1" Vim syntax file 2" Language: sudoers(5) configuration files 3" Previous Maintainer: Nikolai Weibull <[email protected]> 4" Latest Revision: 2018-07-19 5" Recent Changes: Support for #include and #includedir. 6 7if exists("b:current_syntax") 8 finish 9endif 10 11let s:cpo_save = &cpo 12set cpo&vim 13 14" TODO: instead of 'skipnl', we would like to match a specific group that would 15" match \\$ and then continue with the nextgroup, actually, the skipnl doesn't 16" work... 17" TODO: treat 'ALL' like a special (yay, a bundle of new rules!!!) 18 19syn match sudoersUserSpec '^' nextgroup=@sudoersUserInSpec skipwhite 20 21syn match sudoersSpecEquals contained '=' nextgroup=@sudoersCmndSpecList skipwhite 22 23syn cluster sudoersCmndSpecList contains=sudoersUserRunasBegin,sudoersPASSWD,@sudoersCmndInSpec 24 25syn keyword sudoersTodo contained TODO FIXME XXX NOTE 26 27syn region sudoersComment display oneline start='#' end='$' contains=sudoersTodo 28syn region sudoersInclude display oneline start='#\(include\|includedir\)' end='$' 29 30syn keyword sudoersAlias User_Alias Runas_Alias nextgroup=sudoersUserAlias skipwhite skipnl 31syn keyword sudoersAlias Host_Alias nextgroup=sudoersHostAlias skipwhite skipnl 32syn keyword sudoersAlias Cmnd_Alias nextgroup=sudoersCmndAlias skipwhite skipnl 33 34syn match sudoersUserAlias contained '\<\u[A-Z0-9_]*\>' nextgroup=sudoersUserAliasEquals skipwhite skipnl 35syn match sudoersUserNameInList contained '\<\l\+\>' nextgroup=@sudoersUserList skipwhite skipnl 36syn match sudoersUIDInList contained '#\d\+\>' nextgroup=@sudoersUserList skipwhite skipnl 37syn match sudoersGroupInList contained '%\l\+\>' nextgroup=@sudoersUserList skipwhite skipnl 38syn match sudoersUserNetgroupInList contained '+\l\+\>' nextgroup=@sudoersUserList skipwhite skipnl 39syn match sudoersUserAliasInList contained '\<\u[A-Z0-9_]*\>' nextgroup=@sudoersUserList skipwhite skipnl 40 41syn match sudoersUserName contained '\<\l\+\>' nextgroup=@sudoersParameter skipwhite skipnl 42syn match sudoersUID contained '#\d\+\>' nextgroup=@sudoersParameter skipwhite skipnl 43syn match sudoersGroup contained '%\l\+\>' nextgroup=@sudoersParameter skipwhite skipnl 44syn match sudoersUserNetgroup contained '+\l\+\>' nextgroup=@sudoersParameter skipwhite skipnl 45syn match sudoersUserAliasRef contained '\<\u[A-Z0-9_]*\>' nextgroup=@sudoersParameter skipwhite skipnl 46 47syn match sudoersUserNameInSpec contained '\<\l\+\>' nextgroup=@sudoersUserSpec skipwhite skipnl 48syn match sudoersUIDInSpec contained '#\d\+\>' nextgroup=@sudoersUserSpec skipwhite skipnl 49syn match sudoersGroupInSpec contained '%\l\+\>' nextgroup=@sudoersUserSpec skipwhite skipnl 50syn match sudoersUserNetgroupInSpec contained '+\l\+\>' nextgroup=@sudoersUserSpec skipwhite skipnl 51syn match sudoersUserAliasInSpec contained '\<\u[A-Z0-9_]*\>' nextgroup=@sudoersUserSpec skipwhite skipnl 52 53syn match sudoersUserNameInRunas contained '\<\l\+\>' nextgroup=@sudoersUserRunas skipwhite skipnl 54syn match sudoersUIDInRunas contained '#\d\+\>' nextgroup=@sudoersUserRunas skipwhite skipnl 55syn match sudoersGroupInRunas contained '%\l\+\>' nextgroup=@sudoersUserRunas skipwhite skipnl 56syn match sudoersUserNetgroupInRunas contained '+\l\+\>' nextgroup=@sudoersUserRunas skipwhite skipnl 57syn match sudoersUserAliasInRunas contained '\<\u[A-Z0-9_]*\>' nextgroup=@sudoersUserRunas skipwhite skipnl 58 59syn match sudoersHostAlias contained '\<\u[A-Z0-9_]*\>' nextgroup=sudoersHostAliasEquals skipwhite skipnl 60syn match sudoersHostNameInList contained '\<\l\+\>' nextgroup=@sudoersHostList skipwhite skipnl 61syn match sudoersIPAddrInList contained '\%(\d\{1,3}\.\)\{3}\d\{1,3}' nextgroup=@sudoersHostList skipwhite skipnl 62syn match sudoersNetworkInList contained '\%(\d\{1,3}\.\)\{3}\d\{1,3}\%(/\%(\%(\d\{1,3}\.\)\{3}\d\{1,3}\|\d\+\)\)\=' nextgroup=@sudoersHostList skipwhite skipnl 63syn match sudoersHostNetgroupInList contained '+\l\+\>' nextgroup=@sudoersHostList skipwhite skipnl 64syn match sudoersHostAliasInList contained '\<\u[A-Z0-9_]*\>' nextgroup=@sudoersHostList skipwhite skipnl 65 66syn match sudoersHostName contained '\<\l\+\>' nextgroup=@sudoersParameter skipwhite skipnl 67syn match sudoersIPAddr contained '\%(\d\{1,3}\.\)\{3}\d\{1,3}' nextgroup=@sudoersParameter skipwhite skipnl 68syn match sudoersNetwork contained '\%(\d\{1,3}\.\)\{3}\d\{1,3}\%(/\%(\%(\d\{1,3}\.\)\{3}\d\{1,3}\|\d\+\)\)\=' nextgroup=@sudoersParameter skipwhite skipnl 69syn match sudoersHostNetgroup contained '+\l\+\>' nextgroup=@sudoersParameter skipwhite skipnl 70syn match sudoersHostAliasRef contained '\<\u[A-Z0-9_]*\>' nextgroup=@sudoersParameter skipwhite skipnl 71 72syn match sudoersHostNameInSpec contained '\<\l\+\>' nextgroup=@sudoersHostSpec skipwhite skipnl 73syn match sudoersIPAddrInSpec contained '\%(\d\{1,3}\.\)\{3}\d\{1,3}' nextgroup=@sudoersHostSpec skipwhite skipnl 74syn match sudoersNetworkInSpec contained '\%(\d\{1,3}\.\)\{3}\d\{1,3}\%(/\%(\%(\d\{1,3}\.\)\{3}\d\{1,3}\|\d\+\)\)\=' nextgroup=@sudoersHostSpec skipwhite skipnl 75syn match sudoersHostNetgroupInSpec contained '+\l\+\>' nextgroup=@sudoersHostSpec skipwhite skipnl 76syn match sudoersHostAliasInSpec contained '\<\u[A-Z0-9_]*\>' nextgroup=@sudoersHostSpec skipwhite skipnl 77 78syn match sudoersCmndAlias contained '\<\u[A-Z0-9_]*\>' nextgroup=sudoersCmndAliasEquals skipwhite skipnl 79syn match sudoersCmndNameInList contained '[^[:space:],:=\\]\+\%(\\[[:space:],:=\\][^[:space:],:=\\]*\)*' nextgroup=@sudoersCmndList,sudoersCommandEmpty,sudoersCommandArgs skipwhite 80syn match sudoersCmndAliasInList contained '\<\u[A-Z0-9_]*\>' nextgroup=@sudoersCmndList skipwhite skipnl 81 82syn match sudoersCmndNameInSpec contained '[^[:space:],:=\\]\+\%(\\[[:space:],:=\\][^[:space:],:=\\]*\)*' nextgroup=@sudoersCmndSpec,sudoersCommandEmptyInSpec,sudoersCommandArgsInSpec skipwhite 83syn match sudoersCmndAliasInSpec contained '\<\u[A-Z0-9_]*\>' nextgroup=@sudoersCmndSpec skipwhite skipnl 84 85syn match sudoersUserAliasEquals contained '=' nextgroup=@sudoersUserInList skipwhite skipnl 86syn match sudoersUserListComma contained ',' nextgroup=@sudoersUserInList skipwhite skipnl 87syn match sudoersUserListColon