Slashdot Mirror
Systemd Getting UEFI Boot Loader
New submitter mrons writes: Many new features are coming for systemd. This includes the ability to do a full secure boot. As Lennart Poettering mentions in a Google+ comment: "This is really just about providing the tools to implement the full trust chain from the firmware to the host OS, if SecureBoot is available. ... Of course, if you don't have EFI SecureBoot, than nothing changes. Also if you turn it off, than nothing changes either. [sic]" Phoronix notes, "Gummiboot is a simple UEFI boot manager that's been around for a few years but only receives new work from time-to-time. Lennart and Kay Sievers are looking at adding Gummiboot to systemd to complete the safety chain of the boot process with UEFI Secure Boot. Systemd will communicate with this UEFI boot loader to ensure the system didn't boot into a compromised state."
Many features
In the bloat
Off to FreeBSD
In a safety boat
burma shave
CLI paste? paste.pr0.tips!
Two equally hated systems, seems like a match made in heaven.
This is an evil ploy to prevent freedom-seeking users from trying Windows 10 alongside Systemd OS.
systemctl enable YearOfTheSystemdDesktop.service
So, UEFI is no longer a trick by the evil monopoly to lock computer-owners in and forever prevent them from running free software, but a good thing helping ensure safety of the boot process?
In Soviet Washington the swamp drains you.
Trust chain. Systemd. Amusing.
as long as M$ does not use the DMCA to lock in windows it's fine.
Maybe it's time to switch back to paper tape boot loader, or better yet, toggling it in. That would be more secure, and most importantly, more reliable. I've had it with all the security bullshit being added. Just more frustration for the end user.
I request that the next version include self-awareness and cybernetic terminators!
I just hope this one lasts long enough before someone makes a N.*i/H.*er reference.
Just over four months ago, I updated my Debian testing workstation. To keep a long story short, systemd was installed, and my workstation basically got trashed. It no longer booted properly, and none of my attempts to fix it worked. I used a livecd to perform one final backup.
I proceeded to install FreeBSD 10. In hindsight, I wish I had done this years ago. FreeBSD has worked almost perfectly for me. The installation was fast and actually quite simple. All of the open source software I used to use under Debian is available and easily installed. ZFS is amazing. My system feels faster than it ever did before. It has yet to crash even once, unlike Debian and Linux, where I'd get a kernel panic around once a month. The upgrade to FreeBSD 10.1 went very smoothly, with almost no effort on my part.
I used to be disturbed by the recent degradation of the Debian project. But now I no longer care. Since moving to FreeBSD, I have no need for Debian. Debian is basically dead to me now. If it dies as a project, I don't care. FreeBSD does everything I need, and it does it better than Debian and Linux ever did.
Good riddance, Debian. Good riddance, Linux. Good riddance, systemd. All of them are failures compared to FreeBSD.
This was the only piece that was missing from systemd.
I'm sure now all of the growth will end and the community will start rallying around systemd.
Hmm, is that hell freezing over outside?
With Lennart Poettering and Kay Sievers lol. 2 of the most untrustworthy and two faced developers in the Linux world.
Something isn't quite right here
It's not fine unless the user (machine owner) can control root keys.
I set sysvinit as init on my Debian jessie, however I had to install systemd anyways (I use Xfce, but I also need some useful gnome programs, and they need that shit).
I'm moving to FreeBSD soon, and I'm also very interested in the new Devuan project. I don't want poetteringware on my computer.
I hope someone port systemd to distros that power the Raspberry Pi and Arduino
I hope more people experience the agony, the same agony that are inflicted on many Linux users right now
Let's spread the pain, man --- after all, it's only fair !
I don't get it. This is crazy. Does the boot loader run in PID 1 now?
