Arguments against systemd

From Without Systemd
(Difference between revisions)
Jump to: navigation, search
(update)
(Poor design)
 
(44 intermediate revisions by 7 users not shown)
Line 1: Line 1:
 
__TOC__
 
__TOC__
 
Please objectively explain issues and link a reliable source (commit, bug report or documentation).
 
Please objectively explain issues and link a reliable source (commit, bug report or documentation).
  +
  +
== Scope creep ==
  +
  +
systemd suffers from [[Wikipedia:Scope creep|scope creep]].
  +
  +
* systemd is an init system
  +
* systemd provides an UEFI [[Wikipedia:Boot loader|boot loader]], [https://www.freedesktop.org/wiki/Software/systemd/systemd-boot/ systemd-boot] (previously [[Wikipedia:Gummiboot_(software)|gummiboot]])[http://www.phoronix.com/scan.php?page=news_item&px=systemd-Gummiboot-Boot-Loader]
  +
* systemd provides a [[Wikipedia:Login manager|login manager]], {{man|systemd-logind}}
  +
* systemd provides a [[Wikipedia:Syslog|syslog]] daemon, {{man|systemd-journald}}, see [https://docs.google.com/document/pub?id=1IC9yOXj7j6cdLLxWEBAGRL6wl97tFxgjLUEHIX3MSTs Introducing the Journal]
  +
** uses a binary format
  +
* systemd provides a [[Wikipedia:Mount_(Unix)|mount]] front-end, {{man|systemd-mount}}[http://www.phoronix.com/scan.php?page=news_item&px=Systemd-Mount]
  +
* The [[Wikipedia:udev|udev]] sources were merged into the systemd source tree.[http://article.gmane.org/gmane.linux.hotplug.devel/17392]
  +
* systemd provides {{man|systemd.timer}} timer units, which can be used to replace [[Wikipedia:cron|cron]] and [[Wikipedia:At_(Unix)|at]]
  +
* systemd provides a [[Wikipedia:D-Bus|D-Bus]] client library, {{man|sd-bus}} (see [http://0pointer.net/blog/the-new-sd-bus-api-of-systemd.html sd-bus])
  +
* systemd developed an in-kernel [[Wikipedia:D-Bus|D-Bus]] implementation, [https://www.freedesktop.org/wiki/Software/systemd/kdbus/ kdbus].[https://lwn.net/Articles/580194/] They tried to get it merged into the kernel, failed, and are now trying again with [http://www.bus1.org/ BUS1].[https://lwn.net/Articles/697191/]
  +
* systemd provides automount via {{man|systemd.automount}} to substitute autofs
  +
* systemd provides a caching DNS resolver, {{man|systemd-resolved}}
  +
* systemd provides a network manager and DHCP client, {{man|systemd-networkd}}
  +
* systemd provides a HTTP server for journal events, {{man|systemd-journal-gatewayd}} (can be disabled with <code>remote</code> compile option)
  +
* systemd provides a containerization system {{man|systemd-nspawn}} (see [https://lwn.net/Articles/676831/ lwn - Systemd vs. Docker])
  +
See [[Wikipedia:File:Systemd components.svg]].
  +
  +
To be added: {{man|systemd-cryptsetup}}, {{man|pam_systemd}}, [[Wikipedia:Acpi|acpi]], [[Wikipedia:cgroups|cgroups]], gnome-session, tcpwrapper, audit
  +
  +
* [http://www.phoronix.com/scan.php?page=news_item&px=systemd-networkd-IP-Forward systemd Gains IP Forwarding, IP Masquerading & Basic Firewall Controls]
  +
* https://lists.dns-oarc.net/pipermail/dns-operations/2016-June/014933.html
  +
* <s>An init system that requires even on a server a library for rendering QR codes: Post in [https://www.heise.de/forum/iX/News-Kommentare/Red-Hat-Enterprise-Linux-for-SAP-Solutions/Neulich-auf-einem-RedHat-Server/posting-31123843/show/ Heise Forum] and reference in [https://lists.fedoraproject.org/pipermail/devel/2012-October/172163.html Fedora]</s>
   
 
== Issues ==
 
== Issues ==
Line 10: Line 37:
 
* systemd by default kills background processes after the user logs out. {{Commit|97e5530cf2}}, [https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=825394 Debian#825394]<br>"In my view it was actually quite strange of UNIX that it by default let arbitrary user code stay around unrestricted after logout." -Poettering[https://lists.fedoraproject.org/archives/list/[email protected]/message/XW7V5A3RAWYCACU2ZMPA27ARRLIZUI37/]
 
