diff options
Diffstat (limited to 'doas.conf')
-rw-r--r-- | doas.conf | 43 |
1 files changed, 43 insertions, 0 deletions
diff --git a/doas.conf b/doas.conf new file mode 100644 index 000000000000..818e1040aff0 --- /dev/null +++ b/doas.conf @@ -0,0 +1,43 @@ +## Sample configuration file for doas +## Please see doas.conf manual page for information on setting +## up a doas.conf file. +## +## This file should be edited using `vidoas` to prevent syntax errors +## +## doas.conf is read from top to bottom, and the last matching rule +## will be used + +## This file defines which users should (not) be allowed to use doas + +## Allow root user to use doas: +permit root +## alternatively: permit 0 + +## Allow members of the wheel group to use doas (note the colon): +# permit :wheel + +## Deny user malloy to use doas: +# deny malloy + +## Allow alice to 'doas' bob: +# permit alice as bob + +## Deny Bob to run pacman: +# deny bob cmd pacman + +# Allow Bob to update packages using pacman +# allow bob cmd /usr/bin/pacman -Syu + +## If a command without path is specified, +## the command will be searched in +## usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin +## (not PATH). + +## Allow Bob to update packages without entering his pasword: +# allow nopass bob cmd /usr/bin/pacman -Syu + +## Maintain the user's environment: +# allow keepenv alice +## Variables may also be set using setenv { \ +## PKG_CACHE RELEASE_DIR=/var/local/ \ +## } |