doas
| Original author(s) | Ted Unangst[1] |
|---|---|
| Developer(s) | OpenBSD Projects[2] |
| Initial release | 18 October 2015[2] |
| Repository | http://cvsweb.openbsd.org/cgi-bin/cvsweb/src/usr.bin/doas/ |
| Written in | C |
| Engine | |
| Type | Security software |
| Website | https://man.openbsd.org/doas |
Search Doas on Amazon.
doas[3] (“do as”) is a program to execute commands as another user[4]. It provides simple function to give specified users specified privileges to execute specified commands.[1] [5] It is open-source and available in Unix and Unix-like Operating systems, driven by doas.conf[6], the configuration file.[7] [8]
doas is smaller and simpler than sudo, the multi-functional standard one[1] [9] [10] [11] [12].
Summary
doas allows users to run speficied programs as specified users.[13]
doas is one of the products by the OpenBSD Projects. It is defined as the default in OpenBSD.[13] [14] Also, it is supported by BSD operating systems such as FreeBSD[15] [16] and NetBSD[17]. As to Linux[18], it is available as a package in Arch[19] and Alpine[20], or by building from source in other distributions. Besides, OpenDoas, another portable version for Linux, is also developed by other developers.[21]
Examples about configuration file[7] [22] [23]
Definition of privileges should be written in the configuration file, /etc/doas.conf .[24] The official manual is doas.conf.5 .
#1. Allow user1 to execute procmap as root without password
permit nopass user1 as root cmd /usr/sbin/procmap
#2. Give user2 perfect root privileges (password required)
permit user2 as root
History
doas was released with the release of OpenBSD 5.8 in October 2015.[25] [26] [27] The release note said "sudo in base has been replaced with doas (1), sudo is available as a package."[2]
doas was first developed by Ted Unangst.[1] It aims simplicity and safety following the OpenBSD philosophy: "Secure by default".
References
- ↑ 1.0 1.1 1.2 1.3 "doas - dedicated openbsd application subexecutor". flak.tedunangst.com. Retrieved 2020-05-06.
- ↑ 2.0 2.1 2.2 "OpenBSD 5.8". www.openbsd.org. Retrieved 2020-05-06.
- ↑ "doas(1) - OpenBSD manual pages". man.openbsd.org. Retrieved 2020-06-04.
- ↑ "OpenBSD FAQ: System Management". www.openbsd.org. Retrieved 2020-06-04.
- ↑ "Privileges | OpenBSD Handbook". www.openbsdhandbook.com. Retrieved 2020-05-06.
- ↑ "doas.conf(5) - OpenBSD manual pages". man.openbsd.org. Retrieved 2020-06-04.
- ↑ 7.0 7.1 "doas.conf(5) - OpenBSD manual pages". man.openbsd.org. Retrieved 2020-05-06.
- ↑ "deadnull". ronvalente.net. Retrieved 2020-05-06.
- ↑ Yegulalp, Serdar (2016-07-25). "OpenBSD 6.0 tightens security by losing Linux compatibility". InfoWorld. Retrieved 2020-05-06.
- ↑ "Introduction to doas on OpenBSD". Vultr. Retrieved 2020-05-06.
- ↑ "deadnull". ronvalente.net. Retrieved 2020-05-06.
- ↑ "Privileges | OpenBSD Handbook". www.openbsdhandbook.com. Retrieved 2020-05-06.
- ↑ 13.0 13.1 "doas(1) - OpenBSD manual pages". man.openbsd.org. Retrieved 2020-05-06.
- ↑ "deadnull". ronvalente.net. Retrieved 2020-05-06.
- ↑ "doas(1)". www.freebsd.org. Retrieved 2020-05-06.
- ↑ "Why I Prefer To Use doas Over sudo". i-bsd.com. Retrieved 2020-05-06.
- ↑ "The NetBSD Packages Collection: security/doas". ftp.netbsd.org. Retrieved 2020-05-06.
- ↑ Smith, Jesse (2020-04-29), slicer69/doas, retrieved 2020-05-06
- ↑ "AUR (en) - doas". aur.archlinux.org. Retrieved 2020-05-06.
- ↑ "Alpine Linux packages". pkgs.alpinelinux.org. Retrieved 2020-05-06.
- ↑ Holstein, Nathan (2020-05-01), nholstein/OpenDoas, retrieved 2020-05-06
- ↑ "Introduction to doas on OpenBSD". Vultr. Retrieved 2020-05-06.
- ↑ Czyz, Mariusz. "Openbsd Doas". mariuszczyz.com. Retrieved 2020-05-06. Unknown parameter
|url-status=ignored (help) - ↑ "Privileges | OpenBSD Handbook". www.openbsdhandbook.com. Retrieved 2020-05-06.
- ↑ "OpenBSD Upgrade Guide: 5.7 to 5.8". www.openbsd.org. Retrieved 2020-06-04.
- ↑ "Introduction to doas on OpenBSD". Vultr. Retrieved 2020-05-06.
- ↑ Millman, Rene (18 October 2019). "Linux Sudo bug could allow hackers root access". SC Media UK. SC Media UK. Retrieved 2020-05-06. Unknown parameter
|url-status=ignored (help)
Category:Computer security software Category:Unix software
This article "Doas" is from Wikipedia. The list of its authors can be seen in its historical and/or the page Edithistory:Doas. Articles copied from Draft Namespace on Wikipedia could be seen on the Draft Namespace of Wikipedia and not main one.
| This page exists already on Wikipedia. |
