Stories
Slash Boxes
Comments

SoylentNews is people

posted by n1 on Thursday November 13 2014, @03:19AM   Printer-friendly
from the one-daemon-to-rule-them-all dept.

Whether you're running systemd happily or begrudgingly, it's best if you disable systemd-resolved as your DNS resolver for the time being. Reported today at seclists is a new DNS cache poisoning bug in systemd-resolved.

At its simplest, an attacker triggers a query to a domain he controls via SMTP or SSH-login. Upon receipt of the question, he can just add any answer he wants to have cached to the legit answer he provides for the query, e.g. providing two answer RR's: One for the question asked and one for a question that has never been asked - even if the DNS server is not authoritative for this domain.

Systemd-resolved accepts both answers and caches them. There are no reports as to the affected versions or how widespread the problem may be. Comments over at Hacker News suggests that it might not be widespread, most users would still be running the backported 208-stable while the DNS resolver was committed in 213 and considered fairly complete in 216, but that is if they enabled systemd-resolved in /etc/nsswitch.config.

Related Stories

Modern Versions of systemd Can Cause an Unmount Storm During Shutdowns 102 comments

System adminsitrator Chris Siebenmann has found Modern versions of systemd can cause an unmount storm during shutdowns:

One of my discoveries about Ubuntu 20.04 is that my test machine can trigger the kernel's out of memory killing during shutdown. My test virtual machine has 4 GB of RAM and 1 GB of swap, but it also has 347 NFS[*] mounts, and after some investigation, what appears to be happening is that in the 20.04 version of systemd (systemd 245 plus whatever changes Ubuntu has made), systemd now seems to try to run umount for all of those filesystems all at once (which also starts a umount.nfs process for each one). On 20.04, this is apparently enough to OOM[**] my test machine.

[...] Unfortunately, so far I haven't found a way to control this in systemd. There appears to be no way to set limits on how many unmounts systemd will try to do at once (or in general how many units it will try to stop at once, even if that requires running programs). Nor can we readily modify the mount units, because all of our NFS mounts are done through shell scripts by directly calling mount; they don't exist in /etc/fstab or as actual .mount units.

[*] NFS: Network File System
[**] OOM Out of memory.

We've been here before and there is certainly more where that came from.

Previously:
(2020) Linux Home Directory Management is About to Undergo Major Change
(2019) System Down: A systemd-journald Exploit
(2017) Savaged by Systemd
(2017) Linux systemd Gives Root Privileges to Invalid Usernames
(2016) Systemd Crashing Bug
(2015) tmux Coders Asked to Add Special Code for systemd
(2016) SystemD Mounts EFI pseudo-fs RW, Facilitates Permanently Bricking Laptops, Closes Bug Invalid
(2015) A Technical Critique of Systemd
(2014) Devuan Developers Can Be Reached Via vua@debianfork.org
(2014) Systemd-resolved Subject to Cache Poisoning


Original Submission

This discussion has been archived. No new comments can be posted.
Display Options Threshold/Breakthrough Mark All as Read Mark All as Unread
The Fine Print: The following comments are owned by whoever posted them. We are not responsible for them in any way.
  • (Score: 1, Insightful) by Anonymous Coward on Thursday November 13 2014, @03:25AM

    by Anonymous Coward on Thursday November 13 2014, @03:25AM (#115395)

    If the many other problems affecting systemd weren't reason enough for Debian to remove it, then this issue surely should be. This is just not acceptable. Debian needs to get rid of systemd.

    • (Score: 2) by francois.barbier on Thursday November 13 2014, @04:05PM

      by francois.barbier (651) on Thursday November 13 2014, @04:05PM (#115580)

      Shamelessly hijacking your top comment...
      In French, "un système D" is when you have to think fast and provide a simple solution to a problem. Solution doesn't have to be permanent, pretty or correct, it just has to work...
      Example, putting a book under the leg of an unbalanced table.
      So I guess even the name "systemd" is a joke...
      http://en.wikipedia.org/wiki/System_D [wikipedia.org]

  • (Score: 5, Insightful) by novak on Thursday November 13 2014, @03:38AM

    by novak (4683) on Thursday November 13 2014, @03:38AM (#115397) Homepage

    Systemd hasn't had that many bugs, for how new it is, so I was prepared to not really bother mocking it for this one... But... Why does your init system have a DNS cache?! No, seriously, Why the FUCK would that ever be a thing? Please stop this monstrosity now.
    I don't even know where to start with something like that, it is so wrong.

