![[BACK]](/icons/back.gif){kind=icon}
Up to [local] / src / usr.bin / doas
Request diff between arbitrary revisions
Default branch: MAIN
Revision 1.46 / (download) - annotate - [select for diffs], Wed May 3 14:29:57 2023 UTC (12 months, 2 weeks ago) by kn
Branch: MAIN
CVS Tags: OPENBSD_7_5_BASE,
OPENBSD_7_5,
OPENBSD_7_4_BASE,
OPENBSD_7_4,
HEAD
Changes since 1.45: +2 -2 lines
Diff to previous 1.45 (colored)
Improve setenv markup - braces are not commands, use 'Brq' - markup variable and value each, leave = (like mdoc(7) 'Ns' example)
Revision 1.45 / (download) - annotate - [select for diffs], Fri Oct 9 10:24:33 2020 UTC (3 years, 7 months ago) by jmc
Branch: MAIN
CVS Tags: OPENBSD_7_3_BASE,
OPENBSD_7_3,
OPENBSD_7_2_BASE,
OPENBSD_7_2,
OPENBSD_7_1_BASE,
OPENBSD_7_1,
OPENBSD_7_0_BASE,
OPENBSD_7_0,
OPENBSD_6_9_BASE,
OPENBSD_6_9
Changes since 1.44: +3 -3 lines
Diff to previous 1.44 (colored)
fix SEE ALSO;
Revision 1.44 / (download) - annotate - [select for diffs], Fri Oct 9 07:43:38 2020 UTC (3 years, 7 months ago) by kn
Branch: MAIN
Changes since 1.43: +6 -2 lines
Diff to previous 1.43 (colored)
Add nolog option to avoid syslog(3) doas(1) unconditionally logs all executions but syslog.conf(5) provides no means to filter messages by user, target or command. Add the "nolog" option to doas.conf(5) such that syslog becomes an opt-out feature; this keeps configuration simple enough yet powerful since rule definition is the best place to decide whether to log commands or not on a per rule basis - this also aoids duplicating information or logic in any other log processing tool. OK tedu martijn
Revision 1.43 / (download) - annotate - [select for diffs], Sat May 16 16:58:11 2020 UTC (4 years ago) by jmc
Branch: MAIN
CVS Tags: OPENBSD_6_8_BASE,
OPENBSD_6_8
Changes since 1.42: +4 -4 lines
Diff to previous 1.42 (colored)
list example files in FILES with a short description: generally, "Example configuration file.", but occasionally something else fit better; at the same time, try to make the format for FILES more consistent; original diff from clematis
Revision 1.42 / (download) - annotate - [select for diffs], Mon Feb 10 13:18:20 2020 UTC (4 years, 3 months ago) by schwarze
Branch: MAIN
CVS Tags: OPENBSD_6_7_BASE,
OPENBSD_6_7
Changes since 1.41: +7 -4 lines
Diff to previous 1.41 (colored)
briefly mention /etc/examples/ in the FILES section of all the manual pages that document the corresponding configuration files; OK jmc@, and general direction discussed with many
Revision 1.41 / (download) - annotate - [select for diffs], Sun Jul 7 19:21:28 2019 UTC (4 years, 10 months ago) by tedu
Branch: MAIN
CVS Tags: OPENBSD_6_6_BASE,
OPENBSD_6_6
Changes since 1.40: +3 -3 lines
Diff to previous 1.40 (colored)
fix one last edge case regarding PATH, allows simpler config.
Revision 1.40 / (download) - annotate - [select for diffs], Mon Jun 24 14:45:52 2019 UTC (4 years, 10 months ago) by tedu
Branch: MAIN
Changes since 1.39: +5 -4 lines
Diff to previous 1.39 (colored)
add an example hint that shows how original path can be retained
Revision 1.39 / (download) - annotate - [select for diffs], Fri Jun 21 17:02:27 2019 UTC (4 years, 10 months ago) by tedu
Branch: MAIN
Changes since 1.38: +7 -17 lines
Diff to previous 1.38 (colored)
tweak wording a bit. always talk about creating a new environment. also document DOAS_USER. ok deraadt jmc
Revision 1.38 / (download) - annotate - [select for diffs], Wed Jun 19 09:55:55 2019 UTC (4 years, 11 months ago) by schwarze
Branch: MAIN
Changes since 1.37: +6 -6 lines
Diff to previous 1.37 (colored)
more precisely describe what happens to the environment without keepenv; OK tedu@
Revision 1.37 / (download) - annotate - [select for diffs], Mon Jun 17 16:01:26 2019 UTC (4 years, 11 months ago) by tedu
Branch: MAIN
Changes since 1.36: +10 -2 lines
Diff to previous 1.36 (colored)
always reset the "su" variables, which is more consistent and predictable. ok martijn millert
Revision 1.36 / (download) - annotate - [select for diffs], Sun Jun 16 18:16:34 2019 UTC (4 years, 11 months ago) by tedu
Branch: MAIN
Changes since 1.35: +3 -9 lines
Diff to previous 1.35 (colored)
redo the environment inheritance to not inherit. it was intended to make life easier, but it can be surprising or even unsafe. instead, reset just about everything to the target user's values. ok deraadt martijn Thanks to Sander Bos in particular for pointing out some nasty edge cases.
