No.
You say that, but, lennart’s Cancer is everywhere.
ok them go suffer alone in your 2004 distro that can’t update bash because it break the 400 scripts that it use to boot lmao
As the old adage goes: “All roads lead to /root”
Sometimes I really hate the utility names people come up with.
I would love to see chatgpt rename all the core utils in a way that summarizes their function.
I feel like this is well named (run as user 0) so then I’m wondering what else you dislike and what you think would be improvements?
My complaint was mostly targeting the big picture of everything living in
/bin/I inferred the ‘user 0’ thing to their credit like you, it just still felt really strange as numerals are kind of a no no when programming – you can’t begin variable and other names with them and I guess having them as a suffix feels strange too as it’s not common practice.
It will definitely be the only utility I recall that uses a numeral.
To me the whole numeral systems are archaic, User ID numbers don’t line up when transferring data from hard drives from another machine eg 1000-1005.
The numeral permission system is archaic and requires explicit knowledge to know the difference between a 7 6 and 4. In GUI Immutability is separate when it should be more integrated as a file control. The octal permissions are from another decade and modern platforms have permissions on whether a executible can access the internet, access input devices like camera or microphone, or sensitive data like contacts, pictures, etc…
I think file tagging should be greatly expanded, IDv3 meta data for example was a workaround for the limitations and the core filesystem should have robust enough tagging to make it unnecessary.
I’ll be controversial now – eliminate the . prefix to hide files. Yes I know it had been this way for decades and was grandfathered in as a feature after a bug, that should have been in the filesystem properties like chattr +I and you shouldn’t need .hidden indexes to hide files just like windows and osx litters zip files with MDF or inf or whatever (memory is fuzzy from non use).
Some people say “4 character” limit, that needs to go too – FHS naming structure is confusing and not self evident what it does to people trying to learn who already have IT training. /etc/ having 2 or more bins /bin vs /usr/bin – ‘what does usr mean the new it ponders’ ‘oh it must mean ‘user’ I guess’. – weird stuff like that.
To systemd credit they have no problem being controversial and relentlessly persuing their vision in a practical way, hell I use their stuff hapilly.
I just feel like the run0 thing is a band aid on bigger problems, and AI critique would be very fascinating to make these human interfaces you know… more for us humans :P
If not systemd, maybe the rust people or someone else will be baller enough to try to tackle these funny ackward quirks that have accumulated over the years and straighten it all out.
The one that really annoys me is using “-r” and “-R” interchangeably for recursion. Why that has stood is beyond me.
Probably: “oh we already have a
-rfor xxx, let’s do recursion with-R”
The name does do what it says & in just 4 char
But it literally is a summary.
It run’s an executable as the user with id 0 (root) and it’s called run0.
I don’t know, we’ll just have to see. But personally, I am not a fan of tying so many functionalities to systemd.
This just sounds like a a solution in search of a problem.
The original problem was to automagically prompt the user for password, if he tried to run some systemd executable without the wheel privileges. At some point they decided to reuse the code for [a command that allows you to run stuff as root] replacement because sudo is too bloated and vulnerable.
sudo has more than 220k lines of code, I can definitely see the use of a simpler alternative.
Don’t doas already fill that gap ?
run0 is just an alias for a part of systemd, so installing doas too would be useless bloat. Another thing to note is that doas is just smaller sudo, you still wouldn’t use 99 % of its features.
edit: also from my totally surface level understanding both sudo and doas “elevate your privileges” which is supposedly unnecessary attack surface. run0 does it in a better way which I do not understand.
. run0 does it in a better way which I do not understand.
it does that in a “ssh like” that i read in the blog, they foward your commands, they don’t elevate your user, they also use polkit for security intead of sudoers
also from my totally surface level understanding both sudo and doas “elevate your privileges” which is supposedly unnecessary attack surface. run0 does it in a better way which I do not understand.
sudoanddoasare setuid binaries, a special privileged bit to tell the kernel that this binary is not run as the user starting it, but by the owner. A lot of care has to be incorporated into these to make sure you don’t escalate your privileges as the default interface is very limited, being a single bit.Another issue with this approach is that since you’re running this from your shell, the process will by default inherit all environment variables, which can be convenient, but also annoying (since a privileged process might write into your $HOME) or upright dangerous.
