I’ve played with non systemd distributions and they seem to consume a lot less memory and boot faster so I thought it would be more secure because less code. But is this really true?How much of the debate is just neckbeards not liking it because it doesn’t follow the Unix KISS principle? Is there any real benefit you can see?
>>107191203Remember that huge xz/ssh CVE from last year or whatever? That was actually a systemd issue. I'm not kidding, do a deep dive on it and include systemd as a keyword.
If you ever find malware for Linux, it will be targeted at gnome and/or systemd users.This alone is reason enough to avoid systemd and gnome.
>>107191209>>107191203Systemd is what Windows had all the time and Linux was missing.But it's also something we should aware of: a common attack surface.Operating systems like Windows and macOS implemented their infrastructures thread safe and secure from ground up. With Linux, it's a problem of implementation, priorities and streamlining as the devs tend to lack common sense in many cases resulting in major security and stability flaws.
>>107191367>thread saferustroon bot out of nowhere
>>107191375The fuck,anonIf anything I'm C++ and C# mainAlso did a lot of webshit for companies
>>107191203The XZ backdoor would not have worked on any machine that wasn't running systemd.Security through obscurity is extremely effective.
>>107191264I thought most of it is targeted at busybox based chinky home wifi router firmware featuring binary blobs tied to some ancient kernel version
>>107191203I want my init system to init shit and nothing more, thanks.
I use doas instead of sudo and runit instead of systemd and it just works. if it is more secure its probably only because of security through obscurity i just like them because they're a little faster. i am considering moving away from elogind to seatd + turnstiled but it isn't playing well with my laptop its a work in progress
>>107191203the real damage of systemd has already been done, so that no one even knows what userland was like before poetteringware
>>107191203you can switch from it if it turns out to be vulnerable without your entire system breaking around it. so much shit depends on systemd (and other freedesktop shit; its a big attack vector.). I can only imagine the trouble of changing init systems on a systemd system (might not be that bad, I don't really know, but I can't imagine its trivial either)that to me is the key reason I use Artix over Arch, just for the sake of choice. you've got options, which any discerning person needs - security's not good? bad performance? just don't like it? just swap it out. that's the beauty of modularity. so it to me is a pure security positive not using it.freedesktop gives me the ick all around. they really seem to have a stranglehold on the ecosystem. I would typically avoid stuff like that.
>>107192613Same, I wish easyeditor would be added to the void repo
>>107191203there are zero (0) security benefits. this is a security nightmare with a massive attack surface.
>>107192639>install variant of linux that gives you an option to not use systemdwow. that was fucking complicated.
>>107191203hating on it seems to be a channer/neet/le hacker meme. i yet to find a serious/productive tech literate guy who hates it, max they will complain its bloated.i grow up of that meme too, systemD is bloated (which means its usefull) but it works.
>>107193003>runs js to evaluate permissionswhat causes this?also, no sv once equivalent, so much for “all usecases”
>>107193003>i grow up of thatOkay, you got me Rakesh, the only reason I have not to use systemD is because you do.
^^^^^lmao at the loosers sething at based systemD.
>>107192639fdo was the first open source liason bureaucracy and the prototype for the poetteringware revolootion. for example dbus was full of mistakes but everyone wanted off corba/dcop even though corba had added a lot to gnome 1. basically these poettering midwits would go on to gather consensus from stakeholders, build absolute dogshit, collapse the larger ecosystem, but come out of it as look at me i led this tech. the next phase of poettering to is sunset the entire ecosystem destroyed and lead the next thing. the coc sucking was an insult, but poettering destroys infrastructure
>>107192972when is the rust rewrite coming
>>107192318systemd isn't just an init
>>107195039EXACTLYXACTLX and moar
>>107195039That's basically the problem. If it was just an init, probably no one would care.
I never used systemd so I can't compare the two. My system (PCIe3 ssd,gentoo, s6) takes 3-4 seconds from uefi finish to login
>>107191203systemd services can run their own packet filter that the user would have no knowledge of and aren't being controlled by the main firewall.
>>107191209>>107191367>>107194162Why are you gay for Sadim?
>>107191203Systemd has a lot of c.v.e.'s and and the practices are condusive to that, but I don't think any more than the other Freedesktop suite of software like Polkit and stuff.The funny thing is that they're all about Wayland because it's so “secure” while the software they design is basically very easy to accidentally bake privilege escalation into.Basically, systemd and polkit run as root and then take requests from normal users and “check” whether they have these privileges and then executes things as root or not. This is hard to get right and easy to get wrong though if one get it right there is no issue but they got it wrong many times.As in, user services on systemd are ran by the root pid1 for instance. On say runit, if you want to run services as a user you just the same runsvdir program as a user, to have privilege escalation then there would have to be some kind of kernel bug.Also, Lennart just prioritizes adding new features over code auditing.