Revision 1.35 / (download) - annotate - [select for diffs], Wed Feb 7 05:13:57 2018 UTC (6 years, 3 months ago) by tedu
Branch: MAIN
CVS Tags: OPENBSD_6_5_BASE,
OPENBSD_6_5,
OPENBSD_6_4_BASE,
OPENBSD_6_4,
OPENBSD_6_3_BASE,
OPENBSD_6_3
Changes since 1.34: +3 -3 lines
Diff to previous 1.34 (colored)
lowercase doas ee cummings style
Revision 1.34 / (download) - annotate - [select for diffs], Wed Feb 7 05:05:46 2018 UTC (6 years, 3 months ago) by tedu
Branch: MAIN
Changes since 1.33: +3 -3 lines
Diff to previous 1.33 (colored)
not necessarily the same name, but the indicated name
Revision 1.33 / (download) - annotate - [select for diffs], Thu Jul 13 19:16:33 2017 UTC (6 years, 10 months ago) by jmc
Branch: MAIN
CVS Tags: OPENBSD_6_2_BASE,
OPENBSD_6_2
Changes since 1.32: +7 -4 lines
Diff to previous 1.32 (colored)
man pages with pseudo synopses which list filenames end up creating very ugly output in man -k; after some discussion with ingo, we feel the simplest fix is to remove such SYNOPSIS sections: the info is hardly helpful at page top, is contained already in FILES, and there are sufficiently few that just zapping them is simple; ok schwarze, who also helpfully ran things through a build to check output;
Revision 1.32 / (download) - annotate - [select for diffs], Mon Mar 20 14:35:06 2017 UTC (7 years, 2 months ago) by tedu
Branch: MAIN
CVS Tags: OPENBSD_6_1_BASE,
OPENBSD_6_1
Changes since 1.31: +6 -12 lines
Diff to previous 1.31 (colored)
simplify example. list of ports variables was non-exahustive, which means what exactly? there should be a better place for such lists.
Revision 1.31 / (download) - annotate - [select for diffs], Mon Dec 5 10:58:07 2016 UTC (7 years, 5 months ago) by schwarze
Branch: MAIN
Changes since 1.30: +4 -4 lines
Diff to previous 1.30 (colored)
Be more explicit about the "args" syntax. In part from a patch from Anton dot Lindqvist at gmail dot com. OK tedu@
Revision 1.30 / (download) - annotate - [select for diffs], Fri Sep 2 18:12:30 2016 UTC (7 years, 8 months ago) by tedu
Branch: MAIN
Changes since 1.29: +4 -1 lines
Diff to previous 1.29 (colored)
add support for the verified auth ioctls using 'persist' rules. ok deraadt henning
Revision 1.29 / (download) - annotate - [select for diffs], Mon Jun 27 17:36:33 2016 UTC (7 years, 10 months ago) by jmc
Branch: MAIN
CVS Tags: OPENBSD_6_0_BASE,
OPENBSD_6_0
Changes since 1.28: +8 -6 lines
Diff to previous 1.28 (colored)
minor tweaks; ok tedu
Revision 1.28 / (download) - annotate - [select for diffs], Mon Jun 27 15:47:38 2016 UTC (7 years, 10 months ago) by tedu
Branch: MAIN
Changes since 1.27: +3 -3 lines
Diff to previous 1.27 (colored)
somehow nopass snuck onto the :wheel example. i think it's better without.
