8e9c2bde06
and PATH from the original user to the target user. This could cause files in the wrogn path or home directory to be read (or written to), which resulted in potential security problems. This has been changed so that only DISPLAY and TERM are passed to the new environment. This is fine for running command line programs. When GUI programs need to be run, "keepenv" can be added to the user's doas.conf entry. This results in variables like HOME being copied to the target user, allowing GUI programs to run. Many thanks to Sander Bos for reporting this issue and explaining how it can be exploited. This commit also adds the ability to pass a customized PATH to target users. The new PATH can be set at compile time in the Makefile. The default path is provided in the Makefile and commented out. |
||
|---|---|---|
| doas.1 | ||
| doas.c | ||
| doas.conf.5 | ||
| doas.h | ||
| env.c | ||
| execvpe.c | ||
| LICENSE | ||
| Makefile | ||
| parse.y | ||
| README.md | ||
| reallocarray.c | ||
| strlcat.c | ||
| strlcpy.c | ||
| tree.h | ||
doas
A port of OpenBSD's doas which runs on FreeBSD, Linux and NetBSD
The doas utility is a program originally written for OpenBSD which allows a user to run a command as though they were another user. Typically doas is used to allow non-privleged users to run commands as though they were the root user. The doas program acts as an alternative to sudo, which is a popular method in the Linux ccommunity for granting admin access to specific users.
The doas program offers two benefits over sudo: its configuration file has a simple syntax and it is smaller, requiring less effort to audit the code. This makes it harder for both admins and coders to make mistakes that potentially open security holes in the system.
This port of doas has been made to work on FreeBSD 11.x and newer, most distributions of Linux, and NetBSD 8.x and newer.
Installing doas is accomplished in three steps:
- Installing build tools.
- Compiling and installing the doas utility.
- Creating a configuration file for doas.
1 - The doas program has virtually no dependencies. So long as you have a compiler (such as the GNU Compiler or Clang) installed and GNU make (gmake on NetBSD and FreeBSD).
2 - To install doas, download the source code and, in the source code's directory, run the command
make (on Linux)
or gmake (on FreeBSD and NetBSD).
This builds the source code. Then, as the root user, run
make install (on Linux)
or
gmake install (on FreeBSD and NetBSD).
Note: The doas command is in FreeBSD's ports collection and may be installed by simply running the following command as the root user:
pkg install doas
3 - The doas configuration file is located at /usr/local/etc/doas.conf. To create a rule allowing a user to perform admin actions, add a line to the configuration file. Details on how to do this are covered in the doas.conf manual page. However, most of the time a rule is as simple as
permit <user> as root
Where is the username of the person who is being granted root access. For instance:
permit jesse as root
Additional users can be added to the file, one per line.
To make use of doas, run it in front of any command. Here are some examples:
Confirm doas is working by printing our effective user ID:
doas id
Create a new file in the root user's home:
doas touch /root/new-file
On Linux commands with arguments should be prefixed by a double-dash (--). Here we remove a directory owned by root:
doas -- rm -rf old-directory