./security/doas, Execute commands as another user

[ CVSweb ] [ Homepage ] [ RSS ] [ Required by ] [ Add to tracker ]


Branch: CURRENT, Version: 6.2p2, Package name: doas-6.2p2, Maintainer: pkgsrc-users

doas is a port of OpenBSD's doas.

The doas utility is a program originally written for OpenBSD which
allows a user to run a command as though they were another
user. Typically doas is used to allow non-privileged users to run
commands as though they were the root user. The doas program acts as
an alternative to sudo, which is a popular method in the Linux
community for granting admin access to specific users.

The doas program offers two benefits over sudo: its configuration file
has a simple syntax and it is smaller, requiring less effort to audit
the code. This makes it harder for both admins and coders to make
mistakes that potentially open security holes in the system.


Required to build:
[pkgtools/cwrappers]

Master sites:

SHA1: 417cb9de4d1815b342f1bb3fb96f31e2c8b25479
RMD160: d80538763cb0a0367eb2a6e50369743ea66aa1a5
Filesize: 25.033 KB

Version history: (Expand)


CVS history: (Expand)


   2019-10-15 14:24:01 by ng0 | Files touched by this commit (2) | Package updated
Log message:
security/doas: Update to 6.2p2

Significant items from https://github.com/slicer69/doas/releases:
doas 6.2p2
* Introducing macOS support
  Due to the dedicated work by Gordon Bergling, the doas
  command now builds and runs on macOS. This release
  contains no functionality changes, just the ability to
  build and run on macOS.
   2019-09-14 20:58:19 by ng0 | Files touched by this commit (1)
Log message:
security/doas: Remove system mentions in DESCR and fix a typo.
   2019-09-14 16:45:45 by ng0 | Files touched by this commit (2) | Package updated
Log message:
security/doas: Update to 6.2p1

Significant items from https://github.com/slicer69/doas/releases:
doas 6.2p1
* Fixes a crash on Linux systems when a specified user on the
  command line did not match a valid entry in the doas.conf file.
  In the past, doas would first try to find an exact username match
  when the "-u" flag was used and, if one could not be found, it
  would try to find a matching numeric UID.
  Now doas requires that an exact username be specified when
  "-u" is used. This avoids confusion (and, on Linux, fuzzy matches
  when a username begins with a number). This means "doas -u 0" can
  no longer be used to run a command as root, and "duas -u 1000" is
  not ambigious if there is a user with the name "1000" on the system.

doas 6.2
* Group permissions of the original user are now dropped on Linux.
  This prevents the original user's group access from interfering
  with the target user's owned files. Group permissions were already
  dropped on FreeBSD (and I believe) NetBSD, and this brings doas's
  Linux behaviour into line with the other systems.
* Fixed a couple of compiler warnings that get rid of either unneeded
  variables or introduce sanity checks on return functions.
  This should make doas more secure, across platforms/compilers.

doas 6.1p1
* ported to illumos, added support for SmartOS and
  OpenIndiana.
* Better pkgsrc integration.
   2019-08-24 17:46:59 by ng0 | Files touched by this commit (1)
Log message:
security/doas: change license to add bsd-3 and isc.
   2019-08-24 01:00:51 by ng0 | Files touched by this commit (4)
Log message:
security/doas: Add version 6.1 (from wip)

doas is a port of OpenBSD's doas which runs on FreeBSD, Linux and
NetBSD.

The doas utility is a program originally written for OpenBSD which
allows a user to run a command as though they were another
user. Typically doas is used to allow non-privleged users to run
commands as though they were the root user. The doas program acts as
an alternative to sudo, which is a popular method in the Linux
community for granting admin access to specific users.

The doas program offers two benefits over sudo: its configuration file
has a simple syntax and it is smaller, requiring less effort to audit
the code. This makes it harder for both admins and coders to make
mistakes that potentially open security holes in the system.