1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
365
366
367
368
369
370
371
372
373
374
375
376
377
378
379
380
381
382
383
384
385
386
387
388
389
390
391
392
393
394
395
396
397
398
399
400
401
402
403
404
405
406
407
408
409
410
411
412
413
414
415
416
417
418
419
420
421
422
423
424
425
426
427
428
429
430
431
432
433
434
435
436
437
438
439
440
441
442
443
444
445
446
447
448
449
450
451
452
453
454
455
456
457
458
459
460
461
462
463
464
465
466
467
468
469
470
471
472
473
474
475
476
477
478
479
480
481
482
483
484
485
486
487
488
489
490
491
492
493
494
495
496
497
498
499
500
501
502
503
504
505
506
507
508
509
510
511
512
513
514
515
516
517
518
519
520
521
522
523
524
525
526
527
528
529
530
531
532
533
534
535
536
537
538
539
540
541
542
543
544
545
546
547
548
549
550
551
552
553
554
555
556
557
558
559
560
561
562
563
564
565
566
567
568
569
570
571
572
573
574
575
576
577
578
|
" Vim syntax file
" Language: sudoers(5) configuration files
" Maintainer: Eisuke Kawashima ( e.kawaschima+vim AT gmail.com )
" Previous Maintainer: Nikolai Weibull <now@bitwi.se>
" Latest Change: 2026 Mar 11
if exists("b:current_syntax")
finish
endif
let s:cpo_save = &cpo
set cpo&vim
" TODO: instead of 'skipnl', we would like to match a specific group that would
" match \\$ and then continue with the nextgroup, actually, the skipnl doesn't
" work...
" TODO: treat 'ALL' like a special (yay, a bundle of new rules!!!)
syn match sudoersUserSpec '^' nextgroup=@sudoersUserInSpec skipwhite
syn match sudoersSpecEquals contained '=' nextgroup=@sudoersCmndSpecList skipwhite
syn cluster sudoersCmndSpecList contains=sudoersUserRunasBegin,sudoersOptionSpec,sudoersTagSpec,@sudoersCmndInSpec
syn keyword sudoersTodo contained TODO FIXME XXX NOTE
syn region sudoersComment display oneline start='#' end='$' contains=sudoersTodo
syn region sudoersInclude display oneline start='[#@]\%(include\|includedir\)\s\+\S\+' end='$'
syn keyword sudoersAlias User_Alias Runas_Alias nextgroup=sudoersUserAlias skipwhite skipnl
syn keyword sudoersAlias Host_Alias nextgroup=sudoersHostAlias skipwhite skipnl
syn keyword sudoersAlias Cmnd_Alias nextgroup=sudoersCmndAlias skipwhite skipnl
syn match sudoersUserAlias contained '\<\u[A-Z0-9_]*\>' nextgroup=sudoersUserAliasEquals skipwhite skipnl
syn match sudoersUserNameInList contained '\<\l[-a-z0-9_]*\>' nextgroup=@sudoersUserList skipwhite skipnl
syn match sudoersUIDInList contained '#\d\+\>' nextgroup=@sudoersUserList skipwhite skipnl
syn match sudoersGroupInList contained '%\l[-a-z0-9_]*\>' nextgroup=@sudoersUserList skipwhite skipnl
syn match sudoersGIDInList contained '%#\d\+\>' nextgroup=@sudoersUserList skipwhite skipnl
syn match sudoersUserNetgroupInList contained '+\l[-a-z0-9_]*\>' nextgroup=@sudoersUserList skipwhite skipnl
syn match sudoersUserAliasInList contained '\<\u[A-Z0-9_]*\>' nextgroup=@sudoersUserList skipwhite skipnl
syn keyword sudoersUserAllInList contained ALL nextgroup=@sudoersUserList skipwhite skipnl
syn match sudoersUserName contained '\<\l[-a-z0-9_]*\>' nextgroup=sudoersUserComma,@sudoersParameter skipwhite skipnl
syn match sudoersUID contained '#\d\+\>' nextgroup=sudoersUserComma,@sudoersParameter skipwhite skipnl
syn match sudoersGroup contained '%\l[-a-z0-9_]*\>' nextgroup=sudoersUserComma,@sudoersParameter skipwhite skipnl
syn match sudoersGID contained '%#\d\+\>' nextgroup=sudoersUserComma,@sudoersParameter skipwhite skipnl
syn match sudoersUserNetgroup contained '+\l[-a-z0-9_]*\>' nextgroup=sudoersUserComma,@sudoersParameter skipwhite skipnl
syn match sudoersUserAliasRef contained '\<\u[A-Z0-9_]*\>' nextgroup=sudoersUserComma,@sudoersParameter skipwhite skipnl
syn keyword sudoersUserAll contained ALL nextgroup=sudoersUserComma,@sudoersParameter skipwhite skipnl
syn match sudoersUserComma contained ',' nextgroup=sudoersUserNegation,sudoersUserName,sudoersUID,sudoersGroup,sudoersGID,sudoersUserNetgroup,sudoersUserAliasRef,sudoersUserAll skipwhite skipnl
syn match sudoersUserNameInSpec contained '\<\l[-a-z0-9_]*\>' nextgroup=@sudoersUserSpec skipwhite skipnl
syn region sudoersUIDInSpec display oneline start='#\d\+\>' end='' nextgroup=@sudoersUserSpec skipwhite skipnl
syn match sudoersGroupInSpec contained '%\l[-a-z0-9_]*\>' nextgroup=@sudoersUserSpec skipwhite skipnl
syn match sudoersGIDInSpec contained '%#\d\+\>' nextgroup=@sudoersUserSpec skipwhite skipnl
syn match sudoersUserNetgroupInSpec contained '+\l[-a-z0-9_]*\>' nextgroup=@sudoersUserSpec skipwhite skipnl
syn match sudoersUserAliasInSpec contained '\<\u[A-Z0-9_]*\>' nextgroup=@sudoersUserSpec skipwhite skipnl
syn keyword sudoersUserAllInSpec contained ALL nextgroup=@sudoersUserSpec skipwhite skipnl
syn match sudoersUserNameInRunas contained '\<\l[-a-z0-9_]*\>' nextgroup=@sudoersUserRunas skipwhite skipnl
syn match sudoersUIDInRunas contained '#\d\+\>' nextgroup=@sudoersUserRunas skipwhite skipnl
syn match sudoersGroupInRunas contained '%\l[-a-z0-9_]*\>' nextgroup=@sudoersUserRunas skipwhite skipnl
syn match sudoersGIDInRunas contained '%#\d\+\>' nextgroup=@sudoersUserRunas skipwhite skipnl
syn match sudoersUserNetgroupInRunas contained '+\l[-a-z0-9_]*\>' nextgroup=@sudoersUserRunas skipwhite skipnl
syn match sudoersUserAliasInRunas contained '\<\u[A-Z0-9_]*\>' nextgroup=@sudoersUserRunas skipwhite skipnl
syn keyword sudoersUserAllInRunas contained ALL nextgroup=@sudoersUserRunas skipwhite skipnl
syn match sudoersHostAlias contained '\<\u[A-Z0-9_]*\>' nextgroup=sudoersHostAliasEquals skipwhite skipnl
syn match sudoersHostNameInList contained '\<\l[a-z0-9_-]*\>' nextgroup=@sudoersHostList skipwhite skipnl
syn match sudoersIPAddrInList contained '\<\%(\d\{1,3}\.\)\{3}\d\{1,3}\>' nextgroup=@sudoersHostList skipwhite skipnl
syn match sudoersNetworkInList contained '\<\%(\d\{1,3}\.\)\{3}\d\{1,3}\%(/\%(\%(\d\{1,3}\.\)\{3}\d\{1,3}\|\d\+\)\)\=\>' nextgroup=@sudoersHostList skipwhite skipnl
syn match sudoersHostNetgroupInList contained '+\l\+\>' nextgroup=@sudoersHostList skipwhite skipnl
syn match sudoersHostAliasInList contained '\<\u[A-Z0-9_]*\>' nextgroup=@sudoersHostList skipwhite skipnl
syn match sudoersHostName contained '\<\l[a-z0-9_-]*\>' nextgroup=sudoersHostComma,@sudoersParameter skipwhite skipnl
syn match sudoersIPAddr contained '\<\%(\d\{1,3}\.\)\{3}\d\{1,3}\>' nextgroup=sudoersHostComma,@sudoersParameter skipwhite skipnl
syn match sudoersNetwork contained '\<\%(\d\{1,3}\.\)\{3}\d\{1,3}/\%(\%(\d\{1,3}\.\)\{3}\d\{1,3}\|\d\+\)\>' nextgroup=sudoersHostComma,@sudoersParameter skipwhite skipnl
syn match sudoersHostNetgroup contained '+\l\+\>' nextgroup=sudoersHostComma,@sudoersParameter skipwhite skipnl
syn match sudoersHostAliasRef contained '\<\u[A-Z0-9_]*\>' nextgroup=sudoersHostComma,@sudoersParameter skipwhite skipnl
syn keyword sudoersHostAll contained ALL nextgroup=sudoersHostComma,@sudoersParameter skipwhite skipnl
syn match sudoersHostComma contained ',' nextgroup=sudoersHostNegation,sudoersHostName,sudoersIPAddr,sudoersNetwork,sudoersHostNetgroup,sudoersHostAliasRef,sudoersHostAll skipwhite skipnl
syn match sudoersCmndName contained '/[/A-Za-z0-9._-]\+' nextgroup=sudoersCmndComma,@sudoersParameter skipwhite skipnl
syn keyword sudoersCmndSpecial contained list sudoedit ALL nextgroup=sudoersCmndComma,@sudoersParameter skipwhite skipnl
syn match sudoersCmndAliasRef contained '\<\u[A-Z0-9_]*\>' nextgroup=sudoersCmndComma,@sudoersParameter skipwhite skipnl
syn match sudoersCmndComma contained ',' nextgroup=sudoersCmndNegation,sudoersCmndName,sudoersCmndSpecial,sudoersCmndAliasRef skipwhite skipnl
syn match sudoersHostNameInSpec contained '\<\l[a-z0-9_-]*\>' nextgroup=@sudoersHostSpec skipwhite skipnl
syn match sudoersIPAddrInSpec contained '\<\%(\d\{1,3}\.\)\{3}\d\{1,3}\>' nextgroup=@sudoersHostSpec skipwhite skipnl
syn match sudoersNetworkInSpec contained '\<\%(\d\{1,3}\.\)\{3}\d\{1,3}/\%(\%(\d\{1,3}\.\)\{3}\d\{1,3}\|\d\+\)\>' nextgroup=@sudoersHostSpec skipwhite skipnl
syn match sudoersHostNetgroupInSpec contained '+\l\+\>' nextgroup=@sudoersHostSpec skipwhite skipnl
syn match sudoersHostAliasInSpec contained '\<\u[A-Z0-9_]*\>' nextgroup=@sudoersHostSpec skipwhite skipnl
syn keyword sudoersHostAllInSpec contained ALL nextgroup=@sudoersHostSpec skipwhite skipnl
syn match sudoersCmndAlias contained '\<\u[A-Z0-9_]*\>' nextgroup=sudoersCmndAliasEquals skipwhite skipnl
syn match sudoersCmndNameInList contained '[^[:space:],:=\\]\+\%(\\[[:space:],:=\\][^[:space:],:=\\]*\)*' nextgroup=@sudoersCmndList,sudoersCommandEmpty,sudoersCommandArgs skipwhite
syn match sudoersCmndAliasInList contained '\<\u[A-Z0-9_]*\>' nextgroup=@sudoersCmndList skipwhite skipnl
syn match sudoersCmndNameInSpec contained '[^[:space:],:=\\]\+\%(\\[[:space:],:=\\][^[:space:],:=\\]*\)*' nextgroup=@sudoersCmndSpec,sudoersCommandEmptyInSpec,sudoersCommandArgsInSpec skipwhite
syn match sudoersCmndAliasInSpec contained '\<\u[A-Z0-9_]*\>' nextgroup=@sudoersCmndSpec skipwhite skipnl
syn keyword sudoersCmndSpecialInSpec contained list sudoedit ALL nextgroup=@sudoersCmndSpec skipwhite skipnl
syn keyword sudoersCmndDigestInList contained sha224 sha256 sha384 sha512 nextgroup=sudoersCmndDigestColon skipwhite skipnl
syn match sudoersCmndDigestColon contained ':' nextgroup=sudoersDigestHex,sudoersDigestBase64 skipwhite skipnl
syn match sudoersDigestHex contained '\<\x\+\>' nextgroup=sudoersCmndDigestComma,sudoersCmndNegationInList,sudoersCmndNameInList,sudoersCmndAliasInList skipwhite skipnl
syn match sudoersDigestBase64 contained '\<[A-Za-z0-9+/]\+=*' nextgroup=sudoersCmndDigestComma,sudoersCmndNegationInList,sudoersCmndNameInList,sudoersCmndAliasInList skipwhite skipnl
syn match sudoersCmndDigestComma contained ',' nextgroup=sudoersCmndDigestInList skipwhite skipnl
syn match sudoersUserAliasEquals contained '=' nextgroup=@sudoersUserInList skipwhite skipnl
syn match sudoersUserListComma contained ',' nextgroup=@sudoersUserInList skipwhite skipnl
syn match sudoersUserListColon contained ':' nextgroup=sudoersUserAlias skipwhite skipnl
syn cluster sudoersUserList contains=sudoersUserListComma,sudoersUserListColon
syn match sudoersUserSpecComma contained ',' nextgroup=@sudoersUserInSpec skipwhite skipnl
syn cluster sudoersUserSpec contains=sudoersUserSpecComma,@sudoersHostInSpec
syn match sudoersUserRunasBegin contained '(' nextgroup=@sudoersUserInRunas,sudoersUserRunasColon,sudoersUserRunasEnd skipwhite skipnl
syn match sudoersUserRunasComma contained ',' nextgroup=@sudoersUserInRunas skipwhite skipnl
syn match sudoersUserRunasColon contained ':' nextgroup=@sudoersUserInRunas,sudoersUserRunasEnd skipwhite skipnl
syn match sudoersUserRunasEnd contained ')' nextgroup=sudoersOptionSpec,sudoersTagSpec,@sudoersCmndInSpec skipwhite skipnl
syn cluster sudoersUserRunas contains=sudoersUserRunasComma,sudoersUserRunasColon,@sudoersUserInRunas,sudoersUserRunasEnd
syn match sudoersHostAliasEquals contained '=' nextgroup=@sudoersHostInList skipwhite skipnl
syn match sudoersHostListComma contained ',' nextgroup=@sudoersHostInList skipwhite skipnl
syn match sudoersHostListColon contained ':' nextgroup=sudoersHostAlias skipwhite skipnl
syn cluster sudoersHostList contains=sudoersHostListComma,sudoersHostListColon
syn match sudoersHostSpecComma contained ',' nextgroup=@sudoersHostInSpec skipwhite skipnl
syn cluster sudoersHostSpec contains=sudoersHostSpecComma,sudoersSpecEquals
syn match sudoersCmndAliasEquals contained '=' nextgroup=@sudoersCmndInList skipwhite skipnl
