Gentoo Forums
Gentoo Forums
Gentoo Forums
Quick Search: in
The Politics of systemd
View unanswered posts
View posts from last 24 hours

Goto page Previous  1, 2, 3 ... 26, 27, 28, 29, 30  Next  
This topic is locked: you cannot edit posts or make replies.    Gentoo Forums Forum Index Gentoo Chat
View previous topic :: View next topic  
Author Message
depontius
Advocate
Advocate


Joined: 05 May 2004
Posts: 3522

PostPosted: Tue Sep 29, 2015 9:22 pm    Post subject: Reply with quote

Over on another thread, someone was asking about hardened Gentoo with systemd.

So today on Slashdot there was an article on TrueCrypt, which is discontinued, but had long stood on its security and audits.
Quote:
'It's impossible to tell if the new flaws discovered by Forshaw were introduced intentionally or not, but they do show that despite professional code audits, serious bugs can remain undiscovered,' writes Lucian Constantin


http://it.slashdot.org/story/15/09/29/1717241/newly-found-truecrypt-flaw-allows-full-system-compromise

Audits are a good idea, but no guarantee.

It'll be interesting to see how Linux server deployments go, now that systemd has nearly taken over the distribution space.
_________________
.sigs waste space and bandwidth
Back to top
View user's profile Send private message
Tony0945
Watchman
Watchman


Joined: 25 Jul 2006
Posts: 5127
Location: Illinois, USA

PostPosted: Tue Sep 29, 2015 9:47 pm    Post subject: Reply with quote

Re; TrueCrypt

It's disconcerting that the US Postal service runs Fedora (not even RHEL) on their servers which handle not only e-mail but all the in-process mail information. It's an integrated part of their processing network. OTOH, I;'m not sure but I think IRS uses Windows. I know USPS uses Windows for their personnel databases (breached last October) because you need IE (v9 or above) to access them. That's ONLY IE, a sure sign of a windows system. I suspect they use Linux for the mail processing because Windows is too slow, although most of the embedded computers in the process machinery use XP, some still uses NT. The last DOS systems were removed a few years ago.
Back to top
View user's profile Send private message
gwr
Apprentice
Apprentice


Joined: 19 Nov 2014
Posts: 194

PostPosted: Tue Sep 29, 2015 11:30 pm    Post subject: Reply with quote

Don't worry, soon all of this data will be in "the cloud" and everything will be better. </sarcasm>
Back to top
View user's profile Send private message
gwr
Apprentice
Apprentice


Joined: 19 Nov 2014
Posts: 194

PostPosted: Tue Sep 29, 2015 11:33 pm    Post subject: Reply with quote

depontius wrote:


http://youtu.be/xKtgvc06H10http://it.slashdot.org/story/15/09/29/1717241/newly-found-truecrypt-flaw-allows-full-system-compromise

Audits are a good idea, but no guarantee.


True. Testing and audits can only prove the existence of a error, not the absence of one. That's why software should be as dumb simple as possible. systemd does not fit that description.
Back to top
View user's profile Send private message
Naib
Watchman
Watchman


Joined: 21 May 2004
Posts: 6065
Location: Removed by Neddy

PostPosted: Wed Sep 30, 2015 1:07 am    Post subject: Reply with quote

gwr wrote:
depontius wrote:


http://youtu.be/xKtgvc06H10http://it.slashdot.org/story/15/09/29/1717241/newly-found-truecrypt-flaw-allows-full-system-compromise

Audits are a good idea, but no guarantee.


True. Testing and audits can only prove the existence of a error, not the absence of one. That's why software should be as dumb simple as possible. systemd does not fit that description.
Testing is only as good as the test vectors. Such test vectors may provide incomplete coverage, have their own bugs or incorrectly exercise an area under test (worst-case false pass..)
_________________
Quote:
Removed by Chiitoo
Back to top
View user's profile Send private message
tld
Veteran
Veteran


Joined: 09 Dec 2003
Posts: 1845

PostPosted: Wed Sep 30, 2015 4:51 pm    Post subject: Reply with quote

gwr wrote:
True. Testing and audits can only prove the existence of a error, not the absence of one. That's why software should be as dumb simple as possible. systemd does not fit that description.
Especially software that's always running (and running as root no less) regardless of what the machine is being used for. I'd love to know exactly what percentage of systemd code is completely unnecessary on a headless server for example.

