Systemd Getting UEFI Boot Loader 471
New submitter mrons writes: Many new features are coming for systemd. This includes the ability to do a full secure boot. As Lennart Poettering mentions in a Google+ comment: "This is really just about providing the tools to implement the full trust chain from the firmware to the host OS, if SecureBoot is available. ... Of course, if you don't have EFI SecureBoot, than nothing changes. Also if you turn it off, than nothing changes either. [sic]" Phoronix notes, "Gummiboot is a simple UEFI boot manager that's been around for a few years but only receives new work from time-to-time. Lennart and Kay Sievers are looking at adding Gummiboot to systemd to complete the safety chain of the boot process with UEFI Secure Boot. Systemd will communicate with this UEFI boot loader to ensure the system didn't boot into a compromised state."
tl;dr (Score:5, Funny)
In the bloat
Off to FreeBSD
In a safety boat
burma shave
My FreeBSD Report: Four Months In (Score:4, Interesting)
Just over four months ago, I updated my Debian testing workstation. To keep a long story short, systemd was installed, and my workstation basically got trashed. It no longer booted properly, and none of my attempts to fix it worked. I used a livecd to perform one final backup.
I proceeded to install FreeBSD 10. In hindsight, I wish I had done this years ago. FreeBSD has worked almost perfectly for me. The installation was fast and actually quite simple. All of the open source software I used to use under Debian is available and easily installed. ZFS is amazing. My system feels faster than it ever did before. It has yet to crash even once, unlike Debian and Linux, where I'd get a kernel panic around once a month. The upgrade to FreeBSD 10.1 went very smoothly, with almost no effort on my part.
I used to be disturbed by the recent degradation of the Debian project. But now I no longer care. Since moving to FreeBSD, I have no need for Debian. Debian is basically dead to me now. If it dies as a project, I don't care. FreeBSD does everything I need, and it does it better than Debian and Linux ever did.
Good riddance, Debian. Good riddance, Linux. Good riddance, systemd. All of them are failures compared to FreeBSD.
Re:My FreeBSD Report: Four Months In (Score:4, Insightful)
Just over four months ago, I updated my Debian testing workstation. To keep a long story short, systemd was installed, and my workstation basically got trashed. It no longer booted properly, and none of my attempts to fix it worked. I used a livecd to perform one final backup.
Have you tried it on a stable OS release that has systemd? I assume you know that testing is a development branch and is supposed to break, otherwise it would be called stable. Fedora has been using it for years now and it has been fine.
Re:My FreeBSD Report: Four Months In (Score:5, Interesting)
Just over four months ago, I updated my Debian testing workstation. To keep a long story short, systemd was installed, and my workstation basically got trashed. It no longer booted properly, and none of my attempts to fix it worked. I used a livecd to perform one final backup.
Have you tried it on a stable OS release that has systemd? I assume you know that testing is a development branch and is supposed to break, otherwise it would be called stable. Fedora has been using it for years now and it has been fine.
I concur, I have been using Fedora for quite a few years and have never had a problem with systemd. I unfortunately think our words are totally wasted on the haters though .
Re: (Score:2)
Re: (Score:2)
I concur, I have been using Fedora for quite a few years and have never had a problem with systemd.
While you may have a point that judging it based on testing branch distros may be a bit unfair, "it doesn't crash as much as people say" isn't much of a selling point.
Re:My FreeBSD Report: Four Months In (Score:5, Funny)
Well, you see, I don't have a problem with systemd not working. My problem is that systemd is a great OS that lacks a decent init system.
Re: (Score:3)
Someone mod this guy up.
Re:My FreeBSD Report: Four Months In (Score:5, Funny)
Coming to Netflix this fall: "Systemd is the new EMACS"
Re:My FreeBSD Report: Four Months In (Score:4, Funny)
I stream that movie to find out which of the two monsters comes out on top.
Or they could both die at the end ;-)
"Us poor systemd users, hated so much" (Score:2, Insightful)
This is quite the common tactic in some places. So much so that islamists have a word for it: taqiyya.
No, I'm not saying you should grow a beard and start wearing a tent, go ass-in-the-air on a mat five times a day offering praise to the prophet poettering. I'm saying your words employ a tactic that's been used before, to the point that there's a word for it.
