kisscommunity

kisscommunity.bvnf.space site sources
git clone git://bvnf.space/home/kiss/kisscommunity.git
Log | Files | Refs | Submodules | README | LICENSE

index.txt (2849B)

      1
      2
      3
      4
      5
      6
      7
      8
      9
     10
     11
     12
     13
     14
     15
     16
     17
     18
     19
     20
     21
     22
     23
     24
     25
     26
     27
     28
     29
     30
     31
     32
     33
     34
     35
     36
     37
     38
     39
     40
     41
     42
     43
     44
     45
     46
     47
     48
     49
     50
     51
     52

OPENDOAS [0]
________________________________________________________________________________

doas is a minimal replacement for the venerable sudo. It was initially written 
by Ted Unangst of the OpenBSD project to provide 95% of the features of sudo 
with a fraction of the codebase.


Configuration
________________________________________________________________________________

Begin by first verifying that you have opendoas installed:

+------------------------------------------------------------------------------+
|                                                                              |
|   $ kiss b opendoas && kiss i opendoas                                       |
|                                                                              |
+------------------------------------------------------------------------------+

Using your preferred text editor, modify the /etc/doas.conf file. Within the 
doas.conf, there are plenty of examples of rules to choose from and modify.

Below are a few examples of *basic* rules that could be set:  

+------------------------------------------------------------------------------+
|   Allow a specific regular user, USER, to escalate to root permissions.      |
+------------------------------------------------------------------------------+
|                                                                              |
|   permit USER                                                                |
|                                                                              |
+------------------------------------------------------------------------------+
|   Allow a specific group (i.e. "wheel") to escalate to root permissions.     |
+------------------------------------------------------------------------------+
|                                                                              |
|   permit wheel                                                               |
|                                                                              |
+------------------------------------------------------------------------------+
|   You can also allow privilege escalation without a password.                |
+------------------------------------------------------------------------------+
|                                                                              |
|   permit nopass [GROUP OR USER]                                              |
|                                                                              |
+------------------------------------------------------------------------------+

Refer to OpenBSD doas.conf manual page [1] for more information.


References
________________________________________________________________________________

[0] https://github.com/Duncaen/OpenDoas
[1] https://man.openbsd.org/doas.conf.5