    --
    novak
    • (Score: 1, Insightful) by Anonymous Coward on Thursday November 13 2014, @03:44AM

      by Anonymous Coward on Thursday November 13 2014, @03:44AM (#115399)

      Because systemD wants to be like svchost.exe in windows.

      • (Score: 1, Insightful) by Anonymous Coward on Thursday November 13 2014, @01:23PM

        by Anonymous Coward on Thursday November 13 2014, @01:23PM (#115529)

        If I wanted Windows, I know where to get it.

    • (Score: 2, Insightful) by Whoever on Thursday November 13 2014, @03:45AM

      by Whoever (4524) on Thursday November 13 2014, @03:45AM (#115400) Journal

      Systemd hasn't had that many bugs, because it is still new

      FTFY.

      Seriously, come back in 5 years and then look at bug statistics.

      This is exactly why I am trying to stay away from systemd right now. So much new code, bound to be lots of bugs lurking there.

      • (Score: 3) by novak on Thursday November 13 2014, @03:54AM

        by novak (4683) on Thursday November 13 2014, @03:54AM (#115402) Homepage

        That is a big part of why there are so few bugs. But that's not why I'm staying away. I'm staying away because of the laughable design choices.

        This is a good example, a bug in a feature that should not even exist. It's not like systemd has to resolve domain names, there's any amount of other software which already does this. I prefer options, and one of those options is what DNS resolver/cache to run. I don't want RedHat or anyone else inventing the One True Software which has every subsystem tied together through a mystical API that changes whenever they want.

        --
        novak
      • (Score: 3, Insightful) by Anonymous Coward on Thursday November 13 2014, @03:58AM

        by Anonymous Coward on Thursday November 13 2014, @03:58AM (#115404)

        That's also what makes it totally unsuitable for use in Debian. Debian is all about stability, reliability and security. Systemd just hasn't been proven to be good enough yet. This bug shows that it's way too immature to be part of Debian.

        • (Score: 0) by Anonymous Coward on Thursday November 13 2014, @04:48AM

          by Anonymous Coward on Thursday November 13 2014, @04:48AM (#115415)

          "That's also what makes it totally unsuitable for use in Debian. Debian is all about stability, reliability and security. Systemd just hasn't been proven to be good enough yet. This bug shows that it's way too immature to be part of Debian."

          But, but, features!

        • (Score: 0) by Anonymous Coward on Thursday November 13 2014, @07:32AM

          by Anonymous Coward on Thursday November 13 2014, @07:32AM (#115457)

          And way too immature for RedHat. And SUSE, and ...

        • (Score: 0) by Anonymous Coward on Thursday November 13 2014, @07:43AM

          by Anonymous Coward on Thursday November 13 2014, @07:43AM (#115461)

          Debian all about being a social progressive and supporting feminists lesbians and trannies actually. And policing speech. Code of conduct etc.

          • (Score: 1, Insightful) by Anonymous Coward on Thursday November 13 2014, @01:54PM

            by Anonymous Coward on Thursday November 13 2014, @01:54PM (#115539)

            trannies

            Hey, don't throw us in with the feminists. There are plenty of us who are equally pissed off at them. Probably moreso than you. Feminism is the systemd of gender equality. See the Michigan Womyn's Music Festival and wonderful people like Janice Raymond. Well, maybe Poettering might be worse than Raymond. At least you can ignore her.

            Oh, why the hell am I wasting my time. Voting Libertarian? Got 1% or 2% of the vote at best. Waste of time. Arguing with MRAs who are delusional enough to believe that feminists approve of transsexuals or that being a transsexual makes one a socialist or a feminist? Equally a waste of item. Hoping some MRA gets his head out of his ass to see that there are a lot of transsexuals who lean libertarian. Impossible. Get it through your head: TRANSSEXUALS ARE NOT WELCOME IN FEMINIST GROUPS. FEMINISTS REGULARLY ATTACK TRANSSEXUALS. FEMINISTS LOVE "DOX"ing (I guess that's the right word) TRANSSEXUALS IN DEEP STEALTH. *breathes*

            Why do you think anti-gamergate went after a group with a very inclusive policy for trans women? It doesn't matter that they used transphobia as a rallying cry. These people are con artists, and they'll say whatever they can to get support. Actions speak louder than words. Feminism continues to be about discrimination against trans women and the systematic privileging of the body part between the legs over the body part between the ears.

            Fuck. People like you make me question why I support the Libertarian party.