SJW tactics 101 (Score:3, Informative)
Just look at this presentation [youtube.com], where a presenter dares to suggest that some people don't want Gnome, and then Lennart construes this (immediately) as an attack on handicapped people or people who don't speak English. I'm not exaggerating at all - as soon as someone even suggests doing things a different way, he'll just jump up and say, 'you must hate handicapped people.'
In fact, this is exactly how Debian has turned now that it's been taken over by his cronies. Anyone who even dares to go against him and G
Re: (Score:3)
I tried PCBSD a month ago. Installation was brain dead simple and it played all media files without any effort beyond installing the players. The only issue I had is that it won't deal with LUKS encrypted drives nicely so I installed Mint. Mint also plays all media but the video is choppier whereas on PCBSD it silky smooth. My plan, when I get around to it, is to order another HD and then transition back to PCBSD after some copying. I've just been lazy about it.
Re: (Score:3)
I thought Ubuntu *did* ship with that support since it's a South African distro, not US-based (and that this was one reason why people liked it--it came with everything out-of-the-box).
Canonical is UK based, http://www.canonical.com/about [canonical.com]
Re: (Score:2, Informative)
I assume you know that testing is a development branch and is supposed to break,
No, it's not "supposed to break". Heck I ran unstable for years and only had 1 serious problem in all that time. If you really want crazy go to experimental.
Testing is for hashing out deep and difficult bugs not "This is a complete POS"
Re:My FreeBSD Report: Four Months In (Score:5, Insightful)
https://wiki.debian.org/Debian... [debian.org]
Nearly every single time Debian has made major plumbing changes, by for example upgrading or changing major boot packages that run by default, they've broken testing. Read the archives and you'll even find times they've corrupted peoples drives. Maybe you should be aware of what you are using, for gods sake they have a warning when you install testing that you run the chance of total data loss and having to format and reinstall.
But of course you know better than the Debian Developers!
Re:My FreeBSD Report: Four Months In (Score:5, Informative)
Not enough coffee this morning, I quoted Unstable. Testing has similar warnings and you will find that every time there is major plumbing changes testing breaks. It's inevitable as edge cases break things.
Search the archives, there have been plenty of instances where a package pushed into testing broke people's machines. I remember several.
Re: (Score:3)
There's a difference between This package broke a small test case" and "A large number of users are having problems across the board"
And the latter has been seen even in release candidates of major distributions a scant few years ago.
If its not production, its not considered stable yet.
Re: (Score:3)
Wow, I had to go look for myself and you're right RedHat/Fedora has ironed out ALL the bugs with systemd [redhat.com]
This one is a few weeks old [redhat.com]
most, if not all of my systemd-units on a dozen of servers using constructs like below to make the whole tree /var/lib readonly and the needed subfolder RW which is now broken in Fedora 21 and kills all my setups
And what makes debugging even more fun is it does it randomly too:
I can confirm Harald's report at DigitalOcean F21 x86_64. It happens on root login, but *not* every time.
Re:My FreeBSD Report: Four Months In (Score:4, Informative)
https://en.wikipedia.org/wiki/... [wikipedia.org]
SystemD is fucked up by design. Do one thing. Do it right.
Now they're taking a separate, barely updated UEFI bootloader and shoehorning it in as well. They would have been a bit better of at least starting from Grub2.
Re: (Score:3)
Linux isnt Unix. Unix is that way [freebsd.org].
Re:My FreeBSD Report: Four Months In (Score:4, Informative)
It WAS that way:
A Linux-based system is a modular Unix-like operating system. It derives much of its basic design from principles established in Unix during the 1970s and 1980s. Such a system uses a monolithic kernel, the Linux kernel, which handles process control, networking, and peripheral and file system access. Device drivers are either integrated directly with the kernel or added as modules loaded while the system is running.
Other people in this thread have already point out that the direction systemd is headed will leave us with 2 binaries: The kernel and systemd. What next, systemd incorporates a mysql server?
Re:My FreeBSD Report: Four Months In (Score:5, Funny)
What next, systemd incorporates a mysql server?
How else would you properly store all your binary log files?
