Multiple Linux Distributions Affected By Crippling Bug In Systemd

An anonymous reader writes: System administrator Andrew Ayer has discovered a potentially critical bug in systemd which can bring a vulnerable Linux server to its knees with one command. "After running this command, PID 1 is hung in the pause system call. You can no longer start and stop daemons. inetd-style services no longer accept connections. You cannot cleanly reboot the system." According to the bug report, Debian, Ubuntu, and CentOS are among the distros susceptible to various levels of resource exhaustion. The bug, which has existed for more than two years, does not require root access to exploit.

Doctor Doctor Give Me The News

I got a bad case of loving you!

I love systemd!

Re:Doctor Doctor Give Me The News

You should've seen by the look in my eyes, baby
There was somethin missin
You should've known by the tone of my voice, maybe
But you didn't listen
You played dead
But you never bled
Instead you lay still in the grass
All coiled up and hissin
And though I know all about those men
Still I don't remember
Cause it was us baby, way before then
And we're still together
And I meant, every word I said
When I said that I love you I meant
That I love you forever

And I'm gonna keep on lovin you

Re:Doctor Doctor Give Me The News

[FatdogHaiku]

I hope there are no flame wars. All my eggs are in one basket and I suddenly have the feeling that this (rather large) basket is flammable, even though I was assured it was in fact inflammable!
Time to break out the old ISO files... I hope they are on asbestos DVDs...

Re:Doctor Doctor Give Me The News

Damn, I had no idea how creepy that song was.

Re:Doctor Doctor Give Me The News

[Applehu+Akbar]

Try to explain to foreigners that cleave means to stick tight to or to split apart from, or that sanction is to permit or to forbid something, and they will run screaming.

Re:Doctor Doctor Give Me The News

[macs4all]

Try to explain to foreigners that cleave means to stick tight to or to split apart from, or that sanction is to permit or to forbid something, and they will run screaming.

I love/hate the " sanction " thing; but did not know of the "stick tight" definition for "cleave"..

Re:Doctor Doctor Give Me The News

inflammable = flammable.

As George Carlin said 40+ years ago, "why does flammable and inflammable mean the same thing? It either flams or it doesn't".

Re:Doctor Doctor Give Me The News

And let the flame wars begin.....

Going to make some popcorn and sit back and watch the thread grow. This will be as entertaining as the whole SCO vs Linux threads!

I await Pottering's execution or at least a severe beating from angry GNU/Linux users forced into SystemD by the various kowtowing distributions including the "enterprise-class" RedHat Linux. We knew no good could come from SystemD; it makes GNU/Linux as vulnerable as Microsoft Windows.

Re:Doctor Doctor Give Me The News

I hope there are no flame wars. All my eggs are in one basket and I suddenly have the feeling that this (rather large) basket is flammable

Funny, all my eggs are in one basket (Gentoo with OpenRC) and I'm not worred about flammability at all.

Re:Doctor Doctor Give Me The News

[wierd_w]

It's been in the English vocabulary for hundreds of years. You can find it used that way in the King James bible for instance, where it discusses marriage.

Genesis 2:24
Therefore shall a man leave his father and his mother, and shall cleave unto his wife: and they shall be one flesh.

It does not mean that he will turn her into fine sliced deli meat. It means he will cling to her tightly and never let go.

Re:Doctor Doctor Give Me The News

Don't worry, the "stick tight to" definition requires the modifier "unto", "To cleave unto her". Count on Slashdot for your systemd news and the DoD for slackware, but go somewhere else for English.

Re:Doctor Doctor Give Me The News

[fahrbot-bot]

... or that sanction is to permit or to forbid something ...

Or, assassinate.

Re:Doctor Doctor Give Me The News

[lgw]

inflammable = flammable. It's one of those unfortunate english words.

"In-" can mean both "not-" for latin root words, or "overly-" for other words like infamous or ingenious.

Here that's a coincidence, as the root verb is "inflame".

You simply don't know what an English word means until you know its etymology. Hey, at least you don't need to know its Kanji.

Re:Doctor Doctor Give Me The News

[wierd_w]

No, you can find it without that modifier in quite a few sultry harlequin romance novels.

Things like:

"He cleaved to her breasts with an insatiable hunger" and the like.

The phrase "Cleaved to" is ambiguous.

See above, but also see:

"while working in the butcher shop, Jimmy often cleaved to the sounds of classical music."

Does that mean he stuck with classical music nearly exclusively, or given then context, did he chop meat to the playing of classical music?

It was this ambiguity that the GP was discussing AC.

 

Re:Doctor Doctor Give Me The News

[RavenLrD20k]

I've got 3 separate servers that all run different OSes. 1 in-house with direct control running Gentoo with OpenRC. Then there's the two VPS's. One is running CentOs 6.7 with Upstart. Then there's the PoS VPS I have free on Microsoft Azure running Ubuntu something-or-other with SystemD. Nothing critical is on this server...it just serves as a lab environment and data passthrough. The only time I've ever run SystemD on a system I own with physical access was on my primary desktop...which is never permanently online to begin with.

There have been too many points with a systemd system that I don't trust. Nothing to date with the system has personally affected me to say it's as worthless as I think. I just never trusted it because it just felt too much like a Windows Registry clone in how it worked, which in itself screams that it cannot be trusted. This bug seems to prove my intuition correct.

Re: Doctor Doctor Give Me The News

Fuck it, let's talk about climate change instead.

Re:Doctor Doctor Give Me The News

[pjbgravely]

The sentence the "Boat is fast" can mean fast speed or tied to the dock.

Re:Doctor Doctor Give Me The News

Gentoo user here also. Gentoo is more like a basket construction kit with a weaving robot to help you out. That being said, my server basket in the clouds is *just right*. My home router/firewall basket is *just right*. My desktop basket is *just right*.

Since I already sort of went there I suppose I can sum up my Linux history like this. I tried RedHat (before Fedora), Ubuntu, etc and found that they were too hot. I tried Slackware and Linux from Scratch (had a makefile-based init for a while, just because I could) and found that they were too cold. Then I tried Gentoo, and it was *just right*.

I mean, heck, I don't know why somebody would want to, but Gentoo even supports systemd. OpenRC does everything I need it to do, though. I guess I really don't get this systemd distro drama. If you don't like it, don't use it.

Re:Doctor Doctor Give Me The News

[Z00L00K]

My pet peeve is the stating "nothing but".

Re:Doctor Doctor Give Me The News

[Z00L00K]

SystemD a black box that have a lot of features that's hard to understand unless you dig through the source code trying to trace down why it doesn't do what you want and why it doesn't tell you anything about what's wrong.

Re:Doctor Doctor Give Me The News

[fahrbot-bot]

My pet peeve is the stating "nothing but".

"All New" - in reference to a single TV show/episode. Grrrr ...

Re:Doctor Doctor Give Me The News

[sjames]

Worse, it may be a re-run being shown for the first time by that particular broadcaster.

Re:Doctor Doctor Give Me The News

[Zontar+The+Mindless]

"All New" - in reference to a single TV show/episode. Grrrr ...

Why? It's a perfectly acceptable way to express "entirely" or "every part of". cf. "It's all wrong."

Re:Doctor Doctor Give Me The News

[Zontar+The+Mindless]

...I suddenly have the feeling that this (rather large) basket is flammable, even though I was assured it was in fact inflammable!

I suspect you've just managed to Whooosh about half the folks reading this thread.

Well played, sir, well played.

Re: Doctor Doctor Give Me The News

[Time_Ngler]

I use Gentoo with systemd, actually. Since it's the defacto init process for all the other os's I use, I felt it was better to standardize.

Re: Doctor Doctor Give Me The News

[corychristison]

Yet another Gentoo user here.

Wellz not 100% accurate because I've since moved on to Funtoo. Only because Gentoo stopped making OpenVZ templates at one point, and Funtoo was "close enough" for what I needed at the time.

Since then, I've moved all of my machines to Funtoo with the exception of two cPanel VM's I have running for clients that required cPanel and weren't open to an alternative.

Honestly I can't see myself using anything else. OpenRC does everything I need. Honestly the fact it depended on udev was worrying, but then they forked it into eudev so its completely uncoupled from systemd.

Re:Doctor Doctor Give Me The News

[fahrbot-bot]

"All New" - in reference to a single TV show/episode. Grrrr ...

Why? It's a perfectly acceptable way to express "entirely" or "every part of". cf. "It's all wrong."

I've never seen a partially-new single episode. They can be new or not.

Re:Doctor Doctor Give Me The News

[Some+nick+or+other]

I've never seen a partially-new single episode. They can be new or not.

Isn't a clip show partially new? And all bad.

Re:Doctor Doctor Give Me The News

[mrvan]

My guess* is that they are from separate stems. In Dutch, kleven (clay-vun) is to stick together, and klieven (clee-vun) is to split apart.

No idea where the contradictory meaning in sanction comes from, in Dutch 'sanctioneren' (v) also has both meanings and people get confused.

*) And Internet confirms it :) http://www.etymonline.com/inde...

Re:Doctor Doctor Give Me The News

[mrvan]

Interesting. I learned the 'speed' meaning first as I guess that is the more common, but the Dutch (and Germanic) root is the "fixed" meaning (vast in Dutch). Apparently, fast=fixed -> firm -> vigorous -> fast=speedy

http://www.etymonline.com/inde...

Re:Doctor Doctor Give Me The News

Yeah, for consistency it should be enflammable.

Re:Doctor Doctor Give Me The News

my primary desktop...which is never permanently online to begin with.

So either you have a dial-up internet, or you're somehow turning off a switch or network card when you don't "need" internet. How does that work?

Wild guess. Wired connection for LAN with no outside connection. Wifi for a connection to the outside. Turn wifi on/off as desired. This can improve productivity, keeping one's focus, staying in the "zone", no concentration breaking "ding! You have mail" alterts when you don't want them for example.

Re:Doctor Doctor Give Me The News

[JustAnotherOldGuy]

I've always loved the multiple meanings in "the boat is fast". Just like the word "secure", it can mean wildly different things:

If you give the command "SECURE THE BUILDING", here is what the different services would do:

The NAVY would turn out the lights and lock the doors.

The ARMY would surround the building with defensive fortifications, tanks and concertina wire.

The MARINE CORPS would assault the building, using overlapping fields of fire from all appropriate points on the perimeter.

The AIR FORCE would take out a three-year lease with an option to buy the property.

Re:Doctor Doctor Give Me The News

[ChrisMaple]

Related to that, "all but".
"He all but lost the election." So he won or tied? No, he lost decisively.

Re:Doctor Doctor Give Me The News

"In-" can mean both "not-" for latin root words, or "overly-" for other words like infamous or ingenious.

What the hell are you talking about? The prefix "in" does not mean overly. The word inflammable never means not flammable.The word infamous means to have a bad reputation, not "overly famous". The word ingenious is a standalone word meaning cleverness and there is no such word as "genious".

Re: Doctor Doctor Give Me The News

Bad for viewers. Good for the producer's bottom line. "Bad" and "Good" are relative not absolute.

Re: Doctor Doctor Give Me The News

You forgot the sarcam tag...

Re:Doctor Doctor Give Me The News

[danomac]

Or "the boat hauls ass" could mean it's fast or a donkey is on board.

Re:Doctor Doctor Give Me The News

[arth1]

That's likely because the old man the boat.

Re: Doctor Doctor Give Me The News

I don't think lgw was being sarcastic. If so, he should remember that it's in print and doesn't carry intonation or body language with it.

Re:Doctor Doctor Give Me The News

[tehcyder]

Related to that, "all but". "He all but lost the election." So he won or tied? No, he lost decisively.

No, that would mean he won the election, but only just.

The way you would actually say that in real English would be "he very nearly lost the election" which makes it clear that he did not, in fact, lose.

Re:Doctor Doctor Give Me The News

[mr_mischief]

Except sitcom flashback episodes.

Re:Doctor Doctor Give Me The News

[networkBoy]

since to "make fast the ropes" is to tie them to the cleats, I would argue that in the case of nautical terms "the boat is fast" has only one meaning.

Re:Doctor Doctor Give Me The News

[RavenLrD20k]

Wow...ok. It's called I power off the system when I'm not expecting to use it within the next several hours, and I have the network card disabled when the system is off. Therefore, its connection to the internet only exists when It's powered on, hence its connection is not permanent. I really hope you didn't pull a muscle with that excessively long reach for something to troll on.

Re:Doctor Doctor Give Me The News

I feel you. I've had the same feeling for around 5 years of gentoo. It was *just right*, from servers to desktops to raspberry pies. At some point, I started wondering what it actually is that I like about the gentoo way.
Turns out gentoo tries hard to be as BSDish as possible (OpenRC, portage, building from source, good documentation, very little magic, etc).
This realization was what made me try out a real BSD. Another 5 years later and I wouldn't go back if I got paid for it.

Love, a Gentoo user gone Free- then NetBSD

Re: Doctor Doctor Give Me The News

Hahahahahahah.

Oh wait, you're serious? Let me laugh even harder...

Re:Doctor Doctor Give Me The News

clip show

Re:Doctor Doctor Give Me The News

[Coren22]

Wouldn't that be tied fast or made fast? I have never heard it said the way you have it.

Re:Doctor Doctor Give Me The News

[pjbgravely]

The correct sentece is: "Is the boat fast?"

It fits both meanings. " Full Definition of fast 1 a : firmly fixed b : tightly shut c : adhering firmly d : not easily freed : stuck e : stable
Link

I don't hate on systemd but this is really bad

[haruchai]

and been around for 2 years and doesn't require root access??
If this happened on Windows, I & many others would be scornful of it.

Re:I don't hate on systemd but this is really bad

[bcarson]

There are plenty of people who don't need anymore reasons to hate on systemd. This won't get a pass just because it's Linux.

Re:I don't hate on systemd but this is really bad

2 years before fixing (it was fixed 1 hour after somebody reported it in github) is actually a much shorter time than the average kernel bug.

Try reading Kees Cook's Kernel Summit notes from 2015 here:
https://outflux.net/slides/2015/ks/security.pdf

Critical kernel bugs averaged 3.3 years before fixing.

In any case, this isn't a serious bug by normal; It is trivial for a local user to DoS the system. It is sad that multi-user security is so bad in Linux, but almost no-one works on improving this. Except, ironically, the systemd-developers that are of the opinion that there should be resource limits on everything as default.

Re:I don't hate on systemd but this is really bad

[rossz]

How can you possibly overblow a bug that can bring down a system without root privileges?

Re:I don't hate on systemd but this is really bad

You know you are in deep dodo when people compare the bloody init to the kernel...

Re:I don't hate on systemd but this is really bad

I stopped it. I refused to install systemd on my system guessing it was a terrible state of affairs to be in.

Re:I don't hate on systemd but this is really bad

[epyT-R]

..and downplayed by its adherents.

Re: I don't hate on systemd but this is really bad

It does not bring down the system, some services are delayed for 30 seconds (which is the timeout before daemons supporting systemd goes on without systemd).

Re:I don't hate on systemd but this is really bad

[somenickname]

Exactly this. You could probably paste a working and viable init.c into a Slashdot post and not cause it to emit the "Click to read more" link.

On the other hand, you can do this:

foo [ ~/src ]$ git clone https://github.com/systemd/sys...
foo [ ~/src ]$ cd systemd
foo [ ~/src/systemd ]$ wc -l `find . -name "*.c"` | tail -1
    374209 total

That's a bit more code than a traditional Unix init system...

Re:I don't hate on systemd but this is really bad

[Lumpy]

Most of us ARE scornful of it and migrated away from distros that use it for our critical systems.

Re:I don't hate on systemd but this is really bad

[F.Ultra]

And the reason they cannot is because apparently this bug exists in debug code (it's a ASSERT that is triggered) so only distributions that compiled with -DDEBUG are affected. Also the affected distributions was patched three days ago.

Re:I don't hate on systemd but this is really bad

[F.Ultra]

Wait till you discover the BSD ports archive, boy will you be amazed at the number of lines of code they have in their repository!

Re:I don't hate on systemd but this is really bad

Now you are comparing an init to a distro...

Re:I don't hate on systemd but this is really bad

[FrankHaynes]

At least with Debian, can't you choose your init system at install time? Or is that no longer an option?

I choose the distribution to meet my needs. I wouldn't allow the init system to dictate which distro I use.

Re:I don't hate on systemd but this is really bad

[F.Ultra]

No, it's you who fails to see that what somenickname showed was not the number of lines of code in the systemd init but the number of lines of all the applications, deamons etc that is stored in the systemd source repository. Just like BSD stores all the code for their kernel and user space applications in a single repository.

It's just a guilt by git association.

Re:I don't hate on systemd but this is really bad

[somenickname]

No, it's you who fails to see that what somenickname showed was not the number of lines of code in the systemd init but the number of lines of all the applications, deamons etc that is stored in the systemd source repository.

And that should be a gigantic red flag to anyone. Why does the init system need all that stuff?

Just like BSD stores all the code for their kernel and user space applications in a single repository.

That single repository represents hundreds or thousands of different projects. The "git clone" I did represents one single project.

It's just a guilt by git association.

No, it's guilt by assimilation. Big difference.

Re:I don't hate on systemd but this is really bad

[F.Ultra]

There is a major difference between the systemd project (which is the one you counted the lines of code from) and the systemd init daemon that you talk about. The inid system does not need any of that stuff, the systemd project aims to present a unified set of administration tools, aka the low level plumbing, just like how the GNU project provided a unified set of the Unix command tools.

So yes it is guilt by git association because you look at tons of source files that have nothing to do with what is running as pid 1

Re:I don't hate on systemd but this is really bad

[Sarten-X]

I'm not too terribly familiar with init's requirements, but isn't a "working and viable init.c" basically something like execl("/sbin/getty", "tty0");? It runs, it provides a login shell to the user... what more do you want?

Oh, you want preconfigured settings? Real Linux Users set that stuff by hand when they log in, but fine. We'll add that to the init daemon.

Multiple terminals, too? Fine, a bit of magic with getty, and you're good.

Oh, you want it to start vital services like networking? You could do that with ifconfig, but whatever... Sure, let's give it some network support.

Wait, and now you want to be able to configure all that without compiling? This is getting absurd, but if you insist, we can make a hundred little hundred-line shell scripts, and just run them.

...in different ways? You're really going to ask to run your shiny new server with completely different sets of services at different times, and you're just so spoiled that you can just reconfigure it as needed? Why the hell did we make the damned thing so configurable anyway, if you're not going to use it? Fine... Since you're asking so nicely, we'll throw in a bunch of folders... just link the scripts you want, and names the links so everything's in the right order.

Another request? What do you want from me now? You can't even keep a network operating reliably, and you want your init daemon to do the work for you? Alright, but this is the last straw. Now your configuration scripts can run in parallel, have dependencies, and they will run other scripts to see if they can run your services yet.

...

One of these steps apparently crosses a line, though, and causes enough discomfort that folks derail discussions.

Re: I don't hate on systemd but this is really bad

It does not bring down the system

Speak for yourself. When I run the following on centos 7 (3.10.0-327.36.1), my SSH session is closed and the box stops responding to any network traffic

while true; do NOTIFY_SOCKET=/run/systemd/notify systemd-notify ""; done

Had to go to the IPKVM to reboot it.

Re: I don't hate on systemd but this is really bad

Which sounds very strange, a started ssh should not be terminated nor should it stop responding to any network traffic.

Re:I don't hate on systemd but this is really bad

[Daemonik]

Please. If nobody reviewed the code then it's going to linger around until someone exploits it. Just like very friggen other piece of software ever written.

Re:I don't hate on systemd but this is really bad

[somenickname]

I see where you are coming from and, yes, it's disingenuous for me to imply that all that code is running in PID 1. It's certainly not. But, my point is that systemd is gigantic because it has started to absorb other fundamental parts of the userland. And so those parts are now heavily reliant on PID 1 or a very near descendant. Instead of layers of software being built on more fundamental layers of software, you now have a nasty web of dependencies that will, in time, become unmaintainable.

We grey beards didn't do it how we did it for fun. We did it because once one layer of the system worked, we stopped caring about it and moved to the next layer. Systemd is compressing all the layers into a single, nasty web of interdependent processes that represent a single layer. The complexity of it *will* overwhelm the stability of it. It's just a matter of when.

Re:I don't hate on systemd but this is really bad

[rudy_wayne]

and been around for 2 years and doesn't require root access??
If this happened on Windows, I & many others would be scornful of it.

Apparently you haven't noticed all the posts here that have been hating on systemd since it was first introduced.

Re:I don't hate on systemd but this is really bad

[F.Ultra]

What is absorption to some is unification to others. No one is forcing you to use these tools and most of them are and will be disabled by the popular distributions anyway, the main focus of them as I understand it is the container/vm/cloud people and that crowd apparently sees that as a big win (I have no clue regarding that area what so ever since I don't use containers or virtual instances).

I take it that you have not looked at the actual code, afaik there is no nasty web of dependencies. Where there are dependencies they are on a documented DBUS service and not on a specific pid 1 and afaik there are no inter-project dependency either. Yes it's a bit different from how we did things back in the day but then it is no longer back in the day, for good and worse the computing environment have changed and so the systems have to adapt or die. Solaris and Apple went this route years ago and the BSDs are following, it's just here on Slashdot that this is a RedHat/Poettering conspiracy.

Re:I don't hate on systemd but this is really bad

[myowntrueself]

At least with Debian, can't you choose your init system at install time? Or is that no longer an option?

I choose the distribution to meet my needs. I wouldn't allow the init system to dictate which distro I use.

Its moderately hard to choose the init at install time and requires some changes to the installers boot command.

Its easy enough to strip out systemd after an install and trivially easy to upgrade from Wheezy to Jessie without systemd.

Re:I don't hate on systemd but this is really bad

That is because Lennart Poettering is on a mission to recreate windows kernel space (including all of the things that should have resulted in lessons learned from failure) in linux userland. init, check, logging, check, su check, virtual machine control check, ... literally the antithesis of small simple chain-able utilities that do one thing and do it well (aka unix).

It is amazing that that twat is working his ass off to recreate ms land on linux while MS is working their asses off to be more like linux.

Re:I don't hate on systemd but this is really bad

That is because that huge pile o shit in linux userspace, while supremely over complex and poorly designed, hides about 2/5ths of its complexity in linux specific code. the BSD ports are being created as minimal as possible and are still huge because they have to replicate linux syscalls (or at least shim them) all over the place.

Re:I don't hate on systemd but this is really bad

[dbIII]

How? If it's something designed by an egomanic who just wants to get shit done without listening to the annoying voices of people pointing out problems. If the egomanic grew up on MS Windows and is trying to rebuild a *nix system in that image it makes it even more likely.

Lennart back off and get things right before adding more in your efforts to take over fucking everything in linux - you've got plenty of time so what's the rush?

Re:I don't hate on systemd but this is really bad

lol, take a look at his su replacement/duplication. He created it because "su was too complex", yet su is complex (but well documented) because it has had 3 years of hardening against untold eyeballs. I am sure there is not huge surface area in using dbus to transport su or anything.

Re:I don't hate on systemd but this is really bad

[dbIII]

Why does the init system need all that stuff?

