You cannot select more than 25 topics
Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
63 lines
5.7 KiB
HTML
63 lines
5.7 KiB
HTML
<!DOCTYPE html>
|
|
<html lang="en">
|
|
<head>
|
|
<title>(POST) Use Doas Instead Of Sudo</title>
|
|
<link rel="icon" type="image/x-icon" href="../images/favicon.webp">
|
|
<link rel='stylesheet' type='text/css' href="../style.css">
|
|
<meta charset="utf-8"/>
|
|
<meta name="viewport" content="width=device-width, initial-scale=1.0">
|
|
<meta property="og:image" content="../images/favicons/blog.webp"></head>
|
|
<body>
|
|
<a href="../">
|
|
<a style="text-decoration: none;" href="../">
|
|
<pre class="main-header">
|
|
_______ _ _ _______ __ __ _______ _______ __ _
|
|
|______ | | |______ \_/ |_____| |_____| | \ |
|
|
______| |_____| | | | | | | | \_|
|
|
</pre>
|
|
</a>
|
|
</a>
|
|
<hr/>
|
|
<p><a href="../">sf.me</a> > <a style="color:#bd93f9" href="../blog/">Blog</a> > <a style="color:#bd93f9" href=".">Use Doas Instead Of Sudo</a></p>
|
|
<h1>Use Doas Instead Of Sudo</h1>
|
|
<p style="font-size:110%">Posted on: <strong>20 April 2023</strong></p>
|
|
<p style="font-size:110%">Reading time: <strong><strong>2 min</strong>
|
|
<p style="font-size:110%"></strong>Category: <a style="color:#ff79c6" href="../blog/linux"><strong>Linux</strong></a> && <a style="color:#ff79c6" href="../blog/software/"><strong>Software</strong></a> && <a style="color:#ff79c6" href="../blog/guides/"><strong>Guides</strong></a></p>
|
|
<p>Sudo. It is often used by <strong>Linux</strong> users to perform commands with root privileges instead of being in a root shell all the time. However, <a href="https://access.redhat.com/security/cve/CVE-2023-22809">there has recently been a vulnerability in sudo due to which people are switching to doas.</a></p>
|
|
<h2>What is Doas?</h2>
|
|
<p>OpenDoas or Doas is a portable version of the doas utility that is used on OpenBSD. OpenDoas can be installed on Unix-like system which includes <strong>Linux</strong>. It is designed to be more minimal and has less configuration options than sudo. If you are on a personal computer, then I highly recommend you switch to doas because it has a much smaller codebase which leaves less room for error.</p>
|
|
<p>However, if you are part of a professional environment with many individuals needing to use sudo, I recommend staying with sudo because it offers more configuration options to be used for groups and users.</p>
|
|
<h2>Installing Doas</h2>
|
|
<p>Doas is available on almost all major distributions. If your distribution is Debian-based (Ubuntu, <strong>Linux</strong> Mint, Zorin OS), simply type:</p>
|
|
<p><code>sudo apt install doas</code></p>
|
|
<p>If you run an Arch-based system (Artix, Arco, Endeavour, Manjaro), type:</p>
|
|
<p><code>sudo pacman -S opendoas</code></p>
|
|
<p>If you use RHEL-based systems (Fedora, CentOS), type:</p>
|
|
<p><code>sudo dnf install opendoas</code></p>
|
|
<p>Doas should now be installed but it will not work out of the box. There is one line that we need to add to the configuration file.</p>
|
|
<h2>Configuring Doas</h2>
|
|
<p>You have to configure doas as it is not included in most distributions by default but do not fret! One of its plus points is that its configuration is much better than sudo's.</p>
|
|
<p>To begin, edit the /etc/doas.conf file as root.</p>
|
|
<p>If you are the only user on your system and do not plan to allow other users to use your system, this line will suffice.</p>
|
|
<p><code>permit persist username as root</code></p>
|
|
<p>Many distributions have a group (wheel, sudoers) that are allowed to run sudo commands. If you would like to allow that group to send commands as root, type this:</p>
|
|
<p><code>permit persist :wheel as root</code></p>
|
|
<h2>Using Doas</h2>
|
|
<p>Using doas is incredibly simple. Just type doas instead of sudo. For example, if you usually type:</p>
|
|
<p><code>sudo pacman -Syu</code></p>
|
|
<p>then just type:</p>
|
|
<p><code>doas pacman -Syu</code></p>
|
|
<p>I also recommend aliasing doas to 'doas --' since it causes issues sometimes if you just use doas. Apart from that, this is it for the setup.</p>
|
|
<h2>Conclusion</h2>
|
|
<p>If you are the only person on your <strong>Linux</strong> machine, you should switch to doas. It is much more lightweight and is similar to sudo. It has a smaller codebase which, in my opinion, prevents exploits from popping up as often as sudo.</p>
|
|
<p>However, if you are in a professional environment, you should stick with sudo.</p>
|
|
<p><a href="mailto:sf@sufyaan.me?subject=Use%20Doas%20Instead%20Of%20Sudo">>>> Reply To Me</a></p>
|
|
<p style="text-align:center;"><a href="../sm/" style="color:#bd93f9"><svg class="footer-posts" xmlns="http://www.w3.org/2000/svg" viewBox="0 0 48 48"><mask id="ipSLeftOne0"><path fill="#fff" stroke="#fff" stroke-linejoin="round" stroke-width="4" d="M30 36L18 24l12-12v24Z"/></mask><path fill="currentColor" d="M0 0h48v48H0z" mask="url(#ipSLeftOne0)"/></svg>Previous Post</a> - <a style="color:#bd93f9" href="../eid23/">Next Post</a> <svg class="footer-posts" xmlns="http://www.w3.org/2000/svg" viewBox="0 0 48 48"><mask id="ipSRightOne0"><path fill="#fff" stroke="#fff" stroke-linejoin="round" stroke-width="4" d="m20 12l12 12l-12 12V12Z"/></mask><path fill="#bd93f9" d="M0 0h48v48H0z" mask="url(#ipSRightOne0)"/></svg>
|
|
<hr/>
|
|
<footer>
|
|
<p class="footer-text"><a style="color:#bd93f9" href="../blog">blog</a> - <a style="color:#ffb86c" href="../about">about</a> - <a style="color:#f1fa8c" href="../portfolio">portfolio</a> - <a style="color:#ff5555" href="../links">links</a></p>
|
|
<p class="footer-text" style="font-size:80%"><a href="../">sufyaan.me</a></p>
|
|
<p class="footer-text" style="font-size:65%"><a style="color:#aaaaaa" href="../sitemap">Site Map</a></p>
|
|
</footer>
|
|
|