[gentoo-doc-cvs] cvs commit: sudo-guide.xml - gentoo-doc-cvs

From:	Sven Vermeulen <swift@×××××××××××.org>
To:	gentoo-doc-cvs@l.g.o
Subject:	[gentoo-doc-cvs] cvs commit: sudo-guide.xml
Date:	Tue, 02 Aug 2005 17:48:43
Message-Id:	`200508021748.j72HmD6Y009229@robin.gentoo.org`

1

swift       05/08/02 17:48:20

2

3

  Modified:    xml/htdocs/doc/en/draft sudo-guide.xml

4

  Log:

5

  Fix spelling mistakes, add %group information

6

7

Revision  Changes    Path

8

1.2       +19 -9     xml/htdocs/doc/en/draft/sudo-guide.xml

9

10

file : http://www.gentoo.org/cgi-bin/viewcvs.cgi/xml/htdocs/doc/en/draft/sudo-guide.xml?rev=1.2&content-type=text/x-cvsweb-markup&cvsroot=gentoo

11

plain: http://www.gentoo.org/cgi-bin/viewcvs.cgi/xml/htdocs/doc/en/draft/sudo-guide.xml?rev=1.2&content-type=text/plain&cvsroot=gentoo

12

diff : http://www.gentoo.org/cgi-bin/viewcvs.cgi/xml/htdocs/doc/en/draft/sudo-guide.xml.diff?r1=1.1&r2=1.2&cvsroot=gentoo

13

14

Index: sudo-guide.xml

15

===================================================================

16

RCS file: /var/cvsroot/gentoo/xml/htdocs/doc/en/draft/sudo-guide.xml,v

17

retrieving revision 1.1

18

retrieving revision 1.2

19

diff -u -r1.1 -r1.2

20

--- sudo-guide.xml	2 Aug 2005 16:14:21 -0000	1.1

21

+++ sudo-guide.xml	2 Aug 2005 17:48:20 -0000	1.2

22

@@ -1,6 +1,6 @@

23

 <?xml version='1.0' encoding="UTF-8"?>

24

25

-<!-- $Header: /var/cvsroot/gentoo/xml/htdocs/doc/en/draft/sudo-guide.xml,v 1.1 2005/08/02 16:14:21 swift Exp $ -->

26

+<!-- $Header: /var/cvsroot/gentoo/xml/htdocs/doc/en/draft/sudo-guide.xml,v 1.2 2005/08/02 17:48:20 swift Exp $ -->

27

28

 <!DOCTYPE guide SYSTEM "/dtd/guide.dtd">

29

30

@@ -34,7 +34,7 @@

31

<p>

32

 The <c>app-admin/sudo</c> package allows the system administrator to grant

33

 permission to other users to execute one or more applications they would

34

-normally have no access to. Unlike using the <e>setuid</e> bit on these

35

+normally have no right to. Unlike using the <e>setuid</e> bit on these

36

 applications <c>sudo</c> gives a more fine-grained control on <e>who</e> can

37

 execute a certain command and <e>when</e>.

38

 </p>

39

@@ -57,7 +57,7 @@

40

41

<p>

42

 One additional advantage of <c>sudo</c> is that it can log any attempt

43

-(succesful or not) to run an application. This is very useful if you want to

44

+(successful or not) to run an application. This is very useful if you want to

45

 track who made that one fatal mistake that took you 10 hours to fix :)

46

 </p>

47

48

@@ -126,6 +126,16 @@

49

 </pre>

50

51

<p>

52

+The user name can also be substituted with a group name - in this case you should

53

+start the group name with a <c>%</c> sign. For instance, to allow any one in

54

+the <c>wheel</c> group to execute <c>emerge</c>:

55

+</p>

56

+

57

+<pre caption="Allowing the wheel group members to execute emerge">

58

+%wheel  localhost = /usr/bin/emerge

59

+</pre>

60

+

61

+<p>

62

 You can extend the line to allow for several commands (instead of making a

63

 single entry for each command). For instance, to allow the same user to not only

64

 run <c>emerge</c> but also <c>ebuild</c> and <c>emerge-webrsync</c> as root:

65

@@ -297,8 +307,8 @@

66

 </p>

67

68

<p>

69

-Of course, this behaviour can be changed: you can set the <c>Defaults:</c>

70

-directive in <path>/etc/sudoers</path> to change the default behaviour for a

71

+Of course, this behavior can be changed: you can set the <c>Defaults:</c>

72

+directive in <path>/etc/sudoers</path> to change the default behavior for a

73

 user.

74

 </p>

75

76

@@ -311,7 +321,7 @@

77

 </pre>

78

79

<p>

80

-A setting of <c>-1</c> would remember the password indefinately (until the

81

+A setting of <c>-1</c> would remember the password indefinitely (until the

82

 system reboots).

83

 </p>

84

85

@@ -319,7 +329,7 @@

86

 A different setting would be to require the password of the user that the

87

 command should be run as and not the users' personal password. This is 

88

 accomplished using <c>runaspw</c>. In the following example we

89

-also set the amount of retries (how many times the user can re-enter a password

90

+also set the number of retries (how many times the user can re-enter a password

91

 before <c>sudo</c> fails) to <c>2</c> instead of the default 3:

92

 </p>

93

94

@@ -334,7 +344,7 @@

95

96

<p>

97

 If you however want to allow a user to run a certain set of commands without

98

-providing any password whatsoever, you need to prepend the commands with

99

+providing any password whatsoever, you need to start the commands with

100

 <c>NOPASSWD:</c>, like so:

101

 </p>

102

103

@@ -382,7 +392,7 @@

104

<p>

105

 By default, if a user has entered his password to authenticate himself to

106

 <c>sudo</c>, it is remembered for 5 minutes. If the user wants to prolong this

107

-period, he can run <c>sudo&nbsp;-v</c> to reset the timestamp so that

108

+period, he can run <c>sudo&nbsp;-v</c> to reset the time stamp so that

109

 it will take another 5 minutes before <c>sudo</c> asks for the password again.

