Stories
Slash Boxes
Comments

SoylentNews is people

Lennart Poettering Has Merged “su” Command Replacement into systemd

posted by martyb on Monday August 31 2015, @04:29PM   Printer-friendly
from the so-su-me dept.

CoolHand writes:

The Linux Homefront Project reports on Lennart Poettering looking to do away with the good old "su" command. From the article, "With this pull request systemd now support a su command functional and can create privileged sessions, that are fully isolated from the original session. Su is a classic UNIX command and used more than 30 years. Why su is bad? Lennart Poettering says:"

Well, there have been long discussions about this, but the problem is that what su is supposed to do is very unclear. On one hand it’s supposed to open a new session and change a number of execution context parameters (uid, gid, env, …), and on the other it’s supposed to inherit a lot concepts from the originating session (tty, cgroup, audit, …). Since this is so weakly defined it’s a really weird mix&match of old and new paramters. To keep this somewhat managable we decided to only switch the absolute minimum over, and that excludes XDG_RUNTIME_DIR, specifically because XDG_RUNTIME_DIR is actually bound to the session/audit runtime and those we do not transition. Instead we simply unset it.

Long story short: su is really a broken concept. It will given you kind of a shell, and it’s fine to use it for that, but it’s not a full login, and shouldn’t be mistaken for one.

I'm guessing that Devuan won't be getting rid of "su."

Original Submission

 
This discussion has been archived. No new comments can be posted.
Lennart Poettering Has Merged “su” Command Replacement into systemd | Log In/Create an Account | Top | 194 comments | Search Discussion
Display Options Threshold/Breakthrough Mark All as Read Mark All as Unread
The Fine Print: The following comments are owned by whoever posted them. We are not responsible for them in any way.

  • (Score: 1, Troll) by utoddl on Tuesday September 01 2015, @01:19PM

    by utoddl (819) on Tuesday September 01 2015, @01:19PM (#230787) Homepage

    If you really do want to know what systemd is about, I'm sure people who are up on it are happy to talk to you about it and explain its benefits to you.

    Not in this forum. Look at the vitriol above and below. Look at the info to condescension ratio (almost 0.01%) in those comments. Why would anyone who understands why systemd is useful wade into these waters? Life is short enough.

    The reasons for this move were not spelled out very well in the opening paragraph, so it's understandable why there would be questions. That doesn't justify the pile-on of hate. If the system provides sessions and cgroups, and you want to start a root session, it makes sense that you would obtain a new session from the part of the system that generates sessions. Sudo and su can't do that; they are part of existing sessions. Sure, you can get a root shell, and if that's all you need, fine, use them. But if you need a session unpolluted by your user session, this is a much cleaner (i.e. actually has a hope of working) solution.

    Starting Score:    1  point
    Moderation   0  
       Troll=1, Insightful=1, Total=2
    Extra 'Troll' Modifier   0  
    Total Score:   1