1# 2# Format: 3# 4# var_name 5# TYPE 6# description (or NULL) 7# array of struct def_values if TYPE == T_TUPLE 8# 9# NOTE: for tuples that can be used in a boolean context the first 10# value corresponds to boolean FALSE and the second to TRUE. 11# 12 13syslog 14 T_LOGFAC|T_BOOL 15 "Syslog facility if syslog is being used for logging: %s" 16syslog_goodpri 17 T_LOGPRI 18 "Syslog priority to use when user authenticates successfully: %s" 19syslog_badpri 20 T_LOGPRI 21 "Syslog priority to use when user authenticates unsuccessfully: %s" 22long_otp_prompt 23 T_FLAG 24 "Put OTP prompt on its own line" 25ignore_dot 26 T_FLAG 27 "Ignore '.' in $PATH" 28mail_always 29 T_FLAG 30 "Always send mail when sudo is run" 31mail_badpass 32 T_FLAG 33 "Send mail if user authentication fails" 34mail_no_user 35 T_FLAG 36 "Send mail if the user is not in sudoers" 37mail_no_host 38 T_FLAG 39 "Send mail if the user is not in sudoers for this host" 40mail_no_perms 41 T_FLAG 42 "Send mail if the user is not allowed to run a command" 43tty_tickets 44 T_FLAG 45 "Use a separate timestamp for each user/tty combo" 46lecture 47 T_TUPLE|T_BOOL 48 "Lecture user the first time they run sudo" 49 never once always 50lecture_file 51 T_STR|T_PATH|T_BOOL 52 "File containing the sudo lecture: %s" 53authenticate 54 T_FLAG 55 "Require users to authenticate by default" 56root_sudo 57 T_FLAG 58 "Root may run sudo" 59log_host 60 T_FLAG 61 "Log the hostname in the (non-syslog) log file" 62log_year 63 T_FLAG 64 "Log the year in the (non-syslog) log file" 65shell_noargs 66 T_FLAG 67 "If sudo is invoked with no arguments, start a shell" 68set_home 69 T_FLAG 70 "Set $HOME to the target user when starting a shell with -s" 71always_set_home 72 T_FLAG 73 "Always set $HOME to the target user's home directory" 74path_info 75 T_FLAG 76 "Allow some information gathering to give useful error messages" 77fqdn 78 T_FLAG 79 "Require fully-qualified hostnames in the sudoers file" 80insults 81 T_FLAG 82 "Insult the user when they enter an incorrect password" 83requiretty 84 T_FLAG 85 "Only allow the user to run sudo if they have a tty" 86env_editor 87 T_FLAG 88 "Visudo will honor the EDITOR environment variable" 89rootpw 90 T_FLAG 91 "Prompt for root's password, not the users's" 92runaspw 93 T_FLAG 94 "Prompt for the runas_default user's password, not the users's" 95targetpw 96 T_FLAG 97 "Prompt for the target user's password, not the users's" 98use_loginclass 99 T_FLAG 100 "Apply defaults in the target user's login class if there is one" 101set_logname 102 T_FLAG 103 "Set the LOGNAME and USER environment variables" 104stay_setuid 105 T_FLAG 106 "Only set the effective uid to the target user, not the real uid" 107preserve_groups 108 T_FLAG 109 "Don't initialize the group vector to that of the target user" 110loglinelen 111 T_UINT|T_BOOL 112 "Length at which to wrap log file lines (0 for no wrap): %d" 113timestamp_timeout 114 T_FLOAT|T_BOOL 115 "Authentication timestamp timeout: %.1f minutes" 116passwd_timeout 117 T_FLOAT|T_BOOL 118 "Password prompt timeout: %.1f minutes" 119passwd_tries 120 T_UINT 121 "Number of tries to enter a password: %d" 122umask 123 T_MODE|T_BOOL 124 "Umask to use or 0777 to use user's: 0%o" 125logfile 126 T_STR|T_BOOL|T_PATH 127 "Path to log file: %s" 128mailerpath 129 