I might try run0 for fun, but I don’t think it’ll replace sudo any time soon.
The biggest issue I see is run0 purposely not copying any environment variables except for TERM.
You’d have to specify which editor to use, the current directory, stuff like PATH and HOME every time you run a command.
sudo had several severe security bugs caused by copying env variables so I’m not surprised run0 isn’t doing much of that. I’ve had to help a whole bunch of people fix the permissions/ownership on their Jo. E directory after running sudo so I can even see the point of jot copying $HOME by default.
I don’t think it’ll replace sudo necessarily, or doas would’ve done that already. It’s still useful as a shorthand for systemd-run and in some locked down system configurations I can see it being useful (i.e. when minimising the amount of SUID binaries). Maybe some elaborate enterprise setups will switch to it for security reasons, especially if they’re already leveraging PolKit heavily.
I’m not a fan of the idea at all, but come on, it can’t really be that bad. There’s got to be somewhere you can tell it what environment variables to use. Probably something like run0 systemd-edit /usr/system/systemd/systemrun/run0-environment --system-default=system
Maybe, but now I still need to remember the alias or distribute it to any machine I’m working on.
Not that difficult if you have everything managed with Ansible or similar anyways, but lots of people likely don’t have that setup.
I might try run0 for fun, but I don’t think it’ll replace sudo any time soon.
The biggest issue I see is run0 purposely not copying any environment variables except for
TERM.You’d have to specify which editor to use, the current directory, stuff like
PATHandHOMEevery time you run a command.sudohad several severe security bugs caused by copying env variables so I’m not surprised run0 isn’t doing much of that. I’ve had to help a whole bunch of people fix the permissions/ownership on their Jo. E directory after runningsudoso I can even see the point of jot copying $HOME by default.I don’t think it’ll replace sudo necessarily, or doas would’ve done that already. It’s still useful as a shorthand for systemd-run and in some locked down system configurations I can see it being useful (i.e. when minimising the amount of SUID binaries). Maybe some elaborate enterprise setups will switch to it for security reasons, especially if they’re already leveraging PolKit heavily.
Su - then
Wouldn’t it be better to just use containers then? Nix and Guix has the exact thing - you get to control what variables you want to pass in.
You can’t really install packages or modify configs on the host without root. Containers can only do some parts.
I’m not a fan of the idea at all, but come on, it can’t really be that bad. There’s got to be somewhere you can tell it what environment variables to use. Probably something like
run0 systemd-edit /usr/system/systemd/systemrun/run0-environment --system-default=systemrun0 uses systemd-run i don’t remember you can use that directly
LoL; you say that… But
Alias it to pull those in automatically?
Maybe, but now I still need to remember the alias or distribute it to any machine I’m working on.
Not that difficult if you have everything managed with Ansible or similar anyways, but lots of people likely don’t have that setup.