Slashdot Mirror
Systemd Getting UEFI Boot Loader
New submitter mrons writes: Many new features are coming for systemd. This includes the ability to do a full secure boot. As Lennart Poettering mentions in a Google+ comment: "This is really just about providing the tools to implement the full trust chain from the firmware to the host OS, if SecureBoot is available. ... Of course, if you don't have EFI SecureBoot, than nothing changes. Also if you turn it off, than nothing changes either. [sic]" Phoronix notes, "Gummiboot is a simple UEFI boot manager that's been around for a few years but only receives new work from time-to-time. Lennart and Kay Sievers are looking at adding Gummiboot to systemd to complete the safety chain of the boot process with UEFI Secure Boot. Systemd will communicate with this UEFI boot loader to ensure the system didn't boot into a compromised state."
Many features
In the bloat
Off to FreeBSD
In a safety boat
burma shave
CLI paste? paste.pr0.tips!
With Lennart Poettering and Kay Sievers lol. 2 of the most untrustworthy and two faced developers in the Linux world.
Something isn't quite right here
I for one have been waiting for the promise of a UEFI bootloader for some time, but as an avid Systemd fan I can't help but wonder when Pottering and the team are going to get off their lazy asses and implement a systemd version of the Kernel. The Kernel (linux, ganoo, whatever) is old, inefficient, and can be handled much better by systemd. dmesg is a confusing command too. to replace it in systemd you would just issue a simple systemctl service engage geiss wobble manager=1 --upchuck --lasermode /var/tmp/var/eng/lib/lib64/service/svc/portal/optimized/Skernel.wrapper to get the same data converted from a binary disk image into real text, imaginary text, a full color background, and a chart-topping indie song (--noyuke to remove yukelele) Its really quite simple and I dont understand why linux makes such a fuss about their old fashioned kernels.
Good people go to bed earlier.
Just over four months ago, I updated my Debian testing workstation. To keep a long story short, systemd was installed, and my workstation basically got trashed. It no longer booted properly, and none of my attempts to fix it worked. I used a livecd to perform one final backup.
Have you tried it on a stable OS release that has systemd? I assume you know that testing is a development branch and is supposed to break, otherwise it would be called stable. Fedora has been using it for years now and it has been fine.
I concur, I have been using Fedora for quite a few years and have never had a problem with systemd. I unfortunately think our words are totally wasted on the haters though .
There ain't no such thing as proprietary standards only proprietary formats. Standards are by definition open.
This was the only piece that was missing from systemd.
It's still missing a good editor.
SJW n. One who posts facts.
FreeBSD user here since over a decade. Welcome.
You haven't seen FreeBSD crash? It only means that you haven't seen enough, yet. FreeBSD is a great system and I recommend it to everyone who can manage it, but you don't need to mention stability as a feature, because it is not the highlight about FreeBSD. You don't install a system and watch how stable it is, but how useful it is (for you and your special requirements).
The best thing about FreeBSD are the FreeBSD Ports and how much commitment there is to make every possible application work on the system. You have basically far more possibilities and options than on Linux distributions thanks to the great job they are doing on this system.
A second point is that it is easier to feel comfortable on the system, because the whole thing is consistent and easy to understand, provided you take some time and learn about the concepts.
"does everything you should want to do".
Do you work for Apple?
That's the problem. There isn't a stable release with systemd.
Fedora has so far released six stable releases with systemd, and Red Hat shipped their first stable release with systemd last summer.
The code isn't audited, nor has it seen actual production testing. It was just foisted on the end users without any transition period, possibly breaking every single app that uses the init.d mechanism for starting and control.
It has been shipping in Fedora for the past four years, and in RHEL since last summer. If that's not production testing then what is?
To boot, with systemd's ability to listen on the network, it has a good chance of becoming a massive remote root exploit in the waiting. Does it have any internal security? We can cross fingers that this large blob of new code does more harm than good, but all it takes is one glitch, and it would mean havoc worse than the RTM worm on the UNIX side ages ago, or the Windows worms in the early 2000s.
Inetd has been doing that for years. It has since moved to a different project. Big deal?
The Systemd Consortium of Uber-Masters (SCUM) is proud to announce the finalization of it's acquisition of the NSA. Hot on the heels of absorbing the CIA and FBI, Vice Chancellor Lennart Poettering had this to say: ".. this brings us one step closer to our ulitimate goal of reducing complexity for the common man."
Well, you see, I don't have a problem with systemd not working. My problem is that systemd is a great OS that lacks a decent init system.
That's awesome. Has systemd been ported yet? That's the only absolute must-have I have that's keeping me in GNU/Linux, if systemd is available on FreeBSD I'll switch over tonight.
You are not alone. This is not normal. None of this is normal.
Here's what sure looks like Mr Poettering's plan going forward:
1. Expand systemd to the point where large swaths of everything depend on it, so that he is controlling as much of the code base as possible.
2. Insult Linus Torvalds for a while to try to undermine his authority.
3. Fork Linux, or demand that Linus give control of Linux over to him, or he will rage-quit and take his code with him.
His goal doesn't seem to be great code (given the number of times he's screwed up big time), or great design (given that he seems to ignore everything Thompson, Ritchie, etc said about how Unix should work). It sure seems to be about becoming the Grand High Poobah of the open source world, without any idea what that actually takes.
What he doesn't understand is that Linus is in charge because other open source developers genuinely respect his judgment. If Linus was doing a lousy job in his role, there would be calls for Alan Cox or someone else who's been in the inner circle forever to take over, and Linus might actually step aside. If, on the other hand, you're running around insulting everyone for no good reason, you're not going to have the respect of other developers, and they will quite happily shunt you aside, forking systemd if necessary to get rid of you, and life will go on.
Have you tried it on a stable OS release that has systemd?
You mean like Fedora/RH which has 4 'urgent' severity bugs with systemd
Including one where systemd breaks Keyboard shortcuts handling in text virtual consoles on Redhat Enterprise Linux.
If you lower the bar to "high" priority you get some fun ones like:
Unable to boot when systemd's LogTarget is set to syslog-or-kmsg or syslog on RHEL7. (The devs left it at "Ok, dropping log messages even just from systemd itself isn't probaly a best way, but wee need more time for investigation." in September 2014).
reboot or shutdown commands unresponsive during systemd-fsck
systemd stuck when auto-mouting volume for NFS
Systemd doesn't unmount all devices before calling reboot/halt and thus corrupts a clean RAID1
These aren't "oops, I can't play MP3" level bugs.
First of all, UEFI is more than Secure Boot. UEFI has been standard on PCs for the past few years, and on Macs ever since they switched to x86. Secure Boot is just a feature of some newer UEFI implementations.
Second, Secure Boot is a legitimate security feature that helps to protect against boot-time malware. There's nothing inherently evil about it. The controversy is over who should have the power to decide which OS is considered trustworthy and allowed to boot: the owner of the computer, or the vendor of the OS that came preinstalled on the computer?
Naturally, you don't want to buy a computer that doesn't let you choose which OS you trust. But if you have a computer that does give you that choice, why not take advantage of it? Seems to me that it's good to have hardware vendors see increased demand for machines that support securely booting the OS of your choice, as opposed to those where you just have to disable Secure Boot entirely if you want to run something other than Windows.
What next, systemd incorporates a mysql server?
How else would you properly store all your binary log files?