* systemd by default kills background processes after the user logs out. {{Commit|97e5530cf2}}, [https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=825394 Debian#825394]<br>"In my view it was actually quite strange of UNIX that it by default let arbitrary user code stay around unrestricted after logout." -Poettering[https://lists.fedoraproject.org/archives/list/[email protected]/message/XW7V5A3RAWYCACU2ZMPA27ARRLIZUI37/]
 
* As systemd depends on many files on a rootfs, in case of any problems with rootfs, it is not able to control processes and (cleanly) shutdown/reboot when Crtl-Alt-Del is pressed.[https://bugzilla.redhat.com/show_bug.cgi?id=982200]
 
* As systemd depends on many files on a rootfs, in case of any problems with rootfs, it is not able to control processes and (cleanly) shutdown/reboot when Crtl-Alt-Del is pressed.[https://bugzilla.redhat.com/show_bug.cgi?id=982200]
* systemd-resolved breaks the traditional glibc behavior and skips a DNS server in all following queries, if it does not respond once. [https://github.com/systemd/systemd/issues/5755 GitHub#5755], [http://edgeofsanity.net/rant/2017/12/20/systemd-resolved-is-broken.html]
+
* systemd-resolved breaks the traditional glibc behavior by skipping a DNS server in all following queries, if it does not respond once. [https://github.com/systemd/systemd/issues/5755 GitHub#5755], [http://edgeofsanity.net/rant/2017/12/20/systemd-resolved-is-broken.html]
   
 
== Conceptional problems ==
 
== Conceptional problems ==
   
 
* [https://bugs.freedesktop.org/show_bug.cgi?id=76935 Do not parse "debug" command line parameter] - [https://lkml.org/lkml/2014/4/2/415 Response on LKML] Response: [https://bugs.freedesktop.org/show_bug.cgi?id=76935#c2 That is the expected current behaviour, "debug" can cause "too many" messages to be useful anymore if things are broken.]
 
* [https://bugs.freedesktop.org/show_bug.cgi?id=76935 Do not parse "debug" command line parameter] - [https://lkml.org/lkml/2014/4/2/415 Response on LKML] Response: [https://bugs.freedesktop.org/show_bug.cgi?id=76935#c2 That is the expected current behaviour, "debug" can cause "too many" messages to be useful anymore if things are broken.]
* [https://github.com/systemd/systemd/issues/2447 journal ip anonymization] - It's very difficult to use systemd/journal on a privacy aware system or infrastructure.
+
* [https://github.com/systemd/systemd/issues/2447 journal ip anonymization] -- It's very difficult to use systemd/journal on a privacy-aware system or infrastructure.
 
Debunking the myth of unit files being significantly shorter than scripts used by all other init systems: [https://jdebp.eu/FGA/run-scripts-and-service-units-side-by-side.html A side-by-side look at run scripts and service units]
 
   
 
== Poor design ==
 
== Poor design ==
Line 21: Line 48:
 
* [http://www.freedesktop.org/software/systemd/man/systemd.special.html systemd has a filename that starts with a hyphen!] - This causes all sorts problems as it will usually be interpreted as the start of a command option when used on the command line. You don't even need to specify the filename for it to cause problems as it will affect commands that use globbing. Not to mention that the file in question, "-.slice", they refer to as the "root slice" which causes confusion as the term "slice" has been used for decades as an alternative way of referring to a [https://en.wikipedia.org/wiki/Slice_(disk) disk partition] yet their usage is completely unrelated.
 
* [http://www.freedesktop.org/software/systemd/man/systemd.special.html systemd has a filename that starts with a hyphen!] - This causes all sorts problems as it will usually be interpreted as the start of a command option when used on the command line. You don't even need to specify the filename for it to cause problems as it will affect commands that use globbing. Not to mention that the file in question, "-.slice", they refer to as the "root slice" which causes confusion as the term "slice" has been used for decades as an alternative way of referring to a [https://en.wikipedia.org/wiki/Slice_(disk) disk partition] yet their usage is completely unrelated.
 
* [https://news.ycombinator.com/item?id=10999335 systemd mounted efivarfs read-write, allowing motherboard bricking via 'rm'] See also [https://bbs.archlinux.org/viewtopic.php?id=207549 No POST after rm -rf /] - Lennart's argument for mounting ''/sys/firmware/efi/efivars'' as read/write as a default behaviour doesn't hold water. Yes it's true that some tools may need to write to it but those tools are not needed for the general running of a system. ''efivars'' should not even be mounted as read-only by default. Those tools that need to write to ''efivars'' will generally only be invoked by a system administrator. A competent sysadmin will know how to mount ''efivars'' with read/write permissions when they need to to use those tools. The only reason to mount ''efivars'' by default is for convenience. This is by no means a good reason. From a security perspective, mounting ''efivars'' by default should be strongly discouraged as it breaks the [https://en.wikipedia.org/wiki/Principle_of_least_privilege principle of least privilege]. Lennart goes on to state that [https://github.com/systemd/systemd/issues/2402#issuecomment-177907110 systemd needs to write EFI variables]. This demonstrates yet another example of scope creep and thus poor design.
 
