在 FreeBSD 上安裝 doas
您好,我是無能。
FreeBSD 也可以使用 sudo,但在命令操作中,例如在終端機上,如果旁邊的標籤頁正在 GNU/Linux 環境下工作,並且 FreeBSD 也可以使用相同的 sudo 命令執行,則可能會發生意外操作。因此,為了安全起見,我將使用 doas 來禁用 sudo 的管理員權限執行。
這似乎在 FreeBSD 論壇中也引起了討論。
使用 pkg 安裝
# pkg install doas
Updating FreeBSD repository catalogue...
Fetching data.pkg: 100% 7 MiB 7.5MB/s 00:01
Processing entries: 100%
FreeBSD repository update completed. 35521 packages processed.
All repositories are up to date.
The following 1 package(s) will be affected (of 0 checked):
New packages to be INSTALLED:
doas: 6.3p12
Number of packages to be installed: 1
24 KiB to be downloaded.
Proceed with this action? [y/N]: y
[1/1] Fetching doas-6.3p12.pkg: 100% 24 KiB 24.6kB/s 00:01
Checking integrity... done (0 conflicting)
[1/1] Installing doas-6.3p12...
[1/1] Extracting doas-6.3p12: 100%
=====
Message from doas-6.3p12:
--
To use doas,
/usr/local/etc/doas.conf
must be created. Refer to doas.conf(5) for further details and/or follow
/usr/local/etc/doas.conf.sample as an example.
Note: In order to be able to run most desktop (GUI) applications, the user
needs to have the keepenv keyword specified. If keepenv is not specified then
key elements, like the user's $HOME variable, will be reset and cause the GUI
application to crash.
Users who only need to run command line applications can usually get away
without keepenv.
When in doubt, try to avoid using keepenv as it is less secure to have
environment variables passed to privileged users.
然後,編輯 /usr/local/etc/doas.conf 並寫入以下內容。
permit keepenv username
執行
現在,切換到指定用戶並嘗試執行 doas command。
$ su - username
$ doas vim /usr/local/etc/doas.conf
Password:
這樣,輸入密碼後就成功執行了。