Linux systemd Affected by Memory Corruption Vulnerabilities, No Patches Yet

Major Linux distributions are vulnerable to three bugs in systemd, a Linux initialization system and service manager in widespread use, California-based security company Qualys said late yesterday. From a report: The bugs exist in 'journald' service, tasked with collecting and storing log data, and they can be exploited to obtain root privileges on the target machine or to leak information. No patches exist at the moment. Discovered by researchers at Qualys, the flaws are two memory corruption vulnerabilities (stack buffer overflow - CVE-2018-16864, and allocation of memory without limits - CVE-2018-16865) and one out-of-bounds error (CVE-2018-16866). They were able to obtain local root shell on both x86 and x64 machines by exploiting CVE-2018-16865 and CVE-2018-16866. The exploit worked faster on the x86 platform, achieving its purpose in ten minutes; on x64, though, the exploit took 70 minutes to complete. Qualys is planning on publishing the proof-of-concept exploit code in the near future, but they did provide details on how they were able to take advantage of the flaws.

Thats what you get for running systemd

[Shaitan]

Giant bloated executable where trim purpose built utilities and text should be used.

Re:Thats what you get for running systemd

Sums up the mantra of UNIX design. Too bad they didn't follow it.

Re:Thats what you get for running systemd

Spot on. After reading Mike Gancarz book The Unix Philosophy, it changed how I did things. I now don't write captive scripts, keep everything in plain text, and write tools that do only one thing well. Truly an eye-opening book.

Re:Thats what you get for running systemd

[Merk42]

Good thing systemd alternatives haven't had any bugs ever!

Re:Thats what you get for running systemd

[Shaitan]

Of course many bugs have been found and fixed in them over the decades.

Re: Thats what you get for running systemd

lennart poettering! you go to your room and fix this mess this instant, young man!

Re:Thats what you get for running systemd

[pereric]

Of course there have been bugs. But software with a much smaller and well-defined scope (like only being an init system) tend to have less bugs. Also, software with better design choices and better QA tend to have less bugs.

Also, the dependencies on systemd instead of some independent standard with well-defined interfaces is unfortunate.

Re:Thats what you get for running systemd

But some people just love to restart everything from scratch and give control on every aspect of a system to a guy that produced some pulseaudio and his affiliates.

Re:Thats what you get for running systemd

I wonder if systemd people responded to those bugs like they do with some other exploitive hacks I've seen with "system works as designed, ticket closed" :P

Re:Thats what you get for running systemd

[phantomfive]

These bugs were mainly the result of improperly validating/sanitizing input. Once again. The developers weren't thinking about hostile input when they were writing code, and didn't test corner cases. It worked for them!

Re: Thats what you get for running systemd

Isnt this the problem with the whole systemd/PHP/Mozilla stack? It is overprotected

Re: Thats what you get for running systemd

[Narcocide]

Systemd, PHP, and Mozilla aren't part of any "stack" in any relevant context of the word. If you're gonna try to troll so lazily, at least figure out the context of the words you're using so your statement is logically congruous.

Re:Thats what you get for running systemd

"How" can we, the Userlanders, bring the Debians, Suses, Redhats, Ubuntus, Mints, Arches, Manjaros and their kin to "PLEASE DUMP SYSTEMD". Stop Poettering up my machines!!
The UNIX way is simple things that do ONE thing and interact well, not a bloated single binary with secret codes and non-readable logs. The season for systemd has run its course. We need a better init for Linux.

cap: warrant (for Poettering's arrest? I wish)

Re:Thats what you get for running systemd

[Eravnrekaree]

This is false, systemd is decentralized into 40 independent executables.

The basic concept of systemd makes sense, you start a list of services first and once that is complete you move onto a seperate list of services . You have unit filed which indicate after target they are a part and which one they depend on. The unit files are simple and easy to understand. An implementation quality issue is a seperate issue from the basic design pattern, the design pattern is a sound concept

You can still use SysV type init on systemd. Disable the systemd unit with systemctl disable servicename and then create a new service in /etc/init.d say /etc/init.d/servicename-sysv and link to in the /etc/init.d/rcX.d directories. that effectively moves the services from systemd to SysV style init.

Also, you can turn on text logging with systemd if you want it.

There are pros and cons to text or binary, it should be up to sysadmin to choose what works best, there is nothing wrong with having a binary capability. One place where binary can help is if you want to store to a database log data so you can have a fast search query or you want to be able to programmatically alter a configuration setting without having to parse and regenerate text files. In these cases some kind of database like SQL can work better than text.

Re:Thats what you get for running systemd

[OneHundredAndTen]

The developers weren't thinking about hostile input when they were writing code, and didn't test corner cases. It worked for them!

The developers were not thinking, period.

Re:Thats what you get for running systemd

Of course there have been bugs. But software with a much smaller and well-defined scope (like only being an init system) tend to have less bugs.

Ugh. systemd has replaced iptables and network programs now too. It's SPREADING.

Re:Thats what you get for running systemd

[Daemonik]

How dare you be reasonable and informative??? Didn't you get the memo regarding SystemD being shat directly from the bowels of Satan upon the innocent?

Re:Thats what you get for running systemd

[lgw]

You have unit filed which indicate after target they are a part

Well, that made about as much sense as I'd expect from a defense of systemd.

Re:Thats what you get for running systemd

[93+Escort+Wagon]

The developers weren't thinking about hostile input when they were writing code

You'd think, by this point in time, Poettering would be very familiar with hostile input - heck, just look at most of the systemd discussions here on Slashdot!

Re:Thats what you get for running systemd

Can someone help me out and explain to me exactly what problem systemd solves?

Re:Thats what you get for running systemd

[squiggleslash]

Of course there have been bugs. But software with a much smaller and well-defined scope (like only being an init system) tend to have less bugs

While this is technically true, all that means is that to get a true picture of which is more secure, you have to measure both the bugs in init and the bugs in those daemons systemd replaces when comparing these "smaller and well defined scope" tools to systemd.

Knowing the quality of 90% of the init scripts I've had to review, I'd be very surprised if there's any overall security advantage to init+the daemons systemd replaced compared with systemd itself.

Re:Thats what you get for running systemd

I was blown away by the part where you start a list of services and then you start another list of services. That's some revolutionary design. Of course, unit filed which indicate after target they are a part, so maybe I'm just not smart enough to understand.

Re:Thats what you get for running systemd

Can someone help me out and explain to me exactly what problem systemd solves?

Red Hat did not have sufficient control over the Linux ecosystem. systemd is effectively addressing that problem.

Re:Thats what you get for running systemd

What? You mean the monolithic shitblob we all said would introduce vulnerabilities introduced vulnerabilities? I don't habeeb it!

Re:Thats what you get for running systemd

HUGE difference

Re:Thats what you get for running systemd

It's my fault. There was a bug in an int script and rather than learn bash I decided to reinvent the wheel.

Re:Thats what you get for running systemd

We can't. Switch to BSD or deal with it.

Re:Thats what you get for running systemd

[Hognoxious]

Xzibit here - can one of the services in the list of services start a list of services?

Re:Thats what you get for running systemd

SystemD has an optional DHCP server. Apache and nginx better watch out.

Re:Thats what you get for running systemd

Everything you said is technically correct. In the same way "voltage doesn't kill, amperage does", when the discussion is about a 1.5v battery. When someone says they want text logging, they don't want systemd's text logging and all the bugs it has.. sorry, features. bug closed, working as intended. Don't want to use systemd init? Just disable it.. Ohh crap, my system is broken.

Re: Thats what you get for running systemd

Well, there's void Linux, Gentoo Linux, devuan and slackware. These are just 4 that do not use systemd. There are probably more out there.

Re:Thats what you get for running systemd

[Etcetera]

Knowing the quality of 90% of the init scripts I've had to review, I'd be very surprised if there's any overall security advantage to init+the daemons systemd replaced compared with systemd itself.

You're conflating three different things: service management, init scripts, and the daemons themselves.

Daemon code quality is out of scope. A bug in the program should be fixed or handled upstream (unless you're a 2019 dev where no one fixes anything because they don't care if it crashes as long as someone spins up another one).

Init script quality varies *heavily* by distro/ecosystem. Debian/Ubuntu scripts, in my experience, are hot messes. Scripts written to be completely distro agnostic are usually pretty bad, because typically the writer doesn't understand the differences between distros. Init scripts for RH/Fedora/EL should be fine unless there's a bug in whatever custom logic is being written in there to handle the service's unique needs. The SysVInitscript template is trivial to cut and paste.

Service management is where the bugs come in (especially because it's naturally event based). But I'd rather those bugs be isolated in a relatively small location with specific tasks and without it running as PID1 when it doesn't have to. (See: supervise/tcpserver, xinetd, etc.)

Re:Thats what you get for running systemd

[basscomm]

SystemD has an optional DHCP server. Apache and nginx better watch out.

It's been a while since I read the docs, but I'm pretty sure that Apache and nginx aren't DHCP servers.

Re:Thats what you get for running systemd

[sjames]

Isn't that a bit like a serial killer trying to excuse himself by claiming all of his victims were jaywalkers?

Re:Thats what you get for running systemd

[fustakrakich]

the design pattern is a sound concept

Not if it's so easy to fuck up. systemd is like flying the plane with the autopilot, but you're not really flying the plane. The autopilot is a black box. That is not good if you can't work the machine when it breaks down. That point was just made by Boeing in Indonesia. But, if you can shut it off, great. Just make sure you really can and keep the machine running. It sounds like there are some dependencies that would prevent that though.

systemd man bad

Re:Thats what you get for running systemd

[sjames]

The init scripts are largely irrelevant since they do their job and then go away.

As for the daemons, they are their own scope under a sane init system.

Re:Thats what you get for running systemd

[exomondo]

"How" can we, the Userlanders, bring the Debians, Suses, Redhats, Ubuntus, Mints, Arches, Manjaros and their kin to "PLEASE DUMP SYSTEMD".

Well this is exactly what Free Software is for, it's the "freedom" it grants you. You either contribute significant money or development effort to these projects such that you can influence their direction or you fork the project and take it in your own direction. Alternatively Slackware doesn't have systemd and Devuan is a project that came about from forking Debian and removing systemd so you can show your support for them by contributing money or development time to them.

Free Software has already solved this problem, it's a complete non-issue now. Just don't use distributions that include systemd and contribute to those distributions.

Re:Thats what you get for running systemd

SystemD has an optional DHCP server. Apache and nginx better watch out.

It's been a while since I read the docs, but I'm pretty sure that Apache and nginx aren't DHCP servers.

You missed the obvious hint. When does SystemDeath become a web server on top of everything else that it tries to do?

Re:Thats what you get for running systemd

[ffkom]

I wonder if systemd people responded to those bugs like they do with some other exploitive hacks I've seen with "system works as designed, ticket closed" :P

This time they used the other of their two standard responses to bug reports: Assigning blame to others - the authors of "alloca()" in this case - as a lame excuse.

Re:Thats what you get for running systemd

trim purpose built utilities and text should be used.

