Changeset bcd2922 for postlfs/security/sudo.xml

Timestamp:

07/20/2012 12:05:51 AM (12 years ago)

Author:

Krejzi <krejzi@…>

Branches:

10.0, 10.1, 11.0, 11.1, 11.2, 11.3, 12.0, 12.1, 7.10, 7.4, 7.5, 7.6, 7.6-blfs, 7.6-systemd, 7.7, 7.8, 7.9, 8.0, 8.1, 8.2, 8.3, 8.4, 9.0, 9.1, basic, bdubbs/svn, elogind, gnome, kde5-13430, kde5-14269, kde5-14686, kea, ken/TL2024, ken/inkscape-core-mods, ken/tuningfonts, krejzi/svn, lazarus, lxqt, nosym, perl-modules, plabs/newcss, plabs/python-mods, python3.11, qt5new, rahul/power-profiles-daemon, renodr/vulkan-addition, systemd-11177, systemd-13485, trunk, upgradedb, xry111/intltool, xry111/llvm18, xry111/soup3, xry111/test-20220226, xry111/xf86-video-removal

Children:

3261d55d

Parents:

cc13920

Message:

Revert Xorg Apps update. Sudo 1.8.5p2 and Mpg123 1.14.3.

git-svn-id: svn://svn.linuxfromscratch.org/BLFS/trunk/BOOK@10430 af4574ff-66df-0310-9fd7-8a98e5e911e0

File:

• postlfs/security/sudo.xml (modified) (17 diffs)

postlfs/security/sudo.xml

@@ -7 +7 @@
   <!ENTITY sudo-download-http "http://www.sudo.ws/sudo/dist/sudo-&sudo-version;.tar.gz">
   <!ENTITY sudo-download-ftp  "ftp://ftp.twaren.net/Unix/Security/Sudo/sudo-&sudo-version;.tar.gz">
-  <!ENTITY sudo-md5sum        "b9be6df7ecefedff2263052ed9fc5e93">
-  <!ENTITY sudo-size          "1.5 MB">
-  <!ENTITY sudo-buildsize     "16 MB">
+  <!ENTITY sudo-md5sum        "dc42ed9f0946d92273762d0ae7314d59">
+  <!ENTITY sudo-size          "1.7 MB">
+  <!ENTITY sudo-buildsize     "18 MB">
   <!ENTITY sudo-time          "0.3 SBU">
 ]>
 
-<sect1 id="sudo" xreflabel="sudo-&sudo-version;">
+<sect1 id="sudo" xreflabel="Sudo-&sudo-version;">
   <?dbhtml filename="sudo.html"?>
 
@@ -24 +24 @@
 
   <indexterm zone="sudo">
-    <primary sortas="a-sudo">sudo</primary>
+    <primary sortas="a-Sudo">Sudo</primary>
   </indexterm>
 
@@ -30 +30 @@
     <title>Introduction to Sudo</title>
 
-    <para>The <application>sudo</application> package allows a system
-    administrator to give certain users (or groups of users) the ability to run
-    some (or all) commands as
-    <systemitem class="username">root</systemitem> or another user while
-    logging the commands and arguments.</para>
+    <para>
+      The <application>Sudo</application> package allows a system administrator
+      to give certain users (or groups of users) the ability to run
+      some (or all) commands as
+      <systemitem class="username">root</systemitem> or another user while
+      logging the commands and arguments.
+    </para>
 
     &lfs71_checked;
@@ -41 +43 @@
     <itemizedlist spacing="compact">
       <listitem>
-        <para>Download (HTTP): <ulink url="&sudo-download-http;"/></para>
-      </listitem>
-      <listitem>
-        <para>Download (FTP): <ulink url="&sudo-download-ftp;"/></para>
-      </listitem>
-      <listitem>
-        <para>Download MD5 sum: &sudo-md5sum;</para>
-      </listitem>
-      <listitem>
-        <para>Download size: &sudo-size;</para>
-      </listitem>
-      <listitem>
-        <para>Estimated disk space required: &sudo-buildsize;</para>
-      </listitem>
-      <listitem>
-        <para>Estimated build time: &sudo-time;</para>
+        <para>
+          Download (HTTP): <ulink url="&sudo-download-http;"/>
+        </para>
+      </listitem>
+      <listitem>
+        <para>
+          Download (FTP): <ulink url="&sudo-download-ftp;"/>
+        </para>
+      </listitem>
+      <listitem>
+        <para>
+          Download MD5 sum: &sudo-md5sum;
+        </para>
+      </listitem>
+      <listitem>
+        <para>
+          Download size: &sudo-size;
+        </para>
+      </listitem>
+      <listitem>
+        <para>
+          Estimated disk space required: &sudo-buildsize;
+        </para>
+      </listitem>
+      <listitem>
+        <para>
+          Estimated build time: &sudo-time;
+        </para>
       </listitem>
     </itemizedlist>
@@ -63 +77 @@
 
