1#
2# A simple example config for op(1). See the man page for more information or
3# op.conf.complex for a complex multi-user/multi-system configuration.
4#
5# Syntaxe:
6# VAR=value
7# DEFAULT option...
8# mnemonic  command [arg...] ; [option...]
9#
10# command : path | MAGIC_SHELL
11# arg : literal | $1..$n $*
12# option:
13#       uid=user (root) gid=group dir=dir chroot=dir umask=0### (022)
14#       groups=group|... users=user|... fowners=user:group fperms=0###
15#       password environment nolog xauth[=user] help="..."
16#       $VAR $VAR=... $1..$n $*
17
18# login : $SHELL $TERM $HOME $LOGNAME $PATH $MAIL
19# su : $SHELL $TERM $DISPLAY $XAUTHORITY $HOME $USER $LOGNAME $PATH
20# sudo -i : $DISPLAY $PATH $TERM $HOME $MAIL $SHELL $HOME $LOGNAME
21
22## List of privileged users
23
24GRP_PRIVALL=root|wheel|expl|keypriv
25
26DEFAULT	$COLORS $DISPLAY $HOSTNAME $HISTSIZE $INPUTRC $KDEDIR $LS_COLORS
27	$MAIL $PS1 $PS2 $QTDIR $USERNAME $LANG $LC_ADDRESS $LC_CTYPE
28	$LC_COLLATE $LC_IDENTIFICATION $LC_MEASUREMENT $LC_MESSAGES
29	$LC_MONETARY $LC_NAME $LC_NUMERIC $LC_PAPER $LC_TELEPHONE
30	$LC_TIME $LC_ALL $LANGUAGE $LINGUAS $_XKB_CHARSET $TERM $XAUTHORITY
31
32## List of privileged commands
33
34id	/usr/bin/id $*;
35	groups=GRP_PRIVALL
36	help="id"
37
38env	/bin/env $*;
39	groups=GRP_PRIVALL
40	environment
41	help="env [arg...] + env"
42
43magic	MAGIC_SHELL;
44	groups=GRP_PRIVALL
45	environment
46	help="magic command [arg...] + env"
47
48sh	/bin/sh $*;
49	groups=GRP_PRIVALL
50	environment
51	help="sh [arg...] + env"
52
53--	/bin/su -;
54	groups=GRP_PRIVALL
55	$TERM $DISPLAY
56	help="su -"
57
58-	/bin/sh -c '
59	while [ -n "${DISPLAY}" -a -z "${XAUTHORITY}" ]; do
60		found=0
61		for xauth in /usr/bin/xauth /usr/bin/X11/xauth /usr/openwin/bin/xauth; do
62			[ -x ${xauth} ] && found=1 && break
63		done
64		[ ${found} = 0 ] && break
65		home=$(eval echo ~$(id -un))
66		if [ -f /stand/vmunix ]; then
67			export XAUTHORITY=$(mktemp -c -d "${home}" -p .xauth)
68		elif [ -f /proc/version ]; then
69			export XAUTHORITY=$(mktemp -t -p "${home}" .xauthXXXXXX)
70		fi
71		until [ -f "${XAUTHORITY}" ]; do
72			XAUTHORITY=${home}/.xauth$(awk \'BEGIN{srand();printf "%06.6i", int(rand()*1000000)}\' /dev/null)
73			touch "${XAUTHORITY}.$$" 2> /dev/null || break; break=
74			ln "${XAUTHORITY}.$$" "${XAUTHORITY}" 2> /dev/null && break=
75			rm -f "${XAUTHORITY}.$$"; $break
76		done
77		[ ! -f "${XAUTHORITY}" ] && unset XAUTHORITY && break
78		((sleep 5; rm -f "${XAUTHORITY}") &)
79		eval ${xauth} -f ~${USER}/.Xauthority extract - :${DISPLAY#*:} |
80		${xauth} merge -; break
81	done
82	[ -z "${XAUTHORITY}" ] && unset DISPLAY
83	exec /bin/su -';
84	groups=GRP_PRIVALL
85	$TERM $DISPLAY
86	help="su -"
87
88su	/bin/su $*;
89	help="su [arg...] + env"
90	groups=GRP_PRIVALL
91	environment
92
93op	/bin/su $*;
94	groups=GRP_PRIVALL
95	$TERM $DISPLAY $USER=root $LOGNAME=root
96	help="su [arg...] - env"
97
98