Because all of those trim text scripts and shell interpreters that repeated at least 15 lines per script verbatim were so good at service dependency management, and produced 100% predictable and repeatable boot sequences across distros.... /fanboism off

Granted systemd is too big and has overgrown it's original purpose, but there is a reason it exists and it's not because of it's creator's ego. It exists because it provides something that was needed and not provided by others. If you want to replace it, how about correcting the problem that led to it's creation without creating the feature creep it's become famous for? Or you could fork it, trim out the creep, and convince the distros to use your solution instead.

If you're not willing to do that, then perhaps the problem isn't systemd, but rather it's you. You who demand your old issues while contributing no solutions of your own.

Re:Thats what you get for running systemd

> This is false, systemd is decentralized into 40 independent executables.

all of them are uselsess without systemd, so decentralization is a myth

Re:Thats what you get for running systemd

[BadDreamer]

And if I want to replace one of those 40 independent executables with my own, I just do so, right? The documentation clearly describes their input and output, so that they truly ARE independent?

No?

Then how are they independent? They are a big mass with interdependent states.

And there are no discernible pros to binary logs. Something like ripgrep will search very quickly through text logs. And there is no advantage to storing binary data in a database over storing text data in a database. The opposite is true.

Re:Thats what you get for running systemd

[DrJimbo]

Too bad there is no Easy way to find distros that don't use systemd.

The #2 (MX Linux), #11 (ReactOS), and #15 (antiX Linux) distros don't use systemd.

Re:Thats what you get for running systemd

[walterbyrd]

> Granted systemd is too big and has overgrown it's original purpose, but there is a reason it exists and it's not because of it's creator's ego. It exists because it provides something that was needed and not provided by others.

Specifically what?

Re: Thats what you get for running systemd

Try gentoo or funtoo... Open-rc is an official install option. I like it and never have to deal with systemd.

Re:Thats what you get for running systemd

[scottragen]

Yes, but many have suffered through those bugs and now the software is mature with few bugs. Why suffer through it again? I feel Alan's quote which went something like: "Those who fail to understand Unix reinvent it - poorly". Seems Systemd suffers from this issue.

Re:Thats what you get for running systemd

I was blown away by the part where you start a list of services and then you start another list of services.

You're blown away by the concept of bootstrapping? wow.

Re:Thats what you get for running systemd

[Gavagai80]

It's actually true in this case. These bugs are in journald, the alternative to which is plain text logging. There has never been a security vulnerability in a plain text log file.

Re:Thats what you get for running systemd

And if I want to replace one of those 40 independent executables with my own, I just do so, right?

Yes you can certainly do that if you want to.

The documentation clearly describes their input and output, so that they truly ARE independent?

There is extensive documentation and further to that the code is available and open source. Another good way to get involved is write the docs. Documentation is very often lacking in virtually all open source projects.

They are a big mass with interdependent states.

What do you mean? There is no shared state and the fact that they are separate programs is part of what creates that separation of state dependence. Perhaps there is a misunderstanding here so can you provide an example of systemd executables that illustrates what you mean?

And there are no discernible pros to binary logs.

As the OP noted, you can simply use text mode if you prefer.

If you really dont like it then thats fine, that is the beauty of free software in that anybody can fork a project and do what they like. It just seems very suspicious when people get abusive toward others that are exercising that freedom, you were certainly free to fork the pre-systemd version and free to try to present a coherent argument to others to support your fork rather than the systemd fork. The problem is the systemd proponents went in one direction and rather that doing something and going in a different direction the systemd detractors followed the proponents and continued complaining and hurling abuse at them. A small group went off and developed devuan so this really should be a non-issue but the detractors still seem to be angrily following the systemd proponents like a bunch of hypnotized sheep rather than supporting the devuan folks (or various other non-systemd distributions).

Re:Thats what you get for running systemd

[thegreatbob]

The only hole I see in the analogy is that autopilots (as seen on commercial airliners) are typically both tested quite extensively, and multiply redundant. Suffering for being unaware of some undocumented change in the way it operates in the latest version seems to correlate painfully well.

Re:Thats what you get for running systemd

This website's got a pretty good list. I think it's where I found out about Devuan, which I now use.

http://without-systemd.org/wiki/index.php/Linux_distributions_without_systemd

Re:Thats what you get for running systemd

No one has ever been sarcastic on the internet. It's true because I read it on the internet.

Re: Thats what you get for running systemd

That is the problem, this is a project too big that blame just helps nothing and makes things worse, at least gnome had KDE and the other desktops as an alternative (at least easily available alternative), but systemd is used by default by the most popular distros, and is used by many many small parts of the OS and there are no easy alternatives.

And systemd design is still too Broadway and entrenched to be easily forked.

Re:Thats what you get for running systemd

Wontfix. Notabug.

Re:Thats what you get for running systemd

[arglebargle_xiv]

Well, it is nice to see SMSS-for-Linux follow the path of its predecessor in terms of vulns. Just wait until Poettering decides to do CSRSS-for-Linux...

Re: Thats what you get for running systemd

Read the first paragraph after the quote.

Re:Thats what you get for running systemd

[grcumb]

The developers weren't thinking about hostile input when they were writing code

You'd think, by this point in time, Poettering would be very familiar with hostile input - heck, just look at most of the systemd discussions here on Slashdot!

Yes, but he never actually processed it.

Re:Thats what you get for running systemd

The developers were not thinking, period.

The Anti-Male establishment was not thinking, period.

There, FTFY.

Re:Thats what you get for running systemd

[Erik+Hensema]

Too bad you don't know what you're talking about.

Journald is a seperate binary with exactly one purpose, which is exactly the mantra of unix design.

It's a small binary too, 123 KB on my system. ls is larger. It does use a 2.2 MB systemd library though.

Haters gonna hate.

Re:Thats what you get for running systemd

While this is technically true, all that means is that to get a true picture of which is more secure, you have to measure both the bugs in init and the bugs in those daemons systemd replaces when comparing these "smaller and well defined scope" tools to systemd.

If a smaller program is buggy I can use a better written alternative or rewrite it myself if I have to.
Doing the same for a large program is a bit more problematic.

Re:Thats what you get for running systemd

The Slashdot posts were actually used in this attack. It took 70 minutes to exhaust the target system memory with them.

Re: Thats what you get for running systemd

Then the problem should be easier to fix or there might be an alternative for those faulty modules.

Re: Thats what you get for running systemd

2.2 MB is huge and wasteful

Re: Thats what you get for running systemd

It's shared among all systemd services. It's not like GNU libc which is larger than an entire Linux OS using leaner libc versions.

Re:Thats what you get for running systemd

If you're pedantic enough, all analogies are invalid.

Someone: This pan feels cold
Pedantic : Cold doesn't exist.
Internet: Technically correct.

Re:Thats what you get for running systemd

[Severus+Snape]

This is kinda funny.

journald single purpose is replace plain text in files to binary, antithetical to unix design.

While you're correct, journald has it's own binary like all the other bits of systemd. This does not necessarily mean the underlying code is modular.

Pure Poettering inspired incompetence

[nyet]

Looking at the code, all three of these bugs are inexcusable. The systemd devs really are incompetent.

Re:Pure Poettering inspired incompetence

[lgw]

They didn't just copy Microsoft's init system and service manager, they copied Microsoft's attitude towards security and code quality.

Re:Pure Poettering inspired incompetence

And this is the actual reason why people don't like systemd. It's quality is bad and when it crashes the kernel panics.

Re:Pure Poettering inspired incompetence

[thaylin]

And this is the actual reason why people don't like systemd. It's quality is bad and when it crashes the kernel panics.

We all panic.

Re:Pure Poettering inspired incompetence

Or perhaps Microsoft now runs it? Didn't think of that did you Mr. Smartypants?!

Re:Pure Poettering inspired incompetence

[Chris+Mattern]

Yeah, but when the colonel panics, it's bad for the whole regiment.

Re:Pure Poettering inspired incompetence

[kronix1986]

Absurd comments like this highlight why Red Hat and all major distros no longer care about enthusiasts. They do something ridiculous (adopt systemd, break 40 years of Unix conventions, creating a tightly coupled architecture) and your first instinct is to start whining about Microsoft.

Re:Pure Poettering inspired incompetence

[nnull]

Is it too late for "I told you so."?

Re:Pure Poettering inspired incompetence

[lgw]

Systemd is a straight-up copy of the way Windows does things. That to you is "whining about Microsoft"? Making Linux more like Windows is exactly what no one was asking for.

Re:Pure Poettering inspired incompetence

Have fun finding all the potential bugs in this function.

Re:Pure Poettering inspired incompetence

How do you know, have you looked at the code?

Re:Pure Poettering inspired incompetence

[shoor]

Yes, there are comments referencing Microsoft. It would be amazing if there weren't. But I would say they are the minority of comments. There are plenty of people with lots of expertise and experience who raise sound questions about systemd, and the whole process of how systemd got adopted is rather fishy.

Re:Pure Poettering inspired incompetence

[Seven+Spirals]

I won't argue. However, I'd like to point out that Red Hat is pretty much as corporate as it gets nowadays. I'd point out several negative trends for them. First, they just got bought by IBM. Second, did anyone besides me wonder why they waited until 7.0 to properly integrate XFS (yes, I know about the add-on RPMs for 6.x but they were not supported at install-time and came too late)? How about their failure to really fix/embrace BTRFS while ZFS just beats seven shades of snot out of anything Linux has in-tree (yes, I know about ZFS for linux, but it's hack-on that will never gain enough acceptance due to the license schism). Of course, then there is the fact that iptables syntax and features have done nothing but get uglier (especially when compared with PF or netfilter on other OSes). What about Red Hat intentionally dogging LVM2 updates even with giant bug-backlogs? How about RHEV and GlusterFS? Have those displaced VMware or has GlusterFS pushed Ceph out of the HPC space? No and nope. From where I sit Red Hat has been resting on their laurels (what little they've got) since about the RHEL5 days. It certainly always looked corporate and never very friendly to "enthusiasts" anyway. Even when I used to bother with Linux at home for fun (as opposed to holding my nose and learning the internals at work) in the pre-systemd days I'd turn to Slackware, Debian, Gentoo, Arch, or something weird like GoboLinux or VectorLinux. Why waste time with RHEL? I have to use that all the time in corporate environments and it smells like an old gym sock. It's not that I don't know it or can't use it, it's just that it sucks a lot worse than most things. After systemd I only spend time with Linux during new releases to learn the changes. Then I bail out back to BSD where both the past and the future are very bright and one has fewer angry retards to contend with vis-a-vis Linux.

Re:Pure Poettering inspired incompetence

Do you understand the difference between copying a design approach, and copying code? Because it sounds like you're too stupid to understand such a simple thing.

Re:Pure Poettering inspired incompetence

[93+Escort+Wagon]

Systemd is a straight-up copy of the way Windows does things.

I dunno... it seems to me that systemd is more of a wannabe clone of Apple's launchd that came about because Apple wouldn't offer launchd under the GPL.

Re:Pure Poettering inspired incompetence

[phantomfive]

That is true, when he started designing it, Lennart had Apple's launchd in mind.

Re:Pure Poettering inspired incompetence

[phantomfive]

Could be worse, they could be IBM. Oh, wait......

Re:Pure Poettering inspired incompetence

[TimMD909]

And this is the actual reason why people don't like systemd. It's quality is bad and when it crashes the kernel panics.