T_STR|T_BOOL|T_PATH 130 "Path to mail program: %s" 131mailerflags 132 T_STR|T_BOOL 133 "Flags for mail program: %s" 134mailto 135 T_STR|T_BOOL 136 "Address to send mail to: %s" 137mailfrom 138 T_STR|T_BOOL 139 "Address to send mail from: %s" 140mailsub 141 T_STR 142 "Subject line for mail messages: %s" 143badpass_message 144 T_STR 145 "Incorrect password message: %s" 146timestampdir 147 T_STR|T_PATH 148 "Path to authentication timestamp dir: %s" 149timestampowner 150 T_STR 151 "Owner of the authentication timestamp dir: %s" 152exempt_group 153 T_STR|T_BOOL 154 "Users in this group are exempt from password and PATH requirements: %s" 155passprompt 156 T_STR 157 "Default password prompt: %s" 158passprompt_override 159 T_FLAG 160 "If set, passprompt will override system prompt in all cases." 161runas_default 162 T_STR 163 "Default user to run commands as: %s" 164secure_path 165 T_STR|T_BOOL 166 "Value to override user's $PATH with: %s" 167editor 168 T_STR|T_PATH 169 "Path to the editor for use by visudo: %s" 170listpw 171 T_TUPLE|T_BOOL 172 "When to require a password for 'list' pseudocommand: %s" 173 never any all always 174verifypw 175 T_TUPLE|T_BOOL 176 "When to require a password for 'verify' pseudocommand: %s" 177 never all any always 178noexec 179 T_FLAG 180 "Preload the dummy exec functions contained in 'noexec_file'" 181noexec_file 182 T_STR|T_PATH 183 "File containing dummy exec functions: %s" 184ignore_local_sudoers 185 T_FLAG 186 "If LDAP directory is up, do we ignore local sudoers file" 187closefrom 188 T_INT 189 "File descriptors >= %d will be closed before executing a command" 190closefrom_override 191 T_FLAG 192 "If set, users may override the value of `closefrom' with the -C option" 193setenv 194 T_FLAG 195 "Allow users to set arbitrary environment variables" 196env_reset 197 T_FLAG 198 "Reset the environment to a default set of variables" 199env_check 200 T_LIST|T_BOOL 201 "Environment variables to check for sanity:" 202env_delete 203 T_LIST|T_BOOL 204 "Environment variables to remove:" 205env_keep 206 T_LIST|T_BOOL 207 "Environment variables to preserve:" 208role 209 T_STR 210 "SELinux role to use in the new security context: %s" 211type 212 T_STR 213 "SELinux type to use in the new security context: %s" 214askpass 215 T_STR|T_PATH|T_BOOL 216 "Path to the askpass helper program: %s" 217env_file 218 T_STR|T_PATH|T_BOOL 219 "Path to the sudo-specific environment file: %s" 220sudoers_locale 221 T_STR 222 "Locale to use while parsing sudoers: %s" 223visiblepw 224 T_FLAG 225 "Allow sudo to prompt for a password even if it would be visible" 226pwfeedback 227 T_FLAG 228 "Provide visual feedback at the password prompt when there is user input" 229fast_glob 230 T_FLAG 231 "Use faster globbing that is less accurate but does not access the filesystem" 232umask_override 233 T_FLAG 234 "The umask specified in sudoers will override the user's, even if it is more permissive" 235log_input 236 T_FLAG 237 "Log user's input for the command being run" 238log_output 239 T_FLAG 240 "Log the output of the command being run" 241compress_io 242 T_FLAG 243 "Compress I/O logs using zlib" 244use_pty 245 T_FLAG 246 "Always run commands in a pseudo-tty" 247iolog_dir 248 T_STR|T_PATH 249 "Directory in which to store input/output logs: %s" 250