Re: (Score:3)
MongoDB. It's webscale because it doesn't use joins.
Re:My FreeBSD Report: Four Months In (Score:5, Funny)
Re: (Score:3)
What next, systemd incorporates a mysql server?
Great idea!
-Poettering
Re:My FreeBSD Report: Four Months In (Score:4, Interesting)
They are doing one thing, and doing it right. They are providing much needed middleware and useful APIs, unifying Linux' Balkans.
GRUB2 isn't the UEFI bootloader. It does much more, mainly in order to boot on legacy BIOS systems. I find gummiboot much better, I've been using it for years.
Re: (Score:3)
Too long. How about PoS?
Re:My FreeBSD Report: Four Months In (Score:5, Funny)
Fedora has been using it for years now and it has been fine.
Mostly fine.
Re:My FreeBSD Report: Four Months In (Score:4, Insightful)
That's the problem. There isn't a stable release with systemd. The code isn't audited, nor has it seen actual production testing. It was just foisted on the end users without any transition period, possibly breaking every single app that uses the init.d mechanism for starting and control.
To boot, with systemd's ability to listen on the network, it has a good chance of becoming a massive remote root exploit in the waiting. Does it have any internal security? We can cross fingers that this large blob of new code does more harm than good, but all it takes is one glitch, and it would mean havoc worse than the RTM worm on the UNIX side ages ago, or the Windows worms in the early 2000s.
Re:My FreeBSD Report: Four Months In (Score:5, Informative)
That's the problem. There isn't a stable release with systemd.
Fedora has so far released six stable releases with systemd, and Red Hat shipped their first stable release with systemd last summer.
The code isn't audited, nor has it seen actual production testing. It was just foisted on the end users without any transition period, possibly breaking every single app that uses the init.d mechanism for starting and control.
It has been shipping in Fedora for the past four years, and in RHEL since last summer. If that's not production testing then what is?
To boot, with systemd's ability to listen on the network, it has a good chance of becoming a massive remote root exploit in the waiting. Does it have any internal security? We can cross fingers that this large blob of new code does more harm than good, but all it takes is one glitch, and it would mean havoc worse than the RTM worm on the UNIX side ages ago, or the Windows worms in the early 2000s.
Inetd has been doing that for years. It has since moved to a different project. Big deal?
Re:My FreeBSD Report: Four Months In (Score:5, Insightful)
It has been shipping in Fedora for the past four years, and in RHEL since last summer. If that's not production testing then what is?
And to think, enterprise users are still complaining about problems that SystemD is creating, but those issues are being shrugged off as "working as expected".
To compare it, Windows 8 must be a success because it's been in production for a few years now. SystemD is nearly identical to Metro in every abstract way. The end users who care, don't want it, some people just accept it and think it's great. Well good for them, now give us an option to not use Metro/SystemD and let people who like it use it. the problem with SystemD is there is no option, everything breaks without it as more things become dependent on it.
Re: (Score:3)
The thing I worry about is that, since Red Hat (which controls systemd) is a USA company, it is quite likely in bed with the NSA, which has been *proven* to be spying on everyone worldwide as much as it can. So it is possible that there's exploits built into systemd to allow NSA spying.
I would feel much safer if it were a project made by a company in some other country, like Finland, not an American company. American companies cannot be trusted to protect our privacy, or really trusted in any way at all.
I guess you don't run a lot of software then.
An by the way, systemd is not controlled by Red Hat. Even Canonical has had some systemd commiters since long before Ubuntu decided to switch.
Re:My FreeBSD Report: Four Months In (Score:4, Funny)
Does it have any internal security?
It has UEFI Secure Boot. That means that it is now secure.
Re:My FreeBSD Report: Four Months In (Score:5, Interesting)
Have you tried it on a stable OS release that has systemd?
You mean like Fedora/RH which has 4 'urgent' severity bugs with systemd [redhat.com]
Including one where systemd breaks Keyboard shortcuts handling in text virtual consoles [redhat.com] on Redhat Enterprise Linux.
