Sujet : Re: Yet Another New systemd Feature
De : ldo (at) *nospam* nz.invalid (Lawrence D'Oliveiro)
Groupes : comp.os.linux.miscDate : 08. May 2024, 01:00:10
Autres entêtes
Organisation : A noiseless patient Spider
Message-ID : <v1ebpq$3h133$1@dont-email.me>
References : 1 2 3 4 5 6 7 8 9
User-Agent : Pan/0.155 (Kherson; fc5a80b8)
On Tue, 07 May 2024 23:01:49 +0100, Richard Kettlewell wrote:
The important part of
the model in which sudo grants access to certain commands only is that
it doesn’t let anyone go beyond those specifically granted privileges.
Have you looked at polkit (formerly PolicyKit)
<
http://www.freedesktop.org/software/polkit/docs/latest/>? It offers fine-
grained access control, though still discretionary rather than mandatory.
That’s what systemd-run0 is using.