* [https://news.ycombinator.com/item?id=10999335 systemd mounted efivarfs read-write, allowing motherboard bricking via 'rm'] See also [https://bbs.archlinux.org/viewtopic.php?id=207549 No POST after rm -rf /] - Lennart's argument for mounting ''/sys/firmware/efi/efivars'' as read/write as a default behaviour doesn't hold water. Yes it's true that some tools may need to write to it but those tools are not needed for the general running of a system. ''efivars'' should not even be mounted as read-only by default. Those tools that need to write to ''efivars'' will generally only be invoked by a system administrator. A competent sysadmin will know how to mount ''efivars'' with read/write permissions when they need to to use those tools. The only reason to mount ''efivars'' by default is for convenience. This is by no means a good reason. From a security perspective, mounting ''efivars'' by default should be strongly discouraged as it breaks the [https://en.wikipedia.org/wiki/Principle_of_least_privilege principle of least privilege]. Lennart goes on to state that [https://github.com/systemd/systemd/issues/2402#issuecomment-177907110 systemd needs to write EFI variables]. This demonstrates yet another example of scope creep and thus poor design.
* http://anonscm.debian.org/cgit/pkg-systemd/systemd.git/commit/?h=ubuntu&id=28640752854
+
* https://anonscm.debian.org/cgit/pkg-systemd/systemd.git/commit/?id=28640752854
 
* https://bugzilla.redhat.com/show_bug.cgi?id=1170765
 
* https://bugzilla.redhat.com/show_bug.cgi?id=1170765
 
* https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=784720
 
* https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=784720
+
* systemd units are started with zero context. This eliminates most of the functionality of inotify and makes systemd.path unusable for virtually any purpose.
== Scope creep ==
 
 
* [http://www.phoronix.com/scan.php?page=news_item&px=systemd-networkd-IP-Forward systemd Gains IP Forwarding, IP Masquerading & Basic Firewall Controls]
 
* [http://www.phoronix.com/scan.php?page=news_item&px=systemd-Gummiboot-Boot-Loader Gummiboot UEFI boot loader to be added to systemd]
 
* [http://www.freedesktop.org/software/systemd/man/systemd-resolved.service.html DNS cache] --- [https://lists.dns-oarc.net/pipermail/dns-operations/2016-June/014964.html systemd-resolved]
 
* [https://github.com/tmux/tmux/issues/428 systemd developer asks tmux to add systemd specific code]
 
* An init system that requires even on a server a library for rendering QR codes: Post in [https://www.heise.de/forum/iX/News-Kommentare/Red-Hat-Enterprise-Linux-for-SAP-Solutions/Neulich-auf-einem-RedHat-Server/posting-31123843/show/ Heise Forum] and reference in [https://lists.fedoraproject.org/pipermail/devel/2012-October/172163.html Fedora]
 
 
[[File:Systemd_anigif.gif]]
 
 
* init system
 
* [[Wikipedia:Login manager|login manager]] - systemd-logind
 
* [[Wikipedia:Pluggable authentication module|PAM]] - pam_systemd
 
* getty
 
* [[Wikipedia:Syslog|syslog]] - [http://www.freedesktop.org/software/systemd/man/systemd-journald.service.html journald]
 
** Uses a binary format.
 
** Includes a [http://www.freedesktop.org/software/systemd/man/systemd-journal-gatewayd.service.html web server].
 
* [[Wikipedia:udev|udev]] - [http://article.gmane.org/gmane.linux.hotplug.devel/17392 merged into the systemd source tree]
 
* [[Wikipedia:Mount_(Unix)|mount]] - systemd-mount[http://www.phoronix.com/scan.php?page=news_item&px=Systemd-Mount]
 
* cryptsetup
 
* cron
 
* at
 
* dbus
 
* [[Wikipedia:Acpi|acpi]]
 
* [[Wikipedia:cgroups|cgroups]]
 
* gnome-session
 
* autofs - automount.automount
 
* tcpwrapper
 
* audit
 
 
See [[Wikipedia:File:Systemd components.svg]].
 