contained ':' nextgroup=sudoersUserAlias skipwhite skipnl 88syn cluster sudoersUserList contains=sudoersUserListComma,sudoersUserListColon 89 90syn match sudoersUserSpecComma contained ',' nextgroup=@sudoersUserInSpec skipwhite skipnl 91syn cluster sudoersUserSpec contains=sudoersUserSpecComma,@sudoersHostInSpec 92 93syn match sudoersUserRunasBegin contained '(' nextgroup=@sudoersUserInRunas skipwhite skipnl 94syn match sudoersUserRunasComma contained ',' nextgroup=@sudoersUserInRunas skipwhite skipnl 95syn match sudoersUserRunasEnd contained ')' nextgroup=sudoersPASSWD,@sudoersCmndInSpec skipwhite skipnl 96syn cluster sudoersUserRunas contains=sudoersUserRunasComma,@sudoersUserInRunas,sudoersUserRunasEnd 97 98 99syn match sudoersHostAliasEquals contained '=' nextgroup=@sudoersHostInList skipwhite skipnl 100syn match sudoersHostListComma contained ',' nextgroup=@sudoersHostInList skipwhite skipnl 101syn match sudoersHostListColon contained ':' nextgroup=sudoersHostAlias skipwhite skipnl 102syn cluster sudoersHostList contains=sudoersHostListComma,sudoersHostListColon 103 104syn match sudoersHostSpecComma contained ',' nextgroup=@sudoersHostInSpec skipwhite skipnl 105syn cluster sudoersHostSpec contains=sudoersHostSpecComma,sudoersSpecEquals 106 107 108syn match sudoersCmndAliasEquals contained '=' nextgroup=@sudoersCmndInList skipwhite skipnl 109syn match sudoersCmndListComma contained ',' nextgroup=@sudoersCmndInList skipwhite skipnl 110syn match sudoersCmndListColon contained ':' nextgroup=sudoersCmndAlias skipwhite skipnl 111syn cluster sudoersCmndList contains=sudoersCmndListComma,sudoersCmndListColon 112 113syn match sudoersCmndSpecComma contained ',' nextgroup=@sudoersCmndSpecList skipwhite skipnl 114syn match sudoersCmndSpecColon contained ':' nextgroup=@sudoersUserInSpec skipwhite skipnl 115syn cluster sudoersCmndSpec contains=sudoersCmndSpecComma,sudoersCmndSpecColon 116 117syn cluster sudoersUserInList contains=sudoersUserNegationInList,sudoersUserNameInList,sudoersUIDInList,sudoersGroupInList,sudoersUserNetgroupInList,sudoersUserAliasInList 118syn cluster sudoersHostInList contains=sudoersHostNegationInList,sudoersHostNameInList,sudoersIPAddrInList,sudoersNetworkInList,sudoersHostNetgroupInList,sudoersHostAliasInList 119syn cluster sudoersCmndInList contains=sudoersCmndNegationInList,sudoersCmndNameInList,sudoersCmndAliasInList 120 121syn cluster sudoersUser contains=sudoersUserNegation,sudoersUserName,sudoersUID,sudoersGroup,sudoersUserNetgroup,sudoersUserAliasRef 122syn cluster sudoersHost contains=sudoersHostNegation,sudoersHostName,sudoersIPAddr,sudoersNetwork,sudoersHostNetgroup,sudoersHostAliasRef 123 124syn cluster sudoersUserInSpec contains=sudoersUserNegationInSpec,sudoersUserNameInSpec,sudoersUIDInSpec,sudoersGroupInSpec,sudoersUserNetgroupInSpec,sudoersUserAliasInSpec 125syn cluster sudoersHostInSpec contains=sudoersHostNegationInSpec,sudoersHostNameInSpec,sudoersIPAddrInSpec,sudoersNetworkInSpec,sudoersHostNetgroupInSpec,sudoersHostAliasInSpec 126syn cluster sudoersUserInRunas contains=sudoersUserNegationInRunas,sudoersUserNameInRunas,sudoersUIDInRunas,sudoersGroupInRunas,sudoersUserNetgroupInRunas,sudoersUserAliasInRunas 127syn cluster sudoersCmndInSpec contains=sudoersCmndNegationInSpec,sudoersCmndNameInSpec,sudoersCmndAliasInSpec 128 129syn match sudoersUserNegationInList contained '!