OpenBSD’s doas on Voidlinux
OpenBSD's doas is a minimal replacement for sudo. If you run a single user
linux box, you can replace sudo with doas in order to have a simpler sudo
configuration and usage experience.
First, install doas using xbps-install.
sudo xbps-install opendoasDoas rules have the following format:
permit|deny [options] identity [as target] [cmd command [args ...]]
I like adding the persist option to my rule so that if I enter my password
once, doas remembers and doesn't constantly ask me to authenticate.
Edit /etc/doas.conf and add the following line:
permit persist <YOURUSERNAME> as root
This allows <YOURUSERNAME> to run any command as root.
Sudoedit replacement with Doas
The rationale for sudoedit is that text editors are complex programs that
could cause damage if given unchecked root access. As such,
it's better to use the cp command to copy the file so that a non-root user can
edit it, run your editor as a non-root user to edit the file, and on exit run
cp to overwrite the original file with the user edited file. To make a
sudoedit with doas, you can make a wrapper copy files around.
However, if you use emacs, you can easily create a sudoedit replacement for
doas. TRAMP for emacs supports doas. As such, I add the following to my
.bashrc:
doasedit(){
emacsclient -nw /doas::${1}
}
Running doasedit <filename> now allows you to edit the file like sudoedit!
Uninstalling sudo
On Voidlinux, sudo is part of the base-system group. If we want to
remove sudo, we must tell xbps that sudo can be substituted by doas.
To substitute doas for sudo, I edited /etc/xbps.d/99-my-settings.conf and
added:
virtualpkg=sudo:opendoas
See man xbps.d for more details on the virtualpkg keyword.
To remove sudo, we can now run:
doas xbps-remove sudoFurther Reading
Have a comment on one of my posts? Start a discussion in my public inbox by sending an email to ~anjan/public-inbox@lists.sr.ht [mailing list etiquette]