sudo - execute a command as another user using doas

NAME  SYNOPSIS  DESCRIPTION  OPTIONS  FILES  ENVIRONMENT  EXIT CODES  AUTHORS  REPORTING BUGS  SEE ALSO 

NAME

sudo − execute a command as another user using doas

SYNOPSIS

sudo (−i | −s) [−n] [−u <user>] [<command> [−−] [<args>...]]
sudo [−ins] [−u <user>] <command> [−−] [<args>...]
sudo [−h]

DESCRIPTION

This is not the original sudo(8), but a shim for the sudo command that utilizes doas(1). It supports only a subset of the sudo(8) options (both short and long variants) that have an equivalent in doas(1), plus option −i (−−login).

See doas(1) and sudo(8) for more information.

OPTIONS

−i, −−login

Run the shell specified by the target user’s password database entry as a login shell. This means that login−specific resource files such as .profile, .bash_profile or .login will be read by the shell. If a command is specified, it is passed to the shell for execution via the shell’s −c option. If no command is specified, an interactive shell is executed. This shim attempts to change to that user’s home directory right after running the shell.

−n, −−non−interactive

Non interactive mode, fail if the matching rule doesn’t have the nopass option.

−s, −−shell

Run the shell specified by the SHELL environment variable if it is set or the shell specified by the invoking user’s password database entry. If a command is specified, it is passed to the shell for execution via the shell’s −c option. If no command is specified, an interactive shell is executed. Note that most shells behave differently when a command is specified as compared to an interactive session; consult the shell’s manual for details.

−u <user>, −−user <user>

Run the command as a user, other than the default target user (usually root). The user may be either a user name or a numeric user−ID (UID). Unlike in the original sudo(8), numeric UIDs does not have to be prefixed with the ‘#’ character and only UIDs listed in the password database are allowed.

−h, −−help

Print help message and exit.

FILES

Refer to doas(1).

ENVIRONMENT

This shim sets the following environment variables for compatibility with sudo(8). However, they must be explicitly allowed in doas.conf(5) (using setenv or keepenv) to be exported into the created environment.

SUDO_GID

Set to the group−ID of the user who invoked sudo.

SUDO_UID

Set to the user−ID of the user who invoked sudo.

SUDO_USER

Set to the login name of the user who invoked sudo.

Refer to doas(1) for more information.

EXIT CODES

Refer to doas(1).

AUTHORS

Jakub Jirutka

REPORTING BUGS

Report bugs to the project’s issue tracker at <https://github.com/jirutka/doas−sudo−shim/issues>.

SEE ALSO

doas(1) doas.conf(5) sudo(8)

Updated 2024-01-29 - jenkler.se | uex.se