./security/doas, Execute commands as another user

[ CVSweb ] [ Homepage ] [ RSS ] [ Required by ] [ Add to tracker ]


Branch: CURRENT, Version: 6.2p4, Package name: doas-6.2p4, Maintainer: ng0

doas is a port of OpenBSD's doas.

The doas utility is a program originally written for OpenBSD which
allows a user to run a command as though they were another
user. Typically doas is used to allow non-privileged users to run
commands as though they were the root user. The doas program acts as
an alternative to sudo, which is a popular method in the Linux
community for granting admin access to specific users.

The doas program offers two benefits over sudo: its configuration file
has a simple syntax and it is smaller, requiring less effort to audit
the code. This makes it harder for both admins and coders to make
mistakes that potentially open security holes in the system.


Required to build:
[pkgtools/cwrappers]

Master sites:

SHA1: dd90972c3a120ae2b96432bae2c7a78c4c729166
RMD160: a8ed8677fbffd48bf87b4fa5c6b0dd98f0c5e428
Filesize: 25.486 KB

Version history: (Expand)


CVS history: (Expand)


   2020-01-01 02:30:19 by ng0 | Files touched by this commit (3) | Package updated
Log message:
security/doas: update to version 6.2p4

Changelog picked from https://github.com/slicer69/doas/releases:

6.2p4:
* Keeping environment variables with keepenv
  On some platforms (seemingly Linux and macOS) it is possible for
  repeated calls to getpwuid() can over-write the original struct
  passwd structure. (This behaviour may vary depending on which
  C library is used. This can lead to the original user's
  environment data being overwritten by the target user's, even
  when "keepenv" is specified in the doas.conf file.
  We now do a deep copy of the original and target users' struct
  passwd information to avoid over-writing the original on platforms
  where libc uses a static area for all calls.
   2019-12-14 12:19:54 by ng0 | Files touched by this commit (3)
Log message:
security/doas: resolve PR pkg/54717.

patch in the correct installed location of the config file
in the manpages.
   2019-11-29 16:27:42 by ng0 | Files touched by this commit (1)
Log message:
security/doas: assign myself as maintainer.
   2019-10-15 14:24:01 by ng0 | Files touched by this commit (2) | Package updated
Log message:
security/doas: Update to 6.2p2

Significant items from https://github.com/slicer69/doas/releases:
doas 6.2p2
* Introducing macOS support
  Due to the dedicated work by Gordon Bergling, the doas
  command now builds and runs on macOS. This release
  contains no functionality changes, just the ability to
  build and run on macOS.
   2019-09-14 20:58:19 by ng0 | Files touched by this commit (1)
Log message:
security/doas: Remove system mentions in DESCR and fix a typo.
   2019-09-14 16:45:45 by ng0 | Files touched by this commit (2) | Package updated
Log message:
security/doas: Update to 6.2p1

Significant items from https://github.com/slicer69/doas/releases:
doas 6.2p1
* Fixes a crash on Linux systems when a specified user on the
  command line did not match a valid entry in the doas.conf file.
  In the past, doas would first try to find an exact username match
  when the "-u" flag was used and, if one could not be found, it
  would try to find a matching numeric UID.
  Now doas requires that an exact username be specified when
  "-u" is used. This avoids confusion (and, on Linux, fuzzy matches
  when a username begins with a number). This means "doas -u 0" can
  no longer be used to run a command as root, and "duas -u 1000" is
  not ambigious if there is a user with the name "1000" on the system.

doas 6.2
* Group permissions of the original user are now dropped on Linux.
  This prevents the original user's group access from interfering
  with the target user's owned files. Group permissions were already
  dropped on FreeBSD (and I believe) NetBSD, and this brings doas's
  Linux behaviour into line with the other systems.
* Fixed a couple of compiler warnings that get rid of either unneeded
  variables or introduce sanity checks on return functions.
  This should make doas more secure, across platforms/compilers.

doas 6.1p1
* ported to illumos, added support for SmartOS and
  OpenIndiana.
* Better pkgsrc integration.
   2019-08-24 17:46:59 by ng0 | Files touched by this commit (1)
Log message:
security/doas: change license to add bsd-3 and isc.
   2019-08-24 01:00:51 by ng0 | Files touched by this commit (4)
Log message:
security/doas: Add version 6.1 (from wip)

doas is a port of OpenBSD's doas which runs on FreeBSD, Linux and
NetBSD.

The doas utility is a program originally written for OpenBSD which
allows a user to run a command as though they were another
user. Typically doas is used to allow non-privleged users to run
commands as though they were the root user. The doas program acts as
an alternative to sudo, which is a popular method in the Linux
community for granting admin access to specific users.

The doas program offers two benefits over sudo: its configuration file
has a simple syntax and it is smaller, requiring less effort to audit
the code. This makes it harder for both admins and coders to make
mistakes that potentially open security holes in the system.