Because it's not an init system anymore, it's Lennart trying to put his name on everything between the application the user runs and the kernel.

Re:I don't hate on systemd but this is really bad

[lgw]

That's a bit more code than a traditional Unix init system...

That's a bit more code than an old-school Unix system.

EMACS and systemd are both credible complete operating systems, but EMACS is lighter weight, includes a web browser, and can emit textual log files. It's a clear victory for EMACS.

Re:I don't hate on systemd but this is really bad

[AchilleTalon]

I wasn't able to reproduce on any of my systems. So, it is not as simple as stated in the summary. Maybe true on 2 years old systemd installations which haven't been upgraded since then. Hence the inflammatory statement about the bug being there for 2 years. Misleading summary AND blog article.

Re:I don't hate on systemd but this is really bad

[ChunderDownunder]

Running debian myself, there is/was a package to enable switching between init systems.

Problem is, the distro has moved ahead full steam with systemd, whereby running an alternative init is unsupported by way of extensive testing.

I used an alt-init for a while but for any moderately complex DE that requires the systemd-shim for session management (whatever that is!), weird stuff started to happen with dialog boxes telling me my permission levels were wrong or flakey stuff happening regarding acpi suspend/shutdown/hibernate.

And so, resistance is futile - prepare to be assimilated.

Re: I don't hate on systemd but this is really bad

Yeah, but SystemD can edit text!

Re:I don't hate on systemd but this is really bad

I take it that you have not looked at the actual code, afaik there is no nasty web of dependencies. Where there are dependencies they are on a documented DBUS service and not on a specific pid 1 and afaik there are no inter-project dependency either.

Yeah, so a fork that tries to split the "applications" in systemd must be quite easy to produce. Or is it?

Re:I don't hate on systemd but this is really bad

No, the defect existed whether the assert was there. The assertion implied an assumption, which was broken as has been demonstrated.

Re:I don't hate on systemd but this is really bad

[skids]

I still have yet to run across any materials that actually explain what benefits dbus supposedly offers over proper POSIX IPC. Not that I've gone looking very hard.

Re:I don't hate on systemd but this is really bad

[ShakaUVM]

>EMACS and systemd are both credible complete operating systems, but EMACS is lighter weight, includes a web browser, and can emit textual log files. It's a clear victory for EMACS.

EMACS is a great OS, that just lacks a good text editor.

Re:I don't hate on systemd but this is really bad

[Cyberax]

Can you also post code that reliably mounts filesystems, stops and starts services, handles changing system configuration on the fly and uses cgroups to restrict resource usage?

After all, all this should fit in one post, right?

Re:I don't hate on systemd but this is really bad

ShakaUVM is a great poster, he just needs fresher jokes.

Re:I don't hate on systemd but this is really bad

[fahrbot-bot]

EMACS and systemd are both credible complete operating systems, but EMACS is lighter weight, includes a web browser, and can emit textual log files. It's a clear victory for EMACS.

Emacs can also play Towers of Hanoi. Can Systemd do that? I think NOT. (I know, I know. Don't give them ideas.)

Re:I don't hate on systemd but this is really bad

[konohitowa]

You forgot to sign your comment with "MCSE".

Re:I don't hate on systemd but this is really bad

[hcs_$reboot]

If this happened on Windows, I & many others would be scornful of it.

There are many similar bugs in Windows, and even probably more due to the fact that Windows is a black box, unlike Linux. More holes in the wall, but the light has been switched off...

Re:I don't hate on systemd but this is really bad

That was a great comment that just lacked a good joke.

Re:I don't hate on systemd but this is really bad

[sjames]

It's worse. Accordint to TFA, it's because there is an assert on an unsanitized input value. No good could ever come from that.

Re:I don't hate on systemd but this is really bad

The BSD rc system does what you say nicely and cleanly, and without a spaghetti monster like systemd.

Re:I don't hate on systemd but this is really bad

[freeze128]

EMACS can't start my system.

Re:I don't hate on systemd but this is really bad

[Hognoxious]

The inid system does not need any of that stuff, the systemd project aims to present a unified set of administration tools

And that's the problem, right there.

Re:I don't hate on systemd but this is really bad

[Required+Snark]

Wish I could mod you up. This is the first coherent non-flamebait post I have seen that succinctly describes what systemd is all about and makes a simple rational argument about why it is a problem.

You also show why "grey beards" are useful. "Been there, done that" can be mighty useful.

Re:I don't hate on systemd but this is really bad

Can you also post code that reliably [...] handles changing system configuration on the fly and uses cgroups to restrict resource usage?

Whether you want it or not. Because Lennart thinks that your wants are broken. But there is an option for it anyway, stuck below an unwritten manpage in an unused lavatory in the basement with a sign on it "Beware of the Lennart". So don't complain.

Re:I don't hate on systemd but this is really bad

> At least with Debian, can't you choose your init system at install time?

Correct. Debian here (stable whth a healthy dose of testing, a few self-compiled things). Running without systemd (heck, even without dbus). Works a charm.

Re:I don't hate on systemd but this is really bad

[marcansoft]

#define _XOPEN_SOURCE 700
#include <signal.h>
#include <unistd.h>
int main() {
        sigset_t set; int status; if (getpid() != 1) return 1;
        sigfillset(&set); sigprocmask(SIG_BLOCK, &set, 0);
        if (fork()) for (;;) wait(&status);
        sigprocmask(SIG_UNBLOCK, &set, 0); setsid(); setpgid(0, 0);
        return execve("/etc/rc", (char *[]){ "rc", 0 }, (char *[]){ 0 });
}

Re:I don't hate on systemd but this is really bad

[F.Ultra]

The hard part for that project was not the "to split the applications" but that systemd uses lots of Linux only systemcalls and functionality that is not available on other systems like BSD for which uselessd was a target. They also tried to move away from D-BUS to another IPC entirely so they tried to do a hell of a lot more than just "split the applications".

Re:I don't hate on systemd but this is really bad

[F.Ultra]

How is that a problem? Is it better to have a non unified set of administration tools between distributions?

Re:I don't hate on systemd but this is really bad

Under debian the alternative inits are largely unmaintained, systemd-shim has been orphaned.

Debian and the other redhat derivatives are largely toxic to alternate inits and totally against the ability to remove systemd non-init functionality, which is odd as it as so as an alternate init, not what its turned into.

Luckily the rebuilding of the build infrastructure lost to systemd distros has be largely rebuilt by the supporters of alternatives so you should see a number of new distros without systemd and wiith easy migration paths from presystemd installations.

Re:I don't hate on systemd but this is really bad

[thegarbz]

That's a bit more code than a traditional Unix init system...

That's amazing. Now I wonder if it also does a bit more than the traditional Unix init system. Can someone answer that please?

Re:I don't hate on systemd but this is really bad

[Barsteward]

Titled: How to Throw a Tantrum in One Blog Post https://medium.com/@davidtstra...

Re:I don't hate on systemd but this is really bad

[thegarbz]

And so those parts are now heavily reliant on PID 1 or a very near descendant.

What a dumb comment. The entire system is heavily reliant on PID1. If you crash that it doesn't matter if your PID1 is a one liner with everything else being individual programs or if it's a giant API sucking everything in.

PID1's process in Systemd is only a very small tiny part of systemd and much of the rest only calls this process to do a few very specific tasks. I've seen a design like this before in, oh I don't know, every init system under the sun I think it was.

Re:I don't hate on systemd but this is really bad

[thegarbz]

Actually I call that a solution.

Re:I don't hate on systemd but this is really bad

[Barsteward]

"Why does the init system need all that stuff?"

What is "all that stuff"?

Re:I don't hate on systemd but this is really bad

[Barsteward]

what problem? whats wrong with a unified set of administration tools?

Re:I don't hate on systemd but this is really bad

[Barsteward]

Can you define "most of us"? I take it you've spoken to them all

Re:I don't hate on systemd but this is really bad

You know... now that you mention it, Towers of Hanoi can probably be expressed as a dependency problem.

Re:I don't hate on systemd but this is really bad

[Hognoxious]

It's better to be able to choose whichever tools you like. I'd take good over unified any day.

Re:I don't hate on systemd but this is really bad

How can you possibly overblow a bug that can bring down a system without root privileges?

You could say something scary like "The bug, which has existed for more than two years, does not require root access to exploit" while leaving out such important details as the kernel having to be compiled as DEBUG for it to work, and still needing local user access. With that in mind it's something that needs to be fixed, but is ultimately quite harmless.

Re:I don't hate on systemd but this is really bad

D-bus overview
Due to the large number of processes involved —adding up processes providing the services and clients accessing them— establishing one-to-one IPC communications between all of them becomes an inefficient and quite unreliable approach. Instead, D-Bus provides a software-bus abstraction that gathers all the communications between a group of processes over a single shared virtual channel. Processes connected to a bus don't know how it is internally implemented, but D-Bus specification guarantees that all processes connected to the bus can communicate with each other through it.

Linux desktop environments take advantage of the D-Bus facilities by instancing not one bus but many:
* a single system bus, available to all users and processes of the system, that provides access to system services (i.e. services provided by the operating system and also by any system daemons)
* a session bus for each user login session, that provides desktop services to user applications in the same desktop session, and allows the integration of the desktop session as a whole

A process can connect to any number of buses, provided that it has been granted access to them.

D-Bus provides additional or simplifies existing functionality to the applications, including information-sharing, modularity and privilege separation. For example, information on an incoming voice-call received through Bluetooth or Skype can be propagated and interpreted by any currently-running music player, which can react by muting the volume or by pausing playback until the call is finished.

D-Bus can also be used as a framework to integrate different components of a user application. For instance, an office suite can communicate through the session bus to share data between a word processor and a spreadsheet.

Re:I don't hate on systemd but this is really bad

[Hognoxious]

What is absorption to some is unification to others.

And to others it's lock-in.

I'd rather be able to change the car stereo without replacing the engine.

Re:I don't hate on systemd but this is really bad

[Cederic]

Not if you restrict the answer set to "things a traditional Unix init system should do".

Re:I don't hate on systemd but this is really bad

Unification/Absorption...

Either way just makes the result more complicated and unmaintainable, and insecure.

Re:I don't hate on systemd but this is really bad

[drinkypoo]

I'm not too terribly familiar with init's requirements, but isn't a "working and viable init.c" basically something like execl("/sbin/getty", "tty0");? It runs, it provides a login shell to the user... what more do you want?

init starts and stops processes to attain different run levels. That's it. Period, the end. One small tool, which does one thing correctly.

Multiple terminals, too? Fine, a bit of magic with getty, and you're good.

There is nothing whatsoever magical about getty. It is extremely straightforward. It is one small tool, which does one thing correctly.

Oh, you want it to start vital services like networking? You could do that with ifconfig, but whatever... Sure, let's give it some network support.

There is no reason to use anything more (or less!) than a script for configuring networking. Scripting is a central feature of Unix.

Wait, and now you want to be able to configure all that without compiling? This is getting absurd, but if you insist, we can make a hundred little hundred-line shell scripts, and just run them.

My Debian system has 57 init scripts. If that kind of complexity scares you, perhaps computers are not for you.

You're really going to ask to run your shiny new server with completely different sets of services at different times, and you're just so spoiled that you can just reconfigure it as needed? Why the hell did we make the damned thing so configurable anyway, if you're not going to use it? Fine... Since you're asking so nicely, we'll throw in a bunch of folders... just link the scripts you want, and names the links so everything's in the right order.

Yep. Using central Unix features like linking is the right way to do this. It utilizes the database-like aspects of the hierarchical filesystem, a central Unix feature that today you apparently take for granted.

Another request? What do you want from me now? You can't even keep a network operating reliably, and you want your init daemon to do the work for you?

In fact, I can keep a network operating reliably... and much easier without systemd making it more vulnerable because it is developed by morons. I would like to say amateurs, but these are professional incompetents.

One of these steps apparently crosses a line, though, and causes enough discomfort that folks derail discussions.

Everything systemd does crosses a line, because it does everything wrong.

Re:I don't hate on systemd but this is really bad

[drinkypoo]

EMACS can't start my system.

false

How to internet: search before posting. HTH, HAND

Re:I don't hate on systemd but this is really bad

That last one was NOT requested.

The network was already operating reliabley.

and the basic init system did all the others as of about 1985.

Re:I don't hate on systemd but this is really bad

[drinkypoo]

What a dumb comment. The entire system is heavily reliant on PID1. If you crash that it doesn't matter if your PID1 is a one liner with everything else being individual programs or if it's a giant API sucking everything in.

Sigh. Of course it matters, immensely. In a perfect world you would be right, because there would be no bugs or vulns in code. In the real world, where we have these things, we want PID 1 to be as small as possible and we want it to be dependent on as little as possible. Systemd breaks both of these rules when you compare it to init. Every other process on a Unix system can die and init is fine. Process creation is also cheap on Unix, so using lots of processes is the correct approach.

Re:I don't hate on systemd but this is really bad

Question is, will this "ease" remain in future versions...

Re:I don't hate on systemd but this is really bad

So you can bring down your home computer, as well as the 0 servers you have physical access to.

Re:I don't hate on systemd but this is really bad

[Carewolf]

How can you possibly overblow a bug that can bring down a system without root privileges?

By forgetting to mention it only affects developer version of systemd and not release versions. In other words it should just be an issue for systemd developers testing special developer-builds of systemd.

So that is how you overblow it...

Re:I don't hate on systemd but this is really bad

Just add "init=/usr/bin/emacs" to your kernel command line, or "ln /usr/bin/emacs /sbin/init"

Re:I don't hate on systemd but this is really bad

[YoungManKlaus]

> that do one thing and do it well (aka unix).

http://catb.org/esr/writings/u...

Also it's not like it's one blob (like eg. ... you know ... the actual fucking kernel)

Re:I don't hate on systemd but this is really bad

[YoungManKlaus]

That answer depends on philosophy.

Re:I don't hate on systemd but this is really bad

[Eravnrekaree]

This isnt true. systemd isnt one big program that does it all, it consists of multiple modular programs that provide functionality. The main difference is they use a bus to communicate, this allows you to write a daemon that will start a program after some other event occurs.

Re:I don't hate on systemd but this is really bad

[jeremyp]

False

Re:I don't hate on systemd but this is really bad

[myowntrueself]

Question is, will this "ease" remain in future versions...

I think thats the number one worry with every distribution.

Re:I don't hate on systemd but this is really bad

[F.Ultra]

And you would not be able to choose exactly why? Since when have more choice meant less choice, that does not even compute.

Re:I don't hate on systemd but this is really bad

[F.Ultra]

How is more available tools similar to lock-in? You might not like systemd and it's tools, and that is ok and you are free to use whatever else that you like but that does not mean that you have to throw fud like this around. Could we be a little bit more civilized than the emacs vs vi idiots?

Re:I don't hate on systemd but this is really bad

[skids]

This doesn't tell me anything I didn't know, and has one unsubstantiated claim that normal IPC is "inefficient and quite unreliable".

Pointers to a case study where someone who actually knows how to use POSIX IPC runs the numbers would be appreciated.

Re:I don't hate on systemd but this is really bad

From a 2014 ZDNet article:

Theodore "Ted" Ts'o, a leading Linux kernel developer and a Google engineer, sees systemd as potentially being more of a problem. "The bottom line is that they are trying to solve some real problems that matter in some use cases. And, [that] sometimes that will break assumptions made in other parts of the system.”

Waving Slackware_14.2 ISO at the congregation, REPENT brethren! The ways of the bsd init are known and documented, do not fall for the new just for its "newness".

Re:I don't hate on systemd but this is really bad

Windows shill. Go suck another faggot's asshole, faggot.

Re:I don't hate on systemd but this is really bad

How did Lennart get so much power and influence?

Re:I don't hate on systemd but this is really bad

[krelvin]

Most of my linux servers don't have users on them so no big deal. I'll just make note not to do what the causes the bug which I don't normally do anyway until it is patched.

Compared to the Solaris telnet bug years ago which gave anyone using it without an account remotely instant root access. That was a big deal.

This is just a bug that needs to be patched like how many other bugs that come out on a regular basis that you can pretty much only do if you are already on the box..

Re:I don't hate on systemd but this is really bad

[HiThere]

There are lots of valid reasons to hate systemd. Unfortunately there are also lots of good reasons to hate sysV init.

On the balance I preferred sysV init, and this kind of bug is what I expect to show up repeatedly in systemd. Large complex programs tend to have more bugs and potential for abuse, and I've perceived no particular value from systemd, whereas for a long time it made some of my sysems unbootable (I could get at them by re-writing the boot tracks on the hard disk, so there wasn't any good reason for them to be unbootable.) There's also the problem that newer systems that want to use UUIDs rather than relative paths break whenever a new install is done...but that's not exactly systemd dependent, and is done as an attempt to resolve boot order among devices. It works for THAT purpose, but if I don't rewrite things to use relative paths before I do a new install, things break. Complex systems tend to break in unexpected circumstances, and the more complex something is the less you are able to test all reasonable paths of execution.

So I don't like systemd. It's a bad decision. It also slows boot time in a most remarkable way for a system that's supposed to speed up boot time. This isn't usually important, but it's annoying, and every time they tell me it speed up boot times it reminds me that they are lying to me.

Unfortunately, many programs are adopting mechanisms that won't work outside the context of systemd. One such is KDE. This is so annoying that I repeatedly consider switching to some BSD, but I like the ext4 file system, and switching would be a lot of work. So I haven't thoroughly investigated it yet. YET. But it was a really bad decision, and the main reason it was bad is that it's a lot more complex. Ordinary bugs can be fixed when found. Complexity is more difficult.

Re:I don't hate on systemd but this is really bad

[HiThere]

It's not the editor that's bad, it's the way it handles files. But some people like it.

P.S.: I used a number of text editors on a number of different systems before I encountered EMACS. EMACS file handling is the only one that really annoyed me. (I'm not a real fan of multi-key commands where the keys need to be pressed simultaneously either, but by comparison that's minor.)

Re:I don't hate on systemd but this is really bad

And of course, my favorite emacs command C-x M-c M-butterfly

Re:I don't hate on systemd but this is really bad

Correct me if I'm wrong, but a SLEW of Linux Dist maintainers, FANATICALLY jumped on the Systemd bandwagon, while a good many of its user base, NOT developers mind you, questioned the action.

So where was that code review by oh... several 100 if not a thousand dist. maintainers who gladly handed the keys over to Poettering? That's right. They're silent in this snafu. Let me know when some dist. leadership chimes in that maybe, just maybe, we shouldn't have adapted Systemd as fast as they did, and DID that code review you are so strongly parroting was the lapse here.

Re:I don't hate on systemd but this is really bad

They're using assert() to ensure that an incoming message is not zero length? That is, to put it politely, bullshit.

assert() isn't there to verify that a value falls into particular bounds. It's there to test, during debug, for situations that cannot happen. It's there so that you can check that the logic is working as expected, and, if it isn't, trip an error fault early so you can find and fix it in code.

If there is other code elsewhere that should ensure that a string has at least one character, then yes, putting in an assert to catch situations where the string is empty is a reasonable thing to do - because if you catch the erroneous state early, you can backtrace to find out what's going wrong.

If you're using assert() to test for conditions that are possible (and remember: when you're dealing with information that comes from outside the code, anything is possible), you're doing it wrong.

Re:I don't hate on systemd but this is really bad

[somenickname]

I didn't get around to responding to the GP post but, this is almost word for word what I would have said. Cheers!

Re:I don't hate on systemd but this is really bad

[Sarten-X]

init starts and stops processes to attain different run levels. That's it. Period, the end. One small tool, which does one thing correctly.

I'm a bit more familiar with the program than my sarcastic post let on. Originally, init's job was to be the first process, period. It'd launch a shell, which quickly became "launch a login prompt" and then changed to "launch a bunch of services" and finally "launch everything the user wants to run for this runlevel". In short, to answer the original request, running getty is just about all you need.

There is nothing whatsoever magical about getty. It is extremely straightforward. It is one small tool, which does one thing correctly.

Relax; it's literary exaggeration. Once upon a time, as I recall, getty would manage its own tty connections. Now it takes a parameter so you can tell it to connect to a given device. If you want init to support multiple ttys right from the start, you'll want that feature.

There is no reason to use anything more (or less!) than a script for configuring networking. Scripting is a central feature of Unix.

Anything you can do in a script can be done manually. Isn't that the whole point of having non-compiled scripts in the first place?

My Debian system has 57 init scripts. If that kind of complexity scares you, perhaps computers are not for you.

Mine has 96, averaging 120 lines per script. I never said it scares me. I'm merely making fun of the aversion to Systemd's complexity, by highlighting the fact that you already have such complexity, but it's pushed out and duplicated (usually poorly) in your init scripts.

Yep. Using central Unix features like linking is the right way to do this. It utilizes the database-like aspects of the hierarchical filesystem, a central Unix feature that today you apparently take for granted.

...Requiring arcane naming schemes for numbering is the "right way"? Co-opting a folder to be a database is the "right way"? Treating your unsorted filesystem as a sorted list is the "right way"? My intent was to only make light of runlevels' inelegant implementation (and touch on their near-obsolescence, as well), but you've done more than that...

In fact, I can keep a network operating reliably... and much easier without systemd making it more vulnerable because it is developed by morons. I would like to say amateurs, but these are professional incompetents.

Flames aside, I doubt very much that you can keep every network everywhere running reliably. That's partly the point of systemd: to put more adaptability into the service configuration, and let the daemon, rather than the user, determine the correct order for the system services to start.

As a concrete example, I've worked on an embedded system that had to determine its own place in a self-arranging network, set its IP address appropriately, then start system services to manage that network, including determining its own place. The project had a circular dependency that was vital to functionality. The original init scripts to handle that were a mess of conditions, delays, and retries, until the whole thing was scrapped for a single custom-written startup daemon that would undermine and override the whole sysvinit anyway. Systemd could very well have handled the thing, because it has more support for handling service dependencies than just "this one starts before that one".

Everything systemd does crosses a line, because it does everything wrong.

I'm going to need a bit more proof than your authoritative claim, though. Besides being different, what's so wrong with it?

Re:I don't hate on systemd but this is really bad

[somenickname]

I take it that you have not looked at the actual code, afaik there is no nasty web of dependencies.

Really? Then why does the systemd project continue to consume higher level projects? Generally software projects don't decide, "Let's just consume all of our downstream users" unless they intend to fundamentally break the dependencies that the downstream users rely on. What systemd is doing is almost literally the definition of a clusterfuck.

Where there are dependencies they are on a documented DBUS service and not on a specific pid 1 and afaik there are no inter-project dependency either

Of course there are no inter-project dependencies: Systemd absorbed them all.

Re:I don't hate on systemd but this is really bad

[somenickname]

My Debian system has 57 init scripts. If that kind of complexity scares you, perhaps computers are not for you.

Mine has 96, averaging 120 lines per script. I never said it scares me. I'm merely making fun of the aversion to Systemd's complexity, by highlighting the fact that you already have such complexity, but it's pushed out and duplicated (usually poorly) in your init scripts.

