sufyaan
/
sufyaan-website
1
1
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
You cannot select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
main
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from '16e2782038'
${ noResults }
sufyaan-website/doas/index.html

64 lines
7.5 KiB
HTML
Raw Blame History

<!DOCTYPE html>
<html lang="en">
<head>
<title>(POST) Use Doas Instead Of Sudo</title>
<link rel="icon" type="image/x-icon" href="../images/favicon.webp">
<link rel='stylesheet' type='text/css' href="../style.css">
<link rel='stylesheet' href="https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css" media="all">
<meta charset="utf-8"/>
<meta name="viewport" content="width=device-width, initial-scale=1.0">
</head>
<body>
<a href="../">
<a style="text-decoration: none;" href="../">
<pre class="main-header">
_______ _ _ _______ __ __ _______ _______ __ _
|______ | | |______ \_/ |_____| |_____| | \ |
______| |_____| | | | | | | | \_|
</pre>
</a>
</a>
<hr/>
<p><a href="../">sf.cu</a> > <a style="color:#bd93f9" href="../blog/">Blog</a> > <a style="color:#bd93f9" href=".">Use Doas Instead Of Sudo</a></p>
<h1><i class="fa fa-key" aria-hidden="true"></i>Use Doas Instead Of Sudo</h1>
<p style="font-size:110%"><strong><svg class="postinfo" xmlns="http://www.w3.org/2000/svg" width="24" height="24" viewBox="0 0 24 24"><path fill="currentColor" d="M19 19H5V8h14m-3-7v2H8V1H6v2H5c-1.11 0-2 .89-2 2v14a2 2 0 0 0 2 2h14a2 2 0 0 0 2-2V5a2 2 0 0 0-2-2h-1V1m-1 11h-5v5h5v-5Z"/></svg>20 April 2023</strong></p>
<p style="font-size:110%"><svg class="postinfo" xmlns="http://www.w3.org/2000/svg" width="24" height="24" viewBox="0 0 24 24"><path fill="currentColor" fill-rule="evenodd" d="M2 12C2 6.477 6.477 2 12 2s10 4.477 10 10s-4.477 10-10 10S2 17.523 2 12zm11-5a1 1 0 1 0-2 0v3.764a3 3 0 0 0 1.658 2.683l2.895 1.447a1 1 0 1 0 .894-1.788l-2.894-1.448a1 1 0 0 1-.553-.894V7z" clip-rule="evenodd"/></svg><strong>2 min</strong>
<p style="font-size:110%"><svg class="postinfo" xmlns="http://www.w3.org/2000/svg" width="24" height="24" viewBox="0 0 24 24"><g fill="none" stroke-linecap="round" stroke-linejoin="round" stroke-width="2"><path d="M0 0h24v24H0z"/><path fill="currentColor" d="M10 3H4a1 1 0 0 0-1 1v6a1 1 0 0 0 1 1h6a1 1 0 0 0 1-1V4a1 1 0 0 0-1-1zm10 0h-6a1 1 0 0 0-1 1v6a1 1 0 0 0 1 1h6a1 1 0 0 0 1-1V4a1 1 0 0 0-1-1zM10 13H4a1 1 0 0 0-1 1v6a1 1 0 0 0 1 1h6a1 1 0 0 0 1-1v-6a1 1 0 0 0-1-1zm7 0a4 4 0 1 1-3.995 4.2L13 17l.005-.2A4 4 0 0 1 17 13z"/></g></svg></strong><a style="color:#ff79c6" href="../blog/linux"><i class="fa fa-terminal" aria-hidden="true"></i>Linux</a> && <a style="color:#ff79c6" href="../blog/software/"><svg class="posts" xmlns="http://www.w3.org/2000/svg" width="16" height="16" viewBox="0 0 24 24"><path fill="currentColor" d="M14 18.32A7.06 7.06 0 0 1 11.28 16H3V4h18v2.26a7.08 7.08 0 0 1 2 2.15V4a2 2 0 0 0-2-2H3a2 2 0 0 0-2 2v12a2 2 0 0 0 2 2h7v2H8v2h8v-2h-2Z"/><path fill="currentColor" d="M17 6a6 6 0 1 0 6 6a6 6 0 0 0-6-6Zm0 7.5a1.5 1.5 0 1 1 1.5-1.5a1.5 1.5 0 0 1-1.5 1.5Z"/></svg>Software</a> && <a style="color:#ff79c6" href="../blog/guides/"><i class="fa fa-book" aria-hidden="true"></i>Guides</a></p>
<p>Sudo. It is often used by Linux users to perform commands with root privileges instead of being in a root shell all the time. However, <a href="https://access.redhat.com/security/cve/CVE-2023-22809">there has recently been a vulnerability in sudo due to which people are switching to doas.</a></p>
<h2><i class="fa fa-question-circle" aria-hidden="true"></i>What is Doas?</h2>
<p>OpenDoas or Doas is a portable version of the doas utility that is used on OpenBSD. OpenDoas can be installed on Unix-like system which includes Linux. It is designed to be more minimal and has less configuration options than sudo. If you are on a personal computer, then I highly recommend you switch to doas because it has a much smaller codebase which leaves less room for error.</p>