syn match sudoersCmndListComma contained ',' nextgroup=@sudoersCmndInList skipwhite skipnl
syn match sudoersCmndListColon contained ':' nextgroup=sudoersCmndAlias skipwhite skipnl
syn cluster sudoersCmndList contains=sudoersCmndListComma,sudoersCmndListColon
syn match sudoersCmndSpecComma contained ',' nextgroup=@sudoersCmndSpecList skipwhite skipnl
syn match sudoersCmndSpecColon contained ':' nextgroup=@sudoersHostInSpec skipwhite skipnl
syn cluster sudoersCmndSpec contains=sudoersCmndSpecComma,sudoersCmndSpecColon
syn cluster sudoersUserInList contains=sudoersUserNegationInList,sudoersUserNameInList,sudoersUIDInList,sudoersGroupInList,sudoersGIDInList,sudoersUserNetgroupInList,sudoersUserAliasInList,sudoersUserAllInList
syn cluster sudoersHostInList contains=sudoersHostNegationInList,sudoersHostNameInList,sudoersIPAddrInList,sudoersNetworkInList,sudoersHostNetgroupInList,sudoersHostAliasInList
syn cluster sudoersCmndInList contains=sudoersCmndDigestInList,sudoersCmndNegationInList,sudoersCmndNameInList,sudoersCmndAliasInList
syn cluster sudoersUser contains=sudoersUserNegation,sudoersUserName,sudoersUID,sudoersGroup,sudoersGID,sudoersUserNetgroup,sudoersUserAliasRef,sudoersUserAll
syn cluster sudoersHost contains=sudoersHostNegation,sudoersHostName,sudoersIPAddr,sudoersNetwork,sudoersHostNetgroup,sudoersHostAll,sudoersHostAliasRef
syn cluster sudoersCmnd contains=sudoersCmndNegation,sudoersCmndName,sudoersCmndSpecial,sudoersCmndAliasRef
syn cluster sudoersUserInSpec contains=sudoersUserNegationInSpec,sudoersUserNameInSpec,sudoersUIDInSpec,sudoersGroupInSpec,sudoersGIDInSpec,sudoersUserNetgroupInSpec,sudoersUserAliasInSpec,sudoersUserAllInSpec
syn cluster sudoersHostInSpec contains=sudoersHostNegationInSpec,sudoersHostNameInSpec,sudoersIPAddrInSpec,sudoersNetworkInSpec,sudoersHostNetgroupInSpec,sudoersHostAliasInSpec,sudoersHostAllInSpec
syn cluster sudoersUserInRunas contains=sudoersUserNegationInRunas,sudoersUserNameInRunas,sudoersUIDInRunas,sudoersGroupInRunas,sudoersGIDInRunas,sudoersUserNetgroupInRunas,sudoersUserAliasInRunas,sudoersUserAllInRunas
syn cluster sudoersCmndInSpec contains=sudoersCmndNegationInSpec,sudoersCmndNameInSpec,sudoersCmndAliasInSpec,sudoersCmndSpecialInSpec
syn match sudoersUserNegationInList contained '!\+' nextgroup=@sudoersUserInList skipwhite skipnl
syn match sudoersHostNegationInList contained '!\+' nextgroup=@sudoersHostInList skipwhite skipnl
syn match sudoersCmndNegationInList contained '!\+' nextgroup=@sudoersCmndInList skipwhite skipnl
syn match sudoersUserNegation contained '!\+' nextgroup=@sudoersUser skipwhite skipnl
syn match sudoersHostNegation contained '!\+' nextgroup=@sudoersHost skipwhite skipnl
syn match sudoersCmndNegation contained '!\+' nextgroup=@sudoersCmnd skipwhite skipnl
syn match sudoersUserNegationInSpec contained '!\+' nextgroup=@sudoersUserInSpec skipwhite skipnl
syn match sudoersHostNegationInSpec contained '!\+' nextgroup=@sudoersHostInSpec skipwhite skipnl
syn match sudoersUserNegationInRunas contained '!\+' nextgroup=@sudoersUserInRunas skipwhite skipnl
syn match sudoersCmndNegationInSpec contained '!\+' nextgroup=@sudoersCmndInSpec skipwhite skipnl
syn match sudoersCommandArgs contained '[^[:space:],:=\\]\+\%(\\[[:space:],:=\\][^[:space:],:=\\]*\)*' nextgroup=sudoersCommandArgs,@sudoersCmndList skipwhite
syn match sudoersCommandEmpty contained '""' nextgroup=@sudoersCmndList skipwhite skipnl
syn match sudoersCommandArgsInSpec contained '[^[:space:],:=\\]\+\%(\\[[:space:],:=\\][^[:space:],:=\\]*\)*' nextgroup=sudoersCommandArgsInSpec,@sudoersCmndSpec skipwhite
syn match sudoersCommandEmptyInSpec contained '""' nextgroup=@sudoersCmndSpec skipwhite skipnl
syn keyword sudoersDefaultEntry Defaults nextgroup=sudoersDefaultTypeAt,sudoersDefaultTypeColon,sudoersDefaultTypeGreaterThan,sudoersDefaultTypeBang,sudoersDefaultTypeAny