            What the hell is up with Soylent this morning?

            --Velex's Ghost

            • (Score: 0) by Anonymous Coward on Thursday November 13 2014, @09:24PM

              by Anonymous Coward on Thursday November 13 2014, @09:24PM (#115668)

              It was a flamebait troll comment anyway. Don't take it too serious.

              Politically I am a libertarian, but I am sad that so few people seem to actually want liberty.

            • (Score: 0) by Anonymous Coward on Friday November 14 2014, @02:54AM

              by Anonymous Coward on Friday November 14 2014, @02:54AM (#115762)

              "FEMINISTS REGULARLY ATTACK TRANSSEXUALS" says the transsexual attacking feminists. Talk about sectarian conflict. You do realise that feminists have the concept of intersectionality right? That feminists are by a large stripe LBGTQ* allies? That they don't believe that gender has ANYTHING to do with what's between your legs? I can't believe you are complaining about bigotry by being such a bigot.

    • (Score: 0) by Anonymous Coward on Thursday November 13 2014, @04:16AM

      by Anonymous Coward on Thursday November 13 2014, @04:16AM (#115407)

      The init system does not have a dns cache. The project includes a totally separate daemon that does dns caching.

      • (Score: 1, Insightful) by Anonymous Coward on Thursday November 13 2014, @04:29AM

        by Anonymous Coward on Thursday November 13 2014, @04:29AM (#115411)

        The init system does not have a dns cache. The init system includes a totally separate daemon that does dns caching.

        FTFY. Now see how stupid it is? Why is this apparently necessary DNS subsystem not its own project?

        Either systemd is an init system, or not. Either way, it's clearly the better half of an OS at this point.

        • (Score: -1, Troll) by Anonymous Coward on Thursday November 13 2014, @05:09AM

          by Anonymous Coward on Thursday November 13 2014, @05:09AM (#115419)

          "Either systemd is an init system, or not."

          It is not. The project includes an init system, but it is not only an init system. People's inability to grasp this simple concept is staggering.

          • (Score: 2) by zocalo on Thursday November 13 2014, @11:09AM

            by zocalo (302) on Thursday November 13 2014, @11:09AM (#115502)
            No idea who moderated parent as "Troll", but that's clearly wrong. Thinking of SystemD as "an init system with a lot of unnecessary baggage" is starting to look increasingly silly to me; it's been clear for quite some time that the long term plan is for it to become a suite of daemons (many of which are optional) that is a one-stop shop for all "standard" system services that just happens to include an init replacement. A better way of looking at it might be as a kind of "util-linux" for the boot process, although given that the SystemD replacements lack many of the more advanced functions of the daemons they replace, it's perhaps more of a Busybox style replacement, albeit without the single binary. That notion should also provide a good idea for what services and daemons are likely to be incorporated next... and dispell any illusions that the end of the process and limit to the bloat might be near.

            There are plenty of reasons to be railing against SystemD, but attempting to create a bundle of essential daemons that only implement the most commonly used functions of those daemons certainly isn't one of them.
            --
            UNIX? They're not even circumcised! Savages!
            • (Score: 3, Insightful) by arashi no garou on Thursday November 13 2014, @12:13PM

              by arashi no garou (2796) on Thursday November 13 2014, @12:13PM (#115509)

              The problem isn't that systemd is both an init and a bundle of daemons. It's the trend towards requiring all of systemd (not just the init part, the whole shebang) to have a fully functional OS. If this trend keeps up, there won't be a choice when installing GNU/Linux for other daemons; you'll either install the systemd suite with all of its daemons and pieces, or you won't have a functioning system at all. That's the main reason I won't use it.

              • (Score: 4, Interesting) by zocalo on Thursday November 13 2014, @01:33PM

                by zocalo (302) on Thursday November 13 2014, @01:33PM (#115533)
                I quite agree; my point was more about the original post and its incorrect moderation as "Troll" when it should actually be "Informative". Yours is also the main criticism that I have about the way SystemD is being "forced" on end users by the distro maintainers, although I can understand why they are doing it - it's simply the easiest option. One reason for that seems to be that as more and more packages expect SystemD to be present (not specifically the fault of the SystemD developers, although suspecting Red Hat etc. to have a hand in this is fair game, IMHO), untangling those dependencies to use alternatives to SystemD is more work than they are prepared to undertake - if it's possible at all. They could opt for an alternative tool that doesn't require SystemD, but then they'd have users complaining about why their favourite tool isn't included / requires a specific set of build options / just doesn't work, so again the path of least resistance wins out.

                Similarly, SystemD's internal interdependancies between its modules are confusing a lot of people about just how modular it is. It's certainly not a monolithic single binary, yet many of the interdependencies between the various daemons are so tight that it might as well be (I can accept that SystemD daemons might require the PID1 component to work, but some of their inter-dependencies are specific to SystemD and don't exist between the daemons they replace). In theory, if SystemD were truly just a bundle of daemons then you would expect to be able to package up many, if not all, of those daemons into their own packages and optionally install either those or an alternative depending on your personal needs and preferences - and any specific application needs. I've not really looked, but I've not heard of a single distro that has even attempted to package SystemD up in a modular manner like this, yet doing so would wipe out a lot of the criticisms people commonly levelled at it. I'm looking particularly hard at Fedora here; SystemD is effectively a Red Hat sponsored project, Fedora is (esssentially) their test bed, and they been busy breaking up other packages into sub-packages in this manner for quite some time now. That SystemD hasn't got that treatment makes me think it might not actually be possible, or the dependencies are such that you are going to need all the modules anyway, neither of which really helps make the case for claims to modularity being much more than word games.
                --
                UNIX? They're not even circumcised! Savages!
              • (Score: 0) by Anonymous Coward on Thursday November 13 2014, @03:35PM

                by Anonymous Coward on Thursday November 13 2014, @03:35PM (#115573)

                Posting anon as I've already moderated. This to me is the crux of the whole systemd debate; it's an all-or-nothing approach. No Plan B. Not Invented Here syndrome taken to its logical absurd conclusion.

                I think the best terms I saw in describing systemd (in comparison to the linux kernel which was also being described as a "monolithic blob" with the implication that it should be considered just as unpalatable as systemd) was the following:
                * The linux kernel is a monolithic design, but a modular contrustion
                * systemd is a modular design, but a monolithic construction

                Point being that all the various components of systemd are so tightly coupled and interwoven that it's practically impossible to separate one from t'other. If I could, I would have absolutely no problem with it (nor with debian implementing it) - if I could install the parallel startup and event-driven initty bits, great, sure I could find a use for them somewhere. I could install the binary logging component whenever I thought my day didn't have enough brain haemmorhages but uninstall it from all my servers. Use the systemd NTP and DHCP gubbins on the client systems I don't really care about but keep crusty-old-ancient-stone-aged-but-works ntpdate and dhcpd on my servers. And so on and so forth. To me, that's the UNIX philosophy - keep things small and tightly focussed so they can be thrown out at the drop of a hat when something better comes along. I don't understand why, on both a technical and philosophical basis, this couldn't have been written in from the start.

                But as it is, the construction doesn't seem to allow any of that, it's an all-or-nothing approach that, from my POV as a server admin, answer use cases that are of no interest to me. Does it make life easier for desktop users? Maybe. But I don't really care. All I see are decades of bug fixes being swept under the rug before the dubious vacuum of Progress comes along.

                • (Score: 0) by Anonymous Coward on Thursday November 13 2014, @09:08PM

                  by Anonymous Coward on Thursday November 13 2014, @09:08PM (#115661)

                  Posting anon as I've already moderated

                  Currently, you can mod -first- then come back afterwards and post to the thread (signed in) without undoing your moderation.

                  This does NOT work that way on the other site.

                  -- gewg_

      • (Score: 0) by Anonymous Coward on Friday November 14 2014, @02:34AM

        by Anonymous Coward on Friday November 14 2014, @02:34AM (#115752)

        The funny part is that the same people who complain it is monolithic, then accuse the different modular parts of being the same. And, they don't even realize they're blaming the wrong thing for the wrong thing.

        Yeah haters, if it was actually what you accuse it of being, it would obviously suck, and nobody would use it. The good news is, software works the same if you call it names and throw propaganda at it, or not. So none of the evil things can harm you, on account of being imaginary.

        However, hatred of imaginary things is real, and is bad for your health. Don't hate. Systemd is one of the new things in the world, and it isn't going away. Don't let "I didn't want to choose that one" blind you from being a competent admin who knows how to use the tool. And for non sysadmins, don't let hatred of parts of the OS you don't even interact influence your view of distros.

        • (Score: 2) by jbernardo on Friday November 14 2014, @09:20AM

          by jbernardo (300) on Friday November 14 2014, @09:20AM (#115833)

          So, "lay back and enjoy", is that your argument to any criticism?

    • (Score: 3, Informative) by LoRdTAW on Thursday November 13 2014, @01:02PM

      by LoRdTAW (3755) on Thursday November 13 2014, @01:02PM (#115518) Journal

      It's a chicken or the egg problem. As another poster mentioned, they are moving towards a managed service system like Windows svchost. The problem though, is if you make a switch to such a radically different service manager, where do the daemons come from?

      And this is why systemd has to reinvent the wheel and reimplement so many services that already exist under linux. In order for there to be a useful systemd they have to write systemd services. Everyone still thinks it is simply trying to be a PID1 and init system, it isn't. It is a entire suite of replacement daemons and one process to rule them all.

      A comparison: If you use Windows go to control panel and administrative tools. Then open services. Pretend services is systemd and all the services listed within are systemd-daemons. That is exactly what systemd is and what is wants to become.

      Have a look at the opening summary for svchost on wikipedia (https://en.wikipedia.org/wiki/Svchost.exe [wikipedia.org]):

      In the Windows NT family of operating systems, svchost.exe (Service Host, or SvcHost) is a system process that hosts multiple Windows services. Svchost is essential in the implementation of so-called shared service processes, where a number of services can share a process in order to reduce resource consumption. Grouping multiple services into a single process conserves computing resources, and this consideration was of particular concern to NT designers because creating Windows processes takes more time and consumes more memory than in other operating systems, e.g. in the Unix family. However, if one of the services causes an unhandled exception, the entire process may crash. In addition, identifying component services can be more difficult for end users. Problems with various hosted services, particularly with Windows Update, get reported by users (and headlined by the press) as involving svchost.

      I am not pretending to be an OS expert, but just the opening of the article makes the idea of systemd sound silly.

      • (Score: 0) by Anonymous Coward on Thursday November 13 2014, @09:15PM

        by Anonymous Coward on Thursday November 13 2014, @09:15PM (#115665)

        Those who don't understand UNIX^W Linux are doomed to re-invent it--poorly.

        -- gewg_

        • (Score: 2) by LoRdTAW on Friday November 14 2014, @05:25PM

          by LoRdTAW (3755) on Friday November 14 2014, @05:25PM (#115961) Journal

          Actually, it should read:
          Those who do not understand Windows are condemned to reinvent it, poorly.

  • (Score: 1, Informative) by Anonymous Coward on Thursday November 13 2014, @04:04AM

    by Anonymous Coward on Thursday November 13 2014, @04:04AM (#115405)
    • (Score: 0) by Anonymous Coward on Thursday November 13 2014, @09:08AM

      by Anonymous Coward on Thursday November 13 2014, @09:08AM (#115481)

      Could you please give evidence for that claim?

      • (Score: 0) by Anonymous Coward on Thursday November 13 2014, @01:44PM

        by Anonymous Coward on Thursday November 13 2014, @01:44PM (#115536)

        With pleasure, read the post from the CVE gut that refused to assing a CVE on the basis that it is a stub resolver: http://seclists.org/oss-sec/2014/q4/595 [seclists.org]

        • (Score: 0) by Anonymous Coward on Thursday November 13 2014, @03:43PM

          by Anonymous Coward on Thursday November 13 2014, @03:43PM (#115574)

          Thank you.

  • (Score: 5, Insightful) by jmorris on Thursday November 13 2014, @04:55AM

    by jmorris (4844) on Thursday November 13 2014, @04:55AM (#115416)

    The 'philosophy' of Pottering is that everything that he (and his henchmen) didn't write is crap so lets throw everything in sight away and, being super geniuses (cue Wile E. Coyote in the explosives shack) they will knock out a superior replacement over pizza and Mountain Dew in an evening. How hard can a dns resolver, ntp client, terminal driver, logging system.... etc. be? And all that old crufty UNIX crap will be dead and buried forever!

    Yea, that will work.

    • (Score: 0) by Anonymous Coward on Thursday November 13 2014, @06:03AM

      by Anonymous Coward on Thursday November 13 2014, @06:03AM (#115435)

      I think that this exposes the way to get rid of systemd, tear it to shreds by exposing security vulnerabilities galore.

      I really don't have a dog in this fight, but I'm kind of tired of the "systemd sux" chorus. Lets do something instead.

      • (Score: 1) by Wrong Turn Ahead on Thursday November 13 2014, @06:39AM

        by Wrong Turn Ahead (3650) on Thursday November 13 2014, @06:39AM (#115444)

        Don't volunteer your time as QA tester for Systemd, do something worthwhile instead...

