visudo(8) 17/Oct/98 visudo(8) MAINTENANCE COMMANDS MAINTENANCE COMMANDS 1.5.7 NAME visudo - edit the sudoers file SYNOPSIS visudo [ -V ] DESCRIPTION visudo edits the sudoers file in a safe fashion, analogous to vipw(8). visudo locks the sudoers file against multiple simultaneous edits, provides basic sanity checks, and checks for parse errors. If the sudoers file is currently being edited you will receive a message to try again later. In the default configuration, the vi(1) editor is used, but there is a compile time option to allow use of whatever editor the environment variables EDITOR or VISUAL are set to. visudo parses the sudoers file after the edit and will not save the changes if there is a syntax error. Upon finding an error, a message will be printed stating the line number(s) that the error occurred on and the user will receive the "What now?" prompt. At this point the user may enter "e" to re-edit the sudoers file, enter "x" to exit without saving the changes, or "Q" to quit and save changes. The "Q" option should be used with extreme care because if visudo believes there to be a parse error, so will sudo and no one will be able to execute sudo again until the error is fixed. Any other command at this prompt will print a short help message. When editing the sudoers file after a parse error has been detected the cursor will be placed on the line where the error occurred (if the editor supports this feature). OPTIONS visudo accepts the following command line option: -V The -V (version) option causes visudo to print the version number ...skipping... visudo parses the sudoers file after the edit and will not save the changes if there is a syntax error. Upon finding an error, a message will be printed stating the line number(s) that the error occurred on and the user will receive the "What now?" prompt. At this point the user may enter "e" to re-edit the sudoers file, enter "x" to exit without saving the changes, or "Q" to quit and save changes. The "Q" option should be used with extreme care because if visudo believes there to be a parse error, so will sudo and no one will be able to execute sudo again until the error is fixed. Any other command at this prompt will print a short help message. When editing the sudoers file after a parse error has been detected the cursor will be placed on the line where the error occurred (if the editor supports this feature). OPTIONS visudo accepts the following command line option: -V The -V (version) option causes visudo to print the version number and exit. ERRORS sudoers file busy, try again later. Either someone is currently editing the sudoers file or there is a stale sudoers lock file (/etc/stmp by default) that you need to delete. /etc/stmp: Permission denied You didn't run visudo as root. Can't find you in the passwd database Your userid does not appear in the passwd file. FILES - 1 - Formatted: August 20, 1999 visudo(8) 17/Oct/98 visudo(8) MAINTENANCE COMMANDS MAINTENANCE COMMANDS 1.5.7 /etc/sudoers file of authorized users. /etc/stmp lock file for visudo. ENVIRONMENT VARIABLES The following are used only if visudo was compiled with the ENV_EDITOR option: EDITOR Used by visudo as the editor to use. VISUAL Used by visudo if EDITOR is not set. AUTHOR Many people have worked on sudo over the years, this version of visudo was written by: Todd Miller See the HISTORY file in the sudo distribution for more details. Please send all bugs, comments, and changes to sudo- bugs@courtesan.com. DISCLAIMER This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details. You should have received a copy of the GNU General Public License along with this program; if not, write to the Free Software Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA. CAVEATS Due to the syntax of the sudoers file, there is no way for visudo to tell the difference between a mistyped {Host,User,Cmnd}_Alias and a user or host name. There is no easy way to prevent a user from gaining a root shell if the editor used by visudo allows shell escapes. BUGS The -V flag gives the version of the sudo package rather than the individual visudo program. SEE ALSO sudo(8), vipw(8). - 2 - Formatted: August 20, 1999 visudo(8) 17/Oct/98 visudo(8) MAINTENANCE COMMANDS MAINTENANCE COMMANDS 1.5.7 - 3 - Formatted: August 20, 1999 17/Oct/98 visudo(8) $ 17/Oct/98 visudo(8)