From ebc0fb022c48ced5e690567b3fb4186a3dfbd937 Mon Sep 17 00:00:00 2001 From: Mattias Andrée Date: Fri, 23 Jun 2023 09:11:42 +0200 Subject: First commit MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: Mattias Andrée --- README | 49 +++++++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 49 insertions(+) create mode 100644 README (limited to 'README') diff --git a/README b/README new file mode 100644 index 0000000..a77dc65 --- /dev/null +++ b/README @@ -0,0 +1,49 @@ +NAME + key2root - authenticate with a keyfile and run a process as the root user + +SYNOPSIS + key2root [-k key-name] [-e] command [argument] ... + +DESCRIPTION + The key2root utility takes a keyfile from the standard input and uses + it to authenticate the user, and if the keyfile is recognised, runs the + specified command with sanitised and updated environment variables and + with the keyfile as the standard input. + +OPTIONS + The key2root utility conforms to the Base Definitions volume of + POSIX.1-2017, Section 12.2, Utility Syntax Guidelines. + + The following option is supported: + + -e Keep the environment variables as is. Neither sanitise nor + update them. + + -k key-name + Check the input keyfile against a specific known key, rather + than checking against all known keys. + +OPERANDS + The following operands are supported: + + command + The command that shall be run with as the root user. This will + be both the process image and the process's zeroth command line + argument. + + argument ... + Command line arguments for the command to run. + +STDIN + The key2root utility uses the standard input as the authentication key + and forwards it to the command it runs upon successful authentication. + +RATIONALE + key2root is useful for scripts that require both root access and a + keyfile: it lets the user write a script that can decrypt a keyfile + and the successful keyfile decryption to testify that the user has + authenticated himself rather also requiring his password. + +SEE ALSO + key2root-addkey(8), key2root-lskeys(8), key2root-rmkey(8), asroot(8), + sudo(8), doas(1), su(1) -- cgit v1.2.3-70-g09d2