        • (Score: 0) by Anonymous Coward on Thursday November 13 2014, @01:14PM

          by Anonymous Coward on Thursday November 13 2014, @01:14PM (#115523)

          Exactly. Install FreeBSD, spent a few minutes learning how to use it (it's totally worth it), and never look back.

      • (Score: 0) by Anonymous Coward on Thursday November 13 2014, @11:08AM

        by Anonymous Coward on Thursday November 13 2014, @11:08AM (#115501)

        I started running void linux, boots fast thanks to runit and has a blazing fast package manager.

        • (Score: 0) by Anonymous Coward on Thursday November 13 2014, @09:24PM

          by Anonymous Coward on Thursday November 13 2014, @09:24PM (#115667)

          I took a peek at their page.
          They specifically state that systemd is supported (but is not the default).

          There are only ~4k packages available for its package manager.
          How many apps did you end up building from source?
          What enticement was there over e.g. Slackware or Gentoo?

          -- gewg_

    • (Score: 5, Interesting) by Marand on Thursday November 13 2014, @07:37AM

      by Marand (1081) on Thursday November 13 2014, @07:37AM (#115459) Journal

      The 'philosophy' of Pottering is that everything that he (and his henchmen) didn't write is crap so lets throw everything in sight away and, being super geniuses (cue Wile E. Coyote in the explosives shack) they will knock out a superior replacement over pizza and Mountain Dew in an evening. How hard can a dns resolver, ntp client, terminal driver, logging system.... etc. be? And all that old crufty UNIX crap will be dead and buried forever!

      Yea, that will work.

      This has been going on a lot longer than just systemd. You just described Redhat and GNOME's entire design process since sometime during the GNOME 2 days. One could even argue that GNOME 1 had some of that mindset too, considering its entire existence boils down to "we don't like Qt license so we'll make our own KDE", but at least GNOME 1 was willing to use outside projects. (Anybody else remember the early GNOME versions using enlightenment as the window manager?)

      When another DE comes up with a solution to a desktop problem, GNOME refuses to support it, implements its own version, and then expects everyone else to implement that solution for better interoperability. I've seen rants from various KDE devs over the years about it, especially in the areas of the systray and notifications. Pulseaudio is another example; ALSA already did software mixing and JACK handled the more advanced needs, but Poettering/GNOME didn't invent those so of course the only solution was to create something else. Same goes for NetworkManager.

      Also, when users asked for Gtk and Qt apps to play nicely with each other's environments to create a more unified look, GNOME people declared that people shouldn't be using non-GNOME apps so it wasn't their problem. Anybody that uses a mix of Qt and Gtk apps, regardless of DE, have KDE devs to thank for the better integration, because they did more to help the GNOME users with that than GNOME did.

      Then with GNOME 3 they started aggressively pushing the "we don't care what you want, we know what you want even if you don't think you want it" crap, deciding that not only did they know better than other devs how to implement everything, they also knew what users wanted better than users did.

      The entire project's motto is "not invented here; we know better than you do" and systemd is just a continuation of that mindset.

      I liked the early GNOME, but even when it became something I didn't care to use during the GNOME 2 days, I still respected them for the work and didn't begrudge their successes. Then I started seeing their antisocial behaviour within the FOSS community and I lost that respect.

      • (Score: 2) by jcross on Thursday November 13 2014, @02:55PM

        by jcross (4009) on Thursday November 13 2014, @02:55PM (#115563)

        Well said! I actually do use GNOME 3 as well as KDE, since it's a lucky accident that I happen to like a number of the choices they've made. But whenever I dig into the guts of the system to see if I can customize something, it looks more and more like the steaming pile of API goo I've always thought GTK to be. Sprawling, poorly organized, and poorly documented, with a culture that seems to assume you already know everything you need to know, and if you don't it's your fault for being an idiot. Also there seems to be a constant stream of breaking changes. I think there might be an emotional reality behind this, which is that knowledge is power and the /g*/ devs are enjoying having and exerting power over others. I suspect the source is a lot of childhoods spent being oppressed, and I really just feel sorry for them for that. On the other hand, with KDE and Qt, everything seems beautifully organized, the documentation is clear and abundant, the community is polite and helpful even to total noobs. Again, there is probably an emotional reality behind this. But the cool thing about open source is: choose your own adventure!

        • (Score: 0) by Anonymous Coward on Thursday November 13 2014, @11:50PM

          by Anonymous Coward on Thursday November 13 2014, @11:50PM (#115703)

          It's probably not just about bad experiences while a child.

