517
Sudo maintainer, handling utility for more than 30 years, is looking for support (www.theregister.com)
submitted 2 days ago by randomname@scribe.disroot.org to c/programming@programming.dev
99 comments fedilink hide all child comments

It's hard to imagine something as fundamental to computing as the sudo command becoming abandonware, yet here we are: its solitary maintainer is asking for help to keep the project alive.

Archived version

top 50 comments
sorted by: hot top controversial new old
[-] Slashme@lemmy.world 39 points 2 days ago

Following publication, Miller has been in touch to tell us that he has no plans to abandon sudo, or even hand it off, but he suspects change is still on the horizon for the essential tool.

"While I don't expect to maintain sudo for an additional 30 years, I also don't currently have someone to pass the torch to," Miller told us. He noted that the xz utils backdoor has made him hesitant to hand it off to someone he doesn't know, and that he "feels responsible for sudo" after having spent so long as its lead dev and maintainer.

Unfortunately, a lack of financial backing means sudo work has ground to a glacial pace.

"Since I have limited time I've mostly been focused on fixing bugs and cleaning up the code base rather than adding new features," Miller said. "As a result the amount of time I spend is heavily influenced by the bug reports I receive."

Funding or not, Miller expects sudo-rs to become the next generation of the tool in coming years.

"Ubuntu is already shipping sudo-rs as the default sudo command in their latest versions," Miller told us. "I've been in contact with the people working on sudo-rs since the project started and I trust them to do right by the sudo user base."

Regardless of what happens, Miller agrees the sudo situation he's in is yet another example of how open-source maintainers is putting the entire computing community in a bind.

"Without some form of assistance it is untenable," Miller said. "Maintainer burn-out is real."

[-] breadsmasher@lemmy.world 137 points 2 days ago

imagine if he said fuck it and turned sudo into a crypto mining malware

[-] muhyb@programming.dev 75 points 2 days ago

$udo

[-] Scrollone@feddit.it 29 points 2 days ago

To be honest, it wouldn't take much for distro maintainers to detect that and stop it

load more comments (4 replies)
[-] eleijeep@piefed.social 34 points 2 days ago

sudo rm $(which sudo)

[-] nao@sh.itjust.works 1 points 1 day ago

does it work?

load more comments (1 replies)
[-] 0xtero@beehaw.org 92 points 2 days ago

It’s been 12 years since Heartbleed and we’ve had numerous ”lone maintainer” issues since then. The situation shouldn’t come as a surprise or be especially ”hard to believe”.

This is the state of free software, especially when it matures.

Unless the creators manage to roll some kind of ”commercial” version, it’s not very sustainable in the long run. Turns out many eyes don’t really equal many PRs

[-] mech@feddit.org 49 points 2 days ago* (last edited 2 days ago)

This is the state of free software, especially when it matures.

The state of free software also includes the fact that even if the sudo maintainer doesn't find support, no one steps up and sudo becomes unmaintained, sudo-rs, doas, opendoas, run0 and please already exist as alternatives.

[-] sbeak@sopuli.xyz 10 points 2 days ago

hang on, there's one called please? Are there any downsides with using please instead of sudo?

[-] Brickhead92@lemmy.world 7 points 2 days ago

It promotes familiarity with the machine which is best to avoid. Except of course if the machine uprising happens, then it would be in you favour to have been using it for years.

[-] mech@feddit.org 6 points 2 days ago

From what I can see, it's a sudo clone with added optional regex functionality, written in Rust.
So you can use it just like sudo, or you can limit superuser rights to directory names that contain a 💩 emoji, but only on Mondays.

[-] sbeak@sopuli.xyz 7 points 2 days ago

Interesting. I just found out that you can just use alias to use please instead of sudo which is cool!

load more comments (3 replies)
[-] FizzyOrange@programming.dev 25 points 2 days ago

In my experience a lot of these old projects really go out of their way to dissuade contributions anyway. Lots of naysaying "it's always been like that", ancient infrastructure - e.g. insisting on git send-email patches, etc.

Usually the only way it gets resolved is when someone writes a more modern competitor and it starts gaining traction. Suddenly all those improvements that people tried to do and were told were impossible and stupid aren't such a bad idea after all.

I don't think that's the case with Unity but it probably is with things like GCC, sudo, sysvinit, X11, etc.

load more comments (1 replies)
[-] roguetrick@lemmy.world 78 points 2 days ago

That Ubuntu unity article where the maintainer was a 10 year old when he started the project but now has shit to do is pretty funny.