I for one have been waiting for the promise of a UEFI bootloader for some time, but as an avid Systemd fan I can't help but wonder when Pottering and the team are going to get off their lazy asses and implement a systemd version of the Kernel. The Kernel (linux, ganoo, whatever) is old, inefficient, and can be handled much better by systemd. dmesg is a confusing command too. to replace it in systemd you would just issue a simple systemctl service engage geiss wobble manager=1 --upchuck --lasermode /var/tmp/var/eng/lib/lib64/service/svc/portal/optimized/Skernel.wrapper to get the same data converted from a binary disk image into real text, imaginary text, a full color background, and a chart-topping indie song (--noyuke to remove yukelele) Its really quite simple and I dont understand why linux makes such a fuss about their old fashioned kernels.
Good people go to bed earlier.
Star Trek: The Motion Picture comes to mind with V'ger... Systemd will become self-aware very soon...
You could say the same thing about EMACS. Who needs anything else, it already includes the kitchen sink, and...
Now, that is funny! You can put that stinky poo in the potty... Yes, lame pun... But hey, this is slashdot... or slashpot... LOL.
When will Systemd get 3D printing capabilities?
Harrison's Postulate - "For every action there is an equal and opposite criticism"
The Systemd Consortium of Uber-Masters (SCUM) is proud to announce the finalization of it's acquisition of the NSA. Hot on the heels of absorbing the CIA and FBI, Vice Chancellor Lennart Poettering had this to say: ".. this brings us one step closer to our ulitimate goal of reducing complexity for the common man."
... a great many new contributors to BSD :)
I apologize for the lack of a signature.
After the systemd fiasco what are people moving to mostly?
Why is it that those two fellows, who have been shown to be a pair of clowns, time and again, are allowed to carry on with their shenanigans in Red Hat? One thing that they are achieving is to get Red Hat to replace Microsoft as our favorite company to despise. Not there yet - but slowly getting there.
3-4 naysayers? More like the majority of the linux community. As for a new init process, sure , there's room for *improvement*. Systemd is not an improvement - its a bug ridden overly complex dogs dinner that is one mans ego trip being ridden roughshod through the whole linux/unix principal of KISS and do one thing well. Now you might not give a stuff about that principal but most of us do and we do not want to see this POS being installed by default.
It's a requirement that the firmware gives the user access to the key controls in order to get Windows certification on x86 hardware.
Lots of funny comments here. What I was really hoping for was some informative comments on the state of the world in terms of managing Platform Keys. The last I read was in 2011 http://www.linuxfoundation.org...
... which can run Linux. Imagine a Beowulf cluster of those puppies.
This is quite the common tactic in some places. So much so that islamists have a word for it: taqiyya.
No, I'm not saying you should grow a beard and start wearing a tent, go ass-in-the-air on a mat five times a day offering praise to the prophet poettering. I'm saying your words employ a tactic that's been used before, to the point that there's a word for it.
The only thing missing was kitchensinkd!
A couple of the items were interesting (i.e. ntp-lite). I think the biggest take-away from this is that in the very near future every 'application' will be its own container. While this has some very good merits I am not sure how I feel about it. Cautiously optimistic?
As a server admin I hate systemd and all of its hell-spawn, but as an end-user i like some of these features.
"The price good men pay for indifference to public affairs is to be ruled by evil men." ~Plato (427-347 BC)
Too much effort to cover an attack vector that is rarely used in practice. Even if you consider it a move against modders/free platforms it's still a geeky waste of time to stop something that is a niche activity and matters little for anyone's bottom line.
This was the only piece that was missing from systemd.
It's still missing a good editor.
It also can't read mail yet:
http://www.catb.org/jargon/html/Z/Zawinskis-Law.html
This is a great idea, and I think I should fill a bug report for this.
Imagine the performance gains to be had when systemd integrates the Perl, Python, Awk, PHP and Javascript VMs ...
