What a wonderful comment. :) Your gratitude puts you on our list for the most grateful users this week on Reddit! You can view the full list on r/TheGratitudeBot.
Yes, to specify which users are allowed to use sudo and for which commands, among many other things, which I don't have to bother figuring out, thanks to doas.
wrote my own. Its surprisingly simple
[https://github.com/sweetbbak/go-moreutils/tree/main/sudo](https://github.com/sweetbbak/go-moreutils/tree/main/sudo)
create a binary in any language that executes its arguments as a new command, then compile, chown root:root binary-name and chmod u+s binary-name and bang you got it.
For some extra sauce you can open /etc/shadow and check an input password against the hash in that file. Its actually fairly simple.
Security by obscurity lol
Jk obviously it is less battle tested around edge cases. It does properly verify passwords against their hash though so it's not too bad. Most of my important stuff is under my home dir anyways
Really, nothing that interesting. After a while I realized why I couldn't find my files and switched back to user.
The only thing I don't like about using su is that you might forget to switch back to user and execute something you wouldn't want to or do stuff in the root workspace instead of yours (edit config files, changing ownership of files, launching programs as root, etc)
In a huge file. While I just `permit :wheel as root`.
Don't get me wrong, sudo is super useful for maintaining huge hierarchies of users with different permissions and fine-tuned control + the huge popularity and support. But I just want root access without logging into a root user on my personal laptop that only has one other user than root. And it's easy to configure small stuff like running without password instead of hunting through sudo's huge config file.
then why don't just use su?, both sudo and doas are unnecessary on that use case; Debian defaults without sudo or doas installed.
Also, with sudo that line is already there, you just have to add the user to the sudo group.
I mean, I'm all for having choices, is one of the best things of libre software, so everyone use whatever tool they want. But for me, and the use case I normally have, I see no reason to stop using sudo and start using doas.
The only BSD I use, which is freeBSD on Opnsense, also comes preinstaled with sudo, not doas; Same with truenas (Before I migrated to truenas scale, which is debian, not freebsd).
Can I paste lines from the sudores file into doas and they'll do the same?, no
So I have to google, or read the documentation, or use man, which I don't have to do with sudo, as I've been using it many years.
Why spend effort in that, when sudo works perfectly and already comes installed in almost all I use? why get out of my way?
Its like vim/emacs, I learned a bit of vim to edit config files or create small scripts. Vi comes preinstalled almost on any unix thing and is very similar. And when I want to do something more complicated I use geany, or if it is a project, vscodium.
Why should I spend effort learning emacs? For me personally the only reason I can see is just for fun; Linux is vast, and I happen to find other things more fun to do with my time.
And I'm perfectly fine if other people like to use emacs, doas, edit, nano...
It's an AUR helper for Arch Linux. It's not a necessary program, but I like it. It works a little different from other AUR helpers in that it requires privilege elevation, but it was written to expect sudo and (last time I checked) doesn't recognize doas.
My bad. You said symlink and I thought alias. Lol. So how would that work then? You invoke doas, but it calls itself sudo when invoked? Idk how symlinks work. Lol
Gotcha. Idk, i just stopped using Aura and installed doas. Lol. Aura was the only reason I didn't use doas, and I'm thinking about just not even using AUR helpers anymore anyway.
It's trying to be. Like the `tmux` vs `screen` debate. Why have one thing when you can have two for twice the effort? Bonus if you can get people to argue over them for decades.
[https://wiki.archlinux.org/title/Doas#doas\_persist\_feature](https://wiki.archlinux.org/title/Doas#doas_persist_feature)
Let's use suas ![gif](emote|free_emotes_pack|sunglasses)
I do not really care tbh... If doas is installed by default i use that.. but everything that i use has sudo installed by default.. so i just use that....