syn match sudoersDefaultTypeAt contained '@' nextgroup=@sudoersHost skipwhite skipnl
syn match sudoersDefaultTypeColon contained ':' nextgroup=@sudoersUser skipwhite skipnl
syn match sudoersDefaultTypeGreaterThan contained '>' nextgroup=@sudoersUser skipwhite skipnl
syn match sudoersDefaultTypeBang contained '!' nextgroup=@sudoersCmnd skipwhite skipnl
syn match sudoersDefaultTypeAny contained '\s' nextgroup=@sudoersParameter skipwhite skipnl
" TODO: could also deal with special characters here
syn match sudoersParameterNegation contained '!\+' nextgroup=sudoersBooleanParameter,sudoersIntegerOrBooleanParameter,sudoersModeOrBooleanParameter,sudoersFloatOrBooleanParameter,sudoersTimeoutOrBooleanParameter,sudoersStringOrBooleanParameter,sudoersListParameter skipwhite skipnl
syn keyword sudoersBooleanParameter contained skipwhite skipnl
\ nextgroup=sudoersParameterListComma
\ always_query_group_plugin
\ always_set_home
\ authenticate
\ case_insensitive_group
\ case_insensitive_user
\ closefrom_override
\ compress_io
\ env_editor
\ env_reset
\ exec_background
\ fast_glob
\ fqdn
\ ignore_audit_errors
\ ignore_dot
\ ignore_iolog_errors
\ ignore_local_sudoers
\ ignore_logfile_errors
\ ignore_unknown_defaults
\ insults
\ intercept
\ intercept_allow_setid
\ intercept_authenticate
\ intercept_verify
\ iolog_flush
\ log_allowed
\ log_denied
\ log_exit_status
\ log_host
\ log_input
\ log_output
\ log_passwords
\ log_server_keepalive
\ log_server_verify
\ log_stderr
\ log_stdin
\ log_stdout
\ log_subcmds
\ log_ttyin
\ log_ttyout
\ log_year
\ long_otp_prompt
\ mail_all_cmnds
\ mail_always
\ mail_badpass
\ mail_no_host
\ mail_no_perms
\ mail_no_user
\ match_group_by_gid
\ netgroup_tuple
\ noexec
\ noninteractive_auth
\ pam_acct_mgmt
\ pam_rhost
\ pam_ruser
\ pam_session
\ pam_setcred
\ pam_silent
\ passprompt_override
\ path_info
\ preserve_groups
\ pwfeedback
\ requiretty
\ root_sudo
\ rootpw
\ runas_allow_unknown_id
\ runas_check_shell
\ runaspw
\ selinux
\ set_home
\ set_logname
\ set_utmp
\ setenv
\ shell_noargs
\ stay_setuid
\ sudoedit_checkdir
\ sudoedit_follow
\ syslog_pid
\ targetpw
\ tty_tickets
\ umask_override
\ use_loginclass
\ use_netgroups
\ use_pty
\ user_command_timeouts
\ utmp_runas
\ visiblepw
syn keyword sudoersIntegerParameter contained
\ nextgroup=sudoersIntegerParameterEquals
\ skipwhite skipnl
\ closefrom
\ maxseq
\ passwd_tries
\ syslog_maxlen
syn keyword sudoersIntegerOrBooleanParameter contained
\ nextgroup=sudoersIntegerParameterEquals,sudoersParameterListComma
\ skipwhite skipnl
\ loglinelen
syn keyword sudoersFloatOrBooleanParameter contained
\ nextgroup=sudoersFloatParameterEquals,sudoersParameterListComma
\ skipwhite skipnl
\ passwd_timeout
\ timestamp_timeout
syn keyword sudoersModeParameter contained
\ nextgroup=sudoersModeParameterEquals
\ skipwhite skipnl
\ iolog_mode
syn keyword sudoersModeOrBooleanParameter contained
\ nextgroup=sudoersModeParameterEquals,sudoersParameterListComma
\ skipwhite skipnl
\ umask
syn keyword sudoersTimeoutOrBooleanParameter contained
\ nextgroup=sudoersTimeoutParameterEquals,sudoersParameterListComma
\ skipwhite skipnl
\ command_timeout
\ log_server_timeout
syn keyword sudoersStringParameter contained
\ nextgroup=sudoersStringParameterEquals
\ skipwhite skipnl
\ apparmor_profile
\ askpass
\ authfail_message
\ badpass_message
\ cmddenial_message
\ group_plugin
\ intercept_type
\ iolog_file
\ limitprivs
\ log_format
\ mailsub
\ noexec_file
\ pam_askpass_service
\ pam_login_service
\ pam_service
\ passprompt
\ privs
\ role
\ runas_default
\ sudoers_locale
\ timestamp_type
\ timestampowner
\ type
syn keyword sudoersStringOrBooleanParameter contained
\ nextgroup=sudoersStringParameterEquals,sudoersParameterListComma
\ skipwhite skipnl
\ admin_flag
\ editor
\ env_file
\ exempt_group
\ fdexec
\ iolog_dir
\ iolog_group
