source: postlfs/security/sudo.xml@ cf341b4

10.0 10.1 11.0 11.1 11.2 11.3 12.0 12.1 6.2 6.2.0 6.2.0-rc1 6.2.0-rc2 6.3 6.3-rc1 6.3-rc2 6.3-rc3 7.10 7.4 7.5 7.6 7.6-blfs 7.6-systemd 7.7 7.8 7.9 8.0 8.1 8.2 8.3 8.4 9.0 9.1 basic bdubbs/svn elogind gnome kde5-13430 kde5-14269 kde5-14686 kea ken/TL2024 ken/inkscape-core-mods ken/tuningfonts krejzi/svn lazarus lxqt nosym perl-modules plabs/newcss plabs/python-mods python3.11 qt5new rahul/power-profiles-daemon renodr/vulkan-addition systemd-11177 systemd-13485 trunk upgradedb xry111/intltool xry111/llvm18 xry111/soup3 xry111/test-20220226 xry111/xf86-video-removal
Last change on this file since cf341b4 was cf341b4, checked in by Bruce Dubbs <bdubbs@…>, 18 years ago

Added sudo-1.6.8p12

git-svn-id: svn://svn.linuxfromscratch.org/BLFS/trunk/BOOK@5298 af4574ff-66df-0310-9fd7-8a98e5e911e0
  • Property mode set to 100644
File size: 6.4 KB
Line 
1<?xml version="1.0" encoding="ISO-8859-1"?>
2<!DOCTYPE sect1 PUBLIC "-//OASIS//DTD DocBook XML V4.4//EN"
3 "http://www.oasis-open.org/docbook/xml/4.4/docbookx.dtd" [
4 <!ENTITY % general-entities SYSTEM "../../general.ent">
5 %general-entities;
6
7 <!ENTITY sudo-download-http "http://www.courtesan.com/sudo/dist/sudo-&sudo-version;.tar.gz">
8 <!ENTITY sudo-download-ftp " ">
9 <!ENTITY sudo-md5sum "b29893c06192df6230dd5f340f3badf5">
10 <!ENTITY sudo-size "576 KB">
11 <!ENTITY sudo-buildsize "3.6 MB">
12 <!ENTITY sudo-time "less than 0.1 SBU">
13]>
14
15<sect1 id="sudo" xreflabel="sudo-&sudo-version;">
16 <?dbhtml filename="sudo.html"?>
17
18 <sect1info>
19 <othername>$LastChangedBy: $</othername>
20 <date>$Date: $</date>
21 </sect1info>
22
23 <title>Sudo-&sudo-version;</title>
24
25 <indexterm zone="sudo">
26 <primary sortas="a-sudo">sudo</primary>
27 </indexterm>
28
29 <sect2 role="package">
30 <title>Introduction to Sudo</title>
31
32 <para>The <application>sudo</application> package allows a system
33 administrator to give certain users (or groups of users) the ability to run
34 some (or all) commands as root or another user while logging the commands
35 and arguments.</para>
36
37 <bridgehead renderas="sect3">Package Information</bridgehead>
38 <itemizedlist spacing="compact">
39 <listitem>
40 <para>Download (HTTP): <ulink url="&sudo-download-http;"/></para>
41 </listitem>
42 <listitem>
43 <para>Download (FTP): <ulink url="&sudo-download-ftp;"/></para>
44 </listitem>
45 <listitem>
46 <para>Download MD5 sum: &sudo-md5sum;</para>
47 </listitem>
48 <listitem>
49 <para>Download size: &sudo-size;</para>
50 </listitem>
51 <listitem>
52 <para>Estimated disk space required: &sudo-buildsize;</para>
53 </listitem>
54 <listitem>
55 <para>Estimated build time: &sudo-time;</para>
56 </listitem>
57 </itemizedlist>
58
59<!--
60 <bridgehead renderas="sect3">Additional Downloads</bridgehead>
61 <itemizedlist spacing='compact'>
62 <listitem>
63 <para>Required patch: <ulink
64 url="&patch-root;/sudo-&sudo-version;-xxxx-1.patch"/></para>
65 </listitem>
66 </itemizedlist>
67 <bridgehead renderas="sect3">Sudo Dependencies</bridgehead>
68
69 <bridgehead renderas="sect4">Optional</bridgehead>
70
71
72-->
73 </sect2>
74
75 <sect2 role="installation">
76 <title>Installation of Sudo</title>
77
78 <para>Install <application>sudo</application> by running
79 the following commands:</para>
80
81<screen><userinput>./configure --prefix=/usr --libexecdir=/usr/lib \
82 --enable-noargs-shell --with-ignore-dot --with-all-insults &amp;&amp;
83make</userinput></screen>
84
85 <para>Now, as the <systemitem class="username">root</systemitem> user:</para>
86
87<screen role="root"><userinput>make install</userinput></screen>
88
89 </sect2>
90
91 <sect2 role="commands">