If you lower the bar to "high" priority you get some fun ones like:
Unable to boot when systemd's LogTarget is set to syslog-or-kmsg or syslog [redhat.com] on RHEL7. (The devs left it at "Ok, dropping log messages even just from systemd itself isn't probaly a best way, but wee need more time for investigation." in September 2014).
reboot or shutdown commands unresponsive during systemd-fsck [redhat.com]
systemd stuck when auto-mouting volume for NFS [redhat.com]
Systemd doesn't unmount all devices before calling reboot/halt and thus corrupts a clean RAID1 [redhat.com]
These aren't "oops, I can't play MP3" level bugs.
Re: (Score:3, Insightful)
What we're seeing is a real-life demonstration of "why you really shouldn't try to re-implement the first 4 network layers":
Because you're going to make all the same mistakes that were stomped out of the Unix TCP/IP stack over the last 25 years.
Re:My FreeBSD Report: Four Months In (Score:4, Insightful)
If the transition was going to be smooth it would have been wheezy not Jessie. They waited and so it was bumpy Had they waited longer it would have been more bumpy.
As for not enforcing the need for sysvinit compatibility how did you want them to do that?
Re:My FreeBSD Report: Four Months In (Score:5, Informative)
FreeBSD user here since over a decade. Welcome.
You haven't seen FreeBSD crash? It only means that you haven't seen enough, yet. FreeBSD is a great system and I recommend it to everyone who can manage it, but you don't need to mention stability as a feature, because it is not the highlight about FreeBSD. You don't install a system and watch how stable it is, but how useful it is (for you and your special requirements).
The best thing about FreeBSD are the FreeBSD Ports and how much commitment there is to make every possible application work on the system. You have basically far more possibilities and options than on Linux distributions thanks to the great job they are doing on this system.
A second point is that it is easier to feel comfortable on the system, because the whole thing is consistent and easy to understand, provided you take some time and learn about the concepts.
Re: (Score:2)
"You don't install a system and watch how stable it is, but how useful it is"
A system that goes down halfway through updating a million rows of customer data is not terribly useful. The whole point about *nix is its stability. You can leave the Oooh Shiny Features and piss poor stability to Microsoft, they've got that covered.
Comment removed (Score:5, Funny)
Re: (Score:2)
Re: (Score:2)
It has yet to crash even once, unlike Debian and Linux, where I'd get a kernel panic around once a month.
This sounds like the problem right here. What was casing the kernel panics? From what you say you seem extremely competent with *NIX systems, so why didn't you find the cause of the panics?
For what it's worth, I run quite a few Debian-based systems (alright, I'll say it: Ubuntu Server) both on real hardware (commodity and a Dell PowerEdge) and also in AWS (virtual machines in the cloud). I cannot remember my last kernel panic, it has been _years_ since I've seen that.
Note that Ubuntu is still using upstart,
Re:My FreeBSD Report: Four Months In (Score:5, Insightful)
Re: (Score:2)
If you run anything other than Stable on corporate servers you're a fool. They break testing, yes it's not as frequent as unstable but they do break testing, nearly every time there is a major plumbing change.
Re: (Score:2)
What the hell is that?
Life.
Burma shave.
Re: (Score:2)
Just do more work ruir! Double in fact.
Re:My FreeBSD Report: Four Months In (Score:5, Informative)
More like different focuses.
FreeBSD is nice, but it's very server-oriented. Sure you can use it on a desktop through ports, but everything's still basically assuming you're on a server.
SystemD is like PulseAudio, CUPS, and NetworkManager - they're tools to handle the complex desktop use cases that don't exist with servers.
Of course, one thing FreeBSD does have is a general guidance and an avoidance of the latest shiny or political plays, which means a lot of Linux cruftiness is avoided, so stability in that form means things don't change too much.
But, desktop users have a lot of requirements that just cannot be band-aided over like they do in Linux where you have spitwads, gum and duct tape holding together a lot of the system. Sure it works, but it's an extremely fragile system that's just begging for breakage.
Here's some use cases that are extremely common in a desktop, but not at all on a server, and how various packages handle them.
