-
Notifications
You must be signed in to change notification settings - Fork 41
/
doas.conf
36 lines (29 loc) · 1.42 KB
/
doas.conf
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
# $OpenBSD: doas.conf,v 1.1 2016/09/03 11:58:32 pirofti Exp $
# Configuration sample file for doas(1).
# See doas.conf(5) for syntax and examples.
# Non-exhaustive list of variables needed to build release(8) and ports(7)
#permit nopass setenv { \
# FTPMODE PKG_CACHE PKG_PATH SM_PATH SSH_AUTH_SOCK \
# DESTDIR DISTDIR FETCH_CMD FLAVOR GROUP MAKE MAKECONF \
# MULTI_PACKAGES NOMAN OKAY_FILES OWNER PKG_DBDIR \
# PKG_DESTDIR PKG_TMPDIR PORTSDIR RELEASEDIR SHARED_ONLY \
# SUBPACKAGE WRKOBJDIR SUDO_PORT_V1 } :wsrc
# Allow wheel by default
permit keepenv :wheel
# Allow dsync replication
permit nopass dsync as vmail cmd /usr/local/bin/doveadm
# WKS: expire non confirmed publication requests
permit nopass setenv { HOME=/var/vmail } root as vmail cmd \
/usr/local/bin/gpg-wks-server args --cron
# WKS: List the submission key
permit nopass setenv { HOME=/var/vmail } root as vmail cmd \
/usr/local/bin/gpg2 args -K --with-wkd-hash [email protected]
# WKS: Create the submission key
permit nopass setenv { HOME=/var/vmail } root as vmail cmd \
/usr/local/bin/gpg2 args \
--batch --passphrase "" --quick-gen-key [email protected]
# WKS: Publish the submission key
permit nopass setenv { HOME=/var/vmail } root as vmail cmd \
/usr/local/bin/gpg2 args \
-o /var/lib/gnupg/wks/example.com/hu/54f6ry7x1qqtpor16txw5gdmdbbh6a73 \
--export-options export-minimal --export [email protected]