sufyaan
/
sufyaan-website
1
1
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
You cannot select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
main
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from '7601aa8d60'
${ noResults }
sufyaan-website/doas/index.html

64 lines
10 KiB
HTML
Raw Blame History

<!DOCTYPE html>
<html lang="en">
<head>
<title>(POST) Use Doas Instead Of Sudo</title>
<link rel="icon" type="image/x-icon" href="../images/favicon.webp">
<link rel='stylesheet' type='text/css' href="../style.css">
<meta charset="utf-8"/>
<meta name="viewport" content="width=device-width, initial-scale=1.0">
</head>
<body>
<a href="../">
<a style="text-decoration: none;" href="../">
<pre class="main-header">
_______ _ _ _______ __ __ _______ _______ __ _
|______ | | |______ \_/ |_____| |_____| | \ |
______| |_____| | | | | | | | \_|
</pre>
</a>
</a>
<hr/>
<p><a href="../">sf.cu</a> > <a style="color:#bd93f9" href="../blog/">Blog</a> > <a style="color:#bd93f9" href="."><svg class="posts" xmlns="http://www.w3.org/2000/svg" width="16" height="16" viewBox="0 0 24 24"><path fill="currentColor" d="M2.69 2c.85-.05 3.39 1.16 3.44 1.19c-1.29.81-2.39 1.9-3.22 3.19C2.09 4.81 1.34 2.91 2 2.25c.17-.17.4-.25.69-.25m18.15.13c.41-.05.74.01.94.21c1.07 1.08-1.9 5.81-2.4 6.32c-.51.5-1.81.04-2.88-1.03c-1.07-1.08-1.53-2.37-1.03-2.88c.41-.41 3.62-2.45 5.37-2.62M12 2.56c1.29 0 2.53.26 3.66.72c-.49.32-.85.57-.97.69c-.99.99-.55 2.86 1.03 4.44c.98.97 2.12 1.56 3.06 1.56c.68 0 1.14-.29 1.38-.53c.17-.17.44-.56.75-1.03c.51 1.18.78 2.47.78 3.84c0 5.36-4.33 9.72-9.69 9.72c-5.36 0-9.69-4.36-9.69-9.72A9.68 9.68 0 0 1 12 2.56Z"/></svg>Use Doas Instead Of Sudo</a></p>
<h1><svg class="titles" xmlns="http://www.w3.org/2000/svg" viewBox="0 0 24 24"><path fill="currentColor" d="M2.69 2c.85-.05 3.39 1.16 3.44 1.19c-1.29.81-2.39 1.9-3.22 3.19C2.09 4.81 1.34 2.91 2 2.25c.17-.17.4-.25.69-.25m18.15.13c.41-.05.74.01.94.21c1.07 1.08-1.9 5.81-2.4 6.32c-.51.5-1.81.04-2.88-1.03c-1.07-1.08-1.53-2.37-1.03-2.88c.41-.41 3.62-2.45 5.37-2.62M12 2.56c1.29 0 2.53.26 3.66.72c-.49.32-.85.57-.97.69c-.99.99-.55 2.86 1.03 4.44c.98.97 2.12 1.56 3.06 1.56c.68 0 1.14-.29 1.38-.53c.17-.17.44-.56.75-1.03c.51 1.18.78 2.47.78 3.84c0 5.36-4.33 9.72-9.69 9.72c-5.36 0-9.69-4.36-9.69-9.72A9.68 9.68 0 0 1 12 2.56Z"/></svg>Use Doas Instead Of Sudo</h1>
<p style="font-size:110%">Posted on: <strong>20 April 2023</strong></p>
<p style="font-size:110%">Reading time: <strong><strong>2 min</strong>
<p style="font-size:110%"></strong>Category: <a style="color:#ff79c6" href="../blog/linux"><svg class="posts" xmlns="http://www.w3.org/2000/svg" width="16" height="16" viewBox="0 0 24 24"><path fill="none" stroke="currentColor" stroke-linecap="round" stroke-linejoin="round" stroke-width="2" d="m5 7l5 5l-5 5m7 2h7"/></svg><strong>Linux</strong></a> && <a style="color:#ff79c6" href="../blog/software/"><svg class="posts" xmlns="http://www.w3.org/2000/svg" width="16" height="16" viewBox="0 0 24 24"><path fill="currentColor" d="M14 18.32A7.06 7.06 0 0 1 11.28 16H3V4h18v2.26a7.08 7.08 0 0 1 2 2.15V4a2 2 0 0 0-2-2H3a2 2 0 0 0-2 2v12a2 2 0 0 0 2 2h7v2H8v2h8v-2h-2Z"/><path fill="currentColor" d="M17 6a6 6 0 1 0 6 6a6 6 0 0 0-6-6Zm0 7.5a1.5 1.5 0 1 1 1.5-1.5a1.5 1.5 0 0 1-1.5 1.5Z"/></svg><strong>Software</strong></a> && <a style="color:#ff79c6" href="../blog/guides/"><svg class="posts" xmlns="http://www.w3.org/2000/svg" width="16" height="16" viewBox="0 0 512 512"><path fill="currentColor" d="M464 48c-67.61.29-117.87 9.6-154.24 25.69c-27.14 12-37.76 21.08-37.76 51.84V448c41.57-37.5 78.46-48 224-48V48ZM48 48c67.61.29 117.87 9.6 154.24 25.69c27.14 12 37.76 21.08 37.76 51.84V448c-41.57-37.5-78.46-48-224-48V48Z"/></svg><strong>Guides</strong></a></p>