Revision 1.27 / (download) - annotate - [select for diffs], Mon Jun 27 15:41:17 2016 UTC (7 years, 10 months ago) by tedu
Branch: MAIN
Changes since 1.26: +16 -7 lines
Diff to previous 1.26 (colored)
revise environment handling. Add a setenv keyword for manipulating the environment. keepenv now means only retain everything. (for one release, the old use of keepenv will still work.) Allow setting variables to new or existing values, and also removing vars when keepenv is used. ok djm martijn tb
Revision 1.26 / (download) - annotate - [select for diffs], Sat Jun 11 17:17:10 2016 UTC (7 years, 11 months ago) by tedu
Branch: MAIN
Changes since 1.25: +2 -3 lines
Diff to previous 1.25 (colored)
don't use specified twice in a sentence, noticed by jmc
Revision 1.25 / (download) - annotate - [select for diffs], Sat Jun 11 05:04:03 2016 UTC (7 years, 11 months ago) by tedu
Branch: MAIN
Changes since 1.24: +5 -5 lines
Diff to previous 1.24 (colored)
clarify some wording
Revision 1.24 / (download) - annotate - [select for diffs], Sat Jun 11 04:56:16 2016 UTC (7 years, 11 months ago) by tedu
Branch: MAIN
Changes since 1.23: +3 -2 lines
Diff to previous 1.23 (colored)
specify that default is deny if no rule matches
Revision 1.23 / (download) - annotate - [select for diffs], Sat Jun 11 04:52:49 2016 UTC (7 years, 11 months ago) by tedu
Branch: MAIN
Changes since 1.22: +4 -4 lines
Diff to previous 1.22 (colored)
expand contractions
Revision 1.22 / (download) - annotate - [select for diffs], Tue Jun 7 16:49:23 2016 UTC (7 years, 11 months ago) by tedu
Branch: MAIN
Changes since 1.21: +4 -11 lines
Diff to previous 1.21 (colored)
revert recent changes to allow setenv. everybody now has an idea about how to do things better, so let's take a step back and reconsider.
Revision 1.21 / (download) - annotate - [select for diffs], Tue Jun 7 14:11:16 2016 UTC (7 years, 11 months ago) by tedu
Branch: MAIN
Changes since 1.20: +4 -9 lines
Diff to previous 1.20 (colored)
merge setenv feature into keepenv. less grammar, more better. minimal changes to implementation for now, but some refinement to the way in which the new environment is constructed would be nice. ok djm
Revision 1.20 / (download) - annotate - [select for diffs], Sun Jun 5 07:22:25 2016 UTC (7 years, 11 months ago) by jmc
Branch: MAIN
Changes since 1.19: +3 -3 lines
Diff to previous 1.19 (colored)
spelling fix;
Revision 1.19 / (download) - annotate - [select for diffs], Sun Jun 5 00:46:34 2016 UTC (7 years, 11 months ago) by djm
Branch: MAIN
Changes since 1.18: +14 -2 lines
Diff to previous 1.18 (colored)
add a doas.conf setenv directive that allows setting environment
variables explicitly and by copying existing environment variables
of a different name. E.g.
permit nopass setenv { PS1=$SUDO_PS1 FOO=bar } keepenv :wheel
ok tedu@ benno@
Revision 1.18 / (download) - annotate - [select for diffs], Sat Jan 2 08:34:47 2016 UTC (8 years, 4 months ago) by jmc
Branch: MAIN
CVS Tags: OPENBSD_5_9_BASE,
OPENBSD_5_9
Changes since 1.17: +4 -4 lines
Diff to previous 1.17 (colored)
tweak previous;
Revision 1.17 / (download) - annotate - [select for diffs], Fri Jan 1 14:23:21 2016 UTC (8 years, 4 months ago) by tedu
Branch: MAIN
Changes since 1.16: +6 -4 lines
Diff to previous 1.16 (colored)
doas.conf lives in /etc. from Amit Kulkarni
Revision 1.16 / (download) - annotate - [select for diffs], Tue Sep 1 13:20:53 2015 UTC (8 years, 8 months ago) by tedu
Branch: MAIN
Changes since 1.15: +5 -2 lines
Diff to previous 1.15 (colored)
only need to restrict exec path if the rule specifies a command. add a hint about path restrictions to man page. ok deraadt espie
Revision 1.15 / (download) - annotate - [select for diffs], Fri Aug 28 13:19:50 2015 UTC (8 years, 8 months ago) by reyk
Branch: MAIN
Changes since 1.14: +5 -3 lines
Diff to previous 1.14 (colored)
Document an example that lets root run unrestricted doas commands as
root ("permit nopass keepenv root as root"), matching the old
behaviour from OpenBSD's sudoers file ("root ALL=(ALL) SETENV: ALL").
