commit 45b802a030ade925dbff39af816671b3f9eedd81
parent 025db698803cbd722444ba2745ead9a5c51efcb4
Author: tedu <tedu>
Date: Fri, 21 Jun 2019 17:02:27 +0000
tweak wording a bit. always talk about creating a new environment. also document DOAS_USER. ok deraadt jmc
Diffstat:
2 files changed, 9 insertions(+), 16 deletions(-)
diff --git a/doas.1 b/doas.1
@@ -39,7 +39,7 @@ or
.Fl s
is specified.
.Pp
-By default, the environment is reset.
+By default, a new environment is created.
The variables
.Ev HOME ,
.Ev LOGNAME ,
@@ -50,6 +50,9 @@ and
and the
.Xr umask 2
are set to values appropriate for the target user.
+.Ev DOAS_USER
+is set to the name of the user executing
+.Nm .
The variables
.Ev DISPLAY
and
diff --git a/doas.conf.5 b/doas.conf.5
@@ -49,22 +49,11 @@ The user is not required to enter a password.
After the user successfully authenticates, do not ask for a password
again for some time.
.It Ic keepenv
-The user's environment is maintained.
-The default is to retain the variables
-.Ev DISPLAY
-and
-.Ev TERM
-from the invoking process, reset
-.Ev HOME ,
-.Ev LOGNAME ,
-.Ev PATH ,
-.Ev SHELL ,
-and
-.Ev USER
-as appropriate for the target user, and discard the rest of the environment.
+Environment variables other than those listed in
+.Xr doas 1
+are retained when creating the environment for the new process.
.It Ic setenv { Oo Ar variable ... Oc Oo Ar variable=value ... Oc Ic }
-In addition to the variables mentioned above, keep the space-separated
-specified variables.
+Keep or set the space-separated specified variables.
Variables may also be removed with a leading
.Sq -
or set using the latter syntax.
@@ -74,6 +63,7 @@ is a
.Ql $
then the value to be set is taken from the existing environment
variable of the indicated name.
+This option is processed after the default environment has been created.
.El
.It Ar identity
The username to match.