92 <title>Command Explanations</title>
93
94 <para><option>--enable-noargs-shell</option>: This switch allows sudo to
95 run a shell if involked with no arguments.</para>
96
97 <para><option>--with-ignore-dot</option>: This switch causes
98 <application>sudo</application> to ignore '.' in the PATH.</para>
99
100 <para><option>--with-all-insults</option>: This switch includes all the
101 sudo insult sets.</para>
102
103 <note><para>There are many options to <application>sudo</application>'s
104 configure command. Check the <command>configure --help</command> output
105 for a complete list.</para></note>
106
107 </sect2>
108
109 <sect2 role="configuration">
110 <title>Configuring Sudo</title>
111
112 <sect3 id="sudo-config">
113 <title>Config File</title>
114
115 <para><filename>/etc/sudoers</filename></para>
116
117 <indexterm zone="sudo sudo-config">
118 <primary sortas="e-etc-sudoers">/etc/sudoers</primary>
119 </indexterm>
120
121 </sect3>
122
123 <sect3>
124 <title>Configuration Information</title>
125
126 <para>The <filename>sudoers</filename> file can be quite complicated. It
127 is composed of two types of entries: aliases (basically variables) and
128 user specifications (which specify who may run what). The installation
129 installs a default configuration that has no privileges installed for any
130 user.</para>
131
132 <para>One example usage is to allow the system administrator to execute
133 any program without typing a password each time root privileges are
134 needed. This can be configured as:</para>
135
136 <screen># User alias specification
137User_Alias ADMIN = YourLoginId
138
139# Allow people in group ADMIN to run all commands without a password
140ADMIN ALL = NOPASSWD: ALL</screen>
141
142 <para>For details, see <command>man sudoers</command>.</para>
143
144 </sect3>
145
146 </sect2>
147
148 <sect2 role="content">
149 <title>Contents</title>
150
151 <segmentedlist>
152 <segtitle>Installed Programs</segtitle>
153 <segtitle>Installed Library</segtitle>
154 <segtitle>Installed Directories</segtitle>
155
156 <seglistitem>
157 <seg>sudo and sudoedit</seg>
158 <seg>sudo_noexec.so</seg>
159 <seg>None</seg>
160 </seglistitem>
161 </segmentedlist>
162
163 <variablelist>
164 <bridgehead renderas="sect3">Short Descriptions</bridgehead>
165 <?dbfo list-presentation="list"?>
166 <?dbhtml list-presentation="table"?>
167
168 <varlistentry id="sudo_prog">
169 <term><command>sudo</command></term>
170 <listitem>
171 <para>executes a command as another user as permitted by
172 the <filename>/etc/sudoers</filename> confiuration file.
173 </para>
174 <indexterm zone="sudo sudo">
175 <primary sortas="b-sudo">sudo</primary>
176 </indexterm>
177 </listitem>
178 </varlistentry>
179
180 <varlistentry id="sudoedit">
181 <term><command>sudoedit</command></term>
182 <listitem>
183 <para>is a hard link to <command>sudo</command> that implies
184 the -e option to invoke an editor as another user.</para>
185 <indexterm zone="sudo sudoedit">
186 <primary sortas="b-sudoedit">sudoedit</primary>
187 </indexterm>
188 </listitem>
189 </varlistentry>
190
191 <varlistentry id="sudo_noexec">
192 <term><filename class='libraryfile'>sudo_noexec.so</filename></term>
193 <listitem>
194 <para>enables support for the "noexec" functionality which prevents
195 a dynamically-linked program being run by sudo from executing
196 another program (think shell escapes).</para>
197 <indexterm zone="sudo sudo_noexec">
198 <primary sortas="c-sudo_noexec">sudo_noexec.so</primary>
199 </indexterm>
200 </listitem>
201 </varlistentry>
202
203 </variablelist>
204
205 </sect2>
206
207</sect1>
Note: See TracBrowser for help on using the repository browser.