OK sthen@
Revision 1.14 / (download) - annotate - [select for diffs], Thu Jul 30 14:02:04 2015 UTC (8 years, 9 months ago) by zhuk
Branch: MAIN
CVS Tags: OPENBSD_5_8_BASE,
OPENBSD_5_8
Changes since 1.13: +3 -3 lines
Diff to previous 1.13 (colored)
Fix usage examples. From Theo Buehler on misc@, thanks! okay jmc@, deraadt@.
Revision 1.13 / (download) - annotate - [select for diffs], Mon Jul 27 21:44:11 2015 UTC (8 years, 9 months ago) by tedu
Branch: MAIN
Changes since 1.12: +3 -3 lines
Diff to previous 1.12 (colored)
default permitted target is all users, not root.
Revision 1.12 / (download) - annotate - [select for diffs], Mon Jul 27 17:57:06 2015 UTC (8 years, 9 months ago) by jmc
Branch: MAIN
Changes since 1.11: +7 -5 lines
Diff to previous 1.11 (colored)
some improvements from michael reed;
Revision 1.11 / (download) - annotate - [select for diffs], Thu Jul 23 15:26:37 2015 UTC (8 years, 9 months ago) by jmc
Branch: MAIN
Changes since 1.10: +5 -5 lines
Diff to previous 1.10 (colored)
tweak previous;
Revision 1.10 / (download) - annotate - [select for diffs], Wed Jul 22 20:15:24 2015 UTC (8 years, 9 months ago) by zhuk
Branch: MAIN
Changes since 1.9: +18 -4 lines
Diff to previous 1.9 (colored)
Implement quoting support in doas.conf. Now you can pass environment variables and arguments with almost any values. As a bonus, doas will now point to exact place where syntax error occured most of times; there is some room for improvement, though. okay tedu@
Revision 1.9 / (download) - annotate - [select for diffs], Wed Jul 22 06:30:12 2015 UTC (8 years, 9 months ago) by jmc
Branch: MAIN
Changes since 1.8: +6 -9 lines
Diff to previous 1.8 (colored)
tweak previous; ok zhuk
Revision 1.8 / (download) - annotate - [select for diffs], Tue Jul 21 11:04:06 2015 UTC (8 years, 10 months ago) by zhuk
Branch: MAIN
Changes since 1.7: +12 -2 lines
Diff to previous 1.7 (colored)
Add argument matching support to doas. Input and generic support from many. Final okay from tedu@.
Revision 1.7 / (download) - annotate - [select for diffs], Mon Jul 20 20:18:45 2015 UTC (8 years, 10 months ago) by tedu
Branch: MAIN
Changes since 1.6: +2 -3 lines
Diff to previous 1.6 (colored)
SHELL is out, from Michael Reed
Revision 1.6 / (download) - annotate - [select for diffs], Mon Jul 20 07:43:27 2015 UTC (8 years, 10 months ago) by jmc
Branch: MAIN
Changes since 1.5: +3 -3 lines
Diff to previous 1.5 (colored)
whitespace;
Revision 1.5 / (download) - annotate - [select for diffs], Sun Jul 19 22:09:08 2015 UTC (8 years, 10 months ago) by benno
Branch: MAIN
Changes since 1.4: +36 -6 lines
Diff to previous 1.4 (colored)
In the config file allow line continuations with backslashes. Document this, and comments and environment variables. ok tedu@
Revision 1.4 / (download) - annotate - [select for diffs], Sat Jul 18 07:03:48 2015 UTC (8 years, 10 months ago) by bentley
Branch: MAIN
Changes since 1.3: +3 -3 lines
Diff to previous 1.3 (colored)
identity isn't optional. ok tedu@
Revision 1.3 / (download) - annotate - [select for diffs], Fri Jul 17 20:50:31 2015 UTC (8 years, 10 months ago) by schwarze
Branch: MAIN
Changes since 1.2: +26 -13 lines
Diff to previous 1.2 (colored)
add some missing content and markup and optimize some indentation ok tedu@
Revision 1.2 / (download) - annotate - [select for diffs], Thu Jul 16 21:24:07 2015 UTC (8 years, 10 months ago) by nicm
Branch: MAIN
Changes since 1.1: +3 -3 lines
Diff to previous 1.1 (colored)
Typo: exeucte -> execute
Revision 1.1 / (download) - annotate - [select for diffs], Thu Jul 16 20:44:21 2015 UTC (8 years, 10 months ago) by tedu
Branch: MAIN
import doas. still subject to changes, large and small.