From cbbdf2e13e296a577f0e161999681eec97d61cd9 Mon Sep 17 00:00:00 2001 From: Nathan Holstein Date: Wed, 5 Aug 2015 02:52:21 -0400 Subject: [PATCH 1/1] Add README.md. --- README.md | 51 +++++++++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 51 insertions(+) create mode 100644 README.md diff --git a/README.md b/README.md new file mode 100644 index 0000000..ca08ca7 --- /dev/null +++ b/README.md @@ -0,0 +1,51 @@ +# OpenDoas: a portable version of OpenBSD's `doas` command + +`doas` is a minimal replacement for the venerable `sudo`. It was +initially [written by Ted Unangst](http://www.tedunangst.com/flak/post/doas) +of the OpenBSD project to provide 95% of the features of `sudo` with a +fraction of the codebase. + +This is still a work in progress! Please do not deploy yet in a critical +environment! Of note, `doas` semantics may yet change, and I haven't +completed PAM integration yet! + +## Building and installing + +Building `doas` should be just a simple `make` away. + +The included makefile also has an installation target. Installation +requires root access to properly set the executable permissions. You'll +also need to install a `doas.conf` file: + +``` +make && sudo make install +echo "permit :admin" | sudo tee /etc/doas.conf +``` + +Oh the irony, using `sudo` to install `doas`! + +## About the port + +As much as possible I've attempted to stick to `doas` as tedu desired +it. As things stand it's essentially just code lifted from OpenBSD with +PAM based authentication glommed on to it. + +I've used cvsync and git-cvsimport to retain the history of the core +source files. I may choose to go back and do the same with some of the +compatibility functions (such as reallocarray.c). + +I have found it necessary to make some fixes to the codebase. One was +a segfault due to differences in yacc/bison, others were just minor +fixes to warnings. Once this appears stable, I may try to upstream some +of these. + +Currently, this is only tested on MacOSX 10.10 with Clang. My next goal +is support for Fedora Linux as well. Contributions gladly accepted. ;-) + +## Copyright + +All code from OpenBSD is licensed under the BSD license, please see +individual files for details as the specific text varies from file to +file. + +All code I've written is licensed with the 2-clause BSD. -- 2.39.2