          Many power-hungry adult men also have extraordinarily small genitalia. They try to cover up for this ultimate lack of power by trying to acquire large amounts of comparatively less-valuable organizational or political power.

  • (Score: 4, Funny) by twistedcubic on Thursday November 13 2014, @05:15AM

    by twistedcubic (929) on Thursday November 13 2014, @05:15AM (#115420)

    What are you guys complaining about so much? This is a non-issue. systemd boots so fast there is simply no time to exploit this bug :)

    • (Score: 0) by Anonymous Coward on Thursday November 13 2014, @05:35AM

      by Anonymous Coward on Thursday November 13 2014, @05:35AM (#115427)

      Pretty sure this is sarcasm, but just to make this abundantly clear: systemd-resolved is still running and exploitable after boot. Unless, you know, it crashes because it's part of systemd.

    • (Score: 2) by aristarchus on Thursday November 13 2014, @06:02AM

      by aristarchus (2645) on Thursday November 13 2014, @06:02AM (#115434) Journal

      Time, . . . is relative. . . while you are booting. . . . entire worlds have come in to existence, flourished, and perished. Others, . . . have been in existence for eons of your time. The time you are saving is just saving them the wait.

    • (Score: 2) by LoRdTAW on Thursday November 13 2014, @02:41PM

      by LoRdTAW (3755) on Thursday November 13 2014, @02:41PM (#115560) Journal

      I fully realize your post is humorous but it demonstrates peoples ignorance of just what systemd actually is. )See my post above : http://soylentnews.org/comments.pl?sid=4834&cid=115518 [soylentnews.org]

      Systemd is much more than a simple init system and PID1. It is a bad idea, copies bad design (see the wikipedia link in my other post) and adds nothing of value.

  • (Score: 0) by Anonymous Coward on Thursday November 13 2014, @05:50AM

    by Anonymous Coward on Thursday November 13 2014, @05:50AM (#115431)

    at least on archlinux and any other distro I've tried, unless you let systemd manage your network connections instead of using dhcpcd or something, I recently enabled it on my htpc because inetctl was taking a solid 3 seconds to bind a static IP on boot compared to 90ms for systemd to do it.

    • (Score: 1) by Whoever on Thursday November 13 2014, @06:03AM

      by Whoever (4524) on Thursday November 13 2014, @06:03AM (#115436) Journal

      I recently enabled it on my htpc because inetctl was taking a solid 3 seconds to bind a static IP on boot compared to 90ms for systemd to do it.

      You are assuming that inetctl is doing the same as systemd. For example, maybe when inetctl brings up an interface, it does an arping to check that the IP address is not already in use?

      • (Score: 0) by Anonymous Coward on Thursday November 13 2014, @06:25AM

        by Anonymous Coward on Thursday November 13 2014, @06:25AM (#115442)

        I know it does arp checks, but even when I wrote a static config for my nic and disabled all of the extra shit it was still taking 50x longer than dhcpcd or systemd-networkd w/ systemd-resolved, which is absolutely disgusting.

        none the less, my point was that systemd-resolved isn't enabled by default.

        • (Score: 0) by Anonymous Coward on Thursday November 13 2014, @07:47AM

          by Anonymous Coward on Thursday November 13 2014, @07:47AM (#115464)

          Why not just use ifconfig

          • (Score: 0) by Anonymous Coward on Thursday November 13 2014, @09:30AM

            by Anonymous Coward on Thursday November 13 2014, @09:30AM (#115488)

            ifconfig has been deprecated for years...

            • (Score: 4, Informative) by canopic jug on Thursday November 13 2014, @09:48AM

              by canopic jug (3949) Subscriber Badge on Thursday November 13 2014, @09:48AM (#115492) Journal

              ifconfig may have been deprecated but the intended replacement ip [die.net], if it is an intended replacement, is so complicated as to be almost broken. At least ifconfig was something you could show beginners and even intermediate users did not need to pore over the manual to resolve basic tasks. I'm a fan of tools with a clear purpose and clean design that don't need much documentation. As such it is more convenient to me when the tools ifconfig and route remain separate rather than mashed into an unwieldy conglomerate like ip. That is one of the many problems with systemd, but specifically it is one that is shared with a surprising number of other tools. I wonder where the stupidity is coming from or if it is just classic second-generation software mistakes. The second generation of most projects tend to be very much overly engineered.