My grandparent post to this thread says that systemd has 374,000 lines of code in its git repo. You've described 11,500 lines of code, split into many different projects that is mostly boilerplate stuff. And, that's what systemd could actually do: Get rid of the boilerplate crap. As long as you did it in a sensible way, no one would argue with that. But, systemd reached Peak Sensibility like 7 or 8 years ago and has just devolved into... whatever it now is.

Yep. Using central Unix features like linking is the right way to do this. It utilizes the database-like aspects of the hierarchical filesystem, a central Unix feature that today you apparently take for granted.

...Requiring arcane naming schemes for numbering is the "right way"? Co-opting a folder to be a database is the "right way"? Treating your unsorted filesystem as a sorted list is the "right way"? My intent was to only make light of runlevels' inelegant implementation (and touch on their near-obsolescence, as well), but you've done more than that...

Hold on. Yes, that *is* the right way for most problems. You know who wrote my go-to database? Theodore Ts'o. You know who wrote my filesystem? Theodore Ts'o. You know who wrote my security software? The Linux Kernel Team.

Your problem is probably not a special snowflake problem. It has been solved before. Many, many times. And, on a modern computer, the incredible level of shit that you gain buy using the filesystem as your... well... everything, is amazing. Embrace the filesystem. It's your friend. Really.

I'm going to need a bit more proof than your authoritative claim, though. Besides being different, what's so wrong with it?

Please see my previous posts in this article.

Re:I don't hate on systemd but this is really bad

[phantomfive]

PID1's process in Systemd is only a very small tiny part of systemd

It may be a small percentage of the total systemd code, but I wouldn't call it small.

Re:I don't hate on systemd but this is really bad

No you can't. That's why some users forked Debian and created Devuan (https://devuan.org/).

Re:I don't hate on systemd but this is really bad

... due to the fact that Windows is a black box, unlike Linux^w^w like systemd. FTFY

Re:I don't hate on systemd but this is really bad

[jez9999]

If this happened on Windows, I & many others would be scornful of it.

Microsoft would just call it a feature and make it force-reboot your machine too. And MS fanbois would start liking it.

Re:I don't hate on systemd but this is really bad

[jez9999]

systemd centralizes logging as opposed to the absurd mess of logfiles spewed all over the filesystem that we had before (and where processes could easily spoof log messages from other processes). For that reason alone I see it as a positive.

Re:I don't hate on systemd but this is really bad

[drinkypoo]

...Requiring arcane naming schemes for numbering is the "right way"?

Arcane? It's called in alpha order. It's not arcane.

Now, arguably, it would have been nicer to use multiple directories instead of the letter prefix, but that would actually have increased complexity and it wasn't necessary. They chose the road of simplicity.

...Requiring arcane naming schemes for numbering is the "right way"?

There is nothing arcane about it. It is fully documented on the system itself. And yes. It is simple and it works and it doesn't necessitate yet another configuration file so yes, it is absolutely the right way. But it is still not arcane. Stop saying that, it's wrong.

Co-opting a folder to be a database is the "right way"?

Holy fucking shit. You actually said that? A filesystem is a database. Get that through your head right now, or you will never make any sense.

Treating your unsorted filesystem as a sorted list is the "right way"?

That is actually the dumbest thing I've seen on Slashdot today.

SELECT * FROM TABLE ORDER BY NAME ASC;

What's the difference between that and doing a readdir and sorting the results alphabetically? Answer, in one case the logic lives in a server and in the other case, the one we're talking about, the logic lives in a combination of the C library and your application and does exactly the same sort of thing. And they both work. Furthermore, the userland tools sort output by default, so it doesn't matter if the filesystem is in inode order or filename order.

My intent was to only make light of runlevels' inelegant implementation (and touch on their near-obsolescence, as well), but you've done more than that...

Yes, I've explained why they are simple and they work and they make use of basic UNIX facilities.

Flames aside, I doubt very much that you can keep every network everywhere running reliably. That's partly the point of systemd: to put more adaptability into the service configuration, and let the daemon, rather than the user, determine the correct order for the system services to start.

That does not belong in a daemon married to init. That belongs in an init-agnostic daemon.

As a concrete example, I've worked on an embedded system that had to determine its own place in a self-arranging network,

It's own "place"? That doesn't mean anything when you haven't explained what kind of place that might be. Speak English. Do you mean its physical location?

set its IP address appropriately, then start system services to manage that network,

Oh noes! Not starting services!

The project had a circular dependency that was vital to functionality.

Without knowing even what aspect this dependency occurred in, I cannot comment intelligently (and you have thus said nothing of value.)

The original init scripts to handle that were a mess of conditions, delays, and retries, until the whole thing was scrapped for a single custom-written startup daemon that would undermine and override the whole sysvinit anyway.

So you're shitty at writing init scripts. Or you tried to do something with init scripts that would have better been done supplementing your initrd. Or some other problem, you haven't given enough information to be useful.

Systemd could very well have handled the thing, because it has more support for handling service dependencies than just "this one starts before that one".

It's trivial for init scripts to check whether other services are running. In fact, you do it through init. You make initscript with $1="status" return a non-zero result if the process is n

Re:I don't hate on systemd but this is really bad

[drinkypoo]

I can't give you what you want but I can point out that DBus does more than POSIX IPC. It seems more like CORBA-lite than a mere IPC scheme. For when you don't want to run an ORB, but you still need more than one-to-one IPC and want it done for you.

Re:I don't hate on systemd but this is really bad

I know people have quite a long list of systemd issues. But you said it very well. IMHO this is what I truly detest about systemd. It breaks the *nix architecture. Lennart seem to be a resourceful programmer but I am amazed of how he simply keeps ignoring such a crucial detail. In his defense I chose to believe he is paid by Microsoft to sabotage the entire *nix platform and he *almost* succeeded. Don't we all love BSD/Gentoo nowadays?

Re:I don't hate on systemd but this is really bad

How did Lennart get so much power and influence?

" *That*, Detective, is the right question. Program terminated." - Dr. Alfred Lanning

Re:I don't hate on systemd but this is really bad

[michael_wojcik]

init also reaps zombies, since processes whose parent has terminated are reparented to it. And init also has to know whether any of its own children (and not just reparented processes) have exited, so that it can decide whether to respawn them.

Thus init traditionally needed some form of a wait loop or SIGC[H]LD handler, though with a SysV-style implementation it could have just ignored SIGCLD, and with SVR4 it could use SA_NOCLDWAIT to achieve the same thing. SA_NOCLDWAIT was eventually picked up as part of XSI, and XSI was then included in the Single UNIX Specification as an optional but often-provided extension, so these days it's pretty widely available.

init doesn't just start processes for the runlevel and then do nothing. The traditional implementation falls right into a straightforward wait loop. Take a look at section 7.9 in Bach, The Design of the UNIX Operating System.

Re:I don't hate on systemd but this is really bad

[F.Ultra]

Actually no, this is how the code looked:

static void manager_invoke_notify_message(Manager *m, Unit *u, pid_t pid, char *buf, size_t n) {
_cleanup_strv_free_ char **tags = NULL;

assert(m);
assert(u);
assert(buf);
assert(n > 0);

tags = strv_split(buf, "\n\r");
if (!tags) {
log_oom();
return;
}

As you can clearly see the assert(n > 0); would throw SIGABORT and thus kill the process. Remove the assert and strv_split() which obviously works on zero terminated strings (since it does not take a size parameter) will return NULL and the function returns. Since a zero byte string will be a single \0 character this is the reason why some people could not reproduce the problem since their asserts where never there.

Re:I don't hate on systemd but this is really bad

[F.Ultra]

Of course not, they assert to make sure that the function is not called with a zero length. Which as you say is a situation that cannot and should not happen. Somehow they never tested it with a zero length string, that indeed is a major fuckup.

Re:I don't hate on systemd but this is really bad

[F.Ultra]

consume exactly what? They provide alternatives to some of the system tools, how that can be seen as such a big problem is beyond me.

Re:I don't hate on systemd but this is really bad

[HiThere]

But those logs are binary files, which isn't good. (The rest of your point seems valid.)

Re:I don't hate on systemd but this is really bad

[myowntrueself]

No you can't. That's why some users forked Debian and created Devuan (https://devuan.org/).

You can't what?

http://without-systemd.org/wik...

https://debiantalk.wordpress.c...

Re:I don't hate on systemd but this is really bad

[Etcetera]

Can you define "most of us"? I take it you've spoken to them all

Most of us would want to... In reality, there's just a much larger than normal uptake of RHEL customers and CentOS/SL users that haven't upgraded to EL7 even though this is right around the time in a release (historically) when those that were able to would be going pretty full-swing into a release migration.

The problem? About 80% systemd and concerns over it. About 20% is NM, firewalld, and other stuff that's mostly not needed on server class hardware but that people's automation and config management has to take into account.

Re:I don't hate on systemd but this is really bad

[Cramer]

*cough*RED HAT*cough*

If they hadn't adopted it, no one else would have. If you don't join with the borg, then you will forever be maintaining a growing mountain of patches to remove the systemD cancer from an ever growing collection of programs.

Re:I don't hate on systemd but this is really bad

[Cramer]

I've seen a design like this before in, oh I don't know, every init system under the sun I think it was.

Incorrect. SysV init (and even more so, BSD) are basically a one-shot "run a bunch of things" (which amounts to a shell script that runs other shell scripts). Once booted, init does next to nothing. 99.999999% of it's life is spent monitoring the exit of a bunch getty's. It's not eating all logs (journalD). It's not managing networking. It's not passing messages around. In fact, it's listening for exactly ONE message: change runlevel, which only root can send.

Things like upstart and systemD are problems looking for problems. I ran linux as my desktop for years, LONG before Pottering learned to spell systemD. It worked just fucking fine. And I didn't have to constantly login as root to start and stop things. If I wanted a local webserver on the machine, it was set to start at boot. I didn't need systemD to sit there listening on port 80 waiting to start apache. (a function -- starting network services on demand, for the record, that was quite adequately served by inetd) In fact, I ran entire labs of linux desktops where the users could not login as root.

Re:I don't hate on systemd but this is really bad

[dbIII]

RedHat wanted someone cheap instead of someone with a few years of *nix on the clock.

Re:I don't hate on systemd but this is really bad

Distros switched to systemd out of convenience, mostly. And the fanatical agenda put forth by Poettering and trying to convince people to use his software (see: GNOME). They wanted a way to build a GNU/Linux system without having to mess about with the "boring system things". The average user doesn't know shit about GNU/Linux for real, so their complaints were largely ignored because they lacked the skill (or perhaps the time) to devote to libre software and were rendered irrelevant by their keepers (distro maintainers).

Since distro maintainers wanted to be lazy, and systemd allowed them to be lazy, something like this was inevitable. This will worsen. The more these people try to mount a campaign against "fragmentation" and try to turn GNU/Linux into a single system, the more things like this will happen. X part of the system is now handled upstream. $DISTRO is now at the mercy of upstream for X. Repeat until distros don't really exist, and Red Hat is credited with creating that system due to hiring people who work on these lofty goals.

It sounds crazy, but many things sound crazy before they happen. Red Hat wants to be the Microsoft of libre software.

Re:I don't hate on systemd but this is really bad

Modular, huh? Has journald been ran without PID1 being systemd? How about hostnamed? systemctl?

The "modular" claim is specious at best, because they all assume systemd PID1 is around, or the journal is around, or dbus is around, etc. It's hard to call it modular when you can't blend a non-systemd init with systemd "modular" tools.

Re:I don't hate on systemd but this is really bad

In a way, systemd got me more involved in libre software by driving me away from one distro (Arch) to another (Gentoo), where I found a great community and eventually became a developer who not only values choice and user discretion, but *helps make it happen*.

So systemd is pretty shitty, but it led me to Gentoo which I really enjoy.

Re:I don't hate on systemd but this is really bad

[Gr8Apes]

so, you're going to give a pass to the rest of the monstrosity just because you need a logging service? Didn't we have one of those previously? Syslog ring a bell? Lack of use is no different than lack of using systemd's logging facility. I still have log files in locations I wish them to be, on purpose, because I don't need my logs managed by another obtrusive system(d), especially when my code runs on more than just systemd systems.

Re:I don't hate on systemd but this is really bad

[Gr8Apes]

I think the fact that you have to run "special" commands that likely change with every install will lead people to other distros sooner than later. That, and the fact that systemd is infecting more and more packages, almost like a virus.

Re:I don't hate on systemd but this is really bad

It's probably no surprise that quite a bit of the criticism is coming from people who never wrote an init system themselves. After all, who does?

As it happens, I worked on such a system - military, embedded. We explicitly expected multiple restarts, which had to be fast, and deal with suddenly missing hardware, or worse misbehaving. To give a rough idea: boot with half the RAM missing - you might not be able to run properly, but at least you could inform the neighbor nodes that you were running in crippled mode. And we already discovered 2 decades ago that the only way to boot quickly is not to be waiting for devices that fail in funny ways. Devices and services start as soon as their dependencies are up. And the core network layer simply didn't depend on all memory being there.

So to me it comes as no surprise that systemd is doing the same; there are more good ideas that made it from the military world into the commercial world. The biggest surprise is how long it took.

Re:I don't hate on systemd but this is really bad

[Hognoxious]

When you can give me a reason why a desktop manager should have an interdependency with a window manager, and your answer takes into account how examples of each have worked fine for years without getting into bed then you can accuse me of throwing FUD.

P.S: It's = it is.
P**2.S: You aren't king of the fucking interwebs, n00b.

Re:I don't hate on systemd but this is really bad

[F.Ultra]

Desktop manager and Window manager? Are you somehow referring to Gnomes dependency of logind, that they (i.e Gnome) did because there was no other or better solution for that they wanted than logind?

Re:I don't hate on systemd but this is really bad

[Hognoxious]

You know exactly what I mean: window manager and init system Which is exactly why you're fudging and dodging. Pathetic.

Re:I don't hate on systemd but this is really bad

[Lumpy]

The numbers of us professionals NOT using the RHEL and CentOs versions that are tainted with it.

You do realize that the people that matter are the pros and businesses using Linux. not the kids playing with it in their mom's basements?

Re:I don't hate on systemd but this is really bad

[F.Ultra]

ok so if you are not talking about Gnome and logind then please enlighten me because I have no clue what you are referring to.

Re:I don't hate on systemd but this is really bad

[jwhitener]

Curious, why not this instead of having to also use tail:
find . -name "*.c" | wc -l

Re:I don't hate on systemd but this is really bad

The part about "inefficient and quite unreliable" Is a reference to the programmer congnition required to maintain a web of 1-1 IPC channels; it is not a reference to processor cycles or faulty IPC implementations. 1-1 IPC are a very low level way for processes to communicate. Manually maintaining a web of 1-1 IPC channels is a common problem in the GUI desktop world so some people decided that it would be good to abstract this use case and implement it in the form of D-Bus.

Well it appears that the systemd team also finds it useful to make use of the abstracted IPC system that is D-Bus. It's also obvious that all the programmers can use Unix sockets to do IPC. This approach is sensible for trivial server-client applications but this approach becomes "inefficient and unreliable" in the use cases specified in desktop GUI systems.

Re:I don't hate on systemd but this is really bad

there is "The Increasing Irrelevance of IPC Performance for Microkernel-Based Operating Systems": http://www.cs.cmu.edu/afs/cs/project/mach/public/www/doc/abstracts/IPCperf.html - Brian N. Bershad, Proceedings of the 1992 USENIX Workshops on Microkernels

But it shows the opposite (sorry :) )

Found via https://www.gnu.org/software/hurd/ipc.html

First of many

[somenickname]

Putting this level of complexity at such a low level of the system is going to cause show stopping bugs. And, with every new release, more complexity is added.

Re:First of many

I love how you completely ignored the monolithic Linux kernel that is at least an order of magnitude more complex than systemd and even lower level. Please grace us all with more of your systems design wisdom.

Re:First of many

Its not the 60's anymore. init needs to go away.

Re:First of many

Now with the link.

https://m.youtube.com/watch?v=49sPYHh473U

Re:First of many

[somenickname]

The kernel is a necessary evil that supports thousands (millions?) of different devices, dozens of architectures, dozens of file systems, etc, etc. It's also the quintessential open source project with a meritocracy based hierarchy that dictates how things get added to the kernel. Systemd is Lennart and his henchmen carving out a fiefdom. Big difference.

Re:First of many

[somenickname]

[citation needed]

Re:First of many

[rubycodez]

the first release of Unix was in the 70s

Re:First of many

https://linux.slashdot.org/comments.pl?sid=9724437&cid=52996167

It's all explained at 53 minutes in.

Re:First of many

Mod parent up.

Re:First of many

False equivalence? Slippery slope? OMG if this is what passes for logic to these devs...

Re:First of many

I fail to understand what the upside is. Reading their arguments against widely recognized best practices baffles me.

Re:First of many

I love logical fallacies.

Re:First of many

What's Systemd's bus number I wonder?

Re:First of many

[narcc]

It's only "necessary" thanks to the brain-damaged decision to go with a monolithic kernel.

Flame on!

Re:First of many

[ChunderDownunder]

It's what's happening above the kernel that troubles people. To paraphrase Greenspun,

Any sufficiently complicated Lennart init system contains an ad hoc, informally-specified, bug-ridden, slow implementation of half of GNU Hurd.

Re:First of many

It's also the quintessential open source project with a meritocracy based hierarchy that dictates how things get added to the kernel.

Linus isn't going to live forever you know. That power vacuum will be worse than Iraq's.

Re: First of many

Wow. I'll give you that is one creative attempt to rationalize your fundamental error in logic, but sadly it's a totally specious argument. Unfortunately for you, you made another fundamental omission. Monolithic kernels are not the only kernel architecture. Microkernels are a thing. So no, the complexity of the Linux kernel is absolutely not a "necessary evil".

Re:First of many

[DeVilla]

Andy? Is that you? I thought Linus won that flame war.

Re:First of many

Which is only necessary, because time and again, conventional architectures have proven to be terrible for implementing microkernels. Security is hopeless on an x86, but at least monolithic kernels are performant.

A microkernel implemented on hardware with something like the Mill security model would be a beautiful thing. When crossing a protection boundary is roughly the cost of a function call, and the system uses a single address space model, microkernels become trivial and highly attractive. Still an immense amount of work, but the effort would reap genuine gains in security across the board.

Re:First of many

[Z00L00K]

Now you got me worried, that may be a huge problem for public transportation.

Re:First of many

[Z00L00K]

Considering the overhead that Microsoft has added these days in their later OSes for their "telemetry" I don't see any problems to create a more secure architecture kernel even on x86. Of course it wouldn't be as fast as a kernel not having to work with protection boundaries.

Re:First of many

[Z00L00K]

The difference compared to systemd is that 'init' is small and have little overhead.

Systemd is trying to fix stuff that isn't broken.

Re: First of many

Fortunately there are a few grey beards that actually understand things. Thanks to Volkerding, Slackware has been a rock of stability for almost 25 years.

Re:First of many

It's what's happening above the kernel that troubles people. To paraphrase Greenspun,

Any sufficiently complicated Lennart init system contains an ad hoc, informally-specified, bug-ridden, slow implementation of half of GNU Hurd.

Never heard this before. It's suprisingly accurate deffinition of systemd and Lennart Poettering.

Re:First of many

[ChunderDownunder]

Originally about lisp, Greenspun's tenth rule of programming.

Re:First of many

[thegarbz]

Putting this level of complexity

What level of complexity? The process running at PID1 is not very complex at all. I guess you must be another one of those "it says systemd so everything must be running at the very lowest level" people.

Re:First of many

[Barsteward]

"Systemd is Lennart and his henchmen carving out a fiefdom. Big difference." sounds like school yard bitchiness, seems to me Linus has quite a fiefdom too as do most project leaders do.

Re:First of many

[Cederic]

The Linux kernel has had 2 1/2 decades of continuous oversight, guidance, QA, design and discussion.

That it works at all is testament to the doggedness of the team that develops and maintains it. That it's the most used operating system on the planet is testament to their engineering excellence.

Systemd hasn't yet proven either of these.

Re:First of many

slight correction:
Systemd is trying to fix stuff that wasn't broken before.

Re:First of many

Except init is broken.

Re:First of many

[LWATCDR]

"The kernel is a necessary evil that supports thousands (millions?) of different devices, dozens of architectures, dozens of file systems"
No it is no longer a necessary evil. A microkernel would solve that issue by moving much of that to userspace drivers.

Re:First of many

[sjames]

There was nothing brain damaged about it. I'm guessing you forgot it was running on a 100MHz (That's MEGA hertz) 80386 at the time and microkernels were running dog slow.

You're also forgetting that unlike init, the kernel is the one part of the system that can drag down the performance of everything on the machine if it isn't fast and efficient.

Re:First of many

[narcc]

Performance issues where not a legitimate criticism of micro kernels in 1991. It was just as out-of-date then as it is now.

Re:First of many

[sjames]

Sorry, no. It was a significant issue then and remained so for years after, at least on PCs.

Re:First of many

[narcc]

Only in your imagination. Even Torvalds agreed that performance wasn't a significant issue with micro kernels at the time.

You'll find very little actual data to support the mistaken claims that monolithic kernels perform better overall. I chalk this odd belief up to folklore. You believe this silliness for the same reason your grandmother might believe that you can remove a wart by cutting a potato in half, rubbing it on the blemish, and burying it under a full moon.

Re:First of many

[sjames]

Let's see what Linus said in 1999:

- Microkernels are as fast or faster.

Bzzt! Dishonest. Usually the argument goes that in theory, you can spend a lot of time speeding up a microkernel to the point where the speed difference is megligible, and then the other so-called "advantages" of microkernels will make up for the rest.

The even more dishonest answer is that you can optimize your microkernel so that it is faster than some other (productized) monolithic kernel.

Dishonest: it assumes that nothing can be done on the monolithic kernel. That's like saying "if I ate steroids for 15 years, I would be stronger than my neigbour who doesn't eat steroids, so I must be stronger".

In fact, all of the arguments about microkernels in the '90s, even L4, were that if we work hard enough, they can be almost as fast as a monokernel. Those context switches are a real killer and a monokernel needs a lot less of them.

Of course, the funny thing is, the more you argue that the kernel is doing it wrong, the more you are arguing that systemd is doing it wrong.

On modern hardware, context switching is much less costly than it was on a '386. It may be time to revisit microkernels now. Systemd would still be wrong.

Re:First of many

[drinkypoo]

No it is no longer a necessary evil. A microkernel would solve that issue by moving much of that to userspace drivers.

A microkernel would add latency to some operations which currently don't have much because of our monolithic computing systems. It would be a price worth paying in many contexts, but not all. I would very much like a microkernel-based system for my servers, but as long as I am wanting for more interactive power I'll continue to want a monolithic kernel on my desktop.

WONTFIX

This is not a bug, it's a feature. This is the systemd way and you've all being doing it wrong!

Regards,

The Systemd Developers

Re:WONTFIX

[DECula]

OK, I don't care who you are, that's funny right there.
Mod++

Systemd was SUCH A GREAT IDEA

Oh look, exactly what everybody was afraid of happened.

Fuck lennart and his sjw politics.

Re:Systemd was SUCH A GREAT IDEA

[FrankHaynes]

So this is less a technical struggle than a political one?

Re:Systemd was SUCH A GREAT IDEA

[a_n_d_e_r_s]

No its a technical struggle.

