The officially official Devuan Forum!

You are not logged in.

#1 2024-08-17 06:43:27

zapper
Member
Registered: 2017-05-29
Posts: 921  

[SOLVED] Anyone know how to get doas working properly on devuan?

Like a sample config?

And also, I wanted to make it so, doas poweroff would automatically cause my computer to shut off.

But with one caveat, I want doas poweroff to work without root to users that can use sudo. But only that command will require no password.


Freedom is never more than one generation away from extinction. Feelings are not facts
If you wish to be humbled, try to exalt yourself long term  If you wish to be exalted, try to humble yourself long term
Favourite operating systems: Hyperbola Devuan OpenBSD
Peace Be With us All!

Offline

#2 2024-08-17 15:21:44

stargate-sg1-cheyenne-mtn
Member
Registered: 2023-11-27
Posts: 134  

Re: [SOLVED] Anyone know how to get doas working properly on devuan?

may/may-not help(but was interesting nevertheless):
https://hackaday.com/2024/05/21/linux-fu-the-root-cause/

keywords:
doas
pkexec
root
run0
sandwich
su
sudo
xkcd

humor:
https://xkcd.com/149/
https://xkcd.com/838/


Be Excellent to each other and Party On!
https://www.youtube.com/watch?v=rph_1DODXDU
https://en.wikipedia.org/wiki/Bill_%26_Ted%27s_Excellent_Adventure
Do unto others as you would have them do instantaneously back to you!

Offline

#3 2024-08-17 19:37:00

yeti
Member
From: I'm not here: U R halucinating
Registered: 2017-02-23
Posts: 322  

Re: [SOLVED] Anyone know how to get doas working properly on devuan?

My experiments on Devuan5 so far...

Two IMO relevant snippets from doas.conf(5):

It may be needed no not allow args for such wired to root commands:

     args [argument ...]
                  Arguments to command.  The command arguments provided by the
                  user need to match those specified.  The keyword args alone
                  means that command must be run without any arguments.

And I sometimes stumble over this one:

     The last matching rule determines the action taken.  If no rule matches,
     the action is denied.

I've a long compile job running so I tried to do this with a more harmless command.

~$ doas -L
~$ doas -L ## clear persistent passwords
~$ grep cmd /etc/doas.conf 
## permit|deny [options] identity [as target] [cmd command [args ...]]
permit nopass :sudo as root cmd date args
~$ doas id
doas (yeti@BEEP) password: (((ctrl-c))) 

~$ ## ok. that asked for a pasword
~$ doas date
Sat Aug 17 19:19:40 UTC 2024
~$ ## ok.   expected.   \o/
~$ doas date +%s
doas (yeti@BEEP) password:  (((ctrl-c)))

~$ ## ;-)  even better!  only allowed witout args.
~$ β–ˆ

(((I hope I haven't screwed up that too much... the heat costs several IQ points...)))


(-: I do not play Nethack.  I do play GNUS. :-)
<πš‹πš˜πšπš’ πš˜πš—πš•πš˜πšŠπš='πšπš˜πšŒπšžπš–πšŽπš—πš.πš‹πš˜πšπš’.πš’πš—πš—πšŽπš›π™·πšƒπ™Όπ™»="π™³πš’πšœπšŠπš‹πš•πšŽ π™Ήπš‚!";'>
π”“π”©π”’π”žπ”°π”’ π”©π”’π”žπ”³π”’ 𝔢𝔬𝔲𝔯 π”£π”žπ”²π”©π”±π”° 𝔦𝔫 𝔱π”₯𝔒 𝔰𝔒𝔠𝔱𝔦𝔬𝔫 π”Ÿπ”’π”©π”¬π”΄ π”žπ”«π”‘ 𝔑𝔬𝔫'𝔱 𝔣𝔬𝔯𝔀𝔒𝔱 𝔱𝔬 π”²π”«π”°π”²π”Ÿπ”°π” π”―π”¦π”Ÿπ”’!

Offline

#4 2024-08-18 01:06:40

zapper
Member
Registered: 2017-05-29
Posts: 921  

Re: [SOLVED] Anyone know how to get doas working properly on devuan?

I figured out that I forgot the nopass part for getting jwmkit to shutdown and reboot properly.

I forget where I looked it up, but yeah, it works now.

I will have to quote myself later.

This is solved tho.


Freedom is never more than one generation away from extinction. Feelings are not facts
If you wish to be humbled, try to exalt yourself long term  If you wish to be exalted, try to humble yourself long term
Favourite operating systems: Hyperbola Devuan OpenBSD
Peace Be With us All!

Offline

Board footer