Doas: Difference between revisions
imported>Likeazir mNo edit summary |
imported>Likeazir mNo edit summary |
||
| Line 10: | Line 10: | ||
security.doas.extraRules = [{ | security.doas.extraRules = [{ | ||
users = ["foo"]; | users = ["foo"]; | ||
# Optional, retains environment variables while running commands | |||
# e.g. retains your NIX_PATH when applying your config | |||
keepEnv = true; | |||
persist = true; # Optional, only require password verification a single time | persist = true; # Optional, only require password verification a single time | ||
}]; | }]; | ||
</syntaxhighlight> | </syntaxhighlight> | ||
Revision as of 23:45, 17 March 2024
doas is a utility to execute commands as a different user, typically the super user. It is often installed as a replacement for sudo, due to its ease of configuration and greater simplicity.
Configuration
The following configuration will give the user foo the ability to execute commands as the super user via doas, while disabling the sudo command.
security.doas.enable = true;
security.sudo.enable = false;
security.doas.extraRules = [{
users = ["foo"];
# Optional, retains environment variables while running commands
# e.g. retains your NIX_PATH when applying your config
keepEnv = true;
persist = true; # Optional, only require password verification a single time
}];