The systemd folks seem to come from Windows land where none of these concepts matter.
Back to top
View user's profile Send private message
gwr
Apprentice
Apprentice


Joined: 19 Nov 2014
Posts: 194

PostPosted: Wed Sep 30, 2015 5:55 pm    Post subject: Reply with quote

tld wrote:

The systemd folks seem to come from Windows land where none of these concepts matter.


I'd argue it also mattered over there, too, but no one there gave a damn.
Back to top
View user's profile Send private message
Tony0945
Watchman
Watchman


Joined: 25 Jul 2006
Posts: 5127
Location: Illinois, USA

PostPosted: Wed Sep 30, 2015 8:27 pm    Post subject: Reply with quote

gwr wrote:
tld wrote:

The systemd folks seem to come from Windows land where none of these concepts matter.




I'd argue it also mattered over there, too, but no one there gave a damn.
True! Very true!
Back to top
View user's profile Send private message
__bjoern
n00b
n00b


Joined: 12 Oct 2014
Posts: 28

PostPosted: Thu Oct 01, 2015 6:22 am    Post subject: Reply with quote

tld wrote:
I'd love to know exactly what percentage of systemd code is completely unnecessary on a headless server for example.


How about a complete container manager that you can't compile out, despite Poettering stating that almost all components are optional? You would think that a container implementation is optional.
Poettering lied to us all, and now i believe in nothing :( :x
Back to top
View user's profile Send private message
depontius
Advocate
Advocate


Joined: 05 May 2004
Posts: 3522

PostPosted: Fri Oct 02, 2015 12:08 am    Post subject: Reply with quote

Interestingly Poettering has now come out and said that systemd is meant for distro maintainers to configure and tune, not end users.

Maybe it's time to take that quote and go see Stallman and ESR with that in hand. The initial reason for the GPL was the "right to repair", and L.P. has just said that users don't get to do that.
_________________
.sigs waste space and bandwidth
Back to top
View user's profile Send private message
Naib
Watchman
Watchman


Joined: 21 May 2004
Posts: 6065
Location: Removed by Neddy

PostPosted: Fri Oct 02, 2015 7:46 am    Post subject: Reply with quote

http://cdn.meme.am/instances/500x/64834981.jpg
_________________
Quote:
Removed by Chiitoo
Back to top
View user's profile Send private message
gwr
Apprentice
Apprentice


Joined: 19 Nov 2014
Posts: 194

PostPosted: Fri Oct 02, 2015 1:18 pm    Post subject: Reply with quote

depontius wrote:
Interestingly Poettering has now come out and said that systemd is meant for distro maintainers to configure and tune, not end users.

Maybe it's time to take that quote and go see Stallman and ESR with that in hand. The initial reason for the GPL was the "right to repair", and L.P. has just said that users don't get to do that.


Well, technically you can repair it, given enough time and resources because the code is "open". I think he would be more vocal on the aspect of it allowing applications to bypass the GPL.
Back to top
View user's profile Send private message
roki942
Apprentice
Apprentice


Joined: 18 Apr 2005
Posts: 285
Location: Seattle

PostPosted: Fri Oct 02, 2015 5:17 pm    Post subject: Reply with quote

depontius wrote:
Interestingly Poettering has now come out and said that systemd is meant for distro maintainers to configure and tune, not end users.

I find it interesting that he also seems to be lumping in all of you sys admins as "end users".
Back to top
View user's profile Send private message
digi_owl
n00b
n00b


Joined: 04 Oct 2015
Posts: 9

PostPosted: Sun Oct 04, 2015 10:03 am    Post subject: Reply with quote

Sadly not unique to systemd.

Over at a small/hobbyist distro, one guy was trying to prep a new release. He ran into some issues trying to get Xorg to compile and reached out to their devs for assistance. The response was "why on earth are you compiling from source?! Go get one of the big name distros and use that already!".

In a wider sense, for systemd, and various other Linux related projects, the only two things that count is the container/VM cluster and the desktop.

