I wouldn’t rely on distros adopting it as a default. systemd has a whole range of features, like network management, that many distros still use other tools for, like NetworkManager and netplan.
The thing with this is: its just a symlink to the systemd-run binary, which talks to PID1 to spawn new processes (in separate cgroups IIRC). Its one of the most fundamental parts of systemd. Even the debian systemd package includes systemd-run.
I guess the other question is if some tools the distro provides might switch to supporting it by default. For example on Arch there is makepkg that should never be executed as root, but does internally call some things with elevated privileges (mostly pacman to install and remove packages). Currently it checks for sudo and if not falls back to su, but maybe it might be worth considering changing su for run0 if its guaranteed to be there.
I haven’t checked the details yet, but surely this will need configuration to decide what users are allowed to use run0. The binary might exist, ready to be configured (the same is true for many systemd deployments that use alternative network managers!) but without configuration to match, I don’t think run0 will be usable for users that don’t already have root access.
it does its authorization with polkit (which IIRC defaults to allow all wheel group members) and giving users that shouldn’t be allowed root access, root access, is not something you ever want. This is usually referred to as unauthorized privilege escalation. Also, it isn’t like sudo doesn’t need configuration.
I wouldn’t rely on distros adopting it as a default. systemd has a whole range of features, like network management, that many distros still use other tools for, like NetworkManager and netplan.
The thing with this is: its just a symlink to the
systemd-runbinary, which talks to PID1 to spawn new processes (in separate cgroups IIRC). Its one of the most fundamental parts of systemd. Even the debiansystemdpackage includessystemd-run.I guess the other question is if some tools the distro provides might switch to supporting it by default. For example on Arch there is
makepkgthat should never be executed as root, but does internally call some things with elevated privileges (mostlypacmanto install and remove packages). Currently it checks forsudoand if not falls back tosu, but maybe it might be worth considering changingsuforrun0if its guaranteed to be there.I haven’t checked the details yet, but surely this will need configuration to decide what users are allowed to use run0. The binary might exist, ready to be configured (the same is true for many systemd deployments that use alternative network managers!) but without configuration to match, I don’t think run0 will be usable for users that don’t already have root access.
it does its authorization with polkit (which IIRC defaults to allow all
wheelgroup members) and giving users that shouldn’t be allowed root access, root access, is not something you ever want. This is usually referred to as unauthorized privilege escalation. Also, it isn’t likesudodoesn’t need configuration.