2015-07-21 8:58 GMT+02:00 Manuel Giraud <[email protected]>: > "Ted Unangst" <[email protected]> writes: > >> Manuel Giraud wrote: >>> Hi, >>> >>> I've just shot myself in the foot after /etc/doas.conf tweaking. This >>> patch adds a failsafe "permit :wheel" rule in case of syntax error. Is >>> this safe enough? Should it be done elsewhere (with some kind of >>> visudo)? >> >> I think the failsafe is "run su". Since it is possible to configure doas to >> even less than "permit :wheel" this would in some cases be a fail >> open. > > You're right. I forgot about su and should have asked first. Another > question before I give this a shot: doas requires an absolute path for > command, is it feature or a behaviour that can be modified (i.e. I > prefer to type "doas mount" instead of "doas /sbin/mount")?
Ability to define alias in the doas config file might be nice. Just like ssh with the ssh_config file. -- Cordialement, Coues Ludovic +336 148 743 42
