Executing commands as root
Use doas to execute commands as another user.
254 Words, 2 Minutes
10 Mar 2024
Automatic mounting
It is possible to execute commands as another user (usually root). While sudo can be installed and used the same way than on Linux, on OpenBSD, people usually use doas instead.
Tested on OpenBSD 7.4.
Installing doas
The following command installs the package doas.
Note: if you prefer using sudo, replace doas by sudo in the following command, and edit the file /etc/sudoers. Don't follow the next sections.
# pkg_add doasConfiguring doas
The configuration file is stored at /etc/doas.conf. Example below:
# Allow any user member of the group wheel to execute any command
# as root. Password isn't asked each time, instead it's remembered
# for a couple of minutes.
permit persist :wheel as root
# Allow user trudy to execute any command as user bob.
# Trudy's password is asked each time.
permit trudy as bob
# Allow user bob to execute this specific command as user alice.
# Bob's password is asked each time.
# Here, doas accepts to call the backup-test program as alice only
# if the argument "-testarg=yes" is given.
permit bob as alice cmd /usr/local/bin/backup-test args -testarg=yesNote: it's important to have a newline character after each instruction. Be sure to hit [Enter] before saving the file.
Usage
The most basic usage of doas is to execute a command as root:
$ doas /etc/netstartIt's also possible to execute a command as another user:
$ doas -u alice /usr/local/bin/autodestruction