The UNIX philosofy is to make many smaller programs that does one thing and does it well. From a bug point of view that been godsend; smaller programs are easier to debug and test.

Large complex programs will always be a problem. Like webb browsers and systemd. The more complex a program becomes and the more it does the more complex is it to write secure code for all situations.

Re: Systemd was SUCH A GREAT IDEA

SJWs accept an antirational worldview. Expecting one to plan correctly for the future and produce reasonable design and code is as stupid as thinking a witch doctor could design a microprocessor.

Re:Systemd was SUCH A GREAT IDEA

Both the design choices in systemd and the style of politics he espouses suggests a mind that is capable but unwilling to accept criticism.

Re:Systemd was SUCH A GREAT IDEA

[dbIII]

Yes.
Since office politics at RedHat decided this was the way to go and because they are putting in a lot of resources then that's the way it's going.
Also the way Lennart lobbied the gnome people to made things depend on systemd was very political. If you want the current gnome you need systemd or an extremely complicated workaround to make it multi-platform again.

Re: Systemd was SUCH A GREAT IDEA

s/SJWs/Trump supporters/

You think that's any more stupid than what you wrote?

Re:Systemd was SUCH A GREAT IDEA

[Dunbal]

There are no non political struggles when humans are concerned. You should have learned this in kindergarten.

Re:Systemd was SUCH A GREAT IDEA

[cardpuncher]

Large complex programs will always be a problem

Like a monolithic kernel?

Re: Systemd was SUCH A GREAT IDEA

[Cederic]

Voodoo programming can produce working software. Why not working hardware too?

Re:Systemd was SUCH A GREAT IDEA

[Eravnrekaree]

Systemd is not a large, monolithic, program. It is multiple smaller program that share the same interface and can communicate with each other. the original init had its own bugs, too. Systemd is more modular and flexible than init, since it uses a modular approach and allows more flexibility with schedularing start up of programs.

Re:Systemd was SUCH A GREAT IDEA

[Megol]

I take it you never used Unix type systems lately? Because that philosophy isn't actually used at all - everything from kernel to drivers to commands (etc.) do much more than one thing.

If that philosophy would actually be used we'd have a microkernel system.

Re: Systemd was SUCH A GREAT IDEA

But is it webscale bro?

Your whole post sounds like a PR post. Buzzword heavy.

Re:Systemd was SUCH A GREAT IDEA

Yes, like a monolithic kernel. Which is why we've had however many thousands of versions to get it to where it is now.

With a few hundred releases I would have hoped systemd reaches 2.2.x levels of stability, but it seems not to be the case.

Diversity

[K.+S.+Kyosuke]

Fortunately, we have so many different Linux distributions that this is not a problem! (...right?)

Re:Diversity

[Kazymyr]

My gentoo boxes shrugged for a half milisecond, then continued chugging along.

Re:Diversity

People do indeed have choices. First things first: well-designed application environments should be built to operate on more than one distribution/platform/buzzword from the outset, and development/deployment/devopspeeps/integration/moarbuzzwords teams should ideally be continuously verifying that their stuff can be run on an alternative foundation either full-time or on very short notice if needed.

Then there's the fact that nothing is stopping folks from putting together purpose-built distros of their own to get their bits chucked from point A to point B. I'm actually about to publish such a distro myself, and it doesn't include systemd. Heck, it doesn't even use glibc. People can put most of the work in themselves, or actively contribute to the development and direction of their existing distro(s) of choice, or anything in between. That said, those who elect to simply consume what others have produced, without taking any real personal/organizational stake in its evolution, don't really have a lot of room to complain when stuff blows up on them. One way or another, folks are going to largely get whatever they give. Freedom is a good thing, but as they say "there's always a price to freedom." -PCP

Re:Diversity

Huh, weird. Mine just say "NOTIFY_SOCKET=/run/systemd/notify: Command not found." and move on without wasting half a millisecond.

Maybe I'm doing it wrong?

Re:Diversity

[Mike+Frett]

Sure do! I went out to buy a new PC a few Months back and the guy asked me which Distro I wanted...

I wish.

Re:Diversity

My gentoo boxes shrugged for a half milisecond, then continued chugging along.

That's quite a lot of CPU time, perhaps they were thinking more deeply about it than you assumed.

Re:Diversity

Your shell is broken. Protip: Gentoo tries hard to be BSD, so why don't you just go for a real BSD?

Re:Diversity

[Kazymyr]

Given that I run a philosophical cron job with focus on ancient Greek stoicism, you're probably right.

Re:Diversity

Check the Gentoo package for, alterations. The Gento Dev's probably added some extra safety nets. As they are often watchful.

12 years and going strong!

Re:Diversity

My gentoo boxes shrugged for a half milisecond, then continued compiling.

FTFY

Re:Diversity

[h4ck7h3p14n37]

I'm betting you're running csh or a derivative. Prepend "set" to your command and it will work.

Comment removed

[account_deleted]

Comment removed based on user account deletion

Ha-Ha

[ThatsNotPudding]

Hot-buttered Karma; so delicious.

Re:Ha-Ha

pass the grits

Re:Ha-Ha

Just transitioned back to Slackware...

Re: Ha-Ha

Ayup, I'm sure Slack gained quite a few supporters lately.

This is what we were talking about.

[Gravis+Zero]

All the people that were telling you that this init system called Systemd was overly complex, unaudited and insecure had warned you that this was coming. All the "Troll -1" modding on people that posted such warning here did not prevent the inevitable.

Not convinced? Here's a graph of the number of issues opened/closed since systemd moved to github last year.

Re:This is what we were talking about.

Here's a graph of the number of issues opened/closed since systemd moved to github last year.

Good god. The gap is widening.

Re:This is what we were talking about.

Harry Potter, the Coder (akin to the Joker), has stuck. The guy thinks like MS and should be coding for them, not Linux. Time for others to create a viable, solid alternative for bootstrapping Linux.

One must admit the old way did work, but had some 30+ year old cobwebs in it - and we knew where they were and how they worked. With systemd its all a magic black box we are forced to "trust" because the big distros adopted it, hence all their downlines and derivatives.

Re:This is what we were talking about.

Exactly. I no nothing of the code authors, but these are the kinds of mistakes I expect from people who haven't spent a lot of time in production. Or like being hero so much as to create the circumstances in which hero are needed.

Re:This is what we were talking about.

[nnull]

I don't even need to worry about this bug, systemd already hangs my system when rebooting because it can't properly unmount or mount my network drives.

Re:This is what we were talking about.

Experiences differ. When I just used "startx" on a system in bad shape in order to be able to type F2 gparted RET, both X and gparted were brought down by systemd before I could do anything causing a hang. Hooray.

I had to use X & manually, get back to the text console and start DISPLAY=:0 gparted (without window manager etc) to get the job done.

Of course you are not using systemd as intended when trying to salvage a broken system. But SysV Init does not actively sabotage your attempts to fix matters.

Re:This is what we were talking about.

[hcs_$reboot]

I just migrated my upstart scripts to systemd.., please do not discredit it now!

Re: This is what we were talking about.

Banana for scale?

Re: This is what we were talking about.

Well, Slackware has been rock solid for the past 25 years so maybe should become slacker and take it easy.

Re:This is what we were talking about.

[thegarbz]

It was coming? People have been trying desperately to discredit systemd for years. YEARS. It has take this long for a truly showstopping bug in an open source project to arise with the many eyes that were actively looking for some evidence to not use systemd. 2 frigging years. This isn't OpenSSL where no one gave a shit, this is systemd.

The team deserve a frigging medal.

Re:This is what we were talking about.

[Barsteward]

You can say that for any software that has a bug and ALL software has bugs. Seems like you need to read this "How to Throw a Tantrum in One Blog Post" https://medium.com/@davidtstra...

Re:This is what we were talking about.

[Barsteward]

Whats your bug report number?

Re:This is what we were talking about.

It has take this long for a truly showstopping bug in an open source project to arise with the many eyes that were actively looking for some evidence to not use systemd. 2 frigging years.

Or perhaps you are just blind.

Re:This is what we were talking about.

You can say that for any software that has a bug and ALL software has bugs.

Yes, and it must be trivial to find lots of mission-critical FOSS projects with the number of open issues growing in the same manner. /s
BIND and sendmail maybe? But at least they do not try to become a dependency of every other software.

Seems like you need to read this "How to Throw a Tantrum in One Blog Post" https://medium.com/@davidtstra...

Oh, another thoughtful post from a systemd developer.

/me checks my Gentoo config

[overshoot]

Nope. Never bothered with systemd. Can't really claim foresight, just never felt like rebuilding all that plumbing.

Re:/me checks my Gentoo config

[drinkypoo]

Nope. Never bothered with systemd. Can't really claim foresight, just never felt like rebuilding all that plumbing.

Rebuilding is right. Gentoo is fun but hoo boy it's broken AF. SO very many of the USE flags produce an unusable system.

Re:/me checks my Gentoo config

[overshoot]

/etc/portage/package.use is your friend.

"Activation of org.freedesktop.systemd1 timed out"

[adnonsense]

Not sure if it's directly related to this, but since my desktop OS (openSUSE) has adopted systemd I've had a number of amusing incidents like this:

Failed to start reboot.target: Activation of org.freedesktop.systemd1 timed out
Failed to open /dev/initctl: No such device or address
Failed to talk to init daemon.

requiring a powercycle. Doesn't endear systemd to me in the least.

Bet Devuan/Slackware are not affected

Everyone who mocks these distributions for not toeing the Debhat line can all enjoy my "told you so".

Re:Bet Devuan/Slackware are not affected

[jmccue]

Well, as a Slackware user I say "I informed you thusly".

All joking aside, bugs happen, it was fixed quickly and I assume patches went out. All it seemed to do was crash a system, as bugs go I can think of worse (shellshock).

Re:Bet Devuan/Slackware are not affected

Devuan would have more luck if its name didn't sound half black, half Puerto Rican, and 100% homosexual.

Re:Bet Devuan/Slackware are not affected

[lucm]

Devuan would have more luck if its name didn't sound half black, half Puerto Rican, and 100% homosexual.

If there was such a thing as a gay Afro-Puertorican Linux distribution, I'd give it a try. White heterosexual engineers have given use things like CDE/Motif and the metal look and feel in java, I'm completely open to look elsewhere for my user experience.

Re: Bet Devuan/Slackware are not affected

Yes fortunately I still have my slack.

RTFA, please.

I strongly urge people to RTFA for a detailed description of some of the technical problems with systemd.

It feels surreal that the most senior people in the Linux community, after decades of attempting to put out a credibly secure client and server platform, suddenly almost all decided to switch to this product.

Re:RTFA, please.

[F.Ultra]

That is far from a detailed description and more of a list of uninformed rants. Much better to read the informed reply to TFA here: https://medium.com/@davidtstra...

What does feel surreal is that people now all of a sudden pretend that SysV init where without exploits while going completely berserk when systemd have a non remote exploitable denial of service bug that cannot be used to take over the machine that also where patched three days ago...

Re:RTFA, please.

Stopped reading when the author had to justify calling the original article a tantrum by redefining tantrum. Not exactly helping systemd's image when fulfilling the opposition's claims of childish attitudes in response to criticism.

Re:RTFA, please.

[grcumb]

That is far from a detailed description and more of a list of uninformed rants. Much better to read the informed reply to TFA here: https://medium.com/@davidtstra...

More clueless autonomic defensiveness without any reflection on what the impact of the bug actually is. I especially enjoyed this old chestnut as the author attempts to fisk the original bug report:

These accusations are true for every major production kernel (Windows, Linux, and BSD) and every alternative to systemd (in the sense that they’re almost all written in C and run many of their operations as root).

"SystemD, let me just stop you there. I know the Linux kernel. I've worked with the Linux kernel. You're no Linux kernel."

The incredible hubris of asserting parity with the core of the entire OS, the ignorance that underlies the statement that init was written in C and runs as root, so it's every bit as vulnerable... How the fuck do you even make code run? Do you even teh logic?

The SystemD team is the Microsoft of a new generation. Doubling down on their mistakes; shouting louder when they don't get their way; using every available ratiocination and intellectual contortion to excuse themselves; resorting to any means to make their strategy win, instead of stopping to ask themselves for once, 'Are we following a winning strategy here?'

Thank g*d I quit writing software last year. Dealing with Microsoft's mind-crushing blindness was enough for one lifetime. Now I can just grump about it and walk away.

Re:RTFA, please.

[F.Ultra]

How else should he call it when the original article throws all kinds of shit at systemd and claims that it should be abolished for a very small bug? If that where so then your beloved SysV init would have been killed decades ago.

Re:RTFA, please.

a very small bug

Aside from that Mrs. Lincoln, how did you like the play?

Re:RTFA, please.

[F.Ultra]

So what is buffer overflow exploits in SysV init then? Full on thermal nuclear warfare?

Re:RTFA, please.

[TroII]

sysv init is mature. The kinks were generally ironed out decades ago. It works. And it sure hasn't had any resource exhaustion or denial of service bugs lately.

systemd is attempting to reinvent the wheel, while simultaneously reinventing the concept of what a circle is. In the process, it's reinventing a lot of bugs. What possible incentive would I have to switch from an old, rock solid, trusted init system to an agile, unproven, buggy one?

Re:RTFA, please.

[F.Ultra]

It's not only mature, it's also unmaintained. There is no white hackers looking at the code so there might be crawling with bugs that we do not know of. And with SysV there is also the problem with the init scripts themselves, recently there where a vulnerability with the MySQL wrapper script. The incentive to switch would be among other things, much simpler unit files, far better logging, no difference between distributions, possibility to automatically restart crashed deamons, cgroup control for the daemons and so on.

Re:RTFA, please.

rofl. sysv bins were the most inspected source after kernel in the security field.

You do not get to "simpler" by producing 20x the LOC of the package you are replacing.

Re:RTFA, please.

[dbIII]

It's another straw on a very overloaded camel's back - so this "small bug" just gets added to the list.
I've still got pretty well everything on linux still on RHEL6/CentOS6 because the vendors of an application used in the place don't trust systemd yet. The few workstations I have on something newer are as unstable as MS Windows machines used to be - one wouldn't even boot when systemd hung on a wireless mouse dongle - so much for parallel init! It should have failed then moved on instead of blocking every single time it hits that USB device, and the rumoured parallel init should have enabled it to be doing other stuff instead of completely blocking. That's just one, every few weeks there's some different fuckup of the sort we used to laugh at MS Windows.

Re:RTFA, please.

I think they just don't know. Maybe they are just that ignorant and cannot handle the rough and tumble world of FOSS development, where people are gonna report bugs. So damn the 90s design and full steam ahead!

Re:RTFA, please.

And sysvinit must have been full of this kind of bugs. But wait, only two in 20 years? That's nothing compared to systemd's list of security flaws :(

Re:RTFA, please.

The incentive to switch would be among other things, much simpler unit files, far better logging, no difference between distributions, possibility to automatically restart crashed deamons, cgroup control for the daemons and so on.

Exactly why we choose runit, perp and s6. Much less (only slightly larger than sysvinit) and cleaner code; stable, lean and flexible interface (hi, what's this week's systemd API update?) that supports all what you have said, with documentation that can be read and understand in half an hour.

Re:RTFA, please.

[SysV Init is] not only mature, it's also unmaintained. There is no white hackers looking at the code so there might be crawling with bugs that we do not know of.

Uhm, no? SysV Init is a scheme to patch together scripts. The individual scripts may have bugs, and SysV Init may have design flaws but the tangible code of "SysV Init itself" is rather small. There is not a lot of space for bugs to crawl there.

Now of course the systemd argument is that systemd does not leave a lot of space for bugs to crawl in the actual service descriptions which replace the individual service scripts. However, writing shell scripts tends to be a better understood art for those writing the code providing services than writing systemd descriptions, even though the latter descriptions may be nominally shorter.

Re:RTFA, please.

Unmaintained now doesn't mean it was never maintained. As for crawling with bugs: How many bugs can you cram into that little amount of code?

And the mysql wrapper script isn't init. It's just takes a certain parameter set to start and stop the service. And regarding mysql: systemd managed to botch that, too. Do you remember the let's KILL instead of HUP to get guaranteed shutdown times which lead to data loss?

There are also a lot of deamon monitoring jobs which do the automatically restart stuff much better than systemd and can work with any deamon startup service. Far better logging is also debatable. The logging isn't really better and the tools to view the log files might have some neat features, but nothing that isn't already available in far better tools you already use when doing remote logging.

KISS and use a combination (or chain) of tools which are specialized for the job.

PS: And please stop breaking server only features for the sake of the desktop.

Re:RTFA, please.

So what is buffer overflow exploits in SysV init then? Full on thermal nuclear warfare?

Buffer overflow exploits? SysV init is mostly a maze of shell scripts. Of course the shell is a large thing vulnerable to buffer overflow exploits and stuff, but the scripts of SysV init are running without user input, and the actual process on PID 1 has quite a small (C language) executable.

Re:RTFA, please.

The SystemD team is the Microsoft of a new generation. Doubling down on their mistakes; shouting louder when they don't get their way; using every available ratiocination and intellectual contortion to excuse themselves; resorting to any means to make their strategy win, instead of stopping to ask themselves for once, 'Are we following a winning strategy here?'

forgive me please for interjecting a US politics slant in one of the non US politics stories of the day, but Trump seems to slot into your example much better than today's Microsoft.

Just sayin.

posting a/c because crazies.

Re:RTFA, please.

[Barsteward]

So you stopped because you didn't fancy being educated then

Re:RTFA, please.

[Barsteward]

He has more clue than you, you just have a bias and won't be swayed from it by more intelligent discourse

Re:RTFA, please.

[rl117]

"Unchanging" does not mean "unmaintained".

The core C code of sysvinit was feature-complete, reviewed, debugged and tested years and years ago. Its original design goals were satisfied, and the project is "done". Software does not need continual churn to mark it as "maintained". The same applies to startpar/insserv and other ancillary bits. If you found a bug in sysvinit, I'd review and test it, and push a commit for it. I no longer maintain the Debian packaging, but I still have upstream commit rights should I need them.

Compare this with systemd. It doesn't have the same clearly-defined scope; it's not possible to say when it will be complete as a result. Software can be complete and finished.

Re:RTFA, please.

... which is in turn because the purported "educator" is ineligible.

Re:RTFA, please.

Thank you for your work. It was because of people like you, who understand that good software isn't about glamour and change for change's sake, that I enjoy(ed) using Debian.

Re:RTFA, please.

a very small bug?

https://in.waw.pl/systemd-gith...

You're being disingenuous claiming it's "a very small bug". It's only one of many and the above is not even including all the bugs the systemd partisans like to pretend are not their fault.

A hint: if it's been working for decades and it stops working when systemd is installed then it's systemd's fault and nobody else's.

Re:RTFA, please.

What buffer overflow?

Haven't seen one on sysV init since it existed, and I started with System V release 2.

Haven't seen one with init either, and I started with UNIX v6.

Re:RTFA, please.

[F.Ultra]

Here is one: https://www.cvedetails.com/cve...

Re:RTFA, please.

[F.Ultra]

And you never wonder why it was thrown out from the majority of distributions (not to mention that Solaris, Apple and the BSDs threw it out even before that)? It's feature completion was insufficient even back in the day, which is why people like Bernstein created the deamon tools, why Solaris made SMF, why Apple made launchd, why I myself sponsored initng in Gentoo back in 2005, why Ubuntu switched to upstart and afaik the BSDs are working on their own modern init system.

Re:RTFA, please.

And you never wonder why it was thrown out from the majority of distributions (not to mention that Solaris, Apple and the BSDs threw it out even before that)? It's feature completion was insufficient even back in the day, which is why people like Bernstein created the deamon tools, why Solaris made SMF, why Apple made launchd, why I myself sponsored initng in Gentoo back in 2005, why Ubuntu switched to upstart and afaik the BSDs are working on their own modern init system.

Did he say he didn't understand why it was dropped? Did he say he was against switching to initng, upstart, etc per se? People have a particular beef with systemd because it strives to be a monolithic replacement for a lot of services, not merely an init replacement. Fixing or replacing init makes sense. Throwing the baby out with the bathwater does not.

Either that or, you know, we could hear a convincing argument about why systemd is so awesome it justify all the new, untested code. If it's merely because it's currently mainstream and hence should get a lot of development and security attention, I think we can look at devfs and reiserfs and see how they turned out. Note, we obviously were better off that those avenues were explored. But, in the end, most people moved away from them and they were rightly considered not the mainstream solution to problems. Niches that need to be filled? Gladly.

Re: RTFA, please.

LOLOLOL here is ONE he says. ONE, that took you some time to find I'm sure. Go ahead and count the bugs vs systemd. Do it.

Oh yea, how long has sysV been out?

Re:RTFA, please.

[F.Ultra]

This again? You actually pretend that the switch to systemd in (most) distributions wasn't preluded with years of technical debates and arguments?

Re: RTFA, please.

[F.Ultra]

I can actually not find a single CVE for systemd since it was put into production. Yes there where 5 in total during 2013 as reported by Ubuntu but that is before it was put into either RHEL, Debian or Ubuntu. Doesn't really matter though because the claim that TFA is trying to push is that this single bug in systemd should mark the entire project as a failure and we should throw it out, by showing that there have been at least one (and quote more serious at that) vulnerability in sysvinit demonstrates that following this logic sysvinit should have been thrown out back in 1998 a position that I think we can all agree is complete ludicrous.

Re:RTFA, please.

[rl117]

I'm well aware of the history and context. It was quite clear that a replacement would be welcome, providing that replacement was an improvement. I was initially quite hopeful when systemd came about; but it's proven to be unsuitable. There's more to software than features alone, and for this low level part of the system, it's critical to the system's functioning for it to be defect free. It has some interesting ideas, but the design and implementation leave a lot to be desired.

sysvinit (or any init) does not need to have a lot of features, so long as you can build more complex features and functionality on top. The very essence of modularity and substitutability. The priority is to be minimal, reliable and bug free. Just look at how many other systems run more advanced stuff on top of sysvinit. It doesn't have to be there in PID1 or provided by the same software package. sysvinit had a very clearly-defined role and within that constrained scope, it provided a working robust solution that worked for multiple decades. The design of sysvinit can be described in a couple of paragraphs of text; you'd need a book to describe systemd, and I doubt even the authors could fully describe it themselves. Overcomplexity and poor design has a cost, and systemd is already an unmaintainable mess.

The very fact that it had a small interface (signals, initctl, inittab) meant that it could very easily be replaced by other systems (and this was done multiple times). The fact that it was easily built upon meant that there were multiple systems built on top of it. It wasn't perfect, and it didn't have every feature everyone wanted. But the point is that it didn't have to while it could be used as a building block by others. systemd is at one extreme (large, complex, tightly-coupled) while s6 is at the other (tiny, simple, loosely-coupled); sysvinit is toward the s6 side of the spectrum; were I writing it from scratch, I'd lean more towards s6 and strip out the more complex bits into separate parts; PID1 doesn't need to deal with inittab for example, nor with runlevels or shutdown.

Re:RTFA, please.

If the original article were a tantrum, why did the author feel the need to play the redefinition game?

