1. rbranco

    Isn't the wheel group too much for simple sudo/doas usage?

    The wheel group is GID 0, which allows more than just running sudo & doas. For this reason I create a special sudo group. Why isn't the wheel group considered harmful?
  2. K

    read the password from stdin when using "doas"

    Hi I want to automatically transfer a setup script and run it on freshly installed FreeBSD 13.2 machines. The problem is that the script requires elevated privileges. In linux, the command $ echo 'password' | sudo -S ./ would do the trick, but it seems like it's not possible to read the...
  3. E

    Sshfs needs doas, how to use sshfs as an unprivileged user?

    Using a fresh install of FreeBSD 13.0. I'm trying to mount a remote directory on a linux server via sshfs with the following command: sshfs user@x.x.x.x:/home/user/Dir/dir/ /usr/home/anotheruser/DestinationDir/ -p1234 -v -o idmap=user,uid=X,guid=Y,allow_other,follow_symlinks,reconnect The...
  4. NapoleonWils0n

    doas tips - sudo alternative

    Some tips on using doas the sudo alternative ported from Openbsd install doas # pkg install doas Create the doas config file # vi /usr/local/etc/doas.conf The username and groups follow the chown syntax, ther username or group is preceded by the : colon character eg :username :groupname...
  5. NapoleonWils0n

    doas - sudo alternative

    doas is a sudo alternative ported from openbsd install doas # pkg install doas create the doas config file # vi /usr/local/etc/doas.conf add the following code to the doas.conf file permit nopass keepenv :wheel permit nopass keepenv root as root make sure your user is in the wheel group...
  6. A

    Solved security/doas can't work with zsh alias

    % cat /usr/local/etc/doas.conf permit nopass keepenv fbsd as root permit nopass keepenv root as root % id -nu fbsd % doas id -nu root % echo $SHELL /usr/local/bin/zsh % doas echo $SHELL /usr/local/bin/zsh % alias vi=vim % doas alias % % doas -s # alias vi=vim As this shows, doas doesn't know...
  7. N

    Port of OpenBSD's doas

    Last year the OpenBSD developers created an alternative to "sudo" called "doas". The doas program has a simpler configuration file and is quite small, keeping the code tiny and, one hopes, secure. I have ported the OpenBSD 5.9 version of doas over to FreeBSD 10.3 (with a lot of help from the...