> On 26 Jun 2025, at 17:58, SCOTT FIELDS <scott.fie...@kyndryl.com> wrote: > > I never said it was a drop-in replacement. > > But if the goal is to use this instead of "sudo", some migration > documentation would help quite a bit. > > I know the implementation will not work with current "sudoers" > configurations, nor will it ever per comments from Leonard Poettering. > > But the current documentation I find lacking in how to perform the same > functions I'm already doing with "sudo".
It's on my TODO list workout how to move from sudo to run0 as well. The lack of how-to docs has held me back as well. I've got as far as knowing that I need to learn about writing polkit rules to allow run0 to replace sudo. To that end looking at pkexec and it's docs is the way into this world I think. Barry > > From: Nils Kattenbeck <nilskem...@gmail.com <mailto:nilskem...@gmail.com>> > Sent: Thursday, June 26, 2025 11:50 AM > To: SCOTT FIELDS <scott.fie...@kyndryl.com <mailto:scott.fie...@kyndryl.com>> > Cc: Systemd <systemd-devel@lists.freedesktop.org > <mailto:systemd-devel@lists.freedesktop.org>> > Subject: [EXTERNAL] Re: [systemd-devel] Documentation on 'run0' command in > Systemd >256 > > run0 is not a drop-in replacement for sudo in every case. It works > inherently different but therein lies its strength (but also its > weaknesses). For allowing only specific commands you will need to look > into setting up polkit rules because that is what run0 uses in the > back to check if running the command should be allowed. > > Cheers, Nils > > On Wed, Jun 25, 2025 at 11:30 PM SCOTT FIELDS <scott.fie...@kyndryl.com > <mailto:scott.fie...@kyndryl.com>> wrote: > > > > 'run0' is defined as a better 'sudo', though the documentation I see is a > > bit sparse. > > > > Is documentation regarding how to get similiar function from 'run0' as you > > can in a sudo configuration file present anywhere? > > > > Primary issue is restricting access to specific users and commands. > > > > The latter is the what I see not really documented. > > > > And more specifically, how to specify "wildcard" formatted commands, if > > currently possible at all, directly. > > > > Essentially, more a porting guide for moving an existing 'sudo' > > configuration to the new 'run0' infrastructure. > > > > Scott Fields > > Kyndryl
