+msgstr "kan controleboodschap niet verzenden"
+
+#: plugins/sudoers/logging.c:107
+#, c-format
+msgid "%8s : %s"
+msgstr "%8s : %s"
+
+#: plugins/sudoers/logging.c:135
+#, c-format
+msgid "%8s : (command continued) %s"
+msgstr "%8s : (opdracht voortgezet) %s"
+
+#: plugins/sudoers/logging.c:164
+#, c-format
+msgid "unable to open log file: %s"
+msgstr "kan logbestand niet openen: %s"
+
+#: plugins/sudoers/logging.c:172
+#, c-format
+msgid "unable to lock log file: %s"
+msgstr "kan logbestand niet vergrendelen: %s"
+
+#: plugins/sudoers/logging.c:205
+#, c-format
+msgid "unable to write log file: %s"
+msgstr "kan logbestand niet schrijven: %s"
+
+#: plugins/sudoers/logging.c:234
+msgid "No user or host"
+msgstr "Geen gebruiker of computer"
+
+#: plugins/sudoers/logging.c:236
+msgid "validation failure"
+msgstr "geldigheidsfout"
+
+#: plugins/sudoers/logging.c:243
+msgid "user NOT in sudoers"
+msgstr "gebruiker NIET in sudoers"
+
+#: plugins/sudoers/logging.c:245
+msgid "user NOT authorized on host"
+msgstr "gebruiker NIET aangemeld op computer"
+
+#: plugins/sudoers/logging.c:247
+msgid "command not allowed"
+msgstr "opdracht is niet toegestaan"
+
+#: plugins/sudoers/logging.c:282
+#, c-format
+msgid "%s is not in the sudoers file.  This incident will be reported.\n"
+msgstr "%s zit niet in het sudoersbestand.  Dit incident zal worden gerapporteerd.\n"
+
+#: plugins/sudoers/logging.c:285
+#, c-format
+msgid "%s is not allowed to run sudo on %s.  This incident will be reported.\n"
+msgstr "%s heeft niet het recht om sudo te gebruiken op %s.  Dit incident zal worden gerapporteerd.\n"
+
+#: plugins/sudoers/logging.c:289
+#, c-format
+msgid "Sorry, user %s may not run sudo on %s.\n"
+msgstr "Sorry, gebruiker %s mag sudo niet gebruiken op %s.\n"
+
+#: plugins/sudoers/logging.c:292
+#, c-format
+msgid "Sorry, user %s is not allowed to execute '%s%s%s' as %s%s%s on %s.\n"
+msgstr "Sorry, gebruiker %s mag '%s%s%s' niet uitvoeren als %s%s%s op %s.\n"
+
+#: plugins/sudoers/logging.c:329 plugins/sudoers/sudoers.c:473
+#: plugins/sudoers/sudoers.c:475 plugins/sudoers/sudoers.c:477
+#: plugins/sudoers/sudoers.c:479 plugins/sudoers/sudoers.c:1298
+#: plugins/sudoers/sudoers.c:1300
+#, c-format
+msgid "%s: command not found"
+msgstr "%s: opdracht niet gevonden"
+
+#: plugins/sudoers/logging.c:331 plugins/sudoers/sudoers.c:469
+#, c-format
+msgid ""
+"ignoring \"%s\" found in '.'\n"
+"Use \"sudo ./%s\" if this is the \"%s\" you wish to run."
+msgstr ""
+"\"%s\" gevonden in '.' wordt genegeerd.\n"
+"Gebruik 'sudo ./%s' als dit de '%s' die u wilt uitvoeren."
+
+#: plugins/sudoers/logging.c:348
+msgid "authentication failure"
+msgstr "aanmeldingsfout"
+
+#: plugins/sudoers/logging.c:374
+msgid "a password is required"
+msgstr "een wachtwoord is verplicht"
+
+#: plugins/sudoers/logging.c:445 plugins/sudoers/logging.c:511
+#, c-format
+msgid "%u incorrect password attempt"
+msgid_plural "%u incorrect password attempts"
+msgstr[0] "%u verkeerde wachtwoordpoging"
+msgstr[1] "%u verkeerde wachtwoordpogingen"
+
+#: plugins/sudoers/logging.c:598
+msgid "unable to fork"
+msgstr "kan niet afsplitsen"
+
+#: plugins/sudoers/logging.c:606 plugins/sudoers/logging.c:658
+#, c-format
+msgid "unable to fork: %m"
+msgstr "kan niet afsplitsen: %m"
+
+#: plugins/sudoers/logging.c:648
+#, c-format
+msgid "unable to open pipe: %m"
+msgstr "kan pipe niet openen: %m"
+
+#: plugins/sudoers/logging.c:673
+#, c-format
+msgid "unable to dup stdin: %m"
+msgstr "kan stdin niet klonen: %m"
+
+#: plugins/sudoers/logging.c:711
+#, c-format
+msgid "unable to execute %s: %m"
+msgstr "kan %s niet uitvoeren: %m"
+
+#: plugins/sudoers/match.c:771
+#, c-format
+msgid "digest for %s (%s) is not in %s form"
+msgstr "controlegetal voor %s (%s) is niet in de %s-vorm"
+
+#: plugins/sudoers/mkdir_parents.c:70 plugins/sudoers/sudoers.c:944
+#: plugins/sudoers/visudo.c:439 plugins/sudoers/visudo.c:734
+#, c-format
+msgid "unable to stat %s"
+msgstr "kan stat op %s niet uitvoeren"
+
+#: plugins/sudoers/parse.c:115
+#, c-format
+msgid "parse error in %s near line %d"
+msgstr "ontleedfout in %s bij regel %d"
+
+#: plugins/sudoers/parse.c:118
+#, c-format
+msgid "parse error in %s"
+msgstr "ontleedfout in %s"
+
+#: plugins/sudoers/parse.c:544
+#, c-format
+msgid ""
+"\n"
+"Sudoers entry:\n"
+msgstr ""
+"\n"
+"Sudoers-item:\n"
+
+#: plugins/sudoers/parse.c:545
+#, c-format
+msgid "    RunAsUsers: "
+msgstr "    RunAsUsers: "
+
+#: plugins/sudoers/parse.c:559
+#, c-format
+msgid "    RunAsGroups: "
+msgstr "    RunAsGroups: "
+
+#: plugins/sudoers/parse.c:568
+#, c-format
+msgid "    Options: "
+msgstr "    Opties: "
+
+#: plugins/sudoers/policy.c:243 plugins/sudoers/testsudoers.c:261
+msgid "unable to parse network address list"
+msgstr "kan netwerkadressenlijst niet ontleden"
+
+#: plugins/sudoers/policy.c:380
+msgid "user name not set by sudo front-end"
+msgstr ""
+
+#: plugins/sudoers/policy.c:384
+msgid "user ID not set by sudo front-end"
+msgstr ""
+
+#: plugins/sudoers/policy.c:388
+msgid "group ID not set by sudo front-end"
+msgstr ""
+
+#: plugins/sudoers/policy.c:392
+msgid "host name not set by sudo front-end"
+msgstr ""
+
+#: plugins/sudoers/policy.c:736 plugins/sudoers/visudo.c:910
+#, c-format
+msgid "unable to execute %s"
+msgstr "kan %s niet uitvoeren"
+
+#: plugins/sudoers/policy.c:869
+#, c-format
+msgid "Sudoers policy plugin version %s\n"
+msgstr "Sudoers-beleidsplugin versie %s\n"
+
+#: plugins/sudoers/policy.c:871
+#, c-format
+msgid "Sudoers file grammar version %d\n"
+msgstr "Versie van sudoers-bestandsgrammatica %d\n"
+
+#: plugins/sudoers/policy.c:875
+#, c-format
+msgid ""
+"\n"
+"Sudoers path: %s\n"
+msgstr ""
+"\n"
+"Sudoers-pad: %s\n"
+
+#: plugins/sudoers/policy.c:878
+#, c-format
+msgid "nsswitch path: %s\n"
+msgstr "nsswitch-pad: %s\n"
+
+#: plugins/sudoers/policy.c:880
+#, c-format
+msgid "ldap.conf path: %s\n"
+msgstr "ldap.conf-pad: %s\n"
+
+#: plugins/sudoers/policy.c:881
+#, c-format
+msgid "ldap.secret path: %s\n"
+msgstr "ldap.secret-pad: %s\n"
+
+#: plugins/sudoers/policy.c:914
+#, c-format
+msgid "unable to register hook of type %d (version %d.%d)"
+msgstr ""
+
+#: plugins/sudoers/pwutil.c:188 plugins/sudoers/pwutil.c:206
+#, c-format
+msgid "unable to cache uid %u, out of memory"
+msgstr "kan gebruikersnummer %u niet bufferen, onvoldoende geheugen"
+
+#: plugins/sudoers/pwutil.c:200
+#, c-format
+msgid "unable to cache uid %u, already exists"
+msgstr "kan gebruikersnummer %u niet bufferen, bestaat reeds"
+
+#: plugins/sudoers/pwutil.c:260 plugins/sudoers/pwutil.c:277
+#: plugins/sudoers/pwutil.c:339 plugins/sudoers/pwutil.c:384
+#, c-format
+msgid "unable to cache user %s, out of memory"
+msgstr "kan gebruiker %s niet bufferen, onvoldoende geheugen"
+
+#: plugins/sudoers/pwutil.c:272
+#, c-format
+msgid "unable to cache user %s, already exists"
+msgstr "kan gebruiker %s niet bufferen, bestaat reeds"
+
+#: plugins/sudoers/pwutil.c:503 plugins/sudoers/pwutil.c:521
+#, c-format
+msgid "unable to cache gid %u, out of memory"
+msgstr "kan groepsnummer %u niet bufferen, onvoldoende geheugen"
+
+#: plugins/sudoers/pwutil.c:515
+#, c-format
+msgid "unable to cache gid %u, already exists"
+msgstr "kan groepsnummer %u niet bufferen, bestaat reeds"
+
+#: plugins/sudoers/pwutil.c:569 plugins/sudoers/pwutil.c:586
+#: plugins/sudoers/pwutil.c:633 plugins/sudoers/pwutil.c:675
+#, c-format
+msgid "unable to cache group %s, out of memory"
+msgstr "kan groep %s niet bufferen, onvoldoende geheugen"
+
+#: plugins/sudoers/pwutil.c:581
+#, c-format
+msgid "unable to cache group %s, already exists"
+msgstr "kan groep %s niet bufferen, bestaat reeds"
+
+#: plugins/sudoers/pwutil.c:801 plugins/sudoers/pwutil.c:853
+#: plugins/sudoers/pwutil.c:904 plugins/sudoers/pwutil.c:957
+#, c-format
+msgid "unable to cache group list for %s, already exists"
+msgstr "kan groepslijst voor %s niet bufferen, bestaat reeds"
+
+#: plugins/sudoers/pwutil.c:807 plugins/sudoers/pwutil.c:858
+#: plugins/sudoers/pwutil.c:910 plugins/sudoers/pwutil.c:962
+#, c-format
+msgid "unable to cache group list for %s, out of memory"
+msgstr "kan groepslijst voor %s niet bufferen, onvoldoende geheugen"
+
+#: plugins/sudoers/pwutil.c:847
+#, c-format
+msgid "unable to parse groups for %s"
+msgstr "kan groepen voor %s niet ontleden"
+
+#: plugins/sudoers/pwutil.c:951
+#, c-format
+msgid "unable to parse gids for %s"
+msgstr "kan groepsnummers voor %s niet ontleden"
+
+#: plugins/sudoers/set_perms.c:113 plugins/sudoers/set_perms.c:469
+#: plugins/sudoers/set_perms.c:912 plugins/sudoers/set_perms.c:1239
+#: plugins/sudoers/set_perms.c:1556
+msgid "perm stack overflow"
+msgstr "overloop van rechtenstapel"
+
+#: plugins/sudoers/set_perms.c:121 plugins/sudoers/set_perms.c:400
+#: plugins/sudoers/set_perms.c:477 plugins/sudoers/set_perms.c:779
+#: plugins/sudoers/set_perms.c:920 plugins/sudoers/set_perms.c:1163
+#: plugins/sudoers/set_perms.c:1247 plugins/sudoers/set_perms.c:1489
+#: plugins/sudoers/set_perms.c:1564 plugins/sudoers/set_perms.c:1654
+msgid "perm stack underflow"
+msgstr "onderloop van rechtenstapel"
+
+#: plugins/sudoers/set_perms.c:180 plugins/sudoers/set_perms.c:523
+#: plugins/sudoers/set_perms.c:1298 plugins/sudoers/set_perms.c:1596
+msgid "unable to change to root gid"
+msgstr "kan niet wijzigen naar rootgroepsnummer"
+
+#: plugins/sudoers/set_perms.c:269 plugins/sudoers/set_perms.c:620
+#: plugins/sudoers/set_perms.c:1049 plugins/sudoers/set_perms.c:1375
+msgid "unable to change to runas gid"
+msgstr "kan niet wijzigen naar runas-groepsnummer"
+
+#: plugins/sudoers/set_perms.c:274 plugins/sudoers/set_perms.c:625
+#: plugins/sudoers/set_perms.c:1054 plugins/sudoers/set_perms.c:1380
+msgid "unable to set runas group vector"
+msgstr "kan runas-groepsvector niet instellen"
+
+#: plugins/sudoers/set_perms.c:285 plugins/sudoers/set_perms.c:636
+#: plugins/sudoers/set_perms.c:1063 plugins/sudoers/set_perms.c:1389
+msgid "unable to change to runas uid"
+msgstr "kan niet wijzigen naar runas-gebruikersnummer"
+
+#: plugins/sudoers/set_perms.c:303 plugins/sudoers/set_perms.c:654
+#: plugins/sudoers/set_perms.c:1079 plugins/sudoers/set_perms.c:1405
+msgid "unable to change to sudoers gid"
+msgstr "kan niet wijzigen naar sudoers-groepsnummer"
+
+#: plugins/sudoers/set_perms.c:387 plugins/sudoers/set_perms.c:766
+#: plugins/sudoers/set_perms.c:1150 plugins/sudoers/set_perms.c:1476
+#: plugins/sudoers/set_perms.c:1641
+msgid "too many processes"
+msgstr "te veel processen"
+
+#: plugins/sudoers/solaris_audit.c:51
+msgid "unable to get current working directory"
+msgstr "kan huidige werkmap niet achterhalen"
+
+#: plugins/sudoers/solaris_audit.c:59
+#, c-format
+msgid "truncated audit path user_cmnd: %s"
+msgstr ""
+
+#: plugins/sudoers/solaris_audit.c:66
+#, c-format
+msgid "truncated audit path argv[0]: %s"
+msgstr ""
+
+#: plugins/sudoers/solaris_audit.c:115
+msgid "audit_failure message too long"
+msgstr "boodschap voor audit_failure is te lang"
+
+#: plugins/sudoers/sssd.c:402
+msgid "unable to initialize SSS source. Is SSSD installed on your machine?"
+msgstr "Kan SSS-bron niet initialiseren. Is SSSD op uw machine geinstalleerd?"
+
+#: plugins/sudoers/sssd.c:410 plugins/sudoers/sssd.c:419
+#: plugins/sudoers/sssd.c:428 plugins/sudoers/sssd.c:437
+#: plugins/sudoers/sssd.c:446
+#, c-format
+msgid "unable to find symbol \"%s\" in %s"
+msgstr "kan symbool \"%s\" niet vinden in %s"
+
+#: plugins/sudoers/sssd.c:1556
+#, c-format
+msgid ""
+"\n"
+"SSSD Role: %s\n"
+msgstr ""
+"\n"
+"SSSD Role: %s\n"
+
+#: plugins/sudoers/sssd.c:1561
+#, c-format
+msgid ""
+"\n"
+"SSSD Role: UNKNOWN\n"
+msgstr ""
+"\n"
+"SSSD Role: UNKNOWN\n"
+
+#: plugins/sudoers/sudo_nss.c:289
+#, c-format
+msgid "Matching Defaults entries for %s on %s:\n"
+msgstr "Overeenkomende standaarditems voor %s op %s:\n"
+
+#: plugins/sudoers/sudo_nss.c:307
+#, c-format
+msgid "Runas and Command-specific defaults for %s:\n"
+msgstr "Runas en opdrachtspecifieke standaarden voor %s:\n"
+
+#: plugins/sudoers/sudo_nss.c:325
+#, c-format
+msgid "User %s may run the following commands on %s:\n"
+msgstr "Gebruiker %s mag de volgende opdrachten uitvoeren op %s:\n"
+
+#: plugins/sudoers/sudo_nss.c:338
+#, c-format
+msgid "User %s is not allowed to run sudo on %s.\n"
+msgstr "Gebruiker %s mag geen sudo gebruiken op %s.\n"
+
+#: plugins/sudoers/sudoers.c:168 plugins/sudoers/testsudoers.c:247
+#: plugins/sudoers/visudo.c:233 plugins/sudoers/visudo.c:612
+#: plugins/sudoers/visudo.c:976
+msgid "unable to initialize sudoers default values"
+msgstr "kan sudoers-standaardwaarden niet initialiseren"
+
+#: plugins/sudoers/sudoers.c:198 plugins/sudoers/sudoers.c:891
+msgid "problem with defaults entries"
+msgstr "probleem met standaarditems"
+
+#: plugins/sudoers/sudoers.c:205
+msgid "no valid sudoers sources found, quitting"
+msgstr "geen geldige sudoers-bronnen gevonden, afsluiten"
+
+#: plugins/sudoers/sudoers.c:244
+msgid "sudoers specifies that root is not allowed to sudo"
+msgstr "sudoers geeft aan dat root geen sudo mag gebruiken"
+
+#: plugins/sudoers/sudoers.c:301
+msgid "you are not permitted to use the -C option"
+msgstr "u heeft niet de rechten om de optie -C te gebruiken"
+
+#: plugins/sudoers/sudoers.c:390
+#, c-format
+msgid "timestamp owner (%s): No such user"
+msgstr "tijd-eigenaar (%s): Gebruiker bestaat niet"
+
+#: plugins/sudoers/sudoers.c:405
+msgid "no tty"
+msgstr "geen terminal"
+
+#: plugins/sudoers/sudoers.c:406
+msgid "sorry, you must have a tty to run sudo"
+msgstr "sorry, u moet een terminal hebben om sudo te gebruiken"
+
+#: plugins/sudoers/sudoers.c:468
+msgid "command in current directory"
+msgstr "opdracht in huidige map"
+
+#: plugins/sudoers/sudoers.c:487
+#, fuzzy
+msgid "sorry, you are not allowed set a command timeout"
+msgstr "sorry, u mag de omgeving niet behouden"
+
+#: plugins/sudoers/sudoers.c:495
+msgid "sorry, you are not allowed to preserve the environment"
+msgstr "sorry, u mag de omgeving niet behouden"
+
+#: plugins/sudoers/sudoers.c:836
+msgid "command too long"
+msgstr "opdracht is te lang"
+
+#: plugins/sudoers/sudoers.c:948
+#, c-format
+msgid "%s is not a regular file"
+msgstr "%s in geen regulier bestand"
+
+#: plugins/sudoers/sudoers.c:952 plugins/sudoers/timestamp.c:217 toke.l:969
+#, c-format
+msgid "%s is owned by uid %u, should be %u"
+msgstr "%s is eigendom van gebruikersnummer %u, zou %u moeten zijn"
+
+#: plugins/sudoers/sudoers.c:956 toke.l:974
+#, c-format
+msgid "%s is world writable"
+msgstr "%s kan door iedereen worden geschreven"
+
+#: plugins/sudoers/sudoers.c:960 toke.l:977
+#, c-format
+msgid "%s is owned by gid %u, should be %u"
+msgstr "%s is eigendom van groepsnummer %u, zou %u moeten zijn"
+
+#: plugins/sudoers/sudoers.c:993
+#, fuzzy, c-format
+msgid "only root can use \"-c %s\""
+msgstr "alleen root kan '-c %s' gebruiken"
+
+#: plugins/sudoers/sudoers.c:1012
+#, c-format
+msgid "unknown login class: %s"
+msgstr "onbekende loginklasse: %s"
+
+#: plugins/sudoers/sudoers.c:1095 plugins/sudoers/sudoers.c:1109
+#, c-format
+msgid "unable to resolve host %s"
+msgstr "kan computernaam %s niet herleiden"
+
+#: plugins/sudoers/sudoreplay.c:275
+#, c-format
+msgid "invalid filter option: %s"
+msgstr "ongeldige filteroptie: %s"
+
+#: plugins/sudoers/sudoreplay.c:288
+#, c-format
+msgid "invalid max wait: %s"
+msgstr "ongeldige maximale wachttijd: %s"
+
+#: plugins/sudoers/sudoreplay.c:300
+#, c-format
+msgid "invalid speed factor: %s"
+msgstr "ongeldige snelheidsfactor: %s"
+
+#: plugins/sudoers/sudoreplay.c:303 plugins/sudoers/visudo.c:186
+#, c-format
+msgid "%s version %s\n"
+msgstr "%s versie %s\n"
+
+#: plugins/sudoers/sudoreplay.c:335
+#, c-format
+msgid "%s/%.2s/%.2s/%.2s/timing: %s"
+msgstr "%s/%.2s/%.2s/%.2s/timing: %s"
+
+#: plugins/sudoers/sudoreplay.c:341
+#, c-format
+msgid "%s/%s/timing: %s"
+msgstr "%s/%s/timing: %s"
+
+#: plugins/sudoers/sudoreplay.c:357
+#, fuzzy, c-format
+msgid "Replaying sudo session: %s"
+msgstr "Bekijken van sudo sessie: %s\n"
+
+#: plugins/sudoers/sudoreplay.c:555 plugins/sudoers/sudoreplay.c:602
+#: plugins/sudoers/sudoreplay.c:804 plugins/sudoers/sudoreplay.c:894
+#: plugins/sudoers/sudoreplay.c:973 plugins/sudoers/sudoreplay.c:988
+#: plugins/sudoers/sudoreplay.c:995 plugins/sudoers/sudoreplay.c:1002
+#: plugins/sudoers/sudoreplay.c:1009 plugins/sudoers/sudoreplay.c:1016
+#: plugins/sudoers/sudoreplay.c:1162
+msgid "unable to add event to queue"
+msgstr "kan gebeurtenis niet aan wachtrij toevoegen"
+
+#: plugins/sudoers/sudoreplay.c:670
+msgid "unable to set tty to raw mode"
+msgstr "kan terminal niet instellen op rauwe modus"
+
+#: plugins/sudoers/sudoreplay.c:721
+#, c-format
+msgid "Warning: your terminal is too small to properly replay the log.\n"
+msgstr "Waarschuwing: uw terminal is te klein om de log goed op te bekijken.\n"
+
+#: plugins/sudoers/sudoreplay.c:722
+#, c-format
+msgid "Log geometry is %d x %d, your terminal's geometry is %d x %d."
+msgstr "Logverhouding is %d x %d, de verhouding van uw terminal is %d x %d."
+
+#: plugins/sudoers/sudoreplay.c:749
+msgid "Replay finished, press any key to restore the terminal."
+msgstr ""
+
+#: plugins/sudoers/sudoreplay.c:782
+#, c-format
+msgid "invalid timing file line: %s"
+msgstr "ongeldige timingsbestandregel: %s"
+
+#: plugins/sudoers/sudoreplay.c:1196 plugins/sudoers/sudoreplay.c:1221
+#, c-format
+msgid "ambiguous expression \"%s\""
+msgstr "dubbelzinnige expressie \"%s\""
+
+#: plugins/sudoers/sudoreplay.c:1243
+msgid "unmatched ')' in expression"
+msgstr "ongepaarde ')' in expressie"
+
+#: plugins/sudoers/sudoreplay.c:1247
+#, c-format
+msgid "unknown search term \"%s\""
+msgstr "onbekende zoekterm \"%s\""
+
+#: plugins/sudoers/sudoreplay.c:1262
+#, c-format
+msgid "%s requires an argument"
+msgstr "%s vereist een argument"
+
+#: plugins/sudoers/sudoreplay.c:1265 plugins/sudoers/sudoreplay.c:1645
+#, c-format
+msgid "invalid regular expression: %s"
+msgstr "ongeldige reguliere expressie: %s"
+
+#: plugins/sudoers/sudoreplay.c:1269
+#, c-format
+msgid "could not parse date \"%s\""
+msgstr "kan datum niet ontleden \"%s\""
+
+#: plugins/sudoers/sudoreplay.c:1278
+msgid "unmatched '(' in expression"
+msgstr "ongepaarde '(' in expressie"
+
+#: plugins/sudoers/sudoreplay.c:1280
+msgid "illegal trailing \"or\""
+msgstr "ongeldige afsluitende \"or\""
+
+#: plugins/sudoers/sudoreplay.c:1282
+msgid "illegal trailing \"!\""
+msgstr "ongeldige afsluitende \"!\""
+
+#: plugins/sudoers/sudoreplay.c:1331
+#, c-format
+msgid "unknown search type %d"
+msgstr "onbekend zoektype %d"
+
+#: plugins/sudoers/sudoreplay.c:1369
+#, c-format
+msgid "%s: invalid log file"
+msgstr "%s: ongeldig logbestand"
+
+#: plugins/sudoers/sudoreplay.c:1387
+#, c-format
+msgid "%s: time stamp field is missing"
+msgstr "%s: tijdveld ontbreekt"
+
+#: plugins/sudoers/sudoreplay.c:1394
+#, c-format
+msgid "%s: time stamp %s: %s"
+msgstr "%s: tijdstempel %s: %s"
+
+#: plugins/sudoers/sudoreplay.c:1401
+#, c-format
+msgid "%s: user field is missing"
+msgstr "%s: gebruikersveld ontbreekt"
+
+#: plugins/sudoers/sudoreplay.c:1410
+#, c-format
+msgid "%s: runas user field is missing"
+msgstr "%s: runas-gebuikersveld ontbreekt"
+
+#: plugins/sudoers/sudoreplay.c:1419
+#, c-format
+msgid "%s: runas group field is missing"
+msgstr "%s: runas-groepveld ontbreekt"
+
+#: plugins/sudoers/sudoreplay.c:1825
+#, c-format
+msgid "usage: %s [-hnR] [-d dir] [-m num] [-s num] ID\n"
+msgstr "Gebruik:  %s [-hnR] [-d map] [-m wachttijd] [-s snelheidsfactor] ID\n"
+
+#: plugins/sudoers/sudoreplay.c:1828
+#, c-format
+msgid "usage: %s [-h] [-d dir] -l [search expression]\n"
+msgstr "Gebruik:  %s [-h] [-d map] -l [zoek-expressie]\n"
+
+#: plugins/sudoers/sudoreplay.c:1837
+#, c-format
+msgid ""
+"%s - replay sudo session logs\n"
+"\n"
+msgstr ""
+"%s - sudo sessielogs bekijken\n"
+"\n"
+
+#: plugins/sudoers/sudoreplay.c:1839
+msgid ""
+"\n"
+"Options:\n"
+"  -d, --directory=dir  specify directory for session logs\n"
+"  -f, --filter=filter  specify which I/O type(s) to display\n"
+"  -h, --help           display help message and exit\n"
+"  -l, --list           list available session IDs, with optional expression\n"
+"  -m, --max-wait=num   max number of seconds to wait between events\n"
+"  -s, --speed=num      speed up or slow down output\n"
+"  -V, --version        display version information and exit"
+msgstr ""
+"\n"
+"Opties:\n"
+"  -d, --directory=map     map voor sessielogs opgeven\n"
+"  -f, --filter=filter     opgeven welk type in-/uitvoer moet worden weergegeven\n"
+"  -h, --help              geef help weer (dit bericht) en sluit af\n"
+"  -l, --list [expressie]  som beschikbare sessienummers\n"
+"                          die overeenkomen met de expressie op\n"
+"  -m, --max-wait=num      wacht tussen gebeurtenissen maximaal m seconden\n"
+"  -s, --speed=num         snelheid van uitvoer verhogen of verlagen\n"
+"  -V, --version           geef versieinformatie weer en sluit af"
+
+#: plugins/sudoers/testsudoers.c:329
+msgid "\thost  unmatched"
+msgstr "\tcomputer komt niet overeen"
+
+#: plugins/sudoers/testsudoers.c:332
+msgid ""
+"\n"
+"Command allowed"
+msgstr ""
+"\n"
+"Opdracht toegestaan"
+
+#: plugins/sudoers/testsudoers.c:333
+msgid ""
+"\n"
+"Command denied"
+msgstr ""
+"\n"
+"Opdracht niet toegestaan"
+
+#: plugins/sudoers/testsudoers.c:333
+msgid ""
+"\n"
+"Command unmatched"
+msgstr ""
+"\n"
+"Opdracht komt niet overeen"
+
+#: plugins/sudoers/timestamp.c:225
+#, c-format
+msgid "%s is group writable"
+msgstr "%s kan door groep worden gewijzigd"
+
+#: plugins/sudoers/timestamp.c:301
+#, c-format
+msgid "unable to truncate time stamp file to %lld bytes"
+msgstr "kan tijdstempelbestand niet inkorten naar %lld bytes"
+
+#: plugins/sudoers/timestamp.c:756 plugins/sudoers/timestamp.c:823
+#: plugins/sudoers/visudo.c:500 plugins/sudoers/visudo.c:506
+msgid "unable to read the clock"
+msgstr "kan de klok niet lezen"
+
+#: plugins/sudoers/timestamp.c:770
+msgid "ignoring time stamp from the future"
+msgstr "tijdstempel uit de toekomst wordt genegeerd"
+
+#: plugins/sudoers/timestamp.c:782
+#, c-format
+msgid "time stamp too far in the future: %20.20s"
+msgstr "tijd is te ver in de toekomst: %20.20s"
+
+#: plugins/sudoers/timestamp.c:877
+#, c-format
+msgid "unable to lock time stamp file %s"
+msgstr "kan tijdstempelbestand %s niet vergrendelen"
+
+#: plugins/sudoers/timestamp.c:921 plugins/sudoers/timestamp.c:941
+#, fuzzy, c-format
+msgid "lecture status path too long: %s/%s"
+msgstr "tijd voor pad te lang: %s"
+
+#: plugins/sudoers/visudo.c:188
+#, c-format
+msgid "%s grammar version %d\n"
+msgstr "%s grammaticaversie %d\n"
+
+#: plugins/sudoers/visudo.c:266 plugins/sudoers/visudo.c:667
+#, c-format
+msgid "press return to edit %s: "
+msgstr "Druk op Enter om %s te bewerken: "
+
+#: plugins/sudoers/visudo.c:331
+#, c-format
+msgid "specified editor (%s) doesn't exist"
+msgstr "opgegeven editor (%s) bestaat niet"
+
+#: plugins/sudoers/visudo.c:349
+#, c-format
+msgid "no editor found (editor path = %s)"
+msgstr "geen editor gevonden (editorpad = %s)"
+
+#: plugins/sudoers/visudo.c:459 plugins/sudoers/visudo.c:467
+msgid "write error"
+msgstr "schrijffout"
+
+#: plugins/sudoers/visudo.c:513
+#, c-format
+msgid "unable to stat temporary file (%s), %s unchanged"
+msgstr "kan status van tijdelijk bestand (%s) niet vaststellen, %s ongewijzigd"
+
+#: plugins/sudoers/visudo.c:520
+#, c-format
+msgid "zero length temporary file (%s), %s unchanged"
+msgstr "tijdelijk bestand (%s) leeg, %s ongewijzigd"
+
+#: plugins/sudoers/visudo.c:526
+#, c-format
+msgid "editor (%s) failed, %s unchanged"
+msgstr "editor (%s) is mislukt, %s ongewijzigd"
+
+#: plugins/sudoers/visudo.c:548
+#, c-format
+msgid "%s unchanged"
+msgstr "%s ongewijzigd"
+
+#: plugins/sudoers/visudo.c:607
+#, c-format
+msgid "unable to re-open temporary file (%s), %s unchanged."
+msgstr "kan tijdelijk bestand (%s) niet openen, %s ongewijzigd."
+
+#: plugins/sudoers/visudo.c:619
+#, c-format
+msgid "unabled to parse temporary file (%s), unknown error"
+msgstr "kan tijdelijke bestand (%s) niet ontleden, onbekende fout"
+
+#: plugins/sudoers/visudo.c:656
+#, c-format
+msgid "internal error, unable to find %s in list!"
+msgstr "interne fout, kan %s niet in de lijst vinden!"
+
+#: plugins/sudoers/visudo.c:736 plugins/sudoers/visudo.c:745
+#, c-format
+msgid "unable to set (uid, gid) of %s to (%u, %u)"
+msgstr "kan %s niet wijzigen (gebruikers- of groepsnummer) naar (%u, %u)"
+
+#: plugins/sudoers/visudo.c:767
+#, c-format
+msgid "%s and %s not on the same file system, using mv to rename"
+msgstr "%s en %s niet op hetzelfde bestandssyteem, gebuikt mv om te hernoemen"
+
+#: plugins/sudoers/visudo.c:781
+#, c-format
+msgid "command failed: '%s %s %s', %s unchanged"
+msgstr "opdracht mislukt: '%s %s %s', %s ongewijzigd"
+
+#: plugins/sudoers/visudo.c:791
+#, c-format
+msgid "error renaming %s, %s unchanged"
+msgstr "fout bij hernoemen %s, %s ongewijzigd"
+
+#: plugins/sudoers/visudo.c:855
+msgid "What now? "
+msgstr "Wat nu? "
+
+#: plugins/sudoers/visudo.c:869
+msgid ""
+"Options are:\n"
+"  (e)dit sudoers file again\n"
+"  e(x)it without saving changes to sudoers file\n"
+"  (Q)uit and save changes to sudoers file (DANGER!)\n"
+msgstr ""
+"Opties zijn:\n"
+"  (e)dit sudoers bestand opnieuw\n"
+"  e(x)it zonder de wijzigingen op te slaan\n"
+"  (Q)uit en sla wijziging op in het sudoers bestand (GEVAAR!)\n"
+
+#: plugins/sudoers/visudo.c:915
+#, c-format
+msgid "unable to run %s"
+msgstr "kan %s niet uitvoeren"
+
+#: plugins/sudoers/visudo.c:945
+#, c-format
+msgid "%s: wrong owner (uid, gid) should be (%u, %u)\n"
+msgstr "%s: verkeerde eigenaar (gebruikers-, groepsnummer) zou moeten zijn (%u, %u)\n"
+
+#: plugins/sudoers/visudo.c:952
+#, c-format
+msgid "%s: bad permissions, should be mode 0%o\n"
+msgstr "%s: verkeerde toegangsrechten, zou modus 0%o moeten zijn\n"
+
+#: plugins/sudoers/visudo.c:981 plugins/sudoers/visudo_json.c:1021
+#, c-format
+msgid "failed to parse %s file, unknown error"
+msgstr "kan %s-bestand niet ontleden, onbekende fout"
+
+#: plugins/sudoers/visudo.c:997 plugins/sudoers/visudo_json.c:1032
+#, c-format
+msgid "parse error in %s near line %d\n"
+msgstr "fout bij ontleden van %s bij regel %d\n"
+
+#: plugins/sudoers/visudo.c:1000 plugins/sudoers/visudo_json.c:1035
+#, c-format
+msgid "parse error in %s\n"
+msgstr "fout bij ontleden van %s\n"
+
+#: plugins/sudoers/visudo.c:1008 plugins/sudoers/visudo.c:1015
+#, c-format
+msgid "%s: parsed OK\n"
+msgstr "%s: ontleden is geslaagd\n"
+
+#: plugins/sudoers/visudo.c:1062
+#, c-format
+msgid "%s busy, try again later"
+msgstr "%s bezig, probeer het later opnieuw"
+
+#: plugins/sudoers/visudo.c:1159
+#, fuzzy, c-format
+msgid "Error: %s:%d cycle in %s \"%s\""
+msgstr "Fout: cyclus in %s '%s'"
+
+#: plugins/sudoers/visudo.c:1160
+#, fuzzy, c-format
+msgid "Warning: %s:%d cycle in %s \"%s\""
+msgstr "Waarschuwing: cyclus in %s '%s'"
+
+#: plugins/sudoers/visudo.c:1164
+#, c-format
+msgid "Error: %s:%d %s \"%s\" referenced but not defined"
+msgstr "Fout: %s:%d %s \"%s\" wordt naar verwezen, maar is niet gedefinieerd"
+
+#: plugins/sudoers/visudo.c:1165
+#, c-format
+msgid "Warning: %s:%d %s \"%s\" referenced but not defined"
+msgstr "Waarschuwing: %s:%d %s \"%s\" wordt naar verwezen, maar is niet gedefinieerd"
+
+#: plugins/sudoers/visudo.c:1318
+#, fuzzy, c-format
+msgid "Warning: %s:%d unused %s \"%s\""
+msgstr "Waarschuwing: %s '%s' wordt niet gebruikt"
+
+#: plugins/sudoers/visudo.c:1433
+#, c-format
+msgid ""
+"%s - safely edit the sudoers file\n"
+"\n"
+msgstr ""
+"%s - bewerk het sudoersbestand voorzichtig\n"
+"\n"
+
+#: plugins/sudoers/visudo.c:1435
+msgid ""
+"\n"
+"Options:\n"
+"  -c, --check              check-only mode\n"
+"  -f, --file=sudoers       specify sudoers file location\n"
+"  -h, --help               display help message and exit\n"
+"  -q, --quiet              less verbose (quiet) syntax error messages\n"
+"  -s, --strict             strict syntax checking\n"
+"  -V, --version            display version information and exit\n"
+"  -x, --export=output_file write sudoers in JSON format to output_file"
+msgstr ""
+"\n"
+"Opties:\n"
+"  -c, --check         alleen lezen modus\n"
+"  -f, --file=bestand  geef lokatie van sudoersbestand op\n"
+"  -h, --help          geef help weer (dit bericht) en sluit af\n"
+"  -q, --quiet         minder uitgebreide syntactische fout berichten\n"
+"  -s, --strict        stricte controle van syntaxis\n"
+"  -V, --verion        geef versieinformatie weer en sluit af"
+
+#: plugins/sudoers/visudo_json.c:616 plugins/sudoers/visudo_json.c:651
+#, c-format
+msgid "unknown defaults entry \"%s\""
+msgstr "onbekend standaarditem '%s'"
+
+#: plugins/sudoers/visudo_json.c:1007
+#, c-format
+msgid "%s: input and output files must be different"
+msgstr "%s: in- en uitvoerbestanden moeten verschillen"
+
+#: toke.l:943
+msgid "too many levels of includes"
+msgstr "te veel niveaus van insluitingen"
+
+#~ msgid "sudo_ldap_conf_add_ports: out of space expanding hostbuf"
+#~ msgstr "sudo_ldap_conf_add_ports: ruimte ontoereikend bij uitbreiden hostbuf"
+
+#~ msgid "sudo_ldap_parse_uri: out of space building hostbuf"
+#~ msgstr "sudo_ldap_parse_uri: ruimte ontoereikend bij bouwen van hostbuf"
+
+#~ msgid "sudo_ldap_build_pass1 allocation mismatch"
+#~ msgstr "sudo_ldap_build_pass1 reserveren mislukt"
+
+#~ msgid "timestamp path too long: %s/%s"
+#~ msgstr "tijd voor pad te lang: %s/%s"
+
+#~ msgid "unable to stat editor (%s)"
+#~ msgstr "kan status van editor (%s) niet verkrijgen"
+
+#~ msgid "Password:"
+#~ msgstr "Wachtwoord:"
+
+#~ msgid "unable to setup authentication"
+#~ msgstr "kan verificatie niet instellen"
+
+#~ msgid "invalid uri: %s"
+#~ msgstr "ongeldige uri: %s"
+
+#~ msgid "unable to mix ldaps and starttls"
+#~ msgstr "kan ldaps en starttls niet door elkaar gebruiken"
+
+#~ msgid "internal error: insufficient space for log line"
+#~ msgstr "interne fout: onvoldoende ruimte voor logregel"
+
+#~ msgid "value out of range"
+#~ msgstr "waarde buiten bereik"
+
+#~ msgid "writing to standard output"
+#~ msgstr "naar standaarduitvoer schrijven"
+
+#~ msgid "too many parenthesized expressions, max %d"
+#~ msgstr "te veel geneste expressies, maximum %d"
+
+#~ msgid "%s owned by uid %u, should be uid %u"
+#~ msgstr "%s is van gebruikersnummer %u, zou gebruikersnummer %u moeten zijn"
+
+#~ msgid "%s writable by non-owner (0%o), should be mode 0700"
+#~ msgstr "%s kan geschreven worden door niet-eigenaar (0%o), zou ingesteld moeten zijn op 0700"
+
+#~ msgid "%s exists but is not a regular file (0%o)"
+#~ msgstr "%s bestaat maar is geen normaal bestand (0%o)"
+
+#~ msgid "%s writable by non-owner (0%o), should be mode 0600"
+#~ msgstr "%s kan geschreven worden bij niet-eigenaar (0%o), zou ingesteld moeten zijn op 0600"
+
+#~ msgid "unable to remove %s, will reset to the epoch"
+#~ msgstr "kan %s niet verwijderen, wordt geherinitialiseerd op de epoch"
+
+#~ msgid "fill_args: buffer overflow"
+#~ msgstr "fill_args: stapeloverloop"
+
+#~ msgid "%s: unused %s_Alias %s"
+#~ msgstr "%s: ongebruikte %s_Alias %s"
+
+#~ msgid ">>> %s: %s near line %d <<<"
+#~ msgstr ">>> %s: %s bij regel %d <<<"
+
+#~ msgid "pam_chauthtok: %s"
+#~ msgstr "pam_chauthtok: %s"
+
+#~ msgid "pam_authenticate: %s"
+#~ msgstr "pam_authenticate: %s"
+
+#~ msgid "getaudit: failed"
+#~ msgstr "getaudit: mislukt"
+
+#~ msgid "getauid failed"
+#~ msgstr "getauid mislukt"
+
+#~ msgid "au_open: failed"
+#~ msgstr "au_open: mislukt"
+
+#~ msgid "au_to_subject: failed"
+#~ msgstr "au_to_subject: mislukt"
+
+#~ msgid "au_to_exec_args: failed"
+#~ msgstr "au_to_exec_args: mislukt"
+
+#~ msgid "au_to_return32: failed"
+#~ msgstr "au_to_return32: mislukt"
+
+#~ msgid "getauid: failed"
+#~ msgstr "getauid: failed"
+
+#~ msgid "au_to_text: failed"
+#~ msgstr "au_to_text: failed"
+
+#~ msgid "unable to set locale to \"%s\", using \"C\""
+#~ msgstr "kan taaldefinitie niet instellen op \"%s\", gebruikt wordt \"C\""
+
+#~ msgid ""
+#~ "    Commands:\n"
+#~ "\t"
+#~ msgstr ""
+#~ "    Opdrachten:\n"
+#~ "\t"
+
+#~ msgid "unable to cache uid %u (%s), already exists"
+#~ msgstr "kan gebruikersnummer %u niet bufferen (%s), bestaat reeds"
+
+#~ msgid "unable to cache gid %u (%s), already exists"
+#~ msgstr "kan groepsnummer %u niet bufferen (%s), bestaat reeds"
+
+#~ msgid "Unable to dlopen %s: %s"
+#~ msgstr "Kan niet dlopen %s: %s"
+
+#~ msgid "unable to execute %s: %s"
+#~ msgstr "kan %s niet uitvoeren: %s"
+
+#~ msgid "nanosleep: tv_sec %ld, tv_nsec %ld"
+#~ msgstr "nanosleep: tv_sec %ld, tv_nsec %ld"
+
+#~ msgid "invalid regex: %s"
+#~ msgstr "ongeldige reguliere expressie: %s"
diff --git a/plugins/sudoers/po/pl.mo b/plugins/sudoers/po/pl.mo
new file mode 100644
index 0000000..a8aae55
--- /dev/null
+++ b/plugins/sudoers/po/pl.mo
diff --git a/plugins/sudoers/po/pl.po b/plugins/sudoers/po/pl.po
new file mode 100644
index 0000000..b722afc
--- /dev/null
+++ b/plugins/sudoers/po/pl.po
@@ -0,0 +1,2346 @@
+# Polish translation for sudo/sudoers.
+# This file is put in the public domain.
+# Jakub Bogusz <qboosh@pld-linux.org>, 2011-2018.
+#
+msgid ""
+msgstr ""
+"Project-Id-Version: sudoers 1.8.26b1\n"
+"Report-Msgid-Bugs-To: https://bugzilla.sudo.ws\n"
+"POT-Creation-Date: 2018-10-29 08:31-0600\n"
+"PO-Revision-Date: 2018-10-29 20:15+0100\n"
+"Last-Translator: Jakub Bogusz <qboosh@pld-linux.org>\n"
+"Language-Team: Polish <translation-team-pl@lists.sourceforge.net>\n"
+"Language: pl\n"
+"MIME-Version: 1.0\n"
+"Content-Type: text/plain; charset=UTF-8\n"
+"Content-Transfer-Encoding: 8bit\n"
+"X-Bugs: Report translation errors to the Language-Team address.\n"
+"Plural-Forms: nplurals=3; plural=(n==1 ? 0 : n%10>=2 && n%10<=4 && (n%100<10 || n%100>=20) ? 1 : 2);\n"
+
+#: confstr.sh:1
+msgid "syntax error"
+msgstr "błąd składni"
+
+#: confstr.sh:2
+msgid "%p's password: "
+msgstr "Hasło użytkownika %p: "
+
+#: confstr.sh:3
+msgid "[sudo] password for %p: "
+msgstr "[sudo] hasło użytkownika %p: "
+
+#: confstr.sh:4
+msgid "Password: "
+msgstr "Hasło: "
+
+#: confstr.sh:5
+msgid "*** SECURITY information for %h ***"
+msgstr "*** informacje dotyczące BEZPIECZEŃSTWA dla %h ***"
+
+#: confstr.sh:6
+msgid "Sorry, try again."
+msgstr "Niestety, proszę spróbować ponownie."
+
+#: gram.y:192 gram.y:240 gram.y:247 gram.y:254 gram.y:261 gram.y:268
+#: gram.y:284 gram.y:308 gram.y:315 gram.y:322 gram.y:329 gram.y:336
+#: gram.y:399 gram.y:407 gram.y:417 gram.y:450 gram.y:457 gram.y:464
+#: gram.y:471 gram.y:553 gram.y:560 gram.y:569 gram.y:578 gram.y:595
+#: gram.y:707 gram.y:714 gram.y:721 gram.y:729 gram.y:829 gram.y:836
+#: gram.y:843 gram.y:850 gram.y:857 gram.y:883 gram.y:890 gram.y:897
+#: gram.y:1020 gram.y:1294 plugins/sudoers/alias.c:130
+#: plugins/sudoers/alias.c:137 plugins/sudoers/alias.c:153
+#: plugins/sudoers/auth/bsdauth.c:146 plugins/sudoers/auth/kerb5.c:121
+#: plugins/sudoers/auth/kerb5.c:147 plugins/sudoers/auth/pam.c:524
+#: plugins/sudoers/auth/rfc1938.c:114 plugins/sudoers/auth/sia.c:62
+#: plugins/sudoers/cvtsudoers.c:123 plugins/sudoers/cvtsudoers.c:164
+#: plugins/sudoers/cvtsudoers.c:181 plugins/sudoers/cvtsudoers.c:192
+#: plugins/sudoers/cvtsudoers.c:304 plugins/sudoers/cvtsudoers.c:432
+#: plugins/sudoers/cvtsudoers.c:565 plugins/sudoers/cvtsudoers.c:582
+#: plugins/sudoers/cvtsudoers.c:645 plugins/sudoers/cvtsudoers.c:760
+#: plugins/sudoers/cvtsudoers.c:768 plugins/sudoers/cvtsudoers.c:1178
+#: plugins/sudoers/cvtsudoers.c:1182 plugins/sudoers/cvtsudoers.c:1284
+#: plugins/sudoers/cvtsudoers_ldif.c:152 plugins/sudoers/cvtsudoers_ldif.c:195
+#: plugins/sudoers/cvtsudoers_ldif.c:242 plugins/sudoers/cvtsudoers_ldif.c:261
+#: plugins/sudoers/cvtsudoers_ldif.c:332 plugins/sudoers/cvtsudoers_ldif.c:387
+#: plugins/sudoers/cvtsudoers_ldif.c:395 plugins/sudoers/cvtsudoers_ldif.c:412
+#: plugins/sudoers/cvtsudoers_ldif.c:421 plugins/sudoers/cvtsudoers_ldif.c:568
+#: plugins/sudoers/defaults.c:661 plugins/sudoers/defaults.c:954
+#: plugins/sudoers/defaults.c:1125 plugins/sudoers/editor.c:70
+#: plugins/sudoers/editor.c:88 plugins/sudoers/editor.c:99
+#: plugins/sudoers/env.c:247 plugins/sudoers/filedigest.c:64
+#: plugins/sudoers/filedigest.c:80 plugins/sudoers/gc.c:57
+#: plugins/sudoers/group_plugin.c:136 plugins/sudoers/interfaces.c:76
+#: plugins/sudoers/iolog.c:939 plugins/sudoers/iolog_path.c:172
+#: plugins/sudoers/iolog_util.c:83 plugins/sudoers/iolog_util.c:122
+#: plugins/sudoers/iolog_util.c:131 plugins/sudoers/iolog_util.c:141
+#: plugins/sudoers/iolog_util.c:149 plugins/sudoers/iolog_util.c:153
+#: plugins/sudoers/ldap.c:183 plugins/sudoers/ldap.c:414
+#: plugins/sudoers/ldap.c:418 plugins/sudoers/ldap.c:430
+#: plugins/sudoers/ldap.c:721 plugins/sudoers/ldap.c:885
+#: plugins/sudoers/ldap.c:1233 plugins/sudoers/ldap.c:1660
+#: plugins/sudoers/ldap.c:1697 plugins/sudoers/ldap.c:1778
+#: plugins/sudoers/ldap.c:1913 plugins/sudoers/ldap.c:2014
+#: plugins/sudoers/ldap.c:2030 plugins/sudoers/ldap_conf.c:221
+#: plugins/sudoers/ldap_conf.c:252 plugins/sudoers/ldap_conf.c:304
+#: plugins/sudoers/ldap_conf.c:340 plugins/sudoers/ldap_conf.c:443
+#: plugins/sudoers/ldap_conf.c:458 plugins/sudoers/ldap_conf.c:555
+#: plugins/sudoers/ldap_conf.c:588 plugins/sudoers/ldap_conf.c:680
+#: plugins/sudoers/ldap_conf.c:762 plugins/sudoers/ldap_util.c:508
+#: plugins/sudoers/ldap_util.c:564 plugins/sudoers/linux_audit.c:81
+#: plugins/sudoers/logging.c:195 plugins/sudoers/logging.c:511
+#: plugins/sudoers/logging.c:532 plugins/sudoers/logging.c:573
+#: plugins/sudoers/logging.c:752 plugins/sudoers/logging.c:1010
+#: plugins/sudoers/match.c:725 plugins/sudoers/match.c:772
+#: plugins/sudoers/match.c:813 plugins/sudoers/match.c:841
+#: plugins/sudoers/match.c:929 plugins/sudoers/match.c:1009
+#: plugins/sudoers/parse.c:195 plugins/sudoers/parse.c:207
+#: plugins/sudoers/parse.c:222 plugins/sudoers/parse.c:234
+#: plugins/sudoers/parse_ldif.c:141 plugins/sudoers/parse_ldif.c:168
+#: plugins/sudoers/parse_ldif.c:237 plugins/sudoers/parse_ldif.c:244
+#: plugins/sudoers/parse_ldif.c:249 plugins/sudoers/parse_ldif.c:325
+#: plugins/sudoers/parse_ldif.c:336 plugins/sudoers/parse_ldif.c:342
+#: plugins/sudoers/parse_ldif.c:367 plugins/sudoers/parse_ldif.c:379
+#: plugins/sudoers/parse_ldif.c:383 plugins/sudoers/parse_ldif.c:397
+#: plugins/sudoers/parse_ldif.c:564 plugins/sudoers/parse_ldif.c:594
+#: plugins/sudoers/parse_ldif.c:619 plugins/sudoers/parse_ldif.c:679
+#: plugins/sudoers/parse_ldif.c:698 plugins/sudoers/parse_ldif.c:744
+#: plugins/sudoers/parse_ldif.c:754 plugins/sudoers/policy.c:502
+#: plugins/sudoers/policy.c:744 plugins/sudoers/prompt.c:98
+#: plugins/sudoers/pwutil.c:197 plugins/sudoers/pwutil.c:269
+#: plugins/sudoers/pwutil.c:346 plugins/sudoers/pwutil.c:520
+#: plugins/sudoers/pwutil.c:586 plugins/sudoers/pwutil.c:656
+#: plugins/sudoers/pwutil.c:814 plugins/sudoers/pwutil.c:871
+#: plugins/sudoers/pwutil.c:916 plugins/sudoers/pwutil.c:974
+#: plugins/sudoers/sssd.c:152 plugins/sudoers/sssd.c:398
+#: plugins/sudoers/sssd.c:461 plugins/sudoers/sssd.c:505
+#: plugins/sudoers/sssd.c:552 plugins/sudoers/sssd.c:743
+#: plugins/sudoers/stubs.c:101 plugins/sudoers/stubs.c:109
+#: plugins/sudoers/sudoers.c:269 plugins/sudoers/sudoers.c:279
+#: plugins/sudoers/sudoers.c:288 plugins/sudoers/sudoers.c:330
+#: plugins/sudoers/sudoers.c:653 plugins/sudoers/sudoers.c:779
+#: plugins/sudoers/sudoers.c:823 plugins/sudoers/sudoers.c:1097
+#: plugins/sudoers/sudoers_debug.c:112 plugins/sudoers/sudoreplay.c:579
+#: plugins/sudoers/sudoreplay.c:582 plugins/sudoers/sudoreplay.c:1259
+#: plugins/sudoers/sudoreplay.c:1459 plugins/sudoers/sudoreplay.c:1463
+#: plugins/sudoers/testsudoers.c:134 plugins/sudoers/testsudoers.c:234
+#: plugins/sudoers/testsudoers.c:251 plugins/sudoers/testsudoers.c:585
+#: plugins/sudoers/timestamp.c:437 plugins/sudoers/timestamp.c:481
+#: plugins/sudoers/timestamp.c:958 plugins/sudoers/toke_util.c:57
+#: plugins/sudoers/toke_util.c:110 plugins/sudoers/toke_util.c:147
+#: plugins/sudoers/tsdump.c:128 plugins/sudoers/visudo.c:150
+#: plugins/sudoers/visudo.c:312 plugins/sudoers/visudo.c:318
+#: plugins/sudoers/visudo.c:428 plugins/sudoers/visudo.c:606
+#: plugins/sudoers/visudo.c:926 plugins/sudoers/visudo.c:1013
+#: plugins/sudoers/visudo.c:1102 toke.l:844 toke.l:945 toke.l:1102
+msgid "unable to allocate memory"
+msgstr "nie udało się przydzielić pamięci"
+
+#: gram.y:482
+msgid "a digest requires a path name"
+msgstr "skrót wymaga nazwy pliku"
+
+#: gram.y:608
+msgid "invalid notbefore value"
+msgstr "błędna wartość notbefore"
+
+#: gram.y:616
+msgid "invalid notafter value"
+msgstr "błędna wartość notafter"
+
+#: gram.y:625 plugins/sudoers/policy.c:318
+msgid "timeout value too large"
+msgstr "wartość limitu czasu zbyt duża"
+
+#: gram.y:627 plugins/sudoers/policy.c:320
+msgid "invalid timeout value"
+msgstr "błędna wartość limitu czasu"
+
+#: gram.y:1294 plugins/sudoers/auth/pam.c:354 plugins/sudoers/auth/pam.c:524
+#: plugins/sudoers/auth/rfc1938.c:114 plugins/sudoers/cvtsudoers.c:123
+#: plugins/sudoers/cvtsudoers.c:163 plugins/sudoers/cvtsudoers.c:180
+#: plugins/sudoers/cvtsudoers.c:191 plugins/sudoers/cvtsudoers.c:303
+#: plugins/sudoers/cvtsudoers.c:431 plugins/sudoers/cvtsudoers.c:564
+#: plugins/sudoers/cvtsudoers.c:581 plugins/sudoers/cvtsudoers.c:645
+#: plugins/sudoers/cvtsudoers.c:760 plugins/sudoers/cvtsudoers.c:767
+#: plugins/sudoers/cvtsudoers.c:1178 plugins/sudoers/cvtsudoers.c:1182
+#: plugins/sudoers/cvtsudoers.c:1284 plugins/sudoers/cvtsudoers_ldif.c:151
+#: plugins/sudoers/cvtsudoers_ldif.c:194 plugins/sudoers/cvtsudoers_ldif.c:241
+#: plugins/sudoers/cvtsudoers_ldif.c:260 plugins/sudoers/cvtsudoers_ldif.c:331
+#: plugins/sudoers/cvtsudoers_ldif.c:386 plugins/sudoers/cvtsudoers_ldif.c:394
+#: plugins/sudoers/cvtsudoers_ldif.c:411 plugins/sudoers/cvtsudoers_ldif.c:420
+#: plugins/sudoers/cvtsudoers_ldif.c:567 plugins/sudoers/defaults.c:661
+#: plugins/sudoers/defaults.c:954 plugins/sudoers/defaults.c:1125
+#: plugins/sudoers/editor.c:70 plugins/sudoers/editor.c:88
+#: plugins/sudoers/editor.c:99 plugins/sudoers/env.c:247
+#: plugins/sudoers/filedigest.c:64 plugins/sudoers/filedigest.c:80
+#: plugins/sudoers/gc.c:57 plugins/sudoers/group_plugin.c:136
+#: plugins/sudoers/interfaces.c:76 plugins/sudoers/iolog.c:939
+#: plugins/sudoers/iolog_path.c:172 plugins/sudoers/iolog_util.c:83
+#: plugins/sudoers/iolog_util.c:122 plugins/sudoers/iolog_util.c:131
+#: plugins/sudoers/iolog_util.c:141 plugins/sudoers/iolog_util.c:149
+#: plugins/sudoers/iolog_util.c:153 plugins/sudoers/ldap.c:183
+#: plugins/sudoers/ldap.c:414 plugins/sudoers/ldap.c:418
+#: plugins/sudoers/ldap.c:430 plugins/sudoers/ldap.c:721
+#: plugins/sudoers/ldap.c:885 plugins/sudoers/ldap.c:1233
+#: plugins/sudoers/ldap.c:1660 plugins/sudoers/ldap.c:1697
+#: plugins/sudoers/ldap.c:1778 plugins/sudoers/ldap.c:1913
+#: plugins/sudoers/ldap.c:2014 plugins/sudoers/ldap.c:2030
+#: plugins/sudoers/ldap_conf.c:221 plugins/sudoers/ldap_conf.c:252
+#: plugins/sudoers/ldap_conf.c:304 plugins/sudoers/ldap_conf.c:340
+#: plugins/sudoers/ldap_conf.c:443 plugins/sudoers/ldap_conf.c:458
+#: plugins/sudoers/ldap_conf.c:555 plugins/sudoers/ldap_conf.c:588
+#: plugins/sudoers/ldap_conf.c:679 plugins/sudoers/ldap_conf.c:762
+#: plugins/sudoers/ldap_util.c:508 plugins/sudoers/ldap_util.c:564
+#: plugins/sudoers/linux_audit.c:81 plugins/sudoers/logging.c:195
+#: plugins/sudoers/logging.c:511 plugins/sudoers/logging.c:532
+#: plugins/sudoers/logging.c:572 plugins/sudoers/logging.c:1010
+#: plugins/sudoers/match.c:724 plugins/sudoers/match.c:771
+#: plugins/sudoers/match.c:813 plugins/sudoers/match.c:841
+#: plugins/sudoers/match.c:929 plugins/sudoers/match.c:1008
+#: plugins/sudoers/parse.c:194 plugins/sudoers/parse.c:206
+#: plugins/sudoers/parse.c:221 plugins/sudoers/parse.c:233
+#: plugins/sudoers/parse_ldif.c:140 plugins/sudoers/parse_ldif.c:167
+#: plugins/sudoers/parse_ldif.c:236 plugins/sudoers/parse_ldif.c:243
+#: plugins/sudoers/parse_ldif.c:248 plugins/sudoers/parse_ldif.c:324
+#: plugins/sudoers/parse_ldif.c:335 plugins/sudoers/parse_ldif.c:341
+#: plugins/sudoers/parse_ldif.c:366 plugins/sudoers/parse_ldif.c:378
+#: plugins/sudoers/parse_ldif.c:382 plugins/sudoers/parse_ldif.c:396
+#: plugins/sudoers/parse_ldif.c:564 plugins/sudoers/parse_ldif.c:593
+#: plugins/sudoers/parse_ldif.c:618 plugins/sudoers/parse_ldif.c:678
+#: plugins/sudoers/parse_ldif.c:697 plugins/sudoers/parse_ldif.c:743
+#: plugins/sudoers/parse_ldif.c:753 plugins/sudoers/policy.c:132
+#: plugins/sudoers/policy.c:141 plugins/sudoers/policy.c:150
+#: plugins/sudoers/policy.c:176 plugins/sudoers/policy.c:303
+#: plugins/sudoers/policy.c:318 plugins/sudoers/policy.c:320
+#: plugins/sudoers/policy.c:346 plugins/sudoers/policy.c:356
+#: plugins/sudoers/policy.c:400 plugins/sudoers/policy.c:410
+#: plugins/sudoers/policy.c:419 plugins/sudoers/policy.c:428
+#: plugins/sudoers/policy.c:502 plugins/sudoers/policy.c:744
+#: plugins/sudoers/prompt.c:98 plugins/sudoers/pwutil.c:197
+#: plugins/sudoers/pwutil.c:269 plugins/sudoers/pwutil.c:346
+#: plugins/sudoers/pwutil.c:520 plugins/sudoers/pwutil.c:586
+#: plugins/sudoers/pwutil.c:656 plugins/sudoers/pwutil.c:814
+#: plugins/sudoers/pwutil.c:871 plugins/sudoers/pwutil.c:916
+#: plugins/sudoers/pwutil.c:974 plugins/sudoers/set_perms.c:392
+#: plugins/sudoers/set_perms.c:771 plugins/sudoers/set_perms.c:1155
+#: plugins/sudoers/set_perms.c:1481 plugins/sudoers/set_perms.c:1646
+#: plugins/sudoers/sssd.c:151 plugins/sudoers/sssd.c:398
+#: plugins/sudoers/sssd.c:461 plugins/sudoers/sssd.c:505
+#: plugins/sudoers/sssd.c:552 plugins/sudoers/sssd.c:743
+#: plugins/sudoers/stubs.c:101 plugins/sudoers/stubs.c:109
+#: plugins/sudoers/sudoers.c:269 plugins/sudoers/sudoers.c:279
+#: plugins/sudoers/sudoers.c:288 plugins/sudoers/sudoers.c:330
+#: plugins/sudoers/sudoers.c:653 plugins/sudoers/sudoers.c:779
+#: plugins/sudoers/sudoers.c:823 plugins/sudoers/sudoers.c:1097
+#: plugins/sudoers/sudoers_debug.c:111 plugins/sudoers/sudoreplay.c:579
+#: plugins/sudoers/sudoreplay.c:582 plugins/sudoers/sudoreplay.c:1259
+#: plugins/sudoers/sudoreplay.c:1459 plugins/sudoers/sudoreplay.c:1463
+#: plugins/sudoers/testsudoers.c:134 plugins/sudoers/testsudoers.c:234
+#: plugins/sudoers/testsudoers.c:251 plugins/sudoers/testsudoers.c:585
+#: plugins/sudoers/timestamp.c:437 plugins/sudoers/timestamp.c:481
+#: plugins/sudoers/timestamp.c:958 plugins/sudoers/toke_util.c:57
+#: plugins/sudoers/toke_util.c:110 plugins/sudoers/toke_util.c:147
+#: plugins/sudoers/tsdump.c:128 plugins/sudoers/visudo.c:150
+#: plugins/sudoers/visudo.c:312 plugins/sudoers/visudo.c:318
+#: plugins/sudoers/visudo.c:428 plugins/sudoers/visudo.c:606
+#: plugins/sudoers/visudo.c:926 plugins/sudoers/visudo.c:1013
+#: plugins/sudoers/visudo.c:1102 toke.l:844 toke.l:945 toke.l:1102
+#, c-format
+msgid "%s: %s"
+msgstr "%s: %s"
+
+#: plugins/sudoers/alias.c:148
+#, c-format
+msgid "Alias \"%s\" already defined"
+msgstr "Alias \"%s\" jest już zdefiniowany"
+
+#: plugins/sudoers/auth/bsdauth.c:73
+#, c-format
+msgid "unable to get login class for user %s"
+msgstr "nie udało się uzyskać klasy logowania dla użytkownika %s"
+
+#: plugins/sudoers/auth/bsdauth.c:78
+msgid "unable to begin bsd authentication"
+msgstr "nie udało się rozpocząć uwierzytelnienia BSD"
+
+#: plugins/sudoers/auth/bsdauth.c:86
+msgid "invalid authentication type"
+msgstr "błędny rodzaj uwierzytelnienia"
+
+#: plugins/sudoers/auth/bsdauth.c:95
+msgid "unable to initialize BSD authentication"
+msgstr "nie udało się zainicjować uwierzytelnienia BSD"
+
+#: plugins/sudoers/auth/bsdauth.c:183
+msgid "your account has expired"
+msgstr "konto wygasło"
+
+#: plugins/sudoers/auth/bsdauth.c:185
+msgid "approval failed"
+msgstr "zezwolenie nie powiodło się"
+
+#: plugins/sudoers/auth/fwtk.c:57
+msgid "unable to read fwtk config"
+msgstr "nie udało się odczytać konfiguracji fwtk"
+
+#: plugins/sudoers/auth/fwtk.c:62
+msgid "unable to connect to authentication server"
+msgstr "nie udało się połączyć z serwerem uwierzytelniającym"
+
+#: plugins/sudoers/auth/fwtk.c:68 plugins/sudoers/auth/fwtk.c:92
+#: plugins/sudoers/auth/fwtk.c:124
+msgid "lost connection to authentication server"
+msgstr "utracono połączenie z serwerem uwierzytelniającym"
+
+#: plugins/sudoers/auth/fwtk.c:72
+#, c-format
+msgid ""
+"authentication server error:\n"
+"%s"
+msgstr ""
+"błąd serwera uwierzytelniającego:\n"
+"%s"
+
+#: plugins/sudoers/auth/kerb5.c:113
+#, c-format
+msgid "%s: unable to convert principal to string ('%s'): %s"
+msgstr "%s: nie udało się przekształcić nazwy principal do łańcucha ('%s'): %s"
+
+#: plugins/sudoers/auth/kerb5.c:163
+#, c-format
+msgid "%s: unable to parse '%s': %s"
+msgstr "%s: nie udało się przeanalizować '%s': %s"
+
+#: plugins/sudoers/auth/kerb5.c:172
+#, c-format
+msgid "%s: unable to resolve credential cache: %s"
+msgstr "%s: nie udało się rozwiązać pamięci podręcznej danych uwierzytelniających: %s"
+
+#: plugins/sudoers/auth/kerb5.c:219
+#, c-format
+msgid "%s: unable to allocate options: %s"
+msgstr "%s: nie udało się przydzielić opcji: %s"
+
+#: plugins/sudoers/auth/kerb5.c:234
+#, c-format
+msgid "%s: unable to get credentials: %s"
+msgstr "%s: nie udało się pobrać danych uwierzytelniających: %s"
+
+#: plugins/sudoers/auth/kerb5.c:247
+#, c-format
+msgid "%s: unable to initialize credential cache: %s"
+msgstr "%s: nie udało się zainicjować pamięci podręcznej danych uwierzytelniających: %s"
+
+#: plugins/sudoers/auth/kerb5.c:250
+#, c-format
+msgid "%s: unable to store credential in cache: %s"
+msgstr "%s: nie udało się zapisać danych uwierzytelniających w pamięci podręcznej: %s"
+
+#: plugins/sudoers/auth/kerb5.c:314
+#, c-format
+msgid "%s: unable to get host principal: %s"
+msgstr "%s: nie udało się pobrać nazwy principal dla hosta: %s"
+
+#: plugins/sudoers/auth/kerb5.c:328
+#, c-format
+msgid "%s: Cannot verify TGT! Possible attack!: %s"
+msgstr "%s: Nie można zweryfikować TGT! Możliwy atak!: %s"
+
+#: plugins/sudoers/auth/pam.c:113
+msgid "unable to initialize PAM"
+msgstr "nie udało się zainicjować PAM"
+
+#: plugins/sudoers/auth/pam.c:204
+#, c-format
+msgid "PAM authentication error: %s"
+msgstr "Błąd uwierzytelniania PAM: %s"
+
+#: plugins/sudoers/auth/pam.c:221
+msgid "account validation failure, is your account locked?"
+msgstr "błąd kontroli poprawności konta - konto zablokowane?"
+
+#: plugins/sudoers/auth/pam.c:229
+msgid "Account or password is expired, reset your password and try again"
+msgstr "Konto lub hasło wygasło, należy ustawić ponownie hasło i spróbować jeszcze raz"
+
+#: plugins/sudoers/auth/pam.c:238
+#, c-format
+msgid "unable to change expired password: %s"
+msgstr "nie udało się zmienić przedawnionego hasła: %s"
+
+#: plugins/sudoers/auth/pam.c:246
+msgid "Password expired, contact your system administrator"
+msgstr "Hasło wygasło, proszę skontaktować się z administratorem systemu"
+
+#: plugins/sudoers/auth/pam.c:250
+msgid "Account expired or PAM config lacks an \"account\" section for sudo, contact your system administrator"
+msgstr "Konto wygasło lub w konfiguracji PAM brak sekcji \"account\" dla sudo, proszę skontaktować się z administratorem systemu"
+
+#: plugins/sudoers/auth/pam.c:257 plugins/sudoers/auth/pam.c:262
+#, c-format
+msgid "PAM account management error: %s"
+msgstr "Błąd zarządzania kontem PAM: %s"
+
+#: plugins/sudoers/auth/rfc1938.c:102 plugins/sudoers/visudo.c:232
+#, c-format
+msgid "you do not exist in the %s database"
+msgstr "nie istniejesz w bazie danych %s"
+
+#: plugins/sudoers/auth/securid5.c:75
+msgid "failed to initialise the ACE API library"
+msgstr "nie udało się zainicjować biblioteki ACE API"
+
+#: plugins/sudoers/auth/securid5.c:101
+msgid "unable to contact the SecurID server"
+msgstr "nie udało się połączyć z serwerem SecurID"
+
+#: plugins/sudoers/auth/securid5.c:110
+msgid "User ID locked for SecurID Authentication"
+msgstr "ID użytkownika zablokowany dla uwierzytelnienia SecurID"
+
+#: plugins/sudoers/auth/securid5.c:114 plugins/sudoers/auth/securid5.c:165
+msgid "invalid username length for SecurID"
+msgstr "błędna długość nazwy użytkownika dla SecurID"
+
+#: plugins/sudoers/auth/securid5.c:118 plugins/sudoers/auth/securid5.c:170
+msgid "invalid Authentication Handle for SecurID"
+msgstr "błędny uchwyt uwierzytelnienia dla SecurID"
+
+#: plugins/sudoers/auth/securid5.c:122
+msgid "SecurID communication failed"
+msgstr "błąd komunikacji SecurID"
+
+#: plugins/sudoers/auth/securid5.c:126 plugins/sudoers/auth/securid5.c:215
+msgid "unknown SecurID error"
+msgstr "nieznany błąd SecurID"
+
+#: plugins/sudoers/auth/securid5.c:160
+msgid "invalid passcode length for SecurID"
+msgstr "błędna długość hasła dla SecurID"
+
+#: plugins/sudoers/auth/sia.c:72 plugins/sudoers/auth/sia.c:127
+msgid "unable to initialize SIA session"
+msgstr "nie udało się zainicjować sesji SIA"
+
+#: plugins/sudoers/auth/sudo_auth.c:136
+msgid "invalid authentication methods"
+msgstr "błędne metody uwierzytelniania"
+
+#: plugins/sudoers/auth/sudo_auth.c:138
+msgid "Invalid authentication methods compiled into sudo!  You may not mix standalone and non-standalone authentication."
+msgstr "W sudo wkompilowano błędne metody uwierzytelniania! Nie można mieszać samodzielnych i niesamodzielnych sposobów uwierzytelniania."
+
+#: plugins/sudoers/auth/sudo_auth.c:259 plugins/sudoers/auth/sudo_auth.c:309
+msgid "no authentication methods"
+msgstr "brak metod uwierzytelniania"
+
+#: plugins/sudoers/auth/sudo_auth.c:261
+msgid "There are no authentication methods compiled into sudo!  If you want to turn off authentication, use the --disable-authentication configure option."
+msgstr "W sudo nie wkompilowano żadnych metod uwierzytelniania! Aby wyłączyć uwierzytelnianie, proszę użyć opcji konfiguracyjnej --disable-authentication."
+
+#: plugins/sudoers/auth/sudo_auth.c:311
+msgid "Unable to initialize authentication methods."
+msgstr "Nie udało się zainicjować metod uwierzytelniania."
+
+#: plugins/sudoers/auth/sudo_auth.c:477
+msgid "Authentication methods:"
+msgstr "Metody uwierzytelniania:"
+
+#: plugins/sudoers/bsm_audit.c:123 plugins/sudoers/bsm_audit.c:215
+msgid "Could not determine audit condition"
+msgstr "Nie udało się określić warunku audytowego"
+
+#: plugins/sudoers/bsm_audit.c:188 plugins/sudoers/bsm_audit.c:279
+msgid "unable to commit audit record"
+msgstr "nie udało się zatwierdzić rekordu audytowego"
+
+#: plugins/sudoers/check.c:267
+msgid ""
+"\n"
+"We trust you have received the usual lecture from the local System\n"
+"Administrator. It usually boils down to these three things:\n"
+"\n"
+"    #1) Respect the privacy of others.\n"
+"    #2) Think before you type.\n"
+"    #3) With great power comes great responsibility.\n"
+"\n"
+msgstr ""
+"\n"
+"Ufamy, że lokalny administrator udzielił odpowiedniego szkolenia.\n"
+"Zwykle sprowadza się ono do tych trzech rzeczy:\n"
+"\n"
+"    1) należy respektować prywatność innych,\n"
+"    2) należy myśleć przed pisaniem,\n"
+"    3) z dużą władzą wiąże się duża odpowiedzialność.\n"
+"\n"
+
+#: plugins/sudoers/check.c:310 plugins/sudoers/check.c:320
+#: plugins/sudoers/sudoers.c:696 plugins/sudoers/sudoers.c:741
+#: plugins/sudoers/tsdump.c:124
+#, c-format
+msgid "unknown uid: %u"
+msgstr "nieznany uid: %u"
+
+#: plugins/sudoers/check.c:315 plugins/sudoers/iolog.c:253
+#: plugins/sudoers/policy.c:915 plugins/sudoers/sudoers.c:1136
+#: plugins/sudoers/testsudoers.c:225 plugins/sudoers/testsudoers.c:398
+#, c-format
+msgid "unknown user: %s"
+msgstr "nieznany użytkownik: %s"
+
+#: plugins/sudoers/cvtsudoers.c:198
+#, c-format
+msgid "order increment: %s: %s"
+msgstr "zwiększenie rangi: %s: %s"
+
+#: plugins/sudoers/cvtsudoers.c:214
+#, c-format
+msgid "starting order: %s: %s"
+msgstr "początkowa ranga: %s: %s"
+
+#: plugins/sudoers/cvtsudoers.c:224
+#, c-format
+msgid "order padding: %s: %s"
+msgstr "wyrównanie rangi: %s: %s"
+
+#: plugins/sudoers/cvtsudoers.c:232 plugins/sudoers/sudoreplay.c:287
+#: plugins/sudoers/visudo.c:182
+#, c-format
+msgid "%s version %s\n"
+msgstr "%s wersja %s\n"
+
+#: plugins/sudoers/cvtsudoers.c:234 plugins/sudoers/visudo.c:184
+#, c-format
+msgid "%s grammar version %d\n"
+msgstr "%s, wersja gramatyki %d\n"
+
+#: plugins/sudoers/cvtsudoers.c:251 plugins/sudoers/testsudoers.c:173
+#, c-format
+msgid "unsupported input format %s"
+msgstr "nieobsługiwany format wejścia %s"
+
+#: plugins/sudoers/cvtsudoers.c:266
+#, c-format
+msgid "unsupported output format %s"
+msgstr "nieobsługiwany format wyjścia %s"
+
+#: plugins/sudoers/cvtsudoers.c:318
+#, c-format
+msgid "%s: input and output files must be different"
+msgstr "%s: pliki wejściowy i wyjściowy muszą być różne"
+
+#: plugins/sudoers/cvtsudoers.c:334 plugins/sudoers/sudoers.c:172
+#: plugins/sudoers/testsudoers.c:264 plugins/sudoers/visudo.c:238
+#: plugins/sudoers/visudo.c:594 plugins/sudoers/visudo.c:917
+msgid "unable to initialize sudoers default values"
+msgstr "nie udało się zainicjować wartości domyślnych sudoers"
+
+#: plugins/sudoers/cvtsudoers.c:420 plugins/sudoers/ldap_conf.c:433
+#, c-format
+msgid "%s: %s: %s: %s"
+msgstr "%s: %s: %s: %s"
+
+#: plugins/sudoers/cvtsudoers.c:479
+#, c-format
+msgid "%s: unknown key word: %s"
+msgstr "%s: nieznane słowo kluczowe: %s"
+
+#: plugins/sudoers/cvtsudoers.c:525
+#, c-format
+msgid "invalid defaults type: %s"
+msgstr "błędny typ wartości domyślnej: %s"
+
+#: plugins/sudoers/cvtsudoers.c:548
+#, c-format
+msgid "invalid suppression type: %s"
+msgstr "błędny typ ograniczenia: %s"
+
+#: plugins/sudoers/cvtsudoers.c:588 plugins/sudoers/cvtsudoers.c:602
+#, c-format
+msgid "invalid filter: %s"
+msgstr "błędny filtr: %s"
+
+#: plugins/sudoers/cvtsudoers.c:621 plugins/sudoers/cvtsudoers.c:638
+#: plugins/sudoers/cvtsudoers.c:1244 plugins/sudoers/cvtsudoers_json.c:1128
+#: plugins/sudoers/cvtsudoers_ldif.c:641 plugins/sudoers/iolog.c:411
+#: plugins/sudoers/iolog_util.c:72 plugins/sudoers/sudoers.c:903
+#: plugins/sudoers/sudoreplay.c:333 plugins/sudoers/sudoreplay.c:1425
+#: plugins/sudoers/timestamp.c:446 plugins/sudoers/tsdump.c:133
+#: plugins/sudoers/visudo.c:913
+#, c-format
+msgid "unable to open %s"
+msgstr "nie udało się otworzyć %s"
+
+#: plugins/sudoers/cvtsudoers.c:641 plugins/sudoers/visudo.c:922
+#, c-format
+msgid "failed to parse %s file, unknown error"
+msgstr "nie udało się przeanalizować pliku %s, nieznany błąd"
+
+#: plugins/sudoers/cvtsudoers.c:649 plugins/sudoers/visudo.c:939
+#, c-format
+msgid "parse error in %s near line %d\n"
+msgstr "błąd składni w %s w okolicy linii %d\n"
+
+#: plugins/sudoers/cvtsudoers.c:652 plugins/sudoers/visudo.c:942
+#, c-format
+msgid "parse error in %s\n"
+msgstr "błąd składni w %s\n"
+
+#: plugins/sudoers/cvtsudoers.c:1291 plugins/sudoers/iolog.c:498
+#: plugins/sudoers/sudoreplay.c:1129 plugins/sudoers/timestamp.c:330
+#: plugins/sudoers/timestamp.c:333
+#, c-format
+msgid "unable to write to %s"
+msgstr "nie udało się zapisać do %s"
+
+#: plugins/sudoers/cvtsudoers.c:1314
+#, c-format
+msgid ""
+"%s - convert between sudoers file formats\n"
+"\n"
+msgstr ""
+"%s - konwersja między formatami pliku sudoers\n"
+"\n"
+
+#: plugins/sudoers/cvtsudoers.c:1316
+msgid ""
+"\n"
+"Options:\n"
+"  -b, --base=dn              the base DN for sudo LDAP queries\n"
+"  -d, --defaults=deftypes    only convert Defaults of the specified types\n"
+"  -e, --expand-aliases       expand aliases when converting\n"
+"  -f, --output-format=format set output format: JSON, LDIF or sudoers\n"
+"  -i, --input-format=format  set input format: LDIF or sudoers\n"
+"  -I, --increment=num        amount to increase each sudoOrder by\n"
+"  -h, --help                 display help message and exit\n"
+"  -m, --match=filter         only convert entries that match the filter\n"
+"  -M, --match-local          match filter uses passwd and group databases\n"
+"  -o, --output=output_file   write converted sudoers to output_file\n"
+"  -O, --order-start=num      starting point for first sudoOrder\n"
+"  -p, --prune-matches        prune non-matching users, groups and hosts\n"
+"  -P, --padding=num          base padding for sudoOrder increment\n"
+"  -s, --suppress=sections    suppress output of certain sections\n"
+"  -V, --version              display version information and exit"
+msgstr ""
+"\n"
+"Opcje:\n"
+"  -b. --base=dn              podstawowe DN do zapytań LDAP z sudo\n"
+"  -d, --defaults=typy        konwersja Defaults tylko określonych typów\n"
+"  -e, --expand-aliases       rozwinięcie aliasów w trakcie konwersji\n"
+"  -f, --output-format=format format wyjścia: JSON, LDIF lub sudoers\n"
+"  -i, --input-format=format  format wejścia: LDIF lub sudoers\n"
+"  -I, --increment=liczba     liczba, o jaką ma być zwiększane każde sudoOrder\n"
+"  -h, --help                 wyświetlenie pomocy i zakończenie\n"
+"  -m, --match=filtr          konwersja tylko wpisów pasujących do filtra\n"
+"  -M, --match-local          filtr dopasowania używający baz passwd i group\n"
+"  -o, --output=plik          zapis skonwertowanego sudoers do pliku wyjciowego\n"
+"  -O, --order-start=liczba   początkowa wartość pierwszego sudoOrder\n"
+"  -p, --prune-matches        czyszczenie nie pasujących użytkowników, grup,\n"
+"                             hostów\n"
+"  -P, --padding=num          bazowe wyrównanie dla kroku sudoOrder\n"
+"  -s, --suppress=sekcje      pominięcie wyjścia z podanych sekcji\n"
+"  -V, --version              wyświetlenie informacji o wersji i zakończenie"
+
+#: plugins/sudoers/cvtsudoers_json.c:682 plugins/sudoers/cvtsudoers_json.c:718
+#: plugins/sudoers/cvtsudoers_json.c:936
+#, c-format
+msgid "unknown defaults entry \"%s\""
+msgstr "nieznany wpis domyślny \"%s\""
+
+#: plugins/sudoers/cvtsudoers_json.c:856 plugins/sudoers/cvtsudoers_json.c:871
+#: plugins/sudoers/cvtsudoers_ldif.c:306 plugins/sudoers/cvtsudoers_ldif.c:317
+#: plugins/sudoers/ldap.c:480
+msgid "unable to get GMT time"
+msgstr "nie udało się pobrać czasu GMT"
+
+#: plugins/sudoers/cvtsudoers_json.c:859 plugins/sudoers/cvtsudoers_json.c:874
+#: plugins/sudoers/cvtsudoers_ldif.c:309 plugins/sudoers/cvtsudoers_ldif.c:320
+#: plugins/sudoers/ldap.c:486
+msgid "unable to format timestamp"
+msgstr "nie udało się sformatować znacznika czasu"
+
+#: plugins/sudoers/cvtsudoers_ldif.c:524 plugins/sudoers/env.c:309
+#: plugins/sudoers/env.c:316 plugins/sudoers/env.c:421
+#: plugins/sudoers/ldap.c:494 plugins/sudoers/ldap.c:725
+#: plugins/sudoers/ldap.c:1052 plugins/sudoers/ldap_conf.c:225
+#: plugins/sudoers/ldap_conf.c:315 plugins/sudoers/linux_audit.c:87
+#: plugins/sudoers/logging.c:1015 plugins/sudoers/policy.c:623
+#: plugins/sudoers/policy.c:633 plugins/sudoers/prompt.c:166
+#: plugins/sudoers/sudoers.c:845 plugins/sudoers/testsudoers.c:255
+#: plugins/sudoers/toke_util.c:159
+#, c-format
+msgid "internal error, %s overflow"
+msgstr "błąd wewnętrzny, przepełnienie %s"
+
+#: plugins/sudoers/cvtsudoers_ldif.c:593
+#, c-format
+msgid "too many sudoers entries, maximum %u"
+msgstr "zbyt dużo wpisów sudoers, maksimum to %u"
+
+#: plugins/sudoers/cvtsudoers_ldif.c:636
+msgid "the SUDOERS_BASE environment variable is not set and the -b option was not specified."
+msgstr "zmienna środowiskowa SUDOERS_BASE nie jest ustawiona i nie podano opcji -b."
+
+#: plugins/sudoers/def_data.c:42
+#, c-format
+msgid "Syslog facility if syslog is being used for logging: %s"
+msgstr "Rodzaj komunikatu sysloga, jeśli syslog jest używany: %s"
+
+#: plugins/sudoers/def_data.c:46
+#, c-format
+msgid "Syslog priority to use when user authenticates successfully: %s"
+msgstr "Priorytet komunikatu sysloga w przypadku udanego uwierzytelnienia: %s"
+
+#: plugins/sudoers/def_data.c:50
+#, c-format
+msgid "Syslog priority to use when user authenticates unsuccessfully: %s"
+msgstr "Priorytet komunikatu sysloga w przypadku nieudanego uwierzytelnienia: %s"
+
+#: plugins/sudoers/def_data.c:54
+msgid "Put OTP prompt on its own line"
+msgstr "Umieszczenie zachęty OTP we własnej linii"
+
+#: plugins/sudoers/def_data.c:58
+msgid "Ignore '.' in $PATH"
+msgstr "Ignorowanie '.' w $PATH"
+
+#: plugins/sudoers/def_data.c:62
+msgid "Always send mail when sudo is run"
+msgstr "Wysyłanie listu zawsze przy uruchomieniu sudo"
+
+#: plugins/sudoers/def_data.c:66
+msgid "Send mail if user authentication fails"
+msgstr "Wysyłanie listu przy błędnym uwierzytelnieniu"
+
+#: plugins/sudoers/def_data.c:70
+msgid "Send mail if the user is not in sudoers"
+msgstr "Wysyłanie listu jeśli użytkownik nie jest w sudoers"
+
+#: plugins/sudoers/def_data.c:74
+msgid "Send mail if the user is not in sudoers for this host"
+msgstr "Wysyłanie listu jeśli użytkownik nie jest w sudoers dla tego hosta"
+
+#: plugins/sudoers/def_data.c:78
+msgid "Send mail if the user is not allowed to run a command"
+msgstr "Wysyłanie listu jeśli użytkownik nie ma prawa do uruchomienia polecenia"
+
+#: plugins/sudoers/def_data.c:82
+msgid "Send mail if the user tries to run a command"
+msgstr "Wysyłanie listu jeśli użytkownik próbuje uruchomić polecenie"
+
+#: plugins/sudoers/def_data.c:86
+msgid "Use a separate timestamp for each user/tty combo"
+msgstr "Użycie osobnego znacznika czasu dla każdej pary użytkownik/tty"
+
+#: plugins/sudoers/def_data.c:90
+msgid "Lecture user the first time they run sudo"
+msgstr "Poinstruowanie użytkownika przy pierwszym uruchomieniu sudo"
+
+#: plugins/sudoers/def_data.c:94
+#, c-format
+msgid "File containing the sudo lecture: %s"
+msgstr "Plik zawierający instrukcję do sudo: %s"
+
+#: plugins/sudoers/def_data.c:98
+msgid "Require users to authenticate by default"
+msgstr "Domyślne wymaganie uwierzytelnienia przez użytkowników"
+
+#: plugins/sudoers/def_data.c:102
+msgid "Root may run sudo"
+msgstr "Możliwość uruchamiania sudo przez roota"
+
+#: plugins/sudoers/def_data.c:106
+msgid "Log the hostname in the (non-syslog) log file"
+msgstr "Logowanie nazwy hosta w pliku logu (niesyslogowym)"
+
+#: plugins/sudoers/def_data.c:110
+msgid "Log the year in the (non-syslog) log file"
+msgstr "Logowanie roku w pliku logu (niesyslogowym)"
+
+#: plugins/sudoers/def_data.c:114
+msgid "If sudo is invoked with no arguments, start a shell"
+msgstr "Uruchomienie powłoki przy wywołaniu sudo bez argumentów"
+
+#: plugins/sudoers/def_data.c:118
+msgid "Set $HOME to the target user when starting a shell with -s"
+msgstr "Ustawianie $HOME na katalog użytkownika docelowego przy uruchamianiu powłoki z -s"
+
+#: plugins/sudoers/def_data.c:122
+msgid "Always set $HOME to the target user's home directory"
+msgstr "Ustawianie $HOME zawsze na katalog domowy użytkownika docelowego"
+
+#: plugins/sudoers/def_data.c:126
+msgid "Allow some information gathering to give useful error messages"
+msgstr "Zezwolenie na zbieranie niektórych informacji do przydatnych komunikatów błędów"
+
+#: plugins/sudoers/def_data.c:130
+msgid "Require fully-qualified hostnames in the sudoers file"
+msgstr "Wymaganie pełnych nazw hostów w pliku sudoers"
+
+#: plugins/sudoers/def_data.c:134
+msgid "Insult the user when they enter an incorrect password"
+msgstr "Lżenie użytkownika po podaniu błędnego hasła"
+
+#: plugins/sudoers/def_data.c:138
+msgid "Only allow the user to run sudo if they have a tty"
+msgstr "Możliwość uruchamiania sudo tylko z poziomu terminala"
+
+#: plugins/sudoers/def_data.c:142
+msgid "Visudo will honor the EDITOR environment variable"
+msgstr "Honorowanie zmiennej środowiskowej EDITOR przez visudo"
+
+#: plugins/sudoers/def_data.c:146
+msgid "Prompt for root's password, not the users's"
+msgstr "Pytanie o hasło roota zamiast hasła użytkownika"
+
+#: plugins/sudoers/def_data.c:150
+msgid "Prompt for the runas_default user's password, not the users's"
+msgstr "Pytanie o hasło użytkownika runas_default zamiast uruchamiającego"
+
+#: plugins/sudoers/def_data.c:154
+msgid "Prompt for the target user's password, not the users's"
+msgstr "Pytanie o hasło użytkownika docelowego zamiast uruchamiającego"
+
+#: plugins/sudoers/def_data.c:158
+msgid "Apply defaults in the target user's login class if there is one"
+msgstr "Użycie ustawień domyślnych z klasy logowania użytkownika docelowego (jeśli są)"
+
+#: plugins/sudoers/def_data.c:162
+msgid "Set the LOGNAME and USER environment variables"
+msgstr "Ustawianie zmiennych środowiskowych LOGNAME i USER"
+
+#: plugins/sudoers/def_data.c:166
+msgid "Only set the effective uid to the target user, not the real uid"
+msgstr "Ustawianie na użytkownika docelowego tylko efektywnego uid-a, nie rzeczywistego uid-a"
+
+#: plugins/sudoers/def_data.c:170
+msgid "Don't initialize the group vector to that of the target user"
+msgstr "Pomijanie inicjalizacji wektora grup na grupy użytkownika docelowego"
+
+#: plugins/sudoers/def_data.c:174
+#, c-format
+msgid "Length at which to wrap log file lines (0 for no wrap): %u"
+msgstr "Długość, na której zawijać linie logu (0 bez zawijania): %u"
+
+#: plugins/sudoers/def_data.c:178
+#, c-format
+msgid "Authentication timestamp timeout: %.1f minutes"
+msgstr "Limit czasu znacznika uwierzytelniania (w minutach): %.1f"
+
+#: plugins/sudoers/def_data.c:182
+#, c-format
+msgid "Password prompt timeout: %.1f minutes"
+msgstr "Limit czasu pytania o hasło (w minutach): %.1f"
+
+#: plugins/sudoers/def_data.c:186
+#, c-format
+msgid "Number of tries to enter a password: %u"
+msgstr "Liczba prób wpisania hasła: %u"
+
+#: plugins/sudoers/def_data.c:190
+#, c-format
+msgid "Umask to use or 0777 to use user's: 0%o"
+msgstr "Wartość umask lub 0777, aby użyć wartości użytkownika: 0%o"
+
+#: plugins/sudoers/def_data.c:194
+#, c-format
+msgid "Path to log file: %s"
+msgstr "Ścieżka do pliku logu: %s"
+
+#: plugins/sudoers/def_data.c:198
+#, c-format
+msgid "Path to mail program: %s"
+msgstr "Ścieżka do programu mail: %s"
+
+#: plugins/sudoers/def_data.c:202
+#, c-format
+msgid "Flags for mail program: %s"
+msgstr "Flagi dla programu mail: %s"
+
+#: plugins/sudoers/def_data.c:206
+#, c-format
+msgid "Address to send mail to: %s"
+msgstr "Adres, na który mają być wysyłane listy: %s"
+
+#: plugins/sudoers/def_data.c:210
+#, c-format
+msgid "Address to send mail from: %s"
+msgstr "Adres, z którego mają być wysyłane listy: %s"
+
+#: plugins/sudoers/def_data.c:214
+#, c-format
+msgid "Subject line for mail messages: %s"
+msgstr "Temat wysyłanych listów: %s"
+
+#: plugins/sudoers/def_data.c:218
+#, c-format
+msgid "Incorrect password message: %s"
+msgstr "Komunikat o błędnym haśle: %s"
+
+#: plugins/sudoers/def_data.c:222
+#, c-format
+msgid "Path to lecture status dir: %s"
+msgstr "Ścieżka katalogu stanu instrukcji: %s"
+
+#: plugins/sudoers/def_data.c:226
+#, c-format
+msgid "Path to authentication timestamp dir: %s"
+msgstr "Ścieżka katalogu znaczników czasu uwierzytelniania: %s"
+
+#: plugins/sudoers/def_data.c:230
+#, c-format
+msgid "Owner of the authentication timestamp dir: %s"
+msgstr "Właściciel katalogu znaczników czasu uwierzytelniania: %s"
+
+#: plugins/sudoers/def_data.c:234
+#, c-format
+msgid "Users in this group are exempt from password and PATH requirements: %s"
+msgstr "Grupa, której użytkownicy są zwolnieni z wymagań dot. haseł i PATH: %s"
+
+#: plugins/sudoers/def_data.c:238
+#, c-format
+msgid "Default password prompt: %s"
+msgstr "Domyślne pytanie o hasło: %s"
+
+#: plugins/sudoers/def_data.c:242
+msgid "If set, passprompt will override system prompt in all cases."
+msgstr "Czy passprompt ma być używane zamiast systemowego zapytania we wszystkich przypadkach"
+
+#: plugins/sudoers/def_data.c:246
+#, c-format
+msgid "Default user to run commands as: %s"
+msgstr "Domyślny użytkownik do uruchamiania poleceń: %s"
+
+#: plugins/sudoers/def_data.c:250
+#, c-format
+msgid "Value to override user's $PATH with: %s"
+msgstr "Wartość do podstawienia za $PATH użytkownika: %s"
+
+#: plugins/sudoers/def_data.c:254
+#, c-format
+msgid "Path to the editor for use by visudo: %s"
+msgstr "Ścieżka do edytora, który ma być używany przez visudo: %s"
+
+#: plugins/sudoers/def_data.c:258
+#, c-format
+msgid "When to require a password for 'list' pseudocommand: %s"
+msgstr "Kiedy ma być wymagane hasło dla pseudopolecenia 'list': %s"
+
+#: plugins/sudoers/def_data.c:262
+#, c-format
+msgid "When to require a password for 'verify' pseudocommand: %s"
+msgstr "Kiedy ma być wymagane hasło dla pseudopolecenia 'verify': %s"
+
+#: plugins/sudoers/def_data.c:266
+msgid "Preload the dummy exec functions contained in the sudo_noexec library"
+msgstr "Wczytanie pustych funkcji exec zawartych w bibliotece sudo_noexec"
+
+#: plugins/sudoers/def_data.c:270
+msgid "If LDAP directory is up, do we ignore local sudoers file"
+msgstr "Jeśli istnieje katalog LDAP, czy ignorować lokalny plik sudoers"
+
+#: plugins/sudoers/def_data.c:274
+#, c-format
+msgid "File descriptors >= %d will be closed before executing a command"
+msgstr "Deskryptory plików >= %d będą zamykane przed uruchomieniem polecenia"
+
+#: plugins/sudoers/def_data.c:278
+msgid "If set, users may override the value of `closefrom' with the -C option"
+msgstr "Czy użytkownicy mogą zmieniać wartość `closefrom' opcją -C"
+
+#: plugins/sudoers/def_data.c:282
+msgid "Allow users to set arbitrary environment variables"
+msgstr "Zezwolenie użytkownikom na ustawianie dowolnych zmiennych środowiskowych"
+
+#: plugins/sudoers/def_data.c:286
+msgid "Reset the environment to a default set of variables"
+msgstr "Wyczyszczenie środowiska do domyślnego zbioru zmiennych"
+
+#: plugins/sudoers/def_data.c:290
+msgid "Environment variables to check for sanity:"
+msgstr "Zmienne środowiskowe do sprawdzania poprawności:"
+
+#: plugins/sudoers/def_data.c:294
+msgid "Environment variables to remove:"
+msgstr "Zmienne środowiskowe do usunięcia:"
+
+#: plugins/sudoers/def_data.c:298
+msgid "Environment variables to preserve:"
+msgstr "Zmienne środowiskowe do zachowania:"
+
+#: plugins/sudoers/def_data.c:302
+#, c-format
+msgid "SELinux role to use in the new security context: %s"
+msgstr "Rola SELinuksa do używania w nowym kontekście bezpieczeństwa: %s"
+
+#: plugins/sudoers/def_data.c:306
+#, c-format
+msgid "SELinux type to use in the new security context: %s"
+msgstr "Typ SELinuksa do używania w nowym kontekście bezpieczeństwa: %s"
+
+#: plugins/sudoers/def_data.c:310
+#, c-format
+msgid "Path to the sudo-specific environment file: %s"
+msgstr "Ścieżka do pliku środowiska specyficznego dla sudo: %s"
+
+#: plugins/sudoers/def_data.c:314
+#, c-format
+msgid "Path to the restricted sudo-specific environment file: %s"
+msgstr "Ścieżka do pliku ograniczonego środowiska specyficznego dla sudo: %s"
+
+#: plugins/sudoers/def_data.c:318
+#, c-format
+msgid "Locale to use while parsing sudoers: %s"
+msgstr "Lokalizacja, jak ma być używana przy analizie pliku sudoers: %s"
+
+#: plugins/sudoers/def_data.c:322
+msgid "Allow sudo to prompt for a password even if it would be visible"
+msgstr "Zezwolenie sudo na pytanie o hasło nawet gdyby miało być widoczne"
+
+#: plugins/sudoers/def_data.c:326
+msgid "Provide visual feedback at the password prompt when there is user input"
+msgstr "Uwidocznienie wprowadzania hasła przez użytkownika w miarę wpisywania"
+
+#: plugins/sudoers/def_data.c:330
+msgid "Use faster globbing that is less accurate but does not access the filesystem"
+msgstr "Użycie szybszych masek (glob) - mniej dokładnych, ale nie odwołujących się do systemu plików"
+
+#: plugins/sudoers/def_data.c:334
+msgid "The umask specified in sudoers will override the user's, even if it is more permissive"
+msgstr "Wartość umask podana w sudoers ma zastąpić wartość użytkownika, nawet jeśli pozwala na więcej"
+
+#: plugins/sudoers/def_data.c:338
+msgid "Log user's input for the command being run"
+msgstr "Logowanie wejścia użytkownika dla uruchamianych poleceń"
+
+#: plugins/sudoers/def_data.c:342
+msgid "Log the output of the command being run"
+msgstr "Logowanie wyjścia z uruchamianych poleceń"
+
+#: plugins/sudoers/def_data.c:346
+msgid "Compress I/O logs using zlib"
+msgstr "Kompresja logów we/wy przy użyciu zliba"
+
+#: plugins/sudoers/def_data.c:350
+msgid "Always run commands in a pseudo-tty"
+msgstr "Uruchamianie poleceń zawsze na pseudoterminalu"
+
+#: plugins/sudoers/def_data.c:354
+#, c-format
+msgid "Plugin for non-Unix group support: %s"
+msgstr "Wtyczka do obsługi grup nieuniksowych: %s"
+
+#: plugins/sudoers/def_data.c:358
+#, c-format
+msgid "Directory in which to store input/output logs: %s"
+msgstr "Katalog do zapisu logów wejścia/wyjścia: %s"
+
+#: plugins/sudoers/def_data.c:362
+#, c-format
+msgid "File in which to store the input/output log: %s"
+msgstr "Plik do zapisu logu wejścia/wyjścia: %s"
+
+#: plugins/sudoers/def_data.c:366
+msgid "Add an entry to the utmp/utmpx file when allocating a pty"
+msgstr "Dodawanie wpisu do pliku utmp/utmpx przy przydzielaniu pty"
+
+#: plugins/sudoers/def_data.c:370
+msgid "Set the user in utmp to the runas user, not the invoking user"
+msgstr "Ustawianie użytkownika w utmp jako docelowego, nie wywołującego"
+
+#: plugins/sudoers/def_data.c:374
+#, c-format
+msgid "Set of permitted privileges: %s"
+msgstr "Zbiór dozwolonych uprawnień: %s"
+
+#: plugins/sudoers/def_data.c:378
+#, c-format
+msgid "Set of limit privileges: %s"
+msgstr "Zbiór ograniczonych uprawnień: %s"
+
+#: plugins/sudoers/def_data.c:382
+msgid "Run commands on a pty in the background"
+msgstr "Uruchomienie poleceń na pseudoterminalu w tle"
+
+#: plugins/sudoers/def_data.c:386
+#, c-format
+msgid "PAM service name to use: %s"
+msgstr "Nazwa usługi PAM do użycia: %s"
+
+#: plugins/sudoers/def_data.c:390
+#, c-format
+msgid "PAM service name to use for login shells: %s"
+msgstr "Nazwa usługi PAM do użycia dla powłok logowania: %s"
+
+#: plugins/sudoers/def_data.c:394
+msgid "Attempt to establish PAM credentials for the target user"
+msgstr "Próba ustanowienia danych uwierzytelniających PAM dla użytkownika docelowego"
+
+#: plugins/sudoers/def_data.c:398
+msgid "Create a new PAM session for the command to run in"
+msgstr "Utworzenie nowej sesji PAM dla uruchamianego polecenia"
+
+#: plugins/sudoers/def_data.c:402
+#, c-format
+msgid "Maximum I/O log sequence number: %u"
+msgstr "Maksymalny numer sekwencji logu we/wy: %u"
+
+#: plugins/sudoers/def_data.c:406
+msgid "Enable sudoers netgroup support"
+msgstr "Włączenie obsługi grup sieciowych w sudoers"
+
+#: plugins/sudoers/def_data.c:410
+msgid "Check parent directories for writability when editing files with sudoedit"
+msgstr "Sprawdzanie katalogów nadrzędnych pod kątem możliwości zapisu przy edycji plików programem sudoedit"
+
+#: plugins/sudoers/def_data.c:414
+msgid "Follow symbolic links when editing files with sudoedit"
+msgstr "Podążanie za dowiązaniami symbolicznymi przy edycji programem sudoedit"
+
+#: plugins/sudoers/def_data.c:418
+msgid "Query the group plugin for unknown system groups"
+msgstr "Odpytanie wtyczki group pod kątem nieznanych grup systemowych"
+
+#: plugins/sudoers/def_data.c:422
+msgid "Match netgroups based on the entire tuple: user, host and domain"
+msgstr "Dopasowanie grup sieciowych w oparciu o całą krotkę: użytkownik, host i domena"
+
+#: plugins/sudoers/def_data.c:426
+msgid "Allow commands to be run even if sudo cannot write to the audit log"
+msgstr "Zezwolenie na uruchamianie poleceń nawet jeśli sudo nie może pisać do logu audytowego"
+
+#: plugins/sudoers/def_data.c:430
+msgid "Allow commands to be run even if sudo cannot write to the I/O log"
+msgstr "Zezwolenie na uruchamianie poleceń nawet jeśli sudo nie może pisać do logu we/wy"
+
+#: plugins/sudoers/def_data.c:434
+msgid "Allow commands to be run even if sudo cannot write to the log file"
+msgstr "Zezwolenie na uruchamianie poleceń nawet jeśli sudo nie może pisać do pliku logu"
+
+#: plugins/sudoers/def_data.c:438
+msgid "Resolve groups in sudoers and match on the group ID, not the name"
+msgstr "Rozwiązanie grup z sudoers i dopasowywanie po ID grupy zamiast nazwy"
+
+#: plugins/sudoers/def_data.c:442
+#, c-format
+msgid "Log entries larger than this value will be split into multiple syslog messages: %u"
+msgstr "Wpisy logu większe niż ta wartość będą dzielone na wiele wiadomości sysloga: %u"
+
+#: plugins/sudoers/def_data.c:446
+#, c-format
+msgid "User that will own the I/O log files: %s"
+msgstr "Użytkownik, który będzie właścicielem plików logu we/wy: %s"
+
+#: plugins/sudoers/def_data.c:450
+#, c-format
+msgid "Group that will own the I/O log files: %s"
+msgstr "Grupa, która będzie właścicielem plików logu we/wy: %s"
+
+#: plugins/sudoers/def_data.c:454
+#, c-format
+msgid "File mode to use for the I/O log files: 0%o"
+msgstr "Uprawnienia dla plików logu we/wy: 0%o"
+
+#: plugins/sudoers/def_data.c:458
+#, c-format
+msgid "Execute commands by file descriptor instead of by path: %s"
+msgstr "Uruchomienie poleceń poprzez deskryptor pliku zamiast ścieżki: %s"
+
+#: plugins/sudoers/def_data.c:462
+msgid "Ignore unknown Defaults entries in sudoers instead of producing a warning"
+msgstr "Ignorowanie nieznanych wpisów Defaults w sudoers zamiast ostrzeżenia"
+
+#: plugins/sudoers/def_data.c:466
+#, c-format
+msgid "Time in seconds after which the command will be terminated: %u"
+msgstr "Czas w sekundach, po którym polecenie będzie kończone: %u"
+
+#: plugins/sudoers/def_data.c:470
+msgid "Allow the user to specify a timeout on the command line"
+msgstr "Zezwolenie użytkownikowi na określenie limitu czasu z linii poleceń"
+
+#: plugins/sudoers/def_data.c:474
+msgid "Flush I/O log data to disk immediately instead of buffering it"
+msgstr "Natychmiastowy zrzut danych logu we/wy na dysk zamiast buforowania"
+
+#: plugins/sudoers/def_data.c:478
+msgid "Include the process ID when logging via syslog"
+msgstr "Dołączanie identyfikatora procesu przy logowaniu przez syslog"
+
+#: plugins/sudoers/def_data.c:482
+#, c-format
+msgid "Type of authentication timestamp record: %s"
+msgstr "Rodzaj rekordu znacznika czasu uwierzytelniania: %s"
+
+#: plugins/sudoers/def_data.c:486
+#, c-format
+msgid "Authentication failure message: %s"
+msgstr "Komunikat błędu uwierzytelnienia: %s"
+
+#: plugins/sudoers/def_data.c:490
+msgid "Ignore case when matching user names"
+msgstr "Ignorowanie wielkości liter przy dopasowywaniu nazw użytkownika"
+
+#: plugins/sudoers/def_data.c:494
+msgid "Ignore case when matching group names"
+msgstr "Ignorowanie wielkości liter przy dopasowywaniu nazw grup"
+
+#: plugins/sudoers/defaults.c:229
+#, c-format
+msgid "%s:%d unknown defaults entry \"%s\""
+msgstr "%s:%d: nieznany wpis domyślny \"%s\""
+
+#: plugins/sudoers/defaults.c:232
+#, c-format
+msgid "%s: unknown defaults entry \"%s\""
+msgstr "%s: nieznany wpis domyślny \"%s\""
+
+#: plugins/sudoers/defaults.c:275
+#, c-format
+msgid "%s:%d no value specified for \"%s\""
+msgstr "%s:%d: nie podano wartości dla \"%s\""
+
+#: plugins/sudoers/defaults.c:278
+#, c-format
+msgid "%s: no value specified for \"%s\""
+msgstr "%s: nie podano wartości dla \"%s\""
+
+#: plugins/sudoers/defaults.c:298
+#, c-format
+msgid "%s:%d values for \"%s\" must start with a '/'"
+msgstr "%s:%d: wartości \"%s\" muszą zaczynać się od '/'"
+
+#: plugins/sudoers/defaults.c:301
+#, c-format
+msgid "%s: values for \"%s\" must start with a '/'"
+msgstr "%s: wartości \"%s\" muszą zaczynać się od '/'"
+
+#: plugins/sudoers/defaults.c:323
+#, c-format
+msgid "%s:%d option \"%s\" does not take a value"
+msgstr "%s:%d: opcja \"%s\" nie przyjmuje wartości"
+
+#: plugins/sudoers/defaults.c:326
+#, c-format
+msgid "%s: option \"%s\" does not take a value"
+msgstr "%s: opcja \"%s\" nie przyjmuje wartości"
+
+#: plugins/sudoers/defaults.c:351
+#, c-format
+msgid "%s:%d invalid Defaults type 0x%x for option \"%s\""
+msgstr "%s:%d: błędny typ Defaults 0x%x dla opcji \"%s\""
+
+#: plugins/sudoers/defaults.c:354
+#, c-format
+msgid "%s: invalid Defaults type 0x%x for option \"%s\""
+msgstr "%s: błędny typ Defaults 0x%x dla opcji \"%s\""
+
+#: plugins/sudoers/defaults.c:364
+#, c-format
+msgid "%s:%d value \"%s\" is invalid for option \"%s\""
+msgstr "%s:%d: błędna wartość \"%s\" dla opcji \"%s\""
+
+#: plugins/sudoers/defaults.c:367
+#, c-format
+msgid "%s: value \"%s\" is invalid for option \"%s\""
+msgstr "%s: błędna wartość \"%s\" dla opcji \"%s\""
+
+#: plugins/sudoers/env.c:390
+msgid "sudo_putenv: corrupted envp, length mismatch"
+msgstr "sudo_putenv: uszkodzone envp, niezgodność długości"
+
+#: plugins/sudoers/env.c:1111
+msgid "unable to rebuild the environment"
+msgstr "nie udało się przebudować środowiska"
+
+#: plugins/sudoers/env.c:1185
+#, c-format
+msgid "sorry, you are not allowed to set the following environment variables: %s"
+msgstr "niestety nie jest dozwolone ustawianie następujących zmiennych środowiskowych: %s"
+
+#: plugins/sudoers/file.c:114
+#, c-format
+msgid "parse error in %s near line %d"
+msgstr "błąd składni w %s w okolicy linii %d"
+
+#: plugins/sudoers/file.c:117
+#, c-format
+msgid "parse error in %s"
+msgstr "błąd składni w %s"
+
+#: plugins/sudoers/filedigest.c:59
+#, c-format
+msgid "unsupported digest type %d for %s"
+msgstr "nieobsługiwany typ skrótu %d dla %s"
+
+#: plugins/sudoers/filedigest.c:88
+#, c-format
+msgid "%s: read error"
+msgstr "%s: błąd odczytu"
+
+#: plugins/sudoers/group_plugin.c:88
+#, c-format
+msgid "%s must be owned by uid %d"
+msgstr "właścicielem %s musi być uid %d"
+
+#: plugins/sudoers/group_plugin.c:92
+#, c-format
+msgid "%s must only be writable by owner"
+msgstr "prawo zapisu do %s może mieć tylko właściciel"
+
+#: plugins/sudoers/group_plugin.c:100 plugins/sudoers/sssd.c:561
+#, c-format
+msgid "unable to load %s: %s"
+msgstr "nie udało się załadować %s: %s"
+
+#: plugins/sudoers/group_plugin.c:106
+#, c-format
+msgid "unable to find symbol \"group_plugin\" in %s"
+msgstr "nie udało się odnaleźć symbolu \"group_plugin\" w %s"
+
+#: plugins/sudoers/group_plugin.c:111
+#, c-format
+msgid "%s: incompatible group plugin major version %d, expected %d"
+msgstr "%s: niezgodna główna wersja wtyczki grup %d, oczekiwano %d"
+
+#: plugins/sudoers/interfaces.c:84 plugins/sudoers/interfaces.c:101
+#, c-format
+msgid "unable to parse IP address \"%s\""
+msgstr "nie udało się przeanalizować adresu IP \"%s\""
+
+#: plugins/sudoers/interfaces.c:89 plugins/sudoers/interfaces.c:106
+#, c-format
+msgid "unable to parse netmask \"%s\""
+msgstr "nie udało się przeanalizować maski sieciowej \"%s\""
+
+#: plugins/sudoers/interfaces.c:134
+msgid "Local IP address and netmask pairs:\n"
+msgstr "Pary lokalnych adresów IP i masek:\n"
+
+#: plugins/sudoers/iolog.c:115 plugins/sudoers/mkdir_parents.c:80
+#, c-format
+msgid "%s exists but is not a directory (0%o)"
+msgstr "%s istnieje, ale nie jest katalogiem (0%o)"
+
+#: plugins/sudoers/iolog.c:140 plugins/sudoers/iolog.c:180
+#: plugins/sudoers/mkdir_parents.c:69 plugins/sudoers/timestamp.c:210
+#, c-format
+msgid "unable to mkdir %s"
+msgstr "nie udało się wykonać mkdir %s"
+
+#: plugins/sudoers/iolog.c:184 plugins/sudoers/visudo.c:723
+#: plugins/sudoers/visudo.c:734
+#, c-format
+msgid "unable to change mode of %s to 0%o"
+msgstr "nie udało się zmienić uprawnień %s na 0%o"
+
+#: plugins/sudoers/iolog.c:292 plugins/sudoers/sudoers.c:1167
+#: plugins/sudoers/testsudoers.c:422
+#, c-format
+msgid "unknown group: %s"
+msgstr "nieznana grupa: %s"
+
+#: plugins/sudoers/iolog.c:462 plugins/sudoers/sudoers.c:907
+#: plugins/sudoers/sudoreplay.c:840 plugins/sudoers/sudoreplay.c:1536
+#: plugins/sudoers/tsdump.c:143
+#, c-format
+msgid "unable to read %s"
+msgstr "nie udało się odczytać %s"
+
+#: plugins/sudoers/iolog.c:577 plugins/sudoers/iolog.c:797
+#, c-format
+msgid "unable to create %s"
+msgstr "nie udało się utworzyć %s"
+
+#: plugins/sudoers/iolog.c:820 plugins/sudoers/iolog.c:1035
+#: plugins/sudoers/iolog.c:1111 plugins/sudoers/iolog.c:1205
+#: plugins/sudoers/iolog.c:1265
+#, c-format
+msgid "unable to write to I/O log file: %s"
+msgstr "nie udało się zapisać do pliku logu we/wy: %s"
+
+#: plugins/sudoers/iolog.c:1069
+#, c-format
+msgid "%s: internal error, I/O log file for event %d not open"
+msgstr "%s: błąd wewnętrzny, plik logu we/wy dla zdarzenia %d nie jest otwarty"
+
+#: plugins/sudoers/iolog.c:1228
+#, c-format
+msgid "%s: internal error, invalid signal %d"
+msgstr "%s: błąd wewnętrzny, błędny sygnał %d"
+
+#: plugins/sudoers/iolog_util.c:87
+#, c-format
+msgid "%s: invalid log file"
+msgstr "%s: błędny plik logu"
+
+#: plugins/sudoers/iolog_util.c:105
+#, c-format
+msgid "%s: time stamp field is missing"
+msgstr "%s: brak pola znacznika czasu"
+
+#: plugins/sudoers/iolog_util.c:111
+#, c-format
+msgid "%s: time stamp %s: %s"
+msgstr "%s: znacznik czasu %s: %s"
+
+#: plugins/sudoers/iolog_util.c:118
+#, c-format
+msgid "%s: user field is missing"
+msgstr "%s: brak pola z użytkownikiem"
+
+#: plugins/sudoers/iolog_util.c:127
+#, c-format
+msgid "%s: runas user field is missing"
+msgstr "%s: brak pola z użytkownikiem runas"
+
+#: plugins/sudoers/iolog_util.c:136
+#, c-format
+msgid "%s: runas group field is missing"
+msgstr "%s: brak pola z grupą runas"
+
+#: plugins/sudoers/ldap.c:176 plugins/sudoers/ldap_conf.c:294
+msgid "starttls not supported when using ldaps"
+msgstr "brak obsługi starttls w przypadku użycia ldaps"
+
+#: plugins/sudoers/ldap.c:247
+#, c-format
+msgid "unable to initialize SSL cert and key db: %s"
+msgstr "nie udało się zainicjować bazy certyfikatów i kluczy SSL: %s"
+
+#: plugins/sudoers/ldap.c:250
+#, c-format
+msgid "you must set TLS_CERT in %s to use SSL"
+msgstr "aby używać SSL, trzeba ustawić TLS_CERT w %s"
+
+#: plugins/sudoers/ldap.c:1612
+#, c-format
+msgid "unable to initialize LDAP: %s"
+msgstr "nie udało się zainicjować LDAP: %s"
+
+#: plugins/sudoers/ldap.c:1648
+msgid "start_tls specified but LDAP libs do not support ldap_start_tls_s() or ldap_start_tls_s_np()"
+msgstr "wybrano start_tls, ale biblioteki LDAP nie obsługują ldap_start_tls_s() ani ldap_start_tls_s_np()"
+
+#: plugins/sudoers/ldap.c:1785 plugins/sudoers/parse_ldif.c:735
+#, c-format
+msgid "invalid sudoOrder attribute: %s"
+msgstr "błędny atrybut sudoOrder: %s"
+
+#: plugins/sudoers/ldap_conf.c:203
+msgid "sudo_ldap_conf_add_ports: port too large"
+msgstr "sudo_ldap_conf_add_ports: port zbyt duży"
+
+#: plugins/sudoers/ldap_conf.c:263
+#, c-format
+msgid "unsupported LDAP uri type: %s"
+msgstr "nieobsługiwany rodzaj URI LDAP: %s"
+
+#: plugins/sudoers/ldap_conf.c:290
+msgid "unable to mix ldap and ldaps URIs"
+msgstr "nie można mieszać URI ldap i ldaps"
+
+#: plugins/sudoers/ldap_util.c:454 plugins/sudoers/ldap_util.c:456
+#, c-format
+msgid "unable to convert sudoOption: %s%s%s"
+msgstr "nie można skonwertować sudoOption: %s%s%s"
+
+#: plugins/sudoers/linux_audit.c:57
+msgid "unable to open audit system"
+msgstr "nie udało się otworzyć systemu audytowego"
+
+#: plugins/sudoers/linux_audit.c:98
+msgid "unable to send audit message"
+msgstr "nie udało się wysłać komunikatu audytowego"
+
+#: plugins/sudoers/logging.c:113
+#, c-format
+msgid "%8s : %s"
+msgstr "%8s : %s"
+
+#: plugins/sudoers/logging.c:141
+#, c-format
+msgid "%8s : (command continued) %s"
+msgstr "%8s : (kontynuacja polecenia) %s"
+
+#: plugins/sudoers/logging.c:170
+#, c-format
+msgid "unable to open log file: %s"
+msgstr "nie udało się otworzyć pliku logu: %s"
+
+#: plugins/sudoers/logging.c:178
+#, c-format
+msgid "unable to lock log file: %s"
+msgstr "nie udało się zablokować pliku logu: %s"
+
+#: plugins/sudoers/logging.c:211
+#, c-format
+msgid "unable to write log file: %s"
+msgstr "nie udało się zapisać pliku logu: %s"
+
+#: plugins/sudoers/logging.c:240
+msgid "No user or host"
+msgstr "Brak użytkownika lub hosta"
+
+#: plugins/sudoers/logging.c:242
+msgid "validation failure"
+msgstr "błąd kontroli poprawności"
+
+#: plugins/sudoers/logging.c:249
+msgid "user NOT in sudoers"
+msgstr "użytkownik NIE występuje w sudoers"
+
+#: plugins/sudoers/logging.c:251
+msgid "user NOT authorized on host"
+msgstr "użytkownik NIE jest autoryzowany na hoście"
+
+#: plugins/sudoers/logging.c:253
+msgid "command not allowed"
+msgstr "polecenie niedozwolone"
+
+#: plugins/sudoers/logging.c:288
+#, c-format
+msgid "%s is not in the sudoers file.  This incident will be reported.\n"
+msgstr "%s nie występuje w pliku sudoers. Ten incydent zostanie zgłoszony.\n"
+
+#: plugins/sudoers/logging.c:291
+#, c-format
+msgid "%s is not allowed to run sudo on %s.  This incident will be reported.\n"
+msgstr "%s nie ma uprawnień do uruchamiania sudo na %s. Ten incydent zostanie zgłoszony.\n"
+
+#: plugins/sudoers/logging.c:295
+#, c-format
+msgid "Sorry, user %s may not run sudo on %s.\n"
+msgstr "Niestety użytkownik %s nie może uruchamiać sudo na %s.\n"
+
+#: plugins/sudoers/logging.c:298
+#, c-format
+msgid "Sorry, user %s is not allowed to execute '%s%s%s' as %s%s%s on %s.\n"
+msgstr "Niestety użytkownik %s nie ma uprawnień do uruchamiania '%s%s%s' jako %s%s%s na %s.\n"
+
+#: plugins/sudoers/logging.c:335 plugins/sudoers/sudoers.c:438
+#: plugins/sudoers/sudoers.c:440 plugins/sudoers/sudoers.c:442
+#: plugins/sudoers/sudoers.c:444 plugins/sudoers/sudoers.c:599
+#: plugins/sudoers/sudoers.c:601
+#, c-format
+msgid "%s: command not found"
+msgstr "%s: nie znaleziono polecenia"
+
+#: plugins/sudoers/logging.c:337 plugins/sudoers/sudoers.c:434
+#, c-format
+msgid ""
+"ignoring \"%s\" found in '.'\n"
+"Use \"sudo ./%s\" if this is the \"%s\" you wish to run."
+msgstr ""
+"zignorowano plik \"%s\" znaleziony w '.'\n"
+"Proszę użyć \"sudo ./%s\", jeśli to \"%s\" ma być uruchomiony."
+
+#: plugins/sudoers/logging.c:354
+msgid "authentication failure"
+msgstr "błąd uwierzytelniania"
+
+#: plugins/sudoers/logging.c:380
+msgid "a password is required"
+msgstr "wymagane jest hasło"
+
+#: plugins/sudoers/logging.c:443
+#, c-format
+msgid "%u incorrect password attempt"
+msgid_plural "%u incorrect password attempts"
+msgstr[0] "%u błędna próba wprowadzenia hasła"
+msgstr[1] "%u błędne próby wprowadzenia hasła"
+msgstr[2] "%u błędnych prób wprowadzenia hasła"
+
+#: plugins/sudoers/logging.c:666
+msgid "unable to fork"
+msgstr "nie udało się wykonać fork"
+
+#: plugins/sudoers/logging.c:674 plugins/sudoers/logging.c:726
+#, c-format
+msgid "unable to fork: %m"
+msgstr "nie udało się wykonać fork: %m"
+
+#: plugins/sudoers/logging.c:716
+#, c-format
+msgid "unable to open pipe: %m"
+msgstr "nie udało się otworzyć potoku: %m"
+
+#: plugins/sudoers/logging.c:741
+#, c-format
+msgid "unable to dup stdin: %m"
+msgstr "nie udało się wykonać dup na stdin: %m"
+
+#: plugins/sudoers/logging.c:779
+#, c-format
+msgid "unable to execute %s: %m"
+msgstr "nie udało się wywołać %s: %m"
+
+#: plugins/sudoers/match.c:874
+#, c-format
+msgid "digest for %s (%s) is not in %s form"
+msgstr "skrót dla %s (%s) nie jest w postaci %s"
+
+#: plugins/sudoers/mkdir_parents.c:75 plugins/sudoers/sudoers.c:918
+#: plugins/sudoers/visudo.c:421 plugins/sudoers/visudo.c:717
+#, c-format
+msgid "unable to stat %s"
+msgstr "nie udało się wykonać stat na %s"
+
+#: plugins/sudoers/parse.c:444
+#, c-format
+msgid ""
+"\n"
+"LDAP Role: %s\n"
+msgstr ""
+"\n"
+"Rola LDAP: %s\n"
+
+#: plugins/sudoers/parse.c:447
+#, c-format
+msgid ""
+"\n"
+"Sudoers entry:\n"
+msgstr ""
+"\n"
+"Wpis sudoers:\n"
+
+#: plugins/sudoers/parse.c:449
+#, c-format
+msgid "    RunAsUsers: "
+msgstr "    Jako użytkownicy: "
+
+#: plugins/sudoers/parse.c:464
+#, c-format
+msgid "    RunAsGroups: "
+msgstr "    Jako grupy: "
+
+#: plugins/sudoers/parse.c:474
+#, c-format
+msgid "    Options: "
+msgstr "    Opcje: "
+
+#: plugins/sudoers/parse.c:528
+#, c-format
+msgid "    Commands:\n"
+msgstr "    Polecenia:\n"
+
+#: plugins/sudoers/parse.c:719
+#, c-format
+msgid "Matching Defaults entries for %s on %s:\n"
+msgstr "Pasujące wpisy Defaults dla %s na %s:\n"
+
+#: plugins/sudoers/parse.c:737
+#, c-format
+msgid "Runas and Command-specific defaults for %s:\n"
+msgstr "Wartości specyficzne dla Runas i Command dla %s:\n"
+
+#: plugins/sudoers/parse.c:755
+#, c-format
+msgid "User %s may run the following commands on %s:\n"
+msgstr "Użytkownik %s może uruchamiać na %s następujące polecenia:\n"
+
+#: plugins/sudoers/parse.c:770
+#, c-format
+msgid "User %s is not allowed to run sudo on %s.\n"
+msgstr "Użytkownik %s nie ma uprawnień do uruchamiania sudo na %s.\n"
+
+#: plugins/sudoers/parse_ldif.c:145
+#, c-format
+msgid "ignoring invalid attribute value: %s"
+msgstr "zignorowano błędną wartość atrybutu: %s"
+
+#: plugins/sudoers/parse_ldif.c:584
+#, c-format
+msgid "ignoring incomplete sudoRole: cn: %s"
+msgstr "zignorowano niekompletne sudoRole: cn: %s"
+
+#: plugins/sudoers/policy.c:88 plugins/sudoers/policy.c:114
+#, c-format
+msgid "invalid %.*s set by sudo front-end"
+msgstr "błędna wartość %.*s ustawiona przez frontend sudo"
+
+#: plugins/sudoers/policy.c:293 plugins/sudoers/testsudoers.c:278
+msgid "unable to parse network address list"
+msgstr "nie udało się przeanalizować listy adresów sieciowych"
+
+#: plugins/sudoers/policy.c:437
+msgid "user name not set by sudo front-end"
+msgstr "nazwa użytkownika nie ustawiona przez frontend sudo"
+
+#: plugins/sudoers/policy.c:441
+msgid "user ID not set by sudo front-end"
+msgstr "ID użytkownika nie ustawiony przez frontend sudo"
+
+#: plugins/sudoers/policy.c:445
+msgid "group ID not set by sudo front-end"
+msgstr "ID grupy nie ustawiony przez frontend sudo"
+
+#: plugins/sudoers/policy.c:449
+msgid "host name not set by sudo front-end"
+msgstr "nazwa hosta nie ustawiona przez frontend sudo"
+
+#: plugins/sudoers/policy.c:802 plugins/sudoers/visudo.c:220
+#: plugins/sudoers/visudo.c:851
+#, c-format
+msgid "unable to execute %s"
+msgstr "nie udało się wywołać %s"
+
+#: plugins/sudoers/policy.c:933
+#, c-format
+msgid "Sudoers policy plugin version %s\n"
+msgstr "Wersja wtyczki polityki sudoers %s\n"
+
+#: plugins/sudoers/policy.c:935
+#, c-format
+msgid "Sudoers file grammar version %d\n"
+msgstr "Wersja gramatyki pliku sudoers %d\n"
+
+#: plugins/sudoers/policy.c:939
+#, c-format
+msgid ""
+"\n"
+"Sudoers path: %s\n"
+msgstr ""
+"\n"
+"Ścieżka do sudoers: %s\n"
+
+#: plugins/sudoers/policy.c:942
+#, c-format
+msgid "nsswitch path: %s\n"
+msgstr "ścieżka do nsswitch: %s\n"
+
+#: plugins/sudoers/policy.c:944
+#, c-format
+msgid "ldap.conf path: %s\n"
+msgstr "ścieżka do ldap.conf: %s\n"
+
+#: plugins/sudoers/policy.c:945
+#, c-format
+msgid "ldap.secret path: %s\n"
+msgstr "ścieżka do ldap.secret: %s\n"
+
+#: plugins/sudoers/policy.c:978
+#, c-format
+msgid "unable to register hook of type %d (version %d.%d)"
+msgstr "nie udało się zarejestrować uchwytu typu %d (wersja %d.%d)"
+
+#: plugins/sudoers/pwutil.c:220 plugins/sudoers/pwutil.c:239
+#, c-format
+msgid "unable to cache uid %u, out of memory"
+msgstr "nie udało się zapamiętać uid-a %u, brak pamięci"
+
+#: plugins/sudoers/pwutil.c:233
+#, c-format
+msgid "unable to cache uid %u, already exists"
+msgstr "nie udało się zapamiętać uid-a %u, już istnieje"
+
+#: plugins/sudoers/pwutil.c:293 plugins/sudoers/pwutil.c:311
+#: plugins/sudoers/pwutil.c:373 plugins/sudoers/pwutil.c:418
+#, c-format
+msgid "unable to cache user %s, out of memory"
+msgstr "nie udało się zapamiętać użytkownika %s, brak pamięci"
+
+#: plugins/sudoers/pwutil.c:306
+#, c-format
+msgid "unable to cache user %s, already exists"
+msgstr "nie udało się zapamiętać użytkownika %s, już istnieje"
+
+#: plugins/sudoers/pwutil.c:537 plugins/sudoers/pwutil.c:556
+#, c-format
+msgid "unable to cache gid %u, out of memory"
+msgstr "nie udało się zapamiętać gid-a %u, brak pamięci"
+
+#: plugins/sudoers/pwutil.c:550
+#, c-format
+msgid "unable to cache gid %u, already exists"
+msgstr "nie udało się zapamiętać gid-a %u, już istnieje"
+
+#: plugins/sudoers/pwutil.c:604 plugins/sudoers/pwutil.c:622
+#: plugins/sudoers/pwutil.c:669 plugins/sudoers/pwutil.c:711
+#, c-format
+msgid "unable to cache group %s, out of memory"
+msgstr "nie udało się zapamiętać grupy %s, brak pamięci"
+
+#: plugins/sudoers/pwutil.c:617
+#, c-format
+msgid "unable to cache group %s, already exists"
+msgstr "nie udało się zapamiętać grupy %s, już istnieje"
+
+#: plugins/sudoers/pwutil.c:837 plugins/sudoers/pwutil.c:889
+#: plugins/sudoers/pwutil.c:940 plugins/sudoers/pwutil.c:993
+#, c-format
+msgid "unable to cache group list for %s, already exists"
+msgstr "nie udało się zapamiętać listy grup dla %s, już istnieje"
+
+#: plugins/sudoers/pwutil.c:843 plugins/sudoers/pwutil.c:894
+#: plugins/sudoers/pwutil.c:946 plugins/sudoers/pwutil.c:998
+#, c-format
+msgid "unable to cache group list for %s, out of memory"
+msgstr "nie udało się zapamiętać listy grup dla %s, brak pamięci"
+
+#: plugins/sudoers/pwutil.c:883
+#, c-format
+msgid "unable to parse groups for %s"
+msgstr "nie udało się przeanalizować grup dla %s"
+
+#: plugins/sudoers/pwutil.c:987
+#, c-format
+msgid "unable to parse gids for %s"
+msgstr "nie udało się przeanalizować gidów dla %s"
+
+#: plugins/sudoers/set_perms.c:118 plugins/sudoers/set_perms.c:474
+#: plugins/sudoers/set_perms.c:917 plugins/sudoers/set_perms.c:1244
+#: plugins/sudoers/set_perms.c:1561
+msgid "perm stack overflow"
+msgstr "przepełnienie stosu uprawnień"
+
+#: plugins/sudoers/set_perms.c:126 plugins/sudoers/set_perms.c:405
+#: plugins/sudoers/set_perms.c:482 plugins/sudoers/set_perms.c:784
+#: plugins/sudoers/set_perms.c:925 plugins/sudoers/set_perms.c:1168
+#: plugins/sudoers/set_perms.c:1252 plugins/sudoers/set_perms.c:1494
+#: plugins/sudoers/set_perms.c:1569 plugins/sudoers/set_perms.c:1659
+msgid "perm stack underflow"
+msgstr "niedopełnienie stosu uprawnień"
+
+#: plugins/sudoers/set_perms.c:185 plugins/sudoers/set_perms.c:528
+#: plugins/sudoers/set_perms.c:1303 plugins/sudoers/set_perms.c:1601
+msgid "unable to change to root gid"
+msgstr "nie udało się zmienić na gid roota"
+
+#: plugins/sudoers/set_perms.c:274 plugins/sudoers/set_perms.c:625
+#: plugins/sudoers/set_perms.c:1054 plugins/sudoers/set_perms.c:1380
+msgid "unable to change to runas gid"
+msgstr "nie udało się zmienić na docelowy gid"
+
+#: plugins/sudoers/set_perms.c:279 plugins/sudoers/set_perms.c:630
+#: plugins/sudoers/set_perms.c:1059 plugins/sudoers/set_perms.c:1385
+msgid "unable to set runas group vector"
+msgstr "nie udało się ustawić wektora grup docelowych"
+
+#: plugins/sudoers/set_perms.c:290 plugins/sudoers/set_perms.c:641
+#: plugins/sudoers/set_perms.c:1068 plugins/sudoers/set_perms.c:1394
+msgid "unable to change to runas uid"
+msgstr "nie udało się zmienić na docelowy uid"
+
+#: plugins/sudoers/set_perms.c:308 plugins/sudoers/set_perms.c:659
+#: plugins/sudoers/set_perms.c:1084 plugins/sudoers/set_perms.c:1410
+msgid "unable to change to sudoers gid"
+msgstr "nie udało się zmienić na gid sudoers"
+
+#: plugins/sudoers/set_perms.c:392 plugins/sudoers/set_perms.c:771
+#: plugins/sudoers/set_perms.c:1155 plugins/sudoers/set_perms.c:1481
+#: plugins/sudoers/set_perms.c:1646
+msgid "too many processes"
+msgstr "zbyt dużo procesów"
+
+#: plugins/sudoers/solaris_audit.c:56
+msgid "unable to get current working directory"
+msgstr "nie udało się pobrać bieżącego katalogu roboczego"
+
+#: plugins/sudoers/solaris_audit.c:64
+#, c-format
+msgid "truncated audit path user_cmnd: %s"
+msgstr "ucięta ścieżka audytu user_cmnd: %s"
+
+#: plugins/sudoers/solaris_audit.c:71
+#, c-format
+msgid "truncated audit path argv[0]: %s"
+msgstr "ucięta ścieżka audytu argv[0]: %s"
+
+#: plugins/sudoers/solaris_audit.c:120
+msgid "audit_failure message too long"
+msgstr "komunikat audit_failure zbyt długi"
+
+#: plugins/sudoers/sssd.c:563
+msgid "unable to initialize SSS source. Is SSSD installed on your machine?"
+msgstr "nie udało się zainicjować źródła SSS. Czy SSSD jest zainstalowany na tej maszynie?"
+
+#: plugins/sudoers/sssd.c:571 plugins/sudoers/sssd.c:580
+#: plugins/sudoers/sssd.c:589 plugins/sudoers/sssd.c:598
+#: plugins/sudoers/sssd.c:607
+#, c-format
+msgid "unable to find symbol \"%s\" in %s"
+msgstr "nie udało się odnaleźć symbolu \"%s\" w %s"
+
+#: plugins/sudoers/sudoers.c:208 plugins/sudoers/sudoers.c:864
+msgid "problem with defaults entries"
+msgstr "problem z wpisami domyślnymi"
+
+#: plugins/sudoers/sudoers.c:212
+msgid "no valid sudoers sources found, quitting"
+msgstr "nie znaleziono poprawnych źródeł sudoers, zakończenie"
+
+#: plugins/sudoers/sudoers.c:250
+msgid "sudoers specifies that root is not allowed to sudo"
+msgstr "wg sudoers root nie ma prawa używać sudo"
+
+#: plugins/sudoers/sudoers.c:308
+msgid "you are not permitted to use the -C option"
+msgstr "brak uprawnień do używania opcji -C"
+
+#: plugins/sudoers/sudoers.c:355
+#, c-format
+msgid "timestamp owner (%s): No such user"
+msgstr "właściciel znacznika czasu (%s): nie ma takiego użytkownika"
+
+#: plugins/sudoers/sudoers.c:370
+msgid "no tty"
+msgstr "brak tty"
+
+#: plugins/sudoers/sudoers.c:371
+msgid "sorry, you must have a tty to run sudo"
+msgstr "niestety do uruchomienia sudo konieczny jest tty"
+
+#: plugins/sudoers/sudoers.c:433
+msgid "command in current directory"
+msgstr "polecenie w bieżącym katalogu"
+
+#: plugins/sudoers/sudoers.c:452
+msgid "sorry, you are not allowed set a command timeout"
+msgstr "niestety brak uprawnień do ustawienia limitu czasu polecenia"
+
+#: plugins/sudoers/sudoers.c:460
+msgid "sorry, you are not allowed to preserve the environment"
+msgstr "niestety brak uprawnień do zachowania środowiska"
+
+#: plugins/sudoers/sudoers.c:808
+msgid "command too long"
+msgstr "polecenie zbyt długie"
+
+#: plugins/sudoers/sudoers.c:922
+#, c-format
+msgid "%s is not a regular file"
+msgstr "%s nie jest zwykłym plikiem"
+
+#: plugins/sudoers/sudoers.c:926 plugins/sudoers/timestamp.c:257 toke.l:965
+#, c-format
+msgid "%s is owned by uid %u, should be %u"
+msgstr "właścicielem %s jest uid %u, powinien być %u"
+
+#: plugins/sudoers/sudoers.c:930 toke.l:970
+#, c-format
+msgid "%s is world writable"
+msgstr "%s jest zapisywalny dla świata"
+
+#: plugins/sudoers/sudoers.c:934 toke.l:973
+#, c-format
+msgid "%s is owned by gid %u, should be %u"
+msgstr "właścicielem %s jest gid %u, powinien być %u"
+
+#: plugins/sudoers/sudoers.c:967
+#, c-format
+msgid "only root can use \"-c %s\""
+msgstr "tylko root może używać \"-c %s\""
+
+#: plugins/sudoers/sudoers.c:986
+#, c-format
+msgid "unknown login class: %s"
+msgstr "nieznana klasa logowania: %s"
+
+#: plugins/sudoers/sudoers.c:1069 plugins/sudoers/sudoers.c:1083
+#, c-format
+msgid "unable to resolve host %s"
+msgstr "nie udało się rozwiązać nazwy hosta %s"
+
+#: plugins/sudoers/sudoreplay.c:248
+#, c-format
+msgid "invalid filter option: %s"
+msgstr "błędna opcja filtra: %s"
+
+#: plugins/sudoers/sudoreplay.c:261
+#, c-format
+msgid "invalid max wait: %s"
+msgstr "błędny maksymalny czas oczekiwania: %s"
+
+#: plugins/sudoers/sudoreplay.c:284
+#, c-format
+msgid "invalid speed factor: %s"
+msgstr "błędny współczynnik szybkości: %s"
+
+#: plugins/sudoers/sudoreplay.c:319
+#, c-format
+msgid "%s/%.2s/%.2s/%.2s/timing: %s"
+msgstr "%s/%.2s/%.2s/%.2s/czas: %s"
+
+#: plugins/sudoers/sudoreplay.c:325
+#, c-format
+msgid "%s/%s/timing: %s"
+msgstr "%s/%s/czas: %s"
+
+#: plugins/sudoers/sudoreplay.c:341
+#, c-format
+msgid "Replaying sudo session: %s"
+msgstr "Odtwarzanie sesji sudo: %s"
+
+#: plugins/sudoers/sudoreplay.c:539 plugins/sudoers/sudoreplay.c:586
+#: plugins/sudoers/sudoreplay.c:783 plugins/sudoers/sudoreplay.c:892
+#: plugins/sudoers/sudoreplay.c:977 plugins/sudoers/sudoreplay.c:992
+#: plugins/sudoers/sudoreplay.c:999 plugins/sudoers/sudoreplay.c:1006
+#: plugins/sudoers/sudoreplay.c:1013 plugins/sudoers/sudoreplay.c:1020
+#: plugins/sudoers/sudoreplay.c:1168
+msgid "unable to add event to queue"
+msgstr "nie udało się dodać zdarzenia do kolejki"
+
+#: plugins/sudoers/sudoreplay.c:654
+msgid "unable to set tty to raw mode"
+msgstr "nie udało się przestawić tty w tryb surowy"
+
+#: plugins/sudoers/sudoreplay.c:705
+#, c-format
+msgid "Warning: your terminal is too small to properly replay the log.\n"
+msgstr "Uwaga: ten terminal jest za mały, aby właściwie odtworzyć log.\n"
+
+#: plugins/sudoers/sudoreplay.c:706
+#, c-format
+msgid "Log geometry is %d x %d, your terminal's geometry is %d x %d."
+msgstr "Geometria logu to %d x %d, geometria terminala to %d x %d."
+
+#: plugins/sudoers/sudoreplay.c:734
+msgid "Replay finished, press any key to restore the terminal."
+msgstr "Odtwarzanie zakończone, proszę nacisnąć dowolny klawisz, aby odzyskać terminal."
+
+#: plugins/sudoers/sudoreplay.c:766
+#, c-format
+msgid "invalid timing file line: %s"
+msgstr "błędna linia pliku czasu: %s"
+
+#: plugins/sudoers/sudoreplay.c:1202 plugins/sudoers/sudoreplay.c:1227
+#, c-format
+msgid "ambiguous expression \"%s\""
+msgstr "niejednoznaczne wyrażenie \"%s\""
+
+#: plugins/sudoers/sudoreplay.c:1249
+msgid "unmatched ')' in expression"
+msgstr "niesparowany ')' w wyrażeniu"
+
+#: plugins/sudoers/sudoreplay.c:1253
+#, c-format
+msgid "unknown search term \"%s\""
+msgstr "nieznany warunek wyszukiwania \"%s\""
+
+#: plugins/sudoers/sudoreplay.c:1268
+#, c-format
+msgid "%s requires an argument"
+msgstr "%s wymaga argumentu"
+
+#: plugins/sudoers/sudoreplay.c:1271 plugins/sudoers/sudoreplay.c:1512
+#, c-format
+msgid "invalid regular expression: %s"
+msgstr "błędne wyrażenie regularne: %s"
+
+#: plugins/sudoers/sudoreplay.c:1275
+#, c-format
+msgid "could not parse date \"%s\""
+msgstr "nie udało się przeanalizować daty \"%s\""
+
+#: plugins/sudoers/sudoreplay.c:1284
+msgid "unmatched '(' in expression"
+msgstr "niesparowany '(' w wyrażeniu"
+
+#: plugins/sudoers/sudoreplay.c:1286
+msgid "illegal trailing \"or\""
+msgstr "niedozwolone kończące \"or\""
+
+#: plugins/sudoers/sudoreplay.c:1288
+msgid "illegal trailing \"!\""
+msgstr "niedozwolony kończący \"!\""
+
+#: plugins/sudoers/sudoreplay.c:1338
+#, c-format
+msgid "unknown search type %d"
+msgstr "nieznany typ wyszukiwania %d"
+
+#: plugins/sudoers/sudoreplay.c:1605
+#, c-format
+msgid "usage: %s [-hnRS] [-d dir] [-m num] [-s num] ID\n"
+msgstr "Składnia: %s [-hnRS] [-d katalog] [-m liczba] [-s wsp_szybkości] ID\n"
+
+#: plugins/sudoers/sudoreplay.c:1608
+#, c-format
+msgid "usage: %s [-h] [-d dir] -l [search expression]\n"
+msgstr "Składnia: %s [-h] [-d katalog] -l [wyrażenie wyszukiwania]\n"
+
+#: plugins/sudoers/sudoreplay.c:1617
+#, c-format
+msgid ""
+"%s - replay sudo session logs\n"
+"\n"
+msgstr ""
+"%s - odtwarzanie logów sesji sudo\n"
+"\n"
+
+#: plugins/sudoers/sudoreplay.c:1619
+msgid ""
+"\n"
+"Options:\n"
+"  -d, --directory=dir  specify directory for session logs\n"
+"  -f, --filter=filter  specify which I/O type(s) to display\n"
+"  -h, --help           display help message and exit\n"
+"  -l, --list           list available session IDs, with optional expression\n"
+"  -m, --max-wait=num   max number of seconds to wait between events\n"
+"  -S, --suspend-wait   wait while the command was suspended\n"
+"  -s, --speed=num      speed up or slow down output\n"
+"  -V, --version        display version information and exit"
+msgstr ""
+"\n"
+"Opcje:\n"
+"  -d, --directory=kat  podanie katalogu na logi sesji\n"
+"  -f, --filter=filtr   określenie rodzaju we/wy do wyświetlania\n"
+"  -h, --help           wyświetlenie opisu i zakończenie\n"
+"  -l, --list           lista dostępnych ID sesji pasujących do wyrażenia\n"
+"  -m, --max-wait=ile   maksymalna liczba sekund oczekiwania między zdarzeniami\n"
+"  -S, --suspend-wait   oczekiwanie w czasie zawieszenia polecenia\n"
+"  -s, --speed=ile      przyspieszenie lub spowolnienie wyjścia\n"
+"  -V, --version        wyświetlenie informacji o wersji i zakończenie"
+
+#: plugins/sudoers/testsudoers.c:360
+msgid "\thost  unmatched"
+msgstr "\thost nie znaleziony"
+
+#: plugins/sudoers/testsudoers.c:363
+msgid ""
+"\n"
+"Command allowed"
+msgstr ""
+"\n"
+"Polecenie dozwolone"
+
+#: plugins/sudoers/testsudoers.c:364
+msgid ""
+"\n"
+"Command denied"
+msgstr ""
+"\n"
+"Polecenie niedozwolone"
+
+#: plugins/sudoers/testsudoers.c:364
+msgid ""
+"\n"
+"Command unmatched"
+msgstr ""
+"\n"
+"Polecenie nie znalezione"
+
+#: plugins/sudoers/timestamp.c:265
+#, c-format
+msgid "%s is group writable"
+msgstr "%s jest zapisywalny dla groupy"
+
+#: plugins/sudoers/timestamp.c:341
+#, c-format
+msgid "unable to truncate time stamp file to %lld bytes"
+msgstr "nie udało się uciąć pliku znacznika czasu do długości %lld"
+
+#: plugins/sudoers/timestamp.c:827 plugins/sudoers/timestamp.c:919
+#: plugins/sudoers/visudo.c:482 plugins/sudoers/visudo.c:488
+msgid "unable to read the clock"
+msgstr "nie udało się odczytać zegara"
+
+#: plugins/sudoers/timestamp.c:838
+msgid "ignoring time stamp from the future"
+msgstr "znacznik czasu zbyt daleko w przyszłości"
+
+#: plugins/sudoers/timestamp.c:861
+#, c-format
+msgid "time stamp too far in the future: %20.20s"
+msgstr "znacznik czasu zbyt daleko w przyszłości: %20.20s"
+
+#: plugins/sudoers/timestamp.c:983
+#, c-format
+msgid "unable to lock time stamp file %s"
+msgstr "nie udało się zablokować pliku znacznika czasu %s"
+
+#: plugins/sudoers/timestamp.c:1027 plugins/sudoers/timestamp.c:1047
+#, c-format
+msgid "lecture status path too long: %s/%s"
+msgstr "ścieżka stanu instrukcji zbyt długa: %s/%s"
+
+#: plugins/sudoers/visudo.c:216
+msgid "the -x option will be removed in a future release"
+msgstr "opcja -x będzie usunięta w kolejnej wersji"
+
+#: plugins/sudoers/visudo.c:217
+msgid "please consider using the cvtsudoers utility instead"
+msgstr "należy rozważyć użycie zamiast niej narzędzia cvtsudoers"
+
+#: plugins/sudoers/visudo.c:268 plugins/sudoers/visudo.c:650
+#, c-format
+msgid "press return to edit %s: "
+msgstr "wciśnięcie return przejdzie do edycji %s: "
+
+#: plugins/sudoers/visudo.c:329
+#, c-format
+msgid "specified editor (%s) doesn't exist"
+msgstr "podany edytor (%s) nie istnieje"
+
+#: plugins/sudoers/visudo.c:331
+#, c-format
+msgid "no editor found (editor path = %s)"
+msgstr "nie znaleziono edytora (ścieżka = %s)"
+
+#: plugins/sudoers/visudo.c:441 plugins/sudoers/visudo.c:449
+msgid "write error"
+msgstr "błąd zapisu"
+
+#: plugins/sudoers/visudo.c:495
+#, c-format
+msgid "unable to stat temporary file (%s), %s unchanged"
+msgstr "nie udało się wykonać stat na pliku tymczasowym (%s), %s nie zmieniony"
+
+#: plugins/sudoers/visudo.c:502
+#, c-format
+msgid "zero length temporary file (%s), %s unchanged"
+msgstr "plik tymczasowy (%s) zerowej długości, %s nie zmieniony"
+
+#: plugins/sudoers/visudo.c:508
+#, c-format
+msgid "editor (%s) failed, %s unchanged"
+msgstr "błąd edytora (%s), %s nie zmieniony"
+
+#: plugins/sudoers/visudo.c:530
+#, c-format
+msgid "%s unchanged"
+msgstr "%s nie zmieniony"
+
+#: plugins/sudoers/visudo.c:589
+#, c-format
+msgid "unable to re-open temporary file (%s), %s unchanged."
+msgstr "nie udało się ponownie otworzyć pliku tymczasowego (%s), %s nie zmieniony."
+
+#: plugins/sudoers/visudo.c:601
+#, c-format
+msgid "unabled to parse temporary file (%s), unknown error"
+msgstr "nie udało się przeanalizować pliku tymczasowego (%s), nieznany błąd"
+
+#: plugins/sudoers/visudo.c:639
+#, c-format
+msgid "internal error, unable to find %s in list!"
+msgstr "błąd wewnętrzny, nie znaleziono %s na liście!"
+
+#: plugins/sudoers/visudo.c:719 plugins/sudoers/visudo.c:728
+#, c-format
+msgid "unable to set (uid, gid) of %s to (%u, %u)"
+msgstr "nie udało się ustawić (uid, gid) %s na (%u, %u)"
+
+#: plugins/sudoers/visudo.c:751
+#, c-format
+msgid "%s and %s not on the same file system, using mv to rename"
+msgstr "%s i %s nie są na tym samym systemie plików, użycie mv do zmiany nazwy"
+
+#: plugins/sudoers/visudo.c:765
+#, c-format
+msgid "command failed: '%s %s %s', %s unchanged"
+msgstr "polecenie nie powiodło się: '%s %s %s', %s nie zmieniony"
+
+#: plugins/sudoers/visudo.c:775
+#, c-format
+msgid "error renaming %s, %s unchanged"
+msgstr "błąd podczas zmiany nazwy %s, %s nie zmieniony"
+
+#: plugins/sudoers/visudo.c:796
+msgid "What now? "
+msgstr "Co teraz? "
+
+#: plugins/sudoers/visudo.c:810
+msgid ""
+"Options are:\n"
+"  (e)dit sudoers file again\n"
+"  e(x)it without saving changes to sudoers file\n"
+"  (Q)uit and save changes to sudoers file (DANGER!)\n"
+msgstr ""
+"Możliwe opcje:\n"
+"  (e) ponowna edycja pliku sudoers\n"
+"  (x) wyjście bez zapisu zmian do pliku sudoers\n"
+"  (Q) wyjście i zapisanie zmian w pliku sudoers (NIEBEZPIECZNE!)\n"
+
+#: plugins/sudoers/visudo.c:856
+#, c-format
+msgid "unable to run %s"
+msgstr "nie udało się uruchomić %s"
+
+#: plugins/sudoers/visudo.c:886
+#, c-format
+msgid "%s: wrong owner (uid, gid) should be (%u, %u)\n"
+msgstr "%s: błędny właściciel, (uid, gid) powinny wynosić (%u, %u)\n"
+
+#: plugins/sudoers/visudo.c:893
+#, c-format
+msgid "%s: bad permissions, should be mode 0%o\n"
+msgstr "%s: błędne uprawnienia, powinny być 0%o\n"
+
+#: plugins/sudoers/visudo.c:950 plugins/sudoers/visudo.c:957
+#, c-format
+msgid "%s: parsed OK\n"
+msgstr "%s: składnia poprawna\n"
+
+#: plugins/sudoers/visudo.c:976
+#, c-format
+msgid "%s busy, try again later"
+msgstr "%s zajęty, proszę spróbować później"
+
+#: plugins/sudoers/visudo.c:979
+#, c-format
+msgid "unable to lock %s"
+msgstr "nie udało się zablokować %s"
+
+#: plugins/sudoers/visudo.c:980
+msgid "Edit anyway? [y/N]"
+msgstr "Modyfikować mimo to? [y/N]"
+
+#: plugins/sudoers/visudo.c:1064
+#, c-format
+msgid "Error: %s:%d cycle in %s \"%s\""
+msgstr "Błąd: %s:%d: cykl w %s \"%s\""
+
+#: plugins/sudoers/visudo.c:1065
+#, c-format
+msgid "Warning: %s:%d cycle in %s \"%s\""
+msgstr "Uwaga: %s:%d: cykl w %s \"%s\""
+
+#: plugins/sudoers/visudo.c:1069
+#, c-format
+msgid "Error: %s:%d %s \"%s\" referenced but not defined"
+msgstr "Błąd: %s:%d: %s \"%s\" użyty, ale nie zdefiniowany"
+
+#: plugins/sudoers/visudo.c:1070
+#, c-format
+msgid "Warning: %s:%d %s \"%s\" referenced but not defined"
+msgstr "Uwaga: %s:%d: %s \"%s\" użyty, ale nie zdefiniowany"
+
+#: plugins/sudoers/visudo.c:1161
+#, c-format
+msgid "Warning: %s:%d unused %s \"%s\""
+msgstr "Uwaga: %s:%d: nie użyty %s \"%s\""
+
+#: plugins/sudoers/visudo.c:1276
+#, c-format
+msgid ""
+"%s - safely edit the sudoers file\n"
+"\n"
+msgstr ""
+"%s - bezpieczna edycja pliku sudoers\n"
+"\n"
+
+#: plugins/sudoers/visudo.c:1278
+msgid ""
+"\n"
+"Options:\n"
+"  -c, --check              check-only mode\n"
+"  -f, --file=sudoers       specify sudoers file location\n"
+"  -h, --help               display help message and exit\n"
+"  -q, --quiet              less verbose (quiet) syntax error messages\n"
+"  -s, --strict             strict syntax checking\n"
+"  -V, --version            display version information and exit\n"
+msgstr ""
+"\n"
+"Opcje:\n"
+"  -c, --check                  tryb wyłącznie sprawdzający\n"
+"  -f, --file=sudoers           określenie położenia pliku sudoers\n"
+"  -h, --help                   wyświetlenie opisu i zakończenie\n"
+"  -q, --quiet                  mniej obszerne komunikaty o błędach składni\n"
+"  -s, --strict                 ścisłe sprawdzanie składni\n"
+"  -V, --version                wyświetlenie informacji o wersji i zakończenie\n"
+
+#: toke.l:939
+msgid "too many levels of includes"
+msgstr "za dużo poziomów include"
diff --git a/plugins/sudoers/po/pt.mo b/plugins/sudoers/po/pt.mo
new file mode 100644
index 0000000..d79335a
--- /dev/null
+++ b/plugins/sudoers/po/pt.mo
diff --git a/plugins/sudoers/po/pt.po b/plugins/sudoers/po/pt.po
new file mode 100644
index 0000000..ad9d397
--- /dev/null
+++ b/plugins/sudoers/po/pt.po
@@ -0,0 +1,2347 @@
+# Portuguese (Portugal) translation for the sudoers package.
+# Copyright (C) 2018 Free Software Foundation, Inc.
+# This file is distributed under the same license as the sudo package.
+# Todd C. Miller <Todd.Miller@sudo.ws>, 2011-2018
+# Pedro Albuquerque <palbuquerque73@gmail.com>, 2018.
+#
+msgid ""
+msgstr ""
+"Project-Id-Version: sudoers 1.8.26b1\n"
+"Report-Msgid-Bugs-To: https://bugzilla.sudo.ws\n"
+"POT-Creation-Date: 2018-10-29 08:31-0600\n"
+"PO-Revision-Date: 2018-11-06 17:23+0000\n"
+"Last-Translator: Pedro Albuquerque <palbuquerque73@gmail.com>\n"
+"Language-Team: Portuguese <translation-team-pt@lists.sourceforge.net>\n"
+"Language: pt\n"
+"MIME-Version: 1.0\n"
+"Content-Type: text/plain; charset=UTF-8\n"
+"Content-Transfer-Encoding: 8bit\n"
+"X-Bugs: Report translation errors to the Language-Team address.\n"
+"Plural-Forms: nplurals=2; plural=(n != 1);\n"
+"X-Generator: Gtranslator 2.91.7\n"
+
+#: confstr.sh:1
+msgid "syntax error"
+msgstr "erro de sintaxe"
+
+#: confstr.sh:2
+msgid "%p's password: "
+msgstr "senha de %p: "
+
+#: confstr.sh:3
+msgid "[sudo] password for %p: "
+msgstr "[sudo] senha para %p: "
+
+#: confstr.sh:4
+msgid "Password: "
+msgstr "Senha: "
+
+#: confstr.sh:5
+msgid "*** SECURITY information for %h ***"
+msgstr "*** Informação de SEGURANÇA para %h ***"
+
+#: confstr.sh:6
+msgid "Sorry, try again."
+msgstr "Enganou-se, tente de novo."
+
+#: gram.y:192 gram.y:240 gram.y:247 gram.y:254 gram.y:261 gram.y:268
+#: gram.y:284 gram.y:308 gram.y:315 gram.y:322 gram.y:329 gram.y:336
+#: gram.y:399 gram.y:407 gram.y:417 gram.y:450 gram.y:457 gram.y:464
+#: gram.y:471 gram.y:553 gram.y:560 gram.y:569 gram.y:578 gram.y:595
+#: gram.y:707 gram.y:714 gram.y:721 gram.y:729 gram.y:829 gram.y:836
+#: gram.y:843 gram.y:850 gram.y:857 gram.y:883 gram.y:890 gram.y:897
+#: gram.y:1020 gram.y:1294 plugins/sudoers/alias.c:130
+#: plugins/sudoers/alias.c:137 plugins/sudoers/alias.c:153
+#: plugins/sudoers/auth/bsdauth.c:146 plugins/sudoers/auth/kerb5.c:121
+#: plugins/sudoers/auth/kerb5.c:147 plugins/sudoers/auth/pam.c:524
+#: plugins/sudoers/auth/rfc1938.c:114 plugins/sudoers/auth/sia.c:62
+#: plugins/sudoers/cvtsudoers.c:123 plugins/sudoers/cvtsudoers.c:164
+#: plugins/sudoers/cvtsudoers.c:181 plugins/sudoers/cvtsudoers.c:192
+#: plugins/sudoers/cvtsudoers.c:304 plugins/sudoers/cvtsudoers.c:432
+#: plugins/sudoers/cvtsudoers.c:565 plugins/sudoers/cvtsudoers.c:582
+#: plugins/sudoers/cvtsudoers.c:645 plugins/sudoers/cvtsudoers.c:760
+#: plugins/sudoers/cvtsudoers.c:768 plugins/sudoers/cvtsudoers.c:1178
+#: plugins/sudoers/cvtsudoers.c:1182 plugins/sudoers/cvtsudoers.c:1284
+#: plugins/sudoers/cvtsudoers_ldif.c:152 plugins/sudoers/cvtsudoers_ldif.c:195
+#: plugins/sudoers/cvtsudoers_ldif.c:242 plugins/sudoers/cvtsudoers_ldif.c:261
+#: plugins/sudoers/cvtsudoers_ldif.c:332 plugins/sudoers/cvtsudoers_ldif.c:387
+#: plugins/sudoers/cvtsudoers_ldif.c:395 plugins/sudoers/cvtsudoers_ldif.c:412
+#: plugins/sudoers/cvtsudoers_ldif.c:421 plugins/sudoers/cvtsudoers_ldif.c:568
+#: plugins/sudoers/defaults.c:661 plugins/sudoers/defaults.c:954
+#: plugins/sudoers/defaults.c:1125 plugins/sudoers/editor.c:70
+#: plugins/sudoers/editor.c:88 plugins/sudoers/editor.c:99
+#: plugins/sudoers/env.c:247 plugins/sudoers/filedigest.c:64
+#: plugins/sudoers/filedigest.c:80 plugins/sudoers/gc.c:57
+#: plugins/sudoers/group_plugin.c:136 plugins/sudoers/interfaces.c:76
+#: plugins/sudoers/iolog.c:939 plugins/sudoers/iolog_path.c:172
+#: plugins/sudoers/iolog_util.c:83 plugins/sudoers/iolog_util.c:122
+#: plugins/sudoers/iolog_util.c:131 plugins/sudoers/iolog_util.c:141
+#: plugins/sudoers/iolog_util.c:149 plugins/sudoers/iolog_util.c:153
+#: plugins/sudoers/ldap.c:183 plugins/sudoers/ldap.c:414
+#: plugins/sudoers/ldap.c:418 plugins/sudoers/ldap.c:430
+#: plugins/sudoers/ldap.c:721 plugins/sudoers/ldap.c:885
+#: plugins/sudoers/ldap.c:1233 plugins/sudoers/ldap.c:1660
+#: plugins/sudoers/ldap.c:1697 plugins/sudoers/ldap.c:1778
+#: plugins/sudoers/ldap.c:1913 plugins/sudoers/ldap.c:2014
+#: plugins/sudoers/ldap.c:2030 plugins/sudoers/ldap_conf.c:221
+#: plugins/sudoers/ldap_conf.c:252 plugins/sudoers/ldap_conf.c:304
+#: plugins/sudoers/ldap_conf.c:340 plugins/sudoers/ldap_conf.c:443
+#: plugins/sudoers/ldap_conf.c:458 plugins/sudoers/ldap_conf.c:555
+#: plugins/sudoers/ldap_conf.c:588 plugins/sudoers/ldap_conf.c:680
+#: plugins/sudoers/ldap_conf.c:762 plugins/sudoers/ldap_util.c:508
+#: plugins/sudoers/ldap_util.c:564 plugins/sudoers/linux_audit.c:81
+#: plugins/sudoers/logging.c:195 plugins/sudoers/logging.c:511
+#: plugins/sudoers/logging.c:532 plugins/sudoers/logging.c:573
+#: plugins/sudoers/logging.c:752 plugins/sudoers/logging.c:1010
+#: plugins/sudoers/match.c:725 plugins/sudoers/match.c:772
+#: plugins/sudoers/match.c:813 plugins/sudoers/match.c:841
+#: plugins/sudoers/match.c:929 plugins/sudoers/match.c:1009
+#: plugins/sudoers/parse.c:195 plugins/sudoers/parse.c:207
+#: plugins/sudoers/parse.c:222 plugins/sudoers/parse.c:234
+#: plugins/sudoers/parse_ldif.c:141 plugins/sudoers/parse_ldif.c:168
+#: plugins/sudoers/parse_ldif.c:237 plugins/sudoers/parse_ldif.c:244
+#: plugins/sudoers/parse_ldif.c:249 plugins/sudoers/parse_ldif.c:325
+#: plugins/sudoers/parse_ldif.c:336 plugins/sudoers/parse_ldif.c:342
+#: plugins/sudoers/parse_ldif.c:367 plugins/sudoers/parse_ldif.c:379
+#: plugins/sudoers/parse_ldif.c:383 plugins/sudoers/parse_ldif.c:397
+#: plugins/sudoers/parse_ldif.c:564 plugins/sudoers/parse_ldif.c:594
+#: plugins/sudoers/parse_ldif.c:619 plugins/sudoers/parse_ldif.c:679
+#: plugins/sudoers/parse_ldif.c:698 plugins/sudoers/parse_ldif.c:744
+#: plugins/sudoers/parse_ldif.c:754 plugins/sudoers/policy.c:502
+#: plugins/sudoers/policy.c:744 plugins/sudoers/prompt.c:98
+#: plugins/sudoers/pwutil.c:197 plugins/sudoers/pwutil.c:269
+#: plugins/sudoers/pwutil.c:346 plugins/sudoers/pwutil.c:520
+#: plugins/sudoers/pwutil.c:586 plugins/sudoers/pwutil.c:656
+#: plugins/sudoers/pwutil.c:814 plugins/sudoers/pwutil.c:871
+#: plugins/sudoers/pwutil.c:916 plugins/sudoers/pwutil.c:974
+#: plugins/sudoers/sssd.c:152 plugins/sudoers/sssd.c:398
+#: plugins/sudoers/sssd.c:461 plugins/sudoers/sssd.c:505
+#: plugins/sudoers/sssd.c:552 plugins/sudoers/sssd.c:743
+#: plugins/sudoers/stubs.c:101 plugins/sudoers/stubs.c:109
+#: plugins/sudoers/sudoers.c:269 plugins/sudoers/sudoers.c:279
+#: plugins/sudoers/sudoers.c:288 plugins/sudoers/sudoers.c:330
+#: plugins/sudoers/sudoers.c:653 plugins/sudoers/sudoers.c:779
+#: plugins/sudoers/sudoers.c:823 plugins/sudoers/sudoers.c:1097
+#: plugins/sudoers/sudoers_debug.c:112 plugins/sudoers/sudoreplay.c:579
+#: plugins/sudoers/sudoreplay.c:582 plugins/sudoers/sudoreplay.c:1259
+#: plugins/sudoers/sudoreplay.c:1459 plugins/sudoers/sudoreplay.c:1463
+#: plugins/sudoers/testsudoers.c:134 plugins/sudoers/testsudoers.c:234
+#: plugins/sudoers/testsudoers.c:251 plugins/sudoers/testsudoers.c:585
+#: plugins/sudoers/timestamp.c:437 plugins/sudoers/timestamp.c:481
+#: plugins/sudoers/timestamp.c:958 plugins/sudoers/toke_util.c:57
+#: plugins/sudoers/toke_util.c:110 plugins/sudoers/toke_util.c:147
+#: plugins/sudoers/tsdump.c:128 plugins/sudoers/visudo.c:150
+#: plugins/sudoers/visudo.c:312 plugins/sudoers/visudo.c:318
+#: plugins/sudoers/visudo.c:428 plugins/sudoers/visudo.c:606
+#: plugins/sudoers/visudo.c:926 plugins/sudoers/visudo.c:1013
+#: plugins/sudoers/visudo.c:1102 toke.l:844 toke.l:945 toke.l:1102
+msgid "unable to allocate memory"
+msgstr "impossível alocar memória"
+
+#: gram.y:482
+msgid "a digest requires a path name"
+msgstr "um resumo requer um nome de caminho"
+
+#: gram.y:608
+msgid "invalid notbefore value"
+msgstr "valor notbefore inválido"
+
+#: gram.y:616
+msgid "invalid notafter value"
+msgstr "valor notafter inválido"
+
+#: gram.y:625 plugins/sudoers/policy.c:318
+msgid "timeout value too large"
+msgstr "valor de inacção muito grande"
+
+#: gram.y:627 plugins/sudoers/policy.c:320
+msgid "invalid timeout value"
+msgstr "valor de inacção inválido"
+
+#: gram.y:1294 plugins/sudoers/auth/pam.c:354 plugins/sudoers/auth/pam.c:524
+#: plugins/sudoers/auth/rfc1938.c:114 plugins/sudoers/cvtsudoers.c:123
+#: plugins/sudoers/cvtsudoers.c:163 plugins/sudoers/cvtsudoers.c:180
+#: plugins/sudoers/cvtsudoers.c:191 plugins/sudoers/cvtsudoers.c:303
+#: plugins/sudoers/cvtsudoers.c:431 plugins/sudoers/cvtsudoers.c:564
+#: plugins/sudoers/cvtsudoers.c:581 plugins/sudoers/cvtsudoers.c:645
+#: plugins/sudoers/cvtsudoers.c:760 plugins/sudoers/cvtsudoers.c:767
+#: plugins/sudoers/cvtsudoers.c:1178 plugins/sudoers/cvtsudoers.c:1182
+#: plugins/sudoers/cvtsudoers.c:1284 plugins/sudoers/cvtsudoers_ldif.c:151
+#: plugins/sudoers/cvtsudoers_ldif.c:194 plugins/sudoers/cvtsudoers_ldif.c:241
+#: plugins/sudoers/cvtsudoers_ldif.c:260 plugins/sudoers/cvtsudoers_ldif.c:331
+#: plugins/sudoers/cvtsudoers_ldif.c:386 plugins/sudoers/cvtsudoers_ldif.c:394
+#: plugins/sudoers/cvtsudoers_ldif.c:411 plugins/sudoers/cvtsudoers_ldif.c:420
+#: plugins/sudoers/cvtsudoers_ldif.c:567 plugins/sudoers/defaults.c:661
+#: plugins/sudoers/defaults.c:954 plugins/sudoers/defaults.c:1125
+#: plugins/sudoers/editor.c:70 plugins/sudoers/editor.c:88
+#: plugins/sudoers/editor.c:99 plugins/sudoers/env.c:247
+#: plugins/sudoers/filedigest.c:64 plugins/sudoers/filedigest.c:80
+#: plugins/sudoers/gc.c:57 plugins/sudoers/group_plugin.c:136
+#: plugins/sudoers/interfaces.c:76 plugins/sudoers/iolog.c:939
+#: plugins/sudoers/iolog_path.c:172 plugins/sudoers/iolog_util.c:83
+#: plugins/sudoers/iolog_util.c:122 plugins/sudoers/iolog_util.c:131
+#: plugins/sudoers/iolog_util.c:141 plugins/sudoers/iolog_util.c:149
+#: plugins/sudoers/iolog_util.c:153 plugins/sudoers/ldap.c:183
+#: plugins/sudoers/ldap.c:414 plugins/sudoers/ldap.c:418
+#: plugins/sudoers/ldap.c:430 plugins/sudoers/ldap.c:721
+#: plugins/sudoers/ldap.c:885 plugins/sudoers/ldap.c:1233
+#: plugins/sudoers/ldap.c:1660 plugins/sudoers/ldap.c:1697
+#: plugins/sudoers/ldap.c:1778 plugins/sudoers/ldap.c:1913
+#: plugins/sudoers/ldap.c:2014 plugins/sudoers/ldap.c:2030
+#: plugins/sudoers/ldap_conf.c:221 plugins/sudoers/ldap_conf.c:252
+#: plugins/sudoers/ldap_conf.c:304 plugins/sudoers/ldap_conf.c:340
+#: plugins/sudoers/ldap_conf.c:443 plugins/sudoers/ldap_conf.c:458
+#: plugins/sudoers/ldap_conf.c:555 plugins/sudoers/ldap_conf.c:588
+#: plugins/sudoers/ldap_conf.c:679 plugins/sudoers/ldap_conf.c:762
+#: plugins/sudoers/ldap_util.c:508 plugins/sudoers/ldap_util.c:564
+#: plugins/sudoers/linux_audit.c:81 plugins/sudoers/logging.c:195
+#: plugins/sudoers/logging.c:511 plugins/sudoers/logging.c:532
+#: plugins/sudoers/logging.c:572 plugins/sudoers/logging.c:1010
+#: plugins/sudoers/match.c:724 plugins/sudoers/match.c:771
+#: plugins/sudoers/match.c:813 plugins/sudoers/match.c:841
+#: plugins/sudoers/match.c:929 plugins/sudoers/match.c:1008
+#: plugins/sudoers/parse.c:194 plugins/sudoers/parse.c:206
+#: plugins/sudoers/parse.c:221 plugins/sudoers/parse.c:233
+#: plugins/sudoers/parse_ldif.c:140 plugins/sudoers/parse_ldif.c:167
+#: plugins/sudoers/parse_ldif.c:236 plugins/sudoers/parse_ldif.c:243
+#: plugins/sudoers/parse_ldif.c:248 plugins/sudoers/parse_ldif.c:324
+#: plugins/sudoers/parse_ldif.c:335 plugins/sudoers/parse_ldif.c:341
+#: plugins/sudoers/parse_ldif.c:366 plugins/sudoers/parse_ldif.c:378
+#: plugins/sudoers/parse_ldif.c:382 plugins/sudoers/parse_ldif.c:396
+#: plugins/sudoers/parse_ldif.c:564 plugins/sudoers/parse_ldif.c:593
+#: plugins/sudoers/parse_ldif.c:618 plugins/sudoers/parse_ldif.c:678
+#: plugins/sudoers/parse_ldif.c:697 plugins/sudoers/parse_ldif.c:743
+#: plugins/sudoers/parse_ldif.c:753 plugins/sudoers/policy.c:132
+#: plugins/sudoers/policy.c:141 plugins/sudoers/policy.c:150
+#: plugins/sudoers/policy.c:176 plugins/sudoers/policy.c:303
+#: plugins/sudoers/policy.c:318 plugins/sudoers/policy.c:320
+#: plugins/sudoers/policy.c:346 plugins/sudoers/policy.c:356
+#: plugins/sudoers/policy.c:400 plugins/sudoers/policy.c:410
+#: plugins/sudoers/policy.c:419 plugins/sudoers/policy.c:428
+#: plugins/sudoers/policy.c:502 plugins/sudoers/policy.c:744
+#: plugins/sudoers/prompt.c:98 plugins/sudoers/pwutil.c:197
+#: plugins/sudoers/pwutil.c:269 plugins/sudoers/pwutil.c:346
+#: plugins/sudoers/pwutil.c:520 plugins/sudoers/pwutil.c:586
+#: plugins/sudoers/pwutil.c:656 plugins/sudoers/pwutil.c:814
+#: plugins/sudoers/pwutil.c:871 plugins/sudoers/pwutil.c:916
+#: plugins/sudoers/pwutil.c:974 plugins/sudoers/set_perms.c:392
+#: plugins/sudoers/set_perms.c:771 plugins/sudoers/set_perms.c:1155
+#: plugins/sudoers/set_perms.c:1481 plugins/sudoers/set_perms.c:1646
+#: plugins/sudoers/sssd.c:151 plugins/sudoers/sssd.c:398
+#: plugins/sudoers/sssd.c:461 plugins/sudoers/sssd.c:505
+#: plugins/sudoers/sssd.c:552 plugins/sudoers/sssd.c:743
+#: plugins/sudoers/stubs.c:101 plugins/sudoers/stubs.c:109
+#: plugins/sudoers/sudoers.c:269 plugins/sudoers/sudoers.c:279
+#: plugins/sudoers/sudoers.c:288 plugins/sudoers/sudoers.c:330
+#: plugins/sudoers/sudoers.c:653 plugins/sudoers/sudoers.c:779
+#: plugins/sudoers/sudoers.c:823 plugins/sudoers/sudoers.c:1097
+#: plugins/sudoers/sudoers_debug.c:111 plugins/sudoers/sudoreplay.c:579
+#: plugins/sudoers/sudoreplay.c:582 plugins/sudoers/sudoreplay.c:1259
+#: plugins/sudoers/sudoreplay.c:1459 plugins/sudoers/sudoreplay.c:1463
+#: plugins/sudoers/testsudoers.c:134 plugins/sudoers/testsudoers.c:234
+#: plugins/sudoers/testsudoers.c:251 plugins/sudoers/testsudoers.c:585
+#: plugins/sudoers/timestamp.c:437 plugins/sudoers/timestamp.c:481
+#: plugins/sudoers/timestamp.c:958 plugins/sudoers/toke_util.c:57
+#: plugins/sudoers/toke_util.c:110 plugins/sudoers/toke_util.c:147
+#: plugins/sudoers/tsdump.c:128 plugins/sudoers/visudo.c:150
+#: plugins/sudoers/visudo.c:312 plugins/sudoers/visudo.c:318
+#: plugins/sudoers/visudo.c:428 plugins/sudoers/visudo.c:606
+#: plugins/sudoers/visudo.c:926 plugins/sudoers/visudo.c:1013
+#: plugins/sudoers/visudo.c:1102 toke.l:844 toke.l:945 toke.l:1102
+#, c-format
+msgid "%s: %s"
+msgstr "%s: %s"
+
+#: plugins/sudoers/alias.c:148
+#, c-format
+msgid "Alias \"%s\" already defined"
+msgstr "Aliás \"%s\" já definido"
+
+#: plugins/sudoers/auth/bsdauth.c:73
+#, c-format
+msgid "unable to get login class for user %s"
+msgstr "impossível obter classe de sessão para o utilizador %s"
+
+#: plugins/sudoers/auth/bsdauth.c:78
+msgid "unable to begin bsd authentication"
+msgstr "impossível iniciar autenticação bsd"
+
+#: plugins/sudoers/auth/bsdauth.c:86
+msgid "invalid authentication type"
+msgstr "tipo de autenticação inválido"
+
+#: plugins/sudoers/auth/bsdauth.c:95
+msgid "unable to initialize BSD authentication"
+msgstr "impossível inicializar autenticação BSD"
+
+#: plugins/sudoers/auth/bsdauth.c:183
+msgid "your account has expired"
+msgstr "a sua conta expirou"
+
+#: plugins/sudoers/auth/bsdauth.c:185
+msgid "approval failed"
+msgstr "aprovação falhou"
+
+#: plugins/sudoers/auth/fwtk.c:57
+msgid "unable to read fwtk config"
+msgstr "impossível ler fwtk config"
+
+#: plugins/sudoers/auth/fwtk.c:62
+msgid "unable to connect to authentication server"
+msgstr "impossível ligar ao servidor de autenticação"
+
+#: plugins/sudoers/auth/fwtk.c:68 plugins/sudoers/auth/fwtk.c:92
+#: plugins/sudoers/auth/fwtk.c:124
+msgid "lost connection to authentication server"
+msgstr "ligação ao servidor de autenticação perdida"
+
+#: plugins/sudoers/auth/fwtk.c:72
+#, c-format
+msgid ""
+"authentication server error:\n"
+"%s"
+msgstr ""
+"erro no servidor de autenticação:\n"
+"%s"
+
+#: plugins/sudoers/auth/kerb5.c:113
+#, c-format
+msgid "%s: unable to convert principal to string ('%s'): %s"
+msgstr "%s: impossível converter principal para cadeia (\"%s\"): %s"
+
+#: plugins/sudoers/auth/kerb5.c:163
+#, c-format
+msgid "%s: unable to parse '%s': %s"
+msgstr "%s: impossível analisar \"%s\": %s"
+
+#: plugins/sudoers/auth/kerb5.c:172
+#, c-format
+msgid "%s: unable to resolve credential cache: %s"
+msgstr "%s: impossível resolver cache de credenciais: %s"
+
+#: plugins/sudoers/auth/kerb5.c:219
+#, c-format
+msgid "%s: unable to allocate options: %s"
+msgstr "%s: impossível alocar opções: %s"
+
+#: plugins/sudoers/auth/kerb5.c:234
+#, c-format
+msgid "%s: unable to get credentials: %s"
+msgstr "%s: impossível obter credentiais: %s"
+
+#: plugins/sudoers/auth/kerb5.c:247
+#, c-format
+msgid "%s: unable to initialize credential cache: %s"
+msgstr "%s: impossível inicializar a cache de credenciais: %s"
+
+#: plugins/sudoers/auth/kerb5.c:250
+#, c-format
+msgid "%s: unable to store credential in cache: %s"
+msgstr "%s: impossível armazenar a credencial em cache: %s"
+
+#: plugins/sudoers/auth/kerb5.c:314
+#, c-format
+msgid "%s: unable to get host principal: %s"
+msgstr "%s: impossível obter o principal do anfitrião: %s"
+
+#: plugins/sudoers/auth/kerb5.c:328
+#, c-format
+msgid "%s: Cannot verify TGT! Possible attack!: %s"
+msgstr "%s: Impossível verificar TGT! Possível ataque!: %s"
+
+#: plugins/sudoers/auth/pam.c:113
+msgid "unable to initialize PAM"
+msgstr "impossível inicializar PAM"
+
+#: plugins/sudoers/auth/pam.c:204
+#, c-format
+msgid "PAM authentication error: %s"
+msgstr "erro de autenticação PAM: %s"
+
+#: plugins/sudoers/auth/pam.c:221
+msgid "account validation failure, is your account locked?"
+msgstr "falha na validação de conta, tem a conta trancada?"
+
+#: plugins/sudoers/auth/pam.c:229
+msgid "Account or password is expired, reset your password and try again"
+msgstr "Conta ou senha expiradas, reponha a sua senha e tente novamente"
+
+#: plugins/sudoers/auth/pam.c:238
+#, c-format
+msgid "unable to change expired password: %s"
+msgstr "impossível alterar senha expirada: %s"
+
+#: plugins/sudoers/auth/pam.c:246
+msgid "Password expired, contact your system administrator"
+msgstr "Senha expirada, contacte o administrador do sistema"
+
+#: plugins/sudoers/auth/pam.c:250
+msgid "Account expired or PAM config lacks an \"account\" section for sudo, contact your system administrator"
+msgstr "Conta expirada ou configuração PAM sem secção \"account\" para sudo, contacte o administrador do sistema"
+
+#: plugins/sudoers/auth/pam.c:257 plugins/sudoers/auth/pam.c:262
+#, c-format
+msgid "PAM account management error: %s"
+msgstr "Erro de gestão de conta PAM: %s"
+
+#: plugins/sudoers/auth/rfc1938.c:102 plugins/sudoers/visudo.c:232
+#, c-format
+msgid "you do not exist in the %s database"
+msgstr "utilizador não existente na base de dados %s"
+
+#: plugins/sudoers/auth/securid5.c:75
+msgid "failed to initialise the ACE API library"
+msgstr "falha ao inicializar a biblioteca ACE API"
+
+#: plugins/sudoers/auth/securid5.c:101
+msgid "unable to contact the SecurID server"
+msgstr "impossível contactar o servidor SecurID"
+
+#: plugins/sudoers/auth/securid5.c:110
+msgid "User ID locked for SecurID Authentication"
+msgstr "ID de utilizador bloqueada para autenticação SecurID"
+
+#: plugins/sudoers/auth/securid5.c:114 plugins/sudoers/auth/securid5.c:165
+msgid "invalid username length for SecurID"
+msgstr "tamanho de nome de utilizador inválido para SecurID"
+
+#: plugins/sudoers/auth/securid5.c:118 plugins/sudoers/auth/securid5.c:170
+msgid "invalid Authentication Handle for SecurID"
+msgstr "gestão de autenticação inválida para SecurID"
+
+#: plugins/sudoers/auth/securid5.c:122
+msgid "SecurID communication failed"
+msgstr "falha na comunicação SecurID"
+
+#: plugins/sudoers/auth/securid5.c:126 plugins/sudoers/auth/securid5.c:215
+msgid "unknown SecurID error"
+msgstr "erro SecurID desconhecido"
+
+#: plugins/sudoers/auth/securid5.c:160
+msgid "invalid passcode length for SecurID"
+msgstr "tamanho de senha inválido para SecurID"
+
+#: plugins/sudoers/auth/sia.c:72 plugins/sudoers/auth/sia.c:127
+msgid "unable to initialize SIA session"
+msgstr "impossível inicializar sessão SIA"
+
+#: plugins/sudoers/auth/sudo_auth.c:136
+msgid "invalid authentication methods"
+msgstr "métodos de autenticação inválidos"
+
+#: plugins/sudoers/auth/sudo_auth.c:138
+msgid "Invalid authentication methods compiled into sudo!  You may not mix standalone and non-standalone authentication."
+msgstr "Métodos de autenticação inválidos compilados com sudo! Não pode misturar autenticação independente com outra."
+
+#: plugins/sudoers/auth/sudo_auth.c:259 plugins/sudoers/auth/sudo_auth.c:309
+msgid "no authentication methods"
+msgstr "sem métodos de autenticação"
+
+#: plugins/sudoers/auth/sudo_auth.c:261
+msgid "There are no authentication methods compiled into sudo!  If you want to turn off authentication, use the --disable-authentication configure option."
+msgstr "Não há métodos de autenticação compilados com sudo! Se pretende desligar a autenticação. use a opção de configuração --disable-authentication."
+
+#: plugins/sudoers/auth/sudo_auth.c:311
+msgid "Unable to initialize authentication methods."
+msgstr "Impossível inicializar métodos de autenticaçao."
+
+#: plugins/sudoers/auth/sudo_auth.c:477
+msgid "Authentication methods:"
+msgstr "Métodos de autenticação:"
+
+#: plugins/sudoers/bsm_audit.c:123 plugins/sudoers/bsm_audit.c:215
+msgid "Could not determine audit condition"
+msgstr "Impossível determinar condição de auditoria"
+
+#: plugins/sudoers/bsm_audit.c:188 plugins/sudoers/bsm_audit.c:279
+msgid "unable to commit audit record"
+msgstr "impossível submeter registo de auditoria"
+
+#: plugins/sudoers/check.c:267
+msgid ""
+"\n"
+"We trust you have received the usual lecture from the local System\n"
+"Administrator. It usually boils down to these three things:\n"
+"\n"
+"    #1) Respect the privacy of others.\n"
+"    #2) Think before you type.\n"
+"    #3) With great power comes great responsibility.\n"
+"\n"
+msgstr ""
+"\n"
+"Acreditamos que recebeu a lição de moral do administrador de\n"
+"sistema local. Normalmente resume-se a estes três pontos:\n"
+"\n"
+"    1) respeite a privacidade dos outros;\n"
+"    2) pense antes de escrever;\n"
+"    3) lembre-se que com grande poder vem grande responsabilidade.\n"
+"\n"
+
+#: plugins/sudoers/check.c:310 plugins/sudoers/check.c:320
+#: plugins/sudoers/sudoers.c:696 plugins/sudoers/sudoers.c:741
+#: plugins/sudoers/tsdump.c:124
+#, c-format
+msgid "unknown uid: %u"
+msgstr "uid desconhecida: %u"
+
+#: plugins/sudoers/check.c:315 plugins/sudoers/iolog.c:253
+#: plugins/sudoers/policy.c:915 plugins/sudoers/sudoers.c:1136
+#: plugins/sudoers/testsudoers.c:225 plugins/sudoers/testsudoers.c:398
+#, c-format
+msgid "unknown user: %s"
+msgstr "utilizador desconhecido: %s"
+
+#: plugins/sudoers/cvtsudoers.c:198
+#, c-format
+msgid "order increment: %s: %s"
+msgstr "incremento de ordem: %s: %s"
+
+#: plugins/sudoers/cvtsudoers.c:214
+#, c-format
+msgid "starting order: %s: %s"
+msgstr "ordem inicial: %s: %s"
+
+#: plugins/sudoers/cvtsudoers.c:224
+#, c-format
+msgid "order padding: %s: %s"
+msgstr "espaço de ordem: %s: %s"
+
+#: plugins/sudoers/cvtsudoers.c:232 plugins/sudoers/sudoreplay.c:287
+#: plugins/sudoers/visudo.c:182
+#, c-format
+msgid "%s version %s\n"
+msgstr "%s versão %s\n"
+
+#: plugins/sudoers/cvtsudoers.c:234 plugins/sudoers/visudo.c:184
+#, c-format
+msgid "%s grammar version %d\n"
+msgstr "%s versão gramatical %d\n"
+
+#: plugins/sudoers/cvtsudoers.c:251 plugins/sudoers/testsudoers.c:173
+#, c-format
+msgid "unsupported input format %s"
+msgstr "formato de entrada %s não suportado"
+
+#: plugins/sudoers/cvtsudoers.c:266
+#, c-format
+msgid "unsupported output format %s"
+msgstr "formato de saída %s não suportado"
+
+#: plugins/sudoers/cvtsudoers.c:318
+#, c-format
+msgid "%s: input and output files must be different"
+msgstr "%s: os ficheiros de entrada e saída têm de ser diferentes"
+
+#: plugins/sudoers/cvtsudoers.c:334 plugins/sudoers/sudoers.c:172
+#: plugins/sudoers/testsudoers.c:264 plugins/sudoers/visudo.c:238
+#: plugins/sudoers/visudo.c:594 plugins/sudoers/visudo.c:917
+msgid "unable to initialize sudoers default values"
+msgstr "impossível inicializar valores predefinidos de sudoers"
+
+#: plugins/sudoers/cvtsudoers.c:420 plugins/sudoers/ldap_conf.c:433
+#, c-format
+msgid "%s: %s: %s: %s"
+msgstr "%s: %s: %s: %s"
+
+#: plugins/sudoers/cvtsudoers.c:479
+#, c-format
+msgid "%s: unknown key word: %s"
+msgstr "%s: palavra-chave desconhecida: %s"
+
+#: plugins/sudoers/cvtsudoers.c:525
+#, c-format
+msgid "invalid defaults type: %s"
+msgstr "tipo de predefinições inválido: %s"
+
+#: plugins/sudoers/cvtsudoers.c:548
+#, c-format
+msgid "invalid suppression type: %s"
+msgstr "tipo de supressão inválido: %s"
+
+#: plugins/sudoers/cvtsudoers.c:588 plugins/sudoers/cvtsudoers.c:602
+#, c-format
+msgid "invalid filter: %s"
+msgstr "filtro inválido: %s"
+
+#: plugins/sudoers/cvtsudoers.c:621 plugins/sudoers/cvtsudoers.c:638
+#: plugins/sudoers/cvtsudoers.c:1244 plugins/sudoers/cvtsudoers_json.c:1128
+#: plugins/sudoers/cvtsudoers_ldif.c:641 plugins/sudoers/iolog.c:411
+#: plugins/sudoers/iolog_util.c:72 plugins/sudoers/sudoers.c:903
+#: plugins/sudoers/sudoreplay.c:333 plugins/sudoers/sudoreplay.c:1425
+#: plugins/sudoers/timestamp.c:446 plugins/sudoers/tsdump.c:133
+#: plugins/sudoers/visudo.c:913
+#, c-format
+msgid "unable to open %s"
+msgstr "impossível abrir %s"
+
+#: plugins/sudoers/cvtsudoers.c:641 plugins/sudoers/visudo.c:922
+#, c-format
+msgid "failed to parse %s file, unknown error"
+msgstr "falha ao analisar o ficheiro %s, erro desconhecido"
+
+#: plugins/sudoers/cvtsudoers.c:649 plugins/sudoers/visudo.c:939
+#, c-format
+msgid "parse error in %s near line %d\n"
+msgstr "erro de análise em %s, perto da linha %d\n"
+
+#: plugins/sudoers/cvtsudoers.c:652 plugins/sudoers/visudo.c:942
+#, c-format
+msgid "parse error in %s\n"
+msgstr "erro de análise em %s\n"
+
+#: plugins/sudoers/cvtsudoers.c:1291 plugins/sudoers/iolog.c:498
+#: plugins/sudoers/sudoreplay.c:1129 plugins/sudoers/timestamp.c:330
+#: plugins/sudoers/timestamp.c:333
+#, c-format
+msgid "unable to write to %s"
+msgstr "impossível escrever em %s"
+
+#: plugins/sudoers/cvtsudoers.c:1314
+#, c-format
+msgid ""
+"%s - convert between sudoers file formats\n"
+"\n"
+msgstr ""
+"%s - converte entre formatos de ficheiros sudoers\n"
+"\n"
+
+#: plugins/sudoers/cvtsudoers.c:1316
+msgid ""
+"\n"
+"Options:\n"
+"  -b, --base=dn              the base DN for sudo LDAP queries\n"
+"  -d, --defaults=deftypes    only convert Defaults of the specified types\n"
+"  -e, --expand-aliases       expand aliases when converting\n"
+"  -f, --output-format=format set output format: JSON, LDIF or sudoers\n"
+"  -i, --input-format=format  set input format: LDIF or sudoers\n"
+"  -I, --increment=num        amount to increase each sudoOrder by\n"
+"  -h, --help                 display help message and exit\n"
+"  -m, --match=filter         only convert entries that match the filter\n"
+"  -M, --match-local          match filter uses passwd and group databases\n"
+"  -o, --output=output_file   write converted sudoers to output_file\n"
+"  -O, --order-start=num      starting point for first sudoOrder\n"
+"  -p, --prune-matches        prune non-matching users, groups and hosts\n"
+"  -P, --padding=num          base padding for sudoOrder increment\n"
+"  -s, --suppress=sections    suppress output of certain sections\n"
+"  -V, --version              display version information and exit"
+msgstr ""
+"\n"
+"Opções:\n"
+"  -b, --base=dn               o DN base para consultas sudo LDAP\n"
+"  -d, --defaults=tipopred     só converte predefinições do tipo especificado\n"
+"  -e, --expand-alias          expande aliás ao converter\n"
+"  -f, --output-format=formato define o formato de saída: JSON, LDIF ou sudoers\n"
+"  -i, --input-format=formato  define o formato de entrada: LDIF ou sudoers\n"
+"  -I, --increment=número      valor a incrementar cada sudoOrder\n"
+"  -h, --help                  mostra a ajuda e sai\n"
+"  -m, --match=filtro          só converte entradas que cumpram o filtro\n"
+"  -M, --match-local           filtro de comparação usa bases de dados de senha e grupo\n"
+"  -o, --output=fich_saída     escreve sudoers convertidos em fich_saída\n"
+"  -O, --order-start=número    ponto inicial para o primeiro sudoOrder\n"
+"  -p, --prune-matches         poda utilizadores, grupos e anfitriões não-correspondentes\n"
+"  -P, --padding=num           espaço base para incremento sudoOrder\n"
+"  -s, --suppress=secções      suprime saída de certas secções\n"
+"  -V, --version               mostra informação da versão e sai"
+
+#: plugins/sudoers/cvtsudoers_json.c:682 plugins/sudoers/cvtsudoers_json.c:718
+#: plugins/sudoers/cvtsudoers_json.c:936
+#, c-format
+msgid "unknown defaults entry \"%s\""
+msgstr "entrada de predefinições \"%s\" desconhecida"
+
+#: plugins/sudoers/cvtsudoers_json.c:856 plugins/sudoers/cvtsudoers_json.c:871
+#: plugins/sudoers/cvtsudoers_ldif.c:306 plugins/sudoers/cvtsudoers_ldif.c:317
+#: plugins/sudoers/ldap.c:480
+msgid "unable to get GMT time"
+msgstr "impossível obter hora GMT"
+
+#: plugins/sudoers/cvtsudoers_json.c:859 plugins/sudoers/cvtsudoers_json.c:874
+#: plugins/sudoers/cvtsudoers_ldif.c:309 plugins/sudoers/cvtsudoers_ldif.c:320
+#: plugins/sudoers/ldap.c:486
+msgid "unable to format timestamp"
+msgstr "impossível formatar datação"
+
+#: plugins/sudoers/cvtsudoers_ldif.c:524 plugins/sudoers/env.c:309
+#: plugins/sudoers/env.c:316 plugins/sudoers/env.c:421
+#: plugins/sudoers/ldap.c:494 plugins/sudoers/ldap.c:725
+#: plugins/sudoers/ldap.c:1052 plugins/sudoers/ldap_conf.c:225
+#: plugins/sudoers/ldap_conf.c:315 plugins/sudoers/linux_audit.c:87
+#: plugins/sudoers/logging.c:1015 plugins/sudoers/policy.c:623
+#: plugins/sudoers/policy.c:633 plugins/sudoers/prompt.c:166
+#: plugins/sudoers/sudoers.c:845 plugins/sudoers/testsudoers.c:255
+#: plugins/sudoers/toke_util.c:159
+#, c-format
+msgid "internal error, %s overflow"
+msgstr "erro interno, transporte %s"
+
+#: plugins/sudoers/cvtsudoers_ldif.c:593
+#, c-format
+msgid "too many sudoers entries, maximum %u"
+msgstr "demasiadas entradas sudoers, máximo %u"
+
+#: plugins/sudoers/cvtsudoers_ldif.c:636
+msgid "the SUDOERS_BASE environment variable is not set and the -b option was not specified."
+msgstr "a variável de ambiente SUDOERS_BASE não está definida e a opção -b não foi especificada."
+
+#: plugins/sudoers/def_data.c:42
+#, c-format
+msgid "Syslog facility if syslog is being used for logging: %s"
+msgstr "Facilidade syslog se syslog estiver a ser usado para início de sessão: %s"
+
+#: plugins/sudoers/def_data.c:46
+#, c-format
+msgid "Syslog priority to use when user authenticates successfully: %s"
+msgstr "Prioridade syslog a usar quando o utilizador se autentica com sucesso: %s"
+
+#: plugins/sudoers/def_data.c:50
+#, c-format
+msgid "Syslog priority to use when user authenticates unsuccessfully: %s"
+msgstr "Prioridade syslog a usar quando o utilizador não se autentica com sucesso: %s"
+
+#: plugins/sudoers/def_data.c:54
+msgid "Put OTP prompt on its own line"
+msgstr "Põe o prompt OPT na sua própria linha"
+
+#: plugins/sudoers/def_data.c:58
+msgid "Ignore '.' in $PATH"
+msgstr "Ignora \".\" em $PATH"
+
+#: plugins/sudoers/def_data.c:62
+msgid "Always send mail when sudo is run"
+msgstr "Envia sempre correio quando executa sudo"
+
+#: plugins/sudoers/def_data.c:66
+msgid "Send mail if user authentication fails"
+msgstr "Envia correio se a autenticação do utilizador falhar"
+
+#: plugins/sudoers/def_data.c:70
+msgid "Send mail if the user is not in sudoers"
+msgstr "Envia correio se o utilizador não estiver em sudoers"
+
+#: plugins/sudoers/def_data.c:74
+msgid "Send mail if the user is not in sudoers for this host"
+msgstr "Envia correio se o utilizador não estiver em sudoers neste anfitrião"
+
+#: plugins/sudoers/def_data.c:78
+msgid "Send mail if the user is not allowed to run a command"
+msgstr "Envia correio se o utilizador não puder executar um comando"
+
+#: plugins/sudoers/def_data.c:82
+msgid "Send mail if the user tries to run a command"
+msgstr "Envia correio se o utilizador tentar executar um comando"
+
+#: plugins/sudoers/def_data.c:86
+msgid "Use a separate timestamp for each user/tty combo"
+msgstr "Usa uma datação separada para cada par utilizador/tty"
+
+#: plugins/sudoers/def_data.c:90
+msgid "Lecture user the first time they run sudo"
+msgstr "Avisar o utilizador a primeira vez que executa sudo"
+
+#: plugins/sudoers/def_data.c:94
+#, c-format
+msgid "File containing the sudo lecture: %s"
+msgstr "Ficheiro com a lição de moral sudo: %s"
+
+#: plugins/sudoers/def_data.c:98
+msgid "Require users to authenticate by default"
+msgstr "Requer autenticação dos utilizadores por predefinição"
+
+#: plugins/sudoers/def_data.c:102
+msgid "Root may run sudo"
+msgstr "Root pode executar sudo"
+
+#: plugins/sudoers/def_data.c:106
+msgid "Log the hostname in the (non-syslog) log file"
+msgstr "Regista o nome de anfitrião no diário (não-syslog)"
+
+#: plugins/sudoers/def_data.c:110
+msgid "Log the year in the (non-syslog) log file"
+msgstr "Regista o ano no diário (não-syslog)"
+
+#: plugins/sudoers/def_data.c:114
+msgid "If sudo is invoked with no arguments, start a shell"
+msgstr "Se sudo for chamado sem argumentos, iniciar uma shel"
+
+#: plugins/sudoers/def_data.c:118
+msgid "Set $HOME to the target user when starting a shell with -s"
+msgstr "Definir $HOME para o utilizador alvo ao iniciar uma shell com -s"
+
+#: plugins/sudoers/def_data.c:122
+msgid "Always set $HOME to the target user's home directory"
+msgstr "Definir $HOME sempre como a pasta home do utilizador alvo"
+
+#: plugins/sudoers/def_data.c:126
+msgid "Allow some information gathering to give useful error messages"
+msgstr "Permite a recolha de alguma informação para dar mensagens de erro úteis"
+
+#: plugins/sudoers/def_data.c:130
+msgid "Require fully-qualified hostnames in the sudoers file"
+msgstr "Requer nomes de anfitrião completamente qualificados no ficheiro sudoers"
+
+#: plugins/sudoers/def_data.c:134
+msgid "Insult the user when they enter an incorrect password"
+msgstr "Insulta o utilizador quando se engana na senha"
+
+#: plugins/sudoers/def_data.c:138
+msgid "Only allow the user to run sudo if they have a tty"
+msgstr "Permitir ao utilizador a execução de sudo só se tiver tty"
+
+#: plugins/sudoers/def_data.c:142
+msgid "Visudo will honor the EDITOR environment variable"
+msgstr "Visudo honra a variável de ambiente EDITOR"
+
+#: plugins/sudoers/def_data.c:146
+msgid "Prompt for root's password, not the users's"
+msgstr "Pedir senha root, não a do utilizador"
+
+#: plugins/sudoers/def_data.c:150
+msgid "Prompt for the runas_default user's password, not the users's"
+msgstr "Pedir a senha de utilizador runas_default, não a do utilizador"
+
+#: plugins/sudoers/def_data.c:154
+msgid "Prompt for the target user's password, not the users's"
+msgstr "Pedir a senha do utilizador alvo, não a do utilizador"
+
+#: plugins/sudoers/def_data.c:158
+msgid "Apply defaults in the target user's login class if there is one"
+msgstr "Aplica predefinições à classe de sessão do utilizador alvo, se existir"
+
+#: plugins/sudoers/def_data.c:162
+msgid "Set the LOGNAME and USER environment variables"
+msgstr "Define as variáveis de ambiente LOGNAME e USER"
+
+#: plugins/sudoers/def_data.c:166
+msgid "Only set the effective uid to the target user, not the real uid"
+msgstr "Definir a uid efectiva só para o utilizador alvo, não a uid real"
+
+#: plugins/sudoers/def_data.c:170
+msgid "Don't initialize the group vector to that of the target user"
+msgstr "Não inicializar o vector de grupo para o do utilizador alvo"
+
+#: plugins/sudoers/def_data.c:174
+#, c-format
+msgid "Length at which to wrap log file lines (0 for no wrap): %u"
+msgstr "Tamanho máximo de linhas longas do diário (0 para não quebrar): %u"
+
+#: plugins/sudoers/def_data.c:178
+#, c-format
+msgid "Authentication timestamp timeout: %.1f minutes"
+msgstr "Expiração da datação de autenticação: %.1f minutos"
+
+#: plugins/sudoers/def_data.c:182
+#, c-format
+msgid "Password prompt timeout: %.1f minutes"
+msgstr "Expiração do pedido de senha: %.1f minutos"
+
+#: plugins/sudoers/def_data.c:186
+#, c-format
+msgid "Number of tries to enter a password: %u"
+msgstr "Número de tentativas de inserção de senha: %u"
+
+#: plugins/sudoers/def_data.c:190
+#, c-format
+msgid "Umask to use or 0777 to use user's: 0%o"
+msgstr "Umask a usar ou 0777 para usar a do utilizador: 0%o"
+
+#: plugins/sudoers/def_data.c:194
+#, c-format
+msgid "Path to log file: %s"
+msgstr "Caminho para o ficheiro de diário: %s"
+
+#: plugins/sudoers/def_data.c:198
+#, c-format
+msgid "Path to mail program: %s"
+msgstr "Caminho para o programa de correio: %s"
+
+#: plugins/sudoers/def_data.c:202
+#, c-format
+msgid "Flags for mail program: %s"
+msgstr "Bandeiras para o programa de correio: %s"
+
+#: plugins/sudoers/def_data.c:206
+#, c-format
+msgid "Address to send mail to: %s"
+msgstr "Endereço para onde enviar o correio: %s"
+
+#: plugins/sudoers/def_data.c:210
+#, c-format
+msgid "Address to send mail from: %s"
+msgstr "Endereço de onde enviar o correio: %s"
+
+#: plugins/sudoers/def_data.c:214
+#, c-format
+msgid "Subject line for mail messages: %s"
+msgstr "Linha de assunto para as mensagens: %s"
+
+#: plugins/sudoers/def_data.c:218
+#, c-format
+msgid "Incorrect password message: %s"
+msgstr "Mensagem de senha incorrecta: %s"
+
+#: plugins/sudoers/def_data.c:222
+#, c-format
+msgid "Path to lecture status dir: %s"
+msgstr "Caminho para a pasta de estado da lição de moral: %s"
+
+#: plugins/sudoers/def_data.c:226
+#, c-format
+msgid "Path to authentication timestamp dir: %s"
+msgstr "Caminho para a pasta de datação de autenticação: %s"
+
+#: plugins/sudoers/def_data.c:230
+#, c-format
+msgid "Owner of the authentication timestamp dir: %s"
+msgstr "Dono da pasta de datação de autenticação: %s"
+
+#: plugins/sudoers/def_data.c:234
+#, c-format
+msgid "Users in this group are exempt from password and PATH requirements: %s"
+msgstr "Utilizadores deste grupo estão dispensados de usar senhas e necessidades de PATH: %s"
+
+#: plugins/sudoers/def_data.c:238
+#, c-format
+msgid "Default password prompt: %s"
+msgstr "Pedido de senha predefinido: %s"
+
+#: plugins/sudoers/def_data.c:242
+msgid "If set, passprompt will override system prompt in all cases."
+msgstr "Se definido, o pedido de senha sobrepõe-se ao prompt do sistema em qualquer caso."
+
+#: plugins/sudoers/def_data.c:246
+#, c-format
+msgid "Default user to run commands as: %s"
+msgstr "Utilizador predefinido para executar comandos: %s"
+
+#: plugins/sudoers/def_data.c:250
+#, c-format
+msgid "Value to override user's $PATH with: %s"
+msgstr "Valor a sobrepor a $PATH: %s"
+
+#: plugins/sudoers/def_data.c:254
+#, c-format
+msgid "Path to the editor for use by visudo: %s"
+msgstr "Caminho para o editor a usar com visudo: %s"
+
+#: plugins/sudoers/def_data.c:258
+#, c-format
+msgid "When to require a password for 'list' pseudocommand: %s"
+msgstr "Quando pedir uma senha para o pseudo-comando \"list\": %s"
+
+#: plugins/sudoers/def_data.c:262
+#, c-format
+msgid "When to require a password for 'verify' pseudocommand: %s"
+msgstr "Quando pedir uma senha para o pseudo-comando \"verify\": %s"
+
+#: plugins/sudoers/def_data.c:266
+msgid "Preload the dummy exec functions contained in the sudo_noexec library"
+msgstr "Pré-carregar as funções dummy exec contidas na biblioteca sudo_noexec"
+
+#: plugins/sudoers/def_data.c:270
+msgid "If LDAP directory is up, do we ignore local sudoers file"
+msgstr "Se a pasta LDAP está em cima, ignoramos o ficheiro sudoers"
+
+#: plugins/sudoers/def_data.c:274
+#, c-format
+msgid "File descriptors >= %d will be closed before executing a command"
+msgstr "Descritores de ficheiro >= %d será fechado antes de executar um comando"
+
+#: plugins/sudoers/def_data.c:278
+msgid "If set, users may override the value of `closefrom' with the -C option"
+msgstr "Se definido, os utilizadores podem sobrepor o valor de \"closefrom\" com a opção -C"
+
+#: plugins/sudoers/def_data.c:282
+msgid "Allow users to set arbitrary environment variables"
+msgstr "Permite aos utilizadores definir variáveis de ambiente arbitrárias"
+
+#: plugins/sudoers/def_data.c:286
+msgid "Reset the environment to a default set of variables"
+msgstr "Repor o ambiente num conjunto predefinido de variáveis"
+
+#: plugins/sudoers/def_data.c:290
+msgid "Environment variables to check for sanity:"
+msgstr "Variáveis de ambiente para verificar a sanidade:"
+
+#: plugins/sudoers/def_data.c:294
+msgid "Environment variables to remove:"
+msgstr "Variáveis de ambiente para remover:"
+
+#: plugins/sudoers/def_data.c:298
+msgid "Environment variables to preserve:"
+msgstr "Variáveis de ambiente para preservar:"
+
+#: plugins/sudoers/def_data.c:302
+#, c-format
+msgid "SELinux role to use in the new security context: %s"
+msgstr "Papel SELinux a usar no novo contexto de segurança: %s"
+
+#: plugins/sudoers/def_data.c:306
+#, c-format
+msgid "SELinux type to use in the new security context: %s"
+msgstr "Tipo SELinux a usar no novo contexto de segurança: %s"
+
+#: plugins/sudoers/def_data.c:310
+#, c-format
+msgid "Path to the sudo-specific environment file: %s"
+msgstr "Caminho para o ficheiro de ambiente específico do sudo: %s"
+
+#: plugins/sudoers/def_data.c:314
+#, c-format
+msgid "Path to the restricted sudo-specific environment file: %s"
+msgstr "Caminho para o ficheiro restrito de ambiente específico do sudo: %s"
+
+#: plugins/sudoers/def_data.c:318
+#, c-format
+msgid "Locale to use while parsing sudoers: %s"
+msgstr "Idioma a usar ao analisar sudoers: %s"
+
+#: plugins/sudoers/def_data.c:322
+msgid "Allow sudo to prompt for a password even if it would be visible"
+msgstr "Permite ao sudo pedir uma senha mesmo que fique visível"
+
+#: plugins/sudoers/def_data.c:326
+msgid "Provide visual feedback at the password prompt when there is user input"
+msgstr "Fornece resposta visual no pedido de senha quando há entrada do utilizador"
+
+#: plugins/sudoers/def_data.c:330
+msgid "Use faster globbing that is less accurate but does not access the filesystem"
+msgstr "Usa globbing mais rápido e menos preciso, mas não acede ao sistema de ficheiros"
+
+#: plugins/sudoers/def_data.c:334
+msgid "The umask specified in sudoers will override the user's, even if it is more permissive"
+msgstr "A umask especificada no sudoers sobrepõe-se à do utilizador, mesmo que seja mais permissiva"
+
+#: plugins/sudoers/def_data.c:338
+msgid "Log user's input for the command being run"
+msgstr "Regista as entradas do utilizador para o comando em execução"
+
+#: plugins/sudoers/def_data.c:342
+msgid "Log the output of the command being run"
+msgstr "Regista a saída do comando em execução"
+
+#: plugins/sudoers/def_data.c:346
+msgid "Compress I/O logs using zlib"
+msgstr "Comprime diários de E/S com zlib"
+
+#: plugins/sudoers/def_data.c:350
+msgid "Always run commands in a pseudo-tty"
+msgstr "Executa sempre os comandos num pseudo-tty"
+
+#: plugins/sudoers/def_data.c:354
+#, c-format
+msgid "Plugin for non-Unix group support: %s"
+msgstr "Extensão para suporte de grupo não-Unix: %s"
+
+#: plugins/sudoers/def_data.c:358
+#, c-format
+msgid "Directory in which to store input/output logs: %s"
+msgstr "Pasta onde armazenar os diários de entrada/saída: %s"
+
+#: plugins/sudoers/def_data.c:362
+#, c-format
+msgid "File in which to store the input/output log: %s"
+msgstr "Ficheiro onde armazenar o diário de entrada/saída: %s"
+
+#: plugins/sudoers/def_data.c:366
+msgid "Add an entry to the utmp/utmpx file when allocating a pty"
+msgstr "Adiciona uma entrada ao ficheiro utmp/utmpx ao alocar um pty"
+
+#: plugins/sudoers/def_data.c:370
+msgid "Set the user in utmp to the runas user, not the invoking user"
+msgstr "Define o utilizador em utmp como utilizador runas mestre, não como utilizador chamador"
+
+#: plugins/sudoers/def_data.c:374
+#, c-format
+msgid "Set of permitted privileges: %s"
+msgstr "Conjunto de privilégios permitidos: %s"
+
+#: plugins/sudoers/def_data.c:378
+#, c-format
+msgid "Set of limit privileges: %s"
+msgstr "Conjunto de privilégios limite: %s"
+
+#: plugins/sudoers/def_data.c:382
+msgid "Run commands on a pty in the background"
+msgstr "Executa comandos num pty em 2º plano"
+
+#: plugins/sudoers/def_data.c:386
+#, c-format
+msgid "PAM service name to use: %s"
+msgstr "Nome de serviço PAM a usar: %s"
+
+#: plugins/sudoers/def_data.c:390
+#, c-format
+msgid "PAM service name to use for login shells: %s"
+msgstr "Nome de serviço PAM a usar para shells de sessão: %s"
+
+#: plugins/sudoers/def_data.c:394
+msgid "Attempt to establish PAM credentials for the target user"
+msgstr "Tenta estabelecer credenciais PAM para o utilizador alvo"
+
+#: plugins/sudoers/def_data.c:398
+msgid "Create a new PAM session for the command to run in"
+msgstr "Cria uma nova sessão PAM onde o comando será executado"
+
+#: plugins/sudoers/def_data.c:402
+#, c-format
+msgid "Maximum I/O log sequence number: %u"
+msgstr "Número de sequência máximo do diário de E/S: %u"
+
+#: plugins/sudoers/def_data.c:406
+msgid "Enable sudoers netgroup support"
+msgstr "Activa o suporte a sudoers netgroup"
+
+#: plugins/sudoers/def_data.c:410
+msgid "Check parent directories for writability when editing files with sudoedit"
+msgstr "Verifica se as pastas-mãe se podem escrever ao editar ficheiros com sudoedit"
+
+#: plugins/sudoers/def_data.c:414
+msgid "Follow symbolic links when editing files with sudoedit"
+msgstr "Segue ligações simbólicas ao editar ficheiros com sudoedit"
+
+#: plugins/sudoers/def_data.c:418
+msgid "Query the group plugin for unknown system groups"
+msgstr "Consulta a extensão de grupo para grupos de sistema desconhecidos"
+
+#: plugins/sudoers/def_data.c:422
+msgid "Match netgroups based on the entire tuple: user, host and domain"
+msgstr "Compara netgroups baseado em todo o conjunto: utilizador, anfitrião e domínio"
+
+#: plugins/sudoers/def_data.c:426
+msgid "Allow commands to be run even if sudo cannot write to the audit log"
+msgstr "Permite executar comandos mesmo que o sudo não possa escrever no diário de auditoria"
+
+#: plugins/sudoers/def_data.c:430
+msgid "Allow commands to be run even if sudo cannot write to the I/O log"
+msgstr "Permite executar comandos mesmo que o sudo não possa escrever no diário de E/S"
+
+#: plugins/sudoers/def_data.c:434
+msgid "Allow commands to be run even if sudo cannot write to the log file"
+msgstr "Permite executar comandos mesmo que o sudo não possa escrever no diário"
+
+#: plugins/sudoers/def_data.c:438
+msgid "Resolve groups in sudoers and match on the group ID, not the name"
+msgstr "Resolve grupos no sudoers e compara a ID de grupo, não o nome"
+
+#: plugins/sudoers/def_data.c:442
+#, c-format
+msgid "Log entries larger than this value will be split into multiple syslog messages: %u"
+msgstr "Entradas de diário maiores que este valor serão divididas em múltiplas mensagens de syslog: %u"
+
+#: plugins/sudoers/def_data.c:446
+#, c-format
+msgid "User that will own the I/O log files: %s"
+msgstr "Utilizador que será dono dos ficheiros de E/S: %s"
+
+#: plugins/sudoers/def_data.c:450
+#, c-format
+msgid "Group that will own the I/O log files: %s"
+msgstr "Grupo que será dono dos ficheiros de E/S: %s"
+
+#: plugins/sudoers/def_data.c:454
+#, c-format
+msgid "File mode to use for the I/O log files: 0%o"
+msgstr "Modo de ficheiro a usar para os ficheiros de E/S: 0%o"
+
+#: plugins/sudoers/def_data.c:458
+#, c-format
+msgid "Execute commands by file descriptor instead of by path: %s"
+msgstr "Executa comandos por descritor de ficheiro em vez de por caminho: %s"
+
+#: plugins/sudoers/def_data.c:462
+msgid "Ignore unknown Defaults entries in sudoers instead of producing a warning"
+msgstr "Ignora entradas Defaults desconhecidas no sudoers, em vez de produzir um aviso"
+
+#: plugins/sudoers/def_data.c:466
+#, c-format
+msgid "Time in seconds after which the command will be terminated: %u"
+msgstr "Tempo em segundos após o qual cada comando será terminado: %u"
+
+#: plugins/sudoers/def_data.c:470
+msgid "Allow the user to specify a timeout on the command line"
+msgstr "Permite ao utilizador especificar um tempo de inacção na linha de comandos"
+
+#: plugins/sudoers/def_data.c:474
+msgid "Flush I/O log data to disk immediately instead of buffering it"
+msgstr "Despejar dados de E/S para o disco imediatamente, em vez de usar um buffer"
+
+#: plugins/sudoers/def_data.c:478
+msgid "Include the process ID when logging via syslog"
+msgstr "Incluir a ID de processo ao registar via syslog"
+
+#: plugins/sudoers/def_data.c:482
+#, c-format
+msgid "Type of authentication timestamp record: %s"
+msgstr "Tipo de registo de datação de autenticação: %s"
+
+#: plugins/sudoers/def_data.c:486
+#, c-format
+msgid "Authentication failure message: %s"
+msgstr "Mensagem de falha na autenticação: %s"
+
+#: plugins/sudoers/def_data.c:490
+msgid "Ignore case when matching user names"
+msgstr "Ignorar maiúsculas ao comparar nomes de utilizadores"
+
+#: plugins/sudoers/def_data.c:494
+msgid "Ignore case when matching group names"
+msgstr "Ignorar maiúsculas ao comparar nomes de grupos"
+
+#: plugins/sudoers/defaults.c:229
+#, c-format
+msgid "%s:%d unknown defaults entry \"%s\""
+msgstr "%s:%d entrada defaults desconhecida \"%s\""
+
+#: plugins/sudoers/defaults.c:232
+#, c-format
+msgid "%s: unknown defaults entry \"%s\""
+msgstr "%s entrada defaults desconhecida \"%s\""
+
+#: plugins/sudoers/defaults.c:275
+#, c-format
+msgid "%s:%d no value specified for \"%s\""
+msgstr "%s:%d sem valor especificado para \"%s\""
+
+#: plugins/sudoers/defaults.c:278
+#, c-format
+msgid "%s: no value specified for \"%s\""
+msgstr "%s sem valor especificado para \"%s\""
+
+#: plugins/sudoers/defaults.c:298
+#, c-format
+msgid "%s:%d values for \"%s\" must start with a '/'"
+msgstr "%s:%d valores para \"%s\" têm de começar com \"/\""
+
+#: plugins/sudoers/defaults.c:301
+#, c-format
+msgid "%s: values for \"%s\" must start with a '/'"
+msgstr "%s valores para \"%s\" têm de começar com \"/\""
+
+#: plugins/sudoers/defaults.c:323
+#, c-format
+msgid "%s:%d option \"%s\" does not take a value"
+msgstr "%s:%d opção \"%s\" não recebe valores"
+
+#: plugins/sudoers/defaults.c:326
+#, c-format
+msgid "%s: option \"%s\" does not take a value"
+msgstr "%s opção \"%s\" não recebe valores"
+
+#: plugins/sudoers/defaults.c:351
+#, c-format
+msgid "%s:%d invalid Defaults type 0x%x for option \"%s\""
+msgstr "%s:%d tipo Defaults 0x%x inválido para a opção \"%s\""
+
+#: plugins/sudoers/defaults.c:354
+#, c-format
+msgid "%s: invalid Defaults type 0x%x for option \"%s\""
+msgstr "%s tipo Defaults 0x%x inválido para a opção \"%s\""
+
+#: plugins/sudoers/defaults.c:364
+#, c-format
+msgid "%s:%d value \"%s\" is invalid for option \"%s\""
+msgstr "%s:%d valor \"%s\" é inválido para a opção \"%s\""
+
+#: plugins/sudoers/defaults.c:367
+#, c-format
+msgid "%s: value \"%s\" is invalid for option \"%s\""
+msgstr "%s valor \"%s\" é inválido para a opção \"%s\""
+
+#: plugins/sudoers/env.c:390
+msgid "sudo_putenv: corrupted envp, length mismatch"
+msgstr "sudo_putenv: envp corrompido, tamanho trocado"
+
+#: plugins/sudoers/env.c:1111
+msgid "unable to rebuild the environment"
+msgstr "impossível reconstruir o ambiente"
+
+#: plugins/sudoers/env.c:1185
+#, c-format
+msgid "sorry, you are not allowed to set the following environment variables: %s"
+msgstr "desculpe, não tem permissão para definir as seguintes variáveis de ambiente: %s"
+
+#: plugins/sudoers/file.c:114
+#, c-format
+msgid "parse error in %s near line %d"
+msgstr "erro de análise em %s perto da linha %d"
+
+#: plugins/sudoers/file.c:117
+#, c-format
+msgid "parse error in %s"
+msgstr "erro de análise em %s"
+
+#: plugins/sudoers/filedigest.c:59
+#, c-format
+msgid "unsupported digest type %d for %s"
+msgstr "tipo de resumo %d não suportado para %s"
+
+#: plugins/sudoers/filedigest.c:88
+#, c-format
+msgid "%s: read error"
+msgstr "%s: erro de leitura"
+
+#: plugins/sudoers/group_plugin.c:88
+#, c-format
+msgid "%s must be owned by uid %d"
+msgstr "%s tem de ser propriedade de uid %d"
+
+#: plugins/sudoers/group_plugin.c:92
+#, c-format
+msgid "%s must only be writable by owner"
+msgstr "%s só pode ter permissão de escrita para o dono"
+
+#: plugins/sudoers/group_plugin.c:100 plugins/sudoers/sssd.c:561
+#, c-format
+msgid "unable to load %s: %s"
+msgstr "impossível carregar %s: %s"
+
+#: plugins/sudoers/group_plugin.c:106
+#, c-format
+msgid "unable to find symbol \"group_plugin\" in %s"
+msgstr "impossível encontrar o símbolo \"group_plugin\" em %s"
+
+#: plugins/sudoers/group_plugin.c:111
+#, c-format
+msgid "%s: incompatible group plugin major version %d, expected %d"
+msgstr "%s: versão principal de extensão de grupo %d incompatível, esperada %d"
+
+#: plugins/sudoers/interfaces.c:84 plugins/sudoers/interfaces.c:101
+#, c-format
+msgid "unable to parse IP address \"%s\""
+msgstr "impossível analisar endereço IP \"%s\""
+
+#: plugins/sudoers/interfaces.c:89 plugins/sudoers/interfaces.c:106
+#, c-format
+msgid "unable to parse netmask \"%s\""
+msgstr "impossível analisar netmask \"%s\""
+
+#: plugins/sudoers/interfaces.c:134
+msgid "Local IP address and netmask pairs:\n"
+msgstr "Pares endereço IP local e netmask:\n"
+
+#: plugins/sudoers/iolog.c:115 plugins/sudoers/mkdir_parents.c:80
+#, c-format
+msgid "%s exists but is not a directory (0%o)"
+msgstr "%s existe mas não é uma pasta (0%o)"
+
+#: plugins/sudoers/iolog.c:140 plugins/sudoers/iolog.c:180
+#: plugins/sudoers/mkdir_parents.c:69 plugins/sudoers/timestamp.c:210
+#, c-format
+msgid "unable to mkdir %s"
+msgstr "impossível criar pasta %s"
+
+#: plugins/sudoers/iolog.c:184 plugins/sudoers/visudo.c:723
+#: plugins/sudoers/visudo.c:734
+#, c-format
+msgid "unable to change mode of %s to 0%o"
+msgstr "impossível alterar o modo de %s para 0%o"
+
+#: plugins/sudoers/iolog.c:292 plugins/sudoers/sudoers.c:1167
+#: plugins/sudoers/testsudoers.c:422
+#, c-format
+msgid "unknown group: %s"
+msgstr "grupo desconhecido: %s"
+
+#: plugins/sudoers/iolog.c:462 plugins/sudoers/sudoers.c:907
+#: plugins/sudoers/sudoreplay.c:840 plugins/sudoers/sudoreplay.c:1536
+#: plugins/sudoers/tsdump.c:143
+#, c-format
+msgid "unable to read %s"
+msgstr "impossível ler %s"
+
+#: plugins/sudoers/iolog.c:577 plugins/sudoers/iolog.c:797
+#, c-format
+msgid "unable to create %s"
+msgstr "impossível criar %s"
+
+#: plugins/sudoers/iolog.c:820 plugins/sudoers/iolog.c:1035
+#: plugins/sudoers/iolog.c:1111 plugins/sudoers/iolog.c:1205
+#: plugins/sudoers/iolog.c:1265
+#, c-format
+msgid "unable to write to I/O log file: %s"
+msgstr "impossível escrever no ficheiro de E/S: %s"
+
+#: plugins/sudoers/iolog.c:1069
+#, c-format
+msgid "%s: internal error, I/O log file for event %d not open"
+msgstr "%s: erro interno, ficheiro de diário E/S do evento %d não aberto"
+
+#: plugins/sudoers/iolog.c:1228
+#, c-format
+msgid "%s: internal error, invalid signal %d"
+msgstr "%s: erro interno, sinal inválido %d"
+
+#: plugins/sudoers/iolog_util.c:87
+#, c-format
+msgid "%s: invalid log file"
+msgstr "%s: ficheiro de diário inválido"
+
+#: plugins/sudoers/iolog_util.c:105
+#, c-format
+msgid "%s: time stamp field is missing"
+msgstr "%s: campo de datação em falta"
+
+#: plugins/sudoers/iolog_util.c:111
+#, c-format
+msgid "%s: time stamp %s: %s"
+msgstr "%s: datação %s: %s"
+
+#: plugins/sudoers/iolog_util.c:118
+#, c-format
+msgid "%s: user field is missing"
+msgstr "%s: campo de utilizador em falta"
+
+#: plugins/sudoers/iolog_util.c:127
+#, c-format
+msgid "%s: runas user field is missing"
+msgstr "%s: campo de utilizador runas em falta"
+
+#: plugins/sudoers/iolog_util.c:136
+#, c-format
+msgid "%s: runas group field is missing"
+msgstr "%s: campo de grupo runas em falta"
+
+#: plugins/sudoers/ldap.c:176 plugins/sudoers/ldap_conf.c:294
+msgid "starttls not supported when using ldaps"
+msgstr "starttls não suportado quando usa ldaps"
+
+#: plugins/sudoers/ldap.c:247
+#, c-format
+msgid "unable to initialize SSL cert and key db: %s"
+msgstr "impossível inicializar certificado SSL e db de chave: %s"
+
+#: plugins/sudoers/ldap.c:250
+#, c-format
+msgid "you must set TLS_CERT in %s to use SSL"
+msgstr "tem de definir TLS_CERT em %s para usar SSL"
+
+#: plugins/sudoers/ldap.c:1612
+#, c-format
+msgid "unable to initialize LDAP: %s"
+msgstr "impossível inicializar LDAP: %s"
+
+#: plugins/sudoers/ldap.c:1648
+msgid "start_tls specified but LDAP libs do not support ldap_start_tls_s() or ldap_start_tls_s_np()"
+msgstr "start_tls especificado mas LDAP libs não suporta ldap_start_tls_s() ou ldap_start_tls_s_np()"
+
+#: plugins/sudoers/ldap.c:1785 plugins/sudoers/parse_ldif.c:735
+#, c-format
+msgid "invalid sudoOrder attribute: %s"
+msgstr "atributo sudoOrder inválido: %s"
+
+#: plugins/sudoers/ldap_conf.c:203
+msgid "sudo_ldap_conf_add_ports: port too large"
+msgstr "sudo_ldap_conf_add_ports: porta muito grande"
+
+#: plugins/sudoers/ldap_conf.c:263
+#, c-format
+msgid "unsupported LDAP uri type: %s"
+msgstr "tipo de uri LDAP não suportado: %s"
+
+#: plugins/sudoers/ldap_conf.c:290
+msgid "unable to mix ldap and ldaps URIs"
+msgstr "impossível misturar URIs ldap e ldaps"
+
+#: plugins/sudoers/ldap_util.c:454 plugins/sudoers/ldap_util.c:456
+#, c-format
+msgid "unable to convert sudoOption: %s%s%s"
+msgstr "impossível converter sudoOption: %s%s%s"
+
+#: plugins/sudoers/linux_audit.c:57
+msgid "unable to open audit system"
+msgstr "impossível abrir o sistema de auditoria"
+
+#: plugins/sudoers/linux_audit.c:98
+msgid "unable to send audit message"
+msgstr "impossível enviar mensagem de auditoria"
+
+#: plugins/sudoers/logging.c:113
+#, c-format
+msgid "%8s : %s"
+msgstr "%8s : %s"
+
+#: plugins/sudoers/logging.c:141
+#, c-format
+msgid "%8s : (command continued) %s"
+msgstr "%8s : (comando continuado) %s"
+
+#: plugins/sudoers/logging.c:170
+#, c-format
+msgid "unable to open log file: %s"
+msgstr "impossível abrir o diário: %s"
+
+#: plugins/sudoers/logging.c:178
+#, c-format
+msgid "unable to lock log file: %s"
+msgstr "impossível bloquear o diário: %s"
+
+#: plugins/sudoers/logging.c:211
+#, c-format
+msgid "unable to write log file: %s"
+msgstr "impossível escrever o diário: %s"
+
+#: plugins/sudoers/logging.c:240
+msgid "No user or host"
+msgstr "Sem utilizador ou anfitrião"
+
+#: plugins/sudoers/logging.c:242
+msgid "validation failure"
+msgstr "falha de validação"
+
+#: plugins/sudoers/logging.c:249
+msgid "user NOT in sudoers"
+msgstr "utilizador NÃO está no sudores"
+
+#: plugins/sudoers/logging.c:251
+msgid "user NOT authorized on host"
+msgstr "utilizador NÃO autorizado no anfitrião"
+
+#: plugins/sudoers/logging.c:253
+msgid "command not allowed"
+msgstr "comando não permitido"
+
+#: plugins/sudoers/logging.c:288
+#, c-format
+msgid "%s is not in the sudoers file.  This incident will be reported.\n"
+msgstr "%s não está no ficheiro sudoers. O incidente será reportado.\n"
+
+#: plugins/sudoers/logging.c:291
+#, c-format
+msgid "%s is not allowed to run sudo on %s.  This incident will be reported.\n"
+msgstr "%s não tem permissão para executar sudo em %s. O incidente será reportado.\n"
+
+#: plugins/sudoers/logging.c:295
+#, c-format
+msgid "Sorry, user %s may not run sudo on %s.\n"
+msgstr "Desculpe, %s não pode executar sudo em %s.\n"
+
+#: plugins/sudoers/logging.c:298
+#, c-format
+msgid "Sorry, user %s is not allowed to execute '%s%s%s' as %s%s%s on %s.\n"
+msgstr "Desculpe, %s não tem permissão para executar \"%s%s%s\" como %s%s%s em %s.\n"
+
+#: plugins/sudoers/logging.c:335 plugins/sudoers/sudoers.c:438
+#: plugins/sudoers/sudoers.c:440 plugins/sudoers/sudoers.c:442
+#: plugins/sudoers/sudoers.c:444 plugins/sudoers/sudoers.c:599
+#: plugins/sudoers/sudoers.c:601
+#, c-format
+msgid "%s: command not found"
+msgstr "%s: comando não encontrado"
+
+#: plugins/sudoers/logging.c:337 plugins/sudoers/sudoers.c:434
+#, c-format
+msgid ""
+"ignoring \"%s\" found in '.'\n"
+"Use \"sudo ./%s\" if this is the \"%s\" you wish to run."
+msgstr ""
+"a ignorar \"%s\" encontrado em \".\"\n"
+"Use \"sudo ./%s\" se este é o \"%s\" que deseja executar."
+
+#: plugins/sudoers/logging.c:354
+msgid "authentication failure"
+msgstr "falha de autenticação"
+
+#: plugins/sudoers/logging.c:380
+msgid "a password is required"
+msgstr "é necessária uma senha"
+
+#: plugins/sudoers/logging.c:443
+#, c-format
+msgid "%u incorrect password attempt"
+msgid_plural "%u incorrect password attempts"
+msgstr[0] "%u tentativa incorrecta"
+msgstr[1] "%u tentativas incorrectas"
+
+#: plugins/sudoers/logging.c:666
+msgid "unable to fork"
+msgstr "impossível bifurcar"
+
+#: plugins/sudoers/logging.c:674 plugins/sudoers/logging.c:726
+#, c-format
+msgid "unable to fork: %m"
+msgstr "impossível bifurcar: %m"
+
+#: plugins/sudoers/logging.c:716
+#, c-format
+msgid "unable to open pipe: %m"
+msgstr "impossível abrir túnel: %m"
+
+#: plugins/sudoers/logging.c:741
+#, c-format
+msgid "unable to dup stdin: %m"
+msgstr "impossível duplicar stdin: %m"
+
+#: plugins/sudoers/logging.c:779
+#, c-format
+msgid "unable to execute %s: %m"
+msgstr "impossível executar %s: %m"
+
+#: plugins/sudoers/match.c:874
+#, c-format
+msgid "digest for %s (%s) is not in %s form"
+msgstr "resumo para %s (%s) não está na forma %s"
+
+#: plugins/sudoers/mkdir_parents.c:75 plugins/sudoers/sudoers.c:918
+#: plugins/sudoers/visudo.c:421 plugins/sudoers/visudo.c:717
+#, c-format
+msgid "unable to stat %s"
+msgstr "impossível obter informações de %s"
+
+#: plugins/sudoers/parse.c:444
+#, c-format
+msgid ""
+"\n"
+"LDAP Role: %s\n"
+msgstr ""
+"\n"
+"Papel LDAP: %s\n"
+
+#: plugins/sudoers/parse.c:447
+#, c-format
+msgid ""
+"\n"
+"Sudoers entry:\n"
+msgstr ""
+"\n"
+"Entrada sudoers:\n"
+
+#: plugins/sudoers/parse.c:449
+#, c-format
+msgid "    RunAsUsers: "
+msgstr "    RunAsUsers: "
+
+#: plugins/sudoers/parse.c:464
+#, c-format
+msgid "    RunAsGroups: "
+msgstr "    RunAsGroups: "
+
+#: plugins/sudoers/parse.c:474
+#, c-format
+msgid "    Options: "
+msgstr "    Opções: "
+
+#: plugins/sudoers/parse.c:528
+#, c-format
+msgid "    Commands:\n"
+msgstr "    Comandos:\n"
+
+#: plugins/sudoers/parse.c:719
+#, c-format
+msgid "Matching Defaults entries for %s on %s:\n"
+msgstr "Entradas Defaults correspondentes para %s em %s:\n"
+
+#: plugins/sudoers/parse.c:737
+#, c-format
+msgid "Runas and Command-specific defaults for %s:\n"
+msgstr "Predefinições Runas específicas de comandos para %s:\n"
+
+#: plugins/sudoers/parse.c:755
+#, c-format
+msgid "User %s may run the following commands on %s:\n"
+msgstr "O utilizador %s pode executar os seguintes comandos em %s:\n"
+
+#: plugins/sudoers/parse.c:770
+#, c-format
+msgid "User %s is not allowed to run sudo on %s.\n"
+msgstr "O utilizador %s não tem permissão para executar sudo em %s.\n"
+
+#: plugins/sudoers/parse_ldif.c:145
+#, c-format
+msgid "ignoring invalid attribute value: %s"
+msgstr "a ignorar valor de atributo inválido: %s"
+
+#: plugins/sudoers/parse_ldif.c:584
+#, c-format
+msgid "ignoring incomplete sudoRole: cn: %s"
+msgstr "a ignorar sudoRole incompleto: cn: %s"
+
+#: plugins/sudoers/policy.c:88 plugins/sudoers/policy.c:114
+#, c-format
+msgid "invalid %.*s set by sudo front-end"
+msgstr "%.*s inválido definido pelo front-end do sudo"
+
+#: plugins/sudoers/policy.c:293 plugins/sudoers/testsudoers.c:278
+msgid "unable to parse network address list"
+msgstr "impossível analisar a lista de endereços da rede"
+
+#: plugins/sudoers/policy.c:437
+msgid "user name not set by sudo front-end"
+msgstr "nome de utilizador não definido pelo front-end do sudo"
+
+#: plugins/sudoers/policy.c:441
+msgid "user ID not set by sudo front-end"
+msgstr "ID de utilizador não definida pelo front-end do sudo"
+
+#: plugins/sudoers/policy.c:445
+msgid "group ID not set by sudo front-end"
+msgstr "ID de grupo não definida pelo front-end do sudo"
+
+#: plugins/sudoers/policy.c:449
+msgid "host name not set by sudo front-end"
+msgstr "Nome de anfitrião não definido pelo front-end do sudo"
+
+#: plugins/sudoers/policy.c:802 plugins/sudoers/visudo.c:220
+#: plugins/sudoers/visudo.c:851
+#, c-format
+msgid "unable to execute %s"
+msgstr "impossível executar %s"
+
+#: plugins/sudoers/policy.c:933
+#, c-format
+msgid "Sudoers policy plugin version %s\n"
+msgstr "Extensão de política sudoers versão %s\n"
+
+#: plugins/sudoers/policy.c:935
+#, c-format
+msgid "Sudoers file grammar version %d\n"
+msgstr "Gramática do ficheiro sudoers versão %d\n"
+
+#: plugins/sudoers/policy.c:939
+#, c-format
+msgid ""
+"\n"
+"Sudoers path: %s\n"
+msgstr ""
+"\n"
+"Caminho do sudoers: %s\n"
+
+#: plugins/sudoers/policy.c:942
+#, c-format
+msgid "nsswitch path: %s\n"
+msgstr "caminho nsswitch: %s\n"
+
+#: plugins/sudoers/policy.c:944
+#, c-format
+msgid "ldap.conf path: %s\n"
+msgstr "caminho do ldap.conf: %s\n"
+
+#: plugins/sudoers/policy.c:945
+#, c-format
+msgid "ldap.secret path: %s\n"
+msgstr "caminho do ldap.secret: %s\n"
+
+#: plugins/sudoers/policy.c:978
+#, c-format
+msgid "unable to register hook of type %d (version %d.%d)"
+msgstr "impossível registar hook do tipo %d (versão %d.%d)"
+
+#: plugins/sudoers/pwutil.c:220 plugins/sudoers/pwutil.c:239
+#, c-format
+msgid "unable to cache uid %u, out of memory"
+msgstr "impossível guardar uid %u, sem memória"
+
+#: plugins/sudoers/pwutil.c:233
+#, c-format
+msgid "unable to cache uid %u, already exists"
+msgstr "impossível guardar uid %u, já existe"
+
+#: plugins/sudoers/pwutil.c:293 plugins/sudoers/pwutil.c:311
+#: plugins/sudoers/pwutil.c:373 plugins/sudoers/pwutil.c:418
+#, c-format
+msgid "unable to cache user %s, out of memory"
+msgstr "impossível guardar utilizador %s, sem memória"
+
+#: plugins/sudoers/pwutil.c:306
+#, c-format
+msgid "unable to cache user %s, already exists"
+msgstr "impossível guardar utilizador %s, já existe"
+
+#: plugins/sudoers/pwutil.c:537 plugins/sudoers/pwutil.c:556
+#, c-format
+msgid "unable to cache gid %u, out of memory"
+msgstr "impossível guardar gid %u, sem memória"
+
+#: plugins/sudoers/pwutil.c:550
+#, c-format
+msgid "unable to cache gid %u, already exists"
+msgstr "impossível guardar gid %u, já existe"
+
+#: plugins/sudoers/pwutil.c:604 plugins/sudoers/pwutil.c:622
+#: plugins/sudoers/pwutil.c:669 plugins/sudoers/pwutil.c:711
+#, c-format
+msgid "unable to cache group %s, out of memory"
+msgstr "impossível guardar grupo %s, sem memória"
+
+#: plugins/sudoers/pwutil.c:617
+#, c-format
+msgid "unable to cache group %s, already exists"
+msgstr "impossível guardar grupo %s, já existe"
+
+#: plugins/sudoers/pwutil.c:837 plugins/sudoers/pwutil.c:889
+#: plugins/sudoers/pwutil.c:940 plugins/sudoers/pwutil.c:993
+#, c-format
+msgid "unable to cache group list for %s, already exists"
+msgstr "impossível guardar lista de grupo para %s, já existe"
+
+#: plugins/sudoers/pwutil.c:843 plugins/sudoers/pwutil.c:894
+#: plugins/sudoers/pwutil.c:946 plugins/sudoers/pwutil.c:998
+#, c-format
+msgid "unable to cache group list for %s, out of memory"
+msgstr "impossível guardar lista de grupo para %s, sem memória"
+
+#: plugins/sudoers/pwutil.c:883
+#, c-format
+msgid "unable to parse groups for %s"
+msgstr "impossível analisar grupos para %s"
+
+#: plugins/sudoers/pwutil.c:987
+#, c-format
+msgid "unable to parse gids for %s"
+msgstr "impossível analisar gids para %s"
+
+#: plugins/sudoers/set_perms.c:118 plugins/sudoers/set_perms.c:474
+#: plugins/sudoers/set_perms.c:917 plugins/sudoers/set_perms.c:1244
+#: plugins/sudoers/set_perms.c:1561
+msgid "perm stack overflow"
+msgstr "transporte de pilha perm"
+
+#: plugins/sudoers/set_perms.c:126 plugins/sudoers/set_perms.c:405
+#: plugins/sudoers/set_perms.c:482 plugins/sudoers/set_perms.c:784
+#: plugins/sudoers/set_perms.c:925 plugins/sudoers/set_perms.c:1168
+#: plugins/sudoers/set_perms.c:1252 plugins/sudoers/set_perms.c:1494
+#: plugins/sudoers/set_perms.c:1569 plugins/sudoers/set_perms.c:1659
+msgid "perm stack underflow"
+msgstr "importe de pilha perm"
+
+#: plugins/sudoers/set_perms.c:185 plugins/sudoers/set_perms.c:528
+#: plugins/sudoers/set_perms.c:1303 plugins/sudoers/set_perms.c:1601
+msgid "unable to change to root gid"
+msgstr "impossível mudar para gid root"
+
+#: plugins/sudoers/set_perms.c:274 plugins/sudoers/set_perms.c:625
+#: plugins/sudoers/set_perms.c:1054 plugins/sudoers/set_perms.c:1380
+msgid "unable to change to runas gid"
+msgstr "impossível mudar para gid runas"
+
+#: plugins/sudoers/set_perms.c:279 plugins/sudoers/set_perms.c:630
+#: plugins/sudoers/set_perms.c:1059 plugins/sudoers/set_perms.c:1385
+msgid "unable to set runas group vector"
+msgstr "impossível definir vector de grupo runas"
+
+#: plugins/sudoers/set_perms.c:290 plugins/sudoers/set_perms.c:641
+#: plugins/sudoers/set_perms.c:1068 plugins/sudoers/set_perms.c:1394
+msgid "unable to change to runas uid"
+msgstr "impossível mudar para uid runas"
+
+#: plugins/sudoers/set_perms.c:308 plugins/sudoers/set_perms.c:659
+#: plugins/sudoers/set_perms.c:1084 plugins/sudoers/set_perms.c:1410
+msgid "unable to change to sudoers gid"
+msgstr "impossível mudar para gid sudoers"
+
+#: plugins/sudoers/set_perms.c:392 plugins/sudoers/set_perms.c:771
+#: plugins/sudoers/set_perms.c:1155 plugins/sudoers/set_perms.c:1481
+#: plugins/sudoers/set_perms.c:1646
+msgid "too many processes"
+msgstr "demasiados processos"
+
+#: plugins/sudoers/solaris_audit.c:56
+msgid "unable to get current working directory"
+msgstr "impossível obter a pasta de trabalho actual"
+
+#: plugins/sudoers/solaris_audit.c:64
+#, c-format
+msgid "truncated audit path user_cmnd: %s"
+msgstr "caminho de auditoria truncado user_cmnd: %s"
+
+#: plugins/sudoers/solaris_audit.c:71
+#, c-format
+msgid "truncated audit path argv[0]: %s"
+msgstr "caminho de auditoria truncado argv[0]: %s"
+
+#: plugins/sudoers/solaris_audit.c:120
+msgid "audit_failure message too long"
+msgstr "mensagem audit_failure muito longa"
+
+#: plugins/sudoers/sssd.c:563
+msgid "unable to initialize SSS source. Is SSSD installed on your machine?"
+msgstr "impossível inicializar fonte SSS. Tem o SSSD instalado?"
+
+#: plugins/sudoers/sssd.c:571 plugins/sudoers/sssd.c:580
+#: plugins/sudoers/sssd.c:589 plugins/sudoers/sssd.c:598
+#: plugins/sudoers/sssd.c:607
+#, c-format
+msgid "unable to find symbol \"%s\" in %s"
+msgstr "impossível encontrar símbolo \"%s\" em %s"
+
+#: plugins/sudoers/sudoers.c:208 plugins/sudoers/sudoers.c:864
+msgid "problem with defaults entries"
+msgstr "problema com entradas defaults"
+
+#: plugins/sudoers/sudoers.c:212
+msgid "no valid sudoers sources found, quitting"
+msgstr "sme fontes sudoers válidas, a sair"
+
+#: plugins/sudoers/sudoers.c:250
+msgid "sudoers specifies that root is not allowed to sudo"
+msgstr "sudoers especifica que root não tem permissão para sudo"
+
+#: plugins/sudoers/sudoers.c:308
+msgid "you are not permitted to use the -C option"
+msgstr "não tem permissão para usar a opção -C"
+
+#: plugins/sudoers/sudoers.c:355
+#, c-format
+msgid "timestamp owner (%s): No such user"
+msgstr "dono da datação (%s): utilizador inexistente"
+
+#: plugins/sudoers/sudoers.c:370
+msgid "no tty"
+msgstr "sem tty"
+
+#: plugins/sudoers/sudoers.c:371
+msgid "sorry, you must have a tty to run sudo"
+msgstr "desculpe, tem de ter um tty para executar sudo"
+
+#: plugins/sudoers/sudoers.c:433
+msgid "command in current directory"
+msgstr "comando na pasta actual"
+
+#: plugins/sudoers/sudoers.c:452
+msgid "sorry, you are not allowed set a command timeout"
+msgstr "desculpe, não tem permissão para definir um tempo de inacção"
+
+#: plugins/sudoers/sudoers.c:460
+msgid "sorry, you are not allowed to preserve the environment"
+msgstr "desculpe, não tem permissão para preservar o ambiente"
+
+#: plugins/sudoers/sudoers.c:808
+msgid "command too long"
+msgstr "comando muito longo"
+
+#: plugins/sudoers/sudoers.c:922
+#, c-format
+msgid "%s is not a regular file"
+msgstr "%s não é um ficheiro normal"
+
+#: plugins/sudoers/sudoers.c:926 plugins/sudoers/timestamp.c:257 toke.l:965
+#, c-format
+msgid "%s is owned by uid %u, should be %u"
+msgstr "%s é propriedade de uid %u, deveria ser %u"
+
+#: plugins/sudoers/sudoers.c:930 toke.l:970
+#, c-format
+msgid "%s is world writable"
+msgstr "%s é escrito universalmente"
+
+#: plugins/sudoers/sudoers.c:934 toke.l:973
+#, c-format
+msgid "%s is owned by gid %u, should be %u"
+msgstr "%s é propriedade de gid %u, deveria ser %u"
+
+#: plugins/sudoers/sudoers.c:967
+#, c-format
+msgid "only root can use \"-c %s\""
+msgstr "só root pode usar \"-c %s\""
+
+#: plugins/sudoers/sudoers.c:986
+#, c-format
+msgid "unknown login class: %s"
+msgstr "classe de sessão desconhecida: %s"
+
+#: plugins/sudoers/sudoers.c:1069 plugins/sudoers/sudoers.c:1083
+#, c-format
+msgid "unable to resolve host %s"
+msgstr "impossível resolver o anfitrião %s"
+
+#: plugins/sudoers/sudoreplay.c:248
+#, c-format
+msgid "invalid filter option: %s"
+msgstr "opção de filtro inválida: %s"
+
+#: plugins/sudoers/sudoreplay.c:261
+#, c-format
+msgid "invalid max wait: %s"
+msgstr "espera máxima inválida: %s"
+
+#: plugins/sudoers/sudoreplay.c:284
+#, c-format
+msgid "invalid speed factor: %s"
+msgstr "factor de velocidade inválido: %s"
+
+#: plugins/sudoers/sudoreplay.c:319
+#, c-format
+msgid "%s/%.2s/%.2s/%.2s/timing: %s"
+msgstr "%s/%.2s/%.2s/%.2s/temporização: %s"
+
+#: plugins/sudoers/sudoreplay.c:325
+#, c-format
+msgid "%s/%s/timing: %s"
+msgstr "%s/%s/temporização: %s"
+
+#: plugins/sudoers/sudoreplay.c:341
+#, c-format
+msgid "Replaying sudo session: %s"
+msgstr "A reproduzir sessão sudo: %s"
+
+#: plugins/sudoers/sudoreplay.c:539 plugins/sudoers/sudoreplay.c:586
+#: plugins/sudoers/sudoreplay.c:783 plugins/sudoers/sudoreplay.c:892
+#: plugins/sudoers/sudoreplay.c:977 plugins/sudoers/sudoreplay.c:992
+#: plugins/sudoers/sudoreplay.c:999 plugins/sudoers/sudoreplay.c:1006
+#: plugins/sudoers/sudoreplay.c:1013 plugins/sudoers/sudoreplay.c:1020
+#: plugins/sudoers/sudoreplay.c:1168
+msgid "unable to add event to queue"
+msgstr "impossível adicionar evento à fila"
+
+#: plugins/sudoers/sudoreplay.c:654
+msgid "unable to set tty to raw mode"
+msgstr "impossível definir tty para modo raw"
+
+#: plugins/sudoers/sudoreplay.c:705
+#, c-format
+msgid "Warning: your terminal is too small to properly replay the log.\n"
+msgstr "Aviso: o seu terminal é muito pequeno para reproduzir correctamente o diário.\n"
+
+#: plugins/sudoers/sudoreplay.c:706
+#, c-format
+msgid "Log geometry is %d x %d, your terminal's geometry is %d x %d."
+msgstr "A geometria do diário é %d x %d, o seu terminal é %d x %d."
+
+#: plugins/sudoers/sudoreplay.c:734
+msgid "Replay finished, press any key to restore the terminal."
+msgstr "Reprodução terminada, prima qualquer tecla para restaurar o terminal."
+
+#: plugins/sudoers/sudoreplay.c:766
+#, c-format
+msgid "invalid timing file line: %s"
+msgstr "linha de ficheiro de temporização inválida : %s"
+
+#: plugins/sudoers/sudoreplay.c:1202 plugins/sudoers/sudoreplay.c:1227
+#, c-format
+msgid "ambiguous expression \"%s\""
+msgstr "expressão ambígua \"%s\""
+
+#: plugins/sudoers/sudoreplay.c:1249
+msgid "unmatched ')' in expression"
+msgstr "\")\" sem par em expressão"
+
+#: plugins/sudoers/sudoreplay.c:1253
+#, c-format
+msgid "unknown search term \"%s\""
+msgstr "termo de procura \"%s\" desconhecido"
+
+#: plugins/sudoers/sudoreplay.c:1268
+#, c-format
+msgid "%s requires an argument"
+msgstr "%s requer um argumento"
+
+#: plugins/sudoers/sudoreplay.c:1271 plugins/sudoers/sudoreplay.c:1512
+#, c-format
+msgid "invalid regular expression: %s"
+msgstr "expressão regular inválida: %s"
+
+#: plugins/sudoers/sudoreplay.c:1275
+#, c-format
+msgid "could not parse date \"%s\""
+msgstr "impossível analisar a data \"%s\""
+
+#: plugins/sudoers/sudoreplay.c:1284
+msgid "unmatched '(' in expression"
+msgstr "\"(\" sem par em expressão"
+
+#: plugins/sudoers/sudoreplay.c:1286
+msgid "illegal trailing \"or\""
+msgstr "\"or\" final ilegal"
+
+#: plugins/sudoers/sudoreplay.c:1288
+msgid "illegal trailing \"!\""
+msgstr "\"!\" final ilegal"
+
+#: plugins/sudoers/sudoreplay.c:1338
+#, c-format
+msgid "unknown search type %d"
+msgstr "tipo de procura %d desconhecido"
+
+#: plugins/sudoers/sudoreplay.c:1605
+#, c-format
+msgid "usage: %s [-hnRS] [-d dir] [-m num] [-s num] ID\n"
+msgstr "uso: %s [-hnRS] [-d pasta] [-m núm] [-s núm] ID\n"
+
+#: plugins/sudoers/sudoreplay.c:1608
+#, c-format
+msgid "usage: %s [-h] [-d dir] -l [search expression]\n"
+msgstr "uso: %s [-h] [-d pasta] -l [expressão de procura]\n"
+
+#: plugins/sudoers/sudoreplay.c:1617
+#, c-format
+msgid ""
+"%s - replay sudo session logs\n"
+"\n"
+msgstr ""
+"%s - reproduz os diários de sessão sudo\n"
+"\n"
+
+#: plugins/sudoers/sudoreplay.c:1619
+msgid ""
+"\n"
+"Options:\n"
+"  -d, --directory=dir  specify directory for session logs\n"
+"  -f, --filter=filter  specify which I/O type(s) to display\n"
+"  -h, --help           display help message and exit\n"
+"  -l, --list           list available session IDs, with optional expression\n"
+"  -m, --max-wait=num   max number of seconds to wait between events\n"
+"  -S, --suspend-wait   wait while the command was suspended\n"
+"  -s, --speed=num      speed up or slow down output\n"
+"  -V, --version        display version information and exit"
+msgstr ""
+"\n"
+"Opções:\n"
+"  -d, --directory=pasta especifica a pasta para diários de sessão\n"
+"  -f, --filter=filtro   especifica os tipos de E/S a mostrar\n"
+"  -h, --help            mostra a ajuda e sai\n"
+"  -l, --list            lista as IDs de sessão disponíveis, com expressão opcional\n"
+"  -m, --max-wait=número número máximo de segundos a aguardar entre eventos\n"
+"  -S, --suspend-wait    espera enquanto o comando foi suspenso\n"
+"  -s, --speed=número    acelera ou trava a saída\n"
+"  -V, --version         mostra informação da versão e sai"
+
+#: plugins/sudoers/testsudoers.c:360
+msgid "\thost  unmatched"
+msgstr "\thost  sem correspondência"
+
+#: plugins/sudoers/testsudoers.c:363
+msgid ""
+"\n"
+"Command allowed"
+msgstr ""
+"\n"
+"Comando permitido"
+
+#: plugins/sudoers/testsudoers.c:364
+msgid ""
+"\n"
+"Command denied"
+msgstr ""
+"\n"
+"Comando negado"
+
+#: plugins/sudoers/testsudoers.c:364
+msgid ""
+"\n"
+"Command unmatched"
+msgstr ""
+"\n"
+"Comando sem correspondência"
+
+#: plugins/sudoers/timestamp.c:265
+#, c-format
+msgid "%s is group writable"
+msgstr "%s é escrito pelo grupo"
+
+#: plugins/sudoers/timestamp.c:341
+#, c-format
+msgid "unable to truncate time stamp file to %lld bytes"
+msgstr "impossível truncar o ficheiro de datação para %lld bytes"
+
+#: plugins/sudoers/timestamp.c:827 plugins/sudoers/timestamp.c:919
+#: plugins/sudoers/visudo.c:482 plugins/sudoers/visudo.c:488
+msgid "unable to read the clock"
+msgstr "impossível ler o relógio"
+
+#: plugins/sudoers/timestamp.c:838
+msgid "ignoring time stamp from the future"
+msgstr "a ignorar datação do futuro"
+
+#: plugins/sudoers/timestamp.c:861
+#, c-format
+msgid "time stamp too far in the future: %20.20s"
+msgstr "datação demasiado no futuro: %20.20s"
+
+#: plugins/sudoers/timestamp.c:983
+#, c-format
+msgid "unable to lock time stamp file %s"
+msgstr "impossível bloquear ficheiro de datação %s"
+
+#: plugins/sudoers/timestamp.c:1027 plugins/sudoers/timestamp.c:1047
+#, c-format
+msgid "lecture status path too long: %s/%s"
+msgstr "caminho do estado da lição de moral muito longo: %s/%s"
+
+#: plugins/sudoers/visudo.c:216
+msgid "the -x option will be removed in a future release"
+msgstr "a opção -x será removida numa futura versão"
+
+#: plugins/sudoers/visudo.c:217
+msgid "please consider using the cvtsudoers utility instead"
+msgstr "por favor, considere usar antes o utilitário cvtsudoers"
+
+#: plugins/sudoers/visudo.c:268 plugins/sudoers/visudo.c:650
+#, c-format
+msgid "press return to edit %s: "
+msgstr "prima Enter para editar %s: "
+
+#: plugins/sudoers/visudo.c:329
+#, c-format
+msgid "specified editor (%s) doesn't exist"
+msgstr "o editor especificado (%s) não existe"
+
+#: plugins/sudoers/visudo.c:331
+#, c-format
+msgid "no editor found (editor path = %s)"
+msgstr "sem editor (caminho do editor = %s)"
+
+#: plugins/sudoers/visudo.c:441 plugins/sudoers/visudo.c:449
+msgid "write error"
+msgstr "erro de escrita"
+
+#: plugins/sudoers/visudo.c:495
+#, c-format
+msgid "unable to stat temporary file (%s), %s unchanged"
+msgstr "impossível obter informação do ficheiro temporário (%s), %s inalterado"
+
+#: plugins/sudoers/visudo.c:502
+#, c-format
+msgid "zero length temporary file (%s), %s unchanged"
+msgstr "ficheiro temporário de tamanho zero (%s), %s inalterado"
+
+#: plugins/sudoers/visudo.c:508
+#, c-format
+msgid "editor (%s) failed, %s unchanged"
+msgstr "falha no editor (%s), %s inalterado"
+
+#: plugins/sudoers/visudo.c:530
+#, c-format
+msgid "%s unchanged"
+msgstr "%s inalterado"
+
+#: plugins/sudoers/visudo.c:589
+#, c-format
+msgid "unable to re-open temporary file (%s), %s unchanged."
+msgstr "impossível reabrir o ficheiro temporário (%s), %s inalterado."
+
+#: plugins/sudoers/visudo.c:601
+#, c-format
+msgid "unabled to parse temporary file (%s), unknown error"
+msgstr "impossível analisar o ficheiro temporário (%s), erro desconhecido"
+
+#: plugins/sudoers/visudo.c:639
+#, c-format
+msgid "internal error, unable to find %s in list!"
+msgstr "erro interno, impossível encontrar %s na lista!"
+
+#: plugins/sudoers/visudo.c:719 plugins/sudoers/visudo.c:728
+#, c-format
+msgid "unable to set (uid, gid) of %s to (%u, %u)"
+msgstr "impossível definir (uid, gid) de %s para (%u, %u)"
+
+#: plugins/sudoers/visudo.c:751
+#, c-format
+msgid "%s and %s not on the same file system, using mv to rename"
+msgstr "%s e %s em sistemas de ficheiros diferentes, a usar mv para renomear"
+
+#: plugins/sudoers/visudo.c:765
+#, c-format
+msgid "command failed: '%s %s %s', %s unchanged"
+msgstr "falha no comando: \"%s %s %s\", %s inalterado"
+
+#: plugins/sudoers/visudo.c:775
+#, c-format
+msgid "error renaming %s, %s unchanged"
+msgstr "erro ao renomear %s, %s inalterado"
+
+#: plugins/sudoers/visudo.c:796
+msgid "What now? "
+msgstr "E agora?"
+
+#: plugins/sudoers/visudo.c:810
+msgid ""
+"Options are:\n"
+"  (e)dit sudoers file again\n"
+"  e(x)it without saving changes to sudoers file\n"
+"  (Q)uit and save changes to sudoers file (DANGER!)\n"
+msgstr ""
+"As opções são:\n"
+"  (e) editar o ficheiro sudoers de novo\n"
+"  (x) sair sem gravar as alterações ao ficheiro sudoers\n"
+"  (Q) sair e gravar as alterações ao ficheiro sudoers (PERIGO!)\n"
+
+#: plugins/sudoers/visudo.c:856
+#, c-format
+msgid "unable to run %s"
+msgstr "impossível executar %s"
+
+#: plugins/sudoers/visudo.c:886
+#, c-format
+msgid "%s: wrong owner (uid, gid) should be (%u, %u)\n"
+msgstr "%s: dono errrado (uid, gid), deveria ser (%u, %u)\n"
+
+#: plugins/sudoers/visudo.c:893
+#, c-format
+msgid "%s: bad permissions, should be mode 0%o\n"
+msgstr "%s: permissões erradas, devia ser modo 0%o\n"
+
+#: plugins/sudoers/visudo.c:950 plugins/sudoers/visudo.c:957
+#, c-format
+msgid "%s: parsed OK\n"
+msgstr "%s: análise com sucesso\n"
+
+#: plugins/sudoers/visudo.c:976
+#, c-format
+msgid "%s busy, try again later"
+msgstr "%s ocupado, tente mais tarde"
+
+#: plugins/sudoers/visudo.c:979
+#, c-format
+msgid "unable to lock %s"
+msgstr "impossível bloquear %s"
+
+#: plugins/sudoers/visudo.c:980
+msgid "Edit anyway? [y/N]"
+msgstr "Editar mesmo assim ? [y/N]"
+
+#: plugins/sudoers/visudo.c:1064
+#, c-format
+msgid "Error: %s:%d cycle in %s \"%s\""
+msgstr "Erro: %s:%d ciclo em %s \"%s\""
+
+#: plugins/sudoers/visudo.c:1065
+#, c-format
+msgid "Warning: %s:%d cycle in %s \"%s\""
+msgstr "Aviso: %s:%d ciclo em %s \"%s\""
+
+#: plugins/sudoers/visudo.c:1069
+#, c-format
+msgid "Error: %s:%d %s \"%s\" referenced but not defined"
+msgstr "Erro: %s:%d %s \"%s\" referenciado mas não definido"
+
+#: plugins/sudoers/visudo.c:1070
+#, c-format
+msgid "Warning: %s:%d %s \"%s\" referenced but not defined"
+msgstr "Aviso: %s:%d %s \"%s\" referenciado mas não definido"
+
+#: plugins/sudoers/visudo.c:1161
+#, c-format
+msgid "Warning: %s:%d unused %s \"%s\""
+msgstr "Aviso: %s:%d não usado %s \"%s\""
+
+#: plugins/sudoers/visudo.c:1276
+#, c-format
+msgid ""
+"%s - safely edit the sudoers file\n"
+"\n"
+msgstr ""
+"%s - editar com segurança o ficheiro sudoers\n"
+"\n"
+
+#: plugins/sudoers/visudo.c:1278
+msgid ""
+"\n"
+"Options:\n"
+"  -c, --check              check-only mode\n"
+"  -f, --file=sudoers       specify sudoers file location\n"
+"  -h, --help               display help message and exit\n"
+"  -q, --quiet              less verbose (quiet) syntax error messages\n"
+"  -s, --strict             strict syntax checking\n"
+"  -V, --version            display version information and exit\n"
+msgstr ""
+"\n"
+"Opções:\n"
+"  -c, --check              modo só de verificação\n"
+"  -f, --file=sudoers       especifica a localização do ficheiro sudoers\n"
+"  -h, --help               mostra a ajuda e sai\n"
+"  -q, --quiet              mensagens de erro de sintaxe menos verbosas (silêncio)\n"
+"  -s, --strict             verificação de sintaxe estrita\n"
+"  -V, --version            mostra informação da versão e sai\n"
+
+#: toke.l:939
+msgid "too many levels of includes"
+msgstr "demasiados níveis de includes"
diff --git a/plugins/sudoers/po/pt_BR.mo b/plugins/sudoers/po/pt_BR.mo
new file mode 100644
index 0000000..82df1ff
--- /dev/null
+++ b/plugins/sudoers/po/pt_BR.mo
diff --git a/plugins/sudoers/po/pt_BR.po b/plugins/sudoers/po/pt_BR.po
new file mode 100644
index 0000000..6872879
--- /dev/null
+++ b/plugins/sudoers/po/pt_BR.po
@@ -0,0 +1,2485 @@
+# Brazilian Portuguese translation of sudoers.
+# Traduções em português brasileiro para o pacote sudoers
+# Copyright (C) 2018 Free Software Foundation, Inc.
+# This file is distributed under the same license as the sudo package.
+# Rafael Fontenelle <rafaelff@gnome.org>, 2013-2018.
+msgid ""
+msgstr ""
+"Project-Id-Version: sudoers 1.8.26b1\n"
+"Report-Msgid-Bugs-To: https://bugzilla.sudo.ws\n"
+"POT-Creation-Date: 2018-10-29 08:31-0600\n"
+"PO-Revision-Date: 2018-10-29 16:20-0200\n"
+"Last-Translator: Rafael Fontenelle <rafaelff@gnome.org>\n"
+"Language-Team: Brazilian Portuguese <ldpbr-translation@lists.sourceforge.net>\n"
+"Language: pt_BR\n"
+"MIME-Version: 1.0\n"
+"Content-Type: text/plain; charset=UTF-8\n"
+"Content-Transfer-Encoding: 8bit\n"
+"Plural-Forms: nplurals=2; plural=(n > 1);\n"
+"X-Generator: Virtaal 1.0.0-beta1\n"
+"X-Bugs: Report translation errors to the Language-Team address.\n"
+
+#: confstr.sh:1
+msgid "syntax error"
+msgstr "erro de sintaxe"
+
+#: confstr.sh:2
+msgid "%p's password: "
+msgstr "senha do %p: "
+
+#: confstr.sh:3
+msgid "[sudo] password for %p: "
+msgstr "[sudo] senha para %p: "
+
+#: confstr.sh:4
+msgid "Password: "
+msgstr "Senha: "
+
+#: confstr.sh:5
+msgid "*** SECURITY information for %h ***"
+msgstr "*** Informação de SEGURANÇA para %h ***"
+
+#: confstr.sh:6
+msgid "Sorry, try again."
+msgstr "Sinto muito, tente novamente."
+
+#: gram.y:192 gram.y:240 gram.y:247 gram.y:254 gram.y:261 gram.y:268
+#: gram.y:284 gram.y:308 gram.y:315 gram.y:322 gram.y:329 gram.y:336
+#: gram.y:399 gram.y:407 gram.y:417 gram.y:450 gram.y:457 gram.y:464
+#: gram.y:471 gram.y:553 gram.y:560 gram.y:569 gram.y:578 gram.y:595
+#: gram.y:707 gram.y:714 gram.y:721 gram.y:729 gram.y:829 gram.y:836
+#: gram.y:843 gram.y:850 gram.y:857 gram.y:883 gram.y:890 gram.y:897
+#: gram.y:1020 gram.y:1294 plugins/sudoers/alias.c:130
+#: plugins/sudoers/alias.c:137 plugins/sudoers/alias.c:153
+#: plugins/sudoers/auth/bsdauth.c:146 plugins/sudoers/auth/kerb5.c:121
+#: plugins/sudoers/auth/kerb5.c:147 plugins/sudoers/auth/pam.c:524
+#: plugins/sudoers/auth/rfc1938.c:114 plugins/sudoers/auth/sia.c:62
+#: plugins/sudoers/cvtsudoers.c:123 plugins/sudoers/cvtsudoers.c:164
+#: plugins/sudoers/cvtsudoers.c:181 plugins/sudoers/cvtsudoers.c:192
+#: plugins/sudoers/cvtsudoers.c:304 plugins/sudoers/cvtsudoers.c:432
+#: plugins/sudoers/cvtsudoers.c:565 plugins/sudoers/cvtsudoers.c:582
+#: plugins/sudoers/cvtsudoers.c:645 plugins/sudoers/cvtsudoers.c:760
+#: plugins/sudoers/cvtsudoers.c:768 plugins/sudoers/cvtsudoers.c:1178
+#: plugins/sudoers/cvtsudoers.c:1182 plugins/sudoers/cvtsudoers.c:1284
+#: plugins/sudoers/cvtsudoers_ldif.c:152 plugins/sudoers/cvtsudoers_ldif.c:195
+#: plugins/sudoers/cvtsudoers_ldif.c:242 plugins/sudoers/cvtsudoers_ldif.c:261
+#: plugins/sudoers/cvtsudoers_ldif.c:332 plugins/sudoers/cvtsudoers_ldif.c:387
+#: plugins/sudoers/cvtsudoers_ldif.c:395 plugins/sudoers/cvtsudoers_ldif.c:412
+#: plugins/sudoers/cvtsudoers_ldif.c:421 plugins/sudoers/cvtsudoers_ldif.c:568
+#: plugins/sudoers/defaults.c:661 plugins/sudoers/defaults.c:954
+#: plugins/sudoers/defaults.c:1125 plugins/sudoers/editor.c:70
+#: plugins/sudoers/editor.c:88 plugins/sudoers/editor.c:99
+#: plugins/sudoers/env.c:247 plugins/sudoers/filedigest.c:64
+#: plugins/sudoers/filedigest.c:80 plugins/sudoers/gc.c:57
+#: plugins/sudoers/group_plugin.c:136 plugins/sudoers/interfaces.c:76
+#: plugins/sudoers/iolog.c:939 plugins/sudoers/iolog_path.c:172
+#: plugins/sudoers/iolog_util.c:83 plugins/sudoers/iolog_util.c:122
+#: plugins/sudoers/iolog_util.c:131 plugins/sudoers/iolog_util.c:141
+#: plugins/sudoers/iolog_util.c:149 plugins/sudoers/iolog_util.c:153
+#: plugins/sudoers/ldap.c:183 plugins/sudoers/ldap.c:414
+#: plugins/sudoers/ldap.c:418 plugins/sudoers/ldap.c:430
+#: plugins/sudoers/ldap.c:721 plugins/sudoers/ldap.c:885
+#: plugins/sudoers/ldap.c:1233 plugins/sudoers/ldap.c:1660
+#: plugins/sudoers/ldap.c:1697 plugins/sudoers/ldap.c:1778
+#: plugins/sudoers/ldap.c:1913 plugins/sudoers/ldap.c:2014
+#: plugins/sudoers/ldap.c:2030 plugins/sudoers/ldap_conf.c:221
+#: plugins/sudoers/ldap_conf.c:252 plugins/sudoers/ldap_conf.c:304
+#: plugins/sudoers/ldap_conf.c:340 plugins/sudoers/ldap_conf.c:443
+#: plugins/sudoers/ldap_conf.c:458 plugins/sudoers/ldap_conf.c:555
+#: plugins/sudoers/ldap_conf.c:588 plugins/sudoers/ldap_conf.c:680
+#: plugins/sudoers/ldap_conf.c:762 plugins/sudoers/ldap_util.c:508
+#: plugins/sudoers/ldap_util.c:564 plugins/sudoers/linux_audit.c:81
+#: plugins/sudoers/logging.c:195 plugins/sudoers/logging.c:511
+#: plugins/sudoers/logging.c:532 plugins/sudoers/logging.c:573
+#: plugins/sudoers/logging.c:752 plugins/sudoers/logging.c:1010
+#: plugins/sudoers/match.c:725 plugins/sudoers/match.c:772
+#: plugins/sudoers/match.c:813 plugins/sudoers/match.c:841
+#: plugins/sudoers/match.c:929 plugins/sudoers/match.c:1009
+#: plugins/sudoers/parse.c:195 plugins/sudoers/parse.c:207
+#: plugins/sudoers/parse.c:222 plugins/sudoers/parse.c:234
+#: plugins/sudoers/parse_ldif.c:141 plugins/sudoers/parse_ldif.c:168
+#: plugins/sudoers/parse_ldif.c:237 plugins/sudoers/parse_ldif.c:244
+#: plugins/sudoers/parse_ldif.c:249 plugins/sudoers/parse_ldif.c:325
+#: plugins/sudoers/parse_ldif.c:336 plugins/sudoers/parse_ldif.c:342
+#: plugins/sudoers/parse_ldif.c:367 plugins/sudoers/parse_ldif.c:379
+#: plugins/sudoers/parse_ldif.c:383 plugins/sudoers/parse_ldif.c:397
+#: plugins/sudoers/parse_ldif.c:564 plugins/sudoers/parse_ldif.c:594
+#: plugins/sudoers/parse_ldif.c:619 plugins/sudoers/parse_ldif.c:679
+#: plugins/sudoers/parse_ldif.c:698 plugins/sudoers/parse_ldif.c:744
+#: plugins/sudoers/parse_ldif.c:754 plugins/sudoers/policy.c:502
+#: plugins/sudoers/policy.c:744 plugins/sudoers/prompt.c:98
+#: plugins/sudoers/pwutil.c:197 plugins/sudoers/pwutil.c:269
+#: plugins/sudoers/pwutil.c:346 plugins/sudoers/pwutil.c:520
+#: plugins/sudoers/pwutil.c:586 plugins/sudoers/pwutil.c:656
+#: plugins/sudoers/pwutil.c:814 plugins/sudoers/pwutil.c:871
+#: plugins/sudoers/pwutil.c:916 plugins/sudoers/pwutil.c:974
+#: plugins/sudoers/sssd.c:152 plugins/sudoers/sssd.c:398
+#: plugins/sudoers/sssd.c:461 plugins/sudoers/sssd.c:505
+#: plugins/sudoers/sssd.c:552 plugins/sudoers/sssd.c:743
+#: plugins/sudoers/stubs.c:101 plugins/sudoers/stubs.c:109
+#: plugins/sudoers/sudoers.c:269 plugins/sudoers/sudoers.c:279
+#: plugins/sudoers/sudoers.c:288 plugins/sudoers/sudoers.c:330
+#: plugins/sudoers/sudoers.c:653 plugins/sudoers/sudoers.c:779
+#: plugins/sudoers/sudoers.c:823 plugins/sudoers/sudoers.c:1097
+#: plugins/sudoers/sudoers_debug.c:112 plugins/sudoers/sudoreplay.c:579
+#: plugins/sudoers/sudoreplay.c:582 plugins/sudoers/sudoreplay.c:1259
+#: plugins/sudoers/sudoreplay.c:1459 plugins/sudoers/sudoreplay.c:1463
+#: plugins/sudoers/testsudoers.c:134 plugins/sudoers/testsudoers.c:234
+#: plugins/sudoers/testsudoers.c:251 plugins/sudoers/testsudoers.c:585
+#: plugins/sudoers/timestamp.c:437 plugins/sudoers/timestamp.c:481
+#: plugins/sudoers/timestamp.c:958 plugins/sudoers/toke_util.c:57
+#: plugins/sudoers/toke_util.c:110 plugins/sudoers/toke_util.c:147
+#: plugins/sudoers/tsdump.c:128 plugins/sudoers/visudo.c:150
+#: plugins/sudoers/visudo.c:312 plugins/sudoers/visudo.c:318
+#: plugins/sudoers/visudo.c:428 plugins/sudoers/visudo.c:606
+#: plugins/sudoers/visudo.c:926 plugins/sudoers/visudo.c:1013
+#: plugins/sudoers/visudo.c:1102 toke.l:844 toke.l:945 toke.l:1102
+msgid "unable to allocate memory"
+msgstr "não foi possível alocar memória"
+
+#: gram.y:482
+msgid "a digest requires a path name"
+msgstr "um digest requer um nome de caminho"
+
+#: gram.y:608
+msgid "invalid notbefore value"
+msgstr "valor de notbefore inválido"
+
+#: gram.y:616
+msgid "invalid notafter value"
+msgstr "falha de notafter inválido"
+
+#: gram.y:625 plugins/sudoers/policy.c:318
+msgid "timeout value too large"
+msgstr "valor de timeout grande demais"
+
+#: gram.y:627 plugins/sudoers/policy.c:320
+msgid "invalid timeout value"
+msgstr "valor de timeout inválido"
+
+#: gram.y:1294 plugins/sudoers/auth/pam.c:354 plugins/sudoers/auth/pam.c:524
+#: plugins/sudoers/auth/rfc1938.c:114 plugins/sudoers/cvtsudoers.c:123
+#: plugins/sudoers/cvtsudoers.c:163 plugins/sudoers/cvtsudoers.c:180
+#: plugins/sudoers/cvtsudoers.c:191 plugins/sudoers/cvtsudoers.c:303
+#: plugins/sudoers/cvtsudoers.c:431 plugins/sudoers/cvtsudoers.c:564
+#: plugins/sudoers/cvtsudoers.c:581 plugins/sudoers/cvtsudoers.c:645
+#: plugins/sudoers/cvtsudoers.c:760 plugins/sudoers/cvtsudoers.c:767
+#: plugins/sudoers/cvtsudoers.c:1178 plugins/sudoers/cvtsudoers.c:1182
+#: plugins/sudoers/cvtsudoers.c:1284 plugins/sudoers/cvtsudoers_ldif.c:151
+#: plugins/sudoers/cvtsudoers_ldif.c:194 plugins/sudoers/cvtsudoers_ldif.c:241
+#: plugins/sudoers/cvtsudoers_ldif.c:260 plugins/sudoers/cvtsudoers_ldif.c:331
+#: plugins/sudoers/cvtsudoers_ldif.c:386 plugins/sudoers/cvtsudoers_ldif.c:394
+#: plugins/sudoers/cvtsudoers_ldif.c:411 plugins/sudoers/cvtsudoers_ldif.c:420
+#: plugins/sudoers/cvtsudoers_ldif.c:567 plugins/sudoers/defaults.c:661
+#: plugins/sudoers/defaults.c:954 plugins/sudoers/defaults.c:1125
+#: plugins/sudoers/editor.c:70 plugins/sudoers/editor.c:88
+#: plugins/sudoers/editor.c:99 plugins/sudoers/env.c:247
+#: plugins/sudoers/filedigest.c:64 plugins/sudoers/filedigest.c:80
+#: plugins/sudoers/gc.c:57 plugins/sudoers/group_plugin.c:136
+#: plugins/sudoers/interfaces.c:76 plugins/sudoers/iolog.c:939
+#: plugins/sudoers/iolog_path.c:172 plugins/sudoers/iolog_util.c:83
+#: plugins/sudoers/iolog_util.c:122 plugins/sudoers/iolog_util.c:131
+#: plugins/sudoers/iolog_util.c:141 plugins/sudoers/iolog_util.c:149
+#: plugins/sudoers/iolog_util.c:153 plugins/sudoers/ldap.c:183
+#: plugins/sudoers/ldap.c:414 plugins/sudoers/ldap.c:418
+#: plugins/sudoers/ldap.c:430 plugins/sudoers/ldap.c:721
+#: plugins/sudoers/ldap.c:885 plugins/sudoers/ldap.c:1233
+#: plugins/sudoers/ldap.c:1660 plugins/sudoers/ldap.c:1697
+#: plugins/sudoers/ldap.c:1778 plugins/sudoers/ldap.c:1913
+#: plugins/sudoers/ldap.c:2014 plugins/sudoers/ldap.c:2030
+#: plugins/sudoers/ldap_conf.c:221 plugins/sudoers/ldap_conf.c:252
+#: plugins/sudoers/ldap_conf.c:304 plugins/sudoers/ldap_conf.c:340
+#: plugins/sudoers/ldap_conf.c:443 plugins/sudoers/ldap_conf.c:458
+#: plugins/sudoers/ldap_conf.c:555 plugins/sudoers/ldap_conf.c:588
+#: plugins/sudoers/ldap_conf.c:679 plugins/sudoers/ldap_conf.c:762
+#: plugins/sudoers/ldap_util.c:508 plugins/sudoers/ldap_util.c:564
+#: plugins/sudoers/linux_audit.c:81 plugins/sudoers/logging.c:195
+#: plugins/sudoers/logging.c:511 plugins/sudoers/logging.c:532
+#: plugins/sudoers/logging.c:572 plugins/sudoers/logging.c:1010
+#: plugins/sudoers/match.c:724 plugins/sudoers/match.c:771
+#: plugins/sudoers/match.c:813 plugins/sudoers/match.c:841
+#: plugins/sudoers/match.c:929 plugins/sudoers/match.c:1008
+#: plugins/sudoers/parse.c:194 plugins/sudoers/parse.c:206
+#: plugins/sudoers/parse.c:221 plugins/sudoers/parse.c:233
+#: plugins/sudoers/parse_ldif.c:140 plugins/sudoers/parse_ldif.c:167
+#: plugins/sudoers/parse_ldif.c:236 plugins/sudoers/parse_ldif.c:243
+#: plugins/sudoers/parse_ldif.c:248 plugins/sudoers/parse_ldif.c:324
+#: plugins/sudoers/parse_ldif.c:335 plugins/sudoers/parse_ldif.c:341
+#: plugins/sudoers/parse_ldif.c:366 plugins/sudoers/parse_ldif.c:378
+#: plugins/sudoers/parse_ldif.c:382 plugins/sudoers/parse_ldif.c:396
+#: plugins/sudoers/parse_ldif.c:564 plugins/sudoers/parse_ldif.c:593
+#: plugins/sudoers/parse_ldif.c:618 plugins/sudoers/parse_ldif.c:678
+#: plugins/sudoers/parse_ldif.c:697 plugins/sudoers/parse_ldif.c:743
+#: plugins/sudoers/parse_ldif.c:753 plugins/sudoers/policy.c:132
+#: plugins/sudoers/policy.c:141 plugins/sudoers/policy.c:150
+#: plugins/sudoers/policy.c:176 plugins/sudoers/policy.c:303
+#: plugins/sudoers/policy.c:318 plugins/sudoers/policy.c:320
+#: plugins/sudoers/policy.c:346 plugins/sudoers/policy.c:356
+#: plugins/sudoers/policy.c:400 plugins/sudoers/policy.c:410
+#: plugins/sudoers/policy.c:419 plugins/sudoers/policy.c:428
+#: plugins/sudoers/policy.c:502 plugins/sudoers/policy.c:744
+#: plugins/sudoers/prompt.c:98 plugins/sudoers/pwutil.c:197
+#: plugins/sudoers/pwutil.c:269 plugins/sudoers/pwutil.c:346
+#: plugins/sudoers/pwutil.c:520 plugins/sudoers/pwutil.c:586
+#: plugins/sudoers/pwutil.c:656 plugins/sudoers/pwutil.c:814
+#: plugins/sudoers/pwutil.c:871 plugins/sudoers/pwutil.c:916
+#: plugins/sudoers/pwutil.c:974 plugins/sudoers/set_perms.c:392
+#: plugins/sudoers/set_perms.c:771 plugins/sudoers/set_perms.c:1155
+#: plugins/sudoers/set_perms.c:1481 plugins/sudoers/set_perms.c:1646
+#: plugins/sudoers/sssd.c:151 plugins/sudoers/sssd.c:398
+#: plugins/sudoers/sssd.c:461 plugins/sudoers/sssd.c:505
+#: plugins/sudoers/sssd.c:552 plugins/sudoers/sssd.c:743
+#: plugins/sudoers/stubs.c:101 plugins/sudoers/stubs.c:109
+#: plugins/sudoers/sudoers.c:269 plugins/sudoers/sudoers.c:279
+#: plugins/sudoers/sudoers.c:288 plugins/sudoers/sudoers.c:330
+#: plugins/sudoers/sudoers.c:653 plugins/sudoers/sudoers.c:779
+#: plugins/sudoers/sudoers.c:823 plugins/sudoers/sudoers.c:1097
+#: plugins/sudoers/sudoers_debug.c:111 plugins/sudoers/sudoreplay.c:579
+#: plugins/sudoers/sudoreplay.c:582 plugins/sudoers/sudoreplay.c:1259
+#: plugins/sudoers/sudoreplay.c:1459 plugins/sudoers/sudoreplay.c:1463
+#: plugins/sudoers/testsudoers.c:134 plugins/sudoers/testsudoers.c:234
+#: plugins/sudoers/testsudoers.c:251 plugins/sudoers/testsudoers.c:585
+#: plugins/sudoers/timestamp.c:437 plugins/sudoers/timestamp.c:481
+#: plugins/sudoers/timestamp.c:958 plugins/sudoers/toke_util.c:57
+#: plugins/sudoers/toke_util.c:110 plugins/sudoers/toke_util.c:147
+#: plugins/sudoers/tsdump.c:128 plugins/sudoers/visudo.c:150
+#: plugins/sudoers/visudo.c:312 plugins/sudoers/visudo.c:318
+#: plugins/sudoers/visudo.c:428 plugins/sudoers/visudo.c:606
+#: plugins/sudoers/visudo.c:926 plugins/sudoers/visudo.c:1013
+#: plugins/sudoers/visudo.c:1102 toke.l:844 toke.l:945 toke.l:1102
+#, c-format
+msgid "%s: %s"
+msgstr "%s: %s"
+
+#: plugins/sudoers/alias.c:148
+#, c-format
+msgid "Alias \"%s\" already defined"
+msgstr "Alias \"%s\" já definido"
+
+#: plugins/sudoers/auth/bsdauth.c:73
+#, c-format
+msgid "unable to get login class for user %s"
+msgstr "não foi possível obter classe de login para o usuário %s"
+
+#: plugins/sudoers/auth/bsdauth.c:78
+msgid "unable to begin bsd authentication"
+msgstr "não foi possível iniciar autenticação BSD"
+
+#: plugins/sudoers/auth/bsdauth.c:86
+msgid "invalid authentication type"
+msgstr "tipo de autenticação inválida"
+
+#: plugins/sudoers/auth/bsdauth.c:95
+msgid "unable to initialize BSD authentication"
+msgstr "não foi possível inicializar autenticação BSD"
+
+#: plugins/sudoers/auth/bsdauth.c:183
+msgid "your account has expired"
+msgstr "sua conta expirou"
+
+#: plugins/sudoers/auth/bsdauth.c:185
+msgid "approval failed"
+msgstr "aprovação falhou"
+
+#: plugins/sudoers/auth/fwtk.c:57
+msgid "unable to read fwtk config"
+msgstr "não foi possível ler configuração de fwtk"
+
+#: plugins/sudoers/auth/fwtk.c:62
+msgid "unable to connect to authentication server"
+msgstr "não foi possível conectar ao servidor de autenticação"
+
+#: plugins/sudoers/auth/fwtk.c:68 plugins/sudoers/auth/fwtk.c:92
+#: plugins/sudoers/auth/fwtk.c:124
+msgid "lost connection to authentication server"
+msgstr "conexão perdida com o servidor de autenticação"
+
+#: plugins/sudoers/auth/fwtk.c:72
+#, c-format
+msgid ""
+"authentication server error:\n"
+"%s"
+msgstr ""
+"erro no servidor de autenticação:\n"
+"%s"
+
+#: plugins/sudoers/auth/kerb5.c:113
+#, c-format
+msgid "%s: unable to convert principal to string ('%s'): %s"
+msgstr "%s: não foi possível converter principal para string (\"%s\"): %s"
+
+#: plugins/sudoers/auth/kerb5.c:163
+#, c-format
+msgid "%s: unable to parse '%s': %s"
+msgstr "%s: não foi possível analisar \"%s\": %s"
+
+#: plugins/sudoers/auth/kerb5.c:172
+#, c-format
+msgid "%s: unable to resolve credential cache: %s"
+msgstr "%s: não foi possível resolver cache de credenciais: %s"
+
+#: plugins/sudoers/auth/kerb5.c:219
+#, c-format
+msgid "%s: unable to allocate options: %s"
+msgstr "%s: não foi possível alocar opções: %s"
+
+#: plugins/sudoers/auth/kerb5.c:234
+#, c-format
+msgid "%s: unable to get credentials: %s"
+msgstr "%s: não foi possível obter credenciais: %s"
+
+#: plugins/sudoers/auth/kerb5.c:247
+#, c-format
+msgid "%s: unable to initialize credential cache: %s"
+msgstr "%s: não foi possível inicializar cache de credenciais: %s"
+
+#: plugins/sudoers/auth/kerb5.c:250
+#, c-format
+msgid "%s: unable to store credential in cache: %s"
+msgstr "%s: não foi possível armazenar credenciais no cache: %s"
+
+#: plugins/sudoers/auth/kerb5.c:314
+#, c-format
+msgid "%s: unable to get host principal: %s"
+msgstr "%s: não foi possível obter principal da máquina: %s"
+
+#: plugins/sudoers/auth/kerb5.c:328
+#, c-format
+msgid "%s: Cannot verify TGT! Possible attack!: %s"
+msgstr "%s: Não foi possível verificar TGT! Possivelmente um ataque!: %s"
+
+#: plugins/sudoers/auth/pam.c:113
+msgid "unable to initialize PAM"
+msgstr "não foi possível inicializar PAM"
+
+#: plugins/sudoers/auth/pam.c:204
+#, c-format
+msgid "PAM authentication error: %s"
+msgstr "Erro de autenticação PAM: %s"
+
+#: plugins/sudoers/auth/pam.c:221
+msgid "account validation failure, is your account locked?"
+msgstr "falha de verificação da conta; sua conta está travada?"
+
+#: plugins/sudoers/auth/pam.c:229
+msgid "Account or password is expired, reset your password and try again"
+msgstr "Conta ou senha expirou; redefina sua senha e tente novamente"
+
+#: plugins/sudoers/auth/pam.c:238
+#, c-format
+msgid "unable to change expired password: %s"
+msgstr "não foi possível alterar a senha expirada: %s"
+
+#: plugins/sudoers/auth/pam.c:246
+msgid "Password expired, contact your system administrator"
+msgstr "Senha expirou; entre em contato com o administrador do seu sistema"
+
+#: plugins/sudoers/auth/pam.c:250
+msgid "Account expired or PAM config lacks an \"account\" section for sudo, contact your system administrator"
+msgstr "Conta expirou ou a configuração do PAM não possui uma seção \"account\" para sudo; contate o administrador do seu sistema"
+
+#: plugins/sudoers/auth/pam.c:257 plugins/sudoers/auth/pam.c:262
+#, c-format
+msgid "PAM account management error: %s"
+msgstr "erro de gerenciamento de conta PAM: %s"
+
+#: plugins/sudoers/auth/rfc1938.c:102 plugins/sudoers/visudo.c:232
+#, c-format
+msgid "you do not exist in the %s database"
+msgstr "você não existe no banco de dados de %s"
+
+#: plugins/sudoers/auth/securid5.c:75
+msgid "failed to initialise the ACE API library"
+msgstr "falha ao inicializar a biblioteca API ACE"
+
+#: plugins/sudoers/auth/securid5.c:101
+msgid "unable to contact the SecurID server"
+msgstr "não foi possível contatar o servidor de SecurID"
+
+#: plugins/sudoers/auth/securid5.c:110
+msgid "User ID locked for SecurID Authentication"
+msgstr "ID de usuário travado pela autenticação SecurID"
+
+#: plugins/sudoers/auth/securid5.c:114 plugins/sudoers/auth/securid5.c:165
+msgid "invalid username length for SecurID"
+msgstr "comprimento de nome de usuário inválido para SecurID"
+
+#: plugins/sudoers/auth/securid5.c:118 plugins/sudoers/auth/securid5.c:170
+msgid "invalid Authentication Handle for SecurID"
+msgstr "manipulação inválida de autenticação para SecurID"
+
+#: plugins/sudoers/auth/securid5.c:122
+msgid "SecurID communication failed"
+msgstr "falha de comunicação de SecurID"
+
+#: plugins/sudoers/auth/securid5.c:126 plugins/sudoers/auth/securid5.c:215
+msgid "unknown SecurID error"
+msgstr "erro de SecurID desconhecido"
+
+#: plugins/sudoers/auth/securid5.c:160
+msgid "invalid passcode length for SecurID"
+msgstr "comprimento de senha inválida para SecurID"
+
+#: plugins/sudoers/auth/sia.c:72 plugins/sudoers/auth/sia.c:127
+msgid "unable to initialize SIA session"
+msgstr "não foi possível inicializar a sessão SIA"
+
+#: plugins/sudoers/auth/sudo_auth.c:136
+msgid "invalid authentication methods"
+msgstr "métodos de autenticação inválidos"
+
+#: plugins/sudoers/auth/sudo_auth.c:138
+msgid "Invalid authentication methods compiled into sudo!  You may not mix standalone and non-standalone authentication."
+msgstr "Métodos de autenticação inválidos compilado no sudo! Você não pode misturar autenticação autônoma com não-autônoma."
+
+#: plugins/sudoers/auth/sudo_auth.c:259 plugins/sudoers/auth/sudo_auth.c:309
+msgid "no authentication methods"
+msgstr "nenhum método de autenticação"
+
+#: plugins/sudoers/auth/sudo_auth.c:261
+msgid "There are no authentication methods compiled into sudo!  If you want to turn off authentication, use the --disable-authentication configure option."
+msgstr "Não há métodos de autenticação compilados no sudo! Se você quiser desligar a autenticação, use a opção de configuração --disable-authentication."
+
+#: plugins/sudoers/auth/sudo_auth.c:311
+msgid "Unable to initialize authentication methods."
+msgstr "Não foi possível inicializar métodos de autenticação."
+
+#: plugins/sudoers/auth/sudo_auth.c:477
+msgid "Authentication methods:"
+msgstr "Métodos de autenticação:"
+
+#: plugins/sudoers/bsm_audit.c:123 plugins/sudoers/bsm_audit.c:215
+msgid "Could not determine audit condition"
+msgstr "Não foi possível determinar a condição de auditoria"
+
+#: plugins/sudoers/bsm_audit.c:188 plugins/sudoers/bsm_audit.c:279
+msgid "unable to commit audit record"
+msgstr "não foi possível enviar o registro de auditoria"
+
+#: plugins/sudoers/check.c:267
+msgid ""
+"\n"
+"We trust you have received the usual lecture from the local System\n"
+"Administrator. It usually boils down to these three things:\n"
+"\n"
+"    #1) Respect the privacy of others.\n"
+"    #2) Think before you type.\n"
+"    #3) With great power comes great responsibility.\n"
+"\n"
+msgstr ""
+"\n"
+"Presumimos que você recebeu as instruções de sempre do administrador\n"
+"de sistema local. Basicamente, resume-se a estas três coisas:\n"
+"\n"
+"    #1) Respeite a privacidade dos outros.\n"
+"    #2) Pense antes de digitar.\n"
+"    #3) Com grandes poderes vêm grandes responsabilidades.\n"
+"\n"
+
+#: plugins/sudoers/check.c:310 plugins/sudoers/check.c:320
+#: plugins/sudoers/sudoers.c:696 plugins/sudoers/sudoers.c:741
+#: plugins/sudoers/tsdump.c:124
+#, c-format
+msgid "unknown uid: %u"
+msgstr "uid desconhecido: %u"
+
+#: plugins/sudoers/check.c:315 plugins/sudoers/iolog.c:253
+#: plugins/sudoers/policy.c:915 plugins/sudoers/sudoers.c:1136
+#: plugins/sudoers/testsudoers.c:225 plugins/sudoers/testsudoers.c:398
+#, c-format
+msgid "unknown user: %s"
+msgstr "usuário desconhecido: %s"
+
+#: plugins/sudoers/cvtsudoers.c:198
+#, c-format
+msgid "order increment: %s: %s"
+msgstr "incremento de ordem: %s: %s"
+
+#: plugins/sudoers/cvtsudoers.c:214
+#, c-format
+msgid "starting order: %s: %s"
+msgstr "ordem inicial: %s: %s"
+
+#: plugins/sudoers/cvtsudoers.c:224
+#, c-format
+msgid "order padding: %s: %s"
+msgstr "preenchimento de ordem: %s: %s"
+
+#: plugins/sudoers/cvtsudoers.c:232 plugins/sudoers/sudoreplay.c:287
+#: plugins/sudoers/visudo.c:182
+#, c-format
+msgid "%s version %s\n"
+msgstr "%s versão %s\n"
+
+#: plugins/sudoers/cvtsudoers.c:234 plugins/sudoers/visudo.c:184
+#, c-format
+msgid "%s grammar version %d\n"
+msgstr "gramática de %s versão %d\n"
+
+#: plugins/sudoers/cvtsudoers.c:251 plugins/sudoers/testsudoers.c:173
+#, c-format
+msgid "unsupported input format %s"
+msgstr "formato de entrada sem suporte %s"
+
+#: plugins/sudoers/cvtsudoers.c:266
+#, c-format
+msgid "unsupported output format %s"
+msgstr "formato de saída sem suporte %s"
+
+#: plugins/sudoers/cvtsudoers.c:318
+#, c-format
+msgid "%s: input and output files must be different"
+msgstr "%s: arquivos de entrada e saída devem ser diferentes"
+
+#: plugins/sudoers/cvtsudoers.c:334 plugins/sudoers/sudoers.c:172
+#: plugins/sudoers/testsudoers.c:264 plugins/sudoers/visudo.c:238
+#: plugins/sudoers/visudo.c:594 plugins/sudoers/visudo.c:917
+msgid "unable to initialize sudoers default values"
+msgstr "não foi possível inicializar valores padrões do sudoers"
+
+#: plugins/sudoers/cvtsudoers.c:420 plugins/sudoers/ldap_conf.c:433
+#, c-format
+msgid "%s: %s: %s: %s"
+msgstr "%s: %s: %s: %s"
+
+#: plugins/sudoers/cvtsudoers.c:479
+#, c-format
+msgid "%s: unknown key word: %s"
+msgstr "%s: palavra-chave desconhecida: %s"
+
+#: plugins/sudoers/cvtsudoers.c:525
+#, c-format
+msgid "invalid defaults type: %s"
+msgstr "tipo de defaults inválido: %s"
+
+#: plugins/sudoers/cvtsudoers.c:548
+#, c-format
+msgid "invalid suppression type: %s"
+msgstr "tipo de supressão inválida: %s"
+
+#: plugins/sudoers/cvtsudoers.c:588 plugins/sudoers/cvtsudoers.c:602
+#, c-format
+msgid "invalid filter: %s"
+msgstr "filtro inválido: %s"
+
+#: plugins/sudoers/cvtsudoers.c:621 plugins/sudoers/cvtsudoers.c:638
+#: plugins/sudoers/cvtsudoers.c:1244 plugins/sudoers/cvtsudoers_json.c:1128
+#: plugins/sudoers/cvtsudoers_ldif.c:641 plugins/sudoers/iolog.c:411
+#: plugins/sudoers/iolog_util.c:72 plugins/sudoers/sudoers.c:903
+#: plugins/sudoers/sudoreplay.c:333 plugins/sudoers/sudoreplay.c:1425
+#: plugins/sudoers/timestamp.c:446 plugins/sudoers/tsdump.c:133
+#: plugins/sudoers/visudo.c:913
+#, c-format
+msgid "unable to open %s"
+msgstr "não foi possível abrir %s"
+
+#: plugins/sudoers/cvtsudoers.c:641 plugins/sudoers/visudo.c:922
+#, c-format
+msgid "failed to parse %s file, unknown error"
+msgstr "falha em analisar o arquivo %s, erro desconhecido"
+
+#: plugins/sudoers/cvtsudoers.c:649 plugins/sudoers/visudo.c:939
+#, c-format
+msgid "parse error in %s near line %d\n"
+msgstr "erro de análise em %s perto da linha %d\n"
+
+#: plugins/sudoers/cvtsudoers.c:652 plugins/sudoers/visudo.c:942
+#, c-format
+msgid "parse error in %s\n"
+msgstr "erro de análise em \"%s\"\n"
+
+#: plugins/sudoers/cvtsudoers.c:1291 plugins/sudoers/iolog.c:498
+#: plugins/sudoers/sudoreplay.c:1129 plugins/sudoers/timestamp.c:330
+#: plugins/sudoers/timestamp.c:333
+#, c-format
+msgid "unable to write to %s"
+msgstr "não foi possível gravar em %s"
+
+#: plugins/sudoers/cvtsudoers.c:1314
+#, c-format
+msgid ""
+"%s - convert between sudoers file formats\n"
+"\n"
+msgstr ""
+"%s - converte entre formatos de arquivo sudoers\n"
+"\n"
+
+#: plugins/sudoers/cvtsudoers.c:1316
+msgid ""
+"\n"
+"Options:\n"
+"  -b, --base=dn              the base DN for sudo LDAP queries\n"
+"  -d, --defaults=deftypes    only convert Defaults of the specified types\n"
+"  -e, --expand-aliases       expand aliases when converting\n"
+"  -f, --output-format=format set output format: JSON, LDIF or sudoers\n"
+"  -i, --input-format=format  set input format: LDIF or sudoers\n"
+"  -I, --increment=num        amount to increase each sudoOrder by\n"
+"  -h, --help                 display help message and exit\n"
+"  -m, --match=filter         only convert entries that match the filter\n"
+"  -M, --match-local          match filter uses passwd and group databases\n"
+"  -o, --output=output_file   write converted sudoers to output_file\n"
+"  -O, --order-start=num      starting point for first sudoOrder\n"
+"  -p, --prune-matches        prune non-matching users, groups and hosts\n"
+"  -P, --padding=num          base padding for sudoOrder increment\n"
+"  -s, --suppress=sections    suppress output of certain sections\n"
+"  -V, --version              display version information and exit"
+msgstr ""
+"\n"
+"Opções:\n"
+"  -b, --base=dn              o DN base para consultas LDAP do sudo\n"
+"  -d, --defaults=tiposdeft   só converte Defaults dos tipos especificados\n"
+"  -e, --expand-aliases       expande aliases ao converter\n"
+"  -f, --output-format=formato  define formato de saída: JSON, LDIF ou sudoers\n"
+"  -i, --input-format=formato   define formato de entrada: LDIF ou sudoers\n"
+"  -I, --increment=núm        quantidade para incrementar cada sudoOrder por\n"
+"  -h, --help                 exibe a mensagem de ajuda e sai\n"
+"  -m, --match=filtro         só converte entradas que corresponde ao filtro\n"
+"  -M, --match-local          filtro de correspondência usa bancos de dados\n"
+"                             passwd e group\n"
+"  -o, --output=arquivo_saída  escreve sudoers convertido para arquivo_saída\n"
+"  -O, --order-start=núm      ponto inicial para o primeiro sudoOrder\n"
+"  -p, --prune-matches        suprime usuários/grupos/hosts não correspondentes\n"
+"  -P, --padding=núm          preenchimento base para incremento de sudoOrder\n"
+"  -s, --suppress=seções      suprime a saída de certas seções\n"
+"  -V, --version              exibe informações de versão e sai"
+
+#: plugins/sudoers/cvtsudoers_json.c:682 plugins/sudoers/cvtsudoers_json.c:718
+#: plugins/sudoers/cvtsudoers_json.c:936
+#, c-format
+msgid "unknown defaults entry \"%s\""
+msgstr "entrada padrão \"%s\" desconhecido"
+
+#: plugins/sudoers/cvtsudoers_json.c:856 plugins/sudoers/cvtsudoers_json.c:871
+#: plugins/sudoers/cvtsudoers_ldif.c:306 plugins/sudoers/cvtsudoers_ldif.c:317
+#: plugins/sudoers/ldap.c:480
+msgid "unable to get GMT time"
+msgstr "não foi possível obter o horário GMT"
+
+#: plugins/sudoers/cvtsudoers_json.c:859 plugins/sudoers/cvtsudoers_json.c:874
+#: plugins/sudoers/cvtsudoers_ldif.c:309 plugins/sudoers/cvtsudoers_ldif.c:320
+#: plugins/sudoers/ldap.c:486
+msgid "unable to format timestamp"
+msgstr "não é possível formatar marca de tempo"
+
+#: plugins/sudoers/cvtsudoers_ldif.c:524 plugins/sudoers/env.c:309
+#: plugins/sudoers/env.c:316 plugins/sudoers/env.c:421
+#: plugins/sudoers/ldap.c:494 plugins/sudoers/ldap.c:725
+#: plugins/sudoers/ldap.c:1052 plugins/sudoers/ldap_conf.c:225
+#: plugins/sudoers/ldap_conf.c:315 plugins/sudoers/linux_audit.c:87
+#: plugins/sudoers/logging.c:1015 plugins/sudoers/policy.c:623
+#: plugins/sudoers/policy.c:633 plugins/sudoers/prompt.c:166
+#: plugins/sudoers/sudoers.c:845 plugins/sudoers/testsudoers.c:255
+#: plugins/sudoers/toke_util.c:159
+#, c-format
+msgid "internal error, %s overflow"
+msgstr "erro interno, estouro de pilha de %s"
+
+#: plugins/sudoers/cvtsudoers_ldif.c:593
+#, c-format
+msgid "too many sudoers entries, maximum %u"
+msgstr "entradas de sudoers demais, máximo %u"
+
+#: plugins/sudoers/cvtsudoers_ldif.c:636
+msgid "the SUDOERS_BASE environment variable is not set and the -b option was not specified."