Audio - modern desktops have multiple audio paths - from HDMI to plain old speaker/headphone/line outs. And new ones appear and disappear constantly (say, Bluetooth). And audio needs to be mixed because the user might be watching a YouTube video when the system needs to alert them via a system sound. Or say, the user is listening to music, and then a VoIP call comes in which means muting the audio from the music player and activating the communications audio path (which can be completely different audio paths - the music may play through a speaker path, while the VoIP takes place over a headset using either a separate set of ADCs and DACs, Bluetooth, or whatever). Or perhaps the user is listening to music over their A/V system using HDMI audio. Then they turn off their A/V system losing the audio connection - audio now needs to be transported to a secondary source transparently to the application (can't have apps crashing because the audio device disappeared). Or how about a user opening an audio device for exclusive use (low latency, bit-perfect, whatever), and the system needs to play a sound (VoIP, alert, whatever). If there's no other audio path, it's a too-bad situation. But if there's another set of speakers or audio, why not route that audio that way so the user can get the alert through a secondary audio path?
Networks are just as tricky - you want to connect to many different networks with differing roles - perhaps if you're at home, you bring down the firewall, while if you're on the go, the firewall goes up and maybe the VPN does too. Suddenly media connections are very important too because once you disconnect, you don't know if the next attachment will be to a trusted or untrusted network. And the firewall may need to manage different rules - like perhaps the HTTP server is allowed on all networks - public, private, VPN, whatever, while say Samba should only be accessible on private networks only. Repeat for other applications as necessary.
SystemD is similar - a lot of services these days aren't launched on the system's behalf, but on the user. Right now there are dozens of different ways to have services launch when you log in - every environment provides a different way of doing it and there's no standard, so perhaps if you need a service to launch on Ubuntu when you log in, it won't work on Fedora. That's a huge mess - why not have something that's good at managing processes do it? Sure you have system services that start up on system boot, but there are a lot
Re: (Score:3)
SystemD is like PulseAudio, CUPS, and NetworkManager - they're tools to handle the complex desktop use cases that don't exist with servers.
PulseAudio - OK, yes. Clearly desktop oriented.
CUPS - we still need print spoolers. Especially in environments where accounting and chargeback are required. The old print systems were harder to set up than CUPS. This is needed on servers just as much as it is on desktops.
NetworkManager - I used to manage a lot of firewalls that ran CentOS. NetworkManager was nice, because sites where the internet connection was not 100% reliable and not static could disconnect the uplink Ethernet cable, and plug it bac
Re: (Score:3)
The companies managing thousands of servers are some of the largest advocates for many of the key ideas of systemd especially process management. It is small admin managing small numbers of boxes with very old fashioned configurations that are having the biggest problems. This is not about managing tens of thousands of servers.
Re: (Score:3)
If only FreeBSD would boot my old 08 Macbook but only Ubuntu works on it...someone make a howto if it's possible, Linux blows.
Assuming you're serious and the problem is that you can't get FreeBSD to boot after the installation, check the post installation steps [glenbarber.us] ("gpart" section towards the end) -- they fixed my late 2009 iMac.
RT
Re: tl;dr (Score:2)
How dare they offer support for booting from EFI.
Freebsd offers this too so you better choose a different OS. Jeez people
Re: tl;dr (Score:5, Insightful)
Re: (Score:3, Insightful)
Re: (Score:3)
On a similar note, I've also found Theo de Raadt to not be an issue to work with. Neither take Mr. Poettering's approach of 'the users don't like the software, users must be dense' when people have issues with their projects.
Re: (Score:2)
How dare they offer support for booting from EFI.
Freebsd offers this too so you better choose a different OS. Jeez people
I'd swear the haters are just transplanted Microsoft shills.
Time to break out that old Timex Sinclair.
Re:tl;dr (Score:4, Funny)
Many features
In the bloat
Off to FreeBSD
In a safety boat
burma shave
systemd has got you itchin'
would you please just quit your bitchin'?
Re:tl;dr (Score:4)
Re: (Score:3)
Systemd supporters seem to move the goal post for what systemd is with virtually every change that comes up. First it was a init replacement, then a supervisor, now it is just a project to host many things.
Monopolist practices (Score:5, Funny)
This is an evil ploy to prevent freedom-seeking users from trying Windows 10 alongside Systemd OS.
Amusing (Score:2, Funny)
Trust chain. Systemd. Amusing.