<p>However, if you are part of a professional environment with many individuals needing to use sudo, I recommend staying with sudo because it offers more configuration options to be used for groups and users.</p>
<h2><i class="fa fa-download" aria-hidden="true"></i>Installing Doas</h2>
<p>Doas is available on almost all major distributions. If your distribution is Debian-based (Ubuntu, Linux Mint, Zorin OS), simply type:</p>
<p><code>sudo apt install doas</code></p>
<p>If you run an Arch-based system (Artix, Arco, Endeavour, Manjaro), type:</p>
<p><code>sudo pacman -S opendoas</code></p>
<p>If you use RHEL-based systems (Fedora, CentOS), type:</p>
<p><code>sudo dnf install opendoas</code></p>
<p>Doas should now be installed but it will not work out of the box. There is one line that we need to add to the configuration file.</p>
<h2><i class="fa fa-file-code-o" aria-hidden="true"></i>Configuring Doas</h2>
<p>You have to configure doas as it is not included in most distributions by default but do not fret! One of its plus points is that its configuration is much better than sudo's.</p>
<p>To begin, edit the /etc/doas.conf file as root.</p>
<p>If you are the only user on your system and do not plan to allow other users to use your system, this line will suffice.</p>
<p><code>permit persist username as root</code></p>
<p>Many distributions have a group (wheel, sudoers) that are allowed to run sudo commands. If you would like to allow that group to send commands as root, type this:</p>
<p><code>permit persist :wheel as root</code></p>
<h2><i class="fa fa-terminal" aria-hidden="true"></i>Using Doas</h2>
<p>Using doas is incredibly simple. Just type doas instead of sudo. For example, if you usually type:</p>
<p><code>sudo pacman -Syu</code></p>
<p>then just type:</p>
<p><code>doas pacman -Syu</code></p>
<p>I also recommend aliasing doas to 'doas --' since it causes issues sometimes if you just use doas. Apart from that, this is it for the setup.</p>
<h2><i class="fa fa-book" aria-hidden="true"></i>Conclusion</h2>
<p>If you are the only person on your Linux machine, you should switch to doas. It is much more lightweight and is similar to sudo. It has a smaller codebase which, in my opinion, prevents exploits from popping up as often as sudo.</p>
<p>However, if you are in a professional environment, you should stick with sudo.</p>
<p><a href="mailto:sufyaan@counterhawks.com?subject=Use%20Doas%20Instead%20Of%20Sudo">>>> Reply To Me</a></p>
<p style="text-align:center;"><a href="../sm/" style="color:#bd93f9"><svg class="footer-posts" xmlns="http://www.w3.org/2000/svg" viewBox="0 0 48 48"><mask id="ipSLeftOne0"><path fill="#fff" stroke="#fff" stroke-linejoin="round" stroke-width="4" d="M30 36L18 24l12-12v24Z"/></mask><path fill="currentColor" d="M0 0h48v48H0z" mask="url(#ipSLeftOne0)"/></svg>Previous Post</a> - <a style="color:#bd93f9" href="../eid23/">Next Post</a> <svg class="footer-posts" xmlns="http://www.w3.org/2000/svg" viewBox="0 0 48 48"><mask id="ipSRightOne0"><path fill="#fff" stroke="#fff" stroke-linejoin="round" stroke-width="4" d="m20 12l12 12l-12 12V12Z"/></mask><path fill="#bd93f9" d="M0 0h48v48H0z" mask="url(#ipSRightOne0)"/></svg>
<hr/>
<footer>
<p class="footer-text"><a style="color:#bd93f9" href="../blog">blog</a> - <a style="color:#ffb86c" href="../about">about</a> - <a style="color:#f1fa8c" href="../portfolio">portfolio</a> - <a style="color:#ff5555" href="../links">links</a></p>
<p class="footer-text" style="font-size:80%"><a href="../">sufyaan.cyou</a></p>
<p class="footer-text" style="font-size:65%"><a style="color:#aaaaaa" href="../sitemap">Site Map</a></p>
</footer>
Reference in New Issue View Git Blame Copy Permalink