I don't see what you're getting all worked up about. Take your meds, and chill out.

Re:Pure Poettering inspired incompetence

[nsaspook]

These bugs are mindbogglingly stupid. Damn, I'm glad my systems are systemd free.

Re:Pure Poettering inspired incompetence

Um, Linux has consistently had more bugs than Windows.. unless you live in an alternate reality.

https://www.cvedetails.com/top...

lols..

Re:Pure Poettering inspired incompetence

It can be a major problem, but not in general.

Re:Pure Poettering inspired incompetence

fewer angry retards to contend with vis-a-vis Linux.

Who says Linux has all the fun?

Did you know that "Days of our lives" has been renewed for its 55th season? Drama is everywhere, and is very popular.

Re:Pure Poettering inspired incompetence

Yes, there are comments referencing Microsoft. It would be amazing if there weren't. But I would say they are the minority of comments. There are plenty of people with lots of expertise and experience who raise sound questions about systemd, and the whole process of how systemd got adopted is rather fishy.

And nobody in the SystemDeath community, much less the acolytes in the distros that accepted SystemDeath "as religion", listened to those people with "minority comments".

The SystemDeath supporters simply sweep away comments and concerns by calling the nay-sayers "grey neck beards", much like Leftists in Amerika call everyone that disagrees with them "racist", "white supremicist", and/or "facist".

Re:Pure Poettering inspired incompetence

I privately thought this was an admirable sentiment.

Re:Pure Poettering inspired incompetence

[hawk]

Poorly knocking off an apple product?

How much more microsoftish can you get?

hawk

Re: Pure Poettering inspired incompetence

Faggots like you are just one reason I use FreeBSD.

Re: Pure Poettering inspired incompetence

Too bad Linux won't copy Microsoft and develop a stable driver ABI.

Re: Pure Poettering inspired incompetence

Maybe the URL below will help you out:

https://www.dictionary.com/browse/humor

Re: Pure Poettering inspired incompetence

poettering in, garbage out

Re:Pure Poettering inspired incompetence

[thegarbz]

is exactly what no one was asking for

Except for developers, and distribution maintainers. In fact many of them have attempted at some point to create something like systemd.

Claiming it was something no one was asking for is speaking out of ignorance, either willful, pretending that there isn't a group that thinks differently from you, or accidental such as never having read a mailing list on the topic.

Re:Pure Poettering inspired incompetence

I gotta say, yes, it is whining about Microsoft.

Whining about Microsoft is a time-honored pastime of Linux devotees. On literally any topic, any discussion, some Linux fan will make a disparaging remark about Microsoft, Windows or Office. And no matter how out of place it is, the rest of the Linux fans stand up and cheer.

What does systemd have to do with Microsoft? Was it a Microsoft employee who created systemd? I know, Microsoft put in an enhancement request that led to systemd. No? Perhaps Microsoft sued Canonical and forced them to replace init? I know, Microsoft adopted systemd in Windows 10 in an Embrace and Extend strategy, hoping to sink Linux by sinking Windows!

You people are as predictable as lemmings. For a group that prides itself on being "smart" and "independent" and "free", it's not a good look. Frankly, you are f'n obsessed with Microsoft and you need to let it go. It's unhealthy and it makes you look like amateur wankers. This thread and every other Linux thread is overrun with childish insults toward Microsoft.

Want to know what looks good, professional, grown-up and not defensive? Promote your product on the merits. Leave Microsoft out of it. Seriously, you don't get to refer to Microsoft even once for a change. Linux is great but the wankers who feel they have to trash Microsoft, no matter how off-topic and irrelevant that is, those people are bringing Linux down.

Open source fail version 4982497823824

"Meritocracy!"

Re: Open source fail version 4982497823824

yeah i hate women too

Re: Open source fail version 4982497823824

meanwhile, in redmond...

Re:Open source fail version 4982497823824

There is some truth to this. Linux is just a kernel, but there are myriad userland programs, toolchains, and other ancillary software bits that make up a GNU/Linux system. Linux (full system/any distro) is so balkanized. Companies like Red Hat employ the programmers who write stuff like systemd/pulseaudio, etc., so they automatically steer the direction every other distro must go in. I was shocked when Debian adopted systemd, and now more and more software has to have it as a REQUIREMENT. This is one reason I like KDE. I've been using it as a desktop since 1998. I use Kate and Konsole all of the time, and my workflow revolves around them.

BSD, on the other hand, for all its own faults, is not "grown" like Linux, but engineered. It's a full OS in its own right and end users can install their own preferred userland and ancillary software. I'm really close to just adopting FreeBSD.

Re: Open source fail version 4982497823824

Linux hasn't been niche for at least a decade. It's in more widespread use than anyone ever imagined.

Re:Open source fail version 4982497823824

[Shaitan]

"niche operating system"

The 90's called and want this argument back.

Re: Open source fail version 4982497823824

Must be terrible for you.

Women are great. And there are many great women coders.

But SJWs corrupt, spoil, degrade, and ruin everything.

Re: Open source fail version 4982497823824

[Shaitan]

It's been at least a couple decades. Today, Linux is more widely used than literally anything else.

Re:Open source fail version 4982497823824

Exactly. You didn't see this sort of crap until the SJW drones invaded.

That's right, there were immediate exploits like the Morris Worm.

Re:Open source fail version 4982497823824

[HiThere]

While that enhanced the security, that wasn't the basis of it. Simple reliable design that could be reasonably debugged was the basis. Also code that large numbers of people could read and understand. (No, not everybody. And I never bothered to learn to. But large numbers.) This, of course, requires that the code be relatively simple. Which means modular, with limited externalities.

Systemd is a massive failure in ever one of these respects, and I suspect intentionally so. I don't mean I'm certain. It could just be a worship of centralized power finds a different design of software more pleasing. Or there could be some other reason.

Re:Open source fail version 4982497823824

[HiThere]

There were many intermediate exploits. But they were relatively easy to fix, and fixed relatively quickly. As the software groups have gotten larger, this has become less and less true.

The complaints about "SJW drones", "codes of conduct", etc. aren't totally without merit, but their validity has more to do with the fact that they only become relevant in larger projects. But larger projects *need* more oversight and administration. (Also, larger projects tend to exclude the kind of people most likely to complain about such oversight...and anyone excluded is likely to feel unhappy.)

Re: Open source fail version 4982497823824

[doom]

I have this fantasy where we lock the SJWs and ASJWs in a room together, and let them fight it out for eternity amongst themselves. Kind of like the end of that bad Star Trek episode.

Now do you think you could go away and stop bring up the same point over-and-over in this ground-breaking discussion of systemd?

(Yes, I know. "Let That Be Your Last Battlefield". Third season, of course.)

Re:Open source fail version 4982497823824

LOL. You saw it before and you will continue to see it.

Linux is not now, and never has been, a meritocracy.

Re: Open source fail version 4982497823824

An ASJW is someone the SJWs have already come for.

You yourself will one day be either one of the other. The SJWs will not allow neutrality.

Hope for your sake, though, that you can hold on for some time to go. It is far more pleasant, to be sure. But in the end, the choice will be forced on you.

Re:Open source fail version 4982497823824

It was a lot closer to one than it is post CoC Linus.

Re:Open source fail version 4982497823824

Every major fuckup (like this one) happened before the CoC. Again, Linux has never been a meritocracy. IT HAS ALWAYS SUCKED. You imbeciles have just had your heads up your asses for so long you think the smell of shit is normal.

That's what you get for trusting morons

Go google it

And Jane face it it's been a while

[AlanObject]

I haven't seen a systemd thread for quite some time around here I guess we're due.

Some of the rants and raves are actually pretty good.

Yet I can't help wondering how much of it is really just people who resist change because they don't want to learn something new. The init/upstart process was easy enough to understand but clinky and as full of problems as systemd really. Except, of course of the most common use cases where it had been worked out.

As for these bugs they don't seem to be making much of an industry problem.

Re: And Jane face it it's been a while

new things are great! alternatives are wonderful! systemd is just awful.

Re:And Jane face it it's been a while

New isn't always equivalent to better, and my biggest objection to systemd is the fact that it's gone way past an init system. It has way too large a scope for what it was supposed to be and a core team that doesn't have the skill to keep up with that scope.

Mr. "My-printer-is-not-a-file" should probably go back to working on Pulse.

Re:And Jane face it it's been a while

[110010001000]

I don't know about that. These errors seem pretty basic if you look at the code. How did it even pass a LINT-style static check? Are they not doing any static code analysis? The entire codebase seems suspect based on these issues. There could be thousands of these in the code.

Re:And Jane face it it's been a while

" they don't want to learn something new" - that's poorly architected, poorly written, and shoved down their throats? No, they don't. Surprise.

"init/upstart process was easy enough to understand but clinky and as full of problems as systemd really" - pure bullshit.

Re:And Jane face it it's been a while

Change isn't an unalloyed, universal good. This is the rhetorical legerdemain that is used to get either dismiss skeptics or bring them aboard.
We've been brainwashed with enough of that sort of thinking.

Re:And Jane face it it's been a while

[mark-t]

It's less about resisting change and more about resisting stupid.

The problem with systemd is that its design is wholly antithetical to the Unix philosophy. It is nothing less than a tragedy for Linux that something like it has become so tightly integrated into as many distros as it has.

Re:And Jane face it it's been a while

[Jonathan+C.+Patschke]

Yet I can't help wondering how much of it is really just people who resist change because they don't want to learn something new.

Probably a good chunk.

That said, init and upstart solved problems in a fairly small domain: starting daemons in dependency order. SMF, launchd, and a few others did the same thing. They sucked to learn, but they gave us parallel startup, services that could start in response to events (logins, socket connects, etc.) and that was worth some relearning.

Things that systemd has embraced into its scope that SMD and launchd did not include:

• System logs
• Control groups
• Resource accounting
• User session management
• Power management (suspend/resume)
• Time synchronization
• Temp file cleanup
• Name resolution
• Hostname setting
• Privilege escalation
• Disk, Volume, and Metadevice discovery

Thanks to RedHat's backing, the systemd developers have a bully pulpit to force policy on Linux users everywhere. Like when nohup stopped working by default. The usual rationale from Poettering and company are that things are "broken" or "nobody needs that."

Right now, on my Debian box, in ~root/ is a script called thanks-systemd.sh. It mostly boils down to: cd /dev ; for i in dm-? ; do ln -s ../$i mapper/$(cat /sys/devices/virtual/block/${i}/dm/name); done

Because for about two weeks my system stopped autobooting due to some churn between LVM2 and systemd. LVM2's worked nigh-flawlessly for 20 years, and its semantics haven't changed.

It's one thing to change a clunky misfeature (init scripts) in some jarring way to make them better. It's quite another to take over most aspects of systems management, do them differently "just because," and break random things because of scope creep.

Re:And Jane face it it's been a while

Does it still murder your screen sessions and nohups by default when you disconnect from SSH? I also see that your ability to damn with faint praise is finally reaching adult levels. Captcha: illness

Re:And Jane face it it's been a while

[Etcetera]

Yet I can't help wondering how much of it is really just people who resist change because they don't want to learn something new. The init/upstart process was easy enough to understand but clinky and as full of problems as systemd really. Except, of course of the most common use cases where it had been worked out.