   
 
== Scope creep leads to vulnerabilities ==
 
== Scope creep leads to vulnerabilities ==
Line 33: Line 60:
 
** [https://www.cvedetails.com/cve/CVE-2015-1344/ The do_write_pids function in lxcfs.c in LXCFS before 0.12 does not properly check permissions] CVSS 7.2
 
** [https://www.cvedetails.com/cve/CVE-2015-1344/ The do_write_pids function in lxcfs.c in LXCFS before 0.12 does not properly check permissions] CVSS 7.2
 
* [https://latesthackingnews.com/2017/06/29/a-systemd-vulnerability-allows-attackers-hack-linux-machines-via-malicious-dns-response/ systemd vulnerability allows attackers to hack Linux machines via malicious DNS response]<br>
 
* [https://latesthackingnews.com/2017/06/29/a-systemd-vulnerability-allows-attackers-hack-linux-machines-via-malicious-dns-response/ systemd vulnerability allows attackers to hack Linux machines via malicious DNS response]<br>
  +
* [https://www.theregister.co.uk/2018/10/26/systemd_dhcpv6_rce/ Remote code execution via DHCPv6]
  +
* [https://www.qualys.com/2019/01/09/system-down/system-down.txt System Down: several vulnerabilities in systemd-journald] [https://www.theregister.co.uk/2019/01/10/systemd_bugs_qualys/ The Register article on same]
  +
  +
=== CVEs ===
  +
  +
[https://security-tracker.debian.org/tracker/source-package/systemd Debian tracker]
  +
  +
* [https://seclists.org/oss-sec/2019/q1/140 CVE-2019-6454] systemd (PID1) crash with specially crafted D-Bus message [https://usn.ubuntu.com/3891-1/ USN-3891-1]
  +
* [https://security-tracker.debian.org/tracker/CVE-2018-16866 CVE-2018-16866] information leak, out-of-bounds read
  +
* [https://security-tracker.debian.org/tracker/CVE-2018-16865 CVE-2018-16865] memory corruption
  +
* [https://security-tracker.debian.org/tracker/CVE-2018-16864 CVE-2018-16864] memory corruption
  +
* [https://nvd.nist.gov/vuln/detail/CVE-2018-15688 CVE-2018-15688] buffer overflow in the dhcp6 client
  +
* [https://nvd.nist.gov/vuln/detail/CVE-2018-15687 CVE-2018-15687] set arbitrary permissions on arbitrary files
  +
* [https://security-tracker.debian.org/tracker/CVE-2018-15686 CVE-2018-15686] potential root privilege escalation
  +
* [https://nvd.nist.gov/vuln/detail/CVE-2018-6954 CVE-2018-6954] obtain ownership of arbitrary files
  +
* [https://security-tracker.debian.org/tracker/CVE-2018-1049 CVE-2018-1049]
  +
* [https://security-tracker.debian.org/tracker/CVE-2017-1000082 CVE-2017-1000082] parsing error leads to root privilege escalation
  +
* [https://nvd.nist.gov/vuln/detail/CVE-2017-9217 CVE-2017-9217]
   
 
== Absurd bugs and responses ==
 
== Absurd bugs and responses ==
   
* [https://bugs.freedesktop.org/show_bug.cgi?id=74589 Unchecked null pointer dereferencing in PID 1 not considered a serious issue] - <i>"To make this work we'd need a patch, as nobody of us tests this."</i>, <i>"I will not work on this"</i> - systemd <b>requires</b> cgroups and segfaults if there is no cgroups support.
+
* [https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=739593#54 Debian#739593] systemd makes / shared by default, poettering suggest to not patch this, because you'll broke a lot of containers
* [http://www.phoronix.com/scan.php?page=news_item&px=MTYwMzg Screen locking issues (including a security issue) with gnome-shell] - remained unfixed for over a year]
+
* [https://bugs.freedesktop.org/show_bug.cgi?id=74589 freedesktop#74589] Unchecked null pointer dereferencing in PID 1 not considered a serious issue.
* [http://soylentnews.org/article.pl?sid=14/12/21/1343258 PID 1 segfaulting on upgrade; journalctl usability issue] - bug report still marked as "NEW"
+
* [https://bugzilla.opensuse.org/show_bug.cgi?id=918226 openSUSE#918226] systemd segfaults after updating from 208-23.3 to 208-28.1
* [https://lists.debian.org/debian-user/2015/02/msg00010.html "Tried to boot my laptop from a cafe..."]
+
* [https://github.com/systemd/systemd/issues/2402 GitHub#2402] Mount efivarfs read-only - Doing rm -rf / bricks your computer
* [https://bugzilla.opensuse.org/show_bug.cgi?id=918226 systemd segfaults after updating from 208-23.3 to 208-28.1]
+
* [https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=776171 Debian#776171] Unable to shutdown
* [https://github.com/systemd/systemd/issues/2402 Mount efivarfs read-only] - Doing rm -rf / bricks your computer
+
* [https://bugs.freedesktop.org/show_bug.cgi?id=61191 freedesktop#61191] systemd-journald eats 100% CPU
* [https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=776171 Unable to shutdown]
+
* [https://bugs.freedesktop.org/show_bug.cgi?id=64116 freedesktop#64116] Corrupted binary logs
* [https://bugs.freedesktop.org/show_bug.cgi?id=61191 journald eats up CPU]
+
* [https://github.com/systemd/systemd/issues/5644 GitHub#5644] tmpfiles: R! /dir/.* destroys root, also see [https://www.preining.info/blog/2017/04/systemd-again/ systemd again (or how to obliterate your system)]
* [https://bugs.freedesktop.org/show_bug.cgi?id=64116 Corrupted binary logs]
+
* [https://github.com/systemd/systemd/issues/6237 GitHub#6237] systemd can't handle the process previlege that belongs to user name startswith number, such as 0day
  +
* [https://github.com/systemd/systemd/issues/2039 GitHub#2039] Default value of RemoveIPC doensn't allow to use third party daemons. -- "This is an issue tracker, not a support forum."
  +
* [https://github.com/systemd/systemd/issues/8596 GitHub#8596] [https://bugzilla.redhat.com/show_bug.cgi?id=1494014 redhat#1494014] systemd incorrectly unmounts a reused mount point after a device removal / systemd automatically unmounts filesystem mounted using "mount <mountpoint>" command
  +
* [https://github.com/systemd/systemd/issues/9602 Github#9602] systemd won't allow the system to start if the system is configured correctly (/etc/localtime as a symlink) (you can even use systemd's tool to configure it!)
  +
  +
Missing bug report link:
  +
 
