opendoas: Update config file

This commit is contained in:
Dylan Araps 2020-05-18 10:59:34 +03:00
parent 8af40fd4dc
commit 91609b534f
No known key found for this signature in database
GPG Key ID: 46D62DD9F1DE636E
2 changed files with 19 additions and 11 deletions

View File

@ -1,2 +1,2 @@
baf5a2c73116781519cf03b5b9147eee8db69e8b052eaa81caf093107226b4fe v6.6.1.tar.gz
677b59e402a1b4dbdd119d5a8bc4c6c27315419feaefc9e06f7b3f43b0b9dd39 doas.conf
846a251c646e61329086eda6abde26329f5a358d5eeab1a0f075db36e5997687 doas.conf

View File

@ -2,21 +2,29 @@
# Priority increases with linenumber.
# See doas.conf(5) for details.
#permit :wheel
#permit nopass root
# permit persist :wheel
# permit nopass root
# KEEP THIS AT THE BOTTOM.
# This config file isn't very powerful at all compared to
# the likes of sudo's. It's very difficult to tell it that
# we want to permit running the package manager and package
# manager alone (hence the 'git'/'env' listings).
#
# Further, the 'persist' feature is too strict and will beg
# you for a password every time 'doas' is run from a script`.
# Despite sudo's complexity, I recommened it over doas for
# better control.
#
# I'm working on a better overall solution.
# Allow wheel to run kiss with password required.
# NOTE: The setenv { ... } is required for the package manager.
# permit keepenv setenv { HOME KISS_PATH KISS_FORCE } :wheel cmd kiss
# permit :wheel cmd git args fetch
# permit :wheel cmd git args diff
# permit :wheel cmd git args merge
# permit persist :wheel cmd env
# permit persist :wheel cmd git args fetch
# permit persist :wheel cmd git args diff
# permit persist :wheel cmd git args merge
# Allow wheel to run kiss without a password.
# NOTE: The setenv { ... } is required for the package manager.
# permit nopass keepenv setenv { HOME KISS_PATH KISS_FORCE } :wheel cmd kiss
# permit nopass :wheel cmd env
# permit nopass :wheel cmd git args fetch
# permit nopass :wheel cmd git args diff
# permit nopass :wheel cmd git args merge