[...] your beloved SysV init [...]

Oh, you're one of those people.

Re:RTFA, please.

This again? You actually pretend that the switch to systemd in (most) distributions wasn't preluded with years of technical debates and arguments?

The same was done with devfs (really more a kernel thing) and reiserfs on several distros. That doesn't mean it wasn't the wrong move. Or that I (and others) have heard convincing argument why systemd is the way to go, regardless of how many distros have moved to it. That we now have technical debates and arguments why systemd is the wrong move now should just be ignored because sysvinit isn't the answer?

Now, if all you're trying to say is that you don't wish to go into that long technical debate here about the merits of systemd over upstart or initng, that's great. It'd just be awesome if you didn't then make up bullshit about sysvinit being fundamentally finished as a basis on why systemd being a constantly moving target is a good thing or equivocate about the enormous C code base that is systemd (which is part and parcel of using systemd's init) being equivalent to being sysvinit somehow, when the latter has had literally decades with virtually no security vulnerabilities.

Seriously, in two decades when systemd has most the bugs worked out, there might be some room to discuss the merits of the two on a level field of consideration as far as security risks. As it stands, though, systemd is much too fluid and obviously too security/stability void for serious consideration by a lot of people, regardless of what distros have focused on. No doubt, a large part of the focus by distros (like Ubuntu through Canonical and Red Hat) on systemd could be and want to devote resources towards it so it can be what sysvinit is, a stable and feature complete bit of software. Even so, I (and others) don't see it as the answer even if it does get to that point because it's too pervasive in its requirements for too little benefit. But, like I said, give it a few decades.

Re:RTFA, please.

[F.Ultra]

I'm not the one making up bullshit about sysvinit being finished, that was a direct quote from the poster here that claimed that he had commit rights to the sysvinit upstream.

initng was great as a faster systemvinit, what it brought to the table was better parallelization of the init scripts which made for a faster boot. It was great in that regard but it really didn't bring anything new to the table other than that. So it was sysv but slightly faster, which of course was nice in itself.

upstart had some great promises, it had some of the things that make systemd great (well defines config files instead of init scripts, possibility to restart crashed daemons) but it never got anywhere, it's somewhat buggy and Ubuntu put it into maintenance mode since long before they switched to systemd. And if we are to believe Lennart Poettering there where architectural problems with upstart that made it not a good choice to start from. I have not examined both projects enough to make a trustworthy reply if this is true or not so I have just to take Lennart on his word here, and he claims to have been first looking at building from upstart so he should know and I have no reason to distrust him on this.

If we should wait two decades before deciding on which init to use we would still be using what we used before sysv because that is how software development works, if no one uses it it will not get enough progress to ever reach a state where it's deemed stable enough.

And systemd will never be feature complete, just like apache, nginx and so one also will never be feature complete.

Re:RTFA, please.

[F.Ultra]

What else are you defending if not SysV? That is what got replaced and what made you so angry. So why are you so angry if what was replaced was not so beloved by you?

Re:RTFA, please.

I'm not the one making up bullshit about sysvinit being finished,

It'd just be awesome if you didn't then make up bullshit about sysvinit being fundamentally finished as a basis on why systemd being a constantly moving target is a good thing ...

And this is why you and David Timothy Strauss can't be taken seriously. You're either taking my comment out of context or you fail at basis reading comprehension. Hell,...

And systemd will never be feature complete, just like apache, nginx and so one also will never be feature complete.

Well, there we go. So, systemd is just like apache or nginx. I don't want something like apache booting my system.

If we should wait two decades before deciding on which init to use we would still be using what we used before sysv because that is how software development works, ...

Further reading comprehension failure. No, we could use initng or upstart right now. It's specifically systemd that is such a complex, messy beast that I'd say it'll take two decades before it's stable enough to be considered worthy of consideration**. Obviously, you and others can use whatever you want. And development can/will continue. That doesn't mean it isn't on the wrong track.

And if we are to believe Lennart Poettering there where architectural problems with upstart that made it not a good choice to start from. I have not examined both projects enough to make a trustworthy reply if this is true or not so I have just to take Lennart on his word here, and he claims to have been first looking at building from upstart so he should know and I have no reason to distrust him on this.

For the sake of argument, I'll believe Lennart Poetterring on this point as well. So, upstart wasn't good enough and perhaps initng wasn't good enough. So, I'd presume his heart was in the right place when systemd was started. And now? It's a clusterfuck, architecturally unsound and not a basis to build on. So, why should other distros build on that mistake if they're unwilling to build on upstart or initng? If you want to argue, "hey lets move to systemd as a stop gap but we really need to start over", then I'm with you.

But systemd is really a non-starter (for most people*) and stories like this really only exemplify the point. Not so much as in the code quality but in how much people are defending systemd more on a "well, people voted for it" than actually addressing issues or concerns. Of course, I don't think the fundamental concern can really be addressed**.

* For certain definitions of "most people". As "most people" don't really give a shit what they're system uses under the hood. Even if it routinely broke, had huge gaping security vulnerabilities, and its name was Windows...

** I'm reminded of the story of sendmail and how much of a clusterfuck that was. Now? It's been so heavily scrutinized that it's decently secure and worth using. The same could be said for Internet Explorer. I see systemd taking the same route, which is why I would obviously discourage any sort of early adoption unless it was a very short stopgap as there was a move to something better. But, really, sysvinit is good enough to be that stopgap.

Re:RTFA, please.

[drinkypoo]

That's just one, every few weeks there's some different fuckup of the sort we used to laugh at MS Windows.

Meanwhile, I'm just sitting here with Windows 7 and it's great. Well, it's not too fucking great to have to guard my butthole from Microsoft in the showers^W^W^Wduring the update process, but seriously. This OS looks great, it works great, it seems to be about secure enough to get by if you use some decent practices and don't try to use it as a server and it runs a metric assload of software. I'm really going to shed tears for this one when it's gone. Microsoft finally really did it to me with the full-retard spyware business model.

Re:RTFA, please.

Maybe Balmer figured it out. The only way to stop Linux is to send over some Microsoft developers. The world is systemds-up.

Re:RTFA, please.

[h4ck7h3p14n37]

I've still got pretty well everything on linux still on RHEL6/CentOS6 because the vendors of an application used in the place don't trust systemd yet.

Rather than guessing, why not try an install on Linux Server 7 and see what happens?

Re: RTFA, please.

[Etcetera]

I can actually not find a single CVE for systemd since it was put into production.

Well congrats, now you have at least two: http://www.openwall.com/lists/oss-security/2016/09/30/1

* CVE-2016-7795
* CVE-2016-7796

Re:RTFA, please.

[dbIII]

I do not have to guess I know.
The application suite has a pile of init scripts which I would have to rewrite because they are not compatible with systemD.
Just dragging old libraries into a new distro is not enough.

My point was to show that it's not just whining users and sysadmins that are reluctant to use things with systemD.

Re:RTFA, please.

"Unchanging" means "dead" if the environment is in fact changing. And that is the reality for Linux. The original UNIX design did not foresee computers which travel with me and had multiple wireless, ephemeral network connections.

Re: RTFA, please.

[F.Ultra]

I really thought that people understood that I meant except for the fricking CVE that this whole thread is about...

Re:RTFA, please.

You're saying that the only relevant problems are those that are remotely exploitable, i.e. a subclass of security problems.

This SystemD bug stops the system dead, preventing this class of security problems. Brilliant!

Now if only the system would keep doing something useful, too...

Re:RTFA, please.

[F.Ultra]

You do know that you can run the old sysv init scripts with systemd?

Re:RTFA, please.

[F.Ultra]

No I don't say that it's not relevant, I say that it's not a choice between a rock and a hard stone but between a hard place and a stinging nettle. Having your machine taken over completely for what ever sinister means is in my book far far worse than a local (non-remote) user can stall the init system. Is it bad? Yes, is it the end of the world? No.

Same old playbook

How long are systemd proponents going to evade accountability to crying about detractors, greybeards and positoning opponents as anti-change.

Any criticism of Systemd and out come a hoarde of Redhat supporters and astroturfers to change the focus swiftly from the technical to the political

Re: Same old playbook

I don't feel politically about it all. Many distros all went with systemd, the one I was using as well.

They took something that worked and replaced it with something that, in my subjective experience, had a few bugs. Init just worked for me. Again I have no horse in the race, I'm just along for the ride.

Re:Same old playbook

HOARD: "a supply or fund stored up and often hidden away; stash; cache"

HORDE: "a political subdivision of central Asian nomads; a people or tribe of nomadic life; a teeming crowd or throng; swarm"

Which of these did you intend?

Re:Same old playbook

[Etcetera]

How long are systemd proponents going to evade accountability to crying about detractors, greybeards and positoning opponents as anti-change.

Any criticism of Systemd and out come a hoarde of Redhat supporters and astroturfers to change the focus swiftly from the technical to the political

It's fine to blame RedHat, Inc, and the *current* Fedora Community on top of it, but don't blame RedHat supporters.... Many of us using RHEL and its derivatives (CentOS/SL) think this thing is horrible and would have stepped in earlier if we'd been paying closer attention to Fedora-devel five or six years ago. We kind of just assumed that the adults who'd been in charge there were still making decent architectural decisions while we went on with our lives.

Re: Same old playbook

[Barsteward]

fuck me... software has bugs, i'd never thought it could happen......

Re:Same old playbook

[drinkypoo]

It's fine to blame RedHat, Inc, and the *current* Fedora Community on top of it, but don't blame RedHat supporters.... Many of us using RHEL and its derivatives (CentOS/SL) think this thing is horrible and would have stepped in earlier if we'd been paying closer attention to Fedora-devel five or six years ago.

Don't blame the people funding their bullshit because they weren't paying attention? That's why we can't have nice things.

Re: Same old playbook

Breaking news! AC is pedantic, plays dumb, more at 11!

Re:Same old playbook

Pardon me. Whored.

Re:Same old playbook

[korgitser]

This is how everything goes to crap. E.g:

It's fine to blame the government, and the *current* political community on top of it, but don't blame the voters.... Many of us using the state and its derivatives (the law, the institutions, the services) think this thing is horrible and would have stepped in earlier if we'd been paying closer attention to politics five or six years ago. We kind of just assumed that the adults who'd been in charge there were still making decent architectural decisions while we went on with our lives.

Re:Same old playbook

I think there are no adults left there to make decent architectural decisions anymore. The proof is systemd. q.e.d.

Re:Same old playbook

It's fine to blame the government, and the *current* political community on top of it, but don't blame the voters.... Many of us using the state and its derivatives (the law, the institutions, the services) think this thing is horrible and would have stepped in earlier if we'd been paying closer attention to politics five or six years ago.

We would have "stepped in earlier"?? Maybe what you're saying has merit, but unless you're including yourself (entirely possible, but you didn't state it) - Tell us what you'd do, korgitser, so that we might emulate your behavior in order to fix this mess.

The current oligarchical power structure in which we live makes voting and political activism nearly meaningless. I wasn't a Sanders fan, but could see that he packed stadiums and had a lot of popular support, but it really looks as if his candidacy was gamed into irrelevancy by the DNC and very pointed lack of media coverage. What about activism? During something as relatively innocuous as "Occupy", I remember the controversy when it was revealed that the FBI had snipers on roofs in Houston to make sure the silly, scary, hippies didn't.... Do What? Bang on their silly-ass drums faster?

So what now? The last group of people that took it upon themselves to "change the political landscape" in a big way found themselves truly at risk of being hanged. Many of them had to run for their lives, were wounded, imprisoned, lost much, if not all of their assets, and/or lost people they loved.

Some examples: Thomas McKean, Richard Stockton, Thomas Heyward, Jr., John Witherspoon, John Hart, George Walton, Philip Livingston, Lewis Morris, Lyman Hall, Carter Braxton, Robert Morris...

These people committed treason; these people fomented revolution; these people paid a serious price, *even though* events turned out in their favor in the end. They are heroes to people that live 240-some-odd years later that benefited from the risks they took, but the situation at the time was pretty damned bleak and unsure; the odds were very good that they would end up as treasonous footnotes to British history. It was not a sure thing for them- If France at the time wasn't so intent with sticking it to the British, these guys would have all hung.

For better or worse, I am not prepared to be accused of treason; I am not prepared to help foment a revolution... to risk death just to start something that would hurt so many people, to no chance of a good outcome. I'm also not prepared to buy into the batshit-crazy crowd that believes that they're "striking a blow for freedom" by blowing shit up, or that has a bunker with a bunch of fucking guns, either. Goddammit, what is wrong with these people. I cringe every time I see a "come and take it" sticker on the back of a car- Those idiots have no idea what they're really "saying" or what real risk is.

Hell of a choice, isn't it? Believe in the fairy tale of "changing the system" by participating in a political theater that's very tightly controlled by a corporate State, or try to commit treason while causing untold suffering, to little, if any, effect?

Call me what you will, but at this late stage in the game, my efforts are focused upon trying to figure out what the power structure is doing, so that I can be in a better position and stay out of its way, to lessen the worst of its effects upon my family, friends and myself.

Re:Same old playbook

[BoogieChile]

He might be making the Humpty Dumpty play;

Hoarde: A teeming crowd or throng of Anonymous Cowards stored up and hidden away until they are needed for, eg, storming a message board with messages about, I dunno, systemd, or grits, or something.

Ad Hijack For "Reimage Plus"

Why am I suddenly finding my (Firefox, latest) browser redirected to some page about a product named "Reimage Plus"? Could it be that the Slashdot advertising has been assaulted by hostile Javascripts? Must I go back to Mosaic 1.0 to avoid this nonsense?

Re:Ad Hijack For "Reimage Plus"

[ledow]

I'd check your computer first.

Nothing here.

And of course the systemd devs throw a tantrum

https://medium.com/@davidtstrauss/how-to-throw-a-tantrum-in-one-blog-post-c2ccaa58661d
Can't have anyone criticizing any aspect of the holy systemd.
Whole thing boils down to:
"Following security practices in an init system is hard, and you've never done it so leave us alone."
Completely ignoring the fact that the only reason they patched this thing is because he made a big deal out of it.
And on what planet is testing for corner cases like empty strings the domain of fuzz tools?
That seems like a pretty standard test case to me.
I can understand if you don't test for a 1MB string, but empty seems like a no brainer.

Re:And of course the systemd devs throw a tantrum

https://medium.com/@davidtstrauss/how-to-throw-a-tantrum-in-one-blog-post-c2ccaa58661d
Can't have anyone criticizing any aspect of the holy systemd.
Whole thing boils down to:
"Following security practices in an init system is hard, and you've never done it so leave us alone."
Completely ignoring the fact that the only reason they patched this thing is because he made a big deal out of it.
And on what planet is testing for corner cases like empty strings the domain of fuzz tools?
That seems like a pretty standard test case to me.
I can understand if you don't test for a 1MB string, but empty seems like a no brainer.

For those who don't want to follow OP's link:

The systemd project applies both unit testing and static/dynamic analysis to systemd. We’ve done this for years; I ran the first Coverity scans myself. Testing inputs of empty strings, excessively large data structures, and other invalid permutations is the realm of fuzz testing, which is a recent project even for the Linux kernel. Despite Linux being used for critical systems for decades, fuzz testing only began as side-projects “in beta” in 2007 and more earnestly in 2013. It’s clearly a valuable technique, but implying that comprehensive testing of invalid inputs is “obvious” is misleading about the state of major projects.

WHAT

THE

FUCK?!?!

It's too much to expect systemd to test for invalid inputs from non-privileged user-space?

Are you fucking kidding me?!?!?

Who the fuck is David Strauss? And when is he scheduled to matriculate from kindergarten?

Too much to expect him to test?!?!!?!

Pathetic. Thalidomide-brain pathetic.

Re:And of course the systemd devs throw a tantrum

[somenickname]

Well, at the very least, be glad that these guys are just writing your init system and not your website.

-- Little Bobby Tables

Re:And of course the systemd devs throw a tantrum

Oh geez. He spends his entire diatribe picking apart each one of Ayers's points and saying each one thing alone isn't reason enough not to use systemd. No, maybe not. But all of those things PUT TOGETHER add up to plenty of reason not to use systemd.

I like the contradiction here as well:

"implying that comprehensive testing of invalid inputs is 'obvious' is misleading about the state of major projects"

then later,

"It's a stretch to use the label 'parsing' for what is mostly a string comparison against a fixed number of possibilities"

So, which is it?

1) testing for invalid inputs is waaay too hard because there are waaay too many of them and it ought to be done by some third party fuzzer instead of the systemd team so this isn't our fault at all

or

2) there are a small fixed number of possibilities to compare against and someone accidentally forgot to include "" among them

Then he degrades into the whole "hurr durr, this guy didn't even graduate until 2012, he isn't qualified to criticize my software" angle. Strauss himself didn't graduate until 2007 yet he fancies himself some grizzled dinosaur from the K&R era.

Come on, you guys fucked up, it happens to all of us, nobody has ever released totally bug free software. Admit your mistake and move on.

Re:And of course the systemd devs throw a tantrum

[ChunderDownunder]

Maybe linux hackers are a bit slow on the uptake but automated builds and coverage of unit testing has been standard practice in 'Agile' circles for over a decade.

'fuzzing', according to wikipedia, was pioneered in 1988.

Re:And of course the systemd devs throw a tantrum

Oh okay, that makes more sense now. These guys came out of the development world where writing unit tests is not considered a best practices. So they think they are engineers. They don't realize that the people addressing them have been doing unit tests and the like since the birth of IT.

Re:And of course the systemd devs throw a tantrum

[Barsteward]

No-one is against constructive criticism, anti-systemd "criticism" is mostly just an outpouring of immature and inaccurate rants,lies and drivel from armchair "experts" who do not know much, if anything, about systemd

Re:And of course the systemd devs throw a tantrum

[Cederic]

Forget unit tests, testing your inputs has been a basic fundamental since the very first accidental bad data bug.

It would've been sooner but computing resources were too expensive so the inputs were validated offline first.

Re:And of course the systemd devs throw a tantrum

I know enough. Binary logs? Fuck off and die.

Re:And of course the systemd devs throw a tantrum

I know right. Why use fast efficient low memory binary logs when we can use slow memory wasting text instead.

Re:And of course the systemd devs throw a tantrum

I studied CS in the 80s, and I was taught to do fuzz testing. Of course there were no tools to automate testing (that I was aware of at the time), but the technique of throwing random inputs at applications and procedures was known. Thus the dates mentioned for the introduction of fuzz test tools in the blog post are misleading. Even if you don't have a tool to automate an important test, you have the possibility to run it manually - and in some circumstances, you may have the obligation to run it, manually or otherwise. Reliability and security do mandate running such tests.

OpenRC

[Shane_Optima]

If you're dissatisfied with systemd and you don't need any of its fancier capabilities (which as an end user I'm assuming would be Docker stuff), please consider switching to a non-systemd distro as soon as possible and (if you can afford the time or money) contributing to their development. The more support systemd alternatives can garner, the more likely it is that projects to will resist unnecessary systemd dependencies and it might even be that systemd itself will eventually become more modular and moddable.

I'm not a hater. I cringe every time I see +5 comments claiming that systemd didn't fix anything. Declarative syntax is (at least in principle) a massive win, especially for distro builders. And LXC is amazing stuff, and I certainly cannot fault Red Hat for wanting containers to behave perfectly. Unless something like Genode scores a major coup, containers are definitely the future of secure and robust computing.

But the actual details of systemd's course have been hair-raising. It needs to be more UNIX-like and less draconian in its requirements and less toxic in its effects on the FOSS ecosystem and unfortunately (given Red Hat's behavior over the past decade) it appears that pushing alternatives hard is the only way they can conceivably be convinced to change their ways or reform anything moving forward.

I encourage all of the haters here to try and put your money where your mouth is. Install, use, support and help promote a distro like Devuan or even better: go and find one of the multiple OpenRC distros available. OpenRC can't be the all-in-one automagic solution systemd endeavors to be, but it doesn't hide tons of stuff in huge C binaries and it's addressed most of the common frustrations people have with SysV. Arch Linux has an OpenRC variant (the standard install uses systemd), Gentoo was the distro that started OpenRC years ago, and Alpine linux uses it (which isn't an ideal easy desktop distro, but it's amazing for those wanting a secure minimal distro to build on and last time I checked it does run XFCE and Firefox.) There are probably others.

Re:OpenRC

The fact that you have to use the word "hater" means you don't even know what the problem is.

Re:OpenRC

[Shane_Optima]

As far as I can tell, the problem is mostly one of personality and ideology. Poettering is a rather unpleasant person who is purposefully choosing to do things in an unnecessarily hostile and control-destroying manner, and Red Hat, while obviously having done tremendous things to help Linux over the years, has been in the business of promoting user-hostile asshatery and lock-in philosophies in recent years, something which hasn't been remarked on nearly as much as it should've (possibly because RHAT earned themselves too many OSS brownie points 10+ years ago and are still making useful contributions today.)

None of that excuses the legions of people around who have said that there was no problem with SysV, or that declarative syntax was worthless (tell that to someone who is trying to build a distro), or treated process control or containerization as inherently unworthy things to be concerned with. I do not say that systemd does these things especially well; I merely say that as concerns, they are intrinsically worthy of consideration.

And if you say that no one needs better containerization options or that stateless systems is a worthless concept or that Debian's old init scripts were the pinnacle of perfection, you clearly do not know what you are talking about. Red Hat does have some fiat sway, but if SysV init were easy to stick with we wouldn't have seen all of the major distros adopt systemd in lockstep. It's not completely worthless. Some of the problems it solves are indeed real. I'm not saying it's worth half a million lines of C code to solve those problems, but the problems are fact there.

But if you actually deny that any problems exist, you're basically just an unthinking hater and no one is paying you any attention except a certain subset of systemd haters who didn't need any more convincing.

This actually isn't so dissimilar to Trump and concerns over immigration or terrorism, but that's an analogy for another day.

Re:OpenRC

Declarative syntax is (at least in principle) a massive win, especially for distro builders.

"in principle" is key. You're right, declarative, "compile time checked" configuration is great. However, systemd's dog's breakfast configuration syntax coupled with the enormous number of badly documented, embedded run-time dependencies (not declarative! e.g. killing running daemons that have previously worked for decades "just because") is not. It's so bad I have to wonder whether RedHat caused it deliberately to generate work for themselves.

Incidentally, docker is mostly marketing; alternatives are better.

Re:OpenRC

I have been using OpenRC since moving to Alpine Linux for my Docker containers.

Re:OpenRC

What are the alternatives to Docker? My understanding is that there are different levels and types of virtualization, with Docker being the bottom tier in terms of what it visualizes (with hypervisors being on top) but I'm not sure what else is on that same level or even where the lines are.

Re:OpenRC

[Shane_Optima]

Incidentally, docker is mostly marketing; alternatives are better.

That may well be; I'm just saying their focus is correct. When I heard a few years back that LXC finally had unprivledged containers I thought "ohh, this is going to be interesting to see what people come up with" and Docker was the most prominent blip on that radar. I don't have enough hands-on experience with the nuts and bolts to say for sure how great the end product is (I'd be a lot more interested in kernel-level containerization if Qubes weren't so delightfully usable), but the goal is certainly worthy.