     <bridgehead renderas="sect4">Optional</bridgehead>
-    <para role="optional"><ulink url="http://www.openafs.org/">AFS</ulink>,
-    <xref linkend="linux-pam"/>,
-    <ulink url="http://www.fwtk.org/">FWTK</ulink>,
-    <xref linkend="mitkrb"/>,
-    an <xref linkend="server-mail"/> (that provides a
-    <command>sendmail</command> command),
-    <xref linkend="openldap"/>,
-    <ulink url="ftp://ftp.nrl.navy.mil/pub/security/opie">Opie</ulink> and
-    <ulink url="http://www.rsa.com/node.aspx?id=1156">SecurID</ulink></para>
+    <para role="optional">
+      <ulink url="http://www.openafs.org/">AFS</ulink>,
+      <ulink url="http://www.fwtk.org/">FWTK</ulink>,
+      <xref linkend="linux-pam"/>,
+      <xref linkend="mitkrb"/>,
+      an <xref linkend="server-mail"/> (that provides a
+      <command>sendmail</command> command),
+      <xref linkend="openldap"/>,
+      <ulink url="ftp://ftp.nrl.navy.mil/pub/security/opie">Opie</ulink> and
+      <ulink url="http://www.rsa.com/node.aspx?id=1156">SecurID</ulink>
+    </para>
 
     <para condition="html" role="usernotes">User Notes:
-    <ulink url="&blfs-wiki;/sudo"/></para>
-
+      <ulink url="&blfs-wiki;/sudo"/>
+    </para>
   </sect2>
 
@@ -81 +97 @@
     <title>Installation of Sudo</title>
 
-    <para>Install <application>sudo</application> by running
-    the following commands:</para>
+    <para>
+      Install <application>Sudo</application> by running
+      the following commands:
+    </para>
 
 <screen><userinput>./configure --prefix=/usr                   \
@@ -93 +111 @@
 make</userinput></screen>
 
-    <para>This package does not come with a test suite.</para>
-
-    <para>Now, as the <systemitem class="username">root</systemitem> user:</para>
+    <para>
+      This package does not come with a test suite.
+    </para>
+
+    <para>
+      Now, as the <systemitem class="username">root</systemitem> user:
+    </para>
 
 <screen role="root"><userinput>make install</userinput></screen>
@@ -104 +126 @@
     <title>Command Explanations</title>
 
-    <para><option>--with-all-insults</option>: This switch includes all the
-    <application>sudo</application> insult sets.</para>
-
-    <para><option>--with-env-editor</option>: This switch enables use of the 
-    environment variable EDITOR for <command>visudo</command>.</para>
-
-    <para><option>--without-pam</option>: This switch disables the use of
-    <application>PAM</application> authentication. Omit if you have
-    <application>Linux PAM</application> installed.</para>
-
-    <para><option>--without-sendmail</option>: This switch disables the use of
-    sendmail. Remove if you have a sendmail compatible MTA.</para>
+    <para>
+      <option>--with-all-insults</option>: This switch includes all the
+      <application>sudo</application> insult sets.
+    </para>
+
+    <para>
+      <option>--with-env-editor</option>: This switch enables use of the 
+      environment variable EDITOR for <command>visudo</command>.
+    </para>
+
+    <para>
+      <option>--without-pam</option>: This switch disables the use of
+      <application>PAM</application> authentication. Omit if you have
+      <application>Linux PAM</application> installed.
+    </para>
+
+    <para>
+      <option>--without-sendmail</option>: This switch disables the use of
+      sendmail. Remove if you have a sendmail compatible MTA.
+   </para>
 
     <note>
-      <para>There are many options to <application>sudo</application>'s
-      <command>configure</command> command. Check the
-      <command>configure --help</command> output for a complete list.</para>
+      <para>
+        There are many options to <application>sudo</application>'s
+        <command>configure</command> command. Check the
+        <command>configure --help</command> output for a complete list.
+      </para>
     </note>
 
@@ -142 +174 @@
       <title>Configuration Information</title>
 
-      <para>The <filename>sudoers</filename> file can be quite complicated.  It
-      is composed of two types of entries: aliases (basically variables) and
-      user specifications (which specify who may run what).  The installation
-      installs a default configuration that has no privileges installed for any
-      user.</para>
-
-      <para>One example usage is to allow the system administrator to execute
-      any program without typing a password each time root privileges are
-      needed.  This can be configured as:</para>
+      <para>
+        The <filename>sudoers</filename> file can be quite complicated.  It
+        is composed of two types of entries: aliases (basically variables) and
+        user specifications (which specify who may run what).  The installation
+        installs a default configuration that has no privileges installed for any
+        user.
+     </para>
+
+      <para>
+        One example usage is to allow the system administrator to execute
+        any program without typing a password each time root privileges are
+        needed. This can be configured as:
+      </para>
 