[-] hddsx@lemmy.ca 18 points 2 days ago

Please link article thanks

[-] portnull@lemmy.dbzer0.com 47 points 2 days ago
[-] jaybone@lemmy.zip 18 points 2 days ago

This has been depressing for a while now. I’m a big Unity fan and I’m concerned about the future.

"Maybe someone could teach us how things are done so that we can take it over in time," Adamietz added.

Wasn’t any of this documented anywhere? And who are these other team members they interviewed? How is it they don’t know how to write code? Are they just manual testers or something?

I’d try to help myself if there was some decent documentation on where to begin. But if it’s all in this kids head, we might be kinda fucked.

[-] Gonzako@lemmy.world 6 points 2 days ago

To me I tried to add people to my unity project and they were unable to actually boot it up and that angered me enough to go godot

[-] wonderingwanderer@sopuli.xyz 9 points 2 days ago

Isn't the whole point of FOSS software that anyone can fork it?

[-] SailorMoss@sh.itjust.works 23 points 2 days ago

The article points out that sudo has already been forked by Ubuntu maintainer canonical into sudo-rs which reimplements sudo in rust with better memory protections. It also states that the maintainer of sudo expects sudo-rs to be the future of sudo.

[-] aloso@lemmy.blahaj.zone 5 points 22 hours ago* (last edited 22 hours ago)

sudo-rs is a complete re-implementation, not a fork. Also, sudo-rs was not created by Canonical. It was created by Tweede Golf and Ferrous System with funding from Prossimo. Since 2024 it is being maintained by the Trifecta Tech Foundation. Ubuntu merely packages it.

[-] mint_tamas@lemmy.world 7 points 1 day ago

sudo-rs is not a fork.

[-] wonderingwanderer@sopuli.xyz 3 points 1 day ago* (last edited 1 day ago)

That's good, at least everything won't collapse catastrophically at this like a single point of failure without any redundancies. It would be better if someone other than canonical would do it, but at least it's not like no one is...

[-] 3abas@lemmy.world 14 points 2 days ago

You can fork it. Are you gonna maintain your fork? Is your fork going to be adopted by the majority of distributions?

load more comments (3 replies)
[-] please_send_me_nudes_girl@lemmy.sdf.org 12 points 2 days ago

Excuse me, but how isn't this a core feature, or do I think too complicated?

[-] Petter1@discuss.tchncs.de 4 points 2 days ago

Having to install sudo on Arch manually is one thing that made me use endeavourOS (besides having yay and DE preinstalled)

[-] TehPers@beehaw.org 24 points 2 days ago

Funding or not, Miller expects sudo-rs to become the next generation of the tool in coming years.

"Ubuntu is already shipping sudo-rs as the default sudo command in their latest versions," Miller told us. "I've been in contact with the people working on sudo-rs since the project started and I trust them to do right by the sudo user base."

Projects don't last forever, and when they inevitably end, it's an opportunity to switch to something newer and hopefully better. Sudo coming to an end, if it does, will just force people onto alternatives.

Being open source, sudo will always exist, whether someone else wants to maintain it, fork it, use it as-is, or just reference it. It's because it's open source that it can serve a purpose even beyond its EOL.

Anyway, sudo's not dead yet, so there's still plenty of time for people to look at what's out there. Some distros have already moved to, or are considering moving to, alternatives like sudo-rs, so I'd expect that to continue.

load more comments (12 replies)
[-] randomname@scribe.disroot.org 38 points 2 days ago* (last edited 2 days ago)

It reminds me somehow on the famous xkcd webcomic: https://xkcd.com/2347

Edit for an addition: Maybe it's also a reminder that we should frequently donate when we use FOSS.

[-] howrar@lemmy.ca 6 points 2 days ago

Of those who regularly donate (or think of donating) to FOSS projects, how many of them would've even had sudo cross their mind as a potential recipient for those donations?

[-] egrets@lemmy.world 7 points 2 days ago 
<username> is not in the donors file. This incident will be reported.
load more comments (17 replies)
load more comments
view more: next ›
this post was submitted on 04 Feb 2026
517 points (99.6% liked)

Programming

25368 readers
269 users here now

Welcome to the main community in programming.dev! Feel free to post anything relating to programming here!

Cross posting is strongly encouraged in the instance. If you feel your post or another person's post makes sense in another community cross post into it.

Hope you enjoy the instance!

Rules

Rules

  • Follow the programming.dev instance rules
  • Keep content related to programming in some way
  • If you're posting long videos try to add in some form of tldr for those who don't want to watch videos

Wormhole

Follow the wormhole through a path of communities !webdev@programming.dev

founded 2 years ago
MODERATORS
snowe@programming.dev
Ategon@programming.dev
UlrikHD@programming.dev
bugsmith@programming.dev
Spyro@programming.dev