[systemd-devel] Documentation on 'run0' command in Systemd >256
Nils Kattenbeck
nilskemail at gmail.com
Thu Jun 26 16:50:34 UTC 2025
run0 is not a drop-in replacement for sudo in every case. It works
inherently different but therein lies its strength (but also its
weaknesses). For allowing only specific commands you will need to look
into setting up polkit rules because that is what run0 uses in the
back to check if running the command should be allowed.
Cheers, Nils
On Wed, Jun 25, 2025 at 11:30 PM SCOTT FIELDS <Scott.Fields at kyndryl.com> wrote:
>
> 'run0' is defined as a better 'sudo', though the documentation I see is a bit sparse.
>
> Is documentation regarding how to get similiar function from 'run0' as you can in a sudo configuration file present anywhere?
>
> Primary issue is restricting access to specific users and commands.
>
> The latter is the what I see not really documented.
>
> And more specifically, how to specify "wildcard" formatted commands, if currently possible at all, directly.
>
> Essentially, more a porting guide for moving an existing 'sudo' configuration to the new 'run0' infrastructure.
>
> Scott Fields
> Kyndryl
More information about the systemd-devel
mailing list