./security/doas, Execute commands as another user

[ CVSweb ] [ Homepage ] [ RSS ] [ Required by ] [ Add to tracker ]

Branch: CURRENT, Version: 6.3p2nb1, Package name: doas-6.3p2nb1, Maintainer: pkgsrc-users

doas is a port of OpenBSD's doas.

The doas utility is a program originally written for OpenBSD which
allows a user to run a command as though they were another
user. Typically doas is used to allow non-privileged users to run
commands as though they were the root user. The doas program acts as
an alternative to sudo, which is a popular method in the Linux
community for granting admin access to specific users.

The doas program offers two benefits over sudo: its configuration file
has a simple syntax and it is smaller, requiring less effort to audit
the code. This makes it harder for both admins and coders to make
mistakes that potentially open security holes in the system.


Required to build:
[pkgtools/cwrappers]

Master sites:

Filesize: 26.876 KB

Version history: (Expand)

CVS history: (Expand)


   2021-12-09 19:46:38 by Nikita | Files touched by this commit (1) 
Log message:
security/doas: change Maintainer
   2021-10-26 13:18:07 by Nia Alarie | Files touched by this commit (605) 
Log message:
security: Replace RMD160 checksums with BLAKE2s checksums

All checksums have been double-checked against existing RMD160 and
SHA512 hashes

Unfetchable distfiles (fetched conditionally?):
./security/cyrus-sasl/distinfo \ 
cyrus-sasl-dedad73e5e7a75d01a5f3d5a6702ab8ccd2ff40d.patch.v2
   2021-10-07 16:54:50 by Nia Alarie | Files touched by this commit (606) 
Log message:
security: Remove SHA1 hashes for distfiles
   2021-01-01 15:21:23 by pin | Files touched by this commit (1) 
Log message:
security/doas: add conflict msg

Prepare to import opendoas
   2020-10-26 10:00:35 by pin | Files touched by this commit (2) 
Log message:
security/doas: remove vidoas functionality

Security concerns have been raised by Kimmo Suominen
on pkgsrc-security.
See also, https://github.com/slicer69/doas/pull/46
   2020-10-21 21:32:39 by pin | Files touched by this commit (3) | Package updated
Log message:
security/doas: update to 6.3p2

6.3p2

This release introduces a new utility called vidoas (vi doas). This tool is a
shell script which creates a copy of the doas.conf file, allows the admin to
edit the file, and then checks its syntax for errors. If a problem is found,
vidoas reports which line the error was on and asks us to try editing the file
again. Once the new doas.conf file contains the proper syntax, it is installed
and overwrites the old doas.conf file.

This tool is designed to assist admins and avoid introducing errors to doas.conf
which might accidentally revoke admin access to the machine.

6.3p1
In this release, we work around a quirk of the GNU parameter parser which
required us to use double-dashes (--) after doas's parameters and before a
target command's parameters. In the past we used "doas -- pacman -Syu" \ 
and now
we can use simply "doas pacman -Syu".

This change affects only GNU/Linux systems, other platforms like FreeBSD,
NetBSD, etc already had this behaviour.

6.3
This release introduces a few minor changes:
-Added command line parameter (-S) which launches an interactive shell. This is
equivalent to "su -l" or "sudo -i".
-Updated documentation to include the new -S flag.
-Updated documentation to assist users in installing doas on some Linux
distributions, such as CentOS, that prevent PAM authentication from working by
default.

6.2p5
This release simply adds a new sample PAM configuration file for FreeBSD (and
compatible systems). The new sample configuration file is named
campat/pam.conf.freebsd.
   2020-10-21 19:34:09 by Kimmo Suominen | Files touched by this commit (4) 
Log message:
doas: Use setusercontext(3)

Calling setusercontext(3) makes per-user temporary storage work (see
per_user_tmp in security(7) and rc.conf(5)).

May as well use our reallocarray(3) instead of the bundled compat code.
   2020-10-21 17:25:23 by Kimmo Suominen | Files touched by this commit (1) 
Log message:
doas: Pass PKG_SYSCONFDIR to make