\ iolog_user
\ lecture
\ lecture_file
\ lecture_status_dir
\ listpw
\ log_server_cabundle
\ log_server_peer_cert
\ log_server_peer_key
\ logfile
\ mailerflags
\ mailerpath
\ mailfrom
\ mailto
\ restricted_env_file
\ rlimit_as
\ rlimit_core
\ rlimit_cpu
\ rlimit_data
\ rlimit_fsize
\ rlimit_locks
\ rlimit_memlock
\ rlimit_nofile
\ rlimit_nproc
\ rlimit_rss
\ rlimit_stack
\ runcwd
\ secure_path
\ syslog
\ syslog_badpri
\ syslog_goodpri
\ timestampdir
\ verifypw
syn keyword sudoersListParameter contained
\ nextgroup=sudoersListParameterEquals,sudoersParameterListComma
\ skipwhite skipnl
\ env_check
\ env_delete
\ env_keep
\ log_servers
\ passprompt_regex
syn match sudoersParameterListComma contained ',' nextgroup=@sudoersParameter skipwhite skipnl
syn cluster sudoersParameter contains=sudoersParameterNegation,sudoersBooleanParameter,sudoersIntegerParameter,sudoersIntegerOrBooleanParameter,sudoersModeParameter,sudoersModeOrBooleanParameter,sudoersFloatOrBooleanParameter,sudoersTimeoutOrBooleanParameter,sudoersStringParameter,sudoersStringOrBooleanParameter,sudoersListParameter
syn match sudoersIntegerParameterEquals contained '=' nextgroup=sudoersIntegerValue skipwhite skipnl
syn match sudoersModeParameterEquals contained '=' nextgroup=sudoersModeValue skipwhite skipnl
syn match sudoersFloatParameterEquals contained '=' nextgroup=sudoersFloatValue skipwhite skipnl
syn match sudoersTimeoutParameterEquals contained '=' nextgroup=sudoersTimeoutValue skipwhite skipnl
syn match sudoersStringParameterEquals contained '=' nextgroup=sudoersStringValue skipwhite skipnl
syn match sudoersListParameterEquals contained '[+-]\==' nextgroup=sudoersListValue skipwhite skipnl
syn match sudoersIntegerValue contained '\<\d\+\>' nextgroup=sudoersParameterListComma skipwhite skipnl
syn match sudoersModeValue contained '\<\o\+\>' nextgroup=sudoersParameterListComma skipwhite skipnl
syn match sudoersFloatValue contained '-\?\%(\<\d\+\>\|\<\d\+\%(\.\%(\d\+\>\)\?\)\?\|\.\d\+\>\)' nextgroup=sudoersParameterListComma skipwhite skipnl
syn match sudoersTimeoutValue contained '\<\d\+\>' nextgroup=sudoersParameterListComma skipwhite skipnl
syn match sudoersTimeoutValue contained '\<\%(\d\+[dDhHmMsS]\)\+\>' nextgroup=sudoersParameterListComma skipwhite skipnl
syn match sudoersStringValue contained '\s*\zs[^[:space:],:=\\]*\%(\\[[:space:],:=\\][^[:space:],:=\\]*\)*' nextgroup=sudoersParameterListComma skipwhite skipnl
syn region sudoersStringValue contained start=+\s*\zs"+ skip=+\\"+ end=+"+ nextgroup=sudoersParameterListComma skipwhite skipnl
syn match sudoersListValue contained '\s*\zs[^[:space:],:=\\]*\%(\\[[:space:],:=\\][^[:space:],:=\\]*\)*' nextgroup=sudoersParameterListComma skipwhite skipnl
syn region sudoersListValue contained start=+\s*\zs"+ skip=+\\"+ end=+"+ nextgroup=sudoersParameterListComma skipwhite skipnl
syn keyword sudoersOptionSpec contained ROLE TYPE nextgroup=sudoersSELinuxSpecEquals skipwhite
syn keyword sudoersOptionSpec contained APPARMOR_PROFILE nextgroup=sudoersAppArmorSpecEquals skipwhite
syn keyword sudoersOptionSpec contained PRIVS LIMITPRIVS nextgroup=sudoersSolarisPrivSpecEquals skipwhite
syn keyword sudoersOptionSpec contained NOTBEFORE NOTAFTER nextgroup=sudoersDateSpecEquals skipwhite
syn keyword sudoersOptionSpec contained TIMEOUT nextgroup=sudoersTimeoutSpecEquals skipwhite
syn keyword sudoersOptionSpec contained CWD CHROOT nextgroup=sudoersDirectorySpecEquals skipwhite
syn match sudoersSELinuxSpecEquals contained '=' nextgroup=sudoersSELinuxSpecParam skipwhite skipnl
syn match sudoersAppArmorSpecEquals contained '=' nextgroup=sudoersAppArmorSpecParam skipwhite skipnl
syn match sudoersSolarisPrivSpecEquals contained '=' nextgroup=sudoersSolarisPrivSpecParam skipwhite skipnl
syn match sudoersDateSpecEquals contained '=' nextgroup=sudoersDateSpecParam skipwhite skipnl