\+' nextgroup=@sudoersUserInList skipwhite skipnl 130syn match sudoersHostNegationInList contained '!\+' nextgroup=@sudoersHostInList skipwhite skipnl 131syn match sudoersCmndNegationInList contained '!\+' nextgroup=@sudoersCmndInList skipwhite skipnl 132 133syn match sudoersUserNegation contained '!\+' nextgroup=@sudoersUser skipwhite skipnl 134syn match sudoersHostNegation contained '!\+' nextgroup=@sudoersHost skipwhite skipnl 135 136syn match sudoersUserNegationInSpec contained '!\+' nextgroup=@sudoersUserInSpec skipwhite skipnl 137syn match sudoersHostNegationInSpec contained '!\+' nextgroup=@sudoersHostInSpec skipwhite skipnl 138syn match sudoersUserNegationInRunas contained '!\+' nextgroup=@sudoersUserInRunas skipwhite skipnl 139syn match sudoersCmndNegationInSpec contained '!\+' nextgroup=@sudoersCmndInSpec skipwhite skipnl 140 141syn match sudoersCommandArgs contained '[^[:space:],:=\\]\+\%(\\[[:space:],:=\\][^[:space:],:=\\]*\)*' nextgroup=sudoersCommandArgs,@sudoersCmndList skipwhite 142syn match sudoersCommandEmpty contained '""' nextgroup=@sudoersCmndList skipwhite skipnl 143 144syn match sudoersCommandArgsInSpec contained '[^[:space:],:=\\]\+\%(\\[[:space:],:=\\][^[:space:],:=\\]*\)*' nextgroup=sudoersCommandArgsInSpec,@sudoersCmndSpec skipwhite 145syn match sudoersCommandEmptyInSpec contained '""' nextgroup=@sudoersCmndSpec skipwhite skipnl 146 147syn keyword sudoersDefaultEntry Defaults nextgroup=sudoersDefaultTypeAt,sudoersDefaultTypeColon,sudoersDefaultTypeGreaterThan,@sudoersParameter skipwhite skipnl 148syn match sudoersDefaultTypeAt contained '@' nextgroup=@sudoersHost skipwhite skipnl 149syn match sudoersDefaultTypeColon contained ':' nextgroup=@sudoersUser skipwhite skipnl 150syn match sudoersDefaultTypeGreaterThan contained '>' nextgroup=@sudoersUser skipwhite skipnl 151 152" TODO: could also deal with special characters here 153syn match sudoersBooleanParameter contained '!' nextgroup=sudoersBooleanParameter skipwhite skipnl 154syn keyword sudoersBooleanParameter contained skipwhite skipnl 155 \ always_set_home 156 \ authenticate 157 \ closefrom_override 158 \ env_editor 159 \ env_reset 160 \ fqdn 161 \ ignore_dot 162 \ ignore_local_sudoers 163 \ insults 164 \ log_host 165 \ log_year 166 \ long_otp_prompt 167 \ mail_always 168 \ mail_badpass 169 \ mail_no_host 170 \ mail_no_perms 171 \ mail_no_user 172 \ noexec 173 \ path_info 174 \ passprompt_override 175 \ preserve_groups 176 \ requiretty 177 \ root_sudo 178 \ rootpw 179 \ runaspw 180 \ set_home 181 \ set_logname 182 \ setenv 183 \ shell_noargs 184 \ stay_setuid 185 \ targetpw 186 \ tty_tickets 187 \ visiblepw 188 189syn keyword sudoersIntegerParameter contained 190 \ nextgroup=sudoersIntegerParameterEquals 191 \ skipwhite skipnl 192 \ closefrom 193 \ passwd_tries 194 \ loglinelen 195 \ passwd_timeout 