Previously there was sudo, now there is also sudo-rs.
Some commands do not accept sudo-rs, for example yay,
If I launched a command using sudo-rs before, Yay asks for the password.
Other commands like sudo timeshift do not ask for the password in this situation.

yay should never ever be used using sudo…

Everything relevant for comparison sudo against sudo-rs in given in the wiki:

It also explains the limitations of sudo-rs.

yay should not be run with sudo, not at all.

You’re safer to default to NOT using sudo unless your commands fail.

pamac is similar, you can try ‘pamac upgrade’ to see how it works, using Polkit.

Timeshift is different, trying timeshift --list will advise you to prepend sudo (I use Alt_S for this).

AFAIK sudo-rs is a simple drop-in for sudo… for normal users… though sys-admins might notice some differences.

sudo is still the default, and possibly sudo-rs is a valid candidate to replace it… as sudo has been criticised in the past… hence some folks prefer to use doas.

With regard to yay (an old favourite of mine) it’s notable that there are important differences, especially in these days of DDOS attacks on the AUR.

Yay pulls straight from AUR, which is not synchronised with Manjaro at all.

Pamac pulls from the Manjaro-maintained cache.

So the system integration is theoretically higher with pamac right now.

If you are running Testing or Stable, then pamac is definitely a better tool, as the cache might be slightly delayed - which is a bonus.

Another important detail is the difference installing with - for example - yay -S vicinae-bin vs yay -Syu vicinae-bin.

You should prefer the -Syu option to ensure synchronisation…

But better still (I think - I may be wrong) is simply this:
pamac install vicinae-bin.

zsh

You can create a temporary alias for testing sudo-rs (and use command sudo to override if it fails):
alias sudo=“sudo-rs”

fish

you can create an abbreviation:
abbr -a sudo "sudo-rs"

Later on you can remove it:
abbr -e sudo

I’ve been using it - and I can use visudo with no issues too… but my visudo is also adulterated:

➤ sudo-rs SUDO_EDITOR=micro visudo 

Advantages:

There is ONE which is interesting and which makes it a potentially safer option for Manjaro users (who might mistake sudo pacman and run sudo pamac, or sudo yay)

• Sudo-rs always uses PAM for authentication, so your system must be set up for PAM.

• Sudo-rs will use the sudo and sudo-i service configuration. This also means that resource limits, umasks, etc have to be configured via PAM and not through the sudoers file.

Let’s not forget to maintain separation between sources…

Using yay -Syu (or yay without any parameters) will update all installed Repo and AUR sourced packages at the same time.

This in potentially dangerous

Manjaro repo updates should be processed first (on their own) before any foreign sources such as the AUR.

Ignoring this rule can lead to a system being left in an unsupported state, due to system packages and dependencies being replaced by older (often incompatible) versions.

pacman and/or pamac (with appropriate parameters) is generally suggested, however, yay is also an option if used responsibly, as shown (below).

1. Update packages from the Manjaro repo(s):

• pamac update --no-aur (using pamac)
• yay -SyuN – or – yay -Syu --repo (using yay)

2. Build/update software sourced via the AUR:

• pamac update --aur (using pamac)
• yay -Sua – or – yay -Su --aur (using yay)

3. If you use flatpak containerised apps:

• flatpak update

The important factor is to maintain separation between updating from the Manjaro repos, the AUR or any other foreign sources.

Safer still, I think would be pamac install --aur vicinae-bin or simply pamac build vicinae-bin (because, the binary package still needs to be assembled). That’s the theory I’m going with, at least.

According to the following, pamac should now handle this separation automatically, but that doesn’t make the (above) examples any less relevant, even if only for illustration purposes.

• Pamac: Make upgrade a two-step process

12 posts were split to a new topic: Random banter concerning updating

Something not yet mentioned is systemd’s inbuilt alternative to sudo: the run0 command.

The manual page:

Yes, but that one’s a little dangerous. It was my use of run0 back in June of this year which ruined my /boot partition due to a broken pipe when using mkinitcpio.

So I for one am not using run0 anymore.

I also tried run0 and in my case, luckily, it just errored out on something. So no thank you for me too.

If I previously executed a command with sudo, all subsequent commands in zshell run with
root privileges. In contrast to, the command yay -Syyuv prompts for the password…

No, they do not, but sudo has a grace time — by default it is set to 5 minutes, but one can change this.

Your commands are still running with your own privileges, but if you invoke sudo again within the grace time, then it’ll remember that you’ve authenticated for it earlier.

yay and trizen on the other hand do not do this, indeed.

It’s likely using polkit for authentication, like Pamac does. It’s a guess on my part though, as I don’t use yay.

It uses sudo internally.

The behavior matches, the password prompt says it’s sudo, there’s an option called --sudoloop and the man page talks about sudo commands.

Pamac automatically updates repository packages before requesting rebuild of AUR packages

pamac install works for building AUR packages, but has a warning

$ pamac install vicinae-bin
Warning: vicinae-bin is only available from AUR
Preparing...
Checking vicinae-bin dependencies...
Resolving dependencies...
Checking inter-conflicts...

To install (2):
  layer-shell-qt  6.5.3-2    (Required By: vicinae-bin)  extra  35.7 kB
  libqalculate    5.8.2-1    (Required By: vicinae-bin)  extra  3.0 MB
To build (1):
  vicinae-bin     0.16.10-1                              AUR

Total download size: 3.1 MB
Total installed size: 16.3 MB

Edit build files : [e] 
Apply transaction ? [e/y/N]

As previously referenced:

Personally I would use sudo. Why would I type 3 extra characters when the shorter command works just fine.

I (vaguely) recall reading that sudo-rs had some fundamental problems, plus, tacking “-rs” to the end of a command isn’t particularly confidence-inspiring.

Indeed, I wouldn’t use a rusty command when a shiny one is available.

Rust is the new religion. They want to rewrite python now. Before we know they will want to rewrite the kernel too.

The kernel does already contain code written in Rust — certain drivers, et al.

No, that’s A.I.

All bow to Vaal.