How to check permissions of a non sudoers user with full root access?
doas is a
sudo-like command recently packaged in Debian 12, Ubuntu Jammy (universe) and some other Linux distros.
A non sudoers user (
doasuser) can be added to
/etc/doas.conf to be granted root access. Detailed instructions on Debian Wiki.
doasuser isn’t a member of any group. If you grant root access to
doasuser, this information isn’t synchronized with
sudo (seen as unprivileged user).
doas only comes with a binary program, a PAM configuration file and
/etc/doas.conf, a superuser can’t find the permissions of the
Is there any command line to check the permissions of
As far as I understood this question, there is a program named
doas which can be used similar to
sudo. The simple command that can be used to check if a user has root privileges is the following (in shell scripting):
if [ "$(id -u)" != "0" ]; then
# the user is not root
The same above command can be used both for
id is a command which is used to print real and effective user and group IDs; specifically,
id -u prints only the effective user ID. If the user has root permissions, their effective ID will be
doas doesn’t provide a command to list all the privileges it grants to a given user; all you can do is check whether a given command is permitted for the current user:
doas -C /etc/doas.conf some command
will tell you if, given the settings in
/etc/doas.conf, the current user would be allowed to run
some command (and whether or not the user would be asked for a password to do so).
From the perspective of a “superuser”, this means that you’d need to switch to the
doasuser’s identity, then run
doas -C as above to check the privileges.
doas are separate tools, so it’s not surprising that
sudo isn’t aware of
doas configuration (and vice versa). You should really only use one on any given system.