+msgstr "a variável de ambiente SUDOERS_BASE não está definida e a opção -b não foi especificada."
+
+#: plugins/sudoers/def_data.c:42
+#, c-format
+msgid "Syslog facility if syslog is being used for logging: %s"
+msgstr "Facilidade do syslog, se syslog estiver sendo usado para registrar logs: %s"
+
+#: plugins/sudoers/def_data.c:46
+#, c-format
+msgid "Syslog priority to use when user authenticates successfully: %s"
+msgstr "Prioridade do syslog para usar quando um usuário autenticar com sucesso: %s"
+
+#: plugins/sudoers/def_data.c:50
+#, c-format
+msgid "Syslog priority to use when user authenticates unsuccessfully: %s"
+msgstr "Prioridade do syslog para usar quando um usuário não usuário autenticar com sucesso: %s"
+
+#: plugins/sudoers/def_data.c:54
+msgid "Put OTP prompt on its own line"
+msgstr "Colocar prompt OTP na sua própria linha"
+
+#: plugins/sudoers/def_data.c:58
+msgid "Ignore '.' in $PATH"
+msgstr "Ignorar \".\" no $PATH"
+
+#: plugins/sudoers/def_data.c:62
+msgid "Always send mail when sudo is run"
+msgstr "Sempre envia correio quando sudo for executado"
+
+#: plugins/sudoers/def_data.c:66
+msgid "Send mail if user authentication fails"
+msgstr "Envia correio se a autenticação de um usuário falhar"
+
+#: plugins/sudoers/def_data.c:70
+msgid "Send mail if the user is not in sudoers"
+msgstr "Envia correio se o usuário não estiver no sudoers"
+
+#: plugins/sudoers/def_data.c:74
+msgid "Send mail if the user is not in sudoers for this host"
+msgstr "Envia correio se o usuário não estiver no sudoers desta máquina"
+
+#: plugins/sudoers/def_data.c:78
+msgid "Send mail if the user is not allowed to run a command"
+msgstr "Envia correio se o usuário não tiver permissão para executar um comando"
+
+#: plugins/sudoers/def_data.c:82
+msgid "Send mail if the user tries to run a command"
+msgstr "Envia correio se o usuário tentar executar um comando"
+
+#: plugins/sudoers/def_data.c:86
+msgid "Use a separate timestamp for each user/tty combo"
+msgstr "Usa uma marca de tempo separada para cada combo usuário/tty"
+
+#: plugins/sudoers/def_data.c:90
+msgid "Lecture user the first time they run sudo"
+msgstr "Instrui o usuário na primeira vez que ele executar sudo"
+
+#: plugins/sudoers/def_data.c:94
+#, c-format
+msgid "File containing the sudo lecture: %s"
+msgstr "Arquivo contendo as instruções do sudo: %s"
+
+#: plugins/sudoers/def_data.c:98
+msgid "Require users to authenticate by default"
+msgstr "Exige que os usuários se autentiquem, por padrão"
+
+#: plugins/sudoers/def_data.c:102
+msgid "Root may run sudo"
+msgstr "Root pode executar sudo"
+
+#: plugins/sudoers/def_data.c:106
+msgid "Log the hostname in the (non-syslog) log file"
+msgstr "Registra o nome da máquina no arquivo de log (não-syslog)"
+
+#: plugins/sudoers/def_data.c:110
+msgid "Log the year in the (non-syslog) log file"
+msgstr "Registra o ano no arquivo de log (não-syslog)"
+
+#: plugins/sudoers/def_data.c:114
+msgid "If sudo is invoked with no arguments, start a shell"
+msgstr "Se sudo for chamado sem argumentos, inicia um shell"
+
+#: plugins/sudoers/def_data.c:118
+msgid "Set $HOME to the target user when starting a shell with -s"
+msgstr "Define $HOME com o usuário alvo ao iniciar um shell com -s"
+
+#: plugins/sudoers/def_data.c:122
+msgid "Always set $HOME to the target user's home directory"
+msgstr "Sempre define $HOME para a pasta pessoal do usuário alvo"
+
+#: plugins/sudoers/def_data.c:126
+msgid "Allow some information gathering to give useful error messages"
+msgstr "Permite juntar algumas informações para fornecer mensagens de erro úteis"
+
+#: plugins/sudoers/def_data.c:130
+msgid "Require fully-qualified hostnames in the sudoers file"
+msgstr "Exige nomes de máquina completos (FQDN) no arquivo sudoers"
+
+#: plugins/sudoers/def_data.c:134
+msgid "Insult the user when they enter an incorrect password"
+msgstr "Insulta o usuário quando ele digitar uma senha incorreta"
+
+#: plugins/sudoers/def_data.c:138
+msgid "Only allow the user to run sudo if they have a tty"
+msgstr "Permite que o usuário execute sudo apenas se ele tiver um tty"
+
+#: plugins/sudoers/def_data.c:142
+msgid "Visudo will honor the EDITOR environment variable"
+msgstr "Visudo vai honrar a variável de ambiente EDITOR"
+
+#: plugins/sudoers/def_data.c:146
+msgid "Prompt for root's password, not the users's"
+msgstr "Pede a senha do root, e não a do usuário"
+
+#: plugins/sudoers/def_data.c:150
+msgid "Prompt for the runas_default user's password, not the users's"
+msgstr "Pede a senha do usuário runas_default, e não a do usuário"
+
+#: plugins/sudoers/def_data.c:154
+msgid "Prompt for the target user's password, not the users's"
+msgstr "Pede a senha do usuário alvo, e não a do usuário"
+
+#: plugins/sudoers/def_data.c:158
+msgid "Apply defaults in the target user's login class if there is one"
+msgstr "Aplica o padrão na classe de login do usuário alvo, se houver alguma"
+
+#: plugins/sudoers/def_data.c:162
+msgid "Set the LOGNAME and USER environment variables"
+msgstr "Define as variáveis de ambiente LOGNAME e USER"
+
+#: plugins/sudoers/def_data.c:166
+msgid "Only set the effective uid to the target user, not the real uid"
+msgstr "Define o uid efetivo apenas para o usuário alvo, e não o uid real"
+
+#: plugins/sudoers/def_data.c:170
+msgid "Don't initialize the group vector to that of the target user"
+msgstr "Não inicializa o vetor de grupos para aquele usuário alvo"
+
+#: plugins/sudoers/def_data.c:174
+#, c-format
+msgid "Length at which to wrap log file lines (0 for no wrap): %u"
+msgstr "Comprimento da quebra de linha do arquivo de log (0 para sem quebra): %u"
+
+# "Limite de tempo da marca de tempo de autenticação" ficaria estranho, então utilizei "... expira em"
+#: plugins/sudoers/def_data.c:178
+#, c-format
+msgid "Authentication timestamp timeout: %.1f minutes"
+msgstr "Marca de tempo de autenticação expira em: %.1f minutos"
+
+#: plugins/sudoers/def_data.c:182
+#, c-format
+msgid "Password prompt timeout: %.1f minutes"
+msgstr "Pedido de senha expira em: %.1f minutos"
+
+#: plugins/sudoers/def_data.c:186
+#, c-format
+msgid "Number of tries to enter a password: %u"
+msgstr "Número de tentativas para digitar senha: %u"
+
+#: plugins/sudoers/def_data.c:190
+#, c-format
+msgid "Umask to use or 0777 to use user's: 0%o"
+msgstr "Umask a ser usada ou 0777 para usar do usuário: 0%o"
+
+#: plugins/sudoers/def_data.c:194
+#, c-format
+msgid "Path to log file: %s"
+msgstr "Caminho para o arquivo de log: %s"
+
+#: plugins/sudoers/def_data.c:198
+#, c-format
+msgid "Path to mail program: %s"
+msgstr "Caminho para o programa de correio: %s"
+
+#: plugins/sudoers/def_data.c:202
+#, c-format
+msgid "Flags for mail program: %s"
+msgstr "Opções para o programa de correio: %s"
+
+#: plugins/sudoers/def_data.c:206
+#, c-format
+msgid "Address to send mail to: %s"
+msgstr "Endereço para onde enviar correio: %s"
+
+#: plugins/sudoers/def_data.c:210
+#, c-format
+msgid "Address to send mail from: %s"
+msgstr "Endereço de onde enviar correio: %s"
+
+#: plugins/sudoers/def_data.c:214
+#, c-format
+msgid "Subject line for mail messages: %s"
+msgstr "Linha do assunto para as mensagens de correio: %s"
+
+#: plugins/sudoers/def_data.c:218
+#, c-format
+msgid "Incorrect password message: %s"
+msgstr "Mensagem de senha incorreta: %s"
+
+#: plugins/sudoers/def_data.c:222
+#, c-format
+msgid "Path to lecture status dir: %s"
+msgstr "Caminho para o diretório de status de instruções: %s"
+
+#: plugins/sudoers/def_data.c:226
+#, c-format
+msgid "Path to authentication timestamp dir: %s"
+msgstr "Caminho para diretório de marca de tempo de autenticação: %s"
+
+#: plugins/sudoers/def_data.c:230
+#, c-format
+msgid "Owner of the authentication timestamp dir: %s"
+msgstr "Dono do diretório de marca de tempo de autenticação: %s"
+
+#: plugins/sudoers/def_data.c:234
+#, c-format
+msgid "Users in this group are exempt from password and PATH requirements: %s"
+msgstr "Usuários neste grupo estão eximidos da exigência de senha e PATH: %s"
+
+#: plugins/sudoers/def_data.c:238
+#, c-format
+msgid "Default password prompt: %s"
+msgstr "Pedido de senha padrão: %s"
+
+#: plugins/sudoers/def_data.c:242
+msgid "If set, passprompt will override system prompt in all cases."
+msgstr "Se definido, o pedido de senha vai sobrescrever o do sistema em todos os casos."
+
+#: plugins/sudoers/def_data.c:246
+#, c-format
+msgid "Default user to run commands as: %s"
+msgstr "Usuário padrão para se executar comandos: %s"
+
+#: plugins/sudoers/def_data.c:250
+#, c-format
+msgid "Value to override user's $PATH with: %s"
+msgstr "Valor para sobrescrever o $PATH do usuário: %s"
+
+#: plugins/sudoers/def_data.c:254
+#, c-format
+msgid "Path to the editor for use by visudo: %s"
+msgstr "Caminho do editor a ser usado pelo visudo: %s"
+
+#: plugins/sudoers/def_data.c:258
+#, c-format
+msgid "When to require a password for 'list' pseudocommand: %s"
+msgstr "Quando exigir uma senha para o pseudo-comando \"list\": %s"
+
+#: plugins/sudoers/def_data.c:262
+#, c-format
+msgid "When to require a password for 'verify' pseudocommand: %s"
+msgstr "Quando exigir uma senha para o pseudo-comando \"verify\": %s"
+
+#: plugins/sudoers/def_data.c:266
+msgid "Preload the dummy exec functions contained in the sudo_noexec library"
+msgstr "Pré-carrega as funções de exec de teste contidas na biblioteca sudo_noexec"
+
+# ideia da frase original: se acontecer algo, se deve ou não ignorar. Traduzi reorganizando a frase com a finalidade de manter a ideia original. -- Rafael
+#: plugins/sudoers/def_data.c:270
+msgid "If LDAP directory is up, do we ignore local sudoers file"
+msgstr "Estando o diretório LDAP disponível, se devemos ignorar o arquivo sudoers local"
+
+#: plugins/sudoers/def_data.c:274
+#, c-format
+msgid "File descriptors >= %d will be closed before executing a command"
+msgstr "Descritores, de arquivos, >= %d serão fechados antes de executar um comando"
+
+#: plugins/sudoers/def_data.c:278
+msgid "If set, users may override the value of `closefrom' with the -C option"
+msgstr "Se definido, usuários podem sobrescrever o valor de \"closefrom\" com a opção -C"
+
+#: plugins/sudoers/def_data.c:282
+msgid "Allow users to set arbitrary environment variables"
+msgstr "Permite que usuários definam variáveis de ambiente arbitrárias"
+
+#: plugins/sudoers/def_data.c:286
+msgid "Reset the environment to a default set of variables"
+msgstr "Redefine o ambiente para um conjunto padrão de variáveis"
+
+#: plugins/sudoers/def_data.c:290
+msgid "Environment variables to check for sanity:"
+msgstr "Variáveis de ambiente nas quais deve-se verificar sanidade:"
+
+#: plugins/sudoers/def_data.c:294
+msgid "Environment variables to remove:"
+msgstr "Variáveis de ambiente para remover:"
+
+#: plugins/sudoers/def_data.c:298
+msgid "Environment variables to preserve:"
+msgstr "Variáveis de ambiente para preservar:"
+
+#: plugins/sudoers/def_data.c:302
+#, c-format
+msgid "SELinux role to use in the new security context: %s"
+msgstr "Papel SELinux para usar no novo contexto de segurança: %s"
+
+#: plugins/sudoers/def_data.c:306
+#, c-format
+msgid "SELinux type to use in the new security context: %s"
+msgstr "Tipo SELinux para usar no novo contexto de segurança: %s"
+
+#: plugins/sudoers/def_data.c:310
+#, c-format
+msgid "Path to the sudo-specific environment file: %s"
+msgstr "Caminho do arquivo de ambiente específico do sudo: %s"
+
+#: plugins/sudoers/def_data.c:314
+#, c-format
+msgid "Path to the restricted sudo-specific environment file: %s"
+msgstr "Caminho do arquivo restrito de ambiente específico do sudo: %s"
+
+#: plugins/sudoers/def_data.c:318
+#, c-format
+msgid "Locale to use while parsing sudoers: %s"
+msgstr "Localização para usar ao analisar o sudoers: %s"
+
+#: plugins/sudoers/def_data.c:322
+msgid "Allow sudo to prompt for a password even if it would be visible"
+msgstr "Permite ao sudo solicitar uma senha mesmo se ele estiver visível"
+
+#: plugins/sudoers/def_data.c:326
+msgid "Provide visual feedback at the password prompt when there is user input"
+msgstr "Fornece feedback visual na solicitação de senha quando houver entrada do usuário"
+
+#: plugins/sudoers/def_data.c:330
+msgid "Use faster globbing that is less accurate but does not access the filesystem"
+msgstr "Usa um englobamento mais rápido que é menos preciso, mas não acessa o sistema de arquivos"
+
+#: plugins/sudoers/def_data.c:334
+msgid "The umask specified in sudoers will override the user's, even if it is more permissive"
+msgstr "O umask especificado no sudoers vai sobrescrever o do usuário, mesmo se ele foi mais permissivo"
+
+#: plugins/sudoers/def_data.c:338
+msgid "Log user's input for the command being run"
+msgstr "Registra no log a entrada do usuário para o comando sendo executado"
+
+#: plugins/sudoers/def_data.c:342
+msgid "Log the output of the command being run"
+msgstr "Registra no log a saída do comando sendo executado"
+
+#: plugins/sudoers/def_data.c:346
+msgid "Compress I/O logs using zlib"
+msgstr "Comprime logs I/O usando zlib"
+
+#: plugins/sudoers/def_data.c:350
+msgid "Always run commands in a pseudo-tty"
+msgstr "Sempre executa comandos em um pseudo-tty"
+
+#: plugins/sudoers/def_data.c:354
+#, c-format
+msgid "Plugin for non-Unix group support: %s"
+msgstr "Plug-in para suporte a grupo não-Unix: %s"
+
+#: plugins/sudoers/def_data.c:358
+#, c-format
+msgid "Directory in which to store input/output logs: %s"
+msgstr "Diretório no qual devem ser armazenados os logs de entrada/saída: %s"
+
+#: plugins/sudoers/def_data.c:362
+#, c-format
+msgid "File in which to store the input/output log: %s"
+msgstr "Arquivo no qual deve ser armazenado o log de entrada/saída: %s"
+
+#: plugins/sudoers/def_data.c:366
+msgid "Add an entry to the utmp/utmpx file when allocating a pty"
+msgstr "Adiciona uma entrada ao arquivo utmp/utmpx ao alocar um pty"
+
+#: plugins/sudoers/def_data.c:370
+msgid "Set the user in utmp to the runas user, not the invoking user"
+msgstr "Define o usuário em utmp como usuário a ser executado como, e não o usuário a ser chamado"
+
+#: plugins/sudoers/def_data.c:374
+#, c-format
+msgid "Set of permitted privileges: %s"
+msgstr "Conjunto de privilégios permitidos: %s"
+
+#: plugins/sudoers/def_data.c:378
+#, c-format
+msgid "Set of limit privileges: %s"
+msgstr "Conjunto de privilégios limitados: %s"
+
+#: plugins/sudoers/def_data.c:382
+msgid "Run commands on a pty in the background"
+msgstr "Executa comandos em um pty em plano de fundo"
+
+#: plugins/sudoers/def_data.c:386
+#, c-format
+msgid "PAM service name to use: %s"
+msgstr "Nome do serviço PAM para usar: %s"
+
+#: plugins/sudoers/def_data.c:390
+#, c-format
+msgid "PAM service name to use for login shells: %s"
+msgstr "Nome do serviço PAM para usar para shells de login: %s"
+
+#: plugins/sudoers/def_data.c:394
+msgid "Attempt to establish PAM credentials for the target user"
+msgstr "Tenta estabelecer as credenciais PAM para o usuário alvo"
+
+#: plugins/sudoers/def_data.c:398
+msgid "Create a new PAM session for the command to run in"
+msgstr "Cria uma nova sessão PAM para o comando ser executado nela"
+
+#: plugins/sudoers/def_data.c:402
+#, c-format
+msgid "Maximum I/O log sequence number: %u"
+msgstr "Número máximo de sequência de log de E/S: %u"
+
+#: plugins/sudoers/def_data.c:406
+msgid "Enable sudoers netgroup support"
+msgstr "Habilita suporte a netgroup no sudoers"
+
+#: plugins/sudoers/def_data.c:410
+msgid "Check parent directories for writability when editing files with sudoedit"
+msgstr "Verifica diretórios pai para capacidade de gravação ao editar arquivos com sudoedit"
+
+#: plugins/sudoers/def_data.c:414
+msgid "Follow symbolic links when editing files with sudoedit"
+msgstr "Segue links simbólicos ao editar arquivos com sudoedit"
+
+#: plugins/sudoers/def_data.c:418
+msgid "Query the group plugin for unknown system groups"
+msgstr "Consulta o plug-in de grupo por grupos de sistema desconhecidos"
+
+#: plugins/sudoers/def_data.c:422
+msgid "Match netgroups based on the entire tuple: user, host and domain"
+msgstr "Compara netgroups baseada em toda tupla: usuário, máquina e domínio"
+
+#: plugins/sudoers/def_data.c:426
+msgid "Allow commands to be run even if sudo cannot write to the audit log"
+msgstr "Permite comandos serem executados mesmo se sudo não puder escrever em logs de auditoria"
+
+#: plugins/sudoers/def_data.c:430
+msgid "Allow commands to be run even if sudo cannot write to the I/O log"
+msgstr "Permite comandos serem executados mesmo se sudo não puder escrever em logs de E/S"
+
+#: plugins/sudoers/def_data.c:434
+msgid "Allow commands to be run even if sudo cannot write to the log file"
+msgstr "Permite comandos serem executados mesmo se sudo não puder escrever no arquivo de log"
+
+#: plugins/sudoers/def_data.c:438
+msgid "Resolve groups in sudoers and match on the group ID, not the name"
+msgstr "Resolve grupos no sudoers e corresponde ao ID de grupo, e não o nome"
+
+#: plugins/sudoers/def_data.c:442
+#, c-format
+msgid "Log entries larger than this value will be split into multiple syslog messages: %u"
+msgstr "Entradas de log maiores que este valor serão divididos em múltiplas mensagens de syslog: %u"
+
+#: plugins/sudoers/def_data.c:446
+#, c-format
+msgid "User that will own the I/O log files: %s"
+msgstr "Usuário que será dono dos arquivos de log de E/S: %s"
+
+#: plugins/sudoers/def_data.c:450
+#, c-format
+msgid "Group that will own the I/O log files: %s"
+msgstr "Grupo que será dono dos arquivos de log de E/S: %s"
+
+#: plugins/sudoers/def_data.c:454
+#, c-format
+msgid "File mode to use for the I/O log files: 0%o"
+msgstr "Modo de arquivo usado para os arquivos de log de E/S: 0%o"
+
+#: plugins/sudoers/def_data.c:458
+#, c-format
+msgid "Execute commands by file descriptor instead of by path: %s"
+msgstr "Executa comandos pelo descritor de arquivo em vez de pelo caminho: %s"
+
+#: plugins/sudoers/def_data.c:462
+msgid "Ignore unknown Defaults entries in sudoers instead of producing a warning"
+msgstr "Ignora entradas desconhecidas de Defaults no sudoers em vez de produzir um aviso"
+
+#: plugins/sudoers/def_data.c:466
+#, c-format
+msgid "Time in seconds after which the command will be terminated: %u"
+msgstr "Tempo em segundos após o qual o comando será terminado: %u"
+
+#: plugins/sudoers/def_data.c:470
+msgid "Allow the user to specify a timeout on the command line"
+msgstr "Permite o usuário especificar um tempo limite na linha de comando"
+
+#: plugins/sudoers/def_data.c:474
+msgid "Flush I/O log data to disk immediately instead of buffering it"
+msgstr "Descarrega os dados de log de E/S para o disco imediatamente em vez de armazenar no buffer"
+
+#: plugins/sudoers/def_data.c:478
+msgid "Include the process ID when logging via syslog"
+msgstr "Inclui o ID de processo ao registrar log via syslog"
+
+#: plugins/sudoers/def_data.c:482
+#, c-format
+msgid "Type of authentication timestamp record: %s"
+msgstr "Tipo de registro de marca de tempo de autenticação: %s"
+
+#: plugins/sudoers/def_data.c:486
+#, c-format
+msgid "Authentication failure message: %s"
+msgstr "Mensagem de falha de autenticação: %s"
+
+#: plugins/sudoers/def_data.c:490
+msgid "Ignore case when matching user names"
+msgstr "Ignora maiúsculo/minúsculo ao corresponder nomes de usuário"
+
+#: plugins/sudoers/def_data.c:494
+msgid "Ignore case when matching group names"
+msgstr "Ignora maiúsculo/minúsculo ao corresponder nomes de grupo"
+
+#: plugins/sudoers/defaults.c:229
+#, c-format
+msgid "%s:%d unknown defaults entry \"%s\""
+msgstr "%s:%d entrada padrão \"%s\" desconhecida"
+
+#: plugins/sudoers/defaults.c:232
+#, c-format
+msgid "%s: unknown defaults entry \"%s\""
+msgstr "%s: entrada padrão \"%s\" desconhecida"
+
+#: plugins/sudoers/defaults.c:275
+#, c-format
+msgid "%s:%d no value specified for \"%s\""
+msgstr "%s:%d nenhum valor especificado para \"%s\""
+
+#: plugins/sudoers/defaults.c:278
+#, c-format
+msgid "%s: no value specified for \"%s\""
+msgstr "%s: nenhum valor especificado para \"%s\""
+
+#: plugins/sudoers/defaults.c:298
+#, c-format
+msgid "%s:%d values for \"%s\" must start with a '/'"
+msgstr "%s:%d valores para \"%s\" devem iniciar com um \"/\""
+
+#: plugins/sudoers/defaults.c:301
+#, c-format
+msgid "%s: values for \"%s\" must start with a '/'"
+msgstr "%s: valores para \"%s\" devem iniciar com um \"/\""
+
+#: plugins/sudoers/defaults.c:323
+#, c-format
+msgid "%s:%d option \"%s\" does not take a value"
+msgstr "%s:%d opção \"%s\" não leva um valor"
+
+#: plugins/sudoers/defaults.c:326
+#, c-format
+msgid "%s: option \"%s\" does not take a value"
+msgstr "%s: opção \"%s\" não leva um valor"
+
+#: plugins/sudoers/defaults.c:351
+#, c-format
+msgid "%s:%d invalid Defaults type 0x%x for option \"%s\""
+msgstr "%s:%d Tipo de padrões 0x%x inválido para a opção \"%s\""
+
+#: plugins/sudoers/defaults.c:354
+#, c-format
+msgid "%s: invalid Defaults type 0x%x for option \"%s\""
+msgstr "%s: Tipo de padrões 0x%x inválido para a opção \"%s\""
+
+#: plugins/sudoers/defaults.c:364
+#, c-format
+msgid "%s:%d value \"%s\" is invalid for option \"%s\""
+msgstr "%s:%d valor \"%s\" é inválido para a opção \"%s\""
+
+#: plugins/sudoers/defaults.c:367
+#, c-format
+msgid "%s: value \"%s\" is invalid for option \"%s\""
+msgstr "%s: valor \"%s\" é inválido para a opção \"%s\""
+
+#: plugins/sudoers/env.c:390
+msgid "sudo_putenv: corrupted envp, length mismatch"
+msgstr "sudo_putenv: envp corrompido, cumprimento não confere"
+
+#: plugins/sudoers/env.c:1111
+msgid "unable to rebuild the environment"
+msgstr "não foi possível recompilar o ambiente"
+
+#: plugins/sudoers/env.c:1185
+#, c-format
+msgid "sorry, you are not allowed to set the following environment variables: %s"
+msgstr "sinto muito, você não tem permissão para definir as seguintes variáveis de ambiente: %s"
+
+#: plugins/sudoers/file.c:114
+#, c-format
+msgid "parse error in %s near line %d"
+msgstr "erro de análise em %s próximo à linha %d"
+
+#: plugins/sudoers/file.c:117
+#, c-format
+msgid "parse error in %s"
+msgstr "erro de análise em %s"
+
+#: plugins/sudoers/filedigest.c:59
+#, c-format
+msgid "unsupported digest type %d for %s"
+msgstr "tipo de digest %d sem suporte para %s"
+
+#: plugins/sudoers/filedigest.c:88
+#, c-format
+msgid "%s: read error"
+msgstr "%s: erro de leitura"
+
+#: plugins/sudoers/group_plugin.c:88
+#, c-format
+msgid "%s must be owned by uid %d"
+msgstr "%s deve ter como dono o uid %d"
+
+#: plugins/sudoers/group_plugin.c:92
+#, c-format
+msgid "%s must only be writable by owner"
+msgstr "%s deve ser gravável apenas pelo dono"
+
+#: plugins/sudoers/group_plugin.c:100 plugins/sudoers/sssd.c:561
+#, c-format
+msgid "unable to load %s: %s"
+msgstr "não foi possível carregar %s: %s"
+
+#: plugins/sudoers/group_plugin.c:106
+#, c-format
+msgid "unable to find symbol \"group_plugin\" in %s"
+msgstr "não foi possível localizar um símbolo \"group_plugin\" %s"
+
+#: plugins/sudoers/group_plugin.c:111
+#, c-format
+msgid "%s: incompatible group plugin major version %d, expected %d"
+msgstr "%s: versão maior do plug-in de grupo %d incompatível, esperava %d"
+
+#: plugins/sudoers/interfaces.c:84 plugins/sudoers/interfaces.c:101
+#, c-format
+msgid "unable to parse IP address \"%s\""
+msgstr "não foi possível analisar o endereço IP \"%s\""
+
+#: plugins/sudoers/interfaces.c:89 plugins/sudoers/interfaces.c:106
+#, c-format
+msgid "unable to parse netmask \"%s\""
+msgstr "não foi possível analisar a máscara de rede \"%s\""
+
+#: plugins/sudoers/interfaces.c:134
+msgid "Local IP address and netmask pairs:\n"
+msgstr "Par de endereço IP e máscara de rede locais:\n"
+
+#: plugins/sudoers/iolog.c:115 plugins/sudoers/mkdir_parents.c:80
+#, c-format
+msgid "%s exists but is not a directory (0%o)"
+msgstr "%s existe, mas não é um diretório (0%o)"
+
+#: plugins/sudoers/iolog.c:140 plugins/sudoers/iolog.c:180
+#: plugins/sudoers/mkdir_parents.c:69 plugins/sudoers/timestamp.c:210
+#, c-format
+msgid "unable to mkdir %s"
+msgstr "não foi possível fazer mkdir %s"
+
+#: plugins/sudoers/iolog.c:184 plugins/sudoers/visudo.c:723
+#: plugins/sudoers/visudo.c:734
+#, c-format
+msgid "unable to change mode of %s to 0%o"
+msgstr "não foi possível alterar modo de %s para 0%o"
+
+#: plugins/sudoers/iolog.c:292 plugins/sudoers/sudoers.c:1167
+#: plugins/sudoers/testsudoers.c:422
+#, c-format
+msgid "unknown group: %s"
+msgstr "grupo desconhecido %s"
+
+#: plugins/sudoers/iolog.c:462 plugins/sudoers/sudoers.c:907
+#: plugins/sudoers/sudoreplay.c:840 plugins/sudoers/sudoreplay.c:1536
+#: plugins/sudoers/tsdump.c:143
+#, c-format
+msgid "unable to read %s"
+msgstr "não foi possível ler %s"
+
+#: plugins/sudoers/iolog.c:577 plugins/sudoers/iolog.c:797
+#, c-format
+msgid "unable to create %s"
+msgstr "não foi possível criar %s"
+
+#: plugins/sudoers/iolog.c:820 plugins/sudoers/iolog.c:1035
+#: plugins/sudoers/iolog.c:1111 plugins/sudoers/iolog.c:1205
+#: plugins/sudoers/iolog.c:1265
+#, c-format
+msgid "unable to write to I/O log file: %s"
+msgstr "não foi possível gravar no arquivo de log de E/S: %s"
+
+#: plugins/sudoers/iolog.c:1069
+#, c-format
+msgid "%s: internal error, I/O log file for event %d not open"
+msgstr "%s: erro interno, o arquivo  de log de E/S para evento %d não está aberto"
+
+#: plugins/sudoers/iolog.c:1228
+#, c-format
+msgid "%s: internal error, invalid signal %d"
+msgstr "%s: erro interno, sinal inválido %d"
+
+#: plugins/sudoers/iolog_util.c:87
+#, c-format
+msgid "%s: invalid log file"
+msgstr "%s: arquivo de log inválido"
+
+#: plugins/sudoers/iolog_util.c:105
+#, c-format
+msgid "%s: time stamp field is missing"
+msgstr "%s: campo de marca de tempo está faltando"
+
+#: plugins/sudoers/iolog_util.c:111
+#, c-format
+msgid "%s: time stamp %s: %s"
+msgstr "%s: marca de tempo %s: %s"
+
+#: plugins/sudoers/iolog_util.c:118
+#, c-format
+msgid "%s: user field is missing"
+msgstr "%s: campo de usuário está faltando"
+
+#: plugins/sudoers/iolog_util.c:127
+#, c-format
+msgid "%s: runas user field is missing"
+msgstr "%s: campo de usuário, a ser executado como, está faltando"
+
+#: plugins/sudoers/iolog_util.c:136
+#, c-format
+msgid "%s: runas group field is missing"
+msgstr "%s: campo de grupo, a ser executado como, está faltando"
+
+#: plugins/sudoers/ldap.c:176 plugins/sudoers/ldap_conf.c:294
+msgid "starttls not supported when using ldaps"
+msgstr "sem suporte a starttls ao usar ldaps"
+
+#: plugins/sudoers/ldap.c:247
+#, c-format
+msgid "unable to initialize SSL cert and key db: %s"
+msgstr "não foi possível inicializar bando de dados de chaves e certificados SSL: %s"
+
+#: plugins/sudoers/ldap.c:250
+#, c-format
+msgid "you must set TLS_CERT in %s to use SSL"
+msgstr "você deve definir TLS_CERT em %s para usar SSL"
+
+#: plugins/sudoers/ldap.c:1612
+#, c-format
+msgid "unable to initialize LDAP: %s"
+msgstr "não foi possível inicializar LDAP: %s"
+
+#: plugins/sudoers/ldap.c:1648
+msgid "start_tls specified but LDAP libs do not support ldap_start_tls_s() or ldap_start_tls_s_np()"
+msgstr "start_tls especificado, mas bibliotecas LDAP não possuem suporte a ldap_start_tls_s() ou ldap_start_tls_s_np()"
+
+#: plugins/sudoers/ldap.c:1785 plugins/sudoers/parse_ldif.c:735
+#, c-format
+msgid "invalid sudoOrder attribute: %s"
+msgstr "atributo sudoOrder inválido: %s"
+
+#: plugins/sudoers/ldap_conf.c:203
+msgid "sudo_ldap_conf_add_ports: port too large"
+msgstr "sudo_ldap_conf_add_ports: porta muito grande"
+
+#: plugins/sudoers/ldap_conf.c:263
+#, c-format
+msgid "unsupported LDAP uri type: %s"
+msgstr "tipo de uri LDAP sem suporte: %s"
+
+#: plugins/sudoers/ldap_conf.c:290
+msgid "unable to mix ldap and ldaps URIs"
+msgstr "não foi possível misturar ldap e ldaps URIs"
+
+#: plugins/sudoers/ldap_util.c:454 plugins/sudoers/ldap_util.c:456
+#, c-format
+msgid "unable to convert sudoOption: %s%s%s"
+msgstr "não foi possível converter sudoOption: %s%s%s"
+
+#: plugins/sudoers/linux_audit.c:57
+msgid "unable to open audit system"
+msgstr "não foi possível abrir o sistema de auditoria"
+
+#: plugins/sudoers/linux_audit.c:98
+msgid "unable to send audit message"
+msgstr "não foi possível enviar mensagem de auditoria"
+
+#: plugins/sudoers/logging.c:113
+#, c-format
+msgid "%8s : %s"
+msgstr "%8s : %s"
+
+#: plugins/sudoers/logging.c:141
+#, c-format
+msgid "%8s : (command continued) %s"
+msgstr "%8s : (comando continuado) %s"
+
+#: plugins/sudoers/logging.c:170
+#, c-format
+msgid "unable to open log file: %s"
+msgstr "não foi possível abrir o arquivo de log: %s"
+
+#: plugins/sudoers/logging.c:178
+#, c-format
+msgid "unable to lock log file: %s"
+msgstr "não foi possível travar o arquivo de log: %s"
+
+#: plugins/sudoers/logging.c:211
+#, c-format
+msgid "unable to write log file: %s"
+msgstr "não foi possível gravar no arquivo de log: %s"
+
+#: plugins/sudoers/logging.c:240
+msgid "No user or host"
+msgstr "nenhum usuário ou máquina"
+
+#: plugins/sudoers/logging.c:242
+msgid "validation failure"
+msgstr "falha de validação"
+
+#: plugins/sudoers/logging.c:249
+msgid "user NOT in sudoers"
+msgstr "usuário NÃO ESTÁ no sudoers"
+
+#: plugins/sudoers/logging.c:251
+msgid "user NOT authorized on host"
+msgstr "usuário NÃO ESTÁ autorizado na máquina"
+
+#: plugins/sudoers/logging.c:253
+msgid "command not allowed"
+msgstr "comando não permitido"
+
+#: plugins/sudoers/logging.c:288
+#, c-format
+msgid "%s is not in the sudoers file.  This incident will be reported.\n"
+msgstr "%s não está no arquivo sudoers. Este incidente será relatado.\n"
+
+#: plugins/sudoers/logging.c:291
+#, c-format
+msgid "%s is not allowed to run sudo on %s.  This incident will be reported.\n"
+msgstr "%s não tem permissão para executar sudo em %s. Este incidente será relatado.\n"
+
+#: plugins/sudoers/logging.c:295
+#, c-format
+msgid "Sorry, user %s may not run sudo on %s.\n"
+msgstr "Sinto muito, usuário %s não pode executar sudo em %s.\n"
+
+#: plugins/sudoers/logging.c:298
+#, c-format
+msgid "Sorry, user %s is not allowed to execute '%s%s%s' as %s%s%s on %s.\n"
+msgstr "Sinto muito, usuário %s não tem permissão para executar \"%s%s%s\" como %s%s%s em %s.\n"
+
+#: plugins/sudoers/logging.c:335 plugins/sudoers/sudoers.c:438
+#: plugins/sudoers/sudoers.c:440 plugins/sudoers/sudoers.c:442
+#: plugins/sudoers/sudoers.c:444 plugins/sudoers/sudoers.c:599
+#: plugins/sudoers/sudoers.c:601
+#, c-format
+msgid "%s: command not found"
+msgstr "%s: comando não encontrado"
+
+#: plugins/sudoers/logging.c:337 plugins/sudoers/sudoers.c:434
+#, c-format
+msgid ""
+"ignoring \"%s\" found in '.'\n"
+"Use \"sudo ./%s\" if this is the \"%s\" you wish to run."
+msgstr ""
+"ignorando \"%s\" encontrado em \".\"\n"
+"Use \"sudo ./%s\" se isto é o \"%s\" que você deseja executar."
+
+#: plugins/sudoers/logging.c:354
+msgid "authentication failure"
+msgstr "falha de autenticação"
+
+#: plugins/sudoers/logging.c:380
+msgid "a password is required"
+msgstr "uma senha é necessária"
+
+#: plugins/sudoers/logging.c:443
+#, c-format
+msgid "%u incorrect password attempt"
+msgid_plural "%u incorrect password attempts"
+msgstr[0] "%u tentativa de senha incorreta"
+msgstr[1] "%u tentativas de senha incorreta"
+
+#: plugins/sudoers/logging.c:666
+msgid "unable to fork"
+msgstr "não foi possível fazer fork"
+
+#: plugins/sudoers/logging.c:674 plugins/sudoers/logging.c:726
+#, c-format
+msgid "unable to fork: %m"
+msgstr "não foi possível fazer fork: %m"
+
+#: plugins/sudoers/logging.c:716
+#, c-format
+msgid "unable to open pipe: %m"
+msgstr "não foi possível abrir um redirecionamento (pipe): %m"
+
+#: plugins/sudoers/logging.c:741
+#, c-format
+msgid "unable to dup stdin: %m"
+msgstr "não foi possível fazer dup da entrada padrão: %m"
+
+#: plugins/sudoers/logging.c:779
+#, c-format
+msgid "unable to execute %s: %m"
+msgstr "não foi possível executar %s: %m"
+
+#: plugins/sudoers/match.c:874
+#, c-format
+msgid "digest for %s (%s) is not in %s form"
+msgstr "digest de %s (%s) não está na forma %s"
+
+#: plugins/sudoers/mkdir_parents.c:75 plugins/sudoers/sudoers.c:918
+#: plugins/sudoers/visudo.c:421 plugins/sudoers/visudo.c:717
+#, c-format
+msgid "unable to stat %s"
+msgstr "não foi possível obter o estado de %s"
+
+#: plugins/sudoers/parse.c:444
+#, c-format
+msgid ""
+"\n"
+"LDAP Role: %s\n"
+msgstr ""
+"\n"
+"Papel LDAP: %s\n"
+
+#: plugins/sudoers/parse.c:447
+#, c-format
+msgid ""
+"\n"
+"Sudoers entry:\n"
+msgstr ""
+"\n"
+"Entradas no sudoers:\n"
+
+#: plugins/sudoers/parse.c:449
+#, c-format
+msgid "    RunAsUsers: "
+msgstr "    UsuáriosRunAs: "
+
+#: plugins/sudoers/parse.c:464
+#, c-format
+msgid "    RunAsGroups: "
+msgstr "    GruposRunAs: "
+
+#: plugins/sudoers/parse.c:474
+#, c-format
+msgid "    Options: "
+msgstr "    Opções: "
+
+#: plugins/sudoers/parse.c:528
+#, c-format
+msgid "    Commands:\n"
+msgstr "    Comandos:\n"
+
+#: plugins/sudoers/parse.c:719
+#, c-format
+msgid "Matching Defaults entries for %s on %s:\n"
+msgstr "Entradas de Defaults correspondentes a %s em %s:\n"
+
+#: plugins/sudoers/parse.c:737
+#, c-format
+msgid "Runas and Command-specific defaults for %s:\n"
+msgstr "Padrões específicos de comandos e \"runas\" de %s:\n"
+
+#: plugins/sudoers/parse.c:755
+#, c-format
+msgid "User %s may run the following commands on %s:\n"
+msgstr "Usuário %s pode executar os seguintes comandos em %s:\n"
+
+#: plugins/sudoers/parse.c:770
+#, c-format
+msgid "User %s is not allowed to run sudo on %s.\n"
+msgstr "Usuário %s não tem permissão para executar sudo em %s.\n"
+
+#: plugins/sudoers/parse_ldif.c:145
+#, c-format
+msgid "ignoring invalid attribute value: %s"
+msgstr "ignorando valor de atributo inválido: %s"
+
+#: plugins/sudoers/parse_ldif.c:584
+#, c-format
+msgid "ignoring incomplete sudoRole: cn: %s"
+msgstr "ignorando sudoRole incompleto: cn: %s"
+
+#: plugins/sudoers/policy.c:88 plugins/sudoers/policy.c:114
+#, c-format
+msgid "invalid %.*s set by sudo front-end"
+msgstr "%.*s inválido definido pelo front-end do sudo"
+
+#: plugins/sudoers/policy.c:293 plugins/sudoers/testsudoers.c:278
+msgid "unable to parse network address list"
+msgstr "não foi possível analisar a lista de endereços de rede"
+
+#: plugins/sudoers/policy.c:437
+msgid "user name not set by sudo front-end"
+msgstr "nome de usuário não definido pelo front-end do sudo"
+
+#: plugins/sudoers/policy.c:441
+msgid "user ID not set by sudo front-end"
+msgstr "ID de usuário não definido pelo front-end do sudo"
+
+#: plugins/sudoers/policy.c:445
+msgid "group ID not set by sudo front-end"
+msgstr "ID de grupo não definido pelo front-end do sudo"
+
+#: plugins/sudoers/policy.c:449
+msgid "host name not set by sudo front-end"
+msgstr "nome da máquina não definido pelo front-end do sudo"
+
+#: plugins/sudoers/policy.c:802 plugins/sudoers/visudo.c:220
+#: plugins/sudoers/visudo.c:851
+#, c-format
+msgid "unable to execute %s"
+msgstr "não foi possível executar %s"
+
+#: plugins/sudoers/policy.c:933
+#, c-format
+msgid "Sudoers policy plugin version %s\n"
+msgstr "Versão de plug-in de política do sudoers %s\n"
+
+#: plugins/sudoers/policy.c:935
+#, c-format
+msgid "Sudoers file grammar version %d\n"
+msgstr "Versão de gramática de arquivo do sudoers %d\n"
+
+#: plugins/sudoers/policy.c:939
+#, c-format
+msgid ""
+"\n"
+"Sudoers path: %s\n"
+msgstr ""
+"\n"
+"Caminho do sudoers: %s\n"
+
+#: plugins/sudoers/policy.c:942
+#, c-format
+msgid "nsswitch path: %s\n"
+msgstr "caminho do nsswitch: %s\n"
+
+#: plugins/sudoers/policy.c:944
+#, c-format
+msgid "ldap.conf path: %s\n"
+msgstr "caminho do ldap.conf: %s\n"
+
+#: plugins/sudoers/policy.c:945
+#, c-format
+msgid "ldap.secret path: %s\n"
+msgstr "caminho do ldap.secret: %s\n"
+
+#: plugins/sudoers/policy.c:978
+#, c-format
+msgid "unable to register hook of type %d (version %d.%d)"
+msgstr "não foi possível registrar hook do tipo %d (versão %d.%d)"
+
+#: plugins/sudoers/pwutil.c:220 plugins/sudoers/pwutil.c:239
+#, c-format
+msgid "unable to cache uid %u, out of memory"
+msgstr "não foi possível fazer cache de uid %u, memória insuficiente"
+
+#: plugins/sudoers/pwutil.c:233
+#, c-format
+msgid "unable to cache uid %u, already exists"
+msgstr "não foi possível fazer cache de uid %u, já existe"
+
+#: plugins/sudoers/pwutil.c:293 plugins/sudoers/pwutil.c:311
+#: plugins/sudoers/pwutil.c:373 plugins/sudoers/pwutil.c:418
+#, c-format
+msgid "unable to cache user %s, out of memory"
+msgstr "não foi possível fazer cache de usuário %s, memória insuficiente"
+
+#: plugins/sudoers/pwutil.c:306
+#, c-format
+msgid "unable to cache user %s, already exists"
+msgstr "não foi possível fazer cache de usuário %s, já existe"
+
+#: plugins/sudoers/pwutil.c:537 plugins/sudoers/pwutil.c:556
+#, c-format
+msgid "unable to cache gid %u, out of memory"
+msgstr "não foi possível fazer cache de gid %u, memória insuficiente"
+
+#: plugins/sudoers/pwutil.c:550
+#, c-format
+msgid "unable to cache gid %u, already exists"
+msgstr "não foi possível fazer cache de gid %u, já existe"
+
+#: plugins/sudoers/pwutil.c:604 plugins/sudoers/pwutil.c:622
+#: plugins/sudoers/pwutil.c:669 plugins/sudoers/pwutil.c:711
+#, c-format
+msgid "unable to cache group %s, out of memory"
+msgstr "não foi possível fazer cache de grupo %s, memória insuficiente"
+
+#: plugins/sudoers/pwutil.c:617
+#, c-format
+msgid "unable to cache group %s, already exists"
+msgstr "não foi possível fazer cache de grupo %s, já existe"
+
+#: plugins/sudoers/pwutil.c:837 plugins/sudoers/pwutil.c:889
+#: plugins/sudoers/pwutil.c:940 plugins/sudoers/pwutil.c:993
+#, c-format
+msgid "unable to cache group list for %s, already exists"
+msgstr "não foi possível fazer cache da lista de grupos de %s, já existe"
+
+#: plugins/sudoers/pwutil.c:843 plugins/sudoers/pwutil.c:894
+#: plugins/sudoers/pwutil.c:946 plugins/sudoers/pwutil.c:998
+#, c-format
+msgid "unable to cache group list for %s, out of memory"
+msgstr "não foi possível fazer cache da lista de grupos de %s, memória insuficiente"
+
+#: plugins/sudoers/pwutil.c:883
+#, c-format
+msgid "unable to parse groups for %s"
+msgstr "não foi possível analisar grupos de %s"
+
+#: plugins/sudoers/pwutil.c:987
+#, c-format
+msgid "unable to parse gids for %s"
+msgstr "não foi possível analisar os gids de %s"
+
+#: plugins/sudoers/set_perms.c:118 plugins/sudoers/set_perms.c:474
+#: plugins/sudoers/set_perms.c:917 plugins/sudoers/set_perms.c:1244
+#: plugins/sudoers/set_perms.c:1561
+msgid "perm stack overflow"
+msgstr "estouro da pilha de permissões"
+
+#: plugins/sudoers/set_perms.c:126 plugins/sudoers/set_perms.c:405
+#: plugins/sudoers/set_perms.c:482 plugins/sudoers/set_perms.c:784
+#: plugins/sudoers/set_perms.c:925 plugins/sudoers/set_perms.c:1168
+#: plugins/sudoers/set_perms.c:1252 plugins/sudoers/set_perms.c:1494
+#: plugins/sudoers/set_perms.c:1569 plugins/sudoers/set_perms.c:1659
+msgid "perm stack underflow"
+msgstr "esvaziamento da pilha de permissões"
+
+#: plugins/sudoers/set_perms.c:185 plugins/sudoers/set_perms.c:528
+#: plugins/sudoers/set_perms.c:1303 plugins/sudoers/set_perms.c:1601
+msgid "unable to change to root gid"
+msgstr "não foi possível alterar gid de root"
+
+#: plugins/sudoers/set_perms.c:274 plugins/sudoers/set_perms.c:625
+#: plugins/sudoers/set_perms.c:1054 plugins/sudoers/set_perms.c:1380
+msgid "unable to change to runas gid"
+msgstr "não foi possível alterar para gid de \"runas\""
+
+#: plugins/sudoers/set_perms.c:279 plugins/sudoers/set_perms.c:630
+#: plugins/sudoers/set_perms.c:1059 plugins/sudoers/set_perms.c:1385
+msgid "unable to set runas group vector"
+msgstr "não foi possível definir vetor de grupo de \"runas\""
+
+#: plugins/sudoers/set_perms.c:290 plugins/sudoers/set_perms.c:641
+#: plugins/sudoers/set_perms.c:1068 plugins/sudoers/set_perms.c:1394
+msgid "unable to change to runas uid"
+msgstr "não foi possível alterar para uid de \"runas\""
+
+#: plugins/sudoers/set_perms.c:308 plugins/sudoers/set_perms.c:659
+#: plugins/sudoers/set_perms.c:1084 plugins/sudoers/set_perms.c:1410
+msgid "unable to change to sudoers gid"
+msgstr "não foi possível alterar para gid de sudoers"
+
+#: plugins/sudoers/set_perms.c:392 plugins/sudoers/set_perms.c:771
+#: plugins/sudoers/set_perms.c:1155 plugins/sudoers/set_perms.c:1481
+#: plugins/sudoers/set_perms.c:1646
+msgid "too many processes"
+msgstr "processos demais"
+
+#: plugins/sudoers/solaris_audit.c:56
+msgid "unable to get current working directory"
+msgstr "não foi possível definir diretório de trabalho atual"
+
+#: plugins/sudoers/solaris_audit.c:64
+#, c-format
+msgid "truncated audit path user_cmnd: %s"
+msgstr "caminho de auditoria truncado user_cmnd: %s"
+
+#: plugins/sudoers/solaris_audit.c:71
+#, c-format
+msgid "truncated audit path argv[0]: %s"
+msgstr "caminho de auditoria truncado argv[0]: %s"
+
+#: plugins/sudoers/solaris_audit.c:120
+msgid "audit_failure message too long"
+msgstr "mensagem de audit_failure muito grande"
+
+#: plugins/sudoers/sssd.c:563
+msgid "unable to initialize SSS source. Is SSSD installed on your machine?"
+msgstr "não foi possível inicializar a fonte SSS. SSSD está instalado em sua máquina?"
+
+#: plugins/sudoers/sssd.c:571 plugins/sudoers/sssd.c:580
+#: plugins/sudoers/sssd.c:589 plugins/sudoers/sssd.c:598
+#: plugins/sudoers/sssd.c:607
+#, c-format
+msgid "unable to find symbol \"%s\" in %s"
+msgstr "não foi possível localizar símbolo \"%s\" em %s"
+
+#: plugins/sudoers/sudoers.c:208 plugins/sudoers/sudoers.c:864
+msgid "problem with defaults entries"
+msgstr "problema com o entradas padrão"
+
+#: plugins/sudoers/sudoers.c:212
+msgid "no valid sudoers sources found, quitting"
+msgstr "nenhuma fonte de sudoers válida encontrada; saindo"
+
+#: plugins/sudoers/sudoers.c:250
+msgid "sudoers specifies that root is not allowed to sudo"
+msgstr "sudoers especifica que o root não tem permissão para usar sudo"
+
+#: plugins/sudoers/sudoers.c:308
+msgid "you are not permitted to use the -C option"
+msgstr "você não tem permissão para usar a opção -C"
+
+#: plugins/sudoers/sudoers.c:355
+#, c-format
+msgid "timestamp owner (%s): No such user"
+msgstr "dono da marca de tempo (%s): Usuário inexistente"
+
+#: plugins/sudoers/sudoers.c:370
+msgid "no tty"
+msgstr "nenhum tty"
+
+#: plugins/sudoers/sudoers.c:371
+msgid "sorry, you must have a tty to run sudo"
+msgstr "sinto muito, você deve ter um tty para executar sudo"
+
+#: plugins/sudoers/sudoers.c:433
+msgid "command in current directory"
+msgstr "comando no diretório atual"
+
+#: plugins/sudoers/sudoers.c:452
+msgid "sorry, you are not allowed set a command timeout"
+msgstr "sinto muito, você não tem permissão para definir um tempo limite de comando"
+
+#: plugins/sudoers/sudoers.c:460
+msgid "sorry, you are not allowed to preserve the environment"
+msgstr "sinto muito, você não tem permissão para preservar o ambiente"
+
+#: plugins/sudoers/sudoers.c:808
+msgid "command too long"
+msgstr "comando muito grande"
+
+#: plugins/sudoers/sudoers.c:922
+#, c-format
+msgid "%s is not a regular file"
+msgstr "%s não é um arquivo comum"
+
+#: plugins/sudoers/sudoers.c:926 plugins/sudoers/timestamp.c:257 toke.l:965
+#, c-format
+msgid "%s is owned by uid %u, should be %u"
+msgstr "%s tem como dono o uid %u, deveria ser %u"
+
+#: plugins/sudoers/sudoers.c:930 toke.l:970
+#, c-format
+msgid "%s is world writable"
+msgstr "%s é gravável globalmente"
+
+#: plugins/sudoers/sudoers.c:934 toke.l:973
+#, c-format
+msgid "%s is owned by gid %u, should be %u"
+msgstr "%s tem como dono o gid %u, deveria ser %u"
+
+#: plugins/sudoers/sudoers.c:967
+#, c-format
+msgid "only root can use \"-c %s\""
+msgstr "apenas o root pode usar \"-c %s\""
+
+#: plugins/sudoers/sudoers.c:986
+#, c-format
+msgid "unknown login class: %s"
+msgstr "classe de login desconhecida: %s"
+
+#: plugins/sudoers/sudoers.c:1069 plugins/sudoers/sudoers.c:1083
+#, c-format
+msgid "unable to resolve host %s"
+msgstr "não foi possível resolver máquina %s"
+
+#: plugins/sudoers/sudoreplay.c:248
+#, c-format
+msgid "invalid filter option: %s"
+msgstr "opção de filtro inválida: %s"
+
+#: plugins/sudoers/sudoreplay.c:261
+#, c-format
+msgid "invalid max wait: %s"
+msgstr "espera máxima inválida: %s"
+
+#: plugins/sudoers/sudoreplay.c:284
+#, c-format
+msgid "invalid speed factor: %s"
+msgstr "fator de velocidade inválido: %s"
+
+# timing é o nome do arquivo gerado pelo sudo; não traduzir.
+#: plugins/sudoers/sudoreplay.c:319
+#, c-format
+msgid "%s/%.2s/%.2s/%.2s/timing: %s"
+msgstr "%s/%.2s/%.2s/%.2s/timing: %s"
+
+# timing é o nome do arquivo gerado pelo sudo; não traduzir.
+#: plugins/sudoers/sudoreplay.c:325
+#, c-format
+msgid "%s/%s/timing: %s"
+msgstr "%s/%s/timing: %s"
+
+#: plugins/sudoers/sudoreplay.c:341
+#, c-format
+msgid "Replaying sudo session: %s"
+msgstr "Reproduzindo sessão de sudo: %s"
+
+#: plugins/sudoers/sudoreplay.c:539 plugins/sudoers/sudoreplay.c:586
+#: plugins/sudoers/sudoreplay.c:783 plugins/sudoers/sudoreplay.c:892
+#: plugins/sudoers/sudoreplay.c:977 plugins/sudoers/sudoreplay.c:992
+#: plugins/sudoers/sudoreplay.c:999 plugins/sudoers/sudoreplay.c:1006
+#: plugins/sudoers/sudoreplay.c:1013 plugins/sudoers/sudoreplay.c:1020
+#: plugins/sudoers/sudoreplay.c:1168
+msgid "unable to add event to queue"
+msgstr "não foi possível adicionar evento para a fila"
+
+#: plugins/sudoers/sudoreplay.c:654
+msgid "unable to set tty to raw mode"
+msgstr "não foi possível definir o tty para modo raw"
+
+#: plugins/sudoers/sudoreplay.c:705
+#, c-format
+msgid "Warning: your terminal is too small to properly replay the log.\n"
+msgstr "Aviso: seu terminal é muito pequeno para reproduzir adequadamente o log.\n"
+
+#: plugins/sudoers/sudoreplay.c:706
+#, c-format
+msgid "Log geometry is %d x %d, your terminal's geometry is %d x %d."
+msgstr "Geometria do log é %d x %d; geometria do seu terminal é %d x %d."
+
+#: plugins/sudoers/sudoreplay.c:734
+msgid "Replay finished, press any key to restore the terminal."
+msgstr "Reprodução finalizada, pressione qualquer tecla para restaurar o terminal."
+
+# timing é o nome do arquivo gerado pelo sudo; não traduzir.
+#: plugins/sudoers/sudoreplay.c:766
+#, c-format
+msgid "invalid timing file line: %s"
+msgstr "linha inválida no arquivo timing: %s"
+
+#: plugins/sudoers/sudoreplay.c:1202 plugins/sudoers/sudoreplay.c:1227
+#, c-format
+msgid "ambiguous expression \"%s\""
+msgstr "expressão ambígua \"%s\""
+
+#: plugins/sudoers/sudoreplay.c:1249
+msgid "unmatched ')' in expression"
+msgstr "\")\" não coincidente na expressão"
+
+#: plugins/sudoers/sudoreplay.c:1253
+#, c-format
+msgid "unknown search term \"%s\""
+msgstr "termo de pesquisa desconhecido \"%s\""
+
+#: plugins/sudoers/sudoreplay.c:1268
+#, c-format
+msgid "%s requires an argument"
+msgstr "%s requer um argumento"
+
+#: plugins/sudoers/sudoreplay.c:1271 plugins/sudoers/sudoreplay.c:1512
+#, c-format
+msgid "invalid regular expression: %s"
+msgstr "expressão regular inválida: %s"
+
+#: plugins/sudoers/sudoreplay.c:1275
+#, c-format
+msgid "could not parse date \"%s\""
+msgstr "não foi possível analisar a data \"%s\""
+
+#: plugins/sudoers/sudoreplay.c:1284
+msgid "unmatched '(' in expression"
+msgstr "\"(\" sem correspondente na expressão"
+
+#: plugins/sudoers/sudoreplay.c:1286
+msgid "illegal trailing \"or\""
+msgstr "fim de linha ilegal com \"or\""
+
+#: plugins/sudoers/sudoreplay.c:1288
+msgid "illegal trailing \"!\""
+msgstr "fim de linha ilegal com \"!\""
+
+#: plugins/sudoers/sudoreplay.c:1338
+#, c-format
+msgid "unknown search type %d"
+msgstr "tipo de pesquisa desconhecido %d"
+
+#: plugins/sudoers/sudoreplay.c:1605
+#, c-format
+msgid "usage: %s [-hnRS] [-d dir] [-m num] [-s num] ID\n"
+msgstr "uso: %s [-hnRS] [-d diretório] [-m número] [-s número] ID\n"
+
+#: plugins/sudoers/sudoreplay.c:1608
+#, c-format
+msgid "usage: %s [-h] [-d dir] -l [search expression]\n"
+msgstr "uso: %s [-h] [-d diretório] -l [expressão de pesquisa]\n"
+
+#: plugins/sudoers/sudoreplay.c:1617
+#, c-format
+msgid ""
+"%s - replay sudo session logs\n"
+"\n"
+msgstr ""
+"%s - reproduz logs de sessão do sudo\n"
+"\n"
+
+#: plugins/sudoers/sudoreplay.c:1619
+msgid ""
+"\n"
+"Options:\n"
+"  -d, --directory=dir  specify directory for session logs\n"
+"  -f, --filter=filter  specify which I/O type(s) to display\n"
+"  -h, --help           display help message and exit\n"
+"  -l, --list           list available session IDs, with optional expression\n"
+"  -m, --max-wait=num   max number of seconds to wait between events\n"
+"  -S, --suspend-wait   wait while the command was suspended\n"
+"  -s, --speed=num      speed up or slow down output\n"
+"  -V, --version        display version information and exit"
+msgstr ""
+"\n"
+"Opções:\n"
+"  -d, --directory=dir  especifica o diretório dos logs de sessão\n"
+"  -f, --filter=filtro  especifica qual o tipo de E/S para exibir\n"
+"  -h, --help           exibe mensagem de ajuda e sai\n"
+"  -l, --list           lista IDs de sessão disponíveis, podendo ser filtrado\n"
+"                       com uso opcional de expressão regular\n"
+"  -m, --max-wait=núm   número máximo, em segundos, de espera entre eventos\n"
+"  -S, --suspend-wait   aguarda enquanto o comando estava suspenso\n"
+"  -s, --speed=número   aumenta ou diminui a velocidade da saída\n"
+"  -V, --version        exibe a informação da versão e sai"
+
+#: plugins/sudoers/testsudoers.c:360
+msgid "\thost  unmatched"
+msgstr "\tmáquina sem correspondente"
+
+#: plugins/sudoers/testsudoers.c:363
+msgid ""
+"\n"
+"Command allowed"
+msgstr ""
+"\n"
+"Comando permitido"
+
+#: plugins/sudoers/testsudoers.c:364
+msgid ""
+"\n"
+"Command denied"
+msgstr ""
+"\n"
+"Comando negado"
+
+#: plugins/sudoers/testsudoers.c:364
+msgid ""
+"\n"
+"Command unmatched"
+msgstr ""
+"\n"
+"Comando sem correspondente"
+
+#: plugins/sudoers/timestamp.c:265
+#, c-format
+msgid "%s is group writable"
+msgstr "%s é gravável pelo grupo"
+
+#: plugins/sudoers/timestamp.c:341
+#, c-format
+msgid "unable to truncate time stamp file to %lld bytes"
+msgstr "não foi possível truncar o arquivo de marca de tempo para %lld bytes"
+
+#: plugins/sudoers/timestamp.c:827 plugins/sudoers/timestamp.c:919
+#: plugins/sudoers/visudo.c:482 plugins/sudoers/visudo.c:488
+msgid "unable to read the clock"
+msgstr "não foi possível ler do relógio"
+
+#: plugins/sudoers/timestamp.c:838
+msgid "ignoring time stamp from the future"
+msgstr "ignorado marca de tempo no futuro"
+
+#: plugins/sudoers/timestamp.c:861
+#, c-format
+msgid "time stamp too far in the future: %20.20s"
+msgstr "marca de tempo muito a frente no futuro: %20.20s"
+
+#: plugins/sudoers/timestamp.c:983
+#, c-format
+msgid "unable to lock time stamp file %s"
+msgstr "não foi possível travar o arquivo de marca de tempo %s"
+
+#: plugins/sudoers/timestamp.c:1027 plugins/sudoers/timestamp.c:1047
+#, c-format
+msgid "lecture status path too long: %s/%s"
+msgstr "caminho de status de instruções muito longo: %s/%s"
+
+#: plugins/sudoers/visudo.c:216
+msgid "the -x option will be removed in a future release"
+msgstr "a opção -x será removida em um lançamento futuro"
+
+#: plugins/sudoers/visudo.c:217
+msgid "please consider using the cvtsudoers utility instead"
+msgstr "por favor, em vez disso, considere usar o utilitário cvtsudoers"
+
+#: plugins/sudoers/visudo.c:268 plugins/sudoers/visudo.c:650
+#, c-format
+msgid "press return to edit %s: "
+msgstr "pressione enter para editar %s: "
+
+#: plugins/sudoers/visudo.c:329
+#, c-format
+msgid "specified editor (%s) doesn't exist"
+msgstr "editor especificado (%s) não existe"
+
+#: plugins/sudoers/visudo.c:331
+#, c-format
+msgid "no editor found (editor path = %s)"
+msgstr "nenhum editor encontrado (caminho do editor = %s)"
+
+#: plugins/sudoers/visudo.c:441 plugins/sudoers/visudo.c:449
+msgid "write error"
+msgstr "erro de escrita"
+
+#: plugins/sudoers/visudo.c:495
+#, c-format
+msgid "unable to stat temporary file (%s), %s unchanged"
+msgstr "não foi possível obter estado de arquivo temporário (%s), %s sem alteração"
+
+#: plugins/sudoers/visudo.c:502
+#, c-format
+msgid "zero length temporary file (%s), %s unchanged"
+msgstr "arquivo de temporário (%s) com comprimento zero, %s sem alteração"
+
+#: plugins/sudoers/visudo.c:508
+#, c-format
+msgid "editor (%s) failed, %s unchanged"
+msgstr "editor (%s) falhou, %s sem alteração"
+
+#: plugins/sudoers/visudo.c:530
+#, c-format
+msgid "%s unchanged"
+msgstr "%s sem alteração"
+
+#: plugins/sudoers/visudo.c:589
+#, c-format
+msgid "unable to re-open temporary file (%s), %s unchanged."
+msgstr "não foi possível reabrir arquivo temporário (%s), %s sem alteração."
+
+#: plugins/sudoers/visudo.c:601
+#, c-format
+msgid "unabled to parse temporary file (%s), unknown error"
+msgstr "não foi possível analisar arquivo temporário (%s), erro desconhecido"
+
+#: plugins/sudoers/visudo.c:639
+#, c-format
+msgid "internal error, unable to find %s in list!"
+msgstr "erro interno, não foi possível localizar %s na lista!"
+
+#: plugins/sudoers/visudo.c:719 plugins/sudoers/visudo.c:728
+#, c-format
+msgid "unable to set (uid, gid) of %s to (%u, %u)"
+msgstr "não foi possível definir (uid, gid) de %s para (%u, %u)"
+
+#: plugins/sudoers/visudo.c:751
+#, c-format
+msgid "%s and %s not on the same file system, using mv to rename"
+msgstr "%s e %s não estão no mesmo sistema de arquivos, usando mv para renomear"
+
+#: plugins/sudoers/visudo.c:765
+#, c-format
+msgid "command failed: '%s %s %s', %s unchanged"
+msgstr "comando \"%s %s %s\" falhou, %s sem alteração"
+
+#: plugins/sudoers/visudo.c:775
+#, c-format
+msgid "error renaming %s, %s unchanged"
+msgstr "erro ao renomear %s, %s sem alteração"
+
+#: plugins/sudoers/visudo.c:796
+msgid "What now? "
+msgstr "Agora o que? "
+
+#: plugins/sudoers/visudo.c:810
+msgid ""
+"Options are:\n"
+"  (e)dit sudoers file again\n"
+"  e(x)it without saving changes to sudoers file\n"
+"  (Q)uit and save changes to sudoers file (DANGER!)\n"
+msgstr ""
+"Opções são:\n"
+"  (e)dit - editar arquivos sudoers novamente\n"
+"  e(x)it - sair sem salvar alterações no arquivo sudoers\n"
+"  (Q)uit - sair e salvar alterações  no arquivo sudoers (PERIGO!)\n"
+
+#: plugins/sudoers/visudo.c:856
+#, c-format
+msgid "unable to run %s"
+msgstr "não foi possível executar %s"
+
+#: plugins/sudoers/visudo.c:886
+#, c-format
+msgid "%s: wrong owner (uid, gid) should be (%u, %u)\n"
+msgstr "%s: dono (uid, gid) incorreto; deveria ser (%u, %u)\n"
+
+#: plugins/sudoers/visudo.c:893
+#, c-format
+msgid "%s: bad permissions, should be mode 0%o\n"
+msgstr "%s: permissões incorretas; deveria estar no modo 0%o\n"
+
+#: plugins/sudoers/visudo.c:950 plugins/sudoers/visudo.c:957
+#, c-format
+msgid "%s: parsed OK\n"
+msgstr "%s: análise OK\n"
+
+#: plugins/sudoers/visudo.c:976
+#, c-format
+msgid "%s busy, try again later"
+msgstr "%s ocupado, tente novamente"
+
+#: plugins/sudoers/visudo.c:979
+#, c-format
+msgid "unable to lock %s"
+msgstr "não foi possível travar %s"
+
+#: plugins/sudoers/visudo.c:980
+msgid "Edit anyway? [y/N]"
+msgstr "Editar mesmo assim? [y/N]"
+
+#: plugins/sudoers/visudo.c:1064
+#, c-format
+msgid "Error: %s:%d cycle in %s \"%s\""
+msgstr "Erro: %s:%d ciclo em %s \"%s\""
+
+#: plugins/sudoers/visudo.c:1065
+#, c-format
+msgid "Warning: %s:%d cycle in %s \"%s\""
+msgstr "Aviso: %s:%d ciclo em %s \"%s\""
+
+#: plugins/sudoers/visudo.c:1069
+#, c-format
+msgid "Error: %s:%d %s \"%s\" referenced but not defined"
+msgstr "Erro: %s:%d %s \"%s\" referenciado, mas não definido"
+
+#: plugins/sudoers/visudo.c:1070
+#, c-format
+msgid "Warning: %s:%d %s \"%s\" referenced but not defined"
+msgstr "Aviso: %s:%d %s \"%s\" referenciado, mas não definido"
+
+#: plugins/sudoers/visudo.c:1161
+#, c-format
+msgid "Warning: %s:%d unused %s \"%s\""
+msgstr "Aviso: %s:%d %s não usado \"%s\""
+
+#: plugins/sudoers/visudo.c:1276
+#, c-format
+msgid ""
+"%s - safely edit the sudoers file\n"
+"\n"
+msgstr ""
+"%s - edita o arquivo sudoers com segurança\n"
+"\n"
+
+#: plugins/sudoers/visudo.c:1278
+msgid ""
+"\n"
+"Options:\n"
+"  -c, --check              check-only mode\n"
+"  -f, --file=sudoers       specify sudoers file location\n"
+"  -h, --help               display help message and exit\n"
+"  -q, --quiet              less verbose (quiet) syntax error messages\n"
+"  -s, --strict             strict syntax checking\n"
+"  -V, --version            display version information and exit\n"
+msgstr ""
+"\n"
+"Opções:\n"
+"  -c, --check              modo de verificação, apenas\n"
+"  -f, --file=sudoers       especifica localização do arquivo sudoers\n"
+"  -h, --help               exibe uma mensagem de ajuda e sai\n"
+"  -q, --quiet              mensagens de erro de sintaxe menos detalhada\n"
+"  -s, --strict             verificação rigorosa de sintaxe\n"
+"  -V, --version            exibe a informação da versão e sai\n"
+
+#: toke.l:939
+msgid "too many levels of includes"
+msgstr "níveis de inclusões demais"
+
+#~ msgid ""
+#~ "\n"
+#~ "LDAP Role: UNKNOWN\n"
+#~ msgstr ""
+#~ "\n"
+#~ "Papel LDAP: DESCONHECIDO\n"
+
+#~ msgid "    Order: %s\n"
+#~ msgstr "    Ordem: %s\n"
+
+#~ msgid ""
+#~ "\n"
+#~ "SSSD Role: %s\n"
+#~ msgstr ""
+#~ "\n"
+#~ "Papel SSSD: %s\n"
+
+#~ msgid ""
+#~ "\n"
+#~ "SSSD Role: UNKNOWN\n"
+#~ msgstr ""
+#~ "\n"
+#~ "Papel SSSD: DESCONHECIDO\n"
+
+#~ msgid "Warning: cycle in %s `%s'"
+#~ msgstr "Aviso: ciclo em %s \"%s\""
+
+#~ msgid "Warning: %s `%s' referenced but not defined"
+#~ msgstr "Aviso: %s \"%s\" referenciado, mas não definido"
+
+#~ msgid "Warning: unused %s `%s'"
+#~ msgstr "Aviso: %s não usado \"%s\""
+
+#~ msgid "timestamp path too long: %s/%s"
+#~ msgstr "caminho de marca de tempo muito longo: %s/%s"
+
+#~ msgid "unable to stat editor (%s)"
+#~ msgstr "não foi possível obter estado do editor (%s)"
+
+# Mantive, pois hostbuf é uma variável do plugins/sudoers/ldap.c
+#~ msgid "sudo_ldap_conf_add_ports: out of space expanding hostbuf"
+#~ msgstr "sudo_ldap_conf_add_ports: sem espaço para expansão de hostbuf"
+
+# Mantive, pois hostbuf é uma variável do plugins/sudoers/ldap.c
+#~ msgid "sudo_ldap_parse_uri: out of space building hostbuf"
+#~ msgstr "sudo_ldap_parse_uri: sem espaço na construção de hostbuf"
+
+#~ msgid "sudo_ldap_build_pass1 allocation mismatch"
+#~ msgstr "alocação de sudo_ldap_build_pass1 não confere"
+
+#~ msgid "Password:"
+#~ msgstr "Senha:"
+
+#~ msgid "internal error: insufficient space for log line"
+#~ msgstr "erro interno: espaço insuficiente para linha de log"
+
+#~ msgid "fill_args: buffer overflow"
+#~ msgstr "fill_args: estouro de buffer"
+
+#~ msgid "%s owned by uid %u, should be uid %u"
+#~ msgstr "%s tem como dono o uid %u, deveria ser uid %u"
+
+#~ msgid "%s writable by non-owner (0%o), should be mode 0700"
+#~ msgstr "%s gravável por não-dono (0%o); deveria estar no modo 0700"
+
+#~ msgid "%s exists but is not a regular file (0%o)"
+#~ msgstr "%s existe, mas não é um arquivo comum (0%o)"
+
+#~ msgid "%s writable by non-owner (0%o), should be mode 0600"
+#~ msgstr "%s gravável por não-dono (0%o); deveria estar no modo 0600"
+
+#~ msgid "unable to remove %s, will reset to the Unix epoch"
+#~ msgstr "não foi possível remover %s, redefinindo para como estava no Unix"
+
+#~ msgid "unable to reset %s to the Unix epoch"
+#~ msgstr "não foi possível redefinir %s para como estava no Unix"
+
+#~ msgid "value out of range"
+#~ msgstr "valor fora da faixa"
+
+#~ msgid "invalid uri: %s"
+#~ msgstr "uri inválida: %s"
+
+#~ msgid "unable to mix ldaps and starttls"
+#~ msgstr "não foi possível misturar ldaps e starttls"
+
+#~ msgid "writing to standard output"
+#~ msgstr "escrevendo para saída padrão"
+
+#~ msgid "too many parenthesized expressions, max %d"
+#~ msgstr "parênteses de expressões demais, máximo %d"
+
+#~ msgid "unable to setup authentication"
+#~ msgstr "não foi possível configurar autenticação"
+
+#~ msgid "getaudit: failed"
+#~ msgstr "getaudit: falhou"
+
+#~ msgid "getauid: failed"
+#~ msgstr "getauid: falhou"
+
+#~ msgid "au_to_subject: failed"
+#~ msgstr "au_to_subject: falhou"
+
+#~ msgid "au_to_exec_args: failed"
+#~ msgstr "au_to_exec_args: falhou"
+
+#~ msgid "au_to_return32: failed"
+#~ msgstr "au_to_return32: falhou"
+
+#~ msgid "au_to_text: failed"
+#~ msgstr "au_to_text: falhou"
+
+#~ msgid "nanosleep: tv_sec %ld, tv_nsec %ld"
+#~ msgstr "nanosleep: tv_sec %ld, tv_nsec %ld"
+
+#~ msgid "pam_chauthtok: %s"
+#~ msgstr "pam_chauthtok: %s"
+
+#~ msgid "pam_authenticate: %s"
+#~ msgstr "pam_authenticate: %s"
+
+#~ msgid "getauid failed"
+#~ msgstr "getauid falhou"
+
+#, fuzzy
+#~ msgid "Unable to dlopen %s: %s"
+#~ msgstr "não foi possível fazer dlopen %s: %s"
+
+#~ msgid "invalid regex: %s"
+#~ msgstr "expressão regular inválida: %s"
diff --git a/plugins/sudoers/po/ru.mo b/plugins/sudoers/po/ru.mo
new file mode 100644
index 0000000..aff51ce
--- /dev/null
+++ b/plugins/sudoers/po/ru.mo
diff --git a/plugins/sudoers/po/ru.po b/plugins/sudoers/po/ru.po
new file mode 100644
index 0000000..64a42d2
--- /dev/null
+++ b/plugins/sudoers/po/ru.po
@@ -0,0 +1,1868 @@
+# Transation of sudoers messages to Russian.
+# This file is put in the public domain.
+# This file is distributed under the same license as the sudo package.
+#
+# Artem Vorotnikov <artem@vorotnikov.me>, 2015.
+# Pavel Maryanov <acid@jack.kiev.ua>, 2015.
+msgid ""
+msgstr ""
+"Project-Id-Version: sudoers 1.8.14b2\n"
+"Report-Msgid-Bugs-To: http://www.sudo.ws/bugs\n"
+"POT-Creation-Date: 2015-07-03 07:09-0600\n"
+"PO-Revision-Date: 2015-09-10 19:15+0300\n"
+"Last-Translator: Pavel Maryanov <acid@jack.kiev.ua>\n"
+"Language-Team: Russian <gnu@d07.ru>\n"
+"Language: ru\n"
+"X-Bugs: Report translation errors to the Language-Team address.\n"
+"MIME-Version: 1.0\n"
+"Content-Type: text/plain; charset=UTF-8\n"
+"Content-Transfer-Encoding: 8bit\n"
+"Plural-Forms: nplurals=3; plural=(n%10==1 && n%100!=11 ? 0 : n%10>=2 && n%10<=4 && (n%100<10 || n%100>=20) ? 1 : 2);\n"
+"X-Generator: Poedit 1.8.4\n"
+
+#: confstr.sh:1
+msgid "syntax error"
+msgstr "ошибка синтаксиса"
+
+#: confstr.sh:2
+msgid "%p's password: "
+msgstr "пароль %p: "
+
+#: confstr.sh:3
+msgid "[sudo] password for %p: "
+msgstr "[sudo] пароль для %p: "
+
+#: confstr.sh:4
+msgid "Password: "
+msgstr "Пароль: "
+
+#: confstr.sh:5
+msgid "*** SECURITY information for %h ***"
+msgstr "*** Данные БЕЗОПАСНОСТИ для %h ***"
+
+#: confstr.sh:6
+msgid "Sorry, try again."
+msgstr "Попробуйте ещё раз."
+
+#: gram.y:181 gram.y:199 gram.y:205 gram.y:211 gram.y:217 gram.y:223
+#: gram.y:239 gram.y:246 gram.y:253 gram.y:260 gram.y:267 gram.y:283
+#: gram.y:306 gram.y:313 gram.y:320 gram.y:327 gram.y:334 gram.y:387
+#: gram.y:395 gram.y:405 gram.y:435 gram.y:442 gram.y:449 gram.y:456
+#: gram.y:568 gram.y:575 gram.y:584 gram.y:593 gram.y:610 gram.y:661
+#: gram.y:668 gram.y:675 gram.y:683 gram.y:775 gram.y:782 gram.y:789
+#: gram.y:796 gram.y:803 gram.y:829 gram.y:836 gram.y:843 gram.y:1110
+#: gram.y:1117 plugins/sudoers/alias.c:123 plugins/sudoers/alias.c:136
+#: plugins/sudoers/auth/bsdauth.c:141 plugins/sudoers/auth/kerb5.c:119
+#: plugins/sudoers/auth/kerb5.c:145 plugins/sudoers/auth/pam.c:371
+#: plugins/sudoers/auth/rfc1938.c:109 plugins/sudoers/auth/sia.c:110
+#: plugins/sudoers/defaults.c:516 plugins/sudoers/defaults.c:720
+#: plugins/sudoers/defaults.c:880 plugins/sudoers/editor.c:64
+#: plugins/sudoers/editor.c:82 plugins/sudoers/editor.c:92
+#: plugins/sudoers/env.c:233 plugins/sudoers/group_plugin.c:131
+#: plugins/sudoers/iolog.c:582 plugins/sudoers/iolog.c:614
+#: plugins/sudoers/iolog_path.c:167 plugins/sudoers/ldap.c:446
+#: plugins/sudoers/ldap.c:477 plugins/sudoers/ldap.c:529
+#: plugins/sudoers/ldap.c:562 plugins/sudoers/ldap.c:914
+#: plugins/sudoers/ldap.c:1060 plugins/sudoers/ldap.c:1339
+#: plugins/sudoers/ldap.c:1512 plugins/sudoers/ldap.c:1588
+#: plugins/sudoers/ldap.c:1724 plugins/sudoers/ldap.c:1748
+#: plugins/sudoers/ldap.c:1778 plugins/sudoers/ldap.c:1831
+#: plugins/sudoers/ldap.c:1846 plugins/sudoers/ldap.c:1942
+#: plugins/sudoers/ldap.c:1975 plugins/sudoers/ldap.c:2128
+#: plugins/sudoers/ldap.c:2225 plugins/sudoers/ldap.c:3028
+#: plugins/sudoers/ldap.c:3061 plugins/sudoers/ldap.c:3375
+#: plugins/sudoers/ldap.c:3403 plugins/sudoers/ldap.c:3414
+#: plugins/sudoers/ldap.c:3504 plugins/sudoers/ldap.c:3520
+#: plugins/sudoers/linux_audit.c:76 plugins/sudoers/logging.c:188
+#: plugins/sudoers/logging.c:662 plugins/sudoers/logging.c:916
+#: plugins/sudoers/match.c:501 plugins/sudoers/match.c:537
+#: plugins/sudoers/match.c:695 plugins/sudoers/match.c:752
+#: plugins/sudoers/parse.c:235 plugins/sudoers/parse.c:247
+#: plugins/sudoers/parse.c:262 plugins/sudoers/parse.c:274
+#: plugins/sudoers/policy.c:384 plugins/sudoers/policy.c:575
+#: plugins/sudoers/prompt.c:93 plugins/sudoers/sssd.c:160
+#: plugins/sudoers/sssd.c:192 plugins/sudoers/sssd.c:198
+#: plugins/sudoers/sssd.c:236 plugins/sudoers/sssd.c:243
+#: plugins/sudoers/sssd.c:279 plugins/sudoers/sssd.c:324
+#: plugins/sudoers/sssd.c:916 plugins/sudoers/sssd.c:1049
+#: plugins/sudoers/sudoers.c:159 plugins/sudoers/sudoers.c:294
+#: plugins/sudoers/sudoers.c:304 plugins/sudoers/sudoers.c:312
+#: plugins/sudoers/sudoers.c:365 plugins/sudoers/sudoers.c:663
+#: plugins/sudoers/sudoers.c:749 plugins/sudoers/sudoers.c:793
+#: plugins/sudoers/sudoers_debug.c:107 plugins/sudoers/sudoreplay.c:471
+#: plugins/sudoers/sudoreplay.c:667 plugins/sudoers/sudoreplay.c:779
+#: plugins/sudoers/sudoreplay.c:819 plugins/sudoers/sudoreplay.c:828
+#: plugins/sudoers/sudoreplay.c:838 plugins/sudoers/sudoreplay.c:846
+#: plugins/sudoers/sudoreplay.c:850 plugins/sudoers/sudoreplay.c:1006
+#: plugins/sudoers/sudoreplay.c:1010 plugins/sudoers/testsudoers.c:130
+#: plugins/sudoers/testsudoers.c:187 plugins/sudoers/testsudoers.c:214
+#: plugins/sudoers/testsudoers.c:231 plugins/sudoers/visudo.c:155
+#: plugins/sudoers/visudo.c:215 plugins/sudoers/visudo.c:299
+#: plugins/sudoers/visudo.c:305 plugins/sudoers/visudo.c:435
+#: plugins/sudoers/visudo.c:971 plugins/sudoers/visudo.c:1015
+#: plugins/sudoers/visudo.c:1111
+msgid "unable to allocate memory"
+msgstr "не удаётся выделить память"
+
+#: gram.y:467
+msgid "a digest requires a path name"
+msgstr "для дайджеста нужно указать полный путь"
+
+#: gram.y:1110 gram.y:1117 plugins/sudoers/auth/pam.c:371
+#: plugins/sudoers/auth/rfc1938.c:109 plugins/sudoers/defaults.c:516
+#: plugins/sudoers/defaults.c:720 plugins/sudoers/defaults.c:880
+#: plugins/sudoers/editor.c:64 plugins/sudoers/editor.c:82
+#: plugins/sudoers/editor.c:92 plugins/sudoers/env.c:233
+#: plugins/sudoers/group_plugin.c:131 plugins/sudoers/iolog.c:582
+#: plugins/sudoers/iolog.c:614 plugins/sudoers/iolog_path.c:167
+#: plugins/sudoers/ldap.c:446 plugins/sudoers/ldap.c:477
+#: plugins/sudoers/ldap.c:529 plugins/sudoers/ldap.c:562
+#: plugins/sudoers/ldap.c:914 plugins/sudoers/ldap.c:1060
+#: plugins/sudoers/ldap.c:1339 plugins/sudoers/ldap.c:1512
+#: plugins/sudoers/ldap.c:1588 plugins/sudoers/ldap.c:1724
+#: plugins/sudoers/ldap.c:1748 plugins/sudoers/ldap.c:1778
+#: plugins/sudoers/ldap.c:1831 plugins/sudoers/ldap.c:1846
+#: plugins/sudoers/ldap.c:1942 plugins/sudoers/ldap.c:1975
+#: plugins/sudoers/ldap.c:2128 plugins/sudoers/ldap.c:2225
+#: plugins/sudoers/ldap.c:3028 plugins/sudoers/ldap.c:3061
+#: plugins/sudoers/ldap.c:3375 plugins/sudoers/ldap.c:3403
+#: plugins/sudoers/ldap.c:3414 plugins/sudoers/ldap.c:3504
+#: plugins/sudoers/ldap.c:3520 plugins/sudoers/linux_audit.c:76
+#: plugins/sudoers/logging.c:188 plugins/sudoers/logging.c:916
+#: plugins/sudoers/match.c:501 plugins/sudoers/match.c:537
+#: plugins/sudoers/match.c:695 plugins/sudoers/match.c:752
+#: plugins/sudoers/parse.c:235 plugins/sudoers/parse.c:247
+#: plugins/sudoers/parse.c:262 plugins/sudoers/parse.c:274
+#: plugins/sudoers/policy.c:97 plugins/sudoers/policy.c:106
+#: plugins/sudoers/policy.c:115 plugins/sudoers/policy.c:139
+#: plugins/sudoers/policy.c:250 plugins/sudoers/policy.c:271
+#: plugins/sudoers/policy.c:280 plugins/sudoers/policy.c:319
+#: plugins/sudoers/policy.c:329 plugins/sudoers/policy.c:338
+#: plugins/sudoers/policy.c:384 plugins/sudoers/policy.c:575
+#: plugins/sudoers/prompt.c:93 plugins/sudoers/set_perms.c:356
+#: plugins/sudoers/set_perms.c:695 plugins/sudoers/set_perms.c:1054
+#: plugins/sudoers/set_perms.c:1350 plugins/sudoers/set_perms.c:1514
+#: plugins/sudoers/sssd.c:160 plugins/sudoers/sssd.c:192
+#: plugins/sudoers/sssd.c:198 plugins/sudoers/sssd.c:236
+#: plugins/sudoers/sssd.c:243 plugins/sudoers/sssd.c:279
+#: plugins/sudoers/sssd.c:324 plugins/sudoers/sssd.c:916
+#: plugins/sudoers/sssd.c:1049 plugins/sudoers/sudoers.c:159
+#: plugins/sudoers/sudoers.c:294 plugins/sudoers/sudoers.c:304
+#: plugins/sudoers/sudoers.c:312 plugins/sudoers/sudoers.c:365
+#: plugins/sudoers/sudoers.c:663 plugins/sudoers/sudoers.c:749
+#: plugins/sudoers/sudoers.c:793 plugins/sudoers/sudoers_debug.c:106
+#: plugins/sudoers/sudoreplay.c:471 plugins/sudoers/sudoreplay.c:667
+#: plugins/sudoers/sudoreplay.c:779 plugins/sudoers/sudoreplay.c:819
+#: plugins/sudoers/sudoreplay.c:828 plugins/sudoers/sudoreplay.c:838
+#: plugins/sudoers/sudoreplay.c:846 plugins/sudoers/sudoreplay.c:850
+#: plugins/sudoers/sudoreplay.c:1006 plugins/sudoers/sudoreplay.c:1010
+#: plugins/sudoers/testsudoers.c:130 plugins/sudoers/testsudoers.c:187
+#: plugins/sudoers/testsudoers.c:214 plugins/sudoers/testsudoers.c:231
+#: plugins/sudoers/visudo.c:155 plugins/sudoers/visudo.c:215
+#: plugins/sudoers/visudo.c:299 plugins/sudoers/visudo.c:305
+#: plugins/sudoers/visudo.c:435 plugins/sudoers/visudo.c:971
+#: plugins/sudoers/visudo.c:1015 plugins/sudoers/visudo.c:1111
+#, c-format
+msgid "%s: %s"
+msgstr "%s: %s"
+
+#: plugins/sudoers/alias.c:132
+#, c-format
+msgid "Alias `%s' already defined"
+msgstr "Псевдоним «%s» уже определён"
+
+#: plugins/sudoers/auth/bsdauth.c:68
+#, c-format
+msgid "unable to get login class for user %s"
+msgstr "не удаётся получить класс логина для пользователя %s"
+
+#: plugins/sudoers/auth/bsdauth.c:73
+msgid "unable to begin bsd authentication"
+msgstr "не удаётся начать BSD-аутентификацию"
+
+#: plugins/sudoers/auth/bsdauth.c:81
+msgid "invalid authentication type"
+msgstr "некорректный тип аутентификации"
+
+#: plugins/sudoers/auth/bsdauth.c:90
+msgid "unable to initialize BSD authentication"
+msgstr "не удаётся запустить BSD-аутентификацию"
+
+#: plugins/sudoers/auth/fwtk.c:52
+msgid "unable to read fwtk config"
+msgstr "не удаётся прочитать конфигурацию ftwk"
+
+#: plugins/sudoers/auth/fwtk.c:57
+msgid "unable to connect to authentication server"
+msgstr "не удаётся связаться с сервером аутентификации"
+
+#: plugins/sudoers/auth/fwtk.c:63 plugins/sudoers/auth/fwtk.c:87
+#: plugins/sudoers/auth/fwtk.c:120
+msgid "lost connection to authentication server"
+msgstr "потеряно соединение с сервером аутентификации"
+
+#: plugins/sudoers/auth/fwtk.c:67
+#, c-format
+msgid ""
+"authentication server error:\n"
+"%s"
+msgstr ""
+"ошибка сервера аутентификации:\n"
+"%s"
+
+#: plugins/sudoers/auth/kerb5.c:111
+#, c-format
+msgid "%s: unable to convert principal to string ('%s'): %s"
+msgstr "%s: не удаётся преобразовать принципал в строку ('%s'): %s"
+
+#: plugins/sudoers/auth/kerb5.c:161
+#, c-format
+msgid "%s: unable to parse '%s': %s"
+msgstr "%s: не удаётся прочитать '%s': %s"
+
+#: plugins/sudoers/auth/kerb5.c:170
+#, c-format
+msgid "%s: unable to resolve credential cache: %s"
+msgstr "%s: не удаётся разрешить кэш учётных данных: %s"
+
+#: plugins/sudoers/auth/kerb5.c:217
+#, c-format
+msgid "%s: unable to allocate options: %s"
+msgstr "%s: не удаётся выделить параметры: %s"
+
+#: plugins/sudoers/auth/kerb5.c:232
+#, c-format
+msgid "%s: unable to get credentials: %s"
+msgstr "%s: не удаётся получить учётные данные: %s"
+
+#: plugins/sudoers/auth/kerb5.c:245
+#, c-format
+msgid "%s: unable to initialize credential cache: %s"
+msgstr "%s: не удаётся инициализировать кэш учётных данных: %s"
+
+#: plugins/sudoers/auth/kerb5.c:248
+#, c-format
+msgid "%s: unable to store credential in cache: %s"
+msgstr "%s: не удаётся сохранить учётные данные в кэше: %s"
+
+#: plugins/sudoers/auth/kerb5.c:312
+#, c-format
+msgid "%s: unable to get host principal: %s"
+msgstr "%s: не удаётся получить принципал хоста: %s"
+
+#: plugins/sudoers/auth/kerb5.c:326
+#, c-format
+msgid "%s: Cannot verify TGT! Possible attack!: %s"
+msgstr "%s: Не удаётся проверить TGT. Нас атакуют?!: %s"
+
+#: plugins/sudoers/auth/pam.c:90
+msgid "unable to initialize PAM"
+msgstr "не удаётся инициализировать PAM"
+
+#: plugins/sudoers/auth/pam.c:146
+msgid "account validation failure, is your account locked?"
+msgstr "ошибка проверки учётной записи. Она заблокирована?"
+
+#: plugins/sudoers/auth/pam.c:150
+msgid "Account or password is expired, reset your password and try again"
+msgstr "Учётные данные устарели. Сбросьте пароль и попробуйте ещё раз"
+
+#: plugins/sudoers/auth/pam.c:158
+#, c-format
+msgid "unable to change expired password: %s"
+msgstr "не удаётся сменить устаревший пароль: %s"
+
+#: plugins/sudoers/auth/pam.c:163
+msgid "Password expired, contact your system administrator"
+msgstr "Пароль устарел. Обратитесь к системному администратору"
+
+#: plugins/sudoers/auth/pam.c:167
+msgid "Account expired or PAM config lacks an \"account\" section for sudo, contact your system administrator"
+msgstr "Срок действия учётной записи истёк или в настройках PAM нет раздела «account» для sudo. Обратитесь к системному администратору"
+
+#: plugins/sudoers/auth/pam.c:179
+#, c-format
+msgid "PAM authentication error: %s"
+msgstr "Ошибка PAM-аутентификации: %s"
+
+#: plugins/sudoers/auth/rfc1938.c:97 plugins/sudoers/visudo.c:220
+#, c-format
+msgid "you do not exist in the %s database"
+msgstr "Вы не существуете в базе данных %s"
+
+#: plugins/sudoers/auth/securid5.c:73
+msgid "failed to initialise the ACE API library"
+msgstr "не удалось инициализировать библиотеку API для ACE"
+
+#: plugins/sudoers/auth/securid5.c:99
+msgid "unable to contact the SecurID server"
+msgstr "не удалось связаться с сервером SecurID"
+
+#: plugins/sudoers/auth/securid5.c:108
+msgid "User ID locked for SecurID Authentication"
+msgstr "ID пользователя заблокирован для аутентификации SecurID"
+
+#: plugins/sudoers/auth/securid5.c:112 plugins/sudoers/auth/securid5.c:163
+msgid "invalid username length for SecurID"
+msgstr "недопустимая длина имени пользователя для SecurID"
+
+#: plugins/sudoers/auth/securid5.c:116 plugins/sudoers/auth/securid5.c:168
+msgid "invalid Authentication Handle for SecurID"
+msgstr "недопустимый обработчик аутентификации для SecurID"
+
+#: plugins/sudoers/auth/securid5.c:120
+msgid "SecurID communication failed"
+msgstr "ошибка связи с SecurID"
+
+#: plugins/sudoers/auth/securid5.c:124 plugins/sudoers/auth/securid5.c:207
+msgid "unknown SecurID error"
+msgstr "неизвестная ошибка SecurID"
+
+#: plugins/sudoers/auth/securid5.c:158
+msgid "invalid passcode length for SecurID"
+msgstr "недопустимая длина пароля для SecurID"
+
+#: plugins/sudoers/auth/sia.c:120
+msgid "unable to initialize SIA session"
+msgstr "не удаётся инициализировать сеанс SIA"
+
+#: plugins/sudoers/auth/sudo_auth.c:126
+msgid "invalid authentication methods"
+msgstr "недопустимые методы аутентификации"
+
+#: plugins/sudoers/auth/sudo_auth.c:128
+msgid "Invalid authentication methods compiled into sudo!  You may not mix standalone and non-standalone authentication."
+msgstr "sudo скомпилирован с неверными методами аутентификации! Нельзя смешивать зависимую и независимую аутентификацию."
+
+#: plugins/sudoers/auth/sudo_auth.c:224 plugins/sudoers/auth/sudo_auth.c:273
+msgid "no authentication methods"
+msgstr "методы аутентификации отсутствуют"
+
+#: plugins/sudoers/auth/sudo_auth.c:226
+msgid "There are no authentication methods compiled into sudo!  If you want to turn off authentication, use the --disable-authentication configure option."
+msgstr "sudo скомпилирован без методов аутентификации! Если нужно отключить аутентификацию, используйте параметр --disable-authentication."
+
+#: plugins/sudoers/auth/sudo_auth.c:275
+msgid "Unable to initialize authentication methods."
+msgstr "Не удаётся инициализировать методы аутентификации."
+
+#: plugins/sudoers/auth/sudo_auth.c:433
+msgid "Authentication methods:"
+msgstr "Методы аутентификации:"
+
+#: plugins/sudoers/bsm_audit.c:111 plugins/sudoers/bsm_audit.c:200
+msgid "Could not determine audit condition"
+msgstr "Не удалось определить состояние аудита"
+
+#: plugins/sudoers/bsm_audit.c:172 plugins/sudoers/bsm_audit.c:260
+msgid "unable to commit audit record"
+msgstr "не удаётся отправить запись аудита"
+
+#: plugins/sudoers/check.c:200
+msgid ""
+"\n"
+"We trust you have received the usual lecture from the local System\n"
+"Administrator. It usually boils down to these three things:\n"
+"\n"
+"    #1) Respect the privacy of others.\n"
+"    #2) Think before you type.\n"
+"    #3) With great power comes great responsibility.\n"
+"\n"
+msgstr ""
+"\n"
+"Мы полагаем, что ваш системный администратор изложил вам основы\n"
+"безопасности. Как правило, всё сводится к трём следующим правилам:\n"
+"\n"
+"    №1) Уважайте частную жизнь других.\n"
+"    №2) Думайте, прежде что-то вводить.\n"
+"    №3) С большой властью приходит большая ответственность.\n"
+"\n"
+
+#: plugins/sudoers/check.c:243 plugins/sudoers/check.c:253
+#: plugins/sudoers/sudoers.c:699 plugins/sudoers/sudoers.c:728
+#, c-format
+msgid "unknown uid: %u"
+msgstr "неизвестный uid: %u"
+
+#: plugins/sudoers/check.c:248 plugins/sudoers/policy.c:747
+#: plugins/sudoers/sudoers.c:1095 plugins/sudoers/testsudoers.c:205
+#: plugins/sudoers/testsudoers.c:360
+#, c-format
+msgid "unknown user: %s"
+msgstr "неизвестный пользователь: %s"
+
+#: plugins/sudoers/def_data.c:27
+#, c-format
+msgid "Syslog facility if syslog is being used for logging: %s"
+msgstr ""
+
+#: plugins/sudoers/def_data.c:31
+#, c-format
+msgid "Syslog priority to use when user authenticates successfully: %s"
+msgstr ""
+
+#: plugins/sudoers/def_data.c:35
+#, c-format
+msgid "Syslog priority to use when user authenticates unsuccessfully: %s"
+msgstr ""
+
+#: plugins/sudoers/def_data.c:39
+msgid "Put OTP prompt on its own line"
+msgstr ""
+
+#: plugins/sudoers/def_data.c:43
+msgid "Ignore '.' in $PATH"
+msgstr "Игнорировать '.' в переменной $PATH"
+
+#: plugins/sudoers/def_data.c:47
+msgid "Always send mail when sudo is run"
+msgstr "Отправлять письмо при каждом запуске sudo"
+
+#: plugins/sudoers/def_data.c:51
+msgid "Send mail if user authentication fails"
+msgstr "Отправлять письмо при ошибке аутентификации"
+
+#: plugins/sudoers/def_data.c:55
+msgid "Send mail if the user is not in sudoers"
+msgstr "Отправлять письмо, если пользователя нет в группе sudoers"
+
+#: plugins/sudoers/def_data.c:59
+msgid "Send mail if the user is not in sudoers for this host"
+msgstr "Отправлять письмо, если пользователя нет в группе sudoers для данного компьютера"
+
+#: plugins/sudoers/def_data.c:63
+msgid "Send mail if the user is not allowed to run a command"
+msgstr "Отправлять письмо, если пользователю не разрешено выполнять команду"
+
+#: plugins/sudoers/def_data.c:67
+msgid "Send mail if the user tries to run a command"
+msgstr "Отправлять письмо, если пользователь пытается выполнить команду"
+
+#: plugins/sudoers/def_data.c:71
+msgid "Use a separate timestamp for each user/tty combo"
+msgstr ""
+
+#: plugins/sudoers/def_data.c:75
+msgid "Lecture user the first time they run sudo"
+msgstr ""
+
+#: plugins/sudoers/def_data.c:79
+#, c-format
+msgid "File containing the sudo lecture: %s"
+msgstr ""
+
+#: plugins/sudoers/def_data.c:83
+msgid "Require users to authenticate by default"
+msgstr ""
+
+#: plugins/sudoers/def_data.c:87
+msgid "Root may run sudo"
+msgstr ""
+
+#: plugins/sudoers/def_data.c:91
+msgid "Log the hostname in the (non-syslog) log file"
+msgstr ""
+
+#: plugins/sudoers/def_data.c:95
+msgid "Log the year in the (non-syslog) log file"
+msgstr ""
+
+#: plugins/sudoers/def_data.c:99
+msgid "If sudo is invoked with no arguments, start a shell"
+msgstr ""
+
+#: plugins/sudoers/def_data.c:103
+msgid "Set $HOME to the target user when starting a shell with -s"
+msgstr ""
+
+#: plugins/sudoers/def_data.c:107
+msgid "Always set $HOME to the target user's home directory"
+msgstr ""
+
+#: plugins/sudoers/def_data.c:111
+msgid "Allow some information gathering to give useful error messages"
+msgstr ""
+
+#: plugins/sudoers/def_data.c:115
+msgid "Require fully-qualified hostnames in the sudoers file"
+msgstr ""
+
+#: plugins/sudoers/def_data.c:119
+msgid "Insult the user when they enter an incorrect password"
+msgstr ""
+
+#: plugins/sudoers/def_data.c:123
+msgid "Only allow the user to run sudo if they have a tty"
+msgstr ""
+
+#: plugins/sudoers/def_data.c:127
+msgid "Visudo will honor the EDITOR environment variable"
+msgstr ""
+
+#: plugins/sudoers/def_data.c:131
+msgid "Prompt for root's password, not the users's"
+msgstr ""
+
+#: plugins/sudoers/def_data.c:135
+msgid "Prompt for the runas_default user's password, not the users's"
+msgstr ""
+
+#: plugins/sudoers/def_data.c:139
+msgid "Prompt for the target user's password, not the users's"
+msgstr ""
+
+#: plugins/sudoers/def_data.c:143
+msgid "Apply defaults in the target user's login class if there is one"
+msgstr ""
+
+#: plugins/sudoers/def_data.c:147
+msgid "Set the LOGNAME and USER environment variables"
+msgstr ""
+
+#: plugins/sudoers/def_data.c:151
+msgid "Only set the effective uid to the target user, not the real uid"
+msgstr ""
+
+#: plugins/sudoers/def_data.c:155
+msgid "Don't initialize the group vector to that of the target user"
+msgstr ""
+
+#: plugins/sudoers/def_data.c:159
+#, c-format
+msgid "Length at which to wrap log file lines (0 for no wrap): %u"
+msgstr ""
+
+#: plugins/sudoers/def_data.c:163
+#, c-format
+msgid "Authentication timestamp timeout: %.1f minutes"
+msgstr ""
+
+#: plugins/sudoers/def_data.c:167
+#, c-format
+msgid "Password prompt timeout: %.1f minutes"
+msgstr ""
+
+#: plugins/sudoers/def_data.c:171
+#, c-format
+msgid "Number of tries to enter a password: %u"
+msgstr ""
+
+#: plugins/sudoers/def_data.c:175
+#, c-format
+msgid "Umask to use or 0777 to use user's: 0%o"
+msgstr ""
+
+#: plugins/sudoers/def_data.c:179
+#, c-format
+msgid "Path to log file: %s"
+msgstr ""
+
+#: plugins/sudoers/def_data.c:183
+#, c-format
+msgid "Path to mail program: %s"
+msgstr ""
+
+#: plugins/sudoers/def_data.c:187
+#, c-format
+msgid "Flags for mail program: %s"
+msgstr ""
+
+#: plugins/sudoers/def_data.c:191
+#, c-format
+msgid "Address to send mail to: %s"
+msgstr ""
+
+#: plugins/sudoers/def_data.c:195
+#, c-format
+msgid "Address to send mail from: %s"
+msgstr ""
+
+#: plugins/sudoers/def_data.c:199
+#, c-format
+msgid "Subject line for mail messages: %s"
+msgstr ""
+
+#: plugins/sudoers/def_data.c:203
+#, c-format
+msgid "Incorrect password message: %s"
+msgstr ""
+
+#: plugins/sudoers/def_data.c:207
+#, c-format
+msgid "Path to lecture status dir: %s"
+msgstr ""
+
+#: plugins/sudoers/def_data.c:211
+#, c-format
+msgid "Path to authentication timestamp dir: %s"
+msgstr ""
+
+#: plugins/sudoers/def_data.c:215
+#, c-format
+msgid "Owner of the authentication timestamp dir: %s"
+msgstr ""
+
+#: plugins/sudoers/def_data.c:219
+#, c-format
+msgid "Users in this group are exempt from password and PATH requirements: %s"
+msgstr ""
+
+#: plugins/sudoers/def_data.c:223
+#, c-format
+msgid "Default password prompt: %s"
+msgstr ""
+
+#: plugins/sudoers/def_data.c:227
+msgid "If set, passprompt will override system prompt in all cases."
+msgstr ""
+
+#: plugins/sudoers/def_data.c:231
+#, c-format
+msgid "Default user to run commands as: %s"
+msgstr ""
+
+#: plugins/sudoers/def_data.c:235
+#, c-format
+msgid "Value to override user's $PATH with: %s"
+msgstr ""
+
+#: plugins/sudoers/def_data.c:239
+#, c-format
+msgid "Path to the editor for use by visudo: %s"
+msgstr ""
+
+#: plugins/sudoers/def_data.c:243
+#, c-format
+msgid "When to require a password for 'list' pseudocommand: %s"
+msgstr ""
+
+#: plugins/sudoers/def_data.c:247
+#, c-format
+msgid "When to require a password for 'verify' pseudocommand: %s"
+msgstr ""
+
+#: plugins/sudoers/def_data.c:251
+msgid "Preload the dummy exec functions contained in the sudo_noexec library"
+msgstr ""
+
+#: plugins/sudoers/def_data.c:255
+msgid "If LDAP directory is up, do we ignore local sudoers file"
+msgstr ""
+
+#: plugins/sudoers/def_data.c:259
+#, c-format
+msgid "File descriptors >= %d will be closed before executing a command"
+msgstr ""
+
+#: plugins/sudoers/def_data.c:263
+msgid "If set, users may override the value of `closefrom' with the -C option"
+msgstr ""
+
+#: plugins/sudoers/def_data.c:267
+msgid "Allow users to set arbitrary environment variables"
+msgstr ""
+
+#: plugins/sudoers/def_data.c:271
+msgid "Reset the environment to a default set of variables"
+msgstr ""
+
+#: plugins/sudoers/def_data.c:275
+msgid "Environment variables to check for sanity:"
+msgstr ""
+
+#: plugins/sudoers/def_data.c:279
+msgid "Environment variables to remove:"
+msgstr ""
+
+#: plugins/sudoers/def_data.c:283
+msgid "Environment variables to preserve:"
+msgstr ""
+
+#: plugins/sudoers/def_data.c:287
+#, c-format
+msgid "SELinux role to use in the new security context: %s"
+msgstr ""
+
+#: plugins/sudoers/def_data.c:291
+#, c-format
+msgid "SELinux type to use in the new security context: %s"
+msgstr ""
+
+#: plugins/sudoers/def_data.c:295
+#, c-format
+msgid "Path to the sudo-specific environment file: %s"
+msgstr ""
+
+#: plugins/sudoers/def_data.c:299
+#, c-format
+msgid "Locale to use while parsing sudoers: %s"
+msgstr ""
+
+#: plugins/sudoers/def_data.c:303
+msgid "Allow sudo to prompt for a password even if it would be visible"
+msgstr ""
+
+#: plugins/sudoers/def_data.c:307
+msgid "Provide visual feedback at the password prompt when there is user input"
+msgstr ""
+
+#: plugins/sudoers/def_data.c:311
+msgid "Use faster globbing that is less accurate but does not access the filesystem"
+msgstr ""
+
+#: plugins/sudoers/def_data.c:315
+msgid "The umask specified in sudoers will override the user's, even if it is more permissive"
+msgstr ""
+
+#: plugins/sudoers/def_data.c:319
+msgid "Log user's input for the command being run"
+msgstr ""
+
+#: plugins/sudoers/def_data.c:323
+msgid "Log the output of the command being run"
+msgstr ""
+
+#: plugins/sudoers/def_data.c:327
+msgid "Compress I/O logs using zlib"
+msgstr ""
+
+#: plugins/sudoers/def_data.c:331
+msgid "Always run commands in a pseudo-tty"
+msgstr ""
+
+#: plugins/sudoers/def_data.c:335
+#, c-format
+msgid "Plugin for non-Unix group support: %s"
+msgstr ""
+
+#: plugins/sudoers/def_data.c:339
+#, c-format
+msgid "Directory in which to store input/output logs: %s"
+msgstr ""
+
+#: plugins/sudoers/def_data.c:343
+#, c-format
+msgid "File in which to store the input/output log: %s"
+msgstr ""
+
+#: plugins/sudoers/def_data.c:347
+msgid "Add an entry to the utmp/utmpx file when allocating a pty"
+msgstr ""
+
+#: plugins/sudoers/def_data.c:351
+msgid "Set the user in utmp to the runas user, not the invoking user"
+msgstr ""
+
+#: plugins/sudoers/def_data.c:355
+msgid "Set of permitted privileges"
+msgstr ""
+
+#: plugins/sudoers/def_data.c:359
+msgid "Set of limit privileges"
+msgstr ""
+
+#: plugins/sudoers/def_data.c:363
+msgid "Run commands on a pty in the background"
+msgstr ""
+
+#: plugins/sudoers/def_data.c:367
+msgid "PAM service name to use"
+msgstr ""
+
+#: plugins/sudoers/def_data.c:371
+msgid "PAM service name to use for login shells"
+msgstr ""
+
+#: plugins/sudoers/def_data.c:375
+msgid "Attempt to establish PAM credentials for the target user"
+msgstr ""
+
+#: plugins/sudoers/def_data.c:379
+msgid "Create a new PAM session for the command to run in"
+msgstr ""
+
+#: plugins/sudoers/def_data.c:383
+#, c-format
+msgid "Maximum I/O log sequence number: %u"
+msgstr ""
+
+#: plugins/sudoers/def_data.c:387
+msgid "Enable sudoers netgroup support"
+msgstr ""
+
+#: plugins/sudoers/defaults.c:199 plugins/sudoers/defaults.c:608
+#: plugins/sudoers/visudo_json.c:633 plugins/sudoers/visudo_json.c:668
+#, c-format
+msgid "unknown defaults entry `%s'"
+msgstr ""
+
+#: plugins/sudoers/defaults.c:207 plugins/sudoers/defaults.c:217
+#: plugins/sudoers/defaults.c:241 plugins/sudoers/defaults.c:256
+#: plugins/sudoers/defaults.c:269 plugins/sudoers/defaults.c:282
+#: plugins/sudoers/defaults.c:295 plugins/sudoers/defaults.c:315
+#: plugins/sudoers/defaults.c:325
+#, c-format
+msgid "value `%s' is invalid for option `%s'"
+msgstr ""
+
+#: plugins/sudoers/defaults.c:210 plugins/sudoers/defaults.c:220
+#: plugins/sudoers/defaults.c:228 plugins/sudoers/defaults.c:251
+#: plugins/sudoers/defaults.c:264 plugins/sudoers/defaults.c:277
+#: plugins/sudoers/defaults.c:290 plugins/sudoers/defaults.c:310
+#: plugins/sudoers/defaults.c:321
+#, c-format
+msgid "no value specified for `%s'"
+msgstr ""
+
+#: plugins/sudoers/defaults.c:233
+#, c-format
+msgid "values for `%s' must start with a '/'"
+msgstr ""
+
+#: plugins/sudoers/defaults.c:301
+#, c-format
+msgid "option `%s' does not take a value"
+msgstr ""
+
+#: plugins/sudoers/env.c:295 plugins/sudoers/env.c:302
+#: plugins/sudoers/env.c:404 plugins/sudoers/ldap.c:450
+#: plugins/sudoers/ldap.c:540 plugins/sudoers/ldap.c:1143
+#: plugins/sudoers/ldap.c:1345 plugins/sudoers/ldap.c:1517
+#: plugins/sudoers/ldap.c:1673 plugins/sudoers/linux_audit.c:82
+#: plugins/sudoers/logging.c:921 plugins/sudoers/policy.c:494
+#: plugins/sudoers/policy.c:503 plugins/sudoers/prompt.c:161
+#: plugins/sudoers/sudoers.c:815 plugins/sudoers/testsudoers.c:235
+#: plugins/sudoers/toke_util.c:160
+#, c-format
+msgid "internal error, %s overflow"
+msgstr ""
+
+#: plugins/sudoers/env.c:376
+msgid "sudo_putenv: corrupted envp, length mismatch"
+msgstr ""
+
+#: plugins/sudoers/env.c:1047
+msgid "unable to rebuild the environment"
+msgstr "не удаётся перестроить среду"
+
+#: plugins/sudoers/env.c:1121
+#, c-format
+msgid "sorry, you are not allowed to set the following environment variables: %s"
+msgstr ""
+
+#: plugins/sudoers/group_plugin.c:85
+#, c-format
+msgid "%s must be owned by uid %d"
+msgstr ""
+
+#: plugins/sudoers/group_plugin.c:89
+#, c-format
+msgid "%s must only be writable by owner"
+msgstr ""
+
+#: plugins/sudoers/group_plugin.c:96 plugins/sudoers/sssd.c:331
+#, c-format
+msgid "unable to load %s: %s"
+msgstr ""
+
+#: plugins/sudoers/group_plugin.c:101
+#, c-format
+msgid "unable to find symbol \"group_plugin\" in %s"
+msgstr ""
+
+#: plugins/sudoers/group_plugin.c:106
+#, c-format
+msgid "%s: incompatible group plugin major version %d, expected %d"
+msgstr ""
+
+#: plugins/sudoers/interfaces.c:110
+msgid "Local IP address and netmask pairs:\n"
+msgstr ""
+
+#: plugins/sudoers/iolog.c:92 plugins/sudoers/iolog.c:110
+#: plugins/sudoers/timestamp.c:218
+#, c-format
+msgid "%s exists but is not a directory (0%o)"
+msgstr ""
+
+#: plugins/sudoers/iolog.c:103 plugins/sudoers/iolog.c:124
+#: plugins/sudoers/iolog.c:131 plugins/sudoers/timestamp.c:212
+#: plugins/sudoers/timestamp.c:233
+#, c-format
+msgid "unable to mkdir %s"
+msgstr ""
+
+#: plugins/sudoers/iolog.c:200 plugins/sudoers/sudoers.c:871
+#: plugins/sudoers/sudoreplay.c:302 plugins/sudoers/sudoreplay.c:768
+#: plugins/sudoers/sudoreplay.c:972 plugins/sudoers/timestamp.c:370
+#: plugins/sudoers/visudo.c:895 plugins/sudoers/visudo_json.c:1026
+#: plugins/sudoers/visudo_json.c:1039
+#, c-format
+msgid "unable to open %s"
+msgstr ""
+
+#: plugins/sudoers/iolog.c:241 plugins/sudoers/sudoers.c:875
+#: plugins/sudoers/sudoreplay.c:1083
+#, c-format
+msgid "unable to read %s"
+msgstr ""
+
+#: plugins/sudoers/iolog.c:273 plugins/sudoers/sudoreplay.c:549
+#: plugins/sudoers/timestamp.c:171 plugins/sudoers/timestamp.c:174
+#, c-format
+msgid "unable to write to %s"
+msgstr ""
+
+#: plugins/sudoers/iolog.c:338 plugins/sudoers/iolog.c:536
+#, c-format
+msgid "unable to create %s"
+msgstr ""
+
+#: plugins/sudoers/ldap.c:428
+msgid "sudo_ldap_conf_add_ports: port too large"
+msgstr ""
+
+#: plugins/sudoers/ldap.c:488
+#, c-format
+msgid "unsupported LDAP uri type: %s"
+msgstr ""
+
+#: plugins/sudoers/ldap.c:515
+msgid "unable to mix ldap and ldaps URIs"
+msgstr ""
+
+#: plugins/sudoers/ldap.c:519 plugins/sudoers/ldap.c:555
+msgid "starttls not supported when using ldaps"
+msgstr ""
+
+#: plugins/sudoers/ldap.c:626
+#, c-format
+msgid "unable to initialize SSL cert and key db: %s"
+msgstr ""
+
+#: plugins/sudoers/ldap.c:629
+#, c-format
+msgid "you must set TLS_CERT in %s to use SSL"
+msgstr ""
+
+#: plugins/sudoers/ldap.c:1129
+msgid "unable to get GMT time"
+msgstr ""
+
+#: plugins/sudoers/ldap.c:1135
+msgid "unable to format timestamp"
+msgstr ""
+
+#: plugins/sudoers/ldap.c:1821
+#, c-format
+msgid "%s: %s: %s: %s"
+msgstr ""
+
+#: plugins/sudoers/ldap.c:2360
+#, c-format
+msgid ""
+"\n"
+"LDAP Role: %s\n"
+msgstr ""
+"\n"
+"Роль LDAP: %s\n"
+
+#: plugins/sudoers/ldap.c:2362
+#, c-format
+msgid ""
+"\n"
+"LDAP Role: UNKNOWN\n"
+msgstr ""
+"\n"
+"Роль LDAP: НЕИЗВЕСТНО\n"
+
+#: plugins/sudoers/ldap.c:2409
+#, c-format
+msgid "    Order: %s\n"
+msgstr "    Порядок: %s\n"
+
+#: plugins/sudoers/ldap.c:2417 plugins/sudoers/parse.c:573
+#: plugins/sudoers/sssd.c:1408
+#, c-format
+msgid "    Commands:\n"
+msgstr "    Команды:\n"
+
+#: plugins/sudoers/ldap.c:2980
+#, c-format
+msgid "unable to initialize LDAP: %s"
+msgstr "не удаётся инициализировать LDAP: %s"
+
+#: plugins/sudoers/ldap.c:3016
+msgid "start_tls specified but LDAP libs do not support ldap_start_tls_s() or ldap_start_tls_s_np()"
+msgstr "указано start_tls, но библиотеки LDAP не поддерживают ldap_start_tls_s() или ldap_start_tls_s_np()"
+
+#: plugins/sudoers/ldap.c:3273
+#, c-format
+msgid "invalid sudoOrder attribute: %s"
+msgstr "недопустимый атрибут sudoOrder: %s"
+
+#: plugins/sudoers/linux_audit.c:52
+msgid "unable to open audit system"
+msgstr "не удаётся открыть систему аудита"
+
+#: plugins/sudoers/linux_audit.c:93
+msgid "unable to send audit message"
+msgstr "не удаётся отправить сообщение аудита"
+
+#: plugins/sudoers/logging.c:106
+#, c-format
+msgid "%8s : %s"
+msgstr "%8s : %s"
+
+#: plugins/sudoers/logging.c:134
+#, c-format
+msgid "%8s : (command continued) %s"
+msgstr "%8s : (выполнение команды продолжено) %s"
+
+#: plugins/sudoers/logging.c:159
+#, c-format
+msgid "unable to open log file: %s: %s"
+msgstr "не удаётся открыть файл журнала: %s: %s"
+
+#: plugins/sudoers/logging.c:162
+#, c-format
+msgid "unable to lock log file: %s: %s"
+msgstr "не удаётся заблокировать файл журнала: %s: %s"
+
+#: plugins/sudoers/logging.c:211
+msgid "No user or host"
+msgstr ""
+
+#: plugins/sudoers/logging.c:213
+msgid "validation failure"
+msgstr ""
+
+#: plugins/sudoers/logging.c:220
+msgid "user NOT in sudoers"
+msgstr ""
+
+#: plugins/sudoers/logging.c:222
+msgid "user NOT authorized on host"
+msgstr ""
+
+#: plugins/sudoers/logging.c:224
+msgid "command not allowed"
+msgstr ""
+
+#: plugins/sudoers/logging.c:259
+#, c-format
+msgid "%s is not in the sudoers file.  This incident will be reported.\n"
+msgstr ""
+
+#: plugins/sudoers/logging.c:262
+#, c-format
+msgid "%s is not allowed to run sudo on %s.  This incident will be reported.\n"
+msgstr ""
+
+#: plugins/sudoers/logging.c:266
+#, c-format
+msgid "Sorry, user %s may not run sudo on %s.\n"
+msgstr ""
+
+#: plugins/sudoers/logging.c:269
+#, c-format
+msgid "Sorry, user %s is not allowed to execute '%s%s%s' as %s%s%s on %s.\n"
+msgstr ""
+
+#: plugins/sudoers/logging.c:306 plugins/sudoers/sudoers.c:471
+#: plugins/sudoers/sudoers.c:473 plugins/sudoers/sudoers.c:475
+#: plugins/sudoers/sudoers.c:477 plugins/sudoers/sudoers.c:1220
+#: plugins/sudoers/sudoers.c:1222
+#, c-format
+msgid "%s: command not found"
+msgstr ""
+
+#: plugins/sudoers/logging.c:308 plugins/sudoers/sudoers.c:467
+#, c-format
+msgid ""
+"ignoring `%s' found in '.'\n"
+"Use `sudo ./%s' if this is the `%s' you wish to run."
+msgstr ""
+
+#: plugins/sudoers/logging.c:325
+msgid "authentication failure"
+msgstr ""
+
+#: plugins/sudoers/logging.c:351
+msgid "a password is required"
+msgstr ""
+
+#: plugins/sudoers/logging.c:422 plugins/sudoers/logging.c:484
+#, c-format
+msgid "%u incorrect password attempt"
+msgid_plural "%u incorrect password attempts"
+msgstr[0] ""
+msgstr[1] ""
+msgstr[2] ""
+
+#: plugins/sudoers/logging.c:572
+msgid "unable to fork"
+msgstr ""
+
+#: plugins/sudoers/logging.c:580 plugins/sudoers/logging.c:636
+#, c-format
+msgid "unable to fork: %m"
+msgstr ""
+
+#: plugins/sudoers/logging.c:626
+#, c-format
+msgid "unable to open pipe: %m"
+msgstr ""
+
+#: plugins/sudoers/logging.c:651
+#, c-format
+msgid "unable to dup stdin: %m"
+msgstr ""
+
+#: plugins/sudoers/logging.c:689
+#, c-format
+msgid "unable to execute %s: %m"
+msgstr ""
+
+#: plugins/sudoers/match.c:606
+#, c-format
+msgid "unsupported digest type %d for %s"
+msgstr ""
+
+#: plugins/sudoers/match.c:635
+#, c-format
+msgid "%s: read error"
+msgstr ""
+
+#: plugins/sudoers/match.c:649
+#, c-format
+msgid "digest for %s (%s) is not in %s form"
+msgstr ""
+
+#: plugins/sudoers/parse.c:114
+#, c-format
+msgid "parse error in %s near line %d"
+msgstr ""
+
+#: plugins/sudoers/parse.c:117
+#, c-format
+msgid "parse error in %s"
+msgstr ""
+
+#: plugins/sudoers/parse.c:520
+#, c-format
+msgid ""
+"\n"
+"Sudoers entry:\n"
+msgstr ""
+
+#: plugins/sudoers/parse.c:521
+#, c-format
+msgid "    RunAsUsers: "
+msgstr ""
+
+#: plugins/sudoers/parse.c:535
+#, c-format
+msgid "    RunAsGroups: "
+msgstr ""
+
+#: plugins/sudoers/parse.c:544
+#, c-format
+msgid "    Options: "
+msgstr ""
+
+#: plugins/sudoers/policy.c:240 plugins/sudoers/testsudoers.c:252
+msgid "unable to parse network address list"
+msgstr ""
+
+#: plugins/sudoers/policy.c:632 plugins/sudoers/visudo.c:836
+#, c-format
+msgid "unable to execute %s"
+msgstr ""
+
+#: plugins/sudoers/policy.c:765
+#, c-format
+msgid "Sudoers policy plugin version %s\n"
+msgstr ""
+
+#: plugins/sudoers/policy.c:767
+#, c-format
+msgid "Sudoers file grammar version %d\n"
+msgstr ""
+
+#: plugins/sudoers/policy.c:771
+#, c-format
+msgid ""
+"\n"
+"Sudoers path: %s\n"
+msgstr ""
+
+#: plugins/sudoers/policy.c:774
+#, c-format
+msgid "nsswitch path: %s\n"
+msgstr ""
+
+#: plugins/sudoers/policy.c:776
+#, c-format
+msgid "ldap.conf path: %s\n"
+msgstr ""
+
+#: plugins/sudoers/policy.c:777
+#, c-format
+msgid "ldap.secret path: %s\n"
+msgstr ""
+
+#: plugins/sudoers/policy.c:810
+#, c-format
+msgid "unable to register hook of type %d (version %d.%d)"
+msgstr ""
+
+#: plugins/sudoers/pwutil.c:136 plugins/sudoers/pwutil.c:153
+#, c-format
+msgid "unable to cache uid %u, out of memory"
+msgstr ""
+
+#: plugins/sudoers/pwutil.c:147
+#, c-format
+msgid "unable to cache uid %u, already exists"
+msgstr ""
+
+#: plugins/sudoers/pwutil.c:191 plugins/sudoers/pwutil.c:207
+#: plugins/sudoers/pwutil.c:250 plugins/sudoers/pwutil.c:294
+#, c-format
+msgid "unable to cache user %s, out of memory"
+msgstr ""
+
+#: plugins/sudoers/pwutil.c:202
+#, c-format
+msgid "unable to cache user %s, already exists"
+msgstr ""
+
+#: plugins/sudoers/pwutil.c:427 plugins/sudoers/pwutil.c:444
+#, c-format
+msgid "unable to cache gid %u, out of memory"
+msgstr ""
+
+#: plugins/sudoers/pwutil.c:438
+#, c-format
+msgid "unable to cache gid %u, already exists"
+msgstr ""
+
+#: plugins/sudoers/pwutil.c:476 plugins/sudoers/pwutil.c:492
+#: plugins/sudoers/pwutil.c:524 plugins/sudoers/pwutil.c:565
+#, c-format
+msgid "unable to cache group %s, out of memory"
+msgstr ""
+
+#: plugins/sudoers/pwutil.c:487
+#, c-format
+msgid "unable to cache group %s, already exists"
+msgstr ""
+
+#: plugins/sudoers/pwutil.c:676 plugins/sudoers/pwutil.c:710
+#, c-format
+msgid "unable to cache group list for %s, already exists"
+msgstr ""
+
+#: plugins/sudoers/pwutil.c:682 plugins/sudoers/pwutil.c:715
+#, c-format
+msgid "unable to cache group list for %s, out of memory"
+msgstr ""
+
+#: plugins/sudoers/pwutil.c:705
+#, c-format
+msgid "unable to parse groups for %s"
+msgstr ""
+
+#: plugins/sudoers/set_perms.c:113 plugins/sudoers/set_perms.c:438
+#: plugins/sudoers/set_perms.c:841 plugins/sudoers/set_perms.c:1138
+#: plugins/sudoers/set_perms.c:1430
+msgid "perm stack overflow"
+msgstr ""
+
+#: plugins/sudoers/set_perms.c:121 plugins/sudoers/set_perms.c:369
+#: plugins/sudoers/set_perms.c:446 plugins/sudoers/set_perms.c:708
+#: plugins/sudoers/set_perms.c:849 plugins/sudoers/set_perms.c:1067
+#: plugins/sudoers/set_perms.c:1146 plugins/sudoers/set_perms.c:1363
+#: plugins/sudoers/set_perms.c:1438 plugins/sudoers/set_perms.c:1527
+msgid "perm stack underflow"
+msgstr ""
+
+#: plugins/sudoers/set_perms.c:180 plugins/sudoers/set_perms.c:493
+#: plugins/sudoers/set_perms.c:1197 plugins/sudoers/set_perms.c:1470
+msgid "unable to change to root gid"
+msgstr ""
+
+#: plugins/sudoers/set_perms.c:269 plugins/sudoers/set_perms.c:590
+#: plugins/sudoers/set_perms.c:978 plugins/sudoers/set_perms.c:1274
+msgid "unable to change to runas gid"
+msgstr ""
+
+#: plugins/sudoers/set_perms.c:274 plugins/sudoers/set_perms.c:595
+#: plugins/sudoers/set_perms.c:983 plugins/sudoers/set_perms.c:1279
+msgid "unable to set runas group vector"
+msgstr ""
+
+#: plugins/sudoers/set_perms.c:285 plugins/sudoers/set_perms.c:606
+#: plugins/sudoers/set_perms.c:992 plugins/sudoers/set_perms.c:1288
+msgid "unable to change to runas uid"
+msgstr ""
+
+#: plugins/sudoers/set_perms.c:303 plugins/sudoers/set_perms.c:624
+#: plugins/sudoers/set_perms.c:1008 plugins/sudoers/set_perms.c:1304
+msgid "unable to change to sudoers gid"
+msgstr ""
+
+#: plugins/sudoers/set_perms.c:356 plugins/sudoers/set_perms.c:695
+#: plugins/sudoers/set_perms.c:1054 plugins/sudoers/set_perms.c:1350
+#: plugins/sudoers/set_perms.c:1514
+msgid "too many processes"
+msgstr ""
+
+#: plugins/sudoers/solaris_audit.c:51
+msgid "unable to get current working directory"
+msgstr ""
+
+#: plugins/sudoers/solaris_audit.c:59
+#, c-format
+msgid "truncated audit path user_cmnd: %s"
+msgstr ""
+
+#: plugins/sudoers/solaris_audit.c:66
+#, c-format
+msgid "truncated audit path argv[0]: %s"
+msgstr ""
+
+#: plugins/sudoers/solaris_audit.c:115
+msgid "audit_failure message too long"
+msgstr ""
+
+#: plugins/sudoers/sssd.c:332
+msgid "unable to initialize SSS source. Is SSSD installed on your machine?"
+msgstr ""
+
+#: plugins/sudoers/sssd.c:340 plugins/sudoers/sssd.c:349
+#: plugins/sudoers/sssd.c:358 plugins/sudoers/sssd.c:367
+#: plugins/sudoers/sssd.c:376
+#, c-format
+msgid "unable to find symbol \"%s\" in %s"
+msgstr ""
+
+#: plugins/sudoers/sudo_nss.c:290
+#, c-format
+msgid "Matching Defaults entries for %s on %s:\n"
+msgstr ""
+
+#: plugins/sudoers/sudo_nss.c:308
+#, c-format
+msgid "Runas and Command-specific defaults for %s:\n"
+msgstr ""
+
+#: plugins/sudoers/sudo_nss.c:326
+#, c-format
+msgid "User %s may run the following commands on %s:\n"
+msgstr ""
+
+#: plugins/sudoers/sudo_nss.c:339
+#, c-format
+msgid "User %s is not allowed to run sudo on %s.\n"
+msgstr ""
+
+#: plugins/sudoers/sudoers.c:172 plugins/sudoers/testsudoers.c:244
+#: plugins/sudoers/visudo.c:225 plugins/sudoers/visudo.c:562
+msgid "unable to initialize sudoers default values"
+msgstr "не удаётся инициализировать значения по умолчанию для sudoers"
+
+#: plugins/sudoers/sudoers.c:197 plugins/sudoers/sudoers.c:239
+#: plugins/sudoers/sudoers.c:833
+msgid "problem with defaults entries"
+msgstr ""
+
+#: plugins/sudoers/sudoers.c:205
+msgid "no valid sudoers sources found, quitting"
+msgstr ""
+
+#: plugins/sudoers/sudoers.c:275
+msgid "sudoers specifies that root is not allowed to sudo"
+msgstr ""
+
+#: plugins/sudoers/sudoers.c:332
+msgid "you are not permitted to use the -C option"
+msgstr ""
+
+#: plugins/sudoers/sudoers.c:396
+#, c-format
+msgid "timestamp owner (%s): No such user"
+msgstr ""
+
+#: plugins/sudoers/sudoers.c:410
+msgid "no tty"
+msgstr ""
+
+#: plugins/sudoers/sudoers.c:411
+msgid "sorry, you must have a tty to run sudo"
+msgstr ""
+
+#: plugins/sudoers/sudoers.c:466
+msgid "command in current directory"
+msgstr ""
+
+#: plugins/sudoers/sudoers.c:486
+msgid "sorry, you are not allowed to preserve the environment"
+msgstr ""
+
+#: plugins/sudoers/sudoers.c:778
+msgid "command too long"
+msgstr ""
+
+#: plugins/sudoers/sudoers.c:886 plugins/sudoers/visudo.c:428
+#: plugins/sudoers/visudo.c:662
+#, c-format
+msgid "unable to stat %s"
+msgstr ""
+
+#: plugins/sudoers/sudoers.c:890
+#, c-format
+msgid "%s is not a regular file"
+msgstr ""
+
+#: plugins/sudoers/sudoers.c:894 plugins/sudoers/timestamp.c:274 toke.l:933
+#, c-format
+msgid "%s is owned by uid %u, should be %u"
+msgstr ""
+
+#: plugins/sudoers/sudoers.c:898 toke.l:940
+#, c-format
+msgid "%s is world writable"
+msgstr ""
+
+#: plugins/sudoers/sudoers.c:902 toke.l:945
+#, c-format
+msgid "%s is owned by gid %u, should be %u"
+msgstr ""
+
+#: plugins/sudoers/sudoers.c:933
+#, c-format
+msgid "only root can use `-c %s'"
+msgstr ""
+
+#: plugins/sudoers/sudoers.c:952
+#, c-format
+msgid "unknown login class: %s"
+msgstr ""
+
+#: plugins/sudoers/sudoers.c:1031 plugins/sudoers/sudoers.c:1059
+#, c-format
+msgid "unable to resolve host %s"
+msgstr ""
+
+#: plugins/sudoers/sudoers.c:1126 plugins/sudoers/testsudoers.c:384
+#, c-format
+msgid "unknown group: %s"
+msgstr ""
+
+#: plugins/sudoers/sudoreplay.c:234
+#, c-format
+msgid "invalid filter option: %s"
+msgstr ""
+
+#: plugins/sudoers/sudoreplay.c:247
+#, c-format
+msgid "invalid max wait: %s"
+msgstr ""
+
+#: plugins/sudoers/sudoreplay.c:253
+#, c-format
+msgid "invalid speed factor: %s"
+msgstr ""
+
+#: plugins/sudoers/sudoreplay.c:256 plugins/sudoers/visudo.c:182
+#, c-format
+msgid "%s version %s\n"
+msgstr ""
+
+#: plugins/sudoers/sudoreplay.c:288
+#, c-format
+msgid "%s/%.2s/%.2s/%.2s/timing: %s"
+msgstr ""
+
+#: plugins/sudoers/sudoreplay.c:294
+#, c-format
+msgid "%s/%s/timing: %s"
+msgstr ""
+
+#: plugins/sudoers/sudoreplay.c:310
+#, c-format
+msgid "Replaying sudo session: %s\n"
+msgstr ""
+
+#: plugins/sudoers/sudoreplay.c:316
+#, c-format
+msgid "Warning: your terminal is too small to properly replay the log.\n"
+msgstr ""
+
+#: plugins/sudoers/sudoreplay.c:317
+#, c-format
+msgid "Log geometry is %d x %d, your terminal's geometry is %d x %d."
+msgstr ""
+
+#: plugins/sudoers/sudoreplay.c:369
+msgid "unable to set tty to raw mode"
+msgstr ""
+
+#: plugins/sudoers/sudoreplay.c:400
+#, c-format
+msgid "invalid timing file line: %s"
+msgstr ""
+
+#: plugins/sudoers/sudoreplay.c:610 plugins/sudoers/sudoreplay.c:635
+#, c-format
+msgid "ambiguous expression \"%s\""
+msgstr ""
+
+#: plugins/sudoers/sudoreplay.c:657
+msgid "unmatched ')' in expression"
+msgstr ""
+
+#: plugins/sudoers/sudoreplay.c:661
+#, c-format
+msgid "unknown search term \"%s\""
+msgstr ""
+
+#: plugins/sudoers/sudoreplay.c:676
+#, c-format
+msgid "%s requires an argument"
+msgstr ""
+
+#: plugins/sudoers/sudoreplay.c:679 plugins/sudoers/sudoreplay.c:1059
+#, c-format
+msgid "invalid regular expression: %s"
+msgstr ""
+
+#: plugins/sudoers/sudoreplay.c:683
+#, c-format
+msgid "could not parse date \"%s\""
+msgstr ""
+
+#: plugins/sudoers/sudoreplay.c:692
+msgid "unmatched '(' in expression"
+msgstr ""
+
+#: plugins/sudoers/sudoreplay.c:694
+msgid "illegal trailing \"or\""
+msgstr ""
+
+#: plugins/sudoers/sudoreplay.c:696
+msgid "illegal trailing \"!\""
+msgstr ""
+
+#: plugins/sudoers/sudoreplay.c:745
+#, c-format
+msgid "unknown search type %d"
+msgstr ""
+
+#: plugins/sudoers/sudoreplay.c:783
+#, c-format
+msgid "%s: invalid log file"
+msgstr ""
+
+#: plugins/sudoers/sudoreplay.c:801
+#, c-format
+msgid "%s: time stamp field is missing"
+msgstr ""
+
+#: plugins/sudoers/sudoreplay.c:808
+#, c-format
+msgid "%s: time stamp %s: %s"
+msgstr ""
+
+#: plugins/sudoers/sudoreplay.c:815
+#, c-format
+msgid "%s: user field is missing"
+msgstr ""
+
+#: plugins/sudoers/sudoreplay.c:824
+#, c-format
+msgid "%s: runas user field is missing"
+msgstr ""
+
+#: plugins/sudoers/sudoreplay.c:833
+#, c-format
+msgid "%s: runas group field is missing"
+msgstr ""
+
+#: plugins/sudoers/sudoreplay.c:1196
+#, c-format
+msgid "usage: %s [-h] [-d dir] [-m num] [-s num] ID\n"
+msgstr ""
+
+#: plugins/sudoers/sudoreplay.c:1199
+#, c-format
+msgid "usage: %s [-h] [-d dir] -l [search expression]\n"
+msgstr ""
+
+#: plugins/sudoers/sudoreplay.c:1208
+#, c-format
+msgid ""
+"%s - replay sudo session logs\n"
+"\n"
+msgstr ""
+
+#: plugins/sudoers/sudoreplay.c:1210
+msgid ""
+"\n"
+"Options:\n"
+"  -d, --directory=dir  specify directory for session logs\n"
+"  -f, --filter=filter  specify which I/O type(s) to display\n"
+"  -h, --help           display help message and exit\n"
+"  -l, --list           list available session IDs, with optional expression\n"
+"  -m, --max-wait=num   max number of seconds to wait between events\n"
+"  -s, --speed=num      speed up or slow down output\n"
+"  -V, --version        display version information and exit"
+msgstr ""
+
+#: plugins/sudoers/testsudoers.c:323
+msgid "\thost  unmatched"
+msgstr ""
+
+#: plugins/sudoers/testsudoers.c:326
+msgid ""
+"\n"
+"Command allowed"
+msgstr ""
+
+#: plugins/sudoers/testsudoers.c:327
+msgid ""
+"\n"
+"Command denied"
+msgstr ""
+
+#: plugins/sudoers/testsudoers.c:327
+msgid ""
+"\n"
+"Command unmatched"
+msgstr ""
+
+#: plugins/sudoers/timestamp.c:182
+#, c-format
+msgid "unable to truncate time stamp file to %lld bytes"
+msgstr ""
+
+#: plugins/sudoers/timestamp.c:282
+#, c-format
+msgid "%s is group writable"
+msgstr ""
+
+#: plugins/sudoers/timestamp.c:303
+#, c-format
+msgid "timestamp path too long: %s/%s"
+msgstr ""
+
+#: plugins/sudoers/timestamp.c:362 plugins/sudoers/timestamp.c:446
+#: plugins/sudoers/visudo.c:483 plugins/sudoers/visudo.c:489
+msgid "unable to read the clock"
+msgstr "не удаётся прочитать часы"
+
+#: plugins/sudoers/timestamp.c:516
+msgid "ignoring time stamp from the future"
+msgstr ""
+
+#: plugins/sudoers/timestamp.c:528
+#, c-format
+msgid "time stamp too far in the future: %20.20s"
+msgstr ""
+
+#: plugins/sudoers/timestamp.c:638 plugins/sudoers/timestamp.c:658
+#, c-format
+msgid "lecture status path too long: %s/%s"
+msgstr ""
+
+#: plugins/sudoers/visudo.c:184
+#, c-format
+msgid "%s grammar version %d\n"
+msgstr ""
+
+#: plugins/sudoers/visudo.c:256 plugins/sudoers/visudo.c:614
+#, c-format
+msgid "press return to edit %s: "
+msgstr ""
+
+#: plugins/sudoers/visudo.c:321
+#, c-format
+msgid "specified editor (%s) doesn't exist"
+msgstr ""
+
+#: plugins/sudoers/visudo.c:337
+#, c-format
+msgid "no editor found (editor path = %s)"
+msgstr ""
+
+#: plugins/sudoers/visudo.c:445 plugins/sudoers/visudo.c:451
+msgid "write error"
+msgstr ""
+
+#: plugins/sudoers/visudo.c:496
+#, c-format
+msgid "unable to stat temporary file (%s), %s unchanged"
+msgstr ""
+
+#: plugins/sudoers/visudo.c:503
+#, c-format
+msgid "zero length temporary file (%s), %s unchanged"
+msgstr ""
+
+#: plugins/sudoers/visudo.c:509
+#, c-format
+msgid "editor (%s) failed, %s unchanged"
+msgstr ""
+
+#: plugins/sudoers/visudo.c:531
+#, c-format
+msgid "%s unchanged"
+msgstr ""
+
+#: plugins/sudoers/visudo.c:557
+#, c-format
+msgid "unable to re-open temporary file (%s), %s unchanged."
+msgstr ""
+
+#: plugins/sudoers/visudo.c:568
+#, c-format
+msgid "unabled to parse temporary file (%s), unknown error"
+msgstr ""
+
+#: plugins/sudoers/visudo.c:605
+#, c-format
+msgid "internal error, unable to find %s in list!"
+msgstr ""
+
+#: plugins/sudoers/visudo.c:664 plugins/sudoers/visudo.c:673
+#, c-format
+msgid "unable to set (uid, gid) of %s to (%u, %u)"
+msgstr ""
+
+#: plugins/sudoers/visudo.c:668 plugins/sudoers/visudo.c:678
+#, c-format
+msgid "unable to change mode of %s to 0%o"
+msgstr ""
+
+#: plugins/sudoers/visudo.c:695
+#, c-format
+msgid "%s and %s not on the same file system, using mv to rename"
+msgstr ""
+
+#: plugins/sudoers/visudo.c:709
+#, c-format
+msgid "command failed: '%s %s %s', %s unchanged"
+msgstr ""
+
+#: plugins/sudoers/visudo.c:719
+#, c-format
+msgid "error renaming %s, %s unchanged"
+msgstr ""
+
+#: plugins/sudoers/visudo.c:781
+msgid "What now? "
+msgstr ""
+
+#: plugins/sudoers/visudo.c:795
+msgid ""
+"Options are:\n"
+"  (e)dit sudoers file again\n"
+"  e(x)it without saving changes to sudoers file\n"
+"  (Q)uit and save changes to sudoers file (DANGER!)\n"
+msgstr ""
+
+#: plugins/sudoers/visudo.c:843
+#, c-format
+msgid "unable to run %s"
+msgstr ""
+
+#: plugins/sudoers/visudo.c:869
+#, c-format
+msgid "%s: wrong owner (uid, gid) should be (%u, %u)\n"
+msgstr ""
+
+#: plugins/sudoers/visudo.c:876
+#, c-format
+msgid "%s: bad permissions, should be mode 0%o\n"
+msgstr ""
+
+#: plugins/sudoers/visudo.c:901 plugins/sudoers/visudo_json.c:1046
+#, c-format
+msgid "failed to parse %s file, unknown error"
+msgstr ""
+
+#: plugins/sudoers/visudo.c:917 plugins/sudoers/visudo_json.c:1055
+#, c-format
+msgid "parse error in %s near line %d\n"
+msgstr ""
+
+#: plugins/sudoers/visudo.c:920 plugins/sudoers/visudo_json.c:1058
+#, c-format
+msgid "parse error in %s\n"
+msgstr ""
+
+#: plugins/sudoers/visudo.c:928 plugins/sudoers/visudo.c:935
+#, c-format
+msgid "%s: parsed OK\n"
+msgstr ""
+
+#: plugins/sudoers/visudo.c:982
+#, c-format
+msgid "%s busy, try again later"
+msgstr ""
+
+#: plugins/sudoers/visudo.c:1078
+#, c-format
+msgid "Error: cycle in %s `%s'"
+msgstr ""
+
+#: plugins/sudoers/visudo.c:1079
+#, c-format
+msgid "Warning: cycle in %s `%s'"
+msgstr ""
+
+#: plugins/sudoers/visudo.c:1083
+#, c-format
+msgid "Error: %s `%s' referenced but not defined"
+msgstr ""
+
+#: plugins/sudoers/visudo.c:1084
+#, c-format
+msgid "Warning: %s `%s' referenced but not defined"
+msgstr ""
+
+#: plugins/sudoers/visudo.c:1227
+#, c-format
+msgid "Warning: unused %s `%s'"
+msgstr ""
+
+#: plugins/sudoers/visudo.c:1340
+#, c-format
+msgid ""
+"%s - safely edit the sudoers file\n"
+"\n"
+msgstr ""
+
+#: plugins/sudoers/visudo.c:1342
+msgid ""
+"\n"
+"Options:\n"
+"  -c, --check              check-only mode\n"
+"  -f, --file=sudoers       specify sudoers file location\n"
+"  -h, --help               display help message and exit\n"
+"  -q, --quiet              less verbose (quiet) syntax error messages\n"
+"  -s, --strict             strict syntax checking\n"
+"  -V, --version            display version information and exit\n"
+"  -x, --export=output_file write sudoers in JSON format to output_file"
+msgstr ""
+
+#: plugins/sudoers/visudo_json.c:1032
+#, c-format
+msgid "%s: input and output files must be different"
+msgstr ""
+
+#: toke.l:904
+msgid "too many levels of includes"
+msgstr "слишком много уровней включения"
diff --git a/plugins/sudoers/po/sk.mo b/plugins/sudoers/po/sk.mo
new file mode 100644
index 0000000..069bd12
--- /dev/null
+++ b/plugins/sudoers/po/sk.mo
diff --git a/plugins/sudoers/po/sk.po b/plugins/sudoers/po/sk.po
new file mode 100644
index 0000000..396072f
--- /dev/null
+++ b/plugins/sudoers/po/sk.po
@@ -0,0 +1,1892 @@
+# Portable object template file for the sudoers plugin
+# This file is put in the public domain.
+# Todd C. Miller <Todd.Miller@courtesan.com>, 2011-2015
+# Dušan Kazik <prescott66@gmail.com>, 2015
+#
+msgid ""
+msgstr ""
+"Project-Id-Version: sudoers 1.8.15b1\n"
+"Report-Msgid-Bugs-To: http://www.sudo.ws/bugs\n"
+"POT-Creation-Date: 2015-09-10 14:28-0600\n"
+"PO-Revision-Date: 2015-10-05 13:26+0200\n"
+"Last-Translator: Dušan Kazik <prescott66@gmail.com>\n"
+"Language-Team: Slovak <sk-i18n@lists.linux.sk>\n"
+"Language: sk\n"
+"X-Bugs: Report translation errors to the Language-Team address.\n"
+"MIME-Version: 1.0\n"
+"Content-Type: text/plain; charset=UTF-8\n"
+"Content-Transfer-Encoding: 8bit\n"
+"Plural-Forms: nplurals=3; plural=(n==1) ? 0 : (n>=2 && n<=4) ? 1 : 2;\n"
+"X-Generator: Poedit 1.8.5\n"
+"X-Poedit-Basepath: .\n"
+"X-Poedit-SearchPath-0: .\n"
+
+#: confstr.sh:1
+msgid "syntax error"
+msgstr "chyba syntaxe"
+
+#: confstr.sh:2
+msgid "%p's password: "
+msgstr "Heslo používateľa %p: "
+
+#: confstr.sh:3
+msgid "[sudo] password for %p: "
+msgstr "[sudo] heslo pre používateľa %p: "
+
+#: confstr.sh:4
+msgid "Password: "
+msgstr "Heslo: "
+
+#: confstr.sh:5
+msgid "*** SECURITY information for %h ***"
+msgstr "*** BEZPEČNOSTNÉ informácie pre %h ***"
+
+#: confstr.sh:6
+msgid "Sorry, try again."
+msgstr "Prepáčte, skúste to znovu."
+
+#: gram.y:183 gram.y:201 gram.y:207 gram.y:213 gram.y:219 gram.y:225
+#: gram.y:241 gram.y:248 gram.y:255 gram.y:262 gram.y:269 gram.y:285
+#: gram.y:308 gram.y:315 gram.y:322 gram.y:329 gram.y:336 gram.y:391
+#: gram.y:399 gram.y:409 gram.y:439 gram.y:446 gram.y:453 gram.y:460
+#: gram.y:572 gram.y:579 gram.y:588 gram.y:597 gram.y:614 gram.y:670
+#: gram.y:677 gram.y:684 gram.y:692 gram.y:784 gram.y:791 gram.y:798
+#: gram.y:805 gram.y:812 gram.y:838 gram.y:845 gram.y:852 gram.y:1136
+#: gram.y:1143 plugins/sudoers/alias.c:123 plugins/sudoers/alias.c:136
+#: plugins/sudoers/auth/bsdauth.c:141 plugins/sudoers/auth/kerb5.c:119
+#: plugins/sudoers/auth/kerb5.c:145 plugins/sudoers/auth/pam.c:397
+#: plugins/sudoers/auth/pam.c:445 plugins/sudoers/auth/rfc1938.c:109
+#: plugins/sudoers/auth/sia.c:110 plugins/sudoers/defaults.c:516
+#: plugins/sudoers/defaults.c:720 plugins/sudoers/defaults.c:880
+#: plugins/sudoers/editor.c:64 plugins/sudoers/editor.c:82
+#: plugins/sudoers/editor.c:92 plugins/sudoers/env.c:233
+#: plugins/sudoers/group_plugin.c:133 plugins/sudoers/iolog.c:586
+#: plugins/sudoers/iolog.c:618 plugins/sudoers/iolog_path.c:167
+#: plugins/sudoers/ldap.c:446 plugins/sudoers/ldap.c:477
+#: plugins/sudoers/ldap.c:529 plugins/sudoers/ldap.c:562
+#: plugins/sudoers/ldap.c:914 plugins/sudoers/ldap.c:1061
+#: plugins/sudoers/ldap.c:1348 plugins/sudoers/ldap.c:1521
+#: plugins/sudoers/ldap.c:1597 plugins/sudoers/ldap.c:1733
+#: plugins/sudoers/ldap.c:1757 plugins/sudoers/ldap.c:1787
+#: plugins/sudoers/ldap.c:1840 plugins/sudoers/ldap.c:1855
+#: plugins/sudoers/ldap.c:1951 plugins/sudoers/ldap.c:1984
+#: plugins/sudoers/ldap.c:2137 plugins/sudoers/ldap.c:2234
+#: plugins/sudoers/ldap.c:3041 plugins/sudoers/ldap.c:3074
+#: plugins/sudoers/ldap.c:3388 plugins/sudoers/ldap.c:3416
+#: plugins/sudoers/ldap.c:3427 plugins/sudoers/ldap.c:3517
+#: plugins/sudoers/ldap.c:3533 plugins/sudoers/linux_audit.c:76
+#: plugins/sudoers/logging.c:188 plugins/sudoers/logging.c:662
+#: plugins/sudoers/logging.c:916 plugins/sudoers/match.c:501
+#: plugins/sudoers/match.c:537 plugins/sudoers/match.c:699
+#: plugins/sudoers/match.c:756 plugins/sudoers/parse.c:235
+#: plugins/sudoers/parse.c:247 plugins/sudoers/parse.c:262
+#: plugins/sudoers/parse.c:274 plugins/sudoers/policy.c:384
+#: plugins/sudoers/policy.c:579 plugins/sudoers/prompt.c:93
+#: plugins/sudoers/sssd.c:160 plugins/sudoers/sssd.c:192
+#: plugins/sudoers/sssd.c:235 plugins/sudoers/sssd.c:242
+#: plugins/sudoers/sssd.c:278 plugins/sudoers/sssd.c:323
+#: plugins/sudoers/sssd.c:917 plugins/sudoers/sssd.c:1050
+#: plugins/sudoers/sudoers.c:159 plugins/sudoers/sudoers.c:294
+#: plugins/sudoers/sudoers.c:304 plugins/sudoers/sudoers.c:312
+#: plugins/sudoers/sudoers.c:365 plugins/sudoers/sudoers.c:663
+#: plugins/sudoers/sudoers.c:749 plugins/sudoers/sudoers.c:793
+#: plugins/sudoers/sudoers_debug.c:107 plugins/sudoers/sudoreplay.c:472
+#: plugins/sudoers/sudoreplay.c:668 plugins/sudoers/sudoreplay.c:780
+#: plugins/sudoers/sudoreplay.c:820 plugins/sudoers/sudoreplay.c:829
+#: plugins/sudoers/sudoreplay.c:839 plugins/sudoers/sudoreplay.c:847
+#: plugins/sudoers/sudoreplay.c:851 plugins/sudoers/sudoreplay.c:1007
+#: plugins/sudoers/sudoreplay.c:1011 plugins/sudoers/testsudoers.c:130
+#: plugins/sudoers/testsudoers.c:188 plugins/sudoers/testsudoers.c:215
+#: plugins/sudoers/testsudoers.c:232 plugins/sudoers/timestamp.c:390
+#: plugins/sudoers/timestamp.c:426 plugins/sudoers/timestamp.c:838
+#: plugins/sudoers/toke_util.c:56 plugins/sudoers/toke_util.c:109
+#: plugins/sudoers/toke_util.c:147 plugins/sudoers/visudo.c:152
+#: plugins/sudoers/visudo.c:213 plugins/sudoers/visudo.c:297
+#: plugins/sudoers/visudo.c:303 plugins/sudoers/visudo.c:433
+#: plugins/sudoers/visudo.c:974 plugins/sudoers/visudo.c:1018
+#: plugins/sudoers/visudo.c:1114 toke.l:785 toke.l:806 toke.l:816 toke.l:924
+#: toke.l:1082
+msgid "unable to allocate memory"
+msgstr "nie je možné alokovať pamäť"
+
+#: gram.y:471
+msgid "a digest requires a path name"
+msgstr ""
+
+#: gram.y:1136 gram.y:1143 plugins/sudoers/auth/pam.c:397
+#: plugins/sudoers/auth/pam.c:445 plugins/sudoers/auth/rfc1938.c:109
+#: plugins/sudoers/defaults.c:516 plugins/sudoers/defaults.c:720
+#: plugins/sudoers/defaults.c:880 plugins/sudoers/editor.c:64
+#: plugins/sudoers/editor.c:82 plugins/sudoers/editor.c:92
+#: plugins/sudoers/env.c:233 plugins/sudoers/group_plugin.c:133
+#: plugins/sudoers/iolog.c:586 plugins/sudoers/iolog.c:618
+#: plugins/sudoers/iolog_path.c:167 plugins/sudoers/ldap.c:446
+#: plugins/sudoers/ldap.c:477 plugins/sudoers/ldap.c:529
+#: plugins/sudoers/ldap.c:562 plugins/sudoers/ldap.c:914
+#: plugins/sudoers/ldap.c:1061 plugins/sudoers/ldap.c:1348
+#: plugins/sudoers/ldap.c:1521 plugins/sudoers/ldap.c:1597
+#: plugins/sudoers/ldap.c:1733 plugins/sudoers/ldap.c:1757
+#: plugins/sudoers/ldap.c:1787 plugins/sudoers/ldap.c:1840
+#: plugins/sudoers/ldap.c:1855 plugins/sudoers/ldap.c:1951
+#: plugins/sudoers/ldap.c:1984 plugins/sudoers/ldap.c:2137
+#: plugins/sudoers/ldap.c:2234 plugins/sudoers/ldap.c:3041
+#: plugins/sudoers/ldap.c:3074 plugins/sudoers/ldap.c:3388
+#: plugins/sudoers/ldap.c:3416 plugins/sudoers/ldap.c:3427
+#: plugins/sudoers/ldap.c:3517 plugins/sudoers/ldap.c:3533
+#: plugins/sudoers/linux_audit.c:76 plugins/sudoers/logging.c:188
+#: plugins/sudoers/logging.c:916 plugins/sudoers/match.c:501
+#: plugins/sudoers/match.c:537 plugins/sudoers/match.c:699
+#: plugins/sudoers/match.c:756 plugins/sudoers/parse.c:235
+#: plugins/sudoers/parse.c:247 plugins/sudoers/parse.c:262
+#: plugins/sudoers/parse.c:274 plugins/sudoers/policy.c:97
+#: plugins/sudoers/policy.c:106 plugins/sudoers/policy.c:115
+#: plugins/sudoers/policy.c:139 plugins/sudoers/policy.c:250
+#: plugins/sudoers/policy.c:271 plugins/sudoers/policy.c:280
+#: plugins/sudoers/policy.c:319 plugins/sudoers/policy.c:329
+#: plugins/sudoers/policy.c:338 plugins/sudoers/policy.c:384
+#: plugins/sudoers/policy.c:579 plugins/sudoers/prompt.c:93
+#: plugins/sudoers/set_perms.c:356 plugins/sudoers/set_perms.c:695
+#: plugins/sudoers/set_perms.c:1054 plugins/sudoers/set_perms.c:1350
+#: plugins/sudoers/set_perms.c:1514 plugins/sudoers/sssd.c:160
+#: plugins/sudoers/sssd.c:192 plugins/sudoers/sssd.c:235
+#: plugins/sudoers/sssd.c:242 plugins/sudoers/sssd.c:278
+#: plugins/sudoers/sssd.c:323 plugins/sudoers/sssd.c:917
+#: plugins/sudoers/sssd.c:1050 plugins/sudoers/sudoers.c:159
+#: plugins/sudoers/sudoers.c:294 plugins/sudoers/sudoers.c:304
+#: plugins/sudoers/sudoers.c:312 plugins/sudoers/sudoers.c:365
+#: plugins/sudoers/sudoers.c:663 plugins/sudoers/sudoers.c:749
+#: plugins/sudoers/sudoers.c:793 plugins/sudoers/sudoers_debug.c:106
+#: plugins/sudoers/sudoreplay.c:472 plugins/sudoers/sudoreplay.c:668
+#: plugins/sudoers/sudoreplay.c:780 plugins/sudoers/sudoreplay.c:820
+#: plugins/sudoers/sudoreplay.c:829 plugins/sudoers/sudoreplay.c:839
+#: plugins/sudoers/sudoreplay.c:847 plugins/sudoers/sudoreplay.c:851
+#: plugins/sudoers/sudoreplay.c:1007 plugins/sudoers/sudoreplay.c:1011
+#: plugins/sudoers/testsudoers.c:130 plugins/sudoers/testsudoers.c:188
+#: plugins/sudoers/testsudoers.c:215 plugins/sudoers/testsudoers.c:232
+#: plugins/sudoers/timestamp.c:390 plugins/sudoers/timestamp.c:426
+#: plugins/sudoers/timestamp.c:838 plugins/sudoers/toke_util.c:56
+#: plugins/sudoers/toke_util.c:109 plugins/sudoers/toke_util.c:147
+#: plugins/sudoers/visudo.c:152 plugins/sudoers/visudo.c:213
+#: plugins/sudoers/visudo.c:297 plugins/sudoers/visudo.c:303
+#: plugins/sudoers/visudo.c:433 plugins/sudoers/visudo.c:974
+#: plugins/sudoers/visudo.c:1018 plugins/sudoers/visudo.c:1114 toke.l:785
+#: toke.l:806 toke.l:816 toke.l:924 toke.l:1082
+#, c-format
+msgid "%s: %s"
+msgstr "%s: %s"
+
+#: plugins/sudoers/alias.c:132
+#, c-format
+msgid "Alias `%s' already defined"
+msgstr "Alias „%s“ už je definovaný"
+
+#: plugins/sudoers/auth/bsdauth.c:68
+#, c-format
+msgid "unable to get login class for user %s"
+msgstr ""
+
+#: plugins/sudoers/auth/bsdauth.c:73
+msgid "unable to begin bsd authentication"
+msgstr ""
+
+#: plugins/sudoers/auth/bsdauth.c:81
+msgid "invalid authentication type"
+msgstr ""
+
+#: plugins/sudoers/auth/bsdauth.c:90
+msgid "unable to initialize BSD authentication"
+msgstr ""
+
+#: plugins/sudoers/auth/fwtk.c:52
+msgid "unable to read fwtk config"
+msgstr ""
+
+#: plugins/sudoers/auth/fwtk.c:57
+msgid "unable to connect to authentication server"
+msgstr ""
+
+#: plugins/sudoers/auth/fwtk.c:63 plugins/sudoers/auth/fwtk.c:87
+#: plugins/sudoers/auth/fwtk.c:120
+msgid "lost connection to authentication server"
+msgstr ""
+
+#: plugins/sudoers/auth/fwtk.c:67
+#, c-format
+msgid ""
+"authentication server error:\n"
+"%s"
+msgstr ""
+
+#: plugins/sudoers/auth/kerb5.c:111
+#, c-format
+msgid "%s: unable to convert principal to string ('%s'): %s"
+msgstr ""
+
+#: plugins/sudoers/auth/kerb5.c:161
+#, c-format
+msgid "%s: unable to parse '%s': %s"
+msgstr ""
+
+#: plugins/sudoers/auth/kerb5.c:170
+#, c-format
+msgid "%s: unable to resolve credential cache: %s"
+msgstr ""
+
+#: plugins/sudoers/auth/kerb5.c:217
+#, c-format
+msgid "%s: unable to allocate options: %s"
+msgstr ""
+
+#: plugins/sudoers/auth/kerb5.c:232
+#, c-format
+msgid "%s: unable to get credentials: %s"
+msgstr ""
+
+#: plugins/sudoers/auth/kerb5.c:245
+#, c-format
+msgid "%s: unable to initialize credential cache: %s"
+msgstr ""
+
+#: plugins/sudoers/auth/kerb5.c:248
+#, c-format
+msgid "%s: unable to store credential in cache: %s"
+msgstr ""
+
+#: plugins/sudoers/auth/kerb5.c:312
+#, c-format
+msgid "%s: unable to get host principal: %s"
+msgstr ""
+
+#: plugins/sudoers/auth/kerb5.c:326
+#, c-format
+msgid "%s: Cannot verify TGT! Possible attack!: %s"
+msgstr ""
+
+#: plugins/sudoers/auth/pam.c:92
+msgid "unable to initialize PAM"
+msgstr ""
+
+#: plugins/sudoers/auth/pam.c:164
+msgid "account validation failure, is your account locked?"
+msgstr ""
+
+#: plugins/sudoers/auth/pam.c:168
+msgid "Account or password is expired, reset your password and try again"
+msgstr ""
+
+#: plugins/sudoers/auth/pam.c:176
+#, c-format
+msgid "unable to change expired password: %s"
+msgstr ""
+
+#: plugins/sudoers/auth/pam.c:181
+msgid "Password expired, contact your system administrator"
+msgstr ""
+
+#: plugins/sudoers/auth/pam.c:185
+msgid "Account expired or PAM config lacks an \"account\" section for sudo, contact your system administrator"
+msgstr ""
+
+#: plugins/sudoers/auth/pam.c:199
+#, c-format
+msgid "PAM authentication error: %s"
+msgstr ""
+
+#: plugins/sudoers/auth/rfc1938.c:97 plugins/sudoers/visudo.c:218
+#, c-format
+msgid "you do not exist in the %s database"
+msgstr ""
+
+#: plugins/sudoers/auth/securid5.c:73
+msgid "failed to initialise the ACE API library"
+msgstr ""
+
+#: plugins/sudoers/auth/securid5.c:99
+msgid "unable to contact the SecurID server"
+msgstr ""
+
+#: plugins/sudoers/auth/securid5.c:108
+msgid "User ID locked for SecurID Authentication"
+msgstr ""
+
+#: plugins/sudoers/auth/securid5.c:112 plugins/sudoers/auth/securid5.c:163
+msgid "invalid username length for SecurID"
+msgstr ""
+
+#: plugins/sudoers/auth/securid5.c:116 plugins/sudoers/auth/securid5.c:168
+msgid "invalid Authentication Handle for SecurID"
+msgstr ""
+
+#: plugins/sudoers/auth/securid5.c:120
+msgid "SecurID communication failed"
+msgstr ""
+
+#: plugins/sudoers/auth/securid5.c:124 plugins/sudoers/auth/securid5.c:207
+msgid "unknown SecurID error"
+msgstr ""
+
+#: plugins/sudoers/auth/securid5.c:158
+msgid "invalid passcode length for SecurID"
+msgstr ""
+
+#: plugins/sudoers/auth/sia.c:120
+msgid "unable to initialize SIA session"
+msgstr ""
+
+#: plugins/sudoers/auth/sudo_auth.c:126
+msgid "invalid authentication methods"
+msgstr ""
+
+#: plugins/sudoers/auth/sudo_auth.c:128
+msgid "Invalid authentication methods compiled into sudo!  You may not mix standalone and non-standalone authentication."
+msgstr ""
+
+#: plugins/sudoers/auth/sudo_auth.c:225 plugins/sudoers/auth/sudo_auth.c:274
+msgid "no authentication methods"
+msgstr ""
+
+#: plugins/sudoers/auth/sudo_auth.c:227
+msgid "There are no authentication methods compiled into sudo!  If you want to turn off authentication, use the --disable-authentication configure option."
+msgstr ""
+
+#: plugins/sudoers/auth/sudo_auth.c:276
+msgid "Unable to initialize authentication methods."
+msgstr "Nie je možné inicializovať spôsoby overenia totožnosti."
+
+#: plugins/sudoers/auth/sudo_auth.c:435
+msgid "Authentication methods:"
+msgstr "Spôsoby overenia totožnosti:"
+
+#: plugins/sudoers/bsm_audit.c:111 plugins/sudoers/bsm_audit.c:200
+msgid "Could not determine audit condition"
+msgstr ""
+
+#: plugins/sudoers/bsm_audit.c:172 plugins/sudoers/bsm_audit.c:260
+msgid "unable to commit audit record"
+msgstr ""
+
+#: plugins/sudoers/check.c:250
+msgid ""
+"\n"
+"We trust you have received the usual lecture from the local System\n"
+"Administrator. It usually boils down to these three things:\n"
+"\n"
+"    #1) Respect the privacy of others.\n"
+"    #2) Think before you type.\n"
+"    #3) With great power comes great responsibility.\n"
+"\n"
+msgstr ""
+"\n"
+"Veríme, že ste boli poučený miestnym správcom systému.\n"
+"Dodržiavajte tieto tri zásady:\n"
+"\n"
+"    1.) Rešpektujte súkromie iných.\n"
+"    2.) Premýšľajte pred tým, než niečo napíšete.\n"
+"    3.) S veľkou mocou prichádza veľká zodpovednosť.\n"
+"\n"
+
+#: plugins/sudoers/check.c:293 plugins/sudoers/check.c:303
+#: plugins/sudoers/sudoers.c:699 plugins/sudoers/sudoers.c:728
+#, c-format
+msgid "unknown uid: %u"
+msgstr ""
+
+#: plugins/sudoers/check.c:298 plugins/sudoers/policy.c:751
+#: plugins/sudoers/sudoers.c:1095 plugins/sudoers/testsudoers.c:206
+#: plugins/sudoers/testsudoers.c:361
+#, c-format
+msgid "unknown user: %s"
+msgstr "neznámy používateľ: %s"
+
+#: plugins/sudoers/def_data.c:27
+#, c-format
+msgid "Syslog facility if syslog is being used for logging: %s"
+msgstr ""
+
+#: plugins/sudoers/def_data.c:31
+#, c-format
+msgid "Syslog priority to use when user authenticates successfully: %s"
+msgstr ""
+
+#: plugins/sudoers/def_data.c:35
+#, c-format
+msgid "Syslog priority to use when user authenticates unsuccessfully: %s"
+msgstr ""
+
+#: plugins/sudoers/def_data.c:39
+msgid "Put OTP prompt on its own line"
+msgstr ""
+
+#: plugins/sudoers/def_data.c:43
+msgid "Ignore '.' in $PATH"
+msgstr ""
+
+#: plugins/sudoers/def_data.c:47
+msgid "Always send mail when sudo is run"
+msgstr ""
+
+#: plugins/sudoers/def_data.c:51
+msgid "Send mail if user authentication fails"
+msgstr ""
+
+#: plugins/sudoers/def_data.c:55
+msgid "Send mail if the user is not in sudoers"
+msgstr ""
+
+#: plugins/sudoers/def_data.c:59
+msgid "Send mail if the user is not in sudoers for this host"
+msgstr ""
+
+#: plugins/sudoers/def_data.c:63
+msgid "Send mail if the user is not allowed to run a command"
+msgstr ""
+
+#: plugins/sudoers/def_data.c:67
+msgid "Send mail if the user tries to run a command"
+msgstr ""
+
+#: plugins/sudoers/def_data.c:71
+msgid "Use a separate timestamp for each user/tty combo"
+msgstr ""
+
+#: plugins/sudoers/def_data.c:75
+msgid "Lecture user the first time they run sudo"
+msgstr ""
+
+#: plugins/sudoers/def_data.c:79
+#, c-format
+msgid "File containing the sudo lecture: %s"
+msgstr ""
+
+#: plugins/sudoers/def_data.c:83
+msgid "Require users to authenticate by default"
+msgstr ""
+
+#: plugins/sudoers/def_data.c:87
+msgid "Root may run sudo"
+msgstr ""
+
+#: plugins/sudoers/def_data.c:91
+msgid "Log the hostname in the (non-syslog) log file"
+msgstr ""
+
+#: plugins/sudoers/def_data.c:95
+msgid "Log the year in the (non-syslog) log file"
+msgstr ""
+
+#: plugins/sudoers/def_data.c:99
+msgid "If sudo is invoked with no arguments, start a shell"
+msgstr ""
+
+#: plugins/sudoers/def_data.c:103
+msgid "Set $HOME to the target user when starting a shell with -s"
+msgstr ""
+
+#: plugins/sudoers/def_data.c:107
+msgid "Always set $HOME to the target user's home directory"
+msgstr ""
+
+#: plugins/sudoers/def_data.c:111
+msgid "Allow some information gathering to give useful error messages"
+msgstr ""
+
+#: plugins/sudoers/def_data.c:115
+msgid "Require fully-qualified hostnames in the sudoers file"
+msgstr ""
+
+#: plugins/sudoers/def_data.c:119
+msgid "Insult the user when they enter an incorrect password"
+msgstr ""
+
+#: plugins/sudoers/def_data.c:123
+msgid "Only allow the user to run sudo if they have a tty"
+msgstr ""
+
+#: plugins/sudoers/def_data.c:127
+msgid "Visudo will honor the EDITOR environment variable"
+msgstr ""
+
+#: plugins/sudoers/def_data.c:131
+msgid "Prompt for root's password, not the users's"
+msgstr ""
+
+#: plugins/sudoers/def_data.c:135
+msgid "Prompt for the runas_default user's password, not the users's"
+msgstr ""
+
+#: plugins/sudoers/def_data.c:139
+msgid "Prompt for the target user's password, not the users's"
+msgstr ""
+
+#: plugins/sudoers/def_data.c:143
+msgid "Apply defaults in the target user's login class if there is one"
+msgstr ""
+
+#: plugins/sudoers/def_data.c:147
+msgid "Set the LOGNAME and USER environment variables"
+msgstr ""
+
+#: plugins/sudoers/def_data.c:151
+msgid "Only set the effective uid to the target user, not the real uid"
+msgstr ""
+
+#: plugins/sudoers/def_data.c:155
+msgid "Don't initialize the group vector to that of the target user"
+msgstr ""
+
+#: plugins/sudoers/def_data.c:159
+#, c-format
+msgid "Length at which to wrap log file lines (0 for no wrap): %u"
+msgstr ""
+
+#: plugins/sudoers/def_data.c:163
+#, c-format
+msgid "Authentication timestamp timeout: %.1f minutes"
+msgstr ""
+
+#: plugins/sudoers/def_data.c:167
+#, c-format
+msgid "Password prompt timeout: %.1f minutes"
+msgstr ""
+
+#: plugins/sudoers/def_data.c:171
+#, c-format
+msgid "Number of tries to enter a password: %u"
+msgstr ""
+
+#: plugins/sudoers/def_data.c:175
+#, c-format
+msgid "Umask to use or 0777 to use user's: 0%o"
+msgstr ""
+
+#: plugins/sudoers/def_data.c:179
+#, c-format
+msgid "Path to log file: %s"
+msgstr ""
+
+#: plugins/sudoers/def_data.c:183
+#, c-format
+msgid "Path to mail program: %s"
+msgstr ""
+
+#: plugins/sudoers/def_data.c:187
+#, c-format
+msgid "Flags for mail program: %s"
+msgstr ""
+
+#: plugins/sudoers/def_data.c:191
+#, c-format
+msgid "Address to send mail to: %s"
+msgstr ""
+
+#: plugins/sudoers/def_data.c:195
+#, c-format
+msgid "Address to send mail from: %s"
+msgstr ""
+
+#: plugins/sudoers/def_data.c:199
+#, c-format
+msgid "Subject line for mail messages: %s"
+msgstr ""
+
+#: plugins/sudoers/def_data.c:203
+#, c-format
+msgid "Incorrect password message: %s"
+msgstr ""
+
+#: plugins/sudoers/def_data.c:207
+#, c-format
+msgid "Path to lecture status dir: %s"
+msgstr ""
+
+#: plugins/sudoers/def_data.c:211
+#, c-format
+msgid "Path to authentication timestamp dir: %s"
+msgstr ""
+
+#: plugins/sudoers/def_data.c:215
+#, c-format
+msgid "Owner of the authentication timestamp dir: %s"
+msgstr ""
+
+#: plugins/sudoers/def_data.c:219
+#, c-format
+msgid "Users in this group are exempt from password and PATH requirements: %s"
+msgstr ""
+
+#: plugins/sudoers/def_data.c:223
+#, c-format
+msgid "Default password prompt: %s"
+msgstr ""
+
+#: plugins/sudoers/def_data.c:227
+msgid "If set, passprompt will override system prompt in all cases."
+msgstr ""
+
+#: plugins/sudoers/def_data.c:231
+#, c-format
+msgid "Default user to run commands as: %s"
+msgstr ""
+
+#: plugins/sudoers/def_data.c:235
+#, c-format
+msgid "Value to override user's $PATH with: %s"
+msgstr ""
+
+#: plugins/sudoers/def_data.c:239
+#, c-format
+msgid "Path to the editor for use by visudo: %s"
+msgstr ""
+
+#: plugins/sudoers/def_data.c:243
+#, c-format
+msgid "When to require a password for 'list' pseudocommand: %s"
+msgstr ""
+
+#: plugins/sudoers/def_data.c:247
+#, c-format
+msgid "When to require a password for 'verify' pseudocommand: %s"
+msgstr ""
+
+#: plugins/sudoers/def_data.c:251
+msgid "Preload the dummy exec functions contained in the sudo_noexec library"
+msgstr ""
+
+#: plugins/sudoers/def_data.c:255
+msgid "If LDAP directory is up, do we ignore local sudoers file"
+msgstr ""
+
+#: plugins/sudoers/def_data.c:259
+#, c-format
+msgid "File descriptors >= %d will be closed before executing a command"
+msgstr ""
+
+#: plugins/sudoers/def_data.c:263
+msgid "If set, users may override the value of `closefrom' with the -C option"
+msgstr ""
+
+#: plugins/sudoers/def_data.c:267
+msgid "Allow users to set arbitrary environment variables"
+msgstr ""
+
+#: plugins/sudoers/def_data.c:271
+msgid "Reset the environment to a default set of variables"
+msgstr ""
+
+#: plugins/sudoers/def_data.c:275
+msgid "Environment variables to check for sanity:"
+msgstr ""
+
+#: plugins/sudoers/def_data.c:279
+msgid "Environment variables to remove:"
+msgstr ""
+
+#: plugins/sudoers/def_data.c:283
+msgid "Environment variables to preserve:"
+msgstr ""
+
+#: plugins/sudoers/def_data.c:287
+#, c-format
+msgid "SELinux role to use in the new security context: %s"
+msgstr ""
+
+#: plugins/sudoers/def_data.c:291
+#, c-format
+msgid "SELinux type to use in the new security context: %s"
+msgstr ""
+
+#: plugins/sudoers/def_data.c:295
+#, c-format
+msgid "Path to the sudo-specific environment file: %s"
+msgstr ""
+
+#: plugins/sudoers/def_data.c:299
+#, c-format
+msgid "Locale to use while parsing sudoers: %s"
+msgstr ""
+
+#: plugins/sudoers/def_data.c:303
+msgid "Allow sudo to prompt for a password even if it would be visible"
+msgstr ""
+
+#: plugins/sudoers/def_data.c:307
+msgid "Provide visual feedback at the password prompt when there is user input"
+msgstr ""
+
+#: plugins/sudoers/def_data.c:311
+msgid "Use faster globbing that is less accurate but does not access the filesystem"
+msgstr ""
+
+#: plugins/sudoers/def_data.c:315
+msgid "The umask specified in sudoers will override the user's, even if it is more permissive"
+msgstr ""
+
+#: plugins/sudoers/def_data.c:319
+msgid "Log user's input for the command being run"
+msgstr ""
+
+#: plugins/sudoers/def_data.c:323
+msgid "Log the output of the command being run"
+msgstr ""
+
+#: plugins/sudoers/def_data.c:327
+msgid "Compress I/O logs using zlib"
+msgstr ""
+
+#: plugins/sudoers/def_data.c:331
+msgid "Always run commands in a pseudo-tty"
+msgstr ""
+
+#: plugins/sudoers/def_data.c:335
+#, c-format
+msgid "Plugin for non-Unix group support: %s"
+msgstr ""
+
+#: plugins/sudoers/def_data.c:339
+#, c-format
+msgid "Directory in which to store input/output logs: %s"
+msgstr ""
+
+#: plugins/sudoers/def_data.c:343
+#, c-format
+msgid "File in which to store the input/output log: %s"
+msgstr ""
+
+#: plugins/sudoers/def_data.c:347
+msgid "Add an entry to the utmp/utmpx file when allocating a pty"
+msgstr ""
+
+#: plugins/sudoers/def_data.c:351
+msgid "Set the user in utmp to the runas user, not the invoking user"
+msgstr ""
+
+#: plugins/sudoers/def_data.c:355
+msgid "Set of permitted privileges"
+msgstr ""
+
+#: plugins/sudoers/def_data.c:359
+msgid "Set of limit privileges"
+msgstr ""
+
+#: plugins/sudoers/def_data.c:363
+msgid "Run commands on a pty in the background"
+msgstr ""
+
+#: plugins/sudoers/def_data.c:367
+msgid "PAM service name to use"
+msgstr ""
+
+#: plugins/sudoers/def_data.c:371
+msgid "PAM service name to use for login shells"
+msgstr ""
+
+#: plugins/sudoers/def_data.c:375
+msgid "Attempt to establish PAM credentials for the target user"
+msgstr ""
+
+#: plugins/sudoers/def_data.c:379
+msgid "Create a new PAM session for the command to run in"
+msgstr ""
+
+#: plugins/sudoers/def_data.c:383
+#, c-format
+msgid "Maximum I/O log sequence number: %u"
+msgstr ""
+
+#: plugins/sudoers/def_data.c:387
+msgid "Enable sudoers netgroup support"
+msgstr ""
+
+#: plugins/sudoers/def_data.c:391
+msgid "Follow symbolic links when editing files with sudoedit"
+msgstr ""
+
+#: plugins/sudoers/defaults.c:199 plugins/sudoers/defaults.c:608
+#: plugins/sudoers/visudo_json.c:633 plugins/sudoers/visudo_json.c:668
+#, c-format
+msgid "unknown defaults entry `%s'"
+msgstr ""
+
+#: plugins/sudoers/defaults.c:207 plugins/sudoers/defaults.c:217
+#: plugins/sudoers/defaults.c:241 plugins/sudoers/defaults.c:256
+#: plugins/sudoers/defaults.c:269 plugins/sudoers/defaults.c:282
+#: plugins/sudoers/defaults.c:295 plugins/sudoers/defaults.c:315
+#: plugins/sudoers/defaults.c:325
+#, c-format
+msgid "value `%s' is invalid for option `%s'"
+msgstr ""
+
+#: plugins/sudoers/defaults.c:210 plugins/sudoers/defaults.c:220
+#: plugins/sudoers/defaults.c:228 plugins/sudoers/defaults.c:251
+#: plugins/sudoers/defaults.c:264 plugins/sudoers/defaults.c:277
+#: plugins/sudoers/defaults.c:290 plugins/sudoers/defaults.c:310
+#: plugins/sudoers/defaults.c:321
+#, c-format
+msgid "no value specified for `%s'"
+msgstr ""
+
+#: plugins/sudoers/defaults.c:233
+#, c-format
+msgid "values for `%s' must start with a '/'"
+msgstr ""
+
+#: plugins/sudoers/defaults.c:301
+#, c-format
+msgid "option `%s' does not take a value"
+msgstr ""
+
+#: plugins/sudoers/env.c:295 plugins/sudoers/env.c:302
+#: plugins/sudoers/env.c:407 plugins/sudoers/ldap.c:450
+#: plugins/sudoers/ldap.c:540 plugins/sudoers/ldap.c:1152
+#: plugins/sudoers/ldap.c:1354 plugins/sudoers/ldap.c:1526
+#: plugins/sudoers/ldap.c:1682 plugins/sudoers/linux_audit.c:82
+#: plugins/sudoers/logging.c:921 plugins/sudoers/policy.c:498
+#: plugins/sudoers/policy.c:507 plugins/sudoers/prompt.c:161
+#: plugins/sudoers/sudoers.c:815 plugins/sudoers/testsudoers.c:236
+#: plugins/sudoers/toke_util.c:160
+#, c-format
+msgid "internal error, %s overflow"
+msgstr "vnútorná chyba, %s pretečenie"
+
+#: plugins/sudoers/env.c:376
+msgid "sudo_putenv: corrupted envp, length mismatch"
+msgstr ""
+
+#: plugins/sudoers/env.c:1052
+msgid "unable to rebuild the environment"
+msgstr ""
+
+#: plugins/sudoers/env.c:1126
+#, c-format
+msgid "sorry, you are not allowed to set the following environment variables: %s"
+msgstr ""
+
+#: plugins/sudoers/group_plugin.c:85
+#, c-format
+msgid "%s must be owned by uid %d"
+msgstr "%s musí byť vlastnený identifikátorom uid %d"
+
+#: plugins/sudoers/group_plugin.c:89
+#, c-format
+msgid "%s must only be writable by owner"
+msgstr ""
+
+#: plugins/sudoers/group_plugin.c:97 plugins/sudoers/sssd.c:331
+#, c-format
+msgid "unable to load %s: %s"
+msgstr "nie je možné načítať %s:%s"
+
+#: plugins/sudoers/group_plugin.c:103
+#, c-format
+msgid "unable to find symbol \"group_plugin\" in %s"
+msgstr ""
+
+#: plugins/sudoers/group_plugin.c:108
+#, c-format
+msgid "%s: incompatible group plugin major version %d, expected %d"
+msgstr ""
+
+#: plugins/sudoers/interfaces.c:117
+msgid "Local IP address and netmask pairs:\n"
+msgstr ""
+
+#: plugins/sudoers/iolog.c:92 plugins/sudoers/iolog.c:110
+#: plugins/sudoers/timestamp.c:169
+#, c-format
+msgid "%s exists but is not a directory (0%o)"
+msgstr ""
+
+#: plugins/sudoers/iolog.c:103 plugins/sudoers/iolog.c:124
+#: plugins/sudoers/iolog.c:131 plugins/sudoers/timestamp.c:163
+#: plugins/sudoers/timestamp.c:184
+#, c-format
+msgid "unable to mkdir %s"
+msgstr ""
+
+#: plugins/sudoers/iolog.c:200 plugins/sudoers/sudoers.c:871
+#: plugins/sudoers/sudoreplay.c:300 plugins/sudoers/sudoreplay.c:769
+#: plugins/sudoers/sudoreplay.c:973 plugins/sudoers/timestamp.c:399
+#: plugins/sudoers/visudo.c:898 plugins/sudoers/visudo_json.c:1012
+#: plugins/sudoers/visudo_json.c:1025
+#, c-format
+msgid "unable to open %s"
+msgstr "nie je možné otvoriť %s"
+
+#: plugins/sudoers/iolog.c:241 plugins/sudoers/sudoers.c:875
+#: plugins/sudoers/sudoreplay.c:1084
+#, c-format
+msgid "unable to read %s"
+msgstr ""
+
+#: plugins/sudoers/iolog.c:277 plugins/sudoers/sudoreplay.c:550
+#: plugins/sudoers/timestamp.c:298 plugins/sudoers/timestamp.c:301
+#, c-format
+msgid "unable to write to %s"
+msgstr "nie je možné zapísať do %s"
+
+#: plugins/sudoers/iolog.c:342 plugins/sudoers/iolog.c:540
+#, c-format
+msgid "unable to create %s"
+msgstr ""
+
+#: plugins/sudoers/ldap.c:428
+msgid "sudo_ldap_conf_add_ports: port too large"
+msgstr ""
+
+#: plugins/sudoers/ldap.c:488
+#, c-format
+msgid "unsupported LDAP uri type: %s"
+msgstr ""
+
+#: plugins/sudoers/ldap.c:515
+msgid "unable to mix ldap and ldaps URIs"
+msgstr ""
+
+#: plugins/sudoers/ldap.c:519 plugins/sudoers/ldap.c:555
+msgid "starttls not supported when using ldaps"
+msgstr ""
+
+#: plugins/sudoers/ldap.c:626
+#, c-format
+msgid "unable to initialize SSL cert and key db: %s"
+msgstr ""
+
+#: plugins/sudoers/ldap.c:629
+#, c-format
+msgid "you must set TLS_CERT in %s to use SSL"
+msgstr ""
+
+#: plugins/sudoers/ldap.c:1138
+msgid "unable to get GMT time"
+msgstr ""
+
+#: plugins/sudoers/ldap.c:1144
+msgid "unable to format timestamp"
+msgstr ""
+
+#: plugins/sudoers/ldap.c:1830
+#, c-format
+msgid "%s: %s: %s: %s"
+msgstr ""
+
+#: plugins/sudoers/ldap.c:2372
+#, c-format
+msgid ""
+"\n"
+"LDAP Role: %s\n"
+msgstr ""
+
+#: plugins/sudoers/ldap.c:2374
+#, c-format
+msgid ""
+"\n"
+"LDAP Role: UNKNOWN\n"
+msgstr ""
+
+#: plugins/sudoers/ldap.c:2421
+#, c-format
+msgid "    Order: %s\n"
+msgstr ""
+
+#: plugins/sudoers/ldap.c:2429 plugins/sudoers/parse.c:555
+#: plugins/sudoers/sssd.c:1417
+#, c-format
+msgid "    Commands:\n"
+msgstr ""
+
+#: plugins/sudoers/ldap.c:2993
+#, c-format
+msgid "unable to initialize LDAP: %s"
+msgstr ""
+
+#: plugins/sudoers/ldap.c:3029
+msgid "start_tls specified but LDAP libs do not support ldap_start_tls_s() or ldap_start_tls_s_np()"
+msgstr ""
+
+#: plugins/sudoers/ldap.c:3286
+#, c-format
+msgid "invalid sudoOrder attribute: %s"
+msgstr ""
+
+#: plugins/sudoers/linux_audit.c:52
+msgid "unable to open audit system"
+msgstr "nie je možné otvoriť systém auditu"
+
+#: plugins/sudoers/linux_audit.c:93
+msgid "unable to send audit message"
+msgstr "nie je možné odoslať správu auditu"
+
+#: plugins/sudoers/logging.c:106
+#, c-format
+msgid "%8s : %s"
+msgstr ""
+
+#: plugins/sudoers/logging.c:134
+#, c-format
+msgid "%8s : (command continued) %s"
+msgstr ""
+
+#: plugins/sudoers/logging.c:159
+#, c-format
+msgid "unable to open log file: %s: %s"
+msgstr ""
+
+#: plugins/sudoers/logging.c:162
+#, c-format
+msgid "unable to lock log file: %s: %s"
+msgstr ""
+
+#: plugins/sudoers/logging.c:211
+msgid "No user or host"
+msgstr ""
+
+#: plugins/sudoers/logging.c:213
+msgid "validation failure"
+msgstr ""
+
+#: plugins/sudoers/logging.c:220
+msgid "user NOT in sudoers"
+msgstr ""
+
+#: plugins/sudoers/logging.c:222
+msgid "user NOT authorized on host"
+msgstr ""
+
+#: plugins/sudoers/logging.c:224
+msgid "command not allowed"
+msgstr ""
+
+#: plugins/sudoers/logging.c:259
+#, c-format
+msgid "%s is not in the sudoers file.  This incident will be reported.\n"
+msgstr ""
+
+#: plugins/sudoers/logging.c:262
+#, c-format
+msgid "%s is not allowed to run sudo on %s.  This incident will be reported.\n"
+msgstr ""
+
+#: plugins/sudoers/logging.c:266
+#, c-format
+msgid "Sorry, user %s may not run sudo on %s.\n"
+msgstr ""
+
+#: plugins/sudoers/logging.c:269
+#, c-format
+msgid "Sorry, user %s is not allowed to execute '%s%s%s' as %s%s%s on %s.\n"
+msgstr ""
+
+#: plugins/sudoers/logging.c:306 plugins/sudoers/sudoers.c:471
+#: plugins/sudoers/sudoers.c:473 plugins/sudoers/sudoers.c:475
+#: plugins/sudoers/sudoers.c:477 plugins/sudoers/sudoers.c:1222
+#: plugins/sudoers/sudoers.c:1224
+#, c-format
+msgid "%s: command not found"
+msgstr ""
+
+#: plugins/sudoers/logging.c:308 plugins/sudoers/sudoers.c:467
+#, c-format
+msgid ""
+"ignoring `%s' found in '.'\n"
+"Use `sudo ./%s' if this is the `%s' you wish to run."
+msgstr ""
+
+#: plugins/sudoers/logging.c:325
+msgid "authentication failure"
+msgstr ""
+
+#: plugins/sudoers/logging.c:351
+msgid "a password is required"
+msgstr ""
+
+#: plugins/sudoers/logging.c:422 plugins/sudoers/logging.c:484
+#, c-format
+msgid "%u incorrect password attempt"
+msgid_plural "%u incorrect password attempts"
+msgstr[0] ""
+msgstr[1] ""
+msgstr[2] ""
+
+#: plugins/sudoers/logging.c:572
+msgid "unable to fork"
+msgstr ""
+
+#: plugins/sudoers/logging.c:580 plugins/sudoers/logging.c:636
+#, c-format
+msgid "unable to fork: %m"
+msgstr ""
+
+#: plugins/sudoers/logging.c:626
+#, c-format
+msgid "unable to open pipe: %m"
+msgstr ""
+
+#: plugins/sudoers/logging.c:651
+#, c-format
+msgid "unable to dup stdin: %m"
+msgstr ""
+
+#: plugins/sudoers/logging.c:689
+#, c-format
+msgid "unable to execute %s: %m"
+msgstr ""
+
+#: plugins/sudoers/match.c:606
+#, c-format
+msgid "unsupported digest type %d for %s"
+msgstr ""
+
+#: plugins/sudoers/match.c:639
+#, c-format
+msgid "%s: read error"
+msgstr ""
+
+#: plugins/sudoers/match.c:653
+#, c-format
+msgid "digest for %s (%s) is not in %s form"
+msgstr ""
+
+#: plugins/sudoers/parse.c:114
+#, c-format
+msgid "parse error in %s near line %d"
+msgstr ""
+
+#: plugins/sudoers/parse.c:117
+#, c-format
+msgid "parse error in %s"
+msgstr ""
+
+#: plugins/sudoers/parse.c:502
+#, c-format
+msgid ""
+"\n"
+"Sudoers entry:\n"
+msgstr ""
+
+#: plugins/sudoers/parse.c:503
+#, c-format
+msgid "    RunAsUsers: "
+msgstr ""
+
+#: plugins/sudoers/parse.c:517
+#, c-format
+msgid "    RunAsGroups: "
+msgstr ""
+
+#: plugins/sudoers/parse.c:526
+#, c-format
+msgid "    Options: "
+msgstr ""
+
+#: plugins/sudoers/policy.c:240 plugins/sudoers/testsudoers.c:253
+msgid "unable to parse network address list"
+msgstr ""
+
+#: plugins/sudoers/policy.c:636 plugins/sudoers/visudo.c:839
+#, c-format
+msgid "unable to execute %s"
+msgstr "nie je možné vykonať %s"
+
+#: plugins/sudoers/policy.c:769
+#, c-format
+msgid "Sudoers policy plugin version %s\n"
+msgstr ""
+
+#: plugins/sudoers/policy.c:771
+#, c-format
+msgid "Sudoers file grammar version %d\n"
+msgstr ""
+
+#: plugins/sudoers/policy.c:775
+#, c-format
+msgid ""
+"\n"
+"Sudoers path: %s\n"
+msgstr ""
+
+#: plugins/sudoers/policy.c:778
+#, c-format
+msgid "nsswitch path: %s\n"
+msgstr ""
+
+#: plugins/sudoers/policy.c:780
+#, c-format
+msgid "ldap.conf path: %s\n"
+msgstr ""
+
+#: plugins/sudoers/policy.c:781
+#, c-format
+msgid "ldap.secret path: %s\n"
+msgstr ""
+
+#: plugins/sudoers/policy.c:814
+#, c-format
+msgid "unable to register hook of type %d (version %d.%d)"
+msgstr ""
+
+#: plugins/sudoers/pwutil.c:136 plugins/sudoers/pwutil.c:153
+#, c-format
+msgid "unable to cache uid %u, out of memory"
+msgstr ""
+
+#: plugins/sudoers/pwutil.c:147
+#, c-format
+msgid "unable to cache uid %u, already exists"
+msgstr ""
+
+#: plugins/sudoers/pwutil.c:191 plugins/sudoers/pwutil.c:207
+#: plugins/sudoers/pwutil.c:250 plugins/sudoers/pwutil.c:294
+#, c-format
+msgid "unable to cache user %s, out of memory"
+msgstr ""
+
+#: plugins/sudoers/pwutil.c:202
+#, c-format
+msgid "unable to cache user %s, already exists"
+msgstr ""
+
+#: plugins/sudoers/pwutil.c:427 plugins/sudoers/pwutil.c:444
+#, c-format
+msgid "unable to cache gid %u, out of memory"
+msgstr ""
+
+#: plugins/sudoers/pwutil.c:438
+#, c-format
+msgid "unable to cache gid %u, already exists"
+msgstr ""
+
+#: plugins/sudoers/pwutil.c:476 plugins/sudoers/pwutil.c:492
+#: plugins/sudoers/pwutil.c:524 plugins/sudoers/pwutil.c:565
+#, c-format
+msgid "unable to cache group %s, out of memory"
+msgstr ""
+
+#: plugins/sudoers/pwutil.c:487
+#, c-format
+msgid "unable to cache group %s, already exists"
+msgstr ""
+
+#: plugins/sudoers/pwutil.c:676 plugins/sudoers/pwutil.c:710
+#, c-format
+msgid "unable to cache group list for %s, already exists"
+msgstr ""
+
+#: plugins/sudoers/pwutil.c:682 plugins/sudoers/pwutil.c:715
+#, c-format
+msgid "unable to cache group list for %s, out of memory"
+msgstr ""
+
+#: plugins/sudoers/pwutil.c:705
+#, c-format
+msgid "unable to parse groups for %s"
+msgstr ""
+
+#: plugins/sudoers/set_perms.c:113 plugins/sudoers/set_perms.c:438
+#: plugins/sudoers/set_perms.c:841 plugins/sudoers/set_perms.c:1138
+#: plugins/sudoers/set_perms.c:1430
+msgid "perm stack overflow"
+msgstr ""
+
+#: plugins/sudoers/set_perms.c:121 plugins/sudoers/set_perms.c:369
+#: plugins/sudoers/set_perms.c:446 plugins/sudoers/set_perms.c:708
+#: plugins/sudoers/set_perms.c:849 plugins/sudoers/set_perms.c:1067
+#: plugins/sudoers/set_perms.c:1146 plugins/sudoers/set_perms.c:1363
+#: plugins/sudoers/set_perms.c:1438 plugins/sudoers/set_perms.c:1527
+msgid "perm stack underflow"
+msgstr ""
+
+#: plugins/sudoers/set_perms.c:180 plugins/sudoers/set_perms.c:493
+#: plugins/sudoers/set_perms.c:1197 plugins/sudoers/set_perms.c:1470
+msgid "unable to change to root gid"
+msgstr ""
+
+#: plugins/sudoers/set_perms.c:269 plugins/sudoers/set_perms.c:590
+#: plugins/sudoers/set_perms.c:978 plugins/sudoers/set_perms.c:1274
+msgid "unable to change to runas gid"
+msgstr ""
+
+#: plugins/sudoers/set_perms.c:274 plugins/sudoers/set_perms.c:595
+#: plugins/sudoers/set_perms.c:983 plugins/sudoers/set_perms.c:1279
+msgid "unable to set runas group vector"
+msgstr ""
+
+#: plugins/sudoers/set_perms.c:285 plugins/sudoers/set_perms.c:606
+#: plugins/sudoers/set_perms.c:992 plugins/sudoers/set_perms.c:1288
+msgid "unable to change to runas uid"
+msgstr ""
+
+#: plugins/sudoers/set_perms.c:303 plugins/sudoers/set_perms.c:624
+#: plugins/sudoers/set_perms.c:1008 plugins/sudoers/set_perms.c:1304
+msgid "unable to change to sudoers gid"
+msgstr ""
+
+#: plugins/sudoers/set_perms.c:356 plugins/sudoers/set_perms.c:695
+#: plugins/sudoers/set_perms.c:1054 plugins/sudoers/set_perms.c:1350
+#: plugins/sudoers/set_perms.c:1514
+msgid "too many processes"
+msgstr ""
+
+#: plugins/sudoers/solaris_audit.c:51
+msgid "unable to get current working directory"
+msgstr ""
+
+#: plugins/sudoers/solaris_audit.c:59
+#, c-format
+msgid "truncated audit path user_cmnd: %s"
+msgstr ""
+
+#: plugins/sudoers/solaris_audit.c:66
+#, c-format
+msgid "truncated audit path argv[0]: %s"
+msgstr ""
+
+#: plugins/sudoers/solaris_audit.c:115
+msgid "audit_failure message too long"
+msgstr ""
+
+#: plugins/sudoers/sssd.c:333
+msgid "unable to initialize SSS source. Is SSSD installed on your machine?"
+msgstr ""
+
+#: plugins/sudoers/sssd.c:341 plugins/sudoers/sssd.c:350
+#: plugins/sudoers/sssd.c:359 plugins/sudoers/sssd.c:368
+#: plugins/sudoers/sssd.c:377
+#, c-format
+msgid "unable to find symbol \"%s\" in %s"
+msgstr ""
+
+#: plugins/sudoers/sudo_nss.c:290
+#, c-format
+msgid "Matching Defaults entries for %s on %s:\n"
+msgstr ""
+
+#: plugins/sudoers/sudo_nss.c:308
+#, c-format
+msgid "Runas and Command-specific defaults for %s:\n"
+msgstr ""
+
+#: plugins/sudoers/sudo_nss.c:326
+#, c-format
+msgid "User %s may run the following commands on %s:\n"
+msgstr ""
+
+#: plugins/sudoers/sudo_nss.c:339
+#, c-format
+msgid "User %s is not allowed to run sudo on %s.\n"
+msgstr ""
+
+#: plugins/sudoers/sudoers.c:172 plugins/sudoers/testsudoers.c:245
+#: plugins/sudoers/visudo.c:223 plugins/sudoers/visudo.c:565
+msgid "unable to initialize sudoers default values"
+msgstr ""
+
+#: plugins/sudoers/sudoers.c:197 plugins/sudoers/sudoers.c:239
+#: plugins/sudoers/sudoers.c:833
+msgid "problem with defaults entries"
+msgstr ""
+
+#: plugins/sudoers/sudoers.c:205
+msgid "no valid sudoers sources found, quitting"
+msgstr ""
+
+#: plugins/sudoers/sudoers.c:275
+msgid "sudoers specifies that root is not allowed to sudo"
+msgstr ""
+
+#: plugins/sudoers/sudoers.c:332
+msgid "you are not permitted to use the -C option"
+msgstr ""
+
+#: plugins/sudoers/sudoers.c:396
+#, c-format
+msgid "timestamp owner (%s): No such user"
+msgstr ""
+
+#: plugins/sudoers/sudoers.c:410
+msgid "no tty"
+msgstr ""
+
+#: plugins/sudoers/sudoers.c:411
+msgid "sorry, you must have a tty to run sudo"
+msgstr ""
+
+#: plugins/sudoers/sudoers.c:466
+msgid "command in current directory"
+msgstr ""
+
+#: plugins/sudoers/sudoers.c:486
+msgid "sorry, you are not allowed to preserve the environment"
+msgstr ""
+
+#: plugins/sudoers/sudoers.c:778
+msgid "command too long"
+msgstr ""
+
+#: plugins/sudoers/sudoers.c:886 plugins/sudoers/visudo.c:426
+#: plugins/sudoers/visudo.c:665
+#, c-format
+msgid "unable to stat %s"
+msgstr ""
+
+#: plugins/sudoers/sudoers.c:890
+#, c-format
+msgid "%s is not a regular file"
+msgstr "%s nie je regulárny súbor"
+
+#: plugins/sudoers/sudoers.c:894 plugins/sudoers/timestamp.c:225 toke.l:947
+#, c-format
+msgid "%s is owned by uid %u, should be %u"
+msgstr "%s je vlastnený identifikátorom uid %u a mal by byť vlastnený %u"
+
+#: plugins/sudoers/sudoers.c:898 toke.l:954
+#, c-format
+msgid "%s is world writable"
+msgstr ""
+
+#: plugins/sudoers/sudoers.c:902 toke.l:959
+#, c-format
+msgid "%s is owned by gid %u, should be %u"
+msgstr ""
+
+#: plugins/sudoers/sudoers.c:933
+#, c-format
+msgid "only root can use `-c %s'"
+msgstr ""
+
+#: plugins/sudoers/sudoers.c:952
+#, c-format
+msgid "unknown login class: %s"
+msgstr ""
+
+#: plugins/sudoers/sudoers.c:1031 plugins/sudoers/sudoers.c:1059
+#, c-format
+msgid "unable to resolve host %s"
+msgstr ""
+
+#: plugins/sudoers/sudoers.c:1126 plugins/sudoers/testsudoers.c:385
+#, c-format
+msgid "unknown group: %s"
+msgstr ""
+
+#: plugins/sudoers/sudoreplay.c:232
+#, c-format
+msgid "invalid filter option: %s"
+msgstr ""
+
+#: plugins/sudoers/sudoreplay.c:245
+#, c-format
+msgid "invalid max wait: %s"
+msgstr ""
+
+#: plugins/sudoers/sudoreplay.c:251
+#, c-format
+msgid "invalid speed factor: %s"
+msgstr ""
+
+#: plugins/sudoers/sudoreplay.c:254 plugins/sudoers/visudo.c:180
+#, c-format
+msgid "%s version %s\n"
+msgstr "%s verzia %s\n"
+
+#: plugins/sudoers/sudoreplay.c:286
+#, c-format
+msgid "%s/%.2s/%.2s/%.2s/timing: %s"
+msgstr ""
+
+#: plugins/sudoers/sudoreplay.c:292
+#, c-format
+msgid "%s/%s/timing: %s"
+msgstr ""
+
+#: plugins/sudoers/sudoreplay.c:308
+#, c-format
+msgid "Replaying sudo session: %s\n"
+msgstr ""
+
+#: plugins/sudoers/sudoreplay.c:314
+#, c-format
+msgid "Warning: your terminal is too small to properly replay the log.\n"
+msgstr ""
+
+#: plugins/sudoers/sudoreplay.c:315
+#, c-format
+msgid "Log geometry is %d x %d, your terminal's geometry is %d x %d."
+msgstr ""
+
+#: plugins/sudoers/sudoreplay.c:368
+msgid "unable to set tty to raw mode"
+msgstr ""
+
+#: plugins/sudoers/sudoreplay.c:401
+#, c-format
+msgid "invalid timing file line: %s"
+msgstr ""
+
+#: plugins/sudoers/sudoreplay.c:611 plugins/sudoers/sudoreplay.c:636
+#, c-format
+msgid "ambiguous expression \"%s\""
+msgstr ""
+
+#: plugins/sudoers/sudoreplay.c:658
+msgid "unmatched ')' in expression"
+msgstr ""
+
+#: plugins/sudoers/sudoreplay.c:662
+#, c-format
+msgid "unknown search term \"%s\""
+msgstr ""
+
+#: plugins/sudoers/sudoreplay.c:677
+#, c-format
+msgid "%s requires an argument"
+msgstr ""
+
+#: plugins/sudoers/sudoreplay.c:680 plugins/sudoers/sudoreplay.c:1060
+#, c-format
+msgid "invalid regular expression: %s"
+msgstr ""
+
+#: plugins/sudoers/sudoreplay.c:684
+#, c-format
+msgid "could not parse date \"%s\""
+msgstr ""
+
+#: plugins/sudoers/sudoreplay.c:693
+msgid "unmatched '(' in expression"
+msgstr ""
+
+#: plugins/sudoers/sudoreplay.c:695
+msgid "illegal trailing \"or\""
+msgstr ""
+
+#: plugins/sudoers/sudoreplay.c:697
+msgid "illegal trailing \"!\""
+msgstr ""
+
+#: plugins/sudoers/sudoreplay.c:746
+#, c-format
+msgid "unknown search type %d"
+msgstr "neznámy typ vyhľadávania %d"
+
+#: plugins/sudoers/sudoreplay.c:784
+#, c-format
+msgid "%s: invalid log file"
+msgstr "%s: neplatný súbor záznamu"
+
+#: plugins/sudoers/sudoreplay.c:802
+#, c-format
+msgid "%s: time stamp field is missing"
+msgstr "%s: chýba pole časovej značky"
+
+#: plugins/sudoers/sudoreplay.c:809
+#, c-format
+msgid "%s: time stamp %s: %s"
+msgstr "%s: časová značka %s: %s"
+
+#: plugins/sudoers/sudoreplay.c:816
+#, c-format
+msgid "%s: user field is missing"
+msgstr ""
+
+#: plugins/sudoers/sudoreplay.c:825
+#, c-format
+msgid "%s: runas user field is missing"
+msgstr ""
+
+#: plugins/sudoers/sudoreplay.c:834
+#, c-format
+msgid "%s: runas group field is missing"
+msgstr ""
+
+#: plugins/sudoers/sudoreplay.c:1197
+#, c-format
+msgid "usage: %s [-h] [-d dir] [-m num] [-s num] ID\n"
+msgstr "použitie: %s [-h] [-d adresár] [-m číslo] [-s číslo] ID\n"
+
+#: plugins/sudoers/sudoreplay.c:1200
+#, c-format
+msgid "usage: %s [-h] [-d dir] -l [search expression]\n"
+msgstr "použitie: %s [-h] [-d adresár] -l [hľadaný výraz]\n"
+
+#: plugins/sudoers/sudoreplay.c:1209
+#, c-format
+msgid ""
+"%s - replay sudo session logs\n"
+"\n"
+msgstr ""
+
+#: plugins/sudoers/sudoreplay.c:1211
+msgid ""
+"\n"
+"Options:\n"
+"  -d, --directory=dir  specify directory for session logs\n"
+"  -f, --filter=filter  specify which I/O type(s) to display\n"
+"  -h, --help           display help message and exit\n"
+"  -l, --list           list available session IDs, with optional expression\n"
+"  -m, --max-wait=num   max number of seconds to wait between events\n"
+"  -s, --speed=num      speed up or slow down output\n"
+"  -V, --version        display version information and exit"
+msgstr ""
+"\n"
+"Voľby:\n"
+"  -d, --directory=adresárr  určí adresár pre záznamy relácie\n"
+"  -f, --filter=filter  určuje, ktoré vstupno-výstupné typy sa majú zorbaziť\n"
+"  -h, --help           zorbazí správu pomocníka a skončí\n"
+"  -l, --list           vypíše identifikátory dostupných relácií, s voliteľným výrazom\n"
+"  -m, --max-wait=číslo   maximálny počet sekúnd čakania medzi udalosťami\n"
+"  -s, --speed=číslo      zrýchli alebo spomalí výstup\n"
+"  -V, --version        zobrazí informácie o verzii a skončí"
+
+#: plugins/sudoers/testsudoers.c:324
+msgid "\thost  unmatched"
+msgstr ""
+
+#: plugins/sudoers/testsudoers.c:327
+msgid ""
+"\n"
+"Command allowed"
+msgstr ""
+"\n"
+"Príkaz povolený"
+
+#: plugins/sudoers/testsudoers.c:328
+msgid ""
+"\n"
+"Command denied"
+msgstr ""
+"\n"
+"Príkaz odmietnutý"
+
+#: plugins/sudoers/testsudoers.c:328
+msgid ""
+"\n"
+"Command unmatched"
+msgstr ""
+"\n"
+"Príkaz nevyhovujúci"
+
+#: plugins/sudoers/timestamp.c:233
+#, c-format
+msgid "%s is group writable"
+msgstr ""
+
+#: plugins/sudoers/timestamp.c:309
+#, c-format
+msgid "unable to truncate time stamp file to %lld bytes"
+msgstr ""
+
+#: plugins/sudoers/timestamp.c:742 plugins/sudoers/timestamp.c:809
+#: plugins/sudoers/visudo.c:486 plugins/sudoers/visudo.c:492
+msgid "unable to read the clock"
+msgstr "nie je možné čítať hodiny"
+
+#: plugins/sudoers/timestamp.c:756
+msgid "ignoring time stamp from the future"
+msgstr ""
+
+#: plugins/sudoers/timestamp.c:768
+#, c-format
+msgid "time stamp too far in the future: %20.20s"
+msgstr ""
+
+#: plugins/sudoers/timestamp.c:863
+#, c-format
+msgid "unable to lock time stamp file %s"
+msgstr ""
+
+#: plugins/sudoers/timestamp.c:906 plugins/sudoers/timestamp.c:926
+#, c-format
+msgid "lecture status path too long: %s/%s"
+msgstr ""
+
+#: plugins/sudoers/visudo.c:182
+#, c-format
+msgid "%s grammar version %d\n"
+msgstr ""
+
+#: plugins/sudoers/visudo.c:254 plugins/sudoers/visudo.c:617
+#, c-format
+msgid "press return to edit %s: "
+msgstr ""
+
+#: plugins/sudoers/visudo.c:319
+#, c-format
+msgid "specified editor (%s) doesn't exist"
+msgstr ""
+
+#: plugins/sudoers/visudo.c:337
+#, c-format
+msgid "no editor found (editor path = %s)"
+msgstr ""
+
+#: plugins/sudoers/visudo.c:446 plugins/sudoers/visudo.c:454
+msgid "write error"
+msgstr "chyba zápisu"
+
+#: plugins/sudoers/visudo.c:499
+#, c-format
+msgid "unable to stat temporary file (%s), %s unchanged"
+msgstr ""
+
+#: plugins/sudoers/visudo.c:506
+#, c-format
+msgid "zero length temporary file (%s), %s unchanged"
+msgstr ""
+
+#: plugins/sudoers/visudo.c:512
+#, c-format
+msgid "editor (%s) failed, %s unchanged"
+msgstr ""
+
+#: plugins/sudoers/visudo.c:534
+#, c-format
+msgid "%s unchanged"
+msgstr "%s nezmenený"
+
+#: plugins/sudoers/visudo.c:560
+#, c-format
+msgid "unable to re-open temporary file (%s), %s unchanged."
+msgstr ""
+
+#: plugins/sudoers/visudo.c:571
+#, c-format
+msgid "unabled to parse temporary file (%s), unknown error"
+msgstr ""
+
+#: plugins/sudoers/visudo.c:608
+#, c-format
+msgid "internal error, unable to find %s in list!"
+msgstr ""
+
+#: plugins/sudoers/visudo.c:667 plugins/sudoers/visudo.c:676
+#, c-format
+msgid "unable to set (uid, gid) of %s to (%u, %u)"
+msgstr ""
+
+#: plugins/sudoers/visudo.c:671 plugins/sudoers/visudo.c:681
+#, c-format
+msgid "unable to change mode of %s to 0%o"
+msgstr ""
+
+#: plugins/sudoers/visudo.c:698
+#, c-format
+msgid "%s and %s not on the same file system, using mv to rename"
+msgstr ""
+
+#: plugins/sudoers/visudo.c:712
+#, c-format
+msgid "command failed: '%s %s %s', %s unchanged"
+msgstr ""
+
+#: plugins/sudoers/visudo.c:722
+#, c-format
+msgid "error renaming %s, %s unchanged"
+msgstr ""
+
+#: plugins/sudoers/visudo.c:784
+msgid "What now? "
+msgstr ""
+
+#: plugins/sudoers/visudo.c:798
+msgid ""
+"Options are:\n"
+"  (e)dit sudoers file again\n"
+"  e(x)it without saving changes to sudoers file\n"
+"  (Q)uit and save changes to sudoers file (DANGER!)\n"
+msgstr ""
+
+#: plugins/sudoers/visudo.c:846
+#, c-format
+msgid "unable to run %s"
+msgstr "nie je možné spustiť %s"
+
+#: plugins/sudoers/visudo.c:872
+#, c-format
+msgid "%s: wrong owner (uid, gid) should be (%u, %u)\n"
+msgstr ""
+
+#: plugins/sudoers/visudo.c:879
+#, c-format
+msgid "%s: bad permissions, should be mode 0%o\n"
+msgstr ""
+
+#: plugins/sudoers/visudo.c:904 plugins/sudoers/visudo_json.c:1032
+#, c-format
+msgid "failed to parse %s file, unknown error"
+msgstr ""
+
+#: plugins/sudoers/visudo.c:920 plugins/sudoers/visudo_json.c:1041
+#, c-format
+msgid "parse error in %s near line %d\n"
+msgstr ""
+
+#: plugins/sudoers/visudo.c:923 plugins/sudoers/visudo_json.c:1044
+#, c-format
+msgid "parse error in %s\n"
+msgstr ""
+
+#: plugins/sudoers/visudo.c:931 plugins/sudoers/visudo.c:938
+#, c-format
+msgid "%s: parsed OK\n"
+msgstr ""
+
+#: plugins/sudoers/visudo.c:985
+#, c-format
+msgid "%s busy, try again later"
+msgstr ""
+
+#: plugins/sudoers/visudo.c:1081
+#, c-format
+msgid "Error: cycle in %s `%s'"
+msgstr ""
+
+#: plugins/sudoers/visudo.c:1082
+#, c-format
+msgid "Warning: cycle in %s `%s'"
+msgstr ""
+
+#: plugins/sudoers/visudo.c:1086
+#, c-format
+msgid "Error: %s `%s' referenced but not defined"
+msgstr ""
+
+#: plugins/sudoers/visudo.c:1087
+#, c-format
+msgid "Warning: %s `%s' referenced but not defined"
+msgstr ""
+
+#: plugins/sudoers/visudo.c:1230
+#, c-format
+msgid "Warning: unused %s `%s'"
+msgstr ""
+
+#: plugins/sudoers/visudo.c:1343
+#, c-format
+msgid ""
+"%s - safely edit the sudoers file\n"
+"\n"
+msgstr ""
+"%s - bezpečne upraví súbor sudoers\n"
+"\n"
+
+#: plugins/sudoers/visudo.c:1345
+msgid ""
+"\n"
+"Options:\n"
+"  -c, --check              check-only mode\n"
+"  -f, --file=sudoers       specify sudoers file location\n"
+"  -h, --help               display help message and exit\n"
+"  -q, --quiet              less verbose (quiet) syntax error messages\n"
+"  -s, --strict             strict syntax checking\n"
+"  -V, --version            display version information and exit\n"
+"  -x, --export=output_file write sudoers in JSON format to output_file"
+msgstr ""
+
+#: plugins/sudoers/visudo_json.c:1018
+#, c-format
+msgid "%s: input and output files must be different"
+msgstr ""
+
+#: toke.l:918
+msgid "too many levels of includes"
+msgstr ""
diff --git a/plugins/sudoers/po/sl.mo b/plugins/sudoers/po/sl.mo
new file mode 100644
index 0000000..3b19398
--- /dev/null
+++ b/plugins/sudoers/po/sl.mo
diff --git a/plugins/sudoers/po/sl.po b/plugins/sudoers/po/sl.po
new file mode 100644
index 0000000..55d6733
--- /dev/null
+++ b/plugins/sudoers/po/sl.po
@@ -0,0 +1,1758 @@
+# Slovenian translation of sudo.
+# This file is put in the public domain.
+# This file is distributed under the same license as the sudo package.
+#
+# Damir Jerovšek <damir.jerovsek@gmail.com>, 2012.
+# Klemen Košir <klemen.kosir@gmx.com>, 2012 - 2013.
+#
+msgid ""
+msgstr ""
+"Project-Id-Version: sudoers 1.8.7b1\n"
+"Report-Msgid-Bugs-To: http://www.sudo.ws/bugs\n"
+"POT-Creation-Date: 2013-04-02 10:40-0400\n"
+"PO-Revision-Date: 2013-04-06 09:44+0100\n"
+"Last-Translator: Klemen Košir <klemen913@gmail.com>\n"
+"Language-Team: Slovenian <translation-team-sl@lists.sourceforge.net>\n"
+"Language: sl\n"
+"X-Bugs: Report translation errors to the Language-Team address.\n"
+"MIME-Version: 1.0\n"
+"Content-Type: text/plain; charset=UTF-8\n"
+"Content-Transfer-Encoding: 8bit\n"
+"Plural-Forms: nplurals=4; plural=(n%100==1 ? 1 : n%100==2 ? 2 : n%100==3 || n%100==4 ? 3 : 0);\n"
+"X-Generator: Poedit 1.5.5\n"
+
+#: confstr.sh:2 plugins/sudoers/auth/pam.c:340
+msgid "Password:"
+msgstr "Geslo:"
+
+#: confstr.sh:3
+msgid "*** SECURITY information for %h ***"
+msgstr "*** Varnostni podatki za %h ***"
+
+#: confstr.sh:4
+msgid "Sorry, try again."
+msgstr "Prosimo, poskusite znova."
+
+#: plugins/sudoers/alias.c:124
+#, c-format
+msgid "Alias `%s' already defined"
+msgstr "Vzdevek `%s' je že določen"
+
+#: plugins/sudoers/auth/bsdauth.c:77
+#, c-format
+msgid "unable to get login class for user %s"
+msgstr "prijavnega razreda uporabnika %s ni mogoče pridobiti"
+
+#: plugins/sudoers/auth/bsdauth.c:83
+msgid "unable to begin bsd authentication"
+msgstr "ni mogoče začeti overitve bsd"
+
+#: plugins/sudoers/auth/bsdauth.c:91
+msgid "invalid authentication type"
+msgstr "neveljavna vrsta overitve"
+
+#: plugins/sudoers/auth/bsdauth.c:100
+msgid "unable to setup authentication"
+msgstr "ni mogoče nastaviti overitve"
+
+#: plugins/sudoers/auth/fwtk.c:59
+#, c-format
+msgid "unable to read fwtk config"
+msgstr "ni mogoče brati nastavitev fwtk"
+
+#: plugins/sudoers/auth/fwtk.c:64
+#, c-format
+msgid "unable to connect to authentication server"
+msgstr "ni se mogoče povezati s strežnikom overitve"
+
+#: plugins/sudoers/auth/fwtk.c:70 plugins/sudoers/auth/fwtk.c:94
+#: plugins/sudoers/auth/fwtk.c:127
+#, c-format
+msgid "lost connection to authentication server"
+msgstr "povezava s strežnikom overitve je bila izgubljena"
+
+#: plugins/sudoers/auth/fwtk.c:74
+#, c-format
+msgid ""
+"authentication server error:\n"
+"%s"
+msgstr ""
+"napaka strežnika overitve:\n"
+"%s"
+
+#: plugins/sudoers/auth/kerb5.c:116
+#, c-format
+msgid "%s: unable to unparse princ ('%s'): %s"
+msgstr "%s: ni mogoče odrazčleniti princ ('%s'): %s"
+
+#: plugins/sudoers/auth/kerb5.c:159
+#, c-format
+msgid "%s: unable to parse '%s': %s"
+msgstr "%s: ni mogoče razčleniti '%s': %s"
+
+#: plugins/sudoers/auth/kerb5.c:169
+#, c-format
+msgid "%s: unable to resolve ccache: %s"
+msgstr "%s: ni mogoče razrešiti ccache: %s"
+
+#: plugins/sudoers/auth/kerb5.c:217
+#, c-format
+msgid "%s: unable to allocate options: %s"
+msgstr "%s: ni mogoče dodeliti možnosti: %s"
+
+#: plugins/sudoers/auth/kerb5.c:233
+#, c-format
+msgid "%s: unable to get credentials: %s"
+msgstr "%s: ni mogoče dobiti poverila: %s"
+
+#: plugins/sudoers/auth/kerb5.c:246
+#, c-format
+msgid "%s: unable to initialize ccache: %s"
+msgstr "%s: ni mogoče začeti ccache: %s"
+
+#: plugins/sudoers/auth/kerb5.c:250
+#, c-format
+msgid "%s: unable to store cred in ccache: %s"
+msgstr "%s: ni mogoče shraniti cred v ccache: %s"
+
+#: plugins/sudoers/auth/kerb5.c:315
+#, c-format
+msgid "%s: unable to get host principal: %s"
+msgstr "%s: ni mogoče pridobiti predstojnika gostitve: %s"
+
+#: plugins/sudoers/auth/kerb5.c:330
+#, c-format
+msgid "%s: Cannot verify TGT! Possible attack!: %s"
+msgstr "%s: ni mogoče preveriti TGT! Možen napad!: %s"
+
+#: plugins/sudoers/auth/pam.c:100
+msgid "unable to initialize PAM"
+msgstr "ni mogoče začeti PAM"
+
+#: plugins/sudoers/auth/pam.c:145
+msgid "account validation failure, is your account locked?"
+msgstr "potrditev veljavnosti računa je spodletela, je vaš račun zaklenjen?"
+
+#: plugins/sudoers/auth/pam.c:149
+msgid "Account or password is expired, reset your password and try again"
+msgstr "Geslo ali račun je potekel, ponastavite svoje geslo in poskusite znova"
+
+#: plugins/sudoers/auth/pam.c:156
+#, c-format
+msgid "pam_chauthtok: %s"
+msgstr "pam_chauthtok: %s"
+
+#: plugins/sudoers/auth/pam.c:160
+msgid "Password expired, contact your system administrator"
+msgstr "Veljavnost gesla je potekla. Stopite v stik s svojim sistemskim skrbnikom"
+
+#: plugins/sudoers/auth/pam.c:164
+msgid "Account expired or PAM config lacks an \"account\" section for sudo, contact your system administrator"
+msgstr "Račun je potekel ali pa nastavitvam PAM primanjkuje odsek \"account\" za sudo, obrnite se na sistemskega skrbnika"
+
+#: plugins/sudoers/auth/pam.c:181
+#, c-format
+msgid "pam_authenticate: %s"
+msgstr "pam_authenticate: %s"
+
+#: plugins/sudoers/auth/pam.c:339
+msgid "Password: "
+msgstr "Geslo: "
+
+#: plugins/sudoers/auth/rfc1938.c:103 plugins/sudoers/visudo.c:212
+#, c-format
+msgid "you do not exist in the %s database"
+msgstr "ne obstajate v podatkovni zbirki %s"
+
+#: plugins/sudoers/auth/securid5.c:80
+#, c-format
+msgid "failed to initialise the ACE API library"
+msgstr "začenjanje knjižnice ACE API je spodletelo"
+
+#: plugins/sudoers/auth/securid5.c:106
+#, c-format
+msgid "unable to contact the SecurID server"
+msgstr "ni mogoče navezati stika s strežnikom SecurID"
+
+#: plugins/sudoers/auth/securid5.c:115
+#, c-format
+msgid "User ID locked for SecurID Authentication"
+msgstr "ID uporabnika je zaklenjen zaradi overitve SecurID"
+
+#: plugins/sudoers/auth/securid5.c:119 plugins/sudoers/auth/securid5.c:170
+#, c-format
+msgid "invalid username length for SecurID"
+msgstr "neveljavna dolžina imena uporabnika za SecurID"
+
+#: plugins/sudoers/auth/securid5.c:123 plugins/sudoers/auth/securid5.c:175
+#, c-format
+msgid "invalid Authentication Handle for SecurID"
+msgstr "neveljavna ročica overitve za SecurID"
+
+#: plugins/sudoers/auth/securid5.c:127
+#, c-format
+msgid "SecurID communication failed"
+msgstr "sporazumevanje SecurID je spodletelo"
+
+#: plugins/sudoers/auth/securid5.c:131 plugins/sudoers/auth/securid5.c:214
+#, c-format
+msgid "unknown SecurID error"
+msgstr "neznana napaka SecurID"
+
+#: plugins/sudoers/auth/securid5.c:165
+#, c-format
+msgid "invalid passcode length for SecurID"
+msgstr "neveljavna dolžina gesla za SecurID"
+
+#: plugins/sudoers/auth/sia.c:108
+msgid "unable to initialize SIA session"
+msgstr "ni mogoče začeti seje SIA"
+
+#: plugins/sudoers/auth/sudo_auth.c:119
+msgid "invalid authentication methods"
+msgstr "neveljavni načini overitve"
+
+#: plugins/sudoers/auth/sudo_auth.c:120
+msgid "Invalid authentication methods compiled into sudo!  You may mix standalone and non-standalone authentication."
+msgstr "Neveljavni načini overitve so kodno prevedeni v sudo! Mešate lahko samostojno in nesamostojno overjanje."
+
+#: plugins/sudoers/auth/sudo_auth.c:203
+msgid "no authentication methods"
+msgstr "ni načinov overjanja"
+
+#: plugins/sudoers/auth/sudo_auth.c:205
+msgid "There are no authentication methods compiled into sudo!  If you want to turn off authentication, use the --disable-authentication configure option."
+msgstr "Ni načinov overitve, kodno prevedenih v sudo! Če želite izklopiti overjanje, uporabite nastavitveno možnost --disable-authentication."
+
+#: plugins/sudoers/auth/sudo_auth.c:389
+msgid "Authentication methods:"
+msgstr "Načini overjanja:"
+
+#: plugins/sudoers/bsm_audit.c:60 plugins/sudoers/bsm_audit.c:63
+#: plugins/sudoers/bsm_audit.c:112 plugins/sudoers/bsm_audit.c:116
+#: plugins/sudoers/bsm_audit.c:168 plugins/sudoers/bsm_audit.c:172
+#, c-format
+msgid "getaudit: failed"
+msgstr "getaudit: spodletelo"
+
+#: plugins/sudoers/bsm_audit.c:90 plugins/sudoers/bsm_audit.c:153
+#, c-format
+msgid "Could not determine audit condition"
+msgstr "Pogoja presoje varnosti ni bilo mogoče določiti"
+
+#: plugins/sudoers/bsm_audit.c:101
+#, c-format
+msgid "getauid failed"
+msgstr "getauid je spodletel"
+
+#: plugins/sudoers/bsm_audit.c:103 plugins/sudoers/bsm_audit.c:162
+#, c-format
+msgid "au_open: failed"
+msgstr "au_open: spodletelo"
+
+#: plugins/sudoers/bsm_audit.c:118 plugins/sudoers/bsm_audit.c:174
+#, c-format
+msgid "au_to_subject: failed"
+msgstr "au_to_subject: spodletelo"
+
+#: plugins/sudoers/bsm_audit.c:122 plugins/sudoers/bsm_audit.c:178
+#, c-format
+msgid "au_to_exec_args: failed"
+msgstr "au_to_exec_args: spodletelo"
+
+#: plugins/sudoers/bsm_audit.c:126 plugins/sudoers/bsm_audit.c:187
+#, c-format
+msgid "au_to_return32: failed"
+msgstr "au_to_return32: spodletelo"
+
+#: plugins/sudoers/bsm_audit.c:129 plugins/sudoers/bsm_audit.c:190
+#, c-format
+msgid "unable to commit audit record"
+msgstr "ni bilo mogoče uveljaviti zapisa presoje varnosti"
+
+#: plugins/sudoers/bsm_audit.c:160
+#, c-format
+msgid "getauid: failed"
+msgstr "getauid: spodletelo"
+
+#: plugins/sudoers/bsm_audit.c:183
+#, c-format
+msgid "au_to_text: failed"
+msgstr "au_to_text: spodletelo"
+
+#: plugins/sudoers/check.c:174
+msgid ""
+"\n"
+"We trust you have received the usual lecture from the local System\n"
+"Administrator. It usually boils down to these three things:\n"
+"\n"
+"    #1) Respect the privacy of others.\n"
+"    #2) Think before you type.\n"
+"    #3) With great power comes great responsibility.\n"
+"\n"
+msgstr ""
+"\n"
+"Verjetno vam je skrbnik sistemov že pridigal o varnosti,\n"
+"vendar si vseeno zapomnite naslednja pravila:\n"
+"\n"
+"    #1) Spoštujte zasebnost drugih.\n"
+"    #2) Premislite, preden izvedete ukaze.\n"
+"    #3) Velika moč prinaša veliko odgovornost.\n"
+"\n"
+
+#: plugins/sudoers/check.c:212 plugins/sudoers/check.c:218
+#: plugins/sudoers/sudoers.c:562 plugins/sudoers/sudoers.c:566
+#, c-format
+msgid "unknown uid: %u"
+msgstr "neznan ID uporabnika: %u"
+
+#: plugins/sudoers/check.c:215 plugins/sudoers/policy.c:635
+#: plugins/sudoers/sudoers.c:845 plugins/sudoers/testsudoers.c:215
+#: plugins/sudoers/testsudoers.c:359
+#, c-format
+msgid "unknown user: %s"
+msgstr "neznan uporabnik: %s"
+
+#: plugins/sudoers/def_data.c:27
+#, c-format
+msgid "Syslog facility if syslog is being used for logging: %s"
+msgstr "Pripomoček syslog, če se syslog uporablja za beleženje: %s"
+
+#: plugins/sudoers/def_data.c:31
+#, c-format
+msgid "Syslog priority to use when user authenticates successfully: %s"
+msgstr "Prednost syslog, ko se uporabnik uspešno overi: %s"
+
+#: plugins/sudoers/def_data.c:35
+#, c-format
+msgid "Syslog priority to use when user authenticates unsuccessfully: %s"
+msgstr "Prednost syslog, ko se uporabnik ne overi uspešno: %s"
+
+#: plugins/sudoers/def_data.c:39
+msgid "Put OTP prompt on its own line"
+msgstr "postavi poziv OTP v svojo vrstico"
+
+#: plugins/sudoers/def_data.c:43
+msgid "Ignore '.' in $PATH"
+msgstr "Prezri '.' v $PATH"
+
+#: plugins/sudoers/def_data.c:47
+msgid "Always send mail when sudo is run"
+msgstr "Vedno pošlji pošto, kadar se zažene sudo"
+
+#: plugins/sudoers/def_data.c:51
+msgid "Send mail if user authentication fails"
+msgstr "Pošlji pošto, če overitev uporabnika spodleti"
+
+#: plugins/sudoers/def_data.c:55
+msgid "Send mail if the user is not in sudoers"
+msgstr "Pošlji pošto, če uporabnik ni v sudoers"
+
+#: plugins/sudoers/def_data.c:59
+msgid "Send mail if the user is not in sudoers for this host"
+msgstr "Pošlji pošto, če uporabnik ni v sudoers za tega gostitelja"
+
+#: plugins/sudoers/def_data.c:63
+msgid "Send mail if the user is not allowed to run a command"
+msgstr "Pošlji pošto, če uporabniku ni dovoljeno zagnati ukaza"
+
+#: plugins/sudoers/def_data.c:67
+msgid "Use a separate timestamp for each user/tty combo"
+msgstr "Uporabi ločen časovni žig za vsako kombinacijo uporabnik/tty"
+
+#: plugins/sudoers/def_data.c:71
+msgid "Lecture user the first time they run sudo"
+msgstr "Poduči uporabnika, ko prvič zažene sudo"
+
+#: plugins/sudoers/def_data.c:75
+#, c-format
+msgid "File containing the sudo lecture: %s"
+msgstr "Datoteka, ki vsebuje poduk sudo: %s"
+
+#: plugins/sudoers/def_data.c:79
+msgid "Require users to authenticate by default"
+msgstr "Privzeto zahtevaj od uporabnikov, da se overijo"
+
+#: plugins/sudoers/def_data.c:83
+msgid "Root may run sudo"
+msgstr "Skrbnik lahko zažene sudo"
+
+#: plugins/sudoers/def_data.c:87
+msgid "Log the hostname in the (non-syslog) log file"
+msgstr "Beleži ime gostitelja v datoteko dnevnika (ne v sistemski dnevnik)"
+
+#: plugins/sudoers/def_data.c:91
+msgid "Log the year in the (non-syslog) log file"
+msgstr "Beleži leto v (ne-syslog) dnevniško datoteko"
+
+#: plugins/sudoers/def_data.c:95
+msgid "If sudo is invoked with no arguments, start a shell"
+msgstr "Če je sudo poklican brez argumentov, začni lupino"
+
+#: plugins/sudoers/def_data.c:99
+msgid "Set $HOME to the target user when starting a shell with -s"
+msgstr "Postavi $HOME ciljnemu uporabniku, kadar se začne lupina s -s"
+
+#: plugins/sudoers/def_data.c:103
+msgid "Always set $HOME to the target user's home directory"
+msgstr "Vedno postavi $HOME domači mapi ciljnega uporabnika"
+
+#: plugins/sudoers/def_data.c:107
+msgid "Allow some information gathering to give useful error messages"
+msgstr "Dovoli zbrati nekaj podrobnosti za uporabna sporočila napak"
+
+#: plugins/sudoers/def_data.c:111
+msgid "Require fully-qualified hostnames in the sudoers file"
+msgstr "Zahtevaj povsem uvrščena imena gostiteljev v datoteki sudoers"
+
+#: plugins/sudoers/def_data.c:115
+msgid "Insult the user when they enter an incorrect password"
+msgstr "Užali uporabnika, ko vnese nepravilno geslo"
+
+#: plugins/sudoers/def_data.c:119
+msgid "Only allow the user to run sudo if they have a tty"
+msgstr "Dovoli uporabniku zagnati sudo samo v primeru, če imajo tty"
+
+#: plugins/sudoers/def_data.c:123
+msgid "Visudo will honor the EDITOR environment variable"
+msgstr "Visudo bo spoštoval spremenljivko okolja UREJEVALNIKA"
+
+#: plugins/sudoers/def_data.c:127
+msgid "Prompt for root's password, not the users's"
+msgstr "Pozovi za geslo skrbnika, ne uporabnika"
+
+#: plugins/sudoers/def_data.c:131
+msgid "Prompt for the runas_default user's password, not the users's"
+msgstr "Pozovi za geslo uporabnika runas_default namesto uporabnikovega gesla"
+
+#: plugins/sudoers/def_data.c:135
+msgid "Prompt for the target user's password, not the users's"
+msgstr "Pozovi za geslo ciljnega uporabnika namesto uporabnikovega"
+
+#: plugins/sudoers/def_data.c:139
+msgid "Apply defaults in the target user's login class if there is one"
+msgstr "Uveljavi privzete vrednosti v ciljnem uporabniškem razredu prijave, če le ta obstaja"
+
+#: plugins/sudoers/def_data.c:143
+msgid "Set the LOGNAME and USER environment variables"
+msgstr "Nastavi spremenljivke okolja LOGNAME in USER"
+
+#: plugins/sudoers/def_data.c:147
+msgid "Only set the effective uid to the target user, not the real uid"
+msgstr "Nastavi samo dejanski ID uporabnika ciljnemu uporabniku, ne resničnega ID-ja"
+
+#: plugins/sudoers/def_data.c:151
+msgid "Don't initialize the group vector to that of the target user"
+msgstr "Ne začenjaj vektorja skupine ciljnega uporabnika"
+
+#: plugins/sudoers/def_data.c:155
+#, c-format
+msgid "Length at which to wrap log file lines (0 for no wrap): %d"
+msgstr "Dolžina, pri kateri se naj prelomijo vrstice datotek beleženja (0 za brez lomljenja):% d"
+
+#: plugins/sudoers/def_data.c:159
+#, c-format
+msgid "Authentication timestamp timeout: %.1f minutes"
+msgstr "Časovni potek overitve časovnega žiga: %.1f minut"
+
+#: plugins/sudoers/def_data.c:163
+#, c-format
+msgid "Password prompt timeout: %.1f minutes"
+msgstr "Zakasnitev poziva gesla: %.1f minut"
+
+#: plugins/sudoers/def_data.c:167
+#, c-format
+msgid "Number of tries to enter a password: %d"
+msgstr "Število poskusov vnosa gesla: %d"
+
+#: plugins/sudoers/def_data.c:171
+#, c-format
+msgid "Umask to use or 0777 to use user's: 0%o"
+msgstr "Uporabniška maska, ki bo uporabljena ali 0777 za uporabo uporabnikove: 0%o"
+
+#: plugins/sudoers/def_data.c:175
+#, c-format
+msgid "Path to log file: %s"
+msgstr "Pot do datoteke beleženja: %s"
+
+#: plugins/sudoers/def_data.c:179
+#, c-format
+msgid "Path to mail program: %s"
+msgstr "Pot do programa pošte: %s"
+
+#: plugins/sudoers/def_data.c:183
+#, c-format
+msgid "Flags for mail program: %s"
+msgstr "Zastavice za program pošte: %s"
+
+#: plugins/sudoers/def_data.c:187
+#, c-format
+msgid "Address to send mail to: %s"
+msgstr "Naslov prejemnika pošte: %s"
+
+#: plugins/sudoers/def_data.c:191
+#, c-format
+msgid "Address to send mail from: %s"
+msgstr "Naslov pošiljatelja pošte: %s"
+
+#: plugins/sudoers/def_data.c:195
+#, c-format
+msgid "Subject line for mail messages: %s"
+msgstr "Vrstica zadeve za poštna sporočila: %s"
+
+#: plugins/sudoers/def_data.c:199
+#, c-format
+msgid "Incorrect password message: %s"
+msgstr "Nepravilno sporočilo gesla: %s"
+
+#: plugins/sudoers/def_data.c:203
+#, c-format
+msgid "Path to authentication timestamp dir: %s"
+msgstr "Pot do mape časovnega žiga overitve: %s"
+
+#: plugins/sudoers/def_data.c:207
+#, c-format
+msgid "Owner of the authentication timestamp dir: %s"
+msgstr "Lastnik mape časovnega žiga overitve: %s"
+
+#: plugins/sudoers/def_data.c:211
+#, c-format
+msgid "Users in this group are exempt from password and PATH requirements: %s"
+msgstr "Uporabnikov v tej skupini zahteve gesla in PATH ne omejujejo: %s"
+
+#: plugins/sudoers/def_data.c:215
+#, c-format
+msgid "Default password prompt: %s"
+msgstr "Privzeti poziv gesla: %s"
+
+#: plugins/sudoers/def_data.c:219
+msgid "If set, passprompt will override system prompt in all cases."
+msgstr "Če je poziv gesla nastavljen, bo prepisal sistemski poziv v vseh primerih."
+
+#: plugins/sudoers/def_data.c:223
+#, c-format
+msgid "Default user to run commands as: %s"
+msgstr "Privzet uporabnik za izvajanje ukazov kot: %s"
+
+#: plugins/sudoers/def_data.c:227
+#, c-format
+msgid "Value to override user's $PATH with: %s"
+msgstr "Vrednost, s katerim se bo prepisal $PATH uporabnika: %s"
+
+#: plugins/sudoers/def_data.c:231
+#, c-format
+msgid "Path to the editor for use by visudo: %s"
+msgstr "Pot do urejevalnika za uporabo z visudo: %s"
+
+#: plugins/sudoers/def_data.c:235
+#, c-format
+msgid "When to require a password for 'list' pseudocommand: %s"
+msgstr "Kdaj naj bo zahtevano geslo za psevdoukaz 'list': %s"
+
+#: plugins/sudoers/def_data.c:239
+#, c-format
+msgid "When to require a password for 'verify' pseudocommand: %s"
+msgstr "Kdaj naj bo zahtevano geslo za psevdoukaz 'verify': %s"
+
+#: plugins/sudoers/def_data.c:243
+msgid "Preload the dummy exec functions contained in the sudo_noexec library"
+msgstr "Prednaloži preizkusne funkcije, shranjene v knjižnici sudo_noexec"
+
+#: plugins/sudoers/def_data.c:247
+msgid "If LDAP directory is up, do we ignore local sudoers file"
+msgstr "Če je mapa LDAP na voljo, bodo krajevne datoteke sudoers prezrte"
+
+#: plugins/sudoers/def_data.c:251
+#, c-format
+msgid "File descriptors >= %d will be closed before executing a command"
+msgstr "Opisniki datotek >= %d bodo končani pred izvedbo ukaza"
+
+#: plugins/sudoers/def_data.c:255
+msgid "If set, users may override the value of `closefrom' with the -C option"
+msgstr "Če je nastavljeno, lahko uporabniki prepišejo vrednost `closefrom' z možnostjo -C"
+
+#: plugins/sudoers/def_data.c:259
+msgid "Allow users to set arbitrary environment variables"
+msgstr "Dovoli uporabnikom nastavljanje poljubnih spremenljivk okolja"
+
+#: plugins/sudoers/def_data.c:263
+msgid "Reset the environment to a default set of variables"
+msgstr "Ponastavi okolje na privzet nabor spremenljivk"
+
+#: plugins/sudoers/def_data.c:267
+msgid "Environment variables to check for sanity:"
+msgstr "Spremenljivke okolja, ki bodo preverjene za smiselnost:"
+
+#: plugins/sudoers/def_data.c:271
+msgid "Environment variables to remove:"
+msgstr "Spremenljivke okolja za odstranitev:"
+
+#: plugins/sudoers/def_data.c:275
+msgid "Environment variables to preserve:"
+msgstr "Spremenljivke okolja za ohranitev:"
+
+#: plugins/sudoers/def_data.c:279
+#, c-format
+msgid "SELinux role to use in the new security context: %s"
+msgstr "Vloga SELinux za uporabo v novi vsebini varnosti: %s"
+
+#: plugins/sudoers/def_data.c:283
+#, c-format
+msgid "SELinux type to use in the new security context: %s"
+msgstr "Vrsta SELinux za uporabo v novi vsebini varnosti: %s"
+
+#: plugins/sudoers/def_data.c:287
+#, c-format
+msgid "Path to the sudo-specific environment file: %s"
+msgstr "Pot do določene sudo datoteke okolja: %s"
+
+#: plugins/sudoers/def_data.c:291
+#, c-format
+msgid "Locale to use while parsing sudoers: %s"
+msgstr "Jezikovna oznaka za uporabo pri razčlenjevanju sudoers: %s"
+
+#: plugins/sudoers/def_data.c:295
+msgid "Allow sudo to prompt for a password even if it would be visible"
+msgstr "Dovoli programu sudo, da vpraša za geslo, čeprav bi bilo le-to vidno"
+
+#: plugins/sudoers/def_data.c:299
+msgid "Provide visual feedback at the password prompt when there is user input"
+msgstr "Zagotovi viden odziv ob vnosu gesla ob vnosu uporabnika"
+
+#: plugins/sudoers/def_data.c:303
+msgid "Use faster globbing that is less accurate but does not access the filesystem"
+msgstr "Uporabi hitrejše razširjanje imen poti, ki je manj natančno, vendar ne dostopa do datotečnega sistema"
+
+#: plugins/sudoers/def_data.c:307
+msgid "The umask specified in sudoers will override the user's, even if it is more permissive"
+msgstr "Uporabniška maska v sudoers bo prepisala uporabnikovo tudi, če je bolj premisivna"
+
+#: plugins/sudoers/def_data.c:311
+msgid "Log user's input for the command being run"
+msgstr "Beleži vnos uporabnika za ukaz, ki se izvaja"
+
+#: plugins/sudoers/def_data.c:315
+msgid "Log the output of the command being run"
+msgstr "Beleži izpis ukaza, ki se izvaja"
+
+#: plugins/sudoers/def_data.c:319
+msgid "Compress I/O logs using zlib"
+msgstr "Stisni dnevnike I/O s pomočjo zlib"
+
+#: plugins/sudoers/def_data.c:323
+msgid "Always run commands in a pseudo-tty"
+msgstr "Vedno zaženi ukaze v psevdo-tty"
+
+#: plugins/sudoers/def_data.c:327
+#, c-format
+msgid "Plugin for non-Unix group support: %s"
+msgstr "Vstavek za podporo skupinam, ki niso del Unixa: %s"
+
+#: plugins/sudoers/def_data.c:331
+#, c-format
+msgid "Directory in which to store input/output logs: %s"
+msgstr "Mapa, v kateri bodo shranjeni dnevniki vnosov/izpisov: %s"
+
+#: plugins/sudoers/def_data.c:335
+#, c-format
+msgid "File in which to store the input/output log: %s"
+msgstr "Datoteka, v kateri bo shranjen dnevnik vnosov/izpisov: %s"
+
+#: plugins/sudoers/def_data.c:339
+msgid "Add an entry to the utmp/utmpx file when allocating a pty"
+msgstr "Dodaj vstop datoteki utmp/utmpx, kadar se dodeljuje pty"
+
+#: plugins/sudoers/def_data.c:343
+msgid "Set the user in utmp to the runas user, not the invoking user"
+msgstr "Nastavi uporabnika v utmp uporabniku runas, ne poklicanemu uporabniku"
+
+#: plugins/sudoers/def_data.c:347
+msgid "Set of permitted privileges"
+msgstr "Niz omogočenih dovoljenj"
+
+#: plugins/sudoers/def_data.c:351
+msgid "Set of limit privileges"
+msgstr "Niz omejenih dovoljenj"
+
+#: plugins/sudoers/def_data.c:355
+msgid "Run commands on a pty in the background"
+msgstr "Zaženi ukaze v terminalu v ozadju"
+
+#: plugins/sudoers/def_data.c:359
+msgid "Create a new PAM session for the command to run in"
+msgstr "Ustvari sejo PAM, v kateri se bodo ukazi izvajali"
+
+#: plugins/sudoers/def_data.c:363
+msgid "Maximum I/O log sequence number"
+msgstr "Največja zaporedna številka dnevnika I/O"
+
+#: plugins/sudoers/defaults.c:207 plugins/sudoers/defaults.c:587
+#, c-format
+msgid "unknown defaults entry `%s'"
+msgstr "neznan privzet vnos `%s'"
+
+#: plugins/sudoers/defaults.c:215 plugins/sudoers/defaults.c:225
+#: plugins/sudoers/defaults.c:245 plugins/sudoers/defaults.c:258
+#: plugins/sudoers/defaults.c:271 plugins/sudoers/defaults.c:284
+#: plugins/sudoers/defaults.c:297 plugins/sudoers/defaults.c:317
+#: plugins/sudoers/defaults.c:327
+#, c-format
+msgid "value `%s' is invalid for option `%s'"
+msgstr "vrednost `%s' je neveljavna za možnost `%s'"
+
+#: plugins/sudoers/defaults.c:218 plugins/sudoers/defaults.c:228
+#: plugins/sudoers/defaults.c:236 plugins/sudoers/defaults.c:253
+#: plugins/sudoers/defaults.c:266 plugins/sudoers/defaults.c:279
+#: plugins/sudoers/defaults.c:292 plugins/sudoers/defaults.c:312
+#: plugins/sudoers/defaults.c:323
+#, c-format
+msgid "no value specified for `%s'"
+msgstr "za `%s' ni določena nobena vrednost"
+
+#: plugins/sudoers/defaults.c:241
+#, c-format
+msgid "values for `%s' must start with a '/'"
+msgstr "vrednosti za `%s' se morajo začeti s '/'"
+
+#: plugins/sudoers/defaults.c:303
+#, c-format
+msgid "option `%s' does not take a value"
+msgstr "možnost `%s' ne sprejme vrednosti"
+
+#: plugins/sudoers/env.c:288 plugins/sudoers/env.c:293
+#: plugins/sudoers/env.c:395 plugins/sudoers/linux_audit.c:82
+#: plugins/sudoers/policy.c:420 plugins/sudoers/policy.c:427
+#: plugins/sudoers/prompt.c:171 plugins/sudoers/sudoers.c:654
+#: plugins/sudoers/testsudoers.c:243
+#, c-format
+msgid "internal error, %s overflow"
+msgstr "notranja napaka, prekoračitev funkcije %s"
+
+#: plugins/sudoers/env.c:367
+#, c-format
+msgid "sudo_putenv: corrupted envp, length mismatch"
+msgstr "sudo_putenv: pokvarjen envp, neujemanje dolžine"
+
+#: plugins/sudoers/env.c:1012
+#, c-format
+msgid "sorry, you are not allowed to set the following environment variables: %s"
+msgstr "nimate dovoljenj nastavljati naslednjih spremenljivk okolja: %s"
+
+#: plugins/sudoers/group_plugin.c:102
+#, c-format
+msgid "%s must be owned by uid %d"
+msgstr "%s mora biti v lasti ID-ja uporabnika %d"
+
+#: plugins/sudoers/group_plugin.c:106
+#, c-format
+msgid "%s must only be writable by owner"
+msgstr "%s mora biti zapisljiv samo za lastnika"
+
+#: plugins/sudoers/group_plugin.c:113
+#, c-format
+msgid "unable to dlopen %s: %s"
+msgstr "ni mogoče uporabiti dlopen %s: %s"
+
+#: plugins/sudoers/group_plugin.c:118
+#, c-format
+msgid "unable to find symbol \"group_plugin\" in %s"
+msgstr "ni mogoče najti simbola \"group_plugin\" v %s"
+
+#: plugins/sudoers/group_plugin.c:123
+#, c-format
+msgid "%s: incompatible group plugin major version %d, expected %d"
+msgstr "%s: nezdružljiva večja različica vstavka skupin %d, pričakovana %d"
+
+#: plugins/sudoers/interfaces.c:119
+msgid "Local IP address and netmask pairs:\n"
+msgstr "Pari krajevnih naslovov IP in omrežnih mask:\n"
+
+#: plugins/sudoers/iolog.c:131 plugins/sudoers/iolog.c:144
+#: plugins/sudoers/timestamp.c:199 plugins/sudoers/timestamp.c:243
+#, c-format
+msgid "%s exists but is not a directory (0%o)"
+msgstr "%s že obstaja, toda ni mapa (0%o)"
+
+#: plugins/sudoers/iolog.c:141 plugins/sudoers/iolog.c:155
+#: plugins/sudoers/iolog.c:159 plugins/sudoers/timestamp.c:164
+#: plugins/sudoers/timestamp.c:220 plugins/sudoers/timestamp.c:270
+#, c-format
+msgid "unable to mkdir %s"
+msgstr "ustvarjenje mape %s z mkdir ni mogoče"
+
+#: plugins/sudoers/iolog.c:217 plugins/sudoers/sudoers.c:708
+#: plugins/sudoers/sudoreplay.c:354 plugins/sudoers/sudoreplay.c:815
+#: plugins/sudoers/sudoreplay.c:978 plugins/sudoers/timestamp.c:154
+#: plugins/sudoers/visudo.c:809
+#, c-format
+msgid "unable to open %s"
+msgstr "ni mogoče odpreti %s"
+
+#: plugins/sudoers/iolog.c:250 plugins/sudoers/sudoers.c:711
+#, c-format
+msgid "unable to read %s"
+msgstr "ni mogoče brati %s"
+
+#: plugins/sudoers/iolog.c:274 plugins/sudoers/timestamp.c:158
+#, c-format
+msgid "unable to write to %s"
+msgstr "ni mogoče pisati v %s"
+
+#: plugins/sudoers/iolog.c:334
+#, c-format
+msgid "unable to create %s"
+msgstr "ni mogoče ustvariti %s"
+
+#: plugins/sudoers/ldap.c:385
+#, c-format
+msgid "sudo_ldap_conf_add_ports: port too large"
+msgstr "sudo_ldap_conf_add_ports: vrednost vrat je prevelika"
+
+#: plugins/sudoers/ldap.c:408
+#, c-format
+msgid "sudo_ldap_conf_add_ports: out of space expanding hostbuf"
+msgstr "sudo_ldap_conf_add_ports: med razširjanjem hostbuf je zmanjkalo prostora"
+
+#: plugins/sudoers/ldap.c:438
+#, c-format
+msgid "unsupported LDAP uri type: %s"
+msgstr "nepodprta vrsta uri-ja LDAP: %s"
+
+#: plugins/sudoers/ldap.c:467
+#, c-format
+msgid "invalid uri: %s"
+msgstr "neveljaven uri: %s"
+
+#: plugins/sudoers/ldap.c:473
+#, c-format
+msgid "unable to mix ldap and ldaps URIs"
+msgstr "ni mogoče mešati URI-jev ldap in ldaps"
+
+#: plugins/sudoers/ldap.c:477
+#, c-format
+msgid "unable to mix ldaps and starttls"
+msgstr "ni mogoče mešati ldaps in starttls"
+
+#: plugins/sudoers/ldap.c:496
+#, c-format
+msgid "sudo_ldap_parse_uri: out of space building hostbuf"
+msgstr "sudo_ldap_parse_uri: med izgradnjo hostbuf je zmanjkalo prostora"
+
+#: plugins/sudoers/ldap.c:570
+#, c-format
+msgid "unable to initialize SSL cert and key db: %s"
+msgstr "ni mogoče začenjati potrdila SSL in ključa db: %s"
+
+#: plugins/sudoers/ldap.c:573
+#, c-format
+msgid "you must set TLS_CERT in %s to use SSL"
+msgstr "za uporabo SSL-ja morate nastaviti TSL_CERT v datoteki %s"
+
+#: plugins/sudoers/ldap.c:996
+#, c-format
+msgid "unable to get GMT time"
+msgstr "ni mogoče dobiti časa GMT"
+
+#: plugins/sudoers/ldap.c:1002
+#, c-format
+msgid "unable to format timestamp"
+msgstr "ni mogoče oblikovati časovnega žiga"
+
+#: plugins/sudoers/ldap.c:1010
+#, c-format
+msgid "unable to build time filter"
+msgstr "ni mogoče izgraditi časovnega filtra"
+
+#: plugins/sudoers/ldap.c:1229
+#, c-format
+msgid "sudo_ldap_build_pass1 allocation mismatch"
+msgstr "sudo_ldap_build_pass1 neujemanje dodelitve"
+
+#: plugins/sudoers/ldap.c:1776
+#, c-format
+msgid ""
+"\n"
+"LDAP Role: %s\n"
+msgstr ""
+"\n"
+"Vloga LDAP: %s\n"
+
+#: plugins/sudoers/ldap.c:1778
+#, c-format
+msgid ""
+"\n"
+"LDAP Role: UNKNOWN\n"
+msgstr ""
+"\n"
+"Vloga LDAP: NEZNANA\n"
+
+#: plugins/sudoers/ldap.c:1825
+#, c-format
+msgid "    Order: %s\n"
+msgstr "    Vrstni red: %s\n"
+
+#: plugins/sudoers/ldap.c:1833 plugins/sudoers/parse.c:515
+#: plugins/sudoers/sssd.c:1173
+#, c-format
+msgid "    Commands:\n"
+msgstr "    Ukazi:\n"
+
+#: plugins/sudoers/ldap.c:2255
+#, c-format
+msgid "unable to initialize LDAP: %s"
+msgstr "ni mogoče začeti LDAP: %s"
+
+#: plugins/sudoers/ldap.c:2289
+#, c-format
+msgid "start_tls specified but LDAP libs do not support ldap_start_tls_s() or ldap_start_tls_s_np()"
+msgstr "start_tls je določen, toda knjižnice LDAP ne podpirajo ldap_start_tls_s() ali ldap_start_tls_s_np()"
+
+#: plugins/sudoers/ldap.c:2525
+#, c-format
+msgid "invalid sudoOrder attribute: %s"
+msgstr "neveljaven atribut sudoOrder: %s"
+
+#: plugins/sudoers/linux_audit.c:57
+#, c-format
+msgid "unable to open audit system"
+msgstr "ni mogoče odpreti nadzornega sistema"
+
+#: plugins/sudoers/linux_audit.c:93
+#, c-format
+msgid "unable to send audit message"
+msgstr "ni mogoče poslati nadzornega sporočila"
+
+#: plugins/sudoers/logging.c:140
+#, c-format
+msgid "%8s : %s"
+msgstr "%8s : %s"
+
+#: plugins/sudoers/logging.c:168
+#, c-format
+msgid "%8s : (command continued) %s"
+msgstr "%8s : (ukaz) %s"
+
+#: plugins/sudoers/logging.c:194
+#, c-format
+msgid "unable to open log file: %s: %s"
+msgstr "ni mogoče odpreti datoteke dnevnika: %s: %s"
+
+#: plugins/sudoers/logging.c:197
+#, c-format
+msgid "unable to lock log file: %s: %s"
+msgstr "ni mogoče zakleniti datoteke dnevnika: %s: %s"
+
+#: plugins/sudoers/logging.c:245
+msgid "No user or host"
+msgstr "Brez uporabnika ali gostitelja"
+
+#: plugins/sudoers/logging.c:247
+msgid "validation failure"
+msgstr "potrjevanje veljavnosti ni uspelo"
+
+#: plugins/sudoers/logging.c:254
+msgid "user NOT in sudoers"
+msgstr "uporabnika NI v sudoers"
+
+#: plugins/sudoers/logging.c:256
+msgid "user NOT authorized on host"
+msgstr "uporabnik NI pooblaščen na gostitelju"
+
+#: plugins/sudoers/logging.c:258
+msgid "command not allowed"
+msgstr "ukaz ni dovoljen"
+
+#: plugins/sudoers/logging.c:288
+#, c-format
+msgid "%s is not in the sudoers file.  This incident will be reported.\n"
+msgstr "%s ni v datoteki sudoers. Ta dogodek bo zabeležen.\n"
+
+#: plugins/sudoers/logging.c:291
+#, c-format
+msgid "%s is not allowed to run sudo on %s.  This incident will be reported.\n"
+msgstr "%s nima dovoljenj za izvajanje sudo na %s. Ta dogodek bo zabeležen.\n"
+
+#: plugins/sudoers/logging.c:295
+#, c-format
+msgid "Sorry, user %s may not run sudo on %s.\n"
+msgstr "Uporabnik %s ne sme izvajati sudo na %s.\n"
+
+#: plugins/sudoers/logging.c:298
+#, c-format
+msgid "Sorry, user %s is not allowed to execute '%s%s%s' as %s%s%s on %s.\n"
+msgstr "Uporabnik %s ne sme zagnati '%s%s%s' kot %s%s%s na %s.\n"
+
+#: plugins/sudoers/logging.c:335 plugins/sudoers/sudoers.c:383
+#: plugins/sudoers/sudoers.c:384 plugins/sudoers/sudoers.c:386
+#: plugins/sudoers/sudoers.c:387 plugins/sudoers/sudoers.c:1001
+#: plugins/sudoers/sudoers.c:1002
+#, c-format
+msgid "%s: command not found"
+msgstr "%s: ukaza ni bilo mogoče najti"
+
+#: plugins/sudoers/logging.c:337 plugins/sudoers/sudoers.c:379
+#, c-format
+msgid ""
+"ignoring `%s' found in '.'\n"
+"Use `sudo ./%s' if this is the `%s' you wish to run."
+msgstr ""
+"prezrtje `%s', najdenega v '.'\n"
+"Uporabite `sudo ./%s', če je to `%s', ki ga želite zagnati."
+
+#: plugins/sudoers/logging.c:353
+msgid "authentication failure"
+msgstr "napaka overitve"
+
+#: plugins/sudoers/logging.c:379
+msgid "a password is required"
+msgstr "zahtevano je geslo"
+
+#: plugins/sudoers/logging.c:443 plugins/sudoers/logging.c:487
+#, c-format
+msgid "%d incorrect password attempt"
+msgid_plural "%d incorrect password attempts"
+msgstr[0] "%d nepravilnih poskusov vnosa gesla"
+msgstr[1] "%d nepravilen poskus vnosa gesla"
+msgstr[2] "%d nepravilna poskusa vnosa gesla"
+msgstr[3] "%d nepravilni poskusi vnosa gesla"
+
+#: plugins/sudoers/logging.c:566
+#, c-format
+msgid "unable to fork"
+msgstr "ni mogoče razvejiti"
+
+#: plugins/sudoers/logging.c:573 plugins/sudoers/logging.c:629
+#, c-format
+msgid "unable to fork: %m"
+msgstr "ni mogoče razvejiti: %m"
+
+#: plugins/sudoers/logging.c:619
+#, c-format
+msgid "unable to open pipe: %m"
+msgstr "ni mogoče odpreti cevi: %m"
+
+#: plugins/sudoers/logging.c:644
+#, c-format
+msgid "unable to dup stdin: %m"
+msgstr "ni mogoče podvojiti stdin: %m"
+
+#: plugins/sudoers/logging.c:680
+#, c-format
+msgid "unable to execute %s: %m"
+msgstr "ni mogoče izvesti %s: %m"
+
+#: plugins/sudoers/logging.c:899
+#, c-format
+msgid "internal error: insufficient space for log line"
+msgstr "notranja napaka: premalo prostora za vrstico dnevnika"
+
+#: plugins/sudoers/parse.c:124
+#, c-format
+msgid "parse error in %s near line %d"
+msgstr "napaka razčlenjevanja v %s blizu vrstice %d"
+
+#: plugins/sudoers/parse.c:127
+#, c-format
+msgid "parse error in %s"
+msgstr "napaka med razčlenjevanjem datoteke %s"
+
+#: plugins/sudoers/parse.c:462
+#, c-format
+msgid ""
+"\n"
+"Sudoers entry:\n"
+msgstr ""
+"\n"
+"Vnos sudoers:\n"
+
+#: plugins/sudoers/parse.c:463
+#, c-format
+msgid "    RunAsUsers: "
+msgstr "    ZaženiKotUporabniki: "
+
+#: plugins/sudoers/parse.c:477
+#, c-format
+msgid "    RunAsGroups: "
+msgstr "    ZaženiKotSkupine: "
+
+#: plugins/sudoers/parse.c:486
+#, c-format
+msgid "    Options: "
+msgstr "    Možnosti: "
+
+#: plugins/sudoers/policy.c:517 plugins/sudoers/visudo.c:750
+#, c-format
+msgid "unable to execute %s"
+msgstr "ni mogoče izvršiti %s"
+
+#: plugins/sudoers/policy.c:659
+#, c-format
+msgid "Sudoers policy plugin version %s\n"
+msgstr "Vstavek pravilnika sudoers različica %s\n"
+
+#: plugins/sudoers/policy.c:661
+#, c-format
+msgid "Sudoers file grammar version %d\n"
+msgstr "Datoteka slovnice sudoers različica %d\n"
+
+#: plugins/sudoers/policy.c:665
+#, c-format
+msgid ""
+"\n"
+"Sudoers path: %s\n"
+msgstr ""
+"\n"
+"Pot sudoers: %s\n"
+
+#: plugins/sudoers/policy.c:668
+#, c-format
+msgid "nsswitch path: %s\n"
+msgstr "pot nsswitch: %s\n"
+
+#: plugins/sudoers/policy.c:670
+#, c-format
+msgid "ldap.conf path: %s\n"
+msgstr "pot ldap.conf: %s\n"
+
+#: plugins/sudoers/policy.c:671
+#, c-format
+msgid "ldap.secret path: %s\n"
+msgstr "pot ldap.secret: %s\n"
+
+#: plugins/sudoers/pwutil.c:148
+#, c-format
+msgid "unable to cache uid %u, already exists"
+msgstr "ni mogoče predpomniti ID-ja uporabnika %u, že obstaja"
+
+#: plugins/sudoers/pwutil.c:190
+#, c-format
+msgid "unable to cache user %s, already exists"
+msgstr "ni mogoče predpomniti uporabnika %s, že obstaja"
+
+#: plugins/sudoers/pwutil.c:374
+#, c-format
+msgid "unable to cache gid %u, already exists"
+msgstr "ni mogoče predpomniti ID-ja skupine %u, že obstaja"
+
+#: plugins/sudoers/pwutil.c:410
+#, c-format
+msgid "unable to cache group %s, already exists"
+msgstr "ni mogoče predpomniti skupine %s, že obstaja"
+
+#: plugins/sudoers/pwutil.c:564 plugins/sudoers/pwutil.c:586
+#, c-format
+msgid "unable to cache group list for %s, already exists"
+msgstr "seznama skupina za %s ni mogoče predpomniti, saj že obstaja"
+
+#: plugins/sudoers/pwutil.c:584
+#, c-format
+msgid "unable to parse groups for %s"
+msgstr "skupin za %s ni mogoče razčleniti"
+
+#: plugins/sudoers/set_perms.c:122 plugins/sudoers/set_perms.c:445
+#: plugins/sudoers/set_perms.c:846 plugins/sudoers/set_perms.c:1141
+#: plugins/sudoers/set_perms.c:1431
+msgid "perm stack overflow"
+msgstr "prekoračitev trajnega sklada"
+
+#: plugins/sudoers/set_perms.c:130 plugins/sudoers/set_perms.c:453
+#: plugins/sudoers/set_perms.c:854 plugins/sudoers/set_perms.c:1149
+#: plugins/sudoers/set_perms.c:1439
+msgid "perm stack underflow"
+msgstr "prekoračitev spodnje meje trajnega sklada"
+
+#: plugins/sudoers/set_perms.c:189 plugins/sudoers/set_perms.c:500
+#: plugins/sudoers/set_perms.c:1200 plugins/sudoers/set_perms.c:1471
+msgid "unable to change to root gid"
+msgstr "številke skupine skrbnika ni mogoče spremeniti"
+
+#: plugins/sudoers/set_perms.c:278 plugins/sudoers/set_perms.c:597
+#: plugins/sudoers/set_perms.c:983 plugins/sudoers/set_perms.c:1277
+msgid "unable to change to runas gid"
+msgstr "ni mogoče spremeniti v ID-ja skupine runas"
+
+#: plugins/sudoers/set_perms.c:290 plugins/sudoers/set_perms.c:609
+#: plugins/sudoers/set_perms.c:993 plugins/sudoers/set_perms.c:1287
+msgid "unable to change to runas uid"
+msgstr "ni mogoče spremeniti v ID-ja uporabnika runas"
+
+#: plugins/sudoers/set_perms.c:308 plugins/sudoers/set_perms.c:627
+#: plugins/sudoers/set_perms.c:1009 plugins/sudoers/set_perms.c:1303
+msgid "unable to change to sudoers gid"
+msgstr "ni mogoče spremeniti ID-ja skupine sudoers"
+
+#: plugins/sudoers/set_perms.c:361 plugins/sudoers/set_perms.c:698
+#: plugins/sudoers/set_perms.c:1055 plugins/sudoers/set_perms.c:1349
+#: plugins/sudoers/set_perms.c:1515
+msgid "too many processes"
+msgstr "preveč opravil"
+
+#: plugins/sudoers/set_perms.c:1583
+msgid "unable to set runas group vector"
+msgstr "ni mogoče nastaviti vektorja skupine runas"
+
+#: plugins/sudoers/sssd.c:256
+#, c-format
+msgid "Unable to dlopen %s: %s"
+msgstr "ni mogoče uporabiti dlopen %s: %s"
+
+#: plugins/sudoers/sssd.c:257
+#, c-format
+msgid "Unable to initialize SSS source. Is SSSD installed on your machine?"
+msgstr "Vira SSS ni mogoče zagnati. Ali je SSSD pravilno nameščen?"
+
+#: plugins/sudoers/sssd.c:263 plugins/sudoers/sssd.c:271
+#: plugins/sudoers/sssd.c:278 plugins/sudoers/sssd.c:285
+#: plugins/sudoers/sssd.c:292
+#, c-format
+msgid "unable to find symbol \"%s\" in %s"
+msgstr "simbola \"%s\" ni mogoče najti v %s"
+
+#: plugins/sudoers/sudo_nss.c:283
+#, c-format
+msgid "Matching Defaults entries for %s on this host:\n"
+msgstr "Ujemajoči vpisi privzetih vrednosti za %s na tem gostitelju:\n"
+
+#: plugins/sudoers/sudo_nss.c:296
+#, c-format
+msgid "Runas and Command-specific defaults for %s:\n"
+msgstr "Runas in ukazno določene privzete vrednosti za %s:\n"
+
+#: plugins/sudoers/sudo_nss.c:309
+#, c-format
+msgid "User %s may run the following commands on this host:\n"
+msgstr "Na tem gostitelju lahko uporabnik %s zažene naslednje ukaze:\n"
+
+#: plugins/sudoers/sudo_nss.c:318
+#, c-format
+msgid "User %s is not allowed to run sudo on %s.\n"
+msgstr "Uporabniku %s ni dovoljeno zagnati sudo na %s.\n"
+
+#: plugins/sudoers/sudoers.c:159 plugins/sudoers/sudoers.c:193
+#: plugins/sudoers/sudoers.c:673
+msgid "problem with defaults entries"
+msgstr "težave z vnosi privzetih vrednosti"
+
+#: plugins/sudoers/sudoers.c:165
+#, c-format
+msgid "no valid sudoers sources found, quitting"
+msgstr "najdenih niso bili nobeni veljavni viri sudoers, končanje"
+
+#: plugins/sudoers/sudoers.c:227
+#, c-format
+msgid "sudoers specifies that root is not allowed to sudo"
+msgstr "sudoers določa, da skrbniku ni dovoljeno uporabiti sudo"
+
+#: plugins/sudoers/sudoers.c:234
+#, c-format
+msgid "you are not permitted to use the -C option"
+msgstr "ni vam dovoljeno uporabiti možnosti -C"
+
+#: plugins/sudoers/sudoers.c:315
+#, c-format
+msgid "timestamp owner (%s): No such user"
+msgstr "lastnik časovnega žiga (%s): ni takšnega uporabnika"
+
+#: plugins/sudoers/sudoers.c:329
+msgid "no tty"
+msgstr "brez tty"
+
+#: plugins/sudoers/sudoers.c:330
+#, c-format
+msgid "sorry, you must have a tty to run sudo"
+msgstr "za izvajanje sudo morate imeti tty"
+
+#: plugins/sudoers/sudoers.c:378
+msgid "command in current directory"
+msgstr "ukaz v trenutni mapi"
+
+#: plugins/sudoers/sudoers.c:395
+#, c-format
+msgid "sorry, you are not allowed to preserve the environment"
+msgstr "nimate dovoljenj za ohranjanje okolja"
+
+#: plugins/sudoers/sudoers.c:723 plugins/sudoers/timestamp.c:215
+#: plugins/sudoers/timestamp.c:259 plugins/sudoers/timestamp.c:327
+#: plugins/sudoers/visudo.c:310 plugins/sudoers/visudo.c:576
+#, c-format
+msgid "unable to stat %s"
+msgstr "stanja %s ni mogoče dobiti"
+
+#: plugins/sudoers/sudoers.c:726
+#, c-format
+msgid "%s is not a regular file"
+msgstr "%s ni običajna datoteka"
+
+#: plugins/sudoers/sudoers.c:729 toke.l:842
+#, c-format
+msgid "%s is owned by uid %u, should be %u"
+msgstr "%s je v lasti ID-ja uporabnika %u, moral bi biti %u"
+
+#: plugins/sudoers/sudoers.c:733 toke.l:849
+#, c-format
+msgid "%s is world writable"
+msgstr "v datoteko %s lahko zapisujejo vsi uporabniki"
+
+#: plugins/sudoers/sudoers.c:736 toke.l:854
+#, c-format
+msgid "%s is owned by gid %u, should be %u"
+msgstr "%s je v lasti ID-ja skupine  %u, moral bi biti %u"
+
+#: plugins/sudoers/sudoers.c:763
+#, c-format
+msgid "only root can use `-c %s'"
+msgstr "samo skrbnik lahko uporabi `-c %s'"
+
+#: plugins/sudoers/sudoers.c:780 plugins/sudoers/sudoers.c:782
+#, c-format
+msgid "unknown login class: %s"
+msgstr "neznan razred prijave: %s"
+
+#: plugins/sudoers/sudoers.c:814
+#, c-format
+msgid "unable to resolve host %s"
+msgstr "ni mogoče razrešiti gostitelja %s"
+
+#: plugins/sudoers/sudoers.c:866 plugins/sudoers/testsudoers.c:377
+#, c-format
+msgid "unknown group: %s"
+msgstr "neznana skupina: %s"
+
+#: plugins/sudoers/sudoreplay.c:292
+#, c-format
+msgid "invalid filter option: %s"
+msgstr "neveljavna možnost filtra: %s"
+
+#: plugins/sudoers/sudoreplay.c:305
+#, c-format
+msgid "invalid max wait: %s"
+msgstr "neveljavna zgornja meja čakanja: %s"
+
+#: plugins/sudoers/sudoreplay.c:311
+#, c-format
+msgid "invalid speed factor: %s"
+msgstr "neveljaven dejavnik hitrosti: %s"
+
+#: plugins/sudoers/sudoreplay.c:314 plugins/sudoers/visudo.c:179
+#, c-format
+msgid "%s version %s\n"
+msgstr "%s različica %s\n"
+
+#: plugins/sudoers/sudoreplay.c:339
+#, c-format
+msgid "%s/%.2s/%.2s/%.2s/timing: %s"
+msgstr "%s/%.2s/%.2s/%.2s/časovna uskladitev: %s"
+
+#: plugins/sudoers/sudoreplay.c:345
+#, c-format
+msgid "%s/%s/timing: %s"
+msgstr "%s/%s/časovna uskladitev: %s"
+
+#: plugins/sudoers/sudoreplay.c:363
+#, c-format
+msgid "Replaying sudo session: %s\n"
+msgstr "Izpisovanje dnevnika seje sudo: %s\n"
+
+#: plugins/sudoers/sudoreplay.c:369
+#, c-format
+msgid "Warning: your terminal is too small to properly replay the log.\n"
+msgstr "Opozorilo: terminal je premajhen za pravilno izpisovanje dnevnika.\n"
+
+#: plugins/sudoers/sudoreplay.c:370
+#, c-format
+msgid "Log geometry is %d x %d, your terminal's geometry is %d x %d."
+msgstr "Geometrija dnevnika je %d x %d, medtem ko je geometrija terminala %d x %d."
+
+#: plugins/sudoers/sudoreplay.c:400
+#, c-format
+msgid "unable to set tty to raw mode"
+msgstr "ni mogoče nastaviti tty na surov način"
+
+#: plugins/sudoers/sudoreplay.c:416
+#, c-format
+msgid "invalid timing file line: %s"
+msgstr "neveljavna vrstica datoteke časovne uskladitve: %s"
+
+#: plugins/sudoers/sudoreplay.c:499
+#, c-format
+msgid "writing to standard output"
+msgstr "pisanje na standardni izhod"
+
+#: plugins/sudoers/sudoreplay.c:528
+#, c-format
+msgid "nanosleep: tv_sec %ld, tv_nsec %ld"
+msgstr "nanosleep: tv_sec %ld, tv_nsec %ld"
+
+#: plugins/sudoers/sudoreplay.c:641 plugins/sudoers/sudoreplay.c:666
+#, c-format
+msgid "ambiguous expression \"%s\""
+msgstr "dvoumen izraz \"%s\""
+
+#: plugins/sudoers/sudoreplay.c:683
+#, c-format
+msgid "too many parenthesized expressions, max %d"
+msgstr "preveč izrazov z oklepaji, največje število %d"
+
+#: plugins/sudoers/sudoreplay.c:694
+#, c-format
+msgid "unmatched ')' in expression"
+msgstr "v izrazu je neujemajoč ')'"
+
+#: plugins/sudoers/sudoreplay.c:700
+#, c-format
+msgid "unknown search term \"%s\""
+msgstr "naznan iskalni izraz \"%s\""
+
+#: plugins/sudoers/sudoreplay.c:714
+#, c-format
+msgid "%s requires an argument"
+msgstr "%s zahteva argument"
+
+#: plugins/sudoers/sudoreplay.c:718
+#, c-format
+msgid "invalid regular expression: %s"
+msgstr "neveljaven logični izraz: %s"
+
+#: plugins/sudoers/sudoreplay.c:724
+#, c-format
+msgid "could not parse date \"%s\""
+msgstr "ni mogoče razčleniti datuma \"%s\""
+
+#: plugins/sudoers/sudoreplay.c:737
+#, c-format
+msgid "unmatched '(' in expression"
+msgstr "v izrazu je neujemajoč '('"
+
+#: plugins/sudoers/sudoreplay.c:739
+#, c-format
+msgid "illegal trailing \"or\""
+msgstr "neveljaven zaključni \"or\""
+
+#: plugins/sudoers/sudoreplay.c:741
+#, c-format
+msgid "illegal trailing \"!\""
+msgstr "neveljaven zaključni \"!\""
+
+#: plugins/sudoers/sudoreplay.c:1058
+#, c-format
+msgid "invalid regex: %s"
+msgstr "neveljavni logični izraz: %s"
+
+#: plugins/sudoers/sudoreplay.c:1182
+#, c-format
+msgid "usage: %s [-h] [-d directory] [-m max_wait] [-s speed_factor] ID\n"
+msgstr "uporaba: %s [-h] [-d mapa] [-m zg_meja_čakanja] [-s faktor_hitrosti] ID\n"
+
+#: plugins/sudoers/sudoreplay.c:1185
+#, c-format
+msgid "usage: %s [-h] [-d directory] -l [search expression]\n"
+msgstr "uporaba: %s [-h] [-d mapa] -l [iskalni izraz]\n"
+
+#: plugins/sudoers/sudoreplay.c:1194
+#, c-format
+msgid ""
+"%s - replay sudo session logs\n"
+"\n"
+msgstr ""
+"%s - ponovno predvajaj dnevnike sej sudo\n"
+"\n"
+
+#: plugins/sudoers/sudoreplay.c:1196
+msgid ""
+"\n"
+"Options:\n"
+"  -d directory     specify directory for session logs\n"
+"  -f filter        specify which I/O type to display\n"
+"  -h               display help message and exit\n"
+"  -l [expression]  list available session IDs that match expression\n"
+"  -m max_wait      max number of seconds to wait between events\n"
+"  -s speed_factor  speed up or slow down output\n"
+"  -V               display version information and exit"
+msgstr ""
+"\n"
+"Možnosti:\n"
+"  -d mapa določi mapo za dnevnike sej\n"
+"  -f filter navedi, katera vrsta I/O se naj prikaže \n"
+"  -h prikaži sporočilo pomoči in končaj\n"
+"  -l [izraz] navedi razpoložljive ID-je sej, ki se ujemajo z izrazom\n"
+"  -m zg_meja_čakanja največje število sekund za čakanje med dogodki\n"
+"  -s faktor_hitrosti pospeši ali upočasni izhod\n"
+"  -V prikaži podrobnosti o različici in končaj"
+
+#: plugins/sudoers/testsudoers.c:328
+msgid "\thost  unmatched"
+msgstr "\tgostitelj se ne ujema"
+
+#: plugins/sudoers/testsudoers.c:331
+msgid ""
+"\n"
+"Command allowed"
+msgstr ""
+"\n"
+"Ukaz je dovoljen"
+
+#: plugins/sudoers/testsudoers.c:332
+msgid ""
+"\n"
+"Command denied"
+msgstr ""
+"\n"
+"Ukaz je bil zavrnjen"
+
+#: plugins/sudoers/testsudoers.c:332
+msgid ""
+"\n"
+"Command unmatched"
+msgstr ""
+"\n"
+"Ukaz se ne ujema"
+
+#: plugins/sudoers/timestamp.c:128
+#, c-format
+msgid "timestamp path too long: %s"
+msgstr "pot časovnega žiga je predolga : %s"
+
+#: plugins/sudoers/timestamp.c:202 plugins/sudoers/timestamp.c:246
+#: plugins/sudoers/timestamp.c:291
+#, c-format
+msgid "%s owned by uid %u, should be uid %u"
+msgstr "%s je v lasti ID-ja uporabnika %u, moral bi biti ID uporabnika %u"
+
+#: plugins/sudoers/timestamp.c:207 plugins/sudoers/timestamp.c:251
+#, c-format
+msgid "%s writable by non-owner (0%o), should be mode 0700"
+msgstr "%s je zapisljiv za ne-lastnika (0%o), moral bi biti način 0700"
+
+#: plugins/sudoers/timestamp.c:285
+#, c-format
+msgid "%s exists but is not a regular file (0%o)"
+msgstr "%s obstaja, toda ni običajna datoteka (0%o)"
+
+#: plugins/sudoers/timestamp.c:297
+#, c-format
+msgid "%s writable by non-owner (0%o), should be mode 0600"
+msgstr "%s  je zapisljiv za ne-lastnika (0%o), moral bi biti način 0600"
+
+#: plugins/sudoers/timestamp.c:352
+#, c-format
+msgid "timestamp too far in the future: %20.20s"
+msgstr "časovni žig je predaleč v prihodnosti: %20.20s"
+
+#: plugins/sudoers/timestamp.c:406
+#, c-format
+msgid "unable to remove %s, will reset to the epoch"
+msgstr "%s ni mogoče odstraniti"
+
+#: plugins/sudoers/timestamp.c:413
+#, c-format
+msgid "unable to reset %s to the epoch"
+msgstr "%s ni mogoče ponastaviti na epoho"
+
+#: plugins/sudoers/toke_util.c:221
+#, c-format
+msgid "fill_args: buffer overflow"
+msgstr "fill_args: prekoračitev medpomnilnika"
+
+#: plugins/sudoers/visudo.c:180
+#, c-format
+msgid "%s grammar version %d\n"
+msgstr "%s različica slovnice %d\n"
+
+#: plugins/sudoers/visudo.c:243 plugins/sudoers/visudo.c:533
+#, c-format
+msgid "press return to edit %s: "
+msgstr "za urejanje %s pritisnite return: "
+
+#: plugins/sudoers/visudo.c:326 plugins/sudoers/visudo.c:332
+#, c-format
+msgid "write error"
+msgstr "napaka med pisanjem"
+
+#: plugins/sudoers/visudo.c:414
+#, c-format
+msgid "unable to stat temporary file (%s), %s unchanged"
+msgstr "ni mogoče začeti začasne datoteke (%s), %s nepsremenjeno"
+
+#: plugins/sudoers/visudo.c:419
+#, c-format
+msgid "zero length temporary file (%s), %s unchanged"
+msgstr "začasna datoteka brez dolžine (%s), %s nespremenjena"
+
+#: plugins/sudoers/visudo.c:425
+#, c-format
+msgid "editor (%s) failed, %s unchanged"
+msgstr "urejevalnik (%s) je spodletel, %s nespremenjen"
+
+#: plugins/sudoers/visudo.c:448
+#, c-format
+msgid "%s unchanged"
+msgstr "%s nespremenjeno"
+
+#: plugins/sudoers/visudo.c:477
+#, c-format
+msgid "unable to re-open temporary file (%s), %s unchanged."
+msgstr "ni mogoče ponovno odpreti začasne datoteke (%s), %s je nespremenjen."
+
+#: plugins/sudoers/visudo.c:487
+#, c-format
+msgid "unabled to parse temporary file (%s), unknown error"
+msgstr "ni mogoče razčleniti začasne datoteke (%s), neznana napaka"
+
+#: plugins/sudoers/visudo.c:526
+#, c-format
+msgid "internal error, unable to find %s in list!"
+msgstr "notranja napaka, na seznamu ni mogoče najti %s!"
+
+#: plugins/sudoers/visudo.c:578 plugins/sudoers/visudo.c:587
+#, c-format
+msgid "unable to set (uid, gid) of %s to (%u, %u)"
+msgstr "ni mogoče nastaviti (ID uporabnika, ID skupine) od %s do (%u, %u)"
+
+#: plugins/sudoers/visudo.c:582 plugins/sudoers/visudo.c:592
+#, c-format
+msgid "unable to change mode of %s to 0%o"
+msgstr "ni mogoče spremeniti načina iz %s na 0%o"
+
+#: plugins/sudoers/visudo.c:609
+#, c-format
+msgid "%s and %s not on the same file system, using mv to rename"
+msgstr "%s in %s nista na enakem datotečnem sistemu, uporaba mv za preimenovanje"
+
+#: plugins/sudoers/visudo.c:623
+#, c-format
+msgid "command failed: '%s %s %s', %s unchanged"
+msgstr "ukaz je spodletel: '%s %s %s', %s nespremenjen"
+
+#: plugins/sudoers/visudo.c:633
+#, c-format
+msgid "error renaming %s, %s unchanged"
+msgstr "napaka med preimenovanjem %s, %s nespremenjen"
+
+#: plugins/sudoers/visudo.c:695
+msgid "What now? "
+msgstr "Kaj pa zdaj? "
+
+#: plugins/sudoers/visudo.c:709
+msgid ""
+"Options are:\n"
+"  (e)dit sudoers file again\n"
+"  e(x)it without saving changes to sudoers file\n"
+"  (Q)uit and save changes to sudoers file (DANGER!)\n"
+msgstr ""
+"Možnosti so:\n"
+"  (e)ponovno uredi datoteko sudoers\n"
+"  (x)končaj brez shranjevanja sprememb v datoteko sudoers\n"
+"  (Q)končaj in shrani spremembe v datoteko sudoers (NEVARNOST!)\n"
+
+#: plugins/sudoers/visudo.c:757
+#, c-format
+msgid "unable to run %s"
+msgstr "ni mogoče zagnati %s"
+
+#: plugins/sudoers/visudo.c:783
+#, c-format
+msgid "%s: wrong owner (uid, gid) should be (%u, %u)\n"
+msgstr "%s: napačen lastnik (ID uporabnika, ID skupine) moralo bi biti (%u, %u)\n"
+
+#: plugins/sudoers/visudo.c:790
+#, c-format
+msgid "%s: bad permissions, should be mode 0%o\n"
+msgstr "%s: slaba dovoljenja, moral bi biti način 0%o\n"
+
+#: plugins/sudoers/visudo.c:815
+#, c-format
+msgid "failed to parse %s file, unknown error"
+msgstr "razčlenjevanje datoteke %s je spodletelo, neznana napaka"
+
+#: plugins/sudoers/visudo.c:831
+#, c-format
+msgid "parse error in %s near line %d\n"
+msgstr "napaka razčlenjevanja v %s blizu vrstice %d\n"
+
+#: plugins/sudoers/visudo.c:834
+#, c-format
+msgid "parse error in %s\n"
+msgstr "napaka razčlenjevanja v %s\n"
+
+#: plugins/sudoers/visudo.c:841 plugins/sudoers/visudo.c:846
+#, c-format
+msgid "%s: parsed OK\n"
+msgstr "%s: uspešno razčlenjeno\n"
+
+#: plugins/sudoers/visudo.c:893
+#, c-format
+msgid "%s busy, try again later"
+msgstr "%s zaseden, poskusite ponovno pozneje"
+
+#: plugins/sudoers/visudo.c:937
+#, c-format
+msgid "specified editor (%s) doesn't exist"
+msgstr "določen urejevalnik (%s) se ne konča"
+
+#: plugins/sudoers/visudo.c:960
+#, c-format
+msgid "unable to stat editor (%s)"
+msgstr "ni mogoče začeti urejevalnika (%s)"
+
+#: plugins/sudoers/visudo.c:1008
+#, c-format
+msgid "no editor found (editor path = %s)"
+msgstr "najdenega ni nobenega urejevalnika (pot urejevalnika = %s)"
+
+#: plugins/sudoers/visudo.c:1100
+#, c-format
+msgid "Error: cycle in %s_Alias `%s'"
+msgstr "Napaka: kroženje v %s_Alias `%s'"
+
+#: plugins/sudoers/visudo.c:1101
+#, c-format
+msgid "Warning: cycle in %s_Alias `%s'"
+msgstr "Opozorilo: kroženje v %s_Alias `%s'"
+
+#: plugins/sudoers/visudo.c:1104
+#, c-format
+msgid "Error: %s_Alias `%s' referenced but not defined"
+msgstr "Napaka: %s_Alias `%s' sklicevan, toda ne določen"
+
+#: plugins/sudoers/visudo.c:1105
+#, c-format
+msgid "Warning: %s_Alias `%s' referenced but not defined"
+msgstr "Warning: %s_Alias `%s' sklicevan, toda ne določen"
+
+#: plugins/sudoers/visudo.c:1240
+#, c-format
+msgid "%s: unused %s_Alias %s"
+msgstr "%s: neuporabljen %s_Alias %s"
+
+#: plugins/sudoers/visudo.c:1302
+#, c-format
+msgid ""
+"%s - safely edit the sudoers file\n"
+"\n"
+msgstr ""
+"%s - varno uredi datoteko sudoers\n"
+"\n"
+
+#: plugins/sudoers/visudo.c:1304
+msgid ""
+"\n"
+"Options:\n"
+"  -c          check-only mode\n"
+"  -f sudoers  specify sudoers file location\n"
+"  -h          display help message and exit\n"
+"  -q          less verbose (quiet) syntax error messages\n"
+"  -s          strict syntax checking\n"
+"  -V          display version information and exit"
+msgstr ""
+"\n"
+"Možnosti:\n"
+"  -c način samo preverjanja\n"
+"  -f sudoers določi mesto datoteke sudoers\n"
+"  -h prikaži sporočilo pomoči in končaj\n"
+"  -q manj podroben izpis (tih) sporočil skladenjskih napak\n"
+"  -s strogo preverjanje skladnje\n"
+"  -V prikaži podrobnosti različice in končaj"
+
+#: toke.l:815
+msgid "too many levels of includes"
+msgstr "preveč stopenj vključitev"
diff --git a/plugins/sudoers/po/sr.mo b/plugins/sudoers/po/sr.mo
new file mode 100644
index 0000000..a40c725
--- /dev/null
+++ b/plugins/sudoers/po/sr.mo
diff --git a/plugins/sudoers/po/sr.po b/plugins/sudoers/po/sr.po
new file mode 100644
index 0000000..f3f71d5
--- /dev/null
+++ b/plugins/sudoers/po/sr.po
@@ -0,0 +1,2172 @@
+# Serbian translation for sudoers.
+# This file is put in the public domain.
+# Мирослав Николић <miroslavnikolic@rocketmail.com>, 2014—2017.
+msgid ""
+msgstr ""
+"Project-Id-Version: sudoers-1.8.21b2\n"
+"Report-Msgid-Bugs-To: https://bugzilla.sudo.ws\n"
+"POT-Creation-Date: 2017-08-03 10:04-0600\n"
+"PO-Revision-Date: 2017-08-06 14:50+0200\n"
+"Last-Translator: Мирослав Николић <miroslavnikolic@rocketmail.com>\n"
+"Language-Team: Serbian <(nothing)>\n"
+"Language: sr\n"
+"MIME-Version: 1.0\n"
+"Content-Type: text/plain; charset=UTF-8\n"
+"Content-Transfer-Encoding: 8bit\n"
+"Plural-Forms: nplurals=3; plural=(n%10==1 && n%100!=11 ? 0 : n%10>=2 && n%10<=4 && (n%100<10 || n%100>=20) ? 1 : 2);\n"
+"X-Bugs: Report translation errors to the Language-Team address.\n"
+
+#: confstr.sh:1
+msgid "syntax error"
+msgstr "грешка синтаксе"
+
+#: confstr.sh:2
+msgid "%p's password: "
+msgstr "Лозинка корисника %p: "
+
+#: confstr.sh:3
+msgid "[sudo] password for %p: "
+msgstr "[судо] лозинка за корисника %p: "
+
+#: confstr.sh:4
+msgid "Password: "
+msgstr "Лозинка: "
+
+#: confstr.sh:5
+msgid "*** SECURITY information for %h ***"
+msgstr "*** информације БЕЗБЕДНОСТИ за %h ***"
+
+#: confstr.sh:6
+msgid "Sorry, try again."
+msgstr "Извините, покушајте поново."
+
+#: gram.y:192 gram.y:240 gram.y:247 gram.y:254 gram.y:261 gram.y:268
+#: gram.y:284 gram.y:307 gram.y:314 gram.y:321 gram.y:328 gram.y:335
+#: gram.y:398 gram.y:406 gram.y:416 gram.y:449 gram.y:456 gram.y:463
+#: gram.y:470 gram.y:552 gram.y:559 gram.y:568 gram.y:577 gram.y:594
+#: gram.y:706 gram.y:713 gram.y:720 gram.y:728 gram.y:824 gram.y:831
+#: gram.y:838 gram.y:845 gram.y:852 gram.y:878 gram.y:885 gram.y:892
+#: gram.y:1015 gram.y:1195 gram.y:1202 plugins/sudoers/alias.c:124
+#: plugins/sudoers/alias.c:139 plugins/sudoers/auth/bsdauth.c:141
+#: plugins/sudoers/auth/kerb5.c:119 plugins/sudoers/auth/kerb5.c:145
+#: plugins/sudoers/auth/pam.c:486 plugins/sudoers/auth/rfc1938.c:109
+#: plugins/sudoers/auth/sia.c:59 plugins/sudoers/defaults.c:647
+#: plugins/sudoers/defaults.c:902 plugins/sudoers/defaults.c:1073
+#: plugins/sudoers/editor.c:64 plugins/sudoers/editor.c:82
+#: plugins/sudoers/editor.c:93 plugins/sudoers/env.c:233
+#: plugins/sudoers/filedigest.c:120 plugins/sudoers/filedigest_gcrypt.c:90
+#: plugins/sudoers/filedigest_openssl.c:111 plugins/sudoers/gc.c:52
+#: plugins/sudoers/group_plugin.c:134 plugins/sudoers/interfaces.c:71
+#: plugins/sudoers/iolog.c:941 plugins/sudoers/iolog_path.c:167
+#: plugins/sudoers/ldap.c:449 plugins/sudoers/ldap.c:480
+#: plugins/sudoers/ldap.c:532 plugins/sudoers/ldap.c:565
+#: plugins/sudoers/ldap.c:963 plugins/sudoers/ldap.c:1157
+#: plugins/sudoers/ldap.c:1168 plugins/sudoers/ldap.c:1184
+#: plugins/sudoers/ldap.c:1476 plugins/sudoers/ldap.c:1636
+#: plugins/sudoers/ldap.c:1718 plugins/sudoers/ldap.c:1858
+#: plugins/sudoers/ldap.c:1882 plugins/sudoers/ldap.c:1971
+#: plugins/sudoers/ldap.c:1986 plugins/sudoers/ldap.c:2082
+#: plugins/sudoers/ldap.c:2115 plugins/sudoers/ldap.c:2196
+#: plugins/sudoers/ldap.c:2278 plugins/sudoers/ldap.c:2375
+#: plugins/sudoers/ldap.c:3209 plugins/sudoers/ldap.c:3241
+#: plugins/sudoers/ldap.c:3550 plugins/sudoers/ldap.c:3578
+#: plugins/sudoers/ldap.c:3594 plugins/sudoers/ldap.c:3684
+#: plugins/sudoers/ldap.c:3700 plugins/sudoers/linux_audit.c:76
+#: plugins/sudoers/logging.c:189 plugins/sudoers/logging.c:451
+#: plugins/sudoers/logging.c:472 plugins/sudoers/logging.c:684
+#: plugins/sudoers/logging.c:942 plugins/sudoers/match.c:617
+#: plugins/sudoers/match.c:664 plugins/sudoers/match.c:714
+#: plugins/sudoers/match.c:738 plugins/sudoers/match.c:826
+#: plugins/sudoers/match.c:915 plugins/sudoers/parse.c:248
+#: plugins/sudoers/parse.c:260 plugins/sudoers/parse.c:275
+#: plugins/sudoers/parse.c:287 plugins/sudoers/policy.c:419
+#: plugins/sudoers/policy.c:653 plugins/sudoers/prompt.c:93
+#: plugins/sudoers/pwutil.c:139 plugins/sudoers/pwutil.c:210
+#: plugins/sudoers/pwutil.c:286 plugins/sudoers/pwutil.c:457
+#: plugins/sudoers/pwutil.c:522 plugins/sudoers/pwutil.c:591
+#: plugins/sudoers/pwutil.c:749 plugins/sudoers/pwutil.c:806
+#: plugins/sudoers/pwutil.c:851 plugins/sudoers/pwutil.c:908
+#: plugins/sudoers/sssd.c:162 plugins/sudoers/sssd.c:194
+#: plugins/sudoers/sssd.c:237 plugins/sudoers/sssd.c:244
+#: plugins/sudoers/sssd.c:280 plugins/sudoers/sssd.c:390
+#: plugins/sudoers/sssd.c:459 plugins/sudoers/sssd.c:1057
+#: plugins/sudoers/sssd.c:1236 plugins/sudoers/sssd.c:1250
+#: plugins/sudoers/sssd.c:1266 plugins/sudoers/sudoers.c:263
+#: plugins/sudoers/sudoers.c:273 plugins/sudoers/sudoers.c:281
+#: plugins/sudoers/sudoers.c:365 plugins/sudoers/sudoers.c:681
+#: plugins/sudoers/sudoers.c:806 plugins/sudoers/sudoers.c:850
+#: plugins/sudoers/sudoers.c:1122 plugins/sudoers/sudoers_debug.c:107
+#: plugins/sudoers/sudoreplay.c:1234 plugins/sudoers/sudoreplay.c:1346
+#: plugins/sudoers/sudoreplay.c:1386 plugins/sudoers/sudoreplay.c:1395
+#: plugins/sudoers/sudoreplay.c:1405 plugins/sudoers/sudoreplay.c:1413
+#: plugins/sudoers/sudoreplay.c:1417 plugins/sudoers/sudoreplay.c:1573
+#: plugins/sudoers/sudoreplay.c:1577 plugins/sudoers/testsudoers.c:131
+#: plugins/sudoers/testsudoers.c:217 plugins/sudoers/testsudoers.c:234
+#: plugins/sudoers/timestamp.c:389 plugins/sudoers/timestamp.c:433
+#: plugins/sudoers/timestamp.c:852 plugins/sudoers/toke_util.c:56
+#: plugins/sudoers/toke_util.c:109 plugins/sudoers/toke_util.c:146
+#: plugins/sudoers/visudo.c:153 plugins/sudoers/visudo.c:309
+#: plugins/sudoers/visudo.c:315 plugins/sudoers/visudo.c:446
+#: plugins/sudoers/visudo.c:624 plugins/sudoers/visudo.c:985
+#: plugins/sudoers/visudo.c:1051 plugins/sudoers/visudo.c:1095
+#: plugins/sudoers/visudo.c:1197 plugins/sudoers/visudo_json.c:1025 toke.l:849
+#: toke.l:949 toke.l:1106
+msgid "unable to allocate memory"
+msgstr "не могу да доделим меморију"
+
+#: gram.y:481
+msgid "a digest requires a path name"
+msgstr "зборник захтева назив путање"
+
+#: gram.y:607
+msgid "invalid notbefore value"
+msgstr "неисправна вредност не-пре"
+
+#: gram.y:615
+msgid "invalid notafter value"
+msgstr "неисправна вредност не-после"
+
+#: gram.y:624 plugins/sudoers/policy.c:266
+msgid "timeout value too large"
+msgstr "вредност временског истека је превелика"
+
+#: gram.y:626 plugins/sudoers/policy.c:268
+msgid "invalid timeout value"
+msgstr "неисправна вредност временског ограничења"
+
+#: gram.y:1195 gram.y:1202 plugins/sudoers/auth/pam.c:320
+#: plugins/sudoers/auth/pam.c:486 plugins/sudoers/auth/rfc1938.c:109
+#: plugins/sudoers/defaults.c:647 plugins/sudoers/defaults.c:902
+#: plugins/sudoers/defaults.c:1073 plugins/sudoers/editor.c:64
+#: plugins/sudoers/editor.c:82 plugins/sudoers/editor.c:93
+#: plugins/sudoers/env.c:233 plugins/sudoers/filedigest.c:120
+#: plugins/sudoers/filedigest_gcrypt.c:72
+#: plugins/sudoers/filedigest_gcrypt.c:90
+#: plugins/sudoers/filedigest_openssl.c:111 plugins/sudoers/gc.c:52
+#: plugins/sudoers/group_plugin.c:134 plugins/sudoers/interfaces.c:71
+#: plugins/sudoers/iolog.c:941 plugins/sudoers/iolog_path.c:167
+#: plugins/sudoers/ldap.c:449 plugins/sudoers/ldap.c:480
+#: plugins/sudoers/ldap.c:532 plugins/sudoers/ldap.c:565
+#: plugins/sudoers/ldap.c:963 plugins/sudoers/ldap.c:1157
+#: plugins/sudoers/ldap.c:1168 plugins/sudoers/ldap.c:1184
+#: plugins/sudoers/ldap.c:1476 plugins/sudoers/ldap.c:1636
+#: plugins/sudoers/ldap.c:1718 plugins/sudoers/ldap.c:1858
+#: plugins/sudoers/ldap.c:1882 plugins/sudoers/ldap.c:1971
+#: plugins/sudoers/ldap.c:1986 plugins/sudoers/ldap.c:2082
+#: plugins/sudoers/ldap.c:2115 plugins/sudoers/ldap.c:2195
+#: plugins/sudoers/ldap.c:2278 plugins/sudoers/ldap.c:2375
+#: plugins/sudoers/ldap.c:3209 plugins/sudoers/ldap.c:3241
+#: plugins/sudoers/ldap.c:3550 plugins/sudoers/ldap.c:3577
+#: plugins/sudoers/ldap.c:3593 plugins/sudoers/ldap.c:3684
+#: plugins/sudoers/ldap.c:3700 plugins/sudoers/linux_audit.c:76
+#: plugins/sudoers/logging.c:189 plugins/sudoers/logging.c:451
+#: plugins/sudoers/logging.c:472 plugins/sudoers/logging.c:942
+#: plugins/sudoers/match.c:616 plugins/sudoers/match.c:663
+#: plugins/sudoers/match.c:714 plugins/sudoers/match.c:738
+#: plugins/sudoers/match.c:826 plugins/sudoers/match.c:914
+#: plugins/sudoers/parse.c:248 plugins/sudoers/parse.c:260
+#: plugins/sudoers/parse.c:275 plugins/sudoers/parse.c:287
+#: plugins/sudoers/policy.c:99 plugins/sudoers/policy.c:108
+#: plugins/sudoers/policy.c:117 plugins/sudoers/policy.c:141
+#: plugins/sudoers/policy.c:252 plugins/sudoers/policy.c:266
+#: plugins/sudoers/policy.c:268 plugins/sudoers/policy.c:292
+#: plugins/sudoers/policy.c:301 plugins/sudoers/policy.c:340
+#: plugins/sudoers/policy.c:350 plugins/sudoers/policy.c:359
+#: plugins/sudoers/policy.c:368 plugins/sudoers/policy.c:419
+#: plugins/sudoers/policy.c:653 plugins/sudoers/prompt.c:93
+#: plugins/sudoers/pwutil.c:139 plugins/sudoers/pwutil.c:210
+#: plugins/sudoers/pwutil.c:286 plugins/sudoers/pwutil.c:457
+#: plugins/sudoers/pwutil.c:522 plugins/sudoers/pwutil.c:591
+#: plugins/sudoers/pwutil.c:749 plugins/sudoers/pwutil.c:806
+#: plugins/sudoers/pwutil.c:851 plugins/sudoers/pwutil.c:908
+#: plugins/sudoers/set_perms.c:387 plugins/sudoers/set_perms.c:766
+#: plugins/sudoers/set_perms.c:1150 plugins/sudoers/set_perms.c:1476
+#: plugins/sudoers/set_perms.c:1641 plugins/sudoers/sssd.c:162
+#: plugins/sudoers/sssd.c:194 plugins/sudoers/sssd.c:237
+#: plugins/sudoers/sssd.c:244 plugins/sudoers/sssd.c:280
+#: plugins/sudoers/sssd.c:390 plugins/sudoers/sssd.c:459
+#: plugins/sudoers/sssd.c:1057 plugins/sudoers/sssd.c:1235
+#: plugins/sudoers/sssd.c:1250 plugins/sudoers/sssd.c:1266
+#: plugins/sudoers/sudoers.c:263 plugins/sudoers/sudoers.c:273
+#: plugins/sudoers/sudoers.c:281 plugins/sudoers/sudoers.c:365
+#: plugins/sudoers/sudoers.c:681 plugins/sudoers/sudoers.c:806
+#: plugins/sudoers/sudoers.c:850 plugins/sudoers/sudoers.c:1122
+#: plugins/sudoers/sudoers_debug.c:106 plugins/sudoers/sudoreplay.c:1234
+#: plugins/sudoers/sudoreplay.c:1346 plugins/sudoers/sudoreplay.c:1386
+#: plugins/sudoers/sudoreplay.c:1395 plugins/sudoers/sudoreplay.c:1405
+#: plugins/sudoers/sudoreplay.c:1413 plugins/sudoers/sudoreplay.c:1417
+#: plugins/sudoers/sudoreplay.c:1573 plugins/sudoers/sudoreplay.c:1577
+#: plugins/sudoers/testsudoers.c:131 plugins/sudoers/testsudoers.c:217
+#: plugins/sudoers/testsudoers.c:234 plugins/sudoers/timestamp.c:389
+#: plugins/sudoers/timestamp.c:433 plugins/sudoers/timestamp.c:852
+#: plugins/sudoers/toke_util.c:56 plugins/sudoers/toke_util.c:109
+#: plugins/sudoers/toke_util.c:146 plugins/sudoers/visudo.c:153
+#: plugins/sudoers/visudo.c:309 plugins/sudoers/visudo.c:315
+#: plugins/sudoers/visudo.c:446 plugins/sudoers/visudo.c:624
+#: plugins/sudoers/visudo.c:985 plugins/sudoers/visudo.c:1051
+#: plugins/sudoers/visudo.c:1095 plugins/sudoers/visudo.c:1197
+#: plugins/sudoers/visudo_json.c:1025 toke.l:849 toke.l:949 toke.l:1106
+#, c-format
+msgid "%s: %s"
+msgstr "%s: %s"
+
+#: plugins/sudoers/alias.c:135
+#, c-format
+msgid "Alias \"%s\" already defined"
+msgstr "Псеудоним „%s“ је већ одређен"
+
+#: plugins/sudoers/auth/bsdauth.c:68
+#, c-format
+msgid "unable to get login class for user %s"
+msgstr "не могу да добавим разред пријаве за корисника „%s“"
+
+#: plugins/sudoers/auth/bsdauth.c:73
+msgid "unable to begin bsd authentication"
+msgstr "не могу да почнем бсд потврђивање идентитета"
+
+#: plugins/sudoers/auth/bsdauth.c:81
+msgid "invalid authentication type"
+msgstr "неисправна врста потврђивање идентитета"
+
+#: plugins/sudoers/auth/bsdauth.c:90
+msgid "unable to initialize BSD authentication"
+msgstr "не могу да покренем БСД потврђивање идентитета"
+
+#: plugins/sudoers/auth/fwtk.c:52
+msgid "unable to read fwtk config"
+msgstr "не могу да читам „fwtk“ подешавања"
+
+#: plugins/sudoers/auth/fwtk.c:57
+msgid "unable to connect to authentication server"
+msgstr "не могу да се повежем на сервер потврђивања идентитета"
+
+#: plugins/sudoers/auth/fwtk.c:63 plugins/sudoers/auth/fwtk.c:87
+#: plugins/sudoers/auth/fwtk.c:121
+msgid "lost connection to authentication server"
+msgstr "изгубио сам везу са сервером потврђивања идентитета"
+
+#: plugins/sudoers/auth/fwtk.c:67
+#, c-format
+msgid ""
+"authentication server error:\n"
+"%s"
+msgstr ""
+"грешка сервера потврђивања идентитета:\n"
+"%s"
+
+#: plugins/sudoers/auth/kerb5.c:111
+#, c-format
+msgid "%s: unable to convert principal to string ('%s'): %s"
+msgstr "%s: не могу да претворим главника у ниску („%s“): %s"
+
+#: plugins/sudoers/auth/kerb5.c:161
+#, c-format
+msgid "%s: unable to parse '%s': %s"
+msgstr "%s: не могу да обрадим „%s“: %s"
+
+#: plugins/sudoers/auth/kerb5.c:170
+#, c-format
+msgid "%s: unable to resolve credential cache: %s"
+msgstr "%s: не могу да решим оставу пуномоћства: %s"
+
+#: plugins/sudoers/auth/kerb5.c:217
+#, c-format
+msgid "%s: unable to allocate options: %s"
+msgstr "%s: не могу да доделим опције: %s"
+
+#: plugins/sudoers/auth/kerb5.c:232
+#, c-format
+msgid "%s: unable to get credentials: %s"
+msgstr "%s: не могу да добавим пуномоћства: %s"
+
+#: plugins/sudoers/auth/kerb5.c:245
+#, c-format
+msgid "%s: unable to initialize credential cache: %s"
+msgstr "%s: не могу да покренем оставу пуномоћства: %s"
+
+#: plugins/sudoers/auth/kerb5.c:248
+#, c-format
+msgid "%s: unable to store credential in cache: %s"
+msgstr "%s: не могу да сместим пуномоћства у оставу: %s"
+
+#: plugins/sudoers/auth/kerb5.c:312
+#, c-format
+msgid "%s: unable to get host principal: %s"
+msgstr "%s: не могу да добавим главника домаћина: %s"
+
+#: plugins/sudoers/auth/kerb5.c:326
+#, c-format
+msgid "%s: Cannot verify TGT! Possible attack!: %s"
+msgstr "%s: Не могу потврдити ТГТ! Могући напад!: %s"
+
+#: plugins/sudoers/auth/pam.c:108
+msgid "unable to initialize PAM"
+msgstr "не могу да покренем ПАМ"
+
+#: plugins/sudoers/auth/pam.c:194
+msgid "account validation failure, is your account locked?"