<p>Sudo. It is often used by <strong>Linux</strong> users to perform commands with root privileges instead of being in a root shell all the time. However, <a href="https://access.redhat.com/security/cve/CVE-2023-22809">there has recently been a vulnerability in sudo due to which people are switching to doas.</a></p>
<h2><svg class="heading2" xmlns="http://www.w3.org/2000/svg" viewBox="0 0 1024 1024"><path fill="currentColor" d="M512 64a448 448 0 1 1 0 896a448 448 0 0 1 0-896zm23.744 191.488c-52.096 0-92.928 14.784-123.2 44.352c-30.976 29.568-45.76 70.4-45.76 122.496h80.256c0-29.568 5.632-52.8 17.6-68.992c13.376-19.712 35.2-28.864 66.176-28.864c23.936 0 42.944 6.336 56.32 19.712c12.672 13.376 19.712 31.68 19.712 54.912c0 17.6-6.336 34.496-19.008 49.984l-8.448 9.856c-45.76 40.832-73.216 70.4-82.368 89.408c-9.856 19.008-14.08 42.24-14.08 68.992v9.856h80.96v-9.856c0-16.896 3.52-31.68 10.56-45.76c6.336-12.672 15.488-24.64 28.16-35.2c33.792-29.568 54.208-48.576 60.544-55.616c16.896-22.528 26.048-51.392 26.048-86.592c0-42.944-14.08-76.736-42.24-101.376c-28.16-25.344-65.472-37.312-111.232-37.312zm-12.672 406.208a54.272 54.272 0 0 0-38.72 14.784a49.408 49.408 0 0 0-15.488 38.016c0 15.488 4.928 28.16 15.488 38.016A54.848 54.848 0 0 0 523.072 768c15.488 0 28.16-4.928 38.72-14.784a51.52 51.52 0 0 0 16.192-38.72a51.968 51.968 0 0 0-15.488-38.016a55.936 55.936 0 0 0-39.424-14.784z"/></svg>What is Doas?</h2>
<p>OpenDoas or Doas is a portable version of the doas utility that is used on OpenBSD. OpenDoas can be installed on Unix-like system which includes <strong>Linux</strong>. It is designed to be more minimal and has less configuration options than sudo. If you are on a personal computer, then I highly recommend you switch to doas because it has a much smaller codebase which leaves less room for error.</p>
<p>However, if you are part of a professional environment with many individuals needing to use sudo, I recommend staying with sudo because it offers more configuration options to be used for groups and users.</p>
<h2><svg class="heading2" xmlns="http://www.w3.org/2000/svg" viewBox="0 0 24 24"><path fill="currentColor" d="M11 2v5H8l4 4l4-4h-3V2h7a1 1 0 0 1 1 1v18a1 1 0 0 1-1 1H4a1 1 0 0 1-1-1V3a1 1 0 0 1 1-1h7Zm8 14H5v4h14v-4Zm-2 1v2h-2v-2h2Z"/></svg>Installing Doas</h2>
<p>Doas is available on almost all major distributions. If your distribution is Debian-based (Ubuntu, <strong>Linux</strong> Mint, Zorin OS), simply type:</p>
<p><code>sudo apt install doas</code></p>
<p>If you run an Arch-based system (Artix, Arco, Endeavour, Manjaro), type:</p>
<p><code>sudo pacman -S opendoas</code></p>
<p>If you use RHEL-based systems (Fedora, CentOS), type:</p>
<p><code>sudo dnf install opendoas</code></p>
<p>Doas should now be installed but it will not work out of the box. There is one line that we need to add to the configuration file.</p>
<h2><svg class="heading2" xmlns="http://www.w3.org/2000/svg" viewBox="0 0 256 256"><path fill="currentColor" d="M232 96a72 72 0 0 1-100.94 66L79 222.22c-.12.14-.26.29-.39.42a32 32 0 0 1-45.26-45.26c.14-.13.28-.27.43-.39L94 124.94a72.07 72.07 0 0 1 83.54-98.78a8 8 0 0 1 3.93 13.19L144 80l5.66 26.35L176 112l40.65-37.52a8 8 0 0 1 13.19 3.93A72.6 72.6 0 0 1 232 96Z"/></svg>Configuring Doas</h2>