>>107195711>PolkitI don't use that garbage either. I have custom scripts that take care of cryptsetuping/mounting external drives.> runitSuperb program.
I don't know SHIT about FUCK myself. I'm not a coder and can barely operate a computer at all. But what I DO know is that BOB DOBBS has not instructed Patrick Volkerding to put systemd into SLACKWARE so I just trust that because I trust BOB and "The Man" because I am not smart enough to know things on my own and find it best to be under no illusions otherwise.
>>107192639>so much shit depends on systemd (and other freedesktop shit; its a big attack vector.). I can only imagine the trouble of changing init systems on a systemd systemright. previously there were a few programs doing every thing and they all had standard interfaces, so you would learn those interfaces and understand the system. now theres only the black box systemd. whereas the kernel and x server were a big black boxes too but with standard interfaces with documentation stretching back to the beginnings of computing
>>107195711it would be easy for a simple root process with its own x namespace to popp upp a uac prompt, and everyone would understand what was going on. but thats impossible now with gayland
>>107191264It will be targeting the ability to execute elf. Just like wine enables win malware on linux It won't be "targeting" a DE as a DE isn't responsible for executing anything."Old malware doesn't work" on win11 is a myth based on win98 to winxp incompatibilities. Winxp malware will work on win11, as long as you disable defender.You probably mean vulnerabilities.
>>107191203You're asking the wrong question. It's not "why shouldn't I use systemd", it's "why should I use systemd?"That is what Linux is about, freedom of choice. A program should convince you to use it by offering something you want, whether it's useful features, user friendliness, or even a nice design. If a program instead demands that you justify a choice NOT to use it, that should immediately raise your suspicions.Can I explain why you shouldn't use systemd? Maybe, but I shouldn't have to. I use OpenRC because it works, it's simple and does exactly what it is supposed to, nothing more. I would gain nothing from switching to systemd, therefore I won't.
>>107195983Linux appealing to subGenius people dosen't surprise me
>>107198210It was GNU+LINUX that too me to BOB, not the other way around.
>>107191203My system does not change except for plugging in headphones and usb drives. I actually do not need dynamic anything except for that. Even OpenRC or other "systems" are bloat. This computer should be able to boot up FULLY deterministic, with hardwired devices coming up in the same order every time. It should in theory absolutely be able to boot with the same services starting at the same freaking cycle.All "init" systems (but especially those that are also service, device, network and whatever managers) are bloat and conceptually shitty.
>>107194162>based systemDlines of code:systemd 1.3 millions (in 2020)sinit - 91 lines>OSOpenBSD 2.9 million lines of code
>>107191241fpbp
>>107197071And that too would have to be coded securely of course. It exists by the way, thigs like kdesu which are basically sudo but with a graphical front end.I mean this kind of stuff is obviously necsessary to some degree. Sudo and doas exist for a reason but they heavily limit their scope because they're so sensitive. systemd does this and then puts everything into the same privileged process that does this and it's so easy to get it wrong and there have consequently been so many privilege escalations or denial of service attacks found. Yes, it's perfectly secure if you get it right, but programmers aren't supermen.And these Freedesktop people with one hand preach "security" with Wayland while all their designs are incredibly insecure, so it's just sanctimonious. They constantly sacrifice security for convenience, which is fine I guess if you want to make that tradeof, but then please don't go around disabling all sorts of useful functionality because "muh it's theoretically insecure" when you champion the merits of things like Polkit, dbus and system.Standard shit in Free Software development anyway. Almost all the devs are retarded tribalists with massive dual standards and inconsistent opinions everywhere. The fundamental issue is how those developers are selected. There's something to be said about the fact that a code monkey at Microsoft just does it for the money and does not feel any real allegiance to Microsoft and would switch to another company if that one paid him more. These people feel intense allegiance to their project because that's how they got in initially: they felt so much allegiance they were willing to do it for free initially and then got picked up for a paid position so they're insane tribalists.
>>107191203I moved to artix-openrc from arch a week ago and I've been enjoying it a lot so farI really prefer it's way of handling services and it feels much snappier and faster than systemdPlus none of the other bloat and cruft that comes along with systemd.
>>107195983"BOB"*
>>107201938Yes someone told me about that in another thread, too, so I'm glad to know about it. There's way more things I don't know than do know but that made it one less that I don't and one more that I do. I'm glad you told me because if the other person wouldn't have already told me then I would still need to know.
>>107199509WRECKEDbloated piece of crap
>>107201923I don't run a service manager.My only daemons are dhcpcd, cron, the getties, and some btrfs-dedupping daemons, none of which have any real dependencies.My boot scripts just start them and I pkill and restart them when I need to.Do your services have actual dependencies? Turns out you boot pretty quickly this way.
changing my shit for no reason should be legally regarded as discrimination against handicapped people since it's extremely distressing to people suffering from autismPoettering needs to be dragged into a Sonic fan convention and judged by a jury of autistic people for his crimes and hanged.
