From 8a74f73d7eae590cdda1e468252292b73d11120f Mon Sep 17 00:00:00 2001 From: "Todd C. Miller" Date: Tue, 28 Mar 2023 16:02:46 -0600 Subject: White space is not allowed between Defaults and '@', ':', '!', '>'. The EBNF made it appear that this is allowed when it really is not. --- docs/sudoers.man.in | 44 ++++++++++++++++++++++++++++++++++---------- docs/sudoers.mdoc.in | 44 ++++++++++++++++++++++++++++++++++---------- 2 files changed, 68 insertions(+), 20 deletions(-) diff --git a/docs/sudoers.man.in b/docs/sudoers.man.in index be9dc327e..f628b428c 100644 --- a/docs/sudoers.man.in +++ b/docs/sudoers.man.in @@ -25,7 +25,7 @@ .nr BA @BAMAN@ .nr LC @LCMAN@ .nr PS @PSMAN@ -.TH "SUDOERS" "@mansectform@" "January 16, 2023" "Sudo @PACKAGE_VERSION@" "File Formats Manual" +.TH "SUDOERS" "@mansectform@" "March 28, 2023" "Sudo @PACKAGE_VERSION@" "File Formats Manual" .nh .if n .ad l .SH "NAME" @@ -1219,21 +1219,45 @@ Certain configuration options may be changed from their default values at run-time via one or more \fIDefault_Entry\fR lines. -These may affect all users on any host, all users on a specific host, a -specific user, a specific command, or commands being run as a specific user. +These may affect all users on any host +(\(oqDefaults\(cq), +all users on a specific host +(\(oqDefaults@host\(cq), +a specific user +(\(oqDefaults:user\(cq), +a specific command +(\(oqDefaults!cmnd\(cq), +or commands being run as a specific user +(\(oqDefaults>runasuser\(cq). +.PP +White space is not permitted between +\(oqDefaults\(cq +and the +\(oq@\(cq, +\(oq\&:\(cq, +\(oq\&!\(cq, +or +\(oq>\(cq +characters. +While a comma-separated list may be used in place of a single value after the +\(oq@\(cq, +\(oq\&:\(cq, +\(oq\&!\(cq, +or +\(oq>\(cq +character, using an alias instead of a list is often improve readability. Per-command entries may not include command line arguments. If you need to specify arguments, define a \fICmnd_Alias\fR -and reference -that instead. +and reference that instead. .nf .sp .RS 0n Default_Type ::= 'Defaults' | - 'Defaults' '@' Host_List | - 'Defaults' ':' User_List | - 'Defaults' '!' Cmnd_List | - 'Defaults' '>' Runas_List + 'Defaults@' Host_List | + 'Defaults:' User_List | + 'Defaults!' Cmnd_List | + 'Defaults>' Runas_List Default_Entry ::= Default_Type Parameter_List @@ -1379,7 +1403,7 @@ A fully-specified consists of two \fIRunas_List\fRs (as defined above) separated by a colon -(\(oq:\&\(cq) +(\(oq\&:\(cq) and enclosed in a set of parentheses. The first \fIRunas_List\fR diff --git a/docs/sudoers.mdoc.in b/docs/sudoers.mdoc.in index 92edacb9d..734dec253 100644 --- a/docs/sudoers.mdoc.in +++ b/docs/sudoers.mdoc.in @@ -25,7 +25,7 @@ .nr BA @BAMAN@ .nr LC @LCMAN@ .nr PS @PSMAN@ -.Dd January 16, 2023 +.Dd March 28, 2023 .Dt SUDOERS @mansectform@ .Os Sudo @PACKAGE_VERSION@ .Sh NAME @@ -1169,19 +1169,43 @@ Certain configuration options may be changed from their default values at run-time via one or more .Em Default_Entry lines. -These may affect all users on any host, all users on a specific host, a -specific user, a specific command, or commands being run as a specific user. +These may affect all users on any host +.Pq Sq Defaults , +all users on a specific host +.Pq Sq Defaults@host , +a specific user +.Pq Sq Defaults:user , +a specific command +.Pq Sq Defaults!cmnd , +or commands being run as a specific user +.Pq Sq Defaults>runasuser . +.Pp +White space is not permitted between +.Sq Defaults +and the +.Ql @ , +.Ql \&: , +.Ql \&! , +or +.Ql > +characters. +While a comma-separated list may be used in place of a single value after the +.Ql @ , +.Ql \&: , +.Ql \&! , +or +.Ql > +character, using an alias instead of a list is often improve readability. Per-command entries may not include command line arguments. If you need to specify arguments, define a .Em Cmnd_Alias -and reference -that instead. +and reference that instead. .Bd -literal Default_Type ::= 'Defaults' | - 'Defaults' '@' Host_List | - 'Defaults' ':' User_List | - 'Defaults' '!' Cmnd_List | - 'Defaults' '>' Runas_List + 'Defaults@' Host_List | + 'Defaults:' User_List | + 'Defaults!' Cmnd_List | + 'Defaults>' Runas_List Default_Entry ::= Default_Type Parameter_List @@ -1332,7 +1356,7 @@ A fully-specified consists of two .Em Runas_List Ns s (as defined above) separated by a colon -.Pq Ql :\& +.Pq Ql \&: and enclosed in a set of parentheses. The first .Em Runas_List -- cgit v1.2.1