Hi everyone, first off, thanks for the constructive feedback on my proposal. I know that opendoas is quite new in the field and, being an OpenBSD project, is only documented in the manpages. Even the ArchWiki-Team seems to only link to OpenBSD for documentation matters. But with all the rethinking of certain facilities, take iwd for wpa_supplicant, or systemd-networkd for certain networkmanager-applications, I felt it was a good idea to bring opendoas in scope as revamped "diet" sudo. But taking in consideration that certain features seem to be not fully shaped out yet, I see that it would have been too early including it in a core-application. Anyway if there is already a patch en route to softcode future elevation techniques, that's even better than Hardcoding another bash command into the script. I am looking forward to making good use of that patch! Cheers, DaErich Am Mi., 24. Feb. 2021 um 13:38 Uhr schrieb Allan McRae <allan@archlinux.org>:
On 23/2/21 1:07 am, Erich Ericson wrote:
The following patches should enable doas support for privilege escalation in makepkg as well as document the absence thereof in binary verification. As doas gained a little traction over the last weeks and with its presence in the official repos it seems like a cheap, yet beneficial patch to the featureset of makepkg. It might not be an exhaustive patchset as I don't know all of makepkg's and libmakepkg's intricacies, but it has been tested by me and seems to work as expected. Nonetheless those patches should "point in the right direction".
My understanding was that Eli has a patch in the works that allowed configuring the command for privilege escalation in makepkg.conf. This is my preferred approach as it avoids adding the new hotness in the future.
Allan