* [https://www.agwa.name/blog/post/how_to_crash_systemd_in_one_tweet how to crash systemd in one sweet] (works as any user, not just root) and [https://medium.com/@davidtstrauss/how-to-throw-a-tantrum-in-one-blog-post-c2ccaa58661d response] and [https://www.agwa.name/blog/post/systemd_is_not_magic_security_dust rebuttal]
 
* [https://www.agwa.name/blog/post/how_to_crash_systemd_in_one_tweet how to crash systemd in one sweet] (works as any user, not just root) and [https://medium.com/@davidtstrauss/how-to-throw-a-tantrum-in-one-blog-post-c2ccaa58661d response] and [https://www.agwa.name/blog/post/systemd_is_not_magic_security_dust rebuttal]
 
* [http://www.openwall.com/lists/oss-security/2017/01/24/4 systemd v228 local root exploit]
 
* [http://www.openwall.com/lists/oss-security/2017/01/24/4 systemd v228 local root exploit]
* [https://github.com/systemd/systemd/issues/5644 tmpfiles: R! /dir/.* destroys root] See also [https://www.preining.info/blog/2017/04/systemd-again/ systemd again (or how to obliterate your system)], Poettering's response: <i>"I am not sure I'd consider this much of a problem. Yeah, it's a UNIX pitfall, but "rm -rf /foo/.*" will work the exact same way, no?"</i> (Hint: no.)
 
* [https://github.com/systemd/systemd/issues/6237 systemd can't handle the process previlege that belongs to user name startswith number, such as 0day] Poettering: "not a bug, a feature"
 
 
* [https://serverfault.com/questions/755818/systemd-using-4gb-ram-after-18-days-of-uptime systemd Using 4GB RAM After 18 Days of Uptime]
 
* [https://serverfault.com/questions/755818/systemd-using-4gb-ram-after-18-days-of-uptime systemd Using 4GB RAM After 18 Days of Uptime]
  +
* [http://www.phoronix.com/scan.php?page=news_item&px=MTYwMzg Phoronix - Screen locking issues (including a security issue) with gnome-shell] -- remained unfixed for over a year
  +
* [http://soylentnews.org/article.pl?sid=14/12/21/1343258 SoylentNews - PID 1 segfaulting on upgrade; journalctl usability issue] - bug report still marked as "NEW"
  +
* [https://lists.debian.org/debian-user/2015/02/msg00010.html "Tried to boot my laptop from a cafe..."]
   
== Breaking promises and immaturity ==
+
== Unprofessionalism ==
   
[http://article.gmane.org/gmane.linux.hotplug.devel/17392 "After udev is merged into the systemd tree you can still build it for usage outside of systemd systems, and we will support these builds officially. In fact, we will be supporting this for a long time"]
+
Linux (kernel) coup attempt:
   
[http://lists.freedesktop.org/archives/systemd-devel/2014-May/019657.html "...this will effectively also mean that we will not support non-systemd systems with udev anymore starting at that point. '''Gentoo folks, this is your wakeup call.'''"]
+
:"kdbus support is no longer compile-time optional ... We encourage all downstream distributions to begin testing kdbus by adding it to the kernel images in the development distributions, and leaving kdbus support in systemd enabled."[http://lists.freedesktop.org/archives/systemd-devel/2015-June/033170.html]
   
