David,
I appreciate your candor and suggestion; please do not take in any way
my remarks below as directed against you, nor to discount your suggestion.
If I thought that what you suggest would have any meaningful impact, I
might consider it. I am at a university that has changed to the
university administration current mantra of retention and graduation of
vocational training for workforce development with customer
satisfaction, and for which Faculty joint decision making almost is
defunct. I have no research staff nor useful research students at the
present time, and have no spare time in which even to do a design, let
alone development, implementation, and deployment of alternatives to or
meaningful modifications of any systems level software. My own research
area is quantum computing, but for that too I have no resources and
significant direct instructional responsibilities. Thus, simple
discussions and what amount to theoretical ramblings are easy to dismiss
(data anyone? how many vulnerabilities does SystemD and its "tentacles"
have? how many exploits? how much "damage" done by such exploits? as
pointed out by a nominal proponent of SystemD on this list).
Unlike the Ubuntu lists that have very few if any actual Canonical
internals persons (e.g., Canonical engineers) present, and furthermore
have many who do not seem to understand the meaning of much CSE
terminology (equivalent in the popular press and "blogs" to misusing the
term "exponential" for a plot that clearly is not exponential), SL is a
list in which there are "professionals".
RH is owned by IBM. As a USA for-profit corporation, IBM practices
avarice and rapacity, typically with disingenuity and mendacity in so
far as that increases the only thing of real interest to a USA
for-profit (this is not an EU, etc., entity): improved financial
position. The EL8 debacle is illustrative (that evidently has drawn
Fermilab/CERN into it because CentOS 8 -- the planned replacement for SL
that stopped with SL 7 -- has been discontinued -- a decision that I
suspect was approved by IBM "management").
Thus, I doubt that anything I could do or say would have any influence.
As there are others who do subscribe to this list who may have more
influence on distros, it is possible that the discussion here may have
some broader impact. I am not holding my breath.
On 1/25/21 1:39 PM, David Sommerseth wrote:
> [Sorry again, resending it via the proper mail gateway - hopefully
> correctly configured now]
>
> I have not done real internals development since the days of DEC-based BSD, and
> Yasha, your involvement is impressive, your fearless attitude of stating
> clearly what you dislike. That's all good.
>
> But, are you doing it in the right channels? What do you try to solve
> by ranting over systemd and CentOS/RHEL 8, here on this list? Even SL7
> and RHEL 7 has been hit by your arguments. How can we get going forward
> from here? SL does not define the real path forward for how SL evolved
> as a distribution (it's building on CentOS/RHEL). CentOS neither (it's
> building on RHEL/Fedora). You're basically preaching to a choir behind
> a gas station along a busy and noisy highway, where it's only you and a
> few of you with the same opinion. But it mostly stops here.
>
> I've checked the complete Fedora devel [1] and users list [2]. I don't
> see you posting anything there. That's where the direction of
> RHEL/CentOS and SL has been decided, years before it hits RHEL. I've
> checked the systemd mailing list [3] going back to to January 2017. Same
> result, I did not find your input there either.
>
> You've also talked about jumping the ship in favour of Ubuntu. What is
> holding you back here?
>
> I understand passion. I understand wanting to improve things. But just
> ranting over and over for years, in the wrong places, does not give any
> results at all.
>
> All of Fedora, systemd ... it's all open source. It's all open and
> public discussions. It would be highly appreciated if you spent your
> energy trying to make a difference - not just complaints about what is
> wrong everywhere else.
