Here's an alternative title for this post: these days, two lines in a systemd service file can easily constrain arbitrary applications to just the files and resources they need, and only those.
You can always use a simpler init system if you want
tl;dr: systemd isn't meant to be an init system, it's meant to manage services, and the alternative world where you don't have a unified system for managing services and events actually sucks.
And worst: want to understand what the actual security properties of your policy are? The answer is buried very, very deep.
Systemd didn’t “break” anything at all here. This author’s arcane debugging workflow doesn’t work for certain units who have opted into the new security mechanisms. But that is hardly systemd’s fault.
You do realize distros can also change SysV shell scripts in ways that break your use case as well, right?
Like imagine a list where we can create a form where people can give them and give reasonings or just something.
What if I can create a github repo and issues regarding this so that we can discuss about them and I can create a website later if it interests but its a really nice thought experiment.
Are we talking more about uh every software including proprietory too?
Are we talking about lets say websites too or services (what if we extend it to services like websites or even products outside of software niche into things beyond too, that's interesting too)
Another interesting point that comes to my mind might be that cryptocoins might be the lowest inverse to this software project in the sense that I believe that there was very little net positive done to all humanity in general, sure the privacy aspects are nice but still, its not worth having people invest their life savings into it thinking that its going to 100x y'know, I have created a whole article about it being frustated by this idea people think regarding crypto as an investment when it could very well be a crypto"currency" but that's a yap for another day.
I really nerded over this and I think I loved it, we need a really good discussion about it :>
Sorry if I wasn't being clear.
I am all for stable cryptocurrencies but not cryptocurrencies which prey on desperate people wanting 100x returns or promising too much that we all know is BS for hype and not delivering on it.
I myself am a teenager and uh had gotten some 100 ish dollar from winning competitions in crypto space (not that much, but I am proud of it kinda money) and uh I couldn't really get that money if it wasn't for crypto y'know.
If I hadn't made my stance clear, I am all for stable cryptocoins but that is just a very (minor?) part of the amount of things on crypto and all others usually generally harm, sure there are some outliers but here's an article that I had made when I ragebaited so hard one day about some crypto thing that I basically just wrote an article trying to explain my situation
https://justforhn.mataroa.blog/blog/most-crypto-is-doomed-to...
"This whole space is still full of scam. 99% of the times everyone has ulterior incentive (to earn money) but still I mean, it kinda exists and I mean still crypto (stablecoins?) are the only sane way to transfer money without kyc"
This is one of the comments that I had written and I hope I can make my stance clear. I just searched and found that I have written about stablecoins 10 times almost seperately in the article and uh I am all for stablecoin and I think even In my original comment, I may have said that stablecoins are the only thing that is remotely nice about cryptocoins,maybe monero if we are really streching it.
I saw a r/cryptocurrency poll of someone saying that they are 97% for the money and 3% for tech and that point this is almost like polymarket gambling except being even worse and more out of your control, almost giving someone your money if you invest in some memecoin
I kinda (like?) stablecoins (even gold like paxg is good) but not much anything else as a baseline of token for the most part, i myself have usdc in things like stellar/polygon which also have low gas fees for the most part
So what are your thoughts? I hope I can make my stance clear lol,
Maybe systemd (service management, logind, the DNS resolver, the loggig system, etc) will eventually be re-implemented in a way that does not have the irritating properties of the original systemd.
/* I'd say that systemd feels like typical corporate software. It has a ton of features to check all the requisite boxes, it's not very ergonomic, it does things the way authors wanted and could sell to the corporate customers (who are not the end users), not the way end users prefer. It also used to be bug-ridden for quite some time, after having been pushed upon users. It comes from Red Hat (which is now a part of IBM), so you could say: here's why! But, say, podman also comes from Red Hat, and does not feel like such corporate software; to the contrary, end users enjoy it. */
Systemd is strictly better than what came before it, while Wayland still has missing functionality and breaks a lot of use cases.
Whereas with Wayland the effort to transition is significant and most compositors still have limitations X doesn't (and yes, I realise some of those means X is more vulnerable) - especially for people with non-standard setups. Like me.
I use my own wm. I could start with ~40-50 lines of code and expand to add functionality. That made it viable. I was productively using my own wm within a few days, including to develop my wm.
With Wayland, even if I start with an existing compositor, the barrier is far larger, and everything changes. I'm not going to do that. Instead I'll stick with X. The day an app I actually depend on stops supporting X, I'll just wrap those apps in a Wayland compositor running under X.
And so I won't be writing blog posts about how much I hate Wayland, and hence the quotes around "hater" above. But maybe I will one day write some about how to avoid running Wayland system-wide.
