Arguments against systemd

From Without Systemd
(Difference between revisions)
Jump to: navigation, search
(Scope creep: update, use fancy arrows)
(Scope creep: rewrite section)
Line 26: Line 26:
   
 
== Scope creep ==
 
== Scope creep ==
 
* [http://www.phoronix.com/scan.php?page=news_item&px=systemd-networkd-IP-Forward systemd Gains IP Forwarding, IP Masquerading & Basic Firewall Controls]
 
* [http://www.phoronix.com/scan.php?page=news_item&px=systemd-Gummiboot-Boot-Loader Gummiboot UEFI boot loader to be added to systemd]
 
* [http://www.freedesktop.org/software/systemd/man/systemd-resolved.service.html DNS cache] --- [https://lists.dns-oarc.net/pipermail/dns-operations/2016-June/014964.html systemd-resolved]
 
* [https://github.com/tmux/tmux/issues/428 systemd developer asks tmux to add systemd specific code]
 
* An init system that requires even on a server a library for rendering QR codes: Post in [https://www.heise.de/forum/iX/News-Kommentare/Red-Hat-Enterprise-Linux-for-SAP-Solutions/Neulich-auf-einem-RedHat-Server/posting-31123843/show/ Heise Forum] and reference in [https://lists.fedoraproject.org/pipermail/devel/2012-October/172163.html Fedora]
 
   
 
[[File:Systemd_anigif.gif]]
 
[[File:Systemd_anigif.gif]]
   
* init system
+
* systemd is an init system
* [[Wikipedia:Login manager|login manager]] systemd-logind
+
* systemd also provides a [[Wikipedia:Login manager|login manager]], {{man|systemd-logind}}
* [[Wikipedia:Pluggable authentication module|PAM]] pam_systemd
+
* systemd also provides a [[Wikipedia:Syslog|syslog]] daemon, {{man|systemd-journald}}, see [https://docs.google.com/document/pub?id=1IC9yOXj7j6cdLLxWEBAGRL6wl97tFxgjLUEHIX3MSTs Introducing the Journal]
* getty
 
* [[Wikipedia:Syslog|syslog]] → [http://www.freedesktop.org/software/systemd/man/systemd-journald.service.html journald]
 
 
** Uses a binary format.
 
** Uses a binary format.
* [[Wikipedia:udev|udev]] [http://article.gmane.org/gmane.linux.hotplug.devel/17392 merged into the systemd source tree]
+
* systemd also provides a [[Wikipedia:Mount_(Unix)|mount]] front-end, {{man|systemd-mount}}[http://www.phoronix.com/scan.php?page=news_item&px=Systemd-Mount]
* [[Wikipedia:Mount_(Unix)|mount]] systemd-mount[http://www.phoronix.com/scan.php?page=news_item&px=Systemd-Mount]
+
* The [[Wikipedia:udev|udev]] sources were merged into the systemd source tree.[http://article.gmane.org/gmane.linux.hotplug.devel/17392].
* [https://gitlab.com/cryptsetup/cryptsetup cryptsetup] systemd-cryptsetup
+
* systemd provides {{man|systemd.timer}} timer units, which can be used to replace [[Wikipedia:cron|cron]] and [[Wikipedia:At_(Unix)|at]].
* [[Wikipedia:cron|cron]] & [[Wikipedia:At_(Unix)|at]] systemd.timer
+
* systemd provides a [[Wikipedia:D-Bus|D-Bus]] client library, {{man|sd-bus}}, see [http://0pointer.net/blog/the-new-sd-bus-api-of-systemd.html sd-bus]
* [[Wikipedia:D-Bus|dbus]] [http://0pointer.net/blog/the-new-sd-bus-api-of-systemd.html sd-bus]
+
* systemd provides automount via {{man|systemd.automount}} to substitute autofs
* [[Wikipedia:Acpi|acpi]]
+
* systemd provides a HTTP server for journal events, {{man|systemd-journal-gatewayd}} (can be disabled with <code>remote</code> compile option)
* [[Wikipedia:cgroups|cgroups]]
 
* gnome-session
 
* autofs - automount.automount
 
* tcpwrapper
 
* audit
 
   
 
See [[Wikipedia:File:Systemd components.svg]].
 
