On Fri, 19 Feb 2016 13:45:28 -0700, "Todd C. Miller" wrote:
> On Wed, 13 Jan 2016 11:17:55 -0500, Philippe Meunier wrote:
>
> > By the way, while playing with which(1) and doas(1) and $PATH, I
> > managed to get which(1) to core dump, twice, although I have not b
On Wed, 13 Jan 2016 11:17:55 -0500, Philippe Meunier wrote:
> By the way, while playing with which(1) and doas(1) and $PATH, I
> managed to get which(1) to core dump, twice, although I have not been
> able to reproduce it reliably.
The crash in which was fixed recently.
- todd
Philippe Meunier wrote:
> The same thing happens if I first move foo to / and add / at the
> beginning of $PATH, so it's not a permission problem with
> /home/meunier/bin, and foo itself has permissions 777.
> If I first move foo to /bin then doas(1) finds foo without problem.
5.8 was a little too
ng.somewhere 5.8 GENERIC#1066 i386
> $ cat /etc/doas.conf
> permit :wheel
> $ egrep wheel /etc/group
> wheel:*:0:root,meunier
> $ doas /home/meunier/bin/foo
> Password:
> it works!
> $
>
> By the way, while playing with which(1) and doas(1) and $PATH, I
> managed
For reference:
$ uname -a
OpenBSD something.somewhere 5.8 GENERIC#1066 i386
$ cat /etc/doas.conf
permit :wheel
$ egrep wheel /etc/group
wheel:*:0:root,meunier
$ doas /home/meunier/bin/foo
Password:
it works!
$
By the way, while playing with which(1) and doas(1) and $PATH, I
managed to get which(
tedu wrote:
> If you'd like to try current, it should work better for you.
Confirmed working as expected; thanks for the assistance.
Hopefully someone else will benefit from this change as well.
--avj
Adam Jeanguenat wrote:
> tedu wrote:
> > doas allows PATH to be inherited, but resets it for itself to a
> > limited set. this was so that e.g., "permit :wheel cmd ls" can't
> > be tricked by creating a symlink ls -> /bin/sh. however, if there
> > are no restrictions on the command, then the restri
tedu wrote:
> doas allows PATH to be inherited, but resets it for itself to a
> limited set. this was so that e.g., "permit :wheel cmd ls" can't
> be tricked by creating a symlink ls -> /bin/sh. however, if there
> are no restrictions on the command, then the restriction probably
> doesn't need to
Adam Jeanguenat wrote:
> I'm not sure where I'm going wrong here, but I've been giving doas(1)
> a whirl and ran into something that's left be a bit puzzled.
>
> I have some scripts in ~/bin, and my user account has PATH set
> as desired. I can run things out of that dir as expected without
> invo
I'm not sure where I'm going wrong here, but I've been giving doas(1)
a whirl and ran into something that's left be a bit puzzled.
I have some scripts in ~/bin, and my user account has PATH set
as desired. I can run things out of that dir as expected without
invoking doas, but attempting to prefix
10 matches
Mail list logo