>
> [1]
> <https://urldefense.proofpoint.com/v2/url?u=https-3A__lists.fedoraproject.org_archives_list_devel-40lists.fedoraproject.org_&d=DwIDaQ&c=gRgGjJ3BkIsb5y6s49QqsA&r=gd8BzeSQcySVxr0gDWSEbN-P-pgDXkdyCtaMqdCgPPdW1cyL5RIpaIYrCn8C5x2A&m=_M3A82CK-BARwIGgGLEr7kgjoMFUWlJppj1NQtNoFbM&s=HOcR9UDWBgMhf_O4fqsTZ-pi8Vephe7vrw-HqBH6j_A&e= >
>
> [2]
> <https://urldefense.proofpoint.com/v2/url?u=https-3A__lists.fedoraproject.org_archives_list_users-40lists.fedoraproject.org_&d=DwIDaQ&c=gRgGjJ3BkIsb5y6s49QqsA&r=gd8BzeSQcySVxr0gDWSEbN-P-pgDXkdyCtaMqdCgPPdW1cyL5RIpaIYrCn8C5x2A&m=_M3A82CK-BARwIGgGLEr7kgjoMFUWlJppj1NQtNoFbM&s=uzvvtXN7gfd9tLyibCc7F0oyIMLJ_MuxEnMYFO3NVRI&e= >
>
> [3] <https://urldefense.proofpoint.com/v2/url?u=https-3A__lists.freedesktop.org_archives_systemd-2Ddevel_&d=DwIDaQ&c=gRgGjJ3BkIsb5y6s49QqsA&r=gd8BzeSQcySVxr0gDWSEbN-P-pgDXkdyCtaMqdCgPPdW1cyL5RIpaIYrCn8C5x2A&m=_M3A82CK-BARwIGgGLEr7kgjoMFUWlJppj1NQtNoFbM&s=j-TpFtU9McdZJqdDt-EGcxZXiU6sIaF-ekykdkaEZPg&e= >
>
>
> On 25/01/2021 18:04, Yasha Karant wrote:
>> SystemD as it currently stands is too delicate and too
>> vulnerable to compromise, either within itself or in terms of the
>> processes/subsystems it "controls", despite the large scale deployment
>> of SystemD.
>
> This is your opinion. These arguments has been discussed plenty of
> times in several distributions before they embraced systemd. It's
> beating a dead horse. And still, the majority of Linux distributions
> chosen to move forward with systemd.
>
> And Debian, with all it's own delicious political discussion model, is
> even discussing dropping init systems NOT being systemd.
> Source: <https://urldefense.proofpoint.com/v2/url?u=https-3A__lwn.net_Articles_804254_&d=DwIDaQ&c=gRgGjJ3BkIsb5y6s49QqsA&r=gd8BzeSQcySVxr0gDWSEbN-P-pgDXkdyCtaMqdCgPPdW1cyL5RIpaIYrCn8C5x2A&m=_M3A82CK-BARwIGgGLEr7kgjoMFUWlJppj1NQtNoFbM&s=pMyLl_P7FhzoiDWF6ftSORY79VO7fZaKS5_vTeU9ptI&e= >
>
> It's about time to accept that systemd has become the preferred system
> management solution for the biggest and most popular Linux distributions.
>
> If there are things you dislike about systemd. Talk to the systemd
> developers, get involved, bring good and strong arguments how to make
> systemd better. Contribute with solutions how to improve.
>
>> The reason behind this is in part driven by the monolithic
>> design (and implementation) of the Linux kernel, and the symptom is
>> continued SystemD intrusiveness and bloat throughout much (all?) of the
>> Linux distros that have deployment at scale.
>
> This FUD should be put down once and for all now. It has been debated
> over and over again. And it is rooted in a great misunderstanding of
> the source code repository systemd uses.
>
> Do you consider FreeBSD bloated? All the source code of FreeBSD is in a
> single git repostory: <https://urldefense.proofpoint.com/v2/url?u=https-3A__github.com_freebsd_freebsd-2Dsrc&d=DwIDaQ&c=gRgGjJ3BkIsb5y6s49QqsA&r=gd8BzeSQcySVxr0gDWSEbN-P-pgDXkdyCtaMqdCgPPdW1cyL5RIpaIYrCn8C5x2A&m=_M3A82CK-BARwIGgGLEr7kgjoMFUWlJppj1NQtNoFbM&s=TtxUXGOmTh6NZG7XXK5YclQXqRSAl4pvLcbQPAaHnGI&e= > It even
> includes the full source code of OpenSSL, OpenSSH, FreeBSD kernel, libc,
> etc. Does that make FreeBSD bloated?