Paper tape (Score:2)
Re: (Score:2)
UEFI is not about security, but UEFI secure boot is absolutely about security.
Re:Paper tape (Score:4, Informative)
If the user can change the keys then I don't see a problem with it, and there are plenty of UEFI motherboards where you can change the keys.
I can't wait! (Score:3, Funny)
This was the only piece that was missing from systemd.
I'm sure now all of the growth will end and the community will start rallying around systemd.
Hmm, is that hell freezing over outside?
Re:I can't wait! (Score:5, Funny)
This was the only piece that was missing from systemd.
It's still missing a good editor.
Re: (Score:2)
That explains it...
Re:I can't wait! (Score:5, Insightful)
"does everything you should want to do".
Do you work for Apple?
Re:I can't wait! (Score:5, Insightful)
It really is the one and only thing that Linux has been missing for more than 20 years.
Oh gosh no. For the first time in about 10 years I can no longer get my laptop to sleep reliably using the sleep key, because systemd is eating the events and doing something with them. I've discussed it with various people online and off and no one has been able to help me figure it out.
The thing is, maybe Linux did need a better boot process (though I've never seen any enormously convinving arguments as it's not like Linux never worked before systemd), but systemd seems to be a bit of a hive of complexity and opaqueness.
The fact that I can't debug problems that didn't used to be problems is not an enormous point in its favour. It's that sort of reason why so many people are suspicious of it. Well, that and binary log files.
and does everything you should want to do.
Well, technically, "everything you should want" is a subset of "everything under the this sun and all others", so systemd does indeed qualify as doinng everything anyone wants.
You're joking, right? (Score:2, Insightful)
3-4 naysayers? More like the majority of the linux community. As for a new init process, sure , there's room for *improvement*. Systemd is not an improvement - its a bug ridden overly complex dogs dinner that is one mans ego trip being ridden roughshod through the whole linux/unix principal of KISS and do one thing well. Now you might not give a stuff about that principal but most of us do and we do not want to see this POS being installed by default.
Re:You're joking, right? (Score:4, Interesting)
3-4 naysayers? More like the majority of the linux community.
There's this thing called "The Fox News Bubble"
You're in a Linux version of that. Would you please just switch to FreeBSD so all your problems will go away?
Re: (Score:3, Interesting)
Hey, FUCK YOU, and fuck anyone else whose solution is 'if you don't like it then go elsewhere.' Talk about the Fox News bubble, I'm sure you tell non-patriotic people to get the fuck out of the country too.
Wow. Thank you for proving my point.
Ya see, We have options. If I don't like Chevrolet ( the favorite of fake patriots, despite a French name) I am able to ...... get this......
Wait for it....
Get a different fucking vehicle.
Choice! Go to BSD if you like. Fork a linux distro that contains no systemd. Do something. The anti systemd people promote themselves as the zenith of expertise, Seems like thy should lead the charge to a brave new system free world. They know how bad it is, they need to do some
Re: (Score:2)
I forgot my /sarcasm tag... still got Insightful?
Trust Chain? (Score:5, Insightful)
With Lennart Poettering and Kay Sievers lol. 2 of the most untrustworthy and two faced developers in the Linux world.
Something isn't quite right here
Comment removed (Score:5, Funny)
Can't wait for it (Score:3)
When will Systemd get 3D printing capabilities?
The Systemd of Everything? (Score:5, Insightful)
The Systemd Consortium of Uber-Masters (SCUM) is proud to announce the finalization of it's acquisition of the NSA. Hot on the heels of absorbing the CIA and FBI, Vice Chancellor Lennart Poettering had this to say: ".. this brings us one step closer to our ulitimate goal of reducing complexity for the common man."
I foresee... (Score:4, Funny)
... a great many new contributors to BSD :)
Re:I foresee... (Score:4, Interesting)
Really? I can.
I'm a Debian developer who has been moving slowly to using FreeBSD on more and more systems over the last year, displacing Debian use and development on those systems. I've started contributing in minor ways on the lists and the odd patch for the ports tree. I'll likely start packaging my stuff in ports and becoming increasingly more involved over time.
I contribute to things I'm actively using. For the past 15 years, that was Debian. Unfortunately due to the best efforts of the systemd people, it looks like that's unlikely to continue, though I very much wish this was not the case. But reality can't be avoided, and this is where things are today.
