1# 2# A simple example config for op(1). See the man page for more information or 3# op.conf.complex for a complex multi-user/multi-system configuration. 4# 5# Syntaxe: 6# VAR=value 7# DEFAULT option... 8# mnemonic command [arg...] ; [option...] 9# 10# command : path | MAGIC_SHELL 11# arg : literal | $1..$n $* 12# option: 13# uid=user (root) gid=group dir=dir chroot=dir umask=0### (022) 14# groups=group|... users=user|... fowners=user:group fperms=0### 15# password environment nolog xauth[=user] help="..." 16# $VAR $VAR=... $1..$n $* 17 18# login : $SHELL $TERM $HOME $LOGNAME $PATH $MAIL 19# su : $SHELL $TERM $DISPLAY $XAUTHORITY $HOME $USER $LOGNAME $PATH 20# sudo -i : $DISPLAY $PATH $TERM $HOME $MAIL $SHELL $HOME $LOGNAME 21 22## List of privileged users 23 24GRP_PRIVALL=root|wheel|expl|keypriv 25 26DEFAULT $COLORS $DISPLAY $HOSTNAME $HISTSIZE $INPUTRC $KDEDIR $LS_COLORS 27 $MAIL $PS1 $PS2 $QTDIR $USERNAME $LANG $LC_ADDRESS $LC_CTYPE 28 $LC_COLLATE $LC_IDENTIFICATION $LC_MEASUREMENT $LC_MESSAGES 29 $LC_MONETARY $LC_NAME $LC_NUMERIC $LC_PAPER $LC_TELEPHONE 30 $LC_TIME $LC_ALL $LANGUAGE $LINGUAS $_XKB_CHARSET $TERM $XAUTHORITY 31 32## List of privileged commands 33 34id /usr/bin/id $*; 35 groups=GRP_PRIVALL 36 help="id" 37 38env /bin/env $*; 39 groups=GRP_PRIVALL 40 environment 41 help="env [arg...] + env" 42 43magic MAGIC_SHELL; 44 groups=GRP_PRIVALL 45 environment 46 help="magic command [arg...] + env" 47 48sh /bin/sh $*; 49 groups=GRP_PRIVALL 50 environment 51 help="sh [arg...] + env" 52 53-- /bin/su -; 54 groups=GRP_PRIVALL 55 $TERM $DISPLAY 56 help="su -" 57 58- /bin/sh -c ' 59 while [ -n "${DISPLAY}" -a -z "${XAUTHORITY}" ]; do 60 found=0 61 for xauth in /usr/bin/xauth /usr/bin/X11/xauth /usr/openwin/bin/xauth; do 62 [ -x ${xauth} ] && found=1 && break 63 done 64 [ ${found} = 0 ] && break 65 home=$(eval echo ~$(id -un)) 66 if [ -f /stand/vmunix ]; then 67 export XAUTHORITY=$(mktemp -c -d "${home}" -p .xauth) 68 elif [ -f /proc/version ]; then 69 export XAUTHORITY=$(mktemp -t -p "${home}" .xauthXXXXXX) 70 fi 71 until [ -f "${XAUTHORITY}" ]; do 72 XAUTHORITY=${home}/.xauth$(awk \'BEGIN{srand();printf "%06.6i", int(rand()*1000000)}\' /dev/null) 73 touch "${XAUTHORITY}.$$" 2> /dev/null || break; break= 74 ln "${XAUTHORITY}.$$" "${XAUTHORITY}" 2> /dev/null && break= 75 rm -f "${XAUTHORITY}.$$"; $break 76 done 77 [ ! -f "${XAUTHORITY}" ] && unset XAUTHORITY && break 78 ((sleep 5; rm -f "${XAUTHORITY}") &) 79 eval ${xauth} -f ~${USER}/.Xauthority extract - :${DISPLAY#*:} | 80 ${xauth} merge -; break 81 done 82 [ -z "${XAUTHORITY}" ] && unset DISPLAY 83 exec /bin/su -'; 84 groups=GRP_PRIVALL 85 $TERM $DISPLAY 86 help="su -" 87 88su /bin/su $*; 89 help="su [arg...] + env" 90 groups=GRP_PRIVALL 91 environment 92 93op /bin/su $*; 94 groups=GRP_PRIVALL 95 $TERM $DISPLAY $USER=root $LOGNAME=root 96 help="su [arg...] - env" 97 98