Updates to documentation and doasedit

This release focuses on fixing issues with the doasedit script which is used to more safely edit files as another user. The main change is doasedit now properly handles situations where the full path name of a text file is used, in other words path names with a leading slash character, like "/etc/doas.conf".

Also updated manual page to indicate limitations when using piping on Linux.

Cleaned up error checking when dealing with temporary text files.

Make sure doasedit can handle filenames starting with a dash

This is a minor update which just affects the doasedit script, a utility to help the user cleanly edit files as another user.

In the past, doasedit would fail if the filename we were trying to edit started with a dash character (such as -bar.txt or -config.txt). It would also fail ungracefully if the user did not have permission to create a temporary file.

Now doasedit will exit gracefully with a useful error message if we are unable to create temporary files. It will also handle filenames with a leading dash.

Make sure target username is initialized

This is a minor fix to the previous check that handled multiple usernames with a single UID. It was possible for the target username in this case to not be properly initialised (depending on code path and compiler settings)/ Helmat has introduced a correction for this to make sure the target name is always initialized properly.

Fix for working with systems with multiple usernames for the same UID

Adjust doas to look up target shell information based on username instead of numeric UID. This makes using doas smoother on systems like FreeBSD where it's common to have multiple usernames for UID 0 (zero). Thanks to helmat for the patch.

Updated manual pages to explain how doas handles situations where multiple usernames match one UID.

Respecting login class resource limits

In FreeBSD issue #256233, it was reported that doas was not respecting login limits/restrictions when the target user has a login class with rules specified in /etc/login.conf. This issue was confirmed and it meant the original user (the one running doas) could side-step resource limitations (such as memory and CPU limits).

This issue has been addressed and limits listed in login.conf on FreeBSD are now respected. It was suggested environment variables defined in login.conf should also be respected. FreeBSD allows variables like TERM, timezone, and language (LANG) to be defined in login.conf. After some consideration and testing it was decided to not apply these environment variables as it complicates the code, appears to not match the original OpenBSD design, and environment variables can be defined in doas.conf. However, as this default behaviour may confuse people, a note regarding the limits of the "doas -S" command has been added to the program's manual page.

This release also accompanies a patch to FreeBSD's port which addresses a missing path substitution during the build process on FreeBSD. Other platforms should not be affected.

Added tool to edit and check doas.conf

This release introduces a new utility called vidoas (vi doas). This tool is a shell script which creates a copy of the doas.conf file, allows the admin to edit the file, and then checks its syntax for errors. If a problem is found, vidoas reports which line the error was on and asks us to try editing the file again. Once the new doas.conf file contains the proper syntax, it is installed and overwrites the old doas.conf file.

This tool is designed to assist admins and avoid introducing errors to doas.conf which might accidentally revoke admin access to the machine.

Double-dash no longer needed on Linux

In this release, we work around a quirk of the GNU parameter parser which required us to use double-dashes (--) after doas's parameters and before a target command's parameters. In the past we used "doas -- pacman -Syu" and now we can use simply "doas pacman -Syu".

This change affects only GNU/Linux systems, other platforms like FreeBSD, NetBSD, etc already had this behaviour.

Added interactive login shell option

This release introduces a few minor changes:

1. Added command line parameter (-S) which launches an interactive shell. This is equivalent to "su -l" or "sudo -i".

2. Updated documentation to include the new -S flag.

3. Updated documentation to assist users in installing doas on some Linux distributions, such as CentOS, that prevent PAM authentication from working by default.

Added example PAM configuration file for FreeBSD

This release simply adds a new sample PAM configuration file for FreeBSD (and compatible systems). The new sample configuration file is named campat/pam.conf.freebsd.

Keeping environment variables with keepenv

On some platforms (seemingly Linux and macOS) it is possible for repeated calls to getpwuid() can over-write the original struct passwd structure. (This behaviour may vary depending on which C library is used. This can lead to the original user's environment data being overwritten by the target user's, even when "keepenv" is
specified in the doas.conf file.

We now do a deep copy of the original and target users' struct passwd information to avoid over-writing the original on platforms where libc uses a static area for all calls.