+msgstr "неуспех провере налога, да ли је ваш налог закључан?"
+
+#: plugins/sudoers/auth/pam.c:198
+msgid "Account or password is expired, reset your password and try again"
+msgstr "Налог или лозинка је истекла, поново поставите лозинку и покушајте поново"
+
+#: plugins/sudoers/auth/pam.c:206
+#, c-format
+msgid "unable to change expired password: %s"
+msgstr "не могу да изменим истеклу лозинку: %s"
+
+#: plugins/sudoers/auth/pam.c:211
+msgid "Password expired, contact your system administrator"
+msgstr "Лозинка је истекла, обратите се администратору система"
+
+#: plugins/sudoers/auth/pam.c:215
+msgid "Account expired or PAM config lacks an \"account\" section for sudo, contact your system administrator"
+msgstr "Налог је истекао или ПАМ подешавањима недостаје одељак „налог“ за судо, обратите се администратору система"
+
+#: plugins/sudoers/auth/pam.c:229
+#, c-format
+msgid "PAM authentication error: %s"
+msgstr "Грешка ПАМ потврђивања идентитета: %s"
+
+#: plugins/sudoers/auth/rfc1938.c:97 plugins/sudoers/visudo.c:227
+#, c-format
+msgid "you do not exist in the %s database"
+msgstr "ви не постојите у бази подтака „%s“"
+
+#: plugins/sudoers/auth/securid5.c:73
+msgid "failed to initialise the ACE API library"
+msgstr "нисам успео да покренем АЦЕ АПИ библиотеку"
+
+#: plugins/sudoers/auth/securid5.c:99
+msgid "unable to contact the SecurID server"
+msgstr "не могу да ступим у везу са сервером безбеднног ИБ-а"
+
+#: plugins/sudoers/auth/securid5.c:108
+msgid "User ID locked for SecurID Authentication"
+msgstr "ИБ корисника је закључан за потврђивање идентитета безбедног ИБ-а"
+
+#: plugins/sudoers/auth/securid5.c:112 plugins/sudoers/auth/securid5.c:163
+msgid "invalid username length for SecurID"
+msgstr "неисправна дужина корисничког имена за безбедни ИБ"
+
+#: plugins/sudoers/auth/securid5.c:116 plugins/sudoers/auth/securid5.c:168
+msgid "invalid Authentication Handle for SecurID"
+msgstr "неисправна ручка потврђивања идентитета за безбедни ИБ"
+
+#: plugins/sudoers/auth/securid5.c:120
+msgid "SecurID communication failed"
+msgstr "Није успело комуницирање безбедног ИБ-а"
+
+#: plugins/sudoers/auth/securid5.c:124 plugins/sudoers/auth/securid5.c:213
+msgid "unknown SecurID error"
+msgstr "непозната грешка безбедног ИБ-а"
+
+#: plugins/sudoers/auth/securid5.c:158
+msgid "invalid passcode length for SecurID"
+msgstr "неисправна дужина пропусне шифре за безбедни ИБ"
+
+#: plugins/sudoers/auth/sia.c:69 plugins/sudoers/auth/sia.c:125
+msgid "unable to initialize SIA session"
+msgstr "не могу да покренем СИА сесију"
+
+#: plugins/sudoers/auth/sudo_auth.c:126
+msgid "invalid authentication methods"
+msgstr "неисправни начини потврђивања идентитета"
+
+#: plugins/sudoers/auth/sudo_auth.c:128
+msgid "Invalid authentication methods compiled into sudo!  You may not mix standalone and non-standalone authentication."
+msgstr "Неисправни начини потврђивања идентитета су преведени у судоу!  Не можете мешати самостално и несамостално потврђивање идентитета."
+
+#: plugins/sudoers/auth/sudo_auth.c:224 plugins/sudoers/auth/sudo_auth.c:274
+msgid "no authentication methods"
+msgstr "нема начина потврђивања идентитета"
+
+#: plugins/sudoers/auth/sudo_auth.c:226
+msgid "There are no authentication methods compiled into sudo!  If you want to turn off authentication, use the --disable-authentication configure option."
+msgstr "Нема начина потврђивања идентитета преведених у судоу!  Ако желите да искључите потврђивање идентитета, користите „--disable-authentication“."
+
+#: plugins/sudoers/auth/sudo_auth.c:276
+msgid "Unable to initialize authentication methods."
+msgstr "Не могу да покренем методе потврђивања идентитета."
+
+#: plugins/sudoers/auth/sudo_auth.c:441
+msgid "Authentication methods:"
+msgstr "Начини потврђивања идентитета:"
+
+#: plugins/sudoers/bsm_audit.c:120 plugins/sudoers/bsm_audit.c:211
+msgid "Could not determine audit condition"
+msgstr "Не могу да утврдим услов прегледа"
+
+#: plugins/sudoers/bsm_audit.c:183 plugins/sudoers/bsm_audit.c:273
+msgid "unable to commit audit record"
+msgstr "не могу да предам снимак прегледа"
+
+#: plugins/sudoers/check.c:252
+msgid ""
+"\n"
+"We trust you have received the usual lecture from the local System\n"
+"Administrator. It usually boils down to these three things:\n"
+"\n"
+"    #1) Respect the privacy of others.\n"
+"    #2) Think before you type.\n"
+"    #3) With great power comes great responsibility.\n"
+"\n"
+msgstr ""
+"\n"
+"Верујемо да вам је администратор система објаснио неке ствари.\n"
+"Обично се своде на следеће три:\n"
+"\n"
+"    #1) Поштујте приватност других.\n"
+"    #2) Размислите пре куцања.\n"
+"    #3) Са великом моћи долази и велика одговорност.\n"
+"\n"
+
+#: plugins/sudoers/check.c:295 plugins/sudoers/check.c:305
+#: plugins/sudoers/sudoers.c:724 plugins/sudoers/sudoers.c:769
+#, c-format
+msgid "unknown uid: %u"
+msgstr "непознат јиб: %u"
+
+#: plugins/sudoers/check.c:300 plugins/sudoers/iolog.c:260
+#: plugins/sudoers/policy.c:826 plugins/sudoers/sudoers.c:1161
+#: plugins/sudoers/testsudoers.c:208 plugins/sudoers/testsudoers.c:366
+#, c-format
+msgid "unknown user: %s"
+msgstr "непознат корисник: %s"
+
+#: plugins/sudoers/def_data.c:41
+#, c-format
+msgid "Syslog facility if syslog is being used for logging: %s"
+msgstr "Помоћник сисдневника ако је сисдневник коришћен за пријављивање: %s"
+
+#: plugins/sudoers/def_data.c:45
+#, c-format
+msgid "Syslog priority to use when user authenticates successfully: %s"
+msgstr "Приоритет системског дневника за коришћење када корисник успешно потврди идентитет: %s"
+
+#: plugins/sudoers/def_data.c:49
+#, c-format
+msgid "Syslog priority to use when user authenticates unsuccessfully: %s"
+msgstr "Приоритет системског дневника за коришћење када корисник неуспешно потврди идентитет: %s"
+
+#: plugins/sudoers/def_data.c:53
+msgid "Put OTP prompt on its own line"
+msgstr "Поставља ОТП упит на свом реду"
+
+#: plugins/sudoers/def_data.c:57
+msgid "Ignore '.' in $PATH"
+msgstr "Занемарује . у $ПУТАЊИ"
+
+#: plugins/sudoers/def_data.c:61
+msgid "Always send mail when sudo is run"
+msgstr "Увек шаље пошту када је судо покренут"
+
+#: plugins/sudoers/def_data.c:65
+msgid "Send mail if user authentication fails"
+msgstr "Пошаљи поруку ако потврђивање идентитета корисника не успе"
+
+#: plugins/sudoers/def_data.c:69
+msgid "Send mail if the user is not in sudoers"
+msgstr "Пошаљи поруку ако корисник није у судоерсу"
+
+#: plugins/sudoers/def_data.c:73
+msgid "Send mail if the user is not in sudoers for this host"
+msgstr "Пошаљи поруку ако корисник није у судоерсу за овог домаћина"
+
+#: plugins/sudoers/def_data.c:77
+msgid "Send mail if the user is not allowed to run a command"
+msgstr "Пошаљи поруку ако кориснику није дозвољено да покрене наредбу"
+
+#: plugins/sudoers/def_data.c:81
+msgid "Send mail if the user tries to run a command"
+msgstr "Пошаљи поруку ако корисник покуша да покрене наредбу"
+
+#: plugins/sudoers/def_data.c:85
+msgid "Use a separate timestamp for each user/tty combo"
+msgstr "Користи одвојене временске ознаке за сваку комбинацију корисник/конзола"
+
+#: plugins/sudoers/def_data.c:89
+msgid "Lecture user the first time they run sudo"
+msgstr "Подучава корисника када први пут покрену судо"
+
+#: plugins/sudoers/def_data.c:93
+#, c-format
+msgid "File containing the sudo lecture: %s"
+msgstr "Датотека садржи судо обучавања: %s"
+
+#: plugins/sudoers/def_data.c:97
+msgid "Require users to authenticate by default"
+msgstr "Захтева да корисници потврде идентитет по основи"
+
+#: plugins/sudoers/def_data.c:101
+msgid "Root may run sudo"
+msgstr "Администратор може да покрене судо"
+
+#: plugins/sudoers/def_data.c:105
+msgid "Log the hostname in the (non-syslog) log file"
+msgstr "Бележи назив домаћина у (не-сисдневник) датотеци дневника"
+
+#: plugins/sudoers/def_data.c:109
+msgid "Log the year in the (non-syslog) log file"
+msgstr "Бележи годину у (не-сисдневник) датотеци дневника"
+
+#: plugins/sudoers/def_data.c:113
+msgid "If sudo is invoked with no arguments, start a shell"
+msgstr "Ако је судо призван без аргумената, покреће шкољку"
+
+#: plugins/sudoers/def_data.c:117
+msgid "Set $HOME to the target user when starting a shell with -s"
+msgstr "Подешава $HOME на крајњег корисника када покреће шкољку са „-s“"
+
+#: plugins/sudoers/def_data.c:121
+msgid "Always set $HOME to the target user's home directory"
+msgstr "Увек подешава $HOME на циљни лични директоријум корисника"
+
+#: plugins/sudoers/def_data.c:125
+msgid "Allow some information gathering to give useful error messages"
+msgstr "Дозвољава прикупљање неких података да би дао корисне поруке грешака"
+
+#: plugins/sudoers/def_data.c:129
+msgid "Require fully-qualified hostnames in the sudoers file"
+msgstr "Захтева потпуно одређене називе домаћина у датотеци судоерса"
+
+#: plugins/sudoers/def_data.c:133
+msgid "Insult the user when they enter an incorrect password"
+msgstr "Вређа корисника када унесе нетачну лозинку"
+
+#: plugins/sudoers/def_data.c:137
+msgid "Only allow the user to run sudo if they have a tty"
+msgstr "Дозвољава кориснику да покрене судо само ако има конзолу"
+
+#: plugins/sudoers/def_data.c:141
+msgid "Visudo will honor the EDITOR environment variable"
+msgstr "Висудо ће поштовати променљиву окружења УРЕЂИВАЧА"
+
+#: plugins/sudoers/def_data.c:145
+msgid "Prompt for root's password, not the users's"
+msgstr "Тражи администраторову лозинку, а не корисника"
+
+#: plugins/sudoers/def_data.c:149
+msgid "Prompt for the runas_default user's password, not the users's"
+msgstr "Тражи корисникову лозинку покреникао_основни, а не корисника"
+
+#: plugins/sudoers/def_data.c:153
+msgid "Prompt for the target user's password, not the users's"
+msgstr "Тражи корисникову лозинку мете, а не корисника"
+
+#: plugins/sudoers/def_data.c:157
+msgid "Apply defaults in the target user's login class if there is one"
+msgstr "Примењује основности у циљни кориснички разред пријављивања ако постоји"
+
+#: plugins/sudoers/def_data.c:161
+msgid "Set the LOGNAME and USER environment variables"
+msgstr "Подешава променљиве окружења НАЗИВДНЕВНИКА и КОРИСНИК"
+
+#: plugins/sudoers/def_data.c:165
+msgid "Only set the effective uid to the target user, not the real uid"
+msgstr "Подешава само ефективни јиб на крајњег корисника, а не стваран јиб"
+
+#: plugins/sudoers/def_data.c:169
+msgid "Don't initialize the group vector to that of the target user"
+msgstr "Не покреће вектор групе ка оном крајњег корисника"
+
+#: plugins/sudoers/def_data.c:173
+#, c-format
+msgid "Length at which to wrap log file lines (0 for no wrap): %u"
+msgstr "Дужина за преламање редова у датотеци дневника (0 — без преламања): %u"
+
+#: plugins/sudoers/def_data.c:177
+#, c-format
+msgid "Authentication timestamp timeout: %.1f minutes"
+msgstr "Време истека временске ознаке потврђивања идентитета: %.1f минута"
+
+#: plugins/sudoers/def_data.c:181
+#, c-format
+msgid "Password prompt timeout: %.1f minutes"
+msgstr "Време истека упита лозинке: %.1f минута"
+
+#: plugins/sudoers/def_data.c:185
+#, c-format
+msgid "Number of tries to enter a password: %u"
+msgstr "Број покушаја за уношење лозинке: %u"
+
+#: plugins/sudoers/def_data.c:189
+#, c-format
+msgid "Umask to use or 0777 to use user's: 0%o"
+msgstr "Умаска за коришћење или 0777 за коришћење корисника: 0%o"
+
+#: plugins/sudoers/def_data.c:193
+#, c-format
+msgid "Path to log file: %s"
+msgstr "Путања до датотеке дневника: %s"
+
+#: plugins/sudoers/def_data.c:197
+#, c-format
+msgid "Path to mail program: %s"
+msgstr "Путања до програма поште: %s"
+
+#: plugins/sudoers/def_data.c:201
+#, c-format
+msgid "Flags for mail program: %s"
+msgstr "Опције за програм поште: %s"
+
+#: plugins/sudoers/def_data.c:205
+#, c-format
+msgid "Address to send mail to: %s"
+msgstr "Адреса на коју послати поруку: %s"
+
+#: plugins/sudoers/def_data.c:209
+#, c-format
+msgid "Address to send mail from: %s"
+msgstr "Адреса са које послати поруку: %s"
+
+#: plugins/sudoers/def_data.c:213
+#, c-format
+msgid "Subject line for mail messages: %s"
+msgstr "Ред теме за поруке поште: %s"
+
+#: plugins/sudoers/def_data.c:217
+#, c-format
+msgid "Incorrect password message: %s"
+msgstr "Порука нетачне лозинке: %s"
+
+#: plugins/sudoers/def_data.c:221
+#, c-format
+msgid "Path to lecture status dir: %s"
+msgstr "Путања до директоријума стања обучавања: %s"
+
+#: plugins/sudoers/def_data.c:225
+#, c-format
+msgid "Path to authentication timestamp dir: %s"
+msgstr "Путања до директоријума временске ознаке потврђивања идентитета: %s"
+
+#: plugins/sudoers/def_data.c:229
+#, c-format
+msgid "Owner of the authentication timestamp dir: %s"
+msgstr "Власник директоријума временске ознаке потврђивања идентитета: %s"
+
+#: plugins/sudoers/def_data.c:233
+#, c-format
+msgid "Users in this group are exempt from password and PATH requirements: %s"
+msgstr "Корисницима у овој групи се не захтева лозинка и ПУТАЊА: %s"
+
+#: plugins/sudoers/def_data.c:237
+#, c-format
+msgid "Default password prompt: %s"
+msgstr "Основни упит лозинке: %s"
+
+#: plugins/sudoers/def_data.c:241
+msgid "If set, passprompt will override system prompt in all cases."
+msgstr "Ако је подешено, упит лозинке ће преписати системски упит у свим случајевима."
+
+#: plugins/sudoers/def_data.c:245
+#, c-format
+msgid "Default user to run commands as: %s"
+msgstr "Основни корисник за покретање наредби као: %s"
+
+#: plugins/sudoers/def_data.c:249
+#, c-format
+msgid "Value to override user's $PATH with: %s"
+msgstr "Вредност за преписивање корисничке $ПУТАЊЕ са: %s"
+
+#: plugins/sudoers/def_data.c:253
+#, c-format
+msgid "Path to the editor for use by visudo: %s"
+msgstr "Путања до уређивача кога ће да користи висудо: %s"
+
+#: plugins/sudoers/def_data.c:257
+#, c-format
+msgid "When to require a password for 'list' pseudocommand: %s"
+msgstr "Када да затражи лозинку за псеудонаредбу „list“: %s"
+
+#: plugins/sudoers/def_data.c:261
+#, c-format
+msgid "When to require a password for 'verify' pseudocommand: %s"
+msgstr "Када да затражи лозинку за псеудонаредбу „verify“: %s"
+
+#: plugins/sudoers/def_data.c:265
+msgid "Preload the dummy exec functions contained in the sudo_noexec library"
+msgstr "Унапред учитава лажне функције извршавања које се налазе у библиотеци „sudo_noexec“"
+
+#: plugins/sudoers/def_data.c:269
+msgid "If LDAP directory is up, do we ignore local sudoers file"
+msgstr "Ако је ЛДАП директоријум изнет, да ли занемарујемо месну датотеку судоерса"
+
+#: plugins/sudoers/def_data.c:273
+#, c-format
+msgid "File descriptors >= %d will be closed before executing a command"
+msgstr "Описници датотека >= %d ће бити затворени пре извршавања наредбе"
+
+#: plugins/sudoers/def_data.c:277
+msgid "If set, users may override the value of `closefrom' with the -C option"
+msgstr "Ако је подешено, корисници могу да препишу вредност „closefrom“ са опцијом „-C“"
+
+#: plugins/sudoers/def_data.c:281
+msgid "Allow users to set arbitrary environment variables"
+msgstr "Дозвољава корисницима да подесе произвољне променљиве окружења"
+
+#: plugins/sudoers/def_data.c:285
+msgid "Reset the environment to a default set of variables"
+msgstr "Враћа окружење на основни скуп променљивих"
+
+#: plugins/sudoers/def_data.c:289
+msgid "Environment variables to check for sanity:"
+msgstr "Променљиве окружења за проверу исправности:"
+
+#: plugins/sudoers/def_data.c:293
+msgid "Environment variables to remove:"
+msgstr "Променљиве окружења за уклањање:"
+
+#: plugins/sudoers/def_data.c:297
+msgid "Environment variables to preserve:"
+msgstr "Променљиве окружења за очување:"
+
+#: plugins/sudoers/def_data.c:301
+#, c-format
+msgid "SELinux role to use in the new security context: %s"
+msgstr "СЕЛинукс улога за употребу у новом контексту безбедности: %s"
+
+#: plugins/sudoers/def_data.c:305
+#, c-format
+msgid "SELinux type to use in the new security context: %s"
+msgstr "СЕЛинукс врста за употребу у новом контексту безбедности: %s"
+
+#: plugins/sudoers/def_data.c:309
+#, c-format
+msgid "Path to the sudo-specific environment file: %s"
+msgstr "Путања до судо-посебне датотеке окружења: %s"
+
+#: plugins/sudoers/def_data.c:313
+#, c-format
+msgid "Path to the restricted sudo-specific environment file: %s"
+msgstr "Путања до ограничене судо-посебне датотеке окружења: %s"
+
+#: plugins/sudoers/def_data.c:317
+#, c-format
+msgid "Locale to use while parsing sudoers: %s"
+msgstr "Језк за коришћење при обради судоерса: %s"
+
+#: plugins/sudoers/def_data.c:321
+msgid "Allow sudo to prompt for a password even if it would be visible"
+msgstr "Дозвољава да судо тражи лозинку чак и ако би била видљива"
+
+#: plugins/sudoers/def_data.c:325
+msgid "Provide visual feedback at the password prompt when there is user input"
+msgstr "Обезбеђује видну повратну поруку при тражењу лозинке када постоји унос корисника"
+
+#: plugins/sudoers/def_data.c:329
+msgid "Use faster globbing that is less accurate but does not access the filesystem"
+msgstr "Користи брже упоређивање које је мање тачно али не приступа систему датотека"
+
+#: plugins/sudoers/def_data.c:333
+msgid "The umask specified in sudoers will override the user's, even if it is more permissive"
+msgstr "Умаска наведена у судоерсима ће преписати корисникову, чак и ако има већа овлашћења"
+
+#: plugins/sudoers/def_data.c:337
+msgid "Log user's input for the command being run"
+msgstr "Бележи корисников улаз за покренуту наредбу"
+
+#: plugins/sudoers/def_data.c:341
+msgid "Log the output of the command being run"
+msgstr "Бележи излаз покренуте наредбе"
+
+#: plugins/sudoers/def_data.c:345
+msgid "Compress I/O logs using zlib"
+msgstr "Пакује У/И дневнике користећи злиб"
+
+#: plugins/sudoers/def_data.c:349
+msgid "Always run commands in a pseudo-tty"
+msgstr "Увек покреће наредбе у привидној конзоли"
+
+#: plugins/sudoers/def_data.c:353
+#, c-format
+msgid "Plugin for non-Unix group support: %s"
+msgstr "Прикључак за подршку не-Јуникс групе: %s"
+
+#: plugins/sudoers/def_data.c:357
+#, c-format
+msgid "Directory in which to store input/output logs: %s"
+msgstr "Директоријум за смештај улазних/излазних дневника: %s"
+
+#: plugins/sudoers/def_data.c:361
+#, c-format
+msgid "File in which to store the input/output log: %s"
+msgstr "Датотека за смештај улазно/излазног дневника: %s"
+
+#: plugins/sudoers/def_data.c:365
+msgid "Add an entry to the utmp/utmpx file when allocating a pty"
+msgstr "Додаје унос у датотеку „utmp/utmpx“ када додељује „pty“"
+
+#: plugins/sudoers/def_data.c:369
+msgid "Set the user in utmp to the runas user, not the invoking user"
+msgstr "Подешава корисника у „utmp“-у на корисника покрени-као, не призивајући корисника"
+
+#: plugins/sudoers/def_data.c:373
+#, c-format
+msgid "Set of permitted privileges: %s"
+msgstr "Скуп допуштених повластица: %s"
+
+#: plugins/sudoers/def_data.c:377
+#, c-format
+msgid "Set of limit privileges: %s"
+msgstr "Скуп повластица ограничења: %s"
+
+#: plugins/sudoers/def_data.c:381
+msgid "Run commands on a pty in the background"
+msgstr "Покреће наредбе у позадини на назовитерминалу"
+
+#: plugins/sudoers/def_data.c:385
+#, c-format
+msgid "PAM service name to use: %s"
+msgstr "Назив ПАМ услуге за коришћење: %s"
+
+#: plugins/sudoers/def_data.c:389
+#, c-format
+msgid "PAM service name to use for login shells: %s"
+msgstr "Назив ПАМ услуге за шкољке пријављивања: %s"
+
+#: plugins/sudoers/def_data.c:393
+msgid "Attempt to establish PAM credentials for the target user"
+msgstr "Покушава да успостави ПАМ пуномоћства за циљног корисника"
+
+#: plugins/sudoers/def_data.c:397
+msgid "Create a new PAM session for the command to run in"
+msgstr "Прави нову ПАМ сесију за покретање наредбе"
+
+#: plugins/sudoers/def_data.c:401
+#, c-format
+msgid "Maximum I/O log sequence number: %u"
+msgstr "Највећи број низа У/И дневника: %u"
+
+#: plugins/sudoers/def_data.c:405
+msgid "Enable sudoers netgroup support"
+msgstr "Укључује подршку нетгрупе судоерса"
+
+#: plugins/sudoers/def_data.c:409
+msgid "Check parent directories for writability when editing files with sudoedit"
+msgstr "Проверава родитељски директоријум за уписивошћу када уређује датотеке са „sudoedit“"
+
+#: plugins/sudoers/def_data.c:413
+msgid "Follow symbolic links when editing files with sudoedit"
+msgstr "Прати симболичке везе када уређује датотеке са „sudoedit“"
+
+#: plugins/sudoers/def_data.c:417
+msgid "Query the group plugin for unknown system groups"
+msgstr "Пропитује прикључак групе за непознатим групама система"
+
+#: plugins/sudoers/def_data.c:421
+msgid "Match netgroups based on the entire tuple: user, host and domain"
+msgstr "Упоређује мрежне групе на основу читавог слога: корисник, домаћин и домен"
+
+#: plugins/sudoers/def_data.c:425
+msgid "Allow commands to be run even if sudo cannot write to the audit log"
+msgstr "Допушта покретање наредби чак и ако судо не може да пише у дневник прегледа"
+
+#: plugins/sudoers/def_data.c:429
+msgid "Allow commands to be run even if sudo cannot write to the I/O log"
+msgstr "Допушта покретање наредби чак и ако судо не може да пише у дневник У/И"
+
+#: plugins/sudoers/def_data.c:433
+msgid "Allow commands to be run even if sudo cannot write to the log file"
+msgstr "Допушта покретање наредби чак и ако судо не може да пише у датотеку дневника"
+
+#: plugins/sudoers/def_data.c:437
+msgid "Resolve groups in sudoers and match on the group ID, not the name"
+msgstr "Решава групе у судоерсима и упоређује ИД групе, а не назив"
+
+#: plugins/sudoers/def_data.c:441
+#, c-format
+msgid "Log entries larger than this value will be split into multiple syslog messages: %u"
+msgstr "Уноси дневника већи од ове вредности биће подељени на више порука системског дневника: %u"
+
+#: plugins/sudoers/def_data.c:445
+#, c-format
+msgid "User that will own the I/O log files: %s"
+msgstr "Корисник који ће поседовати датотеке дневника У/И: %s"
+
+#: plugins/sudoers/def_data.c:449
+#, c-format
+msgid "Group that will own the I/O log files: %s"
+msgstr "Група која ће поседовати датотеке дневника У/И: %s"
+
+#: plugins/sudoers/def_data.c:453
+#, c-format
+msgid "File mode to use for the I/O log files: 0%o"
+msgstr "Режим датотеке за коришћење за датотеке дневника У/И: 0%o"
+
+#: plugins/sudoers/def_data.c:457
+#, c-format
+msgid "Execute commands by file descriptor instead of by path: %s"
+msgstr "Извршава наредбе описником датотеке уместо путањом: %s"
+
+#: plugins/sudoers/def_data.c:461
+msgid "Ignore unknown Defaults entries in sudoers instead of producing a warning"
+msgstr "Занемарује непознате уносе основности у судоерсу уместо да даје упозорење"
+
+#: plugins/sudoers/def_data.c:465
+#, c-format
+msgid "Time in seconds after which the command will be terminated: %u"
+msgstr "Време у секундама након ког ће наредба бити окончана: %u"
+
+#: plugins/sudoers/def_data.c:469
+msgid "Allow the user to specify a timeout on the command line"
+msgstr "Допушта кориснику да наведе време на линији наредби"
+
+#: plugins/sudoers/def_data.c:473
+msgid "Flush I/O log data to disk immediately instead of buffering it"
+msgstr "Пребацује У/И податке дневника на диск одмах уместо да га смешта у међумеморију"
+
+#: plugins/sudoers/def_data.c:477
+msgid "Include the process ID when logging via syslog"
+msgstr "Укључује ИБ процеса приликом пријављивања путем дневника система"
+
+#: plugins/sudoers/def_data.c:481
+#, c-format
+msgid "Type of authentication timestamp record: %s"
+msgstr "Врста временске ознаке потврђивања идентитета: %s"
+
+#: plugins/sudoers/defaults.c:220
+#, c-format
+msgid "%s:%d unknown defaults entry \"%s\""
+msgstr "%s:%d непознат унос основности „%s“"
+
+#: plugins/sudoers/defaults.c:223
+#, c-format
+msgid "%s: unknown defaults entry \"%s\""
+msgstr "%s: непознат унос основности „%s“"
+
+#: plugins/sudoers/defaults.c:263
+#, c-format
+msgid "%s:%d no value specified for \"%s\""
+msgstr "%s:%d није наведена вредност за „%s“"
+
+#: plugins/sudoers/defaults.c:266
+#, c-format
+msgid "%s: no value specified for \"%s\""
+msgstr "%s: није наведена вредност за „%s“"
+
+#: plugins/sudoers/defaults.c:286
+#, c-format
+msgid "%s:%d values for \"%s\" must start with a '/'"
+msgstr "%s:%d вредност за „%s“ мора да почиње /"
+
+#: plugins/sudoers/defaults.c:289
+#, c-format
+msgid "%s: values for \"%s\" must start with a '/'"
+msgstr "%s: вредност за „%s“ мора да почиње /"
+
+#: plugins/sudoers/defaults.c:314
+#, c-format
+msgid "%s:%d option \"%s\" does not take a value"
+msgstr "%s:%d опција „%s“ не узима вредност"
+
+#: plugins/sudoers/defaults.c:317
+#, c-format
+msgid "%s: option \"%s\" does not take a value"
+msgstr "%s: опција „%s“ не узима вредност"
+
+#: plugins/sudoers/defaults.c:339
+#, c-format
+msgid "%s:%d invalid Defaults type 0x%x for option \"%s\""
+msgstr "%s:%d неисправна врста основности 0x%x за опцију „%s“"
+
+#: plugins/sudoers/defaults.c:342
+#, c-format
+msgid "%s: invalid Defaults type 0x%x for option \"%s\""
+msgstr "%s: неисправна врста основности 0x%x за опцију „%s“"
+
+#: plugins/sudoers/defaults.c:352
+#, c-format
+msgid "%s:%d value \"%s\" is invalid for option \"%s\""
+msgstr "%s:%d вредност „%s“ је неисправна за опцију „%s“"
+
+#: plugins/sudoers/defaults.c:355
+#, c-format
+msgid "%s: value \"%s\" is invalid for option \"%s\""
+msgstr "%s: вредност „%s“ је неисправна за опцију „%s“"
+
+#: plugins/sudoers/env.c:295 plugins/sudoers/env.c:302
+#: plugins/sudoers/env.c:407 plugins/sudoers/ldap.c:453
+#: plugins/sudoers/ldap.c:543 plugins/sudoers/ldap.c:1253
+#: plugins/sudoers/ldap.c:1480 plugins/sudoers/ldap.c:1806
+#: plugins/sudoers/linux_audit.c:82 plugins/sudoers/logging.c:947
+#: plugins/sudoers/policy.c:537 plugins/sudoers/policy.c:547
+#: plugins/sudoers/prompt.c:161 plugins/sudoers/sudoers.c:872
+#: plugins/sudoers/testsudoers.c:238 plugins/sudoers/toke_util.c:158
+#, c-format
+msgid "internal error, %s overflow"
+msgstr "унутрашња грешка, прекорачење „%s“"
+
+#: plugins/sudoers/env.c:376
+msgid "sudo_putenv: corrupted envp, length mismatch"
+msgstr "sudo_putenv: оштећено стави окружење, дужине не одговарају"
+
+#: plugins/sudoers/env.c:1055
+msgid "unable to rebuild the environment"
+msgstr "не могу поново да изградим окружење"
+
+#: plugins/sudoers/env.c:1129
+#, c-format
+msgid "sorry, you are not allowed to set the following environment variables: %s"
+msgstr "извините, није вам дозвољено да подесите следеће променљиве окружења: %s"
+
+#: plugins/sudoers/filedigest.c:104 plugins/sudoers/filedigest_gcrypt.c:66
+#: plugins/sudoers/filedigest_openssl.c:95
+#, c-format
+msgid "unsupported digest type %d for %s"
+msgstr "неподржана врста прихватања потврђивања иднтитета „%d“ за „%s“"
+
+#: plugins/sudoers/filedigest.c:129 plugins/sudoers/filedigest_gcrypt.c:98
+#: plugins/sudoers/filedigest_openssl.c:120
+#, c-format
+msgid "%s: read error"
+msgstr "%s: грешка читања"
+
+#: plugins/sudoers/group_plugin.c:86
+#, c-format
+msgid "%s must be owned by uid %d"
+msgstr "„%s“ мора бити у власништву јиб-а %d"
+
+#: plugins/sudoers/group_plugin.c:90
+#, c-format
+msgid "%s must only be writable by owner"
+msgstr "Само корисник може да пише у „%s“"
+
+#: plugins/sudoers/group_plugin.c:98 plugins/sudoers/sssd.c:398
+#, c-format
+msgid "unable to load %s: %s"
+msgstr "не могу да учитам %s: %s"
+
+#: plugins/sudoers/group_plugin.c:104
+#, c-format
+msgid "unable to find symbol \"group_plugin\" in %s"
+msgstr "не могу да нађем симбол „group_plugin“ у „%s“"
+
+#: plugins/sudoers/group_plugin.c:109
+#, c-format
+msgid "%s: incompatible group plugin major version %d, expected %d"
+msgstr "%s: несагласно веће издање прикључка групе %d, очекивано је %d"
+
+#: plugins/sudoers/interfaces.c:79 plugins/sudoers/interfaces.c:96
+#, c-format
+msgid "unable to parse IP address \"%s\""
+msgstr "не могу да обрадим ИП адресу „%s“"
+
+#: plugins/sudoers/interfaces.c:84 plugins/sudoers/interfaces.c:101
+#, c-format
+msgid "unable to parse netmask \"%s\""
+msgstr "не могу да обрадим мрежну маску „%s“"
+
+#: plugins/sudoers/interfaces.c:129
+msgid "Local IP address and netmask pairs:\n"
+msgstr "Месна ИП адреса и парови мрежне маске:\n"
+
+#: plugins/sudoers/iolog.c:121 plugins/sudoers/mkdir_parents.c:75
+#, c-format
+msgid "%s exists but is not a directory (0%o)"
+msgstr "%s постоји али није директоријум (0%o)"
+
+#: plugins/sudoers/iolog.c:146 plugins/sudoers/iolog.c:187
+#: plugins/sudoers/mkdir_parents.c:64 plugins/sudoers/timestamp.c:170
+#, c-format
+msgid "unable to mkdir %s"
+msgstr "не могу да направим директоријум „%s“"
+
+#: plugins/sudoers/iolog.c:191 plugins/sudoers/visudo.c:740
+#: plugins/sudoers/visudo.c:750
+#, c-format
+msgid "unable to change mode of %s to 0%o"
+msgstr "не могу да променим режим „%s“ на 0%o"
+
+#: plugins/sudoers/iolog.c:299 plugins/sudoers/sudoers.c:1192
+#: plugins/sudoers/testsudoers.c:390
+#, c-format
+msgid "unknown group: %s"
+msgstr "непозната група: %s"
+
+#: plugins/sudoers/iolog.c:418 plugins/sudoers/sudoers.c:928
+#: plugins/sudoers/sudoreplay.c:349 plugins/sudoers/sudoreplay.c:1335
+#: plugins/sudoers/sudoreplay.c:1539 plugins/sudoers/timestamp.c:398
+#: plugins/sudoers/visudo.c:972 plugins/sudoers/visudo_json.c:1001
+#: plugins/sudoers/visudo_json.c:1014
+#, c-format
+msgid "unable to open %s"
+msgstr "не могу да отворим „%s“"
+
+#: plugins/sudoers/iolog.c:469 plugins/sudoers/sudoers.c:932
+#: plugins/sudoers/sudoreplay.c:831 plugins/sudoers/sudoreplay.c:1650
+#, c-format
+msgid "unable to read %s"
+msgstr "не могу да прочитам „%s“"
+
+#: plugins/sudoers/iolog.c:505 plugins/sudoers/sudoreplay.c:1104
+#: plugins/sudoers/timestamp.c:290 plugins/sudoers/timestamp.c:293
+#, c-format
+msgid "unable to write to %s"
+msgstr "не могу да пишем у „%s“"
+
+#: plugins/sudoers/iolog.c:584 plugins/sudoers/iolog.c:803
+#, c-format
+msgid "unable to create %s"
+msgstr "не могу да направим „%s“"
+
+#: plugins/sudoers/iolog.c:1035 plugins/sudoers/iolog.c:1110
+#: plugins/sudoers/iolog.c:1191
+#, c-format
+msgid "unable to write to I/O log file: %s"
+msgstr "не могу да пишем у датотеку дневника У/И: %s"
+
+#: plugins/sudoers/iolog.c:1069
+#, c-format
+msgid "%s: internal error, file index %d not open"
+msgstr "%s: унутрашња грешка, индекс датотеке %d није отворен"
+
+#: plugins/sudoers/ldap.c:431
+msgid "sudo_ldap_conf_add_ports: port too large"
+msgstr "sudo_ldap_conf_add_ports: прикључник је превелик"
+
+#: plugins/sudoers/ldap.c:491
+#, c-format
+msgid "unsupported LDAP uri type: %s"
+msgstr "неподржана врста ЛДАП путање: %s"
+
+#: plugins/sudoers/ldap.c:518
+msgid "unable to mix ldap and ldaps URIs"
+msgstr "не могу да помешам лдап и лдапс путање"
+
+#: plugins/sudoers/ldap.c:522 plugins/sudoers/ldap.c:558
+msgid "starttls not supported when using ldaps"
+msgstr "старттлс није подржано када се користи лдапс"
+
+#: plugins/sudoers/ldap.c:629
+#, c-format
+msgid "unable to initialize SSL cert and key db: %s"
+msgstr "не могу да покренем ССЛ уверење и бп кључа: %s"
+
+#: plugins/sudoers/ldap.c:632
+#, c-format
+msgid "you must set TLS_CERT in %s to use SSL"
+msgstr "морате да подесите „TLS_CERT“ у „%s“ да користите ССЛ"
+
+#: plugins/sudoers/ldap.c:1239
+msgid "unable to get GMT time"
+msgstr "не могу да добавим ГМТ време"
+
+#: plugins/sudoers/ldap.c:1245
+msgid "unable to format timestamp"
+msgstr "не могу да обликујем временску ознаку"
+
+#: plugins/sudoers/ldap.c:1961
+#, c-format
+msgid "%s: %s: %s: %s"
+msgstr "%s: %s: %s: %s"
+
+#: plugins/sudoers/ldap.c:2533
+#, c-format
+msgid ""
+"\n"
+"LDAP Role: %s\n"
+msgstr ""
+"\n"
+"ЛДАП улога: %s\n"
+
+#: plugins/sudoers/ldap.c:2535
+#, c-format
+msgid ""
+"\n"
+"LDAP Role: UNKNOWN\n"
+msgstr ""
+"\n"
+"ЛДАП улога: НЕПОЗНАТО\n"
+
+#: plugins/sudoers/ldap.c:2591
+#, c-format
+msgid "    Order: %s\n"
+msgstr "    Поредак: %s\n"
+
+#: plugins/sudoers/ldap.c:2599 plugins/sudoers/parse.c:614
+#: plugins/sudoers/sssd.c:1628
+#, c-format
+msgid "    Commands:\n"
+msgstr "    Наредбе:\n"
+
+#: plugins/sudoers/ldap.c:3161
+#, c-format
+msgid "unable to initialize LDAP: %s"
+msgstr "не могу да покренем ЛДАП: %s"
+
+#: plugins/sudoers/ldap.c:3197
+msgid "start_tls specified but LDAP libs do not support ldap_start_tls_s() or ldap_start_tls_s_np()"
+msgstr "„start_tls“ је наведено али ЛДАП библиотеке не подржавају „ldap_start_tls_s()“ или „ldap_start_tls_s_np()“"
+
+#: plugins/sudoers/ldap.c:3446
+#, c-format
+msgid "invalid sudoOrder attribute: %s"
+msgstr "неисправна особина „sudoOrder“: %s"
+
+#: plugins/sudoers/linux_audit.c:52
+msgid "unable to open audit system"
+msgstr "не могу да отворим систем прегледа"
+
+#: plugins/sudoers/linux_audit.c:93
+msgid "unable to send audit message"
+msgstr "не могу да пошаљем поруку прегледа"
+
+#: plugins/sudoers/logging.c:107
+#, c-format
+msgid "%8s : %s"
+msgstr "%8s : %s"
+
+#: plugins/sudoers/logging.c:135
+#, c-format
+msgid "%8s : (command continued) %s"
+msgstr "%8s : (наредба је настављена) %s"
+
+#: plugins/sudoers/logging.c:164
+#, c-format
+msgid "unable to open log file: %s"
+msgstr "не могу да отворим датотеку дневника: %s"
+
+#: plugins/sudoers/logging.c:172
+#, c-format
+msgid "unable to lock log file: %s"
+msgstr "не могу да закључам датотеку дневника: %s"
+
+#: plugins/sudoers/logging.c:205
+#, c-format
+msgid "unable to write log file: %s"
+msgstr "не могу да запишем датотеку дневника: %s"
+
+#: plugins/sudoers/logging.c:234
+msgid "No user or host"
+msgstr "Нема корисника или домаћина"
+
+#: plugins/sudoers/logging.c:236
+msgid "validation failure"
+msgstr "неуспех потврђивања"
+
+#: plugins/sudoers/logging.c:243
+msgid "user NOT in sudoers"
+msgstr "корисник НИЈЕ у судоерсу"
+
+#: plugins/sudoers/logging.c:245
+msgid "user NOT authorized on host"
+msgstr "корисник НИЈЕ овлашћен на домаћину"
+
+#: plugins/sudoers/logging.c:247
+msgid "command not allowed"
+msgstr "наредба није допуштена"
+
+#: plugins/sudoers/logging.c:282
+#, c-format
+msgid "%s is not in the sudoers file.  This incident will be reported.\n"
+msgstr "„%s“ се не налази у датотеци судоерса.  О овом инциденту ће бити поднет извештај.\n"
+
+#: plugins/sudoers/logging.c:285
+#, c-format
+msgid "%s is not allowed to run sudo on %s.  This incident will be reported.\n"
+msgstr "„%s“ нема права да покрене судо над „%s“.  О овом инциденту ће бити поднет извештај.\n"
+
+#: plugins/sudoers/logging.c:289
+#, c-format
+msgid "Sorry, user %s may not run sudo on %s.\n"
+msgstr "Извините, корисник %s не може покренути судо на %s.\n"
+
+#: plugins/sudoers/logging.c:292
+#, c-format
+msgid "Sorry, user %s is not allowed to execute '%s%s%s' as %s%s%s on %s.\n"
+msgstr "Извините, кориснику %s није дозвољено да изврши „%s%s%s“ као %s%s%s на %s.\n"
+
+#: plugins/sudoers/logging.c:329 plugins/sudoers/sudoers.c:472
+#: plugins/sudoers/sudoers.c:474 plugins/sudoers/sudoers.c:476
+#: plugins/sudoers/sudoers.c:478 plugins/sudoers/sudoers.c:1297
+#: plugins/sudoers/sudoers.c:1299
+#, c-format
+msgid "%s: command not found"
+msgstr "%s: нема такве наредбе"
+
+#: plugins/sudoers/logging.c:331 plugins/sudoers/sudoers.c:468
+#, c-format
+msgid ""
+"ignoring \"%s\" found in '.'\n"
+"Use \"sudo ./%s\" if this is the \"%s\" you wish to run."
+msgstr ""
+"занемарујем „%s“ пронађено у „.“\n"
+"Користите „sudo ./%s“ ако је то „%s“ које желите да покренете."
+
+#: plugins/sudoers/logging.c:348
+msgid "authentication failure"
+msgstr "потврђивање идентитета није успело"
+
+#: plugins/sudoers/logging.c:374
+msgid "a password is required"
+msgstr "потребна је лозинка"
+
+#: plugins/sudoers/logging.c:445 plugins/sudoers/logging.c:511
+#, c-format
+msgid "%u incorrect password attempt"
+msgid_plural "%u incorrect password attempts"
+msgstr[0] "%u покушај нетачне лозинке"
+msgstr[1] "%u покушаја нетачне лозинке"
+msgstr[2] "%u покушаја нетачне лозинке"
+
+#: plugins/sudoers/logging.c:598
+msgid "unable to fork"
+msgstr "не могу да исцепим"
+
+#: plugins/sudoers/logging.c:606 plugins/sudoers/logging.c:658
+#, c-format
+msgid "unable to fork: %m"
+msgstr "не могу да исцепим: %m"
+
+#: plugins/sudoers/logging.c:648
+#, c-format
+msgid "unable to open pipe: %m"
+msgstr "не могу да отворим спојку: %m"
+
+#: plugins/sudoers/logging.c:673
+#, c-format
+msgid "unable to dup stdin: %m"
+msgstr "не могу да удвостручим стандардни улаз: %m"
+
+#: plugins/sudoers/logging.c:711
+#, c-format
+msgid "unable to execute %s: %m"
+msgstr "не могу да извршим „%s“: %m"
+
+#: plugins/sudoers/match.c:771
+#, c-format
+msgid "digest for %s (%s) is not in %s form"
+msgstr "приказ за %s (%s) није у %s облику"
+
+#: plugins/sudoers/mkdir_parents.c:70 plugins/sudoers/sudoers.c:943
+#: plugins/sudoers/visudo.c:439 plugins/sudoers/visudo.c:734
+#, c-format
+msgid "unable to stat %s"
+msgstr "не могу да добијем податке о „%s“"
+
+#: plugins/sudoers/parse.c:115
+#, c-format
+msgid "parse error in %s near line %d"
+msgstr "грешка обраде у %s близу реда %d"
+
+#: plugins/sudoers/parse.c:118
+#, c-format
+msgid "parse error in %s"
+msgstr "грешка обраде у %s"
+
+#: plugins/sudoers/parse.c:540
+#, c-format
+msgid ""
+"\n"
+"Sudoers entry:\n"
+msgstr ""
+"\n"
+"Унос судоерса:\n"
+
+#: plugins/sudoers/parse.c:541
+#, c-format
+msgid "    RunAsUsers: "
+msgstr "    „Покрени-као“ корисници: "
+
+#: plugins/sudoers/parse.c:555
+#, c-format
+msgid "    RunAsGroups: "
+msgstr "    „Покрени-као“ групе: "
+
+#: plugins/sudoers/parse.c:564
+#, c-format
+msgid "    Options: "
+msgstr "    Опције: "
+
+#: plugins/sudoers/policy.c:242 plugins/sudoers/testsudoers.c:261
+msgid "unable to parse network address list"
+msgstr "не могу да обрадим списак адреса мреже"
+
+#: plugins/sudoers/policy.c:711 plugins/sudoers/visudo.c:910
+#, c-format
+msgid "unable to execute %s"
+msgstr "не могу да извршим „%s“"
+
+#: plugins/sudoers/policy.c:844
+#, c-format
+msgid "Sudoers policy plugin version %s\n"
+msgstr "Издање %s прикључка политике судоерса\n"
+
+#: plugins/sudoers/policy.c:846
+#, c-format
+msgid "Sudoers file grammar version %d\n"
+msgstr "Граматика датотеке судоерса издање %d\n"
+
+#: plugins/sudoers/policy.c:850
+#, c-format
+msgid ""
+"\n"
+"Sudoers path: %s\n"
+msgstr ""
+"\n"
+"Путања судоерса: %s\n"
+
+#: plugins/sudoers/policy.c:853
+#, c-format
+msgid "nsswitch path: %s\n"
+msgstr "путања нс-прекидача: %s\n"
+
+#: plugins/sudoers/policy.c:855
+#, c-format
+msgid "ldap.conf path: %s\n"
+msgstr "путања лдап.подешавања: %s\n"
+
+#: plugins/sudoers/policy.c:856
+#, c-format
+msgid "ldap.secret path: %s\n"
+msgstr "путања лдап.тајне: %s\n"
+
+#: plugins/sudoers/policy.c:889
+#, c-format
+msgid "unable to register hook of type %d (version %d.%d)"
+msgstr "немогу да региструјем прикачку врсте „%d“ (издање %d.%d)"
+
+#: plugins/sudoers/pwutil.c:162 plugins/sudoers/pwutil.c:180
+#, c-format
+msgid "unable to cache uid %u, out of memory"
+msgstr "не могу да сместим у оставу јиб „%u“, нема више меморије"
+
+#: plugins/sudoers/pwutil.c:174
+#, c-format
+msgid "unable to cache uid %u, already exists"
+msgstr "не могу да сместим у оставу јиб „%u“, већ постоји"
+
+#: plugins/sudoers/pwutil.c:234 plugins/sudoers/pwutil.c:251
+#: plugins/sudoers/pwutil.c:313 plugins/sudoers/pwutil.c:358
+#, c-format
+msgid "unable to cache user %s, out of memory"
+msgstr "не могу да сместим у оставу корисника „%s“, нема више меморије"
+
+#: plugins/sudoers/pwutil.c:246
+#, c-format
+msgid "unable to cache user %s, already exists"
+msgstr "не могу да сместим у оставу корисника „%s“, већ постоји"
+
+#: plugins/sudoers/pwutil.c:474 plugins/sudoers/pwutil.c:492
+#, c-format
+msgid "unable to cache gid %u, out of memory"
+msgstr "не могу да сместим у оставу гиб „%u“, нема више меморије"
+
+#: plugins/sudoers/pwutil.c:486
+#, c-format
+msgid "unable to cache gid %u, already exists"
+msgstr "не могу да сместим у оставу гиб „%u“, већ постоји"
+
+#: plugins/sudoers/pwutil.c:540 plugins/sudoers/pwutil.c:557
+#: plugins/sudoers/pwutil.c:604 plugins/sudoers/pwutil.c:646
+#, c-format
+msgid "unable to cache group %s, out of memory"
+msgstr "не могу да сместим у оставу групу „%s“, нема више меморије"
+
+#: plugins/sudoers/pwutil.c:552
+#, c-format
+msgid "unable to cache group %s, already exists"
+msgstr "не могу да сместим у оставу групу „%s“, већ постоји"
+
+#: plugins/sudoers/pwutil.c:772 plugins/sudoers/pwutil.c:824
+#: plugins/sudoers/pwutil.c:874 plugins/sudoers/pwutil.c:926
+#, c-format
+msgid "unable to cache group list for %s, already exists"
+msgstr "не могу да сместим у оставу списак групе за „%s“, већ постоји"
+
+#: plugins/sudoers/pwutil.c:778 plugins/sudoers/pwutil.c:829
+#: plugins/sudoers/pwutil.c:880 plugins/sudoers/pwutil.c:931
+#, c-format
+msgid "unable to cache group list for %s, out of memory"
+msgstr "не могу да сместим у оставу списак групе за „%s“, нема више меморије"
+
+#: plugins/sudoers/pwutil.c:818
+#, c-format
+msgid "unable to parse groups for %s"
+msgstr "не могу да обрадим групе за „%s“"
+
+#: plugins/sudoers/pwutil.c:920
+#, c-format
+msgid "unable to parse gids for %s"
+msgstr "не могу да обрадим гид-ове за „%s“"
+
+#: plugins/sudoers/set_perms.c:113 plugins/sudoers/set_perms.c:469
+#: plugins/sudoers/set_perms.c:912 plugins/sudoers/set_perms.c:1239
+#: plugins/sudoers/set_perms.c:1556
+msgid "perm stack overflow"
+msgstr "стално прекорачење спремника"
+
+#: plugins/sudoers/set_perms.c:121 plugins/sudoers/set_perms.c:400
+#: plugins/sudoers/set_perms.c:477 plugins/sudoers/set_perms.c:779
+#: plugins/sudoers/set_perms.c:920 plugins/sudoers/set_perms.c:1163
+#: plugins/sudoers/set_perms.c:1247 plugins/sudoers/set_perms.c:1489
+#: plugins/sudoers/set_perms.c:1564 plugins/sudoers/set_perms.c:1654
+msgid "perm stack underflow"
+msgstr "стално поткорачење спремника"
+
+#: plugins/sudoers/set_perms.c:180 plugins/sudoers/set_perms.c:523
+#: plugins/sudoers/set_perms.c:1298 plugins/sudoers/set_perms.c:1596
+msgid "unable to change to root gid"
+msgstr "не могу да пређем на гиб администратора"
+
+#: plugins/sudoers/set_perms.c:269 plugins/sudoers/set_perms.c:620
+#: plugins/sudoers/set_perms.c:1049 plugins/sudoers/set_perms.c:1375
+msgid "unable to change to runas gid"
+msgstr "не могу да пређем на гиб покреникао"
+
+#: plugins/sudoers/set_perms.c:274 plugins/sudoers/set_perms.c:625
+#: plugins/sudoers/set_perms.c:1054 plugins/sudoers/set_perms.c:1380
+msgid "unable to set runas group vector"
+msgstr "не могу да подесим вектор „покрени-као група“"
+
+#: plugins/sudoers/set_perms.c:285 plugins/sudoers/set_perms.c:636
+#: plugins/sudoers/set_perms.c:1063 plugins/sudoers/set_perms.c:1389
+msgid "unable to change to runas uid"
+msgstr "не могу да пређем на јиб покреникао"
+
+#: plugins/sudoers/set_perms.c:303 plugins/sudoers/set_perms.c:654
+#: plugins/sudoers/set_perms.c:1079 plugins/sudoers/set_perms.c:1405
+msgid "unable to change to sudoers gid"
+msgstr "не могу да пређем на гиб судоерса"
+
+#: plugins/sudoers/set_perms.c:387 plugins/sudoers/set_perms.c:766
+#: plugins/sudoers/set_perms.c:1150 plugins/sudoers/set_perms.c:1476
+#: plugins/sudoers/set_perms.c:1641
+msgid "too many processes"
+msgstr "превише процеса"
+
+#: plugins/sudoers/solaris_audit.c:51
+msgid "unable to get current working directory"
+msgstr "не могу да добавим тренутни радни директоријум"
+
+#: plugins/sudoers/solaris_audit.c:59
+#, c-format
+msgid "truncated audit path user_cmnd: %s"
+msgstr "корисничка_наредба скраћене путање прегледа: %s"
+
+#: plugins/sudoers/solaris_audit.c:66
+#, c-format
+msgid "truncated audit path argv[0]: %s"
+msgstr "„argv[0]“ скраћене путање прегледа: %s"
+
+#: plugins/sudoers/solaris_audit.c:115
+msgid "audit_failure message too long"
+msgstr "порука неуспеха прегледа је предуга"
+
+#: plugins/sudoers/sssd.c:400
+msgid "unable to initialize SSS source. Is SSSD installed on your machine?"
+msgstr "не могу да покренем ССС извор. Да ли је СССД инсталиран на вашем рачунару?"
+
+#: plugins/sudoers/sssd.c:408 plugins/sudoers/sssd.c:417
+#: plugins/sudoers/sssd.c:426 plugins/sudoers/sssd.c:435
+#: plugins/sudoers/sssd.c:444
+#, c-format
+msgid "unable to find symbol \"%s\" in %s"
+msgstr "не могу да нађем симбол „%s“ у „%s“"
+
+#: plugins/sudoers/sssd.c:1543
+#, c-format
+msgid ""
+"\n"
+"SSSD Role: %s\n"
+msgstr ""
+"\n"
+"СССД улога: %s\n"
+
+#: plugins/sudoers/sssd.c:1548
+#, c-format
+msgid ""
+"\n"
+"SSSD Role: UNKNOWN\n"
+msgstr ""
+"\n"
+"СССД улога: НЕПОЗНАТО\n"
+
+#: plugins/sudoers/sudo_nss.c:290
+#, c-format
+msgid "Matching Defaults entries for %s on %s:\n"
+msgstr "Упоређује уносе основности за „%s“ на %s:\n"
+
+#: plugins/sudoers/sudo_nss.c:308
+#, c-format
+msgid "Runas and Command-specific defaults for %s:\n"
+msgstr "Покрени-као и Наредбено-посебне основности за „%s“:\n"
+
+#: plugins/sudoers/sudo_nss.c:326
+#, c-format
+msgid "User %s may run the following commands on %s:\n"
+msgstr "Корисник „%s“ може да покреће следеће наредбе на %s:\n"
+
+#: plugins/sudoers/sudo_nss.c:339
+#, c-format
+msgid "User %s is not allowed to run sudo on %s.\n"
+msgstr "Корисник „%s“ нема права да покрене судо над „%s“.\n"
+
+#: plugins/sudoers/sudoers.c:168 plugins/sudoers/testsudoers.c:247
+#: plugins/sudoers/visudo.c:233 plugins/sudoers/visudo.c:612
+#: plugins/sudoers/visudo.c:976
+msgid "unable to initialize sudoers default values"
+msgstr "не могу да покренем основне вредности судоерса"
+
+#: plugins/sudoers/sudoers.c:198 plugins/sudoers/sudoers.c:890
+msgid "problem with defaults entries"
+msgstr "неприлике са основним уносима"
+
+#: plugins/sudoers/sudoers.c:205
+msgid "no valid sudoers sources found, quitting"
+msgstr "нисам пронашао исправне изворе судоерса, прекидам"
+
+#: plugins/sudoers/sudoers.c:244
+msgid "sudoers specifies that root is not allowed to sudo"
+msgstr "судоерси наводе да администратор није дозвољен у судоу"
+
+#: plugins/sudoers/sudoers.c:301
+msgid "you are not permitted to use the -C option"
+msgstr "није вам допуштено да користите опцију „-C“"
+
+#: plugins/sudoers/sudoers.c:390
+#, c-format
+msgid "timestamp owner (%s): No such user"
+msgstr "власник временске ознаке (%s): нема таквог корисника"
+
+#: plugins/sudoers/sudoers.c:405
+msgid "no tty"
+msgstr "нема конзоле"
+
+#: plugins/sudoers/sudoers.c:406
+msgid "sorry, you must have a tty to run sudo"
+msgstr "извините, морате имати конзолу да покренете судо"
+
+#: plugins/sudoers/sudoers.c:467
+msgid "command in current directory"
+msgstr "наредба у текућем директоријуму"
+
+#: plugins/sudoers/sudoers.c:486
+msgid "sorry, you are not allowed set a command timeout"
+msgstr "извините, није вам дозвољено да подесите време истека наредбе"
+
+#: plugins/sudoers/sudoers.c:494
+msgid "sorry, you are not allowed to preserve the environment"
+msgstr "извините, није вам дозвољено да сачувате окружење"
+
+#: plugins/sudoers/sudoers.c:835
+msgid "command too long"
+msgstr "наредба је предуга"
+
+#: plugins/sudoers/sudoers.c:947
+#, c-format
+msgid "%s is not a regular file"
+msgstr "„%s“ није обична датотека"
+
+#: plugins/sudoers/sudoers.c:951 plugins/sudoers/timestamp.c:217 toke.l:969
+#, c-format
+msgid "%s is owned by uid %u, should be %u"
+msgstr "%s је у власништву уиб-а %u, а треба бити %u"
+
+#: plugins/sudoers/sudoers.c:955 toke.l:974
+#, c-format
+msgid "%s is world writable"
+msgstr "Сви могу да пишу у „%s“"
+
+#: plugins/sudoers/sudoers.c:959 toke.l:977
+#, c-format
+msgid "%s is owned by gid %u, should be %u"
+msgstr "%s је у власништву уиб-а %u, а треба бити %u"
+
+#: plugins/sudoers/sudoers.c:992
+#, c-format
+msgid "only root can use \"-c %s\""
+msgstr "само администратор може да користи „-c %s“"
+
+#: plugins/sudoers/sudoers.c:1011
+#, c-format
+msgid "unknown login class: %s"
+msgstr "непознат разред пријављивања: %s"
+
+#: plugins/sudoers/sudoers.c:1094 plugins/sudoers/sudoers.c:1108
+#, c-format
+msgid "unable to resolve host %s"
+msgstr "не могу да решим домаћина „%s“"
+
+#: plugins/sudoers/sudoreplay.c:275
+#, c-format
+msgid "invalid filter option: %s"
+msgstr "неисправна опција пропусника: %s"
+
+#: plugins/sudoers/sudoreplay.c:288
+#, c-format
+msgid "invalid max wait: %s"
+msgstr "неисправно најдуже чекање: %s"
+
+#: plugins/sudoers/sudoreplay.c:300
+#, c-format
+msgid "invalid speed factor: %s"
+msgstr "неисправан чинилац брзине: %s"
+
+#: plugins/sudoers/sudoreplay.c:303 plugins/sudoers/visudo.c:186
+#, c-format
+msgid "%s version %s\n"
+msgstr "%s издање %s\n"
+
+#: plugins/sudoers/sudoreplay.c:335
+#, c-format
+msgid "%s/%.2s/%.2s/%.2s/timing: %s"
+msgstr "%s/%.2s/%.2s/%.2s/временисање: %s"
+
+#: plugins/sudoers/sudoreplay.c:341
+#, c-format
+msgid "%s/%s/timing: %s"
+msgstr "%s/%s/временисање: %s"
+
+#: plugins/sudoers/sudoreplay.c:357
+#, c-format
+msgid "Replaying sudo session: %s"
+msgstr "Понављам сесију судоа: %s"
+
+#: plugins/sudoers/sudoreplay.c:555 plugins/sudoers/sudoreplay.c:602
+#: plugins/sudoers/sudoreplay.c:804 plugins/sudoers/sudoreplay.c:879
+#: plugins/sudoers/sudoreplay.c:958 plugins/sudoers/sudoreplay.c:973
+#: plugins/sudoers/sudoreplay.c:980 plugins/sudoers/sudoreplay.c:987
+#: plugins/sudoers/sudoreplay.c:994 plugins/sudoers/sudoreplay.c:1001
+#: plugins/sudoers/sudoreplay.c:1143
+msgid "unable to add event to queue"
+msgstr "не могу да додам догађај у ред"
+
+#: plugins/sudoers/sudoreplay.c:670
+msgid "unable to set tty to raw mode"
+msgstr "не могу да подесим конзолу на сирови режим"
+
+#: plugins/sudoers/sudoreplay.c:721
+#, c-format
+msgid "Warning: your terminal is too small to properly replay the log.\n"
+msgstr "Упозорење: ваш терминал је премали да би исправно приказао дневник.\n"
+
+#: plugins/sudoers/sudoreplay.c:722
+#, c-format
+msgid "Log geometry is %d x %d, your terminal's geometry is %d x %d."
+msgstr "Геометрија дневника је %d x %d, а геометрија терминала је %d x %d."
+
+#: plugins/sudoers/sudoreplay.c:749
+msgid "Replay finished, press any key to restore the terminal."
+msgstr "Одговор је завршен, притисните неки тастер да повратите терминал."
+
+#: plugins/sudoers/sudoreplay.c:782
+#, c-format
+msgid "invalid timing file line: %s"
+msgstr "неисправан ред датотеке временисања: %s"
+
+#: plugins/sudoers/sudoreplay.c:1177 plugins/sudoers/sudoreplay.c:1202
+#, c-format
+msgid "ambiguous expression \"%s\""
+msgstr "нејасан израз „%s“"
+
+#: plugins/sudoers/sudoreplay.c:1224
+msgid "unmatched ')' in expression"
+msgstr "непоклопљена ) у изразу"
+
+#: plugins/sudoers/sudoreplay.c:1228
+#, c-format
+msgid "unknown search term \"%s\""
+msgstr "непознат појам претраге „%s“"
+
+#: plugins/sudoers/sudoreplay.c:1243
+#, c-format
+msgid "%s requires an argument"
+msgstr "„%s“ захтева аргумент"
+
+#: plugins/sudoers/sudoreplay.c:1246 plugins/sudoers/sudoreplay.c:1626
+#, c-format
+msgid "invalid regular expression: %s"
+msgstr "неисправан регуларан израз: %s"
+
+#: plugins/sudoers/sudoreplay.c:1250
+#, c-format
+msgid "could not parse date \"%s\""
+msgstr "не могу да обрадим датум „%s“"
+
+#: plugins/sudoers/sudoreplay.c:1259
+msgid "unmatched '(' in expression"
+msgstr "непоклопљена ( у изразу"
+
+#: plugins/sudoers/sudoreplay.c:1261
+msgid "illegal trailing \"or\""
+msgstr "недозвољено пратеће „или“"
+
+#: plugins/sudoers/sudoreplay.c:1263
+msgid "illegal trailing \"!\""
+msgstr "недозвољени пратећи „!“"
+
+#: plugins/sudoers/sudoreplay.c:1312
+#, c-format
+msgid "unknown search type %d"
+msgstr "непозната врста претраге „%d“"
+
+#: plugins/sudoers/sudoreplay.c:1350
+#, c-format
+msgid "%s: invalid log file"
+msgstr "%s: неисправна датотека дневника"
+
+#: plugins/sudoers/sudoreplay.c:1368
+#, c-format
+msgid "%s: time stamp field is missing"
+msgstr "%s: недостаје поље временске ознаке"
+
+#: plugins/sudoers/sudoreplay.c:1375
+#, c-format
+msgid "%s: time stamp %s: %s"
+msgstr "%s: временска ознака %s: %s"
+
+#: plugins/sudoers/sudoreplay.c:1382
+#, c-format
+msgid "%s: user field is missing"
+msgstr "%s: недостаје поље корисника"
+
+#: plugins/sudoers/sudoreplay.c:1391
+#, c-format
+msgid "%s: runas user field is missing"
+msgstr "%s: недостаје поље „покрени-као корисник“"
+
+#: plugins/sudoers/sudoreplay.c:1400
+#, c-format
+msgid "%s: runas group field is missing"
+msgstr "%s: недостаје поље „покрени-као група“"
+
+#: plugins/sudoers/sudoreplay.c:1806
+#, c-format
+msgid "usage: %s [-hnR] [-d dir] [-m num] [-s num] ID\n"
+msgstr "употреба: %s [-hnR] [-d дир] [-m број] [-s број] ИБ\n"
+
+#: plugins/sudoers/sudoreplay.c:1809
+#, c-format
+msgid "usage: %s [-h] [-d dir] -l [search expression]\n"
+msgstr "употреба: %s [-h] [-d дир] -l [израз претраге]\n"
+
+#: plugins/sudoers/sudoreplay.c:1818
+#, c-format
+msgid ""
+"%s - replay sudo session logs\n"
+"\n"
+msgstr ""
+"%s — понавља дневнике сесије судоа\n"
+"\n"
+
+#: plugins/sudoers/sudoreplay.c:1820
+msgid ""
+"\n"
+"Options:\n"
+"  -d, --directory=dir  specify directory for session logs\n"
+"  -f, --filter=filter  specify which I/O type(s) to display\n"
+"  -h, --help           display help message and exit\n"
+"  -l, --list           list available session IDs, with optional expression\n"
+"  -m, --max-wait=num   max number of seconds to wait between events\n"
+"  -s, --speed=num      speed up or slow down output\n"
+"  -V, --version        display version information and exit"
+msgstr ""
+"\n"
+"Опције:\n"
+"  -d, --directory=дир      наводи директоријум за дневнике сесије\n"
+"  -f, --filter=пропусник   наводи У/И врсту(е) за приказивање\n"
+"  -h, --help               приказује поруку помоћи и излази\n"
+"  -l, --list               исписује доступне ИБ-ове сесије, са изборним изразом\n"
+"  -m, --max-wait=број      највећи број секунди за чекање између догађаја\n"
+"  -s, --speed=број         убрзава или успорава излаз\n"
+"  -V, --version                приказује податке о издању и излази"
+
+#: plugins/sudoers/testsudoers.c:329
+msgid "\thost  unmatched"
+msgstr "\tдомаћин  није поклопљен"
+
+#: plugins/sudoers/testsudoers.c:332
+msgid ""
+"\n"
+"Command allowed"
+msgstr ""
+"\n"
+"Наредба је допуштена"
+
+#: plugins/sudoers/testsudoers.c:333
+msgid ""
+"\n"
+"Command denied"
+msgstr ""
+"\n"
+"Наредба је одбијена"
+
+#: plugins/sudoers/testsudoers.c:333
+msgid ""
+"\n"
+"Command unmatched"
+msgstr ""
+"\n"
+"Наредба није поклопљена"
+
+#: plugins/sudoers/timestamp.c:225
+#, c-format
+msgid "%s is group writable"
+msgstr "Група може да пише у „%s“"
+
+#: plugins/sudoers/timestamp.c:301
+#, c-format
+msgid "unable to truncate time stamp file to %lld bytes"
+msgstr "не могу да скратим датотеку временске ознаке на %lld бајта"
+
+#: plugins/sudoers/timestamp.c:756 plugins/sudoers/timestamp.c:823
+#: plugins/sudoers/visudo.c:500 plugins/sudoers/visudo.c:506
+msgid "unable to read the clock"
+msgstr "не могу да прочитам сат"
+
+#: plugins/sudoers/timestamp.c:770
+msgid "ignoring time stamp from the future"
+msgstr "занемарујем временску ознаку из будућности"
+
+#: plugins/sudoers/timestamp.c:782
+#, c-format
+msgid "time stamp too far in the future: %20.20s"
+msgstr "временска ознака је превише у будућности: %20.20s"
+
+#: plugins/sudoers/timestamp.c:877
+#, c-format
+msgid "unable to lock time stamp file %s"
+msgstr "не могу да закључам датотеку временске ознаке „%s“"
+
+#: plugins/sudoers/timestamp.c:921 plugins/sudoers/timestamp.c:941
+#, c-format
+msgid "lecture status path too long: %s/%s"
+msgstr "путања стања обучавања је предуга: %s/%s"
+
+#: plugins/sudoers/visudo.c:188
+#, c-format
+msgid "%s grammar version %d\n"
+msgstr "%s граматика издање %d\n"
+
+#: plugins/sudoers/visudo.c:266 plugins/sudoers/visudo.c:667
+#, c-format
+msgid "press return to edit %s: "
+msgstr "притисните „унеси“ да уредите „%s“: "
+
+#: plugins/sudoers/visudo.c:331
+#, c-format
+msgid "specified editor (%s) doesn't exist"
+msgstr "наведени уређивач (%s) не постоји"
+
+#: plugins/sudoers/visudo.c:349
+#, c-format
+msgid "no editor found (editor path = %s)"
+msgstr "нисам пронашао уређивача (путања уређивача = %s)"
+
+#: plugins/sudoers/visudo.c:459 plugins/sudoers/visudo.c:467
+msgid "write error"
+msgstr "грешка писања"
+
+#: plugins/sudoers/visudo.c:513
+#, c-format
+msgid "unable to stat temporary file (%s), %s unchanged"
+msgstr "не могу да добавим податке привремене датотеке (%s), %s је неизмењено"
+
+#: plugins/sudoers/visudo.c:520
+#, c-format
+msgid "zero length temporary file (%s), %s unchanged"
+msgstr "привремена датотека нулте дужине (%s), %s је неизмењено"
+
+#: plugins/sudoers/visudo.c:526
+#, c-format
+msgid "editor (%s) failed, %s unchanged"
+msgstr "уређивач (%s) није успео, %s је неизмењено"
+
+#: plugins/sudoers/visudo.c:548
+#, c-format
+msgid "%s unchanged"
+msgstr "„%s“ је неизмењено"
+
+#: plugins/sudoers/visudo.c:607
+#, c-format
+msgid "unable to re-open temporary file (%s), %s unchanged."
+msgstr "не могу поново да отворим привремену датотеку (%s), %s је неизмењено."
+
+#: plugins/sudoers/visudo.c:619
+#, c-format
+msgid "unabled to parse temporary file (%s), unknown error"
+msgstr "не могу да обрадим привремену датотеку (%s), непозната грешка"
+
+#: plugins/sudoers/visudo.c:656
+#, c-format
+msgid "internal error, unable to find %s in list!"
+msgstr "унутрашња грешка, не могу да пронађем „%s“ на списку!"
+
+#: plugins/sudoers/visudo.c:736 plugins/sudoers/visudo.c:745
+#, c-format
+msgid "unable to set (uid, gid) of %s to (%u, %u)"
+msgstr "не могу да подесим (јиб, гиб) за %s на (%u, %u)"
+
+#: plugins/sudoers/visudo.c:767
+#, c-format
+msgid "%s and %s not on the same file system, using mv to rename"
+msgstr "„%s“ и „%s“ нису на истом систему датотека, користим „mv“ за преименовање"
+
+#: plugins/sudoers/visudo.c:781
+#, c-format
+msgid "command failed: '%s %s %s', %s unchanged"
+msgstr "наредба није успела: „%s %s %s“, %s је неизмењено"
+
+#: plugins/sudoers/visudo.c:791
+#, c-format
+msgid "error renaming %s, %s unchanged"
+msgstr "грешка преименовања „%s“, %s је неизмењено"
+
+#: plugins/sudoers/visudo.c:855
+msgid "What now? "
+msgstr "Шта сада? "
+
+#: plugins/sudoers/visudo.c:869
+msgid ""
+"Options are:\n"
+"  (e)dit sudoers file again\n"
+"  e(x)it without saving changes to sudoers file\n"
+"  (Q)uit and save changes to sudoers file (DANGER!)\n"
+msgstr ""
+"Опције су:\n"
+"  e — опет уређује датотеку судоерса\n"
+"  x — излази без чувања измена у датотеци судоерса\n"
+"  Q — прекида и чува измене у датотеци судоерса (ОПАСНО!)\n"
+
+#: plugins/sudoers/visudo.c:915
+#, c-format
+msgid "unable to run %s"
+msgstr "не могу да покренем %s"
+
+#: plugins/sudoers/visudo.c:945
+#, c-format
+msgid "%s: wrong owner (uid, gid) should be (%u, %u)\n"
+msgstr "%s: погрешан власник (јиб, гиб) треба бити (%u, %u)\n"
+
+#: plugins/sudoers/visudo.c:952
+#, c-format
+msgid "%s: bad permissions, should be mode 0%o\n"
+msgstr "%s: лоша овлашћења, требају бити у режиму 0%o\n"
+
+#: plugins/sudoers/visudo.c:981 plugins/sudoers/visudo_json.c:1021
+#, c-format
+msgid "failed to parse %s file, unknown error"
+msgstr "нисам успео да обрадим %s датотеку, непозната грешка"
+
+#: plugins/sudoers/visudo.c:997 plugins/sudoers/visudo_json.c:1032
+#, c-format
+msgid "parse error in %s near line %d\n"
+msgstr "грешка обраде у %s близу реда %d\n"
+
+#: plugins/sudoers/visudo.c:1000 plugins/sudoers/visudo_json.c:1035
+#, c-format
+msgid "parse error in %s\n"
+msgstr "грешка обраде у %s\n"
+
+#: plugins/sudoers/visudo.c:1008 plugins/sudoers/visudo.c:1015
+#, c-format
+msgid "%s: parsed OK\n"
+msgstr "%s: успешно је обрађено\n"
+
+#: plugins/sudoers/visudo.c:1062
+#, c-format
+msgid "%s busy, try again later"
+msgstr "„%s“ је заузет, покушајте касније"
+
+#: plugins/sudoers/visudo.c:1159
+#, c-format
+msgid "Error: %s:%d cycle in %s \"%s\""
+msgstr "Грешка: %s:%d циклус у „%s“ „%s“"
+
+#: plugins/sudoers/visudo.c:1160
+#, c-format
+msgid "Warning: %s:%d cycle in %s \"%s\""
+msgstr "Упозорење: %s:%d циклус у „%s“ „%s“"
+
+#: plugins/sudoers/visudo.c:1164
+#, c-format
+msgid "Error: %s:%d %s \"%s\" referenced but not defined"
+msgstr "Грешка: %s:%d упута за „%s“ „%s“ постоји али није одређена"
+
+#: plugins/sudoers/visudo.c:1165
+#, c-format
+msgid "Warning: %s:%d %s \"%s\" referenced but not defined"
+msgstr "Упозорење: %s:%d упута за „%s“ „%s“ постоји али није одређена"
+
+#: plugins/sudoers/visudo.c:1318
+#, c-format
+msgid "Warning: %s:%d unused %s \"%s\""
+msgstr "Упозорење: %s:%d некоришћено „%s“ „%s“"
+
+#: plugins/sudoers/visudo.c:1433
+#, c-format
+msgid ""
+"%s - safely edit the sudoers file\n"
+"\n"
+msgstr ""
+"%s — безбедно уређује датотеку судоерса\n"
+"\n"
+
+#: plugins/sudoers/visudo.c:1435
+msgid ""
+"\n"
+"Options:\n"
+"  -c, --check              check-only mode\n"
+"  -f, --file=sudoers       specify sudoers file location\n"
+"  -h, --help               display help message and exit\n"
+"  -q, --quiet              less verbose (quiet) syntax error messages\n"
+"  -s, --strict             strict syntax checking\n"
+"  -V, --version            display version information and exit\n"
+"  -x, --export=output_file write sudoers in JSON format to output_file"
+msgstr ""
+"\n"
+"Опције:\n"
+"  -c, --check           режим само провере\n"
+"  -f, --file=судоерс    наводи место датотеке судоерса\n"
+"  -h, --help            приказује поруку помоћи и излази\n"
+"  -q, --quiet           мање опширне (тихе) поруке грешке синтаксе\n"
+"  -s, --strict          строга провера синтаксе\n"
+"  -V, --version         приказује податке о издању и излази\n"
+"  -x, --export=изл._датотека извози судоерсе у ЈСОН запису"
+
+#: plugins/sudoers/visudo_json.c:616 plugins/sudoers/visudo_json.c:651
+#, c-format
+msgid "unknown defaults entry \"%s\""
+msgstr "непознат унос основности „%s“"
+
+#: plugins/sudoers/visudo_json.c:1007
+#, c-format
+msgid "%s: input and output files must be different"
+msgstr "%s: улазна датотека треба да се разликује од излазне"
+
+#: toke.l:943
+msgid "too many levels of includes"
+msgstr "превише нивоа укључивања"
+
+#~ msgid "Warning: cycle in %s `%s'"
+#~ msgstr "Упозорење: циклус у „%s“ „%s“"
+
+#~ msgid "Warning: %s `%s' referenced but not defined"
+#~ msgstr "Упозорење: упута за „%s“ „%s“ постоји али није одређена"
+
+#~ msgid "Warning: unused %s `%s'"
+#~ msgstr "Упозорење: некоришћено „%s“ „%s“"
+
+#~ msgid "timestamp path too long: %s/%s"
+#~ msgstr "путања временске ознаке је предуга: %s/%s"
+
+#~ msgid "unable to stat editor (%s)"
+#~ msgstr "не могу да добавим податке уређивача (%s)"
+
+#~ msgid "sudo_ldap_conf_add_ports: out of space expanding hostbuf"
+#~ msgstr "sudo_ldap_conf_add_ports: нестаде простора проширујући међумеморију домаћина"
+
+#~ msgid "sudo_ldap_parse_uri: out of space building hostbuf"
+#~ msgstr "sudo_ldap_parse_uri: нестаде простора изграђујући међумеморију домаћина"
+
+#~ msgid "sudo_ldap_build_pass1 allocation mismatch"
+#~ msgstr "не поклапа се додела „sudo_ldap_build_pass1“"
+
+#~ msgid "internal error: insufficient space for log line"
+#~ msgstr "унутрашња грешка: недовољно простора за ред дневника"
+
+#~ msgid "fill_args: buffer overflow"
+#~ msgstr "fill_args: прекорачење међумеморије"
diff --git a/plugins/sudoers/po/sudoers.pot b/plugins/sudoers/po/sudoers.pot
new file mode 100644
index 0000000..d0dc297
--- /dev/null
+++ b/plugins/sudoers/po/sudoers.pot
@@ -0,0 +1,2296 @@
+# Portable object template file for the sudoers plugin
+# This file is put in the public domain.
+# Todd C. Miller <Todd.Miller@sudo.ws>, 2011-2018
+#
+#, fuzzy
+msgid ""
+msgstr ""
+"Project-Id-Version: sudo 1.8.27\n"
+"Report-Msgid-Bugs-To: https://bugzilla.sudo.ws\n"
+"POT-Creation-Date: 2019-01-03 13:24-0700\n"
+"PO-Revision-Date: YEAR-MO-DA HO:MI+ZONE\n"
+"Last-Translator: FULL NAME <EMAIL@ADDRESS>\n"
+"Language-Team: LANGUAGE <LL@li.org>\n"
+"Language: \n"
+"MIME-Version: 1.0\n"
+"Content-Type: text/plain; charset=CHARSET\n"
+"Content-Transfer-Encoding: 8bit\n"
+"Plural-Forms: nplurals=INTEGER; plural=EXPRESSION;\n"
+
+#: confstr.sh:1
+msgid "syntax error"
+msgstr ""
+
+#: confstr.sh:2
+msgid "%p's password: "
+msgstr ""
+
+#: confstr.sh:3
+msgid "[sudo] password for %p: "
+msgstr ""
+
+#: confstr.sh:4
+msgid "Password: "
+msgstr ""
+
+#: confstr.sh:5
+msgid "*** SECURITY information for %h ***"
+msgstr ""
+
+#: confstr.sh:6
+msgid "Sorry, try again."
+msgstr ""
+
+#: gram.y:192 gram.y:240 gram.y:247 gram.y:254 gram.y:261 gram.y:268 gram.y:284
+#: gram.y:308 gram.y:315 gram.y:322 gram.y:329 gram.y:336 gram.y:399 gram.y:407
+#: gram.y:417 gram.y:450 gram.y:457 gram.y:464 gram.y:471 gram.y:553 gram.y:560
+#: gram.y:569 gram.y:578 gram.y:595 gram.y:707 gram.y:714 gram.y:721 gram.y:729
+#: gram.y:829 gram.y:836 gram.y:843 gram.y:850 gram.y:857 gram.y:883 gram.y:890
+#: gram.y:897 gram.y:1020 gram.y:1294 plugins/sudoers/alias.c:130
+#: plugins/sudoers/alias.c:137 plugins/sudoers/alias.c:153
+#: plugins/sudoers/auth/bsdauth.c:146 plugins/sudoers/auth/kerb5.c:121
+#: plugins/sudoers/auth/kerb5.c:147 plugins/sudoers/auth/pam.c:536
+#: plugins/sudoers/auth/rfc1938.c:114 plugins/sudoers/auth/sia.c:62
+#: plugins/sudoers/cvtsudoers.c:123 plugins/sudoers/cvtsudoers.c:164
+#: plugins/sudoers/cvtsudoers.c:181 plugins/sudoers/cvtsudoers.c:192
+#: plugins/sudoers/cvtsudoers.c:304 plugins/sudoers/cvtsudoers.c:432
+#: plugins/sudoers/cvtsudoers.c:565 plugins/sudoers/cvtsudoers.c:582
+#: plugins/sudoers/cvtsudoers.c:645 plugins/sudoers/cvtsudoers.c:760
+#: plugins/sudoers/cvtsudoers.c:768 plugins/sudoers/cvtsudoers.c:1178
+#: plugins/sudoers/cvtsudoers.c:1182 plugins/sudoers/cvtsudoers.c:1284
+#: plugins/sudoers/cvtsudoers_ldif.c:152 plugins/sudoers/cvtsudoers_ldif.c:195
+#: plugins/sudoers/cvtsudoers_ldif.c:242 plugins/sudoers/cvtsudoers_ldif.c:261
+#: plugins/sudoers/cvtsudoers_ldif.c:332 plugins/sudoers/cvtsudoers_ldif.c:387
+#: plugins/sudoers/cvtsudoers_ldif.c:395 plugins/sudoers/cvtsudoers_ldif.c:412
+#: plugins/sudoers/cvtsudoers_ldif.c:421 plugins/sudoers/cvtsudoers_ldif.c:568
+#: plugins/sudoers/defaults.c:661 plugins/sudoers/defaults.c:954
+#: plugins/sudoers/defaults.c:1125 plugins/sudoers/editor.c:70
+#: plugins/sudoers/editor.c:88 plugins/sudoers/editor.c:99
+#: plugins/sudoers/env.c:247 plugins/sudoers/filedigest.c:64
+#: plugins/sudoers/filedigest.c:80 plugins/sudoers/gc.c:57
+#: plugins/sudoers/group_plugin.c:136 plugins/sudoers/interfaces.c:76
+#: plugins/sudoers/iolog.c:939 plugins/sudoers/iolog_path.c:172
+#: plugins/sudoers/iolog_util.c:83 plugins/sudoers/iolog_util.c:122
+#: plugins/sudoers/iolog_util.c:131 plugins/sudoers/iolog_util.c:141
+#: plugins/sudoers/iolog_util.c:149 plugins/sudoers/iolog_util.c:153
+#: plugins/sudoers/ldap.c:183 plugins/sudoers/ldap.c:414
+#: plugins/sudoers/ldap.c:418 plugins/sudoers/ldap.c:430
+#: plugins/sudoers/ldap.c:721 plugins/sudoers/ldap.c:885
+#: plugins/sudoers/ldap.c:1233 plugins/sudoers/ldap.c:1660
+#: plugins/sudoers/ldap.c:1697 plugins/sudoers/ldap.c:1778
+#: plugins/sudoers/ldap.c:1913 plugins/sudoers/ldap.c:2014
+#: plugins/sudoers/ldap.c:2030 plugins/sudoers/ldap_conf.c:221
+#: plugins/sudoers/ldap_conf.c:252 plugins/sudoers/ldap_conf.c:304
+#: plugins/sudoers/ldap_conf.c:340 plugins/sudoers/ldap_conf.c:443
+#: plugins/sudoers/ldap_conf.c:458 plugins/sudoers/ldap_conf.c:555
+#: plugins/sudoers/ldap_conf.c:588 plugins/sudoers/ldap_conf.c:680
+#: plugins/sudoers/ldap_conf.c:762 plugins/sudoers/ldap_util.c:508
+#: plugins/sudoers/ldap_util.c:564 plugins/sudoers/linux_audit.c:81
+#: plugins/sudoers/logging.c:200 plugins/sudoers/logging.c:517
+#: plugins/sudoers/logging.c:543 plugins/sudoers/logging.c:584
+#: plugins/sudoers/logging.c:781 plugins/sudoers/logging.c:1037
+#: plugins/sudoers/match.c:726 plugins/sudoers/match.c:773
+#: plugins/sudoers/match.c:814 plugins/sudoers/match.c:842
+#: plugins/sudoers/match.c:930 plugins/sudoers/match.c:1010
+#: plugins/sudoers/parse.c:195 plugins/sudoers/parse.c:207
+#: plugins/sudoers/parse.c:222 plugins/sudoers/parse.c:234
+#: plugins/sudoers/parse_ldif.c:141 plugins/sudoers/parse_ldif.c:168
+#: plugins/sudoers/parse_ldif.c:237 plugins/sudoers/parse_ldif.c:244
+#: plugins/sudoers/parse_ldif.c:249 plugins/sudoers/parse_ldif.c:325
+#: plugins/sudoers/parse_ldif.c:336 plugins/sudoers/parse_ldif.c:342
+#: plugins/sudoers/parse_ldif.c:367 plugins/sudoers/parse_ldif.c:379
+#: plugins/sudoers/parse_ldif.c:383 plugins/sudoers/parse_ldif.c:397
+#: plugins/sudoers/parse_ldif.c:564 plugins/sudoers/parse_ldif.c:594
+#: plugins/sudoers/parse_ldif.c:619 plugins/sudoers/parse_ldif.c:679
+#: plugins/sudoers/parse_ldif.c:698 plugins/sudoers/parse_ldif.c:744
+#: plugins/sudoers/parse_ldif.c:754 plugins/sudoers/policy.c:502
+#: plugins/sudoers/policy.c:744 plugins/sudoers/prompt.c:98
+#: plugins/sudoers/pwutil.c:197 plugins/sudoers/pwutil.c:269
+#: plugins/sudoers/pwutil.c:346 plugins/sudoers/pwutil.c:520
+#: plugins/sudoers/pwutil.c:586 plugins/sudoers/pwutil.c:656
+#: plugins/sudoers/pwutil.c:814 plugins/sudoers/pwutil.c:871
+#: plugins/sudoers/pwutil.c:916 plugins/sudoers/pwutil.c:974
+#: plugins/sudoers/sssd.c:152 plugins/sudoers/sssd.c:398
+#: plugins/sudoers/sssd.c:461 plugins/sudoers/sssd.c:505
+#: plugins/sudoers/sssd.c:552 plugins/sudoers/sssd.c:743
+#: plugins/sudoers/stubs.c:101 plugins/sudoers/stubs.c:109
+#: plugins/sudoers/sudoers.c:269 plugins/sudoers/sudoers.c:279
+#: plugins/sudoers/sudoers.c:288 plugins/sudoers/sudoers.c:330
+#: plugins/sudoers/sudoers.c:653 plugins/sudoers/sudoers.c:779
+#: plugins/sudoers/sudoers.c:823 plugins/sudoers/sudoers.c:1099
+#: plugins/sudoers/sudoers_debug.c:112 plugins/sudoers/sudoreplay.c:579
+#: plugins/sudoers/sudoreplay.c:582 plugins/sudoers/sudoreplay.c:1259
+#: plugins/sudoers/sudoreplay.c:1459 plugins/sudoers/sudoreplay.c:1463
+#: plugins/sudoers/testsudoers.c:134 plugins/sudoers/testsudoers.c:234
+#: plugins/sudoers/testsudoers.c:251 plugins/sudoers/testsudoers.c:585
+#: plugins/sudoers/timestamp.c:437 plugins/sudoers/timestamp.c:481
+#: plugins/sudoers/timestamp.c:958 plugins/sudoers/toke_util.c:57
+#: plugins/sudoers/toke_util.c:110 plugins/sudoers/toke_util.c:147
+#: plugins/sudoers/tsdump.c:128 plugins/sudoers/visudo.c:150
+#: plugins/sudoers/visudo.c:326 plugins/sudoers/visudo.c:332
+#: plugins/sudoers/visudo.c:442 plugins/sudoers/visudo.c:620
+#: plugins/sudoers/visudo.c:940 plugins/sudoers/visudo.c:1027
+#: plugins/sudoers/visudo.c:1116 toke.l:844 toke.l:945 toke.l:1102
+msgid "unable to allocate memory"
+msgstr ""
+
+#: gram.y:482
+msgid "a digest requires a path name"
+msgstr ""
+
+#: gram.y:608
+msgid "invalid notbefore value"
+msgstr ""
+
+#: gram.y:616
+msgid "invalid notafter value"
+msgstr ""
+
+#: gram.y:625 plugins/sudoers/policy.c:318
+msgid "timeout value too large"
+msgstr ""
+
+#: gram.y:627 plugins/sudoers/policy.c:320
+msgid "invalid timeout value"
+msgstr ""
+
+#: gram.y:1294 plugins/sudoers/auth/pam.c:366 plugins/sudoers/auth/pam.c:536
+#: plugins/sudoers/auth/rfc1938.c:114 plugins/sudoers/cvtsudoers.c:123
+#: plugins/sudoers/cvtsudoers.c:163 plugins/sudoers/cvtsudoers.c:180
+#: plugins/sudoers/cvtsudoers.c:191 plugins/sudoers/cvtsudoers.c:303
+#: plugins/sudoers/cvtsudoers.c:431 plugins/sudoers/cvtsudoers.c:564
+#: plugins/sudoers/cvtsudoers.c:581 plugins/sudoers/cvtsudoers.c:645
+#: plugins/sudoers/cvtsudoers.c:760 plugins/sudoers/cvtsudoers.c:767
+#: plugins/sudoers/cvtsudoers.c:1178 plugins/sudoers/cvtsudoers.c:1182
+#: plugins/sudoers/cvtsudoers.c:1284 plugins/sudoers/cvtsudoers_ldif.c:151
+#: plugins/sudoers/cvtsudoers_ldif.c:194 plugins/sudoers/cvtsudoers_ldif.c:241
+#: plugins/sudoers/cvtsudoers_ldif.c:260 plugins/sudoers/cvtsudoers_ldif.c:331
+#: plugins/sudoers/cvtsudoers_ldif.c:386 plugins/sudoers/cvtsudoers_ldif.c:394
+#: plugins/sudoers/cvtsudoers_ldif.c:411 plugins/sudoers/cvtsudoers_ldif.c:420
+#: plugins/sudoers/cvtsudoers_ldif.c:567 plugins/sudoers/defaults.c:661
+#: plugins/sudoers/defaults.c:954 plugins/sudoers/defaults.c:1125
+#: plugins/sudoers/editor.c:70 plugins/sudoers/editor.c:88
+#: plugins/sudoers/editor.c:99 plugins/sudoers/env.c:247
+#: plugins/sudoers/filedigest.c:64 plugins/sudoers/filedigest.c:80
+#: plugins/sudoers/gc.c:57 plugins/sudoers/group_plugin.c:136
+#: plugins/sudoers/interfaces.c:76 plugins/sudoers/iolog.c:939
+#: plugins/sudoers/iolog_path.c:172 plugins/sudoers/iolog_util.c:83
+#: plugins/sudoers/iolog_util.c:122 plugins/sudoers/iolog_util.c:131
+#: plugins/sudoers/iolog_util.c:141 plugins/sudoers/iolog_util.c:149
+#: plugins/sudoers/iolog_util.c:153 plugins/sudoers/ldap.c:183
+#: plugins/sudoers/ldap.c:414 plugins/sudoers/ldap.c:418
+#: plugins/sudoers/ldap.c:430 plugins/sudoers/ldap.c:721
+#: plugins/sudoers/ldap.c:885 plugins/sudoers/ldap.c:1233
+#: plugins/sudoers/ldap.c:1660 plugins/sudoers/ldap.c:1697
+#: plugins/sudoers/ldap.c:1778 plugins/sudoers/ldap.c:1913
+#: plugins/sudoers/ldap.c:2014 plugins/sudoers/ldap.c:2030
+#: plugins/sudoers/ldap_conf.c:221 plugins/sudoers/ldap_conf.c:252
+#: plugins/sudoers/ldap_conf.c:304 plugins/sudoers/ldap_conf.c:340
+#: plugins/sudoers/ldap_conf.c:443 plugins/sudoers/ldap_conf.c:458
+#: plugins/sudoers/ldap_conf.c:555 plugins/sudoers/ldap_conf.c:588
+#: plugins/sudoers/ldap_conf.c:679 plugins/sudoers/ldap_conf.c:762
+#: plugins/sudoers/ldap_util.c:508 plugins/sudoers/ldap_util.c:564
+#: plugins/sudoers/linux_audit.c:81 plugins/sudoers/logging.c:200
+#: plugins/sudoers/logging.c:517 plugins/sudoers/logging.c:543
+#: plugins/sudoers/logging.c:583 plugins/sudoers/logging.c:1037
+#: plugins/sudoers/match.c:725 plugins/sudoers/match.c:772
+#: plugins/sudoers/match.c:814 plugins/sudoers/match.c:842
+#: plugins/sudoers/match.c:930 plugins/sudoers/match.c:1009
+#: plugins/sudoers/parse.c:194 plugins/sudoers/parse.c:206
+#: plugins/sudoers/parse.c:221 plugins/sudoers/parse.c:233
+#: plugins/sudoers/parse_ldif.c:140 plugins/sudoers/parse_ldif.c:167
+#: plugins/sudoers/parse_ldif.c:236 plugins/sudoers/parse_ldif.c:243
+#: plugins/sudoers/parse_ldif.c:248 plugins/sudoers/parse_ldif.c:324
+#: plugins/sudoers/parse_ldif.c:335 plugins/sudoers/parse_ldif.c:341
+#: plugins/sudoers/parse_ldif.c:366 plugins/sudoers/parse_ldif.c:378
+#: plugins/sudoers/parse_ldif.c:382 plugins/sudoers/parse_ldif.c:396
+#: plugins/sudoers/parse_ldif.c:564 plugins/sudoers/parse_ldif.c:593
+#: plugins/sudoers/parse_ldif.c:618 plugins/sudoers/parse_ldif.c:678
+#: plugins/sudoers/parse_ldif.c:697 plugins/sudoers/parse_ldif.c:743
+#: plugins/sudoers/parse_ldif.c:753 plugins/sudoers/policy.c:132
+#: plugins/sudoers/policy.c:141 plugins/sudoers/policy.c:150
+#: plugins/sudoers/policy.c:176 plugins/sudoers/policy.c:303
+#: plugins/sudoers/policy.c:318 plugins/sudoers/policy.c:320
+#: plugins/sudoers/policy.c:346 plugins/sudoers/policy.c:356
+#: plugins/sudoers/policy.c:400 plugins/sudoers/policy.c:410
+#: plugins/sudoers/policy.c:419 plugins/sudoers/policy.c:428
+#: plugins/sudoers/policy.c:502 plugins/sudoers/policy.c:744
+#: plugins/sudoers/prompt.c:98 plugins/sudoers/pwutil.c:197
+#: plugins/sudoers/pwutil.c:269 plugins/sudoers/pwutil.c:346
+#: plugins/sudoers/pwutil.c:520 plugins/sudoers/pwutil.c:586
+#: plugins/sudoers/pwutil.c:656 plugins/sudoers/pwutil.c:814
+#: plugins/sudoers/pwutil.c:871 plugins/sudoers/pwutil.c:916
+#: plugins/sudoers/pwutil.c:974 plugins/sudoers/set_perms.c:392
+#: plugins/sudoers/set_perms.c:771 plugins/sudoers/set_perms.c:1155
+#: plugins/sudoers/set_perms.c:1481 plugins/sudoers/set_perms.c:1646
+#: plugins/sudoers/sssd.c:151 plugins/sudoers/sssd.c:398
+#: plugins/sudoers/sssd.c:461 plugins/sudoers/sssd.c:505
+#: plugins/sudoers/sssd.c:552 plugins/sudoers/sssd.c:743
+#: plugins/sudoers/stubs.c:101 plugins/sudoers/stubs.c:109
+#: plugins/sudoers/sudoers.c:269 plugins/sudoers/sudoers.c:279
+#: plugins/sudoers/sudoers.c:288 plugins/sudoers/sudoers.c:330
+#: plugins/sudoers/sudoers.c:653 plugins/sudoers/sudoers.c:779
+#: plugins/sudoers/sudoers.c:823 plugins/sudoers/sudoers.c:1099
+#: plugins/sudoers/sudoers_debug.c:111 plugins/sudoers/sudoreplay.c:579
+#: plugins/sudoers/sudoreplay.c:582 plugins/sudoers/sudoreplay.c:1259
+#: plugins/sudoers/sudoreplay.c:1459 plugins/sudoers/sudoreplay.c:1463
+#: plugins/sudoers/testsudoers.c:134 plugins/sudoers/testsudoers.c:234
+#: plugins/sudoers/testsudoers.c:251 plugins/sudoers/testsudoers.c:585
+#: plugins/sudoers/timestamp.c:437 plugins/sudoers/timestamp.c:481
+#: plugins/sudoers/timestamp.c:958 plugins/sudoers/toke_util.c:57
+#: plugins/sudoers/toke_util.c:110 plugins/sudoers/toke_util.c:147
+#: plugins/sudoers/tsdump.c:128 plugins/sudoers/visudo.c:150
+#: plugins/sudoers/visudo.c:326 plugins/sudoers/visudo.c:332
+#: plugins/sudoers/visudo.c:442 plugins/sudoers/visudo.c:620
+#: plugins/sudoers/visudo.c:940 plugins/sudoers/visudo.c:1027
+#: plugins/sudoers/visudo.c:1116 toke.l:844 toke.l:945 toke.l:1102
+#, c-format
+msgid "%s: %s"
+msgstr ""
+
+#: plugins/sudoers/alias.c:148
+#, c-format
+msgid "Alias \"%s\" already defined"
+msgstr ""
+
+#: plugins/sudoers/auth/bsdauth.c:73
+#, c-format
+msgid "unable to get login class for user %s"
+msgstr ""
+
+#: plugins/sudoers/auth/bsdauth.c:78
+msgid "unable to begin bsd authentication"
+msgstr ""
+
+#: plugins/sudoers/auth/bsdauth.c:86
+msgid "invalid authentication type"
+msgstr ""
+
+#: plugins/sudoers/auth/bsdauth.c:95
+msgid "unable to initialize BSD authentication"
+msgstr ""
+
+#: plugins/sudoers/auth/bsdauth.c:183
+msgid "your account has expired"
+msgstr ""
+
+#: plugins/sudoers/auth/bsdauth.c:185
+msgid "approval failed"
+msgstr ""
+
+#: plugins/sudoers/auth/fwtk.c:57
+msgid "unable to read fwtk config"
+msgstr ""
+
+#: plugins/sudoers/auth/fwtk.c:62
+msgid "unable to connect to authentication server"
+msgstr ""
+
+#: plugins/sudoers/auth/fwtk.c:68 plugins/sudoers/auth/fwtk.c:92
+#: plugins/sudoers/auth/fwtk.c:124
+msgid "lost connection to authentication server"
+msgstr ""
+
+#: plugins/sudoers/auth/fwtk.c:72
+#, c-format
+msgid ""
+"authentication server error:\n"
+"%s"
+msgstr ""
+
+#: plugins/sudoers/auth/kerb5.c:113
+#, c-format
+msgid "%s: unable to convert principal to string ('%s'): %s"
+msgstr ""
+
+#: plugins/sudoers/auth/kerb5.c:163
+#, c-format
+msgid "%s: unable to parse '%s': %s"
+msgstr ""
+
+#: plugins/sudoers/auth/kerb5.c:172
+#, c-format
+msgid "%s: unable to resolve credential cache: %s"
+msgstr ""
+
+#: plugins/sudoers/auth/kerb5.c:219
+#, c-format
+msgid "%s: unable to allocate options: %s"
+msgstr ""
+
+#: plugins/sudoers/auth/kerb5.c:234
+#, c-format
+msgid "%s: unable to get credentials: %s"
+msgstr ""
+
+#: plugins/sudoers/auth/kerb5.c:247
+#, c-format
+msgid "%s: unable to initialize credential cache: %s"
+msgstr ""
+
+#: plugins/sudoers/auth/kerb5.c:250
+#, c-format
+msgid "%s: unable to store credential in cache: %s"
+msgstr ""
+
+#: plugins/sudoers/auth/kerb5.c:314
+#, c-format
+msgid "%s: unable to get host principal: %s"
+msgstr ""
+
+#: plugins/sudoers/auth/kerb5.c:328
+#, c-format
+msgid "%s: Cannot verify TGT! Possible attack!: %s"
+msgstr ""
+
+#: plugins/sudoers/auth/pam.c:113
+msgid "unable to initialize PAM"
+msgstr ""
+
+#: plugins/sudoers/auth/pam.c:204
+#, c-format
+msgid "PAM authentication error: %s"
+msgstr ""
+
+#: plugins/sudoers/auth/pam.c:222
+msgid "account validation failure, is your account locked?"
+msgstr ""
+
+#: plugins/sudoers/auth/pam.c:233
+msgid "Account or password is expired, reset your password and try again"
+msgstr ""
+
+#: plugins/sudoers/auth/pam.c:241
+#, c-format
+msgid "unable to change expired password: %s"
+msgstr ""
+
+#: plugins/sudoers/auth/pam.c:252
+msgid "Password expired, contact your system administrator"
+msgstr ""
+
+#: plugins/sudoers/auth/pam.c:257
+msgid ""
+"Account expired or PAM config lacks an \"account\" section for sudo, contact "
+"your system administrator"
+msgstr ""
+
+#: plugins/sudoers/auth/pam.c:265 plugins/sudoers/auth/pam.c:271
+#, c-format
+msgid "PAM account management error: %s"
+msgstr ""
+
+#: plugins/sudoers/auth/rfc1938.c:102 plugins/sudoers/visudo.c:246
+#, c-format
+msgid "you do not exist in the %s database"
+msgstr ""
+
+#: plugins/sudoers/auth/securid5.c:75
+msgid "failed to initialise the ACE API library"
+msgstr ""
+
+#: plugins/sudoers/auth/securid5.c:101
+msgid "unable to contact the SecurID server"
+msgstr ""
+
+#: plugins/sudoers/auth/securid5.c:110
+msgid "User ID locked for SecurID Authentication"
+msgstr ""
+
+#: plugins/sudoers/auth/securid5.c:114 plugins/sudoers/auth/securid5.c:165
+msgid "invalid username length for SecurID"
+msgstr ""
+
+#: plugins/sudoers/auth/securid5.c:118 plugins/sudoers/auth/securid5.c:170
+msgid "invalid Authentication Handle for SecurID"
+msgstr ""
+
+#: plugins/sudoers/auth/securid5.c:122
+msgid "SecurID communication failed"
+msgstr ""
+
+#: plugins/sudoers/auth/securid5.c:126 plugins/sudoers/auth/securid5.c:215
+msgid "unknown SecurID error"
+msgstr ""
+
+#: plugins/sudoers/auth/securid5.c:160
+msgid "invalid passcode length for SecurID"
+msgstr ""
+
+#: plugins/sudoers/auth/sia.c:72 plugins/sudoers/auth/sia.c:127
+msgid "unable to initialize SIA session"
+msgstr ""
+
+#: plugins/sudoers/auth/sudo_auth.c:136
+msgid "invalid authentication methods"
+msgstr ""
+
+#: plugins/sudoers/auth/sudo_auth.c:138
+msgid ""
+"Invalid authentication methods compiled into sudo!  You may not mix "
+"standalone and non-standalone authentication."
+msgstr ""
+
+#: plugins/sudoers/auth/sudo_auth.c:259 plugins/sudoers/auth/sudo_auth.c:309
+msgid "no authentication methods"
+msgstr ""
+
+#: plugins/sudoers/auth/sudo_auth.c:261
+msgid ""
+"There are no authentication methods compiled into sudo!  If you want to turn "
+"off authentication, use the --disable-authentication configure option."
+msgstr ""
+
+#: plugins/sudoers/auth/sudo_auth.c:311
+msgid "Unable to initialize authentication methods."
+msgstr ""
+
+#: plugins/sudoers/auth/sudo_auth.c:477
+msgid "Authentication methods:"
+msgstr ""
+
+#: plugins/sudoers/bsm_audit.c:123 plugins/sudoers/bsm_audit.c:215
+msgid "Could not determine audit condition"
+msgstr ""
+
+#: plugins/sudoers/bsm_audit.c:188 plugins/sudoers/bsm_audit.c:279
+msgid "unable to commit audit record"
+msgstr ""
+
+#: plugins/sudoers/check.c:267
+msgid ""
+"\n"
+"We trust you have received the usual lecture from the local System\n"
+"Administrator. It usually boils down to these three things:\n"
+"\n"
+"    #1) Respect the privacy of others.\n"
+"    #2) Think before you type.\n"
+"    #3) With great power comes great responsibility.\n"
+"\n"
+msgstr ""
+
+#: plugins/sudoers/check.c:310 plugins/sudoers/check.c:320
+#: plugins/sudoers/sudoers.c:696 plugins/sudoers/sudoers.c:741
+#: plugins/sudoers/tsdump.c:124
+#, c-format
+msgid "unknown uid: %u"
+msgstr ""
+
+#: plugins/sudoers/check.c:315 plugins/sudoers/iolog.c:253
+#: plugins/sudoers/policy.c:915 plugins/sudoers/sudoers.c:1138
+#: plugins/sudoers/testsudoers.c:225 plugins/sudoers/testsudoers.c:398
+#, c-format
+msgid "unknown user: %s"
+msgstr ""
+
+#: plugins/sudoers/cvtsudoers.c:198
+#, c-format
+msgid "order increment: %s: %s"
+msgstr ""
+
+#: plugins/sudoers/cvtsudoers.c:214
+#, c-format
+msgid "starting order: %s: %s"
+msgstr ""
+
+#: plugins/sudoers/cvtsudoers.c:224
+#, c-format
+msgid "order padding: %s: %s"
+msgstr ""
+
+#: plugins/sudoers/cvtsudoers.c:232 plugins/sudoers/sudoreplay.c:287
+#: plugins/sudoers/visudo.c:182
+#, c-format
+msgid "%s version %s\n"
+msgstr ""
+
+#: plugins/sudoers/cvtsudoers.c:234 plugins/sudoers/visudo.c:184
+#, c-format
+msgid "%s grammar version %d\n"
+msgstr ""
+
+#: plugins/sudoers/cvtsudoers.c:251 plugins/sudoers/testsudoers.c:173
+#, c-format
+msgid "unsupported input format %s"
+msgstr ""
+
+#: plugins/sudoers/cvtsudoers.c:266
+#, c-format
+msgid "unsupported output format %s"
+msgstr ""
+
+#: plugins/sudoers/cvtsudoers.c:318
+#, c-format
+msgid "%s: input and output files must be different"
+msgstr ""
+
+#: plugins/sudoers/cvtsudoers.c:334 plugins/sudoers/sudoers.c:172
+#: plugins/sudoers/testsudoers.c:264 plugins/sudoers/visudo.c:252
+#: plugins/sudoers/visudo.c:608 plugins/sudoers/visudo.c:931
+msgid "unable to initialize sudoers default values"
+msgstr ""
+
+#: plugins/sudoers/cvtsudoers.c:420 plugins/sudoers/ldap_conf.c:433
+#, c-format
+msgid "%s: %s: %s: %s"
+msgstr ""
+
+#: plugins/sudoers/cvtsudoers.c:479
+#, c-format
+msgid "%s: unknown key word: %s"
+msgstr ""
+
+#: plugins/sudoers/cvtsudoers.c:525
+#, c-format
+msgid "invalid defaults type: %s"
+msgstr ""
+
+#: plugins/sudoers/cvtsudoers.c:548
+#, c-format
+msgid "invalid suppression type: %s"
+msgstr ""
+
+#: plugins/sudoers/cvtsudoers.c:588 plugins/sudoers/cvtsudoers.c:602
+#, c-format
+msgid "invalid filter: %s"
+msgstr ""
+
+#: plugins/sudoers/cvtsudoers.c:621 plugins/sudoers/cvtsudoers.c:638
+#: plugins/sudoers/cvtsudoers.c:1244 plugins/sudoers/cvtsudoers_json.c:1128
+#: plugins/sudoers/cvtsudoers_ldif.c:641 plugins/sudoers/iolog.c:411
+#: plugins/sudoers/iolog_util.c:72 plugins/sudoers/sudoers.c:903
+#: plugins/sudoers/sudoreplay.c:333 plugins/sudoers/sudoreplay.c:1425
+#: plugins/sudoers/timestamp.c:446 plugins/sudoers/tsdump.c:133
+#: plugins/sudoers/visudo.c:927
+#, c-format
+msgid "unable to open %s"
+msgstr ""
+
+#: plugins/sudoers/cvtsudoers.c:641 plugins/sudoers/visudo.c:936
+#, c-format
+msgid "failed to parse %s file, unknown error"
+msgstr ""
+
+#: plugins/sudoers/cvtsudoers.c:649 plugins/sudoers/visudo.c:953
+#, c-format
+msgid "parse error in %s near line %d\n"
+msgstr ""
+
+#: plugins/sudoers/cvtsudoers.c:652 plugins/sudoers/visudo.c:956
+#, c-format
+msgid "parse error in %s\n"
+msgstr ""
+
+#: plugins/sudoers/cvtsudoers.c:1291 plugins/sudoers/iolog.c:498
+#: plugins/sudoers/sudoreplay.c:1129 plugins/sudoers/timestamp.c:330
+#: plugins/sudoers/timestamp.c:333
+#, c-format
+msgid "unable to write to %s"
+msgstr ""
+
+#: plugins/sudoers/cvtsudoers.c:1314
+#, c-format
+msgid ""
+"%s - convert between sudoers file formats\n"
+"\n"
+msgstr ""
+
+#: plugins/sudoers/cvtsudoers.c:1316
+msgid ""
+"\n"
+"Options:\n"
+"  -b, --base=dn              the base DN for sudo LDAP queries\n"
+"  -c, --config=conf_file     the path to the configuration file\n"
+"  -d, --defaults=deftypes    only convert Defaults of the specified types\n"
+"  -e, --expand-aliases       expand aliases when converting\n"
+"  -f, --output-format=format set output format: JSON, LDIF or sudoers\n"
+"  -i, --input-format=format  set input format: LDIF or sudoers\n"
+"  -I, --increment=num        amount to increase each sudoOrder by\n"
+"  -h, --help                 display help message and exit\n"
+"  -m, --match=filter         only convert entries that match the filter\n"
+"  -M, --match-local          match filter uses passwd and group databases\n"
+"  -o, --output=output_file   write converted sudoers to output_file\n"
+"  -O, --order-start=num      starting point for first sudoOrder\n"
+"  -p, --prune-matches        prune non-matching users, groups and hosts\n"
+"  -P, --padding=num          base padding for sudoOrder increment\n"
+"  -s, --suppress=sections    suppress output of certain sections\n"
+"  -V, --version              display version information and exit"
+msgstr ""
+
+#: plugins/sudoers/cvtsudoers_json.c:682 plugins/sudoers/cvtsudoers_json.c:718
+#: plugins/sudoers/cvtsudoers_json.c:936
+#, c-format
+msgid "unknown defaults entry \"%s\""
+msgstr ""
+
+#: plugins/sudoers/cvtsudoers_json.c:856 plugins/sudoers/cvtsudoers_json.c:871
+#: plugins/sudoers/cvtsudoers_ldif.c:306 plugins/sudoers/cvtsudoers_ldif.c:317
+#: plugins/sudoers/ldap.c:480
+msgid "unable to get GMT time"
+msgstr ""
+
+#: plugins/sudoers/cvtsudoers_json.c:859 plugins/sudoers/cvtsudoers_json.c:874
+#: plugins/sudoers/cvtsudoers_ldif.c:309 plugins/sudoers/cvtsudoers_ldif.c:320
+#: plugins/sudoers/ldap.c:486
+msgid "unable to format timestamp"
+msgstr ""
+
+#: plugins/sudoers/cvtsudoers_ldif.c:524 plugins/sudoers/env.c:309
+#: plugins/sudoers/env.c:316 plugins/sudoers/env.c:421
+#: plugins/sudoers/ldap.c:494 plugins/sudoers/ldap.c:725
+#: plugins/sudoers/ldap.c:1052 plugins/sudoers/ldap_conf.c:225
+#: plugins/sudoers/ldap_conf.c:315 plugins/sudoers/linux_audit.c:87
+#: plugins/sudoers/logging.c:1042 plugins/sudoers/policy.c:623
+#: plugins/sudoers/policy.c:633 plugins/sudoers/prompt.c:166
+#: plugins/sudoers/sudoers.c:845 plugins/sudoers/testsudoers.c:255
+#: plugins/sudoers/toke_util.c:159
+#, c-format
+msgid "internal error, %s overflow"
+msgstr ""
+
+#: plugins/sudoers/cvtsudoers_ldif.c:593
+#, c-format
+msgid "too many sudoers entries, maximum %u"
+msgstr ""
+
+#: plugins/sudoers/cvtsudoers_ldif.c:636
+msgid ""
+"the SUDOERS_BASE environment variable is not set and the -b option was not "
+"specified."
+msgstr ""
+
+#: plugins/sudoers/def_data.c:42
+#, c-format
+msgid "Syslog facility if syslog is being used for logging: %s"
+msgstr ""
+
+#: plugins/sudoers/def_data.c:46
+#, c-format
+msgid "Syslog priority to use when user authenticates successfully: %s"
+msgstr ""
+
+#: plugins/sudoers/def_data.c:50
+#, c-format
+msgid "Syslog priority to use when user authenticates unsuccessfully: %s"
+msgstr ""
+
+#: plugins/sudoers/def_data.c:54
+msgid "Put OTP prompt on its own line"
+msgstr ""
+
+#: plugins/sudoers/def_data.c:58
+msgid "Ignore '.' in $PATH"
+msgstr ""
+
+#: plugins/sudoers/def_data.c:62
+msgid "Always send mail when sudo is run"
+msgstr ""
+
+#: plugins/sudoers/def_data.c:66
+msgid "Send mail if user authentication fails"
+msgstr ""
+
+#: plugins/sudoers/def_data.c:70
+msgid "Send mail if the user is not in sudoers"
+msgstr ""
+
+#: plugins/sudoers/def_data.c:74
+msgid "Send mail if the user is not in sudoers for this host"
+msgstr ""
+
+#: plugins/sudoers/def_data.c:78
+msgid "Send mail if the user is not allowed to run a command"
+msgstr ""
+
+#: plugins/sudoers/def_data.c:82
+msgid "Send mail if the user tries to run a command"
+msgstr ""
+
+#: plugins/sudoers/def_data.c:86
+msgid "Use a separate timestamp for each user/tty combo"
+msgstr ""
+
+#: plugins/sudoers/def_data.c:90
+msgid "Lecture user the first time they run sudo"
+msgstr ""
+
+#: plugins/sudoers/def_data.c:94
+#, c-format
+msgid "File containing the sudo lecture: %s"
+msgstr ""
+
+#: plugins/sudoers/def_data.c:98
+msgid "Require users to authenticate by default"
+msgstr ""
+
+#: plugins/sudoers/def_data.c:102
+msgid "Root may run sudo"
+msgstr ""
+
+#: plugins/sudoers/def_data.c:106
+msgid "Log the hostname in the (non-syslog) log file"
+msgstr ""
+
+#: plugins/sudoers/def_data.c:110
+msgid "Log the year in the (non-syslog) log file"
+msgstr ""
+
+#: plugins/sudoers/def_data.c:114
+msgid "If sudo is invoked with no arguments, start a shell"
+msgstr ""
+
+#: plugins/sudoers/def_data.c:118
+msgid "Set $HOME to the target user when starting a shell with -s"
+msgstr ""
+
+#: plugins/sudoers/def_data.c:122
+msgid "Always set $HOME to the target user's home directory"
+msgstr ""
+
+#: plugins/sudoers/def_data.c:126
+msgid "Allow some information gathering to give useful error messages"
+msgstr ""
+
+#: plugins/sudoers/def_data.c:130
+msgid "Require fully-qualified hostnames in the sudoers file"
+msgstr ""
+
+#: plugins/sudoers/def_data.c:134
+msgid "Insult the user when they enter an incorrect password"
+msgstr ""
+
+#: plugins/sudoers/def_data.c:138
+msgid "Only allow the user to run sudo if they have a tty"
+msgstr ""
+
+#: plugins/sudoers/def_data.c:142
+msgid "Visudo will honor the EDITOR environment variable"
+msgstr ""
+
+#: plugins/sudoers/def_data.c:146
+msgid "Prompt for root's password, not the users's"
+msgstr ""
+
+#: plugins/sudoers/def_data.c:150
+msgid "Prompt for the runas_default user's password, not the users's"
+msgstr ""
+
+#: plugins/sudoers/def_data.c:154
+msgid "Prompt for the target user's password, not the users's"
+msgstr ""
+
+#: plugins/sudoers/def_data.c:158
+msgid "Apply defaults in the target user's login class if there is one"
+msgstr ""
+
+#: plugins/sudoers/def_data.c:162
+msgid "Set the LOGNAME and USER environment variables"
+msgstr ""
+
+#: plugins/sudoers/def_data.c:166
+msgid "Only set the effective uid to the target user, not the real uid"
+msgstr ""
+
+#: plugins/sudoers/def_data.c:170
+msgid "Don't initialize the group vector to that of the target user"
+msgstr ""
+
+#: plugins/sudoers/def_data.c:174
+#, c-format
+msgid "Length at which to wrap log file lines (0 for no wrap): %u"
+msgstr ""
+
+#: plugins/sudoers/def_data.c:178
+#, c-format
+msgid "Authentication timestamp timeout: %.1f minutes"
+msgstr ""
+
+#: plugins/sudoers/def_data.c:182
+#, c-format
+msgid "Password prompt timeout: %.1f minutes"
+msgstr ""
+
+#: plugins/sudoers/def_data.c:186
+#, c-format
+msgid "Number of tries to enter a password: %u"
+msgstr ""
+
+#: plugins/sudoers/def_data.c:190
+#, c-format
+msgid "Umask to use or 0777 to use user's: 0%o"
+msgstr ""
+
+#: plugins/sudoers/def_data.c:194
+#, c-format
+msgid "Path to log file: %s"
+msgstr ""
+
+#: plugins/sudoers/def_data.c:198
+#, c-format
+msgid "Path to mail program: %s"
+msgstr ""
+
+#: plugins/sudoers/def_data.c:202
+#, c-format
+msgid "Flags for mail program: %s"
+msgstr ""
+
+#: plugins/sudoers/def_data.c:206
+#, c-format
+msgid "Address to send mail to: %s"
+msgstr ""
+
+#: plugins/sudoers/def_data.c:210
+#, c-format
+msgid "Address to send mail from: %s"
+msgstr ""
+
+#: plugins/sudoers/def_data.c:214
+#, c-format
+msgid "Subject line for mail messages: %s"
+msgstr ""
+
+#: plugins/sudoers/def_data.c:218
+#, c-format
+msgid "Incorrect password message: %s"
+msgstr ""
+
+#: plugins/sudoers/def_data.c:222
+#, c-format
+msgid "Path to lecture status dir: %s"
+msgstr ""
+
+#: plugins/sudoers/def_data.c:226
+#, c-format
+msgid "Path to authentication timestamp dir: %s"
+msgstr ""
+
+#: plugins/sudoers/def_data.c:230
+#, c-format
+msgid "Owner of the authentication timestamp dir: %s"
+msgstr ""
+
+#: plugins/sudoers/def_data.c:234
+#, c-format
+msgid "Users in this group are exempt from password and PATH requirements: %s"
+msgstr ""
+
+#: plugins/sudoers/def_data.c:238
+#, c-format
+msgid "Default password prompt: %s"
+msgstr ""
+
+#: plugins/sudoers/def_data.c:242
+msgid "If set, passprompt will override system prompt in all cases."
+msgstr ""
+
+#: plugins/sudoers/def_data.c:246
+#, c-format
+msgid "Default user to run commands as: %s"
+msgstr ""
+
+#: plugins/sudoers/def_data.c:250
+#, c-format
+msgid "Value to override user's $PATH with: %s"
+msgstr ""
+
+#: plugins/sudoers/def_data.c:254
+#, c-format
+msgid "Path to the editor for use by visudo: %s"
+msgstr ""
+
+#: plugins/sudoers/def_data.c:258
+#, c-format
+msgid "When to require a password for 'list' pseudocommand: %s"
+msgstr ""
+
+#: plugins/sudoers/def_data.c:262
+#, c-format
+msgid "When to require a password for 'verify' pseudocommand: %s"
+msgstr ""
+
+#: plugins/sudoers/def_data.c:266
+msgid "Preload the dummy exec functions contained in the sudo_noexec library"
+msgstr ""
+
+#: plugins/sudoers/def_data.c:270
+msgid "If LDAP directory is up, do we ignore local sudoers file"
+msgstr ""
+
+#: plugins/sudoers/def_data.c:274
+#, c-format
+msgid "File descriptors >= %d will be closed before executing a command"
+msgstr ""
+
+#: plugins/sudoers/def_data.c:278
+msgid "If set, users may override the value of `closefrom' with the -C option"
+msgstr ""
+
+#: plugins/sudoers/def_data.c:282
+msgid "Allow users to set arbitrary environment variables"
+msgstr ""
+
+#: plugins/sudoers/def_data.c:286
+msgid "Reset the environment to a default set of variables"
+msgstr ""
+
+#: plugins/sudoers/def_data.c:290
+msgid "Environment variables to check for sanity:"
+msgstr ""
+
+#: plugins/sudoers/def_data.c:294
+msgid "Environment variables to remove:"
+msgstr ""
+
+#: plugins/sudoers/def_data.c:298
+msgid "Environment variables to preserve:"
+msgstr ""
+
+#: plugins/sudoers/def_data.c:302
+#, c-format
+msgid "SELinux role to use in the new security context: %s"
+msgstr ""
+
+#: plugins/sudoers/def_data.c:306
+#, c-format
+msgid "SELinux type to use in the new security context: %s"
+msgstr ""
+
+#: plugins/sudoers/def_data.c:310
+#, c-format
+msgid "Path to the sudo-specific environment file: %s"
+msgstr ""
+
+#: plugins/sudoers/def_data.c:314
+#, c-format
+msgid "Path to the restricted sudo-specific environment file: %s"
+msgstr ""
+
+#: plugins/sudoers/def_data.c:318
+#, c-format
+msgid "Locale to use while parsing sudoers: %s"
+msgstr ""
+
+#: plugins/sudoers/def_data.c:322
+msgid "Allow sudo to prompt for a password even if it would be visible"
+msgstr ""
+
+#: plugins/sudoers/def_data.c:326
+msgid "Provide visual feedback at the password prompt when there is user input"
+msgstr ""
+
+#: plugins/sudoers/def_data.c:330
+msgid ""
+"Use faster globbing that is less accurate but does not access the filesystem"
+msgstr ""
+
+#: plugins/sudoers/def_data.c:334
+msgid ""
+"The umask specified in sudoers will override the user's, even if it is more "
+"permissive"
+msgstr ""
+
+#: plugins/sudoers/def_data.c:338
+msgid "Log user's input for the command being run"
+msgstr ""
+
+#: plugins/sudoers/def_data.c:342
+msgid "Log the output of the command being run"
+msgstr ""
+
+#: plugins/sudoers/def_data.c:346
+msgid "Compress I/O logs using zlib"
+msgstr ""
+
+#: plugins/sudoers/def_data.c:350
+msgid "Always run commands in a pseudo-tty"
+msgstr ""
+
+#: plugins/sudoers/def_data.c:354
+#, c-format
+msgid "Plugin for non-Unix group support: %s"
+msgstr ""
+
+#: plugins/sudoers/def_data.c:358
+#, c-format
+msgid "Directory in which to store input/output logs: %s"
+msgstr ""
+
+#: plugins/sudoers/def_data.c:362
+#, c-format
+msgid "File in which to store the input/output log: %s"
+msgstr ""
+
+#: plugins/sudoers/def_data.c:366
+msgid "Add an entry to the utmp/utmpx file when allocating a pty"
+msgstr ""
+
+#: plugins/sudoers/def_data.c:370
+msgid "Set the user in utmp to the runas user, not the invoking user"
+msgstr ""
+
+#: plugins/sudoers/def_data.c:374
+#, c-format
+msgid "Set of permitted privileges: %s"
+msgstr ""
+
+#: plugins/sudoers/def_data.c:378
+#, c-format
+msgid "Set of limit privileges: %s"
+msgstr ""
+
+#: plugins/sudoers/def_data.c:382
+msgid "Run commands on a pty in the background"
+msgstr ""
+
+#: plugins/sudoers/def_data.c:386
+#, c-format
+msgid "PAM service name to use: %s"
+msgstr ""
+
+#: plugins/sudoers/def_data.c:390
+#, c-format
+msgid "PAM service name to use for login shells: %s"
+msgstr ""
+
+#: plugins/sudoers/def_data.c:394
+msgid "Attempt to establish PAM credentials for the target user"
+msgstr ""
+
+#: plugins/sudoers/def_data.c:398
+msgid "Create a new PAM session for the command to run in"
+msgstr ""
+
+#: plugins/sudoers/def_data.c:402
+#, c-format
+msgid "Maximum I/O log sequence number: %u"
+msgstr ""
+
+#: plugins/sudoers/def_data.c:406
+msgid "Enable sudoers netgroup support"
+msgstr ""
+
+#: plugins/sudoers/def_data.c:410
+msgid ""
+"Check parent directories for writability when editing files with sudoedit"
+msgstr ""
+
+#: plugins/sudoers/def_data.c:414
+msgid "Follow symbolic links when editing files with sudoedit"
+msgstr ""
+
+#: plugins/sudoers/def_data.c:418
+msgid "Query the group plugin for unknown system groups"
+msgstr ""
+
+#: plugins/sudoers/def_data.c:422
+msgid "Match netgroups based on the entire tuple: user, host and domain"
+msgstr ""
+
+#: plugins/sudoers/def_data.c:426
+msgid "Allow commands to be run even if sudo cannot write to the audit log"
+msgstr ""
+
+#: plugins/sudoers/def_data.c:430
+msgid "Allow commands to be run even if sudo cannot write to the I/O log"
+msgstr ""
+
+#: plugins/sudoers/def_data.c:434
+msgid "Allow commands to be run even if sudo cannot write to the log file"
+msgstr ""
+
+#: plugins/sudoers/def_data.c:438
+msgid "Resolve groups in sudoers and match on the group ID, not the name"
+msgstr ""
+
+#: plugins/sudoers/def_data.c:442
+#, c-format
+msgid ""
+"Log entries larger than this value will be split into multiple syslog "
+"messages: %u"
+msgstr ""
+
+#: plugins/sudoers/def_data.c:446
+#, c-format
+msgid "User that will own the I/O log files: %s"
+msgstr ""
+
+#: plugins/sudoers/def_data.c:450
+#, c-format
+msgid "Group that will own the I/O log files: %s"
+msgstr ""
+
+#: plugins/sudoers/def_data.c:454
+#, c-format
+msgid "File mode to use for the I/O log files: 0%o"
+msgstr ""
+
+#: plugins/sudoers/def_data.c:458
+#, c-format
+msgid "Execute commands by file descriptor instead of by path: %s"
+msgstr ""
+
+#: plugins/sudoers/def_data.c:462
+msgid ""
+"Ignore unknown Defaults entries in sudoers instead of producing a warning"
+msgstr ""
+
+#: plugins/sudoers/def_data.c:466
+#, c-format
+msgid "Time in seconds after which the command will be terminated: %u"
+msgstr ""
+
+#: plugins/sudoers/def_data.c:470
+msgid "Allow the user to specify a timeout on the command line"
+msgstr ""
+
+#: plugins/sudoers/def_data.c:474
+msgid "Flush I/O log data to disk immediately instead of buffering it"
+msgstr ""
+
+#: plugins/sudoers/def_data.c:478
+msgid "Include the process ID when logging via syslog"
+msgstr ""
+
+#: plugins/sudoers/def_data.c:482
+#, c-format
+msgid "Type of authentication timestamp record: %s"
+msgstr ""
+
+#: plugins/sudoers/def_data.c:486
+#, c-format
+msgid "Authentication failure message: %s"
+msgstr ""
+
+#: plugins/sudoers/def_data.c:490
+msgid "Ignore case when matching user names"
+msgstr ""
+
+#: plugins/sudoers/def_data.c:494
+msgid "Ignore case when matching group names"
+msgstr ""
+
+#: plugins/sudoers/defaults.c:229
+#, c-format
+msgid "%s:%d unknown defaults entry \"%s\""
+msgstr ""
+
+#: plugins/sudoers/defaults.c:232
+#, c-format
+msgid "%s: unknown defaults entry \"%s\""
+msgstr ""
+
+#: plugins/sudoers/defaults.c:275
+#, c-format
+msgid "%s:%d no value specified for \"%s\""
+msgstr ""
+
+#: plugins/sudoers/defaults.c:278
+#, c-format
+msgid "%s: no value specified for \"%s\""
+msgstr ""
+
+#: plugins/sudoers/defaults.c:298
+#, c-format
+msgid "%s:%d values for \"%s\" must start with a '/'"
+msgstr ""
+
+#: plugins/sudoers/defaults.c:301
+#, c-format
+msgid "%s: values for \"%s\" must start with a '/'"
+msgstr ""
+
+#: plugins/sudoers/defaults.c:323
+#, c-format
+msgid "%s:%d option \"%s\" does not take a value"
+msgstr ""
+
+#: plugins/sudoers/defaults.c:326
+#, c-format
+msgid "%s: option \"%s\" does not take a value"
+msgstr ""
+
+#: plugins/sudoers/defaults.c:351
+#, c-format
+msgid "%s:%d invalid Defaults type 0x%x for option \"%s\""
+msgstr ""
+
+#: plugins/sudoers/defaults.c:354
+#, c-format
+msgid "%s: invalid Defaults type 0x%x for option \"%s\""
+msgstr ""
+
+#: plugins/sudoers/defaults.c:364
+#, c-format
+msgid "%s:%d value \"%s\" is invalid for option \"%s\""
+msgstr ""
+
+#: plugins/sudoers/defaults.c:367
+#, c-format
+msgid "%s: value \"%s\" is invalid for option \"%s\""
+msgstr ""
+
+#: plugins/sudoers/env.c:390
+msgid "sudo_putenv: corrupted envp, length mismatch"
+msgstr ""
+
+#: plugins/sudoers/env.c:1111
+msgid "unable to rebuild the environment"
+msgstr ""
+
+#: plugins/sudoers/env.c:1185
+#, c-format
+msgid ""
+"sorry, you are not allowed to set the following environment variables: %s"
+msgstr ""
+
+#: plugins/sudoers/file.c:114
+#, c-format
+msgid "parse error in %s near line %d"
+msgstr ""
+
+#: plugins/sudoers/file.c:117
+#, c-format
+msgid "parse error in %s"
+msgstr ""
+
+#: plugins/sudoers/filedigest.c:59
+#, c-format
+msgid "unsupported digest type %d for %s"
+msgstr ""
+
+#: plugins/sudoers/filedigest.c:88
+#, c-format
+msgid "%s: read error"
+msgstr ""
+
+#: plugins/sudoers/group_plugin.c:88
+#, c-format
+msgid "%s must be owned by uid %d"
+msgstr ""
+
+#: plugins/sudoers/group_plugin.c:92
+#, c-format
+msgid "%s must only be writable by owner"
+msgstr ""
+
+#: plugins/sudoers/group_plugin.c:100 plugins/sudoers/sssd.c:561
+#, c-format
+msgid "unable to load %s: %s"
+msgstr ""
+
+#: plugins/sudoers/group_plugin.c:106
+#, c-format
+msgid "unable to find symbol \"group_plugin\" in %s"
+msgstr ""
+
+#: plugins/sudoers/group_plugin.c:111
+#, c-format
+msgid "%s: incompatible group plugin major version %d, expected %d"
+msgstr ""
+
+#: plugins/sudoers/interfaces.c:84 plugins/sudoers/interfaces.c:101
+#, c-format
+msgid "unable to parse IP address \"%s\""
+msgstr ""
+
+#: plugins/sudoers/interfaces.c:89 plugins/sudoers/interfaces.c:106
+#, c-format
+msgid "unable to parse netmask \"%s\""
+msgstr ""
+
+#: plugins/sudoers/interfaces.c:134
+msgid "Local IP address and netmask pairs:\n"
+msgstr ""
+
+#: plugins/sudoers/iolog.c:115 plugins/sudoers/mkdir_parents.c:80
+#, c-format
+msgid "%s exists but is not a directory (0%o)"
+msgstr ""
+
+#: plugins/sudoers/iolog.c:140 plugins/sudoers/iolog.c:180
+#: plugins/sudoers/mkdir_parents.c:69 plugins/sudoers/timestamp.c:210
+#, c-format
+msgid "unable to mkdir %s"
+msgstr ""
+
+#: plugins/sudoers/iolog.c:184 plugins/sudoers/visudo.c:737
+#: plugins/sudoers/visudo.c:748
+#, c-format
+msgid "unable to change mode of %s to 0%o"
+msgstr ""
+
+#: plugins/sudoers/iolog.c:292 plugins/sudoers/sudoers.c:1169
+#: plugins/sudoers/testsudoers.c:422
+#, c-format
+msgid "unknown group: %s"
+msgstr ""
+
+#: plugins/sudoers/iolog.c:462 plugins/sudoers/sudoers.c:907
+#: plugins/sudoers/sudoreplay.c:840 plugins/sudoers/sudoreplay.c:1536
+#: plugins/sudoers/tsdump.c:143
+#, c-format
+msgid "unable to read %s"
+msgstr ""
+
+#: plugins/sudoers/iolog.c:577 plugins/sudoers/iolog.c:797
+#, c-format
+msgid "unable to create %s"
+msgstr ""
+
+#: plugins/sudoers/iolog.c:820 plugins/sudoers/iolog.c:1035
+#: plugins/sudoers/iolog.c:1111 plugins/sudoers/iolog.c:1205
+#: plugins/sudoers/iolog.c:1265
+#, c-format
+msgid "unable to write to I/O log file: %s"
+msgstr ""
+
+#: plugins/sudoers/iolog.c:1069
+#, c-format
+msgid "%s: internal error, I/O log file for event %d not open"
+msgstr ""
+
+#: plugins/sudoers/iolog.c:1228
+#, c-format
+msgid "%s: internal error, invalid signal %d"
+msgstr ""
+
+#: plugins/sudoers/iolog_util.c:87
+#, c-format
+msgid "%s: invalid log file"
+msgstr ""
+
+#: plugins/sudoers/iolog_util.c:105
+#, c-format
+msgid "%s: time stamp field is missing"
+msgstr ""
+
+#: plugins/sudoers/iolog_util.c:111
+#, c-format
+msgid "%s: time stamp %s: %s"
+msgstr ""
+
+#: plugins/sudoers/iolog_util.c:118
+#, c-format
+msgid "%s: user field is missing"
+msgstr ""
+
+#: plugins/sudoers/iolog_util.c:127
+#, c-format
+msgid "%s: runas user field is missing"
+msgstr ""
+
+#: plugins/sudoers/iolog_util.c:136
+#, c-format
+msgid "%s: runas group field is missing"
+msgstr ""
+
+#: plugins/sudoers/ldap.c:176 plugins/sudoers/ldap_conf.c:294
+msgid "starttls not supported when using ldaps"
+msgstr ""
+
+#: plugins/sudoers/ldap.c:247
+#, c-format
+msgid "unable to initialize SSL cert and key db: %s"
+msgstr ""
+
+#: plugins/sudoers/ldap.c:250
+#, c-format
+msgid "you must set TLS_CERT in %s to use SSL"
+msgstr ""
+
+#: plugins/sudoers/ldap.c:1612
+#, c-format
+msgid "unable to initialize LDAP: %s"
+msgstr ""
+
+#: plugins/sudoers/ldap.c:1648
+msgid ""
+"start_tls specified but LDAP libs do not support ldap_start_tls_s() or "
+"ldap_start_tls_s_np()"
+msgstr ""
+
+#: plugins/sudoers/ldap.c:1785 plugins/sudoers/parse_ldif.c:735
+#, c-format
+msgid "invalid sudoOrder attribute: %s"
+msgstr ""
+
+#: plugins/sudoers/ldap_conf.c:203
+msgid "sudo_ldap_conf_add_ports: port too large"
+msgstr ""
+
+#: plugins/sudoers/ldap_conf.c:263
+#, c-format
+msgid "unsupported LDAP uri type: %s"
+msgstr ""
+
+#: plugins/sudoers/ldap_conf.c:290
+msgid "unable to mix ldap and ldaps URIs"
+msgstr ""
+
+#: plugins/sudoers/ldap_util.c:454 plugins/sudoers/ldap_util.c:456
+#, c-format
+msgid "unable to convert sudoOption: %s%s%s"
+msgstr ""
+
+#: plugins/sudoers/linux_audit.c:57
+msgid "unable to open audit system"
+msgstr ""
+
+#: plugins/sudoers/linux_audit.c:98
+msgid "unable to send audit message"
+msgstr ""
+
+#: plugins/sudoers/logging.c:118
+#, c-format
+msgid "%8s : %s"
+msgstr ""
+
+#: plugins/sudoers/logging.c:146
+#, c-format
+msgid "%8s : (command continued) %s"
+msgstr ""
+
+#: plugins/sudoers/logging.c:175
+#, c-format
+msgid "unable to open log file: %s"
+msgstr ""
+
+#: plugins/sudoers/logging.c:183
+#, c-format
+msgid "unable to lock log file: %s"
+msgstr ""
+
+#: plugins/sudoers/logging.c:216
+#, c-format
+msgid "unable to write log file: %s"
+msgstr ""
+
+#: plugins/sudoers/logging.c:245
+msgid "No user or host"
+msgstr ""
+
+#: plugins/sudoers/logging.c:247
+msgid "validation failure"
+msgstr ""
+
+#: plugins/sudoers/logging.c:254
+msgid "user NOT in sudoers"
+msgstr ""
+
+#: plugins/sudoers/logging.c:256
+msgid "user NOT authorized on host"
+msgstr ""
+
+#: plugins/sudoers/logging.c:258
+msgid "command not allowed"
+msgstr ""
+
+#: plugins/sudoers/logging.c:293
+#, c-format
+msgid "%s is not in the sudoers file.  This incident will be reported.\n"
+msgstr ""
+
+#: plugins/sudoers/logging.c:296
+#, c-format
+msgid "%s is not allowed to run sudo on %s.  This incident will be reported.\n"
+msgstr ""
+
+#: plugins/sudoers/logging.c:300
+#, c-format
+msgid "Sorry, user %s may not run sudo on %s.\n"
+msgstr ""
+
+#: plugins/sudoers/logging.c:303
+#, c-format
+msgid "Sorry, user %s is not allowed to execute '%s%s%s' as %s%s%s on %s.\n"
+msgstr ""
+
+#: plugins/sudoers/logging.c:340 plugins/sudoers/sudoers.c:438
+#: plugins/sudoers/sudoers.c:440 plugins/sudoers/sudoers.c:442
+#: plugins/sudoers/sudoers.c:444 plugins/sudoers/sudoers.c:599
+#: plugins/sudoers/sudoers.c:601
+#, c-format
+msgid "%s: command not found"
+msgstr ""
+
+#: plugins/sudoers/logging.c:342 plugins/sudoers/sudoers.c:434
+#, c-format
+msgid ""
+"ignoring \"%s\" found in '.'\n"
+"Use \"sudo ./%s\" if this is the \"%s\" you wish to run."
+msgstr ""
+
+#: plugins/sudoers/logging.c:359
+msgid "authentication failure"
+msgstr ""
+
+#: plugins/sudoers/logging.c:385
+msgid "a password is required"
+msgstr ""
+
+#: plugins/sudoers/logging.c:448
+#, c-format
+msgid "%u incorrect password attempt"
+msgid_plural "%u incorrect password attempts"
+msgstr[0] ""
+msgstr[1] ""
+
+#: plugins/sudoers/logging.c:695
+msgid "unable to fork"
+msgstr ""
+
+#: plugins/sudoers/logging.c:703 plugins/sudoers/logging.c:755
+#, c-format
+msgid "unable to fork: %m"
+msgstr ""
+
+#: plugins/sudoers/logging.c:745
+#, c-format
+msgid "unable to open pipe: %m"
+msgstr ""
+
+#: plugins/sudoers/logging.c:770
+#, c-format
+msgid "unable to dup stdin: %m"
+msgstr ""
+
+#: plugins/sudoers/logging.c:808
+#, c-format
+msgid "unable to execute %s: %m"
+msgstr ""
+
+#: plugins/sudoers/match.c:875
+#, c-format
+msgid "digest for %s (%s) is not in %s form"
+msgstr ""
+
+#: plugins/sudoers/mkdir_parents.c:75 plugins/sudoers/sudoers.c:918
+#: plugins/sudoers/visudo.c:435 plugins/sudoers/visudo.c:731
+#, c-format
+msgid "unable to stat %s"
+msgstr ""
+
+#: plugins/sudoers/parse.c:444
+#, c-format
+msgid ""
+"\n"
+"LDAP Role: %s\n"
+msgstr ""
+
+#: plugins/sudoers/parse.c:447
+#, c-format
+msgid ""
+"\n"
+"Sudoers entry:\n"
+msgstr ""
+
+#: plugins/sudoers/parse.c:449
+#, c-format
+msgid "    RunAsUsers: "
+msgstr ""
+
+#: plugins/sudoers/parse.c:464
+#, c-format
+msgid "    RunAsGroups: "
+msgstr ""
+
+#: plugins/sudoers/parse.c:474
+#, c-format
+msgid "    Options: "
+msgstr ""
+
+#: plugins/sudoers/parse.c:528
+#, c-format
+msgid "    Commands:\n"
+msgstr ""
+
+#: plugins/sudoers/parse.c:719
+#, c-format
+msgid "Matching Defaults entries for %s on %s:\n"
+msgstr ""
+
+#: plugins/sudoers/parse.c:737
+#, c-format
+msgid "Runas and Command-specific defaults for %s:\n"
+msgstr ""
+
+#: plugins/sudoers/parse.c:755
+#, c-format
+msgid "User %s may run the following commands on %s:\n"
+msgstr ""
+
+#: plugins/sudoers/parse.c:770
+#, c-format
+msgid "User %s is not allowed to run sudo on %s.\n"
+msgstr ""
+
+#: plugins/sudoers/parse_ldif.c:145
+#, c-format
+msgid "ignoring invalid attribute value: %s"
+msgstr ""
+
+#: plugins/sudoers/parse_ldif.c:584
+#, c-format
+msgid "ignoring incomplete sudoRole: cn: %s"
+msgstr ""
+
+#: plugins/sudoers/policy.c:88 plugins/sudoers/policy.c:114
+#, c-format
+msgid "invalid %.*s set by sudo front-end"
+msgstr ""
+
+#: plugins/sudoers/policy.c:293 plugins/sudoers/testsudoers.c:278
+msgid "unable to parse network address list"
+msgstr ""
+
+#: plugins/sudoers/policy.c:437
+msgid "user name not set by sudo front-end"
+msgstr ""
+
+#: plugins/sudoers/policy.c:441
+msgid "user ID not set by sudo front-end"
+msgstr ""
+
+#: plugins/sudoers/policy.c:445
+msgid "group ID not set by sudo front-end"
+msgstr ""
+
+#: plugins/sudoers/policy.c:449
+msgid "host name not set by sudo front-end"
+msgstr ""
+
+#: plugins/sudoers/policy.c:802 plugins/sudoers/visudo.c:234
+#: plugins/sudoers/visudo.c:865
+#, c-format
+msgid "unable to execute %s"
+msgstr ""
+
+#: plugins/sudoers/policy.c:933
+#, c-format
+msgid "Sudoers policy plugin version %s\n"
+msgstr ""
+
+#: plugins/sudoers/policy.c:935
+#, c-format
+msgid "Sudoers file grammar version %d\n"
+msgstr ""
+
+#: plugins/sudoers/policy.c:939
+#, c-format
+msgid ""
+"\n"
+"Sudoers path: %s\n"
+msgstr ""
+
+#: plugins/sudoers/policy.c:942
+#, c-format
+msgid "nsswitch path: %s\n"
+msgstr ""
+
+#: plugins/sudoers/policy.c:944
+#, c-format
+msgid "ldap.conf path: %s\n"
+msgstr ""
+
+#: plugins/sudoers/policy.c:945
+#, c-format
+msgid "ldap.secret path: %s\n"
+msgstr ""
+
+#: plugins/sudoers/policy.c:978
+#, c-format
+msgid "unable to register hook of type %d (version %d.%d)"
+msgstr ""
+
+#: plugins/sudoers/pwutil.c:220 plugins/sudoers/pwutil.c:239
+#, c-format
+msgid "unable to cache uid %u, out of memory"
+msgstr ""
+
+#: plugins/sudoers/pwutil.c:233
+#, c-format
+msgid "unable to cache uid %u, already exists"
+msgstr ""
+
+#: plugins/sudoers/pwutil.c:293 plugins/sudoers/pwutil.c:311
+#: plugins/sudoers/pwutil.c:373 plugins/sudoers/pwutil.c:418
+#, c-format
+msgid "unable to cache user %s, out of memory"
+msgstr ""
+
+#: plugins/sudoers/pwutil.c:306
+#, c-format
+msgid "unable to cache user %s, already exists"
+msgstr ""
+
+#: plugins/sudoers/pwutil.c:537 plugins/sudoers/pwutil.c:556
+#, c-format
+msgid "unable to cache gid %u, out of memory"
+msgstr ""
+
+#: plugins/sudoers/pwutil.c:550
+#, c-format
+msgid "unable to cache gid %u, already exists"
+msgstr ""
+
+#: plugins/sudoers/pwutil.c:604 plugins/sudoers/pwutil.c:622
+#: plugins/sudoers/pwutil.c:669 plugins/sudoers/pwutil.c:711
+#, c-format
+msgid "unable to cache group %s, out of memory"
+msgstr ""
+
+#: plugins/sudoers/pwutil.c:617
+#, c-format
+msgid "unable to cache group %s, already exists"
+msgstr ""
+
+#: plugins/sudoers/pwutil.c:837 plugins/sudoers/pwutil.c:889
+#: plugins/sudoers/pwutil.c:940 plugins/sudoers/pwutil.c:993
+#, c-format
+msgid "unable to cache group list for %s, already exists"
+msgstr ""
+
+#: plugins/sudoers/pwutil.c:843 plugins/sudoers/pwutil.c:894
+#: plugins/sudoers/pwutil.c:946 plugins/sudoers/pwutil.c:998
+#, c-format
+msgid "unable to cache group list for %s, out of memory"
+msgstr ""
+
+#: plugins/sudoers/pwutil.c:883
+#, c-format
+msgid "unable to parse groups for %s"
+msgstr ""
+
+#: plugins/sudoers/pwutil.c:987
+#, c-format
+msgid "unable to parse gids for %s"
+msgstr ""
+
+#: plugins/sudoers/set_perms.c:118 plugins/sudoers/set_perms.c:474
+#: plugins/sudoers/set_perms.c:917 plugins/sudoers/set_perms.c:1244
+#: plugins/sudoers/set_perms.c:1561
+msgid "perm stack overflow"
+msgstr ""
+
+#: plugins/sudoers/set_perms.c:126 plugins/sudoers/set_perms.c:405
+#: plugins/sudoers/set_perms.c:482 plugins/sudoers/set_perms.c:784
+#: plugins/sudoers/set_perms.c:925 plugins/sudoers/set_perms.c:1168
+#: plugins/sudoers/set_perms.c:1252 plugins/sudoers/set_perms.c:1494
+#: plugins/sudoers/set_perms.c:1569 plugins/sudoers/set_perms.c:1659
+msgid "perm stack underflow"
+msgstr ""
+
+#: plugins/sudoers/set_perms.c:185 plugins/sudoers/set_perms.c:528
+#: plugins/sudoers/set_perms.c:1303 plugins/sudoers/set_perms.c:1601
+msgid "unable to change to root gid"
+msgstr ""
+
+#: plugins/sudoers/set_perms.c:274 plugins/sudoers/set_perms.c:625
+#: plugins/sudoers/set_perms.c:1054 plugins/sudoers/set_perms.c:1380
+msgid "unable to change to runas gid"
+msgstr ""
+
+#: plugins/sudoers/set_perms.c:279 plugins/sudoers/set_perms.c:630
+#: plugins/sudoers/set_perms.c:1059 plugins/sudoers/set_perms.c:1385
+msgid "unable to set runas group vector"
+msgstr ""
+
+#: plugins/sudoers/set_perms.c:290 plugins/sudoers/set_perms.c:641
+#: plugins/sudoers/set_perms.c:1068 plugins/sudoers/set_perms.c:1394
+msgid "unable to change to runas uid"
+msgstr ""
+
+#: plugins/sudoers/set_perms.c:308 plugins/sudoers/set_perms.c:659
+#: plugins/sudoers/set_perms.c:1084 plugins/sudoers/set_perms.c:1410
+msgid "unable to change to sudoers gid"
+msgstr ""
+
+#: plugins/sudoers/set_perms.c:392 plugins/sudoers/set_perms.c:771
+#: plugins/sudoers/set_perms.c:1155 plugins/sudoers/set_perms.c:1481
+#: plugins/sudoers/set_perms.c:1646
+msgid "too many processes"
+msgstr ""
+
+#: plugins/sudoers/solaris_audit.c:56
+msgid "unable to get current working directory"
+msgstr ""
+
+#: plugins/sudoers/solaris_audit.c:64
+#, c-format
+msgid "truncated audit path user_cmnd: %s"
+msgstr ""
+
+#: plugins/sudoers/solaris_audit.c:71
+#, c-format
+msgid "truncated audit path argv[0]: %s"
+msgstr ""
+
+#: plugins/sudoers/solaris_audit.c:120
+msgid "audit_failure message too long"
+msgstr ""
+
+#: plugins/sudoers/sssd.c:563
+msgid "unable to initialize SSS source. Is SSSD installed on your machine?"
+msgstr ""
+
+#: plugins/sudoers/sssd.c:571 plugins/sudoers/sssd.c:580
+#: plugins/sudoers/sssd.c:589 plugins/sudoers/sssd.c:598
+#: plugins/sudoers/sssd.c:607
+#, c-format
+msgid "unable to find symbol \"%s\" in %s"
+msgstr ""
+
+#: plugins/sudoers/sudoers.c:208 plugins/sudoers/sudoers.c:864
+msgid "problem with defaults entries"
+msgstr ""
+
+#: plugins/sudoers/sudoers.c:212
+msgid "no valid sudoers sources found, quitting"
+msgstr ""
+
+#: plugins/sudoers/sudoers.c:250
+msgid "sudoers specifies that root is not allowed to sudo"
+msgstr ""
+
+#: plugins/sudoers/sudoers.c:308
+msgid "you are not permitted to use the -C option"
+msgstr ""
+
+#: plugins/sudoers/sudoers.c:355
+#, c-format
+msgid "timestamp owner (%s): No such user"
+msgstr ""
+
+#: plugins/sudoers/sudoers.c:370
+msgid "no tty"
+msgstr ""
+
+#: plugins/sudoers/sudoers.c:371
+msgid "sorry, you must have a tty to run sudo"
+msgstr ""
+
+#: plugins/sudoers/sudoers.c:433
+msgid "command in current directory"
+msgstr ""
+
+#: plugins/sudoers/sudoers.c:452
+msgid "sorry, you are not allowed set a command timeout"
+msgstr ""
+
+#: plugins/sudoers/sudoers.c:460
+msgid "sorry, you are not allowed to preserve the environment"
+msgstr ""
+
+#: plugins/sudoers/sudoers.c:808
+msgid "command too long"
+msgstr ""
+
+#: plugins/sudoers/sudoers.c:922
+#, c-format
+msgid "%s is not a regular file"
+msgstr ""
+
+#: plugins/sudoers/sudoers.c:926 plugins/sudoers/timestamp.c:257 toke.l:965
+#, c-format
+msgid "%s is owned by uid %u, should be %u"
+msgstr ""
+
+#: plugins/sudoers/sudoers.c:930 toke.l:970
+#, c-format
+msgid "%s is world writable"
+msgstr ""
+
+#: plugins/sudoers/sudoers.c:934 toke.l:973
+#, c-format
+msgid "%s is owned by gid %u, should be %u"
+msgstr ""
+
+#: plugins/sudoers/sudoers.c:967
+#, c-format
+msgid "only root can use \"-c %s\""
+msgstr ""
+
+#: plugins/sudoers/sudoers.c:986
+#, c-format
+msgid "unknown login class: %s"
+msgstr ""
+
+#: plugins/sudoers/sudoers.c:1071 plugins/sudoers/sudoers.c:1085
+#, c-format
+msgid "unable to resolve host %s"
+msgstr ""
+
+#: plugins/sudoers/sudoreplay.c:248
+#, c-format
+msgid "invalid filter option: %s"
+msgstr ""
+
+#: plugins/sudoers/sudoreplay.c:261
+#, c-format
+msgid "invalid max wait: %s"
+msgstr ""
+
+#: plugins/sudoers/sudoreplay.c:284
+#, c-format
+msgid "invalid speed factor: %s"
+msgstr ""
+
+#: plugins/sudoers/sudoreplay.c:319
+#, c-format
+msgid "%s/%.2s/%.2s/%.2s/timing: %s"
+msgstr ""
+
+#: plugins/sudoers/sudoreplay.c:325
+#, c-format
+msgid "%s/%s/timing: %s"
+msgstr ""
+
+#: plugins/sudoers/sudoreplay.c:341
+#, c-format
+msgid "Replaying sudo session: %s"
+msgstr ""
+
+#: plugins/sudoers/sudoreplay.c:539 plugins/sudoers/sudoreplay.c:586
+#: plugins/sudoers/sudoreplay.c:783 plugins/sudoers/sudoreplay.c:892
+#: plugins/sudoers/sudoreplay.c:977 plugins/sudoers/sudoreplay.c:992
+#: plugins/sudoers/sudoreplay.c:999 plugins/sudoers/sudoreplay.c:1006
+#: plugins/sudoers/sudoreplay.c:1013 plugins/sudoers/sudoreplay.c:1020
+#: plugins/sudoers/sudoreplay.c:1168
+msgid "unable to add event to queue"
+msgstr ""
+
+#: plugins/sudoers/sudoreplay.c:654
+msgid "unable to set tty to raw mode"
+msgstr ""
+
+#: plugins/sudoers/sudoreplay.c:705
+#, c-format
+msgid "Warning: your terminal is too small to properly replay the log.\n"
+msgstr ""
+
+#: plugins/sudoers/sudoreplay.c:706
+#, c-format
+msgid "Log geometry is %d x %d, your terminal's geometry is %d x %d."
+msgstr ""
+
+#: plugins/sudoers/sudoreplay.c:734
+msgid "Replay finished, press any key to restore the terminal."
+msgstr ""
+
+#: plugins/sudoers/sudoreplay.c:766
+#, c-format
+msgid "invalid timing file line: %s"
+msgstr ""
+
+#: plugins/sudoers/sudoreplay.c:1202 plugins/sudoers/sudoreplay.c:1227
+#, c-format
+msgid "ambiguous expression \"%s\""
+msgstr ""
+
+#: plugins/sudoers/sudoreplay.c:1249
+msgid "unmatched ')' in expression"
+msgstr ""
+
+#: plugins/sudoers/sudoreplay.c:1253
+#, c-format
+msgid "unknown search term \"%s\""
+msgstr ""
+
+#: plugins/sudoers/sudoreplay.c:1268
+#, c-format
+msgid "%s requires an argument"
+msgstr ""
+
+#: plugins/sudoers/sudoreplay.c:1271 plugins/sudoers/sudoreplay.c:1512
+#, c-format
+msgid "invalid regular expression: %s"
+msgstr ""
+
+#: plugins/sudoers/sudoreplay.c:1275
+#, c-format
+msgid "could not parse date \"%s\""
+msgstr ""
+
+#: plugins/sudoers/sudoreplay.c:1284
+msgid "unmatched '(' in expression"
+msgstr ""
+
+#: plugins/sudoers/sudoreplay.c:1286
+msgid "illegal trailing \"or\""
+msgstr ""
+
+#: plugins/sudoers/sudoreplay.c:1288
+msgid "illegal trailing \"!\""
+msgstr ""
+
+#: plugins/sudoers/sudoreplay.c:1338
+#, c-format
+msgid "unknown search type %d"
+msgstr ""
+
+#: plugins/sudoers/sudoreplay.c:1605
+#, c-format
+msgid "usage: %s [-hnRS] [-d dir] [-m num] [-s num] ID\n"
+msgstr ""
+
+#: plugins/sudoers/sudoreplay.c:1608
+#, c-format
+msgid "usage: %s [-h] [-d dir] -l [search expression]\n"
+msgstr ""
+
+#: plugins/sudoers/sudoreplay.c:1617
+#, c-format
+msgid ""
+"%s - replay sudo session logs\n"
+"\n"
+msgstr ""
+
+#: plugins/sudoers/sudoreplay.c:1619
+msgid ""
+"\n"
+"Options:\n"
+"  -d, --directory=dir    specify directory for session logs\n"
+"  -f, --filter=filter    specify which I/O type(s) to display\n"
+"  -h, --help             display help message and exit\n"
+"  -l, --list             list available session IDs, with optional "
+"expression\n"
+"  -m, --max-wait=num     max number of seconds to wait between events\n"
+"  -n, --non-interactive  no prompts, session is sent to the standard output\n"
+"  -R, --no-resize        do not attempt to re-size the terminal\n"
+"  -S, --suspend-wait     wait while the command was suspended\n"
+"  -s, --speed=num        speed up or slow down output\n"
+"  -V, --version          display version information and exit"
+msgstr ""
+
+#: plugins/sudoers/testsudoers.c:360
+msgid "\thost  unmatched"
+msgstr ""
+
+#: plugins/sudoers/testsudoers.c:363
+msgid ""
+"\n"
+"Command allowed"
+msgstr ""
+
+#: plugins/sudoers/testsudoers.c:364
+msgid ""
+"\n"
+"Command denied"
+msgstr ""
+
+#: plugins/sudoers/testsudoers.c:364
+msgid ""
+"\n"
+"Command unmatched"
+msgstr ""
+
+#: plugins/sudoers/timestamp.c:265
+#, c-format
+msgid "%s is group writable"
+msgstr ""
+
+#: plugins/sudoers/timestamp.c:341
+#, c-format
+msgid "unable to truncate time stamp file to %lld bytes"
+msgstr ""
+
+#: plugins/sudoers/timestamp.c:827 plugins/sudoers/timestamp.c:919
+#: plugins/sudoers/visudo.c:496 plugins/sudoers/visudo.c:502
+msgid "unable to read the clock"
+msgstr ""
+
+#: plugins/sudoers/timestamp.c:838
+msgid "ignoring time stamp from the future"
+msgstr ""
+
+#: plugins/sudoers/timestamp.c:861
+#, c-format
+msgid "time stamp too far in the future: %20.20s"
+msgstr ""
+
+#: plugins/sudoers/timestamp.c:983
+#, c-format
+msgid "unable to lock time stamp file %s"
+msgstr ""
+
+#: plugins/sudoers/timestamp.c:1027 plugins/sudoers/timestamp.c:1047
+#, c-format
+msgid "lecture status path too long: %s/%s"
+msgstr ""
+
+#: plugins/sudoers/visudo.c:230
+msgid "the -x option will be removed in a future release"
+msgstr ""
+
+#: plugins/sudoers/visudo.c:231
+msgid "please consider using the cvtsudoers utility instead"
+msgstr ""
+
+#: plugins/sudoers/visudo.c:282 plugins/sudoers/visudo.c:664
+#, c-format
+msgid "press return to edit %s: "
+msgstr ""
+
+#: plugins/sudoers/visudo.c:343
+#, c-format
+msgid "specified editor (%s) doesn't exist"
+msgstr ""
+
+#: plugins/sudoers/visudo.c:345
+#, c-format
+msgid "no editor found (editor path = %s)"
+msgstr ""
+
+#: plugins/sudoers/visudo.c:455 plugins/sudoers/visudo.c:463
+msgid "write error"
+msgstr ""
+
+#: plugins/sudoers/visudo.c:509
+#, c-format
+msgid "unable to stat temporary file (%s), %s unchanged"
+msgstr ""
+
+#: plugins/sudoers/visudo.c:516
+#, c-format
+msgid "zero length temporary file (%s), %s unchanged"
+msgstr ""
+
+#: plugins/sudoers/visudo.c:522
+#, c-format
+msgid "editor (%s) failed, %s unchanged"
+msgstr ""
+
+#: plugins/sudoers/visudo.c:544
+#, c-format
+msgid "%s unchanged"
+msgstr ""
+
+#: plugins/sudoers/visudo.c:603
+#, c-format
+msgid "unable to re-open temporary file (%s), %s unchanged."
+msgstr ""
+
+#: plugins/sudoers/visudo.c:615
+#, c-format
+msgid "unabled to parse temporary file (%s), unknown error"
+msgstr ""
+
+#: plugins/sudoers/visudo.c:653
+#, c-format
+msgid "internal error, unable to find %s in list!"
+msgstr ""
+
+#: plugins/sudoers/visudo.c:733 plugins/sudoers/visudo.c:742
+#, c-format
+msgid "unable to set (uid, gid) of %s to (%u, %u)"
+msgstr ""
+
+#: plugins/sudoers/visudo.c:765
+#, c-format
+msgid "%s and %s not on the same file system, using mv to rename"
+msgstr ""
+
+#: plugins/sudoers/visudo.c:779
+#, c-format
+msgid "command failed: '%s %s %s', %s unchanged"
+msgstr ""
+
+#: plugins/sudoers/visudo.c:789
+#, c-format
+msgid "error renaming %s, %s unchanged"
+msgstr ""
+
+#: plugins/sudoers/visudo.c:810
+msgid "What now? "
+msgstr ""
+
+#: plugins/sudoers/visudo.c:824
+msgid ""
+"Options are:\n"
+"  (e)dit sudoers file again\n"
+"  e(x)it without saving changes to sudoers file\n"
+"  (Q)uit and save changes to sudoers file (DANGER!)\n"
+msgstr ""
+
+#: plugins/sudoers/visudo.c:870
+#, c-format
+msgid "unable to run %s"
+msgstr ""
+
+#: plugins/sudoers/visudo.c:900
+#, c-format
+msgid "%s: wrong owner (uid, gid) should be (%u, %u)\n"
+msgstr ""
+
+#: plugins/sudoers/visudo.c:907
+#, c-format
+msgid "%s: bad permissions, should be mode 0%o\n"
+msgstr ""
+
+#: plugins/sudoers/visudo.c:964 plugins/sudoers/visudo.c:971
+#, c-format
+msgid "%s: parsed OK\n"
+msgstr ""
+
+#: plugins/sudoers/visudo.c:990
+#, c-format
+msgid "%s busy, try again later"
+msgstr ""
+
+#: plugins/sudoers/visudo.c:993
+#, c-format
+msgid "unable to lock %s"
+msgstr ""
+
+#: plugins/sudoers/visudo.c:994
+msgid "Edit anyway? [y/N]"
+msgstr ""
+
+#: plugins/sudoers/visudo.c:1078
+#, c-format
+msgid "Error: %s:%d cycle in %s \"%s\""
+msgstr ""
+
+#: plugins/sudoers/visudo.c:1079
+#, c-format
+msgid "Warning: %s:%d cycle in %s \"%s\""
+msgstr ""
+
+#: plugins/sudoers/visudo.c:1083
+#, c-format
+msgid "Error: %s:%d %s \"%s\" referenced but not defined"
+msgstr ""
+
+#: plugins/sudoers/visudo.c:1084
+#, c-format
+msgid "Warning: %s:%d %s \"%s\" referenced but not defined"
+msgstr ""
+
+#: plugins/sudoers/visudo.c:1175
+#, c-format
+msgid "Warning: %s:%d unused %s \"%s\""
+msgstr ""
+
+#: plugins/sudoers/visudo.c:1290
+#, c-format
+msgid ""
+"%s - safely edit the sudoers file\n"
+"\n"
+msgstr ""
+
+#: plugins/sudoers/visudo.c:1292
+msgid ""
+"\n"
+"Options:\n"
+"  -c, --check              check-only mode\n"
+"  -f, --file=sudoers       specify sudoers file location\n"
+"  -h, --help               display help message and exit\n"
+"  -q, --quiet              less verbose (quiet) syntax error messages\n"
+"  -s, --strict             strict syntax checking\n"
+"  -V, --version            display version information and exit\n"
+msgstr ""
+
+#: toke.l:939
+msgid "too many levels of includes"
+msgstr ""
diff --git a/plugins/sudoers/po/sv.mo b/plugins/sudoers/po/sv.mo
new file mode 100644
index 0000000..9fed092
--- /dev/null
+++ b/plugins/sudoers/po/sv.mo
diff --git a/plugins/sudoers/po/sv.po b/plugins/sudoers/po/sv.po
new file mode 100644
index 0000000..ce4772d
--- /dev/null
+++ b/plugins/sudoers/po/sv.po
@@ -0,0 +1,2475 @@
+# Swedish translation for sudoers.
+# Copyright © 2012, 2016, 2017, 2018 Free Software Foundation, Inc.
+# This file is put in the public domain.
+# Daniel Nylander <po@danielnylander.se>, 2012.
+# Sebastian Rasmussen <sebras@gmail.com>, 2016, 2017, 2018.
+#
+msgid ""
+msgstr ""
+"Project-Id-Version: sudoers 1.8.26b1\n"
+"Report-Msgid-Bugs-To: https://bugzilla.sudo.ws\n"
+"POT-Creation-Date: 2018-10-29 08:31-0600\n"
+"PO-Revision-Date: 2018-10-30 02:23+0100\n"
+"Last-Translator: Sebastian Rasmussen <sebras@gmail.com>\n"
+"Language-Team: Swedish <tp-sv@listor.tp-sv.se>\n"
+"Language: sv\n"
+"MIME-Version: 1.0\n"
+"Content-Type: text/plain; charset=UTF-8\n"
+"Content-Transfer-Encoding: 8bit\n"
+"X-Bugs: Report translation errors to the Language-Team address.\n"
+"Plural-Forms: nplurals=2; plural=(n != 1);\n"
+"X-Generator: Poedit 2.2\n"
+
+#: confstr.sh:1
+msgid "syntax error"
+msgstr "syntaxfel"
+
+#: confstr.sh:2
+msgid "%p's password: "
+msgstr "lösenord för %p: "
+
+#: confstr.sh:3
+msgid "[sudo] password for %p: "
+msgstr "[sudo] lösenord för %p: "
+
+#: confstr.sh:4
+msgid "Password: "
+msgstr "Lösenord: "
+
+#: confstr.sh:5
+msgid "*** SECURITY information for %h ***"
+msgstr "*** SÄKERHETSINFORMATION för %h ***"
+
+#: confstr.sh:6
+msgid "Sorry, try again."
+msgstr "Försök igen."
+
+#: gram.y:192 gram.y:240 gram.y:247 gram.y:254 gram.y:261 gram.y:268
+#: gram.y:284 gram.y:308 gram.y:315 gram.y:322 gram.y:329 gram.y:336
+#: gram.y:399 gram.y:407 gram.y:417 gram.y:450 gram.y:457 gram.y:464
+#: gram.y:471 gram.y:553 gram.y:560 gram.y:569 gram.y:578 gram.y:595
+#: gram.y:707 gram.y:714 gram.y:721 gram.y:729 gram.y:829 gram.y:836
+#: gram.y:843 gram.y:850 gram.y:857 gram.y:883 gram.y:890 gram.y:897
+#: gram.y:1020 gram.y:1294 plugins/sudoers/alias.c:130
+#: plugins/sudoers/alias.c:137 plugins/sudoers/alias.c:153
+#: plugins/sudoers/auth/bsdauth.c:146 plugins/sudoers/auth/kerb5.c:121
+#: plugins/sudoers/auth/kerb5.c:147 plugins/sudoers/auth/pam.c:524
+#: plugins/sudoers/auth/rfc1938.c:114 plugins/sudoers/auth/sia.c:62
+#: plugins/sudoers/cvtsudoers.c:123 plugins/sudoers/cvtsudoers.c:164
+#: plugins/sudoers/cvtsudoers.c:181 plugins/sudoers/cvtsudoers.c:192
+#: plugins/sudoers/cvtsudoers.c:304 plugins/sudoers/cvtsudoers.c:432
+#: plugins/sudoers/cvtsudoers.c:565 plugins/sudoers/cvtsudoers.c:582
+#: plugins/sudoers/cvtsudoers.c:645 plugins/sudoers/cvtsudoers.c:760
+#: plugins/sudoers/cvtsudoers.c:768 plugins/sudoers/cvtsudoers.c:1178
+#: plugins/sudoers/cvtsudoers.c:1182 plugins/sudoers/cvtsudoers.c:1284
+#: plugins/sudoers/cvtsudoers_ldif.c:152 plugins/sudoers/cvtsudoers_ldif.c:195
+#: plugins/sudoers/cvtsudoers_ldif.c:242 plugins/sudoers/cvtsudoers_ldif.c:261
+#: plugins/sudoers/cvtsudoers_ldif.c:332 plugins/sudoers/cvtsudoers_ldif.c:387
+#: plugins/sudoers/cvtsudoers_ldif.c:395 plugins/sudoers/cvtsudoers_ldif.c:412
+#: plugins/sudoers/cvtsudoers_ldif.c:421 plugins/sudoers/cvtsudoers_ldif.c:568
+#: plugins/sudoers/defaults.c:661 plugins/sudoers/defaults.c:954
+#: plugins/sudoers/defaults.c:1125 plugins/sudoers/editor.c:70
+#: plugins/sudoers/editor.c:88 plugins/sudoers/editor.c:99
+#: plugins/sudoers/env.c:247 plugins/sudoers/filedigest.c:64
+#: plugins/sudoers/filedigest.c:80 plugins/sudoers/gc.c:57
+#: plugins/sudoers/group_plugin.c:136 plugins/sudoers/interfaces.c:76
+#: plugins/sudoers/iolog.c:939 plugins/sudoers/iolog_path.c:172
+#: plugins/sudoers/iolog_util.c:83 plugins/sudoers/iolog_util.c:122
+#: plugins/sudoers/iolog_util.c:131 plugins/sudoers/iolog_util.c:141
+#: plugins/sudoers/iolog_util.c:149 plugins/sudoers/iolog_util.c:153
+#: plugins/sudoers/ldap.c:183 plugins/sudoers/ldap.c:414
+#: plugins/sudoers/ldap.c:418 plugins/sudoers/ldap.c:430
+#: plugins/sudoers/ldap.c:721 plugins/sudoers/ldap.c:885
+#: plugins/sudoers/ldap.c:1233 plugins/sudoers/ldap.c:1660
+#: plugins/sudoers/ldap.c:1697 plugins/sudoers/ldap.c:1778
+#: plugins/sudoers/ldap.c:1913 plugins/sudoers/ldap.c:2014
+#: plugins/sudoers/ldap.c:2030 plugins/sudoers/ldap_conf.c:221
+#: plugins/sudoers/ldap_conf.c:252 plugins/sudoers/ldap_conf.c:304
+#: plugins/sudoers/ldap_conf.c:340 plugins/sudoers/ldap_conf.c:443
+#: plugins/sudoers/ldap_conf.c:458 plugins/sudoers/ldap_conf.c:555
+#: plugins/sudoers/ldap_conf.c:588 plugins/sudoers/ldap_conf.c:680
+#: plugins/sudoers/ldap_conf.c:762 plugins/sudoers/ldap_util.c:508
+#: plugins/sudoers/ldap_util.c:564 plugins/sudoers/linux_audit.c:81
+#: plugins/sudoers/logging.c:195 plugins/sudoers/logging.c:511
+#: plugins/sudoers/logging.c:532 plugins/sudoers/logging.c:573
+#: plugins/sudoers/logging.c:752 plugins/sudoers/logging.c:1010
+#: plugins/sudoers/match.c:725 plugins/sudoers/match.c:772
+#: plugins/sudoers/match.c:813 plugins/sudoers/match.c:841
+#: plugins/sudoers/match.c:929 plugins/sudoers/match.c:1009
+#: plugins/sudoers/parse.c:195 plugins/sudoers/parse.c:207
+#: plugins/sudoers/parse.c:222 plugins/sudoers/parse.c:234
+#: plugins/sudoers/parse_ldif.c:141 plugins/sudoers/parse_ldif.c:168
+#: plugins/sudoers/parse_ldif.c:237 plugins/sudoers/parse_ldif.c:244
+#: plugins/sudoers/parse_ldif.c:249 plugins/sudoers/parse_ldif.c:325
+#: plugins/sudoers/parse_ldif.c:336 plugins/sudoers/parse_ldif.c:342
+#: plugins/sudoers/parse_ldif.c:367 plugins/sudoers/parse_ldif.c:379
+#: plugins/sudoers/parse_ldif.c:383 plugins/sudoers/parse_ldif.c:397
+#: plugins/sudoers/parse_ldif.c:564 plugins/sudoers/parse_ldif.c:594
+#: plugins/sudoers/parse_ldif.c:619 plugins/sudoers/parse_ldif.c:679
+#: plugins/sudoers/parse_ldif.c:698 plugins/sudoers/parse_ldif.c:744
+#: plugins/sudoers/parse_ldif.c:754 plugins/sudoers/policy.c:502
+#: plugins/sudoers/policy.c:744 plugins/sudoers/prompt.c:98
+#: plugins/sudoers/pwutil.c:197 plugins/sudoers/pwutil.c:269
+#: plugins/sudoers/pwutil.c:346 plugins/sudoers/pwutil.c:520
+#: plugins/sudoers/pwutil.c:586 plugins/sudoers/pwutil.c:656
+#: plugins/sudoers/pwutil.c:814 plugins/sudoers/pwutil.c:871
+#: plugins/sudoers/pwutil.c:916 plugins/sudoers/pwutil.c:974
+#: plugins/sudoers/sssd.c:152 plugins/sudoers/sssd.c:398
+#: plugins/sudoers/sssd.c:461 plugins/sudoers/sssd.c:505
+#: plugins/sudoers/sssd.c:552 plugins/sudoers/sssd.c:743
+#: plugins/sudoers/stubs.c:101 plugins/sudoers/stubs.c:109
+#: plugins/sudoers/sudoers.c:269 plugins/sudoers/sudoers.c:279
+#: plugins/sudoers/sudoers.c:288 plugins/sudoers/sudoers.c:330
+#: plugins/sudoers/sudoers.c:653 plugins/sudoers/sudoers.c:779
+#: plugins/sudoers/sudoers.c:823 plugins/sudoers/sudoers.c:1097
+#: plugins/sudoers/sudoers_debug.c:112 plugins/sudoers/sudoreplay.c:579
+#: plugins/sudoers/sudoreplay.c:582 plugins/sudoers/sudoreplay.c:1259
+#: plugins/sudoers/sudoreplay.c:1459 plugins/sudoers/sudoreplay.c:1463
+#: plugins/sudoers/testsudoers.c:134 plugins/sudoers/testsudoers.c:234
+#: plugins/sudoers/testsudoers.c:251 plugins/sudoers/testsudoers.c:585
+#: plugins/sudoers/timestamp.c:437 plugins/sudoers/timestamp.c:481
+#: plugins/sudoers/timestamp.c:958 plugins/sudoers/toke_util.c:57
+#: plugins/sudoers/toke_util.c:110 plugins/sudoers/toke_util.c:147
+#: plugins/sudoers/tsdump.c:128 plugins/sudoers/visudo.c:150
+#: plugins/sudoers/visudo.c:312 plugins/sudoers/visudo.c:318
+#: plugins/sudoers/visudo.c:428 plugins/sudoers/visudo.c:606
+#: plugins/sudoers/visudo.c:926 plugins/sudoers/visudo.c:1013
+#: plugins/sudoers/visudo.c:1102 toke.l:844 toke.l:945 toke.l:1102
+msgid "unable to allocate memory"
+msgstr "kunde inte allokera minne"
+
+#: gram.y:482
+msgid "a digest requires a path name"
+msgstr "en kontrollsumma kräver ett sökvägsnamn"
+
+#: gram.y:608
+msgid "invalid notbefore value"
+msgstr "ogiltigt notbefore-värde"
+
+#: gram.y:616
+msgid "invalid notafter value"
+msgstr "ogiltigt notafter-värde"
+
+#: gram.y:625 plugins/sudoers/policy.c:318
+msgid "timeout value too large"
+msgstr "tidsgränsvärde för stort"
+
+#: gram.y:627 plugins/sudoers/policy.c:320
+msgid "invalid timeout value"
+msgstr "ogiltigt värde för tidsgräns"
+
+#: gram.y:1294 plugins/sudoers/auth/pam.c:354 plugins/sudoers/auth/pam.c:524
+#: plugins/sudoers/auth/rfc1938.c:114 plugins/sudoers/cvtsudoers.c:123
+#: plugins/sudoers/cvtsudoers.c:163 plugins/sudoers/cvtsudoers.c:180
+#: plugins/sudoers/cvtsudoers.c:191 plugins/sudoers/cvtsudoers.c:303
+#: plugins/sudoers/cvtsudoers.c:431 plugins/sudoers/cvtsudoers.c:564
+#: plugins/sudoers/cvtsudoers.c:581 plugins/sudoers/cvtsudoers.c:645
+#: plugins/sudoers/cvtsudoers.c:760 plugins/sudoers/cvtsudoers.c:767
+#: plugins/sudoers/cvtsudoers.c:1178 plugins/sudoers/cvtsudoers.c:1182
+#: plugins/sudoers/cvtsudoers.c:1284 plugins/sudoers/cvtsudoers_ldif.c:151
+#: plugins/sudoers/cvtsudoers_ldif.c:194 plugins/sudoers/cvtsudoers_ldif.c:241
+#: plugins/sudoers/cvtsudoers_ldif.c:260 plugins/sudoers/cvtsudoers_ldif.c:331
+#: plugins/sudoers/cvtsudoers_ldif.c:386 plugins/sudoers/cvtsudoers_ldif.c:394
+#: plugins/sudoers/cvtsudoers_ldif.c:411 plugins/sudoers/cvtsudoers_ldif.c:420
+#: plugins/sudoers/cvtsudoers_ldif.c:567 plugins/sudoers/defaults.c:661
+#: plugins/sudoers/defaults.c:954 plugins/sudoers/defaults.c:1125
+#: plugins/sudoers/editor.c:70 plugins/sudoers/editor.c:88
+#: plugins/sudoers/editor.c:99 plugins/sudoers/env.c:247
+#: plugins/sudoers/filedigest.c:64 plugins/sudoers/filedigest.c:80
+#: plugins/sudoers/gc.c:57 plugins/sudoers/group_plugin.c:136
+#: plugins/sudoers/interfaces.c:76 plugins/sudoers/iolog.c:939
+#: plugins/sudoers/iolog_path.c:172 plugins/sudoers/iolog_util.c:83
+#: plugins/sudoers/iolog_util.c:122 plugins/sudoers/iolog_util.c:131
+#: plugins/sudoers/iolog_util.c:141 plugins/sudoers/iolog_util.c:149
+#: plugins/sudoers/iolog_util.c:153 plugins/sudoers/ldap.c:183
+#: plugins/sudoers/ldap.c:414 plugins/sudoers/ldap.c:418
+#: plugins/sudoers/ldap.c:430 plugins/sudoers/ldap.c:721
+#: plugins/sudoers/ldap.c:885 plugins/sudoers/ldap.c:1233
+#: plugins/sudoers/ldap.c:1660 plugins/sudoers/ldap.c:1697
+#: plugins/sudoers/ldap.c:1778 plugins/sudoers/ldap.c:1913
+#: plugins/sudoers/ldap.c:2014 plugins/sudoers/ldap.c:2030
+#: plugins/sudoers/ldap_conf.c:221 plugins/sudoers/ldap_conf.c:252
+#: plugins/sudoers/ldap_conf.c:304 plugins/sudoers/ldap_conf.c:340
+#: plugins/sudoers/ldap_conf.c:443 plugins/sudoers/ldap_conf.c:458
+#: plugins/sudoers/ldap_conf.c:555 plugins/sudoers/ldap_conf.c:588
+#: plugins/sudoers/ldap_conf.c:679 plugins/sudoers/ldap_conf.c:762
+#: plugins/sudoers/ldap_util.c:508 plugins/sudoers/ldap_util.c:564
+#: plugins/sudoers/linux_audit.c:81 plugins/sudoers/logging.c:195
+#: plugins/sudoers/logging.c:511 plugins/sudoers/logging.c:532
+#: plugins/sudoers/logging.c:572 plugins/sudoers/logging.c:1010
+#: plugins/sudoers/match.c:724 plugins/sudoers/match.c:771
+#: plugins/sudoers/match.c:813 plugins/sudoers/match.c:841
+#: plugins/sudoers/match.c:929 plugins/sudoers/match.c:1008
+#: plugins/sudoers/parse.c:194 plugins/sudoers/parse.c:206
+#: plugins/sudoers/parse.c:221 plugins/sudoers/parse.c:233
+#: plugins/sudoers/parse_ldif.c:140 plugins/sudoers/parse_ldif.c:167
+#: plugins/sudoers/parse_ldif.c:236 plugins/sudoers/parse_ldif.c:243
+#: plugins/sudoers/parse_ldif.c:248 plugins/sudoers/parse_ldif.c:324
+#: plugins/sudoers/parse_ldif.c:335 plugins/sudoers/parse_ldif.c:341
+#: plugins/sudoers/parse_ldif.c:366 plugins/sudoers/parse_ldif.c:378
+#: plugins/sudoers/parse_ldif.c:382 plugins/sudoers/parse_ldif.c:396
+#: plugins/sudoers/parse_ldif.c:564 plugins/sudoers/parse_ldif.c:593
+#: plugins/sudoers/parse_ldif.c:618 plugins/sudoers/parse_ldif.c:678
+#: plugins/sudoers/parse_ldif.c:697 plugins/sudoers/parse_ldif.c:743
+#: plugins/sudoers/parse_ldif.c:753 plugins/sudoers/policy.c:132
+#: plugins/sudoers/policy.c:141 plugins/sudoers/policy.c:150
+#: plugins/sudoers/policy.c:176 plugins/sudoers/policy.c:303
+#: plugins/sudoers/policy.c:318 plugins/sudoers/policy.c:320
+#: plugins/sudoers/policy.c:346 plugins/sudoers/policy.c:356
+#: plugins/sudoers/policy.c:400 plugins/sudoers/policy.c:410
+#: plugins/sudoers/policy.c:419 plugins/sudoers/policy.c:428
+#: plugins/sudoers/policy.c:502 plugins/sudoers/policy.c:744
+#: plugins/sudoers/prompt.c:98 plugins/sudoers/pwutil.c:197
+#: plugins/sudoers/pwutil.c:269 plugins/sudoers/pwutil.c:346
+#: plugins/sudoers/pwutil.c:520 plugins/sudoers/pwutil.c:586
+#: plugins/sudoers/pwutil.c:656 plugins/sudoers/pwutil.c:814
+#: plugins/sudoers/pwutil.c:871 plugins/sudoers/pwutil.c:916
+#: plugins/sudoers/pwutil.c:974 plugins/sudoers/set_perms.c:392
+#: plugins/sudoers/set_perms.c:771 plugins/sudoers/set_perms.c:1155
+#: plugins/sudoers/set_perms.c:1481 plugins/sudoers/set_perms.c:1646
+#: plugins/sudoers/sssd.c:151 plugins/sudoers/sssd.c:398
+#: plugins/sudoers/sssd.c:461 plugins/sudoers/sssd.c:505
+#: plugins/sudoers/sssd.c:552 plugins/sudoers/sssd.c:743
+#: plugins/sudoers/stubs.c:101 plugins/sudoers/stubs.c:109
+#: plugins/sudoers/sudoers.c:269 plugins/sudoers/sudoers.c:279
+#: plugins/sudoers/sudoers.c:288 plugins/sudoers/sudoers.c:330
+#: plugins/sudoers/sudoers.c:653 plugins/sudoers/sudoers.c:779
+#: plugins/sudoers/sudoers.c:823 plugins/sudoers/sudoers.c:1097
+#: plugins/sudoers/sudoers_debug.c:111 plugins/sudoers/sudoreplay.c:579
+#: plugins/sudoers/sudoreplay.c:582 plugins/sudoers/sudoreplay.c:1259
+#: plugins/sudoers/sudoreplay.c:1459 plugins/sudoers/sudoreplay.c:1463
+#: plugins/sudoers/testsudoers.c:134 plugins/sudoers/testsudoers.c:234
+#: plugins/sudoers/testsudoers.c:251 plugins/sudoers/testsudoers.c:585
+#: plugins/sudoers/timestamp.c:437 plugins/sudoers/timestamp.c:481
+#: plugins/sudoers/timestamp.c:958 plugins/sudoers/toke_util.c:57
+#: plugins/sudoers/toke_util.c:110 plugins/sudoers/toke_util.c:147
+#: plugins/sudoers/tsdump.c:128 plugins/sudoers/visudo.c:150
+#: plugins/sudoers/visudo.c:312 plugins/sudoers/visudo.c:318
+#: plugins/sudoers/visudo.c:428 plugins/sudoers/visudo.c:606
+#: plugins/sudoers/visudo.c:926 plugins/sudoers/visudo.c:1013
+#: plugins/sudoers/visudo.c:1102 toke.l:844 toke.l:945 toke.l:1102
+#, c-format
+msgid "%s: %s"
+msgstr "%s: %s"
+
+#: plugins/sudoers/alias.c:148
+#, c-format
+msgid "Alias \"%s\" already defined"
+msgstr "Aliaset ”%s” är redan definierat"
+
+#: plugins/sudoers/auth/bsdauth.c:73
+#, c-format
+msgid "unable to get login class for user %s"
+msgstr "kunde inte få inloggningsklass för användaren %s"
+
+#: plugins/sudoers/auth/bsdauth.c:78
+msgid "unable to begin bsd authentication"
+msgstr "kan inte påbörja bsd-autentisering"
+
+#: plugins/sudoers/auth/bsdauth.c:86
+msgid "invalid authentication type"
+msgstr "ogiltig autentiseringstyp"
+
+#: plugins/sudoers/auth/bsdauth.c:95
+msgid "unable to initialize BSD authentication"
+msgstr "kunde inte initiera BSD-autentisering"
+
+#: plugins/sudoers/auth/bsdauth.c:183
+msgid "your account has expired"
+msgstr "ditt konto har gått ut"
+
+#: plugins/sudoers/auth/bsdauth.c:185
+msgid "approval failed"
+msgstr "godkännande misslyckades"
+
+#: plugins/sudoers/auth/fwtk.c:57
+msgid "unable to read fwtk config"
+msgstr "kan inte läsa fwtk-konfiguration"
+
+#: plugins/sudoers/auth/fwtk.c:62
+msgid "unable to connect to authentication server"
+msgstr "kunde inte ansluta till autentiseringsservern"
+
+#: plugins/sudoers/auth/fwtk.c:68 plugins/sudoers/auth/fwtk.c:92
+#: plugins/sudoers/auth/fwtk.c:124
+msgid "lost connection to authentication server"
+msgstr "förlorade kontakten med autentiseringsservern"
+
+#: plugins/sudoers/auth/fwtk.c:72
+#, c-format
+msgid ""
+"authentication server error:\n"
+"%s"
+msgstr ""
+"fel i autentiseringsservern:\n"
+"%s"
+
+#: plugins/sudoers/auth/kerb5.c:113
+#, c-format
+msgid "%s: unable to convert principal to string ('%s'): %s"
+msgstr "%s: kunde inte konvertera principal till sträng (”%s”): %s"
+
+#: plugins/sudoers/auth/kerb5.c:163
+#, c-format
+msgid "%s: unable to parse '%s': %s"
+msgstr "%s: kunde inte tolka ”%s”: %s"
+
+#: plugins/sudoers/auth/kerb5.c:172
+#, c-format
+msgid "%s: unable to resolve credential cache: %s"
+msgstr "%s: kunde inte slå upp inloggningsuppgiftscache: %s"
+
+#: plugins/sudoers/auth/kerb5.c:219
+#, c-format
+msgid "%s: unable to allocate options: %s"
+msgstr "%s: kunde inte allokera flaggor: %s"
+
+#: plugins/sudoers/auth/kerb5.c:234
+#, c-format
+msgid "%s: unable to get credentials: %s"
+msgstr "%s: kan inte hämta inloggningsuppgifter: %s"
+
+#: plugins/sudoers/auth/kerb5.c:247
+#, c-format
+msgid "%s: unable to initialize credential cache: %s"
+msgstr "%s: kunde inte initiera inloggningsuppgiftscache: %s"
+
+#: plugins/sudoers/auth/kerb5.c:250
+#, c-format
+msgid "%s: unable to store credential in cache: %s"
+msgstr "%s: kunde inte lagra inloggningsuppgifter i cache: %s"
+
+#: plugins/sudoers/auth/kerb5.c:314
+#, c-format
+msgid "%s: unable to get host principal: %s"
+msgstr "%s: kan inte hämta principal för värd: %s"
+
+#: plugins/sudoers/auth/kerb5.c:328
+#, c-format
+msgid "%s: Cannot verify TGT! Possible attack!: %s"
+msgstr "%s: Kan inte verifiera TGT! Möjlig attack!: %s"
+
+#: plugins/sudoers/auth/pam.c:113
+msgid "unable to initialize PAM"
+msgstr "kunde inte initiera PAM"
+
+#: plugins/sudoers/auth/pam.c:204
+#, c-format
+msgid "PAM authentication error: %s"
+msgstr "PAM-autentiseringsfel: %s"
+
+#: plugins/sudoers/auth/pam.c:221
+msgid "account validation failure, is your account locked?"
+msgstr "kontovalidering misslyckades. Är ditt konto låst?"
+
+#: plugins/sudoers/auth/pam.c:229
+msgid "Account or password is expired, reset your password and try again"
+msgstr "Kontot eller lösenordet har gått ut. Återställ ditt lösenord och försök igen"
+
+#: plugins/sudoers/auth/pam.c:238
+#, c-format
+msgid "unable to change expired password: %s"
+msgstr "kunde inte ändra utgånget lösenord: %s"
+
+#: plugins/sudoers/auth/pam.c:246
+msgid "Password expired, contact your system administrator"
+msgstr "Lösenordet har gått ut. Kontakta din systemadministratör"
+
+#: plugins/sudoers/auth/pam.c:250
+msgid "Account expired or PAM config lacks an \"account\" section for sudo, contact your system administrator"
+msgstr "Konto utgånget eller så saknar PAM-konfigurationen ett ”account”-avsnitt för sudo, kontakta din systemadministratör"
+
+#: plugins/sudoers/auth/pam.c:257 plugins/sudoers/auth/pam.c:262
+#, c-format
+msgid "PAM account management error: %s"
+msgstr "Fel vid hantering av PAM-konto: %s"
+
+#: plugins/sudoers/auth/rfc1938.c:102 plugins/sudoers/visudo.c:232
+#, c-format
+msgid "you do not exist in the %s database"
+msgstr "du finns inte i %s-databasen"
+
+#: plugins/sudoers/auth/securid5.c:75
+msgid "failed to initialise the ACE API library"
+msgstr "misslyckades med att initiera ACE API-biblioteket"
+
+#: plugins/sudoers/auth/securid5.c:101
+msgid "unable to contact the SecurID server"
+msgstr "kunde inte kontakta SecurID-servern"
+
+#: plugins/sudoers/auth/securid5.c:110
+msgid "User ID locked for SecurID Authentication"
+msgstr "Användar-ID låst för SecurID-autentisering"
+
+#: plugins/sudoers/auth/securid5.c:114 plugins/sudoers/auth/securid5.c:165
+msgid "invalid username length for SecurID"
+msgstr "ogiltig längd för användarnamn för SecurID"
+
+#: plugins/sudoers/auth/securid5.c:118 plugins/sudoers/auth/securid5.c:170
+msgid "invalid Authentication Handle for SecurID"
+msgstr "ogiltigt autentiseringshandtag för SecurID"
+
+#: plugins/sudoers/auth/securid5.c:122
+msgid "SecurID communication failed"
+msgstr "SecurID-kommunikation misslyckades"
+
+#: plugins/sudoers/auth/securid5.c:126 plugins/sudoers/auth/securid5.c:215
+msgid "unknown SecurID error"
+msgstr "okänt SecurID-fel"
+
+#: plugins/sudoers/auth/securid5.c:160
+msgid "invalid passcode length for SecurID"
+msgstr "ogiltig lösenordslängd för SecurID"
+
+#: plugins/sudoers/auth/sia.c:72 plugins/sudoers/auth/sia.c:127
+msgid "unable to initialize SIA session"
+msgstr "kunde inte initiera SIA-session"
+
+#: plugins/sudoers/auth/sudo_auth.c:136
+msgid "invalid authentication methods"
+msgstr "ogiltiga autentiseringsmetoder"
+
+#: plugins/sudoers/auth/sudo_auth.c:138
+msgid "Invalid authentication methods compiled into sudo!  You may not mix standalone and non-standalone authentication."
+msgstr "Ogiltiga autentiseringsmetoder inkompilerade i sudo! Du får inte blanda fristående och icke-fristående autentisering."
+
+#: plugins/sudoers/auth/sudo_auth.c:259 plugins/sudoers/auth/sudo_auth.c:309
+msgid "no authentication methods"
+msgstr "inga autentiseringsmetoder"
+
+#: plugins/sudoers/auth/sudo_auth.c:261
+msgid "There are no authentication methods compiled into sudo!  If you want to turn off authentication, use the --disable-authentication configure option."
+msgstr "Det finns inga autentiseringsmetoder inbyggda i sudo!  Om du vill inaktivera autentisering, använd konfigurationsflaggan --disable-authentication."
+
+#: plugins/sudoers/auth/sudo_auth.c:311
+msgid "Unable to initialize authentication methods."
+msgstr "Kunde inte initiera autentiseringsmetoder."
+
+#: plugins/sudoers/auth/sudo_auth.c:477
+msgid "Authentication methods:"
+msgstr "Autentiseringsmetoder:"
+
+#: plugins/sudoers/bsm_audit.c:123 plugins/sudoers/bsm_audit.c:215
+msgid "Could not determine audit condition"
+msgstr "Kunde inte fastställa granskningsvillkor"
+
+#: plugins/sudoers/bsm_audit.c:188 plugins/sudoers/bsm_audit.c:279
+msgid "unable to commit audit record"
+msgstr "kunde inte bekräfta granskningsberättelse"
+
+#: plugins/sudoers/check.c:267
+msgid ""
+"\n"
+"We trust you have received the usual lecture from the local System\n"
+"Administrator. It usually boils down to these three things:\n"
+"\n"
+"    #1) Respect the privacy of others.\n"
+"    #2) Think before you type.\n"
+"    #3) With great power comes great responsibility.\n"
+"\n"
+msgstr ""
+"\n"
+"Vi litar på att du har fått den vanliga lektionen från den lokala system-\n"
+"administratören. Den kan vanligtvis reduceras till dessa tre saker:\n"
+"\n"
+"    #1) Respektera andras integritet.\n"
+"    #2) Tänk innan du skriver.\n"
+"    #3) Med stor makt kommer ett stort ansvar.\n"
+"\n"
+
+#: plugins/sudoers/check.c:310 plugins/sudoers/check.c:320
+#: plugins/sudoers/sudoers.c:696 plugins/sudoers/sudoers.c:741
+#: plugins/sudoers/tsdump.c:124
+#, c-format
+msgid "unknown uid: %u"
+msgstr "okänt uid: %u"
+
+#: plugins/sudoers/check.c:315 plugins/sudoers/iolog.c:253
+#: plugins/sudoers/policy.c:915 plugins/sudoers/sudoers.c:1136
+#: plugins/sudoers/testsudoers.c:225 plugins/sudoers/testsudoers.c:398
+#, c-format
+msgid "unknown user: %s"
+msgstr "okänd användare: %s"
+
+#: plugins/sudoers/cvtsudoers.c:198
+#, c-format
+msgid "order increment: %s: %s"
+msgstr "ordningsinkrement: %s: %s"
+
+#: plugins/sudoers/cvtsudoers.c:214
+#, c-format
+msgid "starting order: %s: %s"
+msgstr "startordning: %s: %s"
+
+#: plugins/sudoers/cvtsudoers.c:224
+#, c-format
+msgid "order padding: %s: %s"
+msgstr "ordningsutfyllnad: %s: %s"
+
+#: plugins/sudoers/cvtsudoers.c:232 plugins/sudoers/sudoreplay.c:287
+#: plugins/sudoers/visudo.c:182
+#, c-format
+msgid "%s version %s\n"
+msgstr "%s version %s\n"
+
+#: plugins/sudoers/cvtsudoers.c:234 plugins/sudoers/visudo.c:184
+#, c-format
+msgid "%s grammar version %d\n"
+msgstr "%s grammatikversion %d\n"
+
+#: plugins/sudoers/cvtsudoers.c:251 plugins/sudoers/testsudoers.c:173
+#, c-format
+msgid "unsupported input format %s"
+msgstr "inmatningsformat %s stöds inte"
+
+#: plugins/sudoers/cvtsudoers.c:266
+#, c-format
+msgid "unsupported output format %s"
+msgstr "umatningsformat %s stöds inte"
+
+#: plugins/sudoers/cvtsudoers.c:318
+#, c-format
+msgid "%s: input and output files must be different"
+msgstr "%s: in- och utmatningsfiler måste vara olika"
+
+#: plugins/sudoers/cvtsudoers.c:334 plugins/sudoers/sudoers.c:172
+#: plugins/sudoers/testsudoers.c:264 plugins/sudoers/visudo.c:238
+#: plugins/sudoers/visudo.c:594 plugins/sudoers/visudo.c:917
+msgid "unable to initialize sudoers default values"
+msgstr "kunde inte initiera sudoers standardvärden"
+
+#: plugins/sudoers/cvtsudoers.c:420 plugins/sudoers/ldap_conf.c:433
+#, c-format
+msgid "%s: %s: %s: %s"
+msgstr "%s: %s: %s: %s"
+
+#: plugins/sudoers/cvtsudoers.c:479
+#, c-format
+msgid "%s: unknown key word: %s"
+msgstr "%s: okänt nyckelord: %s"
+
+#: plugins/sudoers/cvtsudoers.c:525
+#, c-format
+msgid "invalid defaults type: %s"
+msgstr "ogiltig standardtyp: %s"
+
+#: plugins/sudoers/cvtsudoers.c:548
+#, c-format
+msgid "invalid suppression type: %s"
+msgstr "ogiltig undertryckningstyp: %s"
+
+#: plugins/sudoers/cvtsudoers.c:588 plugins/sudoers/cvtsudoers.c:602
+#, c-format
+msgid "invalid filter: %s"
+msgstr "ogiltigt filter: %s"
+
+#: plugins/sudoers/cvtsudoers.c:621 plugins/sudoers/cvtsudoers.c:638
+#: plugins/sudoers/cvtsudoers.c:1244 plugins/sudoers/cvtsudoers_json.c:1128
+#: plugins/sudoers/cvtsudoers_ldif.c:641 plugins/sudoers/iolog.c:411
+#: plugins/sudoers/iolog_util.c:72 plugins/sudoers/sudoers.c:903
+#: plugins/sudoers/sudoreplay.c:333 plugins/sudoers/sudoreplay.c:1425
+#: plugins/sudoers/timestamp.c:446 plugins/sudoers/tsdump.c:133
+#: plugins/sudoers/visudo.c:913
+#, c-format
+msgid "unable to open %s"
+msgstr "kunde inte öppna %s"
+
+#: plugins/sudoers/cvtsudoers.c:641 plugins/sudoers/visudo.c:922
+#, c-format
+msgid "failed to parse %s file, unknown error"
+msgstr "misslyckades med att tolka %s-filen, okänt fel"
+
+#: plugins/sudoers/cvtsudoers.c:649 plugins/sudoers/visudo.c:939
+#, c-format
+msgid "parse error in %s near line %d\n"
+msgstr "tolkningsfel i %s nära rad %d\n"
+
+#: plugins/sudoers/cvtsudoers.c:652 plugins/sudoers/visudo.c:942
+#, c-format
+msgid "parse error in %s\n"
+msgstr "tolkningsfel i %s\n"
+
+#: plugins/sudoers/cvtsudoers.c:1291 plugins/sudoers/iolog.c:498
+#: plugins/sudoers/sudoreplay.c:1129 plugins/sudoers/timestamp.c:330
+#: plugins/sudoers/timestamp.c:333
+#, c-format
+msgid "unable to write to %s"
+msgstr "kunde inte skriva till %s"
+
+#: plugins/sudoers/cvtsudoers.c:1314
+#, c-format
+msgid ""
+"%s - convert between sudoers file formats\n"
+"\n"
+msgstr ""
+"%s - konvertera mellan sudoers filformat\n"
+"\n"
+
+#: plugins/sudoers/cvtsudoers.c:1316
+msgid ""
+"\n"
+"Options:\n"
+"  -b, --base=dn              the base DN for sudo LDAP queries\n"
+"  -d, --defaults=deftypes    only convert Defaults of the specified types\n"
+"  -e, --expand-aliases       expand aliases when converting\n"
+"  -f, --output-format=format set output format: JSON, LDIF or sudoers\n"
+"  -i, --input-format=format  set input format: LDIF or sudoers\n"
+"  -I, --increment=num        amount to increase each sudoOrder by\n"
+"  -h, --help                 display help message and exit\n"
+"  -m, --match=filter         only convert entries that match the filter\n"
+"  -M, --match-local          match filter uses passwd and group databases\n"
+"  -o, --output=output_file   write converted sudoers to output_file\n"
+"  -O, --order-start=num      starting point for first sudoOrder\n"
+"  -p, --prune-matches        prune non-matching users, groups and hosts\n"
+"  -P, --padding=num          base padding for sudoOrder increment\n"
+"  -s, --suppress=sections    suppress output of certain sections\n"
+"  -V, --version              display version information and exit"
+msgstr ""
+"\n"
+"Flaggor:\n"
+"  -b, --base=dn              DN-bas för sudo LDAP-förfrågningar\n"
+"  -d, --defaults=stdtyper    konvertera endast Standard av de angivna typerna\n"
+"  -e, --expand-aliases       expandera alias under konvertering\n"
+"  -f, --output-format=format ställ in utmatningsformat: JSON, LDIF eller sudoers\n"
+"  -i, --input-format=format  ställ in inmatningsformat: LDIF eller sudoers\n"
+"  -I, --increment=ant        antal att öka varje sudoOrder med\n"
+"  -h, --help                 visa hjälpmeddelande och avslut\n"
+"  -m, --match=filter         konvertera endast poster som matchar filtret\n"
+"  -M, --match-local          filtermatchning använder passwd och gruppdatabaser\n"
+"  -o, --output=utmatningsfil skriv konverterad sudoers till utmatningsfil\n"
+"  -O, --order-start=ant      startpunkt för första sudoOrder\n"
+"  -p, --prune-matches        skala bort användare, grupper och värdar som inte matchar\n"
+"  -P, --padding=num          basutfyllnad för sudoOrder-inkrement\n"
+"  -s, --suppress=avsnitt     undertryck utmatning av vissa avsnitt\n"
+"  -V, --version              visa versionsinformation och avsluta"
+
+#: plugins/sudoers/cvtsudoers_json.c:682 plugins/sudoers/cvtsudoers_json.c:718
+#: plugins/sudoers/cvtsudoers_json.c:936
+#, c-format
+msgid "unknown defaults entry \"%s\""
+msgstr "okänd standardpost ”%s”"
+
+#: plugins/sudoers/cvtsudoers_json.c:856 plugins/sudoers/cvtsudoers_json.c:871
+#: plugins/sudoers/cvtsudoers_ldif.c:306 plugins/sudoers/cvtsudoers_ldif.c:317
+#: plugins/sudoers/ldap.c:480
+msgid "unable to get GMT time"
+msgstr "kunde inte få GMT-tid"
+
+#: plugins/sudoers/cvtsudoers_json.c:859 plugins/sudoers/cvtsudoers_json.c:874
+#: plugins/sudoers/cvtsudoers_ldif.c:309 plugins/sudoers/cvtsudoers_ldif.c:320
+#: plugins/sudoers/ldap.c:486
+msgid "unable to format timestamp"
+msgstr "kunde inte formatera tidsstämpel"
+
+#: plugins/sudoers/cvtsudoers_ldif.c:524 plugins/sudoers/env.c:309
+#: plugins/sudoers/env.c:316 plugins/sudoers/env.c:421
+#: plugins/sudoers/ldap.c:494 plugins/sudoers/ldap.c:725
+#: plugins/sudoers/ldap.c:1052 plugins/sudoers/ldap_conf.c:225
+#: plugins/sudoers/ldap_conf.c:315 plugins/sudoers/linux_audit.c:87
+#: plugins/sudoers/logging.c:1015 plugins/sudoers/policy.c:623
+#: plugins/sudoers/policy.c:633 plugins/sudoers/prompt.c:166
+#: plugins/sudoers/sudoers.c:845 plugins/sudoers/testsudoers.c:255
+#: plugins/sudoers/toke_util.c:159
+#, c-format
+msgid "internal error, %s overflow"
+msgstr "internt fel, %s spill"
+
+#: plugins/sudoers/cvtsudoers_ldif.c:593
+#, c-format
+msgid "too many sudoers entries, maximum %u"
+msgstr "för många sudoers-poster, maximalt %u"
+
+#: plugins/sudoers/cvtsudoers_ldif.c:636
+msgid "the SUDOERS_BASE environment variable is not set and the -b option was not specified."
+msgstr "miljövariabeln SUDOERS_BASE är inte satt och flaggan -b angavs inte."
+
+#: plugins/sudoers/def_data.c:42
+#, c-format
+msgid "Syslog facility if syslog is being used for logging: %s"
+msgstr "Syslog-facilitet om syslog används för loggning: %s"
+
+#: plugins/sudoers/def_data.c:46
+#, c-format
+msgid "Syslog priority to use when user authenticates successfully: %s"
+msgstr "Syslog-prioritet att använda när användaren lyckas med autentisering: %s"
+
+#: plugins/sudoers/def_data.c:50
+#, c-format
+msgid "Syslog priority to use when user authenticates unsuccessfully: %s"
+msgstr "Syslog-prioritet att använda när användaren misslyckas med autentisering: %s"
+
+#: plugins/sudoers/def_data.c:54
+msgid "Put OTP prompt on its own line"
+msgstr "Lägg OTP-prompt på en egen rad"
+
+#: plugins/sudoers/def_data.c:58
+msgid "Ignore '.' in $PATH"
+msgstr "Ignorera ”.” i $PATH"
+
+#: plugins/sudoers/def_data.c:62
+msgid "Always send mail when sudo is run"
+msgstr "Skicka alltid e-post när sudo körs"
+
+#: plugins/sudoers/def_data.c:66
+msgid "Send mail if user authentication fails"
+msgstr "Skicka e-post om användarens autentisering misslyckas"
+
+#: plugins/sudoers/def_data.c:70
+msgid "Send mail if the user is not in sudoers"
+msgstr "Skicka e-post om användaren inte finns med i sudoers"
+
+#: plugins/sudoers/def_data.c:74
+msgid "Send mail if the user is not in sudoers for this host"
+msgstr "Skicka e-post om användaren inte finns med i sudoers för denna värddator"
+
+#: plugins/sudoers/def_data.c:78
+msgid "Send mail if the user is not allowed to run a command"
+msgstr "Skicka e-post om användaren inte tillåts att köra ett kommando"
+
+#: plugins/sudoers/def_data.c:82
+msgid "Send mail if the user tries to run a command"
+msgstr "Skicka e-post om användaren försöker köra ett kommando"
+
+#: plugins/sudoers/def_data.c:86
+msgid "Use a separate timestamp for each user/tty combo"
+msgstr "Använd en separat tidsstämpel för varje användar-/tty-kombination"
+
+#: plugins/sudoers/def_data.c:90
+msgid "Lecture user the first time they run sudo"
+msgstr "Lär upp användaren första gången de kör sudo"
+
+#: plugins/sudoers/def_data.c:94
+#, c-format
+msgid "File containing the sudo lecture: %s"
+msgstr "Fil som innehåller sudo-lektion: %s"
+
+#: plugins/sudoers/def_data.c:98
+msgid "Require users to authenticate by default"
+msgstr "Kräv att användare autentiseras som standard"
+
+#: plugins/sudoers/def_data.c:102
+msgid "Root may run sudo"
+msgstr "Root får köra sudo"
+
+#: plugins/sudoers/def_data.c:106
+msgid "Log the hostname in the (non-syslog) log file"
+msgstr "Logga värdnamnet i (den icke syslog-baserade) loggfilen"
+
+#: plugins/sudoers/def_data.c:110
+msgid "Log the year in the (non-syslog) log file"
+msgstr "Logga året i (den icke syslog-baserade) loggfilen"
+
+#: plugins/sudoers/def_data.c:114
+msgid "If sudo is invoked with no arguments, start a shell"
+msgstr "Om sudo startas utan argument, starta ett skal"
+
+#: plugins/sudoers/def_data.c:118
+msgid "Set $HOME to the target user when starting a shell with -s"
+msgstr "Ställ in $HOME till målanvändaren när ett skal startas med -s"
+
+#: plugins/sudoers/def_data.c:122
+msgid "Always set $HOME to the target user's home directory"
+msgstr "Ställ alltid in $HOME till målanvändarens hemkatalog"
+
+#: plugins/sudoers/def_data.c:126
+msgid "Allow some information gathering to give useful error messages"
+msgstr "Tillåt viss informationsinsamling för att ge meningsfulla felmeddelanden"
+
+#: plugins/sudoers/def_data.c:130
+msgid "Require fully-qualified hostnames in the sudoers file"
+msgstr "Kräv fullständiga värdnamn i sudoers-filen"
+
+#: plugins/sudoers/def_data.c:134
+msgid "Insult the user when they enter an incorrect password"
+msgstr "Förolämpa användaren när de anger ett felaktigt lösenord"
+
+#: plugins/sudoers/def_data.c:138
+msgid "Only allow the user to run sudo if they have a tty"
+msgstr "Tillåt bara användare att köra sudo om de har en tty"
+
+#: plugins/sudoers/def_data.c:142
+msgid "Visudo will honor the EDITOR environment variable"
+msgstr "Visudo kommer att respektera miljövariabeln EDITOR"
+
+#: plugins/sudoers/def_data.c:146
+msgid "Prompt for root's password, not the users's"
+msgstr "Fråga efter root-lösenordet, inte användarens"
+
+#: plugins/sudoers/def_data.c:150
+msgid "Prompt for the runas_default user's password, not the users's"
+msgstr "Fråga efter runas_default-användarens lösenord, inte användarens"
+
+#: plugins/sudoers/def_data.c:154
+msgid "Prompt for the target user's password, not the users's"
+msgstr "Fråga efter målanvändarens lösenord, inte användarens"
+
+#: plugins/sudoers/def_data.c:158
+msgid "Apply defaults in the target user's login class if there is one"
+msgstr "Tillämpa standardvärden i målanvändarens inloggningsklass om det finns en"
+
+#: plugins/sudoers/def_data.c:162
+msgid "Set the LOGNAME and USER environment variables"
+msgstr "Ställ in miljövariablerna LOGNAME och USER"
+
+#: plugins/sudoers/def_data.c:166
+msgid "Only set the effective uid to the target user, not the real uid"
+msgstr "Sätt bara det effektiva uid:t till målanvändaren, inte till det riktiga uid:t"
+
+#: plugins/sudoers/def_data.c:170
+msgid "Don't initialize the group vector to that of the target user"
+msgstr "Initiera inte gruppvektorn till den från målanvändaren"
+
+#: plugins/sudoers/def_data.c:174
+#, c-format
+msgid "Length at which to wrap log file lines (0 for no wrap): %u"
+msgstr "Längden vid vilken långa loggfilsrader radbryts (0 för att inte radbryta): %u"
+
+#: plugins/sudoers/def_data.c:178
+#, c-format
+msgid "Authentication timestamp timeout: %.1f minutes"
+msgstr "Tidsgräns för autentiseringstidsstämpel: %.1f minuter"
+
+#: plugins/sudoers/def_data.c:182
+#, c-format
+msgid "Password prompt timeout: %.1f minutes"
+msgstr "Tidsgräns för lösenordsprompt: %.1f minuter"
+
+#: plugins/sudoers/def_data.c:186
+#, c-format
+msgid "Number of tries to enter a password: %u"
+msgstr "Antal försök att ange ett lösenord: %u"
+
+#: plugins/sudoers/def_data.c:190
+#, c-format
+msgid "Umask to use or 0777 to use user's: 0%o"
+msgstr "Umask att använda eller 0777 för att använda användarens: 0%o"
+
+#: plugins/sudoers/def_data.c:194
+#, c-format
+msgid "Path to log file: %s"
+msgstr "Sökväg till loggfil: %s"
+
+#: plugins/sudoers/def_data.c:198
+#, c-format
+msgid "Path to mail program: %s"
+msgstr "Sökväg till e-postprogram: %s"
+
+#: plugins/sudoers/def_data.c:202
+#, c-format
+msgid "Flags for mail program: %s"
+msgstr "Flaggor för e-postprogram: %s"
+
+#: plugins/sudoers/def_data.c:206
+#, c-format
+msgid "Address to send mail to: %s"
+msgstr "Adress att skicka e-post till: %s"
+
+#: plugins/sudoers/def_data.c:210
+#, c-format
+msgid "Address to send mail from: %s"
+msgstr "Adress att skicka e-post från: %s"
+
+#: plugins/sudoers/def_data.c:214
+#, c-format
+msgid "Subject line for mail messages: %s"
+msgstr "Ämnesrad för e-postmeddelanden: %s"
+
+#: plugins/sudoers/def_data.c:218
+#, c-format
+msgid "Incorrect password message: %s"
+msgstr "Meddelande vid felaktigt lösenord: %s"
+
+#: plugins/sudoers/def_data.c:222
+#, c-format
+msgid "Path to lecture status dir: %s"
+msgstr "Sökväg till lektionsstatuskatalog: %s"
+
+#: plugins/sudoers/def_data.c:226
+#, c-format
+msgid "Path to authentication timestamp dir: %s"
+msgstr "Sökväg till katalog för autentiseringstidsstämplar: %s"
+
+#: plugins/sudoers/def_data.c:230
+#, c-format
+msgid "Owner of the authentication timestamp dir: %s"
+msgstr "Ägare av katalogen för autentiseringstidsstämplar: %s"
+
+#: plugins/sudoers/def_data.c:234
+#, c-format
+msgid "Users in this group are exempt from password and PATH requirements: %s"
+msgstr "Användare i denna grupp är undantagna från lösenords- och SÖKVÄGs-kraven: %s"
+
+#: plugins/sudoers/def_data.c:238
+#, c-format
+msgid "Default password prompt: %s"
+msgstr "Standard lösenordsprompt: %s"
+
+#: plugins/sudoers/def_data.c:242
+msgid "If set, passprompt will override system prompt in all cases."
+msgstr "Om inställt kommer passprompt att åsidosätta systemprompten i varje fall."
+
+#: plugins/sudoers/def_data.c:246
+#, c-format
+msgid "Default user to run commands as: %s"
+msgstr "Standardanvändaren att köra kommandon som: %s"
+
+#: plugins/sudoers/def_data.c:250
+#, c-format
+msgid "Value to override user's $PATH with: %s"
+msgstr "Värde att åsidosätta användarens $PATH med: %s"
+
+#: plugins/sudoers/def_data.c:254
+#, c-format
+msgid "Path to the editor for use by visudo: %s"
+msgstr "Sökväg till textredigerare för användning av visudo: %s"
+
+#: plugins/sudoers/def_data.c:258
+#, c-format
+msgid "When to require a password for 'list' pseudocommand: %s"
+msgstr "När ett lösenord ska krävas för pseudokommandot ”list”: %s"
+
+#: plugins/sudoers/def_data.c:262
+#, c-format
+msgid "When to require a password for 'verify' pseudocommand: %s"
+msgstr "När lösenord ska krävas för pseudokommandot ”verify”: %s"
+
+#: plugins/sudoers/def_data.c:266
+msgid "Preload the dummy exec functions contained in the sudo_noexec library"
+msgstr "Förinläs attrapp-exec-funktioner som finns i biblioteket sudo_noexec"
+
+#: plugins/sudoers/def_data.c:270
+msgid "If LDAP directory is up, do we ignore local sudoers file"
+msgstr "Om LDAP-registret är uppe, ignorerar vi den lokala sudoers-filen"
+
+#: plugins/sudoers/def_data.c:274
+#, c-format
+msgid "File descriptors >= %d will be closed before executing a command"
+msgstr "Fildeskriptorer >= %d kommer att stängas innan ett kommando exekveras"
+
+#: plugins/sudoers/def_data.c:278
+msgid "If set, users may override the value of `closefrom' with the -C option"
+msgstr "Om inställt kan användare åsidosätta värdet ”closefrom” med flaggan -C"
+
+#: plugins/sudoers/def_data.c:282
+msgid "Allow users to set arbitrary environment variables"
+msgstr "Låt användare ställa in godtyckliga miljövariabler"
+
+#: plugins/sudoers/def_data.c:286
+msgid "Reset the environment to a default set of variables"
+msgstr "Återställ miljön till standarduppsättningen av variabler"
+
+#: plugins/sudoers/def_data.c:290
+msgid "Environment variables to check for sanity:"
+msgstr "Miljövariabler att kontrollera:"
+
+#: plugins/sudoers/def_data.c:294
+msgid "Environment variables to remove:"
+msgstr "Miljövariabler att ta bort:"
+
+#: plugins/sudoers/def_data.c:298
+msgid "Environment variables to preserve:"
+msgstr "Miljövariabler att behålla:"
+
+#: plugins/sudoers/def_data.c:302
+#, c-format
+msgid "SELinux role to use in the new security context: %s"
+msgstr "SELinux-roll att använda i den nya säkerhetskontexten: %s"
+
+#: plugins/sudoers/def_data.c:306
+#, c-format
+msgid "SELinux type to use in the new security context: %s"
+msgstr "SELinux-typ att använda i den nya säkerhetskontexten: %s"
+
+#: plugins/sudoers/def_data.c:310
+#, c-format
+msgid "Path to the sudo-specific environment file: %s"
+msgstr "Sökväg till den sudo-specifika miljöfilen: %s"
+
+#: plugins/sudoers/def_data.c:314
+#, c-format
+msgid "Path to the restricted sudo-specific environment file: %s"
+msgstr "Sökväg till den begränsade sudo-specifika miljöfilen: %s"
+
+#: plugins/sudoers/def_data.c:318
+#, c-format
+msgid "Locale to use while parsing sudoers: %s"
+msgstr "Lokalanpassning att använda vid tolkning av sudoers: %s"
+
+#: plugins/sudoers/def_data.c:322
+msgid "Allow sudo to prompt for a password even if it would be visible"
+msgstr "Tillåt sudo att fråga efter ett lösenord även om det skulle vara synligt"
+
+#: plugins/sudoers/def_data.c:326
+msgid "Provide visual feedback at the password prompt when there is user input"
+msgstr "Ge visuell återkoppling vid lösenordsprompten när det finns användarinmatad data"
+
+#: plugins/sudoers/def_data.c:330
+msgid "Use faster globbing that is less accurate but does not access the filesystem"
+msgstr "Använd snabbare matchning som är mindre exakt men inte använder filsystemet"
+
+#: plugins/sudoers/def_data.c:334
+msgid "The umask specified in sudoers will override the user's, even if it is more permissive"
+msgstr "Umasken angiven i sudoers kommer att åsidosätta användarens, även om den är mer tillåtande"
+
+#: plugins/sudoers/def_data.c:338
+msgid "Log user's input for the command being run"
+msgstr "Logga användarens inmatning för kommandot som körs"
+
+#: plugins/sudoers/def_data.c:342
+msgid "Log the output of the command being run"
+msgstr "Logga utmatningen för kommandot som körs"
+
+#: plugins/sudoers/def_data.c:346
+msgid "Compress I/O logs using zlib"
+msgstr "Komprimera I/O-loggar med hjälp av zlib"
+
+#: plugins/sudoers/def_data.c:350
+msgid "Always run commands in a pseudo-tty"
+msgstr "Kör alltid kommandon i en pseudo-tty"
+
+#: plugins/sudoers/def_data.c:354
+#, c-format
+msgid "Plugin for non-Unix group support: %s"
+msgstr "Insticksmodul för stöd för icke-Unix-grupper: %s"
+
+#: plugins/sudoers/def_data.c:358
+#, c-format
+msgid "Directory in which to store input/output logs: %s"
+msgstr "Katalog i vilken in-/utmatningsloggar lagras: %s"
+
+#: plugins/sudoers/def_data.c:362
+#, c-format
+msgid "File in which to store the input/output log: %s"
+msgstr "Fil i vilken in-/utmatningsloggar lagras: %s"
+
+#: plugins/sudoers/def_data.c:366
+msgid "Add an entry to the utmp/utmpx file when allocating a pty"
+msgstr "Lägg till en post till utmp/utmpx-filen när en pty allokeras"
+
+#: plugins/sudoers/def_data.c:370
+msgid "Set the user in utmp to the runas user, not the invoking user"
+msgstr "Sätt användaren i utmp till runas-användaren, inte användaren som anropar"
+
+#: plugins/sudoers/def_data.c:374
+#, c-format
+msgid "Set of permitted privileges: %s"
+msgstr "Uppsättning tillåtna rättigheter: %s"
+
+#: plugins/sudoers/def_data.c:378
+#, c-format
+msgid "Set of limit privileges: %s"
+msgstr "Uppsättning av begränsningsrättigheter: %s"
+
+#: plugins/sudoers/def_data.c:382
+msgid "Run commands on a pty in the background"
+msgstr "Kör kommandon i en pty i bakgrunden"
+
+#: plugins/sudoers/def_data.c:386
+#, c-format
+msgid "PAM service name to use: %s"
+msgstr "PAM-tjänstnamn att använda: %s"
+
+#: plugins/sudoers/def_data.c:390
+#, c-format
+msgid "PAM service name to use for login shells: %s"
+msgstr "PAM-tjänstnamn att använda för inloggningsskal: %s"
+
+#: plugins/sudoers/def_data.c:394
+msgid "Attempt to establish PAM credentials for the target user"
+msgstr "Försök att etablera PAM-inloggningsuppgifter för målanvändaren"
+
+#: plugins/sudoers/def_data.c:398
+msgid "Create a new PAM session for the command to run in"
+msgstr "Skapa en ny PAM-session för kommandot att köra i"
+
+#: plugins/sudoers/def_data.c:402
+#, c-format
+msgid "Maximum I/O log sequence number: %u"
+msgstr "Största sekvensnummer i I/O-logg: %u"
+
+#: plugins/sudoers/def_data.c:406
+msgid "Enable sudoers netgroup support"
+msgstr "Aktivera sudoers nätgruppsstöd"
+
+#: plugins/sudoers/def_data.c:410
+msgid "Check parent directories for writability when editing files with sudoedit"
+msgstr "Kontrollera överordnade kataloger för skrivbarhet när filer redigeras med sudoedit"
+
+#: plugins/sudoers/def_data.c:414
+msgid "Follow symbolic links when editing files with sudoedit"
+msgstr "Följ symboliska länkar när filer redigeras med sudoedit"
+
+#: plugins/sudoers/def_data.c:418
+msgid "Query the group plugin for unknown system groups"
+msgstr "Fråga gruppinsticksmodulen efter okända systemgrupper"
+
+#: plugins/sudoers/def_data.c:422
+msgid "Match netgroups based on the entire tuple: user, host and domain"
+msgstr "Matcha nätgrupper baserat på hela tupeln: användare, värd och domän"
+
+#: plugins/sudoers/def_data.c:426
+msgid "Allow commands to be run even if sudo cannot write to the audit log"
+msgstr "Tillåt kommandon att köras även om sudo inte kan skriva till granskningsloggen"
+
+#: plugins/sudoers/def_data.c:430
+msgid "Allow commands to be run even if sudo cannot write to the I/O log"
+msgstr "Tillåt kommandon att köras även om sudo inte kan skriva I/O-loggen"
+
+#: plugins/sudoers/def_data.c:434
+msgid "Allow commands to be run even if sudo cannot write to the log file"
+msgstr "Tillåt kommandon att köras även om sudo inte kan skriva till loggfilen"
+
+#: plugins/sudoers/def_data.c:438
+msgid "Resolve groups in sudoers and match on the group ID, not the name"
+msgstr "Gör namnupplösning för grupper i sudoers och matcha efter grupp-ID, inte namnet"
+
+#: plugins/sudoers/def_data.c:442
+#, c-format
+msgid "Log entries larger than this value will be split into multiple syslog messages: %u"
+msgstr "Loggposter större än detta värde kommer att delas upp i flera syslog-meddelanden: %u"
+
+#: plugins/sudoers/def_data.c:446
+#, c-format
+msgid "User that will own the I/O log files: %s"
+msgstr "Användare som kommer att äga I/O-loggfilerna: %s"
+
+#: plugins/sudoers/def_data.c:450
+#, c-format
+msgid "Group that will own the I/O log files: %s"
+msgstr "Grupp som kommer att äga I/O-loggfilerna: %s"
+
+#: plugins/sudoers/def_data.c:454
+#, c-format
+msgid "File mode to use for the I/O log files: 0%o"
+msgstr "Filrättigheter att använda för I/O-loggfilerna: 0%o"
+
+#: plugins/sudoers/def_data.c:458
+#, c-format
+msgid "Execute commands by file descriptor instead of by path: %s"
+msgstr "Exekvera kommandon efter fildeskriptor istället för efter sökväg: %s"
+
+#: plugins/sudoers/def_data.c:462
+msgid "Ignore unknown Defaults entries in sudoers instead of producing a warning"
+msgstr "Hoppa över okända Defaults-poster i sudoers istället för att skriva ut en varning"
+
+#: plugins/sudoers/def_data.c:466
+#, c-format
+msgid "Time in seconds after which the command will be terminated: %u"
+msgstr "Tid i sekunder efter vilka kommandot kommer att avslutas: %u"
+
+#: plugins/sudoers/def_data.c:470
+msgid "Allow the user to specify a timeout on the command line"
+msgstr "Tillåt användaren att ange en tidsgräns på kommandoraden"
+
+#: plugins/sudoers/def_data.c:474
+msgid "Flush I/O log data to disk immediately instead of buffering it"
+msgstr "Spola ut I/O-loggdata till disk omedelbart istället för att buffra det"
+
+#: plugins/sudoers/def_data.c:478
+msgid "Include the process ID when logging via syslog"
+msgstr "Inkludera process-ID:t vid loggning via syslog"
+
+#: plugins/sudoers/def_data.c:482
+#, c-format
+msgid "Type of authentication timestamp record: %s"
+msgstr "Typ av post för autentiseringstidsstämplar: %s"
+
+#: plugins/sudoers/def_data.c:486
+#, c-format
+msgid "Authentication failure message: %s"
+msgstr "Autentiseringsfelsmeddelande: %s"
+
+#: plugins/sudoers/def_data.c:490
+msgid "Ignore case when matching user names"
+msgstr "Matcha användarnamn skiftlägesokänsligt"
+
+#: plugins/sudoers/def_data.c:494
+msgid "Ignore case when matching group names"
+msgstr "Matcha gruppnamn skiftlägesokänsligt"
+
+#: plugins/sudoers/defaults.c:229
+#, c-format
+msgid "%s:%d unknown defaults entry \"%s\""
+msgstr "%s:%d okänd standardpost ”%s”"
+
+#: plugins/sudoers/defaults.c:232
+#, c-format
+msgid "%s: unknown defaults entry \"%s\""
+msgstr "%s: okänd standardpost ”%s”"
+
+#: plugins/sudoers/defaults.c:275
+#, c-format
+msgid "%s:%d no value specified for \"%s\""
+msgstr "%s:%d inget värde angivet för ”%s”"
+
+#: plugins/sudoers/defaults.c:278
+#, c-format
+msgid "%s: no value specified for \"%s\""
+msgstr "%s: inget värde angivet för ”%s”"
+
+#: plugins/sudoers/defaults.c:298
+#, c-format
+msgid "%s:%d values for \"%s\" must start with a '/'"
+msgstr "%s:%d värden för ”%s” måste börja med ett ”/”"
+
+#: plugins/sudoers/defaults.c:301
+#, c-format
+msgid "%s: values for \"%s\" must start with a '/'"
+msgstr "%s: värden för ”%s” måste börja med ett ”/”"
+
+#: plugins/sudoers/defaults.c:323
+#, c-format
+msgid "%s:%d option \"%s\" does not take a value"
+msgstr "%s:%d flaggan ”%s” tar inte emot något värde"
+
+#: plugins/sudoers/defaults.c:326
+#, c-format
+msgid "%s: option \"%s\" does not take a value"
+msgstr "%s: flaggan ”%s” tar inte emot något värde"
+
+#: plugins/sudoers/defaults.c:351
+#, c-format
+msgid "%s:%d invalid Defaults type 0x%x for option \"%s\""
+msgstr "%s:%d ogiltig standardtyp 0x%x för flagga ”%s”"
+
+#: plugins/sudoers/defaults.c:354
+#, c-format
+msgid "%s: invalid Defaults type 0x%x for option \"%s\""
+msgstr "%s: ogiltig standardtyp 0x%x för flagga ”%s”"
+
+#: plugins/sudoers/defaults.c:364
+#, c-format
+msgid "%s:%d value \"%s\" is invalid for option \"%s\""
+msgstr "%s:%d värdet ”%s” är ogiltigt för flaggan ”%s”"
+
+#: plugins/sudoers/defaults.c:367
+#, c-format
+msgid "%s: value \"%s\" is invalid for option \"%s\""
+msgstr "%s: värdet ”%s” är ogiltigt för flaggan ”%s”"
+
+#: plugins/sudoers/env.c:390
+msgid "sudo_putenv: corrupted envp, length mismatch"
+msgstr "sudo_putenv: trasig envp, längd stämmer inte"
+
+#: plugins/sudoers/env.c:1111
+msgid "unable to rebuild the environment"
+msgstr "kan inte återuppbygga miljön"
+
+#: plugins/sudoers/env.c:1185
+#, c-format
+msgid "sorry, you are not allowed to set the following environment variables: %s"
+msgstr "du får inte lov att ställa in följande miljövariabler: %s"
+
+#: plugins/sudoers/file.c:114
+#, c-format
+msgid "parse error in %s near line %d"
+msgstr "tolkningsfel i %s nära rad %d"
+
+#: plugins/sudoers/file.c:117
+#, c-format
+msgid "parse error in %s"
+msgstr "tolkningsfel i %s"
+
+#: plugins/sudoers/filedigest.c:59
+#, c-format
+msgid "unsupported digest type %d for %s"
+msgstr "typ %d av kontrollsumma stöds inte för %s"
+
+#: plugins/sudoers/filedigest.c:88
+#, c-format
+msgid "%s: read error"
+msgstr "%s: läsfel"
+
+#: plugins/sudoers/group_plugin.c:88
+#, c-format
+msgid "%s must be owned by uid %d"
+msgstr "%s måste ägas av uid %d"
+
+#: plugins/sudoers/group_plugin.c:92
+#, c-format
+msgid "%s must only be writable by owner"
+msgstr "%s får endast vara skrivbar av ägaren"
+
+#: plugins/sudoers/group_plugin.c:100 plugins/sudoers/sssd.c:561
+#, c-format
+msgid "unable to load %s: %s"
+msgstr "kan inte läsa in %s: %s"
+
+#: plugins/sudoers/group_plugin.c:106
+#, c-format
+msgid "unable to find symbol \"group_plugin\" in %s"
+msgstr "kunde inte hitta symbolen ”group_plugin” i %s"
+
+#: plugins/sudoers/group_plugin.c:111
+#, c-format
+msgid "%s: incompatible group plugin major version %d, expected %d"
+msgstr "%s: inkompatibel gruppinsticksmodul huvudversion %d, förväntade %d"
+
+#: plugins/sudoers/interfaces.c:84 plugins/sudoers/interfaces.c:101
+#, c-format
+msgid "unable to parse IP address \"%s\""
+msgstr "kan inte tolka IP-adress ”%s”"
+
+#: plugins/sudoers/interfaces.c:89 plugins/sudoers/interfaces.c:106
+#, c-format
+msgid "unable to parse netmask \"%s\""
+msgstr "kan inte tolka nätmask ”%s”"
+
+#: plugins/sudoers/interfaces.c:134
+msgid "Local IP address and netmask pairs:\n"
+msgstr "Lokala IP-adress- och nätmaskpar:\n"
+
+#: plugins/sudoers/iolog.c:115 plugins/sudoers/mkdir_parents.c:80
+#, c-format
+msgid "%s exists but is not a directory (0%o)"
+msgstr "%s finns men är inte en katalog (0%o)"
+
+#: plugins/sudoers/iolog.c:140 plugins/sudoers/iolog.c:180
+#: plugins/sudoers/mkdir_parents.c:69 plugins/sudoers/timestamp.c:210
+#, c-format
+msgid "unable to mkdir %s"
+msgstr "kunde inte skapa katalogen %s"
+
+#: plugins/sudoers/iolog.c:184 plugins/sudoers/visudo.c:723
+#: plugins/sudoers/visudo.c:734
+#, c-format
+msgid "unable to change mode of %s to 0%o"
+msgstr "kan inte ändra läge för %s till 0%o"
+
+#: plugins/sudoers/iolog.c:292 plugins/sudoers/sudoers.c:1167
+#: plugins/sudoers/testsudoers.c:422
+#, c-format
+msgid "unknown group: %s"
+msgstr "okänd grupp: %s"
+
+#: plugins/sudoers/iolog.c:462 plugins/sudoers/sudoers.c:907
+#: plugins/sudoers/sudoreplay.c:840 plugins/sudoers/sudoreplay.c:1536
+#: plugins/sudoers/tsdump.c:143
+#, c-format
+msgid "unable to read %s"
+msgstr "kunde inte läsa %s"
+
+#: plugins/sudoers/iolog.c:577 plugins/sudoers/iolog.c:797
+#, c-format
+msgid "unable to create %s"
+msgstr "kunde inte skapa %s"
+
+#: plugins/sudoers/iolog.c:820 plugins/sudoers/iolog.c:1035
+#: plugins/sudoers/iolog.c:1111 plugins/sudoers/iolog.c:1205
+#: plugins/sudoers/iolog.c:1265
+#, c-format
+msgid "unable to write to I/O log file: %s"
+msgstr "kunde inte skriva till I/O-loggfil: %s"
+
+#: plugins/sudoers/iolog.c:1069
+#, c-format
+msgid "%s: internal error, I/O log file for event %d not open"
+msgstr "%s: internt fel, I/O-loggfil för event %d inte öppen"
+
+#: plugins/sudoers/iolog.c:1228
+#, c-format
+msgid "%s: internal error, invalid signal %d"
+msgstr "%s: internt fel, ogiltig signal %d"
+
+#: plugins/sudoers/iolog_util.c:87
+#, c-format
+msgid "%s: invalid log file"
+msgstr "%s: ogiltig loggfil"
+
+#: plugins/sudoers/iolog_util.c:105
+#, c-format
+msgid "%s: time stamp field is missing"
+msgstr "%s: tidsstämpelfält saknas"
+
+#: plugins/sudoers/iolog_util.c:111
+#, c-format
+msgid "%s: time stamp %s: %s"
+msgstr "%s: tidsstämpel %s: %s"
+
+#: plugins/sudoers/iolog_util.c:118
+#, c-format
+msgid "%s: user field is missing"
+msgstr "%s: användarfältet saknas"
+
+#: plugins/sudoers/iolog_util.c:127
+#, c-format
+msgid "%s: runas user field is missing"
+msgstr "%s: runas-användarfältet saknas"
+
+#: plugins/sudoers/iolog_util.c:136
+#, c-format
+msgid "%s: runas group field is missing"
+msgstr "%s: runas-gruppfältet saknas"
+
+#: plugins/sudoers/ldap.c:176 plugins/sudoers/ldap_conf.c:294
+msgid "starttls not supported when using ldaps"
+msgstr "starttls stöds inte när ldaps används"
+
+#: plugins/sudoers/ldap.c:247
+#, c-format
+msgid "unable to initialize SSL cert and key db: %s"
+msgstr "kan inte initiera SSL-certifikat och nyckeldatabas: %s"
+
+#: plugins/sudoers/ldap.c:250
+#, c-format
+msgid "you must set TLS_CERT in %s to use SSL"
+msgstr "du måste ställa in TLS_CERT i %s för att använda SSL"
+
+#: plugins/sudoers/ldap.c:1612
+#, c-format
+msgid "unable to initialize LDAP: %s"
+msgstr "kunde inte initiera LDAP: %s"
+
+#: plugins/sudoers/ldap.c:1648
+msgid "start_tls specified but LDAP libs do not support ldap_start_tls_s() or ldap_start_tls_s_np()"
+msgstr "start_tls angivet men LDAP-bibliotek har inte stöd för ldap_start_tls_s() eller ldap_start_tls_s_np()"
+
+#: plugins/sudoers/ldap.c:1785 plugins/sudoers/parse_ldif.c:735
+#, c-format
+msgid "invalid sudoOrder attribute: %s"
+msgstr "ogiltigt sudoOrder-attribut: %s"
+
+#: plugins/sudoers/ldap_conf.c:203
+msgid "sudo_ldap_conf_add_ports: port too large"
+msgstr "sudo_ldap_conf_add_ports: port är för stor"
+
+#: plugins/sudoers/ldap_conf.c:263
+#, c-format
+msgid "unsupported LDAP uri type: %s"
+msgstr "LDAP-uri-typ stöds ej: %s"
+
+#: plugins/sudoers/ldap_conf.c:290
+msgid "unable to mix ldap and ldaps URIs"
+msgstr "kan inte blanda ldap- och ldaps-URI:er"
+
+#: plugins/sudoers/ldap_util.c:454 plugins/sudoers/ldap_util.c:456
+#, c-format
+msgid "unable to convert sudoOption: %s%s%s"
+msgstr "kunde inte konvertera sudoOption: %s%s%s"
+
+#: plugins/sudoers/linux_audit.c:57
+msgid "unable to open audit system"
+msgstr "kan inte öppna granskningssystem"
+
+#: plugins/sudoers/linux_audit.c:98
+msgid "unable to send audit message"
+msgstr "kan inte skicka granskningsmeddelande"
+
+#: plugins/sudoers/logging.c:113
+#, c-format
+msgid "%8s : %s"
+msgstr "%8s : %s"
+
+#: plugins/sudoers/logging.c:141
+#, c-format
+msgid "%8s : (command continued) %s"
+msgstr "%8s : (kommando fortsätter) %s"
+
+#: plugins/sudoers/logging.c:170
+#, c-format
+msgid "unable to open log file: %s"
+msgstr "kunde inte öppna loggfil: %s"
+
+#: plugins/sudoers/logging.c:178
+#, c-format
+msgid "unable to lock log file: %s"
+msgstr "kunde inte låsa loggfil: %s"
+
+#: plugins/sudoers/logging.c:211
+#, c-format
+msgid "unable to write log file: %s"
+msgstr "kunde inte skriva till loggfil: %s"
+
+#: plugins/sudoers/logging.c:240
+msgid "No user or host"
+msgstr "Ingen användare eller värddator"
+
+#: plugins/sudoers/logging.c:242
+msgid "validation failure"
+msgstr "valideringsfel"
+
+#: plugins/sudoers/logging.c:249
+msgid "user NOT in sudoers"
+msgstr "användare finns INTE i sudoers"
+
+#: plugins/sudoers/logging.c:251
+msgid "user NOT authorized on host"
+msgstr "användaren är INTE auktoriserad på värddatorn"
+
+#: plugins/sudoers/logging.c:253
+msgid "command not allowed"
+msgstr "kommandot tillåts inte"
+
+#: plugins/sudoers/logging.c:288
+#, c-format
+msgid "%s is not in the sudoers file.  This incident will be reported.\n"
+msgstr "%s finns inte i filen sudoers.  Denna incident kommer att rapporteras.\n"
+
+#: plugins/sudoers/logging.c:291
+#, c-format
+msgid "%s is not allowed to run sudo on %s.  This incident will be reported.\n"
+msgstr "%s tillåts inte att köra sudo på %s.  Denna incident kommer att rapporteras.\n"
+
+#: plugins/sudoers/logging.c:295
+#, c-format
+msgid "Sorry, user %s may not run sudo on %s.\n"
+msgstr "Tyvärr, användaren %s får inte köra sudo på %s.\n"
+
+#: plugins/sudoers/logging.c:298
+#, c-format
+msgid "Sorry, user %s is not allowed to execute '%s%s%s' as %s%s%s on %s.\n"
+msgstr "Tyvärr, användaren %s tillåts inte att köra ”%s%s%s” som %s%s%s på %s.\n"
+
+#: plugins/sudoers/logging.c:335 plugins/sudoers/sudoers.c:438
+#: plugins/sudoers/sudoers.c:440 plugins/sudoers/sudoers.c:442
+#: plugins/sudoers/sudoers.c:444 plugins/sudoers/sudoers.c:599
+#: plugins/sudoers/sudoers.c:601
+#, c-format
+msgid "%s: command not found"
+msgstr "%s: kommandot hittades inte"
+
+#: plugins/sudoers/logging.c:337 plugins/sudoers/sudoers.c:434
+#, c-format
+msgid ""
+"ignoring \"%s\" found in '.'\n"
+"Use \"sudo ./%s\" if this is the \"%s\" you wish to run."
+msgstr ""
+"ignorerar ”%s” som hittades i ”.”\n"
+"Använd ”sudo ./%s” om detta är den ”%s” som du vill köra."
+
+#: plugins/sudoers/logging.c:354
+msgid "authentication failure"
+msgstr "autentiseringsfel"
+
+#: plugins/sudoers/logging.c:380
+msgid "a password is required"
+msgstr "ett lösenord krävs"
+
+#: plugins/sudoers/logging.c:443
+#, c-format
+msgid "%u incorrect password attempt"
+msgid_plural "%u incorrect password attempts"
+msgstr[0] "%u felaktigt lösenordsförsök"
+msgstr[1] "%u felaktiga lösenordsförsök"
+
+#: plugins/sudoers/logging.c:666
+msgid "unable to fork"
+msgstr "kunde inte grena process"
+
+#: plugins/sudoers/logging.c:674 plugins/sudoers/logging.c:726
+#, c-format
+msgid "unable to fork: %m"
+msgstr "kunde inte grena process: %m"
+
+#: plugins/sudoers/logging.c:716
+#, c-format
+msgid "unable to open pipe: %m"
+msgstr "kunde inte öppna rör: %m"
+
+#: plugins/sudoers/logging.c:741
+#, c-format
+msgid "unable to dup stdin: %m"
+msgstr "kan inte duplicera stdin: %m"
+
+#: plugins/sudoers/logging.c:779
+#, c-format
+msgid "unable to execute %s: %m"
+msgstr "kunde inte köra %s: %m"
+
+#: plugins/sudoers/match.c:874
+#, c-format
+msgid "digest for %s (%s) is not in %s form"
+msgstr "kontrollsumma för %s (%s) är inte på %s-form"
+
+#: plugins/sudoers/mkdir_parents.c:75 plugins/sudoers/sudoers.c:918
+#: plugins/sudoers/visudo.c:421 plugins/sudoers/visudo.c:717
+#, c-format
+msgid "unable to stat %s"
+msgstr "kunde inte ta status på %s"
+
+#: plugins/sudoers/parse.c:444
+#, c-format
+msgid ""
+"\n"
+"LDAP Role: %s\n"
+msgstr ""
+"\n"
+"LDAP-roll: %s\n"
+
+#: plugins/sudoers/parse.c:447
+#, c-format
+msgid ""
+"\n"
+"Sudoers entry:\n"
+msgstr ""
+"\n"
+"Sudoers-post:\n"
+
+#: plugins/sudoers/parse.c:449
+#, c-format
+msgid "    RunAsUsers: "
+msgstr "    KörSomAnvändare: "
+
+#: plugins/sudoers/parse.c:464
+#, c-format
+msgid "    RunAsGroups: "
+msgstr "    KörSomGrupper: "
+
+#: plugins/sudoers/parse.c:474
+#, c-format
+msgid "    Options: "
+msgstr "    Flaggor: "
+
+#: plugins/sudoers/parse.c:528
+#, c-format
+msgid "    Commands:\n"
+msgstr "    Kommandon:\n"
+
+#: plugins/sudoers/parse.c:719
+#, c-format
+msgid "Matching Defaults entries for %s on %s:\n"
+msgstr "Matchande standardposter för %s på %s:\n"
+
+#: plugins/sudoers/parse.c:737
+#, c-format
+msgid "Runas and Command-specific defaults for %s:\n"
+msgstr "Runas- och kommando-specifika standardvärden för %s:\n"
+
+#: plugins/sudoers/parse.c:755
+#, c-format
+msgid "User %s may run the following commands on %s:\n"
+msgstr "Användare %s får köra följande kommandon på %s:\n"
+
+#: plugins/sudoers/parse.c:770
+#, c-format
+msgid "User %s is not allowed to run sudo on %s.\n"
+msgstr "Användaren %s tillåts inte att köra sudo på %s.\n"
+
+#: plugins/sudoers/parse_ldif.c:145
+#, c-format
+msgid "ignoring invalid attribute value: %s"
+msgstr "ignorerar ogiltigt attributvärde: %s"
+
+#: plugins/sudoers/parse_ldif.c:584
+#, c-format
+msgid "ignoring incomplete sudoRole: cn: %s"
+msgstr "hoppar över ofullständig sudoRole: cn: %s"
+
+#: plugins/sudoers/policy.c:88 plugins/sudoers/policy.c:114
+#, c-format
+msgid "invalid %.*s set by sudo front-end"
+msgstr "ogiltigt %.*s inställt av sudo-framände"
+
+#: plugins/sudoers/policy.c:293 plugins/sudoers/testsudoers.c:278
+msgid "unable to parse network address list"
+msgstr "kan inte tolka nätverksadresslista"
+
+#: plugins/sudoers/policy.c:437
+msgid "user name not set by sudo front-end"
+msgstr "användarnamn inte inställt av sudo-framände"
+
+#: plugins/sudoers/policy.c:441
+msgid "user ID not set by sudo front-end"
+msgstr "användar-ID inte inställt av sudo-framände"
+
+#: plugins/sudoers/policy.c:445
+msgid "group ID not set by sudo front-end"
+msgstr "grupp-ID inte inställt av sudo-framände"
+
+#: plugins/sudoers/policy.c:449
+msgid "host name not set by sudo front-end"
+msgstr "värdnamn inte inställt av sudo-framände"
+
+#: plugins/sudoers/policy.c:802 plugins/sudoers/visudo.c:220
+#: plugins/sudoers/visudo.c:851
+#, c-format
+msgid "unable to execute %s"
+msgstr "kunde inte köra %s"
+
+#: plugins/sudoers/policy.c:933
+#, c-format
+msgid "Sudoers policy plugin version %s\n"
+msgstr "Sudoers policyinsticksmodul version %s\n"
+
+#: plugins/sudoers/policy.c:935
+#, c-format
+msgid "Sudoers file grammar version %d\n"
+msgstr "Sudoers-filgrammatik version %d\n"
+
+#: plugins/sudoers/policy.c:939
+#, c-format
+msgid ""
+"\n"
+"Sudoers path: %s\n"
+msgstr ""
+"\n"
+"Sökväg till sudoers: %s\n"
+
+#: plugins/sudoers/policy.c:942
+#, c-format
+msgid "nsswitch path: %s\n"
+msgstr "Sökväg till nsswitch: %s\n"
+
+#: plugins/sudoers/policy.c:944
+#, c-format
+msgid "ldap.conf path: %s\n"
+msgstr "Sökväg till ldap.conf: %s\n"
+
+#: plugins/sudoers/policy.c:945
+#, c-format
+msgid "ldap.secret path: %s\n"
+msgstr "Sökväg till ldap.secret: %s\n"
+
+#: plugins/sudoers/policy.c:978
+#, c-format
+msgid "unable to register hook of type %d (version %d.%d)"
+msgstr "kan inte registrera krok av typ %d (version %d.%d)"
+
+#: plugins/sudoers/pwutil.c:220 plugins/sudoers/pwutil.c:239
+#, c-format
+msgid "unable to cache uid %u, out of memory"
+msgstr "kan inte cacha uid %u, slut på minne"
+
+#: plugins/sudoers/pwutil.c:233
+#, c-format
+msgid "unable to cache uid %u, already exists"
+msgstr "kan inte cacha uid %u, finns redan"
+
+#: plugins/sudoers/pwutil.c:293 plugins/sudoers/pwutil.c:311
+#: plugins/sudoers/pwutil.c:373 plugins/sudoers/pwutil.c:418
+#, c-format
+msgid "unable to cache user %s, out of memory"
+msgstr "kan inte cacha användare %s, slut på minne"
+
+#: plugins/sudoers/pwutil.c:306
+#, c-format
+msgid "unable to cache user %s, already exists"
+msgstr "kan inte cacha användare %s, finns redan"
+
+#: plugins/sudoers/pwutil.c:537 plugins/sudoers/pwutil.c:556
+#, c-format
+msgid "unable to cache gid %u, out of memory"
+msgstr "kan inte cacha gid %u, slut på minne"
+
+#: plugins/sudoers/pwutil.c:550
+#, c-format
+msgid "unable to cache gid %u, already exists"
+msgstr "kan inte cacha gid %u, finns redan"
+
+#: plugins/sudoers/pwutil.c:604 plugins/sudoers/pwutil.c:622
+#: plugins/sudoers/pwutil.c:669 plugins/sudoers/pwutil.c:711
+#, c-format
+msgid "unable to cache group %s, out of memory"
+msgstr "kan inte cacha grupp %s, slut på minne"
+
+#: plugins/sudoers/pwutil.c:617
+#, c-format
+msgid "unable to cache group %s, already exists"
+msgstr "kan inte cacha grupp %s, finns redan"
+
+#: plugins/sudoers/pwutil.c:837 plugins/sudoers/pwutil.c:889
+#: plugins/sudoers/pwutil.c:940 plugins/sudoers/pwutil.c:993
+#, c-format
+msgid "unable to cache group list for %s, already exists"
+msgstr "kan inte cacha grupplista för %s, finns redan"
+
+#: plugins/sudoers/pwutil.c:843 plugins/sudoers/pwutil.c:894
+#: plugins/sudoers/pwutil.c:946 plugins/sudoers/pwutil.c:998
+#, c-format
+msgid "unable to cache group list for %s, out of memory"
+msgstr "kan inte cacha grupplista för %s, slut på minne"
+
+#: plugins/sudoers/pwutil.c:883
+#, c-format
+msgid "unable to parse groups for %s"
+msgstr "kan inte tolka grupper för %s"
+
+#: plugins/sudoers/pwutil.c:987
+#, c-format
+msgid "unable to parse gids for %s"
+msgstr "kan inte tolka gids för %s"
+
+#: plugins/sudoers/set_perms.c:118 plugins/sudoers/set_perms.c:474
+#: plugins/sudoers/set_perms.c:917 plugins/sudoers/set_perms.c:1244
+#: plugins/sudoers/set_perms.c:1561
+msgid "perm stack overflow"
+msgstr "perm-stackspill"
+
+#: plugins/sudoers/set_perms.c:126 plugins/sudoers/set_perms.c:405
+#: plugins/sudoers/set_perms.c:482 plugins/sudoers/set_perms.c:784
+#: plugins/sudoers/set_perms.c:925 plugins/sudoers/set_perms.c:1168
+#: plugins/sudoers/set_perms.c:1252 plugins/sudoers/set_perms.c:1494
+#: plugins/sudoers/set_perms.c:1569 plugins/sudoers/set_perms.c:1659
+msgid "perm stack underflow"
+msgstr "perm-stackunderspill"
+
+#: plugins/sudoers/set_perms.c:185 plugins/sudoers/set_perms.c:528
+#: plugins/sudoers/set_perms.c:1303 plugins/sudoers/set_perms.c:1601
+msgid "unable to change to root gid"
+msgstr "kan inte ändra till root-gid"
+
+#: plugins/sudoers/set_perms.c:274 plugins/sudoers/set_perms.c:625
+#: plugins/sudoers/set_perms.c:1054 plugins/sudoers/set_perms.c:1380
+msgid "unable to change to runas gid"
+msgstr "kan inte ändra till runas-gid"
+
+#: plugins/sudoers/set_perms.c:279 plugins/sudoers/set_perms.c:630
+#: plugins/sudoers/set_perms.c:1059 plugins/sudoers/set_perms.c:1385
+msgid "unable to set runas group vector"
+msgstr "kan inte ställa in gruppvektor för runas"
+
+#: plugins/sudoers/set_perms.c:290 plugins/sudoers/set_perms.c:641
+#: plugins/sudoers/set_perms.c:1068 plugins/sudoers/set_perms.c:1394
+msgid "unable to change to runas uid"
+msgstr "kan inte ändra till runas-uid"
+
+#: plugins/sudoers/set_perms.c:308 plugins/sudoers/set_perms.c:659
+#: plugins/sudoers/set_perms.c:1084 plugins/sudoers/set_perms.c:1410
+msgid "unable to change to sudoers gid"
+msgstr "kan inte ändra till sudoers-gid"
+
+#: plugins/sudoers/set_perms.c:392 plugins/sudoers/set_perms.c:771
+#: plugins/sudoers/set_perms.c:1155 plugins/sudoers/set_perms.c:1481
+#: plugins/sudoers/set_perms.c:1646
+msgid "too many processes"
+msgstr "för många processer"
+
+#: plugins/sudoers/solaris_audit.c:56
+msgid "unable to get current working directory"
+msgstr "kan inte hämta aktuell arbetskatalog"
+
+#: plugins/sudoers/solaris_audit.c:64
+#, c-format
+msgid "truncated audit path user_cmnd: %s"
+msgstr "trunkerad granskningssökväg user_cmnd: %s"
+
+#: plugins/sudoers/solaris_audit.c:71
+#, c-format
+msgid "truncated audit path argv[0]: %s"
+msgstr "trunkerad granskningssökväg argv[0]: %s"
+
+#: plugins/sudoers/solaris_audit.c:120
+msgid "audit_failure message too long"
+msgstr "audit_failure-meddelande för långt"
+
+#: plugins/sudoers/sssd.c:563
+msgid "unable to initialize SSS source. Is SSSD installed on your machine?"
+msgstr "kan inte initiera SSS-källa. Är SSSD installerat på din maskin?"
+
+#: plugins/sudoers/sssd.c:571 plugins/sudoers/sssd.c:580
+#: plugins/sudoers/sssd.c:589 plugins/sudoers/sssd.c:598
+#: plugins/sudoers/sssd.c:607
+#, c-format
+msgid "unable to find symbol \"%s\" in %s"
+msgstr "kan inte hitta symbol ”%s” i %s"
+
+#: plugins/sudoers/sudoers.c:208 plugins/sudoers/sudoers.c:864
+msgid "problem with defaults entries"
+msgstr "problem med standardposter"
+
+#: plugins/sudoers/sudoers.c:212
+msgid "no valid sudoers sources found, quitting"
+msgstr "inga giltiga sudoers-källor hittades, avslutar"
+
+#: plugins/sudoers/sudoers.c:250
+msgid "sudoers specifies that root is not allowed to sudo"
+msgstr "sudoers anger att root inte tillåts att använda sudo"
+
+#: plugins/sudoers/sudoers.c:308
+msgid "you are not permitted to use the -C option"
+msgstr "du tillåts inte att använda flaggan -C"
+
+#: plugins/sudoers/sudoers.c:355
+#, c-format
+msgid "timestamp owner (%s): No such user"
+msgstr "tidsstämpelägare (%s): Det finns ingen sådan användare"
+
+#: plugins/sudoers/sudoers.c:370
+msgid "no tty"
+msgstr "ingen tty"
+
+#: plugins/sudoers/sudoers.c:371
+msgid "sorry, you must have a tty to run sudo"
+msgstr "tyvärr, du måste ha en tty för att köra sudo"
+
+#: plugins/sudoers/sudoers.c:433
+msgid "command in current directory"
+msgstr "kommando i aktuell katalog"
+
+#: plugins/sudoers/sudoers.c:452
+msgid "sorry, you are not allowed set a command timeout"
+msgstr "tyvärr, du tillåts inte att ställa in en tidsgräns för kommandon"
+
+#: plugins/sudoers/sudoers.c:460
+msgid "sorry, you are not allowed to preserve the environment"
+msgstr "tyvärr, du tillåts inte att behålla miljövariabler"
+
+#: plugins/sudoers/sudoers.c:808
+msgid "command too long"
+msgstr "kommandot för långt"
+
+#: plugins/sudoers/sudoers.c:922
+#, c-format
+msgid "%s is not a regular file"
+msgstr "%s är inte en vanlig fil"
+
+#: plugins/sudoers/sudoers.c:926 plugins/sudoers/timestamp.c:257 toke.l:965
+#, c-format
+msgid "%s is owned by uid %u, should be %u"
+msgstr "%s ägs av uid %u, ska vara %u"
+
+#: plugins/sudoers/sudoers.c:930 toke.l:970
+#, c-format
+msgid "%s is world writable"
+msgstr "%s är skrivbar för alla"
+
+#: plugins/sudoers/sudoers.c:934 toke.l:973
+#, c-format
+msgid "%s is owned by gid %u, should be %u"
+msgstr "%s ägs av gid %u, ska vara %u"
+
+#: plugins/sudoers/sudoers.c:967
+#, c-format
+msgid "only root can use \"-c %s\""
+msgstr "endast root kan använda ”-c %s”"
+
+#: plugins/sudoers/sudoers.c:986
+#, c-format
+msgid "unknown login class: %s"
+msgstr "okänd inloggningsklass: %s"
+
+#: plugins/sudoers/sudoers.c:1069 plugins/sudoers/sudoers.c:1083
+#, c-format
+msgid "unable to resolve host %s"
+msgstr "kunde inte slå upp värddatorn %s"
+
+#: plugins/sudoers/sudoreplay.c:248
+#, c-format
+msgid "invalid filter option: %s"
+msgstr "ogiltig filterflagga: %s"
+
+#: plugins/sudoers/sudoreplay.c:261
+#, c-format
+msgid "invalid max wait: %s"
+msgstr "ogiltig största väntan: %s"
+
+#: plugins/sudoers/sudoreplay.c:284
+#, c-format
+msgid "invalid speed factor: %s"
+msgstr "ogiltig hastighetsfaktor: %s"
+
+#: plugins/sudoers/sudoreplay.c:319
+#, c-format
+msgid "%s/%.2s/%.2s/%.2s/timing: %s"
+msgstr "%s/%.2s/%.2s/%.2s/tidsmätning: %s"
+
+#: plugins/sudoers/sudoreplay.c:325
+#, c-format
+msgid "%s/%s/timing: %s"
+msgstr "%s/%s/tidsmätning: %s"
+
+#: plugins/sudoers/sudoreplay.c:341
+#, c-format
+msgid "Replaying sudo session: %s"
+msgstr "Spelar upp sudo-session: %s"
+
+#: plugins/sudoers/sudoreplay.c:539 plugins/sudoers/sudoreplay.c:586
+#: plugins/sudoers/sudoreplay.c:783 plugins/sudoers/sudoreplay.c:892
+#: plugins/sudoers/sudoreplay.c:977 plugins/sudoers/sudoreplay.c:992
+#: plugins/sudoers/sudoreplay.c:999 plugins/sudoers/sudoreplay.c:1006
+#: plugins/sudoers/sudoreplay.c:1013 plugins/sudoers/sudoreplay.c:1020
+#: plugins/sudoers/sudoreplay.c:1168
+msgid "unable to add event to queue"
+msgstr "kan inte lägga till händelse till kö"
+
+#: plugins/sudoers/sudoreplay.c:654
+msgid "unable to set tty to raw mode"
+msgstr "kan inte ställa in tty i råläge"
+
+#: plugins/sudoers/sudoreplay.c:705
+#, c-format
+msgid "Warning: your terminal is too small to properly replay the log.\n"
+msgstr "Varning: din terminal är för liten för att korrekt spela upp loggen.\n"
+
+#: plugins/sudoers/sudoreplay.c:706
+#, c-format
+msgid "Log geometry is %d x %d, your terminal's geometry is %d x %d."
+msgstr "Logg-geometri är %d x %d, din terminals geometri är %d x %d."
+
+#: plugins/sudoers/sudoreplay.c:734
+msgid "Replay finished, press any key to restore the terminal."
+msgstr "Uppspelning avslutad, tryck på en tangent för att återställa terminalen."
+
+#: plugins/sudoers/sudoreplay.c:766
+#, c-format
+msgid "invalid timing file line: %s"
+msgstr "ogiltig rad i tidsmätningsfil: %s"
+
+#: plugins/sudoers/sudoreplay.c:1202 plugins/sudoers/sudoreplay.c:1227
+#, c-format
+msgid "ambiguous expression \"%s\""
+msgstr "tvetydigt uttryck ”%s”"
+
+#: plugins/sudoers/sudoreplay.c:1249
+msgid "unmatched ')' in expression"
+msgstr "omatchat ”)” i uttryck"
+
+#: plugins/sudoers/sudoreplay.c:1253
+#, c-format
+msgid "unknown search term \"%s\""
+msgstr "okänt sökvillkor ”%s”"
+
+#: plugins/sudoers/sudoreplay.c:1268
+#, c-format
+msgid "%s requires an argument"
+msgstr "%s kräver ett argument"
+
+#: plugins/sudoers/sudoreplay.c:1271 plugins/sudoers/sudoreplay.c:1512
+#, c-format
+msgid "invalid regular expression: %s"
+msgstr "ogiltigt reguljärt uttryck: %s"
+
+#: plugins/sudoers/sudoreplay.c:1275
+#, c-format
+msgid "could not parse date \"%s\""
+msgstr "kunde inte tolka datumet ”%s”"
+
+#: plugins/sudoers/sudoreplay.c:1284
+msgid "unmatched '(' in expression"
+msgstr "omatchat ”(” i uttryck"
+
+#: plugins/sudoers/sudoreplay.c:1286
+msgid "illegal trailing \"or\""
+msgstr "ogiltigt avslutande ”or”"
+
+#: plugins/sudoers/sudoreplay.c:1288
+msgid "illegal trailing \"!\""
+msgstr "ogiltigt efterföljande ”!”"
+
+#: plugins/sudoers/sudoreplay.c:1338
+#, c-format
+msgid "unknown search type %d"
+msgstr "okänd söktyp %d"
+
+#: plugins/sudoers/sudoreplay.c:1605
+#, c-format
+msgid "usage: %s [-hnRS] [-d dir] [-m num] [-s num] ID\n"
+msgstr "användning: %s [-hnRS] [-d kat] [-m num] [-s num] ID\n"
+
+#: plugins/sudoers/sudoreplay.c:1608
+#, c-format
+msgid "usage: %s [-h] [-d dir] -l [search expression]\n"
+msgstr "användning: %s [-h] [-d kat] -l [sökuttryck]\n"
+
+#: plugins/sudoers/sudoreplay.c:1617
+#, c-format
+msgid ""
+"%s - replay sudo session logs\n"
+"\n"
+msgstr ""
+"%s - spela upp loggar från sudo-session\n"
+"\n"
+
+#: plugins/sudoers/sudoreplay.c:1619
+msgid ""
+"\n"
+"Options:\n"
+"  -d, --directory=dir  specify directory for session logs\n"
+"  -f, --filter=filter  specify which I/O type(s) to display\n"
+"  -h, --help           display help message and exit\n"
+"  -l, --list           list available session IDs, with optional expression\n"
+"  -m, --max-wait=num   max number of seconds to wait between events\n"
+"  -S, --suspend-wait   wait while the command was suspended\n"
+"  -s, --speed=num      speed up or slow down output\n"
+"  -V, --version        display version information and exit"
+msgstr ""
+"\n"
+"Flaggor:\n"
+"  -d, --directory=kat  ange katalog för sessionsloggar\n"
+"  -f, --filter=filter  ange vilka I/O-typer som ska visas\n"
+"  -h, --help           visa hjälptext och avsluta\n"
+"  -l, --list           lista tillgängliga sessions-ID:n, med valfritt uttryck\n"
+"  -m, --max-wait=num   största antal sekunder att vänta mellan händelser\n"
+"  -S, --suspend-wait   vänta medan kommandot var i viloläge\n"
+"  -s, --speed=num      påskynda eller fördröj utmatning\n"
+"  -V, --version        visa versionsinformation och avsluta"
+
+#: plugins/sudoers/testsudoers.c:360
+msgid "\thost  unmatched"
+msgstr "\tvärd  omatchad"
+
+#: plugins/sudoers/testsudoers.c:363
+msgid ""
+"\n"
+"Command allowed"
+msgstr ""
+"\n"
+"Kommandot tillåts"
+
+#: plugins/sudoers/testsudoers.c:364
+msgid ""
+"\n"
+"Command denied"
+msgstr ""
+"\n"
+"Kommandot nekades"
+
+#: plugins/sudoers/testsudoers.c:364
+msgid ""
+"\n"
+"Command unmatched"
+msgstr ""
+"\n"
+"Kommando omatchat"
+
+#: plugins/sudoers/timestamp.c:265
+#, c-format
+msgid "%s is group writable"
+msgstr "%s är skrivbar för gruppen"
+
+#: plugins/sudoers/timestamp.c:341
+#, c-format
+msgid "unable to truncate time stamp file to %lld bytes"
+msgstr "kunde inte trunkera tidsstämpelfil till %lld byte"
+
+#: plugins/sudoers/timestamp.c:827 plugins/sudoers/timestamp.c:919
+#: plugins/sudoers/visudo.c:482 plugins/sudoers/visudo.c:488
+msgid "unable to read the clock"
+msgstr "kunde inte läsa klockan"
+
+#: plugins/sudoers/timestamp.c:838
+msgid "ignoring time stamp from the future"
+msgstr "ignorerar tidsstämpel från framtiden"
+
+#: plugins/sudoers/timestamp.c:861
+#, c-format
+msgid "time stamp too far in the future: %20.20s"
+msgstr "tidsstämpel är för långt in i framtiden: %20.20s"
+
+#: plugins/sudoers/timestamp.c:983
+#, c-format
+msgid "unable to lock time stamp file %s"
+msgstr "kunde inte låsa tidsstämpelfil %s"
+
+#: plugins/sudoers/timestamp.c:1027 plugins/sudoers/timestamp.c:1047
+#, c-format
+msgid "lecture status path too long: %s/%s"
+msgstr "sökväg för lektionsstatus för lång: %s/%s"
+
+#: plugins/sudoers/visudo.c:216
+msgid "the -x option will be removed in a future release"
+msgstr "flaggan -x kommer att tas bort i en framtida version"
+
+#: plugins/sudoers/visudo.c:217
+msgid "please consider using the cvtsudoers utility instead"
+msgstr "överväg att använda verktyget cvtsudoers istället"
+
+#: plugins/sudoers/visudo.c:268 plugins/sudoers/visudo.c:650
+#, c-format
+msgid "press return to edit %s: "
+msgstr "tryck på retur för att redigera %s: "
+
+#: plugins/sudoers/visudo.c:329
+#, c-format
+msgid "specified editor (%s) doesn't exist"
+msgstr "angiven redigerare (%s) finns inte"
+
+#: plugins/sudoers/visudo.c:331
+#, c-format
+msgid "no editor found (editor path = %s)"
+msgstr "ingen textredigerare hittad (sökväg för textredigerare = %s)"
+
+#: plugins/sudoers/visudo.c:441 plugins/sudoers/visudo.c:449
+msgid "write error"
+msgstr "skrivfel"
+
+#: plugins/sudoers/visudo.c:495
+#, c-format
+msgid "unable to stat temporary file (%s), %s unchanged"
+msgstr "kan inte hämta filinformation för temporärfil (%s), %s oförändrad"
+
+# sebras: not an exact translation, but I think it captures the meaning of the original text.
+#: plugins/sudoers/visudo.c:502
+#, c-format
+msgid "zero length temporary file (%s), %s unchanged"
+msgstr "temporärfil tom (%s), %s oförändrad"
+
+#: plugins/sudoers/visudo.c:508
+#, c-format
+msgid "editor (%s) failed, %s unchanged"
+msgstr "redigeraren (%s) misslyckades, %s är oförändrad"
+
+#: plugins/sudoers/visudo.c:530
+#, c-format
+msgid "%s unchanged"
+msgstr "%s oförändrad"
+
+#: plugins/sudoers/visudo.c:589
+#, c-format
+msgid "unable to re-open temporary file (%s), %s unchanged."
+msgstr "kunde inte återöppna temporärfil (%s), %s är oförändrad."
+
+#: plugins/sudoers/visudo.c:601
+#, c-format
+msgid "unabled to parse temporary file (%s), unknown error"
+msgstr "kunde inte tolka temporärfil (%s), okänt fel"
+
+#: plugins/sudoers/visudo.c:639
+#, c-format
+msgid "internal error, unable to find %s in list!"
+msgstr "internt fel, kunde inte hitta %s i listan!"
+
+#: plugins/sudoers/visudo.c:719 plugins/sudoers/visudo.c:728
+#, c-format
+msgid "unable to set (uid, gid) of %s to (%u, %u)"
+msgstr "kunde inte ställa in (uid, gid) för %s till (%u, %u)"
+
+#: plugins/sudoers/visudo.c:751
+#, c-format
+msgid "%s and %s not on the same file system, using mv to rename"
+msgstr "%s och %s finns inte på samma filsystem, använder mv för att byta namn"
+
+#: plugins/sudoers/visudo.c:765
+#, c-format
+msgid "command failed: '%s %s %s', %s unchanged"
+msgstr "kommandot misslyckades: ”%s %s %s”, %s är oförändrad"
+
+#: plugins/sudoers/visudo.c:775
+#, c-format
+msgid "error renaming %s, %s unchanged"
+msgstr "fel vid namnbyte för %s, %s är oförändrad"
+
+#: plugins/sudoers/visudo.c:796
+msgid "What now? "
+msgstr "Nu då? "
+
+#: plugins/sudoers/visudo.c:810
+msgid ""
+"Options are:\n"
+"  (e)dit sudoers file again\n"
+"  e(x)it without saving changes to sudoers file\n"
+"  (Q)uit and save changes to sudoers file (DANGER!)\n"
+msgstr ""
+"Alternativen är:\n"
+"  r(e)digera sudoers-filen igen\n"
+"  avsluta (x) utan att spara ändringar i sudoers-filen\n"
+"  Avsluta (Q) och spara ändringar i sudoers-filen (FARLIGT!)\n"
+
+#: plugins/sudoers/visudo.c:856
+#, c-format
+msgid "unable to run %s"
+msgstr "kunde inte köra %s"
+
+#: plugins/sudoers/visudo.c:886
+#, c-format
+msgid "%s: wrong owner (uid, gid) should be (%u, %u)\n"
+msgstr "%s: felaktig ägare (uid, gid) ska vara (%u, %u)\n"
+
+#: plugins/sudoers/visudo.c:893
+#, c-format
+msgid "%s: bad permissions, should be mode 0%o\n"
+msgstr "%s: felaktiga rättigheter, bör vara läge 0%o\n"
+
+#: plugins/sudoers/visudo.c:950 plugins/sudoers/visudo.c:957
+#, c-format
+msgid "%s: parsed OK\n"
+msgstr "%s: tolkad OK\n"
+
+#: plugins/sudoers/visudo.c:976
+#, c-format
+msgid "%s busy, try again later"
+msgstr "%s är upptagen, försök igen senare"
+
+#: plugins/sudoers/visudo.c:979
+#, c-format
+msgid "unable to lock %s"
+msgstr "kunde inte låsa %s"
+
+#: plugins/sudoers/visudo.c:980
+msgid "Edit anyway? [y/N]"
+msgstr "Redigera ändå? [y/N]"
+
+#: plugins/sudoers/visudo.c:1064
+#, c-format
+msgid "Error: %s:%d cycle in %s \"%s\""
+msgstr "Fel: %s:%d cykel i %s ”%s”"
+
+#: plugins/sudoers/visudo.c:1065
+#, c-format
+msgid "Warning: %s:%d cycle in %s \"%s\""
+msgstr "Varning: %s:%d cykel i %s ”%s”"
+
+#: plugins/sudoers/visudo.c:1069
+#, c-format
+msgid "Error: %s:%d %s \"%s\" referenced but not defined"
+msgstr "Fel: %s:%d %s ”%s” refererad till men inte definierad"
+
+#: plugins/sudoers/visudo.c:1070
+#, c-format
+msgid "Warning: %s:%d %s \"%s\" referenced but not defined"
+msgstr "Varning: %s:%d %s ”%s” refererad till men inte definierad"
+
+#: plugins/sudoers/visudo.c:1161
+#, c-format
+msgid "Warning: %s:%d unused %s \"%s\""
+msgstr "Varning: %s:%d oanvänd %s ”%s”"
+
+#: plugins/sudoers/visudo.c:1276
+#, c-format
+msgid ""
+"%s - safely edit the sudoers file\n"
+"\n"
+msgstr ""
+"%s - redigera sudoers-filen på ett säkert sätt\n"
+"\n"
+
+#: plugins/sudoers/visudo.c:1278
+msgid ""
+"\n"
+"Options:\n"
+"  -c, --check              check-only mode\n"
+"  -f, --file=sudoers       specify sudoers file location\n"
+"  -h, --help               display help message and exit\n"
+"  -q, --quiet              less verbose (quiet) syntax error messages\n"
+"  -s, --strict             strict syntax checking\n"
+"  -V, --version            display version information and exit\n"
+msgstr ""
+"\n"
+"Flaggor:\n"
+"  -c, --check              genomför endast kontroller\n"
+"  -f, --file=sudoers       ange plats för sudoers-filen\n"
+"  -h, --help               visa hjälptext och avsluta\n"
+"  -q, --quiet              mindre utförliga (tysta) syntaxfelmeddelanden\n"
+"  -s, --strict             strikt syntaxkontroll\n"
+"  -V, --version            visa versionsinformation och avsluta\n"
+
+#: toke.l:939
+msgid "too many levels of includes"
+msgstr "för många nivåer av inkluderingar"
+
+#~ msgid ""
+#~ "\n"
+#~ "LDAP Role: UNKNOWN\n"
+#~ msgstr ""
+#~ "\n"
+#~ "LDAP-roll: OKÄND\n"
+
+#~ msgid "    Order: %s\n"
+#~ msgstr "    Ordning: %s\n"
+
+#~ msgid ""
+#~ "\n"
+#~ "SSSD Role: %s\n"
+#~ msgstr ""
+#~ "\n"
+#~ "SSSD-roll: %s\n"
+
+#~ msgid ""
+#~ "\n"
+#~ "SSSD Role: UNKNOWN\n"
+#~ msgstr ""
+#~ "\n"
+#~ "SSSD-roll: OKÄND\n"
+
+#~ msgid "Warning: cycle in %s `%s'"
+#~ msgstr "Varning: cykel i %s ”%s”"
+
+#~ msgid "Warning: %s `%s' referenced but not defined"
+#~ msgstr "Varning: %s ”%s” refererad till men inte definierad"
+
+#~ msgid "getaudit: failed"
+#~ msgstr "getaudit: misslyckades"
+
+#~ msgid "getauid failed"
+#~ msgstr "getauid misslyckades"
+
+#~ msgid "au_to_subject: failed"
+#~ msgstr "au_to_subject: misslyckades"
+
+#~ msgid "au_to_exec_args: failed"
+#~ msgstr "au_to_exec_args: misslyckades"
+
+#~ msgid "au_to_return32: failed"
+#~ msgstr "au_to_return32: misslyckades"
+
+#~ msgid "getauid: failed"
+#~ msgstr "getauid: misslyckades"
+
+#~ msgid "au_to_text: failed"
+#~ msgstr "au_to_text: misslyckades"
+
+#~ msgid "internal error, expand_prompt() overflow"
+#~ msgstr "internt fel, stackspill i expand_prompt()"
+
+#~ msgid "%s owned by uid %u, should be uid %u"
+#~ msgstr "%s ägs av uid %u, ska vara uid %u"
+
+#~ msgid "%s exists but is not a regular file (0%o)"
+#~ msgstr "%s finns men är inte en vanlig fil (0%o)"
+
+#~ msgid "internal error, sudo_setenv2() overflow"
+#~ msgstr "internt fel, stackspill i sudo_setenv2()"
+
+#~ msgid "internal error, sudo_setenv() overflow"
+#~ msgstr "internt fel, stackspill i sudo_setenv()"
+
+#~ msgid ">>> %s: %s near line %d <<<"
+#~ msgstr ">>> %s: %s nära rad %d <<<"
+
+#~ msgid "unable to set locale to \"%s\", using \"C\""
+#~ msgstr "kunde inte ställa in lokalanpassning till \"%s\", använder \"C\""
+
+#~ msgid "invalid uri: %s"
+#~ msgstr "ogiltig uri: %s"
+
+#~ msgid "unable to mix ldaps and starttls"
+#~ msgstr "kunde inte blanda ldaps och starttls"
+
+#~ msgid "internal error, linux_audit_command() overflow"
+#~ msgstr "internt fel, stackspill i linux_audit_command()"
+
+#~ msgid "internal error: insufficient space for log line"
+#~ msgstr "internt fel: otillräckligt utrymme för loggrad"
+
+#~ msgid ""
+#~ "    Commands:\n"
+#~ "\t"
+#~ msgstr ""
+#~ "    Kommandon:\n"
+#~ "\t"
+
+#~ msgid ": "
+#~ msgstr ": "
+
+#~ msgid "unable to cache uid %u (%s), already exists"
+#~ msgstr "kunde inte mellanlagra uid %u (%s), finns redan"
+
+#~ msgid "unable to cache gid %u (%s), already exists"
+#~ msgstr "kunde inte mellanlagra gid %u (%s), finns redan"
+
+#~ msgid "unable to execute %s: %s"
+#~ msgstr "kunde inte köra %s: %s"
+
+#~ msgid "internal error, runas_groups overflow"
+#~ msgstr "internt fel, stackspill i runas_groups"
+
+#~ msgid "writing to standard output"
+#~ msgstr "skriver till standard ut"
+
+#~ msgid "invalid regex: %s"
+#~ msgstr "ogiltigt reguljärt uttryck: %s"
+
+#~ msgid "internal error, init_vars() overflow"
+#~ msgstr "internt fel, stackspill i init_vars()"
+
+#~ msgid "fill_args: buffer overflow"
+#~ msgstr "fill_args: buffertöverflöde"
+
+#~ msgid "pam_chauthtok: %s"
+#~ msgstr "pam_chauthtok: %s"
+
+#~ msgid "pam_authenticate: %s"
+#~ msgstr "pam_authenticate: %s"
+
+#~ msgid "Password:"
+#~ msgstr "Lösenord:"
diff --git a/plugins/sudoers/po/tr.mo b/plugins/sudoers/po/tr.mo
new file mode 100644
index 0000000..1440e90
--- /dev/null
+++ b/plugins/sudoers/po/tr.mo
diff --git a/plugins/sudoers/po/tr.po b/plugins/sudoers/po/tr.po
new file mode 100644
index 0000000..a7b94d3
--- /dev/null
+++ b/plugins/sudoers/po/tr.po
@@ -0,0 +1,1721 @@
+# Turkish translations for sudoers package
+# This file is put in the public domain.
+# Todd C. Miller <Todd.Miller@courtesan.com>, 2011-2013
+#
+msgid ""
+msgstr ""
+"Project-Id-Version: sudoers 1.8.7b2\n"
+"Report-Msgid-Bugs-To: http://www.sudo.ws/bugs\n"
+"POT-Creation-Date: 2013-04-17 15:52-0400\n"
+"PO-Revision-Date: 2013-04-27 23:41+0200\n"
+"Last-Translator: Özgür Sarıer <ozgursarier1011601115@gmail.com>\n"
+"Language-Team: Turkish <gnu-tr-u12a@lists.sourceforge.net>\n"
+"Language: tr\n"
+"X-Bugs: Report translation errors to the Language-Team address.\n"
+"MIME-Version: 1.0\n"
+"Content-Type: text/plain; charset=UTF-8\n"
+"Content-Transfer-Encoding: 8bit\n"
+"Plural-Forms: nplurals=2; plural=(n != 1);\n"
+"X-Generator: Poedit 1.5.5\n"
+
+#: confstr.sh:2
+msgid "Password:"
+msgstr "Parola:"
+
+#: confstr.sh:3
+msgid "*** SECURITY information for %h ***"
+msgstr "*** %h için GÜVENLİK bilgisi ***"
+
+#: confstr.sh:4
+msgid "Sorry, try again."
+msgstr "Üzgünüm, yeniden deneyin."
+
+#: plugins/sudoers/alias.c:124
+#, c-format
+msgid "Alias `%s' already defined"
+msgstr "Takma ad `%s' önceden tanımlanmış"
+
+#: plugins/sudoers/auth/bsdauth.c:77
+#, c-format
+msgid "unable to get login class for user %s"
+msgstr "kullanıcı %s için oturum açma sınıfı elde edilemedi"
+
+#: plugins/sudoers/auth/bsdauth.c:83
+msgid "unable to begin bsd authentication"
+msgstr "bsd kimlik doğrulama işlemine başlanılamadı"
+
+#: plugins/sudoers/auth/bsdauth.c:91
+msgid "invalid authentication type"
+msgstr "geçersiz kimlik doğrulama türü"
+
+#: plugins/sudoers/auth/bsdauth.c:100
+msgid "unable to setup authentication"
+msgstr "kimlik doğrulama gerçekleştirilemedi"
+
+#: plugins/sudoers/auth/fwtk.c:59
+#, c-format
+msgid "unable to read fwtk config"
+msgstr "fwtk yapılandırması okunamadı"
+
+#: plugins/sudoers/auth/fwtk.c:64
+#, c-format
+msgid "unable to connect to authentication server"
+msgstr "kimlik doğrulama sunucusuna bağlanılamadı"
+
+#: plugins/sudoers/auth/fwtk.c:70 plugins/sudoers/auth/fwtk.c:94
+#: plugins/sudoers/auth/fwtk.c:127
+#, c-format
+msgid "lost connection to authentication server"
+msgstr "kimlik doğrulama sunucusunda bağlantı kaybı"
+
+#: plugins/sudoers/auth/fwtk.c:74
+#, c-format
+msgid ""
+"authentication server error:\n"
+"%s"
+msgstr ""
+"kimlik doğrulama sunucusu hatası:\n"
+"%s"
+
+#: plugins/sudoers/auth/kerb5.c:116
+#, c-format
+msgid "%s: unable to convert principal to string ('%s'): %s"
+msgstr ""
+
+#: plugins/sudoers/auth/kerb5.c:159
+#, c-format
+msgid "%s: unable to parse '%s': %s"
+msgstr "%s: ayrıştırılamayan öge '%s': %s"
+
+#: plugins/sudoers/auth/kerb5.c:169
+#, c-format
+msgid "%s: unable to resolve credential cache: %s"
+msgstr "%s: kimlik bilgisi önbelleği çözülemedi: %s"
+
+#: plugins/sudoers/auth/kerb5.c:217
+#, c-format
+msgid "%s: unable to allocate options: %s"
+msgstr "%s: seçenekler ayrılamadı: %s"
+
+#: plugins/sudoers/auth/kerb5.c:233
+#, c-format
+msgid "%s: unable to get credentials: %s"
+msgstr "%s: kimlik bilgileri elde edilemedi: %s"
+
+#: plugins/sudoers/auth/kerb5.c:246
+#, c-format
+msgid "%s: unable to initialize credential cache: %s"
+msgstr "%s: kimlik bilgisi önbelleği hazırlanamadı: %s"
+
+#: plugins/sudoers/auth/kerb5.c:250
+#, c-format
+msgid "%s: unable to store credential in cache: %s"
+msgstr "%s: kimlik bilgisi önbellekte saklanamadı: %s"
+
+#: plugins/sudoers/auth/kerb5.c:315
+#, c-format
+msgid "%s: unable to get host principal: %s"
+msgstr ""
+
+#: plugins/sudoers/auth/kerb5.c:330
+#, c-format
+msgid "%s: Cannot verify TGT! Possible attack!: %s"
+msgstr "%s: TGT doğrulanamadı! Muhtemel saldırı!: %s"
+
+#: plugins/sudoers/auth/pam.c:105
+msgid "unable to initialize PAM"
+msgstr "PAM başlatılamadı"
+
+#: plugins/sudoers/auth/pam.c:150
+msgid "account validation failure, is your account locked?"
+msgstr "hesap geçerliliği teyit edilemedi, hesabınız kilitli mi?"
+
+#: plugins/sudoers/auth/pam.c:154
+msgid "Account or password is expired, reset your password and try again"
+msgstr "Hesabın veya hesap parolasının süresi dolmuş, parolanızı sıfırlayınız ve yeniden deneyiniz"
+
+#: plugins/sudoers/auth/pam.c:162
+#, c-format
+msgid "unable to change expired password: %s"
+msgstr "zaman aşımına uğramış parola değiştirilemedi: %s"
+
+#: plugins/sudoers/auth/pam.c:167
+msgid "Password expired, contact your system administrator"
+msgstr "Parola geçerlilik süresi dolmuş, sistem yöneticinizle temasa geçiniz"
+
+#: plugins/sudoers/auth/pam.c:171
+msgid "Account expired or PAM config lacks an \"account\" section for sudo, contact your system administrator"
+msgstr "Hesap geçerlilik süresi dolmuş veya sudo için PAM yapılandırması bir \"account\" bölümünden yoksun, sistem yöneticinizle temasa geçiniz"
+
+#: plugins/sudoers/auth/pam.c:188
+#, c-format
+msgid "PAM authentication error: %s"
+msgstr "PAM kimlik doğrulama hatası: %s"
+
+#: plugins/sudoers/auth/pam.c:247
+#, c-format
+msgid "unable to establish credentials: %s"
+msgstr "kimlik bilgileri oluşturulamadı: %s"
+
+#: plugins/sudoers/auth/rfc1938.c:103 plugins/sudoers/visudo.c:212
+#, c-format
+msgid "you do not exist in the %s database"
+msgstr "%s veritabanında bulunmuyorsunuz"
+
+#: plugins/sudoers/auth/securid5.c:80
+#, c-format
+msgid "failed to initialise the ACE API library"
+msgstr "ACE API kütüphanesinin hazırlanması başarısız oldu"
+
+#: plugins/sudoers/auth/securid5.c:106
+#, c-format
+msgid "unable to contact the SecurID server"
+msgstr "SecurID sunucusuyla bağlantı kurulamadı"
+
+#: plugins/sudoers/auth/securid5.c:115
+#, c-format
+msgid "User ID locked for SecurID Authentication"
+msgstr "Kullanıcı Kimliği(User ID), SecurID Kimlik Doğrulaması için kilitli"
+
+#: plugins/sudoers/auth/securid5.c:119 plugins/sudoers/auth/securid5.c:170
+#, c-format
+msgid "invalid username length for SecurID"
+msgstr "SecurID için geçersiz kullanıcı adı uzunluğu"
+
+#: plugins/sudoers/auth/securid5.c:123 plugins/sudoers/auth/securid5.c:175
+#, c-format
+msgid "invalid Authentication Handle for SecurID"
+msgstr "SecurID için geçersiz Kimlik Doğrulama İşleyicisi"
+
+#: plugins/sudoers/auth/securid5.c:127
+#, c-format
+msgid "SecurID communication failed"
+msgstr "SecurID iletişimi başarısız oldu"
+
+#: plugins/sudoers/auth/securid5.c:131 plugins/sudoers/auth/securid5.c:214
+#, c-format
+msgid "unknown SecurID error"
+msgstr "bilinmeyen SecurID hatası"
+
+#: plugins/sudoers/auth/securid5.c:165
+#, c-format
+msgid "invalid passcode length for SecurID"
+msgstr "SecurID için geçersiz şifre uzunluğu"
+
+#: plugins/sudoers/auth/sia.c:108
+msgid "unable to initialize SIA session"
+msgstr "SIA oturumu başlatılamadı"
+
+#: plugins/sudoers/auth/sudo_auth.c:119
+msgid "invalid authentication methods"
+msgstr "geçersiz kimlik doğrulama yöntemleri"
+
+#: plugins/sudoers/auth/sudo_auth.c:120
+msgid "Invalid authentication methods compiled into sudo!  You may not mix standalone and non-standalone authentication."
+msgstr "Sudo içinde geçersiz kimlik doğrulama yöntemleri derlenmiş!  Bağımsız ve bağımsız olmayan kimlik doğrulama yöntemlerini karma bir şekilde kullanamayabilirsiniz."
+
+#: plugins/sudoers/auth/sudo_auth.c:203
+msgid "no authentication methods"
+msgstr "kimlik doğrulama yöntemleri yok"
+
+#: plugins/sudoers/auth/sudo_auth.c:205
+msgid "There are no authentication methods compiled into sudo!  If you want to turn off authentication, use the --disable-authentication configure option."
+msgstr "Sudo içinde herhangi bir kimlik doğrulama yöntemi derlenmemiş!  Kimlik doğrulamayı kapatmak isterseniz, --disable-authentication seçeneğini kullanınız."
+
+#: plugins/sudoers/auth/sudo_auth.c:389
+msgid "Authentication methods:"
+msgstr "Kimlik doğrulama yöntemleri:"
+
+#: plugins/sudoers/bsm_audit.c:60 plugins/sudoers/bsm_audit.c:63
+#: plugins/sudoers/bsm_audit.c:112 plugins/sudoers/bsm_audit.c:116
+#: plugins/sudoers/bsm_audit.c:168 plugins/sudoers/bsm_audit.c:172
+#, c-format
+msgid "getaudit: failed"
+msgstr "getaudit: işlem başarısız"
+
+#: plugins/sudoers/bsm_audit.c:90 plugins/sudoers/bsm_audit.c:153
+#, c-format
+msgid "Could not determine audit condition"
+msgstr "Denetim durumu belirlenemedi"
+
+#: plugins/sudoers/bsm_audit.c:101 plugins/sudoers/bsm_audit.c:160
+#, c-format
+msgid "getauid: failed"
+msgstr "getauid: işlem başarısız"
+
+#: plugins/sudoers/bsm_audit.c:103 plugins/sudoers/bsm_audit.c:162
+#, c-format
+msgid "au_open: failed"
+msgstr "au_open: işlem başarısız"
+
+#: plugins/sudoers/bsm_audit.c:118 plugins/sudoers/bsm_audit.c:174
+#, c-format
+msgid "au_to_subject: failed"
+msgstr "au_to_subject: işlem başarısız"
+
+#: plugins/sudoers/bsm_audit.c:122 plugins/sudoers/bsm_audit.c:178
+#, c-format
+msgid "au_to_exec_args: failed"
+msgstr "au_to_exec_args: işlem başarısız"
+
+#: plugins/sudoers/bsm_audit.c:126 plugins/sudoers/bsm_audit.c:187
+#, c-format
+msgid "au_to_return32: failed"
+msgstr "au_to_return32: işlem başarısız"
+
+#: plugins/sudoers/bsm_audit.c:129 plugins/sudoers/bsm_audit.c:190
+#, c-format
+msgid "unable to commit audit record"
+msgstr "denetim kaydı işlenemiyor"
+
+#: plugins/sudoers/bsm_audit.c:183
+#, c-format
+msgid "au_to_text: failed"
+msgstr "au_to_text: işlem başarısız"
+
+#: plugins/sudoers/check.c:189
+msgid ""
+"\n"
+"We trust you have received the usual lecture from the local System\n"
+"Administrator. It usually boils down to these three things:\n"
+"\n"
+"    #1) Respect the privacy of others.\n"
+"    #2) Think before you type.\n"
+"    #3) With great power comes great responsibility.\n"
+"\n"
+msgstr ""
+"\n"
+"Yerel Sistem Yöneticisinden olağan öğütleri aldığınıza güveniyoruz.\n"
+"Bunları genellikle aşağıdaki üç şeyle özetleyebiliriz:\n"
+"\n"
+"    #1) Diğer kişilerin özel hayatına saygı gösterin.\n"
+"    #2) Bir yazmadan önce iki kere düşünün.\n"
+"    #3) Büyük gücün büyük bir sorumluluk getirdiğini unutmayın.\n"
+"\n"
+
+#: plugins/sudoers/check.c:227 plugins/sudoers/check.c:233
+#: plugins/sudoers/sudoers.c:562 plugins/sudoers/sudoers.c:566
+#, c-format
+msgid "unknown uid: %u"
+msgstr "bilinmeyen uid: %u"
+
+#: plugins/sudoers/check.c:230 plugins/sudoers/policy.c:635
+#: plugins/sudoers/sudoers.c:845 plugins/sudoers/testsudoers.c:215
+#: plugins/sudoers/testsudoers.c:359
+#, c-format
+msgid "unknown user: %s"
+msgstr "bilinmeyen kullanıcı: %s"
+
+#: plugins/sudoers/def_data.c:27
+#, c-format
+msgid "Syslog facility if syslog is being used for logging: %s"
+msgstr ""
+
+#: plugins/sudoers/def_data.c:31
+#, c-format
+msgid "Syslog priority to use when user authenticates successfully: %s"
+msgstr ""
+
+#: plugins/sudoers/def_data.c:35
+#, c-format
+msgid "Syslog priority to use when user authenticates unsuccessfully: %s"
+msgstr ""
+
+#: plugins/sudoers/def_data.c:39
+msgid "Put OTP prompt on its own line"
+msgstr "OTP güdüsünü kendi satırına yerleştir"
+
+#: plugins/sudoers/def_data.c:43
+msgid "Ignore '.' in $PATH"
+msgstr "$PATH içindeki '.' ögesini yoksay"
+
+#: plugins/sudoers/def_data.c:47
+msgid "Always send mail when sudo is run"
+msgstr "Sudonun çalıştırıldığı her zaman e-posta gönder"
+
+#: plugins/sudoers/def_data.c:51
+msgid "Send mail if user authentication fails"
+msgstr "Kullanıcı kimlik doğrulaması başarısız olursa e-posta gönder"
+
+#: plugins/sudoers/def_data.c:55
+msgid "Send mail if the user is not in sudoers"
+msgstr "Kullanıcı sudoers içinde değilse e-posta gönder"
+
+#: plugins/sudoers/def_data.c:59
+msgid "Send mail if the user is not in sudoers for this host"
+msgstr "Kullanıcı bu makinedeki sudoers içinde değilse e-posta gönder"
+
+#: plugins/sudoers/def_data.c:63
+msgid "Send mail if the user is not allowed to run a command"
+msgstr "Kullanıcının bir komut çalıştırmasına izin verilmiyor ise e-posta gönder"
+
+#: plugins/sudoers/def_data.c:67
+msgid "Use a separate timestamp for each user/tty combo"
+msgstr "Her kullanıcı/tty birleşik girişi için ayrı bir zaman damgası kullan"
+
+#: plugins/sudoers/def_data.c:71
+msgid "Lecture user the first time they run sudo"
+msgstr "Sudoyu ilk defa çalıştırdıkları zaman kullanıcıya gerekli öğütleri ver"
+
+#: plugins/sudoers/def_data.c:75
+#, c-format
+msgid "File containing the sudo lecture: %s"
+msgstr "Dosya sudo öğüdü içeriyor: %s"
+
+#: plugins/sudoers/def_data.c:79
+msgid "Require users to authenticate by default"
+msgstr "Öntanımlı olarak kullanıcıların kimlik doğrulaması gerekmektedir"
+
+#: plugins/sudoers/def_data.c:83
+msgid "Root may run sudo"
+msgstr "Kök kullanıcı (root) sudoyu çalıştırabilir"
+
+#: plugins/sudoers/def_data.c:87
+msgid "Log the hostname in the (non-syslog) log file"
+msgstr ""
+
+#: plugins/sudoers/def_data.c:91
+msgid "Log the year in the (non-syslog) log file"
+msgstr ""
+
+#: plugins/sudoers/def_data.c:95
+msgid "If sudo is invoked with no arguments, start a shell"
+msgstr "Eğer sudo herhangi bir bağımsız değişkenle uyandırılmazsa, bir kabuk başlat"
+
+#: plugins/sudoers/def_data.c:99
+msgid "Set $HOME to the target user when starting a shell with -s"
+msgstr "Kabuğu -s ile başlatırken $HOME çevre değişkenini hedef kullanıcıya ata"
+
+#: plugins/sudoers/def_data.c:103
+msgid "Always set $HOME to the target user's home directory"
+msgstr "Her zaman $HOME çevre değişkenini hedef kullanıcının ev dizinine ata"
+
+#: plugins/sudoers/def_data.c:107
+msgid "Allow some information gathering to give useful error messages"
+msgstr "Yararlı hata iletilerinin verilmesi için bazı bilgilerin toplanmasına izin ver"
+
+#: plugins/sudoers/def_data.c:111
+msgid "Require fully-qualified hostnames in the sudoers file"
+msgstr "Sudoers dosyası içerisinde tam nitelikli ana makine adlarının olması gerekmektedir"
+
+#: plugins/sudoers/def_data.c:115
+msgid "Insult the user when they enter an incorrect password"
+msgstr "Hatalı parola girdikleri zaman kullanıcıyı aşağıla"
+
+#: plugins/sudoers/def_data.c:119
+msgid "Only allow the user to run sudo if they have a tty"
+msgstr "Ancak bir tty sahibi iseler kullanıcıya sudoyu çalıştırma izni ver"
+
+#: plugins/sudoers/def_data.c:123
+msgid "Visudo will honor the EDITOR environment variable"
+msgstr "Visudo EDITOR çevre değişkeninin gereğini şerefle yerine getirecektir."