110

 </p>

--

116

gentoo-doc-cvs@g.o mailing list

1	swift 05/08/02 17:48:20
2
3	Modified: xml/htdocs/doc/en/draft sudo-guide.xml
4	Log:
5	Fix spelling mistakes, add %group information
6
7	Revision Changes Path
8	1.2 +19 -9 xml/htdocs/doc/en/draft/sudo-guide.xml
9
10	file : http://www.gentoo.org/cgi-bin/viewcvs.cgi/xml/htdocs/doc/en/draft/sudo-guide.xml?rev=1.2&content-type=text/x-cvsweb-markup&cvsroot=gentoo
11	plain: http://www.gentoo.org/cgi-bin/viewcvs.cgi/xml/htdocs/doc/en/draft/sudo-guide.xml?rev=1.2&content-type=text/plain&cvsroot=gentoo
12	diff : http://www.gentoo.org/cgi-bin/viewcvs.cgi/xml/htdocs/doc/en/draft/sudo-guide.xml.diff?r1=1.1&r2=1.2&cvsroot=gentoo
13
14	Index: sudo-guide.xml
15	===================================================================
16	RCS file: /var/cvsroot/gentoo/xml/htdocs/doc/en/draft/sudo-guide.xml,v
17	retrieving revision 1.1
18	retrieving revision 1.2
19	diff -u -r1.1 -r1.2
20	--- sudo-guide.xml 2 Aug 2005 16:14:21 -0000 1.1
21	+++ sudo-guide.xml 2 Aug 2005 17:48:20 -0000 1.2
22	@@ -1,6 +1,6 @@
23	<?xml version='1.0' encoding="UTF-8"?>
24
25	-<!-- $Header: /var/cvsroot/gentoo/xml/htdocs/doc/en/draft/sudo-guide.xml,v 1.1 2005/08/02 16:14:21 swift Exp $ -->
26	+<!-- $Header: /var/cvsroot/gentoo/xml/htdocs/doc/en/draft/sudo-guide.xml,v 1.2 2005/08/02 17:48:20 swift Exp $ -->
27
28	<!DOCTYPE guide SYSTEM "/dtd/guide.dtd">
29
30	@@ -34,7 +34,7 @@
31	<p>
32	The <c>app-admin/sudo</c> package allows the system administrator to grant
33	permission to other users to execute one or more applications they would
34	-normally have no access to. Unlike using the <e>setuid</e> bit on these
35	+normally have no right to. Unlike using the <e>setuid</e> bit on these
36	applications <c>sudo</c> gives a more fine-grained control on <e>who</e> can
37	execute a certain command and <e>when</e>.
38	</p>
39	@@ -57,7 +57,7 @@
40
41	<p>
42	One additional advantage of <c>sudo</c> is that it can log any attempt
43	-(succesful or not) to run an application. This is very useful if you want to
44	+(successful or not) to run an application. This is very useful if you want to
45	track who made that one fatal mistake that took you 10 hours to fix :)
46	</p>
47
48	@@ -126,6 +126,16 @@
49	</pre>
50
51	<p>
52	+The user name can also be substituted with a group name - in this case you should
53	+start the group name with a <c>%</c> sign. For instance, to allow any one in
54	+the <c>wheel</c> group to execute <c>emerge</c>:
55	+</p>
56	+
57	+<pre caption="Allowing the wheel group members to execute emerge">
58	+%wheel localhost = /usr/bin/emerge
59	+</pre>
60	+
61	+<p>
62	You can extend the line to allow for several commands (instead of making a
63	single entry for each command). For instance, to allow the same user to not only
64	run <c>emerge</c> but also <c>ebuild</c> and <c>emerge-webrsync</c> as root:
65	@@ -297,8 +307,8 @@
66	</p>
67
68	<p>
69	-Of course, this behaviour can be changed: you can set the <c>Defaults:</c>
70	-directive in <path>/etc/sudoers</path> to change the default behaviour for a
71	+Of course, this behavior can be changed: you can set the <c>Defaults:</c>
72	+directive in <path>/etc/sudoers</path> to change the default behavior for a
73	user.
74	</p>
75
76	@@ -311,7 +321,7 @@
77	</pre>
78
79	<p>
80	-A setting of <c>-1</c> would remember the password indefinately (until the
81	+A setting of <c>-1</c> would remember the password indefinitely (until the
82	system reboots).
83	</p>
84
85	@@ -319,7 +329,7 @@
86	A different setting would be to require the password of the user that the
87	command should be run as and not the users' personal password. This is
88	accomplished using <c>runaspw</c>. In the following example we
89	-also set the amount of retries (how many times the user can re-enter a password
90	+also set the number of retries (how many times the user can re-enter a password
91	before <c>sudo</c> fails) to <c>2</c> instead of the default 3:
92	</p>
93
94	@@ -334,7 +344,7 @@
95
96	<p>
97	If you however want to allow a user to run a certain set of commands without
98	-providing any password whatsoever, you need to prepend the commands with
99	+providing any password whatsoever, you need to start the commands with
100	<c>NOPASSWD:</c>, like so:
101	</p>
102
103	@@ -382,7 +392,7 @@
104	<p>
105	By default, if a user has entered his password to authenticate himself to
106	<c>sudo</c>, it is remembered for 5 minutes. If the user wants to prolong this
107	-period, he can run <c>sudo -v</c> to reset the timestamp so that
108	+period, he can run <c>sudo -v</c> to reset the time stamp so that
109	it will take another 5 minutes before <c>sudo</c> asks for the password again.
110	</p>
111
112
113
114
115	--
116	gentoo-doc-cvs@g.o mailing list

Gentoo Archives: gentoo-doc-cvs