In case `cmd' and `args' in doas.conf(5) do not match, the generated
log message is unclear and might be read as if the command executed but
failed, i.e. returned non-zero:
# cat /etc/doas.conf
permit nopass kn cmd echo args foo
$ doas echo foo
foo
$ doas echo bar
doas: Operation not permitted
The corresponding syslog(3) messages from /var/log/secure:
Oct 9 01:05:14 eru doas: kn ran command echo foo as root from /home/kn
Oct 9 01:05:20 eru doas: failed command for kn: echo bar
The following reads unambiguous and better matches the EPERM wording:
Oct 9 01:05:20 eru doas: command not permitted for kn: echo bar
Feedback? OK?
Index: doas.c
===================================================================
RCS file: /cvs/src/usr.bin/doas/doas.c,v
retrieving revision 1.82
diff -u -p -r1.82 doas.c
--- doas.c 18 Oct 2019 17:15:45 -0000 1.82
+++ doas.c 8 Oct 2020 22:59:45 -0000
@@ -396,7 +396,7 @@ main(int argc, char **argv)
if (!permit(uid, groups, ngroups, &rule, target, cmd,
(const char **)argv + 1)) {
syslog(LOG_AUTHPRIV | LOG_NOTICE,
- "failed command for %s: %s", mypw->pw_name, cmdline);
+ "command not permitted for %s: %s", mypw->pw_name, cmdline);
errc(1, EPERM, NULL);
}
