This week's Cockpit release adds a systemd/polkit-based superuser authentication (think `run0`) as a fallback when sudo is not available/broken. It also finally removes the long-deprecated pam_cockpit_cert module.

https://cockpit-project.org/blog/cockpit-355.html

#cockpit #release #run0

Dumb thought (putting it here so that I don't forget :P)

does run0 allow to switch to nobody for non root users?

Using "sudo su - nobody -s /bin/sh" is kinda a bit annoying :p

#sudo #su #nobody #Linux #run0

Am I missing some #environmentVariable when running #dnf with #run0, it throws at me 203 #exitcode

I checked the run0 and dnf #manpage, but found nothing specific :/

Anyway, run0 still is better than #sudo, as i like having #gnome show me #polkit password dialog, and I know then at least I will enter that password into correct application.

#linux #fedora #systemd

engang for hundre år siden, da jeg først begynte med #Linux, så var liksom ikke #sudo en greie. Og så ble det det, og en del av oss himlet litt med øynene av "sudo su" og sånt, men så ble det etter hvert ganske vanlig.

Men mellom det @pid_eins har skravlet om rundt #run0, og @trifectatech sin #sudors, så er det kanskje på tide å gå tilbake til å ikke ha vanilla sudo på maskina igjen?

https://www.stratascale.com/vulnerability-alert-CVE-2025-32463-sudo-chroot

The one thing that makes systemd run0 annoying to use is that it'll ask you every time for the password. With sudo you have this 10 minutes where it won't ask again.

I know the technical reasons, but still this drives me back to sudo.

#systemd #run0 #sudo #Linux

@opensuse

Do you plan on doing more #SELinux hardening than #Fedora does?

Because how it is, SELinux on Fedora just makes #run0 a pain to use, while user processes are all unconfined, making it pretty pointless.

Or do you plan on making it user friendly?

There are many issues with #Flatpak that should be addressed. Alternatively, #UID #Sandboxing using #SimpleSandbox and SELinux could be used, which is way simpler and more secure, but relies on native packages

https://wiki.gentoo.org/wiki/Simple_sandbox

How to Use #Run0 in #Linux

https://www.maketecheasier.com/how-to-use-run0-in-linux/

Ist es möglich, run0 als eine Alternative zu sudo zu nutzen?

Die Antwort findet ihr unseren Blogbeitrag:
https://www.credativ.de/blog/credativ-inside/run0-als-sudo-alternative/

#credativ #NetApp #run0 #sudo #Debian

Discover run0 for Linux, a passwordless command execution tool. Learn its similarities and differences with sudo, security analysis, installation, and usage for daily tasks and automation.

https://linuxexpert.org/understanding-run0/

#Linux #LinuxTools #run0 #sudo #SystemAdministration #LinuxCommands #LinuxTips #RootAccess #PasswordlessCommands #Automation #Security #LinuxTutorial #TechTips #AdminTools #ITSecurity #OpenSource #LinuxLearning #DevOps #SysAdmin #LinuxCommunity

Just updated #paru to use #run0 instead of sudo on #ArchLinux. Easy peasy. 👍
https://chaos.social/@frederic/112847141891035302

@shuLhan @cazabon Well, based on my experiences with #journald as a #syslog_ng guy, my expectation is that around 5-10 years of security nightmares are about to come with #run0:

https://www.syslog-ng.com/community/b/blog/posts/systemd-journald-vs-syslog-ng

Yes, a decade later after journald arrived, I have no problem recommending it. But the first 7-8 years were catastrophic both for users and developers.

Despite what the #systemd #devs might think, "42% less #Unix philosophy" is an anti-selling-point.

"Replace #sudo with #run0, let systemd do it" - sure. Throw away a well-audited, widely-used codebase which has worked well for decades, and instead turn it into a request to a #PID 1 process that is a huge modular-but-#monolithic codebase full of constant churn which has barely been #compiled, much less #understood.

Dollars to doughnuts there are more root holes lurking in systemd than in sudo.

@fabiscafe
So now my question is, how does #run0 compare to #doas? Is it true that doas comes from the *BSD sector, however run0 is newer and from #Linux world? Also, what are the differences, other than that run0 apparently doesn't need SETUID?

Сьогодні оновився SystemD до версії 256 у якій зʼявилась заміна sudo - run0.

 $ run0 pacman -Sy

Але це повна фігня. Воно працює, але запит пароля відбувається у спливаючому графічному вікні та запит пароля відбувається щоразу. Можливо з часом щось зміниться, але поки це повна дурня.

SystemD/GNU/Linux блін.

#linux #systemd #run0 #sudo #альтернатива #systemd256

Хто використовує альтернативні системи ініціалізації (OpenRC/DInit/RunIt...), що використовуєте і чи не виникають проблеми з ПЗ?

Ok, I clearly was living under a rock. #systemd version 256 is packed with updates.

For me #run0 and capsule are the ones I'm most excited about. 😄

@pid_eins has been an incredible job cataloging it all.

https://0pointer.net/blog/announcing-systemd-v256.html

"run0 make me a sandwich" just doesn't taste the same to me.
#sudo #systemd #run0 #root

L'outil run0, le sudo de systemd... Il ressemble à quoi ?

https://peertube.pcservice46.fr/w/8KzhQA5W1nQHxFdq7cjV8t

So, what is everyone's opinion on this whole #run0 replacement for #sudo on #Linux systems? I'm not even near well enough versed in it all to know which is better or worse. I'll just use whatever my #Fedora system defaults to I'm sure. I've seen some people talk up run0 and others kind of just roll their eyes seeing that it was created by the #systemd dev - but I'm assuming those same eye rollers aren't big fans of systemd either.

@SS7 for #systemd users, it will be #run0 soon

Can somebody explain why there is so much hate for #run0? All concrete info I can find about seems to indicate that it's a good thing. And all arguments against it I can find are along the lines of #Microsoft and #RedHat getting too much power and conspiracies about backdoors and stuff. I don't get it...

#Linux #systemd