SUBDO_ADD(8) System Manager's Manual SUBDO_ADD(8)

NAME

subdo_addinstall programs so they run as separate users

SYNOPSIS

subdo_add [-c communication] [-p package type] [-x] package[:suffix] ...

DESCRIPTION

subdo_add install packages and configure them to run as “sub” users with limited priviliges. See subdo(7).
package arguments can be either subdo(5) format package directories, standard package files (in Slackware, rpm(5), or deb(5) format), or queries to a system package manager (the pkg_add(1), pkg-add(8), pacman(8), yum(8), apt-get(8), or brew(8) commands). The package format/manager be chosen explicitly with -p and PACKAGES or inferred implicitly. See PACKAGES.
The program will be wrapped with doas(1), sudo(1), or ssh(1). This can be chosen explicitly with -c and COMMUNICATION. or inferred implicitly. See COMMUNICATION.
Set the optional [:suffix] component to create separate instances of the same subdo-wrapped package. The executables from the package will be suffixed with a colon and then the suffix; for example, the command “subdo_add firefox firefox:malware firefox:librejs subdo_add firefox:nojs” exposes executables with respective names like ~/.subdo/usr/local/bin/firefox, ~/.subdo/usr/local/bin/firefox:malware, ~/.subdo/usr/local/bin/firefox:librejs, and ~/.subdo/usr/local/bin/firefox:nojs and with corresponding users like “tlevine_firefox”, “tlevine_firefox:malware”, “tlevine_firefox:librejs”, and “tlevine_firefox:nojs”. Nothing special about firefox is configured; you can run the separate executables to configure the separate profiles.

ENVIRONMENT

SUDO_USER
If the environment variable SUDO_USER is set, use its value as the super. sudo(1) appropriately sets this variable automatically. doas(1) and ssh(1) do not have an equivalent, so you should set it in their configuration files.
LOGNAME
If the environment variable SUDO_USER is not set, use LOGNAME as the super.
COMMUNICATION
This is the default inter-user communication method. See COMMUNICATION.
PACKAGES
If PACKAGES is set, use it as the default package manager. See PACKAGES for options.

FLAGS

-c communication
Use this as the inter-user communication method rather than COMMUNICATION. See COMMUNICATION.
-p package type
Override the setting (if any) in PACKAGES. See PACKAGES. -x
Run
set -x
to print a trace to standard error.

PACKAGES

subdo_add works with several package managers.

Package types

The package format/manager can be any of the following.
subdo
The subdo(5) package directory format, for programs that are not available in your package manager or that you want to configure further
openbsd
OpenBSD package(5) through pkg_add(1) and pkg_info(1)
freebsd
FreeBSD package(5) through pkg-add(8) and pkg-info(8)
netbsd
NetBSD package(5) through pkg_add(1) and pkg_info(1)
apt
apt-get(8) and dpkg-query(1)
dpkg
deb(5) through dpkg(1) and dpkg-deb(1)
yum
rpm(8) and yum(8); dnf(8) also works because it is backwards-compatible.
rpm
rpm(5) through rpm(8)
pacman
pacman(8)
slackware
Slackware packages through installpkg(8), based on pkgtool(8)

Selection procedure

The package format/manager is chosen by this procedure.
  1. If -p is set, use its argument.
  2. If PACKAGES is set, use its value.
  3. If it is a subdo(5) package directory, use ‘subdo’ format.
  4. If dpkg(1) is available and the package is a file with name ending in ‘.deb’, use ‘dpkg’ format.
  5. If rpm(1) is available and the package is a file with name ending in ‘.rpm’, use ‘rpm’ format.
  6. If apt-get(8) is available, use ‘apt’ format.
  7. If yum(8) is available, use ‘yum’ format.
  8. If pkgtool(8) is available, use ‘slackware’ format.
  9. If pacman(8) is available, use ‘pacman’ format.
  10. Otherwise, exit with an error.

COMMUNICATION

subdo_add can configure the below inter-user communication methods. If none is set in COMMUNICATION nor -c, then subdo_add will choose the first one that is available.
doas
Wrap the program with doas(1), and update the file /etc/doas.conf.d/subdo-$SUPER in doas.conf(5) format.
sudo
Wrap the program with sudo(1), and update the file /etc/sudoers.d/subdo-$SUPER in sudoers(5) format.
ssh
Wrap the program with ssh(1), and concatenate ~$SUPER/.ssh/*.pub to create ~$SUB/.ssh/authorized_keys. Note that this communication method is not so developed as the others: First, the super user has full access to the sub users over ssh(1), rather than only having access to the executables of interest; this is usually fine, but it is different from how subdo_add configures doas(1) and sudo(1). Second, interactive terminal programs presently don't work over ssh.

SEE ALSO

subdo_delete(8), subdo(5), subdo-shell(1), subdo-utils(8), doas(1), doas.conf(5), sudo(1), sudoers(5), ssh(1), sshd(8), pw(8), useradd(8), usermod(8), groupadd(8), dscl(1), DirectoryServiceAttributes(7), setuid(2)

EXIT STATUS

The subdo utility exits 0 on success, and >0 if an error occurs.
February 28, 2018 OpenBSD 6.2