196 \ timestamp_timeout 197 \ umask 198 199syn keyword sudoersStringParameter contained 200 \ nextgroup=sudoersStringParameterEquals 201 \ skipwhite skipnl 202 \ badpass_message 203 \ editor 204 \ mailsub 205 \ noexec_file 206 \ passprompt 207 \ runas_default 208 \ syslog_badpri 209 \ syslog_goodpri 210 \ sudoers_locale 211 \ timestampdir 212 \ timestampowner 213 \ askpass 214 \ env_file 215 \ exempt_group 216 \ lecture 217 \ lecture_file 218 \ listpw 219 \ logfile 220 \ mailerflags 221 \ mailerpath 222 \ mailfrom 223 \ mailto 224 \ secure_path 225 \ syslog 226 \ verifypw 227 228syn keyword sudoersListParameter contained 229 \ nextgroup=sudoersListParameterEquals 230 \ skipwhite skipnl 231 \ env_check 232 \ env_delete 233 \ env_keep 234 235syn match sudoersParameterListComma contained ',' nextgroup=@sudoersParameter skipwhite skipnl 236 237syn cluster sudoersParameter contains=sudoersBooleanParameter,sudoersIntegerParameter,sudoersStringParameter,sudoersListParameter 238 239syn match sudoersIntegerParameterEquals contained '[+-]\==' nextgroup=sudoersIntegerValue skipwhite skipnl 240syn match sudoersStringParameterEquals contained '[+-]\==' nextgroup=sudoersStringValue skipwhite skipnl 241syn match sudoersListParameterEquals contained '[+-]\==' nextgroup=sudoersListValue skipwhite skipnl 242 243syn match sudoersIntegerValue contained '\d\+' nextgroup=sudoersParameterListComma skipwhite skipnl 244syn match sudoersStringValue contained '[^[:space:],:=\\]*\%(\\[[:space:],:=\\][^[:space:],:=\\]*\)*' nextgroup=sudoersParameterListComma skipwhite skipnl 245syn region sudoersStringValue contained start=+"+ skip=+\\"+ end=+"+ nextgroup=sudoersParameterListComma skipwhite skipnl 246syn match sudoersListValue contained '[^[:space:],:=\\]*\%(\\[[:space:],:=\\][^[:space:],:=\\]*\)*' nextgroup=sudoersParameterListComma skipwhite skipnl 247syn region sudoersListValue contained start=+"+ skip=+\\"+ end=+"+ nextgroup=sudoersParameterListComma skipwhite skipnl 248 249syn match sudoersPASSWD contained '\%(NO\)\=PASSWD:' nextgroup=@sudoersCmndInSpec skipwhite 250 251hi def link sudoersSpecEquals Operator 252hi def link sudoersTodo Todo 253hi def link sudoersComment Comment 254hi def link sudoersAlias Keyword 255hi def link sudoersUserAlias Identifier 256hi def link sudoersUserNameInList String 257hi def link sudoersUIDInList Number 258hi def link sudoersGroupInList PreProc 259hi def link sudoersUserNetgroupInList PreProc 260hi def link sudoersUserAliasInList PreProc 261hi def link sudoersUserName String 262hi def link sudoersUID Number 263hi def link sudoersGroup PreProc 264hi def link sudoersUserNetgroup PreProc 265hi def link sudoersUserAliasRef PreProc 266hi def link sudoersUserNameInSpec String 267hi def link sudoersUIDInSpec Number 268hi def link sudoersGroupInSpec PreProc 269hi def link sudoersUserNetgroupInSpec PreProc 270hi def link sudoersUserAliasInSpec PreProc 271hi def link sudoersUserNameInRunas String 272hi def link sudoersUIDInRunas Number 273hi def link sudoersGroupInRunas PreProc 274hi def link sudoersUserNetgroupInRunas PreProc 275hi