Gonna call citation needed on that, especially if you're combining them as "init/upstart".

upstart, when primarily running as a traditional SysV init (meaning handle initial setup procedureally, then execute an rc script which executes a series of rc#.d/ scripts, which is how upstart was used in RHEL6, for example, was neither "clinky" nor "as full of problems as systemd".

A primary reason so many people have problems with systemd is that it intermingles the complexity along its entire axis of execution instead of isolating it in a discrete manner. Any time you have event-based management you have the potential for intermittent problems, race condition security issues, memory bugs, etc.

In previous init systems, persistent management or event mechanisms hung *OFF* the init path and only affected their own children or the services under their control if something went wrong. (This goes for all service managers: inet, xinetd, supervise, whatever.) Meanwhile, the init path is controlled by one-time scripts and as minimal an event mechanism in PID1 as possible.

Now, all that complexity happens as PID1, or communicates back to PID1, or relies on IPC between the two that is not particularly tight and isolated. Waaaaay more potential for chaos results here, which is why these types of holes are more and more likely to occur.

Re:And Jane face it it's been a while

[Shaitan]

"The init/upstart process was easy enough to understand but clinky and as full of problems as systemd really."

No, it really wasn't. You are confusing user error with the actual utilities which were rock solid. There was some functionality missing but alternatives existed, they largely weren't widely adopted because that functionality just didn't offer enough benefit to be worth it.

The problem with systemd is that it was a solution that was built and broke all *nix design philosophy. Every layer of complexity added to a framework adds an order of magnitude of probability for error and trades flexibility for tight integration. If a bug does come up it will be fixed almost immediately with small and efficient utilities because you aren't debugging a complex behemoth you are debugging a tiny and simple application.

Re: And Jane face it it's been a while

[Shaitan]

^ this

Re:And Jane face it it's been a while

We completely fucking ignore systemd and all are daemons are still bash scripts that we don't let systemd touch.

Re:And Jane face it it's been a while

$0.04 has been deposited to your account.

Re:And Jane face it it's been a while

[Seven+Spirals]

It really does just suck. It's not haters, it's not bias, it's not politics. It's also not only people resisting change, Systemd is just flat out technically inferior. Bad choices were made and the chickens definitely are coming home to roost. I get a *lot* of calls from frustrated/confused sysadmins who run into issue after issue with systemd. From subtle problems from malformed unit files to clear-as-mud dependency graph issues between units. Yes, they are fixable most of the time but systemd just throws obstacle after obstacle into your path. Want to know why something didn't work? Well, there's journald hording your logs as binary. Hope you have the magic decoder when your system crashes and journalctl pukes. I dug into systemd deeply because I support Linux and other systems professionally. I've studied a lot of the code to run down bugs or issues. I learned it quite well and it seems obvious that I know it's internals better than it's cheerleaders do. It shouldn't be this controversial. The only reason it is stems from the leadership folks not wanting to lose face and admit they made a serious mistake. Systemd sucks on it's own. It doesn't need fixing, it needs replacing. It's bad design that violates the "do one thing and do it well". It does a zillion things: all poorly.

Re:And Jane face it it's been a while

Not all change is bad. In fact, anything to tidy up Linux is generally a Good Thing.
SystemD is the exact opposite of a Good Thing. It has only made things more convoluted and buggy, especially with regards to corruption during fatal system errors.
Not to mention Harry Potter himself is a fucking moron who doesn't even understand most of the standards he tried to replace. Whodda thought a retard would want to replace things he doesn't understand?
That bug that deleted entire partitions was the cherry on top of how much of a fuck-up he is. "Intended behaviour" lol.
The sadder thing is the obscene number of idiots that have backed him and converted their distros to it.
It makes me think back to the other week with Win10 reaching more marketshare than Win7. A sad thing indeed. Both that it took this long and that it happened. Win10 is objectively worse for Windows than systemD is for Linux.
Win10 has an army of Poetterings behind it.

Re:And Jane face it it's been a while

I haven't seen a systemd thread for quite some time around here I guess we're due.

Some of the rants and raves are actually pretty good.

Yet I can't help wondering how much of it is really just people who resist change because they don't want to learn something new. The init/upstart process was easy enough to understand but clinky and as full of problems as systemd really. Except, of course of the most common use cases where it had been worked out.

As for these bugs they don't seem to be making much of an industry problem.

How much of systemd is due to people who don't want to learn something old? It's always more fun to design from scratch than to actually understand the reason why it was done that way.

Re:And Jane face it it's been a while

That's ONE problem with systemd. Problem #12,418 is "You can't call systemctl from a udev handler (undocumented)". Problem # 252,375 is "IgnoreSIGPIPE is the default".

Captcha: destroy

Re:And Jane face it it's been a while

[SigmundFloyd]

Yet I can't help wondering how much of it is really just people who resist change because they don't want to learn something new.

Personally, I refused systemd after learning it. So there's that too.

Re:And Jane face it it's been a while

[SigmundFloyd]

Right now, on my Debian box, in ~root/ is a script called thanks-systemd.sh

I heartily recommend Devuan.

Re:And Jane face it it's been a while

The problem is, upstart failed miserably at the one thing it was supposed to be good at (launching and keeping track of processes). For all it's many faults, systemd gets that right.

Re:And Jane face it it's been a while

[HiThere]

Most people have either become resigned to systemd, or switched to something that doesn't use it. So one would expect the threads to decrease. I also haven't heard anyone say they liked it recently. (And I still don't. But I haven't switched yet because doing so would be a major inconvenience. But when I set up my next system, I probably will avoid systems that use systemd. So far I haven't seen *ANY* benefits, and I've experienced, and continue experiencing, many small irritations. I'm definitely considering devuan, but I'm even considering Unix. Unix would be a problem during transition, because my current partition formats are incompatible, so I'd have to set up an new series of backups in a format that both systems could handle for the intermediate period....so devuan has the inside track. Or Slackware. Or something that I haven't noticed yet. Or perhaps some version of Unix will become able to read/write ext4 partitions. Lots of possibilities, no real decision, but the fact that I haven't been saying bad things about systemd recently sure doesn't mean that I like it.

Re:And Jane face it it's been a while

[mark-t]

Sure... and guess what?

It's not.

Re: And Jane face it it's been a while

What?

Re:And Jane face it it's been a while

Yet I can't help wondering how much of it is really just people who resist change because they don't want to learn something new.

Welcome to the real world where to be accepted by real people change has to offer a compelling value proposition to justify resulting disruption.

Re:And Jane face it it's been a while

systemd caused some serious downtime on a server the first time I built a machine with it as the init system. Every reboot would lock up in some race condition where one of the partitions refused to unmount, forcing me to physically walk to the machine (luckily I was not working remotely). I've had other machines where the default distro-packaged daemons started up in the wrong order. There's no purpose to parallel boot ups for servers. "Ooh, I shaved 25 seconds off of the Linux boot while it takes 420 seconds for the BIOS to test the RAM and the RAID card to confirm the array structure"

Re:And Jane face it it's been a while

[phantomfive]

A primary reason so many people have problems with systemd is that it intermingles the complexity along its entire axis of execution instead of isolating it in a discrete manner.

Mmmmmmmm what a beautiful sentence.

Re:And Jane face it it's been a while

> logs as binary.

I don't have a problem with that especially since specifying the service with -u easily gives you just the logs for that service rather than having to weed-out appropriate messages from /var/log/messages, but dropping log messages is inexcusable.

Re:And Jane face it it's been a while

Can someone help me out and explain to me exactly what problem systemd solves?

I can assure you the code is robust. There is nothing to see here. Move along.

Sincerely yours,

The NSA

Re:And Jane face it it's been a while

Likewise. I've been enjoying Devuan for a few years now and I don't have to worry about the next time Lennart throws his toys out of the pram over valid criticism.

Re:And Jane face it it's been a while

You do understand that the init system is a completely separate code base from all the other things that are part of the systemd project, right? The systemd init system is literally just an init system and, again quite literally, nothing more.

If you're gonna bitch about nonsense, at least make it non-obvious nonsense.

Re:And Jane face it it's been a while

Mr. "My-printer-is-not-a-file" should probably go back to working on Pulse.

BY NO MEANS - it's starting to be tamed (by somebody else) into something almost useful.

Re:And Jane face it it's been a while

[greenwow]

That's even more frustrating after you waste a bunch of time debugging then when you resort to starting the service at the commandline, it shows a clear error message.

Re:And Jane face it it's been a while

[Jonathan+C.+Patschke]

Yep. I run it and love it on my Linux systems at home. At work, though, I have to deal with systemd all day, so I run Debian unstable.

The Devuan folks have an uphill battle ahead of them, though. More and more software is getting sucked into the systemd ecosystem because of its heavy-handed policy and vast market share. They might find themselves having to support forks of fairly complex tools just to keep that dependency away.

By the same token, systemd just might make a whole lot of Linux software Unix-incompatible.

Re:And Jane face it it's been a while

Every reboot would lock up in some race condition where one of the partitions refused to unmount,

Damn... I see the exact same thing on my home systems.

They're beefy systems with some cross machine NFS mounts, but still, the damned init system shouldn't refuse to shut the machines down. I never saw that problem before systemd. Now, the boxes just won't cleanly shut down any more.

I'm glad you wrote your experience: I thought it was just me!

Re:And Jane face it it's been a while

Yet I can't help wondering how much of it is really just people who resist change because they don't want to learn something new.

Probably a good chunk.

That said, init and upstart solved problems in a fairly small domain: starting daemons in dependency order. SMF, launchd, and a few others did the same thing. They sucked to learn, but they gave us parallel startup, services that could start in response to events (logins, socket connects, etc.) and that was worth some relearning.

Things that systemd has embraced into its scope that SMD and launchd did not include:

• System logs
• Control groups
• Resource accounting
• User session management
• Power management (suspend/resume)
• Time synchronization
• Temp file cleanup
• Name resolution
• Hostname setting
• Privilege escalation
• Disk, Volume, and Metadevice discovery

Thanks to RedHat's backing, the systemd developers have a bully pulpit to force policy on Linux users everywhere. Like when nohup stopped working by default. The usual rationale from Poettering and company are that things are "broken" or "nobody needs that."

Right now, on my Debian box, in ~root/ is a script called thanks-systemd.sh. It mostly boils down to:
cd /dev ; for i in dm-? ; do ln -s ../$i mapper/$(cat /sys/devices/virtual/block/${i}/dm/name); done

Because for about two weeks my system stopped autobooting due to some churn between LVM2 and systemd. LVM2's worked nigh-flawlessly for 20 years, and its semantics haven't changed.

It's one thing to change a clunky misfeature (init scripts) in some jarring way to make them better. It's quite another to take over most aspects of systems management, do them differently "just because," and break random things because of scope creep.

I find it interesting that you need a script to fix a specific feature of SystemDeath, but it mirrors my own experiences with SystemDeath and "/dev/null".

It seems like every update to SystemDeath binary "blobs", or one of SystemDeath's libraries, or even udev, screws up the permissions on "/dev/null".

It's always one of those 3 based on my own research, but I won't bother with a bug report to the SystemDeath devs because they will likely close it with "WONT FIX - not a problem, works as designed".