I installed system on my laptop. It has basically made my world fall apart. Systemd made my laptop electrocute my cat, my girlfriend walked out on me because of systemd and it also emptied my bank account. Since then I have switched to OpenBSD and I have no more problems. Or friends.
it's simply unacceptable at this point that the kernel isn't managed by systemd
Just an honest question.
Certainly this does not have to be part of systemd to work, just like udev did not have to be part of systemd to work.
So why?
Systemd's rising popularity is due solely to its quality. There is no conspiracy, and definitely no conspiracy by a government agency who wishes to have remote access to your computer, no reason other than quality for systemd to be so popular.
Don't waste your vote! Vote for whoever you want, unless you live in a swing state it won't matter anyways
Here's what sure looks like Mr Poettering's plan going forward:
1. Expand systemd to the point where large swaths of everything depend on it, so that he is controlling as much of the code base as possible.
2. Insult Linus Torvalds for a while to try to undermine his authority.
3. Fork Linux, or demand that Linus give control of Linux over to him, or he will rage-quit and take his code with him.
His goal doesn't seem to be great code (given the number of times he's screwed up big time), or great design (given that he seems to ignore everything Thompson, Ritchie, etc said about how Unix should work). It sure seems to be about becoming the Grand High Poobah of the open source world, without any idea what that actually takes.
What he doesn't understand is that Linus is in charge because other open source developers genuinely respect his judgment. If Linus was doing a lousy job in his role, there would be calls for Alan Cox or someone else who's been in the inner circle forever to take over, and Linus might actually step aside. If, on the other hand, you're running around insulting everyone for no good reason, you're not going to have the respect of other developers, and they will quite happily shunt you aside, forking systemd if necessary to get rid of you, and life will go on.
"Every program attempts to expand until it can read mail. Those programs which cannot so expand are replaced by ones which can."
Is there a better explanation of init versus systemd?
Lovely to see how the systemd bunch has gone from a political movement to a religious cult in mere months, starting when it became painfully obvious they had run out of arguments shortly before.
Just look at this presentation, where a presenter dares to suggest that some people don't want Gnome, and then Lennart construes this (immediately) as an attack on handicapped people or people who don't speak English. I'm not exaggerating at all - as soon as someone even suggests doing things a different way, he'll just jump up and say, 'you must hate handicapped people.'
In fact, this is exactly how Debian has turned now that it's been taken over by his cronies. Anyone who even dares to go against him and Gnome gets insta-banned.
It's just a simple and very extreme case of playing the victim: pretending he's done nothing wrong and claiming all kinds of discrimination and personal attacks when people criticize him, even if they're just saying that they don't want to use systemd or whatever clusterfuckery he's come up with most recently.
I've said it before and I'll say it again - Poettering and Co. are the new Steve Jobs Klan of open source, and we need immediate action to get rid of his influence. Everything he's doing for the Free Software community is bad and he should be excommunicated permanently.
It's a political move. You now need permission from a big vendor to install your bootloader without fuss on machines the world over. A vendor moreover who didn't even produce the hardware, just a pile of crappy software that is "usually" installed on that class of hardware. The security gains indeed aren't to write home about (and quite often are not that hard to circumvent!) but the freedom you lose is quite real, even if it hasn't stung yet.
In Windows, it's not unheard of that a piece of malware with sufficient access interjects itself where the next boot will be picked up before the OS has a chance to set up it's own protection. Of course my complaint is that this vector would have easily been sidestepped without a huge firmware mess. If the OS set up access to that area as very very very very special, requiring signed code within the OS to modify that section of the platform, then the problem would have been solved. You want to write to the *system* partition? Oh, you need a special signature from the OS vendor to get that access. Otherwise processes are running in a namespace that silently masks the existence of the system partition.
XML is like violence. If it doesn't solve the problem, use more.
The antisocial Linux enthusiasts is never happy. If this Lennart Poettering, was willing to do a speech to the Linux antisocial enthusiasts with a dildo sticking out of his rectum I am sure he would get a large following all agreeing with systemd. I think even some of them would be prepared to polish their 1 front tooth.
