|
OpenBSD Security Functionally paranoid! |
|
Thread Tools | Display Modes |
|
||||
No, I meant the last config you posted. Above my reply:
Code:
$ cat /etc/doas.conf permit myusername as root cmd /usr/sbin/syspatch Code:
doas /usr/sbin/syspatch edit: Did you just delete your message, mate? Last edited by fvgit; 18th October 2018 at 10:31 PM. Reason: Presumably bsd007's previous message was deleted |
|
||||
Quote:
Mind you that I'm still on 6.3. Haven't had time to upgrade, yet. |
|
||||
Code:
$ doas /usr/sbin/syspatch doas: Operation not permitted doas(1) asks for myusername's password, not root's password. Edit : also, you can add nopass to the doas.conf file, but it will lacks security. Now I assume it'll be ok with syspatch... Code:
permit nopass myusername as root cmd /usr/sbin/syspatch
__________________
ThinkPad W500 P8700 6GB HD3650 - faultry ThinkStation P700 2x2620v3 32GB 1050ti 3xSSD 1xHDD Last edited by LeFrettchen; 19th October 2018 at 12:31 AM. Reason: nopass |
|
||||
Quote:
doas: Operation not permitted. Please dont misunderstand but I dont want to take the "nopass" route as it compromises security. |
|
|||
Are you guys removing your user's access and just adding the line for syspatch or are you just tacking on the syspatch line?
It "works" if I just tack on the syspatch line because my usual "allow everything" still matches. If you restrict the user to only /usr/sbin/syspatch, the user needs to run exactly '/usr/sbin/syspatch'. Just 'syspatch' doesn't work. Use the full path. EDIT: Sorry, I just re-read the thread. I guess that doesn't work for bsd007. |
|
||||
OK, after trying, nope it's not a password issue.
A password issue gives a doas: Authorization failed message. Be sure your user is the good one.
__________________
ThinkPad W500 P8700 6GB HD3650 - faultry ThinkStation P700 2x2620v3 32GB 1050ti 3xSSD 1xHDD Last edited by LeFrettchen; 18th February 2020 at 11:10 PM. Reason: Deleting useless stuff... |
Thread Tools | |
Display Modes | |
|
|
Similar Threads | ||||
Thread | Thread Starter | Forum | Replies | Last Post |
syspatch cron job | bsdsource | OpenBSD General | 4 | 29th June 2018 04:05 PM |
syspatch on only two architectures? | pawkolor | OpenBSD General | 9 | 22nd October 2017 05:39 PM |
syspatch appears to get stuck | Prevet | OpenBSD Installation and Upgrading | 1 | 9th October 2017 07:37 PM |
DOAS(1) rules | jjstorm | OpenBSD General | 8 | 11th April 2016 08:09 PM |
doas package | Peter_APIIT | OpenBSD General | 2 | 1st November 2015 07:45 AM |