 <screen># User alias specification
@@ -158 +194 @@
 ADMIN       ALL = NOPASSWD: ALL</screen>
 
-      <para>For details, see <command>man sudoers</command>.</para>
+      <para>
+        For details, see <command>man sudoers</command>.
+      </para>
 
       <note>
-        <para>The <application>Sudo</application> developers highly recommend
-        using the <command>visudo</command> program to edit the
-        <filename>sudoers</filename> file. This will provide basic sanity
-        checking like syntax parsing and file permission to avoid some possible
-        mistakes that could lead to a vulnerable configuration.</para>
+        <para>
+          The <application>Sudo</application> developers highly recommend
+          using the <command>visudo</command> program to edit the
+          <filename>sudoers</filename> file. This will provide basic sanity
+          checking like syntax parsing and file permission to avoid some possible
+          mistakes that could lead to a vulnerable configuration.
+        </para>
       </note>
 
-      <para>If you've built <application>Sudo</application> with
-      <application>PAM</application> support, issue the following
-      command as the <systemitem class="username">root</systemitem> user
-      to create the <application>PAM</application> configuration file:</para>
+      <para>
+        If you've built <application>Sudo</application> with
+        <application>PAM</application> support, issue the following
+        command as the <systemitem class="username">root</systemitem> user
+        to create the <application>PAM</application> configuration file:
+      </para>
 
 <screen role="root"><userinput>cat &gt; /etc/pam.d/sudo &lt;&lt; "EOF" &amp;&amp;
@@ -205 +247 @@
 
       <seglistitem>
-        <seg>sudo, sudoedit, sudoreplay and visudo</seg>
-        <seg>sudoers.so and sudo_noexec.so</seg>
-        <seg>None</seg>
+        <seg>
+          sudo, sudoedit, sudoreplay and visudo
+        </seg>
+        <seg>
+          sudoers.so and sudo_noexec.so
+        </seg>
+        <seg>
+          /usr/lib/sudo and
+          /usr/share/doc/sudo-&sudo-version;
+        </seg>
       </seglistitem>
     </segmentedlist>
@@ -219 +268 @@
         <term><command>sudo</command></term>
         <listitem>
-          <para>executes a command as another user as permitted by
-          the <filename>/etc/sudoers</filename> configuration file.
+          <para>
+            executes a command as another user as permitted by
+            the <filename>/etc/sudoers</filename> configuration file.
           </para>
           <indexterm zone="sudo sudo">
@@ -231 +281 @@
         <term><command>sudoedit</command></term>
         <listitem>
-          <para>is a hard link to <command>sudo</command> that implies
-          the <option>-e</option> option to invoke an editor as another
-          user.</para>
+          <para>
+            is a hard link to <command>sudo</command> that implies the
+            <option>-e</option> option to invoke an editor as another user.
+          </para>
           <indexterm zone="sudo sudoedit">
             <primary sortas="b-sudoedit">sudoedit</primary>
@@ -243 +294 @@
         <term><command>visudo</command></term>
         <listitem>
-          <para>allows for safer editing of the <filename>sudoers</filename>
-          file.</para>
+          <para>
+            allows for safer editing of the <filename>sudoers</filename>
+            file.
+          </para>
           <indexterm zone="sudo visudo">
             <primary sortas="b-visudo">visudo</primary>
@@ -254 +307 @@
         <term><command>sudoreplay</command></term>
         <listitem>
-          <para>is used to play back or list the output 
-          logs created by <command>sudo</command>.</para>
+          <para>
+            is used to play back or list the output 
+            logs created by <command>sudo</command>.
+          </para>
           <indexterm zone="sudo sudoreplay">
             <primary sortas="b-sudoreplay">sudoreplay</primary>
@@ -265 +320 @@
         <term><filename class='libraryfile'>sudoers.so</filename></term>
         <listitem>
-          <para>is default sudo security policy module.</para>
+          <para>
+            is default sudo security policy module.
+          </para>
           <indexterm zone="sudo sudoers">
             <primary sortas="c-sudoers">sudoers.so</primary>
@@ -275 +332 @@
         <term><filename class='libraryfile'>sudo_noexec.so</filename></term>
         <listitem>
-          <para>enables support for the "noexec" functionality which prevents
-           a dynamically-linked program being run by sudo from executing
-           another program (think shell escapes).</para>
+          <para>
+             enables support for the "noexec" functionality which prevents
+             a dynamically-linked program being run by sudo from executing
+             another program (think shell escapes).
+          </para>
           <indexterm zone="sudo sudo_noexec">
             <primary sortas="c-sudo_noexec">sudo_noexec.so</primary>