[systemd-devel] run0 and run0 versus machinectl shell
Dominick Grift
dominick.grift at defensec.nl
Thu Oct 17 07:58:41 UTC 2024
I am encountering three issues with run0:
1. not upstream related but Debian (currently) does not install systemd-run0 pamname
2. the man page is incorrect in stating that everything goes through
systemd-run0 pam stack because if you omit --user= then run0 will not go
through pam (you can verify that by looking at the ownership of the
created pty. pty ownership is not reset to root.)
3. the way run0 is implemented differs from the way machinectl shell
implements this functionality. I am not sure so bear with me but with
machinectl shell, the shell gets executed by the systemd --user instance
whereas with run0 the shell gets executed by systemd --system
instance. This inconsistency potentially causes issues with pam because
systemd --user is not -/bin/bash. Ipersonally prefer the way machinectl
shell does it but I will be honest that this seems not perfect either.
>From my perspective run0 is pretty much similar to machinectl shell
(.host) but I don't really get why the implementation differs in the
ways that it does.
--
gpg --locate-keys dominick.grift at defensec.nl (wkd)
Key fingerprint = FCD2 3660 5D6B 9D27 7FC6 E0FF DA7E 521F 10F6 4098
Dominick Grift
Mastodon: @kcinimod at defensec.nl
More information about the systemd-devel
mailing list