              --
              Money is not free speech. Elections should not be auctions.
              • (Score: 0) by Anonymous Coward on Thursday November 13 2014, @11:34AM

                by Anonymous Coward on Thursday November 13 2014, @11:34AM (#115505)

                agreed, but even with ifconfig or ip, you still had to write shell scripts just to bring up a network and honestly that's insane. I'm a fan of simplicity and honestly, if I have to jump through hoops to do something so basic like say binding a static IP to a network, the software is a failure. this is inherently a problem among newer developers, they take a simple, working piece of software, base their model around it with the need to "improve" it, only to fuckup so badly that it almost unfathomable as to why anyone would want to use it compared to the original.

                • (Score: 2) by zeigerpuppy on Thursday November 13 2014, @01:11PM

                  by zeigerpuppy (1298) on Thursday November 13 2014, @01:11PM (#115521)

                  I've never had to write a script to bring up a network.
                  Editing a config file, yes (/etc/network/interfaces).
                  But the settings need to be stored somewhere so it's about as simple a solution as there could be.
                  Especially considering that a DHCP network connection will be auto configured on install.
                  Current Linux networking works pretty well and logically but it's not a mind reader, nor is any other os as far as I know.

                  • (Score: 1, Insightful) by Anonymous Coward on Thursday November 13 2014, @01:30PM

                    by Anonymous Coward on Thursday November 13 2014, @01:30PM (#115531)

                    The last time I had to write a script to configure networking on a desktop/workstation Linux system was 1998.

                    Systemd is trying to "solve" a problem that hasn't existed for 15 years.

                    • (Score: 1, Funny) by Anonymous Coward on Thursday November 13 2014, @02:55PM

                      by Anonymous Coward on Thursday November 13 2014, @02:55PM (#115562)

                      Some people have far more complex network configuration problems than you and use scripts to autoconfigure images that they've deployed to hundreds of virtual and bare metal servers.

                      SystemD solves this by making it impossible to have multipath fiberchannel storage area networks.

  • (Score: 2) by Gaaark on Thursday November 13 2014, @02:41PM

    by Gaaark (41) Subscriber Badge on Thursday November 13 2014, @02:41PM (#115561) Journal

    Looks like a time to change....

    gotta go look, again, at linux from scratch i guess.

    Can my vague understanding of source code protect me from the NSA, etc. Gods almighty... what is the solution. Will Debian/gnu/hurd be okay?

    Come on Richard Stallman... speak up. Help me!

    It's getting redonkulous. Might have to start thinking about going off-line. Sad days are ahead, methinks.

    --
    --- Please remind me if I haven't been civil to you: I'm channeling MDC. ---Gaaark 2.0 ---
    • (Score: 1) by Whoever on Thursday November 13 2014, @03:46PM

      by Whoever (4524) on Thursday November 13 2014, @03:46PM (#115575) Journal

      Or Gentoo.

      I just built a VM using Gentoo with MATE and no systemd.

    • (Score: 2) by DECbot on Thursday November 13 2014, @04:57PM

      by DECbot (832) on Thursday November 13 2014, @04:57PM (#115599) Journal

      You can join me in my hermit cave. We can both ponder if the flint and steel uses systemd to start a fire.

      --
      cats~$ sudo chown -R us /home/base
      • (Score: 2) by Gaaark on Thursday November 13 2014, @07:34PM

        by Gaaark (41) Subscriber Badge on Thursday November 13 2014, @07:34PM (#115637) Journal

        Aw, crap.... i have to watch the NSA hasn't f*cked with my matches???

        Dang. :)

        --
        --- Please remind me if I haven't been civil to you: I'm channeling MDC. ---Gaaark 2.0 ---
    • (Score: 1) by jmorris on Thursday November 13 2014, @09:26PM

      by jmorris (4844) on Thursday November 13 2014, @09:26PM (#115669)

      Will Debian/gnu/hurd be okay?

      Systemd can't coexist with non-Linux systems. Debian/FreeBSD has already went under the bus for this reason, Debian/HURD will be joining it as soon as anyone cares enough to announce it. It isn't like it ever got to a point where anyone actually used it anyway who wasn't a developer.

      With the iron clamp RedHat now has on Linux it is clear that even attempting to flee to LFS or Slackware will only be a delaying action unless we get a much larger (fork strength) backlash soon. FreeBSD is still recovering from Apple poaching away most of their core devels and OpenBSD is great on a server but questionable on a desktop and pointless on most laptops.

      Dark times ahead.