1DOAS(1)                   BSD General Commands Manual                  DOAS(1)
2

NAME

4     doas — execute commands as another user
5

SYNOPSIS

7     doas [-Lns] [-C config] [-u user] command [args]
8

DESCRIPTION

10     The doas utility executes the given command as another user.  The command
11     argument is mandatory unless -C, -L, or -s is specified.
12
13     The user will be required to authenticate by entering their password,
14     unless configured otherwise.
15
16     By default, a new environment is created.  The variables HOME, LOGNAME,
17     PATH, SHELL, and USER and the umask(2) are set to values appropriate for
18     the target user.  DOAS_USER is set to the name of the user executing
19     doas.  The variables DISPLAY and TERM are inherited from the current
20     environment.  This behavior may be modified by the config file.  The
21     working directory is not changed.
22
23     The options are as follows:
24
25     -C config   Parse and check the configuration file config, then exit.  If
26                 command is supplied, doas will also perform command matching.
27                 In the latter case either ‘permit’, ‘permit nopass’ or ‘deny’
28                 will be printed on standard output, depending on command
29                 matching results.  No command is executed.
30
31     -L          Clear any persisted authentications from previous invoca‐
32                 tions, then immediately exit.  No command is executed.
33
34     -n          Non interactive mode, fail if the matching rule doesn't have
35                 the nopass option.
36
37     -s          Execute the shell from SHELL or /etc/passwd.
38
39     -u user     Execute the command as user.  The default is root.
40

EXIT STATUS

42     The doas utility exits 0 on success, and >0 if an error occurs.  It may
43     fail for one of the following reasons:
44
45     ·   The config file /etc/doas.conf could not be parsed.
46     ·   The user attempted to run a command which is not permitted.
47     ·   The password was incorrect.
48     ·   The specified command was not found or is not executable.
49

SEE ALSO

51     su(1), doas.conf(5)
52

HISTORY

54     The doas command first appeared in OpenBSD 5.8.
55

AUTHORS

57     Ted Unangst <tedu@openbsd.org>
58
59BSD                            January 16, 2021                            BSD
Impressum