sudo − execute a command as another user using doas
sudo
(−i | −s) [−n] [−u
<user>] [<command>
[−−] [<args>...]]
sudo [−ins] [−u <user>]
<command> [−−]
[<args>...]
sudo [−h]
This is not the original sudo(8), but a shim for the sudo command that utilizes doas(1). It supports only a subset of the sudo(8) options (both short and long variants) that have an equivalent in doas(1), plus option −i (−−login).
See doas(1) and sudo(8) for more information.
−i, −−login
Run the shell specified by the target user’s password database entry as a login shell. This means that login−specific resource files such as .profile, .bash_profile or .login will be read by the shell. If a command is specified, it is passed to the shell for execution via the shell’s −c option. If no command is specified, an interactive shell is executed. This shim attempts to change to that user’s home directory right after running the shell.
−n, −−non−interactive
Non interactive mode, fail if the matching rule doesn’t have the nopass option.
−s, −−shell
Run the shell specified by the SHELL environment variable if it is set or the shell specified by the invoking user’s password database entry. If a command is specified, it is passed to the shell for execution via the shell’s −c option. If no command is specified, an interactive shell is executed. Note that most shells behave differently when a command is specified as compared to an interactive session; consult the shell’s manual for details.
−u <user>, −−user <user>
Run the command as a user, other than the default target user (usually root). The user may be either a user name or a numeric user−ID (UID). Unlike in the original sudo(8), numeric UIDs does not have to be prefixed with the ‘#’ character and only UIDs listed in the password database are allowed.
−h, −−help
Print help message and exit.
Refer to doas(1).
This shim sets the following environment variables for compatibility with sudo(8). However, they must be explicitly allowed in doas.conf(5) (using setenv or keepenv) to be exported into the created environment.
SUDO_GID
Set to the group−ID of the user who invoked sudo.
SUDO_UID
Set to the user−ID of the user who invoked sudo.
SUDO_USER
Set to the login name of the user who invoked sudo.
Refer to doas(1) for more information.
Refer to doas(1).
Jakub Jirutka
Report bugs to the project’s issue tracker at <https://github.com/jirutka/doas−sudo−shim/issues>.
doas(1) doas.conf(5) sudo(8)