I will use it. I don’t care what others think. People can use su, sudo, doas, run0 by their choice, and I don’t see why we need a common opinion about it.
If you make users sign in too much, they will just make their passwords short and easy to remember, even 24hrs is too much and people bitch about it all the time, especially since we have password managers enforced, meaning every time they need to Auth they need to Auth into their system, Auth into their password manager, copy the password, auth into their phone, look at the 2FA code and type that in.
Doing this every day just to open email is understandably fucking enraging even to me as a security “”“engineer”“”/analyst/${bullshitblueteamemailreaderjob}
Press it harder and they will use simple passwords that will inevitably be passed through to something external (e.g. cockpit which even I can bruteforce) or reused somewhere at some point, and then someone just has to get lucky once and run whatever
run0 sudo su <reverse shell bs here>to bypass all protections.or reused
somewhereeverywhereat some pointconstantlyI agree with you. If i had to add my password everytime I’d just add my personal account to sudo group.
Good security works with people, not against them.
SELinux has left the chat.
su is the best. I mean, i should be using the admin (root) password for admin things, not the user password of user who is already logged in. And there needs to be a root service already running to make user have root previlages which is dumb imo. Sudo vulnerability could cause previlage escalation but if there is no root process managing this, then it can’t leak the root access. Only kernel security issue(or other root processes) will leak root access if that was the case, which i think is better.
Completely agree with this take. There are dozens of us!
I don’t know, we’ll just have to see. But personally, I am not a fan of tying so many functionalities to systemd.
Prompting for every single command seems like it’d suck
Also, you can configure sudo to prompt every time if you really want.
I was on a system that was configured that way for “security”, so I would just ‘sudo bash’ which is obviously much safer /s.
My system is configured that way (by me) and I regularly use sudo -s.
I just want to see if there’s a root shell and not rely on some hidden timeout 🙄
The beauty of Linux at home, you get to choose what works best for you.
Yeah I mean at that point it’s redundant because you might as well type su -c “some command here”. On the other hand having such alias does no harm if you’re already using systemd.
Meaning, run0 is overengineered too?
no? it an alias to systemd-run, you can call an alias bloated
imo it’s kinda like bash’s bloatness. Sure, I’d use a less bloated shell but I need bash as a bash interpreter regardless, so using a smaller shell would actually be more bloat. In a similar way you already have systemd, so you don’t really gain any more bloat by having this alias for systemd-run or how it’s called.
No, like, alternatives to systemd-stuff often do the same job in 1/3 or 1/10 the code.
Sure, but that is just unnecessary bloat if you already have the systemd-stuff installed.
but with only 1/20 of it’s capabilities lmao
80/20 you know? :) like in sudo vs. doas.
And no. Maybe Runit. Dinit, hard to say. S6 has no need for sockets but still implements it.
I’m surprised they would implement having just run0 effectively log you in as root. For the super security conscious constrictions of the command versus sudo, it would seem that the very notion of elevating your privilege beyond the single command to be carried out, would be anathema to the whole goal of this new command. Evidently not, but it’s surprising to me.
you can run a command using run0 it’s only elevating that commads, sometimes it’s needed to login as root, it’s life
I’m trying to understand what you just wrote. Did you miss a period somewhere?
I’m going to continue to keep avoiding Poettering software for as long as he continues to act like a jackass. Even his commit messages are dripping with condescension.
Funny. I didn’t know a single thing about the person. But that commit message made me like him more.
Ofc assuming he was just making a light-hearted joke in it.
Users were complaining that their terminal transparency was being broken by the nspawn container and that the colour for other applications like tmux were being affected by it. For example tmux was appearing in the same navy blue in the terminal emulator instead of its usual green.
Idk he’s just a hot take merchant basically. He has a particular hate-boner for distros that don’t use systemd as the default init system like void and gentoo (usually these are troll tweets as opposed to commit messages though).
Idk he’s just a hot take merchant basically. He has a particular hate-boner for distros that don’t use systemd as the default init system like void and gentoo (usually these are troll tweets as opposed to commit messages though).
shut up, wtf that has todo with the commit, people who don’t use systemd it’s not going to complain about the color of something that they don’t use
What an odd and disjointed comment
shut up
lol didn’t realise Poettering had a lemmy account
exactly lol
You’ll have to give another example in order to support your point. Because that commit was funny!
I’ll stick with doas
Speaking of doas, is there any advantage of using it when… sudo is still available to be used? I agree that most of the stuff we require to use doesn’t need all the options sudo as, but if it is for the sake of security, maintenance, and stability… is there any reason to use doas ON TOP of the already setup sudo or su? In the past, I even tried to just apply a simple alias to replace sudo with doas, but numerous scripts and programs when trying to request explicit super-user permissions, just didn’t know what to do with doas as expected, so this ain’t it.
Speaking of doas, is there any advantage of using it when… sudo is still available to be used?
I like that its configuration file is very very simple.
When was the last time you had to edit sudo configuration file ? Same goes for doas. It’s has nothing going for, for the majority of desktop Linux users (from what I got as an answer)
A month ago or so to be able to use zramen without root password.
I agree that most of the stuff we require to use doesn’t need all the options sudo as
Main reason of using doas
but numerous scripts and programs when trying to request explicit super-user permissions, just didn’t know what to do with doas as expected
I’ve only found one software like that and it’s tipi, and it’s kinda dumb for a software to require such a easily replacable software. Also how openbsd users are supposed to do ? Having both doas and sudo on their machine which is unnecessary bloat ?
Sure do confirm that hard-coded sudo requirements are kinda dumb. But this proove systemd point. BSD mainly use doas. Linux mainly use sudo. Why not have an universal method for true cross-platform compatibility ? (Yes, I know plenty prefer or explicitly are against the usage of systemd suite of software, was pointing out systemd main reason of planning to propose an another standard, regardless if it will be popular or not)
Sometimes I really hate the utility names people come up with.
I would love to see chatgpt rename all the core utils in a way that summarizes their function.
The name does do what it says & in just 4 char
The one that really annoys me is using “-r” and “-R” interchangeably for recursion. Why that has stood is beyond me.
Probably: “oh we already have a
-rfor xxx, let’s do recursion with-R”
But it literally is a summary.
It run’s an executable as the user with id 0 (root) and it’s called run0.
As the old adage goes: “All roads lead to /root”
Is it going to eventually add kernel functionality and become GNU/run0 like systemd? If not i’ll keep using sudo on Ubuntu and doas everywhere else.
deleted by creator
