table of contents
RUN0(1) | run0 | RUN0(1) |
NAME¶
run0 - Elevate privileges
SYNOPSIS¶
run0 [OPTIONS...] [COMMAND...]
DESCRIPTION¶
run0 may be used to temporarily and interactively acquire elevated or different privileges. It serves a similar purpose as sudo(8), but operates differently in a couple of key areas:
Altogether this should provide a safer and more robust alternative to the sudo mechanism, in particular in OS environments where SetUID/SetGID support is not available (for example by setting the NoNewPrivileges= variable in systemd-system.conf(5)).
Any session invoked via run0 will run through the "systemd-run0" PAM stack.
Note that run0 is implemented as an alternative multi-call invocation of systemd-run(1). That is, run0 is a symbolic link to systemd-run executable file, and it behaves as run0 if it is invoked through the symbolic link, otherwise behaves as systemd-run.
OPTIONS¶
The following options are understood:
--no-ask-password
Added in version 256.
--unit=
Added in version 256.
--property=
Added in version 256.
--description=
Added in version 256.
--slice=
Added in version 256.
--slice-inherit
Example: consider run0 being invoked in the slice foo.slice, and the --slice= argument is bar. The unit will then be placed under foo-bar.slice.
Added in version 256.
--user=, -u, --group=, -g
Added in version 256.
--nice=
Added in version 256.
--chdir=, -D
Added in version 256.
--setenv=NAME[=VALUE]
Added in version 256.
--background=COLOR
Example: "--background=44" for a blue background.
Added in version 256.
--machine=
Added in version 256.
-h, --help
--version
All command line arguments after the first non-option argument become part of the command line of the launched process. If no command line is specified an interactive shell is invoked. The shell to invoke may be controlled via --setenv=SHELL=... and currently defaults to the originating user's shell (i.e. not the target user's!) if operating locally, or /bin/sh when operating with --machine=.
EXIT STATUS¶
On success, 0 is returned. If run0 failed to start the session or the specified command fails, a non-zero return value will be returned.
ENVIRONMENT VARIABLES¶
As with systemd-run, the session will inherit the system environment from the service manager. In addition, the following environment variables will be set:
$TERM
Added in version 256.
$SUDO_USER
Added in version 256.
$SUDO_UID
Added in version 256.
$SUDO_GID
Added in version 256.
SEE ALSO¶
NOTES¶
- 1.
- polkit
- 2.
- ANSI Escape Code (Wikipedia)
systemd 256.10 |