When "/dev/null" permissions are screwed up then "apt update" in Debian fails to work properly; the list of available updates cannot be parsed and displayed using "apt list --upgradable" because the temporary files needed to do that cannot be created.

So I did some searching online and found other people having a similar or same issue with "/dev/null" permissions and their fixes to it.

The best fix I found was a simple script that, when run as root, is used to reset "/dev/null" permissions back to the permissions that it had when the system was installed.

I run this script on every reboot, but I may have to start running it as a weekly cron job just to make sure that "/dev/null" has the proper permissions that the system, not SystemDeath, expects it to have.

Re:And Jane face it it's been a while

[epyT-R]

change is not axiomatically good or bad.

Re:And Jane face it it's been a while

It is nothing less than a tragedy for Linux that something like it has become so tightly integrated into as many distros as it has.

Or to rephrase that, you're upset that there are a whole lot of people who don't agree with you. You don't have to use systemd, none of these distros need to either if they don't want to. It's a different point of view and you're not in any way bound to accepting it so just move on.

Re:And Jane face it it's been a while

[mark-t]

What I'm upset about is that it systemd runs counter to the Unix Philosophy, which is somewhat more widespread than my insignificant opinion.

Re:And Jane face it it's been a while

What are you talking about?

It's working exactly as designed as it:

1. * Turns every other other major distribution into second tier competitors trying to stay compatible with RH.
2. * Invalidates any prior knowledge related to "Unix" or "Linux" in general.
3. * Drives customers into the certification and support folder for RH, which is where they make their money.

Win, win, win. For RH, that is. The rest of us, not so much, we get a new Microsoft...

Re:And Jane face it it's been a while

And yet X is a large monolithic design that does lots of stuff with a Captive interface and completely violates the Unix Philosophy.

As do 99% of software you're using, right now.

Unix Philosophy is a good philosophy but if you follow any rule 100% regardless of reality, you're a Zealot and not a Realist.

Reality, systemd has made timed and dependency based init systems completely reliable. Init was a pain in the ass for this. Yes possible but hand-coded, all the time, and fragile when copy/pasting your dependency code between init scripts.

Systemd haters must use it so much to hate it...like all day every day. becausae the one time a month i'm stuck with using a systemd tool, i don't hate it..much like how people in Technical Support hate their product since they only deal with the problems all day.

Re:And Jane face it it's been a while

[thegarbz]

Thanks to RedHat's backing

And Debian. Pretending like this is RedHat's doing is just ignorance.

Re:And Jane face it it's been a while

LVM2 nodes in /dev/mapper/ is obsolete since before systemd first stable release. You can find them in /dev/name-of-vg-pool/.

Details here:

[BringsApples]

In case you're interested to know the breakdown...

Re:Details here:

Memory safety violations.

Re:Details here:

Wow. They're really into "System of a Down"

Re:Details here:

[SCVonSteroids]

"The orange light that follows will soon proclaim itself a God."

Re:Details here:

[BringsApples]

It's worth pointing out that the link that I just posted, and received '5 Informative' mod, is the same exact link that was provided in the summary.

SystemD

Is SystemD, acronymous for System Dump ?

Re:SystemD

CystumDerp

This is non-news

[gosand]

for me... I switched to Devuan a few months ago.

Yes, I know there are plenty of bugs and vulnerabilities to go around, but based on the frustrations that systemd caused me, I think I am afforded a bit of schadenfreude.

Re:This is non-news

[Freshly+Exhumed]

Devuan for sure! Interestingly, MX Linux (steadily climbing up DistroWatch's page hit rankings to #2 at present) allows installation without systemd, but I don't know whether MX has gone to the extent of Devuan in actually ripping it out or just working around it.

Re:This is non-news

I've gotten Devuan to work well in AWS. I am also planning on installing Devuan on my next raspberry pi device that I purchase. Hoping that Devuan adoption keeps increasing. It's a nice hedge against this one world systemd bullshit.

Re:This is non-news

[r_pattonII]

It may also motivate some people to go back to Slackware! It is still my go-to distro since 1996. I have installed Devuan 2.0 on a spare hard drive and I do like it!

Re:This is non-news

[zwarte+piet]

I'm still on Linux Mint 17.3 Based on Ubuntu 14.04, it's the last systemD free version

And poettering says:

"It's not a bug, but a feature. Or someone else can work around it. Also: Don't be so mean to us, boo hoo."

Shock! Surprise! Dismay! WTF did you expect?

[Seven+Spirals]

Shitty windows-ini-style Unit files, binary logs, 12 different subsystems gobbled up and "integrated" ... I mean did this kind of shit surprise someone? Really? After years of supporting Systemd and solving it's problems for others I can say with limited authority that, yes, it really is garbage. I know there were a few people who thought systemd was just "progress", but no it's a schism, a coup, a shitty revolution that left everyone worse than when they started. Linus and friends are too old and retarded now apparently to lose face and be critical of it because they stood by and shrugged while the Potterites and Fedora assholes ruined Linux. I mean BSD was always better, don't get me wrong. So, it's not as big a loss as some would frame it to be. However, it used to be fun, useful, and relatively untainted by anything this heinous but a few unenlightened windows folks came along and created this svchost.exe ripoff (systemd) for the purposes of enhancing GNOME and now you get this smelly mess that is now Linux. Ah well, it was (sorta) fun while it lasted. Back to my BSD boxes.

Re:Shock! Surprise! Dismay! WTF did you expect?

BSD has always been better. I've been running *nix systems since 1998, and I agree with you. I've never had any real issues with BSD servers save HW issues. Free/Open BSD just run. The upgrade path is cleaner. I'm sorry, but the apt/dnf, etc., don't even compare with FreeBSD's ports system. Anyone who has ever run buildworld/buildkernel/makeworld and/or used the ports system on FreeBSD understands just how sane this process is compared to the balkanization of Linux's various utilities like apt/dnf/pacman, etc.

BSD is a complete operating system in its own right from the word go. I simply just install KDE and other bits I want and rest easy knowing the update/upgrade path will always work unless I personally screw something up.

Re: Shock! Surprise! Dismay! WTF did you expect?

Don't blame Linus, he works on the kernel and has repeatedly stated he doesn't care how people use it. And it's not like anyone needed him to know this was a had idea. Objections were raised from the beginning. Lots of slashdot threads about it too if you care to look. Feel free to blame yourself though for not shouting from more rooftops. I don't care, I don't use systemd

Re:Shock! Surprise! Dismay! WTF did you expect?

[Eravnrekaree]

One of the things that does not make sense about your position is you can use sysv init with systemd, also systemd can generate your text based log files for you. Considering these two facts, systemd can work like how you want it to work. You seem to be more opposed to *other people* using it in ways you do not think they should be allowed to use it. So who is the tyrant?

Re:Shock! Surprise! Dismay! WTF did you expect?

[Seven+Spirals]

There is a big difference between "can" and "comes that way by default on the OS you use or support". As you may know, the default is to NOT use sysv scripts and NOT log to text files beyond a few simple/useless exceptions (journald steals & encodes it all into a binary opaque format). You are correct that I don't like other people running it. However, you fail to recognize the reason: I support Linux (and a half dozen other Unix variants) professionally, daily, and at a high level. When sysadmins, teams of sysadmins, or low-level developers are stumped, they send the problem to me as a backline engineer. So, yeah, I think I have pretty well informed reasons to dislike systemd and good reasons to actually care what others do with it, since the default is to suck pretty badly and since when it does suck badly for other people they call *me* to fix it for them. Plus, if folks took your suggestion, they'd basically be de-fanging sysadmind and neutering most of the poor design decisions in it. The question there is: why bother? If you are willing to change your systemd rig by re-writing all your unit files into sysv scripts and dumping or redirecting journald's logs text files you could just as easily dump systemd altogether. Most people aren't going to try because they've either already switch to a non-systemd OS distro (like BSD or Devuan on the Linux side) or the just flat don't know how and aren't wanting to bother. For the latter group, they are going to get the greasy end the systemd stick because they'll be getting bit by every little problem systemd has re-invented and probably come away simply thinking "Linux sucks" but not really being able to find the source of that anal pain and give it a name: systemd.

Re:Shock! Surprise! Dismay! WTF did you expect?

[sjames]

And even if you do what you suggested, you still get stuck with the vulnerabilities outlined in TFA.

Re:Shock! Surprise! Dismay! WTF did you expect?

[Seven+Spirals]

Mr Coward, for once we agree 100% :-)

Remind me again why logs aren't text anymore?

nt

Re:Remind me again why logs aren't text anymore?

[zwarte+piet]

Logs have always been made of wood.

Re:This is why you should use Windows or Mac

You just don't get these kind of problems for the most part.

Yeah, you're right. Microsoft hardly ever has security vulnerabilities. It's practically unheard of.

And when you do, they get fixed by professionals.

That depends entirely on the vendors viewpoint.

You label it a "bug" and demand a fix. They respond by calling it a "feature", and then kindly tell you to Fuck Off, because the definition of "professional" is having more lawyers and money than you.

CrapD strikes again

[gweihir]

Fortunately, I run Linux, not Poetterix and are nicely unaffected.

Re: This is why you should use Windows or Mac

I think they were trying to be funny, really. or maybe not.

Where is the responsible disclosure ??

As much as there are issues around systemd, this seems to make Qualys attention whores and even worse jerks.

Re:Where is the responsible disclosure ??

[Fly+Swatter]

Responsible disclosures you never hear about since they are being responsible. So called 'Security Researchers' on the other hand... Want their public glory.

At Devuan, we knew this was going down

[jaromil]

As stated in 2016 at FSCONS in the Q&A https://youtu.be/wMvyOGawNwo?t...

C programming language strikes again

[Pinky's+Brain]

Two of the bugs only possible in with unsafe referencing/allocation ... par for the course.

Re:C programming language strikes again

[110010001000]

A basic static code analyzer would have found these. It has nothing to do with C.

Re:C programming language strikes again

[Pinky's+Brain]

A basic static code analyser spits out so many false positives on a codebase this size you'd have rewritten half of it by the time you convinced yourself they were all meaningless (and missed the few important ones in the sea of noise).

Re:C programming language strikes again

[110010001000]

That is why you iteratively tune the analyzer. If you aren't using a static code analyzer you aren't even trying.

Re: C programming language strikes again

Sounds like a systemd problem to me then.

Write small code that does one thing and one thing well. Easier to read and debug. It seems since systemd stopped using this philosophy a lot of these bugs have bitten them in the ass. Whereas a static checker on small tight code wouldn't throw a bunch of errors as you say.

So in short, this sounds again, like a systemd problem and not a C problem.

Re:C programming language strikes again

[squiggleslash]

Something that exists to find bugs only present in C would have found these, so it's got nothing to do with C? WTF?

Re:C programming language strikes again

A basic static code analyser spits out so many false positives on a codebase this size you'd have rewritten half of it by the time you convinced yourself they were all meaningless (and missed the few important ones in the sea of noise).

Yep this makes perfect sense. Systemd roughly 1mloc... surely static code analysis would be worthless on any codebase of this size or larger. For example Linux kernel is at least 15 mloc and no way has it benefited from static code analysis. Several hundreds of patches resulting from the use of such tools were all just illusions in a sea of noise.