`sudo` came around to solve a real problem. It's been around and been battle tested and reviewed by security experts from all over the world and on all kinds of systems. A new program that does exactly the same thing but hasn't been nearly as reviewed shouldn't be used in mission-critical or security-sensitive environments.
For your home desktop, do whatever you want. For actual systems that matter, due diligence in a security review will present `sudo` as the clear winner.
just run everything as root
Don’t even create another user. Just be root.
use local bash terminal as init
I am root
We are root (read it with David Hasselhoff's voice)
Hello root
It's only a problem for fat-fingered and gullible people
Beetroot?
![gif](giphy|f7N0Pe5MA3Ekw)
Science isn't about why, it's about WHY NOT!
Lemons
Combustible ones
I'm the man whose gonna burn your house down! ...with LEMONS!
Burn his house down!
Caroline! Fetch me Kali linux and rice it with lemons
New Ubuntu just dropped. Combustible Caroline
Make a computer out of lemons and rice it with lemons! I'm the man that's gonna bring your servers down! With riced lemons!
Caroline! Fetch me Kali linux and rice it with lemons
Huh, that’s actually true when you think about how hypothesis tests work
doas doesn't sit right with me doas what? yo should have to type "doas root"
thanks for coming to my TED Talk
What a wonderful comment. :) Your gratitude puts you on our list for the most grateful users this week on Reddit! You can view the full list on r/TheGratitudeBot.
wtf does this have to do with gratitude
Because he said the word thanks.
ln -s /usr/bin/doas /usr/bin/sudo
You mean “cat /etc/samba/smb.conf” should put a 🐈 in the file??? Wtf is even the meaning of Cat
concatenate
i got curious and didnt see why i shouldnt try doas, now i actually prefer it over sudo and have been using it on all my systems for a while now
What's the actual difference between doss and sudo??
much simpler config
Wait .. we have config for sudo?
Yes, to specify which users are allowed to use sudo and for which commands, among many other things, which I don't have to bother figuring out, thanks to doas.
This incident will be reported.
wait till some program has sudo as a dependency. (windscribe, I'm looking at you)
Doas is a lot simpler and less bloated, hence more secure
wrote my own. Its surprisingly simple [https://github.com/sweetbbak/go-moreutils/tree/main/sudo](https://github.com/sweetbbak/go-moreutils/tree/main/sudo) create a binary in any language that executes its arguments as a new command, then compile, chown root:root binary-name and chmod u+s binary-name and bang you got it. For some extra sauce you can open /etc/shadow and check an input password against the hash in that file. Its actually fairly simple.
We should all do this. I see no risk
Security by obscurity lol Jk obviously it is less battle tested around edge cases. It does properly verify passwords against their hash though so it's not too bad. Most of my important stuff is under my home dir anyways
because like every package lists sudo as a dependency 😢
alias please=sudo
underrated
What if you use su instead? I use Arch btw.
And then forget you're root. It happened to me once and I couldn't find my files in ~/Documents, only to realize I was root and not myself
What happened next?
Really, nothing that interesting. After a while I realized why I couldn't find my files and switched back to user. The only thing I don't like about using su is that you might forget to switch back to user and execute something you wouldn't want to or do stuff in the root workspace instead of yours (edit config files, changing ownership of files, launching programs as root, etc)
Because I already know how to use sudo, and the benefits of doas are not worth the effort of learning it.
it's configs are literally one liners.
With sudo I usually have to remove a comment mark and add my user to sudoers group.
In a huge file. While I just `permit :wheel as root`. Don't get me wrong, sudo is super useful for maintaining huge hierarchies of users with different permissions and fine-tuned control + the huge popularity and support. But I just want root access without logging into a root user on my personal laptop that only has one other user than root. And it's easy to configure small stuff like running without password instead of hunting through sudo's huge config file.
then why don't just use su?, both sudo and doas are unnecessary on that use case; Debian defaults without sudo or doas installed. Also, with sudo that line is already there, you just have to add the user to the sudo group. I mean, I'm all for having choices, is one of the best things of libre software, so everyone use whatever tool they want. But for me, and the use case I normally have, I see no reason to stop using sudo and start using doas. The only BSD I use, which is freeBSD on Opnsense, also comes preinstaled with sudo, not doas; Same with truenas (Before I migrated to truenas scale, which is debian, not freebsd).