+
+#: plugins/sudoers/def_data.c:127
+msgid "Prompt for root's password, not the users's"
+msgstr ""
+
+#: plugins/sudoers/def_data.c:131
+msgid "Prompt for the runas_default user's password, not the users's"
+msgstr ""
+
+#: plugins/sudoers/def_data.c:135
+msgid "Prompt for the target user's password, not the users's"
+msgstr ""
+
+#: plugins/sudoers/def_data.c:139
+msgid "Apply defaults in the target user's login class if there is one"
+msgstr "Eğer bir tane varsa hedef kullanıcı oturum açma sınıfında öntanımlıları uygula"
+
+#: plugins/sudoers/def_data.c:143
+msgid "Set the LOGNAME and USER environment variables"
+msgstr "LOGNAME ve USER çevre değişkenlerini ata"
+
+#: plugins/sudoers/def_data.c:147
+msgid "Only set the effective uid to the target user, not the real uid"
+msgstr ""
+
+#: plugins/sudoers/def_data.c:151
+msgid "Don't initialize the group vector to that of the target user"
+msgstr ""
+
+#: plugins/sudoers/def_data.c:155
+#, c-format
+msgid "Length at which to wrap log file lines (0 for no wrap): %d"
+msgstr ""
+
+#: plugins/sudoers/def_data.c:159
+#, c-format
+msgid "Authentication timestamp timeout: %.1f minutes"
+msgstr ""
+
+#: plugins/sudoers/def_data.c:163
+#, c-format
+msgid "Password prompt timeout: %.1f minutes"
+msgstr ""
+
+#: plugins/sudoers/def_data.c:167
+#, c-format
+msgid "Number of tries to enter a password: %d"
+msgstr "Bir parola girişinde deneme sayısı: %d"
+
+#: plugins/sudoers/def_data.c:171
+#, c-format
+msgid "Umask to use or 0777 to use user's: 0%o"
+msgstr ""
+
+#: plugins/sudoers/def_data.c:175
+#, c-format
+msgid "Path to log file: %s"
+msgstr "Günlük kütüğü yolu: %s"
+
+#: plugins/sudoers/def_data.c:179
+#, c-format
+msgid "Path to mail program: %s"
+msgstr "E-posta programı yolu: %s"
+
+#: plugins/sudoers/def_data.c:183
+#, c-format
+msgid "Flags for mail program: %s"
+msgstr "E-posta programı için bayraklar: %s"
+
+#: plugins/sudoers/def_data.c:187
+#, c-format
+msgid "Address to send mail to: %s"
+msgstr ""
+
+#: plugins/sudoers/def_data.c:191
+#, c-format
+msgid "Address to send mail from: %s"
+msgstr ""
+
+#: plugins/sudoers/def_data.c:195
+#, c-format
+msgid "Subject line for mail messages: %s"
+msgstr "E-posta iletileri için konu satırı: %s"
+
+#: plugins/sudoers/def_data.c:199
+#, c-format
+msgid "Incorrect password message: %s"
+msgstr "Hatalı parola iletisi: %s"
+
+#: plugins/sudoers/def_data.c:203
+#, c-format
+msgid "Path to authentication timestamp dir: %s"
+msgstr "Kimlik doğrulama zaman damgası dizininin yolu: %s"
+
+#: plugins/sudoers/def_data.c:207
+#, c-format
+msgid "Owner of the authentication timestamp dir: %s"
+msgstr "Kimlik doğrulama zaman damgası dizininin sahibi: %s"
+
+#: plugins/sudoers/def_data.c:211
+#, c-format
+msgid "Users in this group are exempt from password and PATH requirements: %s"
+msgstr ""
+
+#: plugins/sudoers/def_data.c:215
+#, c-format
+msgid "Default password prompt: %s"
+msgstr ""
+
+#: plugins/sudoers/def_data.c:219
+msgid "If set, passprompt will override system prompt in all cases."
+msgstr ""
+
+#: plugins/sudoers/def_data.c:223
+#, c-format
+msgid "Default user to run commands as: %s"
+msgstr ""
+
+#: plugins/sudoers/def_data.c:227
+#, c-format
+msgid "Value to override user's $PATH with: %s"
+msgstr ""
+
+#: plugins/sudoers/def_data.c:231
+#, c-format
+msgid "Path to the editor for use by visudo: %s"
+msgstr "Visudo tarafından kullanılacak düzenleyici yolu: %s"
+
+#: plugins/sudoers/def_data.c:235
+#, c-format
+msgid "When to require a password for 'list' pseudocommand: %s"
+msgstr ""
+
+#: plugins/sudoers/def_data.c:239
+#, c-format
+msgid "When to require a password for 'verify' pseudocommand: %s"
+msgstr ""
+
+#: plugins/sudoers/def_data.c:243
+msgid "Preload the dummy exec functions contained in the sudo_noexec library"
+msgstr "Sudo_noexec kütüphanesinin içerdiği taklit exec işlevlerini önyükle"
+
+#: plugins/sudoers/def_data.c:247
+msgid "If LDAP directory is up, do we ignore local sudoers file"
+msgstr "LDAP dizini kullanılabilir durumda ise, yerel sudoers dosyalarını yok sayalım mı"
+
+#: plugins/sudoers/def_data.c:251
+#, c-format
+msgid "File descriptors >= %d will be closed before executing a command"
+msgstr ""
+
+#: plugins/sudoers/def_data.c:255
+msgid "If set, users may override the value of `closefrom' with the -C option"
+msgstr ""
+
+#: plugins/sudoers/def_data.c:259
+msgid "Allow users to set arbitrary environment variables"
+msgstr ""
+
+#: plugins/sudoers/def_data.c:263
+msgid "Reset the environment to a default set of variables"
+msgstr ""
+
+#: plugins/sudoers/def_data.c:267
+msgid "Environment variables to check for sanity:"
+msgstr ""
+
+#: plugins/sudoers/def_data.c:271
+msgid "Environment variables to remove:"
+msgstr ""
+
+#: plugins/sudoers/def_data.c:275
+msgid "Environment variables to preserve:"
+msgstr ""
+
+#: plugins/sudoers/def_data.c:279
+#, c-format
+msgid "SELinux role to use in the new security context: %s"
+msgstr ""
+
+#: plugins/sudoers/def_data.c:283
+#, c-format
+msgid "SELinux type to use in the new security context: %s"
+msgstr ""
+
+#: plugins/sudoers/def_data.c:287
+#, c-format
+msgid "Path to the sudo-specific environment file: %s"
+msgstr ""
+
+#: plugins/sudoers/def_data.c:291
+#, c-format
+msgid "Locale to use while parsing sudoers: %s"
+msgstr ""
+
+#: plugins/sudoers/def_data.c:295
+msgid "Allow sudo to prompt for a password even if it would be visible"
+msgstr ""
+
+#: plugins/sudoers/def_data.c:299
+msgid "Provide visual feedback at the password prompt when there is user input"
+msgstr ""
+
+#: plugins/sudoers/def_data.c:303
+msgid "Use faster globbing that is less accurate but does not access the filesystem"
+msgstr ""
+
+#: plugins/sudoers/def_data.c:307
+msgid "The umask specified in sudoers will override the user's, even if it is more permissive"
+msgstr ""
+
+#: plugins/sudoers/def_data.c:311
+msgid "Log user's input for the command being run"
+msgstr ""
+
+#: plugins/sudoers/def_data.c:315
+msgid "Log the output of the command being run"
+msgstr ""
+
+#: plugins/sudoers/def_data.c:319
+msgid "Compress I/O logs using zlib"
+msgstr "I/O günlüklerini zlib kullanarak sıkıştır"
+
+#: plugins/sudoers/def_data.c:323
+msgid "Always run commands in a pseudo-tty"
+msgstr ""
+
+#: plugins/sudoers/def_data.c:327
+#, c-format
+msgid "Plugin for non-Unix group support: %s"
+msgstr ""
+
+#: plugins/sudoers/def_data.c:331
+#, c-format
+msgid "Directory in which to store input/output logs: %s"
+msgstr ""
+
+#: plugins/sudoers/def_data.c:335
+#, c-format
+msgid "File in which to store the input/output log: %s"
+msgstr ""
+
+#: plugins/sudoers/def_data.c:339
+msgid "Add an entry to the utmp/utmpx file when allocating a pty"
+msgstr ""
+
+#: plugins/sudoers/def_data.c:343
+msgid "Set the user in utmp to the runas user, not the invoking user"
+msgstr ""
+
+#: plugins/sudoers/def_data.c:347
+msgid "Set of permitted privileges"
+msgstr ""
+
+#: plugins/sudoers/def_data.c:351
+msgid "Set of limit privileges"
+msgstr ""
+
+#: plugins/sudoers/def_data.c:355
+msgid "Run commands on a pty in the background"
+msgstr ""
+
+#: plugins/sudoers/def_data.c:359
+msgid "Create a new PAM session for the command to run in"
+msgstr ""
+
+#: plugins/sudoers/def_data.c:363
+msgid "Maximum I/O log sequence number"
+msgstr ""
+
+#: plugins/sudoers/defaults.c:207 plugins/sudoers/defaults.c:587
+#, c-format
+msgid "unknown defaults entry `%s'"
+msgstr ""
+
+#: plugins/sudoers/defaults.c:215 plugins/sudoers/defaults.c:225
+#: plugins/sudoers/defaults.c:245 plugins/sudoers/defaults.c:258
+#: plugins/sudoers/defaults.c:271 plugins/sudoers/defaults.c:284
+#: plugins/sudoers/defaults.c:297 plugins/sudoers/defaults.c:317
+#: plugins/sudoers/defaults.c:327
+#, c-format
+msgid "value `%s' is invalid for option `%s'"
+msgstr ""
+
+#: plugins/sudoers/defaults.c:218 plugins/sudoers/defaults.c:228
+#: plugins/sudoers/defaults.c:236 plugins/sudoers/defaults.c:253
+#: plugins/sudoers/defaults.c:266 plugins/sudoers/defaults.c:279
+#: plugins/sudoers/defaults.c:292 plugins/sudoers/defaults.c:312
+#: plugins/sudoers/defaults.c:323
+#, c-format
+msgid "no value specified for `%s'"
+msgstr ""
+
+#: plugins/sudoers/defaults.c:241
+#, c-format
+msgid "values for `%s' must start with a '/'"
+msgstr ""
+
+#: plugins/sudoers/defaults.c:303
+#, c-format
+msgid "option `%s' does not take a value"
+msgstr ""
+
+#: plugins/sudoers/env.c:288 plugins/sudoers/env.c:293
+#: plugins/sudoers/env.c:395 plugins/sudoers/linux_audit.c:82
+#: plugins/sudoers/policy.c:420 plugins/sudoers/policy.c:427
+#: plugins/sudoers/prompt.c:171 plugins/sudoers/sudoers.c:654
+#: plugins/sudoers/testsudoers.c:243
+#, c-format
+msgid "internal error, %s overflow"
+msgstr ""
+
+#: plugins/sudoers/env.c:367
+#, c-format
+msgid "sudo_putenv: corrupted envp, length mismatch"
+msgstr ""
+
+#: plugins/sudoers/env.c:1012
+#, c-format
+msgid "sorry, you are not allowed to set the following environment variables: %s"
+msgstr ""
+
+#: plugins/sudoers/group_plugin.c:102
+#, c-format
+msgid "%s must be owned by uid %d"
+msgstr ""
+
+#: plugins/sudoers/group_plugin.c:106
+#, c-format
+msgid "%s must only be writable by owner"
+msgstr ""
+
+#: plugins/sudoers/group_plugin.c:113 plugins/sudoers/sssd.c:256
+#, c-format
+msgid "unable to dlopen %s: %s"
+msgstr ""
+
+#: plugins/sudoers/group_plugin.c:118
+#, c-format
+msgid "unable to find symbol \"group_plugin\" in %s"
+msgstr ""
+
+#: plugins/sudoers/group_plugin.c:123
+#, c-format
+msgid "%s: incompatible group plugin major version %d, expected %d"
+msgstr ""
+
+#: plugins/sudoers/interfaces.c:119
+msgid "Local IP address and netmask pairs:\n"
+msgstr ""
+
+#: plugins/sudoers/iolog.c:131 plugins/sudoers/iolog.c:144
+#: plugins/sudoers/timestamp.c:200 plugins/sudoers/timestamp.c:244
+#, c-format
+msgid "%s exists but is not a directory (0%o)"
+msgstr ""
+
+#: plugins/sudoers/iolog.c:141 plugins/sudoers/iolog.c:155
+#: plugins/sudoers/iolog.c:159 plugins/sudoers/timestamp.c:165
+#: plugins/sudoers/timestamp.c:221 plugins/sudoers/timestamp.c:271
+#, c-format
+msgid "unable to mkdir %s"
+msgstr ""
+
+#: plugins/sudoers/iolog.c:217 plugins/sudoers/sudoers.c:708
+#: plugins/sudoers/sudoreplay.c:354 plugins/sudoers/sudoreplay.c:815
+#: plugins/sudoers/sudoreplay.c:978 plugins/sudoers/timestamp.c:155
+#: plugins/sudoers/visudo.c:809
+#, c-format
+msgid "unable to open %s"
+msgstr ""
+
+#: plugins/sudoers/iolog.c:250 plugins/sudoers/sudoers.c:711
+#, c-format
+msgid "unable to read %s"
+msgstr ""
+
+#: plugins/sudoers/iolog.c:274 plugins/sudoers/timestamp.c:159
+#, c-format
+msgid "unable to write to %s"
+msgstr ""
+
+#: plugins/sudoers/iolog.c:334
+#, c-format
+msgid "unable to create %s"
+msgstr ""
+
+#: plugins/sudoers/ldap.c:385
+#, c-format
+msgid "sudo_ldap_conf_add_ports: port too large"
+msgstr ""
+
+#: plugins/sudoers/ldap.c:408
+#, c-format
+msgid "sudo_ldap_conf_add_ports: out of space expanding hostbuf"
+msgstr ""
+
+#: plugins/sudoers/ldap.c:438
+#, c-format
+msgid "unsupported LDAP uri type: %s"
+msgstr ""
+
+#: plugins/sudoers/ldap.c:467
+#, c-format
+msgid "invalid uri: %s"
+msgstr ""
+
+#: plugins/sudoers/ldap.c:473
+#, c-format
+msgid "unable to mix ldap and ldaps URIs"
+msgstr ""
+
+#: plugins/sudoers/ldap.c:477
+#, c-format
+msgid "unable to mix ldaps and starttls"
+msgstr ""
+
+#: plugins/sudoers/ldap.c:496
+#, c-format
+msgid "sudo_ldap_parse_uri: out of space building hostbuf"
+msgstr ""
+
+#: plugins/sudoers/ldap.c:570
+#, c-format
+msgid "unable to initialize SSL cert and key db: %s"
+msgstr ""
+
+#: plugins/sudoers/ldap.c:573
+#, c-format
+msgid "you must set TLS_CERT in %s to use SSL"
+msgstr ""
+
+#: plugins/sudoers/ldap.c:1062
+#, c-format
+msgid "unable to get GMT time"
+msgstr ""
+
+#: plugins/sudoers/ldap.c:1068
+#, c-format
+msgid "unable to format timestamp"
+msgstr ""
+
+#: plugins/sudoers/ldap.c:1076
+#, c-format
+msgid "unable to build time filter"
+msgstr ""
+
+#: plugins/sudoers/ldap.c:1295
+#, c-format
+msgid "sudo_ldap_build_pass1 allocation mismatch"
+msgstr ""
+
+#: plugins/sudoers/ldap.c:1842
+#, c-format
+msgid ""
+"\n"
+"LDAP Role: %s\n"
+msgstr ""
+
+#: plugins/sudoers/ldap.c:1844
+#, c-format
+msgid ""
+"\n"
+"LDAP Role: UNKNOWN\n"
+msgstr ""
+
+#: plugins/sudoers/ldap.c:1891
+#, c-format
+msgid "    Order: %s\n"
+msgstr ""
+
+#: plugins/sudoers/ldap.c:1899 plugins/sudoers/parse.c:515
+#: plugins/sudoers/sssd.c:1242
+#, c-format
+msgid "    Commands:\n"
+msgstr ""
+
+#: plugins/sudoers/ldap.c:2321
+#, c-format
+msgid "unable to initialize LDAP: %s"
+msgstr ""
+
+#: plugins/sudoers/ldap.c:2355
+#, c-format
+msgid "start_tls specified but LDAP libs do not support ldap_start_tls_s() or ldap_start_tls_s_np()"
+msgstr ""
+
+#: plugins/sudoers/ldap.c:2591
+#, c-format
+msgid "invalid sudoOrder attribute: %s"
+msgstr ""
+
+#: plugins/sudoers/linux_audit.c:57
+#, c-format
+msgid "unable to open audit system"
+msgstr ""
+
+#: plugins/sudoers/linux_audit.c:93
+#, c-format
+msgid "unable to send audit message"
+msgstr ""
+
+#: plugins/sudoers/logging.c:140
+#, c-format
+msgid "%8s : %s"
+msgstr ""
+
+#: plugins/sudoers/logging.c:168
+#, c-format
+msgid "%8s : (command continued) %s"
+msgstr ""
+
+#: plugins/sudoers/logging.c:194
+#, c-format
+msgid "unable to open log file: %s: %s"
+msgstr "günlük kütüğü açılamadı: %s: %s"
+
+#: plugins/sudoers/logging.c:197
+#, c-format
+msgid "unable to lock log file: %s: %s"
+msgstr "günlük kütüğü kilitlenemedi: %s: %s"
+
+#: plugins/sudoers/logging.c:245
+msgid "No user or host"
+msgstr "Kullanıcı veya ana makine yok"
+
+#: plugins/sudoers/logging.c:247
+msgid "validation failure"
+msgstr "doğrulama başarısız"
+
+#: plugins/sudoers/logging.c:254
+msgid "user NOT in sudoers"
+msgstr "kullancı sudoers içinde DEĞİL"
+
+#: plugins/sudoers/logging.c:256
+msgid "user NOT authorized on host"
+msgstr "kullanıcı ana makine üzerinde yetkili DEĞİL"
+
+#: plugins/sudoers/logging.c:258
+msgid "command not allowed"
+msgstr "komuta izin verilmiyor"
+
+#: plugins/sudoers/logging.c:288
+#, c-format
+msgid "%s is not in the sudoers file.  This incident will be reported.\n"
+msgstr "%s sudoers dosyası içinde değil.  Bu olay rapor edilecek.\n"
+
+#: plugins/sudoers/logging.c:291
+#, c-format
+msgid "%s is not allowed to run sudo on %s.  This incident will be reported.\n"
+msgstr "%s,  %s üzerinde sudoyu çalıştırma iznine sahip değil.  Bu olay rapor edilecek.\n"
+
+#: plugins/sudoers/logging.c:295
+#, c-format
+msgid "Sorry, user %s may not run sudo on %s.\n"
+msgstr "Üzgünüm, %s kullanıcısı %s üzerinde sudoyu çalıştıramayabilir.\n"
+
+#: plugins/sudoers/logging.c:298
+#, c-format
+msgid "Sorry, user %s is not allowed to execute '%s%s%s' as %s%s%s on %s.\n"
+msgstr "Üzgünüm, %s kullanıcısı '%s%s%s' komutunu %s%s%s olarak %s üzerinde çalıştırma iznine sahip değil.\n"
+
+#: plugins/sudoers/logging.c:335 plugins/sudoers/sudoers.c:383
+#: plugins/sudoers/sudoers.c:384 plugins/sudoers/sudoers.c:386
+#: plugins/sudoers/sudoers.c:387 plugins/sudoers/sudoers.c:1001
+#: plugins/sudoers/sudoers.c:1002
+#, c-format
+msgid "%s: command not found"
+msgstr "%s: komut bulunamadı"
+
+#: plugins/sudoers/logging.c:337 plugins/sudoers/sudoers.c:379
+#, c-format
+msgid ""
+"ignoring `%s' found in '.'\n"
+"Use `sudo ./%s' if this is the `%s' you wish to run."
+msgstr ""
+
+#: plugins/sudoers/logging.c:353
+msgid "authentication failure"
+msgstr ""
+
+#: plugins/sudoers/logging.c:379
+msgid "a password is required"
+msgstr ""
+
+#: plugins/sudoers/logging.c:443 plugins/sudoers/logging.c:487
+#, c-format
+msgid "%d incorrect password attempt"
+msgid_plural "%d incorrect password attempts"
+msgstr[0] ""
+msgstr[1] ""
+
+#: plugins/sudoers/logging.c:566
+#, c-format
+msgid "unable to fork"
+msgstr ""
+
+#: plugins/sudoers/logging.c:573 plugins/sudoers/logging.c:629
+#, c-format
+msgid "unable to fork: %m"
+msgstr ""
+
+#: plugins/sudoers/logging.c:619
+#, c-format
+msgid "unable to open pipe: %m"
+msgstr ""
+
+#: plugins/sudoers/logging.c:644
+#, c-format
+msgid "unable to dup stdin: %m"
+msgstr ""
+
+#: plugins/sudoers/logging.c:680
+#, c-format
+msgid "unable to execute %s: %m"
+msgstr ""
+
+#: plugins/sudoers/logging.c:899
+#, c-format
+msgid "internal error: insufficient space for log line"
+msgstr ""
+
+#: plugins/sudoers/match.c:631
+#, c-format
+msgid "unsupported digest type %d for %s"
+msgstr ""
+
+#: plugins/sudoers/match.c:661
+#, c-format
+msgid "%s: read error"
+msgstr ""
+
+#: plugins/sudoers/match.c:670
+#, c-format
+msgid "digest for %s (%s) is not in %s form"
+msgstr ""
+
+#: plugins/sudoers/parse.c:124
+#, c-format
+msgid "parse error in %s near line %d"
+msgstr ""
+
+#: plugins/sudoers/parse.c:127
+#, c-format
+msgid "parse error in %s"
+msgstr ""
+
+#: plugins/sudoers/parse.c:462
+#, c-format
+msgid ""
+"\n"
+"Sudoers entry:\n"
+msgstr ""
+
+#: plugins/sudoers/parse.c:463
+#, c-format
+msgid "    RunAsUsers: "
+msgstr ""
+
+#: plugins/sudoers/parse.c:477
+#, c-format
+msgid "    RunAsGroups: "
+msgstr ""
+
+#: plugins/sudoers/parse.c:486
+#, c-format
+msgid "    Options: "
+msgstr ""
+
+#: plugins/sudoers/policy.c:517 plugins/sudoers/visudo.c:750
+#, c-format
+msgid "unable to execute %s"
+msgstr ""
+
+#: plugins/sudoers/policy.c:659
+#, c-format
+msgid "Sudoers policy plugin version %s\n"
+msgstr ""
+
+#: plugins/sudoers/policy.c:661
+#, c-format
+msgid "Sudoers file grammar version %d\n"
+msgstr ""
+
+#: plugins/sudoers/policy.c:665
+#, c-format
+msgid ""
+"\n"
+"Sudoers path: %s\n"
+msgstr ""
+
+#: plugins/sudoers/policy.c:668
+#, c-format
+msgid "nsswitch path: %s\n"
+msgstr ""
+
+#: plugins/sudoers/policy.c:670
+#, c-format
+msgid "ldap.conf path: %s\n"
+msgstr ""
+
+#: plugins/sudoers/policy.c:671
+#, c-format
+msgid "ldap.secret path: %s\n"
+msgstr ""
+
+#: plugins/sudoers/pwutil.c:148
+#, c-format
+msgid "unable to cache uid %u, already exists"
+msgstr ""
+
+#: plugins/sudoers/pwutil.c:190
+#, c-format
+msgid "unable to cache user %s, already exists"
+msgstr ""
+
+#: plugins/sudoers/pwutil.c:374
+#, c-format
+msgid "unable to cache gid %u, already exists"
+msgstr ""
+
+#: plugins/sudoers/pwutil.c:410
+#, c-format
+msgid "unable to cache group %s, already exists"
+msgstr ""
+
+#: plugins/sudoers/pwutil.c:564 plugins/sudoers/pwutil.c:586
+#, c-format
+msgid "unable to cache group list for %s, already exists"
+msgstr ""
+
+#: plugins/sudoers/pwutil.c:584
+#, c-format
+msgid "unable to parse groups for %s"
+msgstr ""
+
+#: plugins/sudoers/set_perms.c:122 plugins/sudoers/set_perms.c:445
+#: plugins/sudoers/set_perms.c:846 plugins/sudoers/set_perms.c:1141
+#: plugins/sudoers/set_perms.c:1431
+msgid "perm stack overflow"
+msgstr ""
+
+#: plugins/sudoers/set_perms.c:130 plugins/sudoers/set_perms.c:453
+#: plugins/sudoers/set_perms.c:854 plugins/sudoers/set_perms.c:1149
+#: plugins/sudoers/set_perms.c:1439
+msgid "perm stack underflow"
+msgstr ""
+
+#: plugins/sudoers/set_perms.c:189 plugins/sudoers/set_perms.c:500
+#: plugins/sudoers/set_perms.c:1200 plugins/sudoers/set_perms.c:1471
+msgid "unable to change to root gid"
+msgstr ""
+
+#: plugins/sudoers/set_perms.c:278 plugins/sudoers/set_perms.c:597
+#: plugins/sudoers/set_perms.c:983 plugins/sudoers/set_perms.c:1277
+msgid "unable to change to runas gid"
+msgstr ""
+
+#: plugins/sudoers/set_perms.c:290 plugins/sudoers/set_perms.c:609
+#: plugins/sudoers/set_perms.c:993 plugins/sudoers/set_perms.c:1287
+msgid "unable to change to runas uid"
+msgstr ""
+
+#: plugins/sudoers/set_perms.c:308 plugins/sudoers/set_perms.c:627
+#: plugins/sudoers/set_perms.c:1009 plugins/sudoers/set_perms.c:1303
+msgid "unable to change to sudoers gid"
+msgstr ""
+
+#: plugins/sudoers/set_perms.c:361 plugins/sudoers/set_perms.c:698
+#: plugins/sudoers/set_perms.c:1055 plugins/sudoers/set_perms.c:1349
+#: plugins/sudoers/set_perms.c:1515
+msgid "too many processes"
+msgstr ""
+
+#: plugins/sudoers/set_perms.c:1583
+msgid "unable to set runas group vector"
+msgstr ""
+
+#: plugins/sudoers/sssd.c:257
+#, c-format
+msgid "unable to initialize SSS source. Is SSSD installed on your machine?"
+msgstr ""
+
+#: plugins/sudoers/sssd.c:263 plugins/sudoers/sssd.c:271
+#: plugins/sudoers/sssd.c:278 plugins/sudoers/sssd.c:285
+#: plugins/sudoers/sssd.c:292
+#, c-format
+msgid "unable to find symbol \"%s\" in %s"
+msgstr ""
+
+#: plugins/sudoers/sudo_nss.c:283
+#, c-format
+msgid "Matching Defaults entries for %s on this host:\n"
+msgstr ""
+
+#: plugins/sudoers/sudo_nss.c:296
+#, c-format
+msgid "Runas and Command-specific defaults for %s:\n"
+msgstr ""
+
+#: plugins/sudoers/sudo_nss.c:309
+#, c-format
+msgid "User %s may run the following commands on this host:\n"
+msgstr ""
+
+#: plugins/sudoers/sudo_nss.c:318
+#, c-format
+msgid "User %s is not allowed to run sudo on %s.\n"
+msgstr ""
+
+#: plugins/sudoers/sudoers.c:159 plugins/sudoers/sudoers.c:193
+#: plugins/sudoers/sudoers.c:673
+msgid "problem with defaults entries"
+msgstr ""
+
+#: plugins/sudoers/sudoers.c:165
+#, c-format
+msgid "no valid sudoers sources found, quitting"
+msgstr ""
+
+#: plugins/sudoers/sudoers.c:227
+#, c-format
+msgid "sudoers specifies that root is not allowed to sudo"
+msgstr ""
+
+#: plugins/sudoers/sudoers.c:234
+#, c-format
+msgid "you are not permitted to use the -C option"
+msgstr ""
+
+#: plugins/sudoers/sudoers.c:315
+#, c-format
+msgid "timestamp owner (%s): No such user"
+msgstr ""
+
+#: plugins/sudoers/sudoers.c:329
+msgid "no tty"
+msgstr ""
+
+#: plugins/sudoers/sudoers.c:330
+#, c-format
+msgid "sorry, you must have a tty to run sudo"
+msgstr ""
+
+#: plugins/sudoers/sudoers.c:378
+msgid "command in current directory"
+msgstr ""
+
+#: plugins/sudoers/sudoers.c:395
+#, c-format
+msgid "sorry, you are not allowed to preserve the environment"
+msgstr ""
+
+#: plugins/sudoers/sudoers.c:723 plugins/sudoers/timestamp.c:216
+#: plugins/sudoers/timestamp.c:260 plugins/sudoers/timestamp.c:328
+#: plugins/sudoers/visudo.c:310 plugins/sudoers/visudo.c:576
+#, c-format
+msgid "unable to stat %s"
+msgstr ""
+
+#: plugins/sudoers/sudoers.c:726
+#, c-format
+msgid "%s is not a regular file"
+msgstr ""
+
+#: plugins/sudoers/sudoers.c:729 toke.l:913
+#, c-format
+msgid "%s is owned by uid %u, should be %u"
+msgstr ""
+
+#: plugins/sudoers/sudoers.c:733 toke.l:920
+#, c-format
+msgid "%s is world writable"
+msgstr ""
+
+#: plugins/sudoers/sudoers.c:736 toke.l:925
+#, c-format
+msgid "%s is owned by gid %u, should be %u"
+msgstr ""
+
+#: plugins/sudoers/sudoers.c:763
+#, c-format
+msgid "only root can use `-c %s'"
+msgstr ""
+
+#: plugins/sudoers/sudoers.c:780 plugins/sudoers/sudoers.c:782
+#, c-format
+msgid "unknown login class: %s"
+msgstr ""
+
+#: plugins/sudoers/sudoers.c:814
+#, c-format
+msgid "unable to resolve host %s"
+msgstr ""
+
+#: plugins/sudoers/sudoers.c:866 plugins/sudoers/testsudoers.c:377
+#, c-format
+msgid "unknown group: %s"
+msgstr ""
+
+#: plugins/sudoers/sudoreplay.c:292
+#, c-format
+msgid "invalid filter option: %s"
+msgstr ""
+
+#: plugins/sudoers/sudoreplay.c:305
+#, c-format
+msgid "invalid max wait: %s"
+msgstr ""
+
+#: plugins/sudoers/sudoreplay.c:311
+#, c-format
+msgid "invalid speed factor: %s"
+msgstr ""
+
+#: plugins/sudoers/sudoreplay.c:314 plugins/sudoers/visudo.c:179
+#, c-format
+msgid "%s version %s\n"
+msgstr ""
+
+#: plugins/sudoers/sudoreplay.c:339
+#, c-format
+msgid "%s/%.2s/%.2s/%.2s/timing: %s"
+msgstr ""
+
+#: plugins/sudoers/sudoreplay.c:345
+#, c-format
+msgid "%s/%s/timing: %s"
+msgstr ""
+
+#: plugins/sudoers/sudoreplay.c:363
+#, c-format
+msgid "Replaying sudo session: %s\n"
+msgstr ""
+
+#: plugins/sudoers/sudoreplay.c:369
+#, c-format
+msgid "Warning: your terminal is too small to properly replay the log.\n"
+msgstr ""
+
+#: plugins/sudoers/sudoreplay.c:370
+#, c-format
+msgid "Log geometry is %d x %d, your terminal's geometry is %d x %d."
+msgstr ""
+
+#: plugins/sudoers/sudoreplay.c:400
+#, c-format
+msgid "unable to set tty to raw mode"
+msgstr ""
+
+#: plugins/sudoers/sudoreplay.c:416
+#, c-format
+msgid "invalid timing file line: %s"
+msgstr ""
+
+#: plugins/sudoers/sudoreplay.c:499
+#, c-format
+msgid "writing to standard output"
+msgstr ""
+
+#: plugins/sudoers/sudoreplay.c:528
+#, c-format
+msgid "nanosleep: tv_sec %ld, tv_nsec %ld"
+msgstr ""
+
+#: plugins/sudoers/sudoreplay.c:641 plugins/sudoers/sudoreplay.c:666
+#, c-format
+msgid "ambiguous expression \"%s\""
+msgstr ""
+
+#: plugins/sudoers/sudoreplay.c:683
+#, c-format
+msgid "too many parenthesized expressions, max %d"
+msgstr ""
+
+#: plugins/sudoers/sudoreplay.c:694
+#, c-format
+msgid "unmatched ')' in expression"
+msgstr ""
+
+#: plugins/sudoers/sudoreplay.c:700
+#, c-format
+msgid "unknown search term \"%s\""
+msgstr ""
+
+#: plugins/sudoers/sudoreplay.c:714
+#, c-format
+msgid "%s requires an argument"
+msgstr ""
+
+#: plugins/sudoers/sudoreplay.c:718 plugins/sudoers/sudoreplay.c:1058
+#, c-format
+msgid "invalid regular expression: %s"
+msgstr ""
+
+#: plugins/sudoers/sudoreplay.c:724
+#, c-format
+msgid "could not parse date \"%s\""
+msgstr ""
+
+#: plugins/sudoers/sudoreplay.c:737
+#, c-format
+msgid "unmatched '(' in expression"
+msgstr ""
+
+#: plugins/sudoers/sudoreplay.c:739
+#, c-format
+msgid "illegal trailing \"or\""
+msgstr ""
+
+#: plugins/sudoers/sudoreplay.c:741
+#, c-format
+msgid "illegal trailing \"!\""
+msgstr ""
+
+#: plugins/sudoers/sudoreplay.c:1182
+#, c-format
+msgid "usage: %s [-h] [-d directory] [-m max_wait] [-s speed_factor] ID\n"
+msgstr ""
+
+#: plugins/sudoers/sudoreplay.c:1185
+#, c-format
+msgid "usage: %s [-h] [-d directory] -l [search expression]\n"
+msgstr ""
+
+#: plugins/sudoers/sudoreplay.c:1194
+#, c-format
+msgid ""
+"%s - replay sudo session logs\n"
+"\n"
+msgstr ""
+
+#: plugins/sudoers/sudoreplay.c:1196
+msgid ""
+"\n"
+"Options:\n"
+"  -d directory     specify directory for session logs\n"
+"  -f filter        specify which I/O type to display\n"
+"  -h               display help message and exit\n"
+"  -l [expression]  list available session IDs that match expression\n"
+"  -m max_wait      max number of seconds to wait between events\n"
+"  -s speed_factor  speed up or slow down output\n"
+"  -V               display version information and exit"
+msgstr ""
+
+#: plugins/sudoers/testsudoers.c:328
+msgid "\thost  unmatched"
+msgstr ""
+
+#: plugins/sudoers/testsudoers.c:331
+msgid ""
+"\n"
+"Command allowed"
+msgstr ""
+
+#: plugins/sudoers/testsudoers.c:332
+msgid ""
+"\n"
+"Command denied"
+msgstr ""
+
+#: plugins/sudoers/testsudoers.c:332
+msgid ""
+"\n"
+"Command unmatched"
+msgstr ""
+
+#: plugins/sudoers/timestamp.c:129
+#, c-format
+msgid "timestamp path too long: %s"
+msgstr ""
+
+#: plugins/sudoers/timestamp.c:203 plugins/sudoers/timestamp.c:247
+#: plugins/sudoers/timestamp.c:292
+#, c-format
+msgid "%s owned by uid %u, should be uid %u"
+msgstr ""
+
+#: plugins/sudoers/timestamp.c:208 plugins/sudoers/timestamp.c:252
+#, c-format
+msgid "%s writable by non-owner (0%o), should be mode 0700"
+msgstr ""
+
+#: plugins/sudoers/timestamp.c:286
+#, c-format
+msgid "%s exists but is not a regular file (0%o)"
+msgstr ""
+
+#: plugins/sudoers/timestamp.c:298
+#, c-format
+msgid "%s writable by non-owner (0%o), should be mode 0600"
+msgstr ""
+
+#: plugins/sudoers/timestamp.c:353
+#, c-format
+msgid "timestamp too far in the future: %20.20s"
+msgstr ""
+
+#: plugins/sudoers/timestamp.c:407
+#, c-format
+msgid "unable to remove %s, will reset to the epoch"
+msgstr ""
+
+#: plugins/sudoers/timestamp.c:414
+#, c-format
+msgid "unable to reset %s to the epoch"
+msgstr ""
+
+#: plugins/sudoers/toke_util.c:176
+#, c-format
+msgid "fill_args: buffer overflow"
+msgstr ""
+
+#: plugins/sudoers/visudo.c:180
+#, c-format
+msgid "%s grammar version %d\n"
+msgstr ""
+
+#: plugins/sudoers/visudo.c:243 plugins/sudoers/visudo.c:533
+#, c-format
+msgid "press return to edit %s: "
+msgstr ""
+
+#: plugins/sudoers/visudo.c:326 plugins/sudoers/visudo.c:332
+#, c-format
+msgid "write error"
+msgstr "yazma hatası"
+
+#: plugins/sudoers/visudo.c:414
+#, c-format
+msgid "unable to stat temporary file (%s), %s unchanged"
+msgstr ""
+
+#: plugins/sudoers/visudo.c:419
+#, c-format
+msgid "zero length temporary file (%s), %s unchanged"
+msgstr ""
+
+#: plugins/sudoers/visudo.c:425
+#, c-format
+msgid "editor (%s) failed, %s unchanged"
+msgstr ""
+
+#: plugins/sudoers/visudo.c:448
+#, c-format
+msgid "%s unchanged"
+msgstr "%s değişmemiş"
+
+#: plugins/sudoers/visudo.c:477
+#, c-format
+msgid "unable to re-open temporary file (%s), %s unchanged."
+msgstr "geçici dosya (%s) yeniden açılamadı, %s değişmemiş."
+
+#: plugins/sudoers/visudo.c:487
+#, c-format
+msgid "unabled to parse temporary file (%s), unknown error"
+msgstr ""
+
+#: plugins/sudoers/visudo.c:526
+#, c-format
+msgid "internal error, unable to find %s in list!"
+msgstr ""
+
+#: plugins/sudoers/visudo.c:578 plugins/sudoers/visudo.c:587
+#, c-format
+msgid "unable to set (uid, gid) of %s to (%u, %u)"
+msgstr ""
+
+#: plugins/sudoers/visudo.c:582 plugins/sudoers/visudo.c:592
+#, c-format
+msgid "unable to change mode of %s to 0%o"
+msgstr ""
+
+#: plugins/sudoers/visudo.c:609
+#, c-format
+msgid "%s and %s not on the same file system, using mv to rename"
+msgstr ""
+
+#: plugins/sudoers/visudo.c:623
+#, c-format
+msgid "command failed: '%s %s %s', %s unchanged"
+msgstr ""
+
+#: plugins/sudoers/visudo.c:633
+#, c-format
+msgid "error renaming %s, %s unchanged"
+msgstr ""
+
+#: plugins/sudoers/visudo.c:695
+msgid "What now? "
+msgstr ""
+
+#: plugins/sudoers/visudo.c:709
+msgid ""
+"Options are:\n"
+"  (e)dit sudoers file again\n"
+"  e(x)it without saving changes to sudoers file\n"
+"  (Q)uit and save changes to sudoers file (DANGER!)\n"
+msgstr ""
+
+#: plugins/sudoers/visudo.c:757
+#, c-format
+msgid "unable to run %s"
+msgstr "%s çalıştırılamadı"
+
+#: plugins/sudoers/visudo.c:783
+#, c-format
+msgid "%s: wrong owner (uid, gid) should be (%u, %u)\n"
+msgstr ""
+
+#: plugins/sudoers/visudo.c:790
+#, c-format
+msgid "%s: bad permissions, should be mode 0%o\n"
+msgstr ""
+
+#: plugins/sudoers/visudo.c:815
+#, c-format
+msgid "failed to parse %s file, unknown error"
+msgstr "%s dosyasının ayrıştırılması başarısız oldu, bilinmeyen hata"
+
+#: plugins/sudoers/visudo.c:831
+#, c-format
+msgid "parse error in %s near line %d\n"
+msgstr "%s içindeki %d satırı yakınında ayrıştırma hatası\n"
+
+#: plugins/sudoers/visudo.c:834
+#, c-format
+msgid "parse error in %s\n"
+msgstr "%s içinde ayrıştırma hatası\n"
+
+#: plugins/sudoers/visudo.c:841 plugins/sudoers/visudo.c:846
+#, c-format
+msgid "%s: parsed OK\n"
+msgstr "%s: ayrıştırma TAMAM\n"
+
+#: plugins/sudoers/visudo.c:893
+#, c-format
+msgid "%s busy, try again later"
+msgstr "%s meşgul, daha sonra tekrar deneyin"
+
+#: plugins/sudoers/visudo.c:937
+#, c-format
+msgid "specified editor (%s) doesn't exist"
+msgstr "belirtilen düzenleyici (%s) yok"
+
+#: plugins/sudoers/visudo.c:960
+#, c-format
+msgid "unable to stat editor (%s)"
+msgstr "düzenleyici (%s) başlatılamadı"
+
+#: plugins/sudoers/visudo.c:1008
+#, c-format
+msgid "no editor found (editor path = %s)"
+msgstr "hiçbir düzenleyici bulunamadı (düzenleyici yolu = %s)"
+
+#: plugins/sudoers/visudo.c:1100
+#, c-format
+msgid "Error: cycle in %s_Alias `%s'"
+msgstr ""
+
+#: plugins/sudoers/visudo.c:1101
+#, c-format
+msgid "Warning: cycle in %s_Alias `%s'"
+msgstr ""
+
+#: plugins/sudoers/visudo.c:1104
+#, c-format
+msgid "Error: %s_Alias `%s' referenced but not defined"
+msgstr ""
+
+#: plugins/sudoers/visudo.c:1105
+#, c-format
+msgid "Warning: %s_Alias `%s' referenced but not defined"
+msgstr ""
+
+#: plugins/sudoers/visudo.c:1240
+#, c-format
+msgid "%s: unused %s_Alias %s"
+msgstr ""
+
+#: plugins/sudoers/visudo.c:1302
+#, c-format
+msgid ""
+"%s - safely edit the sudoers file\n"
+"\n"
+msgstr ""
+
+#: plugins/sudoers/visudo.c:1304
+msgid ""
+"\n"
+"Options:\n"
+"  -c          check-only mode\n"
+"  -f sudoers  specify sudoers file location\n"
+"  -h          display help message and exit\n"
+"  -q          less verbose (quiet) syntax error messages\n"
+"  -s          strict syntax checking\n"
+"  -V          display version information and exit"
+msgstr ""
+"\n"
+"Seçenekler:\n"
+"  -c          sadece denetim kipi\n"
+"  -f sudoers  sudoers dosyasının konumu\n"
+"  -h          yardım iletisini görüntüle ve çık\n"
+"  -q          daha az ayrıntılı (sessiz=quiet) sözdizim hata iletileri\n"
+"  -s          sıkı sözdizim denetimi\n"
+"  -V          sürüm bilgisini görüntüle ve çık"
+
+#: toke.l:886
+msgid "too many levels of includes"
+msgstr ""
diff --git a/plugins/sudoers/po/uk.mo b/plugins/sudoers/po/uk.mo
new file mode 100644
index 0000000..f8acd08
--- /dev/null
+++ b/plugins/sudoers/po/uk.mo
diff --git a/plugins/sudoers/po/uk.po b/plugins/sudoers/po/uk.po
new file mode 100644
index 0000000..4610c19
--- /dev/null
+++ b/plugins/sudoers/po/uk.po
@@ -0,0 +1,2347 @@
+# Ukrainian translation for sudoers.
+# This file is put in the public domain.
+#
+# Yuri Chornoivan <yurchor@ukr.net>, 2011, 2012, 2013, 2014, 2015, 2016, 2017, 2018.
+msgid ""
+msgstr ""
+"Project-Id-Version: sudoers 1.8.26b1\n"
+"Report-Msgid-Bugs-To: https://bugzilla.sudo.ws\n"
+"POT-Creation-Date: 2018-10-29 08:31-0600\n"
+"PO-Revision-Date: 2018-10-29 21:04+0200\n"
+"Last-Translator: Yuri Chornoivan <yurchor@ukr.net>\n"
+"Language-Team: Ukrainian <translation-team-uk@lists.sourceforge.net>\n"
+"Language: uk\n"
+"MIME-Version: 1.0\n"
+"Content-Type: text/plain; charset=UTF-8\n"
+"Content-Transfer-Encoding: 8bit\n"
+"X-Bugs: Report translation errors to the Language-Team address.\n"
+"Plural-Forms: nplurals=4; plural=n==1 ? 3 : n%10==1 && n%100!=11 ? 0 : n%10>=2 && n%10<=4 && (n%100<10 || n%100>=20) ? 1 : 2;\n"
+"X-Generator: Lokalize 2.0\n"
+
+#: confstr.sh:1
+msgid "syntax error"
+msgstr "синтаксична помилка"
+
+#: confstr.sh:2
+msgid "%p's password: "
+msgstr "Пароль %p: "
+
+#: confstr.sh:3
+msgid "[sudo] password for %p: "
+msgstr "[sudo] пароль до %p: "
+
+#: confstr.sh:4
+msgid "Password: "
+msgstr "Пароль: "
+
+#: confstr.sh:5
+msgid "*** SECURITY information for %h ***"
+msgstr "*** Дані щодо ЗАХИСТУ %h ***"
+
+#: confstr.sh:6
+msgid "Sorry, try again."
+msgstr "Вибачте, повторіть спробу."
+
+#: gram.y:192 gram.y:240 gram.y:247 gram.y:254 gram.y:261 gram.y:268
+#: gram.y:284 gram.y:308 gram.y:315 gram.y:322 gram.y:329 gram.y:336
+#: gram.y:399 gram.y:407 gram.y:417 gram.y:450 gram.y:457 gram.y:464
+#: gram.y:471 gram.y:553 gram.y:560 gram.y:569 gram.y:578 gram.y:595
+#: gram.y:707 gram.y:714 gram.y:721 gram.y:729 gram.y:829 gram.y:836
+#: gram.y:843 gram.y:850 gram.y:857 gram.y:883 gram.y:890 gram.y:897
+#: gram.y:1020 gram.y:1294 plugins/sudoers/alias.c:130
+#: plugins/sudoers/alias.c:137 plugins/sudoers/alias.c:153
+#: plugins/sudoers/auth/bsdauth.c:146 plugins/sudoers/auth/kerb5.c:121
+#: plugins/sudoers/auth/kerb5.c:147 plugins/sudoers/auth/pam.c:524
+#: plugins/sudoers/auth/rfc1938.c:114 plugins/sudoers/auth/sia.c:62
+#: plugins/sudoers/cvtsudoers.c:123 plugins/sudoers/cvtsudoers.c:164
+#: plugins/sudoers/cvtsudoers.c:181 plugins/sudoers/cvtsudoers.c:192
+#: plugins/sudoers/cvtsudoers.c:304 plugins/sudoers/cvtsudoers.c:432
+#: plugins/sudoers/cvtsudoers.c:565 plugins/sudoers/cvtsudoers.c:582
+#: plugins/sudoers/cvtsudoers.c:645 plugins/sudoers/cvtsudoers.c:760
+#: plugins/sudoers/cvtsudoers.c:768 plugins/sudoers/cvtsudoers.c:1178
+#: plugins/sudoers/cvtsudoers.c:1182 plugins/sudoers/cvtsudoers.c:1284
+#: plugins/sudoers/cvtsudoers_ldif.c:152 plugins/sudoers/cvtsudoers_ldif.c:195
+#: plugins/sudoers/cvtsudoers_ldif.c:242 plugins/sudoers/cvtsudoers_ldif.c:261
+#: plugins/sudoers/cvtsudoers_ldif.c:332 plugins/sudoers/cvtsudoers_ldif.c:387
+#: plugins/sudoers/cvtsudoers_ldif.c:395 plugins/sudoers/cvtsudoers_ldif.c:412
+#: plugins/sudoers/cvtsudoers_ldif.c:421 plugins/sudoers/cvtsudoers_ldif.c:568
+#: plugins/sudoers/defaults.c:661 plugins/sudoers/defaults.c:954
+#: plugins/sudoers/defaults.c:1125 plugins/sudoers/editor.c:70
+#: plugins/sudoers/editor.c:88 plugins/sudoers/editor.c:99
+#: plugins/sudoers/env.c:247 plugins/sudoers/filedigest.c:64
+#: plugins/sudoers/filedigest.c:80 plugins/sudoers/gc.c:57
+#: plugins/sudoers/group_plugin.c:136 plugins/sudoers/interfaces.c:76
+#: plugins/sudoers/iolog.c:939 plugins/sudoers/iolog_path.c:172
+#: plugins/sudoers/iolog_util.c:83 plugins/sudoers/iolog_util.c:122
+#: plugins/sudoers/iolog_util.c:131 plugins/sudoers/iolog_util.c:141
+#: plugins/sudoers/iolog_util.c:149 plugins/sudoers/iolog_util.c:153
+#: plugins/sudoers/ldap.c:183 plugins/sudoers/ldap.c:414
+#: plugins/sudoers/ldap.c:418 plugins/sudoers/ldap.c:430
+#: plugins/sudoers/ldap.c:721 plugins/sudoers/ldap.c:885
+#: plugins/sudoers/ldap.c:1233 plugins/sudoers/ldap.c:1660
+#: plugins/sudoers/ldap.c:1697 plugins/sudoers/ldap.c:1778
+#: plugins/sudoers/ldap.c:1913 plugins/sudoers/ldap.c:2014
+#: plugins/sudoers/ldap.c:2030 plugins/sudoers/ldap_conf.c:221
+#: plugins/sudoers/ldap_conf.c:252 plugins/sudoers/ldap_conf.c:304
+#: plugins/sudoers/ldap_conf.c:340 plugins/sudoers/ldap_conf.c:443
+#: plugins/sudoers/ldap_conf.c:458 plugins/sudoers/ldap_conf.c:555
+#: plugins/sudoers/ldap_conf.c:588 plugins/sudoers/ldap_conf.c:680
+#: plugins/sudoers/ldap_conf.c:762 plugins/sudoers/ldap_util.c:508
+#: plugins/sudoers/ldap_util.c:564 plugins/sudoers/linux_audit.c:81
+#: plugins/sudoers/logging.c:195 plugins/sudoers/logging.c:511
+#: plugins/sudoers/logging.c:532 plugins/sudoers/logging.c:573
+#: plugins/sudoers/logging.c:752 plugins/sudoers/logging.c:1010
+#: plugins/sudoers/match.c:725 plugins/sudoers/match.c:772
+#: plugins/sudoers/match.c:813 plugins/sudoers/match.c:841
+#: plugins/sudoers/match.c:929 plugins/sudoers/match.c:1009
+#: plugins/sudoers/parse.c:195 plugins/sudoers/parse.c:207
+#: plugins/sudoers/parse.c:222 plugins/sudoers/parse.c:234
+#: plugins/sudoers/parse_ldif.c:141 plugins/sudoers/parse_ldif.c:168
+#: plugins/sudoers/parse_ldif.c:237 plugins/sudoers/parse_ldif.c:244
+#: plugins/sudoers/parse_ldif.c:249 plugins/sudoers/parse_ldif.c:325
+#: plugins/sudoers/parse_ldif.c:336 plugins/sudoers/parse_ldif.c:342
+#: plugins/sudoers/parse_ldif.c:367 plugins/sudoers/parse_ldif.c:379
+#: plugins/sudoers/parse_ldif.c:383 plugins/sudoers/parse_ldif.c:397
+#: plugins/sudoers/parse_ldif.c:564 plugins/sudoers/parse_ldif.c:594
+#: plugins/sudoers/parse_ldif.c:619 plugins/sudoers/parse_ldif.c:679
+#: plugins/sudoers/parse_ldif.c:698 plugins/sudoers/parse_ldif.c:744
+#: plugins/sudoers/parse_ldif.c:754 plugins/sudoers/policy.c:502
+#: plugins/sudoers/policy.c:744 plugins/sudoers/prompt.c:98
+#: plugins/sudoers/pwutil.c:197 plugins/sudoers/pwutil.c:269
+#: plugins/sudoers/pwutil.c:346 plugins/sudoers/pwutil.c:520
+#: plugins/sudoers/pwutil.c:586 plugins/sudoers/pwutil.c:656
+#: plugins/sudoers/pwutil.c:814 plugins/sudoers/pwutil.c:871
+#: plugins/sudoers/pwutil.c:916 plugins/sudoers/pwutil.c:974
+#: plugins/sudoers/sssd.c:152 plugins/sudoers/sssd.c:398
+#: plugins/sudoers/sssd.c:461 plugins/sudoers/sssd.c:505
+#: plugins/sudoers/sssd.c:552 plugins/sudoers/sssd.c:743
+#: plugins/sudoers/stubs.c:101 plugins/sudoers/stubs.c:109
+#: plugins/sudoers/sudoers.c:269 plugins/sudoers/sudoers.c:279
+#: plugins/sudoers/sudoers.c:288 plugins/sudoers/sudoers.c:330
+#: plugins/sudoers/sudoers.c:653 plugins/sudoers/sudoers.c:779
+#: plugins/sudoers/sudoers.c:823 plugins/sudoers/sudoers.c:1097
+#: plugins/sudoers/sudoers_debug.c:112 plugins/sudoers/sudoreplay.c:579
+#: plugins/sudoers/sudoreplay.c:582 plugins/sudoers/sudoreplay.c:1259
+#: plugins/sudoers/sudoreplay.c:1459 plugins/sudoers/sudoreplay.c:1463
+#: plugins/sudoers/testsudoers.c:134 plugins/sudoers/testsudoers.c:234
+#: plugins/sudoers/testsudoers.c:251 plugins/sudoers/testsudoers.c:585
+#: plugins/sudoers/timestamp.c:437 plugins/sudoers/timestamp.c:481
+#: plugins/sudoers/timestamp.c:958 plugins/sudoers/toke_util.c:57
+#: plugins/sudoers/toke_util.c:110 plugins/sudoers/toke_util.c:147
+#: plugins/sudoers/tsdump.c:128 plugins/sudoers/visudo.c:150
+#: plugins/sudoers/visudo.c:312 plugins/sudoers/visudo.c:318
+#: plugins/sudoers/visudo.c:428 plugins/sudoers/visudo.c:606
+#: plugins/sudoers/visudo.c:926 plugins/sudoers/visudo.c:1013
+#: plugins/sudoers/visudo.c:1102 toke.l:844 toke.l:945 toke.l:1102
+msgid "unable to allocate memory"
+msgstr "не вдалося отримати потрібний об’єм пам’яті"
+
+#: gram.y:482
+msgid "a digest requires a path name"
+msgstr "для контрольної суми слід вказати шлях"
+
+#: gram.y:608
+msgid "invalid notbefore value"
+msgstr "некоректне значення notbefore"
+
+#: gram.y:616
+msgid "invalid notafter value"
+msgstr "некоректне значення notafter"
+
+#: gram.y:625 plugins/sudoers/policy.c:318
+msgid "timeout value too large"
+msgstr "значення часу очікування є надто великим"
+
+#: gram.y:627 plugins/sudoers/policy.c:320
+msgid "invalid timeout value"
+msgstr "некоректне значення часу очікування"
+
+#: gram.y:1294 plugins/sudoers/auth/pam.c:354 plugins/sudoers/auth/pam.c:524
+#: plugins/sudoers/auth/rfc1938.c:114 plugins/sudoers/cvtsudoers.c:123
+#: plugins/sudoers/cvtsudoers.c:163 plugins/sudoers/cvtsudoers.c:180
+#: plugins/sudoers/cvtsudoers.c:191 plugins/sudoers/cvtsudoers.c:303
+#: plugins/sudoers/cvtsudoers.c:431 plugins/sudoers/cvtsudoers.c:564
+#: plugins/sudoers/cvtsudoers.c:581 plugins/sudoers/cvtsudoers.c:645
+#: plugins/sudoers/cvtsudoers.c:760 plugins/sudoers/cvtsudoers.c:767
+#: plugins/sudoers/cvtsudoers.c:1178 plugins/sudoers/cvtsudoers.c:1182
+#: plugins/sudoers/cvtsudoers.c:1284 plugins/sudoers/cvtsudoers_ldif.c:151
+#: plugins/sudoers/cvtsudoers_ldif.c:194 plugins/sudoers/cvtsudoers_ldif.c:241
+#: plugins/sudoers/cvtsudoers_ldif.c:260 plugins/sudoers/cvtsudoers_ldif.c:331
+#: plugins/sudoers/cvtsudoers_ldif.c:386 plugins/sudoers/cvtsudoers_ldif.c:394
+#: plugins/sudoers/cvtsudoers_ldif.c:411 plugins/sudoers/cvtsudoers_ldif.c:420
+#: plugins/sudoers/cvtsudoers_ldif.c:567 plugins/sudoers/defaults.c:661
+#: plugins/sudoers/defaults.c:954 plugins/sudoers/defaults.c:1125
+#: plugins/sudoers/editor.c:70 plugins/sudoers/editor.c:88
+#: plugins/sudoers/editor.c:99 plugins/sudoers/env.c:247
+#: plugins/sudoers/filedigest.c:64 plugins/sudoers/filedigest.c:80
+#: plugins/sudoers/gc.c:57 plugins/sudoers/group_plugin.c:136
+#: plugins/sudoers/interfaces.c:76 plugins/sudoers/iolog.c:939
+#: plugins/sudoers/iolog_path.c:172 plugins/sudoers/iolog_util.c:83
+#: plugins/sudoers/iolog_util.c:122 plugins/sudoers/iolog_util.c:131
+#: plugins/sudoers/iolog_util.c:141 plugins/sudoers/iolog_util.c:149
+#: plugins/sudoers/iolog_util.c:153 plugins/sudoers/ldap.c:183
+#: plugins/sudoers/ldap.c:414 plugins/sudoers/ldap.c:418
+#: plugins/sudoers/ldap.c:430 plugins/sudoers/ldap.c:721
+#: plugins/sudoers/ldap.c:885 plugins/sudoers/ldap.c:1233
+#: plugins/sudoers/ldap.c:1660 plugins/sudoers/ldap.c:1697
+#: plugins/sudoers/ldap.c:1778 plugins/sudoers/ldap.c:1913
+#: plugins/sudoers/ldap.c:2014 plugins/sudoers/ldap.c:2030
+#: plugins/sudoers/ldap_conf.c:221 plugins/sudoers/ldap_conf.c:252
+#: plugins/sudoers/ldap_conf.c:304 plugins/sudoers/ldap_conf.c:340
+#: plugins/sudoers/ldap_conf.c:443 plugins/sudoers/ldap_conf.c:458
+#: plugins/sudoers/ldap_conf.c:555 plugins/sudoers/ldap_conf.c:588
+#: plugins/sudoers/ldap_conf.c:679 plugins/sudoers/ldap_conf.c:762
+#: plugins/sudoers/ldap_util.c:508 plugins/sudoers/ldap_util.c:564
+#: plugins/sudoers/linux_audit.c:81 plugins/sudoers/logging.c:195
+#: plugins/sudoers/logging.c:511 plugins/sudoers/logging.c:532
+#: plugins/sudoers/logging.c:572 plugins/sudoers/logging.c:1010
+#: plugins/sudoers/match.c:724 plugins/sudoers/match.c:771
+#: plugins/sudoers/match.c:813 plugins/sudoers/match.c:841
+#: plugins/sudoers/match.c:929 plugins/sudoers/match.c:1008
+#: plugins/sudoers/parse.c:194 plugins/sudoers/parse.c:206
+#: plugins/sudoers/parse.c:221 plugins/sudoers/parse.c:233
+#: plugins/sudoers/parse_ldif.c:140 plugins/sudoers/parse_ldif.c:167
+#: plugins/sudoers/parse_ldif.c:236 plugins/sudoers/parse_ldif.c:243
+#: plugins/sudoers/parse_ldif.c:248 plugins/sudoers/parse_ldif.c:324
+#: plugins/sudoers/parse_ldif.c:335 plugins/sudoers/parse_ldif.c:341
+#: plugins/sudoers/parse_ldif.c:366 plugins/sudoers/parse_ldif.c:378
+#: plugins/sudoers/parse_ldif.c:382 plugins/sudoers/parse_ldif.c:396
+#: plugins/sudoers/parse_ldif.c:564 plugins/sudoers/parse_ldif.c:593
+#: plugins/sudoers/parse_ldif.c:618 plugins/sudoers/parse_ldif.c:678
+#: plugins/sudoers/parse_ldif.c:697 plugins/sudoers/parse_ldif.c:743
+#: plugins/sudoers/parse_ldif.c:753 plugins/sudoers/policy.c:132
+#: plugins/sudoers/policy.c:141 plugins/sudoers/policy.c:150
+#: plugins/sudoers/policy.c:176 plugins/sudoers/policy.c:303
+#: plugins/sudoers/policy.c:318 plugins/sudoers/policy.c:320
+#: plugins/sudoers/policy.c:346 plugins/sudoers/policy.c:356
+#: plugins/sudoers/policy.c:400 plugins/sudoers/policy.c:410
+#: plugins/sudoers/policy.c:419 plugins/sudoers/policy.c:428
+#: plugins/sudoers/policy.c:502 plugins/sudoers/policy.c:744
+#: plugins/sudoers/prompt.c:98 plugins/sudoers/pwutil.c:197
+#: plugins/sudoers/pwutil.c:269 plugins/sudoers/pwutil.c:346
+#: plugins/sudoers/pwutil.c:520 plugins/sudoers/pwutil.c:586
+#: plugins/sudoers/pwutil.c:656 plugins/sudoers/pwutil.c:814
+#: plugins/sudoers/pwutil.c:871 plugins/sudoers/pwutil.c:916
+#: plugins/sudoers/pwutil.c:974 plugins/sudoers/set_perms.c:392
+#: plugins/sudoers/set_perms.c:771 plugins/sudoers/set_perms.c:1155
+#: plugins/sudoers/set_perms.c:1481 plugins/sudoers/set_perms.c:1646
+#: plugins/sudoers/sssd.c:151 plugins/sudoers/sssd.c:398
+#: plugins/sudoers/sssd.c:461 plugins/sudoers/sssd.c:505
+#: plugins/sudoers/sssd.c:552 plugins/sudoers/sssd.c:743
+#: plugins/sudoers/stubs.c:101 plugins/sudoers/stubs.c:109
+#: plugins/sudoers/sudoers.c:269 plugins/sudoers/sudoers.c:279
+#: plugins/sudoers/sudoers.c:288 plugins/sudoers/sudoers.c:330
+#: plugins/sudoers/sudoers.c:653 plugins/sudoers/sudoers.c:779
+#: plugins/sudoers/sudoers.c:823 plugins/sudoers/sudoers.c:1097
+#: plugins/sudoers/sudoers_debug.c:111 plugins/sudoers/sudoreplay.c:579
+#: plugins/sudoers/sudoreplay.c:582 plugins/sudoers/sudoreplay.c:1259
+#: plugins/sudoers/sudoreplay.c:1459 plugins/sudoers/sudoreplay.c:1463
+#: plugins/sudoers/testsudoers.c:134 plugins/sudoers/testsudoers.c:234
+#: plugins/sudoers/testsudoers.c:251 plugins/sudoers/testsudoers.c:585
+#: plugins/sudoers/timestamp.c:437 plugins/sudoers/timestamp.c:481
+#: plugins/sudoers/timestamp.c:958 plugins/sudoers/toke_util.c:57
+#: plugins/sudoers/toke_util.c:110 plugins/sudoers/toke_util.c:147
+#: plugins/sudoers/tsdump.c:128 plugins/sudoers/visudo.c:150
+#: plugins/sudoers/visudo.c:312 plugins/sudoers/visudo.c:318
+#: plugins/sudoers/visudo.c:428 plugins/sudoers/visudo.c:606
+#: plugins/sudoers/visudo.c:926 plugins/sudoers/visudo.c:1013
+#: plugins/sudoers/visudo.c:1102 toke.l:844 toke.l:945 toke.l:1102
+#, c-format
+msgid "%s: %s"
+msgstr "%s: %s"
+
+#: plugins/sudoers/alias.c:148
+#, c-format
+msgid "Alias \"%s\" already defined"
+msgstr "Замінник «%s» вже визначено"
+
+#: plugins/sudoers/auth/bsdauth.c:73
+#, c-format
+msgid "unable to get login class for user %s"
+msgstr "не вдалося отримати клас входу до системи для користувача %s"
+
+#: plugins/sudoers/auth/bsdauth.c:78
+msgid "unable to begin bsd authentication"
+msgstr "не вдалося розпочати розпізнавання за BSD"
+
+#: plugins/sudoers/auth/bsdauth.c:86
+msgid "invalid authentication type"
+msgstr "некоректний тип розпізнавання"
+
+#: plugins/sudoers/auth/bsdauth.c:95
+msgid "unable to initialize BSD authentication"
+msgstr "не вдалося ініціалізувати розпізнавання за BSD"
+
+#: plugins/sudoers/auth/bsdauth.c:183
+msgid "your account has expired"
+msgstr "термін дії вашого облікового запису вичерпано"
+
+#: plugins/sudoers/auth/bsdauth.c:185
+msgid "approval failed"
+msgstr "не вдалося підтвердити"
+
+#: plugins/sudoers/auth/fwtk.c:57
+msgid "unable to read fwtk config"
+msgstr "не вдалося прочитати налаштування fwtk"
+
+#: plugins/sudoers/auth/fwtk.c:62
+msgid "unable to connect to authentication server"
+msgstr "не вдалося встановити з’єднання з сервером розпізнавання"
+
+#: plugins/sudoers/auth/fwtk.c:68 plugins/sudoers/auth/fwtk.c:92
+#: plugins/sudoers/auth/fwtk.c:124
+msgid "lost connection to authentication server"
+msgstr "втрачено зв’язок з сервером розпізнавання"
+
+#: plugins/sudoers/auth/fwtk.c:72
+#, c-format
+msgid ""
+"authentication server error:\n"
+"%s"
+msgstr ""
+"помилка сервера розпізнавання:\n"
+"%s"
+
+#: plugins/sudoers/auth/kerb5.c:113
+#, c-format
+msgid "%s: unable to convert principal to string ('%s'): %s"
+msgstr "%s: не вдалося перетворити реєстраційний запис на рядок («%s»): %s"
+
+#: plugins/sudoers/auth/kerb5.c:163
+#, c-format
+msgid "%s: unable to parse '%s': %s"
+msgstr "%s: не вдалося обробити «%s»: %s"
+
+#: plugins/sudoers/auth/kerb5.c:172
+#, c-format
+msgid "%s: unable to resolve credential cache: %s"
+msgstr "%s: не вдалося визначити кеш реєстраційних даних: %s"
+
+#: plugins/sudoers/auth/kerb5.c:219
+#, c-format
+msgid "%s: unable to allocate options: %s"
+msgstr "%s: не вдалося розмістити параметри: %s"
+
+#: plugins/sudoers/auth/kerb5.c:234
+#, c-format
+msgid "%s: unable to get credentials: %s"
+msgstr "%s: не вдалося отримати реєстраційні дані: %s"
+
+#: plugins/sudoers/auth/kerb5.c:247
+#, c-format
+msgid "%s: unable to initialize credential cache: %s"
+msgstr "%s: не вдалося ініціалізувати кеш реєстраційних даних: %s"
+
+#: plugins/sudoers/auth/kerb5.c:250
+#, c-format
+msgid "%s: unable to store credential in cache: %s"
+msgstr "%s: не вдалося зберегти реєстраційні дані у кеші: %s"
+
+#: plugins/sudoers/auth/kerb5.c:314
+#, c-format
+msgid "%s: unable to get host principal: %s"
+msgstr "%s: не вдалося отримати реєстраційний запис вузла: %s"
+
+#: plugins/sudoers/auth/kerb5.c:328
+#, c-format
+msgid "%s: Cannot verify TGT! Possible attack!: %s"
+msgstr "%s: спроба перевірки TGT зазнала невдачі! Ймовірно, вас атаковано: %s"
+
+#: plugins/sudoers/auth/pam.c:113
+msgid "unable to initialize PAM"
+msgstr "не вдалося ініціалізувати PAM"
+
+#: plugins/sudoers/auth/pam.c:204
+#, c-format
+msgid "PAM authentication error: %s"
+msgstr "Помилка розпізнавання PAM: %s"
+
+#: plugins/sudoers/auth/pam.c:221
+msgid "account validation failure, is your account locked?"
+msgstr "помилка під час спроби перевірки облікового запису. Ваш обліковий запис заблоковано?"
+
+#: plugins/sudoers/auth/pam.c:229
+msgid "Account or password is expired, reset your password and try again"
+msgstr "Строк дії облікового запису або пароля збіг, визначте новий пароль і повторіть спробу"
+
+#: plugins/sudoers/auth/pam.c:238
+#, c-format
+msgid "unable to change expired password: %s"
+msgstr "не вдалося змінити пароль, строк дії якого завершився: %s"
+
+#: plugins/sudoers/auth/pam.c:246
+msgid "Password expired, contact your system administrator"
+msgstr "Строк дії пароля збіг, зверніться до адміністратора вашої системи щодо поновлення пароля"
+
+#: plugins/sudoers/auth/pam.c:250
+msgid "Account expired or PAM config lacks an \"account\" section for sudo, contact your system administrator"
+msgstr "Строк дії облікового запису збіг або у файлі налаштувань PAM немає розділу \"account\" для sudo. Повідомте про це адміністратора вашої системи."
+
+#: plugins/sudoers/auth/pam.c:257 plugins/sudoers/auth/pam.c:262
+#, c-format
+msgid "PAM account management error: %s"
+msgstr "Помилка керування обліковими записами PAM: %s"
+
+#: plugins/sudoers/auth/rfc1938.c:102 plugins/sudoers/visudo.c:232
+#, c-format
+msgid "you do not exist in the %s database"
+msgstr "вас немає у базі даних %s"
+
+#: plugins/sudoers/auth/securid5.c:75
+msgid "failed to initialise the ACE API library"
+msgstr "не вдалося ініціалізувати бібліотеку програмного інтерфейсу до ACE"
+
+#: plugins/sudoers/auth/securid5.c:101
+msgid "unable to contact the SecurID server"
+msgstr "не вдалося встановити зв’язок з сервером SecurID"
+
+#: plugins/sudoers/auth/securid5.c:110
+msgid "User ID locked for SecurID Authentication"
+msgstr "Ідентифікатор користувача заблоковано для розпізнавання SecurID"
+
+#: plugins/sudoers/auth/securid5.c:114 plugins/sudoers/auth/securid5.c:165
+msgid "invalid username length for SecurID"
+msgstr "некоректна довжина імені користувача для SecurID"
+
+#: plugins/sudoers/auth/securid5.c:118 plugins/sudoers/auth/securid5.c:170
+msgid "invalid Authentication Handle for SecurID"
+msgstr "некоректний дескриптор розпізнавання для SecurID"
+
+#: plugins/sudoers/auth/securid5.c:122
+msgid "SecurID communication failed"
+msgstr "спроба обміну даними з SecurID зазнала невдачі"
+
+#: plugins/sudoers/auth/securid5.c:126 plugins/sudoers/auth/securid5.c:215
+msgid "unknown SecurID error"
+msgstr "невідома помилка SecurID"
+
+#: plugins/sudoers/auth/securid5.c:160
+msgid "invalid passcode length for SecurID"
+msgstr "некоректна довжина коду пароля для SecurID"
+
+#: plugins/sudoers/auth/sia.c:72 plugins/sudoers/auth/sia.c:127
+msgid "unable to initialize SIA session"
+msgstr "не вдалося ініціалізувати сеанс SIA"
+
+#: plugins/sudoers/auth/sudo_auth.c:136
+msgid "invalid authentication methods"
+msgstr "некоректні способи розпізнавання"
+
+#: plugins/sudoers/auth/sudo_auth.c:138
+msgid "Invalid authentication methods compiled into sudo!  You may not mix standalone and non-standalone authentication."
+msgstr "sudo зібрано з підтримкою некоректних способів розпізнавання! Не можна змішувати власні і зовнішні способи розпізнавання."
+
+#: plugins/sudoers/auth/sudo_auth.c:259 plugins/sudoers/auth/sudo_auth.c:309
+msgid "no authentication methods"
+msgstr "немає способів розпізнавання"
+
+#: plugins/sudoers/auth/sudo_auth.c:261
+msgid "There are no authentication methods compiled into sudo!  If you want to turn off authentication, use the --disable-authentication configure option."
+msgstr "sudo зібрано без можливостей з взаємодії з інструментами розпізнавання! Якщо ви хочете вимкнути розпізнавання, скористайтеся параметром налаштування --disable-authentication."
+
+#: plugins/sudoers/auth/sudo_auth.c:311
+msgid "Unable to initialize authentication methods."
+msgstr "Не вдалося ініціалізувати методи розпізнавання."
+
+#: plugins/sudoers/auth/sudo_auth.c:477
+msgid "Authentication methods:"
+msgstr "Способи розпізнавання:"
+
+#: plugins/sudoers/bsm_audit.c:123 plugins/sudoers/bsm_audit.c:215
+msgid "Could not determine audit condition"
+msgstr "Не вдалося визначити умови аудита"
+
+#: plugins/sudoers/bsm_audit.c:188 plugins/sudoers/bsm_audit.c:279
+msgid "unable to commit audit record"
+msgstr "не вдалося надіслати запис аудита"
+
+#: plugins/sudoers/check.c:267
+msgid ""
+"\n"
+"We trust you have received the usual lecture from the local System\n"
+"Administrator. It usually boils down to these three things:\n"
+"\n"
+"    #1) Respect the privacy of others.\n"
+"    #2) Think before you type.\n"
+"    #3) With great power comes great responsibility.\n"
+"\n"
+msgstr ""
+"\n"
+"Ми сподіваємося, що ви отримали належні настанови від адміністратора\n"
+"локальної системи. Зазвичай, подібні настанови зводяться до такого:\n"
+"\n"
+"    #1) Поважайте конфіденційність даних інших користувачів.\n"
+"    #2) Обдумайте свої дії, перш ніж виконувати їх.\n"
+"    #3) Користування широкими правами розширює сферу відповідальності.\n"
+"\n"
+
+#: plugins/sudoers/check.c:310 plugins/sudoers/check.c:320
+#: plugins/sudoers/sudoers.c:696 plugins/sudoers/sudoers.c:741
+#: plugins/sudoers/tsdump.c:124
+#, c-format
+msgid "unknown uid: %u"
+msgstr "невідоме значення uid: %u"
+
+#: plugins/sudoers/check.c:315 plugins/sudoers/iolog.c:253
+#: plugins/sudoers/policy.c:915 plugins/sudoers/sudoers.c:1136
+#: plugins/sudoers/testsudoers.c:225 plugins/sudoers/testsudoers.c:398
+#, c-format
+msgid "unknown user: %s"
+msgstr "невідомий користувач: %s"
+
+#: plugins/sudoers/cvtsudoers.c:198
+#, c-format
+msgid "order increment: %s: %s"
+msgstr "збільшення порядку: %s: %s"
+
+#: plugins/sudoers/cvtsudoers.c:214
+#, c-format
+msgid "starting order: %s: %s"
+msgstr "початковий порядок: %s: %s"
+
+#: plugins/sudoers/cvtsudoers.c:224
+#, c-format
+msgid "order padding: %s: %s"
+msgstr "доповнення порядку: %s: %s"
+
+#: plugins/sudoers/cvtsudoers.c:232 plugins/sudoers/sudoreplay.c:287
+#: plugins/sudoers/visudo.c:182
+#, c-format
+msgid "%s version %s\n"
+msgstr "%s, версія %s\n"
+
+#: plugins/sudoers/cvtsudoers.c:234 plugins/sudoers/visudo.c:184
+#, c-format
+msgid "%s grammar version %d\n"
+msgstr "Граматична перевірка %s, версія %d\n"
+
+#: plugins/sudoers/cvtsudoers.c:251 plugins/sudoers/testsudoers.c:173
+#, c-format
+msgid "unsupported input format %s"
+msgstr "непідтримуваний формат вхідних даних, %s"
+
+#: plugins/sudoers/cvtsudoers.c:266
+#, c-format
+msgid "unsupported output format %s"
+msgstr "непідтримуваний формат виведення, %s"
+
+#: plugins/sudoers/cvtsudoers.c:318
+#, c-format
+msgid "%s: input and output files must be different"
+msgstr "%s: файли вхідних і вихідних даних мають бути різними файлами"
+
+#: plugins/sudoers/cvtsudoers.c:334 plugins/sudoers/sudoers.c:172
+#: plugins/sudoers/testsudoers.c:264 plugins/sudoers/visudo.c:238
+#: plugins/sudoers/visudo.c:594 plugins/sudoers/visudo.c:917
+msgid "unable to initialize sudoers default values"
+msgstr "не вдалося ініціалізувати типові значення sudoers"
+
+#: plugins/sudoers/cvtsudoers.c:420 plugins/sudoers/ldap_conf.c:433
+#, c-format
+msgid "%s: %s: %s: %s"
+msgstr "%s: %s: %s: %s"
+
+#: plugins/sudoers/cvtsudoers.c:479
+#, c-format
+msgid "%s: unknown key word: %s"
+msgstr "%s: невідоме ключове слово: %s"
+
+#: plugins/sudoers/cvtsudoers.c:525
+#, c-format
+msgid "invalid defaults type: %s"
+msgstr "некоректний тип типових значень: %s"
+
+#: plugins/sudoers/cvtsudoers.c:548
+#, c-format
+msgid "invalid suppression type: %s"
+msgstr "некоректний тип придушення: %s"
+
+#: plugins/sudoers/cvtsudoers.c:588 plugins/sudoers/cvtsudoers.c:602
+#, c-format
+msgid "invalid filter: %s"
+msgstr "некоректний фільтр: %s"
+
+#: plugins/sudoers/cvtsudoers.c:621 plugins/sudoers/cvtsudoers.c:638
+#: plugins/sudoers/cvtsudoers.c:1244 plugins/sudoers/cvtsudoers_json.c:1128
+#: plugins/sudoers/cvtsudoers_ldif.c:641 plugins/sudoers/iolog.c:411
+#: plugins/sudoers/iolog_util.c:72 plugins/sudoers/sudoers.c:903
+#: plugins/sudoers/sudoreplay.c:333 plugins/sudoers/sudoreplay.c:1425
+#: plugins/sudoers/timestamp.c:446 plugins/sudoers/tsdump.c:133
+#: plugins/sudoers/visudo.c:913
+#, c-format
+msgid "unable to open %s"
+msgstr "не вдалося відкрити %s"
+
+#: plugins/sudoers/cvtsudoers.c:641 plugins/sudoers/visudo.c:922
+#, c-format
+msgid "failed to parse %s file, unknown error"
+msgstr "не вдалося обробити файл %s, невідома помилка"
+
+#: plugins/sudoers/cvtsudoers.c:649 plugins/sudoers/visudo.c:939
+#, c-format
+msgid "parse error in %s near line %d\n"
+msgstr "помилка обробки у %s поблизу рядка %d\n"
+
+#: plugins/sudoers/cvtsudoers.c:652 plugins/sudoers/visudo.c:942
+#, c-format
+msgid "parse error in %s\n"
+msgstr "помилка обробки у %s\n"
+
+#: plugins/sudoers/cvtsudoers.c:1291 plugins/sudoers/iolog.c:498
+#: plugins/sudoers/sudoreplay.c:1129 plugins/sudoers/timestamp.c:330
+#: plugins/sudoers/timestamp.c:333
+#, c-format
+msgid "unable to write to %s"
+msgstr "не вдалося виконати запис до %s"
+
+#: plugins/sudoers/cvtsudoers.c:1314
+#, c-format
+msgid ""
+"%s - convert between sudoers file formats\n"
+"\n"
+msgstr ""
+"%s — перетворення форматів файлів sudoers\n"
+"\n"
+
+#: plugins/sudoers/cvtsudoers.c:1316
+msgid ""
+"\n"
+"Options:\n"
+"  -b, --base=dn              the base DN for sudo LDAP queries\n"
+"  -d, --defaults=deftypes    only convert Defaults of the specified types\n"
+"  -e, --expand-aliases       expand aliases when converting\n"
+"  -f, --output-format=format set output format: JSON, LDIF or sudoers\n"
+"  -i, --input-format=format  set input format: LDIF or sudoers\n"
+"  -I, --increment=num        amount to increase each sudoOrder by\n"
+"  -h, --help                 display help message and exit\n"
+"  -m, --match=filter         only convert entries that match the filter\n"
+"  -M, --match-local          match filter uses passwd and group databases\n"
+"  -o, --output=output_file   write converted sudoers to output_file\n"
+"  -O, --order-start=num      starting point for first sudoOrder\n"
+"  -p, --prune-matches        prune non-matching users, groups and hosts\n"
+"  -P, --padding=num          base padding for sudoOrder increment\n"
+"  -s, --suppress=sections    suppress output of certain sections\n"
+"  -V, --version              display version information and exit"
+msgstr ""
+"\n"
+"Параметри:\n"
+"  -b, --base=dn              базовий DN для запитів sudo до LDAP\n"
+"  -d, --defaults=типи        перетворювати лише записи Defaults вказаних типів\n"
+"  -e, --expand-aliases       розгортати псевдоніми під час перетворення\n"
+"  -f, --output-format=формат встановити формат виведення: JSON, LDIF або sudoers\n"
+"  -i, --input-format=формат  встановити формат вхідних даних: LDIF або sudoers\n"
+"  -I, --increment=число      число, на яке слід збільшувати sudoOrder\n"
+"  -h, --help                 вивести довідкове повідомлення і завершити роботу\n"
+"  -m, --match=фільтр         перетворювати лише записи, які відповідають фільтру\n"
+"  -M, --match-local          встановлювати відповідність фільтра за базами даних passwd та груп\n"
+"  -o, --output=файл_результатів записати перетворені дані sudoers до файла файл_результатів\n"
+"  -O, --order-start=число    початкова точка для першого sudoOrder\n"
+"  -p, --prune-matches        вилучити невідповідні записи користувачів, груп і вузлів\n"
+"  -P, --padding=число        доповнення основи для нарощування sudoOrder\n"
+"  -s, --suppress=розділи     придушити виведення певних розділів\n"
+"  -V, --version              вивести дані щодо версії і завершити роботу"
+
+#: plugins/sudoers/cvtsudoers_json.c:682 plugins/sudoers/cvtsudoers_json.c:718
+#: plugins/sudoers/cvtsudoers_json.c:936
+#, c-format
+msgid "unknown defaults entry \"%s\""
+msgstr "невідомий запис типових параметрів «%s»"
+
+#: plugins/sudoers/cvtsudoers_json.c:856 plugins/sudoers/cvtsudoers_json.c:871
+#: plugins/sudoers/cvtsudoers_ldif.c:306 plugins/sudoers/cvtsudoers_ldif.c:317
+#: plugins/sudoers/ldap.c:480
+msgid "unable to get GMT time"
+msgstr "не вдалося отримати гринвіцький час"
+
+#: plugins/sudoers/cvtsudoers_json.c:859 plugins/sudoers/cvtsudoers_json.c:874
+#: plugins/sudoers/cvtsudoers_ldif.c:309 plugins/sudoers/cvtsudoers_ldif.c:320
+#: plugins/sudoers/ldap.c:486
+msgid "unable to format timestamp"
+msgstr "не вдалося виконати форматування часового штампа"
+
+#: plugins/sudoers/cvtsudoers_ldif.c:524 plugins/sudoers/env.c:309
+#: plugins/sudoers/env.c:316 plugins/sudoers/env.c:421
+#: plugins/sudoers/ldap.c:494 plugins/sudoers/ldap.c:725
+#: plugins/sudoers/ldap.c:1052 plugins/sudoers/ldap_conf.c:225
+#: plugins/sudoers/ldap_conf.c:315 plugins/sudoers/linux_audit.c:87
+#: plugins/sudoers/logging.c:1015 plugins/sudoers/policy.c:623
+#: plugins/sudoers/policy.c:633 plugins/sudoers/prompt.c:166
+#: plugins/sudoers/sudoers.c:845 plugins/sudoers/testsudoers.c:255
+#: plugins/sudoers/toke_util.c:159
+#, c-format
+msgid "internal error, %s overflow"
+msgstr "внутрішня помилка, переповнення %s"
+
+#: plugins/sudoers/cvtsudoers_ldif.c:593
+#, c-format
+msgid "too many sudoers entries, maximum %u"
+msgstr "забагато записів sudoers, максимальна кількість — %u"
+
+#: plugins/sudoers/cvtsudoers_ldif.c:636
+msgid "the SUDOERS_BASE environment variable is not set and the -b option was not specified."
+msgstr "не встановлено значення змінної середовища SUDOERS_BASE і не вказано параметра -b."
+
+#: plugins/sudoers/def_data.c:42
+#, c-format
+msgid "Syslog facility if syslog is being used for logging: %s"
+msgstr "Інструмент ведення журналу, якщо використано syslog: %s"
+
+#: plugins/sudoers/def_data.c:46
+#, c-format
+msgid "Syslog priority to use when user authenticates successfully: %s"
+msgstr "Пріоритетність, яка використовуватиметься у syslog для успішних розпізнавань: %s"
+
+#: plugins/sudoers/def_data.c:50
+#, c-format
+msgid "Syslog priority to use when user authenticates unsuccessfully: %s"
+msgstr "Пріоритетність, яка використовуватиметься у syslog для неуспішних розпізнавань: %s"
+
+#: plugins/sudoers/def_data.c:54
+msgid "Put OTP prompt on its own line"
+msgstr "Розташовувати запит щодо OTP у окремому рядку"
+
+#: plugins/sudoers/def_data.c:58
+msgid "Ignore '.' in $PATH"
+msgstr "Ігнорувати «.» у $PATH"
+
+#: plugins/sudoers/def_data.c:62
+msgid "Always send mail when sudo is run"
+msgstr "Завжди надсилати листа, коли викликано sudo"
+
+#: plugins/sudoers/def_data.c:66
+msgid "Send mail if user authentication fails"
+msgstr "Надсилати листа, якщо користувачу не вдалося пройти розпізнавання"
+
+#: plugins/sudoers/def_data.c:70
+msgid "Send mail if the user is not in sudoers"
+msgstr "Надсилати листа, якщо користувача немає серед sudoers"
+
+#: plugins/sudoers/def_data.c:74
+msgid "Send mail if the user is not in sudoers for this host"
+msgstr "Надсилати листа, якщо користувача немає у списку sudoers цього вузла"
+
+#: plugins/sudoers/def_data.c:78
+msgid "Send mail if the user is not allowed to run a command"
+msgstr "Надсилати листа, якщо користувачеві заборонено виконувати команду"
+
+#: plugins/sudoers/def_data.c:82
+msgid "Send mail if the user tries to run a command"
+msgstr "Надсилати листа, якщо користувач намагається віддати команду"
+
+#: plugins/sudoers/def_data.c:86
+msgid "Use a separate timestamp for each user/tty combo"
+msgstr "Окремий часовий штамп для кожної комбінації користувач/tty"
+
+#: plugins/sudoers/def_data.c:90
+msgid "Lecture user the first time they run sudo"
+msgstr "Показувати настанови користувачеві під час першого запуску sudo"
+
+#: plugins/sudoers/def_data.c:94
+#, c-format
+msgid "File containing the sudo lecture: %s"
+msgstr "Файл з настановами щодо sudo: %s"
+
+#: plugins/sudoers/def_data.c:98
+msgid "Require users to authenticate by default"
+msgstr "Типово, вимагати розпізнавання"
+
+#: plugins/sudoers/def_data.c:102
+msgid "Root may run sudo"
+msgstr "Root може виконувати sudo"
+
+#: plugins/sudoers/def_data.c:106
+msgid "Log the hostname in the (non-syslog) log file"
+msgstr "Записувати назву вузла до файла журналу (не syslog)"
+
+#: plugins/sudoers/def_data.c:110
+msgid "Log the year in the (non-syslog) log file"
+msgstr "Записувати рік до файла журналу (не syslog)"
+
+#: plugins/sudoers/def_data.c:114
+msgid "If sudo is invoked with no arguments, start a shell"
+msgstr "Якщо sudo викликано без параметрів, запускати командну оболонку"
+
+#: plugins/sudoers/def_data.c:118
+msgid "Set $HOME to the target user when starting a shell with -s"
+msgstr "Встановлювати $HOME відповідно до вказаного користувача для запуску оболонки з -s"
+
+#: plugins/sudoers/def_data.c:122
+msgid "Always set $HOME to the target user's home directory"
+msgstr "Завжди встановлювати значенням $HOME домашній каталог вказаного користувача"
+
+#: plugins/sudoers/def_data.c:126
+msgid "Allow some information gathering to give useful error messages"
+msgstr "Дозволити збирання даних з метою формування зрозумілих повідомлень про помилки"
+
+#: plugins/sudoers/def_data.c:130
+msgid "Require fully-qualified hostnames in the sudoers file"
+msgstr "У файлі sudoers слід вказати повні назви вузлів"
+
+#: plugins/sudoers/def_data.c:134
+msgid "Insult the user when they enter an incorrect password"
+msgstr "Знущатися з користувача, якщо введено помилковий пароль"
+
+#: plugins/sudoers/def_data.c:138
+msgid "Only allow the user to run sudo if they have a tty"
+msgstr "Дозволяти користувачеві виконувати sudo, лише якщо з ним пов’язано tty"
+
+#: plugins/sudoers/def_data.c:142
+msgid "Visudo will honor the EDITOR environment variable"
+msgstr "Visudo зважатимwill honor the EDITOR environment variable"
+
+#: plugins/sudoers/def_data.c:146
+msgid "Prompt for root's password, not the users's"
+msgstr "Надсилати запит на пароль root, а не користувача"
+
+#: plugins/sudoers/def_data.c:150
+msgid "Prompt for the runas_default user's password, not the users's"
+msgstr "Надсилати запит щодо пароля runas_default, але пароля самого користувача"
+
+#: plugins/sudoers/def_data.c:154
+msgid "Prompt for the target user's password, not the users's"
+msgstr "Надсилати запит щодо пароля потрібного користувача, але пароля самого користувача"
+
+#: plugins/sudoers/def_data.c:158
+msgid "Apply defaults in the target user's login class if there is one"
+msgstr "Застосовувати типові параметри у класі вказаного користувача, якщо такий клас є"
+
+#: plugins/sudoers/def_data.c:162
+msgid "Set the LOGNAME and USER environment variables"
+msgstr "Встановити значення змінних середовища LOGNAME і USER"
+
+#: plugins/sudoers/def_data.c:166
+msgid "Only set the effective uid to the target user, not the real uid"
+msgstr "Встановлювати для потрібного користувача ефективний uid, а не справжній uid"
+
+#: plugins/sudoers/def_data.c:170
+msgid "Don't initialize the group vector to that of the target user"
+msgstr "Не ініціалізувати вектор групи відповідно до вказаного користувача"
+
+#: plugins/sudoers/def_data.c:174
+#, c-format
+msgid "Length at which to wrap log file lines (0 for no wrap): %u"
+msgstr "Позиція, на якій слід переносити рядки файла журналу (0 — без перенесення): %u"
+
+#: plugins/sudoers/def_data.c:178
+#, c-format
+msgid "Authentication timestamp timeout: %.1f minutes"
+msgstr "Час очікування на часовий штамп розпізнавання: %.1f хвилина"
+
+#: plugins/sudoers/def_data.c:182
+#, c-format
+msgid "Password prompt timeout: %.1f minutes"
+msgstr "Час очікування на введення пароля: %.1f хвилина"
+
+#: plugins/sudoers/def_data.c:186
+#, c-format
+msgid "Number of tries to enter a password: %u"
+msgstr "Кількість спроб введення пароля: %u"
+
+#: plugins/sudoers/def_data.c:190
+#, c-format
+msgid "Umask to use or 0777 to use user's: 0%o"
+msgstr "Потрібне значення umask або 0777 для користувачевого: 0%o"
+
+#: plugins/sudoers/def_data.c:194
+#, c-format
+msgid "Path to log file: %s"
+msgstr "Шлях до файла журналу: %s"
+
+#: plugins/sudoers/def_data.c:198
+#, c-format
+msgid "Path to mail program: %s"
+msgstr "Шлях до програми ел. пошти: %s"
+
+#: plugins/sudoers/def_data.c:202
+#, c-format
+msgid "Flags for mail program: %s"
+msgstr "Параметри програми ел. пошти: %s"
+
+#: plugins/sudoers/def_data.c:206
+#, c-format
+msgid "Address to send mail to: %s"
+msgstr "Адреса, на яку надсилатимуться листи: %s"
+
+#: plugins/sudoers/def_data.c:210
+#, c-format
+msgid "Address to send mail from: %s"
+msgstr "Адреса, з якої надсилатимуться листи: %s"
+
+#: plugins/sudoers/def_data.c:214
+#, c-format
+msgid "Subject line for mail messages: %s"
+msgstr "Тема листів: %s"
+
+#: plugins/sudoers/def_data.c:218
+#, c-format
+msgid "Incorrect password message: %s"
+msgstr "Повідомлення про помилковий пароль: %s"
+
+#: plugins/sudoers/def_data.c:222
+#, c-format
+msgid "Path to lecture status dir: %s"
+msgstr "Шлях до каталогу стану отримання настанов: %s"
+
+#: plugins/sudoers/def_data.c:226
+#, c-format
+msgid "Path to authentication timestamp dir: %s"
+msgstr "Шлях до каталогу часових штампів розпізнавання: %s"
+
+#: plugins/sudoers/def_data.c:230
+#, c-format
+msgid "Owner of the authentication timestamp dir: %s"
+msgstr "Власник каталогу часових штампів розпізнавання: %s"
+
+#: plugins/sudoers/def_data.c:234
+#, c-format
+msgid "Users in this group are exempt from password and PATH requirements: %s"
+msgstr "Користувачів цієї групи звільнено від потреби у введенні пароля і PATH: %s"
+
+#: plugins/sudoers/def_data.c:238
+#, c-format
+msgid "Default password prompt: %s"
+msgstr "Типовий запит пароля: %s"
+
+#: plugins/sudoers/def_data.c:242
+msgid "If set, passprompt will override system prompt in all cases."
+msgstr "Якщо встановлено, запит щодо паролю замінюватиме запит системи."
+
+#: plugins/sudoers/def_data.c:246
+#, c-format
+msgid "Default user to run commands as: %s"
+msgstr "Типовий користувач для запуску команд: %s"
+
+#: plugins/sudoers/def_data.c:250
+#, c-format
+msgid "Value to override user's $PATH with: %s"
+msgstr "Значення для заміни $PATH користувача: %s"
+
+#: plugins/sudoers/def_data.c:254
+#, c-format
+msgid "Path to the editor for use by visudo: %s"
+msgstr "Шлях до редактора, який використовуватиме visudo: %s"
+
+#: plugins/sudoers/def_data.c:258
+#, c-format
+msgid "When to require a password for 'list' pseudocommand: %s"
+msgstr "Умови запиту пароля для псевдокоманди «list»: %s"
+
+#: plugins/sudoers/def_data.c:262
+#, c-format
+msgid "When to require a password for 'verify' pseudocommand: %s"
+msgstr "Умови запиту пароля для псевдокоманди «verify»: %s"
+
+#: plugins/sudoers/def_data.c:266
+msgid "Preload the dummy exec functions contained in the sudo_noexec library"
+msgstr "Попередньо завантажувати фіктивні функції виконання з бібліотеки sudo_noexec"
+
+#: plugins/sudoers/def_data.c:270
+msgid "If LDAP directory is up, do we ignore local sudoers file"
+msgstr "Чи слід ігнорувати локальний файл sudoers, якщо є доступ до каталогу LDAP"
+
+#: plugins/sudoers/def_data.c:274
+#, c-format
+msgid "File descriptors >= %d will be closed before executing a command"
+msgstr "Дескриптори файлів >= %d буде закрито перед виконанням команди"
+
+#: plugins/sudoers/def_data.c:278
+msgid "If set, users may override the value of `closefrom' with the -C option"
+msgstr "Якщо встановлено, користувачі можуть перевизначати значення «closefrom» за допомогою параметра -C"
+
+#: plugins/sudoers/def_data.c:282
+msgid "Allow users to set arbitrary environment variables"
+msgstr "Дозволити користувачам встановлювати значення довільних змінних середовища"
+
+#: plugins/sudoers/def_data.c:286
+msgid "Reset the environment to a default set of variables"
+msgstr "Відновити типовий набір змінних середовища"
+
+#: plugins/sudoers/def_data.c:290
+msgid "Environment variables to check for sanity:"
+msgstr "Змінні середовища, коректність яких слід перевіряти:"
+
+#: plugins/sudoers/def_data.c:294
+msgid "Environment variables to remove:"
+msgstr "Змінні середовища, які слід вилучити:"
+
+#: plugins/sudoers/def_data.c:298
+msgid "Environment variables to preserve:"
+msgstr "Змінні середовища, які слід зберегти:"
+
+#: plugins/sudoers/def_data.c:302
+#, c-format
+msgid "SELinux role to use in the new security context: %s"
+msgstr "Роль SELinux, яку слід використати у новому контексті захисту: %s"
+
+#: plugins/sudoers/def_data.c:306
+#, c-format
+msgid "SELinux type to use in the new security context: %s"
+msgstr "Тип SELinux, який слід використати у новому контексті захисту: %s"
+
+#: plugins/sudoers/def_data.c:310
+#, c-format
+msgid "Path to the sudo-specific environment file: %s"
+msgstr "Шлях до специфічного для sudo файла середовища: %s"
+
+#: plugins/sudoers/def_data.c:314
+#, c-format
+msgid "Path to the restricted sudo-specific environment file: %s"
+msgstr "Шлях до специфічного для sudo файла середовища з обмеженим доступом: %s"
+
+#: plugins/sudoers/def_data.c:318
+#, c-format
+msgid "Locale to use while parsing sudoers: %s"
+msgstr "Локаль, яку слід використати під час обробки sudoers: %s"
+
+#: plugins/sudoers/def_data.c:322
+msgid "Allow sudo to prompt for a password even if it would be visible"
+msgstr "Дозволити sudo надсилати запит щодо пароля, навіть якщо цей пароль буде видимим"
+
+#: plugins/sudoers/def_data.c:326
+msgid "Provide visual feedback at the password prompt when there is user input"
+msgstr "Супроводжувати введення користувачем пароля показом замінників символів пароля"
+
+#: plugins/sudoers/def_data.c:330
+msgid "Use faster globbing that is less accurate but does not access the filesystem"
+msgstr "Швидше встановлення відповідності, менш точне, але без доступу до файлової системи"
+
+#: plugins/sudoers/def_data.c:334
+msgid "The umask specified in sudoers will override the user's, even if it is more permissive"
+msgstr "Значення umask, вказане у sudoers, перевизначатиме значення користувача, навіть якщо це значення відкриває ширший доступ"
+
+#: plugins/sudoers/def_data.c:338
+msgid "Log user's input for the command being run"
+msgstr "Записувати дані, вказані користувачем під час виконання команди"
+
+#: plugins/sudoers/def_data.c:342
+msgid "Log the output of the command being run"
+msgstr "Записувати дані, виведені командою під час виконання"
+
+#: plugins/sudoers/def_data.c:346
+msgid "Compress I/O logs using zlib"
+msgstr "Стискати журнали за допомогою zlib"
+
+#: plugins/sudoers/def_data.c:350
+msgid "Always run commands in a pseudo-tty"
+msgstr "Завжди запускати команди у псевдо-tty"
+
+#: plugins/sudoers/def_data.c:354
+#, c-format
+msgid "Plugin for non-Unix group support: %s"
+msgstr "Додаток для підтримки не-Unix груп: %s"
+
+#: plugins/sudoers/def_data.c:358
+#, c-format
+msgid "Directory in which to store input/output logs: %s"
+msgstr "Каталог, у якому слід зберігати журнали введення/виведення: %s"
+
+#: plugins/sudoers/def_data.c:362
+#, c-format
+msgid "File in which to store the input/output log: %s"
+msgstr "Файл, у якому слід зберігати журнал введення/виведення даних: %s"
+
+#: plugins/sudoers/def_data.c:366
+msgid "Add an entry to the utmp/utmpx file when allocating a pty"
+msgstr "Додати запис до файла utmp/utmpx під час розміщення pty"
+
+#: plugins/sudoers/def_data.c:370
+msgid "Set the user in utmp to the runas user, not the invoking user"
+msgstr "Встановити користувача у utmp у значення користувача, від імені якого виконується команда"
+
+#: plugins/sudoers/def_data.c:374
+#, c-format
+msgid "Set of permitted privileges: %s"
+msgstr "Набір дозвільних прав доступу: %s"
+
+#: plugins/sudoers/def_data.c:378
+#, c-format
+msgid "Set of limit privileges: %s"
+msgstr "Набір обмежувальних прав доступу: %s"
+
+#: plugins/sudoers/def_data.c:382
+msgid "Run commands on a pty in the background"
+msgstr "Виконувати команди у pty у фоновому режимі"
+
+#: plugins/sudoers/def_data.c:386
+#, c-format
+msgid "PAM service name to use: %s"
+msgstr "Назва служби PAM, якою слід скористатися: %s"
+
+#: plugins/sudoers/def_data.c:390
+#, c-format
+msgid "PAM service name to use for login shells: %s"
+msgstr "Назва служби PAM, якою слід скористатися для оболонок входу до системи: %s"
+
+#: plugins/sudoers/def_data.c:394
+msgid "Attempt to establish PAM credentials for the target user"
+msgstr "Спробувати встановити реєстраційні дані PAM для користувача, від імені якого виконуватимуться дії"
+
+#: plugins/sudoers/def_data.c:398
+msgid "Create a new PAM session for the command to run in"
+msgstr "Створити сеанс PAM для виконання команди"
+
+#: plugins/sudoers/def_data.c:402
+#, c-format
+msgid "Maximum I/O log sequence number: %u"
+msgstr "Максимальний номер у послідовності журналу введення-виведення: %u"
+
+#: plugins/sudoers/def_data.c:406
+msgid "Enable sudoers netgroup support"
+msgstr "Увімкнути підтримку мережевих груп у sudoers"
+
+#: plugins/sudoers/def_data.c:410
+msgid "Check parent directories for writability when editing files with sudoedit"
+msgstr "Перевіряти можливість запису до батьківського каталогу під час редагування фалів за допомогою sudoedit"
+
+#: plugins/sudoers/def_data.c:414
+msgid "Follow symbolic links when editing files with sudoedit"
+msgstr "Переходити за символічними посиланнями під час редагування файлів за допомогою sudoedit"
+
+#: plugins/sudoers/def_data.c:418
+msgid "Query the group plugin for unknown system groups"
+msgstr "Надсилати запит до додатка груп щодо невідомих груп системи"
+
+#: plugins/sudoers/def_data.c:422
+msgid "Match netgroups based on the entire tuple: user, host and domain"
+msgstr "Встановлювати відповідність мережевим групам за усім кортежем даних: користувачем, вузлом і доменом"
+
+#: plugins/sudoers/def_data.c:426
+msgid "Allow commands to be run even if sudo cannot write to the audit log"
+msgstr "Дозволити виконання команд, навіть якщо sudo не може здійснювати запис до журналу аудиту"
+
+#: plugins/sudoers/def_data.c:430
+msgid "Allow commands to be run even if sudo cannot write to the I/O log"
+msgstr "Дозволити виконання команд, навіть якщо sudo не може здійснювати запис до журналу введення-виведення"
+
+#: plugins/sudoers/def_data.c:434
+msgid "Allow commands to be run even if sudo cannot write to the log file"
+msgstr "Дозволити виконання команд, навіть якщо sudo не може здійснювати запис до файла журналу"
+
+#: plugins/sudoers/def_data.c:438
+msgid "Resolve groups in sudoers and match on the group ID, not the name"
+msgstr "Визначати групи у sudoers і встановлювати відповідність не назві, а ідентифікатору групи"
+
+#: plugins/sudoers/def_data.c:442
+#, c-format
+msgid "Log entries larger than this value will be split into multiple syslog messages: %u"
+msgstr "Записи журналу, які виявляться довшими за це значення, буде поділено на декілька повідомлень журналу системи: %u"
+
+#: plugins/sudoers/def_data.c:446
+#, c-format
+msgid "User that will own the I/O log files: %s"
+msgstr "Користувач, який буде власником усіх файлів журналу введення-виведення: %s"
+
+#: plugins/sudoers/def_data.c:450
+#, c-format
+msgid "Group that will own the I/O log files: %s"
+msgstr "Група, яка буде власником усіх файлів журналу введення-виведення: %s"
+
+#: plugins/sudoers/def_data.c:454
+#, c-format
+msgid "File mode to use for the I/O log files: 0%o"
+msgstr "Режим доступу до файлів, яким слід скористатися для файлів журналу введення-виведення: 0%o"
+
+#: plugins/sudoers/def_data.c:458
+#, c-format
+msgid "Execute commands by file descriptor instead of by path: %s"
+msgstr "Виконати команди за дескриптором файла замість виконання за шляхом: %s"
+
+#: plugins/sudoers/def_data.c:462
+msgid "Ignore unknown Defaults entries in sudoers instead of producing a warning"
+msgstr "Ігнорувати невідомі записи Defaults у sudoers замість показу попередження"
+
+#: plugins/sudoers/def_data.c:466
+#, c-format
+msgid "Time in seconds after which the command will be terminated: %u"
+msgstr "Час у секундах, який має минути, щоб команду буде перервано: %u"
+
+#: plugins/sudoers/def_data.c:470
+msgid "Allow the user to specify a timeout on the command line"
+msgstr "Надати змогу користувачеві встановлювати час очікування у командному рядку"
+
+#: plugins/sudoers/def_data.c:474
+msgid "Flush I/O log data to disk immediately instead of buffering it"
+msgstr "Скидати дані журналу введення-виведення на диск негайно, без буферизації"
+
+#: plugins/sudoers/def_data.c:478
+msgid "Include the process ID when logging via syslog"
+msgstr "Включати ідентифікатор процесу до журналів syslog"
+
+#: plugins/sudoers/def_data.c:482
+#, c-format
+msgid "Type of authentication timestamp record: %s"
+msgstr "Тип запису часової позначки розпізнавання: %s"
+
+#: plugins/sudoers/def_data.c:486
+#, c-format
+msgid "Authentication failure message: %s"
+msgstr "Повідомлення про помилку розпізнавання: %s"
+
+#: plugins/sudoers/def_data.c:490
+msgid "Ignore case when matching user names"
+msgstr "Ігнорувати регістр символів при пошуку імен користувачів"
+
+#: plugins/sudoers/def_data.c:494
+msgid "Ignore case when matching group names"
+msgstr "Ігнорувати регістр символів при пошуку назв груп"
+
+#: plugins/sudoers/defaults.c:229
+#, c-format
+msgid "%s:%d unknown defaults entry \"%s\""
+msgstr "%s:%d невідомий запис типових параметрів, «%s»"
+
+#: plugins/sudoers/defaults.c:232
+#, c-format
+msgid "%s: unknown defaults entry \"%s\""
+msgstr "%s: невідомий запис типових параметрів, «%s»"
+
+#: plugins/sudoers/defaults.c:275
+#, c-format
+msgid "%s:%d no value specified for \"%s\""
+msgstr "%s:%d не вказано значення для «%s»"
+
+#: plugins/sudoers/defaults.c:278
+#, c-format
+msgid "%s: no value specified for \"%s\""
+msgstr "%s: не вказано значення для «%s»"
+
+#: plugins/sudoers/defaults.c:298
+#, c-format
+msgid "%s:%d values for \"%s\" must start with a '/'"
+msgstr "%s:%d значення для «%s» має починатися з «/»"
+
+#: plugins/sudoers/defaults.c:301
+#, c-format
+msgid "%s: values for \"%s\" must start with a '/'"
+msgstr "%s: значення для «%s» має починатися з «/»"
+
+#: plugins/sudoers/defaults.c:323
+#, c-format
+msgid "%s:%d option \"%s\" does not take a value"
+msgstr "%s:%d параметру «%s» не потрібно передавати значення"
+
+#: plugins/sudoers/defaults.c:326
+#, c-format
+msgid "%s: option \"%s\" does not take a value"
+msgstr "%s: параметру «%s» не потрібно передавати значення"
+
+#: plugins/sudoers/defaults.c:351
+#, c-format
+msgid "%s:%d invalid Defaults type 0x%x for option \"%s\""
+msgstr "%s:%d некоректний тип Defaults, 0x%x, для параметра «%s»"
+
+#: plugins/sudoers/defaults.c:354
+#, c-format
+msgid "%s: invalid Defaults type 0x%x for option \"%s\""
+msgstr "%s: некоректний тип Defaults, 0x%x, для параметра «%s»"
+
+#: plugins/sudoers/defaults.c:364
+#, c-format
+msgid "%s:%d value \"%s\" is invalid for option \"%s\""
+msgstr "%s:%d значення «%s» є некоректним для параметра «%s»"
+
+#: plugins/sudoers/defaults.c:367
+#, c-format
+msgid "%s: value \"%s\" is invalid for option \"%s\""
+msgstr "%s: значення «%s» є некоректним для параметра «%s»"
+
+#: plugins/sudoers/env.c:390
+msgid "sudo_putenv: corrupted envp, length mismatch"
+msgstr "sudo_putenv: помилкове значення envp, невідповідність довжин"
+
+#: plugins/sudoers/env.c:1111
+msgid "unable to rebuild the environment"
+msgstr "не вдалося перебудувати середовище"
+
+#: plugins/sudoers/env.c:1185
+#, c-format
+msgid "sorry, you are not allowed to set the following environment variables: %s"
+msgstr "вибачте, вам не дозволено встановлювати такі змінні середовища: %s"
+
+#: plugins/sudoers/file.c:114
+#, c-format
+msgid "parse error in %s near line %d"
+msgstr "помилка обробки у %s поблизу рядка %d"
+
+#: plugins/sudoers/file.c:117
+#, c-format
+msgid "parse error in %s"
+msgstr "помилка обробки у %s"
+
+#: plugins/sudoers/filedigest.c:59
+#, c-format
+msgid "unsupported digest type %d for %s"
+msgstr "непідтримуваний тип контрольної суми, %d, для %s"
+
+#: plugins/sudoers/filedigest.c:88
+#, c-format
+msgid "%s: read error"
+msgstr "%s: помилка читання"
+
+#: plugins/sudoers/group_plugin.c:88
+#, c-format
+msgid "%s must be owned by uid %d"
+msgstr "%s має належати користувачеві з uid %d"
+
+#: plugins/sudoers/group_plugin.c:92
+#, c-format
+msgid "%s must only be writable by owner"
+msgstr "%s має бути доступним до запису лише для власника"
+
+#: plugins/sudoers/group_plugin.c:100 plugins/sudoers/sssd.c:561
+#, c-format
+msgid "unable to load %s: %s"
+msgstr "не вдалося завантажити %s: %s"
+
+#: plugins/sudoers/group_plugin.c:106
+#, c-format
+msgid "unable to find symbol \"group_plugin\" in %s"
+msgstr "не вдалося знайти символ «group_plugin» у %s"
+
+#: plugins/sudoers/group_plugin.c:111
+#, c-format
+msgid "%s: incompatible group plugin major version %d, expected %d"
+msgstr "%s: несумісна основна версія додатка обробки груп %d, мало бути — %d"
+
+#: plugins/sudoers/interfaces.c:84 plugins/sudoers/interfaces.c:101
+#, c-format
+msgid "unable to parse IP address \"%s\""
+msgstr "не вдалося обробити IP-адресу «%s»"
+
+#: plugins/sudoers/interfaces.c:89 plugins/sudoers/interfaces.c:106
+#, c-format
+msgid "unable to parse netmask \"%s\""
+msgstr "не вдалося обробити маску мережі «%s»"
+
+#: plugins/sudoers/interfaces.c:134
+msgid "Local IP address and netmask pairs:\n"
+msgstr "Пари локальних IP-адрес і масок мережі:\n"
+
+#: plugins/sudoers/iolog.c:115 plugins/sudoers/mkdir_parents.c:80
+#, c-format
+msgid "%s exists but is not a directory (0%o)"
+msgstr "%s існує, але не є каталогом (0%o)"
+
+#: plugins/sudoers/iolog.c:140 plugins/sudoers/iolog.c:180
+#: plugins/sudoers/mkdir_parents.c:69 plugins/sudoers/timestamp.c:210
+#, c-format
+msgid "unable to mkdir %s"
+msgstr "не вдалося створити каталог %s"
+
+#: plugins/sudoers/iolog.c:184 plugins/sudoers/visudo.c:723
+#: plugins/sudoers/visudo.c:734
+#, c-format
+msgid "unable to change mode of %s to 0%o"
+msgstr "не вдалося змінити режим доступу до %s на значення 0%o"
+
+#: plugins/sudoers/iolog.c:292 plugins/sudoers/sudoers.c:1167
+#: plugins/sudoers/testsudoers.c:422
+#, c-format
+msgid "unknown group: %s"
+msgstr "невідома група: %s"
+
+#: plugins/sudoers/iolog.c:462 plugins/sudoers/sudoers.c:907
+#: plugins/sudoers/sudoreplay.c:840 plugins/sudoers/sudoreplay.c:1536
+#: plugins/sudoers/tsdump.c:143
+#, c-format
+msgid "unable to read %s"
+msgstr "не вдалося прочитати %s"
+
+#: plugins/sudoers/iolog.c:577 plugins/sudoers/iolog.c:797
+#, c-format
+msgid "unable to create %s"
+msgstr "не вдалося створити %s"
+
+#: plugins/sudoers/iolog.c:820 plugins/sudoers/iolog.c:1035
+#: plugins/sudoers/iolog.c:1111 plugins/sudoers/iolog.c:1205
+#: plugins/sudoers/iolog.c:1265
+#, c-format
+msgid "unable to write to I/O log file: %s"
+msgstr "не вдалося здійснити запис до файла журналу введення-виведення: %s"
+
+#: plugins/sudoers/iolog.c:1069
+#, c-format
+msgid "%s: internal error, I/O log file for event %d not open"
+msgstr "%s: внутрішня помилка, файл журналу введення-виведення для події %d не відкрито"
+
+#: plugins/sudoers/iolog.c:1228
+#, c-format
+msgid "%s: internal error, invalid signal %d"
+msgstr "%s: внутрішня помилка, некоректний сигнал %d"
+
+#: plugins/sudoers/iolog_util.c:87
+#, c-format
+msgid "%s: invalid log file"
+msgstr "%s: некоректний файл журналу"
+
+#: plugins/sudoers/iolog_util.c:105
+#, c-format
+msgid "%s: time stamp field is missing"
+msgstr "%s: не вказано даних щодо часової позначки"
+
+#: plugins/sudoers/iolog_util.c:111
+#, c-format
+msgid "%s: time stamp %s: %s"
+msgstr "%s: часова позначка %s: %s"
+
+#: plugins/sudoers/iolog_util.c:118
+#, c-format
+msgid "%s: user field is missing"
+msgstr "%s: не вказано даних щодо користувача"
+
+#: plugins/sudoers/iolog_util.c:127
+#, c-format
+msgid "%s: runas user field is missing"
+msgstr "%s: не вказано даних щодо користувача, від імені якого відбуватиметься виконання"
+
+#: plugins/sudoers/iolog_util.c:136
+#, c-format
+msgid "%s: runas group field is missing"
+msgstr "%s: не вказано даних щодо групи, від імені якої відбуватиметься виконання"
+
+#: plugins/sudoers/ldap.c:176 plugins/sudoers/ldap_conf.c:294
+msgid "starttls not supported when using ldaps"
+msgstr "підтримки starttls, якщо використовується ldaps, не передбачено"
+
+#: plugins/sudoers/ldap.c:247
+#, c-format
+msgid "unable to initialize SSL cert and key db: %s"
+msgstr "не вдалося ініціалізувати базу даних сертифікатів і ключів SSL: %s"
+
+#: plugins/sudoers/ldap.c:250
+#, c-format
+msgid "you must set TLS_CERT in %s to use SSL"
+msgstr "щоб скористатися SSL, вам слід встановити для TLS_CERT значення %s"
+
+#: plugins/sudoers/ldap.c:1612
+#, c-format
+msgid "unable to initialize LDAP: %s"
+msgstr "не вдалося ініціалізувати LDAP: %s"
+
+#: plugins/sudoers/ldap.c:1648
+msgid "start_tls specified but LDAP libs do not support ldap_start_tls_s() or ldap_start_tls_s_np()"
+msgstr "start_tls вказано, але у бібліотеках LDAP не передбачено підтримки ldap_start_tls_s() або ldap_start_tls_s_np()"
+
+#: plugins/sudoers/ldap.c:1785 plugins/sudoers/parse_ldif.c:735
+#, c-format
+msgid "invalid sudoOrder attribute: %s"
+msgstr "некоректний атрибут sudoOrder: %s"
+
+#: plugins/sudoers/ldap_conf.c:203
+msgid "sudo_ldap_conf_add_ports: port too large"
+msgstr "sudo_ldap_conf_add_ports: занадто великий номер порту"
+
+#: plugins/sudoers/ldap_conf.c:263
+#, c-format
+msgid "unsupported LDAP uri type: %s"
+msgstr "непідтримуваний тип адреси LDAP: %s"
+
+#: plugins/sudoers/ldap_conf.c:290
+msgid "unable to mix ldap and ldaps URIs"
+msgstr "не можна використовувати суміш з адрес ldap і ldaps"
+
+#: plugins/sudoers/ldap_util.c:454 plugins/sudoers/ldap_util.c:456
+#, c-format
+msgid "unable to convert sudoOption: %s%s%s"
+msgstr "не вдалося перетворити запис sudoOption: %s%s%s"
+
+#: plugins/sudoers/linux_audit.c:57
+msgid "unable to open audit system"
+msgstr "не вдалося відкрити систему аудита"
+
+#: plugins/sudoers/linux_audit.c:98
+msgid "unable to send audit message"
+msgstr "не вдалося надіслати повідомлення аудита"
+
+#: plugins/sudoers/logging.c:113
+#, c-format
+msgid "%8s : %s"
+msgstr "%8s : %s"
+
+#: plugins/sudoers/logging.c:141
+#, c-format
+msgid "%8s : (command continued) %s"
+msgstr "%8s : (команда продовжується) %s"
+
+#: plugins/sudoers/logging.c:170
+#, c-format
+msgid "unable to open log file: %s"
+msgstr "не вдалося відкрити файл журналу: %s"
+
+#: plugins/sudoers/logging.c:178
+#, c-format
+msgid "unable to lock log file: %s"
+msgstr "не вдалося заблокувати файл журналу: %s"
+
+#: plugins/sudoers/logging.c:211
+#, c-format
+msgid "unable to write log file: %s"
+msgstr "не вдалося виконати запис до файла журналу: %s"
+
+#: plugins/sudoers/logging.c:240
+msgid "No user or host"
+msgstr "Немає користувача або вузла"
+
+#: plugins/sudoers/logging.c:242
+msgid "validation failure"
+msgstr "помилка під час спроби перевірки"
+
+#: plugins/sudoers/logging.c:249
+msgid "user NOT in sudoers"
+msgstr "користувача немає у списку sudoers"
+
+#: plugins/sudoers/logging.c:251
+msgid "user NOT authorized on host"
+msgstr "користувача не уповноважено на дії на вузлі"
+
+#: plugins/sudoers/logging.c:253
+msgid "command not allowed"
+msgstr "виконання команди заборонено"
+
+#: plugins/sudoers/logging.c:288
+#, c-format
+msgid "%s is not in the sudoers file.  This incident will be reported.\n"
+msgstr "%s немає у файлі sudoers. Запис про подію додано до звіту.\n"
+
+#: plugins/sudoers/logging.c:291
+#, c-format
+msgid "%s is not allowed to run sudo on %s.  This incident will be reported.\n"
+msgstr "%s заборонено виконувати sudo на %s. Запис про подію додано до звіту.\n"
+
+#: plugins/sudoers/logging.c:295
+#, c-format
+msgid "Sorry, user %s may not run sudo on %s.\n"
+msgstr "Вибачте, користувач %s не має права виконувати sudo на %s.\n"
+
+#: plugins/sudoers/logging.c:298
+#, c-format
+msgid "Sorry, user %s is not allowed to execute '%s%s%s' as %s%s%s on %s.\n"
+msgstr "Вибачте, користувач %s не має права виконувати «%s%s%s» від імені %s%s%s на %s.\n"
+
+#: plugins/sudoers/logging.c:335 plugins/sudoers/sudoers.c:438
+#: plugins/sudoers/sudoers.c:440 plugins/sudoers/sudoers.c:442
+#: plugins/sudoers/sudoers.c:444 plugins/sudoers/sudoers.c:599
+#: plugins/sudoers/sudoers.c:601
+#, c-format
+msgid "%s: command not found"
+msgstr "%s: команду не знайдено"
+
+#: plugins/sudoers/logging.c:337 plugins/sudoers/sudoers.c:434
+#, c-format
+msgid ""
+"ignoring \"%s\" found in '.'\n"
+"Use \"sudo ./%s\" if this is the \"%s\" you wish to run."
+msgstr ""
+"пропущено «%s» знайдений у «.»\n"
+"Скористайтеся командою «sudo ./%s», якщо вам потрібно виконати саме «%s»."
+
+#: plugins/sudoers/logging.c:354
+msgid "authentication failure"
+msgstr "помилка під час спроби розпізнавання"
+
+#: plugins/sudoers/logging.c:380
+msgid "a password is required"
+msgstr "слід вказати пароль"
+
+#: plugins/sudoers/logging.c:443
+#, c-format
+msgid "%u incorrect password attempt"
+msgid_plural "%u incorrect password attempts"
+msgstr[0] "%u невдала спроба введення пароля"
+msgstr[1] "%u невдалих спроби введення пароля"
+msgstr[2] "%u невдалих спроб введення пароля"
+msgstr[3] "одна невдала спроба введення пароля"
+
+#: plugins/sudoers/logging.c:666
+msgid "unable to fork"
+msgstr "не вдалося створити відгалуження"
+
+#: plugins/sudoers/logging.c:674 plugins/sudoers/logging.c:726
+#, c-format
+msgid "unable to fork: %m"
+msgstr "не вдалося створити відгалуження: %m"
+
+#: plugins/sudoers/logging.c:716
+#, c-format
+msgid "unable to open pipe: %m"
+msgstr "не вдалося відкрити канал: %m"
+
+#: plugins/sudoers/logging.c:741
+#, c-format
+msgid "unable to dup stdin: %m"
+msgstr "не вдалося здублювати stdin: %m"
+
+#: plugins/sudoers/logging.c:779
+#, c-format
+msgid "unable to execute %s: %m"
+msgstr "не вдалося виконати %s: %m"
+
+#: plugins/sudoers/match.c:874
+#, c-format
+msgid "digest for %s (%s) is not in %s form"
+msgstr "контрольну суму для %s (%s) подано не у формі %s"
+
+#: plugins/sudoers/mkdir_parents.c:75 plugins/sudoers/sudoers.c:918
+#: plugins/sudoers/visudo.c:421 plugins/sudoers/visudo.c:717
+#, c-format
+msgid "unable to stat %s"
+msgstr "не вдалося виконати stat для %s"
+
+#: plugins/sudoers/parse.c:444
+#, c-format
+msgid ""
+"\n"
+"LDAP Role: %s\n"
+msgstr ""
+"\n"
+"Роль LDAP: %s\n"
+
+#: plugins/sudoers/parse.c:447
+#, c-format
+msgid ""
+"\n"
+"Sudoers entry:\n"
+msgstr ""
+"\n"
+"Запис sudoers:\n"
+
+#: plugins/sudoers/parse.c:449
+#, c-format
+msgid "    RunAsUsers: "
+msgstr "    Користувачі для запуску: "
+
+#: plugins/sudoers/parse.c:464
+#, c-format
+msgid "    RunAsGroups: "
+msgstr "    Групи для запуску: "
+
+#: plugins/sudoers/parse.c:474
+#, c-format
+msgid "    Options: "
+msgstr "    Параметри: "
+
+#: plugins/sudoers/parse.c:528
+#, c-format
+msgid "    Commands:\n"
+msgstr "    Команди:\n"
+
+#: plugins/sudoers/parse.c:719
+#, c-format
+msgid "Matching Defaults entries for %s on %s:\n"
+msgstr "Відповідність записів Defaults для %s на %s:\n"
+
+#: plugins/sudoers/parse.c:737
+#, c-format
+msgid "Runas and Command-specific defaults for %s:\n"
+msgstr "Типові значення для запуску від імені і команд для %s:\n"
+
+#: plugins/sudoers/parse.c:755
+#, c-format
+msgid "User %s may run the following commands on %s:\n"
+msgstr "Користувач %s має право виконувати на %s такі команди:\n"
+
+#: plugins/sudoers/parse.c:770
+#, c-format
+msgid "User %s is not allowed to run sudo on %s.\n"
+msgstr "Користувач %s не має права виконувати sudo на %s.\n"
+
+#: plugins/sudoers/parse_ldif.c:145
+#, c-format
+msgid "ignoring invalid attribute value: %s"
+msgstr "ігноруємо некоректне значення атрибута: %s"
+
+#: plugins/sudoers/parse_ldif.c:584
+#, c-format
+msgid "ignoring incomplete sudoRole: cn: %s"
+msgstr "ігноруємо неповний запис sudoRole: cn: %s"
+
+#: plugins/sudoers/policy.c:88 plugins/sudoers/policy.c:114
+#, c-format
+msgid "invalid %.*s set by sudo front-end"
+msgstr "оболонкою sudo встановлено некоректне значення параметра %.*s"
+
+#: plugins/sudoers/policy.c:293 plugins/sudoers/testsudoers.c:278
+msgid "unable to parse network address list"
+msgstr "не вдалося обробити список мережевих адрес"
+
+#: plugins/sudoers/policy.c:437
+msgid "user name not set by sudo front-end"
+msgstr "ім'я користувача не встановлено за допомогою оболонки sudo"
+
+#: plugins/sudoers/policy.c:441
+msgid "user ID not set by sudo front-end"
+msgstr "ідентифікатор користувача не встановлено за допомогою оболонки sudo"
+
+#: plugins/sudoers/policy.c:445
+msgid "group ID not set by sudo front-end"
+msgstr "ідентифікатор групи не встановлено за допомогою оболонки sudo"
+
+#: plugins/sudoers/policy.c:449
+msgid "host name not set by sudo front-end"
+msgstr "назву вузла не встановлено за допомогою оболонки sudo"
+
+#: plugins/sudoers/policy.c:802 plugins/sudoers/visudo.c:220
+#: plugins/sudoers/visudo.c:851
+#, c-format
+msgid "unable to execute %s"
+msgstr "не вдалося виконати %s"
+
+#: plugins/sudoers/policy.c:933
+#, c-format
+msgid "Sudoers policy plugin version %s\n"
+msgstr "Додаток правил sudoers версії %s\n"
+
+#: plugins/sudoers/policy.c:935
+#, c-format
+msgid "Sudoers file grammar version %d\n"
+msgstr "Граматична перевірка файла sudoers версії %d\n"
+
+#: plugins/sudoers/policy.c:939
+#, c-format
+msgid ""
+"\n"
+"Sudoers path: %s\n"
+msgstr ""
+"\n"
+"Шлях до sudoers: %s\n"
+
+#: plugins/sudoers/policy.c:942
+#, c-format
+msgid "nsswitch path: %s\n"
+msgstr "Шлях до nsswitch: %s\n"
+
+#: plugins/sudoers/policy.c:944
+#, c-format
+msgid "ldap.conf path: %s\n"
+msgstr "Шлях до ldap.conf: %s\n"
+
+#: plugins/sudoers/policy.c:945
+#, c-format
+msgid "ldap.secret path: %s\n"
+msgstr "Шлях до ldap.secret: %s\n"
+
+#: plugins/sudoers/policy.c:978
+#, c-format
+msgid "unable to register hook of type %d (version %d.%d)"
+msgstr "неможливо зареєструвати процедуру перехоплення типу %d (версія %d.%d)"
+
+#: plugins/sudoers/pwutil.c:220 plugins/sudoers/pwutil.c:239
+#, c-format
+msgid "unable to cache uid %u, out of memory"
+msgstr "не вдалося кешувати uid %u, не вистачає пам’яті"
+
+#: plugins/sudoers/pwutil.c:233
+#, c-format
+msgid "unable to cache uid %u, already exists"
+msgstr "не вдалося кешувати uid %u, запис вже існує"
+
+#: plugins/sudoers/pwutil.c:293 plugins/sudoers/pwutil.c:311
+#: plugins/sudoers/pwutil.c:373 plugins/sudoers/pwutil.c:418
+#, c-format
+msgid "unable to cache user %s, out of memory"
+msgstr "не вдалося кешувати користувача %s, не вистачає пам’яті"
+
+#: plugins/sudoers/pwutil.c:306
+#, c-format
+msgid "unable to cache user %s, already exists"
+msgstr "не вдалося кешувати користувача %s, запис вже існує"
+
+#: plugins/sudoers/pwutil.c:537 plugins/sudoers/pwutil.c:556
+#, c-format
+msgid "unable to cache gid %u, out of memory"
+msgstr "не вдалося кешувати gid %u, не вистачає пам’яті"
+
+#: plugins/sudoers/pwutil.c:550
+#, c-format
+msgid "unable to cache gid %u, already exists"
+msgstr "не вдалося кешувати gid %u, запис вже існує"
+
+#: plugins/sudoers/pwutil.c:604 plugins/sudoers/pwutil.c:622
+#: plugins/sudoers/pwutil.c:669 plugins/sudoers/pwutil.c:711
+#, c-format
+msgid "unable to cache group %s, out of memory"
+msgstr "не вдалося кешувати групу %s, не вистачає пам’яті"
+
+#: plugins/sudoers/pwutil.c:617
+#, c-format
+msgid "unable to cache group %s, already exists"
+msgstr "не вдалося кешувати групу %s, запис вже існує"
+
+#: plugins/sudoers/pwutil.c:837 plugins/sudoers/pwutil.c:889
+#: plugins/sudoers/pwutil.c:940 plugins/sudoers/pwutil.c:993
+#, c-format
+msgid "unable to cache group list for %s, already exists"
+msgstr "не вдалося кешувати список груп %s, запис вже існує"
+
+#: plugins/sudoers/pwutil.c:843 plugins/sudoers/pwutil.c:894
+#: plugins/sudoers/pwutil.c:946 plugins/sudoers/pwutil.c:998
+#, c-format
+msgid "unable to cache group list for %s, out of memory"
+msgstr "не вдалося кешувати список груп %s, не вистачає пам’яті"
+
+#: plugins/sudoers/pwutil.c:883
+#, c-format
+msgid "unable to parse groups for %s"
+msgstr "не вдалося обробити записи груп %s"
+
+#: plugins/sudoers/pwutil.c:987
+#, c-format
+msgid "unable to parse gids for %s"
+msgstr "не вдалося обробити записи ідентифікаторів груп %s"
+
+#: plugins/sudoers/set_perms.c:118 plugins/sudoers/set_perms.c:474
+#: plugins/sudoers/set_perms.c:917 plugins/sudoers/set_perms.c:1244
+#: plugins/sudoers/set_perms.c:1561
+msgid "perm stack overflow"
+msgstr "переповнення стека доступу"
+
+#: plugins/sudoers/set_perms.c:126 plugins/sudoers/set_perms.c:405
+#: plugins/sudoers/set_perms.c:482 plugins/sudoers/set_perms.c:784
+#: plugins/sudoers/set_perms.c:925 plugins/sudoers/set_perms.c:1168
+#: plugins/sudoers/set_perms.c:1252 plugins/sudoers/set_perms.c:1494
+#: plugins/sudoers/set_perms.c:1569 plugins/sudoers/set_perms.c:1659
+msgid "perm stack underflow"
+msgstr "вичерпання стека доступу"
+
+#: plugins/sudoers/set_perms.c:185 plugins/sudoers/set_perms.c:528
+#: plugins/sudoers/set_perms.c:1303 plugins/sudoers/set_perms.c:1601
+msgid "unable to change to root gid"
+msgstr "не вдалося змінити ідентифікатор групи (gid) root"
+
+#: plugins/sudoers/set_perms.c:274 plugins/sudoers/set_perms.c:625
+#: plugins/sudoers/set_perms.c:1054 plugins/sudoers/set_perms.c:1380
+msgid "unable to change to runas gid"
+msgstr "не вдалося змінити gid на runas"
+
+#: plugins/sudoers/set_perms.c:279 plugins/sudoers/set_perms.c:630
+#: plugins/sudoers/set_perms.c:1059 plugins/sudoers/set_perms.c:1385
+msgid "unable to set runas group vector"
+msgstr "не вдалося встановити вектор групи виконання"
+
+#: plugins/sudoers/set_perms.c:290 plugins/sudoers/set_perms.c:641
+#: plugins/sudoers/set_perms.c:1068 plugins/sudoers/set_perms.c:1394
+msgid "unable to change to runas uid"
+msgstr "не вдалося змінити uid на runas"
+
+#: plugins/sudoers/set_perms.c:308 plugins/sudoers/set_perms.c:659
+#: plugins/sudoers/set_perms.c:1084 plugins/sudoers/set_perms.c:1410
+msgid "unable to change to sudoers gid"
+msgstr "не вдалося змінити gid на sudoers"
+
+#: plugins/sudoers/set_perms.c:392 plugins/sudoers/set_perms.c:771
+#: plugins/sudoers/set_perms.c:1155 plugins/sudoers/set_perms.c:1481
+#: plugins/sudoers/set_perms.c:1646
+msgid "too many processes"
+msgstr "забагато процесів"
+
+#: plugins/sudoers/solaris_audit.c:56
+msgid "unable to get current working directory"
+msgstr "не вдалося отримати поточний робочий каталог"
+
+#: plugins/sudoers/solaris_audit.c:64
+#, c-format
+msgid "truncated audit path user_cmnd: %s"
+msgstr "обрізаний шлях аудиту user_cmnd: %s"
+
+#: plugins/sudoers/solaris_audit.c:71
+#, c-format
+msgid "truncated audit path argv[0]: %s"
+msgstr "обрізаний шлях аудиту argv[0]: %s"
+
+#: plugins/sudoers/solaris_audit.c:120
+msgid "audit_failure message too long"
+msgstr "повідомлення audit_failure є надто довгим"
+
+#: plugins/sudoers/sssd.c:563
+msgid "unable to initialize SSS source. Is SSSD installed on your machine?"
+msgstr "Не вдалося ініціалізувати джерело SSS. Чи встановлено у вашій системі SSSD?"
+
+#: plugins/sudoers/sssd.c:571 plugins/sudoers/sssd.c:580
+#: plugins/sudoers/sssd.c:589 plugins/sudoers/sssd.c:598
+#: plugins/sudoers/sssd.c:607
+#, c-format
+msgid "unable to find symbol \"%s\" in %s"
+msgstr "не вдалося знайти символ «%s» у %s"
+
+#: plugins/sudoers/sudoers.c:208 plugins/sudoers/sudoers.c:864
+msgid "problem with defaults entries"
+msgstr "проблема з типовими записами"
+
+#: plugins/sudoers/sudoers.c:212
+msgid "no valid sudoers sources found, quitting"
+msgstr "не знайдено коректних джерел даних sudoers, завершення роботи"
+
+#: plugins/sudoers/sudoers.c:250
+msgid "sudoers specifies that root is not allowed to sudo"
+msgstr "sudoers вказує, що sudo не можна користуватися для виконання команд від  root"
+
+#: plugins/sudoers/sudoers.c:308
+msgid "you are not permitted to use the -C option"
+msgstr "вам не дозволено використовувати параметр -C"
+
+#: plugins/sudoers/sudoers.c:355
+#, c-format
+msgid "timestamp owner (%s): No such user"
+msgstr "власник часового штампа (%s): не знайдено користувача з таким іменем"
+
+#: plugins/sudoers/sudoers.c:370
+msgid "no tty"
+msgstr "немає tty"
+
+#: plugins/sudoers/sudoers.c:371
+msgid "sorry, you must have a tty to run sudo"
+msgstr "вибачте, для виконання sudo вашому користувачеві потрібен tty"
+
+#: plugins/sudoers/sudoers.c:433
+msgid "command in current directory"
+msgstr "команда у поточному каталозі"
+
+#: plugins/sudoers/sudoers.c:452
+msgid "sorry, you are not allowed set a command timeout"
+msgstr "вибачте, вам не дозволено встановлювати час очікування на виконання команди"
+
+#: plugins/sudoers/sudoers.c:460
+msgid "sorry, you are not allowed to preserve the environment"
+msgstr "вибачте, вам не дозволено зберігати середовище"
+
+#: plugins/sudoers/sudoers.c:808
+msgid "command too long"
+msgstr "надто довга команда"
+
+#: plugins/sudoers/sudoers.c:922
+#, c-format
+msgid "%s is not a regular file"
+msgstr "%s не є звичайним файлом"
+
+#: plugins/sudoers/sudoers.c:926 plugins/sudoers/timestamp.c:257 toke.l:965
+#, c-format
+msgid "%s is owned by uid %u, should be %u"
+msgstr "%s належить uid %u, має належати %u"
+
+#: plugins/sudoers/sudoers.c:930 toke.l:970
+#, c-format
+msgid "%s is world writable"
+msgstr "Запис до «%s» можливий для довільного користувача"
+
+#: plugins/sudoers/sudoers.c:934 toke.l:973
+#, c-format
+msgid "%s is owned by gid %u, should be %u"
+msgstr "%s належить gid %u, має належати %u"
+
+#: plugins/sudoers/sudoers.c:967
+#, c-format
+msgid "only root can use \"-c %s\""
+msgstr "використовувати «-c %s» може лише root"
+
+#: plugins/sudoers/sudoers.c:986
+#, c-format
+msgid "unknown login class: %s"
+msgstr "невідомий клас входу: %s"
+
+#: plugins/sudoers/sudoers.c:1069 plugins/sudoers/sudoers.c:1083
+#, c-format
+msgid "unable to resolve host %s"
+msgstr "не вдалося визначити адресу вузла %s"
+
+#: plugins/sudoers/sudoreplay.c:248
+#, c-format
+msgid "invalid filter option: %s"
+msgstr "некоректний параметр фільтрування: %s"
+
+#: plugins/sudoers/sudoreplay.c:261
+#, c-format
+msgid "invalid max wait: %s"
+msgstr "некоректне значення макс. очікування: %s"
+
+#: plugins/sudoers/sudoreplay.c:284
+#, c-format
+msgid "invalid speed factor: %s"
+msgstr "некоректний коефіцієнт швидкості: %s"
+
+#: plugins/sudoers/sudoreplay.c:319
+#, c-format
+msgid "%s/%.2s/%.2s/%.2s/timing: %s"
+msgstr "%s/%.2s/%.2s/%.2s/timing: %s"
+
+#: plugins/sudoers/sudoreplay.c:325
+#, c-format
+msgid "%s/%s/timing: %s"
+msgstr "%s/%s/timing: %s"
+
+#: plugins/sudoers/sudoreplay.c:341
+#, c-format
+msgid "Replaying sudo session: %s"
+msgstr "Відтворення сеансу sudo: %s"
+
+#: plugins/sudoers/sudoreplay.c:539 plugins/sudoers/sudoreplay.c:586
+#: plugins/sudoers/sudoreplay.c:783 plugins/sudoers/sudoreplay.c:892
+#: plugins/sudoers/sudoreplay.c:977 plugins/sudoers/sudoreplay.c:992
+#: plugins/sudoers/sudoreplay.c:999 plugins/sudoers/sudoreplay.c:1006
+#: plugins/sudoers/sudoreplay.c:1013 plugins/sudoers/sudoreplay.c:1020
+#: plugins/sudoers/sudoreplay.c:1168
+msgid "unable to add event to queue"
+msgstr "не вдалося додати подію до черги обробки"
+
+#: plugins/sudoers/sudoreplay.c:654
+msgid "unable to set tty to raw mode"
+msgstr "не вдалося перевести tty у режим без обробки даних"
+
+#: plugins/sudoers/sudoreplay.c:705
+#, c-format
+msgid "Warning: your terminal is too small to properly replay the log.\n"
+msgstr "Попередження: розміри вашого термінала є замалими для належного показу журналу.\n"
+
+#: plugins/sudoers/sudoreplay.c:706
+#, c-format
+msgid "Log geometry is %d x %d, your terminal's geometry is %d x %d."
+msgstr "Встановлено формат журналу %d x %d, тоді як формат термінала — %d x %d."
+
+#: plugins/sudoers/sudoreplay.c:734
+msgid "Replay finished, press any key to restore the terminal."
+msgstr "Відтворення завершено, натисніть будь-яку клавішу, щоб повернутися до термінала."
+
+#: plugins/sudoers/sudoreplay.c:766
+#, c-format
+msgid "invalid timing file line: %s"
+msgstr "некоректний рядок у файлі timing: %s"
+
+#: plugins/sudoers/sudoreplay.c:1202 plugins/sudoers/sudoreplay.c:1227
+#, c-format
+msgid "ambiguous expression \"%s\""
+msgstr "неоднозначний вираз «%s»"
+
+#: plugins/sudoers/sudoreplay.c:1249
+msgid "unmatched ')' in expression"
+msgstr "зайва дужка, «)», у виразі"
+
+#: plugins/sudoers/sudoreplay.c:1253
+#, c-format
+msgid "unknown search term \"%s\""
+msgstr "невідомий ключ пошуку «%s»"
+
+#: plugins/sudoers/sudoreplay.c:1268
+#, c-format
+msgid "%s requires an argument"
+msgstr "%s потребує визначення аргументу"
+
+#: plugins/sudoers/sudoreplay.c:1271 plugins/sudoers/sudoreplay.c:1512
+#, c-format
+msgid "invalid regular expression: %s"
+msgstr "некоректний формальний вираз: %s"
+
+#: plugins/sudoers/sudoreplay.c:1275
+#, c-format
+msgid "could not parse date \"%s\""
+msgstr "не вдалося обробити дату «%s»"
+
+#: plugins/sudoers/sudoreplay.c:1284
+msgid "unmatched '(' in expression"
+msgstr "зайва дужка, «(», у виразі"
+
+#: plugins/sudoers/sudoreplay.c:1286
+msgid "illegal trailing \"or\""
+msgstr "помилкове завершальне «or»"
+
+#: plugins/sudoers/sudoreplay.c:1288
+msgid "illegal trailing \"!\""
+msgstr "помилкове завершальне «!»"
+
+#: plugins/sudoers/sudoreplay.c:1338
+#, c-format
+msgid "unknown search type %d"
+msgstr "невідомий тип пошуку %d"
+
+#: plugins/sudoers/sudoreplay.c:1605
+#, c-format
+msgid "usage: %s [-hnRS] [-d dir] [-m num] [-s num] ID\n"
+msgstr "користування: %s [-hnRS] [-d каталог] [-m число] [-s число] ідентифікатор\n"
+
+#: plugins/sudoers/sudoreplay.c:1608
+#, c-format
+msgid "usage: %s [-h] [-d dir] -l [search expression]\n"
+msgstr "використання: %s [-h] [-d каталог] -l [вираз для пошуку]\n"
+
+#: plugins/sudoers/sudoreplay.c:1617
+#, c-format
+msgid ""
+"%s - replay sudo session logs\n"
+"\n"
+msgstr ""
+"%s — відтворення журналів сеансів sudo\n"
+"\n"
+
+#: plugins/sudoers/sudoreplay.c:1619
+msgid ""
+"\n"
+"Options:\n"
+"  -d, --directory=dir  specify directory for session logs\n"
+"  -f, --filter=filter  specify which I/O type(s) to display\n"
+"  -h, --help           display help message and exit\n"
+"  -l, --list           list available session IDs, with optional expression\n"
+"  -m, --max-wait=num   max number of seconds to wait between events\n"
+"  -S, --suspend-wait   wait while the command was suspended\n"
+"  -s, --speed=num      speed up or slow down output\n"
+"  -V, --version        display version information and exit"
+msgstr ""
+"\n"
+"Параметри:\n"
+"  -d, --directory=каталог  вказати каталог для журналів сеансу\n"
+"  -f, --filter=фільтр      вказати, який тип вводу-виводу слід показувати\n"
+"  -h, --help               показати довідкове повідомлення і завершити роботу\n"
+"  -l, --list               показати список можливих ідентифікаторів сеансів, відповідних до виразу\n"
+"  -m, --max-wait=макс_очік максимальний час (у секундах) очікування між подіями\n"
+"  -S, --suspend-wait       очікувати, доки виконання команди призупинено\n"
+"  -s, --speed=коеф_швидк   коефіцієнт прискорення або сповільнення виводу даних\n"
+"  -V, --version            показати дані щодо версії і завершити роботу"
+
+#: plugins/sudoers/testsudoers.c:360
+msgid "\thost  unmatched"
+msgstr "\tвідповідника вузла не знайдено"
+
+#: plugins/sudoers/testsudoers.c:363
+msgid ""
+"\n"
+"Command allowed"
+msgstr ""
+"\n"
+"Команду дозволено"
+
+#: plugins/sudoers/testsudoers.c:364
+msgid ""
+"\n"
+"Command denied"
+msgstr ""
+"\n"
+"Команду заборонено"
+
+#: plugins/sudoers/testsudoers.c:364
+msgid ""
+"\n"
+"Command unmatched"
+msgstr ""
+"\n"
+"Не знайдено відповідника команди"
+
+#: plugins/sudoers/timestamp.c:265
+#, c-format
+msgid "%s is group writable"
+msgstr "%s доступний до запису учасниками групи"
+
+#: plugins/sudoers/timestamp.c:341
+#, c-format
+msgid "unable to truncate time stamp file to %lld bytes"
+msgstr "не вдалося обрізати файл часової позначки до %lld байтів"
+
+#: plugins/sudoers/timestamp.c:827 plugins/sudoers/timestamp.c:919
+#: plugins/sudoers/visudo.c:482 plugins/sudoers/visudo.c:488
+msgid "unable to read the clock"
+msgstr "не вдалося прочитати час на годиннику"
+
+#: plugins/sudoers/timestamp.c:838
+msgid "ignoring time stamp from the future"
+msgstr "ігноруємо часову позначку з майбутнього"
+
+#: plugins/sudoers/timestamp.c:861
+#, c-format
+msgid "time stamp too far in the future: %20.20s"
+msgstr "занадто далека часова позначка у майбутньому: %20.20s"
+
+#: plugins/sudoers/timestamp.c:983
+#, c-format
+msgid "unable to lock time stamp file %s"
+msgstr "не вдалося заблокувати файл часової позначки %s"
+
+#: plugins/sudoers/timestamp.c:1027 plugins/sudoers/timestamp.c:1047
+#, c-format
+msgid "lecture status path too long: %s/%s"
+msgstr "шлях до даних щодо стану отримання настанов є занадто довгим: %s/%s"
+
+#: plugins/sudoers/visudo.c:216
+msgid "the -x option will be removed in a future release"
+msgstr "параметр -x буде вилучено у наступному випуску"
+
+#: plugins/sudoers/visudo.c:217
+msgid "please consider using the cvtsudoers utility instead"
+msgstr "будь ласка, скористайтеся замість нього програмою cvtsudoers"
+
+#: plugins/sudoers/visudo.c:268 plugins/sudoers/visudo.c:650
+#, c-format
+msgid "press return to edit %s: "
+msgstr "натисніть Enter для редагування %s: "
+
+#: plugins/sudoers/visudo.c:329
+#, c-format
+msgid "specified editor (%s) doesn't exist"
+msgstr "вказаного редактора (%s) не існує"
+
+#: plugins/sudoers/visudo.c:331
+#, c-format
+msgid "no editor found (editor path = %s)"
+msgstr "не знайдено жодного редактора (шлях до редактора = %s)"
+
+#: plugins/sudoers/visudo.c:441 plugins/sudoers/visudo.c:449
+msgid "write error"
+msgstr "помилка запису"
+
+#: plugins/sudoers/visudo.c:495
+#, c-format
+msgid "unable to stat temporary file (%s), %s unchanged"
+msgstr "не вдалося обробити stat файл тимчасових даних (%s), %s не змінено"
+
+#: plugins/sudoers/visudo.c:502
+#, c-format
+msgid "zero length temporary file (%s), %s unchanged"
+msgstr "файл тимчасових даних має нульовий об’єм (%s), %s не змінено"
+
+#: plugins/sudoers/visudo.c:508
+#, c-format
+msgid "editor (%s) failed, %s unchanged"
+msgstr "помилка редактора (%s), %s не змінено"
+
+#: plugins/sudoers/visudo.c:530
+#, c-format
+msgid "%s unchanged"
+msgstr "%s не змінено"
+
+#: plugins/sudoers/visudo.c:589
+#, c-format
+msgid "unable to re-open temporary file (%s), %s unchanged."
+msgstr "не вдалося повторно відкрити файл тимчасових даних (%s), %s не змінено."
+
+#: plugins/sudoers/visudo.c:601
+#, c-format
+msgid "unabled to parse temporary file (%s), unknown error"
+msgstr "не вдалося обробити файл тимчасових даних (%s), невідома помилка"
+
+#: plugins/sudoers/visudo.c:639
+#, c-format
+msgid "internal error, unable to find %s in list!"
+msgstr "внутрішня помилка, не вдалося знайти %s у списку!"
+
+#: plugins/sudoers/visudo.c:719 plugins/sudoers/visudo.c:728
+#, c-format
+msgid "unable to set (uid, gid) of %s to (%u, %u)"
+msgstr "не вдалося встановити (uid, gid) %s у значення (%u, %u)"
+
+#: plugins/sudoers/visudo.c:751
+#, c-format
+msgid "%s and %s not on the same file system, using mv to rename"
+msgstr "%s і %s не перебувають у одній файловій системі, використовуємо mv для перейменування"
+
+#: plugins/sudoers/visudo.c:765
+#, c-format
+msgid "command failed: '%s %s %s', %s unchanged"
+msgstr "помилка команди: «%s %s %s», %s не змінено"
+
+#: plugins/sudoers/visudo.c:775
+#, c-format
+msgid "error renaming %s, %s unchanged"
+msgstr "помилка перейменування %s, %s не змінено"
+
+#: plugins/sudoers/visudo.c:796
+msgid "What now? "
+msgstr "А зараз що? "
+
+#: plugins/sudoers/visudo.c:810
+msgid ""
+"Options are:\n"
+"  (e)dit sudoers file again\n"
+"  e(x)it without saving changes to sudoers file\n"
+"  (Q)uit and save changes to sudoers file (DANGER!)\n"
+msgstr ""
+"Параметри:\n"
+"  (e) — повторне редагування файла sudoers\n"
+"  (x) — вийти без внесення змін до файла sudoers\n"
+"  (Q) — вийти зі збереженням файла sudoers (НЕБЕЗПЕЧНО!)\n"
+
+#: plugins/sudoers/visudo.c:856
+#, c-format
+msgid "unable to run %s"
+msgstr "не вдалося виконати %s"
+
+#: plugins/sudoers/visudo.c:886
+#, c-format
+msgid "%s: wrong owner (uid, gid) should be (%u, %u)\n"
+msgstr "%s: помилковий власник (uid, gid), має бути (%u, %u)\n"
+
+#: plugins/sudoers/visudo.c:893
+#, c-format
+msgid "%s: bad permissions, should be mode 0%o\n"
+msgstr "%s: помилкові права доступу, режим доступу має бути 0%o\n"
+
+#: plugins/sudoers/visudo.c:950 plugins/sudoers/visudo.c:957
+#, c-format
+msgid "%s: parsed OK\n"
+msgstr "%s: вдала обробка\n"
+
+#: plugins/sudoers/visudo.c:976
+#, c-format
+msgid "%s busy, try again later"
+msgstr "%s зайнято, повторіть спробу пізніше"
+
+#: plugins/sudoers/visudo.c:979
+#, c-format
+msgid "unable to lock %s"
+msgstr "не вдалося заблокувати %s"
+
+#: plugins/sudoers/visudo.c:980
+msgid "Edit anyway? [y/N]"
+msgstr "Редагувати попри усе? [y/N]"
+
+#: plugins/sudoers/visudo.c:1064
+#, c-format
+msgid "Error: %s:%d cycle in %s \"%s\""
+msgstr "Помилка: %s:%d цикл у %s «%s»"
+
+#: plugins/sudoers/visudo.c:1065
+#, c-format
+msgid "Warning: %s:%d cycle in %s \"%s\""
+msgstr "Попередження: %s:%d цикл у %s «%s»"
+
+#: plugins/sudoers/visudo.c:1069
+#, c-format
+msgid "Error: %s:%d %s \"%s\" referenced but not defined"
+msgstr "Помилка: виявлено посилання %s:%d %s «%s», яке не визначено"
+
+#: plugins/sudoers/visudo.c:1070
+#, c-format
+msgid "Warning: %s:%d %s \"%s\" referenced but not defined"
+msgstr "Попередження: виявлено посилання %s:%d %s «%s», яке не визначено"
+
+#: plugins/sudoers/visudo.c:1161
+#, c-format
+msgid "Warning: %s:%d unused %s \"%s\""
+msgstr "Попердження: %s:%d не використано %s «%s»"
+
+#: plugins/sudoers/visudo.c:1276
+#, c-format
+msgid ""
+"%s - safely edit the sudoers file\n"
+"\n"
+msgstr ""
+"%s — безпечне редагування файла sudoers\n"
+"\n"
+
+#: plugins/sudoers/visudo.c:1278
+msgid ""
+"\n"
+"Options:\n"
+"  -c, --check              check-only mode\n"
+"  -f, --file=sudoers       specify sudoers file location\n"
+"  -h, --help               display help message and exit\n"
+"  -q, --quiet              less verbose (quiet) syntax error messages\n"
+"  -s, --strict             strict syntax checking\n"
+"  -V, --version            display version information and exit\n"
+msgstr ""
+"\n"
+"Параметри:\n"
+"  -c, --check              режим лише перевірки\n"
+"  -f, --file=файл          вказати розташування файла sudoers\n"
+"  -h, --help               показати довідкове повідомлення і завершити роботу\n"
+"  -q, --quiet              стислі повідомлення щодо синтаксичних помилок\n"
+"  -s, --strict             строга перевірка синтаксису\n"
+"  -V, --version            показати дані щодо версії і завершити роботу\n"
+
+#: toke.l:939
+msgid "too many levels of includes"
+msgstr "занадто високий рівень вкладеності"
diff --git a/plugins/sudoers/po/vi.mo b/plugins/sudoers/po/vi.mo
new file mode 100644
index 0000000..8a1de6a
--- /dev/null
+++ b/plugins/sudoers/po/vi.mo
diff --git a/plugins/sudoers/po/vi.po b/plugins/sudoers/po/vi.po
new file mode 100644
index 0000000..0cc0095
--- /dev/null
+++ b/plugins/sudoers/po/vi.po
@@ -0,0 +1,2502 @@
+# Vietnamese translation for sudo.
+# Bản dịch tiếng Việt dành cho sudo.
+# This file is put in the public domain.
+# Trần Ngọc Quân <vnwildman@gmail.com>, 2012-2014, 2015, 2016, 2017, 2018.
+#
+msgid ""
+msgstr ""
+"Project-Id-Version: sudoers 1.8.26b1\n"
+"Report-Msgid-Bugs-To: https://bugzilla.sudo.ws\n"
+"POT-Creation-Date: 2018-10-29 08:31-0600\n"
+"PO-Revision-Date: 2018-11-01 14:10+0700\n"
+"Last-Translator: Trần Ngọc Quân <vnwildman@gmail.com>\n"
+"Language-Team: Vietnamese <translation-team-vi@lists.sourceforge.net>\n"
+"Language: vi\n"
+"MIME-Version: 1.0\n"
+"Content-Type: text/plain; charset=UTF-8\n"
+"Content-Transfer-Encoding: 8bit\n"
+"X-Bugs: Report translation errors to the Language-Team address.\n"
+"Plural-Forms: nplurals=1; plural=0;\n"
+"X-Language-Team-Website: <http://translationproject.org/team/vi.html>\n"
+"X-Poedit-SourceCharset: UTF-8\n"
+"X-Generator: Gtranslator 2.91.7\n"
+
+#: confstr.sh:1
+msgid "syntax error"
+msgstr "lỗi cú pháp"
+
+#: confstr.sh:2
+msgid "%p's password: "
+msgstr "Mật khẩu của %p: "
+
+#: confstr.sh:3
+msgid "[sudo] password for %p: "
+msgstr "[sudo] mật khẩu dành cho %p: "
+
+#: confstr.sh:4
+msgid "Password: "
+msgstr "Mật khẩu: "
+
+#: confstr.sh:5
+msgid "*** SECURITY information for %h ***"
+msgstr "*** Thông tin AN NINH cho %h ***"
+
+#: confstr.sh:6
+msgid "Sorry, try again."
+msgstr "Rất tiếc, hãy thử lại."
+
+#: gram.y:192 gram.y:240 gram.y:247 gram.y:254 gram.y:261 gram.y:268
+#: gram.y:284 gram.y:308 gram.y:315 gram.y:322 gram.y:329 gram.y:336
+#: gram.y:399 gram.y:407 gram.y:417 gram.y:450 gram.y:457 gram.y:464
+#: gram.y:471 gram.y:553 gram.y:560 gram.y:569 gram.y:578 gram.y:595
+#: gram.y:707 gram.y:714 gram.y:721 gram.y:729 gram.y:829 gram.y:836
+#: gram.y:843 gram.y:850 gram.y:857 gram.y:883 gram.y:890 gram.y:897
+#: gram.y:1020 gram.y:1294 plugins/sudoers/alias.c:130
+#: plugins/sudoers/alias.c:137 plugins/sudoers/alias.c:153
+#: plugins/sudoers/auth/bsdauth.c:146 plugins/sudoers/auth/kerb5.c:121
+#: plugins/sudoers/auth/kerb5.c:147 plugins/sudoers/auth/pam.c:524
+#: plugins/sudoers/auth/rfc1938.c:114 plugins/sudoers/auth/sia.c:62
+#: plugins/sudoers/cvtsudoers.c:123 plugins/sudoers/cvtsudoers.c:164
+#: plugins/sudoers/cvtsudoers.c:181 plugins/sudoers/cvtsudoers.c:192
+#: plugins/sudoers/cvtsudoers.c:304 plugins/sudoers/cvtsudoers.c:432
+#: plugins/sudoers/cvtsudoers.c:565 plugins/sudoers/cvtsudoers.c:582
+#: plugins/sudoers/cvtsudoers.c:645 plugins/sudoers/cvtsudoers.c:760
+#: plugins/sudoers/cvtsudoers.c:768 plugins/sudoers/cvtsudoers.c:1178
+#: plugins/sudoers/cvtsudoers.c:1182 plugins/sudoers/cvtsudoers.c:1284
+#: plugins/sudoers/cvtsudoers_ldif.c:152 plugins/sudoers/cvtsudoers_ldif.c:195
+#: plugins/sudoers/cvtsudoers_ldif.c:242 plugins/sudoers/cvtsudoers_ldif.c:261
+#: plugins/sudoers/cvtsudoers_ldif.c:332 plugins/sudoers/cvtsudoers_ldif.c:387
+#: plugins/sudoers/cvtsudoers_ldif.c:395 plugins/sudoers/cvtsudoers_ldif.c:412
+#: plugins/sudoers/cvtsudoers_ldif.c:421 plugins/sudoers/cvtsudoers_ldif.c:568
+#: plugins/sudoers/defaults.c:661 plugins/sudoers/defaults.c:954
+#: plugins/sudoers/defaults.c:1125 plugins/sudoers/editor.c:70
+#: plugins/sudoers/editor.c:88 plugins/sudoers/editor.c:99
+#: plugins/sudoers/env.c:247 plugins/sudoers/filedigest.c:64
+#: plugins/sudoers/filedigest.c:80 plugins/sudoers/gc.c:57
+#: plugins/sudoers/group_plugin.c:136 plugins/sudoers/interfaces.c:76
+#: plugins/sudoers/iolog.c:939 plugins/sudoers/iolog_path.c:172
+#: plugins/sudoers/iolog_util.c:83 plugins/sudoers/iolog_util.c:122
+#: plugins/sudoers/iolog_util.c:131 plugins/sudoers/iolog_util.c:141
+#: plugins/sudoers/iolog_util.c:149 plugins/sudoers/iolog_util.c:153
+#: plugins/sudoers/ldap.c:183 plugins/sudoers/ldap.c:414
+#: plugins/sudoers/ldap.c:418 plugins/sudoers/ldap.c:430
+#: plugins/sudoers/ldap.c:721 plugins/sudoers/ldap.c:885
+#: plugins/sudoers/ldap.c:1233 plugins/sudoers/ldap.c:1660
+#: plugins/sudoers/ldap.c:1697 plugins/sudoers/ldap.c:1778
+#: plugins/sudoers/ldap.c:1913 plugins/sudoers/ldap.c:2014
+#: plugins/sudoers/ldap.c:2030 plugins/sudoers/ldap_conf.c:221
+#: plugins/sudoers/ldap_conf.c:252 plugins/sudoers/ldap_conf.c:304
+#: plugins/sudoers/ldap_conf.c:340 plugins/sudoers/ldap_conf.c:443
+#: plugins/sudoers/ldap_conf.c:458 plugins/sudoers/ldap_conf.c:555
+#: plugins/sudoers/ldap_conf.c:588 plugins/sudoers/ldap_conf.c:680
+#: plugins/sudoers/ldap_conf.c:762 plugins/sudoers/ldap_util.c:508
+#: plugins/sudoers/ldap_util.c:564 plugins/sudoers/linux_audit.c:81
+#: plugins/sudoers/logging.c:195 plugins/sudoers/logging.c:511
+#: plugins/sudoers/logging.c:532 plugins/sudoers/logging.c:573
+#: plugins/sudoers/logging.c:752 plugins/sudoers/logging.c:1010
+#: plugins/sudoers/match.c:725 plugins/sudoers/match.c:772
+#: plugins/sudoers/match.c:813 plugins/sudoers/match.c:841
+#: plugins/sudoers/match.c:929 plugins/sudoers/match.c:1009
+#: plugins/sudoers/parse.c:195 plugins/sudoers/parse.c:207
+#: plugins/sudoers/parse.c:222 plugins/sudoers/parse.c:234
+#: plugins/sudoers/parse_ldif.c:141 plugins/sudoers/parse_ldif.c:168
+#: plugins/sudoers/parse_ldif.c:237 plugins/sudoers/parse_ldif.c:244
+#: plugins/sudoers/parse_ldif.c:249 plugins/sudoers/parse_ldif.c:325
+#: plugins/sudoers/parse_ldif.c:336 plugins/sudoers/parse_ldif.c:342
+#: plugins/sudoers/parse_ldif.c:367 plugins/sudoers/parse_ldif.c:379
+#: plugins/sudoers/parse_ldif.c:383 plugins/sudoers/parse_ldif.c:397
+#: plugins/sudoers/parse_ldif.c:564 plugins/sudoers/parse_ldif.c:594
+#: plugins/sudoers/parse_ldif.c:619 plugins/sudoers/parse_ldif.c:679
+#: plugins/sudoers/parse_ldif.c:698 plugins/sudoers/parse_ldif.c:744
+#: plugins/sudoers/parse_ldif.c:754 plugins/sudoers/policy.c:502
+#: plugins/sudoers/policy.c:744 plugins/sudoers/prompt.c:98
+#: plugins/sudoers/pwutil.c:197 plugins/sudoers/pwutil.c:269
+#: plugins/sudoers/pwutil.c:346 plugins/sudoers/pwutil.c:520
+#: plugins/sudoers/pwutil.c:586 plugins/sudoers/pwutil.c:656
+#: plugins/sudoers/pwutil.c:814 plugins/sudoers/pwutil.c:871
+#: plugins/sudoers/pwutil.c:916 plugins/sudoers/pwutil.c:974
+#: plugins/sudoers/sssd.c:152 plugins/sudoers/sssd.c:398
+#: plugins/sudoers/sssd.c:461 plugins/sudoers/sssd.c:505
+#: plugins/sudoers/sssd.c:552 plugins/sudoers/sssd.c:743
+#: plugins/sudoers/stubs.c:101 plugins/sudoers/stubs.c:109
+#: plugins/sudoers/sudoers.c:269 plugins/sudoers/sudoers.c:279
+#: plugins/sudoers/sudoers.c:288 plugins/sudoers/sudoers.c:330
+#: plugins/sudoers/sudoers.c:653 plugins/sudoers/sudoers.c:779
+#: plugins/sudoers/sudoers.c:823 plugins/sudoers/sudoers.c:1097
+#: plugins/sudoers/sudoers_debug.c:112 plugins/sudoers/sudoreplay.c:579
+#: plugins/sudoers/sudoreplay.c:582 plugins/sudoers/sudoreplay.c:1259
+#: plugins/sudoers/sudoreplay.c:1459 plugins/sudoers/sudoreplay.c:1463
+#: plugins/sudoers/testsudoers.c:134 plugins/sudoers/testsudoers.c:234
+#: plugins/sudoers/testsudoers.c:251 plugins/sudoers/testsudoers.c:585
+#: plugins/sudoers/timestamp.c:437 plugins/sudoers/timestamp.c:481
+#: plugins/sudoers/timestamp.c:958 plugins/sudoers/toke_util.c:57
+#: plugins/sudoers/toke_util.c:110 plugins/sudoers/toke_util.c:147
+#: plugins/sudoers/tsdump.c:128 plugins/sudoers/visudo.c:150
+#: plugins/sudoers/visudo.c:312 plugins/sudoers/visudo.c:318
+#: plugins/sudoers/visudo.c:428 plugins/sudoers/visudo.c:606
+#: plugins/sudoers/visudo.c:926 plugins/sudoers/visudo.c:1013
+#: plugins/sudoers/visudo.c:1102 toke.l:844 toke.l:945 toke.l:1102
+msgid "unable to allocate memory"
+msgstr "không thể cấp phát bộ nhớ"
+
+#: gram.y:482
+msgid "a digest requires a path name"
+msgstr "tóm lược yêu cầu một đối số là tên đường dẫn"
+
+#: gram.y:608
+msgid "invalid notbefore value"
+msgstr "giá trị notbefore không hợp lệ"
+
+#: gram.y:616
+msgid "invalid notafter value"
+msgstr "giá trị notafter không hợp lệ"
+
+#: gram.y:625 plugins/sudoers/policy.c:318
+msgid "timeout value too large"
+msgstr "giá trị timeout quá lớn"
+
+#: gram.y:627 plugins/sudoers/policy.c:320
+msgid "invalid timeout value"
+msgstr "giá trị timeout không hợp lệ"
+
+#: gram.y:1294 plugins/sudoers/auth/pam.c:354 plugins/sudoers/auth/pam.c:524
+#: plugins/sudoers/auth/rfc1938.c:114 plugins/sudoers/cvtsudoers.c:123
+#: plugins/sudoers/cvtsudoers.c:163 plugins/sudoers/cvtsudoers.c:180
+#: plugins/sudoers/cvtsudoers.c:191 plugins/sudoers/cvtsudoers.c:303
+#: plugins/sudoers/cvtsudoers.c:431 plugins/sudoers/cvtsudoers.c:564
+#: plugins/sudoers/cvtsudoers.c:581 plugins/sudoers/cvtsudoers.c:645
+#: plugins/sudoers/cvtsudoers.c:760 plugins/sudoers/cvtsudoers.c:767
+#: plugins/sudoers/cvtsudoers.c:1178 plugins/sudoers/cvtsudoers.c:1182
+#: plugins/sudoers/cvtsudoers.c:1284 plugins/sudoers/cvtsudoers_ldif.c:151
+#: plugins/sudoers/cvtsudoers_ldif.c:194 plugins/sudoers/cvtsudoers_ldif.c:241
+#: plugins/sudoers/cvtsudoers_ldif.c:260 plugins/sudoers/cvtsudoers_ldif.c:331
+#: plugins/sudoers/cvtsudoers_ldif.c:386 plugins/sudoers/cvtsudoers_ldif.c:394
+#: plugins/sudoers/cvtsudoers_ldif.c:411 plugins/sudoers/cvtsudoers_ldif.c:420
+#: plugins/sudoers/cvtsudoers_ldif.c:567 plugins/sudoers/defaults.c:661
+#: plugins/sudoers/defaults.c:954 plugins/sudoers/defaults.c:1125
+#: plugins/sudoers/editor.c:70 plugins/sudoers/editor.c:88
+#: plugins/sudoers/editor.c:99 plugins/sudoers/env.c:247
+#: plugins/sudoers/filedigest.c:64 plugins/sudoers/filedigest.c:80
+#: plugins/sudoers/gc.c:57 plugins/sudoers/group_plugin.c:136
+#: plugins/sudoers/interfaces.c:76 plugins/sudoers/iolog.c:939
+#: plugins/sudoers/iolog_path.c:172 plugins/sudoers/iolog_util.c:83
+#: plugins/sudoers/iolog_util.c:122 plugins/sudoers/iolog_util.c:131
+#: plugins/sudoers/iolog_util.c:141 plugins/sudoers/iolog_util.c:149
+#: plugins/sudoers/iolog_util.c:153 plugins/sudoers/ldap.c:183
+#: plugins/sudoers/ldap.c:414 plugins/sudoers/ldap.c:418
+#: plugins/sudoers/ldap.c:430 plugins/sudoers/ldap.c:721
+#: plugins/sudoers/ldap.c:885 plugins/sudoers/ldap.c:1233
+#: plugins/sudoers/ldap.c:1660 plugins/sudoers/ldap.c:1697
+#: plugins/sudoers/ldap.c:1778 plugins/sudoers/ldap.c:1913
+#: plugins/sudoers/ldap.c:2014 plugins/sudoers/ldap.c:2030
+#: plugins/sudoers/ldap_conf.c:221 plugins/sudoers/ldap_conf.c:252
+#: plugins/sudoers/ldap_conf.c:304 plugins/sudoers/ldap_conf.c:340
+#: plugins/sudoers/ldap_conf.c:443 plugins/sudoers/ldap_conf.c:458
+#: plugins/sudoers/ldap_conf.c:555 plugins/sudoers/ldap_conf.c:588
+#: plugins/sudoers/ldap_conf.c:679 plugins/sudoers/ldap_conf.c:762
+#: plugins/sudoers/ldap_util.c:508 plugins/sudoers/ldap_util.c:564
+#: plugins/sudoers/linux_audit.c:81 plugins/sudoers/logging.c:195
+#: plugins/sudoers/logging.c:511 plugins/sudoers/logging.c:532
+#: plugins/sudoers/logging.c:572 plugins/sudoers/logging.c:1010
+#: plugins/sudoers/match.c:724 plugins/sudoers/match.c:771
+#: plugins/sudoers/match.c:813 plugins/sudoers/match.c:841
+#: plugins/sudoers/match.c:929 plugins/sudoers/match.c:1008
+#: plugins/sudoers/parse.c:194 plugins/sudoers/parse.c:206
+#: plugins/sudoers/parse.c:221 plugins/sudoers/parse.c:233
+#: plugins/sudoers/parse_ldif.c:140 plugins/sudoers/parse_ldif.c:167
+#: plugins/sudoers/parse_ldif.c:236 plugins/sudoers/parse_ldif.c:243
+#: plugins/sudoers/parse_ldif.c:248 plugins/sudoers/parse_ldif.c:324
+#: plugins/sudoers/parse_ldif.c:335 plugins/sudoers/parse_ldif.c:341
+#: plugins/sudoers/parse_ldif.c:366 plugins/sudoers/parse_ldif.c:378
+#: plugins/sudoers/parse_ldif.c:382 plugins/sudoers/parse_ldif.c:396
+#: plugins/sudoers/parse_ldif.c:564 plugins/sudoers/parse_ldif.c:593
+#: plugins/sudoers/parse_ldif.c:618 plugins/sudoers/parse_ldif.c:678
+#: plugins/sudoers/parse_ldif.c:697 plugins/sudoers/parse_ldif.c:743
+#: plugins/sudoers/parse_ldif.c:753 plugins/sudoers/policy.c:132
+#: plugins/sudoers/policy.c:141 plugins/sudoers/policy.c:150
+#: plugins/sudoers/policy.c:176 plugins/sudoers/policy.c:303
+#: plugins/sudoers/policy.c:318 plugins/sudoers/policy.c:320
+#: plugins/sudoers/policy.c:346 plugins/sudoers/policy.c:356
+#: plugins/sudoers/policy.c:400 plugins/sudoers/policy.c:410
+#: plugins/sudoers/policy.c:419 plugins/sudoers/policy.c:428
+#: plugins/sudoers/policy.c:502 plugins/sudoers/policy.c:744
+#: plugins/sudoers/prompt.c:98 plugins/sudoers/pwutil.c:197
+#: plugins/sudoers/pwutil.c:269 plugins/sudoers/pwutil.c:346
+#: plugins/sudoers/pwutil.c:520 plugins/sudoers/pwutil.c:586
+#: plugins/sudoers/pwutil.c:656 plugins/sudoers/pwutil.c:814
+#: plugins/sudoers/pwutil.c:871 plugins/sudoers/pwutil.c:916
+#: plugins/sudoers/pwutil.c:974 plugins/sudoers/set_perms.c:392
+#: plugins/sudoers/set_perms.c:771 plugins/sudoers/set_perms.c:1155
+#: plugins/sudoers/set_perms.c:1481 plugins/sudoers/set_perms.c:1646
+#: plugins/sudoers/sssd.c:151 plugins/sudoers/sssd.c:398
+#: plugins/sudoers/sssd.c:461 plugins/sudoers/sssd.c:505
+#: plugins/sudoers/sssd.c:552 plugins/sudoers/sssd.c:743
+#: plugins/sudoers/stubs.c:101 plugins/sudoers/stubs.c:109
+#: plugins/sudoers/sudoers.c:269 plugins/sudoers/sudoers.c:279
+#: plugins/sudoers/sudoers.c:288 plugins/sudoers/sudoers.c:330
+#: plugins/sudoers/sudoers.c:653 plugins/sudoers/sudoers.c:779
+#: plugins/sudoers/sudoers.c:823 plugins/sudoers/sudoers.c:1097
+#: plugins/sudoers/sudoers_debug.c:111 plugins/sudoers/sudoreplay.c:579
+#: plugins/sudoers/sudoreplay.c:582 plugins/sudoers/sudoreplay.c:1259
+#: plugins/sudoers/sudoreplay.c:1459 plugins/sudoers/sudoreplay.c:1463
+#: plugins/sudoers/testsudoers.c:134 plugins/sudoers/testsudoers.c:234
+#: plugins/sudoers/testsudoers.c:251 plugins/sudoers/testsudoers.c:585
+#: plugins/sudoers/timestamp.c:437 plugins/sudoers/timestamp.c:481
+#: plugins/sudoers/timestamp.c:958 plugins/sudoers/toke_util.c:57
+#: plugins/sudoers/toke_util.c:110 plugins/sudoers/toke_util.c:147
+#: plugins/sudoers/tsdump.c:128 plugins/sudoers/visudo.c:150
+#: plugins/sudoers/visudo.c:312 plugins/sudoers/visudo.c:318
+#: plugins/sudoers/visudo.c:428 plugins/sudoers/visudo.c:606
+#: plugins/sudoers/visudo.c:926 plugins/sudoers/visudo.c:1013
+#: plugins/sudoers/visudo.c:1102 toke.l:844 toke.l:945 toke.l:1102
+#, c-format
+msgid "%s: %s"
+msgstr "%s: %s"
+
+#: plugins/sudoers/alias.c:148
+#, c-format
+msgid "Alias \"%s\" already defined"
+msgstr "Bí danh “%s” đã được định nghĩa rồi"
+
+#: plugins/sudoers/auth/bsdauth.c:73
+#, c-format
+msgid "unable to get login class for user %s"
+msgstr "không thể lấy lớp đăng nhập cho tài khoản %s"
+
+#: plugins/sudoers/auth/bsdauth.c:78
+msgid "unable to begin bsd authentication"
+msgstr "không thể khởi chạy xác thực kiểu bsd"
+
+#: plugins/sudoers/auth/bsdauth.c:86
+msgid "invalid authentication type"
+msgstr "kiểu xác thực không hợp lệ"
+
+#: plugins/sudoers/auth/bsdauth.c:95
+msgid "unable to initialize BSD authentication"
+msgstr "không thể khởi tạo xác thực kiểu BSD"
+
+#: plugins/sudoers/auth/bsdauth.c:183
+msgid "your account has expired"
+msgstr "tài khoản bạn đã hết hiệu lực"
+
+#: plugins/sudoers/auth/bsdauth.c:185
+msgid "approval failed"
+msgstr "gặp lỗi khi chấp thuận"
+
+#: plugins/sudoers/auth/fwtk.c:57
+msgid "unable to read fwtk config"
+msgstr "không thể đọc cấu hình fwtk"
+
+#: plugins/sudoers/auth/fwtk.c:62
+msgid "unable to connect to authentication server"
+msgstr "không thể kết nối tới máy chủ xác thực"
+
+#: plugins/sudoers/auth/fwtk.c:68 plugins/sudoers/auth/fwtk.c:92
+#: plugins/sudoers/auth/fwtk.c:124
+msgid "lost connection to authentication server"
+msgstr "mất kết nối đến máy phục vụ xác thực"
+
+#: plugins/sudoers/auth/fwtk.c:72
+#, c-format
+msgid ""
+"authentication server error:\n"
+"%s"
+msgstr ""
+"lỗi máy phục vụ xác thực:\n"
+"%s"
+
+#: plugins/sudoers/auth/kerb5.c:113
+#, c-format
+msgid "%s: unable to convert principal to string ('%s'): %s"
+msgstr "%s: không thể chuyển đổi người ủy nhiệm sang chuỗi (“%s”): %s"
+
+#: plugins/sudoers/auth/kerb5.c:163
+#, c-format
+msgid "%s: unable to parse '%s': %s"
+msgstr "%s: không thể phân tích “%s”: %s"
+
+#: plugins/sudoers/auth/kerb5.c:172
+#, c-format
+msgid "%s: unable to resolve credential cache: %s"
+msgstr "%s: không thể phân giải bộ nhớ đệm “credential”: %s"
+
+#: plugins/sudoers/auth/kerb5.c:219
+#, c-format
+msgid "%s: unable to allocate options: %s"
+msgstr "%s: không thể phân bổ các tùy chọn: %s"
+
+#: plugins/sudoers/auth/kerb5.c:234
+#, c-format
+msgid "%s: unable to get credentials: %s"
+msgstr "%s: không thể lấy giấy ủy nhiệm: %s"
+
+#: plugins/sudoers/auth/kerb5.c:247
+#, c-format
+msgid "%s: unable to initialize credential cache: %s"
+msgstr "%s: không thể khởi tạo bộ nhớ đệm “credential”: %s"
+
+#: plugins/sudoers/auth/kerb5.c:250
+#, c-format
+msgid "%s: unable to store credential in cache: %s"
+msgstr "%s: không thể cất giữ “credential” trong bộ nhớ tạm: %s"
+
+#: plugins/sudoers/auth/kerb5.c:314
+#, c-format
+msgid "%s: unable to get host principal: %s"
+msgstr "%s: không thể lấy tên máy chủ chính: %s"
+
+#: plugins/sudoers/auth/kerb5.c:328
+#, c-format
+msgid "%s: Cannot verify TGT! Possible attack!: %s"
+msgstr "%s: Không thể thẩm tra TGT! Gần như chắc chắn là bị tấn công!: %s"
+
+#: plugins/sudoers/auth/pam.c:113
+msgid "unable to initialize PAM"
+msgstr "không thể khởi tạo PAM"
+
+#: plugins/sudoers/auth/pam.c:204
+#, c-format
+msgid "PAM authentication error: %s"
+msgstr "lỗi xác thực PAM: %s"
+
+#: plugins/sudoers/auth/pam.c:221
+msgid "account validation failure, is your account locked?"
+msgstr "xác thực tài khoản gặp lỗi nghiêm trọng, có phải tài khoản của bạn đã bị khóa?"
+
+#: plugins/sudoers/auth/pam.c:229
+msgid "Account or password is expired, reset your password and try again"
+msgstr "Mật khẩu hay tài khoản đã hết hạn sử dụng, hãy đặt lại mật khẩu của bạn và thử lại"
+
+#: plugins/sudoers/auth/pam.c:238
+#, c-format
+msgid "unable to change expired password: %s"
+msgstr "không thể thay đổi mật khẩu đã hết hạn: %s"
+
+#: plugins/sudoers/auth/pam.c:246
+msgid "Password expired, contact your system administrator"
+msgstr "Mật khẩu đã hết hạn dùng, hãy liên lạc với người quản trị hệ thống của bạn"
+
+#: plugins/sudoers/auth/pam.c:250
+msgid "Account expired or PAM config lacks an \"account\" section for sudo, contact your system administrator"
+msgstr "Tài khoản hết hạn hoặc cấu hình PAM không có phiên “tài khoản” cho sudo, hãy liên hệ với người quản trị hệ thống của bạn"
+
+#: plugins/sudoers/auth/pam.c:257 plugins/sudoers/auth/pam.c:262
+#, c-format
+msgid "PAM account management error: %s"
+msgstr "lỗi quản lý tài khoảnthực PAM: %s"
+
+#: plugins/sudoers/auth/rfc1938.c:102 plugins/sudoers/visudo.c:232
+#, c-format
+msgid "you do not exist in the %s database"
+msgstr "bạn không tồn tại trong cơ sở dữ liệu %s"
+
+#: plugins/sudoers/auth/securid5.c:75
+msgid "failed to initialise the ACE API library"
+msgstr "gặp lỗi khi khởi tạo thư viện “ACE API”"
+
+#: plugins/sudoers/auth/securid5.c:101
+msgid "unable to contact the SecurID server"
+msgstr "không thể liên lạc được với máy chủ SecurID"
+
+#: plugins/sudoers/auth/securid5.c:110
+msgid "User ID locked for SecurID Authentication"
+msgstr "ID người dùng bị khóa với “SecurID Authentication”"
+
+#: plugins/sudoers/auth/securid5.c:114 plugins/sudoers/auth/securid5.c:165
+msgid "invalid username length for SecurID"
+msgstr "sai chiều dài tên tài khoản cho SecurID"
+
+#: plugins/sudoers/auth/securid5.c:118 plugins/sudoers/auth/securid5.c:170
+msgid "invalid Authentication Handle for SecurID"
+msgstr "sai Bộ Tiếp Hợp Xác Thực cho SecurID"
+
+#: plugins/sudoers/auth/securid5.c:122
+msgid "SecurID communication failed"
+msgstr "Truyền thông với SecurID gặp lỗi"
+
+#: plugins/sudoers/auth/securid5.c:126 plugins/sudoers/auth/securid5.c:215
+msgid "unknown SecurID error"
+msgstr "không hiểu lỗi SecurID"
+
+#: plugins/sudoers/auth/securid5.c:160
+msgid "invalid passcode length for SecurID"
+msgstr "sai chiều dài passcode cho SecurID"
+
+#: plugins/sudoers/auth/sia.c:72 plugins/sudoers/auth/sia.c:127
+msgid "unable to initialize SIA session"
+msgstr "không thể khởi tạo phiên SIA"
+
+#: plugins/sudoers/auth/sudo_auth.c:136
+msgid "invalid authentication methods"
+msgstr "Phương thức xác thực không hợp lệ"
+
+#: plugins/sudoers/auth/sudo_auth.c:138
+msgid "Invalid authentication methods compiled into sudo!  You may not mix standalone and non-standalone authentication."
+msgstr "Phương thức xác thực không hợp lệ được biên dịch vào trong sudo! Bạn không thể pha trộn kiểu xác thực giữa standalone và non-standalone"
+
+#: plugins/sudoers/auth/sudo_auth.c:259 plugins/sudoers/auth/sudo_auth.c:309
+msgid "no authentication methods"
+msgstr "chưa có phương thức xác thực"
+
+#: plugins/sudoers/auth/sudo_auth.c:261
+msgid "There are no authentication methods compiled into sudo!  If you want to turn off authentication, use the --disable-authentication configure option."
+msgstr "Ở đây không có phương thức xác thực nào được dịch vào trong sudo! Nếu bạn muốn tắt xác thực, sử dụng tùy chọn cấu hình --disable-authentication"
+
+#: plugins/sudoers/auth/sudo_auth.c:311
+msgid "Unable to initialize authentication methods."
+msgstr "Không thể khởi tạo phương thức xác thực."
+
+#: plugins/sudoers/auth/sudo_auth.c:477
+msgid "Authentication methods:"
+msgstr "Phương thức xác thực:"
+
+#: plugins/sudoers/bsm_audit.c:123 plugins/sudoers/bsm_audit.c:215
+msgid "Could not determine audit condition"
+msgstr "Không thể phân giải điều kiện audit"
+
+#: plugins/sudoers/bsm_audit.c:188 plugins/sudoers/bsm_audit.c:279
+msgid "unable to commit audit record"
+msgstr "không thể chuyển giao bản ghi “audit”"
+
+#: plugins/sudoers/check.c:267
+msgid ""
+"\n"
+"We trust you have received the usual lecture from the local System\n"
+"Administrator. It usually boils down to these three things:\n"
+"\n"
+"    #1) Respect the privacy of others.\n"
+"    #2) Think before you type.\n"
+"    #3) With great power comes great responsibility.\n"
+"\n"
+msgstr ""
+"\n"
+"Chúng tôi tin rằng bạn đã nhận được bài giảng từ Quản trị Hệ thống\n"
+"nội bộ. Có thể tóm lược chúng lại thành một số điểm quan trọng sau:\n"
+"\n"
+"    #1) Tôn trọng sự riêng tư của người khác.\n"
+"    #2) Nghĩ trước khi gõ một lệnh.\n"
+"    #3) Quyền lực lớn đi kèm với trách nhiệm lớn.\n"
+"\n"
+
+#: plugins/sudoers/check.c:310 plugins/sudoers/check.c:320
+#: plugins/sudoers/sudoers.c:696 plugins/sudoers/sudoers.c:741
+#: plugins/sudoers/tsdump.c:124
+#, c-format
+msgid "unknown uid: %u"
+msgstr "không biết mã số người dùng: %u"
+
+#: plugins/sudoers/check.c:315 plugins/sudoers/iolog.c:253
+#: plugins/sudoers/policy.c:915 plugins/sudoers/sudoers.c:1136
+#: plugins/sudoers/testsudoers.c:225 plugins/sudoers/testsudoers.c:398
+#, c-format
+msgid "unknown user: %s"
+msgstr "không biết người dùng: %s"
+
+#: plugins/sudoers/cvtsudoers.c:198
+#, c-format
+msgid "order increment: %s: %s"
+msgstr "gia tăng thứ tự: %s: %s"
+
+#: plugins/sudoers/cvtsudoers.c:214
+#, c-format
+msgid "starting order: %s: %s"
+msgstr "bắt đầu thứ tự: %s: %s"
+
+#: plugins/sudoers/cvtsudoers.c:224
+#, c-format
+msgid "order padding: %s: %s"
+msgstr "đệm thứ tự: %s: %s"
+
+#: plugins/sudoers/cvtsudoers.c:232 plugins/sudoers/sudoreplay.c:287
+#: plugins/sudoers/visudo.c:182
+#, c-format
+msgid "%s version %s\n"
+msgstr "%s phiên bản %s\n"
+
+#: plugins/sudoers/cvtsudoers.c:234 plugins/sudoers/visudo.c:184
+#, c-format
+msgid "%s grammar version %d\n"
+msgstr "Ngữ pháp %s phiên bản %d\n"
+
+#: plugins/sudoers/cvtsudoers.c:251 plugins/sudoers/testsudoers.c:173
+#, c-format
+msgid "unsupported input format %s"
+msgstr "không hỗ trợ định dạng đầu vào %s"
+
+#: plugins/sudoers/cvtsudoers.c:266
+#, c-format
+msgid "unsupported output format %s"
+msgstr "không hỗ trợ định dạng đầu ra %s"
+
+#: plugins/sudoers/cvtsudoers.c:318
+#, c-format
+msgid "%s: input and output files must be different"
+msgstr "%s: các tập tin đầu vào và đầu ra phải khác nhau"
+
+#: plugins/sudoers/cvtsudoers.c:334 plugins/sudoers/sudoers.c:172
+#: plugins/sudoers/testsudoers.c:264 plugins/sudoers/visudo.c:238
+#: plugins/sudoers/visudo.c:594 plugins/sudoers/visudo.c:917
+msgid "unable to initialize sudoers default values"
+msgstr "không thể khởi giá trị mặc định sudoers"
+
+#: plugins/sudoers/cvtsudoers.c:420 plugins/sudoers/ldap_conf.c:433
+#, c-format
+msgid "%s: %s: %s: %s"
+msgstr "%s: %s: %s: %s"
+
+#: plugins/sudoers/cvtsudoers.c:479
+#, c-format
+msgid "%s: unknown key word: %s"
+msgstr "%s: không biết từ khóa: %s"
+
+#: plugins/sudoers/cvtsudoers.c:525
+#, c-format
+msgid "invalid defaults type: %s"
+msgstr "kiểu mặc định không hợp lệ: %s"
+
+#: plugins/sudoers/cvtsudoers.c:548
+#, c-format
+msgid "invalid suppression type: %s"
+msgstr "kiểu biểu thức không hợp lệ: %s"
+
+#: plugins/sudoers/cvtsudoers.c:588 plugins/sudoers/cvtsudoers.c:602
+#, c-format
+msgid "invalid filter: %s"
+msgstr "bộ lọc không hợp lệ: %s"
+
+#: plugins/sudoers/cvtsudoers.c:621 plugins/sudoers/cvtsudoers.c:638
+#: plugins/sudoers/cvtsudoers.c:1244 plugins/sudoers/cvtsudoers_json.c:1128
+#: plugins/sudoers/cvtsudoers_ldif.c:641 plugins/sudoers/iolog.c:411
+#: plugins/sudoers/iolog_util.c:72 plugins/sudoers/sudoers.c:903
+#: plugins/sudoers/sudoreplay.c:333 plugins/sudoers/sudoreplay.c:1425
+#: plugins/sudoers/timestamp.c:446 plugins/sudoers/tsdump.c:133
+#: plugins/sudoers/visudo.c:913
+#, c-format
+msgid "unable to open %s"
+msgstr "không thể mở “%s”"
+
+#: plugins/sudoers/cvtsudoers.c:641 plugins/sudoers/visudo.c:922
+#, c-format
+msgid "failed to parse %s file, unknown error"
+msgstr "gặp lỗi khi phân tích tập tin %s, không rõ bị lỗi gì"
+
+#: plugins/sudoers/cvtsudoers.c:649 plugins/sudoers/visudo.c:939
+#, c-format
+msgid "parse error in %s near line %d\n"
+msgstr "lỗi cú pháp trong %s gần dòng %d\n"
+
+#: plugins/sudoers/cvtsudoers.c:652 plugins/sudoers/visudo.c:942
+#, c-format
+msgid "parse error in %s\n"
+msgstr "lỗi cú pháp trong %s\n"
+
+#: plugins/sudoers/cvtsudoers.c:1291 plugins/sudoers/iolog.c:498
+#: plugins/sudoers/sudoreplay.c:1129 plugins/sudoers/timestamp.c:330
+#: plugins/sudoers/timestamp.c:333
+#, c-format
+msgid "unable to write to %s"
+msgstr "không thể ghi vào %s"
+
+#: plugins/sudoers/cvtsudoers.c:1314
+#, c-format
+msgid ""
+"%s - convert between sudoers file formats\n"
+"\n"
+msgstr "%s - chuyển đổi giữa các định dạng các tập tin sudoers\n"
+
+#: plugins/sudoers/cvtsudoers.c:1316
+msgid ""
+"\n"
+"Options:\n"
+"  -b, --base=dn              the base DN for sudo LDAP queries\n"
+"  -d, --defaults=deftypes    only convert Defaults of the specified types\n"
+"  -e, --expand-aliases       expand aliases when converting\n"
+"  -f, --output-format=format set output format: JSON, LDIF or sudoers\n"
+"  -i, --input-format=format  set input format: LDIF or sudoers\n"
+"  -I, --increment=num        amount to increase each sudoOrder by\n"
+"  -h, --help                 display help message and exit\n"
+"  -m, --match=filter         only convert entries that match the filter\n"
+"  -M, --match-local          match filter uses passwd and group databases\n"
+"  -o, --output=output_file   write converted sudoers to output_file\n"
+"  -O, --order-start=num      starting point for first sudoOrder\n"
+"  -p, --prune-matches        prune non-matching users, groups and hosts\n"
+"  -P, --padding=num          base padding for sudoOrder increment\n"
+"  -s, --suppress=sections    suppress output of certain sections\n"
+"  -V, --version              display version information and exit"
+msgstr ""
+"\n"
+"Options:\n"
+"  -b, --base=dn              DN cơ sở cho sudo truy vấn LDAP\n"
+"  -d, --defaults=deftypes    chỉ chuyển đổi mặc định của kiểu đã cho\n"
+"  -e, --expand-aliases       khai triển bí danh khi chuyển đổi\n"
+"  -f, --output-format=format đặt định dạng đầu ra: JSON, LDIF hay sudoers\n"
+"  -i, --input-format=format  đặt định dạng đầu vào: LDIF hoặc sudoers\n"
+"  -I, --increment=số         tổng gia tăng cho từng sudoOrder\n"
+"  -h, --help                 hiển thị trợ giúp rồi thoát\n"
+"  -m, --match=filter         chỉ chuyển đổi những hạng mục khớp bộ lọc\n"
+"  -M, --match-local          khớp lọc sử dụng cơ sở dữ liệu passwd và group người dùng\n"
+"  -o, --output=tập_tin_đầu_ra  ghi sudoers đã chuyển đổi sang tập_tin_đầu_ra\n"
+"  -O, --order-start=số       điểm đầu cho sudoOrder đầu tiên\n"
+"  -p, --prune-matches        cắt bỏ những người dùng, nhóm và máy không khớp mẫu\n"
+"  -P, --padding=số           đệm cơ sở cho gia tăng sudoOrder\n"
+"  -s, --suppress=sections    chặn xuất cho từng phần cụ thể\n"
+"  -V, --version              hiển thị phiên bản rồi thoát"
+
+#: plugins/sudoers/cvtsudoers_json.c:682 plugins/sudoers/cvtsudoers_json.c:718
+#: plugins/sudoers/cvtsudoers_json.c:936
+#, c-format
+msgid "unknown defaults entry \"%s\""
+msgstr "không hiểu mục tin mặc định “%s”"
+
+#: plugins/sudoers/cvtsudoers_json.c:856 plugins/sudoers/cvtsudoers_json.c:871
+#: plugins/sudoers/cvtsudoers_ldif.c:306 plugins/sudoers/cvtsudoers_ldif.c:317
+#: plugins/sudoers/ldap.c:480
+msgid "unable to get GMT time"
+msgstr "không thể lấy giờ quốc tế (GMT)"
+
+#: plugins/sudoers/cvtsudoers_json.c:859 plugins/sudoers/cvtsudoers_json.c:874
+#: plugins/sudoers/cvtsudoers_ldif.c:309 plugins/sudoers/cvtsudoers_ldif.c:320
+#: plugins/sudoers/ldap.c:486
+msgid "unable to format timestamp"
+msgstr "không thể định dạng dấu-vết-thời-gian"
+
+#: plugins/sudoers/cvtsudoers_ldif.c:524 plugins/sudoers/env.c:309
+#: plugins/sudoers/env.c:316 plugins/sudoers/env.c:421
+#: plugins/sudoers/ldap.c:494 plugins/sudoers/ldap.c:725
+#: plugins/sudoers/ldap.c:1052 plugins/sudoers/ldap_conf.c:225
+#: plugins/sudoers/ldap_conf.c:315 plugins/sudoers/linux_audit.c:87
+#: plugins/sudoers/logging.c:1015 plugins/sudoers/policy.c:623
+#: plugins/sudoers/policy.c:633 plugins/sudoers/prompt.c:166
+#: plugins/sudoers/sudoers.c:845 plugins/sudoers/testsudoers.c:255
+#: plugins/sudoers/toke_util.c:159
+#, c-format
+msgid "internal error, %s overflow"
+msgstr "lỗi nội bộ, %s bị tràn"
+
+#: plugins/sudoers/cvtsudoers_ldif.c:593
+#, c-format
+msgid "too many sudoers entries, maximum %u"
+msgstr "Quá nhiều mục tin sudoers, tối đa là %u"
+
+#: plugins/sudoers/cvtsudoers_ldif.c:636
+msgid "the SUDOERS_BASE environment variable is not set and the -b option was not specified."
+msgstr "biến môi trường SUDOERS_BASE chưa được đặt và tùy chọn chưa được đưa ra."
+
+#: plugins/sudoers/def_data.c:42
+#, c-format
+msgid "Syslog facility if syslog is being used for logging: %s"
+msgstr "Trang bị Syslog nếu syslog được sử dụng cho việc ghi nhật ký: %s"
+
+#: plugins/sudoers/def_data.c:46
+#, c-format
+msgid "Syslog priority to use when user authenticates successfully: %s"
+msgstr "Mức ưu tiên Syslog sẽ sử dụng khi người dùng đăng nhập thành công: %s"
+
+#: plugins/sudoers/def_data.c:50
+#, c-format
+msgid "Syslog priority to use when user authenticates unsuccessfully: %s"
+msgstr "Mức ưu tiên Syslog sẽ sử dụng khi người dùng đăng nhập không thành công: %s"
+
+#: plugins/sudoers/def_data.c:54
+msgid "Put OTP prompt on its own line"
+msgstr "Đặt nhắc OTP (mật khẩu dùng một lần) tại dòng nó sở hữu"
+
+#: plugins/sudoers/def_data.c:58
+msgid "Ignore '.' in $PATH"
+msgstr "Bỏ qua “.” trong biến $PATH"
+
+#: plugins/sudoers/def_data.c:62
+msgid "Always send mail when sudo is run"
+msgstr "Luôn gửi thư mỗi khi chạy lệnh sudo"
+
+#: plugins/sudoers/def_data.c:66
+msgid "Send mail if user authentication fails"
+msgstr "Gửi thư nếu xác thực người dùng gặp lỗi"
+
+#: plugins/sudoers/def_data.c:70
+msgid "Send mail if the user is not in sudoers"
+msgstr "Gửi thư nếu người dùng không ở trong sudoers"
+
+#: plugins/sudoers/def_data.c:74
+msgid "Send mail if the user is not in sudoers for this host"
+msgstr "Gửi thư nếu người dùng không có trong sudoers cho máy chủ này"
+
+#: plugins/sudoers/def_data.c:78
+msgid "Send mail if the user is not allowed to run a command"
+msgstr "Gửi thư nếu người dùng không được phép chạy lệnh nào đó"
+
+#: plugins/sudoers/def_data.c:82
+msgid "Send mail if the user tries to run a command"
+msgstr "Gửi thư nếu người cố chạy lệnh nào đó"
+
+#: plugins/sudoers/def_data.c:86
+msgid "Use a separate timestamp for each user/tty combo"
+msgstr "Sử dụng dấu vết thời gian riêng rẽ cho từng cặp tkhoản/tty"
+
+#: plugins/sudoers/def_data.c:90
+msgid "Lecture user the first time they run sudo"
+msgstr "Hướng dẫn người dùng lần đầu tiên họ chạy lệnh sudo"
+
+#: plugins/sudoers/def_data.c:94
+#, c-format
+msgid "File containing the sudo lecture: %s"
+msgstr "TẬP-TIN chứa thuyết trình về “sudo”: %s"
+
+#: plugins/sudoers/def_data.c:98
+msgid "Require users to authenticate by default"
+msgstr "Yêu cầu người dùng chứng thực theo mặc định"
+
+#: plugins/sudoers/def_data.c:102
+msgid "Root may run sudo"
+msgstr "Siêu người dùng (root) có thể chạy lệnh sudo"
+
+#: plugins/sudoers/def_data.c:106
+msgid "Log the hostname in the (non-syslog) log file"
+msgstr "Ghi nhật ký tên-máy-chủ vào tập tin nhật ký (không dùng syslog)"
+
+#: plugins/sudoers/def_data.c:110
+msgid "Log the year in the (non-syslog) log file"
+msgstr "Ghi nhật ký năm vào tập tin nhật ký (không dùng syslog)"
+
+#: plugins/sudoers/def_data.c:114
+msgid "If sudo is invoked with no arguments, start a shell"
+msgstr "Nếu lệnh sudo được triệu gọi mà không đưa ra tham số thì khởi chạy hệ vỏ"
+
+#: plugins/sudoers/def_data.c:118
+msgid "Set $HOME to the target user when starting a shell with -s"
+msgstr "Đặt biến $HOME cho người dùng đích khi sử dụng hệ vỏ (shell) với tùy chọn -s"
+
+#: plugins/sudoers/def_data.c:122
+msgid "Always set $HOME to the target user's home directory"
+msgstr "Luôn đặt biến $HOME cho thư mục cá nhân của người dùng đích"
+
+#: plugins/sudoers/def_data.c:126
+msgid "Allow some information gathering to give useful error messages"
+msgstr "Cho phép một số thông tin được thu thập để đưa ra các thông tin về lỗi hữu dụng"
+
+#: plugins/sudoers/def_data.c:130
+msgid "Require fully-qualified hostnames in the sudoers file"
+msgstr "Yêu cầu tên máy chủ dạng đầy đủ trong tập tin sudoers"
+
+#: plugins/sudoers/def_data.c:134
+msgid "Insult the user when they enter an incorrect password"
+msgstr "Lăng mạ người dùng khi họ nhập vào mật khẩu sai"
+
+#: plugins/sudoers/def_data.c:138
+msgid "Only allow the user to run sudo if they have a tty"
+msgstr "Chỉ cho phép người dùng chạy lệnh sudo nếu họ có tty"
+
+#: plugins/sudoers/def_data.c:142
+msgid "Visudo will honor the EDITOR environment variable"
+msgstr "Visudo sẽ tôn trọng biến môi trường EDITOR"
+
+#: plugins/sudoers/def_data.c:146
+msgid "Prompt for root's password, not the users's"
+msgstr "Hỏi mật khẩu của siêu người dùng, chứ không phải của người dùng"
+
+#: plugins/sudoers/def_data.c:150
+msgid "Prompt for the runas_default user's password, not the users's"
+msgstr "Nhắc mật khẩu của người dùng runas_mặc_định, không phải của người dùng"
+
+#: plugins/sudoers/def_data.c:154
+msgid "Prompt for the target user's password, not the users's"
+msgstr "Nhắc mật khẩu của người dùng đích, không phải cái hiện tại"
+
+#: plugins/sudoers/def_data.c:158
+msgid "Apply defaults in the target user's login class if there is one"
+msgstr "Áp dụng mặc định trong lớp đăng nhập người dùng đích nếu ở đây có một"
+
+#: plugins/sudoers/def_data.c:162
+msgid "Set the LOGNAME and USER environment variables"
+msgstr "Đặt biến môi trường LOGNAME và USER"
+
+#: plugins/sudoers/def_data.c:166
+msgid "Only set the effective uid to the target user, not the real uid"
+msgstr "Chỉ đặt uid đang có hiệu lực cho người dùng đích, không sử dụng uid thật"
+
+#: plugins/sudoers/def_data.c:170
+msgid "Don't initialize the group vector to that of the target user"
+msgstr "Không khởi tạo véc-tơ nhóm cho người dùng đích"
+
+#: plugins/sudoers/def_data.c:174
+#, c-format
+msgid "Length at which to wrap log file lines (0 for no wrap): %u"
+msgstr "Độ dài mà tại đó các dòng trong tập tin nhật ký được ngắt dòng (0 là không ngắt dòng): %u"
+
+#: plugins/sudoers/def_data.c:178
+#, c-format
+msgid "Authentication timestamp timeout: %.1f minutes"
+msgstr "Thời gian chờ dấu vết thời gian xác thực tối đa: %.1f phút"
+
+#: plugins/sudoers/def_data.c:182
+#, c-format
+msgid "Password prompt timeout: %.1f minutes"
+msgstr "Thời gian chờ nhắc mật khẩu tối đa: %.1f phút"
+
+#: plugins/sudoers/def_data.c:186
+#, c-format
+msgid "Number of tries to enter a password: %u"
+msgstr "Số lần nhập mật khẩu: %u"
+
+#: plugins/sudoers/def_data.c:190
+#, c-format
+msgid "Umask to use or 0777 to use user's: 0%o"
+msgstr "Umask để sử dụng hoặc 0777 để sử dụng của người dùng: 0%o"
+
+#: plugins/sudoers/def_data.c:194
+#, c-format
+msgid "Path to log file: %s"
+msgstr "Đường dẫn tới tập tin nhật ký: “%s”"
+
+#: plugins/sudoers/def_data.c:198
+#, c-format
+msgid "Path to mail program: %s"
+msgstr "Đường dẫn tới chương trình gửi thư (mail) %s"
+
+#: plugins/sudoers/def_data.c:202
+#, c-format
+msgid "Flags for mail program: %s"
+msgstr "Các cờ dành cho chương trình gửi thư (mail): %s"
+
+#: plugins/sudoers/def_data.c:206
+#, c-format
+msgid "Address to send mail to: %s"
+msgstr "Địa chỉ để gửi thư đến: %s"
+
+#: plugins/sudoers/def_data.c:210
+#, c-format
+msgid "Address to send mail from: %s"
+msgstr "Địa chỉ dùng để gửi thư từ: %s"
+
+#: plugins/sudoers/def_data.c:214
+#, c-format
+msgid "Subject line for mail messages: %s"
+msgstr "Chủ đề cho thư: %s"
+
+#: plugins/sudoers/def_data.c:218
+#, c-format
+msgid "Incorrect password message: %s"
+msgstr "Mật khẩu không đúng: %s"
+
+#: plugins/sudoers/def_data.c:222
+#, c-format
+msgid "Path to lecture status dir: %s"
+msgstr "Đường dẫn đến thư mục trạng thái thuyết trình: %s"
+
+#: plugins/sudoers/def_data.c:226
+#, c-format
+msgid "Path to authentication timestamp dir: %s"
+msgstr "Đường dẫn thư mục dấu vết thời gian xác thực: %s"
+
+#: plugins/sudoers/def_data.c:230
+#, c-format
+msgid "Owner of the authentication timestamp dir: %s"
+msgstr "Chủ sở hữu đường dẫn thư mục dấu vết thời gian xác thực: %s"
+
+#: plugins/sudoers/def_data.c:234
+#, c-format
+msgid "Users in this group are exempt from password and PATH requirements: %s"
+msgstr "Những tài khoản trong nhóm này được miễn mật khẩu và yêu cầu PATH: %s"
+
+#: plugins/sudoers/def_data.c:238
+#, c-format
+msgid "Default password prompt: %s"
+msgstr "Lời nhắc nhập mật khẩu mặc định: %s"
+
+#: plugins/sudoers/def_data.c:242
+msgid "If set, passprompt will override system prompt in all cases."
+msgstr "Nếu được đặt, lời nhắc mật khẩu sẽ đè lên dấu nhắc hệ thống trong mọi trường hợp."
+
+#: plugins/sudoers/def_data.c:246
+#, c-format
+msgid "Default user to run commands as: %s"
+msgstr "Tài khoản mặc định chạy lệnh như là: %s"
+
+#: plugins/sudoers/def_data.c:250
+#, c-format
+msgid "Value to override user's $PATH with: %s"
+msgstr "Giá trị dùng để ghi đè lên $PATH của người dùng: %s"
+
+#: plugins/sudoers/def_data.c:254
+#, c-format
+msgid "Path to the editor for use by visudo: %s"
+msgstr "Đường dẫn tới trình biên soạn để sử dụng cho lệnh visudo: %s"
+
+#: plugins/sudoers/def_data.c:258
+#, c-format
+msgid "When to require a password for 'list' pseudocommand: %s"
+msgstr "Khi được yêu cầu mật khẩu cho “liệt kê” lệnh-giả: %s"
+
+#: plugins/sudoers/def_data.c:262
+#, c-format
+msgid "When to require a password for 'verify' pseudocommand: %s"
+msgstr "Khi được yêu cầu mật khẩu cho lệnh-giả “verify” (“thẩm tra”): %s"
+
+#: plugins/sudoers/def_data.c:266
+msgid "Preload the dummy exec functions contained in the sudo_noexec library"
+msgstr "Tải trước các hàm thi hành giả được chứa trong thư viện sudo_noexec"
+
+#: plugins/sudoers/def_data.c:270
+msgid "If LDAP directory is up, do we ignore local sudoers file"
+msgstr "Nếu thư mục LDAP đã bật, chúng tôi sẽ lờ đi tập tin sudoers phải không"
+
+#: plugins/sudoers/def_data.c:274
+#, c-format
+msgid "File descriptors >= %d will be closed before executing a command"
+msgstr "Các bộ mô tả tập tin >= %d sẽ bị đóng trước khi chạy một lệnh"
+
+#: plugins/sudoers/def_data.c:278
+msgid "If set, users may override the value of `closefrom' with the -C option"
+msgstr "Nếu được đặt, người dùng có thể ghi đè lên giá trị của “closefrom” bằng tùy chọn -C"
+
+#: plugins/sudoers/def_data.c:282
+msgid "Allow users to set arbitrary environment variables"
+msgstr "Cho phép người dùng đặt biến môi trường tùy ý"
+
+#: plugins/sudoers/def_data.c:286
+msgid "Reset the environment to a default set of variables"
+msgstr "Đặt lại biến môi trường thành giá trị mặc định của chúng"
+
+#: plugins/sudoers/def_data.c:290
+msgid "Environment variables to check for sanity:"
+msgstr "Các biến môi trường được kiểm tra xem có đúng mực không:"
+
+#: plugins/sudoers/def_data.c:294
+msgid "Environment variables to remove:"
+msgstr "Các biến môi trường bị gỡ bỏ:"
+
+#: plugins/sudoers/def_data.c:298
+msgid "Environment variables to preserve:"
+msgstr "Các biến môi trường được giữ lại:"
+
+#: plugins/sudoers/def_data.c:302
+#, c-format
+msgid "SELinux role to use in the new security context: %s"
+msgstr "Vai trò SELinux được dùng trong ngữ cảnh an ninh mới: %s"
+
+#: plugins/sudoers/def_data.c:306
+#, c-format
+msgid "SELinux type to use in the new security context: %s"
+msgstr "Kiểu SELinux được dùng trong ngữ cảnh an ninh mới: %s"
+
+#: plugins/sudoers/def_data.c:310
+#, c-format
+msgid "Path to the sudo-specific environment file: %s"
+msgstr "Đường dẫn tới tập tin môi trường đặc-tả-sudo: %s"
+
+#: plugins/sudoers/def_data.c:314
+#, c-format
+msgid "Path to the restricted sudo-specific environment file: %s"
+msgstr "Đường dẫn tới tập tin môi trường đặc-tả-sudo-hạn-chế: %s"
+
+#: plugins/sudoers/def_data.c:318
+#, c-format
+msgid "Locale to use while parsing sudoers: %s"
+msgstr "Miền địa phương sẽ sử dụng khi phân tích sudoers: %s"
+
+#: plugins/sudoers/def_data.c:322
+msgid "Allow sudo to prompt for a password even if it would be visible"
+msgstr "Cho phép sudo hỏi mật khẩu thậm chí ngay cả khi nó đã rõ ràng"
+
+#: plugins/sudoers/def_data.c:326
+msgid "Provide visual feedback at the password prompt when there is user input"
+msgstr "Cung cấp phản hồi ảo lúc nhắc mật khẩu khi đây là đầu nhập người dùng"
+
+#: plugins/sudoers/def_data.c:330
+msgid "Use faster globbing that is less accurate but does not access the filesystem"
+msgstr "Sử dụng globbing kiểu nhanh hơn mà nó thì kém chính xác hơn nhưng lại không cần truy cập hệ thống tập tin"
+
+#: plugins/sudoers/def_data.c:334
+msgid "The umask specified in sudoers will override the user's, even if it is more permissive"
+msgstr "Giá trị umask được chỉ định trong sudoers sẽ ghi đè lên giá trị này của người dùng, thậm chí nó còn dễ dãi hơn"
+
+#: plugins/sudoers/def_data.c:338
+msgid "Log user's input for the command being run"
+msgstr "Ghi nhật ký kết xuất từ người dùng cho lệnh đang chạy"
+
+#: plugins/sudoers/def_data.c:342
+msgid "Log the output of the command being run"
+msgstr "Ghi lại nhật ký kết xuất của lệnh đang chạy"
+
+#: plugins/sudoers/def_data.c:346
+msgid "Compress I/O logs using zlib"
+msgstr "Nén nhật ký V/R sử dụng định dạng zlib"
+
+#: plugins/sudoers/def_data.c:350
+msgid "Always run commands in a pseudo-tty"
+msgstr "Luôn chạy lệnh ở tty-giả"
+
+#: plugins/sudoers/def_data.c:354
+#, c-format
+msgid "Plugin for non-Unix group support: %s"
+msgstr "Phần bổ sung cho hỗ trợ nhóm không-Unix: %s"
+
+#: plugins/sudoers/def_data.c:358
+#, c-format
+msgid "Directory in which to store input/output logs: %s"
+msgstr "Thư mục mà nó sẽ lưu nhật ký vào/ra: %s"
+
+#: plugins/sudoers/def_data.c:362
+#, c-format
+msgid "File in which to store the input/output log: %s"
+msgstr "Tập tin mà nó sẽ lưu nhật ký vào/ra: %s"
+
+#: plugins/sudoers/def_data.c:366
+msgid "Add an entry to the utmp/utmpx file when allocating a pty"
+msgstr "Thêm một mục vào tập tin utmp/utmpx khi phân bổ một pty"
+
+#: plugins/sudoers/def_data.c:370
+msgid "Set the user in utmp to the runas user, not the invoking user"
+msgstr "Đặt người dùng trong utmp thành người dùng runasr, không phải người dùng gọi"
+
+#: plugins/sudoers/def_data.c:374
+#, c-format
+msgid "Set of permitted privileges: %s"
+msgstr "Tập hợp các đặc quyền được phép: %s"
+
+#: plugins/sudoers/def_data.c:378
+#, c-format
+msgid "Set of limit privileges: %s"
+msgstr "Tập hợp các quyền bị giới hạn: %s"
+
+#: plugins/sudoers/def_data.c:382
+msgid "Run commands on a pty in the background"
+msgstr "Chạy các câu lệnh trên một pty trong nền hệ thống"
+
+#: plugins/sudoers/def_data.c:386
+#, c-format
+msgid "PAM service name to use: %s"
+msgstr "Tên dịch vụ PAM được dùng: %s"
+
+#: plugins/sudoers/def_data.c:390
+#, c-format
+msgid "PAM service name to use for login shells: %s"
+msgstr "Tên dịch vụ PAM được dùng cho các hệ vỏ đăng nhập: %s"
+
+#: plugins/sudoers/def_data.c:394
+msgid "Attempt to establish PAM credentials for the target user"
+msgstr "Thử thiết lập ủy nhiệm PAM cho người dùng đích"
+
+#: plugins/sudoers/def_data.c:398
+msgid "Create a new PAM session for the command to run in"
+msgstr "Tạo một phiên PAM mới để lệnh chạy với nó"
+
+#: plugins/sudoers/def_data.c:402
+#, c-format
+msgid "Maximum I/O log sequence number: %u"
+msgstr "Số lượng nhật ký I/O tối đa: %u"
+
+#: plugins/sudoers/def_data.c:406
+msgid "Enable sudoers netgroup support"
+msgstr "Bật hỗ trợ nhóm-mạng “sudoers”"
+
+#: plugins/sudoers/def_data.c:410
+msgid "Check parent directories for writability when editing files with sudoedit"
+msgstr "Kiểm tra xem các thư mục cha có ghi được hay không khi sửa các tập tin bằng sudoedit"
+
+#: plugins/sudoers/def_data.c:414
+msgid "Follow symbolic links when editing files with sudoedit"
+msgstr "Theo các liên kết mềm khi sửa các tập tin bằng sudoedit"
+
+#: plugins/sudoers/def_data.c:418
+msgid "Query the group plugin for unknown system groups"
+msgstr "Truy vấn các phần bổ sung nhóm cho các nhóm hệ thống chưa biết"
+
+#: plugins/sudoers/def_data.c:422
+msgid "Match netgroups based on the entire tuple: user, host and domain"
+msgstr "Khớp nhóm mạng trên cơ sở toàn thể bộ dữ liệu : tài khoản, tên máy và tên miền"
+
+#: plugins/sudoers/def_data.c:426
+msgid "Allow commands to be run even if sudo cannot write to the audit log"
+msgstr "Cho phép các lệnh có thể chạy ngay cả khi sudo không thể ghi vào nhật ký audit"
+
+#: plugins/sudoers/def_data.c:430
+msgid "Allow commands to be run even if sudo cannot write to the I/O log"
+msgstr "Cho phép các lệnh có thể chạy ngay cả khi sudo không thể ghi vào nhật ký V/R"
+
+#: plugins/sudoers/def_data.c:434
+msgid "Allow commands to be run even if sudo cannot write to the log file"
+msgstr "Cho phép các lệnh có thể chạy ngay cả khi sudo không thể ghi vào tập tin nhật ký"
+
+#: plugins/sudoers/def_data.c:438
+msgid "Resolve groups in sudoers and match on the group ID, not the name"
+msgstr "Phân giải các nhóm trong sudoers và khớp dựa trên mã số nhóm, không phải là tên"
+
+#: plugins/sudoers/def_data.c:442
+#, c-format
+msgid "Log entries larger than this value will be split into multiple syslog messages: %u"
+msgstr "Các mục tin của nhật ký lớn hơn giá trị này sẽ được chia thành nhiều chuỗi syslog nhỏ: %u"
+
+#: plugins/sudoers/def_data.c:446
+#, c-format
+msgid "User that will own the I/O log files: %s"
+msgstr "Người mà sẽ sở hữu tập tin nhật ký V/R: %s"
+
+#: plugins/sudoers/def_data.c:450
+#, c-format
+msgid "Group that will own the I/O log files: %s"
+msgstr "Nhóm mà sẽ sở hữu tập tin nhật ký V/R: %s"
+
+#: plugins/sudoers/def_data.c:454
+#, c-format
+msgid "File mode to use for the I/O log files: 0%o"
+msgstr "Chế độ tập tin được dùng cho tập tin nhật ký V/R: 0%o"
+
+#: plugins/sudoers/def_data.c:458
+#, c-format
+msgid "Execute commands by file descriptor instead of by path: %s"
+msgstr "Thực thi các lệnh theo bộ mô tả tập tin thay cho đường dẫn: %s"
+
+#: plugins/sudoers/def_data.c:462
+msgid "Ignore unknown Defaults entries in sudoers instead of producing a warning"
+msgstr "Bỏ qua các mục tin Mặc định chưa biết trong sudoers thay vì đưa ra cảnh báo"
+
+#: plugins/sudoers/def_data.c:466
+#, c-format
+msgid "Time in seconds after which the command will be terminated: %u"
+msgstr "Thời gian theo giây sau đó thì lệnh sẽ bị chấm dứt: %u"
+
+#: plugins/sudoers/def_data.c:470
+msgid "Allow the user to specify a timeout on the command line"
+msgstr "Cho phép người dùng chỉ định thời gian chờ dòng lệnh tối đa"
+
+#: plugins/sudoers/def_data.c:474
+msgid "Flush I/O log data to disk immediately instead of buffering it"
+msgstr "Đẩy dữ liệu nhật ký V/R lên đĩa ngay lập tức thay vì nhớ đệm nó"
+
+#: plugins/sudoers/def_data.c:478
+msgid "Include the process ID when logging via syslog"
+msgstr "Bao gồm mã số tiến trình khi ghi nhật ký thông qua syslog"
+
+#: plugins/sudoers/def_data.c:482
+#, c-format
+msgid "Type of authentication timestamp record: %s"
+msgstr "Kiểu của bản ghi dấu vết thời gian xác thực: %s"
+
+#: plugins/sudoers/def_data.c:486
+#, c-format
+msgid "Authentication failure message: %s"
+msgstr "Thông tin xác thực gặp lỗi nghiêm trọng: %s"
+
+#: plugins/sudoers/def_data.c:490
+msgid "Ignore case when matching user names"
+msgstr "Bỏ qua HOA/thường khi khớp tên người dùng"
+
+#: plugins/sudoers/def_data.c:494
+msgid "Ignore case when matching group names"
+msgstr "Bỏ qua HOA/thường khi khớp tên nhóm"
+
+#: plugins/sudoers/defaults.c:229
+#, c-format
+msgid "%s:%d unknown defaults entry \"%s\""
+msgstr "%s:%d không hiểu mục tin mặc định “%s”"
+
+#: plugins/sudoers/defaults.c:232
+#, c-format
+msgid "%s: unknown defaults entry \"%s\""
+msgstr "%s: không hiểu mục tin mặc định “%s”"
+
+#: plugins/sudoers/defaults.c:275
+#, c-format
+msgid "%s:%d no value specified for \"%s\""
+msgstr "%s:%d chưa chỉ ra giá trị cho “%s”"
+
+#: plugins/sudoers/defaults.c:278
+#, c-format
+msgid "%s: no value specified for \"%s\""
+msgstr "%s: chưa chỉ ra giá trị cho “%s”"
+
+#: plugins/sudoers/defaults.c:298
+#, c-format
+msgid "%s:%d values for \"%s\" must start with a '/'"
+msgstr "%s:%d giá trị cho “%s” phải bắt đầu bằng dấu “/”"
+
+#: plugins/sudoers/defaults.c:301
+#, c-format
+msgid "%s: values for \"%s\" must start with a '/'"
+msgstr "%s: giá trị cho “%s” phải bắt đầu bằng dấu “/”"
+
+#: plugins/sudoers/defaults.c:323
+#, c-format
+msgid "%s:%d option \"%s\" does not take a value"
+msgstr "%s:%d tùy chọn “%s” không nhận giá trị"
+
+#: plugins/sudoers/defaults.c:326
+#, c-format
+msgid "%s: option \"%s\" does not take a value"
+msgstr "%s: tùy chọn “%s” không nhận giá trị"
+
+#: plugins/sudoers/defaults.c:351
+#, c-format
+msgid "%s:%d invalid Defaults type 0x%x for option \"%s\""
+msgstr "%s:%d kiểu Defaults không hợp lệ 0x%x cho tùy chọn “%s”"
+
+#: plugins/sudoers/defaults.c:354
+#, c-format
+msgid "%s: invalid Defaults type 0x%x for option \"%s\""
+msgstr "%s: kiểu Defaults không hợp lệ 0x%x cho tùy chọn “%s”"
+
+#: plugins/sudoers/defaults.c:364
+#, c-format
+msgid "%s:%d value \"%s\" is invalid for option \"%s\""
+msgstr "%s:%d giá trị “%s” là không hợp lệ đối với tùy chọn “%s”"
+
+#: plugins/sudoers/defaults.c:367
+#, c-format
+msgid "%s: value \"%s\" is invalid for option \"%s\""
+msgstr "%s: giá trị “%s” là không hợp lệ đối với tùy chọn “%s”"
+
+#: plugins/sudoers/env.c:390
+msgid "sudo_putenv: corrupted envp, length mismatch"
+msgstr "sudo_putenv: envp sai hỏng, chiều dài không khớp"
+
+#: plugins/sudoers/env.c:1111
+msgid "unable to rebuild the environment"
+msgstr "không thể xây dựng lại môi trường"
+
+#: plugins/sudoers/env.c:1185
+#, c-format
+msgid "sorry, you are not allowed to set the following environment variables: %s"
+msgstr "rất tiếc, bạn không được phép đặt các biến môi trường sau đây: %1s"
+
+#: plugins/sudoers/file.c:114
+#, c-format
+msgid "parse error in %s near line %d"
+msgstr "lỗi phân tích trong %s gần dòng %d"
+
+#: plugins/sudoers/file.c:117
+#, c-format
+msgid "parse error in %s"
+msgstr "gặp lỗi phân tích trong %s"
+
+#: plugins/sudoers/filedigest.c:59
+#, c-format
+msgid "unsupported digest type %d for %s"
+msgstr "không hỗ trợ kiểu tóm lược %d dành cho %s"
+
+#: plugins/sudoers/filedigest.c:88
+#, c-format
+msgid "%s: read error"
+msgstr "%s: lỗi đọc"
+
+#: plugins/sudoers/group_plugin.c:88
+#, c-format
+msgid "%s must be owned by uid %d"
+msgstr "%s phải được sở hữu bởi uid %d"
+
+#: plugins/sudoers/group_plugin.c:92
+#, c-format
+msgid "%s must only be writable by owner"
+msgstr "%s phải là những thứ chỉ có thể ghi bởi chủ sở hữu"
+
+#: plugins/sudoers/group_plugin.c:100 plugins/sudoers/sssd.c:561
+#, c-format
+msgid "unable to load %s: %s"
+msgstr "không thể tải %s: %s"
+
+#: plugins/sudoers/group_plugin.c:106
+#, c-format
+msgid "unable to find symbol \"group_plugin\" in %s"
+msgstr "không tìm thấy ký hiệu “group_plugin” trong %s"
+
+#: plugins/sudoers/group_plugin.c:111
+#, c-format
+msgid "%s: incompatible group plugin major version %d, expected %d"
+msgstr "%s: phiên bản số lớn phần bổ sung nhóm không tương thích %d, mong đợi %d"
+
+#: plugins/sudoers/interfaces.c:84 plugins/sudoers/interfaces.c:101
+#, c-format
+msgid "unable to parse IP address \"%s\""
+msgstr "không thể phân tích địa chỉ IP \"%s\""
+
+#: plugins/sudoers/interfaces.c:89 plugins/sudoers/interfaces.c:106
+#, c-format
+msgid "unable to parse netmask \"%s\""
+msgstr "không thể phân tích mặt nạ mạng \"%s\""
+
+#: plugins/sudoers/interfaces.c:134
+msgid "Local IP address and netmask pairs:\n"
+msgstr "Cặp địa chỉ IP và mặt nạ cục bộ:\n"
+
+#: plugins/sudoers/iolog.c:115 plugins/sudoers/mkdir_parents.c:80
+#, c-format
+msgid "%s exists but is not a directory (0%o)"
+msgstr "%s có tồn tại nhưng nó không phải là một thư mục (0%o)"
+
+#: plugins/sudoers/iolog.c:140 plugins/sudoers/iolog.c:180
+#: plugins/sudoers/mkdir_parents.c:69 plugins/sudoers/timestamp.c:210
+#, c-format
+msgid "unable to mkdir %s"
+msgstr "không thể tạo thư mục “%s”"
+
+#: plugins/sudoers/iolog.c:184 plugins/sudoers/visudo.c:723
+#: plugins/sudoers/visudo.c:734
+#, c-format
+msgid "unable to change mode of %s to 0%o"
+msgstr "không thể chuyển đổi chế độ của %s thành 0%o"
+
+#: plugins/sudoers/iolog.c:292 plugins/sudoers/sudoers.c:1167
+#: plugins/sudoers/testsudoers.c:422
+#, c-format
+msgid "unknown group: %s"
+msgstr "không nhận ra nhóm: %s"
+
+#: plugins/sudoers/iolog.c:462 plugins/sudoers/sudoers.c:907
+#: plugins/sudoers/sudoreplay.c:840 plugins/sudoers/sudoreplay.c:1536
+#: plugins/sudoers/tsdump.c:143
+#, c-format
+msgid "unable to read %s"
+msgstr "không thể đọc %s"
+
+#: plugins/sudoers/iolog.c:577 plugins/sudoers/iolog.c:797
+#, c-format
+msgid "unable to create %s"
+msgstr "không thể tạo “%s”"
+
+#: plugins/sudoers/iolog.c:820 plugins/sudoers/iolog.c:1035
+#: plugins/sudoers/iolog.c:1111 plugins/sudoers/iolog.c:1205
+#: plugins/sudoers/iolog.c:1265
+#, c-format
+msgid "unable to write to I/O log file: %s"
+msgstr "không thể ghi vào tập tin nhật ký V/R: %s"
+
+#: plugins/sudoers/iolog.c:1069
+#, c-format
+msgid "%s: internal error, I/O log file for event %d not open"
+msgstr "%s: lỗi bên trong, tập tin nhật ký vào ra cho sự kiện %d chưa được mở"
+
+#: plugins/sudoers/iolog.c:1228
+#, c-format
+msgid "%s: internal error, invalid signal %d"
+msgstr "%s: lỗi bên trong, tín hiệu %d không hợp lệ"
+
+#: plugins/sudoers/iolog_util.c:87
+#, c-format
+msgid "%s: invalid log file"
+msgstr "%s: tập tin nhật ký không hợp lệ"
+
+#: plugins/sudoers/iolog_util.c:105
+#, c-format
+msgid "%s: time stamp field is missing"
+msgstr "%s: thiếu trường dấu vết thời gian"
+
+#: plugins/sudoers/iolog_util.c:111
+#, c-format
+msgid "%s: time stamp %s: %s"
+msgstr "%s: dấu vết thời gian “%s”: %s"
+
+#: plugins/sudoers/iolog_util.c:118
+#, c-format
+msgid "%s: user field is missing"
+msgstr "%s: thiếu trường tài khoản người dùng"
+
+#: plugins/sudoers/iolog_util.c:127
+#, c-format
+msgid "%s: runas user field is missing"
+msgstr "%s: thiếu trường “runas user” (chạy với tư cách tài khoản này)"
+
+#: plugins/sudoers/iolog_util.c:136
+#, c-format
+msgid "%s: runas group field is missing"
+msgstr "%s: thiếu trường “runas group” (chạy dưới danh nghĩa nhóm này)"
+
+#: plugins/sudoers/ldap.c:176 plugins/sudoers/ldap_conf.c:294
+msgid "starttls not supported when using ldaps"
+msgstr "“starttls” chỉ được hỗ trợ khi dùng với “ldaps”"
+
+#: plugins/sudoers/ldap.c:247
+#, c-format
+msgid "unable to initialize SSL cert and key db: %s"
+msgstr "không thể khởi tạo chứng nhận SSL và csdl khóa: %s"
+
+#: plugins/sudoers/ldap.c:250
+#, c-format
+msgid "you must set TLS_CERT in %s to use SSL"
+msgstr "bạn phải đặt TLS_CERT trong %s để sử dụng SSL"
+
+#: plugins/sudoers/ldap.c:1612
+#, c-format
+msgid "unable to initialize LDAP: %s"
+msgstr "không thể khởi tạo LDAP: %s"
+
+#: plugins/sudoers/ldap.c:1648
+msgid "start_tls specified but LDAP libs do not support ldap_start_tls_s() or ldap_start_tls_s_np()"
+msgstr "start_tls được chỉ ra nhưng thư viện LDAP không hỗ trợ ldap_start_tls_s() hoặc ldap_start_tls_s_np()"
+
+#: plugins/sudoers/ldap.c:1785 plugins/sudoers/parse_ldif.c:735
+#, c-format
+msgid "invalid sudoOrder attribute: %s"
+msgstr "thuộc tính sudoOrder không hợp lệ: %s"
+
+#: plugins/sudoers/ldap_conf.c:203
+msgid "sudo_ldap_conf_add_ports: port too large"
+msgstr "sudo_ldap_conf_add_ports: cổng quá lớn"
+
+#: plugins/sudoers/ldap_conf.c:263
+#, c-format
+msgid "unsupported LDAP uri type: %s"
+msgstr "không hỗ trợ kiểu “LDAP uri”: %s"
+
+#: plugins/sudoers/ldap_conf.c:290
+msgid "unable to mix ldap and ldaps URIs"
+msgstr "không thể trộn ldap và ldaps URIs"
+
+#: plugins/sudoers/ldap_util.c:454 plugins/sudoers/ldap_util.c:456
+#, c-format
+msgid "unable to convert sudoOption: %s%s%s"
+msgstr "không thể chuyển đổi sudoOption: %s%s%s"
+
+#: plugins/sudoers/linux_audit.c:57
+msgid "unable to open audit system"
+msgstr "không thể mở hệ thống audit"
+
+#: plugins/sudoers/linux_audit.c:98
+msgid "unable to send audit message"
+msgstr "không thể gửi thông tin audit"
+
+#: plugins/sudoers/logging.c:113
+#, c-format
+msgid "%8s : %s"
+msgstr "%8s : %s"
+
+#: plugins/sudoers/logging.c:141
+#, c-format
+msgid "%8s : (command continued) %s"
+msgstr "%8s : (lệnh tiếp tục) %s"
+
+#: plugins/sudoers/logging.c:170
+#, c-format
+msgid "unable to open log file: %s"
+msgstr "không thể mở tập tin nhật ký: %s"
+
+#: plugins/sudoers/logging.c:178
+#, c-format
+msgid "unable to lock log file: %s"
+msgstr "không thể khóa tập tin nhật ký: %s"
+
+#: plugins/sudoers/logging.c:211
+#, c-format
+msgid "unable to write log file: %s"
+msgstr "không thể ghi vào tập tin nhật ký: %s"
+
+#: plugins/sudoers/logging.c:240
+msgid "No user or host"
+msgstr "Không có tài khoản hay tên máy chủ"
+
+#: plugins/sudoers/logging.c:242
+msgid "validation failure"
+msgstr "việc phê chuẩn thất bại"
+
+#: plugins/sudoers/logging.c:249
+msgid "user NOT in sudoers"
+msgstr "tài khoản KHÔNG có trong sudoers"
+
+#: plugins/sudoers/logging.c:251
+msgid "user NOT authorized on host"
+msgstr "tài khoản KHÔNG được cho phép sử dụng trên máy chủ"
+
+#: plugins/sudoers/logging.c:253
+msgid "command not allowed"
+msgstr "lệnh không được phép"
+
+#: plugins/sudoers/logging.c:288
+#, c-format
+msgid "%s is not in the sudoers file.  This incident will be reported.\n"
+msgstr "%s không trong tập tin sudoers. Sự việc này sẽ được báo cáo.\n"
+
+#: plugins/sudoers/logging.c:291
+#, c-format
+msgid "%s is not allowed to run sudo on %s.  This incident will be reported.\n"
+msgstr "%s không được phép chạy lệnh sudo trên %s. Sự việc này sẽ được báo cáo.\n"
+
+#: plugins/sudoers/logging.c:295
+#, c-format
+msgid "Sorry, user %s may not run sudo on %s.\n"
+msgstr "Rất tiếc, tài khoản %s không được chạy lệnh sudo trên %s.\n"
+
+#: plugins/sudoers/logging.c:298
+#, c-format
+msgid "Sorry, user %s is not allowed to execute '%s%s%s' as %s%s%s on %s.\n"
+msgstr "Rất tiếc, tài khoản %s không được phép thi hành “%s%s%s” như là %s%s%s trên %s.\n"
+
+#: plugins/sudoers/logging.c:335 plugins/sudoers/sudoers.c:438
+#: plugins/sudoers/sudoers.c:440 plugins/sudoers/sudoers.c:442
+#: plugins/sudoers/sudoers.c:444 plugins/sudoers/sudoers.c:599
+#: plugins/sudoers/sudoers.c:601
+#, c-format
+msgid "%s: command not found"
+msgstr "%s: không tìm thấy lệnh"
+
+#: plugins/sudoers/logging.c:337 plugins/sudoers/sudoers.c:434
+#, c-format
+msgid ""
+"ignoring \"%s\" found in '.'\n"
+"Use \"sudo ./%s\" if this is the \"%s\" you wish to run."
+msgstr ""
+"đang bỏ qua “%s” được tìm thấy trong “.”\n"
+"Sử dụng “sudo ./%s” nếu đây là “%s” bạn muốn chạy."
+
+#: plugins/sudoers/logging.c:354
+msgid "authentication failure"
+msgstr "xác thực gặp lỗi nghiêm trọng"
+
+#: plugins/sudoers/logging.c:380
+msgid "a password is required"
+msgstr "bắt buộc phải có mật khẩu"
+
+#: plugins/sudoers/logging.c:443
+#, c-format
+msgid "%u incorrect password attempt"
+msgid_plural "%u incorrect password attempts"
+msgstr[0] "đã sai mật khẩu %u lần"
+
+#: plugins/sudoers/logging.c:666
+msgid "unable to fork"
+msgstr "không thể tạo tiến trình con"
+
+#: plugins/sudoers/logging.c:674 plugins/sudoers/logging.c:726
+#, c-format
+msgid "unable to fork: %m"
+msgstr "không thể tạo tiến trình con: %m"
+
+#: plugins/sudoers/logging.c:716
+#, c-format
+msgid "unable to open pipe: %m"
+msgstr "không thể mở ống dẫn lệnh: %m"
+
+#: plugins/sudoers/logging.c:741
+#, c-format
+msgid "unable to dup stdin: %m"
+msgstr "không thể dup (nhân đôi) stdin: %m"
+
+#: plugins/sudoers/logging.c:779
+#, c-format
+msgid "unable to execute %s: %m"
+msgstr "không thể thực thi %s: %m"
+
+#: plugins/sudoers/match.c:874
+#, c-format
+msgid "digest for %s (%s) is not in %s form"
+msgstr "tóm lược cho %s (%s) không ở dạng thức %s"
+
+#: plugins/sudoers/mkdir_parents.c:75 plugins/sudoers/sudoers.c:918
+#: plugins/sudoers/visudo.c:421 plugins/sudoers/visudo.c:717
+#, c-format
+msgid "unable to stat %s"
+msgstr "không thể lấy thống kê %s"
+
+#: plugins/sudoers/parse.c:444
+#, c-format
+msgid ""
+"\n"
+"LDAP Role: %s\n"
+msgstr ""
+"\n"
+"Vai trò LDAP: %s\n"
+
+#: plugins/sudoers/parse.c:447
+#, c-format
+msgid ""
+"\n"
+"Sudoers entry:\n"
+msgstr ""
+"\n"
+"Mục Sudoers:\n"
+
+#: plugins/sudoers/parse.c:449
+#, c-format
+msgid "    RunAsUsers: "
+msgstr "    ChạyVớiTưCáchNgườiDùng: "
+
+#: plugins/sudoers/parse.c:464
+#, c-format
+msgid "    RunAsGroups: "
+msgstr "    ChạyVớiTưCáchNhóm: "
+
+#: plugins/sudoers/parse.c:474
+#, c-format
+msgid "    Options: "
+msgstr "    Tùy chọn: "
+
+#: plugins/sudoers/parse.c:528
+#, c-format
+msgid "    Commands:\n"
+msgstr "      Lệnh:\n"
+
+#: plugins/sudoers/parse.c:719
+#, c-format
+msgid "Matching Defaults entries for %s on %s:\n"
+msgstr "Các mục mặc định khớp cho %s trên máy %s:\n"
+
+#: plugins/sudoers/parse.c:737
+#, c-format
+msgid "Runas and Command-specific defaults for %s:\n"
+msgstr "Runas và Đặc-tả-lệnh mặc định cho %s:\n"
+
+#: plugins/sudoers/parse.c:755
+#, c-format
+msgid "User %s may run the following commands on %s:\n"
+msgstr "Người dùng %s có thể chạy những lệnh sau trên máy %s:\n"
+
+#: plugins/sudoers/parse.c:770
+#, c-format
+msgid "User %s is not allowed to run sudo on %s.\n"
+msgstr "Tài khoản %s không được phép thi hành sudo trên %s.\n"
+
+#: plugins/sudoers/parse_ldif.c:145
+#, c-format
+msgid "ignoring invalid attribute value: %s"
+msgstr "bỏ qua giá trị thuộc tính không hợp lệ: %s"
+
+#: plugins/sudoers/parse_ldif.c:584
+#, c-format
+msgid "ignoring incomplete sudoRole: cn: %s"
+msgstr "bỏ qua sudoRole chưa hoàn thiện: cn: %s"
+
+#: plugins/sudoers/policy.c:88 plugins/sudoers/policy.c:114
+#, c-format
+msgid "invalid %.*s set by sudo front-end"
+msgstr "%.*s không hợp lệ đặt bởi ứng dụng chạy phía trước sudo"
+
+#: plugins/sudoers/policy.c:293 plugins/sudoers/testsudoers.c:278
+msgid "unable to parse network address list"
+msgstr "không thể phân tích danh sách địa chỉ mạng"
+
+#: plugins/sudoers/policy.c:437
+msgid "user name not set by sudo front-end"
+msgstr "tên người dùng không đặt bởi ứng dụng chạy phía trước sudo"
+
+#: plugins/sudoers/policy.c:441
+msgid "user ID not set by sudo front-end"
+msgstr "mã số người dùng không đặt bởi ứng dụng chạy phía trước sudo"
+
+#: plugins/sudoers/policy.c:445
+msgid "group ID not set by sudo front-end"
+msgstr "mã số nhóm không đặt bởi ứng dụng chạy phía trước sudo"
+
+#: plugins/sudoers/policy.c:449
+msgid "host name not set by sudo front-end"
+msgstr "tên máy không đặt bởi ứng dụng chạy phía trước sudo"
+
+#: plugins/sudoers/policy.c:802 plugins/sudoers/visudo.c:220
+#: plugins/sudoers/visudo.c:851
+#, c-format
+msgid "unable to execute %s"
+msgstr "không thể thực thi %s"
+
+#: plugins/sudoers/policy.c:933
+#, c-format
+msgid "Sudoers policy plugin version %s\n"
+msgstr "Phiên bản của phần bổ sung chính sách Sudoers %s\n"
+
+#: plugins/sudoers/policy.c:935
+#, c-format
+msgid "Sudoers file grammar version %d\n"
+msgstr "Phiên bản ngữ pháp tập tin Sudoers %d\n"
+
+#: plugins/sudoers/policy.c:939
+#, c-format
+msgid ""
+"\n"
+"Sudoers path: %s\n"
+msgstr ""
+"\n"
+"Đường dẫn Sudoers: %s\n"
+
+#: plugins/sudoers/policy.c:942
+#, c-format
+msgid "nsswitch path: %s\n"
+msgstr "đường dẫn nsswitch: %s\n"
+
+#: plugins/sudoers/policy.c:944
+#, c-format
+msgid "ldap.conf path: %s\n"
+msgstr "đường dẫn ldap.conf: %s\n"
+
+#: plugins/sudoers/policy.c:945
+#, c-format
+msgid "ldap.secret path: %s\n"
+msgstr "đường dẫn ldap.secret: %s\n"
+
+#: plugins/sudoers/policy.c:978
+#, c-format
+msgid "unable to register hook of type %d (version %d.%d)"
+msgstr "không thể đăng ký móc kiểu %d (phiên bản %d.%d)"
+
+#: plugins/sudoers/pwutil.c:220 plugins/sudoers/pwutil.c:239
+#, c-format
+msgid "unable to cache uid %u, out of memory"
+msgstr "không thể lưu nhớ tạm uid %u, hết bộ nhớ rồi"
+
+#: plugins/sudoers/pwutil.c:233
+#, c-format
+msgid "unable to cache uid %u, already exists"
+msgstr "không thể lưu nhớ tạm uid %u, đã có sẵn rồi"
+
+#: plugins/sudoers/pwutil.c:293 plugins/sudoers/pwutil.c:311
+#: plugins/sudoers/pwutil.c:373 plugins/sudoers/pwutil.c:418
+#, c-format
+msgid "unable to cache user %s, out of memory"
+msgstr "không thể lưu nhớ tạm tài khoản %s, hết bộ nhớ rồi"
+
+#: plugins/sudoers/pwutil.c:306
+#, c-format
+msgid "unable to cache user %s, already exists"
+msgstr "không thể lưu nhớ tạm tài khoản %s, đã có sẵn rồi"
+
+#: plugins/sudoers/pwutil.c:537 plugins/sudoers/pwutil.c:556
+#, c-format
+msgid "unable to cache gid %u, out of memory"
+msgstr "không thể lưu nhớ tạm gid %u, đã hết bộ nhớ rồi"
+
+#: plugins/sudoers/pwutil.c:550
+#, c-format
+msgid "unable to cache gid %u, already exists"
+msgstr "không thể lưu nhớ tạm gid %u, đã có sẵn rồi"
+
+#: plugins/sudoers/pwutil.c:604 plugins/sudoers/pwutil.c:622
+#: plugins/sudoers/pwutil.c:669 plugins/sudoers/pwutil.c:711
+#, c-format
+msgid "unable to cache group %s, out of memory"
+msgstr "không thể lưu nhớ tạm nhóm %s, đã hết bộ nhớ rồi"
+
+#: plugins/sudoers/pwutil.c:617
+#, c-format
+msgid "unable to cache group %s, already exists"
+msgstr "không thể lưu nhớ tạm nhóm %s, đã có sẵn rồi"
+
+#: plugins/sudoers/pwutil.c:837 plugins/sudoers/pwutil.c:889
+#: plugins/sudoers/pwutil.c:940 plugins/sudoers/pwutil.c:993
+#, c-format
+msgid "unable to cache group list for %s, already exists"
+msgstr "không thể lưu nhớ tạm danh sách nhóm cho %s, đã có sẵn rồi"
+
+#: plugins/sudoers/pwutil.c:843 plugins/sudoers/pwutil.c:894
+#: plugins/sudoers/pwutil.c:946 plugins/sudoers/pwutil.c:998
+#, c-format
+msgid "unable to cache group list for %s, out of memory"
+msgstr "không thể lưu nhớ tạm danh sách nhóm cho %s, đã hết bộ nhớ rồi"
+
+#: plugins/sudoers/pwutil.c:883
+#, c-format
+msgid "unable to parse groups for %s"
+msgstr "không thể phân tích nhóm cho %s"
+
+#: plugins/sudoers/pwutil.c:987
+#, c-format
+msgid "unable to parse gids for %s"
+msgstr "không thể phân tích mã số nhóm cho %s"
+
+#: plugins/sudoers/set_perms.c:118 plugins/sudoers/set_perms.c:474
+#: plugins/sudoers/set_perms.c:917 plugins/sudoers/set_perms.c:1244
+#: plugins/sudoers/set_perms.c:1561
+msgid "perm stack overflow"
+msgstr "ngăn xếp perm bị tràn"
+
+#: plugins/sudoers/set_perms.c:126 plugins/sudoers/set_perms.c:405
+#: plugins/sudoers/set_perms.c:482 plugins/sudoers/set_perms.c:784
+#: plugins/sudoers/set_perms.c:925 plugins/sudoers/set_perms.c:1168
+#: plugins/sudoers/set_perms.c:1252 plugins/sudoers/set_perms.c:1494
+#: plugins/sudoers/set_perms.c:1569 plugins/sudoers/set_perms.c:1659
+msgid "perm stack underflow"
+msgstr "ngăn xếp stack tràn ngầm"
+
+#: plugins/sudoers/set_perms.c:185 plugins/sudoers/set_perms.c:528
+#: plugins/sudoers/set_perms.c:1303 plugins/sudoers/set_perms.c:1601
+msgid "unable to change to root gid"
+msgstr "không thể thay đổi mã số nhóm của siêu người dùng root"
+
+#: plugins/sudoers/set_perms.c:274 plugins/sudoers/set_perms.c:625
+#: plugins/sudoers/set_perms.c:1054 plugins/sudoers/set_perms.c:1380
+msgid "unable to change to runas gid"
+msgstr "không thể thay đổi thành runas gid"
+
+#: plugins/sudoers/set_perms.c:279 plugins/sudoers/set_perms.c:630
+#: plugins/sudoers/set_perms.c:1059 plugins/sudoers/set_perms.c:1385
+msgid "unable to set runas group vector"
+msgstr "không thể đặt véc-tơ nhóm runas"
+
+#: plugins/sudoers/set_perms.c:290 plugins/sudoers/set_perms.c:641
+#: plugins/sudoers/set_perms.c:1068 plugins/sudoers/set_perms.c:1394
+msgid "unable to change to runas uid"
+msgstr "không thể thay đổi thành runas uid"
+
+#: plugins/sudoers/set_perms.c:308 plugins/sudoers/set_perms.c:659
+#: plugins/sudoers/set_perms.c:1084 plugins/sudoers/set_perms.c:1410
+msgid "unable to change to sudoers gid"
+msgstr "không thể thay đổi thành mã số nhóm sudoers"
+
+#: plugins/sudoers/set_perms.c:392 plugins/sudoers/set_perms.c:771
+#: plugins/sudoers/set_perms.c:1155 plugins/sudoers/set_perms.c:1481
+#: plugins/sudoers/set_perms.c:1646
+msgid "too many processes"
+msgstr "quá nhiều tiến trình"
+
+#: plugins/sudoers/solaris_audit.c:56
+msgid "unable to get current working directory"
+msgstr "không thể lấy thư mục làm việc hiện tại"
+
+#: plugins/sudoers/solaris_audit.c:64
+#, c-format
+msgid "truncated audit path user_cmnd: %s"
+msgstr "đã cắt ngắn đường dẫn audit user_cmnd: %s"
+
+#: plugins/sudoers/solaris_audit.c:71
+#, c-format
+msgid "truncated audit path argv[0]: %s"
+msgstr "đã cắt ngắn đường dẫn audit argv[0]: %s"
+
+#: plugins/sudoers/solaris_audit.c:120
+msgid "audit_failure message too long"
+msgstr "thông điệp audit_failure quá dài"
+
+#: plugins/sudoers/sssd.c:563
+msgid "unable to initialize SSS source. Is SSSD installed on your machine?"
+msgstr "không thể khởi tạo nguồn SSS. SSSD đã được cài đặt trên máy của bạn chưa vậy?"
+
+#: plugins/sudoers/sssd.c:571 plugins/sudoers/sssd.c:580
+#: plugins/sudoers/sssd.c:589 plugins/sudoers/sssd.c:598
+#: plugins/sudoers/sssd.c:607
+#, c-format
+msgid "unable to find symbol \"%s\" in %s"
+msgstr "không thể tìm thấy ký hiệu “%s” trong %s"
+
+#: plugins/sudoers/sudoers.c:208 plugins/sudoers/sudoers.c:864
+msgid "problem with defaults entries"
+msgstr "trục trặc với các mục mặc định"
+
+#: plugins/sudoers/sudoers.c:212
+msgid "no valid sudoers sources found, quitting"
+msgstr "không có người dùng hợp lệ nào được tìm thấy, đang thoát ra"
+
+#: plugins/sudoers/sudoers.c:250
+msgid "sudoers specifies that root is not allowed to sudo"
+msgstr "sudoers đã ghi rõ là siêu người dùng (root) không được phép chạy sudo"
+
+#: plugins/sudoers/sudoers.c:308
+msgid "you are not permitted to use the -C option"
+msgstr "bạn không được phép sử dụng tùy chọn -C"
+
+#: plugins/sudoers/sudoers.c:355
+#, c-format
+msgid "timestamp owner (%s): No such user"
+msgstr "người sở hữu dấu vết thời gian (%s): Không có người dùng nào như vậy"
+
+#: plugins/sudoers/sudoers.c:370
+msgid "no tty"
+msgstr "không có tty"
+
+#: plugins/sudoers/sudoers.c:371
+msgid "sorry, you must have a tty to run sudo"
+msgstr "rất tiếc, bạn phải có tty mới có thể chạy sudo"
+
+#: plugins/sudoers/sudoers.c:433
+msgid "command in current directory"
+msgstr "lệnh trong thư mục hiện hành"
+
+#: plugins/sudoers/sudoers.c:452
+msgid "sorry, you are not allowed set a command timeout"
+msgstr "rất tiếc, bạn không được phép đặt thời gian chờ lệnh tối đa"
+
+#: plugins/sudoers/sudoers.c:460
+msgid "sorry, you are not allowed to preserve the environment"
+msgstr "rất tiếc, bạn không được phép giữ lại môi trường"
+
+#: plugins/sudoers/sudoers.c:808
+msgid "command too long"
+msgstr "lệnh quá dài"
+
+#: plugins/sudoers/sudoers.c:922
+#, c-format
+msgid "%s is not a regular file"
+msgstr "%s không phải tập tin thường"
+
+#: plugins/sudoers/sudoers.c:926 plugins/sudoers/timestamp.c:257 toke.l:965
+#, c-format
+msgid "%s is owned by uid %u, should be %u"
+msgstr "%s được sở hữu bởi người dùng mang mã số %u, nên là %u"
+
+#: plugins/sudoers/sudoers.c:930 toke.l:970
+#, c-format
+msgid "%s is world writable"
+msgstr "%s ai ghi cũng được"
+
+#: plugins/sudoers/sudoers.c:934 toke.l:973
+#, c-format
+msgid "%s is owned by gid %u, should be %u"
+msgstr "%s được sở hữu bởi nhóm mang mã số %u, nên là %u"
+
+#: plugins/sudoers/sudoers.c:967
+#, c-format
+msgid "only root can use \"-c %s\""
+msgstr "chỉ có siêu người dùng (root) mới có thể sử dụng “-c %s”"
+
+#: plugins/sudoers/sudoers.c:986
+#, c-format
+msgid "unknown login class: %s"
+msgstr "không rõ lớp đăng nhập: %s"
+
+#: plugins/sudoers/sudoers.c:1069 plugins/sudoers/sudoers.c:1083
+#, c-format
+msgid "unable to resolve host %s"
+msgstr "không thể phân giải địa chỉ của máy %s"
+
+#: plugins/sudoers/sudoreplay.c:248
+#, c-format
+msgid "invalid filter option: %s"
+msgstr "tùy chọn lọc không hợp lệ: %s"
+
+#: plugins/sudoers/sudoreplay.c:261
+#, c-format
+msgid "invalid max wait: %s"
+msgstr "thời gian chờ tối đa không hợp lệ: %s"
+
+#: plugins/sudoers/sudoreplay.c:284
+#, c-format
+msgid "invalid speed factor: %s"
+msgstr "sai hệ số nhân tốc độ: %s"
+
+#: plugins/sudoers/sudoreplay.c:319
+#, c-format
+msgid "%s/%.2s/%.2s/%.2s/timing: %s"
+msgstr "%s/%.2s/%.2s/%.2s/thời-gian: %s"
+
+#: plugins/sudoers/sudoreplay.c:325
+#, c-format
+msgid "%s/%s/timing: %s"
+msgstr "%s/%s/thời-gian: %s"
+
+#: plugins/sudoers/sudoreplay.c:341
+#, c-format
+msgid "Replaying sudo session: %s"
+msgstr "Đang chạy lại phiên sudo: %s"
+
+#: plugins/sudoers/sudoreplay.c:539 plugins/sudoers/sudoreplay.c:586
+#: plugins/sudoers/sudoreplay.c:783 plugins/sudoers/sudoreplay.c:892
+#: plugins/sudoers/sudoreplay.c:977 plugins/sudoers/sudoreplay.c:992
+#: plugins/sudoers/sudoreplay.c:999 plugins/sudoers/sudoreplay.c:1006
+#: plugins/sudoers/sudoreplay.c:1013 plugins/sudoers/sudoreplay.c:1020
+#: plugins/sudoers/sudoreplay.c:1168
+msgid "unable to add event to queue"
+msgstr "không thể thêm sự kiện vào hàng đợi"
+
+#: plugins/sudoers/sudoreplay.c:654
+msgid "unable to set tty to raw mode"
+msgstr "không thể đặt thiết bị tty chế độ thô (raw)"
+
+#: plugins/sudoers/sudoreplay.c:705
+#, c-format
+msgid "Warning: your terminal is too small to properly replay the log.\n"
+msgstr "Cảnh báo: thiết bị cuối quá nhỏ để có thể chạy nhật ký một cách đúng đắn.\n"
+
+#: plugins/sudoers/sudoreplay.c:706
+#, c-format
+msgid "Log geometry is %d x %d, your terminal's geometry is %d x %d."
+msgstr "Định dạng của nhật ký là %d x %d, định dạng của thiết bị cuối là %d x %d."
+
+#: plugins/sudoers/sudoreplay.c:734
+msgid "Replay finished, press any key to restore the terminal."
+msgstr "Trình diễn lại đã kết thúc, vui lòng bấm một phím bất kỳ để hoàn lại thiết bị cuối."
+
+#: plugins/sudoers/sudoreplay.c:766
+#, c-format
+msgid "invalid timing file line: %s"
+msgstr "sai dòng ghi thời gian trong tập tin: %s"
+
+#: plugins/sudoers/sudoreplay.c:1202 plugins/sudoers/sudoreplay.c:1227
+#, c-format
+msgid "ambiguous expression \"%s\""
+msgstr "biểu thức không rõ ràng “%s”"
+
+#: plugins/sudoers/sudoreplay.c:1249
+msgid "unmatched ')' in expression"
+msgstr "thiếu “)” trong biểu thức"
+
+#: plugins/sudoers/sudoreplay.c:1253
+#, c-format
+msgid "unknown search term \"%s\""
+msgstr "không hiểu giới hạn tìm kiếm “%s”"
+
+#: plugins/sudoers/sudoreplay.c:1268
+#, c-format
+msgid "%s requires an argument"
+msgstr "%s yêu cầu một đối số"
+
+#: plugins/sudoers/sudoreplay.c:1271 plugins/sudoers/sudoreplay.c:1512
+#, c-format
+msgid "invalid regular expression: %s"
+msgstr "biểu thức chính quy không hợp lệ: %s"
+
+#: plugins/sudoers/sudoreplay.c:1275
+#, c-format
+msgid "could not parse date \"%s\""
+msgstr "không thể phân tích ngày tháng “%s”"
+
+#: plugins/sudoers/sudoreplay.c:1284
+msgid "unmatched '(' in expression"
+msgstr "thiếu “(” trong biểu thức"
+
+#: plugins/sudoers/sudoreplay.c:1286
+msgid "illegal trailing \"or\""
+msgstr "thừa “or” ở cuối"
+
+#: plugins/sudoers/sudoreplay.c:1288
+msgid "illegal trailing \"!\""
+msgstr "thừa “!” ở cuối"
+
+#: plugins/sudoers/sudoreplay.c:1338
+#, c-format
+msgid "unknown search type %d"
+msgstr "không hiểu kiểu tìm kiếm “%d”"
+
+#: plugins/sudoers/sudoreplay.c:1605
+#, c-format
+msgid "usage: %s [-hnRS] [-d dir] [-m num] [-s num] ID\n"
+msgstr "cách dùng: %s [-hnRS] [-d thư-mục] [-m số] [-s số] ID\n"
+
+#: plugins/sudoers/sudoreplay.c:1608
+#, c-format
+msgid "usage: %s [-h] [-d dir] -l [search expression]\n"
+msgstr "cách dùng: %s [-h] [-d th.mục] -l [biểu thức tìm kiếm]\n"
+
+#: plugins/sudoers/sudoreplay.c:1617
+#, c-format
+msgid ""
+"%s - replay sudo session logs\n"
+"\n"
+msgstr ""
+"%s - chạy lại nhật ký phiên sudo\n"
+"\n"
+
+#: plugins/sudoers/sudoreplay.c:1619
+msgid ""
+"\n"
+"Options:\n"
+"  -d, --directory=dir  specify directory for session logs\n"
+"  -f, --filter=filter  specify which I/O type(s) to display\n"
+"  -h, --help           display help message and exit\n"
+"  -l, --list           list available session IDs, with optional expression\n"
+"  -m, --max-wait=num   max number of seconds to wait between events\n"
+"  -S, --suspend-wait   wait while the command was suspended\n"
+"  -s, --speed=num      speed up or slow down output\n"
+"  -V, --version        display version information and exit"
+msgstr ""
+"\n"
+"Tùy chọn:\n"
+"  -d, --directory=th.mục  chỉ định thư mục cho nhật ký phiên\n"
+"  -f, --filter=bộ-lọc     chỉ định kiểu V/R để hiển thị\n"
+"  -h, --help              hiển thị thông tin trợ giúp rồi thoát\n"
+"  -l, --list              liệt kê ID phiên sẵn có, với biểu thức tùy chọn\n"
+"  -m, --max-wait=sô       số giây tối đa sẽ chờ giữa hai sự kiện\n"
+"  -S, --suspend-wait      chờ trong khi lệnh bị treo\n"
+"  -s, --speed=số          tăng hoặc giảm tốc độ kết xuất\n"
+"  -V, --version           hiển thị thông tin về phiên bản rồi thoát"
+
+#: plugins/sudoers/testsudoers.c:360
+msgid "\thost  unmatched"
+msgstr "\tmáy chủ không khớp"
+
+#: plugins/sudoers/testsudoers.c:363
+msgid ""
+"\n"
+"Command allowed"
+msgstr ""
+"\n"
+"Lệnh được phép"
+
+#: plugins/sudoers/testsudoers.c:364
+msgid ""
+"\n"
+"Command denied"
+msgstr ""
+"\n"
+"Lệnh bị cấm"
+
+#: plugins/sudoers/testsudoers.c:364
+msgid ""
+"\n"
+"Command unmatched"
+msgstr ""
+"\n"
+"Lệnh không khớp"
+
+#: plugins/sudoers/timestamp.c:265
+#, c-format
+msgid "%s is group writable"
+msgstr "%s là người cùng nhóm được ghi"
+
+#: plugins/sudoers/timestamp.c:341
+#, c-format
+msgid "unable to truncate time stamp file to %lld bytes"
+msgstr "không thể cắt ngắn tập tin dấu-vết-thời-gian thành %lld byte"
+
+#: plugins/sudoers/timestamp.c:827 plugins/sudoers/timestamp.c:919
+#: plugins/sudoers/visudo.c:482 plugins/sudoers/visudo.c:488
+msgid "unable to read the clock"
+msgstr "không thể đọc khóa"
+
+#: plugins/sudoers/timestamp.c:838
+msgid "ignoring time stamp from the future"
+msgstr "bỏ qua dấu vết thời gian nằm ở thì tương lai"
+
+#: plugins/sudoers/timestamp.c:861
+#, c-format
+msgid "time stamp too far in the future: %20.20s"
+msgstr "dấu vết thời gian nằm ở thì tương lai: %20.20s"
+
+#: plugins/sudoers/timestamp.c:983
+#, c-format
+msgid "unable to lock time stamp file %s"
+msgstr "không thể khóa tập tin dấu-vết-thời-gian %s"
+
+#: plugins/sudoers/timestamp.c:1027 plugins/sudoers/timestamp.c:1047
+#, c-format
+msgid "lecture status path too long: %s/%s"
+msgstr "đường dẫn đến thư mục thuyết trình quá dài: %s/%s"
+
+#: plugins/sudoers/visudo.c:216
+msgid "the -x option will be removed in a future release"
+msgstr "tùy chọn -x sẽ bị xóa bỏ trong tương lai"
+
+#: plugins/sudoers/visudo.c:217
+msgid "please consider using the cvtsudoers utility instead"
+msgstr "vui lòng cân nhắc sử dụng tiện ích cvtsudoers để thay thế"
+
+#: plugins/sudoers/visudo.c:268 plugins/sudoers/visudo.c:650
+#, c-format
+msgid "press return to edit %s: "
+msgstr "bấm phím <Enter> để trở về chỉnh sửa %s:"
+
+#: plugins/sudoers/visudo.c:329
+#, c-format
+msgid "specified editor (%s) doesn't exist"
+msgstr "trình biên soạn đã chỉ ra (%s) không tồn tại"
+
+#: plugins/sudoers/visudo.c:331
+#, c-format
+msgid "no editor found (editor path = %s)"
+msgstr "không tìm thấy trình biên soạn (đường dẫn của nó = %s)"
+
+#: plugins/sudoers/visudo.c:441 plugins/sudoers/visudo.c:449
+msgid "write error"
+msgstr "lỗi ghi"
+
+#: plugins/sudoers/visudo.c:495
+#, c-format
+msgid "unable to stat temporary file (%s), %s unchanged"
+msgstr "không thể lấy thống kê tập tin tạm (%s), %s không thay đổi gì."
+
+#: plugins/sudoers/visudo.c:502
+#, c-format
+msgid "zero length temporary file (%s), %s unchanged"
+msgstr "tập tin tạm (%s) có kích cỡ bằng không, %s không thay đổi gì"
+
+#: plugins/sudoers/visudo.c:508
+#, c-format
+msgid "editor (%s) failed, %s unchanged"
+msgstr "trình biên soạn (%s) gặp lỗi, %s không thay đổi gì"
+
+#: plugins/sudoers/visudo.c:530
+#, c-format
+msgid "%s unchanged"
+msgstr "%s không thay đổi"
+
+#: plugins/sudoers/visudo.c:589
+#, c-format
+msgid "unable to re-open temporary file (%s), %s unchanged."
+msgstr "không thể mở lại tập tin tạm (%s), %s không thay đổi gì."
+
+#: plugins/sudoers/visudo.c:601
+#, c-format
+msgid "unabled to parse temporary file (%s), unknown error"
+msgstr "không thể phân tích tập tin tạm (%s), lỗi chưa được biết"
+
+#: plugins/sudoers/visudo.c:639
+#, c-format
+msgid "internal error, unable to find %s in list!"
+msgstr "lỗi hệ thống, không thể tìm thấy %s trong danh sách!"
+
+#: plugins/sudoers/visudo.c:719 plugins/sudoers/visudo.c:728
+#, c-format
+msgid "unable to set (uid, gid) of %s to (%u, %u)"
+msgstr "không thể đặt (uid, gid) của %s thành (%u, %u)"
+
+#: plugins/sudoers/visudo.c:751
+#, c-format
+msgid "%s and %s not on the same file system, using mv to rename"
+msgstr "%s và %s không ở trên cùng một hệ thống tập tin, sử dụng lệnh mv để đổi tên"
+
+#: plugins/sudoers/visudo.c:765
+#, c-format
+msgid "command failed: '%s %s %s', %s unchanged"
+msgstr "thực hiện lệnh gặp lỗi: “%s %s %s”, %s không thay đổi"
+
+#: plugins/sudoers/visudo.c:775
+#, c-format
+msgid "error renaming %s, %s unchanged"
+msgstr "gặp lỗi khi đổi tên %s, %s không thay đổi"
+
+#: plugins/sudoers/visudo.c:796
+msgid "What now? "
+msgstr "Vậy làm gì bây giờ? "
+
+#: plugins/sudoers/visudo.c:810
+msgid ""
+"Options are:\n"
+"  (e)dit sudoers file again\n"
+"  e(x)it without saving changes to sudoers file\n"
+"  (Q)uit and save changes to sudoers file (DANGER!)\n"
+msgstr ""
+"Các tùy chọn là:\n"
+"  (e)  sửa lại tập tin sudoers\n"
+"  (x)  thoát ra mà không ghi lại tập tin sudoerse\n"
+"  (q)  thoát ra và ghi lại tập tin sudoers (NGUY HIỂM!)\n"
+
+#: plugins/sudoers/visudo.c:856
+#, c-format
+msgid "unable to run %s"
+msgstr "không thể chạy %s"
+
+#: plugins/sudoers/visudo.c:886
+#, c-format
+msgid "%s: wrong owner (uid, gid) should be (%u, %u)\n"
+msgstr "%s: sai sở hữu (uid, gid) đáng lẽ là (%u, %u)\n"
+
+#: plugins/sudoers/visudo.c:893
+#, c-format
+msgid "%s: bad permissions, should be mode 0%o\n"
+msgstr "%s: phân quyền sai, phải ở chế độ 0%o\n"
+
+#: plugins/sudoers/visudo.c:950 plugins/sudoers/visudo.c:957
+#, c-format
+msgid "%s: parsed OK\n"
+msgstr "%s: vượt qua kiểm duyệt\n"
+
+#: plugins/sudoers/visudo.c:976
+#, c-format
+msgid "%s busy, try again later"
+msgstr "%s đang bận, hãy thử lại sau"
+
+#: plugins/sudoers/visudo.c:979
+#, c-format
+msgid "unable to lock %s"
+msgstr "không thể khóa %s"
+
+#: plugins/sudoers/visudo.c:980
+msgid "Edit anyway? [y/N]"
+msgstr "Vẫn sửa? (có/KHÔNG) [y/N]"
+
+#: plugins/sudoers/visudo.c:1064
+#, c-format
+msgid "Error: %s:%d cycle in %s \"%s\""
+msgstr "Lỗi: %s:%d bị quẩn tròn trong %s “%s”"
+
+#: plugins/sudoers/visudo.c:1065
+#, c-format
+msgid "Warning: %s:%d cycle in %s \"%s\""
+msgstr "Cảnh báo: %s:%d bị quẩn tròn trong %s “%s”"
+
+#: plugins/sudoers/visudo.c:1069
+#, c-format
+msgid "Error: %s:%d %s \"%s\" referenced but not defined"
+msgstr "Lỗi: %s:%d %s “%s” được tham chiếu nhưng chưa được định nghĩa"
+
+#: plugins/sudoers/visudo.c:1070
+#, c-format
+msgid "Warning: %s:%d %s \"%s\" referenced but not defined"
+msgstr "Cảnh báo: %s:%d %s “%s” được tham chiếu nhưng chưa được định nghĩa"
+
+#: plugins/sudoers/visudo.c:1161
+#, c-format
+msgid "Warning: %s:%d unused %s \"%s\""
+msgstr "Cảnh báo: %s:%d không dùng %s “%s”"
+
+#: plugins/sudoers/visudo.c:1276
+#, c-format
+msgid ""
+"%s - safely edit the sudoers file\n"
+"\n"
+msgstr ""
+"%s - sửa tập tin sudoers một cách an toàn\n"
+"\n"
+
+#: plugins/sudoers/visudo.c:1278
+msgid ""
+"\n"
+"Options:\n"
+"  -c, --check              check-only mode\n"
+"  -f, --file=sudoers       specify sudoers file location\n"
+"  -h, --help               display help message and exit\n"
+"  -q, --quiet              less verbose (quiet) syntax error messages\n"
+"  -s, --strict             strict syntax checking\n"
+"  -V, --version            display version information and exit\n"
+msgstr ""
+"\n"
+"Các tùy chọn:\n"
+"  -c, --check              chế độ chỉ kiểm tra\n"
+"  -f, --file=tập-tin       chỉ định vị trí tập tin sudoers\n"
+"  -h, --help               hiển thị thông tin trợ giúp rồi thoát\n"
+"  -q, --quiet              tối thiểu hóa các thông tin (quiet: im lặng)\n"
+"  -s, --strict             kiểm tra cú pháp ngặt nghèo\n"
+"  -V, --version            hiển thị thông tin về phiên bản rồi thoát\n"
+
+#: toke.l:939
+msgid "too many levels of includes"
+msgstr "quá nhiều cấp bao gồm (include)"
+
+#~ msgid ""
+#~ "\n"
+#~ "LDAP Role: UNKNOWN\n"
+#~ msgstr ""
+#~ "\n"
+#~ "Vai trò LDAP: KHÔNG HIỂU\n"
+
+#~ msgid "    Order: %s\n"
+#~ msgstr "      Thứ tự: %s\n"
+
+#~ msgid ""
+#~ "\n"
+#~ "SSSD Role: %s\n"
+#~ msgstr ""
+#~ "\n"
+#~ "Vai trò SSSD: %s\n"
+
+#~ msgid ""
+#~ "\n"
+#~ "SSSD Role: UNKNOWN\n"
+#~ msgstr ""
+#~ "\n"
+#~ "Vai trò SSSD: KHÔNG HIỂU\n"
+
+#~ msgid "Warning: cycle in %s `%s'"
+#~ msgstr "Cảnh báo: quẩn tròn trong %s “%s”"
+
+#~ msgid "Warning: %s `%s' referenced but not defined"
+#~ msgstr "Cảnh báo: %s “%s” được tham chiếu nhưng chưa được định nghĩa"
+
+#~ msgid "Warning: unused %s `%s'"
+#~ msgstr "Cảnh báo: chưa được dùng %s “%s”"
+
+#~ msgid "unable allocate memory"
+#~ msgstr "không thể cấp phát bộ nhớ"
+
+#~ msgid "timestamp path too long: %s/%s"
+#~ msgstr "đường dẫn dấu vết thời gian quá dài: %s/%s"
+
+#~ msgid "unable to stat editor (%s)"
+#~ msgstr "không thể lấy thống kê trình biên soạn (%s)"
+
+#~ msgid "sudo_ldap_conf_add_ports: out of space expanding hostbuf"
+#~ msgstr "sudo_ldap_conf_add_ports: hết bộ nhớ để mở rộng hostbuf"
+
+#~ msgid "sudo_ldap_parse_uri: out of space building hostbuf"
+#~ msgstr "sudo_ldap_parse_uri: hết bộ nhớ để biên dịch “hostbuf”"
+
+#~ msgid "sudo_ldap_build_pass1 allocation mismatch"
+#~ msgstr "sudo_ldap_build_pass1 phân bổ không khớp"
+
+#~ msgid "Password:"
+#~ msgstr "Mật khẩu:"
+
+#~ msgid "internal error: insufficient space for log line"
+#~ msgstr "lỗi nội bộ: thiếu khoảng trống cho dòng ghi nhật ký"
+
+#~ msgid "fill_args: buffer overflow"
+#~ msgstr "fill_args: bộ đệm bị tràn"
+
+#~ msgid "%s owned by uid %u, should be uid %u"
+#~ msgstr "%s được sở hữu bởi uid %u, nên là %u"
+
+#~ msgid "%s writable by non-owner (0%o), should be mode 0700"
+#~ msgstr "%s có thể được ghi bởi người không sở hữu nó (0%o), cần đặt chế độ 0700"
+
+#~ msgid "%s exists but is not a regular file (0%o)"
+#~ msgstr "%s đã sẵn có nhưng không phải là một tập tin bình thường (0%o)"
+
+#~ msgid "%s writable by non-owner (0%o), should be mode 0600"
+#~ msgstr "%s có thể được ghi bởi người không sở hữu nó (0%o), cần đặt chế độ 0600"
+
+#~ msgid "unable to remove %s, will reset to the Unix epoch"
+#~ msgstr "không thể gỡ bỏ %s, sẽ đặt lại thành thời điểm bắt đầu kiểu Unix"
+
+#~ msgid "unable to reset %s to the Unix epoch"
+#~ msgstr "không thể đặt lại %s thành thời điểm bắt đầu kiểu Unix"
+
+#~ msgid "value out of range"
+#~ msgstr "giá trị nằm ngoài phạm vi"
+
+#~ msgid "invalid uri: %s"
+#~ msgstr "URI không hợp lệ: %s"
+
+#~ msgid "unable to mix ldaps and starttls"
+#~ msgstr "không thể trộn ldaps và starttls"
+
+#~ msgid "writing to standard output"
+#~ msgstr "ghi vào đầu ra tiêu chuẩn"
+
+#~ msgid "too many parenthesized expressions, max %d"
+#~ msgstr "có quá nhiều biểu thức trong dấu ngoặc đơn, tối đa là %d"
+
+#~ msgid "unable to setup authentication"
+#~ msgstr "không thể cài đặt xác thực"
+
+#~ msgid "getaudit: failed"
+#~ msgstr "getaudit: gặp lỗi"
+
+#~ msgid "getauid: failed"
+#~ msgstr "getauid: gặp lỗi"
+
+#~ msgid "au_to_subject: failed"
+#~ msgstr "au_to_subject: gặp lỗi"
+
+#~ msgid "au_to_exec_args: failed"
+#~ msgstr "au_to_exec_args: gặp lỗi"
+
+#~ msgid "au_to_return32: failed"
+#~ msgstr "au_to_return32: gặp lỗi"
+
+#~ msgid "au_to_text: failed"
+#~ msgstr "au_to_text: gặp lỗi"
+
+#~ msgid "nanosleep: tv_sec %ld, tv_nsec %ld"
+#~ msgstr "nanosleep: tv_sec %ld, tv_nsec %ld"
+
+#~ msgid "pam_chauthtok: %s"
+#~ msgstr "pam_chauthtok: %s"
+
+#~ msgid "pam_authenticate: %s"
+#~ msgstr "pam_authenticate: %s"
+
+#~ msgid "getauid failed"
+#~ msgstr "getauid gặp lỗi"
+
+#~ msgid "Unable to dlopen %s: %s"
+#~ msgstr "Không thể dlopen %s: %s"
+
+#~ msgid "invalid regex: %s"
+#~ msgstr "biểu thức chính quy không hợp lệ: %s"
+
+#~ msgid ">>> %s: %s near line %d <<<"
+#~ msgstr ">>> %s: %s gần dòng %d <<<"
+
+#~ msgid "unable to set locale to \"%s\", using \"C\""
+#~ msgstr "không thể đặt địa phương thành “%s”, sẽ dùng “C”"
+
+#~ msgid ""
+#~ "    Commands:\n"
+#~ "\t"
+#~ msgstr ""
+#~ "    Lệnh:\n"
+#~ "\t"
+
+#~ msgid ": "
+#~ msgstr ": "
+
+#~ msgid "unable to cache uid %u (%s), already exists"
+#~ msgstr "không thể lưu nhớ tạm uid %u (%s), đã có sẵn rồi"
+
+#~ msgid "unable to cache gid %u (%s), already exists"
+#~ msgstr "không thể lưu nhớ tạm gid %u (%s), đã có sẵn rồi"
+
+#~ msgid "unable to execute %s: %s"
+#~ msgstr "không thể thực thi %s: %s"
diff --git a/plugins/sudoers/po/zh_CN.mo b/plugins/sudoers/po/zh_CN.mo
new file mode 100644
index 0000000..73a44ed
--- /dev/null
+++ b/plugins/sudoers/po/zh_CN.mo
diff --git a/plugins/sudoers/po/zh_CN.po b/plugins/sudoers/po/zh_CN.po
new file mode 100644
index 0000000..cad59f9
--- /dev/null
+++ b/plugins/sudoers/po/zh_CN.po
@@ -0,0 +1,2549 @@
+# Chinese simplified translation for sudoers.
+# This file is put in the public domain.
+# Wylmer Wang <wantinghard@gmail.com>, 2011-2018
+#
+msgid ""
+msgstr ""
+"Project-Id-Version: sudoers 1.8.26b1\n"
+"Report-Msgid-Bugs-To: https://bugzilla.sudo.ws\n"
+"POT-Creation-Date: 2018-10-29 08:31-0600\n"
+"PO-Revision-Date: 2018-11-05 09:13+0800\n"
+"Last-Translator: Wylmer Wang <wantinghard@gmail.com>\n"
+"Language-Team: Chinese (simplified) <i18n-zh@googlegroups.com>\n"
+"Language: zh_CN\n"
+"MIME-Version: 1.0\n"
+"Content-Type: text/plain; charset=utf-8\n"
+"Content-Transfer-Encoding: 8bit\n"
+"X-Bugs: Report translation errors to the Language-Team address.\n"
+"Plural-Forms: nplurals=1; plural=0;\n"
+
+#: confstr.sh:1
+msgid "syntax error"
+msgstr "语法错误"
+
+#: confstr.sh:2
+msgid "%p's password: "
+msgstr "%p 的密码："
+
+#: confstr.sh:3
+msgid "[sudo] password for %p: "
+msgstr "[sudo] %p 的密码："
+
+#: confstr.sh:4
+msgid "Password: "
+msgstr "密码："
+
+#: confstr.sh:5
+msgid "*** SECURITY information for %h ***"
+msgstr "*** %h 安全信息 ***"
+
+#: confstr.sh:6
+msgid "Sorry, try again."
+msgstr "对不起，请重试。"
+
+#: gram.y:192 gram.y:240 gram.y:247 gram.y:254 gram.y:261 gram.y:268
+#: gram.y:284 gram.y:308 gram.y:315 gram.y:322 gram.y:329 gram.y:336
+#: gram.y:399 gram.y:407 gram.y:417 gram.y:450 gram.y:457 gram.y:464
+#: gram.y:471 gram.y:553 gram.y:560 gram.y:569 gram.y:578 gram.y:595
+#: gram.y:707 gram.y:714 gram.y:721 gram.y:729 gram.y:829 gram.y:836
+#: gram.y:843 gram.y:850 gram.y:857 gram.y:883 gram.y:890 gram.y:897
+#: gram.y:1020 gram.y:1294 plugins/sudoers/alias.c:130
+#: plugins/sudoers/alias.c:137 plugins/sudoers/alias.c:153
+#: plugins/sudoers/auth/bsdauth.c:146 plugins/sudoers/auth/kerb5.c:121
+#: plugins/sudoers/auth/kerb5.c:147 plugins/sudoers/auth/pam.c:524
+#: plugins/sudoers/auth/rfc1938.c:114 plugins/sudoers/auth/sia.c:62
+#: plugins/sudoers/cvtsudoers.c:123 plugins/sudoers/cvtsudoers.c:164
+#: plugins/sudoers/cvtsudoers.c:181 plugins/sudoers/cvtsudoers.c:192
+#: plugins/sudoers/cvtsudoers.c:304 plugins/sudoers/cvtsudoers.c:432
+#: plugins/sudoers/cvtsudoers.c:565 plugins/sudoers/cvtsudoers.c:582
+#: plugins/sudoers/cvtsudoers.c:645 plugins/sudoers/cvtsudoers.c:760
+#: plugins/sudoers/cvtsudoers.c:768 plugins/sudoers/cvtsudoers.c:1178
+#: plugins/sudoers/cvtsudoers.c:1182 plugins/sudoers/cvtsudoers.c:1284
+#: plugins/sudoers/cvtsudoers_ldif.c:152 plugins/sudoers/cvtsudoers_ldif.c:195
+#: plugins/sudoers/cvtsudoers_ldif.c:242 plugins/sudoers/cvtsudoers_ldif.c:261
+#: plugins/sudoers/cvtsudoers_ldif.c:332 plugins/sudoers/cvtsudoers_ldif.c:387
+#: plugins/sudoers/cvtsudoers_ldif.c:395 plugins/sudoers/cvtsudoers_ldif.c:412
+#: plugins/sudoers/cvtsudoers_ldif.c:421 plugins/sudoers/cvtsudoers_ldif.c:568
+#: plugins/sudoers/defaults.c:661 plugins/sudoers/defaults.c:954
+#: plugins/sudoers/defaults.c:1125 plugins/sudoers/editor.c:70
+#: plugins/sudoers/editor.c:88 plugins/sudoers/editor.c:99
+#: plugins/sudoers/env.c:247 plugins/sudoers/filedigest.c:64
+#: plugins/sudoers/filedigest.c:80 plugins/sudoers/gc.c:57
+#: plugins/sudoers/group_plugin.c:136 plugins/sudoers/interfaces.c:76
+#: plugins/sudoers/iolog.c:939 plugins/sudoers/iolog_path.c:172
+#: plugins/sudoers/iolog_util.c:83 plugins/sudoers/iolog_util.c:122
+#: plugins/sudoers/iolog_util.c:131 plugins/sudoers/iolog_util.c:141
+#: plugins/sudoers/iolog_util.c:149 plugins/sudoers/iolog_util.c:153
+#: plugins/sudoers/ldap.c:183 plugins/sudoers/ldap.c:414
+#: plugins/sudoers/ldap.c:418 plugins/sudoers/ldap.c:430
+#: plugins/sudoers/ldap.c:721 plugins/sudoers/ldap.c:885
+#: plugins/sudoers/ldap.c:1233 plugins/sudoers/ldap.c:1660
+#: plugins/sudoers/ldap.c:1697 plugins/sudoers/ldap.c:1778
+#: plugins/sudoers/ldap.c:1913 plugins/sudoers/ldap.c:2014
+#: plugins/sudoers/ldap.c:2030 plugins/sudoers/ldap_conf.c:221
+#: plugins/sudoers/ldap_conf.c:252 plugins/sudoers/ldap_conf.c:304
+#: plugins/sudoers/ldap_conf.c:340 plugins/sudoers/ldap_conf.c:443
+#: plugins/sudoers/ldap_conf.c:458 plugins/sudoers/ldap_conf.c:555
+#: plugins/sudoers/ldap_conf.c:588 plugins/sudoers/ldap_conf.c:680
+#: plugins/sudoers/ldap_conf.c:762 plugins/sudoers/ldap_util.c:508
+#: plugins/sudoers/ldap_util.c:564 plugins/sudoers/linux_audit.c:81
+#: plugins/sudoers/logging.c:195 plugins/sudoers/logging.c:511
+#: plugins/sudoers/logging.c:532 plugins/sudoers/logging.c:573
+#: plugins/sudoers/logging.c:752 plugins/sudoers/logging.c:1010
+#: plugins/sudoers/match.c:725 plugins/sudoers/match.c:772
+#: plugins/sudoers/match.c:813 plugins/sudoers/match.c:841
+#: plugins/sudoers/match.c:929 plugins/sudoers/match.c:1009
+#: plugins/sudoers/parse.c:195 plugins/sudoers/parse.c:207
+#: plugins/sudoers/parse.c:222 plugins/sudoers/parse.c:234
+#: plugins/sudoers/parse_ldif.c:141 plugins/sudoers/parse_ldif.c:168
+#: plugins/sudoers/parse_ldif.c:237 plugins/sudoers/parse_ldif.c:244
+#: plugins/sudoers/parse_ldif.c:249 plugins/sudoers/parse_ldif.c:325
+#: plugins/sudoers/parse_ldif.c:336 plugins/sudoers/parse_ldif.c:342
+#: plugins/sudoers/parse_ldif.c:367 plugins/sudoers/parse_ldif.c:379
+#: plugins/sudoers/parse_ldif.c:383 plugins/sudoers/parse_ldif.c:397
+#: plugins/sudoers/parse_ldif.c:564 plugins/sudoers/parse_ldif.c:594
+#: plugins/sudoers/parse_ldif.c:619 plugins/sudoers/parse_ldif.c:679
+#: plugins/sudoers/parse_ldif.c:698 plugins/sudoers/parse_ldif.c:744
+#: plugins/sudoers/parse_ldif.c:754 plugins/sudoers/policy.c:502
+#: plugins/sudoers/policy.c:744 plugins/sudoers/prompt.c:98
+#: plugins/sudoers/pwutil.c:197 plugins/sudoers/pwutil.c:269
+#: plugins/sudoers/pwutil.c:346 plugins/sudoers/pwutil.c:520
+#: plugins/sudoers/pwutil.c:586 plugins/sudoers/pwutil.c:656
+#: plugins/sudoers/pwutil.c:814 plugins/sudoers/pwutil.c:871
+#: plugins/sudoers/pwutil.c:916 plugins/sudoers/pwutil.c:974
+#: plugins/sudoers/sssd.c:152 plugins/sudoers/sssd.c:398
+#: plugins/sudoers/sssd.c:461 plugins/sudoers/sssd.c:505
+#: plugins/sudoers/sssd.c:552 plugins/sudoers/sssd.c:743
+#: plugins/sudoers/stubs.c:101 plugins/sudoers/stubs.c:109
+#: plugins/sudoers/sudoers.c:269 plugins/sudoers/sudoers.c:279
+#: plugins/sudoers/sudoers.c:288 plugins/sudoers/sudoers.c:330
+#: plugins/sudoers/sudoers.c:653 plugins/sudoers/sudoers.c:779
+#: plugins/sudoers/sudoers.c:823 plugins/sudoers/sudoers.c:1097
+#: plugins/sudoers/sudoers_debug.c:112 plugins/sudoers/sudoreplay.c:579
+#: plugins/sudoers/sudoreplay.c:582 plugins/sudoers/sudoreplay.c:1259
+#: plugins/sudoers/sudoreplay.c:1459 plugins/sudoers/sudoreplay.c:1463
+#: plugins/sudoers/testsudoers.c:134 plugins/sudoers/testsudoers.c:234
+#: plugins/sudoers/testsudoers.c:251 plugins/sudoers/testsudoers.c:585
+#: plugins/sudoers/timestamp.c:437 plugins/sudoers/timestamp.c:481
+#: plugins/sudoers/timestamp.c:958 plugins/sudoers/toke_util.c:57
+#: plugins/sudoers/toke_util.c:110 plugins/sudoers/toke_util.c:147
+#: plugins/sudoers/tsdump.c:128 plugins/sudoers/visudo.c:150
+#: plugins/sudoers/visudo.c:312 plugins/sudoers/visudo.c:318
+#: plugins/sudoers/visudo.c:428 plugins/sudoers/visudo.c:606
+#: plugins/sudoers/visudo.c:926 plugins/sudoers/visudo.c:1013
+#: plugins/sudoers/visudo.c:1102 toke.l:844 toke.l:945 toke.l:1102
+msgid "unable to allocate memory"
+msgstr "无法分配内存"
+
+#: gram.y:482
+msgid "a digest requires a path name"
+msgstr "摘要需要路径参数"
+
+#: gram.y:608
+msgid "invalid notbefore value"
+msgstr "无效的 notbefore 值"
+
+#: gram.y:616
+msgid "invalid notafter value"
+msgstr "无效的 notafter 值"
+
+#: gram.y:625 plugins/sudoers/policy.c:318
+msgid "timeout value too large"
+msgstr "超时值过大"
+
+#: gram.y:627 plugins/sudoers/policy.c:320
+msgid "invalid timeout value"
+msgstr "无效的超时值"
+
+#: gram.y:1294 plugins/sudoers/auth/pam.c:354 plugins/sudoers/auth/pam.c:524
+#: plugins/sudoers/auth/rfc1938.c:114 plugins/sudoers/cvtsudoers.c:123
+#: plugins/sudoers/cvtsudoers.c:163 plugins/sudoers/cvtsudoers.c:180
+#: plugins/sudoers/cvtsudoers.c:191 plugins/sudoers/cvtsudoers.c:303
+#: plugins/sudoers/cvtsudoers.c:431 plugins/sudoers/cvtsudoers.c:564
+#: plugins/sudoers/cvtsudoers.c:581 plugins/sudoers/cvtsudoers.c:645
+#: plugins/sudoers/cvtsudoers.c:760 plugins/sudoers/cvtsudoers.c:767
+#: plugins/sudoers/cvtsudoers.c:1178 plugins/sudoers/cvtsudoers.c:1182
+#: plugins/sudoers/cvtsudoers.c:1284 plugins/sudoers/cvtsudoers_ldif.c:151
+#: plugins/sudoers/cvtsudoers_ldif.c:194 plugins/sudoers/cvtsudoers_ldif.c:241
+#: plugins/sudoers/cvtsudoers_ldif.c:260 plugins/sudoers/cvtsudoers_ldif.c:331
+#: plugins/sudoers/cvtsudoers_ldif.c:386 plugins/sudoers/cvtsudoers_ldif.c:394
+#: plugins/sudoers/cvtsudoers_ldif.c:411 plugins/sudoers/cvtsudoers_ldif.c:420
+#: plugins/sudoers/cvtsudoers_ldif.c:567 plugins/sudoers/defaults.c:661
+#: plugins/sudoers/defaults.c:954 plugins/sudoers/defaults.c:1125
+#: plugins/sudoers/editor.c:70 plugins/sudoers/editor.c:88
+#: plugins/sudoers/editor.c:99 plugins/sudoers/env.c:247
+#: plugins/sudoers/filedigest.c:64 plugins/sudoers/filedigest.c:80
+#: plugins/sudoers/gc.c:57 plugins/sudoers/group_plugin.c:136
+#: plugins/sudoers/interfaces.c:76 plugins/sudoers/iolog.c:939
+#: plugins/sudoers/iolog_path.c:172 plugins/sudoers/iolog_util.c:83
+#: plugins/sudoers/iolog_util.c:122 plugins/sudoers/iolog_util.c:131
+#: plugins/sudoers/iolog_util.c:141 plugins/sudoers/iolog_util.c:149
+#: plugins/sudoers/iolog_util.c:153 plugins/sudoers/ldap.c:183
+#: plugins/sudoers/ldap.c:414 plugins/sudoers/ldap.c:418
+#: plugins/sudoers/ldap.c:430 plugins/sudoers/ldap.c:721
+#: plugins/sudoers/ldap.c:885 plugins/sudoers/ldap.c:1233
+#: plugins/sudoers/ldap.c:1660 plugins/sudoers/ldap.c:1697
+#: plugins/sudoers/ldap.c:1778 plugins/sudoers/ldap.c:1913
+#: plugins/sudoers/ldap.c:2014 plugins/sudoers/ldap.c:2030
+#: plugins/sudoers/ldap_conf.c:221 plugins/sudoers/ldap_conf.c:252
+#: plugins/sudoers/ldap_conf.c:304 plugins/sudoers/ldap_conf.c:340
+#: plugins/sudoers/ldap_conf.c:443 plugins/sudoers/ldap_conf.c:458
+#: plugins/sudoers/ldap_conf.c:555 plugins/sudoers/ldap_conf.c:588
+#: plugins/sudoers/ldap_conf.c:679 plugins/sudoers/ldap_conf.c:762
+#: plugins/sudoers/ldap_util.c:508 plugins/sudoers/ldap_util.c:564
+#: plugins/sudoers/linux_audit.c:81 plugins/sudoers/logging.c:195
+#: plugins/sudoers/logging.c:511 plugins/sudoers/logging.c:532
+#: plugins/sudoers/logging.c:572 plugins/sudoers/logging.c:1010
+#: plugins/sudoers/match.c:724 plugins/sudoers/match.c:771
+#: plugins/sudoers/match.c:813 plugins/sudoers/match.c:841
+#: plugins/sudoers/match.c:929 plugins/sudoers/match.c:1008
+#: plugins/sudoers/parse.c:194 plugins/sudoers/parse.c:206
+#: plugins/sudoers/parse.c:221 plugins/sudoers/parse.c:233
+#: plugins/sudoers/parse_ldif.c:140 plugins/sudoers/parse_ldif.c:167
+#: plugins/sudoers/parse_ldif.c:236 plugins/sudoers/parse_ldif.c:243
+#: plugins/sudoers/parse_ldif.c:248 plugins/sudoers/parse_ldif.c:324
+#: plugins/sudoers/parse_ldif.c:335 plugins/sudoers/parse_ldif.c:341
+#: plugins/sudoers/parse_ldif.c:366 plugins/sudoers/parse_ldif.c:378
+#: plugins/sudoers/parse_ldif.c:382 plugins/sudoers/parse_ldif.c:396
+#: plugins/sudoers/parse_ldif.c:564 plugins/sudoers/parse_ldif.c:593
+#: plugins/sudoers/parse_ldif.c:618 plugins/sudoers/parse_ldif.c:678
+#: plugins/sudoers/parse_ldif.c:697 plugins/sudoers/parse_ldif.c:743
+#: plugins/sudoers/parse_ldif.c:753 plugins/sudoers/policy.c:132
+#: plugins/sudoers/policy.c:141 plugins/sudoers/policy.c:150
+#: plugins/sudoers/policy.c:176 plugins/sudoers/policy.c:303
+#: plugins/sudoers/policy.c:318 plugins/sudoers/policy.c:320
+#: plugins/sudoers/policy.c:346 plugins/sudoers/policy.c:356
+#: plugins/sudoers/policy.c:400 plugins/sudoers/policy.c:410
+#: plugins/sudoers/policy.c:419 plugins/sudoers/policy.c:428
+#: plugins/sudoers/policy.c:502 plugins/sudoers/policy.c:744
+#: plugins/sudoers/prompt.c:98 plugins/sudoers/pwutil.c:197
+#: plugins/sudoers/pwutil.c:269 plugins/sudoers/pwutil.c:346
+#: plugins/sudoers/pwutil.c:520 plugins/sudoers/pwutil.c:586
+#: plugins/sudoers/pwutil.c:656 plugins/sudoers/pwutil.c:814
+#: plugins/sudoers/pwutil.c:871 plugins/sudoers/pwutil.c:916
+#: plugins/sudoers/pwutil.c:974 plugins/sudoers/set_perms.c:392
+#: plugins/sudoers/set_perms.c:771 plugins/sudoers/set_perms.c:1155
+#: plugins/sudoers/set_perms.c:1481 plugins/sudoers/set_perms.c:1646
+#: plugins/sudoers/sssd.c:151 plugins/sudoers/sssd.c:398
+#: plugins/sudoers/sssd.c:461 plugins/sudoers/sssd.c:505
+#: plugins/sudoers/sssd.c:552 plugins/sudoers/sssd.c:743
+#: plugins/sudoers/stubs.c:101 plugins/sudoers/stubs.c:109
+#: plugins/sudoers/sudoers.c:269 plugins/sudoers/sudoers.c:279
+#: plugins/sudoers/sudoers.c:288 plugins/sudoers/sudoers.c:330
+#: plugins/sudoers/sudoers.c:653 plugins/sudoers/sudoers.c:779
+#: plugins/sudoers/sudoers.c:823 plugins/sudoers/sudoers.c:1097
+#: plugins/sudoers/sudoers_debug.c:111 plugins/sudoers/sudoreplay.c:579
+#: plugins/sudoers/sudoreplay.c:582 plugins/sudoers/sudoreplay.c:1259
+#: plugins/sudoers/sudoreplay.c:1459 plugins/sudoers/sudoreplay.c:1463
+#: plugins/sudoers/testsudoers.c:134 plugins/sudoers/testsudoers.c:234
+#: plugins/sudoers/testsudoers.c:251 plugins/sudoers/testsudoers.c:585
+#: plugins/sudoers/timestamp.c:437 plugins/sudoers/timestamp.c:481
+#: plugins/sudoers/timestamp.c:958 plugins/sudoers/toke_util.c:57
+#: plugins/sudoers/toke_util.c:110 plugins/sudoers/toke_util.c:147
+#: plugins/sudoers/tsdump.c:128 plugins/sudoers/visudo.c:150
+#: plugins/sudoers/visudo.c:312 plugins/sudoers/visudo.c:318
+#: plugins/sudoers/visudo.c:428 plugins/sudoers/visudo.c:606
+#: plugins/sudoers/visudo.c:926 plugins/sudoers/visudo.c:1013
+#: plugins/sudoers/visudo.c:1102 toke.l:844 toke.l:945 toke.l:1102
+#, c-format
+msgid "%s: %s"
+msgstr "%s：%s"
+
+#: plugins/sudoers/alias.c:148
+#, c-format
+msgid "Alias \"%s\" already defined"
+msgstr "别名“%s”已定义过"
+
+#: plugins/sudoers/auth/bsdauth.c:73
+#, c-format
+msgid "unable to get login class for user %s"
+msgstr "无法获取用户 %s 的登录类别(login class)"
+
+#: plugins/sudoers/auth/bsdauth.c:78
+msgid "unable to begin bsd authentication"
+msgstr "无法开始 bsd 认证"
+
+#: plugins/sudoers/auth/bsdauth.c:86
+msgid "invalid authentication type"
+msgstr "无效的认证类型"
+
+#: plugins/sudoers/auth/bsdauth.c:95
+msgid "unable to initialize BSD authentication"
+msgstr "无法初始化 bsd 认证"
+
+#: plugins/sudoers/auth/bsdauth.c:183
+msgid "your account has expired"
+msgstr "您的账户已过期"
+
+#: plugins/sudoers/auth/bsdauth.c:185
+msgid "approval failed"
+msgstr "批准失败"
+
+#: plugins/sudoers/auth/fwtk.c:57
+msgid "unable to read fwtk config"
+msgstr "无法读取 fwtk 配置"
+
+#: plugins/sudoers/auth/fwtk.c:62
+msgid "unable to connect to authentication server"
+msgstr "无法连接到认证服务器"
+
+#: plugins/sudoers/auth/fwtk.c:68 plugins/sudoers/auth/fwtk.c:92
+#: plugins/sudoers/auth/fwtk.c:124
+msgid "lost connection to authentication server"
+msgstr "丢失了到认证服务器的连接"
+
+#: plugins/sudoers/auth/fwtk.c:72
+#, c-format
+msgid ""
+"authentication server error:\n"
+"%s"
+msgstr ""
+"认证服务器错误：\n"
+"%s"
+
+#: plugins/sudoers/auth/kerb5.c:113
+#, c-format
+msgid "%s: unable to convert principal to string ('%s'): %s"
+msgstr "%s：无法将主体(principal)转换为字符串(“%s”)：%s"
+
+#: plugins/sudoers/auth/kerb5.c:163
+#, c-format
+msgid "%s: unable to parse '%s': %s"
+msgstr "%s：无法解析“%s”：%s"
+
+#: plugins/sudoers/auth/kerb5.c:172
+#, c-format
+msgid "%s: unable to resolve credential cache: %s"
+msgstr "%s：无法解析凭据缓存：%s"
+
+#: plugins/sudoers/auth/kerb5.c:219
+#, c-format
+msgid "%s: unable to allocate options: %s"
+msgstr "%s：无法分配选项：%s"
+
+#: plugins/sudoers/auth/kerb5.c:234
+#, c-format
+msgid "%s: unable to get credentials: %s"
+msgstr "%s：无法获取凭据：%s"
+
+#: plugins/sudoers/auth/kerb5.c:247
+#, c-format
+msgid "%s: unable to initialize credential cache: %s"
+msgstr "%s：无法初始化凭据缓存：%s"
+
+#: plugins/sudoers/auth/kerb5.c:250
+#, c-format
+msgid "%s: unable to store credential in cache: %s"
+msgstr "%s：无法在缓存中储存凭据：%s"
+
+#: plugins/sudoers/auth/kerb5.c:314
+#, c-format
+msgid "%s: unable to get host principal: %s"
+msgstr "%s：无法获取主机主体(principal)：%s"
+
+#: plugins/sudoers/auth/kerb5.c:328
+#, c-format
+msgid "%s: Cannot verify TGT! Possible attack!: %s"
+msgstr "%s：无法验证目标！可能遭到了攻击！：%s"
+
+#: plugins/sudoers/auth/pam.c:113
+msgid "unable to initialize PAM"
+msgstr "无法初始化 PAM"
+
+#: plugins/sudoers/auth/pam.c:204
+#, c-format
+msgid "PAM authentication error: %s"
+msgstr "PAM 认证出错：%s"
+
+#: plugins/sudoers/auth/pam.c:221
+msgid "account validation failure, is your account locked?"
+msgstr "账户验证失败，您的账户是不是上锁了？"
+
+#: plugins/sudoers/auth/pam.c:229
+msgid "Account or password is expired, reset your password and try again"
+msgstr "账户或密码过期，重置您的密码并重试"
+
+#: plugins/sudoers/auth/pam.c:238
+#, c-format
+msgid "unable to change expired password: %s"
+msgstr "无法更改过期的密码：%s"
+
+#: plugins/sudoers/auth/pam.c:246
+msgid "Password expired, contact your system administrator"
+msgstr "密码过期，联系您的系统管理员"
+
+#: plugins/sudoers/auth/pam.c:250
+msgid "Account expired or PAM config lacks an \"account\" section for sudo, contact your system administrator"
+msgstr "账户过期，或 PAM 配置缺少 sudo 使用的“account”节，联系您的系统管理员"
+
+#: plugins/sudoers/auth/pam.c:257 plugins/sudoers/auth/pam.c:262
+#, c-format
+msgid "PAM account management error: %s"
+msgstr "PAM 账户管理出错：%s"
+
+#: plugins/sudoers/auth/rfc1938.c:102 plugins/sudoers/visudo.c:232
+#, c-format
+msgid "you do not exist in the %s database"
+msgstr "%s 数据库中没有您"
+
+#: plugins/sudoers/auth/securid5.c:75
+msgid "failed to initialise the ACE API library"
+msgstr "初始化 ACE API 库失败"
+
+#: plugins/sudoers/auth/securid5.c:101
+msgid "unable to contact the SecurID server"
+msgstr "无法联络 SecurID 服务器"
+
+#: plugins/sudoers/auth/securid5.c:110
+msgid "User ID locked for SecurID Authentication"
+msgstr "为进行 SecurID 认证，已锁定用户 ID"
+
+#: plugins/sudoers/auth/securid5.c:114 plugins/sudoers/auth/securid5.c:165
+msgid "invalid username length for SecurID"
+msgstr "SecurID 的用户名长度无效"
+
+#: plugins/sudoers/auth/securid5.c:118 plugins/sudoers/auth/securid5.c:170
+msgid "invalid Authentication Handle for SecurID"
+msgstr "SecurID 的认证句柄无效"
+
+#: plugins/sudoers/auth/securid5.c:122
+msgid "SecurID communication failed"
+msgstr "SecurID 通讯失败"
+
+#: plugins/sudoers/auth/securid5.c:126 plugins/sudoers/auth/securid5.c:215
+msgid "unknown SecurID error"
+msgstr "未知的 SecurID 错误"
+
+#: plugins/sudoers/auth/securid5.c:160
+msgid "invalid passcode length for SecurID"
+msgstr "无效的 SecurID 密码长度"
+
+#: plugins/sudoers/auth/sia.c:72 plugins/sudoers/auth/sia.c:127
+msgid "unable to initialize SIA session"
+msgstr "无法初始化 SIA 会话"
+
+#: plugins/sudoers/auth/sudo_auth.c:136
+msgid "invalid authentication methods"
+msgstr "无效的认证方法"
+
+#: plugins/sudoers/auth/sudo_auth.c:138
+msgid "Invalid authentication methods compiled into sudo!  You may not mix standalone and non-standalone authentication."
+msgstr "编译进 sudo 的认证方法无效！您不能混用独立和非独立认证。"
+
+#: plugins/sudoers/auth/sudo_auth.c:259 plugins/sudoers/auth/sudo_auth.c:309
+msgid "no authentication methods"
+msgstr "无认证方法"
+
+#: plugins/sudoers/auth/sudo_auth.c:261
+msgid "There are no authentication methods compiled into sudo!  If you want to turn off authentication, use the --disable-authentication configure option."
+msgstr "sudo 编译时没有加入任何认证方法！如果您想关闭认证，使用 --disable-authentication 配置选项。"
+
+#: plugins/sudoers/auth/sudo_auth.c:311
+msgid "Unable to initialize authentication methods."
