3

When I edit /etc/sudoers using visudo, I think it saves to sudoers.tmp, checks it for errors, then copies it to the real /etc/sudoers.

However, I can't confirm my theory (how the lock file is used) in the man pages: http://manpages.ubuntu.com/manpages/dapper/man8/visudo.8.html - it's not described there.

Does anyone know if this behavior is described anywhere? Or is this because lock files are so common it's not described in visudo?

Tosh
  • 429
  • it is in the manpages: FILES 
       ` /etc/sudoers `          List of who can run what
   `/etc/sudoers.tmp `      Lock file for visudo
     – Jacob Vlijm May 19 '15 at 20:43
  • What I meant is: how the lock file is used, and what it does is not explained. – Tosh May 19 '15 at 20:52
  • 1
    Ah, I understand. I don't see a description. Your assumption is correct however: if you run sudo visudo look at the top line; it sais you are editing /etc/sudoers.tmp. – Jacob Vlijm May 19 '15 at 20:58

1 Answers1

3

It is mentioned in man visudo.

From man visudo go to FILES section, you will find :

 /etc/sudoers.tmp          Lock file for visudo

It is also described in the illustration of -f option :

-f sudoers, --file=sudoers

Specify an alternate sudoers file location. With this option, visudo will edit (or check) the sudoers file of your choice, instead of the default, /etc/sudoers. The lock file used is the specified sudoers file with “.tmp” appended to it. In check-only mode only, the argument to -f may be ‘-’, indicating that sudoers will be read from the standard input.

If you are interested you can trace the system calls, here what you will find :

open("/etc/sudoers.tmp", O_WRONLY|O_CREAT|O_TRUNC, 0600) = 7

EDIT :

Your concept is right and yes i also personally think that as this is a generic concept it is not mentioned in the man page.

heemayl
  • 94,145