2020-03-25 06:20:53 +00:00
|
|
|
# doas
|
|
|
|
# Execute commands as another user
|
2020-04-20 17:51:11 +00:00
|
|
|
#
|
|
|
|
# OpenBSD lightweight sudo alternative, "dedicated openbsd application subexecutor"
|
|
|
|
# It was created by Ted Unangst after he was dissatisfied with the complexity
|
|
|
|
# of sudo and had issues with the default sudo configuration
|
2020-03-25 06:20:53 +00:00
|
|
|
|
|
|
|
# Remove the folder of "/home/user" as user
|
|
|
|
# If the -u option is not specified, the command will be executed as root
|
|
|
|
doas -u user ls /home/user
|
|
|
|
|
|
|
|
# Show the contents of "/etc/shadow" as root
|
|
|
|
doas cat /etc/shadow
|
|
|
|
|
|
|
|
# Execute the shell defined in $SHELL as root
|
|
|
|
doas -s
|
|
|
|
|
2020-03-25 15:57:10 +00:00
|
|
|
# Permission to execute commands as another user are given in the config file "/etc/doas.conf"
|
2020-03-25 06:20:53 +00:00
|
|
|
# The following line grants permission for every user in the wheel group to execute commands as root
|
2020-03-25 15:57:10 +00:00
|
|
|
#
|
|
|
|
# permit persist keepenv :wheel
|
|
|
|
#
|
|
|
|
# Where the option "persist" makes doas only ask for the password once in each shell session
|
|
|
|
# Where the colon specifies that "wheel" is a group, not a user
|
2020-03-27 18:08:12 +00:00
|
|
|
# And where the option "keepenv" keeps the current environment variables
|
|
|
|
#
|
|
|
|
# The following line rejects permission for "user" to run commands as anon,
|
|
|
|
# if the user is not specified, it will default to root
|
2020-03-25 15:57:10 +00:00
|
|
|
#
|
|
|
|
# deny user as anon
|
|
|
|
#
|
2020-03-27 18:08:12 +00:00
|
|
|
# The following line allows "user" to execute only the program "shutdown" as root,
|
|
|
|
# without asking for a password
|
|
|
|
#
|
2020-03-25 15:57:10 +00:00
|
|
|
# permit nopass user cmd shutdown
|