Put UFFI in your walls, make your family sick.
Put UEFI in your init, make your OS shit.
Just wait. One of these days I expect to read, "Systemd to get Emacs editor."
But the systemd version, SystemDmacs, will use encryped XML. You will need an up-to-date certificate from pottering to be able to decipher your logs and any other docs written with SystemDmacs.
I think the biggest take-away from this is that in the very near future every 'application' will be its own container.
It depends. I have certain services that I feel obligated to run on physical hosts, not necessarily dedicated. I also have certain services that have their own private VMs. For example, all the email servers including mailing list servers. Some pre-packaged Docker services have multiple daemons in them, such as Ngnix and MongoDB. And I have certain services of my own that are single-app containers. Nice to have flexibility.
I've yet to inflict systemd on any of these and I'm in no hurry to do so. I can dimly perceive how systemd is supposed to make containerization work better and I hope it does, but the hell-spawn part (specifically the abomination that is journalctl) has kept me from rushing to embrace it.
Anyone know of any major (or minor, for that matter) distributions that have chosen not to use systemd? Bonus points for distros that have a philosophy that necessarily excludes software like systemd.
It almost seems like we are just missing the userland tools for SystemD, but I know a great selection of tools: Emacs. Once they merge Emacsd, we're set!
I cannot wait until I can go from GummiBoot to Emacs in less than a second.
for the inevitable news that systemd has fully incorporated emacs.
That will be just after systemd replaces the kernel. At that point, you'll no longer boot Linux, you'll boot systemd and everything you want to do will be run by a systemd subsystem.
And they announced that The Butthurt May Now Begin by posting "Systemd something or other......"
Anyone remember HAL and why the developers said they stopped? If I remember correctly they said it "become a large, unmaintainable mess". I perdict history repeating itself here with systemd...
UEFI and Systemd seem the perfect match: both pushed by shadowy, nefarious, a-hole entities, 'solving' problems in the worst locked-in ways possible, favoring certain for-profit institutions over all others, with a great possibility of backdoors built in to appease (or in paid service to) the organs of state security.
What's not to love?
...a project that people are already complaining about not addressing bugs quickly enough is integrating another, potentially dead, project that is not addressing bugs even as fast as it is. Make sense.
Kind of like the HP and Compaq merger 10 years back - two bankrupt companies merging to try to create a healthy company; worked out for a little while and now HP is spinning stuff off again.
Truth is like the sun. You can shut it out for a time, but it ain't goin' away. - Elvis Presley (source: imdb.com)
give it time, i think the last few trolls are still asleep in their mums basement
"The hands that help are better far than lips that pray." - Robert Ingersoll (1833-1899)
2018 - systemd renames itself to Skynet
$ skynetctl apocalypse now
Dragonfly BSD? What about live CD BSDs that install to a pendrive - what are the candidates?
I concur.
I've been managing machines using sysv init for some 20 years or more, and never really had a problem. It's generally straighforward, works well, and well understood.
Upstart rolled in on Ubuntu, then systemd, and it's hard to find the config, never mind do anything with it. Why did we need to do this - *nix approach was always about small tools that interoperated, not kitchen sink applications that are opaque (well... if you don't think too hard about emacs).
Corporate linux STILL sucks.
At last I can ditch Linux and run Systemdix as my primary and only OS. Oh wait... it still hasn't got Wine so I can't play Minesweeper. Mr. Poettering, are you listening?
GNU/Linux/SystemD
...continual bashing of a technology you don't understand and of which you are afraid.
Well, after all those years, almost twenty of them, I hang my sysadmin hat. With Debian, the last bastion, jumping ship and the fanaticism shattering the community, it took all the fun out of it. Hello Networks !
The features have nothing to do with systemd itself, they are in the KERNEL, and Linux != systemd.
Why does people keep equating systemd with Linux is beyond me....