The Linux Homefront Project reports on Lennart Poettering looking to do away with the good old "su" command. From the article, "With this pull request systemd now support a su command functional and can create privileged sessions, that are fully isolated from the original session. Su is a classic UNIX command and used more than 30 years. Why su is bad? Lennart Poettering says:"
Well, there have been long discussions about this, but the problem is that what su is supposed to do is very unclear. On one hand it’s supposed to open a new session and change a number of execution context parameters (uid, gid, env, …), and on the other it’s supposed to inherit a lot concepts from the originating session (tty, cgroup, audit, …). Since this is so weakly defined it’s a really weird mix&match of old and new paramters. To keep this somewhat managable we decided to only switch the absolute minimum over, and that excludes XDG_RUNTIME_DIR, specifically because XDG_RUNTIME_DIR is actually bound to the session/audit runtime and those we do not transition. Instead we simply unset it.
Long story short: su is really a broken concept. It will given you kind of a shell, and it’s fine to use it for that, but it’s not a full login, and shouldn’t be mistaken for one.
I'm guessing that Devuan won't be getting rid of "su."
(Score: 5, Insightful) by LoRdTAW on Monday August 31 2015, @07:40PM
Advocates don't really understand the issue at large themselves. I am sure most of them are in fact said ordinary users who don't fully understand the scope of what systemd does or it's consequences. The only thing they can muster in defense are mundane details like more intuitive syntax & configuration, parallel startup/faster boot time (which isn't that fast to begin with) and a better desktop experience. What ever that means.
The one thing is that is plainly visible to everyone: systemd has grown, far, far beyond its original scope of just an init system. We are at the point where systemd is becoming an operating system itself. We are moving away from the traditional Unix architecture of loosely coupled components that work together to form a complete system to a monolithic "runtime". We are already seeing systemd working itself into not only the core of the OS but also into the desktop. Pretty soon you won't be able to run a useful Linux desktop without *all* of those components being present. Sure you can run a Linux desktop without systemd/gnome. Just don't expect the more popular software packages to work for you as they will most likely have dependencies on systemd. Thankfully POSIX support isn't going away, the Linux kernel handles that. So we can still run legacy.
What we are really seeing is a new OS being developed. One which eschews the legacy Unix underpinnings and ideals and moves more towards a new monolithic collection of intertwined software. When you think about it, perhaps moving forward is a good thing. Shedding cruft and legacy is always a good thing right? It may seem so. And there are a lot of people who subscribe themselves to this train of thinking without ever looking at the big picture. Change is good. But change for the sake of change is bad.
So, if it fixes the old crusty bits, then why is it harmful? It's harmful because it robs us of freedom. Linux is more than a desktop OS for running Firefox, Steam or Libreoffice. It is a collection of interchangeable software that users can craft to their liking. The old mantra: Linux runs on wrist watches to supercomputers and everything inbetween. Some people think this is part of the reason that we don't have a homogeneous desktop. That is false. The Linux desktop as it stands is very complete. It's like moving from a bin full of lego pieces to a pre-formed plastic hunk that snaps onto a base. You can't break it apart or replace parts without breaking everything.
You want my $2E-2?
systemd gets OS design completely wrong. Rob Pike said it best in an old article he wrote back in 2000: go for depth, not breadth. Instead of giving us a better init system and PID1, we got a friggin OS instead. Developers, please, make yourself very familiar with the writings at cat-v.org [soylentnews.org]. Some of it may sound silly or arrogant. But the point they are making is the KISS principle is ignored in software design. Rob's article I spoke of is liked at the bottom along with another very relevant article he wrote: UNIX Style, or cat -v Considered Harmful. Even though the articles themselves are very old, they still make sense in today's bloated, overcomplicated rube goldberg methods of software development. I largely blame it on the overconfidence of developers who are looking to stand out and make a name for themselves (Poettering certainly has).
(Score: 0, Disagree) by Anonymous Coward on Monday August 31 2015, @08:02PM
The problem is that systemd offers solutions for problems software developers have. Nobody else bothers to listen, not to mention to implement any alternative solution more in line with whatever ideals may apply.
Just take running X11 without being root. That has been a goal when I became active in Linux in the mid 1990s. Logind finally enables that. Wayland will also require logind fornthe same funxtionality last I checked. There is just no other solution to that problem to be had.
Please somebody start to listen to the need of developers and come up with solutions that do not rely on systemd! Otherwise we will be stuck with that for sure.
(Score: 3, Informative) by Zz9zZ on Monday August 31 2015, @08:25PM
http://www.linuxquestions.org/questions/linux-desktop-74/running-x11-as-root-4175505576/ [linuxquestions.org]
The entire thread disagrees and offers pretty simple workarounds.
