Arguments against systemd
- Local copy of boycottsystemd.org archive
- EWONTFIX - Broken by design: systemd
- EWONTFIX - Systemd has 6 service startup notification types, and they're all wrong
- Patrick's playground - Systemd propaganda: It's a crap!
- Top 5 systemd troubles - a strategic view for distros
- Systemd? More like Shit-stemd
- "...There are several problems with systemd unrelated to code quality..."
- Systemd: The Biggest Fallacies
- systemd: Assumptions, Bullying, Consent
- Open letter to the Linux World
- systemd Or Poettering, Name Your Poison
- Combatting revisionist history
- Ts’o and Linus And The Impotent Rage Against systemd
- A realization that I recently came to while discussing the whole systemd controversy...
- systemd vault - Everything you need to fully understand the systemd problem
- Systemd Forward Secure Sealing of System Logs Makes Little Sense
- journald and rsyslog
- What I don't like about journald / Linux Journal
- Disappointing press reactions...
- Why I dislike systemd
- Is `systemd` an NSA attempt?
- Systemd is the best example of Suck.
- The systemd fallacy
- Structural and semantic deficiencies in the systemd architecture for real-world service management, a technical treatise
- PAPPP's ramblings - Linux Future (how systemd is not like Unix)
Breaking promises and immaturity
"After udev is merged into the systemd tree you can still build it for usage outside of systemd systems, and we will support these builds officially. In fact, we will be supporting this for a long time"
Linux (kernel) coup attempt: "kdbus support is no longer compile-time optional ... We encourage all downstream distributions to begin testing kdbus by adding it to the kernel images in the development distributions, and leaving kdbus support in systemd enabled." comment on this on LKML
To quote from the systemd stability promise:
- "Starting with version 26 (the first version released with Fedora 15) we promise to keep a number of them stable and compatible for the future."
- "Entry metadata that is not actually a field is serialized like it was a field, but beginning with two underscores. "
This is not true for version 44 of systemd for example.
- systemd assimilates udev
- systemd takes over logging (and as if that wasn't bad enough, it uses a binary format)
- Systemd Gains IP Forwarding, IP Masquerading & Basic Firewall Controls
- Gummiboot UEFI Boot Loader To Be Added To Systemd
- DNS cache
- web server
Absurd Bugs and Responses
- Unchecked null pointer dereferencing in PID 1 not considered a serious issue - "I will not work on this" - Systemd requires cgroups.
- Screen locking issues (including a security issue) with gnome-shell - remained unfixed for over a year]
- PID 1 segfaulting on upgrade; journalctl usability issue - bug report still marked as "NEW"
- "Tried to boot my laptop from a cafe..."
- Systemd Prevents the Skipping of fsck while Booting - still unresolved
- Systemd Disables the Linux Magic SysRq Key - closed as "NOTABUG"
- systemd segfaults after updating from 208-23.3 to 208-28.1
- Please do not default to using Google nameservers - Debian package maintainer refuses to acknowledge the privacy leak and closed the bug.
- Do not parse "debug" command line parameter - Response on LKML
- timeX.google.com provide non standard time - Horrible default behaviour but Lennart tries to shift the blame on distros because "systemd is not a product".
- Mount efivarfs read-only - Doing rm -rf / bricks your computer
- journal ip anonymization - It's very difficult to use systemd/journal on a privacy aware system or infrastructure.
Scope Creep Leads to Vulnerabilities
- Improper argument parsing
- systemd has a filename that starts with a hyphen! - This causes all sorts problems as it will usually be interpreted as the start of a command option when used on the command line. You don't even need to specify the filename for it to cause problems as it will affect commands that use globbing. Not to mention that the file in question, "-.slice", they refer to as the "root slice" which causes confusion as the term "slice" has been used for decades as an alternative way of referring to a disk partition yet their usage is completely unrelated.
- Systemd mounted efivarfs read-write, allowing motherboard bricking via 'rm' See also No POST after rm -rf / - Lennart's argument for mounting /sys/firmware/efi/efivars as read/write as a default behaviour doesn't hold water. Yes it's true that some tools may need to write to it but those tools are not needed for the general running of a system. efivars should not even be mounted as read-only by default. Those tools that need to write to efivars will generally only be invoked by a system administrator. A competent sysadmin will know how to mount efivars with read/write permissions when they need to to use those tools. The only reason to mount efivars by default is for convenience. This is by no means a good reason. From a security perspective, mounting efivars by default should be strongly discouraged as it breaks the principle of least privilege. Lennart goes on to state that systemd needs to write EFI variables. This demonstrates yet another example of scope creep and thus poor design.
Debunking the myth of unit files being significantly shorter than scripts used by all other init systems: A side-by-side look at run scripts and service units
Ignorance of fundamental operating system concepts
- Lead systemd developer doesn't understand RAID or checksum
- Lead systemd developer doesn't understand su, expects it to do something else and then labels it a "broken concept" - su isn't supposed to inherit cgroups or audit, those concepts are relatively new and arrived well after the creation of su. TTYs were originally physical devices so of course su is supposed "inherit" the same device otherwise it would be truly broken. Pseudo TTYs emulate real TTYs so their behaviour is obviously expected to be identical. su really is just a simple mechanism that calls setuid(2) in order to switch to another user. If he needs to write a new utility to handle scenarios that su was never designed to handle, no problem, but to label it as a "broken concept" demonstrates a lack of understanding of what su actually is.
Restarting samba in sysvinit:
[email protected]:~# /etc/init.d/samba restart
[ ok ] Stopping NetBIOS name server: nmbd.
[ ok ] Starting NetBIOS name server: nmbd.
[ ok ] Stopping SMB/CIFS daemon: smbd.
[ ok ] Starting SMB/CIFS daemon: smbd.
[ ok ] Stopping Samba AD DC daemon: samba.
Restarting samba in systemd:
[email protected]:~# service samba restart
Failed to restart samba.service: Unit samba.service is masked.
[email protected]:~# service samba stop
[email protected]:~# service samba start
Failed to start samba.service: Unit samba.service is masked.
Reloading samba in sysvinit:
[email protected]:~# /etc/init.d/samba reload
[ ok ] Reloading /etc/samba/smb.conf: smbd.
Reloading samba in systemd: impossible...