# # Format: # # var_name # TYPE # description (or NULL) # array of struct def_values if TYPE == T_TUPLE # # NOTE: for tuples that can be used in a boolean context the first # value corresponds to boolean FALSE and the second to TRUE. # syslog T_LOGFAC|T_BOOL "Syslog facility if syslog is being used for logging: %s" syslog_goodpri T_LOGPRI "Syslog priority to use when user authenticates successfully: %s" syslog_badpri T_LOGPRI "Syslog priority to use when user authenticates unsuccessfully: %s" long_otp_prompt T_FLAG "Put OTP prompt on its own line" ignore_dot T_FLAG "Ignore '.' in $PATH" mail_always T_FLAG "Always send mail when sudo is run" mail_badpass T_FLAG "Send mail if user authentication fails" mail_no_user T_FLAG "Send mail if the user is not in sudoers" mail_no_host T_FLAG "Send mail if the user is not in sudoers for this host" mail_no_perms T_FLAG "Send mail if the user is not allowed to run a command" tty_tickets T_FLAG "Use a separate timestamp for each user/tty combo" lecture T_TUPLE|T_BOOL "Lecture user the first time they run sudo" never once always lecture_file T_STR|T_PATH|T_BOOL "File containing the sudo lecture: %s" authenticate T_FLAG "Require users to authenticate by default" root_sudo T_FLAG "Root may run sudo" log_host T_FLAG "Log the hostname in the (non-syslog) log file" log_year T_FLAG "Log the year in the (non-syslog) log file" shell_noargs T_FLAG "If sudo is invoked with no arguments, start a shell" set_home T_FLAG "Set $HOME to the target user when starting a shell with -s" always_set_home T_FLAG "Always set $HOME to the target user's home directory" path_info T_FLAG "Allow some information gathering to give useful error messages" fqdn T_FLAG "Require fully-qualified hostnames in the sudoers file" insults T_FLAG "Insult the user when they enter an incorrect password" requiretty T_FLAG "Only allow the user to run sudo if they have a tty" env_editor T_FLAG "Visudo will honor the EDITOR environment variable" rootpw T_FLAG "Prompt for root's password, not the users's" runaspw T_FLAG "Prompt for the runas_default user's password, not the users's" targetpw T_FLAG "Prompt for the target user's password, not the users's" use_loginclass T_FLAG "Apply defaults in the target user's login class if there is one" set_logname T_FLAG "Set the LOGNAME and USER environment variables" stay_setuid T_FLAG "Only set the effective uid to the target user, not the real uid" preserve_groups T_FLAG "Don't initialize the group vector to that of the target user" loglinelen T_UINT|T_BOOL "Length at which to wrap log file lines (0 for no wrap): %d" timestamp_timeout T_FLOAT|T_BOOL "Authentication timestamp timeout: %.1f minutes" passwd_timeout T_FLOAT|T_BOOL "Password prompt timeout: %.1f minutes" passwd_tries T_UINT "Number of tries to enter a password: %d" umask T_MODE|T_BOOL "Umask to use or 0777 to use user's: 0%o" logfile T_STR|T_BOOL|T_PATH "Path to log file: %s" mailerpath T_STR|T_BOOL|T_PATH "Path to mail program: %s" mailerflags T_STR|T_BOOL "Flags for mail program: %s" mailto T_STR|T_BOOL "Address to send mail to: %s" mailfrom T_STR|T_BOOL "Address to send mail from: %s" mailsub T_STR "Subject line for mail messages: %s" badpass_message T_STR "Incorrect password message: %s" timestampdir T_STR|T_PATH "Path to authentication timestamp dir: %s" timestampowner T_STR "Owner of the authentication timestamp dir: %s" exempt_group T_STR|T_BOOL "Users in this group are exempt from password and PATH requirements: %s" passprompt T_STR "Default password prompt: %s" passprompt_override T_FLAG "If set, passprompt will override system prompt in all cases." runas_default T_STR "Default user to run commands as: %s" secure_path T_STR|T_BOOL "Value to override user's $PATH with: %s" editor T_STR|T_PATH "Path to the editor for use by visudo: %s" listpw T_TUPLE|T_BOOL "When to require a password for 'list' pseudocommand: %s" never any all always verifypw T_TUPLE|T_BOOL "When to require a password for 'verify' pseudocommand: %s" never all any always noexec T_FLAG "Preload the dummy exec functions contained in 'noexec_file'" noexec_file T_STR|T_PATH "File containing dummy exec functions: %s" ignore_local_sudoers T_FLAG "If LDAP directory is up, do we ignore local sudoers file" closefrom T_INT "File descriptors >= %d will be closed before executing a command" closefrom_override T_FLAG "If set, users may override the value of `closefrom' with the -C option" setenv T_FLAG "Allow users to set arbitrary environment variables" env_reset T_FLAG "Reset the environment to a default set of variables" env_check T_LIST|T_BOOL "Environment variables to check for sanity:" env_delete T_LIST|T_BOOL "Environment variables to remove:" env_keep T_LIST|T_BOOL "Environment variables to preserve:" role T_STR "SELinux role to use in the new security context: %s" type T_STR "SELinux type to use in the new security context: %s" askpass T_STR|T_PATH|T_BOOL "Path to the askpass helper program: %s" env_file T_STR|T_PATH|T_BOOL "Path to the sudo-specific environment file: %s" sudoers_locale T_STR "Locale to use while parsing sudoers: %s" visiblepw T_FLAG "Allow sudo to prompt for a password even if it would be visisble" pwfeedback T_FLAG "Provide visual feedback at the password prompt when there is user input" fast_glob T_FLAG "Use faster globbing that is less accurate but does not access the filesystem" umask_override T_FLAG "The umask specified in sudoers will override the user's, even if it is more permissive" log_input T_FLAG "Log user's input for the command being run" log_output T_FLAG "Log the output of the command being run" compress_io T_FLAG "Compress I/O logs using zlib" use_pty T_FLAG "Always run commands in a pseudo-tty"