+msgstr "无法初始化认证方法。"
+
+#: plugins/sudoers/auth/sudo_auth.c:477
+msgid "Authentication methods:"
+msgstr "认证方法："
+
+#: plugins/sudoers/bsm_audit.c:123 plugins/sudoers/bsm_audit.c:215
+msgid "Could not determine audit condition"
+msgstr "无法确定审核条件"
+
+#: plugins/sudoers/bsm_audit.c:188 plugins/sudoers/bsm_audit.c:279
+msgid "unable to commit audit record"
+msgstr "无法提交审核记录"
+
+#: plugins/sudoers/check.c:267
+msgid ""
+"\n"
+"We trust you have received the usual lecture from the local System\n"
+"Administrator. It usually boils down to these three things:\n"
+"\n"
+"    #1) Respect the privacy of others.\n"
+"    #2) Think before you type.\n"
+"    #3) With great power comes great responsibility.\n"
+"\n"
+msgstr ""
+"\n"
+"我们信任您已经从系统管理员那里了解了日常注意事项。\n"
+"总结起来无外乎这三点：\n"
+"\n"
+"    #1) 尊重别人的隐私。\n"
+"    #2) 输入前要先考虑(后果和风险)。\n"
+"    #3) 权力越大，责任越大。\n"
+"\n"
+
+#: plugins/sudoers/check.c:310 plugins/sudoers/check.c:320
+#: plugins/sudoers/sudoers.c:696 plugins/sudoers/sudoers.c:741
+#: plugins/sudoers/tsdump.c:124
+#, c-format
+msgid "unknown uid: %u"
+msgstr "未知的用户 ID：%u"
+
+#: plugins/sudoers/check.c:315 plugins/sudoers/iolog.c:253
+#: plugins/sudoers/policy.c:915 plugins/sudoers/sudoers.c:1136
+#: plugins/sudoers/testsudoers.c:225 plugins/sudoers/testsudoers.c:398
+#, c-format
+msgid "unknown user: %s"
+msgstr "未知用户：%s"
+
+#: plugins/sudoers/cvtsudoers.c:198
+#, c-format
+msgid "order increment: %s: %s"
+msgstr "顺序增量：%s: %s"
+
+#: plugins/sudoers/cvtsudoers.c:214
+#, c-format
+msgid "starting order: %s: %s"
+msgstr "起始顺序：%s：%s"
+
+#: plugins/sudoers/cvtsudoers.c:224
+#, c-format
+msgid "order padding: %s: %s"
+msgstr "顺序填充：%s: %s"
+
+#: plugins/sudoers/cvtsudoers.c:232 plugins/sudoers/sudoreplay.c:287
+#: plugins/sudoers/visudo.c:182
+#, c-format
+msgid "%s version %s\n"
+msgstr "%s 版本 %s\n"
+
+#: plugins/sudoers/cvtsudoers.c:234 plugins/sudoers/visudo.c:184
+#, c-format
+msgid "%s grammar version %d\n"
+msgstr "%s 语法版本 %d\n"
+
+#: plugins/sudoers/cvtsudoers.c:251 plugins/sudoers/testsudoers.c:173
+#, c-format
+msgid "unsupported input format %s"
+msgstr "不支持的输入格式 %s"
+
+#: plugins/sudoers/cvtsudoers.c:266
+#, c-format
+msgid "unsupported output format %s"
+msgstr "不支持的输出格式 %s"
+
+#: plugins/sudoers/cvtsudoers.c:318
+#, c-format
+msgid "%s: input and output files must be different"
+msgstr "%s：输入和输出文件不能相同"
+
+#: plugins/sudoers/cvtsudoers.c:334 plugins/sudoers/sudoers.c:172
+#: plugins/sudoers/testsudoers.c:264 plugins/sudoers/visudo.c:238
+#: plugins/sudoers/visudo.c:594 plugins/sudoers/visudo.c:917
+msgid "unable to initialize sudoers default values"
+msgstr "无法初始化 sudoers 默认值"
+
+#: plugins/sudoers/cvtsudoers.c:420 plugins/sudoers/ldap_conf.c:433
+#, c-format
+msgid "%s: %s: %s: %s"
+msgstr "%s：%s：%s：%s"
+
+#: plugins/sudoers/cvtsudoers.c:479
+#, c-format
+msgid "%s: unknown key word: %s"
+msgstr "%s：未知的关键词：%s"
+
+#: plugins/sudoers/cvtsudoers.c:525
+#, c-format
+msgid "invalid defaults type: %s"
+msgstr "无效的默认值类型：%s"
+
+#: plugins/sudoers/cvtsudoers.c:548
+#, c-format
+msgid "invalid suppression type: %s"
+msgstr "无效的压缩类型：%s"
+
+#: plugins/sudoers/cvtsudoers.c:588 plugins/sudoers/cvtsudoers.c:602
+#, c-format
+msgid "invalid filter: %s"
+msgstr "无效的过滤器：%s"
+
+#: plugins/sudoers/cvtsudoers.c:621 plugins/sudoers/cvtsudoers.c:638
+#: plugins/sudoers/cvtsudoers.c:1244 plugins/sudoers/cvtsudoers_json.c:1128
+#: plugins/sudoers/cvtsudoers_ldif.c:641 plugins/sudoers/iolog.c:411
+#: plugins/sudoers/iolog_util.c:72 plugins/sudoers/sudoers.c:903
+#: plugins/sudoers/sudoreplay.c:333 plugins/sudoers/sudoreplay.c:1425
+#: plugins/sudoers/timestamp.c:446 plugins/sudoers/tsdump.c:133
+#: plugins/sudoers/visudo.c:913
+#, c-format
+msgid "unable to open %s"
+msgstr "无法打开 %s"
+
+#: plugins/sudoers/cvtsudoers.c:641 plugins/sudoers/visudo.c:922
+#, c-format
+msgid "failed to parse %s file, unknown error"
+msgstr "解析 %s 文件失败，未知错误"
+
+#: plugins/sudoers/cvtsudoers.c:649 plugins/sudoers/visudo.c:939
+#, c-format
+msgid "parse error in %s near line %d\n"
+msgstr "%s 中第 %d 行附近出现解析错误\n"
+
+#: plugins/sudoers/cvtsudoers.c:652 plugins/sudoers/visudo.c:942
+#, c-format
+msgid "parse error in %s\n"
+msgstr "%s 中出现解析错误\n"
+
+#: plugins/sudoers/cvtsudoers.c:1291 plugins/sudoers/iolog.c:498
+#: plugins/sudoers/sudoreplay.c:1129 plugins/sudoers/timestamp.c:330
+#: plugins/sudoers/timestamp.c:333
+#, c-format
+msgid "unable to write to %s"
+msgstr "无法写入 %s"
+
+#: plugins/sudoers/cvtsudoers.c:1314
+#, c-format
+msgid ""
+"%s - convert between sudoers file formats\n"
+"\n"
+msgstr ""
+"%s - 转换 sudoers 文件格式\n"
+"\n"
+
+#: plugins/sudoers/cvtsudoers.c:1316
+msgid ""
+"\n"
+"Options:\n"
+"  -b, --base=dn              the base DN for sudo LDAP queries\n"
+"  -d, --defaults=deftypes    only convert Defaults of the specified types\n"
+"  -e, --expand-aliases       expand aliases when converting\n"
+"  -f, --output-format=format set output format: JSON, LDIF or sudoers\n"
+"  -i, --input-format=format  set input format: LDIF or sudoers\n"
+"  -I, --increment=num        amount to increase each sudoOrder by\n"
+"  -h, --help                 display help message and exit\n"
+"  -m, --match=filter         only convert entries that match the filter\n"
+"  -M, --match-local          match filter uses passwd and group databases\n"
+"  -o, --output=output_file   write converted sudoers to output_file\n"
+"  -O, --order-start=num      starting point for first sudoOrder\n"
+"  -p, --prune-matches        prune non-matching users, groups and hosts\n"
+"  -P, --padding=num          base padding for sudoOrder increment\n"
+"  -s, --suppress=sections    suppress output of certain sections\n"
+"  -V, --version              display version information and exit"
+msgstr ""
+"\n"
+"选项：\n"
+"  -b, --base=dn              用于 sudo LDAP 查询的基础 DN\n"
+"  -d, --defaults=deftypes    只转换指定类型的默认值\n"
+"  -e, --expand-aliases       在转换时展开别名\n"
+"  -f, --output-format=format 设置输出格式：JSON、LDIF 或 sudoers\n"
+"  -i, --input-format=format  设置输入格式：LDIF 或 sudoers\n"
+"  -I, --increment=num        每个 sudoOrder 的增加量\n"
+"  -h, --help                 显示帮助消息并退出\n"
+"  -m, --match=filter         只转换与过滤器匹配的条目\n"
+"  -M, --match-local          让匹配过滤器使用 passwd 和 group 数据库\n"
+"  -o, --output=output_file   将转换后的 sudoers 写入 output_file\n"
+"  -O, --order-start=num      第一个 sudoOrder 的起点\n"
+"  -p, --prune-matches        清理不匹配的用户、组和主机\n"
+"  -P, --padding=num          sudoOrder 的增加基数\n"
+"  -s, --suppress=sections    压缩某些部分的输出\n"
+"  -V, --version              显示版本信息并退出"
+
+#: plugins/sudoers/cvtsudoers_json.c:682 plugins/sudoers/cvtsudoers_json.c:718
+#: plugins/sudoers/cvtsudoers_json.c:936
+#, c-format
+msgid "unknown defaults entry \"%s\""
+msgstr "未知的默认条目“%s”"
+
+#: plugins/sudoers/cvtsudoers_json.c:856 plugins/sudoers/cvtsudoers_json.c:871
+#: plugins/sudoers/cvtsudoers_ldif.c:306 plugins/sudoers/cvtsudoers_ldif.c:317
+#: plugins/sudoers/ldap.c:480
+msgid "unable to get GMT time"
+msgstr "无法获取 GMT 时间"
+
+#: plugins/sudoers/cvtsudoers_json.c:859 plugins/sudoers/cvtsudoers_json.c:874
+#: plugins/sudoers/cvtsudoers_ldif.c:309 plugins/sudoers/cvtsudoers_ldif.c:320
+#: plugins/sudoers/ldap.c:486
+msgid "unable to format timestamp"
+msgstr "无法格式化时间戳"
+
+#: plugins/sudoers/cvtsudoers_ldif.c:524 plugins/sudoers/env.c:309
+#: plugins/sudoers/env.c:316 plugins/sudoers/env.c:421
+#: plugins/sudoers/ldap.c:494 plugins/sudoers/ldap.c:725
+#: plugins/sudoers/ldap.c:1052 plugins/sudoers/ldap_conf.c:225
+#: plugins/sudoers/ldap_conf.c:315 plugins/sudoers/linux_audit.c:87
+#: plugins/sudoers/logging.c:1015 plugins/sudoers/policy.c:623
+#: plugins/sudoers/policy.c:633 plugins/sudoers/prompt.c:166
+#: plugins/sudoers/sudoers.c:845 plugins/sudoers/testsudoers.c:255
+#: plugins/sudoers/toke_util.c:159
+#, c-format
+msgid "internal error, %s overflow"
+msgstr "内部错误，%s 溢出"
+
+#: plugins/sudoers/cvtsudoers_ldif.c:593
+#, c-format
+msgid "too many sudoers entries, maximum %u"
+msgstr "sudoers 条目过多，最多为 %u"
+
+#: plugins/sudoers/cvtsudoers_ldif.c:636
+msgid "the SUDOERS_BASE environment variable is not set and the -b option was not specified."
+msgstr "没有设置 SUDOERS_BASE 环境变量，并且没有指定 -b 选项。"
+
+#: plugins/sudoers/def_data.c:42
+#, c-format
+msgid "Syslog facility if syslog is being used for logging: %s"
+msgstr "若使用了 syslog，用于记录日志的 syslog 设施：%s"
+
+#: plugins/sudoers/def_data.c:46
+#, c-format
+msgid "Syslog priority to use when user authenticates successfully: %s"
+msgstr "用户认证成功时使用的 syslog 优先级：%s"
+
+#: plugins/sudoers/def_data.c:50
+#, c-format
+msgid "Syslog priority to use when user authenticates unsuccessfully: %s"
+msgstr "用户认证不成功时使用的 syslog 优先级：%s"
+
+#: plugins/sudoers/def_data.c:54
+msgid "Put OTP prompt on its own line"
+msgstr "将 OPT 提示放在独自的行中"
+
+#: plugins/sudoers/def_data.c:58
+msgid "Ignore '.' in $PATH"
+msgstr "忽略 $PATH 中的“.”"
+
+#: plugins/sudoers/def_data.c:62
+msgid "Always send mail when sudo is run"
+msgstr "在运行 sudo 时总是发送邮件"
+
+#: plugins/sudoers/def_data.c:66
+msgid "Send mail if user authentication fails"
+msgstr "在用户认证失败时发送邮件"
+
+#: plugins/sudoers/def_data.c:70
+msgid "Send mail if the user is not in sudoers"
+msgstr "在用户不在 sudoers 列表中时发送邮件"
+
+#: plugins/sudoers/def_data.c:74
+msgid "Send mail if the user is not in sudoers for this host"
+msgstr "在用户不在此主机的 sudoers 列表中时发送邮件"
+
+#: plugins/sudoers/def_data.c:78
+msgid "Send mail if the user is not allowed to run a command"
+msgstr "在用户不允许执行某个命令时发送邮件"
+
+#: plugins/sudoers/def_data.c:82
+msgid "Send mail if the user tries to run a command"
+msgstr "在用户尝试执行某个命令时发送邮件"
+
+#: plugins/sudoers/def_data.c:86
+msgid "Use a separate timestamp for each user/tty combo"
+msgstr "对每个用户/终端组合使用独立的时间戳"
+
+#: plugins/sudoers/def_data.c:90
+msgid "Lecture user the first time they run sudo"
+msgstr "在用户第一次运行 sudo 时向他致辞"
+
+#: plugins/sudoers/def_data.c:94
+#, c-format
+msgid "File containing the sudo lecture: %s"
+msgstr "包含 sudo 致辞的文件：%s"
+
+#: plugins/sudoers/def_data.c:98
+msgid "Require users to authenticate by default"
+msgstr "默认要求用户认证"
+
+#: plugins/sudoers/def_data.c:102
+msgid "Root may run sudo"
+msgstr "root 可以运行 sudo"
+
+#: plugins/sudoers/def_data.c:106
+msgid "Log the hostname in the (non-syslog) log file"
+msgstr "将主机名记录在(非 syslog)的日志文件中"
+
+#: plugins/sudoers/def_data.c:110
+msgid "Log the year in the (non-syslog) log file"
+msgstr "将年份记录在(非 syslog)的日志文件中"
+
+#: plugins/sudoers/def_data.c:114
+msgid "If sudo is invoked with no arguments, start a shell"
+msgstr "如果不带参数调用 sudo，启动一个 shell"
+
+#: plugins/sudoers/def_data.c:118
+msgid "Set $HOME to the target user when starting a shell with -s"
+msgstr "若使用 -s 选项启动 shell，将 $HOME 设为目标用户的主目录"
+
+#: plugins/sudoers/def_data.c:122
+msgid "Always set $HOME to the target user's home directory"
+msgstr "总是将 $HOME 设为目标用户的主目录"
+
+#: plugins/sudoers/def_data.c:126
+msgid "Allow some information gathering to give useful error messages"
+msgstr "允许收集一些信息，以提供有用的错误消息"
+
+#: plugins/sudoers/def_data.c:130
+msgid "Require fully-qualified hostnames in the sudoers file"
+msgstr "要求 sudoers 文件中包含完全限定的主机名"
+
+#: plugins/sudoers/def_data.c:134
+msgid "Insult the user when they enter an incorrect password"
+msgstr "在用户输入错误密码时对他们进行(玩笑式的)嘲讽"
+
+#: plugins/sudoers/def_data.c:138
+msgid "Only allow the user to run sudo if they have a tty"
+msgstr "只允许拥有终端的用户执行 sudo"
+
+#: plugins/sudoers/def_data.c:142
+msgid "Visudo will honor the EDITOR environment variable"
+msgstr "Visudo 将优先考虑 EDITOR 环境变量"
+
+#: plugins/sudoers/def_data.c:146
+msgid "Prompt for root's password, not the users's"
+msgstr "询问 root 用户的密码而非用户的密码"
+
+#: plugins/sudoers/def_data.c:150
+msgid "Prompt for the runas_default user's password, not the users's"
+msgstr "询问 runas_default 用户的密码，而非用户密码"
+
+#: plugins/sudoers/def_data.c:154
+msgid "Prompt for the target user's password, not the users's"
+msgstr "询问目标用户的密码，而非用户密码"
+
+#: plugins/sudoers/def_data.c:158
+msgid "Apply defaults in the target user's login class if there is one"
+msgstr "应用目标用户登录类别中的默认设置，如果没有设置的话"
+
+#: plugins/sudoers/def_data.c:162
+msgid "Set the LOGNAME and USER environment variables"
+msgstr "设置 LOGNAME 和 USER 环境变量"
+
+#: plugins/sudoers/def_data.c:166
+msgid "Only set the effective uid to the target user, not the real uid"
+msgstr "只将有效用户 ID 设为目标用户的，而不是实际用户 ID"
+
+#: plugins/sudoers/def_data.c:170
+msgid "Don't initialize the group vector to that of the target user"
+msgstr "不将组向量初始化为目标用户的"
+
+#: plugins/sudoers/def_data.c:174
+#, c-format
+msgid "Length at which to wrap log file lines (0 for no wrap): %u"
+msgstr "日志文件折行的长度(0 则不折行)：%u"
+
+#: plugins/sudoers/def_data.c:178
+#, c-format
+msgid "Authentication timestamp timeout: %.1f minutes"
+msgstr "认证时间戳延时：%.1f 分钟"
+
+#: plugins/sudoers/def_data.c:182
+#, c-format
+msgid "Password prompt timeout: %.1f minutes"
+msgstr "密码提示延时：%.1f 分钟"
+
+#: plugins/sudoers/def_data.c:186
+#, c-format
+msgid "Number of tries to enter a password: %u"
+msgstr "输入密码的尝试次数：%u"
+
+#: plugins/sudoers/def_data.c:190
+#, c-format
+msgid "Umask to use or 0777 to use user's: 0%o"
+msgstr "要使用的 umask，或 0777 使用用户的：0%o"
+
+#: plugins/sudoers/def_data.c:194
+#, c-format
+msgid "Path to log file: %s"
+msgstr "日志文件路径：%s"
+
+#: plugins/sudoers/def_data.c:198
+#, c-format
+msgid "Path to mail program: %s"
+msgstr "邮件程序路径：%s"
+
+#: plugins/sudoers/def_data.c:202
+#, c-format
+msgid "Flags for mail program: %s"
+msgstr "邮件程序标志：%s"
+
+#: plugins/sudoers/def_data.c:206
+#, c-format
+msgid "Address to send mail to: %s"
+msgstr "发送邮件的地址：%s"
+
+#: plugins/sudoers/def_data.c:210
+#, c-format
+msgid "Address to send mail from: %s"
+msgstr "接收邮件的地址：%s"
+
+#: plugins/sudoers/def_data.c:214
+#, c-format
+msgid "Subject line for mail messages: %s"
+msgstr "邮件消息的主题行：%s"
+
+#: plugins/sudoers/def_data.c:218
+#, c-format
+msgid "Incorrect password message: %s"
+msgstr "密码错误消息：%s"
+
+#: plugins/sudoers/def_data.c:222
+#, c-format
+msgid "Path to lecture status dir: %s"
+msgstr "致辞(lecture)状态文件夹的路径：%s"
+
+#: plugins/sudoers/def_data.c:226
+#, c-format
+msgid "Path to authentication timestamp dir: %s"
+msgstr "认证时间戳文件夹的路径：%s"
+
+#: plugins/sudoers/def_data.c:230
+#, c-format
+msgid "Owner of the authentication timestamp dir: %s"
+msgstr "认证时间戳的所有者：%s"
+
+#: plugins/sudoers/def_data.c:234
+#, c-format
+msgid "Users in this group are exempt from password and PATH requirements: %s"
+msgstr "此组的用户不要求密码和 PATH：%s"
+
+#: plugins/sudoers/def_data.c:238
+#, c-format
+msgid "Default password prompt: %s"
+msgstr "默认密码提示：%s"
+
+#: plugins/sudoers/def_data.c:242
+msgid "If set, passprompt will override system prompt in all cases."
+msgstr "如果设置，密码提示将覆盖各种情况下的系统提示。"
+
+#: plugins/sudoers/def_data.c:246
+#, c-format
+msgid "Default user to run commands as: %s"
+msgstr "运行命令的默认用户：%s"
+
+#: plugins/sudoers/def_data.c:250
+#, c-format
+msgid "Value to override user's $PATH with: %s"
+msgstr "覆盖用户的 $PATH 变量的值：%s"
+
+#: plugins/sudoers/def_data.c:254
+#, c-format
+msgid "Path to the editor for use by visudo: %s"
+msgstr "visudo 所使用的编辑器的路径：%s"
+
+#: plugins/sudoers/def_data.c:258
+#, c-format
+msgid "When to require a password for 'list' pseudocommand: %s"
+msgstr "何时为“list”伪命令请求密码：%s"
+
+#: plugins/sudoers/def_data.c:262
+#, c-format
+msgid "When to require a password for 'verify' pseudocommand: %s"
+msgstr "何时为“verify”伪命令请求密码：%s"
+
+#: plugins/sudoers/def_data.c:266
+msgid "Preload the dummy exec functions contained in the sudo_noexec library"
+msgstr "预加载“sudo_noexec”库中包含的哑 exec 函数"
+
+#: plugins/sudoers/def_data.c:270
+msgid "If LDAP directory is up, do we ignore local sudoers file"
+msgstr "如果 LDAP 目录有效，是不是忽略本地的 sudoers 文件"
+
+#: plugins/sudoers/def_data.c:274
+#, c-format
+msgid "File descriptors >= %d will be closed before executing a command"
+msgstr ">= %d 的文件描述符将会在执行命令前关闭"
+
+#: plugins/sudoers/def_data.c:278
+msgid "If set, users may override the value of `closefrom' with the -C option"
+msgstr "如果设置，用户可以通过 -C 选项覆盖“closefrom”的值"
+
+#: plugins/sudoers/def_data.c:282
+msgid "Allow users to set arbitrary environment variables"
+msgstr "允许用户设置任意的环境变量"
+
+#: plugins/sudoers/def_data.c:286
+msgid "Reset the environment to a default set of variables"
+msgstr "将环境重设为默认的变量集"
+
+#: plugins/sudoers/def_data.c:290
+msgid "Environment variables to check for sanity:"
+msgstr "要检查完整性的环境变量："
+
+#: plugins/sudoers/def_data.c:294
+msgid "Environment variables to remove:"
+msgstr "要移除的环境变量："
+
+#: plugins/sudoers/def_data.c:298
+msgid "Environment variables to preserve:"
+msgstr "要保留的环境变量："
+
+#: plugins/sudoers/def_data.c:302
+#, c-format
+msgid "SELinux role to use in the new security context: %s"
+msgstr "在新的安全环境中使用的 SELinux 角色：%s"
+
+#: plugins/sudoers/def_data.c:306
+#, c-format
+msgid "SELinux type to use in the new security context: %s"
+msgstr "在新的安全环境中使用的 SELinux 类型：%s"
+
+#: plugins/sudoers/def_data.c:310
+#, c-format
+msgid "Path to the sudo-specific environment file: %s"
+msgstr "sudo 特定环境文件的路径：%s"
+
+#: plugins/sudoers/def_data.c:314
+#, c-format
+msgid "Path to the restricted sudo-specific environment file: %s"
+msgstr "受限的 sudo 特定环境文件的路径：%s"
+
+#: plugins/sudoers/def_data.c:318
+#, c-format
+msgid "Locale to use while parsing sudoers: %s"
+msgstr "解析 sudoers 时使用的区域设置：%s"
+
+#: plugins/sudoers/def_data.c:322
+msgid "Allow sudo to prompt for a password even if it would be visible"
+msgstr "允许 sudo 询问密码，即使它不可见"
+
+#: plugins/sudoers/def_data.c:326
+msgid "Provide visual feedback at the password prompt when there is user input"
+msgstr "用户在询问密码窗口输入时提供视觉反馈"
+
+#: plugins/sudoers/def_data.c:330
+msgid "Use faster globbing that is less accurate but does not access the filesystem"
+msgstr "使用不太精确但不访问文件系统的较快通配方法"
+
+#: plugins/sudoers/def_data.c:334
+msgid "The umask specified in sudoers will override the user's, even if it is more permissive"
+msgstr "sudoers 中指定的 umask 会覆盖用户的，即使它允许的权限更多"
+
+#: plugins/sudoers/def_data.c:338
+msgid "Log user's input for the command being run"
+msgstr "记录用户在所执行命令中的输入"
+
+#: plugins/sudoers/def_data.c:342
+msgid "Log the output of the command being run"
+msgstr "记录所执行命令的输出"
+
+#: plugins/sudoers/def_data.c:346
+msgid "Compress I/O logs using zlib"
+msgstr "使用 zlib 压缩 I/O 日志"
+
+#: plugins/sudoers/def_data.c:350
+msgid "Always run commands in a pseudo-tty"
+msgstr "总是在伪终端中运行命令"
+
+#: plugins/sudoers/def_data.c:354
+#, c-format
+msgid "Plugin for non-Unix group support: %s"
+msgstr "用于非 Unix 组支持的插件：%s"
+
+#: plugins/sudoers/def_data.c:358
+#, c-format
+msgid "Directory in which to store input/output logs: %s"
+msgstr "用于保存输入/输出日志的目录：%s"
+
+#: plugins/sudoers/def_data.c:362
+#, c-format
+msgid "File in which to store the input/output log: %s"
+msgstr "用于保存输入/输出日志的文件：%s"
+
+#: plugins/sudoers/def_data.c:366
+msgid "Add an entry to the utmp/utmpx file when allocating a pty"
+msgstr "在分配伪终端时向 utmp/utmpx 文件中添加一条记录"
+
+#: plugins/sudoers/def_data.c:370
+msgid "Set the user in utmp to the runas user, not the invoking user"
+msgstr "将 utmp 中的用户设为 runas 用户，而不是调用用户"
+
+#: plugins/sudoers/def_data.c:374
+#, c-format
+msgid "Set of permitted privileges: %s"
+msgstr "允许权限的集合：%s"
+
+#: plugins/sudoers/def_data.c:378
+#, c-format
+msgid "Set of limit privileges: %s"
+msgstr "限制权限的集合：%s"
+
+#: plugins/sudoers/def_data.c:382
+msgid "Run commands on a pty in the background"
+msgstr "在后台的伪终端上运行命令"
+
+#: plugins/sudoers/def_data.c:386
+#, c-format
+msgid "PAM service name to use: %s"
+msgstr "要使用的 PAM 服务名称：%s"
+
+#: plugins/sudoers/def_data.c:390
+#, c-format
+msgid "PAM service name to use for login shells: %s"
+msgstr "用于登录 shell 的 PAM 服务名称：%s"
+
+#: plugins/sudoers/def_data.c:394
+msgid "Attempt to establish PAM credentials for the target user"
+msgstr "尝试为目标用户建立 PAM 凭据"
+
+#: plugins/sudoers/def_data.c:398
+msgid "Create a new PAM session for the command to run in"
+msgstr "创建一个新的 PAM 会话来运行该命令"
+
+#: plugins/sudoers/def_data.c:402
+#, c-format
+msgid "Maximum I/O log sequence number: %u"
+msgstr "最大 I/O 日志序列号：%u"
+
+#: plugins/sudoers/def_data.c:406
+msgid "Enable sudoers netgroup support"
+msgstr "启用 support netgroup 支持"
+
+#: plugins/sudoers/def_data.c:410
+msgid "Check parent directories for writability when editing files with sudoedit"
+msgstr "在使用 sudoedit 编辑文件时检查上级目录是否可写"
+
+#: plugins/sudoers/def_data.c:414
+msgid "Follow symbolic links when editing files with sudoedit"
+msgstr "使用 sudoedit 编辑文件时循符号连接(定位到原文件)"
+
+#: plugins/sudoers/def_data.c:418
+msgid "Query the group plugin for unknown system groups"
+msgstr "通过 组 插件查询未知的系统组"
+
+#: plugins/sudoers/def_data.c:422
+msgid "Match netgroups based on the entire tuple: user, host and domain"
+msgstr "基于整个元组（用户、主机和域）来匹配网络组"
+
+#: plugins/sudoers/def_data.c:426
+msgid "Allow commands to be run even if sudo cannot write to the audit log"
+msgstr "即使 sudo 无法写入审核日志也允许命令运行"
+
+#: plugins/sudoers/def_data.c:430
+msgid "Allow commands to be run even if sudo cannot write to the I/O log"
+msgstr "即使 sudo 无法写入 I/O 日志也允许命令运行"
+
+#: plugins/sudoers/def_data.c:434
+msgid "Allow commands to be run even if sudo cannot write to the log file"
+msgstr "即使 sudo 无法写入日志文件也允许命令允许"
+
+#: plugins/sudoers/def_data.c:438
+msgid "Resolve groups in sudoers and match on the group ID, not the name"
+msgstr "解析 sudoers 中的组并与 组 ID (而不是名字) 匹配"
+
+#: plugins/sudoers/def_data.c:442
+#, c-format
+msgid "Log entries larger than this value will be split into multiple syslog messages: %u"
+msgstr "大于此数值的日志条目会分为多条 syslog 消息：%u"
+
+#: plugins/sudoers/def_data.c:446
+#, c-format
+msgid "User that will own the I/O log files: %s"
+msgstr "将拥有 I/O 日志文件的用户：%s"
+
+#: plugins/sudoers/def_data.c:450
+#, c-format
+msgid "Group that will own the I/O log files: %s"
+msgstr "将拥有 I/O 日志文件的组：%s"
+
+#: plugins/sudoers/def_data.c:454
+#, c-format
+msgid "File mode to use for the I/O log files: 0%o"
+msgstr "I/O 日志文件要使用的文件模式：0%o"
+
+#: plugins/sudoers/def_data.c:458
+#, c-format
+msgid "Execute commands by file descriptor instead of by path: %s"
+msgstr "根据文件描述符执行命令，而非根据路径：%s"
+
+#: plugins/sudoers/def_data.c:462
+msgid "Ignore unknown Defaults entries in sudoers instead of producing a warning"
+msgstr "忽略 sudoers 中未知的 Defaults 条目而非产生警告"
+
+#: plugins/sudoers/def_data.c:466
+#, c-format
+msgid "Time in seconds after which the command will be terminated: %u"
+msgstr "超过指定时间后终止命令(秒)：%u"
+
+#: plugins/sudoers/def_data.c:470
+msgid "Allow the user to specify a timeout on the command line"
+msgstr "允许用户在命令行中指定超时时间"
+
+#: plugins/sudoers/def_data.c:474
+msgid "Flush I/O log data to disk immediately instead of buffering it"
+msgstr "立即冲洗(flush) I/O 日志数据而非将其缓存"
+
+#: plugins/sudoers/def_data.c:478
+msgid "Include the process ID when logging via syslog"
+msgstr "通过 syslog 登录时包含进程 ID"
+
+#: plugins/sudoers/def_data.c:482
+#, c-format
+msgid "Type of authentication timestamp record: %s"
+msgstr "认证时间戳记录的类型：%s"
+
+#: plugins/sudoers/def_data.c:486
+#, c-format
+msgid "Authentication failure message: %s"
+msgstr "认证失败消息：%s"
+
+#: plugins/sudoers/def_data.c:490
+msgid "Ignore case when matching user names"
+msgstr "在匹配 用户 名时忽略大小写"
+
+#: plugins/sudoers/def_data.c:494
+msgid "Ignore case when matching group names"
+msgstr "在匹配 组 名时忽略大小写"
+
+#: plugins/sudoers/defaults.c:229
+#, c-format
+msgid "%s:%d unknown defaults entry \"%s\""
+msgstr "%s：%d 未知的默认条目“%s”"
+
+#: plugins/sudoers/defaults.c:232
+#, c-format
+msgid "%s: unknown defaults entry \"%s\""
+msgstr "%s：未知的默认条目“%s”"
+
+#: plugins/sudoers/defaults.c:275
+#, c-format
+msgid "%s:%d no value specified for \"%s\""
+msgstr "%s：%d 没有给“%s”指定值"
+
+#: plugins/sudoers/defaults.c:278
+#, c-format
+msgid "%s: no value specified for \"%s\""
+msgstr "%s：没有给“%s”指定值"
+
+#: plugins/sudoers/defaults.c:298
+#, c-format
+msgid "%s:%d values for \"%s\" must start with a '/'"
+msgstr "%s：%d “%s”的值必须以“/”开头"
+
+#: plugins/sudoers/defaults.c:301
+#, c-format
+msgid "%s: values for \"%s\" must start with a '/'"
+msgstr "%s：“%s”的值必须以“/”开头"
+
+#: plugins/sudoers/defaults.c:323
+#, c-format
+msgid "%s:%d option \"%s\" does not take a value"
+msgstr "%s：%d “%s”选项不带值"
+
+#: plugins/sudoers/defaults.c:326
+#, c-format
+msgid "%s: option \"%s\" does not take a value"
+msgstr "%s：“%s”选项不带值"
+
+#: plugins/sudoers/defaults.c:351
+#, c-format
+msgid "%s:%d invalid Defaults type 0x%x for option \"%s\""
+msgstr "%1$s：%2$d 选项“%4$s”的默认类型 0x%3$x 无效"
+
+#: plugins/sudoers/defaults.c:354
+#, c-format
+msgid "%s: invalid Defaults type 0x%x for option \"%s\""
+msgstr "%1$s：选项“%3$s”的默认类型 0x%2$x 无效"
+
+#: plugins/sudoers/defaults.c:364
+#, c-format
+msgid "%s:%d value \"%s\" is invalid for option \"%s\""
+msgstr "%1$s：%2$d 值“%3$s”对选项“%4$s”无效"
+
+#: plugins/sudoers/defaults.c:367
+#, c-format
+msgid "%s: value \"%s\" is invalid for option \"%s\""
+msgstr "%s：值“%s”对选项“%s”无效"
+
+#: plugins/sudoers/env.c:390
+msgid "sudo_putenv: corrupted envp, length mismatch"
+msgstr "sudo_putenv：envp 损坏，长度不符"
+
+#: plugins/sudoers/env.c:1111
+msgid "unable to rebuild the environment"
+msgstr "无法重建环境"
+
+#: plugins/sudoers/env.c:1185
+#, c-format
+msgid "sorry, you are not allowed to set the following environment variables: %s"
+msgstr "对不起，您无权设置以下环境变量：%s"
+
+#: plugins/sudoers/file.c:114
+#, c-format
+msgid "parse error in %s near line %d"
+msgstr "%s 中第 %d 行附近有解析错误"
+
+#: plugins/sudoers/file.c:117
+#, c-format
+msgid "parse error in %s"
+msgstr "%s 中出现解析错误"
+
+#: plugins/sudoers/filedigest.c:59
+#, c-format
+msgid "unsupported digest type %d for %s"
+msgstr "%2$s 的摘要类型 %1$d 不支持"
+
+#: plugins/sudoers/filedigest.c:88
+#, c-format
+msgid "%s: read error"
+msgstr "%s：写错误"
+
+#: plugins/sudoers/group_plugin.c:88
+#, c-format
+msgid "%s must be owned by uid %d"
+msgstr "%s 必须属于用户 ID %d"
+
+#: plugins/sudoers/group_plugin.c:92
+#, c-format
+msgid "%s must only be writable by owner"
+msgstr "%s 必须只对所有者可写"
+
+#: plugins/sudoers/group_plugin.c:100 plugins/sudoers/sssd.c:561
+#, c-format
+msgid "unable to load %s: %s"
+msgstr "无法加载 %s：%s"
+
+#: plugins/sudoers/group_plugin.c:106
+#, c-format
+msgid "unable to find symbol \"group_plugin\" in %s"
+msgstr "无法在 %s 中找到符号“group_plugin”"
+
+#: plugins/sudoers/group_plugin.c:111
+#, c-format
+msgid "%s: incompatible group plugin major version %d, expected %d"
+msgstr "%s：不兼容的组插件主版本号 %d，应为 %d"
+
+#: plugins/sudoers/interfaces.c:84 plugins/sudoers/interfaces.c:101
+#, c-format
+msgid "unable to parse IP address \"%s\""
+msgstr "无法解析 IP 地址列表“%s”"
+
+#: plugins/sudoers/interfaces.c:89 plugins/sudoers/interfaces.c:106
+#, c-format
+msgid "unable to parse netmask \"%s\""
+msgstr "无法解析网络掩码“%s”"
+
+#: plugins/sudoers/interfaces.c:134
+msgid "Local IP address and netmask pairs:\n"
+msgstr "本地 IP 地址和网络掩码对：\n"
+
+#: plugins/sudoers/iolog.c:115 plugins/sudoers/mkdir_parents.c:80
+#, c-format
+msgid "%s exists but is not a directory (0%o)"
+msgstr "%s 存在，但不是目录(0%o)"
+
+#: plugins/sudoers/iolog.c:140 plugins/sudoers/iolog.c:180
+#: plugins/sudoers/mkdir_parents.c:69 plugins/sudoers/timestamp.c:210
+#, c-format
+msgid "unable to mkdir %s"
+msgstr "无法创建目录 %s"
+
+#: plugins/sudoers/iolog.c:184 plugins/sudoers/visudo.c:723
+#: plugins/sudoers/visudo.c:734
+#, c-format
+msgid "unable to change mode of %s to 0%o"
+msgstr "无法将 %s 的模式更改为 0%o"
+
+#: plugins/sudoers/iolog.c:292 plugins/sudoers/sudoers.c:1167
+#: plugins/sudoers/testsudoers.c:422
+#, c-format
+msgid "unknown group: %s"
+msgstr "未知组：%s"
+
+#: plugins/sudoers/iolog.c:462 plugins/sudoers/sudoers.c:907
+#: plugins/sudoers/sudoreplay.c:840 plugins/sudoers/sudoreplay.c:1536
+#: plugins/sudoers/tsdump.c:143
+#, c-format
+msgid "unable to read %s"
+msgstr "无法读取 %s"
+
+#: plugins/sudoers/iolog.c:577 plugins/sudoers/iolog.c:797
+#, c-format
+msgid "unable to create %s"
+msgstr "无法创建 %s"
+
+#: plugins/sudoers/iolog.c:820 plugins/sudoers/iolog.c:1035
+#: plugins/sudoers/iolog.c:1111 plugins/sudoers/iolog.c:1205
+#: plugins/sudoers/iolog.c:1265
+#, c-format
+msgid "unable to write to I/O log file: %s"
+msgstr "无法写入 I/O 日志文件：%s"
+
+#: plugins/sudoers/iolog.c:1069
+#, c-format
+msgid "%s: internal error, I/O log file for event %d not open"
+msgstr "%s：内部错误，事件 %d 的 I/O 日志文件未打开"
+
+#: plugins/sudoers/iolog.c:1228
+#, c-format
+msgid "%s: internal error, invalid signal %d"
+msgstr "%s：内部错误，信号 %d 无效"
+
+#: plugins/sudoers/iolog_util.c:87
+#, c-format
+msgid "%s: invalid log file"
+msgstr "%s：无效的日志文件"
+
+#: plugins/sudoers/iolog_util.c:105
+#, c-format
+msgid "%s: time stamp field is missing"
+msgstr "%s：缺少 时间戳 字段"
+
+#: plugins/sudoers/iolog_util.c:111
+#, c-format
+msgid "%s: time stamp %s: %s"
+msgstr "%s：时间戳 %s：%s"
+
+#: plugins/sudoers/iolog_util.c:118
+#, c-format
+msgid "%s: user field is missing"
+msgstr "%s：缺少 用户 字段"
+
+#: plugins/sudoers/iolog_util.c:127
+#, c-format
+msgid "%s: runas user field is missing"
+msgstr "%s：缺少 runas 用户 字段"
+
+#: plugins/sudoers/iolog_util.c:136
+#, c-format
+msgid "%s: runas group field is missing"
+msgstr "%s：缺少 runas 组 字段"
+
+#: plugins/sudoers/ldap.c:176 plugins/sudoers/ldap_conf.c:294
+msgid "starttls not supported when using ldaps"
+msgstr "使用 ldaps 时不支持 starttls"
+
+#: plugins/sudoers/ldap.c:247
+#, c-format
+msgid "unable to initialize SSL cert and key db: %s"
+msgstr "无法初始化 SSL 证书和密钥数据库：%s"
+
+#: plugins/sudoers/ldap.c:250
+#, c-format
+msgid "you must set TLS_CERT in %s to use SSL"
+msgstr "要使用 SSL，您必须在 %s 中设置 TLS_CERT"
+
+#: plugins/sudoers/ldap.c:1612
+#, c-format
+msgid "unable to initialize LDAP: %s"
+msgstr "无法初始化 LDAP：%s"
+
+#: plugins/sudoers/ldap.c:1648
+msgid "start_tls specified but LDAP libs do not support ldap_start_tls_s() or ldap_start_tls_s_np()"
+msgstr "指定了 start_tls，但 LDAP 库不支持 ldap_start_tls_s() 或 ldap_start_tls_s_np()"
+
+#: plugins/sudoers/ldap.c:1785 plugins/sudoers/parse_ldif.c:735
+#, c-format
+msgid "invalid sudoOrder attribute: %s"
+msgstr "无效的 sudoOrder 属性：%s"
+
+#: plugins/sudoers/ldap_conf.c:203
+msgid "sudo_ldap_conf_add_ports: port too large"
+msgstr "sudo_ldap_conf_add_ports：端口太大"
+
+#: plugins/sudoers/ldap_conf.c:263
+#, c-format
+msgid "unsupported LDAP uri type: %s"
+msgstr "不支持的 LDAP URI 类型：%s"
+
+#: plugins/sudoers/ldap_conf.c:290
+msgid "unable to mix ldap and ldaps URIs"
+msgstr "无法混合 ldap 和 ldaps URI"
+
+#: plugins/sudoers/ldap_util.c:454 plugins/sudoers/ldap_util.c:456
+#, c-format
+msgid "unable to convert sudoOption: %s%s%s"
+msgstr "无法转换 sudoOption: %s%s%s"
+
+#: plugins/sudoers/linux_audit.c:57
+msgid "unable to open audit system"
+msgstr "无法打开审核系统"
+
+#: plugins/sudoers/linux_audit.c:98
+msgid "unable to send audit message"
+msgstr "无法发送审核消息"
+
+#: plugins/sudoers/logging.c:113
+#, c-format
+msgid "%8s : %s"
+msgstr "%8s：%s"
+
+#: plugins/sudoers/logging.c:141
+#, c-format
+msgid "%8s : (command continued) %s"
+msgstr "%8s：(命令继续执行) %s"
+
+#: plugins/sudoers/logging.c:170
+#, c-format
+msgid "unable to open log file: %s"
+msgstr "无法打开日志文件：%s"
+
+#: plugins/sudoers/logging.c:178
+#, c-format
+msgid "unable to lock log file: %s"
+msgstr "无法锁定日志文件：%s"
+
+#: plugins/sudoers/logging.c:211
+#, c-format
+msgid "unable to write log file: %s"
+msgstr "无法写入日志文件： %s"
+
+#: plugins/sudoers/logging.c:240
+msgid "No user or host"
+msgstr "无用户或主机"
+
+#: plugins/sudoers/logging.c:242
+msgid "validation failure"
+msgstr "校验失败"
+
+#: plugins/sudoers/logging.c:249
+msgid "user NOT in sudoers"
+msgstr "用户不在 sudoers 中"
+
+#: plugins/sudoers/logging.c:251
+msgid "user NOT authorized on host"
+msgstr "用户未获得此主机上的授权"
+
+#: plugins/sudoers/logging.c:253
+msgid "command not allowed"
+msgstr "命令禁止使用"
+
+#: plugins/sudoers/logging.c:288
+#, c-format
+msgid "%s is not in the sudoers file.  This incident will be reported.\n"
+msgstr "%s 不在 sudoers 文件中。此事将被报告。\n"
+
+#: plugins/sudoers/logging.c:291
+#, c-format
+msgid "%s is not allowed to run sudo on %s.  This incident will be reported.\n"
+msgstr "%s 无权在 %s 上运行 sudo。此事将被报告。\n"
+
+#: plugins/sudoers/logging.c:295
+#, c-format
+msgid "Sorry, user %s may not run sudo on %s.\n"
+msgstr "对不起，用户 %s 不能在 %s 上运行 sudo。\n"
+
+#: plugins/sudoers/logging.c:298
+#, c-format
+msgid "Sorry, user %s is not allowed to execute '%s%s%s' as %s%s%s on %s.\n"
+msgstr "对不起，用户 %1$s 无权以 %5$s%6$s%7$s 的身份在 %8$s 上执行 %2$s%3$s%4$s。\n"
+
+#: plugins/sudoers/logging.c:335 plugins/sudoers/sudoers.c:438
+#: plugins/sudoers/sudoers.c:440 plugins/sudoers/sudoers.c:442
+#: plugins/sudoers/sudoers.c:444 plugins/sudoers/sudoers.c:599
+#: plugins/sudoers/sudoers.c:601
+#, c-format
+msgid "%s: command not found"
+msgstr "%s：找不到命令"
+
+#: plugins/sudoers/logging.c:337 plugins/sudoers/sudoers.c:434
+#, c-format
+msgid ""
+"ignoring \"%s\" found in '.'\n"
+"Use \"sudo ./%s\" if this is the \"%s\" you wish to run."
+msgstr ""
+"忽略在“.”中找到的“%s”\n"
+"请使用“sudo ./%s”，如果这是您想运行的“%s”。"
+
+#: plugins/sudoers/logging.c:354
+msgid "authentication failure"
+msgstr "认证失败"
+
+#: plugins/sudoers/logging.c:380
+msgid "a password is required"
+msgstr "需要密码"
+
+#: plugins/sudoers/logging.c:443
+#, c-format
+msgid "%u incorrect password attempt"
+msgid_plural "%u incorrect password attempts"
+msgstr[0] "%u 次错误密码尝试"
+
+#: plugins/sudoers/logging.c:666
+msgid "unable to fork"
+msgstr "无法执行 fork"
+
+#: plugins/sudoers/logging.c:674 plugins/sudoers/logging.c:726
+#, c-format
+msgid "unable to fork: %m"
+msgstr "无法执行 fork：%m"
+
+#: plugins/sudoers/logging.c:716
+#, c-format
+msgid "unable to open pipe: %m"
+msgstr "无法打开管道：%m"
+
+#: plugins/sudoers/logging.c:741
+#, c-format
+msgid "unable to dup stdin: %m"
+msgstr "无法 dup stdin：%m"
+
+#: plugins/sudoers/logging.c:779
+#, c-format
+msgid "unable to execute %s: %m"
+msgstr "无法执行 %s：%m"
+
+#: plugins/sudoers/match.c:874
+#, c-format
+msgid "digest for %s (%s) is not in %s form"
+msgstr "%s(%s) 的摘要不是 %s 形式"
+
+#: plugins/sudoers/mkdir_parents.c:75 plugins/sudoers/sudoers.c:918
+#: plugins/sudoers/visudo.c:421 plugins/sudoers/visudo.c:717
+#, c-format
+msgid "unable to stat %s"
+msgstr "无法 stat %s"
+
+#: plugins/sudoers/parse.c:444
+#, c-format
+msgid ""
+"\n"
+"LDAP Role: %s\n"
+msgstr ""
+"\n"
+"LDAP 角色：%s\n"
+
+#: plugins/sudoers/parse.c:447
+#, c-format
+msgid ""
+"\n"
+"Sudoers entry:\n"
+msgstr ""
+"\n"
+"Sudoers 条目：\n"
+
+#: plugins/sudoers/parse.c:449
+#, c-format
+msgid "    RunAsUsers: "
+msgstr "    RunAs 用户："
+
+#: plugins/sudoers/parse.c:464
+#, c-format
+msgid "    RunAsGroups: "
+msgstr "    RunAs 组："
+
+#: plugins/sudoers/parse.c:474
+#, c-format
+msgid "    Options: "
+msgstr "    选项："
+
+#: plugins/sudoers/parse.c:528
+#, c-format
+msgid "    Commands:\n"
+msgstr "    命令：\n"
+
+#: plugins/sudoers/parse.c:719
+#, c-format
+msgid "Matching Defaults entries for %s on %s:\n"
+msgstr "匹配 %2$s 上 %1$s 的默认条目：\n"
+
+#: plugins/sudoers/parse.c:737
+#, c-format
+msgid "Runas and Command-specific defaults for %s:\n"
+msgstr "%s Runas 和命令特定的默认值：\n"
+
+#: plugins/sudoers/parse.c:755
+#, c-format
+msgid "User %s may run the following commands on %s:\n"
+msgstr "用户 %s 可以在 %s 上运行以下命令：\n"
+
+#: plugins/sudoers/parse.c:770
+#, c-format
+msgid "User %s is not allowed to run sudo on %s.\n"
+msgstr "用户 %s 无权在 %s 上运行 sudo。\n"
+
+#: plugins/sudoers/parse_ldif.c:145
+#, c-format
+msgid "ignoring invalid attribute value: %s"
+msgstr "将忽略无效的属性值：%s"
+
+#: plugins/sudoers/parse_ldif.c:584
+#, c-format
+msgid "ignoring incomplete sudoRole: cn: %s"
+msgstr "将忽略不完整的 sudoRole：cn：%s"
+
+#: plugins/sudoers/policy.c:88 plugins/sudoers/policy.c:114
+#, c-format
+msgid "invalid %.*s set by sudo front-end"
+msgstr "sudo 前端设置了无效的 %.*s"
+
+#: plugins/sudoers/policy.c:293 plugins/sudoers/testsudoers.c:278
+msgid "unable to parse network address list"
+msgstr "无法解析网络地址列表"
+
+#: plugins/sudoers/policy.c:437
+msgid "user name not set by sudo front-end"
+msgstr "用户名未通过 sudo 前端设置"
+
+#: plugins/sudoers/policy.c:441
+msgid "user ID not set by sudo front-end"
+msgstr "用户 ID 未通过 sudo 前端设置"
+
+#: plugins/sudoers/policy.c:445
+msgid "group ID not set by sudo front-end"
+msgstr "组 ID 未通过 sudo 前端设置"
+
+#: plugins/sudoers/policy.c:449
+msgid "host name not set by sudo front-end"
+msgstr "主机名未通过 sudo 前端设置"
+
+#: plugins/sudoers/policy.c:802 plugins/sudoers/visudo.c:220
+#: plugins/sudoers/visudo.c:851
+#, c-format
+msgid "unable to execute %s"
+msgstr "无法执行 %s"
+
+#: plugins/sudoers/policy.c:933
+#, c-format
+msgid "Sudoers policy plugin version %s\n"
+msgstr "Sudoers 策略插件版本 %s\n"
+
+#: plugins/sudoers/policy.c:935
+#, c-format
+msgid "Sudoers file grammar version %d\n"
+msgstr "Sudoers 文件语法版本 %d\n"
+
+#: plugins/sudoers/policy.c:939
+#, c-format
+msgid ""
+"\n"
+"Sudoers path: %s\n"
+msgstr ""
+"\n"
+"Sudoers 路径：%s\n"
+
+#: plugins/sudoers/policy.c:942
+#, c-format
+msgid "nsswitch path: %s\n"
+msgstr "nsswitch 路径：%s\n"
+
+#: plugins/sudoers/policy.c:944
+#, c-format
+msgid "ldap.conf path: %s\n"
+msgstr "ldap.conf 路径：%s\n"
+
+#: plugins/sudoers/policy.c:945
+#, c-format
+msgid "ldap.secret path: %s\n"
+msgstr "ldap.secret 路径：%s\n"
+
+#: plugins/sudoers/policy.c:978
+#, c-format
+msgid "unable to register hook of type %d (version %d.%d)"
+msgstr "无法注册类型为 %d 的钩子(hook)(版本 %d.%d)"
+
+#: plugins/sudoers/pwutil.c:220 plugins/sudoers/pwutil.c:239
+#, c-format
+msgid "unable to cache uid %u, out of memory"
+msgstr "无法缓存用户 ID %u，内存不足"
+
+#: plugins/sudoers/pwutil.c:233
+#, c-format
+msgid "unable to cache uid %u, already exists"
+msgstr "无法缓存用户 ID %u，已存在"
+
+#: plugins/sudoers/pwutil.c:293 plugins/sudoers/pwutil.c:311
+#: plugins/sudoers/pwutil.c:373 plugins/sudoers/pwutil.c:418
+#, c-format
+msgid "unable to cache user %s, out of memory"
+msgstr "无法缓存用户 %s，内存不足"
+
+#: plugins/sudoers/pwutil.c:306
+#, c-format
+msgid "unable to cache user %s, already exists"
+msgstr "无法缓存用户 %s，已存在"
+
+#: plugins/sudoers/pwutil.c:537 plugins/sudoers/pwutil.c:556
+#, c-format
+msgid "unable to cache gid %u, out of memory"
+msgstr "无法缓存组 ID %u，内存不足"
+
+#: plugins/sudoers/pwutil.c:550
+#, c-format
+msgid "unable to cache gid %u, already exists"
+msgstr "无法缓存组 ID %u，已存在"
+
+#: plugins/sudoers/pwutil.c:604 plugins/sudoers/pwutil.c:622
+#: plugins/sudoers/pwutil.c:669 plugins/sudoers/pwutil.c:711
+#, c-format
+msgid "unable to cache group %s, out of memory"
+msgstr "无法缓存组 %s，内存不足"
+
+#: plugins/sudoers/pwutil.c:617
+#, c-format
+msgid "unable to cache group %s, already exists"
+msgstr "无法缓存组 %s，已存在"
+
+#: plugins/sudoers/pwutil.c:837 plugins/sudoers/pwutil.c:889
+#: plugins/sudoers/pwutil.c:940 plugins/sudoers/pwutil.c:993
+#, c-format
+msgid "unable to cache group list for %s, already exists"
+msgstr "无法缓存组列表 %s，已存在"
+
+#: plugins/sudoers/pwutil.c:843 plugins/sudoers/pwutil.c:894
+#: plugins/sudoers/pwutil.c:946 plugins/sudoers/pwutil.c:998
+#, c-format
+msgid "unable to cache group list for %s, out of memory"
+msgstr "无法缓存组列表 %s，内存不足"
+
+#: plugins/sudoers/pwutil.c:883
+#, c-format
+msgid "unable to parse groups for %s"
+msgstr "无法对 %s 解析组"
+
+#: plugins/sudoers/pwutil.c:987
+#, c-format
+msgid "unable to parse gids for %s"
+msgstr "无法解析 %s 的组 ID"
+
+#: plugins/sudoers/set_perms.c:118 plugins/sudoers/set_perms.c:474
+#: plugins/sudoers/set_perms.c:917 plugins/sudoers/set_perms.c:1244
+#: plugins/sudoers/set_perms.c:1561
+msgid "perm stack overflow"
+msgstr "权限堆栈上溢"
+
+#: plugins/sudoers/set_perms.c:126 plugins/sudoers/set_perms.c:405
+#: plugins/sudoers/set_perms.c:482 plugins/sudoers/set_perms.c:784
+#: plugins/sudoers/set_perms.c:925 plugins/sudoers/set_perms.c:1168
+#: plugins/sudoers/set_perms.c:1252 plugins/sudoers/set_perms.c:1494
+#: plugins/sudoers/set_perms.c:1569 plugins/sudoers/set_perms.c:1659
+msgid "perm stack underflow"
+msgstr "权限堆栈下溢"
+
+#: plugins/sudoers/set_perms.c:185 plugins/sudoers/set_perms.c:528
+#: plugins/sudoers/set_perms.c:1303 plugins/sudoers/set_perms.c:1601
+msgid "unable to change to root gid"
+msgstr "无法切换为 root 组 ID"
+
+#: plugins/sudoers/set_perms.c:274 plugins/sudoers/set_perms.c:625
+#: plugins/sudoers/set_perms.c:1054 plugins/sudoers/set_perms.c:1380
+msgid "unable to change to runas gid"
+msgstr "无法切换为 runas 组 ID"
+
+#: plugins/sudoers/set_perms.c:279 plugins/sudoers/set_perms.c:630
+#: plugins/sudoers/set_perms.c:1059 plugins/sudoers/set_perms.c:1385
+msgid "unable to set runas group vector"
+msgstr "无法设置 runas 组向量"
+
+#: plugins/sudoers/set_perms.c:290 plugins/sudoers/set_perms.c:641
+#: plugins/sudoers/set_perms.c:1068 plugins/sudoers/set_perms.c:1394
+msgid "unable to change to runas uid"
+msgstr "无法切换为 runas 用户 ID"
+
+#: plugins/sudoers/set_perms.c:308 plugins/sudoers/set_perms.c:659
+#: plugins/sudoers/set_perms.c:1084 plugins/sudoers/set_perms.c:1410
+msgid "unable to change to sudoers gid"
+msgstr "无法切换为 sudoers 组 ID"
+
+#: plugins/sudoers/set_perms.c:392 plugins/sudoers/set_perms.c:771
+#: plugins/sudoers/set_perms.c:1155 plugins/sudoers/set_perms.c:1481
+#: plugins/sudoers/set_perms.c:1646
+msgid "too many processes"
+msgstr "进程过多"
+
+#: plugins/sudoers/solaris_audit.c:56
+msgid "unable to get current working directory"
+msgstr "无法获取当前工作目录"
+
+#: plugins/sudoers/solaris_audit.c:64
+#, c-format
+msgid "truncated audit path user_cmnd: %s"
+msgstr "截断的审核路径 user_cmnd：%s"
+
+#: plugins/sudoers/solaris_audit.c:71
+#, c-format
+msgid "truncated audit path argv[0]: %s"
+msgstr "截断的审核路径 argv[0]：%s"
+
+#: plugins/sudoers/solaris_audit.c:120
+msgid "audit_failure message too long"
+msgstr "audit_failure(审核失败)消息过长"
+
+#: plugins/sudoers/sssd.c:563
+msgid "unable to initialize SSS source. Is SSSD installed on your machine?"
+msgstr "无法初始化 SSS 资源。您的计算机上安装 SSSD 了吗？"
+
+#: plugins/sudoers/sssd.c:571 plugins/sudoers/sssd.c:580
+#: plugins/sudoers/sssd.c:589 plugins/sudoers/sssd.c:598
+#: plugins/sudoers/sssd.c:607
+#, c-format
+msgid "unable to find symbol \"%s\" in %s"
+msgstr "无法在 %s 中找到符号“%s”"
+
+#: plugins/sudoers/sudoers.c:208 plugins/sudoers/sudoers.c:864
+msgid "problem with defaults entries"
+msgstr "默认条目有问题"
+
+#: plugins/sudoers/sudoers.c:212
+msgid "no valid sudoers sources found, quitting"
+msgstr "没有找到有效的 sudoers 资源，退出"
+
+#: plugins/sudoers/sudoers.c:250
+msgid "sudoers specifies that root is not allowed to sudo"
+msgstr "sudoers 指定 root 不允许执行 sudo"
+
+#: plugins/sudoers/sudoers.c:308
+msgid "you are not permitted to use the -C option"
+msgstr "您无权使用 -C 选项"
+
+#: plugins/sudoers/sudoers.c:355
+#, c-format
+msgid "timestamp owner (%s): No such user"
+msgstr "时间戳所有者(%s)：无此用户"
+
+#: plugins/sudoers/sudoers.c:370
+msgid "no tty"
+msgstr "无终端"
+
+#: plugins/sudoers/sudoers.c:371
+msgid "sorry, you must have a tty to run sudo"
+msgstr "抱歉，您必须拥有一个终端来执行 sudo"
+
+#: plugins/sudoers/sudoers.c:433
+msgid "command in current directory"
+msgstr "当前目录中的命令"
+
+#: plugins/sudoers/sudoers.c:452
+msgid "sorry, you are not allowed set a command timeout"
+msgstr "抱歉，您无权设置超时时间"
+
+#: plugins/sudoers/sudoers.c:460
+msgid "sorry, you are not allowed to preserve the environment"
+msgstr "抱歉，您无权保留环境"
+
+#: plugins/sudoers/sudoers.c:808
+msgid "command too long"
+msgstr "命令过长"
+
+#: plugins/sudoers/sudoers.c:922
+#, c-format
+msgid "%s is not a regular file"
+msgstr "%s 不是常规文件"
+
+#: plugins/sudoers/sudoers.c:926 plugins/sudoers/timestamp.c:257 toke.l:965
+#, c-format
+msgid "%s is owned by uid %u, should be %u"
+msgstr "%s 属于用户 ID %u，应为 %u"
+
+#: plugins/sudoers/sudoers.c:930 toke.l:970
+#, c-format
+msgid "%s is world writable"
+msgstr "%s 可被任何人写"
+
+#: plugins/sudoers/sudoers.c:934 toke.l:973
+#, c-format
+msgid "%s is owned by gid %u, should be %u"
+msgstr "%s 属于组 ID %u，应为 %u"
+
+#: plugins/sudoers/sudoers.c:967
+#, c-format
+msgid "only root can use \"-c %s\""
+msgstr "只有 root 才能使用“-c %s”"
+
+#: plugins/sudoers/sudoers.c:986
+#, c-format
+msgid "unknown login class: %s"
+msgstr "未知的登录类别：%s"
+
+#: plugins/sudoers/sudoers.c:1069 plugins/sudoers/sudoers.c:1083
+#, c-format
+msgid "unable to resolve host %s"
+msgstr "无法解析主机：%s"
+
+#: plugins/sudoers/sudoreplay.c:248
+#, c-format
+msgid "invalid filter option: %s"
+msgstr "无效的过滤器选项：%s"
+
+#: plugins/sudoers/sudoreplay.c:261
+#, c-format
+msgid "invalid max wait: %s"
+msgstr "无效的最大等待：%s"
+
+#: plugins/sudoers/sudoreplay.c:284
+#, c-format
+msgid "invalid speed factor: %s"
+msgstr "无法的速度系数：%s"
+
+#: plugins/sudoers/sudoreplay.c:319
+#, c-format
+msgid "%s/%.2s/%.2s/%.2s/timing: %s"
+msgstr "%s/%.2s/%.2s/%.2s/时序：%s"
+
+#: plugins/sudoers/sudoreplay.c:325
+#, c-format
+msgid "%s/%s/timing: %s"
+msgstr "%s/%s/时序：%s"
+
+#: plugins/sudoers/sudoreplay.c:341
+#, c-format
+msgid "Replaying sudo session: %s"
+msgstr "回放 sudo 会话：%s"
+
+#: plugins/sudoers/sudoreplay.c:539 plugins/sudoers/sudoreplay.c:586
+#: plugins/sudoers/sudoreplay.c:783 plugins/sudoers/sudoreplay.c:892
+#: plugins/sudoers/sudoreplay.c:977 plugins/sudoers/sudoreplay.c:992
+#: plugins/sudoers/sudoreplay.c:999 plugins/sudoers/sudoreplay.c:1006
+#: plugins/sudoers/sudoreplay.c:1013 plugins/sudoers/sudoreplay.c:1020
+#: plugins/sudoers/sudoreplay.c:1168
+msgid "unable to add event to queue"
+msgstr "无法将事件添加到队列"
+
+#: plugins/sudoers/sudoreplay.c:654
+msgid "unable to set tty to raw mode"
+msgstr "无法将终端设为原始模式"
+
+#: plugins/sudoers/sudoreplay.c:705
+#, c-format
+msgid "Warning: your terminal is too small to properly replay the log.\n"
+msgstr "警告：您的终端尺寸太小，不能正常地回放日志。\n"
+
+#: plugins/sudoers/sudoreplay.c:706
+#, c-format
+msgid "Log geometry is %d x %d, your terminal's geometry is %d x %d."
+msgstr "日志的几何尺寸为 %dx%d，您终端的几何尺寸为 %dx%d。"
+
+#: plugins/sudoers/sudoreplay.c:734
+msgid "Replay finished, press any key to restore the terminal."
+msgstr "回放完成，请按任意键返回终端。"
+
+#: plugins/sudoers/sudoreplay.c:766
+#, c-format
+msgid "invalid timing file line: %s"
+msgstr "无效的时序文件行：%s"
+
+#: plugins/sudoers/sudoreplay.c:1202 plugins/sudoers/sudoreplay.c:1227
+#, c-format
+msgid "ambiguous expression \"%s\""
+msgstr "有歧义的表达式“%s”"
+
+#: plugins/sudoers/sudoreplay.c:1249
+msgid "unmatched ')' in expression"
+msgstr "表达式中的“)”不匹配"
+
+#: plugins/sudoers/sudoreplay.c:1253
+#, c-format
+msgid "unknown search term \"%s\""
+msgstr "未知的搜索词“%s”"
+
+#: plugins/sudoers/sudoreplay.c:1268
+#, c-format
+msgid "%s requires an argument"
+msgstr "%s 需要参数"
+
+#: plugins/sudoers/sudoreplay.c:1271 plugins/sudoers/sudoreplay.c:1512
+#, c-format
+msgid "invalid regular expression: %s"
+msgstr "无效的正则表达式：%s"
+
+#: plugins/sudoers/sudoreplay.c:1275
+#, c-format
+msgid "could not parse date \"%s\""
+msgstr "无法解析日期“%s”"
+
+#: plugins/sudoers/sudoreplay.c:1284
+msgid "unmatched '(' in expression"
+msgstr "表达式中的“(”不匹配"
+
+#: plugins/sudoers/sudoreplay.c:1286
+msgid "illegal trailing \"or\""
+msgstr "非法的结尾字符“or”"
+
+#: plugins/sudoers/sudoreplay.c:1288
+msgid "illegal trailing \"!\""
+msgstr "非法的结尾字符“!”"
+
+#: plugins/sudoers/sudoreplay.c:1338
+#, c-format
+msgid "unknown search type %d"
+msgstr "未知的搜索类型 %d"
+
+#: plugins/sudoers/sudoreplay.c:1605
+#, c-format
+msgid "usage: %s [-hnRS] [-d dir] [-m num] [-s num] ID\n"
+msgstr "用法：%s [-hnRS] [-d 目录] [-m 数值] [-s 数值] ID\n"
+
+#: plugins/sudoers/sudoreplay.c:1608
+#, c-format
+msgid "usage: %s [-h] [-d dir] -l [search expression]\n"
+msgstr "用法：%s [-h] [-d 目录] -l [搜索表达式]\n"
+
+#: plugins/sudoers/sudoreplay.c:1617
+#, c-format
+msgid ""
+"%s - replay sudo session logs\n"
+"\n"
+msgstr ""
+"%s - 回放 sudo 会话记录\n"
+"\n"
+
+#: plugins/sudoers/sudoreplay.c:1619
+msgid ""
+"\n"
+"Options:\n"
+"  -d, --directory=dir  specify directory for session logs\n"
+"  -f, --filter=filter  specify which I/O type(s) to display\n"
+"  -h, --help           display help message and exit\n"
+"  -l, --list           list available session IDs, with optional expression\n"
+"  -m, --max-wait=num   max number of seconds to wait between events\n"
+"  -S, --suspend-wait   wait while the command was suspended\n"
+"  -s, --speed=num      speed up or slow down output\n"
+"  -V, --version        display version information and exit"
+msgstr ""
+"\n"
+"选项：\n"
+"  -d, --directory=目录 指定会话日志目录\n"
+"  -f, --filter=过滤器  指定要显示的 I/O 类型\n"
+"  -h, --help           显示帮助信息并退出\n"
+"  -l, --list           列出可用会话 ID，可加表达式限定\n"
+"  -m, --max-wait=数值  事件间等待的最大秒数\n"
+"  -S, --suspend-wait   在命令挂起时等待\n"
+"  -s, --speed=数值     加速或减慢输出\n"
+"  -V, --version        显示版本信息并退出"
+
+#: plugins/sudoers/testsudoers.c:360
+msgid "\thost  unmatched"
+msgstr "\t主机不匹配"
+
+#: plugins/sudoers/testsudoers.c:363
+msgid ""
+"\n"
+"Command allowed"
+msgstr ""
+"\n"
+"命令允许"
+
+#: plugins/sudoers/testsudoers.c:364
+msgid ""
+"\n"
+"Command denied"
+msgstr ""
+"\n"
+"命令被拒"
+
+#: plugins/sudoers/testsudoers.c:364
+msgid ""
+"\n"
+"Command unmatched"
+msgstr ""
+"\n"
+"命令不匹配"
+
+#: plugins/sudoers/timestamp.c:265
+#, c-format
+msgid "%s is group writable"
+msgstr "%s 可被组写"
+
+#: plugins/sudoers/timestamp.c:341
+#, c-format
+msgid "unable to truncate time stamp file to %lld bytes"
+msgstr "无法将时间戳文件截短为 %lld 字节"
+
+#: plugins/sudoers/timestamp.c:827 plugins/sudoers/timestamp.c:919
+#: plugins/sudoers/visudo.c:482 plugins/sudoers/visudo.c:488
+msgid "unable to read the clock"
+msgstr "无法读取时钟"
+
+#: plugins/sudoers/timestamp.c:838
+msgid "ignoring time stamp from the future"
+msgstr "将忽略超前的时间戳"
+
+#: plugins/sudoers/timestamp.c:861
+#, c-format
+msgid "time stamp too far in the future: %20.20s"
+msgstr "时间戳太超前：%20.20s"
+
+#: plugins/sudoers/timestamp.c:983
+#, c-format
+msgid "unable to lock time stamp file %s"
+msgstr "无法锁定时间戳文件 %s"
+
+#: plugins/sudoers/timestamp.c:1027 plugins/sudoers/timestamp.c:1047
+#, c-format
+msgid "lecture status path too long: %s/%s"
+msgstr "致辞(lecture)状态路径过长：%s/%s"
+
+#: plugins/sudoers/visudo.c:216
+msgid "the -x option will be removed in a future release"
+msgstr "未来版本中 -x 选项会移除"
+
+#: plugins/sudoers/visudo.c:217
+msgid "please consider using the cvtsudoers utility instead"
+msgstr "请考虑换用 cvtsudoers 工具"
+
+#: plugins/sudoers/visudo.c:268 plugins/sudoers/visudo.c:650
+#, c-format
+msgid "press return to edit %s: "
+msgstr "按回车键编辑 %s："
+
+#: plugins/sudoers/visudo.c:329
+#, c-format
+msgid "specified editor (%s) doesn't exist"
+msgstr "指定的编辑器(%s)不存在"
+
+#: plugins/sudoers/visudo.c:331
+#, c-format
+msgid "no editor found (editor path = %s)"
+msgstr "未找到编辑器(编辑器路径 = %s)"
+
+#: plugins/sudoers/visudo.c:441 plugins/sudoers/visudo.c:449
+msgid "write error"
+msgstr "写错误"
+
+#: plugins/sudoers/visudo.c:495
+#, c-format
+msgid "unable to stat temporary file (%s), %s unchanged"
+msgstr "无法 stat 临时文件(%s)，%s 未更改"
+
+#: plugins/sudoers/visudo.c:502
+#, c-format
+msgid "zero length temporary file (%s), %s unchanged"
+msgstr "零长度的临时文件(%s)，%s 未更改"
+
+#: plugins/sudoers/visudo.c:508
+#, c-format
+msgid "editor (%s) failed, %s unchanged"
+msgstr "编辑器(%s)失败，%s 未更改"
+
+#: plugins/sudoers/visudo.c:530
+#, c-format
+msgid "%s unchanged"
+msgstr "%s 未更改"
+
+#: plugins/sudoers/visudo.c:589
+#, c-format
+msgid "unable to re-open temporary file (%s), %s unchanged."
+msgstr "无法重新打开临时文件(%s)，%s 未更改"
+
+#: plugins/sudoers/visudo.c:601
+#, c-format
+msgid "unabled to parse temporary file (%s), unknown error"
+msgstr "无法解析临时文件(%s)，未知错误"
+
+#: plugins/sudoers/visudo.c:639
+#, c-format
+msgid "internal error, unable to find %s in list!"
+msgstr "内部错误，在列表中找不到 %s！"
+
+#: plugins/sudoers/visudo.c:719 plugins/sudoers/visudo.c:728
+#, c-format
+msgid "unable to set (uid, gid) of %s to (%u, %u)"
+msgstr "无法将 %s 的 (uid, gid) 设为 (%u, %u)"
+
+#: plugins/sudoers/visudo.c:751
+#, c-format
+msgid "%s and %s not on the same file system, using mv to rename"
+msgstr "%s 和 %s 不在同一个文件系统，使用 mv 进行重命名"
+
+#: plugins/sudoers/visudo.c:765
+#, c-format
+msgid "command failed: '%s %s %s', %s unchanged"
+msgstr "命令失败：“%s %s %s”，%s 未更改"
+
+#: plugins/sudoers/visudo.c:775
+#, c-format
+msgid "error renaming %s, %s unchanged"
+msgstr "重命名 %s 出错，%s 未更改"
+
+#: plugins/sudoers/visudo.c:796
+msgid "What now? "
+msgstr "现在做什么？"
+
+#: plugins/sudoers/visudo.c:810
+msgid ""
+"Options are:\n"
+"  (e)dit sudoers file again\n"
+"  e(x)it without saving changes to sudoers file\n"
+"  (Q)uit and save changes to sudoers file (DANGER!)\n"
+msgstr ""
+"选项有：\n"
+"  重新编辑 sudoers 文件(e)\n"
+"  退出，不保存对 sudoers 文件的更改(x)\n"
+"  退出并将更改保存到 sudoers 文件(危险！)(Q)\n"
+
+#: plugins/sudoers/visudo.c:856
+#, c-format
+msgid "unable to run %s"
+msgstr "无法运行 %s"
+
+#: plugins/sudoers/visudo.c:886
+#, c-format
+msgid "%s: wrong owner (uid, gid) should be (%u, %u)\n"
+msgstr "%s：错误的所有者(uid, gid)，应为 (%u, %u)\n"
+
+#: plugins/sudoers/visudo.c:893
+#, c-format
+msgid "%s: bad permissions, should be mode 0%o\n"
+msgstr "%s：权限不正确，模式应该是 0%o\n"
+
+#: plugins/sudoers/visudo.c:950 plugins/sudoers/visudo.c:957
+#, c-format
+msgid "%s: parsed OK\n"
+msgstr "%s：解析正确\n"
+
+#: plugins/sudoers/visudo.c:976
+#, c-format
+msgid "%s busy, try again later"
+msgstr "%s 忙，请稍后重试"
+
+#: plugins/sudoers/visudo.c:979
+#, c-format
+msgid "unable to lock %s"
+msgstr "无法锁定 %s"
+
+#: plugins/sudoers/visudo.c:980
+msgid "Edit anyway? [y/N]"
+msgstr "仍然编辑？[y/N]"
+
+#: plugins/sudoers/visudo.c:1064
+#, c-format
+msgid "Error: %s:%d cycle in %s \"%s\""
+msgstr "错误：%s:%d 在 %s “%s”中循环"
+
+#: plugins/sudoers/visudo.c:1065
+#, c-format
+msgid "Warning: %s:%d cycle in %s \"%s\""
+msgstr "警告：%s:%d 在 %s “%s”中循环"
+
+#: plugins/sudoers/visudo.c:1069
+#, c-format
+msgid "Error: %s:%d %s \"%s\" referenced but not defined"
+msgstr "错误：%s:%d 引用了 %s “%s”但尚未定义"
+
+#: plugins/sudoers/visudo.c:1070
+#, c-format
+msgid "Warning: %s:%d %s \"%s\" referenced but not defined"
+msgstr "警告：%s:%d 引用了 %s “%s”但尚未定义"
+
+#: plugins/sudoers/visudo.c:1161
+#, c-format
+msgid "Warning: %s:%d unused %s \"%s\""
+msgstr "警告：%s:%d 未使用的 %s “%s”"
+
+#: plugins/sudoers/visudo.c:1276
+#, c-format
+msgid ""
+"%s - safely edit the sudoers file\n"
+"\n"
+msgstr ""
+"%s - 安全地编辑 sudoers 文件\n"
+"\n"
+
+#: plugins/sudoers/visudo.c:1278
+msgid ""
+"\n"
+"Options:\n"
+"  -c, --check              check-only mode\n"
+"  -f, --file=sudoers       specify sudoers file location\n"
+"  -h, --help               display help message and exit\n"
+"  -q, --quiet              less verbose (quiet) syntax error messages\n"
+"  -s, --strict             strict syntax checking\n"
+"  -V, --version            display version information and exit\n"
+msgstr ""
+"\n"
+"选项：\n"
+"  -c, --check            纯检查模式\n"
+"  -f, --file=sudoers     指定 sudoers 文件的位置\n"
+"  -h, --help             显示帮助信息并退出\n"
+"  -q, --quiet            较简略(安静)的语法错误信息\n"
+"  -s, --strict           严格语法检查\n"
+"  -V, --version          显示版本信息并退出\n"
+
+#: toke.l:939
+msgid "too many levels of includes"
+msgstr "include 嵌套层数过多"
+
+#~ msgid ""
+#~ "\n"
+#~ "LDAP Role: UNKNOWN\n"
+#~ msgstr ""
+#~ "\n"
+#~ "LDAP 角色：未知\n"
+
+#~ msgid "    Order: %s\n"
+#~ msgstr "    顺序：%s\n"
+
+#~ msgid ""
+#~ "\n"
+#~ "SSSD Role: %s\n"
+#~ msgstr ""
+#~ "\n"
+#~ "SSSD 角色：%s\n"
+
+#~ msgid ""
+#~ "\n"
+#~ "SSSD Role: UNKNOWN\n"
+#~ msgstr ""
+#~ "\n"
+#~ "SSSD 角色：未知\n"
+
+#~ msgid "Warning: cycle in %s `%s'"
+#~ msgstr "警告：在 %s “%s”中循环"
+
+#~ msgid "Warning: %s `%s' referenced but not defined"
+#~ msgstr "警告：引用了 %s “%s”但尚未定义"
+
+#~ msgid "Warning: unused %s `%s'"
+#~ msgstr "警告：%s “%s”未使用"
+
+#~ msgid "unable allocate memory"
+#~ msgstr "无法分配内存"
+
+#~ msgid "timestamp path too long: %s/%s"
+#~ msgstr "时间戳路径过长：%s/%s"
+
+#~ msgid "unable to stat editor (%s)"
+#~ msgstr "无法 stat 编辑器(%s)"
+
+#~ msgid "sudo_ldap_conf_add_ports: out of space expanding hostbuf"
+#~ msgstr "sudo_ldap_conf_add_ports：扩展主机缓存时空间不足"
+
+#~ msgid "sudo_ldap_parse_uri: out of space building hostbuf"
+#~ msgstr "sudo_ldap_parse_uri：构建主机缓存时空间不足"
+
+#~ msgid "sudo_ldap_build_pass1 allocation mismatch"
+#~ msgstr "sudo_ldap_build_pass1 分配不匹配"
+
+#~ msgid "Password:"
+#~ msgstr "密码："
+
+#~ msgid "internal error: insufficient space for log line"
+#~ msgstr "内部错误：没有足够的空间存放日志行"
+
+#~ msgid "fill_args: buffer overflow"
+#~ msgstr "fill_args：缓存溢出"
+
+#~ msgid "%s owned by uid %u, should be uid %u"
+#~ msgstr "%s 属于用户 ID %u，应为用户 ID %u"
+
+#~ msgid "%s writable by non-owner (0%o), should be mode 0700"
+#~ msgstr "%s 对非所有者可写(0%o)，模式应该为 0700"
+
+#~ msgid "%s exists but is not a regular file (0%o)"
+#~ msgstr "%s 存在，但不是常规文件(0%o)"
+
+#~ msgid "%s writable by non-owner (0%o), should be mode 0600"
+#~ msgstr "%s 对非所有者可写(0%o)，模式应该为 0600"
+
+#~ msgid "unable to remove %s, will reset to the Unix epoch"
+#~ msgstr "无法移除 %s ，将重设为 Unix 戳记"
+
+#~ msgid "unable to reset %s to the Unix epoch"
+#~ msgstr "无法将 %s 重设为 Unix 戳记"
+
+#~ msgid "value out of range"
+#~ msgstr "值超出范围"
+
+#~ msgid "invalid uri: %s"
+#~ msgstr "无效的 URI：%s"
+
+#~ msgid "unable to mix ldaps and starttls"
+#~ msgstr "无法混合 ldaps 和 starttls"
+
+#~ msgid "writing to standard output"
+#~ msgstr "写入标准输出"
+
+#~ msgid "too many parenthesized expressions, max %d"
+#~ msgstr "括号表达式过多，最多 %d"
+
+#~ msgid "unable to setup authentication"
+#~ msgstr "无法设置认证"
+
+#~ msgid "getaudit: failed"
+#~ msgstr "getaudit：失败"
+
+#~ msgid "getauid: failed"
+#~ msgstr "getauid：失败"
+
+#~ msgid "au_to_subject: failed"
+#~ msgstr "au_to_subject：失败"
+
+#~ msgid "au_to_exec_args: failed"
+#~ msgstr "au_to_exec_args：失败"
+
+#~ msgid "au_to_return32: failed"
+#~ msgstr "au_to_return32：失败"
+
+#~ msgid "au_to_text: failed"
+#~ msgstr "au_to_text：失败"
+
+#~ msgid "nanosleep: tv_sec %ld, tv_nsec %ld"
+#~ msgstr "nanosleep：tv_sec %ld，tv_nsec %ld"
+
+#~ msgid "pam_chauthtok: %s"
+#~ msgstr "pam_chauthtok：%s"
+
+#~ msgid "pam_authenticate: %s"
+#~ msgstr "pam_authenticate：%s"
+
+#~ msgid "getauid failed"
+#~ msgstr "getauid 失败"
+
+#~ msgid "Unable to dlopen %s: %s"
+#~ msgstr "无法执行 dlopen %s：%s"
+
+#~ msgid "invalid regex: %s"
+#~ msgstr "无效的正则表达式：%s"
+
+#~ msgid ">>> %s: %s near line %d <<<"
+#~ msgstr ">>> %s：%s 在行 %d 附近<<<"
+
+#~ msgid "unable to set locale to \"%s\", using \"C\""
+#~ msgstr "无法将区域设置为“%s”，将使用“C”"
+
+#~ msgid ""
+#~ "    Commands:\n"
+#~ "\t"
+#~ msgstr ""
+#~ "    命令：\n"
+#~ "\t"
+
+#~ msgid ": "
+#~ msgstr "："
+
+#~ msgid "unable to cache uid %u (%s), already exists"
+#~ msgstr "无法缓存用户 ID %u(%s)，已存在"
+
+#~ msgid "unable to cache gid %u (%s), already exists"
+#~ msgstr "无法缓存组 ID %u(%s)，已存在"
+
+#~ msgid "unable to execute %s: %s"
+#~ msgstr "无法执行 %s：%s"
+
+#~ msgid "internal error, expand_prompt() overflow"
+#~ msgstr "内部错误，expand_prompt() 溢出"
+
+#~ msgid "internal error, sudo_setenv2() overflow"
+#~ msgstr "内部错误，sudo_setenv2() 溢出"
+
+#~ msgid "internal error, sudo_setenv() overflow"
+#~ msgstr "内部错误，sudo_setenv()溢出"
+
+#~ msgid "internal error, linux_audit_command() overflow"
+#~ msgstr "内部错误，linux_audit_command() 溢出"
+
+#~ msgid "internal error, runas_groups overflow"
+#~ msgstr "内部错误，runas_groups 溢出"
+
+#~ msgid "internal error, init_vars() overflow"
+#~ msgstr "内部错误，init_vars() 溢出"
+
+#~ msgid "fixed mode on %s"
+#~ msgstr "对 %s 修正了模式"
+
+#~ msgid "set group on %s"
+#~ msgstr "对 %s 设置组"
+
+#~ msgid "unable to fix mode on %s"
+#~ msgstr "无法对 %s 修正模式"
+
+#~ msgid "%s is mode 0%o, should be 0%o"
+#~ msgstr "%s 的模式为 0%o，应为 0%o"
+
+#~ msgid "File containing dummy exec functions: %s"
+#~ msgstr "含有哑 exec 函数的文件：%s"
+
+#~ msgid ""
+#~ "Available options in a sudoers ``Defaults'' line:\n"
+#~ "\n"
+#~ msgstr ""
+#~ "sudoers 中“Defaults”行中的可用选项：\n"
+#~ "\n"
+
+#~ msgid "%s: %.*s\n"
+#~ msgstr "%s：%.*s\n"
+
+#~ msgid "unable to get runas group vector"
+#~ msgstr "无法获取 runas 组向量"
+
+#~ msgid "%s: %s_Alias `%s' references self"
+#~ msgstr "%s：%s_Alias “%s”引用了自己"
diff --git a/plugins/sudoers/policy.c b/plugins/sudoers/policy.c
new file mode 100644
index 0000000..09cf401
--- /dev/null
+++ b/plugins/sudoers/policy.c
@@ -0,0 +1,997 @@
+/*
+ * Copyright (c) 2010-2017 Todd C. Miller <Todd.Miller@sudo.ws>
+ *
+ * Permission to use, copy, modify, and distribute this software for any
+ * purpose with or without fee is hereby granted, provided that the above
+ * copyright notice and this permission notice appear in all copies.
+ *
+ * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
+ * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
+ * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
+ * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
+ * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
+ * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
+ * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
+ */
+
+/*
+ * This is an open source non-commercial project. Dear PVS-Studio, please check it.
+ * PVS-Studio Static Code Analyzer for C, C++ and C#: http://www.viva64.com
+ */
+
+#include <config.h>
+
+#include <sys/types.h>
+#include <sys/stat.h>
+#include <netinet/in.h>
+#include <stdio.h>
+#include <stdlib.h>
+#ifdef HAVE_STRING_H
+# include <string.h>
+#endif /* HAVE_STRING_H */
+#ifdef HAVE_STRINGS_H
+# include <strings.h>
+#endif /* HAVE_STRINGS_H */
+#include <unistd.h>
+#include <errno.h>
+#include <grp.h>
+#include <pwd.h>
+
+#include "sudoers.h"
+#include "sudoers_version.h"
+#include "interfaces.h"
+
+/*
+ * Info passed in from the sudo front-end.
+ */
+struct sudoers_policy_open_info {
+    char * const *settings;
+    char * const *user_info;
+    char * const *plugin_args;
+};
+
+/*
+ * Command execution args to be filled in: argv, envp and command info.
+ */
+struct sudoers_exec_args {
+    char ***argv;
+    char ***envp;
+    char ***info;
+};
+
+static unsigned int sudo_version;
+static const char *interfaces_string;
+sudo_conv_t sudo_conv;
+sudo_printf_t sudo_printf;
+const char *path_ldap_conf = _PATH_LDAP_CONF;
+const char *path_ldap_secret = _PATH_LDAP_SECRET;
+
+extern __dso_public struct policy_plugin sudoers_policy;
+
+#ifdef HAVE_BSD_AUTH_H
+extern char *login_style;
+#endif /* HAVE_BSD_AUTH_H */
+
+static int
+parse_bool(const char *line, int varlen, int *flags, int fval)
+{
+    debug_decl(parse_bool, SUDOERS_DEBUG_PLUGIN)
+
+    switch (sudo_strtobool(line + varlen + 1)) {
+    case true:
+	SET(*flags, fval);
+	debug_return_int(true);
+    case false:
+	CLR(*flags, fval);
+	debug_return_int(false);
+    default:
+	sudo_warn(U_("invalid %.*s set by sudo front-end"),
+	    varlen, line);
+	debug_return_int(-1);
+    }
+}
+
+/*
+ * Deserialize args, settings and user_info arrays.
+ * Fills in struct sudo_user and other common sudoers state.
+ */
+int
+sudoers_policy_deserialize_info(void *v, char **runas_user, char **runas_group)
+{
+    struct sudoers_policy_open_info *info = v;
+    char * const *cur;
+    const char *p, *errstr, *groups = NULL;
+    const char *remhost = NULL;
+    bool uid_set = false, gid_set = false;
+    int flags = 0;
+    debug_decl(sudoers_policy_deserialize_info, SUDOERS_DEBUG_PLUGIN)
+
+#define MATCHES(s, v)	\
+    (strncmp((s), (v), sizeof(v) - 1) == 0)
+
+#define CHECK(s, v) do {	\
+    if ((s)[sizeof(v) - 1] == '\0') { \
+	sudo_warn(U_("invalid %.*s set by sudo front-end"), \
+	    (int)(sizeof(v) - 2), v); \
+	goto bad; \
+    } \
+} while (0)
+
+    /* Parse sudo.conf plugin args. */
+    if (info->plugin_args != NULL) {
+	for (cur = info->plugin_args; *cur != NULL; cur++) {
+	    if (MATCHES(*cur, "sudoers_file=")) {
+		CHECK(*cur, "sudoers_file=");
+		sudoers_file = *cur + sizeof("sudoers_file=") - 1;
+		continue;
+	    }
+	    if (MATCHES(*cur, "sudoers_uid=")) {
+		p = *cur + sizeof("sudoers_uid=") - 1;
+		sudoers_uid = (uid_t) sudo_strtoid(p, NULL, NULL, &errstr);
+		if (errstr != NULL) {
+		    sudo_warnx(U_("%s: %s"), *cur, U_(errstr));
+		    goto bad;
+		}
+		continue;
+	    }
+	    if (MATCHES(*cur, "sudoers_gid=")) {
+		p = *cur + sizeof("sudoers_gid=") - 1;
+		sudoers_gid = (gid_t) sudo_strtoid(p, NULL, NULL, &errstr);
+		if (errstr != NULL) {
+		    sudo_warnx(U_("%s: %s"), *cur, U_(errstr));
+		    goto bad;
+		}
+		continue;
+	    }
+	    if (MATCHES(*cur, "sudoers_mode=")) {
+		p = *cur + sizeof("sudoers_mode=") - 1;
+		sudoers_mode = sudo_strtomode(p, &errstr);
+		if (errstr != NULL) {
+		    sudo_warnx(U_("%s: %s"), *cur, U_(errstr));
+		    goto bad;
+		}
+		continue;
+	    }
+	    if (MATCHES(*cur, "ldap_conf=")) {
+		CHECK(*cur, "ldap_conf=");
+		path_ldap_conf = *cur + sizeof("ldap_conf=") - 1;
+		continue;
+	    }
+	    if (MATCHES(*cur, "ldap_secret=")) {
+		CHECK(*cur, "ldap_secret=");
+		path_ldap_secret = *cur + sizeof("ldap_secret=") - 1;
+		continue;
+	    }
+	}
+    }
+
+    /* Parse command line settings. */
+    user_closefrom = -1;
+    for (cur = info->settings; *cur != NULL; cur++) {
+	if (MATCHES(*cur, "closefrom=")) {
+	    errno = 0;
+	    p = *cur + sizeof("closefrom=") - 1;
+	    user_closefrom = strtonum(p, 4, INT_MAX, &errstr);
+	    if (user_closefrom == 0) {
+		sudo_warnx(U_("%s: %s"), *cur, U_(errstr));
+		goto bad;
+	    }
+	    continue;
+	}
+	if (MATCHES(*cur, "runas_user=")) {
+	    CHECK(*cur, "runas_user=");
+	    *runas_user = *cur + sizeof("runas_user=") - 1;
+	    sudo_user.flags |= RUNAS_USER_SPECIFIED;
+	    continue;
+	}
+	if (MATCHES(*cur, "runas_group=")) {
+	    CHECK(*cur, "runas_group=");
+	    *runas_group = *cur + sizeof("runas_group=") - 1;
+	    sudo_user.flags |= RUNAS_GROUP_SPECIFIED;
+	    continue;
+	}
+	if (MATCHES(*cur, "prompt=")) {
+	    /* Allow epmpty prompt. */
+	    user_prompt = *cur + sizeof("prompt=") - 1;
+	    def_passprompt_override = true;
+	    continue;
+	}
+	if (MATCHES(*cur, "set_home=")) {
+	    if (parse_bool(*cur, sizeof("set_home") - 1, &flags,
+		MODE_RESET_HOME) == -1)
+		goto bad;
+	    continue;
+	}
+	if (MATCHES(*cur, "preserve_environment=")) {
+	    if (parse_bool(*cur, sizeof("preserve_environment") - 1, &flags,
+		MODE_PRESERVE_ENV) == -1)
+		goto bad;
+	    continue;
+	}
+	if (MATCHES(*cur, "run_shell=")) {
+	    if (parse_bool(*cur, sizeof("run_shell") -1, &flags,
+		MODE_SHELL) == -1)
+		goto bad;
+	    continue;
+	}
+	if (MATCHES(*cur, "login_shell=")) {
+	    if (parse_bool(*cur, sizeof("login_shell") - 1, &flags,
+		MODE_LOGIN_SHELL) == -1)
+		goto bad;
+	    continue;
+	}
+	if (MATCHES(*cur, "implied_shell=")) {
+	    if (parse_bool(*cur, sizeof("implied_shell") - 1, &flags,
+		MODE_IMPLIED_SHELL) == -1)
+		goto bad;
+	    continue;
+	}
+	if (MATCHES(*cur, "preserve_groups=")) {
+	    if (parse_bool(*cur, sizeof("preserve_groups") - 1, &flags,
+		MODE_PRESERVE_GROUPS) == -1)
+		goto bad;
+	    continue;
+	}
+	if (MATCHES(*cur, "ignore_ticket=")) {
+	    if (parse_bool(*cur, sizeof("ignore_ticket") -1, &flags,
+		MODE_IGNORE_TICKET) == -1)
+		goto bad;
+	    continue;
+	}
+	if (MATCHES(*cur, "noninteractive=")) {
+	    if (parse_bool(*cur, sizeof("noninteractive") - 1, &flags,
+		MODE_NONINTERACTIVE) == -1)
+		goto bad;
+	    continue;
+	}
+	if (MATCHES(*cur, "sudoedit=")) {
+	    if (parse_bool(*cur, sizeof("sudoedit") - 1, &flags,
+		MODE_EDIT) == -1)
+		goto bad;
+	    continue;
+	}
+	if (MATCHES(*cur, "login_class=")) {
+	    CHECK(*cur, "login_class=");
+	    login_class = *cur + sizeof("login_class=") - 1;
+	    def_use_loginclass = true;
+	    continue;
+	}
+#ifdef HAVE_PRIV_SET
+	if (MATCHES(*cur, "runas_privs=")) {
+	    CHECK(*cur, "runas_privs=");
+	    def_privs = *cur + sizeof("runas_privs=") - 1;
+	    continue;
+	}
+	if (MATCHES(*cur, "runas_limitprivs=")) {
+	    CHECK(*cur, "runas_limitprivs=");
+	    def_limitprivs = *cur + sizeof("runas_limitprivs=") - 1;
+	    continue;
+	}
+#endif /* HAVE_PRIV_SET */
+#ifdef HAVE_SELINUX
+	if (MATCHES(*cur, "selinux_role=")) {
+	    CHECK(*cur, "selinux_role=");
+	    user_role = *cur + sizeof("selinux_role=") - 1;
+	    continue;
+	}
+	if (MATCHES(*cur, "selinux_type=")) {
+	    CHECK(*cur, "selinux_type=");
+	    user_type = *cur + sizeof("selinux_type=") - 1;
+	    continue;
+	}
+#endif /* HAVE_SELINUX */
+#ifdef HAVE_BSD_AUTH_H
+	if (MATCHES(*cur, "bsdauth_type=")) {
+	    CHECK(*cur, "login_style=");
+	    login_style = *cur + sizeof("bsdauth_type=") - 1;
+	    continue;
+	}
+#endif /* HAVE_BSD_AUTH_H */
+	if (MATCHES(*cur, "network_addrs=")) {
+	    interfaces_string = *cur + sizeof("network_addrs=") - 1;
+	    if (!set_interfaces(interfaces_string)) {
+		sudo_warn(U_("unable to parse network address list"));
+		goto bad;
+	    }
+	    continue;
+	}
+	if (MATCHES(*cur, "max_groups=")) {
+	    errno = 0;
+	    p = *cur + sizeof("max_groups=") - 1;
+	    sudo_user.max_groups = strtonum(p, 1, INT_MAX, &errstr);
+	    if (sudo_user.max_groups == 0) {
+		sudo_warnx(U_("%s: %s"), *cur, U_(errstr));
+		goto bad;
+	    }
+	    continue;
+	}
+	if (MATCHES(*cur, "remote_host=")) {
+	    CHECK(*cur, "remote_host=");
+	    remhost = *cur + sizeof("remote_host=") - 1;
+	    continue;
+	}
+	if (MATCHES(*cur, "timeout=")) {
+	    p = *cur + sizeof("timeout=") - 1;
+	    user_timeout = parse_timeout(p);
+	    if (user_timeout == -1) {
+		if (errno == ERANGE)
+		    sudo_warnx(U_("%s: %s"), p, U_("timeout value too large"));
+		else
+		    sudo_warnx(U_("%s: %s"), p, U_("invalid timeout value"));
+		goto bad;
+	    }
+	    continue;
+	}
+#ifdef ENABLE_SUDO_PLUGIN_API
+	if (MATCHES(*cur, "plugin_dir=")) {
+	    CHECK(*cur, "plugin_dir=");
+	    path_plugin_dir = *cur + sizeof("plugin_dir=") - 1;
+	    continue;
+	}
+#endif
+    }
+
+    user_umask = (mode_t)-1;
+    for (cur = info->user_info; *cur != NULL; cur++) {
+	if (MATCHES(*cur, "user=")) {
+	    CHECK(*cur, "user=");
+	    if ((user_name = strdup(*cur + sizeof("user=") - 1)) == NULL)
+		goto oom;
+	    continue;
+	}
+	if (MATCHES(*cur, "uid=")) {
+	    p = *cur + sizeof("uid=") - 1;
+	    user_uid = (uid_t) sudo_strtoid(p, NULL, NULL, &errstr);
+	    if (errstr != NULL) {
+		sudo_warnx(U_("%s: %s"), *cur, U_(errstr));
+		goto bad;
+	    }
+	    uid_set = true;
+	    continue;
+	}
+	if (MATCHES(*cur, "gid=")) {
+	    p = *cur + sizeof("gid=") - 1;
+	    user_gid = (gid_t) sudo_strtoid(p, NULL, NULL, &errstr);
+	    if (errstr != NULL) {
+		sudo_warnx(U_("%s: %s"), *cur, U_(errstr));
+		goto bad;
+	    }
+	    gid_set = true;
+	    continue;
+	}
+	if (MATCHES(*cur, "groups=")) {
+	    CHECK(*cur, "groups=");
+	    groups = *cur + sizeof("groups=") - 1;
+	    continue;
+	}
+	if (MATCHES(*cur, "cwd=")) {
+	    CHECK(*cur, "cwd=");
+	    if ((user_cwd = strdup(*cur + sizeof("cwd=") - 1)) == NULL)
+		goto oom;
+	    continue;
+	}
+	if (MATCHES(*cur, "tty=")) {
+	    CHECK(*cur, "tty=");
+	    if ((user_ttypath = strdup(*cur + sizeof("tty=") - 1)) == NULL)
+		goto oom;
+	    user_tty = user_ttypath;
+	    if (strncmp(user_tty, _PATH_DEV, sizeof(_PATH_DEV) - 1) == 0)
+		user_tty += sizeof(_PATH_DEV) - 1;
+	    continue;
+	}
+	if (MATCHES(*cur, "host=")) {
+	    CHECK(*cur, "host=");
+	    if ((user_host = strdup(*cur + sizeof("host=") - 1)) == NULL)
+		goto oom;
+	    if ((p = strchr(user_host, '.')) != NULL) {
+		user_shost = strndup(user_host, (size_t)(p - user_host));
+		if (user_shost == NULL)
+		    goto oom;
+	    } else {
+		user_shost = user_host;
+	    }
+	    continue;
+	}
+	if (MATCHES(*cur, "lines=")) {
+	    errno = 0;
+	    p = *cur + sizeof("lines=") - 1;
+	    sudo_user.lines = strtonum(p, 1, INT_MAX, &errstr);
+	    if (sudo_user.lines == 0) {
+		sudo_warnx(U_("%s: %s"), *cur, U_(errstr));
+		goto bad;
+	    }
+	    continue;
+	}
+	if (MATCHES(*cur, "cols=")) {
+	    errno = 0;
+	    p = *cur + sizeof("cols=") - 1;
+	    sudo_user.cols = strtonum(p, 1, INT_MAX, &errstr);
+	    if (sudo_user.cols == 0) {
+		sudo_warnx(U_("%s: %s"), *cur, U_(errstr));
+		goto bad;
+	    }
+	    continue;
+	}
+	if (MATCHES(*cur, "sid=")) {
+	    p = *cur + sizeof("sid=") - 1;
+	    user_sid = (pid_t) sudo_strtoid(p, NULL, NULL, &errstr);
+	    if (errstr != NULL) {
+		sudo_warnx(U_("%s: %s"), *cur, U_(errstr));
+		goto bad;
+	    }
+	    continue;
+	}
+	if (MATCHES(*cur, "umask=")) {
+	    p = *cur + sizeof("umask=") - 1;
+	    sudo_user.umask = sudo_strtomode(p, &errstr);
+	    if (errstr != NULL) {
+		sudo_warnx(U_("%s: %s"), *cur, U_(errstr));
+		goto bad;
+	    }
+	    continue;
+	}
+    }
+
+    /* User name, user ID, group ID and host name must be specified. */
+    if (user_name == NULL) {
+	sudo_warnx(U_("user name not set by sudo front-end"));
+	goto bad;
+    }
+    if (!uid_set) {
+	sudo_warnx(U_("user ID not set by sudo front-end"));
+	goto bad;
+    }
+    if (!gid_set) {
+	sudo_warnx(U_("group ID not set by sudo front-end"));
+	goto bad;
+    }
+    if (user_host == NULL) {
+	sudo_warnx(U_("host name not set by sudo front-end"));
+	goto bad;
+    }
+
+    if ((user_runhost = strdup(remhost ? remhost : user_host)) == NULL)
+	goto oom;
+    if ((p = strchr(user_runhost, '.')) != NULL) {
+	user_srunhost = strndup(user_runhost, (size_t)(p - user_runhost));
+	if (user_srunhost == NULL)
+	    goto oom;
+    } else {
+	user_srunhost = user_runhost;
+    }
+    if (user_cwd == NULL) {
+	if ((user_cwd = strdup("unknown")) == NULL)
+	    goto oom;
+    }
+    if (user_tty == NULL) {
+	if ((user_tty = strdup("unknown")) == NULL)
+	    goto oom;
+	/* user_ttypath remains NULL */
+    }
+
+    if (groups != NULL) {
+	/* sudo_parse_gids() will print a warning on error. */
+	user_ngids = sudo_parse_gids(groups, &user_gid, &user_gids);
+	if (user_ngids == -1)
+	    goto bad;
+    }
+
+    /* umask is only set in user_info[] for API 1.10 and above. */
+    if (user_umask == (mode_t)-1) {
+	user_umask = umask(0);
+	umask(user_umask);
+    }
+
+    /* Always reset the environment for a login shell. */
+    if (ISSET(flags, MODE_LOGIN_SHELL))
+	def_env_reset = true;
+
+    /* Some systems support fexecve() which we use for digest matches. */
+    cmnd_fd = -1;
+
+    /* Dump settings and user info (XXX - plugin args) */
+    for (cur = info->settings; *cur != NULL; cur++)
+	sudo_debug_printf(SUDO_DEBUG_INFO, "settings: %s", *cur);
+    for (cur = info->user_info; *cur != NULL; cur++)
+	sudo_debug_printf(SUDO_DEBUG_INFO, "user_info: %s", *cur);
+
+#undef MATCHES
+    debug_return_int(flags);
+
+oom:
+    sudo_warnx(U_("%s: %s"), __func__, U_("unable to allocate memory"));
+bad:
+    debug_return_int(MODE_ERROR);
+}
+
+/*
+ * Setup the execution environment.
+ * Builds up the command_info list and sets argv and envp.
+ * Consumes iolog_path if not NULL.
+ * Returns 1 on success and -1 on error.
+ */
+int
+sudoers_policy_exec_setup(char *argv[], char *envp[], mode_t cmnd_umask,
+    char *iolog_path, void *v)
+{
+    struct sudoers_exec_args *exec_args = v;
+    char **command_info;
+    int info_len = 0;
+    debug_decl(sudoers_policy_exec_setup, SUDOERS_DEBUG_PLUGIN)
+
+    /* Increase the length of command_info as needed, it is *not* checked. */
+    command_info = calloc(48, sizeof(char *));
+    if (command_info == NULL)
+	goto oom;
+
+    command_info[info_len] = sudo_new_key_val("command", safe_cmnd);
+    if (command_info[info_len++] == NULL)
+	goto oom;
+    if (def_log_input || def_log_output) {
+	if (iolog_path)
+	    command_info[info_len++] = iolog_path;	/* now owned */
+	if (def_log_input) {
+	    if ((command_info[info_len++] = strdup("iolog_stdin=true")) == NULL)
+		goto oom;
+	    if ((command_info[info_len++] = strdup("iolog_ttyin=true")) == NULL)
+		goto oom;
+	}
+	if (def_log_output) {
+	    if ((command_info[info_len++] = strdup("iolog_stdout=true")) == NULL)
+		goto oom;
+	    if ((command_info[info_len++] = strdup("iolog_stderr=true")) == NULL)
+		goto oom;
+	    if ((command_info[info_len++] = strdup("iolog_ttyout=true")) == NULL)
+		goto oom;
+	}
+	if (def_compress_io) {
+	    if ((command_info[info_len++] = strdup("iolog_compress=true")) == NULL)
+		goto oom;
+	}
+	if (def_maxseq) {
+	    if (asprintf(&command_info[info_len++], "maxseq=%u", def_maxseq) == -1)
+		goto oom;
+	}
+    }
+    if (ISSET(sudo_mode, MODE_EDIT)) {
+	if ((command_info[info_len++] = strdup("sudoedit=true")) == NULL)
+	    goto oom;
+	if (!def_sudoedit_checkdir) {
+	    if ((command_info[info_len++] = strdup("sudoedit_checkdir=false")) == NULL)
+		goto oom;
+	}
+	if (def_sudoedit_follow) {
+	    if ((command_info[info_len++] = strdup("sudoedit_follow=true")) == NULL)
+		goto oom;
+	}
+    }
+    if (ISSET(sudo_mode, MODE_LOGIN_SHELL)) {
+	/* Set cwd to run user's homedir. */
+	if ((command_info[info_len++] = sudo_new_key_val("cwd", runas_pw->pw_dir)) == NULL)
+	    goto oom;
+    }
+    if (def_stay_setuid) {
+	if (asprintf(&command_info[info_len++], "runas_uid=%u",
+	    (unsigned int)user_uid) == -1)
+	    goto oom;
+	if (asprintf(&command_info[info_len++], "runas_gid=%u",
+	    (unsigned int)user_gid) == -1)
+	    goto oom;
+	if (asprintf(&command_info[info_len++], "runas_euid=%u",
+	    (unsigned int)runas_pw->pw_uid) == -1)
+	    goto oom;
+	if (asprintf(&command_info[info_len++], "runas_egid=%u",
+	    runas_gr ? (unsigned int)runas_gr->gr_gid :
+	    (unsigned int)runas_pw->pw_gid) == -1)
+	    goto oom;
+    } else {
+	if (asprintf(&command_info[info_len++], "runas_uid=%u",
+	    (unsigned int)runas_pw->pw_uid) == -1)
+	    goto oom;
+	if (asprintf(&command_info[info_len++], "runas_gid=%u",
+	    runas_gr ? (unsigned int)runas_gr->gr_gid :
+	    (unsigned int)runas_pw->pw_gid) == -1)
+	    goto oom;
+    }
+    if (def_preserve_groups) {
+	if ((command_info[info_len++] = strdup("preserve_groups=true")) == NULL)
+	    goto oom;
+    } else {
+	int i, len;
+	gid_t egid;
+	size_t glsize;
+	char *cp, *gid_list;
+	struct gid_list *gidlist;
+
+	/* Only use results from a group db query, not the front end. */
+	gidlist = sudo_get_gidlist(runas_pw, ENTRY_TYPE_QUERIED);
+
+	/* We reserve an extra spot in the list for the effective gid. */
+	glsize = sizeof("runas_groups=") - 1 +
+	    ((gidlist->ngids + 1) * (MAX_UID_T_LEN + 1));
+	gid_list = malloc(glsize);
+	if (gid_list == NULL)
+	    goto oom;
+	memcpy(gid_list, "runas_groups=", sizeof("runas_groups=") - 1);
+	cp = gid_list + sizeof("runas_groups=") - 1;
+
+	/* On BSD systems the effective gid is the first group in the list. */
+	egid = runas_gr ? (unsigned int)runas_gr->gr_gid :
+	    (unsigned int)runas_pw->pw_gid;
+	len = snprintf(cp, glsize - (cp - gid_list), "%u", (unsigned int)egid);
+	if (len < 0 || (size_t)len >= glsize - (cp - gid_list)) {
+	    sudo_warnx(U_("internal error, %s overflow"), __func__);
+	    free(gid_list);
+	    goto bad;
+	}
+	cp += len;
+	for (i = 0; i < gidlist->ngids; i++) {
+	    if (gidlist->gids[i] != egid) {
+		len = snprintf(cp, glsize - (cp - gid_list), ",%u",
+		     (unsigned int) gidlist->gids[i]);
+		if (len < 0 || (size_t)len >= glsize - (cp - gid_list)) {
+		    sudo_warnx(U_("internal error, %s overflow"), __func__);
+		    free(gid_list);
+		    goto bad;
+		}
+		cp += len;
+	    }
+	}
+	command_info[info_len++] = gid_list;
+	sudo_gidlist_delref(gidlist);
+    }
+    if (def_closefrom >= 0) {
+	if (asprintf(&command_info[info_len++], "closefrom=%d", def_closefrom) == -1)
+	    goto oom;
+    }
+    if (def_ignore_iolog_errors) {
+	if ((command_info[info_len++] = strdup("ignore_iolog_errors=true")) == NULL)
+	    goto oom;
+    }
+    if (def_noexec) {
+	if ((command_info[info_len++] = strdup("noexec=true")) == NULL)
+	    goto oom;
+    }
+    if (def_exec_background) {
+	if ((command_info[info_len++] = strdup("exec_background=true")) == NULL)
+	    goto oom;
+    }
+    if (def_set_utmp) {
+	if ((command_info[info_len++] = strdup("set_utmp=true")) == NULL)
+	    goto oom;
+    }
+    if (def_use_pty) {
+	if ((command_info[info_len++] = strdup("use_pty=true")) == NULL)
+	    goto oom;
+    }
+    if (def_utmp_runas) {
+	if ((command_info[info_len++] = sudo_new_key_val("utmp_user", runas_pw->pw_name)) == NULL)
+	    goto oom;
+    }
+    if (def_iolog_mode != (S_IRUSR|S_IWUSR)) {
+	if (asprintf(&command_info[info_len++], "iolog_mode=0%o", (unsigned int)def_iolog_mode) == -1)
+	    goto oom;
+    }
+    if (def_iolog_user != NULL) {
+	if ((command_info[info_len++] = sudo_new_key_val("iolog_user", def_iolog_user)) == NULL)
+	    goto oom;
+    }
+    if (def_iolog_group != NULL) {
+	if ((command_info[info_len++] = sudo_new_key_val("iolog_group", def_iolog_group)) == NULL)
+	    goto oom;
+    }
+    if (def_command_timeout > 0 || user_timeout > 0) {
+	int timeout = user_timeout;
+	if (timeout == 0 || def_command_timeout < timeout)
+	    timeout = def_command_timeout;
+	if (asprintf(&command_info[info_len++], "timeout=%u", timeout) == -1)
+	    goto oom;
+    }
+    if (cmnd_umask != ACCESSPERMS) {
+	if (asprintf(&command_info[info_len++], "umask=0%o", (unsigned int)cmnd_umask) == -1)
+	    goto oom;
+    }
+    if (cmnd_fd != -1) {
+	if (sudo_version < SUDO_API_MKVERSION(1, 9)) {
+	    /* execfd only supported by plugin API 1.9 and higher */
+	    close(cmnd_fd);
+	    cmnd_fd = -1;
+	} else {
+	    if (asprintf(&command_info[info_len++], "execfd=%d", cmnd_fd) == -1)
+		goto oom;
+	}
+    }
+#ifdef HAVE_LOGIN_CAP_H
+    if (def_use_loginclass) {
+	if ((command_info[info_len++] = sudo_new_key_val("login_class", login_class)) == NULL)
+	    goto oom;
+    }
+#endif /* HAVE_LOGIN_CAP_H */
+#ifdef HAVE_SELINUX
+    if (user_role != NULL) {
+	if ((command_info[info_len++] = sudo_new_key_val("selinux_role", user_role)) == NULL)
+	    goto oom;
+    }
+    if (user_type != NULL) {
+	if ((command_info[info_len++] = sudo_new_key_val("selinux_type", user_type)) == NULL)
+	    goto oom;
+    }
+#endif /* HAVE_SELINUX */
+#ifdef HAVE_PRIV_SET
+    if (runas_privs != NULL) {
+	if ((command_info[info_len++] = sudo_new_key_val("runas_privs", runas_privs)) == NULL)
+	    goto oom;
+    }
+    if (runas_limitprivs != NULL) {
+	if ((command_info[info_len++] = sudo_new_key_val("runas_limitprivs", runas_limitprivs)) == NULL)
+	    goto oom;
+    }
+#endif /* HAVE_SELINUX */
+
+    /* Free on exit; they are not available in the close function. */
+    sudoers_gc_add(GC_VECTOR, argv);
+    sudoers_gc_add(GC_VECTOR, envp);
+    sudoers_gc_add(GC_VECTOR, command_info);
+
+    /* Fill in exec environment info. */
+    *(exec_args->argv) = argv;
+    *(exec_args->envp) = envp;
+    *(exec_args->info) = command_info;
+
+    debug_return_int(true);
+
+oom:
+    sudo_warnx(U_("%s: %s"), __func__, U_("unable to allocate memory"));
+bad:
+    while (info_len--)
+	free(command_info[info_len]);
+    free(command_info);
+    debug_return_int(-1);
+}
+
+static int
+sudoers_policy_open(unsigned int version, sudo_conv_t conversation,
+    sudo_printf_t plugin_printf, char * const settings[],
+    char * const user_info[], char * const envp[], char * const args[])
+{
+    struct sudo_conf_debug_file_list debug_files = TAILQ_HEAD_INITIALIZER(debug_files);
+    struct sudoers_policy_open_info info;
+    const char *cp, *plugin_path = NULL;
+    char * const *cur;
+    debug_decl(sudoers_policy_open, SUDOERS_DEBUG_PLUGIN)
+
+    sudo_version = version;
+    sudo_conv = conversation;
+    sudo_printf = plugin_printf;
+
+    /* Plugin args are only specified for API version 1.2 and higher. */
+    if (sudo_version < SUDO_API_MKVERSION(1, 2))
+	args = NULL;
+
+    /* Initialize the debug subsystem.  */
+    for (cur = settings; (cp = *cur) != NULL; cur++) {
+	if (strncmp(cp, "debug_flags=", sizeof("debug_flags=") - 1) == 0) {
+	    cp += sizeof("debug_flags=") - 1;
+	    if (!sudoers_debug_parse_flags(&debug_files, cp))
+		debug_return_int(-1);
+	    continue;
+	}
+	if (strncmp(cp, "plugin_path=", sizeof("plugin_path=") - 1) == 0) {
+	    plugin_path = cp + sizeof("plugin_path=") - 1;
+	    continue;
+	}
+    }
+    if (!sudoers_debug_register(plugin_path, &debug_files))
+	debug_return_int(-1);
+
+    /* Call the sudoers init function. */
+    info.settings = settings;
+    info.user_info = user_info;
+    info.plugin_args = args;
+    debug_return_int(sudoers_policy_init(&info, envp));
+}
+
+static void
+sudoers_policy_close(int exit_status, int error_code)
+{
+    debug_decl(sudoers_policy_close, SUDOERS_DEBUG_PLUGIN)
+
+    /* We do not currently log the exit status. */
+    if (error_code) {
+	errno = error_code;
+	sudo_warn(U_("unable to execute %s"), safe_cmnd);
+    }
+
+    /* Close the session we opened in sudoers_policy_init_session(). */
+    if (ISSET(sudo_mode, MODE_RUN|MODE_EDIT))
+	(void)sudo_auth_end_session(runas_pw);
+
+    /* Deregister the callback for sudo_fatal()/sudo_fatalx(). */
+    sudo_fatal_callback_deregister(sudoers_cleanup);
+
+    /* Free remaining references to password and group entries. */
+    /* XXX - move cleanup to function in sudoers.c */
+    sudo_pw_delref(sudo_user.pw);
+    sudo_user.pw = NULL;
+    sudo_pw_delref(runas_pw);
+    runas_pw = NULL;
+    if (runas_gr != NULL) {
+	sudo_gr_delref(runas_gr);
+	runas_gr = NULL;
+    }
+    if (user_gid_list != NULL) {
+	sudo_gidlist_delref(user_gid_list);
+	user_gid_list = NULL;
+    }
+    free(user_gids);
+    user_gids = NULL;
+
+    sudoers_debug_deregister();
+
+    return;
+}
+
+/*
+ * The init_session function is called before executing the command
+ * and before uid/gid changes occur.
+ * Returns 1 on success, 0 on failure and -1 on error.
+ */
+static int
+sudoers_policy_init_session(struct passwd *pwd, char **user_env[])
+{
+    debug_decl(sudoers_policy_init_session, SUDOERS_DEBUG_PLUGIN)
+
+    /* user_env is only specified for API version 1.2 and higher. */
+    if (sudo_version < SUDO_API_MKVERSION(1, 2))
+	user_env = NULL;
+
+    debug_return_int(sudo_auth_begin_session(pwd, user_env));
+}
+
+static int
+sudoers_policy_check(int argc, char * const argv[], char *env_add[],
+    char **command_infop[], char **argv_out[], char **user_env_out[])
+{
+    struct sudoers_exec_args exec_args;
+    int ret;
+    debug_decl(sudoers_policy_check, SUDOERS_DEBUG_PLUGIN)
+
+    if (!ISSET(sudo_mode, MODE_EDIT))
+	SET(sudo_mode, MODE_RUN);
+
+    exec_args.argv = argv_out;
+    exec_args.envp = user_env_out;
+    exec_args.info = command_infop;
+
+    ret = sudoers_policy_main(argc, argv, 0, env_add, false, &exec_args);
+    if (ret == true && sudo_version >= SUDO_API_MKVERSION(1, 3)) {
+	/* Unset close function if we don't need it to avoid extra process. */
+	if (!def_log_input && !def_log_output && !def_use_pty &&
+	    !sudo_auth_needs_end_session())
+	    sudoers_policy.close = NULL;
+    }
+    debug_return_int(ret);
+}
+
+static int
+sudoers_policy_validate(void)
+{
+    debug_decl(sudoers_policy_validate, SUDOERS_DEBUG_PLUGIN)
+
+    user_cmnd = "validate";
+    SET(sudo_mode, MODE_VALIDATE);
+
+    debug_return_int(sudoers_policy_main(0, NULL, I_VERIFYPW, NULL, false, NULL));
+}
+
+static void
+sudoers_policy_invalidate(int remove)
+{
+    debug_decl(sudoers_policy_invalidate, SUDOERS_DEBUG_PLUGIN)
+
+    user_cmnd = "kill";
+    /* XXX - plugin API should support a return value for fatal errors. */
+    timestamp_remove(remove);
+    sudoers_cleanup();
+
+    debug_return;
+}
+
+static int
+sudoers_policy_list(int argc, char * const argv[], int verbose,
+    const char *list_user)
+{
+    int ret;
+    debug_decl(sudoers_policy_list, SUDOERS_DEBUG_PLUGIN)
+
+    user_cmnd = "list";
+    if (argc)
+	SET(sudo_mode, MODE_CHECK);
+    else
+	SET(sudo_mode, MODE_LIST);
+    if (list_user) {
+	list_pw = sudo_getpwnam(list_user);
+	if (list_pw == NULL) {
+	    sudo_warnx(U_("unknown user: %s"), list_user);
+	    debug_return_int(-1);
+	}
+    }
+    ret = sudoers_policy_main(argc, argv, I_LISTPW, NULL, verbose, NULL);
+    if (list_user) {
+	sudo_pw_delref(list_pw);
+	list_pw = NULL;
+    }
+
+    debug_return_int(ret);
+}
+
+static int
+sudoers_policy_version(int verbose)
+{
+    debug_decl(sudoers_policy_version, SUDOERS_DEBUG_PLUGIN)
+
+    sudo_printf(SUDO_CONV_INFO_MSG, _("Sudoers policy plugin version %s\n"),
+	PACKAGE_VERSION);
+    sudo_printf(SUDO_CONV_INFO_MSG, _("Sudoers file grammar version %d\n"),
+	SUDOERS_GRAMMAR_VERSION);
+
+    if (verbose) {
+	sudo_printf(SUDO_CONV_INFO_MSG, _("\nSudoers path: %s\n"), sudoers_file);
+#ifdef HAVE_LDAP
+# ifdef _PATH_NSSWITCH_CONF
+	sudo_printf(SUDO_CONV_INFO_MSG, _("nsswitch path: %s\n"), _PATH_NSSWITCH_CONF);
+# endif
+	sudo_printf(SUDO_CONV_INFO_MSG, _("ldap.conf path: %s\n"), path_ldap_conf);
+	sudo_printf(SUDO_CONV_INFO_MSG, _("ldap.secret path: %s\n"), path_ldap_secret);
+#endif
+	dump_auth_methods();
+	dump_defaults();
+	sudo_printf(SUDO_CONV_INFO_MSG, "\n");
+	if (interfaces_string != NULL) {
+	    dump_interfaces(interfaces_string);
+	    sudo_printf(SUDO_CONV_INFO_MSG, "\n");
+	}
+    }
+    debug_return_int(true);
+}
+
+static struct sudo_hook sudoers_hooks[] = {
+    { SUDO_HOOK_VERSION, SUDO_HOOK_SETENV, sudoers_hook_setenv, NULL },
+    { SUDO_HOOK_VERSION, SUDO_HOOK_UNSETENV, sudoers_hook_unsetenv, NULL },
+    { SUDO_HOOK_VERSION, SUDO_HOOK_GETENV, sudoers_hook_getenv, NULL },
+    { SUDO_HOOK_VERSION, SUDO_HOOK_PUTENV, sudoers_hook_putenv, NULL },
+    { 0, 0, NULL, NULL }
+};
+
+/*
+ * Register environment function hooks.
+ * Note that we have not registered sudoers with the debug subsystem yet.
+ */
+static void
+sudoers_policy_register_hooks(int version, int (*register_hook)(struct sudo_hook *hook))
+{
+    struct sudo_hook *hook;
+
+    for (hook = sudoers_hooks; hook->hook_fn != NULL; hook++) {
+	if (register_hook(hook) != 0) {
+	    sudo_warn_nodebug(
+		U_("unable to register hook of type %d (version %d.%d)"),
+		hook->hook_type, SUDO_API_VERSION_GET_MAJOR(hook->hook_version),
+		SUDO_API_VERSION_GET_MINOR(hook->hook_version));
+	}
+    }
+}
+
+__dso_public struct policy_plugin sudoers_policy = {
+    SUDO_POLICY_PLUGIN,
+    SUDO_API_VERSION,
+    sudoers_policy_open,
+    sudoers_policy_close,
+    sudoers_policy_version,
+    sudoers_policy_check,
+    sudoers_policy_list,
+    sudoers_policy_validate,
+    sudoers_policy_invalidate,
+    sudoers_policy_init_session,
+    sudoers_policy_register_hooks
+};
diff --git a/plugins/sudoers/prompt.c b/plugins/sudoers/prompt.c
new file mode 100644
index 0000000..d79d7d5
--- /dev/null
+++ b/plugins/sudoers/prompt.c
@@ -0,0 +1,168 @@
+/*
+ * Copyright (c) 1993-1996,1998-2005, 2007-2015
+ *	Todd C. Miller <Todd.Miller@sudo.ws>
+ *
+ * Permission to use, copy, modify, and distribute this software for any
+ * purpose with or without fee is hereby granted, provided that the above
+ * copyright notice and this permission notice appear in all copies.
+ *
+ * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
+ * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
+ * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
+ * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
+ * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
+ * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
+ * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
+ *
+ * Sponsored in part by the Defense Advanced Research Projects
+ * Agency (DARPA) and Air Force Research Laboratory, Air Force
+ * Materiel Command, USAF, under agreement number F39502-99-1-0512.
+ */
+
+/*
+ * This is an open source non-commercial project. Dear PVS-Studio, please check it.
+ * PVS-Studio Static Code Analyzer for C, C++ and C#: http://www.viva64.com
+ */
+
+#include <config.h>
+
+#include <sys/types.h>
+#include <stdio.h>
+#include <stdlib.h>
+#ifdef HAVE_STRING_H
+# include <string.h>
+#endif /* HAVE_STRING_H */
+#ifdef HAVE_STRINGS_H
+# include <strings.h>
+#endif /* HAVE_STRINGS_H */
+#include <pwd.h>
+#include <grp.h>
+
+#include "sudoers.h"
+
+/*
+ * Expand %h and %u escapes (if present) in the prompt and pass back
+ * the dynamically allocated result.
+ */
+char *
+expand_prompt(const char *old_prompt, const char *auth_user)
+{
+    size_t len, n;
+    int subst;
+    const char *p;
+    char *np, *new_prompt, *endp;
+    debug_decl(expand_prompt, SUDOERS_DEBUG_AUTH)
+
+    /* How much space do we need to malloc for the prompt? */
+    subst = 0;
+    for (p = old_prompt, len = strlen(old_prompt); *p; p++) {
+	if (p[0] =='%') {
+	    switch (p[1]) {
+		case 'h':
+		    p++;
+		    len += strlen(user_shost) - 2;
+		    subst = 1;
+		    break;
+		case 'H':
+		    p++;
+		    len += strlen(user_host) - 2;
+		    subst = 1;
+		    break;
+		case 'p':
+		    p++;
+		    len += strlen(auth_user) - 2;
+		    subst = 1;
+		    break;
+		case 'u':
+		    p++;
+		    len += strlen(user_name) - 2;
+		    subst = 1;
+		    break;
+		case 'U':
+		    p++;
+		    len += strlen(runas_pw->pw_name) - 2;
+		    subst = 1;
+		    break;
+		case '%':
+		    p++;
+		    len--;
+		    subst = 1;
+		    break;
+		default:
+		    break;
+	    }
+	}
+    }
+
+    if ((new_prompt = malloc(++len)) == NULL) {
+	sudo_warnx(U_("%s: %s"), __func__, U_("unable to allocate memory"));
+	debug_return_str(NULL);
+    }
+
+    if (subst) {
+	endp = new_prompt + len;
+	for (p = old_prompt, np = new_prompt; *p; p++) {
+	    if (p[0] =='%') {
+		switch (p[1]) {
+		    case 'h':
+			p++;
+			n = strlcpy(np, user_shost, np - endp);
+			if (n >= (size_t)(np - endp))
+			    goto oflow;
+			np += n;
+			continue;
+		    case 'H':
+			p++;
+			n = strlcpy(np, user_host, np - endp);
+			if (n >= (size_t)(np - endp))
+			    goto oflow;
+			np += n;
+			continue;
+		    case 'p':
+			p++;
+			n = strlcpy(np, auth_user, np - endp);
+			if (n >= (size_t)(np - endp))
+				goto oflow;
+			np += n;
+			continue;
+		    case 'u':
+			p++;
+			n = strlcpy(np, user_name, np - endp);
+			if (n >= (size_t)(np - endp))
+			    goto oflow;
+			np += n;
+			continue;
+		    case 'U':
+			p++;
+			n = strlcpy(np,  runas_pw->pw_name, np - endp);
+			if (n >= (size_t)(np - endp))
+			    goto oflow;
+			np += n;
+			continue;
+		    case '%':
+			/* convert %% -> % */
+			p++;
+			break;
+		    default:
+			/* no conversion */
+			break;
+		}
+	    }
+	    *np++ = *p;
+	    if (np >= endp)
+		goto oflow;
+	}
+	*np = '\0';
+    } else {
+	/* Nothing to expand. */
+	memcpy(new_prompt, old_prompt, len);	/* len includes NUL */
+    }
+
+    debug_return_str(new_prompt);
+
+oflow:
+    /* We pre-allocate enough space, so this should never happen. */
+    free(new_prompt);
+    sudo_warnx(U_("internal error, %s overflow"), __func__);
+    debug_return_str(NULL);
+}
diff --git a/plugins/sudoers/pwutil.c b/plugins/sudoers/pwutil.c
new file mode 100644
index 0000000..ab60986
--- /dev/null
+++ b/plugins/sudoers/pwutil.c
@@ -0,0 +1,1107 @@
+/*
+ * Copyright (c) 1996, 1998-2005, 2007-2018
+ *	Todd C. Miller <Todd.Miller@sudo.ws>
+ *
+ * Permission to use, copy, modify, and distribute this software for any
+ * purpose with or without fee is hereby granted, provided that the above
+ * copyright notice and this permission notice appear in all copies.
+ *
+ * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
+ * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
+ * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
+ * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
+ * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
+ * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
+ * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
+ *
+ * Sponsored in part by the Defense Advanced Research Projects
+ * Agency (DARPA) and Air Force Research Laboratory, Air Force
+ * Materiel Command, USAF, under agreement number F39502-99-1-0512.
+ */
+
+/*
+ * This is an open source non-commercial project. Dear PVS-Studio, please check it.
+ * PVS-Studio Static Code Analyzer for C, C++ and C#: http://www.viva64.com
+ */
+
+#include <config.h>
+
+#include <sys/types.h>
+#include <stddef.h>
+#include <stdio.h>
+#include <stdlib.h>
+#include <stddef.h>
+#ifdef HAVE_STRING_H
+# include <string.h>
+#endif /* HAVE_STRING_H */
+#ifdef HAVE_STRINGS_H
+# include <strings.h>
+#endif /* HAVE_STRINGS_H */
+#include <unistd.h>
+#ifdef HAVE_SETAUTHDB
+# include <usersec.h>
+#endif /* HAVE_SETAUTHDB */
+#include <errno.h>
+#include <pwd.h>
+#include <grp.h>
+
+#include "sudoers.h"
+#include "redblack.h"
+#include "pwutil.h"
+
+/*
+ * The passwd and group caches.
+ */
+static struct rbtree *pwcache_byuid, *pwcache_byname;
+static struct rbtree *grcache_bygid, *grcache_byname;
+static struct rbtree *gidlist_cache, *grlist_cache;
+
+static int  cmp_pwuid(const void *, const void *);
+static int  cmp_pwnam(const void *, const void *);
+static int  cmp_grgid(const void *, const void *);
+
+/*
+ * Default functions for building cache items.
+ */
+static sudo_make_pwitem_t make_pwitem = sudo_make_pwitem;
+static sudo_make_gritem_t make_gritem = sudo_make_gritem;
+static sudo_make_gidlist_item_t make_gidlist_item = sudo_make_gidlist_item;
+static sudo_make_grlist_item_t make_grlist_item = sudo_make_grlist_item;
+
+#define cmp_grnam	cmp_pwnam
+
+/*
+ * AIX has the concept of authentication registries (files, NIS, LDAP, etc).
+ * This allows you to have separate ID <-> name mappings based on which
+ * authentication registries the user was looked up in.
+ * We store the registry as part of the key and use it when matching.
+ */
+#ifdef HAVE_SETAUTHDB
+# define getauthregistry(u, r)	aix_getauthregistry((u), (r))
+#else
+# define getauthregistry(u, r)	((r)[0] = '\0')
+#endif
+
+/*
+ * Change the default pwutil backend functions.
+ * The default functions query the password and group databases.
+ */
+void
+sudo_pwutil_set_backend(sudo_make_pwitem_t pwitem, sudo_make_gritem_t gritem,
+    sudo_make_gidlist_item_t gidlist_item, sudo_make_grlist_item_t grlist_item)
+{
+    debug_decl(sudo_pwutil_set_backend, SUDOERS_DEBUG_NSS)
+
+    make_pwitem = pwitem;
+    make_gritem = gritem;
+    make_gidlist_item = gidlist_item;
+    make_grlist_item = grlist_item;
+
+    debug_return;
+}
+
+/*
+ * Compare by user ID.
+ * v1 is the key to find or data to insert, v2 is in-tree data.
+ */
+static int
+cmp_pwuid(const void *v1, const void *v2)
+{
+    const struct cache_item *ci1 = (const struct cache_item *) v1;
+    const struct cache_item *ci2 = (const struct cache_item *) v2;
+    if (ci1->k.uid == ci2->k.uid)
+	return strcmp(ci1->registry, ci2->registry);
+    if (ci1->k.uid < ci2->k.uid)
+	return -1;
+    return 1;
+}
+
+/*
+ * Compare by user/group name.
+ * v1 is the key to find or data to insert, v2 is in-tree data.
+ */
+static int
+cmp_pwnam(const void *v1, const void *v2)
+{
+    const struct cache_item *ci1 = (const struct cache_item *) v1;
+    const struct cache_item *ci2 = (const struct cache_item *) v2;
+    int ret = strcmp(ci1->k.name, ci2->k.name);
+    if (ret == 0)
+	ret = strcmp(ci1->registry, ci2->registry);
+    return ret;
+}
+
+/*
+ * Compare by user name, taking into account the source type.
+ * Need to differentiate between group IDs received from the front-end
+ * (via getgroups()) and groups IDs queried from the group database.
+ * v1 is the key to find or data to insert, v2 is in-tree data.
+ */
+static int
+cmp_gidlist(const void *v1, const void *v2)
+{
+    const struct cache_item *ci1 = (const struct cache_item *) v1;
+    const struct cache_item *ci2 = (const struct cache_item *) v2;
+    int ret = strcmp(ci1->k.name, ci2->k.name);
+    if (ret == 0) {
+	if (ci1->type == ENTRY_TYPE_ANY || ci1->type == ci2->type)
+	    return strcmp(ci1->registry, ci2->registry);
+	if (ci1->type < ci2->type)
+	    return -1;
+	return 1;
+    }
+    return ret;
+}
+
+void
+sudo_pw_addref(struct passwd *pw)
+{
+    debug_decl(sudo_pw_addref, SUDOERS_DEBUG_NSS)
+    ptr_to_item(pw)->refcnt++;
+    debug_return;
+}
+
+static void
+sudo_pw_delref_item(void *v)
+{
+    struct cache_item *item = v;
+    debug_decl(sudo_pw_delref_item, SUDOERS_DEBUG_NSS)
+
+    if (--item->refcnt == 0)
+	free(item);
+
+    debug_return;
+}
+
+void
+sudo_pw_delref(struct passwd *pw)
+{
+    debug_decl(sudo_pw_delref, SUDOERS_DEBUG_NSS)
+    sudo_pw_delref_item(ptr_to_item(pw));
+    debug_return;
+}
+
+/*
+ * Get a password entry by uid and allocate space for it.
+ */
+struct passwd *
+sudo_getpwuid(uid_t uid)
+{
+    struct cache_item key, *item;
+    struct rbnode *node;
+    debug_decl(sudo_getpwuid, SUDOERS_DEBUG_NSS)
+
+    if (pwcache_byuid == NULL) {
+	pwcache_byuid = rbcreate(cmp_pwuid);
+	if (pwcache_byuid == NULL) {
+	    sudo_warnx(U_("%s: %s"), __func__, U_("unable to allocate memory"));
+	    debug_return_ptr(NULL);
+	}
+    }
+
+    key.k.uid = uid;
+    getauthregistry(IDtouser(uid), key.registry);
+    if ((node = rbfind(pwcache_byuid, &key)) != NULL) {
+	item = node->data;
+	goto done;
+    }
+    /*
+     * Cache passwd db entry if it exists or a negative response if not.
+     */
+#ifdef HAVE_SETAUTHDB
+    aix_setauthdb(IDtouser(uid), key.registry);
+#endif
+    item = make_pwitem(uid, NULL);
+#ifdef HAVE_SETAUTHDB
+    aix_restoreauthdb();
+#endif
+    if (item == NULL) {
+	if (errno != ENOENT || (item = calloc(1, sizeof(*item))) == NULL) {
+	    sudo_warnx(U_("unable to cache uid %u, out of memory"),
+		(unsigned int) uid);
+	    /* cppcheck-suppress memleak */
+	    debug_return_ptr(NULL);
+	}
+	item->refcnt = 1;
+	item->k.uid = uid;
+	/* item->d.pw = NULL; */
+    }
+    strlcpy(item->registry, key.registry, sizeof(item->registry));
+    switch (rbinsert(pwcache_byuid, item, NULL)) {
+    case 1:
+	/* should not happen */
+	sudo_warnx(U_("unable to cache uid %u, already exists"),
+	    (unsigned int) uid);
+	item->refcnt = 0;
+	break;
+    case -1:
+	/* can't cache item, just return it */
+	sudo_warnx(U_("unable to cache uid %u, out of memory"),
+	    (unsigned int) uid);
+	item->refcnt = 0;
+	break;
+    }
+done:
+    if (item->refcnt != 0) {
+	sudo_debug_printf(SUDO_DEBUG_DEBUG,
+	    "%s: uid %u [%s] -> user %s [%s] (%s)", __func__,
+	    (unsigned int)uid, key.registry,
+	    item->d.pw ? item->d.pw->pw_name : "unknown",
+	    item->registry, node ? "cache hit" : "cached");
+    }
+    item->refcnt++;
+    debug_return_ptr(item->d.pw);
+}
+
+/*
+ * Get a password entry by name and allocate space for it.
+ */
+struct passwd *
+sudo_getpwnam(const char *name)
+{
+    struct cache_item key, *item;
+    struct rbnode *node;
+    debug_decl(sudo_getpwnam, SUDOERS_DEBUG_NSS)
+
+    if (pwcache_byname == NULL) {
+	pwcache_byname = rbcreate(cmp_pwnam);
+	if (pwcache_byname == NULL) {
+	    sudo_warnx(U_("%s: %s"), __func__, U_("unable to allocate memory"));
+	    debug_return_ptr(NULL);
+	}
+    }
+
+    key.k.name = (char *) name;
+    getauthregistry((char *) name, key.registry);
+    if ((node = rbfind(pwcache_byname, &key)) != NULL) {
+	item = node->data;
+	goto done;
+    }
+    /*
+     * Cache passwd db entry if it exists or a negative response if not.
+     */
+#ifdef HAVE_SETAUTHDB
+    aix_setauthdb((char *) name, key.registry);
+#endif
+    item = make_pwitem((uid_t)-1, name);
+#ifdef HAVE_SETAUTHDB
+    aix_restoreauthdb();
+#endif
+    if (item == NULL) {
+	const size_t len = strlen(name) + 1;
+	if (errno != ENOENT || (item = calloc(1, sizeof(*item) + len)) == NULL) {
+	    sudo_warnx(U_("unable to cache user %s, out of memory"), name);
+	    /* cppcheck-suppress memleak */
+	    debug_return_ptr(NULL);
+	}
+	item->refcnt = 1;
+	item->k.name = (char *) item + sizeof(*item);
+	memcpy(item->k.name, name, len);
+	/* item->d.pw = NULL; */
+    }
+    strlcpy(item->registry, key.registry, sizeof(item->registry));
+    switch (rbinsert(pwcache_byname, item, NULL)) {
+    case 1:
+	/* should not happen */
+	sudo_warnx(U_("unable to cache user %s, already exists"), name);
+	item->refcnt = 0;
+	break;
+    case -1:
+	/* can't cache item, just return it */
+	sudo_warnx(U_("unable to cache user %s, out of memory"), name);
+	item->refcnt = 0;
+	break;
+    }
+done:
+    if (item->refcnt != 0) {
+	sudo_debug_printf(SUDO_DEBUG_DEBUG,
+	    "%s: user %s [%s] -> uid %d [%s] (%s)", __func__, name,
+	    key.registry, item->d.pw ? (int)item->d.pw->pw_uid : -1,
+	    item->registry, node ? "cache hit" : "cached");
+    }
+    item->refcnt++;
+    debug_return_ptr(item->d.pw);
+}
+
+/*
+ * Take a user, uid, gid, home and shell and return a faked up passwd struct.
+ * If home or shell are NULL default values will be used.
+ */
+struct passwd *
+sudo_mkpwent(const char *user, uid_t uid, gid_t gid, const char *home,
+    const char *shell)
+{
+    struct cache_item_pw *pwitem;
+    struct cache_item *item;
+    struct passwd *pw;
+    size_t len, name_len, home_len, shell_len;
+    int i;
+    debug_decl(sudo_mkpwent, SUDOERS_DEBUG_NSS)
+
+    if (pwcache_byuid == NULL)
+	pwcache_byuid = rbcreate(cmp_pwuid);
+    if (pwcache_byname == NULL)
+	pwcache_byname = rbcreate(cmp_pwnam);
+    if (pwcache_byuid == NULL || pwcache_byname == NULL) {
+	sudo_warnx(U_("%s: %s"), __func__, U_("unable to allocate memory"));
+	debug_return_ptr(NULL);
+    }
+
+    /* Optional arguments. */
+    if (home == NULL)
+	home = "/";
+    if (shell == NULL)
+	shell = _PATH_BSHELL;
+
+    sudo_debug_printf(SUDO_DEBUG_DEBUG,
+	"%s: creating and caching passwd struct for %s:%u:%u:%s:%s", __func__,
+	user, (unsigned int)uid, (unsigned int)gid, home, shell);
+
+    name_len = strlen(user);
+    home_len = strlen(home);
+    shell_len = strlen(shell);
+    len = sizeof(*pwitem) + name_len + 1 /* pw_name */ +
+	sizeof("*") /* pw_passwd */ + sizeof("") /* pw_gecos */ +
+	home_len + 1 /* pw_dir */ + shell_len + 1 /* pw_shell */;
+
+    for (i = 0; i < 2; i++) {
+	struct rbtree *pwcache;
+	struct rbnode *node;
+
+	pwitem = calloc(1, len);
+	if (pwitem == NULL) {
+	    sudo_warnx(U_("unable to cache user %s, out of memory"), user);
+	    debug_return_ptr(NULL);
+	}
+	pw = &pwitem->pw;
+	pw->pw_uid = uid;
+	pw->pw_gid = gid;
+	pw->pw_name = (char *)(pwitem + 1);
+	memcpy(pw->pw_name, user, name_len + 1);
+	pw->pw_passwd = pw->pw_name + name_len + 1;
+	memcpy(pw->pw_passwd, "*", 2);
+	pw->pw_gecos = pw->pw_passwd + 2;
+	pw->pw_gecos[0] = '\0';
+	pw->pw_dir = pw->pw_gecos + 1;
+	memcpy(pw->pw_dir, home, home_len + 1);
+	pw->pw_shell = pw->pw_dir + home_len + 1;
+	memcpy(pw->pw_shell, shell, shell_len + 1);
+
+	item = &pwitem->cache;
+	item->refcnt = 1;
+	item->d.pw = pw;
+	if (i == 0) {
+	    /* Store by uid. */
+	    item->k.uid = pw->pw_uid;
+	    pwcache = pwcache_byuid;
+	} else {
+	    /* Store by name. */
+	    item->k.name = pw->pw_name;
+	    pwcache = pwcache_byname;
+	}
+	getauthregistry(NULL, item->registry);
+	switch (rbinsert(pwcache, item, &node)) {
+	case 1:
+	    /* Already exists. */
+	    item = node->data;
+	    if (item->d.pw == NULL) {
+		/* Negative cache entry, replace with ours. */
+		sudo_pw_delref_item(item);
+		item = node->data = &pwitem->cache;
+	    } else {
+		/* Good entry, discard our fake one. */
+		free(pwitem);
+	    }
+	    break;
+	case -1:
+	    /* can't cache item, just return it */
+	    sudo_warnx(U_("unable to cache user %s, out of memory"), user);
+	    item->refcnt = 0;
+	    break;
+	}
+    }
+    item->refcnt++;
+    debug_return_ptr(item->d.pw);
+}
+
+/*
+ * Take a uid in string form "#123" and return a faked up passwd struct.
+ */
+struct passwd *
+sudo_fakepwnam(const char *user, gid_t gid)
+{
+    const char *errstr;
+    uid_t uid;
+    debug_decl(sudo_fakepwnam, SUDOERS_DEBUG_NSS)
+
+    uid = (uid_t) sudo_strtoid(user + 1, NULL, NULL, &errstr);
+    if (errstr != NULL) {
+	sudo_debug_printf(SUDO_DEBUG_DIAG|SUDO_DEBUG_LINENO,
+	    "uid %s %s", user, errstr);
+	debug_return_ptr(NULL);
+    }
+    debug_return_ptr(sudo_mkpwent(user, uid, gid, NULL, NULL));
+}
+
+void
+sudo_freepwcache(void)
+{
+    debug_decl(sudo_freepwcache, SUDOERS_DEBUG_NSS)
+
+    if (pwcache_byuid != NULL) {
+	rbdestroy(pwcache_byuid, sudo_pw_delref_item);
+	pwcache_byuid = NULL;
+    }
+    if (pwcache_byname != NULL) {
+	rbdestroy(pwcache_byname, sudo_pw_delref_item);
+	pwcache_byname = NULL;
+    }
+
+    debug_return;
+}
+
+/*
+ * Compare by group ID.
+ * v1 is the key to find or data to insert, v2 is in-tree data.
+ */
+static int
+cmp_grgid(const void *v1, const void *v2)
+{
+    const struct cache_item *ci1 = (const struct cache_item *) v1;
+    const struct cache_item *ci2 = (const struct cache_item *) v2;
+    if (ci1->k.gid == ci2->k.gid)
+	return strcmp(ci1->registry, ci2->registry);
+    if (ci1->k.gid < ci2->k.gid)
+	return -1;
+    return 1;
+}
+
+void
+sudo_gr_addref(struct group *gr)
+{
+    debug_decl(sudo_gr_addref, SUDOERS_DEBUG_NSS)
+    ptr_to_item(gr)->refcnt++;
+    debug_return;
+}
+
+static void
+sudo_gr_delref_item(void *v)
+{
+    struct cache_item *item = v;
+    debug_decl(sudo_gr_delref_item, SUDOERS_DEBUG_NSS)
+
+    if (--item->refcnt == 0)
+	free(item);
+
+    debug_return;
+}
+
+void
+sudo_gr_delref(struct group *gr)
+{
+    debug_decl(sudo_gr_delref, SUDOERS_DEBUG_NSS)
+    sudo_gr_delref_item(ptr_to_item(gr));
+    debug_return;
+}
+
+/*
+ * Get a group entry by gid and allocate space for it.
+ */
+struct group *
+sudo_getgrgid(gid_t gid)
+{
+    struct cache_item key, *item;
+    struct rbnode *node;
+    debug_decl(sudo_getgrgid, SUDOERS_DEBUG_NSS)
+
+    if (grcache_bygid == NULL) {
+	grcache_bygid = rbcreate(cmp_grgid);
+	if (grcache_bygid == NULL) {
+	    sudo_warnx(U_("%s: %s"), __func__, U_("unable to allocate memory"));
+	    debug_return_ptr(NULL);
+	}
+    }
+
+    key.k.gid = gid;
+    getauthregistry(NULL, key.registry);
+    if ((node = rbfind(grcache_bygid, &key)) != NULL) {
+	item = node->data;
+	goto done;
+    }
+    /*
+     * Cache group db entry if it exists or a negative response if not.
+     */
+    item = make_gritem(gid, NULL);
+    if (item == NULL) {
+	if (errno != ENOENT || (item = calloc(1, sizeof(*item))) == NULL) {
+	    sudo_warnx(U_("unable to cache gid %u, out of memory"),
+		(unsigned int) gid);
+	    /* cppcheck-suppress memleak */
+	    debug_return_ptr(NULL);
+	}
+	item->refcnt = 1;
+	item->k.gid = gid;
+	/* item->d.gr = NULL; */
+    }
+    strlcpy(item->registry, key.registry, sizeof(item->registry));
+    switch (rbinsert(grcache_bygid, item, NULL)) {
+    case 1:
+	/* should not happen */
+	sudo_warnx(U_("unable to cache gid %u, already exists"),
+	    (unsigned int) gid);
+	item->refcnt = 0;
+	break;
+    case -1:
+	/* can't cache item, just return it */
+	sudo_warnx(U_("unable to cache gid %u, out of memory"),
+	    (unsigned int) gid);
+	item->refcnt = 0;
+	break;
+    }
+done:
+    if (item->refcnt != 0) {
+	sudo_debug_printf(SUDO_DEBUG_DEBUG,
+	    "%s: gid %u [%s] -> group %s [%s] (%s)", __func__,
+	    (unsigned int)gid, key.registry,
+	    item->d.gr ? item->d.gr->gr_name : "unknown",
+	    item->registry, node ? "cache hit" : "cached");
+    }
+    item->refcnt++;
+    debug_return_ptr(item->d.gr);
+}
+
+/*
+ * Get a group entry by name and allocate space for it.
+ */
+struct group *
+sudo_getgrnam(const char *name)
+{
+    struct cache_item key, *item;
+    struct rbnode *node;
+    debug_decl(sudo_getgrnam, SUDOERS_DEBUG_NSS)
+
+    if (grcache_byname == NULL) {
+	grcache_byname = rbcreate(cmp_grnam);
+	if (grcache_byname == NULL) {
+	    sudo_warnx(U_("%s: %s"), __func__, U_("unable to allocate memory"));
+	    debug_return_ptr(NULL);
+	}
+    }
+
+    key.k.name = (char *) name;
+    getauthregistry(NULL, key.registry);
+    if ((node = rbfind(grcache_byname, &key)) != NULL) {
+	item = node->data;
+	goto done;
+    }
+    /*
+     * Cache group db entry if it exists or a negative response if not.
+     */
+    item = make_gritem((gid_t)-1, name);
+    if (item == NULL) {
+	const size_t len = strlen(name) + 1;
+	if (errno != ENOENT || (item = calloc(1, sizeof(*item) + len)) == NULL) {
+	    sudo_warnx(U_("unable to cache group %s, out of memory"), name);
+	    /* cppcheck-suppress memleak */
+	    debug_return_ptr(NULL);
+	}
+	item->refcnt = 1;
+	item->k.name = (char *) item + sizeof(*item);
+	memcpy(item->k.name, name, len);
+	/* item->d.gr = NULL; */
+    }
+    strlcpy(item->registry, key.registry, sizeof(item->registry));
+    switch (rbinsert(grcache_byname, item, NULL)) {
+    case 1:
+	/* should not happen */
+	sudo_warnx(U_("unable to cache group %s, already exists"), name);
+	item->refcnt = 0;
+	break;
+    case -1:
+	/* can't cache item, just return it */
+	sudo_warnx(U_("unable to cache group %s, out of memory"), name);
+	item->refcnt = 0;
+	break;
+    }
+done:
+    if (item->refcnt != 0) {
+	sudo_debug_printf(SUDO_DEBUG_DEBUG,
+	    "%s: group %s [%s] -> gid %d [%s] (%s)", __func__, name,
+	    key.registry, item->d.gr ? (int)item->d.gr->gr_gid : -1,
+	    item->registry, node ? "cache hit" : "cached");
+    }
+    item->refcnt++;
+    debug_return_ptr(item->d.gr);
+}
+
+/*
+ * Take a gid in string form "#123" and return a faked up group struct.
+ */
+struct group *
+sudo_fakegrnam(const char *group)
+{
+    struct cache_item_gr *gritem;
+    struct cache_item *item;
+    const char *errstr;
+    struct group *gr;
+    size_t len, name_len;
+    int i;
+    debug_decl(sudo_fakegrnam, SUDOERS_DEBUG_NSS)
+
+    if (grcache_bygid == NULL)
+	grcache_bygid = rbcreate(cmp_grgid);
+    if (grcache_byname == NULL)
+	grcache_byname = rbcreate(cmp_grnam);
+    if (grcache_bygid == NULL || grcache_byname == NULL) {
+	sudo_warnx(U_("%s: %s"), __func__, U_("unable to allocate memory"));
+	debug_return_ptr(NULL);
+    }
+
+    name_len = strlen(group);
+    len = sizeof(*gritem) + name_len + 1;
+
+    for (i = 0; i < 2; i++) {
+	struct rbtree *grcache;
+	struct rbnode *node;
+
+	gritem = calloc(1, len);
+	if (gritem == NULL) {
+	    sudo_warnx(U_("unable to cache group %s, out of memory"), group);
+	    debug_return_ptr(NULL);
+	}
+	gr = &gritem->gr;
+	gr->gr_gid = (gid_t) sudo_strtoid(group + 1, NULL, NULL, &errstr);
+	gr->gr_name = (char *)(gritem + 1);
+	memcpy(gr->gr_name, group, name_len + 1);
+	if (errstr != NULL) {
+	    sudo_debug_printf(SUDO_DEBUG_DIAG|SUDO_DEBUG_LINENO,
+		"gid %s %s", group, errstr);
+	    free(gritem);
+	    debug_return_ptr(NULL);
+	}
+
+	item = &gritem->cache;
+	item->refcnt = 1;
+	item->d.gr = gr;
+	if (i == 0) {
+	    /* Store by gid if it doesn't already exist. */
+	    item->k.gid = gr->gr_gid;
+	    grcache = grcache_bygid;
+	} else {
+	    /* Store by name, overwriting cached version. */
+	    gritem->cache.k.name = gr->gr_name;
+	    grcache = grcache_byname;
+	}
+	getauthregistry(NULL, item->registry);
+	switch (rbinsert(grcache, item, &node)) {
+	case 1:
+	    /* Already exists. */
+	    item = node->data;
+	    if (item->d.gr == NULL) {
+		/* Negative cache entry, replace with ours. */
+		sudo_gr_delref_item(item);
+		item = node->data = &gritem->cache;
+	    } else {
+		/* Good entry, discard our fake one. */
+		free(gritem);
+	    }
+	    break;
+	case -1:
+	    /* can't cache item, just return it */
+	    sudo_warnx(U_("unable to cache group %s, out of memory"), group);
+	    item->refcnt = 0;
+	    break;
+	}
+    }
+    item->refcnt++;
+    debug_return_ptr(item->d.gr);
+}
+
+void
+sudo_gidlist_addref(struct gid_list *gidlist)
+{
+    debug_decl(sudo_gidlist_addref, SUDOERS_DEBUG_NSS)
+    ptr_to_item(gidlist)->refcnt++;
+    debug_return;
+}
+
+static void
+sudo_gidlist_delref_item(void *v)
+{
+    struct cache_item *item = v;
+    debug_decl(sudo_gidlist_delref_item, SUDOERS_DEBUG_NSS)
+
+    if (--item->refcnt == 0)
+	free(item);
+
+    debug_return;
+}
+
+void
+sudo_gidlist_delref(struct gid_list *gidlist)
+{
+    debug_decl(sudo_gidlist_delref, SUDOERS_DEBUG_NSS)
+    sudo_gidlist_delref_item(ptr_to_item(gidlist));
+    debug_return;
+}
+
+void
+sudo_grlist_addref(struct group_list *grlist)
+{
+    debug_decl(sudo_grlist_addref, SUDOERS_DEBUG_NSS)
+    ptr_to_item(grlist)->refcnt++;
+    debug_return;
+}
+
+static void
+sudo_grlist_delref_item(void *v)
+{
+    struct cache_item *item = v;
+    debug_decl(sudo_grlist_delref_item, SUDOERS_DEBUG_NSS)
+
+    if (--item->refcnt == 0)
+	free(item);
+
+    debug_return;
+}
+
+void
+sudo_grlist_delref(struct group_list *grlist)
+{
+    debug_decl(sudo_grlist_delref, SUDOERS_DEBUG_NSS)
+    sudo_grlist_delref_item(ptr_to_item(grlist));
+    debug_return;
+}
+
+void
+sudo_freegrcache(void)
+{
+    debug_decl(sudo_freegrcache, SUDOERS_DEBUG_NSS)
+
+    if (grcache_bygid != NULL) {
+	rbdestroy(grcache_bygid, sudo_gr_delref_item);
+	grcache_bygid = NULL;
+    }
+    if (grcache_byname != NULL) {
+	rbdestroy(grcache_byname, sudo_gr_delref_item);
+	grcache_byname = NULL;
+    }
+    if (grlist_cache != NULL) {
+	rbdestroy(grlist_cache, sudo_grlist_delref_item);
+	grlist_cache = NULL;
+    }
+    if (gidlist_cache != NULL) {
+	rbdestroy(gidlist_cache, sudo_gidlist_delref_item);
+	gidlist_cache = NULL;
+    }
+
+    debug_return;
+}
+
+struct group_list *
+sudo_get_grlist(const struct passwd *pw)
+{
+    struct cache_item key, *item;
+    struct rbnode *node;
+    debug_decl(sudo_get_grlist, SUDOERS_DEBUG_NSS)
+
+    sudo_debug_printf(SUDO_DEBUG_DEBUG, "%s: looking up group names for %s",
+	__func__, pw->pw_name);
+
+    if (grlist_cache == NULL) {
+	grlist_cache = rbcreate(cmp_pwnam);
+	if (grlist_cache == NULL) {
+	    sudo_warnx(U_("%s: %s"), __func__, U_("unable to allocate memory"));
+	    debug_return_ptr(NULL);
+	}
+    }
+
+    key.k.name = pw->pw_name;
+    getauthregistry(pw->pw_name, key.registry);
+    if ((node = rbfind(grlist_cache, &key)) != NULL) {
+	item = node->data;
+	goto done;
+    }
+    /*
+     * Cache group db entry if it exists or a negative response if not.
+     */
+    item = make_grlist_item(pw, NULL);
+    if (item == NULL) {
+	/* Out of memory? */
+	debug_return_ptr(NULL);
+    }
+    strlcpy(item->registry, key.registry, sizeof(item->registry));
+    switch (rbinsert(grlist_cache, item, NULL)) {
+    case 1:
+	/* should not happen */
+	sudo_warnx(U_("unable to cache group list for %s, already exists"),
+	    pw->pw_name);
+	item->refcnt = 0;
+	break;
+    case -1:
+	/* can't cache item, just return it */
+	sudo_warnx(U_("unable to cache group list for %s, out of memory"),
+	    pw->pw_name);
+	item->refcnt = 0;
+	break;
+    }
+    if (item->d.grlist != NULL) {
+	int i;
+	for (i = 0; i < item->d.grlist->ngroups; i++) {
+	    sudo_debug_printf(SUDO_DEBUG_DEBUG,
+		"%s: user %s is a member of group %s", __func__,
+		pw->pw_name, item->d.grlist->groups[i]);
+	}
+    }
+done:
+    item->refcnt++;
+    debug_return_ptr(item->d.grlist);
+}
+
+int
+sudo_set_grlist(struct passwd *pw, char * const *groups)
+{
+    struct cache_item key, *item;
+    struct rbnode *node;
+    debug_decl(sudo_set_grlist, SUDOERS_DEBUG_NSS)
+
+    if (grlist_cache == NULL) {
+	grlist_cache = rbcreate(cmp_pwnam);
+	if (grlist_cache == NULL) {
+	    sudo_warnx(U_("%s: %s"), __func__, U_("unable to allocate memory"));
+	    debug_return_int(-1);
+	}
+    }
+
+    /*
+     * Cache group db entry if it doesn't already exist
+     */
+    key.k.name = pw->pw_name;
+    getauthregistry(NULL, key.registry);
+    if ((node = rbfind(grlist_cache, &key)) == NULL) {
+	if ((item = make_grlist_item(pw, groups)) == NULL) {
+	    sudo_warnx(U_("unable to parse groups for %s"), pw->pw_name);
+	    debug_return_int(-1);
+	}
+	strlcpy(item->registry, key.registry, sizeof(item->registry));
+	switch (rbinsert(grlist_cache, item, NULL)) {
+	case 1:
+	    sudo_warnx(U_("unable to cache group list for %s, already exists"),
+		pw->pw_name);
+	    sudo_grlist_delref_item(item);
+	    break;
+	case -1:
+	    sudo_warnx(U_("unable to cache group list for %s, out of memory"),
+		pw->pw_name);
+	    sudo_grlist_delref_item(item);
+	    debug_return_int(-1);
+	}
+    }
+    debug_return_int(0);
+}
+
+struct gid_list *
+sudo_get_gidlist(const struct passwd *pw, unsigned int type)
+{
+    struct cache_item key, *item;
+    struct rbnode *node;
+    debug_decl(sudo_get_gidlist, SUDOERS_DEBUG_NSS)
+
+    sudo_debug_printf(SUDO_DEBUG_DEBUG, "%s: looking up group IDs for %s",
+	__func__, pw->pw_name);
+
+    if (gidlist_cache == NULL) {
+	gidlist_cache = rbcreate(cmp_gidlist);
+	if (gidlist_cache == NULL) {
+	    sudo_warnx(U_("%s: %s"), __func__, U_("unable to allocate memory"));
+	    debug_return_ptr(NULL);
+	}
+    }
+
+    key.k.name = pw->pw_name;
+    key.type = type;
+    getauthregistry(pw->pw_name, key.registry);
+    if ((node = rbfind(gidlist_cache, &key)) != NULL) {
+	item = node->data;
+	goto done;
+    }
+    /*
+     * Cache group db entry if it exists or a negative response if not.
+     */
+    item = make_gidlist_item(pw, NULL, type);
+    if (item == NULL) {
+	/* Out of memory? */
+	debug_return_ptr(NULL);
+    }
+    strlcpy(item->registry, key.registry, sizeof(item->registry));
+    switch (rbinsert(gidlist_cache, item, NULL)) {
+    case 1:
+	/* should not happen */
+	sudo_warnx(U_("unable to cache group list for %s, already exists"),
+	    pw->pw_name);
+	item->refcnt = 0;
+	break;
+    case -1:
+	/* can't cache item, just return it */
+	sudo_warnx(U_("unable to cache group list for %s, out of memory"),
+	    pw->pw_name);
+	item->refcnt = 0;
+	break;
+    }
+    if (item->d.gidlist != NULL) {
+	int i;
+	for (i = 0; i < item->d.gidlist->ngids; i++) {
+	    sudo_debug_printf(SUDO_DEBUG_DEBUG,
+		"%s: user %s has supplementary gid %u", __func__,
+		pw->pw_name, (unsigned int)item->d.gidlist->gids[i]);
+	}
+    }
+done:
+    item->refcnt++;
+    debug_return_ptr(item->d.gidlist);
+}
+
+int
+sudo_set_gidlist(struct passwd *pw, char * const *gids, unsigned int type)
+{
+    struct cache_item key, *item;
+    struct rbnode *node;
+    debug_decl(sudo_set_gidlist, SUDOERS_DEBUG_NSS)
+
+    if (gidlist_cache == NULL) {
+	gidlist_cache = rbcreate(cmp_gidlist);
+	if (gidlist_cache == NULL) {
+	    sudo_warnx(U_("%s: %s"), __func__, U_("unable to allocate memory"));
+	    debug_return_int(-1);
+	}
+    }
+
+    /*
+     * Cache group db entry if it doesn't already exist
+     */
+    key.k.name = pw->pw_name;
+    key.type = type;
+    getauthregistry(NULL, key.registry);
+    if ((node = rbfind(gidlist_cache, &key)) == NULL) {
+	if ((item = make_gidlist_item(pw, gids, type)) == NULL) {
+	    sudo_warnx(U_("unable to parse gids for %s"), pw->pw_name);
+	    debug_return_int(-1);
+	}
+	strlcpy(item->registry, key.registry, sizeof(item->registry));
+	switch (rbinsert(gidlist_cache, item, NULL)) {
+	case 1:
+	    sudo_warnx(U_("unable to cache group list for %s, already exists"),
+		pw->pw_name);
+	    sudo_gidlist_delref_item(item);
+	    break;
+	case -1:
+	    sudo_warnx(U_("unable to cache group list for %s, out of memory"),
+		pw->pw_name);
+	    sudo_gidlist_delref_item(item);
+	    debug_return_int(-1);
+	}
+    }
+    debug_return_int(0);
+}
+
+bool
+user_in_group(const struct passwd *pw, const char *group)
+{
+    struct group_list *grlist = NULL;
+    struct gid_list *gidlist = NULL;
+    struct group *grp = NULL;
+    bool matched = false;
+    int i;
+    debug_decl(user_in_group, SUDOERS_DEBUG_NSS)
+
+    /*
+     * If it could be a sudo-style group ID check gids first.
+     */
+    if (group[0] == '#') {
+	const char *errstr;
+	gid_t gid = (gid_t) sudo_strtoid(group + 1, NULL, NULL, &errstr);
+	if (errstr != NULL) {
+	    sudo_debug_printf(SUDO_DEBUG_DIAG|SUDO_DEBUG_LINENO,
+		"gid %s %s", group, errstr);
+	} else {
+	    if (gid == pw->pw_gid) {
+		matched = true;
+		goto done;
+	    }
+	    if ((gidlist = sudo_get_gidlist(pw, ENTRY_TYPE_ANY)) != NULL) {
+		for (i = 0; i < gidlist->ngids; i++) {
+		    if (gid == gidlist->gids[i]) {
+			matched = true;
+			goto done;
+		    }
+		}
+	    }
+	}
+    }
+
+    /*
+     * Next match the group name.  By default, sudoers resolves all the user's
+     * group IDs to names and matches by name.  If match_group_by_gid is
+     * set, each group is sudoers is resolved and matching is by group ID.
+     */
+    if (def_match_group_by_gid) {
+	gid_t gid;
+
+	/* Look up the ID of the group in sudoers. */
+	if ((grp = sudo_getgrnam(group)) == NULL)
+	    goto done;
+	gid = grp->gr_gid;
+
+	/* Check against user's primary (passwd file) group ID. */
+	if (gid == pw->pw_gid) {
+	    matched = true;
+	    goto done;
+	}
+
+	/* Check the supplementary group vector. */
+	if (gidlist == NULL) {
+	    if ((gidlist = sudo_get_gidlist(pw, ENTRY_TYPE_ANY)) != NULL) {
+		for (i = 0; i < gidlist->ngids; i++) {
+		    if (gid == gidlist->gids[i]) {
+			matched = true;
+			goto done;
+		    }
+		}
+	    }
+	}
+    } else if ((grlist = sudo_get_grlist(pw)) != NULL) {
+	int (*compare)(const char *, const char *);
+	if (def_case_insensitive_group)
+	    compare = strcasecmp;
+	else
+	    compare = strcmp;
+
+	/* Check the supplementary group vector. */
+	for (i = 0; i < grlist->ngroups; i++) {
+	    if (compare(group, grlist->groups[i]) == 0) {
+		matched = true;
+		goto done;
+	    }
+	}
+
+	/* Check against user's primary (passwd file) group. */
+	if ((grp = sudo_getgrgid(pw->pw_gid)) != NULL) {
+	    if (compare(group, grp->gr_name) == 0) {
+		matched = true;
+		goto done;
+	    }
+	}
+    }
+
+done:
+    if (grp != NULL)
+	sudo_gr_delref(grp);
+    if (grlist != NULL)
+	sudo_grlist_delref(grlist);
+    if (gidlist != NULL)
+	sudo_gidlist_delref(gidlist);
+
+    sudo_debug_printf(SUDO_DEBUG_DEBUG, "%s: user %s %sin group %s",
+	__func__, pw->pw_name, matched ? "" : "NOT ", group);
+    debug_return_bool(matched);
+}
diff --git a/plugins/sudoers/pwutil.h b/plugins/sudoers/pwutil.h
new file mode 100644
index 0000000..7c36e70
--- /dev/null
+++ b/plugins/sudoers/pwutil.h
@@ -0,0 +1,75 @@
+/*
+ * Copyright (c) 2010-2013, 2015-2017 Todd C. Miller <Todd.Miller@sudo.ws>
+ *
+ * Permission to use, copy, modify, and distribute this software for any
+ * purpose with or without fee is hereby granted, provided that the above
+ * copyright notice and this permission notice appear in all copies.
+ *
+ * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
+ * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
+ * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
+ * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
+ * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
+ * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
+ * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
+ */
+
+#ifndef SUDOERS_PWUTIL_H
+#define SUDOERS_PWUTIL_H
+
+#define ptr_to_item(p) ((struct cache_item *)((char *)p - offsetof(struct cache_item_##p, p)))
+
+/*
+ * Generic cache element.
+ */
+struct cache_item {
+    unsigned int refcnt;
+    unsigned int type;	/* only used for gidlist */
+    char registry[16];	/* AIX-specific, empty otherwise */
+    /* key */
+    union {
+	uid_t uid;
+	gid_t gid;
+	char *name;
+    } k;
+    /* datum */
+    union {
+	struct passwd *pw;
+	struct group *gr;
+	struct group_list *grlist;
+	struct gid_list *gidlist;
+    } d;
+};
+
+/*
+ * Container structs to simpify size and offset calculations and guarantee
+ * proper aligment of struct passwd, group, gid_list and group_list.
+ */
+struct cache_item_pw {
+    struct cache_item cache;
+    struct passwd pw;
+};
+
+struct cache_item_gr {
+    struct cache_item cache;
+    struct group gr;
+};
+
+struct cache_item_grlist {
+    struct cache_item cache;
+    struct group_list grlist;
+    /* actually bigger */
+};
+
+struct cache_item_gidlist {
+    struct cache_item cache;
+    struct gid_list gidlist;
+    /* actually bigger */
+};
+
+struct cache_item *sudo_make_gritem(gid_t gid, const char *group);
+struct cache_item *sudo_make_grlist_item(const struct passwd *pw, char * const *groups);
+struct cache_item *sudo_make_gidlist_item(const struct passwd *pw, char * const *gids, unsigned int type);
+struct cache_item *sudo_make_pwitem(uid_t uid, const char *user);
+
+#endif /* SUDOERS_PWUTIL_H */
diff --git a/plugins/sudoers/pwutil_impl.c b/plugins/sudoers/pwutil_impl.c
new file mode 100644
index 0000000..b6251ff
--- /dev/null
+++ b/plugins/sudoers/pwutil_impl.c
@@ -0,0 +1,414 @@
+/*
+ * Copyright (c) 1996, 1998-2005, 2007-2018
+ *	Todd C. Miller <Todd.Miller@sudo.ws>
+ *
+ * Permission to use, copy, modify, and distribute this software for any
+ * purpose with or without fee is hereby granted, provided that the above
+ * copyright notice and this permission notice appear in all copies.
+ *
+ * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
+ * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
+ * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
+ * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
+ * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
+ * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
+ * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
+ *
+ * Sponsored in part by the Defense Advanced Research Projects
+ * Agency (DARPA) and Air Force Research Laboratory, Air Force
+ * Materiel Command, USAF, under agreement number F39502-99-1-0512.
+ */
+
+/*
+ * This is an open source non-commercial project. Dear PVS-Studio, please check it.
+ * PVS-Studio Static Code Analyzer for C, C++ and C#: http://www.viva64.com
+ */
+
+#include <config.h>
+
+#include <sys/types.h>
+#include <stddef.h>
+#include <stdio.h>
+#include <stdlib.h>
+#ifdef HAVE_STRING_H
+# include <string.h>
+#endif /* HAVE_STRING_H */
+#ifdef HAVE_STRINGS_H
+# include <strings.h>
+#endif /* HAVE_STRINGS_H */
+#include <unistd.h>
+#include <errno.h>
+#include <limits.h>
+#include <pwd.h>
+#include <grp.h>
+
+#include "sudoers.h"
+#include "pwutil.h"
+
+#ifndef LOGIN_NAME_MAX
+# ifdef _POSIX_LOGIN_NAME_MAX
+#  define LOGIN_NAME_MAX _POSIX_LOGIN_NAME_MAX
+# else
+#  define LOGIN_NAME_MAX 9
+# endif
+#endif /* LOGIN_NAME_MAX */
+
+#define FIELD_SIZE(src, name, size)			\
+do {							\
+	if (src->name) {				\
+		size = strlen(src->name) + 1;		\
+		total += size;				\
+	}                                               \
+} while (0)
+
+#define FIELD_COPY(src, dst, name, size)		\
+do {							\
+	if (src->name) {				\
+		memcpy(cp, src->name, size);		\
+		dst->name = cp;				\
+		cp += size;				\
+	}						\
+} while (0)
+
+/*
+ * Dynamically allocate space for a struct item plus the key and data
+ * elements.  If name is non-NULL it is used as the key, else the
+ * uid is the key.  Fills in datum from struct password.
+ * Returns NULL on calloc error or unknown name/id, setting errno
+ * to ENOMEM or ENOENT respectively.
+ */
+struct cache_item *
+sudo_make_pwitem(uid_t uid, const char *name)
+{
+    char *cp;
+    const char *pw_shell;
+    size_t nsize, psize, csize, gsize, dsize, ssize, total;
+    struct cache_item_pw *pwitem;
+    struct passwd *pw, *newpw;
+    debug_decl(sudo_make_pwitem, SUDOERS_DEBUG_NSS)
+
+    /* Look up by name or uid. */
+    pw = name ? getpwnam(name) : getpwuid(uid);
+    if (pw == NULL) {
+	errno = ENOENT;
+	debug_return_ptr(NULL);
+    }
+
+    /* If shell field is empty, expand to _PATH_BSHELL. */
+    pw_shell = (pw->pw_shell == NULL || pw->pw_shell[0] == '\0')
+	? _PATH_BSHELL : pw->pw_shell;
+
+    /* Allocate in one big chunk for easy freeing. */
+    nsize = psize = csize = gsize = dsize = ssize = 0;
+    total = sizeof(*pwitem);
+    FIELD_SIZE(pw, pw_name, nsize);
+    FIELD_SIZE(pw, pw_passwd, psize);
+#ifdef HAVE_LOGIN_CAP_H
+    FIELD_SIZE(pw, pw_class, csize);
+#endif
+    FIELD_SIZE(pw, pw_gecos, gsize);
+    FIELD_SIZE(pw, pw_dir, dsize);
+    /* Treat shell specially since we expand "" -> _PATH_BSHELL */
+    ssize = strlen(pw_shell) + 1;
+    total += ssize;
+    if (name != NULL)
+	total += strlen(name) + 1;
+
+    /* Allocate space for struct item, struct passwd and the strings. */
+    if ((pwitem = calloc(1, total)) == NULL) {
+	sudo_debug_printf(SUDO_DEBUG_ERROR|SUDO_DEBUG_LINENO,
+	    "unable to allocate memory");
+	debug_return_ptr(NULL);
+    }
+    newpw = &pwitem->pw;
+
+    /*
+     * Copy in passwd contents and make strings relative to space
+     * at the end of the struct.
+     */
+    memcpy(newpw, pw, sizeof(*pw));
+    cp = (char *)(pwitem + 1);
+    FIELD_COPY(pw, newpw, pw_name, nsize);
+    FIELD_COPY(pw, newpw, pw_passwd, psize);
+#ifdef HAVE_LOGIN_CAP_H
+    FIELD_COPY(pw, newpw, pw_class, csize);
+#endif
+    FIELD_COPY(pw, newpw, pw_gecos, gsize);
+    FIELD_COPY(pw, newpw, pw_dir, dsize);
+    /* Treat shell specially since we expand "" -> _PATH_BSHELL */
+    memcpy(cp, pw_shell, ssize);
+    newpw->pw_shell = cp;
+    cp += ssize;
+
+    /* Set key and datum. */
+    if (name != NULL) {
+	memcpy(cp, name, strlen(name) + 1);
+	pwitem->cache.k.name = cp;
+    } else {
+	pwitem->cache.k.uid = pw->pw_uid;
+    }
+    pwitem->cache.d.pw = newpw;
+    pwitem->cache.refcnt = 1;
+
+    debug_return_ptr(&pwitem->cache);
+}
+
+/*
+ * Dynamically allocate space for a struct item plus the key and data
+ * elements.  If name is non-NULL it is used as the key, else the
+ * gid is the key.  Fills in datum from struct group.
+ * Returns NULL on calloc error or unknown name/id, setting errno
+ * to ENOMEM or ENOENT respectively.
+ */
+struct cache_item *
+sudo_make_gritem(gid_t gid, const char *name)
+{
+    char *cp;
+    size_t nsize, psize, nmem, total, len;
+    struct cache_item_gr *gritem;
+    struct group *gr, *newgr;
+    debug_decl(sudo_make_gritem, SUDOERS_DEBUG_NSS)
+
+    /* Look up by name or gid. */
+    gr = name ? getgrnam(name) : getgrgid(gid);
+    if (gr == NULL) {
+	errno = ENOENT;
+	debug_return_ptr(NULL);
+    }
+
+    /* Allocate in one big chunk for easy freeing. */
+    nsize = psize = nmem = 0;
+    total = sizeof(*gritem);
+    FIELD_SIZE(gr, gr_name, nsize);
+    FIELD_SIZE(gr, gr_passwd, psize);
+    if (gr->gr_mem) {
+	for (nmem = 0; gr->gr_mem[nmem] != NULL; nmem++)
+	    total += strlen(gr->gr_mem[nmem]) + 1;
+	nmem++;
+	total += sizeof(char *) * nmem;
+    }
+    if (name != NULL)
+	total += strlen(name) + 1;
+
+    if ((gritem = calloc(1, total)) == NULL) {
+	sudo_debug_printf(SUDO_DEBUG_ERROR|SUDO_DEBUG_LINENO,
+	    "unable to allocate memory");
+	debug_return_ptr(NULL);
+    }
+
+    /*
+     * Copy in group contents and make strings relative to space
+     * at the end of the buffer.  Note that gr_mem must come
+     * immediately after struct group to guarantee proper alignment.
+     */
+    newgr = &gritem->gr;
+    memcpy(newgr, gr, sizeof(*gr));
+    cp = (char *)(gritem + 1);
+    if (gr->gr_mem) {
+	newgr->gr_mem = (char **)cp;
+	cp += sizeof(char *) * nmem;
+	for (nmem = 0; gr->gr_mem[nmem] != NULL; nmem++) {
+	    len = strlen(gr->gr_mem[nmem]) + 1;
+	    memcpy(cp, gr->gr_mem[nmem], len);
+	    newgr->gr_mem[nmem] = cp;
+	    cp += len;
+	}
+	newgr->gr_mem[nmem] = NULL;
+    }
+    FIELD_COPY(gr, newgr, gr_passwd, psize);
+    FIELD_COPY(gr, newgr, gr_name, nsize);
+
+    /* Set key and datum. */
+    if (name != NULL) {
+	memcpy(cp, name, strlen(name) + 1);
+	gritem->cache.k.name = cp;
+    } else {
+	gritem->cache.k.gid = gr->gr_gid;
+    }
+    gritem->cache.d.gr = newgr;
+    gritem->cache.refcnt = 1;
+
+    debug_return_ptr(&gritem->cache);
+}
+
+/*
+ * Dynamically allocate space for a struct item plus the key and data
+ * elements.  Fills in datum from user_gids or from sudo_getgrouplist2(3).
+ */
+struct cache_item *
+sudo_make_gidlist_item(const struct passwd *pw, char * const *unused1,
+    unsigned int type)
+{
+    char *cp;
+    size_t nsize, total;
+    struct cache_item_gidlist *glitem;
+    struct gid_list *gidlist;
+    GETGROUPS_T *gids;
+    int i, ngids;
+    debug_decl(sudo_make_gidlist_item, SUDOERS_DEBUG_NSS)
+
+    /* Don't use user_gids if the entry type says we must query the db. */
+    if (type != ENTRY_TYPE_QUERIED && pw == sudo_user.pw && sudo_user.gids != NULL) {
+	gids = user_gids;
+	ngids = user_ngids;
+	user_gids = NULL;
+	user_ngids = 0;
+	type = ENTRY_TYPE_FRONTEND;
+    } else {
+	type = ENTRY_TYPE_QUERIED;
+	if (sudo_user.max_groups > 0) {
+	    ngids = sudo_user.max_groups;
+	    gids = reallocarray(NULL, ngids, sizeof(GETGROUPS_T));
+	    if (gids == NULL) {
+		sudo_debug_printf(SUDO_DEBUG_ERROR|SUDO_DEBUG_LINENO,
+		    "unable to allocate memory");
+		debug_return_ptr(NULL);
+	    }
+	    (void)sudo_getgrouplist2(pw->pw_name, pw->pw_gid, &gids, &ngids);
+	} else {
+	    gids = NULL;
+	    if (sudo_getgrouplist2(pw->pw_name, pw->pw_gid, &gids, &ngids) == -1) {
+		sudo_debug_printf(SUDO_DEBUG_ERROR|SUDO_DEBUG_LINENO,
+		    "unable to allocate memory");
+		debug_return_ptr(NULL);
+	    }
+	}
+    }
+    if (ngids <= 0) {
+	free(gids);
+	errno = ENOENT;
+	debug_return_ptr(NULL);
+    }
+
+    /* Allocate in one big chunk for easy freeing. */
+    nsize = strlen(pw->pw_name) + 1;
+    total = sizeof(*glitem) + nsize;
+    total += sizeof(gid_t *) * ngids;
+
+    if ((glitem = calloc(1, total)) == NULL) {
+	sudo_debug_printf(SUDO_DEBUG_ERROR|SUDO_DEBUG_LINENO,
+	    "unable to allocate memory");
+	free(gids);
+	debug_return_ptr(NULL);
+    }
+
+    /*
+     * Copy in group list and make pointers relative to space
+     * at the end of the buffer.  Note that the groups array must come
+     * immediately after struct group to guarantee proper alignment.
+     */
+    gidlist = &glitem->gidlist;
+    cp = (char *)(glitem + 1);
+    gidlist->gids = (gid_t *)cp;
+    cp += sizeof(gid_t) * ngids;
+
+    /* Set key and datum. */
+    memcpy(cp, pw->pw_name, nsize);
+    glitem->cache.k.name = cp;
+    glitem->cache.d.gidlist = gidlist;
+    glitem->cache.refcnt = 1;
+    glitem->cache.type = type;
+
+    /*
+     * Store group IDs.
+     */
+    for (i = 0; i < ngids; i++)
+	gidlist->gids[i] = gids[i];
+    gidlist->ngids = ngids;
+    free(gids);
+
+    debug_return_ptr(&glitem->cache);
+}
+
+/*
+ * Dynamically allocate space for a struct item plus the key and data
+ * elements.  Fills in group names from a call to sudo_get_gidlist().
+ */
+struct cache_item *
+sudo_make_grlist_item(const struct passwd *pw, char * const *unused1)
+{
+    char *cp;
+    size_t nsize, ngroups, total, len;
+    struct cache_item_grlist *grlitem;
+    struct group_list *grlist;
+    struct gid_list *gidlist;
+    struct group *grp = NULL;
+    int i, groupname_len;
+    debug_decl(sudo_make_grlist_item, SUDOERS_DEBUG_NSS)
+
+    gidlist = sudo_get_gidlist(pw, ENTRY_TYPE_ANY);
+    if (gidlist == NULL) {
+	sudo_debug_printf(SUDO_DEBUG_ERROR|SUDO_DEBUG_LINENO,
+	    "no gid list for use %s", pw->pw_name);
+	errno = ENOENT;
+	debug_return_ptr(NULL);
+    }
+
+#ifdef _SC_LOGIN_NAME_MAX
+    groupname_len = MAX((int)sysconf(_SC_LOGIN_NAME_MAX), 32);
+#else
+    groupname_len = MAX(LOGIN_NAME_MAX, 32);
+#endif
+
+    /* Allocate in one big chunk for easy freeing. */
+    nsize = strlen(pw->pw_name) + 1;
+    total = sizeof(*grlitem) + nsize;
+    total += groupname_len * gidlist->ngids;
+
+again:
+    if ((grlitem = calloc(1, total)) == NULL) {
+	sudo_debug_printf(SUDO_DEBUG_ERROR|SUDO_DEBUG_LINENO,
+	    "unable to allocate memory");
+	sudo_gidlist_delref(gidlist);
+	debug_return_ptr(NULL);
+    }
+
+    /*
+     * Copy in group list and make pointers relative to space
+     * at the end of the buffer.  Note that the groups array must come
+     * immediately after struct group to guarantee proper alignment.
+     */
+    grlist = &grlitem->grlist;
+    cp = (char *)(grlitem + 1);
+    grlist->groups = (char **)cp;
+    cp += sizeof(char *) * gidlist->ngids;
+
+    /* Set key and datum. */
+    memcpy(cp, pw->pw_name, nsize);
+    grlitem->cache.k.name = cp;
+    grlitem->cache.d.grlist = grlist;
+    grlitem->cache.refcnt = 1;
+    cp += nsize;
+
+    /*
+     * Resolve and store group names by ID.
+     */
+#ifdef HAVE_SETAUTHDB
+    if (grp == NULL)
+	aix_setauthdb((char *) pw->pw_name, NULL);
+#endif
+    ngroups = 0;
+    for (i = 0; i < gidlist->ngids; i++) {
+	if ((grp = sudo_getgrgid(gidlist->gids[i])) != NULL) {
+	    len = strlen(grp->gr_name) + 1;
+	    if (cp - (char *)grlitem + len > total) {
+		total += len + groupname_len;
+		free(grlitem);
+		sudo_gr_delref(grp);
+		goto again;
+	    }
+	    memcpy(cp, grp->gr_name, len);
+	    grlist->groups[ngroups++] = cp;
+	    cp += len;
+	    sudo_gr_delref(grp);
+	}
+    }
+    grlist->ngroups = ngroups;
+    sudo_gidlist_delref(gidlist);
+
+#ifdef HAVE_SETAUTHDB
+    aix_restoreauthdb();
+#endif
+
+    debug_return_ptr(&grlitem->cache);
+}
diff --git a/plugins/sudoers/rcstr.c b/plugins/sudoers/rcstr.c
new file mode 100644
index 0000000..8ad2d5d
--- /dev/null
+++ b/plugins/sudoers/rcstr.c
@@ -0,0 +1,111 @@
+/*
+ * Copyright (c) 2016-2018 Todd C. Miller <Todd.Miller@sudo.ws>
+ *
+ * Permission to use, copy, modify, and distribute this software for any
+ * purpose with or without fee is hereby granted, provided that the above
+ * copyright notice and this permission notice appear in all copies.
+ *
+ * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
+ * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
+ * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
+ * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
+ * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
+ * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
+ * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
+ */
+
+/*
+ * This is an open source non-commercial project. Dear PVS-Studio, please check it.
+ * PVS-Studio Static Code Analyzer for C, C++ and C#: http://www.viva64.com
+ */
+
+#include <config.h>
+
+#include <sys/types.h>
+
+#include <stddef.h>
+#include <stdio.h>
+#include <stdlib.h>
+#ifdef HAVE_STDBOOL_H
+# include <stdbool.h>
+#else
+# include "compat/stdbool.h"
+#endif
+#ifdef HAVE_STRING_H
+# include <string.h>
+#endif /* HAVE_STRING_H */
+#ifdef HAVE_STRINGS_H
+# include <strings.h>
+#endif /* HAVE_STRINGS_H */
+
+#include "sudoers.h"
+
+/* Trivial reference-counted strings. */
+struct rcstr {
+    int refcnt;
+    char str[1];	/* actually bigger */
+};
+
+/*
+ * Allocate a reference-counted string and copy src to it.
+ * Returns the newly-created string with a refcnt of 1.
+ */
+char *
+rcstr_dup(const char *src)
+{
+    size_t len = strlen(src);
+    char *dst;
+    debug_decl(rcstr_dup, SUDOERS_DEBUG_UTIL)
+
+    dst = rcstr_alloc(len);
+    memcpy(dst, src, len);
+    dst[len] = '\0';
+    debug_return_ptr(dst);
+}
+
+char *
+rcstr_alloc(size_t len)
+{
+    struct rcstr *rcs;
+    debug_decl(rcstr_dup, SUDOERS_DEBUG_UTIL)
+
+    /* Note: sizeof(struct rcstr) includes space for the NUL */
+    rcs = malloc(sizeof(struct rcstr) + len);
+    if (rcs == NULL)
+	return NULL;
+
+    rcs->refcnt = 1;
+    rcs->str[0] = '\0';
+    /* cppcheck-suppress memleak */
+    debug_return_ptr(rcs->str);
+}
+
+char *
+rcstr_addref(const char *s)
+{
+    struct rcstr *rcs;
+    debug_decl(rcstr_dup, SUDOERS_DEBUG_UTIL)
+
+    if (s == NULL)
+	debug_return_ptr(NULL);
+
+    rcs = __containerof((const void *)s, struct rcstr, str);
+    rcs->refcnt++;
+    debug_return_ptr(rcs->str);
+}
+
+void
+rcstr_delref(const char *s)
+{
+    struct rcstr *rcs;
+    debug_decl(rcstr_dup, SUDOERS_DEBUG_UTIL)
+
+    if (s != NULL) {
+	rcs = __containerof((const void *)s, struct rcstr, str);
+	if (--rcs->refcnt == 0) {
+	    rcs->str[0] = '\0';
+	    free(rcs);
+	}
+    }
+    debug_return;
+}
diff --git a/plugins/sudoers/redblack.c b/plugins/sudoers/redblack.c
new file mode 100644
index 0000000..ef7e8f5
--- /dev/null
+++ b/plugins/sudoers/redblack.c
@@ -0,0 +1,479 @@
+/*
+ * Copyright (c) 2004-2005, 2007, 2009-2015
+ *	Todd C. Miller <Todd.Miller@sudo.ws>
+ *
+ * Permission to use, copy, modify, and distribute this software for any
+ * purpose with or without fee is hereby granted, provided that the above
+ * copyright notice and this permission notice appear in all copies.
+ *
+ * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
+ * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
+ * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
+ * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
+ * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
+ * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
+ * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
+ */
+
+/*
+ * This is an open source non-commercial project. Dear PVS-Studio, please check it.
+ * PVS-Studio Static Code Analyzer for C, C++ and C#: http://www.viva64.com
+ */
+
+/*
+ * Adapted from the following code written by Emin Martinian:
+ * http://web.mit.edu/~emin/www/source_code/red_black_tree/index.html
+ *
+ * Copyright (c) 2001 Emin Martinian
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that neither the name of Emin
+ * Martinian nor the names of any contributors are be used to endorse or
+ * promote products derived from this software without specific prior
+ * written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+ * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
+ * A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
+ * OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+ * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+ * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+ * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+ * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+ * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ */
+
+#include <config.h>
+
+#include <sys/types.h>
+
+#include <stdio.h>
+#include <stdlib.h>
+
+#include "sudoers.h"
+#include "redblack.h"
+
+static void rbrepair(struct rbtree *, struct rbnode *);
+static void rotate_left(struct rbtree *, struct rbnode *);
+static void rotate_right(struct rbtree *, struct rbnode *);
+static void rbdestroy_int(struct rbtree *, struct rbnode *, void (*)(void *));
+
+/*
+ * Red-Black tree, see http://en.wikipedia.org/wiki/Red-black_tree
+ *
+ * A red-black tree is a binary search tree where each node has a color
+ * attribute, the value of which is either red or black.  Essentially, it
+ * is just a convenient way to express a 2-3-4 binary search tree where
+ * the color indicates whether the node is part of a 3-node or a 4-node.
+ * In addition to the ordinary requirements imposed on binary search
+ * trees, we make the following additional requirements of any valid
+ * red-black tree:
+ *  1) Every node is either red or black.
+ *  2) The root is black.
+ *  3) All leaves are black.
+ *  4) Both children of each red node are black.
+ *  5) The paths from each leaf up to the root each contain the same
+ *     number of black nodes.
+ */
+
+/*
+ * Create a red black tree struct using the specified compare routine.
+ * Allocates and returns the initialized (empty) tree or NULL if
+ * memory cannot be allocated.
+ */
+struct rbtree *
+rbcreate(int (*compar)(const void *, const void*))
+{
+    struct rbtree *tree;
+    debug_decl(rbcreate, SUDOERS_DEBUG_RBTREE)
+
+    if ((tree = malloc(sizeof(*tree))) == NULL) {
+	sudo_debug_printf(SUDO_DEBUG_ERROR|SUDO_DEBUG_LINENO,
+	    "unable to allocate memory");
+	debug_return_ptr(NULL);
+    }
+
+    tree->compar = compar;
+
+    /*
+     * We use a self-referencing sentinel node called nil to simplify the
+     * code by avoiding the need to check for NULL pointers.
+     */
+    tree->nil.left = tree->nil.right = tree->nil.parent = &tree->nil;
+    tree->nil.color = black;
+    tree->nil.data = NULL;
+
+    /*
+     * Similarly, the fake root node keeps us from having to worry
+     * about splitting the root.
+     */
+    tree->root.left = tree->root.right = tree->root.parent = &tree->nil;
+    tree->root.color = black;
+    tree->root.data = NULL;
+
+    debug_return_ptr(tree);
+}
+
+/*
+ * Perform a left rotation starting at node.
+ */
+static void
+rotate_left(struct rbtree *tree, struct rbnode *node)
+{
+    struct rbnode *child;
+    debug_decl(rotate_left, SUDOERS_DEBUG_RBTREE)
+
+    child = node->right;
+    node->right = child->left;
+
+    if (child->left != rbnil(tree))
+        child->left->parent = node;
+    child->parent = node->parent;
+
+    if (node == node->parent->left)
+	node->parent->left = child;
+    else
+	node->parent->right = child;
+    child->left = node;
+    node->parent = child;
+
+    debug_return;
+}
+
+/*
+ * Perform a right rotation starting at node.
+ */
+static void
+rotate_right(struct rbtree *tree, struct rbnode *node)
+{
+    struct rbnode *child;
+    debug_decl(rotate_right, SUDOERS_DEBUG_RBTREE)
+
+    child = node->left;
+    node->left = child->right;
+
+    if (child->right != rbnil(tree))
+        child->right->parent = node;
+    child->parent = node->parent;
+
+    if (node == node->parent->left)
+	node->parent->left = child;
+    else
+	node->parent->right = child;
+    child->right = node;
+    node->parent = child;
+
+    debug_return;
+}
+
+/*
+ * Insert data pointer into a redblack tree.
+ * Returns a 0 on success, 1 if a node matching "data" already exists
+ * (filling in "existing" if not NULL), or -1 on malloc() failure.
+ */
+int
+rbinsert(struct rbtree *tree, void *data, struct rbnode **existing)
+{
+    struct rbnode *node = rbfirst(tree);
+    struct rbnode *parent = rbroot(tree);
+    int res;
+    debug_decl(rbinsert, SUDOERS_DEBUG_RBTREE)
+
+    /* Find correct insertion point. */
+    while (node != rbnil(tree)) {
+	parent = node;
+	if ((res = tree->compar(data, node->data)) == 0) {
+	    if (existing != NULL)
+		*existing = node;
+	    debug_return_int(1);
+	}
+	node = res < 0 ? node->left : node->right;
+    }
+
+    node = malloc(sizeof(*node));
+    if (node == NULL) {
+	sudo_debug_printf(SUDO_DEBUG_ERROR|SUDO_DEBUG_LINENO,
+	    "unable to allocate memory");
+	debug_return_int(-1);
+    }
+    node->data = data;
+    node->left = node->right = rbnil(tree);
+    node->parent = parent;
+    if (parent == rbroot(tree) || tree->compar(data, parent->data) < 0)
+	parent->left = node;
+    else
+	parent->right = node;
+    node->color = red;
+
+    /*
+     * If the parent node is black we are all set, if it is red we have
+     * the following possible cases to deal with.  We iterate through
+     * the rest of the tree to make sure none of the required properties
+     * is violated.
+     *
+     *	1) The uncle is red.  We repaint both the parent and uncle black
+     *     and repaint the grandparent node red.
+     *
+     *  2) The uncle is black and the new node is the right child of its
+     *     parent, and the parent in turn is the left child of its parent.
+     *     We do a left rotation to switch the roles of the parent and
+     *     child, relying on further iterations to fixup the old parent.
+     *
+     *  3) The uncle is black and the new node is the left child of its
+     *     parent, and the parent in turn is the left child of its parent.
+     *     We switch the colors of the parent and grandparent and perform
+     *     a right rotation around the grandparent.  This makes the former
+     *     parent the parent of the new node and the former grandparent.
+     *
+     * Note that because we use a sentinel for the root node we never
+     * need to worry about replacing the root.
+     */
+    while (node->parent->color == red) {
+	struct rbnode *uncle;
+	if (node->parent == node->parent->parent->left) {
+	    uncle = node->parent->parent->right;
+	    if (uncle->color == red) {
+		node->parent->color = black;
+		uncle->color = black;
+		node->parent->parent->color = red;
+		node = node->parent->parent;
+	    } else /* if (uncle->color == black) */ {
+		if (node == node->parent->right) {
+		    node = node->parent;
+		    rotate_left(tree, node);
+		}
+		node->parent->color = black;
+		node->parent->parent->color = red;
+		rotate_right(tree, node->parent->parent);
+	    }
+	} else { /* if (node->parent == node->parent->parent->right) */
+	    uncle = node->parent->parent->left;
+	    if (uncle->color == red) {
+		node->parent->color = black;
+		uncle->color = black;
+		node->parent->parent->color = red;
+		node = node->parent->parent;
+	    } else /* if (uncle->color == black) */ {
+		if (node == node->parent->left) {
+		    node = node->parent;
+		    rotate_right(tree, node);
+		}
+		node->parent->color = black;
+		node->parent->parent->color = red;
+		rotate_left(tree, node->parent->parent);
+	    }
+	}
+    }
+    rbfirst(tree)->color = black;	/* first node is always black */
+    debug_return_int(0);
+}
+
+/*
+ * Look for a node matching key in tree.
+ * Returns a pointer to the node if found, else NULL.
+ */
+struct rbnode *
+rbfind(struct rbtree *tree, void *key)
+{
+    struct rbnode *node = rbfirst(tree);
+    int res;
+    debug_decl(rbfind, SUDOERS_DEBUG_RBTREE)
+
+    while (node != rbnil(tree)) {
+	if ((res = tree->compar(key, node->data)) == 0)
+	    debug_return_ptr(node);
+	node = res < 0 ? node->left : node->right;
+    }
+    debug_return_ptr(NULL);
+}
+
+/*
+ * Call func() for each node, passing it the node data and a cookie;
+ * If func() returns non-zero for a node, the traversal stops and the
+ * error value is returned.  Returns 0 on successful traversal.
+ */
+int
+rbapply_node(struct rbtree *tree, struct rbnode *node,
+    int (*func)(void *, void *), void *cookie, enum rbtraversal order)
+{
+    int error;
+    debug_decl(rbapply_node, SUDOERS_DEBUG_RBTREE)
+
+    if (node != rbnil(tree)) {
+	if (order == preorder)
+	    if ((error = func(node->data, cookie)) != 0)
+		debug_return_int(error);
+	if ((error = rbapply_node(tree, node->left, func, cookie, order)) != 0)
+	    debug_return_int(error);
+	if (order == inorder)
+	    if ((error = func(node->data, cookie)) != 0)
+		debug_return_int(error);
+	if ((error = rbapply_node(tree, node->right, func, cookie, order)) != 0)
+	    debug_return_int(error);
+	if (order == postorder)
+	    if ((error = func(node->data, cookie)) != 0)
+		debug_return_int(error);
+    }
+    debug_return_int(0);
+}
+
+/*
+ * Returns the successor of node, or nil if there is none.
+ */
+static struct rbnode *
+rbsuccessor(struct rbtree *tree, struct rbnode *node)
+{
+    struct rbnode *succ;
+    debug_decl(rbsuccessor, SUDOERS_DEBUG_RBTREE)
+
+    if ((succ = node->right) != rbnil(tree)) {
+	while (succ->left != rbnil(tree))
+	    succ = succ->left;
+    } else {
+	/* No right child, move up until we find it or hit the root */
+	for (succ = node->parent; node == succ->right; succ = succ->parent)
+	    node = succ;
+	if (succ == rbroot(tree))
+	    succ = rbnil(tree);
+    }
+    debug_return_ptr(succ);
+}
+
+/*
+ * Recursive portion of rbdestroy().
+ */
+static void
+rbdestroy_int(struct rbtree *tree, struct rbnode *node, void (*destroy)(void *))
+{
+    debug_decl(rbdestroy_int, SUDOERS_DEBUG_RBTREE)
+    if (node != rbnil(tree)) {
+	rbdestroy_int(tree, node->left, destroy);
+	rbdestroy_int(tree, node->right, destroy);
+	if (destroy != NULL)
+	    destroy(node->data);
+	free(node);
+    }
+    debug_return;
+}
+
+/*
+ * Destroy the specified tree, calling the destructor "destroy"
+ * for each node and then freeing the tree itself.
+ */
+void
+rbdestroy(struct rbtree *tree, void (*destroy)(void *))
+{
+    debug_decl(rbdestroy, SUDOERS_DEBUG_RBTREE)
+    rbdestroy_int(tree, rbfirst(tree), destroy);
+    free(tree);
+    debug_return;
+}
+
+/*
+ * Delete node 'z' from the tree and return its data pointer.
+ */
+void *rbdelete(struct rbtree *tree, struct rbnode *z)
+{
+    struct rbnode *x, *y;
+    void *data = z->data;
+    debug_decl(rbdelete, SUDOERS_DEBUG_RBTREE)
+
+    if (z->left == rbnil(tree) || z->right == rbnil(tree))
+	y = z;
+    else
+	y = rbsuccessor(tree, z);
+    x = (y->left == rbnil(tree)) ? y->right : y->left;
+
+    if ((x->parent = y->parent) == rbroot(tree)) {
+	rbfirst(tree) = x;
+    } else {
+	if (y == y->parent->left)
+	    y->parent->left = x;
+	else
+	    y->parent->right = x;
+    }
+    if (y->color == black)
+	rbrepair(tree, x);
+    if (y != z) {
+	y->left = z->left;
+	y->right = z->right;
+	y->parent = z->parent;
+	y->color = z->color;
+	z->left->parent = z->right->parent = y;
+	if (z == z->parent->left)
+	    z->parent->left = y; 
+	else
+	    z->parent->right = y;
+    }
+    free(z); 
+    
+    debug_return_ptr(data);
+}
+
+/*
+ * Repair the tree after a node has been deleted by rotating and repainting
+ * colors to restore the 4 properties inherent in red-black trees.
+ */
+static void
+rbrepair(struct rbtree *tree, struct rbnode *node)
+{
+    struct rbnode *sibling;
+    debug_decl(rbrepair, SUDOERS_DEBUG_RBTREE)
+
+    while (node->color == black && node != rbfirst(tree)) {
+	if (node == node->parent->left) {
+	    sibling = node->parent->right;
+	    if (sibling->color == red) {
+		sibling->color = black;
+		node->parent->color = red;
+		rotate_left(tree, node->parent);
+		sibling = node->parent->right;
+	    }
+	    if (sibling->right->color == black && sibling->left->color == black) {
+		sibling->color = red;
+		node = node->parent;
+	    } else {
+		if (sibling->right->color == black) {
+		      sibling->left->color = black;
+		      sibling->color = red;
+		      rotate_right(tree, sibling);
+		      sibling = node->parent->right;
+		}
+		sibling->color = node->parent->color;
+		node->parent->color = black;
+		sibling->right->color = black;
+		rotate_left(tree, node->parent);
+		node = rbfirst(tree); /* exit loop */
+	    }
+	} else { /* if (node == node->parent->right) */
+	    sibling = node->parent->left;
+	    if (sibling->color == red) {
+		sibling->color = black;
+		node->parent->color = red;
+		rotate_right(tree, node->parent);
+		sibling = node->parent->left;
+	    }
+	    if (sibling->right->color == black && sibling->left->color == black) {
+		sibling->color = red;
+		node = node->parent;
+	    } else {
+		if (sibling->left->color == black) {
+		    sibling->right->color = black;
+		    sibling->color = red;
+		    rotate_left(tree, sibling);
+		    sibling = node->parent->left;
+		}
+		sibling->color = node->parent->color;
+		node->parent->color = black;
+		sibling->left->color = black;
+		rotate_right(tree, node->parent);
+		node = rbfirst(tree); /* exit loop */
+	    }
+	}
+    }
+    node->color = black;
+
+    debug_return;
+}
diff --git a/plugins/sudoers/redblack.h b/plugins/sudoers/redblack.h
new file mode 100644
index 0000000..2b40636
--- /dev/null
+++ b/plugins/sudoers/redblack.h
@@ -0,0 +1,58 @@
+/*
+ * Copyright (c) 2004, 2007, 2010, 2013
+ *	Todd C. Miller <Todd.Miller@sudo.ws>
+ *
+ * Permission to use, copy, modify, and distribute this software for any
+ * purpose with or without fee is hereby granted, provided that the above
+ * copyright notice and this permission notice appear in all copies.
+ *
+ * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
+ * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
+ * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
+ * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
+ * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
+ * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
+ * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
+ */
+
+#ifndef SUDOERS_REDBLACK_H
+#define SUDOERS_REDBLACK_H
+
+enum rbcolor {
+    red,
+    black
+};
+
+enum rbtraversal {
+    preorder,
+    inorder,
+    postorder
+};
+
+struct rbnode {
+    struct rbnode *left, *right, *parent;
+    void *data;
+    enum rbcolor color;
+};
+
+struct rbtree {
+    int (*compar)(const void *, const void *);
+    struct rbnode root;
+    struct rbnode nil;
+};
+
+#define rbapply(t, f, c, o)	rbapply_node((t), (t)->root.left, (f), (c), (o))
+#define rbisempty(t)		((t)->root.left == &(t)->nil && (t)->root.right == &(t)->nil)
+#define rbfirst(t)		((t)->root.left)
+#define rbroot(t)		(&(t)->root)
+#define rbnil(t)		(&(t)->nil)
+
+void *rbdelete(struct rbtree *, struct rbnode *);
+int rbapply_node(struct rbtree *, struct rbnode *,
+	int (*)(void *, void *), void *, enum rbtraversal);
+struct rbnode *rbfind(struct rbtree *, void *);
+int rbinsert(struct rbtree *, void *, struct rbnode **);
+struct rbtree *rbcreate(int (*)(const void *, const void *));
+void rbdestroy(struct rbtree *, void (*)(void *));
+
+#endif /* SUDOERS_REDBLACK_H */
diff --git a/plugins/sudoers/regress/check_symbols/check_symbols.c b/plugins/sudoers/regress/check_symbols/check_symbols.c
new file mode 100644
index 0000000..6647609
--- /dev/null
+++ b/plugins/sudoers/regress/check_symbols/check_symbols.c
@@ -0,0 +1,103 @@
+/*
+ * Copyright (c) 2012-2015 Todd C. Miller <Todd.Miller@sudo.ws>
+ *
+ * Permission to use, copy, modify, and distribute this software for any
+ * purpose with or without fee is hereby granted, provided that the above
+ * copyright notice and this permission notice appear in all copies.
+ *
+ * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
+ * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
+ * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
+ * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
+ * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
+ * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
+ * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
+ */
+
+#include <config.h>
+
+#include <sys/types.h>
+#include <stdio.h>
+#include <stdlib.h>
+#ifdef HAVE_STRING_H
+# include <string.h>
+#endif /* HAVE_STRING_H */
+#ifdef HAVE_STRINGS_H
+# include <strings.h>
+#endif /* HAVE_STRINGS_H */
+#include <errno.h>
+#include <limits.h>
+
+#include "sudo_compat.h"
+#include "sudo_dso.h"
+#include "sudo_util.h"
+#include "sudo_fatal.h"
+
+__dso_public int main(int argc, char *argv[]);
+
+static void
+usage(void)
+{
+    fprintf(stderr, "usage: %s plugin.so symbols_file\n", getprogname());
+    exit(1);
+}
+
+int
+main(int argc, char *argv[])
+{
+    void *handle, *sym;
+    const char *plugin_path;
+    const char *symbols_file;
+    char *cp, line[LINE_MAX];
+    FILE *fp;
+    int ntests = 0, errors = 0;
+
+    initprogname(argc > 0 ? argv[0] : "check_symbols");
+
+    if (argc != 3)
+	usage();
+    plugin_path = argv[1];
+    symbols_file = argv[2];
+
+    handle = sudo_dso_load(plugin_path, SUDO_DSO_LAZY|SUDO_DSO_GLOBAL);
+    if (handle == NULL) {
+	const char *errstr = sudo_dso_strerror();
+	sudo_fatalx_nodebug("unable to load %s: %s", plugin_path,
+	    errstr ? errstr : "unknown error");
+    }
+
+    fp = fopen(symbols_file, "r");
+    if (fp == NULL)
+	sudo_fatal_nodebug("unable to open %s", symbols_file);
+
+    while (fgets(line, sizeof(line), fp) != NULL) {
+	ntests++;
+	if ((cp = strchr(line, '\n')) != NULL)
+	    *cp = '\0';
+	sym = sudo_dso_findsym(handle, line);
+	if (sym == NULL) {
+	    const char *errstr = sudo_dso_strerror();
+	    printf("%s: test %d: unable to resolve symbol %s: %s\n",
+		getprogname(), ntests, line, errstr ? errstr : "unknown error");
+	    errors++;
+	}
+    }
+
+    /*
+     * Make sure unexported symbols are not available.
+     */
+    ntests++;
+    sym = sudo_dso_findsym(handle, "user_in_group");
+    if (sym != NULL) {
+	printf("%s: test %d: able to resolve local symbol user_in_group\n",
+	    getprogname(), ntests);
+	errors++;
+    }
+
+    sudo_dso_unload(handle);
+
+    printf("%s: %d tests run, %d errors, %d%% success rate\n", getprogname(),
+	ntests, errors, (ntests - errors) * 100 / ntests);
+
+    exit(errors);
+}
diff --git a/plugins/sudoers/regress/cvtsudoers/sudoers b/plugins/sudoers/regress/cvtsudoers/sudoers
new file mode 100644
index 0000000..6f66083
--- /dev/null
+++ b/plugins/sudoers/regress/cvtsudoers/sudoers
@@ -0,0 +1,126 @@
+#
+# Sample /etc/sudoers file.
+#
+# This file MUST be edited with the 'visudo' command as root.
+#
+# See the sudoers man page for the details on how to write a sudoers file.
+
+##
+# Override built-in defaults
+##
+Defaults		syslog=auth
+Defaults>root		!set_logname
+Defaults:FULLTIMERS	!lecture
+Defaults:millert	!authenticate
+Defaults@SERVERS	log_year, logfile=/var/log/sudo.log
+Defaults!PAGERS		noexec
+
+##
+# User alias specification
+##
+User_Alias	FULLTIMERS = millert, mikef, dowdy
+User_Alias	PARTTIMERS = bostley, jwfox, crawl
+User_Alias	WEBMASTERS = will, wendy, wim
+
+##
+# Runas alias specification
+##
+Runas_Alias	OP = root, operator
+Runas_Alias	DB = oracle, sybase
+
+##
+# Host alias specification
+##
+Host_Alias	SPARC = bigtime, eclipse, moet, anchor:\
+		SGI = grolsch, dandelion, black:\
+		ALPHA = widget, thalamus, foobar:\
+		HPPA = boa, nag, python
+Host_Alias	CUNETS = 128.138.0.0/255.255.0.0
+Host_Alias	CSNETS = 128.138.243.0, 128.138.204.0/24, 128.138.242.0
+Host_Alias	SERVERS = master, mail, www, ns
+Host_Alias	CDROM = orion, perseus, hercules
+
+##
+# Cmnd alias specification
+##
+Cmnd_Alias	DUMPS = /usr/sbin/dump, /usr/sbin/rdump, /usr/sbin/restore, \
+			/usr/sbin/rrestore, /usr/bin/mt, \
+			sha224:0GomF8mNN3wlDt1HD9XldjJ3SNgpFdbjO1+NsQ== \
+			/home/operator/bin/start_backups
+Cmnd_Alias	KILL = /usr/bin/kill, /usr/bin/top
+Cmnd_Alias	PRINTING = /usr/sbin/lpc, /usr/bin/lprm
+Cmnd_Alias	SHUTDOWN = /usr/sbin/shutdown
+Cmnd_Alias	HALT = /usr/sbin/halt
+Cmnd_Alias	REBOOT = /usr/sbin/reboot
+Cmnd_Alias	SHELLS = /sbin/sh, /usr/bin/sh, /usr/bin/csh, /usr/bin/ksh, \
+			 /usr/local/bin/tcsh, /usr/bin/rsh, \
+			 /usr/local/bin/zsh
+Cmnd_Alias	SU = /usr/bin/su
+Cmnd_Alias	VIPW = /usr/sbin/vipw, /usr/bin/passwd, /usr/bin/chsh, \
+		       /usr/bin/chfn
+Cmnd_Alias	PAGERS = /usr/bin/more, /usr/bin/pg, /usr/bin/less
+
+##
+# User specification
+##
+
+# root and users in group wheel can run anything on any machine as any user
+root		ALL = (ALL) ALL
+%wheel		ALL = (ALL) ALL
+
+# full time sysadmins can run anything on any machine without a password
+FULLTIMERS	ALL = NOPASSWD: ALL
+
+# part time sysadmins may run anything but need a password
+PARTTIMERS	ALL = ALL
+
+# jack may run anything on machines in CSNETS
+jack		CSNETS = ALL
+
+# lisa may run any command on any host in CUNETS (a class B network)
+lisa		CUNETS = ALL
+
+# operator may run maintenance commands and anything in /usr/oper/bin/
+operator	ALL = DUMPS, KILL, SHUTDOWN, HALT, REBOOT, PRINTING,\
+		sudoedit /etc/printcap, /usr/oper/bin/
+
+# joe may su only to operator
+joe		ALL = /usr/bin/su operator
+
+# pete may change passwords for anyone but root on the hp snakes
+pete		HPPA = /usr/bin/passwd [A-Za-z]*, !/usr/bin/passwd *root*
+
+# bob may run anything on the sparc and sgi machines as any user
+# listed in the Runas_Alias "OP" (ie: root and operator)
+bob		SPARC = (OP) ALL : SGI = (OP) ALL
+
+# fred can run commands as oracle or sybase without a password
+fred		ALL = (DB) NOPASSWD: ALL
+
+# on the alphas, john may su to anyone but root and flags are not allowed
+john		ALPHA = /usr/bin/su [!-]*, !/usr/bin/su *root*
+
+# jen can run anything on all machines except the ones
+# in the "SERVERS" Host_Alias
+jen		ALL, !SERVERS = ALL
+
+# jill can run any commands in the directory /usr/bin/, except for
+# those in the SU and SHELLS aliases.
+jill		SERVERS = /usr/bin/, !SU, !SHELLS
+
+# steve can run any command in the directory /usr/local/op_commands/
+# as user operator.
+steve		CSNETS = (operator) /usr/local/op_commands/
+
+# matt needs to be able to kill things on his workstation when
+# they get hung.
+matt		valkyrie = KILL
+
+# users in the WEBMASTERS User_Alias (will, wendy, and wim)
+# may run any command as user www (which owns the web pages)
+# or simply su to www.
+WEBMASTERS	www = (www) ALL, (root) /usr/bin/su www
+
+# anyone can mount/unmount a cd-rom on the machines in the CDROM alias
+ALL		CDROM = NOPASSWD: /sbin/umount /CDROM,\
+		/sbin/mount -o nosuid\,nodev /dev/cd0a /CDROM
diff --git a/plugins/sudoers/regress/cvtsudoers/sudoers.defs b/plugins/sudoers/regress/cvtsudoers/sudoers.defs
new file mode 100755
index 0000000..c6bfa93
--- /dev/null
+++ b/plugins/sudoers/regress/cvtsudoers/sudoers.defs
@@ -0,0 +1,19 @@
+Defaults		syslog=auth
+Defaults>ROOT		!set_logname
+Defaults:FULLTIMERS	!lecture
+Defaults:millert	!authenticate
+Defaults@SERVERS	log_year, logfile=/var/log/sudo.log
+Defaults!PAGERS		noexec
+
+User_Alias	FULLTIMERS = millert, mikef, dowdy
+User_Alias	PARTTIMERS = bostley, jwfox, crawl
+
+Host_Alias	SERVERS = master, mail, www, ns
+Host_Alias	CDROM = orion, perseus, hercules
+
+Cmnd_Alias	VIPW = /usr/sbin/vipw, /usr/bin/passwd, /usr/bin/chsh, \
+		       /usr/bin/chfn
+Cmnd_Alias	PAGERS = /usr/bin/more, /usr/bin/pg, /usr/bin/less
+
+Runas_Alias	ROOT = root, toor
+Runas_Alias	OPERATOR = operator, backup
diff --git a/plugins/sudoers/regress/cvtsudoers/test1.out.ok b/plugins/sudoers/regress/cvtsudoers/test1.out.ok
new file mode 100644
index 0000000..da3f555
--- /dev/null
+++ b/plugins/sudoers/regress/cvtsudoers/test1.out.ok
@@ -0,0 +1,14 @@
+Defaults syslog=auth
+Defaults>root !set_logname
+Defaults:FULLTIMERS !lecture
+Defaults:millert !authenticate
+Defaults!PAGERS noexec
+
+Host_Alias CDROM = orion, perseus, hercules
+User_Alias FULLTIMERS = millert, mikef, dowdy
+Cmnd_Alias PAGERS = /usr/bin/more, /usr/bin/pg, /usr/bin/less
+
+FULLTIMERS ALL = NOPASSWD: ALL
+
+ALL CDROM = NOPASSWD: /sbin/umount /CDROM, /sbin/mount -o nosuid\,nodev\
+    /dev/cd0a /CDROM
diff --git a/plugins/sudoers/regress/cvtsudoers/test1.sh b/plugins/sudoers/regress/cvtsudoers/test1.sh
new file mode 100755
index 0000000..e2ff3cf
--- /dev/null
+++ b/plugins/sudoers/regress/cvtsudoers/test1.sh
@@ -0,0 +1,9 @@
+#!/bin/sh
+#
+# Test user and host filters
+#
+
+exec 2>&1
+./cvtsudoers -c "" -f sudoers -m user=millert,host=hercules $TESTDIR/sudoers
+
+exit 0
diff --git a/plugins/sudoers/regress/cvtsudoers/test10.out.ok b/plugins/sudoers/regress/cvtsudoers/test10.out.ok
new file mode 100644
index 0000000..26a05d2
--- /dev/null
+++ b/plugins/sudoers/regress/cvtsudoers/test10.out.ok
@@ -0,0 +1 @@
+Defaults!PAGERS noexec
diff --git a/plugins/sudoers/regress/cvtsudoers/test10.sh b/plugins/sudoers/regress/cvtsudoers/test10.sh
new file mode 100755
index 0000000..25df83c
--- /dev/null
+++ b/plugins/sudoers/regress/cvtsudoers/test10.sh
@@ -0,0 +1,9 @@
+#!/bin/sh
+#
+# Test command defaults filtering
+#
+
+exec 2>&1
+./cvtsudoers -c "" -f sudoers -s aliases,privileges -d command $TESTDIR/sudoers
+
+exit 0
diff --git a/plugins/sudoers/regress/cvtsudoers/test11.out.ok b/plugins/sudoers/regress/cvtsudoers/test11.out.ok
new file mode 100644
index 0000000..5c4c4e8
--- /dev/null
+++ b/plugins/sudoers/regress/cvtsudoers/test11.out.ok
@@ -0,0 +1,7 @@
+Defaults!PAGERS noexec
+
+Host_Alias CDROM = orion, perseus, hercules
+Runas_Alias OPERATOR = operator, backup
+Cmnd_Alias PAGERS = /usr/bin/more, /usr/bin/pg, /usr/bin/less
+User_Alias PARTTIMERS = bostley, jwfox, crawl
+Cmnd_Alias VIPW = /usr/sbin/vipw, /usr/bin/passwd, /usr/bin/chsh, /usr/bin/chfn
diff --git a/plugins/sudoers/regress/cvtsudoers/test11.sh b/plugins/sudoers/regress/cvtsudoers/test11.sh
new file mode 100755
index 0000000..1466689
--- /dev/null
+++ b/plugins/sudoers/regress/cvtsudoers/test11.sh
@@ -0,0 +1,7 @@
+#!/bin/sh
+#
+# Test that Aliases are removed when filtering by defaults type
+#
+
+exec 2>&1
+./cvtsudoers -c "" -f sudoers -d command $TESTDIR/sudoers.defs
diff --git a/plugins/sudoers/regress/cvtsudoers/test12.out.ok b/plugins/sudoers/regress/cvtsudoers/test12.out.ok
new file mode 100644
index 0000000..7f2b15e
--- /dev/null
+++ b/plugins/sudoers/regress/cvtsudoers/test12.out.ok
@@ -0,0 +1,8 @@
+Defaults:FULLTIMERS !lecture
+Defaults:millert !authenticate
+
+Host_Alias CDROM = orion, perseus, hercules
+User_Alias FULLTIMERS = millert, mikef, dowdy
+Runas_Alias OPERATOR = operator, backup
+User_Alias PARTTIMERS = bostley, jwfox, crawl
+Cmnd_Alias VIPW = /usr/sbin/vipw, /usr/bin/passwd, /usr/bin/chsh, /usr/bin/chfn
diff --git a/plugins/sudoers/regress/cvtsudoers/test12.sh b/plugins/sudoers/regress/cvtsudoers/test12.sh
new file mode 100755
index 0000000..ea0f6bc
--- /dev/null
+++ b/plugins/sudoers/regress/cvtsudoers/test12.sh
@@ -0,0 +1,7 @@
+#!/bin/sh
+#
+# Test that Aliases are removed when filtering by defaults type
+#
+
+exec 2>&1
+./cvtsudoers -c "" -f sudoers -d user $TESTDIR/sudoers.defs
diff --git a/plugins/sudoers/regress/cvtsudoers/test13.out.ok b/plugins/sudoers/regress/cvtsudoers/test13.out.ok
new file mode 100644
index 0000000..791dcba
--- /dev/null
+++ b/plugins/sudoers/regress/cvtsudoers/test13.out.ok
@@ -0,0 +1,7 @@
+Defaults@SERVERS log_year, logfile=/var/log/sudo.log
+
+Host_Alias CDROM = orion, perseus, hercules
+Runas_Alias OPERATOR = operator, backup
+User_Alias PARTTIMERS = bostley, jwfox, crawl
+Host_Alias SERVERS = master, mail, www, ns
+Cmnd_Alias VIPW = /usr/sbin/vipw, /usr/bin/passwd, /usr/bin/chsh, /usr/bin/chfn
diff --git a/plugins/sudoers/regress/cvtsudoers/test13.sh b/plugins/sudoers/regress/cvtsudoers/test13.sh
new file mode 100755
index 0000000..4dd4750
--- /dev/null
+++ b/plugins/sudoers/regress/cvtsudoers/test13.sh
@@ -0,0 +1,7 @@
+#!/bin/sh
+#
+# Test that Aliases are removed when filtering by defaults type
+#
+
+exec 2>&1
+./cvtsudoers -c "" -f sudoers -d host $TESTDIR/sudoers.defs
diff --git a/plugins/sudoers/regress/cvtsudoers/test14.out.ok b/plugins/sudoers/regress/cvtsudoers/test14.out.ok
new file mode 100644
index 0000000..3f7710a
--- /dev/null
+++ b/plugins/sudoers/regress/cvtsudoers/test14.out.ok
@@ -0,0 +1,7 @@
+Defaults>ROOT !set_logname
+
+Host_Alias CDROM = orion, perseus, hercules
+Runas_Alias OPERATOR = operator, backup
+User_Alias PARTTIMERS = bostley, jwfox, crawl
+Runas_Alias ROOT = root, toor
+Cmnd_Alias VIPW = /usr/sbin/vipw, /usr/bin/passwd, /usr/bin/chsh, /usr/bin/chfn
diff --git a/plugins/sudoers/regress/cvtsudoers/test14.sh b/plugins/sudoers/regress/cvtsudoers/test14.sh
new file mode 100755
index 0000000..3f31076
--- /dev/null
+++ b/plugins/sudoers/regress/cvtsudoers/test14.sh
@@ -0,0 +1,7 @@
+#!/bin/sh
+#
+# Test that Aliases are removed when filtering by defaults type
+#
+
+exec 2>&1
+./cvtsudoers -c "" -f sudoers -d runas $TESTDIR/sudoers.defs
diff --git a/plugins/sudoers/regress/cvtsudoers/test15.out.ok b/plugins/sudoers/regress/cvtsudoers/test15.out.ok
new file mode 100644
index 0000000..5177139
--- /dev/null
+++ b/plugins/sudoers/regress/cvtsudoers/test15.out.ok
@@ -0,0 +1 @@
+user1 host1, host2, host3 = ALL
diff --git a/plugins/sudoers/regress/cvtsudoers/test15.sh b/plugins/sudoers/regress/cvtsudoers/test15.sh
new file mode 100755
index 0000000..04a2788
--- /dev/null
+++ b/plugins/sudoers/regress/cvtsudoers/test15.sh
@@ -0,0 +1,9 @@
+#!/bin/sh
+#
+# Test filters and pruning
+#
+
+exec 2>&1
+./cvtsudoers -c "" -f sudoers -p -m user=user1 <<EOF
+user1, user2, user3, %group1 host1, host2, host3 = ALL
+EOF
diff --git a/plugins/sudoers/regress/cvtsudoers/test16.out.ok b/plugins/sudoers/regress/cvtsudoers/test16.out.ok
new file mode 100644
index 0000000..38359b1
--- /dev/null
+++ b/plugins/sudoers/regress/cvtsudoers/test16.out.ok
@@ -0,0 +1 @@
+user2 host2 = ALL
diff --git a/plugins/sudoers/regress/cvtsudoers/test16.sh b/plugins/sudoers/regress/cvtsudoers/test16.sh
new file mode 100755
index 0000000..712cdeb
--- /dev/null
+++ b/plugins/sudoers/regress/cvtsudoers/test16.sh
@@ -0,0 +1,9 @@
+#!/bin/sh
+#
+# Test filters and pruning
+#
+
+exec 2>&1
+./cvtsudoers -c "" -f sudoers -p -m user=user2,host=host2 <<EOF
+user1, user2, user3, %group1 host1, host2, host3 = ALL
+EOF
diff --git a/plugins/sudoers/regress/cvtsudoers/test17.out.ok b/plugins/sudoers/regress/cvtsudoers/test17.out.ok
new file mode 100644
index 0000000..d35dd06
--- /dev/null
+++ b/plugins/sudoers/regress/cvtsudoers/test17.out.ok
@@ -0,0 +1 @@
+%group1 host1 = ALL
diff --git a/plugins/sudoers/regress/cvtsudoers/test17.sh b/plugins/sudoers/regress/cvtsudoers/test17.sh
new file mode 100755
index 0000000..9892de4
--- /dev/null
+++ b/plugins/sudoers/regress/cvtsudoers/test17.sh
@@ -0,0 +1,9 @@
+#!/bin/sh
+#
+# Test filters and pruning
+#
+
+exec 2>&1
+./cvtsudoers -c "" -f sudoers -p -m group=group1,host=host1 <<EOF
+user1, user2, user3, %group1 host1, host2, host3 = ALL
+EOF
diff --git a/plugins/sudoers/regress/cvtsudoers/test18.out.ok b/plugins/sudoers/regress/cvtsudoers/test18.out.ok
new file mode 100644
index 0000000..3055452
--- /dev/null
+++ b/plugins/sudoers/regress/cvtsudoers/test18.out.ok
@@ -0,0 +1 @@
+%group1 ALL = ALL
diff --git a/plugins/sudoers/regress/cvtsudoers/test18.sh b/plugins/sudoers/regress/cvtsudoers/test18.sh
new file mode 100755
index 0000000..5ce7c88
--- /dev/null
+++ b/plugins/sudoers/regress/cvtsudoers/test18.sh
@@ -0,0 +1,9 @@
+#!/bin/sh
+#
+# Test filters and pruning
+#
+
+exec 2>&1
+./cvtsudoers -c "" -f sudoers -p -m group=group1,host=somehost <<EOF
+user1, user2, user3, %group1 ALL = ALL
+EOF
diff --git a/plugins/sudoers/regress/cvtsudoers/test19.out.ok b/plugins/sudoers/regress/cvtsudoers/test19.out.ok
new file mode 100644
index 0000000..a36b949
--- /dev/null
+++ b/plugins/sudoers/regress/cvtsudoers/test19.out.ok
@@ -0,0 +1,11 @@
+Defaults syslog=auth
+Defaults>root !set_logname
+Defaults:FULLTIMERS !lecture
+Defaults@SERVERS log_year, logfile=/var/log/sudo.log
+Defaults!PAGERS noexec
+
+User_Alias FULLTIMERS = millert, mikef, dowdy
+Cmnd_Alias PAGERS = /usr/bin/more, /usr/bin/pg, /usr/bin/less
+Host_Alias SERVERS = master, mail, www, ns
+
+FULLTIMERS ALL = NOPASSWD: ALL
diff --git a/plugins/sudoers/regress/cvtsudoers/test19.sh b/plugins/sudoers/regress/cvtsudoers/test19.sh
new file mode 100755
index 0000000..f434f2a
--- /dev/null
+++ b/plugins/sudoers/regress/cvtsudoers/test19.sh
@@ -0,0 +1,7 @@
+#!/bin/sh
+#
+# Test filters and pruning; alias contents don't get pruned
+#
+
+exec 2>&1
+./cvtsudoers -c "" -f sudoers -p -m user=FULLTIMERS,host=SERVERS $TESTDIR/sudoers
diff --git a/plugins/sudoers/regress/cvtsudoers/test2.out.ok b/plugins/sudoers/regress/cvtsudoers/test2.out.ok
new file mode 100644
index 0000000..d99e0e5
--- /dev/null
+++ b/plugins/sudoers/regress/cvtsudoers/test2.out.ok
@@ -0,0 +1,10 @@
+Defaults syslog=auth
+Defaults>root !set_logname
+Defaults:millert, mikef, dowdy !lecture
+Defaults:millert !authenticate
+Defaults!/usr/bin/more, /usr/bin/pg, /usr/bin/less noexec
+
+millert, mikef, dowdy ALL = NOPASSWD: ALL
+
+ALL orion, perseus, hercules = NOPASSWD: /sbin/umount /CDROM, /sbin/mount -o\
+    nosuid\,nodev /dev/cd0a /CDROM
diff --git a/plugins/sudoers/regress/cvtsudoers/test2.sh b/plugins/sudoers/regress/cvtsudoers/test2.sh
new file mode 100755
index 0000000..e7f19f6
--- /dev/null
+++ b/plugins/sudoers/regress/cvtsudoers/test2.sh
@@ -0,0 +1,9 @@
+#!/bin/sh
+#
+# Test user and host filters, expanding aliases
+#
+
+exec 2>&1
+./cvtsudoers -c "" -f sudoers -e -m user=millert,host=hercules $TESTDIR/sudoers
+
+exit 0
diff --git a/plugins/sudoers/regress/cvtsudoers/test20.conf b/plugins/sudoers/regress/cvtsudoers/test20.conf
new file mode 100644
index 0000000..b60725c
--- /dev/null
+++ b/plugins/sudoers/regress/cvtsudoers/test20.conf
@@ -0,0 +1,6 @@
+defaults = global
+expand_aliases = yes
+input_format = sudoers
+match = user=user2
+output_format = sudoers                                     
+prune_matches = yes
diff --git a/plugins/sudoers/regress/cvtsudoers/test20.out.ok b/plugins/sudoers/regress/cvtsudoers/test20.out.ok
new file mode 100644
index 0000000..79b420b
--- /dev/null
+++ b/plugins/sudoers/regress/cvtsudoers/test20.out.ok
@@ -0,0 +1 @@
+user2 ALL = /usr/bin/id
diff --git a/plugins/sudoers/regress/cvtsudoers/test20.sh b/plugins/sudoers/regress/cvtsudoers/test20.sh
new file mode 100755
index 0000000..e7214e2
--- /dev/null
+++ b/plugins/sudoers/regress/cvtsudoers/test20.sh
@@ -0,0 +1,12 @@
+#!/bin/sh
+#
+# Test cvtsudoers.conf
+#
+
+exec 2>&1
+./cvtsudoers -c $TESTDIR/test20.conf <<EOF
+Defaults:SOMEUSERS authenticate, timestamp_timeout=0
+User_Alias SOMEUSERS = user1, user2, user3
+
+SOMEUSERS ALL = /usr/bin/id
+EOF
diff --git a/plugins/sudoers/regress/cvtsudoers/test21.conf b/plugins/sudoers/regress/cvtsudoers/test21.conf
new file mode 100644
index 0000000..01fd3a3
--- /dev/null
+++ b/plugins/sudoers/regress/cvtsudoers/test21.conf
@@ -0,0 +1,8 @@
+defaults = all
+expand_aliases = no
+input_format = sudoers
+order_increment = 10
+order_start = 1000
+output_format = ldif                                     
+sudoers_base = ou=SUDOers,dc=my-domain,dc=com
+suppress = defaults
diff --git a/plugins/sudoers/regress/cvtsudoers/test21.out.ok b/plugins/sudoers/regress/cvtsudoers/test21.out.ok
new file mode 100644
index 0000000..78285f1
--- /dev/null
+++ b/plugins/sudoers/regress/cvtsudoers/test21.out.ok
@@ -0,0 +1,24 @@
+dn: cn=ALL,ou=SUDOers,dc=my-domain,dc=com
+objectClass: top
+objectClass: sudoRole
+cn: ALL
+sudoUser: ALL
+sudoHost: ALL
+sudoRunAsUser:
+sudoOption: !authenticate
+sudoCommand: /usr/bin/id
+sudoOrder: 1000
+
+dn: cn=FULLTIMERS,ou=SUDOers,dc=my-domain,dc=com
+objectClass: top
+objectClass: sudoRole
+cn: FULLTIMERS
+sudoUser: user1
+sudoUser: user2
+sudoUser: user3
+sudoHost: ALL
+sudoRunAsUser: ALL
+sudoRunAsGroup: ALL
+sudoCommand: ALL
+sudoOrder: 1010
+
diff --git a/plugins/sudoers/regress/cvtsudoers/test21.sh b/plugins/sudoers/regress/cvtsudoers/test21.sh
new file mode 100755
index 0000000..66c18b6
--- /dev/null
+++ b/plugins/sudoers/regress/cvtsudoers/test21.sh
@@ -0,0 +1,13 @@
+#!/bin/sh
+#
+# Test cvtsudoers.conf
+#
+
+exec 2>&1
+./cvtsudoers -c $TESTDIR/test21.conf <<EOF
+Defaults authenticate, timestamp_timeout=0
+User_Alias FULLTIMERS = user1, user2, user3
+
+ALL ALL = (:) NOPASSWD:/usr/bin/id
+FULLTIMERS ALL = (ALL:ALL) ALL
+EOF
diff --git a/plugins/sudoers/regress/cvtsudoers/test22.out.ok b/plugins/sudoers/regress/cvtsudoers/test22.out.ok
new file mode 100644
index 0000000..d404815
--- /dev/null
+++ b/plugins/sudoers/regress/cvtsudoers/test22.out.ok
@@ -0,0 +1,31 @@
+dn: cn=defaults,ou=SUDOers,dc=sudo,dc=ws
+objectClass: top
+objectClass: sudoRole
+cn: defaults
+description: Default sudoOption's go here
+sudoOption: log_output
+
+dn: cn=root,ou=SUDOers,dc=sudo,dc=ws
+objectClass: top
+objectClass: sudoRole
+cn: root
+sudoUser: root
+sudoHost: ALL
+sudoRunAsUser: ALL
+sudoRunAsGroup: ALL
+sudoOption: !authenticate
+sudoCommand: ALL
+sudoOrder: 10
+
+dn: cn=%wheel,ou=SUDOers,dc=sudo,dc=ws
+objectClass: top
+objectClass: sudoRole
+cn: %wheel
+sudoUser: %wheel
+sudoHost: +sudo-hosts
+sudoRunAsUser: ALL
+sudoRunAsGroup: ALL
+sudoOption: !authenticate
+sudoCommand: ALL
+sudoOrder: 20
+
diff --git a/plugins/sudoers/regress/cvtsudoers/test22.sh b/plugins/sudoers/regress/cvtsudoers/test22.sh
new file mode 100755
index 0000000..7c75716
--- /dev/null
+++ b/plugins/sudoers/regress/cvtsudoers/test22.sh
@@ -0,0 +1,72 @@
+#!/bin/sh
+#
+# Test LDAP base filtering.
+#
+
+exec 2>&1
+./cvtsudoers -c "" -i ldif -b "ou=SUDOers,dc=sudo,dc=ws" -I 10 -O 10 <<EOF
+dn: dc=sudo,dc=ws
+objectClass: dcObject
+objectClass: organization
+dc: courtesan
+o: Sudo World Headquarters
+description: Sudo World Headquarters
+
+# Organizational Role for Directory Manager
+dn: cn=Manager,dc=sudo,dc=ws
+objectClass: organizationalRole
+cn: Manager
+description: Directory Manager
+
+# SUDOers, sudo.ws
+dn: ou=SUDOers,dc=sudo,dc=ws
+objectClass: top
+objectClass: organizationalUnit
+description: SUDO Configuration Subtree
+ou: SUDOers
+
+# defaults, SUDOers, sudo.ws
+dn: cn=defaults,ou=SUDOers,dc=sudo,dc=ws
+objectClass: top
+objectClass: sudoRole
+cn: defaults
+description: Default sudoOption's go here
+sudoOption: log_output
+
+# root, SUDOers, sudo.ws
+dn: cn=root,ou=SUDOers,dc=sudo,dc=ws
+objectClass: top
+objectClass: sudoRole
+cn: root
+sudoUser: root
+sudoRunAsUser: ALL
+sudoRunAsGroup: ALL
+sudoHost: ALL
+sudoCommand: ALL
+sudoOption: !authenticate
+sudoOrder: 10
+
+# %wheel, SUDOers, sudo.ws
+dn: cn=%wheel,ou=SUDOers,dc=sudo,dc=ws
+objectClass: top
+objectClass: sudoRole
+cn: %wheel
+sudoUser: %wheel
+sudoRunAsUser: ALL
+sudoRunAsGroup: ALL
+sudoHost: +sudo-hosts
+sudoCommand: ALL
+sudoOption: !authenticate
+sudoOrder: 10
+
+# millert, SUDOers, other-domain.com
+dn: cn=millert,ou=SUDOers,dc=other-domain,dc=com
+objectClass: top
+objectClass: sudoRole
+cn: millert
+sudoUser: millert
+sudoRunAsUser: ALL
+sudoRunAsGroup: ALL
+sudoHost: ALL
+sudoOrder: 5
+EOF
diff --git a/plugins/sudoers/regress/cvtsudoers/test23.out.ok b/plugins/sudoers/regress/cvtsudoers/test23.out.ok
new file mode 100644
index 0000000..7fc33c2
--- /dev/null
+++ b/plugins/sudoers/regress/cvtsudoers/test23.out.ok
@@ -0,0 +1,20 @@
+Defaults logfile=/var/log/sudo
+
+root ALL = (ALL) ALL
+
+%wheel ALL = (ALL) ALL
+
++admins ALL = NOPASSWD: ALL
+
+jack 128.138.204.0/24, 128.138.242.0, 128.138.243.0 = ALL
+
+lisa 128.138.0.0/255.255.0.0 = ALL
+
+operator ALL = /usr/sbin/dump, /usr/sbin/rdump, /usr/sbin/restore,\
+    /usr/sbin/rrestore, /usr/bin/mt,\
+    sha224:0GomF8mNN3wlDt1HD9XldjJ3SNgpFdbjO1+NsQ==\
+    /home/operator/bin/start_backups, /usr/bin/kill, /usr/bin/top,\
+    /usr/sbin/shutdown, /usr/sbin/halt, /usr/sbin/reboot, /usr/sbin/lpc,\
+    /usr/bin/lprm, sudoedit /etc/printcap, /usr/oper/bin/
+
+joe ALL = /usr/bin/su operator
diff --git a/plugins/sudoers/regress/cvtsudoers/test23.sh b/plugins/sudoers/regress/cvtsudoers/test23.sh
new file mode 100755
index 0000000..d5f0439
--- /dev/null
+++ b/plugins/sudoers/regress/cvtsudoers/test23.sh
@@ -0,0 +1,8 @@
+#!/bin/sh
+#
+# Test round-tripping of sudoers -> LDIF -> sudoers
+#
+
+exec 2>&1
+./cvtsudoers -c "" -b "ou=SUDOers,dc=sudo,dc=ws" $TESTDIR/test23.out.ok | \
+    ./cvtsudoers -c "" -i LDIF -f sudoers | grep -v '^#'
diff --git a/plugins/sudoers/regress/cvtsudoers/test24.out.ok b/plugins/sudoers/regress/cvtsudoers/test24.out.ok
new file mode 100644
index 0000000..0951767
--- /dev/null
+++ b/plugins/sudoers/regress/cvtsudoers/test24.out.ok
@@ -0,0 +1,89 @@
+dn: cn=defaults,ou=SUDOers,dc=sudo,dc=ws
+objectClass: top
+objectClass: sudoRole
+cn: defaults
+description: Default sudoOption's go here
+sudoOption: logfile=/var/log/sudo
+
+dn: cn=root,ou=SUDOers,dc=sudo,dc=ws
+objectClass: top
+objectClass: sudoRole
+cn: root
+sudoUser: root
+sudoHost: ALL
+sudoRunAsUser: ALL
+sudoCommand: ALL
+sudoOrder: 1
+
+dn: cn=%wheel,ou=SUDOers,dc=sudo,dc=ws
+objectClass: top
+objectClass: sudoRole
+cn: %wheel
+sudoUser: %wheel
+sudoHost: ALL
+sudoRunAsUser: ALL
+sudoCommand: ALL
+sudoOrder: 2
+
+dn: cn=\+admins,ou=SUDOers,dc=sudo,dc=ws
+objectClass: top
+objectClass: sudoRole
+cn: \+admins
+sudoUser: +admins
+sudoHost: ALL
+sudoOption: !authenticate
+sudoCommand: ALL
+sudoOrder: 3
+
+dn: cn=jack,ou=SUDOers,dc=sudo,dc=ws
+objectClass: top
+objectClass: sudoRole
+cn: jack
+sudoUser: jack
+sudoHost: 128.138.204.0/24
+sudoHost: 128.138.242.0
+sudoHost: 128.138.243.0
+sudoCommand: ALL
+sudoOrder: 4
+
+dn: cn=lisa,ou=SUDOers,dc=sudo,dc=ws
+objectClass: top
+objectClass: sudoRole
+cn: lisa
+sudoUser: lisa
+sudoHost: 128.138.0.0/255.255.0.0
+sudoCommand: ALL
+sudoOrder: 5
+
+dn: cn=operator,ou=SUDOers,dc=sudo,dc=ws
+objectClass: top
+objectClass: sudoRole
+cn: operator
+sudoUser: operator
+sudoHost: ALL
+sudoCommand: /usr/sbin/dump
+sudoCommand: /usr/sbin/rdump
+sudoCommand: /usr/sbin/restore
+sudoCommand: /usr/sbin/rrestore
+sudoCommand: /usr/bin/mt
+sudoCommand: sha224:0GomF8mNN3wlDt1HD9XldjJ3SNgpFdbjO1+NsQ== /home/operator/bin/start_backups
+sudoCommand: /usr/bin/kill
+sudoCommand: /usr/bin/top
+sudoCommand: /usr/sbin/shutdown
+sudoCommand: /usr/sbin/halt
+sudoCommand: /usr/sbin/reboot
+sudoCommand: /usr/sbin/lpc
+sudoCommand: /usr/bin/lprm
+sudoCommand: sudoedit /etc/printcap
+sudoCommand: /usr/oper/bin/
+sudoOrder: 6
+
+dn: cn=joe,ou=SUDOers,dc=sudo,dc=ws
+objectClass: top
+objectClass: sudoRole
+cn: joe
+sudoUser: joe
+sudoHost: ALL
+sudoCommand: /usr/bin/su operator
+sudoOrder: 7
+
diff --git a/plugins/sudoers/regress/cvtsudoers/test24.sh b/plugins/sudoers/regress/cvtsudoers/test24.sh
new file mode 100755
index 0000000..632502e
--- /dev/null
+++ b/plugins/sudoers/regress/cvtsudoers/test24.sh
@@ -0,0 +1,8 @@
+#!/bin/sh
+#
+# Test round-tripping of LDIF -> sudoers -> LDIF
+#
+
+exec 2>&1
+./cvtsudoers -c "" -i LDIF -f sudoers $TESTDIR/test24.out.ok | \
+    ./cvtsudoers -c "" -b "ou=SUDOers,dc=sudo,dc=ws"
diff --git a/plugins/sudoers/regress/cvtsudoers/test25.out.ok b/plugins/sudoers/regress/cvtsudoers/test25.out.ok
new file mode 100644
index 0000000..d404815
--- /dev/null
+++ b/plugins/sudoers/regress/cvtsudoers/test25.out.ok
@@ -0,0 +1,31 @@
+dn: cn=defaults,ou=SUDOers,dc=sudo,dc=ws
+objectClass: top
+objectClass: sudoRole
+cn: defaults
+description: Default sudoOption's go here
+sudoOption: log_output
+
+dn: cn=root,ou=SUDOers,dc=sudo,dc=ws
+objectClass: top
+objectClass: sudoRole
+cn: root
+sudoUser: root
+sudoHost: ALL
+sudoRunAsUser: ALL
+sudoRunAsGroup: ALL
+sudoOption: !authenticate
+sudoCommand: ALL
+sudoOrder: 10
+
+dn: cn=%wheel,ou=SUDOers,dc=sudo,dc=ws
+objectClass: top
+objectClass: sudoRole
+cn: %wheel
+sudoUser: %wheel
+sudoHost: +sudo-hosts
+sudoRunAsUser: ALL
+sudoRunAsGroup: ALL
+sudoOption: !authenticate
+sudoCommand: ALL
+sudoOrder: 20
+
diff --git a/plugins/sudoers/regress/cvtsudoers/test25.sh b/plugins/sudoers/regress/cvtsudoers/test25.sh
new file mode 100755
index 0000000..4cb8b45
--- /dev/null
+++ b/plugins/sudoers/regress/cvtsudoers/test25.sh
@@ -0,0 +1,52 @@
+#!/bin/sh
+#
+# Test LDIF base64 attribute parsing
+#
+
+exec 2>&1
+./cvtsudoers -c "" -i ldif -b "ou=SUDOers,dc=sudo,dc=ws" -I 10 -O 10 <<EOF
+# defaults, SUDOers, sudo.ws
+dn:: Y249ZGVmYXVsdHMsb3U9U1VET2VycyxkYz1zdWRvLGRjPXdz 
+objectClass: top
+objectClass: sudoRole
+cn: defaults
+description: Default sudoOption's go here
+sudoOption:: bG9nX291dHB1dA== 
+
+# root, SUDOers, sudo.ws
+dn::  Y249cm9vdCxvdT1TVURPZXJzLGRjPXN1ZG8sZGM9d3M=
+objectClass: top
+objectClass: sudoRole
+cn: root
+sudoUser: root
+sudoRunAsUser: ALL
+sudoRunAsGroup: ALL
+sudoHost: ALL
+sudoCommand: ALL
+sudoOption: !authenticate
+sudoOrder: 10
+
+# %wheel, SUDOers, sudo.ws
+dn:: Y249JXdoZWVsLG91PVNVRE9lcnMsZGM9c3VkbyxkYz13cw==
+objectClass: top
+objectClass: sudoRole
+cn: %wheel
+sudoUser: %wheel
+sudoRunAsUser: ALL
+sudoRunAsGroup: ALL
+sudoHost: +sudo-hosts
+sudoCommand: ALL
+sudoOption: !authenticate
+sudoOrder: 10
+
+# millert, SUDOers, other-domain.com
+dn:: Y249bWlsbGVydCxvdT1TVURPZXJzLGRjPW90aGVyLWRvbWFpbixkYz1jb20=
+objectClass: top
+objectClass: sudoRole
+cn: millert
+sudoUser: millert
+sudoRunAsUser: ALL
+sudoRunAsGroup: ALL
+sudoHost: ALL
+sudoOrder: 5
+EOF
diff --git a/plugins/sudoers/regress/cvtsudoers/test26.out.ok b/plugins/sudoers/regress/cvtsudoers/test26.out.ok
new file mode 100644
index 0000000..769f392
--- /dev/null
+++ b/plugins/sudoers/regress/cvtsudoers/test26.out.ok
@@ -0,0 +1,3 @@
+cvtsudoers: ignoring invalid attribute value: bG9nX29@1dHB1dA==
+cvtsudoers: ignoring invalid attribute value: Y249cm9vdCxvdT1TVURPZXJzLGRjPXN1ZG8sZGM9_d3M=
+cvtsudoers: ignoring invalid attribute value: Y249JXdoZWVsLG91PVNVRE9lcnMsZGM9c3VkbyxkYz13cw!==
diff --git a/plugins/sudoers/regress/cvtsudoers/test26.sh b/plugins/sudoers/regress/cvtsudoers/test26.sh
new file mode 100755
index 0000000..b9eecaa
--- /dev/null
+++ b/plugins/sudoers/regress/cvtsudoers/test26.sh
@@ -0,0 +1,41 @@
+#!/bin/sh
+#
+# Test LDIF invalid base64 attribute parsing
+#
+
+exec 2>&1
+./cvtsudoers -c "" -i ldif -b "ou=SUDOers,dc=sudo,dc=ws" -I 10 -O 10 <<EOF
+# defaults, SUDOers, sudo.ws
+dn:: Y249ZGVmYXVsdHMsb3U9U1VET2VycyxkYz1zdWRvLGRjPXdz 
+objectClass: top
+objectClass: sudoRole
+cn: defaults
+description: Default sudoOption's go here
+sudoOption:: bG9nX29@1dHB1dA== 
+
+# root, SUDOers, sudo.ws
+dn::  Y249cm9vdCxvdT1TVURPZXJzLGRjPXN1ZG8sZGM9_d3M=
+objectClass: top
+objectClass: sudoRole
+cn: root
+sudoUser: root
+sudoRunAsUser: ALL
+sudoRunAsGroup: ALL
+sudoHost: ALL
+sudoCommand: ALL
+sudoOption: !authenticate
+sudoOrder: 10
+
+# %wheel, SUDOers, sudo.ws
+dn:: Y249JXdoZWVsLG91PVNVRE9lcnMsZGM9c3VkbyxkYz13cw!==
+objectClass: top
+objectClass: sudoRole
+cn: %wheel
+sudoUser: %wheel
+sudoRunAsUser: ALL
+sudoRunAsGroup: ALL
+sudoHost: +sudo-hosts
+sudoCommand: ALL
+sudoOption: !authenticate
+sudoOrder: 10
+EOF
diff --git a/plugins/sudoers/regress/cvtsudoers/test27.out.ok b/plugins/sudoers/regress/cvtsudoers/test27.out.ok
new file mode 100644
index 0000000..ab9c948
--- /dev/null
+++ b/plugins/sudoers/regress/cvtsudoers/test27.out.ok
@@ -0,0 +1,16 @@
+dn:: Y249ZGVmYXVsdHMsb3U9U1VET2Vyc8KpLGRjPXN1ZG8sZGM9d3M=
+objectClass: top
+objectClass: sudoRole
+cn: defaults
+description: Default sudoOption's go here
+sudoOption:: YmFkcGFzc19tZXNzYWdlPUJhZCBwYXNzd29yZMKh
+
+dn:: Y249cm9vdCxvdT1TVURPZXJzwqksZGM9c3VkbyxkYz13cw==
+objectClass: top
+objectClass: sudoRole
+cn: root
+sudoUser: root
+sudoHost: ALL
+sudoCommand: ALL
+sudoOrder: 1
+
diff --git a/plugins/sudoers/regress/cvtsudoers/test27.sh b/plugins/sudoers/regress/cvtsudoers/test27.sh
new file mode 100755
index 0000000..afc29a8
--- /dev/null
+++ b/plugins/sudoers/regress/cvtsudoers/test27.sh
@@ -0,0 +1,11 @@
+#!/bin/sh
+#
+# Test base64 encoding of non-safe strings
+#
+
+exec 2>&1
+./cvtsudoers -c "" -b "ou=SUDOers©,dc=sudo,dc=ws" <<EOF
+Defaults badpass_message="Bad password¡"
+
+root ALL = ALL
+EOF
diff --git a/plugins/sudoers/regress/cvtsudoers/test28.out.ok b/plugins/sudoers/regress/cvtsudoers/test28.out.ok
new file mode 100644
index 0000000..ba19cb9
--- /dev/null
+++ b/plugins/sudoers/regress/cvtsudoers/test28.out.ok
@@ -0,0 +1,10 @@
+Defaults log_output
+
+# sudoRole millert
+millert ALL = (ALL : ALL) ALL
+
+# sudoRole root
+root ALL = (ALL : ALL) NOPASSWD: ALL
+
+# sudoRole %wheel
+%wheel +sudo-hosts = (ALL : ALL) NOPASSWD: ALL
diff --git a/plugins/sudoers/regress/cvtsudoers/test28.sh b/plugins/sudoers/regress/cvtsudoers/test28.sh
new file mode 100755
index 0000000..73c4a50
--- /dev/null
+++ b/plugins/sudoers/regress/cvtsudoers/test28.sh
@@ -0,0 +1,73 @@
+#!/bin/sh
+#
+# Test LDAP sudoOrder when converting to sudoers.
+#
+
+exec 2>&1
+./cvtsudoers -c "" -i ldif -f sudoers <<EOF
+dn: dc=sudo,dc=ws
+objectClass: dcObject
+objectClass: organization
+dc: courtesan
+o: Sudo World Headquarters
+description: Sudo World Headquarters
+
+# Organizational Role for Directory Manager
+dn: cn=Manager,dc=sudo,dc=ws
+objectClass: organizationalRole
+cn: Manager
+description: Directory Manager
+
+# SUDOers, sudo.ws
+dn: ou=SUDOers,dc=sudo,dc=ws
+objectClass: top
+objectClass: organizationalUnit
+description: SUDO Configuration Subtree
+ou: SUDOers
+
+# defaults, SUDOers, sudo.ws
+dn: cn=defaults,ou=SUDOers,dc=sudo,dc=ws
+objectClass: top
+objectClass: sudoRole
+cn: defaults
+description: Default sudoOption's go here
+sudoOption: log_output
+
+# root, SUDOers, sudo.ws
+dn: cn=root,ou=SUDOers,dc=sudo,dc=ws
+objectClass: top
+objectClass: sudoRole
+cn: root
+sudoUser: root
+sudoRunAsUser: ALL
+sudoRunAsGroup: ALL
+sudoHost: ALL
+sudoCommand: ALL
+sudoOption: !authenticate
+sudoOrder: 10
+
+# %wheel, SUDOers, sudo.ws
+dn: cn=%wheel,ou=SUDOers,dc=sudo,dc=ws
+objectClass: top
+objectClass: sudoRole
+cn: %wheel
+sudoUser: %wheel
+sudoRunAsUser: ALL
+sudoRunAsGroup: ALL
+sudoHost: +sudo-hosts
+sudoCommand: ALL
+sudoOption: !authenticate
+sudoOrder: 20
+
+# millert, SUDOers, sudo.ws
+dn: cn=millert,ou=SUDOers,dc=sudo,dc=ws
+objectClass: top
+objectClass: sudoRole
+cn: millert
+sudoUser: millert
+sudoRunAsUser: ALL
+sudoRunAsGroup: ALL
+sudoHost: ALL
+sudoCommand: ALL
+sudoOrder: 5
+EOF
diff --git a/plugins/sudoers/regress/cvtsudoers/test29.out.ok b/plugins/sudoers/regress/cvtsudoers/test29.out.ok
new file mode 100644
index 0000000..c168898
--- /dev/null
+++ b/plugins/sudoers/regress/cvtsudoers/test29.out.ok
@@ -0,0 +1,4 @@
+Defaults log_output
+
+# sudoRole millert, millert2
+millert ALL = (ALL : ALL) ALL, NOPASSWD: ALL
diff --git a/plugins/sudoers/regress/cvtsudoers/test29.sh b/plugins/sudoers/regress/cvtsudoers/test29.sh
new file mode 100755
index 0000000..6f0148c
--- /dev/null
+++ b/plugins/sudoers/regress/cvtsudoers/test29.sh
@@ -0,0 +1,60 @@
+#!/bin/sh
+#
+# Test LDAP sudoOrder when converting to sudoers.
+#
+
+exec 2>&1
+./cvtsudoers -c "" -i ldif -f sudoers <<EOF
+dn: dc=sudo,dc=ws
+objectClass: dcObject
+objectClass: organization
+dc: courtesan
+o: Sudo World Headquarters
+description: Sudo World Headquarters
+
+# Organizational Role for Directory Manager
+dn: cn=Manager,dc=sudo,dc=ws
+objectClass: organizationalRole
+cn: Manager
+description: Directory Manager
+
+# SUDOers, sudo.ws
+dn: ou=SUDOers,dc=sudo,dc=ws
+objectClass: top
+objectClass: organizationalUnit
+description: SUDO Configuration Subtree
+ou: SUDOers
+
+# defaults, SUDOers, sudo.ws
+dn: cn=defaults,ou=SUDOers,dc=sudo,dc=ws
+objectClass: top
+objectClass: sudoRole
+cn: defaults
+description: Default sudoOption's go here
+sudoOption: log_output
+
+# millert, SUDOers, sudo.ws
+dn: cn=millert,ou=SUDOers,dc=sudo,dc=ws
+objectClass: top
+objectClass: sudoRole
+cn: millert
+sudoUser: millert
+sudoRunAsUser: ALL
+sudoRunAsGroup: ALL
+sudoHost: ALL
+sudoCommand: ALL
+sudoOrder: 5
+
+# millert2, SUDOers, sudo.ws
+dn: cn=millert2,ou=SUDOers,dc=sudo,dc=ws
+objectClass: top
+objectClass: sudoRole
+cn: millert2
+sudoUser: millert
+sudoRunAsUser: ALL
+sudoRunAsGroup: ALL
+sudoHost: ALL
+sudoCommand: ALL
+sudoOption: !authenticate
+sudoOrder: 10
+EOF
diff --git a/plugins/sudoers/regress/cvtsudoers/test3.out.ok b/plugins/sudoers/regress/cvtsudoers/test3.out.ok
new file mode 100644
index 0000000..8a37975
--- /dev/null
+++ b/plugins/sudoers/regress/cvtsudoers/test3.out.ok
@@ -0,0 +1,7 @@
+Defaults syslog=auth
+Defaults>root !set_logname
+Defaults!PAGERS noexec
+
+Cmnd_Alias PAGERS = /usr/bin/more, /usr/bin/pg, /usr/bin/less
+
+%wheel ALL = (ALL) ALL
diff --git a/plugins/sudoers/regress/cvtsudoers/test3.sh b/plugins/sudoers/regress/cvtsudoers/test3.sh
new file mode 100755
index 0000000..472d252
--- /dev/null
+++ b/plugins/sudoers/regress/cvtsudoers/test3.sh
@@ -0,0 +1,9 @@
+#!/bin/sh
+#
+# Test group and host filters
+#
+
+exec 2>&1
+./cvtsudoers -c "" -f sudoers -m group=wheel,host=blackhole $TESTDIR/sudoers
+
+exit 0
diff --git a/plugins/sudoers/regress/cvtsudoers/test30.out.ok b/plugins/sudoers/regress/cvtsudoers/test30.out.ok
new file mode 100644
index 0000000..009a54e
--- /dev/null
+++ b/plugins/sudoers/regress/cvtsudoers/test30.out.ok
@@ -0,0 +1,26 @@
+{
+    "User_Specs": [
+        {
+            "User_List": [
+                { "username": "user1" },
+                { "username": "user2" },
+                { "username": "user3" }
+            ],
+            "Host_List": [
+                { "hostname": "ALL" }
+            ],
+            "Cmnd_Specs": [
+                {
+                    "Commands": [
+                        { "command": "/path/to/cmda" },
+                        {
+                            "command": "/path/to/cmdb",
+                            "negated": true
+                        },
+                        { "command": "/path/to/cmdc" }
+                    ]
+                }
+            ]
+        }
+    ]
+}
diff --git a/plugins/sudoers/regress/cvtsudoers/test30.sh b/plugins/sudoers/regress/cvtsudoers/test30.sh
new file mode 100755
index 0000000..80b08a5
--- /dev/null
+++ b/plugins/sudoers/regress/cvtsudoers/test30.sh
@@ -0,0 +1,14 @@
+#!/bin/sh
+#
+# Test alias expasion when converting to JSON.
+# See https://bugzilla.sudo.ws/show_bug.cgi?id=853
+#
+
+exec 2>&1
+./cvtsudoers -c "" -e -f json <<EOF
+Cmnd_Alias	CMDA=/path/to/cmda
+Cmnd_Alias	CMDB=/path/to/cmdb
+Cmnd_Alias	CMDC=/path/to/cmdc
+User_Alias	USERS=user1,user2,user3
+USERS		ALL=CMDA,!CMDB,CMDC
+EOF
diff --git a/plugins/sudoers/regress/cvtsudoers/test31.conf b/plugins/sudoers/regress/cvtsudoers/test31.conf
new file mode 100644
index 0000000..345dbfc
--- /dev/null
+++ b/plugins/sudoers/regress/cvtsudoers/test31.conf
@@ -0,0 +1,9 @@
+defaults = all
+expand_aliases = no
+input_format = sudoers
+order_increment = 5
+order_padding = 2
+order_start = 1000
+output_format = ldif                                     
+sudoers_base = ou=SUDOers,dc=my-domain,dc=com
+suppress = defaults
diff --git a/plugins/sudoers/regress/cvtsudoers/test31.out.ok b/plugins/sudoers/regress/cvtsudoers/test31.out.ok
new file mode 100644
index 0000000..41ffd1b
--- /dev/null
+++ b/plugins/sudoers/regress/cvtsudoers/test31.out.ok
@@ -0,0 +1,24 @@
+dn: cn=ALL,ou=SUDOers,dc=my-domain,dc=com
+objectClass: top
+objectClass: sudoRole
+cn: ALL
+sudoUser: ALL
+sudoHost: ALL
+sudoRunAsUser:
+sudoOption: !authenticate
+sudoCommand: /usr/bin/id
+sudoOrder: 100000
+
+dn: cn=FULLTIMERS,ou=SUDOers,dc=my-domain,dc=com
+objectClass: top
+objectClass: sudoRole
+cn: FULLTIMERS
+sudoUser: user1
+sudoUser: user2
+sudoUser: user3
+sudoHost: ALL
+sudoRunAsUser: ALL
+sudoRunAsGroup: ALL
+sudoCommand: ALL
+sudoOrder: 100005
+
diff --git a/plugins/sudoers/regress/cvtsudoers/test31.sh b/plugins/sudoers/regress/cvtsudoers/test31.sh
new file mode 100644
index 0000000..ad6537c
--- /dev/null
+++ b/plugins/sudoers/regress/cvtsudoers/test31.sh
@@ -0,0 +1,13 @@
+#!/bin/sh
+#
+# Test cvtsudoers.conf with padding
+#
+
+exec 2>&1
+./cvtsudoers -c $TESTDIR/test31.conf <<EOF
+Defaults authenticate, timestamp_timeout=0
+User_Alias FULLTIMERS = user1, user2, user3
+
+ALL ALL = (:) NOPASSWD:/usr/bin/id
+FULLTIMERS ALL = (ALL:ALL) ALL
+EOF
diff --git a/plugins/sudoers/regress/cvtsudoers/test32.out.ok b/plugins/sudoers/regress/cvtsudoers/test32.out.ok
new file mode 100644
index 0000000..436b877
--- /dev/null
+++ b/plugins/sudoers/regress/cvtsudoers/test32.out.ok
@@ -0,0 +1,120 @@
+cvtsudoers: too many sudoers entries, maximum 10
+dn: cn=user0,ou=SUDOers,dc=my-domain,dc=com
+objectClass: top
+objectClass: sudoRole
+cn: user0
+sudoUser: user0
+sudoHost: ALL
+sudoRunAsUser: ALL
+sudoRunAsGroup: ALL
+sudoCommand: ALL
+sudoOrder: 10000
+
+dn: cn=user1,ou=SUDOers,dc=my-domain,dc=com
+objectClass: top
+objectClass: sudoRole
+cn: user1
+sudoUser: user1
+sudoHost: ALL
+sudoRunAsUser: ALL
+sudoRunAsGroup: ALL
+sudoCommand: ALL
+sudoOrder: 10001
+
+dn: cn=user2,ou=SUDOers,dc=my-domain,dc=com
+objectClass: top
+objectClass: sudoRole
+cn: user2
+sudoUser: user2
+sudoHost: ALL
+sudoRunAsUser: ALL
+sudoRunAsGroup: ALL
+sudoCommand: ALL
+sudoOrder: 10002
+
+dn: cn=user3,ou=SUDOers,dc=my-domain,dc=com
+objectClass: top
+objectClass: sudoRole
+cn: user3
+sudoUser: user3
+sudoHost: ALL
+sudoRunAsUser: ALL
+sudoRunAsGroup: ALL
+sudoCommand: ALL
+sudoOrder: 10003
+
+dn: cn=user4,ou=SUDOers,dc=my-domain,dc=com
+objectClass: top
+objectClass: sudoRole
+cn: user4
+sudoUser: user4
+sudoHost: ALL
+sudoRunAsUser: ALL
+sudoRunAsGroup: ALL
+sudoCommand: ALL
+sudoOrder: 10004
+
+dn: cn=user5,ou=SUDOers,dc=my-domain,dc=com
+objectClass: top
+objectClass: sudoRole
+cn: user5
+sudoUser: user5
+sudoHost: ALL
+sudoRunAsUser: ALL
+sudoRunAsGroup: ALL
+sudoCommand: ALL
+sudoOrder: 10005
+
+dn: cn=user6,ou=SUDOers,dc=my-domain,dc=com
+objectClass: top
+objectClass: sudoRole
+cn: user6
+sudoUser: user6
+sudoHost: ALL
+sudoRunAsUser: ALL
+sudoRunAsGroup: ALL
+sudoCommand: ALL
+sudoOrder: 10006
+
+dn: cn=user7,ou=SUDOers,dc=my-domain,dc=com
+objectClass: top
+objectClass: sudoRole
+cn: user7
+sudoUser: user7
+sudoHost: ALL
+sudoRunAsUser: ALL
+sudoRunAsGroup: ALL
+sudoCommand: ALL
+sudoOrder: 10007
+
+dn: cn=user8,ou=SUDOers,dc=my-domain,dc=com
+objectClass: top
+objectClass: sudoRole
+cn: user8
+sudoUser: user8
+sudoHost: ALL
+sudoRunAsUser: ALL
+sudoRunAsGroup: ALL
+sudoCommand: ALL
+sudoOrder: 10008
+
+dn: cn=user9,ou=SUDOers,dc=my-domain,dc=com
+objectClass: top
+objectClass: sudoRole
+cn: user9
+sudoUser: user9
+sudoHost: ALL
+sudoRunAsUser: ALL
+sudoRunAsGroup: ALL
+sudoCommand: ALL
+sudoOrder: 10009
+
+dn: cn=user10,ou=SUDOers,dc=my-domain,dc=com
+objectClass: top
+objectClass: sudoRole
+cn: user10
+sudoUser: user10
+sudoHost: ALL
+sudoRunAsUser: ALL
+sudoRunAsGroup: ALL
+sudoCommand: ALL
diff --git a/plugins/sudoers/regress/cvtsudoers/test32.sh b/plugins/sudoers/regress/cvtsudoers/test32.sh
new file mode 100644
index 0000000..fe9c065
--- /dev/null
+++ b/plugins/sudoers/regress/cvtsudoers/test32.sh
@@ -0,0 +1,21 @@
+#!/bin/sh
+#
+# Test cvtsudoers.conf with invalid padding
+#
+
+exec 2>&1
+./cvtsudoers -c "" -b "ou=SUDOers,dc=my-domain,dc=com" -O 1000 -P 1 <<EOF
+user0  ALL = (ALL:ALL) ALL
+user1  ALL = (ALL:ALL) ALL
+user2  ALL = (ALL:ALL) ALL
+user3  ALL = (ALL:ALL) ALL
+user4  ALL = (ALL:ALL) ALL
+user5  ALL = (ALL:ALL) ALL
+user6  ALL = (ALL:ALL) ALL
+user7  ALL = (ALL:ALL) ALL
+user8  ALL = (ALL:ALL) ALL
+user9  ALL = (ALL:ALL) ALL
+user10 ALL = (ALL:ALL) ALL
+EOF
+
+exit 0
diff --git a/plugins/sudoers/regress/cvtsudoers/test33.out.ok b/plugins/sudoers/regress/cvtsudoers/test33.out.ok
new file mode 100644
index 0000000..6584701
--- /dev/null
+++ b/plugins/sudoers/regress/cvtsudoers/test33.out.ok
@@ -0,0 +1,7 @@
+Defaults log_output
+
+# sudoRole root
+root ALL = (ALL : ALL) NOPASSWD: ALL
+
+# sudoRole millert
+millert ALL = (ALL, !bin, !root : ALL, !wheel) ALL
diff --git a/plugins/sudoers/regress/cvtsudoers/test33.sh b/plugins/sudoers/regress/cvtsudoers/test33.sh
new file mode 100755
index 0000000..db8d8d1
--- /dev/null
+++ b/plugins/sudoers/regress/cvtsudoers/test33.sh
@@ -0,0 +1,61 @@
+#!/bin/sh
+#
+# Test LDAP negated sudoRunAsUser and sudoRunAsGroup converted to sudoers.
+#
+
+exec 2>&1
+./cvtsudoers -c "" -i ldif -f sudoers <<EOF
+dn: dc=sudo,dc=ws
+objectClass: dcObject
+objectClass: organization
+dc: courtesan
+o: Sudo World Headquarters
+description: Sudo World Headquarters
+
+# Organizational Role for Directory Manager
+dn: cn=Manager,dc=sudo,dc=ws
+objectClass: organizationalRole
+cn: Manager
+description: Directory Manager
+
+# SUDOers, sudo.ws
+dn: ou=SUDOers,dc=sudo,dc=ws
+objectClass: top
+objectClass: organizationalUnit
+description: SUDO Configuration Subtree
+ou: SUDOers
+
+# defaults, SUDOers, sudo.ws
+dn: cn=defaults,ou=SUDOers,dc=sudo,dc=ws
+objectClass: top
+objectClass: sudoRole
+cn: defaults
+description: Default sudoOption's go here
+sudoOption: log_output
+
+# root, SUDOers, sudo.ws
+dn: cn=root,ou=SUDOers,dc=sudo,dc=ws
+objectClass: top
+objectClass: sudoRole
+cn: root
+sudoUser: root
+sudoRunAsUser: ALL
+sudoRunAsGroup: ALL
+sudoHost: ALL
+sudoCommand: ALL
+sudoOption: !authenticate
+
+# millert, SUDOers, sudo.ws
+dn: cn=millert,ou=SUDOers,dc=sudo,dc=ws
+objectClass: top
+objectClass: sudoRole
+cn: millert
+sudoUser: millert
+sudoRunAsUser: !bin
+sudoRunAsUser: !root
+sudoRunAsUser: ALL
+sudoRunAsGroup: ALL
+sudoRunAsGroup: !wheel
+sudoHost: ALL
+sudoCommand: ALL
+EOF
diff --git a/plugins/sudoers/regress/cvtsudoers/test4.out.ok b/plugins/sudoers/regress/cvtsudoers/test4.out.ok
new file mode 100644
index 0000000..f8e7d2e
--- /dev/null
+++ b/plugins/sudoers/regress/cvtsudoers/test4.out.ok
@@ -0,0 +1,5 @@
+Defaults syslog=auth
+Defaults>root !set_logname
+Defaults!/usr/bin/more, /usr/bin/pg, /usr/bin/less noexec
+
+%wheel ALL = (ALL) ALL
diff --git a/plugins/sudoers/regress/cvtsudoers/test4.sh b/plugins/sudoers/regress/cvtsudoers/test4.sh
new file mode 100755
index 0000000..17c2a25
--- /dev/null
+++ b/plugins/sudoers/regress/cvtsudoers/test4.sh
@@ -0,0 +1,9 @@
+#!/bin/sh
+#
+# Test group and host filters, expanding aliases
+#
+
+exec 2>&1
+./cvtsudoers -c "" -f sudoers -e -m group=wheel,host=blackhole $TESTDIR/sudoers
+
+exit 0
diff --git a/plugins/sudoers/regress/cvtsudoers/test5.out.ok b/plugins/sudoers/regress/cvtsudoers/test5.out.ok
new file mode 100644
index 0000000..d209fdf
--- /dev/null
+++ b/plugins/sudoers/regress/cvtsudoers/test5.out.ok
@@ -0,0 +1,6 @@
+Defaults syslog=auth
+Defaults>root !set_logname
+Defaults:FULLTIMERS !lecture
+Defaults:millert !authenticate
+Defaults@SERVERS log_year, logfile=/var/log/sudo.log
+Defaults!PAGERS noexec
diff --git a/plugins/sudoers/regress/cvtsudoers/test5.sh b/plugins/sudoers/regress/cvtsudoers/test5.sh
new file mode 100755
index 0000000..1c41772
--- /dev/null
+++ b/plugins/sudoers/regress/cvtsudoers/test5.sh
@@ -0,0 +1,9 @@
+#!/bin/sh
+#
+# Test defaults type filtering
+#
+
+exec 2>&1
+./cvtsudoers -c "" -f sudoers -s aliases,privileges -d all $TESTDIR/sudoers
+
+exit 0
diff --git a/plugins/sudoers/regress/cvtsudoers/test6.out.ok b/plugins/sudoers/regress/cvtsudoers/test6.out.ok
new file mode 100644
index 0000000..5e65e61
--- /dev/null
+++ b/plugins/sudoers/regress/cvtsudoers/test6.out.ok
@@ -0,0 +1 @@
+Defaults syslog=auth
diff --git a/plugins/sudoers/regress/cvtsudoers/test6.sh b/plugins/sudoers/regress/cvtsudoers/test6.sh
new file mode 100755
index 0000000..289fad9
--- /dev/null
+++ b/plugins/sudoers/regress/cvtsudoers/test6.sh
@@ -0,0 +1,9 @@
+#!/bin/sh
+#
+# Test global defaults filtering
+#
+
+exec 2>&1
+./cvtsudoers -c "" -f sudoers -s aliases,privileges -d global $TESTDIR/sudoers
+
+exit 0
diff --git a/plugins/sudoers/regress/cvtsudoers/test7.out.ok b/plugins/sudoers/regress/cvtsudoers/test7.out.ok
new file mode 100644
index 0000000..381de43
--- /dev/null
+++ b/plugins/sudoers/regress/cvtsudoers/test7.out.ok
@@ -0,0 +1,2 @@
+Defaults:FULLTIMERS !lecture
+Defaults:millert !authenticate
diff --git a/plugins/sudoers/regress/cvtsudoers/test7.sh b/plugins/sudoers/regress/cvtsudoers/test7.sh
new file mode 100755
index 0000000..63af529
--- /dev/null
+++ b/plugins/sudoers/regress/cvtsudoers/test7.sh
@@ -0,0 +1,9 @@
+#!/bin/sh
+#
+# Test user defaults filtering
+#
+
+exec 2>&1
+./cvtsudoers -c "" -f sudoers -s aliases,privileges -d user $TESTDIR/sudoers
+
+exit 0
diff --git a/plugins/sudoers/regress/cvtsudoers/test8.out.ok b/plugins/sudoers/regress/cvtsudoers/test8.out.ok
new file mode 100644
index 0000000..7079ee0
--- /dev/null
+++ b/plugins/sudoers/regress/cvtsudoers/test8.out.ok
@@ -0,0 +1 @@
+Defaults>root !set_logname
diff --git a/plugins/sudoers/regress/cvtsudoers/test8.sh b/plugins/sudoers/regress/cvtsudoers/test8.sh
new file mode 100755
index 0000000..785e0b5
--- /dev/null
+++ b/plugins/sudoers/regress/cvtsudoers/test8.sh
@@ -0,0 +1,9 @@
+#!/bin/sh
+#
+# Test runas defaults filtering
+#
+
+exec 2>&1
+./cvtsudoers -c "" -f sudoers -s aliases,privileges -d runas $TESTDIR/sudoers
+
+exit 0
diff --git a/plugins/sudoers/regress/cvtsudoers/test9.out.ok b/plugins/sudoers/regress/cvtsudoers/test9.out.ok
new file mode 100644
index 0000000..d2a39c4
--- /dev/null
+++ b/plugins/sudoers/regress/cvtsudoers/test9.out.ok
@@ -0,0 +1 @@
+Defaults@SERVERS log_year, logfile=/var/log/sudo.log
diff --git a/plugins/sudoers/regress/cvtsudoers/test9.sh b/plugins/sudoers/regress/cvtsudoers/test9.sh
new file mode 100755
index 0000000..de64a48
--- /dev/null
+++ b/plugins/sudoers/regress/cvtsudoers/test9.sh
@@ -0,0 +1,9 @@
+#!/bin/sh
+#
+# Test host defaults filtering
+#
+
+exec 2>&1
+./cvtsudoers -c "" -f sudoers -s aliases,privileges -d host $TESTDIR/sudoers
+
+exit 0
diff --git a/plugins/sudoers/regress/env_match/check_env_pattern.c b/plugins/sudoers/regress/env_match/check_env_pattern.c
new file mode 100644
index 0000000..96dc8c5
--- /dev/null
+++ b/plugins/sudoers/regress/env_match/check_env_pattern.c
@@ -0,0 +1,82 @@
+/*
+ * Copyright (c) 2017 Todd C. Miller <Todd.Miller@sudo.ws>
+ *
+ * Permission to use, copy, modify, and distribute this software for any
+ * purpose with or without fee is hereby granted, provided that the above
+ * copyright notice and this permission notice appear in all copies.
+ *
+ * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
+ * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
+ * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
+ * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
+ * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
+ * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
+ * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
+ */
+
+#include <config.h>
+
+#include <sys/types.h>
+#include <stdio.h>
+#include <stdlib.h>
+#ifdef HAVE_STRING_H
+# include <string.h>
+#endif /* HAVE_STRING_H */
+#ifdef HAVE_STRINGS_H
+# include <strings.h>
+#endif /* HAVE_STRINGS_H */
+#include <time.h>		/* for sudo_compat.h */
+#include <grp.h>		/* for sudo_compat.h */
+
+#include "sudoers.h"
+
+__dso_public int main(int argc, char *argv[]);
+
+int
+main(int argc, char *argv[])
+{
+    FILE *fp = stdin;
+    char pattern[1024], string[1024];
+    int errors = 0, tests = 0, got, want;
+
+    initprogname(argc > 0 ? argv[0] : "check_env_pattern");
+
+    if (argc > 1) {
+	if ((fp = fopen(argv[1], "r")) == NULL) {
+	    perror(argv[1]);
+	    exit(1);
+	}
+    }
+
+    /*
+     * Read in test file, which is formatted thusly:
+     *
+     * pattern string 1/0
+     *
+     */
+    for (;;) {
+	bool full_match = false;
+
+	got = fscanf(fp, "%s %s %d\n", pattern, string, &want);
+	if (got == EOF)
+	    break;
+	if (got == 3) {
+	    got = matches_env_pattern(pattern, string, &full_match);
+	    if (full_match)
+		got++;
+	    if (got != want) {
+		fprintf(stderr,
+		    "%s: %s %s: want %d, got %d\n",
+		    getprogname(), pattern, string, want, got);
+		errors++;
+	    }
+	    tests++;
+	}
+    }
+    if (tests != 0) {
+	printf("%s: %d test%s run, %d errors, %d%% success rate\n",
+	    getprogname(), tests, tests == 1 ? "" : "s", errors,
+	    (tests - errors) * 100 / tests);
+    }
+    exit(errors);
+}
diff --git a/plugins/sudoers/regress/env_match/data b/plugins/sudoers/regress/env_match/data
new file mode 100644
index 0000000..ea28b1b
--- /dev/null
+++ b/plugins/sudoers/regress/env_match/data
@@ -0,0 +1,22 @@
+foo=(){false;} foo=(){false;} 2
+foo foo=(){false;} 1
+foo= foo=(){false;} 0
+foo=* foo=(){false;} 1
+foo=(* foo=(){false;} 2
+foo=()* foo=(){false;} 2
+foo=*()* foo=(){false;} 2
+foo() foo()=a 1
+foo*() foo()=b 1
+foo*()* foo()= 1
+foo()* foo()= 1
+foo* foo()= 1
+fo*o*() foo()= 1
+fo*o*() fooo()== 1
+fo*o*() foooo()= 1
+fo*o*() foooo 0
+MYPATH=*:/mydir:* MYPATH=/dir1/subdir1:/mydir:/dir2:/dir3/subdir2 2
+MYPATH=*:/mydir:** MYPATH=/dir1/subdir1:/mydir:/dir2:/dir3/subdir2 2
+MYPATH=*:/mdir:* MYPATH=/dir1/subdir1:/mydir:/dir2:/dir3/subdir2 0
+a*a*a*a*a*a* aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa=b 1
+a*a*a*a*a*a*=b* aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa=b 2
+a*a*a*a*a*a*=* aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa=c 1
diff --git a/plugins/sudoers/regress/iolog_path/check_iolog_path.c b/plugins/sudoers/regress/iolog_path/check_iolog_path.c
new file mode 100644
index 0000000..69ea767
--- /dev/null
+++ b/plugins/sudoers/regress/iolog_path/check_iolog_path.c
@@ -0,0 +1,215 @@
+/*
+ * Copyright (c) 2011-2013 Todd C. Miller <Todd.Miller@sudo.ws>
+ *
+ * Permission to use, copy, modify, and distribute this software for any
+ * purpose with or without fee is hereby granted, provided that the above
+ * copyright notice and this permission notice appear in all copies.
+ *
+ * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
+ * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
+ * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
+ * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
+ * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
+ * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
+ * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
+ */
+
+#include <config.h>
+
+#include <sys/types.h>
+#include <stdio.h>
+#include <stdlib.h>
+#ifdef HAVE_STRING_H
+# include <string.h>
+#endif /* HAVE_STRING_H */
+#ifdef HAVE_STRINGS_H
+# include <strings.h>
+#endif /* HAVE_STRINGS_H */
+#include <pwd.h>
+#include <grp.h>
+#include <time.h>
+
+#define SUDO_ERROR_WRAP 0
+
+#include "sudoers.h"
+#include "def_data.c"
+
+struct sudo_user sudo_user;
+struct passwd *list_pw;
+
+static char sessid[7];
+
+__dso_public int main(int argc, char *argv[]);
+
+static void
+usage(void)
+{
+    fprintf(stderr, "usage: %s datafile\n", getprogname());
+    exit(1);
+}
+
+static int
+do_check(char *dir_in, char *file_in, char *tdir_out, char *tfile_out)
+{
+    char *path, *slash;
+    char dir_out[4096], file_out[4096];
+    struct tm *timeptr;
+    time_t now;
+    int error = 0;
+
+    /*
+     * Expand any strftime(3) escapes
+     * XXX - want to pass timeptr to expand_iolog_path
+     */
+    time(&now);
+    timeptr = localtime(&now);
+    if (timeptr == NULL)
+	sudo_fatalx("localtime returned NULL");
+    strftime(dir_out, sizeof(dir_out), tdir_out, timeptr);
+    strftime(file_out, sizeof(file_out), tfile_out, timeptr);
+
+    path = expand_iolog_path(NULL, dir_in, file_in, &slash);
+    if (path == NULL)
+	sudo_fatalx("unable to expand I/O log path");
+    *slash = '\0';
+    if (strcmp(path, dir_out) != 0) {
+	sudo_warnx("%s: expected %s, got %s", dir_in, dir_out, path);
+	error = 1;
+    }
+    if (strcmp(slash + 1, file_out) != 0) {
+	sudo_warnx("%s: expected %s, got %s", file_in, file_out, slash + 1);
+	error = 1;
+    }
+    free(path);
+
+    return error;
+}
+
+#define MAX_STATE	12
+
+int
+main(int argc, char *argv[])
+{
+    struct passwd pw, rpw;
+    size_t len;
+    FILE *fp;
+    char line[2048];
+    char *file_in = NULL, *file_out = NULL;
+    char *dir_in = NULL, *dir_out = NULL;
+    const char *errstr;
+    int state = 0;
+    int errors = 0;
+    int tests = 0;
+
+    initprogname(argc > 0 ? argv[0] : "check_iolog_path");
+
+    if (argc != 2)
+	usage();
+
+    fp = fopen(argv[1], "r");
+    if (fp == NULL)
+	sudo_fatalx("unable to open %s", argv[1]);
+
+    memset(&pw, 0, sizeof(pw));
+    memset(&rpw, 0, sizeof(rpw));
+    sudo_user.pw = &pw;
+    sudo_user._runas_pw = &rpw;
+
+    /*
+     * Input consists of 12 lines:
+     * sequence number
+     * user name
+     * user gid
+     * runas user name
+     * runas gid
+     * hostname [short form]
+     * command
+     * dir [with escapes]
+     * file [with escapes]
+     * expanded dir
+     * expanded file
+     * empty line
+     */
+    while (fgets(line, sizeof(line), fp) != NULL) {
+	len = strcspn(line, "\n");
+	line[len] = '\0';
+
+	switch (state) {
+	case 0:
+	    strlcpy(sessid, line, sizeof(sessid));
+	    break;
+	case 1:
+	    if (user_name != NULL)
+		free(user_name);
+	    user_name = strdup(line);
+	    break;
+	case 2:
+	    user_gid = (gid_t)sudo_strtoid(line, NULL, NULL, &errstr);
+	    if (errstr != NULL)
+		sudo_fatalx("group ID %s: %s", line, errstr);
+	    break;
+	case 3:
+	    if (runas_pw->pw_name != NULL)
+		free(runas_pw->pw_name);
+	    runas_pw->pw_name = strdup(line);
+	    break;
+	case 4:
+	    runas_pw->pw_gid = (gid_t)sudo_strtoid(line, NULL, NULL, &errstr);
+	    if (errstr != NULL)
+		sudo_fatalx("group ID %s: %s", line, errstr);
+	    break;
+	case 5:
+	    if (user_shost != NULL)
+		free(user_shost);
+	    user_shost = strdup(line);
+	    break;
+	case 6:
+	    if (user_base != NULL)
+		free(user_base);
+	    user_base = strdup(line);
+	    break;
+	case 7:
+	    if (dir_in != NULL)
+		free(dir_in);
+	    dir_in = strdup(line);
+	    break;
+	case 8:
+	    if (file_in != NULL)
+		free(file_in);
+	    file_in = strdup(line);
+	    break;
+	case 9:
+	    if (dir_out != NULL)
+		free(dir_out);
+	    dir_out = strdup(line);
+	    break;
+	case 10:
+	    if (file_out != NULL)
+		free(file_out);
+	    file_out = strdup(line);
+	    break;
+	case 11:
+	    errors += do_check(dir_in, file_in, dir_out, file_out);
+	    tests++;
+	    break;
+	default:
+	    sudo_fatalx("internal error, invalid state %d", state);
+	}
+	state = (state + 1) % MAX_STATE;
+    }
+
+    if (tests != 0) {
+	printf("iolog_path: %d test%s run, %d errors, %d%% success rate\n",
+	    tests, tests == 1 ? "" : "s", errors,
+	    (tests - errors) * 100 / tests);
+    }
+
+    exit(errors);
+}
+
+bool
+io_nextid(char *iolog_dir, char *fallback, char id[7])
+{
+    memcpy(id, sessid, sizeof(sessid));
+    return true;
+}
diff --git a/plugins/sudoers/regress/iolog_path/data b/plugins/sudoers/regress/iolog_path/data
new file mode 100644
index 0000000..dcc3942
--- /dev/null
+++ b/plugins/sudoers/regress/iolog_path/data
@@ -0,0 +1,96 @@
+000001
+nobody
+1
+root
+0
+somehost
+id
+/var/log/sudo-io
+%%{bogus}
+/var/log/sudo-io
+%%{bogus}
+
+000001
+nobody
+1
+root
+0
+somehost
+id
+/var/log/sudo-io
+%%{seq}
+/var/log/sudo-io
+%%{seq}
+
+000001
+nobody
+1
+root
+0
+somehost
+id
+/var/log/sudo-io
+%{seq}
+/var/log/sudo-io
+00/00/01
+
+000001
+nobody
+1
+root
+0
+somehost
+id
+/var/log/sudo-io/%{user}
+%{seq}
+/var/log/sudo-io/nobody
+00/00/01
+
+000001
+nobody
+1
+root
+0
+somehost
+su
+/var/log/sudo-io/%{user}/%{runas_user}
+%{command}_%Y%m%s_%H%M
+/var/log/sudo-io/nobody/root
+su_%Y%m%s_%H%M
+
+000001
+nobody
+1
+root
+0
+somehost
+su
+/var/log/sudo-io/
+/%{user}/%{runas_user}/%{command}_%Y%m%s_%H%M
+/var/log/sudo-io
+nobody/root/su_%Y%m%s_%H%M
+
+000001
+nobody
+1
+root
+0
+somehost
+su
+/var/log/sudo-io/%d%m%Y
+%{user}/%{runas_user}/%{command}
+/var/log/sudo-io/%d%m%Y
+nobody/root/su
+
+000001
+nobody
+1
+root
+0
+somehost
+su
+////////
+%{user}/%{runas_user}/%{command}
+/
+nobody/root/su
+
diff --git a/plugins/sudoers/regress/iolog_plugin/check_iolog_plugin.c b/plugins/sudoers/regress/iolog_plugin/check_iolog_plugin.c
new file mode 100644
index 0000000..456ed3c
--- /dev/null
+++ b/plugins/sudoers/regress/iolog_plugin/check_iolog_plugin.c
@@ -0,0 +1,412 @@
+/*
+ * Copyright (c) 2018 Todd C. Miller <Todd.Miller@sudo.ws>
+ *
+ * Permission to use, copy, modify, and distribute this software for any
+ * purpose with or without fee is hereby granted, provided that the above
+ * copyright notice and this permission notice appear in all copies.
+ *
+ * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
+ * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
+ * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
+ * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
+ * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
+ * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
+ * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
+ */
+
+#include <config.h>
+
+#include <sys/types.h>
+#include <stdio.h>
+#include <stdlib.h>
+#ifdef HAVE_STRING_H
+# include <string.h>
+#endif /* HAVE_STRING_H */
+#ifdef HAVE_STRINGS_H
+# include <strings.h>
+#endif /* HAVE_STRINGS_H */
+#include <errno.h>
+#include <pwd.h>
+#include <time.h>
+#include <unistd.h>
+
+#define SUDO_ERROR_WRAP 0
+
+#include "sudoers.h"
+#include "def_data.c"		/* for iolog_path.c */
+#include "sudo_plugin.h"
+#include "iolog.h"
+
+extern struct io_plugin sudoers_io;
+
+struct sudo_user sudo_user;
+struct passwd *list_pw;
+sudo_printf_t sudo_printf;
+sudo_conv_t sudo_conv;
+
+__dso_public int main(int argc, char *argv[], char *envp[]);
+
+static void
+usage(void)
+{
+    fprintf(stderr, "usage: %s pathname\n", getprogname());
+    exit(1);
+}
+
+static int
+sudo_printf_int(int msg_type, const char *fmt, ...)
+{
+    va_list ap;
+    int len;
+
+    switch (msg_type) {
+    case SUDO_CONV_INFO_MSG:
+	va_start(ap, fmt);
+	len = vfprintf(stdout, fmt, ap);
+	va_end(ap);
+	break;
+    case SUDO_CONV_ERROR_MSG:
+	va_start(ap, fmt);
+	len = vfprintf(stderr, fmt, ap);
+	va_end(ap);
+	break;
+    default:
+	len = -1;
+	errno = EINVAL;
+	break;
+    }
+
+    return len;
+}
+
+bool
+validate_iolog_info(const char *logfile)
+{
+    time_t now;
+    struct log_info *info;
+
+    time(&now);
+
+    /* Parse log file. */
+    if ((info = parse_logfile(logfile)) == NULL)
+	return false;
+
+    if (strcmp(info->cwd, "/") != 0) {
+	sudo_warnx("bad cwd: want \"/\", got \"%s\"", info->cwd);
+	return false;
+    }
+
+    if (strcmp(info->user, "nobody") != 0) {
+	sudo_warnx("bad user: want \"nobody\" got \"%s\"", info->user);
+	return false;
+    }
+
+    if (strcmp(info->runas_user, "root") != 0) {
+	sudo_warnx("bad runas_user: want \"root\" got \"%s\"", info->runas_user);
+	return false;
+    }
+
+    if (info->runas_group != NULL) {
+	sudo_warnx("bad runas_group: want \"\" got \"%s\"", info->runas_user);
+	return false;
+    }
+
+    if (strcmp(info->tty, "/dev/console") != 0) {
+	sudo_warnx("bad tty: want \"/dev/console\" got \"%s\"", info->tty);
+	return false;
+    }
+
+    if (strcmp(info->cmd, "/usr/bin/id") != 0) {
+	sudo_warnx("bad command: want \"/usr/bin/id\" got \"%s\"", info->cmd);
+	return false;
+    }
+
+    if (info->rows != 24) {
+	sudo_warnx("bad rows: want 24 got %d", info->rows);
+	return false;
+    }
+
+    if (info->cols != 80) {
+	sudo_warnx("bad cols: want 80 got %d", info->cols);
+	return false;
+    }
+
+    if (info->tstamp < now - 10 || info->tstamp > now + 10) {
+	sudo_warnx("bad tstamp: want %lld got %lld", (long long)now,
+	    (long long)info->tstamp);
+	return false;
+    }
+
+    free_log_info(info);
+
+    return true;
+}
+
+bool
+validate_timing(FILE *fp, int recno, int type, unsigned int p1, unsigned int p2)
+{
+    struct timing_closure timing;
+    char buf[LINE_MAX];
+    struct timespec delay;
+
+    if (!fgets(buf, sizeof(buf), fp)) {
+	sudo_warn("unable to read timing file");
+	return false;
+    }
+    buf[strcspn(buf, "\n")] = '\0';
+    if (!parse_timing(buf, &delay, &timing)) {
+	sudo_warnx("invalid timing file line: %s", buf);
+	return false;
+    }
+    if (timing.event != type) {
+	sudo_warnx("record %d: want type %d, got type %d", recno, type,
+	    timing.event);
+	return false;
+    }
+    if (type == IO_EVENT_WINSIZE) {
+	if (timing.u.winsize.rows != (int)p1) {
+	    sudo_warnx("record %d: want %u rows, got %u", recno, p1,
+		timing.u.winsize.rows);
+	    return false;
+	}
+	if (timing.u.winsize.cols != (int)p2) {
+	    sudo_warnx("record %d: want %u cols, got %u", recno, p2,
+		timing.u.winsize.cols);
+	    return false;
+	}
+    } else {
+	if (timing.u.nbytes != p1) {
+	    sudo_warnx("record %d: want len %u, got type %zu", recno, p1,
+		timing.u.nbytes);
+	    return false;
+	}
+    }
+    if (delay.tv_sec != 0 || delay.tv_nsec > 10000000) {
+	sudo_warnx("record %d: got excessive delay %lld.%09ld", recno,
+	    (long long)delay.tv_sec, delay.tv_nsec);
+	return false;
+    }
+
+    return true;
+}
+
+
+/*
+ * Test sudoers I/O log plugin endpoints.
+ */
+void
+test_endpoints(int *ntests, int *nerrors, const char *iolog_dir, char *envp[])
+{
+    int rc, cmnd_argc = 1;
+    char buf[1024], iolog_path[PATH_MAX];
+    char runas_gid[64], runas_uid[64];
+    FILE *fp;
+    char *cmnd_argv[] = {
+	"/usr/bin/id",
+	NULL
+    };
+    char *user_info[] = {
+	"cols=80",
+	"lines=24",
+	"cwd=/",
+	"tty=/dev/console",
+	"user=nobody",
+	NULL
+    };
+    char *command_info[] = {
+	"command=/usr/bin/id",
+	iolog_path,
+	"iolog_stdin=true",
+	"iolog_stdout=true",
+	"iolog_stderr=true",
+	"iolog_ttyin=true",
+	"iolog_ttyout=true",
+	"iolog_compress=false",
+	"iolog_mode=0644",
+	runas_gid,
+	runas_uid,
+	NULL
+    };
+    char *settings[] = {
+	NULL
+    };
+    const char output[] = "uid=0(root) gid=0(wheel)\r\n";
+
+    /* Set runas uid/gid to root. */
+    snprintf(runas_uid, sizeof(runas_uid), "runas_uid=%u",
+	(unsigned int)runas_pw->pw_uid);
+    snprintf(runas_gid, sizeof(runas_gid), "runas_gid=%u",
+	(unsigned int)runas_pw->pw_gid);
+
+    /* Set path to the iolog directory the user passed in. */
+    snprintf(iolog_path, sizeof(iolog_path), "iolog_path=%s", iolog_dir);
+
+    /* Test open endpoint. */
+    rc = sudoers_io.open(SUDO_API_VERSION, NULL, sudo_printf_int, settings,
+	user_info, command_info, cmnd_argc, cmnd_argv, envp, NULL);
+    (*ntests)++;
+    if (rc != 1) {
+	sudo_warnx("I/O log open endpoint failed");
+	(*nerrors)++;
+	return;
+    }
+
+    /* Validate I/O log info file. */
+    (*ntests)++;
+    snprintf(iolog_path, sizeof(iolog_path), "%s/log", iolog_dir);
+    if (!validate_iolog_info(iolog_path))
+	(*nerrors)++;
+
+    /* Test log_ttyout endpoint. */
+    rc = sudoers_io.log_ttyout(output, strlen(output));
+    (*ntests)++;
+    if (rc != 1) {
+	sudo_warnx("I/O log_ttyout endpoint failed");
+	(*nerrors)++;
+	return;
+    }
+
+    /* Test change_winsize endpoint (twice). */
+    rc = sudoers_io.change_winsize(32, 128);
+    (*ntests)++;
+    if (rc != 1) {
+	sudo_warnx("I/O change_winsize endpoint failed");
+	(*nerrors)++;
+	return;
+    }
+    rc = sudoers_io.change_winsize(24, 80);
+    (*ntests)++;
+    if (rc != 1) {
+	sudo_warnx("I/O change_winsize endpoint failed");
+	(*nerrors)++;
+	return;
+    }
+
+    /* Close the plugin. */
+    sudoers_io.close(0, 0);
+
+    /* Validate the timing file. */
+    snprintf(iolog_path, sizeof(iolog_path), "%s/timing", iolog_dir);
+    (*ntests)++;
+    if ((fp = fopen(iolog_path, "r")) == NULL) {
+	sudo_warn("unable to open %s", iolog_path);
+	(*nerrors)++;
+	return;
+    }
+
+    /* Line 1: output of id command. */
+    if (!validate_timing(fp, 1, IO_EVENT_TTYOUT, strlen(output), 0)) {
+	(*nerrors)++;
+	return;
+    }
+
+    /* Line 2: window size change. */
+    if (!validate_timing(fp, 2, IO_EVENT_WINSIZE, 32, 128)) {
+	(*nerrors)++;
+	return;
+    }
+
+    /* Line 3: window size change. */
+    if (!validate_timing(fp, 3, IO_EVENT_WINSIZE, 24, 80)) {
+	(*nerrors)++;
+	return;
+    }
+
+    /* Validate ttyout log file. */
+    snprintf(iolog_path, sizeof(iolog_path), "%s/ttyout", iolog_dir);
+    (*ntests)++;
+    fclose(fp);
+    if ((fp = fopen(iolog_path, "r")) == NULL) {
+	sudo_warn("unable to open %s", iolog_path);
+	(*nerrors)++;
+	return;
+    }
+    if (!fgets(buf, sizeof(buf), fp)) {
+	sudo_warn("unable to read %s", iolog_path);
+	(*nerrors)++;
+	return;
+    }
+    if (strcmp(buf, output) != 0) {
+	sudo_warnx("ttylog mismatch: want \"%s\", got \"%s\"", output, buf);
+	(*nerrors)++;
+	return;
+    }
+}
+
+int
+main(int argc, char *argv[], char *envp[])
+{
+    struct passwd pw, rpw, *tpw;
+    int tests = 0, errors = 0;
+    const char *iolog_dir;
+
+    initprogname(argc > 0 ? argv[0] : "check_iolog_plugin");
+
+    if (argc != 2)
+	usage();
+    iolog_dir = argv[1];
+
+    /* Bare minimum to link. */
+    memset(&pw, 0, sizeof(pw));
+    memset(&rpw, 0, sizeof(rpw));
+    if ((tpw = getpwuid(0)) == NULL) {
+	if ((tpw = getpwnam("root")) == NULL)
+	    sudo_fatalx("unable to look up uid 0 or root");
+    }
+    rpw.pw_uid = tpw->pw_uid;
+    rpw.pw_gid = tpw->pw_gid;
+    sudo_user.pw = &pw;
+    sudo_user._runas_pw = &rpw;
+
+    /* Set iolog uid/gid to invoking user. */
+    iolog_uid = geteuid();
+    iolog_gid = getegid();
+
+    test_endpoints(&tests, &errors, iolog_dir, envp);
+
+    if (tests != 0) {
+	printf("check_iolog_plugin: %d test%s run, %d errors, %d%% success rate\n",
+	    tests, tests == 1 ? "" : "s", errors,
+	    (tests - errors) * 100 / tests);
+    }
+
+    exit(errors);
+}
+
+/* Stub functions */
+
+bool
+set_perms(int perm)
+{
+    return true;
+}
+
+bool
+restore_perms(void)
+{
+    return true;
+}
+
+bool
+log_warning(int flags, const char *fmt, ...)
+{
+    va_list ap;
+
+    va_start(ap, fmt);
+    sudo_vwarn_nodebug(fmt, ap);
+    va_end(ap);
+
+    return true;
+}
+
+bool
+log_warningx(int flags, const char *fmt, ...)
+{
+    va_list ap;
+
+    va_start(ap, fmt);
+    sudo_vwarnx_nodebug(fmt, ap);
+    va_end(ap);
+
+    return true;
+}
diff --git a/plugins/sudoers/regress/iolog_util/check_iolog_util.c b/plugins/sudoers/regress/iolog_util/check_iolog_util.c
new file mode 100644
index 0000000..d9c932d
--- /dev/null
+++ b/plugins/sudoers/regress/iolog_util/check_iolog_util.c
@@ -0,0 +1,151 @@
+/*
+ * Copyright (c) 2018 Todd C. Miller <Todd.Miller@sudo.ws>
+ *
+ * Permission to use, copy, modify, and distribute this software for any
+ * purpose with or without fee is hereby granted, provided that the above
+ * copyright notice and this permission notice appear in all copies.
+ *
+ * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
+ * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
+ * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
+ * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
+ * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
+ * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
+ * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
+ */
+
+#include <config.h>
+
+#include <sys/types.h>
+#include <stdio.h>
+#include <stdlib.h>
+#ifdef HAVE_STRING_H
+# include <string.h>
+#endif /* HAVE_STRING_H */
+#ifdef HAVE_STRINGS_H
+# include <strings.h>
+#endif /* HAVE_STRINGS_H */
+#include <time.h>
+#include <unistd.h>
+
+#define SUDO_ERROR_WRAP 0
+
+#include "sudo_compat.h"
+#include "sudo_util.h"
+#include "sudo_fatal.h"
+#include "iolog.h"
+
+__dso_public int main(int argc, char *argv[]);
+
+static struct parse_delay_test {
+    const char *input;
+    const char *next_field;
+    struct timespec expected_delay;
+} parse_delay_tests[] = {
+    { "10.99999999999 X", "X", { 10, 999999999 } },	/* clamp to nsec */
+    { "10.999999999 X",   "X", { 10, 999999999 } },	/* nsec */
+    { "10.999999 X",      "X", { 10, 999999000 } },	/* usec -> nsec */
+    { "10.000999999 X",   "X", { 10, 999999 } },
+    { "10.9 X",           "X", { 10, 900000000 } },
+    { "10.0 X",           "X", { 10, 0 } }
+};
+
+/*
+ * Test parse_delay()
+ */
+void
+test_parse_delay(int *ntests, int *nerrors)
+{
+    unsigned int i;
+
+    for (i = 0; i < nitems(parse_delay_tests); i++) {
+	struct timespec delay;
+	struct parse_delay_test *test = &parse_delay_tests[i];
+	char *cp = parse_delay(test->input, &delay, ".");
+	if (cp == NULL) {
+	    sudo_warnx("%s:%u failed to parse delay: %s", __func__,
+		i, test->input);
+	    (*nerrors)++;
+	    continue;
+	}
+	if (strcmp(cp, test->next_field) != 0) {
+	    sudo_warnx("%s:%u next field (want \"%s\", got \"%s\"", __func__,
+		i, test->next_field, cp);
+	    (*nerrors)++;
+	    continue;
+	}
+	if (delay.tv_sec != test->expected_delay.tv_sec) {
+	    sudo_warnx("%s:%u wrong seconds (want %lld, got %lld)", __func__,
+		i, (long long)test->expected_delay.tv_sec,
+		(long long)delay.tv_sec);
+	    (*nerrors)++;
+	    continue;
+	}
+	if (delay.tv_nsec != test->expected_delay.tv_nsec) {
+	    sudo_warnx("%s:%u wrong nanoseconds (want %ld, got %ld)", __func__,
+		i, test->expected_delay.tv_nsec, delay.tv_nsec);
+	    (*nerrors)++;
+	    continue;
+	}
+    }
+    (*ntests) += i;
+}
+
+static struct adjust_delay_test {
+    struct timespec in_delay;
+    struct timespec out_delay;
+    struct timespec max_delay;
+    double scale_factor;
+} adjust_delay_tests[] = {
+    { { 10,       300 }, { 10,       300 }, { 0, 0 }, 1.0 },
+    { { 10,       300 }, {  5,       150 }, { 0, 0 }, 2.0 },
+    { {  5,       300 }, {  2, 500000150 }, { 0, 0 }, 2.0 },
+    { {  0,   1000000 }, {  0,    333333 }, { 0, 0 },   3 },
+    { { 10,   1000000 }, {  3, 333666666 }, { 0, 0 },   3 },
+    { {  5,       150 }, { 10,       300 }, { 0, 0 }, 0.5 },
+    { {  5, 500000000 }, { 11,         0 }, { 0, 0 }, 0.5 },
+    { {  5,       150 }, {  5,         0 }, { 5, 0 }, 0.5 }
+};
+
+/*
+ * Test adjust_delay()
+ */
+void
+test_adjust_delay(int *ntests, int *nerrors)
+{
+    unsigned int i;
+
+    for (i = 0; i < nitems(adjust_delay_tests); i++) {
+	struct adjust_delay_test *test = &adjust_delay_tests[i];
+
+	adjust_delay(&test->in_delay, sudo_timespecisset(&test->max_delay) ?