run0doesn’t use that mechanism.systemdis, being a service manager at its core, something launching binaries in specialized environments, e.g. it will start an nginx process under the nginx user with a private tmp, protecting the system from writes by that service, maybe restrict it to a given address family etc. So the infrastructure to launch processes – even for users viasystemd-run– is already there.run0just goes one step further and implements an interface to request to start elevated (or rather with permissions different from their own) processes from a user’s shell.Classic solutions do it like this:
- user starts binary with setuid (let’s say
sudo) that runs with root (because that’s the owner of the binary) privileges in their shell. Since this is a child process of their shell, it inherits all environment variables by default. sudochecks/etc/sudoersif that user is authorized to perform the requested action and either denies the request, performs it or asks for authentication.- a new process is spawned from it, again inheriting the environment variables that were not cleaned, as you can’t get rid of variables by forking (this is often an issue if you have services that have their secrets configured via environment variables)
With
run0:- user starts
run0binary as a user process. This process inherits the environment variables. run0forwards the user’s request via interface to the running systemd process (pid 1 I guess). That process however does not inherit any variables by default, since it was started outside the user’s shell.- systemd checks if the user who started the
run0binary is allowed to perform the requested operation and again, either denies the request, performs it or asks for authentication. - a new process is spawned from it, but it will only receive the environment variables that were explicitly requested as there’s no inheritance.
At least that’s my understanding, I haven’t looked too much into it or used it yet.
the pid1 part is wrong, only the systemd-init run in pid1, in it’s own process, own binary etc, it’s sole purpose is being an init system, after that it start the rest of the system, including the others systemd binaries
the rest is perfect thanks!, in the lennart he made a comparation with ssh were you “forward the commad to run as root”, i think it’s a good analogy
- user starts binary with setuid (let’s say
Not if no one uses it.
No one will use this either
I will use it. I don’t care what others think. People can use su, sudo, doas, run0 by their choice, and I don’t see why we need a common opinion about it.
This. One thing Linux is about is personal freedom.
A lot of people are afraid of systemd expanding because systemd handles a lot of stuff, so distros are likely to support it rather than the mishmash of tools they personally prefer. It all started with the System-V/Upstart replacement and now very few distros have the patience to customise and roll out the 90s style service management anymore. Their preferences used to align with the mainstream, but no longer do these days, and that causes friction.
This process pushes people who prefer old tools to fringe distros, and newer software is less likely to work on their setups. They’re still free to use whatever system they like, of course, but the burden for developing and maintaining daemon management scripts is now on their fringe distro or themselves if their distro doesn’t have anything yet. I’d find that pretty annoying too, especially with how convoluted many older system management scripts are and how many moving parts are typically involved. Plus, some stuff like socket activation can’t even be done with some of the older init systems so people have to find alternatives.
I doubt anyone reeling against run0 was ever going to consider it anyway.
I might try run0 for fun, but I don’t think it’ll replace sudo any time soon.
The biggest issue I see is run0 purposely not copying any environment variables except forTERM.
You’d have to specify which editor to use, the current directory, stuff likePATHandHOMEevery time you run a command.Alias it to pull those in automatically?
I’m not a fan of the idea at all, but come on, it can’t really be that bad. There’s got to be somewhere you can tell it what environment variables to use. Probably something like
run0 systemd-edit /usr/system/systemd/systemrun/run0-environment --system-default=systemrun0 uses systemd-run i don’t remember you can use that directly
it can’t really be that bad.
LoL; you say that… But
Su - then
Wouldn’t it be better to just use containers then? Nix and Guix has the exact thing - you get to control what variables you want to pass in.
sudohad several severe security bugs caused by copying env variables so I’m not surprised run0 isn’t doing much of that. I’ve had to help a whole bunch of people fix the permissions/ownership on their Jo. E directory after runningsudoso I can even see the point of jot copying $HOME by default.I don’t think it’ll replace sudo necessarily, or doas would’ve done that already. It’s still useful as a shorthand for systemd-run and in some locked down system configurations I can see it being useful (i.e. when minimising the amount of SUID binaries). Maybe some elaborate enterprise setups will switch to it for security reasons, especially if they’re already leveraging PolKit heavily.
su is the best. I mean, i should be using the admin (root) password for admin things, not the user password of user who is already logged in. And there needs to be a root service already running to make user have root previlages which is dumb imo. Sudo vulnerability could cause previlage escalation but if there is no root process managing this, then it can’t leak the root access. Only kernel security issue(or other root processes) will leak root access if that was the case, which i think is better.
