systemd is a vital init system that is integrated tightly with many popular Linux distributions out there. It provides a system and service manager that runs just after the Linux kernel initializes, acting as the first process on boot (PID 1).
It has had its share of controversies, but it is undoubtedly one of the most crucial building blocks of a Linux system.
Of similar significance is sudo, a program that many of you might already be aware of. It lets users with a lower level of security privilege run commands as root to accomplish tasks that they otherwise couldn't perform.
With a recent post on Mastodon, the creator of systemd, Lennart Poettering, announced an alternative to sudo called “run0” which aims to address a few pitfalls introduced by sudo.
Moving Away from Sudo: What's Happening?
Introduced as part of the upcoming systemd 256 release, run0 is a new tool that is a symbolic link used to fire up an existing tool called “systemd-run”. With this, you can expect similar behavior to sudo, but with the key difference of it not being a SUID binary.
How run0 works is that it sends a query to the service manager to execute a command under the user's UID. It then allocates a new PTY for that and transfers the data both ways from the initial TTY to the newly created PTY.
Lennart also adds that:
One could say, "run0" is closer to behaviour of "ssh" than to "sudo", in many ways. Except that it doesn't bother with encryption or cryptographic authentication, key management and stuff, but instead relies on the kernel's local identification mechanisms.
Even though he knew about OpenBSD's sudo alternative, “doas”, he mentions that it is still a SUID binary. The issue with those is that they feature a large attack surface that can easily be exploited, and any mistakes could lead to considerable ramifications.
Anyhow, among all those things, Lennart also shared that, by default, run0 will change the color of the background to a “reddish tone” when you are operating with elevated user rights, as a way to remind you of the fact.
If the default color is not your cup of tea, then you could use “--background= color”, where “color” could be any one of the ANSI colors. You could also put “switch” instead of “color” to disable the coloring of the background.
When someone asked how the adoption of this tool might be, seeing that run0 is harder to type than sudo, Lennart added that:
The command line of run0 is intentionally kept close to sudo's. But that's were the compatibility really ends, i.e. /etc/sudoers and so on we're never going to add compat for.
From my perspective run0 should be fine already for a distro to replace sudo with. But let's see how this plays out, I am pretty sure there might be a feature or two we still need to add before the first distros decide it's ready to switch over.
After reading all that, you're maybe wondering.
When will run0 Arrive?
As things stand now, we already have the first release candidate (RC) for systemd 256, which includes run0. That being said, we are just a few more RCs away from the final release, which is expected to come equipped with a stable run0 experience among other improvements.
If you can't wait, then you can check out systemd v256-rc1 on GitHub.
💬 Which one would you prefer to use, sudo or run0? Let us know in the comments below!
More from It's FOSS...
- Support us by opting for It's FOSS Plus membership.
- Join our community forum.
- 📩 Stay updated with the latest on Linux and Open Source. Get our weekly Newsletter.
