X-Git-Url: https://git.armaanb.net/?a=blobdiff_plain;f=README.md;h=b0764966b3c1314fc7a067e227b675fd072ec1c1;hb=372dde541bf0d1d3aecd560579172f8ae0573660;hp=3b54f18e070ce36425d19eb28af61ea264908779;hpb=24c8d75c7bdf3d67cbe6167b74fc5151f6d4807b;p=opendoas.git diff --git a/README.md b/README.md index 3b54f18..b076496 100644 --- a/README.md +++ b/README.md @@ -1,55 +1,31 @@ -![sandwich](https://cloud.githubusercontent.com/assets/13654546/9128676/a583cd0a-3c9a-11e5-9b4f-e03ab0ba37d7.png) +# OpenDoas +> a portable version of OpenBSD's `doas` command -Apologies to [Randall Monroe](http://www.xkcd.org/149/). +`doas` is a minimal replacement for the venerable `sudo`. It was initially [written by Ted Unangst](http://www.tedunangst.com/flak/post/doas) of the OpenBSD project to provide 95% of the features of `sudo` with a fraction of the codebase. -# OpenDoas: a portable version of OpenBSD's `doas` command +This fork insults you, similar to how `sudo` can. To enable, add the "insult" option to your `doas.conf` -`doas` is a minimal replacement for the venerable `sudo`. It was -initially [written by Ted Unangst](http://www.tedunangst.com/flak/post/doas) -of the OpenBSD project to provide 95% of the features of `sudo` with a -fraction of the codebase. +## Building and installation discouragements +There are a few steps you have to carefully consider before building and installing opendoas: -This is still a work in progress! Please do not deploy yet in a critical -environment! Of note, `doas` semantics may yet change, and I haven't -performed even a trivial security audit of my additions. - -## Building and installing - -Building `doas` should be just a simple `make` away. - -The included makefile also has an installation target. Installation -requires root access to properly set the executable permissions. You'll -also need to install a `doas.conf` file: - -``` -make && sudo make install -echo "permit :admin" | sudo tee /etc/doas.conf -``` - -Oh the irony, using `sudo` to install `doas`! +* There are less eyes on random doas ports, just because sudo had a vulnerability does not mean random doas ports are more secure if they are not reviewed. +* Use the configure script. +* Use the default make target. ## About the port +This is not an official port/project from OpenBSD! -As much as possible I've attempted to stick to `doas` as tedu desired -it. As things stand it's essentially just code lifted from OpenBSD with -PAM based authentication glommed on to it. +As much as possible I've attempted to stick to `doas` as tedu desired it. As things stand it's essentially just code lifted from OpenBSD with shadow based authentication glommed on to it. -I've used cvsync and git-cvsimport to retain the history of the core -source files. I may choose to go back and do the same with some of the -compatibility functions (such as reallocarray.c). +Compatibility functions in libopenbsd come from openbsd directly (`strtonum.c`, `reallocarray.c`, `strlcpy.c`, `strlcat.c`), from openssh (`readpassphrase.c`) or from sudo (`closefrom.c`). -I have found it necessary to make some fixes to the codebase. One was -a segfault due to differences in yacc/bison, others were just minor -fixes to warnings. Once this appears stable, I may try to upstream some -of these. +The shadow authentication code does not come from the OpenBSD project. -Currently, this is only tested on MacOSX 10.10 with Clang. My next goal -is support for Fedora Linux as well. Contributions gladly accepted. ;-) +### Persist/Timestamp/Timeout +The persist feature is disabled by default and can be enabled with the configure flag `--with-timestamp`. -## Copyright +This feature is new and potentially dangerous, in the original doas, a kernel API is used to set and clear timeouts. This API is openbsd specific and no similar API is available on other operating systems. -All code from OpenBSD is licensed under the BSD license, please see -individual files for details as the specific text varies from file to -file. +As a workaround, the persist feature is implemented using timestamp files similar to sudo. -All code I've written is licensed with the 2-clause BSD. +See the comment block in `timestamp.c` for an in-depth description on how timestamps are created and checked to be as safe as possible.