Linux (kernel) coup attempt: [http://lists.freedesktop.org/archives/systemd-devel/2015-June/033170.html "kdbus support is no longer compile-time optional ... We encourage all downstream distributions to begin testing kdbus by adding it to the kernel images in the development distributions, and leaving kdbus support in systemd enabled."] [http://lkml.iu.edu/hypermail/linux/kernel/1506.2/03764.html comment on this on LKML ]
+
[http://lkml.iu.edu/hypermail/linux/kernel/1506.2/03764.html LKML comment]
   
 
[https://lwn.net/Articles/641275/ "The kdbuswreck"]
 
[https://lwn.net/Articles/641275/ "The kdbuswreck"]
Line 63: Line 109:
 
[https://github.com/systemd/kdbus "kdbus now out-of-tree"]
 
[https://github.com/systemd/kdbus "kdbus now out-of-tree"]
   
[https://en.wikipedia.org/wiki/D-Bus#kdbus "kdbus dropped in favor of BUS1"]<br>
+
[https://en.wikipedia.org/wiki/D-Bus#kdbus "kdbus dropped in favor of BUS1"]
   
<b>unmet stability promises:</b>
+
* [https://github.com/tmux/tmux/issues/428 systemd developer asks tmux to add systemd specific code]
   
To quote from the systemd [http://www.freedesktop.org/wiki/Software/systemd/InterfaceStabilityPromise/ stability promise]:
+
* systemd promised that their [https://www.freedesktop.org/wiki/Software/systemd/journal-files/ Journal File Format] is stable starting with version 26.[https://www.freedesktop.org/wiki/Software/systemd/InterfacePortabilityAndStabilityChart/] Version 44 however does not follow, "Entry metadata that is not actually a field is serialized like it was a field, but beginning with two underscores."
 
: "Starting with version 26 (the first version released with Fedora 15) we promise to keep a number of them stable and compatible for the future."
 
 
One of their [http://www.freedesktop.org/wiki/Software/systemd/InterfacePortabilityAndStabilityChart/ promises] is for the [http://www.freedesktop.org/wiki/Software/systemd/export/ export format]:
 
 
: "Entry metadata that is not actually a field is serialized like it was a field, but beginning with two underscores. "
 
 
This is not true for version 44 of systemd for example.
 
   
 
== Ignorance of fundamental operating system concepts ==
 
== Ignorance of fundamental operating system concepts ==
Line 73: Line 119:
 
* [http://lists.freedesktop.org/archives/systemd-devel/2015-February/028514.html Lead systemd developer doesn't understand RAID or checksum]
 
* [http://lists.freedesktop.org/archives/systemd-devel/2015-February/028514.html Lead systemd developer doesn't understand RAID or checksum]
 
* [https://github.com/systemd/systemd/issues/825#issuecomment-127917622 Lead systemd developer doesn't understand ''su'', expects it to do something else and then labels it a "broken concept"] - ''su'' isn't supposed to inherit cgroups or audit, those concepts are relatively new and arrived well after the creation of ''su''. TTYs were originally physical devices so of course ''su'' is supposed "inherit" the same device otherwise it would be truly broken. Pseudo TTYs emulate real TTYs so their behaviour is obviously expected to be identical. ''su'' really is just a simple mechanism that calls setuid(2) in order to switch to another user. If he needs to write a new utility to handle scenarios that ''su'' was never designed to handle, no problem, but to label it as a "broken concept" demonstrates a lack of understanding of what ''su'' actually is.
 
* [https://github.com/systemd/systemd/issues/825#issuecomment-127917622 Lead systemd developer doesn't understand ''su'', expects it to do something else and then labels it a "broken concept"] - ''su'' isn't supposed to inherit cgroups or audit, those concepts are relatively new and arrived well after the creation of ''su''. TTYs were originally physical devices so of course ''su'' is supposed "inherit" the same device otherwise it would be truly broken. Pseudo TTYs emulate real TTYs so their behaviour is obviously expected to be identical. ''su'' really is just a simple mechanism that calls setuid(2) in order to switch to another user. If he needs to write a new utility to handle scenarios that ''su'' was never designed to handle, no problem, but to label it as a "broken concept" demonstrates a lack of understanding of what ''su'' actually is.
<br>
 
 
== Blog posts ==
 
 
* 22 Nov 2011 [http://blog.gerhards.net/2011/11/journald-and-rsyslog.html Rainer's Blog - journald and rsyslog]
 
* 25 Nov 2011 [http://blog.gerhards.net/2011/11/what-i-dont-like-about-journald.html Rainer's Blog - What I don't like about journald / Linux Journal]
 
* 29 Oct 2013 [http://gentooexperimental.org/~patrick/weblog/archives/2013-10.html#e2013-10-29T13_39_32.txt Patrick's playground - systemd propaganda: It's a crap!]
 
