doas —
execute commands as another user
doas |
[ -ns
]
[-a
style
]
[-C
config
]
[-u
user
]
command
[args ] |
The
doas utility executes the given command
as another user. The
command argument is
mandatory unless
-C or
-s is specified.
The options are as follows:
-
-
-a
style- Use the specified authentication style when validating the user, as
allowed by /etc/login.conf. A list of
doas-specific authentication methods may be configured by adding an
‘auth-doas’ entry in
login.conf(5).
-
-
-C
config- Parse and check the configuration file
config, then exit. If
command is supplied,
doas will also perform command
matching. In the latter case either ‘permit’, ‘permit
nopass’ or ‘deny’ will be printed on standard output,
depending on command matching results. No command is executed.
-
-
-n- Non interactive mode, fail if
doas
would prompt for password.
-
-
-s- Execute the shell from
SHELL or
/etc/passwd.
-
-
-u
user- Execute the command as user. The default
is root.
The
doas utility exits 0 on success,
and >0 if an error occurs. It may fail for one of the following
reasons:
- The config file /etc/doas.conf could
not be parsed.
- The user attempted to run a command which is not permitted.
- The password was incorrect.
- The specified command was not found or is not executable.
su(1),
doas.conf(5)
The
doas command first appeared in
OpenBSD 5.8.
Ted Unangst
<
tedu@openbsd.org>
![[OpenBSD]](/openbsd.gif){kind=small}