On Mon, Apr 04, 2016 at 12:26:50AM +0200, Tim van der Molen wrote: > Philip Guenther (2016-04-01 23:47 +0200): > > Sooo close. To quote doas.conf(5): > > > > The rules have the following format: > > > > permit|deny [options] identity [as target] [cmd command [args > > ...]] > ... > > 'args' is *literal* there, so the correct config line would be > > permit nopass support as root cmd /usr/sbin/rcctl args restart ntpd > > I think doas.conf(5) is misleading here: the ellipsis in "args ..." > implies that "args" is an argument that may be given multiple times. > > Hence "args ..." should be replaced by "args [arg ...]" as done in the > diff below. (Unfortunately, with this diff the rule format will no > longer fit on one line.) >
it is a bit inconsistent, yes. it is very much less readable with a line break. you could remove the offset, but that doesn;t look great either. you could specify a smaller offset and juggle the actual text a bit. the text is clear enough. i don;t really have a problem with what's there. at least, i don;t see an easy way to both make the change you're requesting and have it still read nicely. jmc > Index: doas.conf.5 > =================================================================== > RCS file: /cvs/src/usr.bin/doas/doas.conf.5,v > retrieving revision 1.18 > diff -p -u -r1.18 doas.conf.5 > --- doas.conf.5 2 Jan 2016 08:34:47 -0000 1.18 > +++ doas.conf.5 3 Apr 2016 22:25:17 -0000 > @@ -35,7 +35,7 @@ The rules have the following format: > .Op Ar options > .Ar identity > .Op Ic as Ar target > -.Op Ic cmd Ar command Op Ic args ... > +.Op Ic cmd Ar command Op Ic args Op Ar arg ... > .Ed > .Pp > Rules consist of the following parts: > @@ -78,7 +78,7 @@ Be advised that it's best to specify abs > If a cmd is specified, only a restricted > .Ev PATH > will be searched. > -.It Ic args ... > +.It Ic args Op Ar arg ... > Arguments to command. > If specified, the command arguments provided by the user > need to match for the command to be successful.