If Wayland gave me something I cared about, I'd take the pain and switch. It doesn't. Systemd did, so even if I hadn't liked it better than SysVinit, I'd still have just accepted the switch.
If I one day give up Xorg, my expectation is that it'll be a passive-aggressive move to a custom franken-server that is enough-of-X to run modern X apps coupled to enough-of-Wayland to run the few non-X-apps I might care about directly (I suspect the first/only ones that will matter to me that might eventually drop X will be browsers), just because I'd get some of the more ardent Wayland proponents worked up.
This can help troubleshoot issues and makes experimenting with systemd options faster.
I think there's been some talk about adding a built-in way for systemd-run to copy settings out of a .service file, but it doesn't exist yet.
I've written Perl/Python scripts to do this for me. They're not really aimed at working with arbitrary services, but it should be possible to adapt to different scenarios.
https://gist.github.com/dextercd/59a7e5e25b125d3506c78caa3dd...
There are some gotchas I ran into. For example, with RuntimeDirectory: systemd deletes the directory once the process exits, even if there's still another process running with the same RuntimeDirectory value set.
But the one thing that I always wonder is about (virtualization?) in the sense of something like docker just for containerizing or some sort of way of running them in some sort of sandbox without much performance issues or something, I am kinda interested in knowing what might be the best way of doing so (is podman the right way or some other way like bubblewrap?)
Edit: just discovered in the comment below the (parents parents?)comment that there is systemd isolation too, that sounds very interesting and the first time I personally heard of it hmm
I've don't remember the last time I run a daemon by hand (that I wasn't developed it myself). I always just run the systemd unit via systemctl and debug that.
> A standard thing I do when troubleshooting a chain of programs executing programs executing programs is to shim in diagnostics that dump information to /tmp.
This seems like a very esoteric case in the days of structured logging and log levels.
> A mailer usually can't really tell the difference between 'no one has .forward files' and 'I'm mysteriously not able to see people's home directories to find .forward files in them'
Obviously a daemon that should access files in people's home directories shouldn't have ProtectHome=true. It's the responsibility of the daemon developer or the package maintainer to set appropriate flags based on what the daemon does. Someone had to explicitly write "ProtectHome=true". It's not the default, and it doesn't just appear in the service file.
When in doubt don't set security options at all, instead of shipping a broken daemon that you don't understand why it doesn't work.
Note: please base your daemon on D-Bus or a socket in /run and not on reading arbitrary files from my home directory.
I also don't understand the larger perspective? Should we not make our daemon run in more secure environments?
There should be an strace-like tool that would collect a log of such "access denied" erros for troubleshooting. Even better, each service should run in its own process group, and tracing could be switched on / off for a particular process group.
https://cscie2x.dce.harvard.edu/hw/ch01s06.html
systemd seems to violate this at every turn, but sadly they are not the only ones to do that in Linux. I wonder at what point we should start considering Linux to be its own thing instead of "UN*X like".
zdw•2h ago
Seeing that podman can run containers as systemd services (see https://codesmash.dev/why-i-ditched-docker-for-podman-and-yo... ), it seems like using containers other than as a distribution mechanism has few advantages, and many disadvantages in terms of dependency updates requiring container rebuilds.
baby_souffle•2h ago
I see it as _exactly_ the opposite. Podman gives me more or less the same security controls as systemd and the package/delivery problem is solved.
Call me when `systemctl pull ...` fetches the binary and everything else needed to run it _and_ puts the .service file in the right spot.
JoBrad•2h ago
That would be pretty awesome, actually.
o11c•2h ago
That seems like a `machinectl` task though.
speed_spread•2h ago
zdw•1h ago
Back in the old days (late 90's, early 2k's) as a sysadmin I'd often write scripts to chroot or in other ways isolate services rather than run them as root, so extending the init system to handle those features feels like it's a logical extension, not a incompatible replacement.
jeroenhd•1h ago
For software management in R/W environments, there's the podman + systemd combo that'll let you run containers like normal systemd services.
jeroenhd•1h ago
9dev•2h ago
nickysielicki•2h ago
https://docs.podman.io/en/latest/markdown/podman-systemd.uni...
arianvanp•2h ago
importctl pull-tar https://example.com/image.tar.gz && portablectl attach image
vlovich123•2h ago
ndriscoll•2h ago
miladyincontrol•2h ago
I dont get the distribution "advantage" building em with mkosi but I'd argue it a weakness as far too many are running containers with who-knows-what inside them.
oncallthrow•2h ago
Do you work in the software industry?