Most active commenters
  • withinboredom(4)

←back to thread

Run0, a systemd based alternative to sudo, announced

(mastodon.social)
466 points CoolCold | 14 comments | 29 Apr 24 23:59 UTC | HN request time: 0s | source | bottom
Show context
fn-mote ◴[30 Apr 24 16:01 UTC] No.40212557[source]
Overall, this seems great.

However...

> [...] by default it will tint your terminal background in a reddish tone while you are operating with elevated privileges

?!! ouch ... seems orthogonal to the actual important parts.

Disclaimer: I didn't try it.

replies(4): >>40212686 #>>40215695 #>>40219040 #>>40225604 #
NekkoDroid ◴[30 Apr 24 16:15 UTC] No.40212686[source]
I tried it a bit ago (when it was still called uid0, pre-release), I also wasn't a fan of the tinting.

I like the intent behind it, but some terminals already tint the header color when running sudo, I haven't tested if its done specifically for sudo or if its in a more generic way that could handle this as well.

replies(2): >>40212858 #>>40213006 #
1. withinboredom ◴[30 Apr 24 16:39 UTC] No.40213006[source]
I can think of a number of things this tinting would break.
replies(2): >>40213766 #>>40216548 #
2. lupire ◴[30 Apr 24 17:45 UTC] No.40213766[source]
Can you name any?
replies(4): >>40216039 #>>40217253 #>>40217645 #>>40221935 #
3. dsr_ ◴[30 Apr 24 20:38 UTC] No.40216039[source]
The user's choice of color schemes.
4. seanc ◴[30 Apr 24 21:24 UTC] No.40216548[source]
It violates the principle of Least Surprise; if I'm invoking run0 I'm expecting it to run my program with a different UID and return the same stdout I'd have gotten if I had just run the program in my shell. Not inject a whole bunch of color control bytes in there. Which hopefully my terminal will handle. Unless it doesn't.

I'll give them the benefit of the doubt and assume they only do this if $TERM supports color. But still. That $TERM variable can surprise a poor programmer in all sorts of ways.

replies(2): >>40217545 #>>40217883 #
5. shiomiru ◴[30 Apr 24 22:34 UTC] No.40217253[source]
If the program you're running prints red text, then you get red bgcolor with red fgcolor. Good luck reading that.

(Also, users with the wrong color scheme get that experience by default. Though that is a niche use case enough that I'd be surprised if systemd devs cared about it.)

6. 10000truths ◴[30 Apr 24 23:03 UTC] No.40217545[source]
Any sane command line program will only output color codes if isatty(STDOUT_FILENO) succeeds.
replies(1): >>40217597 #
7. withinboredom ◴[30 Apr 24 23:11 UTC] No.40217597{3}[source]
That can succeed in a number of cases, where it actually isn't a tty with a user on the other end of it. There are a number of internal tools at work that only output logging if there is a tty and thus are run in their cronjobs with a tty. If there were unexpected color outputs in the logs, that would suck since the log aggregators probably wouldn't know what to do with it.
8. withinboredom ◴[30 Apr 24 23:18 UTC] No.40217645[source]
Containers run with a tty attached but no console on the other end and then trying to read the logs, for starters. Additionally, as mentioned, conflicts with the user's color scheme or even the program's. Further, it's possible to do this without the help of run0, so I suspect users already doing that are going to get their colors messed up and be annoyed. For example, prod machines are usually red, and running as root on a prod machine is royal purple. If this is used, seeing a red background instead of a purple one is likely non-desirable.
9. zeroimpl ◴[30 Apr 24 23:50 UTC] No.40217883[source]
But sudo already doesn’t do that either. Eg sudo may ask for a password, and output some control sequences which hide the text so your password is not visible.

This feels like much ado about nothing.

Edit: Also don’t forget the “with great power comes great responsibility” blurb that sudo likes to output. I know that doesn’t happen in scripts when output is redirected, but I’m sure run0 will figure that out too.

replies(2): >>40218131 #>>40220144 #
10. dijit ◴[01 May 24 00:26 UTC] No.40218131{3}[source]
asking for a password to do an authenticated action is about as far away from surprising as I can legitimately reason about.

The contextual blurb does have a way of disabling it in a persistent config, which is easy enough to set. It also goes to stderr and not stdout and does nothing to alter the output of the command itself.

It also does not show if you have NOPASSWD: set in your sudoers. So even less surprising.

11. withinboredom ◴[01 May 24 06:22 UTC] No.40220144{3}[source]
> sudo may ask for a password, and output some control sequences which hide the text so your password is not visible.

You can turn this off for certain users and/or programs.

12. snvzz ◴[01 May 24 11:43 UTC] No.40221935[source]
XMODEM and the like expect the terminal stream to not have garbage added by e.g. run0.

The terminal line should be clean between XMODEM at the terminal emulator and at the client end.

replies(1): >>40256515 #
13. throwaway7356 ◴[04 May 24 10:35 UTC] No.40256515{3}[source]
Is xmodem still used outside of computer museums (including private computer museums)?
replies(1): >>40262973 #
14. snvzz ◴[05 May 24 07:25 UTC] No.40262973{4}[source]
It's e.g. still very popular with embedded development. One example: u-boot supports it.

It is the easiest way to upload an image to u-boot, as it does use the same terminal, thus there is no need to set up a secondary path; If you can talk with the u-boot CLI, you can also upload with xmodem.