def link sudoersUserAliasInRunas PreProc 276hi def link sudoersHostAlias Identifier 277hi def link sudoersHostNameInList String 278hi def link sudoersIPAddrInList Number 279hi def link sudoersNetworkInList Number 280hi def link sudoersHostNetgroupInList PreProc 281hi def link sudoersHostAliasInList PreProc 282hi def link sudoersHostName String 283hi def link sudoersIPAddr Number 284hi def link sudoersNetwork Number 285hi def link sudoersHostNetgroup PreProc 286hi def link sudoersHostAliasRef PreProc 287hi def link sudoersHostNameInSpec String 288hi def link sudoersIPAddrInSpec Number 289hi def link sudoersNetworkInSpec Number 290hi def link sudoersHostNetgroupInSpec PreProc 291hi def link sudoersHostAliasInSpec PreProc 292hi def link sudoersCmndAlias Identifier 293hi def link sudoersCmndNameInList String 294hi def link sudoersCmndAliasInList PreProc 295hi def link sudoersCmndNameInSpec String 296hi def link sudoersCmndAliasInSpec PreProc 297hi def link sudoersUserAliasEquals Operator 298hi def link sudoersUserListComma Delimiter 299hi def link sudoersUserListColon Delimiter 300hi def link sudoersUserSpecComma Delimiter 301hi def link sudoersUserRunasBegin Delimiter 302hi def link sudoersUserRunasComma Delimiter 303hi def link sudoersUserRunasEnd Delimiter 304hi def link sudoersHostAliasEquals Operator 305hi def link sudoersHostListComma Delimiter 306hi def link sudoersHostListColon Delimiter 307hi def link sudoersHostSpecComma Delimiter 308hi def link sudoersCmndAliasEquals Operator 309hi def link sudoersCmndListComma Delimiter 310hi def link sudoersCmndListColon Delimiter 311hi def link sudoersCmndSpecComma Delimiter 312hi def link sudoersCmndSpecColon Delimiter 313hi def link sudoersUserNegationInList Operator 314hi def link sudoersHostNegationInList Operator 315hi def link sudoersCmndNegationInList Operator 316hi def link sudoersUserNegation Operator 317hi def link sudoersHostNegation Operator 318hi def link sudoersUserNegationInSpec Operator 319hi def link sudoersHostNegationInSpec Operator 320hi def link sudoersUserNegationInRunas Operator 321hi def link sudoersCmndNegationInSpec Operator 322hi def link sudoersCommandArgs String 323hi def link sudoersCommandEmpty Special 324hi def link sudoersDefaultEntry Keyword 325hi def link sudoersDefaultTypeAt Special 326hi def link sudoersDefaultTypeColon Special 327hi def link sudoersDefaultTypeGreaterThan Special 328hi def link sudoersBooleanParameter Identifier 329hi def link sudoersIntegerParameter Identifier 330hi def link sudoersStringParameter Identifier 331hi def link sudoersListParameter Identifier 332hi def link sudoersParameterListComma Delimiter 333hi def link sudoersIntegerParameterEquals Operator 334hi def link sudoersStringParameterEquals Operator 335hi def link sudoersListParameterEquals Operator 336hi def link sudoersIntegerValue Number 337hi def link sudoersStringValue String 338hi def link sudoersListValue String 339hi def link sudoersPASSWD Special 340hi def link sudoersInclude Statement 341 342let b:current_syntax = "sudoers" 343 344let &cpo = s:cpo_save 345unlet s:cpo_save 346