Run0, a systemd based alternative to sudo, announced

(mastodon.social)

466 points CoolCold | 1 comments | 29 Apr 24 23:59 UTC | HN request time: 0.252s | source

Show context

ece ◴[01 May 24 01:11 UTC] No.40218434[source]▶

>>40205714 (OP) #

Over the years I've switched from various cron daemons (anacron, cronie), sysloggers (r-syslog, syslog-ng), network managers (netifrc, NetworkManager) even ssh servers/clients (dropbear, openssh), and init systems (sysvinit, openrc) and never have I felt the need to switch to systemd despite reading some of Lennart's posts. I've used Gentoo over the years, maybe that's why.

Doas is available on Linux as a sudo alternative, I think I'll be trying that next, though I've only a limited amount of SUID binaries on my system to being with, and don't need sudo's extra features.

replies(1): >>40219096 #

korhojoa ◴[01 May 24 03:08 UTC] No.40219096[source]▶

>>40218434 #

Now if then the commands run via some kind of privilege elevation mechanism would require pledges to be used, that would be awesome: https://news.ycombinator.com/item?id=38037075

"This needs root", okay. But you only get exactly what you need.

replies(1): >>40223329 #

1. ece ◴[01 May 24 13:58 UTC] No.40223329[source]▶

>>40219096 #

It's not pledge, but firejail and other SUID binaries like it (bubblewrap, nsjail, etc..) are the only such ones on my system. It's better than grsec/chroot sandbox I used back in the day on Gentoo. I've also used shorewall, ufw, opensnitch for firewalls over the years. I could go on.

↑