+	    &test->max_delay : NULL, test->scale_factor);
+	if (!sudo_timespeccmp(&test->in_delay, &test->out_delay, ==)) {
+	    sudo_warnx("%s:%u want {%lld, %ld}, got {%lld, %ld}", __func__, i,
+		(long long)test->out_delay.tv_sec, test->out_delay.tv_nsec,
+		(long long)test->in_delay.tv_sec, test->in_delay.tv_nsec);
+	    (*nerrors)++;
+	}
+    }
+    (*ntests) += i;
+}
+
+int
+main(int argc, char *argv[])
+{
+    int tests = 0, errors = 0;
+
+    initprogname(argc > 0 ? argv[0] : "check_iolog_util");
+
+    test_parse_delay(&tests, &errors);
+
+    test_adjust_delay(&tests, &errors);
+
+    if (tests != 0) {
+	printf("check_iolog_util: %d test%s run, %d errors, %d%% success rate\n",
+	    tests, tests == 1 ? "" : "s", errors,
+	    (tests - errors) * 100 / tests);
+    }
+
+    exit(errors);
+}
diff --git a/plugins/sudoers/regress/logging/check_wrap.c b/plugins/sudoers/regress/logging/check_wrap.c
new file mode 100644
index 0000000..cc007ad
--- /dev/null
+++ b/plugins/sudoers/regress/logging/check_wrap.c
@@ -0,0 +1,108 @@
+/*
+ * Copyright (c) 2011-2013 Todd C. Miller <Todd.Miller@sudo.ws>
+ *
+ * Permission to use, copy, modify, and distribute this software for any
+ * purpose with or without fee is hereby granted, provided that the above
+ * copyright notice and this permission notice appear in all copies.
+ *
+ * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
+ * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
+ * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
+ * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
+ * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
+ * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
+ * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
+ */
+
+#include <config.h>
+
+#include <sys/types.h>
+#include <stdio.h>
+#include <stdlib.h>
+#ifdef HAVE_STRING_H
+# include <string.h>
+#endif /* HAVE_STRING_H */
+#ifdef HAVE_STRINGS_H
+# include <strings.h>
+#endif /* HAVE_STRINGS_H */
+#include <limits.h>
+
+#define SUDO_ERROR_WRAP 0
+
+#include "sudo_compat.h"
+#include "sudo_fatal.h"
+#include "sudo_plugin.h"
+#include "sudo_util.h"
+
+extern void writeln_wrap(FILE *fp, char *line, size_t len, size_t maxlen);
+
+__dso_public int main(int argc, char *argv[]);
+
+static void
+usage(void)
+{
+    fprintf(stderr, "usage: %s inputfile\n", getprogname());
+    exit(1);
+}
+
+int
+main(int argc, char *argv[])
+{
+    size_t len;
+    FILE *fp;
+    char *line, lines[2][2048];
+    int lineno = 0;
+    int which = 0;
+
+    initprogname(argc > 0 ? argv[0] : "check_wrap");
+
+    if (argc != 2)
+	usage();
+
+    fp = fopen(argv[1], "r");
+    if (fp == NULL)
+	sudo_fatalx("unable to open %s", argv[1]);
+
+    /*
+     * Each test record consists of a log entry on one line and a list of
+     * line lengths to test it with on the next.  E.g.
+     *
+     * Jun 30 14:49:51 : millert : TTY=ttypn ; PWD=/usr/src/local/millert/hg/sudo/trunk/plugins/sudoers ; USER=root ; TSID=0004LD ; COMMAND=/usr/local/sbin/visudo
+     * 60-80,40
+     */
+    while ((line = fgets(lines[which], sizeof(lines[which]), fp)) != NULL) {
+	char *cp, *last;
+
+	len = strcspn(line, "\n");
+	line[len] = '\0';
+
+	/* If we read the 2nd line, parse list of line lengths and check. */
+	if (which) {
+	    lineno++;
+	    for (cp = strtok_r(lines[1], ",", &last); cp != NULL; cp = strtok_r(NULL, ",", &last)) {
+		char *dash;
+		size_t maxlen;
+
+		/* May be either a number or a range. */
+		dash = strchr(cp, '-');
+		if (dash != NULL) {
+		    *dash = '\0';
+		    len = strtonum(cp, 1, INT_MAX, NULL);
+		    maxlen = strtonum(dash + 1, 1, INT_MAX, NULL);
+		} else {
+		    len = maxlen = strtonum(cp, 1, INT_MAX, NULL);
+		}
+		if (len == 0 || maxlen == 0)
+		    sudo_fatalx("%s: invalid length on line %d\n", argv[1], lineno);
+		while (len <= maxlen) {
+		    printf("# word wrap at %d characters\n", (int)len);
+		    writeln_wrap(stdout, lines[0], strlen(lines[0]), len);
+		    len++;
+		}
+	    }
+	}
+	which = !which;
+    }
+
+    exit(0);
+}
diff --git a/plugins/sudoers/regress/logging/check_wrap.in b/plugins/sudoers/regress/logging/check_wrap.in
new file mode 100644
index 0000000..a2d1f08
--- /dev/null
+++ b/plugins/sudoers/regress/logging/check_wrap.in
@@ -0,0 +1,4 @@
+Jul 11 11:30:17 : tu2sp3-a : command not allowed ; TTY=pts/1 ; PWD=/home/tu2sp3-a ; USER=root ; COMMAND=/opt/quest/bin/vastool list users
+60-80,120,140
+Jun 26 18:00:06 : millert : TTY=ttypm ; PWD=/usr/src/local/millert/hg/sudo/build ; USER=root ; TSID=0004KT ; COMMAND=/bin/rm /root/.bash_profile
+60-80,120,140
diff --git a/plugins/sudoers/regress/logging/check_wrap.out.ok b/plugins/sudoers/regress/logging/check_wrap.out.ok
new file mode 100644
index 0000000..4842443
--- /dev/null
+++ b/plugins/sudoers/regress/logging/check_wrap.out.ok
@@ -0,0 +1,175 @@
+# word wrap at 60 characters
+Jul 11 11:30:17 : tu2sp3-a : command not allowed ; TTY=pts/1
+    ; PWD=/home/tu2sp3-a ; USER=root ;
+    COMMAND=/opt/quest/bin/vastool list users
+# word wrap at 61 characters
+Jul 11 11:30:17 : tu2sp3-a : command not allowed ; TTY=pts/1
+    ; PWD=/home/tu2sp3-a ; USER=root ;
+    COMMAND=/opt/quest/bin/vastool list users
+# word wrap at 62 characters
+Jul 11 11:30:17 : tu2sp3-a : command not allowed ; TTY=pts/1 ;
+    PWD=/home/tu2sp3-a ; USER=root ;
+    COMMAND=/opt/quest/bin/vastool list users
+# word wrap at 63 characters
+Jul 11 11:30:17 : tu2sp3-a : command not allowed ; TTY=pts/1 ;
+    PWD=/home/tu2sp3-a ; USER=root ;
+    COMMAND=/opt/quest/bin/vastool list users
+# word wrap at 64 characters
+Jul 11 11:30:17 : tu2sp3-a : command not allowed ; TTY=pts/1 ;
+    PWD=/home/tu2sp3-a ; USER=root ;
+    COMMAND=/opt/quest/bin/vastool list users
+# word wrap at 65 characters
+Jul 11 11:30:17 : tu2sp3-a : command not allowed ; TTY=pts/1 ;
+    PWD=/home/tu2sp3-a ; USER=root ;
+    COMMAND=/opt/quest/bin/vastool list users
+# word wrap at 66 characters
+Jul 11 11:30:17 : tu2sp3-a : command not allowed ; TTY=pts/1 ;
+    PWD=/home/tu2sp3-a ; USER=root ;
+    COMMAND=/opt/quest/bin/vastool list users
+# word wrap at 67 characters
+Jul 11 11:30:17 : tu2sp3-a : command not allowed ; TTY=pts/1 ;
+    PWD=/home/tu2sp3-a ; USER=root ; COMMAND=/opt/quest/bin/vastool
+    list users
+# word wrap at 68 characters
+Jul 11 11:30:17 : tu2sp3-a : command not allowed ; TTY=pts/1 ;
+    PWD=/home/tu2sp3-a ; USER=root ; COMMAND=/opt/quest/bin/vastool
+    list users
+# word wrap at 69 characters
+Jul 11 11:30:17 : tu2sp3-a : command not allowed ; TTY=pts/1 ;
+    PWD=/home/tu2sp3-a ; USER=root ; COMMAND=/opt/quest/bin/vastool
+    list users
+# word wrap at 70 characters
+Jul 11 11:30:17 : tu2sp3-a : command not allowed ; TTY=pts/1 ;
+    PWD=/home/tu2sp3-a ; USER=root ; COMMAND=/opt/quest/bin/vastool
+    list users
+# word wrap at 71 characters
+Jul 11 11:30:17 : tu2sp3-a : command not allowed ; TTY=pts/1 ;
+    PWD=/home/tu2sp3-a ; USER=root ; COMMAND=/opt/quest/bin/vastool
+    list users
+# word wrap at 72 characters
+Jul 11 11:30:17 : tu2sp3-a : command not allowed ; TTY=pts/1 ;
+    PWD=/home/tu2sp3-a ; USER=root ; COMMAND=/opt/quest/bin/vastool list
+    users
+# word wrap at 73 characters
+Jul 11 11:30:17 : tu2sp3-a : command not allowed ; TTY=pts/1 ;
+    PWD=/home/tu2sp3-a ; USER=root ; COMMAND=/opt/quest/bin/vastool list
+    users
+# word wrap at 74 characters
+Jul 11 11:30:17 : tu2sp3-a : command not allowed ; TTY=pts/1 ;
+    PWD=/home/tu2sp3-a ; USER=root ; COMMAND=/opt/quest/bin/vastool list
+    users
+# word wrap at 75 characters
+Jul 11 11:30:17 : tu2sp3-a : command not allowed ; TTY=pts/1 ;
+    PWD=/home/tu2sp3-a ; USER=root ; COMMAND=/opt/quest/bin/vastool list
+    users
+# word wrap at 76 characters
+Jul 11 11:30:17 : tu2sp3-a : command not allowed ; TTY=pts/1 ;
+    PWD=/home/tu2sp3-a ; USER=root ; COMMAND=/opt/quest/bin/vastool list
+    users
+# word wrap at 77 characters
+Jul 11 11:30:17 : tu2sp3-a : command not allowed ; TTY=pts/1 ;
+    PWD=/home/tu2sp3-a ; USER=root ; COMMAND=/opt/quest/bin/vastool list
+    users
+# word wrap at 78 characters
+Jul 11 11:30:17 : tu2sp3-a : command not allowed ; TTY=pts/1 ;
+    PWD=/home/tu2sp3-a ; USER=root ; COMMAND=/opt/quest/bin/vastool list users
+# word wrap at 79 characters
+Jul 11 11:30:17 : tu2sp3-a : command not allowed ; TTY=pts/1 ;
+    PWD=/home/tu2sp3-a ; USER=root ; COMMAND=/opt/quest/bin/vastool list users
+# word wrap at 80 characters
+Jul 11 11:30:17 : tu2sp3-a : command not allowed ; TTY=pts/1 ;
+    PWD=/home/tu2sp3-a ; USER=root ; COMMAND=/opt/quest/bin/vastool list users
+# word wrap at 120 characters
+Jul 11 11:30:17 : tu2sp3-a : command not allowed ; TTY=pts/1 ; PWD=/home/tu2sp3-a ; USER=root ;
+    COMMAND=/opt/quest/bin/vastool list users
+# word wrap at 140 characters
+Jul 11 11:30:17 : tu2sp3-a : command not allowed ; TTY=pts/1 ; PWD=/home/tu2sp3-a ; USER=root ; COMMAND=/opt/quest/bin/vastool list users
+# word wrap at 60 characters
+Jun 26 18:00:06 : millert : TTY=ttypm ;
+    PWD=/usr/src/local/millert/hg/sudo/build ; USER=root ;
+    TSID=0004KT ; COMMAND=/bin/rm /root/.bash_profile
+# word wrap at 61 characters
+Jun 26 18:00:06 : millert : TTY=ttypm ;
+    PWD=/usr/src/local/millert/hg/sudo/build ; USER=root ;
+    TSID=0004KT ; COMMAND=/bin/rm /root/.bash_profile
+# word wrap at 62 characters
+Jun 26 18:00:06 : millert : TTY=ttypm ;
+    PWD=/usr/src/local/millert/hg/sudo/build ; USER=root ;
+    TSID=0004KT ; COMMAND=/bin/rm /root/.bash_profile
+# word wrap at 63 characters
+Jun 26 18:00:06 : millert : TTY=ttypm ;
+    PWD=/usr/src/local/millert/hg/sudo/build ; USER=root ;
+    TSID=0004KT ; COMMAND=/bin/rm /root/.bash_profile
+# word wrap at 64 characters
+Jun 26 18:00:06 : millert : TTY=ttypm ;
+    PWD=/usr/src/local/millert/hg/sudo/build ; USER=root ;
+    TSID=0004KT ; COMMAND=/bin/rm /root/.bash_profile
+# word wrap at 65 characters
+Jun 26 18:00:06 : millert : TTY=ttypm ;
+    PWD=/usr/src/local/millert/hg/sudo/build ; USER=root ;
+    TSID=0004KT ; COMMAND=/bin/rm /root/.bash_profile
+# word wrap at 66 characters
+Jun 26 18:00:06 : millert : TTY=ttypm ;
+    PWD=/usr/src/local/millert/hg/sudo/build ; USER=root ;
+    TSID=0004KT ; COMMAND=/bin/rm /root/.bash_profile
+# word wrap at 67 characters
+Jun 26 18:00:06 : millert : TTY=ttypm ;
+    PWD=/usr/src/local/millert/hg/sudo/build ; USER=root ;
+    TSID=0004KT ; COMMAND=/bin/rm /root/.bash_profile
+# word wrap at 68 characters
+Jun 26 18:00:06 : millert : TTY=ttypm ;
+    PWD=/usr/src/local/millert/hg/sudo/build ; USER=root ;
+    TSID=0004KT ; COMMAND=/bin/rm /root/.bash_profile
+# word wrap at 69 characters
+Jun 26 18:00:06 : millert : TTY=ttypm ;
+    PWD=/usr/src/local/millert/hg/sudo/build ; USER=root ;
+    TSID=0004KT ; COMMAND=/bin/rm /root/.bash_profile
+# word wrap at 70 characters
+Jun 26 18:00:06 : millert : TTY=ttypm ;
+    PWD=/usr/src/local/millert/hg/sudo/build ; USER=root ; TSID=0004KT
+    ; COMMAND=/bin/rm /root/.bash_profile
+# word wrap at 71 characters
+Jun 26 18:00:06 : millert : TTY=ttypm ;
+    PWD=/usr/src/local/millert/hg/sudo/build ; USER=root ; TSID=0004KT
+    ; COMMAND=/bin/rm /root/.bash_profile
+# word wrap at 72 characters
+Jun 26 18:00:06 : millert : TTY=ttypm ;
+    PWD=/usr/src/local/millert/hg/sudo/build ; USER=root ; TSID=0004KT ;
+    COMMAND=/bin/rm /root/.bash_profile
+# word wrap at 73 characters
+Jun 26 18:00:06 : millert : TTY=ttypm ;
+    PWD=/usr/src/local/millert/hg/sudo/build ; USER=root ; TSID=0004KT ;
+    COMMAND=/bin/rm /root/.bash_profile
+# word wrap at 74 characters
+Jun 26 18:00:06 : millert : TTY=ttypm ;
+    PWD=/usr/src/local/millert/hg/sudo/build ; USER=root ; TSID=0004KT ;
+    COMMAND=/bin/rm /root/.bash_profile
+# word wrap at 75 characters
+Jun 26 18:00:06 : millert : TTY=ttypm ;
+    PWD=/usr/src/local/millert/hg/sudo/build ; USER=root ; TSID=0004KT ;
+    COMMAND=/bin/rm /root/.bash_profile
+# word wrap at 76 characters
+Jun 26 18:00:06 : millert : TTY=ttypm ;
+    PWD=/usr/src/local/millert/hg/sudo/build ; USER=root ; TSID=0004KT ;
+    COMMAND=/bin/rm /root/.bash_profile
+# word wrap at 77 characters
+Jun 26 18:00:06 : millert : TTY=ttypm ;
+    PWD=/usr/src/local/millert/hg/sudo/build ; USER=root ; TSID=0004KT ;
+    COMMAND=/bin/rm /root/.bash_profile
+# word wrap at 78 characters
+Jun 26 18:00:06 : millert : TTY=ttypm ;
+    PWD=/usr/src/local/millert/hg/sudo/build ; USER=root ; TSID=0004KT ;
+    COMMAND=/bin/rm /root/.bash_profile
+# word wrap at 79 characters
+Jun 26 18:00:06 : millert : TTY=ttypm ;
+    PWD=/usr/src/local/millert/hg/sudo/build ; USER=root ; TSID=0004KT ;
+    COMMAND=/bin/rm /root/.bash_profile
+# word wrap at 80 characters
+Jun 26 18:00:06 : millert : TTY=ttypm ; PWD=/usr/src/local/millert/hg/sudo/build
+    ; USER=root ; TSID=0004KT ; COMMAND=/bin/rm /root/.bash_profile
+# word wrap at 120 characters
+Jun 26 18:00:06 : millert : TTY=ttypm ; PWD=/usr/src/local/millert/hg/sudo/build ; USER=root ; TSID=0004KT ;
+    COMMAND=/bin/rm /root/.bash_profile
+# word wrap at 140 characters
+Jun 26 18:00:06 : millert : TTY=ttypm ; PWD=/usr/src/local/millert/hg/sudo/build ; USER=root ; TSID=0004KT ; COMMAND=/bin/rm
+    /root/.bash_profile
diff --git a/plugins/sudoers/regress/parser/check_addr.c b/plugins/sudoers/regress/parser/check_addr.c
new file mode 100644
index 0000000..5f67d4d
--- /dev/null
+++ b/plugins/sudoers/regress/parser/check_addr.c
@@ -0,0 +1,145 @@
+/*
+ * Copyright (c) 2011-2013 Todd C. Miller <Todd.Miller@sudo.ws>
+ *
+ * Permission to use, copy, modify, and distribute this software for any
+ * purpose with or without fee is hereby granted, provided that the above
+ * copyright notice and this permission notice appear in all copies.
+ *
+ * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
+ * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
+ * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
+ * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
+ * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
+ * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
+ * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
+ */
+
+#include <config.h>
+
+#include <sys/types.h>
+#include <sys/socket.h>
+#include <stdio.h>
+#include <stdlib.h>
+#include <stdarg.h>
+#ifdef HAVE_STRING_H
+# include <string.h>
+#endif /* HAVE_STRING_H */
+#ifdef HAVE_STRINGS_H
+# include <strings.h>
+#endif /* HAVE_STRINGS_H */
+#include <ctype.h>
+#include <errno.h>
+#include <grp.h>
+#include <pwd.h>
+
+#include <netinet/in.h>
+#include <arpa/inet.h>
+
+#define SUDO_ERROR_WRAP 0
+
+#include "sudoers.h"
+#include "interfaces.h"
+
+__dso_public int main(int argc, char *argv[]);
+
+static int
+check_addr(char *input)
+{
+    int expected, matched;
+    const char *errstr;
+    size_t len;
+    char *cp;
+
+    while (isspace((unsigned char)*input))
+	input++;
+
+    /* input: "addr[/mask] 1/0" */
+    len = strcspn(input, " \t");
+    cp = input + len;
+    while (isspace((unsigned char)*cp))
+	cp++;
+    expected = strtonum(cp, 0, 1, &errstr);
+    if (errstr != NULL)
+	sudo_fatalx("expecting 0 or 1, got %s", cp);
+    input[len] = '\0';
+
+    matched = addr_matches(input);
+    if (matched != expected) {
+	sudo_warnx("%s %smatched: FAIL", input, matched ? "" : "not ");
+	return 1;
+    }
+    return 0;
+}
+
+static void
+usage(void)
+{
+    fprintf(stderr, "usage: %s datafile\n", getprogname());
+    exit(1);
+}
+
+int
+main(int argc, char *argv[])
+{
+    int ntests = 0, errors = 0;
+    char *cp, line[2048];
+    size_t len;
+    FILE *fp;
+
+    initprogname(argc > 0 ? argv[0] : "check_addr");
+
+    if (argc != 2)
+	usage();
+
+    fp = fopen(argv[1], "r");
+    if (fp == NULL)
+	sudo_fatalx("unable to open %s", argv[1]);
+
+    /*
+     * Input is in the following format.  There are two types of
+     * lines: interfaces, which sets the address and mask of the
+     * locally connected ethernet interfaces for the lines that
+     * follow and, address lines that include and address (with
+     * optional netmask) to match, followed by expected match status
+     * (1 or 0).  E.g.
+     *
+     * interfaces: addr1/mask addr2/mask ...
+     * address: addr[/mask] 1/0
+     * address: addr[/mask] 1/0
+     * interfaces: addr3/mask addr4/mask ...
+     * address: addr[/mask] 1/0
+     */
+
+    while (fgets(line, sizeof(line), fp) != NULL) {
+	len = strcspn(line, "\n");
+	line[len] = '\0';
+
+	/* Ignore comments */
+	if ((cp = strchr(line, '#')) != NULL)
+	    *cp = '\0';
+
+	/* Skip blank lines. */
+	if (line[0] == '\0')
+	    continue;
+
+	if (strncmp(line, "interfaces:", sizeof("interfaces:") - 1) == 0) {
+	    if (!set_interfaces(line + sizeof("interfaces:") - 1)) {
+		sudo_warn("unable to parse interfaces list");
+		errors++;
+	    }
+	} else if (strncmp(line, "address:", sizeof("address:") - 1) == 0) {
+	    errors += check_addr(line + sizeof("address:") - 1);
+	    ntests++;
+	} else {
+	    sudo_warnx("unexpected data line: %s\n", line);
+	    continue;
+	}
+    }
+
+    if (ntests != 0) {
+	printf("check_addr: %d tests run, %d errors, %d%% success rate\n",
+	    ntests, errors, (ntests - errors) * 100 / ntests);
+    }
+
+    exit(errors);
+}
diff --git a/plugins/sudoers/regress/parser/check_addr.in b/plugins/sudoers/regress/parser/check_addr.in
new file mode 100644
index 0000000..a3c8612
--- /dev/null
+++ b/plugins/sudoers/regress/parser/check_addr.in
@@ -0,0 +1,13 @@
+# 
+interfaces: 10.5.54.73/255.255.240.0
+address: 10.5.48.0 1
+address: 10.5.54.0/20 1
+#
+interfaces: 128.138.243.151/255.255.255.0 128.138.241.53/255.255.255.0
+address: 128.138.243.0 1
+address: 128.138.243.0/24 1
+address: 128.138.241.0 1
+address: 128.138.241.0/24 1
+address: 128.138.242.0/24 0
+address: 128.138.0.0 0
+address: 128.138.0.0/16 1
diff --git a/plugins/sudoers/regress/parser/check_base64.c b/plugins/sudoers/regress/parser/check_base64.c
new file mode 100644
index 0000000..a3f28e0
--- /dev/null
+++ b/plugins/sudoers/regress/parser/check_base64.c
@@ -0,0 +1,123 @@
+/*
+ * Copyright (c) 2013-2018 Todd C. Miller <Todd.Miller@sudo.ws>
+ *
+ * Permission to use, copy, modify, and distribute this software for any
+ * purpose with or without fee is hereby granted, provided that the above
+ * copyright notice and this permission notice appear in all copies.
+ *
+ * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
+ * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
+ * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
+ * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
+ * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
+ * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
+ * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
+ */
+
+#include <config.h>
+
+#include <sys/types.h>
+#include <stdio.h>
+#include <stdlib.h>
+#ifdef HAVE_STRING_H
+# include <string.h>
+#endif /* HAVE_STRING_H */
+#ifdef HAVE_STRINGS_H
+# include <strings.h>
+#endif /* HAVE_STRINGS_H */
+#if defined(HAVE_STDINT_H)
+# include <stdint.h>
+#elif defined(HAVE_INTTYPES_H)
+# include <inttypes.h>
+#endif
+
+#define SUDO_ERROR_WRAP 0
+
+#include "sudo_compat.h"
+#include "sudo_util.h"
+
+/* From parse.h */
+extern size_t base64_decode(const char *str, unsigned char *dst, size_t dsize);
+extern size_t base64_encode(const unsigned char *in, size_t in_len, char *out, size_t out_len);
+
+__dso_public int main(int argc, char *argv[]);
+
+static unsigned char bstring1[] = { 0xea, 0xb8, 0xa2, 0x71, 0xef, 0x67, 0xc1, 0xcd, 0x0d, 0xd9, 0xa6, 0xaa, 0xa8, 0x24, 0x77, 0x2a, 0xfc, 0x6f, 0x76, 0x37, 0x1b, 0xed, 0x9e, 0x1a, 0x90, 0x5f, 0xcf, 0xbc, 0x00 };
+
+struct base64_test {
+    const char *ascii;
+    const char *encoded;
+} test_strings[] = {
+    {
+	(char *)bstring1,
+	"6riice9nwc0N2aaqqCR3Kvxvdjcb7Z4akF/PvA=="
+    },
+    {
+	"any carnal pleasure.",
+	"YW55IGNhcm5hbCBwbGVhc3VyZS4="
+    },
+    {
+	"any carnal pleasure",
+	"YW55IGNhcm5hbCBwbGVhc3VyZQ=="
+    },
+    {
+	"any carnal pleasur",
+	"YW55IGNhcm5hbCBwbGVhc3Vy"
+    },
+    {
+	"any carnal pleasu",
+	"YW55IGNhcm5hbCBwbGVhc3U="
+    },
+    {
+	"any carnal pleas",
+	"YW55IGNhcm5hbCBwbGVhcw=="
+    }
+};
+
+int
+main(int argc, char *argv[])
+{
+    int ntests = nitems(test_strings);
+    int i, errors = 0;
+    unsigned char buf[64];
+    size_t len;
+
+    initprogname(argc > 0 ? argv[0] : "check_base64");
+
+    for (i = 0; i < ntests; i++) {
+	/* Test decode. */
+	len = base64_decode(test_strings[i].encoded, buf, sizeof(buf));
+	if (len == (size_t)-1) {
+	    fprintf(stderr, "check_base64: failed to decode %s\n",
+		test_strings[i].encoded);
+	    errors++;
+	} else {
+	    buf[len] = '\0';
+	    if (strcmp(test_strings[i].ascii, (char *)buf) != 0) {
+		fprintf(stderr, "check_base64: expected %s, got %s\n",
+		    test_strings[i].ascii, buf);
+		errors++;
+	    }
+	}
+
+	/* Test encode. */
+	len = base64_encode((unsigned char *)test_strings[i].ascii,
+	    strlen(test_strings[i].ascii), (char *)buf, sizeof(buf));
+	if (len == (size_t)-1) {
+	    fprintf(stderr, "check_base64: failed to encode %s\n",
+		test_strings[i].ascii);
+	    errors++;
+	} else {
+	    if (strcmp(test_strings[i].encoded, (char *)buf) != 0) {
+		fprintf(stderr, "check_base64: expected %s, got %s\n",
+		    test_strings[i].encoded, buf);
+		errors++;
+	    }
+	}
+    }
+    ntests *= 2;	/* we test in both directions */
+
+    printf("check_base64: %d tests run, %d errors, %d%% success rate\n",
+	ntests, errors, (ntests - errors) * 100 / ntests);
+    exit(errors);
+}
diff --git a/plugins/sudoers/regress/parser/check_digest.c b/plugins/sudoers/regress/parser/check_digest.c
new file mode 100644
index 0000000..0d49a35
--- /dev/null
+++ b/plugins/sudoers/regress/parser/check_digest.c
@@ -0,0 +1,140 @@
+/*
+ * Copyright (c) 2013-2015 Todd C. Miller <Todd.Miller@sudo.ws>
+ *
+ * Permission to use, copy, modify, and distribute this software for any
+ * purpose with or without fee is hereby granted, provided that the above
+ * copyright notice and this permission notice appear in all copies.
+ *
+ * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
+ * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
+ * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
+ * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
+ * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
+ * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
+ * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
+ */
+
+#include <config.h>
+
+#include <sys/types.h>
+#include <stdio.h>
+#include <stdlib.h>
+#ifdef HAVE_STRING_H
+# include <string.h>
+#endif /* HAVE_STRING_H */
+#ifdef HAVE_STRINGS_H
+# include <strings.h>
+#endif /* HAVE_STRINGS_H */
+#if defined(HAVE_STDINT_H)
+# include <stdint.h>
+#elif defined(HAVE_INTTYPES_H)
+# include <inttypes.h>
+#endif
+#ifdef HAVE_STDBOOL_H
+# include <stdbool.h>
+#else
+# include "compat/stdbool.h"
+#endif /* HAVE_STDBOOL_H */
+#include <limits.h>
+#include <unistd.h>
+
+#include "sudo_compat.h"
+#include "sudo_fatal.h"
+#include "sudo_queue.h"
+#include "sudo_digest.h"
+#include "sudo_util.h"
+#include "parse.h"
+
+__dso_public int main(int argc, char *argv[]);
+
+#define NUM_TESTS	8
+static const char *test_strings[NUM_TESTS] = {
+    "",
+    "a",
+    "abc",
+    "message digest",
+    "abcdefghijklmnopqrstuvwxyz",
+    "abcdbcdecdefdefgefghfghighijhijkijkljklmklmnlmnomnopnopq",
+    "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789",
+    "12345678901234567890123456789012345678901234567890123456789"
+	"012345678901234567890",
+};
+
+static unsigned char *
+check_digest(int digest_type, const char *buf, size_t buflen, size_t *digest_len)
+{
+    char tfile[] = "digest.XXXXXX";
+    unsigned char *digest = NULL;
+    int tfd;
+
+    /* Write test data to temporary file. */
+    tfd = mkstemp(tfile);
+    if (tfd == -1) {
+	sudo_warn_nodebug("mkstemp");
+	goto done;
+    }
+    if ((size_t)write(tfd, buf, buflen) != buflen) {
+	sudo_warn_nodebug("write");
+	goto done;
+    }
+    lseek(tfd, 0, SEEK_SET);
+
+    /* Get file digest. */
+    digest = sudo_filedigest(tfd, tfile, digest_type, digest_len);
+    if (digest == NULL) {
+	/* Warning (if any) printed by sudo_filedigest() */
+	goto done;
+    }
+done:
+    if (tfd != -1) {
+	close(tfd);
+	unlink(tfile);
+    }
+    return digest;
+}
+
+int
+main(int argc, char *argv[])
+{
+    static const char hex[] = "0123456789abcdef";
+    char buf[1000 * 1000];
+    unsigned char *digest;
+    unsigned int i, j;
+    size_t digest_len;
+    int digest_type;
+
+    initprogname(argc > 0 ? argv[0] : "check_digest");
+
+    for (digest_type = 0; digest_type < SUDO_DIGEST_INVALID; digest_type++) {
+	for (i = 0; i < NUM_TESTS; i++) {
+	    digest = check_digest(digest_type, test_strings[i],
+		strlen(test_strings[i]), &digest_len);
+	    if (digest != NULL) {
+		printf("%s (\"%s\") = ", digest_type_to_name(digest_type),
+		    test_strings[i]);
+		for (j = 0; j < digest_len; j++) {
+		    putchar(hex[digest[j] >> 4]);
+		    putchar(hex[digest[j] & 0x0f]);
+		}
+		putchar('\n');
+		free(digest);
+	    }
+	}
+
+	/* Simulate a string of a million 'a' characters. */
+	memset(buf, 'a', sizeof(buf));
+	digest = check_digest(digest_type, buf, sizeof(buf), &digest_len);
+	if (digest != NULL) {
+	    printf("%s (one million 'a' characters) = ",
+		digest_type_to_name(digest_type));
+	    for (j = 0; j < digest_len; j++) {
+		putchar(hex[digest[j] >> 4]);
+		putchar(hex[digest[j] & 0x0f]);
+	    }
+	    putchar('\n');
+	    free(digest);
+	}
+    }
+
+    return 0;
+}
diff --git a/plugins/sudoers/regress/parser/check_digest.out.ok b/plugins/sudoers/regress/parser/check_digest.out.ok
new file mode 100644
index 0000000..a353664
--- /dev/null
+++ b/plugins/sudoers/regress/parser/check_digest.out.ok
@@ -0,0 +1,36 @@
+sha224 ("") = d14a028c2a3a2bc9476102bb288234c415a2b01f828ea62ac5b3e42f
+sha224 ("a") = abd37534c7d9a2efb9465de931cd7055ffdb8879563ae98078d6d6d5
+sha224 ("abc") = 23097d223405d8228642a477bda255b32aadbce4bda0b3f7e36c9da7
+sha224 ("message digest") = 2cb21c83ae2f004de7e81c3c7019cbcb65b71ab656b22d6d0c39b8eb
+sha224 ("abcdefghijklmnopqrstuvwxyz") = 45a5f72c39c5cff2522eb3429799e49e5f44b356ef926bcf390dccc2
+sha224 ("abcdbcdecdefdefgefghfghighijhijkijkljklmklmnlmnomnopnopq") = 75388b16512776cc5dba5da1fd890150b0c6455cb4f58b1952522525
+sha224 ("ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789") = bff72b4fcb7d75e5632900ac5f90d219e05e97a7bde72e740db393d9
+sha224 ("12345678901234567890123456789012345678901234567890123456789012345678901234567890") = b50aecbe4e9bb0b57bc5f3ae760a8e01db24f203fb3cdcd13148046e
+sha224 (one million 'a' characters) = 20794655980c91d8bbb4c1ea97618a4bf03f42581948b2ee4ee7ad67
+sha256 ("") = e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
+sha256 ("a") = ca978112ca1bbdcafac231b39a23dc4da786eff8147c4e72b9807785afee48bb
+sha256 ("abc") = ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20015ad
+sha256 ("message digest") = f7846f55cf23e14eebeab5b4e1550cad5b509e3348fbc4efa3a1413d393cb650
+sha256 ("abcdefghijklmnopqrstuvwxyz") = 71c480df93d6ae2f1efad1447c66c9525e316218cf51fc8d9ed832f2daf18b73
+sha256 ("abcdbcdecdefdefgefghfghighijhijkijkljklmklmnlmnomnopnopq") = 248d6a61d20638b8e5c026930c3e6039a33ce45964ff2167f6ecedd419db06c1
+sha256 ("ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789") = db4bfcbd4da0cd85a60c3c37d3fbd8805c77f15fc6b1fdfe614ee0a7c8fdb4c0
+sha256 ("12345678901234567890123456789012345678901234567890123456789012345678901234567890") = f371bc4a311f2b009eef952dd83ca80e2b60026c8e935592d0f9c308453c813e
+sha256 (one million 'a' characters) = cdc76e5c9914fb9281a1c7e284d73e67f1809a48a497200e046d39ccc7112cd0
+sha384 ("") = 38b060a751ac96384cd9327eb1b1e36a21fdb71114be07434c0cc7bf63f6e1da274edebfe76f65fbd51ad2f14898b95b
+sha384 ("a") = 54a59b9f22b0b80880d8427e548b7c23abd873486e1f035dce9cd697e85175033caa88e6d57bc35efae0b5afd3145f31
+sha384 ("abc") = cb00753f45a35e8bb5a03d699ac65007272c32ab0eded1631a8b605a43ff5bed8086072ba1e7cc2358baeca134c825a7
+sha384 ("message digest") = 473ed35167ec1f5d8e550368a3db39be54639f828868e9454c239fc8b52e3c61dbd0d8b4de1390c256dcbb5d5fd99cd5
+sha384 ("abcdefghijklmnopqrstuvwxyz") = feb67349df3db6f5924815d6c3dc133f091809213731fe5c7b5f4999e463479ff2877f5f2936fa63bb43784b12f3ebb4
+sha384 ("abcdbcdecdefdefgefghfghighijhijkijkljklmklmnlmnomnopnopq") = 3391fdddfc8dc7393707a65b1b4709397cf8b1d162af05abfe8f450de5f36bc6b0455a8520bc4e6f5fe95b1fe3c8452b
+sha384 ("ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789") = 1761336e3f7cbfe51deb137f026f89e01a448e3b1fafa64039c1464ee8732f11a5341a6f41e0c202294736ed64db1a84
+sha384 ("12345678901234567890123456789012345678901234567890123456789012345678901234567890") = b12932b0627d1c060942f5447764155655bd4da0c9afa6dd9b9ef53129af1b8fb0195996d2de9ca0df9d821ffee67026
+sha384 (one million 'a' characters) = 9d0e1809716474cb086e834e310a4a1ced149e9c00f248527972cec5704c2a5b07b8b3dc38ecc4ebae97ddd87f3d8985
+sha512 ("") = cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e
+sha512 ("a") = 1f40fc92da241694750979ee6cf582f2d5d7d28e18335de05abc54d0560e0f5302860c652bf08d560252aa5e74210546f369fbbbce8c12cfc7957b2652fe9a75
+sha512 ("abc") = ddaf35a193617abacc417349ae20413112e6fa4e89a97ea20a9eeee64b55d39a2192992a274fc1a836ba3c23a3feebbd454d4423643ce80e2a9ac94fa54ca49f
+sha512 ("message digest") = 107dbf389d9e9f71a3a95f6c055b9251bc5268c2be16d6c13492ea45b0199f3309e16455ab1e96118e8a905d5597b72038ddb372a89826046de66687bb420e7c
+sha512 ("abcdefghijklmnopqrstuvwxyz") = 4dbff86cc2ca1bae1e16468a05cb9881c97f1753bce3619034898faa1aabe429955a1bf8ec483d7421fe3c1646613a59ed5441fb0f321389f77f48a879c7b1f1
+sha512 ("abcdbcdecdefdefgefghfghighijhijkijkljklmklmnlmnomnopnopq") = 204a8fc6dda82f0a0ced7beb8e08a41657c16ef468b228a8279be331a703c33596fd15c13b1b07f9aa1d3bea57789ca031ad85c7a71dd70354ec631238ca3445
+sha512 ("ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789") = 1e07be23c26a86ea37ea810c8ec7809352515a970e9253c26f536cfc7a9996c45c8370583e0a78fa4a90041d71a4ceab7423f19c71b9d5a3e01249f0bebd5894
+sha512 ("12345678901234567890123456789012345678901234567890123456789012345678901234567890") = 72ec1ef1124a45b047e8b7c75a932195135bb61de24ec0d1914042246e0aec3a2354e093d76f3048b456764346900cb130d2a4fd5dd16abb5e30bcb850dee843
+sha512 (one million 'a' characters) = e718483d0ce769644e2e42c7bc15b4638e1f98b13b2044285632a803afa973ebde0ff244877ea60a4cb0432ce577c31beb009c5c2c49aa2e4eadb217ad8cc09b
diff --git a/plugins/sudoers/regress/parser/check_fill.c b/plugins/sudoers/regress/parser/check_fill.c
new file mode 100644
index 0000000..e0312b6
--- /dev/null
+++ b/plugins/sudoers/regress/parser/check_fill.c
@@ -0,0 +1,194 @@
+/*
+ * Copyright (c) 2011-2016 Todd C. Miller <Todd.Miller@sudo.ws>
+ *
+ * Permission to use, copy, modify, and distribute this software for any
+ * purpose with or without fee is hereby granted, provided that the above
+ * copyright notice and this permission notice appear in all copies.
+ *
+ * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
+ * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
+ * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
+ * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
+ * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
+ * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
+ * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
+ */
+
+#include <config.h>
+
+#include <sys/types.h>
+#include <stdio.h>
+#include <stdlib.h>
+#ifdef HAVE_STDBOOL_H
+# include <stdbool.h>
+#else
+# include "compat/stdbool.h"
+#endif /* HAVE_STDBOOL_H */
+#ifdef HAVE_STRING_H
+# include <string.h>
+#endif /* HAVE_STRING_H */
+#ifdef HAVE_STRINGS_H
+# include <strings.h>
+#endif /* HAVE_STRINGS_H */
+#include <grp.h>
+#include <pwd.h>
+
+#define SUDO_ERROR_WRAP 0
+
+#include "sudo_compat.h"
+#include "sudo_queue.h"
+#include "parse.h"
+#include "toke.h"
+#include "sudo_plugin.h"
+#include "sudo_util.h"
+#include <gram.h>
+
+__dso_public int main(int argc, char *argv[]);
+
+/*
+ * TODO: test realloc
+ */
+
+YYSTYPE sudoerslval;
+
+struct fill_test {
+    const char *input;
+    const char *output;
+    int len;
+    int addspace;
+};
+
+/*
+ * In "normal" fill, anything can be escaped and hex chars are expanded.
+ */
+static struct fill_test txt_data[] = {
+    { "Embedded\\x20Space", "Embedded Space", 0 },
+    { "\\x20Leading", " Leading", 0 },
+    { "Trailing\\x20", "Trailing ", 0 },
+    { "Multiple\\x20\\x20Spaces", "Multiple  Spaces", 0 },
+    { "Hexparse\\x200Check", "Hexparse 0Check", 0 },
+    { "Escaped\\\\Escape", "Escaped\\Escape", 0 },
+    { "LongGroupName", "LongGrou", 8 }
+};
+
+/*
+ * The only escaped chars in a command should be [,:= \t#]
+ * The rest are done by glob() or fnmatch().
+ */
+static struct fill_test cmd_data[] = {
+    { "foo\\,bar", "foo,bar", 0 },
+    { "this\\:that", "this:that", 0 },
+    { "foo\\=bar", "foo=bar", 0 },
+    { "tab\\\tstop", "tab\tstop", 0 },
+    { "not a \\#comment", "not a #comment", 0 }
+};
+
+/*
+ * No escaped characters in command line args.
+ * Arguments get appended.
+ */
+static struct fill_test args_data[] = {
+    { "/", "/", 0, 0 },
+    { "-type", "/ -type", 0, 1 },
+    { "f", "/ -type f", 0, 1 },
+    { "-exec", "/ -type f -exec", 0, 1 },
+    { "ls", "/ -type f -exec ls", 0, 1 },
+    { "{}", "/ -type f -exec ls {}", 0, 1 }
+};
+
+static int
+check_fill(const char *input, int len, int addspace, const char *expect, char **resultp)
+{
+    if (sudoerslval.string != NULL) {
+	free(sudoerslval.string);
+	sudoerslval.string = NULL;
+    }
+    if (!fill(input, len))
+	return -1;
+    *resultp = sudoerslval.string;
+    return !strcmp(sudoerslval.string, expect);
+}
+
+static int
+check_fill_cmnd(const char *input, int len, int addspace, const char *expect, char **resultp)
+{
+    if (sudoerslval.command.cmnd != NULL) {
+	free(sudoerslval.command.cmnd);
+	sudoerslval.command.cmnd = NULL;
+    }
+    if (!fill_cmnd(input, len))
+	return -1;
+    *resultp = sudoerslval.command.cmnd;
+    return !strcmp(sudoerslval.command.cmnd, expect);
+}
+
+static int
+check_fill_args(const char *input, int len, int addspace, const char *expect, char **resultp)
+{
+    /* Must not free old sudoerslval.command.args as gets appended to. */
+    if (!fill_args(input, len, addspace))
+	return -1;
+    *resultp = sudoerslval.command.args;
+    return !strcmp(sudoerslval.command.args, expect);
+}
+
+static int
+do_tests(int (*checker)(const char *, int, int, const char *, char **),
+    struct fill_test *data, size_t ntests)
+{
+    int len, errors = 0;
+    unsigned int i;
+    char *result;
+
+    for (i = 0; i < ntests; i++) {
+	if (data[i].len == 0)
+	    len = strlen(data[i].input);
+	else
+	    len = data[i].len;
+
+	switch ((*checker)(data[i].input, len, data[i].addspace, data[i].output, &result)) {
+	case 0:
+	    /* no match */
+	    fprintf(stderr, "Failed parsing %.*s: expected [%s], got [%s]\n",
+		(int)data[i].len, data[i].input, data[i].output, result);
+	    errors++;
+	    break;
+	case 1:
+	    /* match */
+	    break;
+	default:
+	    /* error */
+	    fprintf(stderr, "Failed parsing %.*s: fill function failure\n",
+		(int)data[i].len, data[i].input);
+	    errors++;
+	    break;
+	}
+    }
+
+    return errors;
+}
+
+int
+main(int argc, char *argv[])
+{
+    int ntests, errors = 0;
+
+    initprogname(argc > 0 ? argv[0] : "check_fill");
+
+    errors += do_tests(check_fill, txt_data, nitems(txt_data));
+    errors += do_tests(check_fill_cmnd, cmd_data, nitems(cmd_data));
+    errors += do_tests(check_fill_args, args_data, nitems(args_data));
+
+    ntests = nitems(txt_data) + nitems(cmd_data) + nitems(args_data);
+    printf("%s: %d tests run, %d errors, %d%% success rate\n", getprogname(),
+	ntests, errors, (ntests - errors) * 100 / ntests);
+
+    exit(errors);
+}
+
+/* STUB */
+void
+sudoerserror(const char *s)
+{
+    return;
+}
diff --git a/plugins/sudoers/regress/parser/check_gentime.c b/plugins/sudoers/regress/parser/check_gentime.c
new file mode 100644
index 0000000..957ea4c
--- /dev/null
+++ b/plugins/sudoers/regress/parser/check_gentime.c
@@ -0,0 +1,87 @@
+/*
+ * Copyright (c) 2017 Todd C. Miller <Todd.Miller@sudo.ws>
+ *
+ * Permission to use, copy, modify, and distribute this software for any
+ * purpose with or without fee is hereby granted, provided that the above
+ * copyright notice and this permission notice appear in all copies.
+ *
+ * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
+ * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
+ * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
+ * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
+ * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
+ * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
+ * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
+ */
+
+#include <config.h>
+
+#include <sys/types.h>
+#include <stdio.h>
+#include <stdlib.h>
+#ifdef HAVE_STRING_H
+# include <string.h>
+#endif /* HAVE_STRING_H */
+#ifdef HAVE_STRINGS_H
+# include <strings.h>
+#endif /* HAVE_STRINGS_H */
+#include <time.h>
+
+#define SUDO_ERROR_WRAP 0
+
+#include "sudo_compat.h"
+#include "sudo_util.h"
+#include "sudoers_debug.h"
+#include "parse.h"
+
+__dso_public int main(int argc, char *argv[]);
+
+const struct gentime_test {
+    char *gentime;
+    time_t unixtime;
+} tests[] = {
+    { "199412161032ZZ", -1 },
+    { "199412161032Z", 787573920 },
+    { "199412160532-0500", 787573920 },
+    { "199412160532-05000", -1 },
+    { "199412160532", 787573920 },		/* local time is EST */
+    { "20170214083000-0500", 1487079000 },
+    { "201702140830-0500", 1487079000 },
+    { "201702140830", 1487079000 },		/* local time is EST */
+    { "201702140830.3-0500", 1487079018 },
+    { "201702140830,3-0500", 1487079018 },
+    { "20170214083000.5Z", 1487061000 },
+    { "20170214083000,5Z", 1487061000 },
+    { "201702142359.4Z", 1487116764 },
+    { "201702142359,4Z", 1487116764 },
+    { "2017021408.5Z", 1487061000 },
+    { "2017021408,5Z", 1487061000 },
+    { "20170214Z", -1 },
+};
+
+int
+main(int argc, char *argv[])
+{
+    const int ntests = nitems(tests);
+    int i, errors = 0;
+    time_t result;
+
+    initprogname(argc > 0 ? argv[0] : "check_gentime");
+
+    /* Do local time tests in Eastern Standard Time. */
+    putenv("TZ=EST5EST5");
+    tzset();
+
+    for (i = 0; i < ntests; i++) {
+	result = parse_gentime(tests[i].gentime);
+	if (result != tests[i].unixtime) {
+	    fprintf(stderr, "check_gentime[%d]: %s: expected %lld, got %lld\n",
+		i, tests[i].gentime,
+		(long long)tests[i].unixtime, (long long)result);
+	    errors++;
+	}
+    }
+    printf("check_gentime: %d tests run, %d errors, %d%% success rate\n",
+	ntests, errors, (ntests - errors) * 100 / ntests);
+    exit(errors);
+}
diff --git a/plugins/sudoers/regress/parser/check_hexchar.c b/plugins/sudoers/regress/parser/check_hexchar.c
new file mode 100644
index 0000000..d4f9657
--- /dev/null
+++ b/plugins/sudoers/regress/parser/check_hexchar.c
@@ -0,0 +1,90 @@
+/*
+ * Copyright (c) 2014-2015 Todd C. Miller <Todd.Miller@sudo.ws>
+ *
+ * Permission to use, copy, modify, and distribute this software for any
+ * purpose with or without fee is hereby granted, provided that the above
+ * copyright notice and this permission notice appear in all copies.
+ *
+ * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
+ * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
+ * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
+ * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
+ * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
+ * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
+ * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
+ */
+
+#include <config.h>
+
+#include <sys/types.h>
+#include <stdio.h>
+#include <stdlib.h>
+#ifdef HAVE_STRING_H
+# include <string.h>
+#endif /* HAVE_STRING_H */
+#ifdef HAVE_STRINGS_H
+# include <strings.h>
+#endif /* HAVE_STRINGS_H */
+#if defined(HAVE_STDINT_H)
+# include <stdint.h>
+#elif defined(HAVE_INTTYPES_H)
+# include <inttypes.h>
+#endif
+
+#define SUDO_ERROR_WRAP 0
+
+#include "sudo_compat.h"
+#include "sudo_util.h"
+
+int hexchar(const char *s);
+
+__dso_public int main(int argc, char *argv[]);
+
+struct hexchar_test {
+    char hex[3];
+    int value;
+};
+
+int
+main(int argc, char *argv[])
+{
+    struct hexchar_test *test_data;
+    int i, ntests, result, errors = 0;
+    static const char xdigs_lower[] = "0123456789abcdef";
+    static const char xdigs_upper[] = "0123456789ABCDEF";
+
+    initprogname(argc > 0 ? argv[0] : "check_hexchar");
+
+    /* Build up test data. */
+    ntests = 256 + 256 + 3;
+    test_data = calloc(sizeof(*test_data), ntests);
+    for (i = 0; i < 256; i++) {
+	/* lower case */
+	test_data[i].value = i;
+	test_data[i].hex[1] = xdigs_lower[ (i & 0x0f)];
+	test_data[i].hex[0] = xdigs_lower[((i & 0xf0) >> 4)];
+	/* upper case */
+	test_data[i + 256].value = i;
+	test_data[i + 256].hex[1] = xdigs_upper[ (i & 0x0f)];
+	test_data[i + 256].hex[0] = xdigs_upper[((i & 0xf0) >> 4)];
+    }
+    /* Also test invalid data */
+    test_data[ntests - 3].hex[0] = '\0';
+    test_data[ntests - 3].value = -1;
+    strlcpy(test_data[ntests - 2].hex, "AG", sizeof(test_data[ntests - 2].hex));
+    test_data[ntests - 2].value = -1;
+    strlcpy(test_data[ntests - 1].hex, "-1", sizeof(test_data[ntests - 1].hex));
+    test_data[ntests - 1].value = -1;
+
+    for (i = 0; i < ntests; i++) {
+	result = hexchar(test_data[i].hex);
+	if (result != test_data[i].value) {
+	    fprintf(stderr, "check_hexchar: expected %d, got %d\n",
+		test_data[i].value, result);
+	    errors++;
+	}
+    }
+    printf("check_hexchar: %d tests run, %d errors, %d%% success rate\n",
+	ntests, errors, (ntests - errors) * 100 / ntests);
+    exit(errors);
+}
diff --git a/plugins/sudoers/regress/starttime/check_starttime.c b/plugins/sudoers/regress/starttime/check_starttime.c
new file mode 100644
index 0000000..e858ad3
--- /dev/null
+++ b/plugins/sudoers/regress/starttime/check_starttime.c
@@ -0,0 +1,117 @@
+/*
+ * Copyright (c) 2017 Todd C. Miller <Todd.Miller@sudo.ws>
+ *
+ * Permission to use, copy, modify, and distribute this software for any
+ * purpose with or without fee is hereby granted, provided that the above
+ * copyright notice and this permission notice appear in all copies.
+ *
+ * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
+ * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
+ * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
+ * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
+ * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
+ * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
+ * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
+ */
+
+#include <config.h>
+
+#include <sys/types.h>
+#include <limits.h>
+#include <stdio.h>
+#include <stdlib.h>
+#include <string.h>
+#include <time.h>
+#include <unistd.h>
+
+#include "sudo_compat.h"
+#include "sudo_util.h"
+#include "sudo_fatal.h"
+#include "check.h"
+
+__dso_public int main(int argc, char *argv[]);
+
+#ifdef __linux__
+static int
+get_now(struct timespec *now)
+{
+    const char *errstr;
+    char buf[1024];
+    time_t seconds;
+    int ret = -1;
+    FILE *fp;
+
+    /* Linux process start time is relative to boot time. */
+    fp = fopen("/proc/stat", "r");
+    if (fp != NULL) {
+	while (fgets(buf, sizeof(buf), fp) != NULL) {
+	    if (strncmp(buf, "btime ", 6) != 0)
+		continue;
+	    buf[strcspn(buf, "\n")] = '\0';
+
+	    /* Boot time is in seconds since the epoch. */
+	    seconds = strtonum(buf + 6, 0, TIME_T_MAX, &errstr);
+	    if (errstr != NULL)
+		return -1;
+
+	    /* Instead of the real time, "now" is relative to boot time. */
+	    if (sudo_gettime_real(now) == -1)
+		return -1;
+	    now->tv_sec -= seconds;
+	    ret = 0;
+	    break;
+	}
+	fclose(fp);
+    }
+    return ret;
+}
+#else
+static int
+get_now(struct timespec *now)
+{
+    /* Process start time is relative to wall clock time. */
+    return sudo_gettime_real(now);
+}
+#endif
+
+int
+main(int argc, char *argv[])
+{
+    int ntests = 0, errors = 0;
+    struct timespec now, then, delta;
+    pid_t pids[2];
+    int i;
+
+    initprogname(argc > 0 ? argv[0] : "check_starttime");
+
+    if (get_now(&now) == -1)
+	sudo_fatal_nodebug("unable to get current time");
+
+    pids[0] = getpid();
+    pids[1] = getppid();
+
+    for (i = 0; i < 2; i++) {
+	ntests++;
+	if (get_starttime(pids[i], &then)  == -1) {
+	    printf("%s: test %d: unable to get start time for pid %d\n",
+		getprogname(), ntests, (int)pids[i]);
+	    errors++;
+	}
+	if (i != 0)
+	    continue;
+
+	/* Verify our own process start time, allowing for some drift. */
+	ntests++;
+	sudo_timespecsub(&then, &now, &delta);
+	if (delta.tv_sec > 30 || delta.tv_sec < -30) {
+	    printf("%s: test %d: unexpected start time for pid %d: %s",
+		getprogname(), ntests, (int)pids[i], ctime(&then.tv_sec));
+	    errors++;
+	}
+    }
+
+    printf("%s: %d tests run, %d errors, %d%% success rate\n", getprogname(),
+	ntests, errors, (ntests - errors) * 100 / ntests);
+
+    exit(errors);
+}
diff --git a/plugins/sudoers/regress/sudoers/test1.in b/plugins/sudoers/regress/sudoers/test1.in
new file mode 100644
index 0000000..d87c872
--- /dev/null
+++ b/plugins/sudoers/regress/sudoers/test1.in
@@ -0,0 +1,12 @@
+#
+# Verify that all command tags are parsed OK.
+# See https://bugzilla.sudo.ws/show_bug.cgi?id=437
+#
+user1 ALL = LOG_INPUT: LOG_OUTPUT: /usr/bin/su -:\
+      ALL = NOLOG_INPUT: NOLOG_OUTPUT: /usr/bin/id
+user2 ALL = NOPASSWD: NOEXEC: SETENV: /usr/bin/vi:\
+      ALL = PASSWD: EXEC: NOSETENV: /usr/bin/echo
+user3 ALL = MAIL: /bin/sh:\
+      ALL = NOMAIL: /usr/bin/id
+user4 ALL = FOLLOW: sudoedit /etc/motd:\
+      ALL = NOFOLLOW: sudoedit /home/*/*
diff --git a/plugins/sudoers/regress/sudoers/test1.json.ok b/plugins/sudoers/regress/sudoers/test1.json.ok
new file mode 100644
index 0000000..9523e4a
--- /dev/null
+++ b/plugins/sudoers/regress/sudoers/test1.json.ok
@@ -0,0 +1,154 @@
+{
+    "User_Specs": [
+        {
+            "User_List": [
+                { "username": "user1" }
+            ],
+            "Host_List": [
+                { "hostname": "ALL" }
+            ],
+            "Cmnd_Specs": [
+                {
+                    "Options": [
+                        { "log_input": true },
+                        { "log_output": true }
+                    ],
+                    "Commands": [
+                        { "command": "/usr/bin/su -" }
+                    ]
+                }
+            ]
+        },
+        {
+            "User_List": [
+                { "username": "user1" }
+            ],
+            "Host_List": [
+                { "hostname": "ALL" }
+            ],
+            "Cmnd_Specs": [
+                {
+                    "Options": [
+                        { "log_input": false },
+                        { "log_output": false }
+                    ],
+                    "Commands": [
+                        { "command": "/usr/bin/id" }
+                    ]
+                }
+            ]
+        },
+        {
+            "User_List": [
+                { "username": "user2" }
+            ],
+            "Host_List": [
+                { "hostname": "ALL" }
+            ],
+            "Cmnd_Specs": [
+                {
+                    "Options": [
+                        { "authenticate": false },
+                        { "noexec": true },
+                        { "setenv": true }
+                    ],
+                    "Commands": [
+                        { "command": "/usr/bin/vi" }
+                    ]
+                }
+            ]
+        },
+        {
+            "User_List": [
+                { "username": "user2" }
+            ],
+            "Host_List": [
+                { "hostname": "ALL" }
+            ],
+            "Cmnd_Specs": [
+                {
+                    "Options": [
+                        { "authenticate": true },
+                        { "noexec": false },
+                        { "setenv": false }
+                    ],
+                    "Commands": [
+                        { "command": "/usr/bin/echo" }
+                    ]
+                }
+            ]
+        },
+        {
+            "User_List": [
+                { "username": "user3" }
+            ],
+            "Host_List": [
+                { "hostname": "ALL" }
+            ],
+            "Cmnd_Specs": [
+                {
+                    "Options": [
+                        { "send_mail": true }
+                    ],
+                    "Commands": [
+                        { "command": "/bin/sh" }
+                    ]
+                }
+            ]
+        },
+        {
+            "User_List": [
+                { "username": "user3" }
+            ],
+            "Host_List": [
+                { "hostname": "ALL" }
+            ],
+            "Cmnd_Specs": [
+                {
+                    "Options": [
+                        { "send_mail": false }
+                    ],
+                    "Commands": [
+                        { "command": "/usr/bin/id" }
+                    ]
+                }
+            ]
+        },
+        {
+            "User_List": [
+                { "username": "user4" }
+            ],
+            "Host_List": [
+                { "hostname": "ALL" }
+            ],
+            "Cmnd_Specs": [
+                {
+                    "Options": [
+                        { "sudoedit_follow": true }
+                    ],
+                    "Commands": [
+                        { "command": "sudoedit /etc/motd" }
+                    ]
+                }
+            ]
+        },
+        {
+            "User_List": [
+                { "username": "user4" }
+            ],
+            "Host_List": [
+                { "hostname": "ALL" }
+            ],
+            "Cmnd_Specs": [
+                {
+                    "Options": [
+                        { "sudoedit_follow": false }
+                    ],
+                    "Commands": [
+                        { "command": "sudoedit /home/*/*" }
+                    ]
+                }
+            ]
+        }
+    ]
+}
diff --git a/plugins/sudoers/regress/sudoers/test1.ldif.ok b/plugins/sudoers/regress/sudoers/test1.ldif.ok
new file mode 100644
index 0000000..7f3fcfc
--- /dev/null
+++ b/plugins/sudoers/regress/sudoers/test1.ldif.ok
@@ -0,0 +1,88 @@
+dn: cn=user1,ou=SUDOers,dc=sudo,dc=ws
+objectClass: top
+objectClass: sudoRole
+cn: user1
+sudoUser: user1
+sudoHost: ALL
+sudoOption: log_input
+sudoOption: log_output
+sudoCommand: /usr/bin/su -
+sudoOrder: 1
+
+dn: cn=user1_1,ou=SUDOers,dc=sudo,dc=ws
+objectClass: top
+objectClass: sudoRole
+cn: user1_1
+sudoUser: user1
+sudoHost: ALL
+sudoOption: !log_input
+sudoOption: !log_output
+sudoCommand: /usr/bin/id
+sudoOrder: 2
+
+dn: cn=user2,ou=SUDOers,dc=sudo,dc=ws
+objectClass: top
+objectClass: sudoRole
+cn: user2
+sudoUser: user2
+sudoHost: ALL
+sudoOption: !authenticate
+sudoOption: noexec
+sudoOption: setenv
+sudoCommand: /usr/bin/vi
+sudoOrder: 3
+
+dn: cn=user2_1,ou=SUDOers,dc=sudo,dc=ws
+objectClass: top
+objectClass: sudoRole
+cn: user2_1
+sudoUser: user2
+sudoHost: ALL
+sudoOption: authenticate
+sudoOption: !noexec
+sudoOption: !setenv
+sudoCommand: /usr/bin/echo
+sudoOrder: 4
+
+dn: cn=user3,ou=SUDOers,dc=sudo,dc=ws
+objectClass: top
+objectClass: sudoRole
+cn: user3
+sudoUser: user3
+sudoHost: ALL
+sudoOption: mail_all_cmnds
+sudoCommand: /bin/sh
+sudoOrder: 5
+
+dn: cn=user3_1,ou=SUDOers,dc=sudo,dc=ws
+objectClass: top
+objectClass: sudoRole
+cn: user3_1
+sudoUser: user3
+sudoHost: ALL
+sudoOption: !mail_all_cmnds
+sudoOption: !mail_always
+sudoOption: !mail_no_perms
+sudoCommand: /usr/bin/id
+sudoOrder: 6
+
+dn: cn=user4,ou=SUDOers,dc=sudo,dc=ws
+objectClass: top
+objectClass: sudoRole
+cn: user4
+sudoUser: user4
+sudoHost: ALL
+sudoOption: sudoedit_follow
+sudoCommand: sudoedit /etc/motd
+sudoOrder: 7
+
+dn: cn=user4_1,ou=SUDOers,dc=sudo,dc=ws
+objectClass: top
+objectClass: sudoRole
+cn: user4_1
+sudoUser: user4
+sudoHost: ALL
+sudoOption: !sudoedit_follow
+sudoCommand: sudoedit /home/*/*
+sudoOrder: 8
+
diff --git a/plugins/sudoers/regress/sudoers/test1.ldif2sudo.ok b/plugins/sudoers/regress/sudoers/test1.ldif2sudo.ok
new file mode 100644
index 0000000..126fe91
--- /dev/null
+++ b/plugins/sudoers/regress/sudoers/test1.ldif2sudo.ok
@@ -0,0 +1,13 @@
+# sudoRole user1, user1_1
+user1 ALL = LOG_INPUT: LOG_OUTPUT: /usr/bin/su -, NOLOG_INPUT: NOLOG_OUTPUT:\
+    /usr/bin/id
+
+# sudoRole user2, user2_1
+user2 ALL = SETENV: NOEXEC: NOPASSWD: /usr/bin/vi, NOSETENV: EXEC: PASSWD:\
+    /usr/bin/echo
+
+# sudoRole user3, user3_1
+user3 ALL = MAIL: /bin/sh, NOMAIL: /usr/bin/id
+
+# sudoRole user4, user4_1
+user4 ALL = FOLLOW: sudoedit /etc/motd, NOFOLLOW: sudoedit /home/*/*
diff --git a/plugins/sudoers/regress/sudoers/test1.out.ok b/plugins/sudoers/regress/sudoers/test1.out.ok
new file mode 100644
index 0000000..8693cea
--- /dev/null
+++ b/plugins/sudoers/regress/sudoers/test1.out.ok
@@ -0,0 +1,6 @@
+Parses OK.
+
+user1 ALL = LOG_INPUT: LOG_OUTPUT: /usr/bin/su - : ALL = NOLOG_INPUT: NOLOG_OUTPUT: /usr/bin/id
+user2 ALL = SETENV: NOEXEC: NOPASSWD: /usr/bin/vi : ALL = NOSETENV: EXEC: PASSWD: /usr/bin/echo
+user3 ALL = MAIL: /bin/sh : ALL = NOMAIL: /usr/bin/id
+user4 ALL = FOLLOW: sudoedit /etc/motd : ALL = NOFOLLOW: sudoedit /home/*/*
diff --git a/plugins/sudoers/regress/sudoers/test1.toke.ok b/plugins/sudoers/regress/sudoers/test1.toke.ok
new file mode 100644
index 0000000..79945dc
--- /dev/null
+++ b/plugins/sudoers/regress/sudoers/test1.toke.ok
@@ -0,0 +1,8 @@
+#
+#
+#
+#
+WORD(5) ALL = LOG_INPUT LOG_OUTPUT COMMAND ARG : ALL = NOLOG_INPUT NOLOG_OUTPUT COMMAND 
+WORD(5) ALL = NOPASSWD NOEXEC SETENV COMMAND : ALL = PASSWD EXEC NOSETENV COMMAND 
+WORD(5) ALL = MAIL COMMAND : ALL = NOMAIL COMMAND 
+WORD(5) ALL = FOLLOW COMMAND ARG : ALL = NOFOLLOW COMMAND ARG 
diff --git a/plugins/sudoers/regress/sudoers/test10.in b/plugins/sudoers/regress/sudoers/test10.in
new file mode 100644
index 0000000..8b13789
--- /dev/null
+++ b/plugins/sudoers/regress/sudoers/test10.in
@@ -0,0 +1 @@
+
diff --git a/plugins/sudoers/regress/sudoers/test10.json.ok b/plugins/sudoers/regress/sudoers/test10.json.ok
new file mode 100644
index 0000000..2c63c08
--- /dev/null
+++ b/plugins/sudoers/regress/sudoers/test10.json.ok
@@ -0,0 +1,2 @@
+{
+}
diff --git a/plugins/sudoers/regress/sudoers/test10.ldif.ok b/plugins/sudoers/regress/sudoers/test10.ldif.ok
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/plugins/sudoers/regress/sudoers/test10.ldif.ok
diff --git a/plugins/sudoers/regress/sudoers/test10.out.ok b/plugins/sudoers/regress/sudoers/test10.out.ok
new file mode 100644
index 0000000..40c742d
--- /dev/null
+++ b/plugins/sudoers/regress/sudoers/test10.out.ok
@@ -0,0 +1,2 @@
+Parses OK.
+
diff --git a/plugins/sudoers/regress/sudoers/test10.toke.ok b/plugins/sudoers/regress/sudoers/test10.toke.ok
new file mode 100644
index 0000000..8b13789
--- /dev/null
+++ b/plugins/sudoers/regress/sudoers/test10.toke.ok
@@ -0,0 +1 @@
+
diff --git a/plugins/sudoers/regress/sudoers/test11.in b/plugins/sudoers/regress/sudoers/test11.in
new file mode 100644
index 0000000..5ffba7b
--- /dev/null
+++ b/plugins/sudoers/regress/sudoers/test11.in
@@ -0,0 +1 @@
+bogus
diff --git a/plugins/sudoers/regress/sudoers/test11.json.ok b/plugins/sudoers/regress/sudoers/test11.json.ok
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/plugins/sudoers/regress/sudoers/test11.json.ok
diff --git a/plugins/sudoers/regress/sudoers/test11.ldif.ok b/plugins/sudoers/regress/sudoers/test11.ldif.ok
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/plugins/sudoers/regress/sudoers/test11.ldif.ok
diff --git a/plugins/sudoers/regress/sudoers/test11.out.ok b/plugins/sudoers/regress/sudoers/test11.out.ok
new file mode 100644
index 0000000..9b2e9d6
--- /dev/null
+++ b/plugins/sudoers/regress/sudoers/test11.out.ok
@@ -0,0 +1,2 @@
+Parse error in sudoers near line 1.
+
diff --git a/plugins/sudoers/regress/sudoers/test11.toke.ok b/plugins/sudoers/regress/sudoers/test11.toke.ok
new file mode 100644
index 0000000..d57d6c3
--- /dev/null
+++ b/plugins/sudoers/regress/sudoers/test11.toke.ok
@@ -0,0 +1,2 @@
+WORD(5) 
+<*> 
\ No newline at end of file
diff --git a/plugins/sudoers/regress/sudoers/test12.in b/plugins/sudoers/regress/sudoers/test12.in
new file mode 100644
index 0000000..23bda4a
--- /dev/null
+++ b/plugins/sudoers/regress/sudoers/test12.in
@@ -0,0 +1 @@
+user ALL = (ALL)
diff --git a/plugins/sudoers/regress/sudoers/test12.json.ok b/plugins/sudoers/regress/sudoers/test12.json.ok
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/plugins/sudoers/regress/sudoers/test12.json.ok
diff --git a/plugins/sudoers/regress/sudoers/test12.ldif.ok b/plugins/sudoers/regress/sudoers/test12.ldif.ok
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/plugins/sudoers/regress/sudoers/test12.ldif.ok
diff --git a/plugins/sudoers/regress/sudoers/test12.out.ok b/plugins/sudoers/regress/sudoers/test12.out.ok
new file mode 100644
index 0000000..9b2e9d6
--- /dev/null
+++ b/plugins/sudoers/regress/sudoers/test12.out.ok
@@ -0,0 +1,2 @@
+Parse error in sudoers near line 1.
+
diff --git a/plugins/sudoers/regress/sudoers/test12.toke.ok b/plugins/sudoers/regress/sudoers/test12.toke.ok
new file mode 100644
index 0000000..a1995f0
--- /dev/null
+++ b/plugins/sudoers/regress/sudoers/test12.toke.ok
@@ -0,0 +1,2 @@
+WORD(5) ALL = ( ALL ) 
+<*> 
\ No newline at end of file
diff --git a/plugins/sudoers/regress/sudoers/test13.in b/plugins/sudoers/regress/sudoers/test13.in
new file mode 100644
index 0000000..b8002bc
--- /dev/null
+++ b/plugins/sudoers/regress/sudoers/test13.in
@@ -0,0 +1 @@
+user ALL = (ALL)
\ No newline at end of file
diff --git a/plugins/sudoers/regress/sudoers/test13.json.ok b/plugins/sudoers/regress/sudoers/test13.json.ok
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/plugins/sudoers/regress/sudoers/test13.json.ok
diff --git a/plugins/sudoers/regress/sudoers/test13.ldif.ok b/plugins/sudoers/regress/sudoers/test13.ldif.ok
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/plugins/sudoers/regress/sudoers/test13.ldif.ok
diff --git a/plugins/sudoers/regress/sudoers/test13.out.ok b/plugins/sudoers/regress/sudoers/test13.out.ok
new file mode 100644
index 0000000..9b2e9d6
--- /dev/null
+++ b/plugins/sudoers/regress/sudoers/test13.out.ok
@@ -0,0 +1,2 @@
+Parse error in sudoers near line 1.
+
diff --git a/plugins/sudoers/regress/sudoers/test13.toke.ok b/plugins/sudoers/regress/sudoers/test13.toke.ok
new file mode 100644
index 0000000..e189ffd
--- /dev/null
+++ b/plugins/sudoers/regress/sudoers/test13.toke.ok
@@ -0,0 +1 @@
+WORD(5) ALL = ( ALL ) <*> 
\ No newline at end of file
diff --git a/plugins/sudoers/regress/sudoers/test14.in b/plugins/sudoers/regress/sudoers/test14.in
new file mode 100644
index 0000000..05fafda
--- /dev/null
+++ b/plugins/sudoers/regress/sudoers/test14.in
@@ -0,0 +1,4 @@
+Cmnd_Alias LS = sha224:d06a2617c98d377c250edd470fd5e576327748d82915d6e33b5f8db1 /bin/ls
+Cmnd_Alias SH = sha256:hOtoe/iK6SlGg7w4BfZBBdSsXjUmTJ5+ts51yjh7vkM= /bin/sh
+
+millert ALL = LS, SH, sha512:srzYEQ2aqzm+it3f74opTMkIImZRLxBARVpb0g9RSouJYdLt7DTRMEY4Ry9NyaOiDoUIplpNjqYH0JMYPVdFnw /bin/kill
diff --git a/plugins/sudoers/regress/sudoers/test14.json.ok b/plugins/sudoers/regress/sudoers/test14.json.ok
new file mode 100644
index 0000000..46f8b21
--- /dev/null
+++ b/plugins/sudoers/regress/sudoers/test14.json.ok
@@ -0,0 +1,38 @@
+{
+    "Command_Aliases": {
+        "LS": [
+            {
+                "command": "/bin/ls",
+                "sha224": "d06a2617c98d377c250edd470fd5e576327748d82915d6e33b5f8db1"
+            }
+        ],
+        "SH": [
+            {
+                "command": "/bin/sh",
+                "sha256": "hOtoe/iK6SlGg7w4BfZBBdSsXjUmTJ5+ts51yjh7vkM="
+            }
+        ]
+    },
+    "User_Specs": [
+        {
+            "User_List": [
+                { "username": "millert" }
+            ],
+            "Host_List": [
+                { "hostname": "ALL" }
+            ],
+            "Cmnd_Specs": [
+                {
+                    "Commands": [
+                        { "cmndalias": "LS" },
+                        { "cmndalias": "SH" },
+                        {
+                            "command": "/bin/kill",
+                            "sha512": "srzYEQ2aqzm+it3f74opTMkIImZRLxBARVpb0g9RSouJYdLt7DTRMEY4Ry9NyaOiDoUIplpNjqYH0JMYPVdFnw"
+                        }
+                    ]
+                }
+            ]
+        }
+    ]
+}
diff --git a/plugins/sudoers/regress/sudoers/test14.ldif.ok b/plugins/sudoers/regress/sudoers/test14.ldif.ok
new file mode 100644
index 0000000..abb4886
--- /dev/null
+++ b/plugins/sudoers/regress/sudoers/test14.ldif.ok
@@ -0,0 +1,11 @@
+dn: cn=millert,ou=SUDOers,dc=sudo,dc=ws
+objectClass: top
+objectClass: sudoRole
+cn: millert
+sudoUser: millert
+sudoHost: ALL
+sudoCommand: sha224:d06a2617c98d377c250edd470fd5e576327748d82915d6e33b5f8db1 /bin/ls
+sudoCommand: sha256:hOtoe/iK6SlGg7w4BfZBBdSsXjUmTJ5+ts51yjh7vkM= /bin/sh
+sudoCommand: sha512:srzYEQ2aqzm+it3f74opTMkIImZRLxBARVpb0g9RSouJYdLt7DTRMEY4Ry9NyaOiDoUIplpNjqYH0JMYPVdFnw /bin/kill
+sudoOrder: 1
+
diff --git a/plugins/sudoers/regress/sudoers/test14.ldif2sudo.ok b/plugins/sudoers/regress/sudoers/test14.ldif2sudo.ok
new file mode 100644
index 0000000..6bc0156
--- /dev/null
+++ b/plugins/sudoers/regress/sudoers/test14.ldif2sudo.ok
@@ -0,0 +1,5 @@
+# sudoRole millert
+millert ALL = sha224:d06a2617c98d377c250edd470fd5e576327748d82915d6e33b5f8db1\
+    /bin/ls, sha256:hOtoe/iK6SlGg7w4BfZBBdSsXjUmTJ5+ts51yjh7vkM= /bin/sh,\
+    sha512:srzYEQ2aqzm+it3f74opTMkIImZRLxBARVpb0g9RSouJYdLt7DTRMEY4Ry9NyaOiDoUIplpNjqYH0JMYPVdFnw\
+    /bin/kill
diff --git a/plugins/sudoers/regress/sudoers/test14.out.ok b/plugins/sudoers/regress/sudoers/test14.out.ok
new file mode 100644
index 0000000..bfcb661
--- /dev/null
+++ b/plugins/sudoers/regress/sudoers/test14.out.ok
@@ -0,0 +1,6 @@
+Parses OK.
+
+Cmnd_Alias LS = sha224:d06a2617c98d377c250edd470fd5e576327748d82915d6e33b5f8db1 /bin/ls
+Cmnd_Alias SH = sha256:hOtoe/iK6SlGg7w4BfZBBdSsXjUmTJ5+ts51yjh7vkM= /bin/sh
+
+millert ALL = LS, SH, sha512:srzYEQ2aqzm+it3f74opTMkIImZRLxBARVpb0g9RSouJYdLt7DTRMEY4Ry9NyaOiDoUIplpNjqYH0JMYPVdFnw /bin/kill
diff --git a/plugins/sudoers/regress/sudoers/test14.toke.ok b/plugins/sudoers/regress/sudoers/test14.toke.ok
new file mode 100644
index 0000000..7cb5aea
--- /dev/null
+++ b/plugins/sudoers/regress/sudoers/test14.toke.ok
@@ -0,0 +1,4 @@
+CMNDALIAS ALIAS = SHA224_TOK : DIGEST COMMAND 
+CMNDALIAS ALIAS = SHA256_TOK : DIGEST COMMAND 
+
+WORD(5) ALL = ALIAS , ALIAS , SHA512_TOK : DIGEST COMMAND 
diff --git a/plugins/sudoers/regress/sudoers/test15.in b/plugins/sudoers/regress/sudoers/test15.in
new file mode 100644
index 0000000..11bcb13
--- /dev/null
+++ b/plugins/sudoers/regress/sudoers/test15.in
@@ -0,0 +1,2 @@
+# Test parsing of sudoedit rule
+user    ALL = sudoedit /etc/motd
diff --git a/plugins/sudoers/regress/sudoers/test15.json.ok b/plugins/sudoers/regress/sudoers/test15.json.ok
new file mode 100644
index 0000000..ff1795a
--- /dev/null
+++ b/plugins/sudoers/regress/sudoers/test15.json.ok
@@ -0,0 +1,19 @@
+{
+    "User_Specs": [
+        {
+            "User_List": [
+                { "username": "user" }
+            ],
+            "Host_List": [
+                { "hostname": "ALL" }
+            ],
+            "Cmnd_Specs": [
+                {
+                    "Commands": [
+                        { "command": "sudoedit /etc/motd" }
+                    ]
+                }
+            ]
+        }
+    ]
+}
diff --git a/plugins/sudoers/regress/sudoers/test15.ldif.ok b/plugins/sudoers/regress/sudoers/test15.ldif.ok
new file mode 100644
index 0000000..ac35ba0
--- /dev/null
+++ b/plugins/sudoers/regress/sudoers/test15.ldif.ok
@@ -0,0 +1,9 @@
+dn: cn=user,ou=SUDOers,dc=sudo,dc=ws
+objectClass: top
+objectClass: sudoRole
+cn: user
+sudoUser: user
+sudoHost: ALL
+sudoCommand: sudoedit /etc/motd
+sudoOrder: 1
+
diff --git a/plugins/sudoers/regress/sudoers/test15.ldif2sudo.ok b/plugins/sudoers/regress/sudoers/test15.ldif2sudo.ok
new file mode 100644
index 0000000..775d59e
--- /dev/null
+++ b/plugins/sudoers/regress/sudoers/test15.ldif2sudo.ok
@@ -0,0 +1,2 @@
+# sudoRole user
+user ALL = sudoedit /etc/motd
diff --git a/plugins/sudoers/regress/sudoers/test15.out.ok b/plugins/sudoers/regress/sudoers/test15.out.ok
new file mode 100644
index 0000000..fb43c8c
--- /dev/null
+++ b/plugins/sudoers/regress/sudoers/test15.out.ok
@@ -0,0 +1,3 @@
+Parses OK.
+
+user ALL = sudoedit /etc/motd
diff --git a/plugins/sudoers/regress/sudoers/test15.toke.ok b/plugins/sudoers/regress/sudoers/test15.toke.ok
new file mode 100644
index 0000000..c26de2e
--- /dev/null
+++ b/plugins/sudoers/regress/sudoers/test15.toke.ok
@@ -0,0 +1,2 @@
+#
+WORD(5) ALL = COMMAND ARG 
diff --git a/plugins/sudoers/regress/sudoers/test16.in b/plugins/sudoers/regress/sudoers/test16.in
new file mode 100644
index 0000000..d2a79ea
--- /dev/null
+++ b/plugins/sudoers/regress/sudoers/test16.in
@@ -0,0 +1,3 @@
+# Test parsing of sudoedit rule in a Cmnd_Alias
+Cmnd_Alias EDIT = sudoedit /etc/motd
+user    ALL = EDIT
diff --git a/plugins/sudoers/regress/sudoers/test16.json.ok b/plugins/sudoers/regress/sudoers/test16.json.ok
new file mode 100644
index 0000000..7c42654
--- /dev/null
+++ b/plugins/sudoers/regress/sudoers/test16.json.ok
@@ -0,0 +1,24 @@
+{
+    "Command_Aliases": {
+        "EDIT": [
+            { "command": "sudoedit /etc/motd" }
+        ]
+    },
+    "User_Specs": [
+        {
+            "User_List": [
+                { "username": "user" }
+            ],
+            "Host_List": [
+                { "hostname": "ALL" }
+            ],
+            "Cmnd_Specs": [
+                {
+                    "Commands": [
+                        { "cmndalias": "EDIT" }
+                    ]
+                }
+            ]
+        }
+    ]
+}
diff --git a/plugins/sudoers/regress/sudoers/test16.ldif.ok b/plugins/sudoers/regress/sudoers/test16.ldif.ok
new file mode 100644
index 0000000..ac35ba0
--- /dev/null
+++ b/plugins/sudoers/regress/sudoers/test16.ldif.ok
@@ -0,0 +1,9 @@
+dn: cn=user,ou=SUDOers,dc=sudo,dc=ws
+objectClass: top
+objectClass: sudoRole
+cn: user
+sudoUser: user
+sudoHost: ALL
+sudoCommand: sudoedit /etc/motd
+sudoOrder: 1
+
diff --git a/plugins/sudoers/regress/sudoers/test16.ldif2sudo.ok b/plugins/sudoers/regress/sudoers/test16.ldif2sudo.ok
new file mode 100644
index 0000000..775d59e
--- /dev/null
+++ b/plugins/sudoers/regress/sudoers/test16.ldif2sudo.ok
@@ -0,0 +1,2 @@
+# sudoRole user
+user ALL = sudoedit /etc/motd
diff --git a/plugins/sudoers/regress/sudoers/test16.out.ok b/plugins/sudoers/regress/sudoers/test16.out.ok
new file mode 100644
index 0000000..f541242
--- /dev/null
+++ b/plugins/sudoers/regress/sudoers/test16.out.ok
@@ -0,0 +1,5 @@
+Parses OK.
+
+Cmnd_Alias EDIT = sudoedit /etc/motd
+
+user ALL = EDIT
diff --git a/plugins/sudoers/regress/sudoers/test16.toke.ok b/plugins/sudoers/regress/sudoers/test16.toke.ok
new file mode 100644
index 0000000..9b8c41b
--- /dev/null
+++ b/plugins/sudoers/regress/sudoers/test16.toke.ok
@@ -0,0 +1,3 @@
+#
+CMNDALIAS ALIAS = COMMAND ARG 
+WORD(5) ALL = ALIAS 
diff --git a/plugins/sudoers/regress/sudoers/test17.in b/plugins/sudoers/regress/sudoers/test17.in
new file mode 100644
index 0000000..37d066c
--- /dev/null
+++ b/plugins/sudoers/regress/sudoers/test17.in
@@ -0,0 +1,13 @@
+# Test parsing of command_timeout and TIMEOUT syntax
+Defaults command_timeout=2d8h10m59s
+user0	ALL = TIMEOUT=7D4H10M30S /usr/bin/id, /usr/bin/who, TIMEOUT=0 /bin/ls
+user1	ALL = TIMEOUT=7d4h10m30s /usr/bin/id
+user2	ALL = TIMEOUT=4h10m30s /usr/bin/id
+user3	ALL = TIMEOUT=10m30s /usr/bin/id
+user4	ALL = TIMEOUT=14d /usr/bin/id
+user5	ALL = TIMEOUT=5m /usr/bin/id
+user6	ALL = TIMEOUT=30s /usr/bin/id
+user7	ALL = TIMEOUT=45 /usr/bin/id
+user8	ALL = TIMEOUT=7d4h10m30s /usr/bin/id, TIMEOUT=4h10m30s /usr/bin/id, \
+	      TIMEOUT=10m30s /usr/bin/id, TIMEOUT=14d /usr/bin/id, \
+	      TIMEOUT=5m /usr/bin/id, TIMEOUT=30s /usr/bin/id
diff --git a/plugins/sudoers/regress/sudoers/test17.json.ok b/plugins/sudoers/regress/sudoers/test17.json.ok
new file mode 100644
index 0000000..2f39a37
--- /dev/null
+++ b/plugins/sudoers/regress/sudoers/test17.json.ok
@@ -0,0 +1,180 @@
+{
+    "Defaults": [
+        {
+            "Options": [
+                { "command_timeout": "2d8h10m59s" }
+            ]
+        }
+    ],
+    "User_Specs": [
+        {
+            "User_List": [
+                { "username": "user0" }
+            ],
+            "Host_List": [
+                { "hostname": "ALL" }
+            ],
+            "Cmnd_Specs": [
+                {
+                    "Options": [
+                        { "command_timeout": 619830 }
+                    ],
+                    "Commands": [
+                        { "command": "/usr/bin/id" },
+                        { "command": "/usr/bin/who" },
+                        { "command": "/bin/ls" }
+                    ]
+                }
+            ]
+        },
+        {
+            "User_List": [
+                { "username": "user1" }
+            ],
+            "Host_List": [
+                { "hostname": "ALL" }
+            ],
+            "Cmnd_Specs": [
+                {
+                    "Options": [
+                        { "command_timeout": 619830 }
+                    ],
+                    "Commands": [
+                        { "command": "/usr/bin/id" }
+                    ]
+                }
+            ]
+        },
+        {
+            "User_List": [
+                { "username": "user2" }
+            ],
+            "Host_List": [
+                { "hostname": "ALL" }
+            ],
+            "Cmnd_Specs": [
+                {
+                    "Options": [
+                        { "command_timeout": 15030 }
+                    ],
+                    "Commands": [
+                        { "command": "/usr/bin/id" }
+                    ]
+                }
+            ]
+        },
+        {
+            "User_List": [
+                { "username": "user3" }
+            ],
+            "Host_List": [
+                { "hostname": "ALL" }
+            ],
+            "Cmnd_Specs": [
+                {
+                    "Options": [
+                        { "command_timeout": 630 }
+                    ],
+                    "Commands": [
+                        { "command": "/usr/bin/id" }
+                    ]
+                }
+            ]
+        },
+        {
+            "User_List": [
+                { "username": "user4" }
+            ],
+            "Host_List": [
+                { "hostname": "ALL" }
+            ],
+            "Cmnd_Specs": [
+                {
+                    "Options": [
+                        { "command_timeout": 1209600 }
+                    ],
+                    "Commands": [
+                        { "command": "/usr/bin/id" }
+                    ]
+                }
+            ]
+        },
+        {
+            "User_List": [
+                { "username": "user5" }
+            ],
+            "Host_List": [
+                { "hostname": "ALL" }
+            ],
+            "Cmnd_Specs": [
+                {
+                    "Options": [
+                        { "command_timeout": 300 }
+                    ],
+                    "Commands": [
+                        { "command": "/usr/bin/id" }
+                    ]
+                }
+            ]
+        },
+        {
+            "User_List": [
+                { "username": "user6" }
+            ],
+            "Host_List": [
+                { "hostname": "ALL" }
+            ],
+            "Cmnd_Specs": [
+                {
+                    "Options": [
+                        { "command_timeout": 30 }
+                    ],
+                    "Commands": [
+                        { "command": "/usr/bin/id" }
+                    ]
+                }
+            ]
+        },
+        {
+            "User_List": [
+                { "username": "user7" }
+            ],
+            "Host_List": [
+                { "hostname": "ALL" }
+            ],
+            "Cmnd_Specs": [
+                {
+                    "Options": [
+                        { "command_timeout": 45 }
+                    ],
+                    "Commands": [
+                        { "command": "/usr/bin/id" }
+                    ]
+                }
+            ]
+        },
+        {
+            "User_List": [
+                { "username": "user8" }
+            ],
+            "Host_List": [
+                { "hostname": "ALL" }
+            ],
+            "Cmnd_Specs": [
+                {
+                    "Options": [
+                        { "command_timeout": 619830 }
+                    ],
+                    "Commands": [
+                        { "command": "/usr/bin/id" },
+                        { "command": "/usr/bin/id" },
+                        { "command": "/usr/bin/id" },
+                        { "command": "/usr/bin/id" },
+                        { "command": "/usr/bin/id" },
+                        { "command": "/usr/bin/id" }
+                    ]
+                }
+            ]
+        }
+    ]
+}
diff --git a/plugins/sudoers/regress/sudoers/test17.ldif.ok b/plugins/sudoers/regress/sudoers/test17.ldif.ok
new file mode 100644
index 0000000..bdc784c
--- /dev/null
+++ b/plugins/sudoers/regress/sudoers/test17.ldif.ok
@@ -0,0 +1,104 @@
+dn: cn=defaults,ou=SUDOers,dc=sudo,dc=ws
+objectClass: top
+objectClass: sudoRole
+cn: defaults
+description: Default sudoOption's go here
+sudoOption: command_timeout=2d8h10m59s
+
+dn: cn=user0,ou=SUDOers,dc=sudo,dc=ws
+objectClass: top
+objectClass: sudoRole
+cn: user0
+sudoUser: user0
+sudoHost: ALL
+sudoOption: command_timeout=619830
+sudoCommand: /usr/bin/id
+sudoCommand: /usr/bin/who
+sudoCommand: /bin/ls
+sudoOrder: 1
+
+dn: cn=user1,ou=SUDOers,dc=sudo,dc=ws
+objectClass: top
+objectClass: sudoRole
+cn: user1
+sudoUser: user1
+sudoHost: ALL
+sudoOption: command_timeout=619830
+sudoCommand: /usr/bin/id
+sudoOrder: 2
+
+dn: cn=user2,ou=SUDOers,dc=sudo,dc=ws
+objectClass: top
+objectClass: sudoRole
+cn: user2
+sudoUser: user2
+sudoHost: ALL
+sudoOption: command_timeout=15030
+sudoCommand: /usr/bin/id
+sudoOrder: 3
+
+dn: cn=user3,ou=SUDOers,dc=sudo,dc=ws
+objectClass: top
+objectClass: sudoRole
+cn: user3
+sudoUser: user3
+sudoHost: ALL
+sudoOption: command_timeout=630
+sudoCommand: /usr/bin/id
+sudoOrder: 4
+
+dn: cn=user4,ou=SUDOers,dc=sudo,dc=ws
+objectClass: top
+objectClass: sudoRole
+cn: user4
+sudoUser: user4
+sudoHost: ALL
+sudoOption: command_timeout=1209600
+sudoCommand: /usr/bin/id
+sudoOrder: 5
+
+dn: cn=user5,ou=SUDOers,dc=sudo,dc=ws
+objectClass: top
+objectClass: sudoRole
+cn: user5
+sudoUser: user5
+sudoHost: ALL
+sudoOption: command_timeout=300
+sudoCommand: /usr/bin/id
+sudoOrder: 6
+
+dn: cn=user6,ou=SUDOers,dc=sudo,dc=ws
+objectClass: top
+objectClass: sudoRole
+cn: user6
+sudoUser: user6
+sudoHost: ALL
+sudoOption: command_timeout=30
+sudoCommand: /usr/bin/id
+sudoOrder: 7
+
+dn: cn=user7,ou=SUDOers,dc=sudo,dc=ws
+objectClass: top
+objectClass: sudoRole
+cn: user7
+sudoUser: user7
+sudoHost: ALL
+sudoOption: command_timeout=45
+sudoCommand: /usr/bin/id
+sudoOrder: 8
+
+dn: cn=user8,ou=SUDOers,dc=sudo,dc=ws
+objectClass: top
+objectClass: sudoRole
+cn: user8
+sudoUser: user8
+sudoHost: ALL
+sudoOption: command_timeout=619830
+sudoCommand: /usr/bin/id
+sudoCommand: /usr/bin/id
+sudoCommand: /usr/bin/id
+sudoCommand: /usr/bin/id
+sudoCommand: /usr/bin/id
+sudoCommand: /usr/bin/id
+sudoOrder: 9
+
diff --git a/plugins/sudoers/regress/sudoers/test17.ldif2sudo.ok b/plugins/sudoers/regress/sudoers/test17.ldif2sudo.ok
new file mode 100644
index 0000000..608f52f
--- /dev/null
+++ b/plugins/sudoers/regress/sudoers/test17.ldif2sudo.ok
@@ -0,0 +1,29 @@
+Defaults command_timeout=2d8h10m59s
+
+# sudoRole user0
+user0 ALL = TIMEOUT=619830 /usr/bin/id, /usr/bin/who, /bin/ls
+
+# sudoRole user1
+user1 ALL = TIMEOUT=619830 /usr/bin/id
+
+# sudoRole user2
+user2 ALL = TIMEOUT=15030 /usr/bin/id
+
+# sudoRole user3
+user3 ALL = TIMEOUT=630 /usr/bin/id
+
+# sudoRole user4
+user4 ALL = TIMEOUT=1209600 /usr/bin/id
+
+# sudoRole user5
+user5 ALL = TIMEOUT=300 /usr/bin/id
+
+# sudoRole user6
+user6 ALL = TIMEOUT=30 /usr/bin/id
+
+# sudoRole user7
+user7 ALL = TIMEOUT=45 /usr/bin/id
+
+# sudoRole user8
+user8 ALL = TIMEOUT=619830 /usr/bin/id, /usr/bin/id, /usr/bin/id, /usr/bin/id,\
+    /usr/bin/id, /usr/bin/id
diff --git a/plugins/sudoers/regress/sudoers/test17.out.ok b/plugins/sudoers/regress/sudoers/test17.out.ok
new file mode 100644
index 0000000..4a2c26d
--- /dev/null
+++ b/plugins/sudoers/regress/sudoers/test17.out.ok
@@ -0,0 +1,13 @@
+Parses OK.
+
+Defaults command_timeout=2d8h10m59s
+
+user0 ALL = TIMEOUT=619830 /usr/bin/id, /usr/bin/who, /bin/ls
+user1 ALL = TIMEOUT=619830 /usr/bin/id
+user2 ALL = TIMEOUT=15030 /usr/bin/id
+user3 ALL = TIMEOUT=630 /usr/bin/id
+user4 ALL = TIMEOUT=1209600 /usr/bin/id
+user5 ALL = TIMEOUT=300 /usr/bin/id
+user6 ALL = TIMEOUT=30 /usr/bin/id
+user7 ALL = TIMEOUT=45 /usr/bin/id
+user8 ALL = TIMEOUT=619830 /usr/bin/id, TIMEOUT=15030 /usr/bin/id, TIMEOUT=630 /usr/bin/id, TIMEOUT=1209600 /usr/bin/id, TIMEOUT=300 /usr/bin/id, TIMEOUT=30 /usr/bin/id
diff --git a/plugins/sudoers/regress/sudoers/test17.toke.ok b/plugins/sudoers/regress/sudoers/test17.toke.ok
new file mode 100644
index 0000000..17bb5fb
--- /dev/null
+++ b/plugins/sudoers/regress/sudoers/test17.toke.ok
@@ -0,0 +1,11 @@
+#
+DEFAULTS DEFVAR = WORD(2) 
+WORD(5) ALL = CMND_TIMEOUT = WORD(5) COMMAND , COMMAND , CMND_TIMEOUT = WORD(5) COMMAND 
+WORD(5) ALL = CMND_TIMEOUT = WORD(5) COMMAND 
+WORD(5) ALL = CMND_TIMEOUT = WORD(5) COMMAND 
+WORD(5) ALL = CMND_TIMEOUT = WORD(5) COMMAND 
+WORD(5) ALL = CMND_TIMEOUT = WORD(5) COMMAND 
+WORD(5) ALL = CMND_TIMEOUT = WORD(5) COMMAND 
+WORD(5) ALL = CMND_TIMEOUT = WORD(5) COMMAND 
+WORD(5) ALL = CMND_TIMEOUT = WORD(5) COMMAND 
+WORD(5) ALL = CMND_TIMEOUT = WORD(5) COMMAND , CMND_TIMEOUT = WORD(5) COMMAND , CMND_TIMEOUT = WORD(5) COMMAND , CMND_TIMEOUT = WORD(5) COMMAND , CMND_TIMEOUT = WORD(5) COMMAND , CMND_TIMEOUT = WORD(5) COMMAND 
diff --git a/plugins/sudoers/regress/sudoers/test18.in b/plugins/sudoers/regress/sudoers/test18.in
new file mode 100644
index 0000000..8d94ec7
--- /dev/null
+++ b/plugins/sudoers/regress/sudoers/test18.in
@@ -0,0 +1,8 @@
+# Test command_timeout and TIMEOUT syntax errors
+Defaults command_timeout=2d8h10m59ss
+Defaults:root command_timeout=15f
+user0	ALL = TIMEOUT=7dd4h10m30s /usr/bin/id, /usr/bin/who, TIMEOUT=0 /bin/ls
+user1	ALL = TIMEOUT=7d4h10mm30s /usr/bin/id
+user2	ALL = TIMEOUT=4hg10m30s /usr/bin/id
+user3	ALL = TIMEOUT=10m30ss /usr/bin/id
+user4	ALL = TIMEOUT=14g /usr/bin/id
diff --git a/plugins/sudoers/regress/sudoers/test18.json.ok b/plugins/sudoers/regress/sudoers/test18.json.ok
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/plugins/sudoers/regress/sudoers/test18.json.ok
diff --git a/plugins/sudoers/regress/sudoers/test18.ldif.ok b/plugins/sudoers/regress/sudoers/test18.ldif.ok
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/plugins/sudoers/regress/sudoers/test18.ldif.ok
diff --git a/plugins/sudoers/regress/sudoers/test18.out.ok b/plugins/sudoers/regress/sudoers/test18.out.ok
new file mode 100644
index 0000000..ace1ca6
--- /dev/null
+++ b/plugins/sudoers/regress/sudoers/test18.out.ok
@@ -0,0 +1,4 @@
+Parse error in sudoers near line 4 (problem with defaults entries).
+
+Defaults command_timeout=2d8h10m59ss
+Defaults:root command_timeout=15f
diff --git a/plugins/sudoers/regress/sudoers/test18.toke.ok b/plugins/sudoers/regress/sudoers/test18.toke.ok
new file mode 100644
index 0000000..05fbaef
--- /dev/null
+++ b/plugins/sudoers/regress/sudoers/test18.toke.ok
@@ -0,0 +1,10 @@
+#
+DEFAULTS DEFVAR = WORD(2) 
+DEFAULTS_USER WORD(5) DEFVAR = WORD(2) 
+WORD(5) ALL = CMND_TIMEOUT = WORD(5) <*> COMMAND , COMMAND , CMND_TIMEOUT = WORD(5) COMMAND 
+WORD(5) ALL = CMND_TIMEOUT = WORD(5) <*> COMMAND 
+WORD(5) ALL = CMND_TIMEOUT = WORD(5) <*> COMMAND 
+WORD(5) ALL = CMND_TIMEOUT = WORD(5) <*> COMMAND 
+WORD(5) ALL = CMND_TIMEOUT = WORD(5) <*> COMMAND 
+testsudoers: sudoers:2 value "2d8h10m59ss" is invalid for option "command_timeout"
+testsudoers: sudoers:3 value "15f" is invalid for option "command_timeout"
diff --git a/plugins/sudoers/regress/sudoers/test19.in b/plugins/sudoers/regress/sudoers/test19.in
new file mode 100644
index 0000000..5f637a7
--- /dev/null
+++ b/plugins/sudoers/regress/sudoers/test19.in
@@ -0,0 +1,12 @@
+# Test parsing of NOTBEFORE and NOTAFTER syntax
+# Local time zone parsing is checked in visudo/test10.sh
+user0	ALL = NOTBEFORE=20170214083000Z NOTAFTER=20170301083000Z /usr/bin/id, /bin/ls
+user1	ALL = NOTBEFORE=201702140830Z /usr/bin/id, NOTAFTER=20170301083000Z /bin/ls
+user2	ALL = NOTBEFORE=201702140830.3Z /usr/bin/id
+user3	ALL = NOTBEFORE=2017021408Z /usr/bin/id
+user4	ALL = NOTBEFORE=2017021408.4Z /usr/bin/id
+user5	ALL = NOTBEFORE=20170214083000.5Z /usr/bin/id
+user6	ALL = NOTBEFORE=20170214083000\,5Z /usr/bin/id
+user7	ALL = NOTBEFORE=20170214033000-0500 /usr/bin/id
+user8	ALL = NOTBEFORE=20170214033000.0-0500 /usr/bin/id
+user9	ALL = NOTBEFORE=20170214033000\,0-0500 /usr/bin/id
diff --git a/plugins/sudoers/regress/sudoers/test19.json.ok b/plugins/sudoers/regress/sudoers/test19.json.ok
new file mode 100644
index 0000000..c9a1bfd
--- /dev/null
+++ b/plugins/sudoers/regress/sudoers/test19.json.ok
@@ -0,0 +1,187 @@
+{
+    "User_Specs": [
+        {
+            "User_List": [
+                { "username": "user0" }
+            ],
+            "Host_List": [
+                { "hostname": "ALL" }
+            ],
+            "Cmnd_Specs": [
+                {
+                    "Options": [
+                        { "notbefore": "20170214083000Z" },
+                        { "notafter": "20170301083000Z" }
+                    ],
+                    "Commands": [
+                        { "command": "/usr/bin/id" },
+                        { "command": "/bin/ls" }
+                    ]
+                }
+            ]
+        },
+        {
+            "User_List": [
+                { "username": "user1" }
+            ],
+            "Host_List": [
+                { "hostname": "ALL" }
+            ],
+            "Cmnd_Specs": [
+                {
+                    "Options": [
+                        { "notbefore": "20170214083000Z" }
+                    ],
+                    "Commands": [
+                        { "command": "/usr/bin/id" },
+                        { "command": "/bin/ls" }
+                    ]
+                }
+            ]
+        },
+        {
+            "User_List": [
+                { "username": "user2" }
+            ],
+            "Host_List": [
+                { "hostname": "ALL" }
+            ],
+            "Cmnd_Specs": [
+                {
+                    "Options": [
+                        { "notbefore": "20170214083018Z" }
+                    ],
+                    "Commands": [
+                        { "command": "/usr/bin/id" }
+                    ]
+                }
+            ]
+        },
+        {
+            "User_List": [
+                { "username": "user3" }
+            ],
+            "Host_List": [
+                { "hostname": "ALL" }
+            ],
+            "Cmnd_Specs": [
+                {
+                    "Options": [
+                        { "notbefore": "20170214080000Z" }
+                    ],
+                    "Commands": [
+                        { "command": "/usr/bin/id" }
+                    ]
+                }
+            ]
+        },
+        {
+            "User_List": [
+                { "username": "user4" }
+            ],
+            "Host_List": [
+                { "hostname": "ALL" }
+            ],
+            "Cmnd_Specs": [
+                {
+                    "Options": [
+                        { "notbefore": "20170214082400Z" }
+                    ],
+                    "Commands": [
+                        { "command": "/usr/bin/id" }
+                    ]
+                }
+            ]
+        },
+        {
+            "User_List": [
+                { "username": "user5" }
+            ],
+            "Host_List": [
+                { "hostname": "ALL" }
+            ],
+            "Cmnd_Specs": [
+                {
+                    "Options": [
+                        { "notbefore": "20170214083000Z" }
+                    ],
+                    "Commands": [
+                        { "command": "/usr/bin/id" }
+                    ]
+                }
+            ]
+        },
+        {
+            "User_List": [
+                { "username": "user6" }
+            ],
+            "Host_List": [
+                { "hostname": "ALL" }
+            ],
+            "Cmnd_Specs": [
+                {
+                    "Options": [
+                        { "notbefore": "20170214083000Z" }
+                    ],
+                    "Commands": [
+                        { "command": "/usr/bin/id" }
+                    ]
+                }
+            ]
+        },
+        {
+            "User_List": [
+                { "username": "user7" }
+            ],
+            "Host_List": [
+                { "hostname": "ALL" }
+            ],
+            "Cmnd_Specs": [
+                {
+                    "Options": [
+                        { "notbefore": "20170214083000Z" }
+                    ],
+                    "Commands": [
+                        { "command": "/usr/bin/id" }
+                    ]
+                }
+            ]
+        },
+        {
+            "User_List": [
+                { "username": "user8" }
+            ],
+            "Host_List": [
+                { "hostname": "ALL" }
+            ],
+            "Cmnd_Specs": [
+                {
+                    "Options": [
+                        { "notbefore": "20170214083000Z" }
+                    ],
+                    "Commands": [
+                        { "command": "/usr/bin/id" }
+                    ]
+                }
+            ]
+        },
+        {
+            "User_List": [
+                { "username": "user9" }
+            ],
+            "Host_List": [
+                { "hostname": "ALL" }
+            ],
+            "Cmnd_Specs": [
+                {
+                    "Options": [
+                        { "notbefore": "20170214083000Z" }
+                    ],
+                    "Commands": [
+                        { "command": "/usr/bin/id" }
+                    ]
+                }
+            ]
+        }
+    ]
+}
diff --git a/plugins/sudoers/regress/sudoers/test19.ldif.ok b/plugins/sudoers/regress/sudoers/test19.ldif.ok
new file mode 100644
index 0000000..362aa9e
--- /dev/null
+++ b/plugins/sudoers/regress/sudoers/test19.ldif.ok
@@ -0,0 +1,103 @@
+dn: cn=user0,ou=SUDOers,dc=sudo,dc=ws
+objectClass: top
+objectClass: sudoRole
+cn: user0
+sudoUser: user0
+sudoHost: ALL
+sudoNotBefore: 20170214083000Z
+sudoNotAfter: 20170301083000Z
+sudoCommand: /usr/bin/id
+sudoCommand: /bin/ls
+sudoOrder: 1
+
+dn: cn=user1,ou=SUDOers,dc=sudo,dc=ws
+objectClass: top
+objectClass: sudoRole
+cn: user1
+sudoUser: user1
+sudoHost: ALL
+sudoNotBefore: 20170214083000Z
+sudoCommand: /usr/bin/id
+sudoCommand: /bin/ls
+sudoOrder: 2
+
+dn: cn=user2,ou=SUDOers,dc=sudo,dc=ws
+objectClass: top
+objectClass: sudoRole
+cn: user2
+sudoUser: user2
+sudoHost: ALL
+sudoNotBefore: 20170214083018Z
+sudoCommand: /usr/bin/id
+sudoOrder: 3
+
+dn: cn=user3,ou=SUDOers,dc=sudo,dc=ws
+objectClass: top
+objectClass: sudoRole
+cn: user3
+sudoUser: user3
+sudoHost: ALL
+sudoNotBefore: 20170214080000Z
+sudoCommand: /usr/bin/id
+sudoOrder: 4
+
+dn: cn=user4,ou=SUDOers,dc=sudo,dc=ws
+objectClass: top
+objectClass: sudoRole
+cn: user4
+sudoUser: user4
+sudoHost: ALL
+sudoNotBefore: 20170214082400Z
+sudoCommand: /usr/bin/id
+sudoOrder: 5
+
+dn: cn=user5,ou=SUDOers,dc=sudo,dc=ws
+objectClass: top
+objectClass: sudoRole
+cn: user5
+sudoUser: user5
+sudoHost: ALL
+sudoNotBefore: 20170214083000Z
+sudoCommand: /usr/bin/id
+sudoOrder: 6
+
+dn: cn=user6,ou=SUDOers,dc=sudo,dc=ws
+objectClass: top
+objectClass: sudoRole
+cn: user6
+sudoUser: user6
+sudoHost: ALL
+sudoNotBefore: 20170214083000Z
+sudoCommand: /usr/bin/id
+sudoOrder: 7
+
+dn: cn=user7,ou=SUDOers,dc=sudo,dc=ws
+objectClass: top
+objectClass: sudoRole
+cn: user7
+sudoUser: user7
+sudoHost: ALL
+sudoNotBefore: 20170214083000Z
+sudoCommand: /usr/bin/id
+sudoOrder: 8
+
+dn: cn=user8,ou=SUDOers,dc=sudo,dc=ws
+objectClass: top
+objectClass: sudoRole
+cn: user8
+sudoUser: user8
+sudoHost: ALL
+sudoNotBefore: 20170214083000Z
+sudoCommand: /usr/bin/id
+sudoOrder: 9
+
+dn: cn=user9,ou=SUDOers,dc=sudo,dc=ws
+objectClass: top
+objectClass: sudoRole
+cn: user9
+sudoUser: user9
+sudoHost: ALL
+sudoNotBefore: 20170214083000Z
+sudoCommand: /usr/bin/id
+sudoOrder: 10
+
diff --git a/plugins/sudoers/regress/sudoers/test19.ldif2sudo.ok b/plugins/sudoers/regress/sudoers/test19.ldif2sudo.ok
new file mode 100644
index 0000000..1aef1bc
--- /dev/null
+++ b/plugins/sudoers/regress/sudoers/test19.ldif2sudo.ok
@@ -0,0 +1,30 @@
+# sudoRole user0
+user0 ALL = NOTBEFORE=20170214083000Z NOTAFTER=20170301083000Z /usr/bin/id,\
+    /bin/ls
+
+# sudoRole user1
+user1 ALL = NOTBEFORE=20170214083000Z /usr/bin/id, /bin/ls
+
+# sudoRole user2
+user2 ALL = NOTBEFORE=20170214083018Z /usr/bin/id
+
+# sudoRole user3
+user3 ALL = NOTBEFORE=20170214080000Z /usr/bin/id
+
+# sudoRole user4
+user4 ALL = NOTBEFORE=20170214082400Z /usr/bin/id
+
+# sudoRole user5
+user5 ALL = NOTBEFORE=20170214083000Z /usr/bin/id
+
+# sudoRole user6
+user6 ALL = NOTBEFORE=20170214083000Z /usr/bin/id
+
+# sudoRole user7
+user7 ALL = NOTBEFORE=20170214083000Z /usr/bin/id
+
+# sudoRole user8
+user8 ALL = NOTBEFORE=20170214083000Z /usr/bin/id
+
+# sudoRole user9
+user9 ALL = NOTBEFORE=20170214083000Z /usr/bin/id
diff --git a/plugins/sudoers/regress/sudoers/test19.out.ok b/plugins/sudoers/regress/sudoers/test19.out.ok
new file mode 100644
index 0000000..8d7974e
--- /dev/null
+++ b/plugins/sudoers/regress/sudoers/test19.out.ok
@@ -0,0 +1,12 @@
+Parses OK.
+
+user0 ALL = NOTBEFORE=20170214083000Z NOTAFTER=20170301083000Z /usr/bin/id, /bin/ls
+user1 ALL = NOTBEFORE=20170214083000Z /usr/bin/id, NOTAFTER=20170301083000Z /bin/ls
+user2 ALL = NOTBEFORE=20170214083018Z /usr/bin/id
+user3 ALL = NOTBEFORE=20170214080000Z /usr/bin/id
+user4 ALL = NOTBEFORE=20170214082400Z /usr/bin/id
+user5 ALL = NOTBEFORE=20170214083000Z /usr/bin/id
+user6 ALL = NOTBEFORE=20170214083000Z /usr/bin/id
+user7 ALL = NOTBEFORE=20170214083000Z /usr/bin/id
+user8 ALL = NOTBEFORE=20170214083000Z /usr/bin/id
+user9 ALL = NOTBEFORE=20170214083000Z /usr/bin/id
diff --git a/plugins/sudoers/regress/sudoers/test19.toke.ok b/plugins/sudoers/regress/sudoers/test19.toke.ok
new file mode 100644
index 0000000..45c5d27
--- /dev/null
+++ b/plugins/sudoers/regress/sudoers/test19.toke.ok
@@ -0,0 +1,12 @@
+#
+#
+WORD(5) ALL = NOTBEFORE = WORD(5) NOTAFTER = WORD(5) COMMAND , COMMAND 
+WORD(5) ALL = NOTBEFORE = WORD(5) COMMAND , NOTAFTER = WORD(5) COMMAND 
+WORD(5) ALL = NOTBEFORE = WORD(5) COMMAND 
+WORD(5) ALL = NOTBEFORE = WORD(5) COMMAND 
+WORD(5) ALL = NOTBEFORE = WORD(5) COMMAND 
+WORD(5) ALL = NOTBEFORE = WORD(5) COMMAND 
+WORD(5) ALL = NOTBEFORE = WORD(5) COMMAND 
+WORD(5) ALL = NOTBEFORE = WORD(5) COMMAND 
+WORD(5) ALL = NOTBEFORE = WORD(5) COMMAND 
+WORD(5) ALL = NOTBEFORE = WORD(5) COMMAND 
diff --git a/plugins/sudoers/regress/sudoers/test2.in b/plugins/sudoers/regress/sudoers/test2.in
new file mode 100644
index 0000000..cfdfaa3
--- /dev/null
+++ b/plugins/sudoers/regress/sudoers/test2.in
@@ -0,0 +1,60 @@
+# Check quoted user name in User_Alias
+User_Alias UA1 = "foo"
+User_Alias UA2 = "foo.bar"
+User_Alias UA3 = "foo\""
+User_Alias UA4 = "foo:bar"
+User_Alias UA5 = "foo:bar\""
+
+# Check quoted group name in User_Alias
+User_Alias UA6 = "%baz"
+User_Alias UA7 = "%baz.biz"
+
+# Check quoted non-Unix group name in User_Alias
+User_Alias UA8 = "%:C/non UNIX 0 c"
+User_Alias UA9 = "%:C/non\'UNIX\'1 c"
+User_Alias UA10 = "%:C/non\"UNIX\"0 c"
+User_Alias UA11 = "%:C/non_UNIX_0 c"
+User_Alias UA12 = "%:C/non\'UNIX_3 c"
+
+# Check quoted user name in Runas_Alias
+Runas_Alias RA1 = "foo"
+Runas_Alias RA2 = "foo\""
+Runas_Alias RA3 = "foo:bar"
+Runas_Alias RA4 = "foo:bar\""
+
+# Check quoted host name in Defaults
+Defaults@"somehost" set_home
+Defaults@"quoted\"" set_home
+
+# Check quoted user name in Defaults
+Defaults:"you" set_home
+Defaults:"us\"" set_home
+Defaults:"%them" set_home
+Defaults:"%: non UNIX 0 c" set_home
+Defaults:"+net" set_home
+
+# Check quoted runas name in Defaults
+Defaults>"someone" set_home
+Defaults>"some one" set_home
+
+# Check quoted command in Defaults
+# XXX - not currently supported
+#Defaults!"/bin/ls -l" set_home
+#Defaults!"/bin/ls -l \"foo\"" set_home
+
+# Check quoted user, runas and host name in Cmnd_Spec
+"foo"		"hosta" = ("root") ALL
+"foo.bar"	"hostb" = ("root") ALL
+"foo\""		"hostc" = ("root") ALL
+"foo:bar"	"hostd" = ("root") ALL
+"foo:bar\""	"hoste" = ("root") ALL
+
+# Check quoted group/netgroup name in Cmnd_Spec
+"%baz"			"hosta" = ("root") ALL
+"%baz.biz"		"hostb" = ("root") ALL
+"%:C/non UNIX 0 c"	"hostc" = ("root") ALL
+"%:C/non\'UNIX\'1 c"	"hostd" = ("root") ALL
+"%:C/non\"UNIX\"0 c"	"hoste" = ("root") ALL
+"%:C/non_UNIX_0 c"	"hostf" = ("root") ALL
+"%:C/non\'UNIX_3 c"	"hostg" = ("root") ALL
+"+netgr"		"hosth" = ("root") ALL
diff --git a/plugins/sudoers/regress/sudoers/test2.json.ok b/plugins/sudoers/regress/sudoers/test2.json.ok
new file mode 100644
index 0000000..8e6656e
--- /dev/null
+++ b/plugins/sudoers/regress/sudoers/test2.json.ok
@@ -0,0 +1,403 @@
+{
+    "Defaults": [
+        {
+            "Binding": [
+                { "hostname": "somehost" }
+            ],
+            "Options": [
+                { "set_home": true }
+            ]
+        },
+        {
+            "Binding": [
+                { "hostname": "quoted\"" }
+            ],
+            "Options": [
+                { "set_home": true }
+            ]
+        },
+        {
+            "Binding": [
+                { "username": "you" }
+            ],
+            "Options": [
+                { "set_home": true }
+            ]
+        },
+        {
+            "Binding": [
+                { "username": "us\"" }
+            ],
+            "Options": [
+                { "set_home": true }
+            ]
+        },
+        {
+            "Binding": [
+                { "username": "%them" }
+            ],
+            "Options": [
+                { "set_home": true }
+            ]
+        },
+        {
+            "Binding": [
+                { "username": "%: non UNIX 0 c" }
+            ],
+            "Options": [
+                { "set_home": true }
+            ]
+        },
+        {
+            "Binding": [
+                { "username": "+net" }
+            ],
+            "Options": [
+                { "set_home": true }
+            ]
+        },
+        {
+            "Binding": [
+                { "username": "someone" }
+            ],
+            "Options": [
+                { "set_home": true }
+            ]
+        },
+        {
+            "Binding": [
+                { "username": "some one" }
+            ],
+            "Options": [
+                { "set_home": true }
+            ]
+        }
+    ],
+    "User_Aliases": {
+        "UA1": [
+            { "username": "foo" }
+        ],
+        "UA10": [
+            { "nonunixgroup": "C/non\"UNIX\"0 c" }
+        ],
+        "UA11": [
+            { "nonunixgroup": "C/non_UNIX_0 c" }
+        ],
+        "UA12": [
+            { "nonunixgroup": "C/non\\'UNIX_3 c" }
+        ],
+        "UA2": [
+            { "username": "foo.bar" }
+        ],
+        "UA3": [
+            { "username": "foo\"" }
+        ],
+        "UA4": [
+            { "username": "foo:bar" }
+        ],
+        "UA5": [
+            { "username": "foo:bar\"" }
+        ],
+        "UA6": [
+            { "usergroup": "baz" }
+        ],
+        "UA7": [
+            { "usergroup": "baz.biz" }
+        ],
+        "UA8": [
+            { "nonunixgroup": "C/non UNIX 0 c" }
+        ],
+        "UA9": [
+            { "nonunixgroup": "C/non\\'UNIX\\'1 c" }
+        ]
+    },
+    "Runas_Aliases": {
+        "RA1": [
+            { "username": "foo" }
+        ],
+        "RA2": [
+            { "username": "foo\"" }
+        ],
+        "RA3": [
+            { "username": "foo:bar" }
+        ],
+        "RA4": [
+            { "username": "foo:bar\"" }
+        ]
+    },
+    "User_Specs": [
+        {
+            "User_List": [
+                { "username": "foo" }
+            ],
+            "Host_List": [
+                { "hostname": "hosta" }
+            ],
+            "Cmnd_Specs": [
+                {
+                    "runasusers": [
+                        { "username": "root" }
+                    ],
+                    "Options": [
+                        { "setenv": true }
+                    ],
+                    "Commands": [
+                        { "command": "ALL" }
+                    ]
+                }
+            ]
+        },
+        {
+            "User_List": [
+                { "username": "foo.bar" }
+            ],
+            "Host_List": [
+                { "hostname": "hostb" }
+            ],
+            "Cmnd_Specs": [
+                {
+                    "runasusers": [
+                        { "username": "root" }
+                    ],
+                    "Options": [
+                        { "setenv": true }
+                    ],
+                    "Commands": [
+                        { "command": "ALL" }
+                    ]
+                }
+            ]
+        },
+        {
+            "User_List": [
+                { "username": "foo\"" }
+            ],
+            "Host_List": [
+                { "hostname": "hostc" }
+            ],
+            "Cmnd_Specs": [
+                {
+                    "runasusers": [
+                        { "username": "root" }
+                    ],
+                    "Options": [
+                        { "setenv": true }
+                    ],
+                    "Commands": [
+                        { "command": "ALL" }
+                    ]
+                }
+            ]
+        },
+        {
+            "User_List": [
+                { "username": "foo:bar" }
+            ],
+            "Host_List": [
+                { "hostname": "hostd" }
+            ],
+            "Cmnd_Specs": [
+                {
+                    "runasusers": [
+                        { "username": "root" }
+                    ],
+                    "Options": [
+                        { "setenv": true }
+                    ],
+                    "Commands": [
+                        { "command": "ALL" }
+                    ]
+                }
+            ]
+        },
+        {
+            "User_List": [
+                { "username": "foo:bar\"" }
+            ],
+            "Host_List": [
+                { "hostname": "hoste" }
+            ],
+            "Cmnd_Specs": [
+                {
+                    "runasusers": [
+                        { "username": "root" }
+                    ],
+                    "Options": [
+                        { "setenv": true }
+                    ],
+                    "Commands": [
+                        { "command": "ALL" }
+                    ]
+                }
+            ]
+        },
+        {
+            "User_List": [
+                { "usergroup": "baz" }
+            ],
+            "Host_List": [
+                { "hostname": "hosta" }
+            ],
+            "Cmnd_Specs": [
+                {
+                    "runasusers": [
+                        { "username": "root" }
+                    ],
+                    "Options": [
+                        { "setenv": true }
+                    ],
+                    "Commands": [
+                        { "command": "ALL" }
+                    ]
+                }
+            ]
+        },
+        {
+            "User_List": [
+                { "usergroup": "baz.biz" }
+            ],
+            "Host_List": [
+                { "hostname": "hostb" }
+            ],
+            "Cmnd_Specs": [
+                {
+                    "runasusers": [
+                        { "username": "root" }
+                    ],
+                    "Options": [
+                        { "setenv": true }
+                    ],
+                    "Commands": [
+                        { "command": "ALL" }
+                    ]
+                }
+            ]
+        },
+        {
+            "User_List": [
+                { "nonunixgroup": "C/non UNIX 0 c" }
+            ],
+            "Host_List": [
+                { "hostname": "hostc" }
+            ],
+            "Cmnd_Specs": [
+                {
+                    "runasusers": [
+                        { "username": "root" }
+                    ],
+                    "Options": [
+                        { "setenv": true }
+                    ],
+                    "Commands": [
+                        { "command": "ALL" }
+                    ]
+                }
+            ]
+        },
+        {
+            "User_List": [
+                { "nonunixgroup": "C/non\\'UNIX\\'1 c" }
+            ],
+            "Host_List": [
+                { "hostname": "hostd" }
+            ],
+            "Cmnd_Specs": [
+                {
+                    "runasusers": [
+                        { "username": "root" }
+                    ],
+                    "Options": [
+                        { "setenv": true }
+                    ],
+                    "Commands": [
+                        { "command": "ALL" }
+                    ]
+                }
+            ]
+        },
+        {
+            "User_List": [
+                { "nonunixgroup": "C/non\"UNIX\"0 c" }
+            ],
+            "Host_List": [
+                { "hostname": "hoste" }
+            ],
+            "Cmnd_Specs": [
+                {
+                    "runasusers": [
+                        { "username": "root" }
+                    ],
+                    "Options": [
+                        { "setenv": true }
+                    ],
+                    "Commands": [
+                        { "command": "ALL" }
+                    ]
+                }
+            ]
+        },
+        {
+            "User_List": [
+                { "nonunixgroup": "C/non_UNIX_0 c" }
+            ],
+            "Host_List": [
+                { "hostname": "hostf" }
+            ],
+            "Cmnd_Specs": [
+                {
+                    "runasusers": [
+                        { "username": "root" }
+                    ],
+                    "Options": [
+                        { "setenv": true }
+                    ],
+                    "Commands": [
+                        { "command": "ALL" }
+                    ]
+                }
+            ]
+        },
+        {
+            "User_List": [
+                { "nonunixgroup": "C/non\\'UNIX_3 c" }
+            ],
+            "Host_List": [
+                { "hostname": "hostg" }
+            ],
+            "Cmnd_Specs": [
+                {
+                    "runasusers": [
+                        { "username": "root" }
+                    ],
+                    "Options": [
+                        { "setenv": true }
+                    ],
+                    "Commands": [
+                        { "command": "ALL" }
+                    ]
+                }
+            ]
+        },
+        {
+            "User_List": [
+                { "netgroup": "netgr" }
+            ],
+            "Host_List": [
+                { "hostname": "hosth" }
+            ],
+            "Cmnd_Specs": [
+                {
+                    "runasusers": [
+                        { "username": "root" }
+                    ],
+                    "Options": [
+                        { "setenv": true }
+                    ],
+                    "Commands": [
+                        { "command": "ALL" }
+                    ]
+                }
+            ]
+        }
+    ]
+}
diff --git a/plugins/sudoers/regress/sudoers/test2.ldif.ok b/plugins/sudoers/regress/sudoers/test2.ldif.ok
new file mode 100644
index 0000000..a9e7df9
--- /dev/null
+++ b/plugins/sudoers/regress/sudoers/test2.ldif.ok
@@ -0,0 +1,157 @@
+# Unable to translate stdin:26
+# Defaults@somehost set_home
+
+# Unable to translate stdin:27
+# Defaults@quoted\" set_home
+
+# Unable to translate stdin:30
+# Defaults:you set_home
+
+# Unable to translate stdin:31
+# Defaults:us\" set_home
+
+# Unable to translate stdin:32
+# Defaults:%them set_home
+
+# Unable to translate stdin:33
+# Defaults:"%: non UNIX 0 c" set_home
+
+# Unable to translate stdin:34
+# Defaults:+net set_home
+
+# Unable to translate stdin:37
+# Defaults>someone set_home
+
+# Unable to translate stdin:38
+# Defaults>"some one" set_home
+
+dn: cn=foo,ou=SUDOers,dc=sudo,dc=ws
+objectClass: top
+objectClass: sudoRole
+cn: foo
+sudoUser: foo
+sudoHost: hosta
+sudoRunAsUser: root
+sudoCommand: ALL
+sudoOrder: 1
+
+dn: cn=foo.bar,ou=SUDOers,dc=sudo,dc=ws
+objectClass: top
+objectClass: sudoRole
+cn: foo.bar
+sudoUser: foo.bar
+sudoHost: hostb
+sudoRunAsUser: root
+sudoCommand: ALL
+sudoOrder: 2
+
+dn: cn=foo\",ou=SUDOers,dc=sudo,dc=ws
+objectClass: top
+objectClass: sudoRole
+cn: foo\"
+sudoUser: foo"
+sudoHost: hostc
+sudoRunAsUser: root
+sudoCommand: ALL
+sudoOrder: 3
+
+dn: cn=foo:bar,ou=SUDOers,dc=sudo,dc=ws
+objectClass: top
+objectClass: sudoRole
+cn: foo:bar
+sudoUser: foo:bar
+sudoHost: hostd
+sudoRunAsUser: root
+sudoCommand: ALL
+sudoOrder: 4
+
+dn: cn=foo:bar\",ou=SUDOers,dc=sudo,dc=ws
+objectClass: top
+objectClass: sudoRole
+cn: foo:bar\"
+sudoUser: foo:bar"
+sudoHost: hoste
+sudoRunAsUser: root
+sudoCommand: ALL
+sudoOrder: 5
+
+dn: cn=%baz,ou=SUDOers,dc=sudo,dc=ws
+objectClass: top
+objectClass: sudoRole
+cn: %baz
+sudoUser: %baz
+sudoHost: hosta
+sudoRunAsUser: root
+sudoCommand: ALL
+sudoOrder: 6
+
+dn: cn=%baz.biz,ou=SUDOers,dc=sudo,dc=ws
+objectClass: top
+objectClass: sudoRole
+cn: %baz.biz
+sudoUser: %baz.biz
+sudoHost: hostb
+sudoRunAsUser: root
+sudoCommand: ALL
+sudoOrder: 7
+
+dn: cn=%:C/non UNIX 0 c,ou=SUDOers,dc=sudo,dc=ws
+objectClass: top
+objectClass: sudoRole
+cn: %:C/non UNIX 0 c
+sudoUser: %:C/non UNIX 0 c
+sudoHost: hostc
+sudoRunAsUser: root
+sudoCommand: ALL
+sudoOrder: 8
+
+dn: cn=%:C/non\\'UNIX\\'1 c,ou=SUDOers,dc=sudo,dc=ws
+objectClass: top
+objectClass: sudoRole
+cn: %:C/non\\'UNIX\\'1 c
+sudoUser: %:C/non\'UNIX\'1 c
+sudoHost: hostd
+sudoRunAsUser: root
+sudoCommand: ALL
+sudoOrder: 9
+
+dn: cn=%:C/non\"UNIX\"0 c,ou=SUDOers,dc=sudo,dc=ws
+objectClass: top
+objectClass: sudoRole
+cn: %:C/non\"UNIX\"0 c
+sudoUser: %:C/non"UNIX"0 c
+sudoHost: hoste
+sudoRunAsUser: root
+sudoCommand: ALL
+sudoOrder: 10
+
+dn: cn=%:C/non_UNIX_0 c,ou=SUDOers,dc=sudo,dc=ws
+objectClass: top
+objectClass: sudoRole
+cn: %:C/non_UNIX_0 c
+sudoUser: %:C/non_UNIX_0 c
+sudoHost: hostf
+sudoRunAsUser: root
+sudoCommand: ALL
+sudoOrder: 11
+
+dn: cn=%:C/non\\'UNIX_3 c,ou=SUDOers,dc=sudo,dc=ws
+objectClass: top
+objectClass: sudoRole
+cn: %:C/non\\'UNIX_3 c
+sudoUser: %:C/non\'UNIX_3 c
+sudoHost: hostg
+sudoRunAsUser: root
+sudoCommand: ALL
+sudoOrder: 12
+
+dn: cn=\+netgr,ou=SUDOers,dc=sudo,dc=ws
+objectClass: top
+objectClass: sudoRole
+cn: \+netgr
+sudoUser: +netgr
+sudoHost: hosth
+sudoRunAsUser: root
+sudoCommand: ALL
+sudoOrder: 13
+
diff --git a/plugins/sudoers/regress/sudoers/test2.ldif2sudo.ok b/plugins/sudoers/regress/sudoers/test2.ldif2sudo.ok
new file mode 100644
index 0000000..7039523
--- /dev/null
+++ b/plugins/sudoers/regress/sudoers/test2.ldif2sudo.ok
@@ -0,0 +1,38 @@
+# sudoRole foo
+foo hosta = (root) ALL
+
+# sudoRole foo.bar
+foo.bar hostb = (root) ALL
+
+# sudoRole foo"
+foo\" hostc = (root) ALL
+
+# sudoRole foo:bar
+foo\:bar hostd = (root) ALL
+
+# sudoRole foo:bar"
+foo\:bar\" hoste = (root) ALL
+
+# sudoRole %baz
+%baz hosta = (root) ALL
+
+# sudoRole %baz.biz
+%baz.biz hostb = (root) ALL
+
+# sudoRole %:C/non UNIX 0 c
+"%:C/non UNIX 0 c" hostc = (root) ALL
+
+# sudoRole %:C/non\'UNIX\'1 c
+"%:C/non\'UNIX\'1 c" hostd = (root) ALL
+
+# sudoRole %:C/non"UNIX"0 c
+"%:C/non\"UNIX\"0 c" hoste = (root) ALL
+
+# sudoRole %:C/non_UNIX_0 c
+"%:C/non_UNIX_0 c" hostf = (root) ALL
+
+# sudoRole %:C/non\'UNIX_3 c
+"%:C/non\'UNIX_3 c" hostg = (root) ALL
+
+# sudoRole +netgr
++netgr hosth = (root) ALL
diff --git a/plugins/sudoers/regress/sudoers/test2.out.ok b/plugins/sudoers/regress/sudoers/test2.out.ok
new file mode 100644
index 0000000..be5e8f3
--- /dev/null
+++ b/plugins/sudoers/regress/sudoers/test2.out.ok
@@ -0,0 +1,42 @@
+Parses OK.
+
+Defaults@somehost set_home
+Defaults@quoted\" set_home
+Defaults:you set_home
+Defaults:us\" set_home
+Defaults:%them set_home
+Defaults:"%: non UNIX 0 c" set_home
+Defaults:+net set_home
+Defaults>someone set_home
+Defaults>"some one" set_home
+
+Runas_Alias RA1 = foo
+Runas_Alias RA2 = foo\"
+Runas_Alias RA3 = foo\:bar
+Runas_Alias RA4 = foo\:bar\"
+User_Alias UA1 = foo
+User_Alias UA10 = "%:C/non\"UNIX\"0 c"
+User_Alias UA11 = "%:C/non_UNIX_0 c"
+User_Alias UA12 = "%:C/non\'UNIX_3 c"
+User_Alias UA2 = foo.bar
+User_Alias UA3 = foo\"
+User_Alias UA4 = foo\:bar
+User_Alias UA5 = foo\:bar\"
+User_Alias UA6 = %baz
+User_Alias UA7 = %baz.biz
+User_Alias UA8 = "%:C/non UNIX 0 c"
+User_Alias UA9 = "%:C/non\'UNIX\'1 c"
+
+foo hosta = (root) ALL
+foo.bar hostb = (root) ALL
+foo\" hostc = (root) ALL
+foo\:bar hostd = (root) ALL
+foo\:bar\" hoste = (root) ALL
+%baz hosta = (root) ALL
+%baz.biz hostb = (root) ALL
+"%:C/non UNIX 0 c" hostc = (root) ALL
+"%:C/non\'UNIX\'1 c" hostd = (root) ALL
+"%:C/non\"UNIX\"0 c" hoste = (root) ALL
+"%:C/non_UNIX_0 c" hostf = (root) ALL
+"%:C/non\'UNIX_3 c" hostg = (root) ALL
++netgr hosth = (root) ALL
diff --git a/plugins/sudoers/regress/sudoers/test2.toke.ok b/plugins/sudoers/regress/sudoers/test2.toke.ok
new file mode 100644
index 0000000..fcd7b73
--- /dev/null
+++ b/plugins/sudoers/regress/sudoers/test2.toke.ok
@@ -0,0 +1,60 @@
+#
+USERALIAS ALIAS = BEGINSTR STRBODY ENDSTR WORD(4) 
+USERALIAS ALIAS = BEGINSTR STRBODY ENDSTR WORD(4) 
+USERALIAS ALIAS = BEGINSTR STRBODY ENDSTR WORD(4) 
+USERALIAS ALIAS = BEGINSTR STRBODY ENDSTR WORD(4) 
+USERALIAS ALIAS = BEGINSTR STRBODY ENDSTR WORD(4) 
+
+#
+USERALIAS ALIAS = BEGINSTR STRBODY ENDSTR USERGROUP 
+USERALIAS ALIAS = BEGINSTR STRBODY ENDSTR USERGROUP 
+
+#
+USERALIAS ALIAS = BEGINSTR STRBODY ENDSTR USERGROUP 
+USERALIAS ALIAS = BEGINSTR STRBODY BACKSLASH STRBODY BACKSLASH STRBODY ENDSTR USERGROUP 
+USERALIAS ALIAS = BEGINSTR STRBODY ENDSTR USERGROUP 
+USERALIAS ALIAS = BEGINSTR STRBODY ENDSTR USERGROUP 
+USERALIAS ALIAS = BEGINSTR STRBODY BACKSLASH STRBODY ENDSTR USERGROUP 
+
+#
+RUNASALIAS ALIAS = BEGINSTR STRBODY ENDSTR WORD(4) 
+RUNASALIAS ALIAS = BEGINSTR STRBODY ENDSTR WORD(4) 
+RUNASALIAS ALIAS = BEGINSTR STRBODY ENDSTR WORD(4) 
+RUNASALIAS ALIAS = BEGINSTR STRBODY ENDSTR WORD(4) 
+
+#
+DEFAULTS_HOST BEGINSTR STRBODY ENDSTR WORD(4) DEFVAR 
+DEFAULTS_HOST BEGINSTR STRBODY ENDSTR WORD(4) DEFVAR 
+
+#
+DEFAULTS_USER BEGINSTR STRBODY ENDSTR WORD(4) DEFVAR 
+DEFAULTS_USER BEGINSTR STRBODY ENDSTR WORD(4) DEFVAR 
+DEFAULTS_USER BEGINSTR STRBODY ENDSTR WORD(4) DEFVAR 
+DEFAULTS_USER BEGINSTR STRBODY ENDSTR WORD(4) DEFVAR 
+DEFAULTS_USER BEGINSTR STRBODY ENDSTR WORD(4) DEFVAR 
+
+#
+DEFAULTS_RUNAS BEGINSTR STRBODY ENDSTR WORD(4) DEFVAR 
+DEFAULTS_RUNAS BEGINSTR STRBODY ENDSTR WORD(4) DEFVAR 
+
+#
+#
+#
+#
+
+#
+BEGINSTR STRBODY ENDSTR WORD(4) BEGINSTR STRBODY ENDSTR WORD(4) = ( BEGINSTR STRBODY ENDSTR WORD(4) ) ALL 
+BEGINSTR STRBODY ENDSTR WORD(4) BEGINSTR STRBODY ENDSTR WORD(4) = ( BEGINSTR STRBODY ENDSTR WORD(4) ) ALL 
+BEGINSTR STRBODY ENDSTR WORD(4) BEGINSTR STRBODY ENDSTR WORD(4) = ( BEGINSTR STRBODY ENDSTR WORD(4) ) ALL 
+BEGINSTR STRBODY ENDSTR WORD(4) BEGINSTR STRBODY ENDSTR WORD(4) = ( BEGINSTR STRBODY ENDSTR WORD(4) ) ALL 
+BEGINSTR STRBODY ENDSTR WORD(4) BEGINSTR STRBODY ENDSTR WORD(4) = ( BEGINSTR STRBODY ENDSTR WORD(4) ) ALL 
+
+#
+BEGINSTR STRBODY ENDSTR USERGROUP BEGINSTR STRBODY ENDSTR WORD(4) = ( BEGINSTR STRBODY ENDSTR WORD(4) ) ALL 
+BEGINSTR STRBODY ENDSTR USERGROUP BEGINSTR STRBODY ENDSTR WORD(4) = ( BEGINSTR STRBODY ENDSTR WORD(4) ) ALL 
+BEGINSTR STRBODY ENDSTR USERGROUP BEGINSTR STRBODY ENDSTR WORD(4) = ( BEGINSTR STRBODY ENDSTR WORD(4) ) ALL 
+BEGINSTR STRBODY BACKSLASH STRBODY BACKSLASH STRBODY ENDSTR USERGROUP BEGINSTR STRBODY ENDSTR WORD(4) = ( BEGINSTR STRBODY ENDSTR WORD(4) ) ALL 
+BEGINSTR STRBODY ENDSTR USERGROUP BEGINSTR STRBODY ENDSTR WORD(4) = ( BEGINSTR STRBODY ENDSTR WORD(4) ) ALL 
+BEGINSTR STRBODY ENDSTR USERGROUP BEGINSTR STRBODY ENDSTR WORD(4) = ( BEGINSTR STRBODY ENDSTR WORD(4) ) ALL 
+BEGINSTR STRBODY BACKSLASH STRBODY ENDSTR USERGROUP BEGINSTR STRBODY ENDSTR WORD(4) = ( BEGINSTR STRBODY ENDSTR WORD(4) ) ALL 
+BEGINSTR STRBODY ENDSTR NETGROUP BEGINSTR STRBODY ENDSTR WORD(4) = ( BEGINSTR STRBODY ENDSTR WORD(4) ) ALL 
diff --git a/plugins/sudoers/regress/sudoers/test20.in b/plugins/sudoers/regress/sudoers/test20.in
new file mode 100644
index 0000000..c24f88a
--- /dev/null
+++ b/plugins/sudoers/regress/sudoers/test20.in
@@ -0,0 +1,26 @@
+# Test parsing of tuples
+Defaults	lecture
+Defaults	!lecture
+Defaults	lecture=never
+Defaults	lecture=once
+Defaults	lecture=always
+
+Defaults	listpw
+Defaults	!listpw
+Defaults	listpw=never
+Defaults	listpw=any
+Defaults	listpw=all
+Defaults	listpw=always
+
+Defaults	verifypw
+Defaults	!verifypw
+Defaults	verifypw=never
+Defaults	verifypw=any
+Defaults	verifypw=all
+Defaults	verifypw=always
+
+Defaults	fdexec
+Defaults	!fdexec
+Defaults	fdexec=never
+Defaults	fdexec=digest_only
+Defaults	fdexec=always
diff --git a/plugins/sudoers/regress/sudoers/test20.json.ok b/plugins/sudoers/regress/sudoers/test20.json.ok
new file mode 100644
index 0000000..f2f1d55
--- /dev/null
+++ b/plugins/sudoers/regress/sudoers/test20.json.ok
@@ -0,0 +1,114 @@
+{
+    "Defaults": [
+        {
+            "Options": [
+                { "lecture": true }
+            ]
+        },
+        {
+            "Options": [
+                { "lecture": false }
+            ]
+        },
+        {
+            "Options": [
+                { "lecture": "never" }
+            ]
+        },
+        {
+            "Options": [
+                { "lecture": "once" }
+            ]
+        },
+        {
+            "Options": [
+                { "lecture": "always" }
+            ]
+        },
+        {
+            "Options": [
+                { "listpw": true }
+            ]
+        },
+        {
+            "Options": [
+                { "listpw": false }
+            ]
+        },
+        {
+            "Options": [
+                { "listpw": "never" }
+            ]
+        },
+        {
+            "Options": [
+                { "listpw": "any" }
+            ]
+        },
+        {
+            "Options": [
+                { "listpw": "all" }
+            ]
+        },
+        {
+            "Options": [
+                { "listpw": "always" }
+            ]
+        },
+        {
+            "Options": [
+                { "verifypw": true }
+            ]
+        },
+        {
+            "Options": [
+                { "verifypw": false }
+            ]
+        },
+        {
+            "Options": [
+                { "verifypw": "never" }
+            ]
+        },
+        {
+            "Options": [
+                { "verifypw": "any" }
+            ]
+        },
+        {
+            "Options": [
+                { "verifypw": "all" }
+            ]
+        },
+        {
+            "Options": [
+                { "verifypw": "always" }
+            ]
+        },
+        {
+            "Options": [
+                { "fdexec": true }
+            ]
+        },
+        {
+            "Options": [
+                { "fdexec": false }
+            ]
+        },
+        {
+            "Options": [
+                { "fdexec": "never" }
+            ]
+        },
+        {
+            "Options": [
+                { "fdexec": "digest_only" }
+            ]
+        },
+        {
+            "Options": [
+                { "fdexec": "always" }
+            ]
+        }
+    ]
+}
diff --git a/plugins/sudoers/regress/sudoers/test20.ldif.ok b/plugins/sudoers/regress/sudoers/test20.ldif.ok
new file mode 100644
index 0000000..de01cde
--- /dev/null
+++ b/plugins/sudoers/regress/sudoers/test20.ldif.ok
@@ -0,0 +1,28 @@
+dn: cn=defaults,ou=SUDOers,dc=sudo,dc=ws
+objectClass: top
+objectClass: sudoRole
+cn: defaults
+description: Default sudoOption's go here
+sudoOption: lecture
+sudoOption: !lecture
+sudoOption: lecture=never
+sudoOption: lecture=once
+sudoOption: lecture=always
+sudoOption: listpw
+sudoOption: !listpw
+sudoOption: listpw=never
+sudoOption: listpw=any
+sudoOption: listpw=all
+sudoOption: listpw=always
+sudoOption: verifypw
+sudoOption: !verifypw
+sudoOption: verifypw=never
+sudoOption: verifypw=any
+sudoOption: verifypw=all
+sudoOption: verifypw=always
+sudoOption: fdexec
+sudoOption: !fdexec
+sudoOption: fdexec=never
+sudoOption: fdexec=digest_only
+sudoOption: fdexec=always
+
diff --git a/plugins/sudoers/regress/sudoers/test20.ldif2sudo.ok b/plugins/sudoers/regress/sudoers/test20.ldif2sudo.ok
new file mode 100644
index 0000000..e1c743c
--- /dev/null
+++ b/plugins/sudoers/regress/sudoers/test20.ldif2sudo.ok
@@ -0,0 +1,22 @@
+Defaults lecture
+Defaults !lecture
+Defaults lecture=never
+Defaults lecture=once
+Defaults lecture=always
+Defaults listpw
+Defaults !listpw
+Defaults listpw=never
+Defaults listpw=any
+Defaults listpw=all
+Defaults listpw=always
+Defaults verifypw
+Defaults !verifypw
+Defaults verifypw=never
+Defaults verifypw=any
+Defaults verifypw=all
+Defaults verifypw=always
+Defaults fdexec
+Defaults !fdexec
+Defaults fdexec=never
+Defaults fdexec=digest_only
+Defaults fdexec=always
diff --git a/plugins/sudoers/regress/sudoers/test20.out.ok b/plugins/sudoers/regress/sudoers/test20.out.ok
new file mode 100644
index 0000000..882af0d
--- /dev/null
+++ b/plugins/sudoers/regress/sudoers/test20.out.ok
@@ -0,0 +1,24 @@
+Parses OK.
+
+Defaults lecture
+Defaults !lecture
+Defaults lecture=never
+Defaults lecture=once
+Defaults lecture=always
+Defaults listpw
+Defaults !listpw
+Defaults listpw=never
+Defaults listpw=any
+Defaults listpw=all
+Defaults listpw=always
+Defaults verifypw
+Defaults !verifypw
+Defaults verifypw=never
+Defaults verifypw=any
+Defaults verifypw=all
+Defaults verifypw=always
+Defaults fdexec
+Defaults !fdexec
+Defaults fdexec=never
+Defaults fdexec=digest_only
+Defaults fdexec=always
diff --git a/plugins/sudoers/regress/sudoers/test20.toke.ok b/plugins/sudoers/regress/sudoers/test20.toke.ok
new file mode 100644
index 0000000..1847149
--- /dev/null
+++ b/plugins/sudoers/regress/sudoers/test20.toke.ok
@@ -0,0 +1,26 @@
+#
+DEFAULTS DEFVAR 
+DEFAULTS !DEFVAR 
+DEFAULTS DEFVAR = WORD(2) 
+DEFAULTS DEFVAR = WORD(2) 
+DEFAULTS DEFVAR = WORD(2) 
+
+DEFAULTS DEFVAR 
+DEFAULTS !DEFVAR 
+DEFAULTS DEFVAR = WORD(2) 
+DEFAULTS DEFVAR = WORD(2) 
+DEFAULTS DEFVAR = WORD(2) 
+DEFAULTS DEFVAR = WORD(2) 
+
+DEFAULTS DEFVAR 
+DEFAULTS !DEFVAR 
+DEFAULTS DEFVAR = WORD(2) 
+DEFAULTS DEFVAR = WORD(2) 
+DEFAULTS DEFVAR = WORD(2) 
+DEFAULTS DEFVAR = WORD(2) 
+
+DEFAULTS DEFVAR 
+DEFAULTS !DEFVAR 
+DEFAULTS DEFVAR = WORD(2) 
+DEFAULTS DEFVAR = WORD(2) 
+DEFAULTS DEFVAR = WORD(2) 
diff --git a/plugins/sudoers/regress/sudoers/test21.in b/plugins/sudoers/regress/sudoers/test21.in
new file mode 100644
index 0000000..65416cf
--- /dev/null
+++ b/plugins/sudoers/regress/sudoers/test21.in
@@ -0,0 +1,36 @@
+# Test parsing of syslog settings
+Defaults	syslog
+Defaults	!syslog
+Defaults	syslog=auth
+Defaults	syslog=daemon
+Defaults	syslog=user
+Defaults	syslog=local0
+Defaults	syslog=local1
+Defaults	syslog=local2
+Defaults	syslog=local3
+Defaults	syslog=local4
+Defaults	syslog=local5
+Defaults	syslog=local6
+Defaults	syslog=local7
+
+Defaults	!syslog_goodpri
+Defaults	syslog_goodpri=alert
+Defaults	syslog_goodpri=crit
+Defaults	syslog_goodpri=debug
+Defaults	syslog_goodpri=emerg
+Defaults	syslog_goodpri=err
+Defaults	syslog_goodpri=info
+Defaults	syslog_goodpri=notice
+Defaults	syslog_goodpri=warning
+Defaults	syslog_goodpri=none
+
+Defaults	!syslog_badpri
+Defaults	syslog_badpri=alert
+Defaults	syslog_badpri=crit
+Defaults	syslog_badpri=debug
+Defaults	syslog_badpri=emerg
+Defaults	syslog_badpri=err
+Defaults	syslog_badpri=info
+Defaults	syslog_badpri=notice
+Defaults	syslog_badpri=warning
+Defaults	syslog_badpri=none
diff --git a/plugins/sudoers/regress/sudoers/test21.json.ok b/plugins/sudoers/regress/sudoers/test21.json.ok
new file mode 100644
index 0000000..7896965
--- /dev/null
+++ b/plugins/sudoers/regress/sudoers/test21.json.ok
@@ -0,0 +1,169 @@
+{
+    "Defaults": [
+        {
+            "Options": [
+                { "syslog": true }
+            ]
+        },
+        {
+            "Options": [
+                { "syslog": false }
+            ]
+        },
+        {
+            "Options": [
+                { "syslog": "auth" }
+            ]
+        },
+        {
+            "Options": [
+                { "syslog": "daemon" }
+            ]
+        },
+        {
+            "Options": [
+                { "syslog": "user" }
+            ]
+        },
+        {
+            "Options": [
+                { "syslog": "local0" }
+            ]
+        },
+        {
+            "Options": [
+                { "syslog": "local1" }
+            ]
+        },
+        {
+            "Options": [
+                { "syslog": "local2" }
+            ]
+        },
+        {
+            "Options": [
+                { "syslog": "local3" }
+            ]
+        },
+        {
+            "Options": [
+                { "syslog": "local4" }
+            ]
+        },
+        {
+            "Options": [
+                { "syslog": "local5" }
+            ]
+        },
+        {
+            "Options": [
+                { "syslog": "local6" }
+            ]
+        },
+        {
+            "Options": [
+                { "syslog": "local7" }
+            ]
+        },
+        {
+            "Options": [
+                { "syslog_goodpri": false }
+            ]
+        },
+        {
+            "Options": [
+                { "syslog_goodpri": "alert" }
+            ]
+        },
+        {
+            "Options": [
+                { "syslog_goodpri": "crit" }
+            ]
+        },
+        {
+            "Options": [
+                { "syslog_goodpri": "debug" }
+            ]
+        },
+        {
+            "Options": [
+                { "syslog_goodpri": "emerg" }
+            ]
+        },
+        {
+            "Options": [
+                { "syslog_goodpri": "err" }
+            ]
+        },
+        {
+            "Options": [
+                { "syslog_goodpri": "info" }
+            ]
+        },
+        {
+            "Options": [
+                { "syslog_goodpri": "notice" }
+            ]
+        },
+        {
+            "Options": [
+                { "syslog_goodpri": "warning" }
+            ]
+        },
+        {
+            "Options": [
+                { "syslog_goodpri": "none" }
+            ]
+        },
+        {
+            "Options": [
+                { "syslog_badpri": false }
+            ]
+        },
+        {
+            "Options": [
+                { "syslog_badpri": "alert" }
+            ]
+        },
+        {
+            "Options": [
+                { "syslog_badpri": "crit" }
+            ]
+        },
+        {
+            "Options": [
+                { "syslog_badpri": "debug" }
+            ]
+        },
+        {
+            "Options": [
+                { "syslog_badpri": "emerg" }
+            ]
+        },
+        {
+            "Options": [
+                { "syslog_badpri": "err" }
+            ]
+        },
+        {
+            "Options": [
+                { "syslog_badpri": "info" }
+            ]
+        },
+        {
+            "Options": [
+                { "syslog_badpri": "notice" }
+            ]
+        },
+        {
+            "Options": [
+                { "syslog_badpri": "warning" }
+            ]
+        },
+        {
+            "Options": [
+                { "syslog_badpri": "none" }
+            ]
+        }
+    ]
+}
diff --git a/plugins/sudoers/regress/sudoers/test21.ldif.ok b/plugins/sudoers/regress/sudoers/test21.ldif.ok
new file mode 100644
index 0000000..b3bede8
--- /dev/null
+++ b/plugins/sudoers/regress/sudoers/test21.ldif.ok
@@ -0,0 +1,39 @@
+dn: cn=defaults,ou=SUDOers,dc=sudo,dc=ws
+objectClass: top
+objectClass: sudoRole
+cn: defaults
+description: Default sudoOption's go here
+sudoOption: syslog
+sudoOption: !syslog
+sudoOption: syslog=auth
+sudoOption: syslog=daemon
+sudoOption: syslog=user
+sudoOption: syslog=local0
+sudoOption: syslog=local1
+sudoOption: syslog=local2
+sudoOption: syslog=local3
+sudoOption: syslog=local4
+sudoOption: syslog=local5
+sudoOption: syslog=local6
+sudoOption: syslog=local7
+sudoOption: !syslog_goodpri
+sudoOption: syslog_goodpri=alert
+sudoOption: syslog_goodpri=crit
+sudoOption: syslog_goodpri=debug
+sudoOption: syslog_goodpri=emerg
+sudoOption: syslog_goodpri=err
+sudoOption: syslog_goodpri=info
+sudoOption: syslog_goodpri=notice
+sudoOption: syslog_goodpri=warning
+sudoOption: syslog_goodpri=none
+sudoOption: !syslog_badpri
+sudoOption: syslog_badpri=alert
+sudoOption: syslog_badpri=crit
+sudoOption: syslog_badpri=debug
+sudoOption: syslog_badpri=emerg
+sudoOption: syslog_badpri=err
+sudoOption: syslog_badpri=info
+sudoOption: syslog_badpri=notice
+sudoOption: syslog_badpri=warning
+sudoOption: syslog_badpri=none
+
diff --git a/plugins/sudoers/regress/sudoers/test21.ldif2sudo.ok b/plugins/sudoers/regress/sudoers/test21.ldif2sudo.ok
new file mode 100644
index 0000000..56e09ff
--- /dev/null
+++ b/plugins/sudoers/regress/sudoers/test21.ldif2sudo.ok
@@ -0,0 +1,33 @@
+Defaults syslog
+Defaults !syslog
+Defaults syslog=auth
+Defaults syslog=daemon
+Defaults syslog=user
+Defaults syslog=local0
+Defaults syslog=local1
+Defaults syslog=local2
+Defaults syslog=local3
+Defaults syslog=local4
+Defaults syslog=local5
+Defaults syslog=local6
+Defaults syslog=local7
+Defaults !syslog_goodpri
+Defaults syslog_goodpri=alert
+Defaults syslog_goodpri=crit
+Defaults syslog_goodpri=debug
+Defaults syslog_goodpri=emerg
+Defaults syslog_goodpri=err
+Defaults syslog_goodpri=info
+Defaults syslog_goodpri=notice
+Defaults syslog_goodpri=warning
+Defaults syslog_goodpri=none
+Defaults !syslog_badpri
+Defaults syslog_badpri=alert
+Defaults syslog_badpri=crit
+Defaults syslog_badpri=debug
+Defaults syslog_badpri=emerg
+Defaults syslog_badpri=err
+Defaults syslog_badpri=info
+Defaults syslog_badpri=notice
+Defaults syslog_badpri=warning
+Defaults syslog_badpri=none
diff --git a/plugins/sudoers/regress/sudoers/test21.out.ok b/plugins/sudoers/regress/sudoers/test21.out.ok
new file mode 100644
index 0000000..630fa6b
--- /dev/null
+++ b/plugins/sudoers/regress/sudoers/test21.out.ok
@@ -0,0 +1,35 @@
+Parses OK.
+
+Defaults syslog
+Defaults !syslog
+Defaults syslog=auth
+Defaults syslog=daemon
+Defaults syslog=user
+Defaults syslog=local0
+Defaults syslog=local1
+Defaults syslog=local2
+Defaults syslog=local3
+Defaults syslog=local4
+Defaults syslog=local5
+Defaults syslog=local6
+Defaults syslog=local7
+Defaults !syslog_goodpri
+Defaults syslog_goodpri=alert
+Defaults syslog_goodpri=crit
+Defaults syslog_goodpri=debug
+Defaults syslog_goodpri=emerg
+Defaults syslog_goodpri=err
+Defaults syslog_goodpri=info
+Defaults syslog_goodpri=notice
+Defaults syslog_goodpri=warning
+Defaults syslog_goodpri=none
+Defaults !syslog_badpri
+Defaults syslog_badpri=alert
+Defaults syslog_badpri=crit
+Defaults syslog_badpri=debug
+Defaults syslog_badpri=emerg
+Defaults syslog_badpri=err
+Defaults syslog_badpri=info
+Defaults syslog_badpri=notice
+Defaults syslog_badpri=warning
+Defaults syslog_badpri=none
diff --git a/plugins/sudoers/regress/sudoers/test21.toke.ok b/plugins/sudoers/regress/sudoers/test21.toke.ok
new file mode 100644
index 0000000..871584b
--- /dev/null
+++ b/plugins/sudoers/regress/sudoers/test21.toke.ok
@@ -0,0 +1,36 @@
+#
+DEFAULTS DEFVAR 
+DEFAULTS !DEFVAR 
+DEFAULTS DEFVAR = WORD(2) 
+DEFAULTS DEFVAR = WORD(2) 
+DEFAULTS DEFVAR = WORD(2) 
+DEFAULTS DEFVAR = WORD(2) 
+DEFAULTS DEFVAR = WORD(2) 
+DEFAULTS DEFVAR = WORD(2) 
+DEFAULTS DEFVAR = WORD(2) 
+DEFAULTS DEFVAR = WORD(2) 
+DEFAULTS DEFVAR = WORD(2) 
+DEFAULTS DEFVAR = WORD(2) 
+DEFAULTS DEFVAR = WORD(2) 
+
+DEFAULTS !DEFVAR 
+DEFAULTS DEFVAR = WORD(2) 
+DEFAULTS DEFVAR = WORD(2) 
+DEFAULTS DEFVAR = WORD(2) 
+DEFAULTS DEFVAR = WORD(2) 
+DEFAULTS DEFVAR = WORD(2) 
+DEFAULTS DEFVAR = WORD(2) 
+DEFAULTS DEFVAR = WORD(2) 
+DEFAULTS DEFVAR = WORD(2) 
+DEFAULTS DEFVAR = WORD(2) 
+
+DEFAULTS !DEFVAR 
+DEFAULTS DEFVAR = WORD(2) 
+DEFAULTS DEFVAR = WORD(2) 
+DEFAULTS DEFVAR = WORD(2) 
+DEFAULTS DEFVAR = WORD(2) 
+DEFAULTS DEFVAR = WORD(2) 
+DEFAULTS DEFVAR = WORD(2) 
+DEFAULTS DEFVAR = WORD(2) 
+DEFAULTS DEFVAR = WORD(2) 
+DEFAULTS DEFVAR = WORD(2) 
diff --git a/plugins/sudoers/regress/sudoers/test22.in b/plugins/sudoers/regress/sudoers/test22.in
new file mode 100644
index 0000000..ecf2fd9
--- /dev/null
+++ b/plugins/sudoers/regress/sudoers/test22.in
@@ -0,0 +1,6 @@
+# Test parsing of empty Runas_List
+
+user1 ALL = ( : ) ALL
+user2 ALL = (:) ALL
+user3 ALL = ( ) ALL
+user4 ALL = () ALL
diff --git a/plugins/sudoers/regress/sudoers/test22.json.ok b/plugins/sudoers/regress/sudoers/test22.json.ok
new file mode 100644
index 0000000..22141a1
--- /dev/null
+++ b/plugins/sudoers/regress/sudoers/test22.json.ok
@@ -0,0 +1,88 @@
+{
+    "User_Specs": [
+        {
+            "User_List": [
+                { "username": "user1" }
+            ],
+            "Host_List": [
+                { "hostname": "ALL" }
+            ],
+            "Cmnd_Specs": [
+                {
+                    "runasusers": [
+                        { "username": "" }
+                    ],
+                    "Options": [
+                        { "setenv": true }
+                    ],
+                    "Commands": [
+                        { "command": "ALL" }
+                    ]
+                }
+            ]
+        },
+        {
+            "User_List": [
+                { "username": "user2" }
+            ],
+            "Host_List": [
+                { "hostname": "ALL" }
+            ],
+            "Cmnd_Specs": [
+                {
+                    "runasusers": [
+                        { "username": "" }
+                    ],
+                    "Options": [
+                        { "setenv": true }
+                    ],
+                    "Commands": [
+                        { "command": "ALL" }
+                    ]
+                }
+            ]
+        },
+        {
+            "User_List": [
+                { "username": "user3" }
+            ],
+            "Host_List": [
+                { "hostname": "ALL" }
+            ],
+            "Cmnd_Specs": [
+                {
+                    "runasusers": [
+                        { "username": "" }
+                    ],
+                    "Options": [
+                        { "setenv": true }
+                    ],
+                    "Commands": [
+                        { "command": "ALL" }
+                    ]
+                }
+            ]
+        },
+        {
+            "User_List": [
+                { "username": "user4" }
+            ],
+            "Host_List": [
+                { "hostname": "ALL" }
+            ],
+            "Cmnd_Specs": [
+                {
+                    "runasusers": [
+                        { "username": "" }
+                    ],
+                    "Options": [
+                        { "setenv": true }
+                    ],
+                    "Commands": [
+                        { "command": "ALL" }
+                    ]
+                }
+            ]
+        }
+    ]
+}
diff --git a/plugins/sudoers/regress/sudoers/test22.ldif.ok b/plugins/sudoers/regress/sudoers/test22.ldif.ok
new file mode 100644
index 0000000..14c3df4
--- /dev/null
+++ b/plugins/sudoers/regress/sudoers/test22.ldif.ok
@@ -0,0 +1,40 @@
+dn: cn=user1,ou=SUDOers,dc=sudo,dc=ws
+objectClass: top
+objectClass: sudoRole
+cn: user1
+sudoUser: user1
+sudoHost: ALL
+sudoRunAsUser:
+sudoCommand: ALL
+sudoOrder: 1
+
+dn: cn=user2,ou=SUDOers,dc=sudo,dc=ws
+objectClass: top
+objectClass: sudoRole
+cn: user2
+sudoUser: user2
+sudoHost: ALL
+sudoRunAsUser:
+sudoCommand: ALL
+sudoOrder: 2
+
+dn: cn=user3,ou=SUDOers,dc=sudo,dc=ws
+objectClass: top
+objectClass: sudoRole
+cn: user3
+sudoUser: user3
+sudoHost: ALL
+sudoRunAsUser:
+sudoCommand: ALL
+sudoOrder: 3
+
+dn: cn=user4,ou=SUDOers,dc=sudo,dc=ws
+objectClass: top
+objectClass: sudoRole
+cn: user4
+sudoUser: user4
+sudoHost: ALL
+sudoRunAsUser:
+sudoCommand: ALL
+sudoOrder: 4
+
diff --git a/plugins/sudoers/regress/sudoers/test22.ldif2sudo.ok b/plugins/sudoers/regress/sudoers/test22.ldif2sudo.ok
new file mode 100644
index 0000000..e0c98e0
--- /dev/null
+++ b/plugins/sudoers/regress/sudoers/test22.ldif2sudo.ok
@@ -0,0 +1,11 @@
+# sudoRole user1
+user1 ALL = () ALL
+
+# sudoRole user2
+user2 ALL = () ALL
+
+# sudoRole user3
+user3 ALL = () ALL
+
+# sudoRole user4
+user4 ALL = () ALL
diff --git a/plugins/sudoers/regress/sudoers/test22.out.ok b/plugins/sudoers/regress/sudoers/test22.out.ok
new file mode 100644
index 0000000..ab43a93
--- /dev/null
+++ b/plugins/sudoers/regress/sudoers/test22.out.ok
@@ -0,0 +1,6 @@
+Parses OK.
+
+user1 ALL = (root) ALL
+user2 ALL = (root) ALL
+user3 ALL = (root) ALL
+user4 ALL = (root) ALL
diff --git a/plugins/sudoers/regress/sudoers/test22.sudo.ok b/plugins/sudoers/regress/sudoers/test22.sudo.ok
new file mode 100644
index 0000000..879e1bd
--- /dev/null
+++ b/plugins/sudoers/regress/sudoers/test22.sudo.ok
@@ -0,0 +1,7 @@
+user1 ALL = () ALL
+
+user2 ALL = () ALL
+
+user3 ALL = () ALL
+
+user4 ALL = () ALL
diff --git a/plugins/sudoers/regress/sudoers/test22.toke.ok b/plugins/sudoers/regress/sudoers/test22.toke.ok
new file mode 100644
index 0000000..baf395b
--- /dev/null
+++ b/plugins/sudoers/regress/sudoers/test22.toke.ok
@@ -0,0 +1,6 @@
+#
+
+WORD(5) ALL = ( : ) ALL 
+WORD(5) ALL = ( : ) ALL 
+WORD(5) ALL = ( ) ALL 
+WORD(5) ALL = ( ) ALL 
diff --git a/plugins/sudoers/regress/sudoers/test3.in b/plugins/sudoers/regress/sudoers/test3.in
new file mode 100644
index 0000000..82fcd83
--- /dev/null
+++ b/plugins/sudoers/regress/sudoers/test3.in
@@ -0,0 +1,6 @@
+# Test whitespace in User_List as part of a per-user Defaults entry
+User_Alias FOO = foo, bar
+Defaults:FOO env_reset
+Defaults:foo,bar env_reset
+Defaults:foo,\ bar env_reset
+Defaults:foo, bar env_reset
diff --git a/plugins/sudoers/regress/sudoers/test3.json.ok b/plugins/sudoers/regress/sudoers/test3.json.ok
new file mode 100644
index 0000000..fc69eb1
--- /dev/null
+++ b/plugins/sudoers/regress/sudoers/test3.json.ok
@@ -0,0 +1,45 @@
+{
+    "Defaults": [
+        {
+            "Binding": [
+                { "useralias": "FOO" }
+            ],
+            "Options": [
+                { "env_reset": true }
+            ]
+        },
+        {
+            "Binding": [
+                { "username": "foo" },
+                { "username": "bar" }
+            ],
+            "Options": [
+                { "env_reset": true }
+            ]
+        },
+        {
+            "Binding": [
+                { "username": "foo" },
+                { "username": " bar" }
+            ],
+            "Options": [
+                { "env_reset": true }
+            ]
+        },
+        {
+            "Binding": [
+                { "username": "foo" },
+                { "username": "bar" }
+            ],
+            "Options": [
+                { "env_reset": true }
+            ]
+        }
+    ],
+    "User_Aliases": {
+        "FOO": [
+            { "username": "foo" },
+            { "username": "bar" }
+        ]
+    }
+}
diff --git a/plugins/sudoers/regress/sudoers/test3.ldif.ok b/plugins/sudoers/regress/sudoers/test3.ldif.ok
new file mode 100644
index 0000000..0aa54be
--- /dev/null
+++ b/plugins/sudoers/regress/sudoers/test3.ldif.ok
@@ -0,0 +1,12 @@
+# Unable to translate stdin:3
+# Defaults:foo, bar env_reset
+
+# Unable to translate stdin:4
+# Defaults:foo, bar env_reset
+
+# Unable to translate stdin:5
+# Defaults:foo, " bar" env_reset
+
+# Unable to translate stdin:6
+# Defaults:foo, bar env_reset
+
diff --git a/plugins/sudoers/regress/sudoers/test3.ldif2sudo.ok b/plugins/sudoers/regress/sudoers/test3.ldif2sudo.ok
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/plugins/sudoers/regress/sudoers/test3.ldif2sudo.ok
diff --git a/plugins/sudoers/regress/sudoers/test3.out.ok b/plugins/sudoers/regress/sudoers/test3.out.ok
new file mode 100644
index 0000000..566aec1
--- /dev/null
+++ b/plugins/sudoers/regress/sudoers/test3.out.ok
@@ -0,0 +1,8 @@
+Parses OK.
+
+Defaults:FOO env_reset
+Defaults:foo, bar env_reset
+Defaults:foo, " bar" env_reset
+Defaults:foo, bar env_reset
+
+User_Alias FOO = foo, bar
diff --git a/plugins/sudoers/regress/sudoers/test3.toke.ok b/plugins/sudoers/regress/sudoers/test3.toke.ok
new file mode 100644
index 0000000..49f2e51
--- /dev/null
+++ b/plugins/sudoers/regress/sudoers/test3.toke.ok
@@ -0,0 +1,6 @@
+#
+USERALIAS ALIAS = WORD(5) , WORD(5) 
+DEFAULTS_USER ALIAS DEFVAR 
+DEFAULTS_USER WORD(5) , WORD(5) DEFVAR 
+DEFAULTS_USER WORD(5) , WORD(5) DEFVAR 
+DEFAULTS_USER WORD(5) , WORD(5) DEFVAR 
diff --git a/plugins/sudoers/regress/sudoers/test4.in b/plugins/sudoers/regress/sudoers/test4.in
new file mode 100644
index 0000000..b8df454
--- /dev/null
+++ b/plugins/sudoers/regress/sudoers/test4.in
@@ -0,0 +1,7 @@
+# Test line continuation with anchored matches
+User_Alias FOO = foo \
+: BAR = bar
+
+# This used to pass for sudo < 1.8.1 (though it should not have)
+User_Alias FOO = foo \
+User_Alias BAR = bar
diff --git a/plugins/sudoers/regress/sudoers/test4.json.ok b/plugins/sudoers/regress/sudoers/test4.json.ok
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/plugins/sudoers/regress/sudoers/test4.json.ok
diff --git a/plugins/sudoers/regress/sudoers/test4.ldif.ok b/plugins/sudoers/regress/sudoers/test4.ldif.ok
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/plugins/sudoers/regress/sudoers/test4.ldif.ok
diff --git a/plugins/sudoers/regress/sudoers/test4.out.ok b/plugins/sudoers/regress/sudoers/test4.out.ok
new file mode 100644
index 0000000..3552d3b
--- /dev/null
+++ b/plugins/sudoers/regress/sudoers/test4.out.ok
@@ -0,0 +1,4 @@
+Parse error in sudoers near line 7.
+
+User_Alias BAR = bar
+User_Alias FOO = foo
diff --git a/plugins/sudoers/regress/sudoers/test4.toke.ok b/plugins/sudoers/regress/sudoers/test4.toke.ok
new file mode 100644
index 0000000..a225792
--- /dev/null
+++ b/plugins/sudoers/regress/sudoers/test4.toke.ok
@@ -0,0 +1,5 @@
+#
+USERALIAS ALIAS = WORD(5) : ALIAS = WORD(5) 
+
+#
+USERALIAS ALIAS = WORD(5) ERROR <*> ALIAS = WORD(5) 
diff --git a/plugins/sudoers/regress/sudoers/test5.in b/plugins/sudoers/regress/sudoers/test5.in
new file mode 100644
index 0000000..354f589
--- /dev/null
+++ b/plugins/sudoers/regress/sudoers/test5.in
@@ -0,0 +1,3 @@
+# Test empty string in User_Alias and Command_Spec
+User_Alias FOO = ""
+"" ALL = ALL
diff --git a/plugins/sudoers/regress/sudoers/test5.json.ok b/plugins/sudoers/regress/sudoers/test5.json.ok
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/plugins/sudoers/regress/sudoers/test5.json.ok
diff --git a/plugins/sudoers/regress/sudoers/test5.ldif.ok b/plugins/sudoers/regress/sudoers/test5.ldif.ok
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/plugins/sudoers/regress/sudoers/test5.ldif.ok
diff --git a/plugins/sudoers/regress/sudoers/test5.out.ok b/plugins/sudoers/regress/sudoers/test5.out.ok
new file mode 100644
index 0000000..3cd2ec8
--- /dev/null
+++ b/plugins/sudoers/regress/sudoers/test5.out.ok
@@ -0,0 +1,2 @@
+Parse error in sudoers near line 2.
+
diff --git a/plugins/sudoers/regress/sudoers/test5.toke.ok b/plugins/sudoers/regress/sudoers/test5.toke.ok
new file mode 100644
index 0000000..9376455
--- /dev/null
+++ b/plugins/sudoers/regress/sudoers/test5.toke.ok
@@ -0,0 +1,3 @@
+#
+USERALIAS ALIAS = BEGINSTR ENDSTR ERROR <*> 
+BEGINSTR ENDSTR ERROR <*> ALL = ALL 
diff --git a/plugins/sudoers/regress/sudoers/test6.in b/plugins/sudoers/regress/sudoers/test6.in
new file mode 100644
index 0000000..e804571
--- /dev/null
+++ b/plugins/sudoers/regress/sudoers/test6.in
@@ -0,0 +1,15 @@
+# Check that uids work in per-user and per-runas Defaults
+Defaults:#123 set_home
+Defaults>#123 set_home
+Defaults:"#123" set_home
+Defaults>"#123" set_home
+
+# Check that uids work in a Command_Spec
+#0 ALL = ALL
+#0 ALL = (#0 : #0) ALL
+"#0" ALL = ALL
+"#0" ALL = ("#0" : "#0") ALL
+
+# Check that gids work in a Command_Spec
+%#0 ALL = ALL
+"%#0" ALL = ALL
diff --git a/plugins/sudoers/regress/sudoers/test6.json.ok b/plugins/sudoers/regress/sudoers/test6.json.ok
new file mode 100644
index 0000000..be1f80f
--- /dev/null
+++ b/plugins/sudoers/regress/sudoers/test6.json.ok
@@ -0,0 +1,158 @@
+{
+    "Defaults": [
+        {
+            "Binding": [
+                { "userid": 123 }
+            ],
+            "Options": [
+                { "set_home": true }
+            ]
+        },
+        {
+            "Binding": [
+                { "userid": 123 }
+            ],
+            "Options": [
+                { "set_home": true }
+            ]
+        },
+        {
+            "Binding": [
+                { "userid": 123 }
+            ],
+            "Options": [
+                { "set_home": true }
+            ]
+        },
+        {
+            "Binding": [
+                { "userid": 123 }
+            ],
+            "Options": [
+                { "set_home": true }
+            ]
+        }
+    ],
+    "User_Specs": [
+        {
+            "User_List": [
+                { "userid": 0 }
+            ],
+            "Host_List": [
+                { "hostname": "ALL" }
+            ],
+            "Cmnd_Specs": [
+                {
+                    "Options": [
+                        { "setenv": true }
+                    ],
+                    "Commands": [
+                        { "command": "ALL" }
+                    ]
+                }
+            ]
+        },
+        {
+            "User_List": [
+                { "userid": 0 }
+            ],
+            "Host_List": [
+                { "hostname": "ALL" }
+            ],
+            "Cmnd_Specs": [
+                {
+                    "runasusers": [
+                        { "userid": 0 }
+                    ],
+                    "runasgroups": [
+                        { "usergroup": "#0" }
+                    ],
+                    "Options": [
+                        { "setenv": true }
+                    ],
+                    "Commands": [
+                        { "command": "ALL" }
+                    ]
+                }
+            ]
+        },
+        {
+            "User_List": [
+                { "userid": 0 }
+            ],
+            "Host_List": [
+                { "hostname": "ALL" }
+            ],
+            "Cmnd_Specs": [
+                {
+                    "Options": [
+                        { "setenv": true }
+                    ],
+                    "Commands": [
+                        { "command": "ALL" }
+                    ]
+                }
+            ]
+        },
+        {
+            "User_List": [
+                { "userid": 0 }
+            ],
+            "Host_List": [
+                { "hostname": "ALL" }
+            ],
+            "Cmnd_Specs": [
+                {
+                    "runasusers": [
+                        { "userid": 0 }
+                    ],
+                    "runasgroups": [
+                        { "usergroup": "#0" }
+                    ],
+                    "Options": [
+                        { "setenv": true }
+                    ],
+                    "Commands": [
+                        { "command": "ALL" }
+                    ]
+                }
+            ]
+        },
+        {
+            "User_List": [
+                { "usergid": 0 }
+            ],
+            "Host_List": [
+                { "hostname": "ALL" }
+            ],
+            "Cmnd_Specs": [
+                {
+                    "Options": [
+                        { "setenv": true }
+                    ],
+                    "Commands": [
+                        { "command": "ALL" }
+                    ]
+                }
+            ]
+        },
+        {
+            "User_List": [
+                { "usergid": 0 }
+            ],
+            "Host_List": [
+                { "hostname": "ALL" }
+            ],
+            "Cmnd_Specs": [
+                {
+                    "Options": [
+                        { "setenv": true }
+                    ],
+                    "Commands": [
+                        { "command": "ALL" }
+                    ]
+                }
+            ]
+        }
+    ]
+}
diff --git a/plugins/sudoers/regress/sudoers/test6.ldif.ok b/plugins/sudoers/regress/sudoers/test6.ldif.ok
new file mode 100644
index 0000000..c4e11e4
--- /dev/null
+++ b/plugins/sudoers/regress/sudoers/test6.ldif.ok
@@ -0,0 +1,70 @@
+# Unable to translate stdin:2
+# Defaults:#123 set_home
+
+# Unable to translate stdin:3
+# Defaults>#123 set_home
+
+# Unable to translate stdin:4
+# Defaults:#123 set_home
+
+# Unable to translate stdin:5
+# Defaults>#123 set_home
+
+dn: cn=\#0,ou=SUDOers,dc=sudo,dc=ws
+objectClass: top
+objectClass: sudoRole
+cn: \#0
+sudoUser: #0
+sudoHost: ALL
+sudoCommand: ALL
+sudoOrder: 1
+
+dn: cn=\#0_1,ou=SUDOers,dc=sudo,dc=ws
+objectClass: top
+objectClass: sudoRole
+cn: \#0_1
+sudoUser: #0
+sudoHost: ALL
+sudoRunAsUser: #0
+sudoRunAsGroup: #0
+sudoCommand: ALL
+sudoOrder: 2
+
+dn: cn=\#0_2,ou=SUDOers,dc=sudo,dc=ws
+objectClass: top
+objectClass: sudoRole
+cn: \#0_2
+sudoUser: #0
+sudoHost: ALL
+sudoCommand: ALL
+sudoOrder: 3
+
+dn: cn=\#0_3,ou=SUDOers,dc=sudo,dc=ws
+objectClass: top
+objectClass: sudoRole
+cn: \#0_3
+sudoUser: #0
+sudoHost: ALL
+sudoRunAsUser: #0
+sudoRunAsGroup: #0
+sudoCommand: ALL
+sudoOrder: 4
+
+dn: cn=%\#0,ou=SUDOers,dc=sudo,dc=ws
+objectClass: top
+objectClass: sudoRole
+cn: %\#0
+sudoUser: %#0
+sudoHost: ALL
+sudoCommand: ALL
+sudoOrder: 5
+
+dn: cn=%\#0_1,ou=SUDOers,dc=sudo,dc=ws
+objectClass: top
+objectClass: sudoRole
+cn: %\#0_1
+sudoUser: %#0
+sudoHost: ALL
+sudoCommand: ALL
+sudoOrder: 6
+
diff --git a/plugins/sudoers/regress/sudoers/test6.ldif2sudo.ok b/plugins/sudoers/regress/sudoers/test6.ldif2sudo.ok
new file mode 100644
index 0000000..bfe40bb
--- /dev/null
+++ b/plugins/sudoers/regress/sudoers/test6.ldif2sudo.ok
@@ -0,0 +1,5 @@
+# sudoRole #0, #0_1, #0_2, #0_3
+#0 ALL = ALL, (#0 : #0) ALL, ALL, (#0 : #0) ALL
+
+# sudoRole %#0, %#0_1
+%#0 ALL = ALL, ALL
diff --git a/plugins/sudoers/regress/sudoers/test6.out.ok b/plugins/sudoers/regress/sudoers/test6.out.ok
new file mode 100644
index 0000000..ccc1627
--- /dev/null
+++ b/plugins/sudoers/regress/sudoers/test6.out.ok
@@ -0,0 +1,13 @@
+Parses OK.
+
+Defaults:#123 set_home
+Defaults>#123 set_home
+Defaults:#123 set_home
+Defaults>#123 set_home
+
+#0 ALL = ALL
+#0 ALL = (#0 : #0) ALL
+#0 ALL = ALL
+#0 ALL = (#0 : #0) ALL
+%#0 ALL = ALL
+%#0 ALL = ALL
diff --git a/plugins/sudoers/regress/sudoers/test6.toke.ok b/plugins/sudoers/regress/sudoers/test6.toke.ok
new file mode 100644
index 0000000..a9c0522
--- /dev/null
+++ b/plugins/sudoers/regress/sudoers/test6.toke.ok
@@ -0,0 +1,15 @@
+#
+DEFAULTS_USER WORD(5) DEFVAR 
+DEFAULTS_RUNAS WORD(5) DEFVAR 
+DEFAULTS_USER BEGINSTR STRBODY ENDSTR WORD(4) DEFVAR 
+DEFAULTS_RUNAS BEGINSTR STRBODY ENDSTR WORD(4) DEFVAR 
+
+#
+WORD(5) ALL = ALL 
+WORD(5) ALL = ( WORD(5) : WORD(5) ) ALL 
+BEGINSTR STRBODY ENDSTR WORD(4) ALL = ALL 
+BEGINSTR STRBODY ENDSTR WORD(4) ALL = ( BEGINSTR STRBODY ENDSTR WORD(4) : BEGINSTR STRBODY ENDSTR WORD(4) ) ALL 
+
+#
+USERGROUP ALL = ALL 
+BEGINSTR STRBODY ENDSTR USERGROUP ALL = ALL 
diff --git a/plugins/sudoers/regress/sudoers/test7.in b/plugins/sudoers/regress/sudoers/test7.in
new file mode 100644
index 0000000..7b241d0
--- /dev/null
+++ b/plugins/sudoers/regress/sudoers/test7.in
@@ -0,0 +1,7 @@
+# These should all be syntax errors
+User_Alias FOO1 = "%"
+User_Alias FOO2 = "%:"
+User_Alias FOO3 = "+"
+User_Alias FOO4 = %
+User_Alias FOO5 = %:
+User_Alias FOO6 = +
diff --git a/plugins/sudoers/regress/sudoers/test7.json.ok b/plugins/sudoers/regress/sudoers/test7.json.ok
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/plugins/sudoers/regress/sudoers/test7.json.ok
diff --git a/plugins/sudoers/regress/sudoers/test7.ldif.ok b/plugins/sudoers/regress/sudoers/test7.ldif.ok
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/plugins/sudoers/regress/sudoers/test7.ldif.ok
diff --git a/plugins/sudoers/regress/sudoers/test7.out.ok b/plugins/sudoers/regress/sudoers/test7.out.ok
new file mode 100644
index 0000000..3cd2ec8
--- /dev/null
+++ b/plugins/sudoers/regress/sudoers/test7.out.ok
@@ -0,0 +1,2 @@
+Parse error in sudoers near line 2.
+
diff --git a/plugins/sudoers/regress/sudoers/test7.toke.ok b/plugins/sudoers/regress/sudoers/test7.toke.ok
new file mode 100644
index 0000000..a5bf018
--- /dev/null
+++ b/plugins/sudoers/regress/sudoers/test7.toke.ok
@@ -0,0 +1,7 @@
+#
+USERALIAS ALIAS = BEGINSTR STRBODY ENDSTR ERROR <*> 
+USERALIAS ALIAS = BEGINSTR STRBODY ENDSTR ERROR <*> 
+USERALIAS ALIAS = BEGINSTR STRBODY ENDSTR ERROR <*> 
+USERALIAS ALIAS = ERROR <*> 
+USERALIAS ALIAS = ERROR <*> 
+USERALIAS ALIAS = ERROR <*> 
diff --git a/plugins/sudoers/regress/sudoers/test8.in b/plugins/sudoers/regress/sudoers/test8.in
new file mode 100644
index 0000000..d25e834
--- /dev/null
+++ b/plugins/sudoers/regress/sudoers/test8.in
@@ -0,0 +1,8 @@
+# Test quoted strings
+User_Alias UA1 = "xy"
+User_Alias UA2 = "x\
+y"
+User_Alias UA3 = x\"y
+
+# A newline in the middle of a string is an error
+User_Alias UA4 = "x
diff --git a/plugins/sudoers/regress/sudoers/test8.json.ok b/plugins/sudoers/regress/sudoers/test8.json.ok
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/plugins/sudoers/regress/sudoers/test8.json.ok
diff --git a/plugins/sudoers/regress/sudoers/test8.ldif.ok b/plugins/sudoers/regress/sudoers/test8.ldif.ok
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/plugins/sudoers/regress/sudoers/test8.ldif.ok
diff --git a/plugins/sudoers/regress/sudoers/test8.out.ok b/plugins/sudoers/regress/sudoers/test8.out.ok
new file mode 100644
index 0000000..2ae8c6b
--- /dev/null
+++ b/plugins/sudoers/regress/sudoers/test8.out.ok
@@ -0,0 +1,5 @@
+Parse error in sudoers near line 8.
+
+User_Alias UA1 = xy
+User_Alias UA2 = xy
+User_Alias UA3 = x\"y
diff --git a/plugins/sudoers/regress/sudoers/test8.toke.ok b/plugins/sudoers/regress/sudoers/test8.toke.ok
new file mode 100644
index 0000000..0f7e2a9
--- /dev/null
+++ b/plugins/sudoers/regress/sudoers/test8.toke.ok
@@ -0,0 +1,7 @@
+#
+USERALIAS ALIAS = BEGINSTR STRBODY ENDSTR WORD(4) 
+USERALIAS ALIAS = BEGINSTR STRBODY STRBODY ENDSTR WORD(4) 
+USERALIAS ALIAS = WORD(5) 
+
+#
+USERALIAS ALIAS = BEGINSTR STRBODY ERROR <*> ERROR 
\ No newline at end of file
diff --git a/plugins/sudoers/regress/sudoers/test9.in b/plugins/sudoers/regress/sudoers/test9.in
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/plugins/sudoers/regress/sudoers/test9.in
diff --git a/plugins/sudoers/regress/sudoers/test9.json.ok b/plugins/sudoers/regress/sudoers/test9.json.ok
new file mode 100644
index 0000000..2c63c08
--- /dev/null
+++ b/plugins/sudoers/regress/sudoers/test9.json.ok
@@ -0,0 +1,2 @@
+{
+}
diff --git a/plugins/sudoers/regress/sudoers/test9.ldif.ok b/plugins/sudoers/regress/sudoers/test9.ldif.ok
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/plugins/sudoers/regress/sudoers/test9.ldif.ok
diff --git a/plugins/sudoers/regress/sudoers/test9.out.ok b/plugins/sudoers/regress/sudoers/test9.out.ok
new file mode 100644
index 0000000..40c742d
--- /dev/null
+++ b/plugins/sudoers/regress/sudoers/test9.out.ok
@@ -0,0 +1,2 @@
+Parses OK.
+
diff --git a/plugins/sudoers/regress/sudoers/test9.toke.ok b/plugins/sudoers/regress/sudoers/test9.toke.ok
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/plugins/sudoers/regress/sudoers/test9.toke.ok
diff --git a/plugins/sudoers/regress/testsudoers/group b/plugins/sudoers/regress/testsudoers/group
new file mode 100644
index 0000000..e2202d6
--- /dev/null
+++ b/plugins/sudoers/regress/testsudoers/group
@@ -0,0 +1,15 @@
+wheel:*:0:root
+daemon:*:1:daemon
+kmem:*:2:root
+sys:*:3:root
+tty:*:4:root
+operator:*:5:root
+bin:*:7:
+wsrc:*:9:
+users:*:10:
+auth:*:11:
+games:*:13:
+staff:*:20:root
+guest:*:31:root
+nogroup:*:32766:
+nobody:*:32767:
diff --git a/plugins/sudoers/regress/testsudoers/test1.out.ok b/plugins/sudoers/regress/testsudoers/test1.out.ok
new file mode 100644
index 0000000..f980873
--- /dev/null
+++ b/plugins/sudoers/regress/testsudoers/test1.out.ok
@@ -0,0 +1,8 @@
+Parses OK.
+
+Entries for user root:
+
+ALL = ALL
+	host  matched
+
+Command unmatched
diff --git a/plugins/sudoers/regress/testsudoers/test1.sh b/plugins/sudoers/regress/testsudoers/test1.sh
new file mode 100755
index 0000000..fb99a91
--- /dev/null
+++ b/plugins/sudoers/regress/testsudoers/test1.sh
@@ -0,0 +1,13 @@
+#!/bin/sh
+#
+# Test for NULL dereference with "sudo -g group" when the sudoers rule
+# has no runas user or group listed.
+# This is RedHat bug Bug 667103.
+#
+
+exec 2>&1
+./testsudoers -g bin -P ${TESTDIR}/group root id <<EOF
+root ALL = ALL
+EOF
+
+exit 0
diff --git a/plugins/sudoers/regress/testsudoers/test2.inc b/plugins/sudoers/regress/testsudoers/test2.inc
new file mode 100644
index 0000000..52ca040
--- /dev/null
+++ b/plugins/sudoers/regress/testsudoers/test2.inc
@@ -0,0 +1 @@
+root ALL = ALL
diff --git a/plugins/sudoers/regress/testsudoers/test2.out.ok b/plugins/sudoers/regress/testsudoers/test2.out.ok
new file mode 100644
index 0000000..eabeb20
--- /dev/null
+++ b/plugins/sudoers/regress/testsudoers/test2.out.ok
@@ -0,0 +1,10 @@
+Parses OK.
+
+Entries for user root:
+
+ALL = ALL
+	host  matched
+	runas matched
+	cmnd  allowed
+
+Command allowed
diff --git a/plugins/sudoers/regress/testsudoers/test2.sh b/plugins/sudoers/regress/testsudoers/test2.sh
new file mode 100755
index 0000000..d76cfbb
--- /dev/null
+++ b/plugins/sudoers/regress/testsudoers/test2.sh
@@ -0,0 +1,13 @@
+#!/bin/sh
+#
+# Test #include facility
+#
+
+MYUID=`\ls -ln $TESTDIR/test2.inc | awk '{print $3}'`
+MYGID=`\ls -ln $TESTDIR/test2.inc | awk '{print $4}'`
+exec 2>&1
+./testsudoers -U $MYUID -G $MYGID root id <<EOF
+#include $TESTDIR/test2.inc
+EOF
+
+exit 0
diff --git a/plugins/sudoers/regress/testsudoers/test3.d/root b/plugins/sudoers/regress/testsudoers/test3.d/root
new file mode 100644
index 0000000..52ca040
--- /dev/null
+++ b/plugins/sudoers/regress/testsudoers/test3.d/root
@@ -0,0 +1 @@
+root ALL = ALL
diff --git a/plugins/sudoers/regress/testsudoers/test3.out.ok b/plugins/sudoers/regress/testsudoers/test3.out.ok
new file mode 100644
index 0000000..eabeb20
--- /dev/null
+++ b/plugins/sudoers/regress/testsudoers/test3.out.ok
@@ -0,0 +1,10 @@
+Parses OK.
+
+Entries for user root:
+
+ALL = ALL
+	host  matched
+	runas matched
+	cmnd  allowed
+
+Command allowed
diff --git a/plugins/sudoers/regress/testsudoers/test3.sh b/plugins/sudoers/regress/testsudoers/test3.sh
new file mode 100755
index 0000000..c1251b9
--- /dev/null
+++ b/plugins/sudoers/regress/testsudoers/test3.sh
@@ -0,0 +1,13 @@
+#!/bin/sh
+#
+# Test #include facility
+#
+
+MYUID=`\ls -lnd $TESTDIR/test3.d | awk '{print $3}'`
+MYGID=`\ls -lnd $TESTDIR/test3.d | awk '{print $4}'`
+exec 2>&1
+./testsudoers -U $MYUID -G $MYGID root id <<EOF
+#includedir $TESTDIR/test3.d
+EOF
+
+exit 0
diff --git a/plugins/sudoers/regress/testsudoers/test4.out.ok b/plugins/sudoers/regress/testsudoers/test4.out.ok
new file mode 100644
index 0000000..6b27d71
--- /dev/null
+++ b/plugins/sudoers/regress/testsudoers/test4.out.ok
@@ -0,0 +1,6 @@
+testsudoers: test2.inc should be owned by uid 1
+Parse error in sudoers near line 1.
+
+Entries for user root:
+
+Command unmatched
diff --git a/plugins/sudoers/regress/testsudoers/test4.sh b/plugins/sudoers/regress/testsudoers/test4.sh
new file mode 100755
index 0000000..3eaaa1d
--- /dev/null
+++ b/plugins/sudoers/regress/testsudoers/test4.sh
@@ -0,0 +1,14 @@
+#!/bin/sh
+#
+# Test sudoers owner check
+#
+
+# Avoid warnings about memory leaks when there is a syntax error
+ASAN_OPTIONS=detect_leaks=0; export ASAN_OPTIONS
+
+exec 2>&1
+./testsudoers -U 1 root id <<EOF
+#include $TESTDIR/test2.inc
+EOF
+
+exit 0
diff --git a/plugins/sudoers/regress/testsudoers/test5.out.ok b/plugins/sudoers/regress/testsudoers/test5.out.ok
new file mode 100644
index 0000000..5e319c9
--- /dev/null
+++ b/plugins/sudoers/regress/testsudoers/test5.out.ok
@@ -0,0 +1,12 @@
+testsudoers: test5.inc is world writable
+Parse error in sudoers near line 1.
+
+Entries for user root:
+
+Command unmatched
+testsudoers: test5.inc should be owned by gid 4294967295
+Parse error in sudoers near line 1.
+
+Entries for user root:
+
+Command unmatched
diff --git a/plugins/sudoers/regress/testsudoers/test5.sh b/plugins/sudoers/regress/testsudoers/test5.sh
new file mode 100755
index 0000000..9e690a6
--- /dev/null
+++ b/plugins/sudoers/regress/testsudoers/test5.sh
@@ -0,0 +1,32 @@
+#!/bin/sh
+#
+# Test sudoers file mode check
+#
+
+# Avoid warnings about memory leaks when there is a syntax error
+ASAN_OPTIONS=detect_leaks=0; export ASAN_OPTIONS
+
+# Create test file
+TESTFILE=`pwd`/regress/testsudoers/test5.inc
+cat >$TESTFILE <<EOF
+root ALL = ALL
+EOF
+
+MYUID=`\ls -ln $TESTFILE | awk '{print $3}'`
+MYGID=`\ls -ln $TESTFILE | awk '{print $4}'`
+exec 2>&1
+
+# Test world writable
+chmod 666 $TESTFILE
+./testsudoers -U $MYUID -G $MYGID root id <<EOF
+#include $TESTFILE
+EOF
+
+# Test group writable
+chmod 664 $TESTFILE
+./testsudoers -U $MYUID -G -1 root id <<EOF
+#include $TESTFILE
+EOF
+
+rm -f $TESTFILE
+exit 0
diff --git a/plugins/sudoers/regress/testsudoers/test6.out.ok b/plugins/sudoers/regress/testsudoers/test6.out.ok
new file mode 100644
index 0000000..eabeb20
--- /dev/null
+++ b/plugins/sudoers/regress/testsudoers/test6.out.ok
@@ -0,0 +1,10 @@
+Parses OK.
+
+Entries for user root:
+
+ALL = ALL
+	host  matched
+	runas matched
+	cmnd  allowed
+
+Command allowed
diff --git a/plugins/sudoers/regress/testsudoers/test6.sh b/plugins/sudoers/regress/testsudoers/test6.sh
new file mode 100755
index 0000000..ee9f93d
--- /dev/null
+++ b/plugins/sudoers/regress/testsudoers/test6.sh
@@ -0,0 +1,11 @@
+#!/bin/sh
+#
+# Verify sudoers matching by uid.
+#
+
+exec 2>&1
+./testsudoers root id <<EOF
+#0 ALL = ALL
+EOF
+
+exit 0
diff --git a/plugins/sudoers/regress/testsudoers/test7.out.ok b/plugins/sudoers/regress/testsudoers/test7.out.ok
new file mode 100644
index 0000000..eabeb20
--- /dev/null
+++ b/plugins/sudoers/regress/testsudoers/test7.out.ok
@@ -0,0 +1,10 @@
+Parses OK.
+
+Entries for user root:
+
+ALL = ALL
+	host  matched
+	runas matched
+	cmnd  allowed
+
+Command allowed
diff --git a/plugins/sudoers/regress/testsudoers/test7.sh b/plugins/sudoers/regress/testsudoers/test7.sh
new file mode 100755
index 0000000..4975245
--- /dev/null
+++ b/plugins/sudoers/regress/testsudoers/test7.sh
@@ -0,0 +1,11 @@
+#!/bin/sh
+#
+# Verify sudoers matching by gid.
+#
+
+exec 2>&1
+./testsudoers root id <<EOF
+%#0 ALL = ALL
+EOF
+
+exit 0
diff --git a/plugins/sudoers/regress/visudo/test1.out.ok b/plugins/sudoers/regress/visudo/test1.out.ok
new file mode 100644
index 0000000..e5c355c
--- /dev/null
+++ b/plugins/sudoers/regress/visudo/test1.out.ok
@@ -0,0 +1 @@
+stdin: parsed OK
diff --git a/plugins/sudoers/regress/visudo/test1.sh b/plugins/sudoers/regress/visudo/test1.sh
new file mode 100755
index 0000000..c922e35
--- /dev/null
+++ b/plugins/sudoers/regress/visudo/test1.sh
@@ -0,0 +1,12 @@
+#!/bin/sh
+#
+# Sudo Bug 519:
+# Visudo in strict mode reports "parse error" even if there is no error
+#
+
+./visudo -csf - <<EOF
+User_Alias FOO = nobody
+FOO ALL=(ALL) NOPASSWD: ALL
+EOF
+
+exit 0
diff --git a/plugins/sudoers/regress/visudo/test10.out.ok b/plugins/sudoers/regress/visudo/test10.out.ok
new file mode 100644
index 0000000..e5c355c
--- /dev/null
+++ b/plugins/sudoers/regress/visudo/test10.out.ok
@@ -0,0 +1 @@
+stdin: parsed OK
diff --git a/plugins/sudoers/regress/visudo/test10.sh b/plugins/sudoers/regress/visudo/test10.sh
new file mode 100755
index 0000000..ea0ca41
--- /dev/null
+++ b/plugins/sudoers/regress/visudo/test10.sh
@@ -0,0 +1,11 @@
+#!/bin/sh
+#
+# Test parsing of NOTBEFORE/NOTAFTER using local time zone
+#
+
+./visudo -cf - <<-EOF
+	user1	ALL = NOTBEFORE=20151201235900 /usr/bin/id
+	user2	ALL = NOTBEFORE=20151201235900.2 /usr/bin/id
+	user3	ALL = NOTBEFORE=20151201235900\,2 /usr/bin/id
+	user4	ALL = NOTBEFORE=2015120123 /usr/bin/id
+	EOF
diff --git a/plugins/sudoers/regress/visudo/test2.err.ok b/plugins/sudoers/regress/visudo/test2.err.ok
new file mode 100644
index 0000000..38189df
--- /dev/null
+++ b/plugins/sudoers/regress/visudo/test2.err.ok
@@ -0,0 +1 @@
+Error: stdin:1 cycle in User_Alias "FOO"
diff --git a/plugins/sudoers/regress/visudo/test2.out.ok b/plugins/sudoers/regress/visudo/test2.out.ok
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/plugins/sudoers/regress/visudo/test2.out.ok
diff --git a/plugins/sudoers/regress/visudo/test2.sh b/plugins/sudoers/regress/visudo/test2.sh
new file mode 100755
index 0000000..41d3711
--- /dev/null
+++ b/plugins/sudoers/regress/visudo/test2.sh
@@ -0,0 +1,15 @@
+#!/bin/sh
+#
+# Test cycle detection
+# Prior to sudo 1.8.6p5 this resulted in a core dump (stack smash)
+# The names of the aliases (or rather their lexical order) is important.
+#
+
+./visudo -csf - <<EOF
+User_Alias YYY = FOO
+User_Alias XXX = nobody
+User_Alias FOO = XXX, YYY
+FOO ALL = ALL
+EOF
+
+exit 0
diff --git a/plugins/sudoers/regress/visudo/test3.err.ok b/plugins/sudoers/regress/visudo/test3.err.ok
new file mode 100644
index 0000000..8390f86
--- /dev/null
+++ b/plugins/sudoers/regress/visudo/test3.err.ok
@@ -0,0 +1,2 @@
+Warning: stdin:1 unused User_Alias "A"
+Warning: stdin:2 unused User_Alias "B"
diff --git a/plugins/sudoers/regress/visudo/test3.out.ok b/plugins/sudoers/regress/visudo/test3.out.ok
new file mode 100644
index 0000000..e5c355c
--- /dev/null
+++ b/plugins/sudoers/regress/visudo/test3.out.ok
@@ -0,0 +1 @@
+stdin: parsed OK
diff --git a/plugins/sudoers/regress/visudo/test3.sh b/plugins/sudoers/regress/visudo/test3.sh
new file mode 100755
index 0000000..b316e9f
--- /dev/null
+++ b/plugins/sudoers/regress/visudo/test3.sh
@@ -0,0 +1,35 @@
+#!/bin/sh
+#
+# Sudo Bug 361:
+# Excerises a bug in the redblack tree code.
+#
+
+./visudo -cf - <<EOF
+User_Alias	A=a
+User_Alias	B=a
+User_Alias	C=a
+User_Alias	D=a
+User_Alias	E=a
+User_Alias	F=a
+User_Alias	G=a
+User_Alias	H=a
+User_Alias	I=a
+User_Alias	J=a
+User_Alias	K=a
+User_Alias	L=a
+User_Alias	M=a
+
+C	ALL=(ALL) ALL
+E	ALL=(ALL) ALL
+J	ALL=(ALL) ALL
+D	ALL=(ALL) ALL
+L	ALL=(ALL) ALL
+H	ALL=(ALL) ALL
+F	ALL=(ALL) ALL
+G	ALL=(ALL) ALL
+M	ALL=(ALL) ALL
+K	ALL=(ALL) ALL
+I	ALL=(ALL) ALL
+EOF
+
+exit 0
diff --git a/plugins/sudoers/regress/visudo/test4.out.ok b/plugins/sudoers/regress/visudo/test4.out.ok
new file mode 100644
index 0000000..e5c355c
--- /dev/null
+++ b/plugins/sudoers/regress/visudo/test4.out.ok
@@ -0,0 +1 @@
+stdin: parsed OK
diff --git a/plugins/sudoers/regress/visudo/test4.sh b/plugins/sudoers/regress/visudo/test4.sh
new file mode 100755
index 0000000..6f66b66
--- /dev/null
+++ b/plugins/sudoers/regress/visudo/test4.sh
@@ -0,0 +1,14 @@
+#!/bin/sh
+#
+# Test cycle detection and duplicate entries.
+# Prior to sudo 1.8.7 this resulted in a false positive.
+#
+
+./visudo -csf - <<EOF
+Host_Alias H1 = host1
+Host_Alias H2 = H1, host2
+Host_Alias H3 = H1, H2
+root H3 = ALL
+EOF
+
+exit 0
diff --git a/plugins/sudoers/regress/visudo/test5.out.ok b/plugins/sudoers/regress/visudo/test5.out.ok
new file mode 100644
index 0000000..e5c355c
--- /dev/null
+++ b/plugins/sudoers/regress/visudo/test5.out.ok
@@ -0,0 +1 @@
+stdin: parsed OK
diff --git a/plugins/sudoers/regress/visudo/test5.sh b/plugins/sudoers/regress/visudo/test5.sh
new file mode 100755
index 0000000..29364ea
--- /dev/null
+++ b/plugins/sudoers/regress/visudo/test5.sh
@@ -0,0 +1,8 @@
+#!/bin/sh
+#
+# Test comment on the last line with no newline
+#
+
+printf "# one comment\n#two comments" | ./visudo -csf -
+
+exit 0
diff --git a/plugins/sudoers/regress/visudo/test6.out.ok b/plugins/sudoers/regress/visudo/test6.out.ok
new file mode 100644
index 0000000..e5c355c
--- /dev/null
+++ b/plugins/sudoers/regress/visudo/test6.out.ok
@@ -0,0 +1 @@
+stdin: parsed OK
diff --git a/plugins/sudoers/regress/visudo/test6.sh b/plugins/sudoers/regress/visudo/test6.sh
new file mode 100755
index 0000000..596f5a1
--- /dev/null
+++ b/plugins/sudoers/regress/visudo/test6.sh
@@ -0,0 +1,25 @@
+#!/bin/sh
+#
+# Verify parsing of Defaults syntax
+#
+
+./visudo -csf - <<EOF
+Defaults		syslog=auth
+Defaults>root		!set_logname
+Defaults:FULLTIMERS	!lecture
+Defaults:millert	!authenticate
+Defaults@SERVERS	log_year, logfile=/var/log/sudo.log
+Defaults!PAGERS		noexec
+
+Defaults		env_keep -= "HOME"
+Defaults		env_keep =  "COLORS DISPLAY HOSTNAME HISTSIZE KDEDIR LS_COLORS"
+Defaults		env_keep += "MAIL PS1 PS2 QTDIR LANG LC_ADDRESS LC_CTYPE"
+
+User_Alias		FULLTIMERS = millert, mikef, dowdy
+
+Cmnd_Alias		PAGERS = /usr/bin/more, /usr/bin/pg, /usr/bin/less
+
+Host_Alias		SERVERS = master, mail, www, ns
+EOF
+
+exit 0
diff --git a/plugins/sudoers/regress/visudo/test7.out.ok b/plugins/sudoers/regress/visudo/test7.out.ok
new file mode 100644
index 0000000..e5c355c
--- /dev/null
+++ b/plugins/sudoers/regress/visudo/test7.out.ok
@@ -0,0 +1 @@
+stdin: parsed OK
diff --git a/plugins/sudoers/regress/visudo/test7.sh b/plugins/sudoers/regress/visudo/test7.sh
new file mode 100755
index 0000000..9f30923
--- /dev/null
+++ b/plugins/sudoers/regress/visudo/test7.sh
@@ -0,0 +1,29 @@
+#!/bin/sh
+#
+# Test sudoers_locale early Defaults
+#
+
+LANG=C; export LANG
+LC_NUMERIC=fr_FR.UTF-8; export LC_NUMERIC
+
+# First check that visudo supports non-C locales
+# Note that older versions of sudo did not set the locale
+# until sudoers was read so this check will fail on them.
+./visudo -csf - >/dev/null 2>&1 <<-EOF
+	Defaults    sudoers_locale = fr_FR.UTF-8
+	Defaults    passwd_timeout = "2,5"
+	EOF
+
+# Now make sure we can set passwd_timeout to a floating point value
+# using a non-C locale.
+if [ $? -eq 0 ]; then
+    ./visudo -csf - <<-EOF
+	Defaults    passwd_timeout = "2,5"
+	Defaults    sudoers_locale = fr_FR.UTF-8
+	EOF
+else
+    # No support for LC_NUMERIC?
+    echo "stdin: parsed OK"
+fi
+
+exit 0
diff --git a/plugins/sudoers/regress/visudo/test8.err.ok b/plugins/sudoers/regress/visudo/test8.err.ok
new file mode 100644
index 0000000..e8a2b18
--- /dev/null
+++ b/plugins/sudoers/regress/visudo/test8.err.ok
@@ -0,0 +1 @@
+visudo: stdin:1 value "2.5" is invalid for option "passwd_timeout"
diff --git a/plugins/sudoers/regress/visudo/test8.out.ok b/plugins/sudoers/regress/visudo/test8.out.ok
new file mode 100644
index 0000000..16ebc45
--- /dev/null
+++ b/plugins/sudoers/regress/visudo/test8.out.ok
@@ -0,0 +1 @@
+parse error in stdin near line 1
diff --git a/plugins/sudoers/regress/visudo/test8.sh b/plugins/sudoers/regress/visudo/test8.sh
new file mode 100755
index 0000000..6674a55
--- /dev/null
+++ b/plugins/sudoers/regress/visudo/test8.sh
@@ -0,0 +1,30 @@
+#!/bin/sh
+#
+# Test sudoers_locale early Defaults
+#
+
+LANG=C; export LANG
+LC_NUMERIC=fr_FR.UTF-8; export LC_NUMERIC
+
+# First check that visudo supports non-C locales
+# Note that older versions of sudo did not set the locale
+# until sudoers was read so this check will fail on them.
+./visudo -csf - >/dev/null 2>&1 <<-EOF
+	Defaults    sudoers_locale = fr_FR.UTF-8
+	Defaults    passwd_timeout = "2,5"
+	EOF
+
+# Now make sure we can set passwd_timeout to a floating point value
+# using a non-C locale.
+if [ $? -eq 0 ]; then
+    ./visudo -csf - <<-EOF
+	Defaults    passwd_timeout = "2.5"
+	Defaults    sudoers_locale = fr_FR.UTF-8
+	EOF
+else
+    # No support for LC_NUMERIC?
+    echo "parse error in stdin near line 1"
+    echo 'visudo: stdin:1 value "2.5" is invalid for option "passwd_timeout"' 1>&2
+fi
+
+exit 0
diff --git a/plugins/sudoers/regress/visudo/test9.out.ok b/plugins/sudoers/regress/visudo/test9.out.ok
new file mode 100644
index 0000000..e5c355c
--- /dev/null
+++ b/plugins/sudoers/regress/visudo/test9.out.ok
@@ -0,0 +1 @@
+stdin: parsed OK
diff --git a/plugins/sudoers/regress/visudo/test9.sh b/plugins/sudoers/regress/visudo/test9.sh
new file mode 100755
index 0000000..d62fb88
--- /dev/null
+++ b/plugins/sudoers/regress/visudo/test9.sh
@@ -0,0 +1,12 @@
+#!/bin/sh
+#
+# Test IP and network address in host-based Defaults statements
+# Bugzilla #766
+#
+
+./visudo -cf - <<-EOF
+	Defaults@127.0.0.1 !authenticate
+	Defaults@10.0.0.0/8 !always_set_home
+	EOF
+
+exit 0
diff --git a/plugins/sudoers/set_perms.c b/plugins/sudoers/set_perms.c
new file mode 100644
index 0000000..5b83488
--- /dev/null
+++ b/plugins/sudoers/set_perms.c
@@ -0,0 +1,1710 @@
+/*
+ * Copyright (c) 1994-1996, 1998-2017 Todd C. Miller <Todd.Miller@sudo.ws>
+ *
+ * Permission to use, copy, modify, and distribute this software for any
+ * purpose with or without fee is hereby granted, provided that the above
+ * copyright notice and this permission notice appear in all copies.
+ *
+ * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
+ * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
+ * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
+ * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
+ * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
+ * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
+ * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
+ *
+ * Sponsored in part by the Defense Advanced Research Projects
+ * Agency (DARPA) and Air Force Research Laboratory, Air Force
+ * Materiel Command, USAF, under agreement number F39502-99-1-0512.
+ */
+
+/*
+ * This is an open source non-commercial project. Dear PVS-Studio, please check it.
+ * PVS-Studio Static Code Analyzer for C, C++ and C#: http://www.viva64.com
+ */
+
+#include <config.h>
+
+#include <sys/types.h>
+#include <sys/stat.h>
+#include <stdio.h>
+#include <stdlib.h>
+#ifdef HAVE_STRING_H
+# include <string.h>
+#endif /* HAVE_STRING_H */
+#ifdef HAVE_STRINGS_H
+# include <strings.h>
+#endif /* HAVE_STRINGS_H */
+#include <unistd.h>
+#ifdef _AIX
+# include <sys/id.h>
+#endif
+#include <pwd.h>
+#include <errno.h>
+#include <grp.h>
+
+#include "sudoers.h"
+
+/*
+ * Prototypes
+ */
+#if defined(HAVE_SETRESUID) || defined(HAVE_SETREUID) || defined(HAVE_SETEUID)
+static struct gid_list *runas_setgroups(void);
+#endif
+
+/*
+ * We keep track of the current permisstions and use a stack to restore
+ * the old permissions.  A depth of 16 is overkill.
+ */
+struct perm_state {
+    uid_t ruid;
+    uid_t euid;
+#if defined(HAVE_SETRESUID) || defined(ID_SAVED)
+    uid_t suid;
+#endif
+    gid_t rgid;
+    gid_t egid;
+#if defined(HAVE_SETRESUID) || defined(ID_SAVED)
+    gid_t sgid;
+#endif
+    struct gid_list *gidlist;
+};
+
+#define PERM_STACK_MAX	16
+static struct perm_state perm_stack[PERM_STACK_MAX];
+static int perm_stack_depth = 0;
+
+#undef ID
+#define ID(x) (state->x == ostate->x ? (uid_t)-1 : state->x)
+#undef OID
+#define OID(x) (ostate->x == state->x ? (uid_t)-1 : ostate->x)
+
+bool
+rewind_perms(void)
+{
+    debug_decl(rewind_perms, SUDOERS_DEBUG_PERMS)
+
+    if (perm_stack_depth != 0) {
+	while (perm_stack_depth > 1) {
+	    if (!restore_perms())
+		debug_return_bool(false);
+	}
+	sudo_gidlist_delref(perm_stack[0].gidlist);
+    }
+
+    debug_return_bool(true);
+}
+
+#if defined(HAVE_SETRESUID)
+
+#define UID_CHANGED (state->ruid != ostate->ruid || state->euid != ostate->euid || state->suid != ostate->suid)
+#define GID_CHANGED (state->rgid != ostate->rgid || state->egid != ostate->egid || state->sgid != ostate->sgid)
+
+/*
+ * Set real and effective and saved uids and gids based on perm.
+ * We always retain a saved uid of 0 unless we are headed for an exec().
+ * We only flip the effective gid since it only changes for PERM_SUDOERS.
+ * This version of set_perms() works fine with the "stay_setuid" option.
+ */
+bool
+set_perms(int perm)
+{
+    struct perm_state *state, *ostate = NULL;
+    char errbuf[1024];
+    const char *errstr = errbuf;
+    debug_decl(set_perms, SUDOERS_DEBUG_PERMS)
+
+    if (perm_stack_depth == PERM_STACK_MAX) {
+	errstr = N_("perm stack overflow");
+	errno = EINVAL;
+	goto bad;
+    }
+
+    state = &perm_stack[perm_stack_depth];
+    if (perm != PERM_INITIAL) {
+	if (perm_stack_depth == 0) {
+	    errstr = N_("perm stack underflow");
+	    errno = EINVAL;
+	    goto bad;
+	}
+	ostate = &perm_stack[perm_stack_depth - 1];
+    }
+
+    switch (perm) {
+    case PERM_INITIAL:
+	/* Stash initial state */
+#ifdef HAVE_GETRESUID
+	if (getresuid(&state->ruid, &state->euid, &state->suid)) {
+	    errstr = "PERM_INITIAL: getresuid";
+	    goto bad;
+
+	}
+	if (getresgid(&state->rgid, &state->egid, &state->sgid)) {
+	    errstr = "PERM_INITIAL: getresgid";
+	    goto bad;
+	}
+#else
+	state->ruid = getuid();
+	state->euid = geteuid();
+	state->suid = state->euid; /* in case we are setuid */
+
+	state->rgid = getgid();
+	state->egid = getegid();
+	state->sgid = state->egid; /* in case we are setgid */
+#endif
+	state->gidlist = user_gid_list;
+	sudo_gidlist_addref(state->gidlist);
+	sudo_debug_printf(SUDO_DEBUG_INFO, "%s: PERM_INITIAL: "
+	    "ruid: %d, euid: %d, suid: %d, rgid: %d, egid: %d, sgid: %d",
+	    __func__, (int)state->ruid, (int)state->euid, (int)state->suid,
+	    (int)state->rgid, (int)state->egid, (int)state->sgid);
+	break;
+
+    case PERM_ROOT:
+	state->ruid = ROOT_UID;
+	state->euid = ROOT_UID;
+	state->suid = ROOT_UID;
+	sudo_debug_printf(SUDO_DEBUG_INFO, "%s: PERM_ROOT: uid: "
+	    "[%d, %d, %d] -> [%d, %d, %d]", __func__,
+	    (int)ostate->ruid, (int)ostate->euid, (int)ostate->suid,
+	    (int)state->ruid, (int)state->euid, (int)state->suid);
+	if (UID_CHANGED && setresuid(ID(ruid), ID(euid), ID(suid))) {
+	    snprintf(errbuf, sizeof(errbuf),
+		"PERM_ROOT: setresuid(%d, %d, %d)",
+		(int)ID(ruid), (int)ID(euid), (int)ID(suid));
+	    goto bad;
+	}
+	state->rgid = ostate->rgid;
+	state->egid = ROOT_GID;
+	state->sgid = ostate->sgid;
+	sudo_debug_printf(SUDO_DEBUG_INFO, "%s: PERM_ROOT: gid: "
+	    "[%d, %d, %d] -> [%d, %d, %d]", __func__,
+	    (int)ostate->rgid, (int)ostate->egid, (int)ostate->sgid,
+	    (int)state->rgid, (int)state->egid, (int)state->sgid);
+	if (GID_CHANGED && setresgid(ID(rgid), ID(egid), ID(sgid))) {
+	    errstr = N_("unable to change to root gid");
+	    goto bad;
+	}
+	state->gidlist = ostate->gidlist;
+	sudo_gidlist_addref(state->gidlist);
+	break;
+
+    case PERM_USER:
+	state->rgid = ostate->rgid;
+	state->egid = user_gid;
+	state->sgid = ostate->sgid;
+	sudo_debug_printf(SUDO_DEBUG_INFO, "%s: PERM_USER: gid: "
+	    "[%d, %d, %d] -> [%d, %d, %d]", __func__,
+	    (int)ostate->rgid, (int)ostate->egid, (int)ostate->sgid,
+	    (int)state->rgid, (int)state->egid, (int)state->sgid);
+	if (GID_CHANGED && setresgid(ID(rgid), ID(egid), ID(sgid))) {
+	    snprintf(errbuf, sizeof(errbuf), "PERM_USER: setresgid(%d, %d, %d)",
+		(int)ID(rgid), (int)ID(egid), (int)ID(sgid));
+	    goto bad;
+	}
+	state->gidlist = user_gid_list;
+	sudo_gidlist_addref(state->gidlist);
+	if (state->gidlist != ostate->gidlist) {
+	    if (sudo_setgroups(state->gidlist->ngids, state->gidlist->gids)) {
+		errstr = "PERM_USER: setgroups";
+		goto bad;
+	    }
+	}
+	state->ruid = user_uid;
+	state->euid = user_uid;
+	state->suid = ROOT_UID;
+	sudo_debug_printf(SUDO_DEBUG_INFO, "%s: PERM_USER: uid: "
+	    "[%d, %d, %d] -> [%d, %d, %d]", __func__,
+	    (int)ostate->ruid, (int)ostate->euid, (int)ostate->suid,
+	    (int)state->ruid, (int)state->euid, (int)state->suid);
+	if (UID_CHANGED && setresuid(ID(ruid), ID(euid), ID(suid))) {
+	    snprintf(errbuf, sizeof(errbuf), "PERM_USER: setresuid(%d, %d, %d)",
+		(int)ID(ruid), (int)ID(euid), (int)ID(suid));
+	    goto bad;
+	}
+	break;
+
+    case PERM_FULL_USER:
+	/* headed for exec() */
+	state->rgid = user_gid;
+	state->egid = user_gid;
+	state->sgid = user_gid;
+	sudo_debug_printf(SUDO_DEBUG_INFO, "%s: PERM_FULL_USER: gid: "
+	    "[%d, %d, %d] -> [%d, %d, %d]", __func__,
+	    (int)ostate->rgid, (int)ostate->egid, (int)ostate->sgid,
+	    (int)state->rgid, (int)state->egid, (int)state->sgid);
+	if (GID_CHANGED && setresgid(ID(rgid), ID(egid), ID(sgid))) {
+	    snprintf(errbuf, sizeof(errbuf),
+		"PERM_FULL_USER: setresgid(%d, %d, %d)",
+		(int)ID(rgid), (int)ID(egid), (int)ID(sgid));
+	    goto bad;
+	}
+	state->gidlist = user_gid_list;
+	sudo_gidlist_addref(state->gidlist);
+	if (state->gidlist != ostate->gidlist) {
+	    if (sudo_setgroups(state->gidlist->ngids, state->gidlist->gids)) {
+		errstr = "PERM_FULL_USER: setgroups";
+		goto bad;
+	    }
+	}
+	state->ruid = user_uid;
+	state->euid = user_uid;
+	state->suid = user_uid;
+	sudo_debug_printf(SUDO_DEBUG_INFO, "%s: PERM_FULL_USER: uid: "
+	    "[%d, %d, %d] -> [%d, %d, %d]", __func__,
+	    (int)ostate->ruid, (int)ostate->euid, (int)ostate->suid,
+	    (int)state->ruid, (int)state->euid, (int)state->suid);
+	if (UID_CHANGED && setresuid(ID(ruid), ID(euid), ID(suid))) {
+	    snprintf(errbuf, sizeof(errbuf),
+		"PERM_FULL_USER: setresuid(%d, %d, %d)",
+		(int)ID(ruid), (int)ID(euid), (int)ID(suid));
+	    goto bad;
+	}
+	break;
+
+    case PERM_RUNAS:
+	state->rgid = ostate->rgid;
+	state->egid = runas_gr ? runas_gr->gr_gid : runas_pw->pw_gid;
+	state->sgid = ostate->sgid;
+	sudo_debug_printf(SUDO_DEBUG_INFO, "%s: PERM_RUNAS: gid: "
+	    "[%d, %d, %d] -> [%d, %d, %d]", __func__,
+	    (int)ostate->rgid, (int)ostate->egid, (int)ostate->sgid,
+	    (int)state->rgid, (int)state->egid, (int)state->sgid);
+	if (GID_CHANGED && setresgid(ID(rgid), ID(egid), ID(sgid))) {
+	    errstr = N_("unable to change to runas gid");
+	    goto bad;
+	}
+	state->gidlist = runas_setgroups();
+	if (state->gidlist == NULL) {
+	    errstr = N_("unable to set runas group vector");
+	    goto bad;
+	}
+	state->ruid = ostate->ruid;
+	state->euid = runas_pw ? runas_pw->pw_uid : user_uid;
+	state->suid = ostate->suid;
+	sudo_debug_printf(SUDO_DEBUG_INFO, "%s: PERM_RUNAS: uid: "
+	    "[%d, %d, %d] -> [%d, %d, %d]", __func__,
+	    (int)ostate->ruid, (int)ostate->euid, (int)ostate->suid,
+	    (int)state->ruid, (int)state->euid, (int)state->suid);
+	if (UID_CHANGED && setresuid(ID(ruid), ID(euid), ID(suid))) {
+	    errstr = N_("unable to change to runas uid");
+	    goto bad;
+	}
+	break;
+
+    case PERM_SUDOERS:
+	state->gidlist = ostate->gidlist;
+	sudo_gidlist_addref(state->gidlist);
+
+	/* assumes euid == ROOT_UID, ruid == user */
+	state->rgid = ostate->rgid;
+	state->egid = sudoers_gid;
+	state->sgid = ostate->sgid;
+	sudo_debug_printf(SUDO_DEBUG_INFO, "%s: PERM_SUDOERS: gid: "
+	    "[%d, %d, %d] -> [%d, %d, %d]", __func__,
+	    (int)ostate->rgid, (int)ostate->egid, (int)ostate->sgid,
+	    (int)state->rgid, (int)state->egid, (int)state->sgid);
+	if (GID_CHANGED && setresgid(ID(rgid), ID(egid), ID(sgid))) {
+	    errstr = N_("unable to change to sudoers gid");
+	    goto bad;
+	}
+
+	state->ruid = ROOT_UID;
+	/*
+	 * If sudoers_uid == ROOT_UID and sudoers_mode is group readable
+	 * we use a non-zero uid in order to avoid NFS lossage.
+	 * Using uid 1 is a bit bogus but should work on all OS's.
+	 */
+	if (sudoers_uid == ROOT_UID && (sudoers_mode & S_IRGRP))
+	    state->euid = 1;
+	else
+	    state->euid = sudoers_uid;
+	state->suid = ROOT_UID;
+	sudo_debug_printf(SUDO_DEBUG_INFO, "%s: PERM_SUDOERS: uid: "
+	    "[%d, %d, %d] -> [%d, %d, %d]", __func__,
+	    (int)ostate->ruid, (int)ostate->euid, (int)ostate->suid,
+	    (int)state->ruid, (int)state->euid, (int)state->suid);
+	if (UID_CHANGED && setresuid(ID(ruid), ID(euid), ID(suid))) {
+	    snprintf(errbuf, sizeof(errbuf),
+		"PERM_SUDOERS: setresuid(%d, %d, %d)",
+		(int)ID(ruid), (int)ID(euid), (int)ID(suid));
+	    goto bad;
+	}
+	break;
+
+    case PERM_TIMESTAMP:
+	state->gidlist = ostate->gidlist;
+	sudo_gidlist_addref(state->gidlist);
+	state->rgid = ostate->rgid;
+	state->egid = ostate->egid;
+	state->sgid = ostate->sgid;
+	state->ruid = ROOT_UID;
+	state->euid = timestamp_uid;
+	state->suid = ROOT_UID;
+	sudo_debug_printf(SUDO_DEBUG_INFO, "%s: PERM_TIMESTAMP: uid: "
+	    "[%d, %d, %d] -> [%d, %d, %d]", __func__,
+	    (int)ostate->ruid, (int)ostate->euid, (int)ostate->suid,
+	    (int)state->ruid, (int)state->euid, (int)state->suid);
+	if (UID_CHANGED && setresuid(ID(ruid), ID(euid), ID(suid))) {
+	    snprintf(errbuf, sizeof(errbuf),
+		"PERM_TIMESTAMP: setresuid(%d, %d, %d)",
+		(int)ID(ruid), (int)ID(euid), (int)ID(suid));
+	    goto bad;
+	}
+	break;
+
+    case PERM_IOLOG:
+	state->gidlist = ostate->gidlist;
+	sudo_gidlist_addref(state->gidlist);
+	state->rgid = ostate->rgid;
+	state->egid = iolog_gid;
+	state->sgid = ostate->sgid;
+	state->ruid = ROOT_UID;
+	state->euid = iolog_uid;
+	state->suid = ROOT_UID;
+	sudo_debug_printf(SUDO_DEBUG_INFO, "%s: PERM_IOLOG: gid: "
+	    "[%d, %d, %d] -> [%d, %d, %d]", __func__,
+	    (int)ostate->rgid, (int)ostate->egid, (int)ostate->sgid,
+	    (int)state->rgid, (int)state->egid, (int)state->sgid);
+	if (GID_CHANGED && setresgid(ID(rgid), ID(egid), ID(sgid))) {
+	    snprintf(errbuf, sizeof(errbuf),
+		"PERM_IOLOG: setresgid(%d, %d, %d)",
+		(int)ID(rgid), (int)ID(egid), (int)ID(sgid));
+	    goto bad;
+	}
+	sudo_debug_printf(SUDO_DEBUG_INFO, "%s: PERM_IOLOG: uid: "
+	    "[%d, %d, %d] -> [%d, %d, %d]", __func__,
+	    (int)ostate->ruid, (int)ostate->euid, (int)ostate->suid,
+	    (int)state->ruid, (int)state->euid, (int)state->suid);
+	if (UID_CHANGED && setresuid(ID(ruid), ID(euid), ID(suid))) {
+	    snprintf(errbuf, sizeof(errbuf),
+		"PERM_IOLOG: setresuid(%d, %d, %d)",
+		(int)ID(ruid), (int)ID(euid), (int)ID(suid));
+	    goto bad;
+	}
+	break;
+    }
+
+    perm_stack_depth++;
+    debug_return_bool(true);
+bad:
+    if (errno == EAGAIN)
+	sudo_warnx(U_("%s: %s"), U_(errstr), U_("too many processes"));
+    else
+	sudo_warn("%s", U_(errstr));
+    debug_return_bool(false);
+}
+
+bool
+restore_perms(void)
+{
+    struct perm_state *state, *ostate;
+    debug_decl(restore_perms, SUDOERS_DEBUG_PERMS)
+
+    if (perm_stack_depth < 2) {
+	sudo_warnx(U_("perm stack underflow"));
+	debug_return_bool(true);
+    }
+
+    state = &perm_stack[perm_stack_depth - 1];
+    ostate = &perm_stack[perm_stack_depth - 2];
+    perm_stack_depth--;
+
+    sudo_debug_printf(SUDO_DEBUG_INFO, "%s: uid: [%d, %d, %d] -> [%d, %d, %d]",
+	__func__, (int)state->ruid, (int)state->euid, (int)state->suid,
+	(int)ostate->ruid, (int)ostate->euid, (int)ostate->suid);
+    sudo_debug_printf(SUDO_DEBUG_INFO, "%s: gid: [%d, %d, %d] -> [%d, %d, %d]",
+	__func__, (int)state->rgid, (int)state->egid, (int)state->sgid,
+	(int)ostate->rgid, (int)ostate->egid, (int)ostate->sgid);
+
+    /* XXX - more cases here where euid != ruid */
+    if (OID(euid) == ROOT_UID) {
+	if (setresuid(-1, ROOT_UID, -1)) {
+	    sudo_warn("setresuid() [%d, %d, %d] -> [%d, %d, %d]",
+		(int)state->ruid, (int)state->euid, (int)state->suid,
+		-1, ROOT_UID, -1);
+	    goto bad;
+	}
+    }
+    if (setresgid(OID(rgid), OID(egid), OID(sgid))) {
+	sudo_warn("setresgid() [%d, %d, %d] -> [%d, %d, %d]",
+	    (int)state->rgid, (int)state->egid, (int)state->sgid,
+	    (int)OID(rgid), (int)OID(egid), (int)OID(sgid));
+	goto bad;
+    }
+    if (state->gidlist != ostate->gidlist) {
+	if (sudo_setgroups(ostate->gidlist->ngids, ostate->gidlist->gids)) {
+	    sudo_warn("setgroups()");
+	    goto bad;
+	}
+    }
+    if (setresuid(OID(ruid), OID(euid), OID(suid))) {
+	sudo_warn("setresuid() [%d, %d, %d] -> [%d, %d, %d]",
+	    (int)state->ruid, (int)state->euid, (int)state->suid,
+	    (int)OID(ruid), (int)OID(euid), (int)OID(suid));
+	goto bad;
+    }
+    sudo_gidlist_delref(state->gidlist);
+    debug_return_bool(true);
+
+bad:
+    debug_return_bool(false);
+}
+
+#elif defined(_AIX) && defined(ID_SAVED)
+
+#define UID_CHANGED (state->ruid != ostate->ruid || state->euid != ostate->euid || state->suid != ostate->suid)
+#define GID_CHANGED (state->rgid != ostate->rgid || state->egid != ostate->egid || state->sgid != ostate->sgid)
+
+/*
+ * Set real and effective and saved uids and gids based on perm.
+ * We always retain a saved uid of 0 unless we are headed for an exec().
+ * We only flip the effective gid since it only changes for PERM_SUDOERS.
+ * This version of set_perms() works fine with the "stay_setuid" option.
+ */
+bool
+set_perms(int perm)
+{
+    struct perm_state *state, *ostate = NULL;
+    char errbuf[1024];
+    const char *errstr = errbuf;
+    debug_decl(set_perms, SUDOERS_DEBUG_PERMS)
+
+    if (perm_stack_depth == PERM_STACK_MAX) {
+	errstr = N_("perm stack overflow");
+	errno = EINVAL;
+	goto bad;
+    }
+
+    state = &perm_stack[perm_stack_depth];
+    if (perm != PERM_INITIAL) {
+	if (perm_stack_depth == 0) {
+	    errstr = N_("perm stack underflow");
+	    errno = EINVAL;
+	    goto bad;
+	}
+	ostate = &perm_stack[perm_stack_depth - 1];
+    }
+
+    switch (perm) {
+    case PERM_INITIAL:
+	/* Stash initial state */
+	state->ruid = getuidx(ID_REAL);
+	state->euid = getuidx(ID_EFFECTIVE);
+	state->suid = getuidx(ID_SAVED);
+	state->rgid = getgidx(ID_REAL);
+	state->egid = getgidx(ID_EFFECTIVE);
+	state->sgid = getgidx(ID_SAVED);
+	state->gidlist = user_gid_list;
+	sudo_gidlist_addref(state->gidlist);
+	sudo_debug_printf(SUDO_DEBUG_INFO, "%s: PERM_INITIAL: "
+	    "ruid: %d, euid: %d, suid: %d, rgid: %d, egid: %d, sgid: %d",
+	    __func__, (int)state->ruid, (int)state->euid, (int)state->suid,
+	    (int)state->rgid, (int)state->egid, (int)state->sgid);
+	break;
+
+    case PERM_ROOT:
+	state->ruid = ROOT_UID;
+	state->euid = ROOT_UID;
+	state->suid = ROOT_UID;
+	sudo_debug_printf(SUDO_DEBUG_INFO, "%s: PERM_ROOT: uid: "
+	    "[%d, %d, %d] -> [%d, %d, %d]", __func__,
+	    (int)ostate->ruid, (int)ostate->euid, (int)ostate->suid,
+	    (int)state->ruid, (int)state->euid, (int)state->suid);
+	if (UID_CHANGED && setuidx(ID_EFFECTIVE|ID_REAL|ID_SAVED, ROOT_UID)) {
+	    snprintf(errbuf, sizeof(errbuf),
+		"PERM_ROOT: setuidx(ID_EFFECTIVE|ID_REAL|ID_SAVED, %d)",
+		ROOT_UID);
+	    goto bad;
+	}
+	state->rgid = ostate->rgid;
+	state->egid = ROOT_GID;
+	state->sgid = ostate->sgid;
+	sudo_debug_printf(SUDO_DEBUG_INFO, "%s: PERM_ROOT: gid: "
+	    "[%d, %d, %d] -> [%d, %d, %d]", __func__,
+	    (int)ostate->rgid, (int)ostate->egid, (int)ostate->sgid,
+	    (int)state->rgid, (int)state->egid, (int)state->sgid);
+	if (GID_CHANGED && setgidx(ID_EFFECTIVE, ROOT_GID)) {
+	    errstr = N_("unable to change to root gid");
+	    goto bad;
+	}
+	state->gidlist = ostate->gidlist;
+	sudo_gidlist_addref(state->gidlist);
+	break;
+
+    case PERM_USER:
+	state->rgid = ostate->rgid;
+	state->egid = user_gid;
+	state->sgid = ostate->sgid;
+	sudo_debug_printf(SUDO_DEBUG_INFO, "%s: PERM_USER: gid: "
+	    "[%d, %d, %d] -> [%d, %d, %d]", __func__,
+	    (int)ostate->rgid, (int)ostate->egid, (int)ostate->sgid,
+	    (int)state->rgid, (int)state->egid, (int)state->sgid);
+	if (GID_CHANGED && setgidx(ID_EFFECTIVE, user_gid)) {
+	    snprintf(errbuf, sizeof(errbuf),
+		"PERM_USER: setgidx(ID_EFFECTIVE, %d)", (int)user_gid);
+	    goto bad;
+	}
+	state->gidlist = user_gid_list;
+	sudo_gidlist_addref(state->gidlist);
+	if (state->gidlist != ostate->gidlist) {
+	    if (sudo_setgroups(state->gidlist->ngids, state->gidlist->gids)) {
+		errstr = "PERM_USER: setgroups";
+		goto bad;
+	    }
+	}
+	state->ruid = user_uid;
+	state->euid = user_uid;
+	state->suid = ROOT_UID;
+	sudo_debug_printf(SUDO_DEBUG_INFO, "%s: PERM_USER: uid: "
+	    "[%d, %d, %d] -> [%d, %d, %d]", __func__,
+	    (int)ostate->ruid, (int)ostate->euid, (int)ostate->suid,
+	    (int)state->ruid, (int)state->euid, (int)state->suid);
+	if (ostate->euid != ROOT_UID || ostate->suid != ROOT_UID) {
+	    if (setuidx(ID_EFFECTIVE|ID_REAL|ID_SAVED, ROOT_UID)) {
+		snprintf(errbuf, sizeof(errbuf),
+		    "PERM_USER: setuidx(ID_EFFECTIVE|ID_REAL|ID_SAVED, %d)",
+		    ROOT_UID);
+		goto bad;
+	    }
+	}
+	if (setuidx(ID_EFFECTIVE|ID_REAL, user_uid)) {
+	    snprintf(errbuf, sizeof(errbuf),
+		"PERM_USER: setuidx(ID_EFFECTIVE|ID_REAL, %d)", (int)user_uid);
+	    goto bad;
+	}
+	break;
+
+    case PERM_FULL_USER:
+	/* headed for exec() */
+	state->rgid = user_gid;
+	state->egid = user_gid;
+	state->sgid = user_gid;
+	sudo_debug_printf(SUDO_DEBUG_INFO, "%s: PERM_FULL_USER: gid: "
+	    "[%d, %d, %d] -> [%d, %d, %d]", __func__,
+	    (int)ostate->rgid, (int)ostate->egid, (int)ostate->sgid,
+	    (int)state->rgid, (int)state->egid, (int)state->sgid);
+	if (GID_CHANGED && setgidx(ID_EFFECTIVE|ID_REAL|ID_SAVED, user_gid)) {
+	    snprintf(errbuf, sizeof(errbuf),
+		"PERM_FULL_USER: setgidx(ID_EFFECTIVE|ID_REAL|ID_SAVED, %d)",
+		(int)user_gid);
+	    goto bad;
+	}
+	state->gidlist = user_gid_list;
+	sudo_gidlist_addref(state->gidlist);
+	if (state->gidlist != ostate->gidlist) {
+	    if (sudo_setgroups(state->gidlist->ngids, state->gidlist->gids)) {
+		errstr = "PERM_FULL_USER: setgroups";
+		goto bad;
+	    }
+	}
+	state->ruid = user_uid;
+	state->euid = user_uid;
+	state->suid = user_uid;
+	sudo_debug_printf(SUDO_DEBUG_INFO, "%s: PERM_FULL_USER: uid: "
+	    "[%d, %d, %d] -> [%d, %d, %d]", __func__,
+	    (int)ostate->ruid, (int)ostate->euid, (int)ostate->suid,
+	    (int)state->ruid, (int)state->euid, (int)state->suid);
+	if (UID_CHANGED && setuidx(ID_EFFECTIVE|ID_REAL|ID_SAVED, user_uid)) {
+	    snprintf(errbuf, sizeof(errbuf),
+		"PERM_FULL_USER: setuidx(ID_EFFECTIVE|ID_REAL|ID_SAVED, %d)",
+		(int)user_uid);
+	    goto bad;
+	}
+	break;
+
+    case PERM_RUNAS:
+	state->rgid = ostate->rgid;
+	state->egid = runas_gr ? runas_gr->gr_gid : runas_pw->pw_gid;
+	state->sgid = ostate->sgid;
+	sudo_debug_printf(SUDO_DEBUG_INFO, "%s: PERM_RUNAS: gid: "
+	    "[%d, %d, %d] -> [%d, %d, %d]", __func__,
+	    (int)ostate->rgid, (int)ostate->egid, (int)ostate->sgid,
+	    (int)state->rgid, (int)state->egid, (int)state->sgid);
+	if (GID_CHANGED && setgidx(ID_EFFECTIVE, state->egid)) {
+	    errstr = N_("unable to change to runas gid");
+	    goto bad;
+	}
+	state->gidlist = runas_setgroups();
+	if (state->gidlist == NULL) {
+	    errstr = N_("unable to set runas group vector");
+	    goto bad;
+	}
+	state->ruid = ostate->ruid;
+	state->euid = runas_pw ? runas_pw->pw_uid : user_uid;
+	state->suid = ostate->suid;
+	sudo_debug_printf(SUDO_DEBUG_INFO, "%s: PERM_RUNAS: uid: "
+	    "[%d, %d, %d] -> [%d, %d, %d]", __func__,
+	    (int)ostate->ruid, (int)ostate->euid, (int)ostate->suid,
+	    (int)state->ruid, (int)state->euid, (int)state->suid);
+	if (UID_CHANGED && setuidx(ID_EFFECTIVE, state->euid)) {
+	    errstr = N_("unable to change to runas uid");
+	    goto bad;
+	}
+	break;
+
+    case PERM_SUDOERS:
+	state->gidlist = ostate->gidlist;
+	sudo_gidlist_addref(state->gidlist);
+
+	/* assume euid == ROOT_UID, ruid == user */
+	state->rgid = ostate->rgid;
+	state->egid = sudoers_gid;
+	state->sgid = ostate->sgid;
+	sudo_debug_printf(SUDO_DEBUG_INFO, "%s: PERM_SUDOERS: gid: "
+	    "[%d, %d, %d] -> [%d, %d, %d]", __func__,
+	    (int)ostate->rgid, (int)ostate->egid, (int)ostate->sgid,
+	    (int)state->rgid, (int)state->egid, (int)state->sgid);
+	if (GID_CHANGED && setgidx(ID_EFFECTIVE, sudoers_gid)) {
+	    errstr = N_("unable to change to sudoers gid");
+	    goto bad;
+	}
+
+	state->ruid = ROOT_UID;
+	/*
+	 * If sudoers_uid == ROOT_UID and sudoers_mode is group readable
+	 * we use a non-zero uid in order to avoid NFS lossage.
+	 * Using uid 1 is a bit bogus but should work on all OS's.
+	 */
+	if (sudoers_uid == ROOT_UID && (sudoers_mode & S_IRGRP))
+	    state->euid = 1;
+	else
+	    state->euid = sudoers_uid;
+	state->suid = ROOT_UID;
+	sudo_debug_printf(SUDO_DEBUG_INFO, "%s: PERM_SUDOERS: uid: "
+	    "[%d, %d, %d] -> [%d, %d, %d]", __func__,
+	    (int)ostate->ruid, (int)ostate->euid, (int)ostate->suid,
+	    (int)state->ruid, (int)state->euid, (int)state->suid);
+	if (UID_CHANGED) {
+	    if (ostate->ruid != ROOT_UID || ostate->suid != ROOT_UID) {
+		if (setuidx(ID_EFFECTIVE|ID_REAL|ID_SAVED, ROOT_UID)) {
+		    snprintf(errbuf, sizeof(errbuf),
+			"PERM_SUDOERS: setuidx(ID_EFFECTIVE|ID_REAL|ID_SAVED, %d)",
+			ROOT_UID);
+		    goto bad;
+		}
+	    }
+	    if (setuidx(ID_EFFECTIVE, state->euid)) {
+		snprintf(errbuf, sizeof(errbuf),
+		    "PERM_SUDOERS: setuidx(ID_EFFECTIVE, %d)", (int)sudoers_uid);
+		goto bad;
+	    }
+	}
+	break;
+
+    case PERM_TIMESTAMP:
+	state->gidlist = ostate->gidlist;
+	sudo_gidlist_addref(state->gidlist);
+	state->rgid = ostate->rgid;
+	state->egid = ostate->egid;
+	state->sgid = ostate->sgid;
+	state->ruid = ROOT_UID;
+	state->euid = timestamp_uid;
+	state->suid = ROOT_UID;
+	sudo_debug_printf(SUDO_DEBUG_INFO, "%s: PERM_TIMESTAMP: uid: "
+	    "[%d, %d, %d] -> [%d, %d, %d]", __func__,
+	    (int)ostate->ruid, (int)ostate->euid, (int)ostate->suid,
+	    (int)state->ruid, (int)state->euid, (int)state->suid);
+	if (UID_CHANGED) {
+	    if (ostate->ruid != ROOT_UID || ostate->suid != ROOT_UID) {
+		if (setuidx(ID_EFFECTIVE|ID_REAL|ID_SAVED, ROOT_UID)) {
+		    snprintf(errbuf, sizeof(errbuf),
+			"PERM_TIMESTAMP: setuidx(ID_EFFECTIVE|ID_REAL|ID_SAVED, %d)",
+			ROOT_UID);
+		    goto bad;
+		}
+	    }
+	    if (setuidx(ID_EFFECTIVE, timestamp_uid)) {
+		snprintf(errbuf, sizeof(errbuf),
+		    "PERM_TIMESTAMP: setuidx(ID_EFFECTIVE, %d)",
+		    (int)timestamp_uid);
+		goto bad;
+	    }
+	}
+	break;
+
+    case PERM_IOLOG:
+	state->gidlist = ostate->gidlist;
+	sudo_gidlist_addref(state->gidlist);
+	state->rgid = ostate->rgid;
+	state->egid = iolog_gid;
+	state->sgid = ostate->sgid;
+	state->ruid = ROOT_UID;
+	state->euid = iolog_uid;
+	state->suid = ROOT_UID;
+	sudo_debug_printf(SUDO_DEBUG_INFO, "%s: PERM_IOLOG: gid: "
+	    "[%d, %d, %d] -> [%d, %d, %d]", __func__,
+	    (int)ostate->rgid, (int)ostate->egid, (int)ostate->sgid,
+	    (int)state->rgid, (int)state->egid, (int)state->sgid);
+	if (GID_CHANGED && setgidx(ID_EFFECTIVE, iolog_gid)) {
+	    snprintf(errbuf, sizeof(errbuf),
+		"PERM_IOLOG: setgidx(ID_EFFECTIVE, %d)", (int)iolog_gid);
+	    goto bad;
+	}
+	sudo_debug_printf(SUDO_DEBUG_INFO, "%s: PERM_IOLOG: uid: "
+	    "[%d, %d, %d] -> [%d, %d, %d]", __func__,
+	    (int)ostate->ruid, (int)ostate->euid, (int)ostate->suid,
+	    (int)state->ruid, (int)state->euid, (int)state->suid);
+	if (UID_CHANGED) {
+	    if (ostate->ruid != ROOT_UID || ostate->suid != ROOT_UID) {
+		if (setuidx(ID_EFFECTIVE|ID_REAL|ID_SAVED, ROOT_UID)) {
+		    snprintf(errbuf, sizeof(errbuf),
+			"PERM_IOLOG: setuidx(ID_EFFECTIVE|ID_REAL|ID_SAVED, %d)",
+			ROOT_UID);
+		    goto bad;
+		}
+	    }
+	    if (setuidx(ID_EFFECTIVE, timestamp_uid)) {
+		snprintf(errbuf, sizeof(errbuf),
+		    "PERM_IOLOG: setuidx(ID_EFFECTIVE, %d)",
+		    (int)timestamp_uid);
+		goto bad;
+	    }
+	}
+	break;
+    }
+
+    perm_stack_depth++;
+    debug_return_bool(true);
+bad:
+    if (errno == EAGAIN)
+	sudo_warnx(U_("%s: %s"), U_(errstr), U_("too many processes"));
+    else
+	sudo_warn("%s", U_(errstr));
+    debug_return_bool(false);
+}
+
+bool
+restore_perms(void)
+{
+    struct perm_state *state, *ostate;
+    debug_decl(restore_perms, SUDOERS_DEBUG_PERMS)
+
+    if (perm_stack_depth < 2) {
+	sudo_warnx(U_("perm stack underflow"));
+	debug_return_bool(true);
+    }
+
+    state = &perm_stack[perm_stack_depth - 1];
+    ostate = &perm_stack[perm_stack_depth - 2];
+    perm_stack_depth--;
+
+    sudo_debug_printf(SUDO_DEBUG_INFO, "%s: uid: [%d, %d, %d] -> [%d, %d, %d]",
+	__func__, (int)state->ruid, (int)state->euid, (int)state->suid,
+	(int)ostate->ruid, (int)ostate->euid, (int)ostate->suid);
+    sudo_debug_printf(SUDO_DEBUG_INFO, "%s: gid: [%d, %d, %d] -> [%d, %d, %d]",
+	__func__, (int)state->rgid, (int)state->egid, (int)state->sgid,
+	(int)ostate->rgid, (int)ostate->egid, (int)ostate->sgid);
+
+    if (OID(ruid) != (uid_t)-1 || OID(euid) != (uid_t)-1 || OID(suid) != (uid_t)-1) {
+	if (OID(euid) == ROOT_UID) {
+	    sudo_debug_printf(SUDO_DEBUG_INFO, "%s: setuidx(ID_EFFECTIVE, %d)",
+		__func__, ROOT_UID);
+	    if (setuidx(ID_EFFECTIVE, ROOT_UID)) {
+		sudo_warn("setuidx(ID_EFFECTIVE) [%d, %d, %d] -> [%d, %d, %d]",
+		    (int)state->ruid, (int)state->euid, (int)state->suid,
+		    -1, ROOT_UID, -1);
+		goto bad;
+	    }
+	}
+	if (OID(ruid) == OID(euid) && OID(euid) == OID(suid)) {
+	    sudo_debug_printf(SUDO_DEBUG_INFO,
+		"%s: setuidx(ID_EFFECTIVE|ID_REAL|ID_SAVED, %d)",
+		__func__, (int)OID(ruid));
+	    if (setuidx(ID_EFFECTIVE|ID_REAL|ID_SAVED, OID(ruid))) {
+		sudo_warn("setuidx(ID_EFFECTIVE|ID_REAL|ID_SAVED) [%d, %d, %d] -> [%d, %d, %d]",
+		    (int)state->ruid, (int)state->euid, (int)state->suid,
+		    (int)OID(ruid), (int)OID(euid), (int)OID(suid));
+		goto bad;
+	    }
+	} else if (OID(ruid) == (uid_t)-1 && OID(suid) == (uid_t)-1) {
+	    /* May have already changed euid to ROOT_UID above. */
+	    if (OID(euid) != ROOT_UID) {
+		sudo_debug_printf(SUDO_DEBUG_INFO,
+		    "%s: setuidx(ID_EFFECTIVE, %d)", __func__, OID(euid));
+		if (setuidx(ID_EFFECTIVE, OID(euid))) {
+		    sudo_warn("setuidx(ID_EFFECTIVE) [%d, %d, %d] -> [%d, %d, %d]",
+			(int)state->ruid, (int)state->euid, (int)state->suid,
+			(int)OID(ruid), (int)OID(euid), (int)OID(suid));
+		    goto bad;
+		}
+	    }
+	} else if (OID(suid) == (uid_t)-1) {
+	    /* Cannot set the real uid alone. */
+	    sudo_debug_printf(SUDO_DEBUG_INFO,
+		"%s: setuidx(ID_REAL|ID_EFFECTIVE, %d)", __func__, OID(ruid));
+	    if (setuidx(ID_REAL|ID_EFFECTIVE, OID(ruid))) {
+		sudo_warn("setuidx(ID_REAL|ID_EFFECTIVE) [%d, %d, %d] -> [%d, %d, %d]",
+		    (int)state->ruid, (int)state->euid, (int)state->suid,
+		    (int)OID(ruid), (int)OID(euid), (int)OID(suid));
+		goto bad;
+	    }
+	    /* Restore the effective euid if it doesn't match the ruid. */
+	    if (OID(euid) != OID(ruid)) {
+		sudo_debug_printf(SUDO_DEBUG_INFO,
+		    "%s: setuidx(ID_EFFECTIVE, %d)", __func__, ostate->euid);
+		if (setuidx(ID_EFFECTIVE, ostate->euid)) {
+		    sudo_warn("setuidx(ID_EFFECTIVE, %d)", (int)ostate->euid);
+		    goto bad;
+		}
+	    }
+	}
+    }
+    if (OID(rgid) != (gid_t)-1 || OID(egid) != (gid_t)-1 || OID(sgid) != (gid_t)-1) {
+	if (OID(rgid) == OID(egid) && OID(egid) == OID(sgid)) {
+	    sudo_debug_printf(SUDO_DEBUG_INFO,
+		"%s: setgidx(ID_EFFECTIVE|ID_REAL|ID_SAVED, %d)",
+		__func__, (int)OID(rgid));
+	    if (setgidx(ID_EFFECTIVE|ID_REAL|ID_SAVED, OID(rgid))) {
+		sudo_warn("setgidx(ID_EFFECTIVE|ID_REAL|ID_SAVED) [%d, %d, %d] -> [%d, %d, %d]",
+		    (int)state->rgid, (int)state->egid, (int)state->sgid,
+		    (int)OID(rgid), (int)OID(egid), (int)OID(sgid));
+		goto bad;
+	    }
+	} else if (OID(rgid) == (gid_t)-1 && OID(sgid) == (gid_t)-1) {
+	    sudo_debug_printf(SUDO_DEBUG_INFO, "%s: setgidx(ID_EFFECTIVE, %d)",
+		__func__, (int)OID(egid));
+	    if (setgidx(ID_EFFECTIVE, OID(egid))) {
+		sudo_warn("setgidx(ID_EFFECTIVE) [%d, %d, %d] -> [%d, %d, %d]",
+		    (int)state->rgid, (int)state->egid, (int)state->sgid,
+		    (int)OID(rgid), (int)OID(egid), (int)OID(sgid));
+		goto bad;
+	    }
+	} else if (OID(sgid) == (gid_t)-1) {
+	    sudo_debug_printf(SUDO_DEBUG_INFO,
+		"%s: setgidx(ID_EFFECTIVE|ID_REAL, %d)", __func__, OID(rgid));
+	    if (setgidx(ID_REAL|ID_EFFECTIVE, OID(rgid))) {
+		sudo_warn("setgidx(ID_REAL|ID_EFFECTIVE) [%d, %d, %d] -> [%d, %d, %d]",
+		    (int)state->rgid, (int)state->egid, (int)state->sgid,
+		    (int)OID(rgid), (int)OID(egid), (int)OID(sgid));
+		goto bad;
+	    }
+	}
+    }
+    if (state->gidlist != ostate->gidlist) {
+	if (sudo_setgroups(ostate->gidlist->ngids, ostate->gidlist->gids)) {
+	    sudo_warn("setgroups()");
+	    goto bad;
+	}
+    }
+    sudo_gidlist_delref(state->gidlist);
+    debug_return_bool(true);
+
+bad:
+    debug_return_bool(false);
+}
+
+#elif defined(HAVE_SETREUID)
+
+#define UID_CHANGED (state->ruid != ostate->ruid || state->euid != ostate->euid)
+#define GID_CHANGED (state->rgid != ostate->rgid || state->egid != ostate->egid)
+
+/*
+ * Set real and effective and saved uids and gids based on perm.
+ * We always retain a saved uid of 0 unless we are headed for an exec().
+ * We only flip the effective gid since it only changes for PERM_SUDOERS.
+ * This version of set_perms() works fine with the "stay_setuid" option.
+ */
+bool
+set_perms(int perm)
+{
+    struct perm_state *state, *ostate = NULL;
+    char errbuf[1024];
+    const char *errstr = errbuf;
+    debug_decl(set_perms, SUDOERS_DEBUG_PERMS)
+
+    if (perm_stack_depth == PERM_STACK_MAX) {
+	errstr = N_("perm stack overflow");
+	errno = EINVAL;
+	goto bad;
+    }
+
+    state = &perm_stack[perm_stack_depth];
+    if (perm != PERM_INITIAL) {
+	if (perm_stack_depth == 0) {
+	    errstr = N_("perm stack underflow");
+	    errno = EINVAL;
+	    goto bad;
+	}
+	ostate = &perm_stack[perm_stack_depth - 1];
+    }
+
+    switch (perm) {
+    case PERM_INITIAL:
+	/* Stash initial state */
+	state->ruid = getuid();
+	state->euid = geteuid();
+	state->rgid = getgid();
+	state->egid = getegid();
+	state->gidlist = user_gid_list;
+	sudo_gidlist_addref(state->gidlist);
+	sudo_debug_printf(SUDO_DEBUG_INFO, "%s: PERM_INITIAL: "
+	    "ruid: %d, euid: %d, rgid: %d, egid: %d", __func__,
+	    (int)state->ruid, (int)state->euid,
+	    (int)state->rgid, (int)state->egid);
+	break;
+
+    case PERM_ROOT:
+	state->ruid = ROOT_UID;
+	state->euid = ROOT_UID;
+	sudo_debug_printf(SUDO_DEBUG_INFO, "%s: PERM_ROOT: uid: "
+	    "[%d, %d] -> [%d, %d]", __func__, (int)ostate->ruid,
+	    (int)ostate->euid, (int)state->ruid, (int)state->euid);
+	/*
+	 * setreuid(0, 0) may fail on some systems if euid is not already 0.
+	 */
+	if (ostate->euid != ROOT_UID) {
+	    if (setreuid(-1, ROOT_UID)) {
+		snprintf(errbuf, sizeof(errbuf),
+		    "PERM_ROOT: setreuid(-1, %d)", ROOT_UID);
+		goto bad;
+	    }
+	}
+	if (ostate->ruid != ROOT_UID) {
+	    if (setreuid(ROOT_UID, -1)) {
+		snprintf(errbuf, sizeof(errbuf),
+		    "PERM_ROOT: setreuid(%d, -1)", ROOT_UID);
+		goto bad;
+	    }
+	}
+	state->rgid = ostate->rgid;
+	state->egid = ROOT_GID;
+	sudo_debug_printf(SUDO_DEBUG_INFO, "%s: PERM_ROOT: gid: "
+	    "[%d, %d] -> [%d, %d]", __func__, (int)ostate->rgid,
+	    (int)ostate->egid, (int)state->rgid, (int)state->egid);
+	if (GID_CHANGED && setregid(ID(rgid), ID(egid))) {
+	    snprintf(errbuf, sizeof(errbuf),
+		"PERM_ROOT: setregid(%d, %d)", (int)ID(rgid), (int)ID(egid));
+	    goto bad;
+	}
+	state->gidlist = ostate->gidlist;
+	sudo_gidlist_addref(state->gidlist);
+	break;
+
+    case PERM_USER:
+	state->rgid = ostate->rgid;
+	state->egid = user_gid;
+	sudo_debug_printf(SUDO_DEBUG_INFO, "%s: PERM_USER: gid: "
+	    "[%d, %d] -> [%d, %d]", __func__, (int)ostate->rgid,
+	    (int)ostate->egid, (int)state->rgid, (int)state->egid);
+	if (GID_CHANGED && setregid(ID(rgid), ID(egid))) {
+	    snprintf(errbuf, sizeof(errbuf),
+		"PERM_USER: setregid(%d, %d)", (int)ID(rgid), (int)ID(egid));
+	    goto bad;
+	}
+	state->gidlist = user_gid_list;
+	sudo_gidlist_addref(state->gidlist);
+	if (state->gidlist != ostate->gidlist) {
+	    if (sudo_setgroups(state->gidlist->ngids, state->gidlist->gids)) {
+		errstr = "PERM_USER: setgroups";
+		goto bad;
+	    }
+	}
+	state->ruid = ROOT_UID;
+	state->euid = user_uid;
+	sudo_debug_printf(SUDO_DEBUG_INFO, "%s: PERM_USER: uid: "
+	    "[%d, %d] -> [%d, %d]", __func__, (int)ostate->ruid,
+	    (int)ostate->euid, (int)state->ruid, (int)state->euid);
+	if (UID_CHANGED && setreuid(ID(ruid), ID(euid))) {
+	    snprintf(errbuf, sizeof(errbuf),
+		"PERM_USER: setreuid(%d, %d)", (int)ID(ruid), (int)ID(euid));
+	    goto bad;
+	}
+	break;
+
+    case PERM_FULL_USER:
+	/* headed for exec() */
+	state->rgid = user_gid;
+	state->egid = user_gid;
+	sudo_debug_printf(SUDO_DEBUG_INFO, "%s: PERM_FULL_USER: gid: "
+	    "[%d, %d] -> [%d, %d]", __func__, (int)ostate->rgid,
+	    (int)ostate->egid, (int)state->rgid, (int)state->egid);
+	if (GID_CHANGED && setregid(ID(rgid), ID(egid))) {
+	    snprintf(errbuf, sizeof(errbuf), "PERM_FULL_USER: setregid(%d, %d)",
+		(int)ID(rgid), (int)ID(egid));
+	    goto bad;
+	}
+	state->gidlist = user_gid_list;
+	sudo_gidlist_addref(state->gidlist);
+	if (state->gidlist != ostate->gidlist) {
+	    if (sudo_setgroups(state->gidlist->ngids, state->gidlist->gids)) {
+		errstr = "PERM_FULL_USER: setgroups";
+		goto bad;
+	    }
+	}
+	state->ruid = user_uid;
+	state->euid = user_uid;
+	sudo_debug_printf(SUDO_DEBUG_INFO, "%s: PERM_FULL_USER: uid: "
+	    "[%d, %d] -> [%d, %d]", __func__, (int)ostate->ruid,
+	    (int)ostate->euid, (int)state->ruid, (int)state->euid);
+	if (UID_CHANGED && setreuid(ID(ruid), ID(euid))) {
+	    snprintf(errbuf, sizeof(errbuf), "PERM_FULL_USER: setreuid(%d, %d)",
+		(int)ID(ruid), (int)ID(euid));
+	    goto bad;
+	}
+	break;
+
+    case PERM_RUNAS:
+	state->rgid = ostate->rgid;
+	state->egid = runas_gr ? runas_gr->gr_gid : runas_pw->pw_gid;
+	sudo_debug_printf(SUDO_DEBUG_INFO, "%s: PERM_RUNAS: gid: "
+	    "[%d, %d] -> [%d, %d]", __func__, (int)ostate->rgid,
+	    (int)ostate->egid, (int)state->rgid, (int)state->egid);
+	if (GID_CHANGED && setregid(ID(rgid), ID(egid))) {
+	    errstr = N_("unable to change to runas gid");
+	    goto bad;
+	}
+	state->gidlist = runas_setgroups();
+	if (state->gidlist == NULL) {
+	    errstr = N_("unable to set runas group vector");
+	    goto bad;
+	}
+	state->ruid = ROOT_UID;
+	state->euid = runas_pw ? runas_pw->pw_uid : user_uid;
+	sudo_debug_printf(SUDO_DEBUG_INFO, "%s: PERM_RUNAS: uid: "
+	    "[%d, %d] -> [%d, %d]", __func__, (int)ostate->ruid,
+	    (int)ostate->euid, (int)state->ruid, (int)state->euid);
+	if (UID_CHANGED && setreuid(ID(ruid), ID(euid))) {
+	    errstr = N_("unable to change to runas uid");
+	    goto bad;
+	}
+	break;
+
+    case PERM_SUDOERS:
+	state->gidlist = ostate->gidlist;
+	sudo_gidlist_addref(state->gidlist);
+
+	/* assume euid == ROOT_UID, ruid == user */
+	state->rgid = ostate->rgid;
+	state->egid = sudoers_gid;
+	sudo_debug_printf(SUDO_DEBUG_INFO, "%s: PERM_SUDOERS: gid: "
+	    "[%d, %d] -> [%d, %d]", __func__, (int)ostate->rgid,
+	    (int)ostate->egid, (int)state->rgid, (int)state->egid);
+	if (GID_CHANGED && setregid(ID(rgid), ID(egid))) {
+	    errstr = N_("unable to change to sudoers gid");
+	    goto bad;
+	}
+
+	state->ruid = ROOT_UID;
+	/*
+	 * If sudoers_uid == ROOT_UID and sudoers_mode is group readable
+	 * we use a non-zero uid in order to avoid NFS lossage.
+	 * Using uid 1 is a bit bogus but should work on all OS's.
+	 */
+	if (sudoers_uid == ROOT_UID && (sudoers_mode & S_IRGRP))
+	    state->euid = 1;
+	else
+	    state->euid = sudoers_uid;
+	sudo_debug_printf(SUDO_DEBUG_INFO, "%s: PERM_SUDOERS: uid: "
+	    "[%d, %d] -> [%d, %d]", __func__, (int)ostate->ruid,
+	    (int)ostate->euid, (int)state->ruid, (int)state->euid);
+	if (UID_CHANGED && setreuid(ID(ruid), ID(euid))) {
+	    snprintf(errbuf, sizeof(errbuf), "PERM_SUDOERS: setreuid(%d, %d)",
+		(int)ID(ruid), (int)ID(euid));
+	    goto bad;
+	}
+	break;
+
+    case PERM_TIMESTAMP:
+	state->gidlist = ostate->gidlist;
+	sudo_gidlist_addref(state->gidlist);
+	state->rgid = ostate->rgid;
+	state->egid = ostate->egid;
+	state->ruid = ROOT_UID;
+	state->euid = timestamp_uid;
+	sudo_debug_printf(SUDO_DEBUG_INFO, "%s: PERM_TIMESTAMP: uid: "
+	    "[%d, %d] -> [%d, %d]", __func__, (int)ostate->ruid,
+	    (int)ostate->euid, (int)state->ruid, (int)state->euid);
+	if (UID_CHANGED && setreuid(ID(ruid), ID(euid))) {
+	    snprintf(errbuf, sizeof(errbuf), "PERM_TIMESTAMP: setreuid(%d, %d)",
+		(int)ID(ruid), (int)ID(euid));
+	    goto bad;
+	}
+	break;
+
+    case PERM_IOLOG:
+	state->gidlist = ostate->gidlist;
+	sudo_gidlist_addref(state->gidlist);
+	state->rgid = ostate->rgid;
+	state->egid = iolog_gid;
+	state->ruid = ROOT_UID;
+	state->euid = iolog_uid;
+	sudo_debug_printf(SUDO_DEBUG_INFO, "%s: PERM_IOLOG: gid: "
+	    "[%d, %d] -> [%d, %d]", __func__, (int)ostate->rgid,
+	    (int)ostate->egid, (int)state->rgid, (int)state->egid);
+	if (GID_CHANGED && setregid(ID(rgid), ID(egid))) {
+	    snprintf(errbuf, sizeof(errbuf), "PERM_IOLOG: setregid(%d, %d)",
+		(int)ID(rgid), (int)ID(egid));
+	    goto bad;
+	}
+	sudo_debug_printf(SUDO_DEBUG_INFO, "%s: PERM_IOLOG: uid: "
+	    "[%d, %d] -> [%d, %d]", __func__, (int)ostate->ruid,
+	    (int)ostate->euid, (int)state->ruid, (int)state->euid);
+	if (UID_CHANGED && setreuid(ID(ruid), ID(euid))) {
+	    snprintf(errbuf, sizeof(errbuf), "PERM_IOLOG: setreuid(%d, %d)",
+		(int)ID(ruid), (int)ID(euid));
+	    goto bad;
+	}
+	break;
+    }
+
+    perm_stack_depth++;
+    debug_return_bool(true);
+bad:
+    if (errno == EAGAIN)
+	sudo_warnx(U_("%s: %s"), U_(errstr), U_("too many processes"));
+    else
+	sudo_warn("%s", U_(errstr));
+    debug_return_bool(false);
+}
+
+bool
+restore_perms(void)
+{
+    struct perm_state *state, *ostate;
+    debug_decl(restore_perms, SUDOERS_DEBUG_PERMS)
+
+    if (perm_stack_depth < 2) {
+	sudo_warnx(U_("perm stack underflow"));
+	debug_return_bool(true);
+    }
+
+    state = &perm_stack[perm_stack_depth - 1];
+    ostate = &perm_stack[perm_stack_depth - 2];
+    perm_stack_depth--;
+
+    sudo_debug_printf(SUDO_DEBUG_INFO, "%s: uid: [%d, %d] -> [%d, %d]",
+	__func__, (int)state->ruid, (int)state->euid,
+	(int)ostate->ruid, (int)ostate->euid);
+    sudo_debug_printf(SUDO_DEBUG_INFO, "%s: gid: [%d, %d] -> [%d, %d]",
+	__func__, (int)state->rgid, (int)state->egid,
+	(int)ostate->rgid, (int)ostate->egid);
+
+    /*
+     * When changing euid to ROOT_UID, setreuid() may fail even if
+     * the ruid is ROOT_UID so call setuid() first.
+     */
+    if (OID(euid) == ROOT_UID) {
+	/* setuid() may not set the saved ID unless the euid is ROOT_UID */
+	if (ID(euid) != ROOT_UID) {
+	    if (setreuid(-1, ROOT_UID) != 0) {
+		sudo_debug_printf(SUDO_DEBUG_ERROR|SUDO_DEBUG_ERRNO,
+		    "setreuid() [%d, %d] -> [-1, %d)", (int)state->ruid,
+		    (int)state->euid, ROOT_UID);
+	    }
+	}
+	if (setuid(ROOT_UID)) {
+	    sudo_warn("setuid() [%d, %d] -> %d)", (int)state->ruid,
+		(int)state->euid, ROOT_UID);
+	    goto bad;
+	}
+    }
+    if (setreuid(OID(ruid), OID(euid))) {
+	sudo_warn("setreuid() [%d, %d] -> [%d, %d]", (int)state->ruid,
+	    (int)state->euid, (int)OID(ruid), (int)OID(euid));
+	goto bad;
+    }
+    if (setregid(OID(rgid), OID(egid))) {
+	sudo_warn("setregid() [%d, %d] -> [%d, %d]", (int)state->rgid,
+	    (int)state->egid, (int)OID(rgid), (int)OID(egid));
+	goto bad;
+    }
+    if (state->gidlist != ostate->gidlist) {
+	if (sudo_setgroups(ostate->gidlist->ngids, ostate->gidlist->gids)) {
+	    sudo_warn("setgroups()");
+	    goto bad;
+	}
+    }
+    sudo_gidlist_delref(state->gidlist);
+    debug_return_bool(true);
+
+bad:
+    debug_return_bool(false);
+}
+
+#elif defined(HAVE_SETEUID)
+
+#define GID_CHANGED (state->rgid != ostate->rgid || state->egid != ostate->egid)
+
+/*
+ * Set real and effective uids and gids based on perm.
+ * We always retain a real or effective uid of ROOT_UID unless
+ * we are headed for an exec().
+ * This version of set_perms() works fine with the "stay_setuid" option.
+ */
+bool
+set_perms(int perm)
+{
+    struct perm_state *state, *ostate = NULL;
+    char errbuf[1024];
+    const char *errstr = errbuf;
+    debug_decl(set_perms, SUDOERS_DEBUG_PERMS)
+
+    if (perm_stack_depth == PERM_STACK_MAX) {
+	errstr = N_("perm stack overflow");
+	errno = EINVAL;
+	goto bad;
+    }
+
+    state = &perm_stack[perm_stack_depth];
+    if (perm != PERM_INITIAL) {
+	if (perm_stack_depth == 0) {
+	    errstr = N_("perm stack underflow");
+	    errno = EINVAL;
+	    goto bad;
+	}
+	ostate = &perm_stack[perm_stack_depth - 1];
+    }
+
+    /*
+     * Since we only have setuid() and seteuid() and semantics
+     * for these calls differ on various systems, we set
+     * real and effective uids to ROOT_UID initially to be safe.
+     */
+    if (perm != PERM_INITIAL) {
+	if (ostate->euid != ROOT_UID && seteuid(ROOT_UID)) {
+	    snprintf(errbuf, sizeof(errbuf), "set_perms: seteuid(%d)", ROOT_UID);
+	    goto bad;
+	}
+	if (ostate->ruid != ROOT_UID && setuid(ROOT_UID)) {
+	    snprintf(errbuf, sizeof(errbuf), "set_perms: setuid(%d)", ROOT_UID);
+	    goto bad;
+	}
+    }
+
+    switch (perm) {
+    case PERM_INITIAL:
+	/* Stash initial state */
+	state->ruid = getuid();
+	state->euid = geteuid();
+	state->rgid = getgid();
+	state->egid = getegid();
+	state->gidlist = user_gid_list;
+	sudo_gidlist_addref(state->gidlist);
+	sudo_debug_printf(SUDO_DEBUG_INFO, "%s: PERM_INITIAL: "
+	    "ruid: %d, euid: %d, rgid: %d, egid: %d", __func__,
+	    (int)state->ruid, (int)state->euid,
+	    (int)state->rgid, (int)state->egid);
+	break;
+
+    case PERM_ROOT:
+	/* We already set ruid/euid above. */
+	sudo_debug_printf(SUDO_DEBUG_INFO, "%s: PERM_ROOT: uid: "
+	    "[%d, %d] -> [%d, %d]", __func__, (int)ostate->ruid,
+	    (int)ostate->euid, ROOT_UID, ROOT_UID);
+	state->ruid = ROOT_UID;
+	state->euid = ROOT_UID;
+	state->rgid = ostate->rgid;
+	state->egid = ROOT_GID;
+	sudo_debug_printf(SUDO_DEBUG_INFO, "%s: PERM_ROOT: gid: "
+	    "[%d, %d] -> [%d, %d]", __func__, (int)ostate->rgid,
+	    (int)ostate->egid, ROOT_GID, ROOT_GID);
+	if (GID_CHANGED && setegid(ROOT_GID)) {
+	    errstr = N_("unable to change to root gid");
+	    goto bad;
+	}
+	state->gidlist = ostate->gidlist;
+	sudo_gidlist_addref(state->gidlist);
+	break;
+
+    case PERM_USER:
+	state->egid = user_gid;
+	state->rgid = ostate->rgid;
+	sudo_debug_printf(SUDO_DEBUG_INFO, "%s: PERM_USER: gid: "
+	    "[%d, %d] -> [%d, %d]", __func__, (int)ostate->rgid,
+	    (int)ostate->egid, (int)state->rgid, (int)state->egid);
+	if (GID_CHANGED && setegid(user_gid)) {
+	    snprintf(errbuf, sizeof(errbuf),
+		"PERM_USER: setegid(%d)", (int)user_gid);
+	    goto bad;
+	}
+	state->gidlist = user_gid_list;
+	sudo_gidlist_addref(state->gidlist);
+	if (state->gidlist != ostate->gidlist) {
+	    if (sudo_setgroups(state->gidlist->ngids, state->gidlist->gids)) {
+		errstr = "PERM_USER: setgroups";
+		goto bad;
+	    }
+	}
+	state->ruid = ROOT_UID;
+	state->euid = user_uid;
+	sudo_debug_printf(SUDO_DEBUG_INFO, "%s: PERM_USER: uid: "
+	    "[%d, %d] -> [%d, %d]", __func__, (int)ostate->ruid,
+	    (int)ostate->euid, (int)state->ruid, (int)state->euid);
+	if (seteuid(user_uid)) {
+	    snprintf(errbuf, sizeof(errbuf),
+		"PERM_USER: seteuid(%d)", (int)user_uid);
+	    goto bad;
+	}
+	break;
+
+    case PERM_FULL_USER:
+	/* headed for exec() */
+	state->rgid = user_gid;
+	state->egid = user_gid;
+	sudo_debug_printf(SUDO_DEBUG_INFO, "%s: PERM_FULL_USER: gid: "
+	    "[%d, %d] -> [%d, %d]", __func__, (int)ostate->rgid,
+	    (int)ostate->egid, (int)state->rgid, (int)state->egid);
+	if (GID_CHANGED && setgid(user_gid)) {
+	    snprintf(errbuf, sizeof(errbuf),
+		"PERM_FULL_USER: setgid(%d)", (int)user_gid);
+	    goto bad;
+	}
+	state->gidlist = user_gid_list;
+	sudo_gidlist_addref(state->gidlist);
+	if (state->gidlist != ostate->gidlist) {
+	    if (sudo_setgroups(state->gidlist->ngids, state->gidlist->gids)) {
+		errstr = "PERM_FULL_USER: setgroups";
+		goto bad;
+	    }
+	}
+	state->ruid = user_uid;
+	state->euid = user_uid;
+	sudo_debug_printf(SUDO_DEBUG_INFO, "%s: PERM_FULL_USER: uid: "
+	    "[%d, %d] -> [%d, %d]", __func__, (int)ostate->ruid,
+	    (int)ostate->euid, (int)state->ruid, (int)state->euid);
+	if (setuid(user_uid)) {
+	    snprintf(errbuf, sizeof(errbuf),
+		"PERM_FULL_USER: setuid(%d)", (int)user_uid);
+	    goto bad;
+	}
+	break;
+
+    case PERM_RUNAS:
+	state->rgid = ostate->rgid;
+	state->egid = runas_gr ? runas_gr->gr_gid : runas_pw->pw_gid;
+	sudo_debug_printf(SUDO_DEBUG_INFO, "%s: PERM_RUNAS: gid: "
+	    "[%d, %d] -> [%d, %d]", __func__, (int)ostate->rgid,
+	    (int)ostate->egid, (int)state->rgid, (int)state->egid);
+	if (GID_CHANGED && setegid(state->egid)) {
+	    errstr = N_("unable to change to runas gid");
+	    goto bad;
+	}
+	state->gidlist = runas_setgroups();
+	if (state->gidlist == NULL) {
+	    errstr = N_("unable to set runas group vector");
+	    goto bad;
+	}
+	state->ruid = ostate->ruid;
+	state->euid = runas_pw ? runas_pw->pw_uid : user_uid;
+	sudo_debug_printf(SUDO_DEBUG_INFO, "%s: PERM_RUNAS: uid: "
+	    "[%d, %d] -> [%d, %d]", __func__, (int)ostate->ruid,
+	    (int)ostate->euid, (int)state->ruid, (int)state->euid);
+	if (seteuid(state->euid)) {
+	    errstr = N_("unable to change to runas uid");
+	    goto bad;
+	}
+	break;
+
+    case PERM_SUDOERS:
+	state->gidlist = ostate->gidlist;
+	sudo_gidlist_addref(state->gidlist);
+
+	/* assume euid == ROOT_UID, ruid == user */
+	state->rgid = ostate->rgid;
+	state->egid = sudoers_gid;
+	sudo_debug_printf(SUDO_DEBUG_INFO, "%s: PERM_SUDOERS: gid: "
+	    "[%d, %d] -> [%d, %d]", __func__, (int)ostate->rgid,
+	    (int)ostate->egid, (int)state->rgid, (int)state->egid);
+	if (GID_CHANGED && setegid(sudoers_gid)) {
+	    errstr = N_("unable to change to sudoers gid");
+	    goto bad;
+	}
+
+	state->ruid = ROOT_UID;
+	/*
+	 * If sudoers_uid == ROOT_UID and sudoers_mode is group readable
+	 * we use a non-zero uid in order to avoid NFS lossage.
+	 * Using uid 1 is a bit bogus but should work on all OS's.
+	 */
+	if (sudoers_uid == ROOT_UID && (sudoers_mode & S_IRGRP))
+	    state->euid = 1;
+	else
+	    state->euid = sudoers_uid;
+	sudo_debug_printf(SUDO_DEBUG_INFO, "%s: PERM_SUDOERS: uid: "
+	    "[%d, %d] -> [%d, %d]", __func__, (int)ostate->ruid,
+	    (int)ostate->euid, (int)state->ruid, (int)state->euid);
+	if (seteuid(state->euid)) {
+	    snprintf(errbuf, sizeof(errbuf),
+		"PERM_SUDOERS: seteuid(%d)", (int)state->euid);
+	    goto bad;
+	}
+	break;
+
+    case PERM_TIMESTAMP:
+	state->gidlist = ostate->gidlist;
+	sudo_gidlist_addref(state->gidlist);
+	state->rgid = ostate->rgid;
+	state->egid = ostate->egid;
+	state->ruid = ROOT_UID;
+	state->euid = timestamp_uid;
+	sudo_debug_printf(SUDO_DEBUG_INFO, "%s: PERM_TIMESTAMP: uid: "
+	    "[%d, %d] -> [%d, %d]", __func__, (int)ostate->ruid,
+	    (int)ostate->euid, (int)state->ruid, (int)state->euid);
+	if (seteuid(timestamp_uid)) {
+	    snprintf(errbuf, sizeof(errbuf),
+		"PERM_TIMESTAMP: seteuid(%d)", (int)timestamp_uid);
+	    goto bad;
+	}
+	break;
+
+    case PERM_IOLOG:
+	state->gidlist = ostate->gidlist;
+	sudo_gidlist_addref(state->gidlist);
+	state->rgid = ostate->rgid;
+	state->egid = iolog_gid;
+	state->ruid = ROOT_UID;
+	state->euid = iolog_uid;
+	sudo_debug_printf(SUDO_DEBUG_INFO, "%s: PERM_IOLOG: gid: "
+	    "[%d, %d] -> [%d, %d]", __func__, (int)ostate->rgid,
+	    (int)ostate->egid, (int)state->rgid, (int)state->egid);
+	if (GID_CHANGED && setegid(iolog_gid)) {
+	    snprintf(errbuf, sizeof(errbuf),
+		"PERM_IOLOG: setegid(%d)", (int)iolog_gid);
+	    goto bad;
+	}
+	sudo_debug_printf(SUDO_DEBUG_INFO, "%s: PERM_IOLOG: uid: "
+	    "[%d, %d] -> [%d, %d]", __func__, (int)ostate->ruid,
+	    (int)ostate->euid, (int)state->ruid, (int)state->euid);
+	if (seteuid(timestamp_uid)) {
+	    snprintf(errbuf, sizeof(errbuf),
+		"PERM_IOLOG: seteuid(%d)", (int)timestamp_uid);
+	    goto bad;
+	}
+	break;
+    }
+
+    perm_stack_depth++;
+    debug_return_bool(true);
+bad:
+    if (errno == EAGAIN)
+	sudo_warnx(U_("%s: %s"), U_(errstr), U_("too many processes"));
+    else
+	sudo_warn("%s", U_(errstr));
+    debug_return_bool(false);
+}
+
+bool
+restore_perms(void)
+{
+    struct perm_state *state, *ostate;
+    debug_decl(restore_perms, SUDOERS_DEBUG_PERMS)
+
+    if (perm_stack_depth < 2) {
+	sudo_warnx(U_("perm stack underflow"));
+	debug_return_bool(true);
+    }
+
+    state = &perm_stack[perm_stack_depth - 1];
+    ostate = &perm_stack[perm_stack_depth - 2];
+    perm_stack_depth--;
+
+    sudo_debug_printf(SUDO_DEBUG_INFO, "%s: uid: [%d, %d] -> [%d, %d]",
+	__func__, (int)state->ruid, (int)state->euid,
+	(int)ostate->ruid, (int)ostate->euid);
+    sudo_debug_printf(SUDO_DEBUG_INFO, "%s: gid: [%d, %d] -> [%d, %d]",
+	__func__, (int)state->rgid, (int)state->egid,
+	(int)ostate->rgid, (int)ostate->egid);
+
+    /*
+     * Since we only have setuid() and seteuid() and semantics
+     * for these calls differ on various systems, we set
+     * real and effective uids to ROOT_UID initially to be safe.
+     */
+    if (seteuid(ROOT_UID)) {
+	sudo_warnx("seteuid() [%d] -> [%d]", (int)state->euid, ROOT_UID);
+	goto bad;
+    }
+    if (setuid(ROOT_UID)) {
+	sudo_warnx("setuid() [%d, %d] -> [%d, %d]", (int)state->ruid, ROOT_UID,
+	    ROOT_UID, ROOT_UID);
+	goto bad;
+    }
+
+    if (OID(egid) != (gid_t)-1 && setegid(ostate->egid)) {
+	sudo_warn("setegid(%d)", (int)ostate->egid);
+	goto bad;
+    }
+    if (state->gidlist != ostate->gidlist) {
+	if (sudo_setgroups(ostate->gidlist->ngids, ostate->gidlist->gids)) {
+	    sudo_warn("setgroups()");
+	    goto bad;
+	}
+    }
+    if (OID(euid) != (uid_t)-1 && seteuid(ostate->euid)) {
+	sudo_warn("seteuid(%d)", (int)ostate->euid);
+	goto bad;
+    }
+    sudo_gidlist_delref(state->gidlist);
+    debug_return_bool(true);
+
+bad:
+    debug_return_bool(false);
+}
+
+#else /* !HAVE_SETRESUID && !HAVE_SETREUID && !HAVE_SETEUID */
+
+/*
+ * Set uids and gids based on perm via setuid() and setgid().
+ * NOTE: does not support the "stay_setuid" or timestampowner options.
+ *       Also, sudoers_uid and sudoers_gid are not used.
+ */
+bool
+set_perms(int perm)
+{
+    struct perm_state *state, *ostate = NULL;
+    char errbuf[1024];
+    const char *errstr = errbuf;
+    debug_decl(set_perms, SUDOERS_DEBUG_PERMS)
+
+    if (perm_stack_depth == PERM_STACK_MAX) {
+	errstr = N_("perm stack overflow");
+	errno = EINVAL;
+	goto bad;
+    }
+
+    state = &perm_stack[perm_stack_depth];
+    if (perm != PERM_INITIAL) {
+	if (perm_stack_depth == 0) {
+	    errstr = N_("perm stack underflow");
+	    errno = EINVAL;
+	    goto bad;
+	}
+	ostate = &perm_stack[perm_stack_depth - 1];
+    }
+
+    switch (perm) {
+    case PERM_INITIAL:
+	/* Stash initial state */
+	state->ruid = geteuid() == ROOT_UID ? ROOT_UID : getuid();
+	state->rgid = getgid();
+	state->gidlist = user_gid_list;
+	sudo_gidlist_addref(state->gidlist);
+	sudo_debug_printf(SUDO_DEBUG_INFO, "%s: PERM_INITIAL: "
+	    "ruid: %d, rgid: %d", __func__, (int)state->ruid, (int)state->rgid);
+	break;
+
+    case PERM_ROOT:
+	state->ruid = ROOT_UID;
+	state->rgid = ROOT_GID;
+	state->gidlist = ostate->gidlist;
+	sudo_gidlist_addref(state->gidlist);
+	sudo_debug_printf(SUDO_DEBUG_INFO, "%s: PERM_ROOT: uid: "
+	    "[%d] -> [%d]", __func__, (int)ostate->ruid, (int)state->ruid);
+	if (setuid(ROOT_UID)) {
+	    snprintf(errbuf, sizeof(errbuf), "PERM_ROOT: setuid(%d)", ROOT_UID);
+	    goto bad;
+	}
+	sudo_debug_printf(SUDO_DEBUG_INFO, "%s: PERM_ROOT: gid: "
+	    "[%d] -> [%d]", __func__, (int)ostate->rgid, (int)state->rgid);
+	if (setgid(ROOT_GID)) {
+	    errstr = N_("unable to change to root gid");
+	    goto bad;
+	}
+	break;
+
+    case PERM_FULL_USER:
+	state->rgid = user_gid;
+	sudo_debug_printf(SUDO_DEBUG_INFO, "%s: PERM_FULL_USER: gid: "
+	    "[%d] -> [%d]", __func__, (int)ostate->rgid, (int)state->rgid);
+	(void) setgid(user_gid);
+	state->gidlist = user_gid_list;
+	sudo_gidlist_addref(state->gidlist);
+	if (state->gidlist != ostate->gidlist) {
+	    if (sudo_setgroups(state->gidlist->ngids, state->gidlist->gids)) {
+		errstr = "PERM_FULL_USER: setgroups";
+		goto bad;
+	    }
+	}
+	state->ruid = user_uid;
+	sudo_debug_printf(SUDO_DEBUG_INFO, "%s: PERM_FULL_USER: uid: "
+	    "[%d] -> [%d]", __func__, (int)ostate->ruid, (int)state->ruid);
+	if (setuid(user_uid)) {
+	    snprintf(errbuf, sizeof(errbuf),
+		"PERM_FULL_USER: setuid(%d)", (int)user_uid);
+	    goto bad;
+	}
+	break;
+
+    case PERM_USER:
+    case PERM_SUDOERS:
+    case PERM_RUNAS:
+    case PERM_TIMESTAMP:
+    case PERM_IOLOG:
+	/* Unsupported since we can't set euid. */
+	state->ruid = ostate->ruid;
+	state->rgid = ostate->rgid;
+	state->gidlist = ostate->gidlist;
+	sudo_gidlist_addref(state->gidlist);
+	break;
+    }
+
+    perm_stack_depth++;
+    debug_return_bool(true);
+bad:
+    if (errno == EAGAIN)
+	sudo_warnx(U_("%s: %s"), U_(errstr), U_("too many processes"));
+    else
+	sudo_warn("%s", U_(errstr));
+    debug_return_bool(false);
+}
+
+boll
+restore_perms(void)
+{
+    struct perm_state *state, *ostate;
+    debug_decl(restore_perms, SUDOERS_DEBUG_PERMS)
+
+    if (perm_stack_depth < 2) {
+	sudo_warnx(U_("perm stack underflow"));
+	debug_return_bool(true);
+    }
+
+    state = &perm_stack[perm_stack_depth - 1];
+    ostate = &perm_stack[perm_stack_depth - 2];
+    perm_stack_depth--;
+
+    sudo_debug_printf(SUDO_DEBUG_INFO, "%s: uid: [%d] -> [%d]",
+	__func__, (int)state->ruid, (int)ostate->ruid);
+    sudo_debug_printf(SUDO_DEBUG_INFO, "%s: gid: [%d] -> [%d]",
+	__func__, (int)state->rgid, (int)ostate->rgid);
+
+    if (OID(rgid) != (gid_t)-1 && setgid(ostate->rgid)) {
+	sudo_warn("setgid(%d)", (int)ostate->rgid);
+	goto bad;
+    }
+    if (state->gidlist != ostate->gidlist) {
+	if (sudo_setgroups(ostate->gidlist->ngids, ostate->gidlist->gids)) {
+	    sudo_warn("setgroups()");
+	    goto bad;
+	}
+    }
+    sudo_gidlist_delref(state->gidlist);
+    if (OID(ruid) != (uid_t)-1 && setuid(ostate->ruid)) {
+	sudo_warn("setuid(%d)", (int)ostate->ruid);
+	goto bad;
+    }
+    debug_return_bool(true);
+
+bad:
+    debug_return_bool(false);
+}
+#endif /* HAVE_SETRESUID || HAVE_SETREUID || HAVE_SETEUID */
+
+#if defined(HAVE_SETRESUID) || defined(HAVE_SETREUID) || defined(HAVE_SETEUID)
+static struct gid_list *
+runas_setgroups(void)
+{
+    struct gid_list *gidlist;
+    debug_decl(runas_setgroups, SUDOERS_DEBUG_PERMS)
+
+    gidlist = runas_getgroups();
+    if (gidlist != NULL && !def_preserve_groups) {
+	if (sudo_setgroups(gidlist->ngids, gidlist->gids) < 0) {
+	    sudo_gidlist_delref(gidlist);
+	    gidlist = NULL;
+	}
+    }
+    debug_return_ptr(gidlist);
+}
+#endif /* HAVE_SETRESUID || HAVE_SETREUID || HAVE_SETEUID */
diff --git a/plugins/sudoers/solaris_audit.c b/plugins/sudoers/solaris_audit.c
new file mode 100644
index 0000000..650595a
--- /dev/null
+++ b/plugins/sudoers/solaris_audit.c
@@ -0,0 +1,134 @@
+/*
+ * Copyright (c) 2014, Oracle and/or its affiliates.
+ *
+ * Permission to use, copy, modify, and distribute this software for any
+ * purpose with or without fee is hereby granted, provided that the above
+ * copyright notice and this permission notice appear in all copies.
+ *
+ * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
+ * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
+ * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
+ * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
+ * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
+ * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
+ * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
+ */
+
+/*
+ * This is an open source non-commercial project. Dear PVS-Studio, please check it.
+ * PVS-Studio Static Code Analyzer for C, C++ and C#: http://www.viva64.com
+ */
+
+#include <config.h>
+
+#ifdef HAVE_SOLARIS_AUDIT
+
+#include <sys/types.h>
+#include <stdarg.h>
+#include <stdio.h>
+#include <stdlib.h>
+#include <string.h>
+
+#include <bsm/adt.h>
+#include <bsm/adt_event.h>
+
+#include "sudoers.h"
+#include "solaris_audit.h"
+
+static adt_session_data_t *ah;		/* audit session handle */
+static adt_event_data_t	*event;		/* event to be generated */
+static char		cwd[PATH_MAX];
+static char		cmdpath[PATH_MAX];
+
+static int
+adt_sudo_common(int argc, char *argv[])
+{
+	if (adt_start_session(&ah, NULL, ADT_USE_PROC_DATA) != 0) {
+		log_warning(SLOG_NO_STDERR, "adt_start_session");
+		return -1;
+	}
+	if ((event = adt_alloc_event(ah, ADT_sudo)) == NULL) {
+		log_warning(SLOG_NO_STDERR, "alloc_event");
+		(void) adt_end_session(ah);
+		return -1;
+	}
+	if ((event->adt_sudo.cwdpath = getcwd(cwd, sizeof(cwd))) == NULL) {
+		log_warning(SLOG_NO_STDERR, _("unable to get current working directory"));
+	}
+
+	/* get the real executable name */
+	if (user_cmnd != NULL) {
+		if (strlcpy(cmdpath, (const char *)user_cmnd,
+		    sizeof(cmdpath)) >= sizeof(cmdpath)) {
+			log_warningx(SLOG_NO_STDERR,
+			    _("truncated audit path user_cmnd: %s"),
+			    user_cmnd);
+		}
+	} else {
+		if (strlcpy(cmdpath, (const char *)argv[0],
+		    sizeof(cmdpath)) >= sizeof(cmdpath)) {
+			log_warningx(SLOG_NO_STDERR,
+			    _("truncated audit path argv[0]: %s"),
+			    argv[0]);
+		}
+	}
+
+	event->adt_sudo.cmdpath = cmdpath;
+	event->adt_sudo.argc = argc - 1;
+	event->adt_sudo.argv = &argv[1];
+	event->adt_sudo.envp = env_get();
+
+	return 0;
+}
+
+
+/*
+ * Returns 0 on success or -1 on error.
+ */
+int
+solaris_audit_success(int argc, char *argv[])
+{
+	int rc = -1;
+
+	if (adt_sudo_common(argc, argv) != 0) {
+		return -1;
+	}
+	if (adt_put_event(event, ADT_SUCCESS, ADT_SUCCESS) != 0) {
+		log_warning(SLOG_NO_STDERR, "adt_put_event(ADT_SUCCESS)");
+	} else {
+		rc = 0;
+	}
+	adt_free_event(event);
+	(void) adt_end_session(ah);
+
+	return rc;
+}
+
+/*
+ * Returns 0 on success or -1 on error.
+ */
+int
+solaris_audit_failure(int argc, char *argv[], char const *const fmt, va_list ap)
+{
+	int rc = -1;
+
+	if (adt_sudo_common(argc, argv) != 0) {
+		return -1;
+	}
+	if (vasprintf(&event->adt_sudo.errmsg, fmt, ap) == -1) {
+		log_warning(SLOG_NO_STDERR,
+		    _("audit_failure message too long"));
+	}
+	if (adt_put_event(event, ADT_FAILURE, ADT_FAIL_VALUE_PROGRAM) != 0) {
+		log_warning(SLOG_NO_STDERR, "adt_put_event(ADT_FAILURE)");
+	} else {
+		rc = 0;
+	}
+	free(event->adt_sudo.errmsg);
+	adt_free_event(event);
+	(void) adt_end_session(ah);
+
+	return 0;
+}
+
+#endif /* HAVE_SOLARIS_AUDIT */
diff --git a/plugins/sudoers/solaris_audit.h b/plugins/sudoers/solaris_audit.h
new file mode 100644
index 0000000..36a1245
--- /dev/null
+++ b/plugins/sudoers/solaris_audit.h
@@ -0,0 +1,23 @@
+/*
+ * Copyright (c) 2014, Oracle and/or its affiliates.
+ *
+ * Permission to use, copy, modify, and distribute this software for any
+ * purpose with or without fee is hereby granted, provided that the above
+ * copyright notice and this permission notice appear in all copies.
+ *
+ * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
+ * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
+ * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
+ * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
+ * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
+ * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
+ * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
+ */
+
+#ifndef SUDOERS_SOLARIS_AUDIT_H
+#define	SUDOERS_SOLARIS_AUDIT_H
+
+int	solaris_audit_success(int argc, char *argv[]);
+int	solaris_audit_failure(int argc, char *argv[], char const *const fmt, va_list);
+
+#endif /* SUDOERS_SOLARIS_AUDIT_H */
diff --git a/plugins/sudoers/sssd.c b/plugins/sudoers/sssd.c
new file mode 100644
index 0000000..085549f
--- /dev/null
+++ b/plugins/sudoers/sssd.c
@@ -0,0 +1,790 @@
+/*
+ * Copyright (c) 2003-2018 Todd C. Miller <Todd.Miller@sudo.ws>
+ * Copyright (c) 2011 Daniel Kopecek <dkopecek@redhat.com>
+ *
+ * This code is derived from software contributed by Aaron Spangler.
+ *
+ * Permission to use, copy, modify, and distribute this software for any
+ * purpose with or without fee is hereby granted, provided that the above
+ * copyright notice and this permission notice appear in all copies.
+ *
+ * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
+ * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
+ * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
+ * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
+ * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
+ * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
+ * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
+ */
+
+/*
+ * This is an open source non-commercial project. Dear PVS-Studio, please check it.
+ * PVS-Studio Static Code Analyzer for C, C++ and C#: http://www.viva64.com
+ */
+
+#include <config.h>
+
+#ifdef HAVE_SSSD
+
+#include <sys/types.h>
+#include <sys/stat.h>
+#include <stdio.h>
+#include <stdlib.h>
+#ifdef HAVE_STRING_H
+# include <string.h>
+#endif /* HAVE_STRING_H */
+#ifdef HAVE_STRINGS_H
+# include <strings.h>
+#endif /* HAVE_STRINGS_H */
+#include <unistd.h>
+#include <time.h>
+#include <ctype.h>
+#include <pwd.h>
+#include <grp.h>
+
+#include <errno.h>
+#include <stdint.h>
+
+#include "sudoers.h"
+#include "gram.h"
+#include "sudo_lbuf.h"
+#include "sudo_ldap.h"
+#include "sudo_dso.h"
+
+/* SSSD <--> SUDO interface - do not change */
+struct sss_sudo_attr {
+    char *name;
+    char **values;
+    unsigned int num_values;
+};
+
+struct sss_sudo_rule {
+    unsigned int num_attrs;
+    struct sss_sudo_attr *attrs;
+};
+
+struct sss_sudo_result {
+    unsigned int num_rules;
+    struct sss_sudo_rule *rules;
+};
+
+typedef int  (*sss_sudo_send_recv_t)(uid_t, const char*, const char*,
+                                     uint32_t*, struct sss_sudo_result**);
+
+typedef int  (*sss_sudo_send_recv_defaults_t)(uid_t, const char*, uint32_t*,
+                                              char**, struct sss_sudo_result**);
+
+typedef void (*sss_sudo_free_result_t)(struct sss_sudo_result*);
+
+typedef int  (*sss_sudo_get_values_t)(struct sss_sudo_rule*, const char*,
+                                      char***);
+
+typedef void (*sss_sudo_free_values_t)(char**);
+
+/* sudo_nss handle */
+struct sudo_sss_handle {
+    char *domainname;
+    char *ipa_host;
+    char *ipa_shost;
+    struct passwd *pw;
+    void *ssslib;
+    struct sudoers_parse_tree parse_tree;
+    sss_sudo_send_recv_t fn_send_recv;
+    sss_sudo_send_recv_defaults_t fn_send_recv_defaults;
+    sss_sudo_free_result_t fn_free_result;
+    sss_sudo_get_values_t fn_get_values;
+    sss_sudo_free_values_t fn_free_values;
+};
+
+static int
+get_ipa_hostname(char **shostp, char **lhostp)
+{
+    size_t linesize = 0;
+    char *lhost = NULL;
+    char *shost = NULL;
+    char *line = NULL;
+    int ret = false;
+    ssize_t len;
+    FILE *fp;
+    debug_decl(get_ipa_hostname, SUDOERS_DEBUG_SSSD)
+
+    fp = fopen(_PATH_SSSD_CONF, "r");
+    if (fp != NULL) {
+	while ((len = getline(&line, &linesize, fp)) != -1) {
+	    char *cp = line;
+
+	    /* Trim trailing and leading spaces. */
+	    while (len > 0 && isspace((unsigned char)line[len - 1]))
+		line[--len] = '\0';
+	    while (isspace((unsigned char)*cp))
+		cp++;
+
+	    /*
+	     * Match ipa_hostname = foo
+	     * Note: currently ignores the domain (XXX)
+	     */
+	    if (strncmp(cp, "ipa_hostname", 12) == 0) {
+		cp += 12;
+		/* Trim " = " after "ipa_hostname" */
+		while (isblank((unsigned char)*cp))
+		    cp++;
+		if (*cp++ != '=')
+		    continue;
+		while (isblank((unsigned char)*cp))
+		    cp++;
+		/* Ignore empty value */
+		if (*cp == '\0')
+		    continue;
+		lhost = strdup(cp);
+		if (lhost != NULL && (cp = strchr(lhost, '.')) != NULL) {
+		    shost = strndup(lhost, (size_t)(cp - lhost));
+		} else {
+		    shost = lhost;
+		}
+		if (shost != NULL && lhost != NULL) {
+		    sudo_debug_printf(SUDO_DEBUG_INFO,
+			"ipa_hostname %s overrides %s", lhost, user_host);
+		    *shostp = shost;
+		    *lhostp = lhost;
+		    ret = true;
+		} else {
+		    sudo_warnx(U_("%s: %s"), __func__,
+			U_("unable to allocate memory"));
+		    free(shost);
+		    free(lhost);
+		    ret = -1;
+		}
+		break;
+	    }
+	}
+	fclose(fp);
+	free(line);
+    }
+    debug_return_int(ret);
+}
+
+/*
+ * SSSD doesn't handle netgroups, we have to ensure they are correctly filtered
+ * in sudo. The rules may contain mixed sudoUser specification so we have to
+ * check not only for netgroup membership but also for user and group matches.
+ * Otherwise, a netgroup non-match could override a user/group match.
+ */
+static bool
+sudo_sss_check_user(struct sudo_sss_handle *handle, struct sss_sudo_rule *rule)
+{
+    const char *host = handle->ipa_host ? handle->ipa_host : user_runhost;
+    const char *shost = handle->ipa_shost ? handle->ipa_shost : user_srunhost;
+    char **val_array;
+    int i, ret = false;
+    debug_decl(sudo_sss_check_user, SUDOERS_DEBUG_SSSD);
+
+    if (rule == NULL)
+	debug_return_bool(false);
+
+    switch (handle->fn_get_values(rule, "sudoUser", &val_array)) {
+    case 0:
+	break;
+    case ENOENT:
+	sudo_debug_printf(SUDO_DEBUG_INFO, "No result.");
+	debug_return_bool(false);
+    default:
+	sudo_debug_printf(SUDO_DEBUG_ERROR,
+	    "handle->fn_get_values(sudoUser): != 0");
+	debug_return_bool(false);
+    }
+
+    /* Walk through sudoUser values.  */
+    for (i = 0; val_array[i] != NULL && !ret; ++i) {
+	const char *val = val_array[i];
+
+	sudo_debug_printf(SUDO_DEBUG_DEBUG, "val[%d]=%s", i, val);
+	switch (*val) {
+	case '+':
+	    /* Netgroup spec found, check membership. */
+	    if (netgr_matches(val, def_netgroup_tuple ? host : NULL,
+		def_netgroup_tuple ? shost : NULL, handle->pw->pw_name)) {
+		ret = true;
+	    }
+	    break;
+	case '%':
+	    /* User group found, check membership. */
+	    if (usergr_matches(val, handle->pw->pw_name, handle->pw)) {
+		ret = true;
+	    }
+	    break;
+	default:
+	    /* Not a netgroup or user group. */
+	    if (strcmp(val, "ALL") == 0 ||
+		userpw_matches(val, handle->pw->pw_name, handle->pw)) {
+		ret = true;
+	    }
+	    break;
+	}
+	sudo_debug_printf(SUDO_DEBUG_DIAG,
+	    "sssd/ldap sudoUser '%s' ... %s (%s)", val,
+	    ret ? "MATCH!" : "not", handle->pw->pw_name);
+    }
+    handle->fn_free_values(val_array);
+    debug_return_bool(ret);
+}
+
+static char *
+val_array_iter(void **vp)
+{
+    char **val_array = *vp;
+
+    *vp = val_array + 1;
+
+    return *val_array;
+}
+
+static bool
+sss_to_sudoers(struct sudo_sss_handle *handle,
+    struct sss_sudo_result *sss_result)
+{
+    struct userspec *us;
+    struct member *m;
+    unsigned int i;
+    debug_decl(sss_to_sudoers, SUDOERS_DEBUG_SSSD)
+
+    /* We only have a single userspec */
+    if ((us = calloc(1, sizeof(*us))) == NULL)
+	goto oom;
+    TAILQ_INIT(&us->users);
+    TAILQ_INIT(&us->privileges);
+    STAILQ_INIT(&us->comments);
+    TAILQ_INSERT_TAIL(&handle->parse_tree.userspecs, us, entries);
+
+    /* We only include rules where the user matches. */
+    if ((m = calloc(1, sizeof(*m))) == NULL)
+	goto oom;
+    m->type = ALL;
+    TAILQ_INSERT_TAIL(&us->users, m, entries);
+
+    /*
+     * Treat each sudoRole as a separate privilege.
+     *
+     * Sssd has already sorted the rules in descending order.
+     * The conversion to a sudoers parse tree requires that entries be
+     * in *ascending* order so we we iterate from last to first.
+     */
+    for (i = sss_result->num_rules; i-- > 0; ) {
+	struct sss_sudo_rule *rule = sss_result->rules + i;
+	char **cmnds, **runasusers = NULL, **runasgroups = NULL;
+	char **opts = NULL, **notbefore = NULL, **notafter = NULL;
+	char **hosts = NULL, **cn_array = NULL, *cn = NULL;
+	struct privilege *priv = NULL;
+
+	/*
+	 * We don't know whether a rule was included due to a user/group
+	 * match or because it contained a netgroup.
