#########################
# Sample /etc/gtksudoer
# 
# This file relaxes the root password restriction of gtksu. 
#
# It enables certain users to do certain operations using their own
# passwords, or no password at all, instead of being prompted for root password
# all the time.
#
# For this file to take effect, it must be:
# - located placed in /etc
# - owned by root:root
# - has a mode of 0600 (ie, read/write by owner only)
# otherwise it is ignored, and gtksu simply asks for root password 
#
# gtksu has a default setting for PATH and LD_LIBRARY_PATH, and will clear all LD_* environment
#
#########################

# Anything that follows # is a comment
# Blanks is ignored
#
# Lines consist of either:
# - environment setting.
# - access setting, or
#
# Environment Settings
# ====================
# Environment setting is simple, it is just KEY=VALUE pair
# Note: must be one word, no space between equal sign.
# If VALUE is blank, KEY will be removed from environment
#
# Access Settings
# ===============
# Every line has 4 fields, separated by blanks (spaces/tabs).
#
# user group path permission
#
# user, group and path can contains wildcards (? or *)
# note1: user/group/path all cannot contain spaces. There is no quoting, either.
# note2: group can either the primary group or the secondary group (the group names
#        shown by "id" command)
#
# permission is either root, user, or nopass
# root - ask for root password (this is the default behaviour)
# user - ask for user's own password
# nopass - don't ask for password, just execute path directly as root
# 
# the file is scanned from top to bottom, and as soon as a matching combination
# of user/group/path is found, no further scanning is done.
#

# Examples

# spot * id nopass  # allow user "spot" (regardless of the group) to execute "id" command without password
# sp* users /usr/bin/* user # allow user "spot" or "spud" or "spock" fromm the "users" group to run everything in /usr/bin with their own password