Re:C programming language strikes again

[AHuxley]

We need an Ada OS.

Re:C programming language strikes again

[Pinky's+Brain]

It has benefited, but it can't prevent the same shit happening again and again.

Static code analysis just tries to find ways we found in the past to fuck up with pointers, buffer overflows and use after frees (among other things). There's an infinite way to fuck up with them though and their pattern matching is no match for our creativity at fucking up.

Re:C programming language strikes again

[JustNiz]

Oh dear god no..

Re:C programming language strikes again

[AHuxley]

Code like the French and US mil. Quality.

Re:C programming language strikes again

boy you sound like fun at parties!

Systemd: Conflict of interest?

[Futurepower(R)]

"Giant bloated executable..."

SystemD causes a lot of problems. That makes more money for people who work for companies that do Linux technology support.

Is that a giant conflict of interest? Was SystemD allowed by management of Red Hat because it would make more money?

Mark Shuttleworth said, "Losing graciously". (Feb. 14, 2014} "It will no doubt take time to achieve the stability and coverage that we enjoy today..."

Re: Systemd: Conflict of interest?

the one thing I learned at the place I work is that people and businesses are not rewarded for perfect code -- trouble-free code results in the project being thought of as small and not valuable -- if you want money, you need to build complex and buggy code - systemd supporters are no dummies and know what it takes to earn more money

Re:Systemd: Conflict of interest?

[Eravnrekaree]

Its systemd, not SystemD.

Have you ever looked at some bash startup scripts? Its difficult to analyse compared to the declarative style. Bash scripts are a much more serious support issue compared to the simplicity of systemd declarative unit files. I've not had any problem with systemd, and not that is worse than what we had with sysv init.

Also, ubuntu had systemd -like init with Upstart for many years, systemd just standardized so we dont have to learn another init system for every other distro.

I really like the basic design pattern makes since such as the simpler declarative file format which much easier to read than Bash scripts and the dependency based startup.

Re:Systemd: Conflict of interest?

Upstart was init replacement while SystemD is hodge podge of everything. Really disgusting.

Re:Systemd: Conflict of interest?

SystemD causes a lot of problems. That makes more money for people who work for companies that do Linux technology support.

See "Broken Window Theory" Econ101

Re:Systemd: Conflict of interest?

[Etcetera]

Have you ever looked at some bash startup scripts? Its difficult to analyse compared to the declarative style. Bash scripts are a much more serious support issue compared to the simplicity of systemd declarative unit files.

Shell, and scripting generally in shell languages, is a key component of all *nix systems. Yes, it's possible to write horrible shell code in an init script, but that's largely the fault of the *author*. Most init scripts are simple; except for whatever custom logic is needed uniquely for this daemon, the rest is boilerplate.

I'd submit that if you can't understand this code, you're not ready to operate or administer a *nix system at the command line or service management debugging level.
https://fedoraproject.org/wiki/EPEL:SysVInitScripts#Initscript_template

Re:Systemd: Conflict of interest?

[Hognoxious]

I've had precisely one problem with an init script, ever. It was that long ago I found the solution in an actual paper book.

Every systemd based distro I've even tried has given me problems of some kind.

Re:Systemd: Conflict of interest?

This is why the Year of the Linux Desktop is even further away now, the vast majority of distros use systemd and as a result overwhelmingly desktop Linux has become unstable.

Re:Systemd: Conflict of interest?

[sjames]

Have you ever looked at some bash startup scripts?

And written them. Not exactly rocket surgery. The ones that are more complex are doing things you cannot even specify in a unit file (and so, would require that the script be called from systemd anyway). The others are dead simple and tend to have a very much standardized form.

It's a shame systemd was made as a monolithic charlie foxtrot rather than as an extensible bag of useful tools.

Re:Systemd: Conflict of interest?

[exomondo]

SystemD causes a lot of problems. That makes more money for people who work for companies that do Linux technology support.

Well it does for supporting RedHat-derivative Linux desktop distributions. But it doesn't look particularly good for RedHat and certainly makes their competitors look more attractive.

Is that a giant conflict of interest? Was SystemD allowed by management of Red Hat because it would make more money?

No it's not a conflict of interest, RedHat isn't the only desktop Linux game in town and if the software is getting unstable and support costs are going significantly up then it's worth switching to something else like Slackware. There's not much point in it being Free Software if you're still just going to tie yourself to one vendor like RedHat regardless of the quality and cost of the software.

Re: Systemd: Conflict of interest?

[Bite+The+Pillow]

What the fuck? Who is paying for systemd? Initial release was "30 March 2010", Pottymouth started at RedShat in 2011. Was that the plan? To make a pile of shit and get hired by an ignorant open source company to keep at it?

RedShat is one of the very very few purely open source companies. They do not have proprietary products as their main focus, with contribution to open source as a side effect, like Adobe or Microsoft. Other than SystemD, they know what they are doing, not idiotic. Your idiotic cynicism on the other hand is not contributing anything of value.

Re: Systemd: Conflict of interest?

Its systemd, not SystemD

Actually, it is SystemD~~~~*

Re:Systemd: Conflict of interest?

Choosy chewers chew ChewZ,

Re:Systemd: Conflict of interest?

I don't think it's instability which keeps linux off the mainstream desktop. The average consumer user does not expect stability.

The reason linux is not on the average desktop is that we're not spending millions advertising it on TV.

Re:Systemd: Conflict of interest?

Bash scripts are difficult to analyze? Is that a problem with shell scripts or a problem with the guy reading them? How hard is it to analyze systemd itself when there's a problem but it doesn't seem to be these silly systemd unit files causing it? Oh, wait, that's a massive conglomeration of poorly written C code spaghetti with Poettering and Sievers' "I don't give a fuck" attitude salted liberally throughout its design. So are you saying that you're too incompetent to understand a shell script but somehow a C spaghetti code untangling wizard? Get outta here, kid, put your dick back in your shorts and move along.

Re:Systemd: Conflict of interest?

No, it's not a shame. Since it's monolithic, we actually have SOME chance of getting rid of it in one stroke.

If it were written correctly, it'd be a roach-hunt.

Re: Systemd: Conflict of interest?

[reanjr]

Maybe the problem with analyzing systemd is with the person analyzing too. If you have problems troubleshooting systemd, you are probably too old and obstinate to learn new things and you should give up on this career path.

Re:Systemd: Conflict of interest?

[thegarbz]

the rest is boilerplate.

Indeed it is. What we should do is strip out this boiler plate and put it in a separate system that can be in charge of doing the all that same boiler plate stuff.

I always find the dichotomy between people who are happy with copy paste boiler plate code in one place and then get super angry when things like docker or snap ship embedded libraries.

Dammit I'm making a point, don't use my own logic against me!

Re:Systemd: Conflict of interest?

[Etcetera]

the rest is boilerplate.

Indeed it is. What we should do is strip out this boiler plate and put it in a separate system that can be in charge of doing the all that same boiler plate stuff.

I always find the dichotomy between people who are happy with copy paste boiler plate code in one place and then get super angry when things like docker or snap ship embedded libraries.

Dammit I'm making a point, don't use my own logic against me!

That would be fine if that's *ALL* it did. In fact, for "standard" daemons that have absolutely 0 changes to the init script template other than setting the program/exec and service name (and maybe permanent flags like a user to setuid to), it would be trivial to write a wrapper that did just that. I might even suggest that.

The problem is that systemd goes *way* beyond that.

Re: Systemd: Conflict of interest?

It's a problem of process transparency, not processor age. You should refrain from ageism. You are not worth the same as someone with greater experience.

As a 40 year old virgin

I fail to see the upshot of "women".

Re: As a 40 year old virgin

That's weird but don't worry about it, the rest of us know what to do.

Re: As a 40 year old virgin

get wiped out in divorce/family court?

Only 3 bugs?

Wow! This must be an amazing piece of software. Such high quality!

Where is the responsible RTFA?

[Pinky's+Brain]

https://www.qualys.com/2019/01... :

2018-11-26: Advisory sent to Red Hat Product Security (as recommended by
https://github.com/systemd/sys...).

2018-12-26: Advisory and patches sent to linux-distros@openwall.

2019-01-09: Coordinated Release Date (6:00 PM UTC).

Re: Where is the responsible RTFA?

You must be new here ;).

Here's a hint: don't click on anything that says you f8il it.

Re:This is why you should use Windows or Mac

[Narcocide]

Meanwhile, just two articles earlier on the same exact page you just posted to: "Windows 7 Users Who Installed January Update Report Network Issues; Some Say the Update Has Also Incorrectly Flagged Their OS License as 'Not Genuine'"

Once again: Slackware NOT affected.

[sombragris]

Slackware ships with a simple, effective BSD-style init populated by simple and readable shell scripts. Its BDFL, Patrick Volkerding, made the decision to purposely avoid systemd like the plague and I think he is right.

Install Slackware, and many sysadmin's worries will go away.

Re:Once again: Slackware NOT affected.

[Rockoon]

Slackware ships with a simple, effective BSD-style init populated by simple and readable shell scripts. [....] Install Slackware, and many sysadmin's worries will go away.

You are missing the forest for the trees. What you really want isnt a "BSD-style init", what you really want is BSD.

Linux isnt unix, so dont expect it to maintain the unix philosophy. BSD is unix.

Fun fact: Been true forever

Re:Once again: Slackware NOT affected.

Slackware has always been about what is most STABLE and secure and NOT about the bleeding edge! Live on the bleeding edge of tech and you can end up cut to the bone.

Re:Once again: Slackware NOT affected.

[shoor]

Slack was my 1st linux distro, and I'm a long time admirer of it. But nowadays I use devuan, a systemd free fork of debian. There's also PClinuxOS that is systemd free. For me, the acid test is whether I can use me-tv to watch and record ATSC broadcast TV. Back in the pre-systemd days I could not get me-tv to work on ubuntu but I could get it to work on mint (something to do with the gui libraries). I really liked PCLinuxOS but, last time I tried, I couldn't get me-tv to work on it either, same problem as ubuntu I guess. (Maybe I'll try again with the latest distro). But me-tv does work with devuan so that has become my distro of choice, and I really like it.

Re:Once again: Slackware NOT affected.

[slack_justyb]

Linux isnt unix, so dont expect it to maintain the unix philosophy. BSD is unix.

As the old saying goes:

BSD is what you get when a bunch of UNIX hackers sit down to try to port a UNIX system to the PC. Linux is what you get when a bunch of PC hackers sit down and try to write a UNIX system for the PC.

So that said, I'll stick to my Slackware installs thank you..

Re:Once again: Slackware NOT affected.

[sombragris]

As someone said, I think there's quite a baby with the bathwater you propose to throw.

Re:Once again: Slackware NOT affected.

[a_n_d_e_r_s]

Slackware - being the oldest distro out there still alive - is as close as standard UNIX as you can come in Linux world.

Re:Once again: Slackware NOT affected.

[Rockoon]

After you've drowned the baby, its time to throw it away.

Re:Once again: Slackware NOT affected.

[r_pattonII]

Couldn't agree more. Been a Slackware user since 1996!

Re: Once again: Slackware NOT affected.

