Английская Википедия:Doas

Материал из Онлайн справочника
Версия от 03:19, 28 февраля 2024; EducationBot (обсуждение | вклад) (Новая страница: «{{Английская Википедия/Панель перехода}} {{Short description|Computer software}} {{lowercase title}} {{Infobox software | title = doas | name = doas | author = Ted Unangst | developer = OpenBSD Project<ref name="auto1">{{Cite web|title=OpenBSD 5.8|url=http://www.openbsd.org/58.html|website=www.openbsd.org|access-date=2020-05-06|archive-date=2021-05-17|archive-url=https://web.archive.org/web/20210517090822/http://www.openb...»)
(разн.) ← Предыдущая версия | Текущая версия (разн.) | Следующая версия → (разн.)
Перейти к навигацииПерейти к поиску

Шаблон:Short description Шаблон:Lowercase title Шаблон:Infobox software

doas (“dedicated openbsd application subexecutor”)[1] is a program to execute commands as another user. The system administrator can configure it to give specified users privileges to execute specified commands. It is free and open-source under the ISC license[2] and available in Unix and Unix-like operating systems.

doas was developed by Ted Unangst[3] for OpenBSD as a simpler and safer sudo replacement.[4][5] Unangst himself had issues with the default sudo config, which was his motivation to develop doas.[1] doas was released with OpenBSD 5.8 in October 2015 replacing sudo.[6] However, OpenBSD still provides sudo as a package.[6]

Configuration

Definition of privileges should be written in the configuration file, /etc/doas.conf.[7] The syntax used in the configuration file is inspired by the packet filter configuration file.[1]

Examples

Allow user1 to execute procmap as root without password:Шаблон:Citation needed

permit nopass user1 as root cmd /usr/sbin/procmap

Allow members of the wheel group to run any command as root:

permit :wheel as root

Simpler version (only works if default user is root, which it is after install):

permit :wheel

To allow members of wheel group to run any command (default as root) and remember that they entered the password:

permit persist :wheel

Ports and availability

Jesse Smith’s[8] port of doas is packaged for DragonFlyBSD,[9] FreeBSD,[10] and NetBSD.[11] According to the author, it also works on illumos and macOS.[12] OpenDoas, a Linux port, is packaged for Debian, Alpine, Arch, CRUX, Fedora, Gentoo, GNU Guix, Hyperbola, Manjaro, Parabola, NixOS, Ubuntu, and Void Linux.[13] Starting with Alpine Linux v3.16 release, OpenDoas became the suggested replacement for sudo, which got its security maintenance time reduced within the distribution.[14]

See also

References

Шаблон:Reflist

Шаблон:OpenBSD