<p>You have to configure doas as it is not included in most distributions by default but do not fret! One of its plus points is that its configuration is much better than sudo's.</p>
<p>To begin, edit the /etc/doas.conf file as root.</p>
<p>If you are the only user on your system and do not plan to allow other users to use your system, this line will suffice.</p>
<p><code>permit persist username as root</code></p>
<p>Many distributions have a group (wheel, sudoers) that are allowed to run sudo commands. If you would like to allow that group to send commands as root, type this:</p>
<p><code>permit persist :wheel as root</code></p>
<h2><svg class="heading2" xmlns="http://www.w3.org/2000/svg" viewBox="0 0 24 24"><path fill="currentColor" d="M12 14v8H4a8 8 0 0 1 8-8Zm0-1c-3.315 0-6-2.685-6-6s2.685-6 6-6s6 2.685 6 6s-2.685 6-6 6Zm9 4h1v5h-8v-5h1v-1a3 3 0 1 1 6 0v1Zm-2 0v-1a1 1 0 1 0-2 0v1h2Z"/></svg>Using Doas</h2>
<p>Using doas is incredibly simple. Just type doas instead of sudo. For example, if you usually type:</p>
<p><code>sudo pacman -Syu</code></p>
<p>then just type:</p>
<p><code>doas pacman -Syu</code></p>
<p>I also recommend aliasing doas to 'doas --' since it causes issues sometimes if you just use doas. Apart from that, this is it for the setup.</p>
<h2><svg class="heading2" xmlns="http://www.w3.org/2000/svg" viewBox="0 0 24 24"><path fill="currentColor" d="M6.012 18H21V4a2 2 0 0 0-2-2H6c-1.206 0-3 .799-3 3v14c0 2.201 1.794 3 3 3h15v-2H6.012C5.55 19.988 5 19.805 5 19s.55-.988 1.012-1zM8 6h9v2H8V6z"/></svg>Conclusion</h2>
<p>If you are the only person on your <strong>Linux</strong> machine, you should switch to doas. It is much more lightweight and is similar to sudo. It has a smaller codebase which, in my opinion, prevents exploits from popping up as often as sudo.</p>
<p>However, if you are in a professional environment, you should stick with sudo.</p>
<p><a href="mailto:sufyaan@counterhawks.com?subject=Use%20Doas%20Instead%20Of%20Sudo">>>> Reply To Me</a></p>
<p><a href="doas.pdf">>>> Download PDF</a></p>
<p style="text-align:center;"><a href="../sm/" style="color:#bd93f9"><svg class="footer-posts" xmlns="http://www.w3.org/2000/svg" viewBox="0 0 48 48"><mask id="ipSLeftOne0"><path fill="#fff" stroke="#fff" stroke-linejoin="round" stroke-width="4" d="M30 36L18 24l12-12v24Z"/></mask><path fill="currentColor" d="M0 0h48v48H0z" mask="url(#ipSLeftOne0)"/></svg>Previous Post</a> - <a style="color:#bd93f9" href="../eid23/">Next Post</a> <svg class="footer-posts" xmlns="http://www.w3.org/2000/svg" viewBox="0 0 48 48"><mask id="ipSRightOne0"><path fill="#fff" stroke="#fff" stroke-linejoin="round" stroke-width="4" d="m20 12l12 12l-12 12V12Z"/></mask><path fill="#bd93f9" d="M0 0h48v48H0z" mask="url(#ipSRightOne0)"/></svg>
<hr/>
<footer>
<p class="footer-text"><a style="color:#bd93f9" href="../blog">blog</a> - <a style="color:#ffb86c" href="../about">about</a> - <a style="color:#f1fa8c" href="../portfolio">portfolio</a> - <a style="color:#ff5555" href="../links">links</a></p>
<p class="footer-text" style="font-size:80%"><a href="../">sufyaan.me</a></p>
<p class="footer-text" style="font-size:65%"><a style="color:#aaaaaa" href="../sitemap">Site Map</a></p>
</footer>
Reference in New Issue View Git Blame Copy Permalink