Re:I foresee... (Score:4, Informative)
What stopped me? Many things. Here's a few.
The systemd debate reduced the Debian lists to an endless flamewar over three years long. debian-devel is just toxic; it's not useful for any constructive development discussion. I unsubscribed from almost all the lists a year back. I can't describe how wearing and demotivating this is. Reading the archives since then, it hasn't improved.
Most of the software I write for Debian is core systems programming stuff. Straight out of APUE (Stevens). Over the last year, I've had a stream of bug reports about things not working correctly under systemd. Some fairly fundamental POSIX syscalls and tools no longer have the same behaviour when running under systemd. By "design". That's a fairly huge compatibility break with every other UNIX-like system out there, and one which hasn't seen much attention. But I'm somehow expected to rework my code to work around the breakage systemd brought with it. Breakage which has nothing to do with me. Code which isn't even remotely anything to do with an init system and which is portable code running on many other systems. That's crossed a line. systemd can't and won't be supported.
I can work on sysvinit, openrc to a lesser extent. For several years it's been all take and no give with the systemd people. We can't do work on integrating openrc since this would require support for runscripts in systemd. What's the chance of that? Zero. Any changes, even minor ones, require superhuman effort to achieve. Essentially, it's an uphill battle to do anything and Debian is no longer a pleasant or productive environment to work in, primarily thanks to the horrible "our way or the highway" attitude of the systemd people. Since when was free software about dictating how everyone must do things? Silly me, I used to think it was about having the personal freedom to tinker with things as I liked to meet my needs. I'm a volunteer, and I give up vast amounts of my life to contribute to free software and Debian. This was previously a fun, collaborative, productive endevour for which my efforts benefitted many people. It's now deeply unpleasant and I don't like being abused, ridiculed and trodden on by the systemd people and their enablers. I'll move on to new and better things. I spent the last decade as the primary maintainer of the core Debian build tools, and later of sysvinit. I've been invested in and contributed heavily to Debian for the last 15 years. Not something easily let go.
We'll see how Devuan pans out. Until it does, I'll be carrying on the migration to FreeBSD.
Altruism only goes so far.
Re: (Score:3)
I don't have the time to point to the specific issues, but if you look over the last 18 months of the buildd-tools-devel archives you'll find them. Most of these are due the same root cause that broke tmux and screen before they were specifically patched to work around systemd.
But the specific issues are no longer worth discussing. The breakage has already happened. Debian has been broken, both in terms of the trashing of its historical reliability and robustness and in terms of the fracturing of its com
So what are people moving to ? (Score:2, Interesting)
After the systemd fiasco what are people moving to mostly?
Re: (Score:2)
Gentoo cotinues to work fine for me. If there's a systemd transition coming, I haven't seen any indications of it.
Hate it/Impressed by it/Start to like it/Hate it (Score:3)
The only thing missing was kitchensinkd!
A couple of the items were interesting (i.e. ntp-lite). I think the biggest take-away from this is that in the very near future every 'application' will be its own container. While this has some very good merits I am not sure how I feel about it. Cautiously optimistic?
As a server admin I hate systemd and all of its hell-spawn, but as an end-user i like some of these features.
Secure boot is another geeky waste of time (Score:3)
Re:Not *that* unused (Score:4, Informative)
In Windows, it's not unheard of that a piece of malware with sufficient access interjects itself where the next boot will be picked up before the OS has a chance to set up it's own protection. Of course my complaint is that this vector would have easily been sidestepped without a huge firmware mess. If the OS set up access to that area as very very very very special, requiring signed code within the OS to modify that section of the platform, then the problem would have been solved. .
Sorry, but no. If you knew anything about threat modelling and OS design, you would know that code running at a trust level cannot protect against other code running with the same trust. The x86 architecture does have 4 levels, but for a number of reasons (mostly portability) practically no OSes use more than 2 levels (rings): protected/kernel and user mode.
What you are proposing is using a 3rd ring - something more privileged than kernel mode. This would constitute a major architectural redesign and would trash portability/compatibility with other architectures.