See [[Wikipedia:File:Systemd components.svg]].
   
Other features:
+
To be added: {{man|systemd-cryptsetup}}, {{man|pam_systemd}}, [[Wikipedia:Acpi|acpi]], [[Wikipedia:cgroups|cgroups]], gnome-session, tcpwrapper, audit
   
* [http://www.freedesktop.org/software/systemd/man/systemd-journal-gatewayd.service.html systemd-journal-gatewayd] - HTTP server for journal events (can be disabled with <code>remote</code> compile option)
+
* [http://www.phoronix.com/scan.php?page=news_item&px=systemd-networkd-IP-Forward systemd Gains IP Forwarding, IP Masquerading & Basic Firewall Controls]
  +
* [http://www.phoronix.com/scan.php?page=news_item&px=systemd-Gummiboot-Boot-Loader Gummiboot UEFI boot loader to be added to systemd]
  +
* [http://www.freedesktop.org/software/systemd/man/systemd-resolved.service.html DNS cache] --- [https://lists.dns-oarc.net/pipermail/dns-operations/2016-June/014964.html systemd-resolved]
  +
* [https://github.com/tmux/tmux/issues/428 systemd developer asks tmux to add systemd specific code]
  +
* <s>An init system that requires even on a server a library for rendering QR codes: Post in [https://www.heise.de/forum/iX/News-Kommentare/Red-Hat-Enterprise-Linux-for-SAP-Solutions/Neulich-auf-einem-RedHat-Server/posting-31123843/show/ Heise Forum] and reference in [https://lists.fedoraproject.org/pipermail/devel/2012-October/172163.html Fedora]</s>
   
 
== Scope creep leads to vulnerabilities ==
 
== Scope creep leads to vulnerabilities ==

Revision as of 21:07, 16 April 2018

Contents

Please objectively explain issues and link a reliable source (commit, bug report or documentation).

Issues

  • fsck cannot be cancelled (used to be possible via C-c or c on the console). 7f110ff9b8, Fedora#719952
  • systemd defaults to Google's DNS nameservers. e16cb2e4ef, Debian#761658
  • systemd defaults to Google's NTP servers, which serve leap-smeared time. GitHub#437
  • systemd by default uses Predictable Network Interface Names, which are actually less predictable when you only have one interface per type.
  • systemd by default kills background processes after the user logs out. 97e5530cf2, Debian#825394
    "In my view it was actually quite strange of UNIX that it by default let arbitrary user code stay around unrestricted after logout." -Poettering[1]
  • As systemd depends on many files on a rootfs, in case of any problems with rootfs, it is not able to control processes and (cleanly) shutdown/reboot when Crtl-Alt-Del is pressed.[2]
  • systemd-resolved breaks the traditional glibc behavior and skips a DNS server in all following queries, if it does not respond once. GitHub#5755, [3]

Conceptional problems

Poor design

Scope creep

Systemd anigif.gif

See Wikipedia:File:Systemd components.svg.

To be added: systemd-cryptsetup, pam_systemd, acpi, cgroups, gnome-session, tcpwrapper, audit

Scope creep leads to vulnerabilities

Absurd bugs and responses

Breaking promises and immaturity

"After udev is merged into the systemd tree you can still build it for usage outside of systemd systems, and we will support these builds officially. In fact, we will be supporting this for a long time"

"...this will effectively also mean that we will not support non-systemd systems with udev anymore starting at that point. Gentoo folks, this is your wakeup call."

Linux (kernel) coup attempt: "kdbus support is no longer compile-time optional ... We encourage all downstream distributions to begin testing kdbus by adding it to the kernel images in the development distributions, and leaving kdbus support in systemd enabled." comment on this on LKML

"The kdbuswreck"

"kdbus now out-of-tree"

"kdbus dropped in favor of BUS1"

unmet stability promises:

To quote from the systemd stability promise:

"Starting with version 26 (the first version released with Fedora 15) we promise to keep a number of them stable and compatible for the future."

One of their promises is for the export format:

"Entry metadata that is not actually a field is serialized like it was a field, but beginning with two underscores. "

This is not true for version 44 of systemd for example.

Ignorance of fundamental operating system concepts

See also

Forum posts:

Other links:

Personal tools