<!DOCTYPE html><htmllang="en"><head><title>(POST) Use Doas Instead Of Sudo</title><linkrel="icon"type="image/x-icon"href="../../images/favicon.webp"><linkrel='stylesheet'type='text/css'href="../../style.css"><linkrel='stylesheet'href="https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css"media="all"><metacharset="utf-8"/><metaname="viewport"content="width=device-width, initial-scale=1.0"></head><body><ahref="../../"><divstyle="text-align:center"><imgsrc="../../images/sufyaan.webp"></div></a><hr/><p><ahref="../../">sf.cu</a> > <astyle="color:#bd93f9"href="../">Blog</a> > <astyle="color:#bd93f9"href=".">Use Doas Instead Of Sudo</a></p><h1><iclass="fa fa-key"aria-hidden="true"></i>Use Doas Instead Of Sudo</h1><pstyle="font-size:110%"><strong><iclass="fa fa-calendar"aria-hidden="true"></i>20 April 2023</strong></p><pstyle="font-size:110%"><iclass="fa fa-clock-o"aria-hidden="true"></i><strong>2 min</strong><pstyle="font-size:110%"><iclass="fa fa-arrow-right"aria-hidden="true"></i></strong><astyle="color:#ff79c6"href="../linux"><iclass="fa fa-terminal"aria-hidden="true"></i>Linux</a>&&<astyle="color:#ff79c6"href="../software/"><iclass="fa fa-laptop"aria-hidden="true"></i>Software</a>&&<astyle="color:#ff79c6"href="../guides/"><iclass="fa fa-book"aria-hidden="true"></i>Guides</a></p><p>Sudo. It is often used by Linux users to perform commands with root privileges instead of being in a root shell all the time. However, <ahref="https://access.redhat.com/security/cve/CVE-2023-22809">there has recently been a vulnerability in sudo due to which people are switching to doas.</a></p><h2><iclass="fa fa-question-circle"aria-hidden="true"></i>What is Doas?</h2><p>OpenDoas or Doas is a portable version of the doas utility that is used on OpenBSD. OpenDoas can be installed on Unix-like system which includes Linux. It is designed to be more minimal and has less configuration options than sudo. If you are on a personal computer, then I highly recommend you switch to doas because it has a much smaller codebase which leaves less room for error.</p><p>However, if you are part of a professional environment with many individuals needing to use sudo, I recommend staying with sudo because it offers more configuration options to be used for groups and users.</p><h2><iclass="fa fa-download"aria-hidden="true"></i>Installing Doas</h2><p>Doas is available on almost all major distributions. If your distribution is Debian-based (Ubuntu, Linux Mint, Zorin OS), simply type:</p><p><code>sudo apt install doas</code></p><p>If you run an Arch-based system (Artix, Arco, Endeavour, Manjaro), type:</p><p><code>sudo pacman -S opendoas</code></p><p>If you use RHEL-based systems (Fedora, CentOS), type:</p><p><code>sudo dnf install opendoas</code></p><p>Doas should now be installed but it will not work out of the box. There is one line that we need to add to the configuration file.</p><h2><iclass="fa fa-file-code-o"aria-hidden="true"></i>Configuring Doas</h2><p>You have to configure doas as it is not included in most distributions by default but do not fret! One of its plus points is that its configuration is much better than sudo's.</p><p>To begin, edit the /etc/doas.conf file as root.</p><p>If you are the only user on your system and do not plan to allow other users to use your system, this line will suffice.</p><p><code>permit persist username as root</code></p><p>Many distributions have a group (wheel, sudoers) that are allowed to run sudo commands. If you would like to allow that group to send commands as root, type this:</p><p><code>permit persist :wheel as root</code></p><h2><iclass="fa fa-terminal"aria-hidden="true"></i>Using Doas</h2><p>Using doas is incredibly simple. Just type doas instead of sudo. For example, if you usually type:</p><p><code>sudo pacman -Syu</code></p><p>then just type:</p><p><code>doas pacman -Syu</code></p><p>I also recommend aliasing doas to 'doas --' since it causes issues sometimes if you just use doas. Apart from that, this is it for the setup.</p>