This is true also of some of the things systemd attempts to do, although certain things (like this cradle to grave process babysitting stuff) very clearly need to be completely separate systems without a ton of shared connective tissue, and without a bunch of major packages depending on it.

However, systemd's dog's breakfast configuration syntax coupled with the enormous number of badly documented, embedded run-time dependencies (not declarative! e.g. killing running daemons that have previously worked for decades "just because") is not.

Yeah, I would like most to see a system where the declarative stage generates the imperative stage and then gets the hell out of the way so that you can manually and arbitrarily edit the imperative stuff. One would assume this would at least in some ways make development easier too, since annoying bugs or incomplete features could be subject to easy work-arounds until time could be found to fix them. Actually, that may well be how parts of OpenRC operate, but I'm not positive. (I've little need to do much init fiddling, so my OpenRC recommendation was mostly going by what I've read and heard about it. Since Upstart is basically dead in the water and a great many people don't want to tolerate SysV indefinitely, OpenRC seems like the most viable long term alternative. Also, it can implement a larger subset of systemd's abilities, which presumably makes it easier to piggyback to some extent on systemd configurations that other projects produce.)

Re:OpenRC

[Shane_Optima]

I can't give you a comprehensive overview of everything that's out there, but as a personal desktop Qubes (a type 1 hypervisor, i.e. bare metal) is definitely worth a look. This is "at the other end", i.e. it's full OS virtualization, but with a lot of performance, security and usability advantages over its competitors. As of now it's entirely Xen-based but with 3.0 they rewrote a lot of it to abstract away the hypervisor specific stuff and there's been some talk about eventually having LXC containers or making a type II hypervisor that could run on the platform of your choice.

What it does now is run HVMs (which gives you a little window in which another OS runs, as you'll commonly see with Virtualbox or KVM / QEMU) but also AppVMs. The latter are full-featured distros that are specially tailored to run on Qubes. It ships with Debian 8 and Fedora AppVM templates, but as I recall there are community-built versions of other distros. (I personally can't wait to see something like Alpine used as the default template.)

Qubes templates allow you to save disk space (and enhance runtime performance) by having multiple AppVMs be based on a single template. All templates share the same installed applications, but have different home directories, /usr/share and /rw/config directories. Updating or installing new applications is completely separate from using the AppVMs themselves, so there is no mechanism by which data can accidentally leak from one AppVM to another.

Performance is impressive, although you will want to be using an SSD. They use PV drivers and various tricks to make startup times quite fast.... generally under 10 seconds and sometimes under 5.

You don't have one window per VM; instead, each application window appears to be a native window with its own entry in the task bar and alt-tab list. The window borders are color-coded to tell you which window is coming from which VM. It's awesome. And they have a Windows tools that allows the same thing, so you could have a genuine copy of Internet Explorer (not running in Wine, but running in Windows 7) sitting in a task bar right next to your linux desktop applications.

Security is equally impressive, particularly if your machine supports Intel vt-d (it has to support it properly, though; earlier generations of vt-d chipsets didn't always work properly, particularly on non-business class laptops). Joanna is working to move as much out of Dom0 as possible, which enhances security quite a bit; most significantly, Dom0 has no direct network access (if you want to update it, you have to request an update be delivered through one of the VMs that have a network connection; currently, the firewall VM performs this task although I think it should probably be split off into its own separate UpdateVM.) Despite the high walls between the AppVMs, there are hooks that allow them to send files to each other (Dom0 acts as an arbiter, asking you to manually approve of each transfer) and you can copy-paste through a nifty hyper-clipboard (accessed through the keyboard shortcut shift-control c/x/v.)

Finally, you can do 99% of this stuff using the GUI. You need the CLI for installing HVMs and maybe a few other things, but the Qubes VM Manager GUI does almost everything else, and Nautilus (and I think Dolphin?) comes installed with rightclick context menus to send files to other VMs. (You can also write an extension to do this in Thunar very easily.) I wouldn't hesitate to recommend this to an intermediate user--if you've been messing around with Ubuntu for a few years, you could probably handle Qubes just fine.

Actually there are a few other things worth mentioning like DispVMs, Whonix for Tor access, ProxyVMs (awesome for easy VPN configuration) but you can look that stuff up yourself if you're interested.

One last thing, don't install Qubes 3.1 unless you really want a KDE4 interface (as opposed to KDE5 or XFCE4.) Qubes 3.2 is about to be finalized, so either wait for that or install 3.2 RC3.

Re:OpenRC

[dbIII]

containers are definitely the future

Only if the future is 2004!
It was done before Lennart heard of anything other than MS Windows.

Re:OpenRC

[dbIII]

we wouldn't have seen all of the major distros adopt systemd in lockstep

The distros have been in lockstep for a long time on a lot of issues due to RedHat doing a lot of the work. That gnome now depends on systemd on linux is another very major factor. Neither of those matters have anything to do with the quality of systemd. Like the sound situation of a few years ago there is only one option being worked on so we are told to like it or lump it.

Re:OpenRC

[Shane_Optima]

We didn't have a unprivileged LXC, vt-x or vt-d in 2004. Compartmentalization is the foundation of good computing practices; hell, it's what UNIX was famous for. It's a way of bootstrapping microkernel-like structures into a monolithic system, which might be ass-backwards but it can work pretty damn well.

Also, as I've said before in response to this very subject, the fact that something has been done before has nothing to do with whether or not it'll become popular now. Lisp was doing things in the 1970s that we didn't really see again in other mainstream programming languages until the 2000s. The Amiga was a bit ahead of its time as well. Sometimes these things do take time.

Re:OpenRC

[Etcetera]

And if you say that no one needs better containerization options or that stateless systems is a worthless concept or that Debian's old init scripts were the pinnacle of perfection, you clearly do not know what you are talking about. Red Hat does have some fiat sway, but if SysV init were easy to stick with we wouldn't have seen all of the major distros adopt systemd in lockstep. It's not completely worthless. Some of the problems it solves are indeed real.

This is one thing that I always found weird. I was working almost solely in RH and RH-derived distros from 2000 onward. From my perspective, "initscripts" were fine. On RH/Fedora initscript standardization and /etc/init.d/functions calls were basically a solved problem. I had no idea how crappy Debian's were until I did some release work on it and Ubuntu last year. I could understand a lot more the rip-it-all-out motivation if systemd had come from Debianland over to RH, but it's just bizarre in retrospect that it was instigated on Fedora first when by and large RH was where init was the most non-broken.

I always want to travel back in time to the Fedora 14 release era and convince everyone to just follow Debian's lead and replace Bash with Dash instead if they want a boot speed boost.

Re:OpenRC

Non-systemd distros lose out on anything GNOME, since that now requires systemd. Unless they're running one of the myriad forks of that DE... and yes, I know the average systemd hater also probably hates GNOME for taking away gnome-panels as the default shell.

In fact, the main reason why systemd has so much clout is from GNOME deciding to require it and drop compatibility with other UNIXlike kernels in the process.

Also, I'm tired of "UNIX-like". In my mind, "UNIX" means "tweakable in precisely the kind of way that leads to accruing special snowflake technical problems". It's holding Free Software back. The requirements for both desktop and server computing have evolved to the point where anything remotely UNIX-like is unfit for purpose. The operating systems people actually use are iOS, Android, Windows, and macOS. And while 3 out of 4 are technically UNIX, they are modified so much that nobody on Slashdot would consider them UNIX if they actually had to tweak it.

Re:OpenRC

[Shane_Optima]

This is one decent upside from my perspective: anything that accelerates GNOME's downfall or at least decreases their market share is a good thing. Their devs badly need to learn some humility and perspective. They not only appear to believe they can be the next Apple, but they believe that the key to doing so is to treat its users like dirt, not realizing that this was an unnecessary side effect and not a causative agent in Apple's success.

Re:OpenRC

Qubes OS 3.2 has been released!
Sep 29, 2016 by Joanna Rutkowska in Announcements

Re:OpenRC

Declarative, nice buzzword that.

They are adding multiple new declarations each release.

At this rate their "declarations" will be Turing complete in short order.

Anyone taking bets on when we can play Conway's game of life using their dependency resolver?

Re:OpenRC

[rastos1]

Declarative syntax is (at least in principle) a massive win, especially for distro builders.

True. But ... anybody else beside distro builders?

Re:OpenRC

Declarative syntax is (at least in principle) a massive win

Like having to remember dozens of camelcase keywords and the inablity to extend it?

Re:OpenRC

[phantomfive]

As far as I can tell, the problem is mostly one of personality and ideology. Poettering is a rather unpleasant person who is purposefully choosing to do things in an unnecessarily hostile and control-destroying manner, and Red Hat, while obviously having done tremendous things to help Linux over the years

I don't care about personality at all. If the code is good, I'll accept it.
Here is my view of some of the issues (and also benefits) of systemd.

Re:OpenRC

I agree with this and I did moved all my systems, including my workstation and laptop, to Gentoo. And I have to admit here I am very happy. I learned something new about Gentoo, and I am amazed how fast is the booting process using OpenRC. I hope others will follow.

Re:OpenRC

Yeah, I would like most to see a system where the declarative stage generates the imperative stage and then gets the hell out of the way so that you can manually and arbitrarily edit the imperative stuff.

Ah, great idea. Except when you ever want to change anything: you no longer can use the declarative system. Maybe not so great idea after all.

FreeBSD 11...

is about to be released shortly. Time to switch?

Re:FreeBSD 11...

[Celarent+Darii]

Yes.

Re:FreeBSD 11...

[ruir]

Do you really need to ask?

Re:FreeBSD 11...

Good luck with that.

https://lists.freebsd.org/pipermail/freebsd-announce/2016-September/001752.html

why am i not surprised

https://www.youtube.com/watch?v=wxlhyX-4qKI

Linux is dying

Confirmed! Linux is a non stop tire fire! SystemD, one in a long line of mind numbingly horrible mistakes is the latest crippling blow to the fan boi OS only the clueless love. Linux, now known as the Titanic of operating systems is sinking fast. And there's only enough boats for 1/4 of the users. Don't be left on deck when it goes completely under! Switch to a competent OS!

Re:Linux is dying

[Cederic]

You appear to be conflating Linux with the shit that gets bundled with it.

Don't use RHEL 7!

RedHat's cavalier attitude with security doesn't raise any confidence in their distribution. Better to stay on RHEL 6 for now and wait to see in what direction the market evolves.

Re:Don't use RHEL 7!

[hcs_$reboot]

Red Hat security relies on a system where components are constantly fixed but rarely updated. It's like using Ubuntu 08, but with almost no issues... Not sure it's worth it.

Yet more proof

Yet more proof that Harry fucking pottering and co are not even remotely qualified to design the Linux init system.

The continued utter incompetence displayed by these idiots is utterly fucking astounding.

Yes. Let's keep adding more and more shitty, ill considered crap, to a poorly designed steaming pile of shit.

Surely the systemd cabal can't continue with their bullshit that systemd is modular and well designed.

Fuck pottering red hat Debian for forcing this shit on all of us.

Also, dbus. It's a message bus AND an rpc mechanism. What the fuck? Who the fuck would do that? Who thinks its a good idea to implement a message bus and rpc together?

Dbus needs to die.

Replacement: something like nanomsg - a system level message bus.

If we need rpc, don't we have a bunch of things in the kernel already? And only if those won't do, let's have a separate local only rpc with multicast.

Seriously, dbus, kdbus, bus-1, and all fucked, and designed by utter fucking noobs who clearly don't have any right designing OS level components.

Re:Yet more proof

[rubycodez]

That's not nice at all, have some respect and don't use derogatory name-calling! We should have nothing but compassion for people like Poettering and the other systemd developers and indeed all with severe mental retardation.

Dodged a bullet

[93+Escort+Wagon]

"Debian, Ubuntu, and CentOS are among the distros susceptible to various levels of resource exhaustion."

Whew! Thank goodness I run Red Hat!

Re:Dodged a bullet

That pulled a laugh out of me, thanks :) -PCP

Re:Dodged a bullet

CentOS is RedHat you asshat.

Re:Dodged a bullet

[93+Escort+Wagon]

Joke
------
You

Good news!! GNU/Windows is safe

I installed GNU/Windows ("Bash" environment) this week. It doesn't seem to suffer from this problem. I've also had much better luck with the device drivers of the Windows 10 kernel.

Re:Good news!! GNU/Windows is safe

[ChunderDownunder]

What bootstrapping if any does it use?

I haven't really played with WSL much but I liken it to a chroot. On my linux box I used to mount a USB drive containing another distro and chroot worked for the most part, except certain processes seemed to run better with some form of pre-run init and for simplicity I ended up using systemd-container to start the necessary services!
Hence the windows environment is emulating linux syscalls behind the scenes but I would think there's some sort of init system magic occurring when the bash terminal is started up.

Tails Linux - is this one borked too?

Aside from their Mailing Lists, bug reports, etc, I find it difficult to locate users of Tails - enough to form a community on-line and discuss the OS. On the one hand, this could be a positive. But the negative is when shit like this happens you have to look to their tiny Mailing Lists and bug reports and hope someone wants to open dialogue with you.

the real systemd song ala "Mr Pickles theme"

systemd! ;rem faint images of me; ;rem looking through init.d;

grrrrrrrrrrrrr! ;rem can not find service;

root's bess friennnnn!; ;rem calling lenovo tex support for; ;rem non-systemd apm services;

ggrrrrrrrrrrrrr! ;rem specialist puts me on hold; ;rem this is a quote

gggooood boy! ;rem playing with a thinkgeek usb; ;rem tentacle and warmballs drink;

here he comes! ;rem after 20minutes on hold im asked; ;rem wat u runnin sugar?; ;i put on my robe and wizard hat!;

stay with me GNU Lesbian!

Re: the real systemd song ala "Mr Pickles theme"

Damn systemd really did butcher those binary logs :P

Systemd: The Biggest Fallacies

Re-posting, because of what might politely be called, "strident pro-systemd" peeps...

https://judecnelson.blogspot.com.au/2014/09/systemd-biggest-fallacies.html

GreekGeek :-)

Re:Systemd: The Biggest Fallacies

[Barsteward]

thats another pile of crap

Devuan: a fork of Debian without systemd.

[Artemis3]

In the meantime you may avoid using systemd as init in Debian by installing sysvinit-core or in Ubuntu by installing upstart-sysv in your transition to a systemd-less distro such as Devuan.

If you are using Debian Jessie, you can switch to Devuan by simply changing repositories. Its still in beta so don't do it on production servers yet. But do plan your migration, before this gets out of hand.

Re:Devuan: a fork of Debian without systemd.

[ruir]

I have done it from day 1; I do not believe neither in the systemd agenda nor in a framework that even forces its presence in a mere update of my systems.

Re:Devuan: a fork of Debian without systemd.

If only Devuan wasn't dead: just check their package build system (ci.devuan.org). Nothing happening for months and then it fails (firejail).

Looks like the "VUA" already lost interest in their creation. Or maybe the donation rate got too slow and it's no longer worth pretending to do something ;)

Re:Devuan: a fork of Debian without systemd.

I do not believe neither in the systemd agenda

You're using double-negatives. Either
you neither believe in X nor Y, or
you do not believe in either X or Y.

Blame Redhat paranoia!

There are a couple of trigger words like unix philosophy, unix like that Systemd astro turfers are trained to latch on to like bee to honey and discredit. Their modus operandi is evade accountability and discussion of systemd at all costs and instead focus all criticisms and doubts on grey beards, unix philosophists, haters and people not open to change.

This is classic politics to push through unpopular changes that are not in your interests. The fact is while users do have loyalty they almost always respond to improvements or they would be no progress. But new cannot automatically mean better, everything has to meet the full force of scepticism and stand on its own feet.

Systemd has effectively distracted and forced its way into Linux with politics, subterfuge, exaggerating shortcomings and pushing niche use cases that do not matter to users but redhat clients. First it was boot speed when that was never an issue, now when its been proved its not any faster the argument is 'everyone has adopted so there must be some merit in it'.

These kind of circular arguments and politics have defined systemds adoption and are not an accident. We don't need politics at the heart of Linux. We need lean and clean software that is well defined in scope, interoperable with other software and replaceable with other inits without fuss. We do not need entrenched interests who intentionally push bloated software to further their control agenda.

Redhat is a $2 billion cathedral that is paranoid and threatened by anything. It doesn't just want to be a part of the ecosystem, it wants to be the ecosystem and freedesktop and systemd are its trojan horses. Linux needs to find a way to free itself from the clutches of redhat if it is to evolve and improve and add value to future generations or it will become a hollow shell to redhat's greed and politics.

Re:Blame Redhat paranoia!

Systemd has effectively distracted and forced its way into Linux with politics, subterfuge, exaggerating shortcomings and pushing niche use cases that do not matter to users but redhat clients. First it was boot speed when that was never an issue, now when its been proved its not any faster the argument is 'everyone has adopted so there must be some merit in it'.

These kind of circular arguments and politics have defined systemds adoption and are not an accident. ...

Mod this up. WAY fucking up.

Re:Blame Redhat paranoia!

[Shane_Optima]

You should be careful with this. I don't disagree at all with the broader criticism of Red Hat's politicking; in fact in many ways I think the criticism has been far too limited. For example, their involvement in GNOME is inexcusable given not just the attitudes of the devs but also the explicit stated goals of the project.

But the longer you deny that there is any point whatsoever to systemd, the more damage you do to your cause, because it *does* do some stuff that it tricky to do in SysV. Want to change peoples' minds? Show them how to do something similar in OpenRC, or explain some other workaround. Emphasizing only the bad and pretending that the good doesn't exist usually does not end well, even if the good is overwhelmingly outweighed by the bad.

For example: containers are not fucking niche usage cases. Containers are the future of secure, robust, high performance computing. In the future, they will be widely used regardless of whether or not the user realizes that they are being used. Calling them niches that most users don't care about makes me think that he is a clueless, dogmatic fool. It makes me less likely to pay much attention to anything else he says.

Re:Blame Redhat paranoia!

He forgot to mention Lennart's pathological hatred of /bin/sh and non-stop adolescent passive-aggressive horseshit. Otherwise, bingo.

Re:Blame Redhat paranoia!

[Barsteward]

they didn't land on the moon either and the earth is really flat, here are a few sites for you to feed on, http://www.theflatearthsociety... http://listverse.com/2012/12/2...

Re:Blame Redhat paranoia!

There seems to be some confusion and misinformation on Linux containers in this thread. Systemd has got nothing to do with containers and containers can be used in sysv-init, Upstart, Openrc or any init system.

The bulk of work on userland work Linux containers was done by LXC project dating 2009 (sponsored by Ubuntu since 2012) and kernel side support came in the form of process namespaces. Docker was based on the LXC project - linuxcontainers.org untill version 0.9.

Containers use Linux namespaces to launch a process in its own namespace. Launch a chroot or pivot root in a namespaced process and you get a Linux container. Now add a network namespace to the chroot process and you have a linux container with networking. The main difference between LXC and Docker containers is LXC launches a minimal init process in the chroot/pivot root while Docker launches the app process directly.

Cgroups have nothing to do with containers but can be used to limit resouces by cpu and memory access to the container process, or any process on your Linux system. Containers do not depend on cgroups in any special way beyond applying limits.

Re:Blame Redhat paranoia!

[Shane_Optima]

. The main difference between LXC and Docker containers is LXC launches a minimal init process in the chroot/pivot root while Docker launches the app process directly.

I know containers don't depend on cgroups or any other stuff that the systemd folks hype, but it's something that systemd appears to pander to--and it's something that Poettering is specifically catering to. The issue is that different types of criticisms are being conflated:

1. Some people say that cgroups suck (in implementation or design.) Not having used it, I couldn't say, but if there are concrete reasons for saying so then OK, that's fine.

2. Some people don't like that it's a hard requirement for systemd. I'm fully on board with this criticism--it locks out the BSDs unnecessarily and doesn't appear to jive with systemd's core purpose, or rather what should be its core purpose. This is where the modularity complaints come into play: whatever Poettering wants to have cgroups for, he should bloody well keep it out of our base init system.

3. Some people say "who needs cgroups?" (or the much worse "who needs containerization?") and this makes me cringe. There are so, so many clusterfucks in this world that can be gracefully sidestepped with virtualization/containerization and anything that improves the use or control of containers is by definition a win, at least on paper (but see #1.)

#3 is quite bad for the anti-systemd cause; the response "why would you want to do that?" / "We're not concerned with that use case" is one of the most annoying things to say to anyone.

#1 may or may not have merit.

#2 is entirely appropriate, and if you can offer an equivalent or better solution on an OpenRC system (either implemented or an in-principle solution) then that would also be a great point to raise.

nuke it from orbit

[ooloorie]

It's the only way to be sure.

The failure of systemd is that ...

[fahrbot-bot]

The developers haven't stopped at what systemd needs to do and have gone on to what they want it to do, favoring the latter over the former.

Re:The failure of systemd is that ...

Yes, and that happened because someone @redhat decided they need desperately to differentiate from standard unix for some reason (Oracle), but the only one insane enough to push things and the rest be damned was that person everyone loves to hate. And the one that is supposed to keep him contained is too weak.

Both are ignored with utter contempt @LKML, because of their incapacity for producing stable external APIs and designing critical infrastructure.

Although, really, Linux should not be throwing stones at anyone about the designing critical infrastructure angle, not with shoddy crap from hell like user namespaces getting in.

Re:The failure of systemd is that ...

[thegarbz]

The developers haven't stopped at what systemd needs to do

What systemd needs to do is something known only by the developers. Now repeat after me: systemd is not just an init system.

Re:The failure of systemd is that ...

[tomxor]

The developers haven't stopped at what systemd needs to do and have gone on to what they want it to do, favoring the latter over the former.

I'm not experienced in this level of system design but I feel like your point applies to pretty much all code at some level. Yielding only to necessity seems to produce well structured code with a clear purpose, that doesn't mean there isn't an art to it still... it's just restraining that infantile attitude of "that would be cool lets add that" for every conceivable feature that pops into your head regardless of whether it's actually useful or whether it undermines and over-complicates the rest of the code.

Re: I don't hate on systemd but this is really ba

Maybe there's a bug?

So... BSD anyone?

tldr; I know back in the BSD was all proprietary and locked down-- but now-a-days it's free like Linux. Plus the sweetness of things like ZFS and jails (pardon me, but Docker (container) isn't useful unless you're a Heroku (PAAS) or Google-like entity)... Why we still on that linux tip? Video card and wifi drivers still a shit show compared to Linux?

----- Rant version -----

Some background-- I started computing on Windows, tried Linux off and on, after 5-6 years moved to a Mac, began to understand *nix, started doing a serious amount of Linux sys admin (not because I wanted to but that was back when you had to know how to run a server if you wanted to get your web app running). I tried BSD back then but was too confused by the ports system (vs something like apt) and documentation (being easily digestible blog articles written for a dumbass [myself]). Fast forward 12 years... BSD ain't scary, all the things I'd have gotten hung up on are complete non-issues (thanks Linux and Mac!).

