opendoas with password prompt "Password: "

Go to file

odd-dwm c34c90a1e7 i		2022-08-10 10:00:29 +05:30
libopenbsd	libopenbsd/closefrom.h: include path.h for _PATH_DEV on MacOSX	2020-11-12 22:29:09 +01:00
.git-author-conv-file	Add git-cvsimport author conversion file.	2015-08-05 08:48:22 -04:00
.gitignore	use config.h and link objects instead of libopenbsd.a	2020-11-12 17:23:46 +01:00
GNUmakefile	remove pam.d configuration files	2021-01-29 00:03:49 +01:00
LICENSE	bump version to 0.2	2016-06-05 14:04:15 +02:00
README.md	Fix: improve formatting and add Wikipedia reference.	2022-01-19 16:46:09 +01:00
configure	remove pam.d configuration files	2021-01-29 00:03:49 +01:00
doas.1	apply missing man page changes	2021-01-28 20:40:52 +01:00
doas.c	Promote nrules/maxrules to size_t and make sure they can't overflow. reallocarray(3) will fail if nmemb * size would overflow. OK tb@ martijn@	2021-01-28 20:40:51 +01:00
doas.conf.5	apply missing man page changes	2021-01-28 20:40:52 +01:00
doas.h	Promote nrules/maxrules to size_t and make sure they can't overflow. reallocarray(3) will fail if nmemb * size would overflow. OK tb@ martijn@	2021-01-28 20:40:51 +01:00
env.c	remove includes.h and move the prototypes to doas.h	2020-11-12 22:29:08 +01:00
pam.c	i	2022-08-10 10:00:29 +05:30
parse.y	espie reminds me that EOF can happen for errors as well, so check for that	2021-01-28 20:40:51 +01:00
shadow.c	s/authorization/authentication/g	2021-01-28 20:40:51 +01:00
timestamp.c	remove includes.h and move the prototypes to doas.h	2020-11-12 22:29:08 +01:00

README.md

OpenDoas: a portable version of OpenBSD's `doas` command

doas is a minimal replacement for the venerable sudo. It was initially written by Ted Unangst of the OpenBSD project to provide 95% of the features of sudo with a fraction of the codebase.

Building and Installation Warnings

There are a few steps you have to carefully consider before building and installing OpenDoas:

There are fewer eyes on random doas ports, just because sudo had a vulnerability does not mean random doas ports are more secure if they are not reviewed or PAM is configured incorrectly.
- If you want to use PAM; You have to configure PAM and failing to do so correctly might leave a big open door.
Use the configure script.
Use the default make target.
If you really want to install a setuid binary that depends on PAM being correctly configured, use the make install target to install the software.

About the OpenDoas Port

This is not an official port/project from OpenBSD!

As much as possible I've attempted to stick to doas as tedu desired it. As things stand it's essentially just code lifted from OpenBSD with PAM or shadow based authentication glommed on to it.

Compatibility functions in libopenbsd come from OpenBSD directly (strtonum.c, reallocarray.c, strlcpy.c, strlcat.c), from openssh (readpassphrase.c) or from sudo (closefrom.c).

The PAM and shadow authentication code does not come from the OpenBSD project.

PAM Configuration

I will not ship PAM configuration files, they are distribution specific and its simply not safe or productive to ship and install those files.

If you want to use OpenDoas on your system and there is no package that ships with a working PAM configuration file, then you have to write and test it yourself.

A good starting point is probably the distribution maintained /etc/pam.d/sudo file.

Persist/Timestamp/Timeout

The persist feature is disabled by default and can be enabled with the --with-timestamp configure flag.

This feature is new and potentially dangerous, in the original doas, a kernel API is used to set and clear timeouts. This API is OpenBSD specific and no similar API is available on other operating systems.

As a workaround, the persist feature is implemented using timestamp files similar to sudo.

See the comment block in timestamp.c for an in-depth description on how timestamps are created and checked to be as safe as possible.