Hacker News new | past | comments | ask | show | jobs | submit login

Does doas have equivalents to the -i and -E flags in sudo? I use both of those frequently.



I switched from sudo to doas when setting up my new laptop ~ two years ago, took some time to get accustomed, but it is really much simpler..

For `sudo -i` you can just use `doas -s`. https://manpages.debian.org/bookworm/opendoas/doas.1.en.html

Keeping the environment via `sudo -E` is slightly trickier. If you need that for a fixed set of commands you can enable keeping the environment for those explicitly via the configuration file using the `keepenv` option. You can also set specific variables for specific commands,

https://manpages.debian.org/bookworm/opendoas/doas.conf.5.en...

But you would need to use a workaround if you want to keep the environment for a command without always adding that to the configuration, one way would to add a wrapper executable and add a permanent rule for that, e.g. something like the following should work:

  # reuse the `env` tool, but use an explicit symlink to have clear boundaries
  ln -s /bin/env /bin/keep-env
  
  # add rule for keep-env to doas cfg, replace USER with your user name, or prefix with : for a group
  echo 'permit persist keepenv USER cmd /bin/keep-env' | tee -a /etc/doas.conf
  
  # run command
  doas keep-env THE-ACTUAL-COMMAND
Disclaimer, not deeply tested and there might be even better options, but FWIW, this workaround is at least quite simple in principle.




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: