Doas: Difference between revisions
imported>Aquova (Added doas page) |
imported>RePtarmagain m (Added correct list encapsulation to the nix code example, old example throws error: A definition for option `security.doas.extraRules' is not of type `list of (submodule)) |
||
| Line 8: | Line 8: | ||
security.doas.enable = true; | security.doas.enable = true; | ||
security.sudo.enable = false; | security.sudo.enable = false; | ||
security.doas.extraRules = { | security.doas.extraRules = [{ | ||
users = ["foo"]; | users = ["foo"]; | ||
keepEnv = true; # Optional, retains environment variables while running commands | keepEnv = true; # Optional, retains environment variables while running commands | ||
persist = true; # Optional, only require password verification a single time | persist = true; # Optional, only require password verification a single time | ||
}; | }]; | ||
</syntaxhighlight> | </syntaxhighlight> | ||
Revision as of 11:54, 9 December 2023
doas is a utility to execute commands as a different user, typically the super user. It is often installed as a replacement for sudo, due to its ease of configuration and greater simplicity.
Configuration
The following configuration will give the user foo the ability to execute commands as the super user via doas, while disabling the sudo command.
security.doas.enable = true;
security.sudo.enable = false;
security.doas.extraRules = [{
users = ["foo"];
keepEnv = true; # Optional, retains environment variables while running commands
persist = true; # Optional, only require password verification a single time
}];