Doas: Difference between revisions
imported>RePtarmagain m Added correct list encapsulation to the nix code example, old example throws error: A definition for option `security.doas.extraRules' is not of type `list of (submodule) |
imported>Likeazir mNo edit summary |
||
| Line 10: | Line 10: | ||
security.doas.extraRules = [{ | security.doas.extraRules = [{ | ||
users = ["foo"]; | users = ["foo"]; | ||
keepEnv = true; # Optional, retains environment variables while running commands | keepEnv = true; # Optional, retains environment variables while running commands, e.g. your NIX_PATH when applying your config | ||
persist = true; # Optional, only require password verification a single time | persist = true; # Optional, only require password verification a single time | ||
}]; | }]; | ||
</syntaxhighlight> | </syntaxhighlight> | ||
Revision as of 23:44, 17 March 2024
doas is a utility to execute commands as a different user, typically the super user. It is often installed as a replacement for sudo, due to its ease of configuration and greater simplicity.
Configuration
The following configuration will give the user foo the ability to execute commands as the super user via doas, while disabling the sudo command.
security.doas.enable = true;
security.sudo.enable = false;
security.doas.extraRules = [{
users = ["foo"];
keepEnv = true; # Optional, retains environment variables while running commands, e.g. your NIX_PATH when applying your config
persist = true; # Optional, only require password verification a single time
}];