Lately, I have been questioning a lot of decisions that are occurring at large in the Linux community (systemd being a big one) and the community itself. It's rather insane to me, our shepherds, the grey neck-bearded nerd wizards and witches decided to so quickly, replace a vital piece of infrastructure in only a few years...

Fuck whether it's better or worse, it's not battled tested. Sysvinit for all it's problems is well known; yes, there are a lot of foot guns and problems but we know about them. Things like this show how much of systemd is unknown, we have no idea of how many unknown unknowns and the severity of them lurk within systemd. This makes me nervous, since the stability of my machine, and infrastructure is at increased risk and I have no idea or way to protect myself from that risk. I also think systemd is vastly too complex (separate binaries don't themselves allow something to say it's following the unix tradition), but that's just my opinion.

There's also a lot I don't like about the community-- Torvald's lashing out at people (while entertaining) I think is a little irresponsible for someone with so much voice and power... The constant threats of violence, and harassment, to Lennart Poettering (systemd author) are unnerving and pointless at best very harmful at worst. Not that we can't be upset, swear, or be fuckin' angry-- but the nature of it, is often times without a goal in mind and largely without basis.

Along with that, there is a HUGE push to use things like Docker (more specifically containers) in the communities I'm involved with. It's not more secure (containers); while, the overhead is low, it's still there. Compared to say, running a fuckin' process (which is a process [pun] that's well known) and is more secure. ... Now 'bout BSD. It seems to me it's a community which is largely academic (this can have it's own problems), or perhaps more correctly put, scientific. This means, at least to me as an outside observer, that changes tend to be motivated by scientific advancements (this can be slow) which are demonstrably better (yay, science). It also seems to me the BSD community is largely inclusive, so long as you're using the scientific method.

Fuck look at the directory structure of any modern Linux distro and half of it is a huge WTF. I'm guilty as shit of making an /opt folder to install crap into... Why the fuck do I do that? Because each distro is slightly different, for no reason but preference of the creators (and history), but my sweet baby /opt folder is going to be consistent.

Now go read about BSD's, it's fucking organized. It's easy to understand as a result because things are clearly defined. Shit, if it is different, they'll fucking mention why it's different.

ZFS being native to BSD is also a huge win; it's probably the best filesystem on the planet. Pools, snapshots, deduplication, user/group quotas... Mmm.

Jails have been around for ages (battle tested), work with ZFS, and completel

See? I knew this was a bad idea.

[Lirodon]

This is why the mass standardization of Linux is a bad thing

Consider yourself middle-fingered, systemd

[OneHundredAndTen]

Slackware user here.

Syndrome D.

Enough!

systemd vs. init

which one is the republican?

Re:systemd vs. init

[RightwingNutjob]

init. Systemd is a bunch of Bernie Bros who think they can will away basic arithmetic to get something for nothing.

Re:systemd vs. init

Wrong! Systemd is Trump, a disaster already in progress. Init is the stoic stable proven Hillary of give and take

Re:systemd vs. init

There must be something funky in your weed bro.

Every time some Republican fuck get's in the Oval Office, they jack up spending through the roof by invading other countries, while dropping taxes on the rich. And in the end they jack the deficit through the roof--then they blame a democrat for the shit they fucked up to begin with.

Re:systemd vs. init

[RightwingNutjob]

You're right. I don't know how I could have thought that Obama's doubling of the debt from 10 trillion to nearly 20 could have been anything other than fiscal discipline.

Re:systemd vs. init

[RightwingNutjob]

Trump's a Democrat through and through. Also, I don't recall init having a feature that goes 'chmod -R 777 /; for f in `ls ~/*`; do mail -s "do not distribute, wink wink" -a $f me@hillary.com; done'. That must have been in the latest patch that I missed.

Re: I don't hate on systemd but this is really ba

[Mostly+a+lurker]

No, see the highly rated post above. There is no bug. The fact that there are problems after issuing that command is a coincidence. The server just coincidentally was hit by cosmic rays around the same time. Other reports of the same problem are similar coincidences. The systemd OS is just as perfect as the Microsoft operating system it takes its inspiration from.

not saying I told you so

but hey,

I TOLD YOU SO.

Fuck Lennart
Fuck the brain-dead SJWs at Debian who decided to ban init alernatives
oh yea and: Fuck Lennart!

Re:not saying I told you so

[Barsteward]

go back to your homework reading your book for 8 years olds.

Re: not saying I told you so

systemd fan boy hurt? oh u poor thing

Re:not saying I told you so

Lol. Hard-n00b alert!

Go back to the Devuan mailing list and/or IRC channel, throw a few more insults and generate some more of that hot air Devuan is known for.

Why did DEBIAN not consider SMF from Solaris?

[softcoder]

I am not an expert coder or sysadmin, but a quick read of SOLARIS SMF feature it would seem to address all the needs of a robust init system, without the many concerns of a too powerful/critical PID 1.
Since SMF is CDDL (I think), and an init process is not part of the kernel, why is it not possible to use a well developed and debugged (since 2006?) alternative to the legacy SYSV init method?
pgmer6809

Re:Why did DEBIAN not consider SMF from Solaris?

[ray-auch]

My guess is because CDDL is _not_ GPL compatible - at least according to the FSF (it is the reason FSF say that ZFS on Linux is a GPL violation) - and the risk that brings.

For a distribution, it is a lot of work to shift over to a new init system and a lot of work (which hasn't happened) to maintain other init system options, or to shift back. You can't run without an init, but you can switch to a different filesystem relatively easily, hence the adverse impact with a CDDL init is higher than with ZFS.

Plus RedHat probably said "we like SMF too, we're going to write a new and better version of it" - I don't think there is any secret about systemd being inspired by SMF and launchd (Apple). Now, whether it is better, or might be better when finished, is a matter of opinion, and Pottering's opinion may differ from everyone elses...

Re:Why did DEBIAN not consider SMF from Solaris?

[drinkypoo]

I am not an expert coder or sysadmin, but a quick read of SOLARIS SMF feature it would seem to address all the needs of a robust init system, without the many concerns of a too powerful/critical PID 1.

It's funny you mention SMF, because everyone I know who is familiar with it hates it with a passion that people normally reserve for... systemd.

Sometimes

when grey-haired conservative fuddy duddies warn of something, you should PAY ATTENTION even if you disagree.

In this case, the "conservative" is certainly not in the political sense, it's in the technical sense. The core philosophy of UNIX was: small dedicated programs doing discrete things (which can be easily developerd, debugged, tested, and yes... replaced/substituted. Many warned that systemd was the polar opposite and would inevitably invite this very sort of issue. The warnings were ignored because they were not consistent with what the cool kids wanted. It was much more cool to create a whole new gluttonous monster, than to do the hard work to fix a bunch of long-standing and not glamorous basic usability issues that might actually help Linux take over the desktop.

In the political sense a similar thing happened with Obamcare, where conservatives kept pointing out that the basic plan did not pass the economic "smell test", and that inevitably the rates would rise and the markets would fall apart because of the poor planning.

In both cases, the hard-charging progressives (in the technical sense for the former and the political sense for the latter) ranted and raved against the cautious conservatives flinging insults about being backwards, stuck in the mud, opposed to progress, etc rather than facing the actual criticisms, considering that thier opponents might have serious and valid concerns, and then addressing those concerns. In both cases, when the inevitable "I told you so" comments arise, the advocates of the changes get angry and complain and propose moving even further in their chose direction, without facing that the now proven problems are real and were real - they want to solve a real problem with politics and name calling.

Incidentally, before some partisan hack rates this "Troll", I'll point out that this is a trait of human nature and applies to the political right and technical conservatives as well. Some right-leaning "fiscal" conservatives love to propose reductions in social spending while ignoring left wingers who suggest some might be harmed, instead of facing the problems suggested. Some technical conservatives, particularly in places like the FAA, can actually suppress the increase in safety that modern systems could provide out of excessive fear of the risk of "new" (AOA indicators on small aircraft, and the typecerts required to put new avionics into older small aircraft come to mind)

What a great idea!

Hey, let's migrate all of Linux to systemd because that's a great idea!

While we're at it, let's cycle the power on these GE Turbofan engines on this 747 while we're over the middle of the Pacific Ocean a couple thousand miles from the nearest landing strip, because I don't know what this warning light means, but doing this worked once before. What could POSSIBLY go wrong with powering the turbo-fan engines off at 745 miles per hour, on what without its engines, is basically a flying BRICK?!? I'm sure it'll all reset and turn out just fine.

Ready?

Not surprising

[MrKaos]

I've made several requests for systemd proponents to supply a use case that SysV initd could not support and haven't received a satisfactory reply to this purely technical question. I was interested in what systemd could offer over initd. I find systemd proponents are overly veherment in their criticisms of initd proponents.

I sense this comes from an inability to address the issues raised and, perhaps a mindset that anyone who has an appreciation for initd's elegant power will simply be bulldozed into irrelevance. I think systemd's criticism of the rc scripts that starts a linux based system is valid criticism however we have to keep in mind that they were devised by Red Hat. It is dealing with rc shell scripts that are the brunt of the justification for systemd.

In that sense the unitd solution is tidy but also reveals the justification to replace initd is not based on a full understanding of its capabilities, or even an understanding of was it is, a process manager. rc scripts are only meant to prepare the system for entries in /etc/inittab, yet everyone tries to get everything done in rc, which serializes the Linux boot process. A parallell boot is completely achievable by using initd properly. I know there is more to it, like events and messaging, I'm just citing one example.

Yet I've never seen a Linux distro that's utilized initd's /etc/inittab file properly. Especially a Red Hat system. They don't use initd properly, the rc scripts are bloated with rewrites of what initd already does, and now we're replacing initd, keh? initd has yet to be utilized fully on modern linux systems.

Criticisms of sco the company aside: sco *as a distribution of unix* had an interesting adjunct feature to initd, the 'enable' and 'disable' command that managed entries in /etc/inittab, where you would configure the characteristics of the system you were running. Franky I think this is functionality is essentially

sed -i -e '/someProcess/ s/:on:/:off:/' /etc.inittab ; kill -1 1

I think initd would make a lot more sense to more people if this functionality had been available in Linux from the beginning. It is true that initd is beguiling in terms of it's simplicity wrt its power, but it is also very worthwhile. It is supposed to be small as that is where the skill is expressed.

initd is where you design the characteristics of the system, it is not an event manager and all the other things systemd is supposed to be. Something that does all the functionality systemd has, belongs as an inittab enty, not as the first process the kernel runs.

The point of a bug like this is not that it is a big deal itself, the big deal is the failure mode systemd has been revealed to have due to its complexity. This the type of concern I have about systemd, what else can trigger such a failure mode. I have seen initd in a variety of failure modes and not once has it ever consumed all system resources and disconnected running processes.

Now we've seen systemd do something that initd can't.

Re:Not surprising

[Hognoxious]

the justification to replace initd is not based on a full understanding of its capabilities

I can't fathom what it is based on. Ego? The sane decision would have been to put it there as an option and let users choose.

Re:Not surprising

[Barsteward]

Why not do your own research instead? Go and learn systemd and then compare and write up a nice unbiased report for us all to read.

Re:Not surprising

[MrKaos]

the justification to replace initd is not based on a full understanding of its capabilities

I can't fathom what it is based on. Ego?

Me either, however they are pushing systemd awfully hard to destroy a core part of Linux stability.

The sane decision would have been to put it there as an option and let users choose.

Perhaps this is RH's "Imperial" phase, they've won their market share and now they can do what they want.

Re:Not surprising

[MrKaos]

Why not do your own research instead? Go and learn systemd and then compare and write up a nice unbiased report for us all to read.

I have been learning systemd and have more and more criticisms of it as I learn more. I have test systems set up with systemd and a bunch of middleware that we used to integrate with initd.

In my experiences systemd replaces a lot of general knowledge you can apply elsewhere (like shell scripting and regular expressions) with specific knowledge about systemd's and its properties, so I'm unsure what a report would achieve considering new capabilities are added to systemd all the time.

Frankly I think I would rather spend my energy on writing some adjuncts to initd (like enable and disable) that make it more accessible. I'm open to suggestions.

Re:Not surprising

> rc scripts are only meant to prepare the system for entries in /etc/inittab, yet everyone tries to get everything done in rc, which serializes the Linux boot process. A parallell boot is completely achievable by using initd properly.

How do you handle service dependency requirements in inittab? For instance: At one of my sites I create persistent TUN devices with well-known names used by a set of unprivileged OpenVPN daemons. If those TUN devices are not up before the OpenVPN daemons start, then the daemons will fail, as they're not running as root and cannot create the TUN devices themselves.

inittab only provides you with _three_ ondemand runlevels: 'a', 'b', and 'c', so every significant service set change must be through a runlevel transition. It _also_ looks like you only have between four and seven runlevels (2, 3, 4, 5, ( and maybe 7, 8, and 9)) to play with.

rc systems (like OpenRC) can get away with using one init(8) runlevel because they have pseudo-runlevels as well as service dependency handling.

Is there some way to handle these dependency requirement without writing and launching your own dependency handler (or altering the service with the dependency to -itself- check to ensure the dependency is started)? Assume that you're planning for a system that runs ten different services that each have a couple of _different_ services that must be started (which -themselves- have some _other_ dependencies) before the first service with the dependency can start.

Re:Not surprising

[phantomfive]

Here is my take on the good side of systemd.

Re:Not surprising

[MrKaos]

> rc scripts are only meant to prepare the system for entries in /etc/inittab, yet everyone tries to get everything done in rc, which serializes the Linux boot process. A parallell boot is completely achievable by using initd properly.

rc systems (like OpenRC) can get away with using one init(8) runlevel because they have pseudo-runlevels as well as service dependency handling.

inittab only provides you with _three_ ondemand runlevels: 'a', 'b', and 'c', so every significant service set change must be through a runlevel transition. It _also_ looks like you only have between four and seven runlevels (2, 3, 4, 5, ( and maybe 7, 8, and 9)) to play with.

A runlevel change isn't processed for a b or c, only their processes executed. You could use it for your use case but I don't think it would be the most appropriate way. An event handler is a good candidate for that one, I think. In your use case I would customize runlevel 4. It will work eith way, depending on if you want to manage the VPNs or you want the system to.

How do you handle service dependency requirements in inittab? For instance: At one of my sites I create persistent TUN devices with well-known names used by a set of unprivileged OpenVPN daemons. If those TUN devices are not up before the OpenVPN daemons start, then the daemons will fail, as they're not running as root and cannot create the TUN devices themselves.

Is there some way to handle these dependency requirement without writing and launching your own dependency handler (or altering the service with the dependency to -itself- check to ensure the dependency is started)?

I would configur init like this:

First, establishing the TUN devices is the system task that should be performed by the rc scripts of runlevel 4. If they fail then the system does not enter that runlevel.

The second part is /etc/inittab is configured with a per line entry for each open VPN. Dynamic VPN is out of scope here. Each entry refers to a shell script that exits on failure. The entry for each VPN is set to "respawn".

When runlevel 4 is ready then the TUN devices are ready. You can configure your rc script to not exit or timeout depending on how you manage failure below the TUN device level (hardware or kernel level perhaps).

When runlevel 4 is running the VPNs are each respawned if they fail automatically, by init. You might also chain init states so you can have have hypervisors stay running between states but you want to control the TUN/VPN setup/teardown.

Assume that you're planning for a system that runs ten different services that each have a couple of _different_ services that must be started (which -themselves- have some _other_ dependencies) before the first service with the dependency can start.

Well that is where I would incorporate the on demand runlevels and set those processes up with their own entries in /etc/inittab set to "ondemand".

Though for a long time I've thought that initd could really use a services manager. That's actually what I thought systemd was in the first places.

Hope you find that useful.

Re:Not surprising

[jez9999]

I've made several requests for systemd proponents to supply a use case that SysV initd could not support and haven't received a satisfactory reply to this purely technical question.

Secure, efficient, centralized logging.

Re:Not surprising

[drinkypoo]

Frankly I think I would rather spend my energy on writing some adjuncts to initd (like enable and disable) that make it more accessible. I'm open to suggestions.

I think the strongest argument of what systemd has done for us is that it manages cgroups. So my suggestion is that you improve init scripts to manage cgroups. It seems like on a system like redhat or debian which uses boilerplate in initscripts that you could reasonably get cgroup support into the functions these scripts use to launch daemons. I haven't explored this seriously (too many projects already) but I did note that cgroups seem to be manipulated with very small shell commands, mkdir/rmdir, that sort of thing. A variable in the initscript's config file in /etc/default specifying any settings needed, and a tweak or two to the init script "libraries" ... what am I missing?

Re:Not surprising

> First, establishing the TUN devices is the system task that should be performed by the rc scripts of runlevel 4.

Okay. How do you make sure that those scripts are parallelized? Write the rc scripts to be sufficiently clever, or does init give you some special help here?

> Well that is where I would incorporate the on demand runlevels and set those processes up with their own entries in /etc/inittab set to "ondemand".

Okay, but you only get _three_ ondemand runlevels. From the man pages:

initab(5) ...
ondemand
              A process marked with an ondemand runlevel will be executed
              whenever the specified ondemand runlevel is called. However, no
              runlevel change will occur (ondemand runlevels are `a', `b', and
              `c').

init(8) ...
a,b,c tell init to process only those /etc/inittab file entries having
              runlevel a,b or c.

The only difference I can see between an ondemand runlevel and a regular runlevel is you remain in your current numeric runlevel when you instruct init to trigger the ondemand runlevel. _And_ from what I can see, you only get _three_ ondemand runlevels. For my example:

> Assume that you're planning for a system that runs ten different services that each have a couple of _different_ services that must be started (which -themselves- have some _other_ dependencies) before the first service with the dependency can start.

you're gonna need at _least_ ten runlevels to handle the dependencies for each of the ten services that need started. (Each service has its own _unique_ pair of services that must be started (which -themselves- have other dependencies) before the first service starts.) How can you handle this in an inittab-based startup system when you have so few runlevels? What am I missing here?

Also, unless I'm way off base, you don't get automatic ondemand runlevel switching, you have to trigger it with telinit or similar. I'm pretty sure that this means that your service start scripts will need to know to call 'telinit a' or whatever to start up their dependencies. And if you ever change which init runlevel (ondemand or otherwise) those dependencies live in, you'll need to update all affected startup scripts, right?

Am I missing something here, or do you have to do all the heavy lifting in regards to dependency management (and dependency graph maintenance) with an inittab-based service start system... and are only provided between three and ten runlevels with which to define dependency sets?

Re:Not surprising

[MrKaos]

I've made several requests for systemd proponents to supply a use case that SysV initd could not support and haven't received a satisfactory reply to this purely technical question.

Secure, efficient, centralized logging.

I don't agree that is a use case for initd or systemd, I have issues with some of the failure modes.

Whilst there are some features of journalctl that I like, it again replaces generic knowledge about grep, awk and sed with specialist knowledge of systemd. In terms of the failure modes, with the binary logging format you can loose whatever is in the capture buffer is on a system restart and you never see the final error message that crashed the system. With processes that generate a lot of logging you now have systemd handling large volumes of log messages with everything else it does.

When your processes write to filesystems you can sync the fs buffer and still have the very last bytes of the message written to log where you can figure out the issue that caused the system to fail, or decide if you want a different filesystem to separate log activity to manage disk throughput. Finally, having log secured, efficient and centralized is a matter of design. Having it centralized also means it can become a bottleneck.

Re:Not surprising

[MrKaos]

Okay. How do you make sure that those scripts are parallelized? Write the rc scripts to be sufficiently clever, or does init give you some special help here?

use /etc/inittab in that case and yes, make them sufficiently clever.

Okay, but you only get _three_ ondemand runlevels. From the man pages: The only difference I can see between an ondemand runlevel and a regular runlevel is you remain in your current numeric runlevel when you instruct init to trigger the ondemand runlevel.

Yes, so you can trigger it as many times as you want and have as many entries as you want.

Also, unless I'm way off base, you don't get automatic ondemand runlevel switching, you have to trigger it with telinit or similar. I'm pretty sure that this means that your service start scripts will need to know to call 'telinit a' or whatever to start up their dependencies. And if you ever change which init runlevel (ondemand or otherwise) those dependencies live in, you'll need to update all affected startup scripts, right?

yes, they should know that, you can do it multiple times and I would abstract that into a configuration file.

Am I missing something here, or do you have to do all the heavy lifting in regards to dependency management (and dependency graph maintenance) with an inittab-based service start system... and are only provided between three and ten runlevels with which to define dependency sets?

daemons should be smart enough not to do something dumb, like consume all cpu on respawning. If a dependency is not ready, then wait for it to be ready or check what other dependencies *are* ready. That's not dependency management, it's coding the behaviour of your daemon with intent to operate.

Other than that, your use case is fiddly, can you be more specific about what you are running?, as it sounds more like a problem of code design.

initd had similar and just as bad bugs

just as many other complex systems. The bug will be fixed, just as any other serious bugs that pop up. There's nothing news-worthy in a bug-report.

Re:initd had similar and just as bad bugs

Initd has been tested for 20 years in production and not reamed up your ass overnight.

SubjectsInCommentsAreStupidCauseTheSubjectIsTFA

[lesincompetent]

The problem is best outlined here:
https://twitter.com/systemdsuc...
Just the basic facts...

PID 1

The problem is not that software has bugs. The problem is when a tight, monolithic blob like systemd has a tiny bug that borks your PID 1 and brings the entire system down.

Yeah yeah yeah, that also includes the kernel then. But unlike systemd, the kernel is not subsuming halfa userland because NIH. Also the nature of a software construct like a kernel leaves no alternative, so you have no choice.

With systemd there's altrenative: modularize, don't cram shit up to PID 1.... don't subsume userland because politics and NIH.

I can't reproduce this bug on Debian

[julian67]

I can't reproduce this bug on Debian Stretch (testing) x86-64, up to date as of yesterday. I also can't reproduce it on Debian Stable (8.6) x86, also up to date.

The linked article starts off as an apparently informative description of a serious bug that is still current, but it soon becomes apparent that it is in fact yet another misleading and ill informed rant by one the the very tedious anti systemd hecklers/religionists/witch hunters.

Short version: the story is horse shit, click bait, a recurring cry for attention.

Re:I can't reproduce this bug on Debian

[ledow]

Because you can't reproduce, the bug doesn't exist?

I'd be looking for a commit that specifically says it patches this bug, or a closure of all related bug-reports, before I started walking off in disgust.

Re:I can't reproduce this bug on Debian

[julian67]

According to the linked article this bug affects Debian. I'm running both testing and stable versions on different architectures. They are all unaffected. I've compared the claims of "some person on the www who hates systemd" to what I can test in the real world on actual systems which include systemd (and run reliably without issues).

His claim is exaggerated at best. Hence I don't believe the bug exists *as it is described by the author*. The author apparently has an axe to grind. I don't.

I hope that's clear enough for you.

Re:I can't reproduce this bug on Debian

[ledow]

Because the distribution is the only possible factor?

Maybe you have hardware that allows things to use a different path? Maybe you have speed that the author's computer doesn't. There are LOTS of bug-confirmations in the bug report, from independent people.

Did you try it inside the infinite loop? Because even in the bug report they have to do that to get it to trigger and it can takes minutes to do so.

