doas
| Crates.io | doas |
| lib.rs | doas |
| version | 0.1.0 |
| created_at | 2026-01-16 08:06:45.967096+00 |
| updated_at | 2026-01-16 08:06:45.967096+00 |
| description | A Rust implementation of doas, a minimal sudo alternative with PAM authentication |
| homepage | https://github.com/hkwk/doas |
| repository | https://github.com/hkwk/doas |
| max_upload_size | |
| id | 2048149 |
| size | 17,360 |
Kunlun Huang (hkwk)
documentation
https://docs.rs/doas
README
doas
A Rust implementation of doas, an alternative to sudo for running commands as other users.
Features
- Simple configuration file syntax
- Supports permit/deny rules with options like nopass, keepenv
- PAM authentication
- Unix-like systems only
Installation
-
Build the project:
cargo build --release -
Install the binary:
sudo cp target/release/doas /usr/local/bin/ sudo chown root:root /usr/local/bin/doas sudo chmod 4755 /usr/local/bin/doas -
Create config file:
sudo mkdir -p /usr/local/etc sudo cp doas.conf.sample /usr/local/etc/doas.conf sudo chown root:root /usr/local/etc/doas.conf sudo chmod 600 /usr/local/etc/doas.conf -
Edit the config file to add rules, e.g.:
permit yourusername as root
Usage
doas command [args...]
doas -u user command [args...]
Configuration
The config file is located at /etc/doas.conf or /usr/local/etc/doas.conf.
Syntax:
permit [nopass] [keepenv] [nolog] identity as target
permitordenynopass: no password requiredkeepenv: keep environment variablesnolog: don't logidentity: the user who can runtarget: the user to run as
Security
The binary must be setuid root to function properly. Ensure the config file is only readable by root.