i'm fine with this nor do i have a problem with systemd in genereal
This just sounds like a bad idea, a solution in search of a problem. Sure, sudo is a setuid binary, but it's a fairly simple program, and at some point, you have to trust the code. It's also a very fundamental piece of the system that you want to always work, even (especially!) when other things get borked. The brief description of run0 already has too many potential points of failure.
sudo is a setuid binary, but it's a fairly simple program
Sudo is actually fairly huge and complex. Alternatives like
really
ordoas
orsu
are absolutely tiny by comparison.Sure, sudo is a setuid binary, but it’s a fairly simple program, and at some point, you have to trust the code.
Have to trust the code ? doas for OpenBSD was created because of issues with sudo.
Talking with deraadt and millert, however, I wasn’t quite alone. There were some concerns that sudo was too big, running too much code in a privileged process. And there was also pressure to enable even more options, because the feature set shipped in base wasn’t big enough.
it took less than a day for someone to break run0 totally open, so basically, you have a choice between a well tested/debugged sudo and this new thing which may eventually mature
As far as I know, the exploit you are referring to, wasn't actually a vulnerability. https://youtu.be/awkoa_WxFIg?feature=shared&t=659 Although feel free to correct me on that one
I've actually ran into some of those problems. If you run
sudo su --login someuser
, it's still part of your user's process group and session. With run0 that would actually give you a shell equivalent to as if you logged in locally, and manage user units, all the PAM modules.systemd-run can do a lot of stuff, basically anything you can possibly do in a systemd unit, which is basically every property you can set on a process. Processor affinity, memory limits, cgroups, capabilities, NUMA node binding, namespaces, everything.
I'm not sure I would adopt run0 as my goto since if D-Bus is hosed you're really locked out and stuck. But it's got its uses, and it's just a symlink, it's basically free so its existence is kBs of bloat at most. There's always good ol
su
when you're really stuck.I have 0 knowledge of these things, but I do know that people always comment that sudo is bloated, that nobody is truly using everything that sudo can do, only one basic command.
Fuck off Poettering. Stop trying to absorb the whole system.
EDIT: apparently systemd absorbing the whole system with it's nonstandard, monolithic nightmare is a good thing, judging from downvotes. Carry on.
Will this be an integral part of systemd, or will they release it as a separate thing? I mean, if I like it, but I'm not using systemd (I do use it, but I'm just thinking about it), could I use this run0 (horrible name) without having to buy into all of systemd?
it's just a link to systemd-run which is a part of systemd, i doubt it works separately.
but, if you use s6 as an alternative init system, s6-sudo is a somewhat equivalent aproach to how run0 works (instead of systemd-run it calls s6-ipcclient)
I personally don't have a problem with run0 over sudo, however, I don't want to have to remember to use a different command on the terminal. Just rename it "sudo", and do the new stuff with it. Just don't bother me having to remember new commands.
I really don't care about the command I use to get elevated privileges. On my Debian servers I use
su
and maybe in future, if Fedora decides to make the switch, I will userun0
.Between this and the pip install break all system packages
This has to be about the dumbest change I could possibly gather in the last 20 years of computing. I can’t even imagine breaking this many things all at once. I’m still dealing with the side effects of people’s installers from docker-compose and the pip problems - ansible will just never be the same again. Now this.
If systems begin to drop support for the previous technology you run into incompatibility problems across the board
I'm not systemd user, and I generally see this absorbing as much as possible as a terrible practice. I don't usually comment on systemd stuff, since I'm happy just not being forced to use it.
However, even though I don't use it, the decision of people managing systemd really affects non systemd users. See by succeeding in getting all major distros into become systemd distros (somehow now governed by RH, if anyone cares), everything systemd absorbs tend to leave alternatives sooner or later deprecated, or abandoned.
Even autofs is no longer part of some official repos, given systemd has its own auto mount/unmount functionality... And there are several other examples...
At any rate, hopefully the more bloated systemd, doesn't make it the more vulnerable. And also hopefully, doesn't make life worse and worse to non systemd distros and users...
BTW, before
sudo
there wassu
, so a life withoutsudo
is possible, :)