./security/doas, Execute commands as another user

[ CVSweb ] [ Homepage ] [ RSS ] [ Required by ] [ Add to tracker ]


Branch: CURRENT, Version: 6.2p1, Package name: doas-6.2p1, Maintainer: pkgsrc-users

doas is a port of OpenBSD's doas.

The doas utility is a program originally written for OpenBSD which
allows a user to run a command as though they were another
user. Typically doas is used to allow non-privileged users to run
commands as though they were the root user. The doas program acts as
an alternative to sudo, which is a popular method in the Linux
community for granting admin access to specific users.

The doas program offers two benefits over sudo: its configuration file
has a simple syntax and it is smaller, requiring less effort to audit
the code. This makes it harder for both admins and coders to make
mistakes that potentially open security holes in the system.


Required to build:
[pkgtools/cwrappers]

Master sites:

SHA1: cd1d7728b9b0491a2a453017359f4185bdcf3e90
RMD160: 5db2e6deed45192ea4a4f2434e829d2b50201911
Filesize: 23.948 KB

Version history: (Expand)


CVS history: (Expand)


   2019-09-14 20:58:19 by ng0 | Files touched by this commit (1)
Log message:
security/doas: Remove system mentions in DESCR and fix a typo.
   2019-09-14 16:45:45 by ng0 | Files touched by this commit (2) | Package updated
Log message:
security/doas: Update to 6.2p1

Significant items from https://github.com/slicer69/doas/releases:
doas 6.2p1
* Fixes a crash on Linux systems when a specified user on the
  command line did not match a valid entry in the doas.conf file.
  In the past, doas would first try to find an exact username match
  when the "-u" flag was used and, if one could not be found, it
  would try to find a matching numeric UID.
  Now doas requires that an exact username be specified when
  "-u" is used. This avoids confusion (and, on Linux, fuzzy matches
  when a username begins with a number). This means "doas -u 0" can
  no longer be used to run a command as root, and "duas -u 1000" is
  not ambigious if there is a user with the name "1000" on the system.

doas 6.2
* Group permissions of the original user are now dropped on Linux.
  This prevents the original user's group access from interfering
  with the target user's owned files. Group permissions were already
  dropped on FreeBSD (and I believe) NetBSD, and this brings doas's
  Linux behaviour into line with the other systems.
* Fixed a couple of compiler warnings that get rid of either unneeded
  variables or introduce sanity checks on return functions.
  This should make doas more secure, across platforms/compilers.

doas 6.1p1
* ported to illumos, added support for SmartOS and
  OpenIndiana.
* Better pkgsrc integration.
   2019-08-24 17:46:59 by ng0 | Files touched by this commit (1)
Log message:
security/doas: change license to add bsd-3 and isc.
   2019-08-24 01:00:51 by ng0 | Files touched by this commit (4)
Log message:
security/doas: Add version 6.1 (from wip)

doas is a port of OpenBSD's doas which runs on FreeBSD, Linux and
NetBSD.

The doas utility is a program originally written for OpenBSD which
allows a user to run a command as though they were another
user. Typically doas is used to allow non-privleged users to run
commands as though they were the root user. The doas program acts as
an alternative to sudo, which is a popular method in the Linux
community for granting admin access to specific users.

The doas program offers two benefits over sudo: its configuration file
has a simple syntax and it is smaller, requiring less effort to audit
the code. This makes it harder for both admins and coders to make
mistakes that potentially open security holes in the system.