This is why bug-reporting, bug-detecting, and de-bugging are HARD. "It doesn't happen for me" is not a solution to a bug. Finding out where the path was that hit the bug, why that path was taken, whether that path is reasonable, and what happens when that path is taken is HARD and may bring things crashing down for some and nothing for others.

Reminds me of a guy who runs a software company I deal with a lot. I submitted screenshots of their website totally fucking up on a range of devices - Android, iPhone, tablet, smartphone, Chrome, Safari - that made it unusable. He sent me a back a screenshot of his Samsung tablet where it worked as expected.

My reply was less than polite. The bug report confirms that it DOES EXIST, AS IT IS DESCRIBED, and has independent confirmations.

Rather than make excuses, how about thinking yourself lucky and still pressing people to fix confirmed problems?

Re:I can't reproduce this bug on Debian

[julian67]

"....how about thinking yourself lucky ..."

thanks for the condescension, always a winning strategy and a great argument too.

I have Intel Atom 32 and 64 bit, Core-i#, and AMD64. I don't experience the bug. Systemd hasn't caused me any problems since trying daily image testing installers last year, and yes I filed the appropriate bug report and it got fixed.

I hear that systemd is a cause celebre amongst the disenchanted and is supposedly very bad and wicked and probably the product of a secret conspiracy hatched between Red Hat, Microsoft, Osama bin Laden and Cruella de Vil. But as an end user I find it useful and easy to customise to my preferences and have no particular objection to it. I also don't care if it gets replaced by something else that does the same job. Nor do I care about the personas of those who write it.

When I encounter bugs that bother me I file bug reports (if they have not already been reported). When I don't find bugs I don't.

When someone tells me the stuff I'm using is broken, and what is more it is inherently BAD, made by BAD people for BAD reasons, and I test it and it works fine on test as well as in daily use then to me that person's credibility is diminished.

Have a nice day.

The bug is not in systemd

[Damouze]

The bug -IS- systemd.

Use init and all your problems will disappear.

Unfortunately SystemD isn't the only one

[Casandro]

The whole "FreeDesktop" Movement seems to be about making Linux more and more incomprehensible.

My theory for why this is is like this:
There are lots of people now growing up when Windows kinda worked (since about 2000). At the same time, involvement in "Open Source" software is seen as a good career move. So they churn out some shitty badly designed code as potential recruiters cannot tell good from bad code. Also they take part in design processes without the experience necessary for this. The result are overcomplex buggy solutions which suck in manpower to maintain them.

Take a look at the *BSD people. The team maintaining OpenBSD is probably smaller than the SystemD team, yet they manage to maintain a whole operating system.

Re:Unfortunately SystemD isn't the only one

[h4ck7h3p14n37]

Take a look at the *BSD people. The team maintaining OpenBSD is probably smaller than the SystemD team, yet they manage to maintain a whole operating system.

That's because UNIX is engineered and Linux is hacked!

Na they just hate women and like little girls.

https://etbe.coker.com.au/2015...

Crippling Bug Called Systemd

[stooo]

"Multiple Linux Distributions Affected By Crippling Bug Called Systemd "

2 years, really?

[prefec2]

Systemd is new and, as people wrote it in C without proper software engineering, it has a lot of flaws. However, this is the case in many software components. Unfortunately, this bug has existed for 2 years. Really, do they have no test regiment at all? In case the bug existed without prior knowledge, then this is just unfortunate, if it existed and the systemd developers knew about it, then this is irresponsible. In any case, I expect a fix in days or better in hours.

Who Benefits?

[ytene]

[tinfoil hat]

The linked article makes interesting reading [even to a non-tekkie like me, when it describes how systemd is bloating with all sorts of additional [and buggy] functionality that takes it far beyond being an init replacement.

I am reminded of Edward Snowden's disclosures from the NSA, in which we learned that the NSA had deliberately submitted a weakened PRNG (Pseudo-Random Number Generator) to an encryption scheme with the deliberate intent to weaken it so that they could crack it easily.

When you look at the sprawling scope-creep, the poor testing and bugs like this, you have to start wondering if this wouldn't be a perfect trojan to be able to subvert an otherwise robust, secure OS...

Just sayin'

[/tinfoil hat]

Ahahahahahahahahaaaa!

Suck it! All you systemd fanboys and apologists.
We all knew something like this would occur.

Re: I don't hate on systemd but this is really ba

[Opportunist]

So issuing this command makes cosmic rays strike our planet?

Linux and systemd are way more powerful than even I could have imagined!

Semantic Logging

[ojfresdhg]

Worst feature. Ever. systemd saw this "feature" in windows, and have tried to implement it in linux as journalctl.

Semantic logging as implemented in the windows NT kernel, is a very complex framework kernel component but also very low performant, of course claims the contrary in the documented overview, but actually admits the subpar performance and non-robust implementation in other, not easily found, parts of the official msdn documentation.

For an inexperienced novice, heavily typed log messages can appear to solve problems, and such novice developers might think of untyped text causing problems. On the contrary, semantic logging, which journalctl is an obvious implementation of, do increase the complexity considerable, and many people before me have pointed out this critical design flaw. This complexity is easy to disregard in the name of heavily typed logging, complexity in software is hard to quantize, you need to accumulate experience before you realize complexity is very dangerous in software.

Logfiles that cannot be parsed by simple text based generic tools any longer is of course too complex. Instead heavy weight tools are now needed to be able to retrieve any information from systemd's behaviour. The "advanced query" functionality is said to require semantic logging. This is wrong (a lie actually), advanced querying tools for text based logfiles did already exist long before systemd was hacked together, no need to reinvent the square wheel.

Symptoms of too much complexity in software can appear in many forms, and TFS is a valid example as good as any. The bug in TFS is not unnatural, it's even expected to happen more frequently compared to more simple systems.

KISS FTW.

FTFY

The Systemd-Developerds

Normal Linux

Change it, rush it out, hammer it, hope millions of people will see your bugs

Path for Mint users?

What's the best way to get Linux Mint with sysvinit?

Re:Path for Mint users?

[DECula]

Download Slackware 14.2 iso
boot dvd of Slackware 14.2 iso
install Slackware 14.2
edit host file, change default host name to "Linux Mint"
sit back, enjoy your secure, stable OS install

Re:Path for Mint users?

Well I'd like a Debian package pool and love apt, so no.

Re:Path for Mint users?

[Blaskowicz]

There's an actual Linux Mint with sysvinit, it's LMDE 2 (debian jessie with Mate or Cinnamon)
It may change with an LMDE 3 based on debian stretch, and I think that may be likely, but I don't know afterall.

Using FreeBSD to avoid systemd

FreeBSD is great, for the most part.

I wish it had a dropbox client. I also wish it would work with my VPN.

But FreeBSD is very solid, and has a lot of nice features.

Jan 2015

[drolli]

It seems that the bug was fixed then, according to the people who did not manage to reproduce the bug on theirs systems (please read trough the comments in the linked bug description to get a impression).

Systemd tries to be two things in one

[bytesex]

The thing with systemd is that you want the executable that remains after initializing the system is done, to be super-lean and provable. Ideally, init would replace itself with another executable image after all the complex, hard work is done. And ideally, because of its complexity, the initial hard work should be done by a scripting language.

What 'su' does inside systemd is completely beyond me. That should be a separate system call.

Re: I don't hate on systemd but this is really ba

No, see the highly rated post above. There is no bug. The fact that there are problems after issuing that command is a coincidence. The server just coincidentally was hit by cosmic rays around the same time. Other reports of the same problem are similar coincidences. The systemd OS is just as perfect as the Microsoft operating system it takes its inspiration from.

/sarcasm

FTFY

Actually...

...most Linux users consider systemd as a major bug in Linux... another such bug is PulseAudio.

init or systemd

Didn't someone once say UNIX version 7 was superior to all its predecessors... AND all its successors?

I rather blame BSD for the proliferation of userspace daemons. For that matter, why did they have to go and invent a new "socket" paradigm for networking?
Why not use the perfectly good "everything is a file" abstraction? Oh well, can't undo decades of history.

Didn't work here ..

[khz6955]

Anyone else try and run the code? NOTIFY_SOCKET=/run/systemd/notify systemd-notify ""

svchost of linux

Great this piece of crap systemd is the svchost of linux

Arduino?

[GaryHayman]

Maybe it's time to use simple dedicated systems for things...?

Redhat has always been and will always be

[waspleg]

the Microsoft of Linux - although Microsoft is trying to be that now. What they've done is no surprise.

so... init has a side I've never seen?

I had no idea that init had any history of hiding a mix of classified and personal files on a secret server, then deleting tens of thousands and wiping the server "with a CLOTH?" when they are sought by congress and the courts, and also lighting the middle east on fire and getting Americans there killed while they are on the phone begging init to send help, and then blaming it on a YouTube video.

Tell me: what are the undocumented command line args for these options?

perhaps:

init -CIA for "classified Information abrogation"?

init -abandon all -blame youtube

( couldn't resist: I hate the way some people try to map everything to politics and are then surprised anybody rejects their goofball mapping )

giant attack surface

given the complexity of systemd it is possible that we will see more and more of those devastating bugs.

i wonder if this will get so bad that debian wants to switch to init back again?

Slackware 14.2

Good call, Patrick.

systemd is CRAP!

The morons responsible should be executed. It should be pulled from all distros and rolled back to init.

KISS is the accepted alternative spelling of Unix.

[psb777]

I don't want Windows slickness because you don't get slickness from Windows. Surprise surprise you don't get it from Systemd either. I have upgraded some of my boxes to Systemd. But the rest will not be upgraded. I'm still hoping for a popular alternative. Why hasn't Devuan seen wider adoption? Keep It Simple Stupid!

Re:KISS is the accepted alternative spelling of Un

Why hasn't Devuan seen wider adoption?

I guess not everyone using Linux is a conspiracy theorist and wants to deal with a Linux distribution made by n00bish junior sysadmins that love conspiracy theories :)

Re:KISS is the accepted alternative spelling of Un

[psb777]

Ad hominem. Play the ball not the man. Feel free to make a substantive point any time you wish.

Re: I don't hate on systemd but this is really ba

Well-played sarcasm does not need a sacrasm tag. In fact should not have one for that ruins it.

Systemd Ugg

It's such a shitshow I wonder why anyone with an appreciation for Unix ever allowed this to move forward. This is like taking a perfectly good operating system and making it look and work like Windows. What moron is responsible for this? They obviously have no appreciation for what Unix gave to the world: simplicity.

Re: I don't hate on systemd but this is really ba

Add this command to your autoexec.bat to speed up your PC tremendously, and reboot :

CTTY NUL

My next install.

[NoSalt]

For my next install, I think I may move over to (one of the variants of) BSD Unix.

Bullet point not real feature

[dbIII]

I suggest you actually try it with something and you will see that you will have to either greatly modify either the environment or the script unless the script is incredibly trivial.
Then consider that I'm referring to closed source software where I don't really understand what the scripts are doing and have no way to find out other than hoping a support person will relay messages from me back and forth to one of the software developers.

It's entirely impractical unless it's for something you've done yourself or something that is very well documented.
My point here is the vendors have not got it going with systemD.
If it's so trivial why do they mandate running on RedHat6 or similar for their 2016 release?
It's not just libraries since you can drag all the libraries from RedHat6 into RedHat7 without any drama if you want to run older applications.

Re:Bullet point not real feature

[F.Ultra]

ok that sucks. Too bad that the vendors that you have to deal with is so slow moving. One can only wonder why they have such complex scripts in the first place, most of the ones that I have seen have been trying to replicate functionality that is now supported natively by systemd so there I could just simply strip it away completely. Perhaps you are allowed to post these scripts somewhere so that others can see what they are trying to do if the vendors themselves are not interested in helping out.

I do feel your pain but I cannot really see this as the fault of systemd but more of these particular vendors. And it should be trivial for them so why they don't is something that they have to answer for themselves, not the first time that external vendors have not done things regardless of how trivial they are.

Re:Bullet point not real feature

[dbIII]

Too bad that the vendors that you have to deal with is so slow moving

Apparently RHEL7 came out on 10 June 2014.

And it should be trivial for them

They say otherwise but they are also dependent upon a vendor of a licencing tool to port their software to RHEL7. It's possible that the actual software I want to run works in the environment but the tool designed to stop me running the software without a valid licence does not.

Perhaps you are allowed to post these scripts somewhere

Some of it being licence management stuff I have been warned that messing with it will result in loss of licences and summoning of lawyers.
Isn't closed source software fun?

However, what does RHEL 7 give me anyway apart from a flaky init system with incredibly-verbose-commands-to-do-even-very-trivial-things and logging that is utterly useless BY DESIGN if the system doesn't come up properly? SystemD mostly appears to me to be an exercise in fixing a "not invented here" problem by a bunch who don't actually understand the system they are trying to replace at sometimes even a newbie level. Things like killing users background jobs when they close a shell session is not the sort of thing an init system should be touching even if someone thinks such a change in behaviour is a good idea (instead of an incredibly fucking stupid one that will really fuck with scientific computing).

Re:Bullet point not real feature

[F.Ultra]

Well sorry to hear that you have such a major problem. Does however sound that your problems is with your vendor mostly and not with systemd to be honest even though of course the change to systemd is what initiated the problem in the first case.

For me it has been the opposite of flaky (upstart and sysv was flaky for me) but then I have no closed vendors software to manage so I guess that I'm lucky that way. For our customers I'm that vendor and we support all the init systems out there (but the systemd one was the nicest to write and the nicest to run)

Re:Bullet point not real feature

[dbIII]

I've had machines hang due to systemD spending forever looking for a way to start something to run a USB wireless mouse dongle. I've had machines hang and had utterly no idea why and no logs later to tell me. Then later they have just worked with no changes.
In my opinion it's just not ready for rollout.
I want to be able to have a *nix system I can understand via the logs and not some fucking ghost story mysteries like running MS Windows 98 and wondering why it's not working today.
Yes it's cool on a tablet or whatever for the new kids, but in server space where stuff is supposed to boringly just work without pieces of shit deciding to "change the paradigm" and break shells it just does not fit. Something boring that just works fits that role so someone like Lennart should not be running this project IMHO. I think given his history he should be doing something new instead of breaking something that works.

but the systemd one was the nicest to write and the nicest to run

Considering the moving target and the very verbose commands to interact with systemD I must say that I am having some doubts that you actually know anything about the subject matter. It's been an utter pain in the neck for me and extremely disappointing (simple things are no longer simple, stuff goes down and nothing shows up in the logs) so I find your comment appears to be the exact opposite of my experience. I don't want to have nagios watching utterly every little service like a hawk just because systemD doesn't have it's shit together and doesn't tell me when things fall over.

Re:Bullet point not real feature

[F.Ultra]

Well I have had the very same thing happening with sysv, for example it scheduling sshd to start before networking and thus the whole boot hangs forever since the sshd script never timed out and thus the network script could never work, all due to the non parallelism of sysv. I've also had numerous remote servers hang on shutdown forcing me to drive 60 metric miles to pull the plug manually.

So yeah it sucks that your machines experienced these problems but let us not fool ourselves into thinking that there where no problems with sysv either. And no there where no logs to tell me what the problems where with my own issues above either. Since switching to systemd I atleast have had no such problems what so ever since, just to let you know that your experience is not the only one.

And what very verbose commands? is "systemctl" so much more to type than "service" that it's now seen as verbose? And "journalctl" instead of "grep x /var/log/syslog"?

All in all I just don't share your experience, and with that I do not claim that you have your experience, far from it. I just don't share it.

Re:Bullet point not real feature

[dbIII]

It's looking very much as you have "a dog in the fight" and are pushing advocacy over reality since what you written diverges so much from what I have observed.

And what very verbose commands? is "systemctl" so much more to type

Now there is the smoking gun that shows you are pushing something you do not know about. I suggest you look up the documentation for "systemctl" and then you will see the incredibly verbose arguments that a user is expected to send to it and then you will understand what I am writing about. As an examples:
systemctl isolate runlevel3.target
systemctl enable systemd-readahead-collect.service

An init system that doesn't even respect inittab - what fun!

all due to the non parallelism of sysv.

That example of a wireless mouse dongle hanging forever while systemD is trying to work out what to do with it demonstrated to me very clearly that parallelism is not something that exists throughout systemD either. That was one I was able to debug but I've seen plenty of others where the thing just will not boot and is not logging or displaying why.

Re:Bullet point not real feature

[F.Ultra]

No I don't have a "dog in the fight" or trying to push anything. If anything I could say that about you considering that you encountered some problem and then all of the sudden systemd is something that must be erased with fire. I have only ever said that it works for me and others and that if it does not work for you or you don't like it then fine do go and use something else.

The arguments might look verbose but #1 you can tab-complete, and #2 the .service/.target part is not needed, i.e you can type "systemctl start ntp" or "systemctl start ntp.service" they are equivalent. #3 yes the systemd-readahead-collect name is verbose as hell but see due to #1 all you have to do is type "systemctl enable systemd" and then press tab twice to get all the possible options.

Regarding your mouse dongle I don't know why that happens for you, I use such a dongle myself (from logitech) without any issues so it's definitely not something that breaks for all such dongles. That the init is halted is probably due to something having your mouse as a dependency of course then parallelism does not matter since it's a hard dependency for some service. Don't really know why that affects your init either, mine is enabled by the kernel and not by init so perhaps it's not the mouse per say but something that want to use it that halts?

Btw why do you spell systemd with a capital D? Having a small letter d suffix for daemons is a very long tradition within Unix so why mark it specifically with a capital letter? Do you do the same with httpd, named and so on? Just curios because I have seen so many anti-systemd people write it with a capital D like the d had some special meaning.

Re:Bullet point not real feature

[dbIII]

I have only ever said that it works for me

And a whole lot of implications that I am negligent by not changing to the new system.

Just curios because I have seen so many anti-systemd people write it

It seems to be the way it's written about to make it stand out from "system" so I've followed that trend.

Regarding your mouse dongle I don't know why that happens for you, I use such a dongle myself (from logitech) without any issues so it's definitely not something that breaks for all such dongles

It's something that should never happen on a production init system - the hardware should be logged as failed to inform the user if it can't work out to do and it should move on. It's a very good example of a design failure.

since it's a hard dependency for some service.

Should that be enough to block the system from starting at all? Design failure IMHO - something so utterly trivial should not prevent a system for starting.

but #1 you can tab-complete

Another smoking gun. You said above you wrote init scripts, where's the tab complete in your text editor?

mine is enabled by the kernel and not by init

SystemD actually did log that one so I could debug it (unlike the other mystery failures to boot on other recent fedora systems every now and again). It was attempting to start a service to run the mouse and completely hung the system when systemD's mouse service failed. The first time it hung on startup over an entire weekend. About a dozen attempted starts and trying the dongle on another CentOS7 machine isolated the design fault.
A single failed service should not hose the entire machine - EPIC FAIL.

Re:Bullet point not real feature

[F.Ultra]

Where on earth have I implicated that you (or anyone else for that matter) are negligible by not changing to systemd?

Yes I write init scripts, but on systemd machines I #1 don't since I write unit files instead which have no commands what so ever and #2 I have no need to write any systemctl or journalctl command ever in an init script.

WTF is the "systemD's mouse service"? Could you please provide more details on what model of mouse dongle this is, what the service is that depends on it, if any of this is custom things or default things from CentOS7/Fedora. A bug like this must be fixed.

Re:Bullet point not real feature

[dbIII]

on earth have I implicated that you (or anyone else for that matter) are negligible by not changing to systemd?

You seemed to be pushing very hard for me to solve my "problem" of not being on RHEL7.
As for your second bit of trying to send me on a fishing expedition into systemD innards, it evades the issue of systemD hanging merely due to not being able to start a single service and ignores that such a problem shows the "systemD is better because it starts in parallel" is a lie. It didn't continue down another branch, it had a single point of failure and it didn't deal with the failure and move on like production quality software such as the thing it is replacing does.

Re:Bullet point not real feature

[F.Ultra]

Please point out how I tried to push you to solve your problem to go to RHEL7? Since I don't even run RHEL7 myself (I'm a Debian/Ubuntu user) that would be very interesting to see indeed!

And I'm not trying to send you down a fishing expedition into systemd innards, I'm actually honestly interested in why your problem happens the way it does because due to the design of systemd and my own experience with it this should not happen so fully understanding what happened was something that I found interesting. And if there where a real bug in systemd then that could also have been fixed (I'm a developer, not a systemd developer but fixing code I can do in any project).

Re:Bullet point not real feature

[dbIII]

I'm far from the only one who has had the thing hang consistently merely due to a service not starting, a situation that should not happen in an init system of an operating system intended for production use.
It's one of many design problems and demonstrates that the "parallel" claims of fanboys who do not understand the system they are cheering for is nothing but a deluded lie.
I'm sorry kid, your fanboy shit is tedious, appears to be coming from ignorance and I will continue to use the dinosaur system you hate until something else is ready. Even back in 1994 linux was more stable than it is now with systemD.
Take a look at the bug reports instead of just mindlessly cheering. There is a focus on expand and conquer before fixing existing bugs.

Re:Bullet point not real feature

[F.Ultra]

Well then you don't know what parallel is, naturally an init cannot start services with dependencies on services not yet started, parallel or not. This is true regardless of init system used. So if that would prevent an init system to be put into production then no init system would ever be used (as I've said I have had for example sysv do just that for me on several occasions.

So now every one who does not agree with you that systemd is a sign of the end of days is a fanboy, o boy... Anyway you are free to use the old dinosaur system that I don't hate (I just think that systemd is better than sysv in so many ways, but that is not hate), different from you though I will not call you a fanboy or make other insult just because you happen to like some other system than me. Btw thanks for calling me kid, made me feel young again :)

Re:Bullet point not real feature

[dbIII]

Ah yes - the usual systemD fanboy shit of attacking the person with the bug instead of addressing the bug.
Look up parallel instead of providing a new fanboy definition that includes many single points of failure.

Re:Bullet point not real feature

[F.Ultra]

attacking? So far after dozens of posts back and forth it's only you that so far have cast insults, name calling and attacks. Perhaps you should take a while and contemplate that for a while and wonder why you constantly accuse me of the things that only you do? Questioning your knowledge on what parallel is is not "attacking the person" since you clearly have your own definition of parallel that is shared by nobody else. Had I written it in your style like "oh the usual anti systemd troll fanboi that don't even know basic computing terms like parallel, what are you, like 14?!" then you would have had a point but as it is now you don't.

Parallel have nothing to do with single points of failure. Parallel simply means that you start things at the same time. Now since services started by an init will have dependencies, not all services can be started at the same time and therefore those that have a hard dependency on service X simply have to wait for service X to finish first.

This is not new, this has been the rule for init since back even before sysv and is not some new strange definition of parallel. What systemd brought to the table (and which as I understand it was first implemented in launchd) over sysv was that some services could be started in parallel even when there where hard dependencies due to the socket activation, this however is only enabled on a service by service level since it cannot be just turned on for all services (not all will work with that).

Re:Bullet point not real feature

[dbIII]

True - you have been condescending to the point of insult (while demonstrating ignorance of the subject matter) instead of attacking.

Re:Bullet point not real feature

[F.Ultra]

Please do point out such examples then, that would be interesting to see.