I'll switch to BSD when Virtualbox works on it

Re:Once again: Slackware NOT affected.

[zwarte+piet]

And throw away all that juicy meat?

Griffendork?

-100 points Slytherin!

Delicious irony

[UPi]

Near the end of the document is this bit:

Acknowledgments
We thank systemd's developers, Red Hat Product Security, and the members of linux-distros@openwall.

That is the more polite version of "you incompetent chumps make our searches easy and worthwhile. And we listened to a lot of System of a Dawn."

Re:Delicious irony

There is peanut butter dripping from your butthole.

Re:This is why you should use Windows or Mac

#fakenews

Hang on

[doom]

Let me go make some popcorn.

Systemd really does suck ass

Honestly I never really cared about this crap. It was mostly eyerolls from me when people first started complaining.

Until I tried to extract logs... pulling data from journalctl is like watching paint dry (see also windows event viewer)

Until I noticed the top CPU user is fricking systemd logging shit from Internet SSH probe spam.

Now we have privilege escalation vulns galore and this is far from the first time.

And for what exactly? What value has systemd ever provided to anyone that makes tolerating this garbage worthwhile?

Gratitude

Thank you, SystenD! May I have another?

I like systemd

[youngone]

They were able to obtain local root shell on both x86 and x64 machines by exploiting CVE-2018-16865 and CVE-2018-16866. The exploit worked faster on the x86 platform, achieving its purpose in ten minutes; on x64, though, the exploit took 70 minutes to complete.

If someone has local access to your machine, you're doing it wrong anyway.
I know systemd is unpopular here, and I get the arguments why, but it has always worked well for me and these bugs seem fairly minor.

Re:I like systemd

If someone has local access to your machine, you're doing it wrong anyway.

Listen up, everybody! Computer labs shouldn't exist. You heard it here first. /s

Re: I like systemd

Root shell from either a local exploit or a remote exploit IS NOT a minor thing. Typical systemd attitude. Blame the users, handwave away the problems. Sad.

Re:I like systemd

[dasunt]

If someone has local access to your machine, you're doing it wrong anyway.

Does this need local access? Or just remote access?

Re:I like systemd

[a_n_d_e_r_s]

Linux is a multi-user system from the ground and up.

Re:I like systemd

[WaffleMonster]

someone has local access to your machine, you're doing it wrong anyway.

Linux is a multi-user operating system. It's designed explicitly to support multiple users concurrently with limited privileges.

Re:I like systemd

[youngone]

To be fair, it's not really clear in TFA, but it looks like it to me, so I am going to worry about something else for a while.
To the commenters informing me that Linux is a multi-user system I'm not sure what your point is. If this bug needs an attacker to be standing in front of the machine, typing at the keyboard, you're a bit screwed regardless.

Re:I like systemd

Based on this, I'm pretty sure local is not a requirement. I presume that's merely how they tested the exploit. And I presume a lot of companies which are running Linux Cloud farms aren't happy that systemd, for all its supposed management benefits, allows for such exploits. But, then, Linux (and Windows) root exploits are par the course for most people, I guess. :/

Re:I like systemd

Trivializing root escalation is a mistake. Most serious security bugs start as 'local remote access' (e.g. if someone took control of the browser, he's running as you, not as root).

Root escalation makes every bug in services running under limited user critical. It allows using corrupting the system very thoroughly, up to writing to EFI or flashing to firmware, basically a rootkit that could force you to make significant expense to replace your computer.

Re:I like systemd

[dhasenan]

The exploit is a privilege escalation attack and does not require physical access to the machine. It uses a local account (that is, one on the OS) to start a local root shell (that is, one available to a process running on the machine, not necessarily available over the network).

Re:I like systemd

No....if a bug relies on local machine access to achieve root- it is properly classed as a priviledge escalation vulnerability.

It goes into an attackers toolbox. Once an attacker finds a flaw in your webserver allowing him to run code locally, he pairs this with the priviledge escalation exploit to root the machine.

A 2-step attack process is not unusual- indeed many attacks require more steps to complete.

Re: I like systemd

i guess you like to bend over, too

Patch it?

Patch it? They're going to FORK it. That's how we have our cake and eat it too!

Resistance Is Futile...

Keep It Simple Stupid!

Re: This is why you should use Windows or Mac

I haven't installed an update for windows 7 since I created the image: it's the reason I use windows 7. No more stupid updates or if there are I can install when I want.

"Alexa, start Apache". Smple input to complex code

[raymorris]

Even simpler than a systemd declaration is saying "Alexa, start Apache".

That doesn't mean that Alexa's AI code is simpler than a 20-line bash script. You're comparing the *input* to the systemd code, a config file, vs the actual code that does things in SysVinit.

In sys V, the shell script starts the daemon, it *is* the code. If anything is wrong or you want to change anything, you can look through the shell script and change things. In systemd, the declaration is handed to a binary that does who-knows-what.

I know you are trolling... but change can be great

[gosand]

I was a RedHat user back on v5.1. I tried to upgrade my system, and it was awfully painful. But I stuck with RedHat. Then I upgraded again. And again. Every time it got a little less painful, but it still sucked. Then I decided to try out another distro. Mandrake. It was nice, and I liked KDE! I upgraded a couple of times, and it wasn't too bad. So change was good. After a few more upgrades, it still wasn't that smooth. I decided to try out Ubuntu, and I really liked it. Since I was liking KDE I switched to Kubuntu. Change was good! I upgraded a couple of times - near flawless! Change was great! Then KDE started to really annoy me - too much flash, and eventually a bug cropped up that caused me all kinds of headaches. So I switched to Xubuntu. XFCE was great, and change was good! I upgraded that system several times, and it was very smooth. After 7 upgrades, things were getting less stable. Since i was going to reinstall anyway, i looked at other distros.... ah, Linux Mint. Polished, but with XFCE not overly so. I had found my distro, change was great! The method of upgrading was to reinstall cleanly, so I made sure to set up my new system so that was minimally painful. Then I was able to upgrade in place - painlessly! All was right.

Then after one upgrade, I noticed that my machine started having various issues. I couldn't shutdown cleanly. I would take minutes to shutdown, where it used to take seconds. I thought it was hardware at first, but it wasn't. It was systemd. I hadn't noticed before upgrading that they were switching to systemd. I had begun to trust Mint so much that I just thought it would be smooth. I learned more and more about systemd, and tried to fix the issue. No deal. So I gritted my teeth and dealt with it. Change can be bad. Eventually I got a different computer, and then I had complete confirmation that my issues weren't hardware related because they persisted. It was time to find a new distro.

It wasn't an easy search, because by this time systemd had kind of taken over. Mint only went to it because it's a downstream of Ubuntu. Clem (maintainer of Mint) confirmed this to me, that it wasn't his choice at all and it was just the easiest route to take.

I looked at the BSDs, Arch, Slack, and a few others. But because I was familiar with and really liked the apt package manager, I chose Devuan. It was not only a great distro, but I know that it is specifically focused on NOT implementing systemd. It was a simple install and upgrade, and my system is fast as ever and shuts down within seconds again. So again... change is great!

why not make a new init system?

[BlackOverflow]

This is a legitimate question. Most people on slashdot seem to hate systemd. And most of you are programmers and work on Linux every day. Why don't you guys get together and create a new init system that blows systemd away? Isn't that what the whole spirit of FOSS is about?

Re:why not make a new init system?

Why don't you guys get together and create a new init system that blows systemd away?

The init system is straightforward, the difficult bit is getting systemd's claws out of anything within its reach.

Re:why not make a new init system?

[dhasenan]

Blowing systemd away would mean doing more than it does. We want a system that does less. For instance, we want an init system that doesn't have a DNS server built in. We want one that doesn't handle rewriting resolv.conf and instead relies on a separate daemon to do that. We want one that doesn't try to take over logging, one that just uses logfiles.

Systemd has some advantages over sysv-init: named runlevels, starting tasks in parallel, and restart policies are all nice. Integrating logrotate would be handy. But it's hard to wow people with an init system that does a lot less than systemd.

Re:why not make a new init system?

[blind+biker]

Why don't you guys get together and create a new init system that blows systemd away? Isn't that what the whole spirit of FOSS is about?

Because we already have an init system that blows systemD away.

That's not the issue. The issue is that Potternig's hot caca has been pushed by RedHat. RedHat is now the de-facto expert on that hot caca, and this gives them a commercial advantage. You have a problem with systemD? Redhat can assist for a fee.

This is just politics. Personally, I only run systemD-free distros, though I'm looking at going to the BSD world, more and more. It's very enticing.

Re:why not make a new init system?

Systemd has some advantages over sysv-init: named runlevels, starting tasks in parallel, and restart policies are all nice.

sysv-init can also start tasks or services in parallel, (see the manual for startpar), why do you need labeled run levels? 0-6 (more if you want to add your own) is easy to remember and how many times are you manually switching runlevels for this to even matter?

Integrating logrotate would be handy. But it's hard to wow people with an init system that does a lot less than systemd.

We have enough creep as it is, why do you want to add more, keep everything as separate utilities, so they can be swapped out if something better comes a long.

Can this be the straw

[sremick]

...that broke the camel's back? FINALLY? PLEASE?????

Can the idiotic pro-systemd folks finally admit they were wrong, abandon the whole misguided concept, and start the process of moving back to unix philosophies and architecture? The world dropped xfree86 fast as a hat, pretty much spun on a dime and moved to X.org.... let that happen w/ systemd as well.

Or, better yet, just shift support en masse behind FreeBSD and get the hardware and desktop environment and app support back up there like it used to be. Honestly, that'd be the better path and the end result so much better.

Probably too much to hope for...

Re:Can this be the straw

...that broke the camel's back? FINALLY? PLEASE?????

Can the idiotic pro-systemd folks finally admit they were wrong, abandon the whole misguided concept, and start the process of moving back to unix philosophies and architecture? The world dropped xfree86 fast as a hat, pretty much spun on a dime and moved to X.org.... let that happen w/ systemd as well.

Or, better yet, just shift support en masse behind FreeBSD and get the hardware and desktop environment and app support back up there like it used to be. Honestly, that'd be the better path and the end result so much better.

Probably too much to hope for...

But then you'd have the pesky BSD license to contend with. GNU-GPL3 makes sure your changes benefit everyone. Except I'm sure this license is violated regularly. "Nobody seems to notice, nobody seems to care."

the unix philosophy

[doom]

I come not to praise systemd, and certainly not to praise Poettering or RedHat...

But these anti-systemd rants would be more impressive if you guys had showed any signs of thinking through what you're saying about The Unix Way and all that jazz.

Yes, sometimes decentralized, small encapsulated components are a win, but sometimes monolithic designs where the pieces can talk to each other easily are a win-- You might notice that when Linus Torvalds was asked about this he made some rather mild comments about how some aspects of linux, like the graphic display environment has always been more monolithic.

Arguably, the initial reason perl was a big deal is it took a bunch of features from the shell programming world and stuck them all inside of one process-- you can do lash-ups of shell, awk, sed and so on, or you can just write a perl script and pretty frequently the perl script is really and truly a better option.

And take a look at some of the classic shell utilities some time. Look at the docs for things like "find", "tar", etc... do they really look to you like something that's designed to just do "one thing"?