This is why you see them reversing the long standing handling of mount failures etc, because they expect you to have direct console access anyways. No need to bring up the system in root only mode with a network connection, because either it is on a desktop with the guy right there, or in a container/VM (preferably on big name server hardware with something like Intel VPRO/AMT).

In essence the pro and con systemd people are talking right past each other. The pro people have their heads in the *aaS cloud, while the con people are experienced sysadmins that know that servers come all manner of shapes and sizes (and that the reason *nix has survived to this day because a well maintained *nix box with a UPS can sit in a walled up closet for years doing its thing).

Frankly it may well be that the success of the LAMP stack is coming back to bite the wider Linux world in the ass. Poettering seems to have started out running some rudimentary LAMP setup, then poked at the (GNOME) desktop, then started NIH-ing various things (Pulseaudio, Avahi, Systemd) and inching his way towards the kernel in the process.

But his basic approach to development is still the web way (or as Zuckerberg put it "move fast and break things"). Pretty much the polar opposite of how *nix development as been done, and in particular how Torvalds run Linux development.

So yeah, in the systemd world sysadmins no longer exist to do: http://imgs.xkcd.com/comics/devotion_to_duty.png
Back to top
View user's profile Send private message
gwr
Apprentice
Apprentice


Joined: 19 Nov 2014
Posts: 194

PostPosted: Mon Oct 05, 2015 5:05 pm    Post subject: Reply with quote

Quote:

reached out to their devs for assistance. The response was "why on earth are you compiling from source?! Go get one of the big name distros and use that already!".


A dev said that? Sigh.
Back to top
View user's profile Send private message
miket
Guru
Guru


Joined: 28 Apr 2007
Posts: 497
Location: Gainesville, FL, USA

PostPosted: Mon Oct 05, 2015 7:29 pm    Post subject: Reply with quote

gwr wrote:
Quote:

reached out to their devs for assistance. The response was "why on earth are you compiling from source?! Go get one of the big name distros and use that already!".


A dev said that? Sigh.

So who was saying that?

digi_owl wrote:
He ran into some issues trying to get Xorg to compile and reached out to their devs for assistance.


Hmm. Xorg, a project that works in lockstep with freedesktop.org. 'Nuff said.
Back to top
View user's profile Send private message
GFCCAE6xF
Apprentice
Apprentice


Joined: 06 Aug 2012
Posts: 295

PostPosted: Mon Oct 05, 2015 7:34 pm    Post subject: Reply with quote

gwr wrote:
Quote:

reached out to their devs for assistance. The response was "why on earth are you compiling from source?! Go get one of the big name distros and use that already!".


A dev said that? Sigh.


Well it's possible but in my experience I doubt it, I've been to several of them over the years and they were nothing but helpful or passed me on to someone else that could help, at least in the cases where that somebody else didn't invite themselves to the convo.

Since it's comparison to systemd devs my experience has not differed there. Nothing but helpful when I've gone to them be it in irc, on the ml or in person on 2 occasions for that matter.

I'd love to see some logs or something, even if just for context.
Back to top
View user's profile Send private message
digi_owl
n00b
n00b


Joined: 04 Oct 2015
Posts: 9

PostPosted: Tue Oct 06, 2015 11:31 am    Post subject: Reply with quote

Sorry to say the statement was made a couple of years back and on IRC, so i dunno of any logs exist.
Back to top
View user's profile Send private message
krinn
Watchman
Watchman


Joined: 02 May 2003
Posts: 7470

PostPosted: Tue Oct 06, 2015 11:55 am    Post subject: Reply with quote

digi_owl wrote:
Sorry to say the statement was made a couple of years back and on IRC, so i dunno of any logs exist.

bad, bad you :(
if you really need to make quote without source, here's the howto
Back to top
View user's profile Send private message
steveL
Watchman
Watchman


Joined: 13 Sep 2006
Posts: 5153
Location: The Peanut Gallery

PostPosted: Tue Oct 06, 2015 4:19 pm    Post subject: Reply with quote

krinn wrote:
if you really need to make quote without source, here's the howto

OMG that is so funny! I remember reading it at the time, but with distance it's simply hilarious.

