execute commands as another user
utility executes the given command as another
user. The command
argument is mandatory unless
By default, a new environment is created. The variables
USER and the
umask(2) are set to values appropriate for
the target user.
DOAS_USER is set to the name of the
doas. The variables
inherited from the current environment. This behavior may be modified by the
config file. The working directory is not changed.
The options are as follows:
- Use the specified authentication style when validating the user, as
allowed by /etc/login.conf. A list of
doas-specific authentication methods may be configured by adding an
‘auth-doas’ entry in
- Parse and check the configuration file config, then
exit. If command is supplied,
doas will also perform command matching. In the
latter case either ‘permit’, ‘permit nopass’
or ‘deny’ will be printed on standard output, depending on
command matching results. No command is executed.
- Clear any persisted authorizations from previous invocations, then
immediately exit. No command is executed.
- Non interactive mode, fail if
doas would prompt
- Execute the shell from
- Execute the command as user. The default is
doas utility exits 0 on success,
and >0 if an error occurs. It may fail for one of the following
- The config file /etc/doas.conf could not be
- The user attempted to run a command which is not permitted.
- The password was incorrect.
- The specified command was not found or is not executable.
doas command first appeared in