syn match sudoersTimeoutSpecEquals contained '=' nextgroup=sudoersTimeoutSpecParam skipwhite skipnl
syn match sudoersDirectorySpecEquals contained '=' nextgroup=sudoersDirectorySpecParam,sudoersDirectorySpecParamError skipwhite skipnl
syn match sudoersSELinuxSpecParam contained /\<[A-Za-z0-9_]\+\>/ nextgroup=sudoersOptionSpec,sudoersTagSpec,@sudoersCmndInSpec skipwhite skipnl
syn match sudoersAppArmorSpecParam contained /\S\+/ nextgroup=sudoersOptionSpec,sudoersTagSpec,@sudoersCmndInSpec skipwhite skipnl
syn match sudoersSolarisPrivSpecParam contained /\S\+/ nextgroup=sudoersOptionSpec,sudoersTagSpec,@sudoersCmndInSpec skipwhite skipnl
syn match sudoersDateSpecParam contained /\<\d\{10\}\%(\d\d\)\{0,2\}\%(Z\|[+-]\d\{4\}\)\?\>/ nextgroup=sudoersOptionSpec,sudoersTagSpec,@sudoersCmndInSpec skipwhite skipnl
syn match sudoersTimeoutSpecParam contained /\<\d\+\>\|\<\%(\d\+[dDhHmMsS]\)\+\>/ nextgroup=sudoersOptionSpec,sudoersTagSpec,@sudoersCmndInSpec skipwhite skipnl
syn match sudoersDirectorySpecParam contained '[/~]\f*\|\*' nextgroup=sudoersOptionSpec,sudoersTagSpec,@sudoersCmndInSpec skipwhite skipnl
syn match sudoersDirectorySpecParam contained '"\%([/~]\f\{-}\|\*\)"' nextgroup=sudoersOptionSpec,sudoersTagSpec,@sudoersCmndInSpec skipwhite skipnl
syn keyword sudoersTagSpec contained EXEC NOEXEC FOLLOW NOFOLLOW LOG_INPUT NOLOG_INPUT LOG_OUTPUT NOLOG_OUTPUT MAIL NOMAIL INTERCEPT NOINTERCEPT PASSWD NOPASSWD SETENV NOSETENV nextgroup=sudoersTagSpecColon skipwhite
syn match sudoersTagSpecColon contained /:/ nextgroup=sudoersTagSpec,@sudoersCmndInSpec skipwhite
hi def link sudoersSpecEquals Operator
hi def link sudoersTodo Todo
hi def link sudoersComment Comment
hi def link sudoersAlias Keyword
hi def link sudoersUserAlias Identifier
hi def link sudoersUserNameInList String
hi def link sudoersUIDInList Number
hi def link sudoersGroupInList PreProc
hi def link sudoersGIDInList Number
hi def link sudoersUserNetgroupInList PreProc
hi def link sudoersUserAliasInList PreProc
hi def link sudoersUserAllInList Special
hi def link sudoersUserName String
hi def link sudoersUID Number
hi def link sudoersGroup PreProc
hi def link sudoersGID Number
hi def link sudoersUserNetgroup PreProc
hi def link sudoersUserAliasRef PreProc
hi def link sudoersUserAll Special
hi def link sudoersUserComma Delimiter
hi def link sudoersUserNameInSpec String
hi def link sudoersUIDInSpec Number
hi def link sudoersGroupInSpec PreProc
hi def link sudoersGIDInSpec Number
hi def link sudoersUserNetgroupInSpec PreProc
hi def link sudoersUserAliasInSpec PreProc
hi def link sudoersUserAllInSpec Special
hi def link sudoersUserNameInRunas String
hi def link sudoersUIDInRunas Number
hi def link sudoersGroupInRunas PreProc
hi def link sudoersGIDInRunas Number
hi def link sudoersUserNetgroupInRunas PreProc
hi def link sudoersUserAliasInRunas PreProc
hi def link sudoersUserAllInRunas Special
hi def link sudoersHostAlias Identifier
hi def link sudoersHostNameInList String
hi def link sudoersIPAddrInList Number
hi def link sudoersNetworkInList Number
hi def link sudoersHostNetgroupInList PreProc
hi def link sudoersHostAliasInList PreProc
hi def link sudoersHostName String
hi def link sudoersIPAddr Number
hi def link sudoersNetwork Number
hi def link sudoersHostNetgroup PreProc
hi def link sudoersHostAll Special
hi def link sudoersHostComma Delimiter
hi def link sudoersHostAliasRef PreProc
hi def link sudoersCmndName String
hi def link sudoersCmndSpecial Special
hi def link sudoersCmndAliasRef PreProc
hi def link sudoersCmndComma Delimiter
hi def link sudoersHostNameInSpec String
hi def link sudoersIPAddrInSpec Number
hi def link sudoersNetworkInSpec Number
hi def link sudoersHostNetgroupInSpec PreProc
hi def link sudoersHostAliasInSpec PreProc
hi def link sudoersHostAllInSpec Special