* 20 Nov 2013 [http://draketo.de/light/english/top-5-systemd-troubles Zwillingssterns Weltenwald - Top 5 systemd troubles - a strategic view for distros]
 
* 09 Feb 2014 [http://ewontfix.com/14/ EWONTFIX - Broken by design: systemd]
 
* 27 Feb 2014 [http://ewontfix.com/15/ EWONTFIX - systemd has 6 service startup notification types, and they're all wrong]
 
* 31 Mar 2014 [https://plus.google.com/+TheodoreTso/posts/4W6rrMMvhWU Theodore Ts'o's Google Plus post]
 
* 03 Apr 2014 [https://igurublog.wordpress.com/2014/04/03/tso-and-linus-and-the-impotent-rage-against-systemd/ IgnorantGuru's Blog - Ts'o and Linus And The Impotent Rage Against systemd]
 
* 23 Apr 2014 [http://landley.net/notes-2014.html#23-04-2014 Rob Landley's Blog Thing for 2014]
 
* 12 Aug 2014 [https://lkml.org/lkml/2014/8/12/459 Open letter to the Linux World]
 
* 18 Aug 2014 [https://www.infoworld.com/article/2608798/data-center/systemd--harbinger-of-the-linux-apocalypse.html Infoworld - systemd: Harbinger of the Linux apocalypse]
 
* 19 Sep 2014 [https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=762194 Debian Bug #762194 "Automatic switch to systemd on wheezy->jessie upgrades"]
 
* 23 Sep 2014 [http://blog.lusis.org/blog/2014/09/23/end-of-linux/ blog dot lusis - The End of Linux]
 
* 26 Sep 2014 [http://judecnelson.blogspot.com/2014/09/systemd-biggest-fallacies.html Jude's blog - systemd: The Biggest Fallacies]
 
* 04 Oct 2014 [https://fitzcarraldoblog.wordpress.com/2014/10/04/my-thoughts-on-systemd/ Fitzcarraldo's Blog - My thoughts on systemd]
 
* 16 Oct 2014 [https://lists.debian.org/debian-vote/2014/10/msg00001.html debian-vote - preserve freedom of choice of init systems]
 
* 22 Nov 2014 [http://louwrentius.com/systemd-forward-secure-sealing-of-system-logs-makes-little-sense.html Louwrentius - Systemd Forward Secure Sealing of System Logs Makes Little Sense]
 
* 28 Nov 2014 [http://news.dieweltistgarnichtso.net/posts/systemd-assumptions-bullying-consent.html systemd: Assumptions, Bullying, Consent]
 
* 12 Dec 2014 [http://utcc.utoronto.ca/~cks/space/blog/linux/SystemdCrashAndMore Chris's Wiki - The bad side of systemd: two recent systemd failures]
 
* 14 Dec 2014 [http://www.gabordemooij.com/index.php?p=/escape_from_systemd Gabor de Mooij - Escape from systemd]
 
* 09 Feb 2015 [http://mrpogson.com/2015/02/09/systemd-or-poettering-name-your-poison/ Robert Pogson - systemd Or Poettering, Name Your Poison]
 
* 14 Jun 2015 [http://www.steven-mcdonald.id.au/articles/systemd.shtml Why I dislike systemd]
 
* 11 Oct 2015 [http://blog.darknedgy.net/technology/2015/10/11/0/ Dark'n'Edgy - Structural and semantic deficiencies in the systemd architecture for real-world service management, a technical treatise]
 
* 17 Oct 2015 [https://bsdmag.org/randy_w_3/ BSD MAG - Problems with systemd and Why I like BSD Init (by Randy Westlund)]
 
* 29 Apr 2017 [http://www.galexander.org/systemd_sucks.html Gregor Alexander - systemd sucks]
 
* 31 Jul 2017 [http://fromthecodefront.blogspot.in/2017/07/systemd-pitfalls.html fromthecodefront - systemd pitfalls]
 
* 23 Oct 2017 [http://fromthecodefront.blogspot.in/2017/10/systemd-no.html fromthecodefront - systemd: Please, No, Not Like This]
 
 
* [http://skarnet.org/software/s6/systemd.html Skarnet - A word about systemd]
 
   
 
== See also ==
 
== See also ==
   
* [[Non-English and multimedia presentations (external links)]]
+
* [[List of systemd-critical webpages]]
+
* [[List of systemd-critical webpages (non-English)]]
Other sites:
 
 
* [https://suckless.org/sucks/systemd suckless.org - systemd is the best example of Suck]
 