+	 */
+	if (!sudo_sss_check_user(handle, rule))
+	    continue;
+
+	switch (handle->fn_get_values(rule, "sudoCommand", &cmnds)) {
+	case 0:
+	    break;
+	case ENOENT:
+	    /* Ignore sudoRole without sudoCommand. */
+	    continue;
+	default:
+	    goto cleanup;
+	}
+
+	/* Get the entry's dn for long format printing. */
+	switch (handle->fn_get_values(rule, "cn", &cn_array)) {
+	case 0:
+	    cn = cn_array[0];
+	    break;
+	case ENOENT:
+	    break;
+	default:
+	    goto cleanup;
+	}
+
+	/* Get sudoHost */
+	switch (handle->fn_get_values(rule, "sudoHost", &hosts)) {
+	case 0:
+	case ENOENT:
+	    break;
+	default:
+	    goto cleanup;
+	}
+
+	/* Get sudoRunAsUser / sudoRunAs */
+	switch (handle->fn_get_values(rule, "sudoRunAsUser", &runasusers)) {
+	case 0:
+	    break;
+	case ENOENT:
+	    switch (handle->fn_get_values(rule, "sudoRunAs", &runasusers)) {
+		case 0:
+		case ENOENT:
+		    break;
+		default:
+		    goto cleanup;
+	    }
+	    break;
+	default:
+	    goto cleanup;
+	}
+
+	/* Get sudoRunAsGroup */
+	switch (handle->fn_get_values(rule, "sudoRunAsGroup", &runasgroups)) {
+	case 0:
+	case ENOENT:
+	    break;
+	default:
+	    goto cleanup;
+	}
+
+	/* Get sudoNotBefore */
+	switch (handle->fn_get_values(rule, "sudoNotBefore", &notbefore)) {
+	case 0:
+	case ENOENT:
+	    break;
+	default:
+	    goto cleanup;
+	}
+
+	/* Get sudoNotAfter */
+	switch (handle->fn_get_values(rule, "sudoNotAfter", &notafter)) {
+	case 0:
+	case ENOENT:
+	    break;
+	default:
+	    goto cleanup;
+	}
+
+	/* Parse sudoOptions. */
+	switch (handle->fn_get_values(rule, "sudoOption", &opts)) {
+	case 0:
+	case ENOENT:
+	    break;
+	default:
+	    goto cleanup;
+	}
+
+	priv = sudo_ldap_role_to_priv(cn, hosts, runasusers, runasgroups,
+	    cmnds, opts, notbefore ? notbefore[0] : NULL,
+	    notafter ? notafter[0] : NULL, false, true, val_array_iter);
+
+    cleanup:
+	if (cn_array != NULL)
+	    handle->fn_free_values(cn_array);
+	if (cmnds != NULL)
+	    handle->fn_free_values(cmnds);
+	if (hosts != NULL)
+	    handle->fn_free_values(hosts);
+	if (runasusers != NULL)
+	    handle->fn_free_values(runasusers);
+	if (runasgroups != NULL)
+	    handle->fn_free_values(runasgroups);
+	if (opts != NULL)
+	    handle->fn_free_values(opts);
+	if (notbefore != NULL)
+	    handle->fn_free_values(notbefore);
+	if (notafter != NULL)
+	    handle->fn_free_values(notafter);
+
+	if (priv == NULL)
+	    goto oom;
+	TAILQ_INSERT_TAIL(&us->privileges, priv, entries);
+    }
+
+    debug_return_bool(true);
+
+oom:
+    sudo_warnx(U_("%s: %s"), __func__, U_("unable to allocate memory"));
+    free_userspecs(&handle->parse_tree.userspecs);
+    debug_return_bool(false);
+}
+
+static bool
+sudo_sss_parse_options(struct sudo_sss_handle *handle, struct sss_sudo_rule *rule, struct defaults_list *defs)
+{
+    int i;
+    char *source = NULL;
+    bool ret = false;
+    char **val_array = NULL;
+    char **cn_array = NULL;
+    debug_decl(sudo_sss_parse_options, SUDOERS_DEBUG_SSSD);
+
+    if (rule == NULL)
+	debug_return_bool(true);
+
+    switch (handle->fn_get_values(rule, "sudoOption", &val_array)) {
+    case 0:
+	break;
+    case ENOENT:
+	sudo_debug_printf(SUDO_DEBUG_INFO, "No result.");
+	debug_return_bool(true);
+    case ENOMEM:
+	goto oom;
+    default:
+	sudo_debug_printf(SUDO_DEBUG_ERROR, "handle->fn_get_values(sudoOption): != 0");
+	debug_return_bool(false);
+    }
+
+    /* Use sudoRole in place of file name in defaults. */
+    if (handle->fn_get_values(rule, "cn", &cn_array) == 0) {
+	if (cn_array[0] != NULL) {
+	    char *cp;
+	    if (asprintf(&cp, "sudoRole %s", cn_array[0]) == -1)
+		goto oom;
+	    source = rcstr_dup(cp);
+	    free(cp);
+	    if (source == NULL)
+		goto oom;
+	}
+	handle->fn_free_values(cn_array);
+	cn_array = NULL;
+    }
+    if (source == NULL) {
+	if ((source = rcstr_dup("sudoRole UNKNOWN")) == NULL)
+	    goto oom;
+    }
+
+    /* Walk through options, appending to defs. */
+    for (i = 0; val_array[i] != NULL; i++) {
+	char *var, *val;
+	int op;
+
+	op = sudo_ldap_parse_option(val_array[i], &var, &val);
+	if (!sudo_ldap_add_default(var, val, op, source, defs))
+	    goto oom;
+    }
+    ret = true;
+    goto done;
+
+oom:
+    sudo_warnx(U_("%s: %s"), __func__, U_("unable to allocate memory"));
+
+done:
+    rcstr_delref(source);
+    handle->fn_free_values(val_array);
+    debug_return_bool(ret);
+}
+
+static struct sss_sudo_result *
+sudo_sss_result_get(struct sudo_nss *nss, struct passwd *pw)
+{
+    struct sudo_sss_handle *handle = nss->handle;
+    struct sss_sudo_result *sss_result = NULL;
+    uint32_t sss_error = 0, rc;
+    debug_decl(sudo_sss_result_get, SUDOERS_DEBUG_SSSD);
+
+    sudo_debug_printf(SUDO_DEBUG_DIAG, "  username=%s", pw->pw_name);
+    sudo_debug_printf(SUDO_DEBUG_DIAG, "domainname=%s",
+	handle->domainname ? handle->domainname : "NULL");
+
+    rc = handle->fn_send_recv(pw->pw_uid, pw->pw_name,
+	handle->domainname, &sss_error, &sss_result);
+    switch (rc) {
+    case 0:
+	switch (sss_error) {
+	case 0:
+	    if (sss_result != NULL) {
+		sudo_debug_printf(SUDO_DEBUG_INFO, "Received %u rule(s)",
+		    sss_result->num_rules);
+	    } else {
+		sudo_debug_printf(SUDO_DEBUG_ERROR,
+		    "Internal error: sss_result == NULL && sss_error == 0");
+		debug_return_ptr(NULL);
+	    }
+	    break;
+	case ENOENT:
+	    sudo_debug_printf(SUDO_DEBUG_INFO, "The user was not found in SSSD.");
+	    debug_return_ptr(NULL);
+	default:
+	    sudo_debug_printf(SUDO_DEBUG_ERROR, "sss_error=%u\n", sss_error);
+	    debug_return_ptr(NULL);
+	}
+	break;
+    case ENOMEM:
+	sudo_warnx(U_("%s: %s"), __func__, U_("unable to allocate memory"));
+	/* FALLTHROUGH */
+    default:
+	sudo_debug_printf(SUDO_DEBUG_ERROR, "handle->fn_send_recv: rc=%d", rc);
+	debug_return_ptr(NULL);
+    }
+
+    debug_return_ptr(sss_result);
+}
+
+/* sudo_nss implementation */
+static int
+sudo_sss_close(struct sudo_nss *nss)
+{
+    struct sudo_sss_handle *handle = nss->handle;
+    debug_decl(sudo_sss_close, SUDOERS_DEBUG_SSSD);
+
+    if (handle != NULL) {
+	sudo_dso_unload(handle->ssslib);
+	if (handle->pw != NULL)
+	    sudo_pw_delref(handle->pw);
+	free(handle->ipa_host);
+	if (handle->ipa_host != handle->ipa_shost)
+	    free(handle->ipa_shost);
+	free_parse_tree(&handle->parse_tree);
+	free(handle);
+	nss->handle = NULL;
+    }
+    debug_return_int(0);
+}
+
+static int
+sudo_sss_open(struct sudo_nss *nss)
+{
+    struct sudo_sss_handle *handle;
+    static const char path[] = _PATH_SSSD_LIB"/libsss_sudo.so";
+    debug_decl(sudo_sss_open, SUDOERS_DEBUG_SSSD);
+
+    if (nss->handle != NULL) {
+	sudo_debug_printf(SUDO_DEBUG_ERROR,
+	    "%s: called with non-NULL handle %p", __func__, nss->handle);
+	sudo_sss_close(nss);
+    }
+
+    /* Create a handle container. */
+    handle = calloc(1, sizeof(struct sudo_sss_handle));
+    if (handle == NULL) {
+	sudo_warnx(U_("%s: %s"), __func__, U_("unable to allocate memory"));
+	debug_return_int(ENOMEM);
+    }
+    init_parse_tree(&handle->parse_tree);
+
+    /* Load symbols */
+    handle->ssslib = sudo_dso_load(path, SUDO_DSO_LAZY);
+    if (handle->ssslib == NULL) {
+	const char *errstr = sudo_dso_strerror();
+	sudo_warnx(U_("unable to load %s: %s"), path,
+	    errstr ? errstr : "unknown error");
+	sudo_warnx(U_("unable to initialize SSS source. Is SSSD installed on your machine?"));
+	free(handle);
+	debug_return_int(EFAULT);
+    }
+
+    handle->fn_send_recv =
+	sudo_dso_findsym(handle->ssslib, "sss_sudo_send_recv");
+    if (handle->fn_send_recv == NULL) {
+	sudo_warnx(U_("unable to find symbol \"%s\" in %s"), path,
+	   "sss_sudo_send_recv");
+	free(handle);
+	debug_return_int(EFAULT);
+    }
+
+    handle->fn_send_recv_defaults =
+	sudo_dso_findsym(handle->ssslib, "sss_sudo_send_recv_defaults");
+    if (handle->fn_send_recv_defaults == NULL) {
+	sudo_warnx(U_("unable to find symbol \"%s\" in %s"), path,
+	   "sss_sudo_send_recv_defaults");
+	free(handle);
+	debug_return_int(EFAULT);
+    }
+
+    handle->fn_free_result =
+	sudo_dso_findsym(handle->ssslib, "sss_sudo_free_result");
+    if (handle->fn_free_result == NULL) {
+	sudo_warnx(U_("unable to find symbol \"%s\" in %s"), path,
+	   "sss_sudo_free_result");
+	free(handle);
+	debug_return_int(EFAULT);
+    }
+
+    handle->fn_get_values =
+	sudo_dso_findsym(handle->ssslib, "sss_sudo_get_values");
+    if (handle->fn_get_values == NULL) {
+	sudo_warnx(U_("unable to find symbol \"%s\" in %s"), path,
+	   "sss_sudo_get_values");
+	free(handle);
+	debug_return_int(EFAULT);
+    }
+
+    handle->fn_free_values =
+	sudo_dso_findsym(handle->ssslib, "sss_sudo_free_values");
+    if (handle->fn_free_values == NULL) {
+	sudo_warnx(U_("unable to find symbol \"%s\" in %s"), path,
+	   "sss_sudo_free_values");
+	free(handle);
+	debug_return_int(EFAULT);
+    }
+
+    nss->handle = handle;
+
+    /*
+     * If runhost is the same as the local host, check for ipa_hostname
+     * in sssd.conf and use it in preference to user_runhost.
+     */
+    if (strcasecmp(user_runhost, user_host) == 0) {
+	if (get_ipa_hostname(&handle->ipa_shost, &handle->ipa_host) == -1) {
+	    free(handle);
+	    debug_return_int(ENOMEM);
+	}
+    }
+
+    sudo_debug_printf(SUDO_DEBUG_DEBUG, "handle=%p", handle);
+
+    debug_return_int(0);
+}
+
+/*
+ * Perform query for user and host and convert to sudoers parse tree.
+ */
+static int
+sudo_sss_query(struct sudo_nss *nss, struct passwd *pw)
+{
+    struct sudo_sss_handle *handle = nss->handle;
+    struct sss_sudo_result *sss_result = NULL;
+    int ret = 0;
+    debug_decl(sudo_sss_query, SUDOERS_DEBUG_SSSD);
+
+    if (handle == NULL) {
+	sudo_debug_printf(SUDO_DEBUG_ERROR,
+	    "%s: called with NULL handle", __func__);
+	debug_return_int(-1);
+    }
+
+    /* Use cached result if it matches pw. */
+    if (handle->pw != NULL) {
+	if (pw == handle->pw)
+	    goto done;
+	sudo_pw_delref(handle->pw);
+	handle->pw = NULL;
+    }
+
+    /* Free old userspecs, if any. */
+    free_userspecs(&handle->parse_tree.userspecs);
+
+    /* Fetch list of sudoRole entries that match user and host. */
+    sss_result = sudo_sss_result_get(nss, pw);
+
+    sudo_debug_printf(SUDO_DEBUG_DIAG,
+	"searching SSSD/LDAP for sudoers entries for user %s, host %s",
+	 pw->pw_name, user_runhost);
+
+    /* Stash a ref to the passwd struct in the handle. */
+    sudo_pw_addref(pw);
+    handle->pw = pw;
+
+    /* Convert to sudoers parse tree if the user was found. */
+    if (sss_result != NULL) {
+	if (!sss_to_sudoers(handle, sss_result)) {
+	    ret = -1;
+	    goto done;
+	}
+    }
+
+done:
+    /* Cleanup */
+    handle->fn_free_result(sss_result);
+    if (ret == -1) {
+	free_userspecs(&handle->parse_tree.userspecs);
+	if (handle->pw != NULL) {
+	    sudo_pw_delref(handle->pw);
+	    handle->pw = NULL;
+	}
+    }
+
+    sudo_debug_printf(SUDO_DEBUG_DIAG, "Done with LDAP searches");
+
+    debug_return_int(ret);
+}
+
+/*
+ * Return the initialized (but empty) sudoers parse tree.
+ * The contents will be populated by the getdefs() and query() functions.
+ */
+static struct sudoers_parse_tree *
+sudo_sss_parse(struct sudo_nss *nss)
+{
+    struct sudo_sss_handle *handle = nss->handle;
+    debug_decl(sudo_sss_parse, SUDOERS_DEBUG_SSSD);
+
+    if (handle == NULL) {
+    	sudo_debug_printf(SUDO_DEBUG_ERROR,
+	    "%s: called with NULL handle", __func__);
+	debug_return_ptr(NULL);
+    }
+
+    debug_return_ptr(&handle->parse_tree);
+}
+
+static int
+sudo_sss_getdefs(struct sudo_nss *nss)
+{
+    struct sudo_sss_handle *handle = nss->handle;
+    struct sss_sudo_result *sss_result = NULL;
+    static bool cached;
+    uint32_t sss_error;
+    unsigned int i;
+    int rc;
+    debug_decl(sudo_sss_getdefs, SUDOERS_DEBUG_SSSD);
+
+    if (handle == NULL) {
+	sudo_debug_printf(SUDO_DEBUG_ERROR,
+	    "%s: called with NULL handle", __func__);
+	debug_return_int(-1);
+    }
+
+    /* Use cached result if present. */
+    if (cached)
+	debug_return_int(0);
+
+    sudo_debug_printf(SUDO_DEBUG_DIAG, "Looking for cn=defaults");
+
+    /* NOTE: these are global defaults, user ID and name are not used. */
+    rc = handle->fn_send_recv_defaults(sudo_user.pw->pw_uid,
+	sudo_user.pw->pw_name, &sss_error, &handle->domainname, &sss_result);
+    switch (rc) {
+    case 0:
+	break;
+    case ENOMEM:
+	sudo_warnx(U_("%s: %s"), __func__, U_("unable to allocate memory"));
+	/* FALLTHROUGH */
+    default:
+	sudo_debug_printf(SUDO_DEBUG_ERROR,
+	    "handle->fn_send_recv_defaults: rc=%d, sss_error=%u", rc, sss_error);
+	debug_return_int(-1);
+    }
+
+    switch (sss_error) {
+    case 0:
+	/* Success */
+	for (i = 0; i < sss_result->num_rules; ++i) {
+	    struct sss_sudo_rule *sss_rule = sss_result->rules + i;
+	    sudo_debug_printf(SUDO_DEBUG_DIAG,
+		"Parsing cn=defaults, %d/%d", i, sss_result->num_rules);
+	    if (!sudo_sss_parse_options(handle, sss_rule,
+		&handle->parse_tree.defaults))
+		goto bad;
+	}
+	break;
+    case ENOENT:
+	sudo_debug_printf(SUDO_DEBUG_INFO,
+	    "No global defaults entry found in SSSD.");
+	break;
+    default:
+	sudo_debug_printf(SUDO_DEBUG_ERROR, "sss_error=%u\n", sss_error);
+	goto bad;
+    }
+    handle->fn_free_result(sss_result);
+    cached = true;
+    debug_return_int(0);
+
+bad:
+    handle->fn_free_result(sss_result);
+    debug_return_int(-1);
+}
+
+/* sudo_nss implementation */
+struct sudo_nss sudo_nss_sss = {
+    { NULL, NULL },
+    sudo_sss_open,
+    sudo_sss_close,
+    sudo_sss_parse,
+    sudo_sss_query,
+    sudo_sss_getdefs
+};
+
+#endif /* HAVE_SSSD */
diff --git a/plugins/sudoers/starttime.c b/plugins/sudoers/starttime.c
new file mode 100644
index 0000000..62ce1d3
--- /dev/null
+++ b/plugins/sudoers/starttime.c
@@ -0,0 +1,307 @@
+/*
+ * Copyright (c) 2012-2017 Todd C. Miller <Todd.Miller@sudo.ws>
+ *
+ * Permission to use, copy, modify, and distribute this software for any
+ * purpose with or without fee is hereby granted, provided that the above
+ * copyright notice and this permission notice appear in all copies.
+ *
+ * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
+ * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
+ * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
+ * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
+ * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
+ * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
+ * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
+ */
+
+/*
+ * This is an open source non-commercial project. Dear PVS-Studio, please check it.
+ * PVS-Studio Static Code Analyzer for C, C++ and C#: http://www.viva64.com
+ */
+
+#include <config.h>
+
+/* Large files not supported by procfs.h on Solaris. */
+#if defined(HAVE_STRUCT_PSINFO_PR_TTYDEV)
+# undef _FILE_OFFSET_BITS
+# undef _LARGE_FILES
+#endif
+
+#include <sys/types.h>
+#include <sys/stat.h>
+#if defined(HAVE_KINFO_PROC_44BSD) || defined (HAVE_KINFO_PROC_OPENBSD) || defined(HAVE_KINFO_PROC2_NETBSD2)
+# include <sys/sysctl.h>
+#elif defined(HAVE_KINFO_PROC_FREEBSD)
+# include <sys/sysctl.h>
+# include <sys/user.h>
+#endif
+#if defined(HAVE_PROCFS_H)
+# include <procfs.h>
+#elif defined(HAVE_SYS_PROCFS_H)
+# include <sys/procfs.h>
+#endif
+#ifdef HAVE_PSTAT_GETPROC
+# include <sys/pstat.h>
+#endif
+
+#include <stdio.h>
+#include <stdlib.h>
+#ifdef HAVE_STRING_H
+# include <string.h>
+#endif /* HAVE_STRING_H */
+#ifdef HAVE_STRINGS_H
+# include <strings.h>
+#endif /* HAVE_STRINGS_H */
+#include <ctype.h>
+#include <errno.h>
+#include <fcntl.h>
+#include <limits.h>
+#include <unistd.h>
+
+#include "sudoers.h"
+#include "check.h"
+
+/*
+ * Arguments for sysctl(2) when reading the process start time.
+ */
+#if defined(HAVE_KINFO_PROC2_NETBSD)
+# define SUDO_KERN_PROC		KERN_PROC2
+# define sudo_kinfo_proc	kinfo_proc2
+# define sudo_kp_namelen	6
+#elif defined(HAVE_KINFO_PROC_OPENBSD)
+# define SUDO_KERN_PROC		KERN_PROC
+# define sudo_kinfo_proc	kinfo_proc
+# define sudo_kp_namelen	6
+#elif defined(HAVE_KINFO_PROC_FREEBSD) || defined(HAVE_KINFO_PROC_44BSD)
+# define SUDO_KERN_PROC		KERN_PROC
+# define sudo_kinfo_proc	kinfo_proc
+# define sudo_kp_namelen	4
+#endif
+
+/*
+ * Store start time of the specified process in starttime.
+ */
+
+#if defined(sudo_kinfo_proc)
+int
+get_starttime(pid_t pid, struct timespec *starttime)
+{
+    struct sudo_kinfo_proc *ki_proc = NULL;
+    size_t size = sizeof(*ki_proc);
+    int mib[6], rc;
+    debug_decl(get_starttime, SUDOERS_DEBUG_UTIL)
+
+    /*
+     * Lookup start time for pid via sysctl.
+     */
+    mib[0] = CTL_KERN;
+    mib[1] = SUDO_KERN_PROC;
+    mib[2] = KERN_PROC_PID;
+    mib[3] = (int)pid;
+    mib[4] = sizeof(*ki_proc);
+    mib[5] = 1;
+    do {
+	struct sudo_kinfo_proc *kp;
+
+	size += size / 10;
+	if ((kp = realloc(ki_proc, size)) == NULL) {
+	    rc = -1;
+	    break;		/* really out of memory. */
+	}
+	ki_proc = kp;
+	rc = sysctl(mib, sudo_kp_namelen, ki_proc, &size, NULL, 0);
+    } while (rc == -1 && errno == ENOMEM);
+    if (rc != -1) {
+#if defined(HAVE_KINFO_PROC_FREEBSD)
+	/* FreeBSD and Dragonfly */
+	TIMEVAL_TO_TIMESPEC(&ki_proc->ki_start, starttime);
+#elif defined(HAVE_KINFO_PROC_44BSD)
+	/* 4.4BSD and macOS */
+	TIMEVAL_TO_TIMESPEC(&ki_proc->kp_proc.p_starttime, starttime);
+#else
+	/* NetBSD and OpenBSD */
+	starttime->tv_sec = ki_proc->p_ustart_sec;
+	starttime->tv_nsec = ki_proc->p_ustart_usec * 1000;
+#endif
+	sudo_debug_printf(SUDO_DEBUG_INFO,
+	    "%s: start time for %d: { %lld, %ld }", __func__,
+	    (int)pid, (long long)starttime->tv_sec, (long)starttime->tv_nsec);
+    } else {
+	sudo_debug_printf(SUDO_DEBUG_ERROR|SUDO_DEBUG_LINENO|SUDO_DEBUG_ERRNO,
+	    "unable to get start time for %d via KERN_PROC", (int)pid);
+    }
+    free(ki_proc);
+
+    debug_return_int(rc == -1 ? -1 : 0);
+}
+#elif defined(HAVE_STRUCT_PSINFO_PR_TTYDEV)
+int
+get_starttime(pid_t pid, struct timespec *starttime)
+{
+    struct psinfo psinfo;
+    char path[PATH_MAX];
+    ssize_t nread;
+    int fd, ret = -1;
+    debug_decl(get_starttime, SUDOERS_DEBUG_UTIL)
+
+    /* Determine the start time from pr_start in /proc/pid/psinfo. */
+    snprintf(path, sizeof(path), "/proc/%u/psinfo", (unsigned int)pid);
+    if ((fd = open(path, O_RDONLY, 0)) != -1) {
+	nread = read(fd, &psinfo, sizeof(psinfo));
+	close(fd);
+	if (nread == (ssize_t)sizeof(psinfo)) {
+	    starttime->tv_sec = psinfo.pr_start.tv_sec;
+	    starttime->tv_nsec = psinfo.pr_start.tv_nsec;
+	    ret = 0;
+
+	    sudo_debug_printf(SUDO_DEBUG_INFO,
+		"%s: start time for %d: { %lld, %ld }", __func__, (int)pid,
+		(long long)starttime->tv_sec, (long)starttime->tv_nsec);
+	}
+    }
+
+    if (ret == -1)
+	sudo_debug_printf(SUDO_DEBUG_ERROR|SUDO_DEBUG_LINENO|SUDO_DEBUG_ERRNO,
+	    "unable to get start time for %d via %s", (int)pid, path);
+    debug_return_int(ret);
+}
+#elif defined(__linux__)
+int
+get_starttime(pid_t pid, struct timespec *starttime)
+{
+    char path[PATH_MAX];
+    char *cp, buf[1024];
+    ssize_t nread;
+    int ret = -1;
+    int fd = -1;
+    long tps;
+    debug_decl(get_starttime, SUDOERS_DEBUG_UTIL)
+
+    /*
+     * Start time is in ticks per second on Linux.
+     */
+    tps = sysconf(_SC_CLK_TCK);
+    if (tps == -1)
+	goto done;
+
+    /*
+     * Determine the start time from 22nd field in /proc/pid/stat.
+     * Ignore /proc/self/stat if it contains embedded NUL bytes.
+     * XXX - refactor common code with ttyname.c?
+     */
+    snprintf(path, sizeof(path), "/proc/%u/stat", (unsigned int)pid);
+    if ((fd = open(path, O_RDONLY | O_NOFOLLOW)) != -1) {
+	cp = buf;
+	while ((nread = read(fd, cp, buf + sizeof(buf) - cp)) != 0) {
+	    if (nread == -1) {
+		if (errno == EAGAIN || errno == EINTR)
+		    continue;
+		break;
+	    }
+	    cp += nread;
+	    if (cp >= buf + sizeof(buf))
+		break;
+	}
+	if (nread == 0 && memchr(buf, '\0', cp - buf) == NULL) {
+	    /*
+	     * Field 22 is the start time (%ull).
+	     * Since the process name at field 2 "(comm)" may include
+	     * whitespace (including newlines), start at the last ')' found.
+	     */
+	    *cp = '\0';
+	    cp = strrchr(buf, ')');
+	    if (cp != NULL) {
+		char *ep = cp;
+		int field = 1;
+
+		while (*++ep != '\0') {
+		    if (*ep == ' ') {
+			if (++field == 22) {
+			    unsigned long long ullval;
+
+			    /* Must start with a digit (not negative). */
+			    if (!isdigit((unsigned char)*cp)) {
+				errno = EINVAL;
+				goto done;
+			    }
+
+			    /* starttime is %ul in 2.4 and %ull in >= 2.6 */
+			    errno = 0;
+			    ullval = strtoull(cp, &ep, 10);
+			    if (ep == cp || *ep != ' ') {
+				errno = EINVAL;
+				goto done;
+			    }
+			    if (errno == ERANGE && ullval == ULLONG_MAX)
+				goto done;
+
+			    /* Convert from ticks to timespec */
+			    starttime->tv_sec = ullval / tps;
+			    starttime->tv_nsec =
+				(ullval % tps) * (1000000000 / tps);
+			    ret = 0;
+
+			    sudo_debug_printf(SUDO_DEBUG_INFO,
+				"%s: start time for %d: { %lld, %ld }",
+				__func__, (int)pid,
+				(long long)starttime->tv_sec,
+				(long)starttime->tv_nsec);
+
+			    goto done;
+			}
+			cp = ep + 1;
+		    }
+		}
+	    }
+	}
+    }
+    errno = ENOENT;
+
+done:
+    if (fd != -1)
+	close(fd);
+    if (ret == -1)
+	sudo_debug_printf(SUDO_DEBUG_ERROR|SUDO_DEBUG_LINENO|SUDO_DEBUG_ERRNO,
+	    "unable to get start time for %d via %s", (int)pid, path);
+
+    debug_return_int(ret);
+}
+#elif defined(HAVE_PSTAT_GETPROC)
+int
+get_starttime(pid_t pid, struct timespec *starttime)
+{
+    struct pst_status pstat;
+    int rc;
+    debug_decl(get_starttime, SUDOERS_DEBUG_UTIL)
+
+    /*
+     * Determine the start time from pst_start in struct pst_status.
+     * We may get EOVERFLOW if the whole thing doesn't fit but that is OK.
+     */
+    rc = pstat_getproc(&pstat, sizeof(pstat), (size_t)0, (int)pid);
+    if (rc != -1 || errno == EOVERFLOW) {
+	starttime->tv_sec = pstat.pst_start;
+	starttime->tv_nsec = 0;
+
+	sudo_debug_printf(SUDO_DEBUG_INFO,
+	    "%s: start time for %d: { %lld, %ld }", __func__,
+	    (int)pid, (long long)starttime->tv_sec, (long)starttime->tv_nsec);
+
+	debug_return_int(0);
+    }
+
+    sudo_debug_printf(SUDO_DEBUG_ERROR|SUDO_DEBUG_LINENO|SUDO_DEBUG_ERRNO,
+	"unable to get start time for %d via pstat_getproc", (int)pid);
+    debug_return_int(-1);
+}
+#else
+int
+get_starttime(pid_t pid, struct timespec *starttime)
+{
+    debug_decl(get_starttime, SUDOERS_DEBUG_UTIL)
+
+    sudo_debug_printf(SUDO_DEBUG_WARN|SUDO_DEBUG_LINENO,
+	"process start time not supported by sudo on this system");
+    debug_return_int(-1);
+}
+#endif
diff --git a/plugins/sudoers/strlist.c b/plugins/sudoers/strlist.c
new file mode 100644
index 0000000..1bb7630
--- /dev/null
+++ b/plugins/sudoers/strlist.c
@@ -0,0 +1,97 @@
+/*
+ * Copyright (c) 2018 Todd C. Miller <Todd.Miller@sudo.ws>
+ *
+ * Permission to use, copy, modify, and distribute this software for any
+ * purpose with or without fee is hereby granted, provided that the above
+ * copyright notice and this permission notice appear in all copies.
+ *
+ * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
+ * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
+ * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
+ * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
+ * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
+ * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
+ * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
+ */
+
+/*
+ * This is an open source non-commercial project. Dear PVS-Studio, please check it.
+ * PVS-Studio Static Code Analyzer for C, C++ and C#: http://www.viva64.com
+ */
+
+#include <config.h>
+
+#include <sys/types.h>
+#include <stdio.h>
+#include <stdlib.h>
+#ifdef HAVE_STRING_H
+# include <string.h>
+#endif /* HAVE_STRING_H */
+#ifdef HAVE_STRINGS_H
+# include <strings.h>
+#endif /* HAVE_STRINGS_H */
+
+#include "sudo_compat.h"
+#include "sudo_util.h"
+#include "sudo_queue.h"
+#include "sudoers_debug.h"
+#include "strlist.h"
+
+struct sudoers_string *
+sudoers_string_alloc(const char *s)
+{
+    struct sudoers_string *cs;
+    debug_decl(sudoers_string_alloc, SUDOERS_DEBUG_UTIL)
+
+    if ((cs = malloc(sizeof(*cs))) != NULL) {
+	if ((cs->str = strdup(s)) == NULL) {
+	    free(cs);
+	    cs = NULL;
+	}
+    }
+
+    debug_return_ptr(cs);
+}
+
+void
+sudoers_string_free(struct sudoers_string *cs)
+{
+    if (cs != NULL) {
+	free(cs->str);
+	free(cs);
+    }
+}
+
+struct sudoers_str_list *
+str_list_alloc(void)
+{
+    struct sudoers_str_list *strlist;
+    debug_decl(str_list_alloc, SUDOERS_DEBUG_UTIL)
+
+    strlist = malloc(sizeof(*strlist));
+    if (strlist != NULL) {
+	STAILQ_INIT(strlist);
+	strlist->refcnt = 1;
+    }
+
+    debug_return_ptr(strlist);
+}
+
+void
+str_list_free(void *v)
+{
+    struct sudoers_str_list *strlist = v;
+    struct sudoers_string *first;
+    debug_decl(str_list_free, SUDOERS_DEBUG_UTIL)
+
+    if (strlist != NULL) {
+	if (--strlist->refcnt == 0) {
+	    while ((first = STAILQ_FIRST(strlist)) != NULL) {
+		STAILQ_REMOVE_HEAD(strlist, entries);
+		sudoers_string_free(first);
+	    }
+	    free(strlist);
+	}
+    }
+    debug_return;
+}
diff --git a/plugins/sudoers/strlist.h b/plugins/sudoers/strlist.h
new file mode 100644
index 0000000..1a0dfc6
--- /dev/null
+++ b/plugins/sudoers/strlist.h
@@ -0,0 +1,38 @@
+/*
+ * Copyright (c) 2018 Todd C. Miller <Todd.Miller@sudo.ws>
+ *
+ * Permission to use, copy, modify, and distribute this software for any
+ * purpose with or without fee is hereby granted, provided that the above
+ * copyright notice and this permission notice appear in all copies.
+ *
+ * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
+ * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
+ * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
+ * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
+ * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
+ * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
+ * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
+ */
+
+#ifndef SUDOERS_STRLIST_H
+#define SUDOERS_STRLIST_H
+
+/*
+ * Simple string list with optional reference count.
+ */
+struct sudoers_string {
+    STAILQ_ENTRY(sudoers_string) entries;
+    char *str;
+};
+struct sudoers_str_list {
+    struct sudoers_string *stqh_first;
+    struct sudoers_string **stqh_last;
+    unsigned int refcnt;
+};
+
+struct sudoers_str_list *str_list_alloc(void);
+void str_list_free(void *v);
+struct sudoers_string *sudoers_string_alloc(const char *s);
+void sudoers_string_free(struct sudoers_string *ls);
+
+#endif /* SUDOERS_STRLIST_H */
diff --git a/plugins/sudoers/stubs.c b/plugins/sudoers/stubs.c
new file mode 100644
index 0000000..a594b1f
--- /dev/null
+++ b/plugins/sudoers/stubs.c
@@ -0,0 +1,115 @@
+/*
+ * Copyright (c) 2018 Todd C. Miller <Todd.Miller@sudo.ws>
+ *
+ * Permission to use, copy, modify, and distribute this software for any
+ * purpose with or without fee is hereby granted, provided that the above
+ * copyright notice and this permission notice appear in all copies.
+ *
+ * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
+ * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
+ * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
+ * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
+ * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
+ * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
+ * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
+ */
+
+/*
+ * This is an open source non-commercial project. Dear PVS-Studio, please check it.
+ * PVS-Studio Static Code Analyzer for C, C++ and C#: http://www.viva64.com
+ */
+
+/*
+ * Stub versions of functions needed by the parser.
+ * Required to link cvtsudoers and visudo.
+ */
+
+#include <config.h>
+
+#include <sys/types.h>
+#include <stdio.h>
+#include <stdlib.h>
+#ifdef HAVE_STRING_H
+# include <string.h>
+#endif /* HAVE_STRING_H */
+#ifdef HAVE_STRINGS_H
+# include <strings.h>
+#endif /* HAVE_STRINGS_H */
+
+#include <netinet/in.h>
+#include <arpa/inet.h>
+
+#include "sudoers.h"
+#include "interfaces.h"
+
+/* STUB */
+bool
+init_envtables(void)
+{
+    return true;
+}
+
+/* STUB */
+bool
+user_is_exempt(void)
+{
+    return false;
+}
+
+/* STUB */
+void
+sudo_setspent(void)
+{
+    return;
+}
+
+/* STUB */
+void
+sudo_endspent(void)
+{
+    return;
+}
+
+/* STUB */
+int
+group_plugin_query(const char *user, const char *group, const struct passwd *pw)
+{
+    return false;
+}
+
+/* STUB */
+struct interface_list *
+get_interfaces(void)
+{
+    static struct interface_list dummy = SLIST_HEAD_INITIALIZER(interfaces);
+    return &dummy;
+}
+
+/*
+ * Look up the hostname and set user_host and user_shost.
+ */
+void
+get_hostname(void)
+{
+    char *cp;
+    debug_decl(get_hostname, SUDOERS_DEBUG_UTIL)
+
+    if ((user_host = sudo_gethostname()) != NULL) {
+	if ((cp = strchr(user_host, '.'))) {
+	    *cp = '\0';
+	    if ((user_shost = strdup(user_host)) == NULL)
+		sudo_fatalx(U_("%s: %s"), __func__, U_("unable to allocate memory"));
+	    *cp = '.';
+	} else {
+	    user_shost = user_host;
+	}
+    } else {
+	user_host = user_shost = strdup("localhost");
+	if (user_host == NULL)
+	    sudo_fatalx(U_("%s: %s"), __func__, U_("unable to allocate memory"));
+    }
+    user_runhost = user_host;
+    user_srunhost = user_shost;
+
+    debug_return;
+}
diff --git a/plugins/sudoers/sudo_ldap.h b/plugins/sudoers/sudo_ldap.h
new file mode 100644
index 0000000..7298ee0
--- /dev/null
+++ b/plugins/sudoers/sudo_ldap.h
@@ -0,0 +1,30 @@
+/*
+ * Copyright (c) 2018 Todd C. Miller <Todd.Miller@sudo.ws>
+ *
+ * Permission to use, copy, modify, and distribute this software for any
+ * purpose with or without fee is hereby granted, provided that the above
+ * copyright notice and this permission notice appear in all copies.
+ *
+ * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
+ * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
+ * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
+ * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
+ * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
+ * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
+ * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
+ */
+
+#ifndef SUDOERS_LDAP_H
+#define SUDOERS_LDAP_H
+
+/* Iterators used by sudo_ldap_role_to_priv() to handle bervar ** or char ** */
+typedef char * (*sudo_ldap_iter_t)(void **);
+
+/* ldap_util.c */
+bool sudo_ldap_is_negated(char **valp);
+bool sudo_ldap_add_default(const char *var, const char *val, int op, char *source, struct defaults_list *defs);
+int sudo_ldap_parse_option(char *optstr, char **varp, char **valp);
+struct privilege *sudo_ldap_role_to_priv(const char *cn, void *hosts, void *runasusers, void *runasgroups, void *cmnds, void *opts, const char *notbefore, const char *notafter, bool warnings, bool store_options, sudo_ldap_iter_t iter);
+struct command_digest *sudo_ldap_extract_digest(char **cmnd, struct command_digest *digest);
+
+#endif /* SUDOERS_LDAP_H */
diff --git a/plugins/sudoers/sudo_ldap_conf.h b/plugins/sudoers/sudo_ldap_conf.h
new file mode 100644
index 0000000..363ab43
--- /dev/null
+++ b/plugins/sudoers/sudo_ldap_conf.h
@@ -0,0 +1,129 @@
+/*
+ * Copyright (c) 2018 Todd C. Miller <Todd.Miller@sudo.ws>
+ *
+ * Permission to use, copy, modify, and distribute this software for any
+ * purpose with or without fee is hereby granted, provided that the above
+ * copyright notice and this permission notice appear in all copies.
+ *
+ * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
+ * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
+ * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
+ * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
+ * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
+ * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
+ * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
+ */
+
+#ifndef SUDOERS_LDAP_CONF_H
+#define SUDOERS_LDAP_CONF_H
+
+/* Macros for checking strlcpy/strlcat/sudo_ldap_value_cat return value. */
+#define CHECK_STRLCPY(d, s, l) do {					       \
+	if (strlcpy((d), (s), (l)) >= (l))				       \
+	    goto overflow;						       \
+} while (0)
+#define CHECK_STRLCAT(d, s, l) do {					       \
+	if (strlcat((d), (s), (l)) >= (l))				       \
+	    goto overflow;						       \
+} while (0)
+#define CHECK_LDAP_VCAT(d, s, l) do {					       \
+	if (sudo_ldap_value_cat((d), (s), (l)) >= (l))			       \
+	    goto overflow;						       \
+} while (0)
+
+#if defined(__GNUC__) && __GNUC__ == 2
+# define DPRINTF1(fmt...) do {						\
+    sudo_debug_printf(SUDO_DEBUG_DIAG, fmt);				\
+    if (ldap_conf.debug >= 1)						\
+	sudo_warnx_nodebug(fmt);					\
+} while (0)
+# define DPRINTF2(fmt...) do {						\
+    sudo_debug_printf(SUDO_DEBUG_INFO, fmt);				\
+    if (ldap_conf.debug >= 2)						\
+	sudo_warnx_nodebug(fmt);					\
+} while (0)
+#else
+# define DPRINTF1(...) do {						\
+    sudo_debug_printf(SUDO_DEBUG_DIAG, __VA_ARGS__);			\
+    if (ldap_conf.debug >= 1)						\
+	sudo_warnx_nodebug(__VA_ARGS__);				\
+} while (0)
+# define DPRINTF2(...) do {						\
+    sudo_debug_printf(SUDO_DEBUG_INFO, __VA_ARGS__);			\
+    if (ldap_conf.debug >= 2)						\
+	sudo_warnx_nodebug(__VA_ARGS__);				\
+} while (0)
+#endif
+
+#define CONF_BOOL		0
+#define CONF_INT		1
+#define CONF_STR		2
+#define CONF_LIST_STR		4
+#define CONF_DEREF_VAL		5
+#define CONF_REQCERT_VAL	6
+
+#define SUDO_LDAP_CLEAR		0
+#define SUDO_LDAP_SSL		1
+#define SUDO_LDAP_STARTTLS	2
+
+struct ldap_config_table {
+    const char *conf_str;	/* config file string */
+    int type;			/* CONF_BOOL, CONF_INT, CONF_STR */
+    int opt_val;		/* LDAP_OPT_* (or -1 for sudo internal) */
+    void *valp;			/* pointer into ldap_conf */
+};
+
+struct ldap_config_str {
+    STAILQ_ENTRY(ldap_config_str) entries;
+    char val[1];
+};
+STAILQ_HEAD(ldap_config_str_list, ldap_config_str);
+
+/* LDAP configuration structure */
+struct ldap_config {
+    int port;
+    int version;
+    int debug;
+    int ldap_debug;
+    int tls_checkpeer;
+    int tls_reqcert;
+    int timelimit;
+    int timeout;
+    int bind_timelimit;
+    int use_sasl;
+    int rootuse_sasl;
+    int ssl_mode;
+    int timed;
+    int deref;
+    char *host;
+    struct ldap_config_str_list uri;
+    char *binddn;
+    char *bindpw;
+    char *rootbinddn;
+    struct ldap_config_str_list base;
+    struct ldap_config_str_list netgroup_base;
+    char *search_filter;
+    char *netgroup_search_filter;
+    char *ssl;
+    char *tls_cacertfile;
+    char *tls_cacertdir;
+    char *tls_random_file;
+    char *tls_cipher_suite;
+    char *tls_certfile;
+    char *tls_keyfile;
+    char *tls_keypw;
+    char *sasl_mech;
+    char *sasl_auth_id;
+    char *rootsasl_auth_id;
+    char *sasl_secprops;
+    char *krb5_ccname;
+};
+
+extern struct ldap_config ldap_conf;
+
+const char *sudo_krb5_ccname_path(const char *old_ccname);
+bool sudo_ldap_read_config(void);
+int sudo_ldap_set_options_global(void);
+int sudo_ldap_set_options_conn(LDAP *ld);
+
+#endif /* SUDOERS_LDAP_CONF_H */
diff --git a/plugins/sudoers/sudo_nss.c b/plugins/sudoers/sudo_nss.c
new file mode 100644
index 0000000..339559a
--- /dev/null
+++ b/plugins/sudoers/sudo_nss.c
@@ -0,0 +1,271 @@
+/*
+ * Copyright (c) 2007-2015 Todd C. Miller <Todd.Miller@sudo.ws>
+ *
+ * Permission to use, copy, modify, and distribute this software for any
+ * purpose with or without fee is hereby granted, provided that the above
+ * copyright notice and this permission notice appear in all copies.
+ *
+ * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
+ * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
+ * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
+ * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
+ * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
+ * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
+ * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
+ */
+
+/*
+ * This is an open source non-commercial project. Dear PVS-Studio, please check it.
+ * PVS-Studio Static Code Analyzer for C, C++ and C#: http://www.viva64.com
+ */
+
+#include <config.h>
+
+#include <sys/types.h>
+#include <sys/stat.h>
+
+#include <stdio.h>
+#include <stdlib.h>
+#ifdef HAVE_STRING_H
+# include <string.h>
+#endif /* HAVE_STRING_H */
+#ifdef HAVE_STRINGS_H
+# include <strings.h>
+#endif /* HAVE_STRINGS_H */
+#include <unistd.h>
+#include <pwd.h>
+#include <grp.h>
+#include <ctype.h>
+
+#include "sudoers.h"
+#include "sudo_lbuf.h"
+
+extern struct sudo_nss sudo_nss_file;
+#ifdef HAVE_LDAP
+extern struct sudo_nss sudo_nss_ldap;
+#endif
+#ifdef HAVE_SSSD
+extern struct sudo_nss sudo_nss_sss;
+#endif
+
+/* Make sure we have not already inserted the nss entry. */
+#define SUDO_NSS_CHECK_UNUSED(nss, tag)					       \
+    if (nss.entries.tqe_next != NULL || nss.entries.tqe_prev != NULL) {      \
+	sudo_warnx("internal error: nsswitch entry \"%s\" already in use",     \
+	    tag);							       \
+	continue;							       \
+    }
+
+#if (defined(HAVE_LDAP) || defined(HAVE_SSSD)) && defined(_PATH_NSSWITCH_CONF)
+/*
+ * Read in /etc/nsswitch.conf
+ * Returns a tail queue of matches.
+ */
+struct sudo_nss_list *
+sudo_read_nss(void)
+{
+    FILE *fp;
+    char *line = NULL;
+    size_t linesize = 0;
+#ifdef HAVE_SSSD
+    bool saw_sss = false;
+#endif
+#ifdef HAVE_LDAP
+    bool saw_ldap = false;
+#endif
+    bool saw_files = false;
+    bool got_match = false;
+    static struct sudo_nss_list snl = TAILQ_HEAD_INITIALIZER(snl);
+    debug_decl(sudo_read_nss, SUDOERS_DEBUG_NSS)
+
+    if ((fp = fopen(_PATH_NSSWITCH_CONF, "r")) == NULL)
+	goto nomatch;
+
+    while (sudo_parseln(&line, &linesize, NULL, fp, 0) != -1) {
+	char *cp, *last;
+
+	/* Skip blank or comment lines */
+	if (*line == '\0')
+	    continue;
+
+	/* Look for a line starting with "sudoers:" */
+	if (strncasecmp(line, "sudoers:", 8) != 0)
+	    continue;
+
+	/* Parse line */
+	for ((cp = strtok_r(line + 8, " \t", &last)); cp != NULL; (cp = strtok_r(NULL, " \t", &last))) {
+	    if (strcasecmp(cp, "files") == 0 && !saw_files) {
+		SUDO_NSS_CHECK_UNUSED(sudo_nss_file, "files");
+		TAILQ_INSERT_TAIL(&snl, &sudo_nss_file, entries);
+		got_match = saw_files = true;
+#ifdef HAVE_LDAP
+	    } else if (strcasecmp(cp, "ldap") == 0 && !saw_ldap) {
+		SUDO_NSS_CHECK_UNUSED(sudo_nss_ldap, "ldap");
+		TAILQ_INSERT_TAIL(&snl, &sudo_nss_ldap, entries);
+		got_match = saw_ldap = true;
+#endif
+#ifdef HAVE_SSSD
+	    } else if (strcasecmp(cp, "sss") == 0 && !saw_sss) {
+		SUDO_NSS_CHECK_UNUSED(sudo_nss_sss, "sss");
+		TAILQ_INSERT_TAIL(&snl, &sudo_nss_sss, entries);
+		got_match = saw_sss = true;
+#endif
+	    } else if (strcasecmp(cp, "[NOTFOUND=return]") == 0 && got_match) {
+		/* NOTFOUND affects the most recent entry */
+		TAILQ_LAST(&snl, sudo_nss_list)->ret_if_notfound = true;
+		got_match = false;
+	    } else if (strcasecmp(cp, "[SUCCESS=return]") == 0 && got_match) {
+		/* SUCCESS affects the most recent entry */
+		TAILQ_LAST(&snl, sudo_nss_list)->ret_if_found = true;
+		got_match = false;
+	    } else
+		got_match = false;
+	}
+	/* Only parse the first "sudoers:" line */
+	break;
+    }
+    free(line);
+    fclose(fp);
+
+nomatch:
+    /* Default to files only if no matches */
+    if (TAILQ_EMPTY(&snl))
+	TAILQ_INSERT_TAIL(&snl, &sudo_nss_file, entries);
+
+    debug_return_ptr(&snl);
+}
+
+#else /* (HAVE_LDAP || HAVE_SSSD) && _PATH_NSSWITCH_CONF */
+
+# if (defined(HAVE_LDAP) || defined(HAVE_SSSD)) && defined(_PATH_NETSVC_CONF)
+
+/*
+ * Read in /etc/netsvc.conf (like nsswitch.conf on AIX)
+ * Returns a tail queue of matches.
+ */
+struct sudo_nss_list *
+sudo_read_nss(void)
+{
+    FILE *fp;
+    char *cp, *ep, *last, *line = NULL;
+    size_t linesize = 0;
+#ifdef HAVE_SSSD
+    bool saw_sss = false;
+#endif
+    bool saw_files = false;
+    bool saw_ldap = false;
+    bool got_match = false;
+    static struct sudo_nss_list snl = TAILQ_HEAD_INITIALIZER(snl);
+    debug_decl(sudo_read_nss, SUDOERS_DEBUG_NSS)
+
+    if ((fp = fopen(_PATH_NETSVC_CONF, "r")) == NULL)
+	goto nomatch;
+
+    while (sudo_parseln(&line, &linesize, NULL, fp, 0) != -1) {
+	/* Skip blank or comment lines */
+	if (*(cp = line) == '\0')
+	    continue;
+
+	/* Look for a line starting with "sudoers = " */
+	if (strncasecmp(cp, "sudoers", 7) != 0)
+	    continue;
+	cp += 7;
+	while (isspace((unsigned char)*cp))
+	    cp++;
+	if (*cp++ != '=')
+	    continue;
+
+	/* Parse line */
+	for ((cp = strtok_r(cp, ",", &last)); cp != NULL; (cp = strtok_r(NULL, ",", &last))) {
+	    /* Trim leading whitespace. */
+	    while (isspace((unsigned char)*cp))
+		cp++;
+
+	    if (!saw_files && strncasecmp(cp, "files", 5) == 0 &&
+		(isspace((unsigned char)cp[5]) || cp[5] == '\0')) {
+		TAILQ_INSERT_TAIL(&snl, &sudo_nss_file, entries);
+		got_match = saw_files = true;
+		ep = &cp[5];
+#ifdef HAVE_LDAP
+	    } else if (!saw_ldap && strncasecmp(cp, "ldap", 4) == 0 &&
+		(isspace((unsigned char)cp[4]) || cp[4] == '\0')) {
+		TAILQ_INSERT_TAIL(&snl, &sudo_nss_ldap, entries);
+		got_match = saw_ldap = true;
+		ep = &cp[4];
+#endif
+#ifdef HAVE_SSSD
+	    } else if (!saw_sss && strncasecmp(cp, "sss", 3) == 0 &&
+		(isspace((unsigned char)cp[3]) || cp[3] == '\0')) {
+		TAILQ_INSERT_TAIL(&snl, &sudo_nss_sss, entries);
+		got_match = saw_sss = true;
+		ep = &cp[3];
+#endif
+	    } else {
+		got_match = false;
+	    }
+
+	    /* check for = auth qualifier */
+	    if (got_match && *ep) {
+		cp = ep;
+		while (isspace((unsigned char)*cp) || *cp == '=')
+		    cp++;
+		if (strncasecmp(cp, "auth", 4) == 0 &&
+		    (isspace((unsigned char)cp[4]) || cp[4] == '\0')) {
+		    TAILQ_LAST(&snl, sudo_nss_list)->ret_if_found = true;
+		}
+	    }
+	}
+	/* Only parse the first "sudoers" line */
+	break;
+    }
+    fclose(fp);
+
+nomatch:
+    /* Default to files only if no matches */
+    if (TAILQ_EMPTY(&snl))
+	TAILQ_INSERT_TAIL(&snl, &sudo_nss_file, entries);
+
+    debug_return_ptr(&snl);
+}
+
+# else /* !_PATH_NETSVC_CONF && !_PATH_NSSWITCH_CONF */
+
+/*
+ * Non-nsswitch.conf version with hard-coded order.
+ */
+struct sudo_nss_list *
+sudo_read_nss(void)
+{
+    static struct sudo_nss_list snl = TAILQ_HEAD_INITIALIZER(snl);
+    debug_decl(sudo_read_nss, SUDOERS_DEBUG_NSS)
+
+#  ifdef HAVE_SSSD
+    TAILQ_INSERT_TAIL(&snl, &sudo_nss_sss, entries);
+#  endif
+#  ifdef HAVE_LDAP
+    TAILQ_INSERT_TAIL(&snl, &sudo_nss_ldap, entries);
+#  endif
+    TAILQ_INSERT_TAIL(&snl, &sudo_nss_file, entries);
+
+    debug_return_ptr(&snl);
+}
+
+# endif /* !HAVE_LDAP || !_PATH_NETSVC_CONF */
+
+#endif /* HAVE_LDAP && _PATH_NSSWITCH_CONF */
+
+bool
+sudo_nss_can_continue(struct sudo_nss *nss, int match)
+{
+    debug_decl(sudo_nss_should_continue, SUDOERS_DEBUG_NSS)
+
+    /* Handle [NOTFOUND=return] */
+    if (nss->ret_if_notfound && match == UNSPEC)
+	debug_return_bool(false);
+
+    /* Handle [SUCCESS=return] */
+    if (nss->ret_if_found && match != UNSPEC)
+	debug_return_bool(false);
+
+    debug_return_bool(true);
+}
diff --git a/plugins/sudoers/sudo_nss.h b/plugins/sudoers/sudo_nss.h
new file mode 100644
index 0000000..e4566f8
--- /dev/null
+++ b/plugins/sudoers/sudo_nss.h
@@ -0,0 +1,44 @@
+/*
+ * Copyright (c) 2007-2011, 2013-2015, 2017-2018
+ *	Todd C. Miller <Todd.Miller@sudo.ws>
+ *
+ * Permission to use, copy, modify, and distribute this software for any
+ * purpose with or without fee is hereby granted, provided that the above
+ * copyright notice and this permission notice appear in all copies.
+ *
+ * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
+ * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
+ * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
+ * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
+ * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
+ * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
+ * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
+ */
+
+#ifndef SUDOERS_NSS_H
+#define SUDOERS_NSS_H
+
+struct passwd;
+struct userspec_list;
+struct defaults_list;
+
+/* XXX - parse_tree, ret_if_found and ret_if_notfound should be private */
+struct sudo_nss {
+    TAILQ_ENTRY(sudo_nss) entries;
+    int (*open)(struct sudo_nss *nss);
+    int (*close)(struct sudo_nss *nss);
+    struct sudoers_parse_tree *(*parse)(struct sudo_nss *nss);
+    int (*query)(struct sudo_nss *nss, struct passwd *pw);
+    int (*getdefs)(struct sudo_nss *nss);
+    void *handle;
+    struct sudoers_parse_tree *parse_tree;
+    bool ret_if_found;
+    bool ret_if_notfound;
+};
+
+TAILQ_HEAD(sudo_nss_list, sudo_nss);
+
+struct sudo_nss_list *sudo_read_nss(void);
+bool sudo_nss_can_continue(struct sudo_nss *nss, int match);
+
+#endif /* SUDOERS_NSS_H */
diff --git a/plugins/sudoers/sudo_printf.c b/plugins/sudoers/sudo_printf.c
new file mode 100644
index 0000000..e82317f
--- /dev/null
+++ b/plugins/sudoers/sudo_printf.c
@@ -0,0 +1,60 @@
+/*
+ * Copyright (c) 2010-2012 Todd C. Miller <Todd.Miller@sudo.ws>
+ *
+ * Permission to use, copy, modify, and distribute this software for any
+ * purpose with or without fee is hereby granted, provided that the above
+ * copyright notice and this permission notice appear in all copies.
+ *
+ * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
+ * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
+ * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
+ * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
+ * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
+ * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
+ * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
+ */
+
+/*
+ * This is an open source non-commercial project. Dear PVS-Studio, please check it.
+ * PVS-Studio Static Code Analyzer for C, C++ and C#: http://www.viva64.com
+ */
+
+#include <config.h>
+
+#include <sys/types.h>
+#include <stdio.h>
+#include <stdlib.h>
+#include <stdarg.h>
+#include <errno.h>
+
+#include "sudo_compat.h"
+#include "sudo_plugin.h"
+#include "sudo_debug.h"
+
+static int
+sudo_printf_int(int msg_type, const char *fmt, ...)
+{
+    va_list ap;
+    int len;
+
+    switch (msg_type) {
+    case SUDO_CONV_INFO_MSG:
+	va_start(ap, fmt);
+	len = vfprintf(stdout, fmt, ap);
+	va_end(ap);
+	break;
+    case SUDO_CONV_ERROR_MSG:
+	va_start(ap, fmt);
+	len = vfprintf(stderr, fmt, ap);
+	va_end(ap);
+	break;
+    default:
+	len = -1;
+	errno = EINVAL;
+	break;
+    }
+
+    return len;
+}
+
+sudo_printf_t sudo_printf = sudo_printf_int;
diff --git a/plugins/sudoers/sudoers.c b/plugins/sudoers/sudoers.c
new file mode 100644
index 0000000..1267949
--- /dev/null
+++ b/plugins/sudoers/sudoers.c
@@ -0,0 +1,1281 @@
+/*
+ * Copyright (c) 1993-1996, 1998-2018 Todd C. Miller <Todd.Miller@sudo.ws>
+ *
+ * Permission to use, copy, modify, and distribute this software for any
+ * purpose with or without fee is hereby granted, provided that the above
+ * copyright notice and this permission notice appear in all copies.
+ *
+ * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
+ * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
+ * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
+ * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
+ * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
+ * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
+ * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
+ *
+ * Sponsored in part by the Defense Advanced Research Projects
+ * Agency (DARPA) and Air Force Research Laboratory, Air Force
+ * Materiel Command, USAF, under agreement number F39502-99-1-0512.
+ */
+
+/*
+ * This is an open source non-commercial project. Dear PVS-Studio, please check it.
+ * PVS-Studio Static Code Analyzer for C, C++ and C#: http://www.viva64.com
+ */
+
+#ifdef __TANDEM
+# include <floss.h>
+#endif
+
+#include <config.h>
+
+#include <sys/types.h>
+#include <sys/resource.h>
+#include <sys/stat.h>
+#include <sys/socket.h>
+#include <stdio.h>
+#include <stdlib.h>
+#ifdef HAVE_STRING_H
+# include <string.h>
+#endif /* HAVE_STRING_H */
+#ifdef HAVE_STRINGS_H
+# include <strings.h>
+#endif /* HAVE_STRINGS_H */
+#include <unistd.h>
+#include <pwd.h>
+#include <errno.h>
+#include <fcntl.h>
+#include <signal.h>
+#include <grp.h>
+#include <time.h>
+#include <netdb.h>
+#ifdef HAVE_LOGIN_CAP_H
+# include <login_cap.h>
+# ifndef LOGIN_DEFROOTCLASS
+#  define LOGIN_DEFROOTCLASS	"daemon"
+# endif
+# ifndef LOGIN_SETENV
+#  define LOGIN_SETENV	0
+# endif
+#endif
+#ifdef HAVE_SELINUX
+# include <selinux/selinux.h>
+#endif
+#include <ctype.h>
+
+#include "sudoers.h"
+#include "parse.h"
+#include "auth/sudo_auth.h"
+
+#ifndef HAVE_GETADDRINFO
+# include "compat/getaddrinfo.h"
+#endif
+
+/*
+ * Prototypes
+ */
+static bool cb_fqdn(const union sudo_defs_val *);
+static bool cb_runas_default(const union sudo_defs_val *);
+static bool cb_tty_tickets(const union sudo_defs_val *);
+static int set_cmnd(void);
+static int create_admin_success_flag(void);
+static bool init_vars(char * const *);
+static bool set_loginclass(struct passwd *);
+static bool set_runasgr(const char *, bool);
+static bool set_runaspw(const char *, bool);
+static bool tty_present(void);
+
+/*
+ * Globals
+ */
+struct sudo_user sudo_user;
+struct passwd *list_pw;
+uid_t timestamp_uid;
+gid_t timestamp_gid;
+#ifdef HAVE_BSD_AUTH_H
+char *login_style;
+#endif /* HAVE_BSD_AUTH_H */
+int sudo_mode;
+
+static char *prev_user;
+static char *runas_user;
+static char *runas_group;
+static struct sudo_nss_list *snl;
+
+#ifdef __linux__
+static struct rlimit nproclimit;
+#endif
+
+/* XXX - must be extern for audit bits of sudo_auth.c */
+int NewArgc;
+char **NewArgv;
+
+/*
+ * Unlimit the number of processes since Linux's setuid() will
+ * apply resource limits when changing uid and return EAGAIN if
+ * nproc would be exceeded by the uid switch.
+ */
+static void
+unlimit_nproc(void)
+{
+#ifdef __linux__
+    struct rlimit rl;
+    debug_decl(unlimit_nproc, SUDOERS_DEBUG_UTIL)
+
+    if (getrlimit(RLIMIT_NPROC, &nproclimit) != 0)
+	    sudo_warn("getrlimit");
+    rl.rlim_cur = rl.rlim_max = RLIM_INFINITY;
+    if (setrlimit(RLIMIT_NPROC, &rl) != 0) {
+	rl.rlim_cur = rl.rlim_max = nproclimit.rlim_max;
+	if (setrlimit(RLIMIT_NPROC, &rl) != 0)
+	    sudo_warn("setrlimit");
+    }
+    debug_return;
+#endif /* __linux__ */
+}
+
+/*
+ * Restore saved value of RLIMIT_NPROC.
+ */
+static void
+restore_nproc(void)
+{
+#ifdef __linux__
+    debug_decl(restore_nproc, SUDOERS_DEBUG_UTIL)
+
+    if (setrlimit(RLIMIT_NPROC, &nproclimit) != 0)
+	sudo_warn("setrlimit");
+
+    debug_return;
+#endif /* __linux__ */
+}
+
+int
+sudoers_policy_init(void *info, char * const envp[])
+{
+    struct sudo_nss *nss, *nss_next;
+    int oldlocale, sources = 0;
+    int ret = -1;
+    debug_decl(sudoers_policy_init, SUDOERS_DEBUG_PLUGIN)
+
+    bindtextdomain("sudoers", LOCALEDIR);
+
+    /* Register fatal/fatalx callback. */
+    sudo_fatal_callback_register(sudoers_cleanup);
+
+    /* Initialize environment functions (including replacements). */
+    if (!env_init(envp))
+	debug_return_int(-1);
+
+    /* Setup defaults data structures. */
+    if (!init_defaults()) {
+	sudo_warnx(U_("unable to initialize sudoers default values"));
+	debug_return_int(-1);
+    }
+
+    /* Parse info from front-end. */
+    sudo_mode = sudoers_policy_deserialize_info(info, &runas_user, &runas_group);
+    if (ISSET(sudo_mode, MODE_ERROR))
+	debug_return_int(-1);
+
+    if (!init_vars(envp))
+	debug_return_int(-1);
+
+    /* Parse nsswitch.conf for sudoers order. */
+    snl = sudo_read_nss();
+
+    /* LDAP or NSS may modify the euid so we need to be root for the open. */
+    if (!set_perms(PERM_ROOT))
+	debug_return_int(-1);
+
+    /*
+     * Open and parse sudoers, set global defaults.
+     * Uses the C locale unless another is specified in sudoers.
+     */
+    sudoers_setlocale(SUDOERS_LOCALE_SUDOERS, &oldlocale);
+    sudo_warn_set_locale_func(sudoers_warn_setlocale);
+    init_parser(sudoers_file, false);
+    TAILQ_FOREACH_SAFE(nss, snl, entries, nss_next) {
+	if (nss->open(nss) == -1 || (nss->parse_tree = nss->parse(nss)) == NULL) {
+	    TAILQ_REMOVE(snl, nss, entries);
+	    continue;
+	}
+
+	sources++;
+	if (nss->getdefs(nss) == -1 || !update_defaults(nss->parse_tree, NULL,
+	    SETDEF_GENERIC|SETDEF_HOST|SETDEF_USER|SETDEF_RUNAS, false)) {
+	    log_warningx(SLOG_SEND_MAIL|SLOG_NO_STDERR,
+		N_("problem with defaults entries"));
+	}
+    }
+    if (sources == 0) {
+	sudo_warnx(U_("no valid sudoers sources found, quitting"));
+	goto cleanup;
+    }
+
+    /* Set login class if applicable (after sudoers is parsed). */
+    if (set_loginclass(runas_pw ? runas_pw : sudo_user.pw))
+	ret = true;
+
+cleanup:
+    if (!restore_perms())
+	ret = -1;
+
+    /* Restore user's locale. */
+    sudo_warn_set_locale_func(NULL);
+    sudoers_setlocale(oldlocale, NULL);
+
+    debug_return_int(ret);
+}
+
+int
+sudoers_policy_main(int argc, char * const argv[], int pwflag, char *env_add[],
+    bool verbose, void *closure)
+{
+    char **edit_argv = NULL;
+    char *iolog_path = NULL;
+    mode_t cmnd_umask = ACCESSPERMS;
+    struct sudo_nss *nss;
+    int cmnd_status = -1, oldlocale, validated;
+    int ret = -1;
+    debug_decl(sudoers_policy_main, SUDOERS_DEBUG_PLUGIN)
+
+    sudo_warn_set_locale_func(sudoers_warn_setlocale);
+
+    unlimit_nproc();
+
+    /* Is root even allowed to run sudo? */
+    if (user_uid == 0 && !def_root_sudo) {
+	/* Not an audit event. */
+	sudo_warnx(U_("sudoers specifies that root is not allowed to sudo"));
+	goto bad;
+    }    
+
+    if (!set_perms(PERM_INITIAL))
+	goto bad;
+
+    /* Environment variables specified on the command line. */
+    if (env_add != NULL && env_add[0] != NULL)
+	sudo_user.env_vars = env_add;
+
+    /*
+     * Make a local copy of argc/argv, with special handling
+     * for pseudo-commands and the '-i' option.
+     */
+    if (argc == 0) {
+	NewArgc = 1;
+	NewArgv = reallocarray(NULL, NewArgc + 1, sizeof(char *));
+	if (NewArgv == NULL) {
+	    sudo_warnx(U_("%s: %s"), __func__, U_("unable to allocate memory"));
+	    goto done;
+	}
+	NewArgv[0] = user_cmnd;
+	NewArgv[1] = NULL;
+    } else {
+	/* Must leave an extra slot before NewArgv for bash's --login */
+	NewArgc = argc;
+	NewArgv = reallocarray(NULL, NewArgc + 2, sizeof(char *));
+	if (NewArgv == NULL) {
+	    sudo_warnx(U_("%s: %s"), __func__, U_("unable to allocate memory"));
+	    goto done;
+	}
+	NewArgv++;	/* reserve an extra slot for --login */
+	memcpy(NewArgv, argv, argc * sizeof(char *));
+	NewArgv[NewArgc] = NULL;
+	if (ISSET(sudo_mode, MODE_LOGIN_SHELL) && runas_pw != NULL) {
+	    NewArgv[0] = strdup(runas_pw->pw_shell);
+	    if (NewArgv[0] == NULL) {
+		sudo_warnx(U_("%s: %s"), __func__, U_("unable to allocate memory"));
+		free(NewArgv);
+		goto done;
+	    }
+	}
+    }
+
+    /* If given the -P option, set the "preserve_groups" flag. */
+    if (ISSET(sudo_mode, MODE_PRESERVE_GROUPS))
+	def_preserve_groups = true;
+
+    /* Find command in path and apply per-command Defaults. */
+    cmnd_status = set_cmnd();
+    if (cmnd_status == NOT_FOUND_ERROR)
+	goto done;
+
+    /* Check for -C overriding def_closefrom. */
+    if (user_closefrom >= 0 && user_closefrom != def_closefrom) {
+	if (!def_closefrom_override) {
+	    /* XXX - audit? */
+	    sudo_warnx(U_("you are not permitted to use the -C option"));
+	    goto bad;
+	}
+	def_closefrom = user_closefrom;
+    }
+
+    /*
+     * Check sudoers sources, using the locale specified in sudoers.
+     */
+    sudoers_setlocale(SUDOERS_LOCALE_SUDOERS, &oldlocale);
+    validated = sudoers_lookup(snl, sudo_user.pw, FLAG_NO_USER | FLAG_NO_HOST,
+	pwflag);
+    if (ISSET(validated, VALIDATE_ERROR)) {
+	/* The lookup function should have printed an error. */
+	goto done;
+    }
+
+    /* Restore user's locale. */
+    sudoers_setlocale(oldlocale, NULL);
+
+    if (safe_cmnd == NULL) {
+	if ((safe_cmnd = strdup(user_cmnd)) == NULL) {
+	    sudo_warnx(U_("%s: %s"), __func__, U_("unable to allocate memory"));
+	    goto done;
+	}
+    }
+
+    /*
+     * Look up the timestamp dir owner if one is specified.
+     */
+    if (def_timestampowner) {
+	struct passwd *pw = NULL;
+
+	if (*def_timestampowner == '#') {
+	    const char *errstr;
+	    uid_t uid = sudo_strtoid(def_timestampowner + 1, NULL, NULL, &errstr);
+	    if (errstr == NULL)
+		pw = sudo_getpwuid(uid);
+	}
+	if (pw == NULL)
+	    pw = sudo_getpwnam(def_timestampowner);
+	if (pw != NULL) {
+	    timestamp_uid = pw->pw_uid;
+	    timestamp_gid = pw->pw_gid;
+	    sudo_pw_delref(pw);
+	} else {
+	    log_warningx(SLOG_SEND_MAIL,
+		N_("timestamp owner (%s): No such user"), def_timestampowner);
+	    timestamp_uid = ROOT_UID;
+	    timestamp_gid = ROOT_GID;
+	}
+    }
+
+    /* If no command line args and "shell_noargs" is not set, error out. */
+    if (ISSET(sudo_mode, MODE_IMPLIED_SHELL) && !def_shell_noargs) {
+	/* Not an audit event. */
+	ret = -2; /* usage error */
+	goto done;
+    }
+
+    /* Bail if a tty is required and we don't have one.  */
+    if (def_requiretty && !tty_present()) {
+	audit_failure(NewArgc, NewArgv, N_("no tty"));
+	sudo_warnx(U_("sorry, you must have a tty to run sudo"));
+	goto bad;
+    }
+
+    /*
+     * We don't reset the environment for sudoedit or if the user
+     * specified the -E command line flag and they have setenv privs.
+     */
+    if (ISSET(sudo_mode, MODE_EDIT) ||
+	(ISSET(sudo_mode, MODE_PRESERVE_ENV) && def_setenv))
+	def_env_reset = false;
+
+    /* Build a new environment that avoids any nasty bits. */
+    if (!rebuild_env())
+	goto bad;
+
+    /* Require a password if sudoers says so.  */
+    switch (check_user(validated, sudo_mode)) {
+    case true:
+	/* user authenticated successfully. */
+	break;
+    case false:
+	/* Note: log_denial() calls audit for us. */
+	if (!ISSET(validated, VALIDATE_SUCCESS)) {
+	    /* Only display a denial message if no password was read. */
+	    if (!log_denial(validated, def_passwd_tries <= 0))
+		goto done;
+	}
+	goto bad;
+    default:
+	/* some other error, ret is -1. */
+	goto done;
+    }
+
+    /* If run as root with SUDO_USER set, set sudo_user.pw to that user. */
+    /* XXX - causes confusion when root is not listed in sudoers */
+    if (sudo_mode & (MODE_RUN | MODE_EDIT) && prev_user != NULL) {
+	if (user_uid == 0 && strcmp(prev_user, "root") != 0) {
+	    struct passwd *pw;
+
+	    if ((pw = sudo_getpwnam(prev_user)) != NULL) {
+		    if (sudo_user.pw != NULL)
+			sudo_pw_delref(sudo_user.pw);
+		    sudo_user.pw = pw;
+	    }
+	}
+    }
+
+    /* If the user was not allowed to run the command we are done. */
+    if (!ISSET(validated, VALIDATE_SUCCESS)) {
+	/* Note: log_failure() calls audit for us. */
+	if (!log_failure(validated, cmnd_status))
+	    goto done;
+	goto bad;
+    }
+
+    /* Create Ubuntu-style dot file to indicate sudo was successful. */
+    if (create_admin_success_flag() == -1)
+	goto done;
+
+    /* Finally tell the user if the command did not exist. */
+    if (cmnd_status == NOT_FOUND_DOT) {
+	audit_failure(NewArgc, NewArgv, N_("command in current directory"));
+	sudo_warnx(U_("ignoring \"%s\" found in '.'\nUse \"sudo ./%s\" if this is the \"%s\" you wish to run."), user_cmnd, user_cmnd, user_cmnd);
+	goto bad;
+    } else if (cmnd_status == NOT_FOUND) {
+	if (ISSET(sudo_mode, MODE_CHECK)) {
+	    audit_failure(NewArgc, NewArgv, N_("%s: command not found"),
+		NewArgv[0]);
+	    sudo_warnx(U_("%s: command not found"), NewArgv[0]);
+	} else {
+	    audit_failure(NewArgc, NewArgv, N_("%s: command not found"),
+		user_cmnd);
+	    sudo_warnx(U_("%s: command not found"), user_cmnd);
+	}
+	goto bad;
+    }
+
+    /* If user specified a timeout make sure sudoers allows it. */
+    if (!def_user_command_timeouts && user_timeout > 0) {
+	/* XXX - audit/log? */
+	sudo_warnx(U_("sorry, you are not allowed set a command timeout"));
+	goto bad;
+    }
+
+    /* If user specified env vars make sure sudoers allows it. */
+    if (ISSET(sudo_mode, MODE_RUN) && !def_setenv) {
+	if (ISSET(sudo_mode, MODE_PRESERVE_ENV)) {
+	    /* XXX - audit/log? */
+	    sudo_warnx(U_("sorry, you are not allowed to preserve the environment"));
+	    goto bad;
+	} else {
+	    if (!validate_env_vars(sudo_user.env_vars))
+		goto bad;
+	}
+    }
+
+    if (ISSET(sudo_mode, (MODE_RUN | MODE_EDIT))) {
+	if ((def_log_input || def_log_output) && def_iolog_file && def_iolog_dir) {
+	    const char prefix[] = "iolog_path=";
+	    iolog_path = expand_iolog_path(prefix, def_iolog_dir,
+		def_iolog_file, &sudo_user.iolog_file);
+	    if (iolog_path == NULL) {
+		if (!def_ignore_iolog_errors)
+		    goto done;
+		/* Unable to expand I/O log path, disable I/O logging. */
+		def_log_input = false;
+		def_log_output = false;
+	    } else {
+		sudo_user.iolog_file++;
+	    }
+	}
+    }
+
+    if (!log_allowed(validated) && !def_ignore_logfile_errors)
+	goto bad;
+
+    switch (sudo_mode & MODE_MASK) {
+	case MODE_CHECK:
+	    ret = display_cmnd(snl, list_pw ? list_pw : sudo_user.pw);
+	    break;
+	case MODE_LIST:
+	    ret = display_privs(snl, list_pw ? list_pw : sudo_user.pw, verbose);
+	    break;
+	case MODE_VALIDATE:
+	    /* Nothing to do. */
+	    ret = true;
+	    break;
+	case MODE_RUN:
+	case MODE_EDIT:
+	    /* ret set by sudoers_policy_exec_setup() below. */
+	    break;
+	default:
+	    /* Should not happen. */
+	    sudo_warnx("internal error, unexpected sudo mode 0x%x", sudo_mode);
+	    goto done;
+    }
+
+    /* Cleanup sudoers sources */
+    TAILQ_FOREACH(nss, snl, entries) {
+	nss->close(nss);
+    }
+    if (def_group_plugin)
+	group_plugin_unload();
+    init_parser(NULL, false);
+
+    if (ISSET(sudo_mode, (MODE_VALIDATE|MODE_CHECK|MODE_LIST))) {
+	/* ret already set appropriately */
+	goto done;
+    }
+
+    /*
+     * Set umask based on sudoers.
+     * If user's umask is more restrictive, OR in those bits too
+     * unless umask_override is set.
+     */
+    if (def_umask != ACCESSPERMS) {
+	cmnd_umask = def_umask;
+	if (!def_umask_override)
+	    cmnd_umask |= user_umask;
+    }
+
+    if (ISSET(sudo_mode, MODE_LOGIN_SHELL)) {
+	char *p;
+
+	/* Convert /bin/sh -> -sh so shell knows it is a login shell */
+	if ((p = strrchr(NewArgv[0], '/')) == NULL)
+	    p = NewArgv[0];
+	*p = '-';
+	NewArgv[0] = p;
+
+	/*
+	 * Newer versions of bash require the --login option to be used
+	 * in conjunction with the -c option even if the shell name starts
+	 * with a '-'.  Unfortunately, bash 1.x uses -login, not --login
+	 * so this will cause an error for that.
+	 */
+	if (NewArgc > 1 && strcmp(NewArgv[0], "-bash") == 0 &&
+	    strcmp(NewArgv[1], "-c") == 0) {
+	    /* Use the extra slot before NewArgv so we can store --login. */
+	    NewArgv--;
+	    NewArgc++;
+	    NewArgv[0] = NewArgv[1];
+	    NewArgv[1] = "--login";
+	}
+
+#if defined(_AIX) || (defined(__linux__) && !defined(HAVE_PAM))
+	/* Insert system-wide environment variables. */
+	if (!read_env_file(_PATH_ENVIRONMENT, true, false))
+	    sudo_warn("%s", _PATH_ENVIRONMENT);
+#endif
+#ifdef HAVE_LOGIN_CAP_H
+	/* Set environment based on login class. */
+	if (login_class) {
+	    login_cap_t *lc = login_getclass(login_class);
+	    if (lc != NULL) {
+		setusercontext(lc, runas_pw, runas_pw->pw_uid, LOGIN_SETPATH|LOGIN_SETENV);
+		login_close(lc);
+	    }
+	}
+#endif /* HAVE_LOGIN_CAP_H */
+    }
+
+    /* Insert system-wide environment variables. */
+    if (def_restricted_env_file) {
+	if (!read_env_file(def_env_file, false, true))
+	    sudo_warn("%s", def_restricted_env_file);
+    }
+    if (def_env_file) {
+	if (!read_env_file(def_env_file, false, false))
+	    sudo_warn("%s", def_env_file);
+    }
+
+    /* Insert user-specified environment variables. */
+    if (!insert_env_vars(sudo_user.env_vars))
+	goto done;
+
+    /* Note: must call audit before uid change. */
+    if (ISSET(sudo_mode, MODE_EDIT)) {
+	int edit_argc;
+	const char *env_editor;
+
+	free(safe_cmnd);
+	safe_cmnd = find_editor(NewArgc - 1, NewArgv + 1, &edit_argc,
+	    &edit_argv, NULL, &env_editor, false);
+	if (safe_cmnd == NULL) {
+	    if (errno != ENOENT)
+		goto done;
+	    audit_failure(NewArgc, NewArgv, N_("%s: command not found"),
+		env_editor ? env_editor : def_editor);
+	    sudo_warnx(U_("%s: command not found"),
+		env_editor ? env_editor : def_editor);
+	    goto bad;
+	}
+	if (audit_success(edit_argc, edit_argv) != 0 && !def_ignore_audit_errors)
+	    goto done;
+
+	/* We want to run the editor with the unmodified environment. */
+	env_swap_old();
+    } else {
+	if (audit_success(NewArgc, NewArgv) != 0 && !def_ignore_audit_errors)
+	    goto done;
+    }
+
+    /* Setup execution environment to pass back to front-end. */
+    ret = sudoers_policy_exec_setup(edit_argv ? edit_argv : NewArgv,
+	env_get(), cmnd_umask, iolog_path, closure);
+
+    /* Zero out stashed copy of environment, it is owned by the front-end. */
+    (void)env_init(NULL);
+
+    goto done;
+
+bad:
+    ret = false;
+
+done:
+    if (!rewind_perms())
+	ret = -1;
+
+    restore_nproc();
+
+    /* Destroy the password and group caches and free the contents. */
+    sudo_freepwcache();
+    sudo_freegrcache();
+
+    sudo_warn_set_locale_func(NULL);
+
+    debug_return_int(ret);
+}
+
+/*
+ * Initialize timezone and fill in sudo_user struct.
+ */
+static bool
+init_vars(char * const envp[])
+{
+    char * const * ep;
+    bool unknown_user = false;
+    debug_decl(init_vars, SUDOERS_DEBUG_PLUGIN)
+
+    if (!sudoers_initlocale(setlocale(LC_ALL, NULL), def_sudoers_locale)) {
+	sudo_warnx(U_("%s: %s"), __func__, U_("unable to allocate memory"));
+	debug_return_bool(false);
+    }
+
+#define MATCHES(s, v)	\
+    (strncmp((s), (v), sizeof(v) - 1) == 0 && (s)[sizeof(v) - 1] != '\0')
+
+    for (ep = envp; *ep; ep++) {
+	switch (**ep) {
+	    case 'K':
+		if (MATCHES(*ep, "KRB5CCNAME="))
+		    user_ccname = *ep + sizeof("KRB5CCNAME=") - 1;
+		break;
+	    case 'P':
+		if (MATCHES(*ep, "PATH="))
+		    user_path = *ep + sizeof("PATH=") - 1;
+		break;
+	    case 'S':
+		if (MATCHES(*ep, "SUDO_PROMPT=")) {
+		    /* Don't override "sudo -p prompt" */
+		    if (user_prompt == NULL)
+			user_prompt = *ep + sizeof("SUDO_PROMPT=") - 1;
+		    break;
+		}
+		if (MATCHES(*ep, "SUDO_USER="))
+		    prev_user = *ep + sizeof("SUDO_USER=") - 1;
+		break;
+	    }
+    }
+#undef MATCHES
+
+    /*
+     * Get a local copy of the user's passwd struct and group list if we
+     * don't already have them.
+     */
+    if (sudo_user.pw == NULL) {
+	if ((sudo_user.pw = sudo_getpwnam(user_name)) == NULL) {
+	    /*
+	     * It is not unusual for users to place "sudo -k" in a .logout
+	     * file which can cause sudo to be run during reboot after the
+	     * YP/NIS/NIS+/LDAP/etc daemon has died.
+	     */
+	    if (sudo_mode == MODE_KILL || sudo_mode == MODE_INVALIDATE) {
+		sudo_warnx(U_("unknown uid: %u"), (unsigned int) user_uid);
+		debug_return_bool(false);
+	    }
+
+	    /* Need to make a fake struct passwd for the call to log_warningx(). */
+	    sudo_user.pw = sudo_mkpwent(user_name, user_uid, user_gid, NULL, NULL);
+	    unknown_user = true;
+	}
+    }
+    if (user_gid_list == NULL)
+	user_gid_list = sudo_get_gidlist(sudo_user.pw, ENTRY_TYPE_ANY);
+
+    /* Store initialize permissions so we can restore them later. */
+    if (!set_perms(PERM_INITIAL))
+	debug_return_bool(false);
+
+    /* Set fqdn callback. */
+    sudo_defs_table[I_FQDN].callback = cb_fqdn;
+
+    /* Set group_plugin callback. */
+    sudo_defs_table[I_GROUP_PLUGIN].callback = cb_group_plugin;
+
+    /* Set runas callback. */
+    sudo_defs_table[I_RUNAS_DEFAULT].callback = cb_runas_default;
+
+    /* Set locale callback. */
+    sudo_defs_table[I_SUDOERS_LOCALE].callback = sudoers_locale_callback;
+
+    /* Set maxseq callback. */
+    sudo_defs_table[I_MAXSEQ].callback = cb_maxseq;
+
+    /* Set iolog_user callback. */
+    sudo_defs_table[I_IOLOG_USER].callback = cb_iolog_user;
+
+    /* Set iolog_group callback. */
+    sudo_defs_table[I_IOLOG_GROUP].callback = cb_iolog_group;
+
+    /* Set iolog_mode callback. */
+    sudo_defs_table[I_IOLOG_MODE].callback = cb_iolog_mode;
+
+    /* Set tty_tickets callback. */
+    sudo_defs_table[I_TTY_TICKETS].callback = cb_tty_tickets;
+
+    /* It is now safe to use log_warningx() and set_perms() */
+    if (unknown_user) {
+	log_warningx(SLOG_SEND_MAIL, N_("unknown uid: %u"),
+	    (unsigned int) user_uid);
+	debug_return_bool(false);
+    }
+
+    /*
+     * Set runas passwd/group entries based on command line or sudoers.
+     * Note that if runas_group was specified without runas_user we
+     * run the command as the invoking user.
+     */
+    if (runas_group != NULL) {
+	if (!set_runasgr(runas_group, false))
+	    debug_return_bool(false);
+	if (!set_runaspw(runas_user ? runas_user : user_name, false))
+	    debug_return_bool(false);
+    } else {
+	if (!set_runaspw(runas_user ? runas_user : def_runas_default, false))
+	    debug_return_bool(false);
+    }
+
+    debug_return_bool(true);
+}
+
+/*
+ * Fill in user_cmnd, user_args, user_base and user_stat variables
+ * and apply any command-specific defaults entries.
+ */
+static int
+set_cmnd(void)
+{
+    struct sudo_nss *nss;
+    char *path = user_path;
+    int ret = FOUND;
+    debug_decl(set_cmnd, SUDOERS_DEBUG_PLUGIN)
+
+    /* Allocate user_stat for find_path() and match functions. */
+    user_stat = calloc(1, sizeof(struct stat));
+    if (user_stat == NULL) {
+	sudo_warnx(U_("%s: %s"), __func__, U_("unable to allocate memory"));
+	debug_return_int(NOT_FOUND_ERROR);
+    }
+
+    /* Default value for cmnd, overridden below. */
+    if (user_cmnd == NULL)
+	user_cmnd = NewArgv[0];
+
+    if (sudo_mode & (MODE_RUN | MODE_EDIT | MODE_CHECK)) {
+	if (ISSET(sudo_mode, MODE_RUN | MODE_CHECK)) {
+	    if (def_secure_path && !user_is_exempt())
+		path = def_secure_path;
+	    if (!set_perms(PERM_RUNAS))
+		debug_return_int(-1);
+	    ret = find_path(NewArgv[0], &user_cmnd, user_stat, path,
+		def_ignore_dot, NULL);
+	    if (!restore_perms())
+		debug_return_int(-1);
+	    if (ret == NOT_FOUND) {
+		/* Failed as root, try as invoking user. */
+		if (!set_perms(PERM_USER))
+		    debug_return_int(-1);
+		ret = find_path(NewArgv[0], &user_cmnd, user_stat, path,
+		    def_ignore_dot, NULL);
+		if (!restore_perms())
+		    debug_return_int(-1);
+	    }
+	    if (ret == NOT_FOUND_ERROR) {
+		if (errno == ENAMETOOLONG)
+		    audit_failure(NewArgc, NewArgv, N_("command too long"));
+		log_warning(0, "%s", NewArgv[0]);
+		debug_return_int(ret);
+	    }
+	}
+
+	/* set user_args */
+	if (NewArgc > 1) {
+	    char *to, *from, **av;
+	    size_t size, n;
+
+	    /* Alloc and build up user_args. */
+	    for (size = 0, av = NewArgv + 1; *av; av++)
+		size += strlen(*av) + 1;
+	    if (size == 0 || (user_args = malloc(size)) == NULL) {
+		sudo_warnx(U_("%s: %s"), __func__, U_("unable to allocate memory"));
+		debug_return_int(-1);
+	    }
+	    if (ISSET(sudo_mode, MODE_SHELL|MODE_LOGIN_SHELL)) {
+		/*
+		 * When running a command via a shell, the sudo front-end
+		 * escapes potential meta chars.  We unescape non-spaces
+		 * for sudoers matching and logging purposes.
+		 */
+		for (to = user_args, av = NewArgv + 1; (from = *av); av++) {
+		    while (*from) {
+			if (from[0] == '\\' && !isspace((unsigned char)from[1]))
+			    from++;
+			*to++ = *from++;
+		    }
+		    *to++ = ' ';
+		}
+		*--to = '\0';
+	    } else {
+		for (to = user_args, av = NewArgv + 1; *av; av++) {
+		    n = strlcpy(to, *av, size - (to - user_args));
+		    if (n >= size - (to - user_args)) {
+			sudo_warnx(U_("internal error, %s overflow"), __func__);
+			debug_return_int(-1);
+		    }
+		    to += n;
+		    *to++ = ' ';
+		}
+		*--to = '\0';
+	    }
+	}
+    }
+
+    if ((user_base = strrchr(user_cmnd, '/')) != NULL)
+	user_base++;
+    else
+	user_base = user_cmnd;
+
+    TAILQ_FOREACH(nss, snl, entries) {
+	if (!update_defaults(nss->parse_tree, NULL, SETDEF_CMND, false)) {
+	    log_warningx(SLOG_SEND_MAIL|SLOG_NO_STDERR,
+		N_("problem with defaults entries"));
+	}
+    }
+
+    debug_return_int(ret);
+}
+
+/*
+ * Open sudoers and sanity check mode/owner/type.
+ * Returns a handle to the sudoers file or NULL on error.
+ */
+FILE *
+open_sudoers(const char *sudoers, bool doedit, bool *keepopen)
+{
+    struct stat sb;
+    FILE *fp = NULL;
+    debug_decl(open_sudoers, SUDOERS_DEBUG_PLUGIN)
+
+    if (!set_perms(PERM_SUDOERS))
+	debug_return_ptr(NULL);
+
+    switch (sudo_secure_file(sudoers, sudoers_uid, sudoers_gid, &sb)) {
+	case SUDO_PATH_SECURE:
+	    /*
+	     * If we are expecting sudoers to be group readable by
+	     * SUDOERS_GID but it is not, we must open the file as root,
+	     * not uid 1.
+	     */
+	    if (sudoers_uid == ROOT_UID && ISSET(sudoers_mode, S_IRGRP)) {
+		if (!ISSET(sb.st_mode, S_IRGRP) || sb.st_gid != SUDOERS_GID) {
+		    if (!restore_perms() || !set_perms(PERM_ROOT))
+			debug_return_ptr(NULL);
+		}
+	    }
+	    /*
+	     * Open sudoers and make sure we can read it so we can present
+	     * the user with a reasonable error message (unlike the lexer).
+	     */
+	    if ((fp = fopen(sudoers, "r")) == NULL) {
+		log_warning(SLOG_SEND_MAIL, N_("unable to open %s"), sudoers);
+	    } else {
+		if (sb.st_size != 0 && fgetc(fp) == EOF) {
+		    log_warning(SLOG_SEND_MAIL,
+			N_("unable to read %s"), sudoers);
+		    fclose(fp);
+		    fp = NULL;
+		} else {
+		    /* Rewind fp and set close on exec flag. */
+		    rewind(fp);
+		    (void) fcntl(fileno(fp), F_SETFD, 1);
+		}
+	    }
+	    break;
+	case SUDO_PATH_MISSING:
+	    log_warning(SLOG_SEND_MAIL, N_("unable to stat %s"), sudoers);
+	    break;
+	case SUDO_PATH_BAD_TYPE:
+	    log_warningx(SLOG_SEND_MAIL,
+		N_("%s is not a regular file"), sudoers);
+	    break;
+	case SUDO_PATH_WRONG_OWNER:
+	    log_warningx(SLOG_SEND_MAIL,
+		N_("%s is owned by uid %u, should be %u"), sudoers,
+		(unsigned int) sb.st_uid, (unsigned int) sudoers_uid);
+	    break;
+	case SUDO_PATH_WORLD_WRITABLE:
+	    log_warningx(SLOG_SEND_MAIL, N_("%s is world writable"), sudoers);
+	    break;
+	case SUDO_PATH_GROUP_WRITABLE:
+	    log_warningx(SLOG_SEND_MAIL,
+		N_("%s is owned by gid %u, should be %u"), sudoers,
+		(unsigned int) sb.st_gid, (unsigned int) sudoers_gid);
+	    break;
+	default:
+	    /* NOTREACHED */
+	    break;
+    }
+
+    if (!restore_perms()) {
+	/* unable to change back to root */
+	if (fp != NULL) {
+	    fclose(fp);
+	    fp = NULL;
+	}
+    }
+
+    debug_return_ptr(fp);
+}
+
+#ifdef HAVE_LOGIN_CAP_H
+static bool
+set_loginclass(struct passwd *pw)
+{
+    const int errflags = SLOG_RAW_MSG;
+    login_cap_t *lc;
+    bool ret = true;
+    debug_decl(set_loginclass, SUDOERS_DEBUG_PLUGIN)
+
+    if (!def_use_loginclass)
+	goto done;
+
+    if (login_class && strcmp(login_class, "-") != 0) {
+	if (user_uid != 0 && pw->pw_uid != 0) {
+	    sudo_warnx(U_("only root can use \"-c %s\""), login_class);
+	    ret = false;
+	    goto done;
+	}
+    } else {
+	login_class = pw->pw_class;
+	if (!login_class || !*login_class)
+	    login_class =
+		(pw->pw_uid == 0) ? LOGIN_DEFROOTCLASS : LOGIN_DEFCLASS;
+    }
+
+    /* Make sure specified login class is valid. */
+    lc = login_getclass(login_class);
+    if (!lc || !lc->lc_class || strcmp(lc->lc_class, login_class) != 0) {
+	/*
+	 * Don't make it an error if the user didn't specify the login
+	 * class themselves.  We do this because if login.conf gets
+	 * corrupted we want the admin to be able to use sudo to fix it.
+	 */
+	log_warningx(errflags, N_("unknown login class: %s"), login_class);
+	def_use_loginclass = false;
+	if (login_class)
+	    ret = false;
+    }
+    login_close(lc);
+done:
+    debug_return_bool(ret);
+}
+#else
+static bool
+set_loginclass(struct passwd *pw)
+{
+    return true;
+}
+#endif /* HAVE_LOGIN_CAP_H */
+
+#ifndef AI_FQDN
+# define AI_FQDN AI_CANONNAME
+#endif
+
+/*
+ * Look up the fully qualified domain name of host.
+ * Use AI_FQDN if available since "canonical" is not always the same as fqdn.
+ * Returns true on success, setting longp and shortp.
+ * Returns false on failure, longp and shortp are unchanged.
+ */
+static int
+resolve_host(const char *host, char **longp, char **shortp)
+{
+    struct addrinfo *res0, hint;
+    char *cp, *lname, *sname;
+    int ret;
+    debug_decl(resolve_host, SUDOERS_DEBUG_PLUGIN)
+
+    memset(&hint, 0, sizeof(hint));
+    hint.ai_family = PF_UNSPEC;
+    hint.ai_flags = AI_FQDN;
+
+    if ((ret = getaddrinfo(host, NULL, &hint, &res0)) != 0)
+	debug_return_int(ret);
+    if ((lname = strdup(res0->ai_canonname)) == NULL) {
+	freeaddrinfo(res0);
+	debug_return_int(EAI_MEMORY);
+    }
+    if ((cp = strchr(lname, '.')) != NULL) {
+	sname = strndup(lname, (size_t)(cp - lname));
+	if (sname == NULL) {
+	    free(lname);
+	    freeaddrinfo(res0);
+	    debug_return_int(EAI_MEMORY);
+	}
+    } else {
+	sname = lname;
+    }
+    freeaddrinfo(res0);
+    *longp = lname;
+    *shortp = sname;
+
+    debug_return_int(0);
+}
+
+/*
+ * Look up the fully qualified domain name of user_host and user_runhost.
+ * Sets user_host, user_shost, user_runhost and user_srunhost.
+ */
+static bool
+cb_fqdn(const union sudo_defs_val *sd_un)
+{
+    bool remote;
+    char *lhost, *shost;
+    debug_decl(cb_fqdn, SUDOERS_DEBUG_PLUGIN)
+
+    /* Nothing to do if fqdn flag is disabled. */
+    if (sd_un != NULL && !sd_un->flag)
+	debug_return_bool(true);
+
+    /* If the -h flag was given we need to resolve both host and runhost. */
+    remote = strcmp(user_runhost, user_host) != 0;
+
+    /* First resolve user_host, setting user_host and user_shost. */
+    if (resolve_host(user_host, &lhost, &shost) != 0) {
+	int rc = resolve_host(user_runhost, &lhost, &shost);
+	if (rc != 0) {
+	    gai_log_warning(SLOG_SEND_MAIL|SLOG_RAW_MSG, rc,
+		N_("unable to resolve host %s"), user_host);
+	    debug_return_bool(false);
+	}
+    }
+    if (user_shost != user_host)
+	free(user_shost);
+    free(user_host);
+    user_host = lhost;
+    user_shost = shost;
+
+    /* Next resolve user_runhost, setting user_runhost and user_srunhost. */
+    lhost = shost = NULL;
+    if (remote) {
+	if (!resolve_host(user_runhost, &lhost, &shost)) {
+	    sudo_warnx(U_("unable to resolve host %s"), user_runhost);
+	}
+    } else {
+	/* Not remote, just use user_host. */
+	if ((lhost = strdup(user_host)) != NULL) {
+	    if (user_shost != user_host)
+		shost = strdup(user_shost);
+	    else
+		shost = lhost;
+	}
+	if (lhost == NULL || shost == NULL) {
+	    free(lhost);
+	    if (lhost != shost)
+		free(shost);
+	    sudo_warnx(U_("%s: %s"), __func__, U_("unable to allocate memory"));
+	    debug_return_bool(false);
+	}
+    }
+    if (lhost != NULL && shost != NULL) {
+	if (user_srunhost != user_runhost)
+	    free(user_srunhost);
+	free(user_runhost);
+	user_runhost = lhost;
+	user_srunhost = shost;
+    }
+
+    sudo_debug_printf(SUDO_DEBUG_INFO|SUDO_DEBUG_LINENO,
+	"host %s, shost %s, runhost %s, srunhost %s",
+	user_host, user_shost, user_runhost, user_srunhost);
+    debug_return_bool(true);
+}
+
+/*
+ * Get passwd entry for the user we are going to run commands as
+ * and store it in runas_pw.  By default, commands run as "root".
+ */
+static bool
+set_runaspw(const char *user, bool quiet)
+{
+    struct passwd *pw = NULL;
+    debug_decl(set_runaspw, SUDOERS_DEBUG_PLUGIN)
+
+    if (*user == '#') {
+	const char *errstr;
+	uid_t uid = sudo_strtoid(user + 1, NULL, NULL, &errstr);
+	if (errstr == NULL) {
+	    if ((pw = sudo_getpwuid(uid)) == NULL)
+		pw = sudo_fakepwnam(user, user_gid);
+	}
+    }
+    if (pw == NULL) {
+	if ((pw = sudo_getpwnam(user)) == NULL) {
+	    if (!quiet)
+		log_warningx(SLOG_RAW_MSG, N_("unknown user: %s"), user);
+	    debug_return_bool(false);
+	}
+    }
+    if (runas_pw != NULL)
+	sudo_pw_delref(runas_pw);
+    runas_pw = pw;
+    debug_return_bool(true);
+}
+
+/*
+ * Get group entry for the group we are going to run commands as
+ * and store it in runas_gr.
+ */
+static bool
+set_runasgr(const char *group, bool quiet)
+{
+    struct group *gr = NULL;
+    debug_decl(set_runasgr, SUDOERS_DEBUG_PLUGIN)
+
+    if (*group == '#') {
+	const char *errstr;
+	gid_t gid = sudo_strtoid(group + 1, NULL, NULL, &errstr);
+	if (errstr == NULL) {
+	    if ((gr = sudo_getgrgid(gid)) == NULL)
+		gr = sudo_fakegrnam(group);
+	}
+    }
+    if (gr == NULL) {
+	if ((gr = sudo_getgrnam(group)) == NULL) {
+	    if (!quiet)
+		log_warningx(SLOG_RAW_MSG, N_("unknown group: %s"), group);
+	    debug_return_bool(false);
+	}
+    }
+    if (runas_gr != NULL)
+	sudo_gr_delref(runas_gr);
+    runas_gr = gr;
+    debug_return_bool(true);
+}
+
+/*
+ * Callback for runas_default sudoers setting.
+ */
+static bool
+cb_runas_default(const union sudo_defs_val *sd_un)
+{
+    debug_decl(cb_runas_default, SUDOERS_DEBUG_PLUGIN)
+
+    /* Only reset runaspw if user didn't specify one. */
+    if (!runas_user && !runas_group)
+	debug_return_bool(set_runaspw(sd_un->str, true));
+    debug_return_bool(true);
+}
+
+/*
+ * Callback for runas_default sudoers setting.
+ */
+static bool
+cb_tty_tickets(const union sudo_defs_val *sd_un)
+{
+    debug_decl(cb_tty_tickets, SUDOERS_DEBUG_PLUGIN)
+
+    /* Convert tty_tickets -> timestamp_type */
+    if (sd_un->flag)
+	def_timestamp_type = tty;
+    else
+	def_timestamp_type = global;
+    debug_return_bool(true);
+}
+
+/*
+ * Cleanup hook for sudo_fatal()/sudo_fatalx()
+ */
+void
+sudoers_cleanup(void)
+{
+    struct sudo_nss *nss;
+    debug_decl(sudoers_cleanup, SUDOERS_DEBUG_PLUGIN)
+
+    if (snl != NULL) {
+	TAILQ_FOREACH(nss, snl, entries) {
+	    nss->close(nss);
+	}
+    }
+    if (def_group_plugin)
+	group_plugin_unload();
+    sudo_freepwcache();
+    sudo_freegrcache();
+
+    debug_return;
+}
+
+#ifdef USE_ADMIN_FLAG
+static int
+create_admin_success_flag(void)
+{
+    char flagfile[PATH_MAX];
+    int len, ret = -1;
+    debug_decl(create_admin_success_flag, SUDOERS_DEBUG_PLUGIN)
+
+    /* Check whether the user is in the sudo or admin group. */
+    if (!user_in_group(sudo_user.pw, "sudo") &&
+	!user_in_group(sudo_user.pw, "admin"))
+	debug_return_int(true);
+
+    /* Build path to flag file. */
+    len = snprintf(flagfile, sizeof(flagfile), "%s/.sudo_as_admin_successful",
+	user_dir);
+    if (len <= 0 || (size_t)len >= sizeof(flagfile))
+	debug_return_int(false);
+
+    /* Create admin flag file if it doesn't already exist. */
+    if (set_perms(PERM_USER)) {
+	int fd = open(flagfile, O_CREAT|O_WRONLY|O_NONBLOCK|O_EXCL, 0644);
+	ret = fd != -1 || errno == EEXIST;
+	if (fd != -1)
+	    close(fd);
+	if (!restore_perms())
+	    ret = -1;
+    }
+    debug_return_int(ret);
+}
+#else /* !USE_ADMIN_FLAG */
+static int
+create_admin_success_flag(void)
+{
+    /* STUB */
+    return true;
+}
+#endif /* USE_ADMIN_FLAG */
+
+static bool
+tty_present(void)
+{
+#if defined(HAVE_KINFO_PROC2_NETBSD) || defined(HAVE_KINFO_PROC_OPENBSD) || defined(HAVE_KINFO_PROC_FREEBSD) || defined(HAVE_KINFO_PROC_44BSD) || defined(HAVE_STRUCT_PSINFO_PR_TTYDEV) || defined(HAVE_PSTAT_GETPROC) || defined(__linux__)
+    return user_ttypath != NULL;
+#else
+    int fd = open(_PATH_TTY, O_RDWR);
+    if (fd != -1)
+	close(fd);
+    return fd != -1;
+#endif
+}
diff --git a/plugins/sudoers/sudoers.exp b/plugins/sudoers/sudoers.exp
new file mode 100644
index 0000000..d52ef1e
--- /dev/null
+++ b/plugins/sudoers/sudoers.exp
@@ -0,0 +1,6 @@
+sudoers_policy
+sudoers_io
+sudo_getgrgid
+sudo_getgrnam
+sudo_gr_addref
+sudo_gr_delref
diff --git a/plugins/sudoers/sudoers.h b/plugins/sudoers/sudoers.h
new file mode 100644
index 0000000..28dbbb3
--- /dev/null
+++ b/plugins/sudoers/sudoers.h
@@ -0,0 +1,428 @@
+/*
+ * Copyright (c) 1993-1996, 1998-2005, 2007-2017
+ *	Todd C. Miller <Todd.Miller@sudo.ws>
+ *
+ * Permission to use, copy, modify, and distribute this software for any
+ * purpose with or without fee is hereby granted, provided that the above
+ * copyright notice and this permission notice appear in all copies.
+ *
+ * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
+ * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
+ * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
+ * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
+ * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
+ * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
+ * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
+ *
+ * Sponsored in part by the Defense Advanced Research Projects
+ * Agency (DARPA) and Air Force Research Laboratory, Air Force
+ * Materiel Command, USAF, under agreement number F39502-99-1-0512.
+ */
+
+#ifndef SUDOERS_SUDOERS_H
+#define SUDOERS_SUDOERS_H
+
+#include <limits.h>
+#ifdef HAVE_STDBOOL_H
+# include <stdbool.h>
+#else
+# include "compat/stdbool.h"
+#endif /* HAVE_STDBOOL_H */
+
+#define DEFAULT_TEXT_DOMAIN	"sudoers"
+#include "sudo_gettext.h"	/* must be included before sudo_compat.h */
+
+#include <pathnames.h>
+#include "sudo_compat.h"
+#include "sudo_fatal.h"
+#include "sudo_queue.h"
+#include "defaults.h"
+#include "logging.h"
+#include "parse.h"
+#include "sudo_nss.h"
+#include "sudo_plugin.h"
+#include "sudo_conf.h"
+#include "sudo_util.h"
+#include "sudoers_debug.h"
+
+/*
+ * Supplementary group IDs for a user.
+ */
+struct gid_list {
+    int ngids;
+    GETGROUPS_T *gids;
+};
+
+/*
+ * Supplementary group names for a user.
+ */
+struct group_list {
+    int ngroups;
+    char **groups;
+};
+
+/*
+ * Info pertaining to the invoking user.
+ */
+struct sudo_user {
+    struct passwd *pw;
+    struct passwd *_runas_pw;
+    struct group *_runas_gr;
+    struct stat *cmnd_stat;
+    char *name;
+    char *path;
+    char *tty;
+    char *ttypath;
+    char *host;
+    char *shost;
+    char *runhost;
+    char *srunhost;
+    char *prompt;
+    char *cmnd;
+    char *cmnd_args;
+    char *cmnd_base;
+    char *cmnd_safe;
+    char *class_name;
+    char *krb5_ccname;
+    struct gid_list *gid_list;
+    char * const * env_vars;
+#ifdef HAVE_SELINUX
+    char *role;
+    char *type;
+#endif
+#ifdef HAVE_PRIV_SET
+    char *privs;
+    char *limitprivs;
+#endif
+    const char *cwd;
+    char *iolog_file;
+    GETGROUPS_T *gids;
+    int   execfd;
+    int   ngids;
+    int   closefrom;
+    int   lines;
+    int   cols;
+    int   flags;
+    int   max_groups;
+    int   timeout;
+    mode_t umask;
+    uid_t uid;
+    uid_t gid;
+    pid_t sid;
+};
+
+/*
+ * sudo_get_gidlist() type values
+ */
+#define ENTRY_TYPE_ANY		0x00
+#define ENTRY_TYPE_QUERIED	0x01
+#define ENTRY_TYPE_FRONTEND	0x02
+
+/*
+ * sudo_user flag values
+ */
+#define RUNAS_USER_SPECIFIED	0x01
+#define RUNAS_GROUP_SPECIFIED	0x02
+
+/*
+ * Return values for sudoers_lookup(), also used as arguments for log_auth()
+ * Note: cannot use '0' as a value here.
+ */
+#define VALIDATE_ERROR		0x001
+#define VALIDATE_SUCCESS	0x002
+#define VALIDATE_FAILURE	0x004
+#define FLAG_CHECK_USER		0x010
+#define FLAG_NO_USER		0x020
+#define FLAG_NO_HOST		0x040
+#define FLAG_NO_CHECK		0x080
+#define FLAG_NON_INTERACTIVE	0x100
+#define FLAG_BAD_PASSWORD	0x200
+
+/*
+ * find_path()/set_cmnd() return values
+ */
+#define FOUND			0
+#define NOT_FOUND		1
+#define NOT_FOUND_DOT		2
+#define NOT_FOUND_ERROR		3
+#define NOT_FOUND_PATH		4
+
+/*
+ * Various modes sudo can be in (based on arguments) in hex
+ */
+#define MODE_RUN		0x00000001
+#define MODE_EDIT		0x00000002
+#define MODE_VALIDATE		0x00000004
+#define MODE_INVALIDATE		0x00000008
+#define MODE_KILL		0x00000010
+#define MODE_VERSION		0x00000020
+#define MODE_HELP		0x00000040
+#define MODE_LIST		0x00000080
+#define MODE_CHECK		0x00000100
+#define MODE_ERROR		0x00000200
+#define MODE_MASK		0x0000ffff
+
+/* Mode flags */
+#define MODE_BACKGROUND		0x00010000 /* XXX - unused */
+#define MODE_SHELL		0x00020000
+#define MODE_LOGIN_SHELL	0x00040000
+#define MODE_IMPLIED_SHELL	0x00080000
+#define MODE_RESET_HOME		0x00100000
+#define MODE_PRESERVE_GROUPS	0x00200000
+#define MODE_PRESERVE_ENV	0x00400000
+#define MODE_NONINTERACTIVE	0x00800000
+#define MODE_IGNORE_TICKET	0x01000000
+
+/*
+ * Used with set_perms()
+ */
+#define PERM_INITIAL		0x00
+#define PERM_ROOT		0x01
+#define PERM_USER		0x02
+#define PERM_FULL_USER		0x03
+#define PERM_SUDOERS		0x04
+#define PERM_RUNAS		0x05
+#define PERM_TIMESTAMP		0x06
+#define PERM_IOLOG		0x07
+
+/*
+ * Shortcuts for sudo_user contents.
+ */
+#define user_name		(sudo_user.name)
+#define user_uid		(sudo_user.uid)
+#define user_gid		(sudo_user.gid)
+#define user_sid		(sudo_user.sid)
+#define user_umask		(sudo_user.umask)
+#define user_passwd		(sudo_user.pw->pw_passwd)
+#define user_dir		(sudo_user.pw->pw_dir)
+#define user_gids		(sudo_user.gids)
+#define user_ngids		(sudo_user.ngids)
+#define user_gid_list		(sudo_user.gid_list)
+#define user_tty		(sudo_user.tty)
+#define user_ttypath		(sudo_user.ttypath)
+#define user_cwd		(sudo_user.cwd)
+#define user_cmnd		(sudo_user.cmnd)
+#define user_args		(sudo_user.cmnd_args)
+#define user_base		(sudo_user.cmnd_base)
+#define user_stat		(sudo_user.cmnd_stat)
+#define user_path		(sudo_user.path)
+#define user_prompt		(sudo_user.prompt)
+#define user_host		(sudo_user.host)
+#define user_shost		(sudo_user.shost)
+#define user_runhost		(sudo_user.runhost)
+#define user_srunhost		(sudo_user.srunhost)
+#define user_ccname		(sudo_user.krb5_ccname)
+#define safe_cmnd		(sudo_user.cmnd_safe)
+#define cmnd_fd			(sudo_user.execfd)
+#define login_class		(sudo_user.class_name)
+#define runas_pw		(sudo_user._runas_pw)
+#define runas_gr		(sudo_user._runas_gr)
+#define user_role		(sudo_user.role)
+#define user_type		(sudo_user.type)
+#define user_closefrom		(sudo_user.closefrom)
+#define	runas_privs		(sudo_user.privs)
+#define	runas_limitprivs	(sudo_user.limitprivs)
+#define user_timeout		(sudo_user.timeout)
+
+#ifdef __TANDEM
+# define ROOT_UID	65535
+#else
+# define ROOT_UID	0
+#endif
+#define ROOT_GID	0
+
+struct sudo_lbuf;
+struct passwd;
+struct stat;
+struct timespec;
+
+/*
+ * Function prototypes
+ */
+#define YY_DECL int sudoerslex(void)
+
+/* goodpath.c */
+bool sudo_goodpath(const char *path, struct stat *sbp);
+
+/* findpath.c */
+int find_path(const char *infile, char **outfile, struct stat *sbp,
+    const char *path, int ignore_dot, char * const *whitelist);
+
+/* check.c */
+int check_user(int validate, int mode);
+bool user_is_exempt(void);
+
+/* prompt.c */
+char *expand_prompt(const char *old_prompt, const char *auth_user);
+
+/* timestamp.c */
+int timestamp_remove(bool unlinkit);
+
+/* sudo_auth.c */
+bool sudo_auth_needs_end_session(void);
+int verify_user(struct passwd *pw, char *prompt, int validated, struct sudo_conv_callback *callback);
+int sudo_auth_begin_session(struct passwd *pw, char **user_env[]);
+int sudo_auth_end_session(struct passwd *pw);
+int sudo_auth_init(struct passwd *pw);
+int sudo_auth_approval(struct passwd *pw, int validated, bool exempt);
+int sudo_auth_cleanup(struct passwd *pw);
+
+/* set_perms.c */
+bool rewind_perms(void);
+bool set_perms(int);
+bool restore_perms(void);
+int pam_prep_user(struct passwd *);
+
+/* gram.y */
+int sudoersparse(void);
+extern char *login_style;
+extern char *errorfile;
+extern int errorlineno;
+extern bool parse_error;
+extern bool sudoers_warnings;
+
+/* toke.l */
+YY_DECL;
+extern FILE *sudoersin;
+extern const char *sudoers_file;
+extern char *sudoers;
+extern mode_t sudoers_mode;
+extern uid_t sudoers_uid;
+extern gid_t sudoers_gid;
+extern int sudolineno;
+extern int last_token;
+
+/* defaults.c */
+void dump_defaults(void);
+void dump_auth_methods(void);
+
+/* getspwuid.c */
+char *sudo_getepw(const struct passwd *);
+
+/* pwutil.c */
+typedef struct cache_item * (*sudo_make_pwitem_t)(uid_t uid, const char *user);
+typedef struct cache_item * (*sudo_make_gritem_t)(gid_t gid, const char *group);
+typedef struct cache_item * (*sudo_make_gidlist_item_t)(const struct passwd *pw, char * const *gids, unsigned int type);
+typedef struct cache_item * (*sudo_make_grlist_item_t)(const struct passwd *pw, char * const *groups);
+__dso_public struct group *sudo_getgrgid(gid_t);
+__dso_public struct group *sudo_getgrnam(const char *);
+__dso_public void sudo_gr_addref(struct group *);
+__dso_public void sudo_gr_delref(struct group *);
+bool user_in_group(const struct passwd *, const char *);
+struct group *sudo_fakegrnam(const char *);
+struct gid_list *sudo_get_gidlist(const struct passwd *pw, unsigned int type);
+struct group_list *sudo_get_grlist(const struct passwd *pw);
+struct passwd *sudo_fakepwnam(const char *, gid_t);
+struct passwd *sudo_mkpwent(const char *user, uid_t uid, gid_t gid, const char *home, const char *shell);
+struct passwd *sudo_getpwnam(const char *);
+struct passwd *sudo_getpwuid(uid_t);
+void sudo_endspent(void);
+void sudo_freegrcache(void);
+void sudo_freepwcache(void);
+void sudo_gidlist_addref(struct gid_list *);
+void sudo_gidlist_delref(struct gid_list *);
+void sudo_grlist_addref(struct group_list *);
+void sudo_grlist_delref(struct group_list *);
+void sudo_pw_addref(struct passwd *);
+void sudo_pw_delref(struct passwd *);
+int  sudo_set_gidlist(struct passwd *pw, char * const *gids, unsigned int type);
+int  sudo_set_grlist(struct passwd *pw, char * const *groups);
+void sudo_pwutil_set_backend(sudo_make_pwitem_t, sudo_make_gritem_t, sudo_make_gidlist_item_t, sudo_make_grlist_item_t);
+void sudo_setspent(void);
+
+/* timestr.c */
+char *get_timestr(time_t, int);
+
+/* boottime.c */
+bool get_boottime(struct timespec *);
+
+/* iolog.c */
+bool io_nextid(char *iolog_dir, char *iolog_dir_fallback, char sessid[7]);
+bool cb_maxseq(const union sudo_defs_val *sd_un);
+bool cb_iolog_user(const union sudo_defs_val *sd_un);
+bool cb_iolog_group(const union sudo_defs_val *sd_un);
+bool cb_iolog_mode(const union sudo_defs_val *sd_un);
+extern uid_t iolog_uid;
+extern gid_t iolog_gid;
+
+/* iolog_path.c */
+char *expand_iolog_path(const char *prefix, const char *dir, const char *file,
+    char **slashp);
+
+/* env.c */
+char **env_get(void);
+bool env_merge(char * const envp[]);
+bool env_swap_old(void);
+bool env_init(char * const envp[]);
+bool init_envtables(void);
+bool insert_env_vars(char * const envp[]);
+bool read_env_file(const char *path, bool overwrite, bool restricted);
+bool rebuild_env(void);
+bool validate_env_vars(char * const envp[]);
+int sudo_setenv(const char *var, const char *val, int overwrite);
+int sudo_unsetenv(const char *var);
+char *sudo_getenv(const char *name);
+int sudoers_hook_getenv(const char *name, char **value, void *closure);
+int sudoers_hook_putenv(char *string, void *closure);
+int sudoers_hook_setenv(const char *name, const char *value, int overwrite, void *closure);
+int sudoers_hook_unsetenv(const char *name, void *closure);
+
+/* env_pattern.c */
+bool matches_env_pattern(const char *pattern, const char *var, bool *full_match);
+
+/* sudoers.c */
+FILE *open_sudoers(const char *, bool, bool *);
+int sudoers_policy_init(void *info, char * const envp[]);
+int sudoers_policy_main(int argc, char * const argv[], int pwflag, char *env_add[], bool verbose, void *closure);
+void sudoers_cleanup(void);
+extern struct sudo_user sudo_user;
+extern struct passwd *list_pw;
+extern int sudo_mode;
+extern uid_t timestamp_uid;
+extern gid_t timestamp_gid;
+extern sudo_conv_t sudo_conv;
+extern sudo_printf_t sudo_printf;
+
+/* sudoers_debug.c */
+bool sudoers_debug_parse_flags(struct sudo_conf_debug_file_list *debug_files, const char *entry);
+bool sudoers_debug_register(const char *plugin_path, struct sudo_conf_debug_file_list *debug_files);
+void sudoers_debug_deregister(void);
+
+/* policy.c */
+int sudoers_policy_deserialize_info(void *v, char **runas_user, char **runas_group);
+int sudoers_policy_exec_setup(char *argv[], char *envp[], mode_t cmnd_umask, char *iolog_path, void *v);
+extern const char *path_ldap_conf;
+extern const char *path_ldap_secret;
+
+/* group_plugin.c */
+int group_plugin_load(char *plugin_info);
+void group_plugin_unload(void);
+int group_plugin_query(const char *user, const char *group,
+    const struct passwd *pwd);
+bool cb_group_plugin(const union sudo_defs_val *sd_un);
+extern const char *path_plugin_dir;
+
+/* editor.c */
+char *find_editor(int nfiles, char **files, int *argc_out, char ***argv_out,
+     char * const *whitelist, const char **env_editor, bool env_error);
+
+/* mkdir_parents.c */
+bool sudo_mkdir_parents(char *path, uid_t uid, gid_t gid, mode_t mode, bool quiet);
+
+/* gc.c */
+enum sudoers_gc_types {
+    GC_UNKNOWN,
+    GC_VECTOR,
+    GC_PTR
+};
+bool sudoers_gc_add(enum sudoers_gc_types type, void *ptr);
+bool sudoers_gc_remove(enum sudoers_gc_types type, void *ptr);
+void sudoers_gc_init(void);
+
+/* rcstr.c */
+char *rcstr_dup(const char *src);
+char *rcstr_alloc(size_t len);
+char *rcstr_addref(const char *s);
+void rcstr_delref(const char *s);
+
+#endif /* SUDOERS_SUDOERS_H */
diff --git a/plugins/sudoers/sudoers.in b/plugins/sudoers/sudoers.in
new file mode 100644
index 0000000..6216dfd
--- /dev/null
+++ b/plugins/sudoers/sudoers.in
@@ -0,0 +1,97 @@
+## sudoers file.
+##
+## This file MUST be edited with the 'visudo' command as root.
+## Failure to use 'visudo' may result in syntax or file permission errors
+## that prevent sudo from running.
+##
+## See the sudoers man page for the details on how to write a sudoers file.
+##
+
+##
+## Host alias specification
+##
+## Groups of machines. These may include host names (optionally with wildcards),
+## IP addresses, network numbers or netgroups.
+# Host_Alias	WEBSERVERS = www1, www2, www3
+
+##
+## User alias specification
+##
+## Groups of users.  These may consist of user names, uids, Unix groups,
+## or netgroups.
+# User_Alias	ADMINS = millert, dowdy, mikef
+
+##
+## Cmnd alias specification
+##
+## Groups of commands.  Often used to group related commands together.
+# Cmnd_Alias	PROCESSES = /usr/bin/nice, /bin/kill, /usr/bin/renice, \
+# 			    /usr/bin/pkill, /usr/bin/top
+# Cmnd_Alias	REBOOT = /sbin/halt, /sbin/reboot, /sbin/poweroff
+
+##
+## Defaults specification
+##
+## You may wish to keep some of the following environment variables
+## when running commands via sudo.
+##
+## Locale settings
+# Defaults env_keep += "LANG LANGUAGE LINGUAS LC_* _XKB_CHARSET"
+##
+## Run X applications through sudo; HOME is used to find the
+## .Xauthority file.  Note that other programs use HOME to find   
+## configuration files and this may lead to privilege escalation!
+# Defaults env_keep += "HOME"
+##
+## X11 resource path settings
+# Defaults env_keep += "XAPPLRESDIR XFILESEARCHPATH XUSERFILESEARCHPATH"
+##
+## Desktop path settings
+# Defaults env_keep += "QTDIR KDEDIR"
+##
+## Allow sudo-run commands to inherit the callers' ConsoleKit session
+# Defaults env_keep += "XDG_SESSION_COOKIE"
+##
+## Uncomment to enable special input methods.  Care should be taken as
+## this may allow users to subvert the command being run via sudo.
+# Defaults env_keep += "XMODIFIERS GTK_IM_MODULE QT_IM_MODULE QT_IM_SWITCHER"
+##
+## Uncomment to use a hard-coded PATH instead of the user's to find commands
+# Defaults secure_path="/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin"
+##
+## Uncomment to send mail if the user does not enter the correct password.
+# Defaults mail_badpass
+##
+## Uncomment to enable logging of a command's output, except for
+## sudoreplay and reboot.  Use sudoreplay to play back logged sessions.
+# Defaults log_output
+# Defaults!/usr/bin/sudoreplay !log_output
+# Defaults!/usr/local/bin/sudoreplay !log_output
+# Defaults!REBOOT !log_output
+
+##
+## Runas alias specification
+##
+
+##
+## User privilege specification
+##
+root ALL=(ALL) ALL
+
+## Uncomment to allow members of group wheel to execute any command
+# %wheel ALL=(ALL) ALL
+
+## Same thing without a password
+# %wheel ALL=(ALL) NOPASSWD: ALL
+
+## Uncomment to allow members of group sudo to execute any command
+# %sudo	ALL=(ALL) ALL
+
+## Uncomment to allow any user to run sudo if they know the password
+## of the user they are running the command as (root by default).
+# Defaults targetpw  # Ask for the password of the target user
+# ALL ALL=(ALL) ALL  # WARNING: only use this together with 'Defaults targetpw'
+
+## Read drop-in files from @sysconfdir@/sudoers.d
+## (the '#' here does not indicate a comment)
+#includedir @sysconfdir@/sudoers.d
diff --git a/plugins/sudoers/sudoers_debug.c b/plugins/sudoers/sudoers_debug.c
new file mode 100644
index 0000000..d09ec12
--- /dev/null
+++ b/plugins/sudoers/sudoers_debug.c
@@ -0,0 +1,162 @@
+/*
+ * Copyright (c) 2014-2015 Todd C. Miller <Todd.Miller@sudo.ws>
+ *
+ * Permission to use, copy, modify, and distribute this software for any
+ * purpose with or without fee is hereby granted, provided that the above
+ * copyright notice and this permission notice appear in all copies.
+ *
+ * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
+ * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
+ * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
+ * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
+ * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
+ * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
+ * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
+ */
+
+/*
+ * This is an open source non-commercial project. Dear PVS-Studio, please check it.
+ * PVS-Studio Static Code Analyzer for C, C++ and C#: http://www.viva64.com
+ */
+
+#include <config.h>
+
+#include <sys/types.h>
+#include <stdio.h>
+#include <stdlib.h>
+#ifdef HAVE_STDBOOL_H
+# include <stdbool.h>
+#else
+# include "compat/stdbool.h"
+#endif
+#ifdef HAVE_STRING_H
+# include <string.h>
+#endif /* HAVE_STRING_H */
+#ifdef HAVE_STRINGS_H
+# include <strings.h>
+#endif /* HAVE_STRINGS_H */
+#include <unistd.h>
+#include <ctype.h>
+
+#include "sudoers.h"
+
+static int sudoers_debug_instance = SUDO_DEBUG_INSTANCE_INITIALIZER;
+
+static const char *const sudoers_subsystem_names[] = {
+    "alias",
+    "audit",
+    "auth",
+    "defaults",
+    "env",
+    "event",
+    "ldap",
+    "logging",
+    "main",
+    "match",
+    "netif",
+    "nss",
+    "parser",
+    "perms",
+    "plugin",
+    "rbtree",
+    "sssd",
+    "util",
+    NULL
+};
+
+#define NUM_SUBSYSTEMS  (nitems(sudoers_subsystem_names) - 1)
+
+/* Subsystem IDs assigned at registration time. */
+unsigned int sudoers_subsystem_ids[NUM_SUBSYSTEMS];
+
+/*
+ * Parse the "filename flags,..." debug_flags entry and insert a new
+ * sudo_debug_file struct into debug_files.
+ */
+bool
+sudoers_debug_parse_flags(struct sudo_conf_debug_file_list *debug_files,
+    const char *entry)
+{
+    struct sudo_debug_file *debug_file;
+    const char *filename, *flags;
+    size_t namelen;
+
+    /* Already initialized? */
+    if (sudoers_debug_instance != SUDO_DEBUG_INSTANCE_INITIALIZER)
+	return true;
+
+    /* Only process new-style debug flags: filename flags,... */
+    filename = entry;
+    if (*filename != '/' || (flags = strpbrk(filename, " \t")) == NULL)
+	return true;
+    namelen = (size_t)(flags - filename);
+    while (isblank((unsigned char)*flags))
+	flags++;
+    if (*flags != '\0') {
+	if ((debug_file = calloc(1, sizeof(*debug_file))) == NULL)
+	    goto oom;
+	if ((debug_file->debug_file = strndup(filename, namelen)) == NULL)
+	    goto oom;
+	if ((debug_file->debug_flags = strdup(flags)) == NULL)
+	    goto oom;
+	TAILQ_INSERT_TAIL(debug_files, debug_file, entries);
+    }
+    return true;
+oom:
+    if (debug_file != NULL) {
+	free(debug_file->debug_file);
+	free(debug_file->debug_flags);
+	free(debug_file);
+    }
+    sudo_warnx_nodebug(U_("%s: %s"), "sudoers_debug_parse_flags",
+	U_("unable to allocate memory"));
+    return false;
+}
+
+/*
+ * Register the specified debug files and program with the
+ * debug subsystem, freeing the debug list when done.
+ * Sets the active debug instance as a side effect.
+ */
+bool
+sudoers_debug_register(const char *program,
+    struct sudo_conf_debug_file_list *debug_files)
+{
+    struct sudo_debug_file *debug_file, *debug_next;
+
+    /* Already initialized? */
+    if (sudoers_debug_instance != SUDO_DEBUG_INSTANCE_INITIALIZER) {
+	sudo_debug_set_active_instance(sudoers_debug_instance);
+    }
+
+    /* Setup debugging if indicated. */
+    if (debug_files != NULL && !TAILQ_EMPTY(debug_files)) {
+	if (program != NULL) {
+	    sudoers_debug_instance = sudo_debug_register(program,
+		sudoers_subsystem_names, sudoers_subsystem_ids, debug_files);
+	    if (sudoers_debug_instance == SUDO_DEBUG_INSTANCE_ERROR)
+		return false;
+	}
+	TAILQ_FOREACH_SAFE(debug_file, debug_files, entries, debug_next) {
+	    TAILQ_REMOVE(debug_files, debug_file, entries);
+	    free(debug_file->debug_file);
+	    free(debug_file->debug_flags);
+	    free(debug_file);
+	}
+    }
+    return true;
+}
+
+/*
+ * Deregister sudoers_debug_instance if it is registered.
+ */
+void
+sudoers_debug_deregister(void)
+{
+    debug_decl(sudoers_debug_deregister, SUDOERS_DEBUG_PLUGIN)
+    if (sudoers_debug_instance != SUDO_DEBUG_INSTANCE_INITIALIZER) {
+	sudo_debug_exit(__func__, __FILE__, __LINE__, sudo_debug_subsys);
+        sudo_debug_deregister(sudoers_debug_instance);
+	sudoers_debug_instance = SUDO_DEBUG_INSTANCE_INITIALIZER;
+    }
+}
diff --git a/plugins/sudoers/sudoers_debug.h b/plugins/sudoers/sudoers_debug.h
new file mode 100644
index 0000000..7a4df4e
--- /dev/null
+++ b/plugins/sudoers/sudoers_debug.h
@@ -0,0 +1,46 @@
+/*
+ * Copyright (c) 2014 Todd C. Miller <Todd.Miller@sudo.ws>
+ *
+ * Permission to use, copy, modify, and distribute this software for any
+ * purpose with or without fee is hereby granted, provided that the above
+ * copyright notice and this permission notice appear in all copies.
+ *
+ * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
+ * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
+ * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
+ * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
+ * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
+ * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
+ * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
+ */
+
+#ifndef SUDOERS_DEBUG_H
+#define SUDOERS_DEBUG_H
+
+#include "sudo_debug.h"
+
+/*
+ * Sudoers debug subsystems.
+ * Note that sudoers_subsystem_ids[] is filled in at debug registration time.
+ */
+extern unsigned int sudoers_subsystem_ids[];
+#define SUDOERS_DEBUG_ALIAS	(sudoers_subsystem_ids[ 0]) /* sudoers alias functions */
+#define SUDOERS_DEBUG_AUDIT	(sudoers_subsystem_ids[ 1]) /* audit */
+#define SUDOERS_DEBUG_AUTH	(sudoers_subsystem_ids[ 2]) /* authentication functions */
+#define SUDOERS_DEBUG_DEFAULTS	(sudoers_subsystem_ids[ 3]) /* sudoers defaults settings */
+#define SUDOERS_DEBUG_ENV	(sudoers_subsystem_ids[ 4]) /* environment handling */
+#define SUDOERS_DEBUG_EVENT	(sudoers_subsystem_ids[ 5]) /* event handling */
+#define SUDOERS_DEBUG_LDAP	(sudoers_subsystem_ids[ 6]) /* sudoers LDAP */
+#define SUDOERS_DEBUG_LOGGING	(sudoers_subsystem_ids[ 7]) /* logging functions */
+#define SUDOERS_DEBUG_MAIN	(sudoers_subsystem_ids[ 8]) /* main() */
+#define SUDOERS_DEBUG_MATCH	(sudoers_subsystem_ids[ 9]) /* sudoers matching */
+#define SUDOERS_DEBUG_NETIF	(sudoers_subsystem_ids[10]) /* network interface functions */
+#define SUDOERS_DEBUG_NSS	(sudoers_subsystem_ids[11]) /* network service switch */
+#define SUDOERS_DEBUG_PARSER	(sudoers_subsystem_ids[12]) /* sudoers parser */
+#define SUDOERS_DEBUG_PERMS	(sudoers_subsystem_ids[13]) /* uid/gid swapping functions */
+#define SUDOERS_DEBUG_PLUGIN	(sudoers_subsystem_ids[14]) /* main plugin functions */
+#define SUDOERS_DEBUG_RBTREE	(sudoers_subsystem_ids[15]) /* red-black tree functions */
+#define SUDOERS_DEBUG_SSSD	(sudoers_subsystem_ids[16]) /* sudoers SSSD */
+#define SUDOERS_DEBUG_UTIL	(sudoers_subsystem_ids[17]) /* utility functions */
+
+#endif /* SUDOERS_DEBUG_H */
diff --git a/plugins/sudoers/sudoers_version.h b/plugins/sudoers/sudoers_version.h
new file mode 100644
index 0000000..23bb706
--- /dev/null
+++ b/plugins/sudoers/sudoers_version.h
@@ -0,0 +1,75 @@
+/*
+ * Copyright (c) 2011-2013, 2015, 2017
+ *	Todd C. Miller <Todd.Miller@sudo.ws>
+ *
+ * Permission to use, copy, modify, and distribute this software for any
+ * purpose with or without fee is hereby granted, provided that the above
+ * copyright notice and this permission notice appear in all copies.
+ *
+ * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
+ * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
+ * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
+ * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
+ * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
+ * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
+ * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
+ */
+
+/*
+ * Major sudoers grammar changes are documented here.
+ * Note that minor changes such as added Defaults options are not listed here.
+ *
+ * 1	sudo 1.1
+ * 2	sudo 1.3, adds support specifying a directory instead of a command.
+ * 3	sudo 1.3.2, new parser, Aliases have to be upper case
+ * 4	sudo 1.3.2, adds User_Alias
+ * 5	sudo 1.3.4, netgroup support
+ * 6	sudo 1.3.5, support for escaping special chars
+ * 7	sudo 1.3.7, unix group support
+ * 8	sudo 1.4.1, wildcard support
+ * 9	sudo 1.4.2, double quote support in sudoers command line args
+ * 10	sudo 1.4.3, added NOPASSWD tag
+ * 11	sudo 1.4.3, added Runas_Spec
+ * 12	sudo 1.4.3, wildcards may be used in the pathname
+ * 13	sudo 1.4.3, command args of "" means no args allowed
+ * 14	sudo 1.4.4, '(' in command args no longer are a syntax error.
+ * 15	sudo 1.4.4, '!command' works in the presence of runas user or NOPASSWD.
+ * 16	sudo 1.4.4, all-caps user and host names are now handled properly.
+ * 17	sudo 1.5.0, usernames may now begin with a digit
+ * 18	sudo 1.5.3, adds Runas_Alias
+ * 19	sudo 1.5.7, %group may be used in a Runas_List
+ * 20	sudo 1.6.0, The runas user and NOPASSWD tags are now persistent across entries in a command list.  A PASSWD tag has been added to reverse NOPASSWD
+ * 21	sudo 1.6.0, The '!' operator can be used in a Runas_Spec or an *_Alias
+ * 22	sudo 1.6.0, a list of hosts may be used in a Host_Spec
+ * 23	sudo 1.6.0, a list of users may be used in a User_Spec
+ * 24	sudo 1.6.0, It is now possible to escape "special" characters in usernames, hostnames, etc with a backslash.
+ * 25	sudo 1.6.0, Added Defaults run-time settings in sudoers.
+ * 26	sudo 1.6.0, relaxed the regexp for matching user, host, group names.
+ * 27	sudo 1.6.1, #uid is now allowed in a Runas_Alias.
+ * 28	sudo 1.6.2, Wildcards are now allowed in hostnames.
+ * 29	sudo 1.6.3p7, escaped special characters may be included in pathnames.
+ * 30	sudo 1.6.8, added NOEXEC and EXEC tags.
+ * 31	sudo 1.6.9, added SETENV and NOSETENV tags.
+ * 32	sudo 1.6.9p4, support for IPv6 address matching.
+ * 33	sudo 1.7.0, #include support.
+ * 34	sudo 1.7.0, Runas_Group support.
+ * 35	sudo 1.7.0, uid may now be used anywhere a username is valid.
+ * 36	sudo 1.7.2, #includedir support.
+ * 37	sudo 1.7.4, per-command Defaults support.
+ * 38	sudo 1.7.4, added LOG_INPUT/LOG_OUTPUT and NOLOG_INPUT/NOLOG_OUTPUT tags
+ * 39	sudo 1.7.6/1.8.1, White space is now permitted within a User_List in a per-user Defaults definition.
+ * 40	sudo 1.7.6/1.8.1, A group ID is now allowed in a User_List or Runas_List.
+ * 41	sudo 1.7.6/1.8.4, Support for relative paths in #include and #includedir
+ * 42	sudo 1.8.6, Support for empty Runas_List (with or without a colon) to mean the invoking user.  Support for Solaris Privilege Sets (PRIVS= and LIMITPRIVS=).
+ * 43	sudo 1.8.7, Support for specifying a digest along with the command.
+ * 44	sudo 1.8.13, added MAIL/NOMAIL tags.
+ * 45	sudo 1.8.15, added FOLLOW/NOFOLLOW tags as well as sudoedit_follow and sudoedit_checkdir Defaults.
+ * 46	sudo 1.8.20, added TIMEOUT, NOTBEFORE and NOTAFTER options.
+ */
+
+#ifndef SUDOERS_VERSION_H
+#define	SUDOERS_VERSION_H
+
+#define SUDOERS_GRAMMAR_VERSION	46
+
+#endif /* SUDOERS_VERSION_H */
diff --git a/plugins/sudoers/sudoreplay.c b/plugins/sudoers/sudoreplay.c
new file mode 100644
index 0000000..a447cd0
--- /dev/null
+++ b/plugins/sudoers/sudoreplay.c
@@ -0,0 +1,1641 @@
+/*
+ * Copyright (c) 2009-2018 Todd C. Miller <Todd.Miller@sudo.ws>
+ *
+ * Permission to use, copy, modify, and distribute this software for any
+ * purpose with or without fee is hereby granted, provided that the above
+ * copyright notice and this permission notice appear in all copies.
+ *
+ * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
+ * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
+ * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
+ * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
+ * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
+ * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
+ * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
+ */
+
+/*
+ * This is an open source non-commercial project. Dear PVS-Studio, please check it.
+ * PVS-Studio Static Code Analyzer for C, C++ and C#: http://www.viva64.com
+ */
+
+#include <config.h>
+
+#include <sys/types.h>
+#include <sys/uio.h>
+#include <sys/stat.h>
+#include <sys/wait.h>
+#include <sys/ioctl.h>
+#include <stdio.h>
+#include <stdlib.h>
+#if defined(HAVE_STDINT_H)
+# include <stdint.h>
+#elif defined(HAVE_INTTYPES_H)
+# include <inttypes.h>
+#endif
+#ifdef HAVE_STRING_H
+# include <string.h>
+#endif /* HAVE_STRING_H */
+#ifdef HAVE_STRINGS_H
+# include <strings.h>
+#endif /* HAVE_STRINGS_H */
+#include <unistd.h>
+#include <time.h>
+#include <ctype.h>
+#include <errno.h>
+#include <limits.h>
+#include <fcntl.h>
+#include <dirent.h>
+#ifdef HAVE_STDBOOL_H
+# include <stdbool.h>
+#else
+# include "compat/stdbool.h"
+#endif /* HAVE_STDBOOL_H */
+#include <regex.h>
+#include <signal.h>
+#include <time.h>
+
+#include <pathnames.h>
+
+#include "sudo_gettext.h"	/* must be included before sudo_compat.h */
+
+#include "sudo_compat.h"
+#include "sudo_fatal.h"
+#include "logging.h"
+#include "iolog.h"
+#include "iolog_files.h"
+#include "sudo_queue.h"
+#include "sudo_plugin.h"
+#include "sudo_conf.h"
+#include "sudo_debug.h"
+#include "sudo_event.h"
+#include "sudo_util.h"
+
+#ifdef HAVE_GETOPT_LONG
+# include <getopt.h>
+# else
+# include "compat/getopt.h"
+#endif /* HAVE_GETOPT_LONG */
+
+struct replay_closure {
+    struct sudo_event_base *evbase;
+    struct sudo_event *delay_ev;
+    struct sudo_event *keyboard_ev;
+    struct sudo_event *output_ev;
+    struct sudo_event *sighup_ev;
+    struct sudo_event *sigint_ev;
+    struct sudo_event *sigquit_ev;
+    struct sudo_event *sigterm_ev;
+    struct sudo_event *sigtstp_ev;
+    struct timing_closure timing;
+    bool interactive;
+    bool suspend_wait;
+    struct io_buffer {
+	unsigned int len; /* buffer length (how much produced) */
+	unsigned int off; /* write position (how much already consumed) */
+	unsigned int toread; /* how much remains to be read */
+	int lastc;	  /* last char written */
+	char buf[64 * 1024];
+    } iobuf;
+};
+
+/*
+ * Handle expressions like:
+ * ( user millert or user root ) and tty console and command /bin/sh
+ */
+STAILQ_HEAD(search_node_list, search_node);
+struct search_node {
+    STAILQ_ENTRY(search_node) entries;
+#define ST_EXPR		1
+#define ST_TTY		2
+#define ST_USER		3
+#define ST_PATTERN	4
+#define ST_RUNASUSER	5
+#define ST_RUNASGROUP	6
+#define ST_FROMDATE	7
+#define ST_TODATE	8
+#define ST_CWD		9
+    char type;
+    bool negated;
+    bool or;
+    union {
+	regex_t cmdre;
+	time_t tstamp;
+	char *cwd;
+	char *tty;
+	char *user;
+	char *runas_group;
+	char *runas_user;
+	struct search_node_list expr;
+	void *ptr;
+    } u;
+};
+
+static struct search_node_list search_expr = STAILQ_HEAD_INITIALIZER(search_expr);
+
+static double speed_factor = 1.0;
+
+static const char *session_dir = _PATH_SUDO_IO_LOGDIR;
+
+static bool terminal_can_resize, terminal_was_resized;
+
+static int terminal_rows, terminal_cols;
+
+static int ttyfd = -1;
+
+static const char short_opts[] =  "d:f:hlm:nRSs:V";
+static struct option long_opts[] = {
+    { "directory",	required_argument,	NULL,	'd' },
+    { "filter",		required_argument,	NULL,	'f' },
+    { "help",		no_argument,		NULL,	'h' },
+    { "list",		no_argument,		NULL,	'l' },
+    { "max-wait",	required_argument,	NULL,	'm' },
+    { "non-interactive", no_argument,		NULL,	'n' },
+    { "no-resize",	no_argument,		NULL,	'R' },
+    { "suspend-wait",	no_argument,		NULL,	'S' },
+    { "speed",		required_argument,	NULL,	's' },
+    { "version",	no_argument,		NULL,	'V' },
+    { NULL,		no_argument,		NULL,	'\0' },
+};
+
+/* XXX move to separate header? (currently in sudoers.h) */
+extern char *get_timestr(time_t, int);
+extern time_t get_date(char *);
+
+static int list_sessions(int, char **, const char *, const char *, const char *);
+static int open_io_fd(char *path, int len, struct io_log_file *iol);
+static int parse_expr(struct search_node_list *, char **, bool);
+static void read_keyboard(int fd, int what, void *v);
+static void help(void) __attribute__((__noreturn__));
+static int replay_session(struct timespec *max_wait, const char *decimal, bool interactive, bool suspend_wait);
+static void sudoreplay_cleanup(void);
+static void usage(int);
+static void write_output(int fd, int what, void *v);
+static void restore_terminal_size(void);
+static void setup_terminal(struct log_info *li, bool interactive, bool resize);
+
+#define VALID_ID(s) (isalnum((unsigned char)(s)[0]) && \
+    isalnum((unsigned char)(s)[1]) && isalnum((unsigned char)(s)[2]) && \
+    isalnum((unsigned char)(s)[3]) && isalnum((unsigned char)(s)[4]) && \
+    isalnum((unsigned char)(s)[5]) && (s)[6] == '\0')
+
+#define IS_IDLOG(s) ( \
+    isalnum((unsigned char)(s)[0]) && isalnum((unsigned char)(s)[1]) && \
+    (s)[2] == '/' && \
+    isalnum((unsigned char)(s)[3]) && isalnum((unsigned char)(s)[4]) && \
+    (s)[5] == '/' && \
+    isalnum((unsigned char)(s)[6]) && isalnum((unsigned char)(s)[7]) && \
+    (s)[8] == '/' && (s)[9] == 'l' && (s)[10] == 'o' && (s)[11] == 'g' && \
+    (s)[12] == '\0')
+
+__dso_public int main(int argc, char *argv[]);
+
+int
+main(int argc, char *argv[])
+{
+    int ch, i, plen, exitcode = 0;
+    bool def_filter = true, listonly = false;
+    bool interactive = true, suspend_wait = false, resize = true;
+    const char *decimal, *id, *user = NULL, *pattern = NULL, *tty = NULL;
+    char *cp, *ep, path[PATH_MAX];
+    struct log_info *li;
+    struct timespec max_delay_storage, *max_delay = NULL;
+    double dval;
+    debug_decl(main, SUDO_DEBUG_MAIN)
+
+#if defined(SUDO_DEVEL) && defined(__OpenBSD__)
+    {
+	extern char *malloc_options;
+	malloc_options = "S";
+    }
+#endif
+
+    initprogname(argc > 0 ? argv[0] : "sudoreplay");
+    setlocale(LC_ALL, "");
+    decimal = localeconv()->decimal_point;
+    bindtextdomain("sudoers", LOCALEDIR); /* XXX - should have sudoreplay domain */
+    textdomain("sudoers");
+
+    /* Register fatal/fatalx callback. */
+    sudo_fatal_callback_register(sudoreplay_cleanup);
+
+    /* Read sudo.conf and initialize the debug subsystem. */
+    if (sudo_conf_read(NULL, SUDO_CONF_DEBUG) == -1)
+	exit(EXIT_FAILURE);
+    sudo_debug_register(getprogname(), NULL, NULL,
+	sudo_conf_debug_files(getprogname()));
+
+    while ((ch = getopt_long(argc, argv, short_opts, long_opts, NULL)) != -1) {
+	switch (ch) {
+	case 'd':
+	    session_dir = optarg;
+	    break;
+	case 'f':
+	    /* Set the replay filter. */
+	    def_filter = false;
+	    for (cp = strtok_r(optarg, ",", &ep); cp; cp = strtok_r(NULL, ",", &ep)) {
+		if (strcmp(cp, "stdin") == 0)
+		    io_log_files[IOFD_STDIN].enabled = true;
+		else if (strcmp(cp, "stdout") == 0)
+		    io_log_files[IOFD_STDOUT].enabled = true;
+		else if (strcmp(cp, "stderr") == 0)
+		    io_log_files[IOFD_STDERR].enabled = true;
+		else if (strcmp(cp, "ttyin") == 0)
+		    io_log_files[IOFD_TTYIN].enabled = true;
+		else if (strcmp(cp, "ttyout") == 0)
+		    io_log_files[IOFD_TTYOUT].enabled = true;
+		else
+		    sudo_fatalx(U_("invalid filter option: %s"), optarg);
+	    }
+	    break;
+	case 'h':
+	    help();
+	    /* NOTREACHED */
+	case 'l':
+	    listonly = true;
+	    break;
+	case 'm':
+	    errno = 0;
+	    dval = strtod(optarg, &ep);
+	    if (*ep != '\0' || errno != 0)
+		sudo_fatalx(U_("invalid max wait: %s"), optarg);
+	    if (dval <= 0.0) {
+		sudo_timespecclear(&max_delay_storage);
+	    } else {
+		max_delay_storage.tv_sec = dval;
+		max_delay_storage.tv_nsec =
+		    (dval - max_delay_storage.tv_sec) * 1000000000.0;
+	    }
+	    max_delay = &max_delay_storage;
+	    break;
+	case 'n':
+	    interactive = false;
+	    break;
+	case 'R':
+	    resize = false;
+	    break;
+	case 'S':
+	    suspend_wait = true;
+	    break;
+	case 's':
+	    errno = 0;
+	    speed_factor = strtod(optarg, &ep);
+	    if (*ep != '\0' || errno != 0)
+		sudo_fatalx(U_("invalid speed factor: %s"), optarg);
+	    break;
+	case 'V':
+	    (void) printf(_("%s version %s\n"), getprogname(), PACKAGE_VERSION);
+	    goto done;
+	default:
+	    usage(1);
+	    /* NOTREACHED */
+	}
+
+    }
+    argc -= optind;
+    argv += optind;
+
+    if (listonly) {
+	exitcode = list_sessions(argc, argv, pattern, user, tty);
+	goto done;
+    }
+
+    if (argc != 1)
+	usage(1);
+
+    /* By default we replay stdout, stderr and ttyout. */
+    if (def_filter) {
+	io_log_files[IOFD_STDOUT].enabled = true;
+	io_log_files[IOFD_STDERR].enabled = true;
+	io_log_files[IOFD_TTYOUT].enabled = true;
+    }
+
+    /* 6 digit ID in base 36, e.g. 01G712AB or free-form name */
+    id = argv[0];
+    if (VALID_ID(id)) {
+	plen = snprintf(path, sizeof(path), "%s/%.2s/%.2s/%.2s/timing",
+	    session_dir, id, &id[2], &id[4]);
+	if (plen <= 0 || (size_t)plen >= sizeof(path))
+	    sudo_fatalx(U_("%s/%.2s/%.2s/%.2s/timing: %s"), session_dir,
+		id, &id[2], &id[4], strerror(ENAMETOOLONG));
+    } else {
+	plen = snprintf(path, sizeof(path), "%s/%s/timing",
+	    session_dir, id);
+	if (plen <= 0 || (size_t)plen >= sizeof(path))
+	    sudo_fatalx(U_("%s/%s/timing: %s"), session_dir,
+		id, strerror(ENAMETOOLONG));
+    }
+    plen -= 7;
+
+    /* Open files for replay, applying replay filter for the -f flag. */
+    for (i = 0; i < IOFD_MAX; i++) {
+	if (open_io_fd(path, plen, &io_log_files[i]) == -1)
+	    sudo_fatal(U_("unable to open %s"), path);
+    }
+
+    /* Parse log file. */
+    path[plen] = '\0';
+    strlcat(path, "/log", sizeof(path));
+    if ((li = parse_logfile(path)) == NULL)
+	exit(1);
+    printf(_("Replaying sudo session: %s"), li->cmd);
+
+    /* Setup terminal if appropriate. */
+    if (!isatty(STDIN_FILENO) || !isatty(STDOUT_FILENO))
+	interactive = false;
+    setup_terminal(li, interactive, resize);
+    putchar('\r');
+    putchar('\n');
+
+    /* Done with parsed log file. */
+    free_log_info(li);
+    li = NULL;
+
+    /* Replay session corresponding to io_log_files[]. */
+    exitcode = replay_session(max_delay, decimal, interactive, suspend_wait);
+
+    restore_terminal_size();
+    sudo_term_restore(ttyfd, true);
+done:
+    sudo_debug_exit_int(__func__, __FILE__, __LINE__, sudo_debug_subsys, exitcode);
+    exit(exitcode);
+}
+
+/*
+ * Call gzread() or fread() for the I/O log file in question.
+ * Return 0 for EOF or -1 on error.
+ */
+static ssize_t
+io_log_read(union io_fd ifd, char *buf, size_t nbytes)
+{
+    ssize_t nread;
+    debug_decl(io_log_read, SUDO_DEBUG_UTIL)
+
+    if (nbytes > INT_MAX) {
+	errno = EINVAL;
+	debug_return_ssize_t(-1);
+    }
+#ifdef HAVE_ZLIB_H
+    nread = gzread(ifd.g, buf, nbytes);
+#else
+    nread = (ssize_t)fread(buf, 1, nbytes, ifd.f);
+    if (nread == 0 && ferror(ifd.f))
+	nread = -1;
+#endif
+    debug_return_ssize_t(nread);
+}
+
+static int
+io_log_eof(union io_fd ifd)
+{
+    int ret;
+    debug_decl(io_log_eof, SUDO_DEBUG_UTIL)
+
+#ifdef HAVE_ZLIB_H
+    ret = gzeof(ifd.g);
+#else
+    ret = feof(ifd.f);
+#endif
+    debug_return_int(ret);
+}
+
+static char *
+io_log_gets(union io_fd ifd, char *buf, size_t nbytes)
+{
+    char *str;
+    debug_decl(io_log_gets, SUDO_DEBUG_UTIL)
+
+#ifdef HAVE_ZLIB_H
+    str = gzgets(ifd.g, buf, nbytes);
+#else
+    str = fgets(buf, nbytes, ifd.f);
+#endif
+    debug_return_str(str);
+}
+
+/*
+ * List of terminals that support xterm-like resizing.
+ * This is not an exhaustive list.
+ * For a list of VT100 style escape codes, see:
+ *  http://invisible-island.net/xterm/ctlseqs/ctlseqs.html#VT100%20Mode
+ */
+struct term_names {
+    const char *name;
+    unsigned int len;
+} compatible_terms[] = {
+    { "Eterm", 5 },
+    { "aterm", 5 },
+    { "dtterm", 6 },
+    { "gnome", 5 },
+    { "konsole", 7 },
+    { "kvt\0", 4 },
+    { "mlterm", 6 },
+    { "rxvt", 4 },
+    { "xterm", 5 },
+    { NULL, 0 }
+};
+
+struct getsize_closure {
+    int nums[2];
+    int nums_depth;
+    int nums_maxdepth;
+    int state;
+    const char *cp;
+    struct sudo_event *ev;
+    struct timespec timeout;
+};
+
+/* getsize states */
+#define INITIAL		0x00
+#define NEW_NUMBER	0x01
+#define NUMBER		0x02
+#define GOTSIZE		0x04
+#define READCHAR	0x10
+
+/*
+ * Callback for reading the terminal size response.
+ * We use an event for this to support timeouts.
+ */
+static void
+getsize_cb(int fd, int what, void *v)
+{
+    struct getsize_closure *gc = v;
+    unsigned char ch = '\0';
+    debug_decl(getsize_cb, SUDO_DEBUG_UTIL)
+
+    for (;;) {
+	if (gc->cp[0] == '\0') {
+	    gc->state = GOTSIZE;
+	    goto done;
+	}
+	if (ISSET(gc->state, READCHAR)) {
+	    ssize_t nread = read(ttyfd, &ch, 1);
+	    switch (nread) {
+	    case -1:
+		if (errno == EAGAIN)
+		    goto another;
+		/* FALLTHROUGH */
+	    case 0:
+		goto done;
+	    default:
+		CLR(gc->state, READCHAR);
+		break;
+	    }
+	}
+	switch (gc->state) {
+	case INITIAL:
+	    if (ch == 0233 && gc->cp[0] == '\033') {
+		/* meta escape, equivalent to ESC[ */
+		ch = '[';
+		gc->cp++;
+	    }
+	    if (gc->cp[0] == '%' && gc->cp[1] == 'd') {
+		gc->state = NEW_NUMBER;
+		continue;
+	    }
+	    if (gc->cp[0] != ch) {
+		sudo_debug_printf(SUDO_DEBUG_WARN|SUDO_DEBUG_LINENO,
+		    "got %d, expected %d", ch, gc->cp[0]);
+		goto done;
+	    }
+	    sudo_debug_printf(SUDO_DEBUG_DEBUG|SUDO_DEBUG_LINENO,
+		"got %d", ch);
+	    SET(gc->state, READCHAR);
+	    gc->cp++;
+	    break;
+	case NEW_NUMBER:
+	    sudo_debug_printf(SUDO_DEBUG_DEBUG|SUDO_DEBUG_LINENO,
+		"parsing number");
+	    if (!isdigit(ch))
+		goto done;
+	    gc->cp += 2;
+	    if (gc->nums_depth > gc->nums_maxdepth)
+		goto done;
+	    gc->nums[gc->nums_depth] = 0;
+	    gc->state = NUMBER;
+	    /* FALLTHROUGH */
+	case NUMBER:
+	    if (!isdigit(ch)) {
+		/* done with number, reparse ch */
+		sudo_debug_printf(SUDO_DEBUG_DEBUG|SUDO_DEBUG_LINENO,
+		    "number %d (ch %d)", gc->nums[gc->nums_depth], ch);
+		gc->nums_depth++;
+		gc->state = INITIAL;
+		continue;
+	    }
+	    sudo_debug_printf(SUDO_DEBUG_DEBUG|SUDO_DEBUG_LINENO,
+		"got %d", ch);
+	    if (gc->nums[gc->nums_depth] > INT_MAX / 10)
+		goto done;
+	    gc->nums[gc->nums_depth] *= 10;
+	    gc->nums[gc->nums_depth] += (ch - '0');
+	    SET(gc->state, READCHAR);
+	    break;
+	}
+    }
+
+another:
+    if (sudo_ev_add(NULL, gc->ev, &gc->timeout, false) == -1)
+	sudo_fatal(U_("unable to add event to queue"));
+done:
+    debug_return;
+}
+
+
+/*
+ * Get the terminal size using vt100 terminal escapes.
+ */
+static bool
+xterm_get_size(int *new_rows, int *new_cols)
+{
+    struct sudo_event_base *evbase;
+    struct getsize_closure gc;
+    const char getsize_request[] = "\0337\033[r\033[999;999H\033[6n";
+    const char getsize_response[] = "\033[%d;%dR";
+    bool ret = false;
+    debug_decl(xterm_get_size, SUDO_DEBUG_UTIL)
+
+    /* request the terminal's size */
+    if (write(ttyfd, getsize_request, strlen(getsize_request)) == -1) {
+	sudo_debug_printf(SUDO_DEBUG_ERROR|SUDO_DEBUG_LINENO|SUDO_DEBUG_ERRNO,
+	    "%s: error writing xterm size request", __func__);
+	goto done;
+    }
+
+    /*
+     * Callback info for reading back the size with a 10 second timeout.
+     * We expect two numbers (rows and cols).
+     */
+    gc.state = INITIAL|READCHAR;
+    gc.nums_depth = 0;
+    gc.nums_maxdepth = 1;
+    gc.cp = getsize_response;
+    gc.timeout.tv_sec = 10;
+    gc.timeout.tv_nsec = 0;
+
+    /* Setup an event for reading the terminal size */
+    evbase = sudo_ev_base_alloc();
+    if (evbase == NULL)
+	sudo_fatalx(U_("%s: %s"), __func__, U_("unable to allocate memory"));
+    gc.ev = sudo_ev_alloc(ttyfd, SUDO_EV_READ, getsize_cb, &gc);
+    if (gc.ev == NULL)
+	sudo_fatalx(U_("%s: %s"), __func__, U_("unable to allocate memory"));
+
+    /* Read back terminal size response */
+    if (sudo_ev_add(evbase, gc.ev, &gc.timeout, false) == -1)
+	sudo_fatal(U_("unable to add event to queue"));
+    sudo_ev_dispatch(evbase);
+
+    if (gc.state == GOTSIZE) {
+	sudo_debug_printf(SUDO_DEBUG_INFO|SUDO_DEBUG_LINENO,
+	    "terminal size %d x %x", gc.nums[0], gc.nums[1]);
+	*new_rows = gc.nums[0];
+	*new_cols = gc.nums[1];
+	ret = true;
+    }
+
+    sudo_ev_base_free(evbase);
+    sudo_ev_free(gc.ev);
+
+done:
+    debug_return_bool(ret);
+}
+
+/*
+ * Set the size of the text area to rows and cols.
+ * Depending on the terminal implementation, the window itself may
+ * or may not shrink to a smaller size.
+ */
+static bool
+xterm_set_size(int rows, int cols)
+{
+    const char setsize_fmt[] = "\033[8;%d;%dt";
+    int len, new_rows, new_cols;
+    bool ret = false;
+    char buf[1024];
+    debug_decl(xterm_set_size, SUDO_DEBUG_UTIL)
+
+    /* XXX - save cursor and position restore after resizing */
+    len = snprintf(buf, sizeof(buf), setsize_fmt, rows, cols);
+    if (len < 0 || len >= (int)sizeof(buf)) {
+	/* not possible due to size of buf */
+	sudo_debug_printf(SUDO_DEBUG_ERROR|SUDO_DEBUG_LINENO,
+	    "%s: internal error, buffer too small?", __func__);
+	goto done;
+    }
+    if (write(ttyfd, buf, strlen(buf)) == -1) {
+	sudo_debug_printf(SUDO_DEBUG_ERROR|SUDO_DEBUG_LINENO|SUDO_DEBUG_ERRNO,
+	    "%s: error writing xterm resize request", __func__);
+	goto done;
+    }
+    /* XXX - keyboard input will interfere with this */
+    if (!xterm_get_size(&new_rows, &new_cols))
+	goto done;
+    if (rows == new_rows && cols == new_cols)
+	ret = true;
+
+done:
+    debug_return_bool(ret);
+}
+
+static void
+setup_terminal(struct log_info *li, bool interactive, bool resize)
+{
+    const char *term;
+    debug_decl(check_terminal, SUDO_DEBUG_UTIL)
+
+    fflush(stdout);
+
+    /* Open fd for /dev/tty and set to raw mode. */
+    if (interactive) {
+	ttyfd = open(_PATH_TTY, O_RDWR);
+	while (!sudo_term_raw(ttyfd, 1)) {
+	    if (errno != EINTR)
+		sudo_fatal(U_("unable to set tty to raw mode"));
+	    kill(getpid(), SIGTTOU);
+	}
+    }
+
+    /* Find terminal size if the session has size info. */
+    if (li->rows == 0 && li->cols == 0) {
+	/* no tty size info, hope for the best... */
+	debug_return;
+    }
+
+    if (resize && ttyfd != -1) {
+	term = getenv("TERM");
+	if (term != NULL && *term != '\0') {
+	    struct term_names *tn;
+
+	    for (tn = compatible_terms; tn->name != NULL; tn++) {
+		if (strncmp(term, tn->name, tn->len) == 0) {
+		    /* xterm-like terminals can resize themselves. */
+		    if (xterm_get_size(&terminal_rows, &terminal_cols))
+			terminal_can_resize = true;
+		    break;
+		}
+	    }
+	}
+    }
+
+    if (!terminal_can_resize) {
+	/* either not xterm or not interactive */
+	sudo_get_ttysize(&terminal_rows, &terminal_cols);
+    }
+
+    if (li->rows == terminal_rows && li->cols == terminal_cols) {
+	/* nothing to change */
+	debug_return;
+    }
+
+    if (terminal_can_resize) {
+	/* session terminal size is different, try to resize ours */
+	if (xterm_set_size(li->rows, li->cols)) {
+	    /* success */
+	    sudo_debug_printf(SUDO_DEBUG_INFO|SUDO_DEBUG_LINENO,
+		"resized terminal to %d x %x", li->rows, li->cols);
+	    terminal_was_resized = true;
+	    debug_return;
+	}
+	/* resize failed, don't try again */
+	terminal_can_resize = false;
+    }
+
+    if (li->rows > terminal_rows || li->cols > terminal_cols) {
+	printf(_("Warning: your terminal is too small to properly replay the log.\n"));
+	printf(_("Log geometry is %d x %d, your terminal's geometry is %d x %d."), li->rows, li->cols, terminal_rows, terminal_cols);
+    }
+    debug_return;
+}
+
+static void
+resize_terminal(int rows, int cols)
+{
+    debug_decl(resize_terminal, SUDO_DEBUG_UTIL)
+
+    if (terminal_can_resize) {
+	if (xterm_set_size(rows, cols))
+	    terminal_was_resized = true;
+	else
+	    terminal_can_resize = false;
+    }
+
+    debug_return;
+}
+
+static void
+restore_terminal_size(void)
+{
+    debug_decl(restore_terminal, SUDO_DEBUG_UTIL)
+
+    if (terminal_was_resized) {
+	/* We are still in raw mode, hence the carriage return. */
+	putchar('\r');
+	printf(U_("Replay finished, press any key to restore the terminal."));
+	fflush(stdout);
+	(void)getchar();
+	xterm_set_size(terminal_rows, terminal_cols);
+	putchar('\r');
+	putchar('\n');
+    }
+
+    debug_return;
+}
+
+/*
+ * Read the next record from the timing file and schedule a delay
+ * event with the specified timeout.
+ * Return 0 on success, 1 on EOF and -1 on error.
+ */
+static int
+read_timing_record(struct replay_closure *closure)
+{
+    struct timespec timeout;
+    char buf[LINE_MAX];
+    debug_decl(read_timing_record, SUDO_DEBUG_UTIL)
+
+    /* Read next record from timing file. */
+    if (io_log_gets(io_log_files[IOFD_TIMING].fd, buf, sizeof(buf)) == NULL) {
+	/* EOF or error reading timing file, we are done. */
+	debug_return_int(io_log_eof(io_log_files[IOFD_TIMING].fd) ? 1 : -1);
+    }
+
+    /* Parse timing file record. */
+    buf[strcspn(buf, "\n")] = '\0';
+    if (!parse_timing(buf, &timeout, &closure->timing))
+	sudo_fatalx(U_("invalid timing file line: %s"), buf);
+
+    /* Record number bytes to read. */
+    /* XXX - remove timing->nbytes? */
+    if (closure->timing.event != IO_EVENT_WINSIZE &&
+	closure->timing.event != IO_EVENT_SUSPEND) {
+    	closure->iobuf.len = 0;
+    	closure->iobuf.off = 0;
+    	closure->iobuf.lastc = '\0';
+    	closure->iobuf.toread = closure->timing.u.nbytes;
+    }
+
+    /* Adjust delay using speed factor and max_delay. */
+    adjust_delay(&timeout, closure->timing.max_delay, speed_factor);
+
+    /* Schedule the delay event. */
+    if (sudo_ev_add(closure->evbase, closure->delay_ev, &timeout, false) == -1)
+	sudo_fatal(U_("unable to add event to queue"));
+
+    debug_return_int(0);
+}
+
+/*
+ * Read next timing record.
+ * Exits the event loop on EOF, breaks out on error.
+ */
+static void
+next_timing_record(struct replay_closure *closure)
+{
+    debug_decl(next_timing_record, SUDO_DEBUG_UTIL)
+
+again:
+    switch (read_timing_record(closure)) {
+    case 0:
+	/* success */
+	if (closure->timing.event == IO_EVENT_SUSPEND &&
+	    closure->timing.u.signo == SIGCONT && !closure->suspend_wait) {
+	    /* Ignore time spent suspended. */
+	    goto again;
+	}
+	break;
+    case 1:
+	/* EOF */
+	sudo_ev_loopexit(closure->evbase);
+	break;
+    default:
+	/* error */
+	sudo_ev_loopbreak(closure->evbase);
+	break;
+    }
+    debug_return;
+}
+
+static bool
+fill_iobuf(struct replay_closure *closure)
+{
+    const size_t space = sizeof(closure->iobuf.buf) - closure->iobuf.len;
+    const struct timing_closure *timing = &closure->timing;
+    debug_decl(fill_iobuf, SUDO_DEBUG_UTIL)
+
+    if (closure->iobuf.toread != 0 && space != 0) {
+	const size_t len =
+	    closure->iobuf.toread < space ? closure->iobuf.toread : space;
+	ssize_t nread = io_log_read(timing->fd,
+	    closure->iobuf.buf + closure->iobuf.off, len);
+	if (nread <= 0) {
+	    if (nread == 0) {
+		sudo_debug_printf(SUDO_DEBUG_ERROR|SUDO_DEBUG_LINENO,
+		    "%s: premature EOF, expected %u bytes",
+		    io_log_files[timing->event].suffix, closure->iobuf.toread);
+	    } else {
+		sudo_debug_printf(SUDO_DEBUG_ERROR|SUDO_DEBUG_ERRNO|SUDO_DEBUG_LINENO,
+		    "%s: read error", io_log_files[timing->event].suffix);
+	    }
+	    sudo_warnx(U_("unable to read %s"),
+		io_log_files[timing->event].suffix);
+	    debug_return_bool(false);
+	}
+	closure->iobuf.toread -= nread;
+	closure->iobuf.len += nread;
+    }
+
+    debug_return_bool(true);
+}
+
+/*
+ * Called when the inter-record delay has expired.
+ * Depending on the record type, either reads the next
+ * record or changes window size.
+ */
+static void
+delay_cb(int fd, int what, void *v)
+{
+    struct replay_closure *closure = v;
+    struct timing_closure *timing = &closure->timing;
+    debug_decl(delay_cb, SUDO_DEBUG_UTIL)
+
+    switch (timing->event) {
+    case IO_EVENT_WINSIZE:
+	resize_terminal(timing->u.winsize.rows, timing->u.winsize.cols);
+	break;
+    case IO_EVENT_STDIN:
+	if (io_log_files[IOFD_STDIN].enabled)
+	    timing->fd = io_log_files[IOFD_STDIN].fd;
+	break;
+    case IO_EVENT_STDOUT:
+	if (io_log_files[IOFD_STDOUT].enabled)
+	    timing->fd = io_log_files[IOFD_STDOUT].fd;
+	break;
+    case IO_EVENT_STDERR:
+	if (io_log_files[IOFD_STDERR].enabled)
+	    timing->fd = io_log_files[IOFD_STDERR].fd;
+	break;
+    case IO_EVENT_TTYIN:
+	if (io_log_files[IOFD_TTYIN].enabled)
+	    timing->fd = io_log_files[IOFD_TTYIN].fd;
+	break;
+    case IO_EVENT_TTYOUT:
+	if (io_log_files[IOFD_TTYOUT].enabled)
+	    timing->fd = io_log_files[IOFD_TTYOUT].fd;
+	break;
+    }
+
+    if (timing->fd.v != NULL) {
+	/* If the stream is open, enable the write event. */
+	if (sudo_ev_add(closure->evbase, closure->output_ev, NULL, false) == -1)
+	    sudo_fatal(U_("unable to add event to queue"));
+    } else {
+	/* Not replaying, get the next timing record and continue. */
+	next_timing_record(closure);
+    }
+
+    debug_return;
+}
+
+static void
+replay_closure_free(struct replay_closure *closure)
+{
+    /*
+     * Free events and event base, then the closure itself.
+     */
+    sudo_ev_free(closure->delay_ev);
+    sudo_ev_free(closure->keyboard_ev);
+    sudo_ev_free(closure->output_ev);
+    sudo_ev_free(closure->sighup_ev);
+    sudo_ev_free(closure->sigint_ev);
+    sudo_ev_free(closure->sigquit_ev);
+    sudo_ev_free(closure->sigterm_ev);
+    sudo_ev_free(closure->sigtstp_ev);
+    sudo_ev_base_free(closure->evbase);
+    free(closure);
+}
+
+static void
+signal_cb(int signo, int what, void *v)
+{
+    struct replay_closure *closure = v;
+    debug_decl(signal_cb, SUDO_DEBUG_UTIL)
+
+    switch (signo) {
+    case SIGHUP:
+    case SIGINT:
+    case SIGQUIT:
+    case SIGTERM:
+	/* Free the event base and restore signal handlers. */
+	replay_closure_free(closure);
+
+	/* Restore the terminal and die. */
+	sudoreplay_cleanup();
+	kill(getpid(), signo);
+	break;
+    case SIGTSTP:
+	/* Ignore ^Z since we have no way to restore the screen. */
+	break;
+    }
+
+    debug_return;
+}
+
+static struct replay_closure *
+replay_closure_alloc(struct timespec *max_delay, const char *decimal,
+    bool interactive, bool suspend_wait)
+{
+    struct replay_closure *closure;
+    debug_decl(replay_closure_alloc, SUDO_DEBUG_UTIL)
+
+    if ((closure = calloc(1, sizeof(*closure))) == NULL)
+	debug_return_ptr(NULL);
+
+    closure->interactive = interactive;
+    closure->suspend_wait = suspend_wait;
+    closure->timing.max_delay = max_delay;
+    closure->timing.decimal = decimal;
+
+    /*
+     * Setup event base and delay, input and output events.
+     * If interactive, take input from and write to /dev/tty.
+     * If not interactive there is no input event.
+     */
+    closure->evbase = sudo_ev_base_alloc();
+    if (closure->evbase == NULL)
+	goto bad;
+    closure->delay_ev = sudo_ev_alloc(-1, SUDO_EV_TIMEOUT, delay_cb, closure);
+    if (closure->delay_ev == NULL)
+        goto bad;
+    if (interactive) {
+	closure->keyboard_ev = sudo_ev_alloc(ttyfd, SUDO_EV_READ|SUDO_EV_PERSIST,
+	    read_keyboard, closure);
+	if (closure->keyboard_ev == NULL)
+	    goto bad;
+	if (sudo_ev_add(closure->evbase, closure->keyboard_ev, NULL, false) == -1)
+	    sudo_fatal(U_("unable to add event to queue"));
+    }
+    closure->output_ev = sudo_ev_alloc(interactive ? ttyfd : STDOUT_FILENO,
+	SUDO_EV_WRITE, write_output, closure);
+    if (closure->output_ev == NULL)
+        goto bad;
+
+    /*
+     * Setup signal events, we need to restore the terminal if killed.
+     */
+    closure->sighup_ev = sudo_ev_alloc(SIGHUP, SUDO_EV_SIGNAL, signal_cb,
+	closure);
+    if (closure->sighup_ev == NULL)
+	goto bad;
+    if (sudo_ev_add(closure->evbase, closure->sighup_ev, NULL, false) == -1)
+	sudo_fatal(U_("unable to add event to queue"));
+
+    closure->sigint_ev = sudo_ev_alloc(SIGINT, SUDO_EV_SIGNAL, signal_cb,
+	closure);
+    if (closure->sigint_ev == NULL)
+	goto bad;
+    if (sudo_ev_add(closure->evbase, closure->sigint_ev, NULL, false) == -1)
+	sudo_fatal(U_("unable to add event to queue"));
+
+    closure->sigquit_ev = sudo_ev_alloc(SIGQUIT, SUDO_EV_SIGNAL, signal_cb,
+	closure);
+    if (closure->sigquit_ev == NULL)
+	goto bad;
+    if (sudo_ev_add(closure->evbase, closure->sigquit_ev, NULL, false) == -1)
+	sudo_fatal(U_("unable to add event to queue"));
+
+    closure->sigterm_ev = sudo_ev_alloc(SIGTERM, SUDO_EV_SIGNAL, signal_cb,
+	closure);
+    if (closure->sigterm_ev == NULL)
+	goto bad;
+    if (sudo_ev_add(closure->evbase, closure->sigterm_ev, NULL, false) == -1)
+	sudo_fatal(U_("unable to add event to queue"));
+
+    closure->sigtstp_ev = sudo_ev_alloc(SIGTSTP, SUDO_EV_SIGNAL, signal_cb,
+	closure);
+    if (closure->sigtstp_ev == NULL)
+	goto bad;
+    if (sudo_ev_add(closure->evbase, closure->sigtstp_ev, NULL, false) == -1)
+	sudo_fatal(U_("unable to add event to queue"));
+
+    debug_return_ptr(closure);
+bad:
+    replay_closure_free(closure);
+    debug_return_ptr(NULL);
+}
+
+static int
+replay_session(struct timespec *max_delay, const char *decimal,
+    bool interactive, bool suspend_wait)
+{
+    struct replay_closure *closure;
+    int ret = 0;
+    debug_decl(replay_session, SUDO_DEBUG_UTIL)
+
+    /* Allocate the delay closure and read the first timing record. */
+    closure = replay_closure_alloc(max_delay, decimal, interactive,
+	suspend_wait);
+    if (read_timing_record(closure) != 0) {
+	ret = 1;
+	goto done;
+    }
+
+    /* Run event loop. */
+    sudo_ev_dispatch(closure->evbase);
+    if (sudo_ev_got_break(closure->evbase))
+	ret = 1;
+
+done:
+    /* Clean up and return. */
+    replay_closure_free(closure);
+    debug_return_int(ret);
+}
+
+static int
+open_io_fd(char *path, int len, struct io_log_file *iol)
+{
+    debug_decl(open_io_fd, SUDO_DEBUG_UTIL)
+
+    if (!iol->enabled)
+	debug_return_int(0);
+
+    path[len] = '\0';
+    strlcat(path, iol->suffix, PATH_MAX);
+#ifdef HAVE_ZLIB_H
+    iol->fd.g = gzopen(path, "r");
+#else
+    iol->fd.f = fopen(path, "r");
+#endif
+    if (iol->fd.v == NULL) {
+	iol->enabled = false;
+	debug_return_int(-1);
+    }
+    debug_return_int(0);
+}
+
+/*
+ * Write the I/O buffer.
+ */
+static void
+write_output(int fd, int what, void *v)
+{
+    struct replay_closure *closure = v;
+    const struct timing_closure *timing = &closure->timing;
+    struct io_buffer *iobuf = &closure->iobuf;
+    unsigned iovcnt = 1;
+    struct iovec iov[2];
+    bool added_cr = false;
+    size_t nbytes, nwritten;
+    debug_decl(write_output, SUDO_DEBUG_UTIL)
+
+    /* Refill iobuf if there is more to read and buf is empty. */
+    if (!fill_iobuf(closure)) {
+	sudo_ev_loopbreak(closure->evbase);
+	debug_return;
+    }
+
+    nbytes = iobuf->len - iobuf->off;
+    iov[0].iov_base = iobuf->buf + iobuf->off;
+    iov[0].iov_len = nbytes;
+
+    if (closure->interactive &&
+	(timing->event == IO_EVENT_STDOUT || timing->event == IO_EVENT_STDERR)) {
+	char *nl;
+
+	/*
+	 * We may need to insert a carriage return before the newline.
+	 * Note that the carriage return may have already been written.
+	 */
+	nl = memchr(iov[0].iov_base, '\n', iov[0].iov_len);
+	if (nl != NULL) {
+	    size_t len = (size_t)(nl - (char *)iov[0].iov_base);
+	    if ((nl == iov[0].iov_base && iobuf->lastc != '\r') ||
+		(nl != iov[0].iov_base && nl[-1] != '\r')) {
+		iov[0].iov_len = len;
+		iov[1].iov_base = "\r\n";
+		iov[1].iov_len = 2;
+		iovcnt = 2;
+		nbytes = iov[0].iov_len + iov[1].iov_len;
+		added_cr = true;
+	    }
+	}
+    }
+
+    nwritten = writev(fd, iov, iovcnt);
+    switch ((ssize_t)nwritten) {
+    case -1:
+	if (errno != EINTR && errno != EAGAIN)
+	    sudo_fatal(U_("unable to write to %s"), "stdout");
+	break;
+    case 0:
+	/* Should not happen. */
+	break;
+    default:
+	if (added_cr && nwritten >= nbytes - 1) {
+	    /* The last char written was either '\r' or '\n'. */
+	    iobuf->lastc = nwritten == nbytes ? '\n' : '\r';
+	} else {
+	    /* Stash the last char written. */
+	    iobuf->lastc = *((char *)iov[0].iov_base + nwritten);
+	}
+	if (added_cr) {
+	    /* Subtract one for the carriage return we added above. */
+	    nwritten--;
+	}
+	iobuf->off += nwritten;
+	break;
+    }
+
+    if (iobuf->off == iobuf->len) {
+	/* Write complete, go to next timing entry if possible. */
+	switch (read_timing_record(closure)) {
+	case 0:
+	    /* success */
+	    break;
+	case 1:
+	    /* EOF */
+	    sudo_ev_loopexit(closure->evbase);
+	    break;
+	default:
+	    /* error */
+	    sudo_ev_loopbreak(closure->evbase);
+	    break;
+	}
+    } else {
+	/* Reschedule event to write remainder. */
+	if (sudo_ev_add(NULL, closure->output_ev, NULL, false) == -1)
+	    sudo_fatal(U_("unable to add event to queue"));
+    }
+    debug_return;
+}
+
+/*
+ * Build expression list from search args
+ */
+static int
+parse_expr(struct search_node_list *head, char *argv[], bool sub_expr)
+{
+    bool or = false, not = false;
+    struct search_node *sn;
+    char type, **av;
+    debug_decl(parse_expr, SUDO_DEBUG_UTIL)
+
+    for (av = argv; *av != NULL; av++) {
+	switch (av[0][0]) {
+	case 'a': /* and (ignore) */
+	    if (strncmp(*av, "and", strlen(*av)) != 0)
+		goto bad;
+	    continue;
+	case 'o': /* or */
+	    if (strncmp(*av, "or", strlen(*av)) != 0)
+		goto bad;
+	    or = true;
+	    continue;
+	case '!': /* negate */
+	    if (av[0][1] != '\0')
+		goto bad;
+	    not = true;
+	    continue;
+	case 'c': /* cwd or command */
+	    if (av[0][1] == '\0')
+		sudo_fatalx(U_("ambiguous expression \"%s\""), *av);
+	    if (strncmp(*av, "cwd", strlen(*av)) == 0)
+		type = ST_CWD;
+	    else if (strncmp(*av, "command", strlen(*av)) == 0)
+		type = ST_PATTERN;
+	    else
+		goto bad;
+	    break;
+	case 'f': /* from date */
+	    if (strncmp(*av, "fromdate", strlen(*av)) != 0)
+		goto bad;
+	    type = ST_FROMDATE;
+	    break;
+	case 'g': /* runas group */
+	    if (strncmp(*av, "group", strlen(*av)) != 0)
+		goto bad;
+	    type = ST_RUNASGROUP;
+	    break;
+	case 'r': /* runas user */
+	    if (strncmp(*av, "runas", strlen(*av)) != 0)
+		goto bad;
+	    type = ST_RUNASUSER;
+	    break;
+	case 't': /* tty or to date */
+	    if (av[0][1] == '\0')
+		sudo_fatalx(U_("ambiguous expression \"%s\""), *av);
+	    if (strncmp(*av, "todate", strlen(*av)) == 0)
+		type = ST_TODATE;
+	    else if (strncmp(*av, "tty", strlen(*av)) == 0)
+		type = ST_TTY;
+	    else
+		goto bad;
+	    break;
+	case 'u': /* user */
+	    if (strncmp(*av, "user", strlen(*av)) != 0)
+		goto bad;
+	    type = ST_USER;
+	    break;
+	case '(': /* start sub-expression */
+	    if (av[0][1] != '\0')
+		goto bad;
+	    type = ST_EXPR;
+	    break;
+	case ')': /* end sub-expression */
+	    if (av[0][1] != '\0')
+		goto bad;
+	    if (!sub_expr)
+		sudo_fatalx(U_("unmatched ')' in expression"));
+	    debug_return_int(av - argv + 1);
+	default:
+	bad:
+	    sudo_fatalx(U_("unknown search term \"%s\""), *av);
+	    /* NOTREACHED */
+	}
+
+	/* Allocate new search node */
+	if ((sn = calloc(1, sizeof(*sn))) == NULL)
+	    sudo_fatalx(U_("%s: %s"), __func__, U_("unable to allocate memory"));
+	sn->type = type;
+	sn->or = or;
+	sn->negated = not;
+	if (type == ST_EXPR) {
+	    STAILQ_INIT(&sn->u.expr);
+	    av += parse_expr(&sn->u.expr, av + 1, true);
+	} else {
+	    if (*(++av) == NULL)
+		sudo_fatalx(U_("%s requires an argument"), av[-1]);
+	    if (type == ST_PATTERN) {
+		if (regcomp(&sn->u.cmdre, *av, REG_EXTENDED|REG_NOSUB) != 0)
+		    sudo_fatalx(U_("invalid regular expression: %s"), *av);
+	    } else if (type == ST_TODATE || type == ST_FROMDATE) {
+		sn->u.tstamp = get_date(*av);
+		if (sn->u.tstamp == -1)
+		    sudo_fatalx(U_("could not parse date \"%s\""), *av);
+	    } else {
+		sn->u.ptr = *av;
+	    }
+	}
+	not = or = false; /* reset state */
+	STAILQ_INSERT_TAIL(head, sn, entries);
+    }
+    if (sub_expr)
+	sudo_fatalx(U_("unmatched '(' in expression"));
+    if (or)
+	sudo_fatalx(U_("illegal trailing \"or\""));
+    if (not)
+	sudo_fatalx(U_("illegal trailing \"!\""));
+
+    debug_return_int(av - argv);
+}
+
+static bool
+match_expr(struct search_node_list *head, struct log_info *log, bool last_match)
+{
+    struct search_node *sn;
+    bool res = false, matched = last_match;
+    int rc;
+    debug_decl(match_expr, SUDO_DEBUG_UTIL)
+
+    STAILQ_FOREACH(sn, head, entries) {
+	switch (sn->type) {
+	case ST_EXPR:
+	    res = match_expr(&sn->u.expr, log, matched);
+	    break;
+	case ST_CWD:
+	    res = strcmp(sn->u.cwd, log->cwd) == 0;
+	    break;
+	case ST_TTY:
+	    res = strcmp(sn->u.tty, log->tty) == 0;
+	    break;
+	case ST_RUNASGROUP:
+	    if (log->runas_group != NULL)
+		res = strcmp(sn->u.runas_group, log->runas_group) == 0;
+	    break;
+	case ST_RUNASUSER:
+	    res = strcmp(sn->u.runas_user, log->runas_user) == 0;
+	    break;
+	case ST_USER:
+	    res = strcmp(sn->u.user, log->user) == 0;
+	    break;
+	case ST_PATTERN:
+	    rc = regexec(&sn->u.cmdre, log->cmd, 0, NULL, 0);
+	    if (rc && rc != REG_NOMATCH) {
+		char buf[BUFSIZ];
+		regerror(rc, &sn->u.cmdre, buf, sizeof(buf));
+		sudo_fatalx("%s", buf);
+	    }
+	    res = rc == REG_NOMATCH ? 0 : 1;
+	    break;
+	case ST_FROMDATE:
+	    res = log->tstamp >= sn->u.tstamp;
+	    break;
+	case ST_TODATE:
+	    res = log->tstamp <= sn->u.tstamp;
+	    break;
+	default:
+	    sudo_fatalx(U_("unknown search type %d"), sn->type);
+	    /* NOTREACHED */
+	}
+	if (sn->negated)
+	    res = !res;
+	matched = sn->or ? (res || last_match) : (res && last_match);
+	last_match = matched;
+    }
+    debug_return_bool(matched);
+}
+
+static int
+list_session(char *logfile, regex_t *re, const char *user, const char *tty)
+{
+    char idbuf[7], *idstr, *cp;
+    const char *timestr;
+    struct log_info *li;
+    int ret = -1;
+    debug_decl(list_session, SUDO_DEBUG_UTIL)
+
+    if ((li = parse_logfile(logfile)) == NULL)
+	goto done;
+
+    /* Match on search expression if there is one. */
+    if (!STAILQ_EMPTY(&search_expr) && !match_expr(&search_expr, li, true))
+	goto done;
+
+    /* Convert from /var/log/sudo-sessions/00/00/01/log to 000001 */
+    cp = logfile + strlen(session_dir) + 1;
+    if (IS_IDLOG(cp)) {
+	idbuf[0] = cp[0];
+	idbuf[1] = cp[1];
+	idbuf[2] = cp[3];
+	idbuf[3] = cp[4];
+	idbuf[4] = cp[6];
+	idbuf[5] = cp[7];
+	idbuf[6] = '\0';
+	idstr = idbuf;
+    } else {
+	/* Not an id, just use the iolog_file portion. */
+	cp[strlen(cp) - 4] = '\0';
+	idstr = cp;
+    }
+    /* XXX - print rows + cols? */
+    timestr = get_timestr(li->tstamp, 1);
+    printf("%s : %s : TTY=%s ; CWD=%s ; USER=%s ; ",
+	timestr ? timestr : "invalid date",
+	li->user, li->tty, li->cwd, li->runas_user);
+    if (li->runas_group)
+	printf("GROUP=%s ; ", li->runas_group);
+    printf("TSID=%s ; COMMAND=%s\n", idstr, li->cmd);
+
+    ret = 0;
+
+done:
+    free_log_info(li);
+    debug_return_int(ret);
+}
+
+static int
+session_compare(const void *v1, const void *v2)
+{
+    const char *s1 = *(const char **)v1;
+    const char *s2 = *(const char **)v2;
+    return strcmp(s1, s2);
+}
+
+/* XXX - always returns 0, calls sudo_fatal() on failure */
+static int
+find_sessions(const char *dir, regex_t *re, const char *user, const char *tty)
+{
+    DIR *d;
+    struct dirent *dp;
+    struct stat sb;
+    size_t sdlen, sessions_len = 0, sessions_size = 0;
+    unsigned int i;
+    int len;
+    char pathbuf[PATH_MAX], **sessions = NULL;
+#ifdef HAVE_STRUCT_DIRENT_D_TYPE
+    bool checked_type = true;
+#else
+    const bool checked_type = false;
+#endif
+    debug_decl(find_sessions, SUDO_DEBUG_UTIL)
+
+    d = opendir(dir);
+    if (d == NULL)
+	sudo_fatal(U_("unable to open %s"), dir);
+
+    /* XXX - would be faster to use openat() and relative names */
+    sdlen = strlcpy(pathbuf, dir, sizeof(pathbuf));
+    if (sdlen + 1 >= sizeof(pathbuf)) {
+	errno = ENAMETOOLONG;
+	sudo_fatal("%s/", dir);
+    }
+    pathbuf[sdlen++] = '/';
+    pathbuf[sdlen] = '\0';
+
+    /* Store potential session dirs for sorting. */
+    while ((dp = readdir(d)) != NULL) {
+	/* Skip "." and ".." */
+	if (dp->d_name[0] == '.' && (dp->d_name[1] == '\0' ||
+	    (dp->d_name[1] == '.' && dp->d_name[2] == '\0')))
+	    continue;
+#ifdef HAVE_STRUCT_DIRENT_D_TYPE
+	if (checked_type) {
+	    if (dp->d_type != DT_DIR) {
+		/* Not all file systems support d_type. */
+		if (dp->d_type != DT_UNKNOWN)
+		    continue;
+		checked_type = false;
+	    }
+	}
+#endif
+
+	/* Add name to session list. */
+	if (sessions_len + 1 > sessions_size) {
+	    if (sessions_size == 0)
+		sessions_size = 36 * 36 / 2;
+	    sessions = reallocarray(sessions, sessions_size, 2 * sizeof(char *));
+	    if (sessions == NULL)
+		sudo_fatalx(U_("%s: %s"), __func__, U_("unable to allocate memory"));
+	    sessions_size *= 2;
+	}
+	if ((sessions[sessions_len] = strdup(dp->d_name)) == NULL)
+	    sudo_fatalx(U_("%s: %s"), __func__, U_("unable to allocate memory"));
+	sessions_len++;
+    }
+    closedir(d);
+
+    /* Sort and list the sessions. */
+    if (sessions != NULL) {
+	qsort(sessions, sessions_len, sizeof(char *), session_compare);
+	for (i = 0; i < sessions_len; i++) {
+	    len = snprintf(&pathbuf[sdlen], sizeof(pathbuf) - sdlen,
+		"%s/log", sessions[i]);
+	    if (len <= 0 || (size_t)len >= sizeof(pathbuf) - sdlen) {
+		errno = ENAMETOOLONG;
+		sudo_fatal("%s/%s/log", dir, sessions[i]);
+	    }
+	    free(sessions[i]);
+
+	    /* Check for dir with a log file. */
+	    if (lstat(pathbuf, &sb) == 0 && S_ISREG(sb.st_mode)) {
+		list_session(pathbuf, re, user, tty);
+	    } else {
+		/* Strip off "/log" and recurse if a dir. */
+		pathbuf[sdlen + len - 4] = '\0';
+		if (checked_type ||
+		    (lstat(pathbuf, &sb) == 0 && S_ISDIR(sb.st_mode)))
+		    find_sessions(pathbuf, re, user, tty);
+	    }
+	}
+	free(sessions);
+    }
+
+    debug_return_int(0);
+}
+
+/* XXX - always returns 0, calls sudo_fatal() on failure */
+static int
+list_sessions(int argc, char **argv, const char *pattern, const char *user,
+    const char *tty)
+{
+    regex_t rebuf, *re = NULL;
+    debug_decl(list_sessions, SUDO_DEBUG_UTIL)
+
+    /* Parse search expression if present */
+    parse_expr(&search_expr, argv, false);
+
+    /* optional regex */
+    if (pattern) {
+	re = &rebuf;
+	if (regcomp(re, pattern, REG_EXTENDED|REG_NOSUB) != 0)
+	    sudo_fatalx(U_("invalid regular expression: %s"), pattern);
+    }
+
+    debug_return_int(find_sessions(session_dir, re, user, tty));
+}
+
+/*
+ * Check keyboard for ' ', '<', '>', return
+ * pause, slow, fast, next
+ */
+static void
+read_keyboard(int fd, int what, void *v)
+{
+    struct replay_closure *closure = v;
+    static bool paused = false;
+    struct timespec ts;
+    ssize_t nread;
+    char ch;
+    debug_decl(read_keyboard, SUDO_DEBUG_UTIL)
+
+    nread = read(fd, &ch, 1);
+    switch (nread) {
+    case -1:
+	if (errno != EINTR && errno != EAGAIN)
+	    sudo_fatal(U_("unable to read %s"), "stdin");
+	break;
+    case 0:
+	/* Ignore EOF. */
+	break;
+    default:
+	if (paused) {
+	    /* Any key will unpause, run the delay callback directly. */
+	    paused = false;
+	    delay_cb(-1, SUDO_EV_TIMEOUT, closure);
+	    debug_return;
+	}
+	switch (ch) {
+	case ' ':
+	    paused = true;
+	    /* Disable the delay event until we unpause. */
+	    sudo_ev_del(closure->evbase, closure->delay_ev);
+	    break;
+	case '<':
+	    speed_factor /= 2;
+            sudo_ev_get_timeleft(closure->delay_ev, &ts);
+            if (sudo_timespecisset(&ts)) {
+		/* Double remaining timeout. */
+		ts.tv_sec *= 2;
+		ts.tv_nsec *= 2;
+		if (ts.tv_nsec >= 1000000000) {
+		    ts.tv_sec++;
+		    ts.tv_nsec -= 1000000000;
+		}
+		if (sudo_ev_add(NULL, closure->delay_ev, &ts, false) == -1) {
+		    sudo_debug_printf(SUDO_DEBUG_ERROR|SUDO_DEBUG_LINENO,
+			"failed to double remaining delay timeout");
+		}
+            }
+	    break;
+	case '>':
+	    speed_factor *= 2;
+            sudo_ev_get_timeleft(closure->delay_ev, &ts);
+            if (sudo_timespecisset(&ts)) {
+		/* Halve remaining timeout. */
+		if (ts.tv_sec & 1)
+		    ts.tv_nsec += 500000000;
+		ts.tv_sec /= 2;
+		ts.tv_nsec /= 2;
+		if (sudo_ev_add(NULL, closure->delay_ev, &ts, false) == -1) {
+		    sudo_debug_printf(SUDO_DEBUG_ERROR|SUDO_DEBUG_LINENO,
+			"failed to halve remaining delay timeout");
+		}
+            }
+	    break;
+	case '\r':
+	case '\n':
+	    /* Cancel existing delay, run callback directly. */
+	    sudo_ev_del(closure->evbase, closure->delay_ev);
+	    delay_cb(-1, SUDO_EV_TIMEOUT, closure);
+	    break;
+	default:
+	    /* Unknown key, nothing to do. */
+	    break;
+	}
+	break;
+    }
+    debug_return;
+}
+
+static void
+usage(int fatal)
+{
+    fprintf(fatal ? stderr : stdout,
+	_("usage: %s [-hnRS] [-d dir] [-m num] [-s num] ID\n"),
+	getprogname());
+    fprintf(fatal ? stderr : stdout,
+	_("usage: %s [-h] [-d dir] -l [search expression]\n"),
+	getprogname());
+    if (fatal)
+	exit(1);
+}
+
+static void
+help(void)
+{
+    (void) printf(_("%s - replay sudo session logs\n\n"), getprogname());
+    usage(0);
+    (void) puts(_("\nOptions:\n"
+	"  -d, --directory=dir    specify directory for session logs\n"
+	"  -f, --filter=filter    specify which I/O type(s) to display\n"
+	"  -h, --help             display help message and exit\n"
+	"  -l, --list             list available session IDs, with optional expression\n"
+	"  -m, --max-wait=num     max number of seconds to wait between events\n"
+	"  -n, --non-interactive  no prompts, session is sent to the standard output\n"
+	"  -R, --no-resize        do not attempt to re-size the terminal\n"
+	"  -S, --suspend-wait     wait while the command was suspended\n"
+	"  -s, --speed=num        speed up or slow down output\n"
+	"  -V, --version          display version information and exit"));
+    exit(0);
+}
+
+/*
+ * Cleanup hook for sudo_fatal()/sudo_fatalx()
+  */
+static void
+sudoreplay_cleanup(void)
+{
+    restore_terminal_size();
+    sudo_term_restore(ttyfd, false);
+}
diff --git a/plugins/sudoers/testsudoers.c b/plugins/sudoers/testsudoers.c
new file mode 100644
index 0000000..2a97dfc
--- /dev/null
+++ b/plugins/sudoers/testsudoers.c
@@ -0,0 +1,608 @@
+/*
+ * Copyright (c) 1996, 1998-2005, 2007-2018
+ *	Todd C. Miller <Todd.Miller@sudo.ws>
+ *
+ * Permission to use, copy, modify, and distribute this software for any
+ * purpose with or without fee is hereby granted, provided that the above
+ * copyright notice and this permission notice appear in all copies.
+ *
+ * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
+ * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
+ * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
+ * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
+ * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
+ * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
+ * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
+ *
+ * Sponsored in part by the Defense Advanced Research Projects
+ * Agency (DARPA) and Air Force Research Laboratory, Air Force
+ * Materiel Command, USAF, under agreement number F39502-99-1-0512.
+ */
+
+/*
+ * This is an open source non-commercial project. Dear PVS-Studio, please check it.
+ * PVS-Studio Static Code Analyzer for C, C++ and C#: http://www.viva64.com
+ */
+
+#include <config.h>
+
+#include <sys/types.h>
+#include <sys/stat.h>
+#include <sys/socket.h>
+#include <stdio.h>
+#include <stdlib.h>
+#ifdef HAVE_STRING_H
+# include <string.h>
+#endif /* HAVE_STRING_H */
+#ifdef HAVE_STRINGS_H
+# include <strings.h>
+#endif /* HAVE_STRINGS_H */
+#include <unistd.h>
+#ifdef HAVE_NETGROUP_H
+# include <netgroup.h>
+#endif /* HAVE_NETGROUP_H */
+#include <time.h>
+#include <ctype.h>
+#include <errno.h>
+#include <netinet/in.h>
+#include <arpa/inet.h>
+
+#include "tsgetgrpw.h"
+#include "sudoers.h"
+#include "interfaces.h"
+#include "sudo_conf.h"
+#include "sudo_lbuf.h"
+#include <gram.h>
+
+#ifndef YYDEBUG
+# define YYDEBUG 0
+#endif
+
+enum sudoers_formats {
+    format_ldif,
+    format_sudoers
+};
+
+/*
+ * Function Prototypes
+ */
+static void dump_sudoers(struct sudo_lbuf *lbuf);
+static void usage(void) __attribute__((__noreturn__));
+static void set_runaspw(const char *);
+static void set_runasgr(const char *);
+static bool cb_runas_default(const union sudo_defs_val *);
+static int testsudoers_error(const char *msg);
+static int testsudoers_output(const char *buf);
+
+/* tsgetgrpw.c */
+extern void setgrfile(const char *);
+extern void setgrent(void);
+extern void endgrent(void);
+extern struct group *getgrent(void);
+extern struct group *getgrnam(const char *);
+extern struct group *getgrgid(gid_t);
+extern void setpwfile(const char *);
+extern void setpwent(void);
+extern void endpwent(void);
+extern struct passwd *getpwent(void);
+extern struct passwd *getpwnam(const char *);
+extern struct passwd *getpwuid(uid_t);
+
+/* gram.y */
+extern int (*trace_print)(const char *msg);
+
+/*
+ * Globals
+ */
+struct sudo_user sudo_user;
+struct passwd *list_pw;
+static char *runas_group, *runas_user;
+
+#if defined(SUDO_DEVEL) && defined(__OpenBSD__)
+extern char *malloc_options;
+#endif
+#if YYDEBUG
+extern int sudoersdebug;
+#endif
+
+__dso_public int main(int argc, char *argv[]);
+
+int
+main(int argc, char *argv[])
+{
+    enum sudoers_formats input_format = format_sudoers;
+    struct cmndspec *cs;
+    struct privilege *priv;
+    struct userspec *us;
+    char *p, *grfile, *pwfile;
+    const char *errstr;
+    int match, host_match, runas_match, cmnd_match;
+    int ch, dflag, exitcode = EXIT_FAILURE;
+    struct sudo_lbuf lbuf;
+    debug_decl(main, SUDOERS_DEBUG_MAIN)
+
+#if defined(SUDO_DEVEL) && defined(__OpenBSD__)
+    malloc_options = "S";
+#endif
+#if YYDEBUG
+    sudoersdebug = 1;
+#endif
+
+    initprogname(argc > 0 ? argv[0] : "testsudoers");
+
+    if (!sudoers_initlocale(setlocale(LC_ALL, ""), def_sudoers_locale))
+	sudo_fatalx(U_("%s: %s"), __func__, U_("unable to allocate memory"));
+    sudo_warn_set_locale_func(sudoers_warn_setlocale);
+    bindtextdomain("sudoers", LOCALEDIR); /* XXX - should have own domain */
+    textdomain("sudoers");
+
+    /* No word wrap on output. */
+    sudo_lbuf_init(&lbuf, testsudoers_output, 0, NULL, 0);
+
+    /* Initialize the debug subsystem. */
+    if (sudo_conf_read(NULL, SUDO_CONF_DEBUG) == -1)
+	goto done;
+    if (!sudoers_debug_register(getprogname(), sudo_conf_debug_files(getprogname())))
+	goto done;
+
+    dflag = 0;
+    grfile = pwfile = NULL;
+    while ((ch = getopt(argc, argv, "dg:G:h:i:P:p:tu:U:")) != -1) {
+	switch (ch) {
+	    case 'd':
+		dflag = 1;
+		break;
+	    case 'G':
+		sudoers_gid = (gid_t)sudo_strtoid(optarg, NULL, NULL, &errstr);
+		if (errstr != NULL)
+		    sudo_fatalx("group ID %s: %s", optarg, errstr);
+		break;
+	    case 'g':
+		runas_group = optarg;
+		SET(sudo_user.flags, RUNAS_GROUP_SPECIFIED);
+		break;
+	    case 'h':
+		user_host = optarg;
+		break;
+	    case 'i':
+		if (strcasecmp(optarg, "ldif") == 0) {
+		    input_format = format_ldif;
+		} else if (strcasecmp(optarg, "sudoers") == 0) {
+		    input_format = format_sudoers;
+		} else {
+		    sudo_warnx(U_("unsupported input format %s"), optarg);
+		    usage();
+		}
+		break;
+	    case 'p':
+		pwfile = optarg;
+		break;
+	    case 'P':
+		grfile = optarg;
+		break;
+	    case 't':
+		trace_print = testsudoers_error;
+		break;
+	    case 'U':
+		sudoers_uid = (uid_t)sudo_strtoid(optarg, NULL, NULL, &errstr);
+		if (errstr != NULL)
+		    sudo_fatalx("user ID %s: %s", optarg, errstr);
+		break;
+	    case 'u':
+		runas_user = optarg;
+		SET(sudo_user.flags, RUNAS_USER_SPECIFIED);
+		break;
+	    default:
+		usage();
+		break;
+	}
+    }
+    argc -= optind;
+    argv += optind;
+
+    /* Set group/passwd file and init the cache. */
+    if (grfile)
+	setgrfile(grfile);
+    if (pwfile)
+	setpwfile(pwfile);
+
+    if (argc < 2) {
+	if (!dflag)
+	    usage();
+	user_name = argc ? *argv++ : "root";
+	user_cmnd = user_base = "true";
+	argc = 0;
+    } else {
+	user_name = *argv++;
+	user_cmnd = *argv++;
+	if ((p = strrchr(user_cmnd, '/')) != NULL)
+	    user_base = p + 1;
+	else
+	    user_base = user_cmnd;
+	argc -= 2;
+    }
+    if ((sudo_user.pw = sudo_getpwnam(user_name)) == NULL)
+	sudo_fatalx(U_("unknown user: %s"), user_name);
+
+    if (user_host == NULL) {
+	if ((user_host = sudo_gethostname()) == NULL)
+	    sudo_fatal("gethostname");
+    }
+    if ((p = strchr(user_host, '.'))) {
+	*p = '\0';
+	if ((user_shost = strdup(user_host)) == NULL)
+	    sudo_fatalx(U_("%s: %s"), __func__, U_("unable to allocate memory"));
+	*p = '.';
+    } else {
+	user_shost = user_host;
+    }
+    user_runhost = user_host;
+    user_srunhost = user_shost;
+
+    /* Fill in user_args from argv. */
+    if (argc > 0) {
+	char *to, **from;
+	size_t size, n;
+
+	for (size = 0, from = argv; *from; from++)
+	    size += strlen(*from) + 1;
+
+	if ((user_args = malloc(size)) == NULL)
+	    sudo_fatalx(U_("%s: %s"), __func__, U_("unable to allocate memory"));
+	for (to = user_args, from = argv; *from; from++) {
+	    n = strlcpy(to, *from, size - (to - user_args));
+	    if (n >= size - (to - user_args))
+		sudo_fatalx(U_("internal error, %s overflow"), getprogname());
+	    to += n;
+	    *to++ = ' ';
+	}
+	*--to = '\0';
+    }
+
+    /* Initialize default values. */
+    if (!init_defaults())
+	sudo_fatalx(U_("unable to initialize sudoers default values"));
+
+    /* Set group_plugin callback. */
+    sudo_defs_table[I_GROUP_PLUGIN].callback = cb_group_plugin;
+
+    /* Set runas callback. */
+    sudo_defs_table[I_RUNAS_DEFAULT].callback = cb_runas_default;
+
+    /* Set locale callback. */
+    sudo_defs_table[I_SUDOERS_LOCALE].callback = sudoers_locale_callback;
+
+    /* Load ip addr/mask for each interface. */
+    if (get_net_ifs(&p) > 0) {
+	if (!set_interfaces(p))
+	    sudo_fatal(U_("unable to parse network address list"));
+    }
+
+    /* Allocate space for data structures in the parser. */
+    init_parser("sudoers", false);
+
+    /*
+     * Set runas passwd/group entries based on command line or sudoers.
+     * Note that if runas_group was specified without runas_user we
+     * run the command as the invoking user.
+     */
+    if (runas_group != NULL) {
+        set_runasgr(runas_group);
+        set_runaspw(runas_user ? runas_user : user_name);
+    } else
+        set_runaspw(runas_user ? runas_user : def_runas_default);
+
+    /* Parse the policy file. */
+    sudoers_setlocale(SUDOERS_LOCALE_SUDOERS, NULL);
+    switch (input_format) {
+    case format_ldif:
+        if (!sudoers_parse_ldif(&parsed_policy, stdin, NULL, true))
+	    (void) printf("Parse error in LDIF");
+	else
+	    (void) fputs("Parses OK", stdout);
+        break;
+    case format_sudoers:
+	if (sudoersparse() != 0 || parse_error) {
+	    parse_error = true;
+	    if (errorlineno != -1)
+		(void) printf("Parse error in %s near line %d",
+		    errorfile, errorlineno);
+	    else
+		(void) printf("Parse error in %s", errorfile);
+	} else {
+	    (void) fputs("Parses OK", stdout);
+	}
+        break;
+    default:
+        sudo_fatalx("error: unhandled input %d", input_format);
+    }
+
+    if (!update_defaults(&parsed_policy, NULL, SETDEF_ALL, false))
+	(void) fputs(" (problem with defaults entries)", stdout);
+    puts(".");
+
+    if (dflag) {
+	(void) putchar('\n');
+	dump_sudoers(&lbuf);
+	if (argc < 2) {
+	    exitcode = parse_error ? 1 : 0;
+	    goto done;
+	}
+    }
+
+    /* This loop must match the one in sudo_file_lookup() */
+    printf("\nEntries for user %s:\n", user_name);
+    match = UNSPEC;
+    TAILQ_FOREACH_REVERSE(us, &parsed_policy.userspecs, userspec_list, entries) {
+	if (userlist_matches(&parsed_policy, sudo_user.pw, &us->users) != ALLOW)
+	    continue;
+	TAILQ_FOREACH_REVERSE(priv, &us->privileges, privilege_list, entries) {
+	    sudo_lbuf_append(&lbuf, "\n");
+	    sudoers_format_privilege(&lbuf, &parsed_policy, priv, false);
+	    sudo_lbuf_print(&lbuf);
+	    host_match = hostlist_matches(&parsed_policy, sudo_user.pw,
+		&priv->hostlist);
+	    if (host_match == ALLOW) {
+		puts("\thost  matched");
+		TAILQ_FOREACH_REVERSE(cs, &priv->cmndlist, cmndspec_list, entries) {
+		    runas_match = runaslist_matches(&parsed_policy,
+			cs->runasuserlist, cs->runasgrouplist, NULL, NULL);
+		    if (runas_match == ALLOW) {
+			puts("\trunas matched");
+			cmnd_match = cmnd_matches(&parsed_policy, cs->cmnd);
+			if (cmnd_match != UNSPEC)
+			    match = cmnd_match;
+			printf("\tcmnd  %s\n", match == ALLOW ? "allowed" :
+			    match == DENY ? "denied" : "unmatched");
+		    }
+		}
+	    } else
+		puts(U_("\thost  unmatched"));
+	}
+    }
+    puts(match == ALLOW ? U_("\nCommand allowed") :
+	match == DENY ?  U_("\nCommand denied") :  U_("\nCommand unmatched"));
+
+    /*
+     * Exit codes:
+     *	0 - parsed OK and command matched.
+     *	1 - parse error
+     *	2 - command not matched
+     *	3 - command denied
+     */
+    exitcode = parse_error ? 1 : (match == ALLOW ? 0 : match + 3);
+done:
+    sudo_lbuf_destroy(&lbuf);
+    sudo_freepwcache();
+    sudo_freegrcache();
+    sudo_debug_exit_int(__func__, __FILE__, __LINE__, sudo_debug_subsys, exitcode);
+    exit(exitcode);
+}
+
+static void
+set_runaspw(const char *user)
+{
+    struct passwd *pw = NULL;
+    debug_decl(set_runaspw, SUDOERS_DEBUG_UTIL)
+
+    if (*user == '#') {
+	const char *errstr;
+	uid_t uid = sudo_strtoid(user + 1, NULL, NULL, &errstr);
+	if (errstr == NULL) {
+	    if ((pw = sudo_getpwuid(uid)) == NULL)
+		pw = sudo_fakepwnam(user, user_gid);
+	}
+    }
+    if (pw == NULL) {
+	if ((pw = sudo_getpwnam(user)) == NULL)
+	    sudo_fatalx(U_("unknown user: %s"), user);
+    }
+    if (runas_pw != NULL)
+	sudo_pw_delref(runas_pw);
+    runas_pw = pw;
+    debug_return;
+}
+
+static void
+set_runasgr(const char *group)
+{
+    struct group *gr = NULL;
+    debug_decl(set_runasgr, SUDOERS_DEBUG_UTIL)
+
+    if (*group == '#') {
+	const char *errstr;
+	gid_t gid = sudo_strtoid(group + 1, NULL, NULL, &errstr);
+	if (errstr == NULL) {
+	    if ((gr = sudo_getgrgid(gid)) == NULL)
+		gr = sudo_fakegrnam(group);
+	}
+    }
+    if (gr == NULL) {
+	if ((gr = sudo_getgrnam(group)) == NULL)
+	    sudo_fatalx(U_("unknown group: %s"), group);
+    }
+    if (runas_gr != NULL)
+	sudo_gr_delref(runas_gr);
+    runas_gr = gr;
+    debug_return;
+}
+
+/* 
+ * Callback for runas_default sudoers setting.
+ */
+static bool
+cb_runas_default(const union sudo_defs_val *sd_un)
+{
+    /* Only reset runaspw if user didn't specify one. */
+    if (!runas_user && !runas_group)
+        set_runaspw(sd_un->str);
+    return true;
+}
+
+void
+sudo_setspent(void)
+{
+    return;
+}
+
+void
+sudo_endspent(void)
+{
+    return;
+}
+
+FILE *
+open_sudoers(const char *sudoers, bool doedit, bool *keepopen)
+{
+    struct stat sb;
+    FILE *fp = NULL;
+    char *sudoers_base;
+    debug_decl(open_sudoers, SUDOERS_DEBUG_UTIL)
+
+    sudoers_base = strrchr(sudoers, '/');
+    if (sudoers_base != NULL)
+	sudoers_base++;
+
+    switch (sudo_secure_file(sudoers, sudoers_uid, sudoers_gid, &sb)) {
+	case SUDO_PATH_SECURE:
+	    fp = fopen(sudoers, "r");
+	    break;
+	case SUDO_PATH_MISSING:
+	    sudo_warn("unable to stat %s", sudoers_base);
+	    break;
+	case SUDO_PATH_BAD_TYPE:
+	    sudo_warnx("%s is not a regular file", sudoers_base);
+	    break;
+	case SUDO_PATH_WRONG_OWNER:
+	    sudo_warnx("%s should be owned by uid %u",
+		sudoers_base, (unsigned int) sudoers_uid);
+	    break;
+	case SUDO_PATH_WORLD_WRITABLE:
+	    sudo_warnx("%s is world writable", sudoers_base);
+	    break;
+	case SUDO_PATH_GROUP_WRITABLE:
+	    sudo_warnx("%s should be owned by gid %u",
+		sudoers_base, (unsigned int) sudoers_gid);
+	    break;
+	default:
+	    /* NOTREACHED */
+	    break;
+    }
+
+    debug_return_ptr(fp);
+}
+
+bool
+init_envtables(void)
+{
+    return(true);
+}
+
+bool
+set_perms(int perm)
+{
+    return true;
+}
+
+bool
+restore_perms(void)
+{
+    return true;
+}
+
+static bool
+print_defaults(struct sudo_lbuf *lbuf)
+{
+    struct defaults *def, *next;
+    debug_decl(print_defaults, SUDOERS_DEBUG_UTIL)
+
+    TAILQ_FOREACH_SAFE(def, &parsed_policy.defaults, entries, next)
+	sudoers_format_default_line(lbuf, &parsed_policy, def, &next, false);
+
+    debug_return_bool(!sudo_lbuf_error(lbuf));
+}
+
+static int
+print_alias(struct sudoers_parse_tree *parse_tree, struct alias *a, void *v)
+{
+    struct sudo_lbuf *lbuf = v;
+    struct member *m;
+    debug_decl(print_alias, SUDOERS_DEBUG_UTIL)
+
+    sudo_lbuf_append(lbuf, "%s %s = ", alias_type_to_string(a->type),
+	a->name);
+    TAILQ_FOREACH(m, &a->members, entries) {
+	if (m != TAILQ_FIRST(&a->members))
+	    sudo_lbuf_append(lbuf, ", ");
+	sudoers_format_member(lbuf, parse_tree, m, NULL, UNSPEC);
+    }
+    sudo_lbuf_append(lbuf, "\n");
+
+    debug_return_int(sudo_lbuf_error(lbuf) ? -1 : 0);
+}
+
+static bool
+print_aliases(struct sudo_lbuf *lbuf)
+{
+    debug_decl(print_aliases, SUDOERS_DEBUG_UTIL)
+
+    alias_apply(&parsed_policy, print_alias, lbuf);
+
+    debug_return_bool(!sudo_lbuf_error(lbuf));
+}
+
+static void
+dump_sudoers(struct sudo_lbuf *lbuf)
+{
+    debug_decl(dump_sudoers, SUDOERS_DEBUG_UTIL)
+
+    /* Print Defaults */
+    if (!print_defaults(lbuf))
+	goto done;
+    if (lbuf->len > 0) {
+	sudo_lbuf_print(lbuf);
+	sudo_lbuf_append(lbuf, "\n");
+    }
+
+    /* Print Aliases */
+    if (!print_aliases(lbuf))
+	goto done;
+    if (lbuf->len > 1) {
+	sudo_lbuf_print(lbuf);
+	sudo_lbuf_append(lbuf, "\n");
+    }
+
+    /* Print User_Specs */
+    if (!sudoers_format_userspecs(lbuf, &parsed_policy, NULL, false, true))
+	goto done;
+    if (lbuf->len > 1) {
+	sudo_lbuf_print(lbuf);
+    }
+
+done:
+    if (sudo_lbuf_error(lbuf)) {
+	if (errno == ENOMEM)
+	    sudo_fatalx(U_("%s: %s"), __func__, U_("unable to allocate memory"));
+    }
+
+    debug_return;
+}
+
+static int
+testsudoers_output(const char *buf)
+{
+    return fputs(buf, stdout);
+}
+
+static int
+testsudoers_error(const char *buf)
+{
+    return fputs(buf, stderr);
+}
+
+static void
+usage(void)
+{
+    (void) fprintf(stderr, "usage: %s [-dt] [-G sudoers_gid] [-g group] [-h host] [-i input_format] [-P grfile] [-p pwfile] [-U sudoers_uid] [-u user] <user> <command> [args]\n", getprogname());
+    exit(1);
+}
diff --git a/plugins/sudoers/timeout.c b/plugins/sudoers/timeout.c
new file mode 100644
index 0000000..3b621e3
--- /dev/null
+++ b/plugins/sudoers/timeout.c
@@ -0,0 +1,114 @@
+/*
+ * Copyright (c) 2017 Todd C. Miller <Todd.Miller@sudo.ws>
+ *
+ * Permission to use, copy, modify, and distribute this software for any
+ * purpose with or without fee is hereby granted, provided that the above
+ * copyright notice and this permission notice appear in all copies.
+ *
+ * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
+ * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
+ * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
+ * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
+ * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
+ * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
+ * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
+ */
+
+/*
+ * This is an open source non-commercial project. Dear PVS-Studio, please check it.
+ * PVS-Studio Static Code Analyzer for C, C++ and C#: http://www.viva64.com
+ */
+
+#include <config.h>
+
+#include <sys/types.h>
+#include <stdio.h>
+#include <stdlib.h>
+#include <stddef.h>
+#ifdef HAVE_STRING_H
+# include <string.h>
+#endif /* HAVE_STRING_H */
+#ifdef HAVE_STRINGS_H
+# include <strings.h>
+#endif /* HAVE_STRINGS_H */
+#include <ctype.h>
+#include <errno.h>
+#include <limits.h>
+
+#include "sudo_compat.h"
+#include "sudoers_debug.h"
+#include "parse.h"
+
+/*
+ * Parse a command timeout in sudoers in the format 1d2h3m4s
+ * (days, hours, minutes, seconds) or a number of seconds with no suffix.
+ * Returns the number of seconds or -1 on error.
+ */
+int
+parse_timeout(const char *timestr)
+{
+    debug_decl(parse_timeout, SUDOERS_DEBUG_PARSER)
+    const char suffixes[] = "dhms";
+    const char *cp = timestr;
+    int timeout = 0;
+    int idx = 0;
+
+    do {
+	char *ep;
+	char ch;
+	long l;
+
+	/* Parse number, must be present and positive. */
+	errno = 0;
+	l = strtol(cp, &ep, 10);
+	if (ep == cp) {
+	    /* missing timeout */
+	    errno = EINVAL;
+	    debug_return_int(-1);
+	}
+	if (errno == ERANGE || l < 0 || l > INT_MAX)
+	    goto overflow;
+
+	/* Find a matching suffix or return an error. */
+	if (*ep != '\0') {
+	    ch = tolower((unsigned char)*ep++);
+	    while (suffixes[idx] != ch) {
+		if (suffixes[idx] == '\0') {
+		    /* parse error */
+		    errno = EINVAL;
+		    debug_return_int(-1);
+		}
+		idx++;
+	    }
+
+	    /* Apply suffix. */
+	    switch (ch) {
+	    case 'd':
+		if (l > INT_MAX / (24 * 60 * 60))
+		    goto overflow;
+		l *= 24 * 60 * 60;
+		break;
+	    case 'h':
+		if (l > INT_MAX / (60 * 60))
+		    goto overflow;
+		l *= 60 * 60;
+		break;
+	    case 'm':
+		if (l > INT_MAX / 60)
+		    goto overflow;
+		l *= 60;
+		break;
+	    }
+	    if (l > INT_MAX - timeout)
+		goto overflow;
+	}
+	cp = ep;
+
+	timeout += l;
+    } while (*cp != '\0');
+
+    debug_return_int(timeout);
+overflow:
+    errno = ERANGE;
+    debug_return_int(-1);
+}
diff --git a/plugins/sudoers/timestamp.c b/plugins/sudoers/timestamp.c
new file mode 100644
index 0000000..5930103
--- /dev/null
+++ b/plugins/sudoers/timestamp.c
@@ -0,0 +1,1075 @@
+/*
+ * Copyright (c) 2014-2018 Todd C. Miller <Todd.Miller@sudo.ws>
+ *
+ * Permission to use, copy, modify, and distribute this software for any
+ * purpose with or without fee is hereby granted, provided that the above
+ * copyright notice and this permission notice appear in all copies.
+ *
+ * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
+ * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
+ * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
+ * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
+ * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
+ * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
+ * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
+ */
+
+/*
+ * This is an open source non-commercial project. Dear PVS-Studio, please check it.
+ * PVS-Studio Static Code Analyzer for C, C++ and C#: http://www.viva64.com
+ */
+
+#include <config.h>
+
+#include <sys/types.h>
+#include <sys/stat.h>
+#include <sys/ioctl.h>
+#include <stddef.h>
+#include <stdio.h>
+#include <stdlib.h>
+#if defined(HAVE_STDINT_H)
+# include <stdint.h>
+#elif defined(HAVE_INTTYPES_H)
+# include <inttypes.h>
+#endif
+#ifdef HAVE_STRING_H
+# include <string.h>
+#endif /* HAVE_STRING_H */
+#ifdef HAVE_STRINGS_H
+# include <strings.h>
+#endif /* HAVE_STRINGS_H */
+#include <unistd.h>
+#include <time.h>
+#include <errno.h>
+#include <fcntl.h>
+#include <pwd.h>
+#include <grp.h>
+#include <signal.h>
+
+#include "sudoers.h"
+#include "check.h"
+
+#define TIMESTAMP_OPEN_ERROR	-1
+#define TIMESTAMP_PERM_ERROR	-2
+
+/*
+ * Each user has a single time stamp file that contains multiple records.
+ * Records are locked to ensure that changes are serialized.
+ *
+ * The first record is of type TS_LOCKEXCL and is used to gain exclusive
+ * access to create new records.  This is a short-term lock and sudo
+ * should not sleep while holding it (or the user will not be able to sudo).
+ * The TS_LOCKEXCL entry must be unlocked before locking the actual record.
+ */
+
+struct ts_cookie {
+    char *fname;
+    int fd;
+    pid_t sid;
+    bool locked;
+    off_t pos;
+    struct timestamp_entry key;
+};
+
+/*
+ * Returns true if entry matches key, else false.
+ * We don't match on the sid or actual time stamp.
+ */
+static bool
+ts_match_record(struct timestamp_entry *key, struct timestamp_entry *entry,
+    unsigned int recno)
+{
+    debug_decl(ts_match_record, SUDOERS_DEBUG_AUTH)
+
+    if (entry->version != key->version) {
+	sudo_debug_printf(SUDO_DEBUG_DEBUG,
+	    "%s:%u record version mismatch (want %u, got %u)", __func__, recno,
+	    key->version, entry->version);
+	debug_return_bool(false);
+    }
+    if (!ISSET(key->flags, TS_ANYUID) && entry->auth_uid != key->auth_uid) {
+	sudo_debug_printf(SUDO_DEBUG_DEBUG,
+	    "%s:%u record uid mismatch (want %u, got %u)", __func__, recno,
+	    (unsigned int)key->auth_uid, (unsigned int)entry->auth_uid);
+	debug_return_bool(false);
+    }
+    if (entry->type != key->type) {
+	sudo_debug_printf(SUDO_DEBUG_DEBUG,
+	    "%s:%u record type mismatch (want %u, got %u)", __func__, recno,
+	    key->type, entry->type);
+	debug_return_bool(false);
+    }
+    switch (entry->type) {
+    case TS_GLOBAL:
+	/* no ppid or tty to match */
+	break;
+    case TS_PPID:
+	/* verify parent pid */
+	if (entry->u.ppid != key->u.ppid) {
+	    sudo_debug_printf(SUDO_DEBUG_DEBUG,
+		"%s:%u record ppid mismatch (want %d, got %d)", __func__, recno,
+		(int)key->u.ppid, (int)entry->u.ppid);
+	    debug_return_bool(false);
+	}
+	if (sudo_timespeccmp(&entry->start_time, &key->start_time, !=)) {
+	    sudo_debug_printf(SUDO_DEBUG_DEBUG,
+		"%s:%u ppid start time mismatch", __func__, recno);
+	    debug_return_bool(false);
+	}
+	break;
+    case TS_TTY:
+	if (entry->u.ttydev != key->u.ttydev) {
+	    sudo_debug_printf(SUDO_DEBUG_DEBUG,
+		"%s:%u record tty mismatch (want 0x%x, got 0x%x)", __func__,
+		recno, (unsigned int)key->u.ttydev, (unsigned int)entry->u.ttydev);
+	    debug_return_bool(false);
+	}
+	if (sudo_timespeccmp(&entry->start_time, &key->start_time, !=)) {
+	    sudo_debug_printf(SUDO_DEBUG_DEBUG,
+		"%s:%u session leader start time mismatch", __func__, recno);
+	    debug_return_bool(false);
+	}
+	break;
+    default:
+	/* unknown record type, ignore it */
+	sudo_debug_printf(SUDO_DEBUG_WARN|SUDO_DEBUG_LINENO,
+	    "%s:%u unknown time stamp record type %d", __func__, recno,
+	    entry->type);
+	debug_return_bool(false);
+    }
+    debug_return_bool(true);
+}
+
+/*
+ * Searches the time stamp file descriptor for a record that matches key.
+ * On success, fills in entry with the matching record and returns true.
+ * On failure, returns false.
+ *
+ * Note that records are searched starting at the current file offset,
+ * which may not be the beginning of the file.
+ */
+static bool
+ts_find_record(int fd, struct timestamp_entry *key, struct timestamp_entry *entry)
+{
+    struct timestamp_entry cur;
+    unsigned int recno = 0;
+    debug_decl(ts_find_record, SUDOERS_DEBUG_AUTH)
+
+    /*
+     * Find a matching record (does not match sid or time stamp value).
+     */
+    while (read(fd, &cur, sizeof(cur)) == sizeof(cur)) {
+	recno++;
+	if (cur.size != sizeof(cur)) {
+	    /* wrong size, seek to start of next record */
+	    sudo_debug_printf(SUDO_DEBUG_INFO|SUDO_DEBUG_LINENO,
+		"wrong sized record, got %hu, expected %zu",
+		cur.size, sizeof(cur));
+	    if (lseek(fd, (off_t)cur.size - (off_t)sizeof(cur), SEEK_CUR) == -1) {
+		sudo_debug_printf(SUDO_DEBUG_ERROR|SUDO_DEBUG_ERRNO|SUDO_DEBUG_LINENO,
+		    "unable to seek forward %d",
+		    (int)cur.size - (int)sizeof(cur));
+		break;
+	    }
+	    if (cur.size == 0)
+		break;			/* size must be non-zero */
+	    continue;
+	}
+	if (ts_match_record(key, &cur, recno)) {
+	    memcpy(entry, &cur, sizeof(struct timestamp_entry));
+	    debug_return_bool(true);
+	}
+    }
+    debug_return_bool(false);
+}
+
+/*
+ * Create a directory and any missing parent directories with the
+ * specified mode.
+ * Returns true on success.
+ * Returns false on failure and displays a warning to stderr.
+ */
+static bool
+ts_mkdirs(char *path, uid_t owner, gid_t group, mode_t mode,
+    mode_t parent_mode, bool quiet)
+{
+    bool ret;
+    mode_t omask;
+    debug_decl(ts_mkdirs, SUDOERS_DEBUG_AUTH)
+
+    /* umask must not be more restrictive than the file modes. */
+    omask = umask(ACCESSPERMS & ~(mode|parent_mode));
+    ret = sudo_mkdir_parents(path, owner, group, parent_mode, quiet);
+    if (ret) {
+	/* Create final path component. */
+	sudo_debug_printf(SUDO_DEBUG_DEBUG|SUDO_DEBUG_LINENO,
+	    "mkdir %s, mode 0%o, uid %d, gid %d", path, (unsigned int)mode,
+	    (int)owner, (int)group);
+	if (mkdir(path, mode) != 0 && errno != EEXIST) {
+	    if (!quiet)
+		sudo_warn(U_("unable to mkdir %s"), path);
+	    ret = false;
+	} else {
+	    if (chown(path, owner, group) != 0) {
+		sudo_debug_printf(SUDO_DEBUG_ERROR|SUDO_DEBUG_ERRNO,
+		    "%s: unable to chown %d:%d %s", __func__,
+		    (int)owner, (int)group, path);
+	    }
+	}
+    }
+    umask(omask);
+    debug_return_bool(ret);
+}
+
+/*
+ * Check that path is owned by timestamp_uid and not writable by
+ * group or other.  If path is missing and make_it is true, create
+ * the directory and its parent dirs.
+ * Returns true on success or false on failure, setting errno.
+ */
+static bool
+ts_secure_dir(char *path, bool make_it, bool quiet)
+{
+    struct stat sb;
+    bool ret = false;
+    debug_decl(ts_secure_dir, SUDOERS_DEBUG_AUTH)
+
+    sudo_debug_printf(SUDO_DEBUG_INFO|SUDO_DEBUG_LINENO, "checking %s", path);
+    switch (sudo_secure_dir(path, timestamp_uid, -1, &sb)) {
+    case SUDO_PATH_SECURE:
+	ret = true;
+	break;
+    case SUDO_PATH_MISSING:
+	if (make_it && ts_mkdirs(path, timestamp_uid, timestamp_gid, S_IRWXU,
+	    S_IRWXU|S_IXGRP|S_IXOTH, quiet)) {
+	    ret = true;
+	    break;
+	}
+	errno = ENOENT;
+	break;
+    case SUDO_PATH_BAD_TYPE:
+	errno = ENOTDIR;
+	if (!quiet)
+	    sudo_warn("%s", path);
+	break;
+    case SUDO_PATH_WRONG_OWNER:
+	if (!quiet) {
+	    sudo_warnx(U_("%s is owned by uid %u, should be %u"),
+		path, (unsigned int) sb.st_uid,
+		(unsigned int) timestamp_uid);
+	}
+	errno = EACCES;
+	break;
+    case SUDO_PATH_GROUP_WRITABLE:
+	if (!quiet)
+	    sudo_warnx(U_("%s is group writable"), path);
+	errno = EACCES;
+	break;
+    }
+    debug_return_bool(ret);
+}
+
+/*
+ * Open the specified timestamp or lecture file and set the
+ * close on exec flag.
+ * Returns open file descriptor on success.
+ * Returns TIMESTAMP_OPEN_ERROR or TIMESTAMP_PERM_ERROR on error.
+ */
+static int
+ts_open(const char *path, int flags)
+{
+    bool uid_changed = false;
+    int fd;
+    debug_decl(ts_open, SUDOERS_DEBUG_AUTH)
+
+    if (timestamp_uid != 0)
+	uid_changed = set_perms(PERM_TIMESTAMP);
+    fd = open(path, flags, S_IRUSR|S_IWUSR);
+    if (uid_changed && !restore_perms()) {
+	/* Unable to restore permissions, should not happen. */
+	if (fd != -1) {
+	    int serrno = errno;
+	    close(fd);
+	    errno = serrno;
+	    fd = TIMESTAMP_PERM_ERROR;
+	}
+    }
+    if (fd >= 0)
+	(void)fcntl(fd, F_SETFD, FD_CLOEXEC);
+
+    debug_return_int(fd);
+}
+
+static ssize_t
+ts_write(int fd, const char *fname, struct timestamp_entry *entry, off_t offset)
+{
+    ssize_t nwritten;
+    off_t old_eof;
+    debug_decl(ts_write, SUDOERS_DEBUG_AUTH)
+
+    if (offset == -1) {
+	old_eof = lseek(fd, 0, SEEK_CUR);
+	nwritten = write(fd, entry, entry->size);
+    } else {
+	old_eof = offset;
+#ifdef HAVE_PWRITE
+	nwritten = pwrite(fd, entry, entry->size, offset);
+#else
+	if (lseek(fd, offset, SEEK_SET) == -1) {
+	    sudo_debug_printf(SUDO_DEBUG_ERROR|SUDO_DEBUG_ERRNO|SUDO_DEBUG_LINENO,
+		"unable to seek to %lld", (long long)offset);
+	    nwritten = -1;
+	} else {
+	    nwritten = write(fd, entry, entry->size);
+	}
+#endif
+    }
+    if ((size_t)nwritten != entry->size) {
+	if (nwritten == -1) {
+	    log_warning(SLOG_SEND_MAIL,
+		N_("unable to write to %s"), fname);
+	} else {
+	    log_warningx(SLOG_SEND_MAIL,
+		N_("unable to write to %s"), fname);
+	}
+
+	/* Truncate on partial write to be safe (assumes end of file). */
+	if (nwritten > 0) {
+	    sudo_debug_printf(SUDO_DEBUG_DEBUG|SUDO_DEBUG_LINENO,
+		"short write, truncating partial time stamp record");
+	    if (ftruncate(fd, old_eof) != 0) {
+		sudo_warn(U_("unable to truncate time stamp file to %lld bytes"),
+		    (long long)old_eof);
+	    }
+	}
+	debug_return_ssize_t(-1);
+    }
+    debug_return_ssize_t(nwritten);
+}
+
+/*
+ * Full in struct timestamp_entry with the specified flags
+ * based on auth user pw.  Does not set the time stamp.
+ */
+static void
+ts_init_key(struct timestamp_entry *entry, struct passwd *pw, int flags,
+    enum def_tuple ticket_type)
+{
+    struct stat sb;
+    debug_decl(ts_init_key, SUDOERS_DEBUG_AUTH)
+
+    memset(entry, 0, sizeof(*entry));
+    entry->version = TS_VERSION;
+    entry->size = sizeof(*entry);
+    entry->flags = flags;
+    if (pw != NULL) {
+	entry->auth_uid = pw->pw_uid;
+    } else {
+	entry->flags |= TS_ANYUID;
+    }
+    entry->sid = user_sid;
+    switch (ticket_type) {
+    default:
+	/* Unknown time stamp ticket type, treat as tty (should not happen). */
+	sudo_warnx("unknown time stamp ticket type %d", ticket_type);
+	/* FALLTHROUGH */
+    case tty:
+	if (user_ttypath != NULL && stat(user_ttypath, &sb) == 0) {
+	    /* tty-based time stamp */
+	    entry->type = TS_TTY;
+	    entry->u.ttydev = sb.st_rdev;
+	    if (entry->sid != -1)
+		get_starttime(entry->sid, &entry->start_time);
+	    break;
+	}
+	/* FALLTHROUGH */
+    case kernel:
+    case ppid:
+	/* ppid-based time stamp */
+	entry->type = TS_PPID;
+	entry->u.ppid = getppid();
+	get_starttime(entry->u.ppid, &entry->start_time);
+	break;
+    case global:
+	/* global time stamp */
+	entry->type = TS_GLOBAL;
+	break;
+    }
+
+    debug_return;
+}
+
+static void
+ts_init_key_nonglobal(struct timestamp_entry *entry, struct passwd *pw, int flags)
+{
+    /*
+     * Even if the timestamp type is global or kernel we still want to do
+     * per-tty or per-ppid locking so sudo works predictably in a pipeline.
+     */
+    ts_init_key(entry, pw, flags,
+	def_timestamp_type == ppid ? ppid : tty);
+}
+
+/*
+ * Open the user's time stamp file.
+ * Returns a cookie or NULL on error, does not lock the file.
+ */
+void *
+timestamp_open(const char *user, pid_t sid)
+{
+    struct ts_cookie *cookie;
+    char *fname = NULL;
+    int tries, fd = -1;
+    debug_decl(timestamp_open, SUDOERS_DEBUG_AUTH)
+
+    /* Zero timeout means don't use the time stamp file. */
+    if (!sudo_timespecisset(&def_timestamp_timeout)) {
+	errno = ENOENT;
+	goto bad;
+    }
+
+    /* Sanity check timestamp dir and create if missing. */
+    if (!ts_secure_dir(def_timestampdir, true, false))
+	goto bad;
+
+    /* Open time stamp file. */
+    if (asprintf(&fname, "%s/%s", def_timestampdir, user) == -1) {
+	sudo_warnx(U_("%s: %s"), __func__, U_("unable to allocate memory"));
+	goto bad;
+    }
+    for (tries = 1; ; tries++) {
+	struct stat sb;
+
+	fd = ts_open(fname, O_RDWR|O_CREAT);
+	switch (fd) {
+	case TIMESTAMP_OPEN_ERROR:
+	    log_warning(SLOG_SEND_MAIL, N_("unable to open %s"), fname);
+	    goto bad;
+	case TIMESTAMP_PERM_ERROR:
+	    /* Already logged set_perms/restore_perms error. */
+	    goto bad;
+	}
+
+	/* Remove time stamp file if its mtime predates boot time. */
+	if (tries == 1 && fstat(fd, &sb) == 0) {
+	    struct timespec boottime, mtime, now;
+
+	    if (sudo_gettime_real(&now) == 0 && get_boottime(&boottime)) {
+		/* Ignore a boot time that is in the future. */
+		if (sudo_timespeccmp(&now, &boottime, <)) {
+		    sudo_debug_printf(SUDO_DEBUG_WARN|SUDO_DEBUG_LINENO,
+			"ignoring boot time that is in the future");
+		} else {
+		    mtim_get(&sb, mtime);
+		    if (sudo_timespeccmp(&mtime, &boottime, <)) {
+			/* Time stamp file too old, remove it. */
+			sudo_debug_printf(SUDO_DEBUG_WARN|SUDO_DEBUG_LINENO,
+			    "removing time stamp file that predates boot time");
+			close(fd);
+			unlink(fname);
+			continue;
+		    }
+		}
+	    }
+	}
+	break;
+    }
+
+    /* Allocate and fill in cookie to store state. */
+    cookie = malloc(sizeof(*cookie));
+    if (cookie == NULL) {
+	sudo_warnx(U_("%s: %s"), __func__, U_("unable to allocate memory"));
+	goto bad;
+    }
+    cookie->fd = fd;
+    cookie->fname = fname;
+    cookie->sid = sid;
+    cookie->pos = -1;
+
+    debug_return_ptr(cookie);
+bad:
+    if (fd != -1)
+	close(fd);
+    free(fname);
+    debug_return_ptr(NULL);
+}
+
+static volatile sig_atomic_t got_signal;
+
+static void
+timestamp_handler(int s)
+{
+    got_signal = s;
+}
+
+/*
+ * Wrapper for sudo_lock_region() that is interruptible.
+ */
+static bool
+timestamp_lock_record(int fd, off_t pos, off_t len)
+{
+    struct sigaction sa, saveint, savequit;
+    sigset_t mask, omask;
+    bool ret;
+    debug_decl(timestamp_lock_record, SUDOERS_DEBUG_AUTH)
+
+    if (pos >= 0 && lseek(fd, pos, SEEK_SET) == -1) {
+	sudo_debug_printf(SUDO_DEBUG_ERROR|SUDO_DEBUG_ERRNO|SUDO_DEBUG_LINENO,
+	    "unable to seek to %lld", (long long)pos);
+	debug_return_bool(false);
+    }
+
+    /* Allow SIGINT and SIGQUIT to interrupt a lock. */
+    got_signal = 0;
+    memset(&sa, 0, sizeof(sa));
+    sigemptyset(&sa.sa_mask);
+    sa.sa_flags = 0; /* don't restart system calls */
+    sa.sa_handler = timestamp_handler;
+    (void) sigaction(SIGINT, &sa, &saveint);
+    (void) sigaction(SIGQUIT, &sa, &savequit);
+    sigemptyset(&mask);
+    sigaddset(&mask, SIGINT);
+    sigaddset(&mask, SIGQUIT);
+    (void) sigprocmask(SIG_UNBLOCK, &mask, &omask);
+
+    ret = sudo_lock_region(fd, SUDO_LOCK, len);
+    if (!ret) {
+	sudo_debug_printf(SUDO_DEBUG_ERROR|SUDO_DEBUG_ERRNO|SUDO_DEBUG_LINENO,
+	    "failed to lock fd %d [%lld, %lld]", fd,
+	    (long long)pos, (long long)len);
+    }
+
+    /* Restore the old mask (SIGINT and SIGQUIT blocked) and handlers. */
+    (void) sigprocmask(SIG_SETMASK, &omask, NULL);
+    (void) sigaction(SIGINT, &saveint, NULL);
+    (void) sigaction(SIGQUIT, &savequit, NULL);
+
+    /* Re-deliver the signal that interrupted the lock, if any. */
+    if (!ret && got_signal)
+	kill(getpid(), got_signal);
+
+    debug_return_bool(ret);
+}
+
+static bool
+timestamp_unlock_record(int fd, off_t pos, off_t len)
+{
+    debug_decl(timestamp_unlock_record, SUDOERS_DEBUG_AUTH)
+
+    if (pos >= 0 && lseek(fd, pos, SEEK_SET) == -1) {
+	sudo_debug_printf(SUDO_DEBUG_ERROR|SUDO_DEBUG_ERRNO|SUDO_DEBUG_LINENO,
+	    "unable to seek to %lld", (long long)pos);
+	debug_return_bool(false);
+    }
+    debug_return_bool(sudo_lock_region(fd, SUDO_UNLOCK, len));
+}
+
+/*
+ * Seek to the record's position and read it, locking as needed.
+ */
+static ssize_t
+ts_read(struct ts_cookie *cookie, struct timestamp_entry *entry)
+{
+    ssize_t nread = -1;
+    bool should_unlock = false;
+    debug_decl(ts_read, SUDOERS_DEBUG_AUTH)
+
+    /* If the record is not already locked, lock it now.  */
+    if (!cookie->locked) {
+	if (!timestamp_lock_record(cookie->fd, cookie->pos, sizeof(*entry)))
+	    goto done;
+	should_unlock = true;
+    }
+
+    /* Seek to the record position and read it.  */
+#ifdef HAVE_PREAD
+    nread = pread(cookie->fd, entry, sizeof(*entry), cookie->pos);
+#else
+    if (lseek(cookie->fd, cookie->pos, SEEK_SET) == -1) {
+	sudo_debug_printf(SUDO_DEBUG_ERROR|SUDO_DEBUG_ERRNO|SUDO_DEBUG_LINENO,
+	    "unable to seek to %lld", (long long)cookie->pos);
+	goto done;
+    }
+    nread = read(cookie->fd, entry, sizeof(*entry));
+#endif
+    if (nread != sizeof(*entry)) {
+	/* short read, should not happen */
+	sudo_debug_printf(SUDO_DEBUG_ERROR|SUDO_DEBUG_LINENO,
+	    "short read (%zd vs %zu), truncated time stamp file?",
+	    nread, sizeof(*entry));
+	goto done;
+    }
+    sudo_debug_printf(SUDO_DEBUG_DEBUG|SUDO_DEBUG_LINENO,
+	"read %zd byte record at %lld", nread, (long long)cookie->pos);
+
+done:
+    /* If the record was not locked initially, unlock it. */
+    if (should_unlock)
+	timestamp_unlock_record(cookie->fd, cookie->pos, sizeof(*entry));
+
+    debug_return_ssize_t(nread);
+}
+
+/*
+ * Lock a record in the time stamp file for exclusive access.
+ * If the record does not exist, it is created (as disabled).
+ */
+bool
+timestamp_lock(void *vcookie, struct passwd *pw)
+{
+    struct ts_cookie *cookie = vcookie;
+    struct timestamp_entry entry;
+    off_t lock_pos;
+    ssize_t nread;
+    debug_decl(timestamp_lock, SUDOERS_DEBUG_AUTH)
+
+    if (cookie == NULL) {
+	sudo_debug_printf(SUDO_DEBUG_DEBUG|SUDO_DEBUG_LINENO,
+	    "called with a NULL cookie!");
+	debug_return_bool(false);
+    }
+
+    /*
+     * Take a lock on the "write" record (the first record in the file).
+     * This will let us seek for the record or extend as needed
+     * without colliding with anyone else.
+     */
+    if (!timestamp_lock_record(cookie->fd, 0, sizeof(struct timestamp_entry)))
+	debug_return_bool(false);
+
+    /* Make sure the first record is of type TS_LOCKEXCL. */
+    memset(&entry, 0, sizeof(entry));
+    nread = read(cookie->fd, &entry, sizeof(entry));
+    if (nread == 0) {
+	/* New file, add TS_LOCKEXCL record. */
+	entry.version = TS_VERSION;
+	entry.size = sizeof(entry);
+	entry.type = TS_LOCKEXCL;
+	if (ts_write(cookie->fd, cookie->fname, &entry, -1) == -1)
+	    debug_return_bool(false);
+    } else if (entry.type != TS_LOCKEXCL) {
+	/* Old sudo record, convert it to TS_LOCKEXCL. */
+	entry.type = TS_LOCKEXCL;
+	memset((char *)&entry + offsetof(struct timestamp_entry, type), 0,
+	    nread - offsetof(struct timestamp_entry, type));
+	if (ts_write(cookie->fd, cookie->fname, &entry, 0) == -1)
+	    debug_return_bool(false);
+    }
+    if (entry.size != sizeof(entry)) {
+	/* Reset position if the lock record has an unexpected size. */
+	if (lseek(cookie->fd, entry.size, SEEK_SET) == -1) {
+	    sudo_debug_printf(SUDO_DEBUG_ERROR|SUDO_DEBUG_ERRNO|SUDO_DEBUG_LINENO,
+		"unable to seek to %lld", (long long)entry.size);
+	    debug_return_bool(false);
+	}
+    }
+
+    /* Search for a tty/ppid-based record or append a new one. */
+    sudo_debug_printf(SUDO_DEBUG_DEBUG|SUDO_DEBUG_LINENO,
+	"searching for %s time stamp record",
+	def_timestamp_type == ppid ? "ppid" : "tty");
+    ts_init_key_nonglobal(&cookie->key, pw, TS_DISABLED);
+    if (ts_find_record(cookie->fd, &cookie->key, &entry)) {
+	sudo_debug_printf(SUDO_DEBUG_DEBUG|SUDO_DEBUG_LINENO,
+	    "found existing %s time stamp record",
+	    def_timestamp_type == ppid ? "ppid" : "tty");
+	lock_pos = lseek(cookie->fd, 0, SEEK_CUR) - (off_t)entry.size;
+    } else {
+	sudo_debug_printf(SUDO_DEBUG_DEBUG|SUDO_DEBUG_LINENO,
+	    "appending new %s time stamp record",
+	    def_timestamp_type == ppid ? "ppid" : "tty");
+	lock_pos = lseek(cookie->fd, 0, SEEK_CUR);
+	if (ts_write(cookie->fd, cookie->fname, &cookie->key, -1) == -1)
+	    debug_return_bool(false);
+    }
+    sudo_debug_printf(SUDO_DEBUG_DEBUG|SUDO_DEBUG_LINENO,
+	"%s time stamp position is %lld",
+	def_timestamp_type == ppid ? "ppid" : "tty", (long long)lock_pos);
+
+    if (def_timestamp_type == global) {
+	/*
+	 * For global tickets we use a separate record lock that we
+	 * cannot hold long-term since it is shared between all ttys.
+	 */
+	cookie->locked = false;
+	cookie->key.type = TS_GLOBAL;	/* find a global record */
+
+	if (lseek(cookie->fd, 0, SEEK_SET) == -1) {
+	    sudo_debug_printf(SUDO_DEBUG_ERROR|SUDO_DEBUG_ERRNO|SUDO_DEBUG_LINENO,
+		"unable to rewind fd");
+	    debug_return_bool(false);
+	}
+	if (ts_find_record(cookie->fd, &cookie->key, &entry)) {
+	    sudo_debug_printf(SUDO_DEBUG_DEBUG|SUDO_DEBUG_LINENO,
+		"found existing global record");
+	    cookie->pos = lseek(cookie->fd, 0, SEEK_CUR) - (off_t)entry.size;
+	} else {
+	    sudo_debug_printf(SUDO_DEBUG_DEBUG|SUDO_DEBUG_LINENO,
+		"appending new global record");
+	    cookie->pos = lseek(cookie->fd, 0, SEEK_CUR);
+	    if (ts_write(cookie->fd, cookie->fname, &cookie->key, -1) == -1)
+		debug_return_bool(false);
+	}
+    } else {
+	/* For tty/ppid tickets the tty lock is the same as the record lock. */
+	cookie->pos = lock_pos;
+	cookie->locked = true;
+    }
+
+    /* Unlock the TS_LOCKEXCL record. */
+    timestamp_unlock_record(cookie->fd, 0, sizeof(struct timestamp_entry));
+
+    /* Lock the per-tty record (may sleep). */
+    if (!timestamp_lock_record(cookie->fd, lock_pos, sizeof(struct timestamp_entry)))
+	debug_return_bool(false);
+
+    debug_return_bool(true);
+}
+
+void
+timestamp_close(void *vcookie)
+{
+    struct ts_cookie *cookie = vcookie;
+    debug_decl(timestamp_close, SUDOERS_DEBUG_AUTH)
+
+    if (cookie != NULL) {
+	close(cookie->fd);
+	free(cookie->fname);
+	free(cookie);
+    }
+
+    debug_return;
+}
+
+/*
+ * Check the time stamp file and directory and return their status.
+ * Called with the file position before the locked record to read.
+ * Returns one of TS_CURRENT, TS_OLD, TS_MISSING, TS_ERROR, TS_FATAL.
+ * Fills in fdp with an open file descriptor positioned at the
+ * appropriate (and locked) record.
+ */
+int
+timestamp_status(void *vcookie, struct passwd *pw)
+{
+    struct ts_cookie *cookie = vcookie;
+    struct timestamp_entry entry;
+    struct timespec diff, now;
+    int status = TS_ERROR;		/* assume the worst */
+    ssize_t nread;
+    debug_decl(timestamp_status, SUDOERS_DEBUG_AUTH)
+
+    /* Zero timeout means don't use time stamp files. */
+    if (!sudo_timespecisset(&def_timestamp_timeout)) {
+	sudo_debug_printf(SUDO_DEBUG_DEBUG|SUDO_DEBUG_LINENO,
+	    "timestamps disabled");
+	status = TS_OLD;
+	goto done;
+    }
+    if (cookie == NULL || cookie->pos < 0) {
+	sudo_debug_printf(SUDO_DEBUG_DEBUG|SUDO_DEBUG_LINENO,
+	    "NULL cookie or invalid position");
+	status = TS_OLD;
+	goto done;
+    }
+
+#ifdef TIOCCHKVERAUTH
+    if (def_timestamp_type == kernel) {
+	int fd = open(_PATH_TTY, O_RDWR);
+	if (fd != -1) {
+	    if (ioctl(fd, TIOCCHKVERAUTH) == 0)
+		status = TS_CURRENT;
+	    else
+		status = TS_OLD;
+	    close(fd);
+	    goto done;
+	}
+    }
+#endif
+
+    /* Read the record at the correct position. */
+    if ((nread = ts_read(cookie, &entry)) != sizeof(entry))
+	goto done;
+
+    /* Make sure what we read matched the expected record. */
+    if (entry.version != TS_VERSION || entry.size != nread) {
+	/* do something else? */
+	sudo_debug_printf(SUDO_DEBUG_ERROR|SUDO_DEBUG_LINENO,
+	    "invalid time stamp file @ %lld", (long long)cookie->pos);
+	status = TS_OLD;
+	goto done;
+    }
+
+    if (ISSET(entry.flags, TS_DISABLED)) {
+	sudo_debug_printf(SUDO_DEBUG_DEBUG|SUDO_DEBUG_LINENO,
+	    "time stamp record disabled");
+	status = TS_OLD;	/* disabled via sudo -k */
+	goto done;
+    }
+
+    if (entry.type != TS_GLOBAL && entry.sid != cookie->sid) {
+	sudo_debug_printf(SUDO_DEBUG_DEBUG|SUDO_DEBUG_LINENO,
+	    "time stamp record sid mismatch");
+	status = TS_OLD;	/* belongs to different session */
+	goto done;
+    }
+
+    /* Negative timeouts only expire manually (sudo -k).  */
+    sudo_timespecclear(&diff);
+    if (sudo_timespeccmp(&def_timestamp_timeout, &diff, <)) {
+	sudo_debug_printf(SUDO_DEBUG_DEBUG|SUDO_DEBUG_LINENO,
+	    "time stamp record does not expire");
+	status = TS_CURRENT;
+	goto done;
+    }
+
+    /* Compare stored time stamp with current time. */
+    if (sudo_gettime_mono(&now) == -1) {
+	log_warning(0, N_("unable to read the clock"));
+	status = TS_ERROR;
+	goto done;
+    }
+    sudo_timespecsub(&now, &entry.ts, &diff);
+    if (sudo_timespeccmp(&diff, &def_timestamp_timeout, <)) {
+	status = TS_CURRENT;
+#if defined(CLOCK_MONOTONIC) || defined(__MACH__)
+	/* A monotonic clock should never run backwards. */
+	if (diff.tv_sec < 0) {
+	    log_warningx(SLOG_SEND_MAIL,
+		N_("ignoring time stamp from the future"));
+	    status = TS_OLD;
+	    SET(entry.flags, TS_DISABLED);
+	    (void)ts_write(cookie->fd, cookie->fname, &entry, cookie->pos);
+	}
+#else
+	/*
+	 * Check for bogus (future) time in the stampfile.
+	 * If diff / 2 > timeout, someone has been fooling with the clock.
+	 */
+	sudo_timespecsub(&entry.ts, &now, &diff);
+	diff.tv_nsec /= 2;
+	if (diff.tv_sec & 1)
+	    diff.tv_nsec += 500000000;
+	diff.tv_sec /= 2;
+	while (diff.tv_nsec >= 1000000000) {
+	    diff.tv_sec++;
+	    diff.tv_nsec -= 1000000000;
+	}
+
+	if (sudo_timespeccmp(&diff, &def_timestamp_timeout, >)) {
+	    time_t tv_sec = (time_t)entry.ts.tv_sec;
+	    log_warningx(SLOG_SEND_MAIL,
+		N_("time stamp too far in the future: %20.20s"),
+		4 + ctime(&tv_sec));
+	    status = TS_OLD;
+	    SET(entry.flags, TS_DISABLED);
+	    (void)ts_write(cookie->fd, cookie->fname, &entry, cookie->pos);
+	}
+#endif /* CLOCK_MONOTONIC */
+    } else {
+	status = TS_OLD;
+    }
+
+done:
+    debug_return_int(status);
+}
+
+/*
+ * Update the time on the time stamp file/dir or create it if necessary.
+ * Returns true on success, false on failure or -1 on setuid failure.
+ */
+bool
+timestamp_update(void *vcookie, struct passwd *pw)
+{
+    struct ts_cookie *cookie = vcookie;
+    int ret = false;
+    debug_decl(timestamp_update, SUDOERS_DEBUG_AUTH)
+
+    /* Zero timeout means don't use time stamp files. */
+    if (!sudo_timespecisset(&def_timestamp_timeout)) {
+	sudo_debug_printf(SUDO_DEBUG_DEBUG|SUDO_DEBUG_LINENO,
+	    "timestamps disabled");
+	goto done;
+    }
+    if (cookie == NULL || cookie->pos < 0) {
+	sudo_debug_printf(SUDO_DEBUG_DEBUG|SUDO_DEBUG_LINENO,
+	    "NULL cookie or invalid position");
+	goto done;
+    }
+
+#ifdef TIOCSETVERAUTH
+    if (def_timestamp_type == kernel) {
+	int fd = open(_PATH_TTY, O_RDWR);
+	if (fd != -1) {
+	    int secs = def_timestamp_timeout.tv_sec;
+	    if (secs > 0) {
+		if (secs > 3600)
+		    secs = 3600;	/* OpenBSD limitation */
+		if (ioctl(fd, TIOCSETVERAUTH, &secs) != 0)
+		    sudo_warn("TIOCSETVERAUTH");
+	    }
+	    close(fd);
+	    goto done;
+	}
+    }
+#endif
+
+    /* Update timestamp in key and enable it. */
+    CLR(cookie->key.flags, TS_DISABLED);
+    if (sudo_gettime_mono(&cookie->key.ts) == -1) {
+	log_warning(0, N_("unable to read the clock"));
+	goto done;
+    }
+
+    /* Write out the locked record. */
+    sudo_debug_printf(SUDO_DEBUG_DEBUG|SUDO_DEBUG_LINENO,
+	"writing %zu byte record at %lld", sizeof(cookie->key),
+	(long long)cookie->pos);
+    if (ts_write(cookie->fd, cookie->fname, &cookie->key, cookie->pos) != -1)
+	ret = true;
+
+done:
+    debug_return_int(ret);
+}
+
+/*
+ * Remove the timestamp entry or file if unlink_it is set.
+ * Returns true on success, false on failure or -1 on setuid failure.
+ * A missing timestamp entry is not considered an error.
+ */
+int
+timestamp_remove(bool unlink_it)
+{
+    struct timestamp_entry key, entry;
+    int fd = -1, ret = true;
+    char *fname = NULL;
+    debug_decl(timestamp_remove, SUDOERS_DEBUG_AUTH)
+
+#ifdef TIOCCLRVERAUTH
+    if (def_timestamp_type == kernel) {
+	fd = open(_PATH_TTY, O_RDWR);
+	if (fd != -1) {
+	    ioctl(fd, TIOCCLRVERAUTH);
+	    goto done;
+	}
+    }
+#endif
+
+    if (asprintf(&fname, "%s/%s", def_timestampdir, user_name) == -1) {
+	sudo_warnx(U_("%s: %s"), __func__, U_("unable to allocate memory"));
+	ret = -1;
+	goto done;
+    }
+
+    /* For "sudo -K" simply unlink the time stamp file. */
+    if (unlink_it) {
+	ret = unlink(fname) ? -1 : true;
+	goto done;
+    }
+
+    /* Open time stamp file and lock it for exclusive access. */
+    fd = ts_open(fname, O_RDWR);
+    switch (fd) {
+    case TIMESTAMP_OPEN_ERROR:
+	if (errno != ENOENT)
+	    ret = false;
+	goto done;
+    case TIMESTAMP_PERM_ERROR:
+	/* Already logged set_perms/restore_perms error. */
+	ret = -1;
+	goto done;
+    }
+    /* Lock first record to gain exclusive access. */
+    if (!timestamp_lock_record(fd, -1, sizeof(struct timestamp_entry))) {
+	sudo_warn(U_("unable to lock time stamp file %s"), fname);
+	ret = -1;
+	goto done;
+    }
+
+    /*
+     * Find matching entries and invalidate them.
+     */
+    ts_init_key(&key, NULL, 0, def_timestamp_type);
+    while (ts_find_record(fd, &key, &entry)) {
+	/* Back up and disable the entry. */
+	if (!ISSET(entry.flags, TS_DISABLED)) {
+	    SET(entry.flags, TS_DISABLED);
+	    if (lseek(fd, 0 - (off_t)sizeof(entry), SEEK_CUR) != -1) {
+		if (ts_write(fd, fname, &entry, -1) == -1)
+		    ret = false;
+	    }
+	}
+    }
+
+done:
+    if (fd != -1)
+	close(fd);
+    free(fname);
+    debug_return_int(ret);
+}
+
+/*
+ * Returns true if the user has already been lectured.
+ */
+bool
+already_lectured(int unused)
+{
+    char status_file[PATH_MAX];
+    struct stat sb;
+    int len;
+    debug_decl(already_lectured, SUDOERS_DEBUG_AUTH)
+
+    if (ts_secure_dir(def_lecture_status_dir, false, true)) {
+	len = snprintf(status_file, sizeof(status_file), "%s/%s",
+	    def_lecture_status_dir, user_name);
+	if (len > 0 && (size_t)len < sizeof(status_file)) {
+	    debug_return_bool(stat(status_file, &sb) == 0);
+	}
+	log_warningx(SLOG_SEND_MAIL, N_("lecture status path too long: %s/%s"),
+	    def_lecture_status_dir, user_name);
+    }
+    debug_return_bool(false);
+}
+
+/*
+ * Create the lecture status file.
+ * Returns true on success, false on failure or -1 on setuid failure.
+ */
+int
+set_lectured(void)
+{
+    char lecture_status[PATH_MAX];
+    int len, fd, ret = false;
+    debug_decl(set_lectured, SUDOERS_DEBUG_AUTH)
+
+    len = snprintf(lecture_status, sizeof(lecture_status), "%s/%s",
+	def_lecture_status_dir, user_name);
+    if (len <= 0 || (size_t)len >= sizeof(lecture_status)) {
+	log_warningx(SLOG_SEND_MAIL, N_("lecture status path too long: %s/%s"),
+	    def_lecture_status_dir, user_name);
+	goto done;
+    }
+
+    /* Sanity check lecture dir and create if missing. */
+    if (!ts_secure_dir(def_lecture_status_dir, true, false))
+	goto done;
+
+    /* Create lecture file. */
+    fd = ts_open(lecture_status, O_WRONLY|O_CREAT|O_EXCL);
+    switch (fd) {
+    case TIMESTAMP_OPEN_ERROR:
+	/* Failed to open, not a fatal error. */
+	break;
+    case TIMESTAMP_PERM_ERROR:
+	/* Already logged set_perms/restore_perms error. */
+	ret = -1;
+	break;
+    default:
+	/* Success. */
+	close(fd);
+	ret = true;
+	break;
+    }
+
+done:
+    debug_return_int(ret);
+}
diff --git a/plugins/sudoers/timestr.c b/plugins/sudoers/timestr.c
new file mode 100644
index 0000000..d94d09c
--- /dev/null
+++ b/plugins/sudoers/timestr.c
@@ -0,0 +1,51 @@
+/*
+ * Copyright (c) 1999, 2009-2011, 2013-2015, 2017
+ *	Todd C. Miller <Todd.Miller@sudo.ws>
+ *
+ * Permission to use, copy, modify, and distribute this software for any
+ * purpose with or without fee is hereby granted, provided that the above
+ * copyright notice and this permission notice appear in all copies.
+ *
+ * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
+ * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
+ * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
+ * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
+ * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
+ * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
+ * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
+ */
+
+/*
+ * This is an open source non-commercial project. Dear PVS-Studio, please check it.
+ * PVS-Studio Static Code Analyzer for C, C++ and C#: http://www.viva64.com
+ */
+
+#include <config.h>
+
+#include <sys/types.h>
+#include <stdio.h>
+#include <stdlib.h>
+#include <time.h>
+
+#include "sudo_compat.h"
+#include "sudo_debug.h"
+#include "parse.h"
+
+/*
+ * Return a static buffer with the current date + time.
+ */
+char *
+get_timestr(time_t tstamp, int log_year)
+{
+    static char buf[128];
+    struct tm *timeptr;
+
+    if ((timeptr = localtime(&tstamp)) != NULL) {
+	/* strftime() does not guarantee to NUL-terminate so we must check. */
+	buf[sizeof(buf) - 1] = '\0';
+	if (strftime(buf, sizeof(buf), log_year ? "%h %e %T %Y" : "%h %e %T",
+	    timeptr) != 0 && buf[sizeof(buf) - 1] == '\0')
+	    return buf;
+    }
+    return NULL;
+}
diff --git a/plugins/sudoers/toke.c b/plugins/sudoers/toke.c
new file mode 100644
index 0000000..d0dd5e3
--- /dev/null
+++ b/plugins/sudoers/toke.c
@@ -0,0 +1,4665 @@
+/*
+ * This is an open source non-commercial project. Dear PVS-Studio, please check it.
+ * PVS-Studio Static Code Analyzer for C, C++ and C#: http://www.viva64.com
+ */
+
+#include <config.h>
+
+#line 3 "toke.c"
+
+#define  YY_INT_ALIGNED short int
+
+/*	$OpenBSD: flex.skl,v 1.16 2017/05/02 19:16:19 millert Exp $	*/
+
+/* A lexical scanner generated by flex */
+
+#define yy_create_buffer sudoers_create_buffer
+#define yy_delete_buffer sudoers_delete_buffer
+#define yy_flex_debug sudoers_flex_debug
+#define yy_init_buffer sudoers_init_buffer
+#define yy_flush_buffer sudoers_flush_buffer
+#define yy_load_buffer_state sudoers_load_buffer_state
+#define yy_switch_to_buffer sudoers_switch_to_buffer
+#define yyin sudoersin
+#define yyleng sudoersleng
+#define yylex sudoerslex
+#define yylineno sudoerslineno
+#define yyout sudoersout
+#define yyrestart sudoersrestart
+#define yytext sudoerstext
+#define yywrap sudoerswrap
+#define yyalloc sudoersalloc
+#define yyrealloc sudoersrealloc
+#define yyfree sudoersfree
+
+#define FLEX_SCANNER
+#define YY_FLEX_MAJOR_VERSION 2
+#define YY_FLEX_MINOR_VERSION 5
+#define YY_FLEX_SUBMINOR_VERSION 39
+#if YY_FLEX_SUBMINOR_VERSION > 0
+#define FLEX_BETA
+#endif
+
+/* First, we deal with  platform-specific or compiler-specific issues. */
+
+/* begin standard C headers. */
+#include <stdio.h>
+#include <string.h>
+#include <errno.h>
+#include <stdlib.h>
+
+/* end standard C headers. */
+
+/* $OpenBSD: flexint.h,v 1.1 2015/11/19 19:43:40 tedu Exp $ */
+
+/* flex integer type definitions */
+
+#ifndef FLEXINT_H
+#define FLEXINT_H
+
+/* C99 systems have <inttypes.h>. Non-C99 systems may or may not. */
+
+#if defined (__STDC_VERSION__) && __STDC_VERSION__ >= 199901L
+
+/* C99 says to define __STDC_LIMIT_MACROS before including stdint.h,
+ * if you want the limit (max/min) macros for int types. 
+ */
+#ifndef __STDC_LIMIT_MACROS
+#define __STDC_LIMIT_MACROS 1
+#endif
+
+#include <inttypes.h>
+typedef int8_t flex_int8_t;
+typedef uint8_t flex_uint8_t;
+typedef int16_t flex_int16_t;
+typedef uint16_t flex_uint16_t;
+typedef int32_t flex_int32_t;
+typedef uint32_t flex_uint32_t;
+#else
+typedef signed char flex_int8_t;
+typedef short int flex_int16_t;
+typedef int flex_int32_t;
+typedef unsigned char flex_uint8_t; 
+typedef unsigned short int flex_uint16_t;
+typedef unsigned int flex_uint32_t;
+
+/* Limits of integral types. */
+#ifndef INT8_MIN
+#define INT8_MIN               (-128)
+#endif
+#ifndef INT16_MIN
+#define INT16_MIN              (-32767-1)
+#endif
+#ifndef INT32_MIN
+#define INT32_MIN              (-2147483647-1)
+#endif
+#ifndef INT8_MAX
+#define INT8_MAX               (127)
+#endif
+#ifndef INT16_MAX
+#define INT16_MAX              (32767)
+#endif
+#ifndef INT32_MAX
+#define INT32_MAX              (2147483647)
+#endif
+#ifndef UINT8_MAX
+#define UINT8_MAX              (255U)
+#endif
+#ifndef UINT16_MAX
+#define UINT16_MAX             (65535U)
+#endif
+#ifndef UINT32_MAX
+#define UINT32_MAX             (4294967295U)
+#endif
+
+#endif /* ! C99 */
+
+#endif /* ! FLEXINT_H */
+
+#ifdef __cplusplus
+
+/* The "const" storage-class-modifier is valid. */
+#define YY_USE_CONST
+
+#else	/* ! __cplusplus */
+
+/* C99 requires __STDC__ to be defined as 1. */
+#if defined (__STDC__)
+
+#define YY_USE_CONST
+
+#endif	/* defined (__STDC__) */
+#endif	/* ! __cplusplus */
+
+#ifdef YY_USE_CONST
+#define yyconst const
+#else
+#define yyconst
+#endif
+
+/* Returned upon end-of-file. */
+#define YY_NULL 0
+
+/* Promotes a possibly negative, possibly signed char to an unsigned
+ * integer for use as an array index.  If the signed char is negative,
+ * we want to instead treat it as an 8-bit unsigned char, hence the
+ * double cast.
+ */
+#define YY_SC_TO_UI(c) ((unsigned int) (unsigned char) c)
+
+/* Enter a start condition.  This macro really ought to take a parameter,
+ * but we do it the disgusting crufty way forced on us by the ()-less
+ * definition of BEGIN.
+ */
+#define BEGIN (yy_start) = 1 + 2 *
+
+/* Translate the current start state into a value that can be later handed
+ * to BEGIN to return to the state.  The YYSTATE alias is for lex
+ * compatibility.
+ */
+#define YY_START (((yy_start) - 1) / 2)
+#define YYSTATE YY_START
+
+/* Action number for EOF rule of a given start state. */
+#define YY_STATE_EOF(state) (YY_END_OF_BUFFER + state + 1)
+
+/* Special action meaning "start processing a new file". */
+#define YY_NEW_FILE sudoersrestart(sudoersin  )
+
+#define YY_END_OF_BUFFER_CHAR 0
+
+/* Size of default input buffer. */
+#ifndef YY_BUF_SIZE
+#define YY_BUF_SIZE 16384
+#endif
+
+/* The state buf must be large enough to hold one state per character in the main buffer.
+ */
+#define YY_STATE_BUF_SIZE   ((YY_BUF_SIZE + 2) * sizeof(yy_state_type))
+
+#ifndef YY_TYPEDEF_YY_BUFFER_STATE
+#define YY_TYPEDEF_YY_BUFFER_STATE
+typedef struct yy_buffer_state *YY_BUFFER_STATE;
+#endif
+
+#ifndef YY_TYPEDEF_YY_SIZE_T
+#define YY_TYPEDEF_YY_SIZE_T
+typedef size_t yy_size_t;
+#endif
+
+extern yy_size_t sudoersleng;
+
+extern FILE *sudoersin, *sudoersout;
+
+#define EOB_ACT_CONTINUE_SCAN 0
+#define EOB_ACT_END_OF_FILE 1
+#define EOB_ACT_LAST_MATCH 2
+
+    #define YY_LESS_LINENO(n)
+    #define YY_LINENO_REWIND_TO(ptr)
+    
+/* Return all but the first "n" matched characters back to the input stream. */
+#define yyless(n) \
+	do \
+		{ \
+		/* Undo effects of setting up sudoerstext. */ \
+        int yyless_macro_arg = (n); \
+        YY_LESS_LINENO(yyless_macro_arg);\
+		*yy_cp = (yy_hold_char); \
+		YY_RESTORE_YY_MORE_OFFSET \
+		(yy_c_buf_p) = yy_cp = yy_bp + yyless_macro_arg - YY_MORE_ADJ; \
+		YY_DO_BEFORE_ACTION; /* set up sudoerstext again */ \
+		} \
+	while ( 0 )
+
+#define unput(c) yyunput( c, (yytext_ptr)  )
+
+#ifndef YY_STRUCT_YY_BUFFER_STATE
+#define YY_STRUCT_YY_BUFFER_STATE
+struct yy_buffer_state
+	{
+	FILE *yy_input_file;
+
+	char *yy_ch_buf;		/* input buffer */
+	char *yy_buf_pos;		/* current position in input buffer */
+
+	/* Size of input buffer in bytes, not including room for EOB
+	 * characters.
+	 */
+	yy_size_t yy_buf_size;
+
+	/* Number of characters read into yy_ch_buf, not including EOB
+	 * characters.
+	 */
+	yy_size_t yy_n_chars;
+
+	/* Whether we "own" the buffer - i.e., we know we created it,
+	 * and can realloc() it to grow it, and should free() it to
+	 * delete it.
+	 */
+	int yy_is_our_buffer;
+
+	/* Whether this is an "interactive" input source; if so, and
+	 * if we're using stdio for input, then we want to use getc()
+	 * instead of fread(), to make sure we stop fetching input after
+	 * each newline.
+	 */
+	int yy_is_interactive;
+
+	/* Whether we're considered to be at the beginning of a line.
+	 * If so, '^' rules will be active on the next match, otherwise
+	 * not.
+	 */
+	int yy_at_bol;
+
+    int yy_bs_lineno; /**< The line count. */
+    int yy_bs_column; /**< The column count. */
+    
+	/* Whether to try to fill the input buffer when we reach the
+	 * end of it.
+	 */
+	int yy_fill_buffer;
+
+	int yy_buffer_status;
+
+#define YY_BUFFER_NEW 0
+#define YY_BUFFER_NORMAL 1
+	/* When an EOF's been seen but there's still some text to process
+	 * then we mark the buffer as YY_EOF_PENDING, to indicate that we
+	 * shouldn't try reading from the input source any more.  We might
+	 * still have a bunch of tokens to match, though, because of
+	 * possible backing-up.
+	 *
+	 * When we actually see the EOF, we change the status to "new"
+	 * (via sudoersrestart()), so that the user can continue scanning by
+	 * just pointing sudoersin at a new input file.
+	 */
+#define YY_BUFFER_EOF_PENDING 2
+
+	};
+#endif /* !YY_STRUCT_YY_BUFFER_STATE */
+
+/* Stack of input buffers. */
+static size_t yy_buffer_stack_top = 0; /**< index of top of stack. */
+static size_t yy_buffer_stack_max = 0; /**< capacity of stack. */
+static YY_BUFFER_STATE * yy_buffer_stack = 0; /**< Stack as an array. */
+
+/* We provide macros for accessing buffer states in case in the
+ * future we want to put the buffer states in a more general
+ * "scanner state".
+ *
+ * Returns the top of the stack, or NULL.
+ */
+#define YY_CURRENT_BUFFER ( (yy_buffer_stack) \
+                          ? (yy_buffer_stack)[(yy_buffer_stack_top)] \
+                          : NULL)
+
+/* Same as previous macro, but useful when we know that the buffer stack is not
+ * NULL or when we need an lvalue. For internal use only.
+ */
+#define YY_CURRENT_BUFFER_LVALUE (yy_buffer_stack)[(yy_buffer_stack_top)]
+
+/* yy_hold_char holds the character lost when sudoerstext is formed. */
+static char yy_hold_char;
+static yy_size_t yy_n_chars;		/* number of characters read into yy_ch_buf */
+yy_size_t sudoersleng;
+
+/* Points to current character in buffer. */
+static char *yy_c_buf_p = (char *) 0;
+static int yy_init = 0;		/* whether we need to initialize */
+static int yy_start = 0;	/* start state number */
+
+/* Flag which is used to allow sudoerswrap()'s to do buffer switches
+ * instead of setting up a fresh sudoersin.  A bit of a hack ...
+ */
+static int yy_did_buffer_switch_on_eof;
+
+void sudoersrestart (FILE *input_file  );
+void sudoers_switch_to_buffer (YY_BUFFER_STATE new_buffer  );
+YY_BUFFER_STATE sudoers_create_buffer (FILE *file,int size  );
+void sudoers_delete_buffer (YY_BUFFER_STATE b  );
+void sudoers_flush_buffer (YY_BUFFER_STATE b  );
+void sudoerspush_buffer_state (YY_BUFFER_STATE new_buffer  );
+void sudoerspop_buffer_state (void );
+
+static void sudoersensure_buffer_stack (void );
+static void sudoers_load_buffer_state (void );
+static void sudoers_init_buffer (YY_BUFFER_STATE b,FILE *file  );
+
+#define YY_FLUSH_BUFFER sudoers_flush_buffer(YY_CURRENT_BUFFER )
+
+YY_BUFFER_STATE sudoers_scan_buffer (char *base,yy_size_t size  );
+YY_BUFFER_STATE sudoers_scan_string (yyconst char *yy_str  );
+YY_BUFFER_STATE sudoers_scan_bytes (yyconst char *bytes,yy_size_t len  );
+
+void *sudoersalloc (yy_size_t  );
+void *sudoersrealloc (void *,yy_size_t  );
+void sudoersfree (void *  );
+
+#define yy_new_buffer sudoers_create_buffer
+
+#define yy_set_interactive(is_interactive) \
+	{ \
+	if ( ! YY_CURRENT_BUFFER ){ \
+        sudoersensure_buffer_stack (); \
+		YY_CURRENT_BUFFER_LVALUE =    \
+            sudoers_create_buffer(sudoersin,YY_BUF_SIZE ); \
+	} \
+	YY_CURRENT_BUFFER_LVALUE->yy_is_interactive = is_interactive; \
+	}
+
+#define yy_set_bol(at_bol) \
+	{ \
+	if ( ! YY_CURRENT_BUFFER ){\
+        sudoersensure_buffer_stack (); \
+		YY_CURRENT_BUFFER_LVALUE =    \
+            sudoers_create_buffer(sudoersin,YY_BUF_SIZE ); \
+	} \
+	YY_CURRENT_BUFFER_LVALUE->yy_at_bol = at_bol; \
+	}
+
+#define YY_AT_BOL() (YY_CURRENT_BUFFER_LVALUE->yy_at_bol)
+
+/* Begin user sect3 */
+
+#define sudoerswrap() 1
+#define YY_SKIP_YYWRAP
+
+typedef unsigned char YY_CHAR;
+
+FILE *sudoersin = (FILE *) 0, *sudoersout = (FILE *) 0;
+
+typedef int yy_state_type;
+
+extern int sudoerslineno;
+
+int sudoerslineno = 1;
+
+extern char *sudoerstext;
+#define yytext_ptr sudoerstext
+
+static yy_state_type yy_get_previous_state (void );
+static yy_state_type yy_try_NUL_trans (yy_state_type current_state  );
+static int yy_get_next_buffer (void );
+static void yy_fatal_error (yyconst char msg[]  );
+
+/* Done after the current pattern has been matched and before the
+ * corresponding action - sets up sudoerstext.
