NAME
doas
—
execute commands as another
user
SYNOPSIS
doas |
[-ns ] [-a
style] [-C
config] [-u
user] command
[args] |
DESCRIPTION
The doas
utility executes the given
command as another user. The command argument is
mandatory unless -C
or -s
is
specified.
The options are as follows:
-a
style- The
-a
(authentication style) option causesdoas
to use the specified authentication style when validating the user, as allowed by /etc/login.conf. The system administrator may specify a list of doas-specific authentication methods by adding an ‘auth-doas’ entry in /etc/login.conf. -C
config- Parse and check the configuration file config, then
exit. If command is supplied,
doas
will also perform command matching. In the latter case either ‘permit’, ‘permit nopass’ or ‘deny’ will be printed on standard output, depending on command matching results. In either case, no command is executed. -n
- Non interactive mode, fail if
doas
would prompt for password. -s
- Execute the shell from
SHELL
or /etc/passwd. -u
user- Execute the command as user. The default is root.
EXIT STATUS
The doas
utility exits 0 on
success, and >0 if an error occurs. It may fail for one of the
following reasons:
- The config file /etc/doas.conf could not be parsed.
- The user attempted to run a command which is not permitted.
- The password was incorrect.
- The specified command was not found or is not executable.
SEE ALSO
HISTORY
The doas
command first appeared in
OpenBSD 5.8.
AUTHORS
Ted Unangst <tedu@openbsd.org>