Sometimes the fact that it is difficult to do something means the developers need to figure out how to make that happen. Security is a real concern, and it takes some very simple mistakes to open the gates.
For the easiest example, take Android. "Let's make the lives of developers REALLY EASY" they said, and thus it has taken years to implement security controls by default, as mentioned in one of today's articles. Developers could implement whatever permissions they needed. Now they are switching tracks because privacy and security have finally (thanks to a certain hero of the people) become a concern for the general public.
Poettering has solved many issues, and made it easy to accomplish some rather specific tasks, but so far I have yet to see a single comment from the supporters claiming how much easier it is to code now. There were old and crufty systems and place to be sure, but the scope creep is insane... How people can imagine this is ok is beyond me, I guess its because we're in the 21st century now and all those old people didn't even know what they were doing. I can't believe I'm saying this but where are the code hipsters that think the old stuff is still cool? Another few years maybe, after some major bug/privacy scandal?
~Tilting at windmills~
(Score: -1, Flamebait) by Anonymous Coward on Monday August 31 2015, @09:12PM
Funny. Your hero worship does not extend to everyone. "It is important to ME, so therefore it is important to EVERYONE."
Don't be such an arrogant ass.
(Score: 0) by Anonymous Coward on Tuesday September 01 2015, @06:37PM
Thank you echo chamber. May I have another down mod? I'll toe the Party line, Comrade, and dare not speak against the groupthink anymore.
(Score: 0) by Anonymous Coward on Thursday September 03 2015, @03:44PM
1. logind enables nothing. polkit is the active part in the whole shebang. That is the part sitting suid root and doing all the delegation of resource access.
2. wayland at its core is a svgalib for the GPU era. It is basically there to paint pretty stuff in the GPU buffer and thats it. On its own wayland does nothing, unlike X11. With wayland the WM is the party that does all the device access etc. Thus it is Gnome, KDE and the rest that needs some way to get root grade access to /dev entries. Hence logind (because the forerunner consokekit, that didn't need a specific init sitting as pid1, was depreciated by Poettering) acting as the go between for the WM and polkit.
3. The reason for X11 being run as root was that it needed access to a bunch of /dev entries. By default those are root exclusive. So running it as root was the quicker way.
(Score: 0) by Anonymous Coward on Monday August 31 2015, @10:37PM
Ever notice that the logo|signage that Red Hat uses doesn't mention Linux at all?
I'll be perfectly happy after they have let Lennart have his way and there is no more Linux left in Red Hat.
In the meantime, there are still many ways we can have Linux as it was meant to be--sans Lennart. [without-systemd.org]
-- gewg_
(Score: 4, Insightful) by LoRdTAW on Tuesday September 01 2015, @12:48AM
That's the way it appears to be headed. GNU/Linux becomes RedhatOS.
What I cant believe is how the rest of the community was sold a big mistake by a commercial vendor. Didn't we learn anything from letting big commercial vendors get in the way? Isn't that why some of us moved or adopted open source and GNU/Linux in the first place?
I'm flabbergasted.
(Score: 2) by M. Baranczak on Tuesday September 01 2015, @03:45AM
(Score: 2) by fido_dogstoyevsky on Tuesday September 01 2015, @06:38AM
http://without-systemd.org/wiki/index.php/Main_Page#Free.2FOpen_Source_Operating_systems_without_systemd_in_the_default_installation [without-systemd.org] ... I've never even heard of any of the other ones on that list. Anybody have recommendations?
PCLinuxOS [pclinuxos.com] is worth a look. And the Slackware derivative Salix [salixos.org]*, a (somewhat) simplified Slack with an easy to use package manager that looks after dependancies.
*Warning: I went to Salix when I dropped OpenSuse and stayed with it for a couple of weeks before moving on to Slackware; the same could happen to you.
It's NOT a conspiracy... it's a plot.
(Score: 0) by Anonymous Coward on Tuesday September 01 2015, @10:16AM
Devuan
If you were happy with Debian before Lennart, try antiX (pronounced "Antiques").
It's based on Debian Testing but has avoided Lennart's junk.
They recently had a new release. [freeforums.org]
They have several spins and as long as you have 64MB of RAM and a blank 700MB CD-R (or a thumbdrive), you should be golden.
If your box has some modern oomph, this will make it like a 427 AC Cobra.
-- gewg_
(Score: 1) by rtfazeberdee on Thursday September 03 2015, @02:04PM
You haven't yet worked out the difference between systemd the binary and systemd the project. The "monolithic" argument is complete cock, the kernel is monolithic, not systemd. whjy don;t you complain about the kernel being a monolith?
(Score: 3, Informative) by LoRdTAW on Thursday September 03 2015, @05:02PM