You guys who keep intoning "the unix philosophy" over-and-over might want to stop and think about the way things really get done with unix.

But then, none of this is a defense of systemd, or the way systemd was put over...

Re:the unix philosophy

Perl is a language. It doesn't do anything on it's own. Executing on the language is the "do one" thing and a completely open interface.

find, well, finds things. I don't think finding /only/ "one" kind of thing and doing that "well" would make any sense. The "find" is the thing it does. That makes sense. Are you suggesting 'find' means something different?

tar as we know is Tape ARchive. It's a backup tool. Wait, what you don't want to use it to backup things? ... what would make it not go saving off things? Are you on crack?

SystemD is a ... is a... forget it. It's a BLACK BOX.

You tell someone not initiated into the command line a unix command like "find" or tell someone what TAR stand for and tapes are actually backup devices, and they get an immediate image of what it does, no class or degree needing. You mention how linux is cool and shiny because of System D, not to mention fast, they'll give you blank stares and start thinking all the stereotypes in existence.

Now I'm not saying all UNIX stuff really matters or is done well either or understood by non-techies, but you are saying our argument of the UNIX way is invalidated by how things are really done in UNIX? What UNIX are you using? Call it Linux, it was designed to mimic UNIX, and still mimics it, except now we are getting MS-lite wannabe distros added to the mix. Whatever.

I don't think the UNIX philosophy was ever intended to be a design spec, but inspiration of ideas that work because of their simplicity. It is compatible with building of things of complexity too. But disparage it and make computers non-accessible appliance-like System D devs have to even mainstream techies, just because, and fill it full of marketing features to sell your distro at your peril.

Re:the unix philosophy

Good attempt. But the rationalization of the systemd haters has nothing to do with reality.

I've maintained Redhat and CentOS systems since RHEL2.1 (and long before that with Redhat and Slackware). I cut my teeth writing init scripts for some custom services written on RHEL, and then at some point we had to deal with Systemd.

Yes, there was a learning curve. Yes it was confusing at first becuase RHEL had this silly init compat layer that made transition easier (but learning harder).

But not ONCE NOT ONCE in all the years I've been actively maintaining thousands of both bare-metal and virtualized isntances has systeemd iteself been a problem.

Sure, there are lockups of services and sometimes things go wrong. Lose a network mount and reboot and watch systemd hang for 2 minutes waiting for a graceful closure.

But none of that is any worse than what happened with the old init systems. Hell lose an nfs or smb mount with init and you wouldn't even know what was hanging.

In short, as someone who's daily bread and butter relies on services starting on time, in order, systemd works fine, and isn't any better or worse to use than init. As someone whose hobbies rely on Linux in general....i only think about systemd when some haters on slashdot start this silly bullshit ranting about a product they don't like because they're too hipster for change.

Re:the unix philosophy

[geekymachoman]

People keep mentioning it because the "philosophy" kept it from interfering with other components and did the work just good.
The lack of it was what kept Windows from not working.

And now, this lack of philosophy spread to Linux.

Re:the unix philosophy

[petrus4]

Yes, sometimes decentralized, small encapsulated components are a win, but sometimes monolithic designs where the pieces can talk to each other easily are a win

I actually do see what you're saying, here. In The Art of UNIX Programming, Eric Raymond mentions that occasionally there are tasks where it simply isn't possible to make them small.

I don't have a problem with systemd being monolithic, as much as with the parts of said monolith being so tightly welded together. The other problem is lack of transparency and discoverability. Systemd is hard to understand, and for a big, monolithic project, transparency becomes more important, not less.

Lennart Poettering is an arrogant bully, with a proven track record of writing bad software and attempting to shove it down everyone else's throats. Systemd isn't his first nightmare; some of us remember PulseAudio as well. If you don't believe me about his software being excessively complex, go and look at Pulse's configuration files, and see if you can understand them.

It is time...

...for Linus Torvalds to write an init system like the way he did Git when Bitkeeper license was revoked. He is the only one who can get the devs behind the new system instead of the fucktard Pottering.

Re:It is time...

Sadly, the new CoC disallows that action as it would hurt Pottering's feelings.

CAP === 'students'

Re:"Alexa, start Apache". Smple input to complex c

Now I understand why so many people were so adamant about how terrible systemd was going to be.

I'm not a programmer, so didn't really understand what the problem was.

How to fix this

[AHuxley]

Reflect back on "programs that do one thing and do it well".
Are the deep parts of an OS you are using still supportive of that philosophy?
If not consider changing to a better quality OS.

Re:How to fix this

Is this a plug for BSD or something?

Re:How to fix this

Yes, we should all be using GNU Hurd.

That's no excuse not to test for this

There's an infinite way to fuck up with them though and their pattern matching is no match for our creativity at fucking up.

Yet people commonly keep screwing up in the same way, and rarely seem to find new ways to screw up. And while there may be many ways to screw up (not infinite, mind, but the point you were really making, ie "a very very large number with lots of zeros" ways of screwing up is certainly true. Given this plethora of methods of wreaking havoc on ourselves, it's interesting that we generally gravitate to the same old mistakes over and over.

Which is why static code analysis definitely has its place, and there's really no excuse for the systemd people not using it to catch these sorts of things (which are old problems that have cropped up again and again because ... people tend to gravitate to the same set of mistakes they keep making time and time again). But then, there's no excuse for a lot of things the systemd developers have been doing these past several years, so adding this one to the pile really shouldn't surprise too many people.

Re:"Alexa, start Apache". Smple input to complex c

[complete+loony]

I don't mind that services have a simple config declaration, with mostly standard start / stop handling. But it would be better to start with some form of "#!/..." so the config file can be used as a script that launches a generic service handler from a traditional init system.

But that's not the only part of the OS that systemd is trying to replace...

Re:I know you are trolling... but change can be gr

[AlanObject]

I wasn't really trolling regardless of what the moderator tally is. I was just remarking that this topic really is a hot button for a lot of people and are willing to write flames about it. And that it hadn't happened for a while.

And was I wrong? Oh, no.

I also pointed out that some people have more valid justifications for their passionately held positions than others. Although that is always true on that topic the jury will always be out.

My Favorite Part About JournalD

JournalD is used to look at binary system logs, yet can not look at binary logs stored in another volume. This is more than useless in forensics and recovery.

Re:My Favorite Part About JournalD

JournalD is used to look at binary system logs,

No, it's not. journald != journalctl

yet can not look at binary logs stored in another volume. This is more than useless in forensics and recovery.

Yes, journalctl can do that. I recommend reading the journalctl(1) man page.

Systemd tries to be "too smart" for its own good.

Had to deal with the default logger's throttle/drop-on-the-floor behaviour when RedHat modified docker's default logging driver to use journald. We spent a while scratching our heads wondering why we couldn't see certain critical messages in our logs for container runs. If you use docker expecting chatty programs in the container to retain all messages, you have to switch to the json logger (which is default docker, no good reason RedHat changed it other than to be jerks).

Nope to systemd, I'd rather use older, tried and tested init systems.

Linux can do that easily enough

[raymorris]

Using binfmt_misc (or a GUI front-end to it) you can fairly easily configure your system to use whatever program you want to handle *.service "scripts". It can recognize them by name (.service) and/or by the first bytes being [Unit] or [Service]. This is similar to configuring a default handler for jpeg files, to open them when you click them (but also works from the command line).

For other file types that don't have a predictable name, nor predictable first bytes, a very simple kernel module can be used to register a handler.

Lastly, text files of unknown type are sent to /bin/sh if they are chmod executable. You can probably configure sh to handle service files.

Slackware taking them to church, as in Ironman 3

I've been a user off and on since the version 1 series and currently use 14.2 with updates from the current tree including Clang 7.0.1 and GCC 8.2.0

https://en.wikipedia.org/wiki/Church_of_the_SubGenius

Re:"Alexa, start Apache". Smple input to complex c

Isn't the binary in sys V the shell?

Systemd patch released last year.

Version 2.0 systemd patch is available @ https://devuan.org/get-devuan.

For those who like Arch Linux, except for systemd

https://voidlinux.org

Commonalities with Arch:
- For people who have some basic understanding of the system and are not mortally afraid of the command line.
- Rolling release
- No bloat, unless it's requested
- No nanny attitude
- Main source of info: the Arch Linux Wiki :o)

Differences:
- Uses runit as its services init / supervision system: parallel services startup (pretty quick), does all a standard client / simple server needs, uses shell scripts, simple, non-invasive.
- Uses libressl by default
- Uses xbps as its package manager: pretty similar to pacman, but split into sub-commands (xbps-install, xbps-query etc.)
- Provides xbps-src to compile packages from source / edit packages / create own packages (Arch's ABS is unsupported now AFAIK)
- Much smaller community (which really should change ;o)

ugh

[sad_]

been using linux since 95 and i've seen all kinds of bugs throughout the years.
it looks like systemd is remaking all of them again, each time i think - this already happened before, it shouldn't be a problem anymore.
seems as if the systemd team is recreating the complete history of linux userland bugs again.

security

Wasn't there a article about adding bugs to the os to tie up hackers time?

Bad Workmen Blame Their Tools

As the saying goes; bad workmen blame their tools.

Maybe it's not the C language, but rather the patriarchal misogynist rape-culture of the IT industry and a clear sign that systemd developers should all be replaced by androgynous gender-morphs that take the code's feelings into consideration.

Systemd

Systemd is a solution looking for a problem...and then creating new problems in systemd. I happily run Gentoo Linux without systemd. If someone insists on systemd, just push them to Windows 10 instead. Linux doesn't need this crap.

GOLD!

In the 1800's, they yelled, "There's gold in them there hills!".
    I the 2000's, they yelled, "There's gold in that there systemd!".

recent systemd problem

I switched my DNS from NameCheap to CloudFlare recently. After making some untenable discoveries about CloudFlare, I switched back to the NameCheap server. From that point onward, I could not get any email on my website systemd server. Although there was an MX record in the server's DNS setup, the MX record could not be found. After running in circles for several days trying to figure out what was wrong, I decided to restart the server. The MX started showing up. Somehow systemd was simply not recognizing it. This is the type of crap you get from systemd that you never got without it.

Haven't you dropped Systemd yet?

[Artemis3]

Distrowatch says there are 113 alternative distros you can use without systemd

If you like Debian, you use Devuan.
If you like Arch, you use Artix.
Slackware was never tainted, etc...

What are you waiting for? The main idiot is not even Poettering, its the Distro leaders that choose to force you to use it. Of course Fedora is doomed being a Red Hat project...

Is it a coincidence that everything made by Poettering behaves more or less the same buggy and bloated way? You think pulseaudio is an example of excellence? What about avahi and the other crud he made? Just say no to his mindset and rid your system of anything made by him.

http://without-systemd.org/ Take a stand against systemd!

Re:Haven't you dropped Systemd yet?

[petrus4]

http://without-systemd.org/ [without-systemd.org] Take a stand against systemd!

I can hardly begin to describe, the extent to which this warms my heart, or the sense of hope it gives me. I had feared that Linux's users as a whole had simply rolled over and accepted Lennart's crap. This is a revolution that needs to continue.

Re: Haven't you dropped Systemd yet?

amen!