doas 101 question

To: debian-user@lists.debian.org
Subject: doas 101 question
From: David Newman <dnewman@networktest.com>
Date: Fri, 17 Dec 2021 12:20:43 -0800
Message-id: <[🔎] 23c1c722-fb44-9368-8b2f-27ace1fdac75@networktest.com>

bullseye 11.1, 5.10.0-9-amd64, doas 6.8.1-2

How to configure /etc/doas.conf so a non-root user gets root's PATH?

Neither of these options work when attempting to execute a command in/usr/sbin via doas (e.g., 'doas <command name, without full path>'):

permit nopass setenv {PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin }dnewman as root

permit nopass keepenv root as root

permit nopass setenv { -ENV PS1=$DOAS_PS1 SSH_AUTH_SOCK } dnewman as root
permit nopass keepenv root as root

The latter is from doas on OpenBSD, but I think that works becausenon-root user accounts already have various sbins in their PATH.

I'm aware that linux-utils changed behavior a few years ago, and thatnon-root users have a more restricted PATH. However, I'm unclear on whatsteps to take so that non-root users can temporarily use root's PATH.


Thanks.

dn

Reply to:

Follow-Ups:
- Re: doas 101 question
  - From: Greg Wooledge <greg@wooledge.org>

Prev by Date: Re: 8 -> 9 update changing things
Next by Date: Re: doas 101 question
Previous by thread: Re: Fwd: Returned mail: see transcript for details
Next by thread: Re: doas 101 question
Index(es):
- Date
- Thread