Here's my fave bit:
Quote:
"Roads are broken: people keep dying getting out of the road with my car, but it's not because my car has no steering-wheel, it's because someone made roads with curves!
So my car works perfectly even on curved roads, but making curved roads is a broken concept. My car is only the messenger."

I highly recommend people read it for both a laugh, and the absolutely spot-on substantive points being made.
Back to top
View user's profile Send private message
khayyam
Watchman
Watchman


Joined: 07 Jun 2012
Posts: 6227
Location: Room 101

PostPosted: Tue Oct 06, 2015 6:58 pm    Post subject: Reply with quote

krinn wrote:
if you really need to make quote without source, here's the howto

krinn ... why go to such lengths, with systemd such matters of conjecture are 110% easierd, and fasterd. Yeah, KISS (keep-it-simple-systemd) ... "innovation", "legacy", "broken", etc, etc, are all at your disposal. If there is some difficult 'problem' then throw a curve ball so none can make out what a "strict policy" means when "gently push[ed]".

Systemd is an innovation in the way that we communicate, legacy communication is broken ... stop spreading FUDGE! ;)

best ... khay
Back to top
View user's profile Send private message
Naib
Watchman
Watchman


Joined: 21 May 2004
Posts: 6065
Location: Removed by Neddy

PostPosted: Tue Oct 06, 2015 7:30 pm    Post subject: Reply with quote

1st mainstream "fork" of the kernel under the guise of the SJW has occurred. Just need sysd throwing their weight behind this and we'll.

I guess I need to start looking at windows again
_________________
Quote:
Removed by Chiitoo
Back to top
View user's profile Send private message
gwr
Apprentice
Apprentice


Joined: 19 Nov 2014
Posts: 194

PostPosted: Tue Oct 06, 2015 9:18 pm    Post subject: Reply with quote

Naib wrote:
1st mainstream "fork" of the kernel under the guise of the SJW has occurred. Just need sysd throwing their weight behind this and we'll.

I guess I need to start looking at windows again


Yet another fork that will go nowhere because some overly-coddled pipsqueek thinks that because he has a keyboard, his ideas must be heard. It is the new mating call when someone doesn't get their way and the badger a mailing list until someone is forced to tell them off, they suddenly decry how offended they are.
Back to top
View user's profile Send private message
saellaven
l33t
l33t


Joined: 23 Jul 2006
Posts: 654

PostPosted: Wed Oct 07, 2015 12:42 am    Post subject: Reply with quote

Naib wrote:
1st mainstream "fork" of the kernel under the guise of the SJW has occurred. Just need sysd throwing their weight behind this and we'll.

I guess I need to start looking at windows again


how long before they apply the newly adopted code of conduct against key kernel devs like Linus via the Linux Foundation to try to pry it away from him? If Linus continues to maintain a branch, he will likely win*, but I can see Linus giving a big middle finger to everyone and walking away from the kernel to do something else at some point.

* unless RH decides to leverage their position and basically wrestles the kernel away, given that all but a small handful of Linux distros are essentially downstream of RH now that they've adopted systemd (making the key kernels the android fork, the RH fork and the Linus "pure" branch). Let's say RH forces kdbus into their fork (plus maybe some other stuff for good measure), makes it mandatory for systemd and now all of the systemd using distros are essentially bound to the RH kernel unless Linus plays along, in which case, he's no longer the de facto kernel lead.
Back to top
View user's profile Send private message
gwr
Apprentice
Apprentice


Joined: 19 Nov 2014
Posts: 194

PostPosted: Wed Oct 07, 2015 6:50 am    Post subject: Reply with quote

saellaven wrote:


how long before they apply the newly adopted code of conduct against key kernel devs like Linus via the Linux Foundation to try to pry it away from him? If Linus continues to maintain a branch, he will likely win*, but I can see Linus giving a big middle finger to everyone and walking away from the kernel to do something else at some point.



That would be the writing on the wall for open source software. It would no longer be a meritocracy of technical skills, but a buracracy of political correctness.
Back to top
View user's profile Send private message
Display posts from previous:   
This topic is locked: you cannot edit posts or make replies.    Gentoo Forums Forum Index Gentoo Chat All times are GMT
Goto page Previous  1, 2, 3 ... 26, 27, 28, 29, 30  Next
Page 27 of 30

 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum