Skip site navigation (1)Skip section navigation (2)
Date:      Wed, 19 Jul 2017 00:16:08 +0800
From:      alphachi <alphachi@mediaspirit.org>
To:        Polytropon <freebsd@edvax.de>
Cc:        "list: freebsd" <freebsd-questions@freebsd.org>
Subject:   Re: security/doas can't work with zsh alias
Message-ID:  <CAJN5+GuDeemDEwoa341xrfTBgSdU3xEGOFMFMTYASosCiWa+0g@mail.gmail.com>
In-Reply-To: <CAJN5+Gu0b7qv+RrAOKM=b8N7BWGQP11QOWpFctagWVUHtwyC5g@mail.gmail.com>
References:  <CAJN5+Gu6yTYX6ePfhF7ApHtEKJq=o9DCgtyeqWdedqdEX91DQg@mail.gmail.com> <CAJN5+GuC06sfDTXZ+YjQ3yyArd-h1h9aq1DMvmXDuwfdSKezSA@mail.gmail.com> <CAJN5+GtQxRZkjk5-SXebKwApBsvsQsUFi7WHd8jow1KpeKXCCg@mail.gmail.com> <CAJN5+GtHnAt_R_pqu67H_DZLsDLkvHembCbyJ8FtxvJ=Eg3-pw@mail.gmail.com> <CAJN5+GtwrMp1bLGtWh1kCxj=HCHo9UehqCf08U+T+vO4ctozDg@mail.gmail.com> <CAJN5+Guk+-oaP-qucR8MMnMPeAtuCcDiMa8iDnmmk-O8G95bYA@mail.gmail.com> <CAJN5+GspmQpMeAq63t+V-Oq1NUW+z4fD+OG_+Qe5NYghMv3KJQ@mail.gmail.com> <CAJN5+GsVZoD3_paY8JVc7qmJDvvoPQzny1MdzD_GX+FeDuHS_A@mail.gmail.com> <CAJN5+GsFnBz2xzM+R5w81-haGODFPMQ0izAx4y5LsiaE5F17-A@mail.gmail.com> <CAJN5+Gv=pmL5dhL8kwDUps6AAB8GSg6zKjuuyC_j+_UCnSzOTg@mail.gmail.com> <CAJN5+GuSgJn_7zg0f9ipQPYA0MRJDBGhECU+Q7733z5Q28TN8g@mail.gmail.com> <CAJN5+GtxHHMR3U_3SFWW2y2sST+X2JBvy8aqdryq65mnPuecVg@mail.gmail.com> <20170627081354.bf6ae28e.freebsd@edvax.de> <CAJN5+Gu0b7qv+RrAOKM=b8N7BWGQP11QOWpFctagWVUHtwyC5g@mail.gmail.com>

Next in thread | Previous in thread | Raw E-Mail | Index | Archive | Help
This works:
% echo "alias doas=3D'doas '" >> ~/.zshrc

Thanks for the thread:
https://forums.freebsd.org/threads/61539/

2017-06-27 16:48 GMT+08:00 alphachi <alphachi@mediaspirit.org>:

> So I think the simplest approach is: run "doas -s" and stay this shell fo=
r
> dealing alias requirements.
>
> Any other ideas?
>
> 2017=E5=B9=B46=E6=9C=8827=E6=97=A5 14:13=EF=BC=8C"Polytropon" <freebsd@ed=
vax.de>=E5=86=99=E9=81=93=EF=BC=9A
>
>> On Mon, 26 Jun 2017 20:25:02 +0800, alphachi wrote:
>> > I'm preparing to migrate to doas and the following commands are my tes=
t:
>> >
>> > % cat /usr/local/etc/doas.conf
>> > permit nopass keepenv fbsd as root
>> > permit nopass keepenv root as root
>> > % id -nu
>> > fbsd
>> > % doas id -nu
>> > root
>> > % echo $SHELL
>> > /usr/local/bin/zsh
>> > % doas echo $SHELL
>> > /usr/local/bin/zsh
>> > % alias
>> > vi=3Dvim
>> > % doas alias
>> > %
>> >
>> > As this shows, doas doesn't know this alias, so "doas vi" can't invoke
>> > installed vim.
>> >
>> > Is this reasonable or just my mistake? How to enable zsh alias for doa=
s?
>>
>> A possible explanation is that the subshell that executes the
>> "alias" (internal) command provided through doas does not inherit
>> the environment that stored the alias for the user shell; in
>> such a case, root's environment (without the alias) will be
>> used while the doas shell is running, that's why the "vi=3Dvim"
>> setting is not in that environment.
>>
>> However, that exactly seems to conflict with the "keepenv"
>> option provided by doas.conf, except of course aliases are
>> being handled independently from environmental variables
>> (which the "env" in "keepenv" could refer to).
>>
>>
>>
>> --
>> Polytropon
>> Magdeburg, Germany
>> Happy FreeBSD user since 4.0
>> Andra moi ennepe, Mousa, ...
>>
>


--=20
Paranoid in Sabbath ...



Want to link to this message? Use this URL: <http://docs.FreeBSD.org/cgi/mid.cgi?CAJN5+GuDeemDEwoa341xrfTBgSdU3xEGOFMFMTYASosCiWa+0g>