hi def link sudoersCmndAlias Identifier
hi def link sudoersCmndNameInList String
hi def link sudoersCmndAliasInList PreProc
hi def link sudoersCmndNameInSpec String
hi def link sudoersCmndAliasInSpec PreProc
hi def link sudoersCmndSpecialInSpec Special
hi def link sudoersCmndDigestInList Type
hi def link sudoersCmndDigestColon Operator
hi def link sudoersDigestHex Number
hi def link sudoersDigestBase64 Number
hi def link sudoersCmndDigestComma Delimiter
hi def link sudoersUserAliasEquals Operator
hi def link sudoersUserListComma Delimiter
hi def link sudoersUserListColon Delimiter
hi def link sudoersUserSpecComma Delimiter
hi def link sudoersUserRunasBegin Delimiter
hi def link sudoersUserRunasComma Delimiter
hi def link sudoersUserRunasColon Delimiter
hi def link sudoersUserRunasEnd Delimiter
hi def link sudoersHostAliasEquals Operator
hi def link sudoersHostListComma Delimiter
hi def link sudoersHostListColon Delimiter
hi def link sudoersHostSpecComma Delimiter
hi def link sudoersCmndAliasEquals Operator
hi def link sudoersCmndListComma Delimiter
hi def link sudoersCmndListColon Delimiter
hi def link sudoersCmndSpecComma Delimiter
hi def link sudoersCmndSpecColon Delimiter
hi def link sudoersUserNegationInList Operator
hi def link sudoersHostNegationInList Operator
hi def link sudoersCmndNegationInList Operator
hi def link sudoersUserNegation Operator
hi def link sudoersHostNegation Operator
hi def link sudoersCmndNegation Operator
hi def link sudoersUserNegationInSpec Operator
hi def link sudoersHostNegationInSpec Operator
hi def link sudoersUserNegationInRunas Operator
hi def link sudoersCmndNegationInSpec Operator
hi def link sudoersCommandArgs String
hi def link sudoersCommandEmpty Special
hi def link sudoersDefaultEntry Keyword
hi def link sudoersDefaultTypeAt Special
hi def link sudoersDefaultTypeColon Special
hi def link sudoersDefaultTypeGreaterThan Special
hi def link sudoersDefaultTypeBang Special
hi def link sudoersParameterNegation Operator
hi def link sudoersBooleanParameter Identifier
hi def link sudoersIntegerParameter Identifier
hi def link sudoersIntegerOrBooleanParameter Identifier
hi def link sudoersModeParameter Identifier
hi def link sudoersModeOrBooleanParameter Identifier
hi def link sudoersFloatOrBooleanParameter Identifier
hi def link sudoersTimeoutOrBooleanParameter Identifier
hi def link sudoersStringParameter Identifier
hi def link sudoersStringOrBooleanParameter Identifier
hi def link sudoersListParameter Identifier
hi def link sudoersParameterListComma Delimiter
hi def link sudoersIntegerParameterEquals Operator
hi def link sudoersModeParameterEquals Operator
hi def link sudoersFloatParameterEquals Operator
hi def link sudoersTimeoutParameterEquals Operator
hi def link sudoersStringParameterEquals Operator
hi def link sudoersListParameterEquals Operator
hi def link sudoersIntegerValue Number
hi def link sudoersModeValue Number
hi def link sudoersFloatValue Float
hi def link sudoersTimeoutValue Number
hi def link sudoersStringValue String
hi def link sudoersListValue String
hi def link sudoersOptionSpec Special
hi def link sudoersSELinuxSpecEquals Operator
hi def link sudoersAppArmorSpecEquals Operator
hi def link sudoersSolarisPrivSpecEquals Operator
hi def link sudoersDateSpecEquals Operator
hi def link sudoersTimeoutSpecEquals Operator
hi def link sudoersDirectorySpecEquals Operator
hi def link sudoersSELinuxSpecParam String
hi def link sudoersAppArmorSpecParam String
hi def link sudoersSolarisPrivSpecParam String
hi def link sudoersDateSpecParam Number
hi def link sudoersTimeoutSpecParam Number
hi def link sudoersDirectorySpecParam String
hi def link sudoersTagSpec Special
hi def link sudoersTagSpecColon Delimiter
hi def link sudoersInclude Statement
let b:current_syntax = "sudoers"
let &cpo = s:cpo_save
unlet s:cpo_save
|