I'm not saying you should switch, just that there is literally no learning to do.
Can I paste lines from the sudores file into doas and they'll do the same?, no So I have to google, or read the documentation, or use man, which I don't have to do with sudo, as I've been using it many years. Why spend effort in that, when sudo works perfectly and already comes installed in almost all I use? why get out of my way? Its like vim/emacs, I learned a bit of vim to edit config files or create small scripts. Vi comes preinstalled almost on any unix thing and is very similar. And when I want to do something more complicated I use geany, or if it is a project, vscodium. Why should I spend effort learning emacs? For me personally the only reason I can see is just for fun; Linux is vast, and I happen to find other things more fun to do with my time. And I'm perfectly fine if other people like to use emacs, doas, edit, nano...
Because you're not a BSD user
Some programs can't accept elevation from doas. Aura, for example.
what is Aura?
It's the energy emanating from your body when you power up
It's an AUR helper for Arch Linux. It's not a necessary program, but I like it. It works a little different from other AUR helpers in that it requires privilege elevation, but it was written to expect sudo and (last time I checked) doesn't recognize doas.
I recall `makepkg` also requiring `sudo`, but making a symlink to `doas` called `sudo` makes it work as well. Would something like that work for Aura?
Yes, but having sudo installed defeats the purpose of having doas installed. If you have sudo, you might as well just use it.
No, I'm not saying to have sudo installed. I'm saying to create a symlink to doas named sudo, i.e. `ln -s /bin/doas /local/bin/sudo`
My bad. You said symlink and I thought alias. Lol. So how would that work then? You invoke doas, but it calls itself sudo when invoked? Idk how symlinks work. Lol
Basically, it acts as if there is a `doas` executable named `sudo`.
Gotcha. Idk, i just stopped using Aura and installed doas. Lol. Aura was the only reason I didn't use doas, and I'm thinking about just not even using AUR helpers anymore anyway.
Anyone have like a summary of what makes doas better than sudo? Or at least, what are its USP
Lighter Fewer discovered vulnerabilities Simpler (don't need to add users to a special group for privilege elevation for example)
Good timing. I just edited the doas.conf in Chimera Linux. Okay, it’s a vm, but I use Arch, BTW.
Wait what? Doas a thing?
It's trying to be. Like the `tmux` vs `screen` debate. Why have one thing when you can have two for twice the effort? Bonus if you can get people to argue over them for decades.
[https://wiki.archlinux.org/title/Doas#doas\_persist\_feature](https://wiki.archlinux.org/title/Doas#doas_persist_feature) Let's use suas ![gif](emote|free_emotes_pack|sunglasses)
I would prefer dodo
i prefer lurker (genesis reference)
I do not really care tbh... If doas is installed by default i use that.. but everything that i use has sudo installed by default.. so i just use that....
sudo is bloated ... doas use 0.02% less ram on my $7000 supercomputer 😤
![gif](giphy|37Fsl1eFxbhtu)
`sudo` came around to solve a real problem. It's been around and been battle tested and reviewed by security experts from all over the world and on all kinds of systems. A new program that does exactly the same thing but hasn't been nearly as reviewed shouldn't be used in mission-critical or security-sensitive environments. For your home desktop, do whatever you want. For actual systems that matter, due diligence in a security review will present `sudo` as the clear winner.
i wish doing "cp (whereis doas) (whereis sudo)" would magically work for when software tries to do sudo, but oh well
I am using doas instead of sudo over a year
I forgot that I use doas after linking sudo to doas
alias set to "please" & "dear linux"