+ */
+#define YY_DO_BEFORE_ACTION \
+	(yytext_ptr) = yy_bp; \
+	sudoersleng = (size_t) (yy_cp - yy_bp); \
+	(yy_hold_char) = *yy_cp; \
+	*yy_cp = '\0'; \
+	(yy_c_buf_p) = yy_cp;
+
+#define YY_NUM_RULES 74
+#define YY_END_OF_BUFFER 75
+/* This struct is not used in this scanner,
+   but its presence is necessary. */
+struct yy_trans_info
+	{
+	flex_int32_t yy_verify;
+	flex_int32_t yy_nxt;
+	};
+static yyconst flex_int16_t yy_accept[882] =
+    {   0,
+        0,    0,    0,    0,    0,    0,    0,    0,    0,    0,
+        0,    0,    0,    0,   75,   62,   70,   69,   68,   61,
+       72,   38,   63,   64,   38,   65,   62,   62,   62,   62,
+       67,   66,   73,   53,   53,   53,   53,   53,   53,   53,
+       53,   53,   53,   53,   53,   73,   62,   62,   70,   72,
+       53,   53,   53,   53,   53,    2,   73,    1,   62,   53,
+       53,   53,   62,   17,   16,   17,   16,   16,   73,   72,
+       73,    3,    9,    8,    9,    4,    9,    5,   73,   13,
+       13,   13,   11,   12,   73,   19,   19,   18,   18,   18,
+       19,   18,   18,   18,   18,   19,   19,   19,   19,   19,
+
+       19,   18,   19,   19,   62,    0,   70,   68,   72,   72,
+        0,   62,   40,    0,   38,    0,   39,    0,   60,   60,
+        0,   62,   62,    0,   62,   62,   62,   62,    0,   43,
+       53,   53,   53,   53,   53,   53,   53,   53,   53,   53,
+       53,   53,   53,   53,   53,   62,   71,   62,   62,   70,
+        0,    0,    0,    0,    0,   72,   62,   62,   62,   62,
+       62,    2,    1,    0,    1,   54,   54,    0,   53,   62,
+       17,   17,   15,   14,   15,    0,    0,    3,    9,    0,
+        6,    7,    9,    9,   13,    0,   13,   13,    0,   10,
+       40,    0,    0,   39,   19,   19,    0,   19,    0,    0,
+
+       18,   18,   18,   18,   18,   18,   19,   19,   53,   19,
+       19,   19,   19,   19,   19,   19,   19,   19,   72,   72,
+        0,   40,   62,   62,   62,   62,   62,    0,    0,   43,
+       43,   53,   45,   53,   53,   53,   53,   53,   53,   53,
+       53,   53,   53,   53,   53,   53,   53,   53,   53,   53,
+       53,   62,   62,    0,    0,    0,    0,    0,   72,   62,
+       62,   62,   62,   62,    0,   62,   10,    0,    0,    0,
+       18,   18,   18,   19,   19,   19,   19,   19,   19,   19,
+       19,   19,   19,   19,   19,   19,   19,   19,   72,   62,
+       62,   62,   62,   62,   62,    0,   44,   44,   44,    0,
+
+        0,   43,   43,   43,   43,   43,   43,   43,   53,   53,
+       53,   53,   53,   53,   53,   53,   53,   53,   53,   53,
+       53,   53,   53,   53,   49,   53,   53,   50,   62,   62,
+       62,   62,    0,    0,    0,    0,    0,   72,   62,   62,
+       62,   62,    0,    0,    0,    0,    0,   18,   18,   19,
+       19,   53,   19,   19,   19,   19,   19,   19,   19,   19,
+       19,   19,   19,   19,   19,   62,   62,   62,    0,    0,
+       44,   44,   44,    0,   43,   43,    0,   43,   43,   43,
+       43,   43,   43,   43,   43,   43,   43,   43,    0,   27,
+       53,   53,   53,   53,    0,   34,   53,   53,   53,   53,
+
+       53,   53,   53,   53,   53,   51,   53,   53,   62,   62,
+       62,   62,   62,    0,    0,    0,   72,   62,   62,   62,
+        0,    0,    0,   18,   18,   19,   53,   53,   19,   19,
+       19,   19,   19,   19,   19,   19,   19,   19,   19,   19,
+       19,   62,   62,   62,   62,   62,    0,   44,    0,   43,
+       43,   43,    0,    0,    0,   43,   43,   43,   43,   43,
+       43,   43,   43,   43,   43,   43,   43,   43,   53,   53,
+       53,   53,   53,   53,   53,   53,   53,   53,   53,   53,
+       53,   53,   53,   55,   56,   57,   58,   62,    0,    0,
+       72,   62,   62,   62,    0,    0,    0,    0,    0,   19,
+
+       53,   53,   19,   19,   53,   19,   19,   19,   19,   19,
+       19,   19,   19,   19,   19,   41,   41,   41,    0,    0,
+       43,   43,   43,   43,   43,   43,   43,    0,    0,    0,
+        0,    0,   43,   43,   43,   43,   43,   43,   43,   43,
+       43,   43,   43,   43,   43,   43,    0,   36,   53,   53,
+       53,    0,   26,   53,   53,   53,    0,   35,   53,   53,
+       53,   53,    0,   25,    0,   28,   46,   62,    0,    0,
+       72,   62,   62,   62,   41,   41,   41,   53,   53,   19,
+       53,   53,   19,   19,   19,   62,   41,   41,   41,   41,
+        0,   43,    0,   43,   43,   43,   43,   43,   43,   43,
+
+       43,   43,   43,   43,    0,    0,    0,   43,   43,   43,
+       43,   43,   43,   43,   43,   43,   43,   43,   43,   43,
+       53,   53,   53,   53,   53,   53,   53,   53,   48,   53,
+       59,    0,    0,   72,   62,   22,   54,    0,   41,   41,
+       41,   41,   53,   53,   19,   53,   53,   19,   19,   19,
+       42,   42,   42,   42,   43,    0,    0,    0,   43,   43,
+       43,   43,   43,   43,   43,   43,   43,   43,   43,   43,
+       43,    0,    0,    0,    0,    0,   43,   43,   43,   43,
+       43,   43,   43,   43,   53,   53,   53,    0,   37,   53,
+       53,    0,   24,    0,   29,   47,    0,   22,   72,   72,
+
+       62,    0,   62,   42,   42,   42,   42,   53,   53,   53,
+       53,   62,   62,   42,   42,   42,   42,    0,    0,    0,
+        0,    0,   43,   43,   43,   43,   43,   43,   43,   43,
+       43,   43,   43,   43,   43,   43,   43,   43,   43,   43,
+       43,   43,   52,    0,   32,   53,   53,   53,    0,   72,
+       72,   20,   72,   23,   22,    0,    0,    0,    0,    0,
+       22,    0,    0,    0,   42,   42,   42,   42,   53,   53,
+       53,   62,   62,   62,    0,    0,    0,   43,   43,   43,
+       43,   43,   43,   43,   43,   43,   43,   43,   43,   43,
+       43,   43,   43,   43,   43,    0,   30,   53,   53,   23,
+
+       72,    0,   22,    0,    0,    0,   53,   53,   62,   62,
+       62,   62,   62,    0,    0,    0,    0,    0,   43,   43,
+       43,   43,   43,   43,   43,   43,    0,   33,   53,   72,
+        0,    0,    0,    0,    0,   53,   62,   62,   62,   43,
+       43,   43,   43,   43,   43,    0,   31,   72,   72,   21,
+        0,    0,    0,   62,   62,   62,   62,   62,   43,   43,
+       43,   43,   43,    0,    0,    0,    0,    0,   41,   41,
+       41,   41,   41,   41,   41,   41,   41,   41,   41,   41,
+        0
+    } ;
+
+static yyconst flex_int32_t yy_ec[256] =
+    {   0,
+        1,    1,    1,    1,    1,    1,    1,    1,    2,    3,
+        1,    1,    1,    1,    1,    1,    1,    1,    1,    1,
+        1,    1,    1,    1,    1,    1,    1,    1,    1,    1,
+        1,    2,    4,    5,    6,    1,    7,    1,    1,    8,
+        9,   10,   11,   12,   13,   14,   15,   16,   17,   18,
+       19,   20,   21,   22,   23,   24,   25,   26,    1,    1,
+       27,   28,   10,   29,   30,   31,   32,   33,   34,   35,
+       36,   37,   38,   39,   39,   40,   41,   42,   43,   44,
+       39,   45,   46,   47,   48,   49,   50,   51,   52,   39,
+       10,   53,   10,    1,   54,    1,   55,   56,   57,   58,
+
+       59,   60,   61,   62,   63,   61,   61,   64,   65,   66,
+       67,   61,   61,   68,   69,   70,   71,   61,   61,   61,
+       61,   61,    1,    1,    1,    1,    1,    1,    1,    1,
+        1,    1,    1,    1,    1,    1,    1,    1,    1,    1,
+        1,    1,    1,    1,    1,    1,    1,    1,    1,    1,
+        1,    1,    1,    1,    1,    1,    1,    1,    1,    1,
+        1,    1,    1,    1,    1,    1,    1,    1,    1,    1,
+        1,    1,    1,    1,    1,    1,    1,    1,    1,    1,
+        1,    1,    1,    1,    1,    1,    1,    1,    1,    1,
+        1,    1,    1,    1,    1,    1,    1,    1,    1,    1,
+
+        1,    1,    1,    1,    1,    1,    1,    1,    1,    1,
+        1,    1,    1,    1,    1,    1,    1,    1,    1,    1,
+        1,    1,    1,    1,    1,    1,    1,    1,    1,    1,
+        1,    1,    1,    1,    1,    1,    1,    1,    1,    1,
+        1,    1,    1,    1,    1,    1,    1,    1,    1,    1,
+        1,    1,    1,    1,    1
+    } ;
+
+static yyconst flex_int32_t yy_meta[72] =
+    {   0,
+        1,    2,    3,    4,    5,    6,    1,    7,    7,    1,
+        8,    9,   10,   11,   12,   13,   13,   13,   13,   13,
+       13,   13,   13,   13,   13,   14,   15,    7,    1,   16,
+       16,   16,   16,   16,   16,   17,   17,   17,   17,   17,
+       17,   17,   17,   17,   17,   17,   17,   17,   17,   17,
+       17,   17,   18,   19,   20,   20,   20,   20,   20,   20,
+       21,   21,   21,   21,   21,   21,   21,   21,   21,   21,
+       21
+    } ;
+
+static yyconst flex_int16_t yy_base[999] =
+    {   0,
+        0,   70,   72,   80,  126,  131,  183,  253,  161,  205,
+       86,   94,  324,    0, 4976, 4918, 4967, 5585, 4964, 5585,
+      393,   87, 5585, 5585, 4914, 5585,  172,  405,  174,  185,
+     4940, 5585, 5585,  465, 4925,   43,   37,  521,   62, 4934,
+     4913,   76, 4912, 4916,   71,  580,  595,   83,  228,  618,
+       39,   91, 4881,   30, 4878,   73, 4933, 4943,  439, 4901,
+     4900, 4895,   89,    0, 5585, 4919, 5585,    0,  620,  679,
+      108,    0, 4861, 5585,  117, 5585,  129, 5585,  159, 4855,
+      106,  122, 5585,  166,  209,  656,  710,  754,  261,  203,
+      812,  862, 4865,  223,  186,  918, 4861, 4872, 4858, 4866,
+
+     4858,  965,    0,   84, 4834,  650, 4882, 4877, 4877, 5585,
+      271,  546,  619, 4859,  622,  723, 4818,  848,  952, 4813,
+      989, 1002, 1040, 4837, 4846,  577,  724,  250, 4833,  249,
+     1085, 1130, 4811, 4816, 4805, 4801, 4803, 4800,  994, 4789,
+     4796, 4793, 4784, 4785, 4781,  396, 5585,  178,  125, 1000,
+     4759, 4763, 4751, 4746, 4747,  231,  354,  386,  159,  379,
+      245,  439, 4812,  736, 4803, 1038, 4751, 1165, 1042,  247,
+        0, 4795,  299, 5585, 5585,  946,  399,    0, 4743,  659,
+     5585, 5585, 4740,  401, 4739, 4767,  403,  404,  431, 4739,
+      627,  668, 1192, 4683, 1198,    0, 1227, 1255, 1211, 1105,
+
+     1294, 4719, 1224, 1254,  845, 1344, 1400, 4690,    0, 4695,
+     4680, 4679, 4675, 1246, 4666, 4664, 4655, 4651, 4705, 4697,
+     1277, 1314, 1447, 1420,  990, 1487, 4680, 4666, 1532,  427,
+     1578, 1623,    0, 4658, 4649, 4650, 4633, 4629, 4616, 4594,
+     4588, 4598, 4597, 4591,  438, 4578, 4570, 4581, 4576, 4573,
+     4570,  669,  160, 4537, 4535, 4525, 4523, 4527,  546,  397,
+     4528,  504,  418,  406, 1471,  505, 4580, 4565, 4564, 1670,
+     1680, 4563, 1725,    0, 4543, 4526, 4511, 4520, 4506, 4511,
+     4510, 4515, 4514, 4505, 4491, 4502,  687, 4468, 4531, 1770,
+      534,    0,    0, 1027,  246, 4507, 4506, 1808,  633, 4498,
+
+     4492,  653, 1468, 1821, 1507, 1115, 1867, 1914, 4490,  603,
+     4471, 4466,  646,  665, 4478, 4471, 4446, 4443, 4430, 4427,
+     4438, 4438, 4421, 4424,    0, 4427, 4339,    0,  837,  551,
+      574,  654, 4323, 4325, 4309, 4323, 4309,  763,  506, 1041,
+      424,  677, 1552, 4362, 4361, 4360, 1162, 1924, 1969,  781,
+     4330,  691,  889, 4338, 4331, 4334, 4331, 4322, 4320, 4316,
+     4323,  830, 4340, 4346, 4303, 2016, 2028, 2040, 4335, 4334,
+     2050, 4334, 4332, 4331, 4330,  977, 1598, 1054, 1643, 1064,
+     2063,    0, 1702, 2110, 1745, 1324, 2156, 2203,  970, 5585,
+     4294, 4299, 4300, 4293, 1010, 5585, 4308, 4299, 4284, 4297,
+
+     4290, 4301, 4287, 4298, 4299,    0, 4282, 4282,  640,  786,
+     1034,  986,  709, 4275, 4257, 4237,  641,  520, 1028,  901,
+     4291, 4289, 2215, 2225, 4276, 4251, 4226, 4143, 4147, 4127,
+     4101, 4083, 4065, 4065, 4054, 4026, 4043, 4029, 4019, 4009,
+     3961, 2270, 1000, 2310, 2322, 1655, 3986, 3954, 3941, 3929,
+     2332, 1142, 3929, 3917, 2379, 1169, 1188, 1192, 1780, 1195,
+     2391,    0, 1792, 2438, 1841, 1430, 2484, 2531, 2556, 1259,
+     1450, 1111, 1112, 1224, 1868, 1196, 1452, 1473, 1232, 1535,
+     1320, 1321, 1427, 3843, 3835, 3828, 3790,  663, 3806, 3753,
+      394, 1843,  960,  796, 1896, 3790, 3777, 3774, 1565, 1346,
+
+     3707, 3697, 1371, 3688, 1046, 1512, 3680, 3685, 1514, 1533,
+        0,    0,    0,    0, 3660, 2613, 1944, 1608, 3651, 3634,
+     3626, 1989, 2653, 2083, 1713, 2698, 2745, 2130, 3629, 3610,
+     3603, 1757, 2005, 2168, 2170, 2178, 2245, 2183, 2757,    0,
+     2282, 2804, 2293, 1954, 2850, 2897, 1534, 5585, 2922,  907,
+     1128, 1604, 5585, 1178, 1265, 1857, 1605, 5585, 1501, 2157,
+     1632, 1734, 1683, 5585, 1725, 5585, 3561, 1235, 3534, 3502,
+     1156, 2147, 1426, 1236, 3545, 3520, 2979, 3452, 3432, 2994,
+     3433, 3412, 1463,  791, 3381, 3050, 1305, 3089,    0, 1792,
+     3378, 3377, 2352, 2029, 2411, 2204, 3129,    0, 2460, 3142,
+
+     2504, 2093, 3187, 3234, 3375, 3345, 3246, 2368, 2520, 2625,
+     2627, 3319, 2629, 3258,    0, 2642, 3305, 2673, 2140, 3352,
+     3377, 1433,  898, 1927, 1823, 1603, 2089, 2090, 3263, 2270,
+     3256, 3242, 3216, 1817, 1671, 2414, 3171, 2718, 3200, 3165,
+     3070, 2256, 3030, 2974, 3447, 2881, 2850, 1847, 1848,    0,
+     3505, 2777, 2824, 1736, 2852, 2844, 2836, 3545, 2805, 2311,
+     2461, 2870, 2638, 3557,    0, 3062, 3570, 3073, 2629, 3615,
+     3662, 3099, 2797, 2738, 2734, 2685, 2639, 2734, 2886,  985,
+     1342, 3674,    0, 2789, 1822, 2439, 1861, 1993, 5585, 1379,
+     1860, 1995, 5585, 1996, 5585, 2695, 2670, 2356, 1819, 1478,
+
+     2252, 2849, 3125, 2686, 2570, 3686, 2185, 2252, 2464, 2511,
+     3100, 3696, 1963, 3736,    0, 2356, 1964, 3116, 2554, 2547,
+     2498, 3165, 2459, 2419, 2994, 3073, 3171, 3143, 3776,    0,
+     3209, 3789, 3278, 3220, 3834, 3881, 2424, 2371, 3892, 3316,
+     2264, 1936, 2204, 2418, 5585, 2534, 2115, 2159, 2136, 2160,
+     2249, 5585, 2416, 2084, 3302, 3352, 3532, 3544, 2104, 2922,
+     2037, 3720, 3327, 2009, 1982, 1938, 3436, 1889, 2536, 2830,
+     2831, 3904, 3916, 3928, 1855, 1834, 3940, 1699, 1681, 3235,
+     3327, 3590, 3353, 3952,    0, 3637, 3965, 3717, 3523, 4012,
+     1636, 1617, 1590, 3536, 1565, 2724, 5585, 2850, 2273, 5585,
+
+     2304, 3746, 3756, 1519, 1448, 4024, 2725, 3285, 4036, 2477,
+     4048, 4060, 3648, 3809, 1307, 1277, 1243, 3602, 1204, 1198,
+     3506, 1161, 1125, 4072,    0, 2509, 2901, 5585, 3284, 2435,
+     3854, 1079, 1071, 1030, 3821, 2902, 4084, 4096, 4108, 3985,
+     4118, 4128, 1005,    0,  768, 3021, 5585,  730, 2480, 5585,
+      596,  576, 4140, 4152, 2693, 4164, 4176, 3866, 5585, 4186,
+     4196, 3766, 5585, 4206,  456,  289,  134, 3997, 4216, 4254,
+     4292, 4226, 4236, 4264,   28, 4330, 4246, 5585, 4302, 4274,
+     5585, 4383, 4404, 4425, 4446, 4467, 4488, 4509, 4530, 4551,
+     4560, 2005, 4580, 4601, 2661, 4622, 4643, 4664, 4685, 4706,
+
+     4727, 4748, 4769, 2479, 4790, 4799, 4807, 4816, 4836, 4857,
+     4878, 2765, 4899, 4920, 4941, 4962, 4983, 4992, 5011, 5020,
+     5029, 2348, 2734, 5037, 5045, 5053, 5062, 5070, 5077, 5085,
+     5093, 5102, 5112, 2885, 2913, 5120, 5128, 5136, 3073, 3203,
+     5145, 5155, 5175, 3220, 5184, 5192, 3221, 5201, 5211, 5231,
+     2552, 2994, 5240, 5252, 5261, 5271, 3369, 3370, 5280, 5290,
+     5299, 5319, 3088, 5328, 5340, 3448, 3520, 5349, 5359, 3534,
+     5368, 5378, 5398, 5419, 5440, 3631, 3648, 5460, 3732, 5467,
+     5477, 3158, 3373, 5486, 3115, 5506, 3805, 3849, 5515, 5525,
+     3850, 3980, 5533, 5543, 5563, 4284, 3981, 4285
+
+    } ;
+
+static yyconst flex_int16_t yy_def[999] =
+    {   0,
+      881,    1,    1,    1,  882,  882,  883,  883,  884,  884,
+      885,  885,  881,   13,  881,  886,  881,  881,  881,  881,
+      887,  888,  881,  881,  889,  881,  890,  886,   28,   28,
+      891,  881,  881,  881,   34,   34,   34,   34,   38,   38,
+       38,   38,   38,   38,   38,  886,   28,  886,  881,  887,
+       34,   34,   38,   38,   38,  881,  892,  881,  893,   38,
+       38,   38,  886,  894,  881,  894,  881,  894,  881,  887,
+      881,  895,  896,  881,  896,  881,  896,  881,  897,  898,
+      898,  898,  881,  881,  899,  900,  901,  881,   88,   88,
+       88,  881,   92,   92,   92,   92,   96,   96,   96,   96,
+
+       96,   88,   91,   91,  886,  886,  881,  881,  902,  881,
+      903,  881,  888,  904,  899,  888,  889,  889,  890,  905,
+      886,  886,   28,  906,  123,  123,  123,  123,  907,  908,
+       38,  131,  132,  132,  132,  132,  132,  132,  132,  132,
+      132,  132,  132,  132,  132,  886,  881,  886,  886,  881,
+      881,  881,  881,  881,  881,  902,  886,  123,  886,  886,
+      886,  881,  881,  881,  881,  909,  910,  886,  132,  886,
+      911,  911,  881,  881,  881,  903,  881,  912,  913,  913,
+      881,  881,  913,  913,  914,  881,  914,  914,  881,  881,
+      899,  899,  899,  915,  916,   91,  915,  917,  881,  881,
+
+       88,  201,  201,  201,  201,  881,  206,  207,  918,  207,
+      207,  207,  207,  207,  207,  207,   91,   91,  902,  919,
+      881,  881,  886,  223,  223,  123,  226,  920,  881,  921,
+      881,  132,  132,  132,  132,  132,  132,  132,  132,  132,
+      132,  132,  132,  132,  132,  132,  132,  132,  132,  132,
+      132,  886,  886,  881,  881,  881,  881,  881,  902,  886,
+      226,  886,  886,  886,  881,  886,  881,  922,  923,  881,
+       91,  271,  206,  207,  207,  207,  207,  207,  207,  207,
+      207,  207,  207,  207,  207,  207,   91,   91,  919,  886,
+      886,  223,  223,  223,  886,  924,  925,  925,  298,  926,
+
+      925,  927,  231,  881,  304,  304,  881,  304,  132,  132,
+      132,  132,  132,  132,  132,  132,  132,  132,  132,  132,
+      132,  132,  132,  132,  132,  132,  132,  132,  886,  886,
+      886,  886,  881,  881,  881,  881,  881,  902,  886,  886,
+      886,  886,  881,  881,  922,  922,  881,  271,  206,  207,
+      207,  928,  207,  207,  207,  207,  207,  207,  207,  207,
+      207,   91,   91,   91,   91,  223,  223,  223,  881,  929,
+      929,  371,  929,  930,  931,  932,  881,  933,  307,  933,
+      881,  381,  933,  881,  384,  384,  881,  384,  881,  881,
+      132,  132,  132,  132,  881,  881,  132,  132,  132,  132,
+
+      132,  132,  132,  132,  132,  132,  132,  132,  886,  886,
+      886,  886,  886,  881,  881,  881,  902,  886,  886,  886,
+      934,  935,  881,   91,  349,  207,  928,  928,  207,  207,
+      207,  207,  207,  207,  207,  207,   91,   91,   91,   91,
+       91,  886,  886,  223,  223,  886,  936,  936,  937,  938,
+      881,  881,  939,  940,  881,  941,  941,  942,  387,  942,
+      881,  461,  942,  881,  464,  464,  881,  464,  881,  469,
+      469,  469,  469,  469,  469,  469,  469,  469,  469,  469,
+      469,  469,  469,  886,  886,  886,  886,  886,  881,  881,
+      943,  886,  886,  886,  881,  881,  944,  944,  881,  207,
+
+      928,  928,  207,  207,  928,  207,  207,  207,  207,  207,
+       91,   91,   91,   91,   91,  886,  516,  516,  881,  945,
+      946,  451,  881,  523,  523,  881,  523,  881,  881,  947,
+      947,  881,  881,  948,  948,  949,  467,  949,  881,  539,
+      949,  881,  542,  542,  881,  542,  881,  881,  881,  549,
+      549,  881,  881,  549,  549,  549,  881,  881,  549,  549,
+      549,  549,  881,  881,  881,  881,  549,  886,  881,  881,
+      950,  886,  886,  886,  951,  952,  881,  953,  953,  881,
+      953,  953,  580,  580,  954,  886,  886,  886,  588,  588,
+      881,  955,  881,  956,  526,  956,  956,  597,  956,  881,
+
+      600,  600,  881,  600,  957,  958,  881,  881,  959,  959,
+      960,  961,  960,  881,  614,  960,  881,  617,  617,  617,
+      881,  621,  621,  621,  621,  621,  621,  621,  621,  621,
+      886,  881,  881,  962,  886,  886,  886,  881,  881,  963,
+      963,  881,  964,  964,  881,  964,  964,  645,  645,  965,
+      886,  651,  651,  651,  881,  966,  967,  881,  968,  968,
+      969,  603,  969,  969,  664,  969,  881,  667,  667,  881,
+      667,  881,  881,  970,  970,  881,  881,  971,  971,  972,
+      972,  972,  682,  972,  621,  621,  621,  881,  881,  621,
+      621,  881,  881,  881,  881,  621,  881,  881,  973,  962,
+
+      886,  974,  975,  976,  977,  881,  976,  978,  978,  978,
+      978,  886,  886,  886,  714,  714,  886,  881,  881,  979,
+      979,  881,  881,  980,  980,  981,  670,  981,  981,  729,
+      981,  881,  732,  732,  881,  732,  982,  983,  881,  881,
+      984,  984,  621,  881,  881,  621,  621,  621,  881,  973,
+      973,  881,  962,  886,  974,  974,  974,  974,  985,  974,
+      986,  986,  881,  881,  976,  976,  881,  881,  978,  978,
+      978,  714,  714,  714,  987,  988,  881,  881,  989,  989,
+      990,  735,  990,  990,  784,  990,  881,  787,  787,  787,
+      881,  982,  982,  881,  881,  881,  881,  621,  621,  881,
+
+      962,  881,  881,  991,  992,  881,  978,  978,  714,  886,
+      714,  714,  886,  881,  881,  987,  987,  881,  881,  993,
+      993,  994,  994,  994,  824,  824,  881,  881,  621,  995,
+      881,  881,  991,  991,  881,  978,  714,  714,  714,  881,
+      881,  881,  881,  996,  996,  881,  881,  995,  995,  881,
+      997,  998,  881,  714,  886,  714,  714,  886,  881,  881,
+      881,  881,  881,  881,  881,  997,  997,  881,  886,  886,
+      886,  881,  881,  881,  886,  886,  886,  881,  881,  881,
+        0,  881,  881,  881,  881,  881,  881,  881,  881,  881,
+      881,  881,  881,  881,  881,  881,  881,  881,  881,  881,
+
+      881,  881,  881,  881,  881,  881,  881,  881,  881,  881,
+      881,  881,  881,  881,  881,  881,  881,  881,  881,  881,
+      881,  881,  881,  881,  881,  881,  881,  881,  881,  881,
+      881,  881,  881,  881,  881,  881,  881,  881,  881,  881,
+      881,  881,  881,  881,  881,  881,  881,  881,  881,  881,
+      881,  881,  881,  881,  881,  881,  881,  881,  881,  881,
+      881,  881,  881,  881,  881,  881,  881,  881,  881,  881,
+      881,  881,  881,  881,  881,  881,  881,  881,  881,  881,
+      881,  881,  881,  881,  881,  881,  881,  881,  881,  881,
+      881,  881,  881,  881,  881,  881,  881,  881
+
+    } ;
+
+static yyconst flex_int16_t yy_nxt[5657] =
+    {   0,
+       16,   17,   18,   19,   20,   21,   22,   23,   24,   16,
+       25,   26,   16,   16,   27,   28,   29,   30,   28,   28,
+       28,   28,   28,   28,   28,   31,   32,   33,   16,   34,
+       35,   35,   35,   36,   37,   38,   38,   38,   38,   39,
+       40,   41,   38,   42,   43,   44,   45,   38,   38,   38,
+       38,   38,   46,   16,   47,   47,   47,   47,   47,   47,
+       16,   16,   16,   16,   16,   16,   16,   16,   48,   16,
+       16,   49,  142,   56,  162,   50,  132,   57,  132,  135,
+      106,   56,  132,   58,  163,   57,   59,   81,   18,   82,
+       83,   58,  114,  134,   59,   81,   18,   82,   83,  136,
+
+      160,   51,   52,  157,  137,  140,   53,  187,  144,  177,
+      147,   60,  115,   61,   54,   62,   38,   55,   38,   60,
+      141,   61,  145,   62,   38,  188,   38,   17,   65,   66,
+      132,   67,   17,   65,   66,  106,   67,   67,   84,  116,
+       63,  106,   67,  181,  148,  217,   84,  864,   63,  158,
+      148,   67,   68,  149,  218,  182,   67,   68,  186,  170,
+      184,  147,   17,   18,   19,   74,   70,  189,  190,  180,
+      185,   75,   76,   77,  186,  120,  120,  106,   69,  120,
+      120,  180,  253,   69,   17,   18,   19,   78,   70,  126,
+      126,  126,  126,  126,  126,  126,  126,  126,  126,  120,
+
+      127,  127,  127,  127,  127,  128,   17,   18,   19,   74,
+       70,  106,  106,   79,  114,   75,   76,   77,  204,  204,
+      204,  204,  204,  205,  121,  207,  332,  262,  211,  150,
+      106,   78,  252,  110,  192,   71,   72,   72,   72,   72,
+       72,   72,   72,   72,   72,   72,   72,   72,   72,   72,
+       72,   72,   72,   72,   17,   18,   19,   79,   70,  151,
+      152,  193,  207,  229,  153,  227,  227,  227,  227,  227,
+      227,  124,  154,  210,  231,  155,  203,  203,  203,  203,
+      203,  203,  203,  203,  203,  203,  112,  112,  112,  112,
+      112,  112,  112,  112,  112,  112,  259,  106,  106,  106,
+
+      177,  147,  864,  264,  266,   71,   72,   72,   72,   72,
+       72,   72,   72,   72,   72,   72,   72,   72,   72,   72,
+       72,   72,   72,   72,   33,   17,   18,   19,   33,   33,
+       85,   23,   24,   33,   86,   26,   33,   33,   87,   88,
+       89,   90,   88,   88,   88,   88,   88,   88,   88,   31,
+       91,   33,   33,   92,   93,   93,   93,   94,   95,   96,
+       96,   96,   96,   97,   98,   99,   96,  100,   96,  101,
+       96,   96,   96,   96,   96,   96,   71,   33,  102,  102,
+      102,  102,  102,  102,  103,  103,  103,  103,  103,  103,
+      103,  103,  104,  103,  103,  110,  110,  177,  147,  105,
+
+      177,  147,  177,  147,  187,  111,  106,  188,  112,  112,
+      112,  112,  112,  112,  112,  112,  112,  112,  122,  260,
+      123,  123,  123,  123,  123,  123,  123,  123,  123,  123,
+      124,  106,  189,  190,  125,  125,  125,  125,  125,  125,
+      162,  229,  167,  167,  263,  261,  167,  167,  106,  106,
+      163,  571,  303,  180,  339,  186,  186,  106,  106,  125,
+      125,  125,  125,  125,  125,  105,  167,  321,  322,  864,
+      106,  105,  341,  339,  105,  105,  106,  105,  105,  105,
+      131,  131,  131,  131,  131,  131,  131,  131,  131,  131,
+      124,  168,  339,  105,  131,  131,  131,  131,  131,  131,
+
+      132,  132,  132,  132,  133,  132,  132,  132,  132,  132,
+      132,  132,  132,  132,  132,  132,  132,  106,  132,  125,
+      125,  125,  125,  125,  125,  105,  105,  105,  105,  105,
+      105,  105,  105,  105,  105,  105,  132,  132,  132,  132,
+      132,  132,  132,  132,  132,  132,  881,  290,  110,  492,
+      132,  132,  132,  132,  132,  132,  106,  106,  106,  418,
+      132,  112,  112,  112,  112,  112,  112,  112,  112,  112,
+      112,  342,  106,  339,  411,  105,  105,  105,  105,  105,
+      105,  146,  147,  105,  105,  105,  106,  105,  105,  864,
+      412,  105,  227,  227,  227,  227,  227,  227,  227,  227,
+
+      227,  227,  338,  106,  389,  105,  105,  105,  105,  864,
+      125,  125,  125,  125,  125,  125,  125,  125,  125,  125,
+      110,  173,  147,  174,  881,  175,  106,  114,  390,  174,
+      111,  175,  881,  112,  112,  112,  112,  112,  112,  112,
+      112,  112,  112,  110,  881,  175,  175,  881,  373,  373,
+      373,  105,  881,  105,  105,  105,  194,  105,  105,  484,
+      179,  105,  194,  179,  179,  194,  395,  229,  194,  194,
+      179,  116,  175,  114,  193,  105,  105,  105,  303,  193,
+      156,  110,  196,  393,  194,  179,  329,  330,  394,  331,
+      396,  176,  106,  881,  881,  881,  881,  881,  881,  881,
+
+      881,  881,  881,  881,  362,  363,  106,  364,  197,  194,
+      120,  491,  413,  120,  120,  106,  120,  120,  120,  120,
+      193,  106,  120,  120,  113,  568,  113,  113,  427,  106,
+      113,  113,  850,  428,  113,  420,  196,  120,  120,  227,
+      227,  227,  227,  227,  227,  227,  227,  227,  227,  113,
+      113,  112,  112,  112,  112,  112,  112,  112,  112,  112,
+      112,  106,  199,  120,  196,  110,  488,  200,  196,  201,
+      201,  201,  201,  201,  201,  201,  201,  201,  201,  124,
+      196,  593,  389,  202,  202,  202,  202,  202,  202,  196,
+      196,  196,  196,  196,  196,  196,  196,  196,  196,  196,
+
+      196,  196,  196,  196,  196,  196,  390,  485,  202,  202,
+      202,  202,  202,  202,  196,  196,  196,  196,  196,  196,
+      196,  196,  196,  196,  196,  881,  417,  196,  196,  196,
+      196,  196,  196,  196,  196,  196,  196,  881,  106,  649,
+      207,  196,  196,  196,  196,  196,  196,  437,  106,  117,
+      438,  117,  117,  117,  409,  117,  117,  410,  574,  117,
+      272,  272,  272,  272,  272,  272,  196,  196,  196,  196,
+      196,  196,  196,  117,  117,  117,  196,  206,  206,  206,
+      206,  206,  206,  206,  206,  206,  206,  124,  196,  106,
+      395,  206,  206,  206,  206,  206,  206,  207,  207,  207,
+
+      207,  208,  207,  207,  207,  207,  207,  207,  207,  207,
+      207,  207,  207,  207,  396,  209,  202,  202,  202,  202,
+      202,  202,  196,  196,  196,  196,  196,  196,  196,  196,
+      196,  196,  196,  207,  207,  207,  207,  207,  207,  207,
+      207,  207,  207,  881,  132,  687,  132,  207,  207,  207,
+      207,  207,  207,  106,  622,  120,  120,  207,  494,  120,
+      120,  881,  881,  881,  881,  881,  881,  881,  881,  881,
+      881,  389,  196,  196,  196,  196,  196,  196,  881,  120,
+      202,  202,  202,  202,  202,  202,  202,  202,  202,  202,
+      119,  229,  105,  105,  119,  390,  105,  105,  377,  229,
+
+      119,  150,  303,  487,  121,  293,  293,  293,  293,  293,
+      294,  395,  106,  442,  119,  119,  105,  223,  224,  225,
+      223,  223,  223,  223,  223,  223,  223,  239,  240,  573,
+      782,  151,  152,  241,  242,  396,  153,  243,  106,  244,
+      245,  167,  167,  831,  154,  167,  167,  155,  105,  105,
+      105,  105,  106,  486,  106,  226,  226,  226,  226,  226,
+      226,  226,  226,  226,  226,  167,  124,  377,  229,  226,
+      226,  226,  226,  226,  226,  239,  240,  881,  229,  379,
+      106,  241,  242,  581,  831,  243,  106,  244,  582,  379,
+      168,  493,  831,  106,  226,  226,  226,  226,  226,  226,
+
+      232,  232,  232,  232,  232,  232,  232,  232,  232,  232,
+      124,  419,  881,  552,  232,  232,  232,  232,  232,  232,
+      268,  269,  270,  268,  268,  268,  268,  268,  268,  268,
+      382,  382,  382,  382,  382,  383,  881,  553,  881,  226,
+      226,  226,  226,  226,  226,  132,  132,  132,  132,  132,
+      132,  132,  132,  132,  132,  881,  229,  551,  110,  132,
+      132,  132,  132,  132,  132,  132,  166,  303,  105,  105,
+      166,  623,  105,  105,  593,  343,  166,  344,  344,  344,
+      344,  344,  344,  229,  105,  105,  105,  105,  105,  105,
+      166,  166,  105,  191,  379,  191,  191,  557,  194,  191,
+
+      191,  377,  229,  191,  194,  377,  229,  194,  881,  229,
+      194,  194,  120,  379,  634,  132,  120,  459,  191,  191,
+      459,  558,  120,  782,  196,  881,  194,  624,  194,  727,
+      194,  194,  194,  881,  194,  194,  120,  120,  194,  272,
+      272,  272,  272,  272,  272,  272,  272,  272,  272,  881,
+      197,  194,  194,  194,  194,  120,  814,  881,  120,  120,
+      881,  120,  120,  120,  120,  561,  554,  120,  120,  272,
+      272,  272,  272,  272,  272,  272,  272,  272,  272,  279,
+      280,  196,  120,  120,  881,  281,  282,  106,  106,  283,
+      814,  284,  222,  222,  222,  222,  222,  222,  222,  222,
+
+      222,  222,  132,  549,  631,  637,  625,  199,  120,  271,
+      271,  271,  271,  271,  271,  271,  271,  271,  271,  586,
+      814,  563,  565,  271,  271,  271,  271,  271,  271,  222,
+      222,  222,  222,  222,  222,  222,  222,  222,  222,  462,
+      462,  462,  462,  462,  463,  564,  566,  547,  271,  271,
+      271,  271,  271,  271,  196,  881,  229,  106,  196,  273,
+      273,  273,  273,  273,  273,  273,  273,  273,  273,  124,
+      196,  548,  552,  273,  273,  273,  273,  273,  273,  207,
+      207,  207,  207,  207,  207,  207,  207,  207,  207,  207,
+      207,  207,  207,  207,  207,  207,  553,  209,  271,  271,
+
+      271,  271,  271,  271,  196,  196,  196,  196,  196,  196,
+      196,  196,  196,  196,  196,  207,  207,  207,  207,  207,
+      207,  207,  207,  207,  207,  881,  747,  132,  881,  207,
+      207,  207,  207,  207,  207,  292,  292,  292,  292,  292,
+      292,  292,  292,  292,  292,  540,  540,  540,  540,  540,
+      541,  881,  881,  881,  196,  196,  196,  196,  196,  196,
+      290,  831,  291,  291,  291,  291,  291,  291,  291,  291,
+      291,  291,  167,  567,  881,  881,  167,  881,  106,  686,
+      110,  132,  167,  308,  308,  308,  308,  308,  308,  308,
+      308,  308,  308,  550,  636,  648,  167,  167,  881,  106,
+
+      105,  559,  295,  295,  295,  295,  295,  295,  295,  295,
+      295,  295,  207,  557,  560,  563,  295,  295,  295,  295,
+      295,  295,  381,  381,  381,  381,  381,  381,  381,  381,
+      381,  381,  831,  627,  565,  547,  881,  558,  132,  564,
+      753,  295,  295,  295,  295,  295,  295,  297,  298,  299,
+      299,  299,  299,  299,  299,  299,  299,  300,  566,  548,
+      881,  301,  301,  301,  301,  301,  301,  421,  422,  423,
+      421,  421,  421,  421,  421,  421,  421,  562,  495,  229,
+      496,  496,  496,  496,  496,  496,  301,  301,  301,  301,
+      301,  301,  229,  304,  305,  306,  304,  304,  304,  304,
+
+      304,  304,  304,  307,  229,  552,  557,  308,  308,  308,
+      308,  308,  308,  453,  454,  455,  453,  453,  453,  453,
+      453,  453,  453,  589,  589,  589,  589,  589,  590,  553,
+      558,  229,  308,  308,  308,  308,  308,  308,  309,  309,
+      309,  309,  309,  309,  309,  309,  309,  309,  124,  691,
+      229,  132,  309,  309,  309,  309,  309,  309,  388,  388,
+      388,  388,  388,  388,  388,  388,  388,  388,  442,  132,
+      443,  443,  443,  443,  443,  443,  629,  295,  295,  295,
+      295,  295,  295,  343,  563,  346,  346,  346,  346,  346,
+      347,  344,  344,  344,  344,  348,  348,  348,  348,  348,
+
+      348,  348,  348,  348,  348,  124,  727,  106,  564,  348,
+      348,  348,  348,  348,  348,  377,  229,  457,  457,  457,
+      457,  457,  457,  106,  662,  701,  565,  379,  598,  598,
+      598,  598,  598,  599,  348,  348,  348,  348,  348,  348,
+      349,  349,  349,  349,  349,  349,  349,  349,  349,  349,
+      566,  717,  717,  717,  349,  349,  349,  349,  349,  349,
+      461,  461,  461,  461,  461,  461,  461,  461,  461,  461,
+      528,  132,  529,  529,  529,  529,  529,  529,  630,  348,
+      348,  348,  348,  348,  348,  366,  367,  368,  366,  366,
+      366,  366,  366,  366,  366,  468,  468,  468,  468,  468,
+
+      468,  468,  468,  468,  468,  377,  229,  535,  535,  535,
+      535,  535,  535,  105,  105,  105,  105,  459,  699,  110,
+      751,  752,  106,  371,  371,  372,  373,  373,  373,  373,
+      373,  373,  373,  300,  377,  229,  378,  378,  378,  378,
+      378,  378,  378,  378,  378,  378,  379,  814,  692,  694,
+      380,  380,  380,  380,  380,  380,  539,  539,  539,  539,
+      539,  539,  539,  539,  539,  539,  690,  743,  814,  881,
+      132,  132,  693,  695,  700,  380,  380,  380,  380,  380,
+      380,  229,  384,  385,  386,  384,  384,  384,  384,  384,
+      384,  384,  387,  881,  132,  106,  388,  388,  388,  388,
+
+      388,  388,  763,  748,  626,  555,  572,  746,  132,  132,
+      556,  575,  576,  577,  575,  575,  575,  575,  575,  575,
+      575,  388,  388,  388,  388,  388,  388,  881,  688,  380,
+      380,  380,  380,  380,  380,  380,  380,  380,  380,  424,
+      424,  424,  424,  424,  424,  424,  424,  424,  424,  377,
+      229,  763,  689,  424,  424,  424,  424,  424,  424,  588,
+      588,  588,  588,  588,  588,  588,  588,  588,  588,  615,
+      615,  615,  615,  615,  616,  132,  712,  712,  424,  424,
+      424,  424,  424,  424,  425,  425,  425,  425,  425,  425,
+      425,  425,  425,  425,  688,  763,  692,  694,  425,  425,
+
+      425,  425,  425,  425,  527,  527,  527,  527,  527,  527,
+      527,  527,  527,  527,  112,  106,  106,  112,  689,  229,
+      693,  695,  763,  424,  424,  424,  424,  424,  424,  442,
+      379,  443,  443,  443,  443,  443,  443,  443,  443,  443,
+      443,  442,  593,  444,  444,  444,  444,  444,  444,  444,
+      444,  444,  444,  442,  595,  445,  445,  445,  445,  445,
+      446,  443,  443,  443,  443,  448,  448,  448,  448,  448,
+      448,  448,  448,  448,  448,  300,  377,  229,  457,  457,
+      457,  457,  457,  457,  457,  457,  457,  457,  379,  762,
+      692,  694,  456,  456,  456,  456,  456,  456,  597,  597,
+
+      597,  597,  597,  597,  597,  597,  597,  597,  665,  665,
+      665,  665,  665,  666,  693,  695,  802,  456,  456,  456,
+      456,  456,  456,  377,  229,  458,  458,  458,  458,  458,
+      458,  458,  458,  458,  458,  459,  106,  132,  132,  460,
+      460,  460,  460,  460,  460,  605,  606,  607,  605,  605,
+      605,  605,  605,  605,  605,  683,  683,  683,  683,  683,
+      684,  798,  752,  132,  460,  460,  460,  460,  460,  460,
+      229,  464,  465,  466,  464,  464,  464,  464,  464,  464,
+      464,  467,  229,  377,  229,  468,  468,  468,  468,  468,
+      468,  377,  229,  459,  132,  459,  881,  229,  763,  106,
+
+      768,  768,  768,  537,  800,  628,  799,  132,  537,  635,
+      468,  468,  468,  468,  468,  468,  881,  881,  460,  460,
+      460,  460,  460,  460,  460,  460,  460,  460,  495,  595,
+      498,  498,  498,  498,  498,  499,  496,  496,  496,  496,
+      424,  424,  424,  424,  424,  424,  424,  424,  424,  424,
+      751,  752,  132,  744,  424,  424,  424,  424,  424,  424,
+      546,  546,  546,  546,  546,  546,  546,  546,  546,  546,
+      638,  639,  639,  639,  639,  639,  639,  745,  229,  424,
+      424,  424,  424,  424,  424,  516,  517,  518,  516,  516,
+      516,  516,  516,  516,  516,  377,  229,  610,  610,  610,
+
+      610,  610,  610,  696,  106,  830,  110,  537,  614,  614,
+      614,  614,  614,  614,  614,  614,  614,  614,  132,  829,
+      754,  132,  106,  442,  593,  443,  443,  443,  443,  443,
+      443,  443,  443,  443,  443,  442,  595,  443,  443,  443,
+      443,  443,  443,  443,  443,  443,  443,  523,  524,  525,
+      523,  523,  523,  523,  523,  523,  523,  526,  344,  702,
+      344,  527,  527,  527,  527,  527,  527,  656,  657,  658,
+      656,  656,  656,  656,  656,  656,  656,  105,  105,  105,
+      105,  702,  229,  702,  702,  229,  527,  527,  527,  527,
+      527,  527,  528,  459,  531,  531,  531,  531,  531,  532,
+
+      529,  529,  529,  529,  377,  229,  535,  535,  535,  535,
+      535,  535,  535,  535,  535,  535,  459,  702,  110,  744,
+      534,  534,  534,  534,  534,  534,  604,  604,  604,  604,
+      604,  604,  604,  604,  604,  604,  849,  850,  229,  702,
+      744,  702,  703,  745,  662,  534,  534,  534,  534,  534,
+      534,  377,  229,  536,  536,  536,  536,  536,  536,  536,
+      536,  536,  536,  537,  745,  881,  106,  538,  538,  538,
+      538,  538,  538,  593,  593,  660,  660,  660,  660,  660,
+      660,  849,  850,  801,  595,  595,  662,  132,  222,  881,
+      809,  222,  538,  538,  538,  538,  538,  538,  229,  542,
+
+      543,  544,  542,  542,  542,  542,  542,  542,  542,  545,
+      769,  718,  881,  546,  546,  546,  546,  546,  546,  664,
+      664,  664,  664,  664,  664,  664,  664,  664,  664,  106,
+      844,  844,  844,  844,  229,  796,  881,  796,  546,  546,
+      546,  546,  546,  546,  881,  537,  538,  538,  538,  538,
+      538,  538,  538,  538,  538,  538,  105,  547,  770,  797,
+      718,  797,  105,  639,  639,  105,  105,  718,  105,  105,
+      105,  132,  132,  132,  132,  132,  132,  132,  132,  132,
+      132,  548,  132,  763,  105,  132,  132,  132,  132,  132,
+      132,  132,  132,  132,  132,  132,  132,  132,  132,  132,
+
+      132,  132,  132,  132,  132,  132,  132,  132,  106,  132,
+      105,  105,  105,  105,  105,  105,  105,  105,  105,  105,
+      105,  105,  105,  105,  105,  105,  105,  586,  587,  587,
+      587,  587,  587,  587,  587,  587,  587,  587,  377,  229,
+      377,  229,  881,  229,  730,  730,  730,  730,  730,  731,
+      537,  881,  612,  229,  612,  377,  229,  679,  679,  679,
+      679,  679,  679,  662,  537,  106,  593,  612,  594,  594,
+      594,  594,  594,  594,  594,  594,  594,  594,  595,  178,
+      178,  178,  596,  596,  596,  596,  596,  596,  682,  682,
+      682,  682,  682,  682,  682,  682,  682,  682,  672,  763,
+
+      673,  673,  673,  673,  673,  673,  854,  596,  596,  596,
+      596,  596,  596,  600,  601,  602,  600,  600,  600,  600,
+      600,  600,  600,  603,  749,  796,  827,  604,  604,  604,
+      604,  604,  604,  704,  705,  706,  707,  704,  704,  704,
+      704,  704,  704,  132,  345,  106,  345,  672,  229,  797,
+      828,  672,  604,  604,  604,  604,  604,  604,  881,  612,
+      596,  596,  596,  596,  596,  596,  596,  596,  596,  596,
+      377,  229,  610,  610,  610,  610,  610,  610,  610,  610,
+      610,  610,  537,  178,  178,  178,  609,  609,  609,  609,
+      609,  609,  714,  714,  714,  714,  714,  714,  714,  714,
+
+      714,  714,  377,  229,  742,  742,  742,  742,  742,  742,
+      672,  609,  609,  609,  609,  609,  609,  377,  229,  611,
+      611,  611,  611,  611,  611,  611,  611,  611,  611,  612,
+      595,  881,  881,  613,  613,  613,  613,  613,  613,  715,
+      715,  715,  715,  715,  716,  717,  717,  717,  717,  718,
+      756,  827,  757,  758,  759,  881,  881,  718,  613,  613,
+      613,  613,  613,  613,  229,  617,  618,  619,  617,  617,
+      617,  617,  617,  617,  617,  828,  807,  522,  808,  620,
+      620,  620,  620,  620,  620,  671,  671,  671,  671,  671,
+      671,  671,  671,  671,  671,  496,  711,  496,  132,  377,
+
+      229,  760,  827,  846,  620,  620,  620,  620,  620,  620,
+      881,  612,  613,  613,  613,  613,  613,  613,  613,  613,
+      613,  613,  105,  497,  710,  497,  828,  847,  105,  755,
+      755,  105,  105,  755,  105,  105,  105,  132,  132,  132,
+      132,  132,  132,  132,  132,  132,  132,  755,  755,  755,
+      105,  132,  132,  132,  132,  132,  132,  132,  132,  621,
+      132,  132,  132,  132,  132,  132,  132,  132,  132,  132,
+      132,  132,  132,  132,  106,  132,  105,  105,  105,  105,
+      105,  105,  105,  105,  105,  105,  105,  105,  105,  105,
+      105,  105,  105,  638,  641,  641,  641,  641,  641,  642,
+
+      639,  639,  639,  639,  196,  640,  640,  593,  196,  207,
+      207,  207,  207,  207,  207,  207,  207,  207,  207,  662,
+      196,  709,  846,  207,  207,  207,  207,  207,  207,  207,
+      207,  207,  207,  207,  207,  207,  207,  207,  207,  207,
+      207,  207,  207,  645,  207,  207,  847,  209,  196,  196,
+      196,  196,  196,  196,  196,  196,  196,  196,  196,  196,
+      196,  196,  196,  196,  196,  651,  652,  653,  654,  651,
+      651,  651,  651,  651,  651,  593,  708,  725,  725,  725,
+      725,  725,  725,  529,  638,  529,  593,  662,  729,  729,
+      729,  729,  729,  729,  729,  729,  729,  729,  727,  639,
+
+      639,  881,  106,  586,  587,  587,  587,  587,  587,  587,
+      587,  587,  587,  587,  737,  738,  739,  737,  737,  737,
+      737,  737,  737,  737,  803,  881,  756,  803,  757,  758,
+      759,  775,  776,  777,  775,  775,  775,  775,  775,  775,
+      775,  106,  593,  771,  660,  660,  660,  660,  660,  660,
+      660,  660,  660,  660,  595,  593,  881,  661,  661,  661,
+      661,  661,  661,  661,  661,  661,  661,  662,  727,  791,
+      791,  663,  663,  663,  663,  663,  663,  762,  718,  638,
+      719,  719,  719,  719,  719,  719,  736,  736,  736,  736,
+      736,  736,  736,  736,  736,  736,  663,  663,  663,  663,
+
+      663,  663,  667,  668,  669,  667,  667,  667,  667,  667,
+      667,  667,  670,  530,  638,  530,  671,  671,  671,  671,
+      671,  671,  593,  106,  780,  780,  780,  780,  780,  780,
+      496,  529,  496,  529,  727,  785,  785,  785,  785,  785,
+      786,  671,  671,  671,  671,  671,  671,  881,  593,  663,
+      663,  663,  663,  663,  663,  663,  663,  663,  663,  672,
+      727,  675,  675,  675,  675,  675,  676,  673,  673,  673,
+      673,  377,  229,  679,  679,  679,  679,  679,  679,  679,
+      679,  679,  679,  612,  698,  846,  881,  678,  678,  678,
+      678,  678,  678,  784,  784,  784,  784,  784,  784,  784,
+
+      784,  784,  784,  881,  697,  881,  881,  881,  106,  847,
+      881,  132,  678,  678,  678,  678,  678,  678,  377,  229,
+      680,  680,  680,  680,  680,  680,  680,  680,  680,  680,
+      229,  836,  132,  229,  681,  681,  681,  681,  681,  681,
+      593,  612,  804,  805,  806,  804,  804,  804,  804,  804,
+      804,  804,  782,  756,  760,  757,  758,  759,  672,  681,
+      681,  681,  681,  681,  681,  881,  881,  681,  681,  681,
+      681,  681,  681,  681,  681,  681,  681,  105,  782,  673,
+      674,  673,  674,  105,  792,  792,  105,  105,  672,  105,
+      105,  105,  132,  132,  132,  132,  132,  132,  132,  132,
+
+      132,  132,  522,  375,  760,  105,  132,  132,  132,  132,
+      132,  132,  132,  132,  132,  132,  132,  132,  132,  132,
+      132,  132,  132,  132,  132,  685,  132,  132,  132,  106,
+      132,  105,  105,  105,  105,  105,  105,  105,  105,  105,
+      105,  105,  105,  105,  105,  105,  105,  105,  688,  763,
+      650,  764,  764,  764,  764,  764,  764,  196,  719,  647,
+      719,  196,  207,  207,  207,  207,  207,  207,  207,  207,
+      207,  207,  689,  196,  646,  644,  207,  207,  207,  207,
+      207,  207,  207,  207,  207,  207,  207,  207,  207,  207,
+      207,  207,  207,  207,  207,  207,  207,  207,  207,  643,
+
+      209,  196,  196,  196,  196,  196,  196,  196,  196,  196,
+      196,  196,  196,  196,  196,  196,  196,  196,  712,  593,
+      713,  713,  713,  713,  713,  713,  713,  713,  713,  713,
+      720,  782,  720,  881,  638,  757,  758,  759,  825,  825,
+      825,  825,  825,  826,  673,  881,  673,  881,  881,  759,
+      229,  791,  791,  791,  791,  791,  791,  106,  718,  638,
+      721,  721,  721,  721,  721,  722,  719,  719,  719,  719,
+      593,  633,  725,  725,  725,  725,  725,  725,  725,  725,
+      725,  725,  662,  593,  760,  726,  726,  726,  726,  726,
+      726,  726,  726,  726,  726,  727,  760,  632,  132,  728,
+
+      728,  728,  728,  728,  728,  790,  790,  790,  790,  790,
+      790,  790,  790,  790,  790,  814,  528,  815,  815,  815,
+      815,  815,  815,  528,  728,  728,  728,  728,  728,  728,
+      732,  733,  734,  732,  732,  732,  732,  732,  732,  732,
+      735,  764,  528,  764,  736,  736,  736,  736,  736,  736,
+      593,  522,  821,  821,  821,  821,  821,  821,  765,  375,
+      765,  809,  782,  810,  810,  810,  810,  810,  810,  736,
+      736,  736,  736,  736,  736,  881,  300,  728,  728,  728,
+      728,  728,  728,  728,  728,  728,  728,  377,  229,  742,
+      742,  742,  742,  742,  742,  742,  742,  742,  742,  763,
+
+      106,  766,  766,  766,  766,  766,  767,  768,  768,  768,
+      768,  772,  773,  774,  772,  772,  772,  772,  772,  772,
+      772,  761,  585,  761,  761,  761,  584,  761,  761,  583,
+      580,  761,  824,  824,  824,  824,  824,  824,  824,  824,
+      824,  824,  719,  579,  719,  761,  761,  761,  106,  712,
+      578,  713,  713,  713,  713,  713,  713,  713,  713,  713,
+      713,  803,  803,  803,  803,  803,  803,  803,  803,  803,
+      803,  803,  803,  803,  803,  803,  803,  803,  803,  803,
+      803,  859,  859,  859,  859,  859,  859,  495,  106,  593,
+      495,  780,  780,  780,  780,  780,  780,  780,  780,  780,
+
+      780,  727,  593,  495,  781,  781,  781,  781,  781,  781,
+      781,  781,  781,  781,  782,  815,  570,  815,  783,  783,
+      783,  783,  783,  783,  840,  841,  842,  840,  840,  840,
+      840,  840,  840,  840,  831,  569,  832,  832,  832,  832,
+      832,  832,  106,  783,  783,  783,  783,  783,  783,  787,
+      788,  789,  787,  787,  787,  787,  787,  787,  787,  816,
+      832,  816,  832,  790,  790,  790,  790,  790,  790,  851,
+      852,  853,  851,  851,  851,  851,  851,  851,  851,  854,
+      106,  855,  855,  855,  855,  855,  855,  106,  790,  790,
+      790,  790,  790,  790,  881,  106,  783,  783,  783,  783,
+
+      783,  783,  783,  783,  783,  783,  229,  793,  793,  793,
+      793,  793,  794,  791,  791,  791,  791,  809,  106,  810,
+      810,  810,  810,  810,  810,  810,  810,  810,  810,  809,
+      528,  811,  811,  811,  811,  811,  811,  811,  811,  811,
+      811,  809,  528,  812,  812,  812,  812,  812,  813,  810,
+      810,  810,  810,  814,  522,  817,  817,  817,  817,  817,
+      818,  815,  815,  815,  815,  593,  375,  821,  821,  821,
+      821,  821,  821,  821,  821,  821,  821,  782,  593,  300,
+      822,  822,  822,  822,  822,  822,  822,  822,  822,  822,
+      833,  865,  833,  865,  823,  823,  823,  823,  823,  823,
+
+      859,  859,  859,  859,  859,  859,  859,  859,  859,  859,
+      864,  300,  865,  865,  865,  865,  865,  865,  515,  823,
+      823,  823,  823,  823,  823,  881,  514,  823,  823,  823,
+      823,  823,  823,  823,  823,  823,  823,  831,  513,  834,
+      834,  834,  834,  834,  835,  832,  832,  832,  832,  105,
+      512,  837,  838,  839,  837,  837,  837,  837,  837,  837,
+      837,  809,  511,  810,  810,  810,  810,  810,  810,  810,
+      810,  810,  810,  809,  510,  810,  810,  810,  810,  810,
+      810,  810,  810,  810,  810,  593,  509,  845,  845,  845,
+      845,  845,  845,  845,  845,  845,  845,  854,  508,  855,
+
+      855,  855,  855,  855,  855,  855,  855,  855,  855,  854,
+      507,  856,  856,  856,  856,  856,  856,  856,  856,  856,
+      856,  854,  506,  857,  857,  857,  857,  857,  858,  855,
+      855,  855,  855,  860,  860,  860,  860,  860,  860,  860,
+      860,  860,  860,  861,  861,  861,  861,  861,  862,  859,
+      859,  859,  859,  864,  505,  867,  867,  867,  867,  867,
+      868,  865,  865,  865,  865,  105,  504,  869,  870,  871,
+      869,  869,  869,  869,  869,  869,  869,  854,  503,  855,
+      855,  855,  855,  855,  855,  855,  855,  855,  855,  854,
+      502,  855,  855,  855,  855,  855,  855,  855,  855,  855,
+
+      855,  859,  859,  859,  859,  859,  859,  859,  859,  859,
+      859,  859,  859,  859,  859,  859,  859,  859,  859,  859,
+      859,  872,  873,  874,  872,  872,  872,  872,  872,  872,
+      872,  875,  875,  875,  875,  875,  875,  875,  875,  875,
+      875,  878,  878,  878,  878,  878,  878,  878,  878,  878,
+      878,  872,  872,  872,  872,  872,  872,  872,  872,  872,
+      872,  875,  875,  875,  875,  875,  875,  501,  106,  869,
+      869,  869,  869,  869,  869,  869,  869,  869,  869,  879,
+      879,  879,  879,  879,  880,  878,  878,  878,  878,  878,
+      878,  878,  878,  878,  878,  866,  863,  866,  106,  863,
+
+      500,  881,  495,  863,  495,  414,  106,  876,  876,  876,
+      876,  876,  877,  875,  875,  875,  875,  878,  878,  878,
+      878,  878,  878,  878,  878,  878,  878,  490,  489,  483,
+      482,  481,  480,  479,  478,  477,  476,  475,  474,  473,
+      472,  471,  470,  469,  106,  875,  875,  875,  875,  875,
+      875,  875,  875,  875,  875,  451,  375,  300,  447,  300,
+      130,  441,  440,  439,  436,  435,  434,  433,  432,  431,
+      430,  429,  426,  343,  343,  343,  414,  416,  414,  415,
+      414,  408,  106,   64,   64,   64,   64,   64,   64,   64,
+       64,   64,   64,   64,   64,   64,   64,   64,   64,   64,
+
+       64,   64,   64,   64,   33,   33,   33,   33,   33,   33,
+       33,   33,   33,   33,   33,   33,   33,   33,   33,   33,
+       33,   33,   33,   33,   33,   73,   73,   73,   73,   73,
+       73,   73,   73,   73,   73,   73,   73,   73,   73,   73,
+       73,   73,   73,   73,   73,   73,   80,   80,   80,   80,
+       80,   80,   80,   80,   80,   80,   80,   80,   80,   80,
+       80,   80,   80,   80,   80,   80,   80,  105,  407,  406,
+      405,  404,  403,  402,  105,  401,  105,  105,  105,  105,
+      400,  399,  105,  105,  105,  105,  105,  105,  109,  109,
+      109,  109,  109,  109,  109,  109,  109,  109,  109,  109,
+
+      109,  109,  109,  109,  109,  109,  109,  109,  109,  113,
+      398,  397,  392,  391,  113,  124,  113,  300,  113,  113,
+      113,  113,  113,  375,  113,  113,  113,  113,  113,  113,
+      117,  300,  130,  110,  365,  361,  360,  117,  359,  117,
+      117,  117,  117,  358,  357,  117,  117,  117,  117,  117,
+      117,  119,  356,  355,  119,  119,  354,  119,  119,  353,
+      119,  119,  119,  119,  352,  351,  119,  119,  119,  119,
+      119,  119,  129,  129,  350,  129,  200,  343,  343,  129,
+      166,  267,  340,  166,  166,  337,  166,  166,  336,  166,
+      166,  166,  166,  335,  334,  166,  166,  166,  166,  166,
+
+      166,  171,  333,  328,  171,  171,  327,  171,  171,  326,
+      171,  171,  171,  171,  325,  171,  171,  171,  324,  171,
+      171,  171,  179,  323,  320,  179,  319,  318,  179,  179,
+      317,  179,  179,  179,  179,  179,  316,  179,  179,  179,
+      179,  179,  179,  183,  183,  183,  183,  183,  183,  183,
+      183,  183,  183,  183,  183,  183,  183,  183,  183,  183,
+      183,  183,  183,  183,  185,  185,  315,  185,  314,  185,
+      185,  185,  185,  185,  185,  185,  185,  185,  185,  185,
+      185,  185,  185,  185,  185,  191,  313,  312,  311,  310,
+      191,  130,  191,  122,  191,  191,  191,  191,  191,  110,
+
+      191,  191,  191,  191,  191,  191,  195,  110,  288,  287,
+      286,  285,  278,  195,  277,  195,  195,  195,  195,  276,
+      195,  195,  195,  195,  195,  195,  195,  198,  275,  274,
+      198,  198,  881,  198,  198,  197,  198,  198,  198,  198,
+      267,  198,  198,  198,  198,  198,  198,  198,  219,  219,
+      219,  219,  219,  219,  219,  219,  219,  219,  219,  219,
+      219,  219,  219,  219,  219,  219,  219,  219,  219,  220,
+      220,  185,  220,  220,  220,  220,  220,  220,  220,  220,
+      220,  220,  220,  220,  220,  220,  220,  220,  220,  220,
+      120,  186,  180,  120,  120,  180,  120,  120,  172,  120,
+
+      120,  120,  120,  265,  165,  120,  120,  120,  120,  120,
+      120,  129,  129,  165,  129,  258,  257,  256,  129,  228,
+      228,  255,  228,  254,  251,  250,  228,  230,  230,  230,
+      249,  230,  248,  247,  246,  230,  166,  238,  237,  166,
+      166,  236,  166,  166,  235,  166,  166,  166,  166,  234,
+      233,  166,  166,  166,  166,  166,  166,  167,  130,  105,
+      167,  167,  130,  167,  167,  199,  167,  167,  167,  167,
+      118,  221,  167,  167,  167,  167,  167,  167,  171,  110,
+      108,  171,  171,  107,  171,  171,  106,  171,  171,  171,
+      171,  216,  171,  171,  171,  215,  171,  171,  171,  179,
+
+      214,  213,  179,  212,  207,  179,  179,  186,  179,  179,
+      179,  179,  179,  180,  179,  179,  179,  179,  179,  179,
+      185,  185,  172,  185,  140,  185,  185,  185,  185,  185,
+      185,  185,  185,  185,  185,  185,  185,  185,  185,  185,
+      185,  194,  169,  137,  165,  164,  161,  159,  194,  143,
+      194,  194,  194,  194,  142,  139,  194,  194,  194,  194,
+      194,  194,  195,  138,  132,  130,  118,  108,  107,  195,
+      106,  195,  195,  195,  195,  881,  195,  195,  195,  195,
+      195,  195,  195,  198,  881,  881,  198,  198,  881,  198,
+      198,  881,  198,  198,  198,  198,  881,  198,  198,  198,
+
+      198,  198,  198,  198,  209,  881,  881,  209,  209,  881,
+      209,  289,  289,  289,  289,  289,  289,  289,  289,  289,
+      289,  289,  289,  289,  289,  289,  289,  289,  289,  289,
+      289,  289,  296,  296,  881,  296,  881,  881,  881,  296,
+      302,  302,  302,  881,  302,  881,  881,  881,  302,  369,
+      369,  881,  369,  881,  881,  881,  369,  370,  370,  881,
+      370,  881,  881,  881,  370,  374,  374,  881,  374,  881,
+      881,  881,  374,  376,  376,  376,  881,  376,  881,  881,
+      881,  376,  209,  881,  881,  209,  209,  881,  209,  447,
+      447,  881,  447,  881,  881,  881,  447,  449,  449,  881,
+
+      449,  881,  881,  881,  449,  450,  450,  881,  450,  881,
+      881,  881,  450,  452,  452,  452,  881,  452,  881,  881,
+      881,  452,  456,  456,  456,  456,  881,  456,  881,  881,
+      881,  456,  519,  519,  881,  519,  881,  881,  881,  519,
+      520,  520,  881,  520,  881,  881,  881,  520,  521,  521,
+      881,  521,  881,  881,  881,  521,  533,  533,  533,  881,
+      533,  881,  881,  881,  533,  534,  534,  534,  534,  881,
+      534,  881,  881,  881,  534,  219,  219,  219,  219,  219,
+      219,  219,  219,  219,  219,  219,  219,  219,  219,  219,
+      219,  219,  219,  219,  219,  219,  591,  591,  881,  591,
+
+      881,  881,  881,  591,  592,  592,  881,  592,  881,  881,
+      881,  592,  608,  608,  608,  881,  608,  881,  881,  881,
+      608,  609,  609,  609,  609,  881,  609,  881,  881,  881,
+      609,  219,  219,  219,  219,  219,  219,  219,  219,  219,
+      219,  219,  219,  219,  219,  219,  219,  219,  219,  219,
+      219,  219,  209,  881,  881,  209,  209,  881,  209,  196,
+      881,  881,  881,  196,  196,  881,  196,  196,  196,  881,
+      881,  196,  196,  655,  655,  881,  655,  881,  881,  881,
+      655,  659,  881,  659,  659,  881,  659,  881,  881,  881,
+      659,  677,  677,  677,  881,  677,  881,  881,  881,  677,
+
+      678,  678,  678,  678,  881,  678,  881,  881,  881,  678,
+      620,  620,  881,  881,  620,  881,  881,  881,  620,  219,
+      219,  219,  219,  219,  219,  219,  219,  219,  219,  219,
+      219,  219,  219,  219,  219,  219,  219,  219,  219,  219,
+      209,  881,  881,  209,  209,  881,  209,  196,  881,  881,
+      881,  196,  196,  881,  196,  196,  196,  881,  881,  196,
+      196,  723,  723,  881,  723,  881,  881,  881,  723,  724,
+      881,  724,  724,  881,  724,  881,  881,  881,  724,  740,
+      740,  740,  881,  740,  881,  881,  881,  740,  741,  741,
+      741,  881,  881,  741,  881,  881,  881,  741,  750,  750,
+
+      750,  750,  750,  750,  750,  750,  750,  750,  750,  750,
+      750,  750,  750,  750,  750,  750,  750,  750,  750,  755,
+      755,  881,  755,  755,  755,  881,  755,  881,  755,  755,
+      755,  755,  881,  881,  755,  755,  755,  755,  755,  755,
+      761,  761,  881,  761,  761,  761,  881,  761,  881,  761,
+      761,  761,  761,  881,  881,  761,  761,  761,  761,  761,
+      761,  209,  881,  881,  881,  881,  881,  881,  881,  881,
+      881,  881,  209,  209,  881,  209,  209,  881,  209,  778,
+      778,  881,  778,  881,  881,  881,  778,  779,  881,  779,
+      779,  881,  779,  881,  881,  881,  779,  795,  795,  881,
+
+      881,  795,  881,  881,  881,  795,  761,  881,  881,  881,
+      881,  881,  881,  761,  881,  761,  761,  761,  761,  881,
+      881,  761,  761,  761,  761,  761,  761,  819,  819,  881,
+      819,  881,  881,  881,  819,  820,  881,  820,  820,  881,
+      820,  881,  881,  881,  820,  843,  843,  881,  843,  881,
+      881,  881,  843,  844,  881,  844,  881,  881,  844,  881,
+      881,  881,  844,  848,  848,  848,  848,  848,  848,  848,
+      848,  848,  848,  848,  848,  848,  848,  848,  848,  848,
+      848,  848,  848,  848,   15,  881,  881,  881,  881,  881,
+      881,  881,  881,  881,  881,  881,  881,  881,  881,  881,
+
+      881,  881,  881,  881,  881,  881,  881,  881,  881,  881,
+      881,  881,  881,  881,  881,  881,  881,  881,  881,  881,
+      881,  881,  881,  881,  881,  881,  881,  881,  881,  881,
+      881,  881,  881,  881,  881,  881,  881,  881,  881,  881,
+      881,  881,  881,  881,  881,  881,  881,  881,  881,  881,
+      881,  881,  881,  881,  881,  881
+    } ;
+
+static yyconst flex_int16_t yy_chk[5657] =
+    {   0,
+        1,    1,    1,    1,    1,    1,    1,    1,    1,    1,
+        1,    1,    1,    1,    1,    1,    1,    1,    1,    1,
+        1,    1,    1,    1,    1,    1,    1,    1,    1,    1,
+        1,    1,    1,    1,    1,    1,    1,    1,    1,    1,
+        1,    1,    1,    1,    1,    1,    1,    1,    1,    1,
+        1,    1,    1,    1,    1,    1,    1,    1,    1,    1,
+        1,    1,    1,    1,    1,    1,    1,    1,    1,    1,
+        1,    2,   54,    3,   56,    2,   37,    3,   51,   37,
+      875,    4,   36,    3,   56,    4,    3,   11,   11,   11,
+       11,    4,   22,   36,    4,   12,   12,   12,   12,   39,
+
+       54,    2,    2,   51,   39,   42,    2,   81,   45,   71,
+       71,    3,   22,    3,    2,    3,    3,    2,    3,    4,
+       42,    4,   45,    4,    4,   82,    4,    5,    5,    5,
+       52,    5,    6,    6,    6,   48,    6,    5,   11,   22,
+        3,   63,    6,   75,   48,  104,   12,  867,    4,   52,
+       63,    5,    5,   48,  104,   77,    6,    6,   81,   63,
+       79,   79,    9,    9,    9,    9,    9,   84,   84,   75,
+       84,    9,    9,    9,   82,   27,   27,  149,    5,   27,
+       27,   77,  149,    6,    7,    7,    7,    9,    7,   29,
+       29,   29,   29,   29,   29,   29,   29,   29,   29,   27,
+
+       30,   30,   30,   30,   30,   30,   10,   10,   10,   10,
+       10,  159,  253,    9,   85,   10,   10,   10,   90,   90,
+       90,   90,   90,   90,   27,   95,  253,  159,   95,   49,
+      148,   10,  148,  156,   85,    7,    7,    7,    7,    7,
+        7,    7,    7,    7,    7,    7,    7,    7,    7,    7,
+        7,    7,    7,    7,    8,    8,    8,   10,    8,   49,
+       49,   85,   94,  130,   49,  128,  128,  128,  128,  128,
+      128,  295,   49,   94,  130,   49,   89,   89,   89,   89,
+       89,   89,   89,   89,   89,   89,  111,  111,  111,  111,
+      111,  111,  111,  111,  111,  111,  156,  161,  295,  170,
+
+      173,  173,  866,  161,  170,    8,    8,    8,    8,    8,
+        8,    8,    8,    8,    8,    8,    8,    8,    8,    8,
+        8,    8,    8,    8,   13,   13,   13,   13,   13,   13,
+       13,   13,   13,   13,   13,   13,   13,   13,   13,   13,
+       13,   13,   13,   13,   13,   13,   13,   13,   13,   13,
+       13,   13,   13,   13,   13,   13,   13,   13,   13,   13,
+       13,   13,   13,   13,   13,   13,   13,   13,   13,   13,
+       13,   13,   13,   13,   13,   13,   13,   13,   13,   13,
+       13,   13,   13,   13,   13,   13,   13,   13,   13,   13,
+       13,   13,   13,   13,   13,   21,  491,  146,  146,  158,
+
+      177,  177,  184,  184,  187,   21,  157,  188,   21,   21,
+       21,   21,   21,   21,   21,   21,   21,   21,   28,  157,
+       28,   28,   28,   28,   28,   28,   28,   28,   28,   28,
+       28,  160,  189,  189,   28,   28,   28,   28,   28,   28,
+      162,  230,   59,   59,  160,  158,   59,   59,  146,  260,
+      162,  491,  230,  184,  260,  187,  188,   28,  264,   28,
+       28,   28,   28,   28,   28,   34,   59,  245,  245,  865,
+      263,   34,  263,  264,   34,   34,  341,   34,   34,   34,
+       34,   34,   34,   34,   34,   34,   34,   34,   34,   34,
+       34,   59,  341,   34,   34,   34,   34,   34,   34,   34,
+
+       34,   34,   34,   34,   34,   34,   34,   34,   34,   34,
+       34,   34,   34,   34,   34,   34,   34,   34,   34,   34,
+       34,   34,   34,   34,   34,   34,   34,   34,   34,   34,
+       34,   34,   34,   34,   34,   34,   38,   38,   38,   38,
+       38,   38,   38,   38,   38,   38,   38,  291,  259,  418,
+       38,   38,   38,   38,   38,   38,  262,  266,  339,  339,
+       38,  112,  112,  112,  112,  112,  112,  112,  112,  112,
+      112,  266,  418,  262,  330,   38,   38,   38,   38,   38,
+       38,   46,   46,   46,   46,   46,  291,   46,   46,  852,
+      331,   46,  126,  126,  126,  126,  126,  126,  126,  126,
+
+      126,  126,  259,  330,  310,   46,   46,   46,   47,  851,
+       47,   47,   47,   47,   47,   47,   47,   47,   47,   47,
+       50,   69,   69,   69,  113,   69,  331,  115,  310,   69,
+       50,   69,  191,   50,   50,   50,   50,   50,   50,   50,
+       50,   50,   50,  417,  113,   69,   69,  115,  299,  299,
+      299,  106,  191,  106,  106,  106,   86,  106,  106,  409,
+      180,  106,   86,  180,  180,   86,  314,  302,   86,   86,
+      180,  113,   69,  192,  115,  106,  106,  106,  302,  191,
+       50,   70,   86,  313,   86,  180,  252,  252,  313,  252,
+      314,   70,  409,  192,   70,   70,   70,   70,   70,   70,
+
+       70,   70,   70,   70,  287,  287,  332,  287,   86,   86,
+       87,  417,  332,   87,   87,  488,   87,   87,   87,   87,
+      192,  252,   87,   87,  116,  488,  116,  116,  352,  342,
+      116,  116,  848,  352,  116,  342,   87,   87,   87,  127,
+      127,  127,  127,  127,  127,  127,  127,  127,  127,  116,
+      116,  164,  164,  164,  164,  164,  164,  164,  164,  164,
+      164,  413,   87,   87,   88,  338,  413,   88,   88,   88,
+       88,   88,   88,   88,   88,   88,   88,   88,   88,   88,
+       88,  845,  350,   88,   88,   88,   88,   88,   88,   88,
+       88,   88,   88,   88,   88,   88,   88,   88,   88,   88,
+
+       88,   88,   88,   88,   88,   88,  350,  410,   88,   88,
+       88,   88,   88,   88,   88,   88,   88,   88,   88,   88,
+       88,   88,   88,   88,   88,   91,  338,   91,   91,   91,
+       91,   91,   91,   91,   91,   91,   91,   91,  410,  584,
+      584,   91,   91,   91,   91,   91,   91,  362,  494,  118,
+      362,  118,  118,  118,  329,  118,  118,  329,  494,  118,
+      205,  205,  205,  205,  205,  205,   91,   91,   91,   91,
+       91,   91,   92,  118,  118,  118,   92,   92,   92,   92,
+       92,   92,   92,   92,   92,   92,   92,   92,   92,  329,
+      353,   92,   92,   92,   92,   92,   92,   92,   92,   92,
+
+       92,   92,   92,   92,   92,   92,   92,   92,   92,   92,
+       92,   92,   92,   92,  353,   92,   92,   92,   92,   92,
+       92,   92,   92,   92,   92,   92,   92,   92,   92,   92,
+       92,   92,   92,   96,   96,   96,   96,   96,   96,   96,
+       96,   96,   96,   96,  550,  623,  623,   96,   96,   96,
+       96,   96,   96,  420,  550,  119,  119,   96,  420,  119,
+      119,  176,  176,  176,  176,  176,  176,  176,  176,  176,
+      176,  389,   96,   96,   96,   96,   96,   96,  102,  119,
+      102,  102,  102,  102,  102,  102,  102,  102,  102,  102,
+      121,  376,  121,  121,  121,  389,  121,  121,  680,  680,
+
+      121,  150,  376,  412,  119,  225,  225,  225,  225,  225,
+      225,  395,  493,  443,  121,  121,  121,  122,  122,  122,
+      122,  122,  122,  122,  122,  122,  122,  139,  139,  493,
+      843,  150,  150,  139,  139,  395,  150,  139,  412,  139,
+      139,  166,  166,  834,  150,  166,  166,  150,  294,  294,
+      294,  294,  443,  411,  122,  123,  123,  123,  123,  123,
+      123,  123,  123,  123,  123,  166,  340,  378,  378,  123,
+      123,  123,  123,  123,  123,  169,  169,  380,  380,  378,
+      419,  169,  169,  505,  833,  169,  411,  169,  505,  380,
+      166,  419,  832,  340,  123,  123,  123,  123,  123,  123,
+
+      131,  131,  131,  131,  131,  131,  131,  131,  131,  131,
+      131,  340,  472,  473,  131,  131,  131,  131,  131,  131,
+      200,  200,  200,  200,  200,  200,  200,  200,  200,  200,
+      306,  306,  306,  306,  306,  306,  472,  473,  823,  131,
+      131,  131,  131,  131,  131,  132,  132,  132,  132,  132,
+      132,  132,  132,  132,  132,  132,  452,  472,  571,  132,
+      132,  132,  132,  132,  132,  551,  168,  452,  168,  168,
+      168,  551,  168,  168,  822,  347,  168,  347,  347,  347,
+      347,  347,  347,  456,  132,  132,  132,  132,  132,  132,
+      168,  168,  168,  193,  456,  193,  193,  476,  195,  193,
+
+      193,  457,  457,  193,  195,  458,  458,  195,  460,  460,
+      195,  195,  199,  457,  571,  554,  199,  458,  193,  193,
+      460,  476,  199,  820,  195,  474,  195,  554,  197,  819,
+      197,  197,  197,  479,  197,  197,  199,  199,  197,  203,
+      203,  203,  203,  203,  203,  203,  203,  203,  203,  474,
+      195,  195,  197,  197,  197,  198,  817,  479,  198,  198,
+      470,  198,  198,  198,  198,  479,  474,  198,  198,  204,
+      204,  204,  204,  204,  204,  204,  204,  204,  204,  214,
+      214,  198,  198,  198,  470,  214,  214,  568,  574,  214,
+      816,  214,  221,  221,  221,  221,  221,  221,  221,  221,
+
+      221,  221,  555,  470,  568,  574,  555,  198,  198,  201,
+      201,  201,  201,  201,  201,  201,  201,  201,  201,  587,
+      815,  481,  482,  201,  201,  201,  201,  201,  201,  222,
+      222,  222,  222,  222,  222,  222,  222,  222,  222,  386,
+      386,  386,  386,  386,  386,  481,  482,  500,  201,  201,
+      201,  201,  201,  201,  206,  681,  681,  587,  206,  206,
+      206,  206,  206,  206,  206,  206,  206,  206,  206,  206,
+      206,  500,  503,  206,  206,  206,  206,  206,  206,  206,
+      206,  206,  206,  206,  206,  206,  206,  206,  206,  206,
+      206,  206,  206,  206,  206,  206,  503,  206,  206,  206,
+
+      206,  206,  206,  206,  206,  206,  206,  206,  206,  206,
+      206,  206,  206,  206,  206,  207,  207,  207,  207,  207,
+      207,  207,  207,  207,  207,  207,  690,  690,  483,  207,
+      207,  207,  207,  207,  207,  224,  224,  224,  224,  224,
+      224,  224,  224,  224,  224,  466,  466,  466,  466,  466,
+      466,  471,  483,  477,  207,  207,  207,  207,  207,  207,
+      223,  805,  223,  223,  223,  223,  223,  223,  223,  223,
+      223,  223,  265,  483,  478,  471,  265,  477,  573,  622,
+      700,  622,  265,  303,  303,  303,  303,  303,  303,  303,
+      303,  303,  303,  471,  573,  583,  265,  265,  478,  223,
+
+      226,  477,  226,  226,  226,  226,  226,  226,  226,  226,
+      226,  226,  583,  506,  478,  509,  226,  226,  226,  226,
+      226,  226,  305,  305,  305,  305,  305,  305,  305,  305,
+      305,  305,  804,  559,  510,  547,  480,  506,  559,  509,
+      700,  226,  226,  226,  226,  226,  226,  229,  229,  229,
+      229,  229,  229,  229,  229,  229,  229,  229,  510,  547,
+      480,  229,  229,  229,  229,  229,  229,  343,  343,  343,
+      343,  343,  343,  343,  343,  343,  343,  480,  499,  795,
+      499,  499,  499,  499,  499,  499,  229,  229,  229,  229,
+      229,  229,  231,  231,  231,  231,  231,  231,  231,  231,
+
+      231,  231,  231,  231,  793,  552,  557,  231,  231,  231,
+      231,  231,  231,  377,  377,  377,  377,  377,  377,  377,
+      377,  377,  377,  518,  518,  518,  518,  518,  518,  552,
+      557,  792,  231,  231,  231,  231,  231,  231,  232,  232,
+      232,  232,  232,  232,  232,  232,  232,  232,  232,  626,
+      791,  626,  232,  232,  232,  232,  232,  232,  379,  379,
+      379,  379,  379,  379,  379,  379,  379,  379,  446,  561,
+      446,  446,  446,  446,  446,  446,  561,  232,  232,  232,
+      232,  232,  232,  270,  563,  270,  270,  270,  270,  270,
+      270,  270,  270,  270,  270,  271,  271,  271,  271,  271,
+
+      271,  271,  271,  271,  271,  271,  779,  446,  563,  271,
+      271,  271,  271,  271,  271,  383,  383,  383,  383,  383,
+      383,  383,  383,  635,  778,  635,  565,  383,  525,  525,
+      525,  525,  525,  525,  271,  271,  271,  271,  271,  271,
+      273,  273,  273,  273,  273,  273,  273,  273,  273,  273,
+      565,  654,  654,  654,  273,  273,  273,  273,  273,  273,
+      385,  385,  385,  385,  385,  385,  385,  385,  385,  385,
+      532,  562,  532,  532,  532,  532,  532,  532,  562,  273,
+      273,  273,  273,  273,  273,  290,  290,  290,  290,  290,
+      290,  290,  290,  290,  290,  459,  459,  459,  459,  459,
+
+      459,  459,  459,  459,  459,  463,  463,  463,  463,  463,
+      463,  463,  463,  590,  590,  590,  590,  463,  634,  634,
+      699,  699,  290,  298,  298,  298,  298,  298,  298,  298,
+      298,  298,  298,  298,  304,  304,  304,  304,  304,  304,
+      304,  304,  304,  304,  304,  304,  304,  776,  648,  649,
+      304,  304,  304,  304,  304,  304,  465,  465,  465,  465,
+      465,  465,  465,  465,  465,  465,  625,  685,  775,  475,
+      685,  625,  648,  649,  634,  304,  304,  304,  304,  304,
+      304,  307,  307,  307,  307,  307,  307,  307,  307,  307,
+      307,  307,  307,  475,  556,  492,  307,  307,  307,  307,
+
+      307,  307,  768,  691,  556,  475,  492,  687,  691,  687,
+      475,  495,  495,  495,  495,  495,  495,  495,  495,  495,
+      495,  307,  307,  307,  307,  307,  307,  308,  624,  308,
+      308,  308,  308,  308,  308,  308,  308,  308,  308,  348,
+      348,  348,  348,  348,  348,  348,  348,  348,  348,  742,
+      742,  766,  624,  348,  348,  348,  348,  348,  348,  517,
+      517,  517,  517,  517,  517,  517,  517,  517,  517,  544,
+      544,  544,  544,  544,  544,  624,  713,  717,  348,  348,
+      348,  348,  348,  348,  349,  349,  349,  349,  349,  349,
+      349,  349,  349,  349,  688,  765,  692,  694,  349,  349,
+
+      349,  349,  349,  349,  522,  522,  522,  522,  522,  522,
+      522,  522,  522,  522,  892,  713,  717,  892,  688,  533,
+      692,  694,  764,  349,  349,  349,  349,  349,  349,  366,
+      533,  366,  366,  366,  366,  366,  366,  366,  366,  366,
+      366,  367,  594,  367,  367,  367,  367,  367,  367,  367,
+      367,  367,  367,  368,  594,  368,  368,  368,  368,  368,
+      368,  368,  368,  368,  368,  371,  371,  371,  371,  371,
+      371,  371,  371,  371,  371,  371,  381,  381,  381,  381,
+      381,  381,  381,  381,  381,  381,  381,  381,  381,  761,
+      627,  628,  381,  381,  381,  381,  381,  381,  524,  524,
+
+      524,  524,  524,  524,  524,  524,  524,  524,  602,  602,
+      602,  602,  602,  602,  627,  628,  759,  381,  381,  381,
+      381,  381,  381,  384,  384,  384,  384,  384,  384,  384,
+      384,  384,  384,  384,  384,  384,  754,  627,  628,  384,
+      384,  384,  384,  384,  384,  528,  528,  528,  528,  528,
+      528,  528,  528,  528,  528,  619,  619,  619,  619,  619,
+      619,  747,  750,  747,  384,  384,  384,  384,  384,  384,
+      387,  387,  387,  387,  387,  387,  387,  387,  387,  387,
+      387,  387,  534,  535,  535,  387,  387,  387,  387,  387,
+      387,  536,  536,  534,  560,  535,  538,  538,  707,  572,
+
+      707,  707,  707,  536,  749,  560,  748,  748,  538,  572,
+      387,  387,  387,  387,  387,  387,  388,  596,  388,  388,
+      388,  388,  388,  388,  388,  388,  388,  388,  423,  596,
+      423,  423,  423,  423,  423,  423,  423,  423,  423,  423,
+      424,  424,  424,  424,  424,  424,  424,  424,  424,  424,
+      751,  751,  743,  708,  424,  424,  424,  424,  424,  424,
+      537,  537,  537,  537,  537,  537,  537,  537,  537,  537,
+      642,  642,  642,  642,  642,  642,  642,  708,  741,  424,
+      424,  424,  424,  424,  424,  442,  442,  442,  442,  442,
+      442,  442,  442,  442,  442,  541,  541,  541,  541,  541,
+
+      541,  541,  541,  630,  701,  801,  801,  541,  543,  543,
+      543,  543,  543,  543,  543,  543,  543,  543,  630,  799,
+      701,  799,  442,  444,  660,  444,  444,  444,  444,  444,
+      444,  444,  444,  444,  444,  445,  660,  445,  445,  445,
+      445,  445,  445,  445,  445,  445,  445,  451,  451,  451,
+      451,  451,  451,  451,  451,  451,  451,  451,  922,  698,
+      922,  451,  451,  451,  451,  451,  451,  593,  593,  593,
+      593,  593,  593,  593,  593,  593,  593,  716,  716,  716,
+      716,  698,  608,  698,  698,  738,  451,  451,  451,  451,
+      451,  451,  455,  608,  455,  455,  455,  455,  455,  455,
+
+      455,  455,  455,  455,  461,  461,  461,  461,  461,  461,
+      461,  461,  461,  461,  461,  461,  461,  636,  753,  744,
+      461,  461,  461,  461,  461,  461,  595,  595,  595,  595,
+      595,  595,  595,  595,  595,  595,  830,  830,  737,  636,
+      686,  636,  636,  744,  724,  461,  461,  461,  461,  461,
+      461,  464,  464,  464,  464,  464,  464,  464,  464,  464,
+      464,  464,  464,  464,  686,  709,  636,  464,  464,  464,
+      464,  464,  464,  599,  661,  599,  599,  599,  599,  599,
+      599,  849,  849,  753,  723,  599,  661,  686,  904,  709,
+      810,  904,  464,  464,  464,  464,  464,  464,  467,  467,
+
+      467,  467,  467,  467,  467,  467,  467,  467,  467,  467,
+      709,  721,  710,  467,  467,  467,  467,  467,  467,  601,
+      601,  601,  601,  601,  601,  601,  601,  601,  601,  810,
+      826,  826,  826,  826,  609,  746,  710,  769,  467,  467,
+      467,  467,  467,  467,  468,  609,  468,  468,  468,  468,
+      468,  468,  468,  468,  468,  468,  469,  469,  710,  746,
+      720,  769,  469,  951,  951,  469,  469,  719,  469,  469,
+      469,  469,  469,  469,  469,  469,  469,  469,  469,  469,
+      469,  469,  746,  705,  469,  469,  469,  469,  469,  469,
+      469,  469,  469,  469,  469,  469,  469,  469,  469,  469,
+
+      469,  469,  469,  469,  469,  469,  469,  469,  469,  469,
+      469,  469,  469,  469,  469,  469,  469,  469,  469,  469,
+      469,  469,  469,  469,  469,  469,  469,  516,  516,  516,
+      516,  516,  516,  516,  516,  516,  516,  516,  610,  610,
+      611,  611,  613,  613,  669,  669,  669,  669,  669,  669,
+      610,  663,  611,  677,  613,  616,  616,  616,  616,  616,
+      616,  616,  616,  663,  677,  516,  523,  616,  523,  523,
+      523,  523,  523,  523,  523,  523,  523,  523,  523,  895,
+      895,  895,  523,  523,  523,  523,  523,  523,  618,  618,
+      618,  618,  618,  618,  618,  618,  618,  618,  676,  704,
+
+      676,  676,  676,  676,  676,  676,  855,  523,  523,  523,
+      523,  523,  523,  526,  526,  526,  526,  526,  526,  526,
+      526,  526,  526,  526,  697,  796,  807,  526,  526,  526,
+      526,  526,  526,  638,  638,  638,  638,  638,  638,  638,
+      638,  638,  638,  696,  923,  855,  923,  675,  678,  796,
+      807,  674,  526,  526,  526,  526,  526,  526,  527,  678,
+      527,  527,  527,  527,  527,  527,  527,  527,  527,  527,
+      539,  539,  539,  539,  539,  539,  539,  539,  539,  539,
+      539,  539,  539,  912,  912,  912,  539,  539,  539,  539,
+      539,  539,  652,  652,  652,  652,  652,  652,  652,  652,
+
+      652,  652,  684,  684,  684,  684,  684,  684,  684,  684,
+      673,  539,  539,  539,  539,  539,  539,  542,  542,  542,
+      542,  542,  542,  542,  542,  542,  542,  542,  542,  542,
+      659,  770,  771,  542,  542,  542,  542,  542,  542,  653,
+      653,  653,  653,  653,  653,  653,  653,  653,  653,  657,
+      702,  798,  702,  702,  702,  770,  771,  656,  542,  542,
+      542,  542,  542,  542,  545,  545,  545,  545,  545,  545,
+      545,  545,  545,  545,  545,  798,  770,  655,  771,  545,
+      545,  545,  545,  545,  545,  662,  662,  662,  662,  662,
+      662,  662,  662,  662,  662,  934,  647,  934,  798,  679,
+
+      679,  702,  827,  836,  545,  545,  545,  545,  545,  545,
+      546,  679,  546,  546,  546,  546,  546,  546,  546,  546,
+      546,  546,  549,  935,  646,  935,  827,  836,  549,  760,
+      760,  549,  549,  760,  549,  549,  549,  549,  549,  549,
+      549,  549,  549,  549,  549,  549,  549,  760,  760,  760,
+      549,  549,  549,  549,  549,  549,  549,  549,  549,  549,
+      549,  549,  549,  549,  549,  549,  549,  549,  549,  549,
+      549,  549,  549,  549,  549,  549,  549,  549,  549,  549,
+      549,  549,  549,  549,  549,  549,  549,  549,  549,  549,
+      549,  549,  549,  577,  577,  577,  577,  577,  577,  577,
+
+      577,  577,  577,  577,  580,  952,  952,  725,  580,  580,
+      580,  580,  580,  580,  580,  580,  580,  580,  580,  725,
+      580,  644,  846,  580,  580,  580,  580,  580,  580,  580,
+      580,  580,  580,  580,  580,  580,  580,  580,  580,  580,
+      580,  580,  580,  580,  580,  580,  846,  580,  580,  580,
+      580,  580,  580,  580,  580,  580,  580,  580,  580,  580,
+      580,  580,  580,  580,  580,  586,  586,  586,  586,  586,
+      586,  586,  586,  586,  586,  666,  643,  666,  666,  666,
+      666,  666,  666,  939,  641,  939,  726,  666,  668,  668,
+      668,  668,  668,  668,  668,  668,  668,  668,  726,  963,
+
+      963,  711,  586,  588,  588,  588,  588,  588,  588,  588,
+      588,  588,  588,  588,  672,  672,  672,  672,  672,  672,
+      672,  672,  672,  672,  985,  711,  703,  985,  703,  703,
+      703,  718,  718,  718,  718,  718,  718,  718,  718,  718,
+      718,  588,  597,  711,  597,  597,  597,  597,  597,  597,
+      597,  597,  597,  597,  597,  600,  728,  600,  600,  600,
+      600,  600,  600,  600,  600,  600,  600,  600,  728,  982,
+      982,  600,  600,  600,  600,  600,  600,  703,  722,  640,
+      722,  722,  722,  722,  722,  722,  727,  727,  727,  727,
+      727,  727,  727,  727,  727,  727,  600,  600,  600,  600,
+
+      600,  600,  603,  603,  603,  603,  603,  603,  603,  603,
+      603,  603,  603,  940,  639,  940,  603,  603,  603,  603,
+      603,  603,  731,  637,  731,  731,  731,  731,  731,  731,
+      944,  947,  944,  947,  731,  734,  734,  734,  734,  734,
+      734,  603,  603,  603,  603,  603,  603,  604,  780,  604,
+      604,  604,  604,  604,  604,  604,  604,  604,  604,  607,
+      780,  607,  607,  607,  607,  607,  607,  607,  607,  607,
+      607,  614,  614,  614,  614,  614,  614,  614,  614,  614,
+      614,  614,  614,  614,  633,  829,  808,  614,  614,  614,
+      614,  614,  614,  733,  733,  733,  733,  733,  733,  733,
+
+      733,  733,  733,  755,  632,  755,  755,  755,  631,  829,
+      808,  629,  614,  614,  614,  614,  614,  614,  617,  617,
+      617,  617,  617,  617,  617,  617,  617,  617,  617,  617,
+      740,  808,  829,  612,  617,  617,  617,  617,  617,  617,
+      781,  740,  763,  763,  763,  763,  763,  763,  763,  763,
+      763,  763,  781,  756,  755,  756,  756,  756,  606,  617,
+      617,  617,  617,  617,  617,  620,  783,  620,  620,  620,
+      620,  620,  620,  620,  620,  620,  620,  621,  783,  957,
+      958,  957,  958,  621,  983,  983,  621,  621,  605,  621,
+      621,  621,  621,  621,  621,  621,  621,  621,  621,  621,
+
+      621,  621,  592,  591,  756,  621,  621,  621,  621,  621,
+      621,  621,  621,  621,  621,  621,  621,  621,  621,  621,
+      621,  621,  621,  621,  621,  621,  621,  621,  621,  621,
+      621,  621,  621,  621,  621,  621,  621,  621,  621,  621,
+      621,  621,  621,  621,  621,  621,  621,  621,  645,  767,
+      585,  767,  767,  767,  767,  767,  767,  645,  966,  582,
+      966,  645,  645,  645,  645,  645,  645,  645,  645,  645,
+      645,  645,  645,  645,  581,  579,  645,  645,  645,  645,
+      645,  645,  645,  645,  645,  645,  645,  645,  645,  645,
+      645,  645,  645,  645,  645,  645,  645,  645,  645,  578,
+
+      645,  645,  645,  645,  645,  645,  645,  645,  645,  645,
+      645,  645,  645,  645,  645,  645,  645,  645,  651,  821,
+      651,  651,  651,  651,  651,  651,  651,  651,  651,  651,
+      967,  821,  967,  757,  576,  757,  757,  757,  789,  789,
+      789,  789,  789,  789,  970,  758,  970,  758,  758,  758,
+      794,  794,  794,  794,  794,  794,  794,  651,  658,  575,
+      658,  658,  658,  658,  658,  658,  658,  658,  658,  658,
+      664,  570,  664,  664,  664,  664,  664,  664,  664,  664,
+      664,  664,  664,  667,  757,  667,  667,  667,  667,  667,
+      667,  667,  667,  667,  667,  667,  758,  569,  567,  667,
+
+      667,  667,  667,  667,  667,  782,  782,  782,  782,  782,
+      782,  782,  782,  782,  782,  818,  531,  818,  818,  818,
+      818,  818,  818,  530,  667,  667,  667,  667,  667,  667,
+      670,  670,  670,  670,  670,  670,  670,  670,  670,  670,
+      670,  976,  529,  976,  670,  670,  670,  670,  670,  670,
+      786,  521,  786,  786,  786,  786,  786,  786,  977,  520,
+      977,  813,  786,  813,  813,  813,  813,  813,  813,  670,
+      670,  670,  670,  670,  670,  671,  519,  671,  671,  671,
+      671,  671,  671,  671,  671,  671,  671,  682,  682,  682,
+      682,  682,  682,  682,  682,  682,  682,  682,  682,  706,
+
+      813,  706,  706,  706,  706,  706,  706,  706,  706,  706,
+      706,  712,  712,  712,  712,  712,  712,  712,  712,  712,
+      712,  762,  515,  762,  762,  762,  508,  762,  762,  507,
+      504,  762,  788,  788,  788,  788,  788,  788,  788,  788,
+      788,  788,  979,  502,  979,  762,  762,  762,  712,  714,
+      501,  714,  714,  714,  714,  714,  714,  714,  714,  714,
+      714,  802,  802,  802,  802,  802,  802,  802,  802,  802,
+      802,  803,  803,  803,  803,  803,  803,  803,  803,  803,
+      803,  862,  862,  862,  862,  862,  862,  498,  714,  729,
+      497,  729,  729,  729,  729,  729,  729,  729,  729,  729,
+
+      729,  729,  732,  496,  732,  732,  732,  732,  732,  732,
+      732,  732,  732,  732,  732,  987,  490,  987,  732,  732,
+      732,  732,  732,  732,  814,  814,  814,  814,  814,  814,
+      814,  814,  814,  814,  835,  489,  835,  835,  835,  835,
+      835,  835,  487,  732,  732,  732,  732,  732,  732,  735,
+      735,  735,  735,  735,  735,  735,  735,  735,  735,  988,
+      991,  988,  991,  735,  735,  735,  735,  735,  735,  831,
+      831,  831,  831,  831,  831,  831,  831,  831,  831,  858,
+      486,  858,  858,  858,  858,  858,  858,  485,  735,  735,
+      735,  735,  735,  735,  736,  484,  736,  736,  736,  736,
+
+      736,  736,  736,  736,  736,  736,  739,  739,  739,  739,
+      739,  739,  739,  739,  739,  739,  739,  772,  858,  772,
+      772,  772,  772,  772,  772,  772,  772,  772,  772,  773,
+      454,  773,  773,  773,  773,  773,  773,  773,  773,  773,
+      773,  774,  453,  774,  774,  774,  774,  774,  774,  774,
+      774,  774,  774,  777,  450,  777,  777,  777,  777,  777,
+      777,  777,  777,  777,  777,  784,  449,  784,  784,  784,
+      784,  784,  784,  784,  784,  784,  784,  784,  787,  448,
+      787,  787,  787,  787,  787,  787,  787,  787,  787,  787,
+      992,  997,  992,  997,  787,  787,  787,  787,  787,  787,
+
+      840,  840,  840,  840,  840,  840,  840,  840,  840,  840,
+      868,  447,  868,  868,  868,  868,  868,  868,  441,  787,
+      787,  787,  787,  787,  787,  790,  440,  790,  790,  790,
+      790,  790,  790,  790,  790,  790,  790,  806,  439,  806,
+      806,  806,  806,  806,  806,  806,  806,  806,  806,  809,
+      438,  809,  809,  809,  809,  809,  809,  809,  809,  809,
+      809,  811,  437,  811,  811,  811,  811,  811,  811,  811,
+      811,  811,  811,  812,  436,  812,  812,  812,  812,  812,
+      812,  812,  812,  812,  812,  824,  435,  824,  824,  824,
+      824,  824,  824,  824,  824,  824,  824,  837,  434,  837,
+
+      837,  837,  837,  837,  837,  837,  837,  837,  837,  838,
+      433,  838,  838,  838,  838,  838,  838,  838,  838,  838,
+      838,  839,  432,  839,  839,  839,  839,  839,  839,  839,
+      839,  839,  839,  841,  841,  841,  841,  841,  841,  841,
+      841,  841,  841,  842,  842,  842,  842,  842,  842,  842,
+      842,  842,  842,  853,  431,  853,  853,  853,  853,  853,
+      853,  853,  853,  853,  853,  854,  430,  854,  854,  854,
+      854,  854,  854,  854,  854,  854,  854,  856,  429,  856,
+      856,  856,  856,  856,  856,  856,  856,  856,  856,  857,
+      428,  857,  857,  857,  857,  857,  857,  857,  857,  857,
+
+      857,  860,  860,  860,  860,  860,  860,  860,  860,  860,
+      860,  861,  861,  861,  861,  861,  861,  861,  861,  861,
+      861,  864,  864,  864,  864,  864,  864,  864,  864,  864,
+      864,  869,  869,  869,  869,  869,  869,  869,  869,  869,
+      869,  872,  872,  872,  872,  872,  872,  872,  872,  872,
+      872,  873,  873,  873,  873,  873,  873,  873,  873,  873,
+      873,  877,  877,  877,  877,  877,  877,  427,  869,  870,
+      870,  870,  870,  870,  870,  870,  870,  870,  870,  874,
+      874,  874,  874,  874,  874,  874,  874,  874,  874,  880,
+      880,  880,  880,  880,  880,  998,  996,  998,  877,  996,
+
+      426,  425,  422,  996,  421,  416,  870,  871,  871,  871,
+      871,  871,  871,  871,  871,  871,  871,  879,  879,  879,
+      879,  879,  879,  879,  879,  879,  879,  415,  414,  408,
+      407,  405,  404,  403,  402,  401,  400,  399,  398,  397,
+      394,  393,  392,  391,  871,  876,  876,  876,  876,  876,
+      876,  876,  876,  876,  876,  375,  374,  373,  372,  370,
+      369,  365,  364,  363,  361,  360,  359,  358,  357,  356,
+      355,  354,  351,  346,  345,  344,  337,  336,  335,  334,
+      333,  327,  876,  882,  882,  882,  882,  882,  882,  882,
+      882,  882,  882,  882,  882,  882,  882,  882,  882,  882,
+
+      882,  882,  882,  882,  883,  883,  883,  883,  883,  883,
+      883,  883,  883,  883,  883,  883,  883,  883,  883,  883,
+      883,  883,  883,  883,  883,  884,  884,  884,  884,  884,
+      884,  884,  884,  884,  884,  884,  884,  884,  884,  884,
+      884,  884,  884,  884,  884,  884,  885,  885,  885,  885,
+      885,  885,  885,  885,  885,  885,  885,  885,  885,  885,
+      885,  885,  885,  885,  885,  885,  885,  886,  326,  324,
+      323,  322,  321,  320,  886,  319,  886,  886,  886,  886,
+      318,  317,  886,  886,  886,  886,  886,  886,  887,  887,
+      887,  887,  887,  887,  887,  887,  887,  887,  887,  887,
+
+      887,  887,  887,  887,  887,  887,  887,  887,  887,  888,
+      316,  315,  312,  311,  888,  309,  888,  301,  888,  888,
+      888,  888,  888,  300,  888,  888,  888,  888,  888,  888,
+      889,  297,  296,  289,  288,  286,  285,  889,  284,  889,
+      889,  889,  889,  283,  282,  889,  889,  889,  889,  889,
+      889,  890,  281,  280,  890,  890,  279,  890,  890,  278,
+      890,  890,  890,  890,  277,  276,  890,  890,  890,  890,
+      890,  890,  891,  891,  275,  891,  272,  269,  268,  891,
+      893,  267,  261,  893,  893,  258,  893,  893,  257,  893,
+      893,  893,  893,  256,  255,  893,  893,  893,  893,  893,
+
+      893,  894,  254,  251,  894,  894,  250,  894,  894,  249,
+      894,  894,  894,  894,  248,  894,  894,  894,  247,  894,
+      894,  894,  896,  246,  244,  896,  243,  242,  896,  896,
+      241,  896,  896,  896,  896,  896,  240,  896,  896,  896,
+      896,  896,  896,  897,  897,  897,  897,  897,  897,  897,
+      897,  897,  897,  897,  897,  897,  897,  897,  897,  897,
+      897,  897,  897,  897,  898,  898,  239,  898,  238,  898,
+      898,  898,  898,  898,  898,  898,  898,  898,  898,  898,
+      898,  898,  898,  898,  898,  899,  237,  236,  235,  234,
+      899,  228,  899,  227,  899,  899,  899,  899,  899,  220,
+
+      899,  899,  899,  899,  899,  899,  900,  219,  218,  217,
+      216,  215,  213,  900,  212,  900,  900,  900,  900,  211,
+      900,  900,  900,  900,  900,  900,  900,  901,  210,  208,
+      901,  901,  202,  901,  901,  194,  901,  901,  901,  901,
+      190,  901,  901,  901,  901,  901,  901,  901,  902,  902,
+      902,  902,  902,  902,  902,  902,  902,  902,  902,  902,
+      902,  902,  902,  902,  902,  902,  902,  902,  902,  903,
+      903,  186,  903,  903,  903,  903,  903,  903,  903,  903,
+      903,  903,  903,  903,  903,  903,  903,  903,  903,  903,
+      905,  185,  183,  905,  905,  179,  905,  905,  172,  905,
+
+      905,  905,  905,  167,  165,  905,  905,  905,  905,  905,
+      905,  906,  906,  163,  906,  155,  154,  153,  906,  907,
+      907,  152,  907,  151,  145,  144,  907,  908,  908,  908,
+      143,  908,  142,  141,  140,  908,  909,  138,  137,  909,
+      909,  136,  909,  909,  135,  909,  909,  909,  909,  134,
+      133,  909,  909,  909,  909,  909,  909,  910,  129,  125,
+      910,  910,  124,  910,  910,  120,  910,  910,  910,  910,
+      117,  114,  910,  910,  910,  910,  910,  910,  911,  109,
+      108,  911,  911,  107,  911,  911,  105,  911,  911,  911,
+      911,  101,  911,  911,  911,  100,  911,  911,  911,  913,
+
+       99,   98,  913,   97,   93,  913,  913,   80,  913,  913,
+      913,  913,  913,   73,  913,  913,  913,  913,  913,  913,
+      914,  914,   66,  914,   62,  914,  914,  914,  914,  914,
+      914,  914,  914,  914,  914,  914,  914,  914,  914,  914,
+      914,  915,   61,   60,   58,   57,   55,   53,  915,   44,
+      915,  915,  915,  915,   43,   41,  915,  915,  915,  915,
+      915,  915,  916,   40,   35,   31,   25,   19,   17,  916,
+       16,  916,  916,  916,  916,   15,  916,  916,  916,  916,
+      916,  916,  916,  917,    0,    0,  917,  917,    0,  917,
+      917,    0,  917,  917,  917,  917,    0,  917,  917,  917,
+
+      917,  917,  917,  917,  918,    0,    0,  918,  918,    0,
+      918,  919,  919,  919,  919,  919,  919,  919,  919,  919,
+      919,  919,  919,  919,  919,  919,  919,  919,  919,  919,
+      919,  919,  920,  920,    0,  920,    0,    0,    0,  920,
+      921,  921,  921,    0,  921,    0,    0,    0,  921,  924,
+      924,    0,  924,    0,    0,    0,  924,  925,  925,    0,
+      925,    0,    0,    0,  925,  926,  926,    0,  926,    0,
+        0,    0,  926,  927,  927,  927,    0,  927,    0,    0,
+        0,  927,  928,    0,    0,  928,  928,    0,  928,  929,
+      929,    0,  929,    0,    0,    0,  929,  930,  930,    0,
+
+      930,    0,    0,    0,  930,  931,  931,    0,  931,    0,
+        0,    0,  931,  932,  932,  932,    0,  932,    0,    0,
+        0,  932,  933,  933,  933,  933,    0,  933,    0,    0,
+        0,  933,  936,  936,    0,  936,    0,    0,    0,  936,
+      937,  937,    0,  937,    0,    0,    0,  937,  938,  938,
+        0,  938,    0,    0,    0,  938,  941,  941,  941,    0,
+      941,    0,    0,    0,  941,  942,  942,  942,  942,    0,
+      942,    0,    0,    0,  942,  943,  943,  943,  943,  943,
+      943,  943,  943,  943,  943,  943,  943,  943,  943,  943,
+      943,  943,  943,  943,  943,  943,  945,  945,    0,  945,
+
+        0,    0,    0,  945,  946,  946,    0,  946,    0,    0,
+        0,  946,  948,  948,  948,    0,  948,    0,    0,    0,
+      948,  949,  949,  949,  949,    0,  949,    0,    0,    0,
+      949,  950,  950,  950,  950,  950,  950,  950,  950,  950,
+      950,  950,  950,  950,  950,  950,  950,  950,  950,  950,
+      950,  950,  953,    0,    0,  953,  953,    0,  953,  954,
+        0,    0,    0,  954,  954,    0,  954,  954,  954,    0,
+        0,  954,  954,  955,  955,    0,  955,    0,    0,    0,
+      955,  956,    0,  956,  956,    0,  956,    0,    0,    0,
+      956,  959,  959,  959,    0,  959,    0,    0,    0,  959,
+
+      960,  960,  960,  960,    0,  960,    0,    0,    0,  960,
+      961,  961,    0,    0,  961,    0,    0,    0,  961,  962,
+      962,  962,  962,  962,  962,  962,  962,  962,  962,  962,
+      962,  962,  962,  962,  962,  962,  962,  962,  962,  962,
+      964,    0,    0,  964,  964,    0,  964,  965,    0,    0,
+        0,  965,  965,    0,  965,  965,  965,    0,    0,  965,
+      965,  968,  968,    0,  968,    0,    0,    0,  968,  969,
+        0,  969,  969,    0,  969,    0,    0,    0,  969,  971,
+      971,  971,    0,  971,    0,    0,    0,  971,  972,  972,
+      972,    0,    0,  972,    0,    0,    0,  972,  973,  973,
+
+      973,  973,  973,  973,  973,  973,  973,  973,  973,  973,
+      973,  973,  973,  973,  973,  973,  973,  973,  973,  974,
+      974,    0,  974,  974,  974,    0,  974,    0,  974,  974,
+      974,  974,    0,    0,  974,  974,  974,  974,  974,  974,
+      975,  975,    0,  975,  975,  975,    0,  975,    0,  975,
+      975,  975,  975,    0,    0,  975,  975,  975,  975,  975,
+      975,  978,    0,    0,    0,    0,    0,    0,    0,    0,
+        0,    0,  978,  978,    0,  978,  978,    0,  978,  980,
+      980,    0,  980,    0,    0,    0,  980,  981,    0,  981,
+      981,    0,  981,    0,    0,    0,  981,  984,  984,    0,
+
+        0,  984,    0,    0,    0,  984,  986,    0,    0,    0,
+        0,    0,    0,  986,    0,  986,  986,  986,  986,    0,
+        0,  986,  986,  986,  986,  986,  986,  989,  989,    0,
+      989,    0,    0,    0,  989,  990,    0,  990,  990,    0,
+      990,    0,    0,    0,  990,  993,  993,    0,  993,    0,
+        0,    0,  993,  994,    0,  994,    0,    0,  994,    0,
+        0,    0,  994,  995,  995,  995,  995,  995,  995,  995,
+      995,  995,  995,  995,  995,  995,  995,  995,  995,  995,
+      995,  995,  995,  995,  881,  881,  881,  881,  881,  881,
+      881,  881,  881,  881,  881,  881,  881,  881,  881,  881,
+
+      881,  881,  881,  881,  881,  881,  881,  881,  881,  881,
+      881,  881,  881,  881,  881,  881,  881,  881,  881,  881,
+      881,  881,  881,  881,  881,  881,  881,  881,  881,  881,
+      881,  881,  881,  881,  881,  881,  881,  881,  881,  881,
+      881,  881,  881,  881,  881,  881,  881,  881,  881,  881,
+      881,  881,  881,  881,  881,  881
+    } ;
+
+static yy_state_type yy_last_accepting_state;
+static char *yy_last_accepting_cpos;
+
+extern int sudoers_flex_debug;
+int sudoers_flex_debug = 0;
+
+/* The intent behind this definition is that it'll catch
+ * any uses of REJECT which flex missed.
+ */
+#define REJECT reject_used_but_not_detected
+#define yymore() yymore_used_but_not_detected
+#define YY_MORE_ADJ 0
+#define YY_RESTORE_YY_MORE_OFFSET
+char *sudoerstext;
+#line 1 "toke.l"
+#line 2 "toke.l"
+/*
+ * Copyright (c) 1996, 1998-2005, 2007-2017
+ *	Todd C. Miller <Todd.Miller@sudo.ws>
+ *
+ * Permission to use, copy, modify, and distribute this software for any
+ * purpose with or without fee is hereby granted, provided that the above
+ * copyright notice and this permission notice appear in all copies.
+ *
+ * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
+ * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
+ * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
+ * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
+ * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
+ * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
+ * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
+ *
+ * Sponsored in part by the Defense Advanced Research Projects
+ * Agency (DARPA) and Air Force Research Laboratory, Air Force
+ * Materiel Command, USAF, under agreement number F39502-99-1-0512.
+ */
+
+#include <config.h>
+
+#include <sys/types.h>
+#include <sys/stat.h>
+#include <stdio.h>
+#include <stdlib.h>
+#ifdef HAVE_STRING_H
+# include <string.h>
+#endif /* HAVE_STRING_H */
+#ifdef HAVE_STRINGS_H
+# include <strings.h>
+#endif /* HAVE_STRINGS_H */
+#if defined(HAVE_STDINT_H)
+# include <stdint.h>
+#elif defined(HAVE_INTTYPES_H)
+# include <inttypes.h>
+#endif
+#include <unistd.h>
+#include <dirent.h>
+#include <errno.h>
+#include <ctype.h>
+#include "sudoers.h"
+#include "toke.h"
+#include <gram.h>
+#include "sudo_digest.h"
+#include "sudo_lbuf.h"
+
+#if defined(HAVE_STRUCT_DIRENT_D_NAMLEN) && HAVE_STRUCT_DIRENT_D_NAMLEN
+# define NAMLEN(dirent)	(dirent)->d_namlen
+#else
+# define NAMLEN(dirent)	strlen((dirent)->d_name)
+#endif
+
+int sudolineno;			/* current sudoers line number. */
+int last_token;			/* last token that was parsed. */
+char *sudoers;			/* sudoers file being parsed. */
+
+/* Default sudoers path, mode and owner (may be set via sudo.conf) */
+const char *sudoers_file = _PATH_SUDOERS;
+mode_t sudoers_mode = SUDOERS_MODE;
+uid_t sudoers_uid = SUDOERS_UID;
+gid_t sudoers_gid = SUDOERS_GID;
+
+static bool continued, sawspace;
+static int prev_state;
+static int digest_type = -1;
+
+static bool push_include_int(char *, bool);
+static bool pop_include(void);
+static char *parse_include_int(const char *, bool);
+
+int (*trace_print)(const char *msg) = sudoers_trace_print;
+
+#define LEXRETURN(n)	do {	\
+	last_token = (n);	\
+	return (n);		\
+} while (0)
+
+#define ECHO	ignore_result(fwrite(sudoerstext, sudoersleng, 1, sudoersout))
+
+#define	parse_include(_p)	(parse_include_int((_p), false))
+#define	parse_includedir(_p)	(parse_include_int((_p), true))
+#define	push_include(_p)	(push_include_int((_p), false))
+#define	push_includedir(_p)	(push_include_int((_p), true))
+#define YY_NO_INPUT 1
+
+
+
+
+
+
+#line 2133 "toke.c"
+
+#define INITIAL 0
+#define GOTDEFS 1
+#define GOTCMND 2
+#define STARTDEFS 3
+#define INDEFS 4
+#define INSTR 5
+#define WANTDIGEST 6
+
+#ifndef YY_NO_UNISTD_H
+/* Special case for "unistd.h", since it is non-ANSI. We include it way
+ * down here because we want the user's section 1 to have been scanned first.
+ * The user has a chance to override it with an option.
+ */
+#include <unistd.h>
+#endif
+
+#ifndef YY_EXTRA_TYPE
+#define YY_EXTRA_TYPE void *
+#endif
+
+static int yy_init_globals (void );
+
+/* Accessor methods to globals.
+   These are made visible to non-reentrant scanners for convenience. */
+
+int sudoerslex_destroy (void );
+
+int sudoersget_debug (void );
+
+void sudoersset_debug (int debug_flag  );
+
+YY_EXTRA_TYPE sudoersget_extra (void );
+
+void sudoersset_extra (YY_EXTRA_TYPE user_defined  );
+
+FILE *sudoersget_in (void );
+
+void sudoersset_in  (FILE * in_str  );
+
+FILE *sudoersget_out (void );
+
+void sudoersset_out  (FILE * out_str  );
+
+yy_size_t sudoersget_leng (void );
+
+char *sudoersget_text (void );
+
+int sudoersget_lineno (void );
+
+void sudoersset_lineno (int line_number  );
+
+/* Macros after this point can all be overridden by user definitions in
+ * section 1.
+ */
+
+#ifndef YY_SKIP_YYWRAP
+#ifdef __cplusplus
+extern "C" int sudoerswrap (void );
+#else
+extern int sudoerswrap (void );
+#endif
+#endif
+
+#ifndef yytext_ptr
+static void yy_flex_strncpy (char *,yyconst char *,int );
+#endif
+
+#ifdef YY_NEED_STRLEN
+static int yy_flex_strlen (yyconst char * );
+#endif
+
+#ifndef YY_NO_INPUT
+
+#ifdef __cplusplus
+static int yyinput (void );
+#else
+static int input (void );
+#endif
+
+#endif
+
+/* Amount of stuff to slurp up with each read. */
+#ifndef YY_READ_BUF_SIZE
+#define YY_READ_BUF_SIZE 8192
+#endif
+
+/* Copy whatever the last rule matched to the standard output. */
+#ifndef ECHO
+/* This used to be an fputs(), but since the string might contain NUL's,
+ * we now use fwrite().
+ */
+#define ECHO do { if (fwrite( sudoerstext, sudoersleng, 1, sudoersout )) {} } while (0)
+#endif
+
+/* Gets input and stuffs it into "buf".  number of characters read, or YY_NULL,
+ * is returned in "result".
+ */
+#ifndef YY_INPUT
+#define YY_INPUT(buf,result,max_size) \
+	if ( YY_CURRENT_BUFFER_LVALUE->yy_is_interactive ) \
+		{ \
+		int c = '*'; \
+		size_t n; \
+		for ( n = 0; n < max_size && \
+			     (c = getc( sudoersin )) != EOF && c != '\n'; ++n ) \
+			buf[n] = (char) c; \
+		if ( c == '\n' ) \
+			buf[n++] = (char) c; \
+		if ( c == EOF && ferror( sudoersin ) ) \
+			YY_FATAL_ERROR( "input in flex scanner failed" ); \
+		result = n; \
+		} \
+	else \
+		{ \
+		errno=0; \
+		while ( (result = fread(buf, 1, max_size, sudoersin))==0 && ferror(sudoersin)) \
+			{ \
+			if( errno != EINTR) \
+				{ \
+				YY_FATAL_ERROR( "input in flex scanner failed" ); \
+				break; \
+				} \
+			errno=0; \
+			clearerr(sudoersin); \
+			} \
+		}\
+\
+
+#endif
+
+/* No semi-colon after return; correct usage is to write "yyterminate();" -
+ * we don't want an extra ';' after the "return" because that will cause
+ * some compilers to complain about unreachable statements.
+ */
+#ifndef yyterminate
+#define yyterminate() return YY_NULL
+#endif
+
+/* Number of entries by which start-condition stack grows. */
+#ifndef YY_START_STACK_INCR
+#define YY_START_STACK_INCR 25
+#endif
+
+/* Report a fatal error. */
+#ifndef YY_FATAL_ERROR
+#define YY_FATAL_ERROR(msg) yy_fatal_error( msg )
+#endif
+
+/* end tables serialization structures and prototypes */
+
+/* Default declaration of generated scanner - a define so the user can
+ * easily add parameters.
+ */
+#ifndef YY_DECL
+#define YY_DECL_IS_OURS 1
+
+extern int sudoerslex (void);
+
+#define YY_DECL int sudoerslex (void)
+#endif /* !YY_DECL */
+
+/* Code executed at the beginning of each rule, after sudoerstext and sudoersleng
+ * have been set up.
+ */
+#ifndef YY_USER_ACTION
+#define YY_USER_ACTION
+#endif
+
+/* Code executed at the end of each rule. */
+#ifndef YY_BREAK
+#define YY_BREAK break;
+#endif
+
+#define YY_RULE_SETUP \
+	if ( sudoersleng > 0 ) \
+		YY_CURRENT_BUFFER_LVALUE->yy_at_bol = \
+				(sudoerstext[sudoersleng - 1] == '\n'); \
+	YY_USER_ACTION
+
+/** The main scanner function which does all the work.
+ */
+YY_DECL
+{
+	yy_state_type yy_current_state;
+	char *yy_cp, *yy_bp;
+	int yy_act;
+    
+	if ( !(yy_init) )
+		{
+		(yy_init) = 1;
+
+#ifdef YY_USER_INIT
+		YY_USER_INIT;
+#endif
+
+		if ( ! (yy_start) )
+			(yy_start) = 1;	/* first start state */
+
+		if ( ! sudoersin )
+			sudoersin = stdin;
+
+		if ( ! sudoersout )
+			sudoersout = stdout;
+
+		if ( ! YY_CURRENT_BUFFER ) {
+			sudoersensure_buffer_stack ();
+			YY_CURRENT_BUFFER_LVALUE =
+				sudoers_create_buffer(sudoersin,YY_BUF_SIZE );
+		}
+
+		sudoers_load_buffer_state( );
+		}
+
+	{
+#line 113 "toke.l"
+
+#line 2351 "toke.c"
+
+	while ( 1 )		/* loops until end-of-file is reached */
+		{
+		yy_cp = (yy_c_buf_p);
+
+		/* Support of sudoerstext. */
+		*yy_cp = (yy_hold_char);
+
+		/* yy_bp points to the position in yy_ch_buf of the start of
+		 * the current run.
+		 */
+		yy_bp = yy_cp;
+
+		yy_current_state = (yy_start);
+		yy_current_state += YY_AT_BOL();
+yy_match:
+		do
+			{
+			YY_CHAR yy_c = yy_ec[YY_SC_TO_UI(*yy_cp)] ;
+			if ( yy_accept[yy_current_state] )
+				{
+				(yy_last_accepting_state) = yy_current_state;
+				(yy_last_accepting_cpos) = yy_cp;
+				}
+			while ( yy_chk[yy_base[yy_current_state] + yy_c] != yy_current_state )
+				{
+				yy_current_state = (int) yy_def[yy_current_state];
+				if ( yy_current_state >= 882 )
+					yy_c = yy_meta[(unsigned int) yy_c];
+				}
+			yy_current_state = yy_nxt[yy_base[yy_current_state] + (unsigned int) yy_c];
+			++yy_cp;
+			}
+		while ( yy_base[yy_current_state] != 5585 );
+
+yy_find_action:
+		yy_act = yy_accept[yy_current_state];
+		if ( yy_act == 0 )
+			{ /* have to back up */
+			yy_cp = (yy_last_accepting_cpos);
+			yy_current_state = (yy_last_accepting_state);
+			yy_act = yy_accept[yy_current_state];
+			}
+
+		YY_DO_BEFORE_ACTION;
+
+do_action:	/* This label is used only to access EOF actions. */
+
+		switch ( yy_act )
+	{ /* beginning of action switch */
+			case 0: /* must back up */
+			/* undo the effects of YY_DO_BEFORE_ACTION */
+			*yy_cp = (yy_hold_char);
+			yy_cp = (yy_last_accepting_cpos);
+			yy_current_state = (yy_last_accepting_state);
+			goto yy_find_action;
+
+case 1:
+YY_RULE_SETUP
+#line 114 "toke.l"
+{
+			    LEXTRACE(", ");
+			    LEXRETURN(',');
+			}			/* return ',' */
+	YY_BREAK
+case 2:
+YY_RULE_SETUP
+#line 119 "toke.l"
+BEGIN STARTDEFS;
+	YY_BREAK
+case 3:
+YY_RULE_SETUP
+#line 121 "toke.l"
+{
+			    BEGIN INDEFS;
+			    LEXTRACE("DEFVAR ");
+			    if (!fill(sudoerstext, sudoersleng))
+				yyterminate();
+			    LEXRETURN(DEFVAR);
+			}
+	YY_BREAK
+
+case 4:
+YY_RULE_SETUP
+#line 130 "toke.l"
+{
+			    BEGIN STARTDEFS;
+			    LEXTRACE(", ");
+			    LEXRETURN(',');
+			}			/* return ',' */
+	YY_BREAK
+case 5:
+YY_RULE_SETUP
+#line 136 "toke.l"
+{
+			    LEXTRACE("= ");
+			    LEXRETURN('=');
+			}			/* return '=' */
+	YY_BREAK
+case 6:
+YY_RULE_SETUP
+#line 141 "toke.l"
+{
+			    LEXTRACE("+= ");
+			    LEXRETURN('+');
+			}			/* return '+' */
+	YY_BREAK
+case 7:
+YY_RULE_SETUP
+#line 146 "toke.l"
+{
+			    LEXTRACE("-= ");
+			    LEXRETURN('-');
+			}			/* return '-' */
+	YY_BREAK
+case 8:
+YY_RULE_SETUP
+#line 151 "toke.l"
+{
+			    LEXTRACE("BEGINSTR ");
+			    sudoerslval.string = NULL;
+			    prev_state = YY_START;
+			    BEGIN INSTR;
+			}
+	YY_BREAK
+case 9:
+YY_RULE_SETUP
+#line 158 "toke.l"
+{
+			    LEXTRACE("WORD(2) ");
+			    if (!fill(sudoerstext, sudoersleng))
+				yyterminate();
+			    LEXRETURN(WORD);
+			}
+	YY_BREAK
+
+
+case 10:
+/* rule 10 can match eol */
+YY_RULE_SETUP
+#line 167 "toke.l"
+{
+			    /* Line continuation char followed by newline. */
+			    sudolineno++;
+			    continued = true;
+			}
+	YY_BREAK
+case 11:
+YY_RULE_SETUP
+#line 173 "toke.l"
+{
+			    LEXTRACE("ENDSTR ");
+			    BEGIN prev_state;
+
+			    if (sudoerslval.string == NULL) {
+				LEXTRACE("ERROR "); /* empty string */
+				LEXRETURN(ERROR);
+			    }
+			    if (prev_state == INITIAL) {
+				switch (sudoerslval.string[0]) {
+				case '%':
+				    if (sudoerslval.string[1] == '\0' ||
+					(sudoerslval.string[1] == ':' &&
+					sudoerslval.string[2] == '\0')) {
+					LEXTRACE("ERROR "); /* empty group */
+					LEXRETURN(ERROR);
+				    }
+				    LEXTRACE("USERGROUP ");
+				    LEXRETURN(USERGROUP);
+				case '+':
+				    if (sudoerslval.string[1] == '\0') {
+					LEXTRACE("ERROR "); /* empty netgroup */
+					LEXRETURN(ERROR);
+				    }
+				    LEXTRACE("NETGROUP ");
+				    LEXRETURN(NETGROUP);
+				}
+			    }
+			    LEXTRACE("WORD(4) ");
+			    LEXRETURN(WORD);
+			}
+	YY_BREAK
+case 12:
+YY_RULE_SETUP
+#line 205 "toke.l"
+{
+			    LEXTRACE("BACKSLASH ");
+			    if (!append(sudoerstext, sudoersleng))
+				yyterminate();
+			}
+	YY_BREAK
+case 13:
+YY_RULE_SETUP
+#line 211 "toke.l"
+{
+			    LEXTRACE("STRBODY ");
+			    if (!append(sudoerstext, sudoersleng))
+				yyterminate();
+			}
+	YY_BREAK
+
+
+case 14:
+YY_RULE_SETUP
+#line 219 "toke.l"
+{
+			    /* quoted fnmatch glob char, pass verbatim */
+			    LEXTRACE("QUOTEDCHAR ");
+			    if (!fill_args(sudoerstext, 2, sawspace))
+				yyterminate();
+			    sawspace = false;
+			}
+	YY_BREAK
+case 15:
+YY_RULE_SETUP
+#line 227 "toke.l"
+{
+			    /* quoted sudoers special char, strip backslash */
+			    LEXTRACE("QUOTEDCHAR ");
+			    if (!fill_args(sudoerstext + 1, 1, sawspace))
+				yyterminate();
+			    sawspace = false;
+			}
+	YY_BREAK
+case 16:
+/* rule 16 can match eol */
+YY_RULE_SETUP
+#line 235 "toke.l"
+{
+			    BEGIN INITIAL;
+			    yyless(0);
+			    LEXRETURN(COMMAND);
+			}			/* end of command line args */
+	YY_BREAK
+case 17:
+YY_RULE_SETUP
+#line 241 "toke.l"
+{
+			    LEXTRACE("ARG ");
+			    if (!fill_args(sudoerstext, sudoersleng, sawspace))
+				yyterminate();
+			    sawspace = false;
+			}			/* a command line arg */
+	YY_BREAK
+
+case 18:
+YY_RULE_SETUP
+#line 249 "toke.l"
+{
+			    /* Only return DIGEST if the length is correct. */
+			    yy_size_t digest_len =
+				sudo_digest_getlen(digest_type);
+			    if ((yy_size_t)sudoersleng == digest_len * 2) {
+				if (!fill(sudoerstext, sudoersleng))
+				    yyterminate();
+				BEGIN INITIAL;
+				LEXTRACE("DIGEST ");
+				LEXRETURN(DIGEST);
+			    }
+			    BEGIN INITIAL;
+			    yyless(sudoersleng);
+			} /* hex digest */
+	YY_BREAK
+case 19:
+YY_RULE_SETUP
+#line 264 "toke.l"
+{
+			    /* Only return DIGEST if the length is correct. */
+			    yy_size_t len, digest_len =
+				sudo_digest_getlen(digest_type);
+			    if (sudoerstext[sudoersleng - 1] == '=') {
+				/* use padding */
+				len = 4 * ((digest_len + 2) / 3);
+			    } else {
+				/* no padding */
+				len = (4 * digest_len + 2) / 3;
+			    }
+			    if ((yy_size_t)sudoersleng == len) {
+				if (!fill(sudoerstext, sudoersleng))
+				    yyterminate();
+				BEGIN INITIAL;
+				LEXTRACE("DIGEST ");
+				LEXRETURN(DIGEST);
+			    }
+			    BEGIN INITIAL;
+			    yyless(sudoersleng);
+			} /* base64 digest */
+	YY_BREAK
+case 20:
+/* rule 20 can match eol */
+YY_RULE_SETUP
+#line 286 "toke.l"
+{
+			    char *path;
+
+			    if (continued) {
+				LEXTRACE("ERROR ");
+				LEXRETURN(ERROR);
+			    }
+
+			    if ((path = parse_include(sudoerstext)) == NULL)
+				yyterminate();
+
+			    LEXTRACE("INCLUDE\n");
+
+			    /* Push current buffer and switch to include file */
+			    if (!push_include(path))
+				yyterminate();
+			}
+	YY_BREAK
+case 21:
+/* rule 21 can match eol */
+YY_RULE_SETUP
+#line 304 "toke.l"
+{
+			    char *path;
+
+			    if (continued) {
+				LEXTRACE("ERROR ");
+				LEXRETURN(ERROR);
+			    }
+
+			    if ((path = parse_includedir(sudoerstext)) == NULL)
+				yyterminate();
+
+			    LEXTRACE("INCLUDEDIR\n");
+
+			    /*
+			     * Push current buffer and switch to include file,
+			     * ignoring missing or empty directories.
+			     */
+			    if (!push_includedir(path))
+				yyterminate();
+			}
+	YY_BREAK
+case 22:
+YY_RULE_SETUP
+#line 325 "toke.l"
+{
+			    char deftype;
+			    int n;
+
+			    if (continued) {
+				LEXTRACE("ERROR ");
+				LEXRETURN(ERROR);
+			    }
+
+			    for (n = 0; isblank((unsigned char)sudoerstext[n]); n++)
+				continue;
+			    n += sizeof("Defaults") - 1;
+			    if ((deftype = sudoerstext[n++]) != '\0') {
+				while (isblank((unsigned char)sudoerstext[n]))
+				    n++;
+			    }
+			    BEGIN GOTDEFS;
+			    switch (deftype) {
+				case ':':
+				    yyless(n);
+				    LEXTRACE("DEFAULTS_USER ");
+				    LEXRETURN(DEFAULTS_USER);
+				case '>':
+				    yyless(n);
+				    LEXTRACE("DEFAULTS_RUNAS ");
+				    LEXRETURN(DEFAULTS_RUNAS);
+				case '@':
+				    yyless(n);
+				    LEXTRACE("DEFAULTS_HOST ");
+				    LEXRETURN(DEFAULTS_HOST);
+				case '!':
+				    yyless(n);
+				    LEXTRACE("DEFAULTS_CMND ");
+				    LEXRETURN(DEFAULTS_CMND);
+				default:
+				    LEXTRACE("DEFAULTS ");
+				    LEXRETURN(DEFAULTS);
+			    }
+			}
+	YY_BREAK
+case 23:
+YY_RULE_SETUP
+#line 365 "toke.l"
+{
+			    int n;
+
+			    if (continued) {
+				LEXTRACE("ERROR ");
+				LEXRETURN(ERROR);
+			    }
+
+			    for (n = 0; isblank((unsigned char)sudoerstext[n]); n++)
+				continue;
+			    switch (sudoerstext[n]) {
+				case 'H':
+				    LEXTRACE("HOSTALIAS ");
+				    LEXRETURN(HOSTALIAS);
+				case 'C':
+				    LEXTRACE("CMNDALIAS ");
+				    LEXRETURN(CMNDALIAS);
+				case 'U':
+				    LEXTRACE("USERALIAS ");
+				    LEXRETURN(USERALIAS);
+				case 'R':
+				    LEXTRACE("RUNASALIAS ");
+				    LEXRETURN(RUNASALIAS);
+			    }
+			}
+	YY_BREAK
+case 24:
+YY_RULE_SETUP
+#line 391 "toke.l"
+{
+				/* cmnd does not require passwd for this user */
+			    	LEXTRACE("NOPASSWD ");
+			    	LEXRETURN(NOPASSWD);
+			}
+	YY_BREAK
+case 25:
+YY_RULE_SETUP
+#line 397 "toke.l"
+{
+				/* cmnd requires passwd for this user */
+			    	LEXTRACE("PASSWD ");
+			    	LEXRETURN(PASSWD);
+			}
+	YY_BREAK
+case 26:
+YY_RULE_SETUP
+#line 403 "toke.l"
+{
+			    	LEXTRACE("NOEXEC ");
+			    	LEXRETURN(NOEXEC);
+			}
+	YY_BREAK
+case 27:
+YY_RULE_SETUP
+#line 408 "toke.l"
+{
+			    	LEXTRACE("EXEC ");
+			    	LEXRETURN(EXEC);
+			}
+	YY_BREAK
+case 28:
+YY_RULE_SETUP
+#line 413 "toke.l"
+{
+			    	LEXTRACE("SETENV ");
+			    	LEXRETURN(SETENV);
+			}
+	YY_BREAK
+case 29:
+YY_RULE_SETUP
+#line 418 "toke.l"
+{
+			    	LEXTRACE("NOSETENV ");
+			    	LEXRETURN(NOSETENV);
+			}
+	YY_BREAK
+case 30:
+YY_RULE_SETUP
+#line 423 "toke.l"
+{
+			    	LEXTRACE("LOG_OUTPUT ");
+			    	LEXRETURN(LOG_OUTPUT);
+			}
+	YY_BREAK
+case 31:
+YY_RULE_SETUP
+#line 428 "toke.l"
+{
+			    	LEXTRACE("NOLOG_OUTPUT ");
+			    	LEXRETURN(NOLOG_OUTPUT);
+			}
+	YY_BREAK
+case 32:
+YY_RULE_SETUP
+#line 433 "toke.l"
+{
+			    	LEXTRACE("LOG_INPUT ");
+			    	LEXRETURN(LOG_INPUT);
+			}
+	YY_BREAK
+case 33:
+YY_RULE_SETUP
+#line 438 "toke.l"
+{
+			    	LEXTRACE("NOLOG_INPUT ");
+			    	LEXRETURN(NOLOG_INPUT);
+			}
+	YY_BREAK
+case 34:
+YY_RULE_SETUP
+#line 443 "toke.l"
+{
+			    	LEXTRACE("MAIL ");
+			    	LEXRETURN(MAIL);
+			}
+	YY_BREAK
+case 35:
+YY_RULE_SETUP
+#line 448 "toke.l"
+{
+			    	LEXTRACE("NOMAIL ");
+			    	LEXRETURN(NOMAIL);
+			}
+	YY_BREAK
+case 36:
+YY_RULE_SETUP
+#line 453 "toke.l"
+{
+			    	LEXTRACE("FOLLOW ");
+			    	LEXRETURN(FOLLOW);
+			}
+	YY_BREAK
+case 37:
+YY_RULE_SETUP
+#line 458 "toke.l"
+{
+			    	LEXTRACE("NOFOLLOW ");
+			    	LEXRETURN(NOFOLLOW);
+			}
+	YY_BREAK
+case 38:
+YY_RULE_SETUP
+#line 463 "toke.l"
+{
+			    /* empty group or netgroup */
+			    LEXTRACE("ERROR ");
+			    LEXRETURN(ERROR);
+			}
+	YY_BREAK
+case 39:
+YY_RULE_SETUP
+#line 469 "toke.l"
+{
+			    /* netgroup */
+			    if (!fill(sudoerstext, sudoersleng))
+				yyterminate();
+			    LEXTRACE("NETGROUP ");
+			    LEXRETURN(NETGROUP);
+			}
+	YY_BREAK
+case 40:
+YY_RULE_SETUP
+#line 477 "toke.l"
+{
+			    /* group */
+			    if (!fill(sudoerstext, sudoersleng))
+				yyterminate();
+			    LEXTRACE("USERGROUP ");
+			    LEXRETURN(USERGROUP);
+			}
+	YY_BREAK
+case 41:
+YY_RULE_SETUP
+#line 485 "toke.l"
+{
+			    if (!fill(sudoerstext, sudoersleng))
+				yyterminate();
+			    LEXTRACE("NTWKADDR ");
+			    LEXRETURN(NTWKADDR);
+			}
+	YY_BREAK
+case 42:
+YY_RULE_SETUP
+#line 492 "toke.l"
+{
+			    if (!fill(sudoerstext, sudoersleng))
+				yyterminate();
+			    LEXTRACE("NTWKADDR ");
+			    LEXRETURN(NTWKADDR);
+			}
+	YY_BREAK
+case 43:
+YY_RULE_SETUP
+#line 499 "toke.l"
+{
+			    if (!ipv6_valid(sudoerstext)) {
+				LEXTRACE("ERROR ");
+				LEXRETURN(ERROR);
+			    }
+			    if (!fill(sudoerstext, sudoersleng))
+				yyterminate();
+			    LEXTRACE("NTWKADDR ");
+			    LEXRETURN(NTWKADDR);
+			}
+	YY_BREAK
+case 44:
+YY_RULE_SETUP
+#line 510 "toke.l"
+{
+			    if (!ipv6_valid(sudoerstext)) {
+				LEXTRACE("ERROR ");
+				LEXRETURN(ERROR);
+			    }
+			    if (!fill(sudoerstext, sudoersleng))
+				yyterminate();
+			    LEXTRACE("NTWKADDR ");
+			    LEXRETURN(NTWKADDR);
+			}
+	YY_BREAK
+case 45:
+YY_RULE_SETUP
+#line 521 "toke.l"
+{
+			    LEXTRACE("ALL ");
+			    LEXRETURN(ALL);
+
+			}
+	YY_BREAK
+case 46:
+YY_RULE_SETUP
+#line 527 "toke.l"
+{
+			    LEXTRACE("CMND_TIMEOUT ");
+			    LEXRETURN(CMND_TIMEOUT);
+			}
+	YY_BREAK
+case 47:
+YY_RULE_SETUP
+#line 532 "toke.l"
+{
+			    LEXTRACE("NOTBEFORE ");
+			    LEXRETURN(NOTBEFORE);
+			}
+	YY_BREAK
+case 48:
+YY_RULE_SETUP
+#line 537 "toke.l"
+{
+			    LEXTRACE("NOTAFTER ");
+			    LEXRETURN(NOTAFTER);
+			}
+	YY_BREAK
+case 49:
+YY_RULE_SETUP
+#line 542 "toke.l"
+{
+#ifdef HAVE_SELINUX
+			    LEXTRACE("ROLE ");
+			    LEXRETURN(ROLE);
+#else
+			    goto got_alias;
+#endif
+			}
+	YY_BREAK
+case 50:
+YY_RULE_SETUP
+#line 551 "toke.l"
+{
+#ifdef HAVE_SELINUX
+			    LEXTRACE("TYPE ");
+			    LEXRETURN(TYPE);
+#else
+			    goto got_alias;
+#endif
+			}
+	YY_BREAK
+case 51:
+YY_RULE_SETUP
+#line 559 "toke.l"
+{
+#ifdef HAVE_PRIV_SET
+			    LEXTRACE("PRIVS ");
+			    LEXRETURN(PRIVS);
+#else
+			    goto got_alias;
+#endif
+			}
+	YY_BREAK
+case 52:
+YY_RULE_SETUP
+#line 568 "toke.l"
+{
+#ifdef HAVE_PRIV_SET
+			    LEXTRACE("LIMITPRIVS ");
+			    LEXRETURN(LIMITPRIVS);
+#else
+			    goto got_alias;
+#endif
+			}
+	YY_BREAK
+case 53:
+YY_RULE_SETUP
+#line 577 "toke.l"
+{
+			got_alias:
+			    if (!fill(sudoerstext, sudoersleng))
+				yyterminate();
+			    LEXTRACE("ALIAS ");
+			    LEXRETURN(ALIAS);
+			}
+	YY_BREAK
+case 54:
+YY_RULE_SETUP
+#line 585 "toke.l"
+{
+			    /* XXX - no way to specify digest for command */
+			    /* no command args allowed for Defaults!/path */
+			    if (!fill_cmnd(sudoerstext, sudoersleng))
+				yyterminate();
+			    LEXTRACE("COMMAND ");
+			    LEXRETURN(COMMAND);
+			}
+	YY_BREAK
+case 55:
+YY_RULE_SETUP
+#line 594 "toke.l"
+{
+			    digest_type = SUDO_DIGEST_SHA224;
+			    BEGIN WANTDIGEST;
+			    LEXTRACE("SHA224_TOK ");
+			    LEXRETURN(SHA224_TOK);
+			}
+	YY_BREAK
+case 56:
+YY_RULE_SETUP
+#line 601 "toke.l"
+{
+			    digest_type = SUDO_DIGEST_SHA256;
+			    BEGIN WANTDIGEST;
+			    LEXTRACE("SHA256_TOK ");
+			    LEXRETURN(SHA256_TOK);
+			}
+	YY_BREAK
+case 57:
+YY_RULE_SETUP
+#line 608 "toke.l"
+{
+			    digest_type = SUDO_DIGEST_SHA384;
+			    BEGIN WANTDIGEST;
+			    LEXTRACE("SHA384_TOK ");
+			    LEXRETURN(SHA384_TOK);
+			}
+	YY_BREAK
+case 58:
+YY_RULE_SETUP
+#line 615 "toke.l"
+{
+			    digest_type = SUDO_DIGEST_SHA512;
+			    BEGIN WANTDIGEST;
+			    LEXTRACE("SHA512_TOK ");
+			    LEXRETURN(SHA512_TOK);
+			}
+	YY_BREAK
+case 59:
+YY_RULE_SETUP
+#line 622 "toke.l"
+{
+			    BEGIN GOTCMND;
+			    LEXTRACE("COMMAND ");
+			    if (!fill_cmnd(sudoerstext, sudoersleng))
+				yyterminate();
+			}			/* sudo -e */
+	YY_BREAK
+case 60:
+YY_RULE_SETUP
+#line 629 "toke.l"
+{
+			    /* directories can't have args... */
+			    if (sudoerstext[sudoersleng - 1] == '/') {
+				LEXTRACE("COMMAND ");
+				if (!fill_cmnd(sudoerstext, sudoersleng))
+				    yyterminate();
+				LEXRETURN(COMMAND);
+			    } else {
+				BEGIN GOTCMND;
+				LEXTRACE("COMMAND ");
+				if (!fill_cmnd(sudoerstext, sudoersleng))
+				    yyterminate();
+			    }
+			}			/* a pathname */
+	YY_BREAK
+case 61:
+YY_RULE_SETUP
+#line 644 "toke.l"
+{
+			    LEXTRACE("BEGINSTR ");
+			    sudoerslval.string = NULL;
+			    prev_state = YY_START;
+			    BEGIN INSTR;
+			}
+	YY_BREAK
+case 62:
+YY_RULE_SETUP
+#line 651 "toke.l"
+{
+			    /* a word */
+			    if (!fill(sudoerstext, sudoersleng))
+				yyterminate();
+			    LEXTRACE("WORD(5) ");
+			    LEXRETURN(WORD);
+			}
+	YY_BREAK
+case 63:
+YY_RULE_SETUP
+#line 659 "toke.l"
+{
+			    LEXTRACE("( ");
+			    LEXRETURN('(');
+			}
+	YY_BREAK
+case 64:
+YY_RULE_SETUP
+#line 664 "toke.l"
+{
+			    LEXTRACE(") ");
+			    LEXRETURN(')');
+			}
+	YY_BREAK
+case 65:
+YY_RULE_SETUP
+#line 669 "toke.l"
+{
+			    LEXTRACE(", ");
+			    LEXRETURN(',');
+			}			/* return ',' */
+	YY_BREAK
+case 66:
+YY_RULE_SETUP
+#line 674 "toke.l"
+{
+			    LEXTRACE("= ");
+			    LEXRETURN('=');
+			}			/* return '=' */
+	YY_BREAK
+case 67:
+YY_RULE_SETUP
+#line 679 "toke.l"
+{
+			    LEXTRACE(": ");
+			    LEXRETURN(':');
+			}			/* return ':' */
+	YY_BREAK
+case 68:
+YY_RULE_SETUP
+#line 684 "toke.l"
+{
+			    if (sudoersleng & 1) {
+				LEXTRACE("!");
+				LEXRETURN('!');	/* return '!' */
+			    }
+			}
+	YY_BREAK
+case 69:
+/* rule 69 can match eol */
+YY_RULE_SETUP
+#line 691 "toke.l"
+{
+			    if (YY_START == INSTR) {
+				LEXTRACE("ERROR ");
+				LEXRETURN(ERROR);	/* line break in string */
+			    }
+			    BEGIN INITIAL;
+			    sudolineno++;
+			    continued = false;
+			    LEXTRACE("\n");
+			    LEXRETURN(COMMENT);
+			}			/* return newline */
+	YY_BREAK
+case 70:
+YY_RULE_SETUP
+#line 703 "toke.l"
+{			/* throw away space/tabs */
+			    sawspace = true;	/* but remember for fill_args */
+			}
+	YY_BREAK
+case 71:
+/* rule 71 can match eol */
+YY_RULE_SETUP
+#line 707 "toke.l"
+{
+			    sawspace = true;	/* remember for fill_args */
+			    sudolineno++;
+			    continued = true;
+			}			/* throw away EOL after \ */
+	YY_BREAK
+case 72:
+/* rule 72 can match eol */
+YY_RULE_SETUP
+#line 713 "toke.l"
+{
+			    if (sudoerstext[sudoersleng - 1] == '\n') {
+				/* comment ending in a newline */
+				BEGIN INITIAL;
+				sudolineno++;
+				continued = false;
+			    } else if (!feof(sudoersin)) {
+				LEXTRACE("ERROR ");
+				LEXRETURN(ERROR);
+			    }
+			    LEXTRACE("#\n");
+			    LEXRETURN(COMMENT);
+			}			/* comment, not uid/gid */
+	YY_BREAK
+case 73:
+YY_RULE_SETUP
+#line 727 "toke.l"
+{
+			    LEXTRACE("ERROR ");
+			    LEXRETURN(ERROR);
+			}	/* parse error */
+	YY_BREAK
+case YY_STATE_EOF(INITIAL):
+case YY_STATE_EOF(GOTDEFS):
+case YY_STATE_EOF(GOTCMND):
+case YY_STATE_EOF(STARTDEFS):
+case YY_STATE_EOF(INDEFS):
+case YY_STATE_EOF(INSTR):
+case YY_STATE_EOF(WANTDIGEST):
+#line 732 "toke.l"
+{
+			    if (YY_START != INITIAL) {
+			    	BEGIN INITIAL;
+				LEXTRACE("ERROR ");
+				LEXRETURN(ERROR);
+			    }
+			    if (!pop_include())
+				yyterminate();
+			}
+	YY_BREAK
+case 74:
+YY_RULE_SETUP
+#line 742 "toke.l"
+ECHO;
+	YY_BREAK
+#line 3277 "toke.c"
+
+	case YY_END_OF_BUFFER:
+		{
+		/* Amount of text matched not including the EOB char. */
+		int yy_amount_of_matched_text = (int) (yy_cp - (yytext_ptr)) - 1;
+
+		/* Undo the effects of YY_DO_BEFORE_ACTION. */
+		*yy_cp = (yy_hold_char);
+		YY_RESTORE_YY_MORE_OFFSET
+
+		if ( YY_CURRENT_BUFFER_LVALUE->yy_buffer_status == YY_BUFFER_NEW )
+			{
+			/* We're scanning a new file or input source.  It's
+			 * possible that this happened because the user
+			 * just pointed sudoersin at a new source and called
+			 * sudoerslex().  If so, then we have to assure
+			 * consistency between YY_CURRENT_BUFFER and our
+			 * globals.  Here is the right place to do so, because
+			 * this is the first action (other than possibly a
+			 * back-up) that will match for the new input source.
+			 */
+			(yy_n_chars) = YY_CURRENT_BUFFER_LVALUE->yy_n_chars;
+			YY_CURRENT_BUFFER_LVALUE->yy_input_file = sudoersin;
+			YY_CURRENT_BUFFER_LVALUE->yy_buffer_status = YY_BUFFER_NORMAL;
+			}
+
+		/* Note that here we test for yy_c_buf_p "<=" to the position
+		 * of the first EOB in the buffer, since yy_c_buf_p will
+		 * already have been incremented past the NUL character
+		 * (since all states make transitions on EOB to the
+		 * end-of-buffer state).  Contrast this with the test
+		 * in input().
+		 */
+		if ( (yy_c_buf_p) <= &YY_CURRENT_BUFFER_LVALUE->yy_ch_buf[(yy_n_chars)] )
+			{ /* This was really a NUL. */
+			yy_state_type yy_next_state;
+
+			(yy_c_buf_p) = (yytext_ptr) + yy_amount_of_matched_text;
+
+			yy_current_state = yy_get_previous_state(  );
+
+			/* Okay, we're now positioned to make the NUL
+			 * transition.  We couldn't have
+			 * yy_get_previous_state() go ahead and do it
+			 * for us because it doesn't know how to deal
+			 * with the possibility of jamming (and we don't
+			 * want to build jamming into it because then it
+			 * will run more slowly).
+			 */
+
+			yy_next_state = yy_try_NUL_trans( yy_current_state );
+
+			yy_bp = (yytext_ptr) + YY_MORE_ADJ;
+
+			if ( yy_next_state )
+				{
+				/* Consume the NUL. */
+				yy_cp = ++(yy_c_buf_p);
+				yy_current_state = yy_next_state;
+				goto yy_match;
+				}
+
+			else
+				{
+				yy_cp = (yy_c_buf_p);
+				goto yy_find_action;
+				}
+			}
+
+		else switch ( yy_get_next_buffer(  ) )
+			{
+			case EOB_ACT_END_OF_FILE:
+				{
+				(yy_did_buffer_switch_on_eof) = 0;
+
+				if ( sudoerswrap( ) )
+					{
+					/* Note: because we've taken care in
+					 * yy_get_next_buffer() to have set up
+					 * sudoerstext, we can now set up
+					 * yy_c_buf_p so that if some total
+					 * hoser (like flex itself) wants to
+					 * call the scanner after we return the
+					 * YY_NULL, it'll still work - another
+					 * YY_NULL will get returned.
+					 */
+					(yy_c_buf_p) = (yytext_ptr) + YY_MORE_ADJ;
+
+					yy_act = YY_STATE_EOF(YY_START);
+					goto do_action;
+					}
+
+				else
+					{
+					if ( ! (yy_did_buffer_switch_on_eof) )
+						YY_NEW_FILE;
+					}
+				break;
+				}
+
+			case EOB_ACT_CONTINUE_SCAN:
+				(yy_c_buf_p) =
+					(yytext_ptr) + yy_amount_of_matched_text;
+
+				yy_current_state = yy_get_previous_state(  );
+
+				yy_cp = (yy_c_buf_p);
+				yy_bp = (yytext_ptr) + YY_MORE_ADJ;
+				goto yy_match;
+
+			case EOB_ACT_LAST_MATCH:
+				(yy_c_buf_p) =
+				&YY_CURRENT_BUFFER_LVALUE->yy_ch_buf[(yy_n_chars)];
+
+				yy_current_state = yy_get_previous_state(  );
+
+				yy_cp = (yy_c_buf_p);
+				yy_bp = (yytext_ptr) + YY_MORE_ADJ;
+				goto yy_find_action;
+			}
+		break;
+		}
+
+	default:
+		YY_FATAL_ERROR(
+			"fatal flex scanner internal error--no action found" );
+	} /* end of action switch */
+		} /* end of scanning one token */
+	} /* end of user's declarations */
+} /* end of sudoerslex */
+
+/* yy_get_next_buffer - try to read in a new buffer
+ *
+ * Returns a code representing an action:
+ *	EOB_ACT_LAST_MATCH -
+ *	EOB_ACT_CONTINUE_SCAN - continue scanning from current position
+ *	EOB_ACT_END_OF_FILE - end of file
+ */
+static int yy_get_next_buffer (void)
+{
+    	char *dest = YY_CURRENT_BUFFER_LVALUE->yy_ch_buf;
+	char *source = (yytext_ptr);
+	int number_to_move, i;
+	int ret_val;
+
+	if ( (yy_c_buf_p) > &YY_CURRENT_BUFFER_LVALUE->yy_ch_buf[(yy_n_chars) + 1] )
+		YY_FATAL_ERROR(
+		"fatal flex scanner internal error--end of buffer missed" );
+
+	if ( YY_CURRENT_BUFFER_LVALUE->yy_fill_buffer == 0 )
+		{ /* Don't try to fill the buffer, so this is an EOF. */
+		if ( (yy_c_buf_p) - (yytext_ptr) - YY_MORE_ADJ == 1 )
+			{
+			/* We matched a single character, the EOB, so
+			 * treat this as a final EOF.
+			 */
+			return EOB_ACT_END_OF_FILE;
+			}
+
+		else
+			{
+			/* We matched some text prior to the EOB, first
+			 * process it.
+			 */
+			return EOB_ACT_LAST_MATCH;
+			}
+		}
+
+	/* Try to read more data. */
+
+	/* First move last chars to start of buffer. */
+	number_to_move = (int) ((yy_c_buf_p) - (yytext_ptr)) - 1;
+
+	for ( i = 0; i < number_to_move; ++i )
+		*(dest++) = *(source++);
+
+	if ( YY_CURRENT_BUFFER_LVALUE->yy_buffer_status == YY_BUFFER_EOF_PENDING )
+		/* don't do the read, it's not guaranteed to return an EOF,
+		 * just force an EOF
+		 */
+		YY_CURRENT_BUFFER_LVALUE->yy_n_chars = (yy_n_chars) = 0;
+
+	else
+		{
+			yy_size_t num_to_read =
+			YY_CURRENT_BUFFER_LVALUE->yy_buf_size - number_to_move - 1;
+
+		while ( num_to_read <= 0 )
+			{ /* Not enough room in the buffer - grow it. */
+
+			/* just a shorter name for the current buffer */
+			YY_BUFFER_STATE b = YY_CURRENT_BUFFER_LVALUE;
+
+			int yy_c_buf_p_offset =
+				(int) ((yy_c_buf_p) - b->yy_ch_buf);
+
+			if ( b->yy_is_our_buffer )
+				{
+				yy_size_t new_size = b->yy_buf_size * 2;
+
+				if ( new_size <= 0 )
+					b->yy_buf_size += b->yy_buf_size / 8;
+				else
+					b->yy_buf_size *= 2;
+
+				b->yy_ch_buf = (char *)
+					/* Include room in for 2 EOB chars. */
+					sudoersrealloc((void *) b->yy_ch_buf,b->yy_buf_size + 2  );
+				}
+			else
+				/* Can't grow it, we don't own it. */
+				b->yy_ch_buf = 0;
+
+			if ( ! b->yy_ch_buf )
+				YY_FATAL_ERROR(
+				"fatal error - scanner input buffer overflow" );
+
+			(yy_c_buf_p) = &b->yy_ch_buf[yy_c_buf_p_offset];
+
+			num_to_read = YY_CURRENT_BUFFER_LVALUE->yy_buf_size -
+						number_to_move - 1;
+
+			}
+
+		if ( num_to_read > YY_READ_BUF_SIZE )
+			num_to_read = YY_READ_BUF_SIZE;
+
+		/* Read in more data. */
+		YY_INPUT( (&YY_CURRENT_BUFFER_LVALUE->yy_ch_buf[number_to_move]),
+			(yy_n_chars), num_to_read );
+
+		YY_CURRENT_BUFFER_LVALUE->yy_n_chars = (yy_n_chars);
+		}
+
+	if ( (yy_n_chars) == 0 )
+		{
+		if ( number_to_move == YY_MORE_ADJ )
+			{
+			ret_val = EOB_ACT_END_OF_FILE;
+			sudoersrestart(sudoersin  );
+			}
+
+		else
+			{
+			ret_val = EOB_ACT_LAST_MATCH;
+			YY_CURRENT_BUFFER_LVALUE->yy_buffer_status =
+				YY_BUFFER_EOF_PENDING;
+			}
+		}
+
+	else
+		ret_val = EOB_ACT_CONTINUE_SCAN;
+
+	if ((yy_size_t) ((yy_n_chars) + number_to_move) > YY_CURRENT_BUFFER_LVALUE->yy_buf_size) {
+		/* Extend the array by 50%, plus the number we really need. */
+		yy_size_t new_size = (yy_n_chars) + number_to_move + ((yy_n_chars) >> 1);
+		YY_CURRENT_BUFFER_LVALUE->yy_ch_buf = (char *) sudoersrealloc((void *) YY_CURRENT_BUFFER_LVALUE->yy_ch_buf,new_size  );
+		if ( ! YY_CURRENT_BUFFER_LVALUE->yy_ch_buf )
+			YY_FATAL_ERROR( "out of dynamic memory in yy_get_next_buffer()" );
+		/* "- 2" to take care of EOB's */
+		YY_CURRENT_BUFFER_LVALUE->yy_buf_size = (int) (new_size - 2);
+	}
+
+	(yy_n_chars) += number_to_move;
+	YY_CURRENT_BUFFER_LVALUE->yy_ch_buf[(yy_n_chars)] = YY_END_OF_BUFFER_CHAR;
+	YY_CURRENT_BUFFER_LVALUE->yy_ch_buf[(yy_n_chars) + 1] = YY_END_OF_BUFFER_CHAR;
+
+	(yytext_ptr) = &YY_CURRENT_BUFFER_LVALUE->yy_ch_buf[0];
+
+	return ret_val;
+}
+
+/* yy_get_previous_state - get the state just before the EOB char was reached */
+
+    static yy_state_type yy_get_previous_state (void)
+{
+	yy_state_type yy_current_state;
+	char *yy_cp;
+    
+	yy_current_state = (yy_start);
+	yy_current_state += YY_AT_BOL();
+
+	for ( yy_cp = (yytext_ptr) + YY_MORE_ADJ; yy_cp < (yy_c_buf_p); ++yy_cp )
+		{
+		YY_CHAR yy_c = (*yy_cp ? yy_ec[YY_SC_TO_UI(*yy_cp)] : 1);
+		if ( yy_accept[yy_current_state] )
+			{
+			(yy_last_accepting_state) = yy_current_state;
+			(yy_last_accepting_cpos) = yy_cp;
+			}
+		while ( yy_chk[yy_base[yy_current_state] + yy_c] != yy_current_state )
+			{
+			yy_current_state = (int) yy_def[yy_current_state];
+			if ( yy_current_state >= 882 )
+				yy_c = yy_meta[(unsigned int) yy_c];
+			}
+		yy_current_state = yy_nxt[yy_base[yy_current_state] + (unsigned int) yy_c];
+		}
+
+	return yy_current_state;
+}
+
+/* yy_try_NUL_trans - try to make a transition on the NUL character
+ *
+ * synopsis
+ *	next_state = yy_try_NUL_trans( current_state );
+ */
+    static yy_state_type yy_try_NUL_trans  (yy_state_type yy_current_state )
+{
+	int yy_is_jam;
+    	char *yy_cp = (yy_c_buf_p);
+
+	YY_CHAR yy_c = 1;
+	if ( yy_accept[yy_current_state] )
+		{
+		(yy_last_accepting_state) = yy_current_state;
+		(yy_last_accepting_cpos) = yy_cp;
+		}
+	while ( yy_chk[yy_base[yy_current_state] + yy_c] != yy_current_state )
+		{
+		yy_current_state = (int) yy_def[yy_current_state];
+		if ( yy_current_state >= 882 )
+			yy_c = yy_meta[(unsigned int) yy_c];
+		}
+	yy_current_state = yy_nxt[yy_base[yy_current_state] + (unsigned int) yy_c];
+	yy_is_jam = (yy_current_state == 881);
+
+		return yy_is_jam ? 0 : yy_current_state;
+}
+
+#ifndef YY_NO_INPUT
+#ifdef __cplusplus
+    static int yyinput (void)
+#else
+    static int input  (void)
+#endif
+
+{
+	int c;
+    
+	*(yy_c_buf_p) = (yy_hold_char);
+
+	if ( *(yy_c_buf_p) == YY_END_OF_BUFFER_CHAR )
+		{
+		/* yy_c_buf_p now points to the character we want to return.
+		 * If this occurs *before* the EOB characters, then it's a
+		 * valid NUL; if not, then we've hit the end of the buffer.
+		 */
+		if ( (yy_c_buf_p) < &YY_CURRENT_BUFFER_LVALUE->yy_ch_buf[(yy_n_chars)] )
+			/* This was really a NUL. */
+			*(yy_c_buf_p) = '\0';
+
+		else
+			{ /* need more input */
+			yy_size_t offset = (yy_c_buf_p) - (yytext_ptr);
+			++(yy_c_buf_p);
+
+			switch ( yy_get_next_buffer(  ) )
+				{
+				case EOB_ACT_LAST_MATCH:
+					/* This happens because yy_g_n_b()
+					 * sees that we've accumulated a
+					 * token and flags that we need to
+					 * try matching the token before
+					 * proceeding.  But for input(),
+					 * there's no matching to consider.
+					 * So convert the EOB_ACT_LAST_MATCH
+					 * to EOB_ACT_END_OF_FILE.
+					 */
+
+					/* Reset buffer status. */
+					sudoersrestart(sudoersin );
+
+					/*FALLTHROUGH*/
+
+				case EOB_ACT_END_OF_FILE:
+					{
+					if ( sudoerswrap( ) )
+						return EOF;
+
+					if ( ! (yy_did_buffer_switch_on_eof) )
+						YY_NEW_FILE;
+#ifdef __cplusplus
+					return yyinput();
+#else
+					return input();
+#endif
+					}
+
+				case EOB_ACT_CONTINUE_SCAN:
+					(yy_c_buf_p) = (yytext_ptr) + offset;
+					break;
+				}
+			}
+		}
+
+	c = *(unsigned char *) (yy_c_buf_p);	/* cast for 8-bit char's */
+	*(yy_c_buf_p) = '\0';	/* preserve sudoerstext */
+	(yy_hold_char) = *++(yy_c_buf_p);
+
+	YY_CURRENT_BUFFER_LVALUE->yy_at_bol = (c == '\n');
+
+	return c;
+}
+#endif	/* ifndef YY_NO_INPUT */
+
+/** Immediately switch to a different input stream.
+ * @param input_file A readable stream.
+ * 
+ * @note This function does not reset the start condition to @c INITIAL .
+ */
+    void sudoersrestart  (FILE * input_file )
+{
+    
+	if ( ! YY_CURRENT_BUFFER ){
+        sudoersensure_buffer_stack ();
+		YY_CURRENT_BUFFER_LVALUE =
+            sudoers_create_buffer(sudoersin,YY_BUF_SIZE );
+	}
+
+	sudoers_init_buffer(YY_CURRENT_BUFFER,input_file );
+	sudoers_load_buffer_state( );
+}
+
+/** Switch to a different input buffer.
+ * @param new_buffer The new input buffer.
+ * 
+ */
+    void sudoers_switch_to_buffer  (YY_BUFFER_STATE  new_buffer )
+{
+    
+	/* TODO. We should be able to replace this entire function body
+	 * with
+	 *		sudoerspop_buffer_state();
+	 *		sudoerspush_buffer_state(new_buffer);
+     */
+	sudoersensure_buffer_stack ();
+	if ( YY_CURRENT_BUFFER == new_buffer )
+		return;
+
+	if ( YY_CURRENT_BUFFER )
+		{
+		/* Flush out information for old buffer. */
+		*(yy_c_buf_p) = (yy_hold_char);
+		YY_CURRENT_BUFFER_LVALUE->yy_buf_pos = (yy_c_buf_p);
+		YY_CURRENT_BUFFER_LVALUE->yy_n_chars = (yy_n_chars);
+		}
+
+	YY_CURRENT_BUFFER_LVALUE = new_buffer;
+	sudoers_load_buffer_state( );
+
+	/* We don't actually know whether we did this switch during
+	 * EOF (sudoerswrap()) processing, but the only time this flag
+	 * is looked at is after sudoerswrap() is called, so it's safe
+	 * to go ahead and always set it.
+	 */
+	(yy_did_buffer_switch_on_eof) = 1;
+}
+
+static void sudoers_load_buffer_state  (void)
+{
+    	(yy_n_chars) = YY_CURRENT_BUFFER_LVALUE->yy_n_chars;
+	(yytext_ptr) = (yy_c_buf_p) = YY_CURRENT_BUFFER_LVALUE->yy_buf_pos;
+	sudoersin = YY_CURRENT_BUFFER_LVALUE->yy_input_file;
+	(yy_hold_char) = *(yy_c_buf_p);
+}
+
+/** Allocate and initialize an input buffer state.
+ * @param file A readable stream.
+ * @param size The character buffer size in bytes. When in doubt, use @c YY_BUF_SIZE.
+ * 
+ * @return the allocated buffer state.
+ */
+    YY_BUFFER_STATE sudoers_create_buffer  (FILE * file, int  size )
+{
+	YY_BUFFER_STATE b;
+    
+	b = (YY_BUFFER_STATE) sudoersalloc(sizeof( struct yy_buffer_state )  );
+	if ( ! b )
+		YY_FATAL_ERROR( "out of dynamic memory in sudoers_create_buffer()" );
+
+	b->yy_buf_size = size;
+
+	/* yy_ch_buf has to be 2 characters longer than the size given because
+	 * we need to put in 2 end-of-buffer characters.
+	 */
+	b->yy_ch_buf = (char *) sudoersalloc(b->yy_buf_size + 2  );
+	if ( ! b->yy_ch_buf )
+		YY_FATAL_ERROR( "out of dynamic memory in sudoers_create_buffer()" );
+
+	b->yy_is_our_buffer = 1;
+
+	sudoers_init_buffer(b,file );
+
+	return b;
+}
+
+/** Destroy the buffer.
+ * @param b a buffer created with sudoers_create_buffer()
+ * 
+ */
+    void sudoers_delete_buffer (YY_BUFFER_STATE  b )
+{
+    
+	if ( ! b )
+		return;
+
+	if ( b == YY_CURRENT_BUFFER ) /* Not sure if we should pop here. */
+		YY_CURRENT_BUFFER_LVALUE = (YY_BUFFER_STATE) 0;
+
+	if ( b->yy_is_our_buffer )
+		sudoersfree((void *) b->yy_ch_buf  );
+
+	sudoersfree((void *) b  );
+}
+
+/* Initializes or reinitializes a buffer.
+ * This function is sometimes called more than once on the same buffer,
+ * such as during a sudoersrestart() or at EOF.
+ */
+    static void sudoers_init_buffer  (YY_BUFFER_STATE  b, FILE * file )
+
+{
+	int oerrno = errno;
+    
+	sudoers_flush_buffer(b );
+
+	b->yy_input_file = file;
+	b->yy_fill_buffer = 1;
+
+    /* If b is the current buffer, then sudoers_init_buffer was _probably_
+     * called from sudoersrestart() or through yy_get_next_buffer.
+     * In that case, we don't want to reset the lineno or column.
+     */
+    if (b != YY_CURRENT_BUFFER){
+        b->yy_bs_lineno = 1;
+        b->yy_bs_column = 0;
+    }
+
+        b->yy_is_interactive = file ? (isatty( fileno(file) ) > 0) : 0;
+    
+	errno = oerrno;
+}
+
+/** Discard all buffered characters. On the next scan, YY_INPUT will be called.
+ * @param b the buffer state to be flushed, usually @c YY_CURRENT_BUFFER.
+ * 
+ */
+    void sudoers_flush_buffer (YY_BUFFER_STATE  b )
+{
+    	if ( ! b )
+		return;
+
+	b->yy_n_chars = 0;
+
+	/* We always need two end-of-buffer characters.  The first causes
+	 * a transition to the end-of-buffer state.  The second causes
+	 * a jam in that state.
+	 */
+	b->yy_ch_buf[0] = YY_END_OF_BUFFER_CHAR;
+	b->yy_ch_buf[1] = YY_END_OF_BUFFER_CHAR;
+
+	b->yy_buf_pos = &b->yy_ch_buf[0];
+
+	b->yy_at_bol = 1;
+	b->yy_buffer_status = YY_BUFFER_NEW;
+
+	if ( b == YY_CURRENT_BUFFER )
+		sudoers_load_buffer_state( );
+}
+
+/** Pushes the new state onto the stack. The new state becomes
+ *  the current state. This function will allocate the stack
+ *  if necessary.
+ *  @param new_buffer The new state.
+ *  
+ */
+void sudoerspush_buffer_state (YY_BUFFER_STATE new_buffer )
+{
+    	if (new_buffer == NULL)
+		return;
+
+	sudoersensure_buffer_stack();
+
+	/* This block is copied from sudoers_switch_to_buffer. */
+	if ( YY_CURRENT_BUFFER )
+		{
+		/* Flush out information for old buffer. */
+		*(yy_c_buf_p) = (yy_hold_char);
+		YY_CURRENT_BUFFER_LVALUE->yy_buf_pos = (yy_c_buf_p);
+		YY_CURRENT_BUFFER_LVALUE->yy_n_chars = (yy_n_chars);
+		}
+
+	/* Only push if top exists. Otherwise, replace top. */
+	if (YY_CURRENT_BUFFER)
+		(yy_buffer_stack_top)++;
+	YY_CURRENT_BUFFER_LVALUE = new_buffer;
+
+	/* copied from sudoers_switch_to_buffer. */
+	sudoers_load_buffer_state( );
+	(yy_did_buffer_switch_on_eof) = 1;
+}
+
+/** Removes and deletes the top of the stack, if present.
+ *  The next element becomes the new top.
+ *  
+ */
+void sudoerspop_buffer_state (void)
+{
+    	if (!YY_CURRENT_BUFFER)
+		return;
+
+	sudoers_delete_buffer(YY_CURRENT_BUFFER );
+	YY_CURRENT_BUFFER_LVALUE = NULL;
+	if ((yy_buffer_stack_top) > 0)
+		--(yy_buffer_stack_top);
+
+	if (YY_CURRENT_BUFFER) {
+		sudoers_load_buffer_state( );
+		(yy_did_buffer_switch_on_eof) = 1;
+	}
+}
+
+/* Allocates the stack if it does not exist.
+ *  Guarantees space for at least one push.
+ */
+static void sudoersensure_buffer_stack (void)
+{
+	yy_size_t num_to_alloc;
+    
+	if (!(yy_buffer_stack)) {
+
+		/* First allocation is just for 2 elements, since we don't know if this
+		 * scanner will even need a stack. We use 2 instead of 1 to avoid an
+		 * immediate realloc on the next call.
+         */
+		num_to_alloc = 1;
+		(yy_buffer_stack) = (struct yy_buffer_state**)sudoersalloc
+								(num_to_alloc * sizeof(struct yy_buffer_state*)
+								);
+		if ( ! (yy_buffer_stack) )
+			YY_FATAL_ERROR( "out of dynamic memory in sudoersensure_buffer_stack()" );
+								  
+		memset((yy_buffer_stack), 0, num_to_alloc * sizeof(struct yy_buffer_state*));
+				
+		(yy_buffer_stack_max) = num_to_alloc;
+		(yy_buffer_stack_top) = 0;
+		return;
+	}
+
+	if ((yy_buffer_stack_top) >= ((yy_buffer_stack_max)) - 1){
+
+		/* Increase the buffer to prepare for a possible push. */
+		int grow_size = 8 /* arbitrary grow size */;
+
+		num_to_alloc = (yy_buffer_stack_max) + grow_size;
+		(yy_buffer_stack) = (struct yy_buffer_state**)sudoersrealloc
+								((yy_buffer_stack),
+								num_to_alloc * sizeof(struct yy_buffer_state*)
+								);
+		if ( ! (yy_buffer_stack) )
+			YY_FATAL_ERROR( "out of dynamic memory in sudoersensure_buffer_stack()" );
+
+		/* zero only the new slots.*/
+		memset((yy_buffer_stack) + (yy_buffer_stack_max), 0, grow_size * sizeof(struct yy_buffer_state*));
+		(yy_buffer_stack_max) = num_to_alloc;
+	}
+}
+
+/** Setup the input buffer state to scan directly from a user-specified character buffer.
+ * @param base the character buffer
+ * @param size the size in bytes of the character buffer
+ * 
+ * @return the newly allocated buffer state object. 
+ */
+YY_BUFFER_STATE sudoers_scan_buffer  (char * base, yy_size_t  size )
+{
+	YY_BUFFER_STATE b;
+    
+	if ( size < 2 ||
+	     base[size-2] != YY_END_OF_BUFFER_CHAR ||
+	     base[size-1] != YY_END_OF_BUFFER_CHAR )
+		/* They forgot to leave room for the EOB's. */
+		return 0;
+
+	b = (YY_BUFFER_STATE) sudoersalloc(sizeof( struct yy_buffer_state )  );
+	if ( ! b )
+		YY_FATAL_ERROR( "out of dynamic memory in sudoers_scan_buffer()" );
+
+	b->yy_buf_size = size - 2;	/* "- 2" to take care of EOB's */
+	b->yy_buf_pos = b->yy_ch_buf = base;
+	b->yy_is_our_buffer = 0;
+	b->yy_input_file = 0;
+	b->yy_n_chars = b->yy_buf_size;
+	b->yy_is_interactive = 0;
+	b->yy_at_bol = 1;
+	b->yy_fill_buffer = 0;
+	b->yy_buffer_status = YY_BUFFER_NEW;
+
+	sudoers_switch_to_buffer(b  );
+
+	return b;
+}
+
+/** Setup the input buffer state to scan a string. The next call to sudoerslex() will
+ * scan from a @e copy of @a str.
+ * @param yystr a NUL-terminated string to scan
+ * 
+ * @return the newly allocated buffer state object.
+ * @note If you want to scan bytes that may contain NUL values, then use
+ *       sudoers_scan_bytes() instead.
+ */
+YY_BUFFER_STATE sudoers_scan_string (yyconst char * yystr )
+{
+    
+	return sudoers_scan_bytes(yystr,strlen(yystr) );
+}
+
+/** Setup the input buffer state to scan the given bytes. The next call to sudoerslex() will
+ * scan from a @e copy of @a bytes.
+ * @param yybytes the byte buffer to scan
+ * @param _yybytes_len the number of bytes in the buffer pointed to by @a bytes.
+ * 
+ * @return the newly allocated buffer state object.
+ */
+YY_BUFFER_STATE sudoers_scan_bytes  (yyconst char * yybytes, yy_size_t  _yybytes_len )
+{
+	YY_BUFFER_STATE b;
+	char *buf;
+	yy_size_t n;
+	yy_size_t i;
+    
+	/* Get memory for full buffer, including space for trailing EOB's. */
+	n = _yybytes_len + 2;
+	buf = (char *) sudoersalloc(n  );
+	if ( ! buf )
+		YY_FATAL_ERROR( "out of dynamic memory in sudoers_scan_bytes()" );
+
+	for ( i = 0; i < _yybytes_len; ++i )
+		buf[i] = yybytes[i];
+
+	buf[_yybytes_len] = buf[_yybytes_len+1] = YY_END_OF_BUFFER_CHAR;
+
+	b = sudoers_scan_buffer(buf,n );
+	if ( ! b )
+		YY_FATAL_ERROR( "bad buffer in sudoers_scan_bytes()" );
+
+	/* It's okay to grow etc. this buffer, and we should throw it
+	 * away when we're done.
+	 */
+	b->yy_is_our_buffer = 1;
+
+	return b;
+}
+
+#ifndef YY_EXIT_FAILURE
+#define YY_EXIT_FAILURE 2
+#endif
+
+static void yy_fatal_error (yyconst char* msg )
+{
+    	(void) fprintf( stderr, "%s\n", msg );
+	exit( YY_EXIT_FAILURE );
+}
+
+/* Redefine yyless() so it works in section 3 code. */
+
+#undef yyless
+#define yyless(n) \
+	do \
+		{ \
+		/* Undo effects of setting up sudoerstext. */ \
+        int yyless_macro_arg = (n); \
+        YY_LESS_LINENO(yyless_macro_arg);\
+		sudoerstext[sudoersleng] = (yy_hold_char); \
+		(yy_c_buf_p) = sudoerstext + yyless_macro_arg; \
+		(yy_hold_char) = *(yy_c_buf_p); \
+		*(yy_c_buf_p) = '\0'; \
+		sudoersleng = yyless_macro_arg; \
+		} \
+	while ( 0 )
+
+/* Accessor  methods (get/set functions) to struct members. */
+
+/** Get the current line number.
+ * 
+ */
+int sudoersget_lineno  (void)
+{
+        
+    return sudoerslineno;
+}
+
+/** Get the input stream.
+ * 
+ */
+FILE *sudoersget_in  (void)
+{
+        return sudoersin;
+}
+
+/** Get the output stream.
+ * 
+ */
+FILE *sudoersget_out  (void)
+{
+        return sudoersout;
+}
+
+/** Get the length of the current token.
+ * 
+ */
+yy_size_t sudoersget_leng  (void)
+{
+        return sudoersleng;
+}
+
+/** Get the current token.
+ * 
+ */
+
+char *sudoersget_text  (void)
+{
+        return sudoerstext;
+}
+
+/** Set the current line number.
+ * @param line_number
+ * 
+ */
+void sudoersset_lineno (int  line_number )
+{
+    
+    sudoerslineno = line_number;
+}
+
+/** Set the input stream. This does not discard the current
+ * input buffer.
+ * @param in_str A readable stream.
+ * 
+ * @see sudoers_switch_to_buffer
+ */
+void sudoersset_in (FILE *  in_str )
+{
+        sudoersin = in_str ;
+}
+
+void sudoersset_out (FILE *  out_str )
+{
+        sudoersout = out_str ;
+}
+
+int sudoersget_debug  (void)
+{
+        return sudoers_flex_debug;
+}
+
+void sudoersset_debug (int  bdebug )
+{
+        sudoers_flex_debug = bdebug ;
+}
+
+static int yy_init_globals (void)
+{
+        /* Initialization is the same as for the non-reentrant scanner.
+     * This function is called from sudoerslex_destroy(), so don't allocate here.
+     */
+
+    (yy_buffer_stack) = 0;
+    (yy_buffer_stack_top) = 0;
+    (yy_buffer_stack_max) = 0;
+    (yy_c_buf_p) = (char *) 0;
+    (yy_init) = 0;
+    (yy_start) = 0;
+
+/* Defined in main.c */
+#ifdef YY_STDINIT
+    sudoersin = stdin;
+    sudoersout = stdout;
+#else
+    sudoersin = (FILE *) 0;
+    sudoersout = (FILE *) 0;
+#endif
+
+    /* For future reference: Set errno on error, since we are called by
+     * sudoerslex_init()
+     */
+    return 0;
+}
+
+/* sudoerslex_destroy is for both reentrant and non-reentrant scanners. */
+int sudoerslex_destroy  (void)
+{
+    
+    /* Pop the buffer stack, destroying each element. */
+	while(YY_CURRENT_BUFFER){
+		sudoers_delete_buffer(YY_CURRENT_BUFFER  );
+		YY_CURRENT_BUFFER_LVALUE = NULL;
+		sudoerspop_buffer_state();
+	}
+
+	/* Destroy the stack itself. */
+	sudoersfree((yy_buffer_stack) );
+	(yy_buffer_stack) = NULL;
+
+    /* Reset the globals. This is important in a non-reentrant scanner so the next time
+     * sudoerslex() is called, initialization will occur. */
+    yy_init_globals( );
+
+    return 0;
+}
+
+/*
+ * Internal utility routines.
+ */
+
+#ifndef yytext_ptr
+static void yy_flex_strncpy (char* s1, yyconst char * s2, int n )
+{
+	int i;
+	for ( i = 0; i < n; ++i )
+		s1[i] = s2[i];
+}
+#endif
+
+#ifdef YY_NEED_STRLEN
+static int yy_flex_strlen (yyconst char * s )
+{
+	int n;
+	for ( n = 0; s[n]; ++n )
+		;
+
+	return n;
+}
+#endif
+
+void *sudoersalloc (yy_size_t  size )
+{
+	return (void *) malloc( size );
+}
+
+void *sudoersrealloc  (void * ptr, yy_size_t  size )
+{
+	/* The cast to (char *) in the following accommodates both
+	 * implementations that use char* generic pointers, and those
+	 * that use void* generic pointers.  It works with the latter
+	 * because both ANSI C and C++ allow castless assignment from
+	 * any pointer type to void*, and deal with argument conversions
+	 * as though doing an assignment.
+	 */
+	return (void *) realloc( (char *) ptr, size );
+}
+
+void sudoersfree (void * ptr )
+{
+	free( (char *) ptr );	/* see sudoersrealloc() for (char *) cast */
+}
+
+#define YYTABLES_NAME "yytables"
+
+#line 742 "toke.l"
+
+
+struct path_list {
+    SLIST_ENTRY(path_list) entries;
+    char *path;
+};
+
+SLIST_HEAD(path_list_head, path_list);
+
+struct include_stack {
+    YY_BUFFER_STATE bs;
+    char *path;
+    struct path_list_head more; /* more files in case of includedir */
+    int lineno;
+    bool keepopen;
+};
+
+/*
+ * Compare two struct path_list structs in reverse order.
+ */
+static int
+pl_compare(const void *v1, const void *v2)
+{
+    const struct path_list * const *p1 = v1;
+    const struct path_list * const *p2 = v2;
+
+    return strcmp((*p2)->path, (*p1)->path);
+}
+
+/*
+ * Open dirpath and fill in pathsp with an array of regular files
+ * that do not end in '~' or contain a '.'.
+ * Returns the number of files or -1 on error.
+ * If zero files are found, NULL is stored in pathsp.
+ */
+static int
+read_dir_files(const char *dirpath, struct path_list ***pathsp)
+{
+    DIR *dir;
+    int i, count = 0;
+    int max_paths = 32;
+    struct dirent *dent;
+    struct path_list **paths = NULL;
+    debug_decl(read_dir_files, SUDOERS_DEBUG_PARSER)
+
+    dir = opendir(dirpath);
+    if (dir == NULL) {
+	if (errno == ENOENT)
+	    goto done;
+	sudo_warn("%s", dirpath);
+	goto bad;
+    }
+    paths = reallocarray(NULL, max_paths, sizeof(*paths));
+    if (paths == NULL)
+	goto oom;
+    while ((dent = readdir(dir)) != NULL) {
+	struct path_list *pl;
+	struct stat sb;
+	size_t len;
+	char *path;
+
+	/* Ignore files that end in '~' or have a '.' in them. */
+	if (dent->d_name[0] == '\0' || dent->d_name[NAMLEN(dent) - 1] == '~'
+	    || strchr(dent->d_name, '.') != NULL) {
+	    continue;
+	}
+	len = strlen(dirpath) + 1 + NAMLEN(dent);
+	if ((path = rcstr_alloc(len)) == NULL)
+	    goto oom;
+	(void)snprintf(path, len + 1, "%s/%s", dirpath, dent->d_name);
+	if (stat(path, &sb) != 0 || !S_ISREG(sb.st_mode)) {
+	    rcstr_delref(path);
+	    continue;
+	}
+	pl = malloc(sizeof(*pl));
+	if (pl == NULL) {
+	    rcstr_delref(path);
+	    goto oom;
+	}
+	pl->path = path;
+	if (count >= max_paths) {
+	    struct path_list **tmp;
+	    max_paths <<= 1;
+	    tmp = reallocarray(paths, max_paths, sizeof(*paths));
+	    if (tmp == NULL) {
+		rcstr_delref(path);
+		free(pl);
+		goto oom;
+	    }
+	    paths = tmp;
+	}
+	paths[count++] = pl;
+    }
+    closedir(dir);
+    if (count == 0) {
+	free(paths);
+	paths = NULL;
+    }
+done:
+    *pathsp = paths;
+    debug_return_int(count);
+oom:
+    sudo_warnx(U_("%s: %s"), __func__, U_("unable to allocate memory"));
+bad:
+    sudoerserror(NULL);
+    if (dir != NULL)
+	closedir(dir);
+    for (i = 0; i < count; i++) {
+	rcstr_delref(paths[i]->path);
+	free(paths[i]);
+    }
+    free(paths);
+    debug_return_int(-1);
+}
+
+/*
+ * Push a list of all files in dirpath onto stack.
+ * Returns the number of files or -1 on error.
+ */
+static int
+switch_dir(struct include_stack *stack, char *dirpath)
+{
+    struct path_list **paths = NULL;
+    int count, i;
+    debug_decl(switch_dir, SUDOERS_DEBUG_PARSER)
+
+    count = read_dir_files(dirpath, &paths);
+    if (count > 0) {
+	/* Sort the list as an array in reverse order. */
+	qsort(paths, count, sizeof(*paths), pl_compare);
+
+	/* Build up the list in sorted order. */
+	for (i = 0; i < count; i++) {
+	    SLIST_INSERT_HEAD(&stack->more, paths[i], entries);
+	}
+	free(paths);
+    }
+
+    debug_return_int(count);
+}
+
+#define MAX_SUDOERS_DEPTH	128
+#define SUDOERS_STACK_INCREMENT	16
+
+static size_t istacksize, idepth;
+static struct include_stack *istack;
+static bool keepopen;
+
+void
+init_lexer(void)
+{
+    struct path_list *pl;
+    debug_decl(init_lexer, SUDOERS_DEBUG_PARSER)
+
+    while (idepth) {
+	idepth--;
+	while ((pl = SLIST_FIRST(&istack[idepth].more)) != NULL) {
+	    SLIST_REMOVE_HEAD(&istack[idepth].more, entries);
+	    rcstr_delref(pl->path);
+	    free(pl);
+	}
+	rcstr_delref(istack[idepth].path);
+	if (idepth && !istack[idepth].keepopen)
+	    fclose(istack[idepth].bs->yy_input_file);
+	sudoers_delete_buffer(istack[idepth].bs);
+    }
+    free(istack);
+    istack = NULL;
+    istacksize = idepth = 0;
+    sudolineno = 1;
+    keepopen = false;
+    sawspace = false;
+    continued = false;
+    digest_type = -1;
+    prev_state = INITIAL;
+
+    debug_return;
+}
+
+/*
+ * Open an include file (or file from a directory), push the old
+ * sudoers file buffer and switch to the new one.
+ * A missing or insecure include dir is simply ignored.
+ * Returns false on error, else true.
+ */
+static bool
+push_include_int(char *path, bool isdir)
+{
+    struct path_list *pl;
+    FILE *fp;
+    debug_decl(push_include_int, SUDOERS_DEBUG_PARSER)
+
+    /* push current state onto stack */
+    if (idepth >= istacksize) {
+	struct include_stack *new_istack;
+
+	if (idepth > MAX_SUDOERS_DEPTH) {
+	    sudoerserror(N_("too many levels of includes"));
+	    debug_return_bool(false);
+	}
+	istacksize += SUDOERS_STACK_INCREMENT;
+	new_istack = reallocarray(istack, istacksize, sizeof(*istack));
+	if (new_istack == NULL) {
+	    sudo_warnx(U_("%s: %s"), __func__, U_("unable to allocate memory"));
+	    sudoerserror(NULL);
+	    debug_return_bool(false);
+	}
+	istack = new_istack;
+    }
+    SLIST_INIT(&istack[idepth].more);
+    if (isdir) {
+	struct stat sb;
+	int count, status;
+
+	status = sudo_secure_dir(path, sudoers_uid, sudoers_gid, &sb);
+	if (status != SUDO_PATH_SECURE) {
+	    if (sudoers_warnings) {
+		switch (status) {
+		case SUDO_PATH_BAD_TYPE:
+		    errno = ENOTDIR;
+		    sudo_warn("%s", path);
+		    break;
+		case SUDO_PATH_WRONG_OWNER:
+		    sudo_warnx(U_("%s is owned by uid %u, should be %u"),   
+			path, (unsigned int) sb.st_uid,
+			(unsigned int) sudoers_uid);
+		    break;
+		case SUDO_PATH_WORLD_WRITABLE:
+		    sudo_warnx(U_("%s is world writable"), path);
+		    break;
+		case SUDO_PATH_GROUP_WRITABLE:
+		    sudo_warnx(U_("%s is owned by gid %u, should be %u"),
+			path, (unsigned int) sb.st_gid,
+			(unsigned int) sudoers_gid);
+		    break;
+		default:
+		    break;
+		}
+	    }
+	    /* A missing or insecure include dir is not a fatal error. */
+	    debug_return_bool(true);
+	}
+	count = switch_dir(&istack[idepth], path);
+	if (count <= 0) {
+	    /* switch_dir() called sudoerserror() for us */
+	    rcstr_delref(path);
+	    debug_return_bool(count ? false : true);
+	}
+
+	/* Parse the first dir entry we can open, leave the rest for later. */
+	do {
+	    rcstr_delref(path);
+	    if ((pl = SLIST_FIRST(&istack[idepth].more)) == NULL) {
+		/* Unable to open any files in include dir, not an error. */
+		debug_return_bool(true);
+	    }
+	    SLIST_REMOVE_HEAD(&istack[idepth].more, entries);
+	    path = pl->path;
+	    free(pl);
+	} while ((fp = open_sudoers(path, false, &keepopen)) == NULL);
+    } else {
+	if ((fp = open_sudoers(path, true, &keepopen)) == NULL) {
+	    /* The error was already printed by open_sudoers() */
+	    sudoerserror(NULL);
+	    debug_return_bool(false);
+	}
+    }
+    /* Push the old (current) file and open the new one. */
+    istack[idepth].path = sudoers; /* push old path (and its ref) */
+    istack[idepth].bs = YY_CURRENT_BUFFER;
+    istack[idepth].lineno = sudolineno;
+    istack[idepth].keepopen = keepopen;
+    idepth++;
+    sudolineno = 1;
+    sudoers = path;
+    sudoers_switch_to_buffer(sudoers_create_buffer(fp, YY_BUF_SIZE));
+
+    debug_return_bool(true);
+}
+
+/*
+ * Restore the previous sudoers file and buffer, or, in the case
+ * of an includedir, switch to the next file in the dir.
+ * Returns false if there is nothing to pop, else true.
+ */
+static bool
+pop_include(void)
+{
+    struct path_list *pl;
+    FILE *fp;
+    debug_decl(pop_include, SUDOERS_DEBUG_PARSER)
+
+    if (idepth == 0 || YY_CURRENT_BUFFER == NULL)
+	debug_return_bool(false);
+
+    if (!keepopen)
+	fclose(YY_CURRENT_BUFFER->yy_input_file);
+    sudoers_delete_buffer(YY_CURRENT_BUFFER);
+    /* If we are in an include dir, move to the next file. */
+    while ((pl = SLIST_FIRST(&istack[idepth - 1].more)) != NULL) {
+	SLIST_REMOVE_HEAD(&istack[idepth - 1].more, entries);
+	fp = open_sudoers(pl->path, false, &keepopen);
+	if (fp != NULL) {
+	    rcstr_delref(sudoers);
+	    sudoers = pl->path;
+	    sudolineno = 1;
+	    sudoers_switch_to_buffer(sudoers_create_buffer(fp, YY_BUF_SIZE));
+	    free(pl);
+	    break;
+	}
+	/* Unable to open path in include dir, go to next one. */
+	rcstr_delref(pl->path);
+	free(pl);
+    }
+    /* If no path list, just pop the last dir on the stack. */
+    if (pl == NULL) {
+	idepth--;
+	sudoers_switch_to_buffer(istack[idepth].bs);
+	rcstr_delref(sudoers);
+	sudoers = istack[idepth].path;
+	sudolineno = istack[idepth].lineno;
+	keepopen = istack[idepth].keepopen;
+    }
+    debug_return_bool(true);
+}
+
+static char *
+parse_include_int(const char *base, bool isdir)
+{
+    const char *cp, *ep;
+    char *path, *pp;
+    int dirlen = 0, len = 0, subst = 0;
+    size_t shost_len = 0;
+    debug_decl(parse_include, SUDOERS_DEBUG_PARSER)
+
+    /* Pull out path from #include line. */
+    cp = base + (isdir ? sizeof("#includedir") : sizeof("#include"));
+    while (isblank((unsigned char) *cp))
+	cp++;
+    ep = cp;
+    while (*ep != '\0' && !isspace((unsigned char) *ep)) {
+	if (ep[0] == '%' && ep[1] == 'h') {
+	    shost_len = strlen(user_shost);
+	    len += shost_len - 2;
+	    subst = 1;
+	}
+	ep++;
+    }
+
+    /* Relative paths are located in the same dir as the sudoers file. */
+    if (*cp != '/') {
+	char *dirend = strrchr(sudoers, '/');
+	if (dirend != NULL)
+	    dirlen = (int)(dirend - sudoers) + 1;
+    }
+
+    /* Make a copy of the fully-qualified path and return it. */
+    len += (int)(ep - cp);
+    path = pp = rcstr_alloc(len + dirlen);
+    if (path == NULL) {
+	sudo_warnx(U_("%s: %s"), __func__, U_("unable to allocate memory"));
+	sudoerserror(NULL);
+	debug_return_str(NULL);
+    }
+    if (dirlen) {
+	memcpy(path, sudoers, dirlen);
+	pp += dirlen;
+    }
+    if (subst) {
+	/* substitute for %h */
+	while (cp < ep) {
+	    if (cp[0] == '%' && cp[1] == 'h') {
+		memcpy(pp, user_shost, shost_len);
+		pp += shost_len;
+		cp += 2;
+		continue;
+	    }
+	    *pp++ = *cp++;
+	}
+	*pp = '\0';
+    } else {
+	memcpy(pp, cp, len);
+	pp[len] = '\0';
+    }
+
+    /* Push any excess characters (e.g. comment, newline) back to the lexer */
+    if (*ep != '\0')
+	yyless((int)(ep - base));
+
+    debug_return_str(path);
+}
+
+#ifdef TRACELEXER
+int
+sudoers_trace_print(const char *msg)
+{
+    return fputs(msg, stderr);
+}
+#else
+int
+sudoers_trace_print(const char *msg)
+{
+    static bool initialized;
+    static struct sudo_lbuf lbuf;
+
+    if (!initialized) {
+	initialized = true;
+	sudo_lbuf_init(&lbuf, NULL, 0, NULL, 0);
+    }
+
+    sudo_lbuf_append(&lbuf, "%s", msg);
+    /* XXX - assumes a final newline */
+    if (strchr(msg, '\n') != NULL)
+    {
+	sudo_debug_printf2(NULL, NULL, 0, SUDOERS_DEBUG_PARSER|SUDO_DEBUG_DEBUG,
+	    "%s:%d %s", sudoers, sudolineno, lbuf.buf);
+	lbuf.len = 0;
+    }
+    return 0;
+}
+#endif /* TRACELEXER */
+
diff --git a/plugins/sudoers/toke.h b/plugins/sudoers/toke.h
new file mode 100644
index 0000000..6c75840
--- /dev/null
+++ b/plugins/sudoers/toke.h
@@ -0,0 +1,39 @@
+/*
+ * Copyright (c) 2011-2013, 2015-2016 Todd C. Miller <Todd.Miller@sudo.ws>
+ *
+ * Permission to use, copy, modify, and distribute this software for any
+ * purpose with or without fee is hereby granted, provided that the above
+ * copyright notice and this permission notice appear in all copies.
+ *
+ * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
+ * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
+ * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
+ * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
+ * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
+ * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
+ * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
+ */
+
+#ifndef SUDOERS_TOKE_H
+#define SUDOERS_TOKE_H
+
+bool append(const char *, size_t);
+bool fill_args(const char *, size_t, int);
+bool fill_cmnd(const char *, size_t);
+bool fill_txt(const char *, size_t, size_t);
+bool ipv6_valid(const char *s);
+int sudoers_trace_print(const char *msg);
+void sudoerserror(const char *);
+
+#ifndef FLEX_SCANNER
+extern int (*trace_print)(const char *msg);
+#endif
+
+#define fill(a, b)	fill_txt(a, b, 0)
+
+#define LEXTRACE(msg)   do {						\
+    if (trace_print != NULL)						\
+	(*trace_print)(msg);						\
+} while (0);
+
+#endif /* SUDOERS_TOKE_H */
diff --git a/plugins/sudoers/toke.l b/plugins/sudoers/toke.l
new file mode 100644
index 0000000..d275a26
--- /dev/null
+++ b/plugins/sudoers/toke.l
@@ -0,0 +1,1161 @@
+%{
+/*
+ * Copyright (c) 1996, 1998-2005, 2007-2017
+ *	Todd C. Miller <Todd.Miller@sudo.ws>
+ *
+ * Permission to use, copy, modify, and distribute this software for any
+ * purpose with or without fee is hereby granted, provided that the above
+ * copyright notice and this permission notice appear in all copies.
+ *
+ * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
+ * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
+ * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
+ * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
+ * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
+ * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
+ * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
+ *
+ * Sponsored in part by the Defense Advanced Research Projects
+ * Agency (DARPA) and Air Force Research Laboratory, Air Force
+ * Materiel Command, USAF, under agreement number F39502-99-1-0512.
+ */
+
+#include <config.h>
+
+#include <sys/types.h>
+#include <sys/stat.h>
+#include <stdio.h>
+#include <stdlib.h>
+#ifdef HAVE_STRING_H
+# include <string.h>
+#endif /* HAVE_STRING_H */
+#ifdef HAVE_STRINGS_H
+# include <strings.h>
+#endif /* HAVE_STRINGS_H */
+#if defined(HAVE_STDINT_H)
+# include <stdint.h>
+#elif defined(HAVE_INTTYPES_H)
+# include <inttypes.h>
+#endif
+#include <unistd.h>
+#include <dirent.h>
+#include <errno.h>
+#include <ctype.h>
+#include "sudoers.h"
+#include "toke.h"
+#include <gram.h>
+#include "sudo_digest.h"
+#include "sudo_lbuf.h"
+
+#if defined(HAVE_STRUCT_DIRENT_D_NAMLEN) && HAVE_STRUCT_DIRENT_D_NAMLEN
+# define NAMLEN(dirent)	(dirent)->d_namlen
+#else
+# define NAMLEN(dirent)	strlen((dirent)->d_name)
+#endif
+
+int sudolineno;			/* current sudoers line number. */
+int last_token;			/* last token that was parsed. */
+char *sudoers;			/* sudoers file being parsed. */
+
+/* Default sudoers path, mode and owner (may be set via sudo.conf) */
+const char *sudoers_file = _PATH_SUDOERS;
+mode_t sudoers_mode = SUDOERS_MODE;
+uid_t sudoers_uid = SUDOERS_UID;
+gid_t sudoers_gid = SUDOERS_GID;
+
+static bool continued, sawspace;
+static int prev_state;
+static int digest_type = -1;
+
+static bool push_include_int(char *, bool);
+static bool pop_include(void);
+static char *parse_include_int(const char *, bool);
+
+int (*trace_print)(const char *msg) = sudoers_trace_print;
+
+#define LEXRETURN(n)	do {	\
+	last_token = (n);	\
+	return (n);		\
+} while (0)
+
+#define ECHO	ignore_result(fwrite(sudoerstext, sudoersleng, 1, sudoersout))
+
+#define	parse_include(_p)	(parse_include_int((_p), false))
+#define	parse_includedir(_p)	(parse_include_int((_p), true))
+#define	push_include(_p)	(push_include_int((_p), false))
+#define	push_includedir(_p)	(push_include_int((_p), true))
+%}
+
+HEX16			[0-9A-Fa-f]{1,4}
+OCTET			(1?[0-9]{1,2})|(2[0-4][0-9])|(25[0-5])
+IPV4ADDR		{OCTET}(\.{OCTET}){3}
+IPV6ADDR		({HEX16}?:){2,7}{HEX16}?|({HEX16}?:){2,6}:{IPV4ADDR}
+
+HOSTNAME		[[:alnum:]_-]+
+WORD			([^#>!=:,\(\) \t\n\\\"]|\\[^\n])+
+ID			#-?[0-9]+
+PATH			\/(\\[\,:= \t#]|[^\,:=\\ \t\n#])+
+ENVAR			([^#!=, \t\n\\\"]|\\[^\n])([^#=, \t\n\\\"]|\\[^\n])*
+DEFVAR			[a-z_]+
+
+%option noinput
+%option nounput
+%option noyywrap
+%option prefix="sudoers"
+
+%s	GOTDEFS
+%x	GOTCMND
+%x	STARTDEFS
+%x	INDEFS
+%x	INSTR
+%s	WANTDIGEST
+
+%%
+<GOTDEFS>[[:blank:]]*,[[:blank:]]* {
+			    LEXTRACE(", ");
+			    LEXRETURN(',');
+			}			/* return ',' */
+
+<GOTDEFS>[[:blank:]]+	BEGIN STARTDEFS;
+
+<STARTDEFS>{DEFVAR}	{
+			    BEGIN INDEFS;
+			    LEXTRACE("DEFVAR ");
+			    if (!fill(sudoerstext, sudoersleng))
+				yyterminate();
+			    LEXRETURN(DEFVAR);
+			}
+
+<INDEFS>{
+    ,			{
+			    BEGIN STARTDEFS;
+			    LEXTRACE(", ");
+			    LEXRETURN(',');
+			}			/* return ',' */
+
+    =			{
+			    LEXTRACE("= ");
+			    LEXRETURN('=');
+			}			/* return '=' */
+
+    \+=			{
+			    LEXTRACE("+= ");
+			    LEXRETURN('+');
+			}			/* return '+' */
+
+    -=			{
+			    LEXTRACE("-= ");
+			    LEXRETURN('-');
+			}			/* return '-' */
+
+    \"			{
+			    LEXTRACE("BEGINSTR ");
+			    sudoerslval.string = NULL;
+			    prev_state = YY_START;
+			    BEGIN INSTR;
+			}
+
+    {ENVAR}		{
+			    LEXTRACE("WORD(2) ");
+			    if (!fill(sudoerstext, sudoersleng))
+				yyterminate();
+			    LEXRETURN(WORD);
+			}
+}
+
+<INSTR>{
+    \\[[:blank:]]*\n[[:blank:]]*	{
+			    /* Line continuation char followed by newline. */
+			    sudolineno++;
+			    continued = true;
+			}
+
+    \"			{
+			    LEXTRACE("ENDSTR ");
+			    BEGIN prev_state;
+
+			    if (sudoerslval.string == NULL) {
+				LEXTRACE("ERROR "); /* empty string */
+				LEXRETURN(ERROR);
+			    }
+			    if (prev_state == INITIAL) {
+				switch (sudoerslval.string[0]) {
+				case '%':
+				    if (sudoerslval.string[1] == '\0' ||
+					(sudoerslval.string[1] == ':' &&
+					sudoerslval.string[2] == '\0')) {
+					LEXTRACE("ERROR "); /* empty group */
+					LEXRETURN(ERROR);
+				    }
+				    LEXTRACE("USERGROUP ");
+				    LEXRETURN(USERGROUP);
+				case '+':
+				    if (sudoerslval.string[1] == '\0') {
+					LEXTRACE("ERROR "); /* empty netgroup */
+					LEXRETURN(ERROR);
+				    }
+				    LEXTRACE("NETGROUP ");
+				    LEXRETURN(NETGROUP);
+				}
+			    }
+			    LEXTRACE("WORD(4) ");
+			    LEXRETURN(WORD);
+			}
+
+    \\			{
+			    LEXTRACE("BACKSLASH ");
+			    if (!append(sudoerstext, sudoersleng))
+				yyterminate();
+			}
+
+    ([^\"\n\\]|\\\")+	{
+			    LEXTRACE("STRBODY ");
+			    if (!append(sudoerstext, sudoersleng))
+				yyterminate();
+			}
+}
+
+<GOTCMND>{
+    \\[\*\?\[\]\!]	{
+			    /* quoted fnmatch glob char, pass verbatim */
+			    LEXTRACE("QUOTEDCHAR ");
+			    if (!fill_args(sudoerstext, 2, sawspace))
+				yyterminate();
+			    sawspace = false;
+			}
+
+    \\[:\\,= \t#]	{
+			    /* quoted sudoers special char, strip backslash */
+			    LEXTRACE("QUOTEDCHAR ");
+			    if (!fill_args(sudoerstext + 1, 1, sawspace))
+				yyterminate();
+			    sawspace = false;
+			}
+
+    [#:\,=\n]		{
+			    BEGIN INITIAL;
+			    yyless(0);
+			    LEXRETURN(COMMAND);
+			}			/* end of command line args */
+
+    [^#\\:, \t\n]+ 	{
+			    LEXTRACE("ARG ");
+			    if (!fill_args(sudoerstext, sudoersleng, sawspace))
+				yyterminate();
+			    sawspace = false;
+			}			/* a command line arg */
+}
+
+<WANTDIGEST>[[:xdigit:]]+ {
+			    /* Only return DIGEST if the length is correct. */
+			    yy_size_t digest_len =
+				sudo_digest_getlen(digest_type);
+			    if ((yy_size_t)sudoersleng == digest_len * 2) {
+				if (!fill(sudoerstext, sudoersleng))
+				    yyterminate();
+				BEGIN INITIAL;
+				LEXTRACE("DIGEST ");
+				LEXRETURN(DIGEST);
+			    }
+			    BEGIN INITIAL;
+			    yyless(sudoersleng);
+			} /* hex digest */
+
+<WANTDIGEST>[A-Za-z0-9\+/=]+ {
+			    /* Only return DIGEST if the length is correct. */
+			    yy_size_t len, digest_len =
+				sudo_digest_getlen(digest_type);
+			    if (sudoerstext[sudoersleng - 1] == '=') {
+				/* use padding */
+				len = 4 * ((digest_len + 2) / 3);
+			    } else {
+				/* no padding */
+				len = (4 * digest_len + 2) / 3;
+			    }
+			    if ((yy_size_t)sudoersleng == len) {
+				if (!fill(sudoerstext, sudoersleng))
+				    yyterminate();
+				BEGIN INITIAL;
+				LEXTRACE("DIGEST ");
+				LEXRETURN(DIGEST);
+			    }
+			    BEGIN INITIAL;
+			    yyless(sudoersleng);
+			} /* base64 digest */
+
+<INITIAL>^#include[[:blank:]]+.*\n {
+			    char *path;
+
+			    if (continued) {
+				LEXTRACE("ERROR ");
+				LEXRETURN(ERROR);
+			    }
+
+			    if ((path = parse_include(sudoerstext)) == NULL)
+				yyterminate();
+
+			    LEXTRACE("INCLUDE\n");
+
+			    /* Push current buffer and switch to include file */
+			    if (!push_include(path))
+				yyterminate();
+			}
+
+<INITIAL>^#includedir[[:blank:]]+.*\n {
+			    char *path;
+
+			    if (continued) {
+				LEXTRACE("ERROR ");
+				LEXRETURN(ERROR);
+			    }
+
+			    if ((path = parse_includedir(sudoerstext)) == NULL)
+				yyterminate();
+
+			    LEXTRACE("INCLUDEDIR\n");
+
+			    /*
+			     * Push current buffer and switch to include file,
+			     * ignoring missing or empty directories.
+			     */
+			    if (!push_includedir(path))
+				yyterminate();
+			}
+
+<INITIAL>^[[:blank:]]*Defaults([:@>\!][[:blank:]]*\!*\"?({ID}|{WORD}))? {
+			    char deftype;
+			    int n;
+
+			    if (continued) {
+				LEXTRACE("ERROR ");
+				LEXRETURN(ERROR);
+			    }
+
+			    for (n = 0; isblank((unsigned char)sudoerstext[n]); n++)
+				continue;
+			    n += sizeof("Defaults") - 1;
+			    if ((deftype = sudoerstext[n++]) != '\0') {
+				while (isblank((unsigned char)sudoerstext[n]))
+				    n++;
+			    }
+			    BEGIN GOTDEFS;
+			    switch (deftype) {
+				case ':':
+				    yyless(n);
+				    LEXTRACE("DEFAULTS_USER ");
+				    LEXRETURN(DEFAULTS_USER);
+				case '>':
+				    yyless(n);
+				    LEXTRACE("DEFAULTS_RUNAS ");
+				    LEXRETURN(DEFAULTS_RUNAS);
+				case '@':
+				    yyless(n);
+				    LEXTRACE("DEFAULTS_HOST ");
+				    LEXRETURN(DEFAULTS_HOST);
+				case '!':
+				    yyless(n);
+				    LEXTRACE("DEFAULTS_CMND ");
+				    LEXRETURN(DEFAULTS_CMND);
+				default:
+				    LEXTRACE("DEFAULTS ");
+				    LEXRETURN(DEFAULTS);
+			    }
+			}
+
+<INITIAL>^[[:blank:]]*(Host|Cmnd|User|Runas)_Alias	{
+			    int n;
+
+			    if (continued) {
+				LEXTRACE("ERROR ");
+				LEXRETURN(ERROR);
+			    }
+
+			    for (n = 0; isblank((unsigned char)sudoerstext[n]); n++)
+				continue;
+			    switch (sudoerstext[n]) {
+				case 'H':
+				    LEXTRACE("HOSTALIAS ");
+				    LEXRETURN(HOSTALIAS);
+				case 'C':
+				    LEXTRACE("CMNDALIAS ");
+				    LEXRETURN(CMNDALIAS);
+				case 'U':
+				    LEXTRACE("USERALIAS ");
+				    LEXRETURN(USERALIAS);
+				case 'R':
+				    LEXTRACE("RUNASALIAS ");
+				    LEXRETURN(RUNASALIAS);
+			    }
+			}
+
+NOPASSWD[[:blank:]]*:	{
+				/* cmnd does not require passwd for this user */
+			    	LEXTRACE("NOPASSWD ");
+			    	LEXRETURN(NOPASSWD);
+			}
+
+PASSWD[[:blank:]]*:	{
+				/* cmnd requires passwd for this user */
+			    	LEXTRACE("PASSWD ");
+			    	LEXRETURN(PASSWD);
+			}
+
+NOEXEC[[:blank:]]*:	{
+			    	LEXTRACE("NOEXEC ");
+			    	LEXRETURN(NOEXEC);
+			}
+
+EXEC[[:blank:]]*:	{
+			    	LEXTRACE("EXEC ");
+			    	LEXRETURN(EXEC);
+			}
+
+SETENV[[:blank:]]*:	{
+			    	LEXTRACE("SETENV ");
+			    	LEXRETURN(SETENV);
+			}
+
+NOSETENV[[:blank:]]*:	{
+			    	LEXTRACE("NOSETENV ");
+			    	LEXRETURN(NOSETENV);
+			}
+
+LOG_OUTPUT[[:blank:]]*:	{
+			    	LEXTRACE("LOG_OUTPUT ");
+			    	LEXRETURN(LOG_OUTPUT);
+			}
+
+NOLOG_OUTPUT[[:blank:]]*:	{
+			    	LEXTRACE("NOLOG_OUTPUT ");
+			    	LEXRETURN(NOLOG_OUTPUT);
+			}
+
+LOG_INPUT[[:blank:]]*:	{
+			    	LEXTRACE("LOG_INPUT ");
+			    	LEXRETURN(LOG_INPUT);
+			}
+
+NOLOG_INPUT[[:blank:]]*:	{
+			    	LEXTRACE("NOLOG_INPUT ");
+			    	LEXRETURN(NOLOG_INPUT);
+			}
+
+MAIL[[:blank:]]*:	{
+			    	LEXTRACE("MAIL ");
+			    	LEXRETURN(MAIL);
+			}
+
+NOMAIL[[:blank:]]*:	{
+			    	LEXTRACE("NOMAIL ");
+			    	LEXRETURN(NOMAIL);
+			}
+
+FOLLOW[[:blank:]]*:	{
+			    	LEXTRACE("FOLLOW ");
+			    	LEXRETURN(FOLLOW);
+			}
+
+NOFOLLOW[[:blank:]]*:	{
+			    	LEXTRACE("NOFOLLOW ");
+			    	LEXRETURN(NOFOLLOW);
+			}
+
+<INITIAL,GOTDEFS>(\+|\%|\%:) {
+			    /* empty group or netgroup */
+			    LEXTRACE("ERROR ");
+			    LEXRETURN(ERROR);
+			}
+
+\+{WORD}		{
+			    /* netgroup */
+			    if (!fill(sudoerstext, sudoersleng))
+				yyterminate();
+			    LEXTRACE("NETGROUP ");
+			    LEXRETURN(NETGROUP);
+			}
+
+\%:?({WORD}|{ID})	{
+			    /* group */
+			    if (!fill(sudoerstext, sudoersleng))
+				yyterminate();
+			    LEXTRACE("USERGROUP ");
+			    LEXRETURN(USERGROUP);
+			}
+
+{IPV4ADDR}(\/{IPV4ADDR})? {
+			    if (!fill(sudoerstext, sudoersleng))
+				yyterminate();
+			    LEXTRACE("NTWKADDR ");
+			    LEXRETURN(NTWKADDR);
+			}
+
+{IPV4ADDR}\/([12]?[0-9]|3[0-2]) {
+			    if (!fill(sudoerstext, sudoersleng))
+				yyterminate();
+			    LEXTRACE("NTWKADDR ");
+			    LEXRETURN(NTWKADDR);
+			}
+
+{IPV6ADDR}(\/{IPV6ADDR})? {
+			    if (!ipv6_valid(sudoerstext)) {
+				LEXTRACE("ERROR ");
+				LEXRETURN(ERROR);
+			    }
+			    if (!fill(sudoerstext, sudoersleng))
+				yyterminate();
+			    LEXTRACE("NTWKADDR ");
+			    LEXRETURN(NTWKADDR);
+			}
+
+{IPV6ADDR}\/([0-9]|[1-9][0-9]|1[01][0-9]|12[0-8]) {
+			    if (!ipv6_valid(sudoerstext)) {
+				LEXTRACE("ERROR ");
+				LEXRETURN(ERROR);
+			    }
+			    if (!fill(sudoerstext, sudoersleng))
+				yyterminate();
+			    LEXTRACE("NTWKADDR ");
+			    LEXRETURN(NTWKADDR);
+			}
+
+ALL {
+			    LEXTRACE("ALL ");
+			    LEXRETURN(ALL);
+
+			}
+
+<INITIAL>TIMEOUT {
+			    LEXTRACE("CMND_TIMEOUT ");
+			    LEXRETURN(CMND_TIMEOUT);
+			}
+
+<INITIAL>NOTBEFORE {
+			    LEXTRACE("NOTBEFORE ");
+			    LEXRETURN(NOTBEFORE);
+			}
+
+<INITIAL>NOTAFTER {
+			    LEXTRACE("NOTAFTER ");
+			    LEXRETURN(NOTAFTER);
+			}
+
+<INITIAL>ROLE {
+#ifdef HAVE_SELINUX
+			    LEXTRACE("ROLE ");
+			    LEXRETURN(ROLE);
+#else
+			    goto got_alias;
+#endif
+			}
+
+<INITIAL>TYPE {
+#ifdef HAVE_SELINUX
+			    LEXTRACE("TYPE ");
+			    LEXRETURN(TYPE);
+#else
+			    goto got_alias;
+#endif
+			}
+<INITIAL>PRIVS {
+#ifdef HAVE_PRIV_SET
+			    LEXTRACE("PRIVS ");
+			    LEXRETURN(PRIVS);
+#else
+			    goto got_alias;
+#endif
+			}
+
+<INITIAL>LIMITPRIVS {
+#ifdef HAVE_PRIV_SET
+			    LEXTRACE("LIMITPRIVS ");
+			    LEXRETURN(LIMITPRIVS);
+#else
+			    goto got_alias;
+#endif
+			}
+
+[[:upper:]][[:upper:][:digit:]_]* {
+			got_alias:
+			    if (!fill(sudoerstext, sudoersleng))
+				yyterminate();
+			    LEXTRACE("ALIAS ");
+			    LEXRETURN(ALIAS);
+			}
+
+<GOTDEFS>({PATH}|sudoedit) {
+			    /* XXX - no way to specify digest for command */
+			    /* no command args allowed for Defaults!/path */
+			    if (!fill_cmnd(sudoerstext, sudoersleng))
+				yyterminate();
+			    LEXTRACE("COMMAND ");
+			    LEXRETURN(COMMAND);
+			}
+
+sha224			{
+			    digest_type = SUDO_DIGEST_SHA224;
+			    BEGIN WANTDIGEST;
+			    LEXTRACE("SHA224_TOK ");
+			    LEXRETURN(SHA224_TOK);
+			}
+
+sha256			{
+			    digest_type = SUDO_DIGEST_SHA256;
+			    BEGIN WANTDIGEST;
+			    LEXTRACE("SHA256_TOK ");
+			    LEXRETURN(SHA256_TOK);
+			}
+
+sha384			{
+			    digest_type = SUDO_DIGEST_SHA384;
+			    BEGIN WANTDIGEST;
+			    LEXTRACE("SHA384_TOK ");
+			    LEXRETURN(SHA384_TOK);
+			}
+
+sha512			{
+			    digest_type = SUDO_DIGEST_SHA512;
+			    BEGIN WANTDIGEST;
+			    LEXTRACE("SHA512_TOK ");
+			    LEXRETURN(SHA512_TOK);
+			}
+
+sudoedit		{
+			    BEGIN GOTCMND;
+			    LEXTRACE("COMMAND ");
+			    if (!fill_cmnd(sudoerstext, sudoersleng))
+				yyterminate();
+			}			/* sudo -e */
+
+{PATH}			{
+			    /* directories can't have args... */
+			    if (sudoerstext[sudoersleng - 1] == '/') {
+				LEXTRACE("COMMAND ");
+				if (!fill_cmnd(sudoerstext, sudoersleng))
+				    yyterminate();
+				LEXRETURN(COMMAND);
+			    } else {
+				BEGIN GOTCMND;
+				LEXTRACE("COMMAND ");
+				if (!fill_cmnd(sudoerstext, sudoersleng))
+				    yyterminate();
+			    }
+			}			/* a pathname */
+
+<INITIAL,GOTDEFS>\" {
+			    LEXTRACE("BEGINSTR ");
+			    sudoerslval.string = NULL;
+			    prev_state = YY_START;
+			    BEGIN INSTR;
+			}
+
+<INITIAL,GOTDEFS>({ID}|{WORD}) {
+			    /* a word */
+			    if (!fill(sudoerstext, sudoersleng))
+				yyterminate();
+			    LEXTRACE("WORD(5) ");
+			    LEXRETURN(WORD);
+			}
+
+\(			{
+			    LEXTRACE("( ");
+			    LEXRETURN('(');
+			}
+
+\)			{
+			    LEXTRACE(") ");
+			    LEXRETURN(')');
+			}
+
+,			{
+			    LEXTRACE(", ");
+			    LEXRETURN(',');
+			}			/* return ',' */
+
+=			{
+			    LEXTRACE("= ");
+			    LEXRETURN('=');
+			}			/* return '=' */
+
+:			{
+			    LEXTRACE(": ");
+			    LEXRETURN(':');
+			}			/* return ':' */
+
+<*>!+			{
+			    if (sudoersleng & 1) {
+				LEXTRACE("!");
+				LEXRETURN('!');	/* return '!' */
+			    }
+			}
+
+<*>\n			{
+			    if (YY_START == INSTR) {
+				LEXTRACE("ERROR ");
+				LEXRETURN(ERROR);	/* line break in string */
+			    }
+			    BEGIN INITIAL;
+			    sudolineno++;
+			    continued = false;
+			    LEXTRACE("\n");
+			    LEXRETURN(COMMENT);
+			}			/* return newline */
+
+<*>[[:blank:]]+		{			/* throw away space/tabs */
+			    sawspace = true;	/* but remember for fill_args */
+			}
+
+<*>\\[[:blank:]]*\n	{
+			    sawspace = true;	/* remember for fill_args */
+			    sudolineno++;
+			    continued = true;
+			}			/* throw away EOL after \ */
+
+<INITIAL,STARTDEFS,INDEFS>#(-[^\n0-9].*|[^\n0-9-].*)?\n?	{
+			    if (sudoerstext[sudoersleng - 1] == '\n') {
+				/* comment ending in a newline */
+				BEGIN INITIAL;
+				sudolineno++;
+				continued = false;
+			    } else if (!feof(yyin)) {
+				LEXTRACE("ERROR ");
+				LEXRETURN(ERROR);
+			    }
+			    LEXTRACE("#\n");
+			    LEXRETURN(COMMENT);
+			}			/* comment, not uid/gid */
+
+<*>.			{
+			    LEXTRACE("ERROR ");
+			    LEXRETURN(ERROR);
+			}	/* parse error */
+
+<*><<EOF>>		{
+			    if (YY_START != INITIAL) {
+			    	BEGIN INITIAL;
+				LEXTRACE("ERROR ");
+				LEXRETURN(ERROR);
+			    }
+			    if (!pop_include())
+				yyterminate();
+			}
+
+%%
+struct path_list {
+    SLIST_ENTRY(path_list) entries;
+    char *path;
+};
+
+SLIST_HEAD(path_list_head, path_list);
+
+struct include_stack {
+    YY_BUFFER_STATE bs;
+    char *path;
+    struct path_list_head more; /* more files in case of includedir */
+    int lineno;
+    bool keepopen;
+};
+
+/*
+ * Compare two struct path_list structs in reverse order.
+ */
+static int
+pl_compare(const void *v1, const void *v2)
+{
+    const struct path_list * const *p1 = v1;
+    const struct path_list * const *p2 = v2;
+
+    return strcmp((*p2)->path, (*p1)->path);
+}
+
+/*
+ * Open dirpath and fill in pathsp with an array of regular files
+ * that do not end in '~' or contain a '.'.
+ * Returns the number of files or -1 on error.
+ * If zero files are found, NULL is stored in pathsp.
+ */
+static int
+read_dir_files(const char *dirpath, struct path_list ***pathsp)
+{
+    DIR *dir;
+    int i, count = 0;
+    int max_paths = 32;
+    struct dirent *dent;
+    struct path_list **paths = NULL;
+    debug_decl(read_dir_files, SUDOERS_DEBUG_PARSER)
+
+    dir = opendir(dirpath);
+    if (dir == NULL) {
+	if (errno == ENOENT)
+	    goto done;
+	sudo_warn("%s", dirpath);
+	goto bad;
+    }
+    paths = reallocarray(NULL, max_paths, sizeof(*paths));
+    if (paths == NULL)
+	goto oom;
+    while ((dent = readdir(dir)) != NULL) {
+	struct path_list *pl;
+	struct stat sb;
+	size_t len;
+	char *path;
+
+	/* Ignore files that end in '~' or have a '.' in them. */
+	if (dent->d_name[0] == '\0' || dent->d_name[NAMLEN(dent) - 1] == '~'
+	    || strchr(dent->d_name, '.') != NULL) {
+	    continue;
+	}
+	len = strlen(dirpath) + 1 + NAMLEN(dent);
+	if ((path = rcstr_alloc(len)) == NULL)
+	    goto oom;
+	(void)snprintf(path, len + 1, "%s/%s", dirpath, dent->d_name);
+	if (stat(path, &sb) != 0 || !S_ISREG(sb.st_mode)) {
+	    rcstr_delref(path);
+	    continue;
+	}
+	pl = malloc(sizeof(*pl));
+	if (pl == NULL) {
+	    rcstr_delref(path);
+	    goto oom;
+	}
+	pl->path = path;
+	if (count >= max_paths) {
+	    struct path_list **tmp;
+	    max_paths <<= 1;
+	    tmp = reallocarray(paths, max_paths, sizeof(*paths));
+	    if (tmp == NULL) {
+		rcstr_delref(path);
+		free(pl);
+		goto oom;
+	    }
+	    paths = tmp;
+	}
+	paths[count++] = pl;
+    }
+    closedir(dir);
+    if (count == 0) {
+	free(paths);
+	paths = NULL;
+    }
+done:
+    *pathsp = paths;
+    debug_return_int(count);
+oom:
+    sudo_warnx(U_("%s: %s"), __func__, U_("unable to allocate memory"));
+bad:
+    sudoerserror(NULL);
+    if (dir != NULL)
+	closedir(dir);
+    for (i = 0; i < count; i++) {
+	rcstr_delref(paths[i]->path);
+	free(paths[i]);
+    }
+    free(paths);
+    debug_return_int(-1);
+}
+
+/*
+ * Push a list of all files in dirpath onto stack.
+ * Returns the number of files or -1 on error.
+ */
+static int
+switch_dir(struct include_stack *stack, char *dirpath)
+{
+    struct path_list **paths = NULL;
+    int count, i;
+    debug_decl(switch_dir, SUDOERS_DEBUG_PARSER)
+
+    count = read_dir_files(dirpath, &paths);
+    if (count > 0) {
+	/* Sort the list as an array in reverse order. */
+	qsort(paths, count, sizeof(*paths), pl_compare);
+
+	/* Build up the list in sorted order. */
+	for (i = 0; i < count; i++) {
+	    SLIST_INSERT_HEAD(&stack->more, paths[i], entries);
+	}
+	free(paths);
+    }
+
+    debug_return_int(count);
+}
+
+#define MAX_SUDOERS_DEPTH	128
+#define SUDOERS_STACK_INCREMENT	16
+
+static size_t istacksize, idepth;
+static struct include_stack *istack;
+static bool keepopen;
+
+void
+init_lexer(void)
+{
+    struct path_list *pl;
+    debug_decl(init_lexer, SUDOERS_DEBUG_PARSER)
+
+    while (idepth) {
+	idepth--;
+	while ((pl = SLIST_FIRST(&istack[idepth].more)) != NULL) {
+	    SLIST_REMOVE_HEAD(&istack[idepth].more, entries);
+	    rcstr_delref(pl->path);
+	    free(pl);
+	}
+	rcstr_delref(istack[idepth].path);
+	if (idepth && !istack[idepth].keepopen)
+	    fclose(istack[idepth].bs->yy_input_file);
+	sudoers_delete_buffer(istack[idepth].bs);
+    }
+    free(istack);
+    istack = NULL;
+    istacksize = idepth = 0;
+    sudolineno = 1;
+    keepopen = false;
+    sawspace = false;
+    continued = false;
+    digest_type = -1;
+    prev_state = INITIAL;
+
+    debug_return;
+}
+
+/*
+ * Open an include file (or file from a directory), push the old
+ * sudoers file buffer and switch to the new one.
+ * A missing or insecure include dir is simply ignored.
+ * Returns false on error, else true.
+ */
+static bool
+push_include_int(char *path, bool isdir)
+{
+    struct path_list *pl;
+    FILE *fp;
+    debug_decl(push_include_int, SUDOERS_DEBUG_PARSER)
+
+    /* push current state onto stack */
+    if (idepth >= istacksize) {
+	struct include_stack *new_istack;
+
+	if (idepth > MAX_SUDOERS_DEPTH) {
+	    sudoerserror(N_("too many levels of includes"));
+	    debug_return_bool(false);
+	}
+	istacksize += SUDOERS_STACK_INCREMENT;
+	new_istack = reallocarray(istack, istacksize, sizeof(*istack));
+	if (new_istack == NULL) {
+	    sudo_warnx(U_("%s: %s"), __func__, U_("unable to allocate memory"));
+	    sudoerserror(NULL);
+	    debug_return_bool(false);
+	}
+	istack = new_istack;
+    }
+    SLIST_INIT(&istack[idepth].more);
+    if (isdir) {
+	struct stat sb;
+	int count, status;
+
+	status = sudo_secure_dir(path, sudoers_uid, sudoers_gid, &sb);
+	if (status != SUDO_PATH_SECURE) {
+	    if (sudoers_warnings) {
+		switch (status) {
+		case SUDO_PATH_BAD_TYPE:
+		    errno = ENOTDIR;
+		    sudo_warn("%s", path);
+		    break;
+		case SUDO_PATH_WRONG_OWNER:
+		    sudo_warnx(U_("%s is owned by uid %u, should be %u"),   
+			path, (unsigned int) sb.st_uid,
+			(unsigned int) sudoers_uid);
+		    break;
+		case SUDO_PATH_WORLD_WRITABLE:
+		    sudo_warnx(U_("%s is world writable"), path);
+		    break;
+		case SUDO_PATH_GROUP_WRITABLE:
+		    sudo_warnx(U_("%s is owned by gid %u, should be %u"),
+			path, (unsigned int) sb.st_gid,
+			(unsigned int) sudoers_gid);
+		    break;
+		default:
+		    break;
+		}
+	    }
+	    /* A missing or insecure include dir is not a fatal error. */
+	    debug_return_bool(true);
+	}
+	count = switch_dir(&istack[idepth], path);
+	if (count <= 0) {
+	    /* switch_dir() called sudoerserror() for us */
+	    rcstr_delref(path);
+	    debug_return_bool(count ? false : true);
+	}
+
+	/* Parse the first dir entry we can open, leave the rest for later. */
+	do {
+	    rcstr_delref(path);
+	    if ((pl = SLIST_FIRST(&istack[idepth].more)) == NULL) {
+		/* Unable to open any files in include dir, not an error. */
+		debug_return_bool(true);
+	    }
+	    SLIST_REMOVE_HEAD(&istack[idepth].more, entries);
+	    path = pl->path;
+	    free(pl);
+	} while ((fp = open_sudoers(path, false, &keepopen)) == NULL);
+    } else {
+	if ((fp = open_sudoers(path, true, &keepopen)) == NULL) {
+	    /* The error was already printed by open_sudoers() */
+	    sudoerserror(NULL);
+	    debug_return_bool(false);
+	}
+    }
+    /* Push the old (current) file and open the new one. */
+    istack[idepth].path = sudoers; /* push old path (and its ref) */
+    istack[idepth].bs = YY_CURRENT_BUFFER;
+    istack[idepth].lineno = sudolineno;
+    istack[idepth].keepopen = keepopen;
+    idepth++;
+    sudolineno = 1;
+    sudoers = path;
+    sudoers_switch_to_buffer(sudoers_create_buffer(fp, YY_BUF_SIZE));
+
+    debug_return_bool(true);
+}
+
+/*
+ * Restore the previous sudoers file and buffer, or, in the case
+ * of an includedir, switch to the next file in the dir.
+ * Returns false if there is nothing to pop, else true.
+ */
+static bool
+pop_include(void)
+{
+    struct path_list *pl;
+    FILE *fp;
+    debug_decl(pop_include, SUDOERS_DEBUG_PARSER)
+
+    if (idepth == 0 || YY_CURRENT_BUFFER == NULL)
+	debug_return_bool(false);
+
+    if (!keepopen)
+	fclose(YY_CURRENT_BUFFER->yy_input_file);
+    sudoers_delete_buffer(YY_CURRENT_BUFFER);
+    /* If we are in an include dir, move to the next file. */
+    while ((pl = SLIST_FIRST(&istack[idepth - 1].more)) != NULL) {
+	SLIST_REMOVE_HEAD(&istack[idepth - 1].more, entries);
+	fp = open_sudoers(pl->path, false, &keepopen);
+	if (fp != NULL) {
+	    rcstr_delref(sudoers);
+	    sudoers = pl->path;
+	    sudolineno = 1;
+	    sudoers_switch_to_buffer(sudoers_create_buffer(fp, YY_BUF_SIZE));
+	    free(pl);
+	    break;
+	}
+	/* Unable to open path in include dir, go to next one. */
+	rcstr_delref(pl->path);
+	free(pl);
+    }
+    /* If no path list, just pop the last dir on the stack. */
+    if (pl == NULL) {
+	idepth--;
+	sudoers_switch_to_buffer(istack[idepth].bs);
+	rcstr_delref(sudoers);
+	sudoers = istack[idepth].path;
+	sudolineno = istack[idepth].lineno;
+	keepopen = istack[idepth].keepopen;
+    }
+    debug_return_bool(true);
+}
+
+static char *
+parse_include_int(const char *base, bool isdir)
+{
+    const char *cp, *ep;
+    char *path, *pp;
+    int dirlen = 0, len = 0, subst = 0;
+    size_t shost_len = 0;
+    debug_decl(parse_include, SUDOERS_DEBUG_PARSER)
+
+    /* Pull out path from #include line. */
+    cp = base + (isdir ? sizeof("#includedir") : sizeof("#include"));
+    while (isblank((unsigned char) *cp))
+	cp++;
+    ep = cp;
+    while (*ep != '\0' && !isspace((unsigned char) *ep)) {
+	if (ep[0] == '%' && ep[1] == 'h') {
+	    shost_len = strlen(user_shost);
+	    len += shost_len - 2;
+	    subst = 1;
+	}
+	ep++;
+    }
+
+    /* Relative paths are located in the same dir as the sudoers file. */
+    if (*cp != '/') {
+	char *dirend = strrchr(sudoers, '/');
+	if (dirend != NULL)
+	    dirlen = (int)(dirend - sudoers) + 1;
+    }
+
+    /* Make a copy of the fully-qualified path and return it. */
+    len += (int)(ep - cp);
+    path = pp = rcstr_alloc(len + dirlen);
+    if (path == NULL) {
+	sudo_warnx(U_("%s: %s"), __func__, U_("unable to allocate memory"));
+	sudoerserror(NULL);
+	debug_return_str(NULL);
+    }
+    if (dirlen) {
+	memcpy(path, sudoers, dirlen);
+	pp += dirlen;
+    }
+    if (subst) {
+	/* substitute for %h */
+	while (cp < ep) {
+	    if (cp[0] == '%' && cp[1] == 'h') {
+		memcpy(pp, user_shost, shost_len);
+		pp += shost_len;
+		cp += 2;
+		continue;
+	    }
+	    *pp++ = *cp++;
+	}
+	*pp = '\0';
+    } else {
+	memcpy(pp, cp, len);
+	pp[len] = '\0';
+    }
+
+    /* Push any excess characters (e.g. comment, newline) back to the lexer */
+    if (*ep != '\0')
+	yyless((int)(ep - base));
+
+    debug_return_str(path);
+}
+
+#ifdef TRACELEXER
+int
+sudoers_trace_print(const char *msg)
+{
+    return fputs(msg, stderr);
+}
+#else
+int
+sudoers_trace_print(const char *msg)
+{
+    static bool initialized;
+    static struct sudo_lbuf lbuf;
+
+    if (!initialized) {
+	initialized = true;
+	sudo_lbuf_init(&lbuf, NULL, 0, NULL, 0);
+    }
+
+    sudo_lbuf_append(&lbuf, "%s", msg);
+    /* XXX - assumes a final newline */
+    if (strchr(msg, '\n') != NULL)
+    {
+	sudo_debug_printf2(NULL, NULL, 0, SUDOERS_DEBUG_PARSER|SUDO_DEBUG_DEBUG,
+	    "%s:%d %s", sudoers, sudolineno, lbuf.buf);
+	lbuf.len = 0;
+    }
+    return 0;
+}
+#endif /* TRACELEXER */
diff --git a/plugins/sudoers/toke_util.c b/plugins/sudoers/toke_util.c
new file mode 100644
index 0000000..0c91376
--- /dev/null
+++ b/plugins/sudoers/toke_util.c
@@ -0,0 +1,193 @@
+/*
+ * Copyright (c) 1996, 1998-2005, 2007-2016
+ *	Todd C. Miller <Todd.Miller@sudo.ws>
+ *
+ * Permission to use, copy, modify, and distribute this software for any
+ * purpose with or without fee is hereby granted, provided that the above
+ * copyright notice and this permission notice appear in all copies.
+ *
+ * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
+ * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
+ * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
+ * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
+ * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
+ * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
+ * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
+ *
+ * Sponsored in part by the Defense Advanced Research Projects
+ * Agency (DARPA) and Air Force Research Laboratory, Air Force
+ * Materiel Command, USAF, under agreement number F39502-99-1-0512.
+ */
+
+/*
+ * This is an open source non-commercial project. Dear PVS-Studio, please check it.
+ * PVS-Studio Static Code Analyzer for C, C++ and C#: http://www.viva64.com
+ */
+
+#include <config.h>
+
+#include <sys/types.h>
+#include <stdio.h>
+#include <stdlib.h>
+#ifdef HAVE_STRING_H
+# include <string.h>
+#endif /* HAVE_STRING_H */
+#ifdef HAVE_STRINGS_H
+# include <strings.h>
+#endif /* HAVE_STRINGS_H */
+#include <unistd.h>
+#include <errno.h>
+
+#include "sudoers.h"
+#include "toke.h"
+#include <gram.h>
+
+static unsigned int arg_len = 0;
+static unsigned int arg_size = 0;
+
+bool
+fill_txt(const char *src, size_t len, size_t olen)
+{
+    char *dst;
+    int h;
+    debug_decl(fill_txt, SUDOERS_DEBUG_PARSER)
+
+    dst = olen ? realloc(sudoerslval.string, olen + len + 1) : malloc(len + 1);
+    if (dst == NULL) {
+	sudo_warnx(U_("%s: %s"), __func__, U_("unable to allocate memory"));
+	sudoerserror(NULL);
+	debug_return_bool(false);
+    }
+    sudoerslval.string = dst;
+
+    /* Copy the string and collapse any escaped characters. */
+    dst += olen;
+    while (len--) {
+	if (*src == '\\' && len) {
+	    if (src[1] == 'x' && len >= 3 && (h = hexchar(src + 2)) != -1) {
+		*dst++ = h;
+		src += 4;
+		len -= 3;
+	    } else {
+		src++;
+		len--;
+		*dst++ = *src++;
+	    }
+	} else {
+	    *dst++ = *src++;
+	}
+    }
+    *dst = '\0';
+    debug_return_bool(true);
+}
+
+bool
+append(const char *src, size_t len)
+{
+    int olen = 0;
+    debug_decl(append, SUDOERS_DEBUG_PARSER)
+
+    if (sudoerslval.string != NULL)
+	olen = strlen(sudoerslval.string);
+
+    debug_return_bool(fill_txt(src, len, olen));
+}
+
+#define SPECIAL(c) \
+    ((c) == ',' || (c) == ':' || (c) == '=' || (c) == ' ' || (c) == '\t' || (c) == '#')
+
+bool
+fill_cmnd(const char *src, size_t len)
+{
+    char *dst;
+    size_t i;
+    debug_decl(fill_cmnd, SUDOERS_DEBUG_PARSER)
+
+    arg_len = arg_size = 0;
+
+    dst = sudoerslval.command.cmnd = malloc(len + 1);
+    if (dst == NULL) {
+	sudo_warnx(U_("%s: %s"), __func__, U_("unable to allocate memory"));
+	sudoerserror(NULL);
+	debug_return_bool(false);
+    }
+    sudoerslval.command.args = NULL;
+
+    /* Copy the string and collapse any escaped sudo-specific characters. */
+    for (i = 0; i < len; i++) {
+	if (src[i] == '\\' && i != len - 1 && SPECIAL(src[i + 1]))
+	    *dst++ = src[++i];
+	else
+	    *dst++ = src[i];
+    }
+    *dst = '\0';
+
+    debug_return_bool(true);
+}
+
+bool
+fill_args(const char *s, size_t len, int addspace)
+{
+    unsigned int new_len;
+    char *p;
+    debug_decl(fill_args, SUDOERS_DEBUG_PARSER)
+
+    if (arg_size == 0) {
+	addspace = 0;
+	new_len = len;
+    } else
+	new_len = arg_len + len + addspace;
+
+    if (new_len >= arg_size) {
+	/* Allocate in increments of 128 bytes to avoid excessive realloc(). */
+	arg_size = (new_len + 1 + 127) & ~127;
+
+	p = realloc(sudoerslval.command.args, arg_size);
+	if (p == NULL) {
+	    sudo_warnx(U_("%s: %s"), __func__, U_("unable to allocate memory"));
+	    goto bad;
+	} else
+	    sudoerslval.command.args = p;
+    }
+
+    /* Efficiently append the arg (with a leading space if needed). */
+    p = sudoerslval.command.args + arg_len;
+    if (addspace)
+	*p++ = ' ';
+    len = arg_size - (p - sudoerslval.command.args);
+    if (strlcpy(p, s, len) >= len) {
+	sudo_warnx(U_("internal error, %s overflow"), __func__);
+	goto bad;
+    }
+    arg_len = new_len;
+    debug_return_bool(true);
+bad:
+    sudoerserror(NULL);
+    free(sudoerslval.command.args);
+    sudoerslval.command.args = NULL;
+    arg_len = arg_size = 0;
+    debug_return_bool(false);
+}
+
+/*
+ * Check to make sure an IPv6 address does not contain multiple instances
+ * of the string "::".  Assumes strlen(s) >= 1.
+ * Returns true if address is valid else false.
+ */
+bool
+ipv6_valid(const char *s)
+{
+    int nmatch = 0;
+    debug_decl(ipv6_valid, SUDOERS_DEBUG_PARSER)
+
+    for (; *s != '\0'; s++) {
+	if (s[0] == ':' && s[1] == ':') {
+	    if (++nmatch > 1)
+		break;
+	}
+	if (s[0] == '/')
+	    nmatch = 0;			/* reset if we hit netmask */
+    }
+
+    debug_return_bool(nmatch <= 1);
+}
diff --git a/plugins/sudoers/tsdump.c b/plugins/sudoers/tsdump.c
new file mode 100644
index 0000000..91a26ce
--- /dev/null
+++ b/plugins/sudoers/tsdump.c
@@ -0,0 +1,316 @@
+/*
+ * Copyright (c) 2018 Todd C. Miller <Todd.Miller@sudo.ws>
+ *
+ * Permission to use, copy, modify, and distribute this software for any
+ * purpose with or without fee is hereby granted, provided that the above
+ * copyright notice and this permission notice appear in all copies.
+ *
+ * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
+ * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
+ * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
+ * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
+ * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
+ * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
+ * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
+ */
+
+/*
+ * This is an open source non-commercial project. Dear PVS-Studio, please check it.
+ * PVS-Studio Static Code Analyzer for C, C++ and C#: http://www.viva64.com
+ */
+
+#include <config.h>
+
+#include <sys/types.h>
+#include <sys/stat.h>
+#include <stdio.h>
+#include <stdlib.h>
+#ifdef HAVE_STRING_H
+# include <string.h>
+#endif /* HAVE_STRING_H */
+#ifdef HAVE_STRINGS_H
+# include <strings.h>
+#endif /* HAVE_STRINGS_H */
+#include <errno.h>
+#include <fcntl.h>
+#include <pwd.h>
+#include <time.h>
+#include <unistd.h>
+
+#include "sudoers.h"
+#include "check.h"
+
+struct timestamp_entry_common {
+    unsigned short version;	/* version number */
+    unsigned short size;	/* entry size */
+    unsigned short type;	/* TS_GLOBAL, TS_TTY, TS_PPID */
+    unsigned short flags;	/* TS_DISABLED, TS_ANYUID */
+};
+
+union timestamp_entry_storage {
+    struct timestamp_entry_common common;
+    struct timestamp_entry_v1 v1;
+    struct timestamp_entry v2;
+};
+
+__dso_public int main(int argc, char *argv[]);
+
+static void usage(void) __attribute__((__noreturn__));
+static void dump_entry(struct timestamp_entry *entry, off_t pos);
+static bool valid_entry(union timestamp_entry_storage *u, off_t pos);
+static bool convert_entry(union timestamp_entry_storage *record, struct timespec *off);
+
+/*
+ * tsdump: a simple utility to dump the contents of a time stamp file.
+ * Unlock sudo, does not perform any locking of the time stamp file.
+ */
+
+int
+main(int argc, char *argv[])
+{
+    int ch, fd;
+    const char *user = NULL;
+    char *fname = NULL;
+    union timestamp_entry_storage cur;
+    struct timespec now, timediff;
+    debug_decl(main, SUDOERS_DEBUG_MAIN)
+
+#if defined(SUDO_DEVEL) && defined(__OpenBSD__)
+    malloc_options = "S";
+#endif
+
+    initprogname(argc > 0 ? argv[0] : "tsdump");
+
+    bindtextdomain("sudoers", LOCALEDIR);
+    textdomain("sudoers");
+
+    /* Initialize the debug subsystem. */
+    if (sudo_conf_read(NULL, SUDO_CONF_DEBUG) == -1)
+	exit(EXIT_FAILURE);
+    sudoers_debug_register(getprogname(), sudo_conf_debug_files(getprogname()));
+
+    while ((ch = getopt(argc, argv, "f:u:")) != -1) {
+	switch (ch) {
+	    case 'f':
+		fname = optarg;
+		break;
+	    case 'u':
+		user = optarg;
+		break;
+	    default:
+		usage();
+	}
+    }
+    argc -= optind;
+    argv += optind;
+
+    if (fname != NULL && user != NULL) {
+	sudo_warnx("the -f and -u flags are mutually exclusive");
+	usage();
+    }
+
+    /* Calculate the difference between real time and mono time. */
+    if (sudo_gettime_real(&now) == -1)
+	sudo_fatal("unable to get current time");
+    if (sudo_gettime_mono(&timediff) == -1)
+	sudo_fatal("unable to read the clock");
+    sudo_timespecsub(&now, &timediff, &timediff);
+
+    if (fname == NULL) {
+	struct passwd *pw;
+
+	if (user == NULL) {
+	    if ((pw = getpwuid(geteuid())) == NULL)
+		sudo_fatalx(U_("unknown uid: %u"), (unsigned int)geteuid());
+	    user = pw->pw_name;
+	}
+	if (asprintf(&fname, "%s/%s", _PATH_SUDO_TIMEDIR, user) == -1)
+	    sudo_fatalx(U_("%s: %s"), __func__, U_("unable to allocate memory"));
+    }
+
+    fd = open(fname, O_RDONLY);
+    if (fd == -1)
+	sudo_fatal(U_("unable to open %s"), fname);
+
+    for (;;) {
+	off_t pos = lseek(fd, 0, SEEK_CUR);
+	ssize_t nread;
+	bool valid;
+
+	if ((nread = read(fd, &cur, sizeof(cur))) == 0)
+	    break;
+	if (nread == -1)
+	    sudo_fatal(U_("unable to read %s"), fname);
+
+	valid = valid_entry(&cur, pos);
+	if (cur.common.size != 0 && cur.common.size != sizeof(cur)) {
+	    off_t offset = (off_t)cur.common.size - (off_t)sizeof(cur);
+	    if (lseek(fd, offset, SEEK_CUR) == -1)
+		sudo_fatal("unable to seek %d bytes", (int)offset);
+	}
+	if (valid) {
+	    /* Convert entry to latest version as needed. */
+	    if (!convert_entry(&cur, &timediff))
+		continue;
+	    dump_entry(&cur.v2, pos);
+	}
+    }
+
+    return 0;
+}
+
+static bool
+valid_entry(union timestamp_entry_storage *u, off_t pos)
+{
+    struct timestamp_entry *entry = (struct timestamp_entry *)u;
+    debug_decl(valid_entry, SUDOERS_DEBUG_UTIL)
+
+    switch (entry->version) {
+    case 1:
+	if (entry->size != sizeof(struct timestamp_entry_v1)) {
+	    printf("wrong sized v1 record @ %lld, got %hu, expected %zu\n",
+		(long long)pos, entry->size, sizeof(struct timestamp_entry_v1));
+	    debug_return_bool(false);
+	}
+	break;
+    case 2:
+	if (entry->size != sizeof(struct timestamp_entry)) {
+	    printf("wrong sized v2 record @ %lld, got %hu, expected %zu\n",
+		(long long)pos, entry->size, sizeof(struct timestamp_entry));
+	    debug_return_bool(false);
+	}
+	break;
+    default:
+	printf("unknown time stamp entry version %d @ %lld\n",
+	    (int)entry->version, (long long)pos);
+	debug_return_bool(false);
+	break;
+    }
+    debug_return_bool(true);
+}
+
+static char *
+type2string(int type)
+{
+    static char name[64];
+    debug_decl(type2string, SUDOERS_DEBUG_UTIL)
+
+    switch (type) {
+    case TS_LOCKEXCL:
+	debug_return_str("TS_LOCKEXCL");
+    case TS_GLOBAL:
+	debug_return_str("TS_GLOBAL");
+    case TS_TTY:
+	debug_return_str("TS_TTY");
+    case TS_PPID:
+	debug_return_str("TS_PPID");
+    }
+    snprintf(name, sizeof(name), "UNKNOWN (0x%x)", type);
+    debug_return_str(name);
+}
+
+static void
+print_flags(int flags)
+{
+    bool first = true;
+    debug_decl(print_flags, SUDOERS_DEBUG_UTIL)
+
+    printf("flags: ");
+    if (ISSET(flags, TS_DISABLED)) {
+	printf("%sTS_DISABLED", first ? "" : ", ");
+	CLR(flags, TS_DISABLED);
+	first = false;
+    }
+    if (ISSET(flags, TS_ANYUID)) {
+	/* TS_ANYUID should never appear on disk. */
+	printf("%sTS_ANYUID", first ? "" : ", ");
+	CLR(flags, TS_ANYUID);
+	first = false;
+    }
+    if (flags != 0)
+	printf("%s0x%x", first ? "" : ", ", flags);
+    putchar('\n');
+
+    debug_return;
+}
+
+/*
+ * Convert an older entry to current.
+ * Also adjusts time stamps on Linux to be wallclock time.
+ */
+static bool
+convert_entry(union timestamp_entry_storage *record, struct timespec *off)
+{
+    union timestamp_entry_storage orig;
+    debug_decl(convert_entry, SUDOERS_DEBUG_UTIL)
+
+    if (record->common.version != TS_VERSION) {
+	if (record->common.version != 1) {
+	    sudo_warnx("unexpected record version %hu", record->common.version);
+	    debug_return_bool(false);
+	}
+
+	/* The first four fields are the same regardless of version. */
+	memcpy(&orig, record, sizeof(union timestamp_entry_storage));
+	record->v2.auth_uid = orig.v1.auth_uid;
+	record->v2.sid = orig.v1.sid;
+	sudo_timespecclear(&record->v2.start_time);
+	record->v2.ts = orig.v1.ts;
+	if (record->common.type == TS_TTY)
+	    record->v2.u.ttydev = orig.v1.u.ttydev;
+	else if (record->common.type == TS_PPID)
+	    record->v2.u.ppid = orig.v1.u.ppid;
+	else
+	    memset(&record->v2.u, 0, sizeof(record->v2.u));
+    }
+
+    /* On Linux, start time is relative to boot time, adjust to real time. */
+#ifdef __linux__
+    if (sudo_timespecisset(&record->v2.start_time))
+	sudo_timespecadd(&record->v2.start_time, off, &record->v2.start_time);
+#endif
+
+    /* Adjust time stamp from mono time to real time. */
+    if (sudo_timespecisset(&record->v2.ts))
+	sudo_timespecadd(&record->v2.ts, off, &record->v2.ts);
+
+    debug_return_bool(true);
+}
+
+static void
+dump_entry(struct timestamp_entry *entry, off_t pos)
+{
+    debug_decl(dump_entry, SUDOERS_DEBUG_UTIL)
+
+    printf("position: %lld\n", (long long)pos);
+    printf("version: %hu\n", entry->version);
+    printf("size: %hu\n", entry->size);
+    printf("type: %s\n", type2string(entry->type));
+    print_flags(entry->flags);
+    printf("auth uid: %d\n", (int)entry->auth_uid);
+    printf("session ID: %d\n", (int)entry->sid);
+    if (sudo_timespecisset(&entry->start_time))
+	printf("start time: %s", ctime(&entry->start_time.tv_sec));
+    if (sudo_timespecisset(&entry->ts))
+	printf("time stamp: %s", ctime(&entry->ts.tv_sec));
+    if (entry->type == TS_TTY) {
+	char tty[PATH_MAX];
+	if (sudo_ttyname_dev(entry->u.ttydev, tty, sizeof(tty)) == NULL)
+	    printf("terminal: %d\n", (int)entry->u.ttydev);
+	else
+	    printf("terminal: %s\n", tty);
+    } else if (entry->type == TS_PPID) {
+	printf("parent pid: %d\n", (int)entry->u.ppid);
+    }
+    printf("\n");
+
+    debug_return;
+}
+
+static void
+usage(void)
+{
+    fprintf(stderr, "usage: %s [-f timestamp_file] | [-u username]\n",
+	getprogname());
+    exit(1);
+}
diff --git a/plugins/sudoers/tsgetgrpw.c b/plugins/sudoers/tsgetgrpw.c
new file mode 100644
index 0000000..a500bdf
--- /dev/null
+++ b/plugins/sudoers/tsgetgrpw.c
@@ -0,0 +1,413 @@
+/*
+ * Copyright (c) 2005, 2008, 2010-2015
+ *	Todd C. Miller <Todd.Miller@sudo.ws>
+ *
+ * Permission to use, copy, modify, and distribute this software for any
+ * purpose with or without fee is hereby granted, provided that the above
+ * copyright notice and this permission notice appear in all copies.
+ *
+ * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
+ * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
+ * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
+ * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
+ * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
+ * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
+ * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
+ */
+
+/*
+ * This is an open source non-commercial project. Dear PVS-Studio, please check it.
+ * PVS-Studio Static Code Analyzer for C, C++ and C#: http://www.viva64.com
+ */
+
+/*
+ * Trivial replacements for the libc get{gr,pw}{uid,nam}() routines
+ * for use by testsudoers in the sudo test harness.
+ * We need our own since many platforms don't provide set{pw,gr}file().
+ */
+
+#include <config.h>
+
+#include <sys/types.h>
+#include <stdio.h>
+#include <stdlib.h>
+#ifdef HAVE_STRING_H
+# include <string.h>
+#endif /* HAVE_STRING_H */
+#ifdef HAVE_STRINGS_H
+# include <strings.h>
+#endif /* HAVE_STRINGS_H */
+#include <errno.h>
+#include <fcntl.h>
+#include <limits.h>
+#include <unistd.h>
+
+#include "tsgetgrpw.h"
+#include "sudoers.h"
+
+#undef GRMEM_MAX
+#define GRMEM_MAX 200
+
+#ifndef UID_MAX
+# define UID_MAX 0xffffffffU
+#endif
+
+#ifndef GID_MAX
+# define GID_MAX UID_MAX
+#endif
+
+static FILE *pwf;
+static const char *pwfile = "/etc/passwd";
+static int pw_stayopen;
+
+static FILE *grf;
+static const char *grfile = "/etc/group";
+static int gr_stayopen;
+
+void setgrfile(const char *);
+void setgrent(void);
+void endgrent(void);
+struct group *getgrent(void);
+struct group *getgrnam(const char *);
+struct group *getgrgid(gid_t);
+
+void setpwfile(const char *);
+void setpwent(void);
+void endpwent(void);
+struct passwd *getpwent(void);
+struct passwd *getpwnam(const char *);
+struct passwd *getpwuid(uid_t);
+
+void
+setpwfile(const char *file)
+{
+    pwfile = file;
+    if (pwf != NULL)
+	endpwent();
+}
+
+void
+setpwent(void)
+{
+    if (pwf == NULL) {
+	pwf = fopen(pwfile, "r");
+	if (pwf != NULL)
+	    (void)fcntl(fileno(pwf), F_SETFD, FD_CLOEXEC);
+    } else {
+	rewind(pwf);
+    }
+    pw_stayopen = 1;
+}
+
+void
+endpwent(void)
+{
+    if (pwf != NULL) {
+	fclose(pwf);
+	pwf = NULL;
+    }
+    pw_stayopen = 0;
+}
+
+struct passwd *
+getpwent(void)
+{
+    static struct passwd pw;
+    static char pwbuf[LINE_MAX];
+    size_t len;
+    id_t id;
+    char *cp, *colon;
+    const char *errstr;
+
+next_entry:
+    if ((colon = fgets(pwbuf, sizeof(pwbuf), pwf)) == NULL)
+	return NULL;
+
+    memset(&pw, 0, sizeof(pw));
+    if ((colon = strchr(cp = colon, ':')) == NULL)
+	goto next_entry;
+    *colon++ = '\0';
+    pw.pw_name = cp;
+    if ((colon = strchr(cp = colon, ':')) == NULL)
+	goto next_entry;
+    *colon++ = '\0';
+    pw.pw_passwd = cp;
+    if ((colon = strchr(cp = colon, ':')) == NULL)
+	goto next_entry;
+    *colon++ = '\0';
+    id = sudo_strtoid(cp, NULL, NULL, &errstr);
+    if (errstr != NULL)
+	goto next_entry;
+    pw.pw_uid = (uid_t)id;
+    if ((colon = strchr(cp = colon, ':')) == NULL)
+	goto next_entry;
+    *colon++ = '\0';
+    id = sudo_strtoid(cp, NULL, NULL, &errstr);
+    if (errstr != NULL)
+	goto next_entry;
+    pw.pw_gid = (gid_t)id;
+    if ((colon = strchr(cp = colon, ':')) == NULL)
+	goto next_entry;
+    *colon++ = '\0';
+    pw.pw_gecos = cp;
+    if ((colon = strchr(cp = colon, ':')) == NULL)
+	goto next_entry;
+    *colon++ = '\0';
+    pw.pw_dir = cp;
+    pw.pw_shell = colon;
+    len = strlen(colon);
+    if (len > 0 && colon[len - 1] == '\n')
+	colon[len - 1] = '\0';
+    return &pw;
+}
+
+struct passwd *
+getpwnam(const char *name)
+{
+    struct passwd *pw;
+
+    if (pwf == NULL) {
+	if ((pwf = fopen(pwfile, "r")) == NULL)
+	    return NULL;
+	(void)fcntl(fileno(pwf), F_SETFD, FD_CLOEXEC);
+    } else {
+	rewind(pwf);
+    }
+    while ((pw = getpwent()) != NULL) {
+	if (strcmp(pw->pw_name, name) == 0)
+	    break;
+    }
+    if (!pw_stayopen) {
+	fclose(pwf);
+	pwf = NULL;
+    }
+    return pw;
+}
+
+struct passwd *
+getpwuid(uid_t uid)
+{
+    struct passwd *pw;
+
+    if (pwf == NULL) {
+	if ((pwf = fopen(pwfile, "r")) == NULL)
+	    return NULL;
+	(void)fcntl(fileno(pwf), F_SETFD, FD_CLOEXEC);
+    } else {
+	rewind(pwf);
+    }
+    while ((pw = getpwent()) != NULL) {
+	if (pw->pw_uid == uid)
+	    break;
+    }
+    if (!pw_stayopen) {
+	fclose(pwf);
+	pwf = NULL;
+    }
+    return pw;
+}
+
+void
+setgrfile(const char *file)
+{
+    grfile = file;
+    if (grf != NULL)
+	endgrent();
+}
+
+void
+setgrent(void)
+{
+    if (grf == NULL) {
+	grf = fopen(grfile, "r");
+	if (grf != NULL)
+	    (void)fcntl(fileno(grf), F_SETFD, FD_CLOEXEC);
+    } else {
+	rewind(grf);
+    }
+    gr_stayopen = 1;
+}
+
+void
+endgrent(void)
+{
+    if (grf != NULL) {
+	fclose(grf);
+	grf = NULL;
+    }
+    gr_stayopen = 0;
+}
+
+struct group *
+getgrent(void)
+{
+    static struct group gr;
+    static char grbuf[LINE_MAX], *gr_mem[GRMEM_MAX+1];
+    size_t len;
+    id_t id;
+    char *cp, *colon;
+    const char *errstr;
+    int n;
+
+next_entry:
+    if ((colon = fgets(grbuf, sizeof(grbuf), grf)) == NULL)
+	return NULL;
+
+    memset(&gr, 0, sizeof(gr));
+    if ((colon = strchr(cp = colon, ':')) == NULL)
+	goto next_entry;
+    *colon++ = '\0';
+    gr.gr_name = cp;
+    if ((colon = strchr(cp = colon, ':')) == NULL)
+	goto next_entry;
+    *colon++ = '\0';
+    gr.gr_passwd = cp;
+    if ((colon = strchr(cp = colon, ':')) == NULL)
+	goto next_entry;
+    *colon++ = '\0';
+    id = sudo_strtoid(cp, NULL, NULL, &errstr);
+    if (errstr != NULL)
+	goto next_entry;
+    gr.gr_gid = (gid_t)id;
+    len = strlen(colon);
+    if (len > 0 && colon[len - 1] == '\n')
+	colon[len - 1] = '\0';
+    if (*colon != '\0') {
+	char *last;
+
+	gr.gr_mem = gr_mem;
+	cp = strtok_r(colon, ",", &last);
+	for (n = 0; cp != NULL && n < GRMEM_MAX; n++) {
+	    gr.gr_mem[n] = cp;
+	    cp = strtok_r(NULL, ",", &last);
+	}
+	gr.gr_mem[n++] = NULL;
+    } else
+	gr.gr_mem = NULL;
+    return &gr;
+}
+
+struct group *
+getgrnam(const char *name)
+{
+    struct group *gr;
+
+    if (grf == NULL) {
+	if ((grf = fopen(grfile, "r")) == NULL)
+	    return NULL;
+	(void)fcntl(fileno(grf), F_SETFD, FD_CLOEXEC);
+    } else {
+	rewind(grf);
+    }
+    while ((gr = getgrent()) != NULL) {
+	if (strcmp(gr->gr_name, name) == 0)
+	    break;
+    }
+    if (!gr_stayopen) {
+	fclose(grf);
+	grf = NULL;
+    }
+    return gr;
+}
+
+struct group *
+getgrgid(gid_t gid)
+{
+    struct group *gr;
+
+    if (grf == NULL) {
+	if ((grf = fopen(grfile, "r")) == NULL)
+	    return NULL;
+	(void)fcntl(fileno(grf), F_SETFD, FD_CLOEXEC);
+    } else {
+	rewind(grf);
+    }
+    while ((gr = getgrent()) != NULL) {
+	if (gr->gr_gid == gid)
+	    break;
+    }
+    if (!gr_stayopen) {
+	fclose(grf);
+	grf = NULL;
+    }
+    return gr;
+}
+
+/*
+ * Copied from getgrouplist.c
+ */
+int
+sudo_getgrouplist2_v1(const char *name, GETGROUPS_T basegid,
+    GETGROUPS_T **groupsp, int *ngroupsp)
+{
+    GETGROUPS_T *groups = *groupsp;
+    int grpsize = *ngroupsp;
+    int i, ngroups = 1;
+    int ret = -1;
+    struct group *grp;
+
+    if (groups == NULL) {
+	/* Dynamically-sized group vector. */
+	grpsize = (int)sysconf(_SC_NGROUPS_MAX);
+	if (grpsize < 0)
+	    grpsize = NGROUPS_MAX;
+	groups = reallocarray(NULL, grpsize, 4 * sizeof(*groups));
+	if (groups == NULL)
+	    return -1;
+	grpsize <<= 2;
+    } else {
+	/* Static group vector. */
+	if (grpsize < 1)
+	    return -1;
+    }
+
+    /* We support BSD semantics where the first element is the base gid */
+    groups[0] = basegid;
+
+    setgrent();
+    while ((grp = getgrent()) != NULL) {
+	if (grp->gr_gid == basegid || grp->gr_mem == NULL)
+	    continue;
+
+	for (i = 0; grp->gr_mem[i] != NULL; i++) {
+	    if (strcmp(name, grp->gr_mem[i]) == 0)
+		break;
+	}
+	if (grp->gr_mem[i] == NULL)
+	    continue; /* user not found */
+
+	/* Only add if it is not the same as an existing gid */
+	for (i = 0; i < ngroups; i++) {
+	    if (grp->gr_gid == groups[i])
+		break;
+	}
+	if (i == ngroups) {
+	    if (ngroups == grpsize) {
+		GETGROUPS_T *tmp;
+
+		if (*groupsp != NULL) {
+		    /* Static group vector. */
+		    goto done;
+		}
+		tmp = reallocarray(groups, grpsize, 2 * sizeof(*groups));
+		if (tmp == NULL) {
+		    free(groups);
+		    groups = NULL;
+		    ngroups = 0;
+		    goto done;
+		}
+		groups = tmp;
+		grpsize <<= 1;
+	    }
+	    groups[ngroups++] = grp->gr_gid;
+	}
+    }
+    ret = 0;
+
+done:
+    endgrent();
+    *groupsp = groups;
+    *ngroupsp = ngroups;
+
+    return ret;
+}
diff --git a/plugins/sudoers/tsgetgrpw.h b/plugins/sudoers/tsgetgrpw.h
new file mode 100644
index 0000000..c0e008c
--- /dev/null
+++ b/plugins/sudoers/tsgetgrpw.h
@@ -0,0 +1,72 @@
+/*
+ * Copyright (c) 2010 Todd C. Miller <Todd.Miller@sudo.ws>
+ *
+ * Permission to use, copy, modify, and distribute this software for any
+ * purpose with or without fee is hereby granted, provided that the above
+ * copyright notice and this permission notice appear in all copies.
+ *
+ * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
+ * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
+ * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
+ * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
+ * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
+ * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
+ * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
+ */
+
+/*
+ * Trivial replacements for the libc get{gr,pw}{uid,nam}() routines
+ * for use by testsudoers in the sudo test harness.
+ * We need our own since many platforms don't provide set{pw,gr}file().
+ */
+
+#include <config.h>
+
+/*
+ * Define away the system prototypes so we don't have any conflicts.
+ */
+
+#define setgrfile	sys_setgrfile
+#define setgrent	sys_setgrent
+#define endgrent	sys_endgrent
+#define getgrent	sys_getgrent
+#define getgrnam	sys_getgrnam
+#define getgrgid	sys_getgrgid
+
+#define setpwfile	sys_setpwfile
+#define setpwent	sys_setpwent
+#define endpwent	sys_endpwent
+#define getpwent	sys_getpwent
+#define getpwnam	sys_getpwnam
+#define getpwuid	sys_getpwuid
+
+#include <pwd.h>
+#include <grp.h>
+
+#undef setgrfile
+#undef setgrent
+#undef endgrent
+#undef getgrent
+#undef getgrnam
+#undef getgrgid
+
+void setgrfile(const char *);
+void setgrent(void);
+void endgrent(void);
+struct group *getgrent(void);
+struct group *getgrnam(const char *);
+struct group *getgrgid(gid_t);
+
+#undef setpwfile
+#undef setpwent
+#undef endpwent
+#undef getpwent
+#undef getpwnam
+#undef getpwuid
+
+void setpwfile(const char *);
+void setpwent(void);
+void endpwent(void);
+struct passwd *getpwent(void);
+struct passwd *getpwnam(const char *);
+struct passwd *getpwuid(uid_t);
diff --git a/plugins/sudoers/visudo.c b/plugins/sudoers/visudo.c
new file mode 100644
index 0000000..50dda59
--- /dev/null
+++ b/plugins/sudoers/visudo.c
@@ -0,0 +1,1300 @@
+/*
+ * Copyright (c) 1996, 1998-2005, 2007-2018
+ *	Todd C. Miller <Todd.Miller@sudo.ws>
+ *
+ * Permission to use, copy, modify, and distribute this software for any
+ * purpose with or without fee is hereby granted, provided that the above
+ * copyright notice and this permission notice appear in all copies.
+ *
+ * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
+ * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
+ * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
+ * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
+ * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
+ * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
+ * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
+ *
+ * Sponsored in part by the Defense Advanced Research Projects
+ * Agency (DARPA) and Air Force Research Laboratory, Air Force
+ * Materiel Command, USAF, under agreement number F39502-99-1-0512.
+ */
+
+/*
+ * This is an open source non-commercial project. Dear PVS-Studio, please check it.
+ * PVS-Studio Static Code Analyzer for C, C++ and C#: http://www.viva64.com
+ */
+
+/*
+ * Lock the sudoers file for safe editing (ala vipw) and check for parse errors.
+ */
+
+#ifdef __TANDEM
+# include <floss.h>
+#endif
+
+#include <config.h>
+
+#include <sys/types.h>
+#include <sys/stat.h>
+#include <sys/socket.h>
+#include <sys/uio.h>
+#ifndef __TANDEM
+# include <sys/file.h>
+#endif
+#include <sys/wait.h>
+#include <stdio.h>
+#include <stdlib.h>
+#ifdef HAVE_STRING_H
+# include <string.h>
+#endif /* HAVE_STRING_H */
+#ifdef HAVE_STRINGS_H
+# include <strings.h>
+#endif /* HAVE_STRINGS_H */
+#include <unistd.h>
+#include <stdarg.h>
+#include <ctype.h>
+#include <pwd.h>
+#include <grp.h>
+#include <signal.h>
+#include <errno.h>
+#include <fcntl.h>
+#include <time.h>
+#include <netinet/in.h>
+#include <arpa/inet.h>
+
+#include "sudoers.h"
+#include "interfaces.h"
+#include "redblack.h"
+#include "sudoers_version.h"
+#include "sudo_conf.h"
+#include <gram.h>
+
+#ifdef HAVE_GETOPT_LONG
+# include <getopt.h>
+# else
+# include "compat/getopt.h"
+#endif /* HAVE_GETOPT_LONG */
+
+struct sudoersfile {
+    TAILQ_ENTRY(sudoersfile) entries;
+    char *path;
+    char *tpath;
+    bool modified;
+    bool doedit;
+    int fd;
+};
+TAILQ_HEAD(sudoersfile_list, sudoersfile);
+
+/*
+ * Function prototypes
+ */
+static void quit(int);
+static int whatnow(void);
+static int check_aliases(bool strict, bool quiet);
+static char *get_editor(int *editor_argc, char ***editor_argv);
+static bool check_syntax(const char *, bool, bool, bool);
+static bool edit_sudoers(struct sudoersfile *, char *, int, char **, int);
+static bool install_sudoers(struct sudoersfile *, bool);
+static int print_unused(struct sudoers_parse_tree *, struct alias *, void *);
+static bool reparse_sudoers(char *, int, char **, bool, bool);
+static int run_command(char *, char **);
+static void parse_sudoers_options(void);
+static void setup_signals(void);
+static void help(void) __attribute__((__noreturn__));
+static void usage(int);
+static void visudo_cleanup(void);
+
+extern void get_hostname(void);
+extern void sudoersrestart(FILE *);
+
+/*
+ * Globals
+ */
+struct sudo_user sudo_user;
+struct passwd *list_pw;
+static struct sudoersfile_list sudoerslist = TAILQ_HEAD_INITIALIZER(sudoerslist);
+static bool checkonly;
+static const char short_opts[] =  "cf:hqsVx:";
+static struct option long_opts[] = {
+    { "check",		no_argument,		NULL,	'c' },
+    { "export",		required_argument,	NULL,	'x' },
+    { "file",		required_argument,	NULL,	'f' },
+    { "help",		no_argument,		NULL,	'h' },
+    { "quiet",		no_argument,		NULL,	'q' },
+    { "strict",		no_argument,		NULL,	's' },
+    { "version",	no_argument,		NULL,	'V' },
+    { NULL,		no_argument,		NULL,	'\0' },
+};
+
+__dso_public int main(int argc, char *argv[]);
+
+int
+main(int argc, char *argv[])
+{
+    struct sudoersfile *sp;
+    char *editor, **editor_argv;
+    const char *export_path = NULL;
+    int ch, oldlocale, editor_argc, exitcode = 0;
+    bool quiet, strict, fflag;
+    debug_decl(main, SUDOERS_DEBUG_MAIN)
+
+#if defined(SUDO_DEVEL) && defined(__OpenBSD__)
+    {
+	extern char *malloc_options;
+	malloc_options = "S";
+    }
+#endif
+
+    initprogname(argc > 0 ? argv[0] : "visudo");
+    if (!sudoers_initlocale(setlocale(LC_ALL, ""), def_sudoers_locale))
+	sudo_fatalx(U_("%s: %s"), __func__, U_("unable to allocate memory"));
+    sudo_warn_set_locale_func(sudoers_warn_setlocale);
+    bindtextdomain("sudoers", LOCALEDIR); /* XXX - should have visudo domain */
+    textdomain("sudoers");
+
+    if (argc < 1)
+	usage(1);
+
+    /* Register fatal/fatalx callback. */
+    sudo_fatal_callback_register(visudo_cleanup);
+
+    /* Set sudoers locale callback. */
+    sudo_defs_table[I_SUDOERS_LOCALE].callback = sudoers_locale_callback;
+
+    /* Read debug and plugin sections of sudo.conf. */
+    if (sudo_conf_read(NULL, SUDO_CONF_DEBUG|SUDO_CONF_PLUGINS) == -1)
+	exit(EXIT_FAILURE);
+
+    /* Initialize the debug subsystem. */
+    if (!sudoers_debug_register(getprogname(), sudo_conf_debug_files(getprogname())))
+	exit(EXIT_FAILURE);
+
+    /* Parse sudoers plugin options, if any. */
+    parse_sudoers_options();
+
+    /*
+     * Arg handling.
+     */
+    checkonly = fflag = quiet = strict = false;
+    while ((ch = getopt_long(argc, argv, short_opts, long_opts, NULL)) != -1) {
+	switch (ch) {
+	    case 'V':
+		(void) printf(_("%s version %s\n"), getprogname(),
+		    PACKAGE_VERSION);
+		(void) printf(_("%s grammar version %d\n"), getprogname(),
+		    SUDOERS_GRAMMAR_VERSION);
+		goto done;
+	    case 'c':
+		checkonly = true;	/* check mode */
+		break;
+	    case 'f':
+		sudoers_file = optarg;	/* sudoers file path */
+		fflag = true;
+		break;
+	    case 'h':
+		help();
+		break;
+	    case 's':
+		strict = true;		/* strict mode */
+		break;
+	    case 'q':
+		quiet = true;		/* quiet mode */
+		break;
+	    case 'x':
+		export_path = optarg;
+		break;
+	    default:
+		usage(1);
+	}
+    }
+    argc -= optind;
+    argv += optind;
+
+    /* Check for optional sudoers file argument. */
+    switch (argc) {
+    case 0:
+	break;
+    case 1:
+	/* Only accept sudoers file if no -f was specified. */
+	if (!fflag) {
+	    sudoers_file = *argv;
+	    fflag = true;
+	}
+	break;
+    default:
+	usage(1);
+    }
+
+    if (export_path != NULL) {
+	/* Backwards compatibility for the time being. */
+	sudo_warnx(U_("the -x option will be removed in a future release"));
+	sudo_warnx(U_("please consider using the cvtsudoers utility instead"));
+	execlp("cvtsudoers", "cvtsudoers", "-f", "json", "-o", export_path,
+	    sudoers_file, (char *)0);
+	sudo_fatal(U_("unable to execute %s"), "cvtsudoers");
+    }
+
+    /* Mock up a fake sudo_user struct. */
+    user_cmnd = user_base = "";
+    if (geteuid() == 0) {
+	const char *user = getenv("SUDO_USER");
+	if (user != NULL && *user != '\0')
+	    sudo_user.pw = sudo_getpwnam(user);
+    }
+    if (sudo_user.pw == NULL) {
+	if ((sudo_user.pw = sudo_getpwuid(getuid())) == NULL)
+	    sudo_fatalx(U_("you do not exist in the %s database"), "passwd");
+    }
+    get_hostname();
+
+    /* Setup defaults data structures. */
+    if (!init_defaults())
+	sudo_fatalx(U_("unable to initialize sudoers default values"));
+
+    if (checkonly) {
+	exitcode = check_syntax(sudoers_file, quiet, strict, fflag) ? 0 : 1;
+	goto done;
+    }
+
+    /*
+     * Parse the existing sudoers file(s) to highlight any existing
+     * errors and to pull in editor and env_editor conf values.
+     */
+    if ((sudoersin = open_sudoers(sudoers_file, true, NULL)) == NULL)
+	exit(1);
+    init_parser(sudoers_file, quiet);
+    sudoers_setlocale(SUDOERS_LOCALE_SUDOERS, &oldlocale);
+    (void) sudoersparse();
+    (void) update_defaults(&parsed_policy, NULL,
+	SETDEF_GENERIC|SETDEF_HOST|SETDEF_USER, quiet);
+    sudoers_setlocale(oldlocale, NULL);
+
+    editor = get_editor(&editor_argc, &editor_argv);
+
+    /* Install signal handlers to clean up temp files if we are killed. */
+    setup_signals();
+
+    /* Edit the sudoers file(s) */
+    TAILQ_FOREACH(sp, &sudoerslist, entries) {
+	if (!sp->doedit)
+	    continue;
+	if (sp != TAILQ_FIRST(&sudoerslist)) {
+	    printf(_("press return to edit %s: "), sp->path);
+	    while ((ch = getchar()) != EOF && ch != '\n')
+		    continue;
+	}
+	edit_sudoers(sp, editor, editor_argc, editor_argv, -1);
+    }
+
+    /*
+     * Check edited files for a parse error, re-edit any that fail
+     * and install the edited files as needed.
+     */
+    if (reparse_sudoers(editor, editor_argc, editor_argv, strict, quiet)) {
+	TAILQ_FOREACH(sp, &sudoerslist, entries) {
+	    (void) install_sudoers(sp, fflag);
+	}
+    }
+    free(editor);
+
+done:
+    sudo_debug_exit_int(__func__, __FILE__, __LINE__, sudo_debug_subsys, exitcode);
+    exit(exitcode);
+}
+
+static char *
+get_editor(int *editor_argc, char ***editor_argv)
+{
+    char *editor_path = NULL, **whitelist = NULL;
+    const char *env_editor;
+    static char *files[] = { "+1", "sudoers" };
+    unsigned int whitelist_len = 0;
+    debug_decl(get_editor, SUDOERS_DEBUG_UTIL)
+
+    /* Build up editor whitelist from def_editor unless env_editor is set. */
+    if (!def_env_editor) {
+	const char *cp, *ep;
+	const char *def_editor_end = def_editor + strlen(def_editor);
+
+	/* Count number of entries in whitelist and split into a list. */
+	for (cp = sudo_strsplit(def_editor, def_editor_end, ":", &ep);
+	    cp != NULL; cp = sudo_strsplit(NULL, def_editor_end, ":", &ep)) {
+	    whitelist_len++;
+	}
+	whitelist = reallocarray(NULL, whitelist_len + 1, sizeof(char *));
+	if (whitelist == NULL)
+	    sudo_fatalx(U_("%s: %s"), __func__, U_("unable to allocate memory"));
+	whitelist_len = 0;
+	for (cp = sudo_strsplit(def_editor, def_editor_end, ":", &ep);
+	    cp != NULL; cp = sudo_strsplit(NULL, def_editor_end, ":", &ep)) {
+	    whitelist[whitelist_len] = strndup(cp, (size_t)(ep - cp));
+	    if (whitelist[whitelist_len] == NULL)
+		sudo_fatalx(U_("%s: %s"), __func__, U_("unable to allocate memory"));
+	    whitelist_len++;
+	}
+	whitelist[whitelist_len] = NULL;
+    }
+
+    editor_path = find_editor(2, files, editor_argc, editor_argv, whitelist,
+	&env_editor, true);
+    if (editor_path == NULL) {
+	if (def_env_editor && env_editor != NULL) {
+	    /* We are honoring $EDITOR so this is a fatal error. */
+	    sudo_fatalx(U_("specified editor (%s) doesn't exist"), env_editor);
+	}
+	sudo_fatalx(U_("no editor found (editor path = %s)"), def_editor);
+    }
+
+    if (whitelist != NULL) {
+	while (whitelist_len--)
+	    free(whitelist[whitelist_len]);
+	free(whitelist);
+    }
+
+    debug_return_str(editor_path);
+}
+
+/*
+ * List of editors that support the "+lineno" command line syntax.
+ * If an entry starts with '*' the tail end of the string is matched.
+ * No other wild cards are supported.
+ */
+static char *lineno_editors[] = {
+    "ex",
+    "nex",
+    "vi",
+    "nvi",
+    "vim",
+    "elvis",
+    "*macs",
+    "mg",
+    "vile",
+    "jove",
+    "pico",
+    "nano",
+    "ee",
+    "joe",
+    "zile",
+    NULL
+};
+
+/*
+ * Check whether or not the specified editor matched lineno_editors[].
+ * Returns true if yes, false if no.
+ */
+static bool
+editor_supports_plus(const char *editor)
+{
+    const char *editor_base = strrchr(editor, '/');
+    const char *cp;
+    char **av;
+    debug_decl(editor_supports_plus, SUDOERS_DEBUG_UTIL)
+
+    if (editor_base != NULL)
+	editor_base++;
+    else
+	editor_base = editor;
+    if (*editor_base == 'r')
+	editor_base++;
+
+    for (av = lineno_editors; (cp = *av) != NULL; av++) {
+	/* We only handle a leading '*' wildcard. */
+	if (*cp == '*') {
+	    size_t blen = strlen(editor_base);
+	    size_t clen = strlen(++cp);
+	    if (blen >= clen) {
+		if (strcmp(cp, editor_base + blen - clen) == 0)
+		    break;
+	    }
+	} else if (strcmp(cp, editor_base) == 0)
+	    break;
+    }
+    debug_return_bool(cp != NULL);
+}
+
+/*
+ * Edit each sudoers file.
+ * Returns true on success, else false.
+ */
+static bool
+edit_sudoers(struct sudoersfile *sp, char *editor, int editor_argc,
+    char **editor_argv, int lineno)
+{
+    int tfd;				/* sudoers temp file descriptor */
+    bool modified;			/* was the file modified? */
+    int ac;				/* argument count */
+    char linestr[64];			/* string version of lineno */
+    struct timespec ts, times[2];	/* time before and after edit */
+    struct timespec orig_mtim;		/* starting mtime of sudoers file */
+    off_t orig_size;			/* starting size of sudoers file */
+    struct stat sb;			/* stat buffer */
+    bool ret = false;			/* return value */
+    debug_decl(edit_sudoers, SUDOERS_DEBUG_UTIL)
+
+    if (fstat(sp->fd, &sb) == -1)
+	sudo_fatal(U_("unable to stat %s"), sp->path);
+    orig_size = sb.st_size;
+    mtim_get(&sb, orig_mtim);
+
+    /* Create the temp file if needed and set timestamp. */
+    if (sp->tpath == NULL) {
+	if (asprintf(&sp->tpath, "%s.tmp", sp->path) == -1)
+	    sudo_fatalx(U_("%s: %s"), __func__, U_("unable to allocate memory"));
+	tfd = open(sp->tpath, O_WRONLY|O_CREAT|O_TRUNC, S_IRWXU|S_IRUSR);
+	if (tfd < 0)
+	    sudo_fatal("%s", sp->tpath);
+
+	/* Copy sp->path -> sp->tpath and reset the mtime. */
+	if (orig_size != 0) {
+	    char buf[4096], lastch = '\0';
+	    ssize_t nread;
+
+	    (void) lseek(sp->fd, (off_t)0, SEEK_SET);
+	    while ((nread = read(sp->fd, buf, sizeof(buf))) > 0) {
+		if (write(tfd, buf, nread) != nread)
+		    sudo_fatal(U_("write error"));
+		lastch = buf[nread - 1];
+	    }
+
+	    /* Add missing newline at EOF if needed. */
+	    if (lastch != '\n') {
+		lastch = '\n';
+		if (write(tfd, &lastch, 1) != 1)
+		    sudo_fatal(U_("write error"));
+	    }
+	}
+	(void) close(tfd);
+    }
+    times[0].tv_sec = times[1].tv_sec = orig_mtim.tv_sec;
+    times[0].tv_nsec = times[1].tv_nsec = orig_mtim.tv_nsec;
+    (void) utimensat(AT_FDCWD, sp->tpath, times, 0);
+
+    /* Disable +lineno if editor doesn't support it. */
+    if (lineno > 0 && !editor_supports_plus(editor))
+	lineno = -1;
+
+    /*
+     * The last 3 slots in the editor argv are: "-- +1 sudoers"
+     * Replace those placeholders with the real values.
+     */
+    ac = editor_argc - 3;
+    if (lineno > 0) {
+	(void)snprintf(linestr, sizeof(linestr), "+%d", lineno);
+	editor_argv[ac++] = linestr;
+    }
+    editor_argv[ac++] = "--";
+    editor_argv[ac++] = sp->tpath;
+    editor_argv[ac++] = NULL;
+
+    /*
+     * Do the edit:
+     *  We cannot check the editor's exit value against 0 since
+     *  XPG4 specifies that vi's exit value is a function of the
+     *  number of errors during editing (?!?!).
+     */
+    if (sudo_gettime_real(&times[0]) == -1) {
+	sudo_warn(U_("unable to read the clock"));
+	goto done;
+    }
+
+    if (run_command(editor, editor_argv) != -1) {
+	if (sudo_gettime_real(&times[1]) == -1) {
+	    sudo_warn(U_("unable to read the clock"));
+	    goto done;
+	}
+	/*
+	 * Sanity checks.
+	 */
+	if (stat(sp->tpath, &sb) < 0) {
+	    sudo_warnx(U_("unable to stat temporary file (%s), %s unchanged"),
+		sp->tpath, sp->path);
+	    goto done;
+	}
+	if (sb.st_size == 0 && orig_size != 0) {
+	    /* Avoid accidental zeroing of main sudoers file. */
+	    if (sp == TAILQ_FIRST(&sudoerslist)) {
+		sudo_warnx(U_("zero length temporary file (%s), %s unchanged"),
+		    sp->tpath, sp->path);
+		goto done;
+	    }
+	}
+    } else {
+	sudo_warnx(U_("editor (%s) failed, %s unchanged"), editor, sp->path);
+	goto done;
+    }
+
+    /* Set modified bit if the user changed the file. */
+    modified = true;
+    mtim_get(&sb, ts);
+    if (orig_size == sb.st_size && sudo_timespeccmp(&orig_mtim, &ts, ==)) {
+	/*
+	 * If mtime and size match but the user spent no measurable
+	 * time in the editor we can't tell if the file was changed.
+	 */
+	if (sudo_timespeccmp(&times[0], &times[1], !=))
+	    modified = false;
+    }
+
+    /*
+     * If modified in this edit session, mark as modified.
+     */
+    if (modified)
+	sp->modified = modified;
+    else
+	sudo_warnx(U_("%s unchanged"), sp->tpath);
+
+    ret = true;
+done:
+    debug_return_bool(ret);
+}
+
+/*
+ * Check Defaults and Alias entries.
+ * Sets parse_error on error and errorfile/errorlineno if possible.
+ */
+static void
+check_defaults_and_aliases(bool strict, bool quiet)
+{
+    debug_decl(check_defaults_and_aliases, SUDOERS_DEBUG_UTIL)
+
+    if (!check_defaults(&parsed_policy, quiet)) {
+	struct defaults *d;
+	rcstr_delref(errorfile);
+	errorfile = NULL;
+	errorlineno = -1;
+	/* XXX - should edit all files with errors */
+	TAILQ_FOREACH(d, &parsed_policy.defaults, entries) {
+	    if (d->error) {
+		/* Defaults parse error, set errorfile/errorlineno. */
+		errorfile = rcstr_addref(d->file);
+		errorlineno = d->lineno;
+		break;
+	    }
+	}
+	parse_error = true;
+    } else if (check_aliases(strict, quiet) != 0) {
+	rcstr_delref(errorfile);
+	errorfile = NULL;	/* don't know which file */
+	errorlineno = -1;
+	parse_error = true;
+    }
+    debug_return;
+}
+
+/*
+ * Parse sudoers after editing and re-edit any ones that caused a parse error.
+ */
+static bool
+reparse_sudoers(char *editor, int editor_argc, char **editor_argv,
+    bool strict, bool quiet)
+{
+    struct sudoersfile *sp, *last;
+    FILE *fp;
+    int ch, oldlocale;
+    debug_decl(reparse_sudoers, SUDOERS_DEBUG_UTIL)
+
+    /*
+     * Parse the edited sudoers files and do sanity checking
+     */
+    while ((sp = TAILQ_FIRST(&sudoerslist)) != NULL) {
+	last = TAILQ_LAST(&sudoerslist, sudoersfile_list);
+	fp = fopen(sp->tpath, "r+");
+	if (fp == NULL)
+	    sudo_fatalx(U_("unable to re-open temporary file (%s), %s unchanged."),
+		sp->tpath, sp->path);
+
+	/* Clean slate for each parse */
+	if (!init_defaults())
+	    sudo_fatalx(U_("unable to initialize sudoers default values"));
+	init_parser(sp->path, quiet);
+
+	/* Parse the sudoers temp file(s) */
+	sudoersrestart(fp);
+	sudoers_setlocale(SUDOERS_LOCALE_SUDOERS, &oldlocale);
+	if (sudoersparse() && !parse_error) {
+	    sudo_warnx(U_("unabled to parse temporary file (%s), unknown error"),
+		sp->tpath);
+	    parse_error = true;
+	    rcstr_delref(errorfile);
+	    if ((errorfile = rcstr_dup(sp->path)) == NULL)
+		sudo_fatalx(U_("%s: %s"), __func__, U_("unable to allocate memory"));
+	}
+	fclose(sudoersin);
+	if (!parse_error) {
+	    (void) update_defaults(&parsed_policy, NULL,
+		SETDEF_GENERIC|SETDEF_HOST|SETDEF_USER, true);
+	    check_defaults_and_aliases(strict, quiet);
+	}
+	sudoers_setlocale(oldlocale, NULL);
+
+	/*
+	 * Got an error, prompt the user for what to do now.
+	 */
+	if (parse_error) {
+	    switch (whatnow()) {
+	    case 'Q':
+		parse_error = false;	/* ignore parse error */
+		break;
+	    case 'x':
+		visudo_cleanup();	/* discard changes */
+		debug_return_bool(false);
+	    case 'e':
+	    default:
+		/* Edit file with the parse error */
+		TAILQ_FOREACH(sp, &sudoerslist, entries) {
+		    if (errorfile == NULL || strcmp(sp->path, errorfile) == 0) {
+			edit_sudoers(sp, editor, editor_argc, editor_argv,
+			    errorlineno);
+			if (errorfile != NULL)
+			    break;
+		    }
+		}
+		if (errorfile != NULL && sp == NULL) {
+		    sudo_fatalx(U_("internal error, unable to find %s in list!"),
+			sudoers);
+		}
+		break;
+	    }
+	}
+
+	/* If any new #include directives were added, edit them too. */
+	if ((sp = TAILQ_NEXT(last, entries)) != NULL) {
+	    bool modified = false;
+	    do {
+		printf(_("press return to edit %s: "), sp->path);
+		while ((ch = getchar()) != EOF && ch != '\n')
+			continue;
+		edit_sudoers(sp, editor, editor_argc, editor_argv, -1);
+		if (sp->modified)
+		    modified = true;
+	    } while ((sp = TAILQ_NEXT(sp, entries)) != NULL);
+
+	    /* Reparse sudoers if newly added includes were modified. */
+	    if (modified)
+		continue;
+	}
+
+	/* If all sudoers files parsed OK we are done. */
+	if (!parse_error)
+	    break;
+    }
+
+    debug_return_bool(true);
+}
+
+/*
+ * Set the owner and mode on a sudoers temp file and
+ * move it into place.  Returns true on success, else false.
+ */
+static bool
+install_sudoers(struct sudoersfile *sp, bool oldperms)
+{
+    struct stat sb;
+    bool ret = false;
+    debug_decl(install_sudoers, SUDOERS_DEBUG_UTIL)
+
+    if (sp->tpath == NULL)
+	goto done;
+
+    if (!sp->modified) {
+	/*
+	 * No changes but fix owner/mode if needed.
+	 */
+	(void) unlink(sp->tpath);
+	if (!oldperms && fstat(sp->fd, &sb) != -1) {
+	    if (sb.st_uid != sudoers_uid || sb.st_gid != sudoers_gid) {
+		if (chown(sp->path, sudoers_uid, sudoers_gid) != 0) {
+		    sudo_debug_printf(SUDO_DEBUG_ERROR|SUDO_DEBUG_ERRNO,
+			"%s: unable to chown %d:%d %s", __func__,
+			(int)sudoers_uid, (int)sudoers_gid, sp->path);
+		}
+	    }
+	    if ((sb.st_mode & ACCESSPERMS) != sudoers_mode) {
+		if (chmod(sp->path, sudoers_mode) != 0) {
+		    sudo_debug_printf(SUDO_DEBUG_ERROR|SUDO_DEBUG_ERRNO,
+			"%s: unable to chmod 0%o %s", __func__,
+			(int)sudoers_mode, sp->path);
+		}
+	    }
+	}
+	ret = true;
+	goto done;
+    }
+
+    /*
+     * Change mode and ownership of temp file so when
+     * we move it to sp->path things are kosher.
+     */
+    if (oldperms) {
+	/* Use perms of the existing file.  */
+	if (fstat(sp->fd, &sb) == -1)
+	    sudo_fatal(U_("unable to stat %s"), sp->path);
+	if (chown(sp->tpath, sb.st_uid, sb.st_gid) != 0) {
+	    sudo_warn(U_("unable to set (uid, gid) of %s to (%u, %u)"),
+		sp->tpath, (unsigned int)sb.st_uid, (unsigned int)sb.st_gid);
+	}
+	if (chmod(sp->tpath, sb.st_mode & ACCESSPERMS) != 0) {
+	    sudo_warn(U_("unable to change mode of %s to 0%o"), sp->tpath,
+		(unsigned int)(sb.st_mode & ACCESSPERMS));
+	}
+    } else {
+	if (chown(sp->tpath, sudoers_uid, sudoers_gid) != 0) {
+	    sudo_warn(U_("unable to set (uid, gid) of %s to (%u, %u)"),
+		sp->tpath, (unsigned int)sudoers_uid,
+		(unsigned int)sudoers_gid);
+	    goto done;
+	}
+	if (chmod(sp->tpath, sudoers_mode) != 0) {
+	    sudo_warn(U_("unable to change mode of %s to 0%o"), sp->tpath,
+		(unsigned int)sudoers_mode);
+	    goto done;
+	}
+    }
+
+    /*
+     * Now that sp->tpath is sane (parses ok) it needs to be
+     * rename(2)'d to sp->path.  If the rename(2) fails we try using
+     * mv(1) in case sp->tpath and sp->path are on different file systems.
+     */
+    if (rename(sp->tpath, sp->path) == 0) {
+	free(sp->tpath);
+	sp->tpath = NULL;
+    } else {
+	if (errno == EXDEV) {
+	    char *av[4];
+	    sudo_warnx(U_("%s and %s not on the same file system, using mv to rename"),
+	      sp->tpath, sp->path);
+
+	    /* Build up argument vector for the command */
+	    if ((av[0] = strrchr(_PATH_MV, '/')) != NULL)
+		av[0]++;
+	    else
+		av[0] = _PATH_MV;
+	    av[1] = sp->tpath;
+	    av[2] = sp->path;
+	    av[3] = NULL;
+
+	    /* And run it... */
+	    if (run_command(_PATH_MV, av)) {
+		sudo_warnx(U_("command failed: '%s %s %s', %s unchanged"),
+		    _PATH_MV, sp->tpath, sp->path, sp->path);
+		(void) unlink(sp->tpath);
+		free(sp->tpath);
+		sp->tpath = NULL;
+		goto done;
+	    }
+	    free(sp->tpath);
+	    sp->tpath = NULL;
+	} else {
+	    sudo_warn(U_("error renaming %s, %s unchanged"), sp->tpath, sp->path);
+	    (void) unlink(sp->tpath);
+	    goto done;
+	}
+    }
+    ret = true;
+done:
+    debug_return_bool(ret);
+}
+
+/*
+ * Assuming a parse error occurred, prompt the user for what they want
+ * to do now.  Returns the first letter of their choice.
+ */
+static int
+whatnow(void)
+{
+    int choice, c;
+    debug_decl(whatnow, SUDOERS_DEBUG_UTIL)
+
+    for (;;) {
+	(void) fputs(_("What now? "), stdout);
+	choice = getchar();
+	for (c = choice; c != '\n' && c != EOF;)
+	    c = getchar();
+
+	switch (choice) {
+	    case EOF:
+		choice = 'x';
+		/* FALLTHROUGH */
+	    case 'e':
+	    case 'x':
+	    case 'Q':
+		debug_return_int(choice);
+	    default:
+		(void) puts(_("Options are:\n"
+		    "  (e)dit sudoers file again\n"
+		    "  e(x)it without saving changes to sudoers file\n"
+		    "  (Q)uit and save changes to sudoers file (DANGER!)\n"));
+	}
+    }
+}
+
+/*
+ * Install signal handlers for visudo.
+ */
+static void
+setup_signals(void)
+{
+    struct sigaction sa;
+    debug_decl(setup_signals, SUDOERS_DEBUG_UTIL)
+
+    /*
+     * Setup signal handlers to cleanup nicely.
+     */
+    memset(&sa, 0, sizeof(sa));
+    sigemptyset(&sa.sa_mask);
+    sa.sa_flags = SA_RESTART;
+    sa.sa_handler = quit;
+    (void) sigaction(SIGTERM, &sa, NULL);
+    (void) sigaction(SIGHUP, &sa, NULL);
+    (void) sigaction(SIGINT, &sa, NULL);
+    (void) sigaction(SIGQUIT, &sa, NULL);
+
+    debug_return;
+}
+
+static int
+run_command(char *path, char **argv)
+{
+    int status;
+    pid_t pid, rv;
+    debug_decl(run_command, SUDOERS_DEBUG_UTIL)
+
+    switch (pid = sudo_debug_fork()) {
+	case -1:
+	    sudo_fatal(U_("unable to execute %s"), path);
+	    break;	/* NOTREACHED */
+	case 0:
+	    closefrom(STDERR_FILENO + 1);
+	    execv(path, argv);
+	    sudo_warn(U_("unable to run %s"), path);
+	    _exit(127);
+	    break;	/* NOTREACHED */
+    }
+
+    for (;;) {
+	rv = waitpid(pid, &status, 0);
+	if (rv == -1 && errno != EINTR)
+	    break;
+	if (rv != -1 && !WIFSTOPPED(status))
+	    break;
+    }
+
+    if (rv != -1)
+	rv = WIFEXITED(status) ? WEXITSTATUS(status) : -1;
+    debug_return_int(rv);
+}
+
+static bool
+check_owner(const char *path, bool quiet)
+{
+    struct stat sb;
+    bool ok = true;
+    debug_decl(check_owner, SUDOERS_DEBUG_UTIL)
+
+    if (stat(path, &sb) == 0) {
+	if (sb.st_uid != sudoers_uid || sb.st_gid != sudoers_gid) {
+	    ok = false;
+	    if (!quiet) {
+		fprintf(stderr,
+		    _("%s: wrong owner (uid, gid) should be (%u, %u)\n"),
+		    path, (unsigned int)sudoers_uid, (unsigned int)sudoers_gid);
+		}
+	}
+	if ((sb.st_mode & ALLPERMS) != sudoers_mode) {
+	    ok = false;
+	    if (!quiet) {
+		fprintf(stderr, _("%s: bad permissions, should be mode 0%o\n"),
+		    path, (unsigned int)sudoers_mode);
+	    }
+	}
+    }
+    debug_return_bool(ok);
+}
+
+static bool
+check_syntax(const char *sudoers_file, bool quiet, bool strict, bool oldperms)
+{
+    bool ok = false;
+    int oldlocale;
+    debug_decl(check_syntax, SUDOERS_DEBUG_UTIL)
+
+    if (strcmp(sudoers_file, "-") == 0) {
+	sudoersin = stdin;
+	sudoers_file = "stdin";
+    } else if ((sudoersin = fopen(sudoers_file, "r")) == NULL) {
+	if (!quiet)
+	    sudo_warn(U_("unable to open %s"), sudoers_file);
+	goto done;
+    }
+    if (!init_defaults())
+	sudo_fatalx(U_("unable to initialize sudoers default values"));
+    init_parser(sudoers_file, quiet);
+    sudoers_setlocale(SUDOERS_LOCALE_SUDOERS, &oldlocale);
+    if (sudoersparse() && !parse_error) {
+	if (!quiet)
+	    sudo_warnx(U_("failed to parse %s file, unknown error"), sudoers_file);
+	parse_error = true;
+	rcstr_delref(errorfile);
+	if ((errorfile = rcstr_dup(sudoers_file)) == NULL)
+	    sudo_fatalx(U_("%s: %s"), __func__, U_("unable to allocate memory"));
+    }
+    if (!parse_error) {
+	(void) update_defaults(&parsed_policy, NULL,
+	    SETDEF_GENERIC|SETDEF_HOST|SETDEF_USER, true);
+	check_defaults_and_aliases(strict, quiet);
+    }
+    sudoers_setlocale(oldlocale, NULL);
+    ok = !parse_error;
+
+    if (parse_error) {
+	if (!quiet) {
+	    if (errorlineno != -1)
+		(void) printf(_("parse error in %s near line %d\n"),
+		    errorfile, errorlineno);
+	    else if (errorfile != NULL)
+		(void) printf(_("parse error in %s\n"), errorfile);
+	}
+    } else {
+	struct sudoersfile *sp;
+
+	/* Parsed OK, check mode and owner. */
+	if (oldperms || check_owner(sudoers_file, quiet)) {
+	    if (!quiet)
+		(void) printf(_("%s: parsed OK\n"), sudoers_file);
+	} else {
+	    ok = false;
+	}
+	TAILQ_FOREACH(sp, &sudoerslist, entries) {
+	    if (oldperms || check_owner(sp->path, quiet)) {
+		if (!quiet)
+		    (void) printf(_("%s: parsed OK\n"), sp->path);
+	    } else {
+		ok = false;
+	    }
+	}
+    }
+
+done:
+    debug_return_bool(ok);
+}
+
+static bool
+lock_sudoers(struct sudoersfile *entry)
+{
+    int ch;
+    debug_decl(lock_sudoers, SUDOERS_DEBUG_UTIL)
+
+    if (!sudo_lock_file(entry->fd, SUDO_TLOCK)) {
+	if (errno == EAGAIN || errno == EWOULDBLOCK) {
+	    sudo_warnx(U_("%s busy, try again later"), entry->path);
+	    debug_return_bool(false);
+	}
+	sudo_warn(U_("unable to lock %s"), entry->path);
+	(void) fputs(_("Edit anyway? [y/N]"), stdout);
+	ch = getchar();
+	if (tolower(ch) != 'y')
+	    debug_return_bool(false);
+    }
+    debug_return_bool(true);
+}
+
+/*
+ * Used to open (and lock) the initial sudoers file and to also open
+ * any subsequent files #included via a callback from the parser.
+ */
+FILE *
+open_sudoers(const char *path, bool doedit, bool *keepopen)
+{
+    struct sudoersfile *entry;
+    FILE *fp;
+    int open_flags;
+    debug_decl(open_sudoers, SUDOERS_DEBUG_UTIL)
+
+    if (checkonly)
+	open_flags = O_RDONLY;
+    else
+	open_flags = O_RDWR | O_CREAT;
+
+    /* Check for existing entry */
+    TAILQ_FOREACH(entry, &sudoerslist, entries) {
+	if (strcmp(path, entry->path) == 0)
+	    break;
+    }
+    if (entry == NULL) {
+	entry = calloc(1, sizeof(*entry));
+	if (entry == NULL || (entry->path = strdup(path)) == NULL)
+	    sudo_fatalx(U_("%s: %s"), __func__, U_("unable to allocate memory"));
+	/* entry->tpath = NULL; */
+	/* entry->modified = false; */
+	entry->doedit = doedit;
+	entry->fd = open(entry->path, open_flags, sudoers_mode);
+	if (entry->fd == -1) {
+	    sudo_warn("%s", entry->path);
+	    free(entry);
+	    debug_return_ptr(NULL);
+	}
+	if (!checkonly && !lock_sudoers(entry))
+	    debug_return_ptr(NULL);
+	if ((fp = fdopen(entry->fd, "r")) == NULL)
+	    sudo_fatal("%s", entry->path);
+	TAILQ_INSERT_TAIL(&sudoerslist, entry, entries);
+    } else {
+	/* Already exists, open .tmp version if there is one. */
+	if (entry->tpath != NULL) {
+	    if ((fp = fopen(entry->tpath, "r")) == NULL)
+		sudo_fatal("%s", entry->tpath);
+	} else {
+	    if ((fp = fdopen(entry->fd, "r")) == NULL)
+		sudo_fatal("%s", entry->path);
+	    rewind(fp);
+	}
+    }
+    if (keepopen != NULL)
+	*keepopen = true;
+    debug_return_ptr(fp);
+}
+
+static int
+check_alias(char *name, int type, char *file, int lineno, bool strict, bool quiet)
+{
+    struct member *m;
+    struct alias *a;
+    int errors = 0;
+    debug_decl(check_alias, SUDOERS_DEBUG_ALIAS)
+
+    if ((a = alias_get(&parsed_policy, name, type)) != NULL) {
+	/* check alias contents */
+	TAILQ_FOREACH(m, &a->members, entries) {
+	    if (m->type != ALIAS)
+		continue;
+	    errors += check_alias(m->name, type, a->file, a->lineno, strict, quiet);
+	}
+	alias_put(a);
+    } else {
+	if (!quiet) {
+	    if (errno == ELOOP) {
+		fprintf(stderr, strict ?
+		    U_("Error: %s:%d cycle in %s \"%s\"") :
+		    U_("Warning: %s:%d cycle in %s \"%s\""),
+		    file, lineno, alias_type_to_string(type), name);
+	    } else {
+		fprintf(stderr, strict ?
+		    U_("Error: %s:%d %s \"%s\" referenced but not defined") :
+		    U_("Warning: %s:%d %s \"%s\" referenced but not defined"),
+		    file, lineno, alias_type_to_string(type), name);
+	    }
+	    fputc('\n', stderr);
+	    if (strict && errorfile == NULL) {
+		errorfile = rcstr_addref(file);
+		errorlineno = lineno;
+	    }
+	}
+	errors++;
+    }
+
+    debug_return_int(errors);
+}
+
+/*
+ * Iterate through the sudoers datastructures looking for undefined
+ * aliases or unused aliases.
+ */
+static int
+check_aliases(bool strict, bool quiet)
+{
+    struct rbtree *used_aliases;
+    struct cmndspec *cs;
+    struct member *m;
+    struct privilege *priv;
+    struct userspec *us;
+    int errors = 0;
+    debug_decl(check_aliases, SUDOERS_DEBUG_ALIAS)
+
+    used_aliases = alloc_aliases();
+    if (used_aliases == NULL) {
+	sudo_warnx(U_("%s: %s"), __func__, U_("unable to allocate memory"));
+	debug_return_int(-1);
+    }
+
+    /* Forward check. */
+    TAILQ_FOREACH(us, &parsed_policy.userspecs, entries) {
+	TAILQ_FOREACH(m, &us->users, entries) {
+	    if (m->type == ALIAS) {
+		errors += check_alias(m->name, USERALIAS,
+		    us->file, us->lineno, strict, quiet);
+	    }
+	}
+	TAILQ_FOREACH(priv, &us->privileges, entries) {
+	    TAILQ_FOREACH(m, &priv->hostlist, entries) {
+		if (m->type == ALIAS) {
+		    errors += check_alias(m->name, HOSTALIAS,
+			us->file, us->lineno, strict, quiet);
+		}
+	    }
+	    TAILQ_FOREACH(cs, &priv->cmndlist, entries) {
+		if (cs->runasuserlist != NULL) {
+		    TAILQ_FOREACH(m, cs->runasuserlist, entries) {
+			if (m->type == ALIAS) {
+			    errors += check_alias(m->name, RUNASALIAS,
+				us->file, us->lineno, strict, quiet);
+			}
+		    }
+		}
+		if (cs->runasgrouplist != NULL) {
+		    TAILQ_FOREACH(m, cs->runasgrouplist, entries) {
+			if (m->type == ALIAS) {
+			    errors += check_alias(m->name, RUNASALIAS,
+				us->file, us->lineno, strict, quiet);
+			}
+		    }
+		}
+		if ((m = cs->cmnd)->type == ALIAS) {
+		    errors += check_alias(m->name, CMNDALIAS,
+			us->file, us->lineno, strict, quiet);
+		}
+	    }
+	}
+    }
+
+    /* Reverse check (destructive) */
+    if (!alias_find_used(&parsed_policy, used_aliases))
+	errors++;
+    free_aliases(used_aliases);
+
+    /* If all aliases were referenced we will have an empty tree. */
+    if (!no_aliases(&parsed_policy) && !quiet)
+	alias_apply(&parsed_policy, print_unused, NULL);
+
+    debug_return_int(strict ? errors : 0);
+}
+
+static int
+print_unused(struct sudoers_parse_tree *parse_tree, struct alias *a, void *v)
+{
+    fprintf(stderr, U_("Warning: %s:%d unused %s \"%s\""),
+	a->file, a->lineno, alias_type_to_string(a->type), a->name);
+    fputc('\n', stderr);
+    return 0;
+}
+
+static void
+parse_sudoers_options(void)
+{
+    struct plugin_info_list *plugins;
+    debug_decl(parse_sudoers_options, SUDOERS_DEBUG_UTIL)
+
+    plugins = sudo_conf_plugins();
+    if (plugins) {
+	struct plugin_info *info;
+
+	TAILQ_FOREACH(info, plugins, entries) {
+	    if (strcmp(info->symbol_name, "sudoers_policy") == 0)
+		break;
+	}
+	if (info != NULL && info->options != NULL) {
+	    char * const *cur;
+
+#define MATCHES(s, v)	\
+    (strncmp((s), (v), sizeof(v) - 1) == 0 && (s)[sizeof(v) - 1] != '\0')
+
+	    for (cur = info->options; *cur != NULL; cur++) {
+		const char *errstr, *p;
+		id_t id;
+
+		if (MATCHES(*cur, "sudoers_file=")) {
+		    sudoers_file = *cur + sizeof("sudoers_file=") - 1;
+		    continue;
+		}
+		if (MATCHES(*cur, "sudoers_uid=")) {
+		    p = *cur + sizeof("sudoers_uid=") - 1;
+		    id = sudo_strtoid(p, NULL, NULL, &errstr);
+		    if (errstr == NULL)
+			sudoers_uid = (uid_t) id;
+		    continue;
+		}
+		if (MATCHES(*cur, "sudoers_gid=")) {
+		    p = *cur + sizeof("sudoers_gid=") - 1;
+		    id = sudo_strtoid(p, NULL, NULL, &errstr);
+		    if (errstr == NULL)
+			sudoers_gid = (gid_t) id;
+		    continue;
+		}
+		if (MATCHES(*cur, "sudoers_mode=")) {
+		    p = *cur + sizeof("sudoers_mode=") - 1;
+		    id = (id_t) sudo_strtomode(p, &errstr);
+		    if (errstr == NULL)
+			sudoers_mode = (mode_t) id;
+		    continue;
+		}
+	    }
+#undef MATCHES
+	}
+    }
+    debug_return;
+}
+
+/*
+ * Unlink any sudoers temp files that remain.
+ */
+static void
+visudo_cleanup(void)
+{
+    struct sudoersfile *sp;
+
+    TAILQ_FOREACH(sp, &sudoerslist, entries) {
+	if (sp->tpath != NULL)
+	    (void) unlink(sp->tpath);
+    }
+}
+
+/*
+ * Unlink sudoers temp files (if any) and exit.
+ */
+static void
+quit(int signo)
+{
+    struct sudoersfile *sp;
+    struct iovec iov[4];
+
+    TAILQ_FOREACH(sp, &sudoerslist, entries) {
+	if (sp->tpath != NULL)
+	    (void) unlink(sp->tpath);
+    }
+
+#define	emsg	 " exiting due to signal: "
+    iov[0].iov_base = (char *)getprogname();
+    iov[0].iov_len = strlen(iov[0].iov_base);
+    iov[1].iov_base = emsg;
+    iov[1].iov_len = sizeof(emsg) - 1;
+    iov[2].iov_base = strsignal(signo);
+    iov[2].iov_len = strlen(iov[2].iov_base);
+    iov[3].iov_base = "\n";
+    iov[3].iov_len = 1;
+    ignore_result(writev(STDERR_FILENO, iov, 4));
+    _exit(signo);
+}
+
+static void
+usage(int fatal)
+{
+    (void) fprintf(fatal ? stderr : stdout,
+	"usage: %s [-chqsV] [[-f] sudoers ]\n", getprogname());
+    if (fatal)
+	exit(1);
+}
+
+static void
+help(void)
+{
+    (void) printf(_("%s - safely edit the sudoers file\n\n"), getprogname());
+    usage(0);
+    (void) puts(_("\nOptions:\n"
+	"  -c, --check              check-only mode\n"
+	"  -f, --file=sudoers       specify sudoers file location\n"
+	"  -h, --help               display help message and exit\n"
+	"  -q, --quiet              less verbose (quiet) syntax error messages\n"
+	"  -s, --strict             strict syntax checking\n"
+	"  -V, --version            display version information and exit\n"));
+    exit(0);
+}
diff --git a/plugins/system_group/Makefile.in b/plugins/system_group/Makefile.in
new file mode 100644
index 0000000..6fbb795
--- /dev/null
+++ b/plugins/system_group/Makefile.in
@@ -0,0 +1,204 @@
+#
+# Copyright (c) 2011-2018 Todd C. Miller <Todd.Miller@sudo.ws>
+#
+# Permission to use, copy, modify, and distribute this software for any
+# purpose with or without fee is hereby granted, provided that the above
+# copyright notice and this permission notice appear in all copies.
+#
+# THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
+# WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
+# MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
+# ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
+# WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
+# ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
+# OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
+#
+# @configure_input@
+#
+
+#### Start of system configuration section. ####
+
+srcdir = @srcdir@
+devdir = @devdir@
+top_builddir = @top_builddir@
+top_srcdir = @top_srcdir@
+incdir = $(top_srcdir)/include
+cross_compiling = @CROSS_COMPILING@
+
+# Compiler & tools to use
+CC = @CC@
+LIBTOOL = @LIBTOOL@
+SED = @SED@
+AWK = @AWK@
+
+# Our install program supports extra flags...
+INSTALL = $(SHELL) $(top_srcdir)/install-sh -c
+INSTALL_OWNER = -o $(install_uid) -g $(install_gid)
+INSTALL_BACKUP = @INSTALL_BACKUP@
+
+# Libraries
+LT_LIBS = $(top_builddir)/lib/util/libsudo_util.la
+LIBS = $(LT_LIBS)
+
+# C preprocessor flags
+CPPFLAGS = -I$(incdir) -I$(top_builddir) -I$(top_srcdir) @CPPFLAGS@
+
+# Usually -O and/or -g
+CFLAGS = @CFLAGS@
+
+# Flags to pass to the link stage
+LDFLAGS = @LDFLAGS@
+LT_LDFLAGS = @LT_LDFLAGS@ @LT_LDEXPORTS@
+
+# Flags to pass to libtool
+LTFLAGS = --tag=disable-static
+
+# Address sanitizer flags
+ASAN_CFLAGS = @ASAN_CFLAGS@
+ASAN_LDFLAGS = @ASAN_LDFLAGS@
+
+# PIE flags
+PIE_CFLAGS = @PIE_CFLAGS@
+PIE_LDFLAGS = @PIE_LDFLAGS@
+
+# Stack smashing protection flags
+SSP_CFLAGS = @SSP_CFLAGS@
+SSP_LDFLAGS = @SSP_LDFLAGS@
+
+# cppcheck options, usually set in the top-level Makefile
+CPPCHECK_OPTS = -q --force --enable=warning,performance,portability --suppress=constStatement --error-exitcode=1 --inline-suppr -Dva_copy=va_copy -U__cplusplus -UQUAD_MAX -UQUAD_MIN -UUQUAD_MAX -U_POSIX_HOST_NAME_MAX -U_POSIX_PATH_MAX -U__NBBY -DNSIG=64
+
+# splint options, usually set in the top-level Makefile
+SPLINT_OPTS = -D__restrict= -checks
+
+# PVS-studio options
+PVS_CFG = $(top_srcdir)/PVS-Studio.cfg
+PVS_IGNORE = 'V707,V011,V002,V536'
+PVS_LOG_OPTS = -a 'GA:1,2' -e -t errorfile -d $(PVS_IGNORE)
+
+# Where to install things...
+prefix = @prefix@
+exec_prefix = @exec_prefix@
+bindir = @bindir@
+sbindir = @sbindir@
+sysconfdir = @sysconfdir@
+libexecdir = @libexecdir@
+datarootdir = @datarootdir@
+localstatedir = @localstatedir@
+plugindir = @PLUGINDIR@
+
+# File mode and map file to use for shared libraries/objects
+shlib_enable = @SHLIB_ENABLE@
+shlib_mode = @SHLIB_MODE@
+shlib_exp = $(srcdir)/system_group.exp
+shlib_map = system_group.map
+shlib_opt = system_group.opt
+
+# User and group ids the installed files should be "owned" by
+install_uid = 0
+install_gid = 0
+
+#### End of system configuration section. ####
+
+SHELL = @SHELL@
+
+OBJS =	system_group.lo
+
+IOBJS = system_group.i
+
+POBJS = system_group.plog
+
+LIBOBJDIR = $(top_builddir)/@ac_config_libobj_dir@/
+
+VERSION = @PACKAGE_VERSION@
+
+all: system_group.la
+
+Makefile: $(srcdir)/Makefile.in
+	cd $(top_builddir) && ./config.status --file plugins/system_group/Makefile
+
+.SUFFIXES: .c .h .i .lo .plog
+
+.c.lo:
+	$(LIBTOOL) $(LTFLAGS) --mode=compile $(CC) -c $(CPPFLAGS) $(CFLAGS) $(ASAN_CFLAGS) $(PIE_CFLAGS) $(SSP_CFLAGS) $<
+
+.c.i:
+	$(CC) -E -o $@ $(CPPFLAGS) $<
+
+.i.plog:
+	ifile=$<; rm -f $@; pvs-studio --cfg $(PVS_CFG) --sourcetree-root $(top_srcdir) --skip-cl-exe yes --source-file $${ifile%i}c --i-file $< --output-file $@
+
+$(shlib_map): $(shlib_exp)
+	@$(AWK) 'BEGIN { print "{\n\tglobal:" } { print "\t\t"$$0";" } END { print "\tlocal:\n\t\t*;\n};" }' $(shlib_exp) > $@
+
+$(shlib_opt): $(shlib_exp)
+	@$(SED) 's/^/+e /' $(shlib_exp) > $@
+
+system_group.la: $(OBJS) $(LT_LIBS) @LT_LDDEP@
+	$(LIBTOOL) $(LTFLAGS) --mode=link $(CC) $(LDFLAGS) $(ASAN_LDFLAGS) $(SSP_LDFLAGS) $(LT_LDFLAGS) -o $@ $(OBJS) $(LIBS) -module -avoid-version -rpath $(plugindir) -shrext .so
+
+pre-install:
+
+install: install-plugin
+
+install-dirs:
+	$(SHELL) $(top_srcdir)/mkinstalldirs $(DESTDIR)$(plugindir)
+
+install-binaries:
+
+install-includes:
+
+install-doc:
+
+install-plugin: install-dirs system_group.la
+	if [ X"$(shlib_enable)" = X"yes" ]; then \
+	    INSTALL_BACKUP='$(INSTALL_BACKUP)' $(LIBTOOL) $(LTFLAGS) --mode=install $(INSTALL) $(INSTALL_OWNER) -m $(shlib_mode) system_group.la $(DESTDIR)$(plugindir); \
+	fi
+
+uninstall:
+	-$(LIBTOOL) $(LTFLAGS) --mode=uninstall rm -f $(DESTDIR)$(plugindir)/system_group.la
+	-test -z "$(INSTALL_BACKUP)" || \
+	    rm -f $(DESTDIR)$(plugindir)/system_group.so$(INSTALL_BACKUP)
+
+splint:
+	splint $(SPLINT_OPTS) -I$(incdir) -I$(top_builddir) -I$(top_srcdir) $(srcdir)/*.c
+
+cppcheck:
+	cppcheck $(CPPCHECK_OPTS) -I$(incdir) -I$(top_builddir) -I$(top_srcdir) $(srcdir)/*.c
+
+pvs-log-files: $(POBJS)
+
+pvs-studio: $(POBJS)
+	plog-converter $(PVS_LOG_OPTS) $(POBJS)
+
+check:
+
+clean:
+	-$(LIBTOOL) $(LTFLAGS) --mode=clean rm -f *.lo *.o *.la *.a *.i *.plog \
+	    stamp-* core *.core core.*
+
+mostlyclean: clean
+
+distclean: clean
+	-rm -rf Makefile .libs $(shlib_map) $(shlib_opt)
+
+clobber: distclean
+
+realclean: distclean
+	rm -f TAGS tags
+
+cleandir: realclean
+
+# Autogenerated dependencies, do not modify
+system_group.lo: $(srcdir)/system_group.c $(incdir)/compat/stdbool.h \
+                 $(incdir)/sudo_compat.h $(incdir)/sudo_dso.h \
+                 $(incdir)/sudo_plugin.h $(incdir)/sudo_util.h \
+                 $(top_builddir)/config.h
+	$(LIBTOOL) $(LTFLAGS) --mode=compile $(CC) -c $(CPPFLAGS) $(CFLAGS) $(ASAN_CFLAGS) $(PIE_CFLAGS) $(SSP_CFLAGS) $(srcdir)/system_group.c
+system_group.i: $(srcdir)/system_group.c $(incdir)/compat/stdbool.h \
+                 $(incdir)/sudo_compat.h $(incdir)/sudo_dso.h \
+                 $(incdir)/sudo_plugin.h $(incdir)/sudo_util.h \
+                 $(top_builddir)/config.h
+	$(CC) -E -o $@ $(CPPFLAGS) $<
+system_group.plog: system_group.i
+	rm -f $@; pvs-studio --cfg $(PVS_CFG) --sourcetree-root $(top_srcdir) --skip-cl-exe yes --source-file $(srcdir)/system_group.c --i-file $< --output-file $@
diff --git a/plugins/system_group/system_group.c b/plugins/system_group/system_group.c
new file mode 100644
index 0000000..b34dea4
--- /dev/null
+++ b/plugins/system_group/system_group.c
@@ -0,0 +1,157 @@
+/*
+ * Copyright (c) 2010-2014 Todd C. Miller <Todd.Miller@sudo.ws>
+ *
+ * Permission to use, copy, modify, and distribute this software for any
+ * purpose with or without fee is hereby granted, provided that the above
+ * copyright notice and this permission notice appear in all copies.
+ *
+ * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
+ * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
+ * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
+ * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
+ * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
+ * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
+ * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
+ */
+
+/*
+ * This is an open source non-commercial project. Dear PVS-Studio, please check it.
+ * PVS-Studio Static Code Analyzer for C, C++ and C#: http://www.viva64.com
+ */
+
+#include <config.h>
+
+#include <sys/types.h>
+#include <sys/stat.h>
+
+#include <stdio.h>
+#include <stdlib.h>
+#ifdef HAVE_STDBOOL_H
+# include <stdbool.h>
+#else
+# include "compat/stdbool.h"
+#endif /* HAVE_STDBOOL_H */
+#ifdef HAVE_STRING_H
+# include <string.h>
+#endif /* HAVE_STRING_H */
+#ifdef HAVE_STRINGS_H
+# include <strings.h>
+#endif /* HAVE_STRINGS_H */
+#include <unistd.h>
+#include <ctype.h>
+#include <errno.h>
+#include <fcntl.h>
+#include <limits.h>
+#include <grp.h>
+#include <pwd.h>
+
+#include "sudo_compat.h"
+#include "sudo_dso.h"
+#include "sudo_plugin.h"
+#include "sudo_util.h"
+
+/*
+ * Sudoers group plugin that does group name-based lookups using the system
+ * group database functions, similar to how sudo behaved prior to 1.7.3.
+ * This can be used on systems where lookups by group ID are problematic.
+ */
+
+static sudo_printf_t sudo_log;
+
+typedef struct group * (*sysgroup_getgrnam_t)(const char *);
+typedef struct group * (*sysgroup_getgrgid_t)(gid_t);
+typedef void (*sysgroup_gr_delref_t)(struct group *);
+
+static sysgroup_getgrnam_t sysgroup_getgrnam;
+static sysgroup_getgrgid_t sysgroup_getgrgid;
+static sysgroup_gr_delref_t sysgroup_gr_delref;
+static bool need_setent;
+
+static int
+sysgroup_init(int version, sudo_printf_t sudo_printf, char *const argv[])
+{
+    void *handle;
+
+    sudo_log = sudo_printf;
+
+    if (SUDO_API_VERSION_GET_MAJOR(version) != GROUP_API_VERSION_MAJOR) {
+	sudo_log(SUDO_CONV_ERROR_MSG,
+	    "sysgroup_group: incompatible major version %d, expected %d\n",
+	    SUDO_API_VERSION_GET_MAJOR(version),
+	    GROUP_API_VERSION_MAJOR);
+	return -1;
+    }
+
+    /* Share group cache with sudo if possible. */
+    handle = sudo_dso_findsym(SUDO_DSO_DEFAULT, "sudo_getgrnam");
+    if (handle != NULL) {
+	sysgroup_getgrnam = (sysgroup_getgrnam_t)handle;
+    } else {
+	sysgroup_getgrnam = (sysgroup_getgrnam_t)getgrnam;
+	need_setent = true;
+    }
+
+    handle = sudo_dso_findsym(SUDO_DSO_DEFAULT, "sudo_getgrgid");
+    if (handle != NULL) {
+	sysgroup_getgrgid = (sysgroup_getgrgid_t)handle;
+    } else {
+	sysgroup_getgrgid = (sysgroup_getgrgid_t)getgrgid;
+	need_setent = true;
+    }
+
+    handle = sudo_dso_findsym(SUDO_DSO_DEFAULT, "sudo_gr_delref");
+    if (handle != NULL)
+	sysgroup_gr_delref = (sysgroup_gr_delref_t)handle;
+
+    if (need_setent)
+	setgrent();
+
+    return true;
+}
+
+static void
+sysgroup_cleanup(void)
+{
+    if (need_setent)
+	endgrent();
+}
+
+/*
+ * Returns true if "user" is a member of "group", else false.
+ */
+static int
+sysgroup_query(const char *user, const char *group, const struct passwd *pwd)
+{
+    char **member;
+    struct group *grp;
+
+    grp = sysgroup_getgrnam(group);
+    if (grp == NULL && group[0] == '#' && group[1] != '\0') {
+	const char *errstr;
+	gid_t gid = sudo_strtoid(group + 1, NULL, NULL, &errstr);
+	if (errstr == NULL)
+	    grp = sysgroup_getgrgid(gid);
+    }
+    if (grp != NULL) {
+	if (grp->gr_mem != NULL) {
+	    for (member = grp->gr_mem; *member != NULL; member++) {
+		if (strcasecmp(user, *member) == 0) {
+		    if (sysgroup_gr_delref)
+			sysgroup_gr_delref(grp);
+		    return true;
+		}
+	    }
+	}
+	if (sysgroup_gr_delref)
+	    sysgroup_gr_delref(grp);
+    }
+
+    return false;
+}
+
+__dso_public struct sudoers_group_plugin group_plugin = {
+    GROUP_API_VERSION,
+    sysgroup_init,
+    sysgroup_cleanup,
+    sysgroup_query
+};
diff --git a/plugins/system_group/system_group.exp b/plugins/system_group/system_group.exp
new file mode 100644
index 0000000..a859d6c
--- /dev/null
+++ b/plugins/system_group/system_group.exp
@@ -0,0 +1 @@
+group_plugin