* boycottsystemd.org (down)[http://www.webcitation.org/query?id=1399384468768939&date=%400&fromform=1], [[Local copy of boycottsystemd.org archive]]
 
 
Forum posts:
 
 
* [https://forums.bunsenlabs.org/viewtopic.php?id=4346 Fast boot?] in-the-wild discussion (workarounding slow OOTB systemd boot) "Performance tuning the boot process"
 
* [http://forums.debian.net/viewtopic.php?f=20&t=120652&p=570371 Combatting revisionist history]
 
 
Other links:
 
 
* [https://sysdfree.wordpress.com/ blogsite: systemd-free linux community]
 
* [https://pwnies.com/winners/#lamestvendor PwnieAwards 2017 - Lamest Vendor Response goes to Lennart Poettering for systemd] [https://twitter.com/dalmoz_/status/890397041674911745/photo/1 tweet]
 
* [http://pappp.net/?p=969 PAPPP's ramblings - Linux Future (how systemd is not like Unix)]
 
* [https://github.com/coreos/rkt/issues/576 GitHub#576 - systemd requiring CAP_SYS_ADMIN weakening container safety in coreOS/rkt]
 
* [https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=668001#20 Debian#668001 "debootstrap: cant install systemd instead of sysvinit"] (2014 mailing list thread, 100+ msgs)
 

Latest revision as of 21:11, 5 April 2019

Contents

Please objectively explain issues and link a reliable source (commit, bug report or documentation).

[edit] Scope creep

systemd suffers from scope creep.

See Wikipedia:File:Systemd components.svg.

To be added: systemd-cryptsetup, pam_systemd, acpi, cgroups, gnome-session, tcpwrapper, audit

[edit] Issues

  • fsck cannot be cancelled (used to be possible via C-c or c on the console). 7f110ff9b8, Fedora#719952
  • systemd defaults to Google's DNS nameservers. e16cb2e4ef, Debian#761658
  • systemd defaults to Google's NTP servers, which serve leap-smeared time. GitHub#437
  • systemd by default uses Predictable Network Interface Names, which are actually less predictable when you only have one interface per type.
  • systemd by default kills background processes after the user logs out. 97e5530cf2, Debian#825394
    "In my view it was actually quite strange of UNIX that it by default let arbitrary user code stay around unrestricted after logout." -Poettering[6]
  • As systemd depends on many files on a rootfs, in case of any problems with rootfs, it is not able to control processes and (cleanly) shutdown/reboot when Crtl-Alt-Del is pressed.[7]
  • systemd-resolved breaks the traditional glibc behavior by skipping a DNS server in all following queries, if it does not respond once. GitHub#5755, [8]

[edit] Conceptional problems

[edit] Poor design

[edit] Scope creep leads to vulnerabilities

[edit] CVEs

Debian tracker

[edit] Absurd bugs and responses

  • Debian#739593 systemd makes / shared by default, poettering suggest to not patch this, because you'll broke a lot of containers
  • freedesktop#74589 Unchecked null pointer dereferencing in PID 1 not considered a serious issue.
  • openSUSE#918226 systemd segfaults after updating from 208-23.3 to 208-28.1
  • GitHub#2402 Mount efivarfs read-only - Doing rm -rf / bricks your computer
  • Debian#776171 Unable to shutdown
  • freedesktop#61191 systemd-journald eats 100% CPU
  • freedesktop#64116 Corrupted binary logs
  • GitHub#5644 tmpfiles: R! /dir/.* destroys root, also see systemd again (or how to obliterate your system)
  • GitHub#6237 systemd can't handle the process previlege that belongs to user name startswith number, such as 0day
  • GitHub#2039 Default value of RemoveIPC doensn't allow to use third party daemons. -- "This is an issue tracker, not a support forum."
  • GitHub#8596 redhat#1494014 systemd incorrectly unmounts a reused mount point after a device removal / systemd automatically unmounts filesystem mounted using "mount <mountpoint>" command
  • Github#9602 systemd won't allow the system to start if the system is configured correctly (/etc/localtime as a symlink) (you can even use systemd's tool to configure it!)

Missing bug report link:

[edit] Unprofessionalism

Linux (kernel) coup attempt:

"kdbus support is no longer compile-time optional ... We encourage all downstream distributions to begin testing kdbus by adding it to the kernel images in the development distributions, and leaving kdbus support in systemd enabled."[9]

LKML comment

"The kdbuswreck"

"kdbus now out-of-tree"

"kdbus dropped in favor of BUS1"

  • systemd promised that their Journal File Format is stable starting with version 26.[10] Version 44 however does not follow, "Entry metadata that is not actually a field is serialized like it was a field, but beginning with two underscores."

[edit] Ignorance of fundamental operating system concepts

[edit] See also

Personal tools