The fact is that UEFI Secure Boot is a very effective mechanism for blocking boot sector infections. As Windows has grown ever more resilient against permanent infections (app/driver signing, checksum tables, strong named assembly cache etc) malware authors were forced into infecting at an earlier stage of the boot process, if they wanted to take up permanent residence.
The OS kernel mode MUST have the capability to write all sectors of the disk. It can effectively block usermode apps from writing such sectors, but if kernel mode driver contains a vuln, rogue code can bypass any security mechanisms enforced by the kernel. It can just jump to the address efter the security check or control the IO itself.
Bootkits exists for Wndows. It was a real threat. A few unscrupolous individuals (lookng at you Garett) chose to instigate a FUD campaign, deliberately misrepresenting facts and knowlingly failing to correct misunderstandings when they advanced their case.
And you are still part of that.
Good feature, but why part of systemd? (Score:3)
Just an honest question.
Certainly this does not have to be part of systemd to work, just like udev did not have to be part of systemd to work.
So why?
What's coming next ... (Score:5, Insightful)
Here's what sure looks like Mr Poettering's plan going forward:
1. Expand systemd to the point where large swaths of everything depend on it, so that he is controlling as much of the code base as possible.
2. Insult Linus Torvalds for a while to try to undermine his authority.
3. Fork Linux, or demand that Linus give control of Linux over to him, or he will rage-quit and take his code with him.
His goal doesn't seem to be great code (given the number of times he's screwed up big time), or great design (given that he seems to ignore everything Thompson, Ritchie, etc said about how Unix should work). It sure seems to be about becoming the Grand High Poobah of the open source world, without any idea what that actually takes.
What he doesn't understand is that Linus is in charge because other open source developers genuinely respect his judgment. If Linus was doing a lousy job in his role, there would be calls for Alan Cox or someone else who's been in the inner circle forever to take over, and Linus might actually step aside. If, on the other hand, you're running around insulting everyone for no good reason, you're not going to have the respect of other developers, and they will quite happily shunt you aside, forking systemd if necessary to get rid of you, and life will go on.
Re: (Score:3)
I don't see it unfolding that way. Remember what happened when BitKeeper tried to get up in his business. Linus, if provoked, could write an init/system management framework in a couple
Re:Makes sense (Score:5, Funny)
Just wait. One of these days I expect to read, "Systemd to get Emacs editor."
Re: (Score:2)
I do hope they have included nethack-el in that Emacs then, otherwise it wouldn't be feature complete!
Re: (Score:2)
Re: (Score:3)
Systemd is the one project that has the potential to exceed the reach of Emacs. All they really need to do is to include a lisp interpreter and we could eliminate the need for installing emacs altogether.
Re: (Score:2)
....you mean like Pidora, which works great BTW?
Re: (Score:2)
Running Raspbian Jessie on a raspberrypi with systemd here. Works great.
Re: (Score:2)
Re: (Score:2, Insightful)
Yes, UEFI is still an evil misguided thing.
But let's make the best of the situation.
Re:So, UEFI is a good thing now? (Score:5, Insightful)
Can be used for good or evil. Depends if control is in the hands of the hardware manufacturers or the users.
Re:So, UEFI is a good thing now? (Score:5, Interesting)
First of all, UEFI is more than Secure Boot. UEFI has been standard on PCs for the past few years, and on Macs ever since they switched to x86. Secure Boot is just a feature of some newer UEFI implementations.
Second, Secure Boot is a legitimate security feature that helps to protect against boot-time malware. There's nothing inherently evil about it. The controversy is over who should have the power to decide which OS is considered trustworthy and allowed to boot: the owner of the computer, or the vendor of the OS that came preinstalled on the computer?
Naturally, you don't want to buy a computer that doesn't let you choose which OS you trust. But if you have a computer that does give you that choice, why not take advantage of it? Seems to me that it's good to have hardware vendors see increased demand for machines that support securely booting the OS of your choice, as opposed to those where you just have to disable Secure Boot entirely if you want to run something other than Windows.
Re: (Score:2)
Did you have to install the entire systemd or just a systemd-related package like for example libsystemd?
Re: (Score:3)
Probably someone who hasn't discovered --no-install-recommends yet.