doas 0.1.0

A Rust implementation of doas, a minimal sudo alternative with PAM authentication
Documentation
  • Coverage
  • 0%
    0 out of 14 items documented0 out of 7 items with examples
  • Size
  • Source code size: 16.85 kB This is the summed size of all the files inside the crates.io package for this release.
  • Documentation size: 1.08 MB This is the summed size of all files generated by rustdoc for all configured targets
  • Ø build duration
  • this release: 22s Average build duration of successful builds.
  • all releases: 22s Average build duration of successful builds in releases after 2024-10-23.
  • Links
  • Homepage
  • hkwk/doas
    0 0 0
  • crates.io
  • Dependencies
  • Versions
  • Owners
  • hkwk

doas

A Rust implementation of doas, an alternative to sudo for running commands as other users.

Features

  • Simple configuration file syntax
  • Supports permit/deny rules with options like nopass, keepenv
  • PAM authentication
  • Unix-like systems only

Installation

  1. Build the project:

    cargo build --release

  2. Install the binary:

    sudo cp target/release/doas /usr/local/bin/

sudo chown root:root /usr/local/bin/doas

sudo chmod 4755 /usr/local/bin/doas

  3. Create config file:

    sudo mkdir -p /usr/local/etc

sudo cp doas.conf.sample /usr/local/etc/doas.conf

sudo chown root:root /usr/local/etc/doas.conf

sudo chmod 600 /usr/local/etc/doas.conf

  4. Edit the config file to add rules, e.g.:

    permit yourusername as root

Usage

doas command [args...]

doas -u user command [args...]

Configuration

The config file is located at /etc/doas.conf or /usr/local/etc/doas.conf.

Syntax:

permit [nopass] [keepenv] [nolog] identity as target
  • permit or deny
  • nopass: no password required
  • keepenv: keep environment variables
  • nolog: don't log
  • identity: the user who can run
  • target: the user to run as

Security

The binary must be setuid root to function properly. Ensure the config file is only readable by root.