>
> Systemd uses a similar strategy. Distributions build just the
> components they want from systemd from a single git source repository:
> <https://urldefense.proofpoint.com/v2/url?u=https-3A__github.com_systemd_systemd_&d=DwIDaQ&c=gRgGjJ3BkIsb5y6s49QqsA&r=gd8BzeSQcySVxr0gDWSEbN-P-pgDXkdyCtaMqdCgPPdW1cyL5RIpaIYrCn8C5x2A&m=_M3A82CK-BARwIGgGLEr7kgjoMFUWlJppj1NQtNoFbM&s=Sk70446bypDcmLMfe9rx2Zhh-pmKk_uRWQpujMFtcWM&e= > The reason: Because it is easier
> to REUSE code across the various components built for the systemd
> environment. I hope I don't need to explain the advantages (especially
> within security aspects) of reusing shared code.
>
> You don't need to use chronyd, systemd-resolved, systemd-networkd,
> systemd-timers, systemd-journald, sd-dbus, etc, etc, etc. You can
> mostly use all the external alternatives you want and combinations as
> you want. Systemd is almost like a candy store, but to use any of these
> "sub projects", you need the main systemd daemon in most cases. But you
> probably wouldn't go to a candy store if you wanted a pizza.
>
> BUT most distributions has CHOSEN to ship a lot of these components from
> the systemd project. Try to guess why ... Could it simply be because it
> gives the package maintainers and software developers an easy way to
> integrate applications? Could it be because it gives users across a
> broad set of Linux distributions a fully unified way how to manage a
> system? Could it be because it works reasonably well together and gives
> a better overall user experience for a large enough critical mass?
>
> There has been many alternatives before systemd. But systemd is about
> 10 years(!) old now and is the ONLY alternative which managed to get a
> really strong foothold across a majority of larger Linux distributions.
> That's not by pure luck and misfortune alone.
>
> I've been involved in OpenVPN since late 2009, doing lots development
> and maintenance, being the Fedora package maintainer for OpenVPN for
> quite some time. I've been involved in implementing systemd support in
> OpenVPN, together with several others in the community. And to be
> honest, to write and maintain these systemd unit files is a pure joy
> compared to the horrors if the various init scripts. Now all systemd
> distributions can ship our systemd files which gives a predictable and
> standardized way to manage OpenVPN on a lot of Linux distributions. It
> has helped a lot of sysadmins figure out issues with their OpenVPN
> setups quicker, because the tooling systemd provides for debugging makes
> it easier to isolate issues. Those in the community involved in support
> has mostly just a single set of tools to related to, against most Linux
> distributions.
>
> Could systemd be better? Yes, it could. Is it completely broken and
> useless? Not at all. If it was that bad, nobody would use it. But
> systemd is currently good enough for a large critical mass of users and
> developers. You need to first accept that fact.
>
>
> So I encourage you: Instead of ranting here; Become active in systemd
> and help set the path forward with your input. Try to shift systemd
> more in the direction you would like, discuss why you think it's better
> and listen carefully to the counter arguments with systemd folks.
> Propose solutions and argument why you think that solution is better. If
> your feedback and involvement are appreciated and accepted, you will not
> only change the path forward for a single Linux distribution, but for
> millions of Linux users across the whole world across multiple Linux
> distributions. Getting a change into systemd will have a tremendous
> ripple effect.
>
> That's how you start changing the world. And that's why the systemd
> project started and has grown over 10 years ago, and how it has come to
> where it is now.
>
> If you continue standing behind your favourite gas station ranting about
> systemd amongst your own small choir ... nothing will change at all. And
> if you start pointing at all distributions not adopting systemd, I just
> say: Fine, go ahead, switch to one of them and you'll hopefully be
> happy. But I can also point you at Debian, Ubuntu, Fedora, RHEL, CentOS,
> SL, SUSE, openSUSE, Arch, CoreOS, Linux Mint ... and I've probably
> forgotten quite some more.
>
>
> Thanks.
>
>
> David Sommerseth
|