Completely agree with this take. There are dozens of us!
The permission to do admin things is given by the root user, to your account. So you have to verify your identity by entering your password.
Isn’t that how it is? I though that was analogous to how almost everything worked IRL. Whether withdrawing funds from a bank or engaging government services, you prove your identity as a customer/citizen to get the relevant services. At no point do you login to bank or government computers with full privileges.
If you own your own bank, then i think you login as the one with full previlages. Yes when doing administrator things, you have to use sudo. The problem with root with sudo is, you authenticate as a user, then gain full permission from root, i.e analogous to login in to bank with full previlages.
As a person who need to run
sudo commandits better to just verify yourself as root user to gain “full access”. I’m not saying about partial previlages. That is i just need a script which is just su -c with environment variables being copiedI see where you’re coming from, but in enterprise environments, you have admin accounts and root login is disabled for security purposes.
I’m going to continue to keep avoiding Poettering software for as long as he continues to act like a jackass. Even his commit messages are dripping with condescension.
You’ll have to give another example in order to support your point. Because that commit was funny!
Funny. I didn’t know a single thing about the person. But that commit message made me like him more.
Ofc assuming he was just making a light-hearted joke in it.
exactly lol
Users were complaining that their terminal transparency was being broken by the nspawn container and that the colour for other applications like tmux were being affected by it. For example tmux was appearing in the same navy blue in the terminal emulator instead of its usual green.
Idk he’s just a hot take merchant basically. He has a particular hate-boner for distros that don’t use systemd as the default init system like void and gentoo (usually these are troll tweets as opposed to commit messages though).
Idk he’s just a hot take merchant basically. He has a particular hate-boner for distros that don’t use systemd as the default init system like void and gentoo (usually these are troll tweets as opposed to commit messages though).
shut up, wtf that has todo with the commit, people who don’t use systemd it’s not going to complain about the color of something that they don’t use
shut up
lol didn’t realise Poettering had a lemmy account
What an odd and disjointed comment
As it is running sudo with a long process is annoying missing and having to reenter my password or missing and the process timing out if I go afk to wait, I can’t imagine having to type my password every few moments when I run an upgrade. Surely this is not the pitch. This is already looking dead in the water if so, and god help me if I have to remember to type run0.
No no no
It’ll be systemctl --user enable --now systemd-run0dI’m dead
Systemd, not linux
Laughs in Gentoo
systemd/Linux, or as I’ve recently taken to calling it, systemd plus Linux
Fortunately there’s still Artix GNU+Linux :)
Is it going to eventually add kernel functionality and become GNU/run0 like systemd? If not i’ll keep using sudo on Ubuntu and doas everywhere else.
I’m surprised they would implement having just run0 effectively log you in as root. For the super security conscious constrictions of the command versus sudo, it would seem that the very notion of elevating your privilege beyond the single command to be carried out, would be anathema to the whole goal of this new command. Evidently not, but it’s surprising to me.
you can run a command using run0 it’s only elevating that commads, sometimes it’s needed to login as root, it’s life
I’m trying to understand what you just wrote. Did you miss a period somewhere?
They did not miss anything. They just used commas where periods should be.
You can run a command using run0. It’s only elevating that command. Sometimes it’s needed to login as root. It’s life.
The way it is written, semi-colons may be more appropriate but that would be a lot of them.
You actually pointed out that they did, indeed, do miss a period (the one after “run0.”)
you can run a command using run0 it’s only elevating that commads,
Prompting for every single command seems like it’d suck
Yeah I mean at that point it’s redundant because you might as well type su -c “some command here”. On the other hand having such alias does no harm if you’re already using systemd.
Also, you can configure sudo to prompt every time if you really want.
I was on a system that was configured that way for “security”, so I would just ‘sudo bash’ which is obviously much safer /s.
My system is configured that way (by me) and I regularly use sudo -s.
I just want to see if there’s a root shell and not rely on some hidden timeout 🙄
The beauty of Linux at home, you get to choose what works best for you.
I’d fedora starts to use it then yeah I’ll use it but I’ll just make an alias cause muscle memory
