• 0 Posts
  • 106 Comments
Joined 1 year ago
cake
Cake day: June 26th, 2023

help-circle









  • Yes.

    Really the hardest part of desktop linux for a regular, so called “internet user”, in the installation.

    They don’t have no clue how to install an operating system, even windows.

    I once installed CentOS workstation for my father on his ThinkPad. Firefox and Libreoffice is all he needs. Automatic updates in the background make sure all the latest security patches are applied. There have been few time when, after the update, the laptop hangs at boot. I’ve since told him to choose the second-to-last boot option from the “start-up menu” until the fix for the bug has been deployed (usually in within a 24h).

    So really using Linux isn’t the hard part. Back in 2004 (ish) I went the painful route of installing my first Linux - Gentoo. But boy I learned a lot from it. Yes, I had a helping friend to get me over the hardest parts.





  • Zucca@sopuli.xyztoLinux@lemmy.mlSystemd Looks to Replace sudo with run0
    link
    fedilink
    English
    arrow-up
    11
    arrow-down
    1
    ·
    6 months ago

    sudo is a setuid binary, but it’s a fairly simple program

    Some people would disagree to this.

    The brief description of run0 already has too many potential points of failure.

    If the “listener” is PID1, which will run the privileged command, in theory, it would be quite bullet proof (in a working system PID1 is always there). But since this is systemd, PID1 is much more than that and much more complex. On the other hand spawning another daemon from PID1 to be the “listener” makes it, perhaps, even more complicated. You’d have to make sure the listener is always running and have some process supervisor there to watch if it exits… and maybe even a watchdog polling it to make sure it isn’t frozen.

    So my conclusion is the same as yours:

    a solution in search of a problem

    